Marcus Updateinfo to OVAL Converter5.52026-04-14T07:04:09LibVNCServer-0.9.1-154.24 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the LibVNCServer-0.9.1-154.24 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-2450 at SUSECVE-2006-2450 at NVDcpe:/o:suse:suse_sles:11:sp1MozillaFirefox-3.5.9-0.1.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the MozillaFirefox-3.5.9-0.1.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-6077 at SUSECVE-2006-6077 at NVDCVE-2007-0008 at SUSECVE-2007-0008 at NVDCVE-2007-0009 at SUSECVE-2007-0009 at NVDCVE-2007-0078 at SUSECVE-2007-0078 at NVDCVE-2007-0079 at SUSECVE-2007-0079 at NVDCVE-2007-0775 at SUSECVE-2007-0775 at NVDCVE-2007-0776 at SUSECVE-2007-0776 at NVDCVE-2007-0777 at SUSECVE-2007-0777 at NVDCVE-2007-0780 at SUSECVE-2007-0780 at NVDCVE-2007-0800 at SUSECVE-2007-0800 at NVDCVE-2007-0981 at SUSECVE-2007-0981 at NVDCVE-2007-0995 at SUSECVE-2007-0995 at NVDCVE-2007-0996 at SUSECVE-2007-0996 at NVDCVE-2007-3089 at SUSECVE-2007-3089 at NVDCVE-2007-3285 at SUSECVE-2007-3285 at NVDCVE-2007-3656 at SUSECVE-2007-3656 at NVDCVE-2007-3670 at SUSECVE-2007-3670 at NVDCVE-2007-3734 at SUSECVE-2007-3734 at NVDCVE-2007-3735 at SUSECVE-2007-3735 at NVDCVE-2007-3736 at SUSECVE-2007-3736 at NVDCVE-2007-3737 at SUSECVE-2007-3737 at NVDCVE-2007-3738 at SUSECVE-2007-3738 at NVDCVE-2008-0412 at SUSECVE-2008-0412 at NVDCVE-2008-0414 at SUSECVE-2008-0414 at NVDCVE-2008-0415 at SUSECVE-2008-0415 at NVDCVE-2008-0417 at SUSECVE-2008-0417 at NVDCVE-2008-0418 at SUSECVE-2008-0418 at NVDCVE-2008-0419 at SUSECVE-2008-0419 at NVDCVE-2008-0591 at SUSECVE-2008-0591 at NVDCVE-2008-0592 at SUSECVE-2008-0592 at NVDCVE-2008-0593 at SUSECVE-2008-0593 at NVDCVE-2008-0594 at SUSECVE-2008-0594 at NVDCVE-2008-3836 at SUSECVE-2008-3836 at NVDCVE-2008-4063 at SUSECVE-2008-4063 at NVDCVE-2008-4064 at SUSECVE-2008-4064 at NVDCVE-2008-4070 at SUSECVE-2008-4070 at NVDCVE-2009-0040 at SUSECVE-2009-0040 at NVDCVE-2009-0352 at SUSECVE-2009-0352 at NVDCVE-2009-0353 at SUSECVE-2009-0353 at NVDCVE-2009-0354 at SUSECVE-2009-0354 at NVDCVE-2009-0355 at SUSECVE-2009-0355 at NVDCVE-2009-0356 at SUSECVE-2009-0356 at NVDCVE-2009-0357 at SUSECVE-2009-0357 at NVDCVE-2009-0358 at SUSECVE-2009-0358 at NVDCVE-2009-0652 at SUSECVE-2009-0652 at NVDCVE-2009-0771 at SUSECVE-2009-0771 at NVDCVE-2009-0772 at SUSECVE-2009-0772 at NVDCVE-2009-0773 at SUSECVE-2009-0773 at NVDCVE-2009-0774 at SUSECVE-2009-0774 at NVDCVE-2009-0775 at SUSECVE-2009-0775 at NVDCVE-2009-0776 at SUSECVE-2009-0776 at NVDCVE-2009-0777 at SUSECVE-2009-0777 at NVDCVE-2009-1044 at SUSECVE-2009-1044 at NVDCVE-2009-1169 at SUSECVE-2009-1169 at NVDCVE-2009-1302 at SUSECVE-2009-1302 at NVDCVE-2009-1303 at SUSECVE-2009-1303 at NVDCVE-2009-1304 at SUSECVE-2009-1304 at NVDCVE-2009-1305 at SUSECVE-2009-1305 at NVDCVE-2009-1306 at SUSECVE-2009-1306 at NVDCVE-2009-1307 at SUSECVE-2009-1307 at NVDCVE-2009-1308 at SUSECVE-2009-1308 at NVDCVE-2009-1309 at SUSECVE-2009-1309 at NVDCVE-2009-1310 at SUSECVE-2009-1310 at NVDCVE-2009-1311 at SUSECVE-2009-1311 at NVDCVE-2009-1312 at SUSECVE-2009-1312 at NVDCVE-2009-1313 at SUSECVE-2009-1313 at NVDCVE-2009-1563 at SUSECVE-2009-1563 at NVDCVE-2009-1571 at SUSECVE-2009-1571 at NVDCVE-2009-2470 at SUSECVE-2009-2470 at NVDCVE-2009-2654 at SUSECVE-2009-2654 at NVDCVE-2009-3069 at SUSECVE-2009-3069 at NVDCVE-2009-3070 at SUSECVE-2009-3070 at NVDCVE-2009-3071 at SUSECVE-2009-3071 at NVDCVE-2009-3072 at SUSECVE-2009-3072 at NVDCVE-2009-3073 at SUSECVE-2009-3073 at NVDCVE-2009-3074 at SUSECVE-2009-3074 at NVDCVE-2009-3075 at SUSECVE-2009-3075 at NVDCVE-2009-3077 at SUSECVE-2009-3077 at NVDCVE-2009-3078 at SUSECVE-2009-3078 at NVDCVE-2009-3079 at SUSECVE-2009-3079 at NVDCVE-2009-3274 at SUSECVE-2009-3274 at NVDCVE-2009-3370 at SUSECVE-2009-3370 at NVDCVE-2009-3371 at SUSECVE-2009-3371 at NVDCVE-2009-3372 at SUSECVE-2009-3372 at NVDCVE-2009-3373 at SUSECVE-2009-3373 at NVDCVE-2009-3374 at SUSECVE-2009-3374 at NVDCVE-2009-3375 at SUSECVE-2009-3375 at NVDCVE-2009-3376 at SUSECVE-2009-3376 at NVDCVE-2009-3377 at SUSECVE-2009-3377 at NVDCVE-2009-3378 at SUSECVE-2009-3378 at NVDCVE-2009-3379 at SUSECVE-2009-3379 at NVDCVE-2009-3380 at SUSECVE-2009-3380 at NVDCVE-2009-3381 at SUSECVE-2009-3381 at NVDCVE-2009-3383 at SUSECVE-2009-3383 at NVDCVE-2009-3388 at SUSECVE-2009-3388 at NVDCVE-2009-3389 at SUSECVE-2009-3389 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2009-3979 at SUSECVE-2009-3979 at NVDCVE-2009-3980 at SUSECVE-2009-3980 at NVDCVE-2009-3982 at SUSECVE-2009-3982 at NVDCVE-2009-3983 at SUSECVE-2009-3983 at NVDCVE-2009-3984 at SUSECVE-2009-3984 at NVDCVE-2009-3985 at SUSECVE-2009-3985 at NVDCVE-2009-3988 at SUSECVE-2009-3988 at NVDCVE-2010-0159 at SUSECVE-2010-0159 at NVDCVE-2010-0160 at SUSECVE-2010-0160 at NVDCVE-2010-0162 at SUSECVE-2010-0162 at NVDCVE-2010-0173 at SUSECVE-2010-0173 at NVDCVE-2010-0174 at SUSECVE-2010-0174 at NVDCVE-2010-0175 at SUSECVE-2010-0175 at NVDCVE-2010-0176 at SUSECVE-2010-0176 at NVDCVE-2010-0177 at SUSECVE-2010-0177 at NVDCVE-2010-0178 at SUSECVE-2010-0178 at NVDCVE-2010-0181 at SUSECVE-2010-0181 at NVDCVE-2010-0182 at SUSECVE-2010-0182 at NVDcpe:/o:suse:suse_sles:11:sp1NetworkManager-0.7.0.r4359-15.22.49 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the NetworkManager-0.7.0.r4359-15.22.49 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-0365 at SUSECVE-2009-0365 at NVDCVE-2009-0578 at SUSECVE-2009-0578 at NVDcpe:/o:suse:suse_sles:11:sp1NetworkManager-gnome-0.7.0.r1053-11.16.61 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the NetworkManager-gnome-0.7.0.r1053-11.16.61 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-0365 at SUSECVE-2009-0365 at NVDCVE-2009-0578 at SUSECVE-2009-0578 at NVDCVE-2009-4144 at SUSECVE-2009-4144 at NVDCVE-2009-4145 at SUSECVE-2009-4145 at NVDcpe:/o:suse:suse_sles:11:sp1OpenEXR-1.6.1-83.17.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the OpenEXR-1.6.1-83.17.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-1720 at SUSECVE-2009-1720 at NVDCVE-2009-1721 at SUSECVE-2009-1721 at NVDcpe:/o:suse:suse_sles:11:sp1PackageKit-0.3.14-2.12.105 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the PackageKit-0.3.14-2.12.105 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-4311 at SUSECVE-2008-4311 at NVDcpe:/o:suse:suse_sles:11:sp1PolicyKit-0.9-14.34.9 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the PolicyKit-0.9-14.34.9 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-1658 at SUSECVE-2008-1658 at NVDcpe:/o:suse:suse_sles:11:sp1amavisd-new-2.6.2-1.14 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the amavisd-new-2.6.2-1.14 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2005-1349 at SUSECVE-2005-1349 at NVDcpe:/o:suse:suse_sles:11:sp1apache2-2.2.10-2.24.5 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the apache2-2.2.10-2.24.5 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-3747 at SUSECVE-2006-3747 at NVDCVE-2006-5752 at SUSECVE-2006-5752 at NVDCVE-2007-1862 at SUSECVE-2007-1862 at NVDCVE-2007-1863 at SUSECVE-2007-1863 at NVDCVE-2007-3304 at SUSECVE-2007-3304 at NVDCVE-2007-3847 at SUSECVE-2007-3847 at NVDCVE-2007-4465 at SUSECVE-2007-4465 at NVDCVE-2007-5000 at SUSECVE-2007-5000 at NVDCVE-2007-6388 at SUSECVE-2007-6388 at NVDCVE-2007-6420 at SUSECVE-2007-6420 at NVDCVE-2007-6421 at SUSECVE-2007-6421 at NVDCVE-2007-6422 at SUSECVE-2007-6422 at NVDCVE-2008-0005 at SUSECVE-2008-0005 at NVDCVE-2008-1678 at SUSECVE-2008-1678 at NVDCVE-2008-2364 at SUSECVE-2008-2364 at NVDCVE-2008-2939 at SUSECVE-2008-2939 at NVDCVE-2009-1191 at SUSECVE-2009-1191 at NVDCVE-2009-1195 at SUSECVE-2009-1195 at NVDCVE-2009-1890 at SUSECVE-2009-1890 at NVDCVE-2009-3094 at SUSECVE-2009-3094 at NVDCVE-2009-3095 at SUSECVE-2009-3095 at NVDCVE-2010-0408 at SUSECVE-2010-0408 at NVDCVE-2010-0434 at SUSECVE-2010-0434 at NVDcpe:/o:suse:suse_sles:11:sp1apache2-mod_perl-2.0.4-40.19 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the apache2-mod_perl-2.0.4-40.19 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-1349 at SUSECVE-2007-1349 at NVDcpe:/o:suse:suse_sles:11:sp1apache2-mod_php5-5.2.6-50.24.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the apache2-mod_php5-5.2.6-50.24.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-4783 at SUSECVE-2007-4783 at NVDCVE-2007-4840 at SUSECVE-2007-4840 at NVDCVE-2007-4887 at SUSECVE-2007-4887 at NVDCVE-2008-0599 at SUSECVE-2008-0599 at NVDCVE-2008-5624 at SUSECVE-2008-5624 at NVDCVE-2008-5625 at SUSECVE-2008-5625 at NVDCVE-2008-5814 at SUSECVE-2008-5814 at NVDCVE-2009-1271 at SUSECVE-2009-1271 at NVDCVE-2009-1272 at SUSECVE-2009-1272 at NVDCVE-2009-2626 at SUSECVE-2009-2626 at NVDCVE-2009-3546 at SUSECVE-2009-3546 at NVDCVE-2009-4017 at SUSECVE-2009-4017 at NVDCVE-2009-4142 at SUSECVE-2009-4142 at NVDcpe:/o:suse:suse_sles:11:sp1avahi-0.6.23-11.19.22 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the avahi-0.6.23-11.19.22 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-5461 at SUSECVE-2006-5461 at NVDCVE-2006-6870 at SUSECVE-2006-6870 at NVDCVE-2007-3372 at SUSECVE-2007-3372 at NVDCVE-2008-5081 at SUSECVE-2008-5081 at NVDCVE-2009-0758 at SUSECVE-2009-0758 at NVDcpe:/o:suse:suse_sles:11:sp1bind-9.5.0P2-20.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the bind-9.5.0P2-20.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-4339 at SUSECVE-2006-4339 at NVDCVE-2007-2925 at SUSECVE-2007-2925 at NVDCVE-2007-2926 at SUSECVE-2007-2926 at NVDCVE-2009-0696 at SUSECVE-2009-0696 at NVDCVE-2009-4022 at SUSECVE-2009-4022 at NVDcpe:/o:suse:suse_sles:11:sp1boost-license-1.36.0-11.17 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the boost-license-1.36.0-11.17 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-0171 at SUSECVE-2008-0171 at NVDcpe:/o:suse:suse_sles:11:sp1bzip2-1.0.5-34.246 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the bzip2-1.0.5-34.246 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-1372 at SUSECVE-2008-1372 at NVDcpe:/o:suse:suse_sles:11:sp1cifs-mount-3.4.3-1.17.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the cifs-mount-3.4.3-1.17.2 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-3403 at SUSECVE-2006-3403 at NVDCVE-2007-0452 at SUSECVE-2007-0452 at NVDCVE-2007-2444 at SUSECVE-2007-2444 at NVDCVE-2007-2446 at SUSECVE-2007-2446 at NVDCVE-2007-2447 at SUSECVE-2007-2447 at NVDCVE-2007-4138 at SUSECVE-2007-4138 at NVDCVE-2007-4572 at SUSECVE-2007-4572 at NVDCVE-2007-5398 at SUSECVE-2007-5398 at NVDCVE-2007-6015 at SUSECVE-2007-6015 at NVDCVE-2008-1105 at SUSECVE-2008-1105 at NVDCVE-2008-3789 at SUSECVE-2008-3789 at NVDCVE-2008-4314 at SUSECVE-2008-4314 at NVDCVE-2009-0022 at SUSECVE-2009-0022 at NVDCVE-2009-1886 at SUSECVE-2009-1886 at NVDCVE-2009-1888 at SUSECVE-2009-1888 at NVDCVE-2009-2813 at SUSECVE-2009-2813 at NVDCVE-2009-2906 at SUSECVE-2009-2906 at NVDCVE-2009-2948 at SUSECVE-2009-2948 at NVDCVE-2010-0547 at SUSECVE-2010-0547 at NVDCVE-2010-0787 at SUSECVE-2010-0787 at NVDCVE-2010-0926 at SUSECVE-2010-0926 at NVDcpe:/o:suse:suse_sles:11:sp1clamav-0.96-0.12.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the clamav-0.96-0.12.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-4182 at SUSECVE-2006-4182 at NVDCVE-2006-5295 at SUSECVE-2006-5295 at NVDCVE-2006-5874 at SUSECVE-2006-5874 at NVDCVE-2007-0897 at SUSECVE-2007-0897 at NVDCVE-2007-0898 at SUSECVE-2007-0898 at NVDCVE-2007-1745 at SUSECVE-2007-1745 at NVDCVE-2007-1997 at SUSECVE-2007-1997 at NVDCVE-2007-6335 at SUSECVE-2007-6335 at NVDCVE-2007-6336 at SUSECVE-2007-6336 at NVDCVE-2007-6337 at SUSECVE-2007-6337 at NVDCVE-2007-6595 at SUSECVE-2007-6595 at NVDCVE-2007-6596 at SUSECVE-2007-6596 at NVDCVE-2008-0318 at SUSECVE-2008-0318 at NVDCVE-2008-0728 at SUSECVE-2008-0728 at NVDCVE-2008-1100 at SUSECVE-2008-1100 at NVDCVE-2008-2713 at SUSECVE-2008-2713 at NVDcpe:/o:suse:suse_sles:11:sp1coolkey-1.1.0-22.24 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the coolkey-1.1.0-22.24 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-4129 at SUSECVE-2007-4129 at NVDcpe:/o:suse:suse_sles:11:sp1cron-4.1-194.24.4 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the cron-4.1-194.24.4 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-2607 at SUSECVE-2006-2607 at NVDCVE-2010-0424 at SUSECVE-2010-0424 at NVDcpe:/o:suse:suse_sles:11:sp1cups-1.3.9-8.30.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the cups-1.3.9-8.30.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-0104 at SUSECVE-2007-0104 at NVDCVE-2007-3387 at SUSECVE-2007-3387 at NVDCVE-2007-4351 at SUSECVE-2007-4351 at NVDCVE-2007-4352 at SUSECVE-2007-4352 at NVDCVE-2007-5392 at SUSECVE-2007-5392 at NVDCVE-2007-5393 at SUSECVE-2007-5393 at NVDCVE-2008-0047 at SUSECVE-2008-0047 at NVDCVE-2008-1373 at SUSECVE-2008-1373 at NVDCVE-2008-1693 at SUSECVE-2008-1693 at NVDCVE-2008-1722 at SUSECVE-2008-1722 at NVDCVE-2008-3641 at SUSECVE-2008-3641 at NVDCVE-2009-0163 at SUSECVE-2009-0163 at NVDCVE-2009-0949 at SUSECVE-2009-0949 at NVDCVE-2009-2820 at SUSECVE-2009-2820 at NVDCVE-2009-3553 at SUSECVE-2009-3553 at NVDCVE-2010-0302 at SUSECVE-2010-0302 at NVDCVE-2010-0393 at SUSECVE-2010-0393 at NVDcpe:/o:suse:suse_sles:11:sp1curl-7.19.0-11.24.25 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the curl-7.19.0-11.24.25 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-0037 at SUSECVE-2009-0037 at NVDCVE-2009-2417 at SUSECVE-2009-2417 at NVDcpe:/o:suse:suse_sles:11:sp1cyrus-imapd-2.3.11-60.21.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the cyrus-imapd-2.3.11-60.21.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-3235 at SUSECVE-2009-3235 at NVDcpe:/o:suse:suse_sles:11:sp1dbus-1-1.2.10-3.11.29 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the dbus-1-1.2.10-3.11.29 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-6107 at SUSECVE-2006-6107 at NVDCVE-2008-0595 at SUSECVE-2008-0595 at NVDCVE-2008-3834 at SUSECVE-2008-3834 at NVDCVE-2008-4311 at SUSECVE-2008-4311 at NVDcpe:/o:suse:suse_sles:11:sp1dhcp-3.1.3.ESV-0.3.38 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the dhcp-3.1.3.ESV-0.3.38 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-0692 at SUSECVE-2009-0692 at NVDCVE-2009-1892 at SUSECVE-2009-1892 at NVDcpe:/o:suse:suse_sles:11:sp1e2fsprogs-1.41.9-2.1.51 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the e2fsprogs-1.41.9-2.1.51 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-5497 at SUSECVE-2007-5497 at NVDcpe:/o:suse:suse_sles:11:sp1emacs-22.3-4.32.4 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the emacs-22.3-4.32.4 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-5795 at SUSECVE-2007-5795 at NVDcpe:/o:suse:suse_sles:11:sp1enscript-1.6.4-152.17.55 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the enscript-1.6.4-152.17.55 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-3863 at SUSECVE-2008-3863 at NVDCVE-2008-4306 at SUSECVE-2008-4306 at NVDcpe:/o:suse:suse_sles:11:sp1evince-2.28.2-0.2.68 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the evince-2.28.2-0.2.68 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-5864 at SUSECVE-2006-5864 at NVDcpe:/o:suse:suse_sles:11:sp1evolution-data-server-2.28.2-0.10.9 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the evolution-data-server-2.28.2-0.10.9 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-3257 at SUSECVE-2007-3257 at NVDcpe:/o:suse:suse_sles:11:sp1expat-2.0.1-88.26.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the expat-2.0.1-88.26.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-2625 at SUSECVE-2009-2625 at NVDCVE-2009-3560 at SUSECVE-2009-3560 at NVDcpe:/o:suse:suse_sles:11:sp1fetchmail-6.3.8.90-13.16.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the fetchmail-6.3.8.90-13.16.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-5867 at SUSECVE-2006-5867 at NVDCVE-2006-5974 at SUSECVE-2006-5974 at NVDCVE-2007-1558 at SUSECVE-2007-1558 at NVDCVE-2007-4565 at SUSECVE-2007-4565 at NVDCVE-2009-2666 at SUSECVE-2009-2666 at NVDcpe:/o:suse:suse_sles:11:sp1file-32bit-4.24-43.17 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the file-32bit-4.24-43.17 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-1536 at SUSECVE-2007-1536 at NVDCVE-2007-2799 at SUSECVE-2007-2799 at NVDcpe:/o:suse:suse_sles:11:sp1findutils-4.4.0-38.24.11 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the findutils-4.4.0-38.24.11 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-2452 at SUSECVE-2007-2452 at NVDcpe:/o:suse:suse_sles:11:sp1freeradius-server-2.1.1-7.7.19.77 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the freeradius-server-2.1.1-7.7.19.77 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-4474 at SUSECVE-2008-4474 at NVDcpe:/o:suse:suse_sles:11:sp1freetype2-2.3.7-25.10.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the freetype2-2.3.7-25.10.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-1351 at SUSECVE-2007-1351 at NVDCVE-2009-0946 at SUSECVE-2009-0946 at NVDcpe:/o:suse:suse_sles:11:sp1ft2demos-2.3.7-25.9 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the ft2demos-2.3.7-25.9 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-1351 at SUSECVE-2007-1351 at NVDcpe:/o:suse:suse_sles:11:sp1fuse-2.7.2-61.18.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the fuse-2.7.2-61.18.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-3297 at SUSECVE-2009-3297 at NVDcpe:/o:suse:suse_sles:11:sp1fvwm2-2.5.26-1.25 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the fvwm2-2.5.26-1.25 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-5969 at SUSECVE-2006-5969 at NVDcpe:/o:suse:suse_sles:11:sp1g3utils-1.1.36-26.31 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the g3utils-1.1.36-26.31 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-4936 at SUSECVE-2008-4936 at NVDcpe:/o:suse:suse_sles:11:sp1gd-2.0.36.RC1-52.18 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the gd-2.0.36.RC1-52.18 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-2756 at SUSECVE-2007-2756 at NVDcpe:/o:suse:suse_sles:11:sp1ghostscript-fonts-other-8.62-32.27.31 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the ghostscript-fonts-other-8.62-32.27.31 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-0196 at SUSECVE-2009-0196 at NVDCVE-2009-0583 at SUSECVE-2009-0583 at NVDCVE-2009-0584 at SUSECVE-2009-0584 at NVDCVE-2009-0792 at SUSECVE-2009-0792 at NVDcpe:/o:suse:suse_sles:11:sp1glib2-2.22.5-0.2.23 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the glib2-2.22.5-0.2.23 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-2371 at SUSECVE-2008-2371 at NVDCVE-2008-4316 at SUSECVE-2008-4316 at NVDcpe:/o:suse:suse_sles:11:sp1gmime-2.2.23-1.41.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the gmime-2.2.23-1.41.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2010-0409 at SUSECVE-2010-0409 at NVDcpe:/o:suse:suse_sles:11:sp1gnome-screensaver-2.28.3-0.4.30 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the gnome-screensaver-2.28.3-0.4.30 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-0887 at SUSECVE-2008-0887 at NVDCVE-2010-0414 at SUSECVE-2010-0414 at NVDCVE-2010-0422 at SUSECVE-2010-0422 at NVDcpe:/o:suse:suse_sles:11:sp1gnutls-2.4.1-24.19.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the gnutls-2.4.1-24.19.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-4790 at SUSECVE-2006-4790 at NVDCVE-2008-1948 at SUSECVE-2008-1948 at NVDCVE-2008-1949 at SUSECVE-2008-1949 at NVDCVE-2008-1950 at SUSECVE-2008-1950 at NVDCVE-2008-4989 at SUSECVE-2008-4989 at NVDCVE-2009-2730 at SUSECVE-2009-2730 at NVDcpe:/o:suse:suse_sles:11:sp1gpg2-2.0.9-25.25.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the gpg2-2.0.9-25.25.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-3746 at SUSECVE-2006-3746 at NVDCVE-2006-6169 at SUSECVE-2006-6169 at NVDCVE-2008-1530 at SUSECVE-2008-1530 at NVDcpe:/o:suse:suse_sles:11:sp1gstreamer-0_10-plugins-base-0.10.25-1.1.133 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the gstreamer-0_10-plugins-base-0.10.25-1.1.133 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-0586 at SUSECVE-2009-0586 at NVDcpe:/o:suse:suse_sles:11:sp1gstreamer-0_10-plugins-good-0.10.17-1.1.126 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the gstreamer-0_10-plugins-good-0.10.17-1.1.126 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-1686 at SUSECVE-2008-1686 at NVDCVE-2009-0386 at SUSECVE-2009-0386 at NVDCVE-2009-0387 at SUSECVE-2009-0387 at NVDCVE-2009-0397 at SUSECVE-2009-0397 at NVDCVE-2009-1932 at SUSECVE-2009-1932 at NVDcpe:/o:suse:suse_sles:11:sp1gtk2-2.18.9-0.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the gtk2-2.18.9-0.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-0010 at SUSECVE-2007-0010 at NVDcpe:/o:suse:suse_sles:11:sp1gvim-7.2-8.8 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the gvim-7.2-8.8 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-2438 at SUSECVE-2007-2438 at NVDCVE-2007-2953 at SUSECVE-2007-2953 at NVDcpe:/o:suse:suse_sles:11:sp1gzip-1.3.12-69.19.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the gzip-1.3.12-69.19.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-2624 at SUSECVE-2009-2624 at NVDCVE-2010-0001 at SUSECVE-2010-0001 at NVDcpe:/o:suse:suse_sles:11:sp1hplip-3.9.8-3.4.30 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the hplip-3.9.8-3.4.30 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-5208 at SUSECVE-2007-5208 at NVDcpe:/o:suse:suse_sles:11:sp1ipsec-tools-0.7.3-1.1.93 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the ipsec-tools-0.7.3-1.1.93 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-1841 at SUSECVE-2007-1841 at NVDCVE-2008-3652 at SUSECVE-2008-3652 at NVDcpe:/o:suse:suse_sles:11:sp1java-1_4_2-ibm-1.4.2_sr13.3-1.1.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the java-1_4_2-ibm-1.4.2_sr13.3-1.1.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-2788 at SUSECVE-2007-2788 at NVDCVE-2007-2789 at SUSECVE-2007-2789 at NVDCVE-2007-3004 at SUSECVE-2007-3004 at NVDCVE-2007-3005 at SUSECVE-2007-3005 at NVDCVE-2007-3655 at SUSECVE-2007-3655 at NVDCVE-2007-3698 at SUSECVE-2007-3698 at NVDCVE-2007-3922 at SUSECVE-2007-3922 at NVDCVE-2007-4381 at SUSECVE-2007-4381 at NVDCVE-2007-5232 at SUSECVE-2007-5232 at NVDCVE-2007-5236 at SUSECVE-2007-5236 at NVDCVE-2007-5238 at SUSECVE-2007-5238 at NVDCVE-2007-5239 at SUSECVE-2007-5239 at NVDCVE-2007-5240 at SUSECVE-2007-5240 at NVDCVE-2007-5273 at SUSECVE-2007-5273 at NVDCVE-2007-5274 at SUSECVE-2007-5274 at NVDCVE-2008-1187 at SUSECVE-2008-1187 at NVDCVE-2008-1189 at SUSECVE-2008-1189 at NVDCVE-2008-1190 at SUSECVE-2008-1190 at NVDCVE-2008-1192 at SUSECVE-2008-1192 at NVDCVE-2008-1195 at SUSECVE-2008-1195 at NVDCVE-2008-1196 at SUSECVE-2008-1196 at NVDCVE-2008-3104 at SUSECVE-2008-3104 at NVDCVE-2008-3112 at SUSECVE-2008-3112 at NVDCVE-2008-3113 at SUSECVE-2008-3113 at NVDCVE-2008-3114 at SUSECVE-2008-3114 at NVDcpe:/o:suse:suse_sles:11:sp1java-1_6_0-ibm-1.6.0_sr7.0-1.6.21 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the java-1_6_0-ibm-1.6.0_sr7.0-1.6.21 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-1187 at SUSECVE-2008-1187 at NVDCVE-2008-1188 at SUSECVE-2008-1188 at NVDCVE-2008-1189 at SUSECVE-2008-1189 at NVDCVE-2008-1190 at SUSECVE-2008-1190 at NVDCVE-2008-1191 at SUSECVE-2008-1191 at NVDCVE-2008-1192 at SUSECVE-2008-1192 at NVDCVE-2008-1193 at SUSECVE-2008-1193 at NVDCVE-2008-1194 at SUSECVE-2008-1194 at NVDCVE-2008-1195 at SUSECVE-2008-1195 at NVDCVE-2008-1196 at SUSECVE-2008-1196 at NVDcpe:/o:suse:suse_sles:11:sp1kde4-kgreeter-plugins-4.3.5-0.8.35 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the kde4-kgreeter-plugins-4.3.5-0.8.35 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2010-0436 at SUSECVE-2010-0436 at NVDcpe:/o:suse:suse_sles:11:sp1kdebase3-runtime-3.5.10-20.31 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the kdebase3-runtime-3.5.10-20.31 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-4569 at SUSECVE-2007-4569 at NVDcpe:/o:suse:suse_sles:11:sp1kdelibs3-3.5.10-23.27.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the kdelibs3-3.5.10-23.27.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-3820 at SUSECVE-2007-3820 at NVDCVE-2007-4224 at SUSECVE-2007-4224 at NVDCVE-2007-4225 at SUSECVE-2007-4225 at NVDCVE-2008-1671 at SUSECVE-2008-1671 at NVDCVE-2009-0689 at SUSECVE-2009-0689 at NVDcpe:/o:suse:suse_sles:11:sp1kdelibs4-4.3.5-0.2.46 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the kdelibs4-4.3.5-0.2.46 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-0689 at SUSECVE-2009-0689 at NVDcpe:/o:suse:suse_sles:11:sp1kernel-default-2.6.32.12-0.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the kernel-default-2.6.32.12-0.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-0007 at SUSECVE-2008-0007 at NVDCVE-2008-0009 at SUSECVE-2008-0009 at NVDCVE-2008-0010 at SUSECVE-2008-0010 at NVDCVE-2008-1375 at SUSECVE-2008-1375 at NVDCVE-2008-1669 at SUSECVE-2008-1669 at NVDCVE-2008-1673 at SUSECVE-2008-1673 at NVDCVE-2008-1675 at SUSECVE-2008-1675 at NVDCVE-2008-3528 at SUSECVE-2008-3528 at NVDCVE-2008-3831 at SUSECVE-2008-3831 at NVDCVE-2008-5079 at SUSECVE-2008-5079 at NVDCVE-2008-5182 at SUSECVE-2008-5182 at NVDCVE-2008-5300 at SUSECVE-2008-5300 at NVDCVE-2009-0029 at SUSECVE-2009-0029 at NVDCVE-2009-3939 at SUSECVE-2009-3939 at NVDCVE-2009-4026 at SUSECVE-2009-4026 at NVDCVE-2009-4027 at SUSECVE-2009-4027 at NVDCVE-2009-4131 at SUSECVE-2009-4131 at NVDCVE-2009-4138 at SUSECVE-2009-4138 at NVDCVE-2009-4536 at SUSECVE-2009-4536 at NVDCVE-2009-4537 at SUSECVE-2009-4537 at NVDCVE-2009-4538 at SUSECVE-2009-4538 at NVDCVE-2010-0415 at SUSECVE-2010-0415 at NVDCVE-2010-0622 at SUSECVE-2010-0622 at NVDCVE-2010-0623 at SUSECVE-2010-0623 at NVDCVE-2010-1146 at SUSECVE-2010-1146 at NVDCVE-2010-1437 at SUSECVE-2010-1437 at NVDcpe:/o:suse:suse_sles:11:sp1krb5-1.6.3-133.27.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the krb5-1.6.3-133.27.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-6143 at SUSECVE-2006-6143 at NVDCVE-2006-6144 at SUSECVE-2006-6144 at NVDCVE-2007-0956 at SUSECVE-2007-0956 at NVDCVE-2007-0957 at SUSECVE-2007-0957 at NVDCVE-2007-1216 at SUSECVE-2007-1216 at NVDCVE-2007-2442 at SUSECVE-2007-2442 at NVDCVE-2007-2443 at SUSECVE-2007-2443 at NVDCVE-2007-2798 at SUSECVE-2007-2798 at NVDCVE-2007-3999 at SUSECVE-2007-3999 at NVDCVE-2007-4000 at SUSECVE-2007-4000 at NVDCVE-2007-4743 at SUSECVE-2007-4743 at NVDCVE-2007-5894 at SUSECVE-2007-5894 at NVDCVE-2007-5902 at SUSECVE-2007-5902 at NVDCVE-2007-5971 at SUSECVE-2007-5971 at NVDCVE-2007-5972 at SUSECVE-2007-5972 at NVDCVE-2008-0062 at SUSECVE-2008-0062 at NVDCVE-2008-0063 at SUSECVE-2008-0063 at NVDCVE-2008-0947 at SUSECVE-2008-0947 at NVDCVE-2008-0948 at SUSECVE-2008-0948 at NVDCVE-2009-0844 at SUSECVE-2009-0844 at NVDCVE-2009-0845 at SUSECVE-2009-0845 at NVDCVE-2009-0846 at SUSECVE-2009-0846 at NVDCVE-2009-0847 at SUSECVE-2009-0847 at NVDCVE-2009-4212 at SUSECVE-2009-4212 at NVDCVE-2010-0629 at SUSECVE-2010-0629 at NVDcpe:/o:suse:suse_sles:11:sp1krb5-doc-1.6.3-133.21 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the krb5-doc-1.6.3-133.21 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-3999 at SUSECVE-2007-3999 at NVDCVE-2007-4000 at SUSECVE-2007-4000 at NVDCVE-2007-4743 at SUSECVE-2007-4743 at NVDcpe:/o:suse:suse_sles:11:sp1krb5-plugin-kdb-ldap-1.6.3-133.12 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the krb5-plugin-kdb-ldap-1.6.3-133.12 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-0956 at SUSECVE-2007-0956 at NVDCVE-2007-0957 at SUSECVE-2007-0957 at NVDCVE-2007-1216 at SUSECVE-2007-1216 at NVDCVE-2007-2442 at SUSECVE-2007-2442 at NVDCVE-2007-2443 at SUSECVE-2007-2443 at NVDCVE-2007-2798 at SUSECVE-2007-2798 at NVDCVE-2007-3999 at SUSECVE-2007-3999 at NVDCVE-2007-4000 at SUSECVE-2007-4000 at NVDCVE-2007-4743 at SUSECVE-2007-4743 at NVDcpe:/o:suse:suse_sles:11:sp1kvm-0.12.3-0.11.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the kvm-0.12.3-0.11.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-2382 at SUSECVE-2008-2382 at NVDCVE-2008-5714 at SUSECVE-2008-5714 at NVDcpe:/o:suse:suse_sles:11:sp1lcms-1.17-77.14.19 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the lcms-1.17-77.14.19 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-0581 at SUSECVE-2009-0581 at NVDCVE-2009-0723 at SUSECVE-2009-0723 at NVDCVE-2009-0733 at SUSECVE-2009-0733 at NVDCVE-2009-0793 at SUSECVE-2009-0793 at NVDcpe:/o:suse:suse_sles:11:sp1libMagickCore1-32bit-6.4.3.6-7.20.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libMagickCore1-32bit-6.4.3.6-7.20.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-5456 at SUSECVE-2006-5456 at NVDCVE-2007-1667 at SUSECVE-2007-1667 at NVDCVE-2007-1797 at SUSECVE-2007-1797 at NVDCVE-2007-4985 at SUSECVE-2007-4985 at NVDCVE-2007-4986 at SUSECVE-2007-4986 at NVDCVE-2007-4987 at SUSECVE-2007-4987 at NVDCVE-2007-4988 at SUSECVE-2007-4988 at NVDcpe:/o:suse:suse_sles:11:sp1libQtWebKit4-32bit-4.6.2-1.6.9 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libQtWebKit4-32bit-4.6.2-1.6.9 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-4811 at SUSECVE-2006-4811 at NVDCVE-2009-0945 at SUSECVE-2009-0945 at NVDcpe:/o:suse:suse_sles:11:sp1libadns1-1.4-73.21 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libadns1-1.4-73.21 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-1447 at SUSECVE-2008-1447 at NVDCVE-2008-4100 at SUSECVE-2008-4100 at NVDcpe:/o:suse:suse_sles:11:sp1libapr-util1-1.3.4-12.20.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libapr-util1-1.3.4-12.20.2 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-2412 at SUSECVE-2009-2412 at NVDcpe:/o:suse:suse_sles:11:sp1libarchive2-2.5.5-5.19 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libarchive2-2.5.5-5.19 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-5680 at SUSECVE-2006-5680 at NVDCVE-2007-3641 at SUSECVE-2007-3641 at NVDCVE-2007-3644 at SUSECVE-2007-3644 at NVDCVE-2007-3645 at SUSECVE-2007-3645 at NVDcpe:/o:suse:suse_sles:11:sp1libdrm-2.4.17-0.3.12 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libdrm-2.4.17-0.3.12 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-3831 at SUSECVE-2008-3831 at NVDcpe:/o:suse:suse_sles:11:sp1libexif-0.6.17-2.12 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libexif-0.6.17-2.12 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-6351 at SUSECVE-2007-6351 at NVDCVE-2007-6352 at SUSECVE-2007-6352 at NVDcpe:/o:suse:suse_sles:11:sp1libexiv2-4-0.17.1-31.20 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libexiv2-4-0.17.1-31.20 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-6353 at SUSECVE-2007-6353 at NVDcpe:/o:suse:suse_sles:11:sp1libgtop-2.28.0-1.2.20 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libgtop-2.28.0-1.2.20 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-0235 at SUSECVE-2007-0235 at NVDcpe:/o:suse:suse_sles:11:sp1libicu-32bit-4.0-7.24.11 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libicu-32bit-4.0-7.24.11 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-4770 at SUSECVE-2007-4770 at NVDCVE-2007-4771 at SUSECVE-2007-4771 at NVDCVE-2008-1036 at SUSECVE-2008-1036 at NVDCVE-2009-0153 at SUSECVE-2009-0153 at NVDcpe:/o:suse:suse_sles:11:sp1libltdl7-2.2.6-2.131.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libltdl7-2.2.6-2.131.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-3736 at SUSECVE-2009-3736 at NVDcpe:/o:suse:suse_sles:11:sp1libmusicbrainz4-2.1.5-5.18 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libmusicbrainz4-2.1.5-5.18 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-4197 at SUSECVE-2006-4197 at NVDcpe:/o:suse:suse_sles:11:sp1libmysqlclient15-32bit-5.0.67-13.20.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libmysqlclient15-32bit-5.0.67-13.20.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-0903 at SUSECVE-2006-0903 at NVDCVE-2006-4226 at SUSECVE-2006-4226 at NVDCVE-2006-4227 at SUSECVE-2006-4227 at NVDCVE-2007-5969 at SUSECVE-2007-5969 at NVDCVE-2007-6303 at SUSECVE-2007-6303 at NVDCVE-2007-6304 at SUSECVE-2007-6304 at NVDCVE-2008-2079 at SUSECVE-2008-2079 at NVDCVE-2008-4456 at SUSECVE-2008-4456 at NVDCVE-2008-7247 at SUSECVE-2008-7247 at NVDCVE-2009-2446 at SUSECVE-2009-2446 at NVDCVE-2009-4019 at SUSECVE-2009-4019 at NVDCVE-2009-4028 at SUSECVE-2009-4028 at NVDCVE-2009-4030 at SUSECVE-2009-4030 at NVDCVE-2009-4484 at SUSECVE-2009-4484 at NVDcpe:/o:suse:suse_sles:11:sp1libneon27-0.28.3-2.12.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libneon27-0.28.3-2.12.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-0157 at SUSECVE-2007-0157 at NVDCVE-2008-3746 at SUSECVE-2008-3746 at NVDCVE-2009-2473 at SUSECVE-2009-2473 at NVDCVE-2009-2474 at SUSECVE-2009-2474 at NVDcpe:/o:suse:suse_sles:11:sp1libnetpbm10-10.26.44-101.9.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libnetpbm10-10.26.44-101.9.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-4274 at SUSECVE-2009-4274 at NVDcpe:/o:suse:suse_sles:11:sp1libopensc2-0.11.6-5.25.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libopensc2-0.11.6-5.25.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-2235 at SUSECVE-2008-2235 at NVDCVE-2009-0368 at SUSECVE-2009-0368 at NVDcpe:/o:suse:suse_sles:11:sp1libopenssl0_9_8-0.9.8h-30.27.11 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libopenssl0_9_8-0.9.8h-30.27.11 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-2937 at SUSECVE-2006-2937 at NVDCVE-2006-2940 at SUSECVE-2006-2940 at NVDCVE-2006-3738 at SUSECVE-2006-3738 at NVDCVE-2006-4339 at SUSECVE-2006-4339 at NVDCVE-2006-4343 at SUSECVE-2006-4343 at NVDCVE-2007-3108 at SUSECVE-2007-3108 at NVDCVE-2007-4995 at SUSECVE-2007-4995 at NVDCVE-2007-5135 at SUSECVE-2007-5135 at NVDCVE-2008-0891 at SUSECVE-2008-0891 at NVDCVE-2008-1672 at SUSECVE-2008-1672 at NVDCVE-2008-5077 at SUSECVE-2008-5077 at NVDCVE-2009-0590 at SUSECVE-2009-0590 at NVDCVE-2009-0591 at SUSECVE-2009-0591 at NVDCVE-2009-0789 at SUSECVE-2009-0789 at NVDCVE-2009-1377 at SUSECVE-2009-1377 at NVDCVE-2009-1378 at SUSECVE-2009-1378 at NVDCVE-2009-1379 at SUSECVE-2009-1379 at NVDCVE-2009-1386 at SUSECVE-2009-1386 at NVDCVE-2009-1387 at SUSECVE-2009-1387 at NVDCVE-2009-3245 at SUSECVE-2009-3245 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2009-4355 at SUSECVE-2009-4355 at NVDCVE-2010-0740 at SUSECVE-2010-0740 at NVDcpe:/o:suse:suse_sles:11:sp1libpng12-0-1.2.31-5.12.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libpng12-0-1.2.31-5.12.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-5793 at SUSECVE-2006-5793 at NVDCVE-2008-3964 at SUSECVE-2008-3964 at NVDCVE-2008-5907 at SUSECVE-2008-5907 at NVDCVE-2009-0040 at SUSECVE-2009-0040 at NVDCVE-2009-2042 at SUSECVE-2009-2042 at NVDcpe:/o:suse:suse_sles:11:sp1libpoppler-glib4-0.12.3-1.2.44 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libpoppler-glib4-0.12.3-1.2.44 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-0104 at SUSECVE-2007-0104 at NVDCVE-2007-4352 at SUSECVE-2007-4352 at NVDCVE-2007-5392 at SUSECVE-2007-5392 at NVDCVE-2007-5393 at SUSECVE-2007-5393 at NVDCVE-2008-2950 at SUSECVE-2008-2950 at NVDCVE-2009-0755 at SUSECVE-2009-0755 at NVDCVE-2009-0756 at SUSECVE-2009-0756 at NVDCVE-2009-0791 at SUSECVE-2009-0791 at NVDCVE-2009-0799 at SUSECVE-2009-0799 at NVDCVE-2009-0800 at SUSECVE-2009-0800 at NVDCVE-2009-1179 at SUSECVE-2009-1179 at NVDCVE-2009-1180 at SUSECVE-2009-1180 at NVDCVE-2009-1181 at SUSECVE-2009-1181 at NVDCVE-2009-1182 at SUSECVE-2009-1182 at NVDCVE-2009-1183 at SUSECVE-2009-1183 at NVDCVE-2009-1187 at SUSECVE-2009-1187 at NVDCVE-2009-1188 at SUSECVE-2009-1188 at NVDCVE-2009-3607 at SUSECVE-2009-3607 at NVDCVE-2009-3608 at SUSECVE-2009-3608 at NVDcpe:/o:suse:suse_sles:11:sp1libpulse-browse0-0.9.21-1.5.26 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libpulse-browse0-0.9.21-1.5.26 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-0008 at SUSECVE-2008-0008 at NVDcpe:/o:suse:suse_sles:11:sp1libpython2_6-1_0-2.6.0-8.9.20 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libpython2_6-1_0-2.6.0-8.9.20 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-3560 at SUSECVE-2009-3560 at NVDCVE-2009-3720 at SUSECVE-2009-3720 at NVDcpe:/o:suse:suse_sles:11:sp1librpcsecgss-0.18-1.15 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the librpcsecgss-0.18-1.15 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-3999 at SUSECVE-2007-3999 at NVDcpe:/o:suse:suse_sles:11:sp1libsamplerate-0.1.4-1.15 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libsamplerate-0.1.4-1.15 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-5008 at SUSECVE-2008-5008 at NVDcpe:/o:suse:suse_sles:11:sp1libsndfile-1.0.20-2.1.46 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libsndfile-1.0.20-2.1.46 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-4974 at SUSECVE-2007-4974 at NVDCVE-2009-0186 at SUSECVE-2009-0186 at NVDCVE-2009-1788 at SUSECVE-2009-1788 at NVDCVE-2009-1791 at SUSECVE-2009-1791 at NVDcpe:/o:suse:suse_sles:11:sp1libsnmp15-32bit-5.4.2.1-8.2.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libsnmp15-32bit-5.4.2.1-8.2.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-4309 at SUSECVE-2008-4309 at NVDCVE-2008-6123 at SUSECVE-2008-6123 at NVDcpe:/o:suse:suse_sles:11:sp1libsoup-2_4-1-2.28.2-0.1.151 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libsoup-2_4-1-2.28.2-0.1.151 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-5876 at SUSECVE-2006-5876 at NVDcpe:/o:suse:suse_sles:11:sp1libtiff3-3.8.2-141.8.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libtiff3-3.8.2-141.8.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-1586 at SUSECVE-2008-1586 at NVDCVE-2008-2327 at SUSECVE-2008-2327 at NVDCVE-2009-2285 at SUSECVE-2009-2285 at NVDCVE-2009-2347 at SUSECVE-2009-2347 at NVDcpe:/o:suse:suse_sles:11:sp1libvirt-0.7.6-1.9.8 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libvirt-0.7.6-1.9.8 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-5086 at SUSECVE-2008-5086 at NVDcpe:/o:suse:suse_sles:11:sp1libvorbis-1.2.0-79.12 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libvorbis-1.2.0-79.12 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-3106 at SUSECVE-2007-3106 at NVDCVE-2008-1419 at SUSECVE-2008-1419 at NVDCVE-2008-1420 at SUSECVE-2008-1420 at NVDCVE-2008-1423 at SUSECVE-2008-1423 at NVDcpe:/o:suse:suse_sles:11:sp1libxml2-2.7.6-0.1.37 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libxml2-2.7.6-0.1.37 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-6284 at SUSECVE-2007-6284 at NVDCVE-2008-4225 at SUSECVE-2008-4225 at NVDCVE-2008-4226 at SUSECVE-2008-4226 at NVDCVE-2008-4409 at SUSECVE-2008-4409 at NVDCVE-2009-2414 at SUSECVE-2009-2414 at NVDCVE-2009-2416 at SUSECVE-2009-2416 at NVDcpe:/o:suse:suse_sles:11:sp1libxslt-1.1.24-19.15 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the libxslt-1.1.24-19.15 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-1767 at SUSECVE-2008-1767 at NVDcpe:/o:suse:suse_sles:11:sp1log4net-1.2.10-1.36 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the log4net-1.2.10-1.36 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-0743 at SUSECVE-2006-0743 at NVDcpe:/o:suse:suse_sles:11:sp1mailman-2.1.12-0.1.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the mailman-2.1.12-0.1.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-2191 at SUSECVE-2006-2191 at NVDCVE-2006-2941 at SUSECVE-2006-2941 at NVDCVE-2006-3636 at SUSECVE-2006-3636 at NVDcpe:/o:suse:suse_sles:11:sp1man-2.5.2-17.16 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the man-2.5.2-17.16 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-4250 at SUSECVE-2006-4250 at NVDcpe:/o:suse:suse_sles:11:sp1mono-core-2.0.1-1.19.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the mono-core-2.0.1-1.19.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-0217 at SUSECVE-2009-0217 at NVDcpe:/o:suse:suse_sles:11:sp1mozilla-xulrunner190-1.9.0.19-0.1.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the mozilla-xulrunner190-1.9.0.19-0.1.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-3836 at SUSECVE-2008-3836 at NVDCVE-2008-4063 at SUSECVE-2008-4063 at NVDCVE-2008-4064 at SUSECVE-2008-4064 at NVDCVE-2008-4070 at SUSECVE-2008-4070 at NVDCVE-2009-0040 at SUSECVE-2009-0040 at NVDCVE-2009-0071 at SUSECVE-2009-0071 at NVDCVE-2009-0352 at SUSECVE-2009-0352 at NVDCVE-2009-0353 at SUSECVE-2009-0353 at NVDCVE-2009-0354 at SUSECVE-2009-0354 at NVDCVE-2009-0355 at SUSECVE-2009-0355 at NVDCVE-2009-0356 at SUSECVE-2009-0356 at NVDCVE-2009-0357 at SUSECVE-2009-0357 at NVDCVE-2009-0358 at SUSECVE-2009-0358 at NVDCVE-2009-0652 at SUSECVE-2009-0652 at NVDCVE-2009-0771 at SUSECVE-2009-0771 at NVDCVE-2009-0772 at SUSECVE-2009-0772 at NVDCVE-2009-0773 at SUSECVE-2009-0773 at NVDCVE-2009-0774 at SUSECVE-2009-0774 at NVDCVE-2009-0775 at SUSECVE-2009-0775 at NVDCVE-2009-0776 at SUSECVE-2009-0776 at NVDCVE-2009-0777 at SUSECVE-2009-0777 at NVDCVE-2009-0793 at SUSECVE-2009-0793 at NVDCVE-2009-1044 at SUSECVE-2009-1044 at NVDCVE-2009-1169 at SUSECVE-2009-1169 at NVDCVE-2009-1194 at SUSECVE-2009-1194 at NVDCVE-2009-1302 at SUSECVE-2009-1302 at NVDCVE-2009-1303 at SUSECVE-2009-1303 at NVDCVE-2009-1304 at SUSECVE-2009-1304 at NVDCVE-2009-1305 at SUSECVE-2009-1305 at NVDCVE-2009-1306 at SUSECVE-2009-1306 at NVDCVE-2009-1307 at SUSECVE-2009-1307 at NVDCVE-2009-1308 at SUSECVE-2009-1308 at NVDCVE-2009-1309 at SUSECVE-2009-1309 at NVDCVE-2009-1310 at SUSECVE-2009-1310 at NVDCVE-2009-1311 at SUSECVE-2009-1311 at NVDCVE-2009-1312 at SUSECVE-2009-1312 at NVDCVE-2009-1313 at SUSECVE-2009-1313 at NVDCVE-2009-1392 at SUSECVE-2009-1392 at NVDCVE-2009-1563 at SUSECVE-2009-1563 at NVDCVE-2009-1571 at SUSECVE-2009-1571 at NVDCVE-2009-1832 at SUSECVE-2009-1832 at NVDCVE-2009-1833 at SUSECVE-2009-1833 at NVDCVE-2009-1834 at SUSECVE-2009-1834 at NVDCVE-2009-1835 at SUSECVE-2009-1835 at NVDCVE-2009-1836 at SUSECVE-2009-1836 at NVDCVE-2009-1837 at SUSECVE-2009-1837 at NVDCVE-2009-1838 at SUSECVE-2009-1838 at NVDCVE-2009-1839 at SUSECVE-2009-1839 at NVDCVE-2009-1840 at SUSECVE-2009-1840 at NVDCVE-2009-1841 at SUSECVE-2009-1841 at NVDCVE-2009-2462 at SUSECVE-2009-2462 at NVDCVE-2009-2463 at SUSECVE-2009-2463 at NVDCVE-2009-2464 at SUSECVE-2009-2464 at NVDCVE-2009-2465 at SUSECVE-2009-2465 at NVDCVE-2009-2466 at SUSECVE-2009-2466 at NVDCVE-2009-2467 at SUSECVE-2009-2467 at NVDCVE-2009-2469 at SUSECVE-2009-2469 at NVDCVE-2009-2470 at SUSECVE-2009-2470 at NVDCVE-2009-2471 at SUSECVE-2009-2471 at NVDCVE-2009-2472 at SUSECVE-2009-2472 at NVDCVE-2009-2654 at SUSECVE-2009-2654 at NVDCVE-2009-3069 at SUSECVE-2009-3069 at NVDCVE-2009-3070 at SUSECVE-2009-3070 at NVDCVE-2009-3071 at SUSECVE-2009-3071 at NVDCVE-2009-3072 at SUSECVE-2009-3072 at NVDCVE-2009-3073 at SUSECVE-2009-3073 at NVDCVE-2009-3074 at SUSECVE-2009-3074 at NVDCVE-2009-3075 at SUSECVE-2009-3075 at NVDCVE-2009-3076 at SUSECVE-2009-3076 at NVDCVE-2009-3077 at SUSECVE-2009-3077 at NVDCVE-2009-3078 at SUSECVE-2009-3078 at NVDCVE-2009-3079 at SUSECVE-2009-3079 at NVDCVE-2009-3274 at SUSECVE-2009-3274 at NVDCVE-2009-3370 at SUSECVE-2009-3370 at NVDCVE-2009-3372 at SUSECVE-2009-3372 at NVDCVE-2009-3373 at SUSECVE-2009-3373 at NVDCVE-2009-3374 at SUSECVE-2009-3374 at NVDCVE-2009-3375 at SUSECVE-2009-3375 at NVDCVE-2009-3376 at SUSECVE-2009-3376 at NVDCVE-2009-3380 at SUSECVE-2009-3380 at NVDCVE-2009-3382 at SUSECVE-2009-3382 at NVDCVE-2009-3979 at SUSECVE-2009-3979 at NVDCVE-2009-3981 at SUSECVE-2009-3981 at NVDCVE-2009-3983 at SUSECVE-2009-3983 at NVDCVE-2009-3984 at SUSECVE-2009-3984 at NVDCVE-2009-3985 at SUSECVE-2009-3985 at NVDCVE-2009-3986 at SUSECVE-2009-3986 at NVDCVE-2009-3988 at SUSECVE-2009-3988 at NVDCVE-2010-0159 at SUSECVE-2010-0159 at NVDCVE-2010-0160 at SUSECVE-2010-0160 at NVDCVE-2010-0162 at SUSECVE-2010-0162 at NVDCVE-2010-0173 at SUSECVE-2010-0173 at NVDCVE-2010-0174 at SUSECVE-2010-0174 at NVDCVE-2010-0175 at SUSECVE-2010-0175 at NVDCVE-2010-0176 at SUSECVE-2010-0176 at NVDCVE-2010-0177 at SUSECVE-2010-0177 at NVDCVE-2010-0178 at SUSECVE-2010-0178 at NVDCVE-2010-0179 at SUSECVE-2010-0179 at NVDcpe:/o:suse:suse_sles:11:sp1mozilla-xulrunner191-1.9.1.9-1.12.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the mozilla-xulrunner191-1.9.1.9-1.12.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-1563 at SUSECVE-2009-1563 at NVDCVE-2009-1571 at SUSECVE-2009-1571 at NVDCVE-2009-2470 at SUSECVE-2009-2470 at NVDCVE-2009-2654 at SUSECVE-2009-2654 at NVDCVE-2009-3069 at SUSECVE-2009-3069 at NVDCVE-2009-3070 at SUSECVE-2009-3070 at NVDCVE-2009-3071 at SUSECVE-2009-3071 at NVDCVE-2009-3072 at SUSECVE-2009-3072 at NVDCVE-2009-3073 at SUSECVE-2009-3073 at NVDCVE-2009-3074 at SUSECVE-2009-3074 at NVDCVE-2009-3075 at SUSECVE-2009-3075 at NVDCVE-2009-3077 at SUSECVE-2009-3077 at NVDCVE-2009-3078 at SUSECVE-2009-3078 at NVDCVE-2009-3079 at SUSECVE-2009-3079 at NVDCVE-2009-3274 at SUSECVE-2009-3274 at NVDCVE-2009-3370 at SUSECVE-2009-3370 at NVDCVE-2009-3371 at SUSECVE-2009-3371 at NVDCVE-2009-3372 at SUSECVE-2009-3372 at NVDCVE-2009-3373 at SUSECVE-2009-3373 at NVDCVE-2009-3374 at SUSECVE-2009-3374 at NVDCVE-2009-3375 at SUSECVE-2009-3375 at NVDCVE-2009-3376 at SUSECVE-2009-3376 at NVDCVE-2009-3377 at SUSECVE-2009-3377 at NVDCVE-2009-3378 at SUSECVE-2009-3378 at NVDCVE-2009-3379 at SUSECVE-2009-3379 at NVDCVE-2009-3380 at SUSECVE-2009-3380 at NVDCVE-2009-3381 at SUSECVE-2009-3381 at NVDCVE-2009-3383 at SUSECVE-2009-3383 at NVDCVE-2009-3388 at SUSECVE-2009-3388 at NVDCVE-2009-3389 at SUSECVE-2009-3389 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2009-3979 at SUSECVE-2009-3979 at NVDCVE-2009-3980 at SUSECVE-2009-3980 at NVDCVE-2009-3982 at SUSECVE-2009-3982 at NVDCVE-2009-3983 at SUSECVE-2009-3983 at NVDCVE-2009-3984 at SUSECVE-2009-3984 at NVDCVE-2009-3985 at SUSECVE-2009-3985 at NVDCVE-2009-3988 at SUSECVE-2009-3988 at NVDCVE-2010-0159 at SUSECVE-2010-0159 at NVDCVE-2010-0160 at SUSECVE-2010-0160 at NVDCVE-2010-0162 at SUSECVE-2010-0162 at NVDCVE-2010-0173 at SUSECVE-2010-0173 at NVDCVE-2010-0174 at SUSECVE-2010-0174 at NVDCVE-2010-0175 at SUSECVE-2010-0175 at NVDCVE-2010-0176 at SUSECVE-2010-0176 at NVDCVE-2010-0177 at SUSECVE-2010-0177 at NVDCVE-2010-0178 at SUSECVE-2010-0178 at NVDCVE-2010-0181 at SUSECVE-2010-0181 at NVDCVE-2010-0182 at SUSECVE-2010-0182 at NVDcpe:/o:suse:suse_sles:11:sp1mutt-1.5.17-42.33.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the mutt-1.5.17-42.33.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-1558 at SUSECVE-2007-1558 at NVDcpe:/o:suse:suse_sles:11:sp1nagios-3.0.6-1.21.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the nagios-3.0.6-1.21.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-5803 at SUSECVE-2007-5803 at NVDcpe:/o:suse:suse_sles:11:sp1nagios-plugins-1.4.13-1.35 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the nagios-plugins-1.4.13-1.35 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-5623 at SUSECVE-2007-5623 at NVDcpe:/o:suse:suse_sles:11:sp1ntp-4.2.4p8-1.3.28 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the ntp-4.2.4p8-1.3.28 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-0159 at SUSECVE-2009-0159 at NVDCVE-2009-1252 at SUSECVE-2009-1252 at NVDcpe:/o:suse:suse_sles:11:sp1openssh-5.1p1-41.31.36 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the openssh-5.1p1-41.31.36 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-0225 at SUSECVE-2006-0225 at NVDCVE-2007-4752 at SUSECVE-2007-4752 at NVDCVE-2008-1483 at SUSECVE-2008-1483 at NVDcpe:/o:suse:suse_sles:11:sp1openswan-2.6.16-1.34.3 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the openswan-2.6.16-1.34.3 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-4190 at SUSECVE-2008-4190 at NVDCVE-2009-2185 at SUSECVE-2009-2185 at NVDcpe:/o:suse:suse_sles:11:sp1openvpn-2.0.9-143.31 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the openvpn-2.0.9-143.31 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-4339 at SUSECVE-2006-4339 at NVDcpe:/o:suse:suse_sles:11:sp1pam-1.0.4-0.5.12 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the pam-1.0.4-0.5.12 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-0579 at SUSECVE-2009-0579 at NVDCVE-2009-0887 at SUSECVE-2009-0887 at NVDcpe:/o:suse:suse_sles:11:sp1pam_krb5-2.3.1-47.10.15 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the pam_krb5-2.3.1-47.10.15 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-3825 at SUSECVE-2008-3825 at NVDcpe:/o:suse:suse_sles:11:sp1pam_ldap-184-147.20 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the pam_ldap-184-147.20 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-5170 at SUSECVE-2006-5170 at NVDcpe:/o:suse:suse_sles:11:sp1pam_mount-0.47-13.13.65 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the pam_mount-0.47-13.13.65 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-5138 at SUSECVE-2008-5138 at NVDcpe:/o:suse:suse_sles:11:sp1perl-32bit-5.10.0-64.47.8 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the perl-32bit-5.10.0-64.47.8 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-5116 at SUSECVE-2007-5116 at NVDcpe:/o:suse:suse_sles:11:sp1perl-HTML-Parser-3.56-1.18.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the perl-HTML-Parser-3.56-1.18.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-3627 at SUSECVE-2009-3627 at NVDcpe:/o:suse:suse_sles:11:sp1perl-Tk-804.028-50.24 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the perl-Tk-804.028-50.24 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-4484 at SUSECVE-2006-4484 at NVDcpe:/o:suse:suse_sles:11:sp1perl-spamassassin-3.2.5-26.22.18 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the perl-spamassassin-3.2.5-26.22.18 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-0451 at SUSECVE-2007-0451 at NVDCVE-2007-2873 at SUSECVE-2007-2873 at NVDcpe:/o:suse:suse_sles:11:sp1postgresql-8.3.9-0.1.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the postgresql-8.3.9-0.1.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-4769 at SUSECVE-2007-4769 at NVDCVE-2007-4772 at SUSECVE-2007-4772 at NVDCVE-2007-6067 at SUSECVE-2007-6067 at NVDCVE-2007-6600 at SUSECVE-2007-6600 at NVDCVE-2007-6601 at SUSECVE-2007-6601 at NVDCVE-2009-4034 at SUSECVE-2009-4034 at NVDCVE-2009-4136 at SUSECVE-2009-4136 at NVDcpe:/o:suse:suse_sles:11:sp1puppet-0.24.8-1.3.5 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the puppet-0.24.8-1.3.5 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2010-0156 at SUSECVE-2010-0156 at NVDcpe:/o:suse:suse_sles:11:sp1python-2.6.0-8.9.28 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the python-2.6.0-8.9.28 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-2052 at SUSECVE-2007-2052 at NVDCVE-2008-1721 at SUSECVE-2008-1721 at NVDCVE-2008-2315 at SUSECVE-2008-2315 at NVDCVE-2008-2316 at SUSECVE-2008-2316 at NVDCVE-2008-3142 at SUSECVE-2008-3142 at NVDCVE-2008-3143 at SUSECVE-2008-3143 at NVDCVE-2008-3144 at SUSECVE-2008-3144 at NVDcpe:/o:suse:suse_sles:11:sp1qt3-3.3.8b-88.21 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the qt3-3.3.8b-88.21 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-4811 at SUSECVE-2006-4811 at NVDCVE-2007-0242 at SUSECVE-2007-0242 at NVDCVE-2007-3388 at SUSECVE-2007-3388 at NVDCVE-2007-4137 at SUSECVE-2007-4137 at NVDcpe:/o:suse:suse_sles:11:sp1quagga-0.99.15-0.1.55 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the quagga-0.99.15-0.1.55 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-2223 at SUSECVE-2006-2223 at NVDCVE-2007-1995 at SUSECVE-2007-1995 at NVDcpe:/o:suse:suse_sles:11:sp1rsync-3.0.4-2.33.82 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the rsync-3.0.4-2.33.82 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-4091 at SUSECVE-2007-4091 at NVDCVE-2007-6199 at SUSECVE-2007-6199 at NVDcpe:/o:suse:suse_sles:11:sp1ruby-1.8.7.p72-5.24.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the ruby-1.8.7.p72-5.24.2 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-3694 at SUSECVE-2006-3694 at NVDCVE-2006-5467 at SUSECVE-2006-5467 at NVDCVE-2006-6303 at SUSECVE-2006-6303 at NVDCVE-2007-5162 at SUSECVE-2007-5162 at NVDCVE-2007-5770 at SUSECVE-2007-5770 at NVDCVE-2008-1145 at SUSECVE-2008-1145 at NVDCVE-2008-3790 at SUSECVE-2008-3790 at NVDCVE-2009-0642 at SUSECVE-2009-0642 at NVDCVE-2009-1904 at SUSECVE-2009-1904 at NVDcpe:/o:suse:suse_sles:11:sp1squid-2.7.STABLE5-2.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the squid-2.7.STABLE5-2.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-0478 at SUSECVE-2009-0478 at NVDCVE-2009-2855 at SUSECVE-2009-2855 at NVDCVE-2010-0308 at SUSECVE-2010-0308 at NVDcpe:/o:suse:suse_sles:11:sp1star-1.5final-28.19 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the star-1.5final-28.19 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-4134 at SUSECVE-2007-4134 at NVDcpe:/o:suse:suse_sles:11:sp1sudo-1.6.9p17-21.3.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the sudo-1.6.9p17-21.3.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2010-0426 at SUSECVE-2010-0426 at NVDCVE-2010-0427 at SUSECVE-2010-0427 at NVDcpe:/o:suse:suse_sles:11:sp1syslog-ng-2.0.9-27.27.19 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the syslog-ng-2.0.9-27.27.19 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-5110 at SUSECVE-2008-5110 at NVDcpe:/o:suse:suse_sles:11:sp1sysstat-8.1.5-7.9.56 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the sysstat-8.1.5-7.9.56 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-3852 at SUSECVE-2007-3852 at NVDcpe:/o:suse:suse_sles:11:sp1systemtap-1.0-0.15.16 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the systemtap-1.0-0.15.16 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2009-2911 at SUSECVE-2009-2911 at NVDCVE-2009-4273 at SUSECVE-2009-4273 at NVDcpe:/o:suse:suse_sles:11:sp1tar-1.20-23.23.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the tar-1.20-23.23.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2001-1267 at SUSECVE-2001-1267 at NVDCVE-2002-0399 at SUSECVE-2002-0399 at NVDCVE-2006-6097 at SUSECVE-2006-6097 at NVDcpe:/o:suse:suse_sles:11:sp1unrar-3.80.2-2.8 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the unrar-3.80.2-2.8 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-3726 at SUSECVE-2007-3726 at NVDcpe:/o:suse:suse_sles:11:sp1unzip-5.52-142.23.43 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the unzip-5.52-142.23.43 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2005-2475 at SUSECVE-2005-2475 at NVDcpe:/o:suse:suse_sles:11:sp1w3m-0.5.2-132.1.37 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the w3m-0.5.2-132.1.37 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-6772 at SUSECVE-2006-6772 at NVDcpe:/o:suse:suse_sles:11:sp1wget-1.11.4-1.15.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the wget-1.11.4-1.15.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-6719 at SUSECVE-2006-6719 at NVDcpe:/o:suse:suse_sles:11:sp1wireshark-1.0.5-1.34.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the wireshark-1.0.5-1.34.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-1932 at SUSECVE-2006-1932 at NVDCVE-2006-4574 at SUSECVE-2006-4574 at NVDCVE-2006-4805 at SUSECVE-2006-4805 at NVDCVE-2006-5468 at SUSECVE-2006-5468 at NVDCVE-2006-5469 at SUSECVE-2006-5469 at NVDCVE-2006-5740 at SUSECVE-2006-5740 at NVDCVE-2007-0456 at SUSECVE-2007-0456 at NVDCVE-2007-0457 at SUSECVE-2007-0457 at NVDCVE-2007-0458 at SUSECVE-2007-0458 at NVDCVE-2007-0459 at SUSECVE-2007-0459 at NVDCVE-2009-1210 at SUSECVE-2009-1210 at NVDCVE-2009-1267 at SUSECVE-2009-1267 at NVDCVE-2009-1268 at SUSECVE-2009-1268 at NVDCVE-2009-1269 at SUSECVE-2009-1269 at NVDCVE-2009-2560 at SUSECVE-2009-2560 at NVDCVE-2009-2562 at SUSECVE-2009-2562 at NVDCVE-2009-3549 at SUSECVE-2009-3549 at NVDCVE-2009-3550 at SUSECVE-2009-3550 at NVDCVE-2009-3829 at SUSECVE-2009-3829 at NVDCVE-2009-4377 at SUSECVE-2009-4377 at NVDCVE-2010-0304 at SUSECVE-2010-0304 at NVDcpe:/o:suse:suse_sles:11:sp1xdg-utils-1.0.2-36.18 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the xdg-utils-1.0.2-36.18 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-0386 at SUSECVE-2008-0386 at NVDcpe:/o:suse:suse_sles:11:sp1xen-4.0.0_21091_04-0.2.6 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the xen-4.0.0_21091_04-0.2.6 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-1320 at SUSECVE-2007-1320 at NVDCVE-2007-1321 at SUSECVE-2007-1321 at NVDCVE-2007-1322 at SUSECVE-2007-1322 at NVDCVE-2007-1323 at SUSECVE-2007-1323 at NVDCVE-2007-1366 at SUSECVE-2007-1366 at NVDCVE-2007-3919 at SUSECVE-2007-3919 at NVDcpe:/o:suse:suse_sles:11:sp1xorg-x11-7.4-9.24.15 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the xorg-x11-7.4-9.24.15 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-4568 at SUSECVE-2007-4568 at NVDcpe:/o:suse:suse_sles:11:sp1xorg-x11-Xvnc-7.4-27.19.19 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the xorg-x11-Xvnc-7.4-27.19.19 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-6101 at SUSECVE-2006-6101 at NVDCVE-2006-6102 at SUSECVE-2006-6102 at NVDCVE-2006-6103 at SUSECVE-2006-6103 at NVDCVE-2007-1003 at SUSECVE-2007-1003 at NVDCVE-2007-5760 at SUSECVE-2007-5760 at NVDCVE-2007-6427 at SUSECVE-2007-6427 at NVDCVE-2007-6428 at SUSECVE-2007-6428 at NVDCVE-2007-6429 at SUSECVE-2007-6429 at NVDCVE-2008-0006 at SUSECVE-2008-0006 at NVDCVE-2008-1377 at SUSECVE-2008-1377 at NVDCVE-2008-1379 at SUSECVE-2008-1379 at NVDCVE-2008-2360 at SUSECVE-2008-2360 at NVDCVE-2008-2361 at SUSECVE-2008-2361 at NVDCVE-2008-2362 at SUSECVE-2008-2362 at NVDcpe:/o:suse:suse_sles:11:sp1xpdf-tools-3.02-138.26.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the xpdf-tools-3.02-138.26.1 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2007-0104 at SUSECVE-2007-0104 at NVDCVE-2007-3387 at SUSECVE-2007-3387 at NVDCVE-2007-4352 at SUSECVE-2007-4352 at NVDCVE-2009-0146 at SUSECVE-2009-0146 at NVDCVE-2009-0791 at SUSECVE-2009-0791 at NVDcpe:/o:suse:suse_sles:11:sp1xterm-238-1.16 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the xterm-238-1.16 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2008-2383 at SUSECVE-2008-2383 at NVDcpe:/o:suse:suse_sles:11:sp1zoo-2.10-911.22 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP1
These are all security issues fixed in the zoo-2.10-911.22 package on the GA media of SUSE Linux Enterprise Server 11 SP1. ModerateCVE-2006-0855 at SUSECVE-2006-0855 at NVDCVE-2007-1669 at SUSECVE-2007-1669 at NVDcpe:/o:suse:suse_sles:11:sp1LibVNCServer-0.9.1-154.24 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the LibVNCServer-0.9.1-154.24 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-2450 at SUSECVE-2006-2450 at NVDcpe:/o:suse:suse_sles:11:sp2MozillaFirefox-10.0-0.3.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the MozillaFirefox-10.0-0.3.2 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-6077 at SUSECVE-2006-6077 at NVDCVE-2007-0008 at SUSECVE-2007-0008 at NVDCVE-2007-0009 at SUSECVE-2007-0009 at NVDCVE-2007-0078 at SUSECVE-2007-0078 at NVDCVE-2007-0079 at SUSECVE-2007-0079 at NVDCVE-2007-0775 at SUSECVE-2007-0775 at NVDCVE-2007-0776 at SUSECVE-2007-0776 at NVDCVE-2007-0777 at SUSECVE-2007-0777 at NVDCVE-2007-0780 at SUSECVE-2007-0780 at NVDCVE-2007-0800 at SUSECVE-2007-0800 at NVDCVE-2007-0981 at SUSECVE-2007-0981 at NVDCVE-2007-0995 at SUSECVE-2007-0995 at NVDCVE-2007-0996 at SUSECVE-2007-0996 at NVDCVE-2007-3089 at SUSECVE-2007-3089 at NVDCVE-2007-3285 at SUSECVE-2007-3285 at NVDCVE-2007-3656 at SUSECVE-2007-3656 at NVDCVE-2007-3670 at SUSECVE-2007-3670 at NVDCVE-2007-3734 at SUSECVE-2007-3734 at NVDCVE-2007-3735 at SUSECVE-2007-3735 at NVDCVE-2007-3736 at SUSECVE-2007-3736 at NVDCVE-2007-3737 at SUSECVE-2007-3737 at NVDCVE-2007-3738 at SUSECVE-2007-3738 at NVDCVE-2008-0412 at SUSECVE-2008-0412 at NVDCVE-2008-0414 at SUSECVE-2008-0414 at NVDCVE-2008-0415 at SUSECVE-2008-0415 at NVDCVE-2008-0417 at SUSECVE-2008-0417 at NVDCVE-2008-0418 at SUSECVE-2008-0418 at NVDCVE-2008-0419 at SUSECVE-2008-0419 at NVDCVE-2008-0591 at SUSECVE-2008-0591 at NVDCVE-2008-0592 at SUSECVE-2008-0592 at NVDCVE-2008-0593 at SUSECVE-2008-0593 at NVDCVE-2008-0594 at SUSECVE-2008-0594 at NVDCVE-2008-3836 at SUSECVE-2008-3836 at NVDCVE-2008-4063 at SUSECVE-2008-4063 at NVDCVE-2008-4064 at SUSECVE-2008-4064 at NVDCVE-2008-4070 at SUSECVE-2008-4070 at NVDCVE-2008-5913 at SUSECVE-2008-5913 at NVDCVE-2009-0040 at SUSECVE-2009-0040 at NVDCVE-2009-0352 at SUSECVE-2009-0352 at NVDCVE-2009-0353 at SUSECVE-2009-0353 at NVDCVE-2009-0354 at SUSECVE-2009-0354 at NVDCVE-2009-0355 at SUSECVE-2009-0355 at NVDCVE-2009-0356 at SUSECVE-2009-0356 at NVDCVE-2009-0357 at SUSECVE-2009-0357 at NVDCVE-2009-0358 at SUSECVE-2009-0358 at NVDCVE-2009-0652 at SUSECVE-2009-0652 at NVDCVE-2009-0771 at SUSECVE-2009-0771 at NVDCVE-2009-0772 at SUSECVE-2009-0772 at NVDCVE-2009-0773 at SUSECVE-2009-0773 at NVDCVE-2009-0774 at SUSECVE-2009-0774 at NVDCVE-2009-0775 at SUSECVE-2009-0775 at NVDCVE-2009-0776 at SUSECVE-2009-0776 at NVDCVE-2009-0777 at SUSECVE-2009-0777 at NVDCVE-2009-1044 at SUSECVE-2009-1044 at NVDCVE-2009-1169 at SUSECVE-2009-1169 at NVDCVE-2009-1302 at SUSECVE-2009-1302 at NVDCVE-2009-1303 at SUSECVE-2009-1303 at NVDCVE-2009-1304 at SUSECVE-2009-1304 at NVDCVE-2009-1305 at SUSECVE-2009-1305 at NVDCVE-2009-1306 at SUSECVE-2009-1306 at NVDCVE-2009-1307 at SUSECVE-2009-1307 at NVDCVE-2009-1308 at SUSECVE-2009-1308 at NVDCVE-2009-1309 at SUSECVE-2009-1309 at NVDCVE-2009-1310 at SUSECVE-2009-1310 at NVDCVE-2009-1311 at SUSECVE-2009-1311 at NVDCVE-2009-1312 at SUSECVE-2009-1312 at NVDCVE-2009-1313 at SUSECVE-2009-1313 at NVDCVE-2009-1563 at SUSECVE-2009-1563 at NVDCVE-2009-1571 at SUSECVE-2009-1571 at NVDCVE-2009-2470 at SUSECVE-2009-2470 at NVDCVE-2009-2654 at SUSECVE-2009-2654 at NVDCVE-2009-3069 at SUSECVE-2009-3069 at NVDCVE-2009-3070 at SUSECVE-2009-3070 at NVDCVE-2009-3071 at SUSECVE-2009-3071 at NVDCVE-2009-3072 at SUSECVE-2009-3072 at NVDCVE-2009-3073 at SUSECVE-2009-3073 at NVDCVE-2009-3074 at SUSECVE-2009-3074 at NVDCVE-2009-3075 at SUSECVE-2009-3075 at NVDCVE-2009-3077 at SUSECVE-2009-3077 at NVDCVE-2009-3078 at SUSECVE-2009-3078 at NVDCVE-2009-3079 at SUSECVE-2009-3079 at NVDCVE-2009-3274 at SUSECVE-2009-3274 at NVDCVE-2009-3370 at SUSECVE-2009-3370 at NVDCVE-2009-3371 at SUSECVE-2009-3371 at NVDCVE-2009-3372 at SUSECVE-2009-3372 at NVDCVE-2009-3373 at SUSECVE-2009-3373 at NVDCVE-2009-3374 at SUSECVE-2009-3374 at NVDCVE-2009-3375 at SUSECVE-2009-3375 at NVDCVE-2009-3376 at SUSECVE-2009-3376 at NVDCVE-2009-3377 at SUSECVE-2009-3377 at NVDCVE-2009-3378 at SUSECVE-2009-3378 at NVDCVE-2009-3379 at SUSECVE-2009-3379 at NVDCVE-2009-3380 at SUSECVE-2009-3380 at NVDCVE-2009-3381 at SUSECVE-2009-3381 at NVDCVE-2009-3383 at SUSECVE-2009-3383 at NVDCVE-2009-3388 at SUSECVE-2009-3388 at NVDCVE-2009-3389 at SUSECVE-2009-3389 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2009-3979 at SUSECVE-2009-3979 at NVDCVE-2009-3980 at SUSECVE-2009-3980 at NVDCVE-2009-3982 at SUSECVE-2009-3982 at NVDCVE-2009-3983 at SUSECVE-2009-3983 at NVDCVE-2009-3984 at SUSECVE-2009-3984 at NVDCVE-2009-3985 at SUSECVE-2009-3985 at NVDCVE-2009-3988 at SUSECVE-2009-3988 at NVDCVE-2010-0159 at SUSECVE-2010-0159 at NVDCVE-2010-0160 at SUSECVE-2010-0160 at NVDCVE-2010-0162 at SUSECVE-2010-0162 at NVDCVE-2010-0173 at SUSECVE-2010-0173 at NVDCVE-2010-0174 at SUSECVE-2010-0174 at NVDCVE-2010-0175 at SUSECVE-2010-0175 at NVDCVE-2010-0176 at SUSECVE-2010-0176 at NVDCVE-2010-0177 at SUSECVE-2010-0177 at NVDCVE-2010-0178 at SUSECVE-2010-0178 at NVDCVE-2010-0179 at SUSECVE-2010-0179 at NVDCVE-2010-0181 at SUSECVE-2010-0181 at NVDCVE-2010-0182 at SUSECVE-2010-0182 at NVDCVE-2010-0183 at SUSECVE-2010-0183 at NVDCVE-2010-0654 at SUSECVE-2010-0654 at NVDCVE-2010-1121 at SUSECVE-2010-1121 at NVDCVE-2010-1125 at SUSECVE-2010-1125 at NVDCVE-2010-1196 at SUSECVE-2010-1196 at NVDCVE-2010-1197 at SUSECVE-2010-1197 at NVDCVE-2010-1198 at SUSECVE-2010-1198 at NVDCVE-2010-1199 at SUSECVE-2010-1199 at NVDCVE-2010-1200 at SUSECVE-2010-1200 at NVDCVE-2010-1201 at SUSECVE-2010-1201 at NVDCVE-2010-1202 at SUSECVE-2010-1202 at NVDCVE-2010-1203 at SUSECVE-2010-1203 at NVDCVE-2010-1205 at SUSECVE-2010-1205 at NVDCVE-2010-1206 at SUSECVE-2010-1206 at NVDCVE-2010-1208 at SUSECVE-2010-1208 at NVDCVE-2010-1209 at SUSECVE-2010-1209 at NVDCVE-2010-1211 at SUSECVE-2010-1211 at NVDCVE-2010-1212 at SUSECVE-2010-1212 at NVDCVE-2010-1213 at SUSECVE-2010-1213 at NVDCVE-2010-1214 at SUSECVE-2010-1214 at NVDCVE-2010-1585 at SUSECVE-2010-1585 at NVDCVE-2010-2751 at SUSECVE-2010-2751 at NVDCVE-2010-2752 at SUSECVE-2010-2752 at NVDCVE-2010-2753 at SUSECVE-2010-2753 at NVDCVE-2010-2754 at SUSECVE-2010-2754 at NVDCVE-2010-2755 at SUSECVE-2010-2755 at NVDCVE-2010-2760 at SUSECVE-2010-2760 at NVDCVE-2010-2762 at SUSECVE-2010-2762 at NVDCVE-2010-2764 at SUSECVE-2010-2764 at NVDCVE-2010-2765 at SUSECVE-2010-2765 at NVDCVE-2010-2766 at SUSECVE-2010-2766 at NVDCVE-2010-2767 at SUSECVE-2010-2767 at NVDCVE-2010-2768 at SUSECVE-2010-2768 at NVDCVE-2010-2769 at SUSECVE-2010-2769 at NVDCVE-2010-3166 at SUSECVE-2010-3166 at NVDCVE-2010-3167 at SUSECVE-2010-3167 at NVDCVE-2010-3168 at SUSECVE-2010-3168 at NVDCVE-2010-3169 at SUSECVE-2010-3169 at NVDCVE-2010-3170 at SUSECVE-2010-3170 at NVDCVE-2010-3173 at SUSECVE-2010-3173 at NVDCVE-2010-3174 at SUSECVE-2010-3174 at NVDCVE-2010-3175 at SUSECVE-2010-3175 at NVDCVE-2010-3176 at SUSECVE-2010-3176 at NVDCVE-2010-3177 at SUSECVE-2010-3177 at NVDCVE-2010-3178 at SUSECVE-2010-3178 at NVDCVE-2010-3179 at SUSECVE-2010-3179 at NVDCVE-2010-3180 at SUSECVE-2010-3180 at NVDCVE-2010-3182 at SUSECVE-2010-3182 at NVDCVE-2010-3183 at SUSECVE-2010-3183 at NVDCVE-2010-3765 at SUSECVE-2010-3765 at NVDCVE-2010-3766 at SUSECVE-2010-3766 at NVDCVE-2010-3767 at SUSECVE-2010-3767 at NVDCVE-2010-3768 at SUSECVE-2010-3768 at NVDCVE-2010-3769 at SUSECVE-2010-3769 at NVDCVE-2010-3770 at SUSECVE-2010-3770 at NVDCVE-2010-3771 at SUSECVE-2010-3771 at NVDCVE-2010-3772 at SUSECVE-2010-3772 at NVDCVE-2010-3773 at SUSECVE-2010-3773 at NVDCVE-2010-3775 at SUSECVE-2010-3775 at NVDCVE-2010-3776 at SUSECVE-2010-3776 at NVDCVE-2010-3777 at SUSECVE-2010-3777 at NVDCVE-2010-3778 at SUSECVE-2010-3778 at NVDCVE-2011-0051 at SUSECVE-2011-0051 at NVDCVE-2011-0053 at SUSECVE-2011-0053 at NVDCVE-2011-0054 at SUSECVE-2011-0054 at NVDCVE-2011-0055 at SUSECVE-2011-0055 at NVDCVE-2011-0056 at SUSECVE-2011-0056 at NVDCVE-2011-0057 at SUSECVE-2011-0057 at NVDCVE-2011-0059 at SUSECVE-2011-0059 at NVDCVE-2011-0061 at SUSECVE-2011-0061 at NVDCVE-2011-0062 at SUSECVE-2011-0062 at NVDCVE-2011-0065 at SUSECVE-2011-0065 at NVDCVE-2011-0066 at SUSECVE-2011-0066 at NVDCVE-2011-0067 at SUSECVE-2011-0067 at NVDCVE-2011-0069 at SUSECVE-2011-0069 at NVDCVE-2011-0070 at SUSECVE-2011-0070 at NVDCVE-2011-0072 at SUSECVE-2011-0072 at NVDCVE-2011-0073 at SUSECVE-2011-0073 at NVDCVE-2011-0074 at SUSECVE-2011-0074 at NVDCVE-2011-0075 at SUSECVE-2011-0075 at NVDCVE-2011-0077 at SUSECVE-2011-0077 at NVDCVE-2011-0078 at SUSECVE-2011-0078 at NVDCVE-2011-0080 at SUSECVE-2011-0080 at NVDCVE-2011-0081 at SUSECVE-2011-0081 at NVDCVE-2011-0083 at SUSECVE-2011-0083 at NVDCVE-2011-0084 at SUSECVE-2011-0084 at NVDCVE-2011-0085 at SUSECVE-2011-0085 at NVDCVE-2011-1202 at SUSECVE-2011-1202 at NVDCVE-2011-2362 at SUSECVE-2011-2362 at NVDCVE-2011-2363 at SUSECVE-2011-2363 at NVDCVE-2011-2364 at SUSECVE-2011-2364 at NVDCVE-2011-2365 at SUSECVE-2011-2365 at NVDCVE-2011-2371 at SUSECVE-2011-2371 at NVDCVE-2011-2372 at SUSECVE-2011-2372 at NVDCVE-2011-2373 at SUSECVE-2011-2373 at NVDCVE-2011-2374 at SUSECVE-2011-2374 at NVDCVE-2011-2376 at SUSECVE-2011-2376 at NVDCVE-2011-2377 at SUSECVE-2011-2377 at NVDCVE-2011-2378 at SUSECVE-2011-2378 at NVDCVE-2011-2980 at SUSECVE-2011-2980 at NVDCVE-2011-2981 at SUSECVE-2011-2981 at NVDCVE-2011-2982 at SUSECVE-2011-2982 at NVDCVE-2011-2983 at SUSECVE-2011-2983 at NVDCVE-2011-2995 at SUSECVE-2011-2995 at NVDCVE-2011-2996 at SUSECVE-2011-2996 at NVDCVE-2011-2997 at SUSECVE-2011-2997 at NVDCVE-2011-3000 at SUSECVE-2011-3000 at NVDCVE-2011-3001 at SUSECVE-2011-3001 at NVDCVE-2011-3002 at SUSECVE-2011-3002 at NVDCVE-2011-3003 at SUSECVE-2011-3003 at NVDCVE-2011-3004 at SUSECVE-2011-3004 at NVDCVE-2011-3005 at SUSECVE-2011-3005 at NVDCVE-2011-3232 at SUSECVE-2011-3232 at NVDCVE-2011-3658 at SUSECVE-2011-3658 at NVDCVE-2011-3660 at SUSECVE-2011-3660 at NVDCVE-2011-3661 at SUSECVE-2011-3661 at NVDCVE-2011-3663 at SUSECVE-2011-3663 at NVDCVE-2011-3665 at SUSECVE-2011-3665 at NVDcpe:/o:suse:suse_sles:11:sp2NetworkManager-0.7.1_git20090811-3.20.5 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the NetworkManager-0.7.1_git20090811-3.20.5 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-0365 at SUSECVE-2009-0365 at NVDCVE-2009-0578 at SUSECVE-2009-0578 at NVDcpe:/o:suse:suse_sles:11:sp2NetworkManager-gnome-0.7.1-5.22.28 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the NetworkManager-gnome-0.7.1-5.22.28 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-0365 at SUSECVE-2009-0365 at NVDCVE-2009-0578 at SUSECVE-2009-0578 at NVDCVE-2009-4144 at SUSECVE-2009-4144 at NVDCVE-2009-4145 at SUSECVE-2009-4145 at NVDcpe:/o:suse:suse_sles:11:sp2OpenEXR-1.6.1-83.17.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the OpenEXR-1.6.1-83.17.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-1720 at SUSECVE-2009-1720 at NVDCVE-2009-1721 at SUSECVE-2009-1721 at NVDcpe:/o:suse:suse_sles:11:sp2PackageKit-0.3.14-2.23.126 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the PackageKit-0.3.14-2.23.126 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-4311 at SUSECVE-2008-4311 at NVDcpe:/o:suse:suse_sles:11:sp2PolicyKit-0.9-14.39.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the PolicyKit-0.9-14.39.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-1658 at SUSECVE-2008-1658 at NVDcpe:/o:suse:suse_sles:11:sp2aaa_base-11-6.65.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the aaa_base-11-6.65.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-0461 at SUSECVE-2011-0461 at NVDcpe:/o:suse:suse_sles:11:sp2acpid-1.0.6-91.16.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the acpid-1.0.6-91.16.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-0798 at SUSECVE-2009-0798 at NVDcpe:/o:suse:suse_sles:11:sp2amavisd-new-2.7.0-18.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the amavisd-new-2.7.0-18.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2005-1349 at SUSECVE-2005-1349 at NVDcpe:/o:suse:suse_sles:11:sp2apache2-2.2.12-1.28.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the apache2-2.2.12-1.28.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-3747 at SUSECVE-2006-3747 at NVDCVE-2006-5752 at SUSECVE-2006-5752 at NVDCVE-2007-1862 at SUSECVE-2007-1862 at NVDCVE-2007-1863 at SUSECVE-2007-1863 at NVDCVE-2007-3304 at SUSECVE-2007-3304 at NVDCVE-2007-3847 at SUSECVE-2007-3847 at NVDCVE-2007-4465 at SUSECVE-2007-4465 at NVDCVE-2007-5000 at SUSECVE-2007-5000 at NVDCVE-2007-6388 at SUSECVE-2007-6388 at NVDCVE-2007-6420 at SUSECVE-2007-6420 at NVDCVE-2007-6421 at SUSECVE-2007-6421 at NVDCVE-2007-6422 at SUSECVE-2007-6422 at NVDCVE-2008-0005 at SUSECVE-2008-0005 at NVDCVE-2008-1678 at SUSECVE-2008-1678 at NVDCVE-2008-2364 at SUSECVE-2008-2364 at NVDCVE-2008-2939 at SUSECVE-2008-2939 at NVDCVE-2009-1191 at SUSECVE-2009-1191 at NVDCVE-2009-1195 at SUSECVE-2009-1195 at NVDCVE-2009-1890 at SUSECVE-2009-1890 at NVDCVE-2009-1891 at SUSECVE-2009-1891 at NVDCVE-2009-3094 at SUSECVE-2009-3094 at NVDCVE-2009-3095 at SUSECVE-2009-3095 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2010-0408 at SUSECVE-2010-0408 at NVDCVE-2010-0434 at SUSECVE-2010-0434 at NVDCVE-2010-1452 at SUSECVE-2010-1452 at NVDCVE-2010-2068 at SUSECVE-2010-2068 at NVDCVE-2011-3192 at SUSECVE-2011-3192 at NVDCVE-2011-3348 at SUSECVE-2011-3348 at NVDCVE-2011-3368 at SUSECVE-2011-3368 at NVDCVE-2011-3607 at SUSECVE-2011-3607 at NVDCVE-2011-3639 at SUSECVE-2011-3639 at NVDCVE-2011-4317 at SUSECVE-2011-4317 at NVDcpe:/o:suse:suse_sles:11:sp2apache2-mod_jk-1.2.26-1.30.110 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the apache2-mod_jk-1.2.26-1.30.110 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-0774 at SUSECVE-2007-0774 at NVDCVE-2008-5519 at SUSECVE-2008-5519 at NVDcpe:/o:suse:suse_sles:11:sp2apache2-mod_perl-2.0.4-40.19 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the apache2-mod_perl-2.0.4-40.19 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-1349 at SUSECVE-2007-1349 at NVDcpe:/o:suse:suse_sles:11:sp2apache2-mod_php5-5.2.14-0.7.24.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the apache2-mod_php5-5.2.14-0.7.24.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-4783 at SUSECVE-2007-4783 at NVDCVE-2007-4840 at SUSECVE-2007-4840 at NVDCVE-2007-4887 at SUSECVE-2007-4887 at NVDCVE-2008-0599 at SUSECVE-2008-0599 at NVDCVE-2008-2829 at SUSECVE-2008-2829 at NVDCVE-2008-5498 at SUSECVE-2008-5498 at NVDCVE-2008-5557 at SUSECVE-2008-5557 at NVDCVE-2008-5624 at SUSECVE-2008-5624 at NVDCVE-2008-5625 at SUSECVE-2008-5625 at NVDCVE-2008-5814 at SUSECVE-2008-5814 at NVDCVE-2009-0754 at SUSECVE-2009-0754 at NVDCVE-2009-1271 at SUSECVE-2009-1271 at NVDCVE-2009-1272 at SUSECVE-2009-1272 at NVDCVE-2009-2626 at SUSECVE-2009-2626 at NVDCVE-2009-2687 at SUSECVE-2009-2687 at NVDCVE-2009-3291 at SUSECVE-2009-3291 at NVDCVE-2009-3292 at SUSECVE-2009-3292 at NVDCVE-2009-3293 at SUSECVE-2009-3293 at NVDCVE-2009-3546 at SUSECVE-2009-3546 at NVDCVE-2009-4017 at SUSECVE-2009-4017 at NVDCVE-2009-4142 at SUSECVE-2009-4142 at NVDCVE-2010-0397 at SUSECVE-2010-0397 at NVDCVE-2010-2225 at SUSECVE-2010-2225 at NVDCVE-2010-3709 at SUSECVE-2010-3709 at NVDCVE-2010-3710 at SUSECVE-2010-3710 at NVDCVE-2010-3870 at SUSECVE-2010-3870 at NVDCVE-2010-4150 at SUSECVE-2010-4150 at NVDCVE-2010-4645 at SUSECVE-2010-4645 at NVDCVE-2010-4697 at SUSECVE-2010-4697 at NVDCVE-2010-4698 at SUSECVE-2010-4698 at NVDCVE-2010-4699 at SUSECVE-2010-4699 at NVDCVE-2011-0421 at SUSECVE-2011-0421 at NVDCVE-2011-0708 at SUSECVE-2011-0708 at NVDCVE-2011-0752 at SUSECVE-2011-0752 at NVDCVE-2011-0753 at SUSECVE-2011-0753 at NVDCVE-2011-0755 at SUSECVE-2011-0755 at NVDCVE-2011-1092 at SUSECVE-2011-1092 at NVDCVE-2011-1148 at SUSECVE-2011-1148 at NVDCVE-2011-1464 at SUSECVE-2011-1464 at NVDCVE-2011-1469 at SUSECVE-2011-1469 at NVDCVE-2011-1470 at SUSECVE-2011-1470 at NVDCVE-2011-1471 at SUSECVE-2011-1471 at NVDCVE-2011-1938 at SUSECVE-2011-1938 at NVDcpe:/o:suse:suse_sles:11:sp2apache2-mod_php53-5.3.8-0.19.6 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the apache2-mod_php53-5.3.8-0.19.6 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-7243 at SUSECVE-2006-7243 at NVDCVE-2007-4783 at SUSECVE-2007-4783 at NVDCVE-2007-4840 at SUSECVE-2007-4840 at NVDCVE-2007-4887 at SUSECVE-2007-4887 at NVDCVE-2008-0599 at SUSECVE-2008-0599 at NVDCVE-2010-2225 at SUSECVE-2010-2225 at NVDCVE-2010-2950 at SUSECVE-2010-2950 at NVDCVE-2010-3436 at SUSECVE-2010-3436 at NVDCVE-2010-3709 at SUSECVE-2010-3709 at NVDCVE-2010-3710 at SUSECVE-2010-3710 at NVDCVE-2010-4150 at SUSECVE-2010-4150 at NVDCVE-2010-4645 at SUSECVE-2010-4645 at NVDCVE-2011-0420 at SUSECVE-2011-0420 at NVDCVE-2011-0421 at SUSECVE-2011-0421 at NVDCVE-2011-0708 at SUSECVE-2011-0708 at NVDCVE-2011-1092 at SUSECVE-2011-1092 at NVDCVE-2011-1153 at SUSECVE-2011-1153 at NVDCVE-2011-1466 at SUSECVE-2011-1466 at NVDCVE-2011-2202 at SUSECVE-2011-2202 at NVDCVE-2011-3379 at SUSECVE-2011-3379 at NVDCVE-2011-4566 at SUSECVE-2011-4566 at NVDCVE-2011-4885 at SUSECVE-2011-4885 at NVDCVE-2012-0781 at SUSECVE-2012-0781 at NVDCVE-2012-0788 at SUSECVE-2012-0788 at NVDCVE-2012-0789 at SUSECVE-2012-0789 at NVDCVE-2012-0830 at SUSECVE-2012-0830 at NVDcpe:/o:suse:suse_sles:11:sp2avahi-0.6.23-11.19.22 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the avahi-0.6.23-11.19.22 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-5461 at SUSECVE-2006-5461 at NVDCVE-2006-6870 at SUSECVE-2006-6870 at NVDCVE-2007-3372 at SUSECVE-2007-3372 at NVDCVE-2008-5081 at SUSECVE-2008-5081 at NVDCVE-2009-0758 at SUSECVE-2009-0758 at NVDcpe:/o:suse:suse_sles:11:sp2bind-9.6ESVR5P1-0.8.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the bind-9.6ESVR5P1-0.8.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-4339 at SUSECVE-2006-4339 at NVDCVE-2007-2925 at SUSECVE-2007-2925 at NVDCVE-2007-2926 at SUSECVE-2007-2926 at NVDCVE-2009-0696 at SUSECVE-2009-0696 at NVDCVE-2009-4022 at SUSECVE-2009-4022 at NVDCVE-2011-1910 at SUSECVE-2011-1910 at NVDCVE-2011-2464 at SUSECVE-2011-2464 at NVDCVE-2011-4313 at SUSECVE-2011-4313 at NVDcpe:/o:suse:suse_sles:11:sp2boost-license-1.36.0-11.17 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the boost-license-1.36.0-11.17 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-0171 at SUSECVE-2008-0171 at NVDcpe:/o:suse:suse_sles:11:sp2bzip2-1.0.5-34.253.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the bzip2-1.0.5-34.253.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-1372 at SUSECVE-2008-1372 at NVDCVE-2010-0405 at SUSECVE-2010-0405 at NVDcpe:/o:suse:suse_sles:11:sp2cifs-utils-5.1-0.4.9 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the cifs-utils-5.1-0.4.9 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-3403 at SUSECVE-2006-3403 at NVDCVE-2007-0452 at SUSECVE-2007-0452 at NVDCVE-2007-2444 at SUSECVE-2007-2444 at NVDCVE-2007-2446 at SUSECVE-2007-2446 at NVDCVE-2007-2447 at SUSECVE-2007-2447 at NVDCVE-2007-4138 at SUSECVE-2007-4138 at NVDCVE-2007-4572 at SUSECVE-2007-4572 at NVDCVE-2007-5398 at SUSECVE-2007-5398 at NVDCVE-2007-6015 at SUSECVE-2007-6015 at NVDCVE-2008-1105 at SUSECVE-2008-1105 at NVDCVE-2008-3789 at SUSECVE-2008-3789 at NVDCVE-2008-4314 at SUSECVE-2008-4314 at NVDCVE-2009-0022 at SUSECVE-2009-0022 at NVDCVE-2009-1886 at SUSECVE-2009-1886 at NVDCVE-2009-1888 at SUSECVE-2009-1888 at NVDCVE-2009-2813 at SUSECVE-2009-2813 at NVDCVE-2009-2906 at SUSECVE-2009-2906 at NVDCVE-2009-2948 at SUSECVE-2009-2948 at NVDCVE-2010-0547 at SUSECVE-2010-0547 at NVDCVE-2010-0728 at SUSECVE-2010-0728 at NVDCVE-2010-0787 at SUSECVE-2010-0787 at NVDCVE-2011-1678 at SUSECVE-2011-1678 at NVDcpe:/o:suse:suse_sles:11:sp2clamav-0.97.3-0.2.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the clamav-0.97.3-0.2.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-4182 at SUSECVE-2006-4182 at NVDCVE-2006-5295 at SUSECVE-2006-5295 at NVDCVE-2006-5874 at SUSECVE-2006-5874 at NVDCVE-2007-0897 at SUSECVE-2007-0897 at NVDCVE-2007-0898 at SUSECVE-2007-0898 at NVDCVE-2007-1745 at SUSECVE-2007-1745 at NVDCVE-2007-1997 at SUSECVE-2007-1997 at NVDCVE-2007-6335 at SUSECVE-2007-6335 at NVDCVE-2007-6336 at SUSECVE-2007-6336 at NVDCVE-2007-6337 at SUSECVE-2007-6337 at NVDCVE-2007-6595 at SUSECVE-2007-6595 at NVDCVE-2007-6596 at SUSECVE-2007-6596 at NVDCVE-2008-0318 at SUSECVE-2008-0318 at NVDCVE-2008-0728 at SUSECVE-2008-0728 at NVDCVE-2008-1100 at SUSECVE-2008-1100 at NVDCVE-2008-2713 at SUSECVE-2008-2713 at NVDCVE-2010-0405 at SUSECVE-2010-0405 at NVDCVE-2011-2721 at SUSECVE-2011-2721 at NVDCVE-2011-3627 at SUSECVE-2011-3627 at NVDcpe:/o:suse:suse_sles:11:sp2coolkey-1.1.0-22.24 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the coolkey-1.1.0-22.24 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-4129 at SUSECVE-2007-4129 at NVDcpe:/o:suse:suse_sles:11:sp2cron-4.1-194.199.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the cron-4.1-194.199.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-2607 at SUSECVE-2006-2607 at NVDCVE-2010-0424 at SUSECVE-2010-0424 at NVDcpe:/o:suse:suse_sles:11:sp2cups-1.3.9-8.44.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the cups-1.3.9-8.44.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-0104 at SUSECVE-2007-0104 at NVDCVE-2007-3387 at SUSECVE-2007-3387 at NVDCVE-2007-4351 at SUSECVE-2007-4351 at NVDCVE-2007-4352 at SUSECVE-2007-4352 at NVDCVE-2007-5392 at SUSECVE-2007-5392 at NVDCVE-2007-5393 at SUSECVE-2007-5393 at NVDCVE-2008-0047 at SUSECVE-2008-0047 at NVDCVE-2008-1373 at SUSECVE-2008-1373 at NVDCVE-2008-1693 at SUSECVE-2008-1693 at NVDCVE-2008-1722 at SUSECVE-2008-1722 at NVDCVE-2008-3641 at SUSECVE-2008-3641 at NVDCVE-2009-0163 at SUSECVE-2009-0163 at NVDCVE-2009-0949 at SUSECVE-2009-0949 at NVDCVE-2009-2820 at SUSECVE-2009-2820 at NVDCVE-2009-3553 at SUSECVE-2009-3553 at NVDCVE-2010-0302 at SUSECVE-2010-0302 at NVDCVE-2010-0393 at SUSECVE-2010-0393 at NVDCVE-2010-0540 at SUSECVE-2010-0540 at NVDCVE-2010-0542 at SUSECVE-2010-0542 at NVDCVE-2010-1748 at SUSECVE-2010-1748 at NVDCVE-2010-2431 at SUSECVE-2010-2431 at NVDCVE-2010-2432 at SUSECVE-2010-2432 at NVDCVE-2010-2941 at SUSECVE-2010-2941 at NVDCVE-2011-2896 at SUSECVE-2011-2896 at NVDCVE-2011-3170 at SUSECVE-2011-3170 at NVDcpe:/o:suse:suse_sles:11:sp2curl-7.19.7-1.18.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the curl-7.19.7-1.18.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-0037 at SUSECVE-2009-0037 at NVDCVE-2009-2417 at SUSECVE-2009-2417 at NVDCVE-2010-4180 at SUSECVE-2010-4180 at NVDCVE-2011-2192 at SUSECVE-2011-2192 at NVDCVE-2011-3389 at SUSECVE-2011-3389 at NVDcpe:/o:suse:suse_sles:11:sp2cyrus-imapd-2.3.11-60.65.64.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the cyrus-imapd-2.3.11-60.65.64.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-3235 at SUSECVE-2009-3235 at NVDCVE-2011-3372 at SUSECVE-2011-3372 at NVDcpe:/o:suse:suse_sles:11:sp2dbus-1-1.2.10-3.23.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the dbus-1-1.2.10-3.23.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-6107 at SUSECVE-2006-6107 at NVDCVE-2008-0595 at SUSECVE-2008-0595 at NVDCVE-2008-3834 at SUSECVE-2008-3834 at NVDCVE-2008-4311 at SUSECVE-2008-4311 at NVDCVE-2009-1189 at SUSECVE-2009-1189 at NVDCVE-2010-4352 at SUSECVE-2010-4352 at NVDcpe:/o:suse:suse_sles:11:sp2dbus-1-glib-0.76-34.22.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the dbus-1-glib-0.76-34.22.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2010-1172 at SUSECVE-2010-1172 at NVDcpe:/o:suse:suse_sles:11:sp2dhcp-4.2.3.P2-0.7.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the dhcp-4.2.3.P2-0.7.2 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-0692 at SUSECVE-2009-0692 at NVDCVE-2009-1892 at SUSECVE-2009-1892 at NVDCVE-2011-0997 at SUSECVE-2011-0997 at NVDCVE-2011-2748 at SUSECVE-2011-2748 at NVDCVE-2011-2749 at SUSECVE-2011-2749 at NVDCVE-2011-4539 at SUSECVE-2011-4539 at NVDCVE-2011-4868 at SUSECVE-2011-4868 at NVDcpe:/o:suse:suse_sles:11:sp2dhcpcd-3.2.3-44.28.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the dhcpcd-3.2.3-44.28.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-0997 at SUSECVE-2011-0997 at NVDcpe:/o:suse:suse_sles:11:sp2e2fsprogs-1.41.9-2.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the e2fsprogs-1.41.9-2.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-5497 at SUSECVE-2007-5497 at NVDcpe:/o:suse:suse_sles:11:sp2ecryptfs-utils-32bit-61-1.29.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the ecryptfs-utils-32bit-61-1.29.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-1831 at SUSECVE-2011-1831 at NVDCVE-2011-1832 at SUSECVE-2011-1832 at NVDCVE-2011-1833 at SUSECVE-2011-1833 at NVDCVE-2011-1834 at SUSECVE-2011-1834 at NVDcpe:/o:suse:suse_sles:11:sp2ed-0.2-1001.30.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the ed-0.2-1001.30.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-3916 at SUSECVE-2008-3916 at NVDcpe:/o:suse:suse_sles:11:sp2emacs-22.3-4.36.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the emacs-22.3-4.36.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-5795 at SUSECVE-2007-5795 at NVDcpe:/o:suse:suse_sles:11:sp2enscript-1.6.4-152.22.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the enscript-1.6.4-152.22.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-3863 at SUSECVE-2008-3863 at NVDCVE-2008-4306 at SUSECVE-2008-4306 at NVDcpe:/o:suse:suse_sles:11:sp2evince-2.28.2-0.7.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the evince-2.28.2-0.7.2 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-5864 at SUSECVE-2006-5864 at NVDCVE-2010-2640 at SUSECVE-2010-2640 at NVDCVE-2010-2641 at SUSECVE-2010-2641 at NVDCVE-2010-2642 at SUSECVE-2010-2642 at NVDCVE-2010-2643 at SUSECVE-2010-2643 at NVDcpe:/o:suse:suse_sles:11:sp2evolution-data-server-2.28.2-0.26.33.14 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the evolution-data-server-2.28.2-0.26.33.14 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-3257 at SUSECVE-2007-3257 at NVDcpe:/o:suse:suse_sles:11:sp2expat-2.0.1-88.26.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the expat-2.0.1-88.26.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-2625 at SUSECVE-2009-2625 at NVDCVE-2009-3560 at SUSECVE-2009-3560 at NVDcpe:/o:suse:suse_sles:11:sp2fetchmail-6.3.8.90-13.20.19.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the fetchmail-6.3.8.90-13.20.19.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-5867 at SUSECVE-2006-5867 at NVDCVE-2006-5974 at SUSECVE-2006-5974 at NVDCVE-2007-1558 at SUSECVE-2007-1558 at NVDCVE-2007-4565 at SUSECVE-2007-4565 at NVDCVE-2009-2666 at SUSECVE-2009-2666 at NVDCVE-2011-1947 at SUSECVE-2011-1947 at NVDcpe:/o:suse:suse_sles:11:sp2file-32bit-4.24-43.19.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the file-32bit-4.24-43.19.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-1536 at SUSECVE-2007-1536 at NVDCVE-2007-2799 at SUSECVE-2007-2799 at NVDcpe:/o:suse:suse_sles:11:sp2findutils-4.4.0-38.26.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the findutils-4.4.0-38.26.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-2452 at SUSECVE-2007-2452 at NVDcpe:/o:suse:suse_sles:11:sp2foomatic-filters-3.0.2-269.35.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the foomatic-filters-3.0.2-269.35.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-2697 at SUSECVE-2011-2697 at NVDcpe:/o:suse:suse_sles:11:sp2freeradius-server-2.1.1-7.10.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the freeradius-server-2.1.1-7.10.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-4474 at SUSECVE-2008-4474 at NVDcpe:/o:suse:suse_sles:11:sp2freetype2-2.3.7-25.28.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the freetype2-2.3.7-25.28.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-1351 at SUSECVE-2007-1351 at NVDCVE-2009-0946 at SUSECVE-2009-0946 at NVDCVE-2010-2497 at SUSECVE-2010-2497 at NVDCVE-2010-2805 at SUSECVE-2010-2805 at NVDCVE-2010-3053 at SUSECVE-2010-3053 at NVDCVE-2010-3054 at SUSECVE-2010-3054 at NVDCVE-2010-3311 at SUSECVE-2010-3311 at NVDCVE-2010-3814 at SUSECVE-2010-3814 at NVDCVE-2010-3855 at SUSECVE-2010-3855 at NVDCVE-2011-0226 at SUSECVE-2011-0226 at NVDCVE-2011-2895 at SUSECVE-2011-2895 at NVDCVE-2011-3256 at SUSECVE-2011-3256 at NVDCVE-2011-3439 at SUSECVE-2011-3439 at NVDcpe:/o:suse:suse_sles:11:sp2ft2demos-2.3.7-25.9 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the ft2demos-2.3.7-25.9 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-1351 at SUSECVE-2007-1351 at NVDcpe:/o:suse:suse_sles:11:sp2fuse-2.7.2-61.23.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the fuse-2.7.2-61.23.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-3297 at SUSECVE-2009-3297 at NVDCVE-2011-0541 at SUSECVE-2011-0541 at NVDcpe:/o:suse:suse_sles:11:sp2fvwm2-2.5.26-1.25 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the fvwm2-2.5.26-1.25 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-5969 at SUSECVE-2006-5969 at NVDcpe:/o:suse:suse_sles:11:sp2g3utils-1.1.36-26.31 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the g3utils-1.1.36-26.31 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-4936 at SUSECVE-2008-4936 at NVDcpe:/o:suse:suse_sles:11:sp2gd-2.0.36.RC1-52.18 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the gd-2.0.36.RC1-52.18 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-2756 at SUSECVE-2007-2756 at NVDcpe:/o:suse:suse_sles:11:sp2ghostscript-fonts-other-8.62-32.28.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the ghostscript-fonts-other-8.62-32.28.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-0196 at SUSECVE-2009-0196 at NVDCVE-2009-0583 at SUSECVE-2009-0583 at NVDCVE-2009-0584 at SUSECVE-2009-0584 at NVDCVE-2009-0792 at SUSECVE-2009-0792 at NVDCVE-2010-1869 at SUSECVE-2010-1869 at NVDcpe:/o:suse:suse_sles:11:sp2glib2-2.22.5-0.2.23 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the glib2-2.22.5-0.2.23 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-2371 at SUSECVE-2008-2371 at NVDCVE-2008-4316 at SUSECVE-2008-4316 at NVDcpe:/o:suse:suse_sles:11:sp2glibc-2.11.3-17.31.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the glibc-2.11.3-17.31.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-5029 at SUSECVE-2009-5029 at NVDCVE-2011-2483 at SUSECVE-2011-2483 at NVDcpe:/o:suse:suse_sles:11:sp2gmime-2.2.23-1.50.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the gmime-2.2.23-1.50.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2010-0409 at SUSECVE-2010-0409 at NVDcpe:/o:suse:suse_sles:11:sp2gnome-screensaver-2.28.3-0.28.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the gnome-screensaver-2.28.3-0.28.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-0887 at SUSECVE-2008-0887 at NVDCVE-2010-0414 at SUSECVE-2010-0414 at NVDCVE-2010-0422 at SUSECVE-2010-0422 at NVDcpe:/o:suse:suse_sles:11:sp2gnutls-2.4.1-24.39.33.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the gnutls-2.4.1-24.39.33.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-4790 at SUSECVE-2006-4790 at NVDCVE-2008-1948 at SUSECVE-2008-1948 at NVDCVE-2008-1949 at SUSECVE-2008-1949 at NVDCVE-2008-1950 at SUSECVE-2008-1950 at NVDCVE-2008-4989 at SUSECVE-2008-4989 at NVDCVE-2009-2730 at SUSECVE-2009-2730 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2011-4128 at SUSECVE-2011-4128 at NVDcpe:/o:suse:suse_sles:11:sp2gpg2-2.0.9-25.33.27.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the gpg2-2.0.9-25.33.27.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-3746 at SUSECVE-2006-3746 at NVDCVE-2006-6169 at SUSECVE-2006-6169 at NVDCVE-2008-1530 at SUSECVE-2008-1530 at NVDCVE-2010-2547 at SUSECVE-2010-2547 at NVDcpe:/o:suse:suse_sles:11:sp2gstreamer-0_10-plugins-base-0.10.35-5.15.8 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the gstreamer-0_10-plugins-base-0.10.35-5.15.8 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-0586 at SUSECVE-2009-0586 at NVDcpe:/o:suse:suse_sles:11:sp2gstreamer-0_10-plugins-good-0.10.30-5.8.11 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the gstreamer-0_10-plugins-good-0.10.30-5.8.11 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-1686 at SUSECVE-2008-1686 at NVDCVE-2009-0386 at SUSECVE-2009-0386 at NVDCVE-2009-0387 at SUSECVE-2009-0387 at NVDCVE-2009-0397 at SUSECVE-2009-0397 at NVDCVE-2009-1932 at SUSECVE-2009-1932 at NVDcpe:/o:suse:suse_sles:11:sp2gtk2-2.18.9-0.21.4 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the gtk2-2.18.9-0.21.4 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-0010 at SUSECVE-2007-0010 at NVDcpe:/o:suse:suse_sles:11:sp2gvim-7.2-8.15.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the gvim-7.2-8.15.2 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-2438 at SUSECVE-2007-2438 at NVDCVE-2007-2953 at SUSECVE-2007-2953 at NVDcpe:/o:suse:suse_sles:11:sp2gzip-1.3.12-69.19.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the gzip-1.3.12-69.19.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-2624 at SUSECVE-2009-2624 at NVDCVE-2010-0001 at SUSECVE-2010-0001 at NVDcpe:/o:suse:suse_sles:11:sp2hplip-3.11.10-0.6.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the hplip-3.11.10-0.6.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2004-0801 at SUSECVE-2004-0801 at NVDCVE-2007-5208 at SUSECVE-2007-5208 at NVDCVE-2010-4267 at SUSECVE-2010-4267 at NVDCVE-2011-2697 at SUSECVE-2011-2697 at NVDCVE-2011-2722 at SUSECVE-2011-2722 at NVDcpe:/o:suse:suse_sles:11:sp2ipsec-tools-0.7.3-1.1.93 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the ipsec-tools-0.7.3-1.1.93 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-1841 at SUSECVE-2007-1841 at NVDCVE-2008-3652 at SUSECVE-2008-3652 at NVDcpe:/o:suse:suse_sles:11:sp2java-1_4_2-ibm-1.4.2_sr13.10-0.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the java-1_4_2-ibm-1.4.2_sr13.10-0.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-2788 at SUSECVE-2007-2788 at NVDCVE-2007-2789 at SUSECVE-2007-2789 at NVDCVE-2007-3004 at SUSECVE-2007-3004 at NVDCVE-2007-3005 at SUSECVE-2007-3005 at NVDCVE-2007-3655 at SUSECVE-2007-3655 at NVDCVE-2007-3698 at SUSECVE-2007-3698 at NVDCVE-2007-3922 at SUSECVE-2007-3922 at NVDCVE-2007-4381 at SUSECVE-2007-4381 at NVDCVE-2007-5232 at SUSECVE-2007-5232 at NVDCVE-2007-5236 at SUSECVE-2007-5236 at NVDCVE-2007-5238 at SUSECVE-2007-5238 at NVDCVE-2007-5239 at SUSECVE-2007-5239 at NVDCVE-2007-5240 at SUSECVE-2007-5240 at NVDCVE-2007-5273 at SUSECVE-2007-5273 at NVDCVE-2007-5274 at SUSECVE-2007-5274 at NVDCVE-2008-1187 at SUSECVE-2008-1187 at NVDCVE-2008-1189 at SUSECVE-2008-1189 at NVDCVE-2008-1190 at SUSECVE-2008-1190 at NVDCVE-2008-1192 at SUSECVE-2008-1192 at NVDCVE-2008-1195 at SUSECVE-2008-1195 at NVDCVE-2008-1196 at SUSECVE-2008-1196 at NVDCVE-2008-3104 at SUSECVE-2008-3104 at NVDCVE-2008-3112 at SUSECVE-2008-3112 at NVDCVE-2008-3113 at SUSECVE-2008-3113 at NVDCVE-2008-3114 at SUSECVE-2008-3114 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2010-0084 at SUSECVE-2010-0084 at NVDCVE-2010-0085 at SUSECVE-2010-0085 at NVDCVE-2010-0087 at SUSECVE-2010-0087 at NVDCVE-2010-0088 at SUSECVE-2010-0088 at NVDCVE-2010-0089 at SUSECVE-2010-0089 at NVDCVE-2010-0091 at SUSECVE-2010-0091 at NVDCVE-2010-0095 at SUSECVE-2010-0095 at NVDCVE-2010-0839 at SUSECVE-2010-0839 at NVDCVE-2010-0840 at SUSECVE-2010-0840 at NVDCVE-2010-0841 at SUSECVE-2010-0841 at NVDCVE-2010-0842 at SUSECVE-2010-0842 at NVDCVE-2010-0843 at SUSECVE-2010-0843 at NVDCVE-2010-0844 at SUSECVE-2010-0844 at NVDCVE-2010-0846 at SUSECVE-2010-0846 at NVDCVE-2010-0847 at SUSECVE-2010-0847 at NVDCVE-2010-0848 at SUSECVE-2010-0848 at NVDCVE-2010-0849 at SUSECVE-2010-0849 at NVDCVE-2010-1321 at SUSECVE-2010-1321 at NVDCVE-2010-3541 at SUSECVE-2010-3541 at NVDCVE-2010-3548 at SUSECVE-2010-3548 at NVDCVE-2010-3549 at SUSECVE-2010-3549 at NVDCVE-2010-3551 at SUSECVE-2010-3551 at NVDCVE-2010-3553 at SUSECVE-2010-3553 at NVDCVE-2010-3556 at SUSECVE-2010-3556 at NVDCVE-2010-3557 at SUSECVE-2010-3557 at NVDCVE-2010-3562 at SUSECVE-2010-3562 at NVDCVE-2010-3565 at SUSECVE-2010-3565 at NVDCVE-2010-3568 at SUSECVE-2010-3568 at NVDCVE-2010-3569 at SUSECVE-2010-3569 at NVDCVE-2010-3571 at SUSECVE-2010-3571 at NVDCVE-2010-3572 at SUSECVE-2010-3572 at NVDCVE-2010-3574 at SUSECVE-2010-3574 at NVDCVE-2010-4476 at SUSECVE-2010-4476 at NVDcpe:/o:suse:suse_sles:11:sp2java-1_6_0-ibm-1.6.0_sr9.3-0.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the java-1_6_0-ibm-1.6.0_sr9.3-0.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-1187 at SUSECVE-2008-1187 at NVDCVE-2008-1188 at SUSECVE-2008-1188 at NVDCVE-2008-1189 at SUSECVE-2008-1189 at NVDCVE-2008-1190 at SUSECVE-2008-1190 at NVDCVE-2008-1191 at SUSECVE-2008-1191 at NVDCVE-2008-1192 at SUSECVE-2008-1192 at NVDCVE-2008-1193 at SUSECVE-2008-1193 at NVDCVE-2008-1194 at SUSECVE-2008-1194 at NVDCVE-2008-1195 at SUSECVE-2008-1195 at NVDCVE-2008-1196 at SUSECVE-2008-1196 at NVDCVE-2008-5351 at SUSECVE-2008-5351 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2010-0771 at SUSECVE-2010-0771 at NVDCVE-2010-1321 at SUSECVE-2010-1321 at NVDCVE-2010-3541 at SUSECVE-2010-3541 at NVDCVE-2010-3548 at SUSECVE-2010-3548 at NVDCVE-2010-3549 at SUSECVE-2010-3549 at NVDCVE-2010-3550 at SUSECVE-2010-3550 at NVDCVE-2010-3551 at SUSECVE-2010-3551 at NVDCVE-2010-3553 at SUSECVE-2010-3553 at NVDCVE-2010-3555 at SUSECVE-2010-3555 at NVDCVE-2010-3556 at SUSECVE-2010-3556 at NVDCVE-2010-3557 at SUSECVE-2010-3557 at NVDCVE-2010-3558 at SUSECVE-2010-3558 at NVDCVE-2010-3559 at SUSECVE-2010-3559 at NVDCVE-2010-3560 at SUSECVE-2010-3560 at NVDCVE-2010-3562 at SUSECVE-2010-3562 at NVDCVE-2010-3563 at SUSECVE-2010-3563 at NVDCVE-2010-3565 at SUSECVE-2010-3565 at NVDCVE-2010-3566 at SUSECVE-2010-3566 at NVDCVE-2010-3567 at SUSECVE-2010-3567 at NVDCVE-2010-3568 at SUSECVE-2010-3568 at NVDCVE-2010-3569 at SUSECVE-2010-3569 at NVDCVE-2010-3571 at SUSECVE-2010-3571 at NVDCVE-2010-3572 at SUSECVE-2010-3572 at NVDCVE-2010-3573 at SUSECVE-2010-3573 at NVDCVE-2010-3574 at SUSECVE-2010-3574 at NVDCVE-2010-4476 at SUSECVE-2010-4476 at NVDcpe:/o:suse:suse_sles:11:sp2kbd-1.14.1-16.31.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the kbd-1.14.1-16.31.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-0460 at SUSECVE-2011-0460 at NVDcpe:/o:suse:suse_sles:11:sp2kde4-kgreeter-plugins-4.3.5-0.10.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the kde4-kgreeter-plugins-4.3.5-0.10.2 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2010-0436 at SUSECVE-2010-0436 at NVDcpe:/o:suse:suse_sles:11:sp2kdebase3-runtime-3.5.10-20.31 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the kdebase3-runtime-3.5.10-20.31 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-4569 at SUSECVE-2007-4569 at NVDcpe:/o:suse:suse_sles:11:sp2kdelibs3-3.5.10-23.27.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the kdelibs3-3.5.10-23.27.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-3820 at SUSECVE-2007-3820 at NVDCVE-2007-4224 at SUSECVE-2007-4224 at NVDCVE-2007-4225 at SUSECVE-2007-4225 at NVDCVE-2008-1671 at SUSECVE-2008-1671 at NVDCVE-2009-0689 at SUSECVE-2009-0689 at NVDcpe:/o:suse:suse_sles:11:sp2kdelibs4-4.3.5-0.6.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the kdelibs4-4.3.5-0.6.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-0689 at SUSECVE-2009-0689 at NVDCVE-2011-1168 at SUSECVE-2011-1168 at NVDcpe:/o:suse:suse_sles:11:sp2kdenetwork4-filesharing-4.3.5-0.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the kdenetwork4-filesharing-4.3.5-0.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2010-1000 at SUSECVE-2010-1000 at NVDcpe:/o:suse:suse_sles:11:sp2kernel-default-3.0.13-0.27.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the kernel-default-3.0.13-0.27.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-0007 at SUSECVE-2008-0007 at NVDCVE-2008-0009 at SUSECVE-2008-0009 at NVDCVE-2008-0010 at SUSECVE-2008-0010 at NVDCVE-2008-1375 at SUSECVE-2008-1375 at NVDCVE-2008-1669 at SUSECVE-2008-1669 at NVDCVE-2008-1673 at SUSECVE-2008-1673 at NVDCVE-2008-1675 at SUSECVE-2008-1675 at NVDCVE-2008-3528 at SUSECVE-2008-3528 at NVDCVE-2008-3831 at SUSECVE-2008-3831 at NVDCVE-2008-5079 at SUSECVE-2008-5079 at NVDCVE-2008-5182 at SUSECVE-2008-5182 at NVDCVE-2008-5300 at SUSECVE-2008-5300 at NVDCVE-2009-0029 at SUSECVE-2009-0029 at NVDCVE-2009-3939 at SUSECVE-2009-3939 at NVDCVE-2009-4026 at SUSECVE-2009-4026 at NVDCVE-2009-4027 at SUSECVE-2009-4027 at NVDCVE-2009-4131 at SUSECVE-2009-4131 at NVDCVE-2009-4138 at SUSECVE-2009-4138 at NVDCVE-2009-4536 at SUSECVE-2009-4536 at NVDCVE-2009-4537 at SUSECVE-2009-4537 at NVDCVE-2009-4538 at SUSECVE-2009-4538 at NVDCVE-2010-0415 at SUSECVE-2010-0415 at NVDCVE-2010-0622 at SUSECVE-2010-0622 at NVDCVE-2010-0623 at SUSECVE-2010-0623 at NVDCVE-2010-1146 at SUSECVE-2010-1146 at NVDCVE-2010-1173 at SUSECVE-2010-1173 at NVDCVE-2010-1437 at SUSECVE-2010-1437 at NVDCVE-2010-1641 at SUSECVE-2010-1641 at NVDCVE-2010-2066 at SUSECVE-2010-2066 at NVDCVE-2010-2798 at SUSECVE-2010-2798 at NVDCVE-2010-2803 at SUSECVE-2010-2803 at NVDCVE-2010-2942 at SUSECVE-2010-2942 at NVDCVE-2010-2943 at SUSECVE-2010-2943 at NVDCVE-2010-2946 at SUSECVE-2010-2946 at NVDCVE-2010-2954 at SUSECVE-2010-2954 at NVDCVE-2010-2955 at SUSECVE-2010-2955 at NVDCVE-2010-2959 at SUSECVE-2010-2959 at NVDCVE-2010-2960 at SUSECVE-2010-2960 at NVDCVE-2010-2962 at SUSECVE-2010-2962 at NVDCVE-2010-2963 at SUSECVE-2010-2963 at NVDCVE-2010-3015 at SUSECVE-2010-3015 at NVDCVE-2010-3078 at SUSECVE-2010-3078 at NVDCVE-2010-3079 at SUSECVE-2010-3079 at NVDCVE-2010-3080 at SUSECVE-2010-3080 at NVDCVE-2010-3081 at SUSECVE-2010-3081 at NVDCVE-2010-3084 at SUSECVE-2010-3084 at NVDCVE-2010-3296 at SUSECVE-2010-3296 at NVDCVE-2010-3297 at SUSECVE-2010-3297 at NVDCVE-2010-3298 at SUSECVE-2010-3298 at NVDCVE-2010-3301 at SUSECVE-2010-3301 at NVDCVE-2010-3310 at SUSECVE-2010-3310 at NVDCVE-2010-3437 at SUSECVE-2010-3437 at NVDCVE-2010-3699 at SUSECVE-2010-3699 at NVDCVE-2010-3705 at SUSECVE-2010-3705 at NVDCVE-2010-3861 at SUSECVE-2010-3861 at NVDCVE-2010-3873 at SUSECVE-2010-3873 at NVDCVE-2010-3874 at SUSECVE-2010-3874 at NVDCVE-2010-3875 at SUSECVE-2010-3875 at NVDCVE-2010-3876 at SUSECVE-2010-3876 at NVDCVE-2010-3877 at SUSECVE-2010-3877 at NVDCVE-2010-3880 at SUSECVE-2010-3880 at NVDCVE-2010-3881 at SUSECVE-2010-3881 at NVDCVE-2010-4072 at SUSECVE-2010-4072 at NVDCVE-2010-4073 at SUSECVE-2010-4073 at NVDCVE-2010-4075 at SUSECVE-2010-4075 at NVDCVE-2010-4076 at SUSECVE-2010-4076 at NVDCVE-2010-4077 at SUSECVE-2010-4077 at NVDCVE-2010-4082 at SUSECVE-2010-4082 at NVDCVE-2010-4083 at SUSECVE-2010-4083 at NVDCVE-2010-4157 at SUSECVE-2010-4157 at NVDCVE-2010-4158 at SUSECVE-2010-4158 at NVDCVE-2010-4160 at SUSECVE-2010-4160 at NVDCVE-2010-4162 at SUSECVE-2010-4162 at NVDCVE-2010-4163 at SUSECVE-2010-4163 at NVDCVE-2010-4164 at SUSECVE-2010-4164 at NVDCVE-2010-4165 at SUSECVE-2010-4165 at NVDCVE-2010-4169 at SUSECVE-2010-4169 at NVDCVE-2010-4175 at SUSECVE-2010-4175 at NVDCVE-2010-4243 at SUSECVE-2010-4243 at NVDCVE-2010-4251 at SUSECVE-2010-4251 at NVDCVE-2010-4258 at SUSECVE-2010-4258 at NVDCVE-2010-4342 at SUSECVE-2010-4342 at NVDCVE-2010-4529 at SUSECVE-2010-4529 at NVDCVE-2010-4656 at SUSECVE-2010-4656 at NVDCVE-2010-4668 at SUSECVE-2010-4668 at NVDCVE-2011-0521 at SUSECVE-2011-0521 at NVDCVE-2011-0710 at SUSECVE-2011-0710 at NVDCVE-2011-0711 at SUSECVE-2011-0711 at NVDCVE-2011-0712 at SUSECVE-2011-0712 at NVDCVE-2011-1016 at SUSECVE-2011-1016 at NVDCVE-2011-1017 at SUSECVE-2011-1017 at NVDCVE-2011-1020 at SUSECVE-2011-1020 at NVDCVE-2011-1160 at SUSECVE-2011-1160 at NVDCVE-2011-1180 at SUSECVE-2011-1180 at NVDCVE-2011-1182 at SUSECVE-2011-1182 at NVDCVE-2011-1478 at SUSECVE-2011-1478 at NVDCVE-2011-1573 at SUSECVE-2011-1573 at NVDCVE-2011-1577 at SUSECVE-2011-1577 at NVDCVE-2011-1593 at SUSECVE-2011-1593 at NVDCVE-2011-2182 at SUSECVE-2011-2182 at NVDCVE-2011-2183 at SUSECVE-2011-2183 at NVDCVE-2011-2203 at SUSECVE-2011-2203 at NVDCVE-2011-2479 at SUSECVE-2011-2479 at NVDCVE-2011-2491 at SUSECVE-2011-2491 at NVDCVE-2011-2495 at SUSECVE-2011-2495 at NVDCVE-2011-2496 at SUSECVE-2011-2496 at NVDCVE-2011-3191 at SUSECVE-2011-3191 at NVDCVE-2011-4097 at SUSECVE-2011-4097 at NVDCVE-2011-4127 at SUSECVE-2011-4127 at NVDCVE-2011-4131 at SUSECVE-2011-4131 at NVDCVE-2011-4604 at SUSECVE-2011-4604 at NVDCVE-2011-4622 at SUSECVE-2011-4622 at NVDCVE-2012-0038 at SUSECVE-2012-0038 at NVDCVE-2012-0045 at SUSECVE-2012-0045 at NVDCVE-2012-0056 at SUSECVE-2012-0056 at NVDCVE-2012-0207 at SUSECVE-2012-0207 at NVDcpe:/o:suse:suse_sles:11:sp2krb5-1.6.3-133.48.48.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the krb5-1.6.3-133.48.48.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-6143 at SUSECVE-2006-6143 at NVDCVE-2006-6144 at SUSECVE-2006-6144 at NVDCVE-2007-0956 at SUSECVE-2007-0956 at NVDCVE-2007-0957 at SUSECVE-2007-0957 at NVDCVE-2007-1216 at SUSECVE-2007-1216 at NVDCVE-2007-2442 at SUSECVE-2007-2442 at NVDCVE-2007-2443 at SUSECVE-2007-2443 at NVDCVE-2007-2798 at SUSECVE-2007-2798 at NVDCVE-2007-3999 at SUSECVE-2007-3999 at NVDCVE-2007-4000 at SUSECVE-2007-4000 at NVDCVE-2007-4743 at SUSECVE-2007-4743 at NVDCVE-2007-5894 at SUSECVE-2007-5894 at NVDCVE-2007-5902 at SUSECVE-2007-5902 at NVDCVE-2007-5971 at SUSECVE-2007-5971 at NVDCVE-2007-5972 at SUSECVE-2007-5972 at NVDCVE-2008-0062 at SUSECVE-2008-0062 at NVDCVE-2008-0063 at SUSECVE-2008-0063 at NVDCVE-2008-0947 at SUSECVE-2008-0947 at NVDCVE-2008-0948 at SUSECVE-2008-0948 at NVDCVE-2009-0844 at SUSECVE-2009-0844 at NVDCVE-2009-0845 at SUSECVE-2009-0845 at NVDCVE-2009-0846 at SUSECVE-2009-0846 at NVDCVE-2009-0847 at SUSECVE-2009-0847 at NVDCVE-2009-4212 at SUSECVE-2009-4212 at NVDCVE-2010-0629 at SUSECVE-2010-0629 at NVDCVE-2010-1321 at SUSECVE-2010-1321 at NVDCVE-2010-1323 at SUSECVE-2010-1323 at NVDCVE-2011-0281 at SUSECVE-2011-0281 at NVDCVE-2011-0282 at SUSECVE-2011-0282 at NVDCVE-2011-1526 at SUSECVE-2011-1526 at NVDCVE-2011-4862 at SUSECVE-2011-4862 at NVDcpe:/o:suse:suse_sles:11:sp2krb5-doc-1.6.3-133.21 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the krb5-doc-1.6.3-133.21 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-3999 at SUSECVE-2007-3999 at NVDCVE-2007-4000 at SUSECVE-2007-4000 at NVDCVE-2007-4743 at SUSECVE-2007-4743 at NVDcpe:/o:suse:suse_sles:11:sp2krb5-plugin-kdb-ldap-1.6.3-133.12 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the krb5-plugin-kdb-ldap-1.6.3-133.12 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-0956 at SUSECVE-2007-0956 at NVDCVE-2007-0957 at SUSECVE-2007-0957 at NVDCVE-2007-1216 at SUSECVE-2007-1216 at NVDCVE-2007-2442 at SUSECVE-2007-2442 at NVDCVE-2007-2443 at SUSECVE-2007-2443 at NVDCVE-2007-2798 at SUSECVE-2007-2798 at NVDCVE-2007-3999 at SUSECVE-2007-3999 at NVDCVE-2007-4000 at SUSECVE-2007-4000 at NVDCVE-2007-4743 at SUSECVE-2007-4743 at NVDcpe:/o:suse:suse_sles:11:sp2kvm-0.15.1-0.17.3 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the kvm-0.15.1-0.17.3 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-2382 at SUSECVE-2008-2382 at NVDCVE-2008-5714 at SUSECVE-2008-5714 at NVDcpe:/o:suse:suse_sles:11:sp2lcms-1.17-77.14.19 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the lcms-1.17-77.14.19 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-0581 at SUSECVE-2009-0581 at NVDCVE-2009-0723 at SUSECVE-2009-0723 at NVDCVE-2009-0733 at SUSECVE-2009-0733 at NVDCVE-2009-0793 at SUSECVE-2009-0793 at NVDcpe:/o:suse:suse_sles:11:sp2ldapsmb-1.34b-12.18.3 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the ldapsmb-1.34b-12.18.3 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-3403 at SUSECVE-2006-3403 at NVDCVE-2007-0452 at SUSECVE-2007-0452 at NVDCVE-2007-2444 at SUSECVE-2007-2444 at NVDCVE-2007-2446 at SUSECVE-2007-2446 at NVDCVE-2007-2447 at SUSECVE-2007-2447 at NVDCVE-2007-4138 at SUSECVE-2007-4138 at NVDCVE-2007-4572 at SUSECVE-2007-4572 at NVDCVE-2007-5398 at SUSECVE-2007-5398 at NVDCVE-2007-6015 at SUSECVE-2007-6015 at NVDCVE-2008-1105 at SUSECVE-2008-1105 at NVDCVE-2008-3789 at SUSECVE-2008-3789 at NVDCVE-2008-4314 at SUSECVE-2008-4314 at NVDCVE-2009-0022 at SUSECVE-2009-0022 at NVDCVE-2009-1886 at SUSECVE-2009-1886 at NVDCVE-2009-1888 at SUSECVE-2009-1888 at NVDCVE-2009-2813 at SUSECVE-2009-2813 at NVDCVE-2009-2906 at SUSECVE-2009-2906 at NVDCVE-2009-2948 at SUSECVE-2009-2948 at NVDCVE-2010-0547 at SUSECVE-2010-0547 at NVDCVE-2010-0728 at SUSECVE-2010-0728 at NVDCVE-2010-0787 at SUSECVE-2010-0787 at NVDCVE-2010-0926 at SUSECVE-2010-0926 at NVDCVE-2010-1635 at SUSECVE-2010-1635 at NVDCVE-2010-1642 at SUSECVE-2010-1642 at NVDCVE-2010-2063 at SUSECVE-2010-2063 at NVDCVE-2010-3069 at SUSECVE-2010-3069 at NVDCVE-2011-0719 at SUSECVE-2011-0719 at NVDCVE-2011-2522 at SUSECVE-2011-2522 at NVDCVE-2011-2694 at SUSECVE-2011-2694 at NVDCVE-2012-0817 at SUSECVE-2012-0817 at NVDcpe:/o:suse:suse_sles:11:sp2libMagickCore1-32bit-6.4.3.6-7.22.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libMagickCore1-32bit-6.4.3.6-7.22.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-5456 at SUSECVE-2006-5456 at NVDCVE-2007-1667 at SUSECVE-2007-1667 at NVDCVE-2007-1797 at SUSECVE-2007-1797 at NVDCVE-2007-4985 at SUSECVE-2007-4985 at NVDCVE-2007-4986 at SUSECVE-2007-4986 at NVDCVE-2007-4987 at SUSECVE-2007-4987 at NVDCVE-2007-4988 at SUSECVE-2007-4988 at NVDcpe:/o:suse:suse_sles:11:sp2libQtWebKit4-32bit-4.6.3-5.12.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libQtWebKit4-32bit-4.6.3-5.12.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-4811 at SUSECVE-2006-4811 at NVDCVE-2009-0945 at SUSECVE-2009-0945 at NVDCVE-2011-3193 at SUSECVE-2011-3193 at NVDCVE-2011-3922 at SUSECVE-2011-3922 at NVDcpe:/o:suse:suse_sles:11:sp2libadns1-1.4-73.21 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libadns1-1.4-73.21 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-1447 at SUSECVE-2008-1447 at NVDCVE-2008-4100 at SUSECVE-2008-4100 at NVDcpe:/o:suse:suse_sles:11:sp2libapr-util1-1.3.4-12.22.21.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libapr-util1-1.3.4-12.22.21.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-2412 at SUSECVE-2009-2412 at NVDCVE-2010-1623 at SUSECVE-2010-1623 at NVDcpe:/o:suse:suse_sles:11:sp2libapr1-1.3.3-11.18.17.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libapr1-1.3.3-11.18.17.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-2412 at SUSECVE-2009-2412 at NVDCVE-2011-0419 at SUSECVE-2011-0419 at NVDCVE-2011-1928 at SUSECVE-2011-1928 at NVDcpe:/o:suse:suse_sles:11:sp2libarchive2-2.5.5-5.19 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libarchive2-2.5.5-5.19 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-5680 at SUSECVE-2006-5680 at NVDCVE-2007-3641 at SUSECVE-2007-3641 at NVDCVE-2007-3644 at SUSECVE-2007-3644 at NVDCVE-2007-3645 at SUSECVE-2007-3645 at NVDcpe:/o:suse:suse_sles:11:sp2libcap-progs-2.11-2.17.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libcap-progs-2.11-2.17.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-4099 at SUSECVE-2011-4099 at NVDcpe:/o:suse:suse_sles:11:sp2libcgroup1-0.34-2.5.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libcgroup1-0.34-2.5.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-1006 at SUSECVE-2011-1006 at NVDCVE-2011-1022 at SUSECVE-2011-1022 at NVDcpe:/o:suse:suse_sles:11:sp2libdrm-2.4.27-0.6.6 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libdrm-2.4.27-0.6.6 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-3831 at SUSECVE-2008-3831 at NVDcpe:/o:suse:suse_sles:11:sp2libexif-0.6.17-2.12 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libexif-0.6.17-2.12 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-6351 at SUSECVE-2007-6351 at NVDCVE-2007-6352 at SUSECVE-2007-6352 at NVDcpe:/o:suse:suse_sles:11:sp2libexiv2-4-0.17.1-31.20 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libexiv2-4-0.17.1-31.20 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-6353 at SUSECVE-2007-6353 at NVDcpe:/o:suse:suse_sles:11:sp2libfreebl3-3.13.1-0.2.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libfreebl3-3.13.1-0.2.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2010-3170 at SUSECVE-2010-3170 at NVDCVE-2011-3389 at SUSECVE-2011-3389 at NVDcpe:/o:suse:suse_sles:11:sp2libgdiplus0-2.6.7-0.5.76 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libgdiplus0-2.6.7-0.5.76 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2010-1526 at SUSECVE-2010-1526 at NVDcpe:/o:suse:suse_sles:11:sp2libgnomesu-1.0.0-307.10.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libgnomesu-1.0.0-307.10.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-1946 at SUSECVE-2011-1946 at NVDcpe:/o:suse:suse_sles:11:sp2libgtop-2.28.0-1.2.20 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libgtop-2.28.0-1.2.20 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-0235 at SUSECVE-2007-0235 at NVDcpe:/o:suse:suse_sles:11:sp2libicu-32bit-4.0-7.24.11 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libicu-32bit-4.0-7.24.11 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-4770 at SUSECVE-2007-4770 at NVDCVE-2007-4771 at SUSECVE-2007-4771 at NVDCVE-2008-1036 at SUSECVE-2008-1036 at NVDCVE-2009-0153 at SUSECVE-2009-0153 at NVDcpe:/o:suse:suse_sles:11:sp2libicu-32bit-4.0-7.26.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libicu-32bit-4.0-7.26.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-4770 at SUSECVE-2007-4770 at NVDCVE-2007-4771 at SUSECVE-2007-4771 at NVDCVE-2008-1036 at SUSECVE-2008-1036 at NVDCVE-2009-0153 at SUSECVE-2009-0153 at NVDCVE-2010-4409 at SUSECVE-2010-4409 at NVDcpe:/o:suse:suse_sles:11:sp2libltdl7-2.2.6-2.131.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libltdl7-2.2.6-2.131.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-3736 at SUSECVE-2009-3736 at NVDcpe:/o:suse:suse_sles:11:sp2libmusicbrainz4-2.1.5-5.18 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libmusicbrainz4-2.1.5-5.18 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-4197 at SUSECVE-2006-4197 at NVDcpe:/o:suse:suse_sles:11:sp2libmysqlclient15-32bit-5.0.94-0.2.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libmysqlclient15-32bit-5.0.94-0.2.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-0903 at SUSECVE-2006-0903 at NVDCVE-2006-4226 at SUSECVE-2006-4226 at NVDCVE-2006-4227 at SUSECVE-2006-4227 at NVDCVE-2007-5969 at SUSECVE-2007-5969 at NVDCVE-2007-6303 at SUSECVE-2007-6303 at NVDCVE-2007-6304 at SUSECVE-2007-6304 at NVDCVE-2008-2079 at SUSECVE-2008-2079 at NVDCVE-2008-4456 at SUSECVE-2008-4456 at NVDCVE-2008-7247 at SUSECVE-2008-7247 at NVDCVE-2009-2446 at SUSECVE-2009-2446 at NVDCVE-2009-4019 at SUSECVE-2009-4019 at NVDCVE-2009-4028 at SUSECVE-2009-4028 at NVDCVE-2009-4030 at SUSECVE-2009-4030 at NVDCVE-2009-4484 at SUSECVE-2009-4484 at NVDCVE-2010-1626 at SUSECVE-2010-1626 at NVDCVE-2010-1848 at SUSECVE-2010-1848 at NVDCVE-2010-1849 at SUSECVE-2010-1849 at NVDCVE-2010-1850 at SUSECVE-2010-1850 at NVDCVE-2010-3833 at SUSECVE-2010-3833 at NVDCVE-2010-3834 at SUSECVE-2010-3834 at NVDCVE-2010-3835 at SUSECVE-2010-3835 at NVDCVE-2010-3836 at SUSECVE-2010-3836 at NVDCVE-2010-3837 at SUSECVE-2010-3837 at NVDCVE-2010-3838 at SUSECVE-2010-3838 at NVDCVE-2010-3839 at SUSECVE-2010-3839 at NVDCVE-2010-3840 at SUSECVE-2010-3840 at NVDcpe:/o:suse:suse_sles:11:sp2libneon27-0.29.6-6.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libneon27-0.29.6-6.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-0157 at SUSECVE-2007-0157 at NVDCVE-2008-3746 at SUSECVE-2008-3746 at NVDCVE-2009-2473 at SUSECVE-2009-2473 at NVDCVE-2009-2474 at SUSECVE-2009-2474 at NVDcpe:/o:suse:suse_sles:11:sp2libnetpbm10-10.26.44-101.9.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libnetpbm10-10.26.44-101.9.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-4274 at SUSECVE-2009-4274 at NVDcpe:/o:suse:suse_sles:11:sp2libnewt0_52-0.52.10-1.35.7 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libnewt0_52-0.52.10-1.35.7 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-2905 at SUSECVE-2009-2905 at NVDcpe:/o:suse:suse_sles:11:sp2libopensc2-0.11.6-5.27.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libopensc2-0.11.6-5.27.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-2235 at SUSECVE-2008-2235 at NVDCVE-2009-0368 at SUSECVE-2009-0368 at NVDcpe:/o:suse:suse_sles:11:sp2libopenssl0_9_8-0.9.8j-0.26.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libopenssl0_9_8-0.9.8j-0.26.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-2937 at SUSECVE-2006-2937 at NVDCVE-2006-2940 at SUSECVE-2006-2940 at NVDCVE-2006-3738 at SUSECVE-2006-3738 at NVDCVE-2006-4339 at SUSECVE-2006-4339 at NVDCVE-2006-4343 at SUSECVE-2006-4343 at NVDCVE-2007-3108 at SUSECVE-2007-3108 at NVDCVE-2007-4995 at SUSECVE-2007-4995 at NVDCVE-2007-5135 at SUSECVE-2007-5135 at NVDCVE-2008-0891 at SUSECVE-2008-0891 at NVDCVE-2008-1672 at SUSECVE-2008-1672 at NVDCVE-2008-5077 at SUSECVE-2008-5077 at NVDCVE-2009-0590 at SUSECVE-2009-0590 at NVDCVE-2009-0591 at SUSECVE-2009-0591 at NVDCVE-2009-0789 at SUSECVE-2009-0789 at NVDCVE-2009-1377 at SUSECVE-2009-1377 at NVDCVE-2009-1378 at SUSECVE-2009-1378 at NVDCVE-2009-1379 at SUSECVE-2009-1379 at NVDCVE-2009-1386 at SUSECVE-2009-1386 at NVDCVE-2009-1387 at SUSECVE-2009-1387 at NVDCVE-2009-3245 at SUSECVE-2009-3245 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2009-4355 at SUSECVE-2009-4355 at NVDCVE-2010-0740 at SUSECVE-2010-0740 at NVDCVE-2010-2939 at SUSECVE-2010-2939 at NVDCVE-2010-3864 at SUSECVE-2010-3864 at NVDCVE-2010-4180 at SUSECVE-2010-4180 at NVDCVE-2010-4252 at SUSECVE-2010-4252 at NVDCVE-2011-0014 at SUSECVE-2011-0014 at NVDCVE-2011-3210 at SUSECVE-2011-3210 at NVDCVE-2011-4108 at SUSECVE-2011-4108 at NVDCVE-2011-4109 at SUSECVE-2011-4109 at NVDCVE-2011-4576 at SUSECVE-2011-4576 at NVDCVE-2011-4577 at SUSECVE-2011-4577 at NVDCVE-2011-4619 at SUSECVE-2011-4619 at NVDcpe:/o:suse:suse_sles:11:sp2libpng12-0-1.2.31-5.25.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libpng12-0-1.2.31-5.25.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-5793 at SUSECVE-2006-5793 at NVDCVE-2008-3964 at SUSECVE-2008-3964 at NVDCVE-2008-5907 at SUSECVE-2008-5907 at NVDCVE-2008-6218 at SUSECVE-2008-6218 at NVDCVE-2009-0040 at SUSECVE-2009-0040 at NVDCVE-2009-2042 at SUSECVE-2009-2042 at NVDCVE-2009-5063 at SUSECVE-2009-5063 at NVDCVE-2010-0205 at SUSECVE-2010-0205 at NVDCVE-2010-1205 at SUSECVE-2010-1205 at NVDCVE-2010-2249 at SUSECVE-2010-2249 at NVDCVE-2011-2501 at SUSECVE-2011-2501 at NVDCVE-2011-2690 at SUSECVE-2011-2690 at NVDCVE-2011-2691 at SUSECVE-2011-2691 at NVDCVE-2011-2692 at SUSECVE-2011-2692 at NVDcpe:/o:suse:suse_sles:11:sp2libpoppler-glib4-0.12.3-1.3.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libpoppler-glib4-0.12.3-1.3.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-0104 at SUSECVE-2007-0104 at NVDCVE-2007-4352 at SUSECVE-2007-4352 at NVDCVE-2007-5392 at SUSECVE-2007-5392 at NVDCVE-2007-5393 at SUSECVE-2007-5393 at NVDCVE-2008-2950 at SUSECVE-2008-2950 at NVDCVE-2009-0755 at SUSECVE-2009-0755 at NVDCVE-2009-0756 at SUSECVE-2009-0756 at NVDCVE-2009-0791 at SUSECVE-2009-0791 at NVDCVE-2009-0799 at SUSECVE-2009-0799 at NVDCVE-2009-0800 at SUSECVE-2009-0800 at NVDCVE-2009-1179 at SUSECVE-2009-1179 at NVDCVE-2009-1180 at SUSECVE-2009-1180 at NVDCVE-2009-1181 at SUSECVE-2009-1181 at NVDCVE-2009-1182 at SUSECVE-2009-1182 at NVDCVE-2009-1183 at SUSECVE-2009-1183 at NVDCVE-2009-1187 at SUSECVE-2009-1187 at NVDCVE-2009-1188 at SUSECVE-2009-1188 at NVDCVE-2009-3607 at SUSECVE-2009-3607 at NVDCVE-2009-3608 at SUSECVE-2009-3608 at NVDCVE-2010-3702 at SUSECVE-2010-3702 at NVDCVE-2010-3703 at SUSECVE-2010-3703 at NVDCVE-2010-3704 at SUSECVE-2010-3704 at NVDcpe:/o:suse:suse_sles:11:sp2libpulse-browse0-0.9.23-0.7.128 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libpulse-browse0-0.9.23-0.7.128 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-0008 at SUSECVE-2008-0008 at NVDcpe:/o:suse:suse_sles:11:sp2libpython2_6-1_0-2.6.0-8.12.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libpython2_6-1_0-2.6.0-8.12.2 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-3560 at SUSECVE-2009-3560 at NVDCVE-2009-3720 at SUSECVE-2009-3720 at NVDCVE-2010-3493 at SUSECVE-2010-3493 at NVDCVE-2011-1015 at SUSECVE-2011-1015 at NVDCVE-2011-1521 at SUSECVE-2011-1521 at NVDcpe:/o:suse:suse_sles:11:sp2libqt4-sql-mysql-4.6.3-5.10.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libqt4-sql-mysql-4.6.3-5.10.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-4811 at SUSECVE-2006-4811 at NVDCVE-2009-0945 at SUSECVE-2009-0945 at NVDCVE-2011-3193 at SUSECVE-2011-3193 at NVDcpe:/o:suse:suse_sles:11:sp2librpcsecgss-0.18-1.15 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the librpcsecgss-0.18-1.15 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-3999 at SUSECVE-2007-3999 at NVDcpe:/o:suse:suse_sles:11:sp2librsvg-2.26.0-2.3.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the librsvg-2.26.0-2.3.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-3146 at SUSECVE-2011-3146 at NVDcpe:/o:suse:suse_sles:11:sp2libsamplerate-0.1.4-1.15 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libsamplerate-0.1.4-1.15 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-5008 at SUSECVE-2008-5008 at NVDcpe:/o:suse:suse_sles:11:sp2libsndfile-1.0.20-2.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libsndfile-1.0.20-2.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-4974 at SUSECVE-2007-4974 at NVDCVE-2009-0186 at SUSECVE-2009-0186 at NVDCVE-2009-1788 at SUSECVE-2009-1788 at NVDCVE-2009-1791 at SUSECVE-2009-1791 at NVDCVE-2009-4835 at SUSECVE-2009-4835 at NVDCVE-2011-2696 at SUSECVE-2011-2696 at NVDcpe:/o:suse:suse_sles:11:sp2libsnmp15-32bit-5.4.2.1-8.12.6.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libsnmp15-32bit-5.4.2.1-8.12.6.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-4309 at SUSECVE-2008-4309 at NVDCVE-2008-6123 at SUSECVE-2008-6123 at NVDcpe:/o:suse:suse_sles:11:sp2libsoup-2_4-1-2.32.2-4.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libsoup-2_4-1-2.32.2-4.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-5876 at SUSECVE-2006-5876 at NVDCVE-2011-2524 at SUSECVE-2011-2524 at NVDcpe:/o:suse:suse_sles:11:sp2libtiff3-3.8.2-141.142.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libtiff3-3.8.2-141.142.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-1586 at SUSECVE-2008-1586 at NVDCVE-2008-2327 at SUSECVE-2008-2327 at NVDCVE-2009-2285 at SUSECVE-2009-2285 at NVDCVE-2009-2347 at SUSECVE-2009-2347 at NVDCVE-2010-1411 at SUSECVE-2010-1411 at NVDCVE-2010-4665 at SUSECVE-2010-4665 at NVDCVE-2011-0191 at SUSECVE-2011-0191 at NVDCVE-2011-0192 at SUSECVE-2011-0192 at NVDCVE-2011-1167 at SUSECVE-2011-1167 at NVDcpe:/o:suse:suse_sles:11:sp2libvirt-0.9.6-0.13.42 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libvirt-0.9.6-0.13.42 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-5086 at SUSECVE-2008-5086 at NVDCVE-2010-2242 at SUSECVE-2010-2242 at NVDCVE-2011-1146 at SUSECVE-2011-1146 at NVDCVE-2011-1486 at SUSECVE-2011-1486 at NVDCVE-2011-2511 at SUSECVE-2011-2511 at NVDCVE-2011-4600 at SUSECVE-2011-4600 at NVDcpe:/o:suse:suse_sles:11:sp2libvorbis-1.2.0-79.13.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libvorbis-1.2.0-79.13.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-3106 at SUSECVE-2007-3106 at NVDCVE-2008-1419 at SUSECVE-2008-1419 at NVDCVE-2008-1420 at SUSECVE-2008-1420 at NVDCVE-2008-1423 at SUSECVE-2008-1423 at NVDCVE-2009-2663 at SUSECVE-2009-2663 at NVDCVE-2009-3379 at SUSECVE-2009-3379 at NVDcpe:/o:suse:suse_sles:11:sp2libxcrypt-3.0.3-0.6.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libxcrypt-3.0.3-0.6.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-2483 at SUSECVE-2011-2483 at NVDcpe:/o:suse:suse_sles:11:sp2libxml2-2.7.6-0.13.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libxml2-2.7.6-0.13.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-6284 at SUSECVE-2007-6284 at NVDCVE-2008-4225 at SUSECVE-2008-4225 at NVDCVE-2008-4226 at SUSECVE-2008-4226 at NVDCVE-2008-4409 at SUSECVE-2008-4409 at NVDCVE-2009-2414 at SUSECVE-2009-2414 at NVDCVE-2009-2416 at SUSECVE-2009-2416 at NVDCVE-2010-4494 at SUSECVE-2010-4494 at NVDCVE-2011-1944 at SUSECVE-2011-1944 at NVDCVE-2011-2821 at SUSECVE-2011-2821 at NVDCVE-2011-3919 at SUSECVE-2011-3919 at NVDcpe:/o:suse:suse_sles:11:sp2libxslt-1.1.24-19.15 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libxslt-1.1.24-19.15 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-1767 at SUSECVE-2008-1767 at NVDcpe:/o:suse:suse_sles:11:sp2libzip1-0.9-1.24.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the libzip1-0.9-1.24.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-0421 at SUSECVE-2011-0421 at NVDcpe:/o:suse:suse_sles:11:sp2log4net-1.2.10-1.36 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the log4net-1.2.10-1.36 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-0743 at SUSECVE-2006-0743 at NVDcpe:/o:suse:suse_sles:11:sp2logrotate-3.7.7-10.24.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the logrotate-3.7.7-10.24.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-1098 at SUSECVE-2011-1098 at NVDCVE-2011-1154 at SUSECVE-2011-1154 at NVDCVE-2011-1155 at SUSECVE-2011-1155 at NVDcpe:/o:suse:suse_sles:11:sp2logwatch-7.3.6-65.72.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the logwatch-7.3.6-65.72.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-1018 at SUSECVE-2011-1018 at NVDcpe:/o:suse:suse_sles:11:sp2lvm2-2.02.84-3.25.5 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the lvm2-2.02.84-3.25.5 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2010-2526 at SUSECVE-2010-2526 at NVDcpe:/o:suse:suse_sles:11:sp2mailman-2.1.14-9.2.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the mailman-2.1.14-9.2.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-2191 at SUSECVE-2006-2191 at NVDCVE-2006-2941 at SUSECVE-2006-2941 at NVDCVE-2006-3636 at SUSECVE-2006-3636 at NVDCVE-2010-3089 at SUSECVE-2010-3089 at NVDCVE-2010-3090 at SUSECVE-2010-3090 at NVDCVE-2011-0707 at SUSECVE-2011-0707 at NVDcpe:/o:suse:suse_sles:11:sp2man-2.5.2-17.16 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the man-2.5.2-17.16 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-4250 at SUSECVE-2006-4250 at NVDcpe:/o:suse:suse_sles:11:sp2mipv6d-2.0.2.umip.0.4-8.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the mipv6d-2.0.2.umip.0.4-8.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2010-2522 at SUSECVE-2010-2522 at NVDCVE-2010-2523 at SUSECVE-2010-2523 at NVDcpe:/o:suse:suse_sles:11:sp2mono-core-2.6.7-0.7.19 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the mono-core-2.6.7-0.7.19 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-0217 at SUSECVE-2009-0217 at NVDCVE-2010-1459 at SUSECVE-2010-1459 at NVDCVE-2010-3332 at SUSECVE-2010-3332 at NVDCVE-2010-4159 at SUSECVE-2010-4159 at NVDcpe:/o:suse:suse_sles:11:sp2mozilla-xulrunner192-1.9.2.24-0.3.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the mozilla-xulrunner192-1.9.2.24-0.3.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-5913 at SUSECVE-2008-5913 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2010-0164 at SUSECVE-2010-0164 at NVDCVE-2010-0165 at SUSECVE-2010-0165 at NVDCVE-2010-0166 at SUSECVE-2010-0166 at NVDCVE-2010-0167 at SUSECVE-2010-0167 at NVDCVE-2010-0168 at SUSECVE-2010-0168 at NVDCVE-2010-0169 at SUSECVE-2010-0169 at NVDCVE-2010-0170 at SUSECVE-2010-0170 at NVDCVE-2010-0171 at SUSECVE-2010-0171 at NVDCVE-2010-0172 at SUSECVE-2010-0172 at NVDCVE-2010-0173 at SUSECVE-2010-0173 at NVDCVE-2010-0174 at SUSECVE-2010-0174 at NVDCVE-2010-0176 at SUSECVE-2010-0176 at NVDCVE-2010-0177 at SUSECVE-2010-0177 at NVDCVE-2010-0178 at SUSECVE-2010-0178 at NVDCVE-2010-0179 at SUSECVE-2010-0179 at NVDCVE-2010-0181 at SUSECVE-2010-0181 at NVDCVE-2010-0182 at SUSECVE-2010-0182 at NVDCVE-2010-0654 at SUSECVE-2010-0654 at NVDCVE-2010-1028 at SUSECVE-2010-1028 at NVDCVE-2010-1121 at SUSECVE-2010-1121 at NVDCVE-2010-1125 at SUSECVE-2010-1125 at NVDCVE-2010-1196 at SUSECVE-2010-1196 at NVDCVE-2010-1197 at SUSECVE-2010-1197 at NVDCVE-2010-1198 at SUSECVE-2010-1198 at NVDCVE-2010-1199 at SUSECVE-2010-1199 at NVDCVE-2010-1200 at SUSECVE-2010-1200 at NVDCVE-2010-1201 at SUSECVE-2010-1201 at NVDCVE-2010-1202 at SUSECVE-2010-1202 at NVDCVE-2010-1203 at SUSECVE-2010-1203 at NVDCVE-2010-1205 at SUSECVE-2010-1205 at NVDCVE-2010-1206 at SUSECVE-2010-1206 at NVDCVE-2010-1207 at SUSECVE-2010-1207 at NVDCVE-2010-1208 at SUSECVE-2010-1208 at NVDCVE-2010-1209 at SUSECVE-2010-1209 at NVDCVE-2010-1210 at SUSECVE-2010-1210 at NVDCVE-2010-1211 at SUSECVE-2010-1211 at NVDCVE-2010-1212 at SUSECVE-2010-1212 at NVDCVE-2010-1213 at SUSECVE-2010-1213 at NVDCVE-2010-1214 at SUSECVE-2010-1214 at NVDCVE-2010-1215 at SUSECVE-2010-1215 at NVDCVE-2010-1585 at SUSECVE-2010-1585 at NVDCVE-2010-2751 at SUSECVE-2010-2751 at NVDCVE-2010-2752 at SUSECVE-2010-2752 at NVDCVE-2010-2753 at SUSECVE-2010-2753 at NVDCVE-2010-2754 at SUSECVE-2010-2754 at NVDCVE-2010-2755 at SUSECVE-2010-2755 at NVDCVE-2010-2760 at SUSECVE-2010-2760 at NVDCVE-2010-2762 at SUSECVE-2010-2762 at NVDCVE-2010-2764 at SUSECVE-2010-2764 at NVDCVE-2010-2765 at SUSECVE-2010-2765 at NVDCVE-2010-2766 at SUSECVE-2010-2766 at NVDCVE-2010-2767 at SUSECVE-2010-2767 at NVDCVE-2010-2768 at SUSECVE-2010-2768 at NVDCVE-2010-2769 at SUSECVE-2010-2769 at NVDCVE-2010-3166 at SUSECVE-2010-3166 at NVDCVE-2010-3167 at SUSECVE-2010-3167 at NVDCVE-2010-3168 at SUSECVE-2010-3168 at NVDCVE-2010-3169 at SUSECVE-2010-3169 at NVDCVE-2010-3170 at SUSECVE-2010-3170 at NVDCVE-2010-3173 at SUSECVE-2010-3173 at NVDCVE-2010-3174 at SUSECVE-2010-3174 at NVDCVE-2010-3175 at SUSECVE-2010-3175 at NVDCVE-2010-3176 at SUSECVE-2010-3176 at NVDCVE-2010-3177 at SUSECVE-2010-3177 at NVDCVE-2010-3178 at SUSECVE-2010-3178 at NVDCVE-2010-3179 at SUSECVE-2010-3179 at NVDCVE-2010-3180 at SUSECVE-2010-3180 at NVDCVE-2010-3182 at SUSECVE-2010-3182 at NVDCVE-2010-3183 at SUSECVE-2010-3183 at NVDCVE-2010-3765 at SUSECVE-2010-3765 at NVDCVE-2010-3766 at SUSECVE-2010-3766 at NVDCVE-2010-3767 at SUSECVE-2010-3767 at NVDCVE-2010-3768 at SUSECVE-2010-3768 at NVDCVE-2010-3769 at SUSECVE-2010-3769 at NVDCVE-2010-3770 at SUSECVE-2010-3770 at NVDCVE-2010-3771 at SUSECVE-2010-3771 at NVDCVE-2010-3772 at SUSECVE-2010-3772 at NVDCVE-2010-3773 at SUSECVE-2010-3773 at NVDCVE-2010-3775 at SUSECVE-2010-3775 at NVDCVE-2010-3776 at SUSECVE-2010-3776 at NVDCVE-2010-3777 at SUSECVE-2010-3777 at NVDCVE-2010-3778 at SUSECVE-2010-3778 at NVDCVE-2011-0051 at SUSECVE-2011-0051 at NVDCVE-2011-0053 at SUSECVE-2011-0053 at NVDCVE-2011-0054 at SUSECVE-2011-0054 at NVDCVE-2011-0055 at SUSECVE-2011-0055 at NVDCVE-2011-0056 at SUSECVE-2011-0056 at NVDCVE-2011-0057 at SUSECVE-2011-0057 at NVDCVE-2011-0059 at SUSECVE-2011-0059 at NVDCVE-2011-0061 at SUSECVE-2011-0061 at NVDCVE-2011-0062 at SUSECVE-2011-0062 at NVDCVE-2011-0065 at SUSECVE-2011-0065 at NVDCVE-2011-0066 at SUSECVE-2011-0066 at NVDCVE-2011-0067 at SUSECVE-2011-0067 at NVDCVE-2011-0069 at SUSECVE-2011-0069 at NVDCVE-2011-0070 at SUSECVE-2011-0070 at NVDCVE-2011-0072 at SUSECVE-2011-0072 at NVDCVE-2011-0073 at SUSECVE-2011-0073 at NVDCVE-2011-0074 at SUSECVE-2011-0074 at NVDCVE-2011-0075 at SUSECVE-2011-0075 at NVDCVE-2011-0077 at SUSECVE-2011-0077 at NVDCVE-2011-0078 at SUSECVE-2011-0078 at NVDCVE-2011-0080 at SUSECVE-2011-0080 at NVDCVE-2011-0081 at SUSECVE-2011-0081 at NVDCVE-2011-0083 at SUSECVE-2011-0083 at NVDCVE-2011-0084 at SUSECVE-2011-0084 at NVDCVE-2011-0085 at SUSECVE-2011-0085 at NVDCVE-2011-1202 at SUSECVE-2011-1202 at NVDCVE-2011-2362 at SUSECVE-2011-2362 at NVDCVE-2011-2363 at SUSECVE-2011-2363 at NVDCVE-2011-2364 at SUSECVE-2011-2364 at NVDCVE-2011-2365 at SUSECVE-2011-2365 at NVDCVE-2011-2371 at SUSECVE-2011-2371 at NVDCVE-2011-2372 at SUSECVE-2011-2372 at NVDCVE-2011-2373 at SUSECVE-2011-2373 at NVDCVE-2011-2374 at SUSECVE-2011-2374 at NVDCVE-2011-2376 at SUSECVE-2011-2376 at NVDCVE-2011-2377 at SUSECVE-2011-2377 at NVDCVE-2011-2378 at SUSECVE-2011-2378 at NVDCVE-2011-2980 at SUSECVE-2011-2980 at NVDCVE-2011-2981 at SUSECVE-2011-2981 at NVDCVE-2011-2982 at SUSECVE-2011-2982 at NVDCVE-2011-2983 at SUSECVE-2011-2983 at NVDCVE-2011-2995 at SUSECVE-2011-2995 at NVDCVE-2011-2996 at SUSECVE-2011-2996 at NVDCVE-2011-2999 at SUSECVE-2011-2999 at NVDCVE-2011-3000 at SUSECVE-2011-3000 at NVDCVE-2011-3001 at SUSECVE-2011-3001 at NVDCVE-2011-3647 at SUSECVE-2011-3647 at NVDCVE-2011-3648 at SUSECVE-2011-3648 at NVDCVE-2011-3650 at SUSECVE-2011-3650 at NVDcpe:/o:suse:suse_sles:11:sp2mutt-1.5.17-42.33.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the mutt-1.5.17-42.33.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-1558 at SUSECVE-2007-1558 at NVDcpe:/o:suse:suse_sles:11:sp2nagios-3.0.6-1.25.24.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the nagios-3.0.6-1.25.24.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-5803 at SUSECVE-2007-5803 at NVDCVE-2011-1523 at SUSECVE-2011-1523 at NVDcpe:/o:suse:suse_sles:11:sp2nagios-plugins-1.4.13-1.35 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the nagios-plugins-1.4.13-1.35 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-5623 at SUSECVE-2007-5623 at NVDcpe:/o:suse:suse_sles:11:sp2ntp-4.2.4p8-1.16.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the ntp-4.2.4p8-1.16.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-0159 at SUSECVE-2009-0159 at NVDCVE-2009-1252 at SUSECVE-2009-1252 at NVDcpe:/o:suse:suse_sles:11:sp2ofed-1.5.2-0.22.23 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the ofed-1.5.2-0.22.23 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2010-1693 at SUSECVE-2010-1693 at NVDCVE-2010-3904 at SUSECVE-2010-3904 at NVDCVE-2010-4649 at SUSECVE-2010-4649 at NVDCVE-2011-3345 at SUSECVE-2011-3345 at NVDcpe:/o:suse:suse_sles:11:sp2openslp-1.2.0-172.22.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the openslp-1.2.0-172.22.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2010-3609 at SUSECVE-2010-3609 at NVDcpe:/o:suse:suse_sles:11:sp2openssh-5.1p1-41.51.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the openssh-5.1p1-41.51.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-0225 at SUSECVE-2006-0225 at NVDCVE-2007-4752 at SUSECVE-2007-4752 at NVDCVE-2008-1483 at SUSECVE-2008-1483 at NVDcpe:/o:suse:suse_sles:11:sp2openswan-2.6.16-1.36.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the openswan-2.6.16-1.36.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-4190 at SUSECVE-2008-4190 at NVDCVE-2009-2185 at SUSECVE-2009-2185 at NVDCVE-2011-4073 at SUSECVE-2011-4073 at NVDcpe:/o:suse:suse_sles:11:sp2openvpn-2.0.9-143.31 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the openvpn-2.0.9-143.31 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-4339 at SUSECVE-2006-4339 at NVDcpe:/o:suse:suse_sles:11:sp2opie-2.4-662.18.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the opie-2.4-662.18.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-2489 at SUSECVE-2011-2489 at NVDCVE-2011-2490 at SUSECVE-2011-2490 at NVDcpe:/o:suse:suse_sles:11:sp2pam-1.1.5-0.10.17 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the pam-1.1.5-0.10.17 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-0579 at SUSECVE-2009-0579 at NVDCVE-2009-0887 at SUSECVE-2009-0887 at NVDCVE-2011-3148 at SUSECVE-2011-3148 at NVDCVE-2011-3149 at SUSECVE-2011-3149 at NVDcpe:/o:suse:suse_sles:11:sp2pam_krb5-2.3.1-47.10.15 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the pam_krb5-2.3.1-47.10.15 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-3825 at SUSECVE-2008-3825 at NVDcpe:/o:suse:suse_sles:11:sp2pam_ldap-184-147.20 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the pam_ldap-184-147.20 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-5170 at SUSECVE-2006-5170 at NVDcpe:/o:suse:suse_sles:11:sp2pam_mount-0.47-13.13.65 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the pam_mount-0.47-13.13.65 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-5138 at SUSECVE-2008-5138 at NVDcpe:/o:suse:suse_sles:11:sp2pango-1.26.2-1.3.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the pango-1.26.2-1.3.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-0020 at SUSECVE-2011-0020 at NVDCVE-2011-0064 at SUSECVE-2011-0064 at NVDcpe:/o:suse:suse_sles:11:sp2pcsc-ccid-1.3.8-3.15.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the pcsc-ccid-1.3.8-3.15.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2010-4530 at SUSECVE-2010-4530 at NVDcpe:/o:suse:suse_sles:11:sp2pcsc-lite-1.4.102-1.37.3 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the pcsc-lite-1.4.102-1.37.3 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2010-0407 at SUSECVE-2010-0407 at NVDCVE-2010-4531 at SUSECVE-2010-4531 at NVDcpe:/o:suse:suse_sles:11:sp2perl-32bit-5.10.0-64.55.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the perl-32bit-5.10.0-64.55.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-5116 at SUSECVE-2007-5116 at NVDCVE-2010-1168 at SUSECVE-2010-1168 at NVDCVE-2010-1447 at SUSECVE-2010-1447 at NVDCVE-2010-2761 at SUSECVE-2010-2761 at NVDCVE-2010-4410 at SUSECVE-2010-4410 at NVDCVE-2010-4411 at SUSECVE-2010-4411 at NVDCVE-2010-4777 at SUSECVE-2010-4777 at NVDCVE-2011-1487 at SUSECVE-2011-1487 at NVDcpe:/o:suse:suse_sles:11:sp2perl-HTML-Parser-3.56-1.18.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the perl-HTML-Parser-3.56-1.18.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-3627 at SUSECVE-2009-3627 at NVDcpe:/o:suse:suse_sles:11:sp2perl-Tk-804.028-50.24 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the perl-Tk-804.028-50.24 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-4484 at SUSECVE-2006-4484 at NVDcpe:/o:suse:suse_sles:11:sp2perl-libwww-perl-5.816-2.23.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the perl-libwww-perl-5.816-2.23.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-0633 at SUSECVE-2011-0633 at NVDcpe:/o:suse:suse_sles:11:sp2perl-spamassassin-3.3.1-10.8.3 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the perl-spamassassin-3.3.1-10.8.3 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-0451 at SUSECVE-2007-0451 at NVDCVE-2007-2873 at SUSECVE-2007-2873 at NVDcpe:/o:suse:suse_sles:11:sp2postgresql-8.3.14-0.2.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the postgresql-8.3.14-0.2.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-4769 at SUSECVE-2007-4769 at NVDCVE-2007-4772 at SUSECVE-2007-4772 at NVDCVE-2007-6067 at SUSECVE-2007-6067 at NVDCVE-2007-6600 at SUSECVE-2007-6600 at NVDCVE-2007-6601 at SUSECVE-2007-6601 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2009-4034 at SUSECVE-2009-4034 at NVDCVE-2009-4136 at SUSECVE-2009-4136 at NVDCVE-2010-0442 at SUSECVE-2010-0442 at NVDCVE-2010-1169 at SUSECVE-2010-1169 at NVDCVE-2010-1170 at SUSECVE-2010-1170 at NVDCVE-2010-3433 at SUSECVE-2010-3433 at NVDCVE-2010-4014 at SUSECVE-2010-4014 at NVDCVE-2010-4015 at SUSECVE-2010-4015 at NVDcpe:/o:suse:suse_sles:11:sp2puppet-2.6.12-0.10.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the puppet-2.6.12-0.10.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2010-0156 at SUSECVE-2010-0156 at NVDCVE-2011-3848 at SUSECVE-2011-3848 at NVDCVE-2011-3869 at SUSECVE-2011-3869 at NVDCVE-2011-3870 at SUSECVE-2011-3870 at NVDCVE-2011-3871 at SUSECVE-2011-3871 at NVDCVE-2011-3872 at SUSECVE-2011-3872 at NVDcpe:/o:suse:suse_sles:11:sp2pure-ftpd-1.0.22-3.15.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the pure-ftpd-1.0.22-3.15.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-0411 at SUSECVE-2011-0411 at NVDCVE-2011-3171 at SUSECVE-2011-3171 at NVDcpe:/o:suse:suse_sles:11:sp2python-2.6.0-8.12.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the python-2.6.0-8.12.2 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-2052 at SUSECVE-2007-2052 at NVDCVE-2008-1721 at SUSECVE-2008-1721 at NVDCVE-2008-2315 at SUSECVE-2008-2315 at NVDCVE-2008-2316 at SUSECVE-2008-2316 at NVDCVE-2008-3142 at SUSECVE-2008-3142 at NVDCVE-2008-3143 at SUSECVE-2008-3143 at NVDCVE-2008-3144 at SUSECVE-2008-3144 at NVDcpe:/o:suse:suse_sles:11:sp2python-sssd-config-1.5.11-0.9.96 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the python-sssd-config-1.5.11-0.9.96 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2010-4341 at SUSECVE-2010-4341 at NVDCVE-2011-1758 at SUSECVE-2011-1758 at NVDcpe:/o:suse:suse_sles:11:sp2pyxml-0.8.4-194.23.38 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the pyxml-0.8.4-194.23.38 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-3560 at SUSECVE-2009-3560 at NVDCVE-2009-3720 at SUSECVE-2009-3720 at NVDcpe:/o:suse:suse_sles:11:sp2qt3-3.3.8b-88.21 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the qt3-3.3.8b-88.21 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-4811 at SUSECVE-2006-4811 at NVDCVE-2007-0242 at SUSECVE-2007-0242 at NVDCVE-2007-3388 at SUSECVE-2007-3388 at NVDCVE-2007-4137 at SUSECVE-2007-4137 at NVDcpe:/o:suse:suse_sles:11:sp2quagga-0.99.15-0.6.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the quagga-0.99.15-0.6.2 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-2223 at SUSECVE-2006-2223 at NVDCVE-2007-1995 at SUSECVE-2007-1995 at NVDCVE-2010-1674 at SUSECVE-2010-1674 at NVDCVE-2010-1675 at SUSECVE-2010-1675 at NVDCVE-2010-2948 at SUSECVE-2010-2948 at NVDCVE-2010-2949 at SUSECVE-2010-2949 at NVDcpe:/o:suse:suse_sles:11:sp2radvd-1.1-1.24.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the radvd-1.1-1.24.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-3602 at SUSECVE-2011-3602 at NVDCVE-2011-3603 at SUSECVE-2011-3603 at NVDCVE-2011-3604 at SUSECVE-2011-3604 at NVDCVE-2011-3605 at SUSECVE-2011-3605 at NVDcpe:/o:suse:suse_sles:11:sp2rsync-3.0.4-2.38.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the rsync-3.0.4-2.38.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-4091 at SUSECVE-2007-4091 at NVDCVE-2007-6199 at SUSECVE-2007-6199 at NVDCVE-2011-1097 at SUSECVE-2011-1097 at NVDcpe:/o:suse:suse_sles:11:sp2rsyslog-5.8.7-0.5.5 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the rsyslog-5.8.7-0.5.5 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-3200 at SUSECVE-2011-3200 at NVDcpe:/o:suse:suse_sles:11:sp2ruby-1.8.7.p357-0.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the ruby-1.8.7.p357-0.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-3694 at SUSECVE-2006-3694 at NVDCVE-2006-5467 at SUSECVE-2006-5467 at NVDCVE-2006-6303 at SUSECVE-2006-6303 at NVDCVE-2007-5162 at SUSECVE-2007-5162 at NVDCVE-2007-5770 at SUSECVE-2007-5770 at NVDCVE-2008-1145 at SUSECVE-2008-1145 at NVDCVE-2008-3790 at SUSECVE-2008-3790 at NVDCVE-2009-0642 at SUSECVE-2009-0642 at NVDCVE-2009-1904 at SUSECVE-2009-1904 at NVDCVE-2009-4492 at SUSECVE-2009-4492 at NVDCVE-2010-0541 at SUSECVE-2010-0541 at NVDCVE-2011-0188 at SUSECVE-2011-0188 at NVDCVE-2011-1004 at SUSECVE-2011-1004 at NVDCVE-2011-1005 at SUSECVE-2011-1005 at NVDCVE-2011-2686 at SUSECVE-2011-2686 at NVDCVE-2011-2705 at SUSECVE-2011-2705 at NVDCVE-2011-3009 at SUSECVE-2011-3009 at NVDCVE-2011-4815 at SUSECVE-2011-4815 at NVDcpe:/o:suse:suse_sles:11:sp2squid-2.7.STABLE5-2.10.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the squid-2.7.STABLE5-2.10.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-0478 at SUSECVE-2009-0478 at NVDCVE-2009-2855 at SUSECVE-2009-2855 at NVDCVE-2010-0308 at SUSECVE-2010-0308 at NVDCVE-2010-0639 at SUSECVE-2010-0639 at NVDcpe:/o:suse:suse_sles:11:sp2squid3-3.1.12-8.10.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the squid3-3.1.12-8.10.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2005-0094 at SUSECVE-2005-0094 at NVDCVE-2011-3205 at SUSECVE-2011-3205 at NVDCVE-2011-4096 at SUSECVE-2011-4096 at NVDcpe:/o:suse:suse_sles:11:sp2squidGuard-1.4-13.6.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the squidGuard-1.4-13.6.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-3700 at SUSECVE-2009-3700 at NVDCVE-2009-3826 at SUSECVE-2009-3826 at NVDcpe:/o:suse:suse_sles:11:sp2star-1.5final-28.21.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the star-1.5final-28.21.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-4134 at SUSECVE-2007-4134 at NVDcpe:/o:suse:suse_sles:11:sp2sudo-1.7.6p2-0.2.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the sudo-1.7.6p2-0.2.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2010-0426 at SUSECVE-2010-0426 at NVDCVE-2010-0427 at SUSECVE-2010-0427 at NVDcpe:/o:suse:suse_sles:11:sp2sysconfig-0.71.47-0.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the sysconfig-0.71.47-0.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-4182 at SUSECVE-2011-4182 at NVDcpe:/o:suse:suse_sles:11:sp2syslog-ng-2.0.9-27.32.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the syslog-ng-2.0.9-27.32.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-5110 at SUSECVE-2008-5110 at NVDcpe:/o:suse:suse_sles:11:sp2sysstat-8.1.5-7.32.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the sysstat-8.1.5-7.32.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-3852 at SUSECVE-2007-3852 at NVDcpe:/o:suse:suse_sles:11:sp2system-config-printer-1.0.8-9.16.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the system-config-printer-1.0.8-9.16.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-4405 at SUSECVE-2011-4405 at NVDcpe:/o:suse:suse_sles:11:sp2systemtap-1.5-0.7.54 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the systemtap-1.5-0.7.54 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2009-2911 at SUSECVE-2009-2911 at NVDCVE-2009-4273 at SUSECVE-2009-4273 at NVDcpe:/o:suse:suse_sles:11:sp2t1lib-5.1.1-100.19.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the t1lib-5.1.1-100.19.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2010-2642 at SUSECVE-2010-2642 at NVDcpe:/o:suse:suse_sles:11:sp2tar-1.26-1.2.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the tar-1.26-1.2.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2001-1267 at SUSECVE-2001-1267 at NVDCVE-2002-0399 at SUSECVE-2002-0399 at NVDCVE-2006-6097 at SUSECVE-2006-6097 at NVDCVE-2010-0624 at SUSECVE-2010-0624 at NVDcpe:/o:suse:suse_sles:11:sp2tftp-0.48-101.20.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the tftp-0.48-101.20.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-2199 at SUSECVE-2011-2199 at NVDcpe:/o:suse:suse_sles:11:sp2tgt-0.9.10-0.15.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the tgt-0.9.10-0.15.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-0001 at SUSECVE-2011-0001 at NVDcpe:/o:suse:suse_sles:11:sp2tomcat6-6.0.18-20.35.36.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the tomcat6-6.0.18-20.35.36.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-1232 at SUSECVE-2008-1232 at NVDCVE-2008-1947 at SUSECVE-2008-1947 at NVDCVE-2008-2370 at SUSECVE-2008-2370 at NVDCVE-2008-2938 at SUSECVE-2008-2938 at NVDCVE-2008-5515 at SUSECVE-2008-5515 at NVDCVE-2009-0033 at SUSECVE-2009-0033 at NVDCVE-2009-0580 at SUSECVE-2009-0580 at NVDCVE-2009-0781 at SUSECVE-2009-0781 at NVDCVE-2009-0783 at SUSECVE-2009-0783 at NVDCVE-2009-2693 at SUSECVE-2009-2693 at NVDCVE-2009-2901 at SUSECVE-2009-2901 at NVDCVE-2009-2902 at SUSECVE-2009-2902 at NVDCVE-2010-1157 at SUSECVE-2010-1157 at NVDCVE-2010-2227 at SUSECVE-2010-2227 at NVDCVE-2010-3718 at SUSECVE-2010-3718 at NVDCVE-2010-4172 at SUSECVE-2010-4172 at NVDCVE-2011-0013 at SUSECVE-2011-0013 at NVDCVE-2011-0534 at SUSECVE-2011-0534 at NVDCVE-2011-1184 at SUSECVE-2011-1184 at NVDCVE-2011-2204 at SUSECVE-2011-2204 at NVDCVE-2011-2526 at SUSECVE-2011-2526 at NVDCVE-2011-3190 at SUSECVE-2011-3190 at NVDCVE-2011-5062 at SUSECVE-2011-5062 at NVDCVE-2011-5063 at SUSECVE-2011-5063 at NVDCVE-2011-5064 at SUSECVE-2011-5064 at NVDcpe:/o:suse:suse_sles:11:sp2unrar-3.80.2-2.8 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the unrar-3.80.2-2.8 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-3726 at SUSECVE-2007-3726 at NVDcpe:/o:suse:suse_sles:11:sp2unzip-6.00-11.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the unzip-6.00-11.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2005-2475 at SUSECVE-2005-2475 at NVDcpe:/o:suse:suse_sles:11:sp2vte-0.22.5-0.2.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the vte-0.22.5-0.2.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2010-2713 at SUSECVE-2010-2713 at NVDcpe:/o:suse:suse_sles:11:sp2w3m-0.5.2-132.2.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the w3m-0.5.2-132.2.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-6772 at SUSECVE-2006-6772 at NVDCVE-2010-2074 at SUSECVE-2010-2074 at NVDcpe:/o:suse:suse_sles:11:sp2wget-1.11.4-1.15.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the wget-1.11.4-1.15.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-6719 at SUSECVE-2006-6719 at NVDcpe:/o:suse:suse_sles:11:sp2wireshark-1.4.10-0.2.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the wireshark-1.4.10-0.2.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-1932 at SUSECVE-2006-1932 at NVDCVE-2006-4574 at SUSECVE-2006-4574 at NVDCVE-2006-4805 at SUSECVE-2006-4805 at NVDCVE-2006-5468 at SUSECVE-2006-5468 at NVDCVE-2006-5469 at SUSECVE-2006-5469 at NVDCVE-2006-5740 at SUSECVE-2006-5740 at NVDCVE-2007-0456 at SUSECVE-2007-0456 at NVDCVE-2007-0457 at SUSECVE-2007-0457 at NVDCVE-2007-0458 at SUSECVE-2007-0458 at NVDCVE-2007-0459 at SUSECVE-2007-0459 at NVDCVE-2009-1210 at SUSECVE-2009-1210 at NVDCVE-2009-1267 at SUSECVE-2009-1267 at NVDCVE-2009-1268 at SUSECVE-2009-1268 at NVDCVE-2009-1269 at SUSECVE-2009-1269 at NVDCVE-2009-2560 at SUSECVE-2009-2560 at NVDCVE-2009-2562 at SUSECVE-2009-2562 at NVDCVE-2009-3549 at SUSECVE-2009-3549 at NVDCVE-2009-3550 at SUSECVE-2009-3550 at NVDCVE-2009-3829 at SUSECVE-2009-3829 at NVDCVE-2009-4377 at SUSECVE-2009-4377 at NVDCVE-2010-0304 at SUSECVE-2010-0304 at NVDCVE-2010-1455 at SUSECVE-2010-1455 at NVDCVE-2010-2992 at SUSECVE-2010-2992 at NVDCVE-2010-2993 at SUSECVE-2010-2993 at NVDCVE-2010-2994 at SUSECVE-2010-2994 at NVDCVE-2010-2995 at SUSECVE-2010-2995 at NVDCVE-2010-3445 at SUSECVE-2010-3445 at NVDCVE-2010-4300 at SUSECVE-2010-4300 at NVDCVE-2010-4301 at SUSECVE-2010-4301 at NVDCVE-2010-4538 at SUSECVE-2010-4538 at NVDCVE-2011-0024 at SUSECVE-2011-0024 at NVDCVE-2011-0538 at SUSECVE-2011-0538 at NVDCVE-2011-0713 at SUSECVE-2011-0713 at NVDCVE-2011-1138 at SUSECVE-2011-1138 at NVDCVE-2011-1139 at SUSECVE-2011-1139 at NVDCVE-2011-1140 at SUSECVE-2011-1140 at NVDCVE-2011-1143 at SUSECVE-2011-1143 at NVDCVE-2011-1590 at SUSECVE-2011-1590 at NVDCVE-2011-1591 at SUSECVE-2011-1591 at NVDCVE-2011-1592 at SUSECVE-2011-1592 at NVDCVE-2011-1957 at SUSECVE-2011-1957 at NVDCVE-2011-1958 at SUSECVE-2011-1958 at NVDCVE-2011-1959 at SUSECVE-2011-1959 at NVDCVE-2011-2174 at SUSECVE-2011-2174 at NVDCVE-2011-2175 at SUSECVE-2011-2175 at NVDCVE-2011-2597 at SUSECVE-2011-2597 at NVDCVE-2011-2698 at SUSECVE-2011-2698 at NVDCVE-2011-3266 at SUSECVE-2011-3266 at NVDCVE-2011-3360 at SUSECVE-2011-3360 at NVDCVE-2011-3483 at SUSECVE-2011-3483 at NVDcpe:/o:suse:suse_sles:11:sp2xdg-utils-1.0.2-36.18 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the xdg-utils-1.0.2-36.18 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-0386 at SUSECVE-2008-0386 at NVDcpe:/o:suse:suse_sles:11:sp2xen-4.1.2_14-0.5.5 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the xen-4.1.2_14-0.5.5 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-1320 at SUSECVE-2007-1320 at NVDCVE-2007-1321 at SUSECVE-2007-1321 at NVDCVE-2007-1322 at SUSECVE-2007-1322 at NVDCVE-2007-1323 at SUSECVE-2007-1323 at NVDCVE-2007-1366 at SUSECVE-2007-1366 at NVDCVE-2007-3919 at SUSECVE-2007-3919 at NVDCVE-2011-1898 at SUSECVE-2011-1898 at NVDCVE-2012-0029 at SUSECVE-2012-0029 at NVDcpe:/o:suse:suse_sles:11:sp2xorg-x11-7.4-9.47.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the xorg-x11-7.4-9.47.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2007-4568 at SUSECVE-2007-4568 at NVDCVE-2011-0465 at SUSECVE-2011-0465 at NVDcpe:/o:suse:suse_sles:11:sp2xorg-x11-Xvnc-7.4-27.60.5 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the xorg-x11-Xvnc-7.4-27.60.5 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-6101 at SUSECVE-2006-6101 at NVDCVE-2006-6102 at SUSECVE-2006-6102 at NVDCVE-2006-6103 at SUSECVE-2006-6103 at NVDCVE-2007-1003 at SUSECVE-2007-1003 at NVDCVE-2007-5760 at SUSECVE-2007-5760 at NVDCVE-2007-6427 at SUSECVE-2007-6427 at NVDCVE-2007-6428 at SUSECVE-2007-6428 at NVDCVE-2007-6429 at SUSECVE-2007-6429 at NVDCVE-2008-0006 at SUSECVE-2008-0006 at NVDCVE-2008-1377 at SUSECVE-2008-1377 at NVDCVE-2008-1379 at SUSECVE-2008-1379 at NVDCVE-2008-2360 at SUSECVE-2008-2360 at NVDCVE-2008-2361 at SUSECVE-2008-2361 at NVDCVE-2008-2362 at SUSECVE-2008-2362 at NVDCVE-2010-2240 at SUSECVE-2010-2240 at NVDCVE-2010-4818 at SUSECVE-2010-4818 at NVDCVE-2010-4819 at SUSECVE-2010-4819 at NVDCVE-2011-4028 at SUSECVE-2011-4028 at NVDCVE-2011-4029 at SUSECVE-2011-4029 at NVDcpe:/o:suse:suse_sles:11:sp2xorg-x11-libs-32bit-7.4-8.26.32.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the xorg-x11-libs-32bit-7.4-8.26.32.1 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-2895 at SUSECVE-2011-2895 at NVDcpe:/o:suse:suse_sles:11:sp2xterm-238-1.16 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the xterm-238-1.16 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-2383 at SUSECVE-2008-2383 at NVDcpe:/o:suse:suse_sles:11:sp2yast2-2.17.119-0.5.25 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the yast2-2.17.119-0.5.25 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2011-3177 at SUSECVE-2011-3177 at NVDcpe:/o:suse:suse_sles:11:sp2yast2-core-2.17.44-0.5.3 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the yast2-core-2.17.44-0.5.3 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2008-4311 at SUSECVE-2008-4311 at NVDCVE-2011-2483 at SUSECVE-2011-2483 at NVDCVE-2011-3177 at SUSECVE-2011-3177 at NVDcpe:/o:suse:suse_sles:11:sp2zoo-2.10-911.22 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP2
These are all security issues fixed in the zoo-2.10-911.22 package on the GA media of SUSE Linux Enterprise Server 11 SP2. ModerateCVE-2006-0855 at SUSECVE-2006-0855 at NVDCVE-2007-1669 at SUSECVE-2007-1669 at NVDcpe:/o:suse:suse_sles:11:sp2LibVNCServer-0.9.1-154.24 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the LibVNCServer-0.9.1-154.24 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-2450 at SUSECVE-2006-2450 at NVDcpe:/o:suse:suse_sles:11:sp3Mesa-32bit-9.0.3-0.17.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the Mesa-32bit-9.0.3-0.17.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2013-1993 at SUSECVE-2013-1993 at NVDcpe:/o:suse:suse_sles:11:sp3MozillaFirefox-17.0.4esr-0.10.42 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the MozillaFirefox-17.0.4esr-0.10.42 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-6077 at SUSECVE-2006-6077 at NVDCVE-2007-0008 at SUSECVE-2007-0008 at NVDCVE-2007-0009 at SUSECVE-2007-0009 at NVDCVE-2007-0078 at SUSECVE-2007-0078 at NVDCVE-2007-0079 at SUSECVE-2007-0079 at NVDCVE-2007-0775 at SUSECVE-2007-0775 at NVDCVE-2007-0776 at SUSECVE-2007-0776 at NVDCVE-2007-0777 at SUSECVE-2007-0777 at NVDCVE-2007-0780 at SUSECVE-2007-0780 at NVDCVE-2007-0800 at SUSECVE-2007-0800 at NVDCVE-2007-0981 at SUSECVE-2007-0981 at NVDCVE-2007-0995 at SUSECVE-2007-0995 at NVDCVE-2007-0996 at SUSECVE-2007-0996 at NVDCVE-2007-3089 at SUSECVE-2007-3089 at NVDCVE-2007-3285 at SUSECVE-2007-3285 at NVDCVE-2007-3656 at SUSECVE-2007-3656 at NVDCVE-2007-3670 at SUSECVE-2007-3670 at NVDCVE-2007-3734 at SUSECVE-2007-3734 at NVDCVE-2007-3735 at SUSECVE-2007-3735 at NVDCVE-2007-3736 at SUSECVE-2007-3736 at NVDCVE-2007-3737 at SUSECVE-2007-3737 at NVDCVE-2007-3738 at SUSECVE-2007-3738 at NVDCVE-2008-0412 at SUSECVE-2008-0412 at NVDCVE-2008-0414 at SUSECVE-2008-0414 at NVDCVE-2008-0415 at SUSECVE-2008-0415 at NVDCVE-2008-0417 at SUSECVE-2008-0417 at NVDCVE-2008-0418 at SUSECVE-2008-0418 at NVDCVE-2008-0419 at SUSECVE-2008-0419 at NVDCVE-2008-0591 at SUSECVE-2008-0591 at NVDCVE-2008-0592 at SUSECVE-2008-0592 at NVDCVE-2008-0593 at SUSECVE-2008-0593 at NVDCVE-2008-0594 at SUSECVE-2008-0594 at NVDCVE-2008-3836 at SUSECVE-2008-3836 at NVDCVE-2008-4063 at SUSECVE-2008-4063 at NVDCVE-2008-4064 at SUSECVE-2008-4064 at NVDCVE-2008-4070 at SUSECVE-2008-4070 at NVDCVE-2008-5913 at SUSECVE-2008-5913 at NVDCVE-2009-0040 at SUSECVE-2009-0040 at NVDCVE-2009-0352 at SUSECVE-2009-0352 at NVDCVE-2009-0353 at SUSECVE-2009-0353 at NVDCVE-2009-0354 at SUSECVE-2009-0354 at NVDCVE-2009-0355 at SUSECVE-2009-0355 at NVDCVE-2009-0356 at SUSECVE-2009-0356 at NVDCVE-2009-0357 at SUSECVE-2009-0357 at NVDCVE-2009-0358 at SUSECVE-2009-0358 at NVDCVE-2009-0652 at SUSECVE-2009-0652 at NVDCVE-2009-0771 at SUSECVE-2009-0771 at NVDCVE-2009-0772 at SUSECVE-2009-0772 at NVDCVE-2009-0773 at SUSECVE-2009-0773 at NVDCVE-2009-0774 at SUSECVE-2009-0774 at NVDCVE-2009-0775 at SUSECVE-2009-0775 at NVDCVE-2009-0776 at SUSECVE-2009-0776 at NVDCVE-2009-0777 at SUSECVE-2009-0777 at NVDCVE-2009-1044 at SUSECVE-2009-1044 at NVDCVE-2009-1169 at SUSECVE-2009-1169 at NVDCVE-2009-1302 at SUSECVE-2009-1302 at NVDCVE-2009-1303 at SUSECVE-2009-1303 at NVDCVE-2009-1304 at SUSECVE-2009-1304 at NVDCVE-2009-1305 at SUSECVE-2009-1305 at NVDCVE-2009-1306 at SUSECVE-2009-1306 at NVDCVE-2009-1307 at SUSECVE-2009-1307 at NVDCVE-2009-1308 at SUSECVE-2009-1308 at NVDCVE-2009-1309 at SUSECVE-2009-1309 at NVDCVE-2009-1310 at SUSECVE-2009-1310 at NVDCVE-2009-1311 at SUSECVE-2009-1311 at NVDCVE-2009-1312 at SUSECVE-2009-1312 at NVDCVE-2009-1313 at SUSECVE-2009-1313 at NVDCVE-2009-1563 at SUSECVE-2009-1563 at NVDCVE-2009-1571 at SUSECVE-2009-1571 at NVDCVE-2009-2470 at SUSECVE-2009-2470 at NVDCVE-2009-2654 at SUSECVE-2009-2654 at NVDCVE-2009-3069 at SUSECVE-2009-3069 at NVDCVE-2009-3070 at SUSECVE-2009-3070 at NVDCVE-2009-3071 at SUSECVE-2009-3071 at NVDCVE-2009-3072 at SUSECVE-2009-3072 at NVDCVE-2009-3073 at SUSECVE-2009-3073 at NVDCVE-2009-3074 at SUSECVE-2009-3074 at NVDCVE-2009-3075 at SUSECVE-2009-3075 at NVDCVE-2009-3077 at SUSECVE-2009-3077 at NVDCVE-2009-3078 at SUSECVE-2009-3078 at NVDCVE-2009-3079 at SUSECVE-2009-3079 at NVDCVE-2009-3274 at SUSECVE-2009-3274 at NVDCVE-2009-3370 at SUSECVE-2009-3370 at NVDCVE-2009-3371 at SUSECVE-2009-3371 at NVDCVE-2009-3372 at SUSECVE-2009-3372 at NVDCVE-2009-3373 at SUSECVE-2009-3373 at NVDCVE-2009-3374 at SUSECVE-2009-3374 at NVDCVE-2009-3375 at SUSECVE-2009-3375 at NVDCVE-2009-3376 at SUSECVE-2009-3376 at NVDCVE-2009-3377 at SUSECVE-2009-3377 at NVDCVE-2009-3378 at SUSECVE-2009-3378 at NVDCVE-2009-3379 at SUSECVE-2009-3379 at NVDCVE-2009-3380 at SUSECVE-2009-3380 at NVDCVE-2009-3381 at SUSECVE-2009-3381 at NVDCVE-2009-3383 at SUSECVE-2009-3383 at NVDCVE-2009-3388 at SUSECVE-2009-3388 at NVDCVE-2009-3389 at SUSECVE-2009-3389 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2009-3979 at SUSECVE-2009-3979 at NVDCVE-2009-3980 at SUSECVE-2009-3980 at NVDCVE-2009-3982 at SUSECVE-2009-3982 at NVDCVE-2009-3983 at SUSECVE-2009-3983 at NVDCVE-2009-3984 at SUSECVE-2009-3984 at NVDCVE-2009-3985 at SUSECVE-2009-3985 at NVDCVE-2009-3988 at SUSECVE-2009-3988 at NVDCVE-2010-0159 at SUSECVE-2010-0159 at NVDCVE-2010-0160 at SUSECVE-2010-0160 at NVDCVE-2010-0162 at SUSECVE-2010-0162 at NVDCVE-2010-0173 at SUSECVE-2010-0173 at NVDCVE-2010-0174 at SUSECVE-2010-0174 at NVDCVE-2010-0175 at SUSECVE-2010-0175 at NVDCVE-2010-0176 at SUSECVE-2010-0176 at NVDCVE-2010-0177 at SUSECVE-2010-0177 at NVDCVE-2010-0178 at SUSECVE-2010-0178 at NVDCVE-2010-0179 at SUSECVE-2010-0179 at NVDCVE-2010-0181 at SUSECVE-2010-0181 at NVDCVE-2010-0182 at SUSECVE-2010-0182 at NVDCVE-2010-0183 at SUSECVE-2010-0183 at NVDCVE-2010-0654 at SUSECVE-2010-0654 at NVDCVE-2010-1121 at SUSECVE-2010-1121 at NVDCVE-2010-1125 at SUSECVE-2010-1125 at NVDCVE-2010-1196 at SUSECVE-2010-1196 at NVDCVE-2010-1197 at SUSECVE-2010-1197 at NVDCVE-2010-1198 at SUSECVE-2010-1198 at NVDCVE-2010-1199 at SUSECVE-2010-1199 at NVDCVE-2010-1200 at SUSECVE-2010-1200 at NVDCVE-2010-1201 at SUSECVE-2010-1201 at NVDCVE-2010-1202 at SUSECVE-2010-1202 at NVDCVE-2010-1203 at SUSECVE-2010-1203 at NVDCVE-2010-1205 at SUSECVE-2010-1205 at NVDCVE-2010-1206 at SUSECVE-2010-1206 at NVDCVE-2010-1208 at SUSECVE-2010-1208 at NVDCVE-2010-1209 at SUSECVE-2010-1209 at NVDCVE-2010-1211 at SUSECVE-2010-1211 at NVDCVE-2010-1212 at SUSECVE-2010-1212 at NVDCVE-2010-1213 at SUSECVE-2010-1213 at NVDCVE-2010-1214 at SUSECVE-2010-1214 at NVDCVE-2010-1585 at SUSECVE-2010-1585 at NVDCVE-2010-2751 at SUSECVE-2010-2751 at NVDCVE-2010-2752 at SUSECVE-2010-2752 at NVDCVE-2010-2753 at SUSECVE-2010-2753 at NVDCVE-2010-2754 at SUSECVE-2010-2754 at NVDCVE-2010-2755 at SUSECVE-2010-2755 at NVDCVE-2010-2760 at SUSECVE-2010-2760 at NVDCVE-2010-2762 at SUSECVE-2010-2762 at NVDCVE-2010-2764 at SUSECVE-2010-2764 at NVDCVE-2010-2765 at SUSECVE-2010-2765 at NVDCVE-2010-2766 at SUSECVE-2010-2766 at NVDCVE-2010-2767 at SUSECVE-2010-2767 at NVDCVE-2010-2768 at SUSECVE-2010-2768 at NVDCVE-2010-2769 at SUSECVE-2010-2769 at NVDCVE-2010-3166 at SUSECVE-2010-3166 at NVDCVE-2010-3167 at SUSECVE-2010-3167 at NVDCVE-2010-3168 at SUSECVE-2010-3168 at NVDCVE-2010-3169 at SUSECVE-2010-3169 at NVDCVE-2010-3170 at SUSECVE-2010-3170 at NVDCVE-2010-3173 at SUSECVE-2010-3173 at NVDCVE-2010-3174 at SUSECVE-2010-3174 at NVDCVE-2010-3175 at SUSECVE-2010-3175 at NVDCVE-2010-3176 at SUSECVE-2010-3176 at NVDCVE-2010-3177 at SUSECVE-2010-3177 at NVDCVE-2010-3178 at SUSECVE-2010-3178 at NVDCVE-2010-3179 at SUSECVE-2010-3179 at NVDCVE-2010-3180 at SUSECVE-2010-3180 at NVDCVE-2010-3182 at SUSECVE-2010-3182 at NVDCVE-2010-3183 at SUSECVE-2010-3183 at NVDCVE-2010-3765 at SUSECVE-2010-3765 at NVDCVE-2010-3766 at SUSECVE-2010-3766 at NVDCVE-2010-3767 at SUSECVE-2010-3767 at NVDCVE-2010-3768 at SUSECVE-2010-3768 at NVDCVE-2010-3769 at SUSECVE-2010-3769 at NVDCVE-2010-3770 at SUSECVE-2010-3770 at NVDCVE-2010-3771 at SUSECVE-2010-3771 at NVDCVE-2010-3772 at SUSECVE-2010-3772 at NVDCVE-2010-3773 at SUSECVE-2010-3773 at NVDCVE-2010-3775 at SUSECVE-2010-3775 at NVDCVE-2010-3776 at SUSECVE-2010-3776 at NVDCVE-2010-3777 at SUSECVE-2010-3777 at NVDCVE-2010-3778 at SUSECVE-2010-3778 at NVDCVE-2011-0051 at SUSECVE-2011-0051 at NVDCVE-2011-0053 at SUSECVE-2011-0053 at NVDCVE-2011-0054 at SUSECVE-2011-0054 at NVDCVE-2011-0055 at SUSECVE-2011-0055 at NVDCVE-2011-0056 at SUSECVE-2011-0056 at NVDCVE-2011-0057 at SUSECVE-2011-0057 at NVDCVE-2011-0059 at SUSECVE-2011-0059 at NVDCVE-2011-0061 at SUSECVE-2011-0061 at NVDCVE-2011-0062 at SUSECVE-2011-0062 at NVDCVE-2011-0065 at SUSECVE-2011-0065 at NVDCVE-2011-0066 at SUSECVE-2011-0066 at NVDCVE-2011-0067 at SUSECVE-2011-0067 at NVDCVE-2011-0069 at SUSECVE-2011-0069 at NVDCVE-2011-0070 at SUSECVE-2011-0070 at NVDCVE-2011-0072 at SUSECVE-2011-0072 at NVDCVE-2011-0073 at SUSECVE-2011-0073 at NVDCVE-2011-0074 at SUSECVE-2011-0074 at NVDCVE-2011-0075 at SUSECVE-2011-0075 at NVDCVE-2011-0077 at SUSECVE-2011-0077 at NVDCVE-2011-0078 at SUSECVE-2011-0078 at NVDCVE-2011-0080 at SUSECVE-2011-0080 at NVDCVE-2011-0081 at SUSECVE-2011-0081 at NVDCVE-2011-0083 at SUSECVE-2011-0083 at NVDCVE-2011-0084 at SUSECVE-2011-0084 at NVDCVE-2011-0085 at SUSECVE-2011-0085 at NVDCVE-2011-1202 at SUSECVE-2011-1202 at NVDCVE-2011-2362 at SUSECVE-2011-2362 at NVDCVE-2011-2363 at SUSECVE-2011-2363 at NVDCVE-2011-2364 at SUSECVE-2011-2364 at NVDCVE-2011-2365 at SUSECVE-2011-2365 at NVDCVE-2011-2371 at SUSECVE-2011-2371 at NVDCVE-2011-2372 at SUSECVE-2011-2372 at NVDCVE-2011-2373 at SUSECVE-2011-2373 at NVDCVE-2011-2374 at SUSECVE-2011-2374 at NVDCVE-2011-2376 at SUSECVE-2011-2376 at NVDCVE-2011-2377 at SUSECVE-2011-2377 at NVDCVE-2011-2378 at SUSECVE-2011-2378 at NVDCVE-2011-2980 at SUSECVE-2011-2980 at NVDCVE-2011-2981 at SUSECVE-2011-2981 at NVDCVE-2011-2982 at SUSECVE-2011-2982 at NVDCVE-2011-2983 at SUSECVE-2011-2983 at NVDCVE-2011-2995 at SUSECVE-2011-2995 at NVDCVE-2011-2996 at SUSECVE-2011-2996 at NVDCVE-2011-2997 at SUSECVE-2011-2997 at NVDCVE-2011-3000 at SUSECVE-2011-3000 at NVDCVE-2011-3001 at SUSECVE-2011-3001 at NVDCVE-2011-3002 at SUSECVE-2011-3002 at NVDCVE-2011-3003 at SUSECVE-2011-3003 at NVDCVE-2011-3004 at SUSECVE-2011-3004 at NVDCVE-2011-3005 at SUSECVE-2011-3005 at NVDCVE-2011-3026 at SUSECVE-2011-3026 at NVDCVE-2011-3062 at SUSECVE-2011-3062 at NVDCVE-2011-3101 at SUSECVE-2011-3101 at NVDCVE-2011-3232 at SUSECVE-2011-3232 at NVDCVE-2011-3658 at SUSECVE-2011-3658 at NVDCVE-2011-3660 at SUSECVE-2011-3660 at NVDCVE-2011-3661 at SUSECVE-2011-3661 at NVDCVE-2011-3663 at SUSECVE-2011-3663 at NVDCVE-2011-3665 at SUSECVE-2011-3665 at NVDCVE-2012-0441 at SUSECVE-2012-0441 at NVDCVE-2012-0452 at SUSECVE-2012-0452 at NVDCVE-2012-0467 at SUSECVE-2012-0467 at NVDCVE-2012-0468 at SUSECVE-2012-0468 at NVDCVE-2012-0469 at SUSECVE-2012-0469 at NVDCVE-2012-0470 at SUSECVE-2012-0470 at NVDCVE-2012-0471 at SUSECVE-2012-0471 at NVDCVE-2012-0472 at SUSECVE-2012-0472 at NVDCVE-2012-0473 at SUSECVE-2012-0473 at NVDCVE-2012-0474 at SUSECVE-2012-0474 at NVDCVE-2012-0477 at SUSECVE-2012-0477 at NVDCVE-2012-0478 at SUSECVE-2012-0478 at NVDCVE-2012-0479 at SUSECVE-2012-0479 at NVDCVE-2012-0759 at SUSECVE-2012-0759 at NVDCVE-2012-1937 at SUSECVE-2012-1937 at NVDCVE-2012-1939 at SUSECVE-2012-1939 at NVDCVE-2012-1940 at SUSECVE-2012-1940 at NVDCVE-2012-1941 at SUSECVE-2012-1941 at NVDCVE-2012-1944 at SUSECVE-2012-1944 at NVDCVE-2012-1945 at SUSECVE-2012-1945 at NVDCVE-2012-1946 at SUSECVE-2012-1946 at NVDCVE-2012-1947 at SUSECVE-2012-1947 at NVDCVE-2012-1948 at SUSECVE-2012-1948 at NVDCVE-2012-1949 at SUSECVE-2012-1949 at NVDCVE-2012-1950 at SUSECVE-2012-1950 at NVDCVE-2012-1951 at SUSECVE-2012-1951 at NVDCVE-2012-1952 at SUSECVE-2012-1952 at NVDCVE-2012-1953 at SUSECVE-2012-1953 at NVDCVE-2012-1954 at SUSECVE-2012-1954 at NVDCVE-2012-1955 at SUSECVE-2012-1955 at NVDCVE-2012-1956 at SUSECVE-2012-1956 at NVDCVE-2012-1957 at SUSECVE-2012-1957 at NVDCVE-2012-1958 at SUSECVE-2012-1958 at NVDCVE-2012-1959 at SUSECVE-2012-1959 at NVDCVE-2012-1960 at SUSECVE-2012-1960 at NVDCVE-2012-1961 at SUSECVE-2012-1961 at NVDCVE-2012-1962 at SUSECVE-2012-1962 at NVDCVE-2012-1963 at SUSECVE-2012-1963 at NVDCVE-2012-1964 at SUSECVE-2012-1964 at NVDCVE-2012-1965 at SUSECVE-2012-1965 at NVDCVE-2012-1966 at SUSECVE-2012-1966 at NVDCVE-2012-1967 at SUSECVE-2012-1967 at NVDCVE-2012-1970 at SUSECVE-2012-1970 at NVDCVE-2012-1972 at SUSECVE-2012-1972 at NVDCVE-2012-1973 at SUSECVE-2012-1973 at NVDCVE-2012-1974 at SUSECVE-2012-1974 at NVDCVE-2012-1975 at SUSECVE-2012-1975 at NVDCVE-2012-1976 at SUSECVE-2012-1976 at NVDCVE-2012-3956 at SUSECVE-2012-3956 at NVDCVE-2012-3957 at SUSECVE-2012-3957 at NVDCVE-2012-3958 at SUSECVE-2012-3958 at NVDCVE-2012-3959 at SUSECVE-2012-3959 at NVDCVE-2012-3960 at SUSECVE-2012-3960 at NVDCVE-2012-3961 at SUSECVE-2012-3961 at NVDCVE-2012-3962 at SUSECVE-2012-3962 at NVDCVE-2012-3963 at SUSECVE-2012-3963 at NVDCVE-2012-3964 at SUSECVE-2012-3964 at NVDCVE-2012-3966 at SUSECVE-2012-3966 at NVDCVE-2012-3967 at SUSECVE-2012-3967 at NVDCVE-2012-3968 at SUSECVE-2012-3968 at NVDCVE-2012-3969 at SUSECVE-2012-3969 at NVDCVE-2012-3970 at SUSECVE-2012-3970 at NVDCVE-2012-3972 at SUSECVE-2012-3972 at NVDCVE-2012-3976 at SUSECVE-2012-3976 at NVDCVE-2012-3978 at SUSECVE-2012-3978 at NVDCVE-2012-3980 at SUSECVE-2012-3980 at NVDCVE-2012-3982 at SUSECVE-2012-3982 at NVDCVE-2012-3986 at SUSECVE-2012-3986 at NVDCVE-2012-3988 at SUSECVE-2012-3988 at NVDCVE-2012-3990 at SUSECVE-2012-3990 at NVDCVE-2012-3991 at SUSECVE-2012-3991 at NVDCVE-2012-3992 at SUSECVE-2012-3992 at NVDCVE-2012-3993 at SUSECVE-2012-3993 at NVDCVE-2012-3994 at SUSECVE-2012-3994 at NVDCVE-2012-3995 at SUSECVE-2012-3995 at NVDCVE-2012-4179 at SUSECVE-2012-4179 at NVDCVE-2012-4180 at SUSECVE-2012-4180 at NVDCVE-2012-4181 at SUSECVE-2012-4181 at NVDCVE-2012-4182 at SUSECVE-2012-4182 at NVDCVE-2012-4183 at SUSECVE-2012-4183 at NVDCVE-2012-4184 at SUSECVE-2012-4184 at NVDCVE-2012-4185 at SUSECVE-2012-4185 at NVDCVE-2012-4186 at SUSECVE-2012-4186 at NVDCVE-2012-4187 at SUSECVE-2012-4187 at NVDCVE-2012-4188 at SUSECVE-2012-4188 at NVDCVE-2012-4192 at SUSECVE-2012-4192 at NVDCVE-2012-4193 at SUSECVE-2012-4193 at NVDCVE-2012-4194 at SUSECVE-2012-4194 at NVDCVE-2012-4195 at SUSECVE-2012-4195 at NVDCVE-2012-4196 at SUSECVE-2012-4196 at NVDCVE-2012-4201 at SUSECVE-2012-4201 at NVDCVE-2012-4202 at SUSECVE-2012-4202 at NVDCVE-2012-4207 at SUSECVE-2012-4207 at NVDCVE-2012-4209 at SUSECVE-2012-4209 at NVDCVE-2012-4210 at SUSECVE-2012-4210 at NVDCVE-2012-4212 at SUSECVE-2012-4212 at NVDCVE-2012-4213 at SUSECVE-2012-4213 at NVDCVE-2012-4214 at SUSECVE-2012-4214 at NVDCVE-2012-4215 at SUSECVE-2012-4215 at NVDCVE-2012-4216 at SUSECVE-2012-4216 at NVDCVE-2012-4217 at SUSECVE-2012-4217 at NVDCVE-2012-4218 at SUSECVE-2012-4218 at NVDCVE-2012-5829 at SUSECVE-2012-5829 at NVDCVE-2012-5830 at SUSECVE-2012-5830 at NVDCVE-2012-5833 at SUSECVE-2012-5833 at NVDCVE-2012-5835 at SUSECVE-2012-5835 at NVDCVE-2012-5838 at SUSECVE-2012-5838 at NVDCVE-2012-5839 at SUSECVE-2012-5839 at NVDCVE-2012-5840 at SUSECVE-2012-5840 at NVDCVE-2012-5841 at SUSECVE-2012-5841 at NVDCVE-2012-5842 at SUSECVE-2012-5842 at NVDCVE-2012-5843 at SUSECVE-2012-5843 at NVDCVE-2013-0744 at SUSECVE-2013-0744 at NVDCVE-2013-0745 at SUSECVE-2013-0745 at NVDCVE-2013-0746 at SUSECVE-2013-0746 at NVDCVE-2013-0747 at SUSECVE-2013-0747 at NVDCVE-2013-0748 at SUSECVE-2013-0748 at NVDCVE-2013-0749 at SUSECVE-2013-0749 at NVDCVE-2013-0750 at SUSECVE-2013-0750 at NVDCVE-2013-0752 at SUSECVE-2013-0752 at NVDCVE-2013-0753 at SUSECVE-2013-0753 at NVDCVE-2013-0754 at SUSECVE-2013-0754 at NVDCVE-2013-0755 at SUSECVE-2013-0755 at NVDCVE-2013-0756 at SUSECVE-2013-0756 at NVDCVE-2013-0757 at SUSECVE-2013-0757 at NVDCVE-2013-0758 at SUSECVE-2013-0758 at NVDCVE-2013-0760 at SUSECVE-2013-0760 at NVDCVE-2013-0761 at SUSECVE-2013-0761 at NVDCVE-2013-0762 at SUSECVE-2013-0762 at NVDCVE-2013-0763 at SUSECVE-2013-0763 at NVDCVE-2013-0764 at SUSECVE-2013-0764 at NVDCVE-2013-0766 at SUSECVE-2013-0766 at NVDCVE-2013-0767 at SUSECVE-2013-0767 at NVDCVE-2013-0768 at SUSECVE-2013-0768 at NVDCVE-2013-0769 at SUSECVE-2013-0769 at NVDCVE-2013-0770 at SUSECVE-2013-0770 at NVDCVE-2013-0771 at SUSECVE-2013-0771 at NVDCVE-2013-0773 at SUSECVE-2013-0773 at NVDCVE-2013-0774 at SUSECVE-2013-0774 at NVDCVE-2013-0775 at SUSECVE-2013-0775 at NVDCVE-2013-0776 at SUSECVE-2013-0776 at NVDCVE-2013-0780 at SUSECVE-2013-0780 at NVDCVE-2013-0782 at SUSECVE-2013-0782 at NVDCVE-2013-0783 at SUSECVE-2013-0783 at NVDCVE-2013-0787 at SUSECVE-2013-0787 at NVDcpe:/o:suse:suse_sles:11:sp3NetworkManager-0.7.1_git20090811-3.28.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the NetworkManager-0.7.1_git20090811-3.28.2 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-0365 at SUSECVE-2009-0365 at NVDCVE-2009-0578 at SUSECVE-2009-0578 at NVDcpe:/o:suse:suse_sles:11:sp3NetworkManager-gnome-0.7.1-5.22.28 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the NetworkManager-gnome-0.7.1-5.22.28 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-0365 at SUSECVE-2009-0365 at NVDCVE-2009-0578 at SUSECVE-2009-0578 at NVDCVE-2009-4144 at SUSECVE-2009-4144 at NVDCVE-2009-4145 at SUSECVE-2009-4145 at NVDcpe:/o:suse:suse_sles:11:sp3OpenEXR-1.6.1-83.17.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the OpenEXR-1.6.1-83.17.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-1720 at SUSECVE-2009-1720 at NVDCVE-2009-1721 at SUSECVE-2009-1721 at NVDcpe:/o:suse:suse_sles:11:sp3PackageKit-0.3.14-2.28.46 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the PackageKit-0.3.14-2.28.46 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-4311 at SUSECVE-2008-4311 at NVDcpe:/o:suse:suse_sles:11:sp3PolicyKit-0.9-14.41.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the PolicyKit-0.9-14.41.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-1658 at SUSECVE-2008-1658 at NVDcpe:/o:suse:suse_sles:11:sp3aaa_base-11-6.90.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the aaa_base-11-6.90.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-0461 at SUSECVE-2011-0461 at NVDcpe:/o:suse:suse_sles:11:sp3acpid-1.0.6-91.25.20 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the acpid-1.0.6-91.25.20 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-0798 at SUSECVE-2009-0798 at NVDCVE-2011-4578 at SUSECVE-2011-4578 at NVDcpe:/o:suse:suse_sles:11:sp3amavisd-new-2.7.0-18.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the amavisd-new-2.7.0-18.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2005-1349 at SUSECVE-2005-1349 at NVDcpe:/o:suse:suse_sles:11:sp3ant-1.7.1-20.9.53 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the ant-1.7.1-20.9.53 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2012-2098 at SUSECVE-2012-2098 at NVDcpe:/o:suse:suse_sles:11:sp3apache2-2.2.12-1.38.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the apache2-2.2.12-1.38.2 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-3747 at SUSECVE-2006-3747 at NVDCVE-2006-5752 at SUSECVE-2006-5752 at NVDCVE-2007-1862 at SUSECVE-2007-1862 at NVDCVE-2007-1863 at SUSECVE-2007-1863 at NVDCVE-2007-3304 at SUSECVE-2007-3304 at NVDCVE-2007-3847 at SUSECVE-2007-3847 at NVDCVE-2007-4465 at SUSECVE-2007-4465 at NVDCVE-2007-5000 at SUSECVE-2007-5000 at NVDCVE-2007-6388 at SUSECVE-2007-6388 at NVDCVE-2007-6420 at SUSECVE-2007-6420 at NVDCVE-2007-6421 at SUSECVE-2007-6421 at NVDCVE-2007-6422 at SUSECVE-2007-6422 at NVDCVE-2007-6750 at SUSECVE-2007-6750 at NVDCVE-2008-0005 at SUSECVE-2008-0005 at NVDCVE-2008-1678 at SUSECVE-2008-1678 at NVDCVE-2008-2364 at SUSECVE-2008-2364 at NVDCVE-2008-2939 at SUSECVE-2008-2939 at NVDCVE-2009-1191 at SUSECVE-2009-1191 at NVDCVE-2009-1195 at SUSECVE-2009-1195 at NVDCVE-2009-1890 at SUSECVE-2009-1890 at NVDCVE-2009-1891 at SUSECVE-2009-1891 at NVDCVE-2009-3094 at SUSECVE-2009-3094 at NVDCVE-2009-3095 at SUSECVE-2009-3095 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2010-0408 at SUSECVE-2010-0408 at NVDCVE-2010-0434 at SUSECVE-2010-0434 at NVDCVE-2010-1452 at SUSECVE-2010-1452 at NVDCVE-2010-2068 at SUSECVE-2010-2068 at NVDCVE-2011-3192 at SUSECVE-2011-3192 at NVDCVE-2011-3348 at SUSECVE-2011-3348 at NVDCVE-2011-3368 at SUSECVE-2011-3368 at NVDCVE-2011-3607 at SUSECVE-2011-3607 at NVDCVE-2011-3639 at SUSECVE-2011-3639 at NVDCVE-2011-4317 at SUSECVE-2011-4317 at NVDCVE-2012-0031 at SUSECVE-2012-0031 at NVDCVE-2012-0053 at SUSECVE-2012-0053 at NVDCVE-2012-0883 at SUSECVE-2012-0883 at NVDCVE-2012-2687 at SUSECVE-2012-2687 at NVDCVE-2012-3499 at SUSECVE-2012-3499 at NVDCVE-2012-4557 at SUSECVE-2012-4557 at NVDCVE-2012-4558 at SUSECVE-2012-4558 at NVDcpe:/o:suse:suse_sles:11:sp3apache2-mod_jk-1.2.26-1.30.110 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the apache2-mod_jk-1.2.26-1.30.110 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-0774 at SUSECVE-2007-0774 at NVDCVE-2008-5519 at SUSECVE-2008-5519 at NVDcpe:/o:suse:suse_sles:11:sp3apache2-mod_perl-2.0.4-40.19 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the apache2-mod_perl-2.0.4-40.19 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-1349 at SUSECVE-2007-1349 at NVDcpe:/o:suse:suse_sles:11:sp3apache2-mod_php53-5.3.17-0.13.7 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the apache2-mod_php53-5.3.17-0.13.7 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-7243 at SUSECVE-2006-7243 at NVDCVE-2007-4783 at SUSECVE-2007-4783 at NVDCVE-2007-4840 at SUSECVE-2007-4840 at NVDCVE-2007-4887 at SUSECVE-2007-4887 at NVDCVE-2008-0599 at SUSECVE-2008-0599 at NVDCVE-2010-2225 at SUSECVE-2010-2225 at NVDCVE-2010-2950 at SUSECVE-2010-2950 at NVDCVE-2010-3436 at SUSECVE-2010-3436 at NVDCVE-2010-3709 at SUSECVE-2010-3709 at NVDCVE-2010-3710 at SUSECVE-2010-3710 at NVDCVE-2010-4150 at SUSECVE-2010-4150 at NVDCVE-2010-4645 at SUSECVE-2010-4645 at NVDCVE-2011-0420 at SUSECVE-2011-0420 at NVDCVE-2011-0421 at SUSECVE-2011-0421 at NVDCVE-2011-0708 at SUSECVE-2011-0708 at NVDCVE-2011-1092 at SUSECVE-2011-1092 at NVDCVE-2011-1153 at SUSECVE-2011-1153 at NVDCVE-2011-1398 at SUSECVE-2011-1398 at NVDCVE-2011-1466 at SUSECVE-2011-1466 at NVDCVE-2011-2202 at SUSECVE-2011-2202 at NVDCVE-2011-3379 at SUSECVE-2011-3379 at NVDCVE-2011-4153 at SUSECVE-2011-4153 at NVDCVE-2011-4388 at SUSECVE-2011-4388 at NVDCVE-2011-4566 at SUSECVE-2011-4566 at NVDCVE-2011-4885 at SUSECVE-2011-4885 at NVDCVE-2012-0057 at SUSECVE-2012-0057 at NVDCVE-2012-0781 at SUSECVE-2012-0781 at NVDCVE-2012-0788 at SUSECVE-2012-0788 at NVDCVE-2012-0789 at SUSECVE-2012-0789 at NVDCVE-2012-0807 at SUSECVE-2012-0807 at NVDCVE-2012-0830 at SUSECVE-2012-0830 at NVDCVE-2012-0831 at SUSECVE-2012-0831 at NVDCVE-2012-1172 at SUSECVE-2012-1172 at NVDCVE-2012-1823 at SUSECVE-2012-1823 at NVDCVE-2012-2143 at SUSECVE-2012-2143 at NVDCVE-2012-2311 at SUSECVE-2012-2311 at NVDCVE-2012-2335 at SUSECVE-2012-2335 at NVDCVE-2012-2336 at SUSECVE-2012-2336 at NVDCVE-2012-2386 at SUSECVE-2012-2386 at NVDCVE-2012-2688 at SUSECVE-2012-2688 at NVDCVE-2012-3365 at SUSECVE-2012-3365 at NVDCVE-2013-1635 at SUSECVE-2013-1635 at NVDCVE-2013-1643 at SUSECVE-2013-1643 at NVDcpe:/o:suse:suse_sles:11:sp3apache2-mod_security2-2.7.1-0.2.12.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the apache2-mod_security2-2.7.1-0.2.12.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-5031 at SUSECVE-2009-5031 at NVDCVE-2012-2751 at SUSECVE-2012-2751 at NVDCVE-2012-4528 at SUSECVE-2012-4528 at NVDCVE-2013-1915 at SUSECVE-2013-1915 at NVDcpe:/o:suse:suse_sles:11:sp3ark-4.3.5-0.3.3 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the ark-4.3.5-0.3.3 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-2725 at SUSECVE-2011-2725 at NVDcpe:/o:suse:suse_sles:11:sp3avahi-0.6.23-11.30.4 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the avahi-0.6.23-11.30.4 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-5461 at SUSECVE-2006-5461 at NVDCVE-2006-6870 at SUSECVE-2006-6870 at NVDCVE-2007-3372 at SUSECVE-2007-3372 at NVDCVE-2008-5081 at SUSECVE-2008-5081 at NVDCVE-2009-0758 at SUSECVE-2009-0758 at NVDcpe:/o:suse:suse_sles:11:sp3bind-9.6ESVR7P4-0.10.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the bind-9.6ESVR7P4-0.10.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-4339 at SUSECVE-2006-4339 at NVDCVE-2007-2925 at SUSECVE-2007-2925 at NVDCVE-2007-2926 at SUSECVE-2007-2926 at NVDCVE-2009-0696 at SUSECVE-2009-0696 at NVDCVE-2009-4022 at SUSECVE-2009-4022 at NVDCVE-2011-1910 at SUSECVE-2011-1910 at NVDCVE-2011-2464 at SUSECVE-2011-2464 at NVDCVE-2011-4313 at SUSECVE-2011-4313 at NVDCVE-2012-1667 at SUSECVE-2012-1667 at NVDCVE-2012-3817 at SUSECVE-2012-3817 at NVDCVE-2012-4244 at SUSECVE-2012-4244 at NVDCVE-2012-5166 at SUSECVE-2012-5166 at NVDcpe:/o:suse:suse_sles:11:sp3boost-license-1.36.0-12.3.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the boost-license-1.36.0-12.3.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-0171 at SUSECVE-2008-0171 at NVDcpe:/o:suse:suse_sles:11:sp3bzip2-1.0.5-34.253.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the bzip2-1.0.5-34.253.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-1372 at SUSECVE-2008-1372 at NVDCVE-2010-0405 at SUSECVE-2010-0405 at NVDcpe:/o:suse:suse_sles:11:sp3cifs-utils-5.1-0.11.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the cifs-utils-5.1-0.11.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-3403 at SUSECVE-2006-3403 at NVDCVE-2007-0452 at SUSECVE-2007-0452 at NVDCVE-2007-2444 at SUSECVE-2007-2444 at NVDCVE-2007-2446 at SUSECVE-2007-2446 at NVDCVE-2007-2447 at SUSECVE-2007-2447 at NVDCVE-2007-4138 at SUSECVE-2007-4138 at NVDCVE-2007-4572 at SUSECVE-2007-4572 at NVDCVE-2007-5398 at SUSECVE-2007-5398 at NVDCVE-2007-6015 at SUSECVE-2007-6015 at NVDCVE-2008-1105 at SUSECVE-2008-1105 at NVDCVE-2008-3789 at SUSECVE-2008-3789 at NVDCVE-2008-4314 at SUSECVE-2008-4314 at NVDCVE-2009-0022 at SUSECVE-2009-0022 at NVDCVE-2009-1886 at SUSECVE-2009-1886 at NVDCVE-2009-1888 at SUSECVE-2009-1888 at NVDCVE-2009-2813 at SUSECVE-2009-2813 at NVDCVE-2009-2906 at SUSECVE-2009-2906 at NVDCVE-2009-2948 at SUSECVE-2009-2948 at NVDCVE-2010-0547 at SUSECVE-2010-0547 at NVDCVE-2010-0728 at SUSECVE-2010-0728 at NVDCVE-2010-0787 at SUSECVE-2010-0787 at NVDCVE-2011-1678 at SUSECVE-2011-1678 at NVDCVE-2012-1586 at SUSECVE-2012-1586 at NVDcpe:/o:suse:suse_sles:11:sp3clamav-0.97.7-0.3.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the clamav-0.97.7-0.3.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-4182 at SUSECVE-2006-4182 at NVDCVE-2006-5295 at SUSECVE-2006-5295 at NVDCVE-2006-5874 at SUSECVE-2006-5874 at NVDCVE-2007-0897 at SUSECVE-2007-0897 at NVDCVE-2007-0898 at SUSECVE-2007-0898 at NVDCVE-2007-1745 at SUSECVE-2007-1745 at NVDCVE-2007-1997 at SUSECVE-2007-1997 at NVDCVE-2007-6335 at SUSECVE-2007-6335 at NVDCVE-2007-6336 at SUSECVE-2007-6336 at NVDCVE-2007-6337 at SUSECVE-2007-6337 at NVDCVE-2007-6595 at SUSECVE-2007-6595 at NVDCVE-2007-6596 at SUSECVE-2007-6596 at NVDCVE-2008-0318 at SUSECVE-2008-0318 at NVDCVE-2008-0728 at SUSECVE-2008-0728 at NVDCVE-2008-1100 at SUSECVE-2008-1100 at NVDCVE-2008-2713 at SUSECVE-2008-2713 at NVDCVE-2010-0405 at SUSECVE-2010-0405 at NVDCVE-2011-2721 at SUSECVE-2011-2721 at NVDCVE-2011-3627 at SUSECVE-2011-3627 at NVDCVE-2012-1457 at SUSECVE-2012-1457 at NVDCVE-2012-1458 at SUSECVE-2012-1458 at NVDCVE-2012-1459 at SUSECVE-2012-1459 at NVDcpe:/o:suse:suse_sles:11:sp3compat-libldap-2_3-0-2.3.37-2.24.36 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the compat-libldap-2_3-0-2.3.37-2.24.36 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2012-1164 at SUSECVE-2012-1164 at NVDcpe:/o:suse:suse_sles:11:sp3coolkey-1.1.0-22.24 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the coolkey-1.1.0-22.24 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-4129 at SUSECVE-2007-4129 at NVDcpe:/o:suse:suse_sles:11:sp3cron-4.1-194.207.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the cron-4.1-194.207.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-2607 at SUSECVE-2006-2607 at NVDCVE-2010-0424 at SUSECVE-2010-0424 at NVDcpe:/o:suse:suse_sles:11:sp3cups-1.3.9-8.46.46.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the cups-1.3.9-8.46.46.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-0104 at SUSECVE-2007-0104 at NVDCVE-2007-3387 at SUSECVE-2007-3387 at NVDCVE-2007-4351 at SUSECVE-2007-4351 at NVDCVE-2007-4352 at SUSECVE-2007-4352 at NVDCVE-2007-5392 at SUSECVE-2007-5392 at NVDCVE-2007-5393 at SUSECVE-2007-5393 at NVDCVE-2008-0047 at SUSECVE-2008-0047 at NVDCVE-2008-1373 at SUSECVE-2008-1373 at NVDCVE-2008-1693 at SUSECVE-2008-1693 at NVDCVE-2008-1722 at SUSECVE-2008-1722 at NVDCVE-2008-3641 at SUSECVE-2008-3641 at NVDCVE-2009-0163 at SUSECVE-2009-0163 at NVDCVE-2009-0949 at SUSECVE-2009-0949 at NVDCVE-2009-2820 at SUSECVE-2009-2820 at NVDCVE-2009-3553 at SUSECVE-2009-3553 at NVDCVE-2010-0302 at SUSECVE-2010-0302 at NVDCVE-2010-0393 at SUSECVE-2010-0393 at NVDCVE-2010-0540 at SUSECVE-2010-0540 at NVDCVE-2010-0542 at SUSECVE-2010-0542 at NVDCVE-2010-1748 at SUSECVE-2010-1748 at NVDCVE-2010-2431 at SUSECVE-2010-2431 at NVDCVE-2010-2432 at SUSECVE-2010-2432 at NVDCVE-2010-2941 at SUSECVE-2010-2941 at NVDCVE-2011-2896 at SUSECVE-2011-2896 at NVDCVE-2011-3170 at SUSECVE-2011-3170 at NVDcpe:/o:suse:suse_sles:11:sp3curl-7.19.7-1.26.8 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the curl-7.19.7-1.26.8 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-0037 at SUSECVE-2009-0037 at NVDCVE-2009-2417 at SUSECVE-2009-2417 at NVDCVE-2010-4180 at SUSECVE-2010-4180 at NVDCVE-2011-2192 at SUSECVE-2011-2192 at NVDCVE-2011-3389 at SUSECVE-2011-3389 at NVDCVE-2013-1944 at SUSECVE-2013-1944 at NVDcpe:/o:suse:suse_sles:11:sp3cvs-1.12.12-144.23.5.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the cvs-1.12.12-144.23.5.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2012-0804 at SUSECVE-2012-0804 at NVDcpe:/o:suse:suse_sles:11:sp3cyrus-imapd-2.3.11-60.65.64.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the cyrus-imapd-2.3.11-60.65.64.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-3235 at SUSECVE-2009-3235 at NVDCVE-2011-3372 at SUSECVE-2011-3372 at NVDcpe:/o:suse:suse_sles:11:sp3dbus-1-1.2.10-3.27.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the dbus-1-1.2.10-3.27.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-6107 at SUSECVE-2006-6107 at NVDCVE-2008-0595 at SUSECVE-2008-0595 at NVDCVE-2008-3834 at SUSECVE-2008-3834 at NVDCVE-2008-4311 at SUSECVE-2008-4311 at NVDCVE-2009-1189 at SUSECVE-2009-1189 at NVDCVE-2010-4352 at SUSECVE-2010-4352 at NVDCVE-2012-3524 at SUSECVE-2012-3524 at NVDcpe:/o:suse:suse_sles:11:sp3dbus-1-glib-0.76-34.22.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the dbus-1-glib-0.76-34.22.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2010-1172 at SUSECVE-2010-1172 at NVDcpe:/o:suse:suse_sles:11:sp3dhcp-4.2.4.P2-0.16.15 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the dhcp-4.2.4.P2-0.16.15 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-0692 at SUSECVE-2009-0692 at NVDCVE-2009-1892 at SUSECVE-2009-1892 at NVDCVE-2011-0997 at SUSECVE-2011-0997 at NVDCVE-2011-2748 at SUSECVE-2011-2748 at NVDCVE-2011-2749 at SUSECVE-2011-2749 at NVDCVE-2011-4539 at SUSECVE-2011-4539 at NVDCVE-2011-4868 at SUSECVE-2011-4868 at NVDCVE-2012-3570 at SUSECVE-2012-3570 at NVDCVE-2012-3571 at SUSECVE-2012-3571 at NVDCVE-2012-3954 at SUSECVE-2012-3954 at NVDCVE-2012-3955 at SUSECVE-2012-3955 at NVDCVE-2013-2266 at SUSECVE-2013-2266 at NVDcpe:/o:suse:suse_sles:11:sp3dhcpcd-3.2.3-44.30.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the dhcpcd-3.2.3-44.30.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-0997 at SUSECVE-2011-0997 at NVDcpe:/o:suse:suse_sles:11:sp3e2fsprogs-1.41.9-2.9.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the e2fsprogs-1.41.9-2.9.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-5497 at SUSECVE-2007-5497 at NVDcpe:/o:suse:suse_sles:11:sp3ecryptfs-utils-32bit-61-1.33.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the ecryptfs-utils-32bit-61-1.33.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-1831 at SUSECVE-2011-1831 at NVDCVE-2011-1832 at SUSECVE-2011-1832 at NVDCVE-2011-1833 at SUSECVE-2011-1833 at NVDCVE-2011-1834 at SUSECVE-2011-1834 at NVDCVE-2011-3145 at SUSECVE-2011-3145 at NVDcpe:/o:suse:suse_sles:11:sp3ed-0.2-1001.30.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the ed-0.2-1001.30.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-3916 at SUSECVE-2008-3916 at NVDcpe:/o:suse:suse_sles:11:sp3emacs-22.3-4.36.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the emacs-22.3-4.36.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-5795 at SUSECVE-2007-5795 at NVDcpe:/o:suse:suse_sles:11:sp3enscript-1.6.4-152.22.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the enscript-1.6.4-152.22.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-3863 at SUSECVE-2008-3863 at NVDCVE-2008-4306 at SUSECVE-2008-4306 at NVDcpe:/o:suse:suse_sles:11:sp3evince-2.28.2-0.7.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the evince-2.28.2-0.7.2 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-5864 at SUSECVE-2006-5864 at NVDCVE-2010-2640 at SUSECVE-2010-2640 at NVDCVE-2010-2641 at SUSECVE-2010-2641 at NVDCVE-2010-2642 at SUSECVE-2010-2642 at NVDCVE-2010-2643 at SUSECVE-2010-2643 at NVDcpe:/o:suse:suse_sles:11:sp3evolution-data-server-2.28.2-0.29.24 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the evolution-data-server-2.28.2-0.29.24 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-3257 at SUSECVE-2007-3257 at NVDcpe:/o:suse:suse_sles:11:sp3expat-2.0.1-88.34.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the expat-2.0.1-88.34.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-2625 at SUSECVE-2009-2625 at NVDCVE-2009-3560 at SUSECVE-2009-3560 at NVDCVE-2012-0876 at SUSECVE-2012-0876 at NVDCVE-2012-1147 at SUSECVE-2012-1147 at NVDCVE-2012-1148 at SUSECVE-2012-1148 at NVDcpe:/o:suse:suse_sles:11:sp3fetchmail-6.3.8.90-13.20.19.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the fetchmail-6.3.8.90-13.20.19.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-5867 at SUSECVE-2006-5867 at NVDCVE-2006-5974 at SUSECVE-2006-5974 at NVDCVE-2007-1558 at SUSECVE-2007-1558 at NVDCVE-2007-4565 at SUSECVE-2007-4565 at NVDCVE-2009-2666 at SUSECVE-2009-2666 at NVDCVE-2011-1947 at SUSECVE-2011-1947 at NVDcpe:/o:suse:suse_sles:11:sp3file-32bit-4.24-43.23.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the file-32bit-4.24-43.23.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-1536 at SUSECVE-2007-1536 at NVDCVE-2007-2799 at SUSECVE-2007-2799 at NVDcpe:/o:suse:suse_sles:11:sp3findutils-4.4.0-38.26.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the findutils-4.4.0-38.26.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-2452 at SUSECVE-2007-2452 at NVDcpe:/o:suse:suse_sles:11:sp3foomatic-filters-3.0.2-269.35.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the foomatic-filters-3.0.2-269.35.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-2697 at SUSECVE-2011-2697 at NVDcpe:/o:suse:suse_sles:11:sp3freeradius-server-2.1.1-7.16.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the freeradius-server-2.1.1-7.16.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-4474 at SUSECVE-2008-4474 at NVDCVE-2011-4966 at SUSECVE-2011-4966 at NVDcpe:/o:suse:suse_sles:11:sp3freetype2-2.3.7-25.32.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the freetype2-2.3.7-25.32.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-1351 at SUSECVE-2007-1351 at NVDCVE-2009-0946 at SUSECVE-2009-0946 at NVDCVE-2010-2497 at SUSECVE-2010-2497 at NVDCVE-2010-2805 at SUSECVE-2010-2805 at NVDCVE-2010-3053 at SUSECVE-2010-3053 at NVDCVE-2010-3054 at SUSECVE-2010-3054 at NVDCVE-2010-3311 at SUSECVE-2010-3311 at NVDCVE-2010-3814 at SUSECVE-2010-3814 at NVDCVE-2010-3855 at SUSECVE-2010-3855 at NVDCVE-2011-0226 at SUSECVE-2011-0226 at NVDCVE-2011-2895 at SUSECVE-2011-2895 at NVDCVE-2011-3256 at SUSECVE-2011-3256 at NVDCVE-2011-3439 at SUSECVE-2011-3439 at NVDCVE-2012-1126 at SUSECVE-2012-1126 at NVDCVE-2012-1127 at SUSECVE-2012-1127 at NVDCVE-2012-1128 at SUSECVE-2012-1128 at NVDCVE-2012-1129 at SUSECVE-2012-1129 at NVDCVE-2012-1130 at SUSECVE-2012-1130 at NVDCVE-2012-1131 at SUSECVE-2012-1131 at NVDCVE-2012-1132 at SUSECVE-2012-1132 at NVDCVE-2012-1133 at SUSECVE-2012-1133 at NVDCVE-2012-1134 at SUSECVE-2012-1134 at NVDCVE-2012-1135 at SUSECVE-2012-1135 at NVDCVE-2012-1136 at SUSECVE-2012-1136 at NVDCVE-2012-1137 at SUSECVE-2012-1137 at NVDCVE-2012-1138 at SUSECVE-2012-1138 at NVDCVE-2012-1139 at SUSECVE-2012-1139 at NVDCVE-2012-1140 at SUSECVE-2012-1140 at NVDCVE-2012-1141 at SUSECVE-2012-1141 at NVDCVE-2012-1142 at SUSECVE-2012-1142 at NVDCVE-2012-1143 at SUSECVE-2012-1143 at NVDCVE-2012-1144 at SUSECVE-2012-1144 at NVDCVE-2012-5668 at SUSECVE-2012-5668 at NVDCVE-2012-5669 at SUSECVE-2012-5669 at NVDCVE-2012-5670 at SUSECVE-2012-5670 at NVDcpe:/o:suse:suse_sles:11:sp3fuse-2.8.7-0.9.12 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the fuse-2.8.7-0.9.12 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-3297 at SUSECVE-2009-3297 at NVDCVE-2011-0541 at SUSECVE-2011-0541 at NVDcpe:/o:suse:suse_sles:11:sp3fvwm2-2.5.26-1.25 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the fvwm2-2.5.26-1.25 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-5969 at SUSECVE-2006-5969 at NVDcpe:/o:suse:suse_sles:11:sp3g3utils-1.1.36-26.31 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the g3utils-1.1.36-26.31 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-4936 at SUSECVE-2008-4936 at NVDcpe:/o:suse:suse_sles:11:sp3gd-2.0.36.RC1-52.18 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the gd-2.0.36.RC1-52.18 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-2756 at SUSECVE-2007-2756 at NVDcpe:/o:suse:suse_sles:11:sp3ghostscript-fonts-other-8.62-32.34.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the ghostscript-fonts-other-8.62-32.34.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-0196 at SUSECVE-2009-0196 at NVDCVE-2009-0583 at SUSECVE-2009-0583 at NVDCVE-2009-0584 at SUSECVE-2009-0584 at NVDCVE-2009-0792 at SUSECVE-2009-0792 at NVDCVE-2009-3743 at SUSECVE-2009-3743 at NVDCVE-2010-1869 at SUSECVE-2010-1869 at NVDCVE-2010-4054 at SUSECVE-2010-4054 at NVDCVE-2012-4405 at SUSECVE-2012-4405 at NVDcpe:/o:suse:suse_sles:11:sp3glib2-2.22.5-0.8.8.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the glib2-2.22.5-0.8.8.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-2371 at SUSECVE-2008-2371 at NVDCVE-2008-4316 at SUSECVE-2008-4316 at NVDcpe:/o:suse:suse_sles:11:sp3glibc-2.11.3-17.54.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the glibc-2.11.3-17.54.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-5029 at SUSECVE-2009-5029 at NVDCVE-2011-2483 at SUSECVE-2011-2483 at NVDcpe:/o:suse:suse_sles:11:sp3gmime-2.2.23-1.50.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the gmime-2.2.23-1.50.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2010-0409 at SUSECVE-2010-0409 at NVDcpe:/o:suse:suse_sles:11:sp3gnome-screensaver-2.28.3-0.32.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the gnome-screensaver-2.28.3-0.32.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-0887 at SUSECVE-2008-0887 at NVDCVE-2010-0414 at SUSECVE-2010-0414 at NVDCVE-2010-0422 at SUSECVE-2010-0422 at NVDcpe:/o:suse:suse_sles:11:sp3gnutls-2.4.1-24.39.45.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the gnutls-2.4.1-24.39.45.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-4790 at SUSECVE-2006-4790 at NVDCVE-2008-1948 at SUSECVE-2008-1948 at NVDCVE-2008-1949 at SUSECVE-2008-1949 at NVDCVE-2008-1950 at SUSECVE-2008-1950 at NVDCVE-2008-4989 at SUSECVE-2008-4989 at NVDCVE-2009-2730 at SUSECVE-2009-2730 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2011-4128 at SUSECVE-2011-4128 at NVDCVE-2012-0390 at SUSECVE-2012-0390 at NVDCVE-2012-1569 at SUSECVE-2012-1569 at NVDCVE-2012-1573 at SUSECVE-2012-1573 at NVDCVE-2013-1619 at SUSECVE-2013-1619 at NVDcpe:/o:suse:suse_sles:11:sp3gpg2-2.0.9-25.33.31.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the gpg2-2.0.9-25.33.31.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-3746 at SUSECVE-2006-3746 at NVDCVE-2006-6169 at SUSECVE-2006-6169 at NVDCVE-2008-1530 at SUSECVE-2008-1530 at NVDCVE-2010-2547 at SUSECVE-2010-2547 at NVDcpe:/o:suse:suse_sles:11:sp3gstreamer-0_10-plugins-base-0.10.35-5.15.8 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the gstreamer-0_10-plugins-base-0.10.35-5.15.8 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-0586 at SUSECVE-2009-0586 at NVDcpe:/o:suse:suse_sles:11:sp3gstreamer-0_10-plugins-good-0.10.30-5.8.11 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the gstreamer-0_10-plugins-good-0.10.30-5.8.11 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-1686 at SUSECVE-2008-1686 at NVDCVE-2009-0386 at SUSECVE-2009-0386 at NVDCVE-2009-0387 at SUSECVE-2009-0387 at NVDCVE-2009-0397 at SUSECVE-2009-0397 at NVDCVE-2009-1932 at SUSECVE-2009-1932 at NVDcpe:/o:suse:suse_sles:11:sp3gtk2-2.18.9-0.23.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the gtk2-2.18.9-0.23.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-0010 at SUSECVE-2007-0010 at NVDCVE-2011-2485 at SUSECVE-2011-2485 at NVDCVE-2012-2370 at SUSECVE-2012-2370 at NVDcpe:/o:suse:suse_sles:11:sp3guestfs-data-1.20.4-0.14.9 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the guestfs-data-1.20.4-0.14.9 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2013-2124 at SUSECVE-2013-2124 at NVDcpe:/o:suse:suse_sles:11:sp3gvim-7.2-8.15.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the gvim-7.2-8.15.2 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-2438 at SUSECVE-2007-2438 at NVDCVE-2007-2953 at SUSECVE-2007-2953 at NVDcpe:/o:suse:suse_sles:11:sp3gzip-1.3.12-69.23.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the gzip-1.3.12-69.23.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-2624 at SUSECVE-2009-2624 at NVDCVE-2010-0001 at SUSECVE-2010-0001 at NVDcpe:/o:suse:suse_sles:11:sp3hplip-3.11.10-0.6.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the hplip-3.11.10-0.6.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2004-0801 at SUSECVE-2004-0801 at NVDCVE-2007-5208 at SUSECVE-2007-5208 at NVDCVE-2010-4267 at SUSECVE-2010-4267 at NVDCVE-2011-2697 at SUSECVE-2011-2697 at NVDCVE-2011-2722 at SUSECVE-2011-2722 at NVDcpe:/o:suse:suse_sles:11:sp3hyper-v-5-0.7.10 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the hyper-v-5-0.7.10 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2012-2669 at SUSECVE-2012-2669 at NVDCVE-2012-5532 at SUSECVE-2012-5532 at NVDcpe:/o:suse:suse_sles:11:sp3ibutils-1.5.7-0.7.31 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the ibutils-1.5.7-0.7.31 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-3277 at SUSECVE-2008-3277 at NVDcpe:/o:suse:suse_sles:11:sp3ipsec-tools-0.7.3-1.1.93 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the ipsec-tools-0.7.3-1.1.93 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-1841 at SUSECVE-2007-1841 at NVDCVE-2008-3652 at SUSECVE-2008-3652 at NVDcpe:/o:suse:suse_sles:11:sp3jakarta-commons-httpclient3-3.0.1-253.36.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the jakarta-commons-httpclient3-3.0.1-253.36.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2012-5783 at SUSECVE-2012-5783 at NVDcpe:/o:suse:suse_sles:11:sp3java-1_6_0-ibm-1.6.0_sr13.1-0.9.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the java-1_6_0-ibm-1.6.0_sr13.1-0.9.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-1187 at SUSECVE-2008-1187 at NVDCVE-2008-1188 at SUSECVE-2008-1188 at NVDCVE-2008-1189 at SUSECVE-2008-1189 at NVDCVE-2008-1190 at SUSECVE-2008-1190 at NVDCVE-2008-1191 at SUSECVE-2008-1191 at NVDCVE-2008-1192 at SUSECVE-2008-1192 at NVDCVE-2008-1193 at SUSECVE-2008-1193 at NVDCVE-2008-1194 at SUSECVE-2008-1194 at NVDCVE-2008-1195 at SUSECVE-2008-1195 at NVDCVE-2008-1196 at SUSECVE-2008-1196 at NVDCVE-2008-5351 at SUSECVE-2008-5351 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2010-0771 at SUSECVE-2010-0771 at NVDCVE-2010-1321 at SUSECVE-2010-1321 at NVDCVE-2010-3541 at SUSECVE-2010-3541 at NVDCVE-2010-3548 at SUSECVE-2010-3548 at NVDCVE-2010-3549 at SUSECVE-2010-3549 at NVDCVE-2010-3550 at SUSECVE-2010-3550 at NVDCVE-2010-3551 at SUSECVE-2010-3551 at NVDCVE-2010-3553 at SUSECVE-2010-3553 at NVDCVE-2010-3555 at SUSECVE-2010-3555 at NVDCVE-2010-3556 at SUSECVE-2010-3556 at NVDCVE-2010-3557 at SUSECVE-2010-3557 at NVDCVE-2010-3558 at SUSECVE-2010-3558 at NVDCVE-2010-3559 at SUSECVE-2010-3559 at NVDCVE-2010-3560 at SUSECVE-2010-3560 at NVDCVE-2010-3562 at SUSECVE-2010-3562 at NVDCVE-2010-3563 at SUSECVE-2010-3563 at NVDCVE-2010-3565 at SUSECVE-2010-3565 at NVDCVE-2010-3566 at SUSECVE-2010-3566 at NVDCVE-2010-3567 at SUSECVE-2010-3567 at NVDCVE-2010-3568 at SUSECVE-2010-3568 at NVDCVE-2010-3569 at SUSECVE-2010-3569 at NVDCVE-2010-3571 at SUSECVE-2010-3571 at NVDCVE-2010-3572 at SUSECVE-2010-3572 at NVDCVE-2010-3573 at SUSECVE-2010-3573 at NVDCVE-2010-3574 at SUSECVE-2010-3574 at NVDCVE-2010-4476 at SUSECVE-2010-4476 at NVDCVE-2012-0551 at SUSECVE-2012-0551 at NVDCVE-2012-1531 at SUSECVE-2012-1531 at NVDCVE-2012-1532 at SUSECVE-2012-1532 at NVDCVE-2012-1533 at SUSECVE-2012-1533 at NVDCVE-2012-1541 at SUSECVE-2012-1541 at NVDCVE-2012-1713 at SUSECVE-2012-1713 at NVDCVE-2012-1716 at SUSECVE-2012-1716 at NVDCVE-2012-1717 at SUSECVE-2012-1717 at NVDCVE-2012-1718 at SUSECVE-2012-1718 at NVDCVE-2012-1719 at SUSECVE-2012-1719 at NVDCVE-2012-1721 at SUSECVE-2012-1721 at NVDCVE-2012-1722 at SUSECVE-2012-1722 at NVDCVE-2012-1725 at SUSECVE-2012-1725 at NVDCVE-2012-3143 at SUSECVE-2012-3143 at NVDCVE-2012-3159 at SUSECVE-2012-3159 at NVDCVE-2012-3213 at SUSECVE-2012-3213 at NVDCVE-2012-3216 at SUSECVE-2012-3216 at NVDCVE-2012-3342 at SUSECVE-2012-3342 at NVDCVE-2012-5068 at SUSECVE-2012-5068 at NVDCVE-2012-5069 at SUSECVE-2012-5069 at NVDCVE-2012-5071 at SUSECVE-2012-5071 at NVDCVE-2012-5072 at SUSECVE-2012-5072 at NVDCVE-2012-5073 at SUSECVE-2012-5073 at NVDCVE-2012-5075 at SUSECVE-2012-5075 at NVDCVE-2012-5079 at SUSECVE-2012-5079 at NVDCVE-2012-5081 at SUSECVE-2012-5081 at NVDCVE-2012-5083 at SUSECVE-2012-5083 at NVDCVE-2012-5084 at SUSECVE-2012-5084 at NVDCVE-2012-5089 at SUSECVE-2012-5089 at NVDCVE-2013-0169 at SUSECVE-2013-0169 at NVDCVE-2013-0351 at SUSECVE-2013-0351 at NVDCVE-2013-0409 at SUSECVE-2013-0409 at NVDCVE-2013-0419 at SUSECVE-2013-0419 at NVDCVE-2013-0423 at SUSECVE-2013-0423 at NVDCVE-2013-0424 at SUSECVE-2013-0424 at NVDCVE-2013-0425 at SUSECVE-2013-0425 at NVDCVE-2013-0426 at SUSECVE-2013-0426 at NVDCVE-2013-0427 at SUSECVE-2013-0427 at NVDCVE-2013-0428 at SUSECVE-2013-0428 at NVDCVE-2013-0432 at SUSECVE-2013-0432 at NVDCVE-2013-0433 at SUSECVE-2013-0433 at NVDCVE-2013-0434 at SUSECVE-2013-0434 at NVDCVE-2013-0435 at SUSECVE-2013-0435 at NVDCVE-2013-0438 at SUSECVE-2013-0438 at NVDCVE-2013-0440 at SUSECVE-2013-0440 at NVDCVE-2013-0441 at SUSECVE-2013-0441 at NVDCVE-2013-0442 at SUSECVE-2013-0442 at NVDCVE-2013-0443 at SUSECVE-2013-0443 at NVDCVE-2013-0445 at SUSECVE-2013-0445 at NVDCVE-2013-0446 at SUSECVE-2013-0446 at NVDCVE-2013-0450 at SUSECVE-2013-0450 at NVDCVE-2013-0485 at SUSECVE-2013-0485 at NVDCVE-2013-0809 at SUSECVE-2013-0809 at NVDCVE-2013-1473 at SUSECVE-2013-1473 at NVDCVE-2013-1476 at SUSECVE-2013-1476 at NVDCVE-2013-1478 at SUSECVE-2013-1478 at NVDCVE-2013-1480 at SUSECVE-2013-1480 at NVDCVE-2013-1481 at SUSECVE-2013-1481 at NVDCVE-2013-1486 at SUSECVE-2013-1486 at NVDCVE-2013-1487 at SUSECVE-2013-1487 at NVDCVE-2013-1493 at SUSECVE-2013-1493 at NVDcpe:/o:suse:suse_sles:11:sp3java-1_7_0-ibm-1.7.0_sr4.1-0.5.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the java-1_7_0-ibm-1.7.0_sr4.1-0.5.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2012-0547 at SUSECVE-2012-0547 at NVDCVE-2012-0551 at SUSECVE-2012-0551 at NVDCVE-2012-1531 at SUSECVE-2012-1531 at NVDCVE-2012-1532 at SUSECVE-2012-1532 at NVDCVE-2012-1533 at SUSECVE-2012-1533 at NVDCVE-2012-1541 at SUSECVE-2012-1541 at NVDCVE-2012-1682 at SUSECVE-2012-1682 at NVDCVE-2012-1713 at SUSECVE-2012-1713 at NVDCVE-2012-1716 at SUSECVE-2012-1716 at NVDCVE-2012-1717 at SUSECVE-2012-1717 at NVDCVE-2012-1718 at SUSECVE-2012-1718 at NVDCVE-2012-1719 at SUSECVE-2012-1719 at NVDCVE-2012-1721 at SUSECVE-2012-1721 at NVDCVE-2012-1722 at SUSECVE-2012-1722 at NVDCVE-2012-1725 at SUSECVE-2012-1725 at NVDCVE-2012-1726 at SUSECVE-2012-1726 at NVDCVE-2012-3136 at SUSECVE-2012-3136 at NVDCVE-2012-3143 at SUSECVE-2012-3143 at NVDCVE-2012-3159 at SUSECVE-2012-3159 at NVDCVE-2012-3174 at SUSECVE-2012-3174 at NVDCVE-2012-3213 at SUSECVE-2012-3213 at NVDCVE-2012-3216 at SUSECVE-2012-3216 at NVDCVE-2012-3342 at SUSECVE-2012-3342 at NVDCVE-2012-4681 at SUSECVE-2012-4681 at NVDCVE-2012-5067 at SUSECVE-2012-5067 at NVDCVE-2012-5069 at SUSECVE-2012-5069 at NVDCVE-2012-5070 at SUSECVE-2012-5070 at NVDCVE-2012-5071 at SUSECVE-2012-5071 at NVDCVE-2012-5072 at SUSECVE-2012-5072 at NVDCVE-2012-5073 at SUSECVE-2012-5073 at NVDCVE-2012-5074 at SUSECVE-2012-5074 at NVDCVE-2012-5075 at SUSECVE-2012-5075 at NVDCVE-2012-5076 at SUSECVE-2012-5076 at NVDCVE-2012-5077 at SUSECVE-2012-5077 at NVDCVE-2012-5079 at SUSECVE-2012-5079 at NVDCVE-2012-5081 at SUSECVE-2012-5081 at NVDCVE-2012-5083 at SUSECVE-2012-5083 at NVDCVE-2012-5084 at SUSECVE-2012-5084 at NVDCVE-2012-5086 at SUSECVE-2012-5086 at NVDCVE-2012-5087 at SUSECVE-2012-5087 at NVDCVE-2012-5088 at SUSECVE-2012-5088 at NVDCVE-2012-5089 at SUSECVE-2012-5089 at NVDCVE-2013-0169 at SUSECVE-2013-0169 at NVDCVE-2013-0351 at SUSECVE-2013-0351 at NVDCVE-2013-0409 at SUSECVE-2013-0409 at NVDCVE-2013-0419 at SUSECVE-2013-0419 at NVDCVE-2013-0422 at SUSECVE-2013-0422 at NVDCVE-2013-0423 at SUSECVE-2013-0423 at NVDCVE-2013-0424 at SUSECVE-2013-0424 at NVDCVE-2013-0425 at SUSECVE-2013-0425 at NVDCVE-2013-0426 at SUSECVE-2013-0426 at NVDCVE-2013-0427 at SUSECVE-2013-0427 at NVDCVE-2013-0428 at SUSECVE-2013-0428 at NVDCVE-2013-0431 at SUSECVE-2013-0431 at NVDCVE-2013-0432 at SUSECVE-2013-0432 at NVDCVE-2013-0433 at SUSECVE-2013-0433 at NVDCVE-2013-0434 at SUSECVE-2013-0434 at NVDCVE-2013-0435 at SUSECVE-2013-0435 at NVDCVE-2013-0437 at SUSECVE-2013-0437 at NVDCVE-2013-0438 at SUSECVE-2013-0438 at NVDCVE-2013-0440 at SUSECVE-2013-0440 at NVDCVE-2013-0441 at SUSECVE-2013-0441 at NVDCVE-2013-0442 at SUSECVE-2013-0442 at NVDCVE-2013-0443 at SUSECVE-2013-0443 at NVDCVE-2013-0444 at SUSECVE-2013-0444 at NVDCVE-2013-0445 at SUSECVE-2013-0445 at NVDCVE-2013-0446 at SUSECVE-2013-0446 at NVDCVE-2013-0449 at SUSECVE-2013-0449 at NVDCVE-2013-0450 at SUSECVE-2013-0450 at NVDCVE-2013-0485 at SUSECVE-2013-0485 at NVDCVE-2013-0809 at SUSECVE-2013-0809 at NVDCVE-2013-1473 at SUSECVE-2013-1473 at NVDCVE-2013-1476 at SUSECVE-2013-1476 at NVDCVE-2013-1478 at SUSECVE-2013-1478 at NVDCVE-2013-1480 at SUSECVE-2013-1480 at NVDCVE-2013-1484 at SUSECVE-2013-1484 at NVDCVE-2013-1485 at SUSECVE-2013-1485 at NVDCVE-2013-1486 at SUSECVE-2013-1486 at NVDCVE-2013-1487 at SUSECVE-2013-1487 at NVDCVE-2013-1493 at SUSECVE-2013-1493 at NVDcpe:/o:suse:suse_sles:11:sp3jpeg-6b-879.12.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the jpeg-6b-879.12.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2012-2806 at SUSECVE-2012-2806 at NVDcpe:/o:suse:suse_sles:11:sp3kbd-1.14.1-16.31.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the kbd-1.14.1-16.31.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-0460 at SUSECVE-2011-0460 at NVDcpe:/o:suse:suse_sles:11:sp3kde4-kgreeter-plugins-4.3.5-0.12.12.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the kde4-kgreeter-plugins-4.3.5-0.12.12.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2010-0436 at SUSECVE-2010-0436 at NVDcpe:/o:suse:suse_sles:11:sp3kdebase3-runtime-3.5.10-20.31 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the kdebase3-runtime-3.5.10-20.31 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-4569 at SUSECVE-2007-4569 at NVDcpe:/o:suse:suse_sles:11:sp3kdelibs3-3.5.10-23.27.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the kdelibs3-3.5.10-23.27.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-3820 at SUSECVE-2007-3820 at NVDCVE-2007-4224 at SUSECVE-2007-4224 at NVDCVE-2007-4225 at SUSECVE-2007-4225 at NVDCVE-2008-1671 at SUSECVE-2008-1671 at NVDCVE-2009-0689 at SUSECVE-2009-0689 at NVDcpe:/o:suse:suse_sles:11:sp3kdelibs4-4.3.5-0.10.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the kdelibs4-4.3.5-0.10.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-0689 at SUSECVE-2009-0689 at NVDCVE-2011-1168 at SUSECVE-2011-1168 at NVDcpe:/o:suse:suse_sles:11:sp3kdenetwork4-filesharing-4.3.5-0.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the kdenetwork4-filesharing-4.3.5-0.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2010-1000 at SUSECVE-2010-1000 at NVDcpe:/o:suse:suse_sles:11:sp3kernel-default-3.0.76-0.11.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the kernel-default-3.0.76-0.11.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-0007 at SUSECVE-2008-0007 at NVDCVE-2008-0009 at SUSECVE-2008-0009 at NVDCVE-2008-0010 at SUSECVE-2008-0010 at NVDCVE-2008-1375 at SUSECVE-2008-1375 at NVDCVE-2008-1669 at SUSECVE-2008-1669 at NVDCVE-2008-1673 at SUSECVE-2008-1673 at NVDCVE-2008-1675 at SUSECVE-2008-1675 at NVDCVE-2008-3528 at SUSECVE-2008-3528 at NVDCVE-2008-3831 at SUSECVE-2008-3831 at NVDCVE-2008-5079 at SUSECVE-2008-5079 at NVDCVE-2008-5182 at SUSECVE-2008-5182 at NVDCVE-2008-5300 at SUSECVE-2008-5300 at NVDCVE-2009-0029 at SUSECVE-2009-0029 at NVDCVE-2009-3939 at SUSECVE-2009-3939 at NVDCVE-2009-4026 at SUSECVE-2009-4026 at NVDCVE-2009-4027 at SUSECVE-2009-4027 at NVDCVE-2009-4131 at SUSECVE-2009-4131 at NVDCVE-2009-4138 at SUSECVE-2009-4138 at NVDCVE-2009-4536 at SUSECVE-2009-4536 at NVDCVE-2009-4537 at SUSECVE-2009-4537 at NVDCVE-2009-4538 at SUSECVE-2009-4538 at NVDCVE-2010-0415 at SUSECVE-2010-0415 at NVDCVE-2010-0622 at SUSECVE-2010-0622 at NVDCVE-2010-0623 at SUSECVE-2010-0623 at NVDCVE-2010-1146 at SUSECVE-2010-1146 at NVDCVE-2010-1173 at SUSECVE-2010-1173 at NVDCVE-2010-1437 at SUSECVE-2010-1437 at NVDCVE-2010-1641 at SUSECVE-2010-1641 at NVDCVE-2010-2066 at SUSECVE-2010-2066 at NVDCVE-2010-2798 at SUSECVE-2010-2798 at NVDCVE-2010-2803 at SUSECVE-2010-2803 at NVDCVE-2010-2942 at SUSECVE-2010-2942 at NVDCVE-2010-2943 at SUSECVE-2010-2943 at NVDCVE-2010-2946 at SUSECVE-2010-2946 at NVDCVE-2010-2954 at SUSECVE-2010-2954 at NVDCVE-2010-2955 at SUSECVE-2010-2955 at NVDCVE-2010-2959 at SUSECVE-2010-2959 at NVDCVE-2010-2960 at SUSECVE-2010-2960 at NVDCVE-2010-2962 at SUSECVE-2010-2962 at NVDCVE-2010-2963 at SUSECVE-2010-2963 at NVDCVE-2010-3015 at SUSECVE-2010-3015 at NVDCVE-2010-3078 at SUSECVE-2010-3078 at NVDCVE-2010-3079 at SUSECVE-2010-3079 at NVDCVE-2010-3080 at SUSECVE-2010-3080 at NVDCVE-2010-3081 at SUSECVE-2010-3081 at NVDCVE-2010-3084 at SUSECVE-2010-3084 at NVDCVE-2010-3296 at SUSECVE-2010-3296 at NVDCVE-2010-3297 at SUSECVE-2010-3297 at NVDCVE-2010-3298 at SUSECVE-2010-3298 at NVDCVE-2010-3301 at SUSECVE-2010-3301 at NVDCVE-2010-3310 at SUSECVE-2010-3310 at NVDCVE-2010-3437 at SUSECVE-2010-3437 at NVDCVE-2010-3699 at SUSECVE-2010-3699 at NVDCVE-2010-3705 at SUSECVE-2010-3705 at NVDCVE-2010-3861 at SUSECVE-2010-3861 at NVDCVE-2010-3873 at SUSECVE-2010-3873 at NVDCVE-2010-3874 at SUSECVE-2010-3874 at NVDCVE-2010-3875 at SUSECVE-2010-3875 at NVDCVE-2010-3876 at SUSECVE-2010-3876 at NVDCVE-2010-3877 at SUSECVE-2010-3877 at NVDCVE-2010-3880 at SUSECVE-2010-3880 at NVDCVE-2010-3881 at SUSECVE-2010-3881 at NVDCVE-2010-4072 at SUSECVE-2010-4072 at NVDCVE-2010-4073 at SUSECVE-2010-4073 at NVDCVE-2010-4075 at SUSECVE-2010-4075 at NVDCVE-2010-4076 at SUSECVE-2010-4076 at NVDCVE-2010-4077 at SUSECVE-2010-4077 at NVDCVE-2010-4082 at SUSECVE-2010-4082 at NVDCVE-2010-4083 at SUSECVE-2010-4083 at NVDCVE-2010-4157 at SUSECVE-2010-4157 at NVDCVE-2010-4158 at SUSECVE-2010-4158 at NVDCVE-2010-4160 at SUSECVE-2010-4160 at NVDCVE-2010-4162 at SUSECVE-2010-4162 at NVDCVE-2010-4163 at SUSECVE-2010-4163 at NVDCVE-2010-4164 at SUSECVE-2010-4164 at NVDCVE-2010-4165 at SUSECVE-2010-4165 at NVDCVE-2010-4169 at SUSECVE-2010-4169 at NVDCVE-2010-4175 at SUSECVE-2010-4175 at NVDCVE-2010-4243 at SUSECVE-2010-4243 at NVDCVE-2010-4251 at SUSECVE-2010-4251 at NVDCVE-2010-4258 at SUSECVE-2010-4258 at NVDCVE-2010-4342 at SUSECVE-2010-4342 at NVDCVE-2010-4529 at SUSECVE-2010-4529 at NVDCVE-2010-4656 at SUSECVE-2010-4656 at NVDCVE-2010-4668 at SUSECVE-2010-4668 at NVDCVE-2011-0521 at SUSECVE-2011-0521 at NVDCVE-2011-0710 at SUSECVE-2011-0710 at NVDCVE-2011-0711 at SUSECVE-2011-0711 at NVDCVE-2011-0712 at SUSECVE-2011-0712 at NVDCVE-2011-1016 at SUSECVE-2011-1016 at NVDCVE-2011-1017 at SUSECVE-2011-1017 at NVDCVE-2011-1020 at SUSECVE-2011-1020 at NVDCVE-2011-1083 at SUSECVE-2011-1083 at NVDCVE-2011-1160 at SUSECVE-2011-1160 at NVDCVE-2011-1180 at SUSECVE-2011-1180 at NVDCVE-2011-1182 at SUSECVE-2011-1182 at NVDCVE-2011-1478 at SUSECVE-2011-1478 at NVDCVE-2011-1573 at SUSECVE-2011-1573 at NVDCVE-2011-1577 at SUSECVE-2011-1577 at NVDCVE-2011-1593 at SUSECVE-2011-1593 at NVDCVE-2011-2182 at SUSECVE-2011-2182 at NVDCVE-2011-2183 at SUSECVE-2011-2183 at NVDCVE-2011-2203 at SUSECVE-2011-2203 at NVDCVE-2011-2479 at SUSECVE-2011-2479 at NVDCVE-2011-2491 at SUSECVE-2011-2491 at NVDCVE-2011-2494 at SUSECVE-2011-2494 at NVDCVE-2011-2495 at SUSECVE-2011-2495 at NVDCVE-2011-2496 at SUSECVE-2011-2496 at NVDCVE-2011-3191 at SUSECVE-2011-3191 at NVDCVE-2011-4086 at SUSECVE-2011-4086 at NVDCVE-2011-4097 at SUSECVE-2011-4097 at NVDCVE-2011-4127 at SUSECVE-2011-4127 at NVDCVE-2011-4131 at SUSECVE-2011-4131 at NVDCVE-2011-4604 at SUSECVE-2011-4604 at NVDCVE-2011-4622 at SUSECVE-2011-4622 at NVDCVE-2012-0038 at SUSECVE-2012-0038 at NVDCVE-2012-0045 at SUSECVE-2012-0045 at NVDCVE-2012-0056 at SUSECVE-2012-0056 at NVDCVE-2012-0207 at SUSECVE-2012-0207 at NVDCVE-2012-1090 at SUSECVE-2012-1090 at NVDCVE-2012-1097 at SUSECVE-2012-1097 at NVDCVE-2012-1146 at SUSECVE-2012-1146 at NVDCVE-2012-1179 at SUSECVE-2012-1179 at NVDCVE-2012-1601 at SUSECVE-2012-1601 at NVDCVE-2012-2119 at SUSECVE-2012-2119 at NVDCVE-2012-2133 at SUSECVE-2012-2133 at NVDCVE-2012-2136 at SUSECVE-2012-2136 at NVDCVE-2012-2137 at SUSECVE-2012-2137 at NVDCVE-2012-2372 at SUSECVE-2012-2372 at NVDCVE-2012-2373 at SUSECVE-2012-2373 at NVDCVE-2012-2390 at SUSECVE-2012-2390 at NVDCVE-2012-2663 at SUSECVE-2012-2663 at NVDCVE-2012-2745 at SUSECVE-2012-2745 at NVDCVE-2012-3412 at SUSECVE-2012-3412 at NVDCVE-2012-3430 at SUSECVE-2012-3430 at NVDCVE-2012-4461 at SUSECVE-2012-4461 at NVDCVE-2012-5517 at SUSECVE-2012-5517 at NVDCVE-2013-0160 at SUSECVE-2013-0160 at NVDCVE-2013-0216 at SUSECVE-2013-0216 at NVDCVE-2013-0231 at SUSECVE-2013-0231 at NVDCVE-2013-0871 at SUSECVE-2013-0871 at NVDCVE-2013-0913 at SUSECVE-2013-0913 at NVDCVE-2013-1767 at SUSECVE-2013-1767 at NVDCVE-2013-1774 at SUSECVE-2013-1774 at NVDCVE-2013-1796 at SUSECVE-2013-1796 at NVDCVE-2013-1797 at SUSECVE-2013-1797 at NVDCVE-2013-1798 at SUSECVE-2013-1798 at NVDCVE-2013-1848 at SUSECVE-2013-1848 at NVDCVE-2013-2094 at SUSECVE-2013-2094 at NVDCVE-2013-2850 at SUSECVE-2013-2850 at NVDcpe:/o:suse:suse_sles:11:sp3krb5-1.6.3-133.49.54.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the krb5-1.6.3-133.49.54.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-6143 at SUSECVE-2006-6143 at NVDCVE-2006-6144 at SUSECVE-2006-6144 at NVDCVE-2007-0956 at SUSECVE-2007-0956 at NVDCVE-2007-0957 at SUSECVE-2007-0957 at NVDCVE-2007-1216 at SUSECVE-2007-1216 at NVDCVE-2007-2442 at SUSECVE-2007-2442 at NVDCVE-2007-2443 at SUSECVE-2007-2443 at NVDCVE-2007-2798 at SUSECVE-2007-2798 at NVDCVE-2007-3999 at SUSECVE-2007-3999 at NVDCVE-2007-4000 at SUSECVE-2007-4000 at NVDCVE-2007-4743 at SUSECVE-2007-4743 at NVDCVE-2007-5894 at SUSECVE-2007-5894 at NVDCVE-2007-5902 at SUSECVE-2007-5902 at NVDCVE-2007-5971 at SUSECVE-2007-5971 at NVDCVE-2007-5972 at SUSECVE-2007-5972 at NVDCVE-2008-0062 at SUSECVE-2008-0062 at NVDCVE-2008-0063 at SUSECVE-2008-0063 at NVDCVE-2008-0947 at SUSECVE-2008-0947 at NVDCVE-2008-0948 at SUSECVE-2008-0948 at NVDCVE-2009-0844 at SUSECVE-2009-0844 at NVDCVE-2009-0845 at SUSECVE-2009-0845 at NVDCVE-2009-0846 at SUSECVE-2009-0846 at NVDCVE-2009-0847 at SUSECVE-2009-0847 at NVDCVE-2009-4212 at SUSECVE-2009-4212 at NVDCVE-2010-0629 at SUSECVE-2010-0629 at NVDCVE-2010-1321 at SUSECVE-2010-1321 at NVDCVE-2010-1323 at SUSECVE-2010-1323 at NVDCVE-2011-0281 at SUSECVE-2011-0281 at NVDCVE-2011-0282 at SUSECVE-2011-0282 at NVDCVE-2011-1526 at SUSECVE-2011-1526 at NVDCVE-2011-4862 at SUSECVE-2011-4862 at NVDCVE-2013-1415 at SUSECVE-2013-1415 at NVDcpe:/o:suse:suse_sles:11:sp3krb5-doc-1.6.3-133.21 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the krb5-doc-1.6.3-133.21 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-3999 at SUSECVE-2007-3999 at NVDCVE-2007-4000 at SUSECVE-2007-4000 at NVDCVE-2007-4743 at SUSECVE-2007-4743 at NVDcpe:/o:suse:suse_sles:11:sp3krb5-plugin-kdb-ldap-1.6.3-133.49.54.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the krb5-plugin-kdb-ldap-1.6.3-133.49.54.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-0956 at SUSECVE-2007-0956 at NVDCVE-2007-0957 at SUSECVE-2007-0957 at NVDCVE-2007-1216 at SUSECVE-2007-1216 at NVDCVE-2007-2442 at SUSECVE-2007-2442 at NVDCVE-2007-2443 at SUSECVE-2007-2443 at NVDCVE-2007-2798 at SUSECVE-2007-2798 at NVDCVE-2007-3999 at SUSECVE-2007-3999 at NVDCVE-2007-4000 at SUSECVE-2007-4000 at NVDCVE-2007-4743 at SUSECVE-2007-4743 at NVDCVE-2010-0629 at SUSECVE-2010-0629 at NVDCVE-2010-1321 at SUSECVE-2010-1321 at NVDCVE-2010-1323 at SUSECVE-2010-1323 at NVDCVE-2011-0281 at SUSECVE-2011-0281 at NVDCVE-2011-0282 at SUSECVE-2011-0282 at NVDCVE-2011-1526 at SUSECVE-2011-1526 at NVDCVE-2011-4862 at SUSECVE-2011-4862 at NVDCVE-2013-1415 at SUSECVE-2013-1415 at NVDcpe:/o:suse:suse_sles:11:sp3kvm-1.4.1-0.11.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the kvm-1.4.1-0.11.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-2382 at SUSECVE-2008-2382 at NVDCVE-2008-5714 at SUSECVE-2008-5714 at NVDCVE-2012-2652 at SUSECVE-2012-2652 at NVDCVE-2012-3515 at SUSECVE-2012-3515 at NVDCVE-2013-2007 at SUSECVE-2013-2007 at NVDcpe:/o:suse:suse_sles:11:sp3lcms-1.17-77.14.19 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the lcms-1.17-77.14.19 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-0581 at SUSECVE-2009-0581 at NVDCVE-2009-0723 at SUSECVE-2009-0723 at NVDCVE-2009-0733 at SUSECVE-2009-0733 at NVDCVE-2009-0793 at SUSECVE-2009-0793 at NVDcpe:/o:suse:suse_sles:11:sp3ldapsmb-1.34b-12.39.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the ldapsmb-1.34b-12.39.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-3403 at SUSECVE-2006-3403 at NVDCVE-2007-0452 at SUSECVE-2007-0452 at NVDCVE-2007-2444 at SUSECVE-2007-2444 at NVDCVE-2007-2446 at SUSECVE-2007-2446 at NVDCVE-2007-2447 at SUSECVE-2007-2447 at NVDCVE-2007-4138 at SUSECVE-2007-4138 at NVDCVE-2007-4572 at SUSECVE-2007-4572 at NVDCVE-2007-5398 at SUSECVE-2007-5398 at NVDCVE-2007-6015 at SUSECVE-2007-6015 at NVDCVE-2008-1105 at SUSECVE-2008-1105 at NVDCVE-2008-3789 at SUSECVE-2008-3789 at NVDCVE-2008-4314 at SUSECVE-2008-4314 at NVDCVE-2009-0022 at SUSECVE-2009-0022 at NVDCVE-2009-1886 at SUSECVE-2009-1886 at NVDCVE-2009-1888 at SUSECVE-2009-1888 at NVDCVE-2009-2813 at SUSECVE-2009-2813 at NVDCVE-2009-2906 at SUSECVE-2009-2906 at NVDCVE-2009-2948 at SUSECVE-2009-2948 at NVDCVE-2010-0547 at SUSECVE-2010-0547 at NVDCVE-2010-0728 at SUSECVE-2010-0728 at NVDCVE-2010-0787 at SUSECVE-2010-0787 at NVDCVE-2010-0926 at SUSECVE-2010-0926 at NVDCVE-2010-1635 at SUSECVE-2010-1635 at NVDCVE-2010-1642 at SUSECVE-2010-1642 at NVDCVE-2010-2063 at SUSECVE-2010-2063 at NVDCVE-2010-3069 at SUSECVE-2010-3069 at NVDCVE-2011-0719 at SUSECVE-2011-0719 at NVDCVE-2011-2522 at SUSECVE-2011-2522 at NVDCVE-2011-2694 at SUSECVE-2011-2694 at NVDCVE-2012-0817 at SUSECVE-2012-0817 at NVDCVE-2012-0870 at SUSECVE-2012-0870 at NVDCVE-2012-1182 at SUSECVE-2012-1182 at NVDCVE-2012-2111 at SUSECVE-2012-2111 at NVDCVE-2013-0213 at SUSECVE-2013-0213 at NVDCVE-2013-0214 at SUSECVE-2013-0214 at NVDCVE-2013-0454 at SUSECVE-2013-0454 at NVDcpe:/o:suse:suse_sles:11:sp3libMagickCore1-32bit-6.4.3.6-7.26.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libMagickCore1-32bit-6.4.3.6-7.26.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-5456 at SUSECVE-2006-5456 at NVDCVE-2007-1667 at SUSECVE-2007-1667 at NVDCVE-2007-1797 at SUSECVE-2007-1797 at NVDCVE-2007-4985 at SUSECVE-2007-4985 at NVDCVE-2007-4986 at SUSECVE-2007-4986 at NVDCVE-2007-4987 at SUSECVE-2007-4987 at NVDCVE-2007-4988 at SUSECVE-2007-4988 at NVDCVE-2012-0247 at SUSECVE-2012-0247 at NVDCVE-2012-0248 at SUSECVE-2012-0248 at NVDCVE-2012-0259 at SUSECVE-2012-0259 at NVDCVE-2012-0260 at SUSECVE-2012-0260 at NVDCVE-2012-1185 at SUSECVE-2012-1185 at NVDCVE-2012-1186 at SUSECVE-2012-1186 at NVDCVE-2012-1610 at SUSECVE-2012-1610 at NVDCVE-2012-1798 at SUSECVE-2012-1798 at NVDCVE-2012-3437 at SUSECVE-2012-3437 at NVDcpe:/o:suse:suse_sles:11:sp3libQtWebKit4-32bit-4.6.3-5.25.5 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libQtWebKit4-32bit-4.6.3-5.25.5 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-4811 at SUSECVE-2006-4811 at NVDCVE-2009-0945 at SUSECVE-2009-0945 at NVDCVE-2011-3193 at SUSECVE-2011-3193 at NVDCVE-2011-3922 at SUSECVE-2011-3922 at NVDCVE-2012-4929 at SUSECVE-2012-4929 at NVDCVE-2012-6093 at SUSECVE-2012-6093 at NVDCVE-2013-0254 at SUSECVE-2013-0254 at NVDcpe:/o:suse:suse_sles:11:sp3libadns1-1.4-73.21 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libadns1-1.4-73.21 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-1447 at SUSECVE-2008-1447 at NVDCVE-2008-4100 at SUSECVE-2008-4100 at NVDcpe:/o:suse:suse_sles:11:sp3libapr-util1-1.3.4-12.22.21.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libapr-util1-1.3.4-12.22.21.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-2412 at SUSECVE-2009-2412 at NVDCVE-2010-1623 at SUSECVE-2010-1623 at NVDcpe:/o:suse:suse_sles:11:sp3libapr1-1.3.3-11.18.19.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libapr1-1.3.3-11.18.19.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-2412 at SUSECVE-2009-2412 at NVDCVE-2011-0419 at SUSECVE-2011-0419 at NVDCVE-2011-1928 at SUSECVE-2011-1928 at NVDcpe:/o:suse:suse_sles:11:sp3libarchive2-2.5.5-5.19 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libarchive2-2.5.5-5.19 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-5680 at SUSECVE-2006-5680 at NVDCVE-2007-3641 at SUSECVE-2007-3641 at NVDCVE-2007-3644 at SUSECVE-2007-3644 at NVDCVE-2007-3645 at SUSECVE-2007-3645 at NVDcpe:/o:suse:suse_sles:11:sp3libcap-progs-2.11-2.17.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libcap-progs-2.11-2.17.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-4099 at SUSECVE-2011-4099 at NVDcpe:/o:suse:suse_sles:11:sp3libcgroup1-0.37.1-5.16.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libcgroup1-0.37.1-5.16.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-1006 at SUSECVE-2011-1006 at NVDCVE-2011-1022 at SUSECVE-2011-1022 at NVDcpe:/o:suse:suse_sles:11:sp3libdrm-2.4.41-0.8.46 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libdrm-2.4.41-0.8.46 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-3831 at SUSECVE-2008-3831 at NVDcpe:/o:suse:suse_sles:11:sp3libecpg6-9.1.9-0.3.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libecpg6-9.1.9-0.3.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-4769 at SUSECVE-2007-4769 at NVDCVE-2007-4772 at SUSECVE-2007-4772 at NVDCVE-2007-6067 at SUSECVE-2007-6067 at NVDCVE-2007-6600 at SUSECVE-2007-6600 at NVDCVE-2007-6601 at SUSECVE-2007-6601 at NVDCVE-2009-4034 at SUSECVE-2009-4034 at NVDCVE-2009-4136 at SUSECVE-2009-4136 at NVDCVE-2010-1169 at SUSECVE-2010-1169 at NVDCVE-2010-1170 at SUSECVE-2010-1170 at NVDCVE-2010-3433 at SUSECVE-2010-3433 at NVDCVE-2012-3488 at SUSECVE-2012-3488 at NVDCVE-2012-3489 at SUSECVE-2012-3489 at NVDCVE-2013-0255 at SUSECVE-2013-0255 at NVDCVE-2013-1899 at SUSECVE-2013-1899 at NVDCVE-2013-1900 at SUSECVE-2013-1900 at NVDCVE-2013-1901 at SUSECVE-2013-1901 at NVDcpe:/o:suse:suse_sles:11:sp3libexif-0.6.17-2.14.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libexif-0.6.17-2.14.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-6351 at SUSECVE-2007-6351 at NVDCVE-2007-6352 at SUSECVE-2007-6352 at NVDCVE-2012-2812 at SUSECVE-2012-2812 at NVDCVE-2012-2813 at SUSECVE-2012-2813 at NVDCVE-2012-2814 at SUSECVE-2012-2814 at NVDCVE-2012-2836 at SUSECVE-2012-2836 at NVDCVE-2012-2837 at SUSECVE-2012-2837 at NVDCVE-2012-2840 at SUSECVE-2012-2840 at NVDCVE-2012-2841 at SUSECVE-2012-2841 at NVDcpe:/o:suse:suse_sles:11:sp3libexiv2-4-0.17.1-31.20 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libexiv2-4-0.17.1-31.20 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-6353 at SUSECVE-2007-6353 at NVDcpe:/o:suse:suse_sles:11:sp3libfreebl3-3.14.3-0.11.11 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libfreebl3-3.14.3-0.11.11 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2010-3170 at SUSECVE-2010-3170 at NVDCVE-2011-3389 at SUSECVE-2011-3389 at NVDCVE-2013-0743 at SUSECVE-2013-0743 at NVDcpe:/o:suse:suse_sles:11:sp3libgdiplus0-2.6.7-0.5.76 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libgdiplus0-2.6.7-0.5.76 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2010-1526 at SUSECVE-2010-1526 at NVDcpe:/o:suse:suse_sles:11:sp3libgnomesu-1.0.0-307.10.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libgnomesu-1.0.0-307.10.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-1946 at SUSECVE-2011-1946 at NVDcpe:/o:suse:suse_sles:11:sp3libgtop-2.28.0-1.9.24 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libgtop-2.28.0-1.9.24 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-0235 at SUSECVE-2007-0235 at NVDcpe:/o:suse:suse_sles:11:sp3libicu-32bit-4.0-7.26.15 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libicu-32bit-4.0-7.26.15 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-4770 at SUSECVE-2007-4770 at NVDCVE-2007-4771 at SUSECVE-2007-4771 at NVDCVE-2008-1036 at SUSECVE-2008-1036 at NVDCVE-2009-0153 at SUSECVE-2009-0153 at NVDCVE-2010-4409 at SUSECVE-2010-4409 at NVDcpe:/o:suse:suse_sles:11:sp3libltdl7-2.2.6-2.131.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libltdl7-2.2.6-2.131.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-3736 at SUSECVE-2009-3736 at NVDcpe:/o:suse:suse_sles:11:sp3libmusicbrainz4-2.1.5-5.18 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libmusicbrainz4-2.1.5-5.18 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-4197 at SUSECVE-2006-4197 at NVDcpe:/o:suse:suse_sles:11:sp3libmysqlclient15-32bit-5.0.96-0.6.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libmysqlclient15-32bit-5.0.96-0.6.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-0903 at SUSECVE-2006-0903 at NVDCVE-2006-4226 at SUSECVE-2006-4226 at NVDCVE-2006-4227 at SUSECVE-2006-4227 at NVDCVE-2007-5969 at SUSECVE-2007-5969 at NVDCVE-2007-6303 at SUSECVE-2007-6303 at NVDCVE-2007-6304 at SUSECVE-2007-6304 at NVDCVE-2008-2079 at SUSECVE-2008-2079 at NVDCVE-2008-4456 at SUSECVE-2008-4456 at NVDCVE-2008-7247 at SUSECVE-2008-7247 at NVDCVE-2009-2446 at SUSECVE-2009-2446 at NVDCVE-2009-4019 at SUSECVE-2009-4019 at NVDCVE-2009-4028 at SUSECVE-2009-4028 at NVDCVE-2009-4030 at SUSECVE-2009-4030 at NVDCVE-2009-4484 at SUSECVE-2009-4484 at NVDCVE-2009-5026 at SUSECVE-2009-5026 at NVDCVE-2010-1626 at SUSECVE-2010-1626 at NVDCVE-2010-1848 at SUSECVE-2010-1848 at NVDCVE-2010-1849 at SUSECVE-2010-1849 at NVDCVE-2010-1850 at SUSECVE-2010-1850 at NVDCVE-2010-3833 at SUSECVE-2010-3833 at NVDCVE-2010-3834 at SUSECVE-2010-3834 at NVDCVE-2010-3835 at SUSECVE-2010-3835 at NVDCVE-2010-3836 at SUSECVE-2010-3836 at NVDCVE-2010-3837 at SUSECVE-2010-3837 at NVDCVE-2010-3838 at SUSECVE-2010-3838 at NVDCVE-2010-3839 at SUSECVE-2010-3839 at NVDCVE-2010-3840 at SUSECVE-2010-3840 at NVDCVE-2012-2122 at SUSECVE-2012-2122 at NVDCVE-2012-5611 at SUSECVE-2012-5611 at NVDcpe:/o:suse:suse_sles:11:sp3libneon27-0.29.6-6.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libneon27-0.29.6-6.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-0157 at SUSECVE-2007-0157 at NVDCVE-2008-3746 at SUSECVE-2008-3746 at NVDCVE-2009-2473 at SUSECVE-2009-2473 at NVDCVE-2009-2474 at SUSECVE-2009-2474 at NVDcpe:/o:suse:suse_sles:11:sp3libnetpbm10-10.26.44-101.9.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libnetpbm10-10.26.44-101.9.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-4274 at SUSECVE-2009-4274 at NVDcpe:/o:suse:suse_sles:11:sp3libnewt0_52-0.52.10-1.35.113 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libnewt0_52-0.52.10-1.35.113 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-2905 at SUSECVE-2009-2905 at NVDcpe:/o:suse:suse_sles:11:sp3libopensc2-0.11.6-5.27.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libopensc2-0.11.6-5.27.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-2235 at SUSECVE-2008-2235 at NVDCVE-2009-0368 at SUSECVE-2009-0368 at NVDcpe:/o:suse:suse_sles:11:sp3libopenssl0_9_8-0.9.8j-0.50.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libopenssl0_9_8-0.9.8j-0.50.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-2937 at SUSECVE-2006-2937 at NVDCVE-2006-2940 at SUSECVE-2006-2940 at NVDCVE-2006-3738 at SUSECVE-2006-3738 at NVDCVE-2006-4339 at SUSECVE-2006-4339 at NVDCVE-2006-4343 at SUSECVE-2006-4343 at NVDCVE-2006-7250 at SUSECVE-2006-7250 at NVDCVE-2007-3108 at SUSECVE-2007-3108 at NVDCVE-2007-4995 at SUSECVE-2007-4995 at NVDCVE-2007-5135 at SUSECVE-2007-5135 at NVDCVE-2008-0891 at SUSECVE-2008-0891 at NVDCVE-2008-1672 at SUSECVE-2008-1672 at NVDCVE-2008-5077 at SUSECVE-2008-5077 at NVDCVE-2009-0590 at SUSECVE-2009-0590 at NVDCVE-2009-0591 at SUSECVE-2009-0591 at NVDCVE-2009-0789 at SUSECVE-2009-0789 at NVDCVE-2009-1377 at SUSECVE-2009-1377 at NVDCVE-2009-1378 at SUSECVE-2009-1378 at NVDCVE-2009-1379 at SUSECVE-2009-1379 at NVDCVE-2009-1386 at SUSECVE-2009-1386 at NVDCVE-2009-1387 at SUSECVE-2009-1387 at NVDCVE-2009-3245 at SUSECVE-2009-3245 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2009-4355 at SUSECVE-2009-4355 at NVDCVE-2010-0740 at SUSECVE-2010-0740 at NVDCVE-2010-2939 at SUSECVE-2010-2939 at NVDCVE-2010-3864 at SUSECVE-2010-3864 at NVDCVE-2010-4180 at SUSECVE-2010-4180 at NVDCVE-2010-4252 at SUSECVE-2010-4252 at NVDCVE-2011-0014 at SUSECVE-2011-0014 at NVDCVE-2011-3210 at SUSECVE-2011-3210 at NVDCVE-2011-4108 at SUSECVE-2011-4108 at NVDCVE-2011-4109 at SUSECVE-2011-4109 at NVDCVE-2011-4354 at SUSECVE-2011-4354 at NVDCVE-2011-4576 at SUSECVE-2011-4576 at NVDCVE-2011-4577 at SUSECVE-2011-4577 at NVDCVE-2011-4619 at SUSECVE-2011-4619 at NVDCVE-2011-5095 at SUSECVE-2011-5095 at NVDCVE-2012-0050 at SUSECVE-2012-0050 at NVDCVE-2012-0884 at SUSECVE-2012-0884 at NVDCVE-2012-1165 at SUSECVE-2012-1165 at NVDCVE-2012-2110 at SUSECVE-2012-2110 at NVDCVE-2012-2131 at SUSECVE-2012-2131 at NVDCVE-2012-2333 at SUSECVE-2012-2333 at NVDCVE-2012-4929 at SUSECVE-2012-4929 at NVDCVE-2013-0166 at SUSECVE-2013-0166 at NVDCVE-2013-0169 at SUSECVE-2013-0169 at NVDcpe:/o:suse:suse_sles:11:sp3libotr2-3.2.0-10.3.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libotr2-3.2.0-10.3.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2012-3461 at SUSECVE-2012-3461 at NVDcpe:/o:suse:suse_sles:11:sp3libpng12-0-1.2.31-5.31.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libpng12-0-1.2.31-5.31.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-5793 at SUSECVE-2006-5793 at NVDCVE-2008-3964 at SUSECVE-2008-3964 at NVDCVE-2008-5907 at SUSECVE-2008-5907 at NVDCVE-2008-6218 at SUSECVE-2008-6218 at NVDCVE-2009-0040 at SUSECVE-2009-0040 at NVDCVE-2009-2042 at SUSECVE-2009-2042 at NVDCVE-2009-5063 at SUSECVE-2009-5063 at NVDCVE-2010-0205 at SUSECVE-2010-0205 at NVDCVE-2010-1205 at SUSECVE-2010-1205 at NVDCVE-2010-2249 at SUSECVE-2010-2249 at NVDCVE-2011-2501 at SUSECVE-2011-2501 at NVDCVE-2011-2690 at SUSECVE-2011-2690 at NVDCVE-2011-2691 at SUSECVE-2011-2691 at NVDCVE-2011-2692 at SUSECVE-2011-2692 at NVDCVE-2011-3026 at SUSECVE-2011-3026 at NVDCVE-2011-3048 at SUSECVE-2011-3048 at NVDCVE-2012-3425 at SUSECVE-2012-3425 at NVDcpe:/o:suse:suse_sles:11:sp3libpoppler-glib4-0.12.3-1.8.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libpoppler-glib4-0.12.3-1.8.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-0104 at SUSECVE-2007-0104 at NVDCVE-2007-4352 at SUSECVE-2007-4352 at NVDCVE-2007-5392 at SUSECVE-2007-5392 at NVDCVE-2007-5393 at SUSECVE-2007-5393 at NVDCVE-2008-2950 at SUSECVE-2008-2950 at NVDCVE-2009-0755 at SUSECVE-2009-0755 at NVDCVE-2009-0756 at SUSECVE-2009-0756 at NVDCVE-2009-0791 at SUSECVE-2009-0791 at NVDCVE-2009-0799 at SUSECVE-2009-0799 at NVDCVE-2009-0800 at SUSECVE-2009-0800 at NVDCVE-2009-1179 at SUSECVE-2009-1179 at NVDCVE-2009-1180 at SUSECVE-2009-1180 at NVDCVE-2009-1181 at SUSECVE-2009-1181 at NVDCVE-2009-1182 at SUSECVE-2009-1182 at NVDCVE-2009-1183 at SUSECVE-2009-1183 at NVDCVE-2009-1187 at SUSECVE-2009-1187 at NVDCVE-2009-1188 at SUSECVE-2009-1188 at NVDCVE-2009-3607 at SUSECVE-2009-3607 at NVDCVE-2009-3608 at SUSECVE-2009-3608 at NVDCVE-2010-3702 at SUSECVE-2010-3702 at NVDCVE-2010-3703 at SUSECVE-2010-3703 at NVDCVE-2010-3704 at SUSECVE-2010-3704 at NVDCVE-2013-1790 at SUSECVE-2013-1790 at NVDcpe:/o:suse:suse_sles:11:sp3libproxy0-0.3.1-2.6.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libproxy0-0.3.1-2.6.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2012-4505 at SUSECVE-2012-4505 at NVDcpe:/o:suse:suse_sles:11:sp3libpulse-browse0-0.9.23-0.7.128 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libpulse-browse0-0.9.23-0.7.128 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-0008 at SUSECVE-2008-0008 at NVDcpe:/o:suse:suse_sles:11:sp3libpython2_6-1_0-2.6.8-0.15.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libpython2_6-1_0-2.6.8-0.15.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-3560 at SUSECVE-2009-3560 at NVDCVE-2009-3720 at SUSECVE-2009-3720 at NVDCVE-2010-3493 at SUSECVE-2010-3493 at NVDCVE-2011-1015 at SUSECVE-2011-1015 at NVDCVE-2011-1521 at SUSECVE-2011-1521 at NVDCVE-2011-4944 at SUSECVE-2011-4944 at NVDCVE-2012-0845 at SUSECVE-2012-0845 at NVDCVE-2012-1150 at SUSECVE-2012-1150 at NVDcpe:/o:suse:suse_sles:11:sp3librpcsecgss-0.18-1.15 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the librpcsecgss-0.18-1.15 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-3999 at SUSECVE-2007-3999 at NVDcpe:/o:suse:suse_sles:11:sp3librsvg-2.26.0-2.3.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the librsvg-2.26.0-2.3.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-3146 at SUSECVE-2011-3146 at NVDcpe:/o:suse:suse_sles:11:sp3libsamplerate-0.1.4-1.15 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libsamplerate-0.1.4-1.15 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-5008 at SUSECVE-2008-5008 at NVDcpe:/o:suse:suse_sles:11:sp3libsndfile-1.0.20-2.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libsndfile-1.0.20-2.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-4974 at SUSECVE-2007-4974 at NVDCVE-2009-0186 at SUSECVE-2009-0186 at NVDCVE-2009-1788 at SUSECVE-2009-1788 at NVDCVE-2009-1791 at SUSECVE-2009-1791 at NVDCVE-2009-4835 at SUSECVE-2009-4835 at NVDCVE-2011-2696 at SUSECVE-2011-2696 at NVDcpe:/o:suse:suse_sles:11:sp3libsnmp15-32bit-5.4.2.1-8.12.16.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libsnmp15-32bit-5.4.2.1-8.12.16.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-4309 at SUSECVE-2008-4309 at NVDCVE-2008-6123 at SUSECVE-2008-6123 at NVDCVE-2012-2141 at SUSECVE-2012-2141 at NVDcpe:/o:suse:suse_sles:11:sp3libsoup-2_4-1-2.32.2-4.13.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libsoup-2_4-1-2.32.2-4.13.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-5876 at SUSECVE-2006-5876 at NVDCVE-2011-2524 at SUSECVE-2011-2524 at NVDCVE-2012-2132 at SUSECVE-2012-2132 at NVDcpe:/o:suse:suse_sles:11:sp3libsss_idmap0-1.9.4-0.12.24 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libsss_idmap0-1.9.4-0.12.24 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2010-4341 at SUSECVE-2010-4341 at NVDCVE-2011-1758 at SUSECVE-2011-1758 at NVDCVE-2013-0219 at SUSECVE-2013-0219 at NVDCVE-2013-0220 at SUSECVE-2013-0220 at NVDCVE-2013-0287 at SUSECVE-2013-0287 at NVDcpe:/o:suse:suse_sles:11:sp3libtiff3-3.8.2-141.152.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libtiff3-3.8.2-141.152.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-1586 at SUSECVE-2008-1586 at NVDCVE-2008-2327 at SUSECVE-2008-2327 at NVDCVE-2009-2285 at SUSECVE-2009-2285 at NVDCVE-2009-2347 at SUSECVE-2009-2347 at NVDCVE-2010-1411 at SUSECVE-2010-1411 at NVDCVE-2010-4665 at SUSECVE-2010-4665 at NVDCVE-2011-0191 at SUSECVE-2011-0191 at NVDCVE-2011-0192 at SUSECVE-2011-0192 at NVDCVE-2011-1167 at SUSECVE-2011-1167 at NVDCVE-2012-1173 at SUSECVE-2012-1173 at NVDCVE-2012-2088 at SUSECVE-2012-2088 at NVDCVE-2012-2113 at SUSECVE-2012-2113 at NVDCVE-2012-3401 at SUSECVE-2012-3401 at NVDCVE-2012-4447 at SUSECVE-2012-4447 at NVDCVE-2012-4564 at SUSECVE-2012-4564 at NVDCVE-2012-5581 at SUSECVE-2012-5581 at NVDCVE-2013-1960 at SUSECVE-2013-1960 at NVDCVE-2013-1961 at SUSECVE-2013-1961 at NVDcpe:/o:suse:suse_sles:11:sp3libtspi1-0.3.10-0.9.50 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libtspi1-0.3.10-0.9.50 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2012-0698 at SUSECVE-2012-0698 at NVDcpe:/o:suse:suse_sles:11:sp3libupsclient1-2.6.2-0.2.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libupsclient1-2.6.2-0.2.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2012-2944 at SUSECVE-2012-2944 at NVDcpe:/o:suse:suse_sles:11:sp3libvirt-1.0.5.1-0.7.10 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libvirt-1.0.5.1-0.7.10 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-5086 at SUSECVE-2008-5086 at NVDCVE-2010-2242 at SUSECVE-2010-2242 at NVDCVE-2011-1146 at SUSECVE-2011-1146 at NVDCVE-2011-1486 at SUSECVE-2011-1486 at NVDCVE-2011-2511 at SUSECVE-2011-2511 at NVDCVE-2011-4600 at SUSECVE-2011-4600 at NVDCVE-2012-3445 at SUSECVE-2012-3445 at NVDCVE-2012-4423 at SUSECVE-2012-4423 at NVDCVE-2013-1962 at SUSECVE-2013-1962 at NVDcpe:/o:suse:suse_sles:11:sp3libvorbis-1.2.0-79.20.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libvorbis-1.2.0-79.20.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-3106 at SUSECVE-2007-3106 at NVDCVE-2008-1419 at SUSECVE-2008-1419 at NVDCVE-2008-1420 at SUSECVE-2008-1420 at NVDCVE-2008-1423 at SUSECVE-2008-1423 at NVDCVE-2009-2663 at SUSECVE-2009-2663 at NVDCVE-2009-3379 at SUSECVE-2009-3379 at NVDCVE-2012-0444 at SUSECVE-2012-0444 at NVDcpe:/o:suse:suse_sles:11:sp3libxcrypt-3.0.3-0.6.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libxcrypt-3.0.3-0.6.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-2483 at SUSECVE-2011-2483 at NVDcpe:/o:suse:suse_sles:11:sp3libxml2-2.7.6-0.23.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libxml2-2.7.6-0.23.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-6284 at SUSECVE-2007-6284 at NVDCVE-2008-4225 at SUSECVE-2008-4225 at NVDCVE-2008-4226 at SUSECVE-2008-4226 at NVDCVE-2008-4409 at SUSECVE-2008-4409 at NVDCVE-2009-2414 at SUSECVE-2009-2414 at NVDCVE-2009-2416 at SUSECVE-2009-2416 at NVDCVE-2010-4494 at SUSECVE-2010-4494 at NVDCVE-2011-1944 at SUSECVE-2011-1944 at NVDCVE-2011-2821 at SUSECVE-2011-2821 at NVDCVE-2011-3102 at SUSECVE-2011-3102 at NVDCVE-2011-3919 at SUSECVE-2011-3919 at NVDCVE-2012-0841 at SUSECVE-2012-0841 at NVDCVE-2012-2807 at SUSECVE-2012-2807 at NVDCVE-2012-5134 at SUSECVE-2012-5134 at NVDCVE-2013-0338 at SUSECVE-2013-0338 at NVDcpe:/o:suse:suse_sles:11:sp3libxslt-1.1.24-19.21.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libxslt-1.1.24-19.21.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-1767 at SUSECVE-2008-1767 at NVDCVE-2011-3970 at SUSECVE-2011-3970 at NVDCVE-2012-2825 at SUSECVE-2012-2825 at NVDCVE-2012-6139 at SUSECVE-2012-6139 at NVDcpe:/o:suse:suse_sles:11:sp3libzip1-0.9-1.24.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the libzip1-0.9-1.24.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-0421 at SUSECVE-2011-0421 at NVDcpe:/o:suse:suse_sles:11:sp3log4net-1.2.10-1.36 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the log4net-1.2.10-1.36 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-0743 at SUSECVE-2006-0743 at NVDcpe:/o:suse:suse_sles:11:sp3logrotate-3.7.7-10.26.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the logrotate-3.7.7-10.26.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-1098 at SUSECVE-2011-1098 at NVDCVE-2011-1154 at SUSECVE-2011-1154 at NVDCVE-2011-1155 at SUSECVE-2011-1155 at NVDcpe:/o:suse:suse_sles:11:sp3logwatch-7.3.6-65.72.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the logwatch-7.3.6-65.72.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-1018 at SUSECVE-2011-1018 at NVDcpe:/o:suse:suse_sles:11:sp3lvm2-2.02.98-0.25.3 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the lvm2-2.02.98-0.25.3 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2010-2526 at SUSECVE-2010-2526 at NVDcpe:/o:suse:suse_sles:11:sp3mailman-2.1.14-9.6.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the mailman-2.1.14-9.6.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-2191 at SUSECVE-2006-2191 at NVDCVE-2006-2941 at SUSECVE-2006-2941 at NVDCVE-2006-3636 at SUSECVE-2006-3636 at NVDCVE-2010-3089 at SUSECVE-2010-3089 at NVDCVE-2010-3090 at SUSECVE-2010-3090 at NVDCVE-2011-0707 at SUSECVE-2011-0707 at NVDcpe:/o:suse:suse_sles:11:sp3man-2.5.2-17.16 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the man-2.5.2-17.16 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-4250 at SUSECVE-2006-4250 at NVDcpe:/o:suse:suse_sles:11:sp3mipv6d-2.0.2.umip.0.4-8.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the mipv6d-2.0.2.umip.0.4-8.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2010-2522 at SUSECVE-2010-2522 at NVDCVE-2010-2523 at SUSECVE-2010-2523 at NVDcpe:/o:suse:suse_sles:11:sp3mono-core-2.6.7-0.7.19 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the mono-core-2.6.7-0.7.19 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-0217 at SUSECVE-2009-0217 at NVDCVE-2010-1459 at SUSECVE-2010-1459 at NVDCVE-2010-3332 at SUSECVE-2010-3332 at NVDCVE-2010-4159 at SUSECVE-2010-4159 at NVDcpe:/o:suse:suse_sles:11:sp3mono-core-2.6.7-0.9.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the mono-core-2.6.7-0.9.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-0217 at SUSECVE-2009-0217 at NVDCVE-2010-1459 at SUSECVE-2010-1459 at NVDCVE-2010-3332 at SUSECVE-2010-3332 at NVDCVE-2010-4159 at SUSECVE-2010-4159 at NVDCVE-2012-3382 at SUSECVE-2012-3382 at NVDcpe:/o:suse:suse_sles:11:sp3mozilla-xulrunner192-1.9.2.27-0.2.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the mozilla-xulrunner192-1.9.2.27-0.2.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-5913 at SUSECVE-2008-5913 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2010-0164 at SUSECVE-2010-0164 at NVDCVE-2010-0165 at SUSECVE-2010-0165 at NVDCVE-2010-0166 at SUSECVE-2010-0166 at NVDCVE-2010-0167 at SUSECVE-2010-0167 at NVDCVE-2010-0168 at SUSECVE-2010-0168 at NVDCVE-2010-0169 at SUSECVE-2010-0169 at NVDCVE-2010-0170 at SUSECVE-2010-0170 at NVDCVE-2010-0171 at SUSECVE-2010-0171 at NVDCVE-2010-0172 at SUSECVE-2010-0172 at NVDCVE-2010-0173 at SUSECVE-2010-0173 at NVDCVE-2010-0174 at SUSECVE-2010-0174 at NVDCVE-2010-0176 at SUSECVE-2010-0176 at NVDCVE-2010-0177 at SUSECVE-2010-0177 at NVDCVE-2010-0178 at SUSECVE-2010-0178 at NVDCVE-2010-0179 at SUSECVE-2010-0179 at NVDCVE-2010-0181 at SUSECVE-2010-0181 at NVDCVE-2010-0182 at SUSECVE-2010-0182 at NVDCVE-2010-0654 at SUSECVE-2010-0654 at NVDCVE-2010-1028 at SUSECVE-2010-1028 at NVDCVE-2010-1121 at SUSECVE-2010-1121 at NVDCVE-2010-1125 at SUSECVE-2010-1125 at NVDCVE-2010-1196 at SUSECVE-2010-1196 at NVDCVE-2010-1197 at SUSECVE-2010-1197 at NVDCVE-2010-1198 at SUSECVE-2010-1198 at NVDCVE-2010-1199 at SUSECVE-2010-1199 at NVDCVE-2010-1200 at SUSECVE-2010-1200 at NVDCVE-2010-1201 at SUSECVE-2010-1201 at NVDCVE-2010-1202 at SUSECVE-2010-1202 at NVDCVE-2010-1203 at SUSECVE-2010-1203 at NVDCVE-2010-1205 at SUSECVE-2010-1205 at NVDCVE-2010-1206 at SUSECVE-2010-1206 at NVDCVE-2010-1207 at SUSECVE-2010-1207 at NVDCVE-2010-1208 at SUSECVE-2010-1208 at NVDCVE-2010-1209 at SUSECVE-2010-1209 at NVDCVE-2010-1210 at SUSECVE-2010-1210 at NVDCVE-2010-1211 at SUSECVE-2010-1211 at NVDCVE-2010-1212 at SUSECVE-2010-1212 at NVDCVE-2010-1213 at SUSECVE-2010-1213 at NVDCVE-2010-1214 at SUSECVE-2010-1214 at NVDCVE-2010-1215 at SUSECVE-2010-1215 at NVDCVE-2010-1585 at SUSECVE-2010-1585 at NVDCVE-2010-2751 at SUSECVE-2010-2751 at NVDCVE-2010-2752 at SUSECVE-2010-2752 at NVDCVE-2010-2753 at SUSECVE-2010-2753 at NVDCVE-2010-2754 at SUSECVE-2010-2754 at NVDCVE-2010-2755 at SUSECVE-2010-2755 at NVDCVE-2010-2760 at SUSECVE-2010-2760 at NVDCVE-2010-2762 at SUSECVE-2010-2762 at NVDCVE-2010-2764 at SUSECVE-2010-2764 at NVDCVE-2010-2765 at SUSECVE-2010-2765 at NVDCVE-2010-2766 at SUSECVE-2010-2766 at NVDCVE-2010-2767 at SUSECVE-2010-2767 at NVDCVE-2010-2768 at SUSECVE-2010-2768 at NVDCVE-2010-2769 at SUSECVE-2010-2769 at NVDCVE-2010-3166 at SUSECVE-2010-3166 at NVDCVE-2010-3167 at SUSECVE-2010-3167 at NVDCVE-2010-3168 at SUSECVE-2010-3168 at NVDCVE-2010-3169 at SUSECVE-2010-3169 at NVDCVE-2010-3170 at SUSECVE-2010-3170 at NVDCVE-2010-3173 at SUSECVE-2010-3173 at NVDCVE-2010-3174 at SUSECVE-2010-3174 at NVDCVE-2010-3175 at SUSECVE-2010-3175 at NVDCVE-2010-3176 at SUSECVE-2010-3176 at NVDCVE-2010-3177 at SUSECVE-2010-3177 at NVDCVE-2010-3178 at SUSECVE-2010-3178 at NVDCVE-2010-3179 at SUSECVE-2010-3179 at NVDCVE-2010-3180 at SUSECVE-2010-3180 at NVDCVE-2010-3182 at SUSECVE-2010-3182 at NVDCVE-2010-3183 at SUSECVE-2010-3183 at NVDCVE-2010-3765 at SUSECVE-2010-3765 at NVDCVE-2010-3766 at SUSECVE-2010-3766 at NVDCVE-2010-3767 at SUSECVE-2010-3767 at NVDCVE-2010-3768 at SUSECVE-2010-3768 at NVDCVE-2010-3769 at SUSECVE-2010-3769 at NVDCVE-2010-3770 at SUSECVE-2010-3770 at NVDCVE-2010-3771 at SUSECVE-2010-3771 at NVDCVE-2010-3772 at SUSECVE-2010-3772 at NVDCVE-2010-3773 at SUSECVE-2010-3773 at NVDCVE-2010-3775 at SUSECVE-2010-3775 at NVDCVE-2010-3776 at SUSECVE-2010-3776 at NVDCVE-2010-3777 at SUSECVE-2010-3777 at NVDCVE-2010-3778 at SUSECVE-2010-3778 at NVDCVE-2011-0051 at SUSECVE-2011-0051 at NVDCVE-2011-0053 at SUSECVE-2011-0053 at NVDCVE-2011-0054 at SUSECVE-2011-0054 at NVDCVE-2011-0055 at SUSECVE-2011-0055 at NVDCVE-2011-0056 at SUSECVE-2011-0056 at NVDCVE-2011-0057 at SUSECVE-2011-0057 at NVDCVE-2011-0059 at SUSECVE-2011-0059 at NVDCVE-2011-0061 at SUSECVE-2011-0061 at NVDCVE-2011-0062 at SUSECVE-2011-0062 at NVDCVE-2011-0065 at SUSECVE-2011-0065 at NVDCVE-2011-0066 at SUSECVE-2011-0066 at NVDCVE-2011-0067 at SUSECVE-2011-0067 at NVDCVE-2011-0069 at SUSECVE-2011-0069 at NVDCVE-2011-0070 at SUSECVE-2011-0070 at NVDCVE-2011-0072 at SUSECVE-2011-0072 at NVDCVE-2011-0073 at SUSECVE-2011-0073 at NVDCVE-2011-0074 at SUSECVE-2011-0074 at NVDCVE-2011-0075 at SUSECVE-2011-0075 at NVDCVE-2011-0077 at SUSECVE-2011-0077 at NVDCVE-2011-0078 at SUSECVE-2011-0078 at NVDCVE-2011-0080 at SUSECVE-2011-0080 at NVDCVE-2011-0081 at SUSECVE-2011-0081 at NVDCVE-2011-0083 at SUSECVE-2011-0083 at NVDCVE-2011-0084 at SUSECVE-2011-0084 at NVDCVE-2011-0085 at SUSECVE-2011-0085 at NVDCVE-2011-1202 at SUSECVE-2011-1202 at NVDCVE-2011-2362 at SUSECVE-2011-2362 at NVDCVE-2011-2363 at SUSECVE-2011-2363 at NVDCVE-2011-2364 at SUSECVE-2011-2364 at NVDCVE-2011-2365 at SUSECVE-2011-2365 at NVDCVE-2011-2371 at SUSECVE-2011-2371 at NVDCVE-2011-2372 at SUSECVE-2011-2372 at NVDCVE-2011-2373 at SUSECVE-2011-2373 at NVDCVE-2011-2374 at SUSECVE-2011-2374 at NVDCVE-2011-2376 at SUSECVE-2011-2376 at NVDCVE-2011-2377 at SUSECVE-2011-2377 at NVDCVE-2011-2378 at SUSECVE-2011-2378 at NVDCVE-2011-2980 at SUSECVE-2011-2980 at NVDCVE-2011-2981 at SUSECVE-2011-2981 at NVDCVE-2011-2982 at SUSECVE-2011-2982 at NVDCVE-2011-2983 at SUSECVE-2011-2983 at NVDCVE-2011-2995 at SUSECVE-2011-2995 at NVDCVE-2011-2996 at SUSECVE-2011-2996 at NVDCVE-2011-2999 at SUSECVE-2011-2999 at NVDCVE-2011-3000 at SUSECVE-2011-3000 at NVDCVE-2011-3001 at SUSECVE-2011-3001 at NVDCVE-2011-3026 at SUSECVE-2011-3026 at NVDCVE-2011-3647 at SUSECVE-2011-3647 at NVDCVE-2011-3648 at SUSECVE-2011-3648 at NVDCVE-2011-3650 at SUSECVE-2011-3650 at NVDCVE-2011-3659 at SUSECVE-2011-3659 at NVDCVE-2011-3666 at SUSECVE-2011-3666 at NVDCVE-2011-3670 at SUSECVE-2011-3670 at NVDCVE-2012-0442 at SUSECVE-2012-0442 at NVDCVE-2012-0443 at SUSECVE-2012-0443 at NVDCVE-2012-0444 at SUSECVE-2012-0444 at NVDCVE-2012-0449 at SUSECVE-2012-0449 at NVDcpe:/o:suse:suse_sles:11:sp3mutt-1.5.17-42.33.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the mutt-1.5.17-42.33.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-1558 at SUSECVE-2007-1558 at NVDcpe:/o:suse:suse_sles:11:sp3nagios-3.0.6-1.25.28.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the nagios-3.0.6-1.25.28.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-5803 at SUSECVE-2007-5803 at NVDCVE-2011-1523 at SUSECVE-2011-1523 at NVDCVE-2012-6096 at SUSECVE-2012-6096 at NVDcpe:/o:suse:suse_sles:11:sp3nagios-plugins-1.4.16-0.11.35 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the nagios-plugins-1.4.16-0.11.35 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-5623 at SUSECVE-2007-5623 at NVDcpe:/o:suse:suse_sles:11:sp3nfs-client-1.2.3-18.31.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the nfs-client-1.2.3-18.31.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2013-1923 at SUSECVE-2013-1923 at NVDcpe:/o:suse:suse_sles:11:sp3ntp-4.2.4p8-1.20.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the ntp-4.2.4p8-1.20.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-0159 at SUSECVE-2009-0159 at NVDCVE-2009-1252 at SUSECVE-2009-1252 at NVDcpe:/o:suse:suse_sles:11:sp3ofed-1.5.4.1-0.11.5 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the ofed-1.5.4.1-0.11.5 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2010-1693 at SUSECVE-2010-1693 at NVDCVE-2010-3904 at SUSECVE-2010-3904 at NVDCVE-2010-4649 at SUSECVE-2010-4649 at NVDCVE-2011-3345 at SUSECVE-2011-3345 at NVDcpe:/o:suse:suse_sles:11:sp3openCryptoki-2.4.2-0.9.12 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the openCryptoki-2.4.2-0.9.12 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2012-4454 at SUSECVE-2012-4454 at NVDCVE-2012-4455 at SUSECVE-2012-4455 at NVDcpe:/o:suse:suse_sles:11:sp3openslp-1.2.0-172.22.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the openslp-1.2.0-172.22.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2010-3609 at SUSECVE-2010-3609 at NVDcpe:/o:suse:suse_sles:11:sp3openssh-6.2p2-0.9.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the openssh-6.2p2-0.9.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-0225 at SUSECVE-2006-0225 at NVDCVE-2007-4752 at SUSECVE-2007-4752 at NVDCVE-2008-1483 at SUSECVE-2008-1483 at NVDCVE-2010-5107 at SUSECVE-2010-5107 at NVDCVE-2011-5000 at SUSECVE-2011-5000 at NVDCVE-2012-0814 at SUSECVE-2012-0814 at NVDcpe:/o:suse:suse_sles:11:sp3openvpn-2.0.9-143.38.22 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the openvpn-2.0.9-143.38.22 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-4339 at SUSECVE-2006-4339 at NVDcpe:/o:suse:suse_sles:11:sp3opie-2.4-662.18.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the opie-2.4-662.18.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-2489 at SUSECVE-2011-2489 at NVDCVE-2011-2490 at SUSECVE-2011-2490 at NVDcpe:/o:suse:suse_sles:11:sp3pam-1.1.5-0.10.17 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the pam-1.1.5-0.10.17 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-0579 at SUSECVE-2009-0579 at NVDCVE-2009-0887 at SUSECVE-2009-0887 at NVDCVE-2011-3148 at SUSECVE-2011-3148 at NVDCVE-2011-3149 at SUSECVE-2011-3149 at NVDcpe:/o:suse:suse_sles:11:sp3pam_krb5-2.3.1-47.12.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the pam_krb5-2.3.1-47.12.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-3825 at SUSECVE-2008-3825 at NVDcpe:/o:suse:suse_sles:11:sp3pam_ldap-184-147.20 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the pam_ldap-184-147.20 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-5170 at SUSECVE-2006-5170 at NVDcpe:/o:suse:suse_sles:11:sp3pam_mount-0.47-13.16.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the pam_mount-0.47-13.16.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-5138 at SUSECVE-2008-5138 at NVDcpe:/o:suse:suse_sles:11:sp3pango-1.26.2-1.3.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the pango-1.26.2-1.3.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-0020 at SUSECVE-2011-0020 at NVDCVE-2011-0064 at SUSECVE-2011-0064 at NVDcpe:/o:suse:suse_sles:11:sp3pcsc-ccid-1.3.8-3.15.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the pcsc-ccid-1.3.8-3.15.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2010-4530 at SUSECVE-2010-4530 at NVDcpe:/o:suse:suse_sles:11:sp3pcsc-lite-1.4.102-1.37.3 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the pcsc-lite-1.4.102-1.37.3 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2010-0407 at SUSECVE-2010-0407 at NVDCVE-2010-4531 at SUSECVE-2010-4531 at NVDcpe:/o:suse:suse_sles:11:sp3perl-32bit-5.10.0-64.67.52 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the perl-32bit-5.10.0-64.67.52 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-5116 at SUSECVE-2007-5116 at NVDCVE-2010-1168 at SUSECVE-2010-1168 at NVDCVE-2010-1447 at SUSECVE-2010-1447 at NVDCVE-2010-2761 at SUSECVE-2010-2761 at NVDCVE-2010-4410 at SUSECVE-2010-4410 at NVDCVE-2010-4411 at SUSECVE-2010-4411 at NVDCVE-2010-4777 at SUSECVE-2010-4777 at NVDCVE-2011-1487 at SUSECVE-2011-1487 at NVDCVE-2011-2728 at SUSECVE-2011-2728 at NVDCVE-2012-5526 at SUSECVE-2012-5526 at NVDCVE-2012-6329 at SUSECVE-2012-6329 at NVDCVE-2013-1667 at SUSECVE-2013-1667 at NVDcpe:/o:suse:suse_sles:11:sp3perl-HTML-Parser-3.56-1.18.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the perl-HTML-Parser-3.56-1.18.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-3627 at SUSECVE-2009-3627 at NVDcpe:/o:suse:suse_sles:11:sp3perl-Tk-804.028-50.24 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the perl-Tk-804.028-50.24 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-4484 at SUSECVE-2006-4484 at NVDcpe:/o:suse:suse_sles:11:sp3perl-libwww-perl-5.816-2.23.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the perl-libwww-perl-5.816-2.23.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-0633 at SUSECVE-2011-0633 at NVDcpe:/o:suse:suse_sles:11:sp3perl-spamassassin-3.3.1-10.8.3 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the perl-spamassassin-3.3.1-10.8.3 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-0451 at SUSECVE-2007-0451 at NVDCVE-2007-2873 at SUSECVE-2007-2873 at NVDcpe:/o:suse:suse_sles:11:sp3postgresql-8.3.23-0.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the postgresql-8.3.23-0.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-4769 at SUSECVE-2007-4769 at NVDCVE-2007-4772 at SUSECVE-2007-4772 at NVDCVE-2007-6067 at SUSECVE-2007-6067 at NVDCVE-2007-6600 at SUSECVE-2007-6600 at NVDCVE-2007-6601 at SUSECVE-2007-6601 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2009-4034 at SUSECVE-2009-4034 at NVDCVE-2009-4136 at SUSECVE-2009-4136 at NVDCVE-2010-0442 at SUSECVE-2010-0442 at NVDCVE-2010-1169 at SUSECVE-2010-1169 at NVDCVE-2010-1170 at SUSECVE-2010-1170 at NVDCVE-2010-3433 at SUSECVE-2010-3433 at NVDCVE-2010-4014 at SUSECVE-2010-4014 at NVDCVE-2010-4015 at SUSECVE-2010-4015 at NVDCVE-2012-0866 at SUSECVE-2012-0866 at NVDCVE-2012-0868 at SUSECVE-2012-0868 at NVDCVE-2012-2143 at SUSECVE-2012-2143 at NVDCVE-2012-2655 at SUSECVE-2012-2655 at NVDCVE-2012-3488 at SUSECVE-2012-3488 at NVDCVE-2012-3489 at SUSECVE-2012-3489 at NVDCVE-2013-0255 at SUSECVE-2013-0255 at NVDcpe:/o:suse:suse_sles:11:sp3puppet-2.6.18-0.4.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the puppet-2.6.18-0.4.2 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2010-0156 at SUSECVE-2010-0156 at NVDCVE-2011-1986 at SUSECVE-2011-1986 at NVDCVE-2011-3848 at SUSECVE-2011-3848 at NVDCVE-2011-3869 at SUSECVE-2011-3869 at NVDCVE-2011-3870 at SUSECVE-2011-3870 at NVDCVE-2011-3871 at SUSECVE-2011-3871 at NVDCVE-2011-3872 at SUSECVE-2011-3872 at NVDCVE-2012-1987 at SUSECVE-2012-1987 at NVDCVE-2012-1988 at SUSECVE-2012-1988 at NVDCVE-2012-1989 at SUSECVE-2012-1989 at NVDCVE-2012-3864 at SUSECVE-2012-3864 at NVDCVE-2012-3865 at SUSECVE-2012-3865 at NVDCVE-2012-3867 at SUSECVE-2012-3867 at NVDcpe:/o:suse:suse_sles:11:sp3pure-ftpd-1.0.22-3.19.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the pure-ftpd-1.0.22-3.19.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-0411 at SUSECVE-2011-0411 at NVDCVE-2011-3171 at SUSECVE-2011-3171 at NVDcpe:/o:suse:suse_sles:11:sp3python-2.6.8-0.15.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the python-2.6.8-0.15.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-2052 at SUSECVE-2007-2052 at NVDCVE-2008-1721 at SUSECVE-2008-1721 at NVDCVE-2008-2315 at SUSECVE-2008-2315 at NVDCVE-2008-2316 at SUSECVE-2008-2316 at NVDCVE-2008-3142 at SUSECVE-2008-3142 at NVDCVE-2008-3143 at SUSECVE-2008-3143 at NVDCVE-2008-3144 at SUSECVE-2008-3144 at NVDcpe:/o:suse:suse_sles:11:sp3python-pam-0.5.0-3.20.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the python-pam-0.5.0-3.20.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2012-1502 at SUSECVE-2012-1502 at NVDcpe:/o:suse:suse_sles:11:sp3pyxml-0.8.4-194.23.38 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the pyxml-0.8.4-194.23.38 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-3560 at SUSECVE-2009-3560 at NVDCVE-2009-3720 at SUSECVE-2009-3720 at NVDcpe:/o:suse:suse_sles:11:sp3qt3-3.3.8b-88.21 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the qt3-3.3.8b-88.21 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-4811 at SUSECVE-2006-4811 at NVDCVE-2007-0242 at SUSECVE-2007-0242 at NVDCVE-2007-3388 at SUSECVE-2007-3388 at NVDCVE-2007-4137 at SUSECVE-2007-4137 at NVDcpe:/o:suse:suse_sles:11:sp3quagga-0.99.15-0.12.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the quagga-0.99.15-0.12.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-2223 at SUSECVE-2006-2223 at NVDCVE-2007-1995 at SUSECVE-2007-1995 at NVDCVE-2010-1674 at SUSECVE-2010-1674 at NVDCVE-2010-1675 at SUSECVE-2010-1675 at NVDCVE-2010-2948 at SUSECVE-2010-2948 at NVDCVE-2010-2949 at SUSECVE-2010-2949 at NVDcpe:/o:suse:suse_sles:11:sp3radvd-1.1-1.24.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the radvd-1.1-1.24.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-3602 at SUSECVE-2011-3602 at NVDCVE-2011-3603 at SUSECVE-2011-3603 at NVDCVE-2011-3604 at SUSECVE-2011-3604 at NVDCVE-2011-3605 at SUSECVE-2011-3605 at NVDcpe:/o:suse:suse_sles:11:sp3rsync-3.0.4-2.47.28 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the rsync-3.0.4-2.47.28 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-4091 at SUSECVE-2007-4091 at NVDCVE-2007-6199 at SUSECVE-2007-6199 at NVDCVE-2011-1097 at SUSECVE-2011-1097 at NVDcpe:/o:suse:suse_sles:11:sp3rsyslog-5.10.1-0.7.49 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the rsyslog-5.10.1-0.7.49 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-3200 at SUSECVE-2011-3200 at NVDcpe:/o:suse:suse_sles:11:sp3ruby-1.8.7.p357-0.9.9.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the ruby-1.8.7.p357-0.9.9.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-3694 at SUSECVE-2006-3694 at NVDCVE-2006-5467 at SUSECVE-2006-5467 at NVDCVE-2006-6303 at SUSECVE-2006-6303 at NVDCVE-2007-5162 at SUSECVE-2007-5162 at NVDCVE-2007-5770 at SUSECVE-2007-5770 at NVDCVE-2008-1145 at SUSECVE-2008-1145 at NVDCVE-2008-3790 at SUSECVE-2008-3790 at NVDCVE-2009-0642 at SUSECVE-2009-0642 at NVDCVE-2009-1904 at SUSECVE-2009-1904 at NVDCVE-2009-4492 at SUSECVE-2009-4492 at NVDCVE-2010-0541 at SUSECVE-2010-0541 at NVDCVE-2011-0188 at SUSECVE-2011-0188 at NVDCVE-2011-1004 at SUSECVE-2011-1004 at NVDCVE-2011-1005 at SUSECVE-2011-1005 at NVDCVE-2011-2686 at SUSECVE-2011-2686 at NVDCVE-2011-2705 at SUSECVE-2011-2705 at NVDCVE-2011-3009 at SUSECVE-2011-3009 at NVDCVE-2011-4815 at SUSECVE-2011-4815 at NVDCVE-2012-4466 at SUSECVE-2012-4466 at NVDcpe:/o:suse:suse_sles:11:sp3sblim-sfcb-1.3.11-0.19.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the sblim-sfcb-1.3.11-0.19.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2012-3381 at SUSECVE-2012-3381 at NVDcpe:/o:suse:suse_sles:11:sp3socat-1.7.0.0-1.16.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the socat-1.7.0.0-1.16.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2010-2799 at SUSECVE-2010-2799 at NVDCVE-2012-0219 at SUSECVE-2012-0219 at NVDcpe:/o:suse:suse_sles:11:sp3squid-2.7.STABLE5-2.12.12.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the squid-2.7.STABLE5-2.12.12.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-0478 at SUSECVE-2009-0478 at NVDCVE-2009-2855 at SUSECVE-2009-2855 at NVDCVE-2010-0308 at SUSECVE-2010-0308 at NVDCVE-2010-0639 at SUSECVE-2010-0639 at NVDCVE-2012-5643 at SUSECVE-2012-5643 at NVDCVE-2013-0188 at SUSECVE-2013-0188 at NVDCVE-2013-0189 at SUSECVE-2013-0189 at NVDcpe:/o:suse:suse_sles:11:sp3squid3-3.1.12-8.12.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the squid3-3.1.12-8.12.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2005-0094 at SUSECVE-2005-0094 at NVDCVE-2011-3205 at SUSECVE-2011-3205 at NVDCVE-2011-4096 at SUSECVE-2011-4096 at NVDCVE-2012-5643 at SUSECVE-2012-5643 at NVDCVE-2013-0188 at SUSECVE-2013-0188 at NVDCVE-2013-0189 at SUSECVE-2013-0189 at NVDcpe:/o:suse:suse_sles:11:sp3squidGuard-1.4-13.6.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the squidGuard-1.4-13.6.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-3700 at SUSECVE-2009-3700 at NVDCVE-2009-3826 at SUSECVE-2009-3826 at NVDcpe:/o:suse:suse_sles:11:sp3star-1.5final-28.23.23.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the star-1.5final-28.23.23.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-4134 at SUSECVE-2007-4134 at NVDcpe:/o:suse:suse_sles:11:sp3stunnel-4.54-0.9.24 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the stunnel-4.54-0.9.24 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2013-1762 at SUSECVE-2013-1762 at NVDcpe:/o:suse:suse_sles:11:sp3sudo-1.7.6p2-0.17.5 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the sudo-1.7.6p2-0.17.5 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2010-0426 at SUSECVE-2010-0426 at NVDCVE-2010-0427 at SUSECVE-2010-0427 at NVDCVE-2012-2337 at SUSECVE-2012-2337 at NVDCVE-2013-1775 at SUSECVE-2013-1775 at NVDCVE-2013-1776 at SUSECVE-2013-1776 at NVDCVE-2013-2776 at SUSECVE-2013-2776 at NVDCVE-2013-2777 at SUSECVE-2013-2777 at NVDcpe:/o:suse:suse_sles:11:sp3sysconfig-0.71.61-0.11.12 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the sysconfig-0.71.61-0.11.12 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-4182 at SUSECVE-2011-4182 at NVDcpe:/o:suse:suse_sles:11:sp3syslog-ng-2.0.9-27.34.36.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the syslog-ng-2.0.9-27.34.36.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-5110 at SUSECVE-2008-5110 at NVDcpe:/o:suse:suse_sles:11:sp3sysstat-8.1.5-7.45.24 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the sysstat-8.1.5-7.45.24 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-3852 at SUSECVE-2007-3852 at NVDcpe:/o:suse:suse_sles:11:sp3system-config-printer-1.0.8-9.23.44 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the system-config-printer-1.0.8-9.23.44 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-4405 at SUSECVE-2011-4405 at NVDCVE-2012-4510 at SUSECVE-2012-4510 at NVDcpe:/o:suse:suse_sles:11:sp3systemtap-1.5-0.9.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the systemtap-1.5-0.9.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2009-2911 at SUSECVE-2009-2911 at NVDCVE-2009-4273 at SUSECVE-2009-4273 at NVDCVE-2012-0875 at SUSECVE-2012-0875 at NVDcpe:/o:suse:suse_sles:11:sp3t1lib-5.1.1-100.21.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the t1lib-5.1.1-100.21.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2010-2642 at SUSECVE-2010-2642 at NVDCVE-2011-0433 at SUSECVE-2011-0433 at NVDCVE-2011-0764 at SUSECVE-2011-0764 at NVDCVE-2011-1552 at SUSECVE-2011-1552 at NVDCVE-2011-1553 at SUSECVE-2011-1553 at NVDCVE-2011-1554 at SUSECVE-2011-1554 at NVDcpe:/o:suse:suse_sles:11:sp3taglib-1.5-19.23.4 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the taglib-1.5-19.23.4 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2012-1108 at SUSECVE-2012-1108 at NVDCVE-2012-1584 at SUSECVE-2012-1584 at NVDcpe:/o:suse:suse_sles:11:sp3tar-1.26-1.2.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the tar-1.26-1.2.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2001-1267 at SUSECVE-2001-1267 at NVDCVE-2002-0399 at SUSECVE-2002-0399 at NVDCVE-2006-6097 at SUSECVE-2006-6097 at NVDCVE-2010-0624 at SUSECVE-2010-0624 at NVDcpe:/o:suse:suse_sles:11:sp3tftp-0.48-101.31.27 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the tftp-0.48-101.31.27 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-2199 at SUSECVE-2011-2199 at NVDcpe:/o:suse:suse_sles:11:sp3tgt-0.9.10-0.17.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the tgt-0.9.10-0.17.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-0001 at SUSECVE-2011-0001 at NVDcpe:/o:suse:suse_sles:11:sp3tomcat6-6.0.18-20.35.40.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the tomcat6-6.0.18-20.35.40.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-1232 at SUSECVE-2008-1232 at NVDCVE-2008-1947 at SUSECVE-2008-1947 at NVDCVE-2008-2370 at SUSECVE-2008-2370 at NVDCVE-2008-2938 at SUSECVE-2008-2938 at NVDCVE-2008-5515 at SUSECVE-2008-5515 at NVDCVE-2009-0033 at SUSECVE-2009-0033 at NVDCVE-2009-0580 at SUSECVE-2009-0580 at NVDCVE-2009-0781 at SUSECVE-2009-0781 at NVDCVE-2009-0783 at SUSECVE-2009-0783 at NVDCVE-2009-2693 at SUSECVE-2009-2693 at NVDCVE-2009-2901 at SUSECVE-2009-2901 at NVDCVE-2009-2902 at SUSECVE-2009-2902 at NVDCVE-2010-1157 at SUSECVE-2010-1157 at NVDCVE-2010-2227 at SUSECVE-2010-2227 at NVDCVE-2010-3718 at SUSECVE-2010-3718 at NVDCVE-2010-4172 at SUSECVE-2010-4172 at NVDCVE-2011-0013 at SUSECVE-2011-0013 at NVDCVE-2011-0534 at SUSECVE-2011-0534 at NVDCVE-2011-1184 at SUSECVE-2011-1184 at NVDCVE-2011-2204 at SUSECVE-2011-2204 at NVDCVE-2011-2526 at SUSECVE-2011-2526 at NVDCVE-2011-3190 at SUSECVE-2011-3190 at NVDCVE-2011-5062 at SUSECVE-2011-5062 at NVDCVE-2011-5063 at SUSECVE-2011-5063 at NVDCVE-2011-5064 at SUSECVE-2011-5064 at NVDCVE-2012-2733 at SUSECVE-2012-2733 at NVDCVE-2012-3546 at SUSECVE-2012-3546 at NVDCVE-2012-4431 at SUSECVE-2012-4431 at NVDCVE-2012-4534 at SUSECVE-2012-4534 at NVDCVE-2012-5568 at SUSECVE-2012-5568 at NVDCVE-2012-5885 at SUSECVE-2012-5885 at NVDCVE-2012-5886 at SUSECVE-2012-5886 at NVDCVE-2012-5887 at SUSECVE-2012-5887 at NVDcpe:/o:suse:suse_sles:11:sp3unixODBC_23-2.3.1-0.9.40 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the unixODBC_23-2.3.1-0.9.40 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-1145 at SUSECVE-2011-1145 at NVDcpe:/o:suse:suse_sles:11:sp3unrar-3.80.2-2.8 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the unrar-3.80.2-2.8 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-3726 at SUSECVE-2007-3726 at NVDcpe:/o:suse:suse_sles:11:sp3unzip-6.00-11.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the unzip-6.00-11.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2005-2475 at SUSECVE-2005-2475 at NVDcpe:/o:suse:suse_sles:11:sp3virt-utils-1.2.1-0.7.19 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the virt-utils-1.2.1-0.7.19 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2013-1922 at SUSECVE-2013-1922 at NVDcpe:/o:suse:suse_sles:11:sp3vte-0.22.5-0.2.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the vte-0.22.5-0.2.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2010-2713 at SUSECVE-2010-2713 at NVDcpe:/o:suse:suse_sles:11:sp3w3m-0.5.2-132.2.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the w3m-0.5.2-132.2.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-6772 at SUSECVE-2006-6772 at NVDCVE-2010-2074 at SUSECVE-2010-2074 at NVDcpe:/o:suse:suse_sles:11:sp3wget-1.11.4-1.15.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the wget-1.11.4-1.15.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-6719 at SUSECVE-2006-6719 at NVDcpe:/o:suse:suse_sles:11:sp3wireshark-1.8.6-0.2.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the wireshark-1.8.6-0.2.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-1932 at SUSECVE-2006-1932 at NVDCVE-2006-4574 at SUSECVE-2006-4574 at NVDCVE-2006-4805 at SUSECVE-2006-4805 at NVDCVE-2006-5468 at SUSECVE-2006-5468 at NVDCVE-2006-5469 at SUSECVE-2006-5469 at NVDCVE-2006-5740 at SUSECVE-2006-5740 at NVDCVE-2007-0456 at SUSECVE-2007-0456 at NVDCVE-2007-0457 at SUSECVE-2007-0457 at NVDCVE-2007-0458 at SUSECVE-2007-0458 at NVDCVE-2007-0459 at SUSECVE-2007-0459 at NVDCVE-2009-1210 at SUSECVE-2009-1210 at NVDCVE-2009-1267 at SUSECVE-2009-1267 at NVDCVE-2009-1268 at SUSECVE-2009-1268 at NVDCVE-2009-1269 at SUSECVE-2009-1269 at NVDCVE-2009-2560 at SUSECVE-2009-2560 at NVDCVE-2009-2562 at SUSECVE-2009-2562 at NVDCVE-2009-3549 at SUSECVE-2009-3549 at NVDCVE-2009-3550 at SUSECVE-2009-3550 at NVDCVE-2009-3829 at SUSECVE-2009-3829 at NVDCVE-2009-4377 at SUSECVE-2009-4377 at NVDCVE-2010-0304 at SUSECVE-2010-0304 at NVDCVE-2010-1455 at SUSECVE-2010-1455 at NVDCVE-2010-2992 at SUSECVE-2010-2992 at NVDCVE-2010-2993 at SUSECVE-2010-2993 at NVDCVE-2010-2994 at SUSECVE-2010-2994 at NVDCVE-2010-2995 at SUSECVE-2010-2995 at NVDCVE-2010-3445 at SUSECVE-2010-3445 at NVDCVE-2010-4300 at SUSECVE-2010-4300 at NVDCVE-2010-4301 at SUSECVE-2010-4301 at NVDCVE-2010-4538 at SUSECVE-2010-4538 at NVDCVE-2011-0024 at SUSECVE-2011-0024 at NVDCVE-2011-0538 at SUSECVE-2011-0538 at NVDCVE-2011-0713 at SUSECVE-2011-0713 at NVDCVE-2011-1138 at SUSECVE-2011-1138 at NVDCVE-2011-1139 at SUSECVE-2011-1139 at NVDCVE-2011-1140 at SUSECVE-2011-1140 at NVDCVE-2011-1143 at SUSECVE-2011-1143 at NVDCVE-2011-1590 at SUSECVE-2011-1590 at NVDCVE-2011-1591 at SUSECVE-2011-1591 at NVDCVE-2011-1592 at SUSECVE-2011-1592 at NVDCVE-2011-1957 at SUSECVE-2011-1957 at NVDCVE-2011-1958 at SUSECVE-2011-1958 at NVDCVE-2011-1959 at SUSECVE-2011-1959 at NVDCVE-2011-2174 at SUSECVE-2011-2174 at NVDCVE-2011-2175 at SUSECVE-2011-2175 at NVDCVE-2011-2597 at SUSECVE-2011-2597 at NVDCVE-2011-2698 at SUSECVE-2011-2698 at NVDCVE-2011-3266 at SUSECVE-2011-3266 at NVDCVE-2011-3360 at SUSECVE-2011-3360 at NVDCVE-2011-3483 at SUSECVE-2011-3483 at NVDCVE-2012-1593 at SUSECVE-2012-1593 at NVDCVE-2012-1595 at SUSECVE-2012-1595 at NVDCVE-2012-1596 at SUSECVE-2012-1596 at NVDCVE-2012-2392 at SUSECVE-2012-2392 at NVDCVE-2012-2393 at SUSECVE-2012-2393 at NVDCVE-2012-2394 at SUSECVE-2012-2394 at NVDCVE-2012-4048 at SUSECVE-2012-4048 at NVDCVE-2012-4049 at SUSECVE-2012-4049 at NVDCVE-2012-4285 at SUSECVE-2012-4285 at NVDCVE-2012-4288 at SUSECVE-2012-4288 at NVDCVE-2012-4289 at SUSECVE-2012-4289 at NVDCVE-2012-4290 at SUSECVE-2012-4290 at NVDCVE-2012-4291 at SUSECVE-2012-4291 at NVDCVE-2012-4292 at SUSECVE-2012-4292 at NVDCVE-2012-4293 at SUSECVE-2012-4293 at NVDCVE-2012-4296 at SUSECVE-2012-4296 at NVDCVE-2012-5592 at SUSECVE-2012-5592 at NVDCVE-2012-5593 at SUSECVE-2012-5593 at NVDCVE-2012-5594 at SUSECVE-2012-5594 at NVDCVE-2012-5595 at SUSECVE-2012-5595 at NVDCVE-2012-5596 at SUSECVE-2012-5596 at NVDCVE-2012-5597 at SUSECVE-2012-5597 at NVDCVE-2012-5598 at SUSECVE-2012-5598 at NVDCVE-2012-5599 at SUSECVE-2012-5599 at NVDCVE-2012-5600 at SUSECVE-2012-5600 at NVDCVE-2012-5601 at SUSECVE-2012-5601 at NVDCVE-2012-5602 at SUSECVE-2012-5602 at NVDCVE-2013-1572 at SUSECVE-2013-1572 at NVDCVE-2013-1573 at SUSECVE-2013-1573 at NVDCVE-2013-1574 at SUSECVE-2013-1574 at NVDCVE-2013-1575 at SUSECVE-2013-1575 at NVDCVE-2013-1576 at SUSECVE-2013-1576 at NVDCVE-2013-1577 at SUSECVE-2013-1577 at NVDCVE-2013-1578 at SUSECVE-2013-1578 at NVDCVE-2013-1579 at SUSECVE-2013-1579 at NVDCVE-2013-1580 at SUSECVE-2013-1580 at NVDCVE-2013-1581 at SUSECVE-2013-1581 at NVDCVE-2013-1582 at SUSECVE-2013-1582 at NVDCVE-2013-1583 at SUSECVE-2013-1583 at NVDCVE-2013-1584 at SUSECVE-2013-1584 at NVDCVE-2013-1585 at SUSECVE-2013-1585 at NVDCVE-2013-1586 at SUSECVE-2013-1586 at NVDCVE-2013-1587 at SUSECVE-2013-1587 at NVDCVE-2013-1588 at SUSECVE-2013-1588 at NVDCVE-2013-1589 at SUSECVE-2013-1589 at NVDCVE-2013-1590 at SUSECVE-2013-1590 at NVDCVE-2013-2475 at SUSECVE-2013-2475 at NVDCVE-2013-2476 at SUSECVE-2013-2476 at NVDCVE-2013-2477 at SUSECVE-2013-2477 at NVDCVE-2013-2478 at SUSECVE-2013-2478 at NVDCVE-2013-2479 at SUSECVE-2013-2479 at NVDCVE-2013-2480 at SUSECVE-2013-2480 at NVDCVE-2013-2481 at SUSECVE-2013-2481 at NVDCVE-2013-2482 at SUSECVE-2013-2482 at NVDCVE-2013-2483 at SUSECVE-2013-2483 at NVDCVE-2013-2484 at SUSECVE-2013-2484 at NVDCVE-2013-2485 at SUSECVE-2013-2485 at NVDCVE-2013-2486 at SUSECVE-2013-2486 at NVDCVE-2013-2487 at SUSECVE-2013-2487 at NVDCVE-2013-2488 at SUSECVE-2013-2488 at NVDcpe:/o:suse:suse_sles:11:sp3x3270-3.3.12-517.12.34 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the x3270-3.3.12-517.12.34 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2012-5662 at SUSECVE-2012-5662 at NVDcpe:/o:suse:suse_sles:11:sp3xdg-utils-1.0.2-36.18 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the xdg-utils-1.0.2-36.18 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-0386 at SUSECVE-2008-0386 at NVDcpe:/o:suse:suse_sles:11:sp3xen-4.2.2_04-0.7.5 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the xen-4.2.2_04-0.7.5 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-1320 at SUSECVE-2007-1320 at NVDCVE-2007-1321 at SUSECVE-2007-1321 at NVDCVE-2007-1322 at SUSECVE-2007-1322 at NVDCVE-2007-1323 at SUSECVE-2007-1323 at NVDCVE-2007-1366 at SUSECVE-2007-1366 at NVDCVE-2007-3919 at SUSECVE-2007-3919 at NVDCVE-2011-1898 at SUSECVE-2011-1898 at NVDCVE-2012-0029 at SUSECVE-2012-0029 at NVDCVE-2012-0217 at SUSECVE-2012-0217 at NVDCVE-2012-2625 at SUSECVE-2012-2625 at NVDCVE-2012-3432 at SUSECVE-2012-3432 at NVDCVE-2012-3433 at SUSECVE-2012-3433 at NVDCVE-2012-3494 at SUSECVE-2012-3494 at NVDCVE-2012-3495 at SUSECVE-2012-3495 at NVDCVE-2012-3496 at SUSECVE-2012-3496 at NVDCVE-2012-3497 at SUSECVE-2012-3497 at NVDCVE-2012-3498 at SUSECVE-2012-3498 at NVDCVE-2012-3515 at SUSECVE-2012-3515 at NVDCVE-2012-4411 at SUSECVE-2012-4411 at NVDCVE-2012-4535 at SUSECVE-2012-4535 at NVDCVE-2012-4536 at SUSECVE-2012-4536 at NVDCVE-2012-4537 at SUSECVE-2012-4537 at NVDCVE-2012-4538 at SUSECVE-2012-4538 at NVDCVE-2012-4539 at SUSECVE-2012-4539 at NVDCVE-2012-4544 at SUSECVE-2012-4544 at NVDCVE-2012-5510 at SUSECVE-2012-5510 at NVDCVE-2012-5511 at SUSECVE-2012-5511 at NVDCVE-2012-5513 at SUSECVE-2012-5513 at NVDCVE-2012-5514 at SUSECVE-2012-5514 at NVDCVE-2012-5515 at SUSECVE-2012-5515 at NVDCVE-2012-5525 at SUSECVE-2012-5525 at NVDCVE-2012-5634 at SUSECVE-2012-5634 at NVDCVE-2012-6075 at SUSECVE-2012-6075 at NVDCVE-2013-0151 at SUSECVE-2013-0151 at NVDCVE-2013-0152 at SUSECVE-2013-0152 at NVDCVE-2013-0153 at SUSECVE-2013-0153 at NVDCVE-2013-1917 at SUSECVE-2013-1917 at NVDCVE-2013-1918 at SUSECVE-2013-1918 at NVDCVE-2013-1919 at SUSECVE-2013-1919 at NVDCVE-2013-1920 at SUSECVE-2013-1920 at NVDCVE-2013-1922 at SUSECVE-2013-1922 at NVDCVE-2013-1952 at SUSECVE-2013-1952 at NVDCVE-2013-2007 at SUSECVE-2013-2007 at NVDCVE-2013-2072 at SUSECVE-2013-2072 at NVDcpe:/o:suse:suse_sles:11:sp3xorg-x11-7.4-9.62.46 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the xorg-x11-7.4-9.62.46 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2007-4568 at SUSECVE-2007-4568 at NVDCVE-2011-0465 at SUSECVE-2011-0465 at NVDcpe:/o:suse:suse_sles:11:sp3xorg-x11-Xvnc-7.4-27.81.7 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the xorg-x11-Xvnc-7.4-27.81.7 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-6101 at SUSECVE-2006-6101 at NVDCVE-2006-6102 at SUSECVE-2006-6102 at NVDCVE-2006-6103 at SUSECVE-2006-6103 at NVDCVE-2007-1003 at SUSECVE-2007-1003 at NVDCVE-2007-5760 at SUSECVE-2007-5760 at NVDCVE-2007-6427 at SUSECVE-2007-6427 at NVDCVE-2007-6428 at SUSECVE-2007-6428 at NVDCVE-2007-6429 at SUSECVE-2007-6429 at NVDCVE-2008-0006 at SUSECVE-2008-0006 at NVDCVE-2008-1377 at SUSECVE-2008-1377 at NVDCVE-2008-1379 at SUSECVE-2008-1379 at NVDCVE-2008-2360 at SUSECVE-2008-2360 at NVDCVE-2008-2361 at SUSECVE-2008-2361 at NVDCVE-2008-2362 at SUSECVE-2008-2362 at NVDCVE-2010-2240 at SUSECVE-2010-2240 at NVDCVE-2010-4818 at SUSECVE-2010-4818 at NVDCVE-2010-4819 at SUSECVE-2010-4819 at NVDCVE-2011-4028 at SUSECVE-2011-4028 at NVDCVE-2011-4029 at SUSECVE-2011-4029 at NVDCVE-2013-1940 at SUSECVE-2013-1940 at NVDcpe:/o:suse:suse_sles:11:sp3xorg-x11-libs-32bit-7.4-8.26.32.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the xorg-x11-libs-32bit-7.4-8.26.32.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-2895 at SUSECVE-2011-2895 at NVDcpe:/o:suse:suse_sles:11:sp3xorg-x11-libxcb-32bit-7.4-1.29.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the xorg-x11-libxcb-32bit-7.4-1.29.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2013-2064 at SUSECVE-2013-2064 at NVDcpe:/o:suse:suse_sles:11:sp3xorg-x11-server-dmx-7.3.99-17.11.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the xorg-x11-server-dmx-7.3.99-17.11.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2010-2240 at SUSECVE-2010-2240 at NVDCVE-2011-4028 at SUSECVE-2011-4028 at NVDCVE-2011-4029 at SUSECVE-2011-4029 at NVDcpe:/o:suse:suse_sles:11:sp3xterm-238-1.16 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the xterm-238-1.16 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-2383 at SUSECVE-2008-2383 at NVDcpe:/o:suse:suse_sles:11:sp3yast2-2.17.129-0.7.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the yast2-2.17.129-0.7.2 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2011-3177 at SUSECVE-2011-3177 at NVDcpe:/o:suse:suse_sles:11:sp3yast2-core-2.17.45-0.5.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the yast2-core-2.17.45-0.5.1 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2008-4311 at SUSECVE-2008-4311 at NVDCVE-2011-2483 at SUSECVE-2011-2483 at NVDCVE-2011-3177 at SUSECVE-2011-3177 at NVDcpe:/o:suse:suse_sles:11:sp3zoo-2.10-911.22 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP3
These are all security issues fixed in the zoo-2.10-911.22 package on the GA media of SUSE Linux Enterprise Server 11 SP3. ModerateCVE-2006-0855 at SUSECVE-2006-0855 at NVDCVE-2007-1669 at SUSECVE-2007-1669 at NVDcpe:/o:suse:suse_sles:11:sp3LibVNCServer-0.9.1-154.24 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the LibVNCServer-0.9.1-154.24 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-2450 at SUSECVE-2006-2450 at NVDcpe:/o:suse:suse_sles:11:sp4Mesa-32bit-9.0.3-0.28.29.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the Mesa-32bit-9.0.3-0.28.29.2 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-1872 at SUSECVE-2013-1872 at NVDCVE-2013-1993 at SUSECVE-2013-1993 at NVDcpe:/o:suse:suse_sles:11:sp4MozillaFirefox-31.7.0esr-0.8.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the MozillaFirefox-31.7.0esr-0.8.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-6077 at SUSECVE-2006-6077 at NVDCVE-2007-0008 at SUSECVE-2007-0008 at NVDCVE-2007-0009 at SUSECVE-2007-0009 at NVDCVE-2007-0078 at SUSECVE-2007-0078 at NVDCVE-2007-0079 at SUSECVE-2007-0079 at NVDCVE-2007-0775 at SUSECVE-2007-0775 at NVDCVE-2007-0776 at SUSECVE-2007-0776 at NVDCVE-2007-0777 at SUSECVE-2007-0777 at NVDCVE-2007-0780 at SUSECVE-2007-0780 at NVDCVE-2007-0800 at SUSECVE-2007-0800 at NVDCVE-2007-0981 at SUSECVE-2007-0981 at NVDCVE-2007-0995 at SUSECVE-2007-0995 at NVDCVE-2007-0996 at SUSECVE-2007-0996 at NVDCVE-2007-3089 at SUSECVE-2007-3089 at NVDCVE-2007-3285 at SUSECVE-2007-3285 at NVDCVE-2007-3656 at SUSECVE-2007-3656 at NVDCVE-2007-3670 at SUSECVE-2007-3670 at NVDCVE-2007-3734 at SUSECVE-2007-3734 at NVDCVE-2007-3735 at SUSECVE-2007-3735 at NVDCVE-2007-3736 at SUSECVE-2007-3736 at NVDCVE-2007-3737 at SUSECVE-2007-3737 at NVDCVE-2007-3738 at SUSECVE-2007-3738 at NVDCVE-2008-0412 at SUSECVE-2008-0412 at NVDCVE-2008-0414 at SUSECVE-2008-0414 at NVDCVE-2008-0415 at SUSECVE-2008-0415 at NVDCVE-2008-0417 at SUSECVE-2008-0417 at NVDCVE-2008-0418 at SUSECVE-2008-0418 at NVDCVE-2008-0419 at SUSECVE-2008-0419 at NVDCVE-2008-0591 at SUSECVE-2008-0591 at NVDCVE-2008-0592 at SUSECVE-2008-0592 at NVDCVE-2008-0593 at SUSECVE-2008-0593 at NVDCVE-2008-0594 at SUSECVE-2008-0594 at NVDCVE-2008-3836 at SUSECVE-2008-3836 at NVDCVE-2008-4063 at SUSECVE-2008-4063 at NVDCVE-2008-4064 at SUSECVE-2008-4064 at NVDCVE-2008-4070 at SUSECVE-2008-4070 at NVDCVE-2008-5913 at SUSECVE-2008-5913 at NVDCVE-2009-0040 at SUSECVE-2009-0040 at NVDCVE-2009-0352 at SUSECVE-2009-0352 at NVDCVE-2009-0353 at SUSECVE-2009-0353 at NVDCVE-2009-0354 at SUSECVE-2009-0354 at NVDCVE-2009-0355 at SUSECVE-2009-0355 at NVDCVE-2009-0356 at SUSECVE-2009-0356 at NVDCVE-2009-0357 at SUSECVE-2009-0357 at NVDCVE-2009-0358 at SUSECVE-2009-0358 at NVDCVE-2009-0652 at SUSECVE-2009-0652 at NVDCVE-2009-0771 at SUSECVE-2009-0771 at NVDCVE-2009-0772 at SUSECVE-2009-0772 at NVDCVE-2009-0773 at SUSECVE-2009-0773 at NVDCVE-2009-0774 at SUSECVE-2009-0774 at NVDCVE-2009-0775 at SUSECVE-2009-0775 at NVDCVE-2009-0776 at SUSECVE-2009-0776 at NVDCVE-2009-0777 at SUSECVE-2009-0777 at NVDCVE-2009-1044 at SUSECVE-2009-1044 at NVDCVE-2009-1169 at SUSECVE-2009-1169 at NVDCVE-2009-1302 at SUSECVE-2009-1302 at NVDCVE-2009-1303 at SUSECVE-2009-1303 at NVDCVE-2009-1304 at SUSECVE-2009-1304 at NVDCVE-2009-1305 at SUSECVE-2009-1305 at NVDCVE-2009-1306 at SUSECVE-2009-1306 at NVDCVE-2009-1307 at SUSECVE-2009-1307 at NVDCVE-2009-1308 at SUSECVE-2009-1308 at NVDCVE-2009-1309 at SUSECVE-2009-1309 at NVDCVE-2009-1310 at SUSECVE-2009-1310 at NVDCVE-2009-1311 at SUSECVE-2009-1311 at NVDCVE-2009-1312 at SUSECVE-2009-1312 at NVDCVE-2009-1313 at SUSECVE-2009-1313 at NVDCVE-2009-1563 at SUSECVE-2009-1563 at NVDCVE-2009-1571 at SUSECVE-2009-1571 at NVDCVE-2009-2470 at SUSECVE-2009-2470 at NVDCVE-2009-2654 at SUSECVE-2009-2654 at NVDCVE-2009-3069 at SUSECVE-2009-3069 at NVDCVE-2009-3070 at SUSECVE-2009-3070 at NVDCVE-2009-3071 at SUSECVE-2009-3071 at NVDCVE-2009-3072 at SUSECVE-2009-3072 at NVDCVE-2009-3073 at SUSECVE-2009-3073 at NVDCVE-2009-3074 at SUSECVE-2009-3074 at NVDCVE-2009-3075 at SUSECVE-2009-3075 at NVDCVE-2009-3077 at SUSECVE-2009-3077 at NVDCVE-2009-3078 at SUSECVE-2009-3078 at NVDCVE-2009-3079 at SUSECVE-2009-3079 at NVDCVE-2009-3274 at SUSECVE-2009-3274 at NVDCVE-2009-3370 at SUSECVE-2009-3370 at NVDCVE-2009-3371 at SUSECVE-2009-3371 at NVDCVE-2009-3372 at SUSECVE-2009-3372 at NVDCVE-2009-3373 at SUSECVE-2009-3373 at NVDCVE-2009-3374 at SUSECVE-2009-3374 at NVDCVE-2009-3375 at SUSECVE-2009-3375 at NVDCVE-2009-3376 at SUSECVE-2009-3376 at NVDCVE-2009-3377 at SUSECVE-2009-3377 at NVDCVE-2009-3378 at SUSECVE-2009-3378 at NVDCVE-2009-3379 at SUSECVE-2009-3379 at NVDCVE-2009-3380 at SUSECVE-2009-3380 at NVDCVE-2009-3381 at SUSECVE-2009-3381 at NVDCVE-2009-3383 at SUSECVE-2009-3383 at NVDCVE-2009-3388 at SUSECVE-2009-3388 at NVDCVE-2009-3389 at SUSECVE-2009-3389 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2009-3979 at SUSECVE-2009-3979 at NVDCVE-2009-3980 at SUSECVE-2009-3980 at NVDCVE-2009-3982 at SUSECVE-2009-3982 at NVDCVE-2009-3983 at SUSECVE-2009-3983 at NVDCVE-2009-3984 at SUSECVE-2009-3984 at NVDCVE-2009-3985 at SUSECVE-2009-3985 at NVDCVE-2009-3988 at SUSECVE-2009-3988 at NVDCVE-2010-0159 at SUSECVE-2010-0159 at NVDCVE-2010-0160 at SUSECVE-2010-0160 at NVDCVE-2010-0162 at SUSECVE-2010-0162 at NVDCVE-2010-0173 at SUSECVE-2010-0173 at NVDCVE-2010-0174 at SUSECVE-2010-0174 at NVDCVE-2010-0175 at SUSECVE-2010-0175 at NVDCVE-2010-0176 at SUSECVE-2010-0176 at NVDCVE-2010-0177 at SUSECVE-2010-0177 at NVDCVE-2010-0178 at SUSECVE-2010-0178 at NVDCVE-2010-0179 at SUSECVE-2010-0179 at NVDCVE-2010-0181 at SUSECVE-2010-0181 at NVDCVE-2010-0182 at SUSECVE-2010-0182 at NVDCVE-2010-0183 at SUSECVE-2010-0183 at NVDCVE-2010-0654 at SUSECVE-2010-0654 at NVDCVE-2010-1121 at SUSECVE-2010-1121 at NVDCVE-2010-1125 at SUSECVE-2010-1125 at NVDCVE-2010-1196 at SUSECVE-2010-1196 at NVDCVE-2010-1197 at SUSECVE-2010-1197 at NVDCVE-2010-1198 at SUSECVE-2010-1198 at NVDCVE-2010-1199 at SUSECVE-2010-1199 at NVDCVE-2010-1200 at SUSECVE-2010-1200 at NVDCVE-2010-1201 at SUSECVE-2010-1201 at NVDCVE-2010-1202 at SUSECVE-2010-1202 at NVDCVE-2010-1203 at SUSECVE-2010-1203 at NVDCVE-2010-1205 at SUSECVE-2010-1205 at NVDCVE-2010-1206 at SUSECVE-2010-1206 at NVDCVE-2010-1208 at SUSECVE-2010-1208 at NVDCVE-2010-1209 at SUSECVE-2010-1209 at NVDCVE-2010-1211 at SUSECVE-2010-1211 at NVDCVE-2010-1212 at SUSECVE-2010-1212 at NVDCVE-2010-1213 at SUSECVE-2010-1213 at NVDCVE-2010-1214 at SUSECVE-2010-1214 at NVDCVE-2010-1585 at SUSECVE-2010-1585 at NVDCVE-2010-2751 at SUSECVE-2010-2751 at NVDCVE-2010-2752 at SUSECVE-2010-2752 at NVDCVE-2010-2753 at SUSECVE-2010-2753 at NVDCVE-2010-2754 at SUSECVE-2010-2754 at NVDCVE-2010-2755 at SUSECVE-2010-2755 at NVDCVE-2010-2760 at SUSECVE-2010-2760 at NVDCVE-2010-2762 at SUSECVE-2010-2762 at NVDCVE-2010-2764 at SUSECVE-2010-2764 at NVDCVE-2010-2765 at SUSECVE-2010-2765 at NVDCVE-2010-2766 at SUSECVE-2010-2766 at NVDCVE-2010-2767 at SUSECVE-2010-2767 at NVDCVE-2010-2768 at SUSECVE-2010-2768 at NVDCVE-2010-2769 at SUSECVE-2010-2769 at NVDCVE-2010-3166 at SUSECVE-2010-3166 at NVDCVE-2010-3167 at SUSECVE-2010-3167 at NVDCVE-2010-3168 at SUSECVE-2010-3168 at NVDCVE-2010-3169 at SUSECVE-2010-3169 at NVDCVE-2010-3170 at SUSECVE-2010-3170 at NVDCVE-2010-3173 at SUSECVE-2010-3173 at NVDCVE-2010-3174 at SUSECVE-2010-3174 at NVDCVE-2010-3175 at SUSECVE-2010-3175 at NVDCVE-2010-3176 at SUSECVE-2010-3176 at NVDCVE-2010-3177 at SUSECVE-2010-3177 at NVDCVE-2010-3178 at SUSECVE-2010-3178 at NVDCVE-2010-3179 at SUSECVE-2010-3179 at NVDCVE-2010-3180 at SUSECVE-2010-3180 at NVDCVE-2010-3182 at SUSECVE-2010-3182 at NVDCVE-2010-3183 at SUSECVE-2010-3183 at NVDCVE-2010-3765 at SUSECVE-2010-3765 at NVDCVE-2010-3766 at SUSECVE-2010-3766 at NVDCVE-2010-3767 at SUSECVE-2010-3767 at NVDCVE-2010-3768 at SUSECVE-2010-3768 at NVDCVE-2010-3769 at SUSECVE-2010-3769 at NVDCVE-2010-3770 at SUSECVE-2010-3770 at NVDCVE-2010-3771 at SUSECVE-2010-3771 at NVDCVE-2010-3772 at SUSECVE-2010-3772 at NVDCVE-2010-3773 at SUSECVE-2010-3773 at NVDCVE-2010-3775 at SUSECVE-2010-3775 at NVDCVE-2010-3776 at SUSECVE-2010-3776 at NVDCVE-2010-3777 at SUSECVE-2010-3777 at NVDCVE-2010-3778 at SUSECVE-2010-3778 at NVDCVE-2011-0051 at SUSECVE-2011-0051 at NVDCVE-2011-0053 at SUSECVE-2011-0053 at NVDCVE-2011-0054 at SUSECVE-2011-0054 at NVDCVE-2011-0055 at SUSECVE-2011-0055 at NVDCVE-2011-0056 at SUSECVE-2011-0056 at NVDCVE-2011-0057 at SUSECVE-2011-0057 at NVDCVE-2011-0059 at SUSECVE-2011-0059 at NVDCVE-2011-0061 at SUSECVE-2011-0061 at NVDCVE-2011-0062 at SUSECVE-2011-0062 at NVDCVE-2011-0065 at SUSECVE-2011-0065 at NVDCVE-2011-0066 at SUSECVE-2011-0066 at NVDCVE-2011-0067 at SUSECVE-2011-0067 at NVDCVE-2011-0069 at SUSECVE-2011-0069 at NVDCVE-2011-0070 at SUSECVE-2011-0070 at NVDCVE-2011-0072 at SUSECVE-2011-0072 at NVDCVE-2011-0073 at SUSECVE-2011-0073 at NVDCVE-2011-0074 at SUSECVE-2011-0074 at NVDCVE-2011-0075 at SUSECVE-2011-0075 at NVDCVE-2011-0077 at SUSECVE-2011-0077 at NVDCVE-2011-0078 at SUSECVE-2011-0078 at NVDCVE-2011-0080 at SUSECVE-2011-0080 at NVDCVE-2011-0081 at SUSECVE-2011-0081 at NVDCVE-2011-0083 at SUSECVE-2011-0083 at NVDCVE-2011-0084 at SUSECVE-2011-0084 at NVDCVE-2011-0085 at SUSECVE-2011-0085 at NVDCVE-2011-1202 at SUSECVE-2011-1202 at NVDCVE-2011-2362 at SUSECVE-2011-2362 at NVDCVE-2011-2363 at SUSECVE-2011-2363 at NVDCVE-2011-2364 at SUSECVE-2011-2364 at NVDCVE-2011-2365 at SUSECVE-2011-2365 at NVDCVE-2011-2371 at SUSECVE-2011-2371 at NVDCVE-2011-2372 at SUSECVE-2011-2372 at NVDCVE-2011-2373 at SUSECVE-2011-2373 at NVDCVE-2011-2374 at SUSECVE-2011-2374 at NVDCVE-2011-2376 at SUSECVE-2011-2376 at NVDCVE-2011-2377 at SUSECVE-2011-2377 at NVDCVE-2011-2378 at SUSECVE-2011-2378 at NVDCVE-2011-2980 at SUSECVE-2011-2980 at NVDCVE-2011-2981 at SUSECVE-2011-2981 at NVDCVE-2011-2982 at SUSECVE-2011-2982 at NVDCVE-2011-2983 at SUSECVE-2011-2983 at NVDCVE-2011-2995 at SUSECVE-2011-2995 at NVDCVE-2011-2996 at SUSECVE-2011-2996 at NVDCVE-2011-2997 at SUSECVE-2011-2997 at NVDCVE-2011-3000 at SUSECVE-2011-3000 at NVDCVE-2011-3001 at SUSECVE-2011-3001 at NVDCVE-2011-3002 at SUSECVE-2011-3002 at NVDCVE-2011-3003 at SUSECVE-2011-3003 at NVDCVE-2011-3004 at SUSECVE-2011-3004 at NVDCVE-2011-3005 at SUSECVE-2011-3005 at NVDCVE-2011-3026 at SUSECVE-2011-3026 at NVDCVE-2011-3062 at SUSECVE-2011-3062 at NVDCVE-2011-3101 at SUSECVE-2011-3101 at NVDCVE-2011-3232 at SUSECVE-2011-3232 at NVDCVE-2011-3658 at SUSECVE-2011-3658 at NVDCVE-2011-3660 at SUSECVE-2011-3660 at NVDCVE-2011-3661 at SUSECVE-2011-3661 at NVDCVE-2011-3663 at SUSECVE-2011-3663 at NVDCVE-2011-3665 at SUSECVE-2011-3665 at NVDCVE-2012-0441 at SUSECVE-2012-0441 at NVDCVE-2012-0452 at SUSECVE-2012-0452 at NVDCVE-2012-0467 at SUSECVE-2012-0467 at NVDCVE-2012-0468 at SUSECVE-2012-0468 at NVDCVE-2012-0469 at SUSECVE-2012-0469 at NVDCVE-2012-0470 at SUSECVE-2012-0470 at NVDCVE-2012-0471 at SUSECVE-2012-0471 at NVDCVE-2012-0472 at SUSECVE-2012-0472 at NVDCVE-2012-0473 at SUSECVE-2012-0473 at NVDCVE-2012-0474 at SUSECVE-2012-0474 at NVDCVE-2012-0477 at SUSECVE-2012-0477 at NVDCVE-2012-0478 at SUSECVE-2012-0478 at NVDCVE-2012-0479 at SUSECVE-2012-0479 at NVDCVE-2012-0759 at SUSECVE-2012-0759 at NVDCVE-2012-1937 at SUSECVE-2012-1937 at NVDCVE-2012-1939 at SUSECVE-2012-1939 at NVDCVE-2012-1940 at SUSECVE-2012-1940 at NVDCVE-2012-1941 at SUSECVE-2012-1941 at NVDCVE-2012-1944 at SUSECVE-2012-1944 at NVDCVE-2012-1945 at SUSECVE-2012-1945 at NVDCVE-2012-1946 at SUSECVE-2012-1946 at NVDCVE-2012-1947 at SUSECVE-2012-1947 at NVDCVE-2012-1948 at SUSECVE-2012-1948 at NVDCVE-2012-1949 at SUSECVE-2012-1949 at NVDCVE-2012-1950 at SUSECVE-2012-1950 at NVDCVE-2012-1951 at SUSECVE-2012-1951 at NVDCVE-2012-1952 at SUSECVE-2012-1952 at NVDCVE-2012-1953 at SUSECVE-2012-1953 at NVDCVE-2012-1954 at SUSECVE-2012-1954 at NVDCVE-2012-1955 at SUSECVE-2012-1955 at NVDCVE-2012-1956 at SUSECVE-2012-1956 at NVDCVE-2012-1957 at SUSECVE-2012-1957 at NVDCVE-2012-1958 at SUSECVE-2012-1958 at NVDCVE-2012-1959 at SUSECVE-2012-1959 at NVDCVE-2012-1960 at SUSECVE-2012-1960 at NVDCVE-2012-1961 at SUSECVE-2012-1961 at NVDCVE-2012-1962 at SUSECVE-2012-1962 at NVDCVE-2012-1963 at SUSECVE-2012-1963 at NVDCVE-2012-1964 at SUSECVE-2012-1964 at NVDCVE-2012-1965 at SUSECVE-2012-1965 at NVDCVE-2012-1966 at SUSECVE-2012-1966 at NVDCVE-2012-1967 at SUSECVE-2012-1967 at NVDCVE-2012-1970 at SUSECVE-2012-1970 at NVDCVE-2012-1972 at SUSECVE-2012-1972 at NVDCVE-2012-1973 at SUSECVE-2012-1973 at NVDCVE-2012-1974 at SUSECVE-2012-1974 at NVDCVE-2012-1975 at SUSECVE-2012-1975 at NVDCVE-2012-1976 at SUSECVE-2012-1976 at NVDCVE-2012-3956 at SUSECVE-2012-3956 at NVDCVE-2012-3957 at SUSECVE-2012-3957 at NVDCVE-2012-3958 at SUSECVE-2012-3958 at NVDCVE-2012-3959 at SUSECVE-2012-3959 at NVDCVE-2012-3960 at SUSECVE-2012-3960 at NVDCVE-2012-3961 at SUSECVE-2012-3961 at NVDCVE-2012-3962 at SUSECVE-2012-3962 at NVDCVE-2012-3963 at SUSECVE-2012-3963 at NVDCVE-2012-3964 at SUSECVE-2012-3964 at NVDCVE-2012-3966 at SUSECVE-2012-3966 at NVDCVE-2012-3967 at SUSECVE-2012-3967 at NVDCVE-2012-3968 at SUSECVE-2012-3968 at NVDCVE-2012-3969 at SUSECVE-2012-3969 at NVDCVE-2012-3970 at SUSECVE-2012-3970 at NVDCVE-2012-3972 at SUSECVE-2012-3972 at NVDCVE-2012-3976 at SUSECVE-2012-3976 at NVDCVE-2012-3978 at SUSECVE-2012-3978 at NVDCVE-2012-3980 at SUSECVE-2012-3980 at NVDCVE-2012-3982 at SUSECVE-2012-3982 at NVDCVE-2012-3986 at SUSECVE-2012-3986 at NVDCVE-2012-3988 at SUSECVE-2012-3988 at NVDCVE-2012-3990 at SUSECVE-2012-3990 at NVDCVE-2012-3991 at SUSECVE-2012-3991 at NVDCVE-2012-3992 at SUSECVE-2012-3992 at NVDCVE-2012-3993 at SUSECVE-2012-3993 at NVDCVE-2012-3994 at SUSECVE-2012-3994 at NVDCVE-2012-3995 at SUSECVE-2012-3995 at NVDCVE-2012-4179 at SUSECVE-2012-4179 at NVDCVE-2012-4180 at SUSECVE-2012-4180 at NVDCVE-2012-4181 at SUSECVE-2012-4181 at NVDCVE-2012-4182 at SUSECVE-2012-4182 at NVDCVE-2012-4183 at SUSECVE-2012-4183 at NVDCVE-2012-4184 at SUSECVE-2012-4184 at NVDCVE-2012-4185 at SUSECVE-2012-4185 at NVDCVE-2012-4186 at SUSECVE-2012-4186 at NVDCVE-2012-4187 at SUSECVE-2012-4187 at NVDCVE-2012-4188 at SUSECVE-2012-4188 at NVDCVE-2012-4192 at SUSECVE-2012-4192 at NVDCVE-2012-4193 at SUSECVE-2012-4193 at NVDCVE-2012-4194 at SUSECVE-2012-4194 at NVDCVE-2012-4195 at SUSECVE-2012-4195 at NVDCVE-2012-4196 at SUSECVE-2012-4196 at NVDCVE-2012-4201 at SUSECVE-2012-4201 at NVDCVE-2012-4202 at SUSECVE-2012-4202 at NVDCVE-2012-4207 at SUSECVE-2012-4207 at NVDCVE-2012-4209 at SUSECVE-2012-4209 at NVDCVE-2012-4210 at SUSECVE-2012-4210 at NVDCVE-2012-4212 at SUSECVE-2012-4212 at NVDCVE-2012-4213 at SUSECVE-2012-4213 at NVDCVE-2012-4214 at SUSECVE-2012-4214 at NVDCVE-2012-4215 at SUSECVE-2012-4215 at NVDCVE-2012-4216 at SUSECVE-2012-4216 at NVDCVE-2012-4217 at SUSECVE-2012-4217 at NVDCVE-2012-4218 at SUSECVE-2012-4218 at NVDCVE-2012-5829 at SUSECVE-2012-5829 at NVDCVE-2012-5830 at SUSECVE-2012-5830 at NVDCVE-2012-5833 at SUSECVE-2012-5833 at NVDCVE-2012-5835 at SUSECVE-2012-5835 at NVDCVE-2012-5838 at SUSECVE-2012-5838 at NVDCVE-2012-5839 at SUSECVE-2012-5839 at NVDCVE-2012-5840 at SUSECVE-2012-5840 at NVDCVE-2012-5841 at SUSECVE-2012-5841 at NVDCVE-2012-5842 at SUSECVE-2012-5842 at NVDCVE-2012-5843 at SUSECVE-2012-5843 at NVDCVE-2013-0744 at SUSECVE-2013-0744 at NVDCVE-2013-0745 at SUSECVE-2013-0745 at NVDCVE-2013-0746 at SUSECVE-2013-0746 at NVDCVE-2013-0747 at SUSECVE-2013-0747 at NVDCVE-2013-0748 at SUSECVE-2013-0748 at NVDCVE-2013-0749 at SUSECVE-2013-0749 at NVDCVE-2013-0750 at SUSECVE-2013-0750 at NVDCVE-2013-0752 at SUSECVE-2013-0752 at NVDCVE-2013-0753 at SUSECVE-2013-0753 at NVDCVE-2013-0754 at SUSECVE-2013-0754 at NVDCVE-2013-0755 at SUSECVE-2013-0755 at NVDCVE-2013-0756 at SUSECVE-2013-0756 at NVDCVE-2013-0757 at SUSECVE-2013-0757 at NVDCVE-2013-0758 at SUSECVE-2013-0758 at NVDCVE-2013-0760 at SUSECVE-2013-0760 at NVDCVE-2013-0761 at SUSECVE-2013-0761 at NVDCVE-2013-0762 at SUSECVE-2013-0762 at NVDCVE-2013-0763 at SUSECVE-2013-0763 at NVDCVE-2013-0764 at SUSECVE-2013-0764 at NVDCVE-2013-0766 at SUSECVE-2013-0766 at NVDCVE-2013-0767 at SUSECVE-2013-0767 at NVDCVE-2013-0768 at SUSECVE-2013-0768 at NVDCVE-2013-0769 at SUSECVE-2013-0769 at NVDCVE-2013-0770 at SUSECVE-2013-0770 at NVDCVE-2013-0771 at SUSECVE-2013-0771 at NVDCVE-2013-0773 at SUSECVE-2013-0773 at NVDCVE-2013-0774 at SUSECVE-2013-0774 at NVDCVE-2013-0775 at SUSECVE-2013-0775 at NVDCVE-2013-0776 at SUSECVE-2013-0776 at NVDCVE-2013-0780 at SUSECVE-2013-0780 at NVDCVE-2013-0782 at SUSECVE-2013-0782 at NVDCVE-2013-0783 at SUSECVE-2013-0783 at NVDCVE-2013-0787 at SUSECVE-2013-0787 at NVDCVE-2013-0788 at SUSECVE-2013-0788 at NVDCVE-2013-0793 at SUSECVE-2013-0793 at NVDCVE-2013-0794 at SUSECVE-2013-0794 at NVDCVE-2013-0795 at SUSECVE-2013-0795 at NVDCVE-2013-0796 at SUSECVE-2013-0796 at NVDCVE-2013-0800 at SUSECVE-2013-0800 at NVDCVE-2013-0801 at SUSECVE-2013-0801 at NVDCVE-2013-1669 at SUSECVE-2013-1669 at NVDCVE-2013-1670 at SUSECVE-2013-1670 at NVDCVE-2013-1674 at SUSECVE-2013-1674 at NVDCVE-2013-1675 at SUSECVE-2013-1675 at NVDCVE-2013-1676 at SUSECVE-2013-1676 at NVDCVE-2013-1677 at SUSECVE-2013-1677 at NVDCVE-2013-1678 at SUSECVE-2013-1678 at NVDCVE-2013-1679 at SUSECVE-2013-1679 at NVDCVE-2013-1680 at SUSECVE-2013-1680 at NVDCVE-2013-1681 at SUSECVE-2013-1681 at NVDCVE-2013-1682 at SUSECVE-2013-1682 at NVDCVE-2013-1684 at SUSECVE-2013-1684 at NVDCVE-2013-1685 at SUSECVE-2013-1685 at NVDCVE-2013-1686 at SUSECVE-2013-1686 at NVDCVE-2013-1687 at SUSECVE-2013-1687 at NVDCVE-2013-1690 at SUSECVE-2013-1690 at NVDCVE-2013-1692 at SUSECVE-2013-1692 at NVDCVE-2013-1693 at SUSECVE-2013-1693 at NVDCVE-2013-1694 at SUSECVE-2013-1694 at NVDCVE-2013-1697 at SUSECVE-2013-1697 at NVDCVE-2013-1701 at SUSECVE-2013-1701 at NVDCVE-2013-1705 at SUSECVE-2013-1705 at NVDCVE-2013-1709 at SUSECVE-2013-1709 at NVDCVE-2013-1710 at SUSECVE-2013-1710 at NVDCVE-2013-1713 at SUSECVE-2013-1713 at NVDCVE-2013-1714 at SUSECVE-2013-1714 at NVDCVE-2013-1717 at SUSECVE-2013-1717 at NVDCVE-2013-1718 at SUSECVE-2013-1718 at NVDCVE-2013-1722 at SUSECVE-2013-1722 at NVDCVE-2013-1725 at SUSECVE-2013-1725 at NVDCVE-2013-1730 at SUSECVE-2013-1730 at NVDCVE-2013-1732 at SUSECVE-2013-1732 at NVDCVE-2013-1735 at SUSECVE-2013-1735 at NVDCVE-2013-1736 at SUSECVE-2013-1736 at NVDCVE-2013-1737 at SUSECVE-2013-1737 at NVDCVE-2013-1739 at SUSECVE-2013-1739 at NVDCVE-2013-5590 at SUSECVE-2013-5590 at NVDCVE-2013-5591 at SUSECVE-2013-5591 at NVDCVE-2013-5592 at SUSECVE-2013-5592 at NVDCVE-2013-5595 at SUSECVE-2013-5595 at NVDCVE-2013-5597 at SUSECVE-2013-5597 at NVDCVE-2013-5599 at SUSECVE-2013-5599 at NVDCVE-2013-5600 at SUSECVE-2013-5600 at NVDCVE-2013-5601 at SUSECVE-2013-5601 at NVDCVE-2013-5602 at SUSECVE-2013-5602 at NVDCVE-2013-5604 at SUSECVE-2013-5604 at NVDCVE-2013-5609 at SUSECVE-2013-5609 at NVDCVE-2013-5610 at SUSECVE-2013-5610 at NVDCVE-2013-5613 at SUSECVE-2013-5613 at NVDCVE-2013-5615 at SUSECVE-2013-5615 at NVDCVE-2013-5616 at SUSECVE-2013-5616 at NVDCVE-2013-5618 at SUSECVE-2013-5618 at NVDCVE-2013-6629 at SUSECVE-2013-6629 at NVDCVE-2013-6630 at SUSECVE-2013-6630 at NVDCVE-2013-6671 at SUSECVE-2013-6671 at NVDCVE-2013-6673 at SUSECVE-2013-6673 at NVDCVE-2014-1477 at SUSECVE-2014-1477 at NVDCVE-2014-1478 at SUSECVE-2014-1478 at NVDCVE-2014-1479 at SUSECVE-2014-1479 at NVDCVE-2014-1481 at SUSECVE-2014-1481 at NVDCVE-2014-1482 at SUSECVE-2014-1482 at NVDCVE-2014-1486 at SUSECVE-2014-1486 at NVDCVE-2014-1487 at SUSECVE-2014-1487 at NVDCVE-2014-1490 at SUSECVE-2014-1490 at NVDCVE-2014-1491 at SUSECVE-2014-1491 at NVDCVE-2014-1493 at SUSECVE-2014-1493 at NVDCVE-2014-1494 at SUSECVE-2014-1494 at NVDCVE-2014-1497 at SUSECVE-2014-1497 at NVDCVE-2014-1505 at SUSECVE-2014-1505 at NVDCVE-2014-1508 at SUSECVE-2014-1508 at NVDCVE-2014-1509 at SUSECVE-2014-1509 at NVDCVE-2014-1510 at SUSECVE-2014-1510 at NVDCVE-2014-1511 at SUSECVE-2014-1511 at NVDCVE-2014-1512 at SUSECVE-2014-1512 at NVDCVE-2014-1513 at SUSECVE-2014-1513 at NVDCVE-2014-1514 at SUSECVE-2014-1514 at NVDCVE-2014-1518 at SUSECVE-2014-1518 at NVDCVE-2014-1523 at SUSECVE-2014-1523 at NVDCVE-2014-1524 at SUSECVE-2014-1524 at NVDCVE-2014-1529 at SUSECVE-2014-1529 at NVDCVE-2014-1530 at SUSECVE-2014-1530 at NVDCVE-2014-1531 at SUSECVE-2014-1531 at NVDCVE-2014-1532 at SUSECVE-2014-1532 at NVDCVE-2014-1533 at SUSECVE-2014-1533 at NVDCVE-2014-1534 at SUSECVE-2014-1534 at NVDCVE-2014-1536 at SUSECVE-2014-1536 at NVDCVE-2014-1537 at SUSECVE-2014-1537 at NVDCVE-2014-1538 at SUSECVE-2014-1538 at NVDCVE-2014-1541 at SUSECVE-2014-1541 at NVDCVE-2014-1544 at SUSECVE-2014-1544 at NVDCVE-2014-1545 at SUSECVE-2014-1545 at NVDCVE-2014-1547 at SUSECVE-2014-1547 at NVDCVE-2014-1548 at SUSECVE-2014-1548 at NVDCVE-2014-1553 at SUSECVE-2014-1553 at NVDCVE-2014-1554 at SUSECVE-2014-1554 at NVDCVE-2014-1555 at SUSECVE-2014-1555 at NVDCVE-2014-1556 at SUSECVE-2014-1556 at NVDCVE-2014-1557 at SUSECVE-2014-1557 at NVDCVE-2014-1562 at SUSECVE-2014-1562 at NVDCVE-2014-1567 at SUSECVE-2014-1567 at NVDCVE-2014-1574 at SUSECVE-2014-1574 at NVDCVE-2014-1575 at SUSECVE-2014-1575 at NVDCVE-2014-1576 at SUSECVE-2014-1576 at NVDCVE-2014-1577 at SUSECVE-2014-1577 at NVDCVE-2014-1578 at SUSECVE-2014-1578 at NVDCVE-2014-1581 at SUSECVE-2014-1581 at NVDCVE-2014-1583 at SUSECVE-2014-1583 at NVDCVE-2014-1585 at SUSECVE-2014-1585 at NVDCVE-2014-1586 at SUSECVE-2014-1586 at NVDCVE-2014-1587 at SUSECVE-2014-1587 at NVDCVE-2014-1588 at SUSECVE-2014-1588 at NVDCVE-2014-1590 at SUSECVE-2014-1590 at NVDCVE-2014-1592 at SUSECVE-2014-1592 at NVDCVE-2014-1593 at SUSECVE-2014-1593 at NVDCVE-2014-1594 at SUSECVE-2014-1594 at NVDCVE-2014-8634 at SUSECVE-2014-8634 at NVDCVE-2014-8635 at SUSECVE-2014-8635 at NVDCVE-2014-8638 at SUSECVE-2014-8638 at NVDCVE-2014-8639 at SUSECVE-2014-8639 at NVDCVE-2014-8641 at SUSECVE-2014-8641 at NVDCVE-2015-0797 at SUSECVE-2015-0797 at NVDCVE-2015-0801 at SUSECVE-2015-0801 at NVDCVE-2015-0807 at SUSECVE-2015-0807 at NVDCVE-2015-0813 at SUSECVE-2015-0813 at NVDCVE-2015-0814 at SUSECVE-2015-0814 at NVDCVE-2015-0815 at SUSECVE-2015-0815 at NVDCVE-2015-0816 at SUSECVE-2015-0816 at NVDCVE-2015-0817 at SUSECVE-2015-0817 at NVDCVE-2015-0818 at SUSECVE-2015-0818 at NVDCVE-2015-0822 at SUSECVE-2015-0822 at NVDCVE-2015-0827 at SUSECVE-2015-0827 at NVDCVE-2015-0831 at SUSECVE-2015-0831 at NVDCVE-2015-0835 at SUSECVE-2015-0835 at NVDCVE-2015-0836 at SUSECVE-2015-0836 at NVDCVE-2015-2708 at SUSECVE-2015-2708 at NVDCVE-2015-2709 at SUSECVE-2015-2709 at NVDCVE-2015-2710 at SUSECVE-2015-2710 at NVDCVE-2015-2713 at SUSECVE-2015-2713 at NVDCVE-2015-2716 at SUSECVE-2015-2716 at NVDcpe:/o:suse:suse_sles:11:sp4NetworkManager-0.7.1_git20090811-3.28.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the NetworkManager-0.7.1_git20090811-3.28.2 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-0365 at SUSECVE-2009-0365 at NVDCVE-2009-0578 at SUSECVE-2009-0578 at NVDcpe:/o:suse:suse_sles:11:sp4NetworkManager-gnome-0.7.1-5.22.28 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the NetworkManager-gnome-0.7.1-5.22.28 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-0365 at SUSECVE-2009-0365 at NVDCVE-2009-0578 at SUSECVE-2009-0578 at NVDCVE-2009-4144 at SUSECVE-2009-4144 at NVDCVE-2009-4145 at SUSECVE-2009-4145 at NVDcpe:/o:suse:suse_sles:11:sp4OpenEXR-1.6.1-83.17.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the OpenEXR-1.6.1-83.17.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-1720 at SUSECVE-2009-1720 at NVDCVE-2009-1721 at SUSECVE-2009-1721 at NVDcpe:/o:suse:suse_sles:11:sp4PackageKit-0.3.14-2.30.11 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the PackageKit-0.3.14-2.30.11 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-4311 at SUSECVE-2008-4311 at NVDcpe:/o:suse:suse_sles:11:sp4PolicyKit-0.9-14.43.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the PolicyKit-0.9-14.43.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-1658 at SUSECVE-2008-1658 at NVDcpe:/o:suse:suse_sles:11:sp4a2ps-4.13-1326.37.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the a2ps-4.13-1326.37.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-0466 at SUSECVE-2014-0466 at NVDcpe:/o:suse:suse_sles:11:sp4aaa_base-11-6.105.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the aaa_base-11-6.105.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-0461 at SUSECVE-2011-0461 at NVDcpe:/o:suse:suse_sles:11:sp4acpid-1.0.6-91.25.20 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the acpid-1.0.6-91.25.20 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-0798 at SUSECVE-2009-0798 at NVDCVE-2011-4578 at SUSECVE-2011-4578 at NVDcpe:/o:suse:suse_sles:11:sp4amavisd-new-2.7.0-18.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the amavisd-new-2.7.0-18.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2005-1349 at SUSECVE-2005-1349 at NVDcpe:/o:suse:suse_sles:11:sp4ant-1.7.1-20.11.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the ant-1.7.1-20.11.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2012-2098 at SUSECVE-2012-2098 at NVDcpe:/o:suse:suse_sles:11:sp4apache2-2.2.12-1.51.52.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the apache2-2.2.12-1.51.52.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2003-1418 at SUSECVE-2003-1418 at NVDCVE-2006-3747 at SUSECVE-2006-3747 at NVDCVE-2006-5752 at SUSECVE-2006-5752 at NVDCVE-2007-1862 at SUSECVE-2007-1862 at NVDCVE-2007-1863 at SUSECVE-2007-1863 at NVDCVE-2007-3304 at SUSECVE-2007-3304 at NVDCVE-2007-3847 at SUSECVE-2007-3847 at NVDCVE-2007-4465 at SUSECVE-2007-4465 at NVDCVE-2007-5000 at SUSECVE-2007-5000 at NVDCVE-2007-6388 at SUSECVE-2007-6388 at NVDCVE-2007-6420 at SUSECVE-2007-6420 at NVDCVE-2007-6421 at SUSECVE-2007-6421 at NVDCVE-2007-6422 at SUSECVE-2007-6422 at NVDCVE-2007-6750 at SUSECVE-2007-6750 at NVDCVE-2008-0005 at SUSECVE-2008-0005 at NVDCVE-2008-1678 at SUSECVE-2008-1678 at NVDCVE-2008-2364 at SUSECVE-2008-2364 at NVDCVE-2008-2939 at SUSECVE-2008-2939 at NVDCVE-2009-1191 at SUSECVE-2009-1191 at NVDCVE-2009-1195 at SUSECVE-2009-1195 at NVDCVE-2009-1890 at SUSECVE-2009-1890 at NVDCVE-2009-1891 at SUSECVE-2009-1891 at NVDCVE-2009-3094 at SUSECVE-2009-3094 at NVDCVE-2009-3095 at SUSECVE-2009-3095 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2010-0408 at SUSECVE-2010-0408 at NVDCVE-2010-0434 at SUSECVE-2010-0434 at NVDCVE-2010-1452 at SUSECVE-2010-1452 at NVDCVE-2010-2068 at SUSECVE-2010-2068 at NVDCVE-2011-3192 at SUSECVE-2011-3192 at NVDCVE-2011-3348 at SUSECVE-2011-3348 at NVDCVE-2011-3368 at SUSECVE-2011-3368 at NVDCVE-2011-3607 at SUSECVE-2011-3607 at NVDCVE-2011-3639 at SUSECVE-2011-3639 at NVDCVE-2011-4317 at SUSECVE-2011-4317 at NVDCVE-2012-0031 at SUSECVE-2012-0031 at NVDCVE-2012-0053 at SUSECVE-2012-0053 at NVDCVE-2012-0883 at SUSECVE-2012-0883 at NVDCVE-2012-2687 at SUSECVE-2012-2687 at NVDCVE-2012-3499 at SUSECVE-2012-3499 at NVDCVE-2012-4557 at SUSECVE-2012-4557 at NVDCVE-2012-4558 at SUSECVE-2012-4558 at NVDCVE-2013-1862 at SUSECVE-2013-1862 at NVDCVE-2013-1896 at SUSECVE-2013-1896 at NVDCVE-2013-5704 at SUSECVE-2013-5704 at NVDCVE-2013-6438 at SUSECVE-2013-6438 at NVDCVE-2014-0098 at SUSECVE-2014-0098 at NVDCVE-2014-0226 at SUSECVE-2014-0226 at NVDCVE-2014-0231 at SUSECVE-2014-0231 at NVDCVE-2014-3581 at SUSECVE-2014-3581 at NVDcpe:/o:suse:suse_sles:11:sp4apache2-mod_jk-1.2.40-0.2.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the apache2-mod_jk-1.2.40-0.2.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-0774 at SUSECVE-2007-0774 at NVDCVE-2008-5519 at SUSECVE-2008-5519 at NVDcpe:/o:suse:suse_sles:11:sp4apache2-mod_nss-1.0.8-0.4.13.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the apache2-mod_nss-1.0.8-0.4.13.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-4566 at SUSECVE-2013-4566 at NVDcpe:/o:suse:suse_sles:11:sp4apache2-mod_perl-2.0.4-40.24.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the apache2-mod_perl-2.0.4-40.24.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-1349 at SUSECVE-2007-1349 at NVDCVE-2013-1667 at SUSECVE-2013-1667 at NVDcpe:/o:suse:suse_sles:11:sp4apache2-mod_php53-5.3.17-0.41.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the apache2-mod_php53-5.3.17-0.41.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-7243 at SUSECVE-2006-7243 at NVDCVE-2007-4783 at SUSECVE-2007-4783 at NVDCVE-2007-4840 at SUSECVE-2007-4840 at NVDCVE-2007-4887 at SUSECVE-2007-4887 at NVDCVE-2008-0599 at SUSECVE-2008-0599 at NVDCVE-2010-2225 at SUSECVE-2010-2225 at NVDCVE-2010-2950 at SUSECVE-2010-2950 at NVDCVE-2010-3436 at SUSECVE-2010-3436 at NVDCVE-2010-3709 at SUSECVE-2010-3709 at NVDCVE-2010-3710 at SUSECVE-2010-3710 at NVDCVE-2010-4150 at SUSECVE-2010-4150 at NVDCVE-2010-4645 at SUSECVE-2010-4645 at NVDCVE-2011-0420 at SUSECVE-2011-0420 at NVDCVE-2011-0421 at SUSECVE-2011-0421 at NVDCVE-2011-0708 at SUSECVE-2011-0708 at NVDCVE-2011-1092 at SUSECVE-2011-1092 at NVDCVE-2011-1153 at SUSECVE-2011-1153 at NVDCVE-2011-1398 at SUSECVE-2011-1398 at NVDCVE-2011-1466 at SUSECVE-2011-1466 at NVDCVE-2011-2202 at SUSECVE-2011-2202 at NVDCVE-2011-3379 at SUSECVE-2011-3379 at NVDCVE-2011-4153 at SUSECVE-2011-4153 at NVDCVE-2011-4388 at SUSECVE-2011-4388 at NVDCVE-2011-4566 at SUSECVE-2011-4566 at NVDCVE-2011-4885 at SUSECVE-2011-4885 at NVDCVE-2012-0057 at SUSECVE-2012-0057 at NVDCVE-2012-0781 at SUSECVE-2012-0781 at NVDCVE-2012-0788 at SUSECVE-2012-0788 at NVDCVE-2012-0789 at SUSECVE-2012-0789 at NVDCVE-2012-0807 at SUSECVE-2012-0807 at NVDCVE-2012-0830 at SUSECVE-2012-0830 at NVDCVE-2012-0831 at SUSECVE-2012-0831 at NVDCVE-2012-1172 at SUSECVE-2012-1172 at NVDCVE-2012-1823 at SUSECVE-2012-1823 at NVDCVE-2012-2143 at SUSECVE-2012-2143 at NVDCVE-2012-2311 at SUSECVE-2012-2311 at NVDCVE-2012-2335 at SUSECVE-2012-2335 at NVDCVE-2012-2336 at SUSECVE-2012-2336 at NVDCVE-2012-2386 at SUSECVE-2012-2386 at NVDCVE-2012-2688 at SUSECVE-2012-2688 at NVDCVE-2012-3365 at SUSECVE-2012-3365 at NVDCVE-2013-1635 at SUSECVE-2013-1635 at NVDCVE-2013-1643 at SUSECVE-2013-1643 at NVDCVE-2013-4113 at SUSECVE-2013-4113 at NVDCVE-2013-4248 at SUSECVE-2013-4248 at NVDCVE-2013-4635 at SUSECVE-2013-4635 at NVDCVE-2013-6420 at SUSECVE-2013-6420 at NVDCVE-2013-6712 at SUSECVE-2013-6712 at NVDCVE-2014-0207 at SUSECVE-2014-0207 at NVDCVE-2014-0237 at SUSECVE-2014-0237 at NVDCVE-2014-0238 at SUSECVE-2014-0238 at NVDCVE-2014-2497 at SUSECVE-2014-2497 at NVDCVE-2014-3478 at SUSECVE-2014-3478 at NVDCVE-2014-3479 at SUSECVE-2014-3479 at NVDCVE-2014-3480 at SUSECVE-2014-3480 at NVDCVE-2014-3487 at SUSECVE-2014-3487 at NVDCVE-2014-3515 at SUSECVE-2014-3515 at NVDCVE-2014-3597 at SUSECVE-2014-3597 at NVDCVE-2014-3668 at SUSECVE-2014-3668 at NVDCVE-2014-3669 at SUSECVE-2014-3669 at NVDCVE-2014-3670 at SUSECVE-2014-3670 at NVDCVE-2014-4049 at SUSECVE-2014-4049 at NVDCVE-2014-4670 at SUSECVE-2014-4670 at NVDCVE-2014-4698 at SUSECVE-2014-4698 at NVDCVE-2014-4721 at SUSECVE-2014-4721 at NVDCVE-2014-5459 at SUSECVE-2014-5459 at NVDCVE-2014-8142 at SUSECVE-2014-8142 at NVDCVE-2014-9652 at SUSECVE-2014-9652 at NVDCVE-2014-9705 at SUSECVE-2014-9705 at NVDCVE-2014-9709 at SUSECVE-2014-9709 at NVDCVE-2015-0231 at SUSECVE-2015-0231 at NVDCVE-2015-0232 at SUSECVE-2015-0232 at NVDCVE-2015-0273 at SUSECVE-2015-0273 at NVDCVE-2015-2301 at SUSECVE-2015-2301 at NVDCVE-2015-2305 at SUSECVE-2015-2305 at NVDCVE-2015-2783 at SUSECVE-2015-2783 at NVDCVE-2015-2787 at SUSECVE-2015-2787 at NVDCVE-2015-3329 at SUSECVE-2015-3329 at NVDCVE-2015-4021 at SUSECVE-2015-4021 at NVDCVE-2015-4022 at SUSECVE-2015-4022 at NVDCVE-2015-4024 at SUSECVE-2015-4024 at NVDCVE-2015-4026 at SUSECVE-2015-4026 at NVDcpe:/o:suse:suse_sles:11:sp4apache2-mod_security2-2.7.1-0.2.18.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the apache2-mod_security2-2.7.1-0.2.18.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-5031 at SUSECVE-2009-5031 at NVDCVE-2012-2751 at SUSECVE-2012-2751 at NVDCVE-2012-4528 at SUSECVE-2012-4528 at NVDCVE-2013-1915 at SUSECVE-2013-1915 at NVDCVE-2013-2765 at SUSECVE-2013-2765 at NVDCVE-2013-5705 at SUSECVE-2013-5705 at NVDcpe:/o:suse:suse_sles:11:sp4ark-4.3.5-0.3.3 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the ark-4.3.5-0.3.3 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-2725 at SUSECVE-2011-2725 at NVDcpe:/o:suse:suse_sles:11:sp4augeas-0.9.0-3.15.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the augeas-0.9.0-3.15.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2012-0786 at SUSECVE-2012-0786 at NVDCVE-2013-6412 at SUSECVE-2013-6412 at NVDcpe:/o:suse:suse_sles:11:sp4automake-1.10.1-4.131.9.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the automake-1.10.1-4.131.9.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-4029 at SUSECVE-2009-4029 at NVDCVE-2012-3386 at SUSECVE-2012-3386 at NVDcpe:/o:suse:suse_sles:11:sp4avahi-0.6.23-11.32.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the avahi-0.6.23-11.32.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-5461 at SUSECVE-2006-5461 at NVDCVE-2006-6870 at SUSECVE-2006-6870 at NVDCVE-2007-3372 at SUSECVE-2007-3372 at NVDCVE-2008-5081 at SUSECVE-2008-5081 at NVDCVE-2009-0758 at SUSECVE-2009-0758 at NVDcpe:/o:suse:suse_sles:11:sp4bash-3.2-147.27.35 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the bash-3.2-147.27.35 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-6271 at SUSECVE-2014-6271 at NVDCVE-2014-6277 at SUSECVE-2014-6277 at NVDCVE-2014-6278 at SUSECVE-2014-6278 at NVDCVE-2014-7169 at SUSECVE-2014-7169 at NVDCVE-2014-7186 at SUSECVE-2014-7186 at NVDCVE-2014-7187 at SUSECVE-2014-7187 at NVDcpe:/o:suse:suse_sles:11:sp4bind-9.9.6P1-0.5.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the bind-9.9.6P1-0.5.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-4339 at SUSECVE-2006-4339 at NVDCVE-2007-2925 at SUSECVE-2007-2925 at NVDCVE-2007-2926 at SUSECVE-2007-2926 at NVDCVE-2009-0696 at SUSECVE-2009-0696 at NVDCVE-2009-4022 at SUSECVE-2009-4022 at NVDCVE-2011-1910 at SUSECVE-2011-1910 at NVDCVE-2011-2464 at SUSECVE-2011-2464 at NVDCVE-2011-4313 at SUSECVE-2011-4313 at NVDCVE-2012-1667 at SUSECVE-2012-1667 at NVDCVE-2012-3817 at SUSECVE-2012-3817 at NVDCVE-2012-4244 at SUSECVE-2012-4244 at NVDCVE-2012-5166 at SUSECVE-2012-5166 at NVDCVE-2013-4854 at SUSECVE-2013-4854 at NVDCVE-2014-0591 at SUSECVE-2014-0591 at NVDCVE-2014-8500 at SUSECVE-2014-8500 at NVDcpe:/o:suse:suse_sles:11:sp4binutils-2.24-3.62 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the binutils-2.24-3.62 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-8484 at SUSECVE-2014-8484 at NVDCVE-2014-8485 at SUSECVE-2014-8485 at NVDCVE-2014-8501 at SUSECVE-2014-8501 at NVDCVE-2014-8502 at SUSECVE-2014-8502 at NVDCVE-2014-8503 at SUSECVE-2014-8503 at NVDCVE-2014-8504 at SUSECVE-2014-8504 at NVDCVE-2014-8737 at SUSECVE-2014-8737 at NVDCVE-2014-8738 at SUSECVE-2014-8738 at NVDcpe:/o:suse:suse_sles:11:sp4boost-license-1.36.0-12.6.49 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the boost-license-1.36.0-12.6.49 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-0171 at SUSECVE-2008-0171 at NVDcpe:/o:suse:suse_sles:11:sp4bzip2-1.0.5-34.253.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the bzip2-1.0.5-34.253.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-1372 at SUSECVE-2008-1372 at NVDCVE-2010-0405 at SUSECVE-2010-0405 at NVDcpe:/o:suse:suse_sles:11:sp4cifs-utils-5.1-0.14.46 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the cifs-utils-5.1-0.14.46 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-3403 at SUSECVE-2006-3403 at NVDCVE-2007-0452 at SUSECVE-2007-0452 at NVDCVE-2007-2444 at SUSECVE-2007-2444 at NVDCVE-2007-2446 at SUSECVE-2007-2446 at NVDCVE-2007-2447 at SUSECVE-2007-2447 at NVDCVE-2007-4138 at SUSECVE-2007-4138 at NVDCVE-2007-4572 at SUSECVE-2007-4572 at NVDCVE-2007-5398 at SUSECVE-2007-5398 at NVDCVE-2007-6015 at SUSECVE-2007-6015 at NVDCVE-2008-1105 at SUSECVE-2008-1105 at NVDCVE-2008-3789 at SUSECVE-2008-3789 at NVDCVE-2008-4314 at SUSECVE-2008-4314 at NVDCVE-2009-0022 at SUSECVE-2009-0022 at NVDCVE-2009-1886 at SUSECVE-2009-1886 at NVDCVE-2009-1888 at SUSECVE-2009-1888 at NVDCVE-2009-2813 at SUSECVE-2009-2813 at NVDCVE-2009-2906 at SUSECVE-2009-2906 at NVDCVE-2009-2948 at SUSECVE-2009-2948 at NVDCVE-2010-0547 at SUSECVE-2010-0547 at NVDCVE-2010-0728 at SUSECVE-2010-0728 at NVDCVE-2010-0787 at SUSECVE-2010-0787 at NVDCVE-2011-1678 at SUSECVE-2011-1678 at NVDCVE-2012-1586 at SUSECVE-2012-1586 at NVDcpe:/o:suse:suse_sles:11:sp4clamav-0.98.7-0.3.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the clamav-0.98.7-0.3.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-4182 at SUSECVE-2006-4182 at NVDCVE-2006-5295 at SUSECVE-2006-5295 at NVDCVE-2006-5874 at SUSECVE-2006-5874 at NVDCVE-2007-0897 at SUSECVE-2007-0897 at NVDCVE-2007-0898 at SUSECVE-2007-0898 at NVDCVE-2007-1745 at SUSECVE-2007-1745 at NVDCVE-2007-1997 at SUSECVE-2007-1997 at NVDCVE-2007-6335 at SUSECVE-2007-6335 at NVDCVE-2007-6336 at SUSECVE-2007-6336 at NVDCVE-2007-6337 at SUSECVE-2007-6337 at NVDCVE-2007-6595 at SUSECVE-2007-6595 at NVDCVE-2007-6596 at SUSECVE-2007-6596 at NVDCVE-2008-0318 at SUSECVE-2008-0318 at NVDCVE-2008-0728 at SUSECVE-2008-0728 at NVDCVE-2008-1100 at SUSECVE-2008-1100 at NVDCVE-2008-2713 at SUSECVE-2008-2713 at NVDCVE-2010-0405 at SUSECVE-2010-0405 at NVDCVE-2011-2721 at SUSECVE-2011-2721 at NVDCVE-2011-3627 at SUSECVE-2011-3627 at NVDCVE-2012-1457 at SUSECVE-2012-1457 at NVDCVE-2012-1458 at SUSECVE-2012-1458 at NVDCVE-2012-1459 at SUSECVE-2012-1459 at NVDCVE-2013-2020 at SUSECVE-2013-2020 at NVDCVE-2013-2021 at SUSECVE-2013-2021 at NVDCVE-2013-6497 at SUSECVE-2013-6497 at NVDCVE-2014-9050 at SUSECVE-2014-9050 at NVDCVE-2014-9328 at SUSECVE-2014-9328 at NVDCVE-2015-1461 at SUSECVE-2015-1461 at NVDCVE-2015-1462 at SUSECVE-2015-1462 at NVDCVE-2015-1463 at SUSECVE-2015-1463 at NVDCVE-2015-2170 at SUSECVE-2015-2170 at NVDCVE-2015-2221 at SUSECVE-2015-2221 at NVDCVE-2015-2222 at SUSECVE-2015-2222 at NVDCVE-2015-2305 at SUSECVE-2015-2305 at NVDCVE-2015-2668 at SUSECVE-2015-2668 at NVDcpe:/o:suse:suse_sles:11:sp4compat-libldap-2_3-0-2.3.37-2.30.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the compat-libldap-2_3-0-2.3.37-2.30.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2012-1164 at SUSECVE-2012-1164 at NVDCVE-2013-4449 at SUSECVE-2013-4449 at NVDCVE-2015-1545 at SUSECVE-2015-1545 at NVDCVE-2015-1546 at SUSECVE-2015-1546 at NVDcpe:/o:suse:suse_sles:11:sp4coolkey-1.1.0-22.24 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the coolkey-1.1.0-22.24 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-4129 at SUSECVE-2007-4129 at NVDcpe:/o:suse:suse_sles:11:sp4coreutils-8.12-6.25.32.33.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the coreutils-8.12-6.25.32.33.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-0221 at SUSECVE-2013-0221 at NVDCVE-2013-0222 at SUSECVE-2013-0222 at NVDCVE-2013-0223 at SUSECVE-2013-0223 at NVDcpe:/o:suse:suse_sles:11:sp4cpio-2.9-75.78.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the cpio-2.9-75.78.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-9112 at SUSECVE-2014-9112 at NVDcpe:/o:suse:suse_sles:11:sp4cron-4.1-194.211.213.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the cron-4.1-194.211.213.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-2607 at SUSECVE-2006-2607 at NVDCVE-2010-0424 at SUSECVE-2010-0424 at NVDcpe:/o:suse:suse_sles:11:sp4cups-1.3.9-8.46.56.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the cups-1.3.9-8.46.56.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-0104 at SUSECVE-2007-0104 at NVDCVE-2007-3387 at SUSECVE-2007-3387 at NVDCVE-2007-4351 at SUSECVE-2007-4351 at NVDCVE-2007-4352 at SUSECVE-2007-4352 at NVDCVE-2007-5392 at SUSECVE-2007-5392 at NVDCVE-2007-5393 at SUSECVE-2007-5393 at NVDCVE-2008-0047 at SUSECVE-2008-0047 at NVDCVE-2008-1373 at SUSECVE-2008-1373 at NVDCVE-2008-1693 at SUSECVE-2008-1693 at NVDCVE-2008-1722 at SUSECVE-2008-1722 at NVDCVE-2008-3641 at SUSECVE-2008-3641 at NVDCVE-2009-0163 at SUSECVE-2009-0163 at NVDCVE-2009-0949 at SUSECVE-2009-0949 at NVDCVE-2009-2820 at SUSECVE-2009-2820 at NVDCVE-2009-3553 at SUSECVE-2009-3553 at NVDCVE-2010-0302 at SUSECVE-2010-0302 at NVDCVE-2010-0393 at SUSECVE-2010-0393 at NVDCVE-2010-0540 at SUSECVE-2010-0540 at NVDCVE-2010-0542 at SUSECVE-2010-0542 at NVDCVE-2010-1748 at SUSECVE-2010-1748 at NVDCVE-2010-2431 at SUSECVE-2010-2431 at NVDCVE-2010-2432 at SUSECVE-2010-2432 at NVDCVE-2010-2941 at SUSECVE-2010-2941 at NVDCVE-2011-2896 at SUSECVE-2011-2896 at NVDCVE-2011-3170 at SUSECVE-2011-3170 at NVDCVE-2012-5519 at SUSECVE-2012-5519 at NVDCVE-2014-3537 at SUSECVE-2014-3537 at NVDCVE-2014-5029 at SUSECVE-2014-5029 at NVDCVE-2014-5030 at SUSECVE-2014-5030 at NVDCVE-2014-5031 at SUSECVE-2014-5031 at NVDCVE-2014-9679 at SUSECVE-2014-9679 at NVDcpe:/o:suse:suse_sles:11:sp4curl-7.19.7-1.42.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the curl-7.19.7-1.42.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-0037 at SUSECVE-2009-0037 at NVDCVE-2009-2417 at SUSECVE-2009-2417 at NVDCVE-2010-4180 at SUSECVE-2010-4180 at NVDCVE-2011-2192 at SUSECVE-2011-2192 at NVDCVE-2011-3389 at SUSECVE-2011-3389 at NVDCVE-2013-1944 at SUSECVE-2013-1944 at NVDCVE-2013-2174 at SUSECVE-2013-2174 at NVDCVE-2013-4545 at SUSECVE-2013-4545 at NVDCVE-2014-0015 at SUSECVE-2014-0015 at NVDCVE-2014-0138 at SUSECVE-2014-0138 at NVDCVE-2014-0139 at SUSECVE-2014-0139 at NVDCVE-2014-3613 at SUSECVE-2014-3613 at NVDCVE-2014-3707 at SUSECVE-2014-3707 at NVDCVE-2014-8150 at SUSECVE-2014-8150 at NVDCVE-2015-3143 at SUSECVE-2015-3143 at NVDCVE-2015-3148 at SUSECVE-2015-3148 at NVDCVE-2015-3153 at SUSECVE-2015-3153 at NVDcpe:/o:suse:suse_sles:11:sp4cvs-1.12.12-144.23.5.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the cvs-1.12.12-144.23.5.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2012-0804 at SUSECVE-2012-0804 at NVDcpe:/o:suse:suse_sles:11:sp4cyrus-imapd-2.3.11-60.65.64.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the cyrus-imapd-2.3.11-60.65.64.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-3235 at SUSECVE-2009-3235 at NVDCVE-2011-3372 at SUSECVE-2011-3372 at NVDcpe:/o:suse:suse_sles:11:sp4davfs2-1.5.2-1.36 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the davfs2-1.5.2-1.36 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-4362 at SUSECVE-2014-4362 at NVDcpe:/o:suse:suse_sles:11:sp4dbus-1-1.2.10-3.31.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the dbus-1-1.2.10-3.31.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-6107 at SUSECVE-2006-6107 at NVDCVE-2008-0595 at SUSECVE-2008-0595 at NVDCVE-2008-3834 at SUSECVE-2008-3834 at NVDCVE-2008-4311 at SUSECVE-2008-4311 at NVDCVE-2009-1189 at SUSECVE-2009-1189 at NVDCVE-2010-4352 at SUSECVE-2010-4352 at NVDCVE-2012-3524 at SUSECVE-2012-3524 at NVDCVE-2014-3477 at SUSECVE-2014-3477 at NVDCVE-2014-3638 at SUSECVE-2014-3638 at NVDCVE-2014-3639 at SUSECVE-2014-3639 at NVDcpe:/o:suse:suse_sles:11:sp4dbus-1-glib-0.76-34.22.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the dbus-1-glib-0.76-34.22.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-1172 at SUSECVE-2010-1172 at NVDcpe:/o:suse:suse_sles:11:sp4dhcp-4.2.4.P2-0.22.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the dhcp-4.2.4.P2-0.22.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-0692 at SUSECVE-2009-0692 at NVDCVE-2009-1892 at SUSECVE-2009-1892 at NVDCVE-2011-0997 at SUSECVE-2011-0997 at NVDCVE-2011-2748 at SUSECVE-2011-2748 at NVDCVE-2011-2749 at SUSECVE-2011-2749 at NVDCVE-2011-4539 at SUSECVE-2011-4539 at NVDCVE-2011-4868 at SUSECVE-2011-4868 at NVDCVE-2012-3570 at SUSECVE-2012-3570 at NVDCVE-2012-3571 at SUSECVE-2012-3571 at NVDCVE-2012-3954 at SUSECVE-2012-3954 at NVDCVE-2012-3955 at SUSECVE-2012-3955 at NVDCVE-2013-2266 at SUSECVE-2013-2266 at NVDcpe:/o:suse:suse_sles:11:sp4dhcpcd-3.2.3-44.30.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the dhcpcd-3.2.3-44.30.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-0997 at SUSECVE-2011-0997 at NVDcpe:/o:suse:suse_sles:11:sp4dnsmasq-2.71-0.14.9 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the dnsmasq-2.71-0.14.9 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2015-3294 at SUSECVE-2015-3294 at NVDcpe:/o:suse:suse_sles:11:sp4e2fsprogs-1.41.9-2.14.3 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the e2fsprogs-1.41.9-2.14.3 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-5497 at SUSECVE-2007-5497 at NVDCVE-2015-0247 at SUSECVE-2015-0247 at NVDCVE-2015-1572 at SUSECVE-2015-1572 at NVDcpe:/o:suse:suse_sles:11:sp4ecryptfs-utils-32bit-61-1.33.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the ecryptfs-utils-32bit-61-1.33.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-1831 at SUSECVE-2011-1831 at NVDCVE-2011-1832 at SUSECVE-2011-1832 at NVDCVE-2011-1833 at SUSECVE-2011-1833 at NVDCVE-2011-1834 at SUSECVE-2011-1834 at NVDCVE-2011-3145 at SUSECVE-2011-3145 at NVDcpe:/o:suse:suse_sles:11:sp4ed-0.2-1001.30.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the ed-0.2-1001.30.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-3916 at SUSECVE-2008-3916 at NVDcpe:/o:suse:suse_sles:11:sp4elfutils-0.152-4.9.17 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the elfutils-0.152-4.9.17 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-9447 at SUSECVE-2014-9447 at NVDcpe:/o:suse:suse_sles:11:sp4emacs-22.3-4.42.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the emacs-22.3-4.42.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-5795 at SUSECVE-2007-5795 at NVDCVE-2014-3421 at SUSECVE-2014-3421 at NVDCVE-2014-3422 at SUSECVE-2014-3422 at NVDCVE-2014-3423 at SUSECVE-2014-3423 at NVDCVE-2014-3424 at SUSECVE-2014-3424 at NVDcpe:/o:suse:suse_sles:11:sp4enscript-1.6.4-152.22.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the enscript-1.6.4-152.22.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-3863 at SUSECVE-2008-3863 at NVDCVE-2008-4306 at SUSECVE-2008-4306 at NVDcpe:/o:suse:suse_sles:11:sp4evince-2.28.2-0.7.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the evince-2.28.2-0.7.2 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-5864 at SUSECVE-2006-5864 at NVDCVE-2010-2640 at SUSECVE-2010-2640 at NVDCVE-2010-2641 at SUSECVE-2010-2641 at NVDCVE-2010-2642 at SUSECVE-2010-2642 at NVDCVE-2010-2643 at SUSECVE-2010-2643 at NVDcpe:/o:suse:suse_sles:11:sp4evolution-data-server-2.28.2-0.32.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the evolution-data-server-2.28.2-0.32.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-3257 at SUSECVE-2007-3257 at NVDcpe:/o:suse:suse_sles:11:sp4expat-2.0.1-88.34.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the expat-2.0.1-88.34.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-2625 at SUSECVE-2009-2625 at NVDCVE-2009-3560 at SUSECVE-2009-3560 at NVDCVE-2012-0876 at SUSECVE-2012-0876 at NVDCVE-2012-1147 at SUSECVE-2012-1147 at NVDCVE-2012-1148 at SUSECVE-2012-1148 at NVDcpe:/o:suse:suse_sles:11:sp4fastjar-0.95-1.24.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the fastjar-0.95-1.24.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-0831 at SUSECVE-2010-0831 at NVDcpe:/o:suse:suse_sles:11:sp4fetchmail-6.3.8.90-13.20.19.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the fetchmail-6.3.8.90-13.20.19.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-5867 at SUSECVE-2006-5867 at NVDCVE-2006-5974 at SUSECVE-2006-5974 at NVDCVE-2007-1558 at SUSECVE-2007-1558 at NVDCVE-2007-4565 at SUSECVE-2007-4565 at NVDCVE-2009-2666 at SUSECVE-2009-2666 at NVDCVE-2011-1947 at SUSECVE-2011-1947 at NVDcpe:/o:suse:suse_sles:11:sp4file-32bit-4.24-43.27.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the file-32bit-4.24-43.27.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-1536 at SUSECVE-2007-1536 at NVDCVE-2007-2799 at SUSECVE-2007-2799 at NVDCVE-2014-3710 at SUSECVE-2014-3710 at NVDcpe:/o:suse:suse_sles:11:sp4findutils-4.4.0-38.26.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the findutils-4.4.0-38.26.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-2452 at SUSECVE-2007-2452 at NVDcpe:/o:suse:suse_sles:11:sp4foomatic-filters-3.0.2-269.35.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the foomatic-filters-3.0.2-269.35.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-2697 at SUSECVE-2011-2697 at NVDcpe:/o:suse:suse_sles:11:sp4freeradius-server-2.1.1-7.18.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the freeradius-server-2.1.1-7.18.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-4474 at SUSECVE-2008-4474 at NVDCVE-2011-4966 at SUSECVE-2011-4966 at NVDCVE-2014-2015 at SUSECVE-2014-2015 at NVDcpe:/o:suse:suse_sles:11:sp4freetype2-2.3.7-25.35.36.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the freetype2-2.3.7-25.35.36.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-1351 at SUSECVE-2007-1351 at NVDCVE-2009-0946 at SUSECVE-2009-0946 at NVDCVE-2010-2497 at SUSECVE-2010-2497 at NVDCVE-2010-2805 at SUSECVE-2010-2805 at NVDCVE-2010-3053 at SUSECVE-2010-3053 at NVDCVE-2010-3054 at SUSECVE-2010-3054 at NVDCVE-2010-3311 at SUSECVE-2010-3311 at NVDCVE-2010-3814 at SUSECVE-2010-3814 at NVDCVE-2010-3855 at SUSECVE-2010-3855 at NVDCVE-2011-0226 at SUSECVE-2011-0226 at NVDCVE-2011-2895 at SUSECVE-2011-2895 at NVDCVE-2011-3256 at SUSECVE-2011-3256 at NVDCVE-2011-3439 at SUSECVE-2011-3439 at NVDCVE-2012-1126 at SUSECVE-2012-1126 at NVDCVE-2012-1127 at SUSECVE-2012-1127 at NVDCVE-2012-1128 at SUSECVE-2012-1128 at NVDCVE-2012-1129 at SUSECVE-2012-1129 at NVDCVE-2012-1130 at SUSECVE-2012-1130 at NVDCVE-2012-1131 at SUSECVE-2012-1131 at NVDCVE-2012-1132 at SUSECVE-2012-1132 at NVDCVE-2012-1133 at SUSECVE-2012-1133 at NVDCVE-2012-1134 at SUSECVE-2012-1134 at NVDCVE-2012-1135 at SUSECVE-2012-1135 at NVDCVE-2012-1136 at SUSECVE-2012-1136 at NVDCVE-2012-1137 at SUSECVE-2012-1137 at NVDCVE-2012-1138 at SUSECVE-2012-1138 at NVDCVE-2012-1139 at SUSECVE-2012-1139 at NVDCVE-2012-1140 at SUSECVE-2012-1140 at NVDCVE-2012-1141 at SUSECVE-2012-1141 at NVDCVE-2012-1142 at SUSECVE-2012-1142 at NVDCVE-2012-1143 at SUSECVE-2012-1143 at NVDCVE-2012-1144 at SUSECVE-2012-1144 at NVDCVE-2012-5668 at SUSECVE-2012-5668 at NVDCVE-2012-5669 at SUSECVE-2012-5669 at NVDCVE-2012-5670 at SUSECVE-2012-5670 at NVDCVE-2014-9657 at SUSECVE-2014-9657 at NVDCVE-2014-9658 at SUSECVE-2014-9658 at NVDCVE-2014-9660 at SUSECVE-2014-9660 at NVDCVE-2014-9661 at SUSECVE-2014-9661 at NVDCVE-2014-9663 at SUSECVE-2014-9663 at NVDCVE-2014-9664 at SUSECVE-2014-9664 at NVDCVE-2014-9665 at SUSECVE-2014-9665 at NVDCVE-2014-9667 at SUSECVE-2014-9667 at NVDCVE-2014-9669 at SUSECVE-2014-9669 at NVDCVE-2014-9670 at SUSECVE-2014-9670 at NVDCVE-2014-9671 at SUSECVE-2014-9671 at NVDCVE-2014-9672 at SUSECVE-2014-9672 at NVDCVE-2014-9673 at SUSECVE-2014-9673 at NVDCVE-2014-9674 at SUSECVE-2014-9674 at NVDCVE-2014-9675 at SUSECVE-2014-9675 at NVDcpe:/o:suse:suse_sles:11:sp4fuse-2.8.7-0.11.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the fuse-2.8.7-0.11.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-3297 at SUSECVE-2009-3297 at NVDCVE-2011-0541 at SUSECVE-2011-0541 at NVDCVE-2015-3202 at SUSECVE-2015-3202 at NVDcpe:/o:suse:suse_sles:11:sp4fvwm2-2.5.26-1.25 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the fvwm2-2.5.26-1.25 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-5969 at SUSECVE-2006-5969 at NVDcpe:/o:suse:suse_sles:11:sp4g3utils-1.1.36-26.31 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the g3utils-1.1.36-26.31 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-4936 at SUSECVE-2008-4936 at NVDcpe:/o:suse:suse_sles:11:sp4gd-2.0.36.RC1-52.20.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the gd-2.0.36.RC1-52.20.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-2756 at SUSECVE-2007-2756 at NVDCVE-2014-9709 at SUSECVE-2014-9709 at NVDcpe:/o:suse:suse_sles:11:sp4ghostscript-fonts-other-8.62-32.34.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the ghostscript-fonts-other-8.62-32.34.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-0196 at SUSECVE-2009-0196 at NVDCVE-2009-0583 at SUSECVE-2009-0583 at NVDCVE-2009-0584 at SUSECVE-2009-0584 at NVDCVE-2009-0792 at SUSECVE-2009-0792 at NVDCVE-2009-3743 at SUSECVE-2009-3743 at NVDCVE-2010-1869 at SUSECVE-2010-1869 at NVDCVE-2010-4054 at SUSECVE-2010-4054 at NVDCVE-2012-4405 at SUSECVE-2012-4405 at NVDcpe:/o:suse:suse_sles:11:sp4glib2-2.22.5-0.8.14.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the glib2-2.22.5-0.8.14.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-2371 at SUSECVE-2008-2371 at NVDCVE-2008-4316 at SUSECVE-2008-4316 at NVDcpe:/o:suse:suse_sles:11:sp4glibc-2.11.3-17.84.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the glibc-2.11.3-17.84.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-5029 at SUSECVE-2009-5029 at NVDCVE-2011-2483 at SUSECVE-2011-2483 at NVDCVE-2012-4412 at SUSECVE-2012-4412 at NVDCVE-2012-6656 at SUSECVE-2012-6656 at NVDCVE-2013-0242 at SUSECVE-2013-0242 at NVDCVE-2013-1914 at SUSECVE-2013-1914 at NVDCVE-2013-4237 at SUSECVE-2013-4237 at NVDCVE-2013-4332 at SUSECVE-2013-4332 at NVDCVE-2013-4357 at SUSECVE-2013-4357 at NVDCVE-2013-4458 at SUSECVE-2013-4458 at NVDCVE-2013-4788 at SUSECVE-2013-4788 at NVDCVE-2013-7423 at SUSECVE-2013-7423 at NVDCVE-2014-0475 at SUSECVE-2014-0475 at NVDCVE-2014-4043 at SUSECVE-2014-4043 at NVDCVE-2014-5119 at SUSECVE-2014-5119 at NVDCVE-2014-6040 at SUSECVE-2014-6040 at NVDCVE-2014-7817 at SUSECVE-2014-7817 at NVDCVE-2014-9402 at SUSECVE-2014-9402 at NVDCVE-2015-0235 at SUSECVE-2015-0235 at NVDCVE-2015-1472 at SUSECVE-2015-1472 at NVDcpe:/o:suse:suse_sles:11:sp4gmime-2.2.23-1.50.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the gmime-2.2.23-1.50.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-0409 at SUSECVE-2010-0409 at NVDcpe:/o:suse:suse_sles:11:sp4gnome-screensaver-2.28.3-0.39.17 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the gnome-screensaver-2.28.3-0.39.17 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-0887 at SUSECVE-2008-0887 at NVDCVE-2010-0414 at SUSECVE-2010-0414 at NVDCVE-2010-0422 at SUSECVE-2010-0422 at NVDcpe:/o:suse:suse_sles:11:sp4gnutls-2.4.1-24.39.55.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the gnutls-2.4.1-24.39.55.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-4790 at SUSECVE-2006-4790 at NVDCVE-2008-1948 at SUSECVE-2008-1948 at NVDCVE-2008-1949 at SUSECVE-2008-1949 at NVDCVE-2008-1950 at SUSECVE-2008-1950 at NVDCVE-2008-4989 at SUSECVE-2008-4989 at NVDCVE-2009-2730 at SUSECVE-2009-2730 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2009-5138 at SUSECVE-2009-5138 at NVDCVE-2011-4128 at SUSECVE-2011-4128 at NVDCVE-2012-0390 at SUSECVE-2012-0390 at NVDCVE-2012-1569 at SUSECVE-2012-1569 at NVDCVE-2012-1573 at SUSECVE-2012-1573 at NVDCVE-2013-1619 at SUSECVE-2013-1619 at NVDCVE-2013-2116 at SUSECVE-2013-2116 at NVDCVE-2014-0092 at SUSECVE-2014-0092 at NVDCVE-2014-3466 at SUSECVE-2014-3466 at NVDCVE-2014-3467 at SUSECVE-2014-3467 at NVDCVE-2014-3468 at SUSECVE-2014-3468 at NVDCVE-2014-3469 at SUSECVE-2014-3469 at NVDCVE-2015-0282 at SUSECVE-2015-0282 at NVDCVE-2015-0294 at SUSECVE-2015-0294 at NVDcpe:/o:suse:suse_sles:11:sp4gpg2-2.0.9-25.33.39.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the gpg2-2.0.9-25.33.39.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-3746 at SUSECVE-2006-3746 at NVDCVE-2006-6169 at SUSECVE-2006-6169 at NVDCVE-2008-1530 at SUSECVE-2008-1530 at NVDCVE-2010-2547 at SUSECVE-2010-2547 at NVDCVE-2012-6085 at SUSECVE-2012-6085 at NVDCVE-2013-4351 at SUSECVE-2013-4351 at NVDCVE-2013-4402 at SUSECVE-2013-4402 at NVDCVE-2014-4617 at SUSECVE-2014-4617 at NVDcpe:/o:suse:suse_sles:11:sp4gpgme-1.1.6-25.32.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the gpgme-1.1.6-25.32.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-3564 at SUSECVE-2014-3564 at NVDcpe:/o:suse:suse_sles:11:sp4gstreamer-0_10-plugins-base-0.10.35-5.15.8 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the gstreamer-0_10-plugins-base-0.10.35-5.15.8 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-0586 at SUSECVE-2009-0586 at NVDcpe:/o:suse:suse_sles:11:sp4gstreamer-0_10-plugins-good-0.10.30-5.12.15 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the gstreamer-0_10-plugins-good-0.10.30-5.12.15 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-1686 at SUSECVE-2008-1686 at NVDCVE-2009-0386 at SUSECVE-2009-0386 at NVDCVE-2009-0387 at SUSECVE-2009-0387 at NVDCVE-2009-0397 at SUSECVE-2009-0397 at NVDCVE-2009-1932 at SUSECVE-2009-1932 at NVDcpe:/o:suse:suse_sles:11:sp4gtk2-2.18.9-0.23.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the gtk2-2.18.9-0.23.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-0010 at SUSECVE-2007-0010 at NVDCVE-2011-2485 at SUSECVE-2011-2485 at NVDCVE-2012-2370 at SUSECVE-2012-2370 at NVDcpe:/o:suse:suse_sles:11:sp4guestfs-data-1.20.12-0.18.70 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the guestfs-data-1.20.12-0.18.70 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-2124 at SUSECVE-2013-2124 at NVDCVE-2013-4419 at SUSECVE-2013-4419 at NVDcpe:/o:suse:suse_sles:11:sp4gvim-7.2-8.15.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the gvim-7.2-8.15.2 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-2438 at SUSECVE-2007-2438 at NVDCVE-2007-2953 at SUSECVE-2007-2953 at NVDcpe:/o:suse:suse_sles:11:sp4gzip-1.3.12-69.23.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the gzip-1.3.12-69.23.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-2624 at SUSECVE-2009-2624 at NVDCVE-2010-0001 at SUSECVE-2010-0001 at NVDcpe:/o:suse:suse_sles:11:sp4hplip-3.11.10-0.6.11.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the hplip-3.11.10-0.6.11.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2004-0801 at SUSECVE-2004-0801 at NVDCVE-2007-5208 at SUSECVE-2007-5208 at NVDCVE-2010-4267 at SUSECVE-2010-4267 at NVDCVE-2011-2697 at SUSECVE-2011-2697 at NVDCVE-2011-2722 at SUSECVE-2011-2722 at NVDCVE-2013-0200 at SUSECVE-2013-0200 at NVDCVE-2013-4288 at SUSECVE-2013-4288 at NVDCVE-2013-4325 at SUSECVE-2013-4325 at NVDCVE-2013-6402 at SUSECVE-2013-6402 at NVDcpe:/o:suse:suse_sles:11:sp4hyper-v-6-3.5 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the hyper-v-6-3.5 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2012-2669 at SUSECVE-2012-2669 at NVDCVE-2012-5532 at SUSECVE-2012-5532 at NVDcpe:/o:suse:suse_sles:11:sp4ibutils-1.5.7-0.15.22 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the ibutils-1.5.7-0.15.22 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-3277 at SUSECVE-2008-3277 at NVDCVE-2013-1894 at SUSECVE-2013-1894 at NVDcpe:/o:suse:suse_sles:11:sp4ipsec-tools-0.7.3-1.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the ipsec-tools-0.7.3-1.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-1841 at SUSECVE-2007-1841 at NVDCVE-2008-3652 at SUSECVE-2008-3652 at NVDcpe:/o:suse:suse_sles:11:sp4jakarta-commons-fileupload-1.1.1-1.37.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the jakarta-commons-fileupload-1.1.1-1.37.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-2186 at SUSECVE-2013-2186 at NVDCVE-2014-0050 at SUSECVE-2014-0050 at NVDcpe:/o:suse:suse_sles:11:sp4jakarta-commons-httpclient3-3.0.1-253.36.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the jakarta-commons-httpclient3-3.0.1-253.36.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2012-5783 at SUSECVE-2012-5783 at NVDcpe:/o:suse:suse_sles:11:sp4java-1_7_1-ibm-1.7.1_sr3.0-1.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the java-1_7_1-ibm-1.7.1_sr3.0-1.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-3065 at SUSECVE-2014-3065 at NVDCVE-2014-3566 at SUSECVE-2014-3566 at NVDCVE-2014-4288 at SUSECVE-2014-4288 at NVDCVE-2014-6456 at SUSECVE-2014-6456 at NVDCVE-2014-6457 at SUSECVE-2014-6457 at NVDCVE-2014-6458 at SUSECVE-2014-6458 at NVDCVE-2014-6466 at SUSECVE-2014-6466 at NVDCVE-2014-6476 at SUSECVE-2014-6476 at NVDCVE-2014-6492 at SUSECVE-2014-6492 at NVDCVE-2014-6493 at SUSECVE-2014-6493 at NVDCVE-2014-6502 at SUSECVE-2014-6502 at NVDCVE-2014-6503 at SUSECVE-2014-6503 at NVDCVE-2014-6506 at SUSECVE-2014-6506 at NVDCVE-2014-6511 at SUSECVE-2014-6511 at NVDCVE-2014-6512 at SUSECVE-2014-6512 at NVDCVE-2014-6513 at SUSECVE-2014-6513 at NVDCVE-2014-6515 at SUSECVE-2014-6515 at NVDCVE-2014-6527 at SUSECVE-2014-6527 at NVDCVE-2014-6531 at SUSECVE-2014-6531 at NVDCVE-2014-6532 at SUSECVE-2014-6532 at NVDCVE-2014-6558 at SUSECVE-2014-6558 at NVDCVE-2014-8891 at SUSECVE-2014-8891 at NVDCVE-2014-8892 at SUSECVE-2014-8892 at NVDCVE-2015-0138 at SUSECVE-2015-0138 at NVDCVE-2015-0192 at SUSECVE-2015-0192 at NVDCVE-2015-1914 at SUSECVE-2015-1914 at NVDCVE-2015-2808 at SUSECVE-2015-2808 at NVDcpe:/o:suse:suse_sles:11:sp4jpeg-6b-879.12.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the jpeg-6b-879.12.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2012-2806 at SUSECVE-2012-2806 at NVDcpe:/o:suse:suse_sles:11:sp4kbd-1.14.1-16.33.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the kbd-1.14.1-16.33.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-0460 at SUSECVE-2011-0460 at NVDcpe:/o:suse:suse_sles:11:sp4kde4-kgreeter-plugins-4.3.5-0.12.18.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the kde4-kgreeter-plugins-4.3.5-0.12.18.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-0436 at SUSECVE-2010-0436 at NVDCVE-2013-4132 at SUSECVE-2013-4132 at NVDCVE-2013-4133 at SUSECVE-2013-4133 at NVDcpe:/o:suse:suse_sles:11:sp4kdebase3-runtime-3.5.10-20.31 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the kdebase3-runtime-3.5.10-20.31 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-4569 at SUSECVE-2007-4569 at NVDcpe:/o:suse:suse_sles:11:sp4kdebase4-runtime-4.3.5-0.3.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the kdebase4-runtime-4.3.5-0.3.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-7252 at SUSECVE-2013-7252 at NVDcpe:/o:suse:suse_sles:11:sp4kdelibs3-3.5.10-23.27.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the kdelibs3-3.5.10-23.27.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-3820 at SUSECVE-2007-3820 at NVDCVE-2007-4224 at SUSECVE-2007-4224 at NVDCVE-2007-4225 at SUSECVE-2007-4225 at NVDCVE-2008-1671 at SUSECVE-2008-1671 at NVDCVE-2009-0689 at SUSECVE-2009-0689 at NVDcpe:/o:suse:suse_sles:11:sp4kdelibs4-4.3.5-0.14.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the kdelibs4-4.3.5-0.14.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-0689 at SUSECVE-2009-0689 at NVDCVE-2011-1168 at SUSECVE-2011-1168 at NVDCVE-2012-4512 at SUSECVE-2012-4512 at NVDCVE-2012-4513 at SUSECVE-2012-4513 at NVDCVE-2012-4515 at SUSECVE-2012-4515 at NVDcpe:/o:suse:suse_sles:11:sp4kdenetwork4-filesharing-4.3.5-0.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the kdenetwork4-filesharing-4.3.5-0.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-1000 at SUSECVE-2010-1000 at NVDcpe:/o:suse:suse_sles:11:sp4kdirstat-2.4.4-255.28.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the kdirstat-2.4.4-255.28.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-2528 at SUSECVE-2014-2528 at NVDcpe:/o:suse:suse_sles:11:sp4kernel-default-3.0.101-63.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the kernel-default-3.0.101-63.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-0007 at SUSECVE-2008-0007 at NVDCVE-2008-0009 at SUSECVE-2008-0009 at NVDCVE-2008-0010 at SUSECVE-2008-0010 at NVDCVE-2008-1375 at SUSECVE-2008-1375 at NVDCVE-2008-1669 at SUSECVE-2008-1669 at NVDCVE-2008-1673 at SUSECVE-2008-1673 at NVDCVE-2008-1675 at SUSECVE-2008-1675 at NVDCVE-2008-3528 at SUSECVE-2008-3528 at NVDCVE-2008-3831 at SUSECVE-2008-3831 at NVDCVE-2008-5079 at SUSECVE-2008-5079 at NVDCVE-2008-5182 at SUSECVE-2008-5182 at NVDCVE-2008-5300 at SUSECVE-2008-5300 at NVDCVE-2009-0029 at SUSECVE-2009-0029 at NVDCVE-2009-3939 at SUSECVE-2009-3939 at NVDCVE-2009-4026 at SUSECVE-2009-4026 at NVDCVE-2009-4027 at SUSECVE-2009-4027 at NVDCVE-2009-4131 at SUSECVE-2009-4131 at NVDCVE-2009-4138 at SUSECVE-2009-4138 at NVDCVE-2009-4536 at SUSECVE-2009-4536 at NVDCVE-2009-4537 at SUSECVE-2009-4537 at NVDCVE-2009-4538 at SUSECVE-2009-4538 at NVDCVE-2010-0415 at SUSECVE-2010-0415 at NVDCVE-2010-0622 at SUSECVE-2010-0622 at NVDCVE-2010-0623 at SUSECVE-2010-0623 at NVDCVE-2010-1146 at SUSECVE-2010-1146 at NVDCVE-2010-1173 at SUSECVE-2010-1173 at NVDCVE-2010-1437 at SUSECVE-2010-1437 at NVDCVE-2010-1641 at SUSECVE-2010-1641 at NVDCVE-2010-2066 at SUSECVE-2010-2066 at NVDCVE-2010-2798 at SUSECVE-2010-2798 at NVDCVE-2010-2803 at SUSECVE-2010-2803 at NVDCVE-2010-2942 at SUSECVE-2010-2942 at NVDCVE-2010-2943 at SUSECVE-2010-2943 at NVDCVE-2010-2946 at SUSECVE-2010-2946 at NVDCVE-2010-2954 at SUSECVE-2010-2954 at NVDCVE-2010-2955 at SUSECVE-2010-2955 at NVDCVE-2010-2959 at SUSECVE-2010-2959 at NVDCVE-2010-2960 at SUSECVE-2010-2960 at NVDCVE-2010-2962 at SUSECVE-2010-2962 at NVDCVE-2010-2963 at SUSECVE-2010-2963 at NVDCVE-2010-3015 at SUSECVE-2010-3015 at NVDCVE-2010-3078 at SUSECVE-2010-3078 at NVDCVE-2010-3079 at SUSECVE-2010-3079 at NVDCVE-2010-3080 at SUSECVE-2010-3080 at NVDCVE-2010-3081 at SUSECVE-2010-3081 at NVDCVE-2010-3084 at SUSECVE-2010-3084 at NVDCVE-2010-3296 at SUSECVE-2010-3296 at NVDCVE-2010-3297 at SUSECVE-2010-3297 at NVDCVE-2010-3298 at SUSECVE-2010-3298 at NVDCVE-2010-3301 at SUSECVE-2010-3301 at NVDCVE-2010-3310 at SUSECVE-2010-3310 at NVDCVE-2010-3437 at SUSECVE-2010-3437 at NVDCVE-2010-3699 at SUSECVE-2010-3699 at NVDCVE-2010-3705 at SUSECVE-2010-3705 at NVDCVE-2010-3861 at SUSECVE-2010-3861 at NVDCVE-2010-3873 at SUSECVE-2010-3873 at NVDCVE-2010-3874 at SUSECVE-2010-3874 at NVDCVE-2010-3875 at SUSECVE-2010-3875 at NVDCVE-2010-3876 at SUSECVE-2010-3876 at NVDCVE-2010-3877 at SUSECVE-2010-3877 at NVDCVE-2010-3880 at SUSECVE-2010-3880 at NVDCVE-2010-3881 at SUSECVE-2010-3881 at NVDCVE-2010-4072 at SUSECVE-2010-4072 at NVDCVE-2010-4073 at SUSECVE-2010-4073 at NVDCVE-2010-4075 at SUSECVE-2010-4075 at NVDCVE-2010-4076 at SUSECVE-2010-4076 at NVDCVE-2010-4077 at SUSECVE-2010-4077 at NVDCVE-2010-4082 at SUSECVE-2010-4082 at NVDCVE-2010-4083 at SUSECVE-2010-4083 at NVDCVE-2010-4157 at SUSECVE-2010-4157 at NVDCVE-2010-4158 at SUSECVE-2010-4158 at NVDCVE-2010-4160 at SUSECVE-2010-4160 at NVDCVE-2010-4162 at SUSECVE-2010-4162 at NVDCVE-2010-4163 at SUSECVE-2010-4163 at NVDCVE-2010-4164 at SUSECVE-2010-4164 at NVDCVE-2010-4165 at SUSECVE-2010-4165 at NVDCVE-2010-4169 at SUSECVE-2010-4169 at NVDCVE-2010-4175 at SUSECVE-2010-4175 at NVDCVE-2010-4243 at SUSECVE-2010-4243 at NVDCVE-2010-4251 at SUSECVE-2010-4251 at NVDCVE-2010-4258 at SUSECVE-2010-4258 at NVDCVE-2010-4342 at SUSECVE-2010-4342 at NVDCVE-2010-4529 at SUSECVE-2010-4529 at NVDCVE-2010-4656 at SUSECVE-2010-4656 at NVDCVE-2010-4668 at SUSECVE-2010-4668 at NVDCVE-2011-0521 at SUSECVE-2011-0521 at NVDCVE-2011-0710 at SUSECVE-2011-0710 at NVDCVE-2011-0711 at SUSECVE-2011-0711 at NVDCVE-2011-0712 at SUSECVE-2011-0712 at NVDCVE-2011-1016 at SUSECVE-2011-1016 at NVDCVE-2011-1017 at SUSECVE-2011-1017 at NVDCVE-2011-1020 at SUSECVE-2011-1020 at NVDCVE-2011-1083 at SUSECVE-2011-1083 at NVDCVE-2011-1160 at SUSECVE-2011-1160 at NVDCVE-2011-1180 at SUSECVE-2011-1180 at NVDCVE-2011-1182 at SUSECVE-2011-1182 at NVDCVE-2011-1478 at SUSECVE-2011-1478 at NVDCVE-2011-1573 at SUSECVE-2011-1573 at NVDCVE-2011-1577 at SUSECVE-2011-1577 at NVDCVE-2011-1593 at SUSECVE-2011-1593 at NVDCVE-2011-2182 at SUSECVE-2011-2182 at NVDCVE-2011-2183 at SUSECVE-2011-2183 at NVDCVE-2011-2203 at SUSECVE-2011-2203 at NVDCVE-2011-2479 at SUSECVE-2011-2479 at NVDCVE-2011-2491 at SUSECVE-2011-2491 at NVDCVE-2011-2494 at SUSECVE-2011-2494 at NVDCVE-2011-2495 at SUSECVE-2011-2495 at NVDCVE-2011-2496 at SUSECVE-2011-2496 at NVDCVE-2011-3191 at SUSECVE-2011-3191 at NVDCVE-2011-4086 at SUSECVE-2011-4086 at NVDCVE-2011-4097 at SUSECVE-2011-4097 at NVDCVE-2011-4127 at SUSECVE-2011-4127 at NVDCVE-2011-4131 at SUSECVE-2011-4131 at NVDCVE-2011-4604 at SUSECVE-2011-4604 at NVDCVE-2011-4622 at SUSECVE-2011-4622 at NVDCVE-2012-0038 at SUSECVE-2012-0038 at NVDCVE-2012-0045 at SUSECVE-2012-0045 at NVDCVE-2012-0056 at SUSECVE-2012-0056 at NVDCVE-2012-0207 at SUSECVE-2012-0207 at NVDCVE-2012-1090 at SUSECVE-2012-1090 at NVDCVE-2012-1097 at SUSECVE-2012-1097 at NVDCVE-2012-1146 at SUSECVE-2012-1146 at NVDCVE-2012-1179 at SUSECVE-2012-1179 at NVDCVE-2012-1601 at SUSECVE-2012-1601 at NVDCVE-2012-2119 at SUSECVE-2012-2119 at NVDCVE-2012-2133 at SUSECVE-2012-2133 at NVDCVE-2012-2136 at SUSECVE-2012-2136 at NVDCVE-2012-2137 at SUSECVE-2012-2137 at NVDCVE-2012-2372 at SUSECVE-2012-2372 at NVDCVE-2012-2373 at SUSECVE-2012-2373 at NVDCVE-2012-2390 at SUSECVE-2012-2390 at NVDCVE-2012-2663 at SUSECVE-2012-2663 at NVDCVE-2012-2745 at SUSECVE-2012-2745 at NVDCVE-2012-3412 at SUSECVE-2012-3412 at NVDCVE-2012-3430 at SUSECVE-2012-3430 at NVDCVE-2012-4398 at SUSECVE-2012-4398 at NVDCVE-2012-4461 at SUSECVE-2012-4461 at NVDCVE-2012-5517 at SUSECVE-2012-5517 at NVDCVE-2013-0160 at SUSECVE-2013-0160 at NVDCVE-2013-0216 at SUSECVE-2013-0216 at NVDCVE-2013-0231 at SUSECVE-2013-0231 at NVDCVE-2013-0871 at SUSECVE-2013-0871 at NVDCVE-2013-0913 at SUSECVE-2013-0913 at NVDCVE-2013-1059 at SUSECVE-2013-1059 at NVDCVE-2013-1767 at SUSECVE-2013-1767 at NVDCVE-2013-1774 at SUSECVE-2013-1774 at NVDCVE-2013-1796 at SUSECVE-2013-1796 at NVDCVE-2013-1797 at SUSECVE-2013-1797 at NVDCVE-2013-1798 at SUSECVE-2013-1798 at NVDCVE-2013-1819 at SUSECVE-2013-1819 at NVDCVE-2013-1848 at SUSECVE-2013-1848 at NVDCVE-2013-1929 at SUSECVE-2013-1929 at NVDCVE-2013-1979 at SUSECVE-2013-1979 at NVDCVE-2013-2015 at SUSECVE-2013-2015 at NVDCVE-2013-2094 at SUSECVE-2013-2094 at NVDCVE-2013-2148 at SUSECVE-2013-2148 at NVDCVE-2013-2164 at SUSECVE-2013-2164 at NVDCVE-2013-2206 at SUSECVE-2013-2206 at NVDCVE-2013-2232 at SUSECVE-2013-2232 at NVDCVE-2013-2234 at SUSECVE-2013-2234 at NVDCVE-2013-2237 at SUSECVE-2013-2237 at NVDCVE-2013-2850 at SUSECVE-2013-2850 at NVDCVE-2013-2851 at SUSECVE-2013-2851 at NVDCVE-2013-2852 at SUSECVE-2013-2852 at NVDCVE-2013-2893 at SUSECVE-2013-2893 at NVDCVE-2013-2897 at SUSECVE-2013-2897 at NVDCVE-2013-2899 at SUSECVE-2013-2899 at NVDCVE-2013-2929 at SUSECVE-2013-2929 at NVDCVE-2013-3301 at SUSECVE-2013-3301 at NVDCVE-2013-4162 at SUSECVE-2013-4162 at NVDCVE-2013-4163 at SUSECVE-2013-4163 at NVDCVE-2013-4470 at SUSECVE-2013-4470 at NVDCVE-2013-4483 at SUSECVE-2013-4483 at NVDCVE-2013-4511 at SUSECVE-2013-4511 at NVDCVE-2013-4514 at SUSECVE-2013-4514 at NVDCVE-2013-4515 at SUSECVE-2013-4515 at NVDCVE-2013-4579 at SUSECVE-2013-4579 at NVDCVE-2013-4587 at SUSECVE-2013-4587 at NVDCVE-2013-4592 at SUSECVE-2013-4592 at NVDCVE-2013-6367 at SUSECVE-2013-6367 at NVDCVE-2013-6368 at SUSECVE-2013-6368 at NVDCVE-2013-6376 at SUSECVE-2013-6376 at NVDCVE-2013-6378 at SUSECVE-2013-6378 at NVDCVE-2013-6380 at SUSECVE-2013-6380 at NVDCVE-2013-6382 at SUSECVE-2013-6382 at NVDCVE-2013-6885 at SUSECVE-2013-6885 at NVDCVE-2013-7027 at SUSECVE-2013-7027 at NVDCVE-2013-7263 at SUSECVE-2013-7263 at NVDCVE-2013-7264 at SUSECVE-2013-7264 at NVDCVE-2013-7265 at SUSECVE-2013-7265 at NVDCVE-2013-7339 at SUSECVE-2013-7339 at NVDCVE-2014-0055 at SUSECVE-2014-0055 at NVDCVE-2014-0077 at SUSECVE-2014-0077 at NVDCVE-2014-0101 at SUSECVE-2014-0101 at NVDCVE-2014-0131 at SUSECVE-2014-0131 at NVDCVE-2014-0155 at SUSECVE-2014-0155 at NVDCVE-2014-0181 at SUSECVE-2014-0181 at NVDCVE-2014-0196 at SUSECVE-2014-0196 at NVDCVE-2014-0691 at SUSECVE-2014-0691 at NVDCVE-2014-1444 at SUSECVE-2014-1444 at NVDCVE-2014-1445 at SUSECVE-2014-1445 at NVDCVE-2014-1446 at SUSECVE-2014-1446 at NVDCVE-2014-1737 at SUSECVE-2014-1737 at NVDCVE-2014-1738 at SUSECVE-2014-1738 at NVDCVE-2014-1739 at SUSECVE-2014-1739 at NVDCVE-2014-1874 at SUSECVE-2014-1874 at NVDCVE-2014-2309 at SUSECVE-2014-2309 at NVDCVE-2014-2523 at SUSECVE-2014-2523 at NVDCVE-2014-2678 at SUSECVE-2014-2678 at NVDCVE-2014-2851 at SUSECVE-2014-2851 at NVDCVE-2014-3122 at SUSECVE-2014-3122 at NVDCVE-2014-3144 at SUSECVE-2014-3144 at NVDCVE-2014-3145 at SUSECVE-2014-3145 at NVDCVE-2014-3153 at SUSECVE-2014-3153 at NVDCVE-2014-3181 at SUSECVE-2014-3181 at NVDCVE-2014-3184 at SUSECVE-2014-3184 at NVDCVE-2014-3185 at SUSECVE-2014-3185 at NVDCVE-2014-3186 at SUSECVE-2014-3186 at NVDCVE-2014-3601 at SUSECVE-2014-3601 at NVDCVE-2014-3610 at SUSECVE-2014-3610 at NVDCVE-2014-3611 at SUSECVE-2014-3611 at NVDCVE-2014-3646 at SUSECVE-2014-3646 at NVDCVE-2014-3647 at SUSECVE-2014-3647 at NVDCVE-2014-3673 at SUSECVE-2014-3673 at NVDCVE-2014-3687 at SUSECVE-2014-3687 at NVDCVE-2014-3688 at SUSECVE-2014-3688 at NVDCVE-2014-3690 at SUSECVE-2014-3690 at NVDCVE-2014-3917 at SUSECVE-2014-3917 at NVDCVE-2014-4171 at SUSECVE-2014-4171 at NVDCVE-2014-4508 at SUSECVE-2014-4508 at NVDCVE-2014-4608 at SUSECVE-2014-4608 at NVDCVE-2014-4652 at SUSECVE-2014-4652 at NVDCVE-2014-4653 at SUSECVE-2014-4653 at NVDCVE-2014-4654 at SUSECVE-2014-4654 at NVDCVE-2014-4655 at SUSECVE-2014-4655 at NVDCVE-2014-4656 at SUSECVE-2014-4656 at NVDCVE-2014-4667 at SUSECVE-2014-4667 at NVDCVE-2014-4699 at SUSECVE-2014-4699 at NVDCVE-2014-4943 at SUSECVE-2014-4943 at NVDCVE-2014-5077 at SUSECVE-2014-5077 at NVDCVE-2014-5471 at SUSECVE-2014-5471 at NVDCVE-2014-5472 at SUSECVE-2014-5472 at NVDCVE-2014-6410 at SUSECVE-2014-6410 at NVDCVE-2014-7822 at SUSECVE-2014-7822 at NVDCVE-2014-7826 at SUSECVE-2014-7826 at NVDCVE-2014-7841 at SUSECVE-2014-7841 at NVDCVE-2014-7842 at SUSECVE-2014-7842 at NVDCVE-2014-7970 at SUSECVE-2014-7970 at NVDCVE-2014-8086 at SUSECVE-2014-8086 at NVDCVE-2014-8133 at SUSECVE-2014-8133 at NVDCVE-2014-8134 at SUSECVE-2014-8134 at NVDCVE-2014-8159 at SUSECVE-2014-8159 at NVDCVE-2014-8160 at SUSECVE-2014-8160 at NVDCVE-2014-8369 at SUSECVE-2014-8369 at NVDCVE-2014-8559 at SUSECVE-2014-8559 at NVDCVE-2014-8709 at SUSECVE-2014-8709 at NVDCVE-2014-9090 at SUSECVE-2014-9090 at NVDCVE-2014-9322 at SUSECVE-2014-9322 at NVDCVE-2014-9419 at SUSECVE-2014-9419 at NVDCVE-2014-9420 at SUSECVE-2014-9420 at NVDCVE-2014-9529 at SUSECVE-2014-9529 at NVDCVE-2014-9584 at SUSECVE-2014-9584 at NVDCVE-2014-9585 at SUSECVE-2014-9585 at NVDCVE-2014-9683 at SUSECVE-2014-9683 at NVDCVE-2015-0777 at SUSECVE-2015-0777 at NVDCVE-2015-1421 at SUSECVE-2015-1421 at NVDCVE-2015-1593 at SUSECVE-2015-1593 at NVDCVE-2015-1805 at SUSECVE-2015-1805 at NVDCVE-2015-2041 at SUSECVE-2015-2041 at NVDCVE-2015-2042 at SUSECVE-2015-2042 at NVDCVE-2015-2150 at SUSECVE-2015-2150 at NVDCVE-2015-2830 at SUSECVE-2015-2830 at NVDCVE-2015-2922 at SUSECVE-2015-2922 at NVDCVE-2015-3331 at SUSECVE-2015-3331 at NVDCVE-2015-3339 at SUSECVE-2015-3339 at NVDCVE-2015-3636 at SUSECVE-2015-3636 at NVDcpe:/o:suse:suse_sles:11:sp4krb5-1.6.3-133.49.66.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the krb5-1.6.3-133.49.66.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2002-2443 at SUSECVE-2002-2443 at NVDCVE-2006-6143 at SUSECVE-2006-6143 at NVDCVE-2006-6144 at SUSECVE-2006-6144 at NVDCVE-2007-0956 at SUSECVE-2007-0956 at NVDCVE-2007-0957 at SUSECVE-2007-0957 at NVDCVE-2007-1216 at SUSECVE-2007-1216 at NVDCVE-2007-2442 at SUSECVE-2007-2442 at NVDCVE-2007-2443 at SUSECVE-2007-2443 at NVDCVE-2007-2798 at SUSECVE-2007-2798 at NVDCVE-2007-3999 at SUSECVE-2007-3999 at NVDCVE-2007-4000 at SUSECVE-2007-4000 at NVDCVE-2007-4743 at SUSECVE-2007-4743 at NVDCVE-2007-5894 at SUSECVE-2007-5894 at NVDCVE-2007-5902 at SUSECVE-2007-5902 at NVDCVE-2007-5971 at SUSECVE-2007-5971 at NVDCVE-2007-5972 at SUSECVE-2007-5972 at NVDCVE-2008-0062 at SUSECVE-2008-0062 at NVDCVE-2008-0063 at SUSECVE-2008-0063 at NVDCVE-2008-0947 at SUSECVE-2008-0947 at NVDCVE-2008-0948 at SUSECVE-2008-0948 at NVDCVE-2009-0844 at SUSECVE-2009-0844 at NVDCVE-2009-0845 at SUSECVE-2009-0845 at NVDCVE-2009-0846 at SUSECVE-2009-0846 at NVDCVE-2009-0847 at SUSECVE-2009-0847 at NVDCVE-2009-4212 at SUSECVE-2009-4212 at NVDCVE-2010-0629 at SUSECVE-2010-0629 at NVDCVE-2010-1321 at SUSECVE-2010-1321 at NVDCVE-2010-1323 at SUSECVE-2010-1323 at NVDCVE-2011-0281 at SUSECVE-2011-0281 at NVDCVE-2011-0282 at SUSECVE-2011-0282 at NVDCVE-2011-1526 at SUSECVE-2011-1526 at NVDCVE-2011-4862 at SUSECVE-2011-4862 at NVDCVE-2013-1415 at SUSECVE-2013-1415 at NVDCVE-2013-1418 at SUSECVE-2013-1418 at NVDCVE-2014-4341 at SUSECVE-2014-4341 at NVDCVE-2014-4344 at SUSECVE-2014-4344 at NVDCVE-2014-4345 at SUSECVE-2014-4345 at NVDCVE-2014-5351 at SUSECVE-2014-5351 at NVDCVE-2014-5352 at SUSECVE-2014-5352 at NVDCVE-2014-9421 at SUSECVE-2014-9421 at NVDCVE-2014-9422 at SUSECVE-2014-9422 at NVDCVE-2014-9423 at SUSECVE-2014-9423 at NVDcpe:/o:suse:suse_sles:11:sp4krb5-doc-1.6.3-133.49.66.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the krb5-doc-1.6.3-133.49.66.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-3999 at SUSECVE-2007-3999 at NVDCVE-2007-4000 at SUSECVE-2007-4000 at NVDCVE-2007-4743 at SUSECVE-2007-4743 at NVDcpe:/o:suse:suse_sles:11:sp4krb5-plugin-kdb-ldap-1.6.3-133.49.66.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the krb5-plugin-kdb-ldap-1.6.3-133.49.66.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2002-2443 at SUSECVE-2002-2443 at NVDCVE-2007-0956 at SUSECVE-2007-0956 at NVDCVE-2007-0957 at SUSECVE-2007-0957 at NVDCVE-2007-1216 at SUSECVE-2007-1216 at NVDCVE-2007-2442 at SUSECVE-2007-2442 at NVDCVE-2007-2443 at SUSECVE-2007-2443 at NVDCVE-2007-2798 at SUSECVE-2007-2798 at NVDCVE-2007-3999 at SUSECVE-2007-3999 at NVDCVE-2007-4000 at SUSECVE-2007-4000 at NVDCVE-2007-4743 at SUSECVE-2007-4743 at NVDCVE-2010-0629 at SUSECVE-2010-0629 at NVDCVE-2010-1321 at SUSECVE-2010-1321 at NVDCVE-2010-1323 at SUSECVE-2010-1323 at NVDCVE-2011-0281 at SUSECVE-2011-0281 at NVDCVE-2011-0282 at SUSECVE-2011-0282 at NVDCVE-2011-1526 at SUSECVE-2011-1526 at NVDCVE-2011-4862 at SUSECVE-2011-4862 at NVDCVE-2013-1415 at SUSECVE-2013-1415 at NVDCVE-2013-1418 at SUSECVE-2013-1418 at NVDcpe:/o:suse:suse_sles:11:sp4kvm-1.4.2-30.5 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the kvm-1.4.2-30.5 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-2382 at SUSECVE-2008-2382 at NVDCVE-2008-5714 at SUSECVE-2008-5714 at NVDCVE-2012-2652 at SUSECVE-2012-2652 at NVDCVE-2012-3515 at SUSECVE-2012-3515 at NVDCVE-2013-2007 at SUSECVE-2013-2007 at NVDCVE-2013-2016 at SUSECVE-2013-2016 at NVDCVE-2013-4148 at SUSECVE-2013-4148 at NVDCVE-2013-4149 at SUSECVE-2013-4149 at NVDCVE-2013-4150 at SUSECVE-2013-4150 at NVDCVE-2013-4151 at SUSECVE-2013-4151 at NVDCVE-2013-4344 at SUSECVE-2013-4344 at NVDCVE-2013-4526 at SUSECVE-2013-4526 at NVDCVE-2013-4527 at SUSECVE-2013-4527 at NVDCVE-2013-4529 at SUSECVE-2013-4529 at NVDCVE-2013-4530 at SUSECVE-2013-4530 at NVDCVE-2013-4531 at SUSECVE-2013-4531 at NVDCVE-2013-4533 at SUSECVE-2013-4533 at NVDCVE-2013-4534 at SUSECVE-2013-4534 at NVDCVE-2013-4535 at SUSECVE-2013-4535 at NVDCVE-2013-4536 at SUSECVE-2013-4536 at NVDCVE-2013-4537 at SUSECVE-2013-4537 at NVDCVE-2013-4538 at SUSECVE-2013-4538 at NVDCVE-2013-4539 at SUSECVE-2013-4539 at NVDCVE-2013-4540 at SUSECVE-2013-4540 at NVDCVE-2013-4541 at SUSECVE-2013-4541 at NVDCVE-2013-4542 at SUSECVE-2013-4542 at NVDCVE-2013-6399 at SUSECVE-2013-6399 at NVDCVE-2014-0142 at SUSECVE-2014-0142 at NVDCVE-2014-0143 at SUSECVE-2014-0143 at NVDCVE-2014-0144 at SUSECVE-2014-0144 at NVDCVE-2014-0145 at SUSECVE-2014-0145 at NVDCVE-2014-0146 at SUSECVE-2014-0146 at NVDCVE-2014-0147 at SUSECVE-2014-0147 at NVDCVE-2014-0150 at SUSECVE-2014-0150 at NVDCVE-2014-0182 at SUSECVE-2014-0182 at NVDCVE-2014-0222 at SUSECVE-2014-0222 at NVDCVE-2014-0223 at SUSECVE-2014-0223 at NVDCVE-2014-2894 at SUSECVE-2014-2894 at NVDCVE-2014-3461 at SUSECVE-2014-3461 at NVDCVE-2014-3640 at SUSECVE-2014-3640 at NVDCVE-2014-7840 at SUSECVE-2014-7840 at NVDCVE-2014-8106 at SUSECVE-2014-8106 at NVDCVE-2015-1779 at SUSECVE-2015-1779 at NVDCVE-2015-3209 at SUSECVE-2015-3209 at NVDCVE-2015-3456 at SUSECVE-2015-3456 at NVDCVE-2015-4037 at SUSECVE-2015-4037 at NVDcpe:/o:suse:suse_sles:11:sp4lcms-1.17-77.16.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the lcms-1.17-77.16.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-0581 at SUSECVE-2009-0581 at NVDCVE-2009-0723 at SUSECVE-2009-0723 at NVDCVE-2009-0733 at SUSECVE-2009-0733 at NVDCVE-2009-0793 at SUSECVE-2009-0793 at NVDCVE-2013-4276 at SUSECVE-2013-4276 at NVDcpe:/o:suse:suse_sles:11:sp4ldapsmb-1.34b-12.58.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the ldapsmb-1.34b-12.58.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-3403 at SUSECVE-2006-3403 at NVDCVE-2007-0452 at SUSECVE-2007-0452 at NVDCVE-2007-2444 at SUSECVE-2007-2444 at NVDCVE-2007-2446 at SUSECVE-2007-2446 at NVDCVE-2007-2447 at SUSECVE-2007-2447 at NVDCVE-2007-4138 at SUSECVE-2007-4138 at NVDCVE-2007-4572 at SUSECVE-2007-4572 at NVDCVE-2007-5398 at SUSECVE-2007-5398 at NVDCVE-2007-6015 at SUSECVE-2007-6015 at NVDCVE-2008-1105 at SUSECVE-2008-1105 at NVDCVE-2008-3789 at SUSECVE-2008-3789 at NVDCVE-2008-4314 at SUSECVE-2008-4314 at NVDCVE-2009-0022 at SUSECVE-2009-0022 at NVDCVE-2009-1886 at SUSECVE-2009-1886 at NVDCVE-2009-1888 at SUSECVE-2009-1888 at NVDCVE-2009-2813 at SUSECVE-2009-2813 at NVDCVE-2009-2906 at SUSECVE-2009-2906 at NVDCVE-2009-2948 at SUSECVE-2009-2948 at NVDCVE-2010-0547 at SUSECVE-2010-0547 at NVDCVE-2010-0728 at SUSECVE-2010-0728 at NVDCVE-2010-0787 at SUSECVE-2010-0787 at NVDCVE-2010-0926 at SUSECVE-2010-0926 at NVDCVE-2010-1635 at SUSECVE-2010-1635 at NVDCVE-2010-1642 at SUSECVE-2010-1642 at NVDCVE-2010-2063 at SUSECVE-2010-2063 at NVDCVE-2010-3069 at SUSECVE-2010-3069 at NVDCVE-2011-0719 at SUSECVE-2011-0719 at NVDCVE-2011-2522 at SUSECVE-2011-2522 at NVDCVE-2011-2694 at SUSECVE-2011-2694 at NVDCVE-2012-0817 at SUSECVE-2012-0817 at NVDCVE-2012-0870 at SUSECVE-2012-0870 at NVDCVE-2012-1182 at SUSECVE-2012-1182 at NVDCVE-2012-2111 at SUSECVE-2012-2111 at NVDCVE-2012-6150 at SUSECVE-2012-6150 at NVDCVE-2013-0213 at SUSECVE-2013-0213 at NVDCVE-2013-0214 at SUSECVE-2013-0214 at NVDCVE-2013-0454 at SUSECVE-2013-0454 at NVDCVE-2013-4124 at SUSECVE-2013-4124 at NVDCVE-2013-4408 at SUSECVE-2013-4408 at NVDCVE-2013-4475 at SUSECVE-2013-4475 at NVDCVE-2013-4496 at SUSECVE-2013-4496 at NVDCVE-2014-0178 at SUSECVE-2014-0178 at NVDCVE-2014-0244 at SUSECVE-2014-0244 at NVDCVE-2014-3493 at SUSECVE-2014-3493 at NVDCVE-2015-0240 at SUSECVE-2015-0240 at NVDcpe:/o:suse:suse_sles:11:sp4libFLAC++6-1.2.1-68.17.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libFLAC++6-1.2.1-68.17.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-8962 at SUSECVE-2014-8962 at NVDCVE-2014-9028 at SUSECVE-2014-9028 at NVDcpe:/o:suse:suse_sles:11:sp4libMagickCore1-32bit-6.4.3.6-7.30.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libMagickCore1-32bit-6.4.3.6-7.30.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-5456 at SUSECVE-2006-5456 at NVDCVE-2007-1667 at SUSECVE-2007-1667 at NVDCVE-2007-1797 at SUSECVE-2007-1797 at NVDCVE-2007-4985 at SUSECVE-2007-4985 at NVDCVE-2007-4986 at SUSECVE-2007-4986 at NVDCVE-2007-4987 at SUSECVE-2007-4987 at NVDCVE-2007-4988 at SUSECVE-2007-4988 at NVDCVE-2012-0247 at SUSECVE-2012-0247 at NVDCVE-2012-0248 at SUSECVE-2012-0248 at NVDCVE-2012-0259 at SUSECVE-2012-0259 at NVDCVE-2012-0260 at SUSECVE-2012-0260 at NVDCVE-2012-1185 at SUSECVE-2012-1185 at NVDCVE-2012-1186 at SUSECVE-2012-1186 at NVDCVE-2012-1610 at SUSECVE-2012-1610 at NVDCVE-2012-1798 at SUSECVE-2012-1798 at NVDCVE-2012-3437 at SUSECVE-2012-3437 at NVDCVE-2014-1947 at SUSECVE-2014-1947 at NVDCVE-2014-8354 at SUSECVE-2014-8354 at NVDCVE-2014-8355 at SUSECVE-2014-8355 at NVDCVE-2014-8562 at SUSECVE-2014-8562 at NVDCVE-2014-8716 at SUSECVE-2014-8716 at NVDcpe:/o:suse:suse_sles:11:sp4libQtWebKit4-32bit-4.6.3-5.34.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libQtWebKit4-32bit-4.6.3-5.34.2 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-4811 at SUSECVE-2006-4811 at NVDCVE-2009-0945 at SUSECVE-2009-0945 at NVDCVE-2011-3193 at SUSECVE-2011-3193 at NVDCVE-2011-3922 at SUSECVE-2011-3922 at NVDCVE-2012-4929 at SUSECVE-2012-4929 at NVDCVE-2012-6093 at SUSECVE-2012-6093 at NVDCVE-2013-0254 at SUSECVE-2013-0254 at NVDCVE-2013-4549 at SUSECVE-2013-4549 at NVDCVE-2015-0295 at SUSECVE-2015-0295 at NVDCVE-2015-1858 at SUSECVE-2015-1858 at NVDCVE-2015-1859 at SUSECVE-2015-1859 at NVDCVE-2015-1860 at SUSECVE-2015-1860 at NVDcpe:/o:suse:suse_sles:11:sp4libadns1-1.4-73.21 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libadns1-1.4-73.21 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-1447 at SUSECVE-2008-1447 at NVDCVE-2008-4100 at SUSECVE-2008-4100 at NVDcpe:/o:suse:suse_sles:11:sp4libapr-util1-1.3.4-12.22.23.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libapr-util1-1.3.4-12.22.23.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-2412 at SUSECVE-2009-2412 at NVDCVE-2010-1623 at SUSECVE-2010-1623 at NVDcpe:/o:suse:suse_sles:11:sp4libapr1-1.3.3-11.18.19.8 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libapr1-1.3.3-11.18.19.8 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-2412 at SUSECVE-2009-2412 at NVDCVE-2011-0419 at SUSECVE-2011-0419 at NVDCVE-2011-1928 at SUSECVE-2011-1928 at NVDcpe:/o:suse:suse_sles:11:sp4libarchive2-2.5.5-5.19 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libarchive2-2.5.5-5.19 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-5680 at SUSECVE-2006-5680 at NVDCVE-2007-3641 at SUSECVE-2007-3641 at NVDCVE-2007-3644 at SUSECVE-2007-3644 at NVDCVE-2007-3645 at SUSECVE-2007-3645 at NVDcpe:/o:suse:suse_sles:11:sp4libblkid1-2.19.1-6.72.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libblkid1-2.19.1-6.72.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-9114 at SUSECVE-2014-9114 at NVDcpe:/o:suse:suse_sles:11:sp4libcap-progs-2.11-2.17.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libcap-progs-2.11-2.17.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-4099 at SUSECVE-2011-4099 at NVDcpe:/o:suse:suse_sles:11:sp4libcgroup1-0.41.rc1-2.34 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libcgroup1-0.41.rc1-2.34 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-1006 at SUSECVE-2011-1006 at NVDCVE-2011-1022 at SUSECVE-2011-1022 at NVDcpe:/o:suse:suse_sles:11:sp4libdrm-2.4.52-0.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libdrm-2.4.52-0.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-3831 at SUSECVE-2008-3831 at NVDcpe:/o:suse:suse_sles:11:sp4libecpg6-9.4.4-0.6.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libecpg6-9.4.4-0.6.2 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-4769 at SUSECVE-2007-4769 at NVDCVE-2007-4772 at SUSECVE-2007-4772 at NVDCVE-2007-6067 at SUSECVE-2007-6067 at NVDCVE-2007-6600 at SUSECVE-2007-6600 at NVDCVE-2007-6601 at SUSECVE-2007-6601 at NVDCVE-2009-4034 at SUSECVE-2009-4034 at NVDCVE-2009-4136 at SUSECVE-2009-4136 at NVDCVE-2010-1169 at SUSECVE-2010-1169 at NVDCVE-2010-1170 at SUSECVE-2010-1170 at NVDCVE-2010-3433 at SUSECVE-2010-3433 at NVDCVE-2012-0866 at SUSECVE-2012-0866 at NVDCVE-2012-0867 at SUSECVE-2012-0867 at NVDCVE-2012-0868 at SUSECVE-2012-0868 at NVDCVE-2012-2143 at SUSECVE-2012-2143 at NVDCVE-2012-2655 at SUSECVE-2012-2655 at NVDCVE-2012-3488 at SUSECVE-2012-3488 at NVDCVE-2012-3489 at SUSECVE-2012-3489 at NVDCVE-2013-0255 at SUSECVE-2013-0255 at NVDCVE-2013-1899 at SUSECVE-2013-1899 at NVDCVE-2013-1900 at SUSECVE-2013-1900 at NVDCVE-2013-1901 at SUSECVE-2013-1901 at NVDCVE-2014-0060 at SUSECVE-2014-0060 at NVDCVE-2014-0061 at SUSECVE-2014-0061 at NVDCVE-2014-0062 at SUSECVE-2014-0062 at NVDCVE-2014-0063 at SUSECVE-2014-0063 at NVDCVE-2014-0064 at SUSECVE-2014-0064 at NVDCVE-2014-0065 at SUSECVE-2014-0065 at NVDCVE-2014-0066 at SUSECVE-2014-0066 at NVDCVE-2014-0067 at SUSECVE-2014-0067 at NVDCVE-2015-3165 at SUSECVE-2015-3165 at NVDCVE-2015-3166 at SUSECVE-2015-3166 at NVDCVE-2015-3167 at SUSECVE-2015-3167 at NVDcpe:/o:suse:suse_sles:11:sp4libevent-1_4-2-1.4.5-24.24.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libevent-1_4-2-1.4.5-24.24.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-6272 at SUSECVE-2014-6272 at NVDcpe:/o:suse:suse_sles:11:sp4libexif-0.6.17-2.14.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libexif-0.6.17-2.14.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-6351 at SUSECVE-2007-6351 at NVDCVE-2007-6352 at SUSECVE-2007-6352 at NVDCVE-2012-2812 at SUSECVE-2012-2812 at NVDCVE-2012-2813 at SUSECVE-2012-2813 at NVDCVE-2012-2814 at SUSECVE-2012-2814 at NVDCVE-2012-2836 at SUSECVE-2012-2836 at NVDCVE-2012-2837 at SUSECVE-2012-2837 at NVDCVE-2012-2840 at SUSECVE-2012-2840 at NVDCVE-2012-2841 at SUSECVE-2012-2841 at NVDcpe:/o:suse:suse_sles:11:sp4libexiv2-4-0.17.1-31.20 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libexiv2-4-0.17.1-31.20 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-6353 at SUSECVE-2007-6353 at NVDcpe:/o:suse:suse_sles:11:sp4libfreebl3-3.17.3-0.8.11 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libfreebl3-3.17.3-0.8.11 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-3170 at SUSECVE-2010-3170 at NVDCVE-2011-3389 at SUSECVE-2011-3389 at NVDCVE-2013-0743 at SUSECVE-2013-0743 at NVDCVE-2013-1739 at SUSECVE-2013-1739 at NVDCVE-2013-1741 at SUSECVE-2013-1741 at NVDCVE-2013-2566 at SUSECVE-2013-2566 at NVDCVE-2013-5605 at SUSECVE-2013-5605 at NVDCVE-2013-5606 at SUSECVE-2013-5606 at NVDCVE-2014-1492 at SUSECVE-2014-1492 at NVDCVE-2014-1545 at SUSECVE-2014-1545 at NVDCVE-2014-1568 at SUSECVE-2014-1568 at NVDCVE-2014-1569 at SUSECVE-2014-1569 at NVDcpe:/o:suse:suse_sles:11:sp4libgcc_s1-32bit-4.8.3+r212056-2.17 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libgcc_s1-32bit-4.8.3+r212056-2.17 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-5044 at SUSECVE-2014-5044 at NVDcpe:/o:suse:suse_sles:11:sp4libgcrypt11-1.5.0-0.17.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libgcrypt11-1.5.0-0.17.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-4242 at SUSECVE-2013-4242 at NVDCVE-2014-5270 at SUSECVE-2014-5270 at NVDcpe:/o:suse:suse_sles:11:sp4libgdiplus0-2.6.7-0.5.76 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libgdiplus0-2.6.7-0.5.76 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-1526 at SUSECVE-2010-1526 at NVDcpe:/o:suse:suse_sles:11:sp4libgnomesu-1.0.0-307.10.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libgnomesu-1.0.0-307.10.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-1946 at SUSECVE-2011-1946 at NVDcpe:/o:suse:suse_sles:11:sp4libgtop-2.28.0-1.13.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libgtop-2.28.0-1.13.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-0235 at SUSECVE-2007-0235 at NVDcpe:/o:suse:suse_sles:11:sp4libicu-32bit-4.0-7.26.15 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libicu-32bit-4.0-7.26.15 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-4770 at SUSECVE-2007-4770 at NVDCVE-2007-4771 at SUSECVE-2007-4771 at NVDCVE-2008-1036 at SUSECVE-2008-1036 at NVDCVE-2009-0153 at SUSECVE-2009-0153 at NVDCVE-2010-4409 at SUSECVE-2010-4409 at NVDcpe:/o:suse:suse_sles:11:sp4libjasper-1.900.1-134.17.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libjasper-1.900.1-134.17.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-8137 at SUSECVE-2014-8137 at NVDCVE-2014-8138 at SUSECVE-2014-8138 at NVDCVE-2014-8157 at SUSECVE-2014-8157 at NVDCVE-2014-8158 at SUSECVE-2014-8158 at NVDCVE-2014-9029 at SUSECVE-2014-9029 at NVDcpe:/o:suse:suse_sles:11:sp4libksba-1.0.4-1.18.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libksba-1.0.4-1.18.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-9087 at SUSECVE-2014-9087 at NVDcpe:/o:suse:suse_sles:11:sp4libltdl7-2.2.6-2.131.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libltdl7-2.2.6-2.131.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-3736 at SUSECVE-2009-3736 at NVDcpe:/o:suse:suse_sles:11:sp4liblzo2-2-2.03-12.3.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the liblzo2-2-2.03-12.3.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-4607 at SUSECVE-2014-4607 at NVDcpe:/o:suse:suse_sles:11:sp4libmpfr1-2.3.2-3.118.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libmpfr1-2.3.2-3.118.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-9474 at SUSECVE-2014-9474 at NVDcpe:/o:suse:suse_sles:11:sp4libmspack0-0.0.20060920alpha-74.5.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libmspack0-0.0.20060920alpha-74.5.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-9556 at SUSECVE-2014-9556 at NVDcpe:/o:suse:suse_sles:11:sp4libmusicbrainz4-2.1.5-5.18 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libmusicbrainz4-2.1.5-5.18 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-4197 at SUSECVE-2006-4197 at NVDcpe:/o:suse:suse_sles:11:sp4libmysql55client18-32bit-5.5.43-0.7.3 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libmysql55client18-32bit-5.5.43-0.7.3 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-0903 at SUSECVE-2006-0903 at NVDCVE-2006-4226 at SUSECVE-2006-4226 at NVDCVE-2006-4227 at SUSECVE-2006-4227 at NVDCVE-2007-5969 at SUSECVE-2007-5969 at NVDCVE-2007-6303 at SUSECVE-2007-6303 at NVDCVE-2007-6304 at SUSECVE-2007-6304 at NVDCVE-2008-2079 at SUSECVE-2008-2079 at NVDCVE-2008-4456 at SUSECVE-2008-4456 at NVDCVE-2008-7247 at SUSECVE-2008-7247 at NVDCVE-2009-2446 at SUSECVE-2009-2446 at NVDCVE-2009-4019 at SUSECVE-2009-4019 at NVDCVE-2009-4028 at SUSECVE-2009-4028 at NVDCVE-2009-4030 at SUSECVE-2009-4030 at NVDCVE-2009-4484 at SUSECVE-2009-4484 at NVDCVE-2009-5026 at SUSECVE-2009-5026 at NVDCVE-2010-1626 at SUSECVE-2010-1626 at NVDCVE-2010-1848 at SUSECVE-2010-1848 at NVDCVE-2010-1849 at SUSECVE-2010-1849 at NVDCVE-2010-1850 at SUSECVE-2010-1850 at NVDCVE-2010-3833 at SUSECVE-2010-3833 at NVDCVE-2010-3834 at SUSECVE-2010-3834 at NVDCVE-2010-3835 at SUSECVE-2010-3835 at NVDCVE-2010-3836 at SUSECVE-2010-3836 at NVDCVE-2010-3837 at SUSECVE-2010-3837 at NVDCVE-2010-3838 at SUSECVE-2010-3838 at NVDCVE-2010-3839 at SUSECVE-2010-3839 at NVDCVE-2010-3840 at SUSECVE-2010-3840 at NVDCVE-2012-2122 at SUSECVE-2012-2122 at NVDCVE-2012-5611 at SUSECVE-2012-5611 at NVDCVE-2012-5615 at SUSECVE-2012-5615 at NVDCVE-2013-1861 at SUSECVE-2013-1861 at NVDCVE-2013-1976 at SUSECVE-2013-1976 at NVDCVE-2013-3783 at SUSECVE-2013-3783 at NVDCVE-2013-3793 at SUSECVE-2013-3793 at NVDCVE-2013-3794 at SUSECVE-2013-3794 at NVDCVE-2013-3795 at SUSECVE-2013-3795 at NVDCVE-2013-3796 at SUSECVE-2013-3796 at NVDCVE-2013-3798 at SUSECVE-2013-3798 at NVDCVE-2013-3801 at SUSECVE-2013-3801 at NVDCVE-2013-3802 at SUSECVE-2013-3802 at NVDCVE-2013-3804 at SUSECVE-2013-3804 at NVDCVE-2013-3805 at SUSECVE-2013-3805 at NVDCVE-2013-3806 at SUSECVE-2013-3806 at NVDCVE-2013-3807 at SUSECVE-2013-3807 at NVDCVE-2013-3808 at SUSECVE-2013-3808 at NVDCVE-2013-3809 at SUSECVE-2013-3809 at NVDCVE-2013-3810 at SUSECVE-2013-3810 at NVDCVE-2013-3811 at SUSECVE-2013-3811 at NVDCVE-2013-3812 at SUSECVE-2013-3812 at NVDCVE-2013-4316 at SUSECVE-2013-4316 at NVDCVE-2013-5860 at SUSECVE-2013-5860 at NVDCVE-2013-5881 at SUSECVE-2013-5881 at NVDCVE-2013-5882 at SUSECVE-2013-5882 at NVDCVE-2013-5891 at SUSECVE-2013-5891 at NVDCVE-2013-5894 at SUSECVE-2013-5894 at NVDCVE-2013-5908 at SUSECVE-2013-5908 at NVDCVE-2014-0001 at SUSECVE-2014-0001 at NVDCVE-2014-0224 at SUSECVE-2014-0224 at NVDCVE-2014-0384 at SUSECVE-2014-0384 at NVDCVE-2014-0386 at SUSECVE-2014-0386 at NVDCVE-2014-0393 at SUSECVE-2014-0393 at NVDCVE-2014-0401 at SUSECVE-2014-0401 at NVDCVE-2014-0402 at SUSECVE-2014-0402 at NVDCVE-2014-0412 at SUSECVE-2014-0412 at NVDCVE-2014-0420 at SUSECVE-2014-0420 at NVDCVE-2014-0427 at SUSECVE-2014-0427 at NVDCVE-2014-0430 at SUSECVE-2014-0430 at NVDCVE-2014-0431 at SUSECVE-2014-0431 at NVDCVE-2014-0433 at SUSECVE-2014-0433 at NVDCVE-2014-0437 at SUSECVE-2014-0437 at NVDCVE-2014-2419 at SUSECVE-2014-2419 at NVDCVE-2014-2430 at SUSECVE-2014-2430 at NVDCVE-2014-2431 at SUSECVE-2014-2431 at NVDCVE-2014-2432 at SUSECVE-2014-2432 at NVDCVE-2014-2434 at SUSECVE-2014-2434 at NVDCVE-2014-2435 at SUSECVE-2014-2435 at NVDCVE-2014-2436 at SUSECVE-2014-2436 at NVDCVE-2014-2438 at SUSECVE-2014-2438 at NVDCVE-2014-2440 at SUSECVE-2014-2440 at NVDCVE-2014-2442 at SUSECVE-2014-2442 at NVDCVE-2014-2444 at SUSECVE-2014-2444 at NVDCVE-2014-2450 at SUSECVE-2014-2450 at NVDCVE-2014-2451 at SUSECVE-2014-2451 at NVDCVE-2014-2484 at SUSECVE-2014-2484 at NVDCVE-2014-2494 at SUSECVE-2014-2494 at NVDCVE-2014-3569 at SUSECVE-2014-3569 at NVDCVE-2014-3570 at SUSECVE-2014-3570 at NVDCVE-2014-3571 at SUSECVE-2014-3571 at NVDCVE-2014-3572 at SUSECVE-2014-3572 at NVDCVE-2014-4207 at SUSECVE-2014-4207 at NVDCVE-2014-4214 at SUSECVE-2014-4214 at NVDCVE-2014-4233 at SUSECVE-2014-4233 at NVDCVE-2014-4238 at SUSECVE-2014-4238 at NVDCVE-2014-4240 at SUSECVE-2014-4240 at NVDCVE-2014-4243 at SUSECVE-2014-4243 at NVDCVE-2014-4258 at SUSECVE-2014-4258 at NVDCVE-2014-4260 at SUSECVE-2014-4260 at NVDCVE-2014-4274 at SUSECVE-2014-4274 at NVDCVE-2014-4287 at SUSECVE-2014-4287 at NVDCVE-2014-6463 at SUSECVE-2014-6463 at NVDCVE-2014-6464 at SUSECVE-2014-6464 at NVDCVE-2014-6469 at SUSECVE-2014-6469 at NVDCVE-2014-6474 at SUSECVE-2014-6474 at NVDCVE-2014-6478 at SUSECVE-2014-6478 at NVDCVE-2014-6484 at SUSECVE-2014-6484 at NVDCVE-2014-6489 at SUSECVE-2014-6489 at NVDCVE-2014-6491 at SUSECVE-2014-6491 at NVDCVE-2014-6494 at SUSECVE-2014-6494 at NVDCVE-2014-6495 at SUSECVE-2014-6495 at NVDCVE-2014-6496 at SUSECVE-2014-6496 at NVDCVE-2014-6500 at SUSECVE-2014-6500 at NVDCVE-2014-6505 at SUSECVE-2014-6505 at NVDCVE-2014-6507 at SUSECVE-2014-6507 at NVDCVE-2014-6520 at SUSECVE-2014-6520 at NVDCVE-2014-6530 at SUSECVE-2014-6530 at NVDCVE-2014-6551 at SUSECVE-2014-6551 at NVDCVE-2014-6555 at SUSECVE-2014-6555 at NVDCVE-2014-6559 at SUSECVE-2014-6559 at NVDCVE-2014-6564 at SUSECVE-2014-6564 at NVDCVE-2014-6568 at SUSECVE-2014-6568 at NVDCVE-2014-8275 at SUSECVE-2014-8275 at NVDCVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0205 at SUSECVE-2015-0205 at NVDCVE-2015-0206 at SUSECVE-2015-0206 at NVDCVE-2015-0374 at SUSECVE-2015-0374 at NVDCVE-2015-0381 at SUSECVE-2015-0381 at NVDCVE-2015-0382 at SUSECVE-2015-0382 at NVDCVE-2015-0385 at SUSECVE-2015-0385 at NVDCVE-2015-0391 at SUSECVE-2015-0391 at NVDCVE-2015-0405 at SUSECVE-2015-0405 at NVDCVE-2015-0409 at SUSECVE-2015-0409 at NVDCVE-2015-0411 at SUSECVE-2015-0411 at NVDCVE-2015-0423 at SUSECVE-2015-0423 at NVDCVE-2015-0432 at SUSECVE-2015-0432 at NVDCVE-2015-0433 at SUSECVE-2015-0433 at NVDCVE-2015-0438 at SUSECVE-2015-0438 at NVDCVE-2015-0439 at SUSECVE-2015-0439 at NVDCVE-2015-0441 at SUSECVE-2015-0441 at NVDCVE-2015-0498 at SUSECVE-2015-0498 at NVDCVE-2015-0499 at SUSECVE-2015-0499 at NVDCVE-2015-0500 at SUSECVE-2015-0500 at NVDCVE-2015-0501 at SUSECVE-2015-0501 at NVDCVE-2015-0503 at SUSECVE-2015-0503 at NVDCVE-2015-0505 at SUSECVE-2015-0505 at NVDCVE-2015-0506 at SUSECVE-2015-0506 at NVDCVE-2015-0507 at SUSECVE-2015-0507 at NVDCVE-2015-0508 at SUSECVE-2015-0508 at NVDCVE-2015-0511 at SUSECVE-2015-0511 at NVDCVE-2015-2305 at SUSECVE-2015-2305 at NVDCVE-2015-2566 at SUSECVE-2015-2566 at NVDCVE-2015-2567 at SUSECVE-2015-2567 at NVDCVE-2015-2568 at SUSECVE-2015-2568 at NVDCVE-2015-2571 at SUSECVE-2015-2571 at NVDCVE-2015-2573 at SUSECVE-2015-2573 at NVDCVE-2015-2576 at SUSECVE-2015-2576 at NVDcpe:/o:suse:suse_sles:11:sp4libmysqlclient15-32bit-5.0.96-0.6.20 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libmysqlclient15-32bit-5.0.96-0.6.20 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-0903 at SUSECVE-2006-0903 at NVDCVE-2006-4226 at SUSECVE-2006-4226 at NVDCVE-2006-4227 at SUSECVE-2006-4227 at NVDCVE-2007-5969 at SUSECVE-2007-5969 at NVDCVE-2007-6303 at SUSECVE-2007-6303 at NVDCVE-2007-6304 at SUSECVE-2007-6304 at NVDCVE-2008-2079 at SUSECVE-2008-2079 at NVDCVE-2008-4456 at SUSECVE-2008-4456 at NVDCVE-2008-7247 at SUSECVE-2008-7247 at NVDCVE-2009-2446 at SUSECVE-2009-2446 at NVDCVE-2009-4019 at SUSECVE-2009-4019 at NVDCVE-2009-4028 at SUSECVE-2009-4028 at NVDCVE-2009-4030 at SUSECVE-2009-4030 at NVDCVE-2009-4484 at SUSECVE-2009-4484 at NVDCVE-2009-5026 at SUSECVE-2009-5026 at NVDCVE-2010-1626 at SUSECVE-2010-1626 at NVDCVE-2010-1848 at SUSECVE-2010-1848 at NVDCVE-2010-1849 at SUSECVE-2010-1849 at NVDCVE-2010-1850 at SUSECVE-2010-1850 at NVDCVE-2010-3833 at SUSECVE-2010-3833 at NVDCVE-2010-3834 at SUSECVE-2010-3834 at NVDCVE-2010-3835 at SUSECVE-2010-3835 at NVDCVE-2010-3836 at SUSECVE-2010-3836 at NVDCVE-2010-3837 at SUSECVE-2010-3837 at NVDCVE-2010-3838 at SUSECVE-2010-3838 at NVDCVE-2010-3839 at SUSECVE-2010-3839 at NVDCVE-2010-3840 at SUSECVE-2010-3840 at NVDCVE-2012-2122 at SUSECVE-2012-2122 at NVDCVE-2012-5611 at SUSECVE-2012-5611 at NVDcpe:/o:suse:suse_sles:11:sp4libneon27-0.29.6-6.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libneon27-0.29.6-6.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-0157 at SUSECVE-2007-0157 at NVDCVE-2008-3746 at SUSECVE-2008-3746 at NVDCVE-2009-2473 at SUSECVE-2009-2473 at NVDCVE-2009-2474 at SUSECVE-2009-2474 at NVDcpe:/o:suse:suse_sles:11:sp4libnetpbm10-10.26.44-101.9.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libnetpbm10-10.26.44-101.9.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-4274 at SUSECVE-2009-4274 at NVDcpe:/o:suse:suse_sles:11:sp4libnewt0_52-0.52.10-1.35.113 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libnewt0_52-0.52.10-1.35.113 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-2905 at SUSECVE-2009-2905 at NVDcpe:/o:suse:suse_sles:11:sp4libopensc2-0.11.6-5.27.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libopensc2-0.11.6-5.27.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-2235 at SUSECVE-2008-2235 at NVDCVE-2009-0368 at SUSECVE-2009-0368 at NVDcpe:/o:suse:suse_sles:11:sp4libopenssl0_9_8-0.9.8j-0.70.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libopenssl0_9_8-0.9.8j-0.70.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-2937 at SUSECVE-2006-2937 at NVDCVE-2006-2940 at SUSECVE-2006-2940 at NVDCVE-2006-3738 at SUSECVE-2006-3738 at NVDCVE-2006-4339 at SUSECVE-2006-4339 at NVDCVE-2006-4343 at SUSECVE-2006-4343 at NVDCVE-2006-7250 at SUSECVE-2006-7250 at NVDCVE-2007-3108 at SUSECVE-2007-3108 at NVDCVE-2007-4995 at SUSECVE-2007-4995 at NVDCVE-2007-5135 at SUSECVE-2007-5135 at NVDCVE-2008-0891 at SUSECVE-2008-0891 at NVDCVE-2008-1672 at SUSECVE-2008-1672 at NVDCVE-2008-5077 at SUSECVE-2008-5077 at NVDCVE-2009-0590 at SUSECVE-2009-0590 at NVDCVE-2009-0591 at SUSECVE-2009-0591 at NVDCVE-2009-0789 at SUSECVE-2009-0789 at NVDCVE-2009-1377 at SUSECVE-2009-1377 at NVDCVE-2009-1378 at SUSECVE-2009-1378 at NVDCVE-2009-1379 at SUSECVE-2009-1379 at NVDCVE-2009-1386 at SUSECVE-2009-1386 at NVDCVE-2009-1387 at SUSECVE-2009-1387 at NVDCVE-2009-3245 at SUSECVE-2009-3245 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2009-4355 at SUSECVE-2009-4355 at NVDCVE-2009-5146 at SUSECVE-2009-5146 at NVDCVE-2010-0740 at SUSECVE-2010-0740 at NVDCVE-2010-2939 at SUSECVE-2010-2939 at NVDCVE-2010-3864 at SUSECVE-2010-3864 at NVDCVE-2010-4180 at SUSECVE-2010-4180 at NVDCVE-2010-4252 at SUSECVE-2010-4252 at NVDCVE-2011-0014 at SUSECVE-2011-0014 at NVDCVE-2011-3210 at SUSECVE-2011-3210 at NVDCVE-2011-4108 at SUSECVE-2011-4108 at NVDCVE-2011-4109 at SUSECVE-2011-4109 at NVDCVE-2011-4354 at SUSECVE-2011-4354 at NVDCVE-2011-4576 at SUSECVE-2011-4576 at NVDCVE-2011-4577 at SUSECVE-2011-4577 at NVDCVE-2011-4619 at SUSECVE-2011-4619 at NVDCVE-2011-5095 at SUSECVE-2011-5095 at NVDCVE-2012-0050 at SUSECVE-2012-0050 at NVDCVE-2012-0884 at SUSECVE-2012-0884 at NVDCVE-2012-1165 at SUSECVE-2012-1165 at NVDCVE-2012-2110 at SUSECVE-2012-2110 at NVDCVE-2012-2131 at SUSECVE-2012-2131 at NVDCVE-2012-2333 at SUSECVE-2012-2333 at NVDCVE-2012-4929 at SUSECVE-2012-4929 at NVDCVE-2013-0166 at SUSECVE-2013-0166 at NVDCVE-2013-0169 at SUSECVE-2013-0169 at NVDCVE-2014-0076 at SUSECVE-2014-0076 at NVDCVE-2014-0221 at SUSECVE-2014-0221 at NVDCVE-2014-0224 at SUSECVE-2014-0224 at NVDCVE-2014-3470 at SUSECVE-2014-3470 at NVDCVE-2014-3505 at SUSECVE-2014-3505 at NVDCVE-2014-3506 at SUSECVE-2014-3506 at NVDCVE-2014-3507 at SUSECVE-2014-3507 at NVDCVE-2014-3508 at SUSECVE-2014-3508 at NVDCVE-2014-3510 at SUSECVE-2014-3510 at NVDCVE-2014-3566 at SUSECVE-2014-3566 at NVDCVE-2014-3567 at SUSECVE-2014-3567 at NVDCVE-2014-3568 at SUSECVE-2014-3568 at NVDCVE-2014-3570 at SUSECVE-2014-3570 at NVDCVE-2014-3571 at SUSECVE-2014-3571 at NVDCVE-2014-3572 at SUSECVE-2014-3572 at NVDCVE-2014-8275 at SUSECVE-2014-8275 at NVDCVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0205 at SUSECVE-2015-0205 at NVDCVE-2015-0209 at SUSECVE-2015-0209 at NVDCVE-2015-0286 at SUSECVE-2015-0286 at NVDCVE-2015-0287 at SUSECVE-2015-0287 at NVDCVE-2015-0288 at SUSECVE-2015-0288 at NVDCVE-2015-0289 at SUSECVE-2015-0289 at NVDCVE-2015-0292 at SUSECVE-2015-0292 at NVDCVE-2015-0293 at SUSECVE-2015-0293 at NVDcpe:/o:suse:suse_sles:11:sp4libotr2-3.2.0-10.3.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libotr2-3.2.0-10.3.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2012-3461 at SUSECVE-2012-3461 at NVDcpe:/o:suse:suse_sles:11:sp4libpixman-1-0-0.24.4-0.15.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libpixman-1-0-0.24.4-0.15.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-1591 at SUSECVE-2013-1591 at NVDCVE-2013-6425 at SUSECVE-2013-6425 at NVDcpe:/o:suse:suse_sles:11:sp4libpng12-0-1.2.31-5.33.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libpng12-0-1.2.31-5.33.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-5793 at SUSECVE-2006-5793 at NVDCVE-2008-3964 at SUSECVE-2008-3964 at NVDCVE-2008-5907 at SUSECVE-2008-5907 at NVDCVE-2008-6218 at SUSECVE-2008-6218 at NVDCVE-2009-0040 at SUSECVE-2009-0040 at NVDCVE-2009-2042 at SUSECVE-2009-2042 at NVDCVE-2009-5063 at SUSECVE-2009-5063 at NVDCVE-2010-0205 at SUSECVE-2010-0205 at NVDCVE-2010-1205 at SUSECVE-2010-1205 at NVDCVE-2010-2249 at SUSECVE-2010-2249 at NVDCVE-2011-2501 at SUSECVE-2011-2501 at NVDCVE-2011-2690 at SUSECVE-2011-2690 at NVDCVE-2011-2691 at SUSECVE-2011-2691 at NVDCVE-2011-2692 at SUSECVE-2011-2692 at NVDCVE-2011-3026 at SUSECVE-2011-3026 at NVDCVE-2011-3048 at SUSECVE-2011-3048 at NVDCVE-2012-3425 at SUSECVE-2012-3425 at NVDCVE-2013-7353 at SUSECVE-2013-7353 at NVDCVE-2013-7354 at SUSECVE-2013-7354 at NVDcpe:/o:suse:suse_sles:11:sp4libpoppler-glib4-0.12.3-1.10.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libpoppler-glib4-0.12.3-1.10.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-0104 at SUSECVE-2007-0104 at NVDCVE-2007-4352 at SUSECVE-2007-4352 at NVDCVE-2007-5392 at SUSECVE-2007-5392 at NVDCVE-2007-5393 at SUSECVE-2007-5393 at NVDCVE-2008-2950 at SUSECVE-2008-2950 at NVDCVE-2009-0755 at SUSECVE-2009-0755 at NVDCVE-2009-0756 at SUSECVE-2009-0756 at NVDCVE-2009-0791 at SUSECVE-2009-0791 at NVDCVE-2009-0799 at SUSECVE-2009-0799 at NVDCVE-2009-0800 at SUSECVE-2009-0800 at NVDCVE-2009-1179 at SUSECVE-2009-1179 at NVDCVE-2009-1180 at SUSECVE-2009-1180 at NVDCVE-2009-1181 at SUSECVE-2009-1181 at NVDCVE-2009-1182 at SUSECVE-2009-1182 at NVDCVE-2009-1183 at SUSECVE-2009-1183 at NVDCVE-2009-1187 at SUSECVE-2009-1187 at NVDCVE-2009-1188 at SUSECVE-2009-1188 at NVDCVE-2009-3607 at SUSECVE-2009-3607 at NVDCVE-2009-3608 at SUSECVE-2009-3608 at NVDCVE-2010-3702 at SUSECVE-2010-3702 at NVDCVE-2010-3703 at SUSECVE-2010-3703 at NVDCVE-2010-3704 at SUSECVE-2010-3704 at NVDCVE-2010-5110 at SUSECVE-2010-5110 at NVDCVE-2013-1790 at SUSECVE-2013-1790 at NVDcpe:/o:suse:suse_sles:11:sp4libproxy0-0.3.1-2.6.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libproxy0-0.3.1-2.6.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2012-4505 at SUSECVE-2012-4505 at NVDcpe:/o:suse:suse_sles:11:sp4libpulse-browse0-0.9.23-0.17.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libpulse-browse0-0.9.23-0.17.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-0008 at SUSECVE-2008-0008 at NVDCVE-2014-3970 at SUSECVE-2014-3970 at NVDcpe:/o:suse:suse_sles:11:sp4libpython2_6-1_0-2.6.9-0.35.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libpython2_6-1_0-2.6.9-0.35.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-3560 at SUSECVE-2009-3560 at NVDCVE-2009-3720 at SUSECVE-2009-3720 at NVDCVE-2010-3493 at SUSECVE-2010-3493 at NVDCVE-2011-1015 at SUSECVE-2011-1015 at NVDCVE-2011-1521 at SUSECVE-2011-1521 at NVDCVE-2011-4944 at SUSECVE-2011-4944 at NVDCVE-2012-0845 at SUSECVE-2012-0845 at NVDCVE-2012-1150 at SUSECVE-2012-1150 at NVDCVE-2013-1752 at SUSECVE-2013-1752 at NVDCVE-2013-4238 at SUSECVE-2013-4238 at NVDCVE-2014-1912 at SUSECVE-2014-1912 at NVDCVE-2014-4650 at SUSECVE-2014-4650 at NVDCVE-2014-7185 at SUSECVE-2014-7185 at NVDcpe:/o:suse:suse_sles:11:sp4librpcsecgss-0.18-1.15 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the librpcsecgss-0.18-1.15 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-3999 at SUSECVE-2007-3999 at NVDcpe:/o:suse:suse_sles:11:sp4librsvg-2.26.0-2.3.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the librsvg-2.26.0-2.3.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-3146 at SUSECVE-2011-3146 at NVDcpe:/o:suse:suse_sles:11:sp4libsamplerate-0.1.4-1.15 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libsamplerate-0.1.4-1.15 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-5008 at SUSECVE-2008-5008 at NVDcpe:/o:suse:suse_sles:11:sp4libsndfile-1.0.20-2.6.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libsndfile-1.0.20-2.6.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-4974 at SUSECVE-2007-4974 at NVDCVE-2009-0186 at SUSECVE-2009-0186 at NVDCVE-2009-1788 at SUSECVE-2009-1788 at NVDCVE-2009-1791 at SUSECVE-2009-1791 at NVDCVE-2009-4835 at SUSECVE-2009-4835 at NVDCVE-2011-2696 at SUSECVE-2011-2696 at NVDCVE-2014-9496 at SUSECVE-2014-9496 at NVDcpe:/o:suse:suse_sles:11:sp4libsnmp15-32bit-5.4.2.1-8.12.22.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libsnmp15-32bit-5.4.2.1-8.12.22.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-4309 at SUSECVE-2008-4309 at NVDCVE-2008-6123 at SUSECVE-2008-6123 at NVDCVE-2012-2141 at SUSECVE-2012-2141 at NVDCVE-2014-2284 at SUSECVE-2014-2284 at NVDCVE-2014-2285 at SUSECVE-2014-2285 at NVDCVE-2014-2310 at SUSECVE-2014-2310 at NVDCVE-2014-3565 at SUSECVE-2014-3565 at NVDcpe:/o:suse:suse_sles:11:sp4libsoup-2_4-1-2.32.2-4.13.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libsoup-2_4-1-2.32.2-4.13.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-5876 at SUSECVE-2006-5876 at NVDCVE-2011-2524 at SUSECVE-2011-2524 at NVDCVE-2012-2132 at SUSECVE-2012-2132 at NVDcpe:/o:suse:suse_sles:11:sp4libssh2-1-1.2.9-4.2.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libssh2-1-1.2.9-4.2.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2015-1782 at SUSECVE-2015-1782 at NVDcpe:/o:suse:suse_sles:11:sp4libsss_idmap0-1.9.4-0.16.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libsss_idmap0-1.9.4-0.16.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-4341 at SUSECVE-2010-4341 at NVDCVE-2011-1758 at SUSECVE-2011-1758 at NVDCVE-2013-0219 at SUSECVE-2013-0219 at NVDCVE-2013-0220 at SUSECVE-2013-0220 at NVDCVE-2013-0287 at SUSECVE-2013-0287 at NVDcpe:/o:suse:suse_sles:11:sp4libtasn1-1.5-1.30.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libtasn1-1.5-1.30.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-3468 at SUSECVE-2014-3468 at NVDCVE-2014-3469 at SUSECVE-2014-3469 at NVDCVE-2015-2806 at SUSECVE-2015-2806 at NVDcpe:/o:suse:suse_sles:11:sp4libtevent0-x86-3.6.3-0.39.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libtevent0-x86-3.6.3-0.39.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-3403 at SUSECVE-2006-3403 at NVDCVE-2007-0452 at SUSECVE-2007-0452 at NVDCVE-2007-2444 at SUSECVE-2007-2444 at NVDCVE-2007-2446 at SUSECVE-2007-2446 at NVDCVE-2007-2447 at SUSECVE-2007-2447 at NVDCVE-2007-4138 at SUSECVE-2007-4138 at NVDCVE-2007-4572 at SUSECVE-2007-4572 at NVDCVE-2007-5398 at SUSECVE-2007-5398 at NVDCVE-2007-6015 at SUSECVE-2007-6015 at NVDCVE-2008-1105 at SUSECVE-2008-1105 at NVDCVE-2008-3789 at SUSECVE-2008-3789 at NVDCVE-2008-4314 at SUSECVE-2008-4314 at NVDCVE-2009-0022 at SUSECVE-2009-0022 at NVDCVE-2009-1886 at SUSECVE-2009-1886 at NVDCVE-2009-1888 at SUSECVE-2009-1888 at NVDCVE-2009-2813 at SUSECVE-2009-2813 at NVDCVE-2009-2906 at SUSECVE-2009-2906 at NVDCVE-2009-2948 at SUSECVE-2009-2948 at NVDCVE-2010-0547 at SUSECVE-2010-0547 at NVDCVE-2010-0728 at SUSECVE-2010-0728 at NVDCVE-2010-0787 at SUSECVE-2010-0787 at NVDCVE-2010-0926 at SUSECVE-2010-0926 at NVDCVE-2010-1635 at SUSECVE-2010-1635 at NVDCVE-2010-1642 at SUSECVE-2010-1642 at NVDCVE-2010-2063 at SUSECVE-2010-2063 at NVDCVE-2010-3069 at SUSECVE-2010-3069 at NVDCVE-2011-0719 at SUSECVE-2011-0719 at NVDCVE-2011-2522 at SUSECVE-2011-2522 at NVDCVE-2011-2694 at SUSECVE-2011-2694 at NVDCVE-2012-0817 at SUSECVE-2012-0817 at NVDCVE-2012-0870 at SUSECVE-2012-0870 at NVDCVE-2012-1182 at SUSECVE-2012-1182 at NVDCVE-2012-2111 at SUSECVE-2012-2111 at NVDCVE-2013-0213 at SUSECVE-2013-0213 at NVDCVE-2013-0214 at SUSECVE-2013-0214 at NVDCVE-2013-0454 at SUSECVE-2013-0454 at NVDcpe:/o:suse:suse_sles:11:sp4libtiff3-3.8.2-141.154.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libtiff3-3.8.2-141.154.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-1586 at SUSECVE-2008-1586 at NVDCVE-2008-2327 at SUSECVE-2008-2327 at NVDCVE-2009-2285 at SUSECVE-2009-2285 at NVDCVE-2009-2347 at SUSECVE-2009-2347 at NVDCVE-2010-1411 at SUSECVE-2010-1411 at NVDCVE-2010-4665 at SUSECVE-2010-4665 at NVDCVE-2011-0191 at SUSECVE-2011-0191 at NVDCVE-2011-0192 at SUSECVE-2011-0192 at NVDCVE-2011-1167 at SUSECVE-2011-1167 at NVDCVE-2012-1173 at SUSECVE-2012-1173 at NVDCVE-2012-2088 at SUSECVE-2012-2088 at NVDCVE-2012-2113 at SUSECVE-2012-2113 at NVDCVE-2012-3401 at SUSECVE-2012-3401 at NVDCVE-2012-4447 at SUSECVE-2012-4447 at NVDCVE-2012-4564 at SUSECVE-2012-4564 at NVDCVE-2012-5581 at SUSECVE-2012-5581 at NVDCVE-2013-1960 at SUSECVE-2013-1960 at NVDCVE-2013-1961 at SUSECVE-2013-1961 at NVDCVE-2013-4231 at SUSECVE-2013-4231 at NVDCVE-2013-4232 at SUSECVE-2013-4232 at NVDCVE-2013-4243 at SUSECVE-2013-4243 at NVDCVE-2013-4244 at SUSECVE-2013-4244 at NVDcpe:/o:suse:suse_sles:11:sp4libtspi1-0.3.10-0.11.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libtspi1-0.3.10-0.11.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2012-0698 at SUSECVE-2012-0698 at NVDcpe:/o:suse:suse_sles:11:sp4libupsclient1-2.6.2-0.2.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libupsclient1-2.6.2-0.2.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2012-2944 at SUSECVE-2012-2944 at NVDcpe:/o:suse:suse_sles:11:sp4libvirt-1.2.5-3.76 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libvirt-1.2.5-3.76 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-5086 at SUSECVE-2008-5086 at NVDCVE-2010-2242 at SUSECVE-2010-2242 at NVDCVE-2011-1146 at SUSECVE-2011-1146 at NVDCVE-2011-1486 at SUSECVE-2011-1486 at NVDCVE-2011-2511 at SUSECVE-2011-2511 at NVDCVE-2011-4600 at SUSECVE-2011-4600 at NVDCVE-2012-3445 at SUSECVE-2012-3445 at NVDCVE-2012-4423 at SUSECVE-2012-4423 at NVDCVE-2013-1962 at SUSECVE-2013-1962 at NVDCVE-2013-4291 at SUSECVE-2013-4291 at NVDCVE-2013-4296 at SUSECVE-2013-4296 at NVDCVE-2013-4311 at SUSECVE-2013-4311 at NVDCVE-2013-5651 at SUSECVE-2013-5651 at NVDCVE-2013-6436 at SUSECVE-2013-6436 at NVDCVE-2013-6456 at SUSECVE-2013-6456 at NVDCVE-2013-6458 at SUSECVE-2013-6458 at NVDCVE-2014-0179 at SUSECVE-2014-0179 at NVDCVE-2014-1447 at SUSECVE-2014-1447 at NVDCVE-2014-3633 at SUSECVE-2014-3633 at NVDCVE-2014-3657 at SUSECVE-2014-3657 at NVDCVE-2015-0236 at SUSECVE-2015-0236 at NVDcpe:/o:suse:suse_sles:11:sp4libvorbis-1.2.0-79.20.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libvorbis-1.2.0-79.20.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-3106 at SUSECVE-2007-3106 at NVDCVE-2008-1419 at SUSECVE-2008-1419 at NVDCVE-2008-1420 at SUSECVE-2008-1420 at NVDCVE-2008-1423 at SUSECVE-2008-1423 at NVDCVE-2009-2663 at SUSECVE-2009-2663 at NVDCVE-2009-3379 at SUSECVE-2009-3379 at NVDCVE-2012-0444 at SUSECVE-2012-0444 at NVDcpe:/o:suse:suse_sles:11:sp4libwsman1-2.2.3-0.8.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libwsman1-2.2.3-0.8.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-3566 at SUSECVE-2014-3566 at NVDcpe:/o:suse:suse_sles:11:sp4libxcrypt-3.0.3-0.6.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libxcrypt-3.0.3-0.6.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-2483 at SUSECVE-2011-2483 at NVDcpe:/o:suse:suse_sles:11:sp4libxml2-2.7.6-0.31.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libxml2-2.7.6-0.31.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-6284 at SUSECVE-2007-6284 at NVDCVE-2008-4225 at SUSECVE-2008-4225 at NVDCVE-2008-4226 at SUSECVE-2008-4226 at NVDCVE-2008-4409 at SUSECVE-2008-4409 at NVDCVE-2009-2414 at SUSECVE-2009-2414 at NVDCVE-2009-2416 at SUSECVE-2009-2416 at NVDCVE-2010-4494 at SUSECVE-2010-4494 at NVDCVE-2011-1944 at SUSECVE-2011-1944 at NVDCVE-2011-2821 at SUSECVE-2011-2821 at NVDCVE-2011-3102 at SUSECVE-2011-3102 at NVDCVE-2011-3919 at SUSECVE-2011-3919 at NVDCVE-2012-0841 at SUSECVE-2012-0841 at NVDCVE-2012-2807 at SUSECVE-2012-2807 at NVDCVE-2012-5134 at SUSECVE-2012-5134 at NVDCVE-2013-0338 at SUSECVE-2013-0338 at NVDCVE-2013-2877 at SUSECVE-2013-2877 at NVDCVE-2014-0191 at SUSECVE-2014-0191 at NVDCVE-2014-3660 at SUSECVE-2014-3660 at NVDcpe:/o:suse:suse_sles:11:sp4libxslt-1.1.24-19.23.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libxslt-1.1.24-19.23.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-1767 at SUSECVE-2008-1767 at NVDCVE-2011-3970 at SUSECVE-2011-3970 at NVDCVE-2012-2825 at SUSECVE-2012-2825 at NVDCVE-2012-6139 at SUSECVE-2012-6139 at NVDCVE-2013-4520 at SUSECVE-2013-4520 at NVDcpe:/o:suse:suse_sles:11:sp4libzip1-0.9-1.24.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the libzip1-0.9-1.24.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-0421 at SUSECVE-2011-0421 at NVDcpe:/o:suse:suse_sles:11:sp4log4net-1.2.10-1.36 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the log4net-1.2.10-1.36 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-0743 at SUSECVE-2006-0743 at NVDcpe:/o:suse:suse_sles:11:sp4logrotate-3.7.7-10.30.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the logrotate-3.7.7-10.30.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-1098 at SUSECVE-2011-1098 at NVDCVE-2011-1154 at SUSECVE-2011-1154 at NVDCVE-2011-1155 at SUSECVE-2011-1155 at NVDcpe:/o:suse:suse_sles:11:sp4logwatch-7.3.6-65.74.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the logwatch-7.3.6-65.74.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-1018 at SUSECVE-2011-1018 at NVDcpe:/o:suse:suse_sles:11:sp4lvm2-2.02.98-0.33.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the lvm2-2.02.98-0.33.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-2526 at SUSECVE-2010-2526 at NVDcpe:/o:suse:suse_sles:11:sp4lxc-0.8.0-0.23.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the lxc-0.8.0-0.23.2 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-6441 at SUSECVE-2013-6441 at NVDcpe:/o:suse:suse_sles:11:sp4mailman-2.1.14-9.6.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the mailman-2.1.14-9.6.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-2191 at SUSECVE-2006-2191 at NVDCVE-2006-2941 at SUSECVE-2006-2941 at NVDCVE-2006-3636 at SUSECVE-2006-3636 at NVDCVE-2010-3089 at SUSECVE-2010-3089 at NVDCVE-2010-3090 at SUSECVE-2010-3090 at NVDCVE-2011-0707 at SUSECVE-2011-0707 at NVDcpe:/o:suse:suse_sles:11:sp4mailx-12.5-1.9.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the mailx-12.5-1.9.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2004-2771 at SUSECVE-2004-2771 at NVDCVE-2014-7844 at SUSECVE-2014-7844 at NVDcpe:/o:suse:suse_sles:11:sp4man-2.5.2-17.16 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the man-2.5.2-17.16 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-4250 at SUSECVE-2006-4250 at NVDcpe:/o:suse:suse_sles:11:sp4mipv6d-2.0.2.umip.0.4-8.7.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the mipv6d-2.0.2.umip.0.4-8.7.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-2522 at SUSECVE-2010-2522 at NVDCVE-2010-2523 at SUSECVE-2010-2523 at NVDcpe:/o:suse:suse_sles:11:sp4mono-core-2.6.7-0.13.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the mono-core-2.6.7-0.13.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-0217 at SUSECVE-2009-0217 at NVDCVE-2010-1459 at SUSECVE-2010-1459 at NVDCVE-2010-3332 at SUSECVE-2010-3332 at NVDCVE-2010-4159 at SUSECVE-2010-4159 at NVDCVE-2012-3382 at SUSECVE-2012-3382 at NVDCVE-2015-2318 at SUSECVE-2015-2318 at NVDCVE-2015-2319 at SUSECVE-2015-2319 at NVDCVE-2015-2320 at SUSECVE-2015-2320 at NVDcpe:/o:suse:suse_sles:11:sp4mozilla-nspr-32bit-4.10.7-0.3.3 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the mozilla-nspr-32bit-4.10.7-0.3.3 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-5607 at SUSECVE-2013-5607 at NVDCVE-2014-1545 at SUSECVE-2014-1545 at NVDcpe:/o:suse:suse_sles:11:sp4mozilla-xulrunner192-1.9.2.27-0.2.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the mozilla-xulrunner192-1.9.2.27-0.2.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-5913 at SUSECVE-2008-5913 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2010-0164 at SUSECVE-2010-0164 at NVDCVE-2010-0165 at SUSECVE-2010-0165 at NVDCVE-2010-0166 at SUSECVE-2010-0166 at NVDCVE-2010-0167 at SUSECVE-2010-0167 at NVDCVE-2010-0168 at SUSECVE-2010-0168 at NVDCVE-2010-0169 at SUSECVE-2010-0169 at NVDCVE-2010-0170 at SUSECVE-2010-0170 at NVDCVE-2010-0171 at SUSECVE-2010-0171 at NVDCVE-2010-0172 at SUSECVE-2010-0172 at NVDCVE-2010-0173 at SUSECVE-2010-0173 at NVDCVE-2010-0174 at SUSECVE-2010-0174 at NVDCVE-2010-0176 at SUSECVE-2010-0176 at NVDCVE-2010-0177 at SUSECVE-2010-0177 at NVDCVE-2010-0178 at SUSECVE-2010-0178 at NVDCVE-2010-0179 at SUSECVE-2010-0179 at NVDCVE-2010-0181 at SUSECVE-2010-0181 at NVDCVE-2010-0182 at SUSECVE-2010-0182 at NVDCVE-2010-0654 at SUSECVE-2010-0654 at NVDCVE-2010-1028 at SUSECVE-2010-1028 at NVDCVE-2010-1121 at SUSECVE-2010-1121 at NVDCVE-2010-1125 at SUSECVE-2010-1125 at NVDCVE-2010-1196 at SUSECVE-2010-1196 at NVDCVE-2010-1197 at SUSECVE-2010-1197 at NVDCVE-2010-1198 at SUSECVE-2010-1198 at NVDCVE-2010-1199 at SUSECVE-2010-1199 at NVDCVE-2010-1200 at SUSECVE-2010-1200 at NVDCVE-2010-1201 at SUSECVE-2010-1201 at NVDCVE-2010-1202 at SUSECVE-2010-1202 at NVDCVE-2010-1203 at SUSECVE-2010-1203 at NVDCVE-2010-1205 at SUSECVE-2010-1205 at NVDCVE-2010-1206 at SUSECVE-2010-1206 at NVDCVE-2010-1207 at SUSECVE-2010-1207 at NVDCVE-2010-1208 at SUSECVE-2010-1208 at NVDCVE-2010-1209 at SUSECVE-2010-1209 at NVDCVE-2010-1210 at SUSECVE-2010-1210 at NVDCVE-2010-1211 at SUSECVE-2010-1211 at NVDCVE-2010-1212 at SUSECVE-2010-1212 at NVDCVE-2010-1213 at SUSECVE-2010-1213 at NVDCVE-2010-1214 at SUSECVE-2010-1214 at NVDCVE-2010-1215 at SUSECVE-2010-1215 at NVDCVE-2010-1585 at SUSECVE-2010-1585 at NVDCVE-2010-2751 at SUSECVE-2010-2751 at NVDCVE-2010-2752 at SUSECVE-2010-2752 at NVDCVE-2010-2753 at SUSECVE-2010-2753 at NVDCVE-2010-2754 at SUSECVE-2010-2754 at NVDCVE-2010-2755 at SUSECVE-2010-2755 at NVDCVE-2010-2760 at SUSECVE-2010-2760 at NVDCVE-2010-2762 at SUSECVE-2010-2762 at NVDCVE-2010-2764 at SUSECVE-2010-2764 at NVDCVE-2010-2765 at SUSECVE-2010-2765 at NVDCVE-2010-2766 at SUSECVE-2010-2766 at NVDCVE-2010-2767 at SUSECVE-2010-2767 at NVDCVE-2010-2768 at SUSECVE-2010-2768 at NVDCVE-2010-2769 at SUSECVE-2010-2769 at NVDCVE-2010-3166 at SUSECVE-2010-3166 at NVDCVE-2010-3167 at SUSECVE-2010-3167 at NVDCVE-2010-3168 at SUSECVE-2010-3168 at NVDCVE-2010-3169 at SUSECVE-2010-3169 at NVDCVE-2010-3170 at SUSECVE-2010-3170 at NVDCVE-2010-3173 at SUSECVE-2010-3173 at NVDCVE-2010-3174 at SUSECVE-2010-3174 at NVDCVE-2010-3175 at SUSECVE-2010-3175 at NVDCVE-2010-3176 at SUSECVE-2010-3176 at NVDCVE-2010-3177 at SUSECVE-2010-3177 at NVDCVE-2010-3178 at SUSECVE-2010-3178 at NVDCVE-2010-3179 at SUSECVE-2010-3179 at NVDCVE-2010-3180 at SUSECVE-2010-3180 at NVDCVE-2010-3182 at SUSECVE-2010-3182 at NVDCVE-2010-3183 at SUSECVE-2010-3183 at NVDCVE-2010-3765 at SUSECVE-2010-3765 at NVDCVE-2010-3766 at SUSECVE-2010-3766 at NVDCVE-2010-3767 at SUSECVE-2010-3767 at NVDCVE-2010-3768 at SUSECVE-2010-3768 at NVDCVE-2010-3769 at SUSECVE-2010-3769 at NVDCVE-2010-3770 at SUSECVE-2010-3770 at NVDCVE-2010-3771 at SUSECVE-2010-3771 at NVDCVE-2010-3772 at SUSECVE-2010-3772 at NVDCVE-2010-3773 at SUSECVE-2010-3773 at NVDCVE-2010-3775 at SUSECVE-2010-3775 at NVDCVE-2010-3776 at SUSECVE-2010-3776 at NVDCVE-2010-3777 at SUSECVE-2010-3777 at NVDCVE-2010-3778 at SUSECVE-2010-3778 at NVDCVE-2011-0051 at SUSECVE-2011-0051 at NVDCVE-2011-0053 at SUSECVE-2011-0053 at NVDCVE-2011-0054 at SUSECVE-2011-0054 at NVDCVE-2011-0055 at SUSECVE-2011-0055 at NVDCVE-2011-0056 at SUSECVE-2011-0056 at NVDCVE-2011-0057 at SUSECVE-2011-0057 at NVDCVE-2011-0059 at SUSECVE-2011-0059 at NVDCVE-2011-0061 at SUSECVE-2011-0061 at NVDCVE-2011-0062 at SUSECVE-2011-0062 at NVDCVE-2011-0065 at SUSECVE-2011-0065 at NVDCVE-2011-0066 at SUSECVE-2011-0066 at NVDCVE-2011-0067 at SUSECVE-2011-0067 at NVDCVE-2011-0069 at SUSECVE-2011-0069 at NVDCVE-2011-0070 at SUSECVE-2011-0070 at NVDCVE-2011-0072 at SUSECVE-2011-0072 at NVDCVE-2011-0073 at SUSECVE-2011-0073 at NVDCVE-2011-0074 at SUSECVE-2011-0074 at NVDCVE-2011-0075 at SUSECVE-2011-0075 at NVDCVE-2011-0077 at SUSECVE-2011-0077 at NVDCVE-2011-0078 at SUSECVE-2011-0078 at NVDCVE-2011-0080 at SUSECVE-2011-0080 at NVDCVE-2011-0081 at SUSECVE-2011-0081 at NVDCVE-2011-0083 at SUSECVE-2011-0083 at NVDCVE-2011-0084 at SUSECVE-2011-0084 at NVDCVE-2011-0085 at SUSECVE-2011-0085 at NVDCVE-2011-1202 at SUSECVE-2011-1202 at NVDCVE-2011-2362 at SUSECVE-2011-2362 at NVDCVE-2011-2363 at SUSECVE-2011-2363 at NVDCVE-2011-2364 at SUSECVE-2011-2364 at NVDCVE-2011-2365 at SUSECVE-2011-2365 at NVDCVE-2011-2371 at SUSECVE-2011-2371 at NVDCVE-2011-2372 at SUSECVE-2011-2372 at NVDCVE-2011-2373 at SUSECVE-2011-2373 at NVDCVE-2011-2374 at SUSECVE-2011-2374 at NVDCVE-2011-2376 at SUSECVE-2011-2376 at NVDCVE-2011-2377 at SUSECVE-2011-2377 at NVDCVE-2011-2378 at SUSECVE-2011-2378 at NVDCVE-2011-2980 at SUSECVE-2011-2980 at NVDCVE-2011-2981 at SUSECVE-2011-2981 at NVDCVE-2011-2982 at SUSECVE-2011-2982 at NVDCVE-2011-2983 at SUSECVE-2011-2983 at NVDCVE-2011-2995 at SUSECVE-2011-2995 at NVDCVE-2011-2996 at SUSECVE-2011-2996 at NVDCVE-2011-2999 at SUSECVE-2011-2999 at NVDCVE-2011-3000 at SUSECVE-2011-3000 at NVDCVE-2011-3001 at SUSECVE-2011-3001 at NVDCVE-2011-3026 at SUSECVE-2011-3026 at NVDCVE-2011-3647 at SUSECVE-2011-3647 at NVDCVE-2011-3648 at SUSECVE-2011-3648 at NVDCVE-2011-3650 at SUSECVE-2011-3650 at NVDCVE-2011-3659 at SUSECVE-2011-3659 at NVDCVE-2011-3666 at SUSECVE-2011-3666 at NVDCVE-2011-3670 at SUSECVE-2011-3670 at NVDCVE-2012-0442 at SUSECVE-2012-0442 at NVDCVE-2012-0443 at SUSECVE-2012-0443 at NVDCVE-2012-0444 at SUSECVE-2012-0444 at NVDCVE-2012-0449 at SUSECVE-2012-0449 at NVDcpe:/o:suse:suse_sles:11:sp4mutt-1.5.17-42.39.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the mutt-1.5.17-42.39.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-1558 at SUSECVE-2007-1558 at NVDCVE-2014-0467 at SUSECVE-2014-0467 at NVDCVE-2014-9116 at SUSECVE-2014-9116 at NVDcpe:/o:suse:suse_sles:11:sp4nagios-3.0.6-1.25.36.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the nagios-3.0.6-1.25.36.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-5803 at SUSECVE-2007-5803 at NVDCVE-2011-1523 at SUSECVE-2011-1523 at NVDCVE-2012-6096 at SUSECVE-2012-6096 at NVDCVE-2013-7108 at SUSECVE-2013-7108 at NVDCVE-2014-1878 at SUSECVE-2014-1878 at NVDcpe:/o:suse:suse_sles:11:sp4nagios-nrpe-2.12-24.4.10.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the nagios-nrpe-2.12-24.4.10.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-1362 at SUSECVE-2013-1362 at NVDCVE-2014-2913 at SUSECVE-2014-2913 at NVDcpe:/o:suse:suse_sles:11:sp4nagios-plugins-1.4.16-0.13.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the nagios-plugins-1.4.16-0.13.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-5623 at SUSECVE-2007-5623 at NVDcpe:/o:suse:suse_sles:11:sp4nfs-client-1.2.3-18.38.43.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the nfs-client-1.2.3-18.38.43.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-1923 at SUSECVE-2013-1923 at NVDcpe:/o:suse:suse_sles:11:sp4ntp-4.2.8p2-2.18 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the ntp-4.2.8p2-2.18 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-0159 at SUSECVE-2009-0159 at NVDCVE-2009-1252 at SUSECVE-2009-1252 at NVDCVE-2013-5211 at SUSECVE-2013-5211 at NVDCVE-2014-9295 at SUSECVE-2014-9295 at NVDCVE-2014-9297 at SUSECVE-2014-9297 at NVDCVE-2014-9298 at SUSECVE-2014-9298 at NVDCVE-2015-1798 at SUSECVE-2015-1798 at NVDCVE-2015-1799 at SUSECVE-2015-1799 at NVDcpe:/o:suse:suse_sles:11:sp4ofed-1.5.4.1-20.26 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the ofed-1.5.4.1-20.26 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-1693 at SUSECVE-2010-1693 at NVDCVE-2010-3904 at SUSECVE-2010-3904 at NVDCVE-2010-4649 at SUSECVE-2010-4649 at NVDCVE-2011-3345 at SUSECVE-2011-3345 at NVDcpe:/o:suse:suse_sles:11:sp4openCryptoki-3.2-0.11.26 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the openCryptoki-3.2-0.11.26 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2012-4454 at SUSECVE-2012-4454 at NVDCVE-2012-4455 at SUSECVE-2012-4455 at NVDcpe:/o:suse:suse_sles:11:sp4openslp-1.2.0-172.24.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the openslp-1.2.0-172.24.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-3609 at SUSECVE-2010-3609 at NVDCVE-2012-4428 at SUSECVE-2012-4428 at NVDcpe:/o:suse:suse_sles:11:sp4openssh-6.6p1-4.7 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the openssh-6.6p1-4.7 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-0225 at SUSECVE-2006-0225 at NVDCVE-2007-4752 at SUSECVE-2007-4752 at NVDCVE-2008-1483 at SUSECVE-2008-1483 at NVDCVE-2010-5107 at SUSECVE-2010-5107 at NVDCVE-2011-5000 at SUSECVE-2011-5000 at NVDCVE-2012-0814 at SUSECVE-2012-0814 at NVDCVE-2014-2532 at SUSECVE-2014-2532 at NVDCVE-2014-2653 at SUSECVE-2014-2653 at NVDcpe:/o:suse:suse_sles:11:sp4openvpn-2.0.9-143.44.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the openvpn-2.0.9-143.44.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-4339 at SUSECVE-2006-4339 at NVDCVE-2013-2061 at SUSECVE-2013-2061 at NVDCVE-2014-8104 at SUSECVE-2014-8104 at NVDcpe:/o:suse:suse_sles:11:sp4opie-2.4-662.18.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the opie-2.4-662.18.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-2489 at SUSECVE-2011-2489 at NVDCVE-2011-2490 at SUSECVE-2011-2490 at NVDcpe:/o:suse:suse_sles:11:sp4pam-1.1.5-0.15.9 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the pam-1.1.5-0.15.9 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-0579 at SUSECVE-2009-0579 at NVDCVE-2009-0887 at SUSECVE-2009-0887 at NVDCVE-2011-3148 at SUSECVE-2011-3148 at NVDCVE-2011-3149 at SUSECVE-2011-3149 at NVDCVE-2014-2583 at SUSECVE-2014-2583 at NVDcpe:/o:suse:suse_sles:11:sp4pam_krb5-2.3.1-47.12.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the pam_krb5-2.3.1-47.12.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-3825 at SUSECVE-2008-3825 at NVDcpe:/o:suse:suse_sles:11:sp4pam_ldap-184-147.20 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the pam_ldap-184-147.20 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-5170 at SUSECVE-2006-5170 at NVDcpe:/o:suse:suse_sles:11:sp4pam_mount-0.47-13.16.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the pam_mount-0.47-13.16.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-5138 at SUSECVE-2008-5138 at NVDcpe:/o:suse:suse_sles:11:sp4pango-1.26.2-1.3.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the pango-1.26.2-1.3.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-0020 at SUSECVE-2011-0020 at NVDCVE-2011-0064 at SUSECVE-2011-0064 at NVDcpe:/o:suse:suse_sles:11:sp4pcsc-ccid-1.3.8-3.15.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the pcsc-ccid-1.3.8-3.15.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-4530 at SUSECVE-2010-4530 at NVDcpe:/o:suse:suse_sles:11:sp4pcsc-lite-1.4.102-1.37.3 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the pcsc-lite-1.4.102-1.37.3 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-0407 at SUSECVE-2010-0407 at NVDCVE-2010-4531 at SUSECVE-2010-4531 at NVDcpe:/o:suse:suse_sles:11:sp4perl-32bit-5.10.0-64.72.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the perl-32bit-5.10.0-64.72.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-5116 at SUSECVE-2007-5116 at NVDCVE-2010-1168 at SUSECVE-2010-1168 at NVDCVE-2010-1447 at SUSECVE-2010-1447 at NVDCVE-2010-2761 at SUSECVE-2010-2761 at NVDCVE-2010-4410 at SUSECVE-2010-4410 at NVDCVE-2010-4411 at SUSECVE-2010-4411 at NVDCVE-2010-4777 at SUSECVE-2010-4777 at NVDCVE-2011-1487 at SUSECVE-2011-1487 at NVDCVE-2011-2728 at SUSECVE-2011-2728 at NVDCVE-2012-5526 at SUSECVE-2012-5526 at NVDCVE-2012-6329 at SUSECVE-2012-6329 at NVDCVE-2013-1667 at SUSECVE-2013-1667 at NVDCVE-2014-4330 at SUSECVE-2014-4330 at NVDcpe:/o:suse:suse_sles:11:sp4perl-HTML-Parser-3.56-1.18.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the perl-HTML-Parser-3.56-1.18.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-3627 at SUSECVE-2009-3627 at NVDcpe:/o:suse:suse_sles:11:sp4perl-Tk-804.028-50.24 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the perl-Tk-804.028-50.24 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-4484 at SUSECVE-2006-4484 at NVDcpe:/o:suse:suse_sles:11:sp4perl-libwww-perl-5.816-2.23.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the perl-libwww-perl-5.816-2.23.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-0633 at SUSECVE-2011-0633 at NVDcpe:/o:suse:suse_sles:11:sp4perl-spamassassin-3.3.1-10.8.3 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the perl-spamassassin-3.3.1-10.8.3 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-0451 at SUSECVE-2007-0451 at NVDCVE-2007-2873 at SUSECVE-2007-2873 at NVDcpe:/o:suse:suse_sles:11:sp4popt-1.7-37.63.64.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the popt-1.7-37.63.64.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-6435 at SUSECVE-2013-6435 at NVDCVE-2014-8118 at SUSECVE-2014-8118 at NVDcpe:/o:suse:suse_sles:11:sp4postgresql-8.3.23-0.4.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the postgresql-8.3.23-0.4.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-4769 at SUSECVE-2007-4769 at NVDCVE-2007-4772 at SUSECVE-2007-4772 at NVDCVE-2007-6067 at SUSECVE-2007-6067 at NVDCVE-2007-6600 at SUSECVE-2007-6600 at NVDCVE-2007-6601 at SUSECVE-2007-6601 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2009-4034 at SUSECVE-2009-4034 at NVDCVE-2009-4136 at SUSECVE-2009-4136 at NVDCVE-2010-0442 at SUSECVE-2010-0442 at NVDCVE-2010-1169 at SUSECVE-2010-1169 at NVDCVE-2010-1170 at SUSECVE-2010-1170 at NVDCVE-2010-3433 at SUSECVE-2010-3433 at NVDCVE-2010-4014 at SUSECVE-2010-4014 at NVDCVE-2010-4015 at SUSECVE-2010-4015 at NVDCVE-2012-0866 at SUSECVE-2012-0866 at NVDCVE-2012-0868 at SUSECVE-2012-0868 at NVDCVE-2012-2143 at SUSECVE-2012-2143 at NVDCVE-2012-2655 at SUSECVE-2012-2655 at NVDCVE-2012-3488 at SUSECVE-2012-3488 at NVDCVE-2012-3489 at SUSECVE-2012-3489 at NVDCVE-2013-0255 at SUSECVE-2013-0255 at NVDcpe:/o:suse:suse_sles:11:sp4powerpc-utils-1.2.22-2.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the powerpc-utils-1.2.22-2.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-4040 at SUSECVE-2014-4040 at NVDcpe:/o:suse:suse_sles:11:sp4ppc64-diag-2.6.7-1.31 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the ppc64-diag-2.6.7-1.31 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-4038 at SUSECVE-2014-4038 at NVDCVE-2014-4039 at SUSECVE-2014-4039 at NVDcpe:/o:suse:suse_sles:11:sp4ppp-2.4.5.git-2.29.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the ppp-2.4.5.git-2.29.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-3158 at SUSECVE-2014-3158 at NVDcpe:/o:suse:suse_sles:11:sp4procmail-3.22-240.8.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the procmail-3.22-240.8.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-3618 at SUSECVE-2014-3618 at NVDcpe:/o:suse:suse_sles:11:sp4puppet-2.7.26-0.5.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the puppet-2.7.26-0.5.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-0156 at SUSECVE-2010-0156 at NVDCVE-2011-1986 at SUSECVE-2011-1986 at NVDCVE-2011-3848 at SUSECVE-2011-3848 at NVDCVE-2011-3869 at SUSECVE-2011-3869 at NVDCVE-2011-3870 at SUSECVE-2011-3870 at NVDCVE-2011-3871 at SUSECVE-2011-3871 at NVDCVE-2011-3872 at SUSECVE-2011-3872 at NVDCVE-2012-1987 at SUSECVE-2012-1987 at NVDCVE-2012-1988 at SUSECVE-2012-1988 at NVDCVE-2012-1989 at SUSECVE-2012-1989 at NVDCVE-2012-3864 at SUSECVE-2012-3864 at NVDCVE-2012-3865 at SUSECVE-2012-3865 at NVDCVE-2012-3867 at SUSECVE-2012-3867 at NVDCVE-2013-3567 at SUSECVE-2013-3567 at NVDCVE-2013-4761 at SUSECVE-2013-4761 at NVDCVE-2013-4969 at SUSECVE-2013-4969 at NVDCVE-2014-3248 at SUSECVE-2014-3248 at NVDCVE-2014-3250 at SUSECVE-2014-3250 at NVDcpe:/o:suse:suse_sles:11:sp4pure-ftpd-1.0.22-3.25.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the pure-ftpd-1.0.22-3.25.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-0411 at SUSECVE-2011-0411 at NVDCVE-2011-3171 at SUSECVE-2011-3171 at NVDcpe:/o:suse:suse_sles:11:sp4python-2.6.9-0.35.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the python-2.6.9-0.35.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-2052 at SUSECVE-2007-2052 at NVDCVE-2008-1721 at SUSECVE-2008-1721 at NVDCVE-2008-2315 at SUSECVE-2008-2315 at NVDCVE-2008-2316 at SUSECVE-2008-2316 at NVDCVE-2008-3142 at SUSECVE-2008-3142 at NVDCVE-2008-3143 at SUSECVE-2008-3143 at NVDCVE-2008-3144 at SUSECVE-2008-3144 at NVDCVE-2013-4238 at SUSECVE-2013-4238 at NVDcpe:/o:suse:suse_sles:11:sp4python-imaging-1.1.6-168.34.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the python-imaging-1.1.6-168.34.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-1932 at SUSECVE-2014-1932 at NVDCVE-2014-1933 at SUSECVE-2014-1933 at NVDcpe:/o:suse:suse_sles:11:sp4python-lxml-2.3.6-0.13.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the python-lxml-2.3.6-0.13.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-3146 at SUSECVE-2014-3146 at NVDcpe:/o:suse:suse_sles:11:sp4python-pam-0.5.0-3.20.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the python-pam-0.5.0-3.20.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2012-1502 at SUSECVE-2012-1502 at NVDcpe:/o:suse:suse_sles:11:sp4python-pywbem-0.7-6.22.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the python-pywbem-0.7-6.22.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-6418 at SUSECVE-2013-6418 at NVDcpe:/o:suse:suse_sles:11:sp4pyxml-0.8.4-194.23.38 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the pyxml-0.8.4-194.23.38 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-3560 at SUSECVE-2009-3560 at NVDCVE-2009-3720 at SUSECVE-2009-3720 at NVDcpe:/o:suse:suse_sles:11:sp4qt3-3.3.8b-88.21 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the qt3-3.3.8b-88.21 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-4811 at SUSECVE-2006-4811 at NVDCVE-2007-0242 at SUSECVE-2007-0242 at NVDCVE-2007-3388 at SUSECVE-2007-3388 at NVDCVE-2007-4137 at SUSECVE-2007-4137 at NVDcpe:/o:suse:suse_sles:11:sp4quagga-0.99.15-0.14.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the quagga-0.99.15-0.14.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-2223 at SUSECVE-2006-2223 at NVDCVE-2007-1995 at SUSECVE-2007-1995 at NVDCVE-2010-1674 at SUSECVE-2010-1674 at NVDCVE-2010-1675 at SUSECVE-2010-1675 at NVDCVE-2010-2948 at SUSECVE-2010-2948 at NVDCVE-2010-2949 at SUSECVE-2010-2949 at NVDCVE-2013-0149 at SUSECVE-2013-0149 at NVDCVE-2013-2236 at SUSECVE-2013-2236 at NVDcpe:/o:suse:suse_sles:11:sp4radvd-1.1-1.24.8.19 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the radvd-1.1-1.24.8.19 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-3602 at SUSECVE-2011-3602 at NVDCVE-2011-3603 at SUSECVE-2011-3603 at NVDCVE-2011-3604 at SUSECVE-2011-3604 at NVDCVE-2011-3605 at SUSECVE-2011-3605 at NVDcpe:/o:suse:suse_sles:11:sp4rsync-3.0.4-2.47.28 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the rsync-3.0.4-2.47.28 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-4091 at SUSECVE-2007-4091 at NVDCVE-2007-6199 at SUSECVE-2007-6199 at NVDCVE-2011-1097 at SUSECVE-2011-1097 at NVDcpe:/o:suse:suse_sles:11:sp4rsyslog-5.10.1-0.11.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the rsyslog-5.10.1-0.11.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-3200 at SUSECVE-2011-3200 at NVDCVE-2014-3634 at SUSECVE-2014-3634 at NVDCVE-2014-3683 at SUSECVE-2014-3683 at NVDcpe:/o:suse:suse_sles:11:sp4ruby-1.8.7.p357-0.9.17.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the ruby-1.8.7.p357-0.9.17.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-3694 at SUSECVE-2006-3694 at NVDCVE-2006-5467 at SUSECVE-2006-5467 at NVDCVE-2006-6303 at SUSECVE-2006-6303 at NVDCVE-2007-5162 at SUSECVE-2007-5162 at NVDCVE-2007-5770 at SUSECVE-2007-5770 at NVDCVE-2008-1145 at SUSECVE-2008-1145 at NVDCVE-2008-3790 at SUSECVE-2008-3790 at NVDCVE-2009-0642 at SUSECVE-2009-0642 at NVDCVE-2009-1904 at SUSECVE-2009-1904 at NVDCVE-2009-4492 at SUSECVE-2009-4492 at NVDCVE-2010-0541 at SUSECVE-2010-0541 at NVDCVE-2011-0188 at SUSECVE-2011-0188 at NVDCVE-2011-1004 at SUSECVE-2011-1004 at NVDCVE-2011-1005 at SUSECVE-2011-1005 at NVDCVE-2011-2686 at SUSECVE-2011-2686 at NVDCVE-2011-2705 at SUSECVE-2011-2705 at NVDCVE-2011-3009 at SUSECVE-2011-3009 at NVDCVE-2011-4815 at SUSECVE-2011-4815 at NVDCVE-2012-4466 at SUSECVE-2012-4466 at NVDCVE-2013-1821 at SUSECVE-2013-1821 at NVDCVE-2013-4073 at SUSECVE-2013-4073 at NVDCVE-2013-4164 at SUSECVE-2013-4164 at NVDCVE-2014-8080 at SUSECVE-2014-8080 at NVDCVE-2014-8090 at SUSECVE-2014-8090 at NVDcpe:/o:suse:suse_sles:11:sp4sblim-sfcb-1.3.11-0.23.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the sblim-sfcb-1.3.11-0.23.2 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2012-3381 at SUSECVE-2012-3381 at NVDcpe:/o:suse:suse_sles:11:sp4sendmail-8.14.3-50.24.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the sendmail-8.14.3-50.24.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-3956 at SUSECVE-2014-3956 at NVDcpe:/o:suse:suse_sles:11:sp4shim-0.7.318.81ee561d-0.9.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the shim-0.7.318.81ee561d-0.9.2 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-3675 at SUSECVE-2014-3675 at NVDCVE-2014-3676 at SUSECVE-2014-3676 at NVDCVE-2014-3677 at SUSECVE-2014-3677 at NVDcpe:/o:suse:suse_sles:11:sp4socat-1.7.0.0-1.16.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the socat-1.7.0.0-1.16.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-2799 at SUSECVE-2010-2799 at NVDCVE-2012-0219 at SUSECVE-2012-0219 at NVDcpe:/o:suse:suse_sles:11:sp4squid-2.7.STABLE5-2.12.16.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the squid-2.7.STABLE5-2.12.16.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-0478 at SUSECVE-2009-0478 at NVDCVE-2009-2855 at SUSECVE-2009-2855 at NVDCVE-2010-0308 at SUSECVE-2010-0308 at NVDCVE-2010-0639 at SUSECVE-2010-0639 at NVDCVE-2012-5643 at SUSECVE-2012-5643 at NVDCVE-2013-0188 at SUSECVE-2013-0188 at NVDCVE-2013-0189 at SUSECVE-2013-0189 at NVDCVE-2013-4115 at SUSECVE-2013-4115 at NVDcpe:/o:suse:suse_sles:11:sp4squid3-3.1.12-8.16.20.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the squid3-3.1.12-8.16.20.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2005-0094 at SUSECVE-2005-0094 at NVDCVE-2011-3205 at SUSECVE-2011-3205 at NVDCVE-2011-4096 at SUSECVE-2011-4096 at NVDCVE-2012-5643 at SUSECVE-2012-5643 at NVDCVE-2013-0188 at SUSECVE-2013-0188 at NVDCVE-2013-0189 at SUSECVE-2013-0189 at NVDCVE-2013-4115 at SUSECVE-2013-4115 at NVDCVE-2014-0128 at SUSECVE-2014-0128 at NVDCVE-2014-3609 at SUSECVE-2014-3609 at NVDcpe:/o:suse:suse_sles:11:sp4squidGuard-1.4-13.6.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the squidGuard-1.4-13.6.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-3700 at SUSECVE-2009-3700 at NVDCVE-2009-3826 at SUSECVE-2009-3826 at NVDcpe:/o:suse:suse_sles:11:sp4star-1.5final-28.23.25.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the star-1.5final-28.23.25.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-4134 at SUSECVE-2007-4134 at NVDcpe:/o:suse:suse_sles:11:sp4strongswan-4.4.0-6.25.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the strongswan-4.4.0-6.25.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-2944 at SUSECVE-2013-2944 at NVDCVE-2013-5018 at SUSECVE-2013-5018 at NVDCVE-2013-6075 at SUSECVE-2013-6075 at NVDCVE-2014-2338 at SUSECVE-2014-2338 at NVDCVE-2014-2891 at SUSECVE-2014-2891 at NVDcpe:/o:suse:suse_sles:11:sp4stunnel-4.54-0.9.24 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the stunnel-4.54-0.9.24 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-1762 at SUSECVE-2013-1762 at NVDcpe:/o:suse:suse_sles:11:sp4sudo-1.7.6p2-0.23.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the sudo-1.7.6p2-0.23.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-0426 at SUSECVE-2010-0426 at NVDCVE-2010-0427 at SUSECVE-2010-0427 at NVDCVE-2012-2337 at SUSECVE-2012-2337 at NVDCVE-2013-1775 at SUSECVE-2013-1775 at NVDCVE-2013-1776 at SUSECVE-2013-1776 at NVDCVE-2013-2776 at SUSECVE-2013-2776 at NVDCVE-2013-2777 at SUSECVE-2013-2777 at NVDCVE-2014-0106 at SUSECVE-2014-0106 at NVDCVE-2014-9680 at SUSECVE-2014-9680 at NVDcpe:/o:suse:suse_sles:11:sp4sysconfig-0.71.61-0.13.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the sysconfig-0.71.61-0.13.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-4182 at SUSECVE-2011-4182 at NVDcpe:/o:suse:suse_sles:11:sp4syslog-ng-2.0.9-27.34.36.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the syslog-ng-2.0.9-27.34.36.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-5110 at SUSECVE-2008-5110 at NVDcpe:/o:suse:suse_sles:11:sp4sysstat-8.1.5-7.50.25 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the sysstat-8.1.5-7.50.25 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-3852 at SUSECVE-2007-3852 at NVDcpe:/o:suse:suse_sles:11:sp4system-config-printer-1.0.8-9.23.44 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the system-config-printer-1.0.8-9.23.44 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-4405 at SUSECVE-2011-4405 at NVDCVE-2012-4510 at SUSECVE-2012-4510 at NVDcpe:/o:suse:suse_sles:11:sp4systemtap-1.5-0.9.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the systemtap-1.5-0.9.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2009-2911 at SUSECVE-2009-2911 at NVDCVE-2009-4273 at SUSECVE-2009-4273 at NVDCVE-2012-0875 at SUSECVE-2012-0875 at NVDcpe:/o:suse:suse_sles:11:sp4t1lib-5.1.1-100.21.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the t1lib-5.1.1-100.21.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-2642 at SUSECVE-2010-2642 at NVDCVE-2011-0433 at SUSECVE-2011-0433 at NVDCVE-2011-0764 at SUSECVE-2011-0764 at NVDCVE-2011-1552 at SUSECVE-2011-1552 at NVDCVE-2011-1553 at SUSECVE-2011-1553 at NVDCVE-2011-1554 at SUSECVE-2011-1554 at NVDcpe:/o:suse:suse_sles:11:sp4taglib-1.5-19.23.4 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the taglib-1.5-19.23.4 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2012-1108 at SUSECVE-2012-1108 at NVDCVE-2012-1584 at SUSECVE-2012-1584 at NVDcpe:/o:suse:suse_sles:11:sp4tar-1.26-1.2.6.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the tar-1.26-1.2.6.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2001-1267 at SUSECVE-2001-1267 at NVDCVE-2002-0399 at SUSECVE-2002-0399 at NVDCVE-2006-6097 at SUSECVE-2006-6097 at NVDCVE-2010-0624 at SUSECVE-2010-0624 at NVDcpe:/o:suse:suse_sles:11:sp4tcpdump-3.9.8-1.27.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the tcpdump-3.9.8-1.27.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-8767 at SUSECVE-2014-8767 at NVDCVE-2014-8769 at SUSECVE-2014-8769 at NVDCVE-2014-9140 at SUSECVE-2014-9140 at NVDCVE-2015-0261 at SUSECVE-2015-0261 at NVDCVE-2015-2153 at SUSECVE-2015-2153 at NVDCVE-2015-2154 at SUSECVE-2015-2154 at NVDcpe:/o:suse:suse_sles:11:sp4tftp-0.48-101.31.27 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the tftp-0.48-101.31.27 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-2199 at SUSECVE-2011-2199 at NVDcpe:/o:suse:suse_sles:11:sp4tgt-0.9.10-0.17.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the tgt-0.9.10-0.17.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-0001 at SUSECVE-2011-0001 at NVDcpe:/o:suse:suse_sles:11:sp4tomcat6-6.0.41-0.43.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the tomcat6-6.0.41-0.43.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-1232 at SUSECVE-2008-1232 at NVDCVE-2008-1947 at SUSECVE-2008-1947 at NVDCVE-2008-2370 at SUSECVE-2008-2370 at NVDCVE-2008-2938 at SUSECVE-2008-2938 at NVDCVE-2008-5515 at SUSECVE-2008-5515 at NVDCVE-2009-0033 at SUSECVE-2009-0033 at NVDCVE-2009-0580 at SUSECVE-2009-0580 at NVDCVE-2009-0781 at SUSECVE-2009-0781 at NVDCVE-2009-0783 at SUSECVE-2009-0783 at NVDCVE-2009-2693 at SUSECVE-2009-2693 at NVDCVE-2009-2901 at SUSECVE-2009-2901 at NVDCVE-2009-2902 at SUSECVE-2009-2902 at NVDCVE-2010-1157 at SUSECVE-2010-1157 at NVDCVE-2010-2227 at SUSECVE-2010-2227 at NVDCVE-2010-3718 at SUSECVE-2010-3718 at NVDCVE-2010-4172 at SUSECVE-2010-4172 at NVDCVE-2011-0013 at SUSECVE-2011-0013 at NVDCVE-2011-0534 at SUSECVE-2011-0534 at NVDCVE-2011-1184 at SUSECVE-2011-1184 at NVDCVE-2011-2204 at SUSECVE-2011-2204 at NVDCVE-2011-2526 at SUSECVE-2011-2526 at NVDCVE-2011-3190 at SUSECVE-2011-3190 at NVDCVE-2011-5062 at SUSECVE-2011-5062 at NVDCVE-2011-5063 at SUSECVE-2011-5063 at NVDCVE-2011-5064 at SUSECVE-2011-5064 at NVDCVE-2012-0022 at SUSECVE-2012-0022 at NVDCVE-2012-2733 at SUSECVE-2012-2733 at NVDCVE-2012-3439 at SUSECVE-2012-3439 at NVDCVE-2012-3544 at SUSECVE-2012-3544 at NVDCVE-2012-3546 at SUSECVE-2012-3546 at NVDCVE-2012-4431 at SUSECVE-2012-4431 at NVDCVE-2012-4534 at SUSECVE-2012-4534 at NVDCVE-2012-5568 at SUSECVE-2012-5568 at NVDCVE-2012-5885 at SUSECVE-2012-5885 at NVDCVE-2012-5886 at SUSECVE-2012-5886 at NVDCVE-2012-5887 at SUSECVE-2012-5887 at NVDCVE-2013-1976 at SUSECVE-2013-1976 at NVDCVE-2014-0096 at SUSECVE-2014-0096 at NVDCVE-2014-0099 at SUSECVE-2014-0099 at NVDCVE-2014-0119 at SUSECVE-2014-0119 at NVDcpe:/o:suse:suse_sles:11:sp4unixODBC_23-2.3.1-0.9.40 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the unixODBC_23-2.3.1-0.9.40 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-1145 at SUSECVE-2011-1145 at NVDcpe:/o:suse:suse_sles:11:sp4unrar-3.80.2-2.8 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the unrar-3.80.2-2.8 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-3726 at SUSECVE-2007-3726 at NVDcpe:/o:suse:suse_sles:11:sp4unzip-6.00-11.13.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the unzip-6.00-11.13.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2005-2475 at SUSECVE-2005-2475 at NVDCVE-2014-8139 at SUSECVE-2014-8139 at NVDCVE-2014-8140 at SUSECVE-2014-8140 at NVDCVE-2014-8141 at SUSECVE-2014-8141 at NVDCVE-2014-9636 at SUSECVE-2014-9636 at NVDcpe:/o:suse:suse_sles:11:sp4vino-2.28.1-2.5.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the vino-2.28.1-2.5.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-5745 at SUSECVE-2013-5745 at NVDcpe:/o:suse:suse_sles:11:sp4virt-utils-1.2.1-10.41 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the virt-utils-1.2.1-10.41 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-1922 at SUSECVE-2013-1922 at NVDcpe:/o:suse:suse_sles:11:sp4vsftpd-2.0.7-4.35.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the vsftpd-2.0.7-4.35.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2015-1419 at SUSECVE-2015-1419 at NVDcpe:/o:suse:suse_sles:11:sp4vte-0.22.5-0.2.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the vte-0.22.5-0.2.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-2713 at SUSECVE-2010-2713 at NVDcpe:/o:suse:suse_sles:11:sp4w3m-0.5.2-132.2.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the w3m-0.5.2-132.2.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-6772 at SUSECVE-2006-6772 at NVDCVE-2010-2074 at SUSECVE-2010-2074 at NVDcpe:/o:suse:suse_sles:11:sp4wget-1.11.4-1.19.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the wget-1.11.4-1.19.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-6719 at SUSECVE-2006-6719 at NVDCVE-2014-4877 at SUSECVE-2014-4877 at NVDcpe:/o:suse:suse_sles:11:sp4wireshark-1.10.13-0.2.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the wireshark-1.10.13-0.2.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-1932 at SUSECVE-2006-1932 at NVDCVE-2006-4574 at SUSECVE-2006-4574 at NVDCVE-2006-4805 at SUSECVE-2006-4805 at NVDCVE-2006-5468 at SUSECVE-2006-5468 at NVDCVE-2006-5469 at SUSECVE-2006-5469 at NVDCVE-2006-5740 at SUSECVE-2006-5740 at NVDCVE-2007-0456 at SUSECVE-2007-0456 at NVDCVE-2007-0457 at SUSECVE-2007-0457 at NVDCVE-2007-0458 at SUSECVE-2007-0458 at NVDCVE-2007-0459 at SUSECVE-2007-0459 at NVDCVE-2009-1210 at SUSECVE-2009-1210 at NVDCVE-2009-1267 at SUSECVE-2009-1267 at NVDCVE-2009-1268 at SUSECVE-2009-1268 at NVDCVE-2009-1269 at SUSECVE-2009-1269 at NVDCVE-2009-2560 at SUSECVE-2009-2560 at NVDCVE-2009-2562 at SUSECVE-2009-2562 at NVDCVE-2009-3549 at SUSECVE-2009-3549 at NVDCVE-2009-3550 at SUSECVE-2009-3550 at NVDCVE-2009-3829 at SUSECVE-2009-3829 at NVDCVE-2009-4377 at SUSECVE-2009-4377 at NVDCVE-2010-0304 at SUSECVE-2010-0304 at NVDCVE-2010-1455 at SUSECVE-2010-1455 at NVDCVE-2010-2992 at SUSECVE-2010-2992 at NVDCVE-2010-2993 at SUSECVE-2010-2993 at NVDCVE-2010-2994 at SUSECVE-2010-2994 at NVDCVE-2010-2995 at SUSECVE-2010-2995 at NVDCVE-2010-3445 at SUSECVE-2010-3445 at NVDCVE-2010-4300 at SUSECVE-2010-4300 at NVDCVE-2010-4301 at SUSECVE-2010-4301 at NVDCVE-2010-4538 at SUSECVE-2010-4538 at NVDCVE-2011-0024 at SUSECVE-2011-0024 at NVDCVE-2011-0538 at SUSECVE-2011-0538 at NVDCVE-2011-0713 at SUSECVE-2011-0713 at NVDCVE-2011-1138 at SUSECVE-2011-1138 at NVDCVE-2011-1139 at SUSECVE-2011-1139 at NVDCVE-2011-1140 at SUSECVE-2011-1140 at NVDCVE-2011-1143 at SUSECVE-2011-1143 at NVDCVE-2011-1590 at SUSECVE-2011-1590 at NVDCVE-2011-1591 at SUSECVE-2011-1591 at NVDCVE-2011-1592 at SUSECVE-2011-1592 at NVDCVE-2011-1957 at SUSECVE-2011-1957 at NVDCVE-2011-1958 at SUSECVE-2011-1958 at NVDCVE-2011-1959 at SUSECVE-2011-1959 at NVDCVE-2011-2174 at SUSECVE-2011-2174 at NVDCVE-2011-2175 at SUSECVE-2011-2175 at NVDCVE-2011-2597 at SUSECVE-2011-2597 at NVDCVE-2011-2698 at SUSECVE-2011-2698 at NVDCVE-2011-3266 at SUSECVE-2011-3266 at NVDCVE-2011-3360 at SUSECVE-2011-3360 at NVDCVE-2011-3483 at SUSECVE-2011-3483 at NVDCVE-2012-1593 at SUSECVE-2012-1593 at NVDCVE-2012-1595 at SUSECVE-2012-1595 at NVDCVE-2012-1596 at SUSECVE-2012-1596 at NVDCVE-2012-2392 at SUSECVE-2012-2392 at NVDCVE-2012-2393 at SUSECVE-2012-2393 at NVDCVE-2012-2394 at SUSECVE-2012-2394 at NVDCVE-2012-4048 at SUSECVE-2012-4048 at NVDCVE-2012-4049 at SUSECVE-2012-4049 at NVDCVE-2012-4285 at SUSECVE-2012-4285 at NVDCVE-2012-4288 at SUSECVE-2012-4288 at NVDCVE-2012-4289 at SUSECVE-2012-4289 at NVDCVE-2012-4290 at SUSECVE-2012-4290 at NVDCVE-2012-4291 at SUSECVE-2012-4291 at NVDCVE-2012-4292 at SUSECVE-2012-4292 at NVDCVE-2012-4293 at SUSECVE-2012-4293 at NVDCVE-2012-4296 at SUSECVE-2012-4296 at NVDCVE-2012-5592 at SUSECVE-2012-5592 at NVDCVE-2012-5593 at SUSECVE-2012-5593 at NVDCVE-2012-5594 at SUSECVE-2012-5594 at NVDCVE-2012-5595 at SUSECVE-2012-5595 at NVDCVE-2012-5596 at SUSECVE-2012-5596 at NVDCVE-2012-5597 at SUSECVE-2012-5597 at NVDCVE-2012-5598 at SUSECVE-2012-5598 at NVDCVE-2012-5599 at SUSECVE-2012-5599 at NVDCVE-2012-5600 at SUSECVE-2012-5600 at NVDCVE-2012-5601 at SUSECVE-2012-5601 at NVDCVE-2012-5602 at SUSECVE-2012-5602 at NVDCVE-2013-1572 at SUSECVE-2013-1572 at NVDCVE-2013-1573 at SUSECVE-2013-1573 at NVDCVE-2013-1574 at SUSECVE-2013-1574 at NVDCVE-2013-1575 at SUSECVE-2013-1575 at NVDCVE-2013-1576 at SUSECVE-2013-1576 at NVDCVE-2013-1577 at SUSECVE-2013-1577 at NVDCVE-2013-1578 at SUSECVE-2013-1578 at NVDCVE-2013-1579 at SUSECVE-2013-1579 at NVDCVE-2013-1580 at SUSECVE-2013-1580 at NVDCVE-2013-1581 at SUSECVE-2013-1581 at NVDCVE-2013-1582 at SUSECVE-2013-1582 at NVDCVE-2013-1583 at SUSECVE-2013-1583 at NVDCVE-2013-1584 at SUSECVE-2013-1584 at NVDCVE-2013-1585 at SUSECVE-2013-1585 at NVDCVE-2013-1586 at SUSECVE-2013-1586 at NVDCVE-2013-1587 at SUSECVE-2013-1587 at NVDCVE-2013-1588 at SUSECVE-2013-1588 at NVDCVE-2013-1589 at SUSECVE-2013-1589 at NVDCVE-2013-1590 at SUSECVE-2013-1590 at NVDCVE-2013-2475 at SUSECVE-2013-2475 at NVDCVE-2013-2476 at SUSECVE-2013-2476 at NVDCVE-2013-2477 at SUSECVE-2013-2477 at NVDCVE-2013-2478 at SUSECVE-2013-2478 at NVDCVE-2013-2479 at SUSECVE-2013-2479 at NVDCVE-2013-2480 at SUSECVE-2013-2480 at NVDCVE-2013-2481 at SUSECVE-2013-2481 at NVDCVE-2013-2482 at SUSECVE-2013-2482 at NVDCVE-2013-2483 at SUSECVE-2013-2483 at NVDCVE-2013-2484 at SUSECVE-2013-2484 at NVDCVE-2013-2485 at SUSECVE-2013-2485 at NVDCVE-2013-2486 at SUSECVE-2013-2486 at NVDCVE-2013-2487 at SUSECVE-2013-2487 at NVDCVE-2013-2488 at SUSECVE-2013-2488 at NVDCVE-2013-4074 at SUSECVE-2013-4074 at NVDCVE-2013-4075 at SUSECVE-2013-4075 at NVDCVE-2013-4076 at SUSECVE-2013-4076 at NVDCVE-2013-4077 at SUSECVE-2013-4077 at NVDCVE-2013-4078 at SUSECVE-2013-4078 at NVDCVE-2013-4079 at SUSECVE-2013-4079 at NVDCVE-2013-4080 at SUSECVE-2013-4080 at NVDCVE-2013-4081 at SUSECVE-2013-4081 at NVDCVE-2013-4082 at SUSECVE-2013-4082 at NVDCVE-2013-4083 at SUSECVE-2013-4083 at NVDCVE-2013-4927 at SUSECVE-2013-4927 at NVDCVE-2013-4929 at SUSECVE-2013-4929 at NVDCVE-2013-4930 at SUSECVE-2013-4930 at NVDCVE-2013-4931 at SUSECVE-2013-4931 at NVDCVE-2013-4932 at SUSECVE-2013-4932 at NVDCVE-2013-4933 at SUSECVE-2013-4933 at NVDCVE-2013-4934 at SUSECVE-2013-4934 at NVDCVE-2013-4935 at SUSECVE-2013-4935 at NVDCVE-2013-5718 at SUSECVE-2013-5718 at NVDCVE-2013-5719 at SUSECVE-2013-5719 at NVDCVE-2013-5720 at SUSECVE-2013-5720 at NVDCVE-2013-5721 at SUSECVE-2013-5721 at NVDCVE-2013-5722 at SUSECVE-2013-5722 at NVDCVE-2013-6336 at SUSECVE-2013-6336 at NVDCVE-2013-6337 at SUSECVE-2013-6337 at NVDCVE-2013-6338 at SUSECVE-2013-6338 at NVDCVE-2013-6339 at SUSECVE-2013-6339 at NVDCVE-2013-6340 at SUSECVE-2013-6340 at NVDCVE-2013-7112 at SUSECVE-2013-7112 at NVDCVE-2013-7113 at SUSECVE-2013-7113 at NVDCVE-2013-7114 at SUSECVE-2013-7114 at NVDCVE-2014-2281 at SUSECVE-2014-2281 at NVDCVE-2014-2283 at SUSECVE-2014-2283 at NVDCVE-2014-2299 at SUSECVE-2014-2299 at NVDCVE-2014-5161 at SUSECVE-2014-5161 at NVDCVE-2014-5162 at SUSECVE-2014-5162 at NVDCVE-2014-5163 at SUSECVE-2014-5163 at NVDCVE-2014-5164 at SUSECVE-2014-5164 at NVDCVE-2014-5165 at SUSECVE-2014-5165 at NVDCVE-2014-6421 at SUSECVE-2014-6421 at NVDCVE-2014-6422 at SUSECVE-2014-6422 at NVDCVE-2014-6423 at SUSECVE-2014-6423 at NVDCVE-2014-6424 at SUSECVE-2014-6424 at NVDCVE-2014-6427 at SUSECVE-2014-6427 at NVDCVE-2014-6428 at SUSECVE-2014-6428 at NVDCVE-2014-6429 at SUSECVE-2014-6429 at NVDCVE-2014-6430 at SUSECVE-2014-6430 at NVDCVE-2014-6431 at SUSECVE-2014-6431 at NVDCVE-2014-6432 at SUSECVE-2014-6432 at NVDCVE-2014-8710 at SUSECVE-2014-8710 at NVDCVE-2014-8711 at SUSECVE-2014-8711 at NVDCVE-2014-8712 at SUSECVE-2014-8712 at NVDCVE-2014-8713 at SUSECVE-2014-8713 at NVDCVE-2014-8714 at SUSECVE-2014-8714 at NVDCVE-2015-0559 at SUSECVE-2015-0559 at NVDCVE-2015-0560 at SUSECVE-2015-0560 at NVDCVE-2015-0561 at SUSECVE-2015-0561 at NVDCVE-2015-0562 at SUSECVE-2015-0562 at NVDCVE-2015-0563 at SUSECVE-2015-0563 at NVDCVE-2015-0564 at SUSECVE-2015-0564 at NVDCVE-2015-2188 at SUSECVE-2015-2188 at NVDCVE-2015-2189 at SUSECVE-2015-2189 at NVDCVE-2015-2191 at SUSECVE-2015-2191 at NVDcpe:/o:suse:suse_sles:11:sp4wpa_supplicant-0.7.1-6.15.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the wpa_supplicant-0.7.1-6.15.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-3686 at SUSECVE-2014-3686 at NVDcpe:/o:suse:suse_sles:11:sp4x3270-3.3.12-517.12.34 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the x3270-3.3.12-517.12.34 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2012-5662 at SUSECVE-2012-5662 at NVDcpe:/o:suse:suse_sles:11:sp4xalan-j2-2.7.0-217.26.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the xalan-j2-2.7.0-217.26.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2014-0107 at SUSECVE-2014-0107 at NVDcpe:/o:suse:suse_sles:11:sp4xdg-utils-1.0.2-36.18 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the xdg-utils-1.0.2-36.18 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-0386 at SUSECVE-2008-0386 at NVDcpe:/o:suse:suse_sles:11:sp4xen-4.4.2_08-1.7 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the xen-4.4.2_08-1.7 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-1320 at SUSECVE-2007-1320 at NVDCVE-2007-1321 at SUSECVE-2007-1321 at NVDCVE-2007-1322 at SUSECVE-2007-1322 at NVDCVE-2007-1323 at SUSECVE-2007-1323 at NVDCVE-2007-1366 at SUSECVE-2007-1366 at NVDCVE-2007-3919 at SUSECVE-2007-3919 at NVDCVE-2011-1898 at SUSECVE-2011-1898 at NVDCVE-2012-0029 at SUSECVE-2012-0029 at NVDCVE-2012-0217 at SUSECVE-2012-0217 at NVDCVE-2012-2625 at SUSECVE-2012-2625 at NVDCVE-2012-3432 at SUSECVE-2012-3432 at NVDCVE-2012-3433 at SUSECVE-2012-3433 at NVDCVE-2012-3494 at SUSECVE-2012-3494 at NVDCVE-2012-3495 at SUSECVE-2012-3495 at NVDCVE-2012-3496 at SUSECVE-2012-3496 at NVDCVE-2012-3497 at SUSECVE-2012-3497 at NVDCVE-2012-3498 at SUSECVE-2012-3498 at NVDCVE-2012-3515 at SUSECVE-2012-3515 at NVDCVE-2012-4411 at SUSECVE-2012-4411 at NVDCVE-2012-4535 at SUSECVE-2012-4535 at NVDCVE-2012-4536 at SUSECVE-2012-4536 at NVDCVE-2012-4537 at SUSECVE-2012-4537 at NVDCVE-2012-4538 at SUSECVE-2012-4538 at NVDCVE-2012-4539 at SUSECVE-2012-4539 at NVDCVE-2012-4544 at SUSECVE-2012-4544 at NVDCVE-2012-5510 at SUSECVE-2012-5510 at NVDCVE-2012-5511 at SUSECVE-2012-5511 at NVDCVE-2012-5513 at SUSECVE-2012-5513 at NVDCVE-2012-5514 at SUSECVE-2012-5514 at NVDCVE-2012-5515 at SUSECVE-2012-5515 at NVDCVE-2012-5525 at SUSECVE-2012-5525 at NVDCVE-2012-5634 at SUSECVE-2012-5634 at NVDCVE-2012-6075 at SUSECVE-2012-6075 at NVDCVE-2013-0151 at SUSECVE-2013-0151 at NVDCVE-2013-0152 at SUSECVE-2013-0152 at NVDCVE-2013-0153 at SUSECVE-2013-0153 at NVDCVE-2013-1432 at SUSECVE-2013-1432 at NVDCVE-2013-1442 at SUSECVE-2013-1442 at NVDCVE-2013-1917 at SUSECVE-2013-1917 at NVDCVE-2013-1918 at SUSECVE-2013-1918 at NVDCVE-2013-1919 at SUSECVE-2013-1919 at NVDCVE-2013-1920 at SUSECVE-2013-1920 at NVDCVE-2013-1922 at SUSECVE-2013-1922 at NVDCVE-2013-1952 at SUSECVE-2013-1952 at NVDCVE-2013-2007 at SUSECVE-2013-2007 at NVDCVE-2013-2072 at SUSECVE-2013-2072 at NVDCVE-2013-2076 at SUSECVE-2013-2076 at NVDCVE-2013-2077 at SUSECVE-2013-2077 at NVDCVE-2013-2078 at SUSECVE-2013-2078 at NVDCVE-2013-2212 at SUSECVE-2013-2212 at NVDCVE-2013-4344 at SUSECVE-2013-4344 at NVDCVE-2013-4355 at SUSECVE-2013-4355 at NVDCVE-2013-4361 at SUSECVE-2013-4361 at NVDCVE-2013-4368 at SUSECVE-2013-4368 at NVDCVE-2013-4369 at SUSECVE-2013-4369 at NVDCVE-2013-4370 at SUSECVE-2013-4370 at NVDCVE-2013-4371 at SUSECVE-2013-4371 at NVDCVE-2013-4375 at SUSECVE-2013-4375 at NVDCVE-2013-4416 at SUSECVE-2013-4416 at NVDCVE-2013-4494 at SUSECVE-2013-4494 at NVDCVE-2013-4540 at SUSECVE-2013-4540 at NVDCVE-2013-4551 at SUSECVE-2013-4551 at NVDCVE-2013-4553 at SUSECVE-2013-4553 at NVDCVE-2013-4554 at SUSECVE-2013-4554 at NVDCVE-2013-6400 at SUSECVE-2013-6400 at NVDCVE-2013-6885 at SUSECVE-2013-6885 at NVDCVE-2014-1666 at SUSECVE-2014-1666 at NVDCVE-2014-2599 at SUSECVE-2014-2599 at NVDCVE-2014-3615 at SUSECVE-2014-3615 at NVDCVE-2014-3967 at SUSECVE-2014-3967 at NVDCVE-2014-3968 at SUSECVE-2014-3968 at NVDCVE-2014-4021 at SUSECVE-2014-4021 at NVDCVE-2014-7154 at SUSECVE-2014-7154 at NVDCVE-2014-7155 at SUSECVE-2014-7155 at NVDCVE-2014-7156 at SUSECVE-2014-7156 at NVDCVE-2014-7188 at SUSECVE-2014-7188 at NVDCVE-2014-8594 at SUSECVE-2014-8594 at NVDCVE-2014-8595 at SUSECVE-2014-8595 at NVDCVE-2014-8866 at SUSECVE-2014-8866 at NVDCVE-2014-8867 at SUSECVE-2014-8867 at NVDCVE-2014-9030 at SUSECVE-2014-9030 at NVDCVE-2014-9065 at SUSECVE-2014-9065 at NVDCVE-2014-9066 at SUSECVE-2014-9066 at NVDCVE-2015-0361 at SUSECVE-2015-0361 at NVDCVE-2015-2044 at SUSECVE-2015-2044 at NVDCVE-2015-2045 at SUSECVE-2015-2045 at NVDCVE-2015-2751 at SUSECVE-2015-2751 at NVDCVE-2015-2752 at SUSECVE-2015-2752 at NVDCVE-2015-2756 at SUSECVE-2015-2756 at NVDCVE-2015-3209 at SUSECVE-2015-3209 at NVDCVE-2015-3340 at SUSECVE-2015-3340 at NVDCVE-2015-3456 at SUSECVE-2015-3456 at NVDCVE-2015-4103 at SUSECVE-2015-4103 at NVDCVE-2015-4104 at SUSECVE-2015-4104 at NVDCVE-2015-4105 at SUSECVE-2015-4105 at NVDCVE-2015-4106 at SUSECVE-2015-4106 at NVDCVE-2015-4163 at SUSECVE-2015-4163 at NVDCVE-2015-4164 at SUSECVE-2015-4164 at NVDcpe:/o:suse:suse_sles:11:sp4xinetd-2.3.14-130.133.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the xinetd-2.3.14-130.133.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2012-0862 at SUSECVE-2012-0862 at NVDCVE-2013-4342 at SUSECVE-2013-4342 at NVDcpe:/o:suse:suse_sles:11:sp4xorg-x11-7.4-9.65.46 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the xorg-x11-7.4-9.65.46 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2007-4568 at SUSECVE-2007-4568 at NVDCVE-2011-0465 at SUSECVE-2011-0465 at NVDcpe:/o:suse:suse_sles:11:sp4xorg-x11-Xvnc-7.4-27.105.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the xorg-x11-Xvnc-7.4-27.105.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-6101 at SUSECVE-2006-6101 at NVDCVE-2006-6102 at SUSECVE-2006-6102 at NVDCVE-2006-6103 at SUSECVE-2006-6103 at NVDCVE-2007-1003 at SUSECVE-2007-1003 at NVDCVE-2007-5760 at SUSECVE-2007-5760 at NVDCVE-2007-6427 at SUSECVE-2007-6427 at NVDCVE-2007-6428 at SUSECVE-2007-6428 at NVDCVE-2007-6429 at SUSECVE-2007-6429 at NVDCVE-2008-0006 at SUSECVE-2008-0006 at NVDCVE-2008-1377 at SUSECVE-2008-1377 at NVDCVE-2008-1379 at SUSECVE-2008-1379 at NVDCVE-2008-2360 at SUSECVE-2008-2360 at NVDCVE-2008-2361 at SUSECVE-2008-2361 at NVDCVE-2008-2362 at SUSECVE-2008-2362 at NVDCVE-2010-2240 at SUSECVE-2010-2240 at NVDCVE-2010-4818 at SUSECVE-2010-4818 at NVDCVE-2010-4819 at SUSECVE-2010-4819 at NVDCVE-2011-4028 at SUSECVE-2011-4028 at NVDCVE-2011-4029 at SUSECVE-2011-4029 at NVDCVE-2013-1940 at SUSECVE-2013-1940 at NVDCVE-2013-4396 at SUSECVE-2013-4396 at NVDCVE-2013-6424 at SUSECVE-2013-6424 at NVDCVE-2014-8091 at SUSECVE-2014-8091 at NVDCVE-2014-8092 at SUSECVE-2014-8092 at NVDCVE-2014-8093 at SUSECVE-2014-8093 at NVDCVE-2014-8094 at SUSECVE-2014-8094 at NVDCVE-2014-8095 at SUSECVE-2014-8095 at NVDCVE-2014-8096 at SUSECVE-2014-8096 at NVDCVE-2014-8097 at SUSECVE-2014-8097 at NVDCVE-2014-8098 at SUSECVE-2014-8098 at NVDCVE-2014-8099 at SUSECVE-2014-8099 at NVDCVE-2014-8100 at SUSECVE-2014-8100 at NVDCVE-2014-8101 at SUSECVE-2014-8101 at NVDCVE-2014-8102 at SUSECVE-2014-8102 at NVDCVE-2015-0255 at SUSECVE-2015-0255 at NVDCVE-2015-3418 at SUSECVE-2015-3418 at NVDcpe:/o:suse:suse_sles:11:sp4xorg-x11-libX11-32bit-7.4-5.11.11.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the xorg-x11-libX11-32bit-7.4-5.11.11.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-1981 at SUSECVE-2013-1981 at NVDCVE-2013-1997 at SUSECVE-2013-1997 at NVDCVE-2013-2004 at SUSECVE-2013-2004 at NVDcpe:/o:suse:suse_sles:11:sp4xorg-x11-libXext-32bit-7.4-1.18.16 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the xorg-x11-libXext-32bit-7.4-1.18.16 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-1982 at SUSECVE-2013-1982 at NVDcpe:/o:suse:suse_sles:11:sp4xorg-x11-libXfixes-32bit-7.4-1.16.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the xorg-x11-libXfixes-32bit-7.4-1.16.2 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-1983 at SUSECVE-2013-1983 at NVDcpe:/o:suse:suse_sles:11:sp4xorg-x11-libXp-32bit-7.4-1.18.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the xorg-x11-libXp-32bit-7.4-1.18.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-2062 at SUSECVE-2013-2062 at NVDcpe:/o:suse:suse_sles:11:sp4xorg-x11-libXrender-32bit-7.4-1.16.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the xorg-x11-libXrender-32bit-7.4-1.16.2 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-1987 at SUSECVE-2013-1987 at NVDcpe:/o:suse:suse_sles:11:sp4xorg-x11-libXt-32bit-7.4-1.19.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the xorg-x11-libXt-32bit-7.4-1.19.2 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-2002 at SUSECVE-2013-2002 at NVDCVE-2013-2005 at SUSECVE-2013-2005 at NVDcpe:/o:suse:suse_sles:11:sp4xorg-x11-libXv-32bit-7.4-1.16.2 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the xorg-x11-libXv-32bit-7.4-1.16.2 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-1989 at SUSECVE-2013-1989 at NVDCVE-2013-2066 at SUSECVE-2013-2066 at NVDcpe:/o:suse:suse_sles:11:sp4xorg-x11-libs-32bit-7.4-8.26.44.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the xorg-x11-libs-32bit-7.4-8.26.44.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-2895 at SUSECVE-2011-2895 at NVDCVE-2013-1984 at SUSECVE-2013-1984 at NVDCVE-2013-1985 at SUSECVE-2013-1985 at NVDCVE-2013-1986 at SUSECVE-2013-1986 at NVDCVE-2013-1988 at SUSECVE-2013-1988 at NVDCVE-2013-1990 at SUSECVE-2013-1990 at NVDCVE-2013-1991 at SUSECVE-2013-1991 at NVDCVE-2013-1992 at SUSECVE-2013-1992 at NVDCVE-2013-1995 at SUSECVE-2013-1995 at NVDCVE-2013-1996 at SUSECVE-2013-1996 at NVDCVE-2013-1998 at SUSECVE-2013-1998 at NVDCVE-2013-1999 at SUSECVE-2013-1999 at NVDCVE-2013-2000 at SUSECVE-2013-2000 at NVDCVE-2013-2001 at SUSECVE-2013-2001 at NVDCVE-2013-2003 at SUSECVE-2013-2003 at NVDCVE-2013-2063 at SUSECVE-2013-2063 at NVDCVE-2013-6462 at SUSECVE-2013-6462 at NVDCVE-2014-0209 at SUSECVE-2014-0209 at NVDCVE-2014-0210 at SUSECVE-2014-0210 at NVDCVE-2014-0211 at SUSECVE-2014-0211 at NVDCVE-2015-1802 at SUSECVE-2015-1802 at NVDCVE-2015-1803 at SUSECVE-2015-1803 at NVDCVE-2015-1804 at SUSECVE-2015-1804 at NVDcpe:/o:suse:suse_sles:11:sp4xorg-x11-libxcb-32bit-7.4-1.29.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the xorg-x11-libxcb-32bit-7.4-1.29.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2013-2064 at SUSECVE-2013-2064 at NVDcpe:/o:suse:suse_sles:11:sp4xorg-x11-server-dmx-7.3.99-17.11.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the xorg-x11-server-dmx-7.3.99-17.11.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2010-2240 at SUSECVE-2010-2240 at NVDCVE-2011-4028 at SUSECVE-2011-4028 at NVDCVE-2011-4029 at SUSECVE-2011-4029 at NVDcpe:/o:suse:suse_sles:11:sp4xterm-238-1.16 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the xterm-238-1.16 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-2383 at SUSECVE-2008-2383 at NVDcpe:/o:suse:suse_sles:11:sp4yast2-2.17.140-1.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the yast2-2.17.140-1.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2011-3177 at SUSECVE-2011-3177 at NVDcpe:/o:suse:suse_sles:11:sp4yast2-core-2.17.46-0.5.1 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the yast2-core-2.17.46-0.5.1 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2008-4311 at SUSECVE-2008-4311 at NVDCVE-2011-2483 at SUSECVE-2011-2483 at NVDCVE-2011-3177 at SUSECVE-2011-3177 at NVDcpe:/o:suse:suse_sles:11:sp4zoo-2.10-911.22 on GA media (Moderate)SUSE Linux Enterprise Server 11 SP4
These are all security issues fixed in the zoo-2.10-911.22 package on the GA media of SUSE Linux Enterprise Server 11 SP4. ModerateCVE-2006-0855 at SUSECVE-2006-0855 at NVDCVE-2007-1669 at SUSECVE-2007-1669 at NVDcpe:/o:suse:suse_sles:11:sp4curl-openssl1-7.19.7-1.51.1 on GA media (Moderate)SUSE Linux Enterprise Server 11-SECURITY
These are all security issues fixed in the curl-openssl1-7.19.7-1.51.1 package on the GA media of SUSE Linux Enterprise Server 11-SECURITY. ModerateCVE-2009-0037 at SUSECVE-2009-0037 at NVDCVE-2009-2417 at SUSECVE-2009-2417 at NVDCVE-2010-4180 at SUSECVE-2010-4180 at NVDCVE-2011-2192 at SUSECVE-2011-2192 at NVDCVE-2011-3389 at SUSECVE-2011-3389 at NVDCVE-2013-1944 at SUSECVE-2013-1944 at NVDCVE-2013-2174 at SUSECVE-2013-2174 at NVDCVE-2013-4545 at SUSECVE-2013-4545 at NVDCVE-2014-0015 at SUSECVE-2014-0015 at NVDCVE-2014-0138 at SUSECVE-2014-0138 at NVDCVE-2014-0139 at SUSECVE-2014-0139 at NVDCVE-2014-3613 at SUSECVE-2014-3613 at NVDCVE-2014-3707 at SUSECVE-2014-3707 at NVDCVE-2014-8150 at SUSECVE-2014-8150 at NVDCVE-2015-3143 at SUSECVE-2015-3143 at NVDCVE-2015-3148 at SUSECVE-2015-3148 at NVDCVE-2015-3153 at SUSECVE-2015-3153 at NVDCVE-2016-0755 at SUSECVE-2016-0755 at NVDcpe:/o:suse:sles:11:securitylibcurl4-openssl1-32bit-7.19.7-0.38.1 on GA media (Moderate)SUSE Linux Enterprise Server 11-SECURITY
These are all security issues fixed in the libcurl4-openssl1-32bit-7.19.7-0.38.1 package on the GA media of SUSE Linux Enterprise Server 11-SECURITY. ModerateCVE-2009-0037 at SUSECVE-2009-0037 at NVDCVE-2009-2417 at SUSECVE-2009-2417 at NVDCVE-2010-4180 at SUSECVE-2010-4180 at NVDCVE-2011-2192 at SUSECVE-2011-2192 at NVDCVE-2011-3389 at SUSECVE-2011-3389 at NVDCVE-2013-1944 at SUSECVE-2013-1944 at NVDCVE-2013-2174 at SUSECVE-2013-2174 at NVDCVE-2013-4545 at SUSECVE-2013-4545 at NVDCVE-2014-0015 at SUSECVE-2014-0015 at NVDCVE-2014-0138 at SUSECVE-2014-0138 at NVDCVE-2014-0139 at SUSECVE-2014-0139 at NVDcpe:/o:suse:sles:11:securitylibldap-openssl1-2_4-2-2.4.26-0.28.8 on GA media (Moderate)SUSE Linux Enterprise Server 11-SECURITY
These are all security issues fixed in the libldap-openssl1-2_4-2-2.4.26-0.28.8 package on the GA media of SUSE Linux Enterprise Server 11-SECURITY. ModerateCVE-2012-1164 at SUSECVE-2012-1164 at NVDcpe:/o:suse:sles:11:securitylibopenssl1-devel-1.0.1g-0.12.1 on GA media (Moderate)SUSE Linux Enterprise Server 11-SECURITY
These are all security issues fixed in the libopenssl1-devel-1.0.1g-0.12.1 package on the GA media of SUSE Linux Enterprise Server 11-SECURITY. ModerateCVE-2006-2937 at SUSECVE-2006-2937 at NVDCVE-2006-2940 at SUSECVE-2006-2940 at NVDCVE-2006-3738 at SUSECVE-2006-3738 at NVDCVE-2006-4339 at SUSECVE-2006-4339 at NVDCVE-2006-4343 at SUSECVE-2006-4343 at NVDCVE-2006-7250 at SUSECVE-2006-7250 at NVDCVE-2007-3108 at SUSECVE-2007-3108 at NVDCVE-2007-4995 at SUSECVE-2007-4995 at NVDCVE-2007-5135 at SUSECVE-2007-5135 at NVDCVE-2008-0891 at SUSECVE-2008-0891 at NVDCVE-2008-1672 at SUSECVE-2008-1672 at NVDCVE-2008-5077 at SUSECVE-2008-5077 at NVDCVE-2009-0590 at SUSECVE-2009-0590 at NVDCVE-2009-0591 at SUSECVE-2009-0591 at NVDCVE-2009-0789 at SUSECVE-2009-0789 at NVDCVE-2009-1377 at SUSECVE-2009-1377 at NVDCVE-2009-1378 at SUSECVE-2009-1378 at NVDCVE-2009-1379 at SUSECVE-2009-1379 at NVDCVE-2009-1386 at SUSECVE-2009-1386 at NVDCVE-2009-1387 at SUSECVE-2009-1387 at NVDCVE-2010-0740 at SUSECVE-2010-0740 at NVDCVE-2010-0742 at SUSECVE-2010-0742 at NVDCVE-2010-1633 at SUSECVE-2010-1633 at NVDCVE-2010-2939 at SUSECVE-2010-2939 at NVDCVE-2010-3864 at SUSECVE-2010-3864 at NVDCVE-2010-5298 at SUSECVE-2010-5298 at NVDCVE-2011-0014 at SUSECVE-2011-0014 at NVDCVE-2011-3207 at SUSECVE-2011-3207 at NVDCVE-2011-3210 at SUSECVE-2011-3210 at NVDCVE-2011-4108 at SUSECVE-2011-4108 at NVDCVE-2011-4576 at SUSECVE-2011-4576 at NVDCVE-2011-4577 at SUSECVE-2011-4577 at NVDCVE-2011-4619 at SUSECVE-2011-4619 at NVDCVE-2012-0027 at SUSECVE-2012-0027 at NVDCVE-2012-0050 at SUSECVE-2012-0050 at NVDCVE-2012-0884 at SUSECVE-2012-0884 at NVDCVE-2012-1165 at SUSECVE-2012-1165 at NVDCVE-2012-2110 at SUSECVE-2012-2110 at NVDCVE-2012-2686 at SUSECVE-2012-2686 at NVDCVE-2012-4929 at SUSECVE-2012-4929 at NVDCVE-2013-0166 at SUSECVE-2013-0166 at NVDCVE-2013-0169 at SUSECVE-2013-0169 at NVDCVE-2013-4353 at SUSECVE-2013-4353 at NVDCVE-2013-6449 at SUSECVE-2013-6449 at NVDCVE-2013-6450 at SUSECVE-2013-6450 at NVDCVE-2014-0076 at SUSECVE-2014-0076 at NVDCVE-2014-0160 at SUSECVE-2014-0160 at NVDcpe:/o:suse:sles:11:securitylibslp1-openssl1-1.2.0-172.26.1 on GA media (Moderate)SUSE Linux Enterprise Server 11-SECURITY
These are all security issues fixed in the libslp1-openssl1-1.2.0-172.26.1 package on the GA media of SUSE Linux Enterprise Server 11-SECURITY. ModerateCVE-2010-3609 at SUSECVE-2010-3609 at NVDCVE-2012-4428 at SUSECVE-2012-4428 at NVDcpe:/o:suse:sles:11:securitylibsnmp15-openssl1-32bit-5.4.2.1-8.12.31.1 on GA media (Moderate)SUSE Linux Enterprise Server 11-SECURITY
These are all security issues fixed in the libsnmp15-openssl1-32bit-5.4.2.1-8.12.31.1 package on the GA media of SUSE Linux Enterprise Server 11-SECURITY. ModerateCVE-2008-4309 at SUSECVE-2008-4309 at NVDCVE-2008-6123 at SUSECVE-2008-6123 at NVDCVE-2012-2141 at SUSECVE-2012-2141 at NVDCVE-2014-2284 at SUSECVE-2014-2284 at NVDCVE-2014-2285 at SUSECVE-2014-2285 at NVDCVE-2014-2310 at SUSECVE-2014-2310 at NVDCVE-2014-3565 at SUSECVE-2014-3565 at NVDCVE-2015-5621 at SUSECVE-2015-5621 at NVDcpe:/o:suse:sles:11:securitymailx-openssl1-12.5-1.11.2 on GA media (Moderate)SUSE Linux Enterprise Server 11-SECURITY
These are all security issues fixed in the mailx-openssl1-12.5-1.11.2 package on the GA media of SUSE Linux Enterprise Server 11-SECURITY. ModerateCVE-2004-2771 at SUSECVE-2004-2771 at NVDCVE-2014-7844 at SUSECVE-2014-7844 at NVDcpe:/o:suse:sles:11:securityopenssh-openssl1-6.6p1-10.1 on GA media (Moderate)SUSE Linux Enterprise Server 11-SECURITY
These are all security issues fixed in the openssh-openssl1-6.6p1-10.1 package on the GA media of SUSE Linux Enterprise Server 11-SECURITY. ModerateCVE-2006-0225 at SUSECVE-2006-0225 at NVDCVE-2007-4752 at SUSECVE-2007-4752 at NVDCVE-2008-1483 at SUSECVE-2008-1483 at NVDCVE-2010-5107 at SUSECVE-2010-5107 at NVDCVE-2011-5000 at SUSECVE-2011-5000 at NVDCVE-2012-0814 at SUSECVE-2012-0814 at NVDCVE-2014-2532 at SUSECVE-2014-2532 at NVDCVE-2014-2653 at SUSECVE-2014-2653 at NVDCVE-2015-5352 at SUSECVE-2015-5352 at NVDCVE-2015-5600 at SUSECVE-2015-5600 at NVDCVE-2015-6563 at SUSECVE-2015-6563 at NVDCVE-2015-6564 at SUSECVE-2015-6564 at NVDCVE-2016-0777 at SUSECVE-2016-0777 at NVDCVE-2016-0778 at SUSECVE-2016-0778 at NVDcpe:/o:suse:sles:11:securityopenvpn-openssl1-2.3.2-0.10.3.1 on GA media (Moderate)SUSE Linux Enterprise Server 11-SECURITY
These are all security issues fixed in the openvpn-openssl1-2.3.2-0.10.3.1 package on the GA media of SUSE Linux Enterprise Server 11-SECURITY. ModerateCVE-2006-4339 at SUSECVE-2006-4339 at NVDCVE-2013-2061 at SUSECVE-2013-2061 at NVDCVE-2014-8104 at SUSECVE-2014-8104 at NVDCVE-2017-12166 at SUSECVE-2017-12166 at NVDCVE-2017-7478 at SUSECVE-2017-7478 at NVDCVE-2017-7479 at SUSECVE-2017-7479 at NVDCVE-2017-7508 at SUSECVE-2017-7508 at NVDCVE-2017-7520 at SUSECVE-2017-7520 at NVDCVE-2017-7521 at SUSECVE-2017-7521 at NVDcpe:/o:suse:sles:11:securitysblim-sfcb-openssl1-1.3.11-0.28.1 on GA media (Moderate)SUSE Linux Enterprise Server 11-SECURITY
These are all security issues fixed in the sblim-sfcb-openssl1-1.3.11-0.28.1 package on the GA media of SUSE Linux Enterprise Server 11-SECURITY. ModerateCVE-2012-3381 at SUSECVE-2012-3381 at NVDCVE-2015-5185 at SUSECVE-2015-5185 at NVDcpe:/o:suse:sles:11:securitystunnel-openssl1-4.54-0.11.1 on GA media (Moderate)SUSE Linux Enterprise Server 11-SECURITY
These are all security issues fixed in the stunnel-openssl1-4.54-0.11.1 package on the GA media of SUSE Linux Enterprise Server 11-SECURITY. ModerateCVE-2013-1762 at SUSECVE-2013-1762 at NVDCVE-2014-0016 at SUSECVE-2014-0016 at NVDcpe:/o:suse:sles:11:securityvsftpd-openssl1-2.0.7-4.43.1 on GA media (Moderate)SUSE Linux Enterprise Server 11-SECURITY
These are all security issues fixed in the vsftpd-openssl1-2.0.7-4.43.1 package on the GA media of SUSE Linux Enterprise Server 11-SECURITY. ModerateCVE-2015-1419 at SUSECVE-2015-1419 at NVDcpe:/o:suse:sles:11:securitywget-openssl1-1.11.4-1.22.1 on GA media (Moderate)SUSE Linux Enterprise Server 11-SECURITY
These are all security issues fixed in the wget-openssl1-1.11.4-1.22.1 package on the GA media of SUSE Linux Enterprise Server 11-SECURITY. ModerateCVE-2006-6719 at SUSECVE-2006-6719 at NVDCVE-2014-4877 at SUSECVE-2014-4877 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for openssl1 fixes the following issues:
- CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints (bsc#1209624).
ModerateSUSE bug 1209624CVE-2023-0464 at SUSECVE-2023-0464 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for openssl fixes the following issues:
- CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints (bsc#1209624).
ModerateSUSE bug 1209624CVE-2023-0464 at SUSECVE-2023-0464 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for openssl1 fixes the following issues:
- CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored (bsc#1209878).
- CVE-2023-0466: Certificate policy check were not enabled (bsc#1209873).
ModerateSUSE bug 1209873SUSE bug 1209878CVE-2023-0465 at SUSECVE-2023-0465 at NVDCVE-2023-0466 at SUSECVE-2023-0466 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for openssl fixes the following issues:
- CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored (bsc#1209878).
ModerateSUSE bug 1209878CVE-2023-0465 at SUSECVE-2023-0465 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for openssl fixes the following issues:
- CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers (bsc#1211430).
- Update further expiring certificates that affect test cases (bsc#1201627).
ImportantSUSE bug 1201627SUSE bug 1211430CVE-2023-2650 at SUSECVE-2023-2650 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for openssl1 fixes the following issues:
- CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers (bsc#1211430).
- Update further expiring certificates that affect tests (bsc#1201627)
ImportantSUSE bug 1201627SUSE bug 1211430CVE-2023-2650 at SUSECVE-2023-2650 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 LTSS EXTREME CORE kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210647).
- CVE-2023-32269: Fixed a use-after-free in af_netrom.c, related to the fact that accept() was also allowed for a successfully connected AF_NETROM socket (bsc#1211186).
- CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
- CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).
- CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet driver. A local user could use this flaw to crash the system or potentially escalate their privileges on the system (bsc#1209871).
- CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).
- CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291).
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2018-9517: Fixed possible memory corruption due to a use after free in pppol2tp_connect (bsc#1108488).
- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).
- CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051).
- CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036).
- CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results) (bsc#1207125).
- CVE-2022-3567: Fixed a to race condition in inet6_stream_ops()/inet6_dgram_ops() (bsc#1204414).
The following non-security bugs were fixed:
- Do not sign the vanilla kernel (bsc#1209008).
- do not fallthrough in cbq_classify and stop on TC_ACT_SHOT
ImportantSUSE bug 1108488SUSE bug 1204414SUSE bug 1207036SUSE bug 1207051SUSE bug 1207125SUSE bug 1207795SUSE bug 1208837SUSE bug 1209008SUSE bug 1209256SUSE bug 1209291SUSE bug 1209532SUSE bug 1209871SUSE bug 1210336SUSE bug 1210647SUSE bug 1211186CVE-2017-5753 at SUSECVE-2017-5753 at NVDCVE-2018-9517 at SUSECVE-2018-9517 at NVDCVE-2022-3567 at SUSECVE-2022-3567 at NVDCVE-2023-0590 at SUSECVE-2023-0590 at NVDCVE-2023-1118 at SUSECVE-2023-1118 at NVDCVE-2023-1513 at SUSECVE-2023-1513 at NVDCVE-2023-1670 at SUSECVE-2023-1670 at NVDCVE-2023-1989 at SUSECVE-2023-1989 at NVDCVE-2023-2162 at SUSECVE-2023-2162 at NVDCVE-2023-23454 at SUSECVE-2023-23454 at NVDCVE-2023-23455 at SUSECVE-2023-23455 at NVDCVE-2023-23559 at SUSECVE-2023-23559 at NVDCVE-2023-28328 at SUSECVE-2023-28328 at NVDCVE-2023-32269 at SUSECVE-2023-32269 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for openssl1 fixes the following issues:
- CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption.
The previous fix for this timing side channel turned out to cause a
severe 2-3x performance regression in the typical use case (bsc#1207534).
ModerateSUSE bug 1207534CVE-2022-4304 at SUSECVE-2022-4304 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for openssl fixes the following issues:
- CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption.
The previous fix for this timing side channel turned out to cause a
severe 2-3x performance regression in the typical use case (bsc#1207534).
ModerateSUSE bug 1207534CVE-2022-4304 at SUSECVE-2022-4304 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for openssl1 fixes the following issues:
- CVE-2023-3446: Fixed DH_check() excessive time with over sized modulus (bsc#1213487).
ModerateSUSE bug 1213487CVE-2023-3446 at SUSECVE-2023-3446 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for openssl fixes the following issues:
- CVE-2023-3446: Fixed DH_check() excessive time with over sized modulus (bsc#1213487).
ModerateSUSE bug 1213487CVE-2023-3446 at SUSECVE-2023-3446 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for openssl1 fixes the following issues:
- CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address (bsc#1207533).
- CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF() (bsc#1207536).
- CVE-2022-4304: Fixed timing Oracle in RSA Decryption (bsc#1207534).
ImportantSUSE bug 1207533SUSE bug 1207534SUSE bug 1207536CVE-2022-4304 at SUSECVE-2022-4304 at NVDCVE-2023-0215 at SUSECVE-2023-0215 at NVDCVE-2023-0286 at SUSECVE-2023-0286 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-3268: Fixed an out of bounds memory access flaw in relay_file_read_start_pos in the relayfs (bsc#1212502).
- CVE-2023-3776: Fixed improper refcount update in cls_fw leads to use-after-free (bsc#1213588).
- CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' (bsc#1206418).
- CVE-2023-3567: Fixed a use-after-free in vcs_read in drivers/tty/vt/vc_screen.c (bsc#1213167).
- CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec (bsc#1211738).
- CVE-2023-20593: Fixed a ZenBleed issue in 'Zen 2' CPUs that could allow an attacker to potentially access sensitive information (bsc#1213286).
- CVE-2018-3639: Fixed Speculative Store Bypass aka 'Memory Disambiguation' (bsc#1087082).
- CVE-2017-18344: Fixed an OOB access led by an invalid check in timer_create. (bsc#1102851).
- CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur if there is a disconnect after an open, because of the lack of a wait_event (bsc#1205803).
- CVE-2023-35824: Fixed a use-after-free in dm1105_remove in drivers/media/pci/dm1105/dm1105.c (bsc#1212501).
- CVE-2023-3161: Fixed shift-out-of-bounds in fbcon_set_font() (bsc#1212154).
- CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/memstick/host/r592.c, that allowed local attackers to crash the system at device disconnect (bsc#1212129).
- CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212128).
The following non-security bugs were fixed:
- fbcon: Check font dimension limits (CVE-2023-3161 bsc#1212154).
- firewire: fix potential uaf in outbound_phy_packet_callback() (CVE-2023-3159 bsc#1212128).
- kABI: restore _copy_from_user on x86_64 and copy_to_user on x86 (bsc#1211738 CVE-2023-0459).
- media: dm1105: Fix use after free bug in dm1105_remove due to race condition (bsc#1212501 CVE-2023-35824).
- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (CVE-2022-45919 bsc#1205803).
- memstick: r592: Fix UAF bug in r592_remove due to race condition (CVE-2023-3141 bsc#1212129 bsc#1211449).
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free (CVE-2023-3776 bsc#1213588).
- pkt_sched: fix error return code in fw_change_attrs() (bsc#1213588).
- pkt_sched: fix error return code in fw_change_attrs() (bsc#1213588).
- posix-timer: Properly check sigevent->sigev_notify (CVE-2017-18344, bsc#1102851, bsc#1208715).
- relayfs: fix out-of-bounds access in relay_file_read (bsc#1212502 CVE-2023-3268).
- uaccess: Add speculation barrier to copy_from_user() (bsc#1211738 CVE-2023-0459).
- vc_screen: don't clobber return value in vcs_read (bsc#1213167 CVE-2023-3567).
- vc_screen: modify vcs_size() handling in vcs_read() (bsc#1213167 CVE-2023-3567).
- vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF (bsc#1213167 CVE-2023-3567).
- x86: Unify copy_from_user() size checking (bsc#1211738 CVE-2023-0459).
- x86/copy_user: Unify the code by removing the 64-bit asm _copy_*_user() variants (bsc#1211738 CVE-2023-0459).
- x86/cpu/amd: Add a Zenbleed fix (bsc#1213286, CVE-2023-20593).
- x86/speculation: Add Gather Data Sampling mitigation (bsc#1206418, CVE-2022-40982).
ImportantSUSE bug 1087082SUSE bug 1102851SUSE bug 1205803SUSE bug 1206418SUSE bug 1211738SUSE bug 1212128SUSE bug 1212129SUSE bug 1212154SUSE bug 1212501SUSE bug 1212502SUSE bug 1213167SUSE bug 1213286SUSE bug 1213588CVE-2017-18344 at SUSECVE-2017-18344 at NVDCVE-2018-3639 at SUSECVE-2018-3639 at NVDCVE-2022-40982 at SUSECVE-2022-40982 at NVDCVE-2022-45919 at SUSECVE-2022-45919 at NVDCVE-2023-0459 at SUSECVE-2023-0459 at NVDCVE-2023-20593 at SUSECVE-2023-20593 at NVDCVE-2023-3141 at SUSECVE-2023-3141 at NVDCVE-2023-3159 at SUSECVE-2023-3159 at NVDCVE-2023-3161 at SUSECVE-2023-3161 at NVDCVE-2023-3268 at SUSECVE-2023-3268 at NVDCVE-2023-3567 at SUSECVE-2023-3567 at NVDCVE-2023-35824 at SUSECVE-2023-35824 at NVDCVE-2023-3776 at SUSECVE-2023-3776 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity() that could cause memory corruption (bsc#1208600).
- CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler which could be exploited to achieve local privilege escalation (bsc#1215115).
- CVE-2023-1192: Fixed use-after-free in cifs_demultiplex_thread() (bsc#1208995).
- CVE-2023-20588: Fixed a potential data leak that could be triggered through a side channel when division by zero occurred on some AMD processors (bsc#1213927).
- CVE-2023-4459: Fixed a NULL pointer dereference flaw in the vmxnet3 driver that may have allowed a local attacker with user privileges to cause a denial of service (bsc#1214451).
- CVE-2023-3772: Fixed a flaw in the XFRM subsystem that may have allowed a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer leading to denial of service (bsc#1213666).
- CVE-2023-2007: Removed the dpt_i2o driver due to security issues (bsc#1210448, jsc#PED-4579).
- CVE-2023-4385: Fixed a NULL pointer dereference flaw in dbFree that may have allowed a local attacker to crash the system due to a missing sanity check (bsc#1214348).
ImportantSUSE bug 1208600SUSE bug 1208995SUSE bug 1210448SUSE bug 1213666SUSE bug 1213927SUSE bug 1214348SUSE bug 1214451SUSE bug 1215115CVE-2023-1077 at SUSECVE-2023-1077 at NVDCVE-2023-1192 at SUSECVE-2023-1192 at NVDCVE-2023-2007 at SUSECVE-2023-2007 at NVDCVE-2023-20588 at SUSECVE-2023-20588 at NVDCVE-2023-3772 at SUSECVE-2023-3772 at NVDCVE-2023-4385 at SUSECVE-2023-4385 at NVDCVE-2023-4459 at SUSECVE-2023-4459 at NVDCVE-2023-4623 at SUSECVE-2023-4623 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-13695: Fixed fix acpi operand cache leak in nseval.c (bsc#1055710).
- CVE-2018-7755: Fixed bypass of kernel security protections such as KASLR using fd_locked_ioctl function in drivers/block/floppy.c (bnc#1084513).
- CVE-2019-3837: Fixed memory leak due to thread-unsafe implementation of the net_dma code in tcp_recvmsg() (bnc#1131430).
- CVE-2019-3900: Fixed infinite loop while receiving packets in vhost_net (bnc#1133374).
- CVE-2020-15393: Fixed memory leak in usbtest_disconnect in drivers/usb/misc/usbtest.c (bnc#1173514).
- CVE-2020-16119: Fixed use-after-free exploitable by a local attacker due to reuse of a DCCP socket (bnc#1177471).
- CVE-2020-36557: Fixed race condition in the VT_DISALLOCATE ioctl and closing/opening of ttys which could lead to a use-after-free (bnc#1201429).
- CVE-2020-36558: Fixed race condition in VT_RESIZEX (bsc#1200910).
- CVE-2021-26341: Fixed vulnerablity where some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage (bnc#1201050).
- CVE-2021-33655: When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds (bnc#1201635).
- CVE-2021-33656: Fixed memory out of bounds write when setting font with malicous data by ioctl cmd PIO_FONT (bnc#1201636).
- CVE-2021-34981: Fixed file refcounter in bluetooth cmtp when cmtp_attach_device fails (bsc#1191961).
- CVE-2021-39713: Fixed race condition in the network scheduling subsystem which could lead to a use-after-free (bsc#1196973).
- CVE-2021-45868: Fixed use-after-free in fs/quota/quota_tree.c (bnc#1197366).
- CVE-2022-1011: Fixed UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes (bsc#1197343).
- CVE-2022-1048: Fixed potential AB/BA lock with buffer_mutex and mmap_lock (bsc#1197331).
- CVE-2022-1353: Fixed denial of service in the pfkey_register function in net/key/af_key.c (bnc#1198516).
- CVE-2022-1462: Fixed out-of-bounds read in the TeleTYpe subsystem allowing local user to crash the system or read unauthorized random data from memory (bnc#1198829).
- CVE-2022-1652: Fixed use after free in floppy (bsc#1199063).
- CVE-2022-1679: Fixed use-after-free in the atheros wireless adapter driver (bnc#1199487).
- CVE-2022-20132: Fixed out of bounds read in lg_probe and related functions of hid-lg.c and other USB HID files (bnc#1200619).
- CVE-2022-20166: Fixed out of bounds write due to a heap buffer overflow which could lead to local escalation of privilege with System execution privileges needed (bnc#1200598).
- CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg() (bnc#1202346).
- CVE-2022-20369: Fixed out of bounds write due to improper input validation in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347).
- CVE-2022-21166, CVE-2022-21127, CVE-2022-21123, CVE-2022-21125, CVE-2022-21180: Fixed stale MMIO data transient information leaks (INTEL-TA-00615) (bnc#1199650).
- CVE-2022-21385: Fixed warn in rds_message_alloc_sgs (bnc#1202897).
- CVE-2022-21499: Fixed issue where it was trivial to break out of lockdown using kgdb (bsc#1199426).
- CVE-2022-2318: Fixed use-after-free caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges (bnc#1201251).
- CVE-2022-2663: Fixed possible firewall bypass when users are using unencrypted IRC due to message handling confusion in nf_conntrack_irc (bnc#1202097).
- CVE-2022-28356: Fixed refcount leak bug in net/llc/af_llc.c (bnc#1197391).
- CVE-2022-29900: Fixed mis-trained branch predictions for return instructions that may have allowed arbitrary speculative code execution under certain microarchitecture-dependent conditions (bnc#1199657).
- CVE-2022-29901: Fixed vulnerability where an attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions (bnc#1199657).
- CVE-2022-3028: Fixed a race condition in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously (bnc#1202898).
- CVE-2022-3303: Fixed race condition in the sound subsystem due to improper locking (bnc#1203769).
- CVE-2022-33981: Fixed denial of service in drivers/block/floppy.c (bnc#1200692).
- CVE-2022-3424: Fixed use-after-free in gru_set_context_option leading to kernel panic (bnc#1204166).
- CVE-2022-3524: Fixed memory leak in ipv6_renew_options of the component IPv6 Handler (bnc#1204354).
- CVE-2022-3565: Fixed use-after-free in del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth (bnc#1204431).
- CVE-2022-3566: Fixed race condition in the TCP Handler (bnc#1204405).
- CVE-2022-3586: Fixed use-after-free in the sch_sfb enqueue function (bnc#1204439).
- CVE-2022-3621: Fixed null pointer dereference in fs/nilfs2/inode.c of the component nilfs2 (bnc#1204574).
- CVE-2022-3635: Fixed use-after-free in IPsec (bnc#1204631).
- CVE-2022-3646: Fixed memory leak in nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF (bnc#1204646).
- CVE-2022-3649: Fixed use-after-free in nilfs_new_inode of the file fs/nilfs2/inode.c (bnc#1204647).
- CVE-2022-36879: Fixed double refcount drop in xfrm_expand_policies in net/xfrm/xfrm_policy.c (bnc#1201948).
- CVE-2022-36946: Fixed denial of service in nfqnl_mangle in net/netfilter/nfnetlink_queue.c (bnc#1201940).
- CVE-2022-3903: Fixed incorrect read request flaw in the Infrared Transceiver USB driver (bnc#1205220).
- CVE-2022-39188: Fixed TLB flush for PFNMAP mappings before unlink_file_vma() (bsc#1203107).
- CVE-2022-40768: Fixed information leak in drivers/scsi/stex.c (bnc#1203514).
- CVE-2022-4095: Fixed use-after-free in rtl8712 (bsc#1205514).
- CVE-2022-41218: Fixed use-after-free in drivers/media/dvb-core/dmxdev.c (bnc#1202960).
- CVE-2022-41848: Fixed use-after-free in drivers/char/pcmcia/synclink_cs.c (bnc#1203987).
- CVE-2022-41850: Fixed use-after-free in roccat_report_event in drivers/hid/hid-roccat.c (bnc#1203960).
- CVE-2022-41858: Fixed NULL pointer dereference in drivers/net/slip/slip.c (bnc#1205671).
- CVE-2022-43750: Fixed memory corruption in drivers/usb/mon/mon_bin.c (bnc#1204653).
- CVE-2022-44032: Fixed race condition in drivers/char/pcmcia/cm4000_cs.c (bnc#1204894).
- CVE-2022-44033: Fixed use-after-free in drivers/char/pcmcia/cm4040_cs.c (bnc#1204922).
- CVE-2022-45934: Fixed integer wraparound in net/bluetooth/l2cap_core.c (bnc#1205796).
The following non-security bugs were fixed:
- Fail if no bound addresses can be used for a given scope (bsc#1206677).
- Fixed missing check on handle in net_sched cls_route (bsc#1202393).
- Trim skb to alloc size to avoid MSG_TRUNC (bsc#1166098).
- Fixed confusing boot logging with Skylake on RETBLEED kernel (bsc#1202500).
- Fixed retbleed performance issues (bsc#1203271).
ImportantSUSE bug 1055710SUSE bug 1084513SUSE bug 1131430SUSE bug 1133374SUSE bug 1154848SUSE bug 1166098SUSE bug 1173514SUSE bug 1177471SUSE bug 1191961SUSE bug 1196973SUSE bug 1197331SUSE bug 1197343SUSE bug 1197366SUSE bug 1197391SUSE bug 1198516SUSE bug 1198829SUSE bug 1199063SUSE bug 1199426SUSE bug 1199487SUSE bug 1199650SUSE bug 1199657SUSE bug 1200598SUSE bug 1200619SUSE bug 1200692SUSE bug 1200910SUSE bug 1201050SUSE bug 1201251SUSE bug 1201429SUSE bug 1201635SUSE bug 1201636SUSE bug 1201940SUSE bug 1201948SUSE bug 1202097SUSE bug 1202346SUSE bug 1202347SUSE bug 1202393SUSE bug 1202500SUSE bug 1202897SUSE bug 1202898SUSE bug 1202960SUSE bug 1203107SUSE bug 1203271SUSE bug 1203514SUSE bug 1203769SUSE bug 1203960SUSE bug 1203987SUSE bug 1204166SUSE bug 1204354SUSE bug 1204405SUSE bug 1204431SUSE bug 1204439SUSE bug 1204574SUSE bug 1204631SUSE bug 1204646SUSE bug 1204647SUSE bug 1204653SUSE bug 1204894SUSE bug 1204922SUSE bug 1205220SUSE bug 1205514SUSE bug 1205671SUSE bug 1205796SUSE bug 1206677CVE-2017-13695 at SUSECVE-2017-13695 at NVDCVE-2018-7755 at SUSECVE-2018-7755 at NVDCVE-2019-3837 at SUSECVE-2019-3837 at NVDCVE-2019-3900 at SUSECVE-2019-3900 at NVDCVE-2020-15393 at SUSECVE-2020-15393 at NVDCVE-2020-16119 at SUSECVE-2020-16119 at NVDCVE-2020-36557 at SUSECVE-2020-36557 at NVDCVE-2020-36558 at SUSECVE-2020-36558 at NVDCVE-2021-26341 at SUSECVE-2021-26341 at NVDCVE-2021-33655 at SUSECVE-2021-33655 at NVDCVE-2021-33656 at SUSECVE-2021-33656 at NVDCVE-2021-34981 at SUSECVE-2021-34981 at NVDCVE-2021-39713 at SUSECVE-2021-39713 at NVDCVE-2021-45868 at SUSECVE-2021-45868 at NVDCVE-2022-1011 at SUSECVE-2022-1011 at NVDCVE-2022-1048 at SUSECVE-2022-1048 at NVDCVE-2022-1353 at SUSECVE-2022-1353 at NVDCVE-2022-1462 at SUSECVE-2022-1462 at NVDCVE-2022-1652 at SUSECVE-2022-1652 at NVDCVE-2022-1679 at SUSECVE-2022-1679 at NVDCVE-2022-20132 at SUSECVE-2022-20132 at NVDCVE-2022-20166 at SUSECVE-2022-20166 at NVDCVE-2022-20368 at SUSECVE-2022-20368 at NVDCVE-2022-20369 at SUSECVE-2022-20369 at NVDCVE-2022-21123 at SUSECVE-2022-21123 at NVDCVE-2022-21125 at SUSECVE-2022-21125 at NVDCVE-2022-21127 at SUSECVE-2022-21127 at NVDCVE-2022-21166 at SUSECVE-2022-21166 at NVDCVE-2022-21180 at SUSECVE-2022-21180 at NVDCVE-2022-21385 at SUSECVE-2022-21385 at NVDCVE-2022-21499 at SUSECVE-2022-21499 at NVDCVE-2022-2318 at SUSECVE-2022-2318 at NVDCVE-2022-2663 at SUSECVE-2022-2663 at NVDCVE-2022-28356 at SUSECVE-2022-28356 at NVDCVE-2022-29900 at SUSECVE-2022-29900 at NVDCVE-2022-29901 at SUSECVE-2022-29901 at NVDCVE-2022-3028 at SUSECVE-2022-3028 at NVDCVE-2022-3303 at SUSECVE-2022-3303 at NVDCVE-2022-33981 at SUSECVE-2022-33981 at NVDCVE-2022-3424 at SUSECVE-2022-3424 at NVDCVE-2022-3524 at SUSECVE-2022-3524 at NVDCVE-2022-3565 at SUSECVE-2022-3565 at NVDCVE-2022-3566 at SUSECVE-2022-3566 at NVDCVE-2022-3586 at SUSECVE-2022-3586 at NVDCVE-2022-3621 at SUSECVE-2022-3621 at NVDCVE-2022-3635 at SUSECVE-2022-3635 at NVDCVE-2022-3646 at SUSECVE-2022-3646 at NVDCVE-2022-3649 at SUSECVE-2022-3649 at NVDCVE-2022-36879 at SUSECVE-2022-36879 at NVDCVE-2022-36946 at SUSECVE-2022-36946 at NVDCVE-2022-3903 at SUSECVE-2022-3903 at NVDCVE-2022-39188 at SUSECVE-2022-39188 at NVDCVE-2022-40768 at SUSECVE-2022-40768 at NVDCVE-2022-4095 at SUSECVE-2022-4095 at NVDCVE-2022-41218 at SUSECVE-2022-41218 at NVDCVE-2022-41848 at SUSECVE-2022-41848 at NVDCVE-2022-41850 at SUSECVE-2022-41850 at NVDCVE-2022-41858 at SUSECVE-2022-41858 at NVDCVE-2022-43750 at SUSECVE-2022-43750 at NVDCVE-2022-44032 at SUSECVE-2022-44032 at NVDCVE-2022-44033 at SUSECVE-2022-44033 at NVDCVE-2022-45934 at SUSECVE-2022-45934 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for openssl1 fixes the following issues:
- CVE-2023-5678: Fixed generating and checking of excessively long X9.42 DH keys that resulted in a possible Denial of Service (bsc#1216922).
ImportantSUSE bug 1216922CVE-2023-5678 at SUSECVE-2023-5678 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for openssl fixes the following issues:
- CVE-2023-5678: Fixed generating and checking of excessively long X9.42 DH keys that resulted in a possible Denial of Service (bsc#1216922).
ImportantSUSE bug 1216922CVE-2023-5678 at SUSECVE-2023-5678 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for openssl fixes the following issues:
- CVE-2022-4304: Fixed timing Oracle in RSA Decryption (bsc#1207534).
ModerateSUSE bug 1207534CVE-2022-4304 at SUSECVE-2022-4304 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-26555: Fixed Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B that may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN (bsc#1179610 bsc#1215237).
- CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a dvb_frontend_detach call (bsc#1205762).
- CVE-2023-1206: Fixed a hash collision flaw in the IPv6 connection lookup table which could be exploited by network adjacent attackers, increasing CPU usage by 95% (bsc#1212703).
- CVE-2023-31085: Fixed a divide-by-zero error in do_div(sz,mtd->erasesize) that could cause a local DoS (bsc#1210778).
- CVE-2023-3111: Fixed a use-after-free vulnerability in prepare_to_relocate in fs/btrfs/relocation.c (bsc#1212051).
- CVE-2023-39189: Fixed a flaw in the Netfilter subsystem that could allow a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure (bsc#1216046).
- CVE-2023-39192: Fixed an out of bounds read in the netfilter (bsc#1215858).
- CVE-2023-39193: Fixed an out of bounds read in the xtables subsystem (bsc#1215860).
- CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet() (bsc#1216976).
- CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path() (bsc#1216058).
- CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218559).
- CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving a malformed length from a server (bsc#1217947).
- CVE-2023-6932: Fixed a use-after-free vulnerability in the Linux kernel's ipv4: igmp component that could lead to local privilege escalation (bsc#1218253).
ImportantSUSE bug 1179610SUSE bug 1205762SUSE bug 1210778SUSE bug 1212051SUSE bug 1212703SUSE bug 1215237SUSE bug 1215858SUSE bug 1215860SUSE bug 1216046SUSE bug 1216058SUSE bug 1216976SUSE bug 1217947SUSE bug 1218253SUSE bug 1218559CVE-2020-26555 at SUSECVE-2020-26555 at NVDCVE-2022-45887 at SUSECVE-2022-45887 at NVDCVE-2023-1206 at SUSECVE-2023-1206 at NVDCVE-2023-31085 at SUSECVE-2023-31085 at NVDCVE-2023-3111 at SUSECVE-2023-3111 at NVDCVE-2023-39189 at SUSECVE-2023-39189 at NVDCVE-2023-39192 at SUSECVE-2023-39192 at NVDCVE-2023-39193 at SUSECVE-2023-39193 at NVDCVE-2023-39197 at SUSECVE-2023-39197 at NVDCVE-2023-45863 at SUSECVE-2023-45863 at NVDCVE-2023-51779 at SUSECVE-2023-51779 at NVDCVE-2023-6606 at SUSECVE-2023-6606 at NVDCVE-2023-6932 at SUSECVE-2023-6932 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
- CVE-2022-48619: Fixed a denial-of-service issue in drivers/input/input.c (bsc#1218220).
- CVE-2021-46904: Fixed NULL pointer dereference during tty device unregistration (bsc#1220416).
- CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
- CVE-2021-46905: Fixed NULL pointer dereference on disconnect regression (bsc#1220418).
- CVE-2023-52340: Fixed a denial of service related to ICMPv6 'Packet Too Big' packets (bsc#1219295).
- CVE-2021-46932: Initialized work before appletouch device registration (bsc#1220444).
- CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238).
- CVE-2023-52475: Fixed a use-after-free in powermate_config_complete() (bsc#1220649).
- CVE-2023-52445: Fixed a use-after-free on context disconnection in pvrusb2 (bsc#1220241).
- CVE-2023-52429: Limited the number of targets and parameter size area for device mapper (bsc#1219146).
- CVE-2023-51780: Fixed a use-after-free in do_vcc_ioctl() related to a vcc_recvmsg race condition (bsc#1218730).
- CVE-2023-51782: Fixed a use-after-free in rose_ioctl() related to a rose_accept race condition (bsc#1218757).
- CVE-2023-31083: Fixed a NULL pointer dereference in hci_uart_tty_ioctl() (bsc#1210780).
The following non-security bugs were fixed:
- KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes).
- KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git-fixes).
- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).
- x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix (git-fixes).
- x86/bugs: Add asm helpers for executing VERW (bsc#1213456).
- x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (git-fixes).
- x86/entry_32: Add VERW just before userspace transition (git-fixes).
- x86/entry_64: Add VERW just before userspace transition (git-fixes).
ImportantSUSE bug 1210780SUSE bug 1213456SUSE bug 1218220SUSE bug 1218562SUSE bug 1218730SUSE bug 1218757SUSE bug 1219146SUSE bug 1219295SUSE bug 1219827SUSE bug 1220191SUSE bug 1220238SUSE bug 1220241SUSE bug 1220416SUSE bug 1220418SUSE bug 1220444SUSE bug 1220649SUSE bug 1221044SUSE bug 1221088SUSE bug 1221578SUSE bug 1221598SUSE bug 1222585SUSE bug 1222619SUSE bug 1223016SUSE bug 1223824CVE-2021-46904 at SUSECVE-2021-46904 at NVDCVE-2021-46905 at SUSECVE-2021-46905 at NVDCVE-2021-46932 at SUSECVE-2021-46932 at NVDCVE-2022-48619 at SUSECVE-2022-48619 at NVDCVE-2023-28746 at SUSECVE-2023-28746 at NVDCVE-2023-31083 at SUSECVE-2023-31083 at NVDCVE-2023-51780 at SUSECVE-2023-51780 at NVDCVE-2023-51782 at SUSECVE-2023-51782 at NVDCVE-2023-52340 at SUSECVE-2023-52340 at NVDCVE-2023-52429 at SUSECVE-2023-52429 at NVDCVE-2023-52445 at SUSECVE-2023-52445 at NVDCVE-2023-52449 at SUSECVE-2023-52449 at NVDCVE-2023-52475 at SUSECVE-2023-52475 at NVDCVE-2023-52590 at SUSECVE-2023-52590 at NVDCVE-2023-52591 at SUSECVE-2023-52591 at NVDCVE-2023-6270 at SUSECVE-2023-6270 at NVDCVE-2024-23851 at SUSECVE-2024-23851 at NVDCVE-2024-26733 at SUSECVE-2024-26733 at NVDCVE-2024-26898 at SUSECVE-2024-26898 at NVDCVE-2024-27043 at SUSECVE-2024-27043 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for glibc fixes the following issues:
- CVE-2024-2961: iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (bsc#1222992)
ImportantSUSE bug 1222992CVE-2024-2961 at SUSECVE-2024-2961 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960).
- CVE-2021-47321: Fixed possible use-after-free by calling del_timer_sync() (bsc#1225060).
- CVE-2021-47324: Fixed possible use-after-free in wdt_startup() (bsc#1225030).
- CVE-2021-47323: Fixed possible use-after-free in wdt_turnoff() (bsc#1225026).
- CVE-2021-47383: Fiedx out-of-bound vmalloc access in imageblit (bsc#1225208).
- CVE-2021-47511: Fixed negative period/buffer sizes (bsc#1225411).
- CVE-2021-47391: Ensure rdma_addr_cancel() happens before issuing more requests (bsc#1225318)
- CVE-2021-47347: Fixed possible buffer overflow in wl1251_cmd_scan (bsc#1225177).
ImportantSUSE bug 1220960SUSE bug 1222619SUSE bug 1224904SUSE bug 1225026SUSE bug 1225030SUSE bug 1225060SUSE bug 1225177SUSE bug 1225208SUSE bug 1225318SUSE bug 1225411CVE-2021-47104 at SUSECVE-2021-47104 at NVDCVE-2021-47321 at SUSECVE-2021-47321 at NVDCVE-2021-47323 at SUSECVE-2021-47323 at NVDCVE-2021-47324 at SUSECVE-2021-47324 at NVDCVE-2021-47347 at SUSECVE-2021-47347 at NVDCVE-2021-47383 at SUSECVE-2021-47383 at NVDCVE-2021-47391 at SUSECVE-2021-47391 at NVDCVE-2021-47485 at SUSECVE-2021-47485 at NVDCVE-2021-47511 at SUSECVE-2021-47511 at NVDCVE-2023-52880 at SUSECVE-2023-52880 at NVDCVE-2024-26929 at SUSECVE-2024-26929 at NVDCVE-2024-26930 at SUSECVE-2024-26930 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743)
- CVE-2021-47580: scsi: scsi_debug: Fix type in min_t to avoid stack OOB (bsc#1226550).
- CVE-2021-47219: scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() (bsc#1222824).
- CVE-2021-47520: can: pch_can: pch_can_rx_normal: fix use after free (bsc#1225431).
- CVE-2021-47600: dm btree remove: fix use after free in rebalance_children() (bsc#1226575).
- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
- CVE-2024-38599: jffs2: prevent xattr node from overflowing the eraseblock (bsc#1226848).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).
The following non-security bugs were fixed:
- af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384).
- af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).
- af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress (bsc#1223384).
- kvm: prevent kvm_clock time-warps (bsc#1197439).
- net: unix: properly re-increment inflight counter of GC discarded candidates (bsc#1223384).
ImportantSUSE bug 1191958SUSE bug 1197439SUSE bug 1222824SUSE bug 1223384SUSE bug 1225431SUSE bug 1225487SUSE bug 1225611SUSE bug 1225866SUSE bug 1226550SUSE bug 1226575SUSE bug 1226670SUSE bug 1226848SUSE bug 1227154SUSE bug 1228743CVE-2016-20022 at SUSECVE-2016-20022 at NVDCVE-2021-43389 at SUSECVE-2021-43389 at NVDCVE-2021-4439 at SUSECVE-2021-4439 at NVDCVE-2021-47219 at SUSECVE-2021-47219 at NVDCVE-2021-47520 at SUSECVE-2021-47520 at NVDCVE-2021-47580 at SUSECVE-2021-47580 at NVDCVE-2021-47600 at SUSECVE-2021-47600 at NVDCVE-2023-52752 at SUSECVE-2023-52752 at NVDCVE-2023-52881 at SUSECVE-2023-52881 at NVDCVE-2024-26923 at SUSECVE-2024-26923 at NVDCVE-2024-36964 at SUSECVE-2024-36964 at NVDCVE-2024-38599 at SUSECVE-2024-38599 at NVDCVE-2024-42145 at SUSECVE-2024-42145 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for openssl1 fixes the following issues:
- CVE-2024-5535: Fixed a buffer overread in function SSL_select_next_proto() with an empty supported client protocols buffer (bsc#1227138)
ModerateSUSE bug 1227138CVE-2024-5535 at SUSECVE-2024-5535 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-48791: Fix use-after-free for aborted TMF sas_task (bsc#1228002)
- CVE-2022-48919: Fix double free race when mount fails in cifs_get_root() (bsc#1229657).
- CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454).
- CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707).
- CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
- CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959)
The following non-security bugs were fixed:
- fuse: fix SetPageUptodate() condition in STORE (bsc#1229456).
- reiserfs: fix 'new_insert_key may be used uninitialized ...' (bsc#1228938).
- scsi: pm80xx: Fix TMF task completion race condition (bsc#1228002)
ImportantSUSE bug 1202346SUSE bug 1227985SUSE bug 1228002SUSE bug 1228938SUSE bug 1228959SUSE bug 1229454SUSE bug 1229456SUSE bug 1229503SUSE bug 1229657SUSE bug 1229707CVE-2022-20368 at SUSECVE-2022-20368 at NVDCVE-2022-48791 at SUSECVE-2022-48791 at NVDCVE-2022-48839 at SUSECVE-2022-48839 at NVDCVE-2022-48919 at SUSECVE-2022-48919 at NVDCVE-2024-42232 at SUSECVE-2024-42232 at NVDCVE-2024-43882 at SUSECVE-2024-43882 at NVDCVE-2024-43883 at SUSECVE-2024-43883 at NVDCVE-2024-44947 at SUSECVE-2024-44947 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Moderate)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
- CVE-2024-40902: jfs: xattr: fix buffer overflow for invalid xattr (bsc#1227764).
- CVE-2024-42104: nilfs2: add missing check for inode numbers on directory entries (bsc#1228654).
- CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487).
- CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
The following non-security bugs were fixed:
- alarmtimer: Lock k_itimer during timer callback (bsc#1214298).
- alarmtimers: Add alarm_forward functionality (bsc#1214298).
- alarmtimers: Change alarmtimer functions to return alarmtimer_restart (bsc#1214298).
- alarmtimers: Push rearming peroidic timers down into alamrtimer (bsc#1214298).
- alarmtimers: Remove interval cap limit hack (bsc#1214298).
- kABI fix for alarmtimer_restart functionality (bsc#1214298).
- kABI fix update for alarm_forward (bsc#1214298).
ModerateSUSE bug 1214298SUSE bug 1226606SUSE bug 1227764SUSE bug 1228487SUSE bug 1228654SUSE bug 1230434CVE-2024-38538 at SUSECVE-2024-38538 at NVDCVE-2024-40902 at SUSECVE-2024-40902 at NVDCVE-2024-42104 at SUSECVE-2024-42104 at NVDCVE-2024-42148 at SUSECVE-2024-42148 at NVDCVE-2024-45021 at SUSECVE-2024-45021 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47589: igbvf: fix double free in `igbvf_probe` (bsc#1226557).
- CVE-2024-35937: wifi: cfg80211: check A-MSDU format more carefully (bsc#1224526).
- CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673).
- CVE-2024-47757: nilfs2: fix potential oob read in nilfs_btree_check_delete() (bsc#1232187).
- CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861).
The following non-security bugs were fixed:
- config: Disable NILFS2 (bsc#1232187)
ImportantSUSE bug 1218562SUSE bug 1223016SUSE bug 1223384SUSE bug 1223824SUSE bug 1224526SUSE bug 1226557SUSE bug 1226848SUSE bug 1228743SUSE bug 1229454SUSE bug 1229456SUSE bug 1231673SUSE bug 1231861SUSE bug 1232097SUSE bug 1232187CVE-2021-47589 at SUSECVE-2021-47589 at NVDCVE-2023-6270 at SUSECVE-2023-6270 at NVDCVE-2024-26898 at SUSECVE-2024-26898 at NVDCVE-2024-27043 at SUSECVE-2024-27043 at NVDCVE-2024-35937 at SUSECVE-2024-35937 at NVDCVE-2024-38599 at SUSECVE-2024-38599 at NVDCVE-2024-42145 at SUSECVE-2024-42145 at NVDCVE-2024-44947 at SUSECVE-2024-44947 at NVDCVE-2024-47674 at SUSECVE-2024-47674 at NVDCVE-2024-47757 at SUSECVE-2024-47757 at NVDCVE-2024-49860 at SUSECVE-2024-49860 at NVDCVE-2024-49982 at SUSECVE-2024-49982 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432).
- CVE-2024-50290: media: cx24116: prevent overflows on SNR calculus (bsc#1233479).
- CVE-2024-53063: media: dvbdev: prevent the risk of out of memory access (bsc#1233557).
ImportantSUSE bug 1232432SUSE bug 1233479SUSE bug 1233557CVE-2024-49995 at SUSECVE-2024-49995 at NVDCVE-2024-50290 at SUSECVE-2024-50290 at NVDCVE-2024-53063 at SUSECVE-2024-53063 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for glibc fixes the following issues:
Security issues fixed:
- CVE-2020-29573: x86: printf was hardened against non-normal long double values (bsc#1179721, BZ #26649)
- CVE-2021-3326: Fix assertion failure in gconv ISO-2022-JP-3 module (bsc#1181505, BZ #27256)
- CVE-2019-25013: Fix buffer overrun in EUC-KR conversion module (bsc#1182117, BZ #24973)
- CVE-2020-27618: Accept redundant shift sequences in IBM1364 iconv (bsc#1178386, BZ #26224)
- CVE-2020-29562: Fix incorrect UCS4 inner loop bounds in iconv (bsc#1179694, BZ #26923)
- Schedule nscd cache pruning more accurately from re-added values (bsc#1018158)
ImportantSUSE bug 1018158SUSE bug 1178386SUSE bug 1179694SUSE bug 1179721SUSE bug 1181505SUSE bug 1182117CVE-2019-25013 at SUSECVE-2019-25013 at NVDCVE-2020-27618 at SUSECVE-2020-27618 at NVDCVE-2020-29562 at SUSECVE-2020-29562 at NVDCVE-2020-29573 at SUSECVE-2020-29573 at NVDCVE-2021-3326 at SUSECVE-2021-3326 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for openssl1 fixes the following issues:
- CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243).
ModerateSUSE bug 1219243CVE-2024-0727 at SUSECVE-2024-0727 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for openssl fixes the following issues:
- CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243).
ModerateSUSE bug 1219243CVE-2024-0727 at SUSECVE-2024-0727 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for microcode_ctl fixes the following issues:
- CVE-2024-31068: Improper Finite State Machines (FSMs) in Hardware
Logic for some Intel Processors may allow privileged user to
potentially enable denial of service via local access. (bsc#1237096)
- CVE-2024-36293: A potential security vulnerability in some Intel
Software Guard Extensions (Intel SGX) Platforms may allow denial
of service. Intel is releasing microcode updates to mitigate this
potential vulnerability. (bsc#1237096)
- CVE-2024-39355: A potential security vulnerability in some
13th and 14th Generation Intel Core Processors may allow denial
of service. Intel is releasing microcode and UEFI reference code
updates to mitigate this potential vulnerability. (bsc#1237096)
- CVE-2024-37020: A potential security vulnerability in the Intel
Data Streaming Accelerator (Intel DSA) for some Intel Xeon Processors
may allow denial of service. Intel is releasing software updates to
mitigate this potential vulnerability. (bsc#1237096)
- CVE-2024-21853: Faulty finite state machines (FSMs) in the hardware logic
in some 4th and 5th Generation Intel Xeon Processors may allow an
authorized user to potentially enable denial of service via local access. (bsc#1233313)
- CVE-2024-23918: Improper conditions check in some Intel Xeon processor
memory controller configurations when using Intel SGX may allow a
privileged user to potentially enable escalation of privilege via
local access. (bsc#1233313)
- CVE-2024-21820: Incorrect default permissions in some Intel Xeon processor
memory controller configurations when using Intel SGX may allow a privileged
user to potentially enable escalation of privilege via local access. (bsc#1233313)
- CVE-2024-24968: Improper finite state machines (FSMs) in hardware logic in
some Intel Processors may allow an privileged user to potentially enable a
denial of service via local access. (bsc#1230400)
- CVE-2024-23984: Observable discrepancy in RAPL interface for some Intel
Processors may allow a privileged user to potentially enable information
disclosure via local access. (bsc#1230400)
- CVE-2024-24853: Incorrect behavior order in transition between executive
monitor and SMI transfer monitor (STM) in some Intel(R) Processor may
allow a privileged user to potentially enable escalation of privilege
via local access. (bsc#1229129)
- CVE-2024-25939: Mirrored regions with different values in 3rd Generation Intel(R)
Xeon(R) Scalable Processors may allow a privileged user to potentially enable
denial of service via local access. (bsc#1229129)
- CVE-2024-24980: Protection mechanism failure in some 3rd, 4th, and 5th Generation
Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable
escalation of privilege via local access. (bsc#1229129)
- CVE-2023-42667: Improper isolation in the Intel(R) Core(TM) Ultra Processor stream
cache mechanism may allow an authenticated user to potentially enable escalation
of privilege via local access. (bsc#1229129)
- CVE-2023-49141: Improper isolation in some Intel(R) Processors stream cache mechanism
may allow an authenticated user to potentially enable escalation of privilege via
local access. (bsc#1229129)
- CVE-2023-45733: Hardware logic contains race conditions in some Intel(R) Processors
may allow an authenticated user to potentially enable partial information disclosure
via local access. (bsc#1224277)
- CVE-2023-46103: Sequence of processor instructions leads to unexpected behavior in
Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially
enable denial of service via local access. (bsc#1224277)
- CVE-2023-45745: Improper input validation in some Intel(R) TDX module software before
version 1.5.05.46.698 may allow a privileged user to potentially enable escalation
of privilege via local access. (bsc#1224277)
- CVE-2023-47855: Improper input validation in some Intel(R) TDX module software before
version 1.5.05.46.698 may allow a privileged user to potentially enable escalation
of privilege via local access. (bsc#1224277)
- CVE-2023-39368: Protection mechanism failure of bus lock regulator
for some Intel Processors may allow an unauthenticated user to
potentially enable denial of service via network access. (bsc#1221323)
- CVE-2023-38575: Non-transparent sharing of return predictor targets
between contexts in some Intel Processors may allow an authorized
user to potentially enable information disclosure via local access. (bsc#1221323)
- CVE-2023-28746: Information exposure through microarchitectural
state after transient execution from some register files for some
Intel Atom Processors may allow an authenticated user to potentially
enable information disclosure via local access. (bsc#1221323)
- CVE-2023-22655: Protection mechanism failure in some 3rd and 4th
Generation Intel Xeon Processors when using Intel SGX or Intel TDX
may allow a privileged user to potentially enable escalation of
privilege via local access. (bsc#1221323)
- CVE-2023-43490: Incorrect calculation in microcode keying mechanism
for some Intel Xeon D Processors with Intel SGX may allow a
privileged user to potentially enable information disclosure via
local access. (bsc#1221323)
- CVE-2023-23583: Fixed potential CPU deadlocks or privilege escalation (bsc#1215278)
- CVE-2022-40982: Information exposure through microarchitectural state after transient
execution in certain vector execution units for some Intel(R) Processors may allow
an authenticated user to potentially enable information disclosure via local access. (bsc#1206418)
- CVE-2023-23908: Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable
processors may allow a privileged user to potentially enable information disclosure
via local access.
- CVE-2022-41804: Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some
Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation
of privilege via local access.
Other fixes:
- Intel CPU Microcode was updated to the 20250211 release (bsc#1237096)
- Security updates for INTEL-SA-01166 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01166.html
- Security updates for INTEL-SA-01213 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01213.html
- Security updates for INTEL-SA-01139 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01139.html
- Security updates for INTEL-SA-01228 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01228.html
- Security updates for INTEL-SA-01194 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01194.html
- Update for functional issues. Refer to Intel Core Ultra Processor https://cdrdv2.intel.com/v1/dl/getContent/792254 for details.
- Update for functional issues. Refer to 13th/14th Generation Intel Core Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/740518 for details.
- Update for functional issues. Refer to 12th Generation Intel Core Processor Family https://cdrdv2.intel.com/v1/dl/getContent/682436 for details.
- Update for functional issues. Refer to 11th Gen Intel Core Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/631123 for details.
- Update for functional issues. Refer to 8th and 9th Generation Intel Core Processor Family Spec Update https://cdrdv2.intel.com/v1/dl/getContent/337346 for details.
- Update for functional issues. Refer to 5th Gen Intel Xeon Scalable Processors Specification Update https://cdrdv2.intel.com/v1/dl/getContent/793902 for details.
- Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors Specification Update https://cdrdv2.intel.com/v1/dl/getContent/772415 for details.
- Update for functional issues. Refer to 3rd Generation Intel Xeon Processor Scalable Family Specification Update https://cdrdv2.intel.com/v1/dl/getContent/637780 for details.
- Update for functional issues. Refer to Intel Xeon D-2700 Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/714071 for details.
- Update for functional issues. Refer to Intel Xeon E-2300 Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/709192 for details.
- Update for functional issues. Refer to Intel Xeon 6700-Series Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/820922 for details.
- Update for functional issues. Refer to Intel Processors and Intel Core i3 N-Series https://cdrdv2.intel.com/v1/dl/getContent/764616 for details
- Intel CPU Microcode was updated to the 20241112 release (bsc#1233313)
- Security updates for [INTEL-SA-01101](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01101.html).
- Security updates for [INTEL-SA-01079](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01079.html).
- Security updates for [INTEL-SA-01079](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01079.html).
- Updated security updates for [INTEL-SA-01097](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01097.html).
- Updated security updates for [INTEL-SA-01103](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01103.html).
- Update for functional issues. Refer to [Intel Core Ultra Processor](https://cdrdv2.intel.com/v1/dl/getContent/792254) for details.
- Update for functional issues. Refer to [14th/13th Generation Intel Core Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/740518) for details.
- Update for functional issues. Refer to [12th Generation Intel Core Processor Family](https://cdrdv2.intel.com/v1/dl/getContent/682436) for details.
- Update for functional issues. Refer to [5th Gen Intel Xeon Scalable Processors Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/793902) for details.
- Update for functional issues. Refer to [4th Gen Intel Xeon Scalable Processors Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/772415) for details.
- Update for functional issues. Refer to [3rd Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780) for details.
- Update for functional issues. Refer to [Intel Xeon D-2700 Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/714071) for details.
- Update for functional issues. Refer to [Intel Xeon D-1700 and D-1800 Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/714069) for details
- Intel CPU Microcode was updated to the 20241029 release (bsc#1230400)
- Update for functional issues. Refer to [14th/13th Generation Intel Core Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/740518) for details.
- Intel CPU Microcode was updated to the 20240910 release (bsc#1230400)
- Security updates for [INTEL-SA-01103](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01103.html)
- Security updates for [INTEL-SA-01097](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01097.html)
- Update for functional issues. Refer to [Intel Core Ultra Processor](https://cdrdv2.intel.com/v1/dl/getContent/792254) for details.
- Update for functional issues. Refer to [13th Generation Intel Core Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/740518) for details.
- Update for functional issues. Refer to [12th Generation Intel Core Processor Family](https://cdrdv2.intel.com/v1/dl/getContent/682436) for details.
- Update for functional issues. Refer to [Intel Processors and Intel Core i3 N-Series](https://cdrdv2.intel.com/v1/dl/getContent/764616) for details.
- Intel CPU Microcode was updated to the 20240813 release (bsc#1229129)
- Security updates for [INTEL-SA-01083](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01083.html)
- Security updates for [INTEL-SA-01118](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01118.html)
- Security updates for [INTEL-SA-01100](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01100.html)
- Security updates for [INTEL-SA-01038](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01038.html)
- Security updates for [INTEL-SA-01046](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01046.html)
- Update for functional issues. Refer to [Intel Core Ultra Processor](https://cdrdv2.intel.com/v1/dl/getContent/792254) for details.
- Update for functional issues. Refer to [3rd Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780) for details.
- Update for functional issues. Refer to [3rd Generation Intel Xeon Scalable Processors Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/634897) for details.
- Update for functional issues. Refer to [2nd Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details
- Update for functional issues. Refer to [Intel Xeon D-2700 Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/714071) for details.
- Update for functional issues. Refer to [Intel Xeon E-2300 Processor Specification Update ](https://cdrdv2.intel.com/v1/dl/getContent/709192) for details.
- Update for functional issues. Refer to [13th Generation Intel Core Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/740518) for details.
- Update for functional issues. Refer to [12th Generation Intel Core Processor Family](https://cdrdv2.intel.com/v1/dl/getContent/682436) for details.
- Update for functional issues. Refer to [11th Gen Intel Core Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/631123) for details.
- Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/341079) for details.
- Update for functional issues. Refer to [10th Generation Intel Core Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/615213) for details.
- Update for functional issues. Refer to [8th and 9th Generation Intel Core Processor Family Spec Update](https://cdrdv2.intel.com/v1/dl/getContent/337346) for details.
- Update for functional issues. Refer to [8th Generation Intel Core Processor Families Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338025) for details.
- Update for functional issues. Refer to [7th and 8th Generation Intel Core Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/334663) for details.
- Update for functional issues. Refer to [Intel Processors and Intel Core i3 N-Series](https://cdrdv2.intel.com/v1/dl/getContent/764616) for details.
- Update for functional issues. Refer to [Intel Atom x6000E Series, and Intel Pentium and Celeron N and J Series Processors for Internet of Things (IoT) Applications](https://cdrdv2.intel.com/v1/dl/getContent/636674) for details.
- Intel CPU Microcode was updated to 20240531 release:
- Update for functional issues. Refer to Intel Pentium Silver
and Intel Celeron Processor Specification Update
- Intel CPU Microcode was updated to the 20240514 release (bsc#1224277)
- Security updates for INTEL-SA-01051 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01051.html
- Security updates for INTEL-SA-01052 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01052.html
- Security updates for INTEL-SA-01036 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01036.html
- Update for functional issues. Refer to 5th Gen Intel Xeon Processor Scalable Family https://cdrdv2.intel.com/v1/dl/getContent/793902 for details.
- Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors Specification Update https://cdrdv2.intel.com/v1/dl/getContent/772415 for details.
- Update for functional issues. Refer to 14th 13th Generation Intel Core Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/740518 for details.
- Update for functional issues. Refer to 12th Generation Intel Core Processor Family https://cdrdv2.intel.com/v1/dl/getContent/682436 for details.
- Update for functional issues. Refer to Intel Processors and Intel Core i3 N-Series https://cdrdv2.intel.com/v1/dl/getContent/764616 for details.
- - Intel CPU Microcode was updated to 20240312 release. (bsc#1221323)
- Security updates for INTEL-SA-INTEL-SA-00972 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00972.html
- Security updates for INTEL-SA-INTEL-SA-00982 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00982.html
- Security updates for INTEL-SA-INTEL-SA-00898 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00898.html
- Security updates for INTEL-SA-INTEL-SA-00960 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00960.html
- Security updates for INTEL-SA-INTEL-SA-01045 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01045.html
- Update for functional issues. Refer to Intel Core Ultra Processor https://cdrdv2.intel.com/v1/dl/getContent/792254 for details.
- Update for functional issues. Refer to 13th Generation Intel Core Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/740518 for details.
- Update for functional issues. Refer to 12th Generation Intel Core Processor Family https://cdrdv2.intel.com/v1/dl/getContent/682436 for details.
- Update for functional issues. Refer to 11th Gen Intel Core Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/631123 for details.
- Update for functional issues. Refer to 10th Gen Intel Core Processor Families Specification Update https://cdrdv2.intel.com/v1/dl/getContent/341079 for details.
- Update for functional issues. Refer to 10th Generation Intel Core Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/615213 for details.
- Update for functional issues. Refer to 8th and 9th Generation Intel Core Processor Family Spec Update https://cdrdv2.intel.com/v1/dl/getContent/337346 for details.
- Update for functional issues. Refer to 8th Generation Intel Core Processor Families Specification Update https://cdrdv2.intel.com/v1/dl/getContent/338025 for details.
- Update for functional issues. Refer to 7th and 8th Generation Intel Core Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/334663 for details.
- Update for functional issues. Refer to 5th Gen Intel Xeon Scalable Processors Specification Update https://cdrdv2.intel.com/v1/dl/getContent/793902 for details.
- Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors Specification Update https://cdrdv2.intel.com/v1/dl/getContent/772415 for details.
- Update for functional issues. Refer to 3rd Generation Intel Xeon Scalable Processors Specification Update https://cdrdv2.intel.com/v1/dl/getContent/634897 for details.
- Update for functional issues. Refer to 3rd Generation Intel Xeon Processor Scalable Family Specification Update https://cdrdv2.intel.com/v1/dl/getContent/637780 for details.
- Update for functional issues. Refer to 2nd Generation Intel Xeon Processor Scalable Family Specification Update https://cdrdv2.intel.com/v1/dl/getContent/338848 for details.
- Update for functional issues. Refer to Intel Processors and Intel Core i3 N-Series https://cdrdv2.intel.com/v1/dl/getContent/764616 for details.
- Update for functional issues. Refer to Intel Xeon D-2700 Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/714071 for details.
- Update for functional issues. Refer to Intel Xeon E-2300 Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/709192 for details.
- Update for functional issues. Refer to Intel Xeon Processor Scalable Family Specification Update https://cdrdv2.intel.com/v1/dl/getContent/613537 for details.
- Update for functional issues. Refer to Intel Atom C3000 Processor Product Family Specification Update https://cdrdv2.intel.com/v1/dl/getContent/336345 for details.
- Update for functional issues. Refer to Intel Atom x6000E Series, and Intel Pentium and Celeron N and J Series Processors for Internet of Things (IoT) Applications https://cdrdv2.intel.com/v1/dl/getContent/636674 for details.
- Update for functional issues. Refer to Intel Pentium Silver and Intel Celeron Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/336562 for details.
- Update for functional issues. Refer to Intel Pentium Silver and Intel Celeron Processor Specification Update https://cdrdv2.intel.com/v1/dl/getContent/634542 for details.
- Intel CPU Microcode was updated to 20231114 release. (bsc#1215278)
- Security updates for [INTEL-SA-00950](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.html)
- Update for functional issues. Refer to [13th Generation Intel Core Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/740518) for details.
- Update for functional issues. Refer to [12th Generation Intel Core Processor Family](https://cdrdv2.intel.com/v1/dl/getContent/682436) for details.
- Update for functional issues. Refer to [11th Gen Intel Core Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/631123) for details.
- Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/341079) for details.
- Update for functional issues. Refer to [4th Gen Intel Xeon Scalable Processors Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/772415) for details.
- Update for functional issues. Refer to [3rd Generation Intel Xeon Scalable Processors Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/634897) for details.
- Update for functional issues. Refer to [Intel Processors and Intel Core i3 N-Series](https://cdrdv2.intel.com/v1/dl/getContent/764616) for details.
- Update for functional issues. Refer to [Intel Xeon D-2700 Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/714071) for details.
- Update for functional issues. Refer to [Intel Xeon E-2300 Processor Specification Update ](https://cdrdv2.intel.com/v1/dl/getContent/709192) for details.
- Intel CPU Microcode was updated to 20231114 pre-release (labeled 20231113). (bsc#1215278)
- Intel CPU Microcode was updated to 20230808 release. (bsc#1214099)
- Security updates for [INTEL-SA-00828](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html) (bsc#1206418)
- Security updates for [INTEL-SA-00836](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html)
- Security updates for [INTEL-SA-00837](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00837.html)
- Update for functional issues. Refer to [13th Generation Intel Core Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/740518) for details.
- Update for functional issues. Refer to [12th Generation Intel Core Processor Family](https://cdrdv2.intel.com/v1/dl/getContent/682436) for details.
- Update for functional issues. Refer to [11th Gen Intel Core Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/631123) for details.
- Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/341079) for details.
- Update for functional issues. Refer to [8th and 9th Generation Intel Core Processor Family Spec Update](https://cdrdv2.intel.com/v1/dl/getContent/337346) for details.
- Update for functional issues. Refer to [8th Generation Intel Core Processor Families Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338025) for details.
- Update for functional issues. Refer to [7th and 8th Generation Intel Core Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/334663) for details.
- Update for functional issues. Refer to [Intel Processors and Intel Core i3 N-Series](https://cdrdv2.intel.com/v1/dl/getContent/764616) for details.
- Update for functional issues. Refer to [4th Gen Intel Xeon Scalable Processors Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/772415) for details.
- Update for functional issues. Refer to [3rd Generation Intel Xeon Scalable Processors Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/634897) for details.
- Update for functional issues. Refer to [2nd Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.
- Update for functional issues. Refer to [Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.
- Update for functional issues. Refer to [3rd Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780) for details.
- Update for functional issues. Refer to [Intel Xeon E-2300 Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/709192) for details.
- Update for functional issues. Refer to [Intel Xeon D-2700 Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/714071) for details.
- Update for functional issues. Refer to [Intel Xeon D-2100 Processor Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338854) for details.
- Intel CPU Microcode was updated to 20230613 release.
- Intel CPU Microcode was updated to 20230512 release.
- Intel CPU Microcode was updated to 20230512 release. (bsc#1211382)
ImportantSUSE bug 1206418SUSE bug 1211382SUSE bug 1214099SUSE bug 1215278SUSE bug 1221323SUSE bug 1224277SUSE bug 1229129SUSE bug 1230400SUSE bug 1233313SUSE bug 1237096CVE-2022-40982 at SUSECVE-2022-40982 at NVDCVE-2022-41804 at SUSECVE-2022-41804 at NVDCVE-2023-22655 at SUSECVE-2023-22655 at NVDCVE-2023-23583 at SUSECVE-2023-23583 at NVDCVE-2023-23908 at SUSECVE-2023-23908 at NVDCVE-2023-28746 at SUSECVE-2023-28746 at NVDCVE-2023-38575 at SUSECVE-2023-38575 at NVDCVE-2023-39368 at SUSECVE-2023-39368 at NVDCVE-2023-42667 at SUSECVE-2023-42667 at NVDCVE-2023-43490 at SUSECVE-2023-43490 at NVDCVE-2023-45733 at SUSECVE-2023-45733 at NVDCVE-2023-45745 at SUSECVE-2023-45745 at NVDCVE-2023-46103 at SUSECVE-2023-46103 at NVDCVE-2023-47855 at SUSECVE-2023-47855 at NVDCVE-2023-49141 at SUSECVE-2023-49141 at NVDCVE-2024-21820 at SUSECVE-2024-21820 at NVDCVE-2024-21853 at SUSECVE-2024-21853 at NVDCVE-2024-23918 at SUSECVE-2024-23918 at NVDCVE-2024-23984 at SUSECVE-2024-23984 at NVDCVE-2024-24853 at SUSECVE-2024-24853 at NVDCVE-2024-24968 at SUSECVE-2024-24968 at NVDCVE-2024-24980 at SUSECVE-2024-24980 at NVDCVE-2024-25939 at SUSECVE-2024-25939 at NVDCVE-2024-31068 at SUSECVE-2024-31068 at NVDCVE-2024-36293 at SUSECVE-2024-36293 at NVDCVE-2024-37020 at SUSECVE-2024-37020 at NVDCVE-2024-39355 at SUSECVE-2024-39355 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2017-14051: scsi/qla2xxx: Fix an integer overflow in sysfs code. (bsc#1056588)
- CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853).
- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846).
- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891).
- CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054).
- CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963).
- CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073).
- CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220).
- CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056).
- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061).
- CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224).
The following non-security bugs were fixed:
- Enable CONFIG_FIRMWARE_SIG ()
- r8169: check ALDPS bit and disable it if enabled for the 8168g (bnc#845352).
- rpm/kernel-binary.spec.in: Remove obsolete ext4-writeable. Needs to be handled differently. (bnc#830822)
ImportantSUSE bug 1027565SUSE bug 1056588SUSE bug 1059525SUSE bug 1202346SUSE bug 1227985SUSE bug 1234846SUSE bug 1234853SUSE bug 1234891SUSE bug 1234963SUSE bug 1235054SUSE bug 1235056SUSE bug 1235061SUSE bug 1235073SUSE bug 1235220SUSE bug 1235224CVE-2017-1000253 at SUSECVE-2017-1000253 at NVDCVE-2017-14051 at SUSECVE-2017-14051 at NVDCVE-2017-2636 at SUSECVE-2017-2636 at NVDCVE-2022-20368 at SUSECVE-2022-20368 at NVDCVE-2022-48839 at SUSECVE-2022-48839 at NVDCVE-2024-53146 at SUSECVE-2024-53146 at NVDCVE-2024-53156 at SUSECVE-2024-53156 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53239 at SUSECVE-2024-53239 at NVDCVE-2024-56539 at SUSECVE-2024-56539 at NVDCVE-2024-56548 at SUSECVE-2024-56548 at NVDCVE-2024-56598 at SUSECVE-2024-56598 at NVDCVE-2024-56604 at SUSECVE-2024-56604 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDCVE-2024-56619 at SUSECVE-2024-56619 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for microcode_ctl (Moderate)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for microcode_ctl fixes the following issues:
Intel CPU Microcode was updated to the 20250512 release (bsc#1243123)
- CVE-2024-28956: Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2025-20103: Insufficient resource pool in the core management mechanism for some Intel Processors may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2025-20054: Uncaught exception in the core management mechanism for some Intel Processors may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2024-43420: Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Atom processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2025-20623: Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Core processors (10th Generation) may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2024-45332: Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2025-24495: Incorrect initialization of resource in the branch prediction unit for some Intel Core Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2025-20012: Incorrect behavior order for some Intel Core Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access.
- Updates for functional issues.
- New Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ARL-U | A1 | 06-b5-00/80 | | 0000000a | Core Ultra Processor (Series2)
| ARL-S/HX (8P) | B0 | 06-c6-02/82 | | 00000118 | Core Ultra Processor (Series2)
| ARL-H | A1 | 06-c5-02/82 | | 00000118 | Core Ultra Processor (Series2)
| GNR-AP/SP | B0 | 06-ad-01/95 | | 010003a2 | Xeon Scalable Gen6
| GNR-AP/SP | H0 | 06-ad-01/20 | | 0a0000d1 | Xeon Scalable Gen6
| LNL | B0 | 06-bd-01/80 | | 0000011f | Core Ultra 200 V Series Processor
- Updated Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ADL | C0 | 06-97-02/07 | 00000038 | 0000003a | Core Gen12
| ADL | H0 | 06-97-05/07 | 00000038 | 0000003a | Core Gen12
| ADL | L0 | 06-9a-03/80 | 00000436 | 00000437 | Core Gen12
| ADL | R0 | 06-9a-04/80 | 00000436 | 00000437 | Core Gen12
| ADL-N | N0 | 06-be-00/19 | 0000001c | 0000001d | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E
| AML-Y42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile
| AZB | A0/R0 | 06-9a-04/40 | 00000009 | 0000000a | Intel(R) Atom(R) C1100
| CFL-H | R0 | 06-9e-0d/22 | 00000102 | 00000104 | Core Gen9 Mobile
| CLX-SP | B1 | 06-55-07/bf | 05003707 | 05003901 | Xeon Scalable Gen2
| CML-H | R1 | 06-a5-02/20 | 000000fc | 00000100 | Core Gen10 Mobile
| CML-S102 | Q0 | 06-a5-05/22 | 000000fc | 00000100 | Core Gen10
| CML-S62 | G1 | 06-a5-03/22 | 000000fc | 00000100 | Core Gen10
| CML-U42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile
| CML-U62 V1 | A0 | 06-a6-00/80 | 000000fe | 00000102 | Core Gen10 Mobile
| CML-U62 V2 | K1 | 06-a6-01/80 | 000000fc | 00000100 | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen10 Mobile
| CPX-SP | A1 | 06-55-0b/bf | 07002904 | 07002b01 | Xeon Scalable Gen3
| EMR-SP | A1 | 06-cf-02/87 | 21000291 | 210002a9 | Xeon Scalable Gen5
| GLK-R | R0 | 06-7a-08/01 | 00000024 | 00000026 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| ICL-D | B0 | 06-6c-01/10 | 010002c0 | 010002d0 | Xeon D-17xx, D-27xx
| ICL-U/Y | D1 | 06-7e-05/80 | 000000c6 | 000000ca | Core Gen10 Mobile
| ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003f5 | 0d000404 | Xeon Scalable Gen3
| MTL | C0 | 06-aa-04/e6 | 00000020 | 00000024 | Core Ultra Processor
| RKL-S | B0 | 06-a7-01/02 | 00000063 | 00000064 | Core Gen11
| RPL-E/HX/S | B0 | 06-b7-01/32 | 0000012c | 0000012f | Core Gen13/Gen14
| RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004124 | 00004128 | Core Gen13
| RPL-HX/S | C0 | 06-bf-02/07 | 00000038 | 0000003a | Core Gen13/Gen14
| RPL-S | H0 | 06-bf-05/07 | 00000038 | 0000003a | Core Gen13/Gen14
| RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004124 | 00004128 | Core Gen13
| SPR-HBM | Bx | 06-8f-08/10 | 2c0003e0 | 2c0003f7 | Xeon Max
| SPR-SP | E4/S2 | 06-8f-07/87 | 2b000620 | 2b000639 | Xeon Scalable Gen4
| SPR-SP | E5/S3 | 06-8f-08/87 | 2b000620 | 2b000639 | Xeon Scalable Gen4
| SRF-SP | C0 | 06-af-03/01 | 03000330 | 03000341 | Xeon 6700-Series Processors with E-Cores
| TGL | B0/B1 | 06-8c-01/80 | 000000b8 | 000000bc | Core Gen11 Mobile
| TGL-H | R0 | 06-8d-01/c2 | 00000052 | 00000056 | Core Gen11 Mobile
| TGL-R | C0 | 06-8c-02/c2 | 00000038 | 0000003c | Core Gen11 Mobile
| TWL | N0 | 06-be-00/19 | 0000001c | 0000001d | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E
| WHL-U | V0 | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen8 Mobile
ModerateSUSE bug 1243123CVE-2024-28956 at SUSECVE-2024-28956 at NVDCVE-2024-43420 at SUSECVE-2024-43420 at NVDCVE-2024-45332 at SUSECVE-2024-45332 at NVDCVE-2025-20012 at SUSECVE-2025-20012 at NVDCVE-2025-20054 at SUSECVE-2025-20054 at NVDCVE-2025-20103 at SUSECVE-2025-20103 at NVDCVE-2025-20623 at SUSECVE-2025-20623 at NVDCVE-2025-24495 at SUSECVE-2025-24495 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381).
- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835).
The following non-security bugs were fixed:
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)
- netfilter: ipset: Check and reject crazy /0 input parameters (git-fixes)
- netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function (git-fixes)
ImportantSUSE bug 1209547SUSE bug 1210647SUSE bug 1213167SUSE bug 1232649SUSE bug 1234381SUSE bug 1237159SUSE bug 1237312SUSE bug 1240213SUSE bug 1240218SUSE bug 1240227SUSE bug 1240835CVE-2017-5753 at SUSECVE-2017-5753 at NVDCVE-2023-2162 at SUSECVE-2023-2162 at NVDCVE-2023-3567 at SUSECVE-2023-3567 at NVDCVE-2023-52973 at SUSECVE-2023-52973 at NVDCVE-2023-52974 at SUSECVE-2023-52974 at NVDCVE-2023-53000 at SUSECVE-2023-53000 at NVDCVE-2024-53141 at SUSECVE-2024-53141 at NVDCVE-2025-21700 at SUSECVE-2025-21700 at NVDCVE-2025-21702 at SUSECVE-2025-21702 at NVDCVE-2025-22004 at SUSECVE-2025-22004 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-50200: selinux: Add boundary check in put_entry() (bsc#1245149).
ImportantSUSE bug 1205220SUSE bug 1212051SUSE bug 1240270SUSE bug 1245047SUSE bug 1245057SUSE bug 1245149CVE-2022-3903 at SUSECVE-2022-3903 at NVDCVE-2022-49937 at SUSECVE-2022-49937 at NVDCVE-2022-50067 at SUSECVE-2022-50067 at NVDCVE-2022-50200 at SUSECVE-2022-50200 at NVDCVE-2023-3111 at SUSECVE-2023-3111 at NVDCVE-2023-53032 at SUSECVE-2023-53032 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-50211: md-raid10: fix KASAN warning (bsc#1245140).
- CVE-2023-53117: fs: prevent out-of-bounds array speculation when closing a file descriptor (bsc#1242780).
- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863).
- CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1240799).
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245217).
- CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045).
- CVE-2025-38213: vgacon: Add check for vc_origin address range in vgacon_scroll() (bsc#1246037).
ImportantSUSE bug 1233551SUSE bug 1234863SUSE bug 1240799SUSE bug 1242780SUSE bug 1245140SUSE bug 1245217SUSE bug 1246037SUSE bug 1246045CVE-2022-50211 at SUSECVE-2022-50211 at NVDCVE-2023-53117 at SUSECVE-2023-53117 at NVDCVE-2024-53057 at SUSECVE-2024-53057 at NVDCVE-2024-53164 at SUSECVE-2024-53164 at NVDCVE-2025-21971 at SUSECVE-2025-21971 at NVDCVE-2025-38079 at SUSECVE-2025-38079 at NVDCVE-2025-38200 at SUSECVE-2025-38200 at NVDCVE-2025-38213 at SUSECVE-2025-38213 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for microcode_ctl fixes the following issues:
- Intel CPU Microcode was updated to the 20250812 release (bsc#1248438)
- CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access
- CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.
- CVE-2025-22889: Improper handling of overlap between protected memory ranges for some Intel Xeon 6 processor with Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-20053: Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel Xeon 6 processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2025-32086: Improperly implemented security check for standard in the DDRIO configuration for some Intel Xeon 6 Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
- Update for functional issues.
- Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ARL-H | A1 | 06-c5-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)
| ARL-S/HX (8P) | B0 | 06-c6-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2)
| EMR-SP | A1 | 06-cf-02/87 | 210002a9 | 210002b3 | Xeon Scalable Gen5
| GNR-AP/SP | B0 | 06-ad-01/95 | 010003a2 | 010003d0 | Xeon Scalable Gen6
| GNR-AP/SP | H0 | 06-ad-01/20 | 0a0000d1 | 0a000100 | Xeon Scalable Gen6
| ICL-D | B0 | 06-6c-01/10 | 010002d0 | 010002e0 | Xeon D-17xx, D-27xx
| ICX-SP | Dx/M1 | 06-6a-06/87 | 0d000404 | 0d000410 | Xeon Scalable Gen3
| LNL | B0 | 06-bd-01/80 | 0000011f | 00000123 | Core Ultra 200 V Series Processor
| MTL | C0 | 06-aa-04/e6 | 00000024 | 00000025 | Core™ Ultra Processor
| RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004128 | 00004129 | Core Gen13
| RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004128 | 00004129 | Core Gen13
| SPR-HBM | Bx | 06-8f-08/10 | 2c0003f7 | 2c000401 | Xeon Max
| SPR-SP | E4/S2 | 06-8f-07/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4
| SPR-SP | E5/S3 | 06-8f-08/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4
| SRF-SP | C0 | 06-af-03/01 | 03000341 | 03000362 | Xeon 6700-Series Processors with E-Cores
New Disclosures Updated in Prior Releases:
All ADL, RPL, SPR, EMR, MTL, ARL Microcode patches previously released in May 2025.
ImportantSUSE bug 1248438CVE-2025-20053 at SUSECVE-2025-20053 at NVDCVE-2025-20109 at SUSECVE-2025-20109 at NVDCVE-2025-22839 at SUSECVE-2025-22839 at NVDCVE-2025-22840 at SUSECVE-2025-22840 at NVDCVE-2025-22889 at SUSECVE-2025-22889 at NVDCVE-2025-26403 at SUSECVE-2025-26403 at NVDCVE-2025-32086 at SUSECVE-2025-32086 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for openssl1 fixes the following issues:
- CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap (bsc#1250232).
ImportantSUSE bug 1250232CVE-2025-9230 at SUSECVE-2025-9230 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2022-50116: Update config files. Disable N_GSM (bsc#1244824 jsc#PED-8240).
- CVE-2022-50252: igb: Do not free q_vector unless new one was allocated (bsc#1249846).
- CVE-2022-50381: MD: add rdev reference for super write (bsc#1250257).
- CVE-2022-50409: net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory (bsc#1250392).
- CVE-2023-53282: scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write (bsc#1250311).
- CVE-2023-53322: scsi: qla2xxx: Wait for io return on terminate rport (bsc#1250323).
- CVE-2023-53365: ip6mr: Fix skb_under_panic in ip6mr_cache_report() (bsc#1249988).
- CVE-2023-53395: ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer (bsc#1250358).
- CVE-2023-53705: ipv6: Fix out-of-bounds access in ipv6_find_tlv() (bsc#1252554).
- CVE-2023-53722: md: raid1: fix potential OOB in raid1_remove_disk() (bsc#1252499).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911).
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374).
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1248621).
- CVE-2025-38685: fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (bsc#1249220).
- CVE-2025-38713: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (bsc#1249200).
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
ImportantSUSE bug 1078788SUSE bug 1209291SUSE bug 1213666SUSE bug 1244824SUSE bug 1246911SUSE bug 1247374SUSE bug 1248621SUSE bug 1249200SUSE bug 1249220SUSE bug 1249604SUSE bug 1249808SUSE bug 1249846SUSE bug 1249880SUSE bug 1249988SUSE bug 1250257SUSE bug 1250311SUSE bug 1250323SUSE bug 1250358SUSE bug 1250392SUSE bug 1250522SUSE bug 1250742SUSE bug 1252035SUSE bug 1252499SUSE bug 1252554SUSE bug 963449CVE-2022-50116 at SUSECVE-2022-50116 at NVDCVE-2022-50252 at SUSECVE-2022-50252 at NVDCVE-2022-50272 at SUSECVE-2022-50272 at NVDCVE-2022-50381 at SUSECVE-2022-50381 at NVDCVE-2022-50409 at SUSECVE-2022-50409 at NVDCVE-2023-28328 at SUSECVE-2023-28328 at NVDCVE-2023-3772 at SUSECVE-2023-3772 at NVDCVE-2023-53147 at SUSECVE-2023-53147 at NVDCVE-2023-53282 at SUSECVE-2023-53282 at NVDCVE-2023-53322 at SUSECVE-2023-53322 at NVDCVE-2023-53365 at SUSECVE-2023-53365 at NVDCVE-2023-53395 at SUSECVE-2023-53395 at NVDCVE-2023-53705 at SUSECVE-2023-53705 at NVDCVE-2023-53722 at SUSECVE-2023-53722 at NVDCVE-2025-38352 at SUSECVE-2025-38352 at NVDCVE-2025-38498 at SUSECVE-2025-38498 at NVDCVE-2025-38617 at SUSECVE-2025-38617 at NVDCVE-2025-38685 at SUSECVE-2025-38685 at NVDCVE-2025-38713 at SUSECVE-2025-38713 at NVDCVE-2025-39973 at SUSECVE-2025-39973 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251786).
ImportantSUSE bug 1251786CVE-2023-53676 at SUSECVE-2023-53676 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-35863: smb: client: fix potential UAF in is_valid_oplock_break() (bsc#1224763).
- CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
- CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217).
- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235230).
- CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235430).
- CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645).
- CVE-2024-57850: jffs2: Prevent rtime decompress memory corruption (bsc#1235812).
- CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages (bsc#1235920).
ImportantSUSE bug 1224763SUSE bug 1234025SUSE bug 1234853SUSE bug 1234891SUSE bug 1234963SUSE bug 1235054SUSE bug 1235061SUSE bug 1235073SUSE bug 1235217SUSE bug 1235230SUSE bug 1235430SUSE bug 1235645SUSE bug 1235812SUSE bug 1235920CVE-2024-35863 at SUSECVE-2024-35863 at NVDCVE-2024-53104 at SUSECVE-2024-53104 at NVDCVE-2024-53173 at SUSECVE-2024-53173 at NVDCVE-2024-53239 at SUSECVE-2024-53239 at NVDCVE-2024-56539 at SUSECVE-2024-56539 at NVDCVE-2024-56548 at SUSECVE-2024-56548 at NVDCVE-2024-56600 at SUSECVE-2024-56600 at NVDCVE-2024-56601 at SUSECVE-2024-56601 at NVDCVE-2024-56605 at SUSECVE-2024-56605 at NVDCVE-2024-56650 at SUSECVE-2024-56650 at NVDCVE-2024-56759 at SUSECVE-2024-56759 at NVDCVE-2024-57850 at SUSECVE-2024-57850 at NVDCVE-2024-57893 at SUSECVE-2024-57893 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47110: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221532).
- CVE-2025-21738: ata: libata-sff: Ensure that we cannot write outside the allocated buffer (bsc#1238917).
- CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1257749).
- CVE-2026-23089: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (bsc#1257790).
- CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger (bsc#1258395).
The following non-security bugs were fixed:
- Disable CONFIG_NET_SCH_ATM (jsc#PED-12836).
ImportantSUSE bug 1221532SUSE bug 1238917SUSE bug 1257749SUSE bug 1257790SUSE bug 1258395CVE-2021-47110 at SUSECVE-2021-47110 at NVDCVE-2025-21738 at SUSECVE-2025-21738 at NVDCVE-2026-23074 at SUSECVE-2026-23074 at NVDCVE-2026-23089 at SUSECVE-2026-23089 at NVDCVE-2026-23191 at SUSECVE-2026-23191 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2023-54168: RDMA/mlx4: Prevent shift wrapping in set_user_sq_size() (bsc#1256053).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1253291 bsc#1253292).
- CVE-2025-40215: kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959).
ImportantSUSE bug 1207051SUSE bug 1253291SUSE bug 1253292SUSE bug 1254959SUSE bug 1256053SUSE bug 1256353CVE-2023-23559 at SUSECVE-2023-23559 at NVDCVE-2023-54110 at SUSECVE-2023-54110 at NVDCVE-2023-54168 at SUSECVE-2023-54168 at NVDCVE-2025-40018 at SUSECVE-2025-40018 at NVDCVE-2025-40215 at SUSECVE-2025-40215 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47633: ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 (bsc#1237768).
- CVE-2022-49545: ALSA: usb-audio: Cancel pending work at closing a MIDI substream (bsc#1238729).
- CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441).
- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).
- CVE-2025-21718: net: rose: fix timer races against user threads (bsc#1239073).
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238911).
ImportantSUSE bug 1197331SUSE bug 1203769SUSE bug 1235441SUSE bug 1237768SUSE bug 1238271SUSE bug 1238272SUSE bug 1238454SUSE bug 1238705SUSE bug 1238729SUSE bug 1238911SUSE bug 1239073SUSE bug 1239076CVE-2021-47633 at SUSECVE-2021-47633 at NVDCVE-2022-1048 at SUSECVE-2022-1048 at NVDCVE-2022-3303 at SUSECVE-2022-3303 at NVDCVE-2022-49272 at SUSECVE-2022-49272 at NVDCVE-2022-49288 at SUSECVE-2022-49288 at NVDCVE-2022-49291 at SUSECVE-2022-49291 at NVDCVE-2022-49545 at SUSECVE-2022-49545 at NVDCVE-2022-49733 at SUSECVE-2022-49733 at NVDCVE-2024-56658 at SUSECVE-2024-56658 at NVDCVE-2024-57996 at SUSECVE-2024-57996 at NVDCVE-2025-21718 at SUSECVE-2025-21718 at NVDCVE-2025-21772 at SUSECVE-2025-21772 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for openssl1 fixes the following issues:
- CVE-2025-68160: Heap out-of-bounds write in BIO_f_linebuffer on short writes (bsc#1256834).
- CVE-2025-69420: Missing ASN1_TYPE validation in TS_RESP_verify_response() function (bsc#1256837).
- CVE-2025-69421: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (bsc#1256838).
- CVE-2026-22796: ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (bsc#1256840).
ModerateSUSE bug 1256834SUSE bug 1256837SUSE bug 1256838SUSE bug 1256840CVE-2025-68160 at SUSECVE-2025-68160 at NVDCVE-2025-69420 at SUSECVE-2025-69420 at NVDCVE-2025-69421 at SUSECVE-2025-69421 at NVDCVE-2026-22796 at SUSECVE-2026-22796 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for ucode-intel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
This update for ucode-intel fixes the following issues:
- Intel CPU Microcode was updated to the 20260210 release (bsc#1258046)
- CVE-2024-24853: Updated fix for incorrect behavior order in transition
between executive monitor and SMI transfer monitor (STM) in some Intel(R)
Processor may allow a privileged user to potentially enable escalation
of privilege via local access. (bsc#1229129)
- CVE-2025-31648: Improper handling of values in the microcode flow for
some Intel Processor Family may allow an escalation of privilege. (bsc#1258046)
ImportantSUSE bug 1229129SUSE bug 1258046CVE-2024-24853 at SUSECVE-2024-24853 at NVDCVE-2025-31648 at SUSECVE-2025-31648 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2021-0920: net: split out functions related to registering inflight socket files (bsc#1193731).
- CVE-2025-38177: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1245986).
ImportantSUSE bug 1193731SUSE bug 1245986CVE-2021-0920 at SUSECVE-2021-0920 at NVDCVE-2025-38177 at SUSECVE-2025-38177 at NVDcpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4Security update for python-Jinja2 (Important)SUSE Linux Enterprise Server 11-PUBCLOUD
This update for python-Jinja2 fixes the following issues:
- CVE-2020-28493: Improve the speed of the 'urlize' filter by reducing regex
backtracking. Email matching requires a word character at the start of the
domain part, and only word characters in the TLD. (bsc#1181944)
ImportantSUSE bug 1181944CVE-2020-28493 at SUSECVE-2020-28493 at NVDSecurity update for python-azure-agent (Moderate)SUSE Linux Enterprise Server 11-PUBCLOUD
This update for python-azure-agent fixes the following issues:
+ Properly set the dhcp configuration to push the hostname to the DHCP
server (bsc#1173866)
+ Do not bring the interface down to push the hostname, just use ifup
+ Set the hostname using hostnamectl to ensure setting is properly applied
(bsc#1167601, bsc#1167602)
Update to version 2.2.45 (jsc#ECO-80)
+ Add support for Gen2 VM resource disks
+ Use alternate systemd detection
+ Fix /proc/net/route requirement that causes errors on FreeBSD
+ Add cloud-init auto-detect to prevent multiple provisioning mechanisms
from relying on configuration for coordination
+ Disable cgroups when daemon is setup incorrectly
+ Remove upgrade extension loop for the same goal state
+ Add container id for extension telemetry events
+ Be more exact when detecting IMDS service health
+ Changing add_event to start sending missing fields
ModerateSUSE bug 1061584SUSE bug 1074865SUSE bug 1087764SUSE bug 1092831SUSE bug 1094420SUSE bug 1119542SUSE bug 1127838SUSE bug 1167601SUSE bug 1167602SUSE bug 1173866SUSE bug 1175130SUSE bug 997614CVE-2019-0804 at SUSECVE-2019-0804 at NVDSecurity update for clamav (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for clamav fixes the following issues:
- CVE-2018-14679: Fixed off-by-one issue in embedded libmspack that could lead to denial of service (bsc#1103032).
- Update to 0.103.4 (bsc#1192346).
- Add documentation about max file size purpose and side effect in the 'clamscan' and 'clamdscan' manpages (bsc#1187509).
- Update to 0.103.3 (bsc#1188284).
ModerateSUSE bug 1103032SUSE bug 1187509SUSE bug 1188284SUSE bug 1192346CVE-2018-14679 at SUSECVE-2018-14679 at NVDcpe:/o:suse:sles:11:securitySecurity update for clamav (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for clamav fixes the following issues:
- CVE-2022-20698: Fixed invalid pointer read allowing denial of service crash. (bsc#1194731)
ImportantSUSE bug 1194731CVE-2022-20698 at SUSECVE-2022-20698 at NVDcpe:/o:suse:sles:11:securityOptional OpenSSL 1.0 versions of cyrus-sasl, libcurl4 and libldapSUSE Linux Enterprise Server 11-SECURITY
This update includes variants of existing libraries built against OpenSSL
1.0.
As OpenSSL 0.8.9j and OpenSSL 1.0.1 are not binary compatible, but have the
same function names, care must be taken that they are not loaded by the
same program.
As some system libraries also link against libssl.so or libcrypto.so, these
need to be available in variants linked against OpenSSL 1.0. These
libraries are installed below the /opt/suse/ directory hierarchy.
The version and the APIs of these 'shadow' libraries are exactly the same
as the versions in the system, and so are interchangeable.
For building your OpenSSL 1.0 enabled program, link using the linkflags
-L/opt/suse/lib64 -Wl, -rpath, /opt/suse/lib64 (on 32bit systems, use lib
instead of lib64).
This update provides variants for the OpenLDAP2 client, libcurl4 and
cyrus-sasl libraries.
Additionally, two bugs have been fixed in openldap2 regarding IPv6 support:
* tls_checkpeer does not work with IPv6 address as Subject Alternative
Name. (bnc#862623)
* getaddrinfo does not return if ldap is used for host lookups on IPv6
environments. (bnc#843697)
SUSE bug 843697SUSE bug 861014SUSE bug 862623SUSE bug 864912SUSE bug 868627SUSE bug 868629SUSE bug 870444CVE-2014-0138 at SUSECVE-2014-0138 at NVDCVE-2014-0139 at SUSECVE-2014-0139 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for curl fixes the following issues:
- CVE-2016-5419: TLS session resumption client cert bypass (bsc#991389)
- CVE-2016-5420: Re-using connections with wrong client cert (bsc#991390)
- CVE-2016-7141: Fixed incorrect reuse of client certificates (bsc#997420).
ModerateSUSE bug 991389SUSE bug 991390SUSE bug 997420CVE-2016-5419 at SUSECVE-2016-5419 at NVDCVE-2016-5420 at SUSECVE-2016-5420 at NVDCVE-2016-7141 at SUSECVE-2016-7141 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for curl fixes the following security issues:
- CVE-2016-8624: invalid URL parsing with '#' (bsc#1005646)
- CVE-2016-8623: Use-after-free via shared cookies (bsc#1005645)
- CVE-2016-8621: curl_getdate read out of bounds (bsc#1005642)
- CVE-2016-8619: double-free in krb5 code (bsc#1005638)
- CVE-2016-8618: double-free in curl_maprintf (bsc#1005637)
- CVE-2016-8617: OOB write via unchecked multiplication (bsc#1005635)
- CVE-2016-8616: case insensitive password comparison (bsc#1005634)
- CVE-2016-8615: cookie injection for other servers (bsc#1005633)
- CVE-2016-7167: escape and unescape integer overflows (bsc#998760)
ImportantSUSE bug 1005633SUSE bug 1005634SUSE bug 1005635SUSE bug 1005637SUSE bug 1005638SUSE bug 1005642SUSE bug 1005645SUSE bug 1005646SUSE bug 998760CVE-2016-7167 at SUSECVE-2016-7167 at NVDCVE-2016-8615 at SUSECVE-2016-8615 at NVDCVE-2016-8616 at SUSECVE-2016-8616 at NVDCVE-2016-8617 at SUSECVE-2016-8617 at NVDCVE-2016-8618 at SUSECVE-2016-8618 at NVDCVE-2016-8619 at SUSECVE-2016-8619 at NVDCVE-2016-8620 at SUSECVE-2016-8620 at NVDCVE-2016-8621 at SUSECVE-2016-8621 at NVDCVE-2016-8622 at SUSECVE-2016-8622 at NVDCVE-2016-8623 at SUSECVE-2016-8623 at NVDCVE-2016-8624 at SUSECVE-2016-8624 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for curl fixes the following issues:
These security issues were fixed:
- CVE-2016-9586: libcurl printf floating point buffer overflow (bsc#1015332)
- CVE-2017-7407: The ourWriteOut function in tool_writeout.c in curl might have allowed physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which lead to a heap-based buffer over-read (bsc#1032309).
ModerateSUSE bug 1015332SUSE bug 1032309CVE-2016-9586 at SUSECVE-2016-9586 at NVDCVE-2017-7407 at SUSECVE-2017-7407 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for curl fixes the following issues:
- CVE-2017-1000100: TFP sends more than buffer size and it could lead to a denial of service (bsc#1051644)
- CVE-2017-7407: ourWriteOut function problem could lead to a heap buffer over-read (bsc#1032309)
- CVE-2016-9586: libcurl printf issue could lead to buffer overflow (bsc#1015332)
ModerateSUSE bug 1015332SUSE bug 1032309SUSE bug 1051644CVE-2016-9586 at SUSECVE-2016-9586 at NVDCVE-2017-1000100 at SUSECVE-2017-1000100 at NVDCVE-2017-7407 at SUSECVE-2017-7407 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for curl fixes the following security issues:
- CVE-2017-1000254: FTP PWD response parser out of bounds read (bsc#1061876)
ModerateSUSE bug 1061876CVE-2017-1000254 at SUSECVE-2017-1000254 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for curl several issues.
This security issue was fixed:
- CVE-2018-1000007: Prevent leaking authentication data to third parties when following redirects (bsc#1077001)
This non-security issue was fixed:
- Set DEFAULT_SUSE as the default cipher list (bsc#1027712]
ModerateSUSE bug 1027712SUSE bug 1077001CVE-2016-7141 at SUSECVE-2016-7141 at NVDCVE-2018-1000007 at SUSECVE-2018-1000007 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for curl fixes the following issues:
curl was updated to version 7.37.0 (fate#325339 bsc#1084137)
This update syncs the curl version to the one in SUSE Linux Enterprise 12
and is full binary compatible to the previous version.
This update is done to allow other third party software like 'R' to
be able to be used on the SUSE Linux Enterprise 11 codebase.
Following security issues were fixed:
- CVE-2018-1000120: A buffer overflow exists in the FTP URL handling that allowed an attacker to cause a denial of service or possible code execution (bsc#1084521).
- CVE-2018-1000121: A NULL pointer dereference exists in the LDAP code that allowed an attacker to cause a denial of service (bsc#1084524).
- CVE-2018-1000122: A buffer over-read exists in the RTSP+RTP handling code that allowed an attacker to cause a denial of service or information leakage (bsc#1084532).
The package also requires a libopenssl that implements the DEFAULT_SUSE cipher list
(bsc#1081056, bsc#1083463,bsc#1086825)
ModerateSUSE bug 1081056SUSE bug 1083463SUSE bug 1084137SUSE bug 1084521SUSE bug 1084524SUSE bug 1084532SUSE bug 1085124SUSE bug 1086825SUSE bug 1087922SUSE bug 1090194CVE-2018-1000120 at SUSECVE-2018-1000120 at NVDCVE-2018-1000121 at SUSECVE-2018-1000121 at NVDCVE-2018-1000122 at SUSECVE-2018-1000122 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for curl fixes the following issues:
- CVE-2018-1000301: Fixed a buffer over-read caused by bad RTSP headers (bsc#1092098)
ModerateSUSE bug 1092098CVE-2018-1000301 at SUSECVE-2018-1000301 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for curl fixes the following issues:
- CVE-2018-14618: Prevent integer overflow in the NTLM authentication code
(bsc#1106019).
ModerateSUSE bug 1106019CVE-2018-14618 at SUSECVE-2018-14618 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for curl fixes the following issues:
- CVE-2018-16840: A use-after-free in SASL handle close was fixed (bsc#1112758)
- CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660)
ModerateSUSE bug 1112758SUSE bug 1113660CVE-2018-16840 at SUSECVE-2018-16840 at NVDCVE-2018-16842 at SUSECVE-2018-16842 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for curl fixes the following issues:
Security issue fixed:
- CVE-2019-5436: Fixed a heap buffer overflow exists in tftp_receive_packet that receives data from a TFTP server (bsc#1135170).
ImportantSUSE bug 1135170CVE-2019-5436 at SUSECVE-2019-5436 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for curl fixes the following issues:
Security issue fixed:
- CVE-2019-5482: Fixed a TFTP small blocksize heap buffer overflow (bsc#1149496).
ImportantSUSE bug 1149496CVE-2019-5482 at SUSECVE-2019-5482 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for curl fixes the following issues:
- CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious
server to overwrite a local file when using the -J option (bsc#1173027).
ImportantSUSE bug 1173027CVE-2020-8177 at SUSECVE-2020-8177 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for curl fixes the following issues:
- An application that performs multiple requests with libcurl's
multi API and sets the 'CURLOPT_CONNECT_ONLY' option, might in
rare circumstances experience that when subsequently using the
setup connect-only transfer, libcurl will pick and use the wrong
connection and instead pick another one the application has
created since then. [bsc#1175109, CVE-2020-8231]
ModerateSUSE bug 1175109CVE-2020-8231 at SUSECVE-2020-8231 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for curl fixes the following issues:
- CVE-2020-8284: Fixed an issue where a malicious FTP server could make curl connect to a different IP (bsc#1179398).
- CVE-2020-8285: Fixed an FTP wildcard stack overflow (bsc#1179399).
ModerateSUSE bug 1179398SUSE bug 1179399CVE-2020-8284 at SUSECVE-2020-8284 at NVDCVE-2020-8285 at SUSECVE-2020-8285 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for curl fixes the following issues:
- CVE-2021-22876: Fixed an issue where the automatic referer was leaking credentials (bsc#1183933).
ModerateSUSE bug 1183933CVE-2021-22876 at SUSECVE-2021-22876 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for curl fixes the following issues:
- CVE-2021-22898: Fixed curl TELNET stack contents disclosure (bsc#1186114).
ModerateSUSE bug 1186114CVE-2021-22898 at SUSECVE-2021-22898 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for curl fixes the following issues:
- CVE-2021-22898: Fixed curl TELNET stack contents disclosure (bsc#1186114).
ModerateSUSE bug 1186114CVE-2021-22898 at SUSECVE-2021-22898 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for curl fixes the following issues:
- CVE-2021-22925: TELNET stack contents disclosure again. (bsc#1188220)
- CVE-2021-22924: Bad connection reuse due to flawed path name checks. (bsc#1188219)
- CVE-2021-22923: Insufficiently Protected Credentials. (bsc#1188218)
- CVE-2021-22922: Wrong content via metalink not discarded. (bsc#1188217)
ModerateSUSE bug 1188217SUSE bug 1188218SUSE bug 1188219SUSE bug 1188220CVE-2021-22922 at SUSECVE-2021-22922 at NVDCVE-2021-22923 at SUSECVE-2021-22923 at NVDCVE-2021-22924 at SUSECVE-2021-22924 at NVDCVE-2021-22925 at SUSECVE-2021-22925 at NVDcpe:/o:suse:sles:11:securitySecurity update for curl (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for curl fixes the following issues:
- CVE-2021-22947: Fixed STARTTLS protocol injection via MITM (bsc#1190374).
- CVE-2021-22946: Fixed protocol downgrade required TLS bypassed (bsc#1190373).
ModerateSUSE bug 1190373SUSE bug 1190374CVE-2021-22946 at SUSECVE-2021-22946 at NVDCVE-2021-22947 at SUSECVE-2021-22947 at NVDcpe:/o:suse:sles:11:securitySecurity update for curlSUSE Linux Enterprise Server 11-SECURITY
This update fixes the following security issues:
*
CVE-2014-8150: URL request injection (bnc#911363)
When libcurl sends a request to a server via a HTTP proxy, it copies
the entire URL into the request and sends if off.
If the given URL contains line feeds and carriage returns those will
be sent along to the proxy too, which allows the program to for
example send a separate HTTP request injected embedded in the URL.
*
CVE-2014-3707: duphandle read out of bounds (bnc#901924)
*
CVE-2014-3613: libcurl cookie leaks (bnc#894575)
Additional bug fixed:
* curl_multi_remove_handle: don't crash on multiple removes
(bnc#897816)
Security Issues:
* CVE-2014-8150
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150>
* CVE-2014-3613
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613>
* CVE-2014-3707
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3707>
SUSE bug 870444SUSE bug 884698SUSE bug 885302SUSE bug 894575SUSE bug 897816SUSE bug 901924SUSE bug 911363CVE-2014-3613 at SUSECVE-2014-3613 at NVDCVE-2014-3707 at SUSECVE-2014-3707 at NVDCVE-2014-8150 at SUSECVE-2014-8150 at NVDcpe:/o:suse:sles:11:securitySecurity update for cyrus-sasl (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for cyrus-sasl fixes the following issues:
- CVE-2019-19906: Fixed an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet (bsc#1159635).
ImportantSUSE bug 1159635CVE-2019-19906 at SUSECVE-2019-19906 at NVDcpe:/o:suse:sles:11:securitySecurity update for cyrus-sasl (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for cyrus-sasl fixes the following issues:
- CVE-2022-24407: Fixed SQL injection in sql_auxprop_store in plugins/sql.c (bsc#1196036).
ImportantSUSE bug 1196036CVE-2022-24407 at SUSECVE-2022-24407 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssl1SUSE Linux Enterprise Server 11-SECURITY
This OpenSSL update fixes the following issues:
* SRTP Memory Leak (CVE-2014-3513)
* Session Ticket Memory Leak (CVE-2014-3567)
* Build option no-ssl3 is incomplete (CVE-2014-3568)
* Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE)
Security Issues:
* CVE-2014-3513
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513>
* CVE-2014-3567
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567>
* CVE-2014-3566
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566>
* CVE-2014-3568
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568>
SUSE bug 860332SUSE bug 861014SUSE bug 864912SUSE bug 869945SUSE bug 872299SUSE bug 873351SUSE bug 876282SUSE bug 880891SUSE bug 889812SUSE bug 890764SUSE bug 890767SUSE bug 890768SUSE bug 890769SUSE bug 890770SUSE bug 901223SUSE bug 901277SUSE bug 906878SUSE bug 912014SUSE bug 912015SUSE bug 912018SUSE bug 912292SUSE bug 912293SUSE bug 912294SUSE bug 912296SUSE bug 919648SUSE bug 920236SUSE bug 922488SUSE bug 922496SUSE bug 922499SUSE bug 922500SUSE bug 922501SUSE bug 923384SUSE bug 929678SUSE bug 931698SUSE bug 933911SUSE bug 934487SUSE bug 934489SUSE bug 934491SUSE bug 934493SUSE bug 934494CVE-2010-5298 at SUSECVE-2010-5298 at NVDCVE-2014-0160 at SUSECVE-2014-0160 at NVDCVE-2014-0195 at SUSECVE-2014-0195 at NVDCVE-2014-0198 at SUSECVE-2014-0198 at NVDCVE-2014-0221 at SUSECVE-2014-0221 at NVDCVE-2014-0224 at SUSECVE-2014-0224 at NVDCVE-2014-3470 at SUSECVE-2014-3470 at NVDCVE-2014-3505 at SUSECVE-2014-3505 at NVDCVE-2014-3506 at SUSECVE-2014-3506 at NVDCVE-2014-3507 at SUSECVE-2014-3507 at NVDCVE-2014-3508 at SUSECVE-2014-3508 at NVDCVE-2014-3509 at SUSECVE-2014-3509 at NVDCVE-2014-3510 at SUSECVE-2014-3510 at NVDCVE-2014-3511 at SUSECVE-2014-3511 at NVDCVE-2014-3512 at SUSECVE-2014-3512 at NVDCVE-2014-3513 at SUSECVE-2014-3513 at NVDCVE-2014-3566 at SUSECVE-2014-3566 at NVDCVE-2014-3567 at SUSECVE-2014-3567 at NVDCVE-2014-3568 at SUSECVE-2014-3568 at NVDCVE-2014-3570 at SUSECVE-2014-3570 at NVDCVE-2014-3571 at SUSECVE-2014-3571 at NVDCVE-2014-3572 at SUSECVE-2014-3572 at NVDCVE-2014-5139 at SUSECVE-2014-5139 at NVDCVE-2014-8176 at SUSECVE-2014-8176 at NVDCVE-2014-8275 at SUSECVE-2014-8275 at NVDCVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0205 at SUSECVE-2015-0205 at NVDCVE-2015-0206 at SUSECVE-2015-0206 at NVDCVE-2015-0209 at SUSECVE-2015-0209 at NVDCVE-2015-0286 at SUSECVE-2015-0286 at NVDCVE-2015-0287 at SUSECVE-2015-0287 at NVDCVE-2015-0288 at SUSECVE-2015-0288 at NVDCVE-2015-0289 at SUSECVE-2015-0289 at NVDCVE-2015-0292 at SUSECVE-2015-0292 at NVDCVE-2015-0293 at SUSECVE-2015-0293 at NVDCVE-2015-1788 at SUSECVE-2015-1788 at NVDCVE-2015-1789 at SUSECVE-2015-1789 at NVDCVE-2015-1790 at SUSECVE-2015-1790 at NVDCVE-2015-1791 at SUSECVE-2015-1791 at NVDCVE-2015-1792 at SUSECVE-2015-1792 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles:11:securityRecommended update for openldap2 (Moderate)SUSE Linux Enterprise Server 11-SECURITY
openldap2 was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-4000: The Logjam Attack / weakdh.org (bsc#937766).
This non-security issue was fixed:
- bsc#932773: ldapmodify failed with DOS format LDIF files containing '-' separator.
ModerateSUSE bug 924496SUSE bug 932773SUSE bug 937766CVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles:11:securitySecurity update for openldap2 (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openldap2 fixes the following issues:
- CVE-2019-13565: Fixed an authentication bypass caused by incorrect authorization of another connection, granting excess connection rights (bsc#1143194).
- CVE-2019-13057: Fixed an issue with improper authorization with delegated database admin privileges (bsc#1143273).
ImportantSUSE bug 1143194SUSE bug 1143273CVE-2019-13057 at SUSECVE-2019-13057 at NVDCVE-2019-13565 at SUSECVE-2019-13565 at NVDcpe:/o:suse:sles:11:securitySecurity update for openldap2 (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openldap2 fixes the following issues:
- CVE-2020-12243: Fixed a denial of service related to recursive filters (bsc#1170771).
ImportantSUSE bug 1170771CVE-2020-12243 at SUSECVE-2020-12243 at NVDcpe:/o:suse:sles:11:securitySecurity update for openldap2 (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openldap2 fixes the following issues:
- CVE-2020-8023: Fixed a potential local privilege escalation from ldap to root when OPENLDAP_CONFIG_BACKEND='ldap' was used (bsc#1172698).
ImportantSUSE bug 1172698CVE-2020-8023 at SUSECVE-2020-8023 at NVDcpe:/o:suse:sles:11:securitySecurity update for openldap2 (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openldap2 fixes the following issues:
- CVE-2020-25692: Fixed an unauthenticated remote denial of service due to incorrect validation of modrdn equality rules (bsc#1178387).
ImportantSUSE bug 1178387CVE-2020-25692 at SUSECVE-2020-25692 at NVDcpe:/o:suse:sles:11:securitySecurity update for openldap2 (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for openldap2 fixes the following issues:
- CVE-2020-25709: Fixed a crash caused by specially crafted network traffic (bsc#1178909).
- CVE-2020-25710: Fixed a crash caused by specially crafted network traffic (bsc#1178909).
ModerateSUSE bug 1178909CVE-2020-25709 at SUSECVE-2020-25709 at NVDCVE-2020-25710 at SUSECVE-2020-25710 at NVDcpe:/o:suse:sles:11:securitySecurity update for openldap2 (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openldap2 fixes the following issues:
- bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the
X.509 DN parsing in decode.c ber_next_element, resulting in denial
of service.
- bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN
parsing in ad_keystring, resulting in denial of service.
- bsc#1182412 CVE-2020-36228 - integer underflow leading to crash
in the Certificate List Exact Assertion processing, resulting in
denial of service.
- bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the
cancel_extop Cancel operation, resulting in denial of service.
- bsc#1182416 CVE-2020-36225 - double free and slapd crash in the
saslAuthzTo processing, resulting in denial of service.
- bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash
in the saslAuthzTo processing, resulting in denial of service.
- bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd
crash in the saslAuthzTo processing, resulting in denial of service.
- bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the
saslAuthzTo validation, resulting in denial of service.
- bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact
Assertion processing, resulting in denial of service (schema_init.c
serialNumberAndIssuerCheck).
- bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter
control handling, resulting in denial of service (double free and
out-of-bounds read).
- bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur
in the issuerAndThisUpdateCheck function via a crafted packet,
resulting in a denial of service (daemon exit) via a short timestamp.
This is related to schema_init.c and checkTime.
- resynchronise changelogs with subpackages (bsc#1184020).
ImportantSUSE bug 1182279SUSE bug 1182408SUSE bug 1182411SUSE bug 1182412SUSE bug 1182413SUSE bug 1182415SUSE bug 1182416SUSE bug 1182417SUSE bug 1182418SUSE bug 1182419SUSE bug 1182420SUSE bug 1184020CVE-2020-36221 at SUSECVE-2020-36221 at NVDCVE-2020-36222 at SUSECVE-2020-36222 at NVDCVE-2020-36223 at SUSECVE-2020-36223 at NVDCVE-2020-36224 at SUSECVE-2020-36224 at NVDCVE-2020-36225 at SUSECVE-2020-36225 at NVDCVE-2020-36226 at SUSECVE-2020-36226 at NVDCVE-2020-36227 at SUSECVE-2020-36227 at NVDCVE-2020-36228 at SUSECVE-2020-36228 at NVDCVE-2020-36229 at SUSECVE-2020-36229 at NVDCVE-2020-36230 at SUSECVE-2020-36230 at NVDCVE-2021-27212 at SUSECVE-2021-27212 at NVDcpe:/o:suse:sles:11:securitySecurity update for openldap2SUSE Linux Enterprise Server 11-SECURITY
openldap2 was updated to fix three security issues and one non-security
bug.
The following vulnerabilities were fixed:
* A remote attacker could cause a denial of service (slapd crash) by
unbinding immediately after a search request. (bnc#846389,
CVE-2013-4449)
* A remote attacker could cause a denial of service through a NULL
pointer dereference and crash via an empty attribute list in a deref
control in a search request. (bnc#916897, CVE-2015-1545)
* A remote attacker could cause a denial of service (crash) via a
crafted search query with a matched values control. (bnc#916914,
CVE-2015-1546)
The following non-security bug was fixed:
* Prevent connection-0 (internal connection) from showing up in the
monitor back-end. (bnc#905959)
Security Issues:
* CVE-2015-1546
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1546>
* CVE-2015-1545
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1545>
* CVE-2013-4449
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4449>
SUSE bug 846389SUSE bug 905959SUSE bug 916897SUSE bug 916914CVE-2013-4449 at SUSECVE-2013-4449 at NVDCVE-2015-1545 at SUSECVE-2015-1545 at NVDCVE-2015-1546 at SUSECVE-2015-1546 at NVDcpe:/o:suse:sles:11:securitySecurity update for openldap2 (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update fixes the following security issue:
- CVE-2015-6908. Passing a crafted packet to the function ber_get_next(),
an attacker may cause a remote denial of service, crashing the OpenLDAP server (bsc#945582).
ModerateSUSE bug 945582CVE-2015-6908 at SUSECVE-2015-6908 at NVDcpe:/o:suse:sles:11:securitySecurity update for openslp (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openslp fixes the following issues:
- CVE-2017-17833: Prevent heap-related memory corruption issue which may have
manifested itself as a denial-of-service or a remote code-execution
vulnerability (bsc#1090638).
ImportantSUSE bug 1090638CVE-2017-17833 at SUSECVE-2017-17833 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssh-openssl1 (Critical)SUSE Linux Enterprise Server 11-SECURITY
This update for openssh-openssl1 fixes the following issues:
- CVE-2016-0777: A malicious or compromised server could cause the OpenSSH client to expose part or all of the client's private key through the roaming feature (bsc#961642)
- CVE-2016-0778: A malicious or compromised server could could trigger a buffer overflow in the OpenSSH client through the roaming feature (bsc#961645)
This update disables the undocumented feature supported by the OpenSSH client and a commercial SSH server.
CriticalSUSE bug 961642SUSE bug 961645CVE-2016-0777 at SUSECVE-2016-0777 at NVDCVE-2016-0778 at SUSECVE-2016-0778 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssh-openssl1 (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for openssh-openssl1 fixes the following issues:
Security issues fixed:
- CVE-2016-6210: Prevent user enumeration through the timing of password
processing (bsc#989363)
- CVE-2016-6515: limit accepted password length (prevents possible DoS)
(bsc#992533)
- CVE-2016-3115: Sanitise input for xauth(1) (bsc#970632)
- CVE-2016-1908: prevent X11 SECURITY circumvention when forwarding X11
connections (bsc#962313)
- CVE-2015-8325: ignore PAM environment when using login (bsc#975865)
- Disable DH parameters under 2048 bits by default and allow
lowering the limit back to the RFC 4419 specified minimum
through an option (bsc#932483, bsc#948902)
- Allow lowering the DH groups parameter limit in server as well
as when GSSAPI key exchange is used (bsc#948902)
Bugs fixed:
- avoid complaining about unset DISPLAY variable (bsc#981654)
- Correctly parse GSSAPI KEX algorithms (bsc#961368)
- more verbose FIPS mode/CC related documentation in README.FIPS
(bsc#965576, bsc#960414)
- fix PRNG re-seeding (bsc#960414, bsc#729190)
- Allow empty Match blocks (bsc#961494)
ModerateSUSE bug 729190SUSE bug 932483SUSE bug 948902SUSE bug 960414SUSE bug 961368SUSE bug 961494SUSE bug 962313SUSE bug 965576SUSE bug 970632SUSE bug 975865SUSE bug 981654SUSE bug 989363SUSE bug 992533CVE-2015-8325 at SUSECVE-2015-8325 at NVDCVE-2016-1908 at SUSECVE-2016-1908 at NVDCVE-2016-3115 at SUSECVE-2016-3115 at NVDCVE-2016-6210 at SUSECVE-2016-6210 at NVDCVE-2016-6515 at SUSECVE-2016-6515 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssh-openssl1 (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for openssh-openssl1 fixes the following issues:
- Properly verify CIDR masks in configuration (bsc#1005893)
- CVE-2016-10009: limit directories for loading PKCS11 modules (bsc#1016366)
- CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege
process handling authentication (bsc#1016369)
- CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480)
- fix suggested command for removing conflicting server keys from
the known_hosts file (bsc#1006221)
ModerateSUSE bug 1005480SUSE bug 1005893SUSE bug 1006221SUSE bug 1016366SUSE bug 1016369CVE-2016-10009 at SUSECVE-2016-10009 at NVDCVE-2016-10011 at SUSECVE-2016-10011 at NVDCVE-2016-8858 at SUSECVE-2016-8858 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssh-openssl1 (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openssh-openssl1 fixes the following issues:
These security issues were fixed:
- CVE-2016-10708: Prevent NULL pointer dereference via an out-of-sequence
NEWKEYS message allowed remote attackers to cause a denial of service
(bsc#1076957).
- CVE-2017-15906: The process_open function did not properly prevent write
operations in readonly mode, which allowed attackers to create zero-length
files (bsc#1065000).
- CVE-2016-10012: The shared memory manager (associated with pre-authentication
compression) did not ensure that a bounds check is enforced by all compilers,
which might have allowed local users to gain privileges by leveraging access to
a sandboxed privilege-separation process, related to the m_zback and m_zlib
data structures (bsc#1016370).
- CVE-2008-1483: Prevent local users from hijacking forwarded X connections by
causing ssh to set DISPLAY to :10, even when another process is listening on
the associated port. This problem was reontroduced by another patch and was
previously fixed by another update (bsc#1069509).
These non-security issues were fixed:
- Remove duplicate KEX method (bsc#1053972)
- New switch for printing diagnostic messages in sftp client's batch mode (bsc#1023275)
- Enable case-insensitive hostname matching (bsc#1017099)
ImportantSUSE bug 1016370SUSE bug 1017099SUSE bug 1023275SUSE bug 1053972SUSE bug 1065000SUSE bug 1069509SUSE bug 1076957CVE-2008-1483 at SUSECVE-2008-1483 at NVDCVE-2016-10012 at SUSECVE-2016-10012 at NVDCVE-2016-10708 at SUSECVE-2016-10708 at NVDCVE-2017-15906 at SUSECVE-2017-15906 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssh-openssl1 (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for openssh-openssl1 fixes the following issues:
Security issues fixed:
- CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to treat such a username enumeration (or 'oracle') as a vulnerability. (bsc#1106163)
- CVE-2018-15473: OpenSSH was prone to a user existance oracle vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. (bsc#1105010)
Following non-security issues were fixed:
- Fix for sftp client because it returns wrong error code upon failure (bsc#1091396)
- Stop leaking File descriptors (bsc#964336)
ModerateSUSE bug 1091396SUSE bug 1105010SUSE bug 1106163SUSE bug 964336CVE-2018-15473 at SUSECVE-2018-15473 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssh-openssl1 (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openssh-openssl1 fixes the following issues:
- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).
ImportantSUSE bug 1190975CVE-2021-41617 at SUSECVE-2021-41617 at NVDcpe:/o:suse:sles:11:securityRecommended update for openssl1 (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This openssl update fixes a regression caused by the patch for CVE-2015-0287, which
could cause DSA keys not be correctly loaded from disk. (bsc#937492)
ModerateSUSE bug 937492CVE-2015-0287 at SUSECVE-2015-0287 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssl (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for openssl fixes the following issues:
Security fixes:
- CVE-2015-3194: The signature verification routines will crash with a
NULL pointer dereference if presented with an ASN.1 signature using the
RSA PSS algorithm and absent mask generation function parameter. Since
these routines are used to verify certificate signature algorithms
this can be used to crash any certificate verification operation and
exploited in a DoS attack. Any application which performs certificate
verification is vulnerable including OpenSSL clients and servers which
enable client authentication. (bsc#957815)
- CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure OpenSSL would leak
memory. This structure is used by the PKCS#7 and CMS routines so any
application which reads PKCS#7 or CMS data from untrusted sources is affected.
SSL/TLS is not affected. (bsc#957812)
- CVE-2015-3196: If PSK identity hints are received by a multi-threaded client then
the values were wrongly updated in the parent SSL_CTX structure. This could
result in a race condition potentially leading to a double free of the
identify hint data. (bsc#957813)
Non security bugs fixed:
- Improve S/390 performance on IBM z196 and z13 (bsc#954256)
- Add support for 'ciphers' providing no encryption (bsc#937085)
ModerateSUSE bug 937085SUSE bug 954256SUSE bug 957812SUSE bug 957813SUSE bug 957815CVE-2015-3194 at SUSECVE-2015-3194 at NVDCVE-2015-3195 at SUSECVE-2015-3195 at NVDCVE-2015-3196 at SUSECVE-2015-3196 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssl (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openssl fixes various security issues and bugs:
Security issues fixed:
- CVE-2016-0800 aka the 'DROWN' attack (bsc#968046):
OpenSSL was vulnerable to a cross-protocol attack that could lead to
decryption of TLS sessions by using a server supporting SSLv2 and
EXPORT cipher suites as a Bleichenbacher RSA padding oracle.
This update changes the openssl library to:
* Disable SSLv2 protocol support by default.
This can be overridden by setting the environment variable
'OPENSSL_ALLOW_SSL2' or by using SSL_CTX_clear_options using the
SSL_OP_NO_SSLv2 flag.
Note that various services and clients had already disabled SSL
protocol 2 by default previously.
* Disable all weak EXPORT ciphers by default. These can be reenabled
if required by old legacy software using the environment variable
'OPENSSL_ALLOW_EXPORT'.
- CVE-2016-0702 aka the 'CacheBleed' attack. (bsc#968050)
Various changes in the modular exponentation code were added that
make sure that it is not possible to recover RSA secret keys by
analyzing cache-bank conflicts on the Intel Sandy-Bridge microarchitecture.
Note that this was only exploitable if the malicious code was running
on the same hyper threaded Intel Sandy Bridge processor as the victim
thread performing decryptions.
- CVE-2016-0705 (bnc#968047):
A double free() bug in the DSA ASN1 parser code was fixed that could
be abused to facilitate a denial-of-service attack.
- CVE-2016-0797 (bnc#968048):
The BN_hex2bn() and BN_dec2bn() functions had a bug that could result
in an attempt to de-reference a NULL pointer leading to crashes.
This could have security consequences if these functions were ever
called by user applications with large untrusted hex/decimal data. Also,
internal usage of these functions in OpenSSL uses data from config files
or application command line arguments. If user developed applications
generated config file data based on untrusted data, then this could
have had security consequences as well.
- CVE-2016-0798 (bnc#968265)
The SRP user database lookup method SRP_VBASE_get_by_user() had a memory
leak that attackers could abuse to facility DoS attacks. To mitigate
the issue, the seed handling in SRP_VBASE_get_by_user() was disabled
even if the user has configured a seed. Applications are advised to
migrate to SRP_VBASE_get1_by_user().
- CVE-2016-0799 (bnc#968374)
On many 64 bit systems, the internal fmtstr() and doapr_outch()
functions could miscalculate the length of a string and attempt to
access out-of-bounds memory locations. These problems could have
enabled attacks where large amounts of untrusted data is passed to
the BIO_*printf functions. If applications use these functions in
this way then they could have been vulnerable. OpenSSL itself uses
these functions when printing out human-readable dumps of ASN.1
data. Therefore applications that print this data could have been
vulnerable if the data is from untrusted sources. OpenSSL command line
applications could also have been vulnerable when they print out ASN.1
data, or if untrusted data is passed as command line arguments. Libssl
is not considered directly vulnerable.
- CVE-2015-3197 (bsc#963415):
The SSLv2 protocol did not block disabled ciphers.
Note that the March 1st 2016 release also references following CVEs
that were fixed by us with CVE-2015-0293 in 2015:
- CVE-2016-0703 (bsc#968051): This issue only affected versions of
OpenSSL prior to March 19th 2015 at which time the code was refactored
to address vulnerability CVE-2015-0293. It would have made the above
'DROWN' attack much easier.
- CVE-2016-0704 (bsc#968053): 'Bleichenbacher oracle in SSLv2'
This issue only affected versions of OpenSSL prior to March 19th
2015 at which time the code was refactored to address vulnerability
CVE-2015-0293. It would have made the above 'DROWN' attack much easier.
Bugs fixed:
- Avoid running OPENSSL_config twice. This avoids breaking
engine loading. (bsc#952871)
ImportantSUSE bug 952871SUSE bug 963415SUSE bug 968046SUSE bug 968047SUSE bug 968048SUSE bug 968050SUSE bug 968051SUSE bug 968053SUSE bug 968265SUSE bug 968374CVE-2015-3197 at SUSECVE-2015-3197 at NVDCVE-2016-0702 at SUSECVE-2016-0702 at NVDCVE-2016-0703 at SUSECVE-2016-0703 at NVDCVE-2016-0704 at SUSECVE-2016-0704 at NVDCVE-2016-0705 at SUSECVE-2016-0705 at NVDCVE-2016-0797 at SUSECVE-2016-0797 at NVDCVE-2016-0798 at SUSECVE-2016-0798 at NVDCVE-2016-0799 at SUSECVE-2016-0799 at NVDCVE-2016-0800 at SUSECVE-2016-0800 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssl1 (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openssl1 fixes the following issues:
Security issues fixed:
- CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)
- CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (bsc#977616)
- CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)
- CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)
- CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)
Bugs fixed:
- bsc#971354: libopenssl1_0_0 now Recommends: openssl1 to get correct SSL Root
Certificate hashes
- bsc#889013: Rename README.SuSE to the new spelling README.SUSE
- bsc#976943: Fixed a buffer overrun in ASN1_parse.
- bsc#977621: Preserve negotiated digests for SNI (bsc#977621)
ImportantSUSE bug 889013SUSE bug 971354SUSE bug 976942SUSE bug 976943SUSE bug 977614SUSE bug 977615SUSE bug 977616SUSE bug 977617SUSE bug 977621CVE-2016-2105 at SUSECVE-2016-2105 at NVDCVE-2016-2106 at SUSECVE-2016-2106 at NVDCVE-2016-2107 at SUSECVE-2016-2107 at NVDCVE-2016-2108 at SUSECVE-2016-2108 at NVDCVE-2016-2109 at SUSECVE-2016-2109 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssl1 (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openssl1 fixes the following issues:
penSSL Security Advisory [22 Sep 2016] (bsc#999665)
Severity: High
* OCSP Status Request extension unbounded memory growth (CVE-2016-6304) (bsc#999666)
Severity: Low
* Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575)
* Constant time flag not preserved in DSA signing (CVE-2016-2178) (bsc#983249)
* DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)
* OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (bsc#990419)
* DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)
* OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)
* Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183) (bsc#995359)
* Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)
* OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)
* Certificate message OOB reads (CVE-2016-6306) (bsc#999668)
More information can be found on: https://www.openssl.org/news/secadv/20160922.txt
Also following bugs were fixed:
* update expired S/MIME certs (bsc#979475)
* improve s390x performance (bsc#982745)
* fix crash in print_notice (bsc#998190)
* resume reading from /dev/urandom when interrupted by a signal (bsc#995075)
ImportantSUSE bug 979475SUSE bug 982575SUSE bug 982745SUSE bug 983249SUSE bug 990419SUSE bug 993819SUSE bug 994749SUSE bug 994844SUSE bug 995075SUSE bug 995324SUSE bug 995359SUSE bug 995377SUSE bug 998190SUSE bug 999665SUSE bug 999666SUSE bug 999668CVE-2016-2177 at SUSECVE-2016-2177 at NVDCVE-2016-2178 at SUSECVE-2016-2178 at NVDCVE-2016-2179 at SUSECVE-2016-2179 at NVDCVE-2016-2180 at SUSECVE-2016-2180 at NVDCVE-2016-2181 at SUSECVE-2016-2181 at NVDCVE-2016-2182 at SUSECVE-2016-2182 at NVDCVE-2016-2183 at SUSECVE-2016-2183 at NVDCVE-2016-6302 at SUSECVE-2016-6302 at NVDCVE-2016-6303 at SUSECVE-2016-6303 at NVDCVE-2016-6304 at SUSECVE-2016-6304 at NVDCVE-2016-6306 at SUSECVE-2016-6306 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssl1 (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for openssl1 fixes the following issues contained in the
OpenSSL Security Advisory [26 Jan 2017] (bsc#1021641)
Security issues fixed:
- CVE-2016-7056: A local ECSDA P-256 timing attack that might have allowed key recovery was fixed (bsc#1019334)
- CVE-2016-8610: A remote denial of service in SSL alert handling was fixed (bsc#1005878)
- CVE-2017-3731: Truncated packet could crash via OOB read (bsc#1022085)
- Degrade the 3DES cipher to MEDIUM in SSLv2 (bsc#1001912)
- CVE-2016-2108: Added a missing commit for CVE-2016-2108, fixing the negative zero handling in the ASN.1 decoder (bsc#1004499)
Bugs fixed:
- fix crash in openssl speed (bsc#1000677)
- call c_rehash in %post (bsc#1001707)
- ship static libraries in the devel package (bsc#1022644)
ModerateSUSE bug 1000677SUSE bug 1001707SUSE bug 1001912SUSE bug 1004499SUSE bug 1005878SUSE bug 1019334SUSE bug 1021641SUSE bug 1022085SUSE bug 1022644CVE-2016-2108 at SUSECVE-2016-2108 at NVDCVE-2016-7056 at SUSECVE-2016-7056 at NVDCVE-2016-8610 at SUSECVE-2016-8610 at NVDCVE-2017-3731 at SUSECVE-2017-3731 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssl1 (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openssl1 fixes the following issues:
Security issues fixed:
- CVE-2017-3735: Malformed X.509 IPAdressFamily could cause OOB read (bsc#1056058)
- adjust DEFAULT_SUSE to meet 1.0.2 and current state (bsc#1027908)
- out of bounds read+crash in DES_fcrypt (bsc#1065363)
- DEFAULT_SUSE cipher list is missing ECDHE-ECDSA ciphers (bsc#1055825)
- Missing important ciphers in openssl 1.0.1i-47.1 (bsc#990592)
Bug fixes:
- support alternate root ca chains (bsc#1032261)
- Require openssl1, so c_rehash1 is available during %post to hash the certificates (bsc#1057660)
ImportantSUSE bug 1027908SUSE bug 1032261SUSE bug 1055825SUSE bug 1056058SUSE bug 1057660SUSE bug 1065363SUSE bug 990592CVE-2017-3735 at SUSECVE-2017-3735 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssl1 (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openssl1 fixes the following issues:
- CVE-2018-0739: Constructed ASN.1 types with a recursive definition could exceed
the stack. This could result in a Denial Of Service attack. (bsc#1087102)
ImportantSUSE bug 1087102CVE-2018-0739 at SUSECVE-2018-0739 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssl1 (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for openssl1 fixes the following security issues:
- CVE-2018-0737: The RSA Key generation algorithm has been shown to be
vulnerable to a cache timing side channel attack. An attacker with sufficient
access to mount cache timing attacks during the RSA key generation process
could have recovered the private key (bsc#1089039)
- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based
ciphersuite a malicious server could have sent a very large prime value to the
client. This caused the client to spend an unreasonably long period of time
generating a key for this prime resulting in a hang until the client has
finished. This could be exploited in a Denial Of Service attack (bsc#1097158)
- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)
ModerateSUSE bug 1089039SUSE bug 1097158SUSE bug 1097624SUSE bug 1098592CVE-2018-0732 at SUSECVE-2018-0732 at NVDCVE-2018-0737 at SUSECVE-2018-0737 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssl1 (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for openssl1 fixes the following issues:
Security issues fixed:
- CVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652).
- CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses (bsc#1113534).
- CVE-2016-8610: Adjusted current fix and add missing error string (bsc#1110018).
- Fixed the 'One and Done' side-channel attack on RSA (bsc#1104789).
ModerateSUSE bug 1104789SUSE bug 1110018SUSE bug 1113534SUSE bug 1113652CVE-2016-8610 at SUSECVE-2016-8610 at NVDCVE-2018-0734 at SUSECVE-2018-0734 at NVDCVE-2018-5407 at SUSECVE-2018-5407 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssl1 (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for openssl1 fixes the following security issues:
- CVE-2019-1559: Fix 0-byte record padding oracle via SSL_shutdown (bsc#1127080)
- Reject invalid EC point coordinates (bsc#1131291)
- Fixed 'The 9 Lives of Bleichenbacher's CAT: Cache ATtacks on TLS Implementations' (bsc#1117951)
ModerateSUSE bug 1117951SUSE bug 1127080SUSE bug 1131291CVE-2019-1559 at SUSECVE-2019-1559 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssl1 (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for openssl1 fixes the following issues:
OpenSSL Security Advisory [10 September 2019]
* CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance. (bsc#1150003)
* CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key (bsc#1150250)
ModerateSUSE bug 1150003SUSE bug 1150250CVE-2019-1547 at SUSECVE-2019-1547 at NVDCVE-2019-1563 at SUSECVE-2019-1563 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssl1 (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for openssl1 fixes the following issues:
- Add missing commits fixing the security issue called 'The 9 Lives of Bleichenbacher's CAT'. (bsc#1117951)
- Fix a memory problem in 'BN_copy()'. (bsc#1160163)
ModerateSUSE bug 1117951SUSE bug 1160163cpe:/o:suse:sles:11:securitySecurity update for openssl1 (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openssl1 fixes the following issues:
- CVE-2020-1968: Introduced hardening against the Raccoon attack by always generating fresh DH keys
and never reuse them across multiple TLS connections (bsc#1176331).
ImportantSUSE bug 1176331CVE-2020-1968 at SUSECVE-2020-1968 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssl1 (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openssl1 fixes the following issues:
- CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME (bsc#1179491).
ImportantSUSE bug 1179491CVE-2020-1971 at SUSECVE-2020-1971 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssl1 (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for openssl1 fixes the following issues:
- CVE-2021-23840: Fixed an Integer overflow in CipherUpdate (bsc#1182333)
- CVE-2021-23841: Fixed a Null pointer dereference in X509_issuer_and_serial_hash() (bsc#1182331)
ModerateSUSE bug 1182331SUSE bug 1182333CVE-2021-23840 at SUSECVE-2021-23840 at NVDCVE-2021-23841 at SUSECVE-2021-23841 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssl1 (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openssl1 fixes the following security issue:
- CVE-2021-3712: a bug in the code for printing certificate details could
lead to a buffer overrun that a malicious actor could exploit to crash
the application, causing a denial-of-service attack. [bsc#1189521]
ImportantSUSE bug 1189521CVE-2021-3712 at SUSECVE-2021-3712 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssl1 (Low)SUSE Linux Enterprise Server 11-SECURITY
This update for openssl1 fixes the following issues:
- CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712.
Read buffer overruns processing ASN.1 strings (bsc#1189521).
LowSUSE bug 1189521CVE-2021-3712 at SUSECVE-2021-3712 at NVDcpe:/o:suse:sles:11:securitySecurity update for openssl1 (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openssl1 fixes the following issues:
- CVE-2022-0778: Fixed an infinite loop in BN_mod_sqrt() reachable when parsing certificates (bsc#1196877)
ImportantSUSE bug 1196877CVE-2022-0778 at SUSECVE-2022-0778 at NVDcpe:/o:suse:sles:11:securitySecurity update for openvpn-openssl1 (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openvpn-openssl1 fixes the following issues:
- Some parts of the certificate-parsing code did not always clear all allocated
memory. This would have allowed clients to leak a few bytes of memory for
each connection attempt, thereby facilitating a (quite inefficient) DoS
attack on the server. [bsc#1044947, CVE-2017-7521]
- The ASN1 parsing code contained a bug that could have resulted in some
buffers being free()d twice, and this issue could have potentially been
triggered remotely by a VPN peer. [bsc#1044947, CVE-2017-7521]
- If clients used a HTTP proxy with NTLM authentication, a man-in-the-middle
attacker between client and proxy could cause the client to crash or disclose
at most 96 bytes of stack memory. The disclosed stack memory was likely to
contain the proxy password. If the proxy password had not been reused, this
was unlikely to compromise the security of the OpenVPN tunnel itself. Clients
who did not use the --http-proxy option with ntlm2 authentication were not
affected. [bsc#1044947, CVE-2017-7520]
- It was possible to trigger an assertion by sending a malformed IPv6 packet.
That issue could have been abused to remotely shutdown an openvpn server or
client, if IPv6 and --mssfix were enabled and if the IPv6 networks used
inside the VPN were known. [bsc#1044947, CVE-2017-7508]
- The installed sample configuration file was updated to comply to FIPS
requirements. [bsc#988522]
- Remedy large latencies on the openVPN server during authentication process.
[bsc#959511]
- Fix potential denial-of-service attacks found during independent audits.
[bsc#1038713, bsc#1038709, CVE-2017-7478, bsc#1038711, CVE-2017-7479]
ImportantSUSE bug 1038709SUSE bug 1038711SUSE bug 1038713SUSE bug 1044947SUSE bug 959511SUSE bug 988522CVE-2017-7478 at SUSECVE-2017-7478 at NVDCVE-2017-7479 at SUSECVE-2017-7479 at NVDCVE-2017-7508 at SUSECVE-2017-7508 at NVDCVE-2017-7520 at SUSECVE-2017-7520 at NVDCVE-2017-7521 at SUSECVE-2017-7521 at NVDcpe:/o:suse:sles:11:securitySecurity update for openvpn-openssl1 (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openvpn-openssl1 fixes the following issues:
Security issue fixed:
- CVE-2017-12166: Fix remote buffer overflow (bsc#1060877).
ImportantSUSE bug 1060877CVE-2017-12166 at SUSECVE-2017-12166 at NVDcpe:/o:suse:sles:11:securitySecurity update for openvpn-openssl1 (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for openvpn-openssl1 fixes the following issues:
- Fixed Out of bounds read on getaddrinfo() result (bsc#959714).
ModerateSUSE bug 959714cpe:/o:suse:sles:11:securitySecurity update for openvpn-openssl1 (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for openvpn-openssl1 fixes the following issues:
- CVE-2020-15078: Fixed authentication bypass with deferred authentication (bsc#1185279).
- CVE-2018-7544: Fixed cross-protocol scripting issue that was discovered in the management interface (bsc#1085803).
ModerateSUSE bug 1085803SUSE bug 1185279CVE-2018-7544 at SUSECVE-2018-7544 at NVDCVE-2020-15078 at SUSECVE-2020-15078 at NVDcpe:/o:suse:sles:11:securitySecurity update for openvpn-openssl1 (Important)SUSE Linux Enterprise Server 11-SECURITY
This update for openvpn-openssl1 fixes the following issues:
- CVE-2022-0547: Fixed possible authentication bypass in external authentication plug-in (bsc#1197341).
ImportantSUSE bug 1197341CVE-2022-0547 at SUSECVE-2022-0547 at NVDcpe:/o:suse:sles:11:securitySecurity update for sblim-sfcb (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for sblim-sfcb fixes the following issues:
Feature enhancements:
- A seperate sblim-sfcb-openssl1 package was added to the SECURITY Module.
(fate#322032/bsc#1012814)
This package can be installed additionaly, and the SysV Init script will
pick the openssl1 variant on the next start, offering TLS 1.2 support
on the WBEM SSL socket.
Bugfixes:
- Add sslNoSSLv3 and sslNoTLSv1 configuration options (bsc#923349, bsc#1008130)
ModerateSUSE bug 1008130SUSE bug 1012814SUSE bug 923349cpe:/o:suse:sles:11:securitySecurity update for wget (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for wget fixes the following issues:
- CVE-2016-4971: A HTTP to FTP redirection file name confusion vulnerability was fixed.
(bsc#984060).
- CVE-2016-7098: A potential race condition was fixed by creating files with .tmp ext
and making them accessible to the current user only. (bsc#995964)
Bug fixed:
- Wget failed with basicauth: Failed writing HTTP request: Bad file descriptor
(bsc#958342)
ModerateSUSE bug 958342SUSE bug 984060SUSE bug 995964CVE-2016-4971 at SUSECVE-2016-4971 at NVDCVE-2016-7098 at SUSECVE-2016-7098 at NVDcpe:/o:suse:sles:11:securitySecurity update for wget (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for wget fixes the following issues:
Security issue fixed:
- CVE-2017-6508: (url_parse): Reject control characters in host part of URL (bsc#1028301).
ModerateSUSE bug 1028301CVE-2017-6508 at SUSECVE-2017-6508 at NVDcpe:/o:suse:sles:11:securitySecurity update for wget (Moderate)SUSE Linux Enterprise Server 11-SECURITY
This update for wget fixes the following issues:
- CVE-2018-0494: Fixed Cookie injection vulnerability by checking for
and joining continuation lines. (bsc#1092061)
ModerateSUSE bug 1092061CVE-2018-0494 at SUSECVE-2018-0494 at NVDcpe:/o:suse:sles:11:securitySecurity update for compat-openssl097gSUSE Linux Enterprise Server for SAP Applications 11 SP1
This compat-openssl097g rollup update contains various security fixes:
* CVE-2012-2131,CVE-2012-2110: incorrect integer conversions in OpenSSL
can result in memory corruption during buffer management operations.
Security Issue reference:
* CVE-2012-2110
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110>
SUSE bug 758060SUSE bug 802184SUSE bug 880891SUSE bug 890764SUSE bug 901223SUSE bug 901277SUSE bug 905106SUSE bug 912014SUSE bug 912015SUSE bug 912018SUSE bug 912293SUSE bug 912296SUSE bug 920236SUSE bug 922488SUSE bug 922496SUSE bug 922499SUSE bug 922500SUSE bug 922501SUSE bug 929678SUSE bug 931698SUSE bug 934489SUSE bug 934491CVE-2012-2110 at SUSECVE-2012-2110 at NVDCVE-2013-0166 at SUSECVE-2013-0166 at NVDCVE-2013-0169 at SUSECVE-2013-0169 at NVDCVE-2014-0224 at SUSECVE-2014-0224 at NVDCVE-2014-3470 at SUSECVE-2014-3470 at NVDCVE-2014-3508 at SUSECVE-2014-3508 at NVDCVE-2014-3566 at SUSECVE-2014-3566 at NVDCVE-2014-3568 at SUSECVE-2014-3568 at NVDCVE-2014-3570 at SUSECVE-2014-3570 at NVDCVE-2014-3572 at SUSECVE-2014-3572 at NVDCVE-2014-8275 at SUSECVE-2014-8275 at NVDCVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0205 at SUSECVE-2015-0205 at NVDCVE-2015-0286 at SUSECVE-2015-0286 at NVDCVE-2015-0287 at SUSECVE-2015-0287 at NVDCVE-2015-0288 at SUSECVE-2015-0288 at NVDCVE-2015-0289 at SUSECVE-2015-0289 at NVDCVE-2015-0292 at SUSECVE-2015-0292 at NVDCVE-2015-0293 at SUSECVE-2015-0293 at NVDCVE-2015-1789 at SUSECVE-2015-1789 at NVDCVE-2015-1790 at SUSECVE-2015-1790 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles_sap:11:sp1Security update for IBM Java 1.4.2SUSE Linux Enterprise Server for SAP Applications 11 SP1
IBM Java 1.4.2 has been updated to SR13-FP13 that fixes bugs and security
issues.
Please see for more information:
http://www.ibm.com/developerworks/java/jdk/alerts/
<http://www.ibm.com/developerworks/java/jdk/alerts/>
Additionally one bug has been fixed:
* fix bnc#771808: create symlink /usr/bin/javaws properly
Security Issue references:
* CVE-2012-1717
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1717>
* CVE-2012-1713
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1713>
* CVE-2012-1719
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1719>
* CVE-2012-1718
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1718>
SUSE bug 663953SUSE bug 666744SUSE bug 673738SUSE bug 704326SUSE bug 714716SUSE bug 739256SUSE bug 768611SUSE bug 778943CVE-2010-1321 at SUSECVE-2010-1321 at NVDCVE-2010-3574 at SUSECVE-2010-3574 at NVDCVE-2010-4447 at SUSECVE-2010-4447 at NVDCVE-2010-4448 at SUSECVE-2010-4448 at NVDCVE-2010-4454 at SUSECVE-2010-4454 at NVDCVE-2010-4462 at SUSECVE-2010-4462 at NVDCVE-2010-4465 at SUSECVE-2010-4465 at NVDCVE-2010-4466 at SUSECVE-2010-4466 at NVDCVE-2010-4473 at SUSECVE-2010-4473 at NVDCVE-2010-4475 at SUSECVE-2010-4475 at NVDCVE-2010-4476 at SUSECVE-2010-4476 at NVDCVE-2011-0311 at SUSECVE-2011-0311 at NVDCVE-2011-0786 at SUSECVE-2011-0786 at NVDCVE-2011-0802 at SUSECVE-2011-0802 at NVDCVE-2011-0814 at SUSECVE-2011-0814 at NVDCVE-2011-0815 at SUSECVE-2011-0815 at NVDCVE-2011-0862 at SUSECVE-2011-0862 at NVDCVE-2011-0865 at SUSECVE-2011-0865 at NVDCVE-2011-0866 at SUSECVE-2011-0866 at NVDCVE-2011-0867 at SUSECVE-2011-0867 at NVDCVE-2011-0871 at SUSECVE-2011-0871 at NVDCVE-2011-0872 at SUSECVE-2011-0872 at NVDCVE-2011-3389 at SUSECVE-2011-3389 at NVDCVE-2011-3545 at SUSECVE-2011-3545 at NVDCVE-2011-3547 at SUSECVE-2011-3547 at NVDCVE-2011-3548 at SUSECVE-2011-3548 at NVDCVE-2011-3549 at SUSECVE-2011-3549 at NVDCVE-2011-3552 at SUSECVE-2011-3552 at NVDCVE-2011-3556 at SUSECVE-2011-3556 at NVDCVE-2011-3557 at SUSECVE-2011-3557 at NVDCVE-2011-3560 at SUSECVE-2011-3560 at NVDCVE-2011-3563 at SUSECVE-2011-3563 at NVDCVE-2012-0499 at SUSECVE-2012-0499 at NVDCVE-2012-0502 at SUSECVE-2012-0502 at NVDCVE-2012-0503 at SUSECVE-2012-0503 at NVDCVE-2012-0505 at SUSECVE-2012-0505 at NVDCVE-2012-0506 at SUSECVE-2012-0506 at NVDCVE-2012-1713 at SUSECVE-2012-1713 at NVDCVE-2012-1717 at SUSECVE-2012-1717 at NVDCVE-2012-1718 at SUSECVE-2012-1718 at NVDCVE-2012-1719 at SUSECVE-2012-1719 at NVDcpe:/o:suse:sles_sap:11:sp1Security update for compat-openssl097gSUSE Linux Enterprise Server for SAP Applications 11 SP2
This compat-openssl097g rollup update contains various security fixes:
* CVE-2012-2131,CVE-2012-2110: incorrect integer conversions in OpenSSL
could have resulted in memory corruption during buffer management
operations.
Security Issue reference:
* CVE-2012-2110
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110>
SUSE bug 758060SUSE bug 802184SUSE bug 880891SUSE bug 890764SUSE bug 901223SUSE bug 901277SUSE bug 905106SUSE bug 912014SUSE bug 912015SUSE bug 912018SUSE bug 912293SUSE bug 912296SUSE bug 920236SUSE bug 922488SUSE bug 922496SUSE bug 922499SUSE bug 922500SUSE bug 922501SUSE bug 929678SUSE bug 931698SUSE bug 934489SUSE bug 934491CVE-2012-2110 at SUSECVE-2012-2110 at NVDCVE-2013-0166 at SUSECVE-2013-0166 at NVDCVE-2013-0169 at SUSECVE-2013-0169 at NVDCVE-2014-0224 at SUSECVE-2014-0224 at NVDCVE-2014-3470 at SUSECVE-2014-3470 at NVDCVE-2014-3508 at SUSECVE-2014-3508 at NVDCVE-2014-3566 at SUSECVE-2014-3566 at NVDCVE-2014-3568 at SUSECVE-2014-3568 at NVDCVE-2014-3570 at SUSECVE-2014-3570 at NVDCVE-2014-3572 at SUSECVE-2014-3572 at NVDCVE-2014-8275 at SUSECVE-2014-8275 at NVDCVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0205 at SUSECVE-2015-0205 at NVDCVE-2015-0286 at SUSECVE-2015-0286 at NVDCVE-2015-0287 at SUSECVE-2015-0287 at NVDCVE-2015-0288 at SUSECVE-2015-0288 at NVDCVE-2015-0289 at SUSECVE-2015-0289 at NVDCVE-2015-0292 at SUSECVE-2015-0292 at NVDCVE-2015-0293 at SUSECVE-2015-0293 at NVDCVE-2015-1789 at SUSECVE-2015-1789 at NVDCVE-2015-1790 at SUSECVE-2015-1790 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles_sap:11:sp2Security update for compat-openssl097g (Moderate)SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update for compat-openssl097g fixes the following issues:
Security issue fixed:
- CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure
OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS
routines so any application which reads PKCS#7 or CMS data from untrusted
sources is affected. SSL/TLS is not affected. (bsc#957812)
A non security issue fixed:
- Prevent segfault in s_client with invalid options (bsc#952099)
ModerateSUSE bug 952099SUSE bug 957812CVE-2015-3195 at SUSECVE-2015-3195 at NVDcpe:/o:suse:sles_sap:11:sp2Security update for IBM Java 1.4.2SUSE Linux Enterprise Server for SAP Applications 11 SP2
IBM Java 1.4.2 has been updated to SR13-FP13 that fixes bugs and security
issues.
Please see for more information:
http://www.ibm.com/developerworks/java/jdk/alerts/
<http://www.ibm.com/developerworks/java/jdk/alerts/>
Additionally one bug has been fixed:
* fix bnc#771808: create symlink /usr/bin/javaws properly
Security Issue references:
* CVE-2012-1717
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1717>
* CVE-2012-1713
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1713>
* CVE-2012-1719
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1719>
* CVE-2012-1718
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1718>
SUSE bug 666744SUSE bug 768611SUSE bug 778943CVE-2011-3563 at SUSECVE-2011-3563 at NVDCVE-2012-0499 at SUSECVE-2012-0499 at NVDCVE-2012-0502 at SUSECVE-2012-0502 at NVDCVE-2012-0503 at SUSECVE-2012-0503 at NVDCVE-2012-0505 at SUSECVE-2012-0505 at NVDCVE-2012-0506 at SUSECVE-2012-0506 at NVDCVE-2012-1713 at SUSECVE-2012-1713 at NVDCVE-2012-1717 at SUSECVE-2012-1717 at NVDCVE-2012-1718 at SUSECVE-2012-1718 at NVDCVE-2012-1719 at SUSECVE-2012-1719 at NVDcpe:/o:suse:sles_sap:11:sp2Security update for sap_suse_cluster_connectorSUSE Linux Enterprise Server for SAP Applications 11 SP2
A tmp race condition was fixed in sap_suse_cluster_connector. CVE-2012-0426
was assigned to this issue.
Additionally some minor non-security fixes are included.
Security Issue reference:
* CVE-2012-0426
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0426>
SUSE bug 763793SUSE bug 777453SUSE bug 778273SUSE bug 778293CVE-2012-0426 at SUSECVE-2012-0426 at NVDcpe:/o:suse:sles_sap:11:sp2Security update for compat-openssl097gSUSE Linux Enterprise Server for SAP Applications 11 SP3
OpenSSL was updated to fix several security issues:
* CVE-2015-4000: The Logjam Attack ( weakdh.org ) has been addressed by
rejecting connections with DH parameters shorter than 1024 bits.
2048-bit DH parameters are now generated by default.
* CVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.
* CVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent
was fixed.
* Fixed a timing side channel in RSA decryption. (bsc#929678)
Additional changes:
* In the default SSL cipher string EXPORT ciphers are now disabled.
This will only get active if applications get rebuilt and actually
use this string. (bsc#931698)
Security Issues:
* CVE-2015-1789
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789>
* CVE-2015-1790
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790>
* CVE-2015-4000
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000>
SUSE bug 912014SUSE bug 912015SUSE bug 912018SUSE bug 912293SUSE bug 912296SUSE bug 922488SUSE bug 922496SUSE bug 922499SUSE bug 922500SUSE bug 922501SUSE bug 929678SUSE bug 931698SUSE bug 934489SUSE bug 934491CVE-2014-3570 at SUSECVE-2014-3570 at NVDCVE-2014-3572 at SUSECVE-2014-3572 at NVDCVE-2014-8275 at SUSECVE-2014-8275 at NVDCVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0205 at SUSECVE-2015-0205 at NVDCVE-2015-0286 at SUSECVE-2015-0286 at NVDCVE-2015-0287 at SUSECVE-2015-0287 at NVDCVE-2015-0288 at SUSECVE-2015-0288 at NVDCVE-2015-0289 at SUSECVE-2015-0289 at NVDCVE-2015-0292 at SUSECVE-2015-0292 at NVDCVE-2015-0293 at SUSECVE-2015-0293 at NVDCVE-2015-1789 at SUSECVE-2015-1789 at NVDCVE-2015-1790 at SUSECVE-2015-1790 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles_sap:11:sp3Recommended update for compat-openssl097g (Moderate)SUSE Linux Enterprise Server for SAP Applications 11 SP3
The compat-openssl097g package was updated to fix a regression in the security
patch for CVE-2015-0287 that broke loading DSA keys from file. (bsc#937492)
ModerateSUSE bug 937492CVE-2015-0287 at SUSECVE-2015-0287 at NVDcpe:/o:suse:sles_sap:11:sp3Security update for compat-openssl097g (Moderate)SUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for compat-openssl097g fixes the following issues:
Security issue fixed:
- CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure
OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS
routines so any application which reads PKCS#7 or CMS data from untrusted
sources is affected. SSL/TLS is not affected. (bsc#957812)
A non security issue fixed:
- Prevent segfault in s_client with invalid options (bsc#952099)
ModerateSUSE bug 952099SUSE bug 957812CVE-2015-3195 at SUSECVE-2015-3195 at NVDcpe:/o:suse:sles_sap:11:sp3Security update for compat-openssl097g (Important)SUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for compat-openssl097g fixes the following issues:
Security issues fixed:
- CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)
- CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)
- CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)
- CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)
Bugs fixed:
- bsc#976943: Fix buffer overrun in ASN1_parse
ImportantSUSE bug 976942SUSE bug 976943SUSE bug 977615SUSE bug 977617CVE-2016-2105 at SUSECVE-2016-2105 at NVDCVE-2016-2106 at SUSECVE-2016-2106 at NVDCVE-2016-2108 at SUSECVE-2016-2108 at NVDCVE-2016-2109 at SUSECVE-2016-2109 at NVDcpe:/o:suse:sles_sap:11:sp3Security update for compat-openssl097g (Moderate)SUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for compat-openssl097g fixes the following issues:
OpenSSL Security Advisory [22 Sep 2016] (bsc#999665)
Severity: Low
* Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575)
* OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)
* Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183) (bsc#995359)
* OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)
* Certificate message OOB reads (CVE-2016-6306) (bsc#999668)
ModerateSUSE bug 982575SUSE bug 993819SUSE bug 995359SUSE bug 995377SUSE bug 999665SUSE bug 999668CVE-2016-2177 at SUSECVE-2016-2177 at NVDCVE-2016-2182 at SUSECVE-2016-2182 at NVDCVE-2016-2183 at SUSECVE-2016-2183 at NVDCVE-2016-6303 at SUSECVE-2016-6303 at NVDCVE-2016-6306 at SUSECVE-2016-6306 at NVDcpe:/o:suse:sles_sap:11:sp3Security update for clamsap (Moderate)SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update fixes the following security issues:
CVE-2015-2278: The LZH decompression implementation allows context-dependent attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to look-ups of non-simple codes.
CVE-2015-2282: Stack-based buffer overflow in the LZC decompression implementation allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors
ModerateSUSE bug 935939CVE-2015-2278 at SUSECVE-2015-2278 at NVDCVE-2015-2282 at SUSECVE-2015-2282 at NVDcpe:/o:suse:sles_sap:11:sp4Recommended update for compat-openssl097g (Moderate)SUSE Linux Enterprise Server for SAP Applications 11 SP4
The compat-openssl097g package was updated to fix a regression in the security
patch for CVE-2015-0287 that broke loading DSA keys from file. (bsc#937492)
ModerateSUSE bug 937492CVE-2015-0287 at SUSECVE-2015-0287 at NVDcpe:/o:suse:sles_sap:11:sp4Security update for compat-openssl097g (Moderate)SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for compat-openssl097g fixes the following issues:
Security issue fixed:
- CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure
OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS
routines so any application which reads PKCS#7 or CMS data from untrusted
sources is affected. SSL/TLS is not affected. (bsc#957812)
A non security issue fixed:
- Prevent segfault in s_client with invalid options (bsc#952099)
ModerateSUSE bug 952099SUSE bug 957812CVE-2015-3195 at SUSECVE-2015-3195 at NVDcpe:/o:suse:sles_sap:11:sp4Security update for compat-openssl097g (Important)SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for compat-openssl097g fixes the following issues:
- CVE-2016-0800 aka the 'DROWN' attack (bsc#968046):
OpenSSL was vulnerable to a cross-protocol attack that could lead to
decryption of TLS sessions by using a server supporting SSLv2 and
EXPORT cipher suites as a Bleichenbacher RSA padding oracle.
This update changes the openssl library to:
* Disable SSLv2 protocol support by default.
This can be overridden by setting the environment variable
'OPENSSL_ALLOW_SSL2' or by using SSL_CTX_clear_options using the
SSL_OP_NO_SSLv2 flag.
Note that various services and clients had already disabled SSL
protocol 2 by default previously.
* Disable all weak EXPORT ciphers by default. These can be reenabled
if required by old legacy software using the environment variable
'OPENSSL_ALLOW_EXPORT'.
- CVE-2016-0705 (bnc#968047):
A double free() bug in the DSA ASN1 parser code was fixed that could
be abused to facilitate a denial-of-service attack.
- CVE-2016-0797 (bnc#968048):
The BN_hex2bn() and BN_dec2bn() functions had a bug that could result
in an attempt to de-reference a NULL pointer leading to crashes.
This could have security consequences if these functions were ever
called by user applications with large untrusted hex/decimal data. Also,
internal usage of these functions in OpenSSL uses data from config files
or application command line arguments. If user developed applications
generated config file data based on untrusted data, then this could
have had security consequences as well.
- CVE-2016-0799 (bnc#968374)
On many 64 bit systems, the internal fmtstr() and doapr_outch()
functions could miscalculate the length of a string and attempt to
access out-of-bounds memory locations. These problems could have
enabled attacks where large amounts of untrusted data is passed to
the BIO_*printf functions. If applications use these functions in
this way then they could have been vulnerable. OpenSSL itself uses
these functions when printing out human-readable dumps of ASN.1
data. Therefore applications that print this data could have been
vulnerable if the data is from untrusted sources. OpenSSL command line
applications could also have been vulnerable when they print out ASN.1
data, or if untrusted data is passed as command line arguments. Libssl
is not considered directly vulnerable.
- CVE-2016-0800 aka the 'DROWN' attack (bsc#968046):
OpenSSL was vulnerable to a cross-protocol attack that could lead to
decryption of TLS sessions by using a server supporting SSLv2 and
EXPORT cipher suites as a Bleichenbacher RSA padding oracle.
This update changes the openssl library to:
* Disable SSLv2 protocol support by default.
This can be overridden by setting the environment variable
'OPENSSL_ALLOW_SSL2' or by using SSL_CTX_clear_options using the
SSL_OP_NO_SSLv2 flag.
Note that various services and clients had already disabled SSL
protocol 2 by default previously.
* Disable all weak EXPORT ciphers by default. These can be reenabled
if required by old legacy software using the environment variable
'OPENSSL_ALLOW_EXPORT'.
- CVE-2016-0705 (bnc#968047):
A double free() bug in the DSA ASN1 parser code was fixed that could
be abused to facilitate a denial-of-service attack.
- CVE-2016-0797 (bnc#968048):
The BN_hex2bn() and BN_dec2bn() functions had a bug that could result
in an attempt to de-reference a NULL pointer leading to crashes.
This could have security consequences if these functions were ever
called by user applications with large untrusted hex/decimal data. Also,
internal usage of these functions in OpenSSL uses data from config files
or application command line arguments. If user developed applications
generated config file data based on untrusted data, then this could
have had security consequences as well.
- CVE-2016-0799 (bnc#968374)
On many 64 bit systems, the internal fmtstr() and doapr_outch()
functions could miscalculate the length of a string and attempt to
access out-of-bounds memory locations. These problems could have
enabled attacks where large amounts of untrusted data is passed to
the BIO_*printf functions. If applications use these functions in
this way then they could have been vulnerable. OpenSSL itself uses
these functions when printing out human-readable dumps of ASN.1
data. Therefore applications that print this data could have been
vulnerable if the data is from untrusted sources. OpenSSL command line
applications could also have been vulnerable when they print out ASN.1
data, or if untrusted data is passed as command line arguments. Libssl
is not considered directly vulnerable.
- CVE-2015-3197 (bsc#963415):
The SSLv2 protocol did not block disabled ciphers.
Note that the March 1st 2016 release also references following CVEs
that were fixed by us with CVE-2015-0293 in 2015:
- CVE-2016-0703 (bsc#968051): This issue only affected versions of
OpenSSL prior to March 19th 2015 at which time the code was refactored
to address vulnerability CVE-2015-0293. It would have made the above
'DROWN' attack much easier.
- CVE-2016-0704 (bsc#968053): 'Bleichenbacher oracle in SSLv2'
This issue only affected versions of OpenSSL prior to March 19th
2015 at which time the code was refactored to address vulnerability
CVE-2015-0293. It would have made the above 'DROWN' attack much easier.
ImportantSUSE bug 963415SUSE bug 968046SUSE bug 968048SUSE bug 968051SUSE bug 968053SUSE bug 968374CVE-2015-3197 at SUSECVE-2015-3197 at NVDCVE-2016-0702 at SUSECVE-2016-0702 at NVDCVE-2016-0703 at SUSECVE-2016-0703 at NVDCVE-2016-0797 at SUSECVE-2016-0797 at NVDCVE-2016-0799 at SUSECVE-2016-0799 at NVDCVE-2016-0800 at SUSECVE-2016-0800 at NVDcpe:/o:suse:sles_sap:11:sp4Security update for compat-openssl097g (Important)SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for compat-openssl097g fixes the following issues:
Security issues fixed:
- CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)
- CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)
- CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)
- CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)
Bugs fixed:
- bsc#976943: Fix buffer overrun in ASN1_parse
ImportantSUSE bug 976942SUSE bug 976943SUSE bug 977615SUSE bug 977617CVE-2016-2105 at SUSECVE-2016-2105 at NVDCVE-2016-2106 at SUSECVE-2016-2106 at NVDCVE-2016-2108 at SUSECVE-2016-2108 at NVDCVE-2016-2109 at SUSECVE-2016-2109 at NVDcpe:/o:suse:sles_sap:11:sp4Security update for compat-openssl097g (Moderate)SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for compat-openssl097g fixes the following issues:
OpenSSL Security Advisory [22 Sep 2016] (bsc#999665)
Severity: Low
* Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575)
* OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)
* Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183) (bsc#995359)
* OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)
* Certificate message OOB reads (CVE-2016-6306) (bsc#999668)
ModerateSUSE bug 982575SUSE bug 993819SUSE bug 995359SUSE bug 995377SUSE bug 999665SUSE bug 999668CVE-2016-2177 at SUSECVE-2016-2177 at NVDCVE-2016-2182 at SUSECVE-2016-2182 at NVDCVE-2016-2183 at SUSECVE-2016-2183 at NVDCVE-2016-6303 at SUSECVE-2016-6303 at NVDCVE-2016-6306 at SUSECVE-2016-6306 at NVDcpe:/o:suse:sles_sap:11:sp4Security update for compat-openssl097g (Moderate)SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for compat-openssl097g fixes the following issues contained in the
OpenSSL Security Advisory [26 Jan 2017] (bsc#1021641)
Security issues fixed:
- CVE-2016-8610: A remote denial of service in SSL alert handling was fixed (bsc#1005878)
- degrade 3DES to MEDIUM in SSL2 (bsc#1001912)
- CVE-2016-2108: Added a missing commit for CVE-2016-2108, fixing the negative zero handling in the ASN.1 decoder (bsc#1004499)
Bugs fixed:
- fix crash in openssl speed (bsc#1000677)
- resume reading from /dev/urandom when interrupted by a signal
(bsc#995075)
- fix crash in print_notice (bsc#998190)
ModerateSUSE bug 1000677SUSE bug 1001912SUSE bug 1004499SUSE bug 1005878SUSE bug 1021641SUSE bug 995075SUSE bug 998190CVE-2016-2108 at SUSECVE-2016-2108 at NVDCVE-2016-8610 at SUSECVE-2016-8610 at NVDcpe:/o:suse:sles_sap:11:sp4Security update for compat-openssl097g (Moderate)SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for compat-openssl097g fixes the following issues:
These security issues were fixed:
- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based
ciphersuite a malicious server could have sent a very large prime value to the
client. This caused the client to spend an unreasonably long period of time
generating a key for this prime resulting in a hang until the client has
finished. This could be exploited in a Denial Of Service attack (bsc#1097158)
- CVE-2018-0739: Constructed ASN.1 types with a recursive definition (such as
can be found in PKCS7) could eventually exceed the stack given malicious input
with excessive recursion. This could have resulted in DoS (bsc#1087102)
This non-security issue was fixed:
- Fixed crash in DES_fcrypt (bsc#1065363)
ModerateSUSE bug 1065363SUSE bug 1087102SUSE bug 1097158CVE-2018-0732 at SUSECVE-2018-0732 at NVDCVE-2018-0739 at SUSECVE-2018-0739 at NVDcpe:/o:suse:sles_sap:11:sp4Security update for compat-openssl097g (Moderate)SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for compat-openssl097g fixes the following issues:
Security issue fixed:
- CVE-2016-8610: Adjusted current fix and add missing error string (bsc#1110018).
Non-security issue fixed:
- Fixed timing vulnerability in DSA signature generation (bsc#1113742).
ModerateSUSE bug 1110018SUSE bug 1113742CVE-2016-8610 at SUSECVE-2016-8610 at NVDcpe:/o:suse:sles_sap:11:sp4Security update for lighttpd (Moderate)SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for lighttpd fixes the following issues:
Security issues fixed:
- CVE-2016-1000212: Don't allow requests to set the HTTP_PROXY variable. As *CGI apps
might pick it up and use it for outgoing requests. (bsc#990847)
- CVE-2015-3200: Log injection via malformed base64 string in Authentication header.
(bsc#932286)
Bug fixes:
- Add su directive to logrotate file as the directory is owned by lighttpd. (bsc#981347)
- Fix out of bounds read in mod_scgi.
ModerateSUSE bug 932286SUSE bug 981347SUSE bug 990847CVE-2015-3200 at SUSECVE-2015-3200 at NVDCVE-2016-1000212 at SUSECVE-2016-1000212 at NVDcpe:/o:suse:sles_sap:11:sp4Security update for SUSE Manager client toolsSUSE Linux Enterprise Server 11 SP1-CLIENT-TOOLS
This update fixes the following issue:
* support new function signature for image deployment.
* fixed insecure permissions used for /var/log/rhncfg-actions file
Security Issue reference:
* CVE-2012-2679
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2679>
SUSE bug 764532SUSE bug 766148CVE-2012-2679 at SUSECVE-2012-2679 at NVDcpe:/a:suse:sle-clienttools:11:sp1Security update for cobblerSUSE Linux Enterprise Server 11 SP1-CLIENT-TOOLS
This update of cobbler fixes a remote code execution flaw which could have
been exploited through cobbler's XMLRPC API (CVE-2012-2395).
Security Issue references:
* CVE-2012-2395
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2395>
SUSE bug 672471SUSE bug 678433SUSE bug 682665SUSE bug 687891SUSE bug 757062SUSE bug 763610CVE-2011-4953 at SUSECVE-2011-4953 at NVDCVE-2012-2395 at SUSECVE-2012-2395 at NVDcpe:/a:suse:sle-clienttools:11:sp1YOU update for libzyppSUSE Linux Enterprise Server 11 SP1-CLIENT-TOOLS
libzypp did not handle multiple gpg pubkeys in the repomd.xml.key and
content.key consistently and secure. Attackers could have exploited this to
add their own keys and pretend it's from SUSE.
Security Issue reference:
* CVE-2013-3704
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3704>
SUSE bug 828672CVE-2013-3704 at SUSECVE-2013-3704 at NVDcpe:/a:suse:sle-clienttools:11:sp1Security update for spacewalkSUSE Linux Enterprise Server 11 SP1-CLIENT-TOOLS
This update adds the following two fixes:
* Do not create ssh key in rpm %post script (bnc#678130)
* the bootstrap script should force the installation of ORG_CA_CERT rpm
* Set a time delay even after unsuccessful logins, which previously
allowed a remote attacker to guess account names. CVE-2011-0718 has
been assigned to this issue.
How to apply this update:
1.
Log in as root user to the SUSE Manager server.
2.
Stop the Spacewalk service:
spacewalk-service stop
3.
Apply the patch using either zypper patch or YaST Online Update.
4.
Start the Spacewalk service:
spacewalk-service start
Security Issue reference:
* CVE-2011-0718
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0718>
SUSE bug 644072SUSE bug 678130CVE-2011-0718 at SUSECVE-2011-0718 at NVDcpe:/a:suse:sle-clienttools:11:sp1Security update for spacewalkSUSE Linux Enterprise Server 11 SP1-CLIENT-TOOLS
This update fixes the following bugs in the web user interface:
* link the local documentation instead of the online versions
* Leave out the proxy version check
* fix navigation on the help page
* shorten the action name before writing them to the database
* Fix session handling. A SUSE Manager user able to pre-set the session
cookie in a victim's browser to a valid value could use this flaw to
hijack the victim's session after the next log in. (CVE-2011-0717)
* Set a time delay even after unsuccessful logins, which previously
allowed a remote attacker to guess account names (CVE-2011-0718).
* Add missing dependencies
How to apply this update:
1.
Log in as root user to the SUSE Manager server.
2.
Stop the Spacewalk service:
spacewalk-service stop
3.
Apply the patch using either zypper patch or YaST Online Update.
4.
Start the Spacewalk service:
spacewalk-service start
Security Issue reference:
* CVE-2011-0718
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0718>
* CVE-2011-0717
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0717>
SUSE bug 644072SUSE bug 644080SUSE bug 674315SUSE bug 674344SUSE bug 675021SUSE bug 676677SUSE bug 676699SUSE bug 676718SUSE bug 678126CVE-2011-0717 at SUSECVE-2011-0717 at NVDCVE-2011-0718 at SUSECVE-2011-0718 at NVDcpe:/a:suse:sle-clienttools:11:sp1Recommended update for SUSE Manager Client Tools (Moderate)SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS
This update fixes the following issues:
osad:
- Fix logfile option for osa-dispatcher. (bsc#980752)
salt:
- Update to 2015.8.12
- Add pre-require to salt for minions.
- Do not restart salt-minion in salt package.
- Add try-restart to sys-v init scripts.
- Add 'Restart=on-failure' for salt-minion systemd service.
- Various fixes for signal handling.
- Successfully exit of salt-api child processes when SIGTERM is received.
- Re-introduce 'KillMode=process' for salt-minion systemd service.
- Fix setting default timezone. (bsc#1008933)
- Fix possible information leak due to revoked keys still being used. (bsc#1012398, CVE-2016-9639)
spacewalk-backend:
- Handle non-unique machine_id after migrate from 2.1. (bsc#1013002)
- Refer to scc.suse.com instead of bugzilla.novell.com in case of problem. (bsc#967818)
- Fix selection of primary interface. (bsc#1009677)
- Add link from satellite-sync to mgr-inter-sync man page. (bsc#1009435)
- Reposync: Assign orphaned vendor packages to the default org. (bsc#995764)
- Add missing reference for bsc#996609
supportutils-plugin-susemanager-client:
- Include correct configuration file in the supportconfig.
ModerateSUSE bug 1008933SUSE bug 1009435SUSE bug 1009677SUSE bug 1012398SUSE bug 1013002SUSE bug 967818SUSE bug 980752SUSE bug 995764SUSE bug 996609CVE-2016-9639 at SUSECVE-2016-9639 at NVDcpe:/a:suse:sle-clienttools:11:sp3Security update for SUSE Manager Client Tools (Moderate)SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS
The following security issue in spacewalk-backend has been fixed:
- Non admin or disabled user cannot make changes to a system anymore using spacewalk-channel.
(bsc#1026633, CVE-2017-7470)
Additionally, the following non-security issues have been fixed:
rhnlib:
- Support all TLS versions in rpclib. (bsc#1025312)
spacecmd:
- Improve output on error for listrepo. (bsc#1027426)
- Reword spacecmd removal message. (bsc#1024406)
spacewalk-backend:
- Do not fail with traceback when media.1 does not exist. (bsc#1032256)
- Create scap files directory beforehand. (bsc#1029755)
- Fix error if SPACEWALK_DEBUG_NO_REPORTS environment variable is not present.
- Don't skip 'rhnErrataPackage' cleanup during an errata update. (bsc#1023233)
- Add support for running spacewalk-debug without creating reports. (bsc#1024714)
- Set scap store directory mod to 775 and group owner to susemanager.
- incomplete_package_import: Do import rhnPackageFile as it breaks some package installations.
- Added traceback printing to the exception block.
- Change postgresql starting commands.
spacewalk-client-tools:
- Fix reboot message to use correct product name. (bsc#1031667)
ModerateSUSE bug 1023233SUSE bug 1024406SUSE bug 1024714SUSE bug 1025312SUSE bug 1026633SUSE bug 1027426SUSE bug 1029755SUSE bug 1031667SUSE bug 1032256CVE-2017-7470 at SUSECVE-2017-7470 at NVDcpe:/a:suse:sle-clienttools:11:sp3Security update for SUSE Manager Client Tools (Moderate)SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS
This update fixes the following issues:
mgr-cfg:
- Ensure bytes type when using hashlib to avoid traceback (bsc#1138822)
mgr-daemon:
- Fix systemd timer configuration on SLE12 (bsc#1142038)
mgr-osad:
- Fix obsolete for old osad packages, to allow installing mgr-osad
even by using osad at yum/zyppper install (bsc#1139453)
- Ensure bytes type when using hashlib to avoid traceback (bsc#1138822)
mgr-virtualization:
- Fix missing python 3 ugettext (bsc#1138494)
- Fix package dependencies to prevent file conflict (bsc#1143856)
rhnlib:
- Add SNI support for clients
- Fix initialize ssl connection (bsc#1144155)
- Fix bootstrapping SLE11SP4 trad client with SSL enabled (bsc#1148177)
python-gzipstream:
- SPEC cleanup
- add makefile and pylint configuration
- Add Uyuni URL to package
- Bump version to 4.0.0 (bsc#1104034)
- Fix copyright for the package specfile (bsc#1103696)
spacecmd:
- Bugfix: referenced variable before assignment.
- Bugfix: 'dict' object has no attribute 'iteritems' (bsc#1135881)
- Add unit tests for custominfo, snippet, scap, ssm, cryptokey and distribution
- Fix missing runtime dependencies that made spacecmd return old versions of
packages in some cases, even if newer ones were available (bsc#1148311)
spacewalk-backend:
- Do not overwrite comps and module data with older versions
- Fix issue with 'dists' keyword in url hostname
- Import packages from all collections of a patch not just first one
- Ensure bytes type when using hashlib to avoid traceback
on XMLRPC call to 'registration.register_osad' (bsc#1138822)
- Do not duplicate 'http://' protocol when using proxies with 'deb'
repositories (bsc#1138313)
- Fix reposync when dealing with RedHat CDN (bsc#1138358)
- Fix for CVE-2019-10136. An attacker with a valid, but expired,
authenticated set of headers could move some digits around,
artificially extending the session validity without modifying
the checksum. (bsc#1136480)
- Prevent FileNotFoundError: repomd.xml.key traceback (bsc#1137940)
- Add journalctl output to spacewalk-debug tarballs
- Prevent unnecessary triggering of channel-repodata tasks when GPG
signing is disabled (bsc#1137715)
- Fix spacewalk-repo-sync for Ubuntu repositories in mirror case (bsc#1136029)
- Add support for ULN repositories on new Zypper based reposync.
- Don't skip Deb package tags on package import (bsc#1130040)
- For backend-libs subpackages, exclude files for the server
(already part of spacewalk-backend) to avoid conflicts (bsc#1148125)
- prevent duplicate key violates on repo-sync with long changelog
entries (bsc#1144889)
spacewalk-remote-utils:
- Add RHEL8
ModerateSUSE bug 1103696SUSE bug 1104034SUSE bug 1130040SUSE bug 1135881SUSE bug 1136029SUSE bug 1136480SUSE bug 1137715SUSE bug 1137940SUSE bug 1138313SUSE bug 1138358SUSE bug 1138494SUSE bug 1138822SUSE bug 1139453SUSE bug 1142038SUSE bug 1143856SUSE bug 1144155SUSE bug 1144889SUSE bug 1148125SUSE bug 1148177SUSE bug 1148311CVE-2019-10136 at SUSECVE-2019-10136 at NVDcpe:/a:suse:sle-clienttools:11:sp3Security update for SUSE Manager Client Tools (Critical)SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS
This update fixes the following issues:
cobbler:
- Fix parsing cobbler dictionary options with values containing '=', e.g. kernel params containing '=' (bsc#1176978)
mgr-daemon:
- Update translation strings
salt:
- Properly validate eauth credentials and tokens on SSH calls made by Salt API
(bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)
spacecmd:
- Python3 fixes for errata in spacecmd (bsc#1169664)
- Added support for i18n of user-facing strings
- Python3 fix for sorted usage (bsc#1167907)
spacewalk-client-tools:
- Remove RH references in Python/Ruby localization and use the product name instead
CriticalSUSE bug 1167907SUSE bug 1169664SUSE bug 1176978SUSE bug 1178319SUSE bug 1178361SUSE bug 1178362CVE-2020-16846 at SUSECVE-2020-16846 at NVDCVE-2020-17490 at SUSECVE-2020-17490 at NVDCVE-2020-25592 at SUSECVE-2020-25592 at NVDcpe:/a:suse:sle-clienttools:11:sp3Security update for SUSE Manager Client Tools (Important)SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS
This update fixes the following issues:
golang-github-wrouesnel-postgres_exporter:
- Add support for aarch64
mgr-cfg:
- SPEC: Updated Python definitions for RHEL8 and quoted text comparisons.
mgr-custom-info:
- Update package version to 4.2.0
mgr-daemon:
- Update translation strings
- Update the translations from weblate
- Added quotes around %{_vendor} token for the if statements in spec file.
- Fix removal of mgr-deamon with selinux enabled (bsc#1177928)
- Updating translations from weblate
mgr-osad:
- Change the log file permissions as expected by logrotate (bsc#1177884)
- Change deprecated path /var/run into /run for systemd (bsc#1185178)
- Python fixes
- Removal of RHEL5
mgr-push:
- Defined __python for python2.
- Excluded RHEL8 for Python 2 build.
mgr-virtualization:
- Update package version to 4.2.0
rhnlib:
- Update package version to 4.2.0
salt:
- Prevent command injection in the snapper module (bsc#1185281) (CVE-2021-31607)
spacecmd:
- Rename system migration to system transfer
- Rename SP to product migration
- Update translation strings
- Add group_addconfigchannel and group_removeconfigchannel
- Add group_listconfigchannels and configchannel_listgroups
- Fix spacecmd compat with Python 3
- Deprecated 'Software Crashes' feature
- Document advanced package search on '--help' (bsc#1180583)
- Fixed advanced search on 'package_listinstalledsystems'
- Fixed duplicate results when using multiple search criteria (bsc#1180585)
- Fixed 'non-advanced' package search when using multiple package names (bsc#1180584)
- Update translations
- Fix: make spacecmd build on Debian
- Add Service Pack migration operations (bsc#1173557)
spacewalk-client-tools:
- Update the translations from weblate
- Drop the --noSSLServerURL option
- Updated RHEL Python requirements.
- Added quotes around %{_vendor}.
spacewalk-koan:
- Fix for spacewalk-koan test
spacewalk-oscap:
- Update package version to 4.2.0
spacewalk-remote-utils:
- Update package version to 4.2.0
supportutils-plugin-susemanager-client:
- Update package version to 4.2.0
suseRegisterInfo:
- Add support for Amazon Linux 2
- Add support for Alibaba Cloud Linux 2
- Adapted for RHEL build.
uyuni-base:
- Added Apache as prerequisite for RHEL and Fedora (due to required users).
- Removed RHEL specific folder rights from SPEC file.
- Added RHEL8 compatibility.
uyuni-common-libs:
- Cleaning up unused Python 2 build leftovers.
- Disabled debug package build.
ImportantSUSE bug 1173557SUSE bug 1177884SUSE bug 1177928SUSE bug 1180583SUSE bug 1180584SUSE bug 1180585SUSE bug 1185178SUSE bug 1185281CVE-2021-31607 at SUSECVE-2021-31607 at NVDcpe:/a:suse:sle-clienttools:11:sp3Security update for SUSE Manager Client Tools (Moderate)SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS
This update fixes the following issues:
salt:
- Exclude the full path of a download URL to prevent injection of
malicious code (bsc#1190265) (CVE-2021-21996)
spacecmd:
- Version 4.2.13-1
* Update translation strings
* configchannel_updatefile handles directory properly (bsc#1190512)
* Add schedule_archivecompleted to mass archive actions (bsc#1181223)
* Remove whoami from the list of unauthenticated commands (bsc#1188977)
spacewalk-client-tools:
- Version 4.2.14-1
* Update translation strings
ModerateSUSE bug 1181223SUSE bug 1188977SUSE bug 1190265SUSE bug 1190512CVE-2021-21996 at SUSECVE-2021-21996 at NVDcpe:/a:suse:sle-clienttools:11:sp3Security update for cobbler (Moderate)SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS
This update for cobbler fixes the following issues:
- CVE-2017-1000469: Escape shell parameters provided by the user for the reposync action. (bsc#1074594)
- Fix for calling koan with virt_type kvm. (bsc#1090205)
ModerateSUSE bug 1074594SUSE bug 1090205CVE-2017-1000469 at SUSECVE-2017-1000469 at NVDcpe:/a:suse:sle-clienttools:11:sp3Security update for cobbler (Important)SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS
This update for cobbler fixes the following issues:
Security issue fixed:
- CVE-2018-10931: Forbid exposure of private methods in the API (bsc#1104287, bsc#1104189)
ImportantSUSE bug 1104189SUSE bug 1104287CVE-2018-10931 at SUSECVE-2018-10931 at NVDcpe:/a:suse:sle-clienttools:11:sp3Security update for cobbler (Important)SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS
This update for cobbler fixes the following issues:
- CVE-2021-45083: Fixed unsafe permissions on sensitive files (bsc#1193671).
The following non-security bugs were fixed:
- Move configuration files ownership to apache (bsc#1195906)
ImportantSUSE bug 1193671SUSE bug 1195906CVE-2021-45083 at SUSECVE-2021-45083 at NVDcpe:/a:suse:sle-clienttools:11:sp3Security update for python-Jinja2 (Important)SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS
This update for python-Jinja2 fixes the following issues:
- CVE-2020-28493: Improve the speed of the 'urlize' filter by reducing regex
backtracking. Email matching requires a word character at the start of the
domain part, and only word characters in the TLD. (bsc#1181944)
ImportantSUSE bug 1181944CVE-2020-28493 at SUSECVE-2020-28493 at NVDcpe:/a:suse:sle-clienttools:11:sp3Security update for python-pycrypto (Important)SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS
This update for python-pycrypto fixes the following issues:
- CVE-2013-7459: Fixed a potential heap buffer overflow in ALGnew (bsc#1017420).
ImportantSUSE bug 1017420CVE-2013-7459 at SUSECVE-2013-7459 at NVDcpe:/a:suse:sle-clienttools:11:sp3Security update for salt (Moderate)SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS
This update for salt fixes one security issue and bugs.
The following security issue has been fixed:
- CVE-2017-12791: Directory traversal vulnerability in minion id validation
allowed remote minions with incorrect credentials to authenticate to a master
via a crafted minion ID (bsc#1053955).
Additionally, the following non-security issues have been fixed:
- Added support for SUSE Manager scalability features. (bsc#1052264)
- Introduced the kubernetes module. (bsc#1051948)
- Notify systemd synchronously via NOTIFY_SOCKET. (bsc#1053376)
ModerateSUSE bug 1051948SUSE bug 1052264SUSE bug 1053376SUSE bug 1053955CVE-2017-12791 at SUSECVE-2017-12791 at NVDcpe:/a:suse:sle-clienttools:11:sp3Security update for Salt (Moderate)SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS
This update for salt fixes one security issue and bugs.
The following security issues have been fixed:
- CVE-2017-14695: A directory traversal vulnerability in minion id validation allowed remote minions with incorrect
credentials to authenticate to a master via a crafted minion ID. (bsc#1062462)
- CVE-2017-14696: It was possible to force a remote Denial of Service with a specially crafted authentication
request. (bsc#1062464)
Additionally, the following non-security issues have been fixed:
- Removed deprecation warning for beacon configuration using dictionaries. (bsc#1041993)
- Fixed beacons failure when pillar-based suppressing config-based. (bsc#1060230)
- Fixed minion resource exhaustion when many functions are being executed in parallel. (bsc#1059758)
- Remove 'TasksTask' attribute from salt-master.service in older versions of systemd. (bsc#985112)
- Fix for delete_deployment in Kubernetes module. (bsc#1059291)
- Catching error when PIDfile cannot be deleted. (bsc#1050003)
- Use $HOME to get the user home directory instead using '~' char. (bsc#1042749)
ModerateSUSE bug 1041993SUSE bug 1042749SUSE bug 1050003SUSE bug 1059291SUSE bug 1059758SUSE bug 1060230SUSE bug 1062462SUSE bug 1062464SUSE bug 985112CVE-2017-14695 at SUSECVE-2017-14695 at NVDCVE-2017-14696 at SUSECVE-2017-14696 at NVDcpe:/a:suse:sle-clienttools:11:sp3Security update for salt (Important)SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS
This update for salt fixes the following issues:
Salt was updated to version 2016.11.10 and contains the following fixes:
Security issues fixed:
- CVE-2018-15750: Fixed directory traversal vulnerability in salt-api (bsc#1113698).
- CVE-2018-15751: Fixed remote authentication bypass in salt-api(netapi) that allows to execute arbitrary commands (bsc#1113699).
ImportantSUSE bug 1113698SUSE bug 1113699CVE-2018-15750 at SUSECVE-2018-15750 at NVDCVE-2018-15751 at SUSECVE-2018-15751 at NVDcpe:/a:suse:sle-clienttools:11:sp3Security update for salt (Critical)SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS
This update for salt fixes the following issues:
- Fix regression on cmd.run when passing tuples as cmd (bsc#1182740)
- Allow `extra_filerefs` as sanitized `kwargs` for SSH client
- Fix for multiple for security issues
(CVE-2020-28243) (CVE-2020-28972) (CVE-2020-35662) (CVE-2021-3148) (CVE-2021-3144)
(CVE-2021-25281) (CVE-2021-25282) (CVE-2021-25283) (CVE-2021-25284) (CVE-2021-3197)
(bsc#1181550) (bsc#1181556) (bsc#1181557) (bsc#1181558) (bsc#1181559) (bsc#1181560)
(bsc#1181561) (bsc#1181562) (bsc#1181563) (bsc#1181564) (bsc#1181565)
CriticalSUSE bug 1181550SUSE bug 1181556SUSE bug 1181557SUSE bug 1181558SUSE bug 1181559SUSE bug 1181560SUSE bug 1181561SUSE bug 1181562SUSE bug 1181563SUSE bug 1181564SUSE bug 1181565SUSE bug 1182740CVE-2020-28243 at SUSECVE-2020-28243 at NVDCVE-2020-28972 at SUSECVE-2020-28972 at NVDCVE-2020-35662 at SUSECVE-2020-35662 at NVDCVE-2021-25281 at SUSECVE-2021-25281 at NVDCVE-2021-25282 at SUSECVE-2021-25282 at NVDCVE-2021-25283 at SUSECVE-2021-25283 at NVDCVE-2021-25284 at SUSECVE-2021-25284 at NVDCVE-2021-3144 at SUSECVE-2021-3144 at NVDCVE-2021-3148 at SUSECVE-2021-3148 at NVDCVE-2021-3197 at SUSECVE-2021-3197 at NVDcpe:/a:suse:sle-clienttools:11:sp3Security update for Salt (Moderate)SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS
This update for salt provides version 2016.11.4 and brings various fixes and improvements:
- Adding a salt-minion watchdog for RHEL6 and SLES11 systems (sysV) to restart salt-minion in case of crashes during upgrade.
- Fix format error. (bsc#1043111)
- Fix ownership for whole master cache directory. (bsc#1035914)
- Disable 3rd party runtime packages to be explicitly recommended. (bsc#1040886)
- Fix insecure permissions in salt-ssh temporary files. (bsc#1035912, CVE-2017-8109)
- Disable custom rosters for Salt SSH via Salt API. (bsc#1011800, CVE-2017-5200)
- Orchestrate and batches don't return false failed information anymore.
- Speed-up cherrypy by removing sleep call.
- Fix os_family grains on SUSE. (bsc#1038855)
- Fix setting the language on SUSE systems. (bsc#1038855)
- Use SUSE specific salt-api.service. (bsc#1039370)
- Fix using hostname for minion ID as '127'.
- Fix core grains constants for timezone. (bsc#1032931)
- Minor fixes on new pkg.list_downloaded.
- Listing all type of advisory patches for Yum module.
- Prevents zero length error on Python 2.6.
- Fixes zypper test error after backporting.
- Raet protocol is no longer supported. (bsc#1020831)
- Fix moving SSH data to the new home. (bsc#1027722)
- Fix logrotating /var/log/salt/minion. (bsc#1030009)
- Fix result of master_tops extension is mutually overwritten. (bsc#1030073)
- Allows to set 'timeout' and 'gather_job_timeout' via kwargs.
- Allows to set custom timeouts for 'manage.up' and 'manage.status'.
- Use salt's ordereddict for comparison.
- Fix scripts for salt-proxy.
- Add openscap module.
- File.get_managed regression fix.
- Fix translate variable arguments if they contain hidden keywords. (bsc#1025896)
- Added unit test for dockerng.sls_build dryrun.
- Added dryrun to dockerng.sls_build.
- Update dockerng minimal version requirements.
- Fix format error in error parsing.
- Keep fix for migrating salt home directory. (bsc#1022562)
- Fix salt pkg.latest raises exception if package is not available. (bsc#1012999)
- Timezone should always be in UTC. (bsc#1017078)
- Fix timezone handling for rpm installtime. (bsc#1017078)
- Increasing timeouts for running integrations tests.
- Add buildargs option to dockerng.build module.
- Fix error when missing ssh-option parameter.
- Re-add yum notify plugin.
- All kwargs to dockerng.create to provide all features to sls_build as well.
- Datetime should be returned always in UTC.
- Fix possible crash while deserialising data on infinite recursion in scheduled state. (bsc#1036125)
- Documentation refresh to 2016.11.4
- For a detailed description, please refer to:
+ https://docs.saltstack.com/en/develop/topics/releases/2016.11.4.html
+ https://docs.saltstack.com/en/develop/topics/releases/2016.11.3.html
+ https://docs.saltstack.com/en/develop/topics/releases/2016.11.2.html
+ https://docs.saltstack.com/en/develop/topics/releases/2016.11.1.html
ModerateSUSE bug 1011800SUSE bug 1012999SUSE bug 1017078SUSE bug 1020831SUSE bug 1022562SUSE bug 1025896SUSE bug 1027240SUSE bug 1027722SUSE bug 1030009SUSE bug 1030073SUSE bug 1032931SUSE bug 1035912SUSE bug 1035914SUSE bug 1036125SUSE bug 1038855SUSE bug 1039370SUSE bug 1040584SUSE bug 1040886SUSE bug 1043111CVE-2017-5200 at SUSECVE-2017-5200 at NVDCVE-2017-8109 at SUSECVE-2017-8109 at NVDcpe:/a:suse:sle-clienttools:11:sp3Security update for zeromq (Important)SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS
This update for zeromq fixes the following issues:
- CVE-2019-13132: An unauthenticated remote attacker could have exploited
a stack overflow vulnerability on a server that is supposed to be protected
by encryption and authentication to potentially gain a remote code execution.
(bsc#1140255)
ImportantSUSE bug 1140255CVE-2019-13132 at SUSECVE-2019-13132 at NVDcpe:/a:suse:sle-clienttools:11:sp3Recommended update for SUSE Manager Client Tools (Moderate)SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS
This update fixes the following issues:
osad:
- Fix logfile option for osa-dispatcher. (bsc#980752)
salt:
- Update to 2015.8.12
- Add pre-require to salt for minions.
- Do not restart salt-minion in salt package.
- Add try-restart to sys-v init scripts.
- Add 'Restart=on-failure' for salt-minion systemd service.
- Various fixes for signal handling.
- Successfully exit of salt-api child processes when SIGTERM is received.
- Re-introduce 'KillMode=process' for salt-minion systemd service.
- Fix setting default timezone. (bsc#1008933)
- Fix possible information leak due to revoked keys still being used. (bsc#1012398, CVE-2016-9639)
spacewalk-backend:
- Handle non-unique machine_id after migrate from 2.1. (bsc#1013002)
- Refer to scc.suse.com instead of bugzilla.novell.com in case of problem. (bsc#967818)
- Fix selection of primary interface. (bsc#1009677)
- Add link from satellite-sync to mgr-inter-sync man page. (bsc#1009435)
- Reposync: Assign orphaned vendor packages to the default org. (bsc#995764)
- Add missing reference for bsc#996609
supportutils-plugin-susemanager-client:
- Include correct configuration file in the supportconfig.
ModerateSUSE bug 1008933SUSE bug 1009435SUSE bug 1009677SUSE bug 1012398SUSE bug 1013002SUSE bug 967818SUSE bug 980752SUSE bug 995764SUSE bug 996609CVE-2016-9639 at SUSECVE-2016-9639 at NVDcpe:/a:suse:sle-clienttools:11:sp4Security update for SUSE Manager Client Tools (Moderate)SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS
The following security issue in spacewalk-backend has been fixed:
- Non admin or disabled user cannot make changes to a system anymore using spacewalk-channel.
(bsc#1026633, CVE-2017-7470)
Additionally, the following non-security issues have been fixed:
rhnlib:
- Support all TLS versions in rpclib. (bsc#1025312)
spacecmd:
- Improve output on error for listrepo. (bsc#1027426)
- Reword spacecmd removal message. (bsc#1024406)
spacewalk-backend:
- Do not fail with traceback when media.1 does not exist. (bsc#1032256)
- Create scap files directory beforehand. (bsc#1029755)
- Fix error if SPACEWALK_DEBUG_NO_REPORTS environment variable is not present.
- Don't skip 'rhnErrataPackage' cleanup during an errata update. (bsc#1023233)
- Add support for running spacewalk-debug without creating reports. (bsc#1024714)
- Set scap store directory mod to 775 and group owner to susemanager.
- incomplete_package_import: Do import rhnPackageFile as it breaks some package installations.
- Added traceback printing to the exception block.
- Change postgresql starting commands.
spacewalk-client-tools:
- Fix reboot message to use correct product name. (bsc#1031667)
ModerateSUSE bug 1023233SUSE bug 1024406SUSE bug 1024714SUSE bug 1025312SUSE bug 1026633SUSE bug 1027426SUSE bug 1029755SUSE bug 1031667SUSE bug 1032256CVE-2017-7470 at SUSECVE-2017-7470 at NVDcpe:/a:suse:sle-clienttools:11:sp4Security update for SUSE Manager Client Tools (Moderate)SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS
This update fixes the following issues:
mgr-cfg:
- Ensure bytes type when using hashlib to avoid traceback (bsc#1138822)
mgr-daemon:
- Fix systemd timer configuration on SLE12 (bsc#1142038)
mgr-osad:
- Fix obsolete for old osad packages, to allow installing mgr-osad
even by using osad at yum/zyppper install (bsc#1139453)
- Ensure bytes type when using hashlib to avoid traceback (bsc#1138822)
mgr-virtualization:
- Fix missing python 3 ugettext (bsc#1138494)
- Fix package dependencies to prevent file conflict (bsc#1143856)
rhnlib:
- Add SNI support for clients
- Fix initialize ssl connection (bsc#1144155)
- Fix bootstrapping SLE11SP4 trad client with SSL enabled (bsc#1148177)
python-gzipstream:
- SPEC cleanup
- add makefile and pylint configuration
- Add Uyuni URL to package
- Bump version to 4.0.0 (bsc#1104034)
- Fix copyright for the package specfile (bsc#1103696)
spacecmd:
- Bugfix: referenced variable before assignment.
- Bugfix: 'dict' object has no attribute 'iteritems' (bsc#1135881)
- Add unit tests for custominfo, snippet, scap, ssm, cryptokey and distribution
- Fix missing runtime dependencies that made spacecmd return old versions of
packages in some cases, even if newer ones were available (bsc#1148311)
spacewalk-backend:
- Do not overwrite comps and module data with older versions
- Fix issue with 'dists' keyword in url hostname
- Import packages from all collections of a patch not just first one
- Ensure bytes type when using hashlib to avoid traceback
on XMLRPC call to 'registration.register_osad' (bsc#1138822)
- Do not duplicate 'http://' protocol when using proxies with 'deb'
repositories (bsc#1138313)
- Fix reposync when dealing with RedHat CDN (bsc#1138358)
- Fix for CVE-2019-10136. An attacker with a valid, but expired,
authenticated set of headers could move some digits around,
artificially extending the session validity without modifying
the checksum. (bsc#1136480)
- Prevent FileNotFoundError: repomd.xml.key traceback (bsc#1137940)
- Add journalctl output to spacewalk-debug tarballs
- Prevent unnecessary triggering of channel-repodata tasks when GPG
signing is disabled (bsc#1137715)
- Fix spacewalk-repo-sync for Ubuntu repositories in mirror case (bsc#1136029)
- Add support for ULN repositories on new Zypper based reposync.
- Don't skip Deb package tags on package import (bsc#1130040)
- For backend-libs subpackages, exclude files for the server
(already part of spacewalk-backend) to avoid conflicts (bsc#1148125)
- prevent duplicate key violates on repo-sync with long changelog
entries (bsc#1144889)
spacewalk-remote-utils:
- Add RHEL8
ModerateSUSE bug 1103696SUSE bug 1104034SUSE bug 1130040SUSE bug 1135881SUSE bug 1136029SUSE bug 1136480SUSE bug 1137715SUSE bug 1137940SUSE bug 1138313SUSE bug 1138358SUSE bug 1138494SUSE bug 1138822SUSE bug 1139453SUSE bug 1142038SUSE bug 1143856SUSE bug 1144155SUSE bug 1144889SUSE bug 1148125SUSE bug 1148177SUSE bug 1148311CVE-2019-10136 at SUSECVE-2019-10136 at NVDcpe:/a:suse:sle-clienttools:11:sp4Security update for SUSE Manager Client Tools (Critical)SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS
This update fixes the following issues:
cobbler:
- Fix parsing cobbler dictionary options with values containing '=', e.g. kernel params containing '=' (bsc#1176978)
mgr-daemon:
- Update translation strings
salt:
- Properly validate eauth credentials and tokens on SSH calls made by Salt API
(bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)
spacecmd:
- Python3 fixes for errata in spacecmd (bsc#1169664)
- Added support for i18n of user-facing strings
- Python3 fix for sorted usage (bsc#1167907)
spacewalk-client-tools:
- Remove RH references in Python/Ruby localization and use the product name instead
CriticalSUSE bug 1167907SUSE bug 1169664SUSE bug 1176978SUSE bug 1178319SUSE bug 1178361SUSE bug 1178362CVE-2020-16846 at SUSECVE-2020-16846 at NVDCVE-2020-17490 at SUSECVE-2020-17490 at NVDCVE-2020-25592 at SUSECVE-2020-25592 at NVDcpe:/a:suse:sle-clienttools:11:sp4Security update for SUSE Manager Client Tools (Important)SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS
This update fixes the following issues:
golang-github-wrouesnel-postgres_exporter:
- Add support for aarch64
mgr-cfg:
- SPEC: Updated Python definitions for RHEL8 and quoted text comparisons.
mgr-custom-info:
- Update package version to 4.2.0
mgr-daemon:
- Update translation strings
- Update the translations from weblate
- Added quotes around %{_vendor} token for the if statements in spec file.
- Fix removal of mgr-deamon with selinux enabled (bsc#1177928)
- Updating translations from weblate
mgr-osad:
- Change the log file permissions as expected by logrotate (bsc#1177884)
- Change deprecated path /var/run into /run for systemd (bsc#1185178)
- Python fixes
- Removal of RHEL5
mgr-push:
- Defined __python for python2.
- Excluded RHEL8 for Python 2 build.
mgr-virtualization:
- Update package version to 4.2.0
rhnlib:
- Update package version to 4.2.0
salt:
- Prevent command injection in the snapper module (bsc#1185281) (CVE-2021-31607)
spacecmd:
- Rename system migration to system transfer
- Rename SP to product migration
- Update translation strings
- Add group_addconfigchannel and group_removeconfigchannel
- Add group_listconfigchannels and configchannel_listgroups
- Fix spacecmd compat with Python 3
- Deprecated 'Software Crashes' feature
- Document advanced package search on '--help' (bsc#1180583)
- Fixed advanced search on 'package_listinstalledsystems'
- Fixed duplicate results when using multiple search criteria (bsc#1180585)
- Fixed 'non-advanced' package search when using multiple package names (bsc#1180584)
- Update translations
- Fix: make spacecmd build on Debian
- Add Service Pack migration operations (bsc#1173557)
spacewalk-client-tools:
- Update the translations from weblate
- Drop the --noSSLServerURL option
- Updated RHEL Python requirements.
- Added quotes around %{_vendor}.
spacewalk-koan:
- Fix for spacewalk-koan test
spacewalk-oscap:
- Update package version to 4.2.0
spacewalk-remote-utils:
- Update package version to 4.2.0
supportutils-plugin-susemanager-client:
- Update package version to 4.2.0
suseRegisterInfo:
- Add support for Amazon Linux 2
- Add support for Alibaba Cloud Linux 2
- Adapted for RHEL build.
uyuni-base:
- Added Apache as prerequisite for RHEL and Fedora (due to required users).
- Removed RHEL specific folder rights from SPEC file.
- Added RHEL8 compatibility.
uyuni-common-libs:
- Cleaning up unused Python 2 build leftovers.
- Disabled debug package build.
ImportantSUSE bug 1173557SUSE bug 1177884SUSE bug 1177928SUSE bug 1180583SUSE bug 1180584SUSE bug 1180585SUSE bug 1185178SUSE bug 1185281CVE-2021-31607 at SUSECVE-2021-31607 at NVDcpe:/a:suse:sle-clienttools:11:sp4Security update for SUSE Manager Client Tools (Moderate)SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS
This update fixes the following issues:
salt:
- Exclude the full path of a download URL to prevent injection of
malicious code (bsc#1190265) (CVE-2021-21996)
spacecmd:
- Version 4.2.13-1
* Update translation strings
* configchannel_updatefile handles directory properly (bsc#1190512)
* Add schedule_archivecompleted to mass archive actions (bsc#1181223)
* Remove whoami from the list of unauthenticated commands (bsc#1188977)
spacewalk-client-tools:
- Version 4.2.14-1
* Update translation strings
ModerateSUSE bug 1181223SUSE bug 1188977SUSE bug 1190265SUSE bug 1190512CVE-2021-21996 at SUSECVE-2021-21996 at NVDcpe:/a:suse:sle-clienttools:11:sp4Security update for cobbler (Moderate)SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS
This update for cobbler fixes the following issues:
- CVE-2017-1000469: Escape shell parameters provided by the user for the reposync action. (bsc#1074594)
- Fix for calling koan with virt_type kvm. (bsc#1090205)
ModerateSUSE bug 1074594SUSE bug 1090205CVE-2017-1000469 at SUSECVE-2017-1000469 at NVDcpe:/a:suse:sle-clienttools:11:sp4Security update for cobbler (Important)SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS
This update for cobbler fixes the following issues:
Security issue fixed:
- CVE-2018-10931: Forbid exposure of private methods in the API (bsc#1104287, bsc#1104189)
ImportantSUSE bug 1104189SUSE bug 1104287CVE-2018-10931 at SUSECVE-2018-10931 at NVDcpe:/a:suse:sle-clienttools:11:sp4Security update for cobbler (Important)SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS
This update for cobbler fixes the following issues:
- CVE-2021-45083: Fixed unsafe permissions on sensitive files (bsc#1193671).
The following non-security bugs were fixed:
- Move configuration files ownership to apache (bsc#1195906)
ImportantSUSE bug 1193671SUSE bug 1195906CVE-2021-45083 at SUSECVE-2021-45083 at NVDcpe:/a:suse:sle-clienttools:11:sp4Security update for python-Jinja2 (Important)SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS
This update for python-Jinja2 fixes the following issues:
- CVE-2020-28493: Improve the speed of the 'urlize' filter by reducing regex
backtracking. Email matching requires a word character at the start of the
domain part, and only word characters in the TLD. (bsc#1181944)
ImportantSUSE bug 1181944CVE-2020-28493 at SUSECVE-2020-28493 at NVDcpe:/a:suse:sle-clienttools:11:sp4Security update for python-pycrypto (Important)SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS
This update for python-pycrypto fixes the following issues:
- CVE-2013-7459: Fixed a potential heap buffer overflow in ALGnew (bsc#1017420).
ImportantSUSE bug 1017420CVE-2013-7459 at SUSECVE-2013-7459 at NVDcpe:/a:suse:sle-clienttools:11:sp4Security update for salt (Moderate)SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS
This update for salt fixes one security issue and bugs.
The following security issue has been fixed:
- CVE-2017-12791: Directory traversal vulnerability in minion id validation
allowed remote minions with incorrect credentials to authenticate to a master
via a crafted minion ID (bsc#1053955).
Additionally, the following non-security issues have been fixed:
- Added support for SUSE Manager scalability features. (bsc#1052264)
- Introduced the kubernetes module. (bsc#1051948)
- Notify systemd synchronously via NOTIFY_SOCKET. (bsc#1053376)
ModerateSUSE bug 1051948SUSE bug 1052264SUSE bug 1053376SUSE bug 1053955CVE-2017-12791 at SUSECVE-2017-12791 at NVDcpe:/a:suse:sle-clienttools:11:sp4Security update for Salt (Moderate)SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS
This update for salt fixes one security issue and bugs.
The following security issues have been fixed:
- CVE-2017-14695: A directory traversal vulnerability in minion id validation allowed remote minions with incorrect
credentials to authenticate to a master via a crafted minion ID. (bsc#1062462)
- CVE-2017-14696: It was possible to force a remote Denial of Service with a specially crafted authentication
request. (bsc#1062464)
Additionally, the following non-security issues have been fixed:
- Removed deprecation warning for beacon configuration using dictionaries. (bsc#1041993)
- Fixed beacons failure when pillar-based suppressing config-based. (bsc#1060230)
- Fixed minion resource exhaustion when many functions are being executed in parallel. (bsc#1059758)
- Remove 'TasksTask' attribute from salt-master.service in older versions of systemd. (bsc#985112)
- Fix for delete_deployment in Kubernetes module. (bsc#1059291)
- Catching error when PIDfile cannot be deleted. (bsc#1050003)
- Use $HOME to get the user home directory instead using '~' char. (bsc#1042749)
ModerateSUSE bug 1041993SUSE bug 1042749SUSE bug 1050003SUSE bug 1059291SUSE bug 1059758SUSE bug 1060230SUSE bug 1062462SUSE bug 1062464SUSE bug 985112CVE-2017-14695 at SUSECVE-2017-14695 at NVDCVE-2017-14696 at SUSECVE-2017-14696 at NVDcpe:/a:suse:sle-clienttools:11:sp4Security update for salt (Important)SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS
This update for salt fixes the following issues:
Salt was updated to version 2016.11.10 and contains the following fixes:
Security issues fixed:
- CVE-2018-15750: Fixed directory traversal vulnerability in salt-api (bsc#1113698).
- CVE-2018-15751: Fixed remote authentication bypass in salt-api(netapi) that allows to execute arbitrary commands (bsc#1113699).
ImportantSUSE bug 1113698SUSE bug 1113699CVE-2018-15750 at SUSECVE-2018-15750 at NVDCVE-2018-15751 at SUSECVE-2018-15751 at NVDcpe:/a:suse:sle-clienttools:11:sp4Security update for salt (Critical)SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS
This update for salt fixes the following issues:
- Fix regression on cmd.run when passing tuples as cmd (bsc#1182740)
- Allow `extra_filerefs` as sanitized `kwargs` for SSH client
- Fix for multiple for security issues
(CVE-2020-28243) (CVE-2020-28972) (CVE-2020-35662) (CVE-2021-3148) (CVE-2021-3144)
(CVE-2021-25281) (CVE-2021-25282) (CVE-2021-25283) (CVE-2021-25284) (CVE-2021-3197)
(bsc#1181550) (bsc#1181556) (bsc#1181557) (bsc#1181558) (bsc#1181559) (bsc#1181560)
(bsc#1181561) (bsc#1181562) (bsc#1181563) (bsc#1181564) (bsc#1181565)
CriticalSUSE bug 1181550SUSE bug 1181556SUSE bug 1181557SUSE bug 1181558SUSE bug 1181559SUSE bug 1181560SUSE bug 1181561SUSE bug 1181562SUSE bug 1181563SUSE bug 1181564SUSE bug 1181565SUSE bug 1182740CVE-2020-28243 at SUSECVE-2020-28243 at NVDCVE-2020-28972 at SUSECVE-2020-28972 at NVDCVE-2020-35662 at SUSECVE-2020-35662 at NVDCVE-2021-25281 at SUSECVE-2021-25281 at NVDCVE-2021-25282 at SUSECVE-2021-25282 at NVDCVE-2021-25283 at SUSECVE-2021-25283 at NVDCVE-2021-25284 at SUSECVE-2021-25284 at NVDCVE-2021-3144 at SUSECVE-2021-3144 at NVDCVE-2021-3148 at SUSECVE-2021-3148 at NVDCVE-2021-3197 at SUSECVE-2021-3197 at NVDcpe:/a:suse:sle-clienttools:11:sp4Security update for Salt (Moderate)SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS
This update for salt provides version 2016.11.4 and brings various fixes and improvements:
- Adding a salt-minion watchdog for RHEL6 and SLES11 systems (sysV) to restart salt-minion in case of crashes during upgrade.
- Fix format error. (bsc#1043111)
- Fix ownership for whole master cache directory. (bsc#1035914)
- Disable 3rd party runtime packages to be explicitly recommended. (bsc#1040886)
- Fix insecure permissions in salt-ssh temporary files. (bsc#1035912, CVE-2017-8109)
- Disable custom rosters for Salt SSH via Salt API. (bsc#1011800, CVE-2017-5200)
- Orchestrate and batches don't return false failed information anymore.
- Speed-up cherrypy by removing sleep call.
- Fix os_family grains on SUSE. (bsc#1038855)
- Fix setting the language on SUSE systems. (bsc#1038855)
- Use SUSE specific salt-api.service. (bsc#1039370)
- Fix using hostname for minion ID as '127'.
- Fix core grains constants for timezone. (bsc#1032931)
- Minor fixes on new pkg.list_downloaded.
- Listing all type of advisory patches for Yum module.
- Prevents zero length error on Python 2.6.
- Fixes zypper test error after backporting.
- Raet protocol is no longer supported. (bsc#1020831)
- Fix moving SSH data to the new home. (bsc#1027722)
- Fix logrotating /var/log/salt/minion. (bsc#1030009)
- Fix result of master_tops extension is mutually overwritten. (bsc#1030073)
- Allows to set 'timeout' and 'gather_job_timeout' via kwargs.
- Allows to set custom timeouts for 'manage.up' and 'manage.status'.
- Use salt's ordereddict for comparison.
- Fix scripts for salt-proxy.
- Add openscap module.
- File.get_managed regression fix.
- Fix translate variable arguments if they contain hidden keywords. (bsc#1025896)
- Added unit test for dockerng.sls_build dryrun.
- Added dryrun to dockerng.sls_build.
- Update dockerng minimal version requirements.
- Fix format error in error parsing.
- Keep fix for migrating salt home directory. (bsc#1022562)
- Fix salt pkg.latest raises exception if package is not available. (bsc#1012999)
- Timezone should always be in UTC. (bsc#1017078)
- Fix timezone handling for rpm installtime. (bsc#1017078)
- Increasing timeouts for running integrations tests.
- Add buildargs option to dockerng.build module.
- Fix error when missing ssh-option parameter.
- Re-add yum notify plugin.
- All kwargs to dockerng.create to provide all features to sls_build as well.
- Datetime should be returned always in UTC.
- Fix possible crash while deserialising data on infinite recursion in scheduled state. (bsc#1036125)
- Documentation refresh to 2016.11.4
- For a detailed description, please refer to:
+ https://docs.saltstack.com/en/develop/topics/releases/2016.11.4.html
+ https://docs.saltstack.com/en/develop/topics/releases/2016.11.3.html
+ https://docs.saltstack.com/en/develop/topics/releases/2016.11.2.html
+ https://docs.saltstack.com/en/develop/topics/releases/2016.11.1.html
ModerateSUSE bug 1011800SUSE bug 1012999SUSE bug 1017078SUSE bug 1020831SUSE bug 1022562SUSE bug 1025896SUSE bug 1027240SUSE bug 1027722SUSE bug 1030009SUSE bug 1030073SUSE bug 1032931SUSE bug 1035912SUSE bug 1035914SUSE bug 1036125SUSE bug 1038855SUSE bug 1039370SUSE bug 1040584SUSE bug 1040886SUSE bug 1043111CVE-2017-5200 at SUSECVE-2017-5200 at NVDCVE-2017-8109 at SUSECVE-2017-8109 at NVDcpe:/a:suse:sle-clienttools:11:sp4Security update for zeromq (Important)SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS
This update for zeromq fixes the following issues:
- CVE-2019-13132: An unauthenticated remote attacker could have exploited
a stack overflow vulnerability on a server that is supposed to be protected
by encryption and authentication to potentially gain a remote code execution.
(bsc#1140255)
ImportantSUSE bug 1140255CVE-2019-13132 at SUSECVE-2019-13132 at NVDcpe:/a:suse:sle-clienttools:11:sp4Security update for ImageMagickSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of ImageMagick fixes an integer overflow in the
XMakeImage() function that allowed remote attackers to
cause a denial-of-service and possibly the execution of
arbitrary code via a crafted TIFF file. (CVE-2009-1882)
SUSE bug 507728SUSE bug 517177CVE-2009-1882 at SUSECVE-2009-1882 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Firefox version upgrade to 3.0.10 to fix a crash in
nsTextFrame::ClearTextRun() (CVE-2009-1313).
SUSE bug 465284SUSE bug 478625SUSE bug 479610SUSE bug 488955SUSE bug 495473SUSE bug 500909SUSE bug 505563SUSE bug 522109SUSE bug 527489SUSE bug 534458SUSE bug 545277SUSE bug 553172SUSE bug 559807SUSE bug 568011SUSE bug 576969SUSE bug 586567SUSE bug 603356SUSE bug 622506SUSE bug 630397SUSE bug 637303SUSE bug 645315SUSE bug 649492CVE-2008-5913 at SUSECVE-2008-5913 at NVDCVE-2009-0040 at SUSECVE-2009-0040 at NVDCVE-2009-0652 at SUSECVE-2009-0652 at NVDCVE-2009-0771 at SUSECVE-2009-0771 at NVDCVE-2009-0772 at SUSECVE-2009-0772 at NVDCVE-2009-0773 at SUSECVE-2009-0773 at NVDCVE-2009-0774 at SUSECVE-2009-0774 at NVDCVE-2009-0775 at SUSECVE-2009-0775 at NVDCVE-2009-0776 at SUSECVE-2009-0776 at NVDCVE-2009-0777 at SUSECVE-2009-0777 at NVDCVE-2009-1044 at SUSECVE-2009-1044 at NVDCVE-2009-1169 at SUSECVE-2009-1169 at NVDCVE-2009-1194 at SUSECVE-2009-1194 at NVDCVE-2009-1302 at SUSECVE-2009-1302 at NVDCVE-2009-1303 at SUSECVE-2009-1303 at NVDCVE-2009-1304 at SUSECVE-2009-1304 at NVDCVE-2009-1305 at SUSECVE-2009-1305 at NVDCVE-2009-1307 at SUSECVE-2009-1307 at NVDCVE-2009-1308 at SUSECVE-2009-1308 at NVDCVE-2009-1309 at SUSECVE-2009-1309 at NVDCVE-2009-1311 at SUSECVE-2009-1311 at NVDCVE-2009-1312 at SUSECVE-2009-1312 at NVDCVE-2009-1313 at SUSECVE-2009-1313 at NVDCVE-2009-1392 at SUSECVE-2009-1392 at NVDCVE-2009-1563 at SUSECVE-2009-1563 at NVDCVE-2009-1571 at SUSECVE-2009-1571 at NVDCVE-2009-1832 at SUSECVE-2009-1832 at NVDCVE-2009-1833 at SUSECVE-2009-1833 at NVDCVE-2009-1834 at SUSECVE-2009-1834 at NVDCVE-2009-1835 at SUSECVE-2009-1835 at NVDCVE-2009-1836 at SUSECVE-2009-1836 at NVDCVE-2009-1837 at SUSECVE-2009-1837 at NVDCVE-2009-1838 at SUSECVE-2009-1838 at NVDCVE-2009-1839 at SUSECVE-2009-1839 at NVDCVE-2009-1840 at SUSECVE-2009-1840 at NVDCVE-2009-1841 at SUSECVE-2009-1841 at NVDCVE-2009-2462 at SUSECVE-2009-2462 at NVDCVE-2009-2463 at SUSECVE-2009-2463 at NVDCVE-2009-2464 at SUSECVE-2009-2464 at NVDCVE-2009-2465 at SUSECVE-2009-2465 at NVDCVE-2009-2466 at SUSECVE-2009-2466 at NVDCVE-2009-2467 at SUSECVE-2009-2467 at NVDCVE-2009-2469 at SUSECVE-2009-2469 at NVDCVE-2009-2471 at SUSECVE-2009-2471 at NVDCVE-2009-2472 at SUSECVE-2009-2472 at NVDCVE-2009-2654 at SUSECVE-2009-2654 at NVDCVE-2009-2662 at SUSECVE-2009-2662 at NVDCVE-2009-2663 at SUSECVE-2009-2663 at NVDCVE-2009-2664 at SUSECVE-2009-2664 at NVDCVE-2009-3069 at SUSECVE-2009-3069 at NVDCVE-2009-3070 at SUSECVE-2009-3070 at NVDCVE-2009-3071 at SUSECVE-2009-3071 at NVDCVE-2009-3072 at SUSECVE-2009-3072 at NVDCVE-2009-3073 at SUSECVE-2009-3073 at NVDCVE-2009-3075 at SUSECVE-2009-3075 at NVDCVE-2009-3077 at SUSECVE-2009-3077 at NVDCVE-2009-3078 at SUSECVE-2009-3078 at NVDCVE-2009-3079 at SUSECVE-2009-3079 at NVDCVE-2009-3274 at SUSECVE-2009-3274 at NVDCVE-2009-3370 at SUSECVE-2009-3370 at NVDCVE-2009-3371 at SUSECVE-2009-3371 at NVDCVE-2009-3372 at SUSECVE-2009-3372 at NVDCVE-2009-3373 at SUSECVE-2009-3373 at NVDCVE-2009-3374 at SUSECVE-2009-3374 at NVDCVE-2009-3375 at SUSECVE-2009-3375 at NVDCVE-2009-3376 at SUSECVE-2009-3376 at NVDCVE-2009-3377 at SUSECVE-2009-3377 at NVDCVE-2009-3378 at SUSECVE-2009-3378 at NVDCVE-2009-3379 at SUSECVE-2009-3379 at NVDCVE-2009-3380 at SUSECVE-2009-3380 at NVDCVE-2009-3381 at SUSECVE-2009-3381 at NVDCVE-2009-3382 at SUSECVE-2009-3382 at NVDCVE-2009-3383 at SUSECVE-2009-3383 at NVDCVE-2009-3388 at SUSECVE-2009-3388 at NVDCVE-2009-3389 at SUSECVE-2009-3389 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2009-3979 at SUSECVE-2009-3979 at NVDCVE-2009-3980 at SUSECVE-2009-3980 at NVDCVE-2009-3982 at SUSECVE-2009-3982 at NVDCVE-2009-3983 at SUSECVE-2009-3983 at NVDCVE-2009-3984 at SUSECVE-2009-3984 at NVDCVE-2009-3985 at SUSECVE-2009-3985 at NVDCVE-2009-3986 at SUSECVE-2009-3986 at NVDCVE-2009-3988 at SUSECVE-2009-3988 at NVDCVE-2010-0159 at SUSECVE-2010-0159 at NVDCVE-2010-0160 at SUSECVE-2010-0160 at NVDCVE-2010-0162 at SUSECVE-2010-0162 at NVDCVE-2010-0173 at SUSECVE-2010-0173 at NVDCVE-2010-0174 at SUSECVE-2010-0174 at NVDCVE-2010-0175 at SUSECVE-2010-0175 at NVDCVE-2010-0176 at SUSECVE-2010-0176 at NVDCVE-2010-0177 at SUSECVE-2010-0177 at NVDCVE-2010-0178 at SUSECVE-2010-0178 at NVDCVE-2010-0179 at SUSECVE-2010-0179 at NVDCVE-2010-0181 at SUSECVE-2010-0181 at NVDCVE-2010-0182 at SUSECVE-2010-0182 at NVDCVE-2010-0183 at SUSECVE-2010-0183 at NVDCVE-2010-0220 at SUSECVE-2010-0220 at NVDCVE-2010-0654 at SUSECVE-2010-0654 at NVDCVE-2010-1121 at SUSECVE-2010-1121 at NVDCVE-2010-1125 at SUSECVE-2010-1125 at NVDCVE-2010-1196 at SUSECVE-2010-1196 at NVDCVE-2010-1197 at SUSECVE-2010-1197 at NVDCVE-2010-1198 at SUSECVE-2010-1198 at NVDCVE-2010-1199 at SUSECVE-2010-1199 at NVDCVE-2010-1200 at SUSECVE-2010-1200 at NVDCVE-2010-1201 at SUSECVE-2010-1201 at NVDCVE-2010-1202 at SUSECVE-2010-1202 at NVDCVE-2010-1203 at SUSECVE-2010-1203 at NVDCVE-2010-1205 at SUSECVE-2010-1205 at NVDCVE-2010-1206 at SUSECVE-2010-1206 at NVDCVE-2010-1208 at SUSECVE-2010-1208 at NVDCVE-2010-1209 at SUSECVE-2010-1209 at NVDCVE-2010-1211 at SUSECVE-2010-1211 at NVDCVE-2010-1213 at SUSECVE-2010-1213 at NVDCVE-2010-1214 at SUSECVE-2010-1214 at NVDCVE-2010-2751 at SUSECVE-2010-2751 at NVDCVE-2010-2752 at SUSECVE-2010-2752 at NVDCVE-2010-2753 at SUSECVE-2010-2753 at NVDCVE-2010-2754 at SUSECVE-2010-2754 at NVDCVE-2010-2760 at SUSECVE-2010-2760 at NVDCVE-2010-2762 at SUSECVE-2010-2762 at NVDCVE-2010-2763 at SUSECVE-2010-2763 at NVDCVE-2010-2764 at SUSECVE-2010-2764 at NVDCVE-2010-2765 at SUSECVE-2010-2765 at NVDCVE-2010-2766 at SUSECVE-2010-2766 at NVDCVE-2010-2767 at SUSECVE-2010-2767 at NVDCVE-2010-2768 at SUSECVE-2010-2768 at NVDCVE-2010-2769 at SUSECVE-2010-2769 at NVDCVE-2010-2770 at SUSECVE-2010-2770 at NVDCVE-2010-3131 at SUSECVE-2010-3131 at NVDCVE-2010-3166 at SUSECVE-2010-3166 at NVDCVE-2010-3167 at SUSECVE-2010-3167 at NVDCVE-2010-3168 at SUSECVE-2010-3168 at NVDCVE-2010-3169 at SUSECVE-2010-3169 at NVDCVE-2010-3170 at SUSECVE-2010-3170 at NVDCVE-2010-3174 at SUSECVE-2010-3174 at NVDCVE-2010-3175 at SUSECVE-2010-3175 at NVDCVE-2010-3176 at SUSECVE-2010-3176 at NVDCVE-2010-3177 at SUSECVE-2010-3177 at NVDCVE-2010-3178 at SUSECVE-2010-3178 at NVDCVE-2010-3179 at SUSECVE-2010-3179 at NVDCVE-2010-3180 at SUSECVE-2010-3180 at NVDCVE-2010-3182 at SUSECVE-2010-3182 at NVDCVE-2010-3183 at SUSECVE-2010-3183 at NVDCVE-2010-3765 at SUSECVE-2010-3765 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for NetworkManagerSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The NetworkManager configuration was too permissive and
allowed any user to read secrets (CVE-2009-0365) or
manipulate the configuration of other users (CVE-2009-0578).
Additionally a bug where wifi devices didn't work correctly
when the machine was booted with killswitch turned on has
been fixed. The automatic ethernet connection can now be
edited and NetworkManager can now work without ModemManager.
SUSE bug 472112SUSE bug 475851SUSE bug 478080SUSE bug 479566SUSE bug 479885SUSE bug 483576SUSE bug 490004SUSE bug 490574SUSE bug 520095SUSE bug 522742SUSE bug 556083SUSE bug 628607CVE-2009-0365 at SUSECVE-2009-0365 at NVDCVE-2009-0578 at SUSECVE-2009-0578 at NVDCVE-2010-1172 at SUSECVE-2010-1172 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for NetworkManager-gnomeSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The following bugs have been fixed:
nm-applet connected to WPA2 Enterprise networks even if the specified CA certificate file didn't exist (CVE-2009-4144).
When editing connections in nm-applet the connection object was exported via DBus disclosing potentially sensitive information to local users (CVE-2009-4145).
SUSE bug 565549CVE-2009-4144 at SUSECVE-2009-4144 at NVDCVE-2009-4145 at SUSECVE-2009-4145 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for OpenEXRSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of OpenEXR fixes several integer overflows
(CVE-2009-1720) and a denial-of-service (probably execution
of arbitrary code) bug (CVE-2009-1721).
SUSE bug 527539CVE-2009-1720 at SUSECVE-2009-1720 at NVDCVE-2009-1721 at SUSECVE-2009-1721 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for OpenOffice_orgSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of OpenOffice_org fixes the following security issue:
* Arbitrary macros written in Python can be executed by bypassing macro
security permissions. CVE-2010-0395
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0395>
It also provides the maintenance update to OpenOffice.org-3.2.1. Details
about all upstream changes can be found at
http://development.openoffice.org/releases/3.2.1.html
<http://development.openoffice.org/releases/3.2.1.html> .
For further SUSE Linux Enterprise specific fixes please refer to the
changelog of the OpenOffice_org RPM package.
SUSE bug 607095CVE-2010-0395 at SUSECVE-2010-0395 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for acl and libaclSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The setfacl tool followed symbolic links in recursive (-R) mode even if the --physical (-P) option was specified (CVE-2009-4411). This has been fixed.
SUSE bug 567090CVE-2009-4411 at SUSECVE-2009-4411 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for Apache 2SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The following bugs have been fixed:
When using a multithreaded MPM Apache could leak memory of requests
handled by a different thread when processing subrequests
(CVE-2010-0434).
Specially crafted requests could crash mod_proxy_ajp (CVE-2010-0408).
SUSE bug 512583SUSE bug 513080SUSE bug 519194SUSE bug 521906SUSE bug 538322SUSE bug 539571SUSE bug 570127SUSE bug 586572CVE-2009-1195 at SUSECVE-2009-1195 at NVDCVE-2009-1890 at SUSECVE-2009-1890 at NVDCVE-2009-1891 at SUSECVE-2009-1891 at NVDCVE-2009-3094 at SUSECVE-2009-3094 at NVDCVE-2009-3095 at SUSECVE-2009-3095 at NVDCVE-2010-0408 at SUSECVE-2010-0408 at NVDCVE-2010-0434 at SUSECVE-2010-0434 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for PHP5SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
php 5.1.9 fixes among other things some security issues:
- Missing bounds checks of an error in the imageRotate
function of the gd extension potentially allowed
attackers to read portions of memory (CVE-2008-5498).
- the mbstring.func_overload in .htaccess was applied to
other virtual hosts on th same machine (CVE-2009-0754)
SUSE bug 471419SUSE bug 480948SUSE bug 493122SUSE bug 521033SUSE bug 540242SUSE bug 557157SUSE bug 588975SUSE bug 642291SUSE bug 649210SUSE bug 650700CVE-2008-5498 at SUSECVE-2008-5498 at NVDCVE-2009-0754 at SUSECVE-2009-0754 at NVDCVE-2009-1271 at SUSECVE-2009-1271 at NVDCVE-2009-1272 at SUSECVE-2009-1272 at NVDCVE-2009-2687 at SUSECVE-2009-2687 at NVDCVE-2009-3291 at SUSECVE-2009-3291 at NVDCVE-2009-3292 at SUSECVE-2009-3292 at NVDCVE-2009-3293 at SUSECVE-2009-3293 at NVDCVE-2010-0397 at SUSECVE-2010-0397 at NVDCVE-2010-1866 at SUSECVE-2010-1866 at NVDCVE-2010-2094 at SUSECVE-2010-2094 at NVDCVE-2010-3710 at SUSECVE-2010-3710 at NVDCVE-2010-3870 at SUSECVE-2010-3870 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for avahiSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The avahi-daemon reflector could cause packet storms when reflecting legacy unicast mDNS traffic (CVE-2009-0758). This has been fixed.
SUSE bug 480865CVE-2009-0758 at SUSECVE-2009-0758 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Recommended update for bindSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
- #488599: bind DNSSEC Lookaside Validation problem
- mount /proc into chroot environment to support multi CPU
systems (bnc#470828)
- key names with spaces are allowed by genDDNSkey now
(bnc#459739)
- a missing /etc/named.conf.include could lead to an error
while 'restart' (bnc#455888)
- /etc/named.conf does not include
/etc/named.d/forwarders.conf by default (bnc#480334)
SUSE bug 455888SUSE bug 459739SUSE bug 470828SUSE bug 480334SUSE bug 488599SUSE bug 526185SUSE bug 558260SUSE bug 570912CVE-2009-0696 at SUSECVE-2009-0696 at NVDCVE-2009-4022 at SUSECVE-2009-4022 at NVDCVE-2010-0097 at SUSECVE-2010-0097 at NVDCVE-2010-0290 at SUSECVE-2010-0290 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Recommended update for MonoSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Fixes bnc#489019: mono throwing exception while closing
file descriptor 0
SUSE bug 489019SUSE bug 521184SUSE bug 592428CVE-2010-1459 at SUSECVE-2010-1459 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for bzip2SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update fixes an integer overflow in the BZ2_decompress function of
bzip2/libbz2. This could have been exploited via a crafted archive to cause
a denial of service or even execute arbitrary code. (CVE-2010-0405)
Security Issue reference:
* CVE-2010-0405
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405>
SUSE bug 636978CVE-2010-0405 at SUSECVE-2010-0405 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for SambaSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
A buffer overflow in the sid_parse() function of samba could potentially be
exploited by remote attackers to execute arbitrary code (CVE-2010-3069).
Additionally the update also contains fixes for the following non-security
issues:
* bnc#567013 - Failed to join ADS Domain
* bnc#592198 - Samba 3.0 / 3.2 doesn't work with Windows 2008 R2
(NTLMv2)
* bnc#599873 - SAMBA - Problem using NTLM authentication with 2008R2
* bnc#613459 - winbindd crashes in rpcclisettimeout
* bnc#617153 - new printers are not seen in samba with registry
Security Issue reference:
* CVE-2010-3069
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3069>
SUSE bug 513360SUSE bug 515479SUSE bug 539517SUSE bug 550002SUSE bug 567013SUSE bug 577868SUSE bug 577925SUSE bug 583535SUSE bug 592198SUSE bug 599873SUSE bug 605935SUSE bug 606947SUSE bug 611927SUSE bug 613459SUSE bug 617153SUSE bug 637218CVE-2009-1886 at SUSECVE-2009-1886 at NVDCVE-2009-1888 at SUSECVE-2009-1888 at NVDCVE-2009-2813 at SUSECVE-2009-2813 at NVDCVE-2009-2906 at SUSECVE-2009-2906 at NVDCVE-2009-2948 at SUSECVE-2009-2948 at NVDCVE-2010-0547 at SUSECVE-2010-0547 at NVDCVE-2010-0926 at SUSECVE-2010-0926 at NVDCVE-2010-2063 at SUSECVE-2010-2063 at NVDCVE-2010-3069 at SUSECVE-2010-3069 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for clamav, clamav-db, clamav-debuginfo, clamav-debugsourceSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This clamav version upgrade to 0.95.1 fixes a buffer
overflow error in the cli_url_canon() function and a denial
of service condition occuring while parsing malformed UPack
archives.
(cve ids missing still)
SUSE bug 488336SUSE bug 493562SUSE bug 511963SUSE bug 550929SUSE bug 587363SUSE bug 608188SUSE bug 640812SUSE bug 649631SUSE bug 656548CVE-2009-1241 at SUSECVE-2009-1241 at NVDCVE-2010-0098 at SUSECVE-2010-0098 at NVDCVE-2010-1639 at SUSECVE-2010-1639 at NVDCVE-2010-1640 at SUSECVE-2010-1640 at NVDCVE-2010-2077 at SUSECVE-2010-2077 at NVDCVE-2010-3434 at SUSECVE-2010-3434 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for cpioSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update fixes a heap-based buffer overflow flaw that can happen
while expanding specially-crafted archive files (CVE-2010-0624).
This updates Dat160 Tape Drive density information (bnc#415166)
SUSE bug 415166SUSE bug 579475CVE-2010-0624 at SUSECVE-2010-0624 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for cronSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of cron fixes a race condition in crontab that can be used to change the time-stamp of arbitrary files while editing the crontab entry.
CVE-2010-0424: CVSS v2 Base Score: 3.6
Additionally the return value of initgroups() is verified now.
SUSE bug 580800CVE-2010-0424 at SUSECVE-2010-0424 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for CUPSSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Specially crafted tiff files could cause an integer
overflow in the 'imagetops' filter (CVE-2009-0163).
SUSE bug 485895SUSE bug 548317SUSE bug 574336SUSE bug 576507SUSE bug 578215SUSE bug 649256CVE-2009-0163 at SUSECVE-2009-0163 at NVDCVE-2009-2820 at SUSECVE-2009-2820 at NVDCVE-2010-0302 at SUSECVE-2010-0302 at NVDCVE-2010-0393 at SUSECVE-2010-0393 at NVDCVE-2010-0542 at SUSECVE-2010-0542 at NVDCVE-2010-1748 at SUSECVE-2010-1748 at NVDCVE-2010-2941 at SUSECVE-2010-2941 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for curlSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Arbitrary file access via HTTP-redirect has been fixed in
curl. CVE-2009-0037 has been assigned to this issue.
SUSE bug 475103SUSE bug 527990SUSE bug 569614SUSE bug 620857SUSE bug 628337CVE-2009-0037 at SUSECVE-2009-0037 at NVDCVE-2009-2417 at SUSECVE-2009-2417 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for Cyrus IMAPDSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update fixes another buffer overflow in the Sieve code
(CVE-2009-3235). This can be exploited by users allowed to
use their own sieve scripts to execute arbitrary code
remotely. Additionally the handling of long headers was
improved.
SUSE bug 537128SUSE bug 539877CVE-2009-3235 at SUSECVE-2009-3235 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for cyrus-saslSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of cyrus-sasl improves the output of function
sasl_encode64() by appending a 0 for string termination.
The impact depends on the application that uses
sasl_encode64(). (CVE-2009-0688)
SUSE bug 499104CVE-2009-0688 at SUSECVE-2009-0688 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for dbusSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The dbus package used a too permissive configuration.
Therefore intended access control for some services was not
applied (CVE-2008-4311).
The new configuration denies access by default. Some dbus
services may break due to this setting and need an updated
configuration as well.
With the previous update wireless networking didn't work
anymore on some machines due to stale files in
/var/run/dbus/at_console. The dbus init script now cleans
up that directory on boot.
SUSE bug 443307SUSE bug 486267CVE-2008-4311 at SUSECVE-2008-4311 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for dbusSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
A flaw in dbus-glib was fixed that allowed other local programs to bypass
the 'access' flag on properties. (CVE-2010-1172)
SUSE bug 628607CVE-2010-1172 at SUSECVE-2010-1172 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for dhcp-clientSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The DHCP client (dhclient) could be crashed by a malicious
DHCP server sending a overlong subnet field. (CVE-2009-0692)
In some circumstances code execution might be possible, but
might be caught by the buffer overflow checking in newer
distributions. (SLES 10 and 11).
SUSE bug 515599CVE-2009-0692 at SUSECVE-2009-0692 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for dnsmasqSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update fixes a buffer overflow in the TFTP server code
of dnsmasq. Please note that the TFTP server is disabled by
default.
SUSE bug 533710cpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for ethereal and wiresharkSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Flaws in the AFS dissector allowed attackers to crash
wireshark via specially crafted network traffic
(CVE-2009-2562).
SUSE bug 523718CVE-2009-2562 at SUSECVE-2009-2562 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for EvolutionSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
camel's NTLM SASL authentication mechanism as used by
evolution did not properly validate server's challenge
packets (CVE-2009-0582).
This update also includes the following non-security fixes:
- Fixes a critical crasher in mailer component.
- Fixes creation of recurrence monthly items in GroupWise.
- Includes fixes for some usability issues.
SUSE bug 419303SUSE bug 475541SUSE bug 477697SUSE bug 479908SUSE bug 480091SUSE bug 484213CVE-2009-0582 at SUSECVE-2009-0582 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for evolution-data-serverSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update fixes following vulnerability:
evolution considered S/MIME signatures to be valid even for modified mails (CVE-2009-0547: CVSS v2 Base Score: 5.0).
Additionally the following bug has been fixed:
A POP3 server sending overly long lines could crash evolution.
SUSE bug 184554SUSE bug 474948SUSE bug 475108SUSE bug 484884SUSE bug 485689SUSE bug 485930SUSE bug 488632SUSE bug 494490SUSE bug 498712SUSE bug 498745SUSE bug 499105SUSE bug 499179SUSE bug 500133SUSE bug 502046SUSE bug 506265SUSE bug 510803SUSE bug 568822CVE-2009-0547 at SUSECVE-2009-0547 at NVDCVE-2009-0587 at SUSECVE-2009-0587 at NVDCVE-2009-1631 at SUSECVE-2009-1631 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for expatSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The previous expat security update (CVE-2009-3560) caused
parse errors with some xml documents.
SUSE bug 550664SUSE bug 558892SUSE bug 566434CVE-2009-3560 at SUSECVE-2009-3560 at NVDCVE-2009-3720 at SUSECVE-2009-3720 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for fetchmailSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of fetchmail improves SSL certificate
validation to stop possible man-in-the-middle attacks by
inserting \0-character in the certificate's subject name.
(CVE-2009-2666)
SUSE bug 528746CVE-2009-2666 at SUSECVE-2009-2666 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for pidginSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of pidgin fixes the following issues:
- CVE-2009-3026: CVSS v2 Base Score: 5.0 Allowed to send
confidential data unencrypted even if SSL was chosen by
user.
- CVE-2009-3025: CVSS v2 Base Score: 4.3 Remote denial of
service in yahoo IM plug-in.
- CVE-2009-3083: CVSS v2 Base Score: 5.0 Remote denial of
service in MSN plug-in.
- CVE-2009-3084: CVSS v2 Base Score: 5.0 Remote denial of
service in MSN plug-in.
- CVE-2009-3085: CVSS v2 Base Score: 5.0 Remote denial of
service in XMPP plug-in.
- CVE-2009-3615: CVSS v2 Base Score: 5.0 Remote denial of
service in ICQ plug-in.
SUSE bug 535570SUSE bug 535832SUSE bug 536602SUSE bug 548072CVE-2009-3025 at SUSECVE-2009-3025 at NVDCVE-2009-3026 at SUSECVE-2009-3026 at NVDCVE-2009-3083 at SUSECVE-2009-3083 at NVDCVE-2009-3084 at SUSECVE-2009-3084 at NVDCVE-2009-3085 at SUSECVE-2009-3085 at NVDCVE-2009-3615 at SUSECVE-2009-3615 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for freetype2SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Freetype was updated to fix some integer overflows that can
be exploited remotely in conjunction with programs like a
web-browser. (CVE-2009-0946) Thanks to Tavis Ormandy who
found the bugs.
SUSE bug 485889SUSE bug 508139SUSE bug 619562SUSE bug 628213SUSE bug 629447SUSE bug 633938SUSE bug 633943SUSE bug 641580CVE-2009-0946 at SUSECVE-2009-0946 at NVDCVE-2010-1797 at SUSECVE-2010-1797 at NVDCVE-2010-2497 at SUSECVE-2010-2497 at NVDCVE-2010-2498 at SUSECVE-2010-2498 at NVDCVE-2010-2499 at SUSECVE-2010-2499 at NVDCVE-2010-2500 at SUSECVE-2010-2500 at NVDCVE-2010-2519 at SUSECVE-2010-2519 at NVDCVE-2010-2520 at SUSECVE-2010-2520 at NVDCVE-2010-2527 at SUSECVE-2010-2527 at NVDCVE-2010-2541 at SUSECVE-2010-2541 at NVDCVE-2010-2805 at SUSECVE-2010-2805 at NVDCVE-2010-2806 at SUSECVE-2010-2806 at NVDCVE-2010-2807 at SUSECVE-2010-2807 at NVDCVE-2010-2808 at SUSECVE-2010-2808 at NVDCVE-2010-3053 at SUSECVE-2010-3053 at NVDCVE-2010-3054 at SUSECVE-2010-3054 at NVDCVE-2010-3311 at SUSECVE-2010-3311 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for fuseSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
A race condition in fusermount allows non-privileged users to umount
any file system (CVE-2010-0789).
Note: this is a re-release of the previous update with a better patch.
SUSE bug 550003SUSE bug 582725CVE-2009-3297 at SUSECVE-2009-3297 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Recommended update for GDMSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
456387 - gdm doesn't display pam error messages 479949 -
gdm does not immediately respond to changes in
/etc/sysconfig/displaymanager
SUSE bug 381139SUSE bug 439918SUSE bug 456387SUSE bug 479949SUSE bug 485775SUSE bug 489970SUSE bug 490376SUSE bug 490621SUSE bug 491578SUSE bug 492020SUSE bug 495671SUSE bug 499562SUSE bug 500097SUSE bug 506917SUSE bug 509920SUSE bug 510389SUSE bug 511245SUSE bug 511669SUSE bug 512100SUSE bug 526823SUSE bug 545820SUSE bug 583060SUSE bug 627893SUSE bug 628607SUSE bug 633655CVE-2010-1172 at SUSECVE-2010-1172 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for GhostScriptSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Specially crafted file could cause a heap-overflow in JBIG2
decoder (CVE-2009-0196), an integer overflow in ICC library
(CVE-2009-0792), a buffer overflow in BaseFont writer
module (CVE-2008-6679) or crash the CCITTFax decoder
(CVE-2007-6725).
The previous security update introduced a regression that
broke some printer drives. This new update fixes that issue.
SUSE bug 483303SUSE bug 489622SUSE bug 491897SUSE bug 492765SUSE bug 559122SUSE bug 605043SUSE bug 608071CVE-2007-6725 at SUSECVE-2007-6725 at NVDCVE-2008-6679 at SUSECVE-2008-6679 at NVDCVE-2009-0196 at SUSECVE-2009-0196 at NVDCVE-2009-0583 at SUSECVE-2009-0583 at NVDCVE-2009-0584 at SUSECVE-2009-0584 at NVDCVE-2009-0792 at SUSECVE-2009-0792 at NVDCVE-2009-4270 at SUSECVE-2009-4270 at NVDCVE-2009-4897 at SUSECVE-2009-4897 at NVDCVE-2010-1628 at SUSECVE-2010-1628 at NVDCVE-2010-1869 at SUSECVE-2010-1869 at NVDCVE-2010-2055 at SUSECVE-2010-2055 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for glib2SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Large strings could lead to a heap overflow in the base64
encoding and decoding functions. Attackers could
potentially exploit that to execute arbitrary code
(CVE-2008-4316).
SUSE bug 449927SUSE bug 485976SUSE bug 500520SUSE bug 538005CVE-2008-4316 at SUSECVE-2008-4316 at NVDCVE-2009-3289 at SUSECVE-2009-3289 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for glibcSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of glibc fixes various bugs and security issues:
* CVE-2010-3847: Decoding of the $ORIGIN special value in various LD_
environment variables allowed local attackers to execute code in
context of e.g. setuid root programs, elevating privileges.
This issue does not affect SUSE as an assertion triggers before the
respective code is executed. The bug was fixed nevertheless.
*
CVE-2010-3856: The LD_AUDIT environment was not pruned during setuid
root execution and could load shared libraries from standard system
library paths. This could be used by local attackers to inject code
into setuid root programs and so elevated privileges.
*
CVE-2010-0830: Integer overflow causing arbitrary code execution in
ld.so --verify mode could be induced by a specially crafted binary.
*
CVE-2010-0296: The addmntent() function would not escape the newline
character properly, allowing the user to insert arbitrary newlines to
the /etc/mtab; if the addmntent() is run by a setuid mount binary
that does not do extra input checking, this would allow custom
entries to be inserted in /etc/mtab.
*
CVE-2008-1391: The strfmon() function contains an integer overflow
vulnerability in width specifiers handling that could be triggered by
an attacker that can control the format string passed to strfmon().
*
CVE-2010-0015: Some setups (mainly Solaris-based legacy setups)
include shadow information (password hashes) as so-called 'adjunct
passwd' table, mangling it with the rest of passwd columns instead of
keeping it in the shadow table. Normally, Solaris will disclose this
information only to clients bound to a priviledged port, but when
nscd is deployed on the client, getpwnam() would disclose the
password hashes to all users. New mode 'adjunct as shadow' can now be
enabled in /etc/default/nss that will move the password hashes from
the world-readable passwd table to emulated shadow table (that is not
cached by nscd).
Some invalid behaviour, crashes and memory leaks were fixed:
* statfs64() would not function properly on IA64 in ia32el emulation
mode.
* memcpy() and memset() on power6 would erroneously use a 64-bit
instruction within 32-bit code in certain corner cases.
* nscd would not load /etc/host.conf properly before performing host
resolution - most importantly, multi on in /etc/host.conf would be
ignored when nscd was used, breaking e.g. resolving records in
/etc/hosts where single name would point at multiple addresses
* Removed mapping from lowercase sharp s to uppercase sharp S;
uppercase S is not a standardly used letter and causes problems for
ISO encodings.
Some other minor issues were fixed:
* glibc-locale now better coexists with sap-locale on upgrades by
regenerating the locale/gconv indexes properly.
* Ports 623 and 664 may not be allocated by RPC code automatically
anymore since that may clash with ports used on some IPMI network
cards.
* On x86_64, backtrace of a static destructor would stop in the _fini()
glibc pseudo-routine, making it difficult to find out what originally
triggered the program termination. The routine now has unwind
information attached.
Security Issue references:
* CVE-2010-3847
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847>
* CVE-2010-3856
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856>
SUSE bug 375315SUSE bug 445636SUSE bug 474021SUSE bug 486631SUSE bug 505215SUSE bug 508081SUSE bug 513617SUSE bug 513961SUSE bug 523154SUSE bug 523170SUSE bug 529495SUSE bug 534828SUSE bug 541773SUSE bug 569091SUSE bug 572188SUSE bug 585879SUSE bug 592941SUSE bug 594263SUSE bug 615556SUSE bug 646960CVE-2010-3847 at SUSECVE-2010-3847 at NVDCVE-2010-3856 at SUSECVE-2010-3856 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for gmimeSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of gmime fixes a buffer overflow in the GMIME_UUENCODE_LEN macro which allowed possible code execution while processing uuencoded data. (CVE-2010-0409: CVSS v2 Base Score: 5.8)
SUSE bug 576923CVE-2010-0409 at SUSECVE-2010-0409 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for GNOME screensaverSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11SUSE bug 512308SUSE bug 550695SUSE bug 563991SUSE bug 579250CVE-2010-0285 at SUSECVE-2010-0285 at NVDCVE-2010-0732 at SUSECVE-2010-0732 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for GnuTLSSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The previous security fix for gnutls (CVE-2008-4989)
introduced a regression in the X.509 validation code for
self-signed certificates.
This update fixes this problem.
SUSE bug 457938SUSE bug 528372SUSE bug 554084CVE-2008-4989 at SUSECVE-2008-4989 at NVDCVE-2009-2730 at SUSECVE-2009-2730 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Recommended update for GPG2SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
gpg-agent modifies SigBlk mask of all processes spawned in
the X session breaking unrelated software started in the X
session.
SUSE bug 481463SUSE bug 625947CVE-2010-2547 at SUSECVE-2010-2547 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for gstreamerSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Specially crafted cover art tags in vorbis files could
trigger a heap overflow in the base64 decoder. Attackers
could potentially exploit that to execute arbitrary code
(CVE-2009-0586).
SUSE bug 481479CVE-2009-0586 at SUSECVE-2009-0586 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for gstreamerSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Specially crafted files could cause integer overflows in
the PNG decoding module of GStreamer (CVE-2009-1932).
SUSE bug 510292CVE-2009-1932 at SUSECVE-2009-1932 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for gzipSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The following bugs have been fixed:
Specially crafted gzip archives could lead to gzip allocating a too small huffman table. Attackers could exploit that to crash gzip (CVE-2009-2624).
Specially crafted gzip archives could trigger integer overflows. Attackers could exploit that to crash gzip or potentially execute arbitrary code (CVE-2010-0001). Only 64bit architectures are affected by this flaw.
SUSE bug 570331CVE-2009-2624 at SUSECVE-2009-2624 at NVDCVE-2010-0001 at SUSECVE-2010-0001 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for icuSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
icu does not properly handle invalid byte sequences during
Unicode conversion. Remote attackers could potentially
exploit that to conduct conduct cross-site scripting (XSS)
attacks (CVE-2009-0153).
SUSE bug 508070CVE-2009-0153 at SUSECVE-2009-0153 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for ipsec-toolsSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of ipsec-tools fixes a crash of racoon in
ISAKMP's de-fragmentation code due to a NULL-pointer
dereference. (CVE-2009-1574) Additionally multiple memory
leaks were fixed that allowed to execute a remote denial of
service attack. (CVE-2009-1632)
SUSE bug 498859SUSE bug 504186SUSE bug 506710CVE-2009-1574 at SUSECVE-2009-1574 at NVDCVE-2009-1632 at SUSECVE-2009-1632 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for iSCSISUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of iscscitarget/tgt fixes multiple overflows and a format
string vulnerability:
* CVE-2010-2221: CVSS v2 Base Score: 5.0 (MEDIUM)
(AV:N/AC:L/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)
* CVE-2010-0743: CVSS v2 Base Score: 5.0 (MEDIUM)
(AV:N/AC:L/Au:N/C:N/I:N/A:P): Format String Vulnerability (CWE-134)
SUSE bug 592928SUSE bug 618574CVE-2010-0743 at SUSECVE-2010-0743 at NVDCVE-2010-2221 at SUSECVE-2010-2221 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for IBM Java 1.4.2SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update brings the IBM Java 1.4.2 JDK and JRE to
Service Release 13. It fixes lots of bugs and various
security issues:
CVE-2008-5350: A security vulnerability in the Java Runtime
Environment (JRE) may allow an untrusted applet or
application to list the contents of the home directory of
the user running the applet or application.
CVE-2008-5346: A security vulnerability in the Java Runtime
Environment (JRE) with parsing zip files may allow an
untrusted applet or application to read arbitrary memory
locations in the process that the applet or application is
running in.
CVE-2008-5343: A vulnerability in Java Web Start and Java
Plug-in may allow hidden code on a host to make network
connections to that host and to hijack HTTP sessions using
cookies stored in the browser.
CVE-2008-5344: A vulnerability in the Java Runtime
Environment (JRE) with applet classloading may allow an
untrusted applet to read arbitrary files on a system that
the applet runs on and make network connections to hosts
other than the host it was loaded from.
CVE-2008-5359: A buffer overflow vulnerability in the Java
Runtime Environment (JRE) image processing code may allow
an untrusted applet or application to escalate privileges.
For example, an untrusted applet may grant itself
permissions to read and write local files or execute local
applications that are accessible to the user running the
untrusted applet.
CVE-2008-5339: A vulnerability in the Java Runtime
Environment (JRE) may allow an untrusted Java Web Start
application to make network connections to hosts other than
the host that the application is downloaded from.
CVE-2008-5340: A vulnerability in the Java Runtime
Environment with launching Java Web Start applications may
allow an untrusted Java Web Start application to escalate
privileges. For example, an untrusted application may grant
itself permissions to read and write local files or execute
local applications that are accessible to the user running
the untrusted application.
CVE-2008-5348: A security vulnerability in the Java Runtime
Environment (JRE) with authenticating users through
Kerberos may lead to a Denial of Service (DoS) to the
system as a whole, due to excessive consumption of
operating system resources.
CVE-2008-2086: A vulnerability in Java Web Start may allow
certain trusted operations to be performed, such as
modifying system properties.
CVE-2008-5345: The Java Runtime Environment (JRE) allows
code loaded from the local filesystem to access localhost.
This may allow code that is maliciously placed on the local
filesystem and then subsequently run, to have network
access to localhost that would not otherwise be allowed if
the code were loaded from a remote host. This may be
leveraged to steal cookies and hijack sessions (for domains
that map a name to the localhost).
CVE-2008-5351: The UTF-8 (Unicode Transformation Format-8)
decoder in the Java Runtime Environment (JRE) accepts
encodings that are longer than the 'shortest' form. This
behavior is not a vulnerability in Java SE. However, it may
be leveraged to exploit systems running software that
relies on the JRE UTF-8 decoder to reject non-shortest form
sequences. For example, non-shortest form sequences may be
decoded into illegal URIs, which may then allow files that
are not otherwise accessible to be read, if the URIs are
not checked following UTF-8 decoding.
CVE-2008-5360: The Java Runtime Environment creates
temporary files with insufficiently random names. This may
be leveraged to write JAR files which may then be loaded as
untrusted applets and Java Web Start applications to access
and provide services from localhost and hence steal cookies.
CVE-2008-5353: A security vulnerability in the Java Runtime
Environment (JRE) related to deserializing calendar objects
may allow an untrusted applet or application to escalate
privileges. For example, an untrusted applet may grant
itself permissions to read and write local files or execute
local applications that are accessible to the user running
the untrusted applet.
CVE-2008-5356: A buffer vulnerability in the Java Runtime
Environment (JRE) with processing fonts may allow an
untrusted applet or Java Web Start application to escalate
privileges. For example, an untrusted applet may grant
itself permissions to read and write local files or execute
local applications that are accessible to the user running
the untrusted applet.
CVE-2008-5354: A buffer overflow vulnerability in the Java
Runtime Environment (JRE) may allow an untrusted Java
application that is launched through the command line to
escalate privileges. For example, the untrusted Java
application may grant itself permissions to read and write
local files or execute local applications that are
accessible to the user running the untrusted Java
application.
This vulnerability cannot be exploited by an applet or
Java Web Start application.
CVE-2008-5357: A buffer vulnerability in the Java Runtime
Environment (JRE) with processing fonts may allow an
untrusted applet or Java Web Start application to escalate
privileges. For example, an untrusted applet may grant
itself permissions to read and write local files or execute
local applications that are accessible to the user running
the untrusted applet.
CVE-2008-5342: A security vulnerability in the the Java Web
Start BasicService allows untrusted applications that are
downloaded from another system to request local files to be
displayed by the browser of the user running the untrusted
application.
SUSE bug 475425SUSE bug 489052SUSE bug 540945SUSE bug 551829SUSE bug 561831SUSE bug 590826SUSE bug 594791SUSE bug 603353CVE-2008-2086 at SUSECVE-2008-2086 at NVDCVE-2008-5339 at SUSECVE-2008-5339 at NVDCVE-2008-5340 at SUSECVE-2008-5340 at NVDCVE-2008-5342 at SUSECVE-2008-5342 at NVDCVE-2008-5343 at SUSECVE-2008-5343 at NVDCVE-2008-5344 at SUSECVE-2008-5344 at NVDCVE-2008-5345 at SUSECVE-2008-5345 at NVDCVE-2008-5346 at SUSECVE-2008-5346 at NVDCVE-2008-5348 at SUSECVE-2008-5348 at NVDCVE-2008-5349 at SUSECVE-2008-5349 at NVDCVE-2008-5350 at SUSECVE-2008-5350 at NVDCVE-2008-5351 at SUSECVE-2008-5351 at NVDCVE-2008-5353 at SUSECVE-2008-5353 at NVDCVE-2008-5354 at SUSECVE-2008-5354 at NVDCVE-2008-5356 at SUSECVE-2008-5356 at NVDCVE-2008-5357 at SUSECVE-2008-5357 at NVDCVE-2008-5359 at SUSECVE-2008-5359 at NVDCVE-2008-5360 at SUSECVE-2008-5360 at NVDCVE-2009-1100 at SUSECVE-2009-1100 at NVDCVE-2009-2625 at SUSECVE-2009-2625 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2009-3867 at SUSECVE-2009-3867 at NVDCVE-2009-3869 at SUSECVE-2009-3869 at NVDCVE-2009-3871 at SUSECVE-2009-3871 at NVDCVE-2009-3874 at SUSECVE-2009-3874 at NVDCVE-2009-3875 at SUSECVE-2009-3875 at NVDCVE-2010-0084 at SUSECVE-2010-0084 at NVDCVE-2010-0085 at SUSECVE-2010-0085 at NVDCVE-2010-0087 at SUSECVE-2010-0087 at NVDCVE-2010-0088 at SUSECVE-2010-0088 at NVDCVE-2010-0089 at SUSECVE-2010-0089 at NVDCVE-2010-0091 at SUSECVE-2010-0091 at NVDCVE-2010-0095 at SUSECVE-2010-0095 at NVDCVE-2010-0839 at SUSECVE-2010-0839 at NVDCVE-2010-0840 at SUSECVE-2010-0840 at NVDCVE-2010-0841 at SUSECVE-2010-0841 at NVDCVE-2010-0842 at SUSECVE-2010-0842 at NVDCVE-2010-0843 at SUSECVE-2010-0843 at NVDCVE-2010-0844 at SUSECVE-2010-0844 at NVDCVE-2010-0846 at SUSECVE-2010-0846 at NVDCVE-2010-0847 at SUSECVE-2010-0847 at NVDCVE-2010-0848 at SUSECVE-2010-0848 at NVDCVE-2010-0849 at SUSECVE-2010-0849 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for BEA Java 1.5.0SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
BEA Java for Itanium has been updated to version 1.5.0.13.1.2.
This contains all fixes equivalent to Sun JAVA SE 1.5 Update 11.
SUSE bug 472384cpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for IBM Java 1.6.0SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update brings the IBM Java 6 JDK and JRE to Service
Release 4. It fixes lots of bugs and various security
issues:
CVE-2008-5341: A vulnerability in the Java Runtime
Environment may allow an untrusted Java Web Start
application to determine the location of the Java Web Start
cache and the username of the user running the Java Web
Start application.
CVE-2008-5340: A vulnerability in the Java Runtime
Environment with launching Java Web Start applications may
allow an untrusted Java Web Start application to escalate
privileges. For example, an untrusted application may grant
itself permissions to read and write local files or execute
local applications that are accessible to the user running
the untrusted application.
CVE-2008-5351: The UTF-8 (Unicode Transformation Format-8)
decoder in the Java Runtime Environment (JRE) accepts
encodings that are longer than the 'shortest' form. This
behavior is not a vulnerability in Java SE. However, it may
be leveraged to exploit systems running software that
relies on the JRE UTF-8 decoder to reject non-shortest form
sequences. For example, non-shortest form sequences may be
decoded into illegal URIs, which may then allow files that
are not otherwise accessible to be read, if the URIs are
not checked following UTF-8 decoding.
CVE-2008-5356: A buffer vulnerability in the Java Runtime
Environment (JRE) with processing fonts may allow an
untrusted applet or Java Web Start application to escalate
privileges. For example, an untrusted applet may grant
itself permissions to read and write local files or execute
local applications that are accessible to the user running
the untrusted applet.
CVE-2008-5357: A buffer vulnerability in the Java Runtime
Environment (JRE) with processing fonts may allow an
untrusted applet or Java Web Start application to escalate
privileges. For example, an untrusted applet may grant
itself permissions to read and write local files or execute
local applications that are accessible to the user running
the untrusted applet.
CVE-2008-5358: A buffer overflow vulnerability in the Java
Runtime Environment with processing GIF images may allow an
untrusted Java Web Start application to escalate
privileges. For example, an untrusted application may grant
itself permissions to read and write local files or execute
local applications that are accessible to the user running
the untrusted applet.
CVE-2008-5342: A security vulnerability in the the Java Web
Start BasicService allows untrusted applications that are
downloaded from another system to request local files to be
displayed by the browser of the user running the untrusted
application.
SUSE bug 489052SUSE bug 494536SUSE bug 516361SUSE bug 548655SUSE bug 558342SUSE bug 561859SUSE bug 603283SUSE bug 624224CVE-2008-5340 at SUSECVE-2008-5340 at NVDCVE-2008-5341 at SUSECVE-2008-5341 at NVDCVE-2008-5342 at SUSECVE-2008-5342 at NVDCVE-2008-5351 at SUSECVE-2008-5351 at NVDCVE-2008-5356 at SUSECVE-2008-5356 at NVDCVE-2008-5357 at SUSECVE-2008-5357 at NVDCVE-2008-5358 at SUSECVE-2008-5358 at NVDCVE-2009-0217 at SUSECVE-2009-0217 at NVDCVE-2009-1093 at SUSECVE-2009-1093 at NVDCVE-2009-1094 at SUSECVE-2009-1094 at NVDCVE-2009-1095 at SUSECVE-2009-1095 at NVDCVE-2009-1096 at SUSECVE-2009-1096 at NVDCVE-2009-1097 at SUSECVE-2009-1097 at NVDCVE-2009-1098 at SUSECVE-2009-1098 at NVDCVE-2009-1099 at SUSECVE-2009-1099 at NVDCVE-2009-1100 at SUSECVE-2009-1100 at NVDCVE-2009-1101 at SUSECVE-2009-1101 at NVDCVE-2009-1103 at SUSECVE-2009-1103 at NVDCVE-2009-1104 at SUSECVE-2009-1104 at NVDCVE-2009-1105 at SUSECVE-2009-1105 at NVDCVE-2009-1106 at SUSECVE-2009-1106 at NVDCVE-2009-1107 at SUSECVE-2009-1107 at NVDCVE-2009-2493 at SUSECVE-2009-2493 at NVDCVE-2009-2625 at SUSECVE-2009-2625 at NVDCVE-2009-2670 at SUSECVE-2009-2670 at NVDCVE-2009-2671 at SUSECVE-2009-2671 at NVDCVE-2009-2672 at SUSECVE-2009-2672 at NVDCVE-2009-2673 at SUSECVE-2009-2673 at NVDCVE-2009-2674 at SUSECVE-2009-2674 at NVDCVE-2009-2675 at SUSECVE-2009-2675 at NVDCVE-2009-2676 at SUSECVE-2009-2676 at NVDCVE-2009-3865 at SUSECVE-2009-3865 at NVDCVE-2009-3866 at SUSECVE-2009-3866 at NVDCVE-2009-3867 at SUSECVE-2009-3867 at NVDCVE-2009-3868 at SUSECVE-2009-3868 at NVDCVE-2009-3869 at SUSECVE-2009-3869 at NVDCVE-2009-3871 at SUSECVE-2009-3871 at NVDCVE-2009-3872 at SUSECVE-2009-3872 at NVDCVE-2009-3873 at SUSECVE-2009-3873 at NVDCVE-2009-3874 at SUSECVE-2009-3874 at NVDCVE-2009-3875 at SUSECVE-2009-3875 at NVDCVE-2009-3876 at SUSECVE-2009-3876 at NVDCVE-2009-3877 at SUSECVE-2009-3877 at NVDCVE-2010-0084 at SUSECVE-2010-0084 at NVDCVE-2010-0085 at SUSECVE-2010-0085 at NVDCVE-2010-0087 at SUSECVE-2010-0087 at NVDCVE-2010-0088 at SUSECVE-2010-0088 at NVDCVE-2010-0089 at SUSECVE-2010-0089 at NVDCVE-2010-0090 at SUSECVE-2010-0090 at NVDCVE-2010-0091 at SUSECVE-2010-0091 at NVDCVE-2010-0092 at SUSECVE-2010-0092 at NVDCVE-2010-0094 at SUSECVE-2010-0094 at NVDCVE-2010-0095 at SUSECVE-2010-0095 at NVDCVE-2010-0837 at SUSECVE-2010-0837 at NVDCVE-2010-0838 at SUSECVE-2010-0838 at NVDCVE-2010-0839 at SUSECVE-2010-0839 at NVDCVE-2010-0840 at SUSECVE-2010-0840 at NVDCVE-2010-0841 at SUSECVE-2010-0841 at NVDCVE-2010-0842 at SUSECVE-2010-0842 at NVDCVE-2010-0843 at SUSECVE-2010-0843 at NVDCVE-2010-0844 at SUSECVE-2010-0844 at NVDCVE-2010-0846 at SUSECVE-2010-0846 at NVDCVE-2010-0847 at SUSECVE-2010-0847 at NVDCVE-2010-0848 at SUSECVE-2010-0848 at NVDCVE-2010-0849 at SUSECVE-2010-0849 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for KDE4 PIM packagesSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This kdepim4 and kdepimlibs4 update fixes lots of bugs and
one security issue:
KMail 4.1.x executes links in mail without confirmation.
(no cve assigned yet)
It also fixes lots of non-security bugs:
kdepim4:
- kdepim: make sure we initially create items for
subresources
- kdepim: fix autocompletion shortcut error
- kdepim: reduce linkage
- akregator: fix copy text from article view widget
(kde#168865)
- akregator: fix saving articlelistview settings
(kde#176262,bnc#430825)
- akregator: improve prev/next unread article behavior
when a filter is set (kde#138935)
- gpgme: Fix persistent progress dialogs for GPG key ops
(kde#169563)
- kaddressbook: fix help anchors
- kaddressbook: set department and org fields on vcard
export
- kaddressbook: Fix LDIF import for files with windows
linebreaks
- kalarm: fix translation not loaded
- kalarm: correctly handle failure to create alarm
resource
- kalarm: Copying alarm to KOrganizer fails when embedded
in Kontact (kde#176759)
- kalarm: Fix kalarmautostart crash on logout
- kalarm: fix click on system tray icon not showing main
window
- kalarm: disabled from enabled alarm colour when
highlighted in alarm list
- kalarm: UI fixes
- kalarm: signal when work hours change
- kalarm: fix command alarms (kde#175623)
- kalarm: Fix toolbar settings being lost
- kalarm: Fix crash if activated again while restoring
from previous session
- kalarm: update change log
- kalarm: correct system tray icon parent
- kalarm: show idle time on correct virtual desktop
(kde#153442,kde#174346)
- kalarm: ensure alarms shown above full-screen windows
- kalarm: Fix invalid alarm remaining in calendar on
failure
- kjots: fix paste of richtext and tabs becoming spaces
bugs (kde#160600,kde#175100)
- kmail: fix loss of configured receiving accounts on
exit with wallet dialog open (kde#169166)
- kmail: do not execute executables when clicking a link,
and solve dangling kmmsgbase pointer crash
(kde#179765,bnc#490696)
- kmail: fix crash when syncing imap flags (kde#106030)
- kmail: detect urgent X-Priority correctly
- kmail: fix opening zip attachments
- kmail: don't show unconfigurable shortcuts in dialog
- kmail: fix added subfolders not appearing in the folder
selection dialog
- kmail: configure dialog UI fixes
- kmail: display receiving accounts correctly in config
- kmail: unread mail layout bug (bug#174304)
- kmail: don't force duplicate add to addressbook
(kde#174332)
- kmail: remove deprecated spamassassin flag (kde#140032)
- kmail: update detected encoding on inserting file in
composer (kde#88781)
- kmail: fix unreactive encoding change dialog
(kde#149309,kde#145163)
- kmail: update detected encoding on inserting file in
composer (kde#88781)
- kmail: fix out of range in parsing mail bug
- kmail: various encoding fixes (kde#64815)
- kmail: remove spurious assert
- kmail: sieve dialog fixes
- kmail: missing i18n
- kmail: Fix the 'open in addressbook' action
- kmail: attachments check fix
- kmail: Fix spacing in Configure
- kmail: fix inline-forwarding of messages with
attachments. (kde#178128,kde#146921)
- kmail: don't allow attachment deletion/editing in
read-only folders (kolab#3324)
- kmail: fix crash when clicking on one of the invitation
action links
- kmail: fix inline forwarding of multipart/mixed messages
- kmail: fix crashing in templates (kde#178038)
- knode: fix rules editor crash and saving and loading of
scoring rules (kde:170030,kde:175045)
- knode: fix incorrect charset header (kde:169411)
- knode: safety checks
- knotes: various crash fixes
- knotes: don't exit when the last window is closed
(kde#153244)
- kontact: fix help anchors
- kontact: fix crash on opening configure dialog
(kde#174707)
- korganizer: fix task filtering (kde#171205)
- korganizer: public holidays for Chile
- korganizer: public holidays for Jamaica
- korganizer: fix crash when deleting categories with
deep subcategories (kde#153740)
- korganizer: fix Russian holidays
- korganizer: allow to change my status even if I'm the
organizer of this event (kolab#3084)
- korganizer: Fix crashes on saving new calendar
- korganizer: correct Norwegian public holidays
- korganizer: calendar scroll widget fixes
- korganizer: navigator bar menu fixes
- korganizer: navigatorbar - fix selectMonth() to emit
the correct month index
- korganizer: navigatorbar - layout cleanup
- korganizer: indicate when subresources are present
- korganizer: fix missing RTL text in monthviews
- korganizer: potential setNoActionCursor crash fix
- korganizer: navigatorbar - fix jumping labels
- korganizer: navigatorbar - fix crash on exit
- korganizer: fix alignment of day labels to main matrix
- korganizer: make do not show to-dos in monthview work
- korganizer: fix crash on removing attendees (kde#172354)
- korganizer: fix cancelling imip send
- korganizer: fix print crashing (kde#160260)
- korganizer: fix print default year
- korganizer: fix printing generally
- korganizer: fix printing UTC incidences (kde)
- korganizer: fix month view doesnt react to key and
mouse events (kde#175814)
- korganizer: make paste work on actual selection
(kde#175814,kde#132863)
- korganizer: pasting fix
- korganizer: fix sorting todos
- korganizer: menu fixes
- korganizer: backports to help make Paste work
- korganizer: type-ahead event creation ignores ctrl keys
- korganizer: robustness work in synchronous address book
loading
- korganizer: paint the all-day item headers
- korganizer: initialise special dates UI correctly
- korganizer: disable the configuration area for
deselected plugins
- korganizer: hide redundant configure plugin button
- korganizer: fix agendaview configuration
- korganizer: ensure agendaview decoration is selected
- korganizer: fix to-do copying
- korganizer: todo rich text speedup
- korganizer: fix what's next view todo links
- korganizer: fix event duplication when moving events
with the mouse.
- korganizer: fix duplicate default resources (bnc#116351)
- korganizer: fix tab order
- korganizer: fix performance problems on updateEvents()
- korganizer: fix new journal is set to date of the first
day of the week/month (kde#170634)
- korganizer: fix slow switching calendar views
(kde#170993)
- korganizer: maintain selected day on view change
- korganizer: fix performance problems with month
switching (kde#166771)
- korganizer: don't load decoration plugins multiple times
- korganizer: an attempt at fixing the dreaded crash in
paintEvent().
- korganizer: fixes in pasting
- korganizer: don't lose last day on setting recurring
events
- korganizer: updated Slovenian holidays
- korganizer: avoid assert when adding attachments
- kresources: blog - remove non-working LiveJournal
support
- kresources: birthdays - complete load sequence
- kresources: birthdays - fix alarms
- kresources: Write subresource state changes immediately
(kolab#3314)
- kresources: groupwise - fixes to warn on trying to set
up dud local<->remote id mappings
- ktimetracker: fix crash when deleting the last task
(kde:173543)
kdepimlibs4:
- fixes a crash on korgac startup triggered when parsing
the timezoneId from a null string
- libical safety fix
- memleak in Generic kmime header
- test before delete[] is not needed
- fix memleak in knode
- fix the kio_sieve related klauncher crashes
- return better errors for gpgme write failures and
missing passphrases
- Fix signing of multiple uids (!= all, though) at the
same time
- Print the nextState() call also in the error case
- gpgme: Fix 'General Error' returned when trying to sign
an already signed UID again with the same key.
- gpgme: use better error codes
- gpgme: Treat GPGME_STATUS_{KEY,SIG}EXPIRED as errors,
too.
- gpgme: Add missing gpg_error() call (to set the correct
source of the error)
- kblog: fix broken tagging
- kblog: GData tagging fix
- fix sending mail fails due to spurious newline in
server name configuration (kde#175892)
- fix korganizer crash with akonadi resources (kde#175971)
- remove use of isNull in icalformat
- properly initialize kcal::attachment ctor
- kcal: fix spurious error on empty alarm trigger
- kcal: inline attachment fixes
- kcal: crash fixes
- kldap: crash bug fix (kde#174381)
- Fix LDAP using simple authentication (kde#163319)
- ldap: Quote CN parameters correctly. (kolab#3281)
- update reference test files
- merge updated testcase runner
- use .shell versions of tests
- remove mistaken reference files
- fix a backporting boo-boo
- kcal: fix an ical date interpretation bug
- Fix a crash when using egroupware.
- Fix a crash in KOrganizer when the addressbook contains
a LDAP resource.
- Fixes an assert crash when unloading and then loading a
vCal resource
- Fix high traffic rss feed fetches
- Fix for improperly formatted mailto: links in the
KOrganizer eventviewer.
- fixcrash if data() returns null (CID:3969)
- Fix sieve with dovecot servers
- Fix parsing of time string to be more conforming to ISO
8601
- kcal: Fix iCal export due to wrongly discarded last
byte (porting bug) (kde#182224)
SUSE bug 490696cpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for okular.SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update fixes a heap-based overflow in okular. The RLE decompression in
the TranscribePalmImageToJPEG() function can be exploited to execute
arbitrary code with user privileges by providing a crafted PDF file.
(CVE-2010-2575)
Security Issue reference:
* CVE-2010-2575
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2575>
SUSE bug 634743CVE-2010-2575 at SUSECVE-2010-2575 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for kdmSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The KDE display manager kdm contains a race condition which allows local attackers to make arbitrary files orld writable. CVE-2010-0436 has been assigned to this issue.
SUSE bug 584223CVE-2010-0436 at SUSECVE-2010-0436 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for kdenetworkSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of kdenetwork fixes several bugs, the security related issues
are:
* CVE-2010-1000: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N):
CWE-22
The 'name' attribute of the 'file' element of metalink files is not
properly sanitised this can be exploited to download files to arbitrary
directories.
* CVE-2008-4776: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P):
CWE-119
The included libgadu version allowed remote servers to cause a denial of
service (crash) via a buffer over-read.
Non-security issues:
* bnc#653852: kopete: ICQ login broken; login server changed
* bnc#516347: kopete cant connect to yahoo
Security Issue references:
* CVE-2008-4776
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4776>
* CVE-2010-1000
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1000>
SUSE bug 516347SUSE bug 525528SUSE bug 604709SUSE bug 653852CVE-2008-4776 at SUSECVE-2008-4776 at NVDCVE-2010-1000 at SUSECVE-2010-1000 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for kdelibsSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
An invalid character reference causing a buffer overflow in khtml has been
fixed in the kdelibs package. CVE-2009-1725 has been assigned to this
issue.
Security Issue reference:
* CVE-2009-1725
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1725>
SUSE bug 512559SUSE bug 557126SUSE bug 600469CVE-2009-0689 at SUSECVE-2009-0689 at NVDCVE-2009-1725 at SUSECVE-2009-1725 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for kdelibs4SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
A KDELibs Remote Array Overrun (Arbitrary code execution)
was fixed (CVE-2009-0689).
SUSE bug 507328SUSE bug 557126CVE-2009-0689 at SUSECVE-2009-0689 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for the Linux kernelSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The Linux kernel on SUSE Linux Enterprise 11 was updated to
2.6.27.23 and received lots of bugs and security fixes.
Following security issues have been fixed: CVE-2009-1439:
Buffer overflow in fs/cifs/connect.c in CIFS in the Linux
kernel 2.6.29 and earlier allows remote attackers to cause
a denial of service (crash) or potential code execution via
a long nativeFileSystem field in a Tree Connect response to
an SMB mount request.
This requires that kernel can be made to mount a 'cifs'
filesystem from a malicious CIFS server.
CVE-2009-1337: The exit_notify function in kernel/exit.c in
the Linux kernel did not restrict exit signals when the
CAP_KILL capability is held, which allows local users to
send an arbitrary signal to a process by running a program
that modifies the exit_signal field and then uses an exec
system call to launch a setuid application.
The GCC option -fwrapv has been added to compilation to
work around potentially removing integer overflow checks.
CVE-2009-1265: Integer overflow in rose_sendmsg
(sys/net/af_rose.c) in the Linux kernel might allow
attackers to obtain sensitive information via a large
length value, which causes 'garbage' memory to be sent.
CVE-2009-1242: The vmx_set_msr function in
arch/x86/kvm/vmx.c in the VMX implementation in the KVM
subsystem in the Linux kernel on the i386 platform allows
guest OS users to cause a denial of service (OOPS) by
setting the EFER_LME (aka 'Long mode enable') bit in the
Extended Feature Enable Register (EFER) model-specific
register, which is specific to the x86_64 platform.
CVE-2009-1360: The __inet6_check_established function in
net/ipv6/inet6_hashtables.c in the Linux kernel, when
Network Namespace Support (aka NET_NS) is enabled, allows
remote attackers to cause a denial of service (NULL pointer
dereference and system crash) via vectors involving IPv6
packets.
CVE-2009-1192: drivers/char/agp/generic.c in the agp
subsystem in the Linux kernel does not zero out pages that
may later be available to a user-space process, which
allows local users to obtain sensitive information by
reading these pages.
Additionaly a lot of bugs have been fixed and are listed in
the RPM changelog.
SUSE bug 185164SUSE bug 191648SUSE bug 395775SUSE bug 402922SUSE bug 408304SUSE bug 410452SUSE bug 417417SUSE bug 439348SUSE bug 439775SUSE bug 441062SUSE bug 441420SUSE bug 441650SUSE bug 448410SUSE bug 450468SUSE bug 450658SUSE bug 457472SUSE bug 458222SUSE bug 459065SUSE bug 459146SUSE bug 460284SUSE bug 462913SUSE bug 463829SUSE bug 464360SUSE bug 465707SUSE bug 465854SUSE bug 465955SUSE bug 466554SUSE bug 467174SUSE bug 467317SUSE bug 467381SUSE bug 467518SUSE bug 467846SUSE bug 469576SUSE bug 470238SUSE bug 471249SUSE bug 471396SUSE bug 472342SUSE bug 472410SUSE bug 472432SUSE bug 472783SUSE bug 473881SUSE bug 474062SUSE bug 474335SUSE bug 474773SUSE bug 475149SUSE bug 476330SUSE bug 476525SUSE bug 476582SUSE bug 476822SUSE bug 477624SUSE bug 477816SUSE bug 478462SUSE bug 478534SUSE bug 479304SUSE bug 479558SUSE bug 479617SUSE bug 479730SUSE bug 479784SUSE bug 480391SUSE bug 480448SUSE bug 480524SUSE bug 480617SUSE bug 480749SUSE bug 480753SUSE bug 480809SUSE bug 481074SUSE bug 481749SUSE bug 482052SUSE bug 482220SUSE bug 482506SUSE bug 482614SUSE bug 482796SUSE bug 482818SUSE bug 483375SUSE bug 483706SUSE bug 484306SUSE bug 484529SUSE bug 484664SUSE bug 484716SUSE bug 484767SUSE bug 484931SUSE bug 485089SUSE bug 485768SUSE bug 486001SUSE bug 486331SUSE bug 486430SUSE bug 486728SUSE bug 486803SUSE bug 487106SUSE bug 487247SUSE bug 487412SUSE bug 487755SUSE bug 487987SUSE bug 489005SUSE bug 489105SUSE bug 490030SUSE bug 490368SUSE bug 490517SUSE bug 490608SUSE bug 490902SUSE bug 491289SUSE bug 491430SUSE bug 491802SUSE bug 492282SUSE bug 492324SUSE bug 492469SUSE bug 492547SUSE bug 492658SUSE bug 492760SUSE bug 492768SUSE bug 492961SUSE bug 493214SUSE bug 493392SUSE bug 493991SUSE bug 494463SUSE bug 495065SUSE bug 495068SUSE bug 495091SUSE bug 495259SUSE bug 495515SUSE bug 495668SUSE bug 495816SUSE bug 496027SUSE bug 496353SUSE bug 496398SUSE bug 496399SUSE bug 496502SUSE bug 496871SUSE bug 496878SUSE bug 497341SUSE bug 497648SUSE bug 497807SUSE bug 498042SUSE bug 498237SUSE bug 498358SUSE bug 498369SUSE bug 498402SUSE bug 498708SUSE bug 499152SUSE bug 499278SUSE bug 499558SUSE bug 499772SUSE bug 499845SUSE bug 500429SUSE bug 500508SUSE bug 501114SUSE bug 501160SUSE bug 501224SUSE bug 501234SUSE bug 501396SUSE bug 501563SUSE bug 501651SUSE bug 501663SUSE bug 502026SUSE bug 502092SUSE bug 502425SUSE bug 502675SUSE bug 502733SUSE bug 502903SUSE bug 503038SUSE bug 503101SUSE bug 503161SUSE bug 503353SUSE bug 503457SUSE bug 503635SUSE bug 503855SUSE bug 504646SUSE bug 505578SUSE bug 505831SUSE bug 505925SUSE bug 506361SUSE bug 507557SUSE bug 509066SUSE bug 509071SUSE bug 509407SUSE bug 509495SUSE bug 509497SUSE bug 509544SUSE bug 509753SUSE bug 509822SUSE bug 510449SUSE bug 511079SUSE bug 511243SUSE bug 511306SUSE bug 512070SUSE bug 513437SUSE bug 513954SUSE bug 514022SUSE bug 514265SUSE bug 514375SUSE bug 514644SUSE bug 514767SUSE bug 515266SUSE bug 515640SUSE bug 515645SUSE bug 516213SUSE bug 516827SUSE bug 517098SUSE bug 518291SUSE bug 519111SUSE bug 519188SUSE bug 519820SUSE bug 520975SUSE bug 521190SUSE bug 521578SUSE bug 522414SUSE bug 522686SUSE bug 522764SUSE bug 522790SUSE bug 522911SUSE bug 522914SUSE bug 523487SUSE bug 523719SUSE bug 524222SUSE bug 524242SUSE bug 524347SUSE bug 524683SUSE bug 524981SUSE bug 525903SUSE bug 526514SUSE bug 526819SUSE bug 527284SUSE bug 527361SUSE bug 527748SUSE bug 527754SUSE bug 527848SUSE bug 528427SUSE bug 528769SUSE bug 528811SUSE bug 528853SUSE bug 529188SUSE bug 529369SUSE bug 529660SUSE bug 530151SUSE bug 530535SUSE bug 531260SUSE bug 531384SUSE bug 531437SUSE bug 531533SUSE bug 531633SUSE bug 531716SUSE bug 532063SUSE bug 532443SUSE bug 532598SUSE bug 533267SUSE bug 534065SUSE bug 534202SUSE bug 534214SUSE bug 534232SUSE bug 534629SUSE bug 534961SUSE bug 534977SUSE bug 535380SUSE bug 535409SUSE bug 535497SUSE bug 535801SUSE bug 535880SUSE bug 535890SUSE bug 535939SUSE bug 535947SUSE bug 536117SUSE bug 536467SUSE bug 536699SUSE bug 537016SUSE bug 537435SUSE bug 539010SUSE bug 539271SUSE bug 539878SUSE bug 540349SUSE bug 540997SUSE bug 541403SUSE bug 541648SUSE bug 542505SUSE bug 543480SUSE bug 544759SUSE bug 544760SUSE bug 544763SUSE bug 544779SUSE bug 545013SUSE bug 545236SUSE bug 545367SUSE bug 546006SUSE bug 546449SUSE bug 547137SUSE bug 547357SUSE bug 547370SUSE bug 547433SUSE bug 547474SUSE bug 548070SUSE bug 548071SUSE bug 548074SUSE bug 548101SUSE bug 548529SUSE bug 548807SUSE bug 549567SUSE bug 549748SUSE bug 549751SUSE bug 550648SUSE bug 551142SUSE bug 551348SUSE bug 551942SUSE bug 552033SUSE bug 552602SUSE bug 552775SUSE bug 553175SUSE bug 554081SUSE bug 554122SUSE bug 554197SUSE bug 554567SUSE bug 556282SUSE bug 556532SUSE bug 556864SUSE bug 557180SUSE bug 557668SUSE bug 557683SUSE bug 557710SUSE bug 559111SUSE bug 560055SUSE bug 561078SUSE bug 561621SUSE bug 564374SUSE bug 564381SUSE bug 564382SUSE bug 564712SUSE bug 565267SUSE bug 566480SUSE bug 566634SUSE bug 566768SUSE bug 566857SUSE bug 567376SUSE bug 567684SUSE bug 569071SUSE bug 569125SUSE bug 569902SUSE bug 569916SUSE bug 570314SUSE bug 570606SUSE bug 571804SUSE bug 573107SUSE bug 573460SUSE bug 573478SUSE bug 574006SUSE bug 574224SUSE bug 575179SUSE bug 575644SUSE bug 576267SUSE bug 576277SUSE bug 576344SUSE bug 576927SUSE bug 577753SUSE bug 577967SUSE bug 579439SUSE bug 580047SUSE bug 580354SUSE bug 580799SUSE bug 581718SUSE bug 583677SUSE bug 584216SUSE bug 590415SUSE bug 591371SUSE bug 591556SUSE bug 593881SUSE bug 596113SUSE bug 596462SUSE bug 597337SUSE bug 598293SUSE bug 599213SUSE bug 599955SUSE bug 600774SUSE bug 601283SUSE bug 602969SUSE bug 603411SUSE bug 604183SUSE bug 607123SUSE bug 608366SUSE bug 608576SUSE bug 608933SUSE bug 608994SUSE bug 609134SUSE bug 609506SUSE bug 610296SUSE bug 610362SUSE bug 612213SUSE bug 613273SUSE bug 615143SUSE bug 616080SUSE bug 619470SUSE bug 620443SUSE bug 624850SUSE bug 627386SUSE bug 627447SUSE bug 628604SUSE bug 631801SUSE bug 632309SUSE bug 632568SUSE bug 633543SUSE bug 633581SUSE bug 633585SUSE bug 633593SUSE bug 634991SUSE bug 635413SUSE bug 635425SUSE bug 636112SUSE bug 636461SUSE bug 636850SUSE bug 637436SUSE bug 638277SUSE bug 638324SUSE bug 639481SUSE bug 639482SUSE bug 639708SUSE bug 639709SUSE bug 640660SUSE bug 640721CVE-2005-4881 at SUSECVE-2005-4881 at NVDCVE-2009-0676 at SUSECVE-2009-0676 at NVDCVE-2009-0835 at SUSECVE-2009-0835 at NVDCVE-2009-1072 at SUSECVE-2009-1072 at NVDCVE-2009-1192 at SUSECVE-2009-1192 at NVDCVE-2009-1242 at SUSECVE-2009-1242 at NVDCVE-2009-1265 at SUSECVE-2009-1265 at NVDCVE-2009-1337 at SUSECVE-2009-1337 at NVDCVE-2009-1360 at SUSECVE-2009-1360 at NVDCVE-2009-1385 at SUSECVE-2009-1385 at NVDCVE-2009-1389 at SUSECVE-2009-1389 at NVDCVE-2009-1439 at SUSECVE-2009-1439 at NVDCVE-2009-1630 at SUSECVE-2009-1630 at NVDCVE-2009-1961 at SUSECVE-2009-1961 at NVDCVE-2009-2406 at SUSECVE-2009-2406 at NVDCVE-2009-2407 at SUSECVE-2009-2407 at NVDCVE-2009-2692 at SUSECVE-2009-2692 at NVDCVE-2009-2903 at SUSECVE-2009-2903 at NVDCVE-2009-2909 at SUSECVE-2009-2909 at NVDCVE-2009-2910 at SUSECVE-2009-2910 at NVDCVE-2009-3002 at SUSECVE-2009-3002 at NVDCVE-2009-3080 at SUSECVE-2009-3080 at NVDCVE-2009-3286 at SUSECVE-2009-3286 at NVDCVE-2009-3547 at SUSECVE-2009-3547 at NVDCVE-2009-3612 at SUSECVE-2009-3612 at NVDCVE-2009-3620 at SUSECVE-2009-3620 at NVDCVE-2009-3621 at SUSECVE-2009-3621 at NVDCVE-2009-3726 at SUSECVE-2009-3726 at NVDCVE-2009-3939 at SUSECVE-2009-3939 at NVDCVE-2009-4005 at SUSECVE-2009-4005 at NVDCVE-2009-4020 at SUSECVE-2009-4020 at NVDCVE-2009-4138 at SUSECVE-2009-4138 at NVDCVE-2009-4307 at SUSECVE-2009-4307 at NVDCVE-2009-4308 at SUSECVE-2009-4308 at NVDCVE-2009-4536 at SUSECVE-2009-4536 at NVDCVE-2009-4537 at SUSECVE-2009-4537 at NVDCVE-2009-4538 at SUSECVE-2009-4538 at NVDCVE-2010-0003 at SUSECVE-2010-0003 at NVDCVE-2010-0007 at SUSECVE-2010-0007 at NVDCVE-2010-0307 at SUSECVE-2010-0307 at NVDCVE-2010-0410 at SUSECVE-2010-0410 at NVDCVE-2010-0415 at SUSECVE-2010-0415 at NVDCVE-2010-0622 at SUSECVE-2010-0622 at NVDCVE-2010-1087 at SUSECVE-2010-1087 at NVDCVE-2010-1162 at SUSECVE-2010-1162 at NVDCVE-2010-1437 at SUSECVE-2010-1437 at NVDCVE-2010-1446 at SUSECVE-2010-1446 at NVDCVE-2010-1641 at SUSECVE-2010-1641 at NVDCVE-2010-1643 at SUSECVE-2010-1643 at NVDCVE-2010-2798 at SUSECVE-2010-2798 at NVDCVE-2010-2803 at SUSECVE-2010-2803 at NVDCVE-2010-2942 at SUSECVE-2010-2942 at NVDCVE-2010-2946 at SUSECVE-2010-2946 at NVDCVE-2010-2954 at SUSECVE-2010-2954 at NVDCVE-2010-2955 at SUSECVE-2010-2955 at NVDCVE-2010-2959 at SUSECVE-2010-2959 at NVDCVE-2010-3015 at SUSECVE-2010-3015 at NVDCVE-2010-3078 at SUSECVE-2010-3078 at NVDCVE-2010-3080 at SUSECVE-2010-3080 at NVDCVE-2010-3081 at SUSECVE-2010-3081 at NVDCVE-2010-3296 at SUSECVE-2010-3296 at NVDCVE-2010-3297 at SUSECVE-2010-3297 at NVDCVE-2010-3301 at SUSECVE-2010-3301 at NVDCVE-2010-3310 at SUSECVE-2010-3310 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for KerberosSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Clients sending negotiation requests with invalid flags
could crash the kerberos server (CVE-2009-0845).
GSS-API clients could crash when reading from an invalid
address space (CVE-2009-0844).
Invalid length checks could crash applications using the
kerberos ASN.1 parser (CVE-2009-0847).
Under certain circumstances the ASN.1 parser could free an
uninitialized pointer which could crash a kerberos server
or even lead to execution of arbitrary code (CVE-2009-0846).
SUSE bug 485894SUSE bug 486722SUSE bug 486723SUSE bug 561351SUSE bug 591049SUSE bug 596826SUSE bug 650650CVE-2009-0844 at SUSECVE-2009-0844 at NVDCVE-2009-0845 at SUSECVE-2009-0845 at NVDCVE-2009-0846 at SUSECVE-2009-0846 at NVDCVE-2009-0847 at SUSECVE-2009-0847 at NVDCVE-2009-3295 at SUSECVE-2009-3295 at NVDCVE-2009-4212 at SUSECVE-2009-4212 at NVDCVE-2010-0629 at SUSECVE-2010-0629 at NVDCVE-2010-1321 at SUSECVE-2010-1321 at NVDCVE-2010-1323 at SUSECVE-2010-1323 at NVDCVE-2010-1324 at SUSECVE-2010-1324 at NVDCVE-2010-4020 at SUSECVE-2010-4020 at NVDCVE-2010-4021 at SUSECVE-2010-4021 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for KVMSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of QEMU KVM fixes the following bugs:
- CVE-2009-3616: CVSS v2 Base Score: 8.5 use-after-free bug
in VNC code which might be used to execute code on the
host system injected from the guest system
- CVE-2009-3638: CVSS v2 Base Score: 7.2 integer overflow
in kvm_dev_ioctl_get_supported_cpuid()
- CVE-2009-3640: CVSS v2 Base Score: 2.1
update_cr8_intercept() NULL pointer dereference
SUSE bug 517671SUSE bug 540247SUSE bug 547555SUSE bug 547624SUSE bug 549487SUSE bug 550072SUSE bug 550732SUSE bug 550917CVE-2009-2287 at SUSECVE-2009-2287 at NVDCVE-2009-3616 at SUSECVE-2009-3616 at NVDCVE-2009-3638 at SUSECVE-2009-3638 at NVDCVE-2009-3640 at SUSECVE-2009-3640 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for lcmsSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Specially crafted image files could cause an integer
overflow in lcms. Attackers could potentially exploit that
to crash applications using lcms or even execute arbitrary
code (CVE-2009-0723, CVE-2009-0581, CVE-2009-0733).
SUSE bug 479606CVE-2009-0581 at SUSECVE-2009-0581 at NVDCVE-2009-0723 at SUSECVE-2009-0723 at NVDCVE-2009-0733 at SUSECVE-2009-0733 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for libHX13SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update fixes a heap-based buffer overflow in HX_split() of libHX.
(CVE-2010-2947)
Security Issue reference:
* CVE-2010-2947
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2947>
SUSE bug 631582CVE-2010-2947 at SUSECVE-2010-2947 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for libapr-util1SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of libapr-util1 fixes a memory consumption bug
in the XML parser that can cause a remote denial-of-service
vulnerability in applications using APR (WebDAV for
example) (CVE-2009-1955). Additionally a one byte buffer
overflow in function apr_brigade_vprintf() (CVE-2009-1956)
and buffer underflow in function apr_strmatch_precompile()
(CVE-2009-0023) was fixed too. Depending on the application
using this function it can lead to remote denial of service
or information leakage.
SUSE bug 509825SUSE bug 529591CVE-2009-0023 at SUSECVE-2009-0023 at NVDCVE-2009-1955 at SUSECVE-2009-1955 at NVDCVE-2009-1956 at SUSECVE-2009-1956 at NVDCVE-2009-2412 at SUSECVE-2009-2412 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for libesmtpSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
libesmtp did not properly handle wildcards and embedded null
characters in the Common Name of X.509 certificates (CVE-2010-1192,
CVE-2010-1194). This has been fixed.
SUSE bug 585393CVE-2010-1192 at SUSECVE-2010-1192 at NVDCVE-2010-1194 at SUSECVE-2010-1194 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for MozillaSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The Mozilla NSS Library was updated to version 3.12.8 and the Mozilla NSPR
Library was updated to 4.8.6 to fix various bugs and one security issue:
* CVE-2010-3170: Disallow wildcard matching in X509 certificate Common
Names.
This update also has preparations for Firefox 4 support, and a updated Root
Certificate Authority list.
Security Issue reference:
* CVE-2010-3170
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3170>
SUSE bug 522602SUSE bug 554085SUSE bug 637290CVE-2009-2404 at SUSECVE-2009-2404 at NVDCVE-2009-2408 at SUSECVE-2009-2408 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2010-3170 at SUSECVE-2010-3170 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for libgdiplus0SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update fixes three integer overflows found by Secunia Research member
Stefan Cornelius that could possibly be exploited to execute arbitrary
code:
* gdip_load_tiff_image() by processing specially crafted TIFF images
* gdip_load_jpeg_image_internal() by processing specially crafted JPEG
images
* gdip_read_bmp_image() by processing specially crafted BMP image
Security Issue reference:
* CVE-2010-1526
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1526>
SUSE bug 630756CVE-2010-1526 at SUSECVE-2010-1526 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for openLDAPSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Several issues have been fixed in OpenLDAP:
* specially crafted MODRDN operations can crash the OpenLDAP server
(CVE-2010-0211 and CVE-2010-0212)
* syncrepl might loose deletes in refreshAndPersist mode
* DoS when handling 0-bytes
Security Issues:
* CVE-2010-0211
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0211>
* CVE-2010-0212
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0212>
SUSE bug 537143SUSE bug 555725SUSE bug 606294SUSE bug 612430CVE-2009-2408 at SUSECVE-2009-2408 at NVDCVE-2010-0211 at SUSECVE-2010-0211 at NVDCVE-2010-0212 at SUSECVE-2010-0212 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for libtoolSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
libtool: libltdl may load modules from the current working
directory. CVE-2009-3736 has been assigned to this issue.
SUSE bug 556122CVE-2009-3736 at SUSECVE-2009-3736 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for MySQLSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The following bugs have been fixed:
* local users could delete data files for tables of other users
(CVE-2010-1626).
* authenticated users could gather information for tables they should
not have access to (CVE-2010-1849)
* authenticated users could crash mysqld (CVE-2010-1848)
* authenticated users could potentially execute arbitrary code as the
user running mysqld (CVE-2010-1850)
* authenticated users could crash mysqld (CVE-2010-3677, CVE-2010-3678,
CVE-2010-3681, CVE-2010-3682, CVE-2010-3683)
Security Issue references:
* CVE-2010-1626
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1626>
* CVE-2010-1848
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1848>
* CVE-2010-1849
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1849>
* CVE-2010-1850
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1850>
* CVE-2010-3677
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3677>
* CVE-2010-3678
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3678>
* CVE-2010-3681
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3681>
* CVE-2010-3682
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3682>
* CVE-2010-3683
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3683>
SUSE bug 497546SUSE bug 520608SUSE bug 557669SUSE bug 607466SUSE bug 609551SUSE bug 637499CVE-2008-4456 at SUSECVE-2008-4456 at NVDCVE-2008-7247 at SUSECVE-2008-7247 at NVDCVE-2009-2446 at SUSECVE-2009-2446 at NVDCVE-2009-4019 at SUSECVE-2009-4019 at NVDCVE-2009-4028 at SUSECVE-2009-4028 at NVDCVE-2009-4030 at SUSECVE-2009-4030 at NVDCVE-2010-1626 at SUSECVE-2010-1626 at NVDCVE-2010-1848 at SUSECVE-2010-1848 at NVDCVE-2010-1849 at SUSECVE-2010-1849 at NVDCVE-2010-1850 at SUSECVE-2010-1850 at NVDCVE-2010-3677 at SUSECVE-2010-3677 at NVDCVE-2010-3678 at SUSECVE-2010-3678 at NVDCVE-2010-3681 at SUSECVE-2010-3681 at NVDCVE-2010-3682 at SUSECVE-2010-3682 at NVDCVE-2010-3683 at SUSECVE-2010-3683 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for libneonSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
neon did not properly handle embedded NUL characters in
X.509 certificates when comparing host names. Attackers
could exploit that to spoof SSL servers (CVE-2009-2408).
Specially crafted XML documents that contain a large number
of nested entity references could cause neon to consume
large amounts of CPU and memory (CVE-2009-2473).
SUSE bug 528370SUSE bug 532345CVE-2009-2408 at SUSECVE-2009-2408 at NVDCVE-2009-2473 at SUSECVE-2009-2473 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for libnetpbmSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of netpbm fxes a stack-based buffer overflow that could be triggered while processing the contents of XPM headers in image files.
(CVE-2009-4274: CVSS v2 Base Score: 5.8 (moderate) (AV:N/AC:M/Au:N/C:N/I:P/A:P): Buffer Errors (CWE-119))
SUSE bug 579903CVE-2009-4274 at SUSECVE-2009-4274 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for OpenSCSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Private data objects on smartcards initialized with OpenSC
could be accessed without authentication (CVE-2009-0368).
Only blank cards initialized with OpenSC are affected by
this problem. Affected cards need to be manually fixed,
updating the opensc package alone is not sufficient!
Please carefully read and follow the instructions on the
following web site if you are using PIN protected private
data objects on smart cards other than Oberthur, and you
have initialized those cards using OpenSC:
http://en.opensuse.org/Smart_Cards/Advisories
SUSE bug 480262CVE-2009-0368 at SUSECVE-2009-0368 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for OpenSSLSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Three remote DoS vulnerabilities have been fixed in
OpenSSL: a DTLS epoch record buffer memory DoS
(CVE-2009-1377), a DTLS fragment handling memory DoS
(CVE-2009-1378) and a DTLS fragment read after a free DoS
(CVE-2009-1379).
SUSE bug 489641SUSE bug 504687SUSE bug 553641SUSE bug 584292SUSE bug 608666SUSE bug 629905SUSE bug 651003CVE-2009-0590 at SUSECVE-2009-0590 at NVDCVE-2009-0591 at SUSECVE-2009-0591 at NVDCVE-2009-0789 at SUSECVE-2009-0789 at NVDCVE-2009-1377 at SUSECVE-2009-1377 at NVDCVE-2009-1378 at SUSECVE-2009-1378 at NVDCVE-2009-1379 at SUSECVE-2009-1379 at NVDCVE-2009-3245 at SUSECVE-2009-3245 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2010-2939 at SUSECVE-2010-2939 at NVDCVE-2010-3864 at SUSECVE-2010-3864 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for libpngSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
A allocation mistake in libpng's pngread.c has been fixed
(CVE-2009-0040).
SUSE bug 472745CVE-2009-0040 at SUSECVE-2009-0040 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for libpngSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Specially crafted png files could cause crashes or even execution of
arbitrary code in applications using libpng to process such files
(CVE-2010-1205, CVE-2010-2249).
Security Issues reference:
* CVE-2010-1205
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205>
* CVE-2010-2249
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249>
SUSE bug 514727SUSE bug 580484SUSE bug 617866CVE-2009-2042 at SUSECVE-2009-2042 at NVDCVE-2010-0205 at SUSECVE-2010-0205 at NVDCVE-2010-1205 at SUSECVE-2010-1205 at NVDCVE-2010-2249 at SUSECVE-2010-2249 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for libpopplerSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Specially crafted PDF files could crash poppler or potentially even cause
execution of arbitrary code (CVE-2010-3702, CVE-2010-3704). This has been
fixed.
Security Issue references:
* CVE-2010-3702
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702>
* CVE-2010-3704
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704>
SUSE bug 507102SUSE bug 537171SUSE bug 543090SUSE bug 546393SUSE bug 556607SUSE bug 556876SUSE bug 570183SUSE bug 642785CVE-2009-0791 at SUSECVE-2009-0791 at NVDCVE-2009-3607 at SUSECVE-2009-3607 at NVDCVE-2009-3608 at SUSECVE-2009-3608 at NVDCVE-2009-3938 at SUSECVE-2009-3938 at NVDCVE-2009-4035 at SUSECVE-2009-4035 at NVDCVE-2010-3702 at SUSECVE-2010-3702 at NVDCVE-2010-3704 at SUSECVE-2010-3704 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for libpoppler4SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of poppler: fix various security bugs that
occur while decoding JBIG2 (CVE-2009-0146, CVE-2009-0147,
CVE-2009-0165, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800,
CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182,
CVE-2009-1183).
Further a denial of service bug in function
FormWidgetChoice::loadDefaults() (CVE-2009-0755) and
JBIG2Stream::readSymbolDictSeg() (CVE-2009-0756) was closed
that could be triggered via malformed PDF files.
SUSE bug 387770SUSE bug 481795SUSE bug 487100CVE-2009-0146 at SUSECVE-2009-0146 at NVDCVE-2009-0147 at SUSECVE-2009-0147 at NVDCVE-2009-0165 at SUSECVE-2009-0165 at NVDCVE-2009-0166 at SUSECVE-2009-0166 at NVDCVE-2009-0755 at SUSECVE-2009-0755 at NVDCVE-2009-0756 at SUSECVE-2009-0756 at NVDCVE-2009-0799 at SUSECVE-2009-0799 at NVDCVE-2009-0800 at SUSECVE-2009-0800 at NVDCVE-2009-1179 at SUSECVE-2009-1179 at NVDCVE-2009-1180 at SUSECVE-2009-1180 at NVDCVE-2009-1181 at SUSECVE-2009-1181 at NVDCVE-2009-1182 at SUSECVE-2009-1182 at NVDCVE-2009-1183 at SUSECVE-2009-1183 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for PythonSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The following issues have been fixed:
*
a race condition in the accept() implementation of smtpd.py could
lead to a denial of service (CVE-2010-3493).
*
integer overflows and insufficient size checks could crash the
audioop module (CVE-2010-2089, CVE-2010-1634).
Security Issue references:
* CVE-2010-2089
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089>
* CVE-2010-1634
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1634>
* CVE-2010-3493
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3493>
SUSE bug 581765SUSE bug 609759SUSE bug 609761SUSE bug 638233CVE-2009-2625 at SUSECVE-2009-2625 at NVDCVE-2009-3560 at SUSECVE-2009-3560 at NVDCVE-2009-3720 at SUSECVE-2009-3720 at NVDCVE-2010-1634 at SUSECVE-2010-1634 at NVDCVE-2010-2089 at SUSECVE-2010-2089 at NVDCVE-2010-3493 at SUSECVE-2010-3493 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Recommended update for libqt4SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update improves stability of Qt applications when using Japanese locale with input methods enabled (bnc#517894).
SUSE bug 517894SUSE bug 534081CVE-2009-2700 at SUSECVE-2009-2700 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for libsndfileSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of libsndfile fixes a heap-based buffer
overflow in voc_read_header() (CVE-2009-1788) and a
heap-based buffer overflow in aiff_read_header()
(CVE-2009-1791).
SUSE bug 481769SUSE bug 504434CVE-2009-0186 at SUSECVE-2009-0186 at NVDCVE-2009-1788 at SUSECVE-2009-1788 at NVDCVE-2009-1791 at SUSECVE-2009-1791 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for libtheoraSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
An integer overflow was fixed in libtheora. It could be exploited remotely to execute arbitrary code.
CVE-2009-3389: CVSS v2 Base Score: 9.3 (HIGH) (AV:N/AC:M/Au:N/C:C/I:C/A:C): Numeric Errors (CWE-189)
SUSE bug 581722CVE-2009-3389 at SUSECVE-2009-3389 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for libtiffSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of the tiff package fixes various integer
overflows in the tools. (CVE-2009-2347)
SUSE bug 519796CVE-2009-2347 at SUSECVE-2009-2347 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for libtiff3SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of libtiff fixes a buffer underflow in
LZWDecodeCompat (CVE-2009-2285).
SUSE bug 518698CVE-2009-2285 at SUSECVE-2009-2285 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for udevSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update fixes a local privilege escalation in udev.
CVE-2009-1185: udev did not check the origin of the netlink
messages. A local attacker could fake device create events
and so gain root privileges.
SUSE bug 493158CVE-2009-1185 at SUSECVE-2009-1185 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for libvirtSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Improperly mapped source privileged ports in guests may allow obtaining
privileged resources on the host (CVE-2010-2242).
Security Issues:
* CVE-2010-2242
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2242>
SUSE bug 618155CVE-2010-2242 at SUSECVE-2010-2242 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for libvorbisSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of libvorbis fixes a memory corruption while parsing OGG files.
The bug is exploitable by remote attackers to cause an application crash
and could probably be exploited to execute arbitrary code. The issue has
been tracked as CVE-2009-2663
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2663> .
SUSE bug 608192CVE-2009-2663 at SUSECVE-2009-2663 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for libxml2SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
libxml2: Invalid memory access in the xpath handling has been fixed.
CVE-2010-4008 has been assigned to this issue.
Security Issue reference:
* CVE-2010-4008
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008>
SUSE bug 528007SUSE bug 648277CVE-2009-2416 at SUSECVE-2009-2416 at NVDCVE-2010-4008 at SUSECVE-2010-4008 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for lvm2, lvm2-clvm, lvm2-clvm-debuginfo, lvm2-clvm-debugsource, lvm2-debuginfo, lvm2-debugsourceSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
clvmd, when running, allowed unprivileged local users to issue arbitrary
lvm commands (CVE-2010-2526) via incorrect permissions.
Security Issues:
* CVE-2010-2526
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2526>
SUSE bug 510058SUSE bug 523944SUSE bug 599158SUSE bug 613065SUSE bug 617853SUSE bug 622537CVE-2010-2526 at SUSECVE-2010-2526 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for mipv6dSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The following issues have been fixed:
* the mipv6 daemon did not check the origin of netlink messages,
therefore allowing local users to spoof messages (CVE-2010-2522).
* remote attackers could cause buffer overflows in mipv6d
(CVE-2010-2523).
Security Issues reference:
* CVE-2010-2522
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2522>
* CVE-2010-2523
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2523>
SUSE bug 424311CVE-2010-2522 at SUSECVE-2010-2522 at NVDCVE-2010-2523 at SUSECVE-2010-2523 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for MozillaSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update fixes a bug in the Mozilla NSPR helper
libraries, which could be used by remote attackers to
potentially execute code via javascript vectors.
MFSA 2009-59 / CVE-2009-1563: Security researcher Alin Rad
Pop of Secunia Research reported a heap-based buffer
overflow in Mozilla's string to floating point number
conversion routines. Using this vulnerability an attacker
could craft some malicious JavaScript code containing a
very long string to be converted to a floating point number
which would result in improper memory allocation and the
execution of an arbitrary memory location. This
vulnerability could thus be leveraged by the attacker to
run arbitrary code on a victim's computer.
SUSE bug 546371CVE-2009-1563 at SUSECVE-2009-1563 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for MozillaSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Firefox version upgrade to 3.0.9 to fix various security
bugs.
(CVE-2009-1302,CVE-2009-1303,CVE-2009-1304,CVE-2009-1305,CVE
-2009-1306,CVE-2009-1307,CVE-2009-1308,CVE-2009-1309,CVE-200
9-1310,CVE-2009-1311,CVE-2009-1312,CVE-2009-0652)
SUSE bug 495473SUSE bug 534458SUSE bug 545277SUSE bug 559807SUSE bug 568011SUSE bug 576969SUSE bug 586567CVE-2009-0652 at SUSECVE-2009-0652 at NVDCVE-2009-1302 at SUSECVE-2009-1302 at NVDCVE-2009-1303 at SUSECVE-2009-1303 at NVDCVE-2009-1304 at SUSECVE-2009-1304 at NVDCVE-2009-1305 at SUSECVE-2009-1305 at NVDCVE-2009-1307 at SUSECVE-2009-1307 at NVDCVE-2009-1308 at SUSECVE-2009-1308 at NVDCVE-2009-1309 at SUSECVE-2009-1309 at NVDCVE-2009-1311 at SUSECVE-2009-1311 at NVDCVE-2009-1312 at SUSECVE-2009-1312 at NVDCVE-2009-1563 at SUSECVE-2009-1563 at NVDCVE-2009-1571 at SUSECVE-2009-1571 at NVDCVE-2009-3069 at SUSECVE-2009-3069 at NVDCVE-2009-3070 at SUSECVE-2009-3070 at NVDCVE-2009-3071 at SUSECVE-2009-3071 at NVDCVE-2009-3072 at SUSECVE-2009-3072 at NVDCVE-2009-3073 at SUSECVE-2009-3073 at NVDCVE-2009-3075 at SUSECVE-2009-3075 at NVDCVE-2009-3076 at SUSECVE-2009-3076 at NVDCVE-2009-3077 at SUSECVE-2009-3077 at NVDCVE-2009-3078 at SUSECVE-2009-3078 at NVDCVE-2009-3079 at SUSECVE-2009-3079 at NVDCVE-2009-3274 at SUSECVE-2009-3274 at NVDCVE-2009-3370 at SUSECVE-2009-3370 at NVDCVE-2009-3371 at SUSECVE-2009-3371 at NVDCVE-2009-3372 at SUSECVE-2009-3372 at NVDCVE-2009-3373 at SUSECVE-2009-3373 at NVDCVE-2009-3374 at SUSECVE-2009-3374 at NVDCVE-2009-3375 at SUSECVE-2009-3375 at NVDCVE-2009-3376 at SUSECVE-2009-3376 at NVDCVE-2009-3380 at SUSECVE-2009-3380 at NVDCVE-2009-3381 at SUSECVE-2009-3381 at NVDCVE-2009-3382 at SUSECVE-2009-3382 at NVDCVE-2009-3383 at SUSECVE-2009-3383 at NVDCVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2009-3979 at SUSECVE-2009-3979 at NVDCVE-2009-3981 at SUSECVE-2009-3981 at NVDCVE-2009-3983 at SUSECVE-2009-3983 at NVDCVE-2009-3984 at SUSECVE-2009-3984 at NVDCVE-2009-3985 at SUSECVE-2009-3985 at NVDCVE-2009-3986 at SUSECVE-2009-3986 at NVDCVE-2009-3988 at SUSECVE-2009-3988 at NVDCVE-2010-0159 at SUSECVE-2010-0159 at NVDCVE-2010-0160 at SUSECVE-2010-0160 at NVDCVE-2010-0162 at SUSECVE-2010-0162 at NVDCVE-2010-0173 at SUSECVE-2010-0173 at NVDCVE-2010-0174 at SUSECVE-2010-0174 at NVDCVE-2010-0175 at SUSECVE-2010-0175 at NVDCVE-2010-0176 at SUSECVE-2010-0176 at NVDCVE-2010-0177 at SUSECVE-2010-0177 at NVDCVE-2010-0178 at SUSECVE-2010-0178 at NVDCVE-2010-0179 at SUSECVE-2010-0179 at NVDCVE-2010-0181 at SUSECVE-2010-0181 at NVDCVE-2010-0182 at SUSECVE-2010-0182 at NVDCVE-2010-0220 at SUSECVE-2010-0220 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for Mozilla XULrunnerSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update brings the Mozilla XULRunner engine to version 1.9.1.15, fixing
various bugs and security issues.
The following security issues were fixed:
*
MFSA 2010-64: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code. References
Paul Nickerson, Jesse Ruderman, Olli Pettay, Igor Bukanov and Josh
Soref reported memory safety problems that affected Firefox 3.6 and
Firefox 3.5.
o Memory safety bugs - Firefox 3.6, Firefox 3.5
o CVE-2010-3176
Gary Kwong, Martijn Wargers and Siddharth Agarwal reported memory
safety problems that affected Firefox 3.6 only.
o Memory safety bugs - Firefox 3.6
o CVE-2010-3175
*
MFSA 2010-65 / CVE-2010-3179: Security researcher Alexander Miller
reported that passing an excessively long string to document.write
could cause text rendering routines to end up in an inconsistent
state with sections of stack memory being overwritten with the string
data. An attacker could use this flaw to crash a victim's browser and
potentially run arbitrary code on their computer.
*
MFSA 2010-66 / CVE-2010-3180: Security researcher Sergey Glazunov
reported that it was possible to access the locationbar property of a
window object after it had been closed. Since the closed window's
memory could have been subsequently reused by the system it was
possible that an attempt to access the locationbar property could
result in the execution of attacker-controlled memory.
*
MFSA 2010-67 / CVE-2010-3183: Security researcher regenrecht reported
via TippingPoint's Zero Day Initiative that when
window.__lookupGetter__ is called with no arguments the code assumes
the top JavaScript stack value is a property name. Since there were
no arguments passed into the function, the top value could represent
uninitialized memory or a pointer to a previously freed JavaScript
object. Under such circumstances the value is passed to another
subroutine which calls through the dangling pointer, potentially
executing attacker-controlled memory.
*
MFSA 2010-68 / CVE-2010-3177: Google security researcher Robert
Swiecki reported that functions used by the Gopher parser to convert
text to HTML tags could be exploited to turn text into executable
JavaScript. If an attacker could create a file or directory on a
Gopher server with the encoded script as part of its name the script
would then run in a victim's browser within the context of the site.
*
MFSA 2010-69 / CVE-2010-3178: Security researcher Eduardo Vela Nava
reported that if a web page opened a new window and used a
javascript: URL to make a modal call, such as alert(), then
subsequently navigated the page to a different domain, once the modal
call returned the opener of the window could get access to objects in
the navigated window. This is a violation of the same-origin policy
and could be used by an attacker to steal information from another
web site.
*
MFSA 2010-70 / CVE-2010-3170: Security researcher Richard Moore
reported that when an SSL certificate was created with a common name
containing a wildcard followed by a partial IP address a valid SSL
connection could be established with a server whose IP address
matched the wildcard range by browsing directly to the IP address. It
is extremely unlikely that such a certificate would be issued by a
Certificate Authority.
*
MFSA 2010-71 / CVE-2010-3182: Dmitri Gribenko reported that the
script used to launch Mozilla applications on Linux was effectively
including the current working directory in the LD_LIBRARY_PATH
environment variable. If an attacker was able to place into the
current working directory a malicious shared library with the same
name as a library that the bootstrapping script depends on the
attacker could have their library loaded instead of the legitimate
library.
*
MFSA 2010-73 / CVE-2010-3765: Morten Kr??kvik of Telenor SOC reported
an exploit targeting particular versions of Firefox 3.6 on Windows XP
that Telenor found while investigating an intrusion attempt on a
customer network. The underlying vulnerability, however, was present
on both the Firefox 3.5 and Firefox 3.6 development branches and
affected all supported platforms.
SUSE bug 589037SUSE bug 645315SUSE bug 653606CVE-2010-3170 at SUSECVE-2010-3170 at NVDCVE-2010-3174 at SUSECVE-2010-3174 at NVDCVE-2010-3175 at SUSECVE-2010-3175 at NVDCVE-2010-3176 at SUSECVE-2010-3176 at NVDCVE-2010-3177 at SUSECVE-2010-3177 at NVDCVE-2010-3178 at SUSECVE-2010-3178 at NVDCVE-2010-3179 at SUSECVE-2010-3179 at NVDCVE-2010-3180 at SUSECVE-2010-3180 at NVDCVE-2010-3182 at SUSECVE-2010-3182 at NVDCVE-2010-3183 at SUSECVE-2010-3183 at NVDCVE-2010-3765 at SUSECVE-2010-3765 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for muttSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update improves the handling of SSL certificates and
fixes a minor usability bug introduced with the last
security update.
SUSE bug 537141CVE-2009-2408 at SUSECVE-2009-2408 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for nagiosSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
A shell injection bug in nagios' statuswml.cgi CGI script
has been fixed. CVE-2009-2288 has been assigned to this
issue.
SUSE bug 517311CVE-2009-2288 at SUSECVE-2009-2288 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for ntpSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update fixes a remote buffer overflow in xntp/ntp
which can be exploited when autokey is enabled to execute
arbitrary code. (CVE-2009-1252) This upfate fixes a buffer
overflow in ntpd that can be triggered by a malicious
server. (CVE-2009-0159)
SUSE bug 479341SUSE bug 482349SUSE bug 483897SUSE bug 484653SUSE bug 500065SUSE bug 501632SUSE bug 515629SUSE bug 517222SUSE bug 550316SUSE bug 574885CVE-2009-0159 at SUSECVE-2009-0159 at NVDCVE-2009-1252 at SUSECVE-2009-1252 at NVDCVE-2009-3563 at SUSECVE-2009-3563 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for open-iscsiSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The iscsi_discovery tool created predictable temporary
files which potentially allowed attackers to overwrite
system files (CVE-2009-1297).
Also some non-security bugs have been fixed:
- synchronize startup settings
- fix daemon segfault with CHAP
SUSE bug 514273SUSE bug 519402SUSE bug 528711CVE-2009-1297 at SUSECVE-2009-1297 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for openslpSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The openslp daemon could run into an endless loop when receiving specially
crafted packets (CVE-2010-3609).
Additionally the following non-security bugs were fixed:
* 564504: Fix handling of DA answers if both active and passive DA
detection is off
* 597215: Add configuration options to openSLP: net.slp.DASyncReg makes
slpd query statically configured DAs for registrations,
net.slp.isDABackup enables periodic writing of remote registrations
to a backup file which is also read on startup.
Both options can be used to decrease the time between the start of
the slpd daemon and slpd knowing all registrations.
* 601002: reduce CPU usage spikes on machines with many connections by
using the kernel netlink interface instead of reading the /proc
filesystem.
* 626444: Standard compliance was fixed by stripping leading and
trailing white spaces when doing string comparisons of scopes.
Security Issue reference:
* CVE-2010-3609
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3609>
SUSE bug 533432SUSE bug 564504SUSE bug 597215SUSE bug 601002SUSE bug 626444SUSE bug 642571CVE-2010-3609 at SUSECVE-2010-3609 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for OpenSSLSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
OpenSSL DTLS remote DoS in ChangeCipherSpec (CVE-2009-1386)
and in out-of-sequence message handling (CVE-2009-1387)
have been fixed.
SUSE bug 509031CVE-2009-1386 at SUSECVE-2009-1386 at NVDCVE-2009-1387 at SUSECVE-2009-1387 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for OpenSSLSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Incorrect use of an OpenSSL cleanup function can lead to memory
leaks in applications. For example an SSL enabled web server such as
Apache that uses PHP, curl and OpenSSL leaks memory if a SIGHUP
signal was sent to Apache. The OpenSSL cleanup function was made
more robust to avoid memory leaks (CVE-2009-4355).
SUSE bug 566238CVE-2009-4355 at SUSECVE-2009-4355 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for openswanSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
By sending a specially crafted Dead Peer Detection (DPD)
packet remote attackers could crash the pluto IKE daemon
(CVE-2009-0790).
SUSE bug 487762SUSE bug 515130SUSE bug 525388CVE-2009-0790 at SUSECVE-2009-0790 at NVDCVE-2009-2185 at SUSECVE-2009-2185 at NVDCVE-2009-2661 at SUSECVE-2009-2661 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for pangoSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of pango fixes a segfault in libpango that can
be triggered by visiting web-sites. (CVE-2009-1194)
SUSE bug 492773SUSE bug 534701CVE-2009-1194 at SUSECVE-2009-1194 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for pcsc-liteSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of pcsc-lite fixes a local vulnerability (stack overflow) which
allowed every user with write-access to '/var/run/pcscd/pcscd.comm' to gain
root privileges. CVE-2010-0407 has been assigned to this issue.
SUSE bug 609317CVE-2010-0407 at SUSECVE-2010-0407 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for PerlSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
A Buffer overflow in perl, in the base Compress::Raw::Zlib
perl module has been fixed. (CVE-2009-1391)
Additionaly three non security bugs were fixed.
SUSE bug 446098SUSE bug 489114SUSE bug 493978SUSE bug 498425SUSE bug 511241SUSE bug 515948SUSE bug 528423SUSE bug 557636SUSE bug 588338SUSE bug 596167SUSE bug 601242SUSE bug 603840SUSE bug 605918SUSE bug 605928CVE-2009-1391 at SUSECVE-2009-1391 at NVDCVE-2010-1168 at SUSECVE-2010-1168 at NVDCVE-2010-1447 at SUSECVE-2010-1447 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for perl-HTML-ParserSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Specially crafted HTML documents could cause
perl-HTML-Parser to run into an endless loop
(CVE-2009-3627).
SUSE bug 550076CVE-2009-3627 at SUSECVE-2009-3627 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for perl-IO-Socket-SSLSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of perl-IO-Socket-SSL improves the hostname
checking of the SSL certificate. (CVE-2009-3024)
SUSE bug 535554CVE-2009-3024 at SUSECVE-2009-3024 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Recommended update for RPMSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This package provides the %sles_version macro set to '11'
to allow developers to differentiate on which SLES platform
they build their application on.
SUSE bug 490179SUSE bug 536256SUSE bug 552622SUSE bug 572280SUSE bug 592269SUSE bug 610941SUSE bug 615409CVE-2010-2059 at SUSECVE-2010-2059 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for PostgreSQLSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Remote authenticated users could crash the postgresql
server by requesting a conversion with an inappropriate
encoding (CVE-2009-0922).
SUSE bug 486347SUSE bug 537706SUSE bug 564360SUSE bug 564710SUSE bug 588996SUSE bug 605845SUSE bug 605926SUSE bug 607778CVE-2009-0922 at SUSECVE-2009-0922 at NVDCVE-2009-3229 at SUSECVE-2009-3229 at NVDCVE-2009-3230 at SUSECVE-2009-3230 at NVDCVE-2009-3231 at SUSECVE-2009-3231 at NVDCVE-2009-4034 at SUSECVE-2009-4034 at NVDCVE-2009-4136 at SUSECVE-2009-4136 at NVDCVE-2010-0733 at SUSECVE-2010-0733 at NVDCVE-2010-1169 at SUSECVE-2010-1169 at NVDCVE-2010-1170 at SUSECVE-2010-1170 at NVDCVE-2010-1975 at SUSECVE-2010-1975 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Recommended update for puppetSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This updates puppet to v0.24.8:
* Deprecate the NetInfo nameservice provider. Use directoryservice
instead
* Add macauthorization type
* Refactoring the thread-safety in Puppet::Util
* Removing the included testing gems; you must now install them
yourself
* Refactoring of SELinux functions to use native Ruby SELinux interface
* Replaced SELInux calls to binaries with Ruby SELinux bindings
* Adding support to the user type for: profiles, auths, project,
key/value pairs
* Added a number of confines to package providers
* lots of bugfixes
In addition, the puppet daemon user will now be created automatically upon
package installation (bnc#623884).
SUSE bug 585402SUSE bug 620808SUSE bug 623884CVE-2010-0156 at SUSECVE-2010-0156 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for pyxmlSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Specially crafted XML documents could make pyxml run into
an enless loop, therefore locking up applications using
pyxml (CVE-2009-3720, CVE-2009-3560).
SUSE bug 550666SUSE bug 561561CVE-2009-3560 at SUSECVE-2009-3560 at NVDCVE-2009-3720 at SUSECVE-2009-3720 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for quaggaSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update fixes a remote denial of service bug in quagga
that can be triggered via an AS path containing ASN
elements whose string representation is longer than
expected. (CVE-2009-1572)
SUSE bug 500540SUSE bug 634300CVE-2009-1572 at SUSECVE-2009-1572 at NVDCVE-2010-2948 at SUSECVE-2010-2948 at NVDCVE-2010-2949 at SUSECVE-2010-2949 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for sendmailSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of sendmail improves the handling of special-characters in the SSL certificate.
(CVE-2009-4565: CVSS v2 Base Score: 7.5)
SUSE bug 568017cpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for rubySUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This ruby update improves return value checks for openssl
function OCSP_basic_verify() (CVE-2009-0642) which allowed
an attacker to use revoked certificates.
The entropy of DNS identifiers was increased
(CVE-2008-3905) to avaid spoofing attacks.
The code for parsing XML data was vulnerable to a denial of
service bug (CVE-2008-3790).
An attack on algorithm complexity was possible in function
WEBrick::HTTP::DefaultFileHandler() while parsing HTTP
requests (CVE-2008-3656) as well as by using the regex
engine (CVE-2008-3443) causing high CPU load.
Ruby's access restriction code (CVE-2008-3655) as well as
safe-level handling using function DL.dlopen()
(CVE-2008-3657) and big decimal handling (CVE-2009-1904)
was improved.
Bypassing HTTP basic authentication
(authenticate_with_http_digest) is not possible anymore.
SUSE bug 415678SUSE bug 420084SUSE bug 423234SUSE bug 478019SUSE bug 499253SUSE bug 509914SUSE bug 511568CVE-2008-3443 at SUSECVE-2008-3443 at NVDCVE-2008-3655 at SUSECVE-2008-3655 at NVDCVE-2008-3656 at SUSECVE-2008-3656 at NVDCVE-2008-3657 at SUSECVE-2008-3657 at NVDCVE-2008-3790 at SUSECVE-2008-3790 at NVDCVE-2008-3905 at SUSECVE-2008-3905 at NVDCVE-2009-0642 at SUSECVE-2009-0642 at NVDCVE-2009-1904 at SUSECVE-2009-1904 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for squidSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The following vulnerabilities have been fixed in squid:
CVE-2009-2855: DoS via special crafted auth header
CVE-2010-0308: DoS via invalid DoS header
SUSE bug 576087SUSE bug 577347CVE-2009-2621 at SUSECVE-2009-2621 at NVDCVE-2009-2622 at SUSECVE-2009-2622 at NVDCVE-2009-2855 at SUSECVE-2009-2855 at NVDCVE-2010-0308 at SUSECVE-2010-0308 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for strongswanSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update fixes two denial of service bugs that can lead
to a remote pre-auth crash while processing a IKE_SA_INIT
or a IKE_AUTH request. CVE-2009-1957 and CVE-2009-1958 have
been assigned to this issue.
SUSE bug 487762SUSE bug 507742SUSE bug 515130SUSE bug 520582SUSE bug 524799SUSE bug 525388CVE-2009-0790 at SUSECVE-2009-0790 at NVDCVE-2009-1957 at SUSECVE-2009-1957 at NVDCVE-2009-1958 at SUSECVE-2009-1958 at NVDCVE-2009-2185 at SUSECVE-2009-2185 at NVDCVE-2009-2661 at SUSECVE-2009-2661 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for sudoSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update fixes two security issues:
CVE-2010-0427:CVSS v2 Base Score: 6.6
Sudo failed to properly reset group permissions, when
'runas_default' option was used. If a local, unprivileged
user was authorized by sudoers file to perform their
sudo commands under default user account, it could lead
to privilege escalation
CVE-2010-0426:CVSS v2 Base Score: 6.6
A privilege escalation flaw was found in the way
sudo used to check file paths for pseudocommands.
If local, unprivileged user was authorized by sudoers
file to edit one or more files, it could lead to
execution of arbitrary code, with the privileges
of privileged system user (root).
SUSE bug 582555SUSE bug 582556CVE-2010-0426 at SUSECVE-2010-0426 at NVDCVE-2010-0427 at SUSECVE-2010-0427 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for systemtapSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of systemtab fixes a shell meta character injection
vulnerability that allows remote users to execute arbitrary commands with
the privileges of the stap-server. (CVE-2009-4273
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4273> )
Additionally, a remote denial of service bug in the _getargv() function has
been fixed. (CVE-2010-0411
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0411> )
SUSE bug 574243CVE-2009-4273 at SUSECVE-2009-4273 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for tarSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
A malicious remote tape server could cause a buffer overflow in tar.
In order to exploit that an attacker would have to trick the victim
to extract a file that causes tar to open a connection to the rmt
server (CVE-2010-0624). It's advisable to always use tar's
--force-local local option to avoid such tricks.
SUSE bug 579475CVE-2010-0624 at SUSECVE-2010-0624 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for tgtSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of tgt fixes multiple overflows and a format string
vulnerability:
* CVE-2010-2221: CVSS v2 Base Score: 5.0 (MEDIUM)
(AV:N/AC:L/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)
* CVE-2010-0743: CVSS v2 Base Score: 5.0 (MEDIUM)
(AV:N/AC:L/Au:N/C:N/I:N/A:P): Format String Vulnerability (CWE-134)
SUSE bug 592928SUSE bug 618574CVE-2010-0743 at SUSECVE-2010-0743 at NVDCVE-2010-2221 at SUSECVE-2010-2221 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for w3mSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
w3m does not handle embedded NUL characters in the common name and in
subject alternative names of X.509 certificates (CVE-2010-2074
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2074> ). This
update fixes the issue and also turns on verification of x509 certificates
by default which was not the case before.
SUSE bug 609451CVE-2010-2074 at SUSECVE-2010-2074 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for Websphere Community EditionSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update of WebSphere fixes the following
vulnerabilities:
- GERONIMO-3838: close potential denial of service attack
- CVE-2008-5518: fix Apache Geronimo web administration
console directory traversal vulnerabilities.
- CVE-2009-0038: fix Apache Geronimo web administration
console XSS vulnerabilities.
- CVE-2009-0039: fix Apache Geronimo web administration
console XSRF vulnerabilities.
- CVE-2009-0781: Samples: Fix Apache Tomcat cross-site
scripting vulnerability.
SUSE bug 507806CVE-2008-5518 at SUSECVE-2008-5518 at NVDCVE-2009-0038 at SUSECVE-2009-0038 at NVDCVE-2009-0039 at SUSECVE-2009-0039 at NVDCVE-2009-0781 at SUSECVE-2009-0781 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for wgetSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
This update wget improves the handling of the 0-character
in the subject name of a SSL certificate.
SUSE bug 528298cpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for wiresharkSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Version upgrade to Wireshark 1.0.7 to fix various
vulnerabilities: CVE-2009-1269: crash while loading a
Tektronix .rf5 file CVE-2009-1268: crash in Check Point
High-Availability Protocol (CPHAP) dissector CVE-2009-1267:
LDAP dissector could crash on Windows CVE-2009-1210:
PROFINET format string bug CVE-2009-1266: additional
PROFINET format string bugs, a crash in the PCNFSD
dissector
SUSE bug 493584SUSE bug 550320SUSE bug 553215SUSE bug 565902CVE-2009-1210 at SUSECVE-2009-1210 at NVDCVE-2009-1266 at SUSECVE-2009-1266 at NVDCVE-2009-1267 at SUSECVE-2009-1267 at NVDCVE-2009-1268 at SUSECVE-2009-1268 at NVDCVE-2009-1269 at SUSECVE-2009-1269 at NVDCVE-2009-2560 at SUSECVE-2009-2560 at NVDCVE-2009-2563 at SUSECVE-2009-2563 at NVDCVE-2009-3549 at SUSECVE-2009-3549 at NVDCVE-2009-3550 at SUSECVE-2009-3550 at NVDCVE-2009-3551 at SUSECVE-2009-3551 at NVDCVE-2009-3829 at SUSECVE-2009-3829 at NVDCVE-2009-4376 at SUSECVE-2009-4376 at NVDCVE-2009-4377 at SUSECVE-2009-4377 at NVDCVE-2010-0304 at SUSECVE-2010-0304 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for XenSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Collective Xen/201004 Update, containing fixes for the following issues:
bnc#576832 - pygrub, reiserfs: Fix on-disk structure definition
bnc#537370 - Xen on SLES 11 does not boot - endless loop in ATA detection
bnc#561912 - xend leaks memory
bnc#564750 - Keyboard Caps Lock key works abnormal under SLES11 xen guest OS.
bnc#548443 - keymap setting not preserved
bnc#555152 - 'NAME' column in xentop (SLES11) output limited to 10 characters unlike SLES10
bnc#553631 - L3: diskpart will not run on windows 2008
bnc#548852 - DL585G2 - plug-in PCI cards fail in IO-APIC mode
bnc#529195 - xend: disallow ! as a sxp separator
bnc#550397 - xend: bootable flag of VBD not always of type int
bnc#545470 - Xen vifname parameter is ignored when using type=ioemu in guest configuration file
bnc#541945 - xm create -x command does not work in SLES 10 SP2 or SLES 11
bnc#542525 - xen pygrub vulnerability (CVE-2009-3525)
bnc#481592 and fate#306125 - Virtual machines are not able to boot from CD to allow upgrade to OES2SP1 (sle10 bug)
bnc#553633 - Update breaks menu access keys in virt-viewer and still misses some key sequences. (sle10 bug)
fate#306720: xen: virt-manager cdrom handling.
bnc#547590 - L3: virt-manager is unable of displaying VNC console on remote hosts
bnc#572691 - libvird segfaults when trying to create a kvm guest
bnc#573748 - L3: Virsh gives error Device 51712 not connected after updating libvirt modules
bnc#548438 - libcmpiutil / libvirt-cim does not properly handle CIM_ prefixed
bnc#513921: Xen doesn't work get an eror when starting the install processes or starting a pervious installed DomU
bnc#526855: Cannot set MAC address for PV guest in vm-install
SUSE bug 481592SUSE bug 513921SUSE bug 526855SUSE bug 529195SUSE bug 537370SUSE bug 541945SUSE bug 542525SUSE bug 545470SUSE bug 547590SUSE bug 548438SUSE bug 548443SUSE bug 548852SUSE bug 550397SUSE bug 553631SUSE bug 553633SUSE bug 555152SUSE bug 561912SUSE bug 564750SUSE bug 572691SUSE bug 573748SUSE bug 576832SUSE bug 591092CVE-2009-3525 at SUSECVE-2009-3525 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for Xerces-j2SUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The xerces-j2 package was vulnerable to various bugs while
parsing XML.CVE-2009-2625 has been assigned to this issue.
SUSE bug 530717CVE-2009-2625 at SUSECVE-2009-2625 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for xpdfSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
Specially crafted PDF documents could crash xpdf or
potentially even allow execution of arbitrary code
(CVE-2009-0791).
SUSE bug 502974CVE-2009-0791 at SUSECVE-2009-0791 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for YaST2 LDAP moduleSUSE Linux Enterprise Server 11SUSE Linux Enterprise Server for SAP Applications 11
The YaST2 LDAP module in SUSE Linux Enterprise Server 11
did not initialize the firewall configuration during second
stage installation. Therefore, if an online update required
reboot during second stage firewall settings were not
applied and the firewall turned off (CVE-2009-1648).
SUSE bug 492441SUSE bug 496862CVE-2009-1648 at SUSECVE-2009-1648 at NVDcpe:/o:suse:sles_sap:11cpe:/o:suse:suse_sles:11Security update for ConsoleKitSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Remote users logged in via e.g. ssh could open a consolekit session that is
considered local and therefore gain additional privileges, e.g. via
policykit (CVE-2010-4664).
Security Issue reference:
* CVE-2010-4664
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4664>
SUSE bug 686150CVE-2010-4664 at SUSECVE-2010-4664 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
MozillaFirefox was updated to version 24.6.0 to fix six security issues:
* Miscellaneous memory safety hazards. (CVE-2014-1533, CVE-2014-1534)
* Use-after-free and out of bounds issues found using Address
Sanitizer. (CVE-2014-1536, CVE-2014-1537, CVE-2014-1538)
* Use-after-free with SMIL Animation Controller. (CVE-2014-1541)
mozilla-nspr was updated to version 4.10.6 to fix one security issue:
* Out of bounds write in NSPR. (CVE-2014-1545)
Further information can be found at
https://www.mozilla.org/security/announce/
<https://www.mozilla.org/security/announce/> .
Security Issues references:
* CVE-2014-1533
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1533>
* CVE-2014-1534
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1534>
* CVE-2014-1536
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1536>
* CVE-2014-1537
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1537>
* CVE-2014-1538
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1538>
* CVE-2014-1541
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1541>
* CVE-2014-1545
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1545>
SUSE bug 881874CVE-2014-1533 at SUSECVE-2014-1533 at NVDCVE-2014-1534 at SUSECVE-2014-1534 at NVDCVE-2014-1536 at SUSECVE-2014-1536 at NVDCVE-2014-1537 at SUSECVE-2014-1537 at NVDCVE-2014-1538 at SUSECVE-2014-1538 at NVDCVE-2014-1541 at SUSECVE-2014-1541 at NVDCVE-2014-1545 at SUSECVE-2014-1545 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for ImageMagickSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of ImageMagick fixes multiple security vulnerabilities that
could be exploited by attackers via specially crafted image files:
* CVE-2012-0259 / CVE-2012-1610: Integer overflow when processing EXIF
directory entries with tags of e.g. format 5 (EXIF_FMT_URATIONAL) and
a large components count.
* CVE-2012-0247 / CVE-2012-1185: Integer overflows via 'number_bytes'
and 'offset' could lead to memory corruption. CVE-2012-0248 /
CVE-2012-1186: Denial of service via 'profile.c'.
* CVE-2012-0260: Denial of service via JPEG restart markers (excessive
CPU consumption).
* CVE-2012-1798: Copying of invalid memory when reading TIFF EXIF IFD.
Security Issue references:
* CVE-2012-0247
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0247>
* CVE-2012-0248
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0248>
* CVE-2012-1185
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1185>
* CVE-2012-1186
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1186>
* CVE-2012-0259
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0259>
* CVE-2012-0260
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0260>
* CVE-2012-1798
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1798>
* CVE-2012-1610
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1610>
SUSE bug 522077SUSE bug 559109SUSE bug 746880SUSE bug 752879SUSE bug 754749SUSE bug 758512SUSE bug 903204SUSE bug 903216SUSE bug 903638SUSE bug 905260CVE-2012-0247 at SUSECVE-2012-0247 at NVDCVE-2012-0248 at SUSECVE-2012-0248 at NVDCVE-2012-0259 at SUSECVE-2012-0259 at NVDCVE-2012-0260 at SUSECVE-2012-0260 at NVDCVE-2012-1185 at SUSECVE-2012-1185 at NVDCVE-2012-1186 at SUSECVE-2012-1186 at NVDCVE-2012-1610 at SUSECVE-2012-1610 at NVDCVE-2012-1798 at SUSECVE-2012-1798 at NVDCVE-2014-8354 at SUSECVE-2014-8354 at NVDCVE-2014-8355 at SUSECVE-2014-8355 at NVDCVE-2014-8562 at SUSECVE-2014-8562 at NVDCVE-2014-8716 at SUSECVE-2014-8716 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
Security issues fixed:
- Several coders were vulnerable to remote code execution attacks,
these coders have now been disabled. They can be re-enabled by
exporting the following environment variable
MAGICK_CODER_MODULE_PATH=/usr/lib64/ImageMagick-6.4.3/modules-Q16/coders/vulnerable/
(bsc#978061)
- CVE-2016-3714: Insufficient shell characters filtering leads to
(potentially remote) code execution
- CVE-2016-3715: Possible file deletion by using ImageMagick's
'ephemeral' pseudo protocol which deletes files after reading.
- CVE-2016-3716: Possible file moving by using ImageMagick's 'msl'
pseudo protocol with any extension in any folder.
- CVE-2016-3717: Possible local file read by using ImageMagick's
'label' pseudo protocol to get content of the files from the server.
- CVE-2016-3718: Possible Server Side Request Forgery (SSRF) to make
HTTP GET or FTP request.
Bugs fixed:
- Use external svg loader (rsvg) ImportantSUSE bug 978061CVE-2016-3714 at SUSECVE-2016-3714 at NVDCVE-2016-3715 at SUSECVE-2016-3715 at NVDCVE-2016-3716 at SUSECVE-2016-3716 at NVDCVE-2016-3717 at SUSECVE-2016-3717 at NVDCVE-2016-3718 at SUSECVE-2016-3718 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
- bsc#978061: A vulnerability in ImageMagick's 'https' module allowed users to
execute arbitrary shell commands on the host performing the image conversion.
The issue had the potential for remote command injection. This update mitigates
the vulnerability by disabling all access to the 'https' module in the
'delegates.xml' config file. (CVE-2016-3714)
ImportantSUSE bug 978061CVE-2016-3714 at SUSECVE-2016-3714 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2016-5118: popen() shell vulnerability via filenames (bsc#982178)
ImportantSUSE bug 982178CVE-2016-5118 at SUSECVE-2016-5118 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
ImageMagick was updated to fix 55 security issues.
These security issues were fixed:
- CVE-2014-9810: SEGV in dpx file handler (bsc#983803).
- CVE-2014-9811: Crash in xwd file handler (bsc#984032).
- CVE-2014-9812: NULL pointer dereference in ps file handling (bsc#984137).
- CVE-2014-9813: Crash on corrupted viff file (bsc#984035).
- CVE-2014-9814: NULL pointer dereference in wpg file handling (bsc#984193).
- CVE-2014-9815: Crash on corrupted wpg file (bsc#984372).
- CVE-2014-9816: Out of bound access in viff image (bsc#984398).
- CVE-2014-9817: Heap buffer overflow in pdb file handling (bsc#984400).
- CVE-2014-9818: Out of bound access on malformed sun file (bsc#984181).
- CVE-2014-9819: Heap overflow in palm files (bsc#984142).
- CVE-2014-9830: Handling of corrupted sun file (bsc#984135).
- CVE-2014-9831: Handling of corrupted wpg file (bsc#984375).
- CVE-2014-9836: Crash in xpm file handling (bsc#984023).
- CVE-2014-9851: Crash when parsing resource block (bsc#984160).
- CVE-2016-5689: NULL ptr dereference in dcm coder (bsc#985460).
- CVE-2014-9853: Memory leak in rle file handling (bsc#984408).
- CVE-2015-8902: PDB file DoS (CPU consumption) (bsc#983253).
- CVE-2015-8903: Denial of service (cpu) in vicar (bsc#983259).
- CVE-2015-8901: MIFF file DoS (endless loop) (bsc#983234).
- CVE-2014-9834: Heap overflow in pict file (bsc#984436).
- CVE-2014-9806: Prevent file descriptr leak due to corrupted file (bsc#983774).
- CVE-2014-9838: Out of memory crash in magick/cache.c (bsc#984370).
- CVE-2014-9854: Filling memory during identification of TIFF image (bsc#984184).
- CVE-2015-8898: Prevent null pointer access in magick/constitute.c (bsc#983746).
- CVE-2015-8894: Double free in coders/tga.c:221 (bsc#983523).
- CVE-2015-8896: Double free / integer truncation issue in coders/pict.c:2000 (bsc#983533).
- CVE-2015-8897: Out of bounds error in SpliceImage (bsc#983739).
- CVE-2016-5690: Bad foor loop in DCM coder (bsc#985451).
- CVE-2016-5691: Checks for pixel.red/green/blue in dcm coder (bsc#985456).
- CVE-2014-9805: SEGV due to a corrupted pnm file. (bsc#983752).
- CVE-2014-9808: SEGV due to corrupted dpc images. (bsc#983796).
- CVE-2014-9820: heap overflow in xpm files (bsc#984150).
- CVE-2014-9823: heap overflow in palm file (bsc#984401).
- CVE-2014-9822: heap overflow in quantum file (bsc#984187).
- CVE-2014-9839: Theoretical out of bound access in magick/colormap-private.h (bsc#984379).
- CVE-2014-9824: Heap overflow in psd file (bsc#984185).
- CVE-2014-9809: Fix a SEGV due to corrupted xwd images. (bsc#983799).
- CVE-2014-9826: Incorrect error handling in sun files (bsc#984186).
- CVE-2014-9842: Memory leak in psd handling (bsc#984374).
- CVE-2016-5687: Out of bounds read in DDS coder (bsc#985448).
- CVE-2014-9840: Out of bound access in palm file (bsc#984433).
- CVE-2014-9847: Incorrect handling of 'previous' image in the JNG decoder (bsc#984144).
- CVE-2014-9846: Added checks to prevent overflow in rle file. (bsc#983521).
- CVE-2014-9845: Crash due to corrupted dib file (bsc#984394).
- CVE-2014-9844: Out of bound issue in rle file (bsc#984373).
- CVE-2014-9849: Crash in png coder (bsc#984018).
- CVE-2016-5688: Various invalid memory reads in ImageMagick WPG (bsc#985442).
- CVE-2014-9807: Fix a double free in pdb coder. (bsc#983794).
- CVE-2014-9829: Out of bound access in sun file (bsc#984409).
- CVE-2016-4564: The DrawImage function in MagickCore/draw.c in ImageMagick made an incorrect function call in attempting to locate the next token, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983308).
- CVE-2016-4563: The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick mishandled the relationship between the BezierQuantum value and certain strokes data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983305).
- CVE-2016-4562: The DrawDashPolygon function in MagickCore/draw.c in ImageMagick mishandled calculations of certain vertices integer data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983292).
- CVE-2014-9837: Additional PNM sanity checks (bsc#984166).
- CVE-2014-9835: Heap overflow in wpf file (bsc#984145).
- CVE-2014-9828: Corrupted (too many colors) psd file (bsc#984028).
- CVE-2016-5841: Integer overflow could have read to RCE (bnc#986609).
- CVE-2016-5842: Out-of-bounds read in MagickCore/property.c:1396 could have lead to memory leak (bnc#986608).
ImportantSUSE bug 983234SUSE bug 983253SUSE bug 983259SUSE bug 983292SUSE bug 983305SUSE bug 983308SUSE bug 983521SUSE bug 983523SUSE bug 983533SUSE bug 983739SUSE bug 983746SUSE bug 983752SUSE bug 983774SUSE bug 983794SUSE bug 983796SUSE bug 983799SUSE bug 983803SUSE bug 984018SUSE bug 984023SUSE bug 984028SUSE bug 984032SUSE bug 984035SUSE bug 984135SUSE bug 984137SUSE bug 984142SUSE bug 984144SUSE bug 984145SUSE bug 984150SUSE bug 984160SUSE bug 984166SUSE bug 984181SUSE bug 984184SUSE bug 984185SUSE bug 984186SUSE bug 984187SUSE bug 984193SUSE bug 984370SUSE bug 984372SUSE bug 984373SUSE bug 984374SUSE bug 984375SUSE bug 984379SUSE bug 984394SUSE bug 984398SUSE bug 984400SUSE bug 984401SUSE bug 984408SUSE bug 984409SUSE bug 984433SUSE bug 984436SUSE bug 985442SUSE bug 985448SUSE bug 985451SUSE bug 985456SUSE bug 985460SUSE bug 986608SUSE bug 986609CVE-2014-9805 at SUSECVE-2014-9805 at NVDCVE-2014-9806 at SUSECVE-2014-9806 at NVDCVE-2014-9807 at SUSECVE-2014-9807 at NVDCVE-2014-9808 at SUSECVE-2014-9808 at NVDCVE-2014-9809 at SUSECVE-2014-9809 at NVDCVE-2014-9810 at SUSECVE-2014-9810 at NVDCVE-2014-9811 at SUSECVE-2014-9811 at NVDCVE-2014-9812 at SUSECVE-2014-9812 at NVDCVE-2014-9813 at SUSECVE-2014-9813 at NVDCVE-2014-9814 at SUSECVE-2014-9814 at NVDCVE-2014-9815 at SUSECVE-2014-9815 at NVDCVE-2014-9816 at SUSECVE-2014-9816 at NVDCVE-2014-9817 at SUSECVE-2014-9817 at NVDCVE-2014-9818 at SUSECVE-2014-9818 at NVDCVE-2014-9819 at SUSECVE-2014-9819 at NVDCVE-2014-9820 at SUSECVE-2014-9820 at NVDCVE-2014-9822 at SUSECVE-2014-9822 at NVDCVE-2014-9823 at SUSECVE-2014-9823 at NVDCVE-2014-9824 at SUSECVE-2014-9824 at NVDCVE-2014-9826 at SUSECVE-2014-9826 at NVDCVE-2014-9828 at SUSECVE-2014-9828 at NVDCVE-2014-9829 at SUSECVE-2014-9829 at NVDCVE-2014-9830 at SUSECVE-2014-9830 at NVDCVE-2014-9831 at SUSECVE-2014-9831 at NVDCVE-2014-9834 at SUSECVE-2014-9834 at NVDCVE-2014-9835 at SUSECVE-2014-9835 at NVDCVE-2014-9836 at SUSECVE-2014-9836 at NVDCVE-2014-9837 at SUSECVE-2014-9837 at NVDCVE-2014-9838 at SUSECVE-2014-9838 at NVDCVE-2014-9839 at SUSECVE-2014-9839 at NVDCVE-2014-9840 at SUSECVE-2014-9840 at NVDCVE-2014-9842 at SUSECVE-2014-9842 at NVDCVE-2014-9844 at SUSECVE-2014-9844 at NVDCVE-2014-9845 at SUSECVE-2014-9845 at NVDCVE-2014-9846 at SUSECVE-2014-9846 at NVDCVE-2014-9847 at SUSECVE-2014-9847 at NVDCVE-2014-9849 at SUSECVE-2014-9849 at NVDCVE-2014-9851 at SUSECVE-2014-9851 at NVDCVE-2014-9853 at SUSECVE-2014-9853 at NVDCVE-2014-9854 at SUSECVE-2014-9854 at NVDCVE-2015-8894 at SUSECVE-2015-8894 at NVDCVE-2015-8896 at SUSECVE-2015-8896 at NVDCVE-2015-8897 at SUSECVE-2015-8897 at NVDCVE-2015-8898 at SUSECVE-2015-8898 at NVDCVE-2015-8901 at SUSECVE-2015-8901 at NVDCVE-2015-8902 at SUSECVE-2015-8902 at NVDCVE-2015-8903 at SUSECVE-2015-8903 at NVDCVE-2016-4562 at SUSECVE-2016-4562 at NVDCVE-2016-4563 at SUSECVE-2016-4563 at NVDCVE-2016-4564 at SUSECVE-2016-4564 at NVDCVE-2016-5687 at SUSECVE-2016-5687 at NVDCVE-2016-5688 at SUSECVE-2016-5688 at NVDCVE-2016-5689 at SUSECVE-2016-5689 at NVDCVE-2016-5690 at SUSECVE-2016-5690 at NVDCVE-2016-5691 at SUSECVE-2016-5691 at NVDCVE-2016-5841 at SUSECVE-2016-5841 at NVDCVE-2016-5842 at SUSECVE-2016-5842 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
- security update:
* CVE-2016-6520: buffer overflow [bsc#991872]
* CVE-2016-6491: Out-of-bounds read in CopyMagickMemory [bsc#991445]
ModerateSUSE bug 991445SUSE bug 991872CVE-2016-6491 at SUSECVE-2016-6491 at NVDCVE-2016-6520 at SUSECVE-2016-6520 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
These vulnerabilities could be triggered by processing specially crafted image files,
which could lead to a process crash or resource consumtion, or potentially have
unspecified futher impact.
- CVE-2016-8862: Memory allocation failure in AcquireMagickMemory (bsc#1007245)
- CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714)
- CVE-2015-8959: DOS due to corrupted DDS files (bsc#1000713)
- CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711)
- CVE-2016-6823: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066)
- CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688)
- CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689)
- CVE-2016-7529: out of bound in quantum handling (bsc#1000399)
- CVE-2016-7101: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221)
- CVE-2016-7527: out of bound access in wpg file coder: (bsc#1000436)
- CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629)
- CVE-2016-7528: out of bound access in xcf file coder (bsc#1000434)
- CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127)
- CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125)
- CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123)
- Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209)
- CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701)
- CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700)
- CVE-2016-7530: Out of bound in quantum handling (bsc#1000703)
- CVE-2016-7531: Pbd file out of bound access (bsc#1000704)
- CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707)
- CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709)
- CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698)
- CVE-2016-7517: out-of-bounds read in coders/pict.c (bsc#1000693)
- CVE-2016-7516: Out of bounds problem in rle, pict, viff and sun files (bsc#1000692)
- CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691)
- CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690)
- CVE-2016-7519: out-of-bounds read in coders/rle.c (bsc#1000695)
- CVE-2016-7518: out-of-bounds read in coders/sun.c (bsc#1000694)
- CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422)
- CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699)
- CVE-2016-7799: mogrify global buffer overflow (bsc#1002421)
ImportantSUSE bug 1000399SUSE bug 1000434SUSE bug 1000436SUSE bug 1000688SUSE bug 1000689SUSE bug 1000690SUSE bug 1000691SUSE bug 1000692SUSE bug 1000693SUSE bug 1000694SUSE bug 1000695SUSE bug 1000698SUSE bug 1000699SUSE bug 1000700SUSE bug 1000701SUSE bug 1000703SUSE bug 1000704SUSE bug 1000707SUSE bug 1000709SUSE bug 1000711SUSE bug 1000713SUSE bug 1000714SUSE bug 1001066SUSE bug 1001221SUSE bug 1002209SUSE bug 1002421SUSE bug 1002422SUSE bug 1003629SUSE bug 1005123SUSE bug 1005125SUSE bug 1005127SUSE bug 1007245CVE-2014-9907 at SUSECVE-2014-9907 at NVDCVE-2015-8957 at SUSECVE-2015-8957 at NVDCVE-2015-8958 at SUSECVE-2015-8958 at NVDCVE-2015-8959 at SUSECVE-2015-8959 at NVDCVE-2016-5687 at SUSECVE-2016-5687 at NVDCVE-2016-6823 at SUSECVE-2016-6823 at NVDCVE-2016-7101 at SUSECVE-2016-7101 at NVDCVE-2016-7514 at SUSECVE-2016-7514 at NVDCVE-2016-7515 at SUSECVE-2016-7515 at NVDCVE-2016-7516 at SUSECVE-2016-7516 at NVDCVE-2016-7517 at SUSECVE-2016-7517 at NVDCVE-2016-7518 at SUSECVE-2016-7518 at NVDCVE-2016-7519 at SUSECVE-2016-7519 at NVDCVE-2016-7522 at SUSECVE-2016-7522 at NVDCVE-2016-7523 at SUSECVE-2016-7523 at NVDCVE-2016-7524 at SUSECVE-2016-7524 at NVDCVE-2016-7525 at SUSECVE-2016-7525 at NVDCVE-2016-7526 at SUSECVE-2016-7526 at NVDCVE-2016-7527 at SUSECVE-2016-7527 at NVDCVE-2016-7528 at SUSECVE-2016-7528 at NVDCVE-2016-7529 at SUSECVE-2016-7529 at NVDCVE-2016-7530 at SUSECVE-2016-7530 at NVDCVE-2016-7531 at SUSECVE-2016-7531 at NVDCVE-2016-7533 at SUSECVE-2016-7533 at NVDCVE-2016-7535 at SUSECVE-2016-7535 at NVDCVE-2016-7537 at SUSECVE-2016-7537 at NVDCVE-2016-7799 at SUSECVE-2016-7799 at NVDCVE-2016-7800 at SUSECVE-2016-7800 at NVDCVE-2016-7996 at SUSECVE-2016-7996 at NVDCVE-2016-7997 at SUSECVE-2016-7997 at NVDCVE-2016-8682 at SUSECVE-2016-8682 at NVDCVE-2016-8683 at SUSECVE-2016-8683 at NVDCVE-2016-8684 at SUSECVE-2016-8684 at NVDCVE-2016-8862 at SUSECVE-2016-8862 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
* CVE-2016-9556: Possible Heap-overflow found by fuzzing [bsc#1011130]
* CVE-2016-9559: Possible Null pointer access found by fuzzing [bsc#1011136]
* CVE-2016-8707: Possible code execution in the tiff deflate convert code [bsc#1014159]
* CVE-2016-9773: Possible Heap overflow in IsPixelGray [bsc#1013376]
* CVE-2016-8866: Possible memory allocation failure in AcquireMagickMemory [bsc#1009318]
ModerateSUSE bug 1009318SUSE bug 1011130SUSE bug 1011136SUSE bug 1013376SUSE bug 1014159CVE-2016-7530 at SUSECVE-2016-7530 at NVDCVE-2016-8707 at SUSECVE-2016-8707 at NVDCVE-2016-8866 at SUSECVE-2016-8866 at NVDCVE-2016-9556 at SUSECVE-2016-9556 at NVDCVE-2016-9559 at SUSECVE-2016-9559 at NVDCVE-2016-9773 at SUSECVE-2016-9773 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2016-10046: Prevent buffer overflow in draw.c caused by an incorrect length calculation (bsc#1017308)
- CVE-2016-10048: Arbitrary module could have been load because relative path were not escaped (bsc#1017310)
- CVE-2016-10049: Corrupt RLE files could have overflowed a buffer due to a incorrect length calculation (bsc#1017311)
- CVE-2016-10050: Corrupt RLE files could have overflowed a heap buffer due to a missing offset check (bsc#1017312)
- CVE-2016-10051: Fixed use after free when reading PWP files (bsc#1017313)
- CVE-2016-10052: Added bound check to exif parsing of JPEG files (bsc#1017314).
- CVE-2016-10059: Unchecked calculation when reading TIFF files could have lead to a buffer overflow (bsc#1017318)
- CVE-2016-10060: Improved error handling when writing files to not mask errors (bsc#1017319).
- CVE-2016-10063: Check validity of extend during TIFF file reading (bsc#1017320).
- CVE-2016-10064: Improved checks for buffer overflow when reading TIFF files (bsc#1017321)
- CVE-2016-10065: Unchecked calculations when reading VIFF files could have lead to out of bound reads (bsc#1017322)
- CVE-2016-10068: Prevent NULL pointer access when using the MSL interpreter (bsc#1017324)
- CVE-2016-10070: Prevent allocating the wrong amount of memory when reading mat files (bsc#1017326)
- CVE-2016-10071: Prevent allocating the wrong amount of memory when reading mat files (bsc#1017326).
- CVE-2016-10144: Added a check after allocating memory when parsing IPL files (bsc#1020433).
- CVE-2016-10145: Fixed of-by-one in string copy operation when parsing WPG files (bsc#1020435).
- CVE-2016-10146: Captions and labels were handled incorrectly, causing a memory leak that could have lead to DoS (bsc#1020443)
- CVE-2017-5506: Missing offset check leading to a double-free (bsc#1020436).
- CVE-2017-5507: Fixed a memory leak when reading MPC files allowing for DoS (bsc#1020439).
- CVE-2017-5508: Increase the amount of memory allocated for TIFF pixels to prevent a heap buffer-overflow (bsc#1020441).
- CVE-2017-5511: A missing cast when reading PSD files could have caused memory corruption by a heap overflow (bsc#1020448)
This update removes the fix for CVE-2016-9773. ImageMagick-6 was not affected by CVE-2016-9773 and it caused a regression (at least in GraphicsMagick) (bsc#1017421).
ModerateSUSE bug 1017308SUSE bug 1017310SUSE bug 1017311SUSE bug 1017312SUSE bug 1017313SUSE bug 1017314SUSE bug 1017318SUSE bug 1017319SUSE bug 1017320SUSE bug 1017321SUSE bug 1017322SUSE bug 1017324SUSE bug 1017326SUSE bug 1017421SUSE bug 1020433SUSE bug 1020435SUSE bug 1020436SUSE bug 1020439SUSE bug 1020441SUSE bug 1020443SUSE bug 1020448CVE-2016-10046 at SUSECVE-2016-10046 at NVDCVE-2016-10048 at SUSECVE-2016-10048 at NVDCVE-2016-10049 at SUSECVE-2016-10049 at NVDCVE-2016-10050 at SUSECVE-2016-10050 at NVDCVE-2016-10051 at SUSECVE-2016-10051 at NVDCVE-2016-10052 at SUSECVE-2016-10052 at NVDCVE-2016-10059 at SUSECVE-2016-10059 at NVDCVE-2016-10060 at SUSECVE-2016-10060 at NVDCVE-2016-10063 at SUSECVE-2016-10063 at NVDCVE-2016-10064 at SUSECVE-2016-10064 at NVDCVE-2016-10065 at SUSECVE-2016-10065 at NVDCVE-2016-10068 at SUSECVE-2016-10068 at NVDCVE-2016-10070 at SUSECVE-2016-10070 at NVDCVE-2016-10071 at SUSECVE-2016-10071 at NVDCVE-2016-10144 at SUSECVE-2016-10144 at NVDCVE-2016-10145 at SUSECVE-2016-10145 at NVDCVE-2016-10146 at SUSECVE-2016-10146 at NVDCVE-2017-5506 at SUSECVE-2017-5506 at NVDCVE-2017-5507 at SUSECVE-2017-5507 at NVDCVE-2017-5508 at SUSECVE-2017-5508 at NVDCVE-2017-5511 at SUSECVE-2017-5511 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for ImageMagick (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick provides the following fixes:
- Fix segmentation fault when wrong parameter supplied to conjure command (bsc#1027480).
- Improve CVE-2016-7518 patch to fix sun coder (bsc#1028079 comment 5).
LowSUSE bug 1027480SUSE bug 1028079CVE-2016-7518 at SUSECVE-2016-7518 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
This security issue was fixed:
- CVE-2017-7941: The ReadSGIImage function in sgi.c allowed remote attackers to consume an
amount of available memory via a crafted file (bsc#1034876).
- CVE-2017-8351: ImageMagick, GraphicsMagick: denial of service (memory leak) via a crafted
file (ReadPCDImage func in pcd.c) (bsc#1036986).
- CVE-2017-8352: denial of service (memory leak) via a crafted file (ReadXWDImage func in
xwd.c) (bsc#1036987)
- CVE-2017-8349: denial of service (memory leak) via a crafted file (ReadSFWImage func in
sfw.c) (bsc#1036984)
- CVE-2017-8350: denial of service (memory leak) via a crafted file (ReadJNGImage function in
png.c) (bsc#1036985)
- CVE-2017-8345: denial of service (memory leak) via a crafted file (ReadMNGImage func in
png.c) (bsc#1036980)
- CVE-2017-8346: denial of service (memory leak) via a crafted file (ReadDCMImage func in
dcm.c) (bsc#1036981)
- CVE-2017-8353: denial of service (memory leak) via a crafted file (ReadPICTImage func in
pict.c) (bsc#1036988)
- CVE-2017-8830: denial of service (memory leak) via a crafted file (ReadBMPImage func in
bmp.c:1379) (bsc#1038000)
- CVE-2017-7606: denial of service (application crash) or possibly have unspecified other
impact via a crafted image (bsc#1033091)
- CVE-2017-8765: memory leak vulnerability via a crafted ICON file (ReadICONImage in
coders\icon.c) (bsc#1037527)
- CVE-2017-8355: denial of service (memory leak) via a crafted file (ReadMTVImage func in
mtv.c) (bsc#1036990)
- CVE-2017-8344: denial of service (memory leak) via a crafted file (ReadPCXImage func in
pcx.c) (bsc#1036978)
- CVE-2017-9098: uninitialized memory usage in the ReadRLEImage RLE decoder
function coders/rle.c (bsc#1040025)
- CVE-2017-9141: Missing checks in the ReadDDSImage function in
coders/dds.c could lead to a denial of service (assertion) (bsc#1040303)
- CVE-2017-9142: Missing checks in theReadOneJNGImage function in
coders/png.c could lead to denial of service (assertion) (bsc#1040304)
- CVE-2017-9143: A possible denial of service attack via crafted .art
file in ReadARTImage function in coders/art.c (bsc#1040306)
- CVE-2017-9144: A crafted RLE image can trigger a crash in coders/rle.c
could lead to a denial of service (crash) (bsc#1040332)
ModerateSUSE bug 1033091SUSE bug 1034870SUSE bug 1034872SUSE bug 1034876SUSE bug 1036976SUSE bug 1036978SUSE bug 1036980SUSE bug 1036981SUSE bug 1036983SUSE bug 1036984SUSE bug 1036985SUSE bug 1036986SUSE bug 1036987SUSE bug 1036988SUSE bug 1036989SUSE bug 1036990SUSE bug 1037527SUSE bug 1038000SUSE bug 1040025SUSE bug 1040303SUSE bug 1040304SUSE bug 1040306SUSE bug 1040332CVE-2014-9846 at SUSECVE-2014-9846 at NVDCVE-2016-10050 at SUSECVE-2016-10050 at NVDCVE-2017-7606 at SUSECVE-2017-7606 at NVDCVE-2017-7941 at SUSECVE-2017-7941 at NVDCVE-2017-7942 at SUSECVE-2017-7942 at NVDCVE-2017-7943 at SUSECVE-2017-7943 at NVDCVE-2017-8344 at SUSECVE-2017-8344 at NVDCVE-2017-8345 at SUSECVE-2017-8345 at NVDCVE-2017-8346 at SUSECVE-2017-8346 at NVDCVE-2017-8348 at SUSECVE-2017-8348 at NVDCVE-2017-8349 at SUSECVE-2017-8349 at NVDCVE-2017-8350 at SUSECVE-2017-8350 at NVDCVE-2017-8351 at SUSECVE-2017-8351 at NVDCVE-2017-8352 at SUSECVE-2017-8352 at NVDCVE-2017-8353 at SUSECVE-2017-8353 at NVDCVE-2017-8354 at SUSECVE-2017-8354 at NVDCVE-2017-8355 at SUSECVE-2017-8355 at NVDCVE-2017-8357 at SUSECVE-2017-8357 at NVDCVE-2017-8765 at SUSECVE-2017-8765 at NVDCVE-2017-8830 at SUSECVE-2017-8830 at NVDCVE-2017-9098 at SUSECVE-2017-9098 at NVDCVE-2017-9141 at SUSECVE-2017-9141 at NVDCVE-2017-9142 at SUSECVE-2017-9142 at NVDCVE-2017-9143 at SUSECVE-2017-9143 at NVDCVE-2017-9144 at SUSECVE-2017-9144 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2017-9439: A memory leak was found in the function ReadPDBImage incoders/pdb.c (bsc#1042826)
- CVE-2017-9501: An assertion failure could cause a denial of service via a crafted file (bsc#1043289)
- CVE-2017-11403: ReadMNGImage function in coders/png.c has an out-of-order CloseBlob call, resulting
in a use-after-free via acrafted file (bsc#1049072)
ImportantSUSE bug 1042826SUSE bug 1043289SUSE bug 1049072CVE-2017-11403 at SUSECVE-2017-11403 at NVDCVE-2017-9439 at SUSECVE-2017-9439 at NVDCVE-2017-9501 at SUSECVE-2017-9501 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes several issues.
These security issues were fixed:
- CVE-2017-11534: Processing a crafted file in convert could have lead to a
Memory Leak in the lite_font_map() function in coders/wmf.c (bsc#1050135).
- CVE-2017-13133: The load_level function in coders/xcf.c lacked offset
validation, which allowed attackers to cause a denial of service (load_tile
memory exhaustion) via a crafted file (bsc#1055219).
- CVE-2017-13139: The ReadOneMNGImage function in coders/png.c had an
out-of-bounds read with the MNG CLIP chunk (bsc#1055430).
- CVE-2017-15033: Fixed a memory leak in ReadYUVImage in coders/yuv.c
(bsc#1061873).
ModerateSUSE bug 1050135SUSE bug 1055219SUSE bug 1055430SUSE bug 1061873CVE-2017-11534 at SUSECVE-2017-11534 at NVDCVE-2017-13133 at SUSECVE-2017-13133 at NVDCVE-2017-13139 at SUSECVE-2017-13139 at NVDCVE-2017-15033 at SUSECVE-2017-15033 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
* CVE-2017-14607: out of bounds read flaw related to ReadTIFFImagehas
could possibly disclose potentially sensitive memory [bsc#1059778]
* CVE-2017-11640: NULL pointer deref in WritePTIFImage() in coders/tiff.c [bsc#1050632]
* CVE-2017-14342: a memory exhaustion vulnerability in ReadWPGImage
in coders/wpg.c could lead to denial of service [bsc#1058485]
* CVE-2017-14341: Infinite loop in the ReadWPGImage function [bsc#1058637]
* CVE-2017-16546: problem in the function ReadWPGImage in coders/wpg.c
could lead to denial of service [bsc#1067181]
* CVE-2017-16545: The ReadWPGImage function in coders/wpg.c in
validation problems could lead to denial of service [bsc#1067184]
* CVE-2017-14175: Lack of End of File check could lead to denial of service [bsc#1057719]
* CVE-2017-13769: denial of service issue in function WriteTHUMBNAILImage in coders/thumbnail.c [bsc#1056432]
* CVE-2017-13134: a heap-based buffer over-read was found in thefunction SFWScan
in coders/sfw.c, which allows attackers to cause adenial of service via a crafted file. [bsc#1055214]
* CVE-2017-11478: ReadOneDJVUImage in coders/djvu.c in ImageMagick allows remote attackers to cause a DoS [bsc#1049796]
* CVE-2017-15930: Null Pointer dereference while transfering JPEG scanlines could lead to denial of service [bsc#1066003]
* CVE-2017-12983: Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c
allows remote attackers to cause a denial of service [bsc#1054757]
* CVE-2017-14531: memory exhaustion issue in ReadSUNImage incoders/sun.c. [bsc#1059666]
* CVE-2017-12435: Memory exhaustion in ReadSUNImage in coders/sun.c,
which allows attackers to cause denial of service [bsc#1052553]
* CVE-2017-12587: User controlable large loop in the ReadPWPImage in coders\pwp.c could lead to denial of service [bsc#1052450]
* CVE-2017-14173: unction ReadTXTImage is vulnerable to a integer overflow that could lead to denial of service [bsc#1057729]
* CVE-2017-11188: ImageMagick: The ReadDPXImage function in codersdpx.c in ImageMagick 7.0.6-0 has a largeloop vulnerability that can cause CPU exhaustion via a crafted DPX file, relatedto lack of an EOF check. [bnc#1048457]
* CVE-2017-11527: ImageMagick: ReadDPXImage in coders/dpx.c allows remote attackers to cause DoS [bnc#1050116]
* CVE-2017-11535: GraphicsMagick, ImageMagick: Heap-based buffer over-read in WritePSImage() in coders/ps.c [bnc#1050139]
* CVE-2017-11752: ImageMagick: ReadMAGICKImage in coders/magick.c allows to cause DoS [bnc#1051441]
* CVE-2017-12140: ImageMagick: ReadDCMImage in codersdcm.c has a ninteger signedness error leading to excessive memory consumption [bnc#1051847]
* CVE-2017-12669: ImageMagick: Memory leak in WriteCALSImage in coders/cals.c [bnc#1052689]
* CVE-2017-12662: GraphicsMagick, ImageMagick: Memory leak in WritePDFImage in coders/pdf.c [bnc#1052758]
* CVE-2017-12644: ImageMagick: Memory leak in ReadDCMImage in codersdcm.c [bnc#1052764]
* CVE-2017-14172: ImageMagick: Lack of end of file check in ReadPSImage() could lead to a denial of service [bnc#1057730]
* CVE-2017-14733: GraphicsMagick: Heap overflow on ReadRLEImage in coders/rle.c could lead to denial of service [bnc#1060577]
ImportantSUSE bug 1048457SUSE bug 1049796SUSE bug 1050116SUSE bug 1050139SUSE bug 1050632SUSE bug 1051441SUSE bug 1051847SUSE bug 1052450SUSE bug 1052553SUSE bug 1052689SUSE bug 1052758SUSE bug 1052764SUSE bug 1054757SUSE bug 1055214SUSE bug 1056432SUSE bug 1057719SUSE bug 1057729SUSE bug 1057730SUSE bug 1058485SUSE bug 1058637SUSE bug 1059666SUSE bug 1059778SUSE bug 1060577SUSE bug 1066003SUSE bug 1067181SUSE bug 1067184CVE-2017-11188 at SUSECVE-2017-11188 at NVDCVE-2017-11478 at SUSECVE-2017-11478 at NVDCVE-2017-11527 at SUSECVE-2017-11527 at NVDCVE-2017-11535 at SUSECVE-2017-11535 at NVDCVE-2017-11640 at SUSECVE-2017-11640 at NVDCVE-2017-11752 at SUSECVE-2017-11752 at NVDCVE-2017-12140 at SUSECVE-2017-12140 at NVDCVE-2017-12435 at SUSECVE-2017-12435 at NVDCVE-2017-12587 at SUSECVE-2017-12587 at NVDCVE-2017-12644 at SUSECVE-2017-12644 at NVDCVE-2017-12662 at SUSECVE-2017-12662 at NVDCVE-2017-12669 at SUSECVE-2017-12669 at NVDCVE-2017-12983 at SUSECVE-2017-12983 at NVDCVE-2017-13134 at SUSECVE-2017-13134 at NVDCVE-2017-13769 at SUSECVE-2017-13769 at NVDCVE-2017-14172 at SUSECVE-2017-14172 at NVDCVE-2017-14173 at SUSECVE-2017-14173 at NVDCVE-2017-14175 at SUSECVE-2017-14175 at NVDCVE-2017-14341 at SUSECVE-2017-14341 at NVDCVE-2017-14342 at SUSECVE-2017-14342 at NVDCVE-2017-14531 at SUSECVE-2017-14531 at NVDCVE-2017-14607 at SUSECVE-2017-14607 at NVDCVE-2017-14733 at SUSECVE-2017-14733 at NVDCVE-2017-15930 at SUSECVE-2017-15930 at NVDCVE-2017-16545 at SUSECVE-2017-16545 at NVDCVE-2017-16546 at SUSECVE-2017-16546 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes several issues.
These security issues were fixed:
- CVE-2017-14343: Fixed a memory leak vulnerability in ReadXCFImage in
coders/xcf.c via a crafted xcf image file (bsc#1058422).
- CVE-2017-12691: The ReadOneLayer function in coders/xcf.c allowed remote
attackers to cause a denial of service (memory consumption) via a crafted file
(bsc#1058422).
- CVE-2017-14042: Prevent memory allocation failure in the ReadPNMImage
function in coders/pnm.c. The vulnerability caused a big memory allocation,
which may have lead to remote denial of service in the MagickRealloc function
in magick/memory.c (bsc#1056550).
- CVE-2017-15281: ReadPSDImage in coders/psd.c allowed remote attackers to
cause a denial of service (application crash) or possibly have unspecified
other impact via a crafted file (bsc#1063049).
- CVE-2017-13061: A length-validation vulnerability in the function
ReadPSDLayersInternal in coders/psd.c allowed attackers to cause a denial of
service (ReadPSDImage memory exhaustion) via a crafted file (bsc#1055063).
- CVE-2017-12563: A memory exhaustion vulnerability in the function
ReadPSDImage in coders/psd.c allowed attackers to cause a denial of service
(bsc#1052460).
- CVE-2017-14174: coders/psd.c allowed for DoS in ReadPSDLayersInternal() due
to lack of an EOF (End of File) check might have caused huge CPU consumption.
When a crafted PSD file, which claims a large 'length' field in the header but
did not contain sufficient backing data, is provided, the loop over 'length'
would consume huge CPU resources, since there is no EOF check inside the loop
(bsc#1057723).
- CVE-2017-13062: A memory leak vulnerability in the function formatIPTC in
coders/meta.c allowed attackers to cause a denial of service (WriteMETAImage
memory consumption) via a crafted file (bsc#1055053).
- CVE-2017-15277: ReadGIFImage in coders/gif.c left the palette uninitialized
when processing a GIF file that has neither a global nor local palette. If this
functionality was used as a library loaded into a process that operates on
interesting data, this data sometimes could have been leaked via the
uninitialized palette (bsc#1063050).
ModerateSUSE bug 1052460SUSE bug 1055053SUSE bug 1055063SUSE bug 1056550SUSE bug 1057723SUSE bug 1058422SUSE bug 1063049SUSE bug 1063050CVE-2017-12563 at SUSECVE-2017-12563 at NVDCVE-2017-12691 at SUSECVE-2017-12691 at NVDCVE-2017-13061 at SUSECVE-2017-13061 at NVDCVE-2017-13062 at SUSECVE-2017-13062 at NVDCVE-2017-14042 at SUSECVE-2017-14042 at NVDCVE-2017-14174 at SUSECVE-2017-14174 at NVDCVE-2017-14343 at SUSECVE-2017-14343 at NVDCVE-2017-15277 at SUSECVE-2017-15277 at NVDCVE-2017-15281 at SUSECVE-2017-15281 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes several issues.
These security issues were fixed:
- CVE-2017-12672: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of
service (bsc#1052720).
- CVE-2017-13060: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of
service via a crafted file (bsc#1055065).
- CVE-2017-11724: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c involving the quantum_info and clone_info data
structures (bsc#1051446).
- CVE-2017-12670: Added validation in coders/mat.c to prevent an assertion
failure in the function DestroyImage in MagickCore/image.c, which allowed
attackers to cause a denial of service (bsc#1052731).
- CVE-2017-12667: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c (bsc#1052732).
- CVE-2017-13146: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c (bsc#1055323).
- CVE-2017-10800: Processing MATLAB images in coders/mat.c could have lead to a
denial of service (OOM) in ReadMATImage() if the size specified for a MAT
Object was larger than the actual amount of data (bsc#1047044)
- CVE-2017-13648: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c (bsc#1055434).
- CVE-2017-11141: Fixed a memory leak vulnerability in the function
ReadMATImage in coders\mat.c that could have caused memory exhaustion via a
crafted MAT file, related to incorrect ordering of a SetImageExtent call
(bsc#1047898).
- CVE-2017-11529: The ReadMATImage function in coders/mat.c allowed remote
attackers to cause a denial of service (memory leak) via a crafted file
(bsc#1050120).
- CVE-2017-12564: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of
service (bsc#1052468).
- CVE-2017-12434: Added a missing NULL check in the function ReadMATImage in
coders/mat.c, which allowed attackers to cause a denial of service (assertion
failure) in DestroyImageInfo in image.c (bsc#1052550).
- CVE-2017-12675: Added a missing check for multidimensional data coders/mat.c,
that could have lead to a memory leak in the function ReadImage in
MagickCore/constitute.c, which allowed attackers to cause a denial of service
(bsc#1052710).
- CVE-2017-14326: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of
service via a crafted file (bsc#1058640).
- CVE-2017-11644: Processesing a crafted file in convert could have lead to a
memory leak in the ReadMATImage() function in coders/mat.c (bsc#1050606).
- CVE-2017-13658: Added a missing NULL check in the ReadMATImage function in
coders/mat.c, which could have lead to a denial of service (assertion failure
and application exit) in the DestroyImageInfo function in MagickCore/image.c
(bsc#1055855).
- CVE-2017-14533: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c (bsc#1059751).
- CVE-2017-17881: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of
service via a crafted MAT image file (bsc#1074123).
- CVE-2017-1000476: Prevent CPU exhaustion in the function ReadDDSInfo in
coders/dds.c, which allowed attackers to cause a denial of service
(bsc#1074610).
- CVE-2017-9409: Fixed a memory leak vulnerability in the function ReadMPCImage
in mpc.c, which allowed attackers to cause a denial of service via a crafted
file (bsc#1042948).
- CVE-2017-11449: coders/mpc did not enable seekable streams and thus could not
validate blob sizes, which allowed remote attackers to cause a denial of service
(application crash) or possibly have unspecified other impact via an image
received from stdin (bsc#1049373)
- CVE-2017-12430: A memory exhaustion in the function ReadMPCImage in
coders/mpc.c allowed attackers to cause DoS (bsc#1052252)
- CVE-2017-12642: Prevent a memory leak vulnerability in ReadMPCImage in
coders\mpc.c via crafted file allowing for DoS (bsc#1052771)
- CVE-2017-14249: A mishandled EOF check in ReadMPCImage in coders/mpc.c that
lead to a division by zero in GetPixelCacheTileSize in MagickCore/cache.c
allowed remote attackers to cause a denial of service via a crafted file
(bsc#1058082)
- CVE-2017-1000445: Added a NUL pointer check in the MagickCore component that
might have lead to denial of service (bsc#1074425).
- CVE-2017-11751: Fixed a memory leak vulnerability in the function
WritePICONImage in coders/xpm.c that allowed remote attackers to cause a denial
of service via a crafted file (bsc#1051412).
- CVE-2017-17680: Fixed a memory leak vulnerability in the function
ReadXPMImage in coders/xpm.c, which allowed attackers to cause a denial of
service via a crafted xpm image file (bsc#1072902).
- CVE-2017-17882: Fixed a memory leak vulnerability in the function
ReadXPMImage in coders/xpm.c, which allowed attackers to cause a denial of
service via a crafted XPM image file (bsc#1074122).
- CVE-2018-5246: Fixed memory leak vulnerability in ReadPATTERNImage in
coders/pattern.c (bsc#1074973).
- CVE-2017-18022: Fixed memory leak vulnerability in MontageImageCommand in
MagickWand/montage.c (bsc#1074975)
- CVE-2018-5247: Fixed memory leak vulnerability in ReadRLAImage in
coders/rla.c (bsc#1074969)
ModerateSUSE bug 1042948SUSE bug 1047044SUSE bug 1047898SUSE bug 1049373SUSE bug 1050120SUSE bug 1050606SUSE bug 1051412SUSE bug 1051446SUSE bug 1052252SUSE bug 1052468SUSE bug 1052550SUSE bug 1052710SUSE bug 1052720SUSE bug 1052731SUSE bug 1052732SUSE bug 1052771SUSE bug 1055065SUSE bug 1055323SUSE bug 1055434SUSE bug 1055855SUSE bug 1058082SUSE bug 1058640SUSE bug 1059751SUSE bug 1072902SUSE bug 1074122SUSE bug 1074123SUSE bug 1074425SUSE bug 1074610SUSE bug 1074969SUSE bug 1074973SUSE bug 1074975CVE-2017-1000445 at SUSECVE-2017-1000445 at NVDCVE-2017-1000476 at SUSECVE-2017-1000476 at NVDCVE-2017-10800 at SUSECVE-2017-10800 at NVDCVE-2017-11141 at SUSECVE-2017-11141 at NVDCVE-2017-11449 at SUSECVE-2017-11449 at NVDCVE-2017-11529 at SUSECVE-2017-11529 at NVDCVE-2017-11644 at SUSECVE-2017-11644 at NVDCVE-2017-11724 at SUSECVE-2017-11724 at NVDCVE-2017-11751 at SUSECVE-2017-11751 at NVDCVE-2017-12430 at SUSECVE-2017-12430 at NVDCVE-2017-12434 at SUSECVE-2017-12434 at NVDCVE-2017-12564 at SUSECVE-2017-12564 at NVDCVE-2017-12642 at SUSECVE-2017-12642 at NVDCVE-2017-12667 at SUSECVE-2017-12667 at NVDCVE-2017-12670 at SUSECVE-2017-12670 at NVDCVE-2017-12672 at SUSECVE-2017-12672 at NVDCVE-2017-12675 at SUSECVE-2017-12675 at NVDCVE-2017-13060 at SUSECVE-2017-13060 at NVDCVE-2017-13146 at SUSECVE-2017-13146 at NVDCVE-2017-13648 at SUSECVE-2017-13648 at NVDCVE-2017-13658 at SUSECVE-2017-13658 at NVDCVE-2017-14249 at SUSECVE-2017-14249 at NVDCVE-2017-14326 at SUSECVE-2017-14326 at NVDCVE-2017-14533 at SUSECVE-2017-14533 at NVDCVE-2017-17680 at SUSECVE-2017-17680 at NVDCVE-2017-17881 at SUSECVE-2017-17881 at NVDCVE-2017-17882 at SUSECVE-2017-17882 at NVDCVE-2017-18022 at SUSECVE-2017-18022 at NVDCVE-2017-9409 at SUSECVE-2017-9409 at NVDCVE-2018-5246 at SUSECVE-2018-5246 at NVDCVE-2018-5247 at SUSECVE-2018-5247 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes several issues.
These security issues were fixed:
- CVE-2018-5685: Prevent infinite loop and application hang in the ReadBMPImage
function. Remote attackers could leverage this vulnerability to cause a denial
of service via an image file with a crafted bit-field mask value (bsc#1075939)
- CVE-2017-11639: Prevent heap-based buffer over-read in the WriteCIPImage()
function, related to the GetPixelLuma function in MagickCore/pixel-accessor.h
(bsc#1050635).
- CVE-2017-11525: Prevent memory consumption in the ReadCINImage function that
allowed remote attackers to cause a denial of service (bsc#1050098).
- CVE-2017-9262: The ReadJNGImage function in coders/png.c allowed attackers to
cause a denial of service (memory leak) via a crafted file (bsc#1043353)
- CVE-2017-9261: The ReadMNGImage function in coders/png.c allowed
attackers to cause a denial of service (memory leak) via a crafted file (bsc#1043354)
- CVE-2017-10995: The mng_get_long function in coders/png.c allowed remote
attackers to cause a denial of service (heap-based buffer over-read and
application crash) via a crafted MNG image (bsc#1047908)
- CVE-2017-11539: Prevent memory leak in the ReadOnePNGImage() function in
coders/png.c (bsc#1050037)
- CVE-2017-11505: The ReadOneJNGImage function in coders/png.c allowed remote
attackers to cause a denial of service (large loop and CPU consumption) via
a crafted file (bsc#1050072)
- CVE-2017-11526: The ReadOneMNGImage function in coders/png.c allowed remote
attackers to cause a denial of service (large loop and CPU consumption) via a
crafted file (bsc#1050100)
- CVE-2017-11750: The ReadOneJNGImage function in coders/png.c allowed remote
attackers to cause a denial of service (NULL pointer dereference) via a crafted
file (bsc#1051442)
- CVE-2017-12565: Prevent memory leak in the function ReadOneJNGImage in
coders/png.c, which allowed attackers to cause a denial of service (bsc#1052470)
- CVE-2017-12676: Prevent memory leak in the function ReadOneJNGImage in
coders/png.c, which allowed attackers to cause a denial of service (bsc#1052708)
- CVE-2017-12673: Prevent memory leak in the function ReadOneMNGImage in
coders/png.c, which allowed attackers to cause a denial of service (bsc#1052717)
- CVE-2017-12671: Added NULL assignment in coders/png.c to prevent an invalid
free in the function RelinquishMagickMemory in MagickCore/memory.c, which
allowed attackers to cause a denial of service (bsc#1052721)
- CVE-2017-12643: Prevent a memory exhaustion vulnerability in ReadOneJNGImage
in coders\png.c (bsc#1052768)
- CVE-2017-12641: Prevent a memory leak vulnerability in ReadOneJNGImage in
coders\png.c (bsc#1052777)
- CVE-2017-12640: Prevent an out-of-bounds read vulnerability in
ReadOneMNGImage in coders/png.c (bsc#1052781)
- CVE-2017-12935: The ReadMNGImage function in coders/png.c mishandled large
MNG images, leading to an invalid memory read in the SetImageColorCallBack
function in magick/image.c (bsc#1054600)
- CVE-2017-13147: Prevent allocation failure in the function ReadMNGImage in
coders/png.c when a small MNG file has a MEND chunk with a large length value
(bsc#1055374)
- CVE-2017-13142: Added additional checks for short files to prevent a crafted
PNG file from triggering a crash (bsc#1055455)
- CVE-2017-13141: Prevent memory leak in ReadOnePNGImage in coders/png.c
(bsc#1055456)
- CVE-2017-14103: The ReadJNGImage and ReadOneJNGImage functions in
coders/png.c did not properly manage image pointers after certain error
conditions, which allowed remote attackers to conduct use-after-free attacks
via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call
(bsc#1057000)
- CVE-2017-14649: ReadOneJNGImage in coders/png.c did not properly validate JNG
data, leading to a denial of service (assertion failure in
magick/pixel_cache.c, and application crash) (bsc#1060162)
- CVE-2017-15218: Prevent memory leak in ReadOneJNGImage in coders/png.c
(bsc#1062752)
- CVE-2017-17504: Prevent heap-based buffer over-read via a crafted file in
Magick_png_read_raw_profile, related to ReadOneMNGImage (bsc#1072362)
- CVE-2017-17879: Prevent heap-based buffer over-read in ReadOneMNGImage in
coders/png.c, related to length calculation and caused by an off-by-one error
(bsc#1074125)
- CVE-2017-17914: Prevent crafted files to cause a large loop in
ReadOneMNGImage (bsc#1074185)
- CVE-2017-17884: Prevent memory leak in the function WriteOnePNGImage in
coders/png.c, which allowed attackers to cause a denial of service via a
crafted PNG image file (bsc#1074120)
- Prevent memory leak in svg.c, which allowed attackers to cause a denial of
service via a crafted SVG image file (bsc#1074120)
- Prevent small memory leak when processing PWP image files (bsc#1074309)
- CVE-2017-18029: Prevent memory leak in the function ReadMATImage which allowed
remote attackers to cause a denial of service via a crafted file (bsc#1076021)
- CVE-2017-18027: Prevent memory leak vulnerability in the function
ReadMATImage which allowed remote attackers to cause a denial of service via a
crafted file (bsc#1076051)
ModerateSUSE bug 1043353SUSE bug 1043354SUSE bug 1047908SUSE bug 1050037SUSE bug 1050072SUSE bug 1050098SUSE bug 1050100SUSE bug 1050635SUSE bug 1051442SUSE bug 1052470SUSE bug 1052708SUSE bug 1052717SUSE bug 1052721SUSE bug 1052768SUSE bug 1052777SUSE bug 1052781SUSE bug 1054600SUSE bug 1055374SUSE bug 1055455SUSE bug 1055456SUSE bug 1057000SUSE bug 1060162SUSE bug 1062752SUSE bug 1072362SUSE bug 1074120SUSE bug 1074125SUSE bug 1074185SUSE bug 1074309SUSE bug 1075939SUSE bug 1076021SUSE bug 1076051CVE-2017-10995 at SUSECVE-2017-10995 at NVDCVE-2017-11505 at SUSECVE-2017-11505 at NVDCVE-2017-11525 at SUSECVE-2017-11525 at NVDCVE-2017-11526 at SUSECVE-2017-11526 at NVDCVE-2017-11539 at SUSECVE-2017-11539 at NVDCVE-2017-11639 at SUSECVE-2017-11639 at NVDCVE-2017-11750 at SUSECVE-2017-11750 at NVDCVE-2017-12565 at SUSECVE-2017-12565 at NVDCVE-2017-12640 at SUSECVE-2017-12640 at NVDCVE-2017-12641 at SUSECVE-2017-12641 at NVDCVE-2017-12643 at SUSECVE-2017-12643 at NVDCVE-2017-12671 at SUSECVE-2017-12671 at NVDCVE-2017-12673 at SUSECVE-2017-12673 at NVDCVE-2017-12676 at SUSECVE-2017-12676 at NVDCVE-2017-12935 at SUSECVE-2017-12935 at NVDCVE-2017-13141 at SUSECVE-2017-13141 at NVDCVE-2017-13142 at SUSECVE-2017-13142 at NVDCVE-2017-13147 at SUSECVE-2017-13147 at NVDCVE-2017-14103 at SUSECVE-2017-14103 at NVDCVE-2017-14649 at SUSECVE-2017-14649 at NVDCVE-2017-15218 at SUSECVE-2017-15218 at NVDCVE-2017-17504 at SUSECVE-2017-17504 at NVDCVE-2017-17879 at SUSECVE-2017-17879 at NVDCVE-2017-17884 at SUSECVE-2017-17884 at NVDCVE-2017-17914 at SUSECVE-2017-17914 at NVDCVE-2017-18027 at SUSECVE-2017-18027 at NVDCVE-2017-18029 at SUSECVE-2017-18029 at NVDCVE-2017-9261 at SUSECVE-2017-9261 at NVDCVE-2017-9262 at SUSECVE-2017-9262 at NVDCVE-2018-5685 at SUSECVE-2018-5685 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2017-9407: In ImageMagick, the ReadPALMImage function in palm.c allowed attackers to cause a denial of service (memory leak) via a crafted file. (bsc#1042824)
- CVE-2017-11448: The ReadJPEGImage function in coders/jpeg.c in ImageMagick allowed remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file. (bsc#1049375)
- CVE-2017-11450: A remote denial of service in coders/jpeg.c was fixed (bsc#1049374)
- CVE-2017-11537: When ImageMagick processed a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in coders/palm.c, related to an incorrect bits-per-pixel calculation. (bsc#1050048)
- CVE-2017-12418: ImageMagick had memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c. (bsc#1052207)
- CVE-2017-12432: In ImageMagick, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allowed attackers to cause a denial of service. (bsc#1052254)
- CVE-2017-12654: The ReadPICTImage function in coders/pict.c in ImageMagick allowed attackers to cause a denial of service (memory leak) via a crafted file. (bsc#1052761)
- CVE-2017-12664: ImageMagick had a memory leak vulnerability in WritePALMImage in coders/palm.c. (bsc#1052750)
- CVE-2017-12665: ImageMagick had a memory leak vulnerability in WritePICTImage in coders/pict.c. (bsc#1052747)
- CVE-2017-12668: ImageMagick had a memory leak vulnerability in WritePCXImage in coders/pcx.c. (bsc#1052688)
- CVE-2017-13058: In ImageMagick, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allowed attackers to cause a denial of service via a crafted file. (bsc#1055069)
- CVE-2017-14224: A heap-based buffer overflow in WritePCXImage in coders/pcx.c could lead to denial of service or code execution. (bsc#1058009)
- CVE-2017-17885: In ImageMagick, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allowed attackers to cause a denial of service via a crafted PICT image file. (bsc#1074119)
- CVE-2017-18028: A memory exhaustion in the function ReadTIFFImage in coders/tiff.c was fixed. (bsc#1076182)
- CVE-2018-6405: In the ReadDCMImage function in coders/dcm.c in ImageMagick, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allowed remote attackers to cause a denial of service. (bsc#1078433)
- CVE-2017-12427: ProcessMSLScript coders/msl.c allowed remote attackers to cause a DoS (bsc#1052248)
- CVE-2017-12566: A memory leak in ReadMVGImage in coders/mvg.c, could have allowed attackers to cause DoS (bsc#1052472)
- CVE-2017-11638, CVE-2017-11642: A NULL pointer dereference in theWriteMAPImage() in coders/map.c was fixed which could lead to a crash (bsc#1050617)
- CVE-2017-13131: A memory leak vulnerability was found in thefunction ReadMIFFImage in coders/miff.c, which allowed attackers tocause a denial of service (memory consumption in NewL (bsc#1055229)
- CVE-2017-11166: In ReadXWDImage in coders\xwd.c a memoryleak could have caused memory exhaustion via a crafted length (bsc#1048110)
- CVE-2017-12674: A CPU exhaustion in ReadPDBImage in coders/pdb.c was fixed, which allowed attackers to cause DoS (bsc#1052711)
- CVE-2017-12429: A memory exhaustion flaw in ReadMIFFImage in coders/miff.c was fixed, which allowed attackers to cause DoS (bsc#1052251)
- CVE-2017-11637: A NULL pointer dereference in WritePCLImage() in coders/pcl.c was fixed which could lead to a crash (bsc#1050669)
ModerateSUSE bug 1042824SUSE bug 1048110SUSE bug 1049374SUSE bug 1049375SUSE bug 1050048SUSE bug 1050617SUSE bug 1050669SUSE bug 1052207SUSE bug 1052248SUSE bug 1052251SUSE bug 1052254SUSE bug 1052472SUSE bug 1052688SUSE bug 1052711SUSE bug 1052747SUSE bug 1052750SUSE bug 1052761SUSE bug 1055069SUSE bug 1055229SUSE bug 1058009SUSE bug 1074119SUSE bug 1076182SUSE bug 1078433CVE-2017-11166 at SUSECVE-2017-11166 at NVDCVE-2017-11448 at SUSECVE-2017-11448 at NVDCVE-2017-11450 at SUSECVE-2017-11450 at NVDCVE-2017-11537 at SUSECVE-2017-11537 at NVDCVE-2017-11637 at SUSECVE-2017-11637 at NVDCVE-2017-11638 at SUSECVE-2017-11638 at NVDCVE-2017-11642 at SUSECVE-2017-11642 at NVDCVE-2017-12418 at SUSECVE-2017-12418 at NVDCVE-2017-12427 at SUSECVE-2017-12427 at NVDCVE-2017-12429 at SUSECVE-2017-12429 at NVDCVE-2017-12432 at SUSECVE-2017-12432 at NVDCVE-2017-12566 at SUSECVE-2017-12566 at NVDCVE-2017-12654 at SUSECVE-2017-12654 at NVDCVE-2017-12664 at SUSECVE-2017-12664 at NVDCVE-2017-12665 at SUSECVE-2017-12665 at NVDCVE-2017-12668 at SUSECVE-2017-12668 at NVDCVE-2017-12674 at SUSECVE-2017-12674 at NVDCVE-2017-13058 at SUSECVE-2017-13058 at NVDCVE-2017-13131 at SUSECVE-2017-13131 at NVDCVE-2017-14224 at SUSECVE-2017-14224 at NVDCVE-2017-17885 at SUSECVE-2017-17885 at NVDCVE-2017-18028 at SUSECVE-2017-18028 at NVDCVE-2017-9407 at SUSECVE-2017-9407 at NVDCVE-2018-6405 at SUSECVE-2018-6405 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2017-9405: A memory leak in the ReadICONImage function was fixed that could lead to DoS via memory exhaustion (bsc#1042911)
- CVE-2017-11528: ReadDIBImage in coders/dib.c allows remote attackers to cause DoS via memory exhaustion (bsc#1050119)
- CVE-2017-11530: ReadEPTImage in coders/ept.c allows remote attackers to cause DoS via memory exhaustion (bsc#1050122)
- CVE-2017-11533: A information leak by 1 byte due to heap-based buffer over-read in the WriteUILImage() in coders/uil.c was fixed (bsc#1050132)
- CVE-2017-12663: A memory leak in WriteMAPImage in coders/map.c was fixed that could lead to a DoS via memory exhaustion (bsc#1052754)
- CVE-2017-17682: A large loop vulnerability was fixed in ExtractPostscript in coders/wpg.c, which allowed attackers to cause a denial of service (CPU exhaustion) (bsc#1072898)
ModerateSUSE bug 1042911SUSE bug 1050119SUSE bug 1050122SUSE bug 1050132SUSE bug 1052754SUSE bug 1072898CVE-2017-11528 at SUSECVE-2017-11528 at NVDCVE-2017-11530 at SUSECVE-2017-11530 at NVDCVE-2017-11533 at SUSECVE-2017-11533 at NVDCVE-2017-12663 at SUSECVE-2017-12663 at NVDCVE-2017-17682 at SUSECVE-2017-17682 at NVDCVE-2017-9405 at SUSECVE-2017-9405 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes several issues.
These security issues were fixed:
- CVE-2018-8804: The WriteEPTImage function allowed remote attackers to cause a
denial of service (double free and application crash) or possibly have
unspecified other impact via a crafted file (bsc#1086011)
- CVE-2017-11524: The WriteBlob function allowed remote attackers to cause a
denial of service (assertion failure and application exit) via a crafted file
(bsc#1050087)
- CVE-2017-18219: Prevent allocation failure in the function ReadOnePNGImage,
which allowed attackers to cause a denial of service via a crafted file that
triggers an attempt at a large png_pixels array allocation (bsc#1084060).
- CVE-2017-9500: Prevent assertion failure in the function
ResetImageProfileIterator, which allowed attackers to cause a denial of service
via a crafted file (bsc#1043290)
- CVE-2017-16353: Prevent memory information disclosure in the DescribeImage
function caused by a heap-based buffer over-read. The portion of the code
containing the vulnerability is responsible for printing the IPTC Profile
information contained in the image. This vulnerability can be triggered with a
specially crafted MIFF file. There is an out-of-bounds buffer dereference
because certain increments were never checked (bsc#1066170)
- CVE-2017-16352: Prevent a heap-based buffer overflow in the 'Display visual
image directory' feature of the DescribeImage() function. One possible way to
trigger the vulnerability is to run the identify command on a specially crafted
MIFF format file with the verbose flag (bsc#1066168)
- CVE-2017-14314: Prevent off-by-one error in the DrawImage function that
allowed remote attackers to cause a denial of service (DrawDashPolygon
heap-based buffer over-read and application crash) via a crafted file
(bsc#1058630)
- CVE-2017-13768: Prevent NULL pointer dereference in the IdentifyImage
function that allowed an attacker to perform denial of service by sending a
crafted image file (bsc#1056434)
- CVE-2017-14505: Fixed handling of NULL arrays, which allowed attackers to
perform Denial of Service (NULL pointer dereference and application crash in
AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image
File as input (bsc#1059735)
- CVE-2018-7443: The ReadTIFFImage function did not properly validate the
amount of image data in a file, which allowed remote attackers to cause a
denial of service (memory allocation failure in the AcquireMagickMemory
function in MagickCore/memory.c) (bsc#1082792)
- CVE-2017-15016: Prevent NULL pointer dereference vulnerability in
ReadEnhMetaFile allowing for denial of service (bsc#1082291)
- CVE-2017-15017: Prevent NULL pointer dereference vulnerability in
ReadOneMNGImage allowing for denial of service (bsc#1082283)
- CVE-2017-12692: The ReadVIFFImage function allowed remote attackers to cause
a denial of service (memory consumption) via a crafted VIFF file (bsc#1082362)
- CVE-2017-12693: The ReadBMPImage function allowed remote attackers to cause a
denial of service (memory consumption) via a crafted BMP file (bsc#1082348)
ModerateSUSE bug 1043290SUSE bug 1050087SUSE bug 1056434SUSE bug 1058630SUSE bug 1059735SUSE bug 1066168SUSE bug 1066170SUSE bug 1082283SUSE bug 1082291SUSE bug 1082348SUSE bug 1082362SUSE bug 1082792SUSE bug 1084060SUSE bug 1086011CVE-2017-11524 at SUSECVE-2017-11524 at NVDCVE-2017-12691 at SUSECVE-2017-12691 at NVDCVE-2017-12692 at SUSECVE-2017-12692 at NVDCVE-2017-12693 at SUSECVE-2017-12693 at NVDCVE-2017-13768 at SUSECVE-2017-13768 at NVDCVE-2017-14314 at SUSECVE-2017-14314 at NVDCVE-2017-14343 at SUSECVE-2017-14343 at NVDCVE-2017-14505 at SUSECVE-2017-14505 at NVDCVE-2017-15016 at SUSECVE-2017-15016 at NVDCVE-2017-15017 at SUSECVE-2017-15017 at NVDCVE-2017-16352 at SUSECVE-2017-16352 at NVDCVE-2017-16353 at SUSECVE-2017-16353 at NVDCVE-2017-18219 at SUSECVE-2017-18219 at NVDCVE-2017-9500 at SUSECVE-2017-9500 at NVDCVE-2018-7443 at SUSECVE-2018-7443 at NVDCVE-2018-8804 at SUSECVE-2018-8804 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
- security update (png.c)
* CVE-2018-9018: divide-by-zero in the ReadMNGImage function of coders/png.c.
Attackers could leverage this vulnerability to cause a crash and denial of service
via a crafted mng file. [bsc#1086773]
* CVE-2018-10177: there is an infinite loop in the ReadOneMNGImagefunction of the coders/png.c file. Remote attackers could leverage thisvulnerability to cause a denial of service (bsc#1089781)
- security update (wand)
* CVE-2017-18252: The MogrifyImageList function in MagickWand/mogrify.c could allow
attackers to cause a denial of service via a crafted file. [bsc#1087033]
- security update (gif.c)
* CVE-2017-18254: A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c,
which could lead to denial of service via a crafted file. [bsc#1087027]
- security update (core)
* CVE-2017-10928: a heap-based buffer over-read in the GetNextToken function in token.c
could allow attackers to obtain sensitive information from process memory or possibly have
unspecified other impact via a crafted SVG document that is mishandled in the
GetUserSpaceCoordinateValue function in coders/svg.c. [bsc#1047356]
- security update (pcd.c)
* CVE-2017-18251: A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c,
which could lead to a denial of service via a crafted file. [bsc#1087037]
- security update (gif.c)
* CVE-2017-18254: A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which could lead to denial of service via a crafted file. [bsc#1087027]
- security update (tiff.c)
* CVE-2018-8960: The ReadTIFFImage function in coders/tiff.c in ImageMagick memory allocation issue could lead to denial of service (bsc#1086782)
ModerateSUSE bug 1047356SUSE bug 1086773SUSE bug 1086782SUSE bug 1087027SUSE bug 1087033SUSE bug 1087037SUSE bug 1089781CVE-2017-1000476 at SUSECVE-2017-1000476 at NVDCVE-2017-10928 at SUSECVE-2017-10928 at NVDCVE-2017-18251 at SUSECVE-2017-18251 at NVDCVE-2017-18252 at SUSECVE-2017-18252 at NVDCVE-2017-18254 at SUSECVE-2017-18254 at NVDCVE-2018-10177 at SUSECVE-2018-10177 at NVDCVE-2018-8960 at SUSECVE-2018-8960 at NVDCVE-2018-9018 at SUSECVE-2018-9018 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2018-11251: Heap-based buffer over-read in ReadSUNImage in coders/sun.c,
which allows attackers to cause denial of service (bsc#1094237)
- CVE-2017-18271: Infinite loop in the function ReadMIFFImage in coders/miff.c,
which allows attackers to cause a denial of service (bsc#1094204)
- CVE-2017-13758: Heap-based buffer overflow in the TracePoint() in
MagickCore/draw.c, which allows attackers to cause a denial of
service(bsc#1056277)
- CVE-2018-10805: Fixed several memory leaks in rgb.c, cmyk.c, gray.c, and
ycbcr.c (bsc#1095812)
- CVE-2018-12600: The ReadDIBImage and WriteDIBImage functions allowed
attackers to cause an out of bounds write via a crafted file (bsc#1098545)
- CVE-2018-12599: The ReadBMPImage and WriteBMPImage fucntions allowed
attackers to cause an out of bounds write via a crafted file (bsc#1098546)
- CVE-2018-14434: Fixed a memory leak for a colormap in WriteMPCImage in coders/mpc.c (bsc#1102003)
- CVE-2018-14435: Fixed a memory leak in DecodeImage in coders/pcd.c (bsc#1102007)
- CVE-2018-14436: Fixed a memory leak in ReadMIFFImage in coders/miff.c (bsc#1102005)
- CVE-2018-14437: Fixed a memory leak in parse8BIM in coders/meta.c (bsc#1102004)
ModerateSUSE bug 1056277SUSE bug 1094204SUSE bug 1094237SUSE bug 1095812SUSE bug 1098545SUSE bug 1098546SUSE bug 1102003SUSE bug 1102004SUSE bug 1102005SUSE bug 1102007CVE-2017-13758 at SUSECVE-2017-13758 at NVDCVE-2017-18271 at SUSECVE-2017-18271 at NVDCVE-2018-10805 at SUSECVE-2018-10805 at NVDCVE-2018-11251 at SUSECVE-2018-11251 at NVDCVE-2018-12599 at SUSECVE-2018-12599 at NVDCVE-2018-12600 at SUSECVE-2018-12600 at NVDCVE-2018-14434 at SUSECVE-2018-14434 at NVDCVE-2018-14435 at SUSECVE-2018-14435 at NVDCVE-2018-14436 at SUSECVE-2018-14436 at NVDCVE-2018-14437 at SUSECVE-2018-14437 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
Security issue fixed:
- Hide PS, XPS and PDF coders into */vulnerable (bsc#1105592)
ImportantSUSE bug 1105592cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following security issue:
- CVE-2017-17934: Prevent memory leaks, related to MSLPopImage and
ProcessMSLScript, and associated with mishandling of MSLPushImage calls
(bsc#1074170).
- CVE-2018-16750: Prevent memory leak in the formatIPTCfromBuffer function
(bsc#1108283)
- CVE-2018-16749: Added missing NULL check in ReadOneJNGImage that allowed an
attacker to cause a denial of service (WriteBlob assertion failure and
application exit) via a crafted file (bsc#1108282)
- CVE-2018-16413: Prevent heap-based buffer over-read in the PushShortPixel
function leading to DoS (bsc#1106989).
- CVE-2018-16323: ReadXBMImage left data uninitialized when processing an XBM
file that has a negative pixel value. If the affected code was used as a
library loaded into a process that includes sensitive information, that
information sometimes can be leaked via the image data (bsc#1106855)
- CVE-2018-16642: The function InsertRow allowed remote attackers to cause a
denial of service via a crafted image file due to an out-of-bounds write
(bsc#1107616)
- CVE-2018-16643: The functions ReadDCMImage, ReadPWPImage, ReadCALSImage, and
ReadPICTImage did check the return value of the fputc function, which allowed
remote attackers to cause a denial of service via a crafted image file
(bsc#1107612)
- CVE-2018-16644: Added missing check for length in the functions ReadDCMImage
and ReadPICTImage, which allowed remote attackers to cause a denial of service
via a crafted image (bsc#1107609)
- CVE-2018-16645: Prevent excessive memory allocation issue in the functions
ReadBMPImage and ReadDIBImage, which allowed remote attackers to cause a denial
of service via a crafted image file (bsc#1107604)
- CVE-2018-18024: Fixed an infinite loop in the ReadBMPImage function of
the coders/bmp.c file. Remote attackers could leverage this vulnerability
to cause a denial of service via a crafted bmp file (bsc#1111069)
- CVE-2018-18016: Fixed a memory leak in WritePCXImage (bsc#1111072)
- CVE-2018-17965: Fixed a memory leak in WriteSGIImage (bsc#1110747)
- CVE-2018-17966: Fixed a memory leak in WritePDBImage (bsc#1110746)
ModerateSUSE bug 1074170SUSE bug 1106855SUSE bug 1106989SUSE bug 1107604SUSE bug 1107609SUSE bug 1107612SUSE bug 1107616SUSE bug 1108282SUSE bug 1108283SUSE bug 1110746SUSE bug 1110747SUSE bug 1111069SUSE bug 1111072CVE-2017-17934 at SUSECVE-2017-17934 at NVDCVE-2018-16323 at SUSECVE-2018-16323 at NVDCVE-2018-16413 at SUSECVE-2018-16413 at NVDCVE-2018-16642 at SUSECVE-2018-16642 at NVDCVE-2018-16643 at SUSECVE-2018-16643 at NVDCVE-2018-16644 at SUSECVE-2018-16644 at NVDCVE-2018-16645 at SUSECVE-2018-16645 at NVDCVE-2018-16749 at SUSECVE-2018-16749 at NVDCVE-2018-16750 at SUSECVE-2018-16750 at NVDCVE-2018-17965 at SUSECVE-2018-17965 at NVDCVE-2018-17966 at SUSECVE-2018-17966 at NVDCVE-2018-18016 at SUSECVE-2018-18016 at NVDCVE-2018-18024 at SUSECVE-2018-18024 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2017-14997: ImageMagick allowed remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c. (bsc#1112399)
- CVE-2018-16644: A regression in the security fix for the pict coder was fixed (bsc#1107609)
- CVE-2017-11532: When ImageMagick processed a crafted file in convert, it could lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c. (bsc#1050129)
- CVE-2017-11639: A regression in the security fix in the cip coder was fixed (bsc#1050635)
ModerateSUSE bug 1050129SUSE bug 1050635SUSE bug 1107609SUSE bug 1112399CVE-2017-11532 at SUSECVE-2017-11532 at NVDCVE-2017-11639 at SUSECVE-2017-11639 at NVDCVE-2017-14997 at SUSECVE-2017-14997 at NVDCVE-2018-16644 at SUSECVE-2018-16644 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2019-7175: Fixed multiple memory leaks in DecodeImage function (bsc#1128649).
- CVE-2018-18544: Fixed memory leak in the function WriteMSLImage (bsc#1113064).
- CVE-2018-20467: Fixed infinite loop in coders/bmp.c (bsc#1120381).
- CVE-2019-7397: Fixed a memory leak in the function WritePDFImage (bsc#1124366).
- CVE-2018-16413: Prevent heap-based buffer over-read in the PushShortPixel
function leading to DoS (bsc#1106989).
- CVE-2018-16412: Prevent heap-based buffer over-read in the ParseImageResourceBlocks
function leading to DOS (bsc#1106996).
- CVE-2019-7398: Fixed a memory leak in the function WriteDIBImage (bsc#1124365).
ModerateSUSE bug 1106989SUSE bug 1106996SUSE bug 1113064SUSE bug 1120381SUSE bug 1124365SUSE bug 1124366SUSE bug 1128649CVE-2018-16412 at SUSECVE-2018-16412 at NVDCVE-2018-16413 at SUSECVE-2018-16413 at NVDCVE-2018-18544 at SUSECVE-2018-18544 at NVDCVE-2018-20467 at SUSECVE-2018-20467 at NVDCVE-2019-7175 at SUSECVE-2019-7175 at NVDCVE-2019-7397 at SUSECVE-2019-7397 at NVDCVE-2019-7398 at SUSECVE-2019-7398 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2019-9956: Fixed a stack-based buffer overflow in PopHexPixel() (bsc#1130330).
- CVE-2019-10650: Fixed a heap-based buffer over-read in WriteTIFFImage() (bsc#1131317).
- CVE-2019-11007: Fixed a heap-based buffer overflow in ReadMNGImage() (bsc#1132060).
- CVE-2019-11009: Fixed a heap-based buffer over-read in ReadXWDImage() (bsc#1132053).
- CVE-2019-11472: Fixed a denial-of-service in ReadXWDImage() (bsc#1133204).
- CVE-2019-11470: Fixed a denial-of-service in ReadCINImage() (bsc#1133205).
- CVE-2019-11506: Fixed a heap-based buffer overflow in the WriteMATLABImage() (bsc#1133498).
- CVE-2019-11505: Fixed a heap-based buffer overflow in the WritePDBImage() (bsc#1133501).
ModerateSUSE bug 1130330SUSE bug 1131317SUSE bug 1132053SUSE bug 1132060SUSE bug 1133204SUSE bug 1133205SUSE bug 1133498SUSE bug 1133501CVE-2019-10650 at SUSECVE-2019-10650 at NVDCVE-2019-11007 at SUSECVE-2019-11007 at NVDCVE-2019-11009 at SUSECVE-2019-11009 at NVDCVE-2019-11470 at SUSECVE-2019-11470 at NVDCVE-2019-11472 at SUSECVE-2019-11472 at NVDCVE-2019-11505 at SUSECVE-2019-11505 at NVDCVE-2019-11506 at SUSECVE-2019-11506 at NVDCVE-2019-9956 at SUSECVE-2019-9956 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
Security issue fixed:
- CVE-2019-10131: Fixed a off-by-one read in formatIPTCfromBuffer function in coders/meta.c (bsc#1134075).
- CVE-2017-12805: Fixed a denial of service through memory exhaustion in ReadTIFFImage() (bsc#1135236).
- CVE-2019-11598: Fixed a heap-based buffer over-read in WritePNMImage() (bsc#1136732)
We also now disable PCL in the -SUSE configuration, as it also uses ghostscript for decoding (bsc#1136183)
LowSUSE bug 1134075SUSE bug 1135232SUSE bug 1135236SUSE bug 1136183SUSE bug 1136732CVE-2017-12805 at SUSECVE-2017-12805 at NVDCVE-2017-12806 at SUSECVE-2017-12806 at NVDCVE-2019-10131 at SUSECVE-2019-10131 at NVDCVE-2019-11598 at SUSECVE-2019-11598 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2019-11597: Fixed a heap-based buffer over-read in the WriteTIFFImage() (bsc#1138464).
- Fixed a file content disclosure via SVG and WMF decoding (bsc#1138425).
ModerateSUSE bug 1138425SUSE bug 1138464CVE-2019-11597 at SUSECVE-2019-11597 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2019-13301: Fixed a memory leak in AcquireMagickMemory() (bsc#1140554).
- CVE-2019-13311: Fixed a memory leak at AcquireMagickMemory because of a wand/mogrify.c error (bsc#1140513).
- CVE-2019-13454: Fixed a division by zero in RemoveDuplicateLayers in MagickCore/layer.c (bsc#1141171).
- CVE-2019-13295: Fixed a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140664).
- CVE-2019-13297: Fixed a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140666).
- CVE-2019-12979: Fixed the use of uninitialized values in SyncImageSettings() (bsc#1139886).
- CVE-2019-12975: Fixed a memory leak in the WriteDPXImage() in coders/dpx.c (bsc#1140106).
- CVE-2019-13135: Fixed the use of uninitialized values in ReadCUTImage() (bsc#1140103).
- CVE-2019-13133: Fixed a memory leak in the ReadBMPImage() (bsc#1140100).
- CVE-2019-13134: Fixed a memory leak in the ReadVIFFImage() (bsc#1140102).
- CVE-2019-12976: Fixed a memory leak in the ReadPCLImage() in coders/pcl.c(bsc#1140110).
ModerateSUSE bug 1139886SUSE bug 1140100SUSE bug 1140102SUSE bug 1140103SUSE bug 1140106SUSE bug 1140110SUSE bug 1140513SUSE bug 1140554SUSE bug 1140664SUSE bug 1140666SUSE bug 1141171CVE-2019-12975 at SUSECVE-2019-12975 at NVDCVE-2019-12976 at SUSECVE-2019-12976 at NVDCVE-2019-12979 at SUSECVE-2019-12979 at NVDCVE-2019-13133 at SUSECVE-2019-13133 at NVDCVE-2019-13134 at SUSECVE-2019-13134 at NVDCVE-2019-13135 at SUSECVE-2019-13135 at NVDCVE-2019-13295 at SUSECVE-2019-13295 at NVDCVE-2019-13297 at SUSECVE-2019-13297 at NVDCVE-2019-13301 at SUSECVE-2019-13301 at NVDCVE-2019-13311 at SUSECVE-2019-13311 at NVDCVE-2019-13454 at SUSECVE-2019-13454 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2019-15139: Fixed a denial-of-service vulnerability in ReadXWDImage. (bsc#1146213)
- CVE-2019-15140: Fixed a use-after-free bug in the Matlab image parser. (bsc#1146212)
- CVE-2019-15141: Fixed a divide-by-zero vulnerability in the MeanShiftImage function. (bsc#1146211)
- CVE-2019-14980: Fixed an application crash resulting from a heap-based buffer over-read in WriteTIFFImage. (bsc#1146068)
- CVE-2019-16708: Fixed a memory leak in magick/xwindow.c (bsc#1151781).
- CVE-2019-16709: Fixed a memory leak in coders/dps.c (bsc#1151782).
- CVE-2019-16710: Fixed a memory leak in coders/dot.c (bsc#1151783).
- CVE-2019-16713: Fixed a memory leak in coders/dot.c (bsc#1151786).
ModerateSUSE bug 1133204SUSE bug 1146068SUSE bug 1146211SUSE bug 1146212SUSE bug 1146213SUSE bug 1151781SUSE bug 1151782SUSE bug 1151783SUSE bug 1151786CVE-2019-11472 at SUSECVE-2019-11472 at NVDCVE-2019-14980 at SUSECVE-2019-14980 at NVDCVE-2019-15139 at SUSECVE-2019-15139 at NVDCVE-2019-15140 at SUSECVE-2019-15140 at NVDCVE-2019-15141 at SUSECVE-2019-15141 at NVDCVE-2019-16708 at SUSECVE-2019-16708 at NVDCVE-2019-16709 at SUSECVE-2019-16709 at NVDCVE-2019-16710 at SUSECVE-2019-16710 at NVDCVE-2019-16713 at SUSECVE-2019-16713 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2019-19948: Fixed a heap-based buffer overflow in WriteSGIImage() (bsc#1159861).
- CVE-2019-19949: Fixed a heap-based buffer over-read in WritePNGImage() (bsc#1160369).
ModerateSUSE bug 1159861SUSE bug 1160369CVE-2019-19948 at SUSECVE-2019-19948 at NVDCVE-2019-19949 at SUSECVE-2019-19949 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2017-11527: Fixed a denial of service in inReadDPXImage() (bsc#1047054).
ModerateSUSE bug 1047054CVE-2017-11527 at SUSECVE-2017-11527 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2020-27560: Fixed potential denial of service in OptimizeLayerFrames function in MagickCore/layer.c (bsc#1178067).
ModerateSUSE bug 1178067CVE-2020-27560 at SUSECVE-2020-27560 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2020-19667: Fixed a stack buffer overflow in XPM coder could result in a crash (bsc#1179103).
- CVE-2020-25664: Fixed a heap-based buffer overflow in PopShortPixel (bsc#1179202).
- CVE-2020-25666: Fixed an outside the range of representable values of type 'int' and signed integer overflow (bsc#1179212).
- CVE-2020-27751: Fixed an integer overflow in MagickCore/quantum-export.c (bsc#1179269).
- CVE-2020-27752: Fixed a heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h (bsc#1179346).
- CVE-2020-27753: Fixed memory leaks in AcquireMagickMemory function (bsc#1179397).
- CVE-2020-27754: Fixed an outside the range of representable values of type 'long' and signed integer overflow at MagickCore/quantize.c (bsc#1179336).
- CVE-2020-27755: Fixed memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c (bsc#1179345).
- CVE-2020-27757: Fixed an outside the range of representable values of type 'unsigned long long' at MagickCore/quantum-private.h (bsc#1179268).
- CVE-2020-27759: Fixed an outside the range of representable values of type 'int' at MagickCore/quantize.c (bsc#1179313).
- CVE-2020-27760: Fixed a division by zero at MagickCore/enhance.c (bsc#1179281).
- CVE-2020-27761: Fixed an outside the range of representable values of type 'unsigned long' at coders/palm.c (bsc#1179315).
- CVE-2020-27763: Fixed a division by zero at MagickCore/resize.c (bsc#1179312).
- CVE-2020-27765: Fixed a division by zero at MagickCore/segment.c (bsc#1179311).
- CVE-2020-27767: Fixed an outside the range of representable values of type 'float' at MagickCore/quantum.h (bsc#1179322).
- CVE-2020-27768: Fixed an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h (bsc#1179339).
- CVE-2020-27769: Fixed an outside the range of representable values of type 'float' at MagickCore/quantize.c (bsc#1179321).
- CVE-2020-27771: Fixed an outside the range of representable values of type 'unsigned char' at coders/pdf.c (bsc#1179327).
- CVE-2020-27772: Fixed an outside the range of representable values of type 'unsigned int' at coders/bmp.c (bsc#1179347).
- CVE-2020-27775: Fixed an outside the range of representable values of type 'unsigned char' at MagickCore/quantum.h (bsc#1179338).
ModerateSUSE bug 1179103SUSE bug 1179202SUSE bug 1179212SUSE bug 1179269SUSE bug 1179281SUSE bug 1179311SUSE bug 1179312SUSE bug 1179313SUSE bug 1179315SUSE bug 1179321SUSE bug 1179322SUSE bug 1179327SUSE bug 1179336SUSE bug 1179338SUSE bug 1179339SUSE bug 1179345SUSE bug 1179346SUSE bug 1179347SUSE bug 1179397CVE-2020-19667 at SUSECVE-2020-19667 at NVDCVE-2020-25664 at SUSECVE-2020-25664 at NVDCVE-2020-25666 at SUSECVE-2020-25666 at NVDCVE-2020-27751 at SUSECVE-2020-27751 at NVDCVE-2020-27752 at SUSECVE-2020-27752 at NVDCVE-2020-27753 at SUSECVE-2020-27753 at NVDCVE-2020-27754 at SUSECVE-2020-27754 at NVDCVE-2020-27755 at SUSECVE-2020-27755 at NVDCVE-2020-27759 at SUSECVE-2020-27759 at NVDCVE-2020-27760 at SUSECVE-2020-27760 at NVDCVE-2020-27761 at SUSECVE-2020-27761 at NVDCVE-2020-27763 at SUSECVE-2020-27763 at NVDCVE-2020-27765 at SUSECVE-2020-27765 at NVDCVE-2020-27767 at SUSECVE-2020-27767 at NVDCVE-2020-27768 at SUSECVE-2020-27768 at NVDCVE-2020-27769 at SUSECVE-2020-27769 at NVDCVE-2020-27771 at SUSECVE-2020-27771 at NVDCVE-2020-27772 at SUSECVE-2020-27772 at NVDCVE-2020-27775 at SUSECVE-2020-27775 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2021-20176: Fixed an issue where processing a crafted file could lead to division by zero (bsc#1181836).
- CVE-2020-25665: Fixed heap-based buffer overflow in WritePALMImage (bsc#1179208).
ModerateSUSE bug 1179208SUSE bug 1181836CVE-2020-25665 at SUSECVE-2020-25665 at NVDCVE-2021-20176 at SUSECVE-2021-20176 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2021-20243 [bsc#1182336]: Division by zero in GetResizeFilterWeight in MagickCore/resize.c
- CVE-2021-20244 [bsc#1182325]: Division by zero in ImplodeImage in MagickCore/visual-effects.c
- CVE-2021-20246 [bsc#1182337]: Division by zero in ScaleResampleFilter in MagickCore/resample.c
ModerateSUSE bug 1182325SUSE bug 1182336SUSE bug 1182337CVE-2021-20243 at SUSECVE-2021-20243 at NVDCVE-2021-20244 at SUSECVE-2021-20244 at NVDCVE-2021-20246 at SUSECVE-2021-20246 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2021-20309: Division by zero in WaveImage() of MagickCore/visual-effects. (bsc#1184624)
- CVE-2021-20312: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c (bsc#1184627)
- CVE-2021-20313: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signature.c (bsc#1184628)
ModerateSUSE bug 1184624SUSE bug 1184627SUSE bug 1184628CVE-2021-20309 at SUSECVE-2021-20309 at NVDCVE-2021-20312 at SUSECVE-2021-20312 at NVDCVE-2021-20313 at SUSECVE-2021-20313 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for LibVNCServer (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
LibVNCServer was updated to fix two security issues.
These security issues were fixed:
- CVE-2016-9941: Heap-based buffer overflow in rfbproto.c allowed remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area (bsc#1017711)
- CVE-2016-9942: Heap-based buffer overflow in ultra.c allowed remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions (bsc#1017712)
ImportantSUSE bug 1017711SUSE bug 1017712CVE-2016-9941 at SUSECVE-2016-9941 at NVDCVE-2016-9942 at SUSECVE-2016-9942 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for LibVNCServer (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for LibVNCServer fixes the following issues:
- CVE-2018-7225: Missing input sanitization inside rfbserver.c rfbProcessClientNormalMessage() (bsc#1081493).
ModerateSUSE bug 1081493CVE-2018-7225 at SUSECVE-2018-7225 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for LibVNCServer (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for LibVNCServer fixes the following issues:
Security issues fixed:
- CVE-2018-15126: Fixed use-after-free in file transfer extension (bsc#1120114)
- CVE-2018-6307: Fixed use-after-free in file transfer extension server code (bsc#1120115)
- CVE-2018-20020: Fixed heap out-of-bound write inside structure in VNC client code (bsc#1120116)
- CVE-2018-15127: Fixed heap out-of-bounds write in rfbserver.c (bsc#1120117)
- CVE-2018-20019: Fixed multiple heap out-of-bound writes in VNC client code (bsc#1120118)
- CVE-2018-20022: Fixed information disclosure through improper initialization in VNC client code (bsc#1120120)
- CVE-2018-20024: Fixed NULL pointer dereference in VNC client code (bsc#1120121)
- CVE-2018-20021: Fixed infinite loop in VNC client code (bsc#1120122)
ImportantSUSE bug 1120114SUSE bug 1120115SUSE bug 1120116SUSE bug 1120117SUSE bug 1120118SUSE bug 1120120SUSE bug 1120121SUSE bug 1120122CVE-2018-15126 at SUSECVE-2018-15126 at NVDCVE-2018-15127 at SUSECVE-2018-15127 at NVDCVE-2018-20019 at SUSECVE-2018-20019 at NVDCVE-2018-20020 at SUSECVE-2018-20020 at NVDCVE-2018-20021 at SUSECVE-2018-20021 at NVDCVE-2018-20022 at SUSECVE-2018-20022 at NVDCVE-2018-20024 at SUSECVE-2018-20024 at NVDCVE-2018-6307 at SUSECVE-2018-6307 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for LibVNCServer (Critical)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for LibVNCServer fixes the following issues:
Security issues fixed:
- CVE-2018-20749: Fixed a heap out of bounds write vulnerability in rfbserver.c (bsc#1123828)
- CVE-2018-20750: Fixed a heap out of bounds write vulnerability in rfbserver.c (bsc#1123832)
- CVE-2018-20748: Fixed multiple heap out-of-bound writes in VNC client code (bsc#1123823)
CriticalSUSE bug 1123823SUSE bug 1123828SUSE bug 1123832CVE-2018-20748 at SUSECVE-2018-20748 at NVDCVE-2018-20749 at SUSECVE-2018-20749 at NVDCVE-2018-20750 at SUSECVE-2018-20750 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for LibVNCServer (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for LibVNCServer fixes the following issues:
- CVE-2019-15690: Fixed a heap buffer overflow (bsc#1160471).
- CVE-2019-15681: Fixed a memory leak which could have allowed to a remote attacker to read stack memory (bsc#1155419).
- CVE-2019-20788: Fixed a integer overflow and heap-based buffer overflow via a large height or width value (bsc#1170441).
ImportantSUSE bug 1155419SUSE bug 1160471SUSE bug 1170441CVE-2019-15681 at SUSECVE-2019-15681 at NVDCVE-2019-15690 at SUSECVE-2019-15690 at NVDCVE-2019-20788 at SUSECVE-2019-20788 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for LibVNCServer (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for LibVNCServer fixes the following issues:
- security update
- added patches
fix CVE-2020-14398 [bsc#1173880], improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c
+ LibVNCServer-CVE-2020-14398.patch
fix CVE-2020-14397 [bsc#1173700], NULL pointer dereference in libvncserver/rfbregion.c
+ LibVNCServer-CVE-2020-14397.patch
fix CVE-2020-14399 [bsc#1173743], Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c.
+ LibVNCServer-CVE-2020-14399.patch
fix CVE-2020-14400 [bsc#1173691], Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c.
+ LibVNCServer-CVE-2020-14400.patch
fix CVE-2020-14401 [bsc#1173694], potential integer overflows in libvncserver/scale.c
+ LibVNCServer-CVE-2020-14401.patch
fix CVE-2020-14402 [bsc#1173701], out-of-bounds access via encodings.
+ LibVNCServer-CVE-2020-14402,14403,14404.patch
ImportantSUSE bug 1173691SUSE bug 1173694SUSE bug 1173700SUSE bug 1173701SUSE bug 1173743SUSE bug 1173880CVE-2020-14397 at SUSECVE-2020-14397 at NVDCVE-2020-14398 at SUSECVE-2020-14398 at NVDCVE-2020-14399 at SUSECVE-2020-14399 at NVDCVE-2020-14400 at SUSECVE-2020-14400 at NVDCVE-2020-14401 at SUSECVE-2020-14401 at NVDCVE-2020-14402 at SUSECVE-2020-14402 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for LibVNCServer (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for LibVNCServer fixes the following issues:
- CVE-2020-25708 [bsc#1178682], libvncserver/rfbserver.c has a divide by zero which could result in DoS
ImportantSUSE bug 1178682CVE-2020-25708 at SUSECVE-2020-25708 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MesaSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update of Mesa fixes multiple integer overflows.
Security Issue reference:
* CVE-2013-1993
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1993>
SUSE bug 724985SUSE bug 815451SUSE bug 821855CVE-2013-1993 at SUSECVE-2013-1993 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for Mesa (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for Mesa fixes the following issues:
Security issue fixed:
- CVE-2019-5068: Fixed exploitable shared memory permissions vulnerability (bsc#1156015).
ModerateSUSE bug 1156015CVE-2019-5068 at SUSECVE-2019-5068 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update to Firefox 17.0.9esr (bnc#840485) addresses:
* MFSA 2013-91 User-defined properties on DOM proxies get the wrong
'this' object
o (CVE-2013-1737)
* MFSA 2013-90 Memory corruption involving scrolling
o use-after-free in mozilla::layout::ScrollbarActivity
(CVE-2013-1735)
o Memory corruption in nsGfxScrollFrameInner::IsLTR()
(CVE-2013-1736)
* MFSA 2013-89 Buffer overflow with multi-column, lists, and floats
o buffer overflow at nsFloatManager::GetFlowArea() with multicol,
list, floats (CVE-2013-1732)
* MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes
o compartment mismatch in nsXBLBinding::DoInitJSClass
(CVE-2013-1730)
* MFSA 2013-83 Mozilla Updater does not lock MAR file after signature
verification
o MAR signature bypass in Updater could lead to downgrade
(CVE-2013-1726)
* MFSA 2013-82 Calling scope for new Javascript objects can lead to
memory corruption
o ABORT: bad scope for new JSObjects: ReparentWrapper /
document.open (CVE-2013-1725)
* MFSA 2013-79 Use-after-free in Animation Manager during stylesheet
cloning
o Heap-use-after-free in nsAnimationManager::BuildAnimations
(CVE-2013-1722)
* MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 /
rv:17.0.9)
o Memory safety bugs fixed in Firefox 17.0.9 and Firefox 24.0
(CVE-2013-1718)
* MFSA 2013-65 Buffer underflow when generating CRMF requests
o ASAN heap-buffer-overflow (read 1) in
cryptojs_interpret_key_gen_type (CVE-2013-1705)
Security Issue references:
* CVE-2013-1737
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1737>
* CVE-2013-1735
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1735>
* CVE-2013-1736
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1736>
* CVE-2013-1732
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1732>
* CVE-2013-1730
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1730>
* CVE-2013-1726
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1726>
* CVE-2013-1725
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1725>
* CVE-2013-1722
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1722>
* CVE-2013-1718
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1718>
* CVE-2013-1705
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1705>
SUSE bug 603356SUSE bug 622506SUSE bug 637303SUSE bug 645315SUSE bug 649492SUSE bug 657016SUSE bug 667155SUSE bug 680771SUSE bug 689281SUSE bug 701296SUSE bug 712224SUSE bug 720264SUSE bug 726096SUSE bug 728520SUSE bug 744625SUSE bug 744629SUSE bug 745017SUSE bug 746616SUSE bug 747320SUSE bug 747328SUSE bug 750044SUSE bug 765204SUSE bug 833389SUSE bug 840485SUSE bug 917597CVE-2008-5913 at SUSECVE-2008-5913 at NVDCVE-2010-0179 at SUSECVE-2010-0179 at NVDCVE-2010-0183 at SUSECVE-2010-0183 at NVDCVE-2010-0654 at SUSECVE-2010-0654 at NVDCVE-2010-1121 at SUSECVE-2010-1121 at NVDCVE-2010-1125 at SUSECVE-2010-1125 at NVDCVE-2010-1196 at SUSECVE-2010-1196 at NVDCVE-2010-1197 at SUSECVE-2010-1197 at NVDCVE-2010-1198 at SUSECVE-2010-1198 at NVDCVE-2010-1199 at SUSECVE-2010-1199 at NVDCVE-2010-1200 at SUSECVE-2010-1200 at NVDCVE-2010-1201 at SUSECVE-2010-1201 at NVDCVE-2010-1202 at SUSECVE-2010-1202 at NVDCVE-2010-1203 at SUSECVE-2010-1203 at NVDCVE-2010-1205 at SUSECVE-2010-1205 at NVDCVE-2010-1206 at SUSECVE-2010-1206 at NVDCVE-2010-1208 at SUSECVE-2010-1208 at NVDCVE-2010-1209 at SUSECVE-2010-1209 at NVDCVE-2010-1211 at SUSECVE-2010-1211 at NVDCVE-2010-1213 at SUSECVE-2010-1213 at NVDCVE-2010-1214 at SUSECVE-2010-1214 at NVDCVE-2010-1585 at SUSECVE-2010-1585 at NVDCVE-2010-2751 at SUSECVE-2010-2751 at NVDCVE-2010-2752 at SUSECVE-2010-2752 at NVDCVE-2010-2753 at SUSECVE-2010-2753 at NVDCVE-2010-2754 at SUSECVE-2010-2754 at NVDCVE-2010-2760 at SUSECVE-2010-2760 at NVDCVE-2010-2762 at SUSECVE-2010-2762 at NVDCVE-2010-2763 at SUSECVE-2010-2763 at NVDCVE-2010-2764 at SUSECVE-2010-2764 at NVDCVE-2010-2765 at SUSECVE-2010-2765 at NVDCVE-2010-2766 at SUSECVE-2010-2766 at NVDCVE-2010-2767 at SUSECVE-2010-2767 at NVDCVE-2010-2768 at SUSECVE-2010-2768 at NVDCVE-2010-2769 at SUSECVE-2010-2769 at NVDCVE-2010-2770 at SUSECVE-2010-2770 at NVDCVE-2010-3131 at SUSECVE-2010-3131 at NVDCVE-2010-3166 at SUSECVE-2010-3166 at NVDCVE-2010-3167 at SUSECVE-2010-3167 at NVDCVE-2010-3168 at SUSECVE-2010-3168 at NVDCVE-2010-3169 at SUSECVE-2010-3169 at NVDCVE-2010-3170 at SUSECVE-2010-3170 at NVDCVE-2010-3174 at SUSECVE-2010-3174 at NVDCVE-2010-3175 at SUSECVE-2010-3175 at NVDCVE-2010-3176 at SUSECVE-2010-3176 at NVDCVE-2010-3177 at SUSECVE-2010-3177 at NVDCVE-2010-3178 at SUSECVE-2010-3178 at NVDCVE-2010-3179 at SUSECVE-2010-3179 at NVDCVE-2010-3180 at SUSECVE-2010-3180 at NVDCVE-2010-3182 at SUSECVE-2010-3182 at NVDCVE-2010-3183 at SUSECVE-2010-3183 at NVDCVE-2010-3765 at SUSECVE-2010-3765 at NVDCVE-2010-3766 at SUSECVE-2010-3766 at NVDCVE-2010-3767 at SUSECVE-2010-3767 at NVDCVE-2010-3768 at SUSECVE-2010-3768 at NVDCVE-2010-3769 at SUSECVE-2010-3769 at NVDCVE-2010-3770 at SUSECVE-2010-3770 at NVDCVE-2010-3771 at SUSECVE-2010-3771 at NVDCVE-2010-3772 at SUSECVE-2010-3772 at NVDCVE-2010-3773 at SUSECVE-2010-3773 at NVDCVE-2010-3774 at SUSECVE-2010-3774 at NVDCVE-2010-3775 at SUSECVE-2010-3775 at NVDCVE-2010-3776 at SUSECVE-2010-3776 at NVDCVE-2010-3777 at SUSECVE-2010-3777 at NVDCVE-2010-3778 at SUSECVE-2010-3778 at NVDCVE-2011-0051 at SUSECVE-2011-0051 at NVDCVE-2011-0053 at SUSECVE-2011-0053 at NVDCVE-2011-0054 at SUSECVE-2011-0054 at NVDCVE-2011-0055 at SUSECVE-2011-0055 at NVDCVE-2011-0056 at SUSECVE-2011-0056 at NVDCVE-2011-0057 at SUSECVE-2011-0057 at NVDCVE-2011-0058 at SUSECVE-2011-0058 at NVDCVE-2011-0059 at SUSECVE-2011-0059 at NVDCVE-2011-0061 at SUSECVE-2011-0061 at NVDCVE-2011-0062 at SUSECVE-2011-0062 at NVDCVE-2011-0065 at SUSECVE-2011-0065 at NVDCVE-2011-0066 at SUSECVE-2011-0066 at NVDCVE-2011-0067 at SUSECVE-2011-0067 at NVDCVE-2011-0069 at SUSECVE-2011-0069 at NVDCVE-2011-0070 at SUSECVE-2011-0070 at NVDCVE-2011-0071 at SUSECVE-2011-0071 at NVDCVE-2011-0072 at SUSECVE-2011-0072 at NVDCVE-2011-0073 at SUSECVE-2011-0073 at NVDCVE-2011-0074 at SUSECVE-2011-0074 at NVDCVE-2011-0075 at SUSECVE-2011-0075 at NVDCVE-2011-0076 at SUSECVE-2011-0076 at NVDCVE-2011-0077 at SUSECVE-2011-0077 at NVDCVE-2011-0078 at SUSECVE-2011-0078 at NVDCVE-2011-0080 at SUSECVE-2011-0080 at NVDCVE-2011-0081 at SUSECVE-2011-0081 at NVDCVE-2011-0083 at SUSECVE-2011-0083 at NVDCVE-2011-0084 at SUSECVE-2011-0084 at NVDCVE-2011-0085 at SUSECVE-2011-0085 at NVDCVE-2011-1202 at SUSECVE-2011-1202 at NVDCVE-2011-2362 at SUSECVE-2011-2362 at NVDCVE-2011-2363 at SUSECVE-2011-2363 at NVDCVE-2011-2364 at SUSECVE-2011-2364 at NVDCVE-2011-2365 at SUSECVE-2011-2365 at NVDCVE-2011-2371 at SUSECVE-2011-2371 at NVDCVE-2011-2372 at SUSECVE-2011-2372 at NVDCVE-2011-2373 at SUSECVE-2011-2373 at NVDCVE-2011-2374 at SUSECVE-2011-2374 at NVDCVE-2011-2376 at SUSECVE-2011-2376 at NVDCVE-2011-2377 at SUSECVE-2011-2377 at NVDCVE-2011-2378 at SUSECVE-2011-2378 at NVDCVE-2011-2980 at SUSECVE-2011-2980 at NVDCVE-2011-2981 at SUSECVE-2011-2981 at NVDCVE-2011-2982 at SUSECVE-2011-2982 at NVDCVE-2011-2983 at SUSECVE-2011-2983 at NVDCVE-2011-2984 at SUSECVE-2011-2984 at NVDCVE-2011-2995 at SUSECVE-2011-2995 at NVDCVE-2011-2996 at SUSECVE-2011-2996 at NVDCVE-2011-2998 at SUSECVE-2011-2998 at NVDCVE-2011-2999 at SUSECVE-2011-2999 at NVDCVE-2011-3000 at SUSECVE-2011-3000 at NVDCVE-2011-3001 at SUSECVE-2011-3001 at NVDCVE-2011-3026 at SUSECVE-2011-3026 at NVDCVE-2011-3101 at SUSECVE-2011-3101 at NVDCVE-2011-3647 at SUSECVE-2011-3647 at NVDCVE-2011-3648 at SUSECVE-2011-3648 at NVDCVE-2011-3649 at SUSECVE-2011-3649 at NVDCVE-2011-3650 at SUSECVE-2011-3650 at NVDCVE-2011-3651 at SUSECVE-2011-3651 at NVDCVE-2011-3653 at SUSECVE-2011-3653 at NVDCVE-2011-3655 at SUSECVE-2011-3655 at NVDCVE-2012-0441 at SUSECVE-2012-0441 at NVDCVE-2012-0451 at SUSECVE-2012-0451 at NVDCVE-2012-0452 at SUSECVE-2012-0452 at NVDCVE-2012-0454 at SUSECVE-2012-0454 at NVDCVE-2012-0455 at SUSECVE-2012-0455 at NVDCVE-2012-0456 at SUSECVE-2012-0456 at NVDCVE-2012-0457 at SUSECVE-2012-0457 at NVDCVE-2012-0458 at SUSECVE-2012-0458 at NVDCVE-2012-0459 at SUSECVE-2012-0459 at NVDCVE-2012-0460 at SUSECVE-2012-0460 at NVDCVE-2012-0461 at SUSECVE-2012-0461 at NVDCVE-2012-0462 at SUSECVE-2012-0462 at NVDCVE-2012-0463 at SUSECVE-2012-0463 at NVDCVE-2012-0464 at SUSECVE-2012-0464 at NVDCVE-2012-1937 at SUSECVE-2012-1937 at NVDCVE-2012-1938 at SUSECVE-2012-1938 at NVDCVE-2012-1939 at SUSECVE-2012-1939 at NVDCVE-2012-1940 at SUSECVE-2012-1940 at NVDCVE-2012-1941 at SUSECVE-2012-1941 at NVDCVE-2012-1942 at SUSECVE-2012-1942 at NVDCVE-2012-1943 at SUSECVE-2012-1943 at NVDCVE-2012-1944 at SUSECVE-2012-1944 at NVDCVE-2012-1945 at SUSECVE-2012-1945 at NVDCVE-2012-1946 at SUSECVE-2012-1946 at NVDCVE-2012-1947 at SUSECVE-2012-1947 at NVDCVE-2013-1701 at SUSECVE-2013-1701 at NVDCVE-2013-1702 at SUSECVE-2013-1702 at NVDCVE-2013-1705 at SUSECVE-2013-1705 at NVDCVE-2013-1706 at SUSECVE-2013-1706 at NVDCVE-2013-1707 at SUSECVE-2013-1707 at NVDCVE-2013-1709 at SUSECVE-2013-1709 at NVDCVE-2013-1710 at SUSECVE-2013-1710 at NVDCVE-2013-1712 at SUSECVE-2013-1712 at NVDCVE-2013-1713 at SUSECVE-2013-1713 at NVDCVE-2013-1714 at SUSECVE-2013-1714 at NVDCVE-2013-1717 at SUSECVE-2013-1717 at NVDCVE-2013-1718 at SUSECVE-2013-1718 at NVDCVE-2013-1722 at SUSECVE-2013-1722 at NVDCVE-2013-1725 at SUSECVE-2013-1725 at NVDCVE-2013-1726 at SUSECVE-2013-1726 at NVDCVE-2013-1730 at SUSECVE-2013-1730 at NVDCVE-2013-1732 at SUSECVE-2013-1732 at NVDCVE-2013-1735 at SUSECVE-2013-1735 at NVDCVE-2013-1736 at SUSECVE-2013-1736 at NVDCVE-2013-1737 at SUSECVE-2013-1737 at NVDCVE-2015-0822 at SUSECVE-2015-0822 at NVDCVE-2015-0827 at SUSECVE-2015-0827 at NVDCVE-2015-0831 at SUSECVE-2015-0831 at NVDCVE-2015-0836 at SUSECVE-2015-0836 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
MozillaFirefox was updated to version 38.5.0 ESR.
It fixes the following security issues:
* MFSA 2015-134/CVE-2015-7201/CVE-2015-7202
Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)
* MFSA 2015-138/CVE-2015-7210
Use-after-free in WebRTC when datachannel is used after being
destroyed
* MFSA 2015-139/CVE-2015-7212
Integer overflow allocating extremely large textures
* MFSA 2015-145/CVE-2015-7205
Underflow through code inspection
* MFSA 2015-146/CVE-2015-7213
Integer overflow in MP4 playback in 64-bit versions
* MFSA 2015-147/CVE-2015-7222
Integer underflow and buffer overflow processing MP4 metadata
in libstagefright
* MFSA 2015-149/CVE-2015-7214
Cross-site reading attack through data and view-source URIs
ImportantSUSE bug 959277CVE-2015-7201 at SUSECVE-2015-7201 at NVDCVE-2015-7202 at SUSECVE-2015-7202 at NVDCVE-2015-7205 at SUSECVE-2015-7205 at NVDCVE-2015-7210 at SUSECVE-2015-7210 at NVDCVE-2015-7212 at SUSECVE-2015-7212 at NVDCVE-2015-7213 at SUSECVE-2015-7213 at NVDCVE-2015-7214 at SUSECVE-2015-7214 at NVDCVE-2015-7222 at SUSECVE-2015-7222 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update to MozillaFirefox 38.8.0 ESR fixes the following security issues (bsc#977333):
- CVE-2016-2805: Miscellaneous memory safety hazards - MFSA 2016-39 (bsc#977374)
- CVE-2016-2807: Miscellaneous memory safety hazards - MFSA 2016-39 (bsc#977376)
- CVE-2016-2808: Write to invalid HashMap entry through JavaScript.watch() - MFSA 2016-47 (bsc#977386)
- CVE-2016-2814: Buffer overflow in libstagefright with CENC offsets - MFSA 2016-44 (bsc#977381)
ModerateSUSE bug 977333SUSE bug 977374SUSE bug 977376SUSE bug 977381SUSE bug 977386CVE-2016-2805 at SUSECVE-2016-2805 at NVDCVE-2016-2807 at SUSECVE-2016-2807 at NVDCVE-2016-2808 at SUSECVE-2016-2808 at NVDCVE-2016-2814 at SUSECVE-2016-2814 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox, MozillaFirefox-branding-SLED, mozilla-nspr and mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nspr and mozilla-nss were updated to fix nine security issues.
MozillaFirefox was updated to version 45.3.0 ESR. mozilla-nss was updated to version 3.21.1, mozilla-nspr to version 4.12.
These security issues were fixed in 45.3.0ESR:
- CVE-2016-2835/CVE-2016-2836: Miscellaneous memory safety hazards (rv:48.0 / rv:45.3) (MFSA 2016-62)
- CVE-2016-2830: Favicon network connection can persist when page is closed (MFSA 2016-63)
- CVE-2016-2838: Buffer overflow rendering SVG with bidirectional content (MFSA 2016-64)
- CVE-2016-2839: Cairo rendering crash due to memory allocation issue with FFmpeg 0.10 (MFSA 2016-65)
- CVE-2016-5252: Stack underflow during 2D graphics rendering (MFSA 2016-67)
- CVE-2016-5254: Use-after-free when using alt key and toplevel menus (MFSA 2016-70)
- CVE-2016-5258: Use-after-free in DTLS during WebRTC session shutdown (MFSA 2016-72)
- CVE-2016-5259: Use-after-free in service workers with nested sync events (MFSA 2016-73)
- CVE-2016-5262: Scripts on marquee tag can execute in sandboxed iframes (MFSA 2016-76)
- CVE-2016-2837: Buffer overflow in ClearKey Content Decryption Module (CDM) during video playback (MFSA 2016-77)
- CVE-2016-5263: Type confusion in display transformation (MFSA 2016-78)
- CVE-2016-5264: Use-after-free when applying SVG effects (MFSA 2016-79)
- CVE-2016-5265: Same-origin policy violation using local HTML file and saved shortcut file (MFSA 2016-80)
- CVE-2016-6354: Fix for possible buffer overrun (bsc#990856)
Security issues fixed in 45.2.0.ESR:
- CVE-2016-2834: Memory safety bugs in NSS (MFSA 2016-61) (bsc#983639).
- CVE-2016-2824: Out-of-bounds write with WebGL shader (MFSA 2016-53) (bsc#983651).
- CVE-2016-2822: Addressbar spoofing though the SELECT element (MFSA 2016-52) (bsc#983652).
- CVE-2016-2821: Use-after-free deleting tables from a contenteditable document (MFSA 2016-51) (bsc#983653).
- CVE-2016-2819: Buffer overflow parsing HTML5 fragments (MFSA 2016-50) (bsc#983655).
- CVE-2016-2828: Use-after-free when textures are used in WebGL operations after recycle pool destruction (MFSA 2016-56) (bsc#983646).
- CVE-2016-2831: Entering fullscreen and persistent pointerlock without user permission (MFSA 2016-58) (bsc#983643).
- CVE-2016-2815, CVE-2016-2818: Miscellaneous memory safety hazards (MFSA 2016-49) (bsc#983638)
These non-security issues were fixed:
- Fix crashes on aarch64
* Determine page size at runtime (bsc#984006)
* Allow aarch64 to work in safe mode (bsc#985659)
- Fix crashes on mainframes
- Temporarily bind Firefox to the first CPU as a hotfix
for an apparent race condition (bsc#989196, bsc#990628)
All extensions must now be signed by addons.mozilla.org. Please read README.SUSE for more details.
ImportantSUSE bug 983549SUSE bug 983638SUSE bug 983639SUSE bug 983643SUSE bug 983646SUSE bug 983651SUSE bug 983652SUSE bug 983653SUSE bug 983655SUSE bug 984006SUSE bug 985659SUSE bug 989196SUSE bug 990628SUSE bug 990856SUSE bug 991809CVE-2016-2815 at SUSECVE-2016-2815 at NVDCVE-2016-2818 at SUSECVE-2016-2818 at NVDCVE-2016-2819 at SUSECVE-2016-2819 at NVDCVE-2016-2821 at SUSECVE-2016-2821 at NVDCVE-2016-2822 at SUSECVE-2016-2822 at NVDCVE-2016-2824 at SUSECVE-2016-2824 at NVDCVE-2016-2828 at SUSECVE-2016-2828 at NVDCVE-2016-2830 at SUSECVE-2016-2830 at NVDCVE-2016-2831 at SUSECVE-2016-2831 at NVDCVE-2016-2834 at SUSECVE-2016-2834 at NVDCVE-2016-2835 at SUSECVE-2016-2835 at NVDCVE-2016-2836 at SUSECVE-2016-2836 at NVDCVE-2016-2837 at SUSECVE-2016-2837 at NVDCVE-2016-2838 at SUSECVE-2016-2838 at NVDCVE-2016-2839 at SUSECVE-2016-2839 at NVDCVE-2016-5252 at SUSECVE-2016-5252 at NVDCVE-2016-5254 at SUSECVE-2016-5254 at NVDCVE-2016-5258 at SUSECVE-2016-5258 at NVDCVE-2016-5259 at SUSECVE-2016-5259 at NVDCVE-2016-5262 at SUSECVE-2016-5262 at NVDCVE-2016-5263 at SUSECVE-2016-5263 at NVDCVE-2016-5264 at SUSECVE-2016-5264 at NVDCVE-2016-5265 at SUSECVE-2016-5265 at NVDCVE-2016-6354 at SUSECVE-2016-6354 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
MozillaFirefox was updated to 45.4.0 ESR to fix the following issues (bsc#999701):
The following security issue were fixed:
* MFSA 2016-86/CVE-2016-5270: Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString
* MFSA 2016-86/CVE-2016-5272: Bad cast in nsImageGeometryMixin
* MFSA 2016-86/CVE-2016-5276: Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList
* MFSA 2016-86/CVE-2016-5274: use-after-free in nsFrameManager::CaptureFrameState
* MFSA 2016-86/CVE-2016-5277: Heap-use-after-free in nsRefreshDriver::Tick
* MFSA 2016-86/CVE-2016-5278: Heap-buffer-overflow in nsBMPEncoder::AddImageFrame
* MFSA 2016-86/CVE-2016-5280: Use-after-free in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap
* MFSA 2016-86/CVE-2016-5281: use-after-free in DOMSVGLength
* MFSA 2016-86/CVE-2016-5284: Add-on update site certificate pin expiration
* MFSA 2016-86/CVE-2016-5250: Resource Timing API is storing resources sent by the previous page
* MFSA 2016-86/CVE-2016-5261: Integer overflow and memory corruption in WebSocketChannel
* MFSA 2016-86/CVE-2016-5257: Various memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4
ImportantSUSE bug 999701CVE-2016-5250 at SUSECVE-2016-5250 at NVDCVE-2016-5257 at SUSECVE-2016-5257 at NVDCVE-2016-5261 at SUSECVE-2016-5261 at NVDCVE-2016-5270 at SUSECVE-2016-5270 at NVDCVE-2016-5272 at SUSECVE-2016-5272 at NVDCVE-2016-5274 at SUSECVE-2016-5274 at NVDCVE-2016-5276 at SUSECVE-2016-5276 at NVDCVE-2016-5277 at SUSECVE-2016-5277 at NVDCVE-2016-5278 at SUSECVE-2016-5278 at NVDCVE-2016-5280 at SUSECVE-2016-5280 at NVDCVE-2016-5281 at SUSECVE-2016-5281 at NVDCVE-2016-5284 at SUSECVE-2016-5284 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
MozillaFirefox 45 ESR was updated to 45.6 to fix the following issues:
* MFSA 2016-95/CVE-2016-9897: Memory corruption in libGLES
* MFSA 2016-95/CVE-2016-9901: Data from Pocket server improperly sanitized before execution
* MFSA 2016-95/CVE-2016-9898: Use-after-free in Editor while manipulating DOM subtrees
* MFSA 2016-95/CVE-2016-9899: Use-after-free while manipulating DOM events and audio elements
* MFSA 2016-95/CVE-2016-9904: Cross-origin information leak in shared atoms
* MFSA 2016-95/CVE-2016-9905: Crash in EnumerateSubDocuments
* MFSA 2016-95/CVE-2016-9895: CSP bypass using marquee tag
* MFSA 2016-95/CVE-2016-9900: Restricted external resources can be loaded by SVG images through data URLs
* MFSA 2016-95/CVE-2016-9893: Memory safety bugs fixed in Firefox 50.1 and Firefox ESR 45.6
* MFSA 2016-95/CVE-2016-9902: Pocket extension does not validate the origin of events
Please see https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/
for more information.
- Fix fontconfig issue (bsc#1000751) on 32bit systems as well.
ImportantSUSE bug 1000751SUSE bug 1015422CVE-2016-9893 at SUSECVE-2016-9893 at NVDCVE-2016-9895 at SUSECVE-2016-9895 at NVDCVE-2016-9897 at SUSECVE-2016-9897 at NVDCVE-2016-9898 at SUSECVE-2016-9898 at NVDCVE-2016-9899 at SUSECVE-2016-9899 at NVDCVE-2016-9900 at SUSECVE-2016-9900 at NVDCVE-2016-9901 at SUSECVE-2016-9901 at NVDCVE-2016-9902 at SUSECVE-2016-9902 at NVDCVE-2016-9904 at SUSECVE-2016-9904 at NVDCVE-2016-9905 at SUSECVE-2016-9905 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
MozillaFirefox 45 ESR was updated to 45.7 to fix the following issues (bsc#1021991):
* MFSA 2017-02/CVE-2017-5378: Pointer and frame data leakage of Javascript objects (bsc#1021818)
* MFSA 2017-02/CVE-2017-5396: Use-after-free with Media Decoder (bsc#1021821)
* MFSA 2017-02/CVE-2017-5386: WebExtensions can use data: protocol to affect other extensions (bsc#1021823)
* MFSA 2017-02/CVE-2017-5380: Potential use-after-free during DOM manipulations (bsc#1021819)
* MFSA 2017-02/CVE-2017-5390: Insecure communication methods in Developer Tools JSON viewer (bsc#1021820)
* MFSA 2017-02/CVE-2017-5373: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7 (bsc#1021824)
* MFSA 2017-02/CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP (bsc#1021814)
* MFSA 2017-02/CVE-2017-5376: Use-after-free in XSL (bsc#1021817)
* MFSA 2017-02/CVE-2017-5383: Location bar spoofing with unicode characters (bsc#1021822)
Please see https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/
for more information.
ImportantSUSE bug 1021814SUSE bug 1021817SUSE bug 1021818SUSE bug 1021819SUSE bug 1021820SUSE bug 1021821SUSE bug 1021822SUSE bug 1021823SUSE bug 1021824SUSE bug 1021991CVE-2017-5373 at SUSECVE-2017-5373 at NVDCVE-2017-5375 at SUSECVE-2017-5375 at NVDCVE-2017-5376 at SUSECVE-2017-5376 at NVDCVE-2017-5378 at SUSECVE-2017-5378 at NVDCVE-2017-5380 at SUSECVE-2017-5380 at NVDCVE-2017-5383 at SUSECVE-2017-5383 at NVDCVE-2017-5386 at SUSECVE-2017-5386 at NVDCVE-2017-5390 at SUSECVE-2017-5390 at NVDCVE-2017-5396 at SUSECVE-2017-5396 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox to ESR 45.8 fixes the following issues:
Security issues fixed (bsc#1028391):
- CVE-2017-5402: Use-after-free working with events in FontFace objects
- CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping
- CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
- CVE-2017-5401: Memory Corruption when handling ErrorResult
- CVE-2017-5407: Pixel and history stealing via floating-point timing side channel with SVG filters
- CVE-2017-5404: Use-after-free working with ranges in selections
- CVE-2017-5405: FTP response codes can cause use of uninitialized values for ports
- CVE-2017-5408: Cross-origin reading of video captions in violation of CORS
- CVE-2017-5409: File deletion via callback parameter in Mozilla Windows Updater and Maintenance Service
- CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8
Bugfixes:
- fix crashes on Itanium (bsc#1027527)
ImportantSUSE bug 1027527SUSE bug 1028391CVE-2017-5398 at SUSECVE-2017-5398 at NVDCVE-2017-5400 at SUSECVE-2017-5400 at NVDCVE-2017-5401 at SUSECVE-2017-5401 at NVDCVE-2017-5402 at SUSECVE-2017-5402 at NVDCVE-2017-5404 at SUSECVE-2017-5404 at NVDCVE-2017-5405 at SUSECVE-2017-5405 at NVDCVE-2017-5407 at SUSECVE-2017-5407 at NVDCVE-2017-5408 at SUSECVE-2017-5408 at NVDCVE-2017-5409 at SUSECVE-2017-5409 at NVDCVE-2017-5410 at SUSECVE-2017-5410 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox, mozilla-nss, mozilla-nspr (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla Firefox was updated to the Firefox ESR release 45.9.
Mozilla NSS was updated to support TLS 1.3 (close to release draft) and various new
ciphers, PRFs, Diffie Hellman key agreement and support for more hashes.
Security issues fixed in Firefox (bsc#1035082)
- MFSA 2017-11/CVE-2017-5469: Potential Buffer overflow in flex-generated code
- MFSA 2017-11/CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1
- MFSA 2017-11/CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing
- MFSA 2017-11/CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing
- MFSA 2017-11/CVE-2017-5437: Vulnerabilities in Libevent library
- MFSA 2017-11/CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2
- MFSA 2017-11/CVE-2017-5435: Use-after-free during transaction processing in the editor
- MFSA 2017-11/CVE-2017-5434: Use-after-free during focus handling
- MFSA 2017-11/CVE-2017-5433: Use-after-free in SMIL animation functions
- MFSA 2017-11/CVE-2017-5432: Use-after-free in text input selection
- MFSA 2017-11/CVE-2017-5464: Memory corruption with accessibility and DOM manipulation
- MFSA 2017-11/CVE-2017-5465: Out-of-bounds read in ConvolvePixel
- MFSA 2017-11/CVE-2017-5460: Use-after-free in frame selection
- MFSA 2017-11/CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor
- MFSA 2017-11/CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data
- MFSA 2017-11/CVE-2017-5447: Out-of-bounds read during glyph processing
- MFSA 2017-11/CVE-2017-5444: Buffer overflow while parsing application/http-index-format content
- MFSA 2017-11/CVE-2017-5445: Uninitialized values used while parsing application/http-index-format content
- MFSA 2017-11/CVE-2017-5442: Use-after-free during style changes
- MFSA 2017-11/CVE-2017-5443: Out-of-bounds write during BinHex decoding
- MFSA 2017-11/CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT processing
- MFSA 2017-11/CVE-2017-5441: Use-after-free with selection during scroll events
- MFSA 2017-11/CVE-2017-5459: Buffer overflow in WebGL
Mozilla NSS was updated to 3.29.5, bringing new features and fixing bugs:
- Update to NSS 3.29.5:
* MFSA 2017-11/CVE-2017-5461: Rare crashes in the base 64 decoder and encoder were fixed.
* MFSA 2017-11/CVE-2017-5462: A carry over bug in the RNG was fixed.
* CVE-2016-9574: Remote DoS during session handshake when using SessionTicket extention and ECDHE-ECDSA (bsc#1015499).
* requires NSPR >= 4.13.1
- Update to NSS 3.29.3
* enables TLS 1.3 by default
- Fixed a bug in hash computation (and build with
GCC 7 which complains about shifts of boolean values).
(bsc#1030071, bmo#1348767)
- Update to NSS 3.28.3
This is a patch release to fix binary compatibility issues.
- Update to NSS 3.28.1
This is a patch release to update the list of root CA certificates.
* The following CA certificates were Removed
CN = Buypass Class 2 CA 1
CN = Root CA Generalitat Valenciana
OU = RSA Security 2048 V3
* The following CA certificates were Added
OU = AC RAIZ FNMT-RCM
CN = Amazon Root CA 1
CN = Amazon Root CA 2
CN = Amazon Root CA 3
CN = Amazon Root CA 4
CN = LuxTrust Global Root 2
CN = Symantec Class 1 Public Primary Certification Authority - G4
CN = Symantec Class 1 Public Primary Certification Authority - G6
CN = Symantec Class 2 Public Primary Certification Authority - G4
CN = Symantec Class 2 Public Primary Certification Authority - G6
* The version number of the updated root CA list has been set to 2.11
- Update to NSS 3.28
New functionality:
* NSS includes support for TLS 1.3 draft -18. This includes a number
of improvements to TLS 1.3:
- The signed certificate timestamp, used in certificate
transparency, is supported in TLS 1.3.
- Key exporters for TLS 1.3 are supported. This includes the early
key exporter, which can be used if 0-RTT is enabled. Note that
there is a difference between TLS 1.3 and key exporters in older
versions of TLS. TLS 1.3 does not distinguish between an empty
context and no context.
- The TLS 1.3 (draft) protocol can be enabled, by defining
NSS_ENABLE_TLS_1_3=1 when building NSS.
- NSS includes support for the X25519 key exchange algorithm,
which is supported and enabled by default in all versions of TLS.
Notable Changes:
* NSS can no longer be compiled with support for additional elliptic curves.
This was previously possible by replacing certain NSS source files.
* NSS will now detect the presence of tokens that support additional
elliptic curves and enable those curves for use in TLS.
Note that this detection has a one-off performance cost, which can be
avoided by using the SSL_NamedGroupConfig function to limit supported
groups to those that NSS provides.
* PKCS#11 bypass for TLS is no longer supported and has been removed.
* Support for 'export' grade SSL/TLS cipher suites has been removed.
* NSS now uses the signature schemes definition in TLS 1.3.
This also affects TLS 1.2. NSS will now only generate signatures with the
combinations of hash and signature scheme that are defined in TLS 1.3,
even when negotiating TLS 1.2.
- This means that SHA-256 will only be used with P-256 ECDSA certificates,
SHA-384 with P-384 certificates, and SHA-512 with P-521 certificates.
SHA-1 is permitted (in TLS 1.2 only) with any certificate for backward
compatibility reasons.
- NSS will now no longer assume that default signature schemes are
supported by a peer if there was no commonly supported signature scheme.
* NSS will now check if RSA-PSS signing is supported by the token that holds
the private key prior to using it for TLS.
* The certificate validation code contains checks to no longer trust
certificates that are issued by old WoSign and StartCom CAs after
October 21, 2016. This is equivalent to the behavior that Mozilla will
release with Firefox 51.
- Update to NSS 3.27.2
* Fixed SSL_SetTrustAnchors leaks (bmo#1318561)
- raised the minimum softokn/freebl version to 3.28 as reported in (boo#1021636)
- Update to NSS 3.26.2
New Functionality:
* the selfserv test utility has been enhanced to support ALPN
(HTTP/1.1) and 0-RTT
* added support for the System-wide crypto policy available on
Fedora Linux see http://fedoraproject.org/wiki/Changes/CryptoPolicy
* introduced build flag NSS_DISABLE_LIBPKIX that allows compilation
of NSS without the libpkix library
Notable Changes:
* The following CA certificate was Added
CN = ISRG Root X1
* NPN is disabled and ALPN is enabled by default
* the NSS test suite now completes with the experimental TLS 1.3
code enabled
* several test improvements and additions, including a NIST known answer test
Changes in 3.26.2
* MD5 signature algorithms sent by the server in CertificateRequest
messages are now properly ignored. Previously, with rare server
configurations, an MD5 signature algorithm might have been selected
for client authentication and caused the client to abort the
connection soon after.
- Update to NSS 3.25
New functionality:
* Implemented DHE key agreement for TLS 1.3
* Added support for ChaCha with TLS 1.3
* Added support for TLS 1.2 ciphersuites that use SHA384 as the PRF
* In previous versions, when using client authentication with TLS 1.2,
NSS only supported certificate_verify messages that used the same
signature hash algorithm as used by the PRF. This limitation has
been removed.
Notable changes:
* An SSL socket can no longer be configured to allow both TLS 1.3 and SSLv3
* Regression fix: NSS no longer reports a failure if an application
attempts to disable the SSLv2 protocol.
* The list of trusted CA certificates has been updated to version 2.8
* The following CA certificate was Removed
Sonera Class1 CA
* The following CA certificates were Added
Hellenic Academic and Research Institutions RootCA 2015
Hellenic Academic and Research Institutions ECC RootCA 2015
Certplus Root CA G1
Certplus Root CA G2
OpenTrust Root CA G1
OpenTrust Root CA G2
OpenTrust Root CA G3
- Update to NSS 3.24
New functionality:
* NSS softoken has been updated with the latest National Institute
of Standards and Technology (NIST) guidance (as of 2015):
- Software integrity checks and POST functions are executed on
shared library load. These checks have been disabled by default,
as they can cause a performance regression. To enable these
checks, you must define symbol NSS_FORCE_FIPS when building NSS.
- Counter mode and Galois/Counter Mode (GCM) have checks to
prevent counter overflow.
- Additional CSPs are zeroed in the code.
- NSS softoken uses new guidance for how many Rabin-Miller tests
are needed to verify a prime based on prime size.
* NSS softoken has also been updated to allow NSS to run in FIPS
Level 1 (no password). This mode is triggered by setting the
database password to the empty string. In FIPS mode, you may move
from Level 1 to Level 2 (by setting an appropriate password),
but not the reverse.
* A SSL_ConfigServerCert function has been added for configuring
SSL/TLS server sockets with a certificate and private key. Use
this new function in place of SSL_ConfigSecureServer,
SSL_ConfigSecureServerWithCertChain, SSL_SetStapledOCSPResponses,
and SSL_SetSignedCertTimestamps. SSL_ConfigServerCert automatically
determines the certificate type from the certificate and private key.
The caller is no longer required to use SSLKEAType explicitly to
select a 'slot' into which the certificate is configured (which
incorrectly identifies a key agreement type rather than a certificate).
Separate functions for configuring Online Certificate Status Protocol
(OCSP) responses or Signed Certificate Timestamps are not needed,
since these can be added to the optional SSLExtraServerCertData struct
provided to SSL_ConfigServerCert. Also, partial support for RSA
Probabilistic Signature Scheme (RSA-PSS) certificates has been added.
Although these certificates can be configured, they will not be
used by NSS in this version.
* Deprecate the member attribute authAlgorithm of type SSLCipherSuiteInfo.
Instead, applications should use the newly added attribute authType.
* Add a shared library (libfreeblpriv3) on Linux platforms that
define FREEBL_LOWHASH.
* Remove most code related to SSL v2, including the ability to actively
send a SSLv2-compatible client hello. However, the server-side
implementation of the SSL/TLS protocol still supports processing
of received v2-compatible client hello messages.
* Disable (by default) NSS support in optimized builds for logging SSL/TLS
key material to a logfile if the SSLKEYLOGFILE environment variable
is set. To enable the functionality in optimized builds, you must define
the symbol NSS_ALLOW_SSLKEYLOGFILE when building NSS.
* Update NSS to protect it against the Cachebleed attack.
* Disable support for DTLS compression.
* Improve support for TLS 1.3. This includes support for DTLS 1.3.
Note that TLS 1.3 support is experimental and not suitable for
production use.
- Update to NSS 3.23
New functionality:
* ChaCha20/Poly1305 cipher and TLS cipher suites now supported
* Experimental-only support TLS 1.3 1-RTT mode (draft-11).
This code is not ready for production use.
Notable changes:
* The list of TLS extensions sent in the TLS handshake has been
reordered to increase compatibility of the Extended Master Secret
with with servers
* The build time environment variable NSS_ENABLE_ZLIB has been
renamed to NSS_SSL_ENABLE_ZLIB
* The build time environment variable NSS_DISABLE_CHACHAPOLY was
added, which can be used to prevent compilation of the
ChaCha20/Poly1305 code.
* The following CA certificates were Removed
- Staat der Nederlanden Root CA
- NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado
- NetLock Kozjegyzoi (Class A) Tanusitvanykiado
- NetLock Uzleti (Class B) Tanusitvanykiado
- NetLock Expressz (Class C) Tanusitvanykiado
- VeriSign Class 1 Public PCA - G2
- VeriSign Class 3 Public PCA
- VeriSign Class 3 Public PCA - G2
- CA Disig
* The following CA certificates were Added
+ SZAFIR ROOT CA2
+ Certum Trusted Network CA 2
* The following CA certificate had the Email trust bit turned on
+ Actalis Authentication Root CA
Security fixes:
* CVE-2016-2834: Memory safety bugs (boo#983639)
MFSA-2016-61 bmo#1206283 bmo#1221620 bmo#1241034 bmo#1241037
- Update to NSS 3.22.3
* Increase compatibility of TLS extended master secret,
don't send an empty TLS extension last in the handshake
(bmo#1243641)
* Fixed a heap-based buffer overflow related to the parsing of
certain ASN.1 structures. An attacker could create a specially-crafted
certificate which, when parsed by NSS, would cause a crash or
execution of arbitrary code with the permissions of the user.
(CVE-2016-1950, bmo#1245528)
- Update to NSS 3.22.2
New functionality:
* RSA-PSS signatures are now supported (bmo#1215295)
* Pseudorandom functions based on hashes other than SHA-1 are now supported
* Enforce an External Policy on NSS from a config file (bmo#1009429)
- CVE-2016-8635: Fix for DH small subgroup confinement attack (bsc#1015547)
Mozilla NSPR was updated to version 4.13.1:
The previously released version 4.13 had changed pipes to be
nonblocking by default, and as a consequence, PollEvent was
changed to not block on clear.
The NSPR development team received reports that these changes
caused regressions in some applications that use NSPR, and it
has been decided to revert the changes made in NSPR 4.13.
NSPR 4.13.1 restores the traditional behavior of pipes and
PollEvent.
Mozilla NSPR update to version 4.13 had these changes:
- PL_strcmp (and others) were fixed to return consistent results
when one of the arguments is NULL.
- PollEvent was fixed to not block on clear.
- Pipes are always nonblocking.
- PR_GetNameForIdentity: added thread safety lock and bound checks.
- Removed the PLArena freelist.
- Avoid some integer overflows.
- fixed several comments.
ImportantSUSE bug 1015499SUSE bug 1015547SUSE bug 1021636SUSE bug 1030071SUSE bug 1035082SUSE bug 983639CVE-2016-1950 at SUSECVE-2016-1950 at NVDCVE-2016-2834 at SUSECVE-2016-2834 at NVDCVE-2016-8635 at SUSECVE-2016-8635 at NVDCVE-2016-9574 at SUSECVE-2016-9574 at NVDCVE-2017-5429 at SUSECVE-2017-5429 at NVDCVE-2017-5432 at SUSECVE-2017-5432 at NVDCVE-2017-5433 at SUSECVE-2017-5433 at NVDCVE-2017-5434 at SUSECVE-2017-5434 at NVDCVE-2017-5435 at SUSECVE-2017-5435 at NVDCVE-2017-5436 at SUSECVE-2017-5436 at NVDCVE-2017-5437 at SUSECVE-2017-5437 at NVDCVE-2017-5438 at SUSECVE-2017-5438 at NVDCVE-2017-5439 at SUSECVE-2017-5439 at NVDCVE-2017-5440 at SUSECVE-2017-5440 at NVDCVE-2017-5441 at SUSECVE-2017-5441 at NVDCVE-2017-5442 at SUSECVE-2017-5442 at NVDCVE-2017-5443 at SUSECVE-2017-5443 at NVDCVE-2017-5444 at SUSECVE-2017-5444 at NVDCVE-2017-5445 at SUSECVE-2017-5445 at NVDCVE-2017-5446 at SUSECVE-2017-5446 at NVDCVE-2017-5447 at SUSECVE-2017-5447 at NVDCVE-2017-5448 at SUSECVE-2017-5448 at NVDCVE-2017-5459 at SUSECVE-2017-5459 at NVDCVE-2017-5460 at SUSECVE-2017-5460 at NVDCVE-2017-5461 at SUSECVE-2017-5461 at NVDCVE-2017-5462 at SUSECVE-2017-5462 at NVDCVE-2017-5464 at SUSECVE-2017-5464 at NVDCVE-2017-5465 at SUSECVE-2017-5465 at NVDCVE-2017-5469 at SUSECVE-2017-5469 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox to version 52.3 ESR fixes several issues.
These security issues were fixed:
- CVE-2017-7807: Domain hijacking through AppCache fallback (bsc#1052829)
- CVE-2017-7791: Spoofing following page navigation with data: protocol and modal alerts (bsc#1052829)
- CVE-2017-7792: Buffer overflow viewing certificates with an extremely long OID (bsc#1052829)
- CVE-2017-7782: WindowsDllDetourPatcher allocates memory without DEP protections (bsc#1052829)
- CVE-2017-7787: Same-origin policy bypass with iframes through page reloads (bsc#1052829)
- CVE-2017-7786: Buffer overflow while painting non-displayable SVG (bsc#1052829)
- CVE-2017-7785: Buffer overflow manipulating ARIA attributes in DOM (bsc#1052829)
- CVE-2017-7784: Use-after-free with image observers (bsc#1052829)
- CVE-2017-7753: Out-of-bounds read with cached style data and pseudo-elements (bsc#1052829)
- CVE-2017-7798: XUL injection in the style editor in devtools (bsc#1052829)
- CVE-2017-7804: Memory protection bypass through WindowsDllDetourPatcher (bsc#1052829)
- CVE-2017-7779: Various memory safety bugs (bsc#1052829)
- CVE-2017-7800: Use-after-free in WebSockets during disconnection (bsc#1052829)
- CVE-2017-7801: Use-after-free with marquee during window resizing (bsc#1052829)
- CVE-2017-7802: Use-after-free resizing image elements (bsc#1052829)
- CVE-2017-7803: CSP containing 'sandbox' improperly applied (bsc#1052829)
This non-security issue was fixed:
- bsc#1031485: Prevent firefox from hanging after a while in FUTEX_WAIT_PRIVATE if cgroups are enabled
ImportantSUSE bug 1031485SUSE bug 1052829SUSE bug 930392SUSE bug 930496SUSE bug 935510SUSE bug 939460SUSE bug 945842SUSE bug 953831SUSE bug 954002SUSE bug 955382SUSE bug 962765SUSE bug 964468SUSE bug 966220SUSE bug 968771CVE-2015-5276 at SUSECVE-2015-5276 at NVDCVE-2017-7753 at SUSECVE-2017-7753 at NVDCVE-2017-7779 at SUSECVE-2017-7779 at NVDCVE-2017-7782 at SUSECVE-2017-7782 at NVDCVE-2017-7784 at SUSECVE-2017-7784 at NVDCVE-2017-7785 at SUSECVE-2017-7785 at NVDCVE-2017-7786 at SUSECVE-2017-7786 at NVDCVE-2017-7787 at SUSECVE-2017-7787 at NVDCVE-2017-7791 at SUSECVE-2017-7791 at NVDCVE-2017-7792 at SUSECVE-2017-7792 at NVDCVE-2017-7798 at SUSECVE-2017-7798 at NVDCVE-2017-7800 at SUSECVE-2017-7800 at NVDCVE-2017-7801 at SUSECVE-2017-7801 at NVDCVE-2017-7802 at SUSECVE-2017-7802 at NVDCVE-2017-7803 at SUSECVE-2017-7803 at NVDCVE-2017-7804 at SUSECVE-2017-7804 at NVDCVE-2017-7807 at SUSECVE-2017-7807 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox ESR 52.5 fixes the following issues:
Security issues fixed:
- CVE-2017-7826: Memory safety bugs fixed (bsc#1068101).
- CVE-2017-7828: Use-after-free of PressShell while restyling layout (bsc#1068101).
- CVE-2017-7830: Cross-origin URL information leak through Resource Timing API (bsc#1068101).
Mozilla Foundation Security Advisory (MFSA 2017-25):
- https://www.mozilla.org/en-US/security/advisories/mfsa2017-25/
ImportantSUSE bug 1068101CVE-2017-7826 at SUSECVE-2017-7826 at NVDCVE-2017-7828 at SUSECVE-2017-7828 at NVDCVE-2017-7830 at SUSECVE-2017-7830 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox to version ESR 52.6 fixes several issues.
These security issues were fixed:
- CVE-2018-5091: Use-after-free with DTMF timers (bsc#1077291).
- CVE-2018-5095: Integer overflow in Skia library during edge builder allocation (bsc#1077291).
- CVE-2018-5096: Use-after-free while editing form elements (bsc#1077291).
- CVE-2018-5097: Use-after-free when source document is manipulated during XSLT (bsc#1077291).
- CVE-2018-5098: Use-after-free while manipulating form input elements (bsc#1077291).
- CVE-2018-5099: Use-after-free with widget listener (bsc#1077291).
- CVE-2018-5102: Use-after-free in HTML media elements (bsc#1077291).
- CVE-2018-5103: Use-after-free during mouse event handling (bsc#1077291).
- CVE-2018-5104: Use-after-free during font face manipulation (bsc#1077291).
- CVE-2018-5117: URL spoofing with right-to-left text aligned left-to-right (bsc#1077291).
- CVE-2018-5089: Various memory safety bugs (bsc#1077291).
ImportantSUSE bug 1077291CVE-2018-5089 at SUSECVE-2018-5089 at NVDCVE-2018-5091 at SUSECVE-2018-5091 at NVDCVE-2018-5095 at SUSECVE-2018-5095 at NVDCVE-2018-5096 at SUSECVE-2018-5096 at NVDCVE-2018-5097 at SUSECVE-2018-5097 at NVDCVE-2018-5098 at SUSECVE-2018-5098 at NVDCVE-2018-5099 at SUSECVE-2018-5099 at NVDCVE-2018-5102 at SUSECVE-2018-5102 at NVDCVE-2018-5103 at SUSECVE-2018-5103 at NVDCVE-2018-5104 at SUSECVE-2018-5104 at NVDCVE-2018-5117 at SUSECVE-2018-5117 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
Security issues fixed in Firefox ESR 52.7.2 (bsc#1085130):
- CVE-2018-5125: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7
- CVE-2018-5127: Buffer overflow manipulating SVG animatedPathSegList
- CVE-2018-5129: Out-of-bounds write with malformed IPC messages
- CVE-2018-5130: Mismatched RTP payload type can trigger memory corruption
- CVE-2018-5131: Fetch API improperly returns cached copies of no-store/no-cache resources
- CVE-2018-5144: Integer overflow during Unicode conversion
- CVE-2018-5145: Memory safety bugs fixed in Firefox ESR 52.7
- CVE-2018-5146: Out of bounds memory write in libvorbis (bsc#1085671)
- CVE-2018-5147: Out of bounds memory write in libtremor (bsc#1085671)
- CVE-2018-5148: Use-after-free in compositor (MFSA 2018-10) (bsc#1087059)
ModerateSUSE bug 1085130SUSE bug 1085671SUSE bug 1087059CVE-2018-5125 at SUSECVE-2018-5125 at NVDCVE-2018-5127 at SUSECVE-2018-5127 at NVDCVE-2018-5129 at SUSECVE-2018-5129 at NVDCVE-2018-5130 at SUSECVE-2018-5130 at NVDCVE-2018-5131 at SUSECVE-2018-5131 at NVDCVE-2018-5144 at SUSECVE-2018-5144 at NVDCVE-2018-5145 at SUSECVE-2018-5145 at NVDCVE-2018-5146 at SUSECVE-2018-5146 at NVDCVE-2018-5147 at SUSECVE-2018-5147 at NVDCVE-2018-5148 at SUSECVE-2018-5148 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox to ESR 52.8 fixes the following issues:
Update to Firefox ESR 52.8 (bsc#1092548)
Security issues fixed:
- MFSA 2018-12/CVE-2018-5159: Integer overflow and out-of-bounds write in Skia
- MFSA 2018-12/CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer
- MFSA 2018-12/CVE-2018-5168: Lightweight themes can be installed without user interaction
- MFSA 2018-12/CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8
- MFSA 2018-12/CVE-2018-5155: Use-after-free with SVG animations and text paths
- MFSA 2018-12/CVE-2018-5183: Backport critical security fixes in Skia
- MFSA 2018-12/CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files
- MFSA 2018-12/CVE-2018-5154: Use-after-free with SVG animations and clip paths
- MFSA 2018-12/CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension
ImportantSUSE bug 1092548CVE-2018-5150 at SUSECVE-2018-5150 at NVDCVE-2018-5154 at SUSECVE-2018-5154 at NVDCVE-2018-5155 at SUSECVE-2018-5155 at NVDCVE-2018-5157 at SUSECVE-2018-5157 at NVDCVE-2018-5158 at SUSECVE-2018-5158 at NVDCVE-2018-5159 at SUSECVE-2018-5159 at NVDCVE-2018-5168 at SUSECVE-2018-5168 at NVDCVE-2018-5174 at SUSECVE-2018-5174 at NVDCVE-2018-5178 at SUSECVE-2018-5178 at NVDCVE-2018-5183 at SUSECVE-2018-5183 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following security issue:
- CVE-2018-6126: Prevent heap buffer overflow in rasterizing paths in SVG with Skia (bsc#1096449).
ImportantSUSE bug 1096449CVE-2018-6126 at SUSECVE-2018-6126 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox to version ESR 52.9 fixes the following issues:
- CVE-2018-5188: Various memory safety bugs (bsc#1098998)
- CVE-2018-12368: No warning when opening executable SettingContent-ms files
- CVE-2018-12366: Invalid data handling during QCMS transformations
- CVE-2018-12365: Compromised IPC child process can list local filenames
- CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins
- CVE-2018-12363: Use-after-free when appending DOM nodes
- CVE-2018-12362: Integer overflow in SSSE3 scaler
- CVE-2018-12360: Use-after-free when using focus()
- CVE-2018-5156: Media recorder segmentation fault when track type is changed during capture
- CVE-2018-12359: Buffer overflow using computed size of canvas element
ImportantSUSE bug 1098998CVE-2018-12359 at SUSECVE-2018-12359 at NVDCVE-2018-12360 at SUSECVE-2018-12360 at NVDCVE-2018-12362 at SUSECVE-2018-12362 at NVDCVE-2018-12363 at SUSECVE-2018-12363 at NVDCVE-2018-12364 at SUSECVE-2018-12364 at NVDCVE-2018-12365 at SUSECVE-2018-12365 at NVDCVE-2018-12366 at SUSECVE-2018-12366 at NVDCVE-2018-12368 at SUSECVE-2018-12368 at NVDCVE-2018-5156 at SUSECVE-2018-5156 at NVDCVE-2018-5188 at SUSECVE-2018-5188 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox to version ESR 60.8 fixes the following issues:
Security issues fixed:
- CVE-2019-9811: Sandbox escape via installation of malicious language pack (bsc#1140868).
- CVE-2019-11711: Script injection within domain through inner window reuse (bsc#1140868).
- CVE-2019-11712: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects (bsc#1140868).
- CVE-2019-11713: Use-after-free with HTTP/2 cached stream (bsc#1140868).
- CVE-2019-11729: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (bsc#1140868).
- CVE-2019-11715: HTML parsing error can contribute to content XSS (bsc#1140868).
- CVE-2019-11717: Caret character improperly escaped in origins (bsc#1140868).
- CVE-2019-11719: Out-of-bounds read when importing curve25519 private key (bsc#1140868).
- CVE-2019-11730: Same-origin policy treats all files in a directory as having the same-origin (bsc#1140868).
- CVE-2019-11709: Multiple Memory safety bugs fixed (bsc#1140868).
- CVE-2019-11708: Fix sandbox escape using Prompt:Open (bsc#1138872).
- CVE-2019-11707: Fixed a type confusion vulnerability in Arrary.pop (bsc#1138614)
Non-security issues fixed:
- Fix broken language plugins (bsc#1137792)
ImportantSUSE bug 1137792SUSE bug 1138614SUSE bug 1138872SUSE bug 1140868CVE-2019-11707 at SUSECVE-2019-11707 at NVDCVE-2019-11708 at SUSECVE-2019-11708 at NVDCVE-2019-11709 at SUSECVE-2019-11709 at NVDCVE-2019-11711 at SUSECVE-2019-11711 at NVDCVE-2019-11712 at SUSECVE-2019-11712 at NVDCVE-2019-11713 at SUSECVE-2019-11713 at NVDCVE-2019-11715 at SUSECVE-2019-11715 at NVDCVE-2019-11717 at SUSECVE-2019-11717 at NVDCVE-2019-11719 at SUSECVE-2019-11719 at NVDCVE-2019-11729 at SUSECVE-2019-11729 at NVDCVE-2019-11730 at SUSECVE-2019-11730 at NVDCVE-2019-9811 at SUSECVE-2019-9811 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues:
Update Firefox Extended Support Release to 68.3.0 ESR (MFSA 2019-37 / bsc#1158328)
Security issues fixed:
- CVE-2019-17008: Use-after-free in worker destruction (bmo#1546331).
- CVE-2019-13722: Stack corruption due to incorrect number of arguments in WebRTC code (bmo#1580156).
- CVE-2019-11745: Out of bounds write in NSS when encrypting with a block cipher (bmo#1586176).
- CVE-2019-17009: Updater temporary files accessible to unprivileged processes (bmo#1510494).
- CVE-2019-17010: Use-after-free when performing device orientation checks (bmo#1581084).
- CVE-2019-17005: Buffer overflow in plain text serializer (bmo#1584170).
- CVE-2019-17011: Use-after-free when retrieving a document in antitracking (bmo#1591334).
- CVE-2019-17012: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209, bmo#1580288, bmo#1585760, bmo#1592502).
Update mozilla-nss to version 3.47.1 (bsc#1158527):
Security issues fixed:
- CVE-2019-11745: EncryptUpdate should use maxout, not block size.
Bug fixes:
- Fix a crash that could be caused by client certificates during startup (bmo#1590495, bsc#1158527)
- Fix compile-time warnings from uninitialized variables in a perl script (bmo#1589810)
- Support AES HW acceleration on ARMv8 (bmo#1152625)
- Allow per-socket run-time ordering of the cipher suites presented in ClientHello (bmo#1267894)
- Add CMAC to FreeBL and PKCS #11 libraries (bmo#1570501)
- Remove arbitrary HKDF output limit by allocating space as needed (bmo#1577953)
Update mozilla-nspr to version 4.23:
Bug fixes:
- fixed a build failure that was introduced in 4.22
- correctness fix for Win64 socket polling
- whitespace in C files was cleaned up and no longer uses tab characters for indenting
- added support for the ARC architecture
- removed support for the following platforms: OSF1/Tru64, DGUX, IRIX, Symbian, BeOS
- correctness and build fixes
ImportantSUSE bug 1158328SUSE bug 1158527CVE-2019-11745 at SUSECVE-2019-11745 at NVDCVE-2019-13722 at SUSECVE-2019-13722 at NVDCVE-2019-17005 at SUSECVE-2019-17005 at NVDCVE-2019-17008 at SUSECVE-2019-17008 at NVDCVE-2019-17009 at SUSECVE-2019-17009 at NVDCVE-2019-17010 at SUSECVE-2019-17010 at NVDCVE-2019-17011 at SUSECVE-2019-17011 at NVDCVE-2019-17012 at SUSECVE-2019-17012 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 68.4.1 ESR
* Fixed: Security fix
MFSA 2020-03 (bsc#1160498)
* CVE-2019-17026 (bmo#1607443)
IonMonkey type confusion with StoreElementHole and
FallibleStoreElement
- Firefox Extended Support Release 68.4.0 ESR
* Fixed: Various security fixes
MFSA 2020-02 (bsc#1160305)
* CVE-2019-17015 (bmo#1599005)
Memory corruption in parent process during new content
process initialization on Windows
* CVE-2019-17016 (bmo#1599181)
Bypass of @namespace CSS sanitization during pasting
* CVE-2019-17017 (bmo#1603055)
Type Confusion in XPCVariant.cpp
* CVE-2019-17021 (bmo#1599008)
Heap address disclosure in parent process during content
process initialization on Windows
* CVE-2019-17022 (bmo#1602843)
CSS sanitization does not escape HTML tags
* CVE-2019-17024 (bmo#1507180, bmo#1595470, bmo#1598605,
bmo#1601826)
Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
ImportantSUSE bug 1160305SUSE bug 1160498CVE-2019-17015 at SUSECVE-2019-17015 at NVDCVE-2019-17016 at SUSECVE-2019-17016 at NVDCVE-2019-17017 at SUSECVE-2019-17017 at NVDCVE-2019-17021 at SUSECVE-2019-17021 at NVDCVE-2019-17022 at SUSECVE-2019-17022 at NVDCVE-2019-17024 at SUSECVE-2019-17024 at NVDCVE-2019-17026 at SUSECVE-2019-17026 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox was updated to version 68.5.0 ESR (bsc#1163368).
Security issues fixed:
- CVE-2020-6796: Fixed a missing bounds check on shared memory in the parent process (bsc#1163368).
- CVE-2020-6798: Fixed a JavaScript code injection issue caused by the incorrect parsing of template tags (bsc#1163368).
- CVE-2020-6799: Fixed a local arbitrary code execution issue when handling PDF links from other applications (bsc#1163368).
- CVE-2020-6800: Fixed several memory safety bugs (bsc#1163368).
Non-security issues fixed:
- Fixed various issues opening files with spaces in their path (bmo#1601905, bmo#1602726).
ImportantSUSE bug 1161799SUSE bug 1163368CVE-2020-6796 at SUSECVE-2020-6796 at NVDCVE-2020-6797 at SUSECVE-2020-6797 at NVDCVE-2020-6798 at SUSECVE-2020-6798 at NVDCVE-2020-6799 at SUSECVE-2020-6799 at NVDCVE-2020-6800 at SUSECVE-2020-6800 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
MozillaFirefox was updated to 68.6.0 ESR (MFSA 2020-09 bsc#1132665)
- CVE-2020-6805: Fixed a use-after-free when removing data about origins
- CVE-2020-6806: Fixed improper protections against state confusion
- CVE-2020-6807: Fixed a use-after-free in cubeb during stream destruction
- CVE-2020-6811: Fixed an issue where copy as cURL' feature did not fully
escape website-controlled data potentially leading to command injection
- CVE-2019-20503: Fixed out of bounds reads in sctp_load_addresses_from_init
- CVE-2020-6812: Fixed an issue where the names of AirPods with personally
identifiable information were exposed to websites with camera or microphone
permission
- CVE-2020-6814: Fixed multiple memory safety bugs
- Fixed an issue with minimizing a window (bsc#1132665).
ImportantSUSE bug 1132665CVE-2019-20503 at SUSECVE-2019-20503 at NVDCVE-2020-6805 at SUSECVE-2020-6805 at NVDCVE-2020-6806 at SUSECVE-2020-6806 at NVDCVE-2020-6807 at SUSECVE-2020-6807 at NVDCVE-2020-6811 at SUSECVE-2020-6811 at NVDCVE-2020-6812 at SUSECVE-2020-6812 at NVDCVE-2020-6814 at SUSECVE-2020-6814 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 68.6.1 ESR
MFSA 2020-11 (bsc#1168630)
* CVE-2020-6819 (bmo#1620818)
Use-after-free while running the nsDocShell destructor
* CVE-2020-6820 (bmo#1626728)
Use-after-free when handling a ReadableStream
ImportantSUSE bug 1168630CVE-2020-6819 at SUSECVE-2020-6819 at NVDCVE-2020-6820 at SUSECVE-2020-6820 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox to version 68.7.0 ESR fixes the following issues:
- CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage method (bsc#1168874).
- CVE-2020-6822: Fixed out of bounds write in GMPDecodeData when processing large images (bsc#1168874).
- CVE-2020-6825: Fixed Memory safety bugs (bsc#1168874).
- CVE-2020-6827: Custom Tabs could have the URI spoofed (bsc#1168874).
- CVE-2020-6828: Preference overwrite via crafted Intent (bsc#1168874).
ImportantSUSE bug 1168874CVE-2020-6821 at SUSECVE-2020-6821 at NVDCVE-2020-6822 at SUSECVE-2020-6822 at NVDCVE-2020-6825 at SUSECVE-2020-6825 at NVDCVE-2020-6827 at SUSECVE-2020-6827 at NVDCVE-2020-6828 at SUSECVE-2020-6828 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 68.8.0 ESR
MFSA 2020-17 (bsc#1171186)
* CVE-2020-12387 (bmo#1545345)
Use-after-free during worker shutdown
* CVE-2020-12388 (bmo#1618911)
Sandbox escape with improperly guarded Access Tokens
* CVE-2020-12389 (bmo#1554110)
Sandbox escape with improperly separated process types
* CVE-2020-6831 (bmo#1632241)
Buffer overflow in SCTP chunk input validation
* CVE-2020-12392 (bmo#1614468)
Arbitrary local file access with 'Copy as cURL'
* CVE-2020-12393 (bmo#1615471)
Devtools' 'Copy as cURL' feature did not fully escape
website-controlled data, potentially leading to command
injection
* CVE-2020-12395 (bmo#1595886, bmo#1611482, bmo#1614704,
bmo#1624098, bmo#1625749, bmo#1626382, bmo#1628076,
bmo#1631508)
Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8
- Since firefox-gcc8 now has disabled autoreqprov for firefox-libstdc++6
and firefox-libgcc_s1, those packages don't provide some capabilities,
we have to disable AutoReqProv in MozillaFirefox too so they're not added as
automatic requirements. (bsc#1162828)
ImportantSUSE bug 1162828SUSE bug 1171186CVE-2020-12387 at SUSECVE-2020-12387 at NVDCVE-2020-12388 at SUSECVE-2020-12388 at NVDCVE-2020-12389 at SUSECVE-2020-12389 at NVDCVE-2020-12392 at SUSECVE-2020-12392 at NVDCVE-2020-12393 at SUSECVE-2020-12393 at NVDCVE-2020-12395 at SUSECVE-2020-12395 at NVDCVE-2020-6831 at SUSECVE-2020-6831 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
- MozillaFirefox was updated to version 68.9.0 Extended Support Release (bsc#1172402).
- CVE-2020-12405: Fixed a use-after-free in SharedWorkerService.
- CVE-2020-12406: Fixed a JavaScript Type confusion with NativeTypes.
- CVE-2020-12410: Fixed multiple memory safety bugs.
ImportantSUSE bug 1172402CVE-2020-12405 at SUSECVE-2020-12405 at NVDCVE-2020-12406 at SUSECVE-2020-12406 at NVDCVE-2020-12410 at SUSECVE-2020-12410 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox to version 78.0.1 ESR fixes the following issues:
Security issues fixed:
- CVE-2020-12415: AppCache manifest poisoning due to url encoded character processing (bsc#1173576).
- CVE-2020-12416: Use-after-free in WebRTC VideoBroadcaster (bsc#1173576).
- CVE-2020-12417: Memory corruption due to missing sign-extension for ValueTags on ARM64 (bsc#1173576).
- CVE-2020-12418: Information disclosure due to manipulated URL object (bsc#1173576).
- CVE-2020-12419: Use-after-free in nsGlobalWindowInner (bsc#1173576).
- CVE-2020-12420: Use-After-Free when trying to connect to a STUN server (bsc#1173576).
- CVE-2020-12402: RSA Key Generation vulnerable to side-channel attack (bsc#1173576).
- CVE-2020-12421: Add-On updates did not respect the same certificate trust rules as software updates (bsc#1173576).
- CVE-2020-12422: Integer overflow in nsJPEGEncoder::emptyOutputBuffer (bsc#1173576).
- CVE-2020-12423: DLL Hijacking due to searching %PATH% for a library (bsc#1173576).
- CVE-2020-12424: WebRTC permission prompt could have been bypassed by a compromised content process (bsc#1173576).
- CVE-2020-12425: Out of bound read in Date.parse() (bsc#1173576).
- CVE-2020-12426: Memory safety bugs fixed in Firefox 78 (bsc#1173576).
- FIPS: MozillaFirefox: allow /proc/sys/crypto/fips_enabled (bsc#1167231).
Non-security issues fixed:
- Fixed interaction with freetype6 (bsc#1173613).
ImportantSUSE bug 1166238SUSE bug 1167231SUSE bug 1173576CVE-2020-12402 at SUSECVE-2020-12402 at NVDCVE-2020-12415 at SUSECVE-2020-12415 at NVDCVE-2020-12416 at SUSECVE-2020-12416 at NVDCVE-2020-12417 at SUSECVE-2020-12417 at NVDCVE-2020-12418 at SUSECVE-2020-12418 at NVDCVE-2020-12419 at SUSECVE-2020-12419 at NVDCVE-2020-12420 at SUSECVE-2020-12420 at NVDCVE-2020-12421 at SUSECVE-2020-12421 at NVDCVE-2020-12422 at SUSECVE-2020-12422 at NVDCVE-2020-12423 at SUSECVE-2020-12423 at NVDCVE-2020-12424 at SUSECVE-2020-12424 at NVDCVE-2020-12425 at SUSECVE-2020-12425 at NVDCVE-2020-12426 at SUSECVE-2020-12426 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
- Fix broken translation-loading (boo#1173991)
* allow addon sideloading
* mark signatures for langpacks non-mandatory
* do not autodisable user profile scopes
- Google API key is not usable for geolocation service any more
- Mozilla Firefox 78.1 ESR
* Fixed: Various stability, functionality, and security fixe
(MFSA 2020-32) (bsc#1174538).
* CVE-2020-15652 (bmo#1634872)
Potential leak of redirect targets when loading scripts in a
worker
* CVE-2020-6514 (bmo#1642792)
WebRTC data channel leaks internal address to peer
* CVE-2020-15655 (bmo#1645204)
Extension APIs could be used to bypass Same-Origin Policy
* CVE-2020-15653 (bmo#1521542)
Bypassing iframe sandbox when allowing popups
* CVE-2020-6463 (bmo#1635293)
Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture
* CVE-2020-15656 (bmo#1647293)
Type confusion for special arguments in IonMonkey
* CVE-2020-15658 (bmo#1637745)
Overriding file type when saving to disk
* CVE-2020-15657 (bmo#1644954)
DLL hijacking due to incorrect loading path
* CVE-2020-15654 (bmo#1648333)
Custom cursor can overlay user interface
* CVE-2020-15659 (bmo#1550133, bmo#1633880, bmo#1643613,
bmo#1644839, bmo#1645835, bmo#1646006, bmo#1646787,
bmo#1649347, bmo#1650811, bmo#1651678)
Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1
- Add sle11-icu-generation-python3.patch to fix icu-generation
on big endian platforms
- Mozilla Firefox 78.0.2 ESR
* MFSA 2020-28 (bsc#1173948)
* MFSA-2020-0003 (bmo#1644076)
X-Frame-Options bypass using object or embed tags
* Fixed: Fixed an accessibility regression in reader mode
(bmo#1650922)
* Fixed: Made the address bar more resilient to data corruption
in the user profile (bmo#1649981)
* Fixed: Fixed a regression opening certain external
applications (bmo#1650162)
ModerateSUSE bug 1173948SUSE bug 1173991SUSE bug 1174538CVE-2020-15652 at SUSECVE-2020-15652 at NVDCVE-2020-15653 at SUSECVE-2020-15653 at NVDCVE-2020-15654 at SUSECVE-2020-15654 at NVDCVE-2020-15655 at SUSECVE-2020-15655 at NVDCVE-2020-15656 at SUSECVE-2020-15656 at NVDCVE-2020-15657 at SUSECVE-2020-15657 at NVDCVE-2020-15658 at SUSECVE-2020-15658 at NVDCVE-2020-15659 at SUSECVE-2020-15659 at NVDCVE-2020-6463 at SUSECVE-2020-6463 at NVDCVE-2020-6514 at SUSECVE-2020-6514 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.2.0 ESR
* Fixed: Various stability, functionality, and security fixes
- Mozilla Firefox ESR 78.2
MFSA 2020-38 (bsc#1175686)
* CVE-2020-15663 (bmo#1643199)
Downgrade attack on the Mozilla Maintenance Service could
have resulted in escalation of privilege
* CVE-2020-15664 (bmo#1658214)
Attacker-induced prompt for extension installation
* CVE-2020-15670 (bmo#1651001, bmo#1651449, bmo#1653626,
bmo#1656957)
Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2
- Fixed Firefox tab crash in FIPS mode (bsc#1174284).
ModerateSUSE bug 1174284SUSE bug 1175686CVE-2020-15663 at SUSECVE-2020-15663 at NVDCVE-2020-15664 at SUSECVE-2020-15664 at NVDCVE-2020-15670 at SUSECVE-2020-15670 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox was updated to 78.3.0 ESR (bsc#1176756, MFSA 2020-43)
- CVE-2020-15677: Download origin spoofing via redirect
- CVE-2020-15676: Fixed an XSS when pasting attacker-controlled data into a
contenteditable element
- CVE-2020-15678: When recursing through layers while scrolling, an iterator
may have become invalid, resulting in a potential use-after-free scenario
- CVE-2020-15673: Fixed memory safety bugs
- Attempt to fix langpack-parallelization by introducing separate
obj-dirs for each lang (bsc#1173986, bsc#1167976)
- Fixed problems with compiler builtins on SLE-11 (bsc#1175046)
ImportantSUSE bug 1167976SUSE bug 1173986SUSE bug 1175046SUSE bug 1176756CVE-2020-15673 at SUSECVE-2020-15673 at NVDCVE-2020-15676 at SUSECVE-2020-15676 at NVDCVE-2020-15677 at SUSECVE-2020-15677 at NVDCVE-2020-15678 at SUSECVE-2020-15678 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.4.0 ESR
* Fixed: Various stability, functionality, and security fixes MFSA 2020-46 (bsc#1177872)
* CVE-2020-15969 Use-after-free in usersctp
* CVE-2020-15683 Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4
* Fixed: Fixed legacy preferences not being properly applied when set via GPO
ImportantSUSE bug 1177872CVE-2020-15683 at SUSECVE-2020-15683 at NVDCVE-2020-15969 at SUSECVE-2020-15969 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.4.1 ESR
* Fixed: Security fix
MFSA 2020-49 (bsc#1178588)
* CVE-2020-26950 (bmo#1675905)
Write side effects in MCallGetProperty opcode not accounted
for
ImportantSUSE bug 1178588CVE-2020-26950 at SUSECVE-2020-26950 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.5.0 ESR (bsc#1178824)
* CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code
* CVE-2020-16012: Variable time processing of cross-origin images during drawImage calls
* CVE-2020-26953: Fullscreen could be enabled without displaying the security UI
* CVE-2020-26956: XSS through paste (manual and clipboard API)
* CVE-2020-26958: Requests intercepted through ServiceWorkers lacked MIME type restrictions
* CVE-2020-26959: Use-after-free in WebRequestService
* CVE-2020-26960: Potential use-after-free in uses of nsTArray
* CVE-2020-15999: Heap buffer overflow in freetype
* CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses
* CVE-2020-26965: Software keyboards may have remembered typed passwords
* CVE-2020-26966: Single-word search queries were also broadcast to local network
* CVE-2020-26968: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5
ImportantSUSE bug 1178824CVE-2020-15999 at SUSECVE-2020-15999 at NVDCVE-2020-16012 at SUSECVE-2020-16012 at NVDCVE-2020-26951 at SUSECVE-2020-26951 at NVDCVE-2020-26953 at SUSECVE-2020-26953 at NVDCVE-2020-26956 at SUSECVE-2020-26956 at NVDCVE-2020-26958 at SUSECVE-2020-26958 at NVDCVE-2020-26959 at SUSECVE-2020-26959 at NVDCVE-2020-26960 at SUSECVE-2020-26960 at NVDCVE-2020-26961 at SUSECVE-2020-26961 at NVDCVE-2020-26965 at SUSECVE-2020-26965 at NVDCVE-2020-26966 at SUSECVE-2020-26966 at NVDCVE-2020-26968 at SUSECVE-2020-26968 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Critical)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.6.0 ESR
* Fixed: Various stability, functionality, and security fixes
MFSA 2020-55 (bsc#1180039)
* CVE-2020-16042 (bmo#1679003)
Operations on a BigInt could have caused uninitialized memory
to be exposed
* CVE-2020-26971 (bmo#1663466)
Heap buffer overflow in WebGL
* CVE-2020-26973 (bmo#1680084)
CSS Sanitizer performed incorrect sanitization
* CVE-2020-26974 (bmo#1681022)
Incorrect cast of StyleGenericFlexBasis resulted in a heap
use-after-free
* CVE-2020-26978 (bmo#1677047)
Internal network hosts could have been probed by a malicious
webpage
* CVE-2020-35111 (bmo#1657916)
The proxy.onRequest API did not catch view-source URLs
* CVE-2020-35112 (bmo#1661365)
Opening an extension-less download may have inadvertently
launched an executable instead
* CVE-2020-35113 (bmo#1664831, bmo#1673589)
Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6
CriticalSUSE bug 1180039CVE-2020-16042 at SUSECVE-2020-16042 at NVDCVE-2020-26971 at SUSECVE-2020-26971 at NVDCVE-2020-26973 at SUSECVE-2020-26973 at NVDCVE-2020-26974 at SUSECVE-2020-26974 at NVDCVE-2020-26978 at SUSECVE-2020-26978 at NVDCVE-2020-35111 at SUSECVE-2020-35111 at NVDCVE-2020-35112 at SUSECVE-2020-35112 at NVDCVE-2020-35113 at SUSECVE-2020-35113 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.6.1 ESR
* Fixed: Critical security issue MFSA 2021-01 (bsc#1180623)
* CVE-2020-16044
Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
ImportantSUSE bug 1180623CVE-2020-16044 at SUSECVE-2020-16044 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.7.0 ESR (MFSA 2021-04, bsc#1181414)
* CVE-2021-23953: Fixed a Cross-origin information leakage via redirected PDF requests
* CVE-2021-23954: Fixed a type confusion when using logical assignment operators in JavaScript switch statements
* CVE-2020-26976: Fixed an issue where HTTPS pages could have been intercepted by a registered service worker when they should not have been
* CVE-2021-23960: Fixed a use-after-poison for incorrectly redeclared JavaScript variables during GC
* CVE-2021-23964: Fixed Memory safety bugs
ImportantSUSE bug 1181414CVE-2020-26976 at SUSECVE-2020-26976 at NVDCVE-2021-23953 at SUSECVE-2021-23953 at NVDCVE-2021-23954 at SUSECVE-2021-23954 at NVDCVE-2021-23960 at SUSECVE-2021-23960 at NVDCVE-2021-23964 at SUSECVE-2021-23964 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 78.7.1 ESR (bsc#1181848)
- Fixed: Prevent access to NTFS special paths that could lead to filesystem corruption.
- Buffer overflow in depth pitch calculations for compressed textures
LowSUSE bug 1181848cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.8.0 ESR
* Fixed: Various stability, functionality, and security fixes
MFSA 2021-08 (bsc#1182614)
* CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect
* CVE-2021-23968: Content Security Policy violation report could have contained the destination of a redirect
* CVE-2021-23973: MediaError message property could have leaked information about cross-origin resources
* CVE-2021-23978: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8
ImportantSUSE bug 1182357SUSE bug 1182614CVE-2021-23968 at SUSECVE-2021-23968 at NVDCVE-2021-23969 at SUSECVE-2021-23969 at NVDCVE-2021-23973 at SUSECVE-2021-23973 at NVDCVE-2021-23978 at SUSECVE-2021-23978 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox was updated to 78.9.0 ESR (MFSA 2021-11, bsc#1183942)
* CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an out-of-bound read
* CVE-2021-23982: Internal network hosts could have been probed by a malicious webpage
* CVE-2021-23984: Malicious extensions could have spoofed popup information
* CVE-2021-23987: Memory safety bugs
ImportantSUSE bug 1183942CVE-2021-23981 at SUSECVE-2021-23981 at NVDCVE-2021-23982 at SUSECVE-2021-23982 at NVDCVE-2021-23984 at SUSECVE-2021-23984 at NVDCVE-2021-23987 at SUSECVE-2021-23987 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox was updated to 78.10.0 ESR (bsc#1184960)
* CVE-2021-23994: Out of bound write due to lazy initialization
* CVE-2021-23995: Use-after-free in Responsive Design Mode
* CVE-2021-23998: Secure Lock icon could have been spoofed
* CVE-2021-23961: More internal network hosts could have been probed by a malicious webpage
* CVE-2021-23999: Blob URLs may have been granted additional privileges
* CVE-2021-24002: Arbitrary FTP command execution on FTP servers using an encoded URL
* CVE-2021-29945: Incorrect size computation in WebAssembly JIT could lead to null-reads
* CVE-2021-29946: Port blocking could be bypassed
ImportantSUSE bug 1184960CVE-2021-23961 at SUSECVE-2021-23961 at NVDCVE-2021-23994 at SUSECVE-2021-23994 at NVDCVE-2021-23995 at SUSECVE-2021-23995 at NVDCVE-2021-23998 at SUSECVE-2021-23998 at NVDCVE-2021-23999 at SUSECVE-2021-23999 at NVDCVE-2021-24002 at SUSECVE-2021-24002 at NVDCVE-2021-29945 at SUSECVE-2021-29945 at NVDCVE-2021-29946 at SUSECVE-2021-29946 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 78.11.0 ESR (bsc#1186696)
* CVE-2021-29964: Out of bounds-read when parsing a `WM_COPYDATA` message
* CVE-2021-29967: Memory safety bugs fixed in Firefox
ModerateSUSE bug 1185633SUSE bug 1186696CVE-2021-29951 at SUSECVE-2021-29951 at NVDCVE-2021-29964 at SUSECVE-2021-29964 at NVDCVE-2021-29967 at SUSECVE-2021-29967 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 78.12.0 ESR
* Fixed: Various stability, functionality, and security fixes
MFSA 2021-29 (bsc#1188275)
* CVE-2021-29970: Use-after-free in accessibility features of a document
* CVE-2021-30547: Out of bounds write in ANGLE
* CVE-2021-29976: Memory safety bugs fixed in Firefox 90 and Firefox ESR 78.12
ImportantSUSE bug 1188275CVE-2021-29970 at SUSECVE-2021-29970 at NVDCVE-2021-29976 at SUSECVE-2021-29976 at NVDCVE-2021-30547 at SUSECVE-2021-30547 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 78.13.0 ESR (MFSA 2021-34, bsc#1188891):
- CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption
- CVE-2021-29988: Memory corruption as a result of incorrect style treatment
- CVE-2021-29984: Incorrect instruction reordering during JIT optimization
- CVE-2021-29980: Uninitialized memory in a canvas object could have led to memory corruption
- CVE-2021-29985: Use-after-free media channels
- CVE-2021-29989: Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13
ImportantSUSE bug 1188891CVE-2021-29980 at SUSECVE-2021-29980 at NVDCVE-2021-29984 at SUSECVE-2021-29984 at NVDCVE-2021-29985 at SUSECVE-2021-29985 at NVDCVE-2021-29986 at SUSECVE-2021-29986 at NVDCVE-2021-29988 at SUSECVE-2021-29988 at NVDCVE-2021-29989 at SUSECVE-2021-29989 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
This update contains the Firefox Extended Support Release 91.1.0 ESR.
* Fixed: Various stability, functionality, and security fixes
MFSA 2021-40 (bsc#1190269, bsc#1190274):
* CVE-2021-38492: Navigating to `mk:` URL scheme could load Internet Explorer
* CVE-2021-38495: Memory safety bugs fixed in Firefox 92 and Firefox ESR 91.1
Firefox 91.0.1esr ESR
* Fixed: Fixed an issue causing buttons on the tab bar to be
resized when loading certain websites (bug 1704404)
* Fixed: Fixed an issue which caused tabs from private windows
to be visible in non-private windows when viewing switch-to-
tab results in the address bar panel (bug 1720369)
* Fixed: Various stability fixes
* Fixed: Security fix MFSA 2021-37 (bsc#1189547)
* CVE-2021-29991 (bmo#1724896)
Header Splitting possible with HTTP/3 Responses
Firefox Extended Support Release 91.0 ESR
* New: Some of the highlights of the new Extended Support Release are:
- A number of user interface changes. For more information,
see the Firefox 89 release notes.
- Firefox now supports logging into Microsoft, work, and
school accounts using Windows single sign-on. Learn more
- On Windows, updates can now be applied in the background
while Firefox is not running.
- Firefox for Windows now offers a new page about:third-party
to help identify compatibility issues caused by third-party
applications
- Version 2 of Firefox's SmartBlock feature further improves
private browsing. Third party Facebook scripts are blocked to
prevent you from being tracked, but are now automatically
loaded 'just in time' if you decide to 'Log in with Facebook'
on any website.
- Enhanced the privacy of the Firefox Browser's Private
Browsing mode with Total Cookie Protection, which confines
cookies to the site where they were created, preventing
companis from using cookies to track your browsing across
sites. This feature was originally launched in Firefox's ETP
Strict mode.
- PDF forms now support JavaScript embedded in PDF files.
Some PDF forms use JavaScript for validation and other
interactive features.
- You'll encounter less website breakage in Private Browsing
and Strict Enhanced Tracking Protection with SmartBlock,
which provides stand-in scripts so that websites load
properly.
- Improved Print functionality with a cleaner design and
better integration with your computer's printer settings.
- Firefox now protects you from supercookies, a type of
tracker that can stay hidden in your browser and track you
online, even after you clear cookies. By isolating
supercookies, Firefox prevents them from tracking your web
browsing from one site to the next.
- Firefox now remembers your preferred location for saved
bookmarks, displays the bookmarks toolbar by default on new
tabs, and gives you easy access to all of your bookmarks via
a toolbar folder.
- Native support for macOS devices built with Apple Silicon
CPUs brings dramatic performance improvements over the non-
native build that was shipped in Firefox 83: Firefox launches
over 2.5 times faster and web apps are now twice as
responsive (per the SpeedoMeter 2.0 test). If you are on a
new Apple device, follow these steps to upgrade to the latest
Firefox.
- Pinch zooming will now be supported for our users with
Windows touchscreen devices and touchpads on Mac devices.
Firefox users may now use pinch to zoom on touch-capable
devices to zoom in and out of webpages.
- We’ve improved functionality and design for a number of
Firefox search features:
* Selecting a search engine at the bottom of the search
panel now enters search mode for that engine, allowing you to
see suggestions (if available) for your search terms. The old
behavior (immediately performing a search) is available with
a shift-click.
* When Firefox autocompletes the URL of one of your search
engines, you can now search with that engine directly in the
address bar by selecting the shortcut in the address bar
results.
* We’ve added buttons at the bottom of the search panel to
allow you to search your bookmarks, open tabs, and history.
- Firefox supports AcroForm, which will allow you to fill in,
print, and save supported PDF forms and the PDF viewer also
has a new fresh look.
- For our users in the US and Canada, Firefox can now save,
manage, and auto-fill credit card information for you, making
shopping on Firefox ever more convenient.
- In addition to our default, dark and light themes, with
this release, Firefox introduces the Alpenglow theme: a
colorful appearance for buttons, menus, and windows. You can
update your Firefox themes under settings or preferences.
* Changed: Firefox no longer supports Adobe Flash. There is no
setting available to re-enable Flash support.
* Enterprise: Various bug fixes and new policies have been
implemented in the latest version of Firefox. See more
details in the Firefox for Enterprise 91 Release Notes.
MFSA 2021-33 (bsc#1188891):
* CVE-2021-29986: Race condition when resolving DNS names could have led to
memory corruption
* CVE-2021-29981: Live range splitting could have led to conflicting
assignments in the JIT
* CVE-2021-29988: Memory corruption as a result of incorrect style treatment
* CVE-2021-29983: Firefox for Android could get stuck in fullscreen mode
* CVE-2021-29984: Incorrect instruction reordering during JIT optimization
* CVE-2021-29980: Uninitialized memory in a canvas object could have led to
memory corruption
* CVE-2021-29987: Users could have been tricked into accepting unwanted
permissions on Linux
* CVE-2021-29985: Use-after-free media channels
* CVE-2021-29982: Single bit data leak due to incorrect JIT optimization and
type confusion
* CVE-2021-29989: Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13
* CVE-2021-29990: Memory safety bugs fixed in Firefox 91
ImportantSUSE bug 1188891SUSE bug 1189547SUSE bug 1190269SUSE bug 1190274CVE-2021-29980 at SUSECVE-2021-29980 at NVDCVE-2021-29981 at SUSECVE-2021-29981 at NVDCVE-2021-29982 at SUSECVE-2021-29982 at NVDCVE-2021-29983 at SUSECVE-2021-29983 at NVDCVE-2021-29984 at SUSECVE-2021-29984 at NVDCVE-2021-29985 at SUSECVE-2021-29985 at NVDCVE-2021-29986 at SUSECVE-2021-29986 at NVDCVE-2021-29987 at SUSECVE-2021-29987 at NVDCVE-2021-29988 at SUSECVE-2021-29988 at NVDCVE-2021-29989 at SUSECVE-2021-29989 at NVDCVE-2021-29990 at SUSECVE-2021-29990 at NVDCVE-2021-29991 at SUSECVE-2021-29991 at NVDCVE-2021-38492 at SUSECVE-2021-38492 at NVDCVE-2021-38495 at SUSECVE-2021-38495 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
MozillaFirefox was updated to Extended Support Release 91.3.0 ESR
* Fixed: Various stability, functionality, and security fixes
MFSA 2021-49 (bsc#1192250)
* CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets
* CVE-2021-38504: Use-after-free in file picker dialog
* CVE-2021-38505: Windows 10 Cloud Clipboard may have recorded sensitive user data
* CVE-2021-38506: Firefox could be coaxed into going into fullscreen mode without notification or warning
* CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports
* CVE-2021-38508: Permission Prompt could be overlaid, resulting in user confusion and potential spoofing
* CVE-2021-38509: Javascript alert box could have been spoofed onto an arbitrary domain
* CVE-2021-38510: Download Protections were bypassed by .inetloc files on Mac OS
* MOZ-2021-0008: Use-after-free in HTTP2 Session object
* MOZ-2021-0007: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3
ImportantSUSE bug 1192250CVE-2021-38503 at SUSECVE-2021-38503 at NVDCVE-2021-38504 at SUSECVE-2021-38504 at NVDCVE-2021-38505 at SUSECVE-2021-38505 at NVDCVE-2021-38506 at SUSECVE-2021-38506 at NVDCVE-2021-38507 at SUSECVE-2021-38507 at NVDCVE-2021-38508 at SUSECVE-2021-38508 at NVDCVE-2021-38509 at SUSECVE-2021-38509 at NVDCVE-2021-38510 at SUSECVE-2021-38510 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
Update to Extended Support Release 91.4.0 (bsc#1193485):
- CVE-2021-43536: URL leakage when navigating while executing asynchronous function
- CVE-2021-43537: Heap buffer overflow when using structured clone
- CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both
- CVE-2021-43539: GC rooting failure when calling wasm instance methods
- CVE-2021-43541: External protocol handler parameters were unescaped
- CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler
- CVE-2021-43543: Bypass of CSP sandbox directive when embedding
- CVE-2021-43545: Denial of Service when using the Location API in a loop
- CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed
- Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4
- Removed x-scheme-handler/ftp from MozillaFirefox.desktop (bsc#1193321)
ImportantSUSE bug 1193321SUSE bug 1193485CVE-2021-43536 at SUSECVE-2021-43536 at NVDCVE-2021-43537 at SUSECVE-2021-43537 at NVDCVE-2021-43538 at SUSECVE-2021-43538 at NVDCVE-2021-43539 at SUSECVE-2021-43539 at NVDCVE-2021-43541 at SUSECVE-2021-43541 at NVDCVE-2021-43542 at SUSECVE-2021-43542 at NVDCVE-2021-43543 at SUSECVE-2021-43543 at NVDCVE-2021-43545 at SUSECVE-2021-43545 at NVDCVE-2021-43546 at SUSECVE-2021-43546 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
- CVE-2021-4140: Fixed iframe sandbox bypass with XSLT (bsc#1194547).
- CVE-2022-22737: Fixed race condition when playing audio files (bsc#1194547).
- CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur (bsc#1194547).
- CVE-2022-22739: Fixed missing throttling on external protocol launch dialog (bsc#1194547).
- CVE-2022-22740: Fixed use-after-free of ChannelEventQueue::mOwner (bsc#1194547).
- CVE-2022-22741: Fixed browser window spoof using fullscreen mode (bsc#1194547).
- CVE-2022-22742: Fixed out-of-bounds memory access when inserting text in edit mode (bsc#1194547).
- CVE-2022-22743: Fixed browser window spoof using fullscreen mode (bsc#1194547).
- CVE-2022-22744: Fixed possible command injection via the 'Copy as curl' feature in DevTools (bsc#1194547).
- CVE-2022-22745: Fixed leaking cross-origin URLs through securitypolicyviolation event (bsc#1194547).
- CVE-2022-22746: Fixed calling into reportValidity could have lead to fullscreen window spoof (bsc#1194547).
- CVE-2022-22747: Fixed crash when handling empty pkcs7 sequence(bsc#1194547).
- CVE-2022-22748: Fixed spoofed origin on external protocol launch dialog (bsc#1194547).
- CVE-2022-22751: Fixed memory safety bugs (bsc#1194547).
ImportantSUSE bug 1194547CVE-2021-4140 at SUSECVE-2021-4140 at NVDCVE-2022-22737 at SUSECVE-2022-22737 at NVDCVE-2022-22738 at SUSECVE-2022-22738 at NVDCVE-2022-22739 at SUSECVE-2022-22739 at NVDCVE-2022-22740 at SUSECVE-2022-22740 at NVDCVE-2022-22741 at SUSECVE-2022-22741 at NVDCVE-2022-22742 at SUSECVE-2022-22742 at NVDCVE-2022-22743 at SUSECVE-2022-22743 at NVDCVE-2022-22744 at SUSECVE-2022-22744 at NVDCVE-2022-22745 at SUSECVE-2022-22745 at NVDCVE-2022-22746 at SUSECVE-2022-22746 at NVDCVE-2022-22747 at SUSECVE-2022-22747 at NVDCVE-2022-22748 at SUSECVE-2022-22748 at NVDCVE-2022-22751 at SUSECVE-2022-22751 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.6.0 ESR / MFSA 2022-05 (bsc#1195682)
- CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance Service
- CVE-2022-22754: Extensions could have bypassed permission confirmation during update
- CVE-2022-22756: Drag and dropping an image could have resulted in the dropped object being an executable
- CVE-2022-22759: Sandboxed iframes could have executed script if the parent appended elements
- CVE-2022-22760: Cross-Origin responses could be distinguished between script and non-script content-types
- CVE-2022-22761: frame-ancestors Content Security Policy directive was not enforced for framed extension pages
- CVE-2022-22763: Script Execution during invalid object state
- CVE-2022-22764: Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6
Firefox Extended Support Release 91.5.1 ESR (bsc#1195230)
- Fixed an issue that allowed unexpected data to be submitted in some of our search telemetry
ImportantSUSE bug 1195230SUSE bug 1195682CVE-2022-22753 at SUSECVE-2022-22753 at NVDCVE-2022-22754 at SUSECVE-2022-22754 at NVDCVE-2022-22756 at SUSECVE-2022-22756 at NVDCVE-2022-22759 at SUSECVE-2022-22759 at NVDCVE-2022-22760 at SUSECVE-2022-22760 at NVDCVE-2022-22761 at SUSECVE-2022-22761 at NVDCVE-2022-22763 at SUSECVE-2022-22763 at NVDCVE-2022-22764 at SUSECVE-2022-22764 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.7.0 ESR (bsc#1196900):
- CVE-2022-26383: Browser window spoof using fullscreen mode
- CVE-2022-26384: iframe allow-scripts sandbox bypass
- CVE-2022-26387: Time-of-check time-of-use bug when verifying add-on signatures
- CVE-2022-26381: Use-after-free in text reflows
- CVE-2022-26386: Temporary files downloaded to /tmp and accessible by other local users
Firefox Extended Support Release 91.6.1 ESR (bsc#1196809):
- CVE-2022-26485: Use-after-free in XSLT parameter processing
- CVE-2022-26486: Use-after-free in WebGPU IPC Framework
ImportantSUSE bug 1196809SUSE bug 1196900CVE-2022-26381 at SUSECVE-2022-26381 at NVDCVE-2022-26383 at SUSECVE-2022-26383 at NVDCVE-2022-26384 at SUSECVE-2022-26384 at NVDCVE-2022-26386 at SUSECVE-2022-26386 at NVDCVE-2022-26387 at SUSECVE-2022-26387 at NVDCVE-2022-26485 at SUSECVE-2022-26485 at NVDCVE-2022-26486 at SUSECVE-2022-26486 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.8.0 ESR (bsc#1197903):
MFSA 2022-14 (bsc#1197903)
* CVE-2022-1097: Fixed memory safety violations that could occur when PKCS#11 tokens are removed while in use
* CVE-2022-28281: Fixed an out of bounds write due to unexpected WebAuthN Extensions
* CVE-2022-1196: Fixed a use-after-free after VR Process destruction
* CVE-2022-28282: Fixed a use-after-free in DocumentL10n::TranslateDocument
* CVE-2022-28285: Fixed incorrect AliasSet used in JIT Codegen
* CVE-2022-28286: Fixed that iframe contents could be rendered outside the border
* CVE-2022-24713: Fixed a denial of service via complex regular expressions
* CVE-2022-28289: Memory safety bugs fixed in Firefox 99 and Firefox ESR 91.8
ImportantSUSE bug 1197903CVE-2022-1097 at SUSECVE-2022-1097 at NVDCVE-2022-1196 at SUSECVE-2022-1196 at NVDCVE-2022-24713 at SUSECVE-2022-24713 at NVDCVE-2022-28281 at SUSECVE-2022-28281 at NVDCVE-2022-28282 at SUSECVE-2022-28282 at NVDCVE-2022-28285 at SUSECVE-2022-28285 at NVDCVE-2022-28286 at SUSECVE-2022-28286 at NVDCVE-2022-28289 at SUSECVE-2022-28289 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This MozillaFirefox and Mozilla NSS update fixes several security and
non-security issues.
MozillaFirefox has been updated to 24.5.0esr which fixes following issues:
* MFSA 2014-34/CVE-2014-1518
Miscellaneous memory safety hazards
* MFSA 2014-37/CVE-2014-1523
Out of bounds read while decoding JPG images
* MFSA 2014-38/CVE-2014-1524
Buffer overflow when using non-XBL object as XBL
* MFSA 2014-42/CVE-2014-1529
Privilege escalation through Web Notification API
* MFSA 2014-43/CVE-2014-1530
Cross-site scripting (XSS) using history navigations
* MFSA 2014-44/CVE-2014-1531
Use-after-free in imgLoader while resizing images
* MFSA 2014-46/CVE-2014-1532
Use-after-free in nsHostResolver
Mozilla NSS has been updated to version 3.16
* required for Firefox 29
* CVE-2014-1492_ In a wildcard certificate, the wildcard character
should not be embedded within the U-label of an internationalized
domain name. See the last bullet point in RFC 6125, Section 7.2.
* Update of root certificates.
Security Issue references:
* CVE-2014-1532
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1532>
* CVE-2014-1531
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1531>
* CVE-2014-1530
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1530>
* CVE-2014-1529
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1529>
* CVE-2014-1524
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1524>
* CVE-2014-1523
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1523>
* CVE-2014-1520
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1520>
* CVE-2014-1518
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1518>
SUSE bug 865539SUSE bug 869827SUSE bug 875378SUSE bug 875803CVE-2014-1492 at SUSECVE-2014-1492 at NVDCVE-2014-1518 at SUSECVE-2014-1518 at NVDCVE-2014-1520 at SUSECVE-2014-1520 at NVDCVE-2014-1523 at SUSECVE-2014-1523 at NVDCVE-2014-1524 at SUSECVE-2014-1524 at NVDCVE-2014-1529 at SUSECVE-2014-1529 at NVDCVE-2014-1530 at SUSECVE-2014-1530 at NVDCVE-2014-1531 at SUSECVE-2014-1531 at NVDCVE-2014-1532 at SUSECVE-2014-1532 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla Firefox was updated to 31.6.0 ESR to fix five security issues:
* Miscellaneous memory safety hazards (MFSA
2015-30/CVE-2015-0814/CVE-2015-0815)
* Use-after-free when using the Fluendo MP3 GStreamer plugin (MFSA
2015-31/CVE-2015-0813)
* resource:// documents can load privileged pages (MFSA
2015-33/CVE-2015-0816)
* CORS requests should not follow 30x redirections after preflight
(MFSA 2015-37/CVE-2015-0807)
* Same-origin bypass through anchor navigation (MFSA
2015-40/CVE-2015-0801)
Security Issues:
* CVE-2015-0801
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0801>
* CVE-2015-0807
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0807>
* CVE-2015-0813
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0813>
* CVE-2015-0814
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0814>
* CVE-2015-0816
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0816>
SUSE bug 925368CVE-2015-0801 at SUSECVE-2015-0801 at NVDCVE-2015-0807 at SUSECVE-2015-0807 at NVDCVE-2015-0813 at SUSECVE-2015-0813 at NVDCVE-2015-0814 at SUSECVE-2015-0814 at NVDCVE-2015-0816 at SUSECVE-2015-0816 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
MozillaFirefox, mozilla-nspr and mozilla-nss were updated to fix 17 security issues.
For more details please check the changelogs.
These security issues were fixed:
- CVE-2015-2724/CVE-2015-2725/CVE-2015-2726: Miscellaneous memory safety hazards (bsc#935979).
- CVE-2015-2728: Type confusion in Indexed Database Manager (bsc#935979).
- CVE-2015-2730: ECDSA signature validation fails to handle some signatures correctly (bsc#935979).
- CVE-2015-2722/CVE-2015-2733: Use-after-free in workers while using XMLHttpRequest (bsc#935979).
- CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737/CVE-2015-2738/CVE-2015-2739/CVE-2015-2740: Vulnerabilities found through code inspection (bsc#935979).
- CVE-2015-2743: Privilege escalation in PDF.js (bsc#935979).
- CVE-2015-4000: NSS accepts export-length DHE keys with regular DHE cipher suites (bsc#935033).
- CVE-2015-2721: NSS incorrectly permits skipping of ServerKeyExchange (bsc#935979).
This non-security issue was fixed:
- bsc#908275: Firefox did not print in landscape orientation.
ImportantSUSE bug 908275SUSE bug 935033SUSE bug 935979CVE-2015-2721 at SUSECVE-2015-2721 at NVDCVE-2015-2722 at SUSECVE-2015-2722 at NVDCVE-2015-2724 at SUSECVE-2015-2724 at NVDCVE-2015-2725 at SUSECVE-2015-2725 at NVDCVE-2015-2726 at SUSECVE-2015-2726 at NVDCVE-2015-2728 at SUSECVE-2015-2728 at NVDCVE-2015-2730 at SUSECVE-2015-2730 at NVDCVE-2015-2733 at SUSECVE-2015-2733 at NVDCVE-2015-2734 at SUSECVE-2015-2734 at NVDCVE-2015-2735 at SUSECVE-2015-2735 at NVDCVE-2015-2736 at SUSECVE-2015-2736 at NVDCVE-2015-2737 at SUSECVE-2015-2737 at NVDCVE-2015-2738 at SUSECVE-2015-2738 at NVDCVE-2015-2739 at SUSECVE-2015-2739 at NVDCVE-2015-2740 at SUSECVE-2015-2740 at NVDCVE-2015-2743 at SUSECVE-2015-2743 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox, rust-cbindgen (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox, rust-cbindgen fixes the following issues:
MozillaFirefox was updated to Extended Support Release 91.2.0 ESR
* Fixed: Various stability, functionality, and security fixes
MFSA 2021-45 (bsc#1191332)
* CVE-2021-38496: Use-after-free in MessageTask
* CVE-2021-38497: Validation message could have been overlaid on another origin
* CVE-2021-38498: Use-after-free of nsLanguageAtomService object
* CVE-2021-32810: Data race in crossbeam-deque
* CVE-2021-38500: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2
* CVE-2021-38501: Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2
- Fixed crash in FIPS mode (bsc#1190710)
Firefox Extended Support Release 91.1.0 ESR
* Fixed: Various stability, functionality, and security fixes
MFSA 2021-40 (bsc#1190269, bsc#1190274)
* CVE-2021-38492: Navigating to `mk:` URL scheme could load Internet Explorer
* CVE-2021-38495: Memory safety bugs fixed in Firefox 92 and Firefox ESR 91.1
Firefox 91.0.1esr ESR
* Fixed: Fixed an issue causing buttons on the tab bar to be
resized when loading certain websites (bug 1704404)
(bmo#1704404)
* Fixed: Fixed an issue which caused tabs from private windows
to be visible in non-private windows when viewing switch-to-
tab results in the address bar panel (bug 1720369)
(bmo#1720369)
* Fixed: Various stability fixes
* Fixed: Security fix
MFSA 2021-37 (bsc#1189547)
* CVE-2021-29991 (bmo#1724896)
Header Splitting possible with HTTP/3 Responses
Firefox Extended Support Release 91.0 ESR
* New: Some of the highlights of the new Extended Support
Release are:
- A number of user interface changes. For more information,
see the Firefox 89 release notes.
- Firefox now supports logging into Microsoft, work, and
school accounts using Windows single sign-on. Learn more
- On Windows, updates can now be applied in the background
while Firefox is not running.
- Firefox for Windows now offers a new page about:third-party
to help identify compatibility issues caused by third-party
applications
- Version 2 of Firefox's SmartBlock feature further improves
private browsing. Third party Facebook scripts are blocked to
prevent you from being tracked, but are now automatically
loaded 'just in time' if you decide to 'Log in with Facebook'
on any website.
- Enhanced the privacy of the Firefox Browser's Private
Browsing mode with Total Cookie Protection, which confines
cookies to the site where they were created, preventing
companis from using cookies to track your browsing across
sites. This feature was originally launched in Firefox's ETP
Strict mode.
- PDF forms now support JavaScript embedded in PDF files.
Some PDF forms use JavaScript for validation and other
interactive features.
- You'll encounter less website breakage in Private Browsing
and Strict Enhanced Tracking Protection with SmartBlock,
which provides stand-in scripts so that websites load
properly.
- Improved Print functionality with a cleaner design and
better integration with your computer's printer settings.
- Firefox now protects you from supercookies, a type of
tracker that can stay hidden in your browser and track you
online, even after you clear cookies. By isolating
supercookies, Firefox prevents them from tracking your web
browsing from one site to the next.
- Firefox now remembers your preferred location for saved
bookmarks, displays the bookmarks toolbar by default on new
tabs, and gives you easy access to all of your bookmarks via
a toolbar folder.
- Native support for macOS devices built with Apple Silicon
CPUs brings dramatic performance improvements over the non-
native build that was shipped in Firefox 83: Firefox launches
over 2.5 times faster and web apps are now twice as
responsive (per the SpeedoMeter 2.0 test). If you are on a
new Apple device, follow these steps to upgrade to the latest
Firefox.
- Pinch zooming will now be supported for our users with
Windows touchscreen devices and touchpads on Mac devices.
Firefox users may now use pinch to zoom on touch-capable
devices to zoom in and out of webpages.
- We’ve improved functionality and design for a number of
Firefox search features:
* Selecting a search engine at the bottom of the search
panel now enters search mode for that engine, allowing you to
see suggestions (if available) for your search terms. The old
behavior (immediately performing a search) is available with
a shift-click.
* When Firefox autocompletes the URL of one of your search
engines, you can now search with that engine directly in the
address bar by selecting the shortcut in the address bar
results.
* We’ve added buttons at the bottom of the search panel to
allow you to search your bookmarks, open tabs, and history.
- Firefox supports AcroForm, which will allow you to fill in,
print, and save supported PDF forms and the PDF viewer also
has a new fresh look.
- For our users in the US and Canada, Firefox can now save,
manage, and auto-fill credit card information for you, making
shopping on Firefox ever more convenient.
- In addition to our default, dark and light themes, with
this release, Firefox introduces the Alpenglow theme: a
colorful appearance for buttons, menus, and windows. You can
update your Firefox themes under settings or preferences.
* Changed: Firefox no longer supports Adobe Flash. There is no
setting available to re-enable Flash support.
* Enterprise: Various bug fixes and new policies have been
implemented in the latest version of Firefox. See more
details in the Firefox for Enterprise 91 Release Notes.
MFSA 2021-33 (bsc#1188891)
* CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption
* CVE-2021-29981: Live range splitting could have led to conflicting assignments in the JIT
* CVE-2021-29988: Memory corruption as a result of incorrect style treatment
* CVE-2021-29983: Firefox for Android could get stuck in fullscreen mode
* CVE-2021-29984: Incorrect instruction reordering during JIT optimization
* CVE-2021-29980: Uninitialized memory in a canvas object could have led to memory corruption
* CVE-2021-29987: Users could have been tricked into accepting unwanted permissions on Linux
* CVE-2021-29985: Use-after-free media channels
* CVE-2021-29982: Single bit data leak due to incorrect JIT optimization and type confusion
* CVE-2021-29989: Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13
* CVE-2021-29990: Memory safety bugs fixed in Firefox 91
rust-cbindgen was updated to 0.19.0.
ImportantSUSE bug 1188891SUSE bug 1189547SUSE bug 1190269SUSE bug 1190274SUSE bug 1190710SUSE bug 1191332CVE-2021-29980 at SUSECVE-2021-29980 at NVDCVE-2021-29981 at SUSECVE-2021-29981 at NVDCVE-2021-29982 at SUSECVE-2021-29982 at NVDCVE-2021-29983 at SUSECVE-2021-29983 at NVDCVE-2021-29984 at SUSECVE-2021-29984 at NVDCVE-2021-29985 at SUSECVE-2021-29985 at NVDCVE-2021-29986 at SUSECVE-2021-29986 at NVDCVE-2021-29987 at SUSECVE-2021-29987 at NVDCVE-2021-29988 at SUSECVE-2021-29988 at NVDCVE-2021-29989 at SUSECVE-2021-29989 at NVDCVE-2021-29990 at SUSECVE-2021-29990 at NVDCVE-2021-29991 at SUSECVE-2021-29991 at NVDCVE-2021-32810 at SUSECVE-2021-32810 at NVDCVE-2021-38492 at SUSECVE-2021-38492 at NVDCVE-2021-38495 at SUSECVE-2021-38495 at NVDCVE-2021-38496 at SUSECVE-2021-38496 at NVDCVE-2021-38497 at SUSECVE-2021-38497 at NVDCVE-2021-38498 at SUSECVE-2021-38498 at NVDCVE-2021-38500 at SUSECVE-2021-38500 at NVDCVE-2021-38501 at SUSECVE-2021-38501 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for NetworkManagerSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
NetworkManager did not pin a certificate's subject to an ESSID. A rogue
access point could therefore be used to conduct MITM attacks by using any
other valid certificate issued by same CA as used in the original network
(CVE-2006-7246). This has been fixed.
Please note that existing WPA2 Enterprise connections need to be deleted
and re-created to take advantage of the new security checks.
Security Issue reference:
* CVE-2006-7246
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7246>
SUSE bug 574266SUSE bug 628607SUSE bug 686093SUSE bug 694218CVE-2006-7246 at SUSECVE-2006-7246 at NVDCVE-2010-1172 at SUSECVE-2010-1172 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for NetworkManager-gnomeSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
NetworkManager did not pin a certificate's subject to an ESSID. A rogue
access point could therefore be used to conduct MITM attacks by using any
other valid certificate issued by same CA as used in the original network
(CVE-2006-7246).
Please note that existing WPA2 Enterprise connections need to be deleted
and re-created to take advantage of the new security checks.
This is a re-release of the previous update to also enable the checks for
EAP-TLS.
SUSE bug 574266SUSE bug 732700CVE-2006-7246 at SUSECVE-2006-7246 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for NetworkManager-kde4 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This NetworkManager-kde4 update fixes the following security and non security issues:
- Fixed a long standing security issue. This makes knetworkmanager probe the RADIUS server for a CA certificate subject and hash if no CA certificate is specified. knetworkmanager then stores this data and send it to NetworkManager for it to do a network validation in the absence of a real certificate (bsc#726349)
- Disabled the loading by default of the NetworkManager plasma applet since it doesn't work.
- Fixed a crash due to the use of an uninitialized variable in the plasma applet in case someone runs it manually (bsc#663413)
ModerateSUSE bug 663413SUSE bug 726349cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for OpenEXR (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for OpenEXR fixes the following issues:
* CVE-2017-9110: In OpenEXR, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash. (bsc#1040107)
* CVE-2017-9114: In OpenEXR, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash. (bsc#1040114)
* CVE-2017-12596: In OpenEXR, a crafted image causes a heap-based buffer over-read in the hufDecode function in IlmImf/ImfHuf.cpp during exrmaketiled execution; it could have resulted in denial of service or possibly unspecified other impact. (bsc#1052522)
ModerateSUSE bug 1040107SUSE bug 1040114SUSE bug 1052522CVE-2017-12596 at SUSECVE-2017-12596 at NVDCVE-2017-9110 at SUSECVE-2017-9110 at NVDCVE-2017-9114 at SUSECVE-2017-9114 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for OpenEXR (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for OpenEXR fixes the following issues:
Security issues fixed:
- CVE-2017-9111: Fixed an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h (bsc#1040109).
- CVE-2017-9113: Fixed an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp (bsc#1040113).
- CVE-2017-9115: Fixed an invalid write of size 2 in the = operator function inhalf.h (bsc#1040115).
- CVE-2017-9112: Fixed invalid read of size 1 in the getBits function in ImfHuf.cpp. (This was already fixed by the previous update bug not referenced.) (bsc#1040112)
ModerateSUSE bug 1040109SUSE bug 1040112SUSE bug 1040113SUSE bug 1040115CVE-2017-9111 at SUSECVE-2017-9111 at NVDCVE-2017-9112 at SUSECVE-2017-9112 at NVDCVE-2017-9113 at SUSECVE-2017-9113 at NVDCVE-2017-9115 at SUSECVE-2017-9115 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for OpenEXR (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for OpenEXR fixes the following issues:
- CVE-2017-14988: Fixed a denial of service in Header::readfrom() (bsc#1061305).
ModerateSUSE bug 1061305CVE-2017-9110 at SUSECVE-2017-9110 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for OpenEXR (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for OpenEXR fixes the following issues:
- CVE-2020-11764: Fixed an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp (bsc#1169574).
- CVE-2020-11763: Fixed an out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp (bsc#1169576).
- CVE-2020-11761: Fixed an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder:refill in ImfFastHuf.cpp (bsc#1169578).
ModerateSUSE bug 1169574SUSE bug 1169576SUSE bug 1169578CVE-2020-11761 at SUSECVE-2020-11761 at NVDCVE-2020-11763 at SUSECVE-2020-11763 at NVDCVE-2020-11764 at SUSECVE-2020-11764 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for OpenEXR (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for OpenEXR fixes the following issues:
Security issues fixed:
- CVE-2020-16588: Fixed a null pointer deference in generatePreview (bsc#1179879).
- CVE-2020-16589: Fixed a heap-based buffer overflow in writeTileData in ImfTiledOutputFile.cpp (bsc#1179879).
ModerateSUSE bug 1179879CVE-2020-16588 at SUSECVE-2020-16588 at NVDCVE-2020-16589 at SUSECVE-2020-16589 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for OpenEXR (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for OpenEXR fixes the following issues:
- CVE-2021-3475: Integer-overflow in Imf_2_5::calculateNumTiles (bsc#1184173)
- CVE-2021-3476: Undefined-shift in Imf_2_5::unpack14 (bsc#1184172)
ModerateSUSE bug 1184172SUSE bug 1184173CVE-2021-3475 at SUSECVE-2021-3475 at NVDCVE-2021-3476 at SUSECVE-2021-3476 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for OpenEXR (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for OpenEXR fixes the following issues:
- Fixed CVE-2021-3479 [bsc#1184354]: Out-of-memory caused by allocation of a very large buffer
- Fixed CVE-2021-3605 [bsc#1187395]: Heap buffer overflow in the rleUncompress function
ImportantSUSE bug 1184354SUSE bug 1187395CVE-2021-3479 at SUSECVE-2021-3479 at NVDCVE-2021-3605 at SUSECVE-2021-3605 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for OpenEXR (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for OpenEXR fixes the following issues:
- CVE-2021-20298: Fixed out-of-memory in B44Compressor (bsc#1188460).
- CVE-2021-20300: Fixed integer-overflow in Imf_2_5:hufUncompress (bsc#1188458).
- CVE-2021-20303: Fixed heap-buffer-overflow in Imf_2_5::copyIntoFrameBuffe (bsc#1188457).
- CVE-2021-20304: Fixed undefined-shift in Imf_2_5:hufDecode (bsc#1188461).
- CVE-2021-3941: Fixed divide-by-zero in Imf_3_1:RGBtoXYZ (bsc#1192556).
ModerateSUSE bug 1188457SUSE bug 1188458SUSE bug 1188460SUSE bug 1188461SUSE bug 1192556CVE-2021-20298 at SUSECVE-2021-20298 at NVDCVE-2021-20300 at SUSECVE-2021-20300 at NVDCVE-2021-20303 at SUSECVE-2021-20303 at NVDCVE-2021-20304 at SUSECVE-2021-20304 at NVDCVE-2021-3941 at SUSECVE-2021-3941 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for OpenOffice_orgSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of OpenOffice_org fixes the following security issue:
* Arbitrary macros written in Python can be executed by bypassing macro
security permissions. CVE-2010-0395
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0395>
It also provides the maintenance update to OpenOffice.org-3.2.1. Details
about all upstream changes can be found at
http://development.openoffice.org/releases/3.2.1.html
<http://development.openoffice.org/releases/3.2.1.html> .
For further SUSE Linux Enterprise specific fixes please refer to the
changelog of the OpenOffice_org RPM package.
SUSE bug 607095CVE-2010-0395 at SUSECVE-2010-0395 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for SDL (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for SDL fixes the following issues:
Security issues fixed:
- CVE-2019-7572: Fixed a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.(bsc#1124806).
- CVE-2019-7578: Fixed a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c (bsc#1125099).
- CVE-2019-7576: Fixed heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124799).
- CVE-2019-7573: Fixed a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124805).
- CVE-2019-7635: Fixed a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c. (bsc#1124827).
- CVE-2019-7636: Fixed a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c (bsc#1124826).
- CVE-2019-7638: Fixed a heap-based buffer over-read in Map1toN in video/SDL_pixels.c (bsc#1124824).
- CVE-2019-7574: Fixed a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c (bsc#1124803).
- CVE-2019-7575: Fixed a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c (bsc#1124802).
- CVE-2019-7637: Fixed a heap-based buffer overflow in SDL_FillRect function in SDL_surface.c (bsc#1124825).
- CVE-2019-7577: Fixed a buffer over read in SDL_LoadWAV_RW in audio/SDL_wave.c (bsc#1124800).
ModerateSUSE bug 1124799SUSE bug 1124800SUSE bug 1124802SUSE bug 1124803SUSE bug 1124805SUSE bug 1124806SUSE bug 1124824SUSE bug 1124825SUSE bug 1124826SUSE bug 1124827SUSE bug 1125099CVE-2019-7572 at SUSECVE-2019-7572 at NVDCVE-2019-7573 at SUSECVE-2019-7573 at NVDCVE-2019-7574 at SUSECVE-2019-7574 at NVDCVE-2019-7575 at SUSECVE-2019-7575 at NVDCVE-2019-7576 at SUSECVE-2019-7576 at NVDCVE-2019-7577 at SUSECVE-2019-7577 at NVDCVE-2019-7578 at SUSECVE-2019-7578 at NVDCVE-2019-7635 at SUSECVE-2019-7635 at NVDCVE-2019-7636 at SUSECVE-2019-7636 at NVDCVE-2019-7637 at SUSECVE-2019-7637 at NVDCVE-2019-7638 at SUSECVE-2019-7638 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for SDL (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for SDL fixes the following issues:
Secuirty issue fixed:
- CVE-2019-13616: Fixed heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit (bsc#1141844).
ModerateSUSE bug 1141844CVE-2019-13616 at SUSECVE-2019-13616 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for SDL (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for SDL fixes the following issues:
- CVE-2020-14410: Fixed a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c (bsc#1181201).
- CVE-2019-7637: Fixed a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c (bsc#1124825).
- CVE-2021-33657: Fix a buffer overflow when parsing a crafted BMP image (bsc#1198001).
- CVE-2020-14409: Fixed an integer overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c (bsc#1181202).
ImportantSUSE bug 1124825SUSE bug 1181201SUSE bug 1181202SUSE bug 1198001CVE-2019-7637 at SUSECVE-2019-7637 at NVDCVE-2020-14409 at SUSECVE-2020-14409 at NVDCVE-2020-14410 at SUSECVE-2020-14410 at NVDCVE-2021-33657 at SUSECVE-2021-33657 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for SuSEfirewall2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for SuSEfirewall2 fixes the following issues:
- CVE-2017-15638: Fixed a security issue with too open implicit portmapper rules
(bsc#1064127): A source net restriction for _rpc_ services
was not taken into account for the implicitly added rules for port 111,
making the portmap service accessible to everyone in the affected zone.
ModerateSUSE bug 1064127CVE-2017-15638 at SUSECVE-2017-15638 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for a2psSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The text to postscript converter a2ps received a security update.
The fixps script did not call ghostscript with the -DSAFER option, allowing
command execution by attacker supplied postscript files.
Security Issue reference:
* CVE-2014-0466
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0466>
SUSE bug 725806SUSE bug 871097CVE-2014-0466 at SUSECVE-2014-0466 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for aaa_baseSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update to aaa_base resolves the following issues:
* The file system type of /dev was incorrectly listed as 'devtmpfs' in
/etc/mtab
* NIS/YP domain name is set as FQDN hostname
SUSE bug 622203SUSE bug 624052SUSE bug 631916SUSE bug 641150SUSE bug 650719SUSE bug 653034SUSE bug 661596SUSE bug 665479SUSE bug 696964SUSE bug 710119SUSE bug 752298SUSE bug 762535CVE-2011-0461 at SUSECVE-2011-0461 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for adns (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for adns fixes the following issues:
- CVE-2017-9103,CVE-2017-9104,CVE-2017-9105,CVE-2017-9109: Fixed an issue in local recursive resolver
which could have led to remote code execution (bsc#1172265).
- CVE-2017-9106: Fixed an issue with upstream DNS data sources which could have led to denial of
service (bsc#1172265).
- CVE-2017-9107: Fixed an issue when quering domain names which could have led to denial of service (bsc#1172265).
- CVE-2017-9108: Fixed an issue which could have led to denial of service (bsc#1172265).
ImportantSUSE bug 1172265CVE-2017-9103 at SUSECVE-2017-9103 at NVDCVE-2017-9104 at SUSECVE-2017-9104 at NVDCVE-2017-9105 at SUSECVE-2017-9105 at NVDCVE-2017-9106 at SUSECVE-2017-9106 at NVDCVE-2017-9107 at SUSECVE-2017-9107 at NVDCVE-2017-9108 at SUSECVE-2017-9108 at NVDCVE-2017-9109 at SUSECVE-2017-9109 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for aide (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for aide fixes the following issues:
- CVE-2021-45417: Fix a bufferoverflow in base64 functions (bsc#1194735)
ImportantSUSE bug 1194735CVE-2021-45417 at SUSECVE-2021-45417 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for amanda (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for amanda fixes the following issues:
Security issue fixed:
- CVE-2016-10729: Fixed a local privilege escalation from amanda to root via unsafe tar command options (bsc#1112916).
ModerateSUSE bug 1112916CVE-2016-10729 at SUSECVE-2016-10729 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ant (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ant fixes the following security issue:
- CVE-2018-10886: Prevent arbitrary file write with specially crafted zip files
(bsc#1100053).
ModerateSUSE bug 1100053CVE-2018-10886 at SUSECVE-2018-10886 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Apache Web ServerSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update for the Apache Web Server provides the following fixes:
* Fixed a heap-based buffer overflow on apache module mod_status.
(bnc#887765, CVE-2014-0226)
* Properly remove whitespace characters from CDATA sections to avoid
remote denial of service by crashing the Apache Server process.
(bnc#869105, CVE-2013-6438)
* Correction to parsing of cookie content; this can lead to a crash
with a specially designed cookie sent to the server. (bnc#869106,
CVE-2014-0098)
* ECC support should not be missing. (bnc#859916)
This update also introduces a new configuration parameter
CGIDScriptTimeout, which defaults to the value of parameter Timeout.
CGIDScriptTimeout is set to 60s if mod_cgid is loaded/active, via
/etc/apache2/conf.d/cgid-timeout.conf. The new directive and its effect
prevent request workers to be eaten until starvation if cgi programs do not
send output back to the server within the timeout set by CGIDScriptTimeout.
(bnc#887768, CVE-2014-0231)
Security Issues references:
* CVE-2014-0226
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226>
* CVE-2013-6438
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438>
* CVE-2014-0098
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098>
* CVE-2014-0231
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231>
SUSE bug 627030SUSE bug 670027SUSE bug 688472SUSE bug 690734SUSE bug 693479SUSE bug 696251SUSE bug 713966SUSE bug 713970SUSE bug 719236SUSE bug 722545SUSE bug 727071SUSE bug 728533SUSE bug 728876SUSE bug 729181SUSE bug 757710SUSE bug 774045SUSE bug 777260SUSE bug 782956SUSE bug 788121SUSE bug 791794SUSE bug 793004SUSE bug 798733SUSE bug 806458SUSE bug 807152SUSE bug 815621SUSE bug 829056SUSE bug 829057SUSE bug 844212SUSE bug 852401SUSE bug 859916SUSE bug 869105SUSE bug 869106SUSE bug 871310SUSE bug 887765SUSE bug 887768SUSE bug 899836SUSE bug 904427SUSE bug 907339SUSE bug 907477CVE-2003-1418 at SUSECVE-2003-1418 at NVDCVE-2010-1452 at SUSECVE-2010-1452 at NVDCVE-2011-1473 at SUSECVE-2011-1473 at NVDCVE-2011-3192 at SUSECVE-2011-3192 at NVDCVE-2011-3368 at SUSECVE-2011-3368 at NVDCVE-2011-3607 at SUSECVE-2011-3607 at NVDCVE-2011-3639 at SUSECVE-2011-3639 at NVDCVE-2011-4317 at SUSECVE-2011-4317 at NVDCVE-2012-0021 at SUSECVE-2012-0021 at NVDCVE-2012-0883 at SUSECVE-2012-0883 at NVDCVE-2012-2687 at SUSECVE-2012-2687 at NVDCVE-2012-3499 at SUSECVE-2012-3499 at NVDCVE-2012-4557 at SUSECVE-2012-4557 at NVDCVE-2012-4558 at SUSECVE-2012-4558 at NVDCVE-2013-1862 at SUSECVE-2013-1862 at NVDCVE-2013-1896 at SUSECVE-2013-1896 at NVDCVE-2013-5704 at SUSECVE-2013-5704 at NVDCVE-2013-6438 at SUSECVE-2013-6438 at NVDCVE-2014-0098 at SUSECVE-2014-0098 at NVDCVE-2014-0226 at SUSECVE-2014-0226 at NVDCVE-2014-0231 at SUSECVE-2014-0231 at NVDCVE-2014-3581 at SUSECVE-2014-3581 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Apache was updated to fix one security vulnerability and two bugs.
Following security issue was fixed.
- Fix the chunked transfer coding implementation in the Apache (bsc#938728, CVE-2015-3183)
Bugs fixed:
- add SSLSessionTickets directive (bsc#941676)
- hardcode modules %files (bsc#444878)
- only enable the port 443 for TCP protocol, not UDP. (bsc#931002)
ModerateSUSE bug 444878SUSE bug 931002SUSE bug 938728SUSE bug 941676CVE-2015-3183 at SUSECVE-2015-3183 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for apache2 fixes the following issues:
* It used to be possible to set an arbitrary $HTTP_PROXY environment variable
for request handlers -- like CGI scripts -- by including a specially crafted
HTTP header in the request (CVE-2016-5387). As a result, these server
components would potentially direct all their outgoing HTTP traffic through a
malicious proxy server. This patch fixes the issue: the updated Apache server
ignores such HTTP headers and never sets $HTTP_PROXY for sub-processes
(unless a value has been explicitly configured by the administrator in the
configuration file). (bsc#988488)
ModerateSUSE bug 988488CVE-2016-5387 at SUSECVE-2016-5387 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for apache2 fixes the following issues:
Security issues fixed:
- CVE-2016-2161: Malicious input to mod_auth_digest could have caused the server to crash,
resulting in DoS (bsc#1016714).
- CVE-2016-8743: Added new directive 'HttpProtocolOptions Strict' to avoid proxy chain
misinterpretation (bsc#1016715).
ModerateSUSE bug 1016714SUSE bug 1016715CVE-2016-2161 at SUSECVE-2016-2161 at NVDCVE-2016-8743 at SUSECVE-2016-8743 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update provides apache2 2.2.34, which brings many fixes and enhancements:
Security issues fixed:
- CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest. (bsc#1048576)
Bug fixes:
- Remove /usr/bin/http2 link only during package uninstall, not upgrade. (bsc#1041830)
- Don't put the backend in error state (by default) when 500/503 error code is overridden. (bsc#951692)
- Allow single-char field names inadvertently disallowed in 2.2.32.
ModerateSUSE bug 1041830SUSE bug 1048576SUSE bug 951692CVE-2017-9788 at SUSECVE-2017-9788 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for apache2 fixes the following issues:
- Allow disabling SNI on proxy connections using 'SetEnv proxy-disable-sni 1' in the configuration files. (bsc#1052830)
- Allow ECDH again in mod_ssl, it had been incorrectly disabled with the 2.2.34 update. (bsc#1064561)
Following security issue has been fixed:
- CVE-2017-9798: A use-after-free in the OPTIONS command could be used by attackers to disclose memory of the apache server process, when htaccess uses incorrect Limit statement. (bsc#1058058)
Additionally, references to the following security issues, fixed by the previous version-update of apache2
to Apache HTTPD 2.2.34 have been added:
- CVE-2017-7668: The HTTP strict parsing introduced a bug in token list parsing, which allowed ap_find_token() to
search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may
have be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value. (bsc#1045061)
- CVE-2017-3169: mod_ssl may have de-referenced a NULL pointer when third-party modules call
ap_hook_process_connection() during an HTTP request to an HTTPS port allowing for DoS. (bsc#1045062)
- CVE-2017-3167: Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may have
lead to authentication requirements being bypassed. (bsc#1045065)
- CVE-2017-7679: mod_mime could have read one byte past the end of a buffer when sending a malicious Content-Type
response header. (bsc#1045060)
ModerateSUSE bug 1045060SUSE bug 1045061SUSE bug 1045062SUSE bug 1045065SUSE bug 1052830SUSE bug 1058058SUSE bug 1064561CVE-2009-2699 at SUSECVE-2009-2699 at NVDCVE-2010-0425 at SUSECVE-2010-0425 at NVDCVE-2012-0021 at SUSECVE-2012-0021 at NVDCVE-2014-0118 at SUSECVE-2014-0118 at NVDCVE-2017-3167 at SUSECVE-2017-3167 at NVDCVE-2017-3169 at SUSECVE-2017-3169 at NVDCVE-2017-7668 at SUSECVE-2017-7668 at NVDCVE-2017-7679 at SUSECVE-2017-7679 at NVDCVE-2017-9798 at SUSECVE-2017-9798 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for apache2 fixes the following issues:
- security update:
* CVE-2018-1301: Specially crafted requests, in debug mode, could lead to denial of service. [bsc#1086817]
* CVE-2017-15710: failure in the language fallback handling could lead to denial of service. [bsc#1086776]
* CVE-2018-1312: Seed wrongly generated could lead to replay attack in cluster environments. [bsc#1086775]
ModerateSUSE bug 1086775SUSE bug 1086776SUSE bug 1086817CVE-2017-15710 at SUSECVE-2017-15710 at NVDCVE-2018-1301 at SUSECVE-2018-1301 at NVDCVE-2018-1312 at SUSECVE-2018-1312 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for apache2 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for apache2 fixes the following issues:
* CVE-2019-0220: The Apache HTTP server did not use a consistent strategy for
URL normalization throughout all of its components. In particular,
consecutive slashes were not always collapsed. Attackers could potentially
abuse these inconsistencies to by-pass access control mechanisms and thus
gain unauthorized access to protected parts of the service. [bsc#1131241]
* CVE-2019-0217: A race condition in Apache's 'mod_auth_digest' when running in
a threaded server could have allowed users with valid credentials to
authenticate using another username, bypassing configured access control
restrictions. [bsc#1131239]
ImportantSUSE bug 1131239SUSE bug 1131241CVE-2019-0217 at SUSECVE-2019-0217 at NVDCVE-2019-0220 at SUSECVE-2019-0220 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for apache2 fixes the following issues:
Security issues fixed:
- CVE-2019-10092: Fixed limited cross-site scripting in mod_proxy (bsc#1145740).
- CVE-2019-10098: Fixed mod_rewrite configuration vulnerablility to open redirect (bsc#1145738).
ModerateSUSE bug 1145738SUSE bug 1145740CVE-2019-10092 at SUSECVE-2019-10092 at NVDCVE-2019-10098 at SUSECVE-2019-10098 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for apache2 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for apache2 fixes the following issues:
- CVE-2020-1934: mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server (bsc#1168404).
- CVE-2020-1938: mod_proxy_ajp: Add 'secret' parameter to proxy workers to implement legacy AJP13 authentication (bsc#1169066).
ImportantSUSE bug 1168404SUSE bug 1169066CVE-2020-1934 at SUSECVE-2020-1934 at NVDCVE-2020-1938 at SUSECVE-2020-1938 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for apache2 fixes the following issues:
- Fixed potential content spoofing with default error pages(bsc#118270)
ModerateSUSE bug 1145740SUSE bug 1182703CVE-2019-10092 at SUSECVE-2019-10092 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for apache2 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for apache2 fixes the following issues:
- fixed CVE-2021-30641 [bsc#1187174]: MergeSlashes regression
- fixed CVE-2020-35452 [bsc#1186922]: Single zero byte stack overflow in mod_auth_digest
ImportantSUSE bug 1186922SUSE bug 1187174CVE-2020-35452 at SUSECVE-2020-35452 at NVDCVE-2021-30641 at SUSECVE-2021-30641 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for apache2 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for apache2 fixes the following issues:
- CVE-2021-39275: Fixed an out-of-bounds write in ap_escape_quotes() via malicious input. (bsc#1190666)
ImportantSUSE bug 1190666CVE-2021-39275 at SUSECVE-2021-39275 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for apache2 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for apache2 fixes the following issues:
- CVE-2022-22720: HTTP request smuggling due to incorrect error handling (bsc#1197095).
- CVE-2022-22721: possible buffer overflow with very large or unlimited LimitXMLRequestBody (bsc#1197096).
ImportantSUSE bug 1197095SUSE bug 1197096CVE-2022-22720 at SUSECVE-2022-22720 at NVDCVE-2022-22721 at SUSECVE-2022-22721 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Apache2SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of apache2 and libapr1 fixes regressions and several security
problems.
* CVE-2012-0031: Fixed a scoreboard corruption (shared mem segment) by
child causes crash of privileged parent (invalid free()) during
shutdown.
* CVE-2012-0053: Fixed an issue in error responses that could expose
'httpOnly' cookies when no custom ErrorDocument is specified for
status code 400'.
* CVE-2007-6750: The 'mod_reqtimeout' module was backported from Apache
2.2.21 to help mitigate the 'Slowloris' Denial of Service attack.
You need to enable the 'mod_reqtimeout' module in your existing apache
configuration to make it effective, e.g. in the APACHE_MODULES line in
/etc/sysconfig/apache2.
For more detailed information, check also the README file.
Also the following bugs have been fixed:
* Fixed init script action 'check-reload' to avoid potential crashes.
bnc#728876
* An overlapping memcpy() was replaced by memmove() to make this work
with newer glibcs. bnc#738067 bnc#741874
* libapr1: reset errno to zero to not return previous value despite
good status of new operation. bnc#739783
Security Issue references:
* CVE-2007-6750
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6750>
* CVE-2012-0031
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031>
* CVE-2012-0053
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053>
SUSE bug 728876SUSE bug 738067SUSE bug 738855SUSE bug 739783SUSE bug 741243SUSE bug 741874SUSE bug 743743CVE-2007-6750 at SUSECVE-2007-6750 at NVDCVE-2012-0031 at SUSECVE-2012-0031 at NVDCVE-2012-0053 at SUSECVE-2012-0053 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for apache2-mod_jk (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for apache2-mod_jk fixes the following issues:
Security issues fixed:
- CVE-2018-11759: Fixed connector path traversal due to mishandled HTTP requests in httpd (bsc#1114612).
- CVE-2014-8111: Apache Tomcat Connectors (mod_jk) ignored JkUnmount rules for subtrees of previous JkMount rules, which allowed remote attackers to access otherwise restricted artifacts via unspecified vectors (bsc#927845).
ModerateSUSE bug 1114612SUSE bug 927845CVE-2014-8111 at SUSECVE-2014-8111 at NVDCVE-2018-11759 at SUSECVE-2018-11759 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for apache2-mod_nssSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update brings several improvements to apache2-mod_nss.
*
More TLS 1.2 ciphers have been added, including AES-GCM and Camelia
ciphers. These can be selected by their tags:
o rsa_aes_128_sha256
o rsa_aes_128_gcm_sha
o rsa_aes_256_sha256
o rsa_camellia_128_sha
o rsa_camellia_256_sha
o ecdh_ecdsa_aes_128_gcm_sha
o ecdhe_ecdsa_aes_128_sha256
o ecdhe_ecdsa_aes_128_gcm_sha
o ecdh_rsa_aes_128_gcm_sha
o ecdhe_rsa_aes_128_sha256
*
The mod_nss.conf.in template was updated to include those ciphers.
(bnc#863035)
*
VirtualHost settings in /etc/apache2/conf.d/mod_nss.conf is now
externalized to /etc/apache2/vhosts.d/vhost-nss.template and not
activated/read by default. (bnc#878681)
*
The Server Name Indication (SNI) extension was implemented.
*
Reading the pass phrase during start-up was improved. (bnc#863518)
SUSE bug 847216SUSE bug 853039SUSE bug 863035SUSE bug 863518SUSE bug 864929SUSE bug 878681SUSE bug 897712SUSE bug 902068CVE-2013-4566 at SUSECVE-2013-4566 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for apache2-mod_nss (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update provides apache2-mod_nss 1.0.14, which brings several fixes and
enhancements:
- SHA256 cipher names change spelling from *_sha256 to *_sha_256.
- Drop mod_nss_migrate.pl and use upstream migrate script instead.
- Check for Apache user owner/group read permissions of NSS database at startup.
- Update default ciphers to something more modern and secure.
- Check for host and netstat commands in gencert before trying to use them.
- Don't ignore NSSProtocol when NSSFIPS is enabled.
- Use proper shell syntax to avoid creating /0 in gencert.
- Add server support for DHE ciphers.
- Extract SAN from server/client certificates into env.
- Fix memory leaks and other coding issues caught by clang analyzer.
- Add support for Server Name Indication (SNI)
- Add support for SNI for reverse proxy connections.
- Add RenegBufferSize? option.
- Add support for TLS Session Tickets (RFC 5077).
- Implement a slew more OpenSSL cipher macros.
- Fix a number of illegal memory accesses and memory leaks.
- Support for SHA384 ciphers if they are available in the version of NSS mod_nss is built against.
- Add the SECURE_RENEG environment variable.
- Add some hints when NSS database cannot be initialized.
- Code cleanup including trailing whitespace and compiler warnings.
- Modernize autotools configuration slightly, add config.h.
- Add small test suite for SNI.
- Add compatibility for mod_ssl-style cipher definitions.
- Add Camelia ciphers.
- Remove Fortezza ciphers.
- Add TLSv1.2-specific ciphers.
- Initialize cipher list when re-negotiating handshake.
- Completely remove support for SSLv2.
- Add support for sqlite NSS databases.
- Compare subject CN and VS hostname during server start up.
- Add support for enabling TLS v1.2.
- Don't enable SSL 3 by default. (CVE-2014-3566)
- Improve protocol testing.
- Add nss_pcache man page.
- Fix argument handling in nss_pcache.
- Support httpd 2.4+.
- Allow users to configure a helper to ask for certificate passphrases via
NSSPassPhraseDialog. (bsc#975394)
ModerateSUSE bug 975394SUSE bug 979688CVE-2013-4566 at SUSECVE-2013-4566 at NVDCVE-2014-3566 at SUSECVE-2014-3566 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for apache2-mod_perl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for apache2-mod_perl fixes the following issues:
- CVE-2011-2767: Fixed a vulnerability which could have allowed
perl code execution in the context of user account (bsc#1156944).
ModerateSUSE bug 1156944CVE-2011-2767 at SUSECVE-2011-2767 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes the following vulnerabilities in php:
* Heap corruption issue in exif_thumbnail(). (CVE-2014-3670)
* Integer overflow in unserialize(). (CVE-2014-3669)
* Xmlrpc ISO8601 date format parsing out-of-bounds read in mkgmtime().
(CVE-2014-3668)
Security Issues:
* CVE-2014-3669
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669>
* CVE-2014-3670
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670>
* CVE-2014-3668
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668>
SUSE bug 588975SUSE bug 642291SUSE bug 649210SUSE bug 650700SUSE bug 655968SUSE bug 656523SUSE bug 662932SUSE bug 666512SUSE bug 669162SUSE bug 669188SUSE bug 669189SUSE bug 671710SUSE bug 677782SUSE bug 679278SUSE bug 681194SUSE bug 681210SUSE bug 681214SUSE bug 681291SUSE bug 695689SUSE bug 699711SUSE bug 709549SUSE bug 713652SUSE bug 728671SUSE bug 733590SUSE bug 735613SUSE bug 736169SUSE bug 738221SUSE bug 741520SUSE bug 741859SUSE bug 742273SUSE bug 742806SUSE bug 743308SUSE bug 744966SUSE bug 746661SUSE bug 749111SUSE bug 752030SUSE bug 753778SUSE bug 760536SUSE bug 761631SUSE bug 772580SUSE bug 772582SUSE bug 775852SUSE bug 778003SUSE bug 783239SUSE bug 807707SUSE bug 828020SUSE bug 829207SUSE bug 837746SUSE bug 854880SUSE bug 868624SUSE bug 882992SUSE bug 884992SUSE bug 885961SUSE bug 893849SUSE bug 893853SUSE bug 902357SUSE bug 902360SUSE bug 902368SUSE bug 910659SUSE bug 914690SUSE bug 922452SUSE bug 923946SUSE bug 924972SUSE bug 925109SUSE bug 931421SUSE bug 931772SUSE bug 931776SUSE bug 933227SUSE bug 935224SUSE bug 935226SUSE bug 935227SUSE bug 935232SUSE bug 935234SUSE bug 935274SUSE bug 935275CVE-2010-0397 at SUSECVE-2010-0397 at NVDCVE-2010-1866 at SUSECVE-2010-1866 at NVDCVE-2010-2094 at SUSECVE-2010-2094 at NVDCVE-2010-3710 at SUSECVE-2010-3710 at NVDCVE-2010-3870 at SUSECVE-2010-3870 at NVDCVE-2010-4150 at SUSECVE-2010-4150 at NVDCVE-2010-4645 at SUSECVE-2010-4645 at NVDCVE-2010-4697 at SUSECVE-2010-4697 at NVDCVE-2010-4698 at SUSECVE-2010-4698 at NVDCVE-2010-4699 at SUSECVE-2010-4699 at NVDCVE-2011-0421 at SUSECVE-2011-0421 at NVDCVE-2011-0708 at SUSECVE-2011-0708 at NVDCVE-2011-0752 at SUSECVE-2011-0752 at NVDCVE-2011-0753 at SUSECVE-2011-0753 at NVDCVE-2011-0755 at SUSECVE-2011-0755 at NVDCVE-2011-1072 at SUSECVE-2011-1072 at NVDCVE-2011-1092 at SUSECVE-2011-1092 at NVDCVE-2011-1148 at SUSECVE-2011-1148 at NVDCVE-2011-1398 at SUSECVE-2011-1398 at NVDCVE-2011-1464 at SUSECVE-2011-1464 at NVDCVE-2011-1466 at SUSECVE-2011-1466 at NVDCVE-2011-1467 at SUSECVE-2011-1467 at NVDCVE-2011-1468 at SUSECVE-2011-1468 at NVDCVE-2011-1469 at SUSECVE-2011-1469 at NVDCVE-2011-1470 at SUSECVE-2011-1470 at NVDCVE-2011-1471 at SUSECVE-2011-1471 at NVDCVE-2011-1938 at SUSECVE-2011-1938 at NVDCVE-2011-2202 at SUSECVE-2011-2202 at NVDCVE-2011-3182 at SUSECVE-2011-3182 at NVDCVE-2011-4153 at SUSECVE-2011-4153 at NVDCVE-2011-4388 at SUSECVE-2011-4388 at NVDCVE-2011-4566 at SUSECVE-2011-4566 at NVDCVE-2011-4885 at SUSECVE-2011-4885 at NVDCVE-2012-0057 at SUSECVE-2012-0057 at NVDCVE-2012-0781 at SUSECVE-2012-0781 at NVDCVE-2012-0788 at SUSECVE-2012-0788 at NVDCVE-2012-0789 at SUSECVE-2012-0789 at NVDCVE-2012-0807 at SUSECVE-2012-0807 at NVDCVE-2012-0830 at SUSECVE-2012-0830 at NVDCVE-2012-0831 at SUSECVE-2012-0831 at NVDCVE-2012-1172 at SUSECVE-2012-1172 at NVDCVE-2012-1823 at SUSECVE-2012-1823 at NVDCVE-2012-2311 at SUSECVE-2012-2311 at NVDCVE-2012-2335 at SUSECVE-2012-2335 at NVDCVE-2012-2336 at SUSECVE-2012-2336 at NVDCVE-2012-2688 at SUSECVE-2012-2688 at NVDCVE-2012-3365 at SUSECVE-2012-3365 at NVDCVE-2013-4113 at SUSECVE-2013-4113 at NVDCVE-2013-4248 at SUSECVE-2013-4248 at NVDCVE-2013-6420 at SUSECVE-2013-6420 at NVDCVE-2013-6712 at SUSECVE-2013-6712 at NVDCVE-2014-2497 at SUSECVE-2014-2497 at NVDCVE-2014-3515 at SUSECVE-2014-3515 at NVDCVE-2014-3668 at SUSECVE-2014-3668 at NVDCVE-2014-3669 at SUSECVE-2014-3669 at NVDCVE-2014-3670 at SUSECVE-2014-3670 at NVDCVE-2014-4049 at SUSECVE-2014-4049 at NVDCVE-2014-4721 at SUSECVE-2014-4721 at NVDCVE-2014-5459 at SUSECVE-2014-5459 at NVDCVE-2014-8142 at SUSECVE-2014-8142 at NVDCVE-2014-9709 at SUSECVE-2014-9709 at NVDCVE-2015-0231 at SUSECVE-2015-0231 at NVDCVE-2015-0232 at SUSECVE-2015-0232 at NVDCVE-2015-2305 at SUSECVE-2015-2305 at NVDCVE-2015-2787 at SUSECVE-2015-2787 at NVDCVE-2015-3411 at SUSECVE-2015-3411 at NVDCVE-2015-3412 at SUSECVE-2015-3412 at NVDCVE-2015-4022 at SUSECVE-2015-4022 at NVDCVE-2015-4024 at SUSECVE-2015-4024 at NVDCVE-2015-4026 at SUSECVE-2015-4026 at NVDCVE-2015-4148 at SUSECVE-2015-4148 at NVDCVE-2015-4598 at SUSECVE-2015-4598 at NVDCVE-2015-4599 at SUSECVE-2015-4599 at NVDCVE-2015-4600 at SUSECVE-2015-4600 at NVDCVE-2015-4601 at SUSECVE-2015-4601 at NVDCVE-2015-4602 at SUSECVE-2015-4602 at NVDCVE-2015-4603 at SUSECVE-2015-4603 at NVDCVE-2015-4643 at SUSECVE-2015-4643 at NVDCVE-2015-4644 at SUSECVE-2015-4644 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for apache2-mod_pythonSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Apache2 mod_python has been changed to enable randomized hashes to help
fixing denial of service problems by injecting prepared values into Python
hash functions. (CVE-2012-1150)
As some Python scripts might need a known hashing order, the old behaviour
can be restored using a newly introduced module option called
PythonRandomizeHashes
The option is default on, but can be disabled if necessary for
compatibility with above scripts.
Security Issue reference:
* CVE-2012-1150
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150>
SUSE bug 757549CVE-2012-1150 at SUSECVE-2012-1150 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for apport (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for apport fixes the following issues:
Security issue fixed:
- CVE-2015-1338: Insecurely created crash dumps could lead to a DoS or privilege escalation through
malicious symlinks. (bsc#947731)
ModerateSUSE bug 947731CVE-2015-1338 at SUSECVE-2015-1338 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for apport (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for apport fixes the following issues:
Security issues fixed:
- CVE-2019-7307: Fixed a TOCTOU issue, which allows local users to read arbitrary files. (bsc#1140986)
ModerateSUSE bug 1140986CVE-2019-7307 at SUSECVE-2019-7307 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for apport (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for apport fixes the following issues:
- CVE-2019-11482: Fixed TOCTTOU race conditions when creating a core file (bsc#1155479).
- CVE-2019-11485: Fixed a permission issue with the directory of lock files (bsc#1155481)
- CVE-2019-15790: Fixed the privilleges that reads /proc/$PID/ files to avoid potential information disclosure (bsc#1155482).
- CVE-2020-15701: Fixed a denial of service while parsing apport-ignore.xml (bsc#1174108).
ModerateSUSE bug 1155479SUSE bug 1155481SUSE bug 1155482SUSE bug 1174108CVE-2019-11482 at SUSECVE-2019-11482 at NVDCVE-2019-11485 at SUSECVE-2019-11485 at NVDCVE-2019-15790 at SUSECVE-2019-15790 at NVDCVE-2020-15701 at SUSECVE-2020-15701 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for arkSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Ark was prone to a path traversal vulnerability allowing a
maliciously-crafted zip file to allow for an arbitrary file to be displayed
and, if the user has appropriate credentials, removed (CVE-2011-2725).
Security Issue reference:
* CVE-2011-2725
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2725>
SUSE bug 708268CVE-2011-2725 at SUSECVE-2011-2725 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for arpwatchSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
arpwatch was improperly dropping its privileges. This has been fixed.
Security Issue reference:
* CVE-2012-2653
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2653>
SUSE bug 764521CVE-2012-2653 at SUSECVE-2012-2653 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for arpwatch (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for arpwatch fixes the following issues:
- CVE-2021-25321: Fixed local privilege escalation from runtime user to root (bsc#1186240).
ImportantSUSE bug 1186240CVE-2021-25321 at SUSECVE-2021-25321 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for aspell (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for aspell fixes the following issues:
- CVE-2019-17544: Fixed a stack-based buffer over-read in acommon:unescape in common/getdata.cpp via an isolated backslash (bsc#1153892).
ModerateSUSE bug 1153892CVE-2019-17544 at SUSECVE-2019-17544 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for aspell (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for aspell fixes the following security issue:
- CVE-2019-20433: Fixed a buffer over-read when processing strings ending with a single '\0' byte with ucs-2 and ucs-4 encoding (bsc#1161982).
ModerateSUSE bug 1161982CVE-2019-20433 at SUSECVE-2019-20433 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for aspell (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for aspell fixes the following issues:
- CVE-2019-25051: Fixed heap-buffer-overflow in acommon:ObjStack:dup_top (bsc#1188576).
ImportantSUSE bug 1188576CVE-2019-25051 at SUSECVE-2019-25051 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for atftp (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for atftp fixes the following issues:
Security issues fixed:
- CVE-2019-11366: Fixed a denial of service caused by a NULL pointer dereference because thread_list_mutex was not locked (bsc#1133145).
- CVE-2019-11365: Fixed a buffer overflow which could lead to remote code execution caused by an insecure use of strncpy() (bsc#1133114).
ImportantSUSE bug 1133114SUSE bug 1133145CVE-2019-11365 at SUSECVE-2019-11365 at NVDCVE-2019-11366 at SUSECVE-2019-11366 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for atftp (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for atftp fixes the following issues:
- CVE-2021-41054: Fixed buffer overflow caused by combination of data, OACK, and other options (bsc#1190522).
ModerateSUSE bug 1190522CVE-2021-41054 at SUSECVE-2021-41054 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for atftp (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for atftp fixes the following issues:
- CVE-2021-46671: Fixed a potential information leak in atftpd (bsc#1195619).
LowSUSE bug 1195619CVE-2021-46671 at SUSECVE-2021-46671 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for audiofile (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for audiofile fixes the following issues:
Security issues fixed:
- CVE-2017-6827: heap-based buffer overflow in MSADPCM::initializeCoefficients (MSADPCM.cpp) (bsc#1026979)
- CVE-2017-6828: heap-based buffer overflow in readValue (FileHandle.cpp) (bsc#1026980)
- CVE-2017-6829: global buffer overflow in decodeSample (IMA.cpp) (bsc#1026981)
- CVE-2017-6830: heap-based buffer overflow in alaw2linear_buf (G711.cpp) (bsc#1026982)
- CVE-2017-6831: heap-based buffer overflow in IMA::decodeBlockWAVE (IMA.cpp) (bsc#1026983)
- CVE-2017-6832: heap-based buffer overflow in MSADPCM::decodeBlock (MSADPCM.cpp) (bsc#1026984)
- CVE-2017-6833: divide-by-zero in BlockCodec::runPull (BlockCodec.cpp) (bsc#1026985)
- CVE-2017-6834: heap-based buffer overflow in ulaw2linear_buf (G711.cpp) (bsc#1026986)
- CVE-2017-6835: divide-by-zero in BlockCodec::reset1 (BlockCodec.cpp) (bsc#1026988)
- CVE-2017-6836: heap-based buffer overflow in Expand3To4Module::run (SimpleModule.h) (bsc#1026987)
- CVE-2017-6837, CVE-2017-6838, CVE-2017-6839: multiple ubsan crashes (bsc#1026978)
ModerateSUSE bug 1026978SUSE bug 1026979SUSE bug 1026980SUSE bug 1026981SUSE bug 1026982SUSE bug 1026983SUSE bug 1026984SUSE bug 1026985SUSE bug 1026986SUSE bug 1026987SUSE bug 1026988CVE-2017-6827 at SUSECVE-2017-6827 at NVDCVE-2017-6828 at SUSECVE-2017-6828 at NVDCVE-2017-6829 at SUSECVE-2017-6829 at NVDCVE-2017-6830 at SUSECVE-2017-6830 at NVDCVE-2017-6831 at SUSECVE-2017-6831 at NVDCVE-2017-6832 at SUSECVE-2017-6832 at NVDCVE-2017-6833 at SUSECVE-2017-6833 at NVDCVE-2017-6834 at SUSECVE-2017-6834 at NVDCVE-2017-6835 at SUSECVE-2017-6835 at NVDCVE-2017-6836 at SUSECVE-2017-6836 at NVDCVE-2017-6837 at SUSECVE-2017-6837 at NVDCVE-2017-6838 at SUSECVE-2017-6838 at NVDCVE-2017-6839 at SUSECVE-2017-6839 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for augeasSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Augeas has been updated to fix symlink overwrite problem. (CVE-2012-0786,
CVE-2013-6412)
Additionally, parsing the multipath configuration has been fixed.
(bnc#871323)
Security Issues:
* CVE-2012-0786
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0786>
* CVE-2013-6412
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6412>
SUSE bug 716632SUSE bug 719199SUSE bug 729491SUSE bug 753624SUSE bug 871323SUSE bug 885003CVE-2012-0786 at SUSECVE-2012-0786 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for augeas (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The augeas package was updated to fix the following security issue:
- CVE-2014-8119: backported path escaping patch (bsc#925225)
ModerateSUSE bug 925225CVE-2014-8119 at SUSECVE-2014-8119 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for augeas (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for augeas fixes the following issues:
Security issue fixed:
- CVE-2017-7555: Fix a memory corruption bug could have lead to arbitrary code execution
by passing crafted strings that would be mis-handled by parse_name() (bsc#1054171).
LowSUSE bug 1054171CVE-2017-7555 at SUSECVE-2017-7555 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for automakeSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of automake fixes a race condition in 'distcheck'
(CVE-2012-3386).
Also a bug where world writeable tarballs were generated during 'make dist'
has been fixed (CVE-2009-4029).
Security Issue references:
* CVE-2012-3386
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3386>
* CVE-2009-4029
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4029>
SUSE bug 559815SUSE bug 770618CVE-2012-3386 at SUSECVE-2012-3386 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for avahi (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for avahi fixes the following issues:
Security issue fixed:
- CVE-2018-1000845: Fixed DNS amplification and reflection to spoofed addresses (DOS) (bsc#1120281)
ModerateSUSE bug 1120281CVE-2018-1000845 at SUSECVE-2018-1000845 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for avahi (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for avahi fixes the following issues:
- Increase data and stack limits (bsc#1085255).
ModerateSUSE bug 1085255cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for avahi (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for avahi fixes the following issues:
- CVE-2021-3468: avoid infinite loop by handling HUP event in client_work (bsc#1184521).
ModerateSUSE bug 1184521CVE-2021-3468 at SUSECVE-2021-3468 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for axis (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for axis fixes the following security issue:
- CVE-2018-8032: Prevent cross-site scripting (XSS) attack in the default
servlet/services (bsc#1103658).
ModerateSUSE bug 1103658CVE-2018-8032 at SUSECVE-2018-8032 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for axis (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for axis fixes the following issues:
Security issue fixed:
- CVE-2012-5784, CVE-2014-3596: Fixed missing connection hostname check against X.509 certificate name (bsc#1134598).
ModerateSUSE bug 1134598CVE-2012-5784 at SUSECVE-2012-5784 at NVDCVE-2014-3596 at SUSECVE-2014-3596 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bashSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
The command-line shell 'bash' evaluates environment variables, which allows
the injection of characters and might be used to access files on the system
in some circumstances (CVE-2014-7169).
Please note that this issue is different from a previously fixed
vulnerability tracked under CVE-2014-6271 and is less serious due to the
special, non-default system configuration that is needed to create an
exploitable situation.
To remove further exploitation potential we now limit the
function-in-environment variable to variables prefixed with BASH_FUNC_.
This hardening feature is work in progress and might be improved in later
updates.
Additionally, two more security issues have been fixed:
* CVE-2014-7186: Nested HERE documents could lead to a crash of bash.
* CVE-2014-7187: Nesting of for loops could lead to a crash of bash.
Security Issues:
* CVE-2014-7169
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169>
* CVE-2014-7186
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186>
* CVE-2014-7187
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187>
SUSE bug 770795SUSE bug 776694SUSE bug 819783SUSE bug 820149SUSE bug 844550SUSE bug 896776SUSE bug 898346SUSE bug 898603SUSE bug 898604SUSE bug 898884CVE-2012-3410 at SUSECVE-2012-3410 at NVDCVE-2014-0475 at SUSECVE-2014-0475 at NVDCVE-2014-6271 at SUSECVE-2014-6271 at NVDCVE-2014-7169 at SUSECVE-2014-7169 at NVDCVE-2014-7186 at SUSECVE-2014-7186 at NVDCVE-2014-7187 at SUSECVE-2014-7187 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for bash (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for bash fixes the following issues:
Security issue fixed:
- CVE-2016-9401: Fixed a denial of service with popd, where a user supplied address would be free'd (bsc#1010845).
ModerateSUSE bug 1010845CVE-2016-9401 at SUSECVE-2016-9401 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bindSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes a DoS vulnerability in bind when handling malformed
NSEC3-signed zones. CVE-2014-0591 has been assigned to this issue.
Security Issue references:
* CVE-2014-0591
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591>
SUSE bug 684163SUSE bug 696585SUSE bug 703907SUSE bug 715180SUSE bug 718441SUSE bug 727495SUSE bug 730995SUSE bug 743758SUSE bug 765315SUSE bug 772945SUSE bug 780157SUSE bug 784602SUSE bug 796112SUSE bug 858639SUSE bug 908994CVE-2011-1910 at SUSECVE-2011-1910 at NVDCVE-2011-2464 at SUSECVE-2011-2464 at NVDCVE-2011-4313 at SUSECVE-2011-4313 at NVDCVE-2012-1667 at SUSECVE-2012-1667 at NVDCVE-2012-3817 at SUSECVE-2012-3817 at NVDCVE-2012-4244 at SUSECVE-2012-4244 at NVDCVE-2012-5166 at SUSECVE-2012-5166 at NVDCVE-2014-0591 at SUSECVE-2014-0591 at NVDCVE-2014-8500 at SUSECVE-2014-8500 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for bind (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
bind was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-5477: Remote DoS via TKEY queries (bsc#939567)
Exposure to this issue can not be prevented by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet handling.
ImportantSUSE bug 939567CVE-2015-5477 at SUSECVE-2015-5477 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for bind (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
The nameserver bind was updated to fix a remote denial of service (crash) attack against
bind nameservers doing validation on DNSSEC signed records. (CVE-2015-5722, bsc#944066).
ImportantSUSE bug 944066CVE-2015-5722 at SUSECVE-2015-5722 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for bind (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for bind fixes the following issues:
- Fix remote denial of service by misparsing incoming responses
(CVE-2015-8000, bsc#958861).
A non security issues was also fixed:
- Fix a regression in caching entries with a ttl of 0 (bsc#923281).
ImportantSUSE bug 923281SUSE bug 958861CVE-2015-8000 at SUSECVE-2015-8000 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bind (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for bind fixes the following issues:
- CVE-2015-8704: Specific APL data allowed remote attacker to trigger a crash in certain configurations (bsc#962189)
ImportantSUSE bug 962189CVE-2015-8704 at SUSECVE-2015-8704 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bind (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for bind fixes the following issues:
Fix two assertion failures that can lead to a remote denial of service attack:
* CVE-2016-1285: An error when parsing signature records for DNAME can lead to named exiting due to an assertion failure. (bsc#970072)
* CVE-2016-1286: An error when parsing signature records for DNAME records having specific properties can lead to named exiting due to an assertion failure in resolver.c or db.c. (bsc#970073)
ImportantSUSE bug 970072SUSE bug 970073CVE-2016-1285 at SUSECVE-2016-1285 at NVDCVE-2016-1286 at SUSECVE-2016-1286 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bind (Critical)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The nameserver bind was updated to fix a remote denial of service
vulnerability, where a crafted packet could cause the nameserver to abort. (CVE-2016-2776, bsc#1000362)
CriticalSUSE bug 1000362CVE-2016-2776 at SUSECVE-2016-2776 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bind (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for bind fixes the following issue:
- A defect in BIND's handling of responses containing a DNAME answer had
the potential to trigger assertion errors in the server remotely,
thereby facilitating a denial-of-service attack. (CVE-2016-8864, bsc#1007829).
ImportantSUSE bug 1007829CVE-2016-8864 at SUSECVE-2016-8864 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bind (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for bind fixes the following issues:
- Fix a potential assertion failure that could have been triggered by a
malformed response to an ANY query, thereby facilitating a denial-of-service
attack. [CVE-2016-9131, bsc#1018700, bsc#1018699]
- Fix a potential assertion failure that could have been triggered by
responding to a query with inconsistent DNSSEC information, thereby
facilitating a denial-of-service attack. [CVE-2016-9147, bsc#1018701,
bsc#1018699]
- Fix potential assertion failure that could have been triggered by DNS
responses that contain unusually-formed DS resource records, facilitating a
denial-of-service attack. [CVE-2016-9444, bsc#1018702, bsc#1018699]
ImportantSUSE bug 1018699SUSE bug 1018700SUSE bug 1018701SUSE bug 1018702CVE-2016-9131 at SUSECVE-2016-9131 at NVDCVE-2016-9147 at SUSECVE-2016-9147 at NVDCVE-2016-9444 at SUSECVE-2016-9444 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bind (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for bind fixes the following issues:
- An attacker with the ability to send and receive messages to an authoritative
DNS server was able to circumvent TSIG authentication of AXFR requests. A
server that relied solely on TSIG keys for protection could be manipulated
into (1) providing an AXFR of a zone to an unauthorized recipient and (2)
accepting bogus Notify packets. [bsc#1046554, CVE-2017-3142]
- An attacker who with the ability to send and receive messages to an
authoritative DNS server and who had knowledge of a valid TSIG key name for
the zone and service being targeted was able to manipulate BIND into
accepting an unauthorized dynamic update. [bsc#1046555, CVE-2017-3143]
ImportantSUSE bug 1046554SUSE bug 1046555CVE-2017-3142 at SUSECVE-2017-3142 at NVDCVE-2017-3143 at SUSECVE-2017-3143 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bind (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for bind fixes several issues.
This security issue was fixed:
- CVE-2017-3145: Improper sequencing during cleanup could have lead to a
use-after-free error that triggered an assertion failure and crash in named
(bsc#1076118).
These non-security issues were fixed:
- Updated named.root file (bsc#1040039)
- Update bind.keys for DNSSEC root KSK rollover (bsc#1047184)
ImportantSUSE bug 1040039SUSE bug 1047184SUSE bug 1076118CVE-2017-3145 at SUSECVE-2017-3145 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bind (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for bind fixes the following issues:
Security issue fixed:
- CVE-2016-2775: Fixed a denial of service vulnerability related to very long query names (bsc#989528).
- CVE-2018-5743: Limiting simultaneous TCP clients is ineffective. (bsc#1133185)
ImportantSUSE bug 1133185SUSE bug 989528CVE-2016-2775 at SUSECVE-2016-2775 at NVDCVE-2018-5743 at SUSECVE-2018-5743 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bind (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for bind fixes the following issues:
- CVE-2020-8616: Fixed the insufficient limit on the number of fetches performed when processing referrals (bsc#1171740).
- CVE-2020-8617: Fixed a logic error in code which checks TSIG validity (bsc#1171740).
- CVE-2018-5741: Fixed the documentation (bsc#1109160).
ImportantSUSE bug 1109160SUSE bug 1171740CVE-2018-5741 at SUSECVE-2018-5741 at NVDCVE-2020-8616 at SUSECVE-2020-8616 at NVDCVE-2020-8617 at SUSECVE-2020-8617 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bind (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for bind fixes the following issues:
- CVE-2020-8625: A vulnerability in BIND's GSSAPI security policy
negotiation can be targeted by a buffer overflow attack [bsc#1182246, CVE-2020-8625]
ImportantSUSE bug 1182246CVE-2020-8625 at SUSECVE-2020-8625 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bind (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for bind fixes the following issues:
- CVE-2021-25214: Fixed a broken inbound incremental zone update (IXFR) which could have caused named to terminate unexpectedly (bsc#1185345).
- CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records that required the DNAME to be processed to resolve itself (bsc#1185345).
- CVE-2021-25216: Fixed an issue where policy negotiation can be targeted by a buffer overflow attack (bsc#1185345).
ImportantSUSE bug 1185345CVE-2021-25214 at SUSECVE-2021-25214 at NVDCVE-2021-25215 at SUSECVE-2021-25215 at NVDCVE-2021-25216 at SUSECVE-2021-25216 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bind (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for bind fixes the following issues:
- CVE-2021-25219: Fixed lame cache that could have been abused to severely degrade resolver performance (bsc#1192146).
ImportantSUSE bug 1192146CVE-2021-25219 at SUSECVE-2021-25219 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for binutilsSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
binutils has been updated to version 2.24, from SLE 11-SP4:
* Update to SLE 11-SP4 version of binutils (2.24 based). (bsc#921737)
* Fix for several CVEs found when feeding fuzzed binary files into
various binutils programs like strings, objdump or readelf. [bnc
#902676, #902677, #903655, #905735, #905736] [CVE-2014-8485,
CVE-2014-8484, CVE-2014-8501, CVE-2014-8502, CVE-2014-8503,
CVE-2014-8504, CVE-2014-8738, CVE-2014-8737] [PR17510, PR17512,
PR17521, PR17531, PR17533, PR17552, PR17597, PR17605]
SUSE bug 921737CVE-2014-8484 at SUSECVE-2014-8484 at NVDCVE-2014-8485 at SUSECVE-2014-8485 at NVDCVE-2014-8501 at SUSECVE-2014-8501 at NVDCVE-2014-8502 at SUSECVE-2014-8502 at NVDCVE-2014-8503 at SUSECVE-2014-8503 at NVDCVE-2014-8504 at SUSECVE-2014-8504 at NVDCVE-2014-8737 at SUSECVE-2014-8737 at NVDCVE-2014-8738 at SUSECVE-2014-8738 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bluez (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for bluez fixes the following issues:
Security issue fixed:
- CVE-2017-1000250: Fixed Out-of-bounds heap read in service_search_attr_req check if there is enough data to continue otherwise return an error (bsc#1057342).
ModerateSUSE bug 1057342CVE-2017-1000250 at SUSECVE-2017-1000250 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for boostSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The following issue has been fixed:
* boost::pool's ordered_malloc could have overflowed when calculating
the allocation size (CVE-2012-2677).
Security Issue reference:
* CVE-2012-2677
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2677>
SUSE bug 765443SUSE bug 767949CVE-2012-2677 at SUSECVE-2012-2677 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bsdtar (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
bsdtar was updated to fix seven security issues.
These security issues were fixed:
- CVE-2015-8929: Memory leak in tar parser (bsc#985669).
- CVE-2016-4809: Memory allocate error with symbolic links in cpio archives (bsc#984990).
- CVE-2015-8920: Stack out of bounds read in ar parser (bsc#985675).
- CVE-2015-8921: Global out of bounds read in mtree parser (bsc#985682).
- CVE-2015-8924: Heap buffer read overflow in tar (bsc#985609).
- CVE-2015-8918: Overlapping memcpy in CAB parser (bsc#985698).
- CVE-2015-2304: Reject absolute paths in input mode of bsdcpio exactly when '..' is rejected (bsc#920870).
ImportantSUSE bug 920870SUSE bug 984990SUSE bug 985609SUSE bug 985669SUSE bug 985675SUSE bug 985682SUSE bug 985698CVE-2015-2304 at SUSECVE-2015-2304 at NVDCVE-2015-8918 at SUSECVE-2015-8918 at NVDCVE-2015-8920 at SUSECVE-2015-8920 at NVDCVE-2015-8921 at SUSECVE-2015-8921 at NVDCVE-2015-8924 at SUSECVE-2015-8924 at NVDCVE-2015-8929 at SUSECVE-2015-8929 at NVDCVE-2016-4809 at SUSECVE-2016-4809 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bsdtar (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for bsdtar fixes the following issues:
- CVE-2015-8915: Fixed an invalid read which could have allowed
remote attackers to cause a denial of service (bsc#985601).
- CVE-2015-8925: Fixed an invalid read which could have allowed
remote attackers to cause a denial of service (bsc#985706).
- CVE-2017-14503: Fixed an out of bounds read within lha_read_data_none()
in archive_read_support_format_lha.c (bsc#1059139).
- CVE-2016-8687: Fixed a buffer overflow when printing a filename (bsc#1005070).
ModerateSUSE bug 1005070SUSE bug 1059139SUSE bug 985601SUSE bug 985706CVE-2015-8915 at SUSECVE-2015-8915 at NVDCVE-2015-8925 at SUSECVE-2015-8925 at NVDCVE-2016-8687 at SUSECVE-2016-8687 at NVDCVE-2017-14503 at SUSECVE-2017-14503 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MonoSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The following security bugs have been fixed:
* Mono was vulnerable to a padding oracle attack (CVE-2010-3332).
* Mono loaded shared libraries from the current directory
(CVE-2010-4159).
Security Issue references:
* CVE-2010-3332
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3332>
* CVE-2010-4159
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4159>
SUSE bug 592428SUSE bug 648080SUSE bug 648086SUSE bug 921312CVE-2010-1459 at SUSECVE-2010-1459 at NVDCVE-2010-3332 at SUSECVE-2010-3332 at NVDCVE-2010-4159 at SUSECVE-2010-4159 at NVDCVE-2015-2318 at SUSECVE-2015-2318 at NVDCVE-2015-2319 at SUSECVE-2015-2319 at NVDCVE-2015-2320 at SUSECVE-2015-2320 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bzip2SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes an integer overflow in the BZ2_decompress function of
bzip2/libbz2. This could have been exploited via a crafted archive to cause
a denial of service or even execute arbitrary code. (CVE-2010-0405)
Security Issue reference:
* CVE-2010-0405
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405>
SUSE bug 636978CVE-2010-0405 at SUSECVE-2010-0405 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bzip2 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for bzip2 fixes the following issues:
Security issue fixed:
- CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors (bsc#1139083).
- CVE-2016-3189: Fixed a use-after-free in bzip2recover (bsc#985657).
ImportantSUSE bug 1139083SUSE bug 985657CVE-2016-3189 at SUSECVE-2016-3189 at NVDCVE-2019-12900 at SUSECVE-2019-12900 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for bzip2 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for bzip2 fixes the following issues:
- Fixed a regression with the fix for CVE-2019-12900, which caused incompatibilities
with files that used many selectors (bsc#1139083).
ImportantSUSE bug 1139083CVE-2019-12900 at SUSECVE-2019-12900 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cairo (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cairo fixes the following issues:
- CVE-2016-9082: Fixed a segfault when using >4GB images since int values were used
for pointer operations (bsc#1007255).
- CVE-2017-9814: Replace malloc with _cairo_malloc and check cmap size before
allocating to prevent DoS (bsc#1049092).
- CVE-2017-7475: Fix a segfault in get_bitmap_surface due to malformed font (bsc#1036789).
ModerateSUSE bug 1007255SUSE bug 1036789SUSE bug 1049092CVE-2016-9082 at SUSECVE-2016-9082 at NVDCVE-2017-7475 at SUSECVE-2017-7475 at NVDCVE-2017-9814 at SUSECVE-2017-9814 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cairo (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cairo fixes the following issues:
- CVE-2019-6462: Fixed a potentially infinite loop (bsc#1122321).
LowSUSE bug 1122321CVE-2019-6462 at SUSECVE-2019-6462 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for SambaSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
Samba was updated to fix a security issue:
Samba, when vfs_streams_depot or vfs_streams_xattr is enabled, allows
remote attackers to bypass intended file restrictions by leveraging ACL
differences between a file and an associated alternate data stream (ADS).
(CVE-2013-4475)
Security Issue reference:
* CVE-2013-4475
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475>
SUSE bug 499233SUSE bug 573246SUSE bug 583535SUSE bug 617153SUSE bug 630812SUSE bug 632055SUSE bug 632852SUSE bug 637218SUSE bug 643119SUSE bug 643787SUSE bug 649526SUSE bug 649636SUSE bug 668773SUSE bug 670431SUSE bug 675978SUSE bug 693945SUSE bug 705170SUSE bug 705241SUSE bug 708503SUSE bug 710791SUSE bug 722663SUSE bug 732572SUSE bug 741623SUSE bug 742885SUSE bug 747906SUSE bug 752797SUSE bug 754443SUSE bug 755663SUSE bug 757080SUSE bug 757576SUSE bug 759731SUSE bug 764577SUSE bug 783384SUSE bug 799641SUSE bug 800982SUSE bug 829969SUSE bug 844720SUSE bug 848101SUSE bug 849224SUSE bug 853021SUSE bug 853347CVE-2010-3069 at SUSECVE-2010-3069 at NVDCVE-2011-0719 at SUSECVE-2011-0719 at NVDCVE-2011-2522 at SUSECVE-2011-2522 at NVDCVE-2011-2694 at SUSECVE-2011-2694 at NVDCVE-2012-1182 at SUSECVE-2012-1182 at NVDCVE-2012-2111 at SUSECVE-2012-2111 at NVDCVE-2012-6150 at SUSECVE-2012-6150 at NVDCVE-2013-0213 at SUSECVE-2013-0213 at NVDCVE-2013-0214 at SUSECVE-2013-0214 at NVDCVE-2013-4124 at SUSECVE-2013-4124 at NVDCVE-2013-4408 at SUSECVE-2013-4408 at NVDCVE-2013-4475 at SUSECVE-2013-4475 at NVDCVE-2013-4496 at SUSECVE-2013-4496 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Recommended update for clamavSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
The antivirus scanner ClamAV has been updated to version 0.98.3, which
includes the following fixes and enhancements:
* Support for common raw disk image formats using 512 byte sectors,
specifically GPT, APM, and MBR partitioning.
* All ClamAV sockets (clamd, freshclam, clamav-milter, clamdscan,
clamdtop) now support IPV6 addresses and configuration parameters.
* Use OpenSSL file hash functions for improved performance.
* Improved detection of malware scripts within image files.
* Miscellaneous bug fixes and documentation improvements.
SUSE bug 608188SUSE bug 640812SUSE bug 649631SUSE bug 656548SUSE bug 673753SUSE bug 698999SUSE bug 708263SUSE bug 724856SUSE bug 753610SUSE bug 753611SUSE bug 753613SUSE bug 767574SUSE bug 780181SUSE bug 809945SUSE bug 816865SUSE bug 841815SUSE bug 865883SUSE bug 877475SUSE bug 899395SUSE bug 903489SUSE bug 903719SUSE bug 904207SUSE bug 906077SUSE bug 906770SUSE bug 915512SUSE bug 916214SUSE bug 916215SUSE bug 916217SUSE bug 929192CVE-2010-1639 at SUSECVE-2010-1639 at NVDCVE-2010-1640 at SUSECVE-2010-1640 at NVDCVE-2010-2077 at SUSECVE-2010-2077 at NVDCVE-2010-3434 at SUSECVE-2010-3434 at NVDCVE-2011-1003 at SUSECVE-2011-1003 at NVDCVE-2011-2721 at SUSECVE-2011-2721 at NVDCVE-2011-3627 at SUSECVE-2011-3627 at NVDCVE-2012-1457 at SUSECVE-2012-1457 at NVDCVE-2012-1458 at SUSECVE-2012-1458 at NVDCVE-2012-1459 at SUSECVE-2012-1459 at NVDCVE-2013-2020 at SUSECVE-2013-2020 at NVDCVE-2013-2021 at SUSECVE-2013-2021 at NVDCVE-2013-6497 at SUSECVE-2013-6497 at NVDCVE-2014-9050 at SUSECVE-2014-9050 at NVDCVE-2014-9328 at SUSECVE-2014-9328 at NVDCVE-2015-1461 at SUSECVE-2015-1461 at NVDCVE-2015-1462 at SUSECVE-2015-1462 at NVDCVE-2015-1463 at SUSECVE-2015-1463 at NVDCVE-2015-2170 at SUSECVE-2015-2170 at NVDCVE-2015-2221 at SUSECVE-2015-2221 at NVDCVE-2015-2222 at SUSECVE-2015-2222 at NVDCVE-2015-2305 at SUSECVE-2015-2305 at NVDCVE-2015-2668 at SUSECVE-2015-2668 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for clamav fixes the following issues:
Security issue fixed:
- CVE-2012-6706: Fixed an arbitrary memory write in VMSF_DELTA filter in libclamunrar (bsc#1045490)
Non security issue fixed:
- Fix permissions of /var/spool/amavis. (bsc#815106)
ImportantSUSE bug 1045490SUSE bug 815106CVE-2012-6706 at SUSECVE-2012-6706 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for clamav fixes the following issues:
- Update to security release 0.99.3 (bsc#1077732)
* CVE-2017-12376 (ClamAV Buffer Overflow in handle_pdfname Vulnerability)
* CVE-2017-12377 (ClamAV Mew Packet Heap Overflow Vulnerability)
* CVE-2017-12379 (ClamAV Buffer Overflow in messageAddArgument Vulnerability)
- these vulnerabilities could have allowed an unauthenticated,
remote attacker to cause a denial of service (DoS) condition
or potentially execute arbitrary code on an affected device.
* CVE-2017-12374 (ClamAV use-after-free Vulnerabilities)
* CVE-2017-12375 (ClamAV Buffer Overflow Vulnerability)
* CVE-2017-12378 (ClamAV Buffer Over Read Vulnerability)
* CVE-2017-12380 (ClamAV Null Dereference Vulnerability)
- these vulnerabilities could have allowed an unauthenticated,
remote attacker to cause a denial of service (DoS) condition on an affected device.
* CVE-2017-6420 (bsc#1052448)
- this vulnerability could have allowed remote attackers to cause a denial of service
(use-after-free) via a crafted PE file with WWPack compression.
* CVE-2017-6419 (bsc#1052449)
- ClamAV could have allowed remote attackers to cause a denial of service
(heap-based buffer overflow and application crash) or possibly
have unspecified other impact via a crafted CHM file.
* CVE-2017-11423 (bsc#1049423)
- ClamAV could have allowed remote attackers to cause a denial of service
(stack-based buffer over-read and application crash) via a crafted CAB file.
* CVE-2017-6418 (bsc#1052466)
- ClamAV could have allowed remote attackers to cause a denial
of service (out-of-bounds read) via a crafted e-mail message.
ImportantSUSE bug 1049423SUSE bug 1052448SUSE bug 1052449SUSE bug 1052466SUSE bug 1077732CVE-2017-11423 at SUSECVE-2017-11423 at NVDCVE-2017-12374 at SUSECVE-2017-12374 at NVDCVE-2017-12375 at SUSECVE-2017-12375 at NVDCVE-2017-12376 at SUSECVE-2017-12376 at NVDCVE-2017-12377 at SUSECVE-2017-12377 at NVDCVE-2017-12378 at SUSECVE-2017-12378 at NVDCVE-2017-12379 at SUSECVE-2017-12379 at NVDCVE-2017-12380 at SUSECVE-2017-12380 at NVDCVE-2017-6418 at SUSECVE-2017-6418 at NVDCVE-2017-6419 at SUSECVE-2017-6419 at NVDCVE-2017-6420 at SUSECVE-2017-6420 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for clamav fixes the following issues:
Security issues fixed:
- CVE-2012-6706: VMSF_DELTA filter inside the unrar implementation allows an arbitrary memory write (bsc#1045315).
- CVE-2017-6419: A heap-based buffer overflow that can lead to a denial of service in libmspack via a crafted CHM file (bsc#1052449).
- CVE-2017-11423: A stack-based buffer over-read that can lead to a denial of service in mspack via a crafted CAB file (bsc#1049423).
- CVE-2018-1000085: An out-of-bounds heap read vulnerability was found in XAR parser that can lead to a denial of service (bsc#1082858).
- CVE-2018-0202: Fixed two vulnerabilities in the PDF parsing code (bsc#1083915).
ImportantSUSE bug 1045315SUSE bug 1049423SUSE bug 1052449SUSE bug 1082858SUSE bug 1083915CVE-2012-6706 at SUSECVE-2012-6706 at NVDCVE-2017-11423 at SUSECVE-2017-11423 at NVDCVE-2017-6419 at SUSECVE-2017-6419 at NVDCVE-2018-0202 at SUSECVE-2018-0202 at NVDCVE-2018-1000085 at SUSECVE-2018-1000085 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for clamav (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for clamav to version 0.100.1 fixes the following issues:
The following security vulnerabilities were addressed:
- CVE-2018-0360: HWP integer overflow, infinite loop vulnerability
(bsc#1101410)
- CVE-2018-0361: PDF object length check, unreasonably long time to parse
relatively small file (bsc#1101412)
- Buffer over-read in unRAR code due to missing max value checks in table
initialization
- Libmspack heap buffer over-read in CHM parser (bsc#1103040)
- PDF parser bugs
The following other changes were made:
- Disable YARA support for licensing reasons (bsc#1101654).
- Add HTTPS support for clamsubmit
- Fix for DNS resolution for users on IPv4-only machines where IPv6 is not
available or is link-local only
ModerateSUSE bug 1101410SUSE bug 1101412SUSE bug 1101654SUSE bug 1103040CVE-2018-0360 at SUSECVE-2018-0360 at NVDCVE-2018-0361 at SUSECVE-2018-0361 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for clamav (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for clamav fixes the following issues:
Clamav was updated to version 0.100.2:
- CVE-2018-15378: Vulnerability in ClamAV's MEW
unpacking feature that could allow an unauthenticated, remote
attacker to cause a denial of service (DoS) condition on an
affected device. (bsc#1110723)
- CVE-2018-14680, CVE-2018-14681, CVE-2018-14682:
more fixes for embedded libmspack. (bsc#1103040)
* Make freshclam more robust against lagging signature mirrors.
* On-Access 'Extra Scanning', an opt-in minor feature of
OnAccess scanning on Linux systems, has been disabled due to a
known issue with resource cleanup OnAccessExtraScanning will
be re-enabled in a future release when the issue is
resolved. In the mean-time, users who enabled the feature in
clamd.conf will see a warning informing them that the feature
is not active. For details, see:
https://bugzilla.clamav.net/show_bug.cgi?id=12048
- Restore exit code compatibility of freshclam with versions before
0.100.0 when the virus database is already up to date
(bsc#1104457).
ModerateSUSE bug 1103040SUSE bug 1104457SUSE bug 1110723CVE-2018-14680 at SUSECVE-2018-14680 at NVDCVE-2018-14681 at SUSECVE-2018-14681 at NVDCVE-2018-14682 at SUSECVE-2018-14682 at NVDCVE-2018-15378 at SUSECVE-2018-15378 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for clamav to version 0.100.3 fixes the following issues:
Security issues fixed (bsc#1130721):
- CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur
when scanning PDF documents.
- CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur
when scanning PE files (i.e. Windows EXE and DLL files).
- CVE-2019-1788: Fixed an out-of-bounds heap write condition which may occur
when scanning OLE2 files such as Microsoft Office 97-2003 documents.
ImportantSUSE bug 1130721CVE-2019-1787 at SUSECVE-2019-1787 at NVDCVE-2019-1788 at SUSECVE-2019-1788 at NVDCVE-2019-1789 at SUSECVE-2019-1789 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for clamav (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for clamav fixes the following issues:
Security issues fixed:
- CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files (bsc#1144504).
- CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors (bsc#1149458).
Non-security issue fixed:
- Added the --max-scantime clamscan option and MaxScanTime clamd configuration option.
ModerateSUSE bug 1144504SUSE bug 1149458CVE-2019-12625 at SUSECVE-2019-12625 at NVDCVE-2019-12900 at SUSECVE-2019-12900 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for clamav fixes the following issues:
- CVE-2019-15961: Fixed a denial of service which might occur when
scanning a specially crafted email file as (bsc#1157763).
ImportantSUSE bug 1157763CVE-2019-15961 at SUSECVE-2019-15961 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for clamav (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for clamav fixes the following issues:
- Update to 0.103.0 to implement jsc#ECO-3010 and bsc#1118459
- This update incorporates incompatible changes that were introduced
in version 0.101.0.
- Accumulated security fixes:
* CVE-2020-3350: Fix a vulnerability wherein a malicious user could
replace a scan target's directory with a symlink to another path
to trick clamscan, clamdscan, or clamonacc into removing or moving
a different file (eg. a critical system file). The issue would
affect users that use the --move or --remove options for clamscan,
clamdscan, and clamonacc. (bsc#1174255)
* CVE-2020-3327: Fix a vulnerability in the ARJ archive parsing
module in ClamAV 0.102.3 that could cause a Denial-of-Service
(DoS) condition. Improper bounds checking results in an
out-of-bounds read which could cause a crash. The previous fix for
this CVE in 0.102.3 was incomplete. This fix correctly resolves
the issue.
* CVE-2020-3481: Fix a vulnerability in the EGG archive module in
ClamAV 0.102.0 - 0.102.3 could cause a Denial-of-Service (DoS)
condition. Improper error handling may result in a crash due to a
NULL pointer dereference. This vulnerability is mitigated for
those using the official ClamAV signature databases because the
file type signatures in daily.cvd will not enable the EGG archive
parser in versions affected by the vulnerability. (bsc#1174250)
* CVE-2020-3341: Fix a vulnerability in the PDF parsing module in
ClamAV 0.101 - 0.102.2 that could cause a Denial-of-Service (DoS)
condition. Improper size checking of a buffer used to initialize AES
decryption routines results in an out-of-bounds read which may cause
a crash. (bsc#1171981)
* CVE-2020-3123: A denial-of-service (DoS) condition may occur when
using the optional credit card data-loss-prevention (DLP) feature.
Improper bounds checking of an unsigned variable resulted in an
out-of-bounds read, which causes a crash.
ModerateSUSE bug 1118459SUSE bug 1171981SUSE bug 1174250SUSE bug 1174255CVE-2020-3123 at SUSECVE-2020-3123 at NVDCVE-2020-3327 at SUSECVE-2020-3327 at NVDCVE-2020-3341 at SUSECVE-2020-3341 at NVDCVE-2020-3350 at SUSECVE-2020-3350 at NVDCVE-2020-3481 at SUSECVE-2020-3481 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for clamav fixes the following issues:
- CVE-2021-1252: Fix for Excel XLM parser infinite loop. (bsc#1184532)
- CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. (bsc#1184533)
- CVE-2021-1405: Fix for mail parser NULL-dereference crash. (bsc#1184534)
- Fix errors when scanning files > 4G (bsc#1181256)
- Update clamav.keyring
- Update to 0.103.2
ImportantSUSE bug 1181256SUSE bug 1184532SUSE bug 1184533SUSE bug 1184534CVE-2021-1252 at SUSECVE-2021-1252 at NVDCVE-2021-1404 at SUSECVE-2021-1404 at NVDCVE-2021-1405 at SUSECVE-2021-1405 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for clamav (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for clamav fixes the following issues:
- CVE-2018-14679: Fixed off-by-one issue in embedded libmspack that could lead to denial of service (bsc#1103032).
- Update to 0.103.4 (bsc#1192346).
- Add documentation about max file size purpose and side effect in the 'clamscan' and 'clamdscan' manpages (bsc#1187509).
- Update to 0.103.3 (bsc#1188284).
ModerateSUSE bug 1103032SUSE bug 1187509SUSE bug 1188284SUSE bug 1192346CVE-2018-14679 at SUSECVE-2018-14679 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for clamav fixes the following issues:
- CVE-2022-20698: Fixed invalid pointer read allowing denial of service crash. (bsc#1194731)
ImportantSUSE bug 1194731CVE-2022-20698 at SUSECVE-2022-20698 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for OpenLDAPSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update to OpenLDAP fixes multiple replication issues which could lead
to delete operation not being propagated to the slave servers correctly.
Additionally a vulnerability (CVE-2012-1164) was fixed that could cause
certain OpenLDAP proxy configurations to crash while processing LDAP search
requests with the 'attrsOnly' option enabled.
Security Issues:
* CVE-2012-1164
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1164>
SUSE bug 620389SUSE bug 648479SUSE bug 650953SUSE bug 656143SUSE bug 674985SUSE bug 750466SUSE bug 751945CVE-2011-1024 at SUSECVE-2011-1024 at NVDCVE-2011-1081 at SUSECVE-2011-1081 at NVDCVE-2012-1164 at SUSECVE-2012-1164 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for coreutilsSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This coreutils update fixes three minor security issues.
* #798538 - VUL-1: CVE-2013-0221: coreutils: segmentation fault in
'sort -d' and 'sort -M' with long line input
* #796243 - VUL-1: CVE-2013-0222: coreutils: segmentation fault in
'uniq' with long line input
* #798541 - VUL-1: CVE-2013-0223: coreutils: segmentation fault in
'join -i' with long line input
Security Issues:
* CVE-2013-0221
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0221>
* CVE-2013-0222
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0222>
* CVE-2013-0223
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0223>
SUSE bug 609913SUSE bug 627278SUSE bug 697897SUSE bug 702995SUSE bug 717808SUSE bug 721961SUSE bug 752943SUSE bug 754559SUSE bug 757636SUSE bug 763536SUSE bug 796243SUSE bug 798538SUSE bug 798541CVE-2013-0221 at SUSECVE-2013-0221 at NVDCVE-2013-0222 at SUSECVE-2013-0222 at NVDCVE-2013-0223 at SUSECVE-2013-0223 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for coreutils (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for coreutils fixes the following issues:
Security issues fixed:
- CVE-2015-1865: Fixed an arbitrary file deletion (bsc#927949).
- CVE-2015-4041, CVE-2015-4042: Fixed a buffer overflow related to case conversion (bsc#928749).
- CVE-2017-2616: Fixed su PAM local SIGKILL denial of service (bsc#1023041).
ModerateSUSE bug 1023041SUSE bug 927949SUSE bug 928749CVE-2015-1865 at SUSECVE-2015-1865 at NVDCVE-2015-4041 at SUSECVE-2015-4041 at NVDCVE-2015-4042 at SUSECVE-2015-4042 at NVDCVE-2017-2616 at SUSECVE-2017-2616 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for cpioSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes an error in cpio that prevents user archive hardlinked
files if inode number was bigger than 2 ** 31.
SUSE bug 629860SUSE bug 658031SUSE bug 704942SUSE bug 907456CVE-2014-9112 at SUSECVE-2014-9112 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cpio (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cpio fixes the following issues:
- CVE-2019-14866: Fixed an improper validation of the values written
in the header of a TAR file through the to_oct() function which could
have led to unexpected TAR generation (bsc#1155199).
- CVE-2016-2037: Fixed an out-of-bounds write in the way cpio parses
certain cpio files (bsc#963448).
ModerateSUSE bug 1155199SUSE bug 963448CVE-2016-2037 at SUSECVE-2016-2037 at NVDCVE-2019-14866 at SUSECVE-2019-14866 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cpio (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cpio fixes the following issues:
It was possible to trigger Remote code execution due to a integer overflow (CVE-2021-38185, bsc#1189206)
ImportantSUSE bug 1189206CVE-2021-38185 at SUSECVE-2021-38185 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cpio (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cpio fixes the following issues:
- A patch previously applied to remedy CVE-2021-38185 introduced a regression
that had the potential to cause a segmentation fault in cpio. [bsc#1189465]
ImportantSUSE bug 1189465CVE-2021-38185 at SUSECVE-2021-38185 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cracklib (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cracklib fixes a security issue and a bug:
Security issue fixed:
- Add patch to fix a stack buffer overflow in GECOS parser (bsc#992966 CVE-2016-6318)
The following non security issue was fixed:
- Call textdomain in cracklib-check main function so that program
output is translated accordingly. (bsc#928923)
ModerateSUSE bug 928923SUSE bug 992966CVE-2016-6318 at SUSECVE-2016-6318 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cron (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cron fixes the following issues:
Security issues fixed:
- CVE-2019-9704: Fixed an insufficient check in the return value of calloc which
could allow a local user to create Denial of Service by crashing the deamon (bsc#1128937).
- CVE-2019-9705: Fixed an implementation vulnerability which could allow a local user to
exhaust the memory resulting in Denial of Service (bsc#1128935).
Other issues addressed:
- Fixed an issue with SElinux where cron jobs were bocked when [permisive mode is selected (bsc#1046229).
- Removed a duplicate sprintf and made some monepage changes (bsc#932499).
LowSUSE bug 1046229SUSE bug 1128935SUSE bug 1128937SUSE bug 932499CVE-2019-9704 at SUSECVE-2019-9704 at NVDCVE-2019-9705 at SUSECVE-2019-9705 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ctags (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ctags fixes the following issues:
- CVE-2014-7204: Fixes a potential denial of service caused by an endless loop in javascript parser (bsc#899486).
ModerateSUSE bug 899486CVE-2014-7204 at SUSECVE-2014-7204 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for CUPSSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes various issues in CUPS.
* CVE-2014-3537 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031: Various
insufficient symbolic link checking could have lead to privilege
escalation from the lp user to root.
Security Issues:
* CVE-2014-3537
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3537>
* CVE-2014-5029
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5029>
* CVE-2014-5030
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5030>
* CVE-2014-5031
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5031>
SUSE bug 601830SUSE bug 649256SUSE bug 680210SUSE bug 680212SUSE bug 700987SUSE bug 711490SUSE bug 715643SUSE bug 789566SUSE bug 802408SUSE bug 827109SUSE bug 887240SUSE bug 917799SUSE bug 924208CVE-2010-0540 at SUSECVE-2010-0540 at NVDCVE-2010-0542 at SUSECVE-2010-0542 at NVDCVE-2010-1748 at SUSECVE-2010-1748 at NVDCVE-2010-2431 at SUSECVE-2010-2431 at NVDCVE-2010-2432 at SUSECVE-2010-2432 at NVDCVE-2010-2941 at SUSECVE-2010-2941 at NVDCVE-2011-2896 at SUSECVE-2011-2896 at NVDCVE-2011-3170 at SUSECVE-2011-3170 at NVDCVE-2012-5519 at SUSECVE-2012-5519 at NVDCVE-2014-3537 at SUSECVE-2014-3537 at NVDCVE-2014-5029 at SUSECVE-2014-5029 at NVDCVE-2014-5030 at SUSECVE-2014-5030 at NVDCVE-2014-5031 at SUSECVE-2014-5031 at NVDCVE-2014-9679 at SUSECVE-2014-9679 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for cups (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cups fixes the following issues:
Security issues fixed:
- CVE-2018-4180: Fix local privilege escalation to root in dnssd backend (bsc#1096405).
- CVE-2018-4181: Limited local file reads as root via cupsd.conf include directive (bsc#1096406).
- CVE-2018-4182: Fix cups-exec sandbox bypass due to insecure error handling (bsc#1096407).
- CVE-2018-4183: Fix cups-exec sandbox bypass due to profile misconfiguration (bsc#1096408).
ModerateSUSE bug 1096405SUSE bug 1096406SUSE bug 1096407SUSE bug 1096408CVE-2018-4180 at SUSECVE-2018-4180 at NVDCVE-2018-4181 at SUSECVE-2018-4181 at NVDCVE-2018-4182 at SUSECVE-2018-4182 at NVDCVE-2018-4183 at SUSECVE-2018-4183 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cups (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cups fixes the following issues:
- CVE-2019-8675: Fixed a stack buffer overflow in libcups's asn1_get_type function(bsc#1146358).
- CVE-2019-8696: Fixed a stack buffer overflow in libcups's asn1_get_packed function (bsc#1146359).
- Fixed a double free which was triggered by Java application (bsc#959478).
ImportantSUSE bug 1146358SUSE bug 1146359SUSE bug 959478CVE-2019-8675 at SUSECVE-2019-8675 at NVDCVE-2019-8696 at SUSECVE-2019-8696 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cups (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cups fixes the following issues:
- CVE-2020-3898: Fixed heap buffer overflow in libcups ppdFindOption() function (bsc#1168422).
ImportantSUSE bug 1168422CVE-2020-3898 at SUSECVE-2020-3898 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cups (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cups fixes the following issues:
- CVE-2020-10001: Fixed an out-of-bounds read in the ippReadIO function (bsc#1180520).
ModerateSUSE bug 1180520CVE-2020-10001 at SUSECVE-2020-10001 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cups (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cups fixes the following issues:
- CVE-2021-25317: ownership of /var/log/cups could allow privilege escalation from lp user to root via symlink attacks (bsc#1184161)
ImportantSUSE bug 1184161CVE-2021-25317 at SUSECVE-2021-25317 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curlSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This curl update fixes the following security issues:
* bnc#868627: wrong re-use of connections (CVE-2014-0138).
* bnc#868629: IP address wildcard certificate validation
(CVE-2014-0139).
* bnc#862144: testsuite test172 failure.
Security Issue references:
* CVE-2014-0138
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138>
* CVE-2014-0139
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139>
SUSE bug 620857SUSE bug 628337SUSE bug 755908SUSE bug 765342SUSE bug 769247SUSE bug 814655SUSE bug 824517SUSE bug 849596SUSE bug 858673SUSE bug 868627SUSE bug 868629SUSE bug 870444SUSE bug 884698SUSE bug 885302SUSE bug 894575SUSE bug 897816SUSE bug 901924SUSE bug 927174SUSE bug 927556SUSE bug 927746SUSE bug 928533CVE-2013-1944 at SUSECVE-2013-1944 at NVDCVE-2013-2174 at SUSECVE-2013-2174 at NVDCVE-2013-4545 at SUSECVE-2013-4545 at NVDCVE-2014-0015 at SUSECVE-2014-0015 at NVDCVE-2014-0138 at SUSECVE-2014-0138 at NVDCVE-2014-0139 at SUSECVE-2014-0139 at NVDCVE-2014-3613 at SUSECVE-2014-3613 at NVDCVE-2014-8150 at SUSECVE-2014-8150 at NVDCVE-2015-3143 at SUSECVE-2015-3143 at NVDCVE-2015-3148 at SUSECVE-2015-3148 at NVDCVE-2015-3153 at SUSECVE-2015-3153 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following issues:
- CVE-2016-0755: libcurl would reuse NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer (bsc#962983)
The following non-security bugs were fixed:
- bsc#926511: Check for errors on the control connection during FTP transfers
The following tracked bugs only affect the test suite:
- bsc#962996: Expired cookie in test 46 caused test failures
ModerateSUSE bug 926511SUSE bug 962983SUSE bug 962996CVE-2016-0755 at SUSECVE-2016-0755 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following issues:
- CVE-2016-5419: TLS session resumption client cert bypass (bsc#991389)
- CVE-2016-5420: Re-using connections with wrong client cert (bsc#991390)
ModerateSUSE bug 991389SUSE bug 991390CVE-2016-5419 at SUSECVE-2016-5419 at NVDCVE-2016-5420 at SUSECVE-2016-5420 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following issues:
- CVE-2016-5419: TLS session resumption client cert bypass (bsc#991389)
- CVE-2016-5420: Re-using connections with wrong client cert (bsc#991390)
- CVE-2016-7141: Fixed incorrect reuse of client certificates (bsc#997420).
ModerateSUSE bug 991389SUSE bug 991390SUSE bug 997420CVE-2016-5419 at SUSECVE-2016-5419 at NVDCVE-2016-5420 at SUSECVE-2016-5420 at NVDCVE-2016-7141 at SUSECVE-2016-7141 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following security issues:
- CVE-2016-8624: invalid URL parsing with '#' (bsc#1005646)
- CVE-2016-8623: Use-after-free via shared cookies (bsc#1005645)
- CVE-2016-8621: curl_getdate read out of bounds (bsc#1005642)
- CVE-2016-8619: double-free in krb5 code (bsc#1005638)
- CVE-2016-8618: double-free in curl_maprintf (bsc#1005637)
- CVE-2016-8617: OOB write via unchecked multiplication (bsc#1005635)
- CVE-2016-8616: case insensitive password comparison (bsc#1005634)
- CVE-2016-8615: cookie injection for other servers (bsc#1005633)
- CVE-2016-7167: escape and unescape integer overflows (bsc#998760)
ImportantSUSE bug 1005633SUSE bug 1005634SUSE bug 1005635SUSE bug 1005637SUSE bug 1005638SUSE bug 1005642SUSE bug 1005645SUSE bug 1005646SUSE bug 998760CVE-2016-7167 at SUSECVE-2016-7167 at NVDCVE-2016-8615 at SUSECVE-2016-8615 at NVDCVE-2016-8616 at SUSECVE-2016-8616 at NVDCVE-2016-8617 at SUSECVE-2016-8617 at NVDCVE-2016-8618 at SUSECVE-2016-8618 at NVDCVE-2016-8619 at SUSECVE-2016-8619 at NVDCVE-2016-8620 at SUSECVE-2016-8620 at NVDCVE-2016-8621 at SUSECVE-2016-8621 at NVDCVE-2016-8622 at SUSECVE-2016-8622 at NVDCVE-2016-8623 at SUSECVE-2016-8623 at NVDCVE-2016-8624 at SUSECVE-2016-8624 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following issues:
These security issues were fixed:
- CVE-2016-9586: libcurl printf floating point buffer overflow (bsc#1015332)
- CVE-2017-7407: The ourWriteOut function in tool_writeout.c in curl might have allowed physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which lead to a heap-based buffer over-read (bsc#1032309).
ModerateSUSE bug 1015332SUSE bug 1032309CVE-2016-9586 at SUSECVE-2016-9586 at NVDCVE-2017-7407 at SUSECVE-2017-7407 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following issues:
- CVE-2017-1000100: TFP sends more than buffer size and it could lead to a denial of service (bsc#1051644)
- CVE-2017-7407: ourWriteOut function problem could lead to a heap buffer over-read (bsc#1032309)
- CVE-2016-9586: libcurl printf issue could lead to buffer overflow (bsc#1015332)
ModerateSUSE bug 1015332SUSE bug 1032309SUSE bug 1051644CVE-2016-9586 at SUSECVE-2016-9586 at NVDCVE-2017-1000100 at SUSECVE-2017-1000100 at NVDCVE-2017-7407 at SUSECVE-2017-7407 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following security issues:
- CVE-2017-1000254: FTP PWD response parser out of bounds read (bsc#1061876)
ModerateSUSE bug 1061876CVE-2017-1000254 at SUSECVE-2017-1000254 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl several issues.
This security issue was fixed:
- CVE-2018-1000007: Prevent leaking authentication data to third parties when following redirects (bsc#1077001)
This non-security issue was fixed:
- Set DEFAULT_SUSE as the default cipher list (bsc#1027712]
ModerateSUSE bug 1027712SUSE bug 1077001CVE-2016-7141 at SUSECVE-2016-7141 at NVDCVE-2018-1000007 at SUSECVE-2018-1000007 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following issues:
curl was updated to version 7.37.0 (fate#325339 bsc#1084137)
This update syncs the curl version to the one in SUSE Linux Enterprise 12
and is full binary compatible to the previous version.
This update is done to allow other third party software like 'R' to
be able to be used on the SUSE Linux Enterprise 11 codebase.
Following security issues were fixed:
- CVE-2018-1000120: A buffer overflow exists in the FTP URL handling that allowed an attacker to cause a denial of service or possible code execution (bsc#1084521).
- CVE-2018-1000121: A NULL pointer dereference exists in the LDAP code that allowed an attacker to cause a denial of service (bsc#1084524).
- CVE-2018-1000122: A buffer over-read exists in the RTSP+RTP handling code that allowed an attacker to cause a denial of service or information leakage (bsc#1084532).
The package also requires a libopenssl that implements the DEFAULT_SUSE cipher list
(bsc#1081056, bsc#1083463,bsc#1086825)
ModerateSUSE bug 1081056SUSE bug 1083463SUSE bug 1084137SUSE bug 1084521SUSE bug 1084524SUSE bug 1084532SUSE bug 1085124SUSE bug 1086825SUSE bug 1087922SUSE bug 1090194CVE-2018-1000120 at SUSECVE-2018-1000120 at NVDCVE-2018-1000121 at SUSECVE-2018-1000121 at NVDCVE-2018-1000122 at SUSECVE-2018-1000122 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following issues:
- CVE-2018-1000301: Fixed a buffer over-read caused by bad RTSP headers (bsc#1092098)
ModerateSUSE bug 1092098CVE-2018-1000301 at SUSECVE-2018-1000301 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following issues:
- CVE-2018-14618: Prevent integer overflow in the NTLM authentication code
(bsc#1106019).
ModerateSUSE bug 1106019CVE-2018-14618 at SUSECVE-2018-14618 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following issues:
- CVE-2018-16840: A use-after-free in SASL handle close was fixed (bsc#1112758)
- CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660)
ModerateSUSE bug 1112758SUSE bug 1113660CVE-2018-16840 at SUSECVE-2018-16840 at NVDCVE-2018-16842 at SUSECVE-2018-16842 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following issues:
Security issue fixed:
- CVE-2019-5436: Fixed a heap buffer overflow exists in tftp_receive_packet that receives data from a TFTP server (bsc#1135170).
ImportantSUSE bug 1135170CVE-2019-5436 at SUSECVE-2019-5436 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following issues:
Security issue fixed:
- CVE-2019-5482: Fixed a TFTP small blocksize heap buffer overflow (bsc#1149496).
ImportantSUSE bug 1149496CVE-2019-5482 at SUSECVE-2019-5482 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following issues:
- CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious
server to overwrite a local file when using the -J option (bsc#1173027).
ImportantSUSE bug 1173027CVE-2020-8177 at SUSECVE-2020-8177 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following issues:
- An application that performs multiple requests with libcurl's
multi API and sets the 'CURLOPT_CONNECT_ONLY' option, might in
rare circumstances experience that when subsequently using the
setup connect-only transfer, libcurl will pick and use the wrong
connection and instead pick another one the application has
created since then. [bsc#1175109, CVE-2020-8231]
ModerateSUSE bug 1175109CVE-2020-8231 at SUSECVE-2020-8231 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following issues:
- CVE-2020-8284: Fixed an issue where a malicious FTP server could make curl connect to a different IP (bsc#1179398).
- CVE-2020-8285: Fixed an FTP wildcard stack overflow (bsc#1179399).
ModerateSUSE bug 1179398SUSE bug 1179399CVE-2020-8284 at SUSECVE-2020-8284 at NVDCVE-2020-8285 at SUSECVE-2020-8285 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following issues:
- CVE-2021-22876: Fixed an issue where the automatic referer was leaking credentials (bsc#1183933).
ModerateSUSE bug 1183933CVE-2021-22876 at SUSECVE-2021-22876 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following issues:
- CVE-2021-22898: Fixed curl TELNET stack contents disclosure (bsc#1186114).
ModerateSUSE bug 1186114CVE-2021-22898 at SUSECVE-2021-22898 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following issues:
- CVE-2021-22898: Fixed curl TELNET stack contents disclosure (bsc#1186114).
ModerateSUSE bug 1186114CVE-2021-22898 at SUSECVE-2021-22898 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following issues:
- CVE-2021-22925: TELNET stack contents disclosure again. (bsc#1188220)
- CVE-2021-22924: Bad connection reuse due to flawed path name checks. (bsc#1188219)
- CVE-2021-22923: Insufficiently Protected Credentials. (bsc#1188218)
- CVE-2021-22922: Wrong content via metalink not discarded. (bsc#1188217)
ModerateSUSE bug 1188217SUSE bug 1188218SUSE bug 1188219SUSE bug 1188220CVE-2021-22922 at SUSECVE-2021-22922 at NVDCVE-2021-22923 at SUSECVE-2021-22923 at NVDCVE-2021-22924 at SUSECVE-2021-22924 at NVDCVE-2021-22925 at SUSECVE-2021-22925 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for curl fixes the following issues:
- CVE-2021-22947: Fixed STARTTLS protocol injection via MITM (bsc#1190374).
- CVE-2021-22946: Fixed protocol downgrade required TLS bypassed (bsc#1190373).
ModerateSUSE bug 1190373SUSE bug 1190374CVE-2021-22946 at SUSECVE-2021-22946 at NVDCVE-2021-22947 at SUSECVE-2021-22947 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for CVSSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
A heap-based buffer overflow flaw was found in the way CVS read proxy
connection HTTP responses. An attacker could exploit this to cause the
application to crash or, potentially, execute arbitrary code in the context
of the user running the application (CVE-2012-0804).
Security Issue reference:
* CVE-2012-0804
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0804>
SUSE bug 744059CVE-2012-0804 at SUSECVE-2012-0804 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cvs (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cvs fixes the following issues:
- CVE-2017-12836: A leading dash in the argument of the '-d' option could lead to argument injection (bsc#1053364)
ModerateSUSE bug 1053364CVE-2017-12836 at SUSECVE-2017-12836 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cyrus-imapdSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
An authentication bypass (CVE-2011-3372) and a DoS vulnerability
(CVE-2011-3481) have been fixed in the Cyrus IMAPd nntpd.
Security Issue references:
* CVE-2011-3372
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3372>
* CVE-2011-3481
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3481>
SUSE bug 606710SUSE bug 694247SUSE bug 715251SUSE bug 718428SUSE bug 719998CVE-2011-1926 at SUSECVE-2011-1926 at NVDCVE-2011-3208 at SUSECVE-2011-3208 at NVDCVE-2011-3372 at SUSECVE-2011-3372 at NVDCVE-2011-3481 at SUSECVE-2011-3481 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cyrus-imapd (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cyrus-imapd fixes the following issues:
- Previous versions of cyrus-imapd would not allow its users to disable old SSL
variants that are vulnerable to attacks like BEAST and POODLE. This patch
adds the configuration option 'tls_versions' to remedy that issue. Note that
users who upgrade an existing installation will *not* have their imapd.conf
file overwritten, i.e. their IMAP server will continue to support SSLv2 and
SSLv3 like before. To disable support for those protocols, edit imapd.conf
manually to include 'tls_versions: tls1_0 tls1_1 tls1_2'. New installations,
however, will have an imapd.conf file that contains these settings already,
i.e. newly installed IMAP servers do *not* support unsafe versions of SSL
unless that support is explicitly enabled by the user. (bsc#901748)
- An integer overflow vulnerability in cyrus-imapd's urlfetch range checking
code was fixed. (CVE-2015-8076, CVE-2015-8077, CVE-2015-8078, bsc#981670,
bsc#954200, bsc#954201)
- Support for Elliptic Curve Diffie–Hellman (ECDH) has been added to
cyrus-imapd. (bsc#860611)
ImportantSUSE bug 860611SUSE bug 901748SUSE bug 954200SUSE bug 954201SUSE bug 981670CVE-2014-3566 at SUSECVE-2014-3566 at NVDCVE-2015-8076 at SUSECVE-2015-8076 at NVDCVE-2015-8077 at SUSECVE-2015-8077 at NVDCVE-2015-8078 at SUSECVE-2015-8078 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cyrus-imapd (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cyrus-imapd fixes the following issues:
Security issue fixed:
- CVE-2017-14230: Fixed a off-by-one error in prefix calculation for the LIST command that could cause use of uninitialized memory (bsc#1058021).
LowSUSE bug 1058021CVE-2017-14230 at SUSECVE-2017-14230 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cyrus-imapd (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cyrus-imapd fixes the following issues:
- CVE-2021-33582: Fixed possible hash denial of service (bsc#1189313).
ModerateSUSE bug 1189313CVE-2021-33582 at SUSECVE-2021-33582 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cyrus-sasl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cyrus-sasl fixes the following issues:
- CVE-2019-19906: Fixed an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet (bsc#1159635).
ImportantSUSE bug 1159635CVE-2019-19906 at SUSECVE-2019-19906 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cyrus-sasl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cyrus-sasl fixes the following issues:
- CVE-2019-19906: Fixed an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet (bsc#1159635).
ImportantSUSE bug 1159635CVE-2019-19906 at SUSECVE-2019-19906 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cyrus-sasl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cyrus-sasl fixes the following issues:
- CVE-2022-24407: Fixed SQL injection in sql_auxprop_store in plugins/sql.c (bsc#1196036).
ImportantSUSE bug 1196036CVE-2022-24407 at SUSECVE-2022-24407 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for cyrus-sasl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for cyrus-sasl fixes the following issues:
- CVE-2022-24407: Fixed SQL injection in sql_auxprop_store in plugins/sql.c (bsc#1196036).
ImportantSUSE bug 1196036CVE-2022-24407 at SUSECVE-2022-24407 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for dbus-1SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
Various denial of service issues were fixed in the DBUS service.
* CVE-2014-3638: dbus-daemon tracks whether method call messages expect
a reply, so that unsolicited replies can be dropped. As currently
implemented, if there are n parallel method calls in progress, each
method reply takes O(n) CPU time. A malicious user could exploit this
by opening the maximum allowed number of parallel connections and
sending the maximum number of parallel method calls on each one,
causing subsequent method calls to be unreasonably slow, a denial of
service.
* CVE-2014-3639: dbus-daemon allows a small number of 'incomplete'
connections (64 by default) whose identity has not yet been
confirmed. When this limit has been reached, subsequent connections
are dropped. Alban's testing indicates that one malicious process
that makes repeated connection attempts, but never completes the
authentication handshake and instead waits for dbus-daemon to time
out and disconnect it, can cause the majority of legitimate
connection attempts to fail.
Security Issues:
* CVE-2014-3638
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3638>
* CVE-2014-3639
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3639>
SUSE bug 495804SUSE bug 595681SUSE bug 659934SUSE bug 697105SUSE bug 699712SUSE bug 739743SUSE bug 764047SUSE bug 896453CVE-2010-4352 at SUSECVE-2010-4352 at NVDCVE-2011-2200 at SUSECVE-2011-2200 at NVDCVE-2012-3524 at SUSECVE-2012-3524 at NVDCVE-2014-3638 at SUSECVE-2014-3638 at NVDCVE-2014-3639 at SUSECVE-2014-3639 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for dbus-1 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for dbus-1 fixes the following issues:
Security issue fixed:
- CVE-2019-12749: Fixed an implementation flaw in DBUS_COOKIE_SHA1 which
could have allowed local attackers to bypass authentication (bsc#1137832).
ImportantSUSE bug 1137832CVE-2019-12749 at SUSECVE-2019-12749 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for dbus-1SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes the dbus-1 Method 'GetAll', which did not work on
multi-interface objects (bnc#662487).
SUSE bug 628607SUSE bug 662487CVE-2010-1172 at SUSECVE-2010-1172 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for dhcpSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of dhcp fixes two security vulnerabilities:
* Malformed client identifiers could cause a Denial of Service
(excessive CPU consumption), effectively causing further client
requests to not be processed anymore. (CVE-2012-3571
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3571> )
* Two unspecified memory leaks. (CVE-2012-3954
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3954> )
Additionally, the following issues were fixed:
* The init script of dhcp-server was fixed to check syntax and fail on
force-reload and restart to avoid stopping of running daemon followed
by start failure
* Added libgcc_s.so to chroot, so the server can report an assert/crash
line.
SUSE bug 597825SUSE bug 627617SUSE bug 640336SUSE bug 648580SUSE bug 668194SUSE bug 673792SUSE bug 675052SUSE bug 678858SUSE bug 700771SUSE bug 712653SUSE bug 739696SUSE bug 762108SUSE bug 772924CVE-2011-0997 at SUSECVE-2011-0997 at NVDCVE-2011-2748 at SUSECVE-2011-2748 at NVDCVE-2011-2749 at SUSECVE-2011-2749 at NVDCVE-2012-3571 at SUSECVE-2012-3571 at NVDCVE-2012-3954 at SUSECVE-2012-3954 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for dhcp (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for dhcp fixes the following issues:
- CVE-2015-8605: A remote attacker could have used badly formed packets with an invalid IPv4 UDP length field to cause a DHCP server, client, or relay program to terminate abnormally (bsc#961305)
The following bugs were fixed:
- bsc#936923: Improper lease duration checking
- bsc#880984: Integer overflows in the date and time handling code
ModerateSUSE bug 880984SUSE bug 936923SUSE bug 961305CVE-2015-8605 at SUSECVE-2015-8605 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for dhcp (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for dhcp fixes the following issues:
- CVE-2016-2774: Fixed a denial of service attack against the DHCP server over the OMAPI TCP socket, which could be used
by network adjacent attackers to make the DHCP server non-functional (bsc#969820).
LowSUSE bug 969820CVE-2016-2774 at SUSECVE-2016-2774 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for dhcp (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for dhcp fixes the following issues:
- CVE-2017-3144: Plugs a socket descriptor leak in OMAPI (bsc#1076119)
- CVE-2021-25217: A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient (bsc#1186382)
ImportantSUSE bug 1076119SUSE bug 1186382CVE-2017-3144 at SUSECVE-2017-3144 at NVDCVE-2021-25217 at SUSECVE-2021-25217 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for dhcpcdSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
A stack overflow in dhcpcd was fixed which could be used by network local
attackers to crash the dhcpcd and so causing loss of DHCP functionality.
(CVE-2012-2152)
Security Issue references:
* CVE-2012-2152
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2152>
SUSE bug 564441SUSE bug 579438SUSE bug 654649SUSE bug 657402SUSE bug 668194SUSE bug 672038SUSE bug 675052SUSE bug 687850SUSE bug 710758SUSE bug 725856SUSE bug 758227SUSE bug 760334CVE-2011-0996 at SUSECVE-2011-0996 at NVDCVE-2012-2152 at SUSECVE-2012-2152 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for dhcpcd (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
dhcpcd was updated to fix three security issues.
These security issues were fixed:
- CVE-2012-6698: A potential out of bounds write was fixed, which could lead to memory corruption, triggerable by network local attackers.
- CVE-2012-6699: A loop error was fixed that could lead out of bound reads, triggerable by network local attackers.
- CVE-2012-6700: An incorrect free could lead to crashes, triggerable by network local attackers.
ImportantSUSE bug 955762CVE-2012-6698 at SUSECVE-2012-6698 at NVDCVE-2012-6699 at SUSECVE-2012-6699 at NVDCVE-2012-6700 at SUSECVE-2012-6700 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for dhcpv6SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
A rogue DHCP server could instruct clients to use a host name that contains
shell meta characters. Since many scripts in the system do not expect
unusal characters in the system's host name the DHCP client needs to
sanitize the host name offered by the server (CVE-2011-0997).
Security Issue reference:
* CVE-2011-0997
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997>
SUSE bug 675052CVE-2011-0997 at SUSECVE-2011-0997 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for djvulibre (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for djvulibre fixes the following issues:
Security issues fixed:
- CVE-2019-15142: Fixed heap-based buffer over-read (bsc#1146702).
- CVE-2019-15143: Fixed resource exhaustion caused by corrupted image files (bsc#1146569).
- CVE-2019-15144: Fixed denial-of-service caused by crafted PBM image files (bsc#1146571).
- CVE-2019-15145: Fixed out-of-bounds read caused by corrupted JB2 image files (bsc#1146572).
- Fixed segfault when libtiff encounters corrupted TIFF (upstream issue #295).
ModerateSUSE bug 1146569SUSE bug 1146571SUSE bug 1146572SUSE bug 1146702CVE-2019-15142 at SUSECVE-2019-15142 at NVDCVE-2019-15143 at SUSECVE-2019-15143 at NVDCVE-2019-15144 at SUSECVE-2019-15144 at NVDCVE-2019-15145 at SUSECVE-2019-15145 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for djvulibre (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for djvulibre fixes the following issues:
- CVE-2019-18804: Fixed a null pointer dereference (bsc#1156188).
LowSUSE bug 1156188CVE-2019-18804 at SUSECVE-2019-18804 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for djvulibre (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for djvulibre fixes the following issues:
Security issues fixed:
- CVE-2021-32491 [bsc#1185900]: Integer overflow in function render() in tools/ddjvu via crafted djvu file
- CVE-2021-32492 [bsc#1185904]: Out of bounds read in function DJVU:DataPool:has_data() via crafted djvu file
- CVE-2021-32493 [bsc#1185905]: Heap buffer overflow in function DJVU:GBitmap:decode() via crafted djvu file
ImportantSUSE bug 1185900SUSE bug 1185904SUSE bug 1185905CVE-2021-32491 at SUSECVE-2021-32491 at NVDCVE-2021-32492 at SUSECVE-2021-32492 at NVDCVE-2021-32493 at SUSECVE-2021-32493 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for djvulibre (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for djvulibre fixes the following issues:
- CVE-2021-3500: Stack overflow in function DJVU:DjVuDocument:get_djvu_file() via crafted djvu file (bsc#1186253)
ImportantSUSE bug 1186253CVE-2021-3500 at SUSECVE-2021-3500 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for djvulibre (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for djvulibre fixes the following issues:
- CVE-2021-3630: out-of-bounds write in DJVU:DjVuTXT:decode() in DjVuText.cpp (bsc#1187869)
ImportantSUSE bug 1187869CVE-2021-3630 at SUSECVE-2021-3630 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for djvulibre (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for djvulibre fixes the following issues:
- Extend CVE-2021-3630 fix (bsc#1187869).
ImportantSUSE bug 1187869CVE-2021-3630 at SUSECVE-2021-3630 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for dnsmasqSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The DNS server dnsmasq was updated to fix one security issue:
* CVE-2015-3294: A remote unauthenticated attacker could have caused a
denial of service (DoS) or read memory from the heap, potentially
disclosing information such as performed DNS queries or encryption
keys. (bsc#928867)
Security Issues:
* CVE-2015-3294
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3294>
SUSE bug 928867CVE-2015-3294 at SUSECVE-2015-3294 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for dnsmasq (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for dnsmasq fixes the following issues:
- CVE-2017-14491: DNS - 2 byte heap based overflow. [bsc#1060354]
ImportantSUSE bug 1060354CVE-2017-14491 at SUSECVE-2017-14491 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for e2fsprogsSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Two security issues were fixed in e2fsprogs:
* CVE-2015-0247: Various heap overflows were fixed in e2fsprogs (fsck,
dumpe2fs, e2image).
* CVE-2015-1572: Fixed a potential buffer overflow in closefs().
(bsc#918346)
Additionally, the following bugs were fixed:
* badblocks was enhanced to work with very large partitions.
(bsc#932539)
* e2fsck was fixed to mark sparse journals as invalid. (bnc#769256)
* dumpe2fs usage on mounted filesystems was clarified. (bnc#708243)
Security Issues:
* CVE-2015-0247
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0247>
* CVE-2015-1572
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1572>
SUSE bug 708243SUSE bug 769256SUSE bug 915402SUSE bug 918346SUSE bug 932539CVE-2015-0247 at SUSECVE-2015-0247 at NVDCVE-2015-1572 at SUSECVE-2015-1572 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for e2fsprogs (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for e2fsprogs fixes the following issues:
- CVE-2019-5188: Fixed a code execution vulnerability in the directory rehashing functionality (bsc#1160571).
ModerateSUSE bug 1160571CVE-2019-5188 at SUSECVE-2019-5188 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ecryptfs-utilsSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
ecryptfs-utils was updated to fix a security issue and some bugs.
Security issue fixed: mount.ecryptfs_private did not set correct group
ownerships when it modifies mtab (CVE-2011-3145).
Also some bugs that made this set of tools non-working were fixed.
You need to manually hand setuid root permissions to
/sbin/mount.ecryptfs_private if you want to use it as a non-root user.
Security Issues:
* CVE-2011-3145
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3145>
SUSE bug 709771SUSE bug 735342SUSE bug 745372SUSE bug 745581SUSE bug 745584SUSE bug 745825CVE-2011-1831 at SUSECVE-2011-1831 at NVDCVE-2011-1832 at SUSECVE-2011-1832 at NVDCVE-2011-1833 at SUSECVE-2011-1833 at NVDCVE-2011-1834 at SUSECVE-2011-1834 at NVDCVE-2011-1835 at SUSECVE-2011-1835 at NVDCVE-2011-1836 at SUSECVE-2011-1836 at NVDCVE-2011-1837 at SUSECVE-2011-1837 at NVDCVE-2011-3145 at SUSECVE-2011-3145 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ecryptfs-utils (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ecryptfs-utils fixes the following issues:
- CVE-2016-1572: A local user could have escalated privileges by mounting over special filesystems (bsc#962052)
- CVE-2014-9687: A default salt value reduced complexity of offline precomputation attacks (bsc#920160)
ModerateSUSE bug 920160SUSE bug 962052CVE-2014-9687 at SUSECVE-2014-9687 at NVDCVE-2016-1572 at SUSECVE-2016-1572 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for edSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes a heap-based buffer overflow in ed which can be exploited
remotely only with user-assistance. CVE-2008-3916: CVSS v2 Base Score: 9.3
(HIGH) (AV:N/AC:M/Au:N/C:C/I:C/A:C): Buffer Errors (CWE-119)
Security Issue reference:
* CVE-2008-3916
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3916>
SUSE bug 474587CVE-2008-3916 at SUSECVE-2008-3916 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ed (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ed fixes the following security issues:
- CVE-2017-5357: An invalid free in the regular expression handling
of the 'ed' command processing could allow local users to crash ed. (bsc#1019807)
LowSUSE bug 1019807CVE-2017-5357 at SUSECVE-2017-5357 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for elfutilsSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
elfutils has been updated to fix one security issue:
* CVE-2014-9447: Directory traversal vulnerability in the
read_long_names function in libelf/elf_begin.c in elfutils 0.152 and
0.161 allowed remote attackers to write to arbitrary files to the
root directory via a / (slash) in a crafted archive, as demonstrated
using the ar program (bnc#911662).
Security Issues:
* CVE-2014-9447
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9447>
SUSE bug 911662CVE-2014-9447 at SUSECVE-2014-9447 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for elfutils (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for elfutils fixes the following issues:
Security issues fixed:
- CVE-2018-16403:Fixed a heap-based buffer over-read in in libdw/dwarf_getabbrev.c
and libwd/dwarf_hasattr.c which could have lead to denial of service (bsc#1107067).
- CVE-2016-10254: Fixed a memory allocation failure in alloxate_elf (bsc#1030472).
- CVE-2016-10255: Fixed a memory allocation failure in libelf_set_rawdata_wrlock (bsc#1030476).
- CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (bsc#1125007).
- CVE-2019-7150: Added a missing check in dwfl_segment_report_module which could have allowed truncated files
to be read (bsc#1123685).
- CVE-2018-16062: Fixed a heap-buffer-overflow (bsc#1106390).
- CVE-2017-7611: Fixed a heap-based buffer over-read that could have led to Denial of Service (bsc#1033088).
- CVE-2017-7607: Fixed a heap-based buffer overflow in handle_gnu_hash (bsc#1033084).
- CVE-2017-7610: Fixed a heap-based buffer overflow in check_group (bsc#1033087).
- CVE-2018-18521: Fixed multiple divide-by-zero vulnerabilities in function arlib_add_symbols() (bsc#1112723).
- CVE-2017-7612: Fixed a denial of service in check_sysv_hash() via a crafted ELF file (bsc#1033089).
- CVE-2018-18310: Fixed an invalid address read in dwfl_segment_report_module.c (bsc#1111973).
- CVE-2018-18520: Fixed bad handling of ar files inside are files (bsc#1112726).
LowSUSE bug 1030472SUSE bug 1030476SUSE bug 1033084SUSE bug 1033087SUSE bug 1033088SUSE bug 1033089SUSE bug 1106390SUSE bug 1107067SUSE bug 1111973SUSE bug 1112723SUSE bug 1112726SUSE bug 1123685SUSE bug 1125007CVE-2016-10254 at SUSECVE-2016-10254 at NVDCVE-2016-10255 at SUSECVE-2016-10255 at NVDCVE-2017-7607 at SUSECVE-2017-7607 at NVDCVE-2017-7610 at SUSECVE-2017-7610 at NVDCVE-2017-7611 at SUSECVE-2017-7611 at NVDCVE-2017-7612 at SUSECVE-2017-7612 at NVDCVE-2018-16062 at SUSECVE-2018-16062 at NVDCVE-2018-16403 at SUSECVE-2018-16403 at NVDCVE-2018-18310 at SUSECVE-2018-18310 at NVDCVE-2018-18520 at SUSECVE-2018-18520 at NVDCVE-2018-18521 at SUSECVE-2018-18521 at NVDCVE-2019-7150 at SUSECVE-2019-7150 at NVDCVE-2019-7665 at SUSECVE-2019-7665 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for EmacsSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes an issue in Emacs where it doesn't show all menu items
properly when using the mouse for selecting the menus from the menu bar
(bnc#643425).
SUSE bug 632425SUSE bug 854683SUSE bug 876847CVE-2014-3421 at SUSECVE-2014-3421 at NVDCVE-2014-3422 at SUSECVE-2014-3422 at NVDCVE-2014-3423 at SUSECVE-2014-3423 at NVDCVE-2014-3424 at SUSECVE-2014-3424 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for emacs (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for emacs fixes one issues.
This security issue was fixed:
- CVE-2017-14482: Remote code execution via mails with 'Content-Type: text/enriched' (bsc#1058425)
ImportantSUSE bug 1058425CVE-2017-14482 at SUSECVE-2017-14482 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for evinceSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of evince fixes a buffer overflow in linetoken().
(CVE-2011-0433)
Security Issue reference:
* CVE-2011-0433
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0433>
SUSE bug 660558SUSE bug 671064CVE-2010-2640 at SUSECVE-2010-2640 at NVDCVE-2010-2641 at SUSECVE-2010-2641 at NVDCVE-2010-2642 at SUSECVE-2010-2642 at NVDCVE-2010-2643 at SUSECVE-2010-2643 at NVDCVE-2011-0433 at SUSECVE-2011-0433 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for evince (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for evince provides the following fix:
- CVE-2017-1000159: Prevent command line injections via filenames when printing to a file. (bsc#1070046)
ModerateSUSE bug 1070046CVE-2017-1000159 at SUSECVE-2017-1000159 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for evince (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for evince fixes the following issues:
Security issues fixed:
- CVE-2019-11459: Fixed an improper error handling in which could have led to use of uninitialized use of memory (bsc#1133037).
- CVE-2019-1010006: Fixed a buffer overflow in backend/tiff/tiff-document.c (bsc#1141619).
ImportantSUSE bug 1133037SUSE bug 1141619CVE-2019-1010006 at SUSECVE-2019-1010006 at NVDCVE-2019-11459 at SUSECVE-2019-11459 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for exempi (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for exempi fixes the following issues:
Security issue fixed:
- CVE-2018-7730: Fix heap-based buffer overflow in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp (bsc#1085295).
- CVE-2017-18234: Fix use-after-free issue that allows remote attackers to cause a denial of service via a .pdf file (bsc#1085585).
ModerateSUSE bug 1085295SUSE bug 1085585CVE-2017-18234 at SUSECVE-2017-18234 at NVDCVE-2018-7730 at SUSECVE-2018-7730 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for expatSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of expat fixes the following bugs:
* hash collision attack that could lead to exessive CPU usage
(CVE-2012-0876)
* expat didn't close file descriptors in some cases (CVE-2012-1147)
* specially crafted xml files could lead to a memory leak
(CVE-2012-1148)
Security Issue references:
* CVE-2012-0876
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876>
* CVE-2012-1147
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1147>
* CVE-2012-1148
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1148>
SUSE bug 750914SUSE bug 751464SUSE bug 751465SUSE bug 755377CVE-2012-0876 at SUSECVE-2012-0876 at NVDCVE-2012-1147 at SUSECVE-2012-1147 at NVDCVE-2012-1148 at SUSECVE-2012-1148 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for expat (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for expat fixes the following issues:
Security issue fixed:
- CVE-2016-0718: Fix Expat XML parser that mishandles certain kinds of malformed input documents. (bsc#979441)
- CVE-2015-1283: Fix multiple integer overflows. (bnc#980391)
ImportantSUSE bug 979441SUSE bug 980391CVE-2015-1283 at SUSECVE-2015-1283 at NVDCVE-2016-0718 at SUSECVE-2016-0718 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for expat (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for expat fixes the following security issues:
- CVE-2012-6702: Expat, when used in a parser that has not
called XML_SetHashSalt or passed it a seed of 0, made it easier for
context-dependent attackers to defeat cryptographic protection mechanisms
via vectors involving use of the srand function. (bsc#983215)
- CVE-2016-5300: The XML parser in Expat did not use sufficient entropy
for hash initialization, which allowed context-dependent attackers to
cause a denial of service (CPU consumption) via crafted identifiers in
an XML document. NOTE: this vulnerability exists because of an incomplete
fix for CVE-2012-0876. (bsc#983216)
ModerateSUSE bug 1022037SUSE bug 983215SUSE bug 983216CVE-2012-6702 at SUSECVE-2012-6702 at NVDCVE-2016-5300 at SUSECVE-2016-5300 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for expat (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for expat fixes the following issues:
- CVE-2016-9063: Possible integer overflow to fix inside XML_Parse leading to unexpected behaviour (bsc#1047240)
- CVE-2017-9233: External Entity Vulnerability could lead to denial of service (bsc#1047236)
ModerateSUSE bug 1047236SUSE bug 1047240CVE-2016-9063 at SUSECVE-2016-9063 at NVDCVE-2017-9233 at SUSECVE-2017-9233 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for expat (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for expat fixes the following issues:
Security issue fixed:
- CVE-2018-20843: Fixed a denial of service triggered by high resource consumption
in the XML parser when XML names contain a large amount of colons (bsc#1139937).
ModerateSUSE bug 1139937CVE-2018-20843 at SUSECVE-2018-20843 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for expat (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for expat fixes the following issues:
Security issue fixed:
- CVE-2019-15903: Fixed a heap-based buffer over-read caused by crafted XML documents. (bsc#1149429)
ModerateSUSE bug 1149429CVE-2019-15903 at SUSECVE-2019-15903 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for expat (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for expat fixes the following issues:
- CVE-2021-45960: Fixed left shift in the storeAtts function in xmlparse.c that can lead to realloc misbehavior (bsc#1194251).
- CVE-2021-46143: Fixed integer overflow in m_groupSize in doProlog (bsc#1194362).
- CVE-2022-22822: Fixed integer overflow in addBinding in xmlparse.c (bsc#1194474).
- CVE-2022-22823: Fixed integer overflow in build_model in xmlparse.c (bsc#1194476).
- CVE-2022-22824: Fixed integer overflow in defineAttribute in xmlparse.c (bsc#1194477).
- CVE-2022-22825: Fixed integer overflow in lookup in xmlparse.c (bsc#1194478).
- CVE-2022-22826: Fixed integer overflow in nextScaffoldPart in xmlparse.c (bsc#1194479).
- CVE-2022-22827: Fixed integer overflow in storeAtts in xmlparse.c (bsc#1194480).
ImportantSUSE bug 1194251SUSE bug 1194362SUSE bug 1194474SUSE bug 1194476SUSE bug 1194477SUSE bug 1194478SUSE bug 1194479SUSE bug 1194480CVE-2021-45960 at SUSECVE-2021-45960 at NVDCVE-2021-46143 at SUSECVE-2021-46143 at NVDCVE-2022-22822 at SUSECVE-2022-22822 at NVDCVE-2022-22823 at SUSECVE-2022-22823 at NVDCVE-2022-22824 at SUSECVE-2022-22824 at NVDCVE-2022-22825 at SUSECVE-2022-22825 at NVDCVE-2022-22826 at SUSECVE-2022-22826 at NVDCVE-2022-22827 at SUSECVE-2022-22827 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for expat (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for expat fixes the following issues:
- CVE-2022-23852: Fixed signed integer overflow in XML_GetBuffer (bsc#1195054).
- CVE-2022-23990: Fixed integer overflow in the doProlog function (bsc#1195217).
ImportantSUSE bug 1195054SUSE bug 1195217CVE-2022-23852 at SUSECVE-2022-23852 at NVDCVE-2022-23990 at SUSECVE-2022-23990 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for expat (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for expat fixes the following issues:
- CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs (bsc#1196025).
- CVE-2022-25235: Fixed UTF-8 character validation in a certain context (bsc#1196026).
- CVE-2022-25313: Fixed stack exhaustion in build_model() via uncontrolled recursion (bsc#1196168).
- CVE-2022-25314: Fixed integer overflow in copyString (bsc#1196169).
- CVE-2022-25315: Fixed integer overflow in storeRawNames (bsc#1196171).
ImportantSUSE bug 1196025SUSE bug 1196026SUSE bug 1196168SUSE bug 1196169SUSE bug 1196171CVE-2022-25235 at SUSECVE-2022-25235 at NVDCVE-2022-25236 at SUSECVE-2022-25236 at NVDCVE-2022-25313 at SUSECVE-2022-25313 at NVDCVE-2022-25314 at SUSECVE-2022-25314 at NVDCVE-2022-25315 at SUSECVE-2022-25315 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for expat (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for expat fixes the following issues:
- Fixed a regression caused by the patch for CVE-2022-25236 (bsc#1196784).
ImportantSUSE bug 1196025SUSE bug 1196784CVE-2022-25236 at SUSECVE-2022-25236 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for facter (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for facter fixes the following issues:
- CVE-2015-1426: Prevent the EC2 metadata fact from collecting security credentials (bsc#917383).
ModerateSUSE bug 917383CVE-2015-1426 at SUSECVE-2015-1426 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for fastjarSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This fastjar update fixes a directory traversal issue (bnc#607043).
Security Issue reference:
* CVE-2010-0831
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0831>
SUSE bug 607043CVE-2010-0831 at SUSECVE-2010-0831 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for fetchmailSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes a hang in fetchmail when the remote server acknowledges
the STARTTLS command but does not actually start the TLS connection or
sends any additional packages, which can cause fetchmail to get stuck in
very rare cases (CVE-2011-1947).
SUSE bug 669557SUSE bug 697368CVE-2011-1947 at SUSECVE-2011-1947 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for fetchmail (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for fetchmail fixes the following issues:
- CVE-2012-3482: A denial of service vulnerability in the base64 decoder during processing server NTLM protocol exchange was fixed (bsc#775988).
ModerateSUSE bug 775988CVE-2012-3482 at SUSECVE-2012-3482 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for fetchmail (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for fetchmail fixes the following issues:
- CVE-2021-36386: Fixed a missing variable initialization that can cause read from bad memory locations. (bsc#1188875)
ModerateSUSE bug 1188875CVE-2021-36386 at SUSECVE-2021-36386 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for fileSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
file was updated to fix one security issue.
* An out-of-bounds read flaw file's donote() function. This could
possibly lead to file executable crash (CVE-2014-3710).
Security Issues:
* CVE-2014-3710
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710>
SUSE bug 654696SUSE bug 863450SUSE bug 866750SUSE bug 902367CVE-2014-2270 at SUSECVE-2014-2270 at NVDCVE-2014-3710 at SUSECVE-2014-3710 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for file-roller (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for file-roller fixes the following issues:
- Fixed a potential denial of service when extracting a zip files (bsc#937635).
ModerateSUSE bug 937635cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update provides Mozilla Firefox 10, which provides many fixes,
security and feature enhancements.
For a detailed list, please have a look at
http://www.mozilla.org/en-US/firefox/10.0/releasenotes/
<http://www.mozilla.org/en-US/firefox/10.0/releasenotes/>
and
http://www.mozilla.org/de/firefox/features/
<http://www.mozilla.org/de/firefox/features/>
The following security issues have been fixed in this update:
*
Mozilla developers identified and fixed several memory safety bugs in
the browser engine used in Firefox and other Mozilla-based products.
Some of these bugs showed evidence of memory corruption under certain
circumstances, and we presume that with enough effort at least some
of these could be exploited to run arbitrary code. (MFSA 2012-01
<http://www.mozilla.org/security/announce/2012/mfsa2012-01.html> ,
CVE-2012-0442
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0442> ,
CVE-2012-0443
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0443> )
*
Alex Dvorov reported that an attacker could replace a sub-frame in
another domain's document by using the name attribute of the
sub-frame as a form submission target. This can potentially allow for
phishing attacks against users and violates the HTML5 frame
navigation policy. (MFSA 2012-03
<http://www.mozilla.org/security/announce/2012/mfsa2012-03.html> ,
CVE-2012-0445
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0445> )
*
Security researcher regenrecht reported via TippingPoint's Zero Day
Initiative that removed child nodes of nsDOMAttribute can be accessed
under certain circumstances because of a premature notification of
AttributeChildRemoved. This use-after-free of the child nodes could
possibly allow for for remote code execution. (MFSA 2012-04
<http://www.mozilla.org/security/announce/2012/mfsa2012-04.html> ,
CVE-2011-3659
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3659> )
*
Mozilla security researcher moz_bug_r_a4 reported that frame scripts
bypass XPConnect security checks when calling untrusted objects. This
allows for cross-site scripting (XSS) attacks through web pages and
Firefox extensions. The fix enables the Script Security Manager (SSM)
to force security checks on all frame scripts. (MFSA 2012-05
<http://www.mozilla.org/security/announce/2012/mfsa2012-05.html> ,
CVE-2012-0446
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0446> )
*
Mozilla developer Tim Abraldes reported that when encoding images as
image/vnd.microsoft.icon the resulting data was always a fixed size,
with uninitialized memory appended as padding beyond the size of the
actual image. This is the result of mImageBufferSize in the encoder
being initialized with a value different than the size of the source
image. There is the possibility of sensitive data from uninitialized
memory being appended to a PNG image when converted fron an ICO
format image. This sensitive data may then be disclosed in the
resulting image. ((MFSA 2012-06)
http://www.mozilla.org/security/announce/2012/mfsa2012-06.html],
[CVE-2012-0447
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0447> )
*
Security researcher regenrecht reported via TippingPoint's Zero Day
Initiative the possibility of memory corruption during the decoding
of Ogg Vorbis files. This can cause a crash during decoding and has
the potential for remote code execution. (MFSA 2012-07
<http://www.mozilla.org/security/announce/2012/mfsa2012-07.html> ,
CVE-2012-0444
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0444> )
*
Security researchers Nicolas Gregoire and Aki Helin independently
reported that when processing a malformed embedded XSLT stylesheet,
Firefox can crash due to a memory corruption. While there is no
evidence that this is directly exploitable, there is a possibility of
remote code execution. (MFSA 2012-08
<http://www.mozilla.org/security/announce/2012/mfsa2012-08.html> ,
CVE-2012-0449
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0449> )
*
magicant starmen reported that if a user chooses to export their
Firefox Sync key the 'Firefox Recovery Key.html' file is saved with
incorrect permissions, making the file contents potentially readable
by other users on Linux and OS X systems. (MFSA 2012-09
<http://www.mozilla.org/security/announce/2012/mfsa2012-09.html> ,
CVE-2012-0450
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0450> )
SUSE bug 742826CVE-2011-3659 at SUSECVE-2011-3659 at NVDCVE-2012-0442 at SUSECVE-2012-0442 at NVDCVE-2012-0443 at SUSECVE-2012-0443 at NVDCVE-2012-0444 at SUSECVE-2012-0444 at NVDCVE-2012-0445 at SUSECVE-2012-0445 at NVDCVE-2012-0446 at SUSECVE-2012-0446 at NVDCVE-2012-0447 at SUSECVE-2012-0447 at NVDCVE-2012-0449 at SUSECVE-2012-0449 at NVDCVE-2012-0450 at SUSECVE-2012-0450 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
MozillaFirefox was updated to the 10.0.4 ESR release to fix various bugs
and security issues.
*
MFSA 2012-20: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products.
Christian Holler a reported memory safety and security problem
affecting Firefox 11. (CVE-2012-0468)
Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong,
Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli
Pettay reported memory safety problems and crashes that affect
Firefox ESR and Firefox 11. (CVE-2012-0467)
*
MFSA 2012-22 / CVE-2012-0469: Using the Address Sanitizer tool,
security researcher Aki Helin from OUSPG found that IDBKeyRange of
indexedDB remains in the XPConnect hashtable instead of being
unlinked before being destroyed. When it is destroyed, this causes a
use-after-free, which is potentially exploitable.
*
MFSA 2012-23 / CVE-2012-0470: Using the Address Sanitizer tool,
security researcher Atte Kettunen from OUSPG found a heap corruption
in gfxImageSurface which allows for invalid frees and possible remote
code execution. This happens due to float error, resulting from
graphics values being passed through different number systems.
*
MFSA 2012-24 / CVE-2012-0471: Anne van Kesteren of Opera Software
found a multi-octet encoding issue where certain octets will destroy
the following octets in the processing of some multibyte character
sets. This can leave users vulnerable to cross-site scripting (XSS)
attacks on maliciously crafted web pages.
*
MFSA 2012-25 / CVE-2012-0472: Security research firm iDefense
reported that researcher wushi of team509 discovered a memory
corruption on Windows Vista and Windows 7 systems with hardware
acceleration disabled or using incompatible video drivers. This is
created by using cairo-dwrite to attempt to render fonts on an
unsupported code path. This corruption causes a potentially
exploitable crash on affected systems.
*
MFSA 2012-26 / CVE-2012-0473: Mozilla community member Matias
Juntunen discovered an error in WebGLBuffer where
FindMaxElementInSubArray receives wrong template arguments from
FindMaxUshortElement. This bug causes maximum index to be computed
incorrectly within WebGL.drawElements, allowing the reading of
illegal video memory.
*
MFSA 2012-27 / CVE-2012-0474: Security researchers Jordi Chancel and
Eddy Bordi reported that they could short-circuit page loads to show
the address of a different site than what is loaded in the window in
the addressbar. Security researcher Chris McGowen independently
reported the same flaw, and further demonstrated that this could lead
to loading scripts from the attacker's site, leaving users vulnerable
to cross-site scripting (XSS) attacks.
*
MFSA 2012-28 / CVE-2012-0475: Security researcher Simone Fabiano
reported that if a cross-site XHR or WebSocket is opened on a web
server on a non-standard port for web traffic while using an IPv6
address, the browser will send an ambiguous origin headers if the
IPv6 address contains at least 2 consecutive 16-bit fields of zeroes.
If there is an origin access control list that uses IPv6 literals,
this issue could be used to bypass these access controls on the
server.
*
MFSA 2012-29 / CVE-2012-0477: Security researcher Masato Kinugawa
found that during the decoding of ISO-2022-KR and ISO-2022-CN
character sets, characters near 1024 bytes are treated incorrectly,
either doubling or deleting bytes. On certain pages it might be
possible for an attacker to pad the output of the page such that
these errors fall in the right place to affect the structure of the
page, allowing for cross-site script (XSS) injection.
*
MFSA 2012-30 / CVE-2012-0478: Mozilla community member Ms2ger found
an image rendering issue with WebGL when texImage2D uses use
JSVAL_TO_OBJECT on arbitrary objects. This can lead to a crash on a
maliciously crafted web page. While there is no evidence that this is
directly exploitable, there is a possibility of remote code
execution.
*
MFSA 2012-31 / CVE-2011-3062: Mateusz Jurczyk of the Google Security
Team discovered an off-by-one error in the OpenType Sanitizer using
the Address Sanitizer tool. This can lead to an out-of-bounds read
and execution of an uninitialized function pointer during parsing and
possible remote code execution.
*
MFSA 2012-32 / CVE-2011-1187: Security researcher Daniel Divricean
reported that a defect in the error handling of javascript errors can
leak the file names and location of javascript files on a server,
leading to inadvertent information disclosure and a vector for
further attacks.
*
MFSA 2012-33 / CVE-2012-0479: Security researcher Jeroen van der Gun
reported that if RSS or Atom XML invalid content is loaded over
HTTPS, the addressbar updates to display the new location of the
loaded resource, including SSL indicators, while the main window
still displays the previously loaded content. This allows for
phishing attacks where a malicious page can spoof the identify of
another seemingly secure site.
Security Issue references:
* CVE-2012-0468
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0468>
* CVE-2012-0469
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0469>
* CVE-2012-0470
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0470>
* CVE-2012-0471
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0471>
* CVE-2012-0472
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0472>
* CVE-2012-0473
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0473>
* CVE-2012-0474
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0474>
* CVE-2012-0477
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0477>
* CVE-2012-0478
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0478>
* CVE-2011-3062
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3062>
* CVE-2012-0479
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0479>
SUSE bug 758408CVE-2011-3062 at SUSECVE-2011-3062 at NVDCVE-2012-0468 at SUSECVE-2012-0468 at NVDCVE-2012-0469 at SUSECVE-2012-0469 at NVDCVE-2012-0470 at SUSECVE-2012-0470 at NVDCVE-2012-0471 at SUSECVE-2012-0471 at NVDCVE-2012-0472 at SUSECVE-2012-0472 at NVDCVE-2012-0473 at SUSECVE-2012-0473 at NVDCVE-2012-0474 at SUSECVE-2012-0474 at NVDCVE-2012-0477 at SUSECVE-2012-0477 at NVDCVE-2012-0478 at SUSECVE-2012-0478 at NVDCVE-2012-0479 at SUSECVE-2012-0479 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
MozillaFirefox has been updated to the 10.0.6ESR security release fixing
various bugs and several security issues, some critical.
The following security issues have been fixed:
*
MFSA 2012-42: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
*
CVE-2012-1948: Benoit Jacob, Jesse Ruderman, Christian Holler, and
Bill McCloskey reported memory safety problems and crashes that
affect Firefox ESR 10 and Firefox 13.
*
MFSA 2012-43 / CVE-2012-1950: Security researcher Mario Gomes
andresearch firm Code Audit Labs reported a mechanism to
short-circuit page loads through drag and drop to the addressbar by
canceling the page load. This causes the address of the previously
site entered to be displayed in the addressbar instead of the
currently loaded page. This could lead to potential phishing attacks
on users.
*
MFSA 2012-44 Google security researcher Abhishek Arya used the
Address Sanitizer tool to uncover four issues: two use-after-free
problems, one out of bounds read bug, and a bad cast. The first
use-afte.r-free problem is caused when an array of
nsSMILTimeValueSpec objects is destroyed but attempts are made to
call into objects in this array later. The second use-after-free
problem is in nsDocument::AdoptNode when it adopts into an empty
document and then adopts into another document, emptying the first
one. The heap buffer overflow is in ElementAnimations when data is
read off of end of an array and then pointers are dereferenced. The
bad cast happens when nsTableFrame::InsertFrames is called with
frames in aFrameList that are a mix of row group frames and column
group frames. AppendFrames is not able to handle this mix.
All four of these issues are potentially exploitable.
o CVE-2012-1951: Heap-use-after-free in
nsSMILTimeValueSpec::IsEventBased
o CVE-2012-1954: Heap-use-after-free in nsDocument::AdoptNode
o CVE-2012-1953: Out of bounds read in
ElementAnimations::EnsureStyleRuleFor
o CVE-2012-1952: Bad cast in nsTableFrame::InsertFrames
*
MFSA 2012-45 / CVE-2012-1955: Security researcher Mariusz Mlynski
reported an issue with spoofing of the location property. In this
issue, calls to history.forward and history.back are used to navigate
to a site while displaying the previous site in the addressbar but
changing the baseURI to the newer site. This can be used for phishing
by allowing the user input form or other data on the newer,
attacking, site while appearing to be on the older, displayed site.
*
MFSA 2012-46 / CVE-2012-1966: Mozilla security researcher
moz_bug_r_a4 reported a cross-site scripting (XSS) attack through the
context menu using a data: URL. In this issue, context menu
functionality ('View Image', 'Show only this frame', and 'View
background image') are disallowed in a javascript: URL but allowed in
a data: URL, allowing for XSS. This can lead to arbitrary code
execution.
*
MFSA 2012-47 / CVE-2012-1957: Security researcher Mario Heiderich
reported that javascript could be executed in the HTML feed-view
using tag within the RSS . This problem is due to tags not being
filtered out during parsing and can lead to a potential cross-site
scripting (XSS) attack. The flaw existed in a parser utility class
and could affect other parts of the browser or add-ons which rely on
that class to sanitize untrusted input.
*
MFSA 2012-48 / CVE-2012-1958: Security researcher Arthur Gerkis used
the Address Sanitizer tool to find a use-after-free in
nsGlobalWindow::PageHidden when mFocusedContent is released and
oldFocusedContent is used afterwards. This use-after-free could
possibly allow for remote code execution.
*
MFSA 2012-49 / CVE-2012-1959: Mozilla developer Bobby Holley found
that same-compartment security wrappers (SCSW) can be bypassed by
passing them to another compartment. Cross-compartment wrappers often
do not go through SCSW, but have a filtering policy built into them.
When an object is wrapped cross-compartment, the SCSW is stripped off
and, when the object is read read back, it is not known that SCSW was
previously present, resulting in a bypassing of SCSW. This could
result in untrusted content having access to the XBL that implements
browser functionality.
*
MFSA 2012-50 / CVE-2012-1960: Google developer Tony Payne reported an
out of bounds (OOB) read in QCMS, Mozilla's color management library.
With a carefully crafted color profile portions of a user's memory
could be incorporated into a transformed image and possibly
deciphered.
*
MFSA 2012-51 / CVE-2012-1961: Bugzilla developer Frederic Buclin
reported that the 'X-Frame-Options header is ignored when the value
is duplicated, for example X-Frame-Options: SAMEORIGIN, SAMEORIGIN.
This duplication occurs for unknown reasons on some websites and when
it occurs results in Mozilla browsers not being protected against
possible clickjacking attacks on those pages.
*
MFSA 2012-52 / CVE-2012-1962: Security researcher Bill Keese reported
a memory corruption. This is caused by JSDependentString::undepend
changing a dependent string into a fixed string when there are
additional dependent strings relying on the same base. When the
undepend occurs during conversion, the base data is freed, leaving
other dependent strings with dangling pointers. This can lead to a
potentially exploitable crash.
*
MFSA 2012-53 / CVE-2012-1963: Security researcher Karthikeyan
Bhargavan of Prosecco at INRIA reported Content Security Policy (CSP)
1.0 implementation errors. CSP violation reports generated by Firefox
and sent to the 'report-uri' location include sensitive data within
the 'blocked-uri' parameter. These include fragment components and
query strings even if the 'blocked-uri' parameter has a different
origin than the protected resource. This can be used to retrieve a
user's OAuth 2.0 access tokens and OpenID credentials by malicious
sites.
*
MFSA 2012-54 / CVE-2012-1964: Security Researcher Matt McCutchen
reported that a clickjacking attack using the certificate warning
page. A man-in-the-middle (MITM) attacker can use an iframe to
display its own certificate error warning page (about:certerror) with
the 'Add Exception' button of a real warning page from a malicious
site. This can mislead users to adding a certificate exception for a
different site than the perceived one. This can lead to compromised
communications with the user perceived site through the MITM attack
once the certificate exception has been added.
*
MFSA 2012-55 / CVE-2012-1965: Security researchers Mario Gomes and
Soroush Dalili reported that since Mozilla allows the pseudo-protocol
feed: to prefix any valid URL, it is possible to construct
feed:javascript: URLs that will execute scripts in some contexts. On
some sites it may be possible to use this to evade output filtering
that would otherwise strip javascript: URLs and thus contribute to
cross-site scripting (XSS) problems on these sites.
*
MFSA 2012-56 / CVE-2012-1967: Mozilla security researcher
moz_bug_r_a4 reported a arbitrary code execution attack using a
javascript: URL. The Gecko engine features a JavaScript sandbox
utility that allows the browser or add-ons to safely execute script
in the context of a web page. In certain cases, javascript: URLs are
executed in such a sandbox with insufficient context that can allow
those scripts to escape from the sandbox and run with elevated
privilege. This can lead to arbitrary code execution.
Security Issue references:
* CVE-2012-1967
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1967>
* CVE-2012-1948
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1948>
* CVE-2012-1949
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1949>
* CVE-2012-1951
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1951>
* CVE-2012-1952
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1952>
* CVE-2012-1953
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1953>
* CVE-2012-1954
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1954>
* CVE-2012-1966
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1966>
* CVE-2012-1958
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1958>
* CVE-2012-1959
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1959>
* CVE-2012-1962
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1962>
* CVE-2012-1950
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1950>
* CVE-2012-1955
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1955>
* CVE-2012-1957
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1957>
* CVE-2012-1961
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1961>
* CVE-2012-1963
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1963>
* CVE-2012-1964
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1964>
* CVE-2012-1965
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1965>
SUSE bug 771583CVE-2012-1948 at SUSECVE-2012-1948 at NVDCVE-2012-1949 at SUSECVE-2012-1949 at NVDCVE-2012-1950 at SUSECVE-2012-1950 at NVDCVE-2012-1951 at SUSECVE-2012-1951 at NVDCVE-2012-1952 at SUSECVE-2012-1952 at NVDCVE-2012-1953 at SUSECVE-2012-1953 at NVDCVE-2012-1954 at SUSECVE-2012-1954 at NVDCVE-2012-1955 at SUSECVE-2012-1955 at NVDCVE-2012-1957 at SUSECVE-2012-1957 at NVDCVE-2012-1958 at SUSECVE-2012-1958 at NVDCVE-2012-1959 at SUSECVE-2012-1959 at NVDCVE-2012-1961 at SUSECVE-2012-1961 at NVDCVE-2012-1962 at SUSECVE-2012-1962 at NVDCVE-2012-1963 at SUSECVE-2012-1963 at NVDCVE-2012-1964 at SUSECVE-2012-1964 at NVDCVE-2012-1965 at SUSECVE-2012-1965 at NVDCVE-2012-1966 at SUSECVE-2012-1966 at NVDCVE-2012-1967 at SUSECVE-2012-1967 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
MozillaFirefox was updated to 10.0.7ESR release, fixing a lot of bugs and
security problems.
The following security issues have been addressed:
*
MFSA 2012-57: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products.
*
CVE-2012-1971: Gary Kwong, Christian Holler, Jesse Ruderman, Steve
Fink, Bob Clary, Andrew Sutherland, and Jason Smith reported memory
safety problems and crashes that affect Firefox 14.
*
CVE-2012-1970: Gary Kwong, Christian Holler, Jesse Ruderman, John
Schoenick, Vladimir Vukicevic and Daniel Holbert reported memory
safety problems and crashes that affect Firefox ESR 10 and Firefox
14.
*
MFSA 2012-58: Security researcher Abhishek Arya (Inferno) of Google
Chrome Security Team discovered a series of use-after-free issues
using the Address Sanitizer tool. Many of these issues are
potentially exploitable, allowing for remote code execution.
o Heap-use-after-free in nsHTMLEditor::CollapseAdjacentTextNodes
CVE-2012-1972
o Heap-use-after-free in nsObjectLoadingContent::LoadObject
CVE-2012-1973
o Heap-use-after-free in gfxTextRun::CanBreakLineBefore
CVE-2012-1974
o Heap-use-after-free in PresShell::CompleteMove CVE-2012-1975
o Heap-use-after-free in nsHTMLSelectElement::SubmitNamesValues
CVE-2012-1976
o Heap-use-after-free in MediaStreamGraphThreadRunnable::Run()
CVE-2012-3956
o Heap-buffer-overflow in nsBlockFrame::MarkLineDirty
CVE-2012-3957
o Heap-use-after-free in nsHTMLEditRules::DeleteNonTableElements
CVE-2012-3958
o Heap-use-after-free in nsRangeUpdater::SelAdjDeleteNode
CVE-2012-3959
o Heap-use-after-free in mozSpellChecker::SetCurrentDictionary
CVE-2012-3960
o Heap-use-after-free in RangeData::~RangeData CVE-2012-3961
o Bad iterator in text runs CVE-2012-3962
o use after free in js::gc::MapAllocToTraceKind CVE-2012-3963
o Heap-use-after-free READ 8 in gfxTextRun::GetUserData
CVE-2012-3964
*
MFSA 2012-59 / CVE-2012-1956: Security researcher Mariusz Mlynski
reported that it is possible to shadow the location object using
Object.defineProperty. This could be used to confuse the current
location to plugins, allowing for possible cross-site scripting (XSS)
attacks.
*
MFSA 2012-60 / CVE-2012-3965: Security researcher Mariusz Mlynski
reported that when a page opens a new tab, a subsequent window can
then be opened that can be navigated to about:newtab, a chrome
privileged page. Once about:newtab is loaded, the special context can
potentially be used to escalate privilege, allowing for arbitrary
code execution on the local system in a maliciously crafted attack.
*
MFSA 2012-61 / CVE-2012-3966: Security researcher Frederic Hoguin
reported two related issues with the decoding of bitmap (.BMP) format
images embedded in icon (.ICO) format files. When processing a
negative 'height' header value for the bitmap image, a memory
corruption can be induced, allowing an attacker to write random
memory and cause a crash. This crash may be potentially exploitable.
*
MFSA 2012-62: Security researcher miaubiz used the Address Sanitizer
tool to discover two WebGL issues. The first issue is a
use-after-free when WebGL shaders are called after being destroyed.
The second issue exposes a problem with Mesa drivers on Linux,
leading to a potentially exploitable crash.
o
use after free, webgl fragment shader deleted by accessor
CVE-2012-3968
o
stack scribbling with 4-byte values choosable among a few
values, when using more than 16 sampler uniforms, on Mesa, with
all drivers CVE-2012-3967
*
MFSA 2012-63: Security researcher Arthur Gerkis used the Address
Sanitizer tool to find two issues involving Scalable Vector Graphics
(SVG) files. The first issue is a buffer overflow in Gecko's SVG
filter code when the sum of two values is too large to be stored as a
signed 32-bit integer, causing the function to write past the end of
an array. The second issue is a use-after-free when an element with a
'requiredFeatures' attribute is moved between documents. In that
situation, the internal representation of the 'requiredFeatures'
value could be freed prematurely. Both issues are potentially
exploitable.
o
Heap-buffer-overflow in nsSVGFEMorphologyElement::Filter
CVE-2012-3969
o
Heap-use-after-free in nsTArray_base::Length() CVE-2012-3970
*
MFSA 2012-64 / CVE-2012-3971: Using the Address Sanitizer tool,
Mozilla security researcher Christoph Diehl discovered two memory
corruption issues involving the Graphite 2 library used in Mozilla
products. Both of these issues can cause a potentially exploitable
crash. These problems were fixed in the Graphite 2 library, which has
been updated for Mozilla products.
*
MFSA 2012-65 / CVE-2012-3972: Security research Nicolas Gregoire used
the Address Sanitizer tool to discover an out-of-bounds read in the
format-number feature of XSLT, which can cause inaccurate formatting
of numbers and information leakage. This is not directly exploitable.
*
MFSA 2012-66 / CVE-2012-3973: Mozilla security researcher Mark
Goodwin discovered an issue with the Firefox developer tools'
debugger. If remote debugging is disabled, but the experimental
HTTPMonitor extension has been installed and enabled, a remote user
can connect to and use the remote debugging service through the port
used by HTTPMonitor. A remote-enabled flag has been added to resolve
this problem and close the port unless debugging is explicitly
enabled.
*
MFSA 2012-67 / CVE-2012-3974: Security researcher Masato Kinugawa
reported that if a crafted executable is placed in the root partition
on a Windows file system, the Firefox and Thunderbird installer will
launch this program after a standard installation instead of Firefox
or Thunderbird, running this program with the user's privileges.
*
MFSA 2012-68 / CVE-2012-3975: Security researcher vsemozhetbyt
reported that when the DOMParser is used to parse text/html data in a
Firefox extension, linked resources within this HTML data will be
loaded. If the data being parsed in the extension is untrusted, it
could lead to information leakage and can potentially be combined
with other attacks to become exploitable.
*
MFSA 2012-69 / CVE-2012-3976: Security researcher Mark Poticha
reported an issue where incorrect SSL certificate information can be
displayed on the addressbar, showing the SSL data for a previous site
while another has been loaded. This is caused by two onLocationChange
events being fired out of the expected order, leading to the
displayed certificate data to not be updated. This can be used for
phishing attacks by allowing the user to input form or other data on
a newer, attacking, site while the credentials of an older site
appear on the addressbar.
*
MFSA 2012-70 / CVE-2012-3978: Mozilla security researcher
moz_bug_r_a4 reported that certain security checks in the location
object can be bypassed if chrome code is called content in a specific
manner. This allowed for the loading of restricted content. This can
be combined with other issues to become potentially exploitable.
*
MFSA 2012-71 / CVE-2012-3979: Mozilla developer Blake Kaplan reported
that __android_log_print is called insecurely in places. If a
malicious web page used a dump() statement with a specially crafted
string, it can trigger a potentially exploitable crash.
This vulnerability only affects Firefox for Android.
*
MFSA 2012-72 / CVE-2012-3980: Security researcher Colby Russell
discovered that eval in the web console can execute injected code
with chrome privileges, leading to the running of malicious code in a
privileged context. This allows for arbitrary code execution through
a malicious web page if the web console is invoked by the user.
SUSE bug 777588CVE-2012-1956 at SUSECVE-2012-1956 at NVDCVE-2012-1970 at SUSECVE-2012-1970 at NVDCVE-2012-1971 at SUSECVE-2012-1971 at NVDCVE-2012-1972 at SUSECVE-2012-1972 at NVDCVE-2012-1973 at SUSECVE-2012-1973 at NVDCVE-2012-1974 at SUSECVE-2012-1974 at NVDCVE-2012-1975 at SUSECVE-2012-1975 at NVDCVE-2012-1976 at SUSECVE-2012-1976 at NVDCVE-2012-3956 at SUSECVE-2012-3956 at NVDCVE-2012-3957 at SUSECVE-2012-3957 at NVDCVE-2012-3958 at SUSECVE-2012-3958 at NVDCVE-2012-3959 at SUSECVE-2012-3959 at NVDCVE-2012-3960 at SUSECVE-2012-3960 at NVDCVE-2012-3961 at SUSECVE-2012-3961 at NVDCVE-2012-3962 at SUSECVE-2012-3962 at NVDCVE-2012-3963 at SUSECVE-2012-3963 at NVDCVE-2012-3964 at SUSECVE-2012-3964 at NVDCVE-2012-3965 at SUSECVE-2012-3965 at NVDCVE-2012-3966 at SUSECVE-2012-3966 at NVDCVE-2012-3967 at SUSECVE-2012-3967 at NVDCVE-2012-3968 at SUSECVE-2012-3968 at NVDCVE-2012-3969 at SUSECVE-2012-3969 at NVDCVE-2012-3970 at SUSECVE-2012-3970 at NVDCVE-2012-3971 at SUSECVE-2012-3971 at NVDCVE-2012-3972 at SUSECVE-2012-3972 at NVDCVE-2012-3973 at SUSECVE-2012-3973 at NVDCVE-2012-3974 at SUSECVE-2012-3974 at NVDCVE-2012-3975 at SUSECVE-2012-3975 at NVDCVE-2012-3976 at SUSECVE-2012-3976 at NVDCVE-2012-3978 at SUSECVE-2012-3978 at NVDCVE-2012-3979 at SUSECVE-2012-3979 at NVDCVE-2012-3980 at SUSECVE-2012-3980 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
MozillaFirefox was updated to the 10.0.9ESR security release which fixes
bugs and security issues:
*
MFSA 2012-73 / CVE-2012-3977: Security researchers Thai Duong and
Juliano Rizzo reported that SPDY's request header compression leads
to information leakage, which can allow the extraction of private
data such as session cookies, even over an encrypted SSL connection.
(This does not affect Firefox 10 as it does not feature the SPDY
extension. It was silently fixed for Firefox 15.)
*
MFSA 2012-74: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products.
*
CVE-2012-3983: Henrik Skupin, Jesse Ruderman and moz_bug_r_a4
reported memory safety problems and crashes that affect Firefox 15.
*
CVE-2012-3982: Christian Holler and Jesse Ruderman reported memory
safety problems and crashes that affect Firefox ESR 10 and Firefox
15.
*
MFSA 2012-75 / CVE-2012-3984: Security researcher David Bloom of Cue
discovered that 'select' elements are always-on-top chromeless
windows and that navigation away from a page with an active 'select'
menu does not remove this window.When another menu is opened
programmatically on a new page, the original 'select' menu can be
retained and arbitrary HTML content within it rendered, allowing an
attacker to cover arbitrary portions of the new page through absolute
positioning/scrolling, leading to spoofing attacks. Security
researcher Jordi Chancel found a variation that would allow for
click-jacking attacks was well.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products. References
Navigation away from a page with an active 'select' dropdown menu can
be used for URL spoofing, other evil
Firefox 10.0.1 : Navigation away from a page with multiple active
'select' dropdown menu can be used for Spoofing And ClickJacking with
XPI using window.open and geolocalisation
*
MFSA 2012-76 / CVE-2012-3985: Security researcher Collin Jackson
reported a violation of the HTML5 specifications for document.domain
behavior. Specified behavior requires pages to only have access to
windows in a new document.domain but the observed violation allowed
pages to retain access to windows from the page's initial origin in
addition to the new document.domain. This could potentially lead to
cross-site scripting (XSS) attacks.
*
MFSA 2012-77 / CVE-2012-3986: Mozilla developer Johnny Stenback
discovered that several methods of a feature used for testing
(DOMWindowUtils) are not protected by existing security checks,
allowing these methods to be called through script by web pages. This
was addressed by adding the existing security checks to these
methods.
*
MFSA 2012-78 / CVE-2012-3987: Security researcher Warren He reported
that when a page is transitioned into Reader Mode in Firefox for
Android, the resulting page has chrome privileges and its content is
not thoroughly sanitized. A successful attack requires user enabling
of reader mode for a malicious page, which could then perform an
attack similar to cross-site scripting (XSS) to gain the privileges
allowed to Firefox on an Android device. This has been fixed by
changing the Reader Mode page into an unprivileged page.
This vulnerability only affects Firefox for Android.
*
MFSA 2012-79 / CVE-2012-3988: Security researcher Soroush Dalili
reported that a combination of invoking full screen mode and
navigating backwards in history could, in some circumstances, cause a
hang or crash due to a timing dependent use-after-free pointer
reference. This crash may be potentially exploitable.
*
MFSA 2012-80 / CVE-2012-3989: Mozilla community member Ms2ger
reported a crash due to an invalid cast when using the instanceof
operator on certain types of JavaScript objects. This can lead to a
potentially exploitable crash.
*
MFSA 2012-81 / CVE-2012-3991: Mozilla community member Alice White
reported that when the GetProperty function is invoked through JSAPI,
security checking can be bypassed when getting cross-origin
properties. This potentially allowed for arbitrary code execution.
*
MFSA 2012-82 / CVE-2012-3994: Security researcher Mariusz Mlynski
reported that the location property can be accessed by binary plugins
through top.location and top can be shadowed by Object.defineProperty
as well. This can allow for possible cross-site scripting (XSS)
attacks through plugins.
*
MFSA 2012-83: Security researcher Mariusz Mlynski reported that when
InstallTrigger fails, it throws an error wrapped in a Chrome Object
Wrapper (COW) that fails to specify exposed properties. These can
then be added to the resulting object by an attacker, allowing access
to chrome privileged functions through script.
While investigating this issue, Mozilla security researcher
moz_bug_r_a4 found that COW did not disallow accessing of properties
from a standard prototype in some situations, even when the original
issue had been fixed.
These issues could allow for a cross-site scripting (XSS) attack or
arbitrary code execution.
*
CVE-2012-3993: XrayWrapper pollution via unsafe COW
*
CVE-2012-4184: ChromeObjectWrapper is not implemented as intended
*
MFSA 2012-84 / CVE-2012-3992: Security researcher Mariusz Mlynski
reported an issue with spoofing of the location property. In this
issue, writes to location.hash can be used in concert with scripted
history navigation to cause a specific website to be loaded into the
history object. The baseURI can then be changed to this stored site,
allowing an attacker to inject a script or intercept posted data
posted to a location specified with a relative path.
*
MFSA 2012-85: Security researcher Abhishek Arya (Inferno) of the
Google Chrome Security Team discovered a series of use-after-free,
buffer overflow, and out of bounds read issues using the Address
Sanitizer tool in shipped software. These issues are potentially
exploitable, allowing for remote code execution. We would also like
to thank Abhishek for reporting two additional use-after-free flaws
introduced during Firefox 16 development and fixed before general
release.
*
CVE-2012-3995: Out of bounds read in IsCSSWordSpacingSpace
*
CVE-2012-4179: Heap-use-after-free in
nsHTMLCSSUtils::CreateCSSPropertyTxn
*
CVE-2012-4180: Heap-buffer-overflow in
nsHTMLEditor::IsPrevCharInNodeWhitespace
*
CVE-2012-4181: Heap-use-after-free in
nsSMILAnimationController::DoSample
*
CVE-2012-4182: Heap-use-after-free in nsTextEditRules::WillInsert
*
CVE-2012-4183: Heap-use-after-free in
DOMSVGTests::GetRequiredFeatures
*
MFSA 2012-86: Security researcher Atte Kettunen from OUSPG reported
several heap memory corruption issues found using the Address
Sanitizer tool. These issues are potentially exploitable, allowing
for remote code execution.
*
CVE-2012-4185: Global-buffer-overflow in nsCharTraits::length
*
CVE-2012-4186: Heap-buffer-overflow in nsWaveReader::DecodeAudioData
*
CVE-2012-4187: Crash with ASSERTION: insPos too small
*
CVE-2012-4188: Heap-buffer-overflow in Convolve3x3
*
MFSA 2012-87 / CVE-2012-3990: Security researcher miaubiz used the
Address Sanitizer tool to discover a use-after-free in the IME State
Manager code. This could lead to a potentially exploitable crash.
*
MFSA 2012-89 / CVE-2012-4192 / CVE-2012-4193: Mozilla security
researcher moz_bug_r_a4 reported a regression where security wrappers
are unwrapped without doing a security check in defaultValue(). This
can allow for improper access access to the Location object. In
versions 15 and earlier of affected products, there was also the
potential for arbitrary code execution.
Security Issue reference:
* CVE-2012-3977
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3977>
* CVE-2012-3982
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3982>
* CVE-2012-3983
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3983>
* CVE-2012-3984
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3984>
* CVE-2012-3985
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3985>
* CVE-2012-3986
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3986>
* CVE-2012-3987
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3987>
* CVE-2012-3988
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3988>
* CVE-2012-3989
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3989>
* CVE-2012-3990
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3990>
* CVE-2012-3991
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3991>
* CVE-2012-3992
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3992>
* CVE-2012-3993
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3993>
* CVE-2012-3994
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3994>
* CVE-2012-3995
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3995>
* CVE-2012-4179
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4179>
* CVE-2012-4180
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4180>
* CVE-2012-4181
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4181>
* CVE-2012-4182
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4182>
* CVE-2012-4183
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4183>
* CVE-2012-4184
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4184>
* CVE-2012-4185
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4185>
* CVE-2012-4186
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4186>
* CVE-2012-4187
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4187>
* CVE-2012-4188
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4188>
* CVE-2012-4192
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4192>
* CVE-2012-4193
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4193>
SUSE bug 783533CVE-2012-3977 at SUSECVE-2012-3977 at NVDCVE-2012-3982 at SUSECVE-2012-3982 at NVDCVE-2012-3983 at SUSECVE-2012-3983 at NVDCVE-2012-3984 at SUSECVE-2012-3984 at NVDCVE-2012-3985 at SUSECVE-2012-3985 at NVDCVE-2012-3986 at SUSECVE-2012-3986 at NVDCVE-2012-3987 at SUSECVE-2012-3987 at NVDCVE-2012-3988 at SUSECVE-2012-3988 at NVDCVE-2012-3989 at SUSECVE-2012-3989 at NVDCVE-2012-3990 at SUSECVE-2012-3990 at NVDCVE-2012-3991 at SUSECVE-2012-3991 at NVDCVE-2012-3992 at SUSECVE-2012-3992 at NVDCVE-2012-3993 at SUSECVE-2012-3993 at NVDCVE-2012-3994 at SUSECVE-2012-3994 at NVDCVE-2012-3995 at SUSECVE-2012-3995 at NVDCVE-2012-4179 at SUSECVE-2012-4179 at NVDCVE-2012-4180 at SUSECVE-2012-4180 at NVDCVE-2012-4181 at SUSECVE-2012-4181 at NVDCVE-2012-4182 at SUSECVE-2012-4182 at NVDCVE-2012-4183 at SUSECVE-2012-4183 at NVDCVE-2012-4184 at SUSECVE-2012-4184 at NVDCVE-2012-4185 at SUSECVE-2012-4185 at NVDCVE-2012-4186 at SUSECVE-2012-4186 at NVDCVE-2012-4187 at SUSECVE-2012-4187 at NVDCVE-2012-4188 at SUSECVE-2012-4188 at NVDCVE-2012-4192 at SUSECVE-2012-4192 at NVDCVE-2012-4193 at SUSECVE-2012-4193 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
MozillaFirefox was updated to the 10.0.10ESR security release.
The following issues have been fixed:
*
MFSA 2012-90: Mozilla has fixed a number of issues related to the
Location object in order to enhance overall security. Details for
each of the current fixed issues are below.
Thunderbird is only affected by window.location issues through RSS
feeds and extensions that load web content.
*
CVE-2012-4194: Security researcher Mariusz Mlynski reported that the
true value of window.location could be shadowed by user content
through the use of the valueOf method, which can be combined with
some plugins to perform a cross-site scripting (XSS) attack on users.
*
CVE-2012-4195: Mozilla security researcher moz_bug_r_a4 discovered
that the CheckURL function in window.location can be forced to return
the wrong calling document and principal, allowing a cross-site
scripting (XSS) attack. There is also the possibility of gaining
arbitrary code execution if the attacker can take advantage of an
add-on that interacts with the page content.
*
CVE-2012-4196: Security researcher Antoine Delignat-Lavaud of the
PROSECCO research team at INRIA Paris reported the ability to use
property injection by prototype to bypass security wrapper
protections on the Location object, allowing the cross-origin reading
of the Location object.
SUSE bug 786522CVE-2012-4194 at SUSECVE-2012-4194 at NVDCVE-2012-4195 at SUSECVE-2012-4195 at NVDCVE-2012-4196 at SUSECVE-2012-4196 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla Firefox has been updated to the 10.0.11 ESR security release, which
fixes various bugs and security issues.
*
MFSA 2012-106: Security researcher miaubiz used the Address Sanitizer
tool to discover a series critically rated of use-after-free, buffer
overflow, and memory corruption issues in shipped software. These
issues are potentially exploitable, allowing for remote code
execution. We would also like to thank miaubiz for reporting two
additional use-after-free and memory corruption issues introduced
during Firefox development that have been fixed before general
release.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products. References
The following issues have been fixed in Firefox 17 and ESR 10.0.11:
o use-after-free when loading html file on osx (CVE-2012-5830)
o Mesa crashes on certain texImage2D calls involving level>0
(CVE-2012-5833)
o integer overflow, invalid write w/webgl bufferdata
(CVE-2012-5835)
The following issues have been fixed in Firefox 17:
o crash in copyTexImage2D with image dimensions too large for
given level (CVE-2012-5838)
*
MFSA 2012-105: Security researcher Abhishek Arya (Inferno) of the
Google Chrome Security Team discovered a series critically rated of
use-after-free and buffer overflow issues using the Address Sanitizer
tool in shipped software. These issues are potentially exploitable,
allowing for remote code execution. We would also like to thank
Abhishek for reporting five additional use-after-free, out of bounds
read, and buffer overflow flaws introduced during Firefox development
that have been fixed before general release.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products. References
The following issues have been fixed in Firefox 17 and ESR 10.0.11:
o Heap-use-after-free in nsTextEditorState::PrepareEditor
(CVE-2012-4214)
o Heap-use-after-free in nsPlaintextEditor::FireClipboardEvent
(CVE-2012-4215)
o Heap-use-after-free in gfxFont::GetFontEntry (CVE-2012-4216)
o Heap-buffer-overflow in nsWindow::OnExposeEvent (CVE-2012-5829)
o heap-buffer-overflow in
gfxShapedWord::CompressedGlyph::IsClusterStart
o CVE-2012-5839
o Heap-use-after-free in nsTextEditorState::PrepareEditor
(CVE-2012-5840)
The following issues have been fixed in Firefox 17:
o Heap-use-after-free in XPCWrappedNative::Mark (CVE-2012-4212)
o Heap-use-after-free in nsEditor::FindNextLeafNode
(CVE-2012-4213)
o Heap-use-after-free in nsViewManager::ProcessPendingUpdates
(CVE-2012-4217)
o Heap-use-after-free BuildTextRunsScanner::BreakSink::SetBreaks
(CVE-2012-4218)
*
MFSA 2012-104 / CVE-2012-4210: Security researcher Mariusz Mlynski
reported that when a maliciously crafted stylesheet is inspected in
the Style Inspector, HTML and CSS can run in a chrome privileged
context without being properly sanitized first. This can lead to
arbitrary code execution.
*
MFSA 2012-103 / CVE-2012-4209: Security researcher Mariusz Mlynski
reported that the location property can be accessed by binary plugins
through top.location with a frame whose name attribute's value is set
to 'top'. This can allow for possible cross-site scripting (XSS)
attacks through plugins.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products.
*
MFSA 2012-102 / CVE-2012-5837: Security researcher Masato Kinugawa
reported that when script is entered into the Developer Toolbar, it
runs in a chrome privileged context. This allows for arbitrary code
execution or cross-site scripting (XSS) if a user can be convinced to
paste malicious code into the Developer Toolbar.
*
MFSA 2012-101 / CVE-2012-4207: Security researcher Masato Kinugawa
found when HZ-GB-2312 charset encoding is used for text, the '~'
character will destroy another character near the chunk delimiter.
This can lead to a cross-site scripting (XSS) attack in pages encoded
in HZ-GB-2312.
*
MFSA 2012-100 / CVE-2012-5841: Mozilla developer Bobby Holley
reported that security wrappers filter at the time of property
access, but once a function is returned, the caller can use this
function without further security checks. This affects cross-origin
wrappers, allowing for write actions on objects when only read
actions should be properly allowed. This can lead to cross-site
scripting (XSS) attacks.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products.
*
MFSA 2012-99 / CVE-2012-4208: Mozilla developer Peter Van der Beken
discovered that same-origin XrayWrappers expose chrome-only
properties even when not in a chrome compartment. This can allow web
content to get properties of DOM objects that are intended to be
chrome-only.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products.
*
MFSA 2012-98 / CVE-2012-4206: Security researcher Robert Kugler
reported that when a specifically named DLL file on a Windows
computer is placed in the default downloads directory with the
Firefox installer, the Firefox installer will load this DLL when it
is launched. In circumstances where the installer is run by an
administrator privileged account, this allows for the downloaded DLL
file to be run with administrator privileges. This can lead to
arbitrary code execution from a privileged account.
*
MFSA 2012-97 / CVE-2012-4205: Mozilla developer Gabor Krizsanits
discovered that XMLHttpRequest objects created within sandboxes have
the system principal instead of the sandbox principal. This can lead
to cross-site request forgery (CSRF) or information theft via an
add-on running untrusted code in a sandbox.
*
MFSA 2012-96 / CVE-2012-4204: Security researcher Scott Bell of
Security-Assessment.com used the Address Sanitizer tool to discover a
memory corruption in str_unescape in the Javascript engine. This
could potentially lead to arbitrary code execution.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products.
*
MFSA 2012-95 / CVE-2012-4203: Security researcher kakzz.ng@gmail.com
reported that if a javascript: URL is selected from the list of
Firefox 'new tab' page, the script will inherit the privileges of the
privileged 'new tab' page. This allows for the execution of locally
installed programs if a user can be convinced to save a bookmark of a
malicious javascript: URL.
*
MFSA 2012-94 / CVE-2012-5836: Security researcher Jonathan Stephens
discovered that combining SVG text on a path with the setting of CSS
properties could lead to a potentially exploitable crash.
*
MFSA 2012-93 / CVE-2012-4201: Mozilla security researcher
moz_bug_r_a4 reported that if code executed by the evalInSandbox
function sets location.href, it can get the wrong subject principal
for the URL check, ignoring the sandbox's Javascript context and
gaining the context of evalInSandbox object. This can lead to
malicious web content being able to perform a cross-site scripting
(XSS) attack or stealing a copy of a local file if the user has
installed an add-on vulnerable to this attack.
*
MFSA 2012-92 / CVE-2012-4202: Security researcher Atte Kettunen from
OUSPG used the Address Sanitizer tool to discover a buffer overflow
while rendering GIF format images. This issue is potentially
exploitable and could lead to arbitrary code execution.
*
MFSA 2012-91: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products. References
Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey,
Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, and Bill
McCloskey reported memory safety problems and crashes that affect
Firefox 16. (CVE-2012-5843)
Jesse Ruderman, Andrew McCreight, Bob Clary, and Kyle Huey reported
memory safety problems and crashes that affect Firefox ESR 10 and
Firefox 16. (CVE-2012-5842)
SUSE bug 790140CVE-2012-4201 at SUSECVE-2012-4201 at NVDCVE-2012-4202 at SUSECVE-2012-4202 at NVDCVE-2012-4203 at SUSECVE-2012-4203 at NVDCVE-2012-4204 at SUSECVE-2012-4204 at NVDCVE-2012-4205 at SUSECVE-2012-4205 at NVDCVE-2012-4206 at SUSECVE-2012-4206 at NVDCVE-2012-4207 at SUSECVE-2012-4207 at NVDCVE-2012-4208 at SUSECVE-2012-4208 at NVDCVE-2012-4209 at SUSECVE-2012-4209 at NVDCVE-2012-4210 at SUSECVE-2012-4210 at NVDCVE-2012-4212 at SUSECVE-2012-4212 at NVDCVE-2012-4213 at SUSECVE-2012-4213 at NVDCVE-2012-4214 at SUSECVE-2012-4214 at NVDCVE-2012-4215 at SUSECVE-2012-4215 at NVDCVE-2012-4216 at SUSECVE-2012-4216 at NVDCVE-2012-4217 at SUSECVE-2012-4217 at NVDCVE-2012-4218 at SUSECVE-2012-4218 at NVDCVE-2012-5829 at SUSECVE-2012-5829 at NVDCVE-2012-5830 at SUSECVE-2012-5830 at NVDCVE-2012-5833 at SUSECVE-2012-5833 at NVDCVE-2012-5835 at SUSECVE-2012-5835 at NVDCVE-2012-5836 at SUSECVE-2012-5836 at NVDCVE-2012-5837 at SUSECVE-2012-5837 at NVDCVE-2012-5838 at SUSECVE-2012-5838 at NVDCVE-2012-5839 at SUSECVE-2012-5839 at NVDCVE-2012-5840 at SUSECVE-2012-5840 at NVDCVE-2012-5841 at SUSECVE-2012-5841 at NVDCVE-2012-5842 at SUSECVE-2012-5842 at NVDCVE-2012-5843 at SUSECVE-2012-5843 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla Firefox was updated to the 10.0.12ESR release.
*
MFSA 2013-01: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
o Christoph Diehl, Christian Holler, Mats Palmgren, and Chiaki
Ishikawa reported memory safety problems and crashes that
affect Firefox ESR 10, Firefox ESR 17, and Firefox 17. (
CVE-2013-0769
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0769>
)
o Bill Gianopoulos, Benoit Jacob, Christoph Diehl, Christian
Holler, Gary Kwong, Robert O'Callahan, and Scoobidiver reported
memory safety problems and crashes that affect Firefox ESR 17
and Firefox 17. (CVE-2013-0749
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0749>
)
o Jesse Ruderman, Christian Holler, Julian Seward, and
Scoobidiver reported memory safety problems and crashes that
affect Firefox 17. (CVE-2013-0770
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0770>
)
*
MFSA 2013-02: Security researcher Abhishek Arya (Inferno) of the
Google Chrome Security Team discovered a series critically rated of
use-after-free, out of bounds read, and buffer overflow issues using
the Address Sanitizer tool in shipped software. These issues are
potentially exploitable, allowing for remote code execution. We would
also like to thank Abhishek for reporting three additional
user-after-free and out of bounds read flaws introduced during
Firefox development that were fixed before general release.
The following issue was fixed in Firefox 18:
o Global-buffer-overflow in
CharDistributionAnalysis::HandleOneChar (CVE-2013-0760
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0760>
)
The following issues were fixed in Firefox 18, ESR 17.0.1, and ESR
10.0.12:
o Heap-use-after-free in imgRequest::OnStopFrame (CVE-2013-0762
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0762>
)
o Heap-use-after-free in ~nsHTMLEditRules (CVE-2013-0766
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0766>
)
o Out of bounds read in nsSVGPathElement::GetPathLengthScale (
CVE-2013-0767
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0767>
)
The following issues were fixed in Firefox 18 and ESR 17.0.1:
o Heap-use-after-free in mozilla::TrackUnionStream::EndTrack (
CVE-2013-0761
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0761>
)
o Heap-use-after-free in Mesa, triggerable by resizing a WebGL
canvas (CVE-2013-0763
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0763>
)
o Heap-buffer-overflow in gfxTextRun::ShrinkToLigatureBoundaries
(CVE-2013-0771
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0771>
)
The following issue was fixed in Firefox 18 and in the earlier ESR
10.0.11 release:
o Heap-buffer-overflow in nsWindow::OnExposeEvent (CVE-2012-5829
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5829>
)
*
MFSA 2013-03: Security researcher miaubiz used the Address Sanitizer
tool to discover a buffer overflow in Canvas when specific bad height
and width values were given through HTML. This could lead to a
potentially exploitable crash. (CVE-2013-0768
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0768> )
Miaubiz also found a potentially exploitable crash when 2D and 3D
content was mixed which was introduced during Firefox development and
fixed before general release.
*
MFSA 2013-04: Security researcher Masato Kinugawa found a flaw in
which the displayed URL values within the addressbar can be spoofed
by a page during loading. This allows for phishing attacks where a
malicious page can spoof the identify of another site. (
CVE-2013-0759
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0759> )
*
MFSA 2013-05: Using the Address Sanitizer tool, security researcher
Atte Kettunen from OUSPG discovered that the combination of large
numbers of columns and column groups in a table could cause the array
containing the columns during rendering to overwrite itself. This can
lead to a user-after-free causing a potentially exploitable crash. (
CVE-2013-0744
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0744> )
*
MFSA 2013-06: Mozilla developer Wesley Johnston reported that when
there are two or more iframes on the same HTML page, an iframe is
able to see the touch events and their targets that occur within the
other iframes on the page. If the iframes are from the same origin,
they can also access the properties and methods of the targets of
other iframes but same-origin policy (SOP) restricts access across
domains. This allows for information leakage and possibilities for
cross-site scripting (XSS) if another vulnerability can be used to
get around SOP restrictions. (CVE-2013-0751
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0751> )
*
MFSA 2013-07: Mozilla community member Jerry Baker reported a
crashing issue found through Thunderbird when downloading messages
over a Secure Sockets Layer (SSL) connection. This was caused by a
bug in the networking code assuming that secure connections were
entirely handled on the socket transport thread when they can occur
on a variety of threads. The resulting crash was potentially
exploitable. (CVE-2013-0764
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0764> )
*
MFSA 2013-08: Mozilla developer Olli Pettay discovered that the
AutoWrapperChanger class fails to keep some javascript objects alive
during garbage collection. This can lead to an exploitable crash
allowing for arbitrary code execution. (CVE-2013-0745
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0745> )
*
MFSA 2013-09: Mozilla developer Boris Zbarsky reported reported a
problem where jsval-returning quickstubs fail to wrap their return
values, causing a compartment mismatch. This mismatch can cause
garbage collection to occur incorrectly and lead to a potentially
exploitable crash. (CVE-2013-0746
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0746> )
*
MFSA 2013-10: Mozilla security researcher Jesse Ruderman reported
that events in the plugin handler can be manipulated by web content
to bypass same-origin policy (SOP) restrictions. This can allow for
clickjacking on malicious web pages. (CVE-2013-0747
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0747> )
*
MFSA 2013-11: Mozilla security researcher Jesse Ruderman discovered
that using the toString function of XBL objects can lead to
inappropriate information leakage by revealing the address space
layout instead of just the ID of the object. This layout information
could potentially be used to bypass ASLR and other security
protections. (CVE-2013-0748
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0748> )
*
MFSA 2013-12: Security researcher pa_kt reported a flaw via
TippingPoint's Zero Day Initiative that an integer overflow is
possible when calculating the length for a Javascript string
concatenation, which is then used for memory allocation. This results
in a buffer overflow, leading to a potentially exploitable memory
corruption. (CVE-2013-0750
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0750> )
*
MFSA 2013-13: Security researcher Sviatoslav Chagaev reported that
when using an XBL file containing multiple XML bindings with SVG
content, a memory corruption can occur. In concern with remote XUL,
this can lead to an exploitable crash. (CVE-2013-0752
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0752> )
*
MFSA 2013-14: Security researcher Mariusz Mlynski reported that it is
possible to change the prototype of an object and bypass Chrome
Object Wrappers (COW) to gain access to chrome privileged functions.
This could allow for arbitrary code execution. (CVE-2013-0757
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0757> )
*
MFSA 2013-15: Security researcher Mariusz Mlynski reported that it is
possible to open a chrome privileged web page through plugin objects
through interaction with SVG elements. This could allow for arbitrary
code execution. (CVE-2013-0758
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0758> )
*
MFSA 2013-16: Security researcher regenrecht reported, via
TippingPoint's Zero Day Initiative, a use-after-free in XMLSerializer
by the exposing of serializeToStream to web content. This can lead to
arbitrary code execution when exploited. (CVE-2013-0753
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0753> )
*
MFSA 2013-17: Security researcher regenrecht reported, via
TippingPoint's Zero Day Initiative, a use-after-free within the
ListenerManager when garbage collection is forced after data in
listener objects have been allocated in some circumstances. This
results in a use-after-free which can lead to arbitrary code
execution. (CVE-2013-0754
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0754> )
*
MFSA 2013-18: Security researcher regenrecht reported, via
TippingPoint's Zero Day Initiative, a use-after-free using the domDoc
pointer within Vibrate library. This can lead to arbitrary code
execution when exploited. (CVE-2013-0755
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0755> )
*
MFSA 2013-19: Security researcher regenrecht reported, via
TippingPoint's Zero Day Initiative, a garbage collection flaw in
Javascript Proxy objects. This can lead to a use-after-free leading
to arbitrary code execution. (CVE-2013-0756
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0756> )
*
MFSA 2013-20: Google reported to Mozilla that TURKTRUST, a
certificate authority in Mozilla's root program, had mis-issued two
intermediate certificates to customers. The issue was not specific to
Firefox but there was evidence that one of the certificates was used
for man-in-the-middle (MITM) traffic management of domain names that
the customer did not legitimately own or control. This issue was
resolved by revoking the trust for these specific mis-issued
certificates. (CVE-2013-0743
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0743> )
SUSE bug 796628SUSE bug 796895CVE-2012-5829 at SUSECVE-2012-5829 at NVDCVE-2013-0743 at SUSECVE-2013-0743 at NVDCVE-2013-0744 at SUSECVE-2013-0744 at NVDCVE-2013-0745 at SUSECVE-2013-0745 at NVDCVE-2013-0746 at SUSECVE-2013-0746 at NVDCVE-2013-0747 at SUSECVE-2013-0747 at NVDCVE-2013-0748 at SUSECVE-2013-0748 at NVDCVE-2013-0749 at SUSECVE-2013-0749 at NVDCVE-2013-0750 at SUSECVE-2013-0750 at NVDCVE-2013-0751 at SUSECVE-2013-0751 at NVDCVE-2013-0752 at SUSECVE-2013-0752 at NVDCVE-2013-0753 at SUSECVE-2013-0753 at NVDCVE-2013-0754 at SUSECVE-2013-0754 at NVDCVE-2013-0755 at SUSECVE-2013-0755 at NVDCVE-2013-0756 at SUSECVE-2013-0756 at NVDCVE-2013-0757 at SUSECVE-2013-0757 at NVDCVE-2013-0758 at SUSECVE-2013-0758 at NVDCVE-2013-0759 at SUSECVE-2013-0759 at NVDCVE-2013-0760 at SUSECVE-2013-0760 at NVDCVE-2013-0761 at SUSECVE-2013-0761 at NVDCVE-2013-0762 at SUSECVE-2013-0762 at NVDCVE-2013-0763 at SUSECVE-2013-0763 at NVDCVE-2013-0764 at SUSECVE-2013-0764 at NVDCVE-2013-0766 at SUSECVE-2013-0766 at NVDCVE-2013-0767 at SUSECVE-2013-0767 at NVDCVE-2013-0768 at SUSECVE-2013-0768 at NVDCVE-2013-0769 at SUSECVE-2013-0769 at NVDCVE-2013-0770 at SUSECVE-2013-0770 at NVDCVE-2013-0771 at SUSECVE-2013-0771 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
MozillaFirefox has been updated to the 17.0.3ESR release.
Besides the major version update from the 10ESR stable release line to the
17ESR stable release line, this update brings critical security and
bugfixes:
*
MFSA 2013-28: Security researcher Abhishek Arya (Inferno) of the
Google Chrome Security Team used the Address Sanitizer tool to
discover a series of use-after-free, out of bounds read, and buffer
overflow problems rated as low to critical security issues in shipped
software. Some of these issues are potentially exploitable, allowing
for remote code execution. We would also like to thank Abhishek for
reporting four additional use-after-free and out of bounds write
flaws introduced during Firefox development that were fixed before
general release.
*
The following issues have been fixed in Firefox 19 and ESR 17.0.3:
o Heap-use-after-free in nsOverflowContinuationTracker::Finish,
with -moz-columns (CVE-2013-0780)
o Heap-buffer-overflow WRITE in
nsSaveAsCharset::DoCharsetConversion (CVE-2013-0782)
*
MFSA 2013-27 / CVE-2013-0776: Google security researcher Michal
Zalewski reported an issue where the browser displayed the content of
a proxy's 407 response if a user canceled the proxy's authentication
prompt. In this circumstance, the addressbar will continue to show
the requested site's address, including HTTPS addresses that appear
to be secure. This spoofing of addresses can be used for phishing
attacks by fooling users into entering credentials, for example.
*
MFSA 2013-26 / CVE-2013-0775: Security researcher Nils reported a
use-after-free in nsImageLoadingContent when content script is
executed. This could allow for arbitrary code execution.
*
MFSA 2013-25 / CVE-2013-0774: Mozilla security researcher Frederik
Braun discovered that since Firefox 15 the file system location of
the active browser profile was available to JavaScript workers. While
not dangerous by itself, this could potentially be combined with
other vulnerabilities to target the profile in an attack.
*
MFSA 2013-24 / CVE-2013-0773: Mozilla developer Bobby Holley
discovered that it was possible to bypass some protections in Chrome
Object Wrappers (COW) and System Only Wrappers (SOW), making their
prototypes mutable by web content. This could be used leak
information from chrome objects and possibly allow for arbitrary code
execution.
*
MFSA 2013-23 / CVE-2013-0765: Mozilla developer Boris Zbarsky
reported that in some circumstances a wrapped WebIDL object can be
wrapped multiple times, overwriting the existing wrapped state. This
could lead to an exploitable condition in rare cases.
*
MFSA 2013-22 / CVE-2013-0772: Using the Address Sanitizer tool,
security researcher Atte Kettunen from OUSPG found an out-of-bounds
read while rendering GIF format images. This could cause a
non-exploitable crash and could also attempt to render normally
inaccesible data as part of the image.
*
MFSA 2013-21: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
Olli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew
McCreight, Joe Drew, and Wayne Mery reported memory safety problems
and crashes that affect Firefox ESR 17, and Firefox 18.
*
Memory safety bugs fixed in Firefox ESR 17.0.3, and Firefox 19
(CVE-2013-0783)
SUSE bug 796895SUSE bug 803326SUSE bug 804248CVE-2012-5829 at SUSECVE-2012-5829 at NVDCVE-2013-0743 at SUSECVE-2013-0743 at NVDCVE-2013-0744 at SUSECVE-2013-0744 at NVDCVE-2013-0745 at SUSECVE-2013-0745 at NVDCVE-2013-0746 at SUSECVE-2013-0746 at NVDCVE-2013-0747 at SUSECVE-2013-0747 at NVDCVE-2013-0748 at SUSECVE-2013-0748 at NVDCVE-2013-0749 at SUSECVE-2013-0749 at NVDCVE-2013-0750 at SUSECVE-2013-0750 at NVDCVE-2013-0751 at SUSECVE-2013-0751 at NVDCVE-2013-0752 at SUSECVE-2013-0752 at NVDCVE-2013-0753 at SUSECVE-2013-0753 at NVDCVE-2013-0754 at SUSECVE-2013-0754 at NVDCVE-2013-0755 at SUSECVE-2013-0755 at NVDCVE-2013-0756 at SUSECVE-2013-0756 at NVDCVE-2013-0757 at SUSECVE-2013-0757 at NVDCVE-2013-0758 at SUSECVE-2013-0758 at NVDCVE-2013-0759 at SUSECVE-2013-0759 at NVDCVE-2013-0760 at SUSECVE-2013-0760 at NVDCVE-2013-0761 at SUSECVE-2013-0761 at NVDCVE-2013-0762 at SUSECVE-2013-0762 at NVDCVE-2013-0763 at SUSECVE-2013-0763 at NVDCVE-2013-0764 at SUSECVE-2013-0764 at NVDCVE-2013-0765 at SUSECVE-2013-0765 at NVDCVE-2013-0766 at SUSECVE-2013-0766 at NVDCVE-2013-0767 at SUSECVE-2013-0767 at NVDCVE-2013-0768 at SUSECVE-2013-0768 at NVDCVE-2013-0769 at SUSECVE-2013-0769 at NVDCVE-2013-0770 at SUSECVE-2013-0770 at NVDCVE-2013-0771 at SUSECVE-2013-0771 at NVDCVE-2013-0772 at SUSECVE-2013-0772 at NVDCVE-2013-0773 at SUSECVE-2013-0773 at NVDCVE-2013-0774 at SUSECVE-2013-0774 at NVDCVE-2013-0775 at SUSECVE-2013-0775 at NVDCVE-2013-0776 at SUSECVE-2013-0776 at NVDCVE-2013-0780 at SUSECVE-2013-0780 at NVDCVE-2013-0782 at SUSECVE-2013-0782 at NVDCVE-2013-0783 at SUSECVE-2013-0783 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
MozillaFirefox has been updated to the 17.0.4ESR release which fixes one
important security issue:
* MFSA 2013-29 / CVE-2013-0787: VUPEN Security, via TippingPoint's Zero
Day Initiative, reported a use-after-free within the HTML editor when
content script is run by the document.execCommand() function while
internal editor operations are occurring. This could allow for
arbitrary code execution.
Security Issue reference:
* CVE-2013-0787
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0787>
SUSE bug 808243CVE-2013-0787 at SUSECVE-2013-0787 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
MozillaFirefox has been updated to the 17.0.5ESR release fixing bugs and
security issues.
Also Mozilla NSS has been updated to version 3.14.3 and Mozilla NSPR to
4.9.6.
*
MFSA 2013-30: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
Olli Pettay, Jesse Ruderman, Boris Zbarsky, Christian Holler, Milan
Sreckovic, and Joe Drew reported memory safety problems and crashes
that affect Firefox ESR 17, and Firefox 19. (CVE-2013-0788)
Andrew McCreight, Randell Jesup, Gary Kwong, Jesse Ruderman,
Christian Holler, and Mats Palmgren reported memory safety problems
and crashes that affect Firefox 19. (CVE-2013-0789)
Jim Chen reported a memory safety problem that affects Firefox for
Android 19. (CVE-2013-0790)
*
MFSA 2013-31 / CVE-2013-0800: Security researcher Abhishek Arya
(Inferno) of the Google Chrome Security Team used the Address
Sanitizer tool to discover an out-of-bounds write in Cairo graphics
library. When certain values are passed to it during rendering, Cairo
attempts to use negative boundaries or sizes for boxes, leading to a
potentially exploitable crash in some instances.
*
MFSA 2013-32 / CVE-2013-0799: Security researcher Frederic Hoguin
discovered that the Mozilla Maintenance Service on Windows was
vulnerable to a buffer overflow. This system is used to update
software without invoking the User Account Control (UAC) prompt. The
Mozilla Maintenance Service is configured to allow unprivileged users
to start it with arbitrary arguments. By manipulating the data passed
in these arguments, an attacker can execute arbitrary code with the
system privileges used by the service. This issue requires local file
system access to be exploitable.
*
MFSA 2013-33 / CVE-2013-0798: Security researcher Shuichiro Suzuki of
the Fourteenforty Research Institute reported the app_tmp directory
is set to be world readable and writeable by Firefox for Android.
This potentially allows for third party applications to replace or
alter Firefox add-ons when downloaded because they are temporarily
stored in the app_tmp directory before installation.
This vulnerability only affects Firefox for Android.
*
MFSA 2013-34 / CVE-2013-0797: Security researcher Ash reported an
issue with the Mozilla Updater. The Mozilla Updater can be made to
load a malicious local DLL file in a privileged context through
either the Mozilla Maintenance Service or independently on systems
that do not use the service. This occurs when the DLL file is placed
in a specific location on the local system before the Mozilla Updater
is run. Local file system access is necessary in order for this issue
to be exploitable.
*
MFSA 2013-35 / CVE-2013-0796: Security researcher miaubiz used the
Address Sanitizer tool to discover a crash in WebGL rendering when
memory is freed that has not previously been allocated. This issue
only affects Linux users who have Intel Mesa graphics drivers. The
resulting crash could be potentially exploitable.
*
MFSA 2013-36 / CVE-2013-0795: Security researcher Cody Crews reported
a mechanism to use the cloneNode method to bypass System Only
Wrappers (SOW) and clone a protected node. This allows violation of
the browser's same origin policy and could also lead to privilege
escalation and the execution of arbitrary code.
*
MFSA 2013-37 / CVE-2013-0794: Security researcher shutdown reported a
method for removing the origin indication on tab-modal dialog boxes
in combination with browser navigation. This could allow an
attacker's dialog to overlay a page and show another site's content.
This can be used for phishing by allowing users to enter data into a
modal prompt dialog on an attacking, site while appearing to be from
the displayed site.
*
MFSA 2013-38 / CVE-2013-079: Security researcher Mariusz Mlynski
reported a method to use browser navigations through history to load
an arbitrary website with that page's baseURI property pointing to
another site instead of the seemingly loaded one. The user will
continue to see the incorrect site in the addressbar of the browser.
This allows for a cross-site scripting (XSS) attack or the theft of
data through a phishing attack.
*
MFSA 2013-39 / CVE-2013-0792: Mozilla community member Tobias Schula
reported that if gfx.color_management.enablev4 preference is enabled
manually in about:config, some grayscale PNG images will be rendered
incorrectly and cause memory corruption during PNG decoding when
certain color profiles are in use. A crafted PNG image could use this
flaw to leak data through rendered images drawing from random memory.
By default, this preference is not enabled.
*
MFSA 2013-40 / CVE-2013-0791: Mozilla community member Ambroz Bizjak
reported an out-of-bounds array read in the CERT_DecodeCertPackage
function of the Network Security Services (NSS) libary when decoding
a certificate. When this occurs, it will lead to memory corruption
and a non-exploitable crash.
Security Issue references:
* CVE-2013-0788
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0788>
* CVE-2013-0789
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0789>
* CVE-2013-0790
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0790>
* CVE-2013-0791
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0791>
* CVE-2013-0792
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0792>
* CVE-2013-0794
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0794>
* CVE-2013-0795
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0795>
* CVE-2013-0796
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0796>
* CVE-2013-0797
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0797>
* CVE-2013-0798
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0798>
* CVE-2013-0799
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0799>
* CVE-2013-0800
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0800>
SUSE bug 813026CVE-2013-0788 at SUSECVE-2013-0788 at NVDCVE-2013-0789 at SUSECVE-2013-0789 at NVDCVE-2013-0790 at SUSECVE-2013-0790 at NVDCVE-2013-0791 at SUSECVE-2013-0791 at NVDCVE-2013-0792 at SUSECVE-2013-0792 at NVDCVE-2013-0794 at SUSECVE-2013-0794 at NVDCVE-2013-0795 at SUSECVE-2013-0795 at NVDCVE-2013-0796 at SUSECVE-2013-0796 at NVDCVE-2013-0797 at SUSECVE-2013-0797 at NVDCVE-2013-0798 at SUSECVE-2013-0798 at NVDCVE-2013-0799 at SUSECVE-2013-0799 at NVDCVE-2013-0800 at SUSECVE-2013-0800 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla Firefox has been updated to the 17.0.6ESR security release.
*
MFSA 2013-30: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
Olli Pettay, Jesse Ruderman, Boris Zbarsky, Christian Holler, Milan
Sreckovic, and Joe Drew reported memory safety problems and crashes
that affect Firefox ESR 17, and Firefox 19. (CVE-2013-0788)
*
MFSA 2013-31 / CVE-2013-0800: Security researcher Abhishek Arya
(Inferno) of the Google Chrome Security Team used the Address
Sanitizer tool to discover an out-of-bounds write in Cairo graphics
library. When certain values are passed to it during rendering, Cairo
attempts to use negative boundaries or sizes for boxes, leading to a
potentially exploitable crash in some instances.
*
MFSA 2013-32 / CVE-2013-0799: Security researcher Frederic Hoguin
discovered that the Mozilla Maintenance Service on Windows was
vulnerable to a buffer overflow. This system is used to update
software without invoking the User Account Control (UAC) prompt. The
Mozilla Maintenance Service is configured to allow unprivileged users
to start it with arbitrary arguments. By manipulating the data passed
in these arguments, an attacker can execute arbitrary code with the
system privileges used by the service. This issue requires local file
system access to be exploitable.
*
MFSA 2013-34 / CVE-2013-0797: Security researcher Ash reported an
issue with the Mozilla Updater. The Mozilla Updater can be made to
load a malicious local DLL file in a privileged context through
either the Mozilla Maintenance Service or independently on systems
that do not use the service. This occurs when the DLL file is placed
in a specific location on the local system before the Mozilla Updater
is run. Local file system access is necessary in order for this issue
to be exploitable.
*
MFSA 2013-35 / CVE-2013-0796: Security researcher miaubiz used the
Address Sanitizer tool to discover a crash in WebGL rendering when
memory is freed that has not previously been allocated. This issue
only affects Linux users who have Intel Mesa graphics drivers. The
resulting crash could be potentially exploitable.
*
MFSA 2013-36 / CVE-2013-0795: Security researcher Cody Crews reported
a mechanism to use the cloneNode method to bypass System Only
Wrappers (SOW) and clone a protected node. This allows violation of
the browser's same origin policy and could also lead to privilege
escalation and the execution of arbitrary code.
*
MFSA 2013-37 / CVE-2013-0794: Security researcher shutdown reported a
method for removing the origin indication on tab-modal dialog boxes
in combination with browser navigation. This could allow an
attacker's dialog to overlay a page and show another site's content.
This can be used for phishing by allowing users to enter data into a
modal prompt dialog on an attacking, site while appearing to be from
the displayed site.
*
MFSA 2013-38 / CVE-2013-0793: Security researcher Mariusz Mlynski
reported a method to use browser navigations through history to load
an arbitrary website with that page's baseURI property pointing to
another site instead of the seemingly loaded one. The user will
continue to see the incorrect site in the addressbar of the browser.
This allows for a cross-site scripting (XSS) attack or the theft of
data through a phishing attack.
*
MFSA 2013-39 / CVE-2013-0792: Mozilla community member Tobias Schula
reported that if gfx.color_management.enablev4 preference is enabled
manually in about:config, some grayscale PNG images will be rendered
incorrectly and cause memory corruption during PNG decoding when
certain color profiles are in use. A crafted PNG image could use this
flaw to leak data through rendered images drawing from random memory.
By default, this preference is not enabled.
*
MFSA 2013-40 / CVE-2013-0791: Mozilla community member Ambroz Bizjak
reported an out-of-bounds array read in the CERT_DecodeCertPackage
function of the Network Security Services (NSS) libary when decoding
a certificate. When this occurs, it will lead to memory corruption
and a non-exploitable crash.
SUSE bug 792432SUSE bug 819204CVE-2013-0788 at SUSECVE-2013-0788 at NVDCVE-2013-0791 at SUSECVE-2013-0791 at NVDCVE-2013-0792 at SUSECVE-2013-0792 at NVDCVE-2013-0793 at SUSECVE-2013-0793 at NVDCVE-2013-0794 at SUSECVE-2013-0794 at NVDCVE-2013-0795 at SUSECVE-2013-0795 at NVDCVE-2013-0796 at SUSECVE-2013-0796 at NVDCVE-2013-0797 at SUSECVE-2013-0797 at NVDCVE-2013-0799 at SUSECVE-2013-0799 at NVDCVE-2013-0800 at SUSECVE-2013-0800 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla Firefox has been updated to the 17.0.7 ESR version, which fixes
bugs and security issues:
*
MFSA 2013-49: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
Gary Kwong, Jesse Ruderman, and Andrew McCreight reported memory
safety problems and crashes that affect Firefox ESR 17, and Firefox
21. (CVE-2013-1682)
*
MFSA 2013-50: Security researcher Abhishek Arya (Inferno) of the
Google Chrome Security Team used the Address Sanitizer tool to
discover a series of use-after-free problems rated critical as
security issues in shipped software. Some of these issues are
potentially exploitable, allowing for remote code execution. We would
also like to thank Abhishek for reporting additional use-after-free
and buffer overflow flaws in code introduced during Firefox
development. These were fixed before general release.
o Heap-use-after-free in
mozilla::dom::HTMLMediaElement::LookupMediaElementURITable
(CVE-2013-1684)
o Heap-use-after-free in nsIDocument::GetRootElement
(CVE-2013-1685)
o Heap-use-after-free in mozilla::ResetDir (CVE-2013-1686)
*
MFSA 2013-51 / CVE-2013-1687: Security researcher Mariusz Mlynski
reported that it is possible to compile a user-defined function in
the XBL scope of a specific element and then trigger an event within
this scope to run code. In some circumstances, when this code is run,
it can access content protected by System Only Wrappers (SOW) and
chrome-privileged pages. This could potentially lead to arbitrary
code execution. Additionally, Chrome Object Wrappers (COW) can be
bypassed by web content to access privileged methods, leading to a
cross-site scripting (XSS) attack from privileged pages.
*
MFSA 2013-53 / CVE-2013-1690: Security researcher Nils reported that
specially crafted web content using the onreadystatechange event and
reloading of pages could sometimes cause a crash when unmapped memory
is executed. This crash is potentially exploitable.
*
MFSA 2013-54 / CVE-2013-1692: Security researcher Johnathan Kuskos
reported that Firefox is sending data in the body of XMLHttpRequest
(XHR) HEAD requests, which goes agains the XHR specification. This
can potentially be used for Cross-Site Request Forgery (CSRF) attacks
against sites which do not distinguish between HEAD and POST
requests.
*
MFSA 2013-55 / CVE-2013-1693: Security researcher Paul Stone of
Context Information Security discovered that timing differences in
the processing of SVG format images with filters could allow for
pixel values to be read. This could potentially allow for text values
to be read across domains, leading to information disclosure.
*
MFSA 2013-59 / CVE-2013-1697: Mozilla security researcher
moz_bug_r_a4 reported that XrayWrappers can be bypassed to call
content-defined toString and valueOf methods through DefaultValue.
This can lead to unexpected behavior when privileged code acts on the
incorrect values.
Security Issue references:
* CVE-2013-1682
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1682>
* CVE-2013-1684
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1684>
* CVE-2013-1685
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1685>
* CVE-2013-1686
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1686>
* CVE-2013-1687
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1687>
* CVE-2013-1690
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1690>
* CVE-2013-1692
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1692>
* CVE-2013-1693
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1693>
* CVE-2013-1697
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1697>
SUSE bug 825935CVE-2013-1682 at SUSECVE-2013-1682 at NVDCVE-2013-1684 at SUSECVE-2013-1684 at NVDCVE-2013-1685 at SUSECVE-2013-1685 at NVDCVE-2013-1686 at SUSECVE-2013-1686 at NVDCVE-2013-1687 at SUSECVE-2013-1687 at NVDCVE-2013-1690 at SUSECVE-2013-1690 at NVDCVE-2013-1692 at SUSECVE-2013-1692 at NVDCVE-2013-1693 at SUSECVE-2013-1693 at NVDCVE-2013-1697 at SUSECVE-2013-1697 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla Firefox has been updated to the 17.0.10ESR release, which fixes
various bugs and security issues:
*
MFSA 2013-93: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
Jesse Ruderman and Christoph Diehl reported memory safety problems
and crashes that affect Firefox ESR 17, Firefox ESR 24, and Firefox
24. (CVE-2013-5590)
Carsten Book reported a crash fixed in the NSS library used by
Mozilla-based products fixed in Firefox 25, Firefox ESR 24.1, and
Firefox ESR 17.0.10.(CVE-2013-1739)
*
MFSA 2013-95 / CVE-2013-5604: Security researcher Abhishek Arya
(Inferno) of the Google Chrome Security Team used the Address
Sanitizer tool to discover an access violation due to uninitialized
data during Extensible Stylesheet Language Transformation (XSLT)
processing. This leads to a potentially exploitable crash.
*
MFSA 2013-96 / CVE-2013-5595: Compiler Engineer Dan Gohman of Google
discovered a flaw in the JavaScript engine where memory was being
incorrectly allocated for some functions and the calls for
allocations were not always properly checked for overflow, leading to
potential buffer overflows. When combined with other vulnerabilities,
these flaws could be potentially exploitable.
*
MFSA 2013-98 / CVE-2013-5597: Security researcher Byoungyoung Lee of
Georgia Tech Information Security Center (GTISC) used the Address
Sanitizer tool to discover a use-after-free during state change
events while updating the offline cache. This leads to a potentially
exploitable crash.
*
MFSA 2013-100: Security researcher Nils used the Address Sanitizer
tool while fuzzing to discover missing strong references in browsing
engine leading to use-after-frees. This can lead to a potentially
exploitable crash.
o ASAN heap-use-after-free in nsIPresShell::GetPresContext() with
canvas, onresize and mozTextStyle (CVE-2013-5599)
o ASAN use-after-free in
nsIOService::NewChannelFromURIWithProxyFlags with Blob URL
(CVE-2013-5600)
o ASAN use-after free in GC allocation in
nsEventListenerManager::SetEventHandler (CVE-2013-5601)
*
MFSA 2013-101 / CVE-2013-5602: Security researcher Nils used the
Address Sanitizer tool while fuzzing to discover a memory corruption
issue with the JavaScript engine when using workers with direct
proxies. This results in a potentially exploitable crash.
Security Issue reference:
* CVE-2013-1739
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1739>
SUSE bug 847708CVE-2013-1739 at SUSECVE-2013-1739 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla Firefox was updated to the 24.3.0ESR security release.
The Following security issues have been fixed:
*
MFSA 2014-01: Memory safety bugs fixed in Firefox ESR 24.3 and
Firefox 27.0 (CVE-2014-1477)(bnc#862345)
*
MFSA 2014-02: Using XBL scopes its possible to steal(clone) native
anonymous content (CVE-2014-1479)(bnc#862348)
*
MFSA 2014-03: Download 'open file' dialog delay is too quick, doesn't
prevent clickjacking (CVE-2014-1480)
*
MFSA 2014-04: Image decoding causing FireFox to crash with Goo Create
(CVE-2014-1482)(bnc#862356)
*
MFSA 2014-05: caretPositionFromPoint and elementFromPoint leak
information about iframe contents via timing information
(CVE-2014-1483)(bnc#862360)
*
MFSA 2014-06: Fennec leaks profile path to logcat (CVE-2014-1484)
*
MFSA 2014-07: CSP should block XSLT as script, not as style
(CVE-2014-1485)
*
MFSA 2014-08: imgRequestProxy Use-After-Free Remote Code Execution
Vulnerability (CVE-2014-1486)
*
MFSA 2014-09: Cross-origin information disclosure with error message
of Web Workers (CVE-2014-1487)
*
MFSA 2014-10: settings & history ID bug (CVE-2014-1489)
*
MFSA 2014-11: Firefox reproducibly crashes when using asm.js code in
workers and transferable objects (CVE-2014-1488)
*
MFSA 2014-12: TOCTOU, potential use-after-free in libssl's session
ticket processing (CVE-2014-1490)(bnc#862300) Do not allow p-1 as a
public DH value (CVE-2014-1491)(bnc#862289)
*
MFSA 2014-13: Inconsistent this value when invoking getters on window
(CVE-2014-1481)(bnc#862309)
Also Mozilla NSS was updated to the 3.15.4 release.
* required for Firefox 27
* regular CA root store update (1.96)
* some OSCP improvments
* other bugfixes
Security Issue references:
* CVE-2014-1477
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1477>
* CVE-2014-1479
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1479>
* CVE-2014-1480
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1480>
* CVE-2014-1481
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1481>
* CVE-2014-1482
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1482>
* CVE-2014-1483
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1483>
* CVE-2014-1484
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1484>
* CVE-2014-1485
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1485>
* CVE-2014-1486
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1486>
* CVE-2014-1487
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1487>
* CVE-2014-1488
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1488>
* CVE-2014-1489
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1489>
* CVE-2014-1490
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1490>
* CVE-2014-1491
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1491>
SUSE bug 859055SUSE bug 861847CVE-2014-1477 at SUSECVE-2014-1477 at NVDCVE-2014-1479 at SUSECVE-2014-1479 at NVDCVE-2014-1480 at SUSECVE-2014-1480 at NVDCVE-2014-1481 at SUSECVE-2014-1481 at NVDCVE-2014-1482 at SUSECVE-2014-1482 at NVDCVE-2014-1483 at SUSECVE-2014-1483 at NVDCVE-2014-1484 at SUSECVE-2014-1484 at NVDCVE-2014-1485 at SUSECVE-2014-1485 at NVDCVE-2014-1486 at SUSECVE-2014-1486 at NVDCVE-2014-1487 at SUSECVE-2014-1487 at NVDCVE-2014-1488 at SUSECVE-2014-1488 at NVDCVE-2014-1489 at SUSECVE-2014-1489 at NVDCVE-2014-1490 at SUSECVE-2014-1490 at NVDCVE-2014-1491 at SUSECVE-2014-1491 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla Firefox was updated to 24.4.0ESR release, fixing various security
issues and bugs:
*
MFSA 2014-15: Mozilla developers and community identified identified
and fixed several memory safety bugs in the browser engine used in
Firefox and other Mozilla-based products. Some of these bugs showed
evidence of memory corruption under certain circumstances, and we
presume that with enough effort at least some of these could be
exploited to run arbitrary code.
*
Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij, Jesse Ruderman,
Dan Gohman, and Christoph Diehl reported memory safety problems and
crashes that affect Firefox ESR 24.3 and Firefox 27. (CVE-2014-1493)
*
Gregor Wagner, Olli Pettay, Gary Kwong, Jesse Ruderman, Luke Wagner,
Rob Fletcher, and Makoto Kato reported memory safety problems and
crashes that affect Firefox 27. (CVE-2014-1494)
*
MFSA 2014-16 / CVE-2014-1496: Security researcher Ash reported an
issue where the extracted files for updates to existing files are not
read only during the update process. This allows for the potential
replacement or modification of these files during the update process
if a malicious application is present on the local system.
*
MFSA 2014-17 / CVE-2014-1497: Security researcher Atte Kettunen from
OUSPG reported an out of bounds read during the decoding of WAV
format audio files for playback. This could allow web content access
to heap data as well as causing a crash.
*
MFSA 2014-18 / CVE-2014-1498: Mozilla developer David Keeler reported
that the crypto.generateCRFMRequest method did not correctly validate
the key type of the KeyParams argument when generating ec-dual-use
requests. This could lead to a crash and a denial of service (DOS)
attack.
*
MFSA 2014-19 / CVE-2014-1499: Mozilla developer Ehsan Akhgari
reported a spoofing attack where the permission prompt for a WebRTC
session can appear to be from a different site than its actual
originating site if a timed navigation occurs during the prompt
generation. This allows an attacker to potentially gain access to the
webcam or microphone by masquerading as another site and gaining user
permission through spoofing.
*
MFSA 2014-20 / CVE-2014-1500: Security researchers Tim Philipp
Schaefers and Sebastian Neef, the team of Internetwache.org, reported
a mechanism using JavaScript onbeforeunload events with page
navigation to prevent users from closing a malicious page's tab and
causing the browser to become unresponsive. This allows for a denial
of service (DOS) attack due to resource consumption and blocks the
ability of users to exit the application.
*
MFSA 2014-21 / CVE-2014-1501: Security researcher Alex Infuehr
reported that on Firefox for Android it is possible to open links to
local files from web content by selecting 'Open Link in New Tab' from
the context menu using the file: protocol. The web content would have
to know the precise location of a malicious local file in order to
exploit this issue. This issue does not affect Firefox on non-Android
systems.
*
MFSA 2014-22 / CVE-2014-1502: Mozilla developer Jeff Gilbert
discovered a mechanism where a malicious site with WebGL content
could inject content from its context to that of another site's WebGL
context, causing the second site to replace textures and similar
content. This cannot be used to steal data but could be used to
render arbitrary content in these limited circumstances.
*
MFSA 2014-23 / CVE-2014-1504: Security researcher Nicolas Golubovic
reported that the Content Security Policy (CSP) of data: documents
was not saved as part of session restore. If an attacker convinced a
victim to open a document from a data: URL injected onto a page, this
can lead to a Cross-Site Scripting (XSS) attack. The target page may
have a strict CSP that protects against this XSS attack, but if the
attacker induces a browser crash with another bug, an XSS attack
would occur during session restoration, bypassing the CSP on the
site.
*
MFSA 2014-26 / CVE-2014-1508: Security researcher Tyson Smith and
Jesse Schwartzentruber of the BlackBerry Security Automated Analysis
Team used the Address Sanitizer tool while fuzzing to discover an
out-of-bounds read during polygon rendering in MathML. This can allow
web content to potentially read protected memory addresses. In
combination with previous techniques used for SVG timing attacks,
this could allow for text values to be read across domains, leading
to information disclosure.
*
MFSA 2014-27 / CVE-2014-1509: Security researcher John Thomson
discovered a memory corruption in the Cairo graphics library during
font rendering of a PDF file for display. This memory corruption
leads to a potentially exploitable crash and to a denial of service
(DOS). This issues is not able to be triggered in a default
configuration and would require a malicious extension to be
installed.
*
MFSA 2014-28 / CVE-2014-1505: Mozilla developer Robert O'Callahan
reported a mechanism for timing attacks involving SVG filters and
displacements input to feDisplacementMap. This allows displacements
to potentially be correlated with values derived from content. This
is similar to the previously reported techniques used for SVG timing
attacks and could allow for text values to be read across domains,
leading to information disclosure.
*
MFSA 2014-29 / CVE-2014-1510 / CVE-2014-1511: Security researcher
Mariusz Mlynski, via TippingPoint's Pwn2Own contest, reported that it
is possible for untrusted web content to load a chrome-privileged
page by getting JavaScript-implemented WebIDL to call window.open().
A second bug allowed the bypassing of the popup-blocker without user
interaction. Combined these two bugs allow an attacker to load a
JavaScript URL that is executed with the full privileges of the
browser, which allows arbitrary code execution.
*
MFSA 2014-30 / CVE-2014-1512: Security research firm VUPEN, via
TippingPoint's Pwn2Own contest, reported that memory pressure during
Garbage Collection could lead to memory corruption of TypeObjects in
the JS engine, resulting in an exploitable use-after-free condition.
*
MFSA 2014-31 / CVE-2014-1513: Security researcher Jueri Aedla, via
TippingPoint's Pwn2Own contest, reported that TypedArrayObject does
not handle the case where ArrayBuffer objects are neutered, setting
their length to zero while still in use. This leads to out-of-bounds
reads and writes into the JavaScript heap, allowing for arbitrary
code execution.
*
MFSA 2014-32 / CVE-2014-1514: Security researcher George Hotz, via
TippingPoint's Pwn2Own contest, discovered an issue where values are
copied from an array into a second, neutered array. This allows for
an out-of-bounds write into memory, causing an exploitable crash
leading to arbitrary code execution.
SUSE bug 868603CVE-2014-1493 at SUSECVE-2014-1493 at NVDCVE-2014-1494 at SUSECVE-2014-1494 at NVDCVE-2014-1496 at SUSECVE-2014-1496 at NVDCVE-2014-1497 at SUSECVE-2014-1497 at NVDCVE-2014-1498 at SUSECVE-2014-1498 at NVDCVE-2014-1499 at SUSECVE-2014-1499 at NVDCVE-2014-1500 at SUSECVE-2014-1500 at NVDCVE-2014-1501 at SUSECVE-2014-1501 at NVDCVE-2014-1502 at SUSECVE-2014-1502 at NVDCVE-2014-1504 at SUSECVE-2014-1504 at NVDCVE-2014-1505 at SUSECVE-2014-1505 at NVDCVE-2014-1508 at SUSECVE-2014-1508 at NVDCVE-2014-1509 at SUSECVE-2014-1509 at NVDCVE-2014-1510 at SUSECVE-2014-1510 at NVDCVE-2014-1511 at SUSECVE-2014-1511 at NVDCVE-2014-1512 at SUSECVE-2014-1512 at NVDCVE-2014-1513 at SUSECVE-2014-1513 at NVDCVE-2014-1514 at SUSECVE-2014-1514 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla Firefox has been updated to the 24.7ESR security release.
Security issues fixed in this release:
* CVE-2014-1544 -
https://www.mozilla.org/security/announce/2014/mfsa2014-63.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-63.html>
* CVE-2014-1548 -
https://www.mozilla.org/security/announce/2014/mfsa2014-56.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-56.html>
* CVE-2014-1549 -
https://www.mozilla.org/security/announce/2014/mfsa2014-57.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-57.html>
* CVE-2014-1550 -
https://www.mozilla.org/security/announce/2014/mfsa2014-58.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-58.html>
* CVE-2014-1551 -
https://www.mozilla.org/security/announce/2014/mfsa2014-59.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-59.html>
* CVE-2014-1552 -
https://www.mozilla.org/security/announce/2014/mfsa2014-66.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-66.html>
* CVE-2014-1555 -
https://www.mozilla.org/security/announce/2014/mfsa2014-61.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-61.html>
* CVE-2014-1556 -
https://www.mozilla.org/security/announce/2014/mfsa2014-62.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-62.html>
* CVE-2014-1557 -
https://www.mozilla.org/security/announce/2014/mfsa2014-64.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-64.html>
* CVE-2014-1558, CVE-2014-1559, CVE-2014-1560 -
https://www.mozilla.org/security/announce/2014/mfsa2014-65.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-65.html>
* CVE-2014-1561 -
https://www.mozilla.org/security/announce/2014/mfsa2014-60.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-60.html>
Security Issues:
* CVE-2014-1557
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1557>
* CVE-2014-1547
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1547>
* CVE-2014-1548
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1548>
* CVE-2014-1556
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1556>
* CVE-2014-1544
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544>
* CVE-2014-1555
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1555>
SUSE bug 887746CVE-2014-1544 at SUSECVE-2014-1544 at NVDCVE-2014-1547 at SUSECVE-2014-1547 at NVDCVE-2014-1548 at SUSECVE-2014-1548 at NVDCVE-2014-1555 at SUSECVE-2014-1555 at NVDCVE-2014-1556 at SUSECVE-2014-1556 at NVDCVE-2014-1557 at SUSECVE-2014-1557 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla Firefox was updated to the 24.8.0ESR release, fixing security
issues and bugs.
Only some of the published security advisories affect the Mozilla Firefox
24ESR codestream:
* MFSA 2014-72 / CVE-2014-1567: Security researcher regenrecht
reported, via TippingPoint's Zero Day Initiative, a use-after-free
during text layout when interacting with the setting of text
direction. This results in a use-after-free which can lead to
arbitrary code execution.
* MFSA 2014-67: Mozilla developers and community identified and fixed
several memory safety bugs in the browser engine used in Firefox and
other Mozilla-based products. Some of these bugs showed evidence of
memory corruption under certain circumstances, and we presume that
with enough effort at least some of these could be exploited to run
arbitrary code.
* Jan de Mooij reported a memory safety problem that affects Firefox
ESR 24.7, ESR 31 and Firefox 31. (CVE-2014-1562)
More information is referenced on:
https://www.mozilla.org/security/announce/
<https://www.mozilla.org/security/announce/> .
SUSE bug 894370CVE-2014-1562 at SUSECVE-2014-1562 at NVDCVE-2014-1567 at SUSECVE-2014-1567 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla Firefox has been updated to the 31.3ESR release fixing bugs and
security issues.
*
MFSA 2014-83 / CVE-2014-1588 / CVE-2014-1587: Mozilla developers and
community identified and fixed several memory safety bugs in the
browser engine used in Firefox and other Mozilla-based products. Some
of these bugs showed evidence of memory corruption under certain
circumstances, and we presume that with enough effort at least some
of these could be exploited to run arbitrary code.
*
MFSA 2014-85 / CVE-2014-1590: Security researcher Joe Vennix from
Rapid7 reported that passing a JavaScript object to XMLHttpRequest
that mimics an input stream will a crash. This crash is not
exploitable and can only be used for denial of service attacks.
*
MFSA 2014-87 / CVE-2014-1592: Security researcher Berend-Jan Wever
reported a use-after-free created by triggering the creation of a
second root element while parsing HTML written to a document created
with document.open(). This leads to a potentially exploitable crash.
*
MFSA 2014-88 / CVE-2014-1593: Security researcher Abhishek Arya
(Inferno) of the Google Chrome Security Team used the Address
Sanitizer tool to discover a buffer overflow during the parsing of
media content. This leads to a potentially exploitable crash.
*
MFSA 2014-89 / CVE-2014-1594: Security researchers Byoungyoung Lee,
Chengyu Song, and Taesoo Kim at the Georgia Tech Information Security
Center (GTISC) reported a bad casting from the BasicThebesLayer to
BasicContainerLayer, resulting in undefined behavior. This behavior
is potentially exploitable with some compilers but no clear mechanism
to trigger it through web content was identified.
*
MFSA 2014-90 / CVE-2014-1595: Security researcher Kent Howard
reported an Apple issue present in OS X 10.10 (Yosemite) where log
files are created by the CoreGraphics framework of OS X in the /tmp
local directory. These log files contain a record of all inputs into
Mozilla programs during their operation. In versions of OS X from
versions 10.6 through 10.9, the CoreGraphics had this logging ability
but it was turned off by default. In OS X 10.10, this logging was
turned on by default for some applications that use a custom memory
allocator, such as jemalloc, because of an initialization bug in the
framework. This issue has been addressed in Mozilla products by
explicitly turning off the framework's logging of input events. On
vulnerable systems, this issue can result in private data such as
usernames, passwords, and other inputed data being saved to a log
file on the local system.
Security Issues:
* CVE-2014-1587
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1587>
* CVE-2014-1588
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1588>
* CVE-2014-1589
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1589>
* CVE-2014-1590
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1590>
* CVE-2014-1591
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1591>
* CVE-2014-1592
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1592>
* CVE-2014-1593
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1593>
* CVE-2014-1594
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1594>
* CVE-2014-1595
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1595>
SUSE bug 908009CVE-2014-1587 at SUSECVE-2014-1587 at NVDCVE-2014-1588 at SUSECVE-2014-1588 at NVDCVE-2014-1589 at SUSECVE-2014-1589 at NVDCVE-2014-1590 at SUSECVE-2014-1590 at NVDCVE-2014-1591 at SUSECVE-2014-1591 at NVDCVE-2014-1592 at SUSECVE-2014-1592 at NVDCVE-2014-1593 at SUSECVE-2014-1593 at NVDCVE-2014-1594 at SUSECVE-2014-1594 at NVDCVE-2014-1595 at SUSECVE-2014-1595 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla Firefox has been updated to the 31.4.0ESR release, fixing bugs and
security issues.
Mozilla NSS has been updated to 3.17.3, fixing a security issue and
updating the root certificates list.
For more information, please refer to
https://www.mozilla.org/en-US/security/advisories/
<https://www.mozilla.org/en-US/security/advisories/> .
Security Issues:
* CVE-2014-1569
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1569>
* CVE-2014-8634
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8634>
* CVE-2014-8639
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8639>
* CVE-2014-8641
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8641>
* CVE-2014-8638
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8638>
* CVE-2014-8636
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8636>
* CVE-2014-8637
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8637>
* CVE-2014-8640
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8640>
SUSE bug 906111SUSE bug 909563SUSE bug 910647SUSE bug 910669SUSE bug 913064SUSE bug 913066SUSE bug 913067SUSE bug 913068SUSE bug 913102SUSE bug 913103SUSE bug 913104CVE-2014-1569 at SUSECVE-2014-1569 at NVDCVE-2014-8634 at SUSECVE-2014-8634 at NVDCVE-2014-8636 at SUSECVE-2014-8636 at NVDCVE-2014-8637 at SUSECVE-2014-8637 at NVDCVE-2014-8638 at SUSECVE-2014-8638 at NVDCVE-2014-8639 at SUSECVE-2014-8639 at NVDCVE-2014-8640 at SUSECVE-2014-8640 at NVDCVE-2014-8641 at SUSECVE-2014-8641 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
MozillaFirefox was updated to the 31.5.3ESR release to fix two security
vulnerabilities:
MFSA 2015-29 / CVE-2015-0817: Security researcher ilxu1a reported, through
HP Zero Day Initiative's Pwn2Own contest, a flaw in Mozilla's
implementation of typed array bounds checking in JavaScript just-in-time
compilation (JIT) and its management of bounds checking for heap access.
This flaw can be leveraged into the reading and writing of memory allowing
for arbitrary code execution on the local system.
* MFSA 2015-28 / CVE-2015-0818: Security researcher Mariusz Mlynski
reported, through HP Zero Day Initiative's Pwn2Own contest, a method
to run arbitrary scripts in a privileged context. This bypassed the
same-origin policy protections by using a flaw in the processing of
SVG format content navigation.
Security Issues:
* CVE-2015-0817
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0817>
* CVE-2015-0818
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0818>
SUSE bug 923534CVE-2015-0817 at SUSECVE-2015-0817 at NVDCVE-2015-0818 at SUSECVE-2015-0818 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update to Firefox 31.7.0 ESR fixes the following issues:
*
MFSA 2015-46 (CVE-2015-2708, CVE-2015-2709): Miscellaneous memory
safety hazards (rv:38.0 / rv:31.7). Upstream references: bmo#1120655,
bmo#1143299, bmo#1151139, bmo#1152177, bmo#1111251, bmo#1117977,
bmo#1128064, bmo#1135066, bmo#1143194, bmo#1146101, bmo#1149526,
bmo#1153688, bmo#1155474.
*
MFSA 2015-47 (CVE-2015-0797): Buffer overflow parsing H.264 video
with Linux Gstreamer. Upstream references: bmo#1080995.
*
MFSA 2015-48 (CVE-2015-2710): Buffer overflow with SVG content and
CSS. Upstream references: bmo#1149542.
*
MFSA 2015-51 (CVE-2015-2713): Use-after-free during text processing
with vertical text enabled. Upstream references: bmo#1153478.
*
MFSA 2015-54 (CVE-2015-2716): Buffer overflow when parsing compressed
XML. Upstream references: bmo#1140537.
Security Issues:
* CVE-2015-0797
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797>
* CVE-2015-2708
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2708>
* CVE-2015-2709
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2709>
* CVE-2015-2710
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2710>
* CVE-2015-2713
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2713>
* CVE-2015-2716
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2716>
SUSE bug 930622CVE-2015-0797 at SUSECVE-2015-0797 at NVDCVE-2015-2708 at SUSECVE-2015-2708 at NVDCVE-2015-2709 at SUSECVE-2015-2709 at NVDCVE-2015-2710 at SUSECVE-2015-2710 at NVDCVE-2015-2713 at SUSECVE-2015-2713 at NVDCVE-2015-2716 at SUSECVE-2015-2716 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla Firefox was updated to 38.2.1 ESR, fixing two severe security bugs. (bsc#943608)
* MFSA 2015-94/CVE-2015-4497 (bsc#943557): Use-after-free when resizing canvas element during restyling
* MFSA 2015-95/CVE-2015-4498 (bsc#943558): Add-on notification bypass through data URLs
ImportantSUSE bug 943557SUSE bug 943558SUSE bug 943608CVE-2015-4497 at SUSECVE-2015-4497 at NVDCVE-2015-4498 at SUSECVE-2015-4498 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for MozillaFirefox, mozilla-nspr (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla Firefox was updated to version 38.3.0 ESR (bsc#947003),
fixing bugs and security issues.
* MFSA 2015-96/CVE-2015-4500/CVE-2015-4501
Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)
* MFSA 2015-101/CVE-2015-4506
Buffer overflow in libvpx while parsing vp9 format video
* MFSA 2015-105/CVE-2015-4511
Buffer overflow while decoding WebM video
* MFSA 2015-106/CVE-2015-4509
Use-after-free while manipulating HTML media content
* MFSA 2015-110/CVE-2015-4519
Dragging and dropping images exposes final URL after
redirects
* MFSA 2015-111/CVE-2015-4520
Errors in the handling of CORS preflight request headers
* MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522
CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177
CVE-2015-7180
Vulnerabilities found through code inspection
More details can be found on
https://www.mozilla.org/en-US/security/advisories/
The Mozilla NSPR library was updated to version 4.10.9, fixing various bugs.
ImportantSUSE bug 947003CVE-2015-4500 at SUSECVE-2015-4500 at NVDCVE-2015-4501 at SUSECVE-2015-4501 at NVDCVE-2015-4506 at SUSECVE-2015-4506 at NVDCVE-2015-4509 at SUSECVE-2015-4509 at NVDCVE-2015-4511 at SUSECVE-2015-4511 at NVDCVE-2015-4517 at SUSECVE-2015-4517 at NVDCVE-2015-4519 at SUSECVE-2015-4519 at NVDCVE-2015-4520 at SUSECVE-2015-4520 at NVDCVE-2015-4521 at SUSECVE-2015-4521 at NVDCVE-2015-4522 at SUSECVE-2015-4522 at NVDCVE-2015-7174 at SUSECVE-2015-7174 at NVDCVE-2015-7175 at SUSECVE-2015-7175 at NVDCVE-2015-7176 at SUSECVE-2015-7176 at NVDCVE-2015-7177 at SUSECVE-2015-7177 at NVDCVE-2015-7180 at SUSECVE-2015-7180 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This Mozilla Firefox, NSS and NSPR update fixes the following security
and non security issues.
- mozilla-nspr was updated to version 4.10.10 (bsc#952810)
* MFSA 2015-133/CVE-2015-7183
(bmo#1205157)
NSPR memory corruption issues
- mozilla-nss was updated to 3.19.2.1 (bsc#952810)
* MFSA 2015-133/CVE-2015-7181/CVE-2015-7182
(bmo#1192028, bmo#1202868)
NSS and NSPR memory corruption issues
- MozillaFirefox was updated to 38.4.0 ESR (bsc#952810)
* MFSA 2015-116/CVE-2015-4513
(bmo#1107011, bmo#1191942, bmo#1193038, bmo#1204580,
bmo#1204669, bmo#1204700, bmo#1205707, bmo#1206564,
bmo#1208665, bmo#1209471, bmo#1213979)
Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)
* MFSA 2015-122/CVE-2015-7188
(bmo#1199430)
Trailing whitespace in IP address hostnames can bypass
same-origin policy
* MFSA 2015-123/CVE-2015-7189
(bmo#1205900)
Buffer overflow during image interactions in canvas
* MFSA 2015-127/CVE-2015-7193
(bmo#1210302)
CORS preflight is bypassed when non-standard Content-Type
headers are received
* MFSA 2015-128/CVE-2015-7194
(bmo#1211262)
Memory corruption in libjar through zip files
* MFSA 2015-130/CVE-2015-7196
(bmo#1140616)
JavaScript garbage collection crash with Java applet
* MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
(bmo#1204061, bmo#1188010, bmo#1204155)
Vulnerabilities found through code inspection
* MFSA 2015-132/CVE-2015-7197
(bmo#1204269)
Mixed content WebSocket policy bypass through workers
* MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183
(bmo#1202868, bmo#1192028, bmo#1205157)
NSS and NSPR memory corruption issues
- fix printing on landscape media (bsc#908275)
ImportantSUSE bug 908275SUSE bug 952810CVE-2015-4513 at SUSECVE-2015-4513 at NVDCVE-2015-7181 at SUSECVE-2015-7181 at NVDCVE-2015-7182 at SUSECVE-2015-7182 at NVDCVE-2015-7183 at SUSECVE-2015-7183 at NVDCVE-2015-7188 at SUSECVE-2015-7188 at NVDCVE-2015-7189 at SUSECVE-2015-7189 at NVDCVE-2015-7193 at SUSECVE-2015-7193 at NVDCVE-2015-7194 at SUSECVE-2015-7194 at NVDCVE-2015-7196 at SUSECVE-2015-7196 at NVDCVE-2015-7197 at SUSECVE-2015-7197 at NVDCVE-2015-7198 at SUSECVE-2015-7198 at NVDCVE-2015-7199 at SUSECVE-2015-7199 at NVDCVE-2015-7200 at SUSECVE-2015-7200 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues:
Mozilla Firefox was updated to 38.7.0 ESR (bsc#969894), fixing
following security issues:
* MFSA 2016-16/CVE-2016-1952/CVE-2016-1953
Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)
* MFSA 2016-17/CVE-2016-1954
Local file overwriting and potential privilege escalation
through CSP reports
* MFSA 2016-20/CVE-2016-1957
Memory leak in libstagefright when deleting an array during
MP4 processing
* MFSA 2016-21/CVE-2016-1958
Displayed page address can be overridden
* MFSA 2016-23/CVE-2016-1960
Use-after-free in HTML5 string parser
* MFSA 2016-24/CVE-2016-1961
Use-after-free in SetBody
* MFSA 2016-25/CVE-2016-1962
Use-after-free when using multiple WebRTC data channels
* MFSA 2016-27/CVE-2016-1964
Use-after-free during XML transformations
* MFSA 2016-28/CVE-2016-1965
Addressbar spoofing though history navigation and Location
protocol property
* MFSA 2016-31/CVE-2016-1966
Memory corruption with malicious NPAPI plugin
* MFSA 2016-34/CVE-2016-1974
Out-of-bounds read in HTML parser following a failed
allocation
* MFSA 2016-35/CVE-2016-1950
Buffer overflow during ASN.1 decoding in NSS
* MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/
CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/
CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/
CVE-2016-2800/CVE-2016-2801/CVE-2016-2802
Font vulnerabilities in the Graphite 2 library
Mozilla NSPR was updated to version 4.12 (bsc#969894), fixing following bugs:
* added a PR_GetEnvSecure function, which attempts to detect if
the program is being executed with elevated privileges, and
returns NULL if detected. It is recommended to use this function
in general purpose library code.
* fixed a memory allocation bug related to the PR_*printf functions
* exported API PR_DuplicateEnvironment, which had already been
added in NSPR 4.10.9
* added support for FreeBSD aarch64
* several minor correctness and compatibility fixes
Mozilla NSS was updated to fix security issues (bsc#969894):
* MFSA 2016-15/CVE-2016-1978
Use-after-free in NSS during SSL connections in low memory
* MFSA 2016-35/CVE-2016-1950
Buffer overflow during ASN.1 decoding in NSS
* MFSA 2016-36/CVE-2016-1979
Use-after-free during processing of DER encoded keys in NSS
ImportantSUSE bug 969894CVE-2016-1950 at SUSECVE-2016-1950 at NVDCVE-2016-1952 at SUSECVE-2016-1952 at NVDCVE-2016-1953 at SUSECVE-2016-1953 at NVDCVE-2016-1954 at SUSECVE-2016-1954 at NVDCVE-2016-1957 at SUSECVE-2016-1957 at NVDCVE-2016-1958 at SUSECVE-2016-1958 at NVDCVE-2016-1960 at SUSECVE-2016-1960 at NVDCVE-2016-1961 at SUSECVE-2016-1961 at NVDCVE-2016-1962 at SUSECVE-2016-1962 at NVDCVE-2016-1964 at SUSECVE-2016-1964 at NVDCVE-2016-1965 at SUSECVE-2016-1965 at NVDCVE-2016-1966 at SUSECVE-2016-1966 at NVDCVE-2016-1974 at SUSECVE-2016-1974 at NVDCVE-2016-1977 at SUSECVE-2016-1977 at NVDCVE-2016-1978 at SUSECVE-2016-1978 at NVDCVE-2016-1979 at SUSECVE-2016-1979 at NVDCVE-2016-2790 at SUSECVE-2016-2790 at NVDCVE-2016-2791 at SUSECVE-2016-2791 at NVDCVE-2016-2792 at SUSECVE-2016-2792 at NVDCVE-2016-2793 at SUSECVE-2016-2793 at NVDCVE-2016-2794 at SUSECVE-2016-2794 at NVDCVE-2016-2795 at SUSECVE-2016-2795 at NVDCVE-2016-2796 at SUSECVE-2016-2796 at NVDCVE-2016-2797 at SUSECVE-2016-2797 at NVDCVE-2016-2798 at SUSECVE-2016-2798 at NVDCVE-2016-2799 at SUSECVE-2016-2799 at NVDCVE-2016-2800 at SUSECVE-2016-2800 at NVDCVE-2016-2801 at SUSECVE-2016-2801 at NVDCVE-2016-2802 at SUSECVE-2016-2802 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox and mozilla-nss fixes the following issues:
Mozilla Firefox was updated to ESR 52.4 (bsc#1060445)
* MFSA 2017-22/CVE-2017-7825: OS X fonts render some Tibetan and Arabic unicode characters as spaces
* MFSA 2017-22/CVE-2017-7805: Use-after-free in TLS 1.2 generating handshake hashes
* MFSA 2017-22/CVE-2017-7819: Use-after-free while resizing images in design mode
* MFSA 2017-22/CVE-2017-7818: Use-after-free during ARIA array manipulation
* MFSA 2017-22/CVE-2017-7793: Use-after-free with Fetch API
* MFSA 2017-22/CVE-2017-7824: Buffer overflow when drawing and validating elements with ANGLE
* MFSA 2017-22/CVE-2017-7810: Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4
* MFSA 2017-22/CVE-2017-7823: CSP sandbox directive did not create a unique origin
* MFSA 2017-22/CVE-2017-7814: Blob and data URLs bypass phishing and malware protection warnings
Mozilla Network Security Services (Mozilla NSS) received a security fix:
* MFSA 2017-22/CVE-2017-7805: Use-after-free in TLS 1.2 generating handshake hashes (bsc#1061005, bsc#1060445)
ImportantSUSE bug 1060445SUSE bug 1061005CVE-2017-7793 at SUSECVE-2017-7793 at NVDCVE-2017-7805 at SUSECVE-2017-7805 at NVDCVE-2017-7810 at SUSECVE-2017-7810 at NVDCVE-2017-7814 at SUSECVE-2017-7814 at NVDCVE-2017-7818 at SUSECVE-2017-7818 at NVDCVE-2017-7819 at SUSECVE-2017-7819 at NVDCVE-2017-7823 at SUSECVE-2017-7823 at NVDCVE-2017-7824 at SUSECVE-2017-7824 at NVDCVE-2017-7825 at SUSECVE-2017-7825 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox, firefox-glib2, firefox-gtk3 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox, firefox-glib2, firefox-gtk3 fixes the following issues:
Mozilla Firefox was updated to the 60.9.0esr release:
Security Advisory MFSA 2019-27:
* Use-after-free while manipulating video
CVE-2019-11746 (bmo#1564449, bsc#1149297)
* XSS by breaking out of title and textarea elements using innerHTML
CVE-2019-11744 (bmo#1562033, bsc#1149297)
* Same-origin policy violation with SVG filters and canvas to steal
cross-origin images
CVE-2019-11742 (bmo#1559715, bsc#1149303)
* Privilege escalation with Mozilla Maintenance Service in custom
Firefox installation location
CVE-2019-11753 (bmo#1574980, bsc#1149295)
* Use-after-free while extracting a key value in IndexedDB
CVE-2019-11752 (bmo#1501152, bsc#1149296)
* Sandbox escape through Firefox Sync
CVE-2019-9812 (bmo#1538008, bmo#1538015, bsc#1149294)
* Cross-origin access to unload event attributes
CVE-2019-11743 (bmo#1560495, bsc#1149298)
Navigation-Timing Level 2 specification
* Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9
CVE-2019-11740 (bmo#1563133, bmo#1573160, bsc#1149299)
- Rebuild glib2 schemas on SLE-11 (bsc#1145550)
Changes in firefox-glib2:
- Fix the rpm macros %glib2_gsettings_schema_* which were replaced with
%nil in Factory because they're no longer needed, but we still need
them in SLE11 (bsc#1145550)
Changes in firefox-gtk3:
- Rebuild so %glib2_gsettings_schema_post gets called with fixed
rpm macros %glib2_gsettings_schema_* in firefox-glib2 package
which were replaced with %nil in Factory because they're no
longer needed, but we still need them in SLE11 (bsc#1145550)
ImportantSUSE bug 1145550SUSE bug 1149294SUSE bug 1149295SUSE bug 1149296SUSE bug 1149297SUSE bug 1149298SUSE bug 1149299SUSE bug 1149303CVE-2019-11740 at SUSECVE-2019-11740 at NVDCVE-2019-11742 at SUSECVE-2019-11742 at NVDCVE-2019-11743 at SUSECVE-2019-11743 at NVDCVE-2019-11744 at SUSECVE-2019-11744 at NVDCVE-2019-11746 at SUSECVE-2019-11746 at NVDCVE-2019-11752 at SUSECVE-2019-11752 at NVDCVE-2019-11753 at SUSECVE-2019-11753 at NVDCVE-2019-9812 at SUSECVE-2019-9812 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Mozilla Firefox (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update contains the Mozilla Firefox ESR 68.2 release.
Mozilla Firefox was updated to ESR 68.2 release:
* Enterprise: New administrative policies were added. More
information and templates are available at the Policy
Templates page.
* Various security fixes:
MFSA 2019-33 (bsc#1154738)
* CVE-2019-15903: Heap overflow in expat library in XML_GetCurrentLineNumber
* CVE-2019-11757: Use-after-free when creating index updates in IndexedDB
* CVE-2019-11758: Potentially exploitable crash due to 360 Total Security
* CVE-2019-11759: Stack buffer overflow in HKDF output
* CVE-2019-11760: Stack buffer overflow in WebRTC networking
* CVE-2019-11761: Unintended access to a privileged JSONView object
* CVE-2019-11762: document.domain-based origin isolation has same-origin- property violation
* CVE-2019-11763: Incorrect HTML parsing results in XSS bypass technique
* CVE-2019-11764: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2
Other Issues resolved:
* [bsc#1104841] Newer versions of firefox have a dependency on
GLIBCXX_3.4.20
* [bsc#1074235] MozillaFirefox: background tab crash reports sent
inadvertently without user opt-in
* [bsc#1043008] Firefox hangs randomly when browsing and
scrolling
* [bsc#1025108] Firefox stops loading page until mouse is moved
* [bsc#905528] Firefox malfunctions due to broken omni.ja
archives
ImportantSUSE bug 1000036SUSE bug 1001652SUSE bug 1025108SUSE bug 1029377SUSE bug 1029902SUSE bug 1040164SUSE bug 104105SUSE bug 1042670SUSE bug 1043008SUSE bug 1044946SUSE bug 1047925SUSE bug 1047936SUSE bug 1048299SUSE bug 1049186SUSE bug 1050653SUSE bug 1056058SUSE bug 1058013SUSE bug 1066242SUSE bug 1066953SUSE bug 1070738SUSE bug 1070853SUSE bug 1072320SUSE bug 1072322SUSE bug 1073796SUSE bug 1073798SUSE bug 1073799SUSE bug 1073803SUSE bug 1073808SUSE bug 1073818SUSE bug 1073823SUSE bug 1073829SUSE bug 1073830SUSE bug 1073832SUSE bug 1073846SUSE bug 1074235SUSE bug 1077230SUSE bug 1079761SUSE bug 1081750SUSE bug 1082318SUSE bug 1087453SUSE bug 1087459SUSE bug 1087463SUSE bug 1088573SUSE bug 1091764SUSE bug 1094814SUSE bug 1097158SUSE bug 1097375SUSE bug 1097401SUSE bug 1097404SUSE bug 1097748SUSE bug 1104841SUSE bug 1105019SUSE bug 1107030SUSE bug 1109465SUSE bug 1117473SUSE bug 1117626SUSE bug 1117627SUSE bug 1117629SUSE bug 1117630SUSE bug 1120644SUSE bug 1122191SUSE bug 1123482SUSE bug 1124525SUSE bug 1127532SUSE bug 1129346SUSE bug 1130694SUSE bug 1130840SUSE bug 1133452SUSE bug 1133810SUSE bug 1134209SUSE bug 1138459SUSE bug 1140290SUSE bug 1140868SUSE bug 1141853SUSE bug 1144919SUSE bug 1145665SUSE bug 1146090SUSE bug 1146091SUSE bug 1146093SUSE bug 1146094SUSE bug 1146095SUSE bug 1146097SUSE bug 1146099SUSE bug 1146100SUSE bug 1149323SUSE bug 1153423SUSE bug 1154738SUSE bug 1447070SUSE bug 1447409SUSE bug 744625SUSE bug 744629SUSE bug 845955SUSE bug 865853SUSE bug 905528SUSE bug 917607SUSE bug 935856SUSE bug 937414SUSE bug 947747SUSE bug 948045SUSE bug 948602SUSE bug 955142SUSE bug 957814SUSE bug 957815SUSE bug 961254SUSE bug 962297SUSE bug 966076SUSE bug 966077SUSE bug 985201SUSE bug 986541SUSE bug 991344SUSE bug 998743CVE-2013-2882 at SUSECVE-2013-2882 at NVDCVE-2013-6639 at SUSECVE-2013-6639 at NVDCVE-2013-6640 at SUSECVE-2013-6640 at NVDCVE-2013-6668 at SUSECVE-2013-6668 at NVDCVE-2014-0224 at SUSECVE-2014-0224 at NVDCVE-2015-3193 at SUSECVE-2015-3193 at NVDCVE-2015-3194 at SUSECVE-2015-3194 at NVDCVE-2015-5380 at SUSECVE-2015-5380 at NVDCVE-2015-7384 at SUSECVE-2015-7384 at NVDCVE-2016-2086 at SUSECVE-2016-2086 at NVDCVE-2016-2178 at SUSECVE-2016-2178 at NVDCVE-2016-2183 at SUSECVE-2016-2183 at NVDCVE-2016-2216 at SUSECVE-2016-2216 at NVDCVE-2016-5172 at SUSECVE-2016-5172 at NVDCVE-2016-5325 at SUSECVE-2016-5325 at NVDCVE-2016-6304 at SUSECVE-2016-6304 at NVDCVE-2016-6306 at SUSECVE-2016-6306 at NVDCVE-2016-7052 at SUSECVE-2016-7052 at NVDCVE-2016-7099 at SUSECVE-2016-7099 at NVDCVE-2017-1000381 at SUSECVE-2017-1000381 at NVDCVE-2017-10686 at SUSECVE-2017-10686 at NVDCVE-2017-11111 at SUSECVE-2017-11111 at NVDCVE-2017-11499 at SUSECVE-2017-11499 at NVDCVE-2017-14228 at SUSECVE-2017-14228 at NVDCVE-2017-14849 at SUSECVE-2017-14849 at NVDCVE-2017-14919 at SUSECVE-2017-14919 at NVDCVE-2017-15896 at SUSECVE-2017-15896 at NVDCVE-2017-15897 at SUSECVE-2017-15897 at NVDCVE-2017-17810 at SUSECVE-2017-17810 at NVDCVE-2017-17811 at SUSECVE-2017-17811 at NVDCVE-2017-17812 at SUSECVE-2017-17812 at NVDCVE-2017-17813 at SUSECVE-2017-17813 at NVDCVE-2017-17814 at SUSECVE-2017-17814 at NVDCVE-2017-17815 at SUSECVE-2017-17815 at NVDCVE-2017-17816 at SUSECVE-2017-17816 at NVDCVE-2017-17817 at SUSECVE-2017-17817 at NVDCVE-2017-17818 at SUSECVE-2017-17818 at NVDCVE-2017-17819 at SUSECVE-2017-17819 at NVDCVE-2017-17820 at SUSECVE-2017-17820 at NVDCVE-2017-18207 at SUSECVE-2017-18207 at NVDCVE-2017-3735 at SUSECVE-2017-3735 at NVDCVE-2017-3736 at SUSECVE-2017-3736 at NVDCVE-2017-3738 at SUSECVE-2017-3738 at NVDCVE-2018-0732 at SUSECVE-2018-0732 at NVDCVE-2018-1000168 at SUSECVE-2018-1000168 at NVDCVE-2018-12115 at SUSECVE-2018-12115 at NVDCVE-2018-12116 at SUSECVE-2018-12116 at NVDCVE-2018-12121 at SUSECVE-2018-12121 at NVDCVE-2018-12122 at SUSECVE-2018-12122 at NVDCVE-2018-12123 at SUSECVE-2018-12123 at NVDCVE-2018-20406 at SUSECVE-2018-20406 at NVDCVE-2018-20852 at SUSECVE-2018-20852 at NVDCVE-2018-7158 at SUSECVE-2018-7158 at NVDCVE-2018-7159 at SUSECVE-2018-7159 at NVDCVE-2018-7160 at SUSECVE-2018-7160 at NVDCVE-2018-7161 at SUSECVE-2018-7161 at NVDCVE-2018-7167 at SUSECVE-2018-7167 at NVDCVE-2019-10160 at SUSECVE-2019-10160 at NVDCVE-2019-11709 at SUSECVE-2019-11709 at NVDCVE-2019-11710 at SUSECVE-2019-11710 at NVDCVE-2019-11711 at SUSECVE-2019-11711 at NVDCVE-2019-11712 at SUSECVE-2019-11712 at NVDCVE-2019-11713 at SUSECVE-2019-11713 at NVDCVE-2019-11714 at SUSECVE-2019-11714 at NVDCVE-2019-11715 at SUSECVE-2019-11715 at NVDCVE-2019-11716 at SUSECVE-2019-11716 at NVDCVE-2019-11717 at SUSECVE-2019-11717 at NVDCVE-2019-11718 at SUSECVE-2019-11718 at NVDCVE-2019-11719 at SUSECVE-2019-11719 at NVDCVE-2019-11720 at SUSECVE-2019-11720 at NVDCVE-2019-11721 at SUSECVE-2019-11721 at NVDCVE-2019-11723 at SUSECVE-2019-11723 at NVDCVE-2019-11724 at SUSECVE-2019-11724 at NVDCVE-2019-11725 at SUSECVE-2019-11725 at NVDCVE-2019-11727 at SUSECVE-2019-11727 at NVDCVE-2019-11728 at SUSECVE-2019-11728 at NVDCVE-2019-11729 at SUSECVE-2019-11729 at NVDCVE-2019-11730 at SUSECVE-2019-11730 at NVDCVE-2019-11733 at SUSECVE-2019-11733 at NVDCVE-2019-11735 at SUSECVE-2019-11735 at NVDCVE-2019-11736 at SUSECVE-2019-11736 at NVDCVE-2019-11738 at SUSECVE-2019-11738 at NVDCVE-2019-11740 at SUSECVE-2019-11740 at NVDCVE-2019-11742 at SUSECVE-2019-11742 at NVDCVE-2019-11743 at SUSECVE-2019-11743 at NVDCVE-2019-11744 at SUSECVE-2019-11744 at NVDCVE-2019-11746 at SUSECVE-2019-11746 at NVDCVE-2019-11747 at SUSECVE-2019-11747 at NVDCVE-2019-11748 at SUSECVE-2019-11748 at NVDCVE-2019-11749 at SUSECVE-2019-11749 at NVDCVE-2019-11750 at SUSECVE-2019-11750 at NVDCVE-2019-11751 at SUSECVE-2019-11751 at NVDCVE-2019-11752 at SUSECVE-2019-11752 at NVDCVE-2019-11753 at SUSECVE-2019-11753 at NVDCVE-2019-11757 at SUSECVE-2019-11757 at NVDCVE-2019-11758 at SUSECVE-2019-11758 at NVDCVE-2019-11759 at SUSECVE-2019-11759 at NVDCVE-2019-11760 at SUSECVE-2019-11760 at NVDCVE-2019-11761 at SUSECVE-2019-11761 at NVDCVE-2019-11762 at SUSECVE-2019-11762 at NVDCVE-2019-11763 at SUSECVE-2019-11763 at NVDCVE-2019-11764 at SUSECVE-2019-11764 at NVDCVE-2019-13173 at SUSECVE-2019-13173 at NVDCVE-2019-15903 at SUSECVE-2019-15903 at NVDCVE-2019-5010 at SUSECVE-2019-5010 at NVDCVE-2019-5737 at SUSECVE-2019-5737 at NVDCVE-2019-9511 at SUSECVE-2019-9511 at NVDCVE-2019-9512 at SUSECVE-2019-9512 at NVDCVE-2019-9513 at SUSECVE-2019-9513 at NVDCVE-2019-9514 at SUSECVE-2019-9514 at NVDCVE-2019-9515 at SUSECVE-2019-9515 at NVDCVE-2019-9516 at SUSECVE-2019-9516 at NVDCVE-2019-9517 at SUSECVE-2019-9517 at NVDCVE-2019-9518 at SUSECVE-2019-9518 at NVDCVE-2019-9636 at SUSECVE-2019-9636 at NVDCVE-2019-9811 at SUSECVE-2019-9811 at NVDCVE-2019-9812 at SUSECVE-2019-9812 at NVDCVE-2019-9947 at SUSECVE-2019-9947 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox, mozilla-nss, mozilla-nspr (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update contains Mozilla Firefox 60.7ESR.
It brings lots of security fixes and other improvements.
It also includes new additional helper libraries to allow Firefox to run on SUSE Linux Enterprise 11.
ModerateSUSE bug 1137338cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This version update of Mozilla Firefox to 31.2.0ESR brings improvements,
stability fixes and also security fixes for the following CVEs:
CVE-2014-1574, CVE-2014-1575, CVE-2014-1576 ,CVE-2014-1577, CVE-2014-1578,
CVE-2014-1581, CVE-2014-1583, CVE-2014-1585, CVE-2014-1586
It also disables SSLv3 by default to mitigate the protocol downgrade attack
known as POODLE.
Security Issues:
* CVE-2014-1574
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1574>
* CVE-2014-1575
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1575>
* CVE-2014-1576
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1576>
* CVE-2014-1577
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1577>
* CVE-2014-1578
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1578>
* CVE-2014-1581
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1581>
* CVE-2014-1583
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1583>
* CVE-2014-1585
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1585>
* CVE-2014-1586
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1586>
SUSE bug 900941SUSE bug 905056SUSE bug 905528CVE-2014-1574 at SUSECVE-2014-1574 at NVDCVE-2014-1575 at SUSECVE-2014-1575 at NVDCVE-2014-1576 at SUSECVE-2014-1576 at NVDCVE-2014-1577 at SUSECVE-2014-1577 at NVDCVE-2014-1578 at SUSECVE-2014-1578 at NVDCVE-2014-1581 at SUSECVE-2014-1581 at NVDCVE-2014-1583 at SUSECVE-2014-1583 at NVDCVE-2014-1585 at SUSECVE-2014-1585 at NVDCVE-2014-1586 at SUSECVE-2014-1586 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for flacSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
flac was updated to fix two security issues:
* Stack overflow may result in arbitrary code execution
(CVE-2014-8962).
* Heap overflow via specially crafted .flac files (CVE-2014-9028).
Security Issues:
* CVE-2014-8962
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8962>
* CVE-2014-9028
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9028>
SUSE bug 906831SUSE bug 907016CVE-2014-8962 at SUSECVE-2014-8962 at NVDCVE-2014-9028 at SUSECVE-2014-9028 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for flac (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for flac fixes the following issues:
- CVE-2021-0561: Fixed out of bound write in append_to_verify_fifo_interleaved_ (bsc#1196660).
ModerateSUSE bug 1196660CVE-2021-0561 at SUSECVE-2021-0561 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for foomatic-filtersSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The foomatic print filters of the hplip package contained a remote code
execution vulnerability. Remote users, if allowed to access a print server
such as CUPS, could execute arbitrary commands as lp system user.
CVE-2011-2697: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P): Input
Validation (CWE-20)
Security Issue references:
* CVE-2011-2697
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2697>
* CVE-2011-2964
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2964>
SUSE bug 698451CVE-2011-2697 at SUSECVE-2011-2697 at NVDCVE-2011-2964 at SUSECVE-2011-2964 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for foomatic-filters (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes the following security issues:
CVE-2015-8327: adds backtick and semicolon to the list of illegal shell escape characters (bsc#957531).
CVE-2015-8560: fixed code execution via improper escaping of ; (bsc#957531).
ModerateSUSE bug 957531CVE-2015-8327 at SUSECVE-2015-8327 at NVDCVE-2015-8560 at SUSECVE-2015-8560 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for freeradiusSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes a denial of service (crash) security issue in the rlm_pap
hash processing in FreeRadius, which could have been caused by special
passwords fed into the RLM-PAP password checking method via LDAP by remote
attackers.
Security Issue reference:
* CVE-2014-2015
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2015>
SUSE bug 677335SUSE bug 691783SUSE bug 720144SUSE bug 752873SUSE bug 791666SUSE bug 797313SUSE bug 797515SUSE bug 864576CVE-2011-4966 at SUSECVE-2011-4966 at NVDCVE-2014-2015 at SUSECVE-2014-2015 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for freeradius-server (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for freeradius-server fixes the following issues:
- CVE-2017-9148: Disable OpenSSL's internal session cache to mitigate
authentication bypass. (bnc#1041445)
- CVE-2015-4680: Add a configuration option to allow checking of all
intermediate certificates for revocations. (bnc#935573)
The following non security issue was fixed:
- Cannot create table radpostauth because of deprecated TIMESTAMP(14) syntax. (bsc#912873)
ModerateSUSE bug 1041445SUSE bug 912873SUSE bug 935573CVE-2015-4680 at SUSECVE-2015-4680 at NVDCVE-2017-9148 at SUSECVE-2017-9148 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for freeradius-server (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for freeradius-server fixes the following issues:
Security issues fixed:
- CVE-2017-10981: DHCP - Fix memory leak in fr_dhcp_decode(). (bnc#1049086)
- CVE-2017-10982: Fix buffer over-read in fr_dhcp_decode_options(). (bsc#1049086)
- CVE-2017-10983: Fix read overflow when decoding option 63. (bnc#1049086)
- CVE-2017-10978: Fix read / write overflow in make_secret(). (bnc#1049086)
- CVE-2017-10979: Fix write overflow in rad_coalesce(). (bsc#1049086)
ModerateSUSE bug 1049086CVE-2017-10978 at SUSECVE-2017-10978 at NVDCVE-2017-10979 at SUSECVE-2017-10979 at NVDCVE-2017-10981 at SUSECVE-2017-10981 at NVDCVE-2017-10982 at SUSECVE-2017-10982 at NVDCVE-2017-10983 at SUSECVE-2017-10983 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for freeradius-server (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for freeradius-server fixes the following issues:
- Moved logrotate options into specific parts for each config as 'global' options
will persist past and clobber global options in the main logrotate config (bsc#1180525)
ModerateSUSE bug 1180525cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for freetype2SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes:
* OOB access in bdf_free_font() and _bdf_parse_glyphs() (CVE-2012-5668
and CVE-2012-5669)
As well as these non-security bugs:
* [bdf] Savannah bug #37905.
o src/bdf/bdflib.c (_bdf_parse_start): Reset `props_size' to zero
in case of allocation error; this value gets used in a loop in
* [bdf] Fix Savannah bug #37906.
o src/bdf/bdflib.c (_bdf_parse_glyphs): Use correct array size
for checking `glyph_enc'.
Security Issue references:
* CVE-2012-5668
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5668>
* CVE-2012-5669
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5669>
SUSE bug 619562SUSE bug 628213SUSE bug 629447SUSE bug 633938SUSE bug 633943SUSE bug 641580SUSE bug 647375SUSE bug 704612SUSE bug 730124SUSE bug 750937SUSE bug 750938SUSE bug 750939SUSE bug 750940SUSE bug 750941SUSE bug 750942SUSE bug 750943SUSE bug 750944SUSE bug 750945SUSE bug 750946SUSE bug 750947SUSE bug 750948SUSE bug 750949SUSE bug 750950SUSE bug 750951SUSE bug 750952SUSE bug 750953SUSE bug 750954SUSE bug 750955SUSE bug 795826CVE-2010-1797 at SUSECVE-2010-1797 at NVDCVE-2010-2497 at SUSECVE-2010-2497 at NVDCVE-2010-2498 at SUSECVE-2010-2498 at NVDCVE-2010-2499 at SUSECVE-2010-2499 at NVDCVE-2010-2500 at SUSECVE-2010-2500 at NVDCVE-2010-2519 at SUSECVE-2010-2519 at NVDCVE-2010-2520 at SUSECVE-2010-2520 at NVDCVE-2010-2527 at SUSECVE-2010-2527 at NVDCVE-2010-2541 at SUSECVE-2010-2541 at NVDCVE-2010-2805 at SUSECVE-2010-2805 at NVDCVE-2010-2806 at SUSECVE-2010-2806 at NVDCVE-2010-2807 at SUSECVE-2010-2807 at NVDCVE-2010-2808 at SUSECVE-2010-2808 at NVDCVE-2010-3053 at SUSECVE-2010-3053 at NVDCVE-2010-3054 at SUSECVE-2010-3054 at NVDCVE-2010-3311 at SUSECVE-2010-3311 at NVDCVE-2010-3814 at SUSECVE-2010-3814 at NVDCVE-2010-3855 at SUSECVE-2010-3855 at NVDCVE-2011-0226 at SUSECVE-2011-0226 at NVDCVE-2011-3256 at SUSECVE-2011-3256 at NVDCVE-2011-3439 at SUSECVE-2011-3439 at NVDCVE-2012-1126 at SUSECVE-2012-1126 at NVDCVE-2012-1127 at SUSECVE-2012-1127 at NVDCVE-2012-1128 at SUSECVE-2012-1128 at NVDCVE-2012-1129 at SUSECVE-2012-1129 at NVDCVE-2012-1130 at SUSECVE-2012-1130 at NVDCVE-2012-1131 at SUSECVE-2012-1131 at NVDCVE-2012-1132 at SUSECVE-2012-1132 at NVDCVE-2012-1133 at SUSECVE-2012-1133 at NVDCVE-2012-1134 at SUSECVE-2012-1134 at NVDCVE-2012-1135 at SUSECVE-2012-1135 at NVDCVE-2012-1136 at SUSECVE-2012-1136 at NVDCVE-2012-1137 at SUSECVE-2012-1137 at NVDCVE-2012-1138 at SUSECVE-2012-1138 at NVDCVE-2012-1139 at SUSECVE-2012-1139 at NVDCVE-2012-1140 at SUSECVE-2012-1140 at NVDCVE-2012-1141 at SUSECVE-2012-1141 at NVDCVE-2012-1142 at SUSECVE-2012-1142 at NVDCVE-2012-1143 at SUSECVE-2012-1143 at NVDCVE-2012-1144 at SUSECVE-2012-1144 at NVDCVE-2012-5668 at SUSECVE-2012-5668 at NVDCVE-2012-5669 at SUSECVE-2012-5669 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for freetype2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of the freetype2 library fixes two security issues:
- An infinite loop in parse_encoding in t1load.c (CVE-2014-9745, bsc#945849)
- Use of uninitialized memory in ps_parser_load_field, t42_parse_font_matrix and t1_parse_font_matrix (CVE-2014-9747, bsc#947966)
ModerateSUSE bug 945849SUSE bug 947966CVE-2014-9745 at SUSECVE-2014-9745 at NVDCVE-2014-9747 at SUSECVE-2014-9747 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for freetype2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for freetype2 fixes the following issues:
Security issue fixed:
- CVE-2016-10244: The parse_charstrings function in type1/t1load.c did not
ensure that a font contains a glyph name, which allowed remote attackers
to cause a denial of service (heap-based buffer over-read) or possibly
have unspecified other impact via a crafted file (bsc#1028103).
- CVE-2017-8105: Fixed an out-of-bounds write caused by a heap-based
buffer overflow related to the t1_decoder_parse_charstrings function in
psaux/t1decode.ca (bsc#1035807)
- CVE-2017-8287: an out-of-bounds write caused by a heap-based buffer
overflow related to the t1_builder_close_contour function in psaux/psobjs.c
(bsc#1036457)
ModerateSUSE bug 1028103SUSE bug 1035807SUSE bug 1036457CVE-2016-10244 at SUSECVE-2016-10244 at NVDCVE-2017-8105 at SUSECVE-2017-8105 at NVDCVE-2017-8287 at SUSECVE-2017-8287 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for freetype2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for freetype2 fixes the following issues:
Security issue fixed:
- CVE-2016-10328: Fixed heap-based buffer overflow in cff_parser_run function in cff/cffparse.c (bsc#1034191).
ModerateSUSE bug 1034191CVE-2016-10328 at SUSECVE-2016-10328 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for freetype2SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The font rendering library freetype2 has been updated to fix various
security issues.
Security Issues:
* CVE-2014-9656
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9656>
* CVE-2014-9657
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9657>
* CVE-2014-9658
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9658>
* CVE-2014-9660
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9660>
* CVE-2014-9661
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9661>
* CVE-2014-9662
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9662>
* CVE-2014-9667
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9667>
* CVE-2014-9666
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9666>
* CVE-2014-9665
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9665>
* CVE-2014-9664
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9664>
* CVE-2014-9663
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9663>
* CVE-2014-9659
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9659>
* CVE-2014-9668
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9668>
* CVE-2014-9669
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9669>
* CVE-2014-9670
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9670>
* CVE-2014-9671
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9671>
* CVE-2014-9672
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9672>
* CVE-2014-9673
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9673>
* CVE-2014-9674
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9674>
* CVE-2014-9675
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9675>
SUSE bug 916856SUSE bug 916857SUSE bug 916858SUSE bug 916859SUSE bug 916861SUSE bug 916863SUSE bug 916864SUSE bug 916865SUSE bug 916870SUSE bug 916871SUSE bug 916872SUSE bug 916873SUSE bug 916874SUSE bug 916879SUSE bug 916881CVE-2014-9656 at SUSECVE-2014-9656 at NVDCVE-2014-9657 at SUSECVE-2014-9657 at NVDCVE-2014-9658 at SUSECVE-2014-9658 at NVDCVE-2014-9659 at SUSECVE-2014-9659 at NVDCVE-2014-9660 at SUSECVE-2014-9660 at NVDCVE-2014-9661 at SUSECVE-2014-9661 at NVDCVE-2014-9662 at SUSECVE-2014-9662 at NVDCVE-2014-9663 at SUSECVE-2014-9663 at NVDCVE-2014-9664 at SUSECVE-2014-9664 at NVDCVE-2014-9665 at SUSECVE-2014-9665 at NVDCVE-2014-9666 at SUSECVE-2014-9666 at NVDCVE-2014-9667 at SUSECVE-2014-9667 at NVDCVE-2014-9668 at SUSECVE-2014-9668 at NVDCVE-2014-9669 at SUSECVE-2014-9669 at NVDCVE-2014-9670 at SUSECVE-2014-9670 at NVDCVE-2014-9671 at SUSECVE-2014-9671 at NVDCVE-2014-9672 at SUSECVE-2014-9672 at NVDCVE-2014-9673 at SUSECVE-2014-9673 at NVDCVE-2014-9674 at SUSECVE-2014-9674 at NVDCVE-2014-9675 at SUSECVE-2014-9675 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for freetype2SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for freetype2 adjusts the patch that fixed CVE-2014-9671 for
better backwards compatibility.
As the PCF format doesn't have an official specification, we have to
exactly follow X11's pcfWriteFont and pcfReadFont functions' behavior.
SUSE bug 930711CVE-2014-9671 at SUSECVE-2014-9671 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for FUSESUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for FUSE provides the following fix:
libfuse: In fuse_session_loop_mt() don't pause when exiting the worker
threads. The pause() was added in 2.2.1 to prevent a segmentation fault on
pthread_cancel() on an exited, detached thread. Now that worker threads are
no longer detached, pthread_cancel() should work fine even after the thread
exited.
SUSE bug 807672SUSE bug 931452CVE-2015-3202 at SUSECVE-2015-3202 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for fuse (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for fuse fixes the following security issue:
- CVE-2018-10906: fusermount was vulnerable to a restriction bypass when
SELinux is active. This allowed non-root users to mount a FUSE file system with
the 'allow_other' mount option regardless of whether 'user_allow_other' is set
in the fuse configuration. An attacker may use this flaw to mount a FUSE file
system, accessible by other users, and trick them into accessing files on that
file system, possibly causing Denial of Service or other unspecified effects
(bsc#1101797).
ModerateSUSE bug 1101797CVE-2018-10906 at SUSECVE-2018-10906 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gcc43 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gcc43 fixes the following issues:
Security issues fixed:
- CVE-2017-1000376: Don't request excutable stack from libffi. [bnc#1045091]
Support for new security mitigations added:
- Add support for retpolines to mitigate the Spectre Variant 2 attack. [bnc#1074621]
- Add support for zero-sized VLAs and allocas with -fstack-clash-protection. [bnc#1059075]
- Add support for -fstack-clash-protection. [bnc#1039513]
ModerateSUSE bug 1039513SUSE bug 1045091SUSE bug 1059075SUSE bug 1074621CVE-2017-1000376 at SUSECVE-2017-1000376 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gcc43 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gcc43 fixes the following issues:
This update adds support for 'expolines' on s390x, allowing fixing CVE-2017-5715 in a more lightweight fashion. (bsc#1086069)
The option flags are the same as for the x86 retpolines.
A compiler crash when building userland packages with x86 retpolines was fixed. (bsc#1092807)
ModerateSUSE bug 1086069SUSE bug 1092807CVE-2017-5715 at SUSECVE-2017-5715 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gcc48 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gcc48 fixes the following issues:
Security issues fixed:
- A new option -fstack-clash-protection is now offered, which mitigates the stack clash type of attacks. [bnc#1039513]
- CVE-2017-11671: Fixed rdrand/rdseed code generation issue [bsc#1050947]
Bugs fixed:
- Enable LFS support in 32bit libgcov.a. [bsc#1044016]
- Bump libffi version in libffi.pc to 3.0.11.
- Properly diagnose missing -fsanitize=address support on ppc64le. [bsc#1028744]
- Backport patch for PR65612. [bsc#1022062]
- Re-spin to provide missing libasan0-32bit and other multilibs via the updated product description. [bsc#951644]
- Fixed for DR#1288. [bsc#1011348]
- Fix libffi issue for armv7l. [bsc#988274]
- Fixed a kernel miscompile on aarch64. [bnc #981311]
- Fixed a ppc64le internal compiler error. [bnc #976627]
- Fixed issue with using gcov and #pragma pack. [bsc#977654]
- Fixed samba build on AARCH64. [bsc#970009]
- Build without GRAPHITE where cloog-isl is not available.
- Fixed HTM builtins on powerpc. [bsc#955382]
- Fixed build of SLOF. [bsc#949000]
- Fixed C++11 std::random_device short reads, CVE-2015-5276. [bsc#945842]
- Fixed libffi issues on aarch64. [bsc#948168]
- Fixed no_instrument_function attribute handling on PPC64 with -mprofile-kernel. [bsc#947791]
- Enable 32bit code generation for ppc64le but do not build 32bit
target libraries. Fixes ppc64le kernel compile.
- Update to GCC 4.8.5 release.
* Fixes bogus integer overflow in constant expression. [bsc#934689]
* Fixes ICE with atomics on aarch64. [bsc#930176]
- Fixed reload issue on S390.
- Add patch to keep functions leaf when they are instrumented for
profiling on s390[x]. [bsc#899871]
- Avoid accessing invalid memory when passing aggregates by value. [bsc#922534]
- Build s390[x] with --with-tune=z9-109 --with-arch=z900 on SLE11
again. [bsc#927993]
- Update to gcc-4_8-branch head (r221715).
* Includes GCC 4.8.4 release.
* Includes fix for -imacros bug. [bsc#917169]
* Includes fix for incorrect -Warray-bounds warnings. [bsc#919274]
* Includes updated -mhotpatch for s390x. [bsc#924525]
* Includes fix for ppc64le issue with doubleword vector extract.
[bsc#924687]
- Backport rework of the memory allocator for C++ exceptions used in OOM situations. [bsc#889990]
- Remove invalid use of glibc internals in TSAN.
- Update to gcc-4_8-branch head (r218481).
* Includes patches to allow building against ISL 0.14.
- Disable all languages but C, C++, Fortran and Ada. [fate#316860]
ModerateSUSE bug 1011348SUSE bug 1022062SUSE bug 1028744SUSE bug 1039513SUSE bug 1044016SUSE bug 1050947SUSE bug 878067SUSE bug 889990SUSE bug 899871SUSE bug 917169SUSE bug 919274SUSE bug 922534SUSE bug 924525SUSE bug 924687SUSE bug 927993SUSE bug 930176SUSE bug 934689SUSE bug 945842SUSE bug 947772SUSE bug 947791SUSE bug 948168SUSE bug 949000SUSE bug 951644SUSE bug 955382SUSE bug 970009SUSE bug 976627SUSE bug 977654SUSE bug 981311SUSE bug 988274CVE-2014-5044 at SUSECVE-2014-5044 at NVDCVE-2015-5276 at SUSECVE-2015-5276 at NVDCVE-2017-11671 at SUSECVE-2017-11671 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gcc48 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gcc48 fixes the following issues:
- CVE-2019-14250: Fixed an integer overflow that could lead to an invalid memory
access (bsc#1142649).
Non-security fixes:
- Fixed an issue with manual page builds (bsc#1185395).
- Fixed an issue with static initializers (bsc#1177947).
- Fixed an issue with exception handling on s390x (bsc#1161913).
- Fixed a reload bug on aarch64 (bsc#1093797).
- Added a Spectre V2 mitigation for s390x (bsc#1083945).
ImportantSUSE bug 1071995SUSE bug 1082130SUSE bug 1083945SUSE bug 1087932SUSE bug 1093797SUSE bug 1131264SUSE bug 1142649SUSE bug 1161913SUSE bug 1177947SUSE bug 1178675SUSE bug 1185395CVE-2019-14250 at SUSECVE-2019-14250 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gdSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The graphics drawing library gd has been updated to fix one security issue:
* possible buffer read overflow (CVE-2014-9709)
Security Issues:
* CVE-2014-9709
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709>
SUSE bug 923945CVE-2014-9709 at SUSECVE-2014-9709 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gd (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gd fixes the following issues:
- security update:
* CVE-2016-6161: global out of bounds read when encoding gif from malformed input withgd2togif [bsc#988032]
ModerateSUSE bug 988032CVE-2016-6161 at SUSECVE-2016-6161 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gd (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gd fixes the following issues:
- CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf (bsc#1004924)
- CVE-2016-6911: Check for out-of-bound read in dynamicGetbuf() (bsc#1005274)
ModerateSUSE bug 1004924SUSE bug 1005274CVE-2016-6911 at SUSECVE-2016-6911 at NVDCVE-2016-8670 at SUSECVE-2016-8670 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gd (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gd fixes the following issues:
* CVE-2016-9933 possible stackoverflow on malicious truecolor images [bsc#1015187]
ModerateSUSE bug 1015187CVE-2016-9933 at SUSECVE-2016-9933 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gd (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gd fixes the following security issues:
- CVE-2016-9317: The gdImageCreate function in the GD Graphics Library
(aka libgd) allowed remote attackers to cause a denial of service
(system hang) via an oversized image. (bsc#1022283)
- CVE-2016-10167: A denial of service problem in gdImageCreateFromGd2Ctx()
could lead to libgd running out of memory even on small files. (bsc#1022264)
- CVE-2016-10168: A signed integer overflow in the GD Graphics Library (aka libgd) could lead
to memory corruption (bsc#1022265)
ModerateSUSE bug 1022264SUSE bug 1022265SUSE bug 1022283CVE-2016-10167 at SUSECVE-2016-10167 at NVDCVE-2016-10168 at SUSECVE-2016-10168 at NVDCVE-2016-9317 at SUSECVE-2016-9317 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gd (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gd fixes several issues.
This security issue was fixed:
- CVE-2018-5711: Prevent integer signedness error that could have lead to an
infinite loop via a crafted GIF file allowing for DoS (bsc#1076391)
This non-security issue was fixed:
- Fixed gd2togif error message (bsc#1025223)
ModerateSUSE bug 1025223SUSE bug 1076391CVE-2018-5711 at SUSECVE-2018-5711 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gd (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gd fixes the following issues:
Security vulnerability addressed:
- CVE-2017-7890: Fixed a buffer over-read into uninitialized memory (bsc#1050241).
- CVE-2019-6978: Fixed a double free in the GD graphics library (bsc#1123522).
- CVE-2019-11038: Fixed a information disclosure in gdImageCreateFromXbm() (bsc#1140120).
ModerateSUSE bug 1050241SUSE bug 1123522SUSE bug 1140120CVE-2017-7890 at SUSECVE-2017-7890 at NVDCVE-2019-11038 at SUSECVE-2019-11038 at NVDCVE-2019-6978 at SUSECVE-2019-6978 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for GDMSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update to Gnome Display Manager (gdm) resolves a problem in the way
Xauth cookies are handled internally by the application. In some specific
circumstances, this problem could cause the session to be restarted
immediately after the user logged in.
SUSE bug 490621SUSE bug 506917SUSE bug 583060SUSE bug 617428SUSE bug 624608SUSE bug 627893SUSE bug 628607SUSE bug 633655SUSE bug 633861SUSE bug 652905SUSE bug 659463SUSE bug 662458SUSE bug 665078SUSE bug 667577SUSE bug 668214SUSE bug 670121SUSE bug 677611SUSE bug 678632SUSE bug 690872SUSE bug 698485SUSE bug 726489SUSE bug 727346SUSE bug 747434SUSE bug 749965SUSE bug 751325CVE-2010-1172 at SUSECVE-2010-1172 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ghostscript-library (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ghostscript fixes the following issues:
- CVE-2016-8602: Insufficient parameter check in .sethalftone5 (bsc#1004237)
ModerateSUSE bug 1004237CVE-2016-8602 at SUSECVE-2016-8602 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ghostscriptSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes an array index error which could have lead to a
heap-based buffer overflow in ghostscript-library. CVE-2012-4405 has been
assigned to this issue.
Security Issue reference:
* CVE-2012-4405
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4405>
SUSE bug 559122SUSE bug 605043SUSE bug 608071SUSE bug 635004SUSE bug 649207SUSE bug 726092SUSE bug 779700CVE-2009-3743 at SUSECVE-2009-3743 at NVDCVE-2009-4270 at SUSECVE-2009-4270 at NVDCVE-2009-4897 at SUSECVE-2009-4897 at NVDCVE-2010-1628 at SUSECVE-2010-1628 at NVDCVE-2010-1869 at SUSECVE-2010-1869 at NVDCVE-2010-2055 at SUSECVE-2010-2055 at NVDCVE-2010-4054 at SUSECVE-2010-4054 at NVDCVE-2012-4405 at SUSECVE-2012-4405 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ghostscript-library (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ghostscript-library fixes the following issues:
- Multiple security vulnerabilities have been discovered where ghostscript's
'-dsafer' flag did not provide sufficient protection against unintended
access to the file system. Thus, a machine that would process a specially
crafted Postscript file would potentially leak sensitive information to an
attacker. (CVE-2013-5653, CVE-2016-7977, bsc#1001951)
- Insufficient validation of the type of input in .initialize_dsc_parser used
to allow remote code execution. (CVE-2016-7979, bsc#1001951)
- An integer overflow in the gs_heap_alloc_bytes function used to allow remote
attackers to cause a denial of service (crash) via specially crafted
Postscript files. (CVE-2015-3228, boo#939342)
ImportantSUSE bug 1001951SUSE bug 939342CVE-2013-5653 at SUSECVE-2013-5653 at NVDCVE-2015-3228 at SUSECVE-2015-3228 at NVDCVE-2016-7977 at SUSECVE-2016-7977 at NVDCVE-2016-7979 at SUSECVE-2016-7979 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ghostscript-library (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ghostscript fixes the following security vulnerability:
CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were
exploited in the wild. (bsc#1036453)
ImportantSUSE bug 1036453CVE-2017-8291 at SUSECVE-2017-8291 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ghostscript-library (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ghostscript fixes the following security vulnerability:
CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were
exploited in the wild. (bsc#1036453)
This update is a reissue including the SUSE Linux Enterprise 11 SP3 product.
ImportantSUSE bug 1036453CVE-2017-8291 at SUSECVE-2017-8291 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ghostscript-library (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ghostscript-library fixes several issues.
These security issues were fixed:
- CVE-2017-7207: The mem_get_bits_rectangle function allowed remote attackers
to cause a denial of service (NULL pointer dereference) via a crafted
PostScript document (bsc#1030263).
- CVE-2016-9601: Prevent heap-buffer overflow by checking for an integer
overflow in jbig2_image_new function (bsc#1018128).
- CVE-2017-9612: The Ins_IP function in base/ttinterp.c allowed remote
attackers to cause a denial of service (use-after-free and application crash)
or possibly have unspecified other impact via a crafted document (bsc#1050891)
- CVE-2017-9726: The Ins_MDRP function in base/ttinterp.c allowed remote
attackers to cause a denial of service (heap-based buffer over-read and
application crash) or possibly have unspecified other impact via a crafted
document (bsc#1050889)
- CVE-2017-9727: The gx_ttfReader__Read function in base/gxttfb.c allowed
remote attackers to cause a denial of service (heap-based buffer over-read and
application crash) or possibly have unspecified other impact via a crafted
document (bsc#1050888)
- CVE-2017-9739: The Ins_JMPR function in base/ttinterp.c allowed remote
attackers to cause a denial of service (heap-based buffer over-read and
application crash) or possibly have unspecified other impact via a crafted
document (bsc#1050887)
- CVE-2017-11714: psi/ztoken.c mishandled references to the scanner state
structure, which allowed remote attackers to cause a denial of service
(application crash) or possibly have unspecified other impact via a crafted
PostScript document, related to an out-of-bounds read in the
igc_reloc_struct_ptr function in psi/igc.c (bsc#1051184)
- CVE-2017-9835: The gs_alloc_ref_array function allowed remote attackers to
cause a denial of service (heap-based buffer overflow and application crash) or
possibly have unspecified other impact via a crafted PostScript document
(bsc#1050879)
- CVE-2016-10219: The intersect function in base/gxfill.c allowed remote
attackers to cause a denial of service (divide-by-zero error and application
crash) via a crafted file (bsc#1032138)
- CVE-2017-9216: Prevent NULL pointer dereference in the jbig2_huffman_get
function in jbig2_huffman.c which allowed for DoS (bsc#1040643)
ModerateSUSE bug 1018128SUSE bug 1030263SUSE bug 1032138SUSE bug 1032230SUSE bug 1040643SUSE bug 1050879SUSE bug 1050887SUSE bug 1050888SUSE bug 1050889SUSE bug 1050891SUSE bug 1051184CVE-2016-10219 at SUSECVE-2016-10219 at NVDCVE-2016-9601 at SUSECVE-2016-9601 at NVDCVE-2017-11714 at SUSECVE-2017-11714 at NVDCVE-2017-7207 at SUSECVE-2017-7207 at NVDCVE-2017-9216 at SUSECVE-2017-9216 at NVDCVE-2017-9612 at SUSECVE-2017-9612 at NVDCVE-2017-9726 at SUSECVE-2017-9726 at NVDCVE-2017-9727 at SUSECVE-2017-9727 at NVDCVE-2017-9739 at SUSECVE-2017-9739 at NVDCVE-2017-9835 at SUSECVE-2017-9835 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ghostscript-library (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ghostscript-library fixes the following issues:
- CVE-2018-10194: Fixed a stack-based buffer overflow in gdevpdts.c (bsc#1090099)
- Fixed a crash in the fix for CVE-2016-9601.
ModerateSUSE bug 1090099CVE-2016-9601 at SUSECVE-2016-9601 at NVDCVE-2018-10194 at SUSECVE-2018-10194 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ghostscript-library (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ghostscript-library fixes the following issues:
- CVE-2018-16511: A type confusion in 'ztype' could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. (bsc#1107426)
- CVE-2018-16540: Attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact. (bsc#1107420)
- CVE-2018-16541: Attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter. (bsc#1107421)
- CVE-2018-16542: Attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter. (bsc#1107413)
- CVE-2018-16509: Incorrect 'restoration of privilege' checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the 'pipe' instruction. (bsc#1107410
- CVE-2018-16513: Attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact. (bsc#1107412)
- CVE-2018-15910: Attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code. (bsc#1106173)
- CVE-2017-9611: The Ins_MIRP function allowed remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. (bsc#1050893)
ImportantSUSE bug 1050893SUSE bug 1106173SUSE bug 1107410SUSE bug 1107412SUSE bug 1107413SUSE bug 1107420SUSE bug 1107421SUSE bug 1107426CVE-2017-9611 at SUSECVE-2017-9611 at NVDCVE-2018-15910 at SUSECVE-2018-15910 at NVDCVE-2018-16509 at SUSECVE-2018-16509 at NVDCVE-2018-16511 at SUSECVE-2018-16511 at NVDCVE-2018-16513 at SUSECVE-2018-16513 at NVDCVE-2018-16540 at SUSECVE-2018-16540 at NVDCVE-2018-16541 at SUSECVE-2018-16541 at NVDCVE-2018-16542 at SUSECVE-2018-16542 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for ghostscript-library (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ghostscript-library fixes the following issues:
Security issue fixed:
- CVE-2019-3838: Fixed various bugs which allows to reenable and misuse system Postscript operators to read files from within Postscript files and send them with the help of e.g. the %pipe% to the attacker (bsc#1129186).
ImportantSUSE bug 1129186CVE-2019-3838 at SUSECVE-2019-3838 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for giflib (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for giflib fixes the following issues:
- CVE-2015-7555: Heap overflow in giffix (bsc#960319)
ModerateSUSE bug 960319CVE-2015-7555 at SUSECVE-2015-7555 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for giflib (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
giflib was updated to fix one security issue.
This security issue was fixed:
- CVE-2016-3977: Heap buffer overflow in gif2rgb (bsc#974847).
ModerateSUSE bug 974847CVE-2016-3977 at SUSECVE-2016-3977 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for glib2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for glib2 fixes the following issues:
Security issues fixed:
- CVE-2018-16429: Fixed out-of-bounds read vulnerability ing_markup_parse_context_parse() (bsc#1107116).
- Fixing potentially exploitable bugs in UTF-8 validation in Variant and DBUS message parsing (bsc#1111499).
ModerateSUSE bug 1107116SUSE bug 1111499CVE-2018-16429 at SUSECVE-2018-16429 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for glib2 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for glib2 fixes the following issues:
Security issue fixed:
- CVE-2019-12450: Fixed an improper file permission when copy operation
takes place (bsc#1137001).
ImportantSUSE bug 1137001CVE-2019-12450 at SUSECVE-2019-12450 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for glib2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for glib2 fixes the following issues:
- CVE-2021-3800: Fixed a file content leak in pkexec due to charset aliases (bsc#1191489).
- CVE-2018-16428: Fixed a NULL pointer dereference in g_markup_parse_context_end_parse() (bsc#1107121).
ModerateSUSE bug 1107121SUSE bug 1191489CVE-2018-16428 at SUSECVE-2018-16428 at NVDCVE-2021-3800 at SUSECVE-2021-3800 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for glibcSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This glibc update fixes a critical privilege escalation problem and the
following non-security issues:
* bnc#892073: An off-by-one error leading to a heap-based buffer
overflow was found in __gconv_translit_find(). An exploit that
targets the problem is publicly available. (CVE-2014-5119)
* bnc#886416: Avoid redundant shift character in iconv output at block
boundary.
* bnc#864081: Take lock in pthread_cond_wait cleanup handler only when
needed.
* bnc#843735: Don't crash on unresolved weak symbol reference.
* bnc#836746: Avoid race between {,__de}allocate_stack and
__reclaim_stacks during fork.
* bnc#750741: Use absolute timeout in x86 pthread_cond_timedwait.
Security Issues:
* CVE-2014-5119
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119>
SUSE bug 569091SUSE bug 572188SUSE bug 585879SUSE bug 592941SUSE bug 594263SUSE bug 607064SUSE bug 625591SUSE bug 625835SUSE bug 645140SUSE bug 645303SUSE bug 646960SUSE bug 647965SUSE bug 649634SUSE bug 659090SUSE bug 664541SUSE bug 666179SUSE bug 673111SUSE bug 676178SUSE bug 677787SUSE bug 678031SUSE bug 678195SUSE bug 680833SUSE bug 685405SUSE bug 687510SUSE bug 691365SUSE bug 700876SUSE bug 735850SUSE bug 741345SUSE bug 743689SUSE bug 746824SUSE bug 747768SUSE bug 747932SUSE bug 748032SUSE bug 750741SUSE bug 767266SUSE bug 770891SUSE bug 775690SUSE bug 779320SUSE bug 796982SUSE bug 801246SUSE bug 813121SUSE bug 828637SUSE bug 830268SUSE bug 834594SUSE bug 836746SUSE bug 839870SUSE bug 843735SUSE bug 844309SUSE bug 864081SUSE bug 882600SUSE bug 883022SUSE bug 886416SUSE bug 887022SUSE bug 888860SUSE bug 892073SUSE bug 894553SUSE bug 894556SUSE bug 906371SUSE bug 909053SUSE bug 910599SUSE bug 913646SUSE bug 915526SUSE bug 916222SUSE bug 918233CVE-2009-5029 at SUSECVE-2009-5029 at NVDCVE-2010-0015 at SUSECVE-2010-0015 at NVDCVE-2010-0296 at SUSECVE-2010-0296 at NVDCVE-2010-0830 at SUSECVE-2010-0830 at NVDCVE-2010-3847 at SUSECVE-2010-3847 at NVDCVE-2010-3856 at SUSECVE-2010-3856 at NVDCVE-2010-4756 at SUSECVE-2010-4756 at NVDCVE-2011-0536 at SUSECVE-2011-0536 at NVDCVE-2011-1071 at SUSECVE-2011-1071 at NVDCVE-2011-1089 at SUSECVE-2011-1089 at NVDCVE-2011-1095 at SUSECVE-2011-1095 at NVDCVE-2011-2483 at SUSECVE-2011-2483 at NVDCVE-2012-0864 at SUSECVE-2012-0864 at NVDCVE-2012-3405 at SUSECVE-2012-3405 at NVDCVE-2012-3406 at SUSECVE-2012-3406 at NVDCVE-2012-3480 at SUSECVE-2012-3480 at NVDCVE-2012-4412 at SUSECVE-2012-4412 at NVDCVE-2012-6656 at SUSECVE-2012-6656 at NVDCVE-2013-0242 at SUSECVE-2013-0242 at NVDCVE-2013-1914 at SUSECVE-2013-1914 at NVDCVE-2013-4237 at SUSECVE-2013-4237 at NVDCVE-2013-4332 at SUSECVE-2013-4332 at NVDCVE-2013-4357 at SUSECVE-2013-4357 at NVDCVE-2013-4788 at SUSECVE-2013-4788 at NVDCVE-2013-7423 at SUSECVE-2013-7423 at NVDCVE-2014-4043 at SUSECVE-2014-4043 at NVDCVE-2014-5119 at SUSECVE-2014-5119 at NVDCVE-2014-6040 at SUSECVE-2014-6040 at NVDCVE-2014-7817 at SUSECVE-2014-7817 at NVDCVE-2014-9402 at SUSECVE-2014-9402 at NVDCVE-2015-0235 at SUSECVE-2015-0235 at NVDCVE-2015-1472 at SUSECVE-2015-1472 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for glibc fixes the following issues:
- CVE-2015-7547: A stack-based buffer overflow in getaddrinfo allowed remote attackers to cause a crash or execute arbitrary code via crafted and timed DNS responses (bsc#961721)
- CVE-2015-8777: Insufficient checking of LD_POINTER_GUARD environment variable allowed local attackers to bypass the pointer guarding protection of the dynamic loader on set-user-ID and set-group-ID programs (bsc#950944)
- CVE-2015-8776: Out-of-range time values passed to the strftime function may cause it to crash, leading to a denial of service, or potentially disclosure information (bsc#962736)
- CVE-2015-8778: Integer overflow in hcreate and hcreate_r could have caused an out-of-bound memory access. leading to application crashes or, potentially, arbitrary code execution (bsc#962737)
- CVE-2014-9761: A stack overflow (unbounded alloca) could have caused applications which process long strings with the nan function to crash or, potentially, execute arbitrary code. (bsc#962738)
- CVE-2015-8779: A stack overflow (unbounded alloca) in the catopen function could have caused applications which pass long strings to the catopen function to crash or, potentially execute arbitrary code. (bsc#962739)
- CVE-2013-2207: pt_chown tricked into granting access to another users pseudo-terminal (bsc#830257)
- CVE-2013-4458: Stack (frame) overflow in getaddrinfo() when called with AF_INET6 (bsc#847227)
- CVE-2014-8121: denial of service issue in the NSS backends (bsc#918187)
- bsc#920338: Read past end of pattern in fnmatch
- CVE-2015-1781: buffer overflow in nss_dns (bsc#927080)
The following non-security bugs were fixed:
- bnc#892065: SIGSEV tst-setlocale3 in glibc-2.11.3-17.68.1
- bnc#863499: Memory leak in getaddrinfo when many RRs are returned
- bsc#892065: Avoid unbound alloca in setenv
- bsc#945779: Properly reread entry after failure in nss_files getent function
ImportantSUSE bug 830257SUSE bug 847227SUSE bug 863499SUSE bug 892065SUSE bug 918187SUSE bug 920338SUSE bug 927080SUSE bug 945779SUSE bug 950944SUSE bug 961721SUSE bug 962736SUSE bug 962737SUSE bug 962738SUSE bug 962739CVE-2013-2207 at SUSECVE-2013-2207 at NVDCVE-2013-4458 at SUSECVE-2013-4458 at NVDCVE-2014-8121 at SUSECVE-2014-8121 at NVDCVE-2014-9761 at SUSECVE-2014-9761 at NVDCVE-2015-1781 at SUSECVE-2015-1781 at NVDCVE-2015-7547 at SUSECVE-2015-7547 at NVDCVE-2015-8776 at SUSECVE-2015-8776 at NVDCVE-2015-8777 at SUSECVE-2015-8777 at NVDCVE-2015-8778 at SUSECVE-2015-8778 at NVDCVE-2015-8779 at SUSECVE-2015-8779 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for glibc (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for glibc fixes the following issues:
Security issues fixed:
- CVE-2016-1234: Fixed a buffer overflow with glob() with GLOB_ALTDIRFUNC and crafted directory (bsc#969727).
- CVE-2016-3075: Fixed a stack overflow in _nss_dns_getnetbyname_r (bsc#973164)
- CVE-2016-3706: Fixed a getaddrinfo stack overflow in hostent conversion (bsc#980483)
- CVE-2016-4429: Avoid a stack overflow due to alloca usage in clntudp_call (bsc#980854)
Also fixed some bugs:
- Don't touch user-controlled stdio locks in forked child (bsc#864081)
- Fix memory leak in _nss_dns_gethostbyname4_r (bsc#973010)
ModerateSUSE bug 864081SUSE bug 969727SUSE bug 973010SUSE bug 973164SUSE bug 980483SUSE bug 980854CVE-2016-1234 at SUSECVE-2016-1234 at NVDCVE-2016-3075 at SUSECVE-2016-3075 at NVDCVE-2016-3706 at SUSECVE-2016-3706 at NVDCVE-2016-4429 at SUSECVE-2016-4429 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for glibc fixes the following issues:
- CVE-2017-1000366: Fix a potential privilege escalation vulnerability that
allowed unprivileged system users to manipulate the stack of setuid binaries
to gain special privileges. [bsc#1039357]
ImportantSUSE bug 1039357CVE-2017-1000366 at SUSECVE-2017-1000366 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for glibc fixes the following issues:
- A privilege escalation bug in the realpath() function has been fixed.
[CVE-2018-1000001, bsc#1074293]
ImportantSUSE bug 1074293CVE-2018-1000001 at SUSECVE-2018-1000001 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for glibc fixes the following issues:
Security issues fixed:
- CVE-2017-8804: Fix memory leak after deserialization failure in xdr_bytes, xdr_string (bsc#1037930)
- CVE-2017-12132: Reduce EDNS payload size to 1200 bytes (bsc#1051791)
- CVE-2018-6485,CVE-2018-6551: Fix integer overflows in internal memalign and malloc functions (bsc#1079036)
- CVE-2018-1000001: Avoid underflow of malloced area in realpath (bsc#1074293)
Also a non security issue was fixed:
- Do not fail if one of the two responses to AF_UNSPEC fails (bsc#978209)
ImportantSUSE bug 1037930SUSE bug 1051791SUSE bug 1074293SUSE bug 1079036SUSE bug 978209CVE-2017-12132 at SUSECVE-2017-12132 at NVDCVE-2017-8804 at SUSECVE-2017-8804 at NVDCVE-2018-1000001 at SUSECVE-2018-1000001 at NVDCVE-2018-6485 at SUSECVE-2018-6485 at NVDCVE-2018-6551 at SUSECVE-2018-6551 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for glibc (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for glibc fixes the following issues:
- CVE-2017-12133: Avoid use-after-free read access in clntudp_call (bsc#1081556)
ModerateSUSE bug 1081556CVE-2017-12133 at SUSECVE-2017-12133 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for glibc (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for glibc fixes the following issues:
Security issue fixed:
- CVE-2018-11236: Fix overflow in path length computation (bsc#1094161).
ModerateSUSE bug 1094161CVE-2018-11236 at SUSECVE-2018-11236 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for glibc fixes the following security issues:
- CVE-2017-15670: Prevent off-by-one error that lead to a heap-based buffer
overflow in the glob function, related to the processing of home directories
using the ~ operator followed by a long string (bsc#1064583).
- CVE-2017-15804: The glob function contained a buffer overflow during
unescaping of user names with the ~ operator (bsc#1064580).
- CVE-2015-5180: res_query in libresolv allowed remote attackers to cause a
denial of service (NULL pointer dereference and process crash) (bsc#941234)
ImportantSUSE bug 1064580SUSE bug 1064583SUSE bug 941234CVE-2015-5180 at SUSECVE-2015-5180 at NVDCVE-2017-15670 at SUSECVE-2017-15670 at NVDCVE-2017-15804 at SUSECVE-2017-15804 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for glibc (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for glibc fixes the following issues:
Security issues fixed:
- CVE-2019-9169: Fixed a heap-based buffer over-read via an attempted case-insensitive regular-expression match (bsc#1127308).
- CVE-2009-5155: Fixed a denial of service in parse_reg_exp() (bsc#1127223).
ModerateSUSE bug 1127223SUSE bug 1127308CVE-2009-5155 at SUSECVE-2009-5155 at NVDCVE-2019-9169 at SUSECVE-2019-9169 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for glibc fixes the following issues:
- CVE-2015-8983: Fixed _IO_wstr_overflow integer overflow (bsc#1193615, BZ #17269)
- CVE-2015-8982: Fixed memory handling in strxfrm_l (bsc#1193616, BZ #16009)
- CVE-2022-23219: Fixed buffer overflow in sunrpc clnt_create for 'unix' (bsc#1194768, BZ #22542)
- CVE-2022-23218: Fixed buffer overflow in sunrpc svcunix_create (bsc#1194770, BZ #28768)
- CVE-2021-3999: Fixed getcwd to set errno to ERANGE for size == 1 (bsc#1194640, BZ #28769)
- CVE-2021-33574: Use __pthread_attr_copy in mq_notify (bsc#1186489, BZ #27896)
- CVE-2021-35942: Fixed handle overflow in wordexp positional parameter number (bsc#1187911, BZ #28011)
ImportantSUSE bug 1186489SUSE bug 1187911SUSE bug 1193615SUSE bug 1193616SUSE bug 1194640SUSE bug 1194768SUSE bug 1194770CVE-2015-8982 at SUSECVE-2015-8982 at NVDCVE-2015-8983 at SUSECVE-2015-8983 at NVDCVE-2021-33574 at SUSECVE-2021-33574 at NVDCVE-2021-35942 at SUSECVE-2021-35942 at NVDCVE-2021-3999 at SUSECVE-2021-3999 at NVDCVE-2022-23218 at SUSECVE-2022-23218 at NVDCVE-2022-23219 at SUSECVE-2022-23219 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gmp (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gmp fixes the following issues:
- CVE-2021-43618: Fixed buffer overflow on malformed input to mpz_inp_raw (bsc#1192717).
ModerateSUSE bug 1192717CVE-2021-43618 at SUSECVE-2021-43618 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gnome-session (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gnome-session fixes the following issues:
- CVE-2017-11171: Fix a denial of service condition. an unauthenticated local user
can create ICE connections, causing a file descriptor leak in
gnome-session (bsc#1048274).
ModerateSUSE bug 1048274CVE-2017-11171 at SUSECVE-2017-11171 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gnuplot (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gnuplot fixes the following issues:
Security issues fixed:
- CVE-2018-19492: Fixed a buffer overflow in cairotrm_options function (bsc#1117463)
- CVE-2018-19491: Fixed a buffer overflow in the PS_options function (bsc#1117464)
- CVE-2018-19490: Fixed a heap-based buffer overflow in the df_generate_ascii_array_entry function (bsc#1117465)
- CVE-2017-9670: Fixed a uninitialized stack variable vulnerability which could lead to a
Denial of Service (bsc#1044638)
Non-security issues fixed:
- postscript output does not show any German 'umlauts' (bsc#375175)
ModerateSUSE bug 1044638SUSE bug 1117463SUSE bug 1117464SUSE bug 1117465SUSE bug 375175CVE-2017-9670 at SUSECVE-2017-9670 at NVDCVE-2018-19490 at SUSECVE-2018-19490 at NVDCVE-2018-19491 at SUSECVE-2018-19491 at NVDCVE-2018-19492 at SUSECVE-2018-19492 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for GnuTLSSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
GnuTLS has been patched to ensure proper parsing of session ids during the
TLS/SSL handshake. Additionally three issues inherited from libtasn1 have
been fixed.
Further information is available at
http://www.gnutls.org/security.html#GNUTLS-SA-2014-3
<http://www.gnutls.org/security.html#GNUTLS-SA-2014-3>
These security issues have been fixed:
* Possible memory corruption during connect (CVE-2014-3466)
* Multiple boundary check issues could allow DoS (CVE-2014-3467)
* asn1_get_bit_der() can return negative bit length (CVE-2014-3468)
* Possible DoS by NULL pointer dereference (CVE-2014-3469)
Security Issue references:
* CVE-2014-3466
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466>
SUSE bug 554084SUSE bug 659907SUSE bug 729486SUSE bug 739898SUSE bug 753301SUSE bug 754223SUSE bug 754953SUSE bug 760265SUSE bug 802651SUSE bug 821818SUSE bug 835760SUSE bug 865804SUSE bug 865993SUSE bug 880730SUSE bug 880910SUSE bug 919938SUSE bug 921684CVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2009-5138 at SUSECVE-2009-5138 at NVDCVE-2011-4128 at SUSECVE-2011-4128 at NVDCVE-2012-0390 at SUSECVE-2012-0390 at NVDCVE-2013-1619 at SUSECVE-2013-1619 at NVDCVE-2013-2116 at SUSECVE-2013-2116 at NVDCVE-2014-0092 at SUSECVE-2014-0092 at NVDCVE-2014-3466 at SUSECVE-2014-3466 at NVDCVE-2014-3467 at SUSECVE-2014-3467 at NVDCVE-2014-3468 at SUSECVE-2014-3468 at NVDCVE-2014-3469 at SUSECVE-2014-3469 at NVDCVE-2014-8155 at SUSECVE-2014-8155 at NVDCVE-2015-0282 at SUSECVE-2015-0282 at NVDCVE-2015-0294 at SUSECVE-2015-0294 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for gnutls (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This security update of gnutls fixes the following issues:
- use minimal padding for CBC, the default random length padding
causes problems with some servers (bsc#925499)
* added gnutls-use_minimal_cbc_padding.patch
- use the default DH minimum for gnutls-cli instead of hardcoding 512
* CVE-2015-4000 (Logjam) (bsc#932026)
* added gnutls-CVE-2015-4000-logjam-use_the_default_DH_min_for_cli.patch
ModerateSUSE bug 925499SUSE bug 932026CVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gnutls (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gnutls fixes the following security issues:
- CVE-2015-8313: First byte of the padding in CBC mode is not checked (bsc#957568)
- CVE-2015-2806: Two-byte stack overflow in asn1_der_decoding (bsc#924828)
ModerateSUSE bug 924828SUSE bug 947271SUSE bug 957568CVE-2015-2806 at SUSECVE-2015-2806 at NVDCVE-2015-8313 at SUSECVE-2015-8313 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gnutls (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gnutls fixes the following issues:
- Malformed asn1 definitions could cause a segmentation fault in the asn1 definition parser (bsc#961491).
- CVE-2016-8610: Remote denial of service in SSL alert handling (bsc#1005879).
- CVE-2017-5335: Decoding a specially crafted OpenPGP certificate could have lead to heap and stack overflows (bsc#1018832).
- CVE-2017-5336: Decoding a specially crafted OpenPGP certificate could have lead to heap and stack overflows (bsc#1018832).
- CVE-2017-5337: Decoding a specially crafted OpenPGP certificate could have lead to heap and stack overflows (bsc#1018832).
ImportantSUSE bug 1005879SUSE bug 1018832SUSE bug 961491CVE-2016-8610 at SUSECVE-2016-8610 at NVDCVE-2017-5335 at SUSECVE-2017-5335 at NVDCVE-2017-5336 at SUSECVE-2017-5336 at NVDCVE-2017-5337 at SUSECVE-2017-5337 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gnutls (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gnutls fixes the following issues:
- GNUTLS-SA-2017-3 / CVE-2017-7869: An out-of-bounds write in OpenPGP certificate decoding was fixed (bsc#1034173)
- CVE-2017-6891: A potential stack buffer overflow in the bundled libtasn1 was fixed (bsc#1040621)
- An address read of 4 bytes past the end of buffer in OpenPGP certificate parsing was fixed (bsc#1038337)
ModerateSUSE bug 1034173SUSE bug 1038337SUSE bug 1040621CVE-2017-6891 at SUSECVE-2017-6891 at NVDCVE-2017-7869 at SUSECVE-2017-7869 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gnutls (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gnutls fixes the following issues:
Security issues fixed:
- CVE-2018-10846: Improve mitigations against Lucky 13 class of attacks (PRIME + PROBE) (bsc#1105460).
- CVE-2017-10790: Fixed a denial of service in the _asn1_check_identifier() function (bsc#1047002).
ModerateSUSE bug 1047002SUSE bug 1105460CVE-2017-10790 at SUSECVE-2017-10790 at NVDCVE-2018-10846 at SUSECVE-2018-10846 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for GPG2SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
GPG2 has been updated to fix a possible denial of service.
This security issue has been fixed:
* Denial of service through infinite loop with garbled compressed data
packets (CVE-2014-4617)
Security Issues:
* CVE-2014-4617
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617>
SUSE bug 625947SUSE bug 718937SUSE bug 741352SUSE bug 778723SUSE bug 780943SUSE bug 798465SUSE bug 808958SUSE bug 840510SUSE bug 844175SUSE bug 884130CVE-2010-2547 at SUSECVE-2010-2547 at NVDCVE-2012-6085 at SUSECVE-2012-6085 at NVDCVE-2013-4351 at SUSECVE-2013-4351 at NVDCVE-2013-4402 at SUSECVE-2013-4402 at NVDCVE-2014-4617 at SUSECVE-2014-4617 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for gpg2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gpg2 fixes the following issues:
- Fix cve-2015-1606 (bsc#918089)
* Invalid memory read using a garbled keyring
* 0001-Gpg-prevent-an-invalid-memory-read-using-a-garbled-k.patch
- Fix cve-2015-1607 (bsc#918090)
* Memcpy with overlapping ranges
* 0001-Use-inline-functions-to-convert-buffer-data-to-scala.patch
ModerateSUSE bug 918089SUSE bug 918090CVE-2015-1606 at SUSECVE-2015-1606 at NVDCVE-2015-1607 at SUSECVE-2015-1607 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gpg2 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gpg2 fixes the following issues:
- CVE-2018-12020: GnuPG mishandled the original filename during decryption and
verification actions, which allowed remote attackers to spoof the output that
GnuPG sends on file descriptor 2 to other programs that use the '--status-fd 2'
option (bsc#1096745)
ImportantSUSE bug 1096745CVE-2018-12020 at SUSECVE-2018-12020 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gpg2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gpg2 fixes the following issues:
Security issue fixed:
- CVE-2019-13050: Fixed denial-of-service attacks via big keys. (bsc#1141093)
Non-security issue fixed:
- Allow coredumps in X11 desktop sessions (bsc#1124847).
ModerateSUSE bug 1124847SUSE bug 1141093CVE-2019-13050 at SUSECVE-2019-13050 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gpgmeSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This gpgme update fixes the following security issue:
* bnc#890123: Fix possible overflow in gpgsm and uiserver engines
(CVE-2014-3564)
Security Issues:
* CVE-2014-3564
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3564>
SUSE bug 890123CVE-2014-3564 at SUSECVE-2014-3564 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for graphviz (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for graphviz fixes the following issues:
- CVE-2018-10196: Fixed a null dereference in rebuild_vlis (bsc#1093447).
LowSUSE bug 1093447CVE-2018-10196 at SUSECVE-2018-10196 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gstreamer-0_10-plugins-base (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gstreamer-0_10-plugins-base fixes the following issues:
Security issues fixed:
- CVE-2017-5837: Fixed a floating point exception in gst_riff_create_audio_caps (bsc#1024076).
- CVE-2017-5844: Fixed a floating point exception in gst_riff_create_audio_caps (bsc#1024079).
- CVE-2019-9928: Fixed a heap-based overflow in the rtsp connection parser (bsc#1133375).
ImportantSUSE bug 1024076SUSE bug 1024079SUSE bug 1133375CVE-2017-5837 at SUSECVE-2017-5837 at NVDCVE-2017-5844 at SUSECVE-2017-5844 at NVDCVE-2019-9928 at SUSECVE-2019-9928 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gtk2SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The following issue has been fixed:
* Specially crafted GIF and XBM files could have crashed gtk2
(CVE-2012-2370,CVE-2011-2485)
Security Issue references:
* CVE-2012-2370
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2370>
* CVE-2011-2485
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2485>
SUSE bug 603034SUSE bug 615300SUSE bug 636530SUSE bug 637693SUSE bug 687562SUSE bug 702028SUSE bug 762735CVE-2011-2485 at SUSECVE-2011-2485 at NVDCVE-2012-2370 at SUSECVE-2012-2370 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gtk2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gtk2 fixes the following security issues:
- CVE-2015-4491: Check for overflow before allocating memory when scaling (bsc#942801)
- CVE-2015-7674: overflow when scaling GIF files (bsc#948791)
- CVE-2015-7552: various overflows, including heap overflow in flipping bmp files (bsc#958963)
The following non-security issue was fixed:
- bsc#960155: fix a possible divide by zero ModerateSUSE bug 942801SUSE bug 948791SUSE bug 958963SUSE bug 960155CVE-2015-4491 at SUSECVE-2015-4491 at NVDCVE-2015-7552 at SUSECVE-2015-7552 at NVDCVE-2015-7674 at SUSECVE-2015-7674 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gtk2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gtk2 fixes the following issues:
- CVE-2016-6352: Some crashes were fixed, including a out of bounds
write in the OneLine32() function that could be used by attackers to
crash GTK/GDK programs.
- CVE-2013-7447: Avoid overflow when allocating a cairo pixbuf (bsc#966682).
ModerateSUSE bug 966682SUSE bug 988745SUSE bug 991450CVE-2013-7447 at SUSECVE-2013-7447 at NVDCVE-2016-6352 at SUSECVE-2016-6352 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gtk2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gtk2 fixes the following issues:
This security issue was fixed:
- Add checks for multiplications at several locations to avoid mishandling
memory. This allowed attackers to cause DoS or potentially RCE (bsc#1053417).
- CVE-2017-6312: Integer overflow in io-ico.c in gdk-pixbuf allowed context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations (boo#1027026).
- Protect against access to negative array indexes (BGO#778584).
- CVE-2017-6314: The make_available_at_least function in io-tiff.c in gdk-pixbuf allowed context-dependent attackers to cause a denial of service (infinite loop) via a large TIFF file (boo#1027025).
- CVE-2017-6313: Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allowed context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file (boo#1027024).
- CVE-2017-1000422: Gnome gdk-pixbuf older was vulnerable to several integer overflows in the gif_get_lzw function resulting in memory corruption and potential code execution (boo#1074462).
This non-security issue was fixed:
- Prevent endless loop when listing a directory that may not be listed (bnc#726376).
ModerateSUSE bug 1027024SUSE bug 1027025SUSE bug 1027026SUSE bug 1053417SUSE bug 1074462SUSE bug 726376CVE-2017-1000422 at SUSECVE-2017-1000422 at NVDCVE-2017-6312 at SUSECVE-2017-6312 at NVDCVE-2017-6313 at SUSECVE-2017-6313 at NVDCVE-2017-6314 at SUSECVE-2017-6314 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for gtk2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for gtk2 fixes the following security issues:
- CVE-2017-2862: Prevent heap overflow in the
gdk_pixbuf__jpeg_image_load_increment function. A specially crafted jpeg file
could have caused a heap overflow resulting in remote code execution
(bsc#1048289)
- CVE-2017-2870: Prevent integer overflow in the tiff_image_parse
functionality. A specially crafted tiff file could have caused a heap-overflow
resulting in remote code execution (bsc#1048544)
ModerateSUSE bug 1048289SUSE bug 1048544CVE-2017-2862 at SUSECVE-2017-2862 at NVDCVE-2017-2870 at SUSECVE-2017-2870 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for guile (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for guile fixes the following issues:
- CVE-2016-8605: Fixed thread-unsafe umask modification (bsc#1004221).
LowSUSE bug 1004221CVE-2016-8605 at SUSECVE-2016-8605 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for okularSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes a heap-based overflow in okular. The RLE decompression in
the TranscribePalmImageToJPEG() function can be exploited to execute
arbitrary code with user privileges by providing a crafted PDF file.
(CVE-2010-2575)
Security Issue reference:
* CVE-2010-2575
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2575>
SUSE bug 634743CVE-2010-2575 at SUSECVE-2010-2575 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for hplipSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
hplip was updated to fix three security issues:
*
CVE-2013-0200: Some local file overwrite problems via predictable
/tmp filenames were fixed.
*
CVE-2013-4325: hplip used an insecure polkit DBUS API (polkit-process
subject race condition) which could lead to local privilege
escalation.
*
CVE-2013-6402: hplip uses arbitrary file creation/overwrite (via
hardcoded file name /tmp/hp-pkservice.log)
Security Issue references:
* CVE-2013-4325
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4325>
* CVE-2013-0200
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0200>
* CVE-2013-6402
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6402>
SUSE bug 336658SUSE bug 59233SUSE bug 704608SUSE bug 808355SUSE bug 835827SUSE bug 836937SUSE bug 852368CVE-2004-0801 at SUSECVE-2004-0801 at NVDCVE-2010-4267 at SUSECVE-2010-4267 at NVDCVE-2011-2722 at SUSECVE-2011-2722 at NVDCVE-2013-0200 at SUSECVE-2013-0200 at NVDCVE-2013-4325 at SUSECVE-2013-4325 at NVDCVE-2013-6402 at SUSECVE-2013-6402 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for hunspell (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for hunspell fixes the following issues:
- CVE-2019-16707: Fixed an invalid read in SuggestMgr:leftcommonsubstring (bsc#1151867).
LowSUSE bug 1151867CVE-2019-16707 at SUSECVE-2019-16707 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for ibutilsSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for InfiniBand Diagnostic Tools (ibutils) fixes a syntax error
that affected ibdiagnet, ibdiagpath and ibdiagui utilities.
SUSE bug 811660SUSE bug 832643CVE-2013-1894 at SUSECVE-2013-1894 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for icuSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The following bugs have been fixed:
* Specially crafted strings could cause a buffer overflow in icu
(CVE-2011-4599).
* An integer overflow in the getSymbol() function could crash
applications using icu (CVE-2010-4409)
Security Issue references:
* CVE-2011-4599
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4599>
* CVE-2010-4409
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4409>
SUSE bug 657910SUSE bug 736146SUSE bug 917129CVE-2010-4409 at SUSECVE-2010-4409 at NVDCVE-2011-4599 at SUSECVE-2011-4599 at NVDCVE-2014-9654 at SUSECVE-2014-9654 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for icu (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for icu fixes the following security issues:
- Passing a locale string longer than 255 characters to uloc_getDisplayName()
could have caused a buffer overflow resulting in denial of service or
possible code execution (bsc#1012224, CVE-2014-9911).
ModerateSUSE bug 1012224CVE-2014-9911 at SUSECVE-2014-9911 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for icu (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for icu fixes the following issues:
- CVE-2014-9911: The fix was updated to not crash (NULL ptr deref) when resPath is NULL (bsc#1023033).
ModerateSUSE bug 1023033CVE-2014-9911 at SUSECVE-2014-9911 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for icu (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for icu fixes the following issue:
- Fix international date/time format output (a regression caused by the fix for CVE-2014-9911) (bsc#1037416).
ModerateSUSE bug 1037416CVE-2014-9911 at SUSECVE-2014-9911 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for icu (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for icu fixes the following issues:
- CVE-2016-6293: The uloc_acceptLanguageFromHTTP function in common/uloc.cpp did not ensure that there is a '\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument. (bsc#990636)
- CVE-2017-7868: ICU had an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function. (bsc#1034674)
- CVE-2017-7867: ICU had an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function. (bsc#1034678)
- CVE-2017-14952: Double free in i18n/zonemeta.cpp allowed remote attackers to execute arbitrary code via a crafted string, aka a 'redundant UVector entry clean up function call' issue. (bsc#1067203)
- CVE-2017-17484:The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp mishandled ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted string, as demonstrated by ZNC. (bsc#1072193)
- CVE-2017-15422: An integer overflow in persian calendar calculation was fixed, which could show wrong years. (bsc#1077999)
ImportantSUSE bug 1034674SUSE bug 1034678SUSE bug 1067203SUSE bug 1072193SUSE bug 1077999SUSE bug 990636CVE-2016-6293 at SUSECVE-2016-6293 at NVDCVE-2017-14952 at SUSECVE-2017-14952 at NVDCVE-2017-15422 at SUSECVE-2017-15422 at NVDCVE-2017-17484 at SUSECVE-2017-17484 at NVDCVE-2017-7867 at SUSECVE-2017-7867 at NVDCVE-2017-7868 at SUSECVE-2017-7868 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for innSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
A STARTTLS injection issue has been fixed in inn. CVE-2012-3523 has been
assigned to this issue.
Security Issue reference:
* CVE-2012-3523
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3523>
SUSE bug 776967CVE-2012-3523 at SUSECVE-2012-3523 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for inn (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for inn fixes the following issues:
- CVE-2019-3692: Fixed a local privilege escalation from any user to 'news' (bsc#1154302).
ModerateSUSE bug 1154302CVE-2019-3692 at SUSECVE-2019-3692 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for inn (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for inn fixes the following issues:
- CVE-2021-31998: Fixed locale privialge escalation during the update of inn (bsc#1182321).
ImportantSUSE bug 1182321CVE-2021-31998 at SUSECVE-2021-31998 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for inst-source-utilsSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Multiple code execution flaws have been fixed that could have been
exploited via specially crafted file names / directory path names.
Security Issue reference:
* CVE-2012-0427
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0427>
SUSE bug 604730CVE-2012-0427 at SUSECVE-2012-0427 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ipsec-tools (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
ipsec-tools was updated to fix one security issue and a bug.
This security issue was fixed:
- CVE-2015-4047: racoon/gssapi.c in ipsec-tools allowed remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests (bsc#931989).
Due to a packaging error, the racoonf.conf config file was symlinked to /usr/share/doc/packages/ipsec-tools/examples/racoon/samples/racoon.conf
on some processor platforms, edits might have happened only in this example file.
Before upgrading, please check if /etc/racoon/racoon.conf is a symlink to this example file and backup the content. (bsc#939810)
ModerateSUSE bug 931989SUSE bug 939810CVE-2015-4047 at SUSECVE-2015-4047 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ipsec-tools (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ipsec-tools fixes one issue.
This security issue was fixed:
- CVE-2016-10396: The racoon daemon contained a remotely exploitable
computational-complexity attack when parsing and storing ISAKMP fragments that
allowed a remote attacker to exhaust computational resources on the remote
endpoint by repeatedly sending ISAKMP fragment packets in a particular order
(bsc#1047443).
ModerateSUSE bug 1047443CVE-2016-10396 at SUSECVE-2016-10396 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for iscsitargetSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for iscsitarget provides the following fixes:
* Add obsoletes on old tgt versions that unconditionally obsoleted
iscsitarget versions (bnc#732751)
* Install the correct services file for the firewall (bnc#710353)
* Define _GNU_SOURCE to get correct prototypes from glibc.
SUSE bug 592928SUSE bug 618574SUSE bug 710353SUSE bug 732751CVE-2010-0743 at SUSECVE-2010-0743 at NVDCVE-2010-2221 at SUSECVE-2010-2221 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for jakarta-commons-collections (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update to jakarta-commons-collections 3.2.2 fixes the following security issues:
* bsc#954102 code-execution by unserialization
ModerateSUSE bug 954102cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for jakarta-commons-fileuploadSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
jakarta-commons-fileupload received the following security fix:
A poison null byte flaw was found in the implementation of the DiskFileItem
class. A remote attacker would have been able to supply a serialized
instance of the DiskFileItem class, which if deserialized on a server,
could have used this flaw to write arbitrary content to any location on the
server that has been permitted by the user running the application server
process. (CVE-2013-2186)
Security Issue reference:
* CVE-2013-2186
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2186>
SUSE bug 846174CVE-2013-2186 at SUSECVE-2013-2186 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for jakarta-commons-fileupload (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for jakarta-commons-fileupload fixes the following issue:
Security issue fixed:
- CVE-2016-1000031: Fixed remote execution (bsc#1128963, bsc#1128829).
ImportantSUSE bug 1128829SUSE bug 1128963CVE-2016-1000031 at SUSECVE-2016-1000031 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for jakartaSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The following issue has been fixed:
* SSL certificate hostname verification was not done and is fixed by
this update. (CVE-2012-5783)
Security Issue reference:
* CVE-2012-5783
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5783>
SUSE bug 803332CVE-2012-5783 at SUSECVE-2012-5783 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for jakarta-taglibs-standard (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for jakarta-taglibs-standard fixes the following issues:
- CVE-2015-0254: Apache Standard Taglibs allowed remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) x:parse or (2) x:transform JSTL XML tag. (bsc#920813)
ImportantSUSE bug 920813CVE-2015-0254 at SUSECVE-2015-0254 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for jasperSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The following issue has been fixed:
* Specially crafted JPEG2000 files could cause a heap buffer overflow
in jasper (CVE-2011-4516, CVE-2011-4517)
Security Issue references:
* CVE-2011-4516
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516>
* CVE-2011-4517
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517>
SUSE bug 725758SUSE bug 909474SUSE bug 909475SUSE bug 911837CVE-2011-4516 at SUSECVE-2011-4516 at NVDCVE-2011-4517 at SUSECVE-2011-4517 at NVDCVE-2014-8137 at SUSECVE-2014-8137 at NVDCVE-2014-8138 at SUSECVE-2014-8138 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for jasper (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for jasper fixes the following issues:
Security fixes:
- CVE-2016-8887: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (bsc#1006836)
- CVE-2016-8886: memory allocation failure in jas_malloc (jas_malloc.c) (bsc#1006599)
- CVE-2016-8884,CVE-2016-8885: two null pointer dereferences in bmp_getdata (incomplete fix for CVE-2016-8690) (bsc#1007009)
- CVE-2016-8883: assert in jpc_dec_tiledecode() (bsc#1006598)
- CVE-2016-8882: segfault / null pointer access in jpc_pi_destroy (bsc#1006597)
- CVE-2016-8881: Heap overflow in jpc_getuint16() (bsc#1006593)
- CVE-2016-8880: Heap overflow in jpc_dec_cp_setfromcox() (bsc#1006591)
- CVE-2016-8693: Double free vulnerability in mem_close (bsc#1005242)
- CVE-2016-8691, CVE-2016-8692: Divide by zero in jpc_dec_process_siz (bsc#1005090)
- CVE-2016-8690: Null pointer dereference in bmp_getdata triggered by crafted BMP image (bsc#1005084)
- CVE-2016-2089: invalid read in the JasPer's jas_matrix_clip() function (bsc#963983)
- CVE-2016-1867: Out-of-bounds Read in the JasPer's jpc_pi_nextcprl() function (bsc#961886)
- CVE-2016-1577, CVE-2016-2116: double free vulnerability in the jas_iccattrval_destroy function (bsc#968373)
- CVE-2015-5221: Use-after-free (and double-free) in Jasper JPEG-200 (bsc#942553)
- CVE-2015-5203: Double free corruption in JasPer JPEG-2000 implementation (bsc#941919)
- CVE-2008-3522: multiple integer overflows (bsc#392410)
- bsc#1006839: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (incomplete fix for CVE-2016-8887)
ModerateSUSE bug 1005084SUSE bug 1005090SUSE bug 1005242SUSE bug 1006591SUSE bug 1006593SUSE bug 1006597SUSE bug 1006598SUSE bug 1006599SUSE bug 1006836SUSE bug 1006839SUSE bug 1007009SUSE bug 392410SUSE bug 941919SUSE bug 942553SUSE bug 961886SUSE bug 963983SUSE bug 968373CVE-2008-3522 at SUSECVE-2008-3522 at NVDCVE-2015-5203 at SUSECVE-2015-5203 at NVDCVE-2015-5221 at SUSECVE-2015-5221 at NVDCVE-2016-1577 at SUSECVE-2016-1577 at NVDCVE-2016-1867 at SUSECVE-2016-1867 at NVDCVE-2016-2089 at SUSECVE-2016-2089 at NVDCVE-2016-2116 at SUSECVE-2016-2116 at NVDCVE-2016-8690 at SUSECVE-2016-8690 at NVDCVE-2016-8691 at SUSECVE-2016-8691 at NVDCVE-2016-8692 at SUSECVE-2016-8692 at NVDCVE-2016-8693 at SUSECVE-2016-8693 at NVDCVE-2016-8880 at SUSECVE-2016-8880 at NVDCVE-2016-8881 at SUSECVE-2016-8881 at NVDCVE-2016-8882 at SUSECVE-2016-8882 at NVDCVE-2016-8883 at SUSECVE-2016-8883 at NVDCVE-2016-8884 at SUSECVE-2016-8884 at NVDCVE-2016-8885 at SUSECVE-2016-8885 at NVDCVE-2016-8886 at SUSECVE-2016-8886 at NVDCVE-2016-8887 at SUSECVE-2016-8887 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for jasper (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for jasper fixes the following issues:
Security issues fixed:
- CVE-2016-8654: Heap-based buffer overflow in QMFB code in JPC codec (bsc#1012530)
- CVE-2016-9395: Missing sanity checks on the data in a SIZ marker segment (bsc#1010977).
- CVE-2016-9398: jpc_math.c:94: int jpc_floorlog2(int): Assertion 'x > 0' failed. (bsc#1010979)
- CVE-2016-9560: stack-based buffer overflow in jpc_tsfb_getbands2 (jpc_tsfb.c) (bsc#1011830)
- CVE-2016-9583: Out of bounds heap read in jpc_pi_nextpcrl() (bsc#1015400)
- CVE-2016-9591: Use-after-free on heap in jas_matrix_destroy (bsc#1015993)
- CVE-2016-9600: Null Pointer Dereference due to missing check for UNKNOWN color space in JP2 encoder (bsc#1018088)
- CVE-2016-10251: Use of uninitialized value in jpc_pi_nextcprl (jpc_t2cod.c) (bsc#1029497)
- CVE-2017-5498: left-shift undefined behaviour (bsc#1020353)
- CVE-2017-6850: NULL pointer dereference in jp2_cdef_destroy (jp2_cod.c) (bsc#1021868)
ImportantSUSE bug 1010977SUSE bug 1010979SUSE bug 1011830SUSE bug 1012530SUSE bug 1015400SUSE bug 1015993SUSE bug 1018088SUSE bug 1020353SUSE bug 1021868SUSE bug 1029497CVE-2016-10251 at SUSECVE-2016-10251 at NVDCVE-2016-8654 at SUSECVE-2016-8654 at NVDCVE-2016-9395 at SUSECVE-2016-9395 at NVDCVE-2016-9398 at SUSECVE-2016-9398 at NVDCVE-2016-9560 at SUSECVE-2016-9560 at NVDCVE-2016-9583 at SUSECVE-2016-9583 at NVDCVE-2016-9591 at SUSECVE-2016-9591 at NVDCVE-2016-9600 at SUSECVE-2016-9600 at NVDCVE-2017-5498 at SUSECVE-2017-5498 at NVDCVE-2017-6850 at SUSECVE-2017-6850 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for jasper (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for jasper fixes the following issues:
Security issues fixed:
- CVE-2016-9262: Multiple integer overflows in the jas_realloc function in base/jas_malloc.c and
mem_resize function in base/jas_stream.c allow remote attackers to cause a denial of service via
a crafted image, which triggers use after free vulnerabilities. (bsc#1009994)
- CVE-2016-9388: The ras_getcmap function in ras_dec.c allows remote attackers to cause a denial
of service (assertion failure) via a crafted image file. (bsc#1010975)
- CVE-2016-9389: The jpc_irct and jpc_iict functions in jpc_mct.c allow remote attackers to cause a
denial of service (assertion failure). (bsc#1010968)
- CVE-2016-9390: The jas_seq2d_create function in jas_seq.c allows remote attackers to cause a
denial of service (assertion failure) via a crafted image file. (bsc#1010774)
- CVE-2016-9391: The jpc_bitstream_getbits function in jpc_bs.c allows remote attackers to cause a
denial of service (assertion failure) via a very large integer. (bsc#1010782)
- CVE-2017-1000050: The jp2_encode function in jp2_enc.c allows remote attackers to cause a denial
of service. (bsc#1047958)
CVEs already fixed with previous update:
- CVE-2016-9392: The calcstepsizes function in jpc_dec.c allows remote attackers to cause a denial
of service (assertion failure) via a crafted file. (bsc#1010757)
- CVE-2016-9393: The jpc_pi_nextrpcl function in jpc_t2cod.c allows remote attackers to cause a
denial of service (assertion failure) via a crafted file. (bsc#1010766)
- CVE-2016-9394: The jas_seq2d_create function in jas_seq.c allows remote attackers to cause a
denial of service (assertion failure) via a crafted file. (bsc#1010756)
ModerateSUSE bug 1009994SUSE bug 1010756SUSE bug 1010757SUSE bug 1010766SUSE bug 1010774SUSE bug 1010782SUSE bug 1010968SUSE bug 1010975SUSE bug 1047958CVE-2016-9262 at SUSECVE-2016-9262 at NVDCVE-2016-9388 at SUSECVE-2016-9388 at NVDCVE-2016-9389 at SUSECVE-2016-9389 at NVDCVE-2016-9390 at SUSECVE-2016-9390 at NVDCVE-2016-9391 at SUSECVE-2016-9391 at NVDCVE-2016-9392 at SUSECVE-2016-9392 at NVDCVE-2016-9393 at SUSECVE-2016-9393 at NVDCVE-2016-9394 at SUSECVE-2016-9394 at NVDCVE-2017-1000050 at SUSECVE-2017-1000050 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for jasper (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for jasper fixes the following issues:
Security issues fixed:
- CVE-2018-19540: Fixed a heap based overflow in jas_icctxtdesc_input (bsc#1117508).
- CVE-2018-19541: Fix heap based overread in jas_image_depalettize (bsc#1117507).
- CVE-2018-19542: Fixed a denial of service in jp2_decode (bsc#1117505).
- CVE-2018-19539: Fixed a denial of service in jas_image_readcmpt (bsc#1117511).
- CVE-2018-9055: Fixed a denial of service in jpc_firstone (bsc#1087020).
- CVE-2016-9396: Fixed a denial of service in jpc_cox_getcompparms (bsc#1010783).
ModerateSUSE bug 1010783SUSE bug 1087020SUSE bug 1117505SUSE bug 1117507SUSE bug 1117508SUSE bug 1117511CVE-2016-9396 at SUSECVE-2016-9396 at NVDCVE-2018-19539 at SUSECVE-2018-19539 at NVDCVE-2018-19540 at SUSECVE-2018-19540 at NVDCVE-2018-19541 at SUSECVE-2018-19541 at NVDCVE-2018-19542 at SUSECVE-2018-19542 at NVDCVE-2018-9055 at SUSECVE-2018-9055 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for jasper (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for jasper fixes the following issues:
- CVE-2016-9398: Improved patch for already fixed issue (bsc#1010979).
- CVE-2016-9399: Fix assert in calcstepsizes (bsc#1010980).
- CVE-2016-9397: Fix assert in jpc_dequantize (bsc#1010786).
- CVE-2016-9557: Fix signed integer overflow (bsc#1011829).
- CVE-2017-5499: Validate component depth bit (bsc#1020451).
- CVE-2017-5503: Check bounds in jas_seq2d_bindsub() (bsc#1020456).
- CVE-2017-5504: Check bounds in jas_seq2d_bindsub() (bsc#1020458).
- CVE-2017-5505: Check bounds in jas_seq2d_bindsub() (bsc#1020460).
- CVE-2017-14132: Fix heap base overflow in by checking components (bsc#1057152).
- CVE-2018-9154: Fixed a potential denial of service in jpc_dec_process_sot() (bsc#1092115).
- CVE-2018-9252: Fix reachable assertion in jpc_abstorelstepsize (bsc#1088278).
- CVE-2018-18873: Fix null pointer deref in ras_putdatastd (bsc#1114498).
- CVE-2018-19139: Fix mem leaks by registering jpc_unk_destroyparms (bsc#1115637).
- CVE-2018-19543, bsc#1045450 CVE-2017-9782: Fix numchans mixup (bsc#1117328).
- CVE-2018-20570: Fix heap based buffer over-read in jp2_encode (bsc#1120807).
- CVE-2018-20622: Fix memory leak in jas_malloc.c (bsc#1120805).
LowSUSE bug 1010786SUSE bug 1010979SUSE bug 1010980SUSE bug 1011829SUSE bug 1020451SUSE bug 1020456SUSE bug 1020458SUSE bug 1020460SUSE bug 1045450SUSE bug 1057152SUSE bug 1088278SUSE bug 1092115SUSE bug 1114498SUSE bug 1115637SUSE bug 1117328SUSE bug 1120805SUSE bug 1120807CVE-2016-9397 at SUSECVE-2016-9397 at NVDCVE-2016-9398 at SUSECVE-2016-9398 at NVDCVE-2016-9399 at SUSECVE-2016-9399 at NVDCVE-2016-9557 at SUSECVE-2016-9557 at NVDCVE-2017-14132 at SUSECVE-2017-14132 at NVDCVE-2017-5499 at SUSECVE-2017-5499 at NVDCVE-2017-5503 at SUSECVE-2017-5503 at NVDCVE-2017-5504 at SUSECVE-2017-5504 at NVDCVE-2017-5505 at SUSECVE-2017-5505 at NVDCVE-2017-9782 at SUSECVE-2017-9782 at NVDCVE-2018-18873 at SUSECVE-2018-18873 at NVDCVE-2018-19139 at SUSECVE-2018-19139 at NVDCVE-2018-19543 at SUSECVE-2018-19543 at NVDCVE-2018-20570 at SUSECVE-2018-20570 at NVDCVE-2018-20622 at SUSECVE-2018-20622 at NVDCVE-2018-9154 at SUSECVE-2018-9154 at NVDCVE-2018-9252 at SUSECVE-2018-9252 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for jasper (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for jasper fixes the following issues:
- bsc#1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls
- bsc#1181483 CVE-2021-3272: Fix buffer over-read in jp2_decode
ImportantSUSE bug 1179748SUSE bug 1181483CVE-2020-27828 at SUSECVE-2020-27828 at NVDCVE-2021-3272 at SUSECVE-2021-3272 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for jasper (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for jasper fixes the following issues:
- CVE-2021-27845: Fixed divide-by-zery issue in cp_create() (bsc#1188437).
ModerateSUSE bug 1188437CVE-2021-27845 at SUSECVE-2021-27845 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for IBM Java 1.4.2SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
IBM Java 1.4.2 has been updated to SR13-FP18 to fix bugs and security
issues.
Please see also
http://www.ibm.com/developerworks/java/jdk/alerts/
<http://www.ibm.com/developerworks/java/jdk/alerts/>
Also the following bug has been fixed:
* mark files in jre/bin and bin/ as executable (bnc#823034)
Security Issue references:
* CVE-2013-3009
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3009>
* CVE-2013-3011
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3011>
* CVE-2013-3012
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3012>
* CVE-2013-2469
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2469>
* CVE-2013-2465
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2465>
* CVE-2013-2464
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2464>
* CVE-2013-2463
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2463>
* CVE-2013-2473
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2473>
* CVE-2013-2472
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2472>
* CVE-2013-2471
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2471>
* CVE-2013-2470
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2470>
* CVE-2013-2459
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2459>
* CVE-2013-2456
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2456>
* CVE-2013-2447
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2447>
* CVE-2013-2452
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2452>
* CVE-2013-2446
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2446>
* CVE-2013-2450
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2450>
* CVE-2013-1500
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1500>
SUSE bug 494536SUSE bug 590826SUSE bug 592934SUSE bug 594791SUSE bug 603353SUSE bug 646906SUSE bug 663953SUSE bug 666744SUSE bug 673738SUSE bug 690583SUSE bug 711195SUSE bug 739256SUSE bug 758651SUSE bug 763805SUSE bug 778629SUSE bug 788750SUSE bug 798535SUSE bug 809321SUSE bug 813939SUSE bug 819288SUSE bug 823034SUSE bug 829212CVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2010-0084 at SUSECVE-2010-0084 at NVDCVE-2010-0085 at SUSECVE-2010-0085 at NVDCVE-2010-0087 at SUSECVE-2010-0087 at NVDCVE-2010-0088 at SUSECVE-2010-0088 at NVDCVE-2010-0089 at SUSECVE-2010-0089 at NVDCVE-2010-0091 at SUSECVE-2010-0091 at NVDCVE-2010-0095 at SUSECVE-2010-0095 at NVDCVE-2010-0839 at SUSECVE-2010-0839 at NVDCVE-2010-0840 at SUSECVE-2010-0840 at NVDCVE-2010-0841 at SUSECVE-2010-0841 at NVDCVE-2010-0842 at SUSECVE-2010-0842 at NVDCVE-2010-0843 at SUSECVE-2010-0843 at NVDCVE-2010-0844 at SUSECVE-2010-0844 at NVDCVE-2010-0846 at SUSECVE-2010-0846 at NVDCVE-2010-0847 at SUSECVE-2010-0847 at NVDCVE-2010-0848 at SUSECVE-2010-0848 at NVDCVE-2010-0849 at SUSECVE-2010-0849 at NVDCVE-2010-1321 at SUSECVE-2010-1321 at NVDCVE-2010-3541 at SUSECVE-2010-3541 at NVDCVE-2010-3548 at SUSECVE-2010-3548 at NVDCVE-2010-3549 at SUSECVE-2010-3549 at NVDCVE-2010-3551 at SUSECVE-2010-3551 at NVDCVE-2010-3553 at SUSECVE-2010-3553 at NVDCVE-2010-3556 at SUSECVE-2010-3556 at NVDCVE-2010-3557 at SUSECVE-2010-3557 at NVDCVE-2010-3562 at SUSECVE-2010-3562 at NVDCVE-2010-3565 at SUSECVE-2010-3565 at NVDCVE-2010-3568 at SUSECVE-2010-3568 at NVDCVE-2010-3569 at SUSECVE-2010-3569 at NVDCVE-2010-3571 at SUSECVE-2010-3571 at NVDCVE-2010-3572 at SUSECVE-2010-3572 at NVDCVE-2010-3574 at SUSECVE-2010-3574 at NVDCVE-2010-4447 at SUSECVE-2010-4447 at NVDCVE-2010-4448 at SUSECVE-2010-4448 at NVDCVE-2010-4454 at SUSECVE-2010-4454 at NVDCVE-2010-4462 at SUSECVE-2010-4462 at NVDCVE-2010-4465 at SUSECVE-2010-4465 at NVDCVE-2010-4466 at SUSECVE-2010-4466 at NVDCVE-2010-4473 at SUSECVE-2010-4473 at NVDCVE-2010-4475 at SUSECVE-2010-4475 at NVDCVE-2010-4476 at SUSECVE-2010-4476 at NVDCVE-2011-0311 at SUSECVE-2011-0311 at NVDCVE-2011-0802 at SUSECVE-2011-0802 at NVDCVE-2011-0814 at SUSECVE-2011-0814 at NVDCVE-2011-0815 at SUSECVE-2011-0815 at NVDCVE-2011-0862 at SUSECVE-2011-0862 at NVDCVE-2011-0865 at SUSECVE-2011-0865 at NVDCVE-2011-0866 at SUSECVE-2011-0866 at NVDCVE-2011-0867 at SUSECVE-2011-0867 at NVDCVE-2011-0871 at SUSECVE-2011-0871 at NVDCVE-2011-0872 at SUSECVE-2011-0872 at NVDCVE-2011-3389 at SUSECVE-2011-3389 at NVDCVE-2011-3545 at SUSECVE-2011-3545 at NVDCVE-2011-3547 at SUSECVE-2011-3547 at NVDCVE-2011-3548 at SUSECVE-2011-3548 at NVDCVE-2011-3549 at SUSECVE-2011-3549 at NVDCVE-2011-3552 at SUSECVE-2011-3552 at NVDCVE-2011-3556 at SUSECVE-2011-3556 at NVDCVE-2011-3557 at SUSECVE-2011-3557 at NVDCVE-2011-3560 at SUSECVE-2011-3560 at NVDCVE-2011-3563 at SUSECVE-2011-3563 at NVDCVE-2012-0499 at SUSECVE-2012-0499 at NVDCVE-2012-0502 at SUSECVE-2012-0502 at NVDCVE-2012-0503 at SUSECVE-2012-0503 at NVDCVE-2012-0505 at SUSECVE-2012-0505 at NVDCVE-2012-0506 at SUSECVE-2012-0506 at NVDCVE-2012-1531 at SUSECVE-2012-1531 at NVDCVE-2012-1713 at SUSECVE-2012-1713 at NVDCVE-2012-1717 at SUSECVE-2012-1717 at NVDCVE-2012-1718 at SUSECVE-2012-1718 at NVDCVE-2012-1719 at SUSECVE-2012-1719 at NVDCVE-2012-3216 at SUSECVE-2012-3216 at NVDCVE-2012-5073 at SUSECVE-2012-5073 at NVDCVE-2012-5079 at SUSECVE-2012-5079 at NVDCVE-2012-5081 at SUSECVE-2012-5081 at NVDCVE-2012-5083 at SUSECVE-2012-5083 at NVDCVE-2012-5084 at SUSECVE-2012-5084 at NVDCVE-2013-0424 at SUSECVE-2013-0424 at NVDCVE-2013-0425 at SUSECVE-2013-0425 at NVDCVE-2013-0426 at SUSECVE-2013-0426 at NVDCVE-2013-0428 at SUSECVE-2013-0428 at NVDCVE-2013-0432 at SUSECVE-2013-0432 at NVDCVE-2013-0434 at SUSECVE-2013-0434 at NVDCVE-2013-0440 at SUSECVE-2013-0440 at NVDCVE-2013-0442 at SUSECVE-2013-0442 at NVDCVE-2013-0443 at SUSECVE-2013-0443 at NVDCVE-2013-0485 at SUSECVE-2013-0485 at NVDCVE-2013-0809 at SUSECVE-2013-0809 at NVDCVE-2013-1476 at SUSECVE-2013-1476 at NVDCVE-2013-1478 at SUSECVE-2013-1478 at NVDCVE-2013-1480 at SUSECVE-2013-1480 at NVDCVE-2013-1481 at SUSECVE-2013-1481 at NVDCVE-2013-1491 at SUSECVE-2013-1491 at NVDCVE-2013-1493 at SUSECVE-2013-1493 at NVDCVE-2013-1500 at SUSECVE-2013-1500 at NVDCVE-2013-1537 at SUSECVE-2013-1537 at NVDCVE-2013-1557 at SUSECVE-2013-1557 at NVDCVE-2013-1569 at SUSECVE-2013-1569 at NVDCVE-2013-2383 at SUSECVE-2013-2383 at NVDCVE-2013-2384 at SUSECVE-2013-2384 at NVDCVE-2013-2394 at SUSECVE-2013-2394 at NVDCVE-2013-2417 at SUSECVE-2013-2417 at NVDCVE-2013-2419 at SUSECVE-2013-2419 at NVDCVE-2013-2420 at SUSECVE-2013-2420 at NVDCVE-2013-2429 at SUSECVE-2013-2429 at NVDCVE-2013-2430 at SUSECVE-2013-2430 at NVDCVE-2013-2432 at SUSECVE-2013-2432 at NVDCVE-2013-2446 at SUSECVE-2013-2446 at NVDCVE-2013-2447 at SUSECVE-2013-2447 at NVDCVE-2013-2450 at SUSECVE-2013-2450 at NVDCVE-2013-2452 at SUSECVE-2013-2452 at NVDCVE-2013-2456 at SUSECVE-2013-2456 at NVDCVE-2013-2459 at SUSECVE-2013-2459 at NVDCVE-2013-2463 at SUSECVE-2013-2463 at NVDCVE-2013-2464 at SUSECVE-2013-2464 at NVDCVE-2013-2465 at SUSECVE-2013-2465 at NVDCVE-2013-2469 at SUSECVE-2013-2469 at NVDCVE-2013-2470 at SUSECVE-2013-2470 at NVDCVE-2013-2471 at SUSECVE-2013-2471 at NVDCVE-2013-2472 at SUSECVE-2013-2472 at NVDCVE-2013-2473 at SUSECVE-2013-2473 at NVDCVE-2013-3009 at SUSECVE-2013-3009 at NVDCVE-2013-3011 at SUSECVE-2013-3011 at NVDCVE-2013-3012 at SUSECVE-2013-3012 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for IBM JavaSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
java-1_6_0-ibm has been updated to version 1.6.0_sr16.2 to fix 18 security
issues.
These security issues have been fixed:
* Unspecified vulnerability in Oracle Java SE 6u81 (CVE-2014-3065).
* The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other
products, uses nondeterministic CBC padding, which makes it easier
for man-in-the-middle attackers to obtain cleartext data via a
padding-oracle attack, aka the 'POODLE' issue (CVE-2014-3566).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and
Java SE Embedded 7u60, allows remote attackers to affect
confidentiality, integrity, and availability via vectors related to
AWT (CVE-2014-6513).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20
allows remote attackers to affect confidentiality, integrity, and
availability via unknown vectors related to Deployment, a different
vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6532
(CVE-2014-6503).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20
allows remote attackers to affect confidentiality, integrity, and
availability via unknown vectors related to Deployment, a different
vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6503
(CVE-2014-6532).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20
allows remote attackers to affect confidentiality, integrity, and
availability via unknown vectors related to Deployment, a different
vulnerability than CVE-2014-6493, CVE-2014-6503, and CVE-2014-6532
(CVE-2014-4288).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20
allows remote attackers to affect confidentiality, integrity, and
availability via unknown vectors related to Deployment, a different
vulnerability than CVE-2014-4288, CVE-2014-6503, and CVE-2014-6532
(CVE-2014-6493).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20,
when running on Firefox, allows remote attackers to affect
confidentiality, integrity, and availability via unknown vectors
related to Deployment (CVE-2014-6492).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20
allows local users to affect confidentiality, integrity, and
availability via unknown vectors related to Deployment
(CVE-2014-6458).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20,
when running on Internet Explorer, allows local users to affect
confidentiality, integrity, and availability via unknown vectors
related to Deployment (CVE-2014-6466).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20, and Java SE Embedded 7u60, allows remote attackers to affect
confidentiality, integrity, and availability via unknown vectors
related to Libraries (CVE-2014-6506).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20
allows remote attackers to affect integrity via unknown vectors
related to Deployment (CVE-2014-6515).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20 allows remote attackers to affect confidentiality via unknown
vectors related to 2D (CVE-2014-6511).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20, and Java SE Embedded 7u60, allows remote attackers to affect
confidentiality via unknown vectors related to Libraries
(CVE-2014-6531).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows
remote attackers to affect integrity via unknown vectors related to
Libraries (CVE-2014-6512).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows
remote attackers to affect confidentiality and integrity via vectors
related to JSSE (CVE-2014-6457).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20, and Java SE Embedded 7u60, allows remote attackers to affect
integrity via unknown vectors related to Libraries (CVE-2014-6502).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3
allows remote attackers to affect integrity via unknown vectors
related to Security (CVE-2014-6558).
More information can be found at
http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2014
<http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2014>
Security Issues:
* CVE-2014-3065
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3065>
* CVE-2014-3566
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566>
* CVE-2014-6506
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6506>
* CVE-2014-6511
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6511>
* CVE-2014-6531
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6531>
* CVE-2014-6512
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6512>
* CVE-2014-6457
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6457>
* CVE-2014-6502
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6502>
* CVE-2014-6558
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6558>
* CVE-2014-6513
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6513>
* CVE-2014-6503
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6503>
* CVE-2014-4288
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4288>
* CVE-2014-6493
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6493>
* CVE-2014-6532
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6532>
* CVE-2014-6492
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6492>
* CVE-2014-6458
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6458>
* CVE-2014-6466
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6466>
* CVE-2014-6515
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6515>
* CVE-2014-6456
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6456>
* CVE-2014-6476
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6476>
* CVE-2014-6527
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6527>
SUSE bug 592934SUSE bug 603283SUSE bug 624224SUSE bug 659926SUSE bug 666744SUSE bug 673738SUSE bug 673798SUSE bug 705423SUSE bug 735637SUSE bug 739248SUSE bug 752306SUSE bug 758470SUSE bug 771808SUSE bug 773021SUSE bug 778629SUSE bug 785631SUSE bug 788750SUSE bug 798535SUSE bug 808625SUSE bug 813939SUSE bug 817062SUSE bug 819288SUSE bug 823034SUSE bug 829212SUSE bug 849212SUSE bug 862064SUSE bug 877430SUSE bug 891700SUSE bug 901223SUSE bug 904889SUSE bug 912434SUSE bug 912447SUSE bug 916265SUSE bug 916266SUSE bug 930365SUSE bug 931702CVE-2009-3555 at SUSECVE-2009-3555 at NVDCVE-2010-0084 at SUSECVE-2010-0084 at NVDCVE-2010-0085 at SUSECVE-2010-0085 at NVDCVE-2010-0087 at SUSECVE-2010-0087 at NVDCVE-2010-0088 at SUSECVE-2010-0088 at NVDCVE-2010-0089 at SUSECVE-2010-0089 at NVDCVE-2010-0090 at SUSECVE-2010-0090 at NVDCVE-2010-0091 at SUSECVE-2010-0091 at NVDCVE-2010-0092 at SUSECVE-2010-0092 at NVDCVE-2010-0094 at SUSECVE-2010-0094 at NVDCVE-2010-0095 at SUSECVE-2010-0095 at NVDCVE-2010-0771 at SUSECVE-2010-0771 at NVDCVE-2010-0837 at SUSECVE-2010-0837 at NVDCVE-2010-0838 at SUSECVE-2010-0838 at NVDCVE-2010-0839 at SUSECVE-2010-0839 at NVDCVE-2010-0840 at SUSECVE-2010-0840 at NVDCVE-2010-0841 at SUSECVE-2010-0841 at NVDCVE-2010-0842 at SUSECVE-2010-0842 at NVDCVE-2010-0843 at SUSECVE-2010-0843 at NVDCVE-2010-0844 at SUSECVE-2010-0844 at NVDCVE-2010-0846 at SUSECVE-2010-0846 at NVDCVE-2010-0847 at SUSECVE-2010-0847 at NVDCVE-2010-0848 at SUSECVE-2010-0848 at NVDCVE-2010-0849 at SUSECVE-2010-0849 at NVDCVE-2010-1321 at SUSECVE-2010-1321 at NVDCVE-2010-3541 at SUSECVE-2010-3541 at NVDCVE-2010-3548 at SUSECVE-2010-3548 at NVDCVE-2010-3549 at SUSECVE-2010-3549 at NVDCVE-2010-3550 at SUSECVE-2010-3550 at NVDCVE-2010-3551 at SUSECVE-2010-3551 at NVDCVE-2010-3553 at SUSECVE-2010-3553 at NVDCVE-2010-3555 at SUSECVE-2010-3555 at NVDCVE-2010-3556 at SUSECVE-2010-3556 at NVDCVE-2010-3557 at SUSECVE-2010-3557 at NVDCVE-2010-3558 at SUSECVE-2010-3558 at NVDCVE-2010-3559 at SUSECVE-2010-3559 at NVDCVE-2010-3560 at SUSECVE-2010-3560 at NVDCVE-2010-3562 at SUSECVE-2010-3562 at NVDCVE-2010-3563 at SUSECVE-2010-3563 at NVDCVE-2010-3565 at SUSECVE-2010-3565 at NVDCVE-2010-3566 at SUSECVE-2010-3566 at NVDCVE-2010-3567 at SUSECVE-2010-3567 at NVDCVE-2010-3568 at SUSECVE-2010-3568 at NVDCVE-2010-3569 at SUSECVE-2010-3569 at NVDCVE-2010-3571 at SUSECVE-2010-3571 at NVDCVE-2010-3572 at SUSECVE-2010-3572 at NVDCVE-2010-3573 at SUSECVE-2010-3573 at NVDCVE-2010-3574 at SUSECVE-2010-3574 at NVDCVE-2010-4422 at SUSECVE-2010-4422 at NVDCVE-2010-4447 at SUSECVE-2010-4447 at NVDCVE-2010-4448 at SUSECVE-2010-4448 at NVDCVE-2010-4452 at SUSECVE-2010-4452 at NVDCVE-2010-4454 at SUSECVE-2010-4454 at NVDCVE-2010-4462 at SUSECVE-2010-4462 at NVDCVE-2010-4463 at SUSECVE-2010-4463 at NVDCVE-2010-4465 at SUSECVE-2010-4465 at NVDCVE-2010-4466 at SUSECVE-2010-4466 at NVDCVE-2010-4467 at SUSECVE-2010-4467 at NVDCVE-2010-4468 at SUSECVE-2010-4468 at NVDCVE-2010-4471 at SUSECVE-2010-4471 at NVDCVE-2010-4473 at SUSECVE-2010-4473 at NVDCVE-2010-4475 at SUSECVE-2010-4475 at NVDCVE-2010-4476 at SUSECVE-2010-4476 at NVDCVE-2011-0786 at SUSECVE-2011-0786 at NVDCVE-2011-0788 at SUSECVE-2011-0788 at NVDCVE-2011-0802 at SUSECVE-2011-0802 at NVDCVE-2011-0814 at SUSECVE-2011-0814 at NVDCVE-2011-0815 at SUSECVE-2011-0815 at NVDCVE-2011-0817 at SUSECVE-2011-0817 at NVDCVE-2011-0862 at SUSECVE-2011-0862 at NVDCVE-2011-0863 at SUSECVE-2011-0863 at NVDCVE-2011-0865 at SUSECVE-2011-0865 at NVDCVE-2011-0866 at SUSECVE-2011-0866 at NVDCVE-2011-0867 at SUSECVE-2011-0867 at NVDCVE-2011-0868 at SUSECVE-2011-0868 at NVDCVE-2011-0869 at SUSECVE-2011-0869 at NVDCVE-2011-0871 at SUSECVE-2011-0871 at NVDCVE-2011-0872 at SUSECVE-2011-0872 at NVDCVE-2011-0873 at SUSECVE-2011-0873 at NVDCVE-2011-3389 at SUSECVE-2011-3389 at NVDCVE-2011-3516 at SUSECVE-2011-3516 at NVDCVE-2011-3521 at SUSECVE-2011-3521 at NVDCVE-2011-3544 at SUSECVE-2011-3544 at NVDCVE-2011-3545 at SUSECVE-2011-3545 at NVDCVE-2011-3546 at SUSECVE-2011-3546 at NVDCVE-2011-3547 at SUSECVE-2011-3547 at NVDCVE-2011-3548 at SUSECVE-2011-3548 at NVDCVE-2011-3549 at SUSECVE-2011-3549 at NVDCVE-2011-3550 at SUSECVE-2011-3550 at NVDCVE-2011-3551 at SUSECVE-2011-3551 at NVDCVE-2011-3552 at SUSECVE-2011-3552 at NVDCVE-2011-3553 at SUSECVE-2011-3553 at NVDCVE-2011-3554 at SUSECVE-2011-3554 at NVDCVE-2011-3556 at SUSECVE-2011-3556 at NVDCVE-2011-3557 at SUSECVE-2011-3557 at NVDCVE-2011-3560 at SUSECVE-2011-3560 at NVDCVE-2011-3561 at SUSECVE-2011-3561 at NVDCVE-2011-3563 at SUSECVE-2011-3563 at NVDCVE-2011-5035 at SUSECVE-2011-5035 at NVDCVE-2012-0497 at SUSECVE-2012-0497 at NVDCVE-2012-0498 at SUSECVE-2012-0498 at NVDCVE-2012-0499 at SUSECVE-2012-0499 at NVDCVE-2012-0500 at SUSECVE-2012-0500 at NVDCVE-2012-0501 at SUSECVE-2012-0501 at NVDCVE-2012-0502 at SUSECVE-2012-0502 at NVDCVE-2012-0503 at SUSECVE-2012-0503 at NVDCVE-2012-0505 at SUSECVE-2012-0505 at NVDCVE-2012-0506 at SUSECVE-2012-0506 at NVDCVE-2012-0507 at SUSECVE-2012-0507 at NVDCVE-2012-1531 at SUSECVE-2012-1531 at NVDCVE-2012-1532 at SUSECVE-2012-1532 at NVDCVE-2012-1533 at SUSECVE-2012-1533 at NVDCVE-2012-1541 at SUSECVE-2012-1541 at NVDCVE-2012-3143 at SUSECVE-2012-3143 at NVDCVE-2012-3159 at SUSECVE-2012-3159 at NVDCVE-2012-3213 at SUSECVE-2012-3213 at NVDCVE-2012-3216 at SUSECVE-2012-3216 at NVDCVE-2012-3342 at SUSECVE-2012-3342 at NVDCVE-2012-5068 at SUSECVE-2012-5068 at NVDCVE-2012-5069 at SUSECVE-2012-5069 at NVDCVE-2012-5071 at SUSECVE-2012-5071 at NVDCVE-2012-5072 at SUSECVE-2012-5072 at NVDCVE-2012-5073 at SUSECVE-2012-5073 at NVDCVE-2012-5075 at SUSECVE-2012-5075 at NVDCVE-2012-5079 at SUSECVE-2012-5079 at NVDCVE-2012-5081 at SUSECVE-2012-5081 at NVDCVE-2012-5083 at SUSECVE-2012-5083 at NVDCVE-2012-5084 at SUSECVE-2012-5084 at NVDCVE-2012-5089 at SUSECVE-2012-5089 at NVDCVE-2013-0169 at SUSECVE-2013-0169 at NVDCVE-2013-0351 at SUSECVE-2013-0351 at NVDCVE-2013-0401 at SUSECVE-2013-0401 at NVDCVE-2013-0409 at SUSECVE-2013-0409 at NVDCVE-2013-0419 at SUSECVE-2013-0419 at NVDCVE-2013-0423 at SUSECVE-2013-0423 at NVDCVE-2013-0424 at SUSECVE-2013-0424 at NVDCVE-2013-0425 at SUSECVE-2013-0425 at NVDCVE-2013-0426 at SUSECVE-2013-0426 at NVDCVE-2013-0427 at SUSECVE-2013-0427 at NVDCVE-2013-0428 at SUSECVE-2013-0428 at NVDCVE-2013-0432 at SUSECVE-2013-0432 at NVDCVE-2013-0433 at SUSECVE-2013-0433 at NVDCVE-2013-0434 at SUSECVE-2013-0434 at NVDCVE-2013-0435 at SUSECVE-2013-0435 at NVDCVE-2013-0438 at SUSECVE-2013-0438 at NVDCVE-2013-0440 at SUSECVE-2013-0440 at NVDCVE-2013-0441 at SUSECVE-2013-0441 at NVDCVE-2013-0442 at SUSECVE-2013-0442 at NVDCVE-2013-0443 at SUSECVE-2013-0443 at NVDCVE-2013-0445 at SUSECVE-2013-0445 at NVDCVE-2013-0446 at SUSECVE-2013-0446 at NVDCVE-2013-0450 at SUSECVE-2013-0450 at NVDCVE-2013-0485 at SUSECVE-2013-0485 at NVDCVE-2013-0809 at SUSECVE-2013-0809 at NVDCVE-2013-1473 at SUSECVE-2013-1473 at NVDCVE-2013-1476 at SUSECVE-2013-1476 at NVDCVE-2013-1478 at SUSECVE-2013-1478 at NVDCVE-2013-1480 at SUSECVE-2013-1480 at NVDCVE-2013-1481 at SUSECVE-2013-1481 at NVDCVE-2013-1486 at SUSECVE-2013-1486 at NVDCVE-2013-1487 at SUSECVE-2013-1487 at NVDCVE-2013-1491 at SUSECVE-2013-1491 at NVDCVE-2013-1493 at SUSECVE-2013-1493 at NVDCVE-2013-1500 at SUSECVE-2013-1500 at NVDCVE-2013-1537 at SUSECVE-2013-1537 at NVDCVE-2013-1540 at SUSECVE-2013-1540 at NVDCVE-2013-1557 at SUSECVE-2013-1557 at NVDCVE-2013-1563 at SUSECVE-2013-1563 at NVDCVE-2013-1569 at SUSECVE-2013-1569 at NVDCVE-2013-1571 at SUSECVE-2013-1571 at NVDCVE-2013-2383 at SUSECVE-2013-2383 at NVDCVE-2013-2384 at SUSECVE-2013-2384 at NVDCVE-2013-2394 at SUSECVE-2013-2394 at NVDCVE-2013-2407 at SUSECVE-2013-2407 at NVDCVE-2013-2412 at SUSECVE-2013-2412 at NVDCVE-2013-2417 at SUSECVE-2013-2417 at NVDCVE-2013-2418 at SUSECVE-2013-2418 at NVDCVE-2013-2419 at SUSECVE-2013-2419 at NVDCVE-2013-2420 at SUSECVE-2013-2420 at NVDCVE-2013-2422 at SUSECVE-2013-2422 at NVDCVE-2013-2424 at SUSECVE-2013-2424 at NVDCVE-2013-2429 at SUSECVE-2013-2429 at NVDCVE-2013-2430 at SUSECVE-2013-2430 at NVDCVE-2013-2432 at SUSECVE-2013-2432 at NVDCVE-2013-2433 at SUSECVE-2013-2433 at NVDCVE-2013-2435 at SUSECVE-2013-2435 at NVDCVE-2013-2437 at SUSECVE-2013-2437 at NVDCVE-2013-2440 at SUSECVE-2013-2440 at NVDCVE-2013-2442 at SUSECVE-2013-2442 at NVDCVE-2013-2443 at SUSECVE-2013-2443 at NVDCVE-2013-2444 at SUSECVE-2013-2444 at NVDCVE-2013-2446 at SUSECVE-2013-2446 at NVDCVE-2013-2447 at SUSECVE-2013-2447 at NVDCVE-2013-2448 at SUSECVE-2013-2448 at NVDCVE-2013-2450 at SUSECVE-2013-2450 at NVDCVE-2013-2451 at SUSECVE-2013-2451 at NVDCVE-2013-2452 at SUSECVE-2013-2452 at NVDCVE-2013-2453 at SUSECVE-2013-2453 at NVDCVE-2013-2454 at SUSECVE-2013-2454 at NVDCVE-2013-2455 at SUSECVE-2013-2455 at NVDCVE-2013-2456 at SUSECVE-2013-2456 at NVDCVE-2013-2457 at SUSECVE-2013-2457 at NVDCVE-2013-2459 at SUSECVE-2013-2459 at NVDCVE-2013-2463 at SUSECVE-2013-2463 at NVDCVE-2013-2464 at SUSECVE-2013-2464 at NVDCVE-2013-2465 at SUSECVE-2013-2465 at NVDCVE-2013-2466 at SUSECVE-2013-2466 at NVDCVE-2013-2468 at SUSECVE-2013-2468 at NVDCVE-2013-2469 at SUSECVE-2013-2469 at NVDCVE-2013-2470 at SUSECVE-2013-2470 at NVDCVE-2013-2471 at SUSECVE-2013-2471 at NVDCVE-2013-2472 at SUSECVE-2013-2472 at NVDCVE-2013-2473 at SUSECVE-2013-2473 at NVDCVE-2013-3009 at SUSECVE-2013-3009 at NVDCVE-2013-3011 at SUSECVE-2013-3011 at NVDCVE-2013-3012 at SUSECVE-2013-3012 at NVDCVE-2013-3743 at SUSECVE-2013-3743 at NVDCVE-2013-3829 at SUSECVE-2013-3829 at NVDCVE-2013-4002 at SUSECVE-2013-4002 at NVDCVE-2013-4041 at SUSECVE-2013-4041 at NVDCVE-2013-5372 at SUSECVE-2013-5372 at NVDCVE-2013-5375 at SUSECVE-2013-5375 at NVDCVE-2013-5456 at SUSECVE-2013-5456 at NVDCVE-2013-5457 at SUSECVE-2013-5457 at NVDCVE-2013-5458 at SUSECVE-2013-5458 at NVDCVE-2013-5772 at SUSECVE-2013-5772 at NVDCVE-2013-5774 at SUSECVE-2013-5774 at NVDCVE-2013-5776 at SUSECVE-2013-5776 at NVDCVE-2013-5778 at SUSECVE-2013-5778 at NVDCVE-2013-5780 at SUSECVE-2013-5780 at NVDCVE-2013-5782 at SUSECVE-2013-5782 at NVDCVE-2013-5783 at SUSECVE-2013-5783 at NVDCVE-2013-5784 at SUSECVE-2013-5784 at NVDCVE-2013-5787 at SUSECVE-2013-5787 at NVDCVE-2013-5788 at SUSECVE-2013-5788 at NVDCVE-2013-5789 at SUSECVE-2013-5789 at NVDCVE-2013-5790 at SUSECVE-2013-5790 at NVDCVE-2013-5797 at SUSECVE-2013-5797 at NVDCVE-2013-5800 at SUSECVE-2013-5800 at NVDCVE-2013-5801 at SUSECVE-2013-5801 at NVDCVE-2013-5802 at SUSECVE-2013-5802 at NVDCVE-2013-5803 at SUSECVE-2013-5803 at NVDCVE-2013-5804 at SUSECVE-2013-5804 at NVDCVE-2013-5809 at SUSECVE-2013-5809 at NVDCVE-2013-5812 at SUSECVE-2013-5812 at NVDCVE-2013-5814 at SUSECVE-2013-5814 at NVDCVE-2013-5817 at SUSECVE-2013-5817 at NVDCVE-2013-5818 at SUSECVE-2013-5818 at NVDCVE-2013-5819 at SUSECVE-2013-5819 at NVDCVE-2013-5820 at SUSECVE-2013-5820 at NVDCVE-2013-5823 at SUSECVE-2013-5823 at NVDCVE-2013-5824 at SUSECVE-2013-5824 at NVDCVE-2013-5825 at SUSECVE-2013-5825 at NVDCVE-2013-5829 at SUSECVE-2013-5829 at NVDCVE-2013-5830 at SUSECVE-2013-5830 at NVDCVE-2013-5831 at SUSECVE-2013-5831 at NVDCVE-2013-5832 at SUSECVE-2013-5832 at NVDCVE-2013-5838 at SUSECVE-2013-5838 at NVDCVE-2013-5840 at SUSECVE-2013-5840 at NVDCVE-2013-5842 at SUSECVE-2013-5842 at NVDCVE-2013-5843 at SUSECVE-2013-5843 at NVDCVE-2013-5848 at SUSECVE-2013-5848 at NVDCVE-2013-5849 at SUSECVE-2013-5849 at NVDCVE-2013-5850 at SUSECVE-2013-5850 at NVDCVE-2013-5851 at SUSECVE-2013-5851 at NVDCVE-2013-5878 at SUSECVE-2013-5878 at NVDCVE-2013-5884 at SUSECVE-2013-5884 at NVDCVE-2013-5887 at SUSECVE-2013-5887 at NVDCVE-2013-5888 at SUSECVE-2013-5888 at NVDCVE-2013-5889 at SUSECVE-2013-5889 at NVDCVE-2013-5896 at SUSECVE-2013-5896 at NVDCVE-2013-5898 at SUSECVE-2013-5898 at NVDCVE-2013-5899 at SUSECVE-2013-5899 at NVDCVE-2013-5907 at SUSECVE-2013-5907 at NVDCVE-2013-5910 at SUSECVE-2013-5910 at NVDCVE-2013-6629 at SUSECVE-2013-6629 at NVDCVE-2013-6954 at SUSECVE-2013-6954 at NVDCVE-2014-0368 at SUSECVE-2014-0368 at NVDCVE-2014-0373 at SUSECVE-2014-0373 at NVDCVE-2014-0375 at SUSECVE-2014-0375 at NVDCVE-2014-0376 at SUSECVE-2014-0376 at NVDCVE-2014-0387 at SUSECVE-2014-0387 at NVDCVE-2014-0403 at SUSECVE-2014-0403 at NVDCVE-2014-0410 at SUSECVE-2014-0410 at NVDCVE-2014-0411 at SUSECVE-2014-0411 at NVDCVE-2014-0415 at SUSECVE-2014-0415 at NVDCVE-2014-0416 at SUSECVE-2014-0416 at NVDCVE-2014-0417 at SUSECVE-2014-0417 at NVDCVE-2014-0422 at SUSECVE-2014-0422 at NVDCVE-2014-0423 at SUSECVE-2014-0423 at NVDCVE-2014-0424 at SUSECVE-2014-0424 at NVDCVE-2014-0428 at SUSECVE-2014-0428 at NVDCVE-2014-0429 at SUSECVE-2014-0429 at NVDCVE-2014-0446 at SUSECVE-2014-0446 at NVDCVE-2014-0449 at SUSECVE-2014-0449 at NVDCVE-2014-0451 at SUSECVE-2014-0451 at NVDCVE-2014-0452 at SUSECVE-2014-0452 at NVDCVE-2014-0453 at SUSECVE-2014-0453 at NVDCVE-2014-0457 at SUSECVE-2014-0457 at NVDCVE-2014-0458 at SUSECVE-2014-0458 at NVDCVE-2014-0459 at SUSECVE-2014-0459 at NVDCVE-2014-0460 at SUSECVE-2014-0460 at NVDCVE-2014-0461 at SUSECVE-2014-0461 at NVDCVE-2014-0878 at SUSECVE-2014-0878 at NVDCVE-2014-1876 at SUSECVE-2014-1876 at NVDCVE-2014-2398 at SUSECVE-2014-2398 at NVDCVE-2014-2401 at SUSECVE-2014-2401 at NVDCVE-2014-2409 at SUSECVE-2014-2409 at NVDCVE-2014-2412 at SUSECVE-2014-2412 at NVDCVE-2014-2414 at SUSECVE-2014-2414 at NVDCVE-2014-2420 at SUSECVE-2014-2420 at NVDCVE-2014-2421 at SUSECVE-2014-2421 at NVDCVE-2014-2423 at SUSECVE-2014-2423 at NVDCVE-2014-2427 at SUSECVE-2014-2427 at NVDCVE-2014-2428 at SUSECVE-2014-2428 at NVDCVE-2014-3065 at SUSECVE-2014-3065 at NVDCVE-2014-3566 at SUSECVE-2014-3566 at NVDCVE-2014-4209 at SUSECVE-2014-4209 at NVDCVE-2014-4218 at SUSECVE-2014-4218 at NVDCVE-2014-4219 at SUSECVE-2014-4219 at NVDCVE-2014-4227 at SUSECVE-2014-4227 at NVDCVE-2014-4244 at SUSECVE-2014-4244 at NVDCVE-2014-4252 at SUSECVE-2014-4252 at NVDCVE-2014-4262 at SUSECVE-2014-4262 at NVDCVE-2014-4263 at SUSECVE-2014-4263 at NVDCVE-2014-4265 at SUSECVE-2014-4265 at NVDCVE-2014-4268 at SUSECVE-2014-4268 at NVDCVE-2014-4288 at SUSECVE-2014-4288 at NVDCVE-2014-6456 at SUSECVE-2014-6456 at NVDCVE-2014-6457 at SUSECVE-2014-6457 at NVDCVE-2014-6458 at SUSECVE-2014-6458 at NVDCVE-2014-6466 at SUSECVE-2014-6466 at NVDCVE-2014-6476 at SUSECVE-2014-6476 at NVDCVE-2014-6492 at SUSECVE-2014-6492 at NVDCVE-2014-6493 at SUSECVE-2014-6493 at NVDCVE-2014-6502 at SUSECVE-2014-6502 at NVDCVE-2014-6503 at SUSECVE-2014-6503 at NVDCVE-2014-6506 at SUSECVE-2014-6506 at NVDCVE-2014-6511 at SUSECVE-2014-6511 at NVDCVE-2014-6512 at SUSECVE-2014-6512 at NVDCVE-2014-6513 at SUSECVE-2014-6513 at NVDCVE-2014-6515 at SUSECVE-2014-6515 at NVDCVE-2014-6527 at SUSECVE-2014-6527 at NVDCVE-2014-6531 at SUSECVE-2014-6531 at NVDCVE-2014-6532 at SUSECVE-2014-6532 at NVDCVE-2014-6558 at SUSECVE-2014-6558 at NVDCVE-2014-8891 at SUSECVE-2014-8891 at NVDCVE-2014-8892 at SUSECVE-2014-8892 at NVDCVE-2015-0138 at SUSECVE-2015-0138 at NVDCVE-2015-0192 at SUSECVE-2015-0192 at NVDCVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0458 at SUSECVE-2015-0458 at NVDCVE-2015-0459 at SUSECVE-2015-0459 at NVDCVE-2015-0469 at SUSECVE-2015-0469 at NVDCVE-2015-0477 at SUSECVE-2015-0477 at NVDCVE-2015-0478 at SUSECVE-2015-0478 at NVDCVE-2015-0480 at SUSECVE-2015-0480 at NVDCVE-2015-0488 at SUSECVE-2015-0488 at NVDCVE-2015-0491 at SUSECVE-2015-0491 at NVDCVE-2015-1914 at SUSECVE-2015-1914 at NVDCVE-2015-2808 at SUSECVE-2015-2808 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
IBM Java was updated to version 6 SR16 FP7 (6.0-16.7) to fix several security issues and bugs.
The following vulnerabilities were fixed:
* CVE-2015-1931: IBM Java Security Components store plain text data in memory dumps, which could allow a local attacker to obtain information to aid in further attacks against the system.
* CVE-2015-2590: Easily exploitable vulnerability in the Libraries component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-2601: Easily exploitable vulnerability in the JCE component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2621: Easily exploitable vulnerability in the JMX component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2625: Very difficult to exploit vulnerability in the JSSE component allowed successful unauthenticated network attacks via SSL/TLS. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2632: Easily exploitable vulnerability in the 2D component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2637: Easily exploitable vulnerability in the 2D component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2638: Easily exploitable vulnerability in the 2D component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-2664: Difficult to exploit vulnerability in the Deployment component requiring logon to Operating System. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-2808: Very difficult to exploit vulnerability in the JSSE component allowed successful unauthenticated network attacks via SSL/TLS. Successful attack of this vulnerability could have resulted in unauthorized update, insert or delete access to some Java accessible data as well as read access to a subset of Java accessible data.
* CVE-2015-4000: Very difficult to exploit vulnerability in the JSSE component allowed successful unauthenticated network attacks via SSL/TLS. Successful attack of this vulnerability could have resulted in unauthorized update, insert or delete access to some Java accessible data as well as read access to a subset of Java Embedded accessible data. (bnc#935540)
* CVE-2015-4731: Easily exploitable vulnerability in the JMX component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-4732: Easily exploitable vulnerability in the Libraries component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-4733: Easily exploitable vulnerability in the RMI component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-4748: Very difficult to exploit vulnerability in the Security component allowed successful unauthenticated network attacks via OCSP. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-4749: Difficult to exploit vulnerability in the JNDI component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized ability to cause a partial denial of service (partial DOS).
* CVE-2015-4760: Easily exploitable vulnerability in the 2D component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
The following non-security bugs were fixed:
* bsc#936844: misconfigured update-alternative entries
* bsc#941939: provide %{name} instead of %{sdklnk} only in _jvmprivdir
ImportantSUSE bug 935540SUSE bug 936844SUSE bug 938895SUSE bug 941939CVE-2015-1931 at SUSECVE-2015-1931 at NVDCVE-2015-2590 at SUSECVE-2015-2590 at NVDCVE-2015-2601 at SUSECVE-2015-2601 at NVDCVE-2015-2621 at SUSECVE-2015-2621 at NVDCVE-2015-2625 at SUSECVE-2015-2625 at NVDCVE-2015-2632 at SUSECVE-2015-2632 at NVDCVE-2015-2637 at SUSECVE-2015-2637 at NVDCVE-2015-2638 at SUSECVE-2015-2638 at NVDCVE-2015-2664 at SUSECVE-2015-2664 at NVDCVE-2015-2808 at SUSECVE-2015-2808 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDCVE-2015-4731 at SUSECVE-2015-4731 at NVDCVE-2015-4732 at SUSECVE-2015-4732 at NVDCVE-2015-4733 at SUSECVE-2015-4733 at NVDCVE-2015-4748 at SUSECVE-2015-4748 at NVDCVE-2015-4749 at SUSECVE-2015-4749 at NVDCVE-2015-4760 at SUSECVE-2015-4760 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for java-1_6_0-ibm fixes the following issues by updating to 6.0-16.20 (bsc#963937)
- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances
- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials
- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information
- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact
- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information
- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service
- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact
- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact
The following bugs were fixed:
- bsc#960402: resolve package conflicts in devel package
- bsc#960286: resolve package conflicts in the fonts subpackage
ImportantSUSE bug 960286SUSE bug 960402SUSE bug 963937CVE-2015-5041 at SUSECVE-2015-5041 at NVDCVE-2015-7575 at SUSECVE-2015-7575 at NVDCVE-2015-7981 at SUSECVE-2015-7981 at NVDCVE-2015-8126 at SUSECVE-2015-8126 at NVDCVE-2015-8472 at SUSECVE-2015-8472 at NVDCVE-2015-8540 at SUSECVE-2015-8540 at NVDCVE-2016-0402 at SUSECVE-2016-0402 at NVDCVE-2016-0448 at SUSECVE-2016-0448 at NVDCVE-2016-0466 at SUSECVE-2016-0466 at NVDCVE-2016-0483 at SUSECVE-2016-0483 at NVDCVE-2016-0494 at SUSECVE-2016-0494 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This IBM Java 1.6.0 SR16 FP25 release fixes the following issues:
Security issues fixed:
- CVE-2016-0264: buffer overflow vulnerability in the IBM JVM (bsc#977648)
- CVE-2016-0363: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix (bsc#977650)
- CVE-2016-0376: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix (bsc#977646)
- The following CVEs got also fixed during this update. (bsc#979252)
CVE-2016-3443, CVE-2016-0687, CVE-2016-0686, CVE-2016-3427, CVE-2016-3449, CVE-2016-3422, CVE-2016-3426
ImportantSUSE bug 977646SUSE bug 977648SUSE bug 977650SUSE bug 979252CVE-2016-0264 at SUSECVE-2016-0264 at NVDCVE-2016-0363 at SUSECVE-2016-0363 at NVDCVE-2016-0376 at SUSECVE-2016-0376 at NVDCVE-2016-0686 at SUSECVE-2016-0686 at NVDCVE-2016-0687 at SUSECVE-2016-0687 at NVDCVE-2016-3422 at SUSECVE-2016-3422 at NVDCVE-2016-3426 at SUSECVE-2016-3426 at NVDCVE-2016-3427 at SUSECVE-2016-3427 at NVDCVE-2016-3443 at SUSECVE-2016-3443 at NVDCVE-2016-3449 at SUSECVE-2016-3449 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
IBM Java 6 was updated to version 6.0-16.30.
Following security issue was fixed: CVE-2016-3485
Please see https://www.ibm.com/developerworks/java/jdk/alerts/ for more information.
ImportantSUSE bug 992537CVE-2016-3485 at SUSECVE-2016-3485 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for java-1_6_0-ibm fixes the following issues:
- Version update to 6.0-16.35 (bsc#1009280) fixing the following CVE's:
CVE-2016-5568, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597, CVE-2016-5554,
CVE-2016-5542
ImportantSUSE bug 1009280CVE-2016-5542 at SUSECVE-2016-5542 at NVDCVE-2016-5554 at SUSECVE-2016-5554 at NVDCVE-2016-5556 at SUSECVE-2016-5556 at NVDCVE-2016-5568 at SUSECVE-2016-5568 at NVDCVE-2016-5573 at SUSECVE-2016-5573 at NVDCVE-2016-5597 at SUSECVE-2016-5597 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for java-1_6_0-ibm (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for java-1_6_0-ibm to 8.0-4.1 fixes the following issues:
Security issue fixed:
- CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and
other protocols and products, have a birthday bound of approximately four billion blocks, which
makes it easier for remote attackers to obtain cleartext data via a birthday attack against a
long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode,
aka a 'Sweet32' attack. (bsc#1027038)
ModerateSUSE bug 1027038CVE-2016-2183 at SUSECVE-2016-2183 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for java-1_6_0-ibm fixes the following issues:
- CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c
- CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c
- CVE-2016-9842: zlib: Undefined left shift of negative number
- CVE-2016-9843: zlib: Big-endian out-of-bounds pointer
- CVE-2017-1289: IBM JDK: XML External Entity Injection (XXE) error when processing XML data
- CVE-2017-3509: OpenJDK: improper re-use of NTLM authenticated connections
- CVE-2017-3539: OpenJDK: MD5 allowed for jar verification
- CVE-2017-3533: OpenJDK: newline injection in the FTP client
- CVE-2017-3544: OpenJDK: newline injection in the SMTP client
- Version update to 6.0-16.40 bsc#1027038 CVE-2016-2183 ImportantSUSE bug 1027038SUSE bug 1038505CVE-2016-2183 at SUSECVE-2016-2183 at NVDCVE-2016-9840 at SUSECVE-2016-9840 at NVDCVE-2016-9841 at SUSECVE-2016-9841 at NVDCVE-2016-9842 at SUSECVE-2016-9842 at NVDCVE-2016-9843 at SUSECVE-2016-9843 at NVDCVE-2017-1289 at SUSECVE-2017-1289 at NVDCVE-2017-3509 at SUSECVE-2017-3509 at NVDCVE-2017-3514 at SUSECVE-2017-3514 at NVDCVE-2017-3533 at SUSECVE-2017-3533 at NVDCVE-2017-3539 at SUSECVE-2017-3539 at NVDCVE-2017-3544 at SUSECVE-2017-3544 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for java-1_6_0-ibm fixes the following issues:
Security issues fixed:
- Security update to version 6.0.16.50 (bsc#1070162)
* CVE-2017-10346 CVE-2017-10285 CVE-2017-10388 CVE-2017-10356
CVE-2017-10293 CVE-2016-9841 CVE-2017-10355 CVE-2017-10357
CVE-2017-10348 CVE-2017-10349 CVE-2017-10347 CVE-2017-10350
CVE-2017-10281 CVE-2017-10295 CVE-2017-10345
ImportantSUSE bug 1070162CVE-2016-9841 at SUSECVE-2016-9841 at NVDCVE-2017-10281 at SUSECVE-2017-10281 at NVDCVE-2017-10285 at SUSECVE-2017-10285 at NVDCVE-2017-10293 at SUSECVE-2017-10293 at NVDCVE-2017-10295 at SUSECVE-2017-10295 at NVDCVE-2017-10345 at SUSECVE-2017-10345 at NVDCVE-2017-10346 at SUSECVE-2017-10346 at NVDCVE-2017-10347 at SUSECVE-2017-10347 at NVDCVE-2017-10348 at SUSECVE-2017-10348 at NVDCVE-2017-10349 at SUSECVE-2017-10349 at NVDCVE-2017-10350 at SUSECVE-2017-10350 at NVDCVE-2017-10355 at SUSECVE-2017-10355 at NVDCVE-2017-10356 at SUSECVE-2017-10356 at NVDCVE-2017-10357 at SUSECVE-2017-10357 at NVDCVE-2017-10388 at SUSECVE-2017-10388 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for java-1_6_0-ibm fixes the following issues:
- Version update to 6.0-16.15 bsc#955131:
CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810
CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844
CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883
CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006
CVE-2015-2808 CVE-2015-2625 CVE-2015-0491 CVE-2015-0459 CVE-2015-0469
CVE-2015-0458 CVE-2015-0480 CVE-2015-0488 CVE-2015-0478 CVE-2015-0477
CVE-2015-0204 ImportantSUSE bug 955131CVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0458 at SUSECVE-2015-0458 at NVDCVE-2015-0459 at SUSECVE-2015-0459 at NVDCVE-2015-0469 at SUSECVE-2015-0469 at NVDCVE-2015-0477 at SUSECVE-2015-0477 at NVDCVE-2015-0478 at SUSECVE-2015-0478 at NVDCVE-2015-0480 at SUSECVE-2015-0480 at NVDCVE-2015-0488 at SUSECVE-2015-0488 at NVDCVE-2015-0491 at SUSECVE-2015-0491 at NVDCVE-2015-2625 at SUSECVE-2015-2625 at NVDCVE-2015-2808 at SUSECVE-2015-2808 at NVDCVE-2015-4734 at SUSECVE-2015-4734 at NVDCVE-2015-4803 at SUSECVE-2015-4803 at NVDCVE-2015-4805 at SUSECVE-2015-4805 at NVDCVE-2015-4806 at SUSECVE-2015-4806 at NVDCVE-2015-4810 at SUSECVE-2015-4810 at NVDCVE-2015-4835 at SUSECVE-2015-4835 at NVDCVE-2015-4840 at SUSECVE-2015-4840 at NVDCVE-2015-4842 at SUSECVE-2015-4842 at NVDCVE-2015-4843 at SUSECVE-2015-4843 at NVDCVE-2015-4844 at SUSECVE-2015-4844 at NVDCVE-2015-4860 at SUSECVE-2015-4860 at NVDCVE-2015-4871 at SUSECVE-2015-4871 at NVDCVE-2015-4872 at SUSECVE-2015-4872 at NVDCVE-2015-4882 at SUSECVE-2015-4882 at NVDCVE-2015-4883 at SUSECVE-2015-4883 at NVDCVE-2015-4893 at SUSECVE-2015-4893 at NVDCVE-2015-4902 at SUSECVE-2015-4902 at NVDCVE-2015-4903 at SUSECVE-2015-4903 at NVDCVE-2015-4911 at SUSECVE-2015-4911 at NVDCVE-2015-5006 at SUSECVE-2015-5006 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libjpegSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update to libjpeg fixes a heap overflow in the JPEG decompression
functions. (CVE-2012-2806
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2806> )
SUSE bug 771791CVE-2012-2806 at SUSECVE-2012-2806 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for jpeg (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for jpeg fixes the following issues:
* CVE-2017-15232: NULL pointer dereferences in jdpostct.c and jquant1.c could
lead to denial of service (crash) when processing images [bsc#1062937]
* CVE-2018-11813: Fixed the end-of-file mishandling in read_pixel in rdtarga.c,
which allowed remote attackers to cause a denial-of-service via crafted JPG
files due to a large loop [bsc#1096209]
* CVE-2018-1152: Fixed a denial of service in start_input_bmp() rdbmp.c caused
by a divide by zero when processing a crafted BMP image [bsc#1098155]
ModerateSUSE bug 1062937SUSE bug 1096209SUSE bug 1098155CVE-2017-15232 at SUSECVE-2017-15232 at NVDCVE-2018-1152 at SUSECVE-2018-1152 at NVDCVE-2018-11813 at SUSECVE-2018-11813 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for jpeg (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for jpeg fixes the following issue:
Security issue fixed:
- CVE-2018-14498: Fixed a heap-based buffer over read in get_8bit_row function
which could allow to an attacker to cause denial of service (bsc#1128712).
- CVE-2018-11212: Fixed divide by zero in alloc_sarray function in jmemmgr.c (bsc#1122299).
- CVE-2018-14498: Fixed denial of service in get_8bit_row in rdbmp.c (bsc#1128712).
LowSUSE bug 1122299SUSE bug 1128712CVE-2018-11212 at SUSECVE-2018-11212 at NVDCVE-2018-14498 at SUSECVE-2018-14498 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for jpeg (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for jpeg fixes the following issues:
- CVE-2020-14152: Fixed an improper implementation which vould have potentially exhausted the memory (bsc#1172995).
- CVE-2020-13790: Fixed a heap-based buffer over-read via a malformed PPM input file (bsc#1172491).
ModerateSUSE bug 1172491SUSE bug 1172995CVE-2020-13790 at SUSECVE-2020-13790 at NVDCVE-2020-14152 at SUSECVE-2020-14152 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for kbdSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update avoids that /etc/init.d/kbd stop accesses the system more than
necessary to allow shut down to succeed even if filesystem mounts are
hanging (bnc#463801).
SUSE bug 463801SUSE bug 603950SUSE bug 663898CVE-2011-0460 at SUSECVE-2011-0460 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for kdebase4-workspaceSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This kdebase4-workspace update fixes two security issues:
* NULL pointer dereference in KDM and KCheckPass. (CVE-2013-4132)
* Memory leak that could lead to a denial of service. (CVE-2013-4133)
Security Issues references:
* CVE-2013-4132
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4132>
* CVE-2013-4133
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4133>
SUSE bug 829857CVE-2013-4132 at SUSECVE-2013-4132 at NVDCVE-2013-4133 at SUSECVE-2013-4133 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for kdenetworkSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of kdenetwork fixes several bugs, the security related issues
are:
* CVE-2010-1000: CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N):
CWE-22
The 'name' attribute of the 'file' element of metalink files is not
properly sanitised this can be exploited to download files to arbitrary
directories.
Non-security issues:
* bnc#653852: kopete: ICQ login broken; login server changed
Security Issue references:
* CVE-2008-4776
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4776>
* CVE-2010-1000
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1000>
SUSE bug 604709SUSE bug 653852CVE-2008-4776 at SUSECVE-2008-4776 at NVDCVE-2010-1000 at SUSECVE-2010-1000 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for kdebase4-runtimeSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
kdebase4-runtime has been updated to fix one security issue:
* CVE-2013-7252: Added gpg based encryption support to kwallet
(bnc#857200).
Security Issues:
* CVE-2013-7252
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7252>
SUSE bug 857200CVE-2013-7252 at SUSECVE-2013-7252 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for kdebase4-workspace (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for kdebase4-workspace fixes the following issues:
- CVE-2014-8651: Privilege escalation via KDE Clock KCM helper when non-default polkit settings are used (bsc#904625)
The following non-security bugs were fixed:
- bsc#929718: Make kdm recognize an IPv6 localhost address as localhost
ModerateSUSE bug 904625SUSE bug 929718CVE-2014-8651 at SUSECVE-2014-8651 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for kdelibs3 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for kdelibs3 fixes the following issues:
- CVE-2015-7543: Insecure creation of temporary directories allowed local users
to hijack the IPC by pre-creating the temporary directory (bsc#958347).
ModerateSUSE bug 958347CVE-2015-7543 at SUSECVE-2015-7543 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for kdelibs4SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This kdelibs4 update fixes several security issues related to
khtml/konqueror.
* Fix security issues and null pointer references in khtml/konqueror
(bnc#787520) (CVE-2012-4512, CVE-2012-4513, CVE-2012-4515)
Security Issue references:
* CVE-2012-4512
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4512>
* CVE-2012-4513
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4513>
* CVE-2012-4515
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4515>
SUSE bug 622304SUSE bug 669222SUSE bug 686652SUSE bug 787520CVE-2011-1094 at SUSECVE-2011-1094 at NVDCVE-2011-1168 at SUSECVE-2011-1168 at NVDCVE-2012-4512 at SUSECVE-2012-4512 at NVDCVE-2012-4513 at SUSECVE-2012-4513 at NVDCVE-2012-4515 at SUSECVE-2012-4515 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for kdirstatSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The following security issue has been fixed:
* #868682: CVE-2014-2527 CVE-2014-2528: kdirstat: command injection in
kcleanup
Security Issues:
* CVE-2014-2527
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2527>
* CVE-2014-2528
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2528>
SUSE bug 868682CVE-2014-2527 at SUSECVE-2014-2527 at NVDCVE-2014-2528 at SUSECVE-2014-2528 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for kdumpSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for Kdump provides the following fixes and enhancements:
* Add a new configuration option to set the number of CPUs that will be
available in the Kdump environment. On SMP systems, makedumpfile will
then enable the split mode to dump data to multiple DUMPFILEs in
parallel. (bnc#783592)
* Close a race condition between creating the kdump initrd and
restricting its file permissions to avoid leaking sensitive
information, such as private keys or passwords needed to save a dump
to a remote system. (bnc#742884)
* Do not set up iommu pass-through for the kdump kernel. (bnc#804800)
SUSE bug 609143SUSE bug 655743SUSE bug 667142SUSE bug 699659SUSE bug 706059SUSE bug 706936SUSE bug 717263SUSE bug 718684SUSE bug 722440SUSE bug 732768SUSE bug 742884SUSE bug 765175SUSE bug 783592SUSE bug 804800CVE-2011-4190 at SUSECVE-2011-4190 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for KernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs
and security issues.
Following security issues were fixed:
CVE-2011-1083: Limit the path length users can build using epoll() to avoid
local attackers consuming lots of kernel CPU time.
CVE-2011-4086: Fixed a oops in jbd/jbd2 that could be caused by specific
filesystem access patterns.
CVE-2011-4622: KVM: Prevent starting PIT timers in the absence of irqchip
support.
CVE-2012-0045: KVM: Extend 'struct x86_emulate_ops' with 'get_cpuid' and
fix missing checks in syscall emulation.
CVE-2012-0879: Fix io_context leak after clone with CLONE_IO.
CVE-2012-1090: Fixed a dentry refcount leak in the CIFS file system that
could lead to a crash on unmount.
CVE-2012-1097: The regset common infrastructure assumed that regsets would
always have .get and .set methods, but necessarily .active methods.
Unfortunately people have since written regsets without .set method, so
NULL pointer dereference attacks were possible.
Following non-security issues were fixed:
* SCSI inquiry doesn't return data on SLES 11-SP1 Xen VMs (bnc#745929).
* FC transport driver killing off the timers/work queues (bnc#734300).
* The driver ixgbevf doesn't work on newer SLES 11-SP1 kernels
(bnc#752972).
* Pack sparsemem memmap sections closer together and in higher zones
(bnc#743870).
Following feature was implemented:
* The megaraid_sas driver update to version 5.40-LSI (bnc#736813).
Security Issues:
* CVE-2011-1083
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1083>
* CVE-2011-4086
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4086>
* CVE-2011-4622
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4622>
* CVE-2012-0045
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0045>
* CVE-2012-0879
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0879>
* CVE-2012-1090
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1090>
* CVE-2012-1097
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1097>
SUSE bug 466279SUSE bug 468397SUSE bug 501563SUSE bug 529535SUSE bug 552250SUSE bug 557710SUSE bug 558740SUSE bug 564324SUSE bug 564423SUSE bug 566768SUSE bug 573330SUSE bug 574006SUSE bug 577967SUSE bug 578572SUSE bug 580373SUSE bug 582730SUSE bug 584493SUSE bug 585385SUSE bug 588929SUSE bug 594362SUSE bug 595215SUSE bug 596113SUSE bug 596646SUSE bug 598308SUSE bug 598493SUSE bug 598677SUSE bug 599508SUSE bug 599671SUSE bug 600043SUSE bug 600256SUSE bug 600375SUSE bug 600579SUSE bug 601520SUSE bug 602150SUSE bug 602232SUSE bug 602838SUSE bug 602969SUSE bug 603387SUSE bug 603411SUSE bug 603464SUSE bug 603510SUSE bug 603528SUSE bug 603738SUSE bug 605001SUSE bug 605321SUSE bug 605947SUSE bug 606575SUSE bug 606743SUSE bug 606778SUSE bug 606797SUSE bug 607123SUSE bug 607448SUSE bug 607628SUSE bug 607890SUSE bug 608435SUSE bug 608478SUSE bug 608576SUSE bug 609172SUSE bug 609196SUSE bug 609281SUSE bug 609506SUSE bug 610362SUSE bug 610598SUSE bug 610783SUSE bug 610828SUSE bug 611094SUSE bug 611104SUSE bug 611760SUSE bug 612009SUSE bug 612457SUSE bug 612729SUSE bug 613171SUSE bug 613273SUSE bug 613330SUSE bug 613542SUSE bug 613906SUSE bug 614226SUSE bug 614332SUSE bug 614793SUSE bug 615003SUSE bug 615557SUSE bug 615630SUSE bug 616080SUSE bug 616088SUSE bug 616369SUSE bug 616464SUSE bug 616612SUSE bug 617248SUSE bug 617464SUSE bug 618059SUSE bug 618072SUSE bug 618157SUSE bug 618379SUSE bug 618424SUSE bug 618444SUSE bug 618767SUSE bug 619002SUSE bug 619007SUSE bug 619416SUSE bug 619525SUSE bug 619536SUSE bug 619840SUSE bug 620020SUSE bug 620021SUSE bug 620372SUSE bug 620443SUSE bug 620654SUSE bug 620904SUSE bug 620929SUSE bug 621111SUSE bug 621598SUSE bug 621715SUSE bug 622597SUSE bug 622635SUSE bug 622727SUSE bug 622868SUSE bug 623307SUSE bug 623393SUSE bug 623472SUSE bug 624020SUSE bug 624340SUSE bug 624436SUSE bug 624587SUSE bug 624606SUSE bug 624814SUSE bug 624850SUSE bug 625167SUSE bug 625666SUSE bug 625674SUSE bug 625965SUSE bug 626119SUSE bug 626321SUSE bug 626880SUSE bug 627060SUSE bug 627386SUSE bug 627447SUSE bug 627518SUSE bug 628180SUSE bug 628604SUSE bug 629170SUSE bug 629263SUSE bug 629552SUSE bug 629901SUSE bug 629908SUSE bug 630068SUSE bug 630121SUSE bug 630132SUSE bug 630970SUSE bug 631075SUSE bug 631801SUSE bug 632309SUSE bug 632317SUSE bug 632568SUSE bug 632974SUSE bug 632975SUSE bug 633026SUSE bug 633268SUSE bug 633543SUSE bug 633581SUSE bug 633585SUSE bug 633593SUSE bug 633733SUSE bug 634637SUSE bug 635413SUSE bug 635425SUSE bug 635515SUSE bug 636112SUSE bug 636435SUSE bug 636461SUSE bug 636561SUSE bug 636672SUSE bug 636850SUSE bug 637377SUSE bug 637436SUSE bug 637502SUSE bug 637542SUSE bug 637639SUSE bug 637944SUSE bug 638258SUSE bug 638274SUSE bug 638277SUSE bug 638400SUSE bug 638613SUSE bug 638618SUSE bug 638807SUSE bug 638860SUSE bug 638985SUSE bug 639161SUSE bug 639197SUSE bug 639261SUSE bug 639481SUSE bug 639482SUSE bug 639483SUSE bug 639708SUSE bug 639709SUSE bug 639728SUSE bug 639803SUSE bug 639944SUSE bug 640276SUSE bug 640278SUSE bug 640721SUSE bug 640850SUSE bug 640878SUSE bug 641105SUSE bug 641247SUSE bug 641811SUSE bug 642009SUSE bug 642043SUSE bug 642309SUSE bug 642313SUSE bug 642314SUSE bug 642449SUSE bug 642486SUSE bug 643173SUSE bug 643249SUSE bug 643266SUSE bug 643477SUSE bug 643513SUSE bug 643909SUSE bug 643914SUSE bug 643922SUSE bug 644219SUSE bug 644350SUSE bug 644373SUSE bug 644630SUSE bug 645659SUSE bug 646045SUSE bug 646226SUSE bug 646542SUSE bug 646702SUSE bug 646908SUSE bug 647392SUSE bug 647497SUSE bug 647567SUSE bug 647775SUSE bug 648112SUSE bug 648308SUSE bug 648647SUSE bug 648701SUSE bug 648916SUSE bug 649000SUSE bug 649187SUSE bug 649231SUSE bug 649257SUSE bug 649473SUSE bug 649548SUSE bug 649820SUSE bug 650067SUSE bug 650109SUSE bug 650111SUSE bug 650113SUSE bug 650116SUSE bug 650128SUSE bug 650185SUSE bug 650366SUSE bug 650487SUSE bug 650545SUSE bug 650748SUSE bug 651066SUSE bug 651152SUSE bug 651218SUSE bug 651219SUSE bug 651596SUSE bug 651599SUSE bug 652024SUSE bug 652293SUSE bug 652391SUSE bug 652563SUSE bug 652603SUSE bug 652842SUSE bug 652939SUSE bug 652940SUSE bug 652945SUSE bug 653148SUSE bug 653258SUSE bug 653260SUSE bug 653266SUSE bug 653800SUSE bug 653850SUSE bug 653930SUSE bug 654150SUSE bug 654169SUSE bug 654501SUSE bug 654530SUSE bug 654581SUSE bug 654701SUSE bug 654837SUSE bug 654967SUSE bug 655027SUSE bug 655220SUSE bug 655278SUSE bug 655964SUSE bug 655973SUSE bug 656219SUSE bug 656471SUSE bug 656587SUSE bug 657248SUSE bug 657324SUSE bug 657350SUSE bug 657412SUSE bug 657415SUSE bug 657763SUSE bug 657976SUSE bug 658037SUSE bug 658254SUSE bug 658337SUSE bug 658353SUSE bug 658413SUSE bug 658461SUSE bug 658464SUSE bug 658551SUSE bug 658720SUSE bug 658829SUSE bug 659101SUSE bug 659144SUSE bug 659394SUSE bug 659419SUSE bug 660507SUSE bug 660546SUSE bug 661605SUSE bug 661945SUSE bug 662031SUSE bug 662192SUSE bug 662202SUSE bug 662212SUSE bug 662335SUSE bug 662340SUSE bug 662360SUSE bug 662432SUSE bug 662673SUSE bug 662722SUSE bug 662800SUSE bug 662931SUSE bug 662945SUSE bug 663313SUSE bug 663513SUSE bug 663516SUSE bug 663537SUSE bug 663582SUSE bug 663706SUSE bug 664149SUSE bug 664463SUSE bug 665480SUSE bug 665499SUSE bug 665524SUSE bug 665663SUSE bug 666012SUSE bug 666423SUSE bug 666836SUSE bug 666842SUSE bug 666893SUSE bug 667226SUSE bug 667766SUSE bug 668101SUSE bug 668483SUSE bug 668545SUSE bug 668633SUSE bug 668872SUSE bug 668895SUSE bug 668896SUSE bug 668898SUSE bug 668927SUSE bug 668929SUSE bug 669058SUSE bug 669571SUSE bug 669889SUSE bug 670129SUSE bug 670154SUSE bug 670465SUSE bug 670577SUSE bug 670615SUSE bug 670816SUSE bug 670864SUSE bug 670868SUSE bug 670979SUSE bug 671256SUSE bug 671274SUSE bug 671296SUSE bug 671479SUSE bug 671483SUSE bug 671943SUSE bug 672292SUSE bug 672453SUSE bug 672492SUSE bug 672499SUSE bug 672505SUSE bug 672524SUSE bug 673516SUSE bug 673934SUSE bug 674549SUSE bug 674648SUSE bug 674691SUSE bug 674693SUSE bug 674735SUSE bug 674982SUSE bug 675115SUSE bug 675127SUSE bug 675963SUSE bug 676202SUSE bug 676204SUSE bug 676419SUSE bug 676601SUSE bug 676602SUSE bug 677286SUSE bug 677391SUSE bug 677398SUSE bug 677443SUSE bug 677563SUSE bug 677676SUSE bug 677783SUSE bug 678466SUSE bug 678728SUSE bug 679545SUSE bug 679588SUSE bug 679812SUSE bug 680040SUSE bug 680845SUSE bug 681175SUSE bug 681180SUSE bug 681181SUSE bug 681182SUSE bug 681185SUSE bug 681186SUSE bug 681497SUSE bug 681639SUSE bug 681826SUSE bug 68199SUSE bug 682076SUSE bug 682251SUSE bug 682319SUSE bug 682333SUSE bug 682482SUSE bug 682567SUSE bug 682940SUSE bug 682941SUSE bug 682965SUSE bug 683107SUSE bug 683282SUSE bug 683569SUSE bug 684085SUSE bug 684248SUSE bug 684297SUSE bug 684472SUSE bug 684852SUSE bug 684927SUSE bug 685226SUSE bug 685276SUSE bug 686325SUSE bug 686404SUSE bug 686412SUSE bug 686813SUSE bug 686921SUSE bug 686980SUSE bug 687049SUSE bug 687113SUSE bug 687478SUSE bug 687759SUSE bug 687760SUSE bug 687789SUSE bug 688326SUSE bug 688432SUSE bug 688685SUSE bug 688996SUSE bug 689041SUSE bug 689290SUSE bug 689596SUSE bug 689746SUSE bug 689797SUSE bug 690683SUSE bug 691216SUSE bug 691269SUSE bug 691408SUSE bug 691440SUSE bug 691536SUSE bug 691538SUSE bug 691632SUSE bug 691633SUSE bug 691693SUSE bug 691829SUSE bug 692343SUSE bug 692454SUSE bug 692459SUSE bug 692460SUSE bug 692502SUSE bug 693013SUSE bug 693149SUSE bug 693374SUSE bug 693382SUSE bug 693636SUSE bug 694863SUSE bug 694945SUSE bug 695898SUSE bug 696107SUSE bug 696586SUSE bug 697181SUSE bug 697901SUSE bug 697920SUSE bug 698221SUSE bug 698247SUSE bug 698450SUSE bug 698604SUSE bug 699709SUSE bug 699946SUSE bug 700401SUSE bug 700879SUSE bug 701170SUSE bug 701183SUSE bug 701622SUSE bug 701977SUSE bug 702013SUSE bug 702285SUSE bug 703013SUSE bug 703156SUSE bug 703410SUSE bug 703490SUSE bug 703786SUSE bug 706374SUSE bug 706973SUSE bug 707288SUSE bug 708625SUSE bug 709671SUSE bug 711378SUSE bug 711501SUSE bug 711539SUSE bug 712002SUSE bug 712404SUSE bug 712405SUSE bug 713229SUSE bug 713650SUSE bug 714744SUSE bug 714906SUSE bug 715250SUSE bug 716023SUSE bug 717263SUSE bug 717690SUSE bug 717884SUSE bug 719450SUSE bug 719786SUSE bug 719916SUSE bug 720536SUSE bug 721299SUSE bug 721337SUSE bug 721464SUSE bug 721830SUSE bug 721840SUSE bug 722429SUSE bug 722504SUSE bug 722910SUSE bug 723542SUSE bug 723815SUSE bug 724365SUSE bug 724734SUSE bug 724800SUSE bug 724989SUSE bug 725453SUSE bug 725502SUSE bug 725709SUSE bug 725878SUSE bug 726600SUSE bug 726788SUSE bug 728339SUSE bug 728626SUSE bug 729111SUSE bug 729721SUSE bug 729854SUSE bug 730118SUSE bug 731004SUSE bug 731035SUSE bug 731229SUSE bug 731673SUSE bug 731770SUSE bug 731981SUSE bug 732021SUSE bug 732296SUSE bug 732535SUSE bug 732677SUSE bug 733146SUSE bug 733863SUSE bug 734056SUSE bug 734300SUSE bug 735216SUSE bug 735347SUSE bug 735446SUSE bug 735453SUSE bug 735635SUSE bug 736018SUSE bug 736813SUSE bug 738210SUSE bug 738400SUSE bug 740535SUSE bug 740703SUSE bug 740867SUSE bug 740969SUSE bug 742270SUSE bug 743870SUSE bug 744955SUSE bug 745640SUSE bug 745832SUSE bug 745929SUSE bug 748812SUSE bug 748896SUSE bug 749569SUSE bug 750079SUSE bug 752544SUSE bug 752972SUSE bug 754898SUSE bug 760596SUSE bug 761774SUSE bug 762099SUSE bug 762366SUSE bug 763463SUSE bug 763654SUSE bug 767610SUSE bug 767612SUSE bug 768668SUSE bug 769644SUSE bug 769896SUSE bug 770695SUSE bug 771619SUSE bug 771706SUSE bug 771992SUSE bug 772849SUSE bug 773320SUSE bug 773383SUSE bug 773577SUSE bug 773640SUSE bug 773831SUSE bug 774523SUSE bug 775182SUSE bug 776024SUSE bug 776144SUSE bug 776885SUSE bug 777473SUSE bug 780004SUSE bug 780008SUSE bug 780572SUSE bug 782178SUSE bug 785016SUSE bug 786013SUSE bug 787573SUSE bug 787576SUSE bug 789648SUSE bug 789831SUSE bug 792407SUSE bug 794824SUSE bug 795354SUSE bug 797175SUSE bug 798050SUSE bug 800280SUSE bug 801178SUSE bug 802642SUSE bug 803320SUSE bug 804154SUSE bug 804653SUSE bug 805226SUSE bug 805227SUSE bug 805945SUSE bug 806138SUSE bug 806431SUSE bug 806976SUSE bug 806977SUSE bug 806980SUSE bug 807320SUSE bug 808358SUSE bug 808827SUSE bug 809889SUSE bug 809891SUSE bug 809892SUSE bug 809893SUSE bug 809894SUSE bug 809898SUSE bug 809899SUSE bug 809900SUSE bug 809901SUSE bug 809902SUSE bug 809903SUSE bug 810045SUSE bug 810473SUSE bug 811354SUSE bug 812364SUSE bug 813276SUSE bug 813735SUSE bug 814363SUSE bug 814716SUSE bug 815352SUSE bug 815745SUSE bug 816668SUSE bug 817377SUSE bug 818337SUSE bug 818371SUSE bug 820338SUSE bug 822575SUSE bug 822579SUSE bug 823260SUSE bug 823267SUSE bug 823618SUSE bug 824159SUSE bug 824295SUSE bug 825227SUSE bug 826707SUSE bug 827416SUSE bug 827749SUSE bug 827750SUSE bug 828012SUSE bug 828119SUSE bug 831058SUSE bug 833820SUSE bug 835094SUSE bug 835481SUSE bug 835839SUSE bug 840226SUSE bug 840858SUSE bug 845028SUSE bug 846404SUSE bug 847652SUSE bug 847672SUSE bug 848321SUSE bug 849021SUSE bug 851095SUSE bug 851103SUSE bug 852553SUSE bug 852558SUSE bug 852559SUSE bug 852967SUSE bug 853050SUSE bug 853051SUSE bug 853052SUSE bug 854634SUSE bug 854722SUSE bug 854743SUSE bug 856756SUSE bug 856917SUSE bug 857643SUSE bug 858869SUSE bug 858870SUSE bug 858872SUSE bug 863335SUSE bug 865310SUSE bug 866102SUSE bug 868049SUSE bug 868488SUSE bug 868653SUSE bug 869563SUSE bug 871561SUSE bug 871797SUSE bug 873070SUSE bug 874108SUSE bug 875051SUSE bug 875690SUSE bug 875798SUSE bug 876102SUSE bug 877257SUSE bug 878289SUSE bug 879921SUSE bug 880484SUSE bug 880892SUSE bug 881051SUSE bug 882809SUSE bug 883526SUSE bug 883724SUSE bug 883795SUSE bug 884530SUSE bug 885077SUSE bug 885422SUSE bug 885725SUSE bug 887082SUSE bug 889173SUSE bug 891211SUSE bug 892235SUSE bug 892490SUSE bug 896390SUSE bug 896391SUSE bug 896779SUSE bug 899338SUSE bug 902346SUSE bug 902349SUSE bug 902351SUSE bug 904700SUSE bug 905100SUSE bug 905312SUSE bug 907818SUSE bug 907822SUSE bug 908870SUSE bug 909077SUSE bug 910251SUSE bug 911325SUSE bug 912654SUSE bug 912705SUSE bug 912916SUSE bug 913059SUSE bug 915335SUSE bug 915826CVE-2010-1173 at SUSECVE-2010-1173 at NVDCVE-2010-1641 at SUSECVE-2010-1641 at NVDCVE-2010-2066 at SUSECVE-2010-2066 at NVDCVE-2010-2478 at SUSECVE-2010-2478 at NVDCVE-2010-2495 at SUSECVE-2010-2495 at NVDCVE-2010-2521 at SUSECVE-2010-2521 at NVDCVE-2010-2524 at SUSECVE-2010-2524 at NVDCVE-2010-2537 at SUSECVE-2010-2537 at NVDCVE-2010-2538 at SUSECVE-2010-2538 at NVDCVE-2010-2798 at SUSECVE-2010-2798 at NVDCVE-2010-2803 at SUSECVE-2010-2803 at NVDCVE-2010-2942 at SUSECVE-2010-2942 at NVDCVE-2010-2943 at SUSECVE-2010-2943 at NVDCVE-2010-2946 at SUSECVE-2010-2946 at NVDCVE-2010-2954 at SUSECVE-2010-2954 at NVDCVE-2010-2955 at SUSECVE-2010-2955 at NVDCVE-2010-2959 at SUSECVE-2010-2959 at NVDCVE-2010-2960 at SUSECVE-2010-2960 at NVDCVE-2010-2962 at SUSECVE-2010-2962 at NVDCVE-2010-2963 at SUSECVE-2010-2963 at NVDCVE-2010-3015 at SUSECVE-2010-3015 at NVDCVE-2010-3078 at SUSECVE-2010-3078 at NVDCVE-2010-3079 at SUSECVE-2010-3079 at NVDCVE-2010-3080 at SUSECVE-2010-3080 at NVDCVE-2010-3081 at SUSECVE-2010-3081 at NVDCVE-2010-3084 at SUSECVE-2010-3084 at NVDCVE-2010-3296 at SUSECVE-2010-3296 at NVDCVE-2010-3297 at SUSECVE-2010-3297 at NVDCVE-2010-3298 at SUSECVE-2010-3298 at NVDCVE-2010-3301 at SUSECVE-2010-3301 at NVDCVE-2010-3310 at SUSECVE-2010-3310 at NVDCVE-2010-3437 at SUSECVE-2010-3437 at NVDCVE-2010-3699 at SUSECVE-2010-3699 at NVDCVE-2010-3705 at SUSECVE-2010-3705 at NVDCVE-2010-3858 at SUSECVE-2010-3858 at NVDCVE-2010-3861 at SUSECVE-2010-3861 at NVDCVE-2010-3865 at SUSECVE-2010-3865 at NVDCVE-2010-3873 at SUSECVE-2010-3873 at NVDCVE-2010-3874 at SUSECVE-2010-3874 at NVDCVE-2010-3875 at SUSECVE-2010-3875 at NVDCVE-2010-3876 at SUSECVE-2010-3876 at NVDCVE-2010-3877 at SUSECVE-2010-3877 at NVDCVE-2010-3880 at SUSECVE-2010-3880 at NVDCVE-2010-3881 at SUSECVE-2010-3881 at NVDCVE-2010-3904 at SUSECVE-2010-3904 at NVDCVE-2010-4072 at SUSECVE-2010-4072 at NVDCVE-2010-4073 at SUSECVE-2010-4073 at NVDCVE-2010-4075 at SUSECVE-2010-4075 at NVDCVE-2010-4076 at SUSECVE-2010-4076 at NVDCVE-2010-4077 at SUSECVE-2010-4077 at NVDCVE-2010-4082 at SUSECVE-2010-4082 at NVDCVE-2010-4083 at SUSECVE-2010-4083 at NVDCVE-2010-4157 at SUSECVE-2010-4157 at NVDCVE-2010-4158 at SUSECVE-2010-4158 at NVDCVE-2010-4160 at SUSECVE-2010-4160 at NVDCVE-2010-4162 at SUSECVE-2010-4162 at NVDCVE-2010-4163 at SUSECVE-2010-4163 at NVDCVE-2010-4164 at SUSECVE-2010-4164 at NVDCVE-2010-4165 at SUSECVE-2010-4165 at NVDCVE-2010-4169 at SUSECVE-2010-4169 at NVDCVE-2010-4175 at SUSECVE-2010-4175 at NVDCVE-2010-4243 at SUSECVE-2010-4243 at NVDCVE-2010-4251 at SUSECVE-2010-4251 at NVDCVE-2010-4258 at SUSECVE-2010-4258 at NVDCVE-2010-4342 at SUSECVE-2010-4342 at NVDCVE-2010-4346 at SUSECVE-2010-4346 at NVDCVE-2010-4526 at SUSECVE-2010-4526 at NVDCVE-2010-4527 at SUSECVE-2010-4527 at NVDCVE-2010-4529 at SUSECVE-2010-4529 at NVDCVE-2010-4650 at SUSECVE-2010-4650 at NVDCVE-2010-4656 at SUSECVE-2010-4656 at NVDCVE-2010-4668 at SUSECVE-2010-4668 at NVDCVE-2010-5313 at SUSECVE-2010-5313 at NVDCVE-2011-0006 at SUSECVE-2011-0006 at NVDCVE-2011-0191 at SUSECVE-2011-0191 at NVDCVE-2011-0521 at SUSECVE-2011-0521 at NVDCVE-2011-0710 at SUSECVE-2011-0710 at NVDCVE-2011-0711 at SUSECVE-2011-0711 at NVDCVE-2011-0712 at SUSECVE-2011-0712 at NVDCVE-2011-1012 at SUSECVE-2011-1012 at NVDCVE-2011-1013 at SUSECVE-2011-1013 at NVDCVE-2011-1016 at SUSECVE-2011-1016 at NVDCVE-2011-1017 at SUSECVE-2011-1017 at NVDCVE-2011-1020 at SUSECVE-2011-1020 at NVDCVE-2011-1078 at SUSECVE-2011-1078 at NVDCVE-2011-1079 at SUSECVE-2011-1079 at NVDCVE-2011-1080 at SUSECVE-2011-1080 at NVDCVE-2011-1082 at SUSECVE-2011-1082 at NVDCVE-2011-1083 at SUSECVE-2011-1083 at NVDCVE-2011-1090 at SUSECVE-2011-1090 at NVDCVE-2011-1093 at SUSECVE-2011-1093 at NVDCVE-2011-1160 at SUSECVE-2011-1160 at NVDCVE-2011-1163 at SUSECVE-2011-1163 at NVDCVE-2011-1170 at SUSECVE-2011-1170 at NVDCVE-2011-1171 at SUSECVE-2011-1171 at NVDCVE-2011-1172 at SUSECVE-2011-1172 at NVDCVE-2011-1173 at SUSECVE-2011-1173 at NVDCVE-2011-1180 at SUSECVE-2011-1180 at NVDCVE-2011-1182 at SUSECVE-2011-1182 at NVDCVE-2011-1476 at SUSECVE-2011-1476 at NVDCVE-2011-1477 at SUSECVE-2011-1477 at NVDCVE-2011-1478 at SUSECVE-2011-1478 at NVDCVE-2011-1573 at SUSECVE-2011-1573 at NVDCVE-2011-1576 at SUSECVE-2011-1576 at NVDCVE-2011-1577 at SUSECVE-2011-1577 at NVDCVE-2011-1585 at SUSECVE-2011-1585 at NVDCVE-2011-1593 at SUSECVE-2011-1593 at NVDCVE-2011-1598 at SUSECVE-2011-1598 at NVDCVE-2011-1745 at SUSECVE-2011-1745 at NVDCVE-2011-1746 at SUSECVE-2011-1746 at NVDCVE-2011-1748 at SUSECVE-2011-1748 at NVDCVE-2011-1833 at SUSECVE-2011-1833 at NVDCVE-2011-2182 at SUSECVE-2011-2182 at NVDCVE-2011-2183 at SUSECVE-2011-2183 at NVDCVE-2011-2203 at SUSECVE-2011-2203 at NVDCVE-2011-2213 at SUSECVE-2011-2213 at NVDCVE-2011-2491 at SUSECVE-2011-2491 at NVDCVE-2011-2494 at SUSECVE-2011-2494 at NVDCVE-2011-2496 at SUSECVE-2011-2496 at NVDCVE-2011-2517 at SUSECVE-2011-2517 at NVDCVE-2011-2699 at SUSECVE-2011-2699 at NVDCVE-2011-3188 at SUSECVE-2011-3188 at NVDCVE-2011-3593 at SUSECVE-2011-3593 at NVDCVE-2011-4077 at SUSECVE-2011-4077 at NVDCVE-2011-4081 at SUSECVE-2011-4081 at NVDCVE-2011-4086 at SUSECVE-2011-4086 at NVDCVE-2011-4110 at SUSECVE-2011-4110 at NVDCVE-2011-4127 at SUSECVE-2011-4127 at NVDCVE-2011-4132 at SUSECVE-2011-4132 at NVDCVE-2011-4326 at SUSECVE-2011-4326 at NVDCVE-2011-4330 at SUSECVE-2011-4330 at NVDCVE-2011-4622 at SUSECVE-2011-4622 at NVDCVE-2012-0038 at SUSECVE-2012-0038 at NVDCVE-2012-0045 at SUSECVE-2012-0045 at NVDCVE-2012-0879 at SUSECVE-2012-0879 at NVDCVE-2012-1090 at SUSECVE-2012-1090 at NVDCVE-2012-1097 at SUSECVE-2012-1097 at NVDCVE-2012-1601 at SUSECVE-2012-1601 at NVDCVE-2012-2137 at SUSECVE-2012-2137 at NVDCVE-2012-2372 at SUSECVE-2012-2372 at NVDCVE-2012-2745 at SUSECVE-2012-2745 at NVDCVE-2012-3375 at SUSECVE-2012-3375 at NVDCVE-2012-3412 at SUSECVE-2012-3412 at NVDCVE-2012-3430 at SUSECVE-2012-3430 at NVDCVE-2012-3511 at SUSECVE-2012-3511 at NVDCVE-2012-4444 at SUSECVE-2012-4444 at NVDCVE-2012-4530 at SUSECVE-2012-4530 at NVDCVE-2012-4565 at SUSECVE-2012-4565 at NVDCVE-2012-6537 at SUSECVE-2012-6537 at NVDCVE-2012-6538 at SUSECVE-2012-6538 at NVDCVE-2012-6539 at SUSECVE-2012-6539 at NVDCVE-2012-6540 at SUSECVE-2012-6540 at NVDCVE-2012-6541 at SUSECVE-2012-6541 at NVDCVE-2012-6542 at SUSECVE-2012-6542 at NVDCVE-2012-6544 at SUSECVE-2012-6544 at NVDCVE-2012-6545 at SUSECVE-2012-6545 at NVDCVE-2012-6546 at SUSECVE-2012-6546 at NVDCVE-2012-6547 at SUSECVE-2012-6547 at NVDCVE-2012-6548 at SUSECVE-2012-6548 at NVDCVE-2012-6549 at SUSECVE-2012-6549 at NVDCVE-2012-6647 at SUSECVE-2012-6647 at NVDCVE-2012-6657 at SUSECVE-2012-6657 at NVDCVE-2013-0160 at SUSECVE-2013-0160 at NVDCVE-2013-0216 at SUSECVE-2013-0216 at NVDCVE-2013-0231 at SUSECVE-2013-0231 at NVDCVE-2013-0268 at SUSECVE-2013-0268 at NVDCVE-2013-0310 at SUSECVE-2013-0310 at NVDCVE-2013-0343 at SUSECVE-2013-0343 at NVDCVE-2013-0349 at SUSECVE-2013-0349 at NVDCVE-2013-0871 at SUSECVE-2013-0871 at NVDCVE-2013-0914 at SUSECVE-2013-0914 at NVDCVE-2013-1767 at SUSECVE-2013-1767 at NVDCVE-2013-1773 at SUSECVE-2013-1773 at NVDCVE-2013-1774 at SUSECVE-2013-1774 at NVDCVE-2013-1792 at SUSECVE-2013-1792 at NVDCVE-2013-1796 at SUSECVE-2013-1796 at NVDCVE-2013-1797 at SUSECVE-2013-1797 at NVDCVE-2013-1798 at SUSECVE-2013-1798 at NVDCVE-2013-1827 at SUSECVE-2013-1827 at NVDCVE-2013-1860 at SUSECVE-2013-1860 at NVDCVE-2013-1928 at SUSECVE-2013-1928 at NVDCVE-2013-1943 at SUSECVE-2013-1943 at NVDCVE-2013-2015 at SUSECVE-2013-2015 at NVDCVE-2013-2141 at SUSECVE-2013-2141 at NVDCVE-2013-2147 at SUSECVE-2013-2147 at NVDCVE-2013-2164 at SUSECVE-2013-2164 at NVDCVE-2013-2232 at SUSECVE-2013-2232 at NVDCVE-2013-2234 at SUSECVE-2013-2234 at NVDCVE-2013-2237 at SUSECVE-2013-2237 at NVDCVE-2013-2634 at SUSECVE-2013-2634 at NVDCVE-2013-2851 at SUSECVE-2013-2851 at NVDCVE-2013-2852 at SUSECVE-2013-2852 at NVDCVE-2013-2888 at SUSECVE-2013-2888 at NVDCVE-2013-2889 at SUSECVE-2013-2889 at NVDCVE-2013-2892 at SUSECVE-2013-2892 at NVDCVE-2013-2893 at SUSECVE-2013-2893 at NVDCVE-2013-2897 at SUSECVE-2013-2897 at NVDCVE-2013-2929 at SUSECVE-2013-2929 at NVDCVE-2013-3222 at SUSECVE-2013-3222 at NVDCVE-2013-3223 at SUSECVE-2013-3223 at NVDCVE-2013-3224 at SUSECVE-2013-3224 at NVDCVE-2013-3225 at SUSECVE-2013-3225 at NVDCVE-2013-3228 at SUSECVE-2013-3228 at NVDCVE-2013-3229 at SUSECVE-2013-3229 at NVDCVE-2013-3231 at SUSECVE-2013-3231 at NVDCVE-2013-3232 at SUSECVE-2013-3232 at NVDCVE-2013-3234 at SUSECVE-2013-3234 at NVDCVE-2013-3235 at SUSECVE-2013-3235 at NVDCVE-2013-4162 at SUSECVE-2013-4162 at NVDCVE-2013-4299 at SUSECVE-2013-4299 at NVDCVE-2013-4345 at SUSECVE-2013-4345 at NVDCVE-2013-4470 at SUSECVE-2013-4470 at NVDCVE-2013-4483 at SUSECVE-2013-4483 at NVDCVE-2013-4511 at SUSECVE-2013-4511 at NVDCVE-2013-4587 at SUSECVE-2013-4587 at NVDCVE-2013-4588 at SUSECVE-2013-4588 at NVDCVE-2013-4591 at SUSECVE-2013-4591 at NVDCVE-2013-6367 at SUSECVE-2013-6367 at NVDCVE-2013-6368 at SUSECVE-2013-6368 at NVDCVE-2013-6378 at SUSECVE-2013-6378 at NVDCVE-2013-6382 at SUSECVE-2013-6382 at NVDCVE-2013-6383 at SUSECVE-2013-6383 at NVDCVE-2013-6885 at SUSECVE-2013-6885 at NVDCVE-2013-7027 at SUSECVE-2013-7027 at NVDCVE-2013-7263 at SUSECVE-2013-7263 at NVDCVE-2013-7264 at SUSECVE-2013-7264 at NVDCVE-2013-7265 at SUSECVE-2013-7265 at NVDCVE-2013-7266 at SUSECVE-2013-7266 at NVDCVE-2013-7267 at SUSECVE-2013-7267 at NVDCVE-2013-7268 at SUSECVE-2013-7268 at NVDCVE-2013-7269 at SUSECVE-2013-7269 at NVDCVE-2013-7270 at SUSECVE-2013-7270 at NVDCVE-2013-7271 at SUSECVE-2013-7271 at NVDCVE-2013-7339 at SUSECVE-2013-7339 at NVDCVE-2014-0101 at SUSECVE-2014-0101 at NVDCVE-2014-0181 at SUSECVE-2014-0181 at NVDCVE-2014-0196 at SUSECVE-2014-0196 at NVDCVE-2014-0203 at SUSECVE-2014-0203 at NVDCVE-2014-1444 at SUSECVE-2014-1444 at NVDCVE-2014-1445 at SUSECVE-2014-1445 at NVDCVE-2014-1446 at SUSECVE-2014-1446 at NVDCVE-2014-1737 at SUSECVE-2014-1737 at NVDCVE-2014-1738 at SUSECVE-2014-1738 at NVDCVE-2014-1874 at SUSECVE-2014-1874 at NVDCVE-2014-2523 at SUSECVE-2014-2523 at NVDCVE-2014-2678 at SUSECVE-2014-2678 at NVDCVE-2014-3122 at SUSECVE-2014-3122 at NVDCVE-2014-3144 at SUSECVE-2014-3144 at NVDCVE-2014-3145 at SUSECVE-2014-3145 at NVDCVE-2014-3153 at SUSECVE-2014-3153 at NVDCVE-2014-3184 at SUSECVE-2014-3184 at NVDCVE-2014-3185 at SUSECVE-2014-3185 at NVDCVE-2014-3673 at SUSECVE-2014-3673 at NVDCVE-2014-3687 at SUSECVE-2014-3687 at NVDCVE-2014-3688 at SUSECVE-2014-3688 at NVDCVE-2014-3917 at SUSECVE-2014-3917 at NVDCVE-2014-4508 at SUSECVE-2014-4508 at NVDCVE-2014-4652 at SUSECVE-2014-4652 at NVDCVE-2014-4653 at SUSECVE-2014-4653 at NVDCVE-2014-4654 at SUSECVE-2014-4654 at NVDCVE-2014-4655 at SUSECVE-2014-4655 at NVDCVE-2014-4656 at SUSECVE-2014-4656 at NVDCVE-2014-4667 at SUSECVE-2014-4667 at NVDCVE-2014-4699 at SUSECVE-2014-4699 at NVDCVE-2014-4943 at SUSECVE-2014-4943 at NVDCVE-2014-5077 at SUSECVE-2014-5077 at NVDCVE-2014-7841 at SUSECVE-2014-7841 at NVDCVE-2014-7842 at SUSECVE-2014-7842 at NVDCVE-2014-8133 at SUSECVE-2014-8133 at NVDCVE-2014-8160 at SUSECVE-2014-8160 at NVDCVE-2014-8709 at SUSECVE-2014-8709 at NVDCVE-2014-9090 at SUSECVE-2014-9090 at NVDCVE-2014-9322 at SUSECVE-2014-9322 at NVDCVE-2014-9420 at SUSECVE-2014-9420 at NVDCVE-2014-9584 at SUSECVE-2014-9584 at NVDCVE-2014-9585 at SUSECVE-2014-9585 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for Linux kernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel has been updated to fix
bugs and security issues.
ATTENTION: This update introduces a kABI-change (disabled CONFIG_USER_NS),
please consider to rebuild your custom-kmps, requiring
kernel_user_namespace, against the current Kernel.
The following security issues have been fixed:
* net: sctp: fix slab corruption from use after free on INIT collisions
(bsc#915577, CVE-2015-1421).
* TTY: drop driver reference in tty_open fail path (bsc#922447,
CVE-2011-5321).
* usbback: copy only filled buffers to guest (bsc#917830,
CVE-2015-0777).
* xen-pciback: limit guest control of command register (bsc#919463,
CVE-2015-2150, XSA-120).
* net: rds: use correct size for max unacked packets and bytes
(bsc#919018, CVE-2015-2042).
* net: llc: use correct size for sysctl timeout entries (bsc#919007,
CVE-2015-2041).
* x86, mm/ASLR: Fix stack randomization on 64-bit systems (bsc#917839,
CVE-2015-1593).
* eCryptfs: Remove buggy and unnecessary write in file name decode
routine (bsc#918333, CVE-2014-9683).
* splice: add generic_write_checks() (bsc#915322, CVE-2014-7822).
* netfilter: conntrack: disable generic tracking for known protocols
(bsc#913059, CVE-2014-8160).
The following non-security issues have been fixed:
* x86, tls, ldt: Stop checking lm in LDT_empty (bsc#920250).
* x86, tls: Interpret an all-zero struct user_desc as 'no segment'
(bsc#920250).
* xen: x86, tls: Interpret an all-zero struct user_desc as 'no segment'
(bsc#920250).
* Update reference module symbol versions
* Disable CONFIG_USER_NS (bsc#906545).
* kabi fixup in
patches.fixes/audit-dynamically-allocate-audit_names-when-not-enough-space-is-in-the-names-array.patch
(bsc#906512).
* audit: dynamically allocate audit_names when not enough space is in
the names array (bsc#857358, bsc#906512).
* audit: make filetype matching consistent with other filters
(bsc#857358, bsc#906512).
Security Issues:
* CVE-2015-2150
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2150>
* CVE-2015-2042
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2042>
* CVE-2015-2041
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2041>
* CVE-2015-1593
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1593>
* CVE-2015-1421
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1421>
* CVE-2015-0777
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0777>
* CVE-2014-9683
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9683>
* CVE-2014-8160
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8160>
* CVE-2014-7822
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7822>
* CVE-2011-5321
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5321>
SUSE bug 857358SUSE bug 906512SUSE bug 906545SUSE bug 913059SUSE bug 915322SUSE bug 915577SUSE bug 917830SUSE bug 917839SUSE bug 918333SUSE bug 919007SUSE bug 919018SUSE bug 919463SUSE bug 920250SUSE bug 922447CVE-2011-5321 at SUSECVE-2011-5321 at NVDCVE-2014-7822 at SUSECVE-2014-7822 at NVDCVE-2014-8160 at SUSECVE-2014-8160 at NVDCVE-2014-9683 at SUSECVE-2014-9683 at NVDCVE-2015-0777 at SUSECVE-2015-0777 at NVDCVE-2015-1421 at SUSECVE-2015-1421 at NVDCVE-2015-1593 at SUSECVE-2015-1593 at NVDCVE-2015-2041 at SUSECVE-2015-2041 at NVDCVE-2015-2042 at SUSECVE-2015-2042 at NVDCVE-2015-2150 at SUSECVE-2015-2150 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix the following security issues:
- x86/mm: Check if PUD is large when validating a kernel address (bnc#937159).
- Update references (bsc#936831, CVE-2015-5364, CVE-2015-5366).
- udp: fix behavior of wrong checksums (bsc#936831, CVE-2015-5364).
- udf: Check component length before reading it (bsc#933904, CVE-2014-9728, CVE-2014-9730).
- udf: Verify i_size when loading inode (bsc#933904, CVE-2014-9728, CVE-2014-9729).
- udf: Verify symlink size before loading it (bsc#933904, CVE-2014-9728).
- udf: Check length of extended attributes and allocation descriptors (bsc#933907, CVE-2015-4167).
- udf: Remove repeated loads blocksize (bsc#933907).
- udf: Check path length when reading symlink (bsc#933896, CVE-2014-9731).
- pipe: fix iov overrun for failed atomic copy (bsc#933429, CVE-2015-1805).
- Revert 'pipe: fix iov overrun for failed atomic copy (bsc#933429')
- pipe: fix iov overrun for failed atomic copy (bsc#933429, CVE-2015-1805).
- Fix for bug 931891 backported from SLE11-SP1-LTSS branch
- Fixup build warning and kABI false positive.
- vfs: Fix race between fcntl() and file->f_flags checks (bnc#900881, CVE-2014-8086). ImportantSUSE bug 900881SUSE bug 922583SUSE bug 931891SUSE bug 933429SUSE bug 933896SUSE bug 933904SUSE bug 933907SUSE bug 936831SUSE bug 937159SUSE bug 938627CVE-2014-8086 at SUSECVE-2014-8086 at NVDCVE-2014-9728 at SUSECVE-2014-9728 at NVDCVE-2014-9729 at SUSECVE-2014-9729 at NVDCVE-2014-9730 at SUSECVE-2014-9730 at NVDCVE-2014-9731 at SUSECVE-2014-9731 at NVDCVE-2015-1805 at SUSECVE-2015-1805 at NVDCVE-2015-2922 at SUSECVE-2015-2922 at NVDCVE-2015-4167 at SUSECVE-2015-4167 at NVDCVE-2015-5364 at SUSECVE-2015-5364 at NVDCVE-2015-5366 at SUSECVE-2015-5366 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Linux kernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 kernel has been updated to fix bugs and
security issues.
The following security issues have been fixed:
*
CVE-2009-4307: The ext4_fill_flex_info function in fs/ext4/super.c in
the Linux kernel allowed user-assisted remote attackers to cause a
denial of service (divide-by-zero error and panic) via a malformed
ext4 filesystem containing a super block with a large FLEX_BG group
size (aka s_log_groups_per_flex value).
*
CVE-2012-2123: The cap_bprm_set_creds function in
security/commoncap.c in the Linux kernel did not properly handle the
use of file system capabilities (fcaps) for implementing a privileged
executable file, which allowed local users to bypass intended
personality restrictions via a crafted application.
*
CVE-2012-2133: A use after free bug in hugetlb support could be used
by local attackers to crash the system.
*
CVE-2012-2136: Local attackers could trigger an overflow in
sock_alloc_send_pksb(), potentially crashing the machine or
escalating privileges.
*
CVE-2012-2319: A memory corruption when mounting a hfsplus file
system was fixed that could be used by local attackers able to mount
file system to crash the system.
*
CVE-2012-2383: An integer overflow in the i915_gem_execbuffer2
function in drivers/gpu/drm/i915/i915_gem.c in the Direct Rendering
Manager (DRM) subsystem in the Linux kernel on 32-bit platforms
allowed local users to cause a denial of service (out-of-bounds
write) or possibly have unspecified other impact via a crafted ioctl
call.
*
CVE-2012-2384: An integer overflow in the i915_gem_do_execbuffer
function in drivers/gpu/drm/i915/i915_gem.c in the Direct Rendering
Manager (DRM) subsystem in the Linux kernel on 32-bit platforms
allowed local users to cause a denial of service (out-of-bounds
write) or possibly have unspecified other impact via a crafted ioctl
call.
*
CVE-2012-2390: A memory leak in transparent hugepages on mmap failure
could be used by local attacker to run the machine out of memory
(local denial of service).
*
CVE-2012-2663: A denial of service via specially forged TCP packets
with SYN+FIN flags set was fixed.
*
CVE-2012-3375: A local denial of service in the last epoll fix was
fixed.
The following non-security issues have been fixed:
* hrtimer: Provide clock_was_set_delayed() (bnc#771619).
* time: Fix leapsecond triggered hrtimer/futex load spike issue
(bnc#771619).
* audit: Do not send uninitialized data for AUDIT_TTY_GET (bnc#755513).
* tty_audit: Fix tty_audit_add_data live lock on audit disabled
(bnc#721366, bnc#755513).
* sched: Make sure to not re-read variables after validation
(bnc#769685).
* ntp: Fix leap second hrtimer deadlock (bnc#768632).
* ntp: Avoid printk under xtime_lock (bnc#767684).
* Fix boot hang-ups while LD is offline (bnc#698102).
* scsi_transport_fc: Fix blocked BSG request when FC object deleted
(bnc#761414, bnc#734300).
* Revert list_head definition move to types.h.
Security Issue references:
* CVE-2009-4307
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4307>
* CVE-2012-2123
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2123>
* CVE-2012-2133
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2133>
* CVE-2012-2136
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2136>
* CVE-2012-2319
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2319>
* CVE-2012-2383
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2383>
* CVE-2012-2384
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2384>
* CVE-2012-2390
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2390>
* CVE-2012-2663
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2663>
* CVE-2012-3375
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3375>
SUSE bug 698102SUSE bug 721366SUSE bug 734300SUSE bug 755513SUSE bug 757278SUSE bug 758260SUSE bug 758532SUSE bug 760902SUSE bug 761414SUSE bug 763194SUSE bug 764150SUSE bug 765102SUSE bug 765320SUSE bug 767684SUSE bug 768632SUSE bug 769685SUSE bug 769896SUSE bug 771619CVE-2009-4307 at SUSECVE-2009-4307 at NVDCVE-2012-2123 at SUSECVE-2012-2123 at NVDCVE-2012-2133 at SUSECVE-2012-2133 at NVDCVE-2012-2136 at SUSECVE-2012-2136 at NVDCVE-2012-2319 at SUSECVE-2012-2319 at NVDCVE-2012-2383 at SUSECVE-2012-2383 at NVDCVE-2012-2384 at SUSECVE-2012-2384 at NVDCVE-2012-2390 at SUSECVE-2012-2390 at NVDCVE-2012-2663 at SUSECVE-2012-2663 at NVDCVE-2012-3375 at SUSECVE-2012-3375 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for KernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs
and security issues.
The following security issues were fixed:
CVE-2012-3430: The rds_recvmsg function in net/rds/recv.c in the Linux
kernel did not initialize a certain structure member, which allowed local
users to obtain potentially sensitive information from kernel stack memory
via a (1) recvfrom or (2) recvmsg system call on an RDS socket.
CVE-2012-3412: The sfc (aka Solarflare Solarstorm) driver in the Linux
kernel allowed remote attackers to cause a denial of service (DMA
descriptor consumption and network-controller outage) via crafted TCP
packets that trigger a small MSS value.
CVE-2011-3593: The VLAN implementation of the Linux kernel handled VLAN 0
frames with the priority tag set incorrectly and, when specific network
drivers were used, allowed local users to trigger a denial of service.
CVE-2012-3511: Multiple race conditions in the madvise_remove function in
mm/madvise.c in the Linux kernel allowed local users to cause a denial of
service (use-after-free and system crash) via vectors involving a (1)
munmap or (2) close system call.
CVE-2012-2745: The copy_creds function in kernel/cred.c in the Linux kernel
provided an invalid replacement session keyring to a child process, which
allowed local users to cause a denial of service (panic) via a crafted
application that uses the fork system call.
The following non-security issues were fixed:
* aic94xx: correct the size argument to kmalloc (bnc#783058).
* sched: fix ancient race condition in do_exit() (bnc#781018).
* block: add blk_queue_dead() (bnc#738284, bnc#735498).
* block: add missing blk_queue_dead() checks (bnc#738284, bnc#735498).
* block: fix race on request.end_io invocations (bnc#738284,
bnc#735498).
* fc class: fix scanning when devs are offline (bnc#738284,
bnc#735498).
* scsi: fix device removal NULL pointer dereference (bnc#738284,
bnc#735498).
* x86: improve the unknown NMI message (bnc#718684).
Security Issues:
* CVE-2012-3430
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3430>
* CVE-2012-3412
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3412>
* CVE-2011-3593
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3593>
* CVE-2012-3511
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3511>
* CVE-2012-2745
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2745>
SUSE bug 718684SUSE bug 735347SUSE bug 735498SUSE bug 738284SUSE bug 770695SUSE bug 773383SUSE bug 774523SUSE bug 776885SUSE bug 781018SUSE bug 783058CVE-2011-3593 at SUSECVE-2011-3593 at NVDCVE-2012-2745 at SUSECVE-2012-2745 at NVDCVE-2012-3412 at SUSECVE-2012-3412 at NVDCVE-2012-3430 at SUSECVE-2012-3430 at NVDCVE-2012-3511 at SUSECVE-2012-3511 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for KernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs
and security issues.
The following security issue was fixed:
CVE-2012-2372: Attempting an rds connection from the IP address of an IPoIB
interface to itself causes a kernel panic due to a BUG_ON() being
triggered. Making the test less strict allows rds-ping to work without
crashing the machine. A local unprivileged user could use this flaw to
crash the sytem.
The following non-security issues were fixed:
* x86: reverse the condition to print the 'unknown NMI' message in
Kdump kernel (bnc#718684).
* Update x86_64 kabi files to match the 2.6.32.54-0.3 SP1 kernel.
Security Issues:
* CVE-2012-2372
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2372>
SUSE bug 718684SUSE bug 767610CVE-2012-2372 at SUSECVE-2012-2372 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Linux kernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel has been updated to fix
bugs and security issues.
The following security issues have been fixed:
* tty: do not update atime/mtime on read/write (bnc#797175,
CVE-2013-0160)
* cipso: don't follow a NULL pointer when setsockopt() is called
(bnc#804653, CVE-2013-0310)
* ptrace: ensure arch_ptrace/ptrace_request can never race with SIGKILL
(bnc#804154, CVE-2013-0871)
* ptrace: introduce signal_wake_up_state() and ptrace_signal_wake_up()
(bnc#804154, CVE-2013-0871)
* wake_up_process() should be never used to wakeup a
TASK_STOPPED/TRACED task (bnc#804154, CVE-2013-0871)
* x86/msr: add capabilities check (bnc#802642, CVE-2013-0268)
* exec: do not leave bprm->interp on stack (bnc#786013, CVE-2012-4530)
* kvm: Fix buffer overflow in kvm_set_irq() (bnc#767612, CVE-2012-2137)
* kvm: Clean up error handling during VCPU creation (bnc#754898,
CVE-2012-1601)
* kvm: Ensure all vcpus are consistent with in-kernel irqchip settings
(bnc#754898, CVE-2012-1601).
The following non-security issues have been fixed:
* sched: harden rq rt usage accounting (bnc#769685, bnc#788590)
* proc: fix pagemap_read() error case (bnc#787573, bnc#799688).
Security Issue references:
* CVE-2013-0310
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0310>
* CVE-2013-0871
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0871>
* CVE-2013-0268
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0268>
* CVE-2012-4530
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4530>
* CVE-2012-2137
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2137>
* CVE-2012-1601
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1601>
* CVE-2013-0160
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0160>
SUSE bug 754898SUSE bug 767612SUSE bug 769685SUSE bug 786013SUSE bug 787573SUSE bug 788590SUSE bug 797175SUSE bug 799688SUSE bug 802642SUSE bug 804154SUSE bug 804653CVE-2012-1601 at SUSECVE-2012-1601 at NVDCVE-2012-2137 at SUSECVE-2012-2137 at NVDCVE-2012-4530 at SUSECVE-2012-4530 at NVDCVE-2013-0160 at SUSECVE-2013-0160 at NVDCVE-2013-0268 at SUSECVE-2013-0268 at NVDCVE-2013-0310 at SUSECVE-2013-0310 at NVDCVE-2013-0871 at SUSECVE-2013-0871 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Linux kernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel has been updated to fix
one bug and a security issue.
The following security issue has been fixed:
* tmpfs: fix use-after-free of mempolicy object (bnc#806138,
CVE-2013-1767).
The following non-security issue has been fixed:
* ptrace: ptrace_resume() shouldn't wake up !TASK_TRACED thread
(bnc#804154).
Security Issue reference:
* CVE-2013-1767
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1767>
SUSE bug 804154SUSE bug 806138CVE-2013-1767 at SUSECVE-2013-1767 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Linux kernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel has been updated to fix
bugs and security issues.
The following security issues have been fixed:
* xfrm_user: fix info leak in copy_to_user_auth() (CVE-2012-6538,
bnc#809889).
* xfrm_user: fix info leak in copy_to_user_policy() (CVE-2012-6537,
bnc#809889).
* xfrm_user: fix info leak in copy_to_user_state() (CVE-2012-6537,
bnc#809889).
* xfrm_user: fix info leak in copy_to_user_tmpl() (CVE-2012-6537,
bnc#809889).
* bluetooth: RFCOMM - Fix missing msg_namelen update in
rfcomm_sock_recvmsg() (CVE-2013-3225, bnc#816668).
* bluetooth: fix possible info leak in bt_sock_recvmsg()
(CVE-2013-3224, bnc#816668).
* atm: update msg_namelen in vcc_recvmsg() (CVE-2013-3222, bnc#816668).
* ax25: fix info leak via msg_name in ax25_recvmsg() (CVE-2013-3223,
bnc#816668).
* irda: Fix missing msg_namelen update in irda_recvmsg_dgram()
(CVE-2013-3228, bnc#816668).
* iucv: Fix missing msg_namelen update in iucv_sock_recvmsg()
(CVE-2013-3229, bnc#816668).
* llc: Fix missing msg_namelen update in llc_ui_recvmsg()
(CVE-2013-3231, bnc#816668).
* netrom: fix info leak via msg_name in nr_recvmsg() (CVE-2013-3232,
bnc#816668).
* netrom: fix invalid use of sizeof in nr_recvmsg() (CVE-2013-3232,
bnc#816668).
* rose: fix info leak via msg_name in rose_recvmsg() (CVE-2013-3234,
bnc#816668).
* tipc: fix info leaks via msg_name in recv_msg/recv_stream
(CVE-2013-3235, bnc#816668).
* dccp: check ccid before dereferencing (CVE-2013-1827, bnc#811354).
* dcbnl: fix various netlink info leaks (CVE-2013-2634, bnc#810473).
* isofs: avoid info leak on export (CVE-2012-6549, bnc#809903).
* udf: avoid info leak on export (CVE-2012-6548, bnc#809902).
* net/tun: fix ioctl() based info leaks (CVE-2012-6547, bnc#809901).
* atm: fix info leak in getsockopt(SO_ATMPVC) (CVE-2012-6546,
bnc#809900).
* atm: fix info leak via getsockname() (CVE-2012-6546, bnc#809900).
* bluetooth: RFCOMM - Fix info leak in ioctl(RFCOMMGETDEVLIST)
(CVE-2012-6545, bnc#809899).
* bluetooth: RFCOMM - Fix info leak via getsockname() (CVE-2012-6545,
bnc#809899).
* bluetooth: HCI - Fix info leak in getsockopt(HCI_FILTER)
(CVE-2012-6544, bnc#809898).
* bluetooth: L2CAP - Fix info leak via getsockname() (CVE-2012-6544,
bnc#809898).
* llc: fix info leak via getsockname() (CVE-2012-6542, bnc#809894).
* dccp: fix info leak via getsockopt(DCCP_SOCKOPT_CCID_TX_INFO)
(CVE-2012-6541, bnc#809893).
* ipvs: fix info leak in getsockopt(IP_VS_SO_GET_TIMEOUT)
(CVE-2012-6540, bnc#809892).
* net: fix info leak in compat dev_ifconf() (CVE-2012-6539,
bnc#809891).
* signal: always clear sa_restorer on execve (CVE-2013-0914,
bnc#808827).
* bluetooth: Fix incorrect strncpy() in hidp_setup_hid()
(CVE-2013-0349, bnc#805227).
* ipv6: discard overlapping fragment (CVE-2012-4444, bnc#789831).
* net: fix divide by zero in tcp algorithm illinois (CVE-2012-4565,
bnc#787576).
* fs/compat_ioctl: VIDEO_SET_SPU_PALETTE missing error check
(bnc#813735, CVE-2013-1928).
* keys: fix race with concurrent install_user_keyrings() (bnc#808358,
CVE-2013-1792).
* xenbus: fix overflow check in xenbus_dev_write().
* x86: don't corrupt %eip when returning from a signal handler.
* netback: shutdown the ring if it contains garbage (CVE-2013-0216
XSA-39 bnc#800280).
* netback: correct netbk_tx_err() to handle wrap around (CVE-2013-0216
XSA-39 bnc#800280).
* pciback: rate limit error message from pciback_enable_msi()
(CVE-2013-0231 XSA-43 bnc#801178).
* scsiback/usbback: move cond_resched() invocations to proper place.
* netback: fix netbk_count_requests().
* USB: io_ti: Fix NULL dereference in chase_port() (bnc#806976,
CVE-2013-1774).
* KVM: Add memory slot versioning and use it to provide fast guest
write interface (bnc#806980 CVE-2013-1797).
* KVM: Convert MSR_KVM_SYSTEM_TIME to use gfn_to_hva_cache_init
(bnc#806980 CVE-2013-1797).
* KVM: Fix bounds checking in ioapic indirect register read (bnc#806980
CVE-2013-1798).
* KVM: Fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME
(bnc#806980 CVE-2013-1796).
* KVM: introduce kvm_read_guest_cached (bnc#806980 CVE-2013-1797).
* KVM: MMU: introduce gfn_to_page_many_atomic() function (bnc#806980
CVE-2013-1797).
* KVM: use the correct RCU API for PROVE_RCU=y (bnc#806980
CVE-2013-1797).
* NLS: improve UTF8 -> UTF16 string conversion routine (bnc#806977
CVE-2013-1773).
The following non-security issue have been fixed:
* harden update_stats_wait_end() against microscopic rq->clock
aberations (bnc#808778).
* net-2.6: SYN retransmits: Add new parameter to
retransmits_timed_out() (bnc#809014).
* mm: cond_resched per PMD during unmapping a VMA (bnc#804553).
Additionally, the patch TTY-do-not-update-atime-mtime-on-read-write.patch
has been dropped because it broke userspace applications.
Security Issue references:
* CVE-2012-4444
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4444>
* CVE-2012-4565
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4565>
* CVE-2012-6537
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6537>
* CVE-2012-6538
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6538>
* CVE-2012-6539
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6539>
* CVE-2012-6540
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6540>
* CVE-2012-6541
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6541>
* CVE-2012-6542
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6542>
* CVE-2012-6544
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6544>
* CVE-2012-6545
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6545>
* CVE-2012-6546
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6546>
* CVE-2012-6547
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6547>
* CVE-2012-6548
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6548>
* CVE-2012-6549
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6549>
* CVE-2013-0216
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0216>
* CVE-2013-0231
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0231>
* CVE-2013-0349
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0349>
* CVE-2013-0914
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0914>
* CVE-2013-1767
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1767>
* CVE-2013-1773
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1773>
* CVE-2013-1774
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1774>
* CVE-2013-1792
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1792>
* CVE-2013-1796
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1796>
* CVE-2013-1797
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1797>
* CVE-2013-1798
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1798>
* CVE-2013-1827
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1827>
* CVE-2013-1928
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1928>
* CVE-2013-2634
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2634>
* CVE-2013-3222
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3222>
* CVE-2013-3223
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3223>
* CVE-2013-3224
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3224>
* CVE-2013-3225
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3225>
* CVE-2013-3228
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3228>
* CVE-2013-3229
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3229>
* CVE-2013-3231
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3231>
* CVE-2013-3232
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3232>
* CVE-2013-3234
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3234>
* CVE-2013-3235
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3235>
SUSE bug 787576SUSE bug 789831SUSE bug 800280SUSE bug 801178SUSE bug 804553SUSE bug 805227SUSE bug 806976SUSE bug 806977SUSE bug 806980SUSE bug 808358SUSE bug 808778SUSE bug 808827SUSE bug 809014SUSE bug 809889SUSE bug 809891SUSE bug 809892SUSE bug 809893SUSE bug 809894SUSE bug 809898SUSE bug 809899SUSE bug 809900SUSE bug 809901SUSE bug 809902SUSE bug 809903SUSE bug 810473SUSE bug 811354SUSE bug 813735SUSE bug 816668CVE-2012-4444 at SUSECVE-2012-4444 at NVDCVE-2012-4565 at SUSECVE-2012-4565 at NVDCVE-2012-6537 at SUSECVE-2012-6537 at NVDCVE-2012-6538 at SUSECVE-2012-6538 at NVDCVE-2012-6539 at SUSECVE-2012-6539 at NVDCVE-2012-6540 at SUSECVE-2012-6540 at NVDCVE-2012-6541 at SUSECVE-2012-6541 at NVDCVE-2012-6542 at SUSECVE-2012-6542 at NVDCVE-2012-6544 at SUSECVE-2012-6544 at NVDCVE-2012-6545 at SUSECVE-2012-6545 at NVDCVE-2012-6546 at SUSECVE-2012-6546 at NVDCVE-2012-6547 at SUSECVE-2012-6547 at NVDCVE-2012-6548 at SUSECVE-2012-6548 at NVDCVE-2012-6549 at SUSECVE-2012-6549 at NVDCVE-2013-0216 at SUSECVE-2013-0216 at NVDCVE-2013-0231 at SUSECVE-2013-0231 at NVDCVE-2013-0349 at SUSECVE-2013-0349 at NVDCVE-2013-0914 at SUSECVE-2013-0914 at NVDCVE-2013-1767 at SUSECVE-2013-1767 at NVDCVE-2013-1773 at SUSECVE-2013-1773 at NVDCVE-2013-1774 at SUSECVE-2013-1774 at NVDCVE-2013-1792 at SUSECVE-2013-1792 at NVDCVE-2013-1796 at SUSECVE-2013-1796 at NVDCVE-2013-1797 at SUSECVE-2013-1797 at NVDCVE-2013-1798 at SUSECVE-2013-1798 at NVDCVE-2013-1827 at SUSECVE-2013-1827 at NVDCVE-2013-1928 at SUSECVE-2013-1928 at NVDCVE-2013-2634 at SUSECVE-2013-2634 at NVDCVE-2013-3222 at SUSECVE-2013-3222 at NVDCVE-2013-3223 at SUSECVE-2013-3223 at NVDCVE-2013-3224 at SUSECVE-2013-3224 at NVDCVE-2013-3225 at SUSECVE-2013-3225 at NVDCVE-2013-3228 at SUSECVE-2013-3228 at NVDCVE-2013-3229 at SUSECVE-2013-3229 at NVDCVE-2013-3231 at SUSECVE-2013-3231 at NVDCVE-2013-3232 at SUSECVE-2013-3232 at NVDCVE-2013-3234 at SUSECVE-2013-3234 at NVDCVE-2013-3235 at SUSECVE-2013-3235 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Linux kernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel has been updated to fix
bugs and security issues.
The following security issues have been fixed:
* b43: stop format string leaking into error msgs (bnc#822579,
CVE-2013-2852).
* kernel/signal.c: stop info leak via the tkill and the tgkill syscalls
(bnc#823267, CVE-2013-2141).
* tty: do not update atime/mtime on read/write (bnc#797175,
CVE-2013-0160).
* block: do not pass disk names as format strings (bnc#822575,
CVE-2013-2851).
* af_key: fix info leaks in notify messages (bnc#827749,
CVE-2013-2234).
The following non-security issue have been fixed:
* make nfsiod a multi-thread queue (bnc#815352).
* ext4: avoid hang when mounting non-journal filesystems with orphan
list (bnc#817377).
* tty: fix up atime/mtime mess, take three (bnc#797175).
* tty: fix atime/mtime regression (bnc#815745).
* cgroup: introduce cancel_attach() (bnc#777157).
* cgroup: introduce coalesce css_get() and css_put() (bnc#777157).
* memcg: add interface to move charge at task migration (bnc#777157).
* memcg: add mem_cgroup_cancel_charge() (bnc#777157).
* memcg: avoid oom during moving charge (bnc#777157).
* memcg: clean up move charge (bnc#777157).
* memcg: cleanup mem_cgroup_move_parent() (bnc#777157).
* memcg: improve performance in moving charge (bnc#777157).
* memcg: improve performance in moving swap charge (bnc#777157).
* memcg: move charge of file pages (bnc#777157).
* memcg: move charges of anonymous page (bnc#777157).
* memcg: move charges of anonymous swap (bnc#777157).
* memcg: remove memcg_tasklist (bnc#777157).
* CONFIG_NO_HZ disabled in all supported kernel flavors except for XEN
(bnc#816796).
* rwsem: Test for no active locks in __rwsem_do_wake undo code
(bnc#813276).
* cpumask: Partition_sched_domains takes array of cpumask_var_t
(bnc#812364).
* cpumask: Simplify sched_rt.c (bnc#812364).
* af_key: initialize satype in key_notify_policy_flush() (bnc#827749).
Security Issues:
* CVE-2013-2852
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2852>
* CVE-2013-2141
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2141>
* CVE-2013-0160
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0160>
* CVE-2013-2851
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2851>
* CVE-2013-2234
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2234>
SUSE bug 797175SUSE bug 812364SUSE bug 813276SUSE bug 815352SUSE bug 815745SUSE bug 816796SUSE bug 817377SUSE bug 822575SUSE bug 822579SUSE bug 823267SUSE bug 827749CVE-2013-0160 at SUSECVE-2013-0160 at NVDCVE-2013-2141 at SUSECVE-2013-2141 at NVDCVE-2013-2234 at SUSECVE-2013-2234 at NVDCVE-2013-2851 at SUSECVE-2013-2851 at NVDCVE-2013-2852 at SUSECVE-2013-2852 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Linux KernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel has been updated to fix
bugs and security issues.
The following security issues have been fixed:
* cciss: info leak in cciss_ioctl32_passthru() (bnc#823260,
CVE-2013-2147).
* cpqarray: info leak in ida_locked_ioctl() (bnc#823260,
CVE-2013-2147).
* ipv6: ip6_sk_dst_check() must not assume ipv6 dst (bnc#827750,
CVE-2013-2232).
* drivers/cdrom/cdrom.c: use kzalloc() for failing hardware
(bnc#824295, CVE-2013-2164).
* KVM: Validate userspace_addr of memslot when registered (bnc#828012,
CVE-2013-1943).
* KVM: add missing void __user * cast to access_ok() call (bnc#828012,
CVE-2013-1943).
The following non-security issues have been fixed:
* lib/radix-tree.c: make radix_tree_node_alloc() work correctly within
interrupt (bnc#763463).
* memcg: fix init_section_page_cgroup pfn alignment (bnc#835481).
* sched/x86: Fix overflow in cyc2ns_offset (bnc#630970, bnc#661605).
Refreshed patches
patches.fixes/bug769685_sched-harden-rq-rt-usage-accounting.patch and
patches.fixes/sched-divide-by-zero-workaround-and-diag.diff:
Security Issues:
* CVE-2013-2237
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2237>
* CVE-2013-2232
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2232>
* CVE-2013-2164
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2164>
* CVE-2013-2147
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2147>
* CVE-2013-1943
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1943>
SUSE bug 630970SUSE bug 661605SUSE bug 763463SUSE bug 823260SUSE bug 824295SUSE bug 827749SUSE bug 827750SUSE bug 828012SUSE bug 828119SUSE bug 835481CVE-2013-1943 at SUSECVE-2013-1943 at NVDCVE-2013-2147 at SUSECVE-2013-2147 at NVDCVE-2013-2164 at SUSECVE-2013-2164 at NVDCVE-2013-2232 at SUSECVE-2013-2232 at NVDCVE-2013-2237 at SUSECVE-2013-2237 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Linux KernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs
and security issues.
The following security issues have been fixed:
* KVM: Improve create VCPU parameter (bnc#853050, CVE-2013-4587).
* exec/ptrace: fix get_dumpable() incorrect tests (bnc#847652,
CVE-2013-2929).
* crypto: ansi_cprng - Fix off by one error in non-block size request
(bnc#840226, CVE-2013-4345).
* wireless: radiotap: fix parsing buffer overrun (bnc#851103,
CVE-2013-4591).
* ipv6: remove max_addresses check from ipv6_create_tempaddr
(bnc#805226, CVE-2013-0343).
* aacraid: missing capable() check in compat ioctl (bnc#852558,
CVE-2013-6383).
* libertas: potential oops in debugfs (bnc#852559, CVE-2013-6378).
* ipvs: Add boundary check on ioctl arguments (bnc#851095,
CVE-2013-4588).
* HID: LG: validate HID output report details (CVE-2013-2893,
bnc#835839).
* HID: pantherlord: validate output report details (CVE-2013-2892,
bnc#835839).
* HID: validate HID report id size (CVE-2013-2888, bnc#835839).
* HID: validate feature and input report details (CVE-2013-2897,
bnc#835839).
* HID: zeroplus: validate output report details (CVE-2013-2889,
bnc#835839).
* Fix ipc_rcu_{get,put}ref during destruction (bnc#848321,
CVE-2013-4483).
* Fix a few incorrectly checked [io_]remap_pfn_range() calls
(bnc#849021, CVE-2013-4511).
The following non-security issues have been fixed:
* HID: check for NULL field when setting values (bnc#835839).
* HID: provide a helper for validating hid reports (bnc#835839).
Security Issues:
* CVE-2013-0343
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0343>
* CVE-2013-2888
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2888>
* CVE-2013-2889
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2889>
* CVE-2013-2892
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2892>
* CVE-2013-2893
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2893>
* CVE-2013-2897
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897>
* CVE-2013-2929
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2929>
* CVE-2013-4345
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4345>
* CVE-2013-4483
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4483>
* CVE-2013-4511
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4511>
* CVE-2013-4587
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4587>
* CVE-2013-4588
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4588>
* CVE-2013-4591
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4591>
* CVE-2013-6378
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6378>
* CVE-2013-6383
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6383>
SUSE bug 805226SUSE bug 835839SUSE bug 840226SUSE bug 847652SUSE bug 848321SUSE bug 849021SUSE bug 851095SUSE bug 851103SUSE bug 852558SUSE bug 852559SUSE bug 853050CVE-2013-0343 at SUSECVE-2013-0343 at NVDCVE-2013-2888 at SUSECVE-2013-2888 at NVDCVE-2013-2889 at SUSECVE-2013-2889 at NVDCVE-2013-2892 at SUSECVE-2013-2892 at NVDCVE-2013-2893 at SUSECVE-2013-2893 at NVDCVE-2013-2897 at SUSECVE-2013-2897 at NVDCVE-2013-2929 at SUSECVE-2013-2929 at NVDCVE-2013-4345 at SUSECVE-2013-4345 at NVDCVE-2013-4483 at SUSECVE-2013-4483 at NVDCVE-2013-4511 at SUSECVE-2013-4511 at NVDCVE-2013-4587 at SUSECVE-2013-4587 at NVDCVE-2013-4588 at SUSECVE-2013-4588 at NVDCVE-2013-4591 at SUSECVE-2013-4591 at NVDCVE-2013-6378 at SUSECVE-2013-6378 at NVDCVE-2013-6383 at SUSECVE-2013-6383 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux KernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs
and security issues.
The following security issues have been fixed:
* net: sctp: fix sctp_sf_do_5_1D_ce to verify if peer is AUTH capable
(bnc#866102, CVE-2014-0101).
* x86, cpu, amd: Add workaround for family 16h, erratum 793
(bnc#852967, CVE-2013-6885).
* xfs: underflow bug in xfs_attrlist_by_handle() (bnc#852553,
CVE-2013-6382).
* SELinux: Fix kernel BUG on empty security contexts (bnc#863335,
CVE-2014-1874).
* udf: Avoid run away loop when partition table length is corrupted
(bnc#769784, CVE-2012-3400).
* udf: Fortify loading of sparing table (bnc#769784, CVE-2012-3400).
* udf: Use 'ret' instead of abusing 'i' in udf_load_logicalvol()
(bnc#769784, CVE-2012-3400).
* dl2k: Tighten ioctl permissions (bnc#758813, CVE-2012-2313).
* inet: fix possible memory corruption with UDP_CORK and UFO
(bnc#847672, CVE-2013-4470).
* ipv6: udp packets following an UFO enqueued packet need also be
handled by UFO (bnc#847672, CVE-2013-4470).
* hamradio/yam: fix info leak in ioctl (bnc#858872, CVE-2014-1446).
* wanxl: fix info leak in ioctl (bnc#858870, CVE-2014-1445).
* farsync: fix info leak in ioctl (bnc#858869, CVE-2014-1444).
* KVM: x86: Convert vapic synchronization to _cached functions
(bnc#853052, CVE-2013-6368).
* KVM: x86: Fix potential divide by 0 in lapic (bnc#853051,
CVE-2013-6367).
The following non-security issues have been fixed:
* x86, apic: Add boot_cpu_is_bsp() to check if boot cpu is BSP
(bnc#814140).
* x86, apic: Disable BSP if boot cpu is AP (bnc#814140).
* Refreshed patches.xen/xen3-patch-2.6.26
Security Issues:
* CVE-2014-1874
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1874>
* CVE-2014-1446
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1446>
* CVE-2014-1445
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1445>
* CVE-2014-1444
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1444>
* CVE-2014-0101
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0101>
* CVE-2013-6885
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885>
* CVE-2013-6382
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6382>
* CVE-2013-6368
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6368>
* CVE-2013-6367
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6367>
* CVE-2013-4470
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4470>
* CVE-2012-3400
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3400>
* CVE-2012-2313
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2313>
SUSE bug 758813SUSE bug 769784SUSE bug 814140SUSE bug 847672SUSE bug 852553SUSE bug 852967SUSE bug 853051SUSE bug 853052SUSE bug 858869SUSE bug 858870SUSE bug 858872SUSE bug 863335SUSE bug 866102CVE-2012-2313 at SUSECVE-2012-2313 at NVDCVE-2012-3400 at SUSECVE-2012-3400 at NVDCVE-2013-4470 at SUSECVE-2013-4470 at NVDCVE-2013-6367 at SUSECVE-2013-6367 at NVDCVE-2013-6368 at SUSECVE-2013-6368 at NVDCVE-2013-6382 at SUSECVE-2013-6382 at NVDCVE-2013-6885 at SUSECVE-2013-6885 at NVDCVE-2014-0101 at SUSECVE-2014-0101 at NVDCVE-2014-1444 at SUSECVE-2014-1444 at NVDCVE-2014-1445 at SUSECVE-2014-1445 at NVDCVE-2014-1446 at SUSECVE-2014-1446 at NVDCVE-2014-1874 at SUSECVE-2014-1874 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Linux KernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs
and security issues.
The following security issues have been fixed:
* floppy: don't write kernel-only members to FDRAWCMD ioctl output
(bnc#875798, CVE-2014-1737, CVE-2014-1738).
* floppy: ignore kernel-only members in FDRAWCMD ioctl input
(bnc#875798, CVE-2014-1737, CVE-2014-1738).
* Update references (bnc#849021, bnc#850263, CVE-2013-4511,
CVE-2013-6763).
* mm: try_to_unmap_cluster() should lock_page() before mlocking
(bnc#876102, CVE-2014-3122).
* n_tty: Fix n_tty_write crash when echoing in raw mode (bnc#871252,
bnc#875690, CVE-2014-0196).
* netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages
(bnc#868653, CVE-2014-2523).
* rds: prevent dereference of a NULL device in rds_iw_laddr_check
(bnc#871561, CVE-2014-2678).
* rds: prevent dereference of a NULL device (bnc#869563,
CVE-2013-7339).
* inet: fix addr_len/msg->msg_namelen assignment in recv_error and
rxpmtu functions (bnc#857643, CVE-2013-7263, CVE-2013-7264,
CVE-2013-7265).
* inet: prevent leakage of uninitialized memory to user in recv
syscalls (bnc#857643, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265).
The following non-security issues have been fixed:
* tms380tr: Use mdelay() in tms380tr_wait() (compile fix).
* tcp: syncookies: reduce cookie lifetime to 128 seconds (bnc#833968).
* tcp: syncookies: reduce mss table to four values (bnc#833968).
* supported.conf: make arch/x86/crypto/fpu supported (bnc#867645)
Security Issues:
* CVE-2014-3122
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3122>
* CVE-2014-2678
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2678>
* CVE-2014-2523
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2523>
* CVE-2014-1738
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1738>
* CVE-2014-1737
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1737>
* CVE-2014-0196
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0196>
* CVE-2013-7339
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7339>
* CVE-2013-7265
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7265>
* CVE-2013-7264
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7264>
* CVE-2013-7263
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7263>
* CVE-2013-6763
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6763>
* CVE-2013-4511
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4511>
SUSE bug 833968SUSE bug 849021SUSE bug 850263SUSE bug 857643SUSE bug 867645SUSE bug 868653SUSE bug 869563SUSE bug 871252SUSE bug 871561SUSE bug 875690SUSE bug 875798SUSE bug 876102CVE-2013-4511 at SUSECVE-2013-4511 at NVDCVE-2013-6763 at SUSECVE-2013-6763 at NVDCVE-2013-7263 at SUSECVE-2013-7263 at NVDCVE-2013-7264 at SUSECVE-2013-7264 at NVDCVE-2013-7265 at SUSECVE-2013-7265 at NVDCVE-2013-7339 at SUSECVE-2013-7339 at NVDCVE-2014-0196 at SUSECVE-2014-0196 at NVDCVE-2014-1737 at SUSECVE-2014-1737 at NVDCVE-2014-1738 at SUSECVE-2014-1738 at NVDCVE-2014-2523 at SUSECVE-2014-2523 at NVDCVE-2014-2678 at SUSECVE-2014-2678 at NVDCVE-2014-3122 at SUSECVE-2014-3122 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Linux KernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix a
critical privilege escalation security issue and other bugs:
* CVE-2014-3153: The futex acquisition code in kernel/futex.c can be
used to gain ring0 access via the futex syscall. This could be used
for privilege escalation by non-root users. (bnc#880892)
* CVE-2013-4299: DM snapshot: Fix data corruption. (bnc#846404)
* CVE-2013-7027: Fix references. (bnc#854634)
* CVE-2012-6647: Futex: Forbid uaddr == uaddr2 in
futex_wait_requeue_pi(). (bnc#878289)
Additionally, the 'tcp_westwood' module was marked as supported.
(bnc#871224)
Security Issues references:
* CVE-2014-3153
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153>
* CVE-2013-4299
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4299>
* CVE-2013-7027
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7027>
* CVE-2012-6647
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6647>
SUSE bug 846404SUSE bug 854634SUSE bug 871224SUSE bug 878289SUSE bug 880892CVE-2012-6647 at SUSECVE-2012-6647 at NVDCVE-2013-4299 at SUSECVE-2013-4299 at NVDCVE-2013-7027 at SUSECVE-2013-7027 at NVDCVE-2014-3153 at SUSECVE-2014-3153 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux KernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs
and security issues.
The following security issues have been fixed:
* auditsc: audit_krule mask accesses need bounds checking (bnc#880484,
CVE-2014-3917).
* fix autofs/afs/etc. magic mountpoint breakage (bnc#883526,
CVE-2014-0203).
* ipv6: call udp_push_pending_frames when uncorking a socket with
(bnc#831058, CVE-2013-4162).
* filter: prevent nla extensions to peek beyond the end of the message
(bnc#877257, CVE-2014-3144, CVE-2014-3145).
* cdc-wdm: fix buffer overflow (bnc#806431, CVE-2013-1860).
* mac80211: fix AP powersave TX vs. wakeup race (bnc#871797,
CVE-2014-2706).
The following non-security issues have been fixed:
* megaraid_sas: Update to 00.00.05.38-SL1 (bnc#871850).
* [SCSI] megaraid: remove a spurious IRQ enable (bnc#871850).
* megaraid_sas: Increase default cmds per lun to 256 (bnc#871850).
* megaraid_sas: Clear FUSION_IN_RESET before enabling interrupts
(bnc#871850).
* megaraid_sas: Add support for MegaRAID 9360/9380 12GB/s controllers
(bnc#871850).
* megaraid_sas: Add multiple MSI-X vector/multiple reply queue support
(bnc#871850).
* megaraid_sas: remove poll_mode_io code (bnc#871850).
* megaraid_sas: Add throttlequeuedepth module parameter (bnc#871850).
* megaraid_sas: Add resetwaittime module parameter (bnc#871850).
* megaraid_sas: Add module param for configurable MSI-X vector count
(bnc#871850).
* megaraid_sas: Version, Changelog, Copyright update (bnc#871850).
* megaraid_sas: Version and Changelog update (bnc#871850).
* Fix common misspellings (bnc#871850).
* scsi: Push down BKL into ioctl functions (bnc#871850).
* scsi: autoconvert trivial BKL users to private mutex (bnc#871850).
* scsi: remove cmd->serial_number litter (bnc#871850).
Security Issues:
* CVE-2014-3917
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3917>
* CVE-2014-3145
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3145>
* CVE-2014-3144
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3144>
* CVE-2014-2706
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2706>
* CVE-2014-0203
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0203>
* CVE-2013-4162
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4162>
* CVE-2013-1860
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1860>
SUSE bug 806431SUSE bug 831058SUSE bug 871797SUSE bug 871850SUSE bug 877257SUSE bug 880484SUSE bug 883526CVE-2013-1860 at SUSECVE-2013-1860 at NVDCVE-2013-4162 at SUSECVE-2013-4162 at NVDCVE-2014-0203 at SUSECVE-2014-0203 at NVDCVE-2014-2706 at SUSECVE-2014-2706 at NVDCVE-2014-3144 at SUSECVE-2014-3144 at NVDCVE-2014-3145 at SUSECVE-2014-3145 at NVDCVE-2014-3917 at SUSECVE-2014-3917 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Linux KernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs
and security issues.
The following security issues have been fixed:
* Fix information leaks in recvmsg handlers (bnc#854722,
CVE-2013-6463).
* sctp: Fix sk_ack_backlog wrap-around problem (bnc#885422,
CVE-2014-4667).
* ptrace/x86: Force IRET path after a ptrace_stop() (bnc#885725,
CVE-2014-4699).
* alsa/control: Protect user controls against concurrent access
(bnc#883795, CVE-2014-4652).
* alsa/control: Fix replacing user controls (bnc#883795, CVE-2014-4654,
CVE-2014-4655).
* alsa/control: Don't access controls outside of protected regions
(bnc#883795, CVE-2014-4653).
* alsa/control: Handle numid overflow (bnc#883795, CVE-2014-4656).
* alsa/control: Make sure that id->index does not overflow (bnc#883795,
CVE-2014-4656).
The following non-security issues have been fixed:
* Fix kABI breakage due to addition of user_ctl_lock (bnc#883795).
Security Issues:
* CVE-2014-4699
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4699>
* CVE-2014-4667
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667>
* CVE-2014-4656
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4656>
* CVE-2014-4655
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4655>
* CVE-2014-4654
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4654>
* CVE-2014-4653
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4653>
* CVE-2014-4652
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4652>
* CVE-2013-6463
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6463>
SUSE bug 854722SUSE bug 883795SUSE bug 885422SUSE bug 885725CVE-2013-6463 at SUSECVE-2013-6463 at NVDCVE-2014-4652 at SUSECVE-2014-4652 at NVDCVE-2014-4653 at SUSECVE-2014-4653 at NVDCVE-2014-4654 at SUSECVE-2014-4654 at NVDCVE-2014-4655 at SUSECVE-2014-4655 at NVDCVE-2014-4656 at SUSECVE-2014-4656 at NVDCVE-2014-4667 at SUSECVE-2014-4667 at NVDCVE-2014-4699 at SUSECVE-2014-4699 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux KernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs
and security issues.
The following security issues have been fixed:
* usb/whiteheat: Added bounds checking for bulk command response
(bnc#896391, CVE-2014-3185).
* hid: fix a couple of off-by-ones (bnc#896390, CVE-2014-3184).
* isofs: Fix unbounded recursion when processing relocated directories
(bnc#892490, CVE-2014-5471, CVE-2014-5472).
* net/l2tp: don't fall back on UDP [get|set]sockopt (bnc#887082,
CVE-2014-4943).
* net/sctp: inherit auth_capable on INIT collisions (bnc#889173,
CVE-2014-5077).
The following non-security issues have been fixed:
* megaraid_sas: Follow up fix for hangs. (bnc#889842)
* xfs: Avoid blocking on inode flush in background inode reclaim
(bnc#892235).
* bonding: move slave MTU handling from sysfs V2 (bnc#885550).
* futex: Unlock hb->lock in futex_wait_requeue_pi() error path
(bnc#880892).
Security Issues:
* CVE-2014-5472
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5472>
* CVE-2014-5471
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471>
* CVE-2014-5077
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5077>
* CVE-2014-4943
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943>
* CVE-2014-3185
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3185>
* CVE-2014-3184
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184>
SUSE bug 880892SUSE bug 885550SUSE bug 887082SUSE bug 889173SUSE bug 889842SUSE bug 892235SUSE bug 892490SUSE bug 896390SUSE bug 896391CVE-2014-3184 at SUSECVE-2014-3184 at NVDCVE-2014-3185 at SUSECVE-2014-3185 at NVDCVE-2014-4943 at SUSECVE-2014-4943 at NVDCVE-2014-5077 at SUSECVE-2014-5077 at NVDCVE-2014-5471 at SUSECVE-2014-5471 at NVDCVE-2014-5472 at SUSECVE-2014-5472 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Linux KernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel has been updated to fix
bugs and security issues.
The following security issues have been fixed:
* net: sctp: fix remote memory pressure from excessive queueing
(bnc#902351, CVE-2014-3688).
* net: sctp: fix panic on duplicate ASCONF chunks (bnc#902349,
CVE-2014-3687).
* net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks
(bnc#902346, CVE-2014-3673).
* net: guard tcp_set_keepalive() to tcp sockets (bnc#896779,
CVE-2012-6657).
* udf: Avoid infinite loop when processing indirect ICBs (bnc#896689
CVE-2014-6410).
The following non-security issue has been fixed:
* block: Fix computation of merged request priority (bnc#900997).
Security Issues:
* CVE-2014-6410
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6410>
* CVE-2014-3688
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688>
* CVE-2014-3687
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3687>
* CVE-2014-3673
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673>
* CVE-2012-6657
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6657>
SUSE bug 896689SUSE bug 896779SUSE bug 900997SUSE bug 902346SUSE bug 902349SUSE bug 902351CVE-2012-6657 at SUSECVE-2012-6657 at NVDCVE-2014-3673 at SUSECVE-2014-3673 at NVDCVE-2014-3687 at SUSECVE-2014-3687 at NVDCVE-2014-3688 at SUSECVE-2014-3688 at NVDCVE-2014-6410 at SUSECVE-2014-6410 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Linux kernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel has been updated to fix
bugs and security issues.
The following security issues have been fixed:
*
CVE-2014-9322: A local privilege escalation in the x86_64 32bit
compatibility signal handling was fixed, which could be used by local
attackers to crash the machine or execute code.
*
CVE-2014-9090: Various issues in stack register mangling on the
x86_64 platform were fixed, where local attackers could crash the
machine.
*
CVE-2014-8133: Insufficient validation of TLS register usage could
leak information from the kernel stack to userspace.
*
CVE-2014-8134: The espfix funcionality did not work for 32-bit KVM
paravirt guests, allowing information leaks from kernel to userland.
*
CVE-2010-5313: Race condition in arch/x86/kvm/x86.c in the Linux
kernel allowed L2 guest OS users to cause a denial of service (L1
guest OS crash) via a crafted instruction that triggers an L2
emulation failure report, a similar issue to CVE-2014-7842.
*
CVE-2014-0181: The Netlink implementation in the Linux kernel did not
provide a mechanism for authorizing socket operations based on the
opener of a socket, which allowed local users to bypass intended
access restrictions and modify network configurations by using a
Netlink socket for the (1) stdout or (2) stderr of a setuid program.
*
CVE-2014-7842: Race condition in arch/x86/kvm/x86.c in the Linux
kernel allowed guest OS users to cause a denial of service (guest OS
crash) via a crafted application that performs an MMIO transaction or
a PIO transaction to trigger a guest userspace emulation error
report, a similar issue to CVE-2010-5313.
*
CVE-2014-7841: The sctp_process_param function in
net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux
kernel, when ASCONF is used, allowed remote attackers to cause a
denial of service (NULL pointer dereference and system crash) via a
malformed INIT chunk.
*
CVE-2014-8709: The ieee80211_fragment function in net/mac80211/tx.c
in the Linux kernel did not properly maintain a certain tail pointer,
which allowed remote attackers to obtain sensitive cleartext
information by reading packets.
*
CVE-2013-7263: The Linux kernel updated certain length values before
ensuring that associated data structures have been initialized, which
allows local users to obtain sensitive information from kernel stack
memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call,
related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c,
net/ipv6/raw.c, and net/ipv6/udp.c. This update fixes the leak of the
port number when using ipv6 sockets.
The following non-security issues have been fixed:
* block: Fix bogus partition statistics reports (bnc#885077
bnc#891211).
* ptrace: Add support for generic PTRACE_GETREGSET/PTRACE_SETREGSET
(bnc#889654).
* x86, ptrace: regset extensions to support xstate (bnc#889654).
Note: These changes enable usage of the AVX register set in the ptrace
interface.
Security Issues:
* CVE-2010-5313
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5313>
* CVE-2013-6405
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6405>
* CVE-2014-0181
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0181>
* CVE-2014-7841
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7841>
* CVE-2014-7842
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7842>
* CVE-2014-8133
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8133>
* CVE-2014-8134
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8134>
* CVE-2014-8709
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8709>
* CVE-2014-9090
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9090>
* CVE-2014-9322
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9322>
SUSE bug 853040SUSE bug 875051SUSE bug 885077SUSE bug 889654SUSE bug 891211SUSE bug 904700SUSE bug 905100SUSE bug 905312SUSE bug 907818SUSE bug 907822SUSE bug 909077CVE-2010-5313 at SUSECVE-2010-5313 at NVDCVE-2013-6405 at SUSECVE-2013-6405 at NVDCVE-2014-0181 at SUSECVE-2014-0181 at NVDCVE-2014-7841 at SUSECVE-2014-7841 at NVDCVE-2014-7842 at SUSECVE-2014-7842 at NVDCVE-2014-8133 at SUSECVE-2014-8133 at NVDCVE-2014-8134 at SUSECVE-2014-8134 at NVDCVE-2014-8709 at SUSECVE-2014-8709 at NVDCVE-2014-9090 at SUSECVE-2014-9090 at NVDCVE-2014-9322 at SUSECVE-2014-9322 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux KernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs
and security issues.
The following security issues have been fixed:
* x86_64, vdso: Fix the vdso address randomization algorithm
(bsc#912705, CVE-2014-9585).
* isofs: Fix unchecked printing of ER records (bsc#912654,
CVE-2014-9584).
* isofs: Fix infinite looping over CE entries (bsc#911325,
CVE-2014-9420).
The following non-security issues have been fixed:
* Fix do_add_mount()/umount -l races (bsc#663516, bsc#912978).
* mm: Do not walk all of system memory during show_mem (bsc#821259,
bsc#911876).
* timekeeping: Avoid possible deadlock from clock_was_set_delayed
(bsc#771619, bsc#915335).
Security Issues:
* CVE-2014-9585
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9585>
* CVE-2014-9584
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9584>
* CVE-2014-9420
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9420>
SUSE bug 663516SUSE bug 771619SUSE bug 821259SUSE bug 911325SUSE bug 911876SUSE bug 912654SUSE bug 912705SUSE bug 912978SUSE bug 915335CVE-2014-9420 at SUSECVE-2014-9420 at NVDCVE-2014-9584 at SUSECVE-2014-9584 at NVDCVE-2014-9585 at SUSECVE-2014-9585 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Linux KernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel has been updated to fix
bugs and security issues.
The following security issues have been fixed:
* fs: Take i_mutex during prepare_binprm for setid executables
(CVE-2015-3339 bnc#928130).
* ib/uverbs: Prevent integer overflow in ib_umem_get address arithmetic
(bsc#914742, CVE-2014-8159).
* x86: Remove a bogus 'ret_from_fork' optimization (bsc#926240,
CVE-2015-2830).
* kvm/vmx: Handle invvpid vm exit gracefully (CVE-2014-3646
bnc#899192).
* kvm/vmx: Inject #GP on invalid PAT CR (CVE-2014-3647 bnc#899192).
* kvm/x86: Check non-canonical addresses upon WRMSR (CVE-2014-3610
bnc#899192).
* kvm/x86: Distinguish between stack operation and near branches
(CVE-2014-3647 bnc#899192).
* kvm/x86: Emulating descriptor load misses long-mode case
(CVE-2014-3647 bnc#899192).
* kvm/x86: Emulator fixes for eip canonical checks on near branches
(CVE-2014-3647 bnc#899192).
* kvm/x86 emulator: Make jmp far emulation into a separate function
(CVE-2014-3647 bnc#899192).
* kvm/x86 emulator: Provide more callbacks for x86 emulator
(CVE-2014-3647 bnc#899192).
* kvm/x86: Fix wrong masking on relative jump/call (CVE-2014-3647
bnc#899192).
* kvm/x86: Handle errors when RIP is set during far jumps
(CVE-2014-3647 bnc#899192).
* kvm/x86: Improve thread safety in pit (CVE-2014-3647 bnc#899192).
* kvm/x86: Sysexit emulation does not mask RIP/RSP (CVE-2014-3647
bnc#899192).
* kvm/x86: Warn if guest virtual address space is not 48-bits
(CVE-2014-3647 bnc#899192).
The following non-security issues have been fixed:
* mm: vmalloc: Check for page allocation failure before vmlist
insertion (bnc#929533).
* ntp: Fix leap second hrtimer BUG() (bsc#929571).
Security Issues:
* CVE-2014-3610
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3610>
* CVE-2014-3646
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3646>
* CVE-2014-3647
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3647>
* CVE-2014-8159
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8159>
* CVE-2015-2830
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2830>
* CVE-2015-3339
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3339>
SUSE bug 899192SUSE bug 914742SUSE bug 926240SUSE bug 928130SUSE bug 929533SUSE bug 929571CVE-2014-3610 at SUSECVE-2014-3610 at NVDCVE-2014-3646 at SUSECVE-2014-3646 at NVDCVE-2014-3647 at SUSECVE-2014-3647 at NVDCVE-2014-8159 at SUSECVE-2014-8159 at NVDCVE-2015-2830 at SUSECVE-2015-2830 at NVDCVE-2015-3339 at SUSECVE-2015-3339 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix the following security issue.
- g_start_req(): make sure that there's not too many elements in iovec (bsc#940338, CVE-2015-5707)
ImportantSUSE bug 940338CVE-2015-5707 at SUSECVE-2015-5707 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs and
security issues.
The following security issues have been fixed:
- ipv6/addrconf: Validate new MTU before applying it (bsc#944296, CVE-2015-0272).
- rds: Verify the underlying transport exists before creating a connection (bsc#945825, CVE-2015-6937).
- kvm/svm: unconditionally intercept #DB (bsc#954404, CVE-2015-8104).
- kvm/x86: work around infinite loop in microcode when #AC is delivered (bsc#953527, CVE-2015-5307).
- kvm/vmx: Report unexpected simultaneous exceptions as internal errors (bsc#953527, bsc#954404).
- kvm/x86: make double/triple fault promotion generic to all exceptions (bsc#953527, bsc#954404).
The following non-security issues have been fixed:
- Add strategy handler needed for pre-2.6.33 kernels.
- ipv6: Fix bad free of addrconf_init_net (bsc#944296).
- sched/core: Fix task and run queue sched_info::run_delay inconsistencies (bsc#949100).
- sched: Add enqueue/dequeue flags (bsc#949100).
- xfs: Fix softlockup in xfs_inode_ag_walk() (bsc#948347).
ImportantSUSE bug 944296SUSE bug 945825SUSE bug 948347SUSE bug 949100SUSE bug 953527SUSE bug 954404CVE-2015-0272 at SUSECVE-2015-0272 at NVDCVE-2015-5307 at SUSECVE-2015-5307 at NVDCVE-2015-6937 at SUSECVE-2015-6937 at NVDCVE-2015-8104 at SUSECVE-2015-8104 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs and
security issues.
The following security issues have been fixed:
- keys: Fix handling of stored error in a negatively instantiated user key (bsc#960637, CVE-2015-8539).
- sctp: Use correct sideffect command in duplicate cookie handling (bsc#960404, CVE-2013-2206).
- sctp: Deal with multiple COOKIE_ECHO chunks (bsc#960404, CVE-2013-2206).
- bluetooth: Validate socket address length in sco_sock_bind() (bsc#959399, CVE-2015-8575).
- net: Add validation for the socket syscall protocol argument (bsc#958886, CVE-2015-8543).
- xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set (bsc#957990, CVE-2015-8551, CVE-2015-8552, XSA-157).
- xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled (bsc#957990, CVE-2015-8551, CVE-2015-8552, XSA-157).
- xen/pciback: Return error on XEN_PCI_OP_enable_msix when device has MSI or MSI-X enabled (bsc#957990, CVE-2015-8551, CVE-2015-8552, XSA-157).
- xen/pciback: Return error on XEN_PCI_OP_enable_msi when device has MSI or MSI-X enabled (bsc#957990, CVE-2015-8551, CVE-2015-8552 XSA-157).
- ext4: Make orphan functions be no-op in no-journal mode (bsc#956709, CVE-2015-7509).
- inet: Add RCU protection to inet->opt (bsc#778460, CVE-2012-3552).
The following non-security issue has been fixed:
- xfs: Fix lost direct IO write in the last block (bsc#949744).
The following missing references have been added to the changelog and patches:
- bsc#817377, bsc#956709, CVE-2015-7509, bsc#955354 and CVE-2015-8215
ImportantSUSE bug 778460SUSE bug 817377SUSE bug 949744SUSE bug 955354SUSE bug 956709SUSE bug 958886SUSE bug 959399SUSE bug 960404SUSE bug 960637CVE-2012-3552 at SUSECVE-2012-3552 at NVDCVE-2013-2206 at SUSECVE-2013-2206 at NVDCVE-2015-7509 at SUSECVE-2015-7509 at NVDCVE-2015-8215 at SUSECVE-2015-8215 at NVDCVE-2015-8539 at SUSECVE-2015-8539 at NVDCVE-2015-8543 at SUSECVE-2015-8543 at NVDCVE-2015-8575 at SUSECVE-2015-8575 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs and
security issues.
The following security issues have been fixed:
- alsa/hrtimer: Fix stall by hrtimer_cancel() (CVE-2016-2549, bsc#968013).
- alsa/seq: Fix missing NULL check at remove_events ioctl (CVE-2016-2543, bsc#967972).
- alsa/seq: Fix race at timer setup and close (CVE-2016-2544, bsc#967973).
- alsa/timer: Fix double unlink of active_list (CVE-2016-2545, bsc#967974).
- alsa/timer: Fix race among timer ioctls (CVE-2016-2546, bsc#967975).
- alsa/timer: Harden slave timer list handling (CVE-2016-2547, CVE-2016-2548, bsc#968011, bsc#968012).
- alsa/usb-audio: Add sanity checks for endpoint accesses (CVE-2016-2184, bsc#971125).
- alsa/usb-audio: Avoid freeing umidi object twice (CVE-2016-2384, bsc#966693).
- alsa/usb-audio: Fix NULL dereference in create_fixed_stream_quirk() (CVE-2016-2184, bsc#971125).
- dcache: Avoid softlockup in shrink_dcache_for_umount_subtree (bsc#834473, bsc#965947).
- fuse: Break infinite loop in fuse_fill_write_pages() (bsc#963765, CVE-2015-8785).
- iw_cxgb3: Fix incorrectly returning error on success (bsc#966437, CVE-2015-8812).
- sctp: Prevent soft lockup when sctp_accept() is called during a timeout event (CVE-2015-8767, bsc#961509).
- usb: Fix invalid memory access in hub_activate() (bsc#968010, CVE-2015-8816).
- usb/serial/visor: Fix crash on detecting device without write_urbs (bsc#961512, CVE-2015-7566).
- usb/visor: Fix null-deref at probe (bsc#968670, CVE-2016-2782).
- wacom: Fix crash due to missing endpoint (bsc#970909, CVE-2016-3139).
The following non-security issues have been fixed:
- audit: Limit expansion of names_list (bsc#966102).
- hugetlb: Abort a hugepage pool resize if a signal is pending (bsc#965006).
ModerateSUSE bug 834473SUSE bug 961509SUSE bug 961512SUSE bug 963765SUSE bug 965006SUSE bug 965947SUSE bug 966102SUSE bug 966437SUSE bug 966693SUSE bug 967972SUSE bug 967973SUSE bug 967974SUSE bug 967975SUSE bug 968010SUSE bug 968011SUSE bug 968012SUSE bug 968013SUSE bug 968670SUSE bug 970909SUSE bug 971125CVE-2015-7566 at SUSECVE-2015-7566 at NVDCVE-2015-8767 at SUSECVE-2015-8767 at NVDCVE-2015-8785 at SUSECVE-2015-8785 at NVDCVE-2015-8812 at SUSECVE-2015-8812 at NVDCVE-2015-8816 at SUSECVE-2015-8816 at NVDCVE-2016-2184 at SUSECVE-2016-2184 at NVDCVE-2016-2384 at SUSECVE-2016-2384 at NVDCVE-2016-2543 at SUSECVE-2016-2543 at NVDCVE-2016-2544 at SUSECVE-2016-2544 at NVDCVE-2016-2545 at SUSECVE-2016-2545 at NVDCVE-2016-2546 at SUSECVE-2016-2546 at NVDCVE-2016-2547 at SUSECVE-2016-2547 at NVDCVE-2016-2548 at SUSECVE-2016-2548 at NVDCVE-2016-2549 at SUSECVE-2016-2549 at NVDCVE-2016-2782 at SUSECVE-2016-2782 at NVDCVE-2016-3139 at SUSECVE-2016-3139 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata Kernel was updated to fix bugs and security issues.
The following security issues have been fixed:
- ppp: Take reference on channels netns (bsc#980371, CVE-2016-4805).
- net: Fix infoleak in rtnetlink (bsc#978822, CVE-2016-4486).
- netfilter: x_tables: Validate e->target_offset early (bsc#971126, CVE-2016-3134).
- netfilter: x_tables: Make sure e->next_offset covers remaining blob size (bsc#971126, CVE-2016-3134).
- netfilter: x_tables: Fix unconditional helper (bsc#971126, CVE-2016-3134).
- Input: gtco: Fix crash on detecting device without endpoints (bsc#971944, CVE-2016-2187).
- Input: gtco: Fix usb_dev leak (bsc#971944, CVE-2016-2187).
- IB/security: Restrict use of the write() interface (bsc#979548, CVE-2016-4565).
- ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS (bsc#979213, CVE-2016-4569).
- ALSA: timer: Fix leak in events via snd_timer_user_ccallback (bsc#979213, CVE-2016-4569).
- ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt (bsc#979213, CVE-2016-4569).
- USB: usbfs: Fix potential infoleak in devio (bsc#978401, CVE-2016-4482).
- USB: iowarrior: Fix oops with malicious USB descriptors (bsc#970956, CVE-2016-2188).
- USB: cdc-acm: More sanity checking (bsc#970911, CVE-2016-3138).
- USB: cypress_m8: Add endpoint sanity check (bsc#970970, CVE-2016-3137).
- USB: digi_acceleport: Do sanity checking for the number of ports (bsc#970892, CVE-2016-3140).
- Input: powermate: Fix oops with malicious USB descriptors (bsc#970958, CVE-2016-2186).
- USB: usb_driver_claim_interface: Add sanity checking (bsc#971124, CVE-2016-2185).
The following bugs have been fixed:
- USB: usbip: Fix potential out-of-bounds write (bsc#975945).
- xen: sfc: Drop -Werror (compilation fix).
- Update tags in two patches for CVE-2016-4578 and bsc#979879.
ImportantSUSE bug 970892SUSE bug 970911SUSE bug 970956SUSE bug 970958SUSE bug 970970SUSE bug 971124SUSE bug 971126SUSE bug 971944SUSE bug 975945SUSE bug 978401SUSE bug 978822SUSE bug 979213SUSE bug 979548SUSE bug 979879SUSE bug 980371CVE-2016-2185 at SUSECVE-2016-2185 at NVDCVE-2016-2186 at SUSECVE-2016-2186 at NVDCVE-2016-2187 at SUSECVE-2016-2187 at NVDCVE-2016-2188 at SUSECVE-2016-2188 at NVDCVE-2016-3134 at SUSECVE-2016-3134 at NVDCVE-2016-3137 at SUSECVE-2016-3137 at NVDCVE-2016-3138 at SUSECVE-2016-3138 at NVDCVE-2016-3140 at SUSECVE-2016-3140 at NVDCVE-2016-4482 at SUSECVE-2016-4482 at NVDCVE-2016-4486 at SUSECVE-2016-4486 at NVDCVE-2016-4565 at SUSECVE-2016-4565 at NVDCVE-2016-4569 at SUSECVE-2016-4569 at NVDCVE-2016-4578 at SUSECVE-2016-4578 at NVDCVE-2016-4805 at SUSECVE-2016-4805 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs and
security issues.
The following security issues have been fixed:
- hid/hiddev: Validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands (bsc#986572, CVE-2016-5829).
- rds: Fix an infoleak in rds_inc_info_copy (bsc#983213, CVE-2016-5244).
- input/aiptek: Fix crash on detecting device without endpoints (bsc#956708, CVE-2015-7515).
- net: Fix a kernel infoleak in x25 module (bsc#981267, CVE-2016-4580).
- usbvision: Fix crash on detecting device with invalid configuration (bsc#950998, CVE-2015-7833).
The following non-security issues have been fixed:
- ppp: Defer netns reference release for ppp channel (bsc#980371).
- hrtimer: Prevent hrtimer_enqueue_reprogram race (bsc#981431).
- hrtimer: Remove HRTIMER_STATE_MIGRATE (bsc#981431).
ImportantSUSE bug 950998SUSE bug 956708SUSE bug 980371SUSE bug 981267SUSE bug 981431SUSE bug 983213SUSE bug 986572CVE-2015-7515 at SUSECVE-2015-7515 at NVDCVE-2015-7833 at SUSECVE-2015-7833 at NVDCVE-2016-4580 at SUSECVE-2016-4580 at NVDCVE-2016-5244 at SUSECVE-2016-5244 at NVDCVE-2016-5829 at SUSECVE-2016-5829 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs and
security issues.
The following security issues have been fixed:
- tcp: Fix use after free in tcp_xmit_retransmit_queue() (bsc#994296, CVE-2016-6828).
- aacraid: Check size values after double-fetch from user (bsc#991608, CVE-2016-6480).
- KVM: x86: Reload pit counters for all channels when restoring state (bsc#960689, CVE-2015-7513).
- unix: Properly account for FDs passed over unix sockets(bsc#839104, CVE-2013-4312).
The following non-security issues have been fixed:
- USB: Fix typo in wMaxPacketSize validation (bsc#991665).
- netfilter: Use RCU safe kfree for conntrack extensions (bsc#827416, bsc#996962).
- kaweth: Fix firmware download (bsc#993890).
- kaweth: Fix oops upon failed memory allocation (bsc#993890).
- USB: Validate wMaxPacketValue entries in endpoint descriptors (bsc#991665).
- kabi, unix: properly account for FDs passed over unix sockets (bsc#839104).
ImportantSUSE bug 827416SUSE bug 839104SUSE bug 960689SUSE bug 991608SUSE bug 991665SUSE bug 993890SUSE bug 994296SUSE bug 996962CVE-2013-4312 at SUSECVE-2013-4312 at NVDCVE-2015-7513 at SUSECVE-2015-7513 at NVDCVE-2016-6480 at SUSECVE-2016-6480 at NVDCVE-2016-6828 at SUSECVE-2016-6828 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs and
security issues.
The following security issues have been fixed:
- KEYS: Fix short sprintf buffer in /proc/keys show function. (bsc#1004517, CVE-2016-7042)
- Bluetooth: Fix potential NULL dereference in RFCOMM bind callback. (bsc#1003925, CVE-2015-8956)
- Pagemap: Do not leak physical addresses to non-privileged userspace. (bsc#994759, CVE-2016-0823)
- SCSI: arcmsr: Buffer overflow in arcmsr_iop_message_xfer(). (bsc#999932, CVE-2016-7425)
The following non-security issue has been fixed:
- cdc-acm: Added sanity checking for probe(). (bsc#993891)
ImportantSUSE bug 1003925SUSE bug 1004517SUSE bug 993891SUSE bug 994759SUSE bug 999932CVE-2015-8956 at SUSECVE-2015-8956 at NVDCVE-2016-0823 at SUSECVE-2016-0823 at NVDCVE-2016-7042 at SUSECVE-2016-7042 at NVDCVE-2016-7425 at SUSECVE-2016-7425 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs and
security issues.
- sg_write()/bsg_write() is not fit to be called under KERNEL_DS. (CVE-2016-10088 bsc#1017710)
ImportantSUSE bug 1017710CVE-2016-10088 at SUSECVE-2016-10088 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix several security issues.
- sctp: Deny peeloff operation on asocs with threads sleeping on it. (bsc#1027066, CVE-2017-6353)
- tcp: Avoid infinite loop in tcp_splice_read(). (bsc#1026722, CVE-2017-6214)
- dccp: Fix freeing skb too early for IPV6_RECVPKTINFO. (bsc#1026024, CVE-2017-6074)
- sctp: Avoid BUG_ON on sctp_wait_for_sndbuf. (bsc#1025235, CVE-2017-5986)
- ipv6: Add complete rcu protection around np->opt. (bsc#992566, CVE-2016-3841)
- ipv6/sctp: Clone options to avoid use after free. (bsc#992566, CVE-2016-3841)
- ipv6/tcp: Add rcu locking in tcp_v6_send_synack(). (bsc#992566, CVE-2016-3841)
- KABI workaround for ipv6: Add complete rcu protection around np->opt. (bsc#992566, CVE-2016-3841)
ImportantSUSE bug 1025235SUSE bug 1026024SUSE bug 1026722SUSE bug 1027066SUSE bug 992566CVE-2016-3841 at SUSECVE-2016-3841 at NVDCVE-2017-5986 at SUSECVE-2017-5986 at NVDCVE-2017-6074 at SUSECVE-2017-6074 at NVDCVE-2017-6214 at SUSECVE-2017-6214 at NVDCVE-2017-6353 at SUSECVE-2017-6353 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs and security issues.
The following security issues have been fixed:
- v4l: Share code between video_usercopy and video_ioctl2. (bsc#1035719, CVE-2010-5329)
- net/packet: Fix overflow in check for tp_frame_nr and tp_reserve. (bsc#1031579, CVE-2017-7308)
- mm/mempolicy.c: Fix error handling in set_mempolicy and mbind. (bsc#1033336, CVE-2017-7616)
- usb/iowarrior: Fix NULL-deref at probe. (bsc#970956, CVE-2016-2188)
- scsi/sg: Check length passed to SG_NEXT_CMD_LEN. (bsc#1030213, CVE-2017-7187)
- irda: Fix lockdep annotations in hashbin_delete(). (bsc#1027178, CVE-2017-6348)
- ipc/shm: Fix shmat mmap nil-page protection. (bsc#1026914, CVE-2017-5669)
- mm: Avoid setting up anonymous pages into file mapping. (bsc#979021, CVE-2015-3288)
- tty/n_hdlc: Get rid of racy n_hdlc.tbuf. (bsc#1027565, CVE-2017-2636)
- list: Introduce list_first_entry_or_null. (bsc#1027565, CVE-2017-2636)
The following non-security issues have been fixed:
- firmware: Fix directory creation rule matching with make 3.80 and 3.82. (bsc#1012422)
- nfsd: Check for oversized NFSv2/v3 arguments. (bsc#1034670)
- nfsd4: Minor NFSv2/v3 write decoding cleanup. (bsc#1034670)
- nfsd: Stricter decoding of write-like NFSv2/v3 ops. (bsc#1034670)
- usb/serial/kl5kusb105: Fix line-state error handling. (bsc#1021256)
- Update mainline reference.
ImportantSUSE bug 1012422SUSE bug 1021256SUSE bug 1026914SUSE bug 1027178SUSE bug 1027565SUSE bug 1030213SUSE bug 1031579SUSE bug 1033336SUSE bug 1034670SUSE bug 1035719SUSE bug 970956SUSE bug 979021CVE-2010-5329 at SUSECVE-2010-5329 at NVDCVE-2015-3288 at SUSECVE-2015-3288 at NVDCVE-2016-2188 at SUSECVE-2016-2188 at NVDCVE-2017-2636 at SUSECVE-2017-2636 at NVDCVE-2017-5669 at SUSECVE-2017-5669 at NVDCVE-2017-6348 at SUSECVE-2017-6348 at NVDCVE-2017-7187 at SUSECVE-2017-7187 at NVDCVE-2017-7308 at SUSECVE-2017-7308 at NVDCVE-2017-7616 at SUSECVE-2017-7616 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for kernel-source (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix the following security issues:
- alsa/timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT. (bsc#1044125, CVE-2017-1000380)
- alsa/timer: Fix race between read and ioctl. (bsc#1044125, CVE-2017-1000380)
- char/lp: Fix possible integer overflow in lp_setup(). (bsc#1039456, CVE-2017-1000363)
- dccp/tcp: Do not inherit mc_list from parent. (bsc#1038544, CVE-2017-8890)
- ipv6: Check ip6_find_1stfragopt() return value properly. (bsc#1039882, CVE-2017-9074)
- ipv6/dccp: Do not inherit ipv6_mc_list from parent. (bsc#1039885, bsc#1040069, CVE-2017-9076 CVE-2017-9077)
- ipv6: Fix out of bound writes in __ip6_append_data(). (bsc#1041431, CVE-2017-9242)
- ipv6: Prevent overrun when parsing v6 header options. (bsc#1039882, CVE-2017-9074)
- ipx: Call ipxitf_put() in ioctl error path. (bsc#1038879, CVE-2017-7487)
- mm: Enlarge stack guard gap. (bsc#1039348, bsc#1042921, CVE-2017-1000364)
- sctp: Do not inherit ipv6_{mc|ac|fl}_list from parent. (bsc#1039883, CVE-2017-9075)
- usb/serial/io_ti: Fix information leak in completion handler. (bsc#1038982, CVE-2017-8924)
- usb/serial/omninet: Fix reference leaks at open. (bsc#1038981, CVE-2017-8925)
ImportantSUSE bug 1038544SUSE bug 1038879SUSE bug 1038981SUSE bug 1038982SUSE bug 1039348SUSE bug 1039456SUSE bug 1039882SUSE bug 1039883SUSE bug 1039885SUSE bug 1040069SUSE bug 1041431SUSE bug 1042921SUSE bug 1044125CVE-2017-1000363 at SUSECVE-2017-1000363 at NVDCVE-2017-1000364 at SUSECVE-2017-1000364 at NVDCVE-2017-1000380 at SUSECVE-2017-1000380 at NVDCVE-2017-7487 at SUSECVE-2017-7487 at NVDCVE-2017-8890 at SUSECVE-2017-8890 at NVDCVE-2017-8924 at SUSECVE-2017-8924 at NVDCVE-2017-8925 at SUSECVE-2017-8925 at NVDCVE-2017-9074 at SUSECVE-2017-9074 at NVDCVE-2017-9075 at SUSECVE-2017-9075 at NVDCVE-2017-9076 at SUSECVE-2017-9076 at NVDCVE-2017-9077 at SUSECVE-2017-9077 at NVDCVE-2017-9242 at SUSECVE-2017-9242 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix one regression.
A previous security update to address CVE-2017-1000364 caused unintended side-effects in several other tools, most
notably Java. The following patches have been removed to remedied the issue:
- patches.fixes/0001-mm-enlarge-stack-guard-gap.patch
- patches.fixes/0001-mm-enlarge-stack-guard-gap.patch-fix ImportantSUSE bug 1039348SUSE bug 1045340CVE-2017-1000364 at SUSECVE-2017-1000364 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix security issues and one bug.
The following security issues have been fixed:
- CVE-2017-14340: xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present. (bsc#1058524)
- CVE-2017-14140: Sanitize 'move_pages()' permission checks. (bsc#1057179)
- CVE-2017-14051: scsi/qla2xxx: Fix an integer overflow in sysfs code. (bsc#1056588)
- CVE-2017-12762: isdn/i4l: Fix an buffer overflow. (bsc#1053148)
- CVE-2017-8831: saa7164: Fix double fetch PCIe access condition. (bsc#1037994)
- CVE-2017-7542: ipv6: Avoid overflow of offset in ip6_find_1stfragopt. (bsc#1049882)
- CVE-2017-7482: rxrpc: Fix several cases where a padded len isn't checked in ticket decode. (bsc#1046107)
- CVE-2017-7533: Fix privilege escalation in inotify. (bsc#1049483)
- CVE-2017-1000365: fs/exec.c: Account for argv/envp pointers. (bsc#1039354)
Additionally, the following non-security issue has been fixed:
- usb/wusbcore: Fix NULL-deref at probe. (bsc#1045487)
ImportantSUSE bug 1037994SUSE bug 1039354SUSE bug 1045487SUSE bug 1046107SUSE bug 1049483SUSE bug 1049882SUSE bug 1053148SUSE bug 1056588SUSE bug 1057179SUSE bug 1058524CVE-2017-1000365 at SUSECVE-2017-1000365 at NVDCVE-2017-12762 at SUSECVE-2017-12762 at NVDCVE-2017-14051 at SUSECVE-2017-14051 at NVDCVE-2017-14140 at SUSECVE-2017-14140 at NVDCVE-2017-14340 at SUSECVE-2017-14340 at NVDCVE-2017-7482 at SUSECVE-2017-7482 at NVDCVE-2017-7533 at SUSECVE-2017-7533 at NVDCVE-2017-7542 at SUSECVE-2017-7542 at NVDCVE-2017-8831 at SUSECVE-2017-8831 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs and security issues.
The following security issues have been fixed:
- CVE-2017-13080: mac80211: Accept key reinstall without changing anything. (bsc#1063667)
- CVE-2017-15274: keys: Fix dereferencing NULL payload with nonzero length. (bsc#1045327, bsc#1062471)
- CVE-2017-15265: alsa: Fix use-after-free at creating a port. (bsc#1062520)
- CVE-2017-1000253: fs/binfmt: Fix bug in loading of PIE binaries. (bsc#1059525)
Additionally, the following non-security issue has been fixed:
- fs/binfmt_elf: Return -EINVAL on zero-length mappings. (bsc#1059525)
- coredump: Only SIGKILL should interrupt the coredumping task. (bsc#1054302)
- coredump: Ensure that SIGKILL always kills the dumping thread. (bsc#1054302)
- coredump: Sanitize the setting of signal->group_exit_code. (bsc#1054302)
ImportantSUSE bug 1045327SUSE bug 1054302SUSE bug 1059525SUSE bug 1062471SUSE bug 1062520SUSE bug 1063667CVE-2017-1000253 at SUSECVE-2017-1000253 at NVDCVE-2017-13080 at SUSECVE-2017-13080 at NVDCVE-2017-15265 at SUSECVE-2017-15265 at NVDCVE-2017-15274 at SUSECVE-2017-15274 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to fix bugs and security issues.
The following security issues have been fixed:
- CVE-2017-16649: input/gtco: Fix potential out-of-bound access. (bsc#1067085)
- CVE-2017-15102: usb/misc/legousbtower: Fix NULL pointer deference. (bsc#1066705)
- CVE-2017-16531: usb: Fix out-of-bounds in usb_set_configuration. (bsc#1066671)
- CVE-2017-16525: usb/serial/console: Fix use-after-free after failed setup. (bsc#1066618)
- CVE-2017-16536: cx231xx-cards: Fix dereferencing NULL on missing association descriptor. (bsc#1066606)
- CVE-2017-16527: alsa/usb-audio: Kill stray URB at exiting. (bsc#1066625)
- CVE-2017-11473: x86/acpi: Prevent out of bound access caused by broken ACPI tables. (bsc#1049603)
Additionally, the following non-security issue has been fixed:
- mac80211: Don't compare TKIP TX MIC key in reinstall prevention. (bsc#1066472)
ImportantSUSE bug 1049603SUSE bug 1066472SUSE bug 1066606SUSE bug 1066618SUSE bug 1066625SUSE bug 1066671SUSE bug 1066705SUSE bug 1067085CVE-2017-11473 at SUSECVE-2017-11473 at NVDCVE-2017-15102 at SUSECVE-2017-15102 at NVDCVE-2017-16525 at SUSECVE-2017-16525 at NVDCVE-2017-16527 at SUSECVE-2017-16527 at NVDCVE-2017-16531 at SUSECVE-2017-16531 at NVDCVE-2017-16536 at SUSECVE-2017-16536 at NVDCVE-2017-16649 at SUSECVE-2017-16649 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to receive various security and bugfixes.
This update adds mitigations for various side channel attacks against
modern CPUs that could disclose content of otherwise unreadable memory
(bsc#1068032).
- CVE-2017-5753: Local attackers on systems with modern CPUs featuring
deep instruction pipelining could use attacker controllable speculative
execution over code patterns in the Linux Kernel to leak content from
otherwise not readable memory in the same address space, allowing
retrieval of passwords, cryptographic keys and other secrets.
This problem is mitigated by adding speculative fencing on affected
code paths throughout the Linux kernel.
- CVE-2017-5715: Local attackers on systems with modern CPUs featuring
branch prediction could use mispredicted branches to speculatively execute
code patterns that in turn could be made to leak other non-readable
content in the same address space, an attack similar to CVE-2017-5753.
This problem is mitigated by disabling predictive branches, depending
on CPU architecture either by firmware updates and/or fixes in the
user-kernel privilege boundaries.
Please also check with your CPU / Hardware vendor on updated CPU
microcode or BIOS packages regarding this issue.
As this feature can have a performance impact, it can be disabled using
the 'nospec' kernel commandline option.
- CVE-2017-5754: Local attackers on systems with modern CPUs featuring
deep instruction pipelining could use code patterns in userspace to
speculative executive code that would read otherwise read protected
memory, an attack similar to CVE-2017-5753.
This problem is mitigated by unmapping the Linux Kernel from the user
address space during user code execution, following a approach called
'KAISER'. The terms used here are 'KAISER' / 'Kernel Address Isolation'
and 'PTI' / 'Page Table Isolation'.
This feature can be enabled / disabled by the 'pti=[on|off|auto]' or
'nopti' commandline options.
The fix for bsc#1049603, CVE-201711473 has been reverted, after there is no evidence that it affects Kernel 2.6.32
and the fix causes a regression.
The following security bugs were fixed:
- CVE-2017-17806: The HMAC implementation (crypto/hmac.c) in the Linux kernel did not validate that the underlying
cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface
(CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer
overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization (bsc#1073874).
- CVE-2017-17805: The Salsa20 encryption algorithm in the Linux kernel did not correctly handle zero-length inputs,
allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause
a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a
crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation
(crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable
(bsc#1073792).
- CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause
a denial of service (OOPS) via crafted keyctl commands (bsc#951440 951638 958463).
- CVE-2014-9529: Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed
local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via
keyctl commands that trigger access to a key structure member during garbage collection of a key (bsc#912202).
- CVE-2017-13167: An elevation of privilege vulnerability in the kernel sound timer. (bsc#1072876).
- CVE-2017-17558: The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the
Linux kernel did not consider the maximum number of configurations and interfaces before attempting to release
resources, which allowed local users to cause a denial of service (out-of-bounds write access) or possibly have
unspecified other impact via a crafted USB device (bsc#1072561).
- CVE-2017-17450: net/netfilter/xt_osf.c in the Linux kernel did not require the CAP_NET_ADMIN capability for
add_callback and remove_callback operations, which allowed local users to bypass intended access restrictions because
the xt_osf_fingers data structure is shared across all net namespaces (bsc#1071695).
- CVE-2017-8824: The dccp_disconnect function in net/dccp/proto.c in the Linux kernel allowed local users to gain
privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN
state (bsc#1070771).
- CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel allowed local users
to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in
conjunction with XFRM_MSG_GETPOLICY Netlink messages (bsc#1069702).
- CVE-2017-15115: The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel did not check whether the
intended netns is used in a peel-off action, which allowed local users to cause a denial of service (use-after-free
and system crash) or possibly have unspecified other impact via crafted system calls (bsc#1068671).
- CVE-2017-14106: The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel allowed local users to cause a
denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a
certain tcp_recvmsg code path (bsc#1056982).
- CVE-2017-11600: net/xfrm/xfrm_policy.c in the Linux kernel did not ensure that the dir value of xfrm_userpolicy_id is
XFRM_POLICY_MAX or less, which allowed local users to cause a denial of service (out-of-bounds access) or possibly
have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message (bsc#1050231).
- CVE-2017-16534: The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel allowed local
users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via
a crafted USB device (bsc#1066693).
- CVE-2018-1000004: alsa/seq: Make ioctls race-free (bsc#1076017).
The following non-security bugs were fixed:
- x86/cpu: Factor out application of forced CPU caps (bsc#1075994, bsc#1075091).
- x86/cpu: Sync CPU feature flags late (bsc#1075994, bsc#1075091).
- x86/microcode: Rescan feature flags upon late loading (bsc#1075994, bsc#1075091).
- x86/spectre_v2: Fix ordering in IBRS initialization (bsc#1075994, bsc#1075091).
- x86/spec_ctrl: handle late setting of X86_FEATURE_SPEC_CTRL properly (bsc#1075994, bsc#1075091).
- x86/paravirt: Dont patch flush_tlb_single (bsc#1012382, bsc#1076154).
- x86: increase robusteness of bad_iret fixup handler.
ImportantSUSE bug 1012382SUSE bug 1049603SUSE bug 1050231SUSE bug 1056982SUSE bug 1066693SUSE bug 1067085SUSE bug 1068032SUSE bug 1068671SUSE bug 1069702SUSE bug 1070771SUSE bug 1071695SUSE bug 1072230SUSE bug 1072561SUSE bug 1072876SUSE bug 1073792SUSE bug 1073874SUSE bug 1075091SUSE bug 1075994SUSE bug 1076017SUSE bug 1076154SUSE bug 912202SUSE bug 951440SUSE bug 951638SUSE bug 958463CVE-2014-9529 at SUSECVE-2014-9529 at NVDCVE-2015-7872 at SUSECVE-2015-7872 at NVDCVE-2017-11473 at SUSECVE-2017-11473 at NVDCVE-2017-11600 at SUSECVE-2017-11600 at NVDCVE-2017-13167 at SUSECVE-2017-13167 at NVDCVE-2017-14106 at SUSECVE-2017-14106 at NVDCVE-2017-15115 at SUSECVE-2017-15115 at NVDCVE-2017-16534 at SUSECVE-2017-16534 at NVDCVE-2017-16649 at SUSECVE-2017-16649 at NVDCVE-2017-16939 at SUSECVE-2017-16939 at NVDCVE-2017-17450 at SUSECVE-2017-17450 at NVDCVE-2017-17558 at SUSECVE-2017-17558 at NVDCVE-2017-17805 at SUSECVE-2017-17805 at NVDCVE-2017-17806 at SUSECVE-2017-17806 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5753 at SUSECVE-2017-5753 at NVDCVE-2017-5754 at SUSECVE-2017-5754 at NVDCVE-2017-8824 at SUSECVE-2017-8824 at NVDCVE-2018-1000004 at SUSECVE-2018-1000004 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to receive various security and bugfixes.
The following security issues have been fixed:
- CVE-2017-18203: The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel
allowed local users to cause a denial of service by leveraging a race condition with
__dm_destroy during creation and removal of DM devices. (bsc#1083242)
- CVE-2017-18203: Fix a race between dm_get_from_kobject() and __dm_destroy(). (bsc#1083242)
- CVE-2017-18208: The madvise_willneed function in mm/madvise.c allowed local users to cause
a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping
(bsc#1083494).
- CVE-2018-7566: The ALSA sequencer core initializes the event pool on demand
by invoking snd_seq_pool_init() when the first write happens and the pool is
empty. A user could have reset the pool size manually via ioctl concurrently,
which may have lead UAF or out-of-bound access (bsc#1083483).
- CVE-2017-16644: The hdpvr_probe function allowed local users to cause a
denial of service (improper error handling and system crash) or possibly have
unspecified other impact via a crafted USB device (bsc#1067118).
- CVE-2017-16914: The 'stub_send_ret_submit()' function allowed attackers to
cause a denial of service (NULL pointer dereference) via a specially crafted
USB over IP packet (bsc#1078669).
- CVE-2018-6927: The futex_requeue function allowed attackers to cause a denial
of service (integer overflow) or possibly have unspecified other impact by
triggering a negative wake or requeue value (bsc#1080757).
- CVE-2017-16911: The vhci_hcd driver allowed local attackers to disclose
kernel memory addresses. Successful exploitation required that a USB device was
attached over IP (bnc#1078674).
- CVE-2016-7915: The hid_input_field function allowed physically proximate
attackers to obtain sensitive information from kernel memory or cause a denial
of service (out-of-bounds read) by connecting a device (bnc#1010470).
- CVE-2015-5156: The virtnet_probe function in drivers/net/virtio_net.c in
the Linux kernel attempted to support a FRAGLIST feature without proper
memory allocation, which allowed guest OS users to cause a denial of
service (buffer overflow and memory corruption) via a crafted sequence
of fragmented packets (bsc#940776).
- CVE-2017-12192: keys: Prevent KEYCTL_READ on negative key. (bsc#1062840)
- CVE-2017-12190: The bio_map_user_iov and bio_unmap_user functions did
unbalanced refcounting when a SCSI I/O vector had small consecutive buffers
belonging to the same page. The bio_add_pc_page function merged them into one,
but the page reference was never dropped. This caused a memory leak and
possible system lockup (exploitable against the host OS by a guest OS user, if
a SCSI disk is passed through to a virtual machine) due to an out-of-memory
condition (bnc#1062568).
- CVE-2017-16912: The 'get_pipe()' function (drivers/usb/usbip/stub_rx.c) in the
Linux Kernel allowed attackers to cause a denial of service (out-of-bounds read)
via a specially crafted USB over IP packet (bnc#1078673).
- CVE-2017-16913: The 'stub_recv_cmd_submit()' function (drivers/usb/usbip/stub_rx.c)
in the Linux Kernel when handling CMD_SUBMIT packets allowed attackers to cause a
denial of service (arbitrary memory allocation) via a specially crafted USB over IP
packet (bnc#1078672).
- CVE-2018-5332: In the Linux kernel the rds_message_alloc_sgs() function
did not validate a value that is used during DMA page allocation, leading
to a heap-based out-of-bounds write (related to the rds_rdma_extra_size
function in net/rds/rdma.c) (bnc#1075621).
- CVE-2017-18017: The tcpmss_mangle_packet function in
net/netfilter/xt_TCPMSS.c in the Linux kernel allowed remote attackers
to cause a denial of service (use-after-free and memory corruption)
or possibly have unspecified other impact by leveraging the presence of
xt_TCPMSS in an iptables action (bnc#1074488).
- CVE-2017-18079: drivers/input/serio/i8042.c in the Linux kernel allowed
attackers to cause a denial of service (NULL pointer dereference and
system crash) or possibly have unspecified other impact because the
port->exists value can change after it is validated (bnc#1077922).
Additionally, the following non-security issue has been fixed:
- audit: Move the tree pruning to a dedicated thread. (bsc#1075867)
ImportantSUSE bug 1010470SUSE bug 1062568SUSE bug 1062840SUSE bug 1067118SUSE bug 1074488SUSE bug 1075621SUSE bug 1075867SUSE bug 1077922SUSE bug 1078669SUSE bug 1078672SUSE bug 1078673SUSE bug 1078674SUSE bug 1080757SUSE bug 1083242SUSE bug 1083483SUSE bug 1083494SUSE bug 1086162SUSE bug 940776CVE-2015-5156 at SUSECVE-2015-5156 at NVDCVE-2016-7915 at SUSECVE-2016-7915 at NVDCVE-2017-12190 at SUSECVE-2017-12190 at NVDCVE-2017-12192 at SUSECVE-2017-12192 at NVDCVE-2017-16644 at SUSECVE-2017-16644 at NVDCVE-2017-16911 at SUSECVE-2017-16911 at NVDCVE-2017-16912 at SUSECVE-2017-16912 at NVDCVE-2017-16913 at SUSECVE-2017-16913 at NVDCVE-2017-16914 at SUSECVE-2017-16914 at NVDCVE-2017-18017 at SUSECVE-2017-18017 at NVDCVE-2017-18079 at SUSECVE-2017-18079 at NVDCVE-2017-18203 at SUSECVE-2017-18203 at NVDCVE-2017-18208 at SUSECVE-2017-18208 at NVDCVE-2018-5332 at SUSECVE-2018-5332 at NVDCVE-2018-6927 at SUSECVE-2018-6927 at NVDCVE-2018-7566 at SUSECVE-2018-7566 at NVDCVE-2018-8822 at SUSECVE-2018-8822 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to receive various security and bugfixes.
The following security issues have been fixed:
- CVE-2018-8897: An unprivileged system user could use incorrect set up interrupt stacks to crash the Linux kernel
resulting in DoS issue. (bsc#1087088)
- CVE-2018-10675: mm/mempolicy: Fix use after free when calling get_mempolicy. (bsc#1091755)
- CVE-2018-10124: The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13,
when an unspecified architecture and compiler is used, might allow local users to cause a denial of
service via an INT_MIN argument (bsc#1089752).
- CVE-2018-10087: The kernel_wait4 function in kernel/exit.c might have allowed
local users to cause a denial of service by triggering an attempted use of the
-INT_MIN value (bsc#1089608).
- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in
drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial of
service (memory consumption) via many read accesses to files in the
/sys/class/sas_phy directory, as demonstrated by the
/sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bsc#1084536).
- CVE-2018-7566: Buffer overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl
write operation to /dev/snd/seq by a local user potentially allowing for code
execution (bnc#1083483).
- CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function in
the ALSA subsystem allowed attackers to gain privileges via unspecified vectors
(bnc#1088260).
Additionally, the following non-security issues have been fixed:
- xen-netfront: Fix req_prod check to avoid RX hang when index wraps (bsc#1046610).
ImportantSUSE bug 1046610SUSE bug 1083483SUSE bug 1084536SUSE bug 1087088SUSE bug 1088260SUSE bug 1089608SUSE bug 1089752SUSE bug 1091755CVE-2017-0861 at SUSECVE-2017-0861 at NVDCVE-2018-10087 at SUSECVE-2018-10087 at NVDCVE-2018-10124 at SUSECVE-2018-10124 at NVDCVE-2018-10675 at SUSECVE-2018-10675 at NVDCVE-2018-7566 at SUSECVE-2018-7566 at NVDCVE-2018-7757 at SUSECVE-2018-7757 at NVDCVE-2018-8897 at SUSECVE-2018-8897 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-13406: An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used (bnc#1098016 bnc#1100418).
- CVE-2016-8405: An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. (bnc#1099942).
- CVE-2018-5814: Multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets (bnc#1096480).
- CVE-2018-3639: Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4 (bnc#1087082).
- CVE-2014-4508: arch/x86/kernel/entry_32.S on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allowed local users to cause a denial of service (OOPS and system crash) via an invalid syscall number, as demonstrated by number 1000. (bnc#883724)
- CVE-2018-1000204: ** (bnc#1096728).
- CVE-2018-1130: Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allowed a local user to cause a denial of service by a number of certain crafted system calls (bnc#1092904).
- CVE-2018-5803: An error in the '_sctp_make_chunk()' function (net/sctp/sm_make_chunk.c) when handling SCTP packets length could be exploited to cause a kernel crash (bnc#1083900).
- CVE-2018-7492: A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST (bnc#1082962).
The following non-security bugs were fixed:
- KVM: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure (bsc#1096242, bsc#1096281).Shuffle X86_FEATURE_KAISER declaration to reduce conflicts when backportingfurther changes
- modpost: Fix modpost license checking of vmlinux.o.
- modpost: Fix modpost's license checking V3.
- modpost: support objects with more than 64k sections.
- module: Sort exported symbols.
- kbuild: modversions for EXPORT_SYMBOL() for asm (bsc#1074621 bsc#1068032).
- x86/retpoline: do not perform thunk calls in ring3 vsyscall code (bsc#1085331).
- Introduce retpolines.
- KVM: Mask function7 ebx against host capability word9
- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being disabled (bsc#1096140). Fix for bsc#1092497
- x86/bugs: correctly force-disable IBRS on !SKL systems (bsc#1092497).
- x86/retpolines/spec_ctrl: disable IBRS on !SKL if retpolines are active (bsc#1068032).
- x86/retpolines: Work around kABI.
- sched/sysctl: Check user input value of sysctl_sched_time_avg (bsc#1100089).
- sysfs/cpu: Add vulnerability folder (bnc#1012382).
- sysfs/cpu: Fix typos in vulnerability documentation (bnc#1012382).
- sysfs: spectre_v2, handle spec_ctrl (bsc#1075994 bsc#1075091).
- x86-cpu-Implement-CPU-vulnerabilites-sysfs-fu.patch: x86/cpu: Implement CPU vulnerabilites sysfs functions (bnc#1012382).
- kaiser: Set kaiser cpu feature bit (bsc#1074701).
- x86/spectre_v2: nospectre_v2 means nospec too (bsc#1075994 bsc#1075091).
- x86/pti: do not report XenPV as vulnerable (bsc#1097551).Update xen stuff
- xen/x86/cpu: Factor out application of forced CPU caps (bsc#1075994 bsc#1075091).
- xen/x86/CPU: Sync CPU feature flags late (bsc#1075994 bsc#1075091).
ImportantSUSE bug 1012382SUSE bug 1068032SUSE bug 1074621SUSE bug 1074701SUSE bug 1075091SUSE bug 1075994SUSE bug 1082962SUSE bug 1083900SUSE bug 1085331SUSE bug 1087082SUSE bug 1092497SUSE bug 1092904SUSE bug 1096140SUSE bug 1096242SUSE bug 1096281SUSE bug 1096480SUSE bug 1096728SUSE bug 1097551SUSE bug 1098016SUSE bug 1099942SUSE bug 1100089SUSE bug 1100418SUSE bug 883724CVE-2014-4508 at SUSECVE-2014-4508 at NVDCVE-2016-8405 at SUSECVE-2016-8405 at NVDCVE-2018-1000204 at SUSECVE-2018-1000204 at NVDCVE-2018-1130 at SUSECVE-2018-1130 at NVDCVE-2018-13406 at SUSECVE-2018-13406 at NVDCVE-2018-3639 at SUSECVE-2018-3639 at NVDCVE-2018-5803 at SUSECVE-2018-5803 at NVDCVE-2018-5814 at SUSECVE-2018-5814 at NVDCVE-2018-7492 at SUSECVE-2018-7492 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 TD kernel was updated to receive various security fixes.
- CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a
local attacker to exploit this vulnerability via a SUID-root binary and obtain
full root privileges (bsc#1108912).
- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local
attackers to use a incorrect bounds check in the CDROM driver
CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)
- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that
could have been used by local attackers to read kernel memory (bsc#1107689) ImportantSUSE bug 1092903SUSE bug 1107689SUSE bug 1108912CVE-2018-10940 at SUSECVE-2018-10940 at NVDCVE-2018-14634 at SUSECVE-2018-14634 at NVDCVE-2018-16658 at SUSECVE-2018-16658 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux kernelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of the SUSE Linux Enterprise Server 11 SP1 kernel brings the
kernel to 2.6.32.24 and fixes some critical security bugs and other
non-security bugs.
Following security bugs were fixed:
*
CVE-2010-3865: A iovec integer overflow in RDS sockets was fixed
which could lead to local attackers gaining kernel privileges.
*
CVE-2010-3904: A local privilege escalation in RDS sockets allowed
local attackers to gain privileges.
Please note that the net/rds socket protocol module only lives in the
-extra kernel package, which is not installed by default on the SUSE
Linux Enterprise Server 11.
*
CVE-2010-2963: A problem in the compat ioctl handling in video4linux
allowed local attackers with a video device plugged in to gain
privileges on x86_64 systems.
SUSE bug 564324SUSE bug 573330SUSE bug 603738SUSE bug 609196SUSE bug 612729SUSE bug 623307SUSE bug 624850SUSE bug 629901SUSE bug 629908SUSE bug 638860SUSE bug 639261SUSE bug 640278SUSE bug 643249SUSE bug 644219SUSE bug 644350SUSE bug 644373SUSE bug 646045SUSE bug 647392SUSE bug 647497SUSE bug 647775SUSE bug 648308SUSE bug 649231SUSE bug 649257SUSE bug 649820SUSE bug 650109SUSE bug 650111SUSE bug 650113SUSE bug 650116SUSE bug 650128CVE-2010-2963 at SUSECVE-2010-2963 at NVDCVE-2010-3865 at SUSECVE-2010-3865 at NVDCVE-2010-3904 at SUSECVE-2010-3904 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 TD kernel was updated to fix one security issue.
This security bug was fixed:
- CVE-2016-5195: Local privilege escalation using MAP_PRIVATE. It is reportedly exploited in the wild (bsc#1004418).
ImportantSUSE bug 1004418CVE-2016-5195 at SUSECVE-2016-5195 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for kernel-source fixes the following issues:
- alsa/pcm: Call kill_fasync() in stream lock (CVE-2016-9794, bsc#1013533).
- block: Fix use-after-free in sys_ioprio_get() (CVE-2016-7911, bsc#1010711).
- firewire/net: Guard against rx buffer overflows (bsc#1008833, CVE-2016-8633).
- kvm/x86: Drop error recovery in em_jmp_far and em_ret_far (bsc#1013038, CVE-2016-9756).
- splice: Introduce FMODE_SPLICE_READ and FMODE_SPLICE_WRITE (CVE-2016-9576, bsc#1013604).
- tty: Prevent ldisc drivers from re-using stale tty fields (bsc#1010507, CVE-2015-8964).
- xfs: Fix two memory leaks in xfs_attr_list.c error paths (bsc#1012832, CVE-2016-9685).
ImportantSUSE bug 1008833SUSE bug 1010507SUSE bug 1010711SUSE bug 1012832SUSE bug 1013038SUSE bug 1013533SUSE bug 1013604CVE-2015-8964 at SUSECVE-2015-8964 at NVDCVE-2016-7911 at SUSECVE-2016-7911 at NVDCVE-2016-8633 at SUSECVE-2016-8633 at NVDCVE-2016-9576 at SUSECVE-2016-9576 at NVDCVE-2016-9685 at SUSECVE-2016-9685 at NVDCVE-2016-9756 at SUSECVE-2016-9756 at NVDCVE-2016-9794 at SUSECVE-2016-9794 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for kernel-source (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Teradata Kernel was updated to fix bugs and security issues.
The following security bugs were fixed:
- CVE-2019-11477: A vulnerability was detected which relates to the TCP Selective Acknowledgement (SACK) and
minimum segment size (MSS) capabilities. The most serious, dubbed 'SACK' allows a remotely-triggered kernel
panic on recent Linux kernels (bsc#1137586)
- CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors
utilizing speculative execution may allow an authenticated user to potentially enable information disclosure
via a side channel with local access (bsc#1111331)
- CVE-2018-12127: Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing
speculative execution may allow an authenticated user to potentially enable information disclosure via a side
channel with local access (bsc#1111331)
- CVE-2018-12130: Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors
utilizing speculative execution may allow an authenticated user to potentially enable information disclosure
via a side channel with local access (bsc#1111331)
- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some
microprocessors utilizing speculative execution may allow an authenticated user to potentially enable
information disclosure via a side channel with local access (bsc#1111331)
- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed
local attackers to observe page cache access patterns of other processes on the same system, potentially
allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited
remote exploitation may be possible, as demonstrated by latency differences in accessing public files from
an Apache HTTP Server (bsc#1120843)
- CVE-2019-11190: The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs
(such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c,
and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat (bsc#1132472)
- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before
5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a
HIDPCONNADD command, because a name field may not end with a '\0' character (bsc#1134848)
- CVE-2018-17972: An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel
through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing
a local attacker to exploit racy stack unwinding and leak kernel task stack contents (bsc#1110785)
- CVE-2019-9213: In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap
minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP
platforms. This is related to a capability check for the wrong task (bsc#1128166)
- CVE-2004-0230: TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence
numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting
a TCP RST packet, especially in protocols that use long-lived connections, such as BGP (bsc#969340)
- CVE-2016-5696: net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of
challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind
in-window attack (bsc#969340)
- CVE-2018-19985: The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8
reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object
out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space. (bsc#1120743)
- CVE-2018-20169: An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size
checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in
drivers/usb/core/usb.c (bsc#1119714)
- CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not
ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer
dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call. (bsc#949936)
- CVE-2018-18710: An issue was discovered in the Linux kernel through 4.19. An information leak in
cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because
a cast from unsigned long to int interferes with bounds checking. (bsc#1113751)
- CVE-2017-7273: The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 4.x before 4.9.4
allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified
other impact via a crafted HID report. (bsc#1031240)
- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows
local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other
impact via a crafted USB device. (bsc#1066674)
- CVE-2017-1000407: The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic
port 0x80 an exception can be triggered leading to a kernel panic (bsc#1071021)
- CVE-2018-9516: In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to
a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed.
User interaction is not needed for exploitation (bsc#1108498)
- CVE-2018-12896: An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in
kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on
interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This
basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun,
random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex,
timer_create, and timer_settime system calls (bsc#1099922)
- CVE-2017-2647, CVE-2017-6951: The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges
or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain
match field, related to the keyring_search_iterator function in keyring.c (bsc#1030593)
- CVE-2017-7472: The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service
(memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls (bsc#1034862)
Additional changes:
- Support was added for 'mitigations=' cmdline option (bsc#1112178)
- Related to the following security fixes: CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091:
* Adds mds=full,nosmt cmdline option (bsc#1111331)
* Adds mitigation mode VMWERV (bsc#1111331) ImportantSUSE bug 1030593SUSE bug 1031240SUSE bug 1034862SUSE bug 1066674SUSE bug 1071021SUSE bug 1099922SUSE bug 1108498SUSE bug 1110785SUSE bug 1111331SUSE bug 1112178SUSE bug 1113751SUSE bug 1119714SUSE bug 1119974SUSE bug 1120743SUSE bug 1120843SUSE bug 1128166SUSE bug 1132472SUSE bug 1134848SUSE bug 1137586SUSE bug 949936SUSE bug 969340CVE-2004-0230 at SUSECVE-2004-0230 at NVDCVE-2015-7799 at SUSECVE-2015-7799 at NVDCVE-2016-5696 at SUSECVE-2016-5696 at NVDCVE-2017-1000407 at SUSECVE-2017-1000407 at NVDCVE-2017-16533 at SUSECVE-2017-16533 at NVDCVE-2017-2647 at SUSECVE-2017-2647 at NVDCVE-2017-6951 at SUSECVE-2017-6951 at NVDCVE-2017-7273 at SUSECVE-2017-7273 at NVDCVE-2017-7472 at SUSECVE-2017-7472 at NVDCVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2018-12896 at SUSECVE-2018-12896 at NVDCVE-2018-17972 at SUSECVE-2018-17972 at NVDCVE-2018-18710 at SUSECVE-2018-18710 at NVDCVE-2018-19985 at SUSECVE-2018-19985 at NVDCVE-2018-20169 at SUSECVE-2018-20169 at NVDCVE-2018-9516 at SUSECVE-2018-9516 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDCVE-2019-11190 at SUSECVE-2019-11190 at NVDCVE-2019-11477 at SUSECVE-2019-11477 at NVDCVE-2019-11884 at SUSECVE-2019-11884 at NVDCVE-2019-5489 at SUSECVE-2019-5489 at NVDCVE-2019-9213 at SUSECVE-2019-9213 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for the Linux Kernel fixes the following issues:
Security issues fixed:
- CVE-2019-3459: A heap address information leak while using L2CAP_GET_CONF_OPT was fixed. (bsc#1120758)
- CVE-2019-3460: A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was fixed. (bsc#1120758)
- CVE-2019-3896: A double-free could have happened in idr_remove_all() in lib/idr.c. An unprivileged local attacker could have used this flaw for a privilege escalation or for a system crash and a denial of service (DoS). (bsc#1138943)
- CVE-2018-5390: The Linux kernel could be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. (bsc#1102340)
- CVE-2018-20836: There was a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, that could have lead to a use-after-free. (bsc#1134395)
- CVE-2019-11478: Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. (bsc#1137586 bsc#1139751)
The earlier fix had a regression where TCP connections could get stuck, this update fixes this regression.
Other issues fixed:
- Bluetooth: Verify that l2cap_get_conf_opt provides large enough
buffer (bsc#1120758 CVE-2019-3459 CVE-2019-3460).
- idr: fix top layer handling (bsc#1138943 CVE-2019-3896).
- idr: make idr_get_next() good for rcu_read_lock() (bsc#1138943).
- idr: fix backtrack logic in idr_remove_all (bsc#1138943 CVE-2019-3896).
- tcp: avoid collapses in tcp_prune_queue() if possible (CVE-2018-5390 bsc#1102340).
- tcp: detect malicious patterns in tcp_collapse_ofo_queue() (CVE-2018-5390 bsc#1102340).
- Consolidate 'SACK Panic' series with upstream
- tcp: refine memory limit test in tcp_fragment() (CVE-2019-11478 bsc#1137586 bsc#1139751).
- direct-io: don't read inode->i_blkbits multiple times (bsc#1132686).
- scsi: libsas: fix a race condition when smp task timeout (CVE-2018-20836 bsc#1134395).
ImportantSUSE bug 1102340SUSE bug 1120758SUSE bug 1132686SUSE bug 1134395SUSE bug 1137586SUSE bug 1138943SUSE bug 1139751CVE-2018-20836 at SUSECVE-2018-20836 at NVDCVE-2018-5390 at SUSECVE-2018-5390 at NVDCVE-2019-11478 at SUSECVE-2019-11478 at NVDCVE-2019-3459 at SUSECVE-2019-3459 at NVDCVE-2019-3460 at SUSECVE-2019-3460 at NVDCVE-2019-3896 at SUSECVE-2019-3896 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for kernel-source (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for the SUSE Linux Enterprise Server 11 SP1 Kernel for Teradata fixes the following issues:
Security issues fixed:
- CVE-2015-9289: In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in
drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace
API. However, the code allows larger values such as 23 (bsc#1143179)
- CVE-2019-14284: In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by
setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set
the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format
operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has
not been inserted. NOTE: QEMU creates the floppy device by default (bsc#1143189)
- CVE-2019-14283: In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate
the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered
by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device
by default (bsc#1143191)
- CVE-2010-5331: In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c
could cause an off by one (buffer overflow) problem (bsc#1143173)
- CVE-2019-11810: An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can
occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c.
This causes a Denial of Service, related to a use-after-free (bsc#1134399)
- CVE-2019-13631: In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1,
a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging
messages (bsc#1142023)
ImportantSUSE bug 1134399SUSE bug 1142023SUSE bug 1143173SUSE bug 1143179SUSE bug 1143189SUSE bug 1143191CVE-2010-5331 at SUSECVE-2010-5331 at NVDCVE-2015-9289 at SUSECVE-2015-9289 at NVDCVE-2019-11810 at SUSECVE-2019-11810 at NVDCVE-2019-13631 at SUSECVE-2019-13631 at NVDCVE-2019-14283 at SUSECVE-2019-14283 at NVDCVE-2019-14284 at SUSECVE-2019-14284 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for SUSE Linux Enterprise Server 11 SP1 Kernel for Teradata (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This is an update for the SUSE Linux Enterprise Server 11 SP1 Kernel for Teradata:
The following security issues have been fixed:
- CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may
allow an authenticated user to potentially enable information disclosure via a side channel with
local access (bsc#1139073)
- CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the
alloc_workqueue return value, leading to a NULL pointer dereference (bsc#1150457)
- CVE-2019-16234: drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does
not check the alloc_workqueue return value, leading to a NULL pointer dereference (bsc#1150452)
- CVE-2019-16232: drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does
not check the alloc_workqueue return value, leading to a NULL pointer dereference (bsc#1150465)
- CVE-2019-17052: ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux
kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can
create a raw socket, aka CID-0614e2b73768 (bsc#1152779)
- CVE-2019-17055: base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module
in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged
users can create a raw socket, aka CID-b91ee4aa2a21 (bsc#1152782)
- CVE-2019-17054: atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the
Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users
can create a raw socket, aka CID-6cc03e8aa36c (bsc#1152786)
- CVE-2019-17133: In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in
net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow (bsc#1153158)
- CVE-2019-17053: ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network
module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that
unprivileged users can create a raw socket, aka CID-e69dbd4619e7 (bsc#1152789)
- CVE-2019-15291: An issue was discovered in the Linux kernel through 5.2.9. There is a NULL
pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in
the drivers/media/usb/b2c2/flexcop-usb.c driver (bsc#1146540)
- CVE-2019-15807: In the Linux kernel before 5.1.13, there is a memory leak in
drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a
BUG and denial of service (bsc#1148938)
- CVE-2019-14821: An out-of-bounds access issue was found in the Linux kernel, all versions
through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write
operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein
write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space
process. An unprivileged host user or process with access to '/dev/kvm' device could use
this flaw to crash the host kernel, resulting in a denial of service or potentially
escalating privileges on the system (bsc#1151350)
- CVE-2010-5332: In the Linux kernel before 2.6.37, an out of bounds array access happened
in drivers/net/mlx4/port.c. When searching for a free entry in either mlx4_register_vlan()
or mlx4_register_mac(), and there is no free entry, the loop terminates without updating
the local variable free thus causing out of array bounds access (bsc#1143170)
- CVE-2019-9456: In the Android kernel in Pixel C USB monitor driver there is a possible
OOB write due to a missing bounds check. This could lead to local escalation of privilege
with System execution privileges needed. User interaction is not needed for exploitation
(bsc#1150025)
- CVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was
subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments
(SACKs). A remote attacker could use this to cause a denial of service (bsc#1137586, bsc#1139751)
- CVE-2019-15219: An issue was discovered in the Linux kernel before 5.1.8. There is a NULL
pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c
driver (bsc#1146524)
- CVE-2019-15212: An issue was discovered in the Linux kernel before 5.1.8. There is a double-free
caused by a malicious USB device in the drivers/usb/misc/rio500.c driver (bsc#1146391)
- CVE-2019-15292: An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free
in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and
net/appletalk/sysctl_net_atalk.c (bsc#1146678)
- CVE-2019-15217: An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer
dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver (bsc#1146547)
- CVE-2017-18551: An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before
4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated (bsc#1146163)
- CVE-2019-15118: check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles
recursion, leading to kernel stack exhaustion (bsc#1145922)
ImportantSUSE bug 1137586SUSE bug 1139073SUSE bug 1139751SUSE bug 1143170SUSE bug 1145922SUSE bug 1146163SUSE bug 1146391SUSE bug 1146524SUSE bug 1146540SUSE bug 1146547SUSE bug 1146678SUSE bug 1148938SUSE bug 1150025SUSE bug 1150452SUSE bug 1150457SUSE bug 1150465SUSE bug 1152779SUSE bug 1152782SUSE bug 1152786SUSE bug 1152789SUSE bug 1153158CVE-2010-5332 at SUSECVE-2010-5332 at NVDCVE-2017-18551 at SUSECVE-2017-18551 at NVDCVE-2019-11135 at SUSECVE-2019-11135 at NVDCVE-2019-11477 at SUSECVE-2019-11477 at NVDCVE-2019-14821 at SUSECVE-2019-14821 at NVDCVE-2019-15118 at SUSECVE-2019-15118 at NVDCVE-2019-15212 at SUSECVE-2019-15212 at NVDCVE-2019-15217 at SUSECVE-2019-15217 at NVDCVE-2019-15219 at SUSECVE-2019-15219 at NVDCVE-2019-15291 at SUSECVE-2019-15291 at NVDCVE-2019-15292 at SUSECVE-2019-15292 at NVDCVE-2019-15807 at SUSECVE-2019-15807 at NVDCVE-2019-16232 at SUSECVE-2019-16232 at NVDCVE-2019-16233 at SUSECVE-2019-16233 at NVDCVE-2019-16234 at SUSECVE-2019-16234 at NVDCVE-2019-17052 at SUSECVE-2019-17052 at NVDCVE-2019-17053 at SUSECVE-2019-17053 at NVDCVE-2019-17054 at SUSECVE-2019-17054 at NVDCVE-2019-17055 at SUSECVE-2019-17055 at NVDCVE-2019-17133 at SUSECVE-2019-17133 at NVDCVE-2019-9456 at SUSECVE-2019-9456 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for kernel-source (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterpise Server 11 SP1 Kernel for Teradata was updated to receive the following fixes:
Fixed security issues:
- CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it.
This attack is known as Special Register Buffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824).
- CVE-2020-13974: drivers/tty/vt/keyboard.c had an integer overflow if k_ascii was called several times in a row (bsc#1172775)
- CVE-2020-10732: A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account
to crash a trivial program and exfiltrate private kernel data (bsc#1171220)
- CVE-2020-12656: gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks
certain domain_release calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any access not already
available. It is a problem that on unloading a specific kernel module some memory is leaked, but loading kernel modules is a privileged operation. A user
could also write a kernel module to consume any amount of memory they like and load that replicating the effect of this bug (bsc#1171219)
- CVE-2020-12652: The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an
incorrect lock during the ioctl operation and trigger a race condition, i.e., a 'double fetch' vulnerability, aka CID-28d76df18f0a (bsc#1171218)
- CVE-2020-11609: An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and
drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer dereference, aka CID-485b06aadb93.
(bsc#1168854)
- CVE-2020-11608: An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences
in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints, aka CID-998912346c0d (bsc#1168829)
- CVE-2020-8648: There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function
in drivers/tty/n_tty.c (bsc#1162928)
- CVE-2020-8647: There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c
(bsc#1162929)
- CVE-2020-8649: There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in
drivers/video/console/vgacon.c (bsc#1162931)
- CVE-2020-9383: An issue was discovered in the Linux kernel through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready
out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2 (bsc#1165111)
- CVE-2019-18675: he Linux kernel through 5.3.13 has a start_offset+size Integer Overflow in cpia2_remap_buffer in
drivers/media/usb/cpia2/cpia2_core.c because cpia2 has its own mmap implementation. This allows local users
(with /dev/video0 access) to obtain read and write permissions on kernel physical pages, which can possibly result in
a privilege escalation (bsc#1157804)
- CVE-2019-19965: In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because
of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5 (bsc#1159911)
- CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091: Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers
on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure
via a side channel with local access (bsc#1111331)
- CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated
user to potentially enable information disclosure via a side channel with local access (bsc#1139073)
- CVE-2019-20096: In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, which may
cause denial of service, aka CID-1d3ff0950e2b (bsc#1159908)
- CVE-2019-19966: In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c
that will cause denial of service, aka CID-dea37a972655 (bsc#1159841)
- CVE-2019-19532: In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious
USB device in the Linux kernel HID drivers, aka CID-d9d4b1e46d95 (bsc#1158824)
- CVE-2019-19537: In the Linux kernel before 5.2.10, there is a race condition bug that can be caused by a malicious USB device in
the USB character device driver layer, aka CID-303911cfc5b9 (bsc#1158904)
- CVE-2019-19523: In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in
the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79 (bsc#1158823)
- CVE-2019-19530: In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in
the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef (bsc#1158410)
- CVE-2019-19524: In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in
the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9 (bsc#1158413)
- CVE-2019-15213: An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB
device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver (bsc#1146544)
Regular bug fixes:
- Input: add safety guards to input_set_keycode() (bsc#1168075)
ImportantSUSE bug 1012382SUSE bug 1111331SUSE bug 1139073SUSE bug 1146544SUSE bug 1154824SUSE bug 1157678SUSE bug 1157804SUSE bug 1158410SUSE bug 1158413SUSE bug 1158823SUSE bug 1158824SUSE bug 1158904SUSE bug 1159841SUSE bug 1159908SUSE bug 1159911SUSE bug 1162928SUSE bug 1162929SUSE bug 1162931SUSE bug 1165111SUSE bug 1168075SUSE bug 1168829SUSE bug 1168854SUSE bug 1171218SUSE bug 1171219SUSE bug 1171220SUSE bug 1172775CVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDCVE-2019-11135 at SUSECVE-2019-11135 at NVDCVE-2019-15213 at SUSECVE-2019-15213 at NVDCVE-2019-18675 at SUSECVE-2019-18675 at NVDCVE-2019-19227 at SUSECVE-2019-19227 at NVDCVE-2019-19523 at SUSECVE-2019-19523 at NVDCVE-2019-19524 at SUSECVE-2019-19524 at NVDCVE-2019-19530 at SUSECVE-2019-19530 at NVDCVE-2019-19532 at SUSECVE-2019-19532 at NVDCVE-2019-19537 at SUSECVE-2019-19537 at NVDCVE-2019-19965 at SUSECVE-2019-19965 at NVDCVE-2019-19966 at SUSECVE-2019-19966 at NVDCVE-2019-20096 at SUSECVE-2019-20096 at NVDCVE-2020-0543 at SUSECVE-2020-0543 at NVDCVE-2020-10732 at SUSECVE-2020-10732 at NVDCVE-2020-11608 at SUSECVE-2020-11608 at NVDCVE-2020-11609 at SUSECVE-2020-11609 at NVDCVE-2020-12652 at SUSECVE-2020-12652 at NVDCVE-2020-12656 at SUSECVE-2020-12656 at NVDCVE-2020-13974 at SUSECVE-2020-13974 at NVDCVE-2020-8647 at SUSECVE-2020-8647 at NVDCVE-2020-8648 at SUSECVE-2020-8648 at NVDCVE-2020-8649 at SUSECVE-2020-8649 at NVDCVE-2020-9383 at SUSECVE-2020-9383 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-1125: Fixed SWAPGS speculative execution (bsc#1139358).
- CVE-2019-16413: Fixed an improper check of i_size_write() which caused i_size_read() infinite loop and denial of service on SMP systems (bsc#1151347).
- CVE-2019-16746: Fixed an improper check of the length of variable elements in a beacon head, leading to a buffer overflow (bsc#1152107).
- CVE-2019-6133: Fixed an issue where the 'start time' protection mechanism could have been bypassed and therefore authorization decisions are improperly cached (bsc#1128172).
- CVE-2020-0305: Fixed a race condition which could have led to local escalation of privilege (bsc#1174462).
- CVE-2020-0404: Fixed a linked list corruption due to an unusual root cause (bsc#1176423).
- CVE-2020-0431: Fixed an out of bounds write due to a missing bounds check (bsc#1176722).
- CVE-2020-10769: Fixed a buffer over-read in the IPsec Cryptographic algorithm's module, authenc. This flaw allowed a local attacker with user privileges to cause a denial of service (bsc#1173265).
- CVE-2020-10773: Fixed a memory leak on s390/s390x, in the cmm_timeout_hander in file arch/s390/mm/cmm.c (bsc#1172999).
- CVE-2020-14353: Fixed an issue where keys - for keyctl prevent creating a different user's keyrings (bsc#1174993).
- CVE-2020-14381: Fixed requeue paths such that filp was valid when dropping the references (bsc#1176011).
- CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory corruption or a denial of service when changing screen size (bsc#1176235).
- CVE-2020-14416: Fixed a race condition in tty->disc_data handling in the slip and slcan line discipline which could have led to a use-after-free (bsc#1162002).
- CVE-2020-15437: Fixed a null pointer dereference which could have allowed local users to cause a denial of service(bsc#1179140).
- CVE-2020-25643: Fixed a memory corruption and a read overflow which could have caused by improper input validation in the ppp_cp_parse_cr function (bsc#1177206).
- CVE-2020-25656: Fixed a concurrency use-after-free in vt_do_kdgkb_ioctl (bsc#1177766).
- CVE-2020-25668: Fixed a use-after-free in con_font_op() (bsc#1178123).
- CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit() (bsc#1178182).
- CVE-2020-27786: Fixed a use after free in kernel midi subsystem snd_rawmidi_kernel_read1() (bsc#1179601).
- CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could have been used by local attackers to read kernel memory (bsc#1178886).
- CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon (bsc#1178589).
- net/x25: prevent a couple of overflows (bsc#1178590).
ImportantSUSE bug 1121826SUSE bug 1121872SUSE bug 1139358SUSE bug 1151347SUSE bug 1152107SUSE bug 1162002SUSE bug 1172999SUSE bug 1173265SUSE bug 1174462SUSE bug 1174993SUSE bug 1176011SUSE bug 1176235SUSE bug 1176278SUSE bug 1176423SUSE bug 1176722SUSE bug 1177206SUSE bug 1177766SUSE bug 1178123SUSE bug 1178182SUSE bug 1178589SUSE bug 1178590SUSE bug 1178886SUSE bug 1179140SUSE bug 1179601CVE-2019-1125 at SUSECVE-2019-1125 at NVDCVE-2019-16413 at SUSECVE-2019-16413 at NVDCVE-2019-16746 at SUSECVE-2019-16746 at NVDCVE-2019-6133 at SUSECVE-2019-6133 at NVDCVE-2020-0305 at SUSECVE-2020-0305 at NVDCVE-2020-0404 at SUSECVE-2020-0404 at NVDCVE-2020-0431 at SUSECVE-2020-0431 at NVDCVE-2020-10769 at SUSECVE-2020-10769 at NVDCVE-2020-10773 at SUSECVE-2020-10773 at NVDCVE-2020-14353 at SUSECVE-2020-14353 at NVDCVE-2020-14381 at SUSECVE-2020-14381 at NVDCVE-2020-14390 at SUSECVE-2020-14390 at NVDCVE-2020-14416 at SUSECVE-2020-14416 at NVDCVE-2020-15437 at SUSECVE-2020-15437 at NVDCVE-2020-25643 at SUSECVE-2020-25643 at NVDCVE-2020-25656 at SUSECVE-2020-25656 at NVDCVE-2020-25668 at SUSECVE-2020-25668 at NVDCVE-2020-25669 at SUSECVE-2020-25669 at NVDCVE-2020-27786 at SUSECVE-2020-27786 at NVDCVE-2020-28915 at SUSECVE-2020-28915 at NVDCVE-2020-28974 at SUSECVE-2020-28974 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel (bnc#1181349).
- CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could have led to local privilege escalation (bnc#1180029).
- CVE-2020-25211: Fixed a flaw where a local attacker was able to inject conntrack netlink configuration that could cause a denial of service or trigger the use of incorrect protocol numbers in ctnetlink_parse_tuple_filter (bnc#1176395).
- CVE-2020-27786: Fixed an out-of-bounds write in the MIDI implementation (bnc#1179601).
- CVE-2020-27068: Fixed an out-of-bounds read due to a missing bounds check in the nl80211_policy policy of nl80211.c (bnc#1180086).
The following non-security bugs were fixed:
- HID: Fix slab-out-of-bounds read in hid_field_extract (bsc#1180052).
ImportantSUSE bug 1176395SUSE bug 1179601SUSE bug 1179616SUSE bug 1180029SUSE bug 1180030SUSE bug 1180052SUSE bug 1180086SUSE bug 1181349SUSE bug 1181553CVE-2020-0465 at SUSECVE-2020-0465 at NVDCVE-2020-25211 at SUSECVE-2020-25211 at NVDCVE-2020-27068 at SUSECVE-2020-27068 at NVDCVE-2020-27786 at SUSECVE-2020-27786 at NVDCVE-2021-3347 at SUSECVE-2021-3347 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for kernel-source (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 Kernel was updated to receive the following changes:
- CVE-2020-29660: A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through
5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID,
aka CID-c8bcd9c5be24 (bsc#1179745)
ImportantSUSE bug 1179745CVE-2020-29660 at SUSECVE-2020-29660 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
he SUSE Linux Enterprise 11 SP1 Kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2014-7841: Fixed denial of service via a malformed SCTP INIT chunk when ASCONF is used (bnc#905100).
- CVE-2019-0136: Fixed an insufficient access control which allow an unauthenticated user to execute a denial of service. (bsc#1193157)
- CVE-2020-24586: Fixed a bug that, under the right circumstances, allows to inject arbitrary network packets and/or exfiltrate user data when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP. (bsc#1185859)
- CVE-2020-24587: Fixed a bug that allows an adversary to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed. (bsc#1185862)
- CVE-2020-26139: Fixed a bug that allows an Access Point (AP) to forward EAPOL frames to other clients even though the sender has not yet successfully authenticated. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and made it easier to exploit other vulnerabilities in connected clients. (bsc#1186062)
- CVE-2020-35519: Fixed an out-of-bounds memory access flaw found in x25_bind (bsc#1183696).
- CVE-2020-36386: Fixed an out-of-bounds read issue in hci_extended_inquiry_result_evt (bnc#1187038).
- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215)
- CVE-2021-3655: Fixed a missing size validations on inbound SCTP packets, which may have allowed the kernel to read uninitialized memory (bsc#1188563).
- CVE-2021-3679: Fixed denial of service flaw in the Linux kernel tracing module functionality (bnc#1189057).
- CVE-2021-3753: Fixed race out-of-bounds in virtual terminal handling (bsc#1190025).
- CVE-2021-3772: Fixed invalid chunks in SCTP that may be used to remotely remove existing associations (bsc#1190351).
- CVE-2021-4155: Fixed a data leak flaw that allows a local attacker to leak data on the XFS filesystem. (bsc#1194272)
- CVE-2021-20261: Fixed a race condition in the implementation of the floppy disk drive controller driver software (bsc#1183400).
- CVE-2021-20265: Fixed denial of service by unprivileged local users via the the unix_stream_recvmsg function in the Linux kernel when a signal was pending (bnc#1183089).
- CVE-2021-27363: Fixed a kernel pointer leak which could have been used to determine the address of the iscsi_transport structure (bsc#1182716).
- CVE-2021-27364: Fixed an issue in drivers/scsi/scsi_transport_iscsi.c where an unprivileged user can craft Netlink messages (bnc#1182717).
- CVE-2021-27365: Fixed an issue where an unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message (bsc#1182715).
- CVE-2021-28972: Fixed a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly (bsc#1184198).
- CVE-2021-32399: Fixed a race condition when removing the HCI controller (bnc#1184611).
- CVE-2021-33033: Fixed a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled (bsc#1186109).
- CVE-2021-34693: Fixed leak of sensitive information from kernel stack memory via partially uninitialized data structures in net/can/bcm.c (bnc#1187452).
- CVE-2021-37159: Fixed use-after-free and a double free inside hso_free_net_device in drivers/net/usb/hso.c when unregister_netdev is called without checking for the NETREG_REGISTERED state (bnc#1188601).
- CVE-2021-42008: Fixed a slab out-of-bounds write in the decode_data function in drivers/net/hamradio/6pack.c. Input from a process that had the CAP_NET_ADMIN capability could have lead to root access (bsc#1191315).
- CVE-2021-43389: Fixed an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c (bnc#1191958).
The following non-security bugs were fixed:
- fuse: fix bad inode (bsc#1184211).
- fuse: fix live lock in fuse_iget() (bsc#1184211).
- kernel/timeconst.pl: Fix error with current day perl (bsc#1192117).
- kprobes: Limit max data_size of the kretprobe instances (bsc#1193669).
- scsi: sg: add sg_remove_request in sg_write (bsc#1171420 CVE2020-12770).
- sctp: check asoc peer.asconf_capable before processing asconf (bsc#1190351).
- sctp: fix to check the source address of COOKIE-ECHO chunk (bsc#1188563).
- sctp: fully initialize v4 addr in some functions (bsc#1188563).
- sctp: simplify addr copy (bsc#1188563).
ImportantSUSE bug 1171420SUSE bug 1182715SUSE bug 1182716SUSE bug 1182717SUSE bug 1183089SUSE bug 1183400SUSE bug 1183696SUSE bug 1184198SUSE bug 1184211SUSE bug 1184611SUSE bug 1185859SUSE bug 1185862SUSE bug 1186062SUSE bug 1186109SUSE bug 1187038SUSE bug 1187215SUSE bug 1187452SUSE bug 1188563SUSE bug 1188601SUSE bug 1189057SUSE bug 1190025SUSE bug 1190351SUSE bug 1191315SUSE bug 1191958SUSE bug 1192117SUSE bug 1193157SUSE bug 1193669SUSE bug 1194272SUSE bug 905100CVE-2014-7841 at SUSECVE-2014-7841 at NVDCVE-2019-0136 at SUSECVE-2019-0136 at NVDCVE-2020-24586 at SUSECVE-2020-24586 at NVDCVE-2020-24587 at SUSECVE-2020-24587 at NVDCVE-2020-26139 at SUSECVE-2020-26139 at NVDCVE-2020-35519 at SUSECVE-2020-35519 at NVDCVE-2020-36386 at SUSECVE-2020-36386 at NVDCVE-2021-20261 at SUSECVE-2021-20261 at NVDCVE-2021-20265 at SUSECVE-2021-20265 at NVDCVE-2021-27363 at SUSECVE-2021-27363 at NVDCVE-2021-27364 at SUSECVE-2021-27364 at NVDCVE-2021-27365 at SUSECVE-2021-27365 at NVDCVE-2021-28972 at SUSECVE-2021-28972 at NVDCVE-2021-32399 at SUSECVE-2021-32399 at NVDCVE-2021-33033 at SUSECVE-2021-33033 at NVDCVE-2021-34693 at SUSECVE-2021-34693 at NVDCVE-2021-3609 at SUSECVE-2021-3609 at NVDCVE-2021-3655 at SUSECVE-2021-3655 at NVDCVE-2021-3679 at SUSECVE-2021-3679 at NVDCVE-2021-37159 at SUSECVE-2021-37159 at NVDCVE-2021-3753 at SUSECVE-2021-3753 at NVDCVE-2021-3772 at SUSECVE-2021-3772 at NVDCVE-2021-4155 at SUSECVE-2021-4155 at NVDCVE-2021-42008 at SUSECVE-2021-42008 at NVDCVE-2021-43389 at SUSECVE-2021-43389 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 SP1 TD kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-15572: The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c did not always fill RSB upon a context switch, which made it easier for attackers to conduct userspace-userspace spectreRSB attacks (bnc#1102517 bnc#1105296).
- CVE-2018-10902: It was found that the raw midi kernel driver did not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation (bnc#1105322).
- CVE-2018-3620: Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis (bnc#1087081).
- CVE-2018-14734: drivers/infiniband/core/ucma.c kernel allowed ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allowed attackers to cause a denial of service (use-after-free) (bnc#1103119).
- CVE-2018-3665: System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel. (bnc#1087086)
The following non-security bugs were fixed:
- Fixup X86_FEATURE_EAGER_FPU definition and use a unique bit.
- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- module/retpoline: Warn about missing retpoline in module (bnc#1099177).
- x64/entry: move ENABLE_IBRS after switching from trampoline stack (bsc#1098658).
- x86/cpu/bugs: Make retpoline module warning conditional (bnc#1099177).
- x86/fpu: fix signal handling with eager FPU switching (bsc#1100091).
- x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818).
- x86/mm: Simplify p[g4um]d_page() macros (bnc#1087081, bnc#1104684).
- x86, ptrace: Remove set_stopped_child_used_math() in [x]fpregs_set.
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081).
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).
- x86/traps: Fix bad_iret_stack in fixup_bad_iret() (bsc#1098658).
- xen x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- xen: x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081).
- xen x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
ImportantSUSE bug 1087081SUSE bug 1087086SUSE bug 1098658SUSE bug 1099177SUSE bug 1100091SUSE bug 1102517SUSE bug 1103119SUSE bug 1104684SUSE bug 1104818SUSE bug 1105296SUSE bug 1105322SUSE bug 1105536CVE-2018-10902 at SUSECVE-2018-10902 at NVDCVE-2018-14734 at SUSECVE-2018-14734 at NVDCVE-2018-15572 at SUSECVE-2018-15572 at NVDCVE-2018-3620 at SUSECVE-2018-3620 at NVDCVE-2018-3665 at SUSECVE-2018-3665 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for krb5SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This MIT krb5 update fixes a buffer overrun problem in kadmind:
* bnc#891082: buffer overrun in kadmind with LDAP back end
(MITKRB5-SA-2014-001) (CVE-2014-4345)
MIT krb5 Security Advisory 2014-001
* http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2014-001.txt
Security Issues:
* CVE-2014-4345
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345>
SUSE bug 612890SUSE bug 650650SUSE bug 663619SUSE bug 698471SUSE bug 738632SUSE bug 787272SUSE bug 806715SUSE bug 825985SUSE bug 849240SUSE bug 886016SUSE bug 888697SUSE bug 891082CVE-2002-2443 at SUSECVE-2002-2443 at NVDCVE-2010-1323 at SUSECVE-2010-1323 at NVDCVE-2010-1324 at SUSECVE-2010-1324 at NVDCVE-2010-4020 at SUSECVE-2010-4020 at NVDCVE-2010-4021 at SUSECVE-2010-4021 at NVDCVE-2011-0281 at SUSECVE-2011-0281 at NVDCVE-2011-0282 at SUSECVE-2011-0282 at NVDCVE-2011-4862 at SUSECVE-2011-4862 at NVDCVE-2013-1415 at SUSECVE-2013-1415 at NVDCVE-2013-1418 at SUSECVE-2013-1418 at NVDCVE-2014-4341 at SUSECVE-2014-4341 at NVDCVE-2014-4342 at SUSECVE-2014-4342 at NVDCVE-2014-4343 at SUSECVE-2014-4343 at NVDCVE-2014-4344 at SUSECVE-2014-4344 at NVDCVE-2014-4345 at SUSECVE-2014-4345 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for krb5 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
krb5 was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-2695: Applications which call gss_inquire_context() on a partially-established SPNEGO context could have caused the GSS-API library to read from a pointer using the wrong type, generally causing a process crash (bsc#952188).
ImportantSUSE bug 952188CVE-2015-2695 at SUSECVE-2015-2695 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for krb5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The krb5 package was updated to fix the following security and non security issues:
- CVE-2015-2695: Fixed missing functions that were still vulnerable (bsc#954270).
- Fixed a memory leak in the handling of error messages (bsc#954470).
ModerateSUSE bug 954270SUSE bug 954470CVE-2015-2695 at SUSECVE-2015-2695 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for krb5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for krb5 fixes the following issues:
- CVE-2015-8629: Information leak authenticated attackers with permissions to modify the database (bsc#963968)
- CVE-2015-8631: An authenticated attacker could have caused a memory leak in auditd by supplying a null principal name in request (bsc#963975)
ModerateSUSE bug 963968SUSE bug 963975CVE-2015-8629 at SUSECVE-2015-8629 at NVDCVE-2015-8631 at SUSECVE-2015-8631 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for krb5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for krb5 fixes the following security issue:
- CVE-2016-3119: An authenticated attacker with permission to modify a
principal entry could have caused kadmind to dereference a null pointer
by supplying an empty DB argument to the modify_principal command,
if kadmind is configured to use the LDAP KDB module. (bsc#971942)
ModerateSUSE bug 971942CVE-2016-3119 at SUSECVE-2016-3119 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for krb5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for krb5 fixes the following issues:
- Incorrect string handling in build_principal_va can lead to DOS. (bsc#952190, CVE-2015-2697)
- Fix potential heap corruption and crash vulnerability described in MIT krb5 Security Advisory 2012-001.
(bsc#770172, CVE-2012-1015)
- Fix prep_reprocess_req NULL pointer deref. (bsc#816413, CVE-2013-1416)
- Fix Denial of service in krb5_read_message. (bsc#918595, CVE-2014-5355)
ModerateSUSE bug 770172SUSE bug 816413SUSE bug 918595SUSE bug 952190CVE-2012-1015 at SUSECVE-2012-1015 at NVDCVE-2013-1416 at SUSECVE-2013-1416 at NVDCVE-2014-5355 at SUSECVE-2014-5355 at NVDCVE-2015-2697 at SUSECVE-2015-2697 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for krb5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for krb5 fixes the following issues:
Security issues fixed:
- CVE-2017-11368: Fix an unintended assertion failure in KDC (bsc#1049819)
Also the openssl1 LDAP library build is now used for the LDAP plugin components. (bsc#1025126).
ModerateSUSE bug 1025126SUSE bug 1049819CVE-2017-11368 at SUSECVE-2017-11368 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for krb5 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for krb5 fixes the following security issues:
- CVE-2017-15088: A buffer overflow in get_matching_data() was fixed that could under specific circumstances be used to execute code (bsc#1065274)
- CVE-2017-11462: Prevent automatic security context deletion to prevent double-free (bsc#1056995)
ImportantSUSE bug 1056995SUSE bug 1065274CVE-2017-11462 at SUSECVE-2017-11462 at NVDCVE-2017-15088 at SUSECVE-2017-15088 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for krb5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for krb5 fixes the following issues:
Security issues fixed:
- CVE-2018-5729: Null pointer dereference in kadmind or DN container check bypass by supplying special crafted data (bsc#1083926).
- CVE-2018-5730: DN container check bypass by supplying special crafted data (bsc#1083927).
ModerateSUSE bug 1083926SUSE bug 1083927CVE-2018-5729 at SUSECVE-2018-5729 at NVDCVE-2018-5730 at SUSECVE-2018-5730 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for krb5SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for krb5 fixes the following issues:
* When randomizing the keys for a service principal, current keys could
be returned. (CVE-2014-5351)
* klist -s crashes when handling multiple referral entries.
(bnc#890623)
Security Issues:
* CVE-2014-5351
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5351>
SUSE bug 890623SUSE bug 897874CVE-2014-5351 at SUSECVE-2014-5351 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for krb5SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
krb5 has been updated to fix four security issues:
* CVE-2014-5352: gss_process_context_token() incorrectly frees context
(bsc#912002)
* CVE-2014-9421: kadmind doubly frees partial deserialization results
(bsc#912002)
* CVE-2014-9422: kadmind incorrectly validates server principal name
(bsc#912002)
* CVE-2014-9423: libgssrpc server applications leak uninitialized bytes
(bsc#912002)
Additionally, these non-security issues have been fixed:
* Winbind process hangs indefinitely without DC. (bsc#872912)
* Hanging winbind processes. (bsc#906557)
Security Issues:
* CVE-2014-5352
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352>
* CVE-2014-9421
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421>
* CVE-2014-9422
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422>
* CVE-2014-9423
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423>
SUSE bug 872912SUSE bug 906557SUSE bug 912002CVE-2014-5352 at SUSECVE-2014-5352 at NVDCVE-2014-9421 at SUSECVE-2014-9421 at NVDCVE-2014-9422 at SUSECVE-2014-9422 at NVDCVE-2014-9423 at SUSECVE-2014-9423 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for krb5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
krb5 was updated to fix three security issues.
Remote authenticated users could cause denial of service.
These security issues were fixed:
- CVE-2014-5353: NULL pointer dereference when using a ticket policy name as password name (bsc#910457).
- CVE-2014-5354: NULL pointer dereference when using keyless entries (bsc#910458).
- CVE-2014-5355: Denial of service in krb5_read_message (bsc#918595).
ModerateSUSE bug 910457SUSE bug 910458SUSE bug 918595CVE-2014-5353 at SUSECVE-2014-5353 at NVDCVE-2014-5354 at SUSECVE-2014-5354 at NVDCVE-2014-5355 at SUSECVE-2014-5355 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for kvmSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
The kvm qemu vt100 emulation was affected by a problem where specific vt100
sequences could have been used by guest users to affect the host.
(CVE-2012-3515 aka XSA-17).
Also a temp file race was fixed. (CVE-2012-2652)
Security Issue reference:
* CVE-2012-3515
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3515>
* CVE-2012-2652
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2652>
SUSE bug 598271SUSE bug 598298SUSE bug 599095SUSE bug 603161SUSE bug 603179SUSE bug 610682SUSE bug 619991SUSE bug 621793SUSE bug 626654SUSE bug 637297SUSE bug 689895SUSE bug 690781SUSE bug 695510SUSE bug 695766SUSE bug 698237SUSE bug 701161SUSE bug 702823SUSE bug 704933SUSE bug 705095SUSE bug 705304SUSE bug 740165SUSE bug 764526SUSE bug 777084SUSE bug 877642SUSE bug 877645SUSE bug 929339SUSE bug 932770CVE-2011-1750 at SUSECVE-2011-1750 at NVDCVE-2011-1751 at SUSECVE-2011-1751 at NVDCVE-2011-2212 at SUSECVE-2011-2212 at NVDCVE-2011-2512 at SUSECVE-2011-2512 at NVDCVE-2011-2527 at SUSECVE-2011-2527 at NVDCVE-2012-0029 at SUSECVE-2012-0029 at NVDCVE-2012-2652 at SUSECVE-2012-2652 at NVDCVE-2012-3515 at SUSECVE-2012-3515 at NVDCVE-2014-0222 at SUSECVE-2014-0222 at NVDCVE-2014-0223 at SUSECVE-2014-0223 at NVDCVE-2015-3209 at SUSECVE-2015-3209 at NVDCVE-2015-3456 at SUSECVE-2015-3456 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
kvm was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-5154: Host code execution via IDE subsystem CD-ROM (bsc#938344). ImportantSUSE bug 938344CVE-2015-5154 at SUSECVE-2015-5154 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for kvm fixes the following issues:
- CVE-2017-2633: memory corruption due to unchecked resolution limit in VNC. (bsc#1026612)
- CVE-2021-3594: invalid pointer initialization may lead to information disclosure in slirp (udp) (bsc#1187367)
- CVE-2019-14378: heap buffer overflow during packet reassembly in slirp networking implementation. (bsc#1143794)
- CVE-2020-1983: use-after-free in ip_reass function in ip_input.c. (bsc#1170940)
- CVE-2020-29130: out-of-bounds access while processing ARP packets. (bsc#1179467)
- CVE-2013-4530: fix buffer overun on invalid state load. (bsc#864682)
- CVE-2021-3592: invalid pointer initialization may lead to information disclosure (bootp). (bsc#1187364)
- CVE-2015-5225 heap memory corruption in vnc_refresh_server_surface. (bsc#942845)
- CVE-2020-29129: out-of-bounds access while processing NCSI packets. (bsc#1179466)
- CVE-2020-8608: potential OOB access due to unsafe snprintf() usages. (bsc#1163018)
- CVE-2017-5715: speculative side channel attacks on various CPU platforms aka 'SpectreAttack' and 'MeltdownAttack'. (bsc#1068032)
ImportantSUSE bug 1026612SUSE bug 1068032SUSE bug 1143794SUSE bug 1163018SUSE bug 1170940SUSE bug 1179466SUSE bug 1179467SUSE bug 1187364SUSE bug 1187367SUSE bug 864682SUSE bug 942845CVE-2013-4530 at SUSECVE-2013-4530 at NVDCVE-2015-5225 at SUSECVE-2015-5225 at NVDCVE-2017-2633 at SUSECVE-2017-2633 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2019-14378 at SUSECVE-2019-14378 at NVDCVE-2020-1983 at SUSECVE-2020-1983 at NVDCVE-2020-29129 at SUSECVE-2020-29129 at NVDCVE-2020-29130 at SUSECVE-2020-29130 at NVDCVE-2020-8608 at SUSECVE-2020-8608 at NVDCVE-2021-3592 at SUSECVE-2021-3592 at NVDCVE-2021-3594 at SUSECVE-2021-3594 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for kvm (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for kvm fixes the following issues:
- eepro100: stack overflow via infinite recursion (bsc#1182651, CVE-2021-20255)
ModerateSUSE bug 1182651CVE-2021-20255 at SUSECVE-2021-20255 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for lcmsSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The lcms userland utilities were updated to fix stack overflows.
CVE-2013-4276: Multiple stack-based buffer overflows in LittleCMS allowed
remote attackers to cause a denial of service (crash) via a crafted (1) ICC
color profile to the icctrans utility or (2) TIFF image to the tiffdiff
utility.
Security Issues:
* CVE-2013-4276
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4276>
SUSE bug 843716CVE-2013-4276 at SUSECVE-2013-4276 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for less (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for less fixes the following issues:
Security issue fixed:
- CVE-2014-9488: Malformed UTF-8 data could have caused an out of bounds read in
the UTF-8 decoding routines, causing an invalid read access (bsc#921719).
ModerateSUSE bug 921719CVE-2014-9488 at SUSECVE-2014-9488 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for lha (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
lha was updated to fix one security issue.
This security issue was fixed:
- CVE-2016-1925: Buffer Overflow while parsing level0 and level1 headers (bsc#962528).
ModerateSUSE bug 962528CVE-2016-1925 at SUSECVE-2016-1925 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libHX13SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes a heap-based buffer overflow in HX_split() of libHX.
(CVE-2010-2947)
Security Issue reference:
* CVE-2010-2947
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2947>
SUSE bug 631582CVE-2010-2947 at SUSECVE-2010-2947 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libQtSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The Qt library was updated to fix a XML entity expansion attack (XXE).
(CVE-2013-4549)
Security Issue reference:
* CVE-2013-4549
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4549>
SUSE bug 610578SUSE bug 613818SUSE bug 619089SUSE bug 637275SUSE bug 637293SUSE bug 643848SUSE bug 668210SUSE bug 669604SUSE bug 714984SUSE bug 739904SUSE bug 746332SUSE bug 755724SUSE bug 779952SUSE bug 784197SUSE bug 797006SUSE bug 802634SUSE bug 856832SUSE bug 859158CVE-2010-2621 at SUSECVE-2010-2621 at NVDCVE-2011-3193 at SUSECVE-2011-3193 at NVDCVE-2011-3194 at SUSECVE-2011-3194 at NVDCVE-2011-3922 at SUSECVE-2011-3922 at NVDCVE-2012-4929 at SUSECVE-2012-4929 at NVDCVE-2013-0254 at SUSECVE-2013-0254 at NVDCVE-2013-4549 at SUSECVE-2013-4549 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libaprSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes the following security issues:
* 650435: remote DoS in APR (CVE-2010-1623)
* 693778: unconstrained recursion when processing patterns
(CVE-2011-0419,CVE-2011-1928)
Security Issue reference:
* CVE-2011-0419
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419>
* CVE-2010-1623
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623>
* CVE-2011-1928
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928>
SUSE bug 650435SUSE bug 693778CVE-2010-1623 at SUSECVE-2010-1623 at NVDCVE-2011-0419 at SUSECVE-2011-0419 at NVDCVE-2011-1928 at SUSECVE-2011-1928 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libapr-util1 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libapr-util1 fixes the following issues:
Security issue fixed:
- CVE-2017-12618: DoS via crafted SDBM database files in apr_sdbm*() functions (bsc#1064990)
ModerateSUSE bug 1064990CVE-2017-12618 at SUSECVE-2017-12618 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libapr1 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes the following issues:
- CVE-2017-12613: DoS or information disclosure in pr_exp_time*() or apr_os_exp_time*() functions (bsc#1064982).
ModerateSUSE bug 1064982CVE-2017-12613 at SUSECVE-2017-12613 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for util-linuxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for util-linux suppresses a warning that's not relevant on
Linux systems. (bnc#871698)
SUSE bug 495657SUSE bug 704533SUSE bug 704866SUSE bug 784506SUSE bug 808155SUSE bug 871698SUSE bug 888678SUSE bug 907434CVE-2014-9114 at SUSECVE-2014-9114 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libcaca (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libcaca fixes the following issues:
- CVE-2021-30499: Fixed a memory corruption issue when exporting troff sources (bsc#1184751).
- CVE-2021-30498: Fixed a memory corruption issue when exporting TGA images (bsc#1184752).
ImportantSUSE bug 1184751SUSE bug 1184752CVE-2021-30498 at SUSECVE-2021-30498 at NVDCVE-2021-30499 at SUSECVE-2021-30499 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libcaca (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libcaca fixes the following issues:
- CVE-2022-0856: Fixed a divide by zero issue which could be exploited to cause
an application crash (bsc#1197028).
ModerateSUSE bug 1197028CVE-2022-0856 at SUSECVE-2022-0856 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libcapSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The following bug has been fixed:
* capsh did not chdir('/') after callling chroot(). Programs could
therefore access the current directory outside of the chroot
(CVE-2011-4099).
Security Issue reference:
* CVE-2011-4099
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4099>
SUSE bug 727715CVE-2011-4099 at SUSECVE-2011-4099 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libcares2 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libcares2 fixes the following issues:
- CVE-2021-3672: Fixed input validation on hostnames (bsc#1188881).
ImportantSUSE bug 1188881CVE-2021-3672 at SUSECVE-2021-3672 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libcdio (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libcdio and libcdio-mini fixes the following issues:
Security issue fixed:
- CVE-2017-18199: Fixed a NULL Pointer Dereference in realloc_symlink which could allow remote attackers to cause Denial of Service (bsc#1082821).
LowSUSE bug 1082821CVE-2017-18199 at SUSECVE-2017-18199 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for libcgroupSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libcgroup1 provides an update to 0.37.1 which includes
important fixes for cgroup support:
* make it possible to configure disjoint cpusets in cgconfig.conf via
comma separated lists (bnc#728677)
* Fix cgrulesngd crashing on reload (bnc#728914)
* Add a default config file and documentation (bnc#711657)
* Fix cgconfig overwriting settings in cgconfig.conf (bnc#658944)
* Fix incorrect symlink to pam_cgroup.so (bnc#752070)
* Fix inconsistency with cgrules.conf (bnc#732638)
* Fix startup failure with NIS groups (bnc#728330)
* Fix crash on rules reload (bnc#728914)
* Fix handling of certain cgroup configurations (bnc#754012)
SUSE bug 658944SUSE bug 675048SUSE bug 675506SUSE bug 711657SUSE bug 728330SUSE bug 728677SUSE bug 728914SUSE bug 732638SUSE bug 752070SUSE bug 754012CVE-2011-1006 at SUSECVE-2011-1006 at NVDCVE-2011-1022 at SUSECVE-2011-1022 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libcgroup1 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libcgroup1 fixes the following issues:
Security issue fixed:
- CVE-2018-14348: Fix daemon that creates /var/log/cgred with mode 0666 (bsc#1100365).
Bug fixes:
- bsc#1030747: Unable to use freezer sub system via libcgroup API when both freezer and cpuset subsystems are used.
ModerateSUSE bug 1030747SUSE bug 1100365CVE-2018-14348 at SUSECVE-2018-14348 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libcroco (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libcroco fixes the following issues:
Security issues fixed:
- CVE-2017-7960: Fixed heap overflow (input: check end of input before reading a byte) (bsc#1034481).
- CVE-2017-7961: Fixed undefined behavior (tknzr: support only max long rgb values) (bsc#1034482).
- CVE-2017-8834: Fixed denial of service (memory allocation error) via a crafted CSS file (bsc#1043898).
- CVE-2017-8871: Fixed denial of service (infinite loop and CPU consumption) via a crafted CSS file (bsc#1043899).
ModerateSUSE bug 1034481SUSE bug 1034482SUSE bug 1043898SUSE bug 1043899CVE-2017-7960 at SUSECVE-2017-7960 at NVDCVE-2017-7961 at SUSECVE-2017-7961 at NVDCVE-2017-8834 at SUSECVE-2017-8834 at NVDCVE-2017-8871 at SUSECVE-2017-8871 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libcroco (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libcroco fixes the following issues:
- CVE-2020-12825: Fixed recursion issue in block and any productions (bsc#1171685).
ModerateSUSE bug 1171685CVE-2020-12825 at SUSECVE-2020-12825 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libdb-4_5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libdb-4_5 fixes the following issues:
- A DB_CONFIG file in the current working directory allowed local
users to obtain sensitive information via a symlink attack
involving a setgid or setuid application using libdb-4_8. (bsc#1043886)
ModerateSUSE bug 1043886cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for PostgreSQL 9.1SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
The PostgreSQL database server was updated to version 9.1.12 to fix various
security issues:
*
Granting a role without ADMIN OPTION is supposed to prevent the
grantee from adding or removing members from the granted role, but
this restriction was easily bypassed by doing SET ROLE first. The
security impact is mostly that a role member can revoke the access of
others, contrary to the wishes of his grantor. Unapproved role member
additions are a lesser concern, since an uncooperative role member
could provide most of his rights to others anyway by creating views
or SECURITY DEFINER functions. (CVE-2014-0060)
*
The primary role of PL validator functions is to be called implicitly
during CREATE FUNCTION, but they are also normal SQL functions that a
user can call explicitly. Calling a validator on a function actually
written in some other language was not checked for and could be
exploited for privilege-escalation purposes. The fix involves adding
a call to a privilege-checking function in each validator function.
Non-core procedural languages will also need to make this change to
their own validator functions, if any. (CVE-2014-0061)
*
If the name lookups come to different conclusions due to concurrent
activity, we might perform some parts of the DDL on a different table
than other parts. At least in the case of CREATE INDEX, this can be
used to cause the permissions checks to be performed against a
different table than the index creation, allowing for a privilege
escalation attack. (CVE-2014-0062)
*
The MAXDATELEN constant was too small for the longest possible value
of type interval, allowing a buffer overrun in interval_out().
Although the datetime input functions were more careful about
avoiding buffer overrun, the limit was short enough to cause them to
reject some valid inputs, such as input containing a very long
timezone name. The ecpg library contained these vulnerabilities along
with some of its own. (CVE-2014-0063)
*
Several functions, mostly type input functions, calculated an
allocation size without checking for overflow. If overflow did occur,
a too-small buffer would be allocated and then written past.
(CVE-2014-0064)
*
Use strlcpy() and related functions to provide a clear guarantee that
fixed-size buffers are not overrun. Unlike the preceding items, it is
unclear whether these cases really represent live issues, since in
most cases there appear to be previous constraints on the size of the
input string. Nonetheless it seems prudent to silence all Coverity
warnings of this type. (CVE-2014-0065)
*
There are relatively few scenarios in which crypt() could return
NULL, but contrib/chkpass would crash if it did. One practical case
in which this could be an issue is if libc is configured to refuse to
execute unapproved hashing algorithms (e.g., 'FIPS mode').
(CVE-2014-0066)
*
Since the temporary server started by make check uses 'trust'
authentication, another user on the same machine could connect to it
as database superuser, and then potentially exploit the privileges of
the operating-system user who started the tests. A future release
will probably incorporate changes in the testing procedure to prevent
this risk, but some public discussion is needed first. So for the
moment, just warn people against using make check when there are
untrusted users on the same machine. (CVE-2014-0067)
The complete list of bugs and more information can be found at:
http://www.postgresql.org/docs/9.1/static/release-9-1-12.html
<http://www.postgresql.org/docs/9.1/static/release-9-1-12.html>
Security Issues references:
* CVE-2014-0060
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060>
* CVE-2014-0061
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061>
* CVE-2014-0062
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062>
* CVE-2014-0063
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063>
* CVE-2014-0064
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064>
* CVE-2014-0065
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065>
* CVE-2014-0066
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066>
SUSE bug 802679SUSE bug 812525SUSE bug 864845SUSE bug 864846SUSE bug 864847SUSE bug 864850SUSE bug 864851SUSE bug 864852SUSE bug 864853CVE-2013-0255 at SUSECVE-2013-0255 at NVDCVE-2013-1899 at SUSECVE-2013-1899 at NVDCVE-2013-1900 at SUSECVE-2013-1900 at NVDCVE-2013-1901 at SUSECVE-2013-1901 at NVDCVE-2014-0060 at SUSECVE-2014-0060 at NVDCVE-2014-0061 at SUSECVE-2014-0061 at NVDCVE-2014-0062 at SUSECVE-2014-0062 at NVDCVE-2014-0063 at SUSECVE-2014-0063 at NVDCVE-2014-0064 at SUSECVE-2014-0064 at NVDCVE-2014-0065 at SUSECVE-2014-0065 at NVDCVE-2014-0066 at SUSECVE-2014-0066 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for libesmtp (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libesmtp fixes the following issues:
- CVE-2019-19977: Fixed stack-based buffer over-read in ntlm/ntlmstruct.c (bsc#1160462).
ImportantSUSE bug 1160462SUSE bug 1189097CVE-2019-19977 at SUSECVE-2019-19977 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libeventSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes a buffer overflow in the buffered event handling in
libevent. (CVE-2014-6272)
Security Issues:
* CVE-2014-6272
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6272>
SUSE bug 897243CVE-2014-6272 at SUSECVE-2014-6272 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libevent (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libevent fixes the following issues:
- CVE-2016-10195: DNS remote stack overread vulnerability (bsc#1022917)
- CVE-2016-10196: stack/buffer overflow in evutil_parse_sockaddr_port() (bsc#1022918) (backport for 2.0.21)
- CVE-2016-10197: out-of-bounds read in search_make_new() (bsc#1022919)
ModerateSUSE bug 1022917SUSE bug 1022918SUSE bug 1022919CVE-2016-10195 at SUSECVE-2016-10195 at NVDCVE-2016-10196 at SUSECVE-2016-10196 at NVDCVE-2016-10197 at SUSECVE-2016-10197 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libexifSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Various overflows and other security related bugs in libexif were found by
the Google Security team and fixed by the libexif developers.
Security Issue references:
* CVE-2012-2812
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2812>
* CVE-2012-2813
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2813>
* CVE-2012-2814
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2814>
* CVE-2012-2836
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2836>
* CVE-2012-2837
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2837>
* CVE-2012-2840
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2840>
* CVE-2012-2841
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2841>
SUSE bug 771229CVE-2012-2812 at SUSECVE-2012-2812 at NVDCVE-2012-2813 at SUSECVE-2012-2813 at NVDCVE-2012-2814 at SUSECVE-2012-2814 at NVDCVE-2012-2836 at SUSECVE-2012-2836 at NVDCVE-2012-2837 at SUSECVE-2012-2837 at NVDCVE-2012-2840 at SUSECVE-2012-2840 at NVDCVE-2012-2841 at SUSECVE-2012-2841 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libexif (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libexif fixes the following security issue:
- CVE-2017-7544: Fixed out-of-bounds heap read vulnerability in
exif_data_save_data_entry function in libexif/exif-data.c caused by improper
length computation of the allocated data of an ExifMnote entry which can cause
denial-of-service or possibly information disclosure (bsc#1059893)
ModerateSUSE bug 1059893CVE-2017-7544 at SUSECVE-2017-7544 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libexif (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libexif fixes the following issues:
- CVE-2019-9278: Fixed an integer overflow (bsc#1160770).
- CVE-2018-20030: Fixed a denial of service by endless recursion (bsc#1120943).
ModerateSUSE bug 1120943SUSE bug 1160770CVE-2018-20030 at SUSECVE-2018-20030 at NVDCVE-2019-9278 at SUSECVE-2019-9278 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for mozilla-nssSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla NSS was updated to 3.16.5 to fix a RSA certificate forgery issue.
MFSA 2014-73 / CVE-2014-1568: Antoine Delignat-Lavaud, security researcher
at Inria Paris in team Prosecco, reported an issue in Network Security
Services (NSS) libraries affecting all versions. He discovered that NSS is
vulnerable to a variant of a signature forgery attack previously published
by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values
involved in a signature and could lead to the forging of RSA certificates.
The Advanced Threat Research team at Intel Security also independently
discovered and reported this issue.
Security Issues:
* CVE-2014-1568
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568>
SUSE bug 637290SUSE bug 811833SUSE bug 897890CVE-2010-3170 at SUSECVE-2010-3170 at NVDCVE-2014-1568 at SUSECVE-2014-1568 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for libgcryptSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
libgcrypt has been updated to fix a cryptographic weakness.
* CVE-2013-4242: libgcrypt was affected by the Yarom/Falkner
flush+reload side-channel attach on RSA secret keys, that could have
potentially leaked the key data to attackers on the same machine.
Security Issue reference:
* CVE-2013-4242
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4242>
SUSE bug 831359CVE-2013-4242 at SUSECVE-2013-4242 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for libgcrypt (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes the following issues:
* Use ciphertext blinding for Elgamal decryption [CVE-2014-3591].
See http://www.cs.tau.ac.il/~tromer/radioexp/ for details.
(bsc#920057)
* Fixed data-dependent timing variations in modular exponentiation
[related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
are Practical]
ModerateSUSE bug 920057CVE-2014-3591 at SUSECVE-2014-3591 at NVDCVE-2015-0837 at SUSECVE-2015-0837 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libgcrypt (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libgcrypt fixes the following issues:
- RNG prediction vulnerability (bsc#994157, CVE-2016-6313)
ModerateSUSE bug 994157CVE-2016-6313 at SUSECVE-2016-6313 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libgcrypt (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libgcrypt fixes the following security issue:
- CVE-2017-7526: Hardening against local side-channel attack. (bsc#1046607)
LowSUSE bug 1046607CVE-2017-7526 at SUSECVE-2017-7526 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libgcrypt (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libgcrypt fixes the following issues:
Security issue fixed:
- CVE-2019-13627: Mitigated against an ECDSA timing attack. (bsc#1148987)
ModerateSUSE bug 1148987CVE-2019-13627 at SUSECVE-2019-13627 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libgcrypt (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libgcrypt fixes the following issues:
- CVE-2021-33560: Fixed a side-channel against ElGamal encryption, caused by missing exponent blinding (bsc#1187212).
ImportantSUSE bug 1187212CVE-2021-33560 at SUSECVE-2021-33560 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libgcryptSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This libgcrypt update fixes the following security issue:
* bnc#892464: Side-channel attack on Elgamal encryption subkeys.
(CVE-2014-5270)
Security Issues:
* CVE-2014-5270
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5270>
SUSE bug 892464CVE-2014-5270 at SUSECVE-2014-5270 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libgdiplus0SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes three integer overflows found by Secunia Research member
Stefan Cornelius that could possibly be exploited to execute arbitrary
code:
* gdip_load_tiff_image() by processing specially crafted TIFF images
* gdip_load_jpeg_image_internal() by processing specially crafted JPEG
images
* gdip_read_bmp_image() by processing specially crafted BMP image
Security Issue reference:
* CVE-2010-1526
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1526>
SUSE bug 630756CVE-2010-1526 at SUSECVE-2010-1526 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libgnomesuSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The libgnomesu pam backend did not check the return value of the setuid()
functions. Local users could exploit that to gain root privileges
(CVE-2011-1946).
Note: this is just a re-release of the previous update to fix a regression
unrelated to the security issue.
Security Issue reference:
* CVE-2011-1946
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1946>
SUSE bug 695627CVE-2011-1946 at SUSECVE-2011-1946 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libgssglueSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes insecure getenv() usage in libgssglue, which could be
used under some circumstances by local attackers do gain root privileges.
SUSE bug 694598cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libical (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libical fixes the following issues:
Security issues fixed:
- CVE-2016-5823: The icalproperty_new_clone function in libical 0.47 and 1.0 allows remote
attackers to cause a denial of service (use-after-free) via a crafted ics file. (bnc#986632)
- CVE-2016-5824: libical 1.0 allows remote attackers to cause a denial of service (use-after-free)
via a crafted ics file. (bsc#986639)
- CVE-2016-5825: The icalparser_parse_string function in libical 0.47 and 1.0 allows remote
attackers to cause a denial of service (out-of-bounds heap read) via a crafted ics file.
(bsc#986642)
- CVE-2016-5826: The parser_get_next_char function in libical 0.47 and 1.0 allows remote attackers
to cause a denial of service (out-of-bounds heap read) by crafting a string to the
icalparser_parse_string function. (bsc#986658)
- CVE-2016-5827: The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers
to cause a denial of service (out-of-bounds heap read) via a crafted string to the
icalparser_parse_string function. (bsc#986631)
- CVE-2016-9584: libical allows remote attackers to cause a denial of service (use-after-free) and
possibly read heap memory via a crafted ics file. (bnc#1015964)
Bug fixes:
- libical crashes while parsing timezones (bsc#1044995)
ModerateSUSE bug 1015964SUSE bug 1044995SUSE bug 986631SUSE bug 986632SUSE bug 986639SUSE bug 986642SUSE bug 986658CVE-2016-5823 at SUSECVE-2016-5823 at NVDCVE-2016-5824 at SUSECVE-2016-5824 at NVDCVE-2016-5825 at SUSECVE-2016-5825 at NVDCVE-2016-5826 at SUSECVE-2016-5826 at NVDCVE-2016-5827 at SUSECVE-2016-5827 at NVDCVE-2016-9584 at SUSECVE-2016-9584 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libidn (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libidn fixes the following issues:
- CVE-2016-6262 and CVE-2015-8948: Out-of-bounds-read when reading one zero byte as input (bsc#990189)
- CVE-2016-6261: Out-of-bounds stack read in idna_to_ascii_4i (bsc#990190)
- CVE-2016-6263: stringprep_utf8_nfkc_normalize reject invalid UTF-8 (bsc#990191)
- CVE-2015-2059: out-of-bounds read with stringprep on invalid UTF-8 (bsc#923241)
ModerateSUSE bug 923241SUSE bug 990189SUSE bug 990190SUSE bug 990191CVE-2015-2059 at SUSECVE-2015-2059 at NVDCVE-2015-8948 at SUSECVE-2015-8948 at NVDCVE-2016-6261 at SUSECVE-2016-6261 at NVDCVE-2016-6262 at SUSECVE-2016-6262 at NVDCVE-2016-6263 at SUSECVE-2016-6263 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libidn (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libidn fixes one issues.
This security issue was fixed:
- CVE-2017-14062: Prevent integer overflow in the decode_digit function that
allowed remote attackers to cause a denial of service or possibly have
unspecified other impact (bsc#1056450).
ModerateSUSE bug 1056450CVE-2017-14062 at SUSECVE-2017-14062 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libjasperSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libjasper fixes multiple off-by-one errors which could
allow remote attackers to execute arbitrary code via a heap-based buffer
overflow triggered by a crafted jp2 (JPEG 2000) file. (bsc#906364,
CVE-2014-9029)
Security Issues:
* CVE-2014-9029
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9029>
SUSE bug 906364CVE-2014-9029 at SUSECVE-2014-9029 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libksbaSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This libksba update fixes the following security issue:
* bnc#907074: buffer overflow in ksba_oid_to_str (CVE-2014-9087)
Security Issues:
* CVE-2014-9087
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9087>
SUSE bug 907074CVE-2014-9087 at SUSECVE-2014-9087 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libksba (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libksba fixes the following issues:
- CVE-2016-4579: Out-of-bounds read in _ksba_ber_parse_tl()
- CVE-2016-4574: two OOB read access bugs (remote DoS) (bsc#979261)
Also adding reliability fixes from v1.3.4.
ModerateSUSE bug 979261SUSE bug 979906CVE-2016-4574 at SUSECVE-2016-4574 at NVDCVE-2016-4579 at SUSECVE-2016-4579 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libksba (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The libksba package was updated to fix the following security issues:
- Fixed an integer overflow, an out of bounds read and a stack overflow issues (bsc#926826).
ModerateSUSE bug 926826cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openLDAPSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Several issues have been fixed in OpenLDAP:
* specially crafted MODRDN operations can crash the OpenLDAP server
(CVE-2010-0211 and CVE-2010-0212)
* syncrepl might loose deletes in refreshAndPersist mode
Security Issues:
* CVE-2010-0211
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0211>
* CVE-2010-0212
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0212>
SUSE bug 606294SUSE bug 612430CVE-2010-0211 at SUSECVE-2010-0211 at NVDCVE-2010-0212 at SUSECVE-2010-0212 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for liblouis (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for liblouis fixes several issues.
These security issues were fixed:
- CVE-2017-13739: Prevent heap-based buffer overflow in the function resolveSubtable() that could have caused DoS or remote code execution (bsc#1056101)
- CVE-2017-13740: Prevent stack-based buffer overflow in the function parseChars() that could have caused DoS or possibly unspecified other impact (bsc#1056097) ()
- CVE-2017-13741: Prevent use-after-free in function compileBrailleIndicator() that allowed to cause remote DoS (bsc#1056095)
- CVE_2017-13742: Prevent stack-based buffer overflow in function includeFile that allowed to cause remote DoS (bsc#1056093).
- CVE-2017-13743: Prevent buffer overflow triggered in the function _lou_showString() that allowed to cause remote DoS (bsc#1056090)
ModerateSUSE bug 1056090SUSE bug 1056093SUSE bug 1056095SUSE bug 1056097SUSE bug 1056101CVE-2017-13739 at SUSECVE-2017-13739 at NVDCVE-2017-13740 at SUSECVE-2017-13740 at NVDCVE-2017-13741 at SUSECVE-2017-13741 at NVDCVE-2017-13743 at SUSECVE-2017-13743 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for liblouis (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for liblouis fixes the following issues:
Security issues fixed:
- CVE-2017-15101: Buffer overflow in findTable (bsc#1067336).
- CVE-2014-8184: stack-based buffer overflow in findTable() (bsc#1062458).
ModerateSUSE bug 1062458SUSE bug 1067336CVE-2014-8184 at SUSECVE-2014-8184 at NVDCVE-2017-15101 at SUSECVE-2017-15101 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for liblouis (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for liblouis, python-louis fixes the following issues:
Security issues fixed:
- CVE-2018-11684: Fixed stack-based buffer overflow in the function
includeFile() in compileTranslationTable.c (bsc#1095826)
- CVE-2018-11685: Fixed a stack-based buffer overflow in the function
compileHyphenation() in compileTranslationTable.c (bsc#1095825)
- CVE-2018-11683: Fix a stack-based buffer overflow in the function parseChars()
in compileTranslationTable.c (bsc#1095827)
ModerateSUSE bug 1095825SUSE bug 1095826SUSE bug 1095827CVE-2018-11683 at SUSECVE-2018-11683 at NVDCVE-2018-11684 at SUSECVE-2018-11684 at NVDCVE-2018-11685 at SUSECVE-2018-11685 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for liblouis (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for liblouis and python-louis fixes the following issue:
Security issue fixed:
- CVE-2018-17294: Fixed an out of bounds read in matchCurrentInput function
which could allow a remote attacker to cause Denail of Service (bsc#1109319).
LowSUSE bug 1109319CVE-2018-17294 at SUSECVE-2018-17294 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for liblouis (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for liblouis fixes the following issues:
- CVE-2018-12085: Fixed an off-by-one error resulting in a buffer overrun (bsc#1097103).
ModerateSUSE bug 1097103CVE-2018-12085 at SUSECVE-2018-12085 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for lzoSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
lzo was updated to fix a potential denial of service issue or possible
remote code execution by allowing an attacker, if the LZO decompression
algorithm is used in a threaded or kernel context, to corrupt memory
structures that control the flow of execution in other contexts.
(CVE-2014-4607)
Security Issue reference:
* CVE-2014-4607
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4607>
SUSE bug 883947CVE-2014-4607 at SUSECVE-2014-4607 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for libmpfrSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libmpfr fixes a buffer overflow in mpfr_strtofr.
(CVE-2014-9474)
Security Issues:
* CVE-2014-9474
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9474>
SUSE bug 911812CVE-2014-9474 at SUSECVE-2014-9474 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libmspackSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libmspack fixes the following security issue:
* CVE-2014-9556: An integer overflow in the function qtmd_decompress()
could be exploited to cause a denial of service (endless loop).
(bsc##912214)
Security Issues:
* CVE-2014-9556
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9556>
SUSE bug 912214CVE-2014-9556 at SUSECVE-2014-9556 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libmspack (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
libmspack was updated to fix several security vulnerabilities.
- Fix null pointer dereference on a crafted CAB. (bsc#934524, CVE-2014-9732)
- Fix denial of service while processing crafted CHM file. (bsc#934525, CVE-2015-4467)
- Fix denial of service while processing crafted CHM file. (bsc#934529, CVE-2015-4472)
- Fix pointer arithmetic overflow during CHM decompression. (bsc#934526, CVE-2015-4469)
- Fix off-by-one buffer over-read in mspack/mszipd.c. (bsc#934527, CVE-2015-4470)
- Fix off-by-one buffer under-read in mspack/lzxd.c. (bsc#934528, CVE-2015-4471)
ModerateSUSE bug 934524SUSE bug 934525SUSE bug 934526SUSE bug 934527SUSE bug 934528SUSE bug 934529CVE-2014-9732 at SUSECVE-2014-9732 at NVDCVE-2015-4467 at SUSECVE-2015-4467 at NVDCVE-2015-4469 at SUSECVE-2015-4469 at NVDCVE-2015-4470 at SUSECVE-2015-4470 at NVDCVE-2015-4471 at SUSECVE-2015-4471 at NVDCVE-2015-4472 at SUSECVE-2015-4472 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libmspack (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libmspack fixes the following issues:
Security issues fixed:
- CVE-2018-18584: The CAB block input buffer was one byte too small for the maximal Quantum block, leading to an out-of-bounds write. (bsc#1113038)
- CVE-2018-18585: chmd_read_headers accepted a filename that has '\0' as its first or second character (such as the '/\0' name). (bsc#1113039)
ModerateSUSE bug 1113038SUSE bug 1113039CVE-2018-18584 at SUSECVE-2018-18584 at NVDCVE-2018-18585 at SUSECVE-2018-18585 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libmspack (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libmspack fixes the following issues:
Security issue fixed:
- CVE-2019-1010305: Fixed a buffer overflow triggered by a crafted chm file
which could have led to information disclosure (bsc#1141680).
LowSUSE bug 1141680CVE-2019-1010305 at SUSECVE-2019-1010305 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MySQLSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
A stack-based buffer overflow in MySQL has been fixed that could have
caused a Denial of Service or potentially allowed the execution of
arbitrary code (CVE-2012-5611).
Security Issue references:
* CVE-2012-5615
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615>
* CVE-2012-5615
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615>
* CVE-2012-5613
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5613>
* CVE-2012-5612
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5612>
* CVE-2012-5611
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5611>
SUSE bug 607466SUSE bug 609551SUSE bug 637499SUSE bug 644864SUSE bug 694232SUSE bug 742835SUSE bug 765092SUSE bug 769062SUSE bug 792444SUSE bug 934789CVE-2010-1626 at SUSECVE-2010-1626 at NVDCVE-2010-1848 at SUSECVE-2010-1848 at NVDCVE-2010-1849 at SUSECVE-2010-1849 at NVDCVE-2010-1850 at SUSECVE-2010-1850 at NVDCVE-2010-3677 at SUSECVE-2010-3677 at NVDCVE-2010-3678 at SUSECVE-2010-3678 at NVDCVE-2010-3681 at SUSECVE-2010-3681 at NVDCVE-2010-3682 at SUSECVE-2010-3682 at NVDCVE-2010-3683 at SUSECVE-2010-3683 at NVDCVE-2010-3833 at SUSECVE-2010-3833 at NVDCVE-2010-3834 at SUSECVE-2010-3834 at NVDCVE-2010-3835 at SUSECVE-2010-3835 at NVDCVE-2010-3836 at SUSECVE-2010-3836 at NVDCVE-2010-3837 at SUSECVE-2010-3837 at NVDCVE-2010-3838 at SUSECVE-2010-3838 at NVDCVE-2010-3839 at SUSECVE-2010-3839 at NVDCVE-2010-3840 at SUSECVE-2010-3840 at NVDCVE-2012-2122 at SUSECVE-2012-2122 at NVDCVE-2012-5611 at SUSECVE-2012-5611 at NVDCVE-2012-5612 at SUSECVE-2012-5612 at NVDCVE-2012-5613 at SUSECVE-2012-5613 at NVDCVE-2012-5615 at SUSECVE-2012-5615 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for libnl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libnl fixes the following issues:
Security issue fixed:
- CVE-2017-0386: Fixed a privilege escalation vulnerability which allowed a local user to execute code within a privileged process (bsc#1020123).
ModerateSUSE bug 1020123CVE-2017-0386 at SUSECVE-2017-0386 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openscSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Specially crafted smart cards could cause a buffer overflow in opensc
(CVE-2010-4523).
Security Issue reference:
* CVE-2010-4523
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4523>
SUSE bug 660109CVE-2010-4523 at SUSECVE-2010-4523 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for OpenSSLSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This OpenSSL update fixes the following issues:
* Session Ticket Memory Leak (CVE-2014-3567)
* Build option no-ssl3 is incomplete (CVE-2014-3568)
* Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE)
Security Issues:
* CVE-2014-3567
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567>
* CVE-2014-3566
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566>
* CVE-2014-3568
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568>
SUSE bug 608666SUSE bug 629905SUSE bug 651003SUSE bug 657663SUSE bug 670526SUSE bug 693027SUSE bug 716144SUSE bug 739719SUSE bug 742821SUSE bug 743344SUSE bug 748738SUSE bug 749210SUSE bug 749213SUSE bug 749735SUSE bug 751946SUSE bug 751977SUSE bug 755395SUSE bug 758060SUSE bug 761324SUSE bug 761838SUSE bug 767256SUSE bug 768097SUSE bug 779952SUSE bug 802648SUSE bug 802746SUSE bug 859228SUSE bug 859924SUSE bug 860332SUSE bug 862181SUSE bug 869945SUSE bug 870192SUSE bug 879179SUSE bug 880891SUSE bug 890764SUSE bug 890767SUSE bug 890768SUSE bug 890769SUSE bug 890770SUSE bug 892403SUSE bug 901223SUSE bug 901277SUSE bug 912014SUSE bug 912015SUSE bug 912018SUSE bug 912293SUSE bug 912294SUSE bug 912296SUSE bug 915976SUSE bug 919648SUSE bug 920236SUSE bug 922488SUSE bug 922496SUSE bug 922499SUSE bug 922500SUSE bug 922501SUSE bug 929678SUSE bug 931698SUSE bug 933898SUSE bug 933911SUSE bug 934487SUSE bug 934489SUSE bug 934491SUSE bug 934493CVE-2006-7250 at SUSECVE-2006-7250 at NVDCVE-2009-5146 at SUSECVE-2009-5146 at NVDCVE-2010-2939 at SUSECVE-2010-2939 at NVDCVE-2010-3864 at SUSECVE-2010-3864 at NVDCVE-2010-4180 at SUSECVE-2010-4180 at NVDCVE-2011-0014 at SUSECVE-2011-0014 at NVDCVE-2011-1945 at SUSECVE-2011-1945 at NVDCVE-2011-3210 at SUSECVE-2011-3210 at NVDCVE-2011-4108 at SUSECVE-2011-4108 at NVDCVE-2011-4109 at SUSECVE-2011-4109 at NVDCVE-2011-4576 at SUSECVE-2011-4576 at NVDCVE-2011-4577 at SUSECVE-2011-4577 at NVDCVE-2011-4619 at SUSECVE-2011-4619 at NVDCVE-2011-5095 at SUSECVE-2011-5095 at NVDCVE-2012-0050 at SUSECVE-2012-0050 at NVDCVE-2012-0884 at SUSECVE-2012-0884 at NVDCVE-2012-1165 at SUSECVE-2012-1165 at NVDCVE-2012-2110 at SUSECVE-2012-2110 at NVDCVE-2012-2333 at SUSECVE-2012-2333 at NVDCVE-2013-0166 at SUSECVE-2013-0166 at NVDCVE-2013-0169 at SUSECVE-2013-0169 at NVDCVE-2014-0076 at SUSECVE-2014-0076 at NVDCVE-2014-0221 at SUSECVE-2014-0221 at NVDCVE-2014-0224 at SUSECVE-2014-0224 at NVDCVE-2014-3470 at SUSECVE-2014-3470 at NVDCVE-2014-3505 at SUSECVE-2014-3505 at NVDCVE-2014-3506 at SUSECVE-2014-3506 at NVDCVE-2014-3507 at SUSECVE-2014-3507 at NVDCVE-2014-3508 at SUSECVE-2014-3508 at NVDCVE-2014-3510 at SUSECVE-2014-3510 at NVDCVE-2014-3513 at SUSECVE-2014-3513 at NVDCVE-2014-3566 at SUSECVE-2014-3566 at NVDCVE-2014-3567 at SUSECVE-2014-3567 at NVDCVE-2014-3568 at SUSECVE-2014-3568 at NVDCVE-2014-3570 at SUSECVE-2014-3570 at NVDCVE-2014-3571 at SUSECVE-2014-3571 at NVDCVE-2014-3572 at SUSECVE-2014-3572 at NVDCVE-2014-8275 at SUSECVE-2014-8275 at NVDCVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0205 at SUSECVE-2015-0205 at NVDCVE-2015-0209 at SUSECVE-2015-0209 at NVDCVE-2015-0286 at SUSECVE-2015-0286 at NVDCVE-2015-0287 at SUSECVE-2015-0287 at NVDCVE-2015-0288 at SUSECVE-2015-0288 at NVDCVE-2015-0289 at SUSECVE-2015-0289 at NVDCVE-2015-0292 at SUSECVE-2015-0292 at NVDCVE-2015-0293 at SUSECVE-2015-0293 at NVDCVE-2015-1788 at SUSECVE-2015-1788 at NVDCVE-2015-1789 at SUSECVE-2015-1789 at NVDCVE-2015-1790 at SUSECVE-2015-1790 at NVDCVE-2015-1791 at SUSECVE-2015-1791 at NVDCVE-2015-1792 at SUSECVE-2015-1792 at NVDCVE-2015-3216 at SUSECVE-2015-3216 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for libotrSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes various heap overflows in libotr. CVE-2012-3461 has been
assigned to this issue.
Security Issue reference:
* CVE-2012-3461
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3461>
SUSE bug 777468CVE-2012-3461 at SUSECVE-2012-3461 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libotr (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libotr fixes the following issues:
- Apply 'libotr-CVE-2016-2851.patch' to fix integer overflows that
used to occur on 64-bit architectures when receiving 4GB messages.
This flaw could potentially have been exploited by an attacker to
remotely execute arbitrary code on the user's machine.
(CVE-2016-2851, bsc#969785)
ModerateSUSE bug 969785CVE-2016-2851 at SUSECVE-2016-2851 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Xorg X11SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Specially crafted font files could cause a buffer overflow in applications
that use libXfont to load such files (CVE-2011-2895).
Security Issue reference:
* CVE-2011-2895
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2895>
SUSE bug 709851CVE-2011-2895 at SUSECVE-2011-2895 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for pixmanSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes the following security issue with pixman:
* Integer underflow when handling trapezoids. (bnc#853824,
CVE-2013-6425)
Security Issues:
* CVE-2013-6425
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6425>
SUSE bug 853824CVE-2013-6425 at SUSECVE-2013-6425 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libpngSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This libpng update fixes the following two overflow security issues.
* bnc#873123: Fixed integer overflow that could have lead to a
heap-based buffer overflow in png_set_sPLT() and png_set_text_2()
(CVE-2013-7354).
* bnc#873124: Fixed integer overflow that could have lead to a
heap-based buffer overflow in png_set_unknown_chunks()
(CVE-2013-7353).
Security Issue references:
* CVE-2013-7353
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7353>
* CVE-2013-7354
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7354>
SUSE bug 475533SUSE bug 617866SUSE bug 680146SUSE bug 702578SUSE bug 706387SUSE bug 706388SUSE bug 706389SUSE bug 747311SUSE bug 754745SUSE bug 772760SUSE bug 873123SUSE bug 873124CVE-2008-6218 at SUSECVE-2008-6218 at NVDCVE-2009-5063 at SUSECVE-2009-5063 at NVDCVE-2010-1205 at SUSECVE-2010-1205 at NVDCVE-2010-2249 at SUSECVE-2010-2249 at NVDCVE-2011-2501 at SUSECVE-2011-2501 at NVDCVE-2011-2690 at SUSECVE-2011-2690 at NVDCVE-2011-2691 at SUSECVE-2011-2691 at NVDCVE-2011-2692 at SUSECVE-2011-2692 at NVDCVE-2011-3026 at SUSECVE-2011-3026 at NVDCVE-2011-3048 at SUSECVE-2011-3048 at NVDCVE-2012-3425 at SUSECVE-2012-3425 at NVDCVE-2013-7353 at SUSECVE-2013-7353 at NVDCVE-2013-7354 at SUSECVE-2013-7354 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libpng12-0SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Denial of service while decompressing a highly compressed huge ancillary
chunk has been fixed in libpng (CVE-2010-0205).
SUSE bug 580484cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libpng12-0 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The libpng12-0 package was updated to fix the following security issues:
- CVE-2015-8126: Fixed a buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions (bsc#954980).
- CVE-2015-7981: Fixed an out-of-bound read (bsc#952051).
ModerateSUSE bug 952051SUSE bug 954980CVE-2015-7981 at SUSECVE-2015-7981 at NVDCVE-2015-8126 at SUSECVE-2015-8126 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libpng12-0 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
- security update:
This update fixes the following securit issue:
* CVE-2015-8126 Multiple buffer overflows in the png_set_PLTE and png_get_PLTE functions
allow remote attackers to cause a denial of service (application crash) or possibly have
unspecified other impact [bsc#954980]
ModerateSUSE bug 954980CVE-2015-8126 at SUSECVE-2015-8126 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libpng12-0 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libpng12-0 fixes the following issues:
Security issues fixed:
- CVE-2015-8540: read underflow in libpng (bsc#958791)
- CVE-2016-10087: NULL pointer dereference in png_set_text_2() (bsc#1017646)
ModerateSUSE bug 1017646SUSE bug 958791CVE-2015-8540 at SUSECVE-2015-8540 at NVDCVE-2016-10087 at SUSECVE-2016-10087 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libpng12-0 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libpng12-0 fixes the following issues:
Security issue fixed:
- CVE-2017-12652: Fixed an Input Validation Error related to the length of chunks (bsc#1141493).
ModerateSUSE bug 1141493CVE-2017-12652 at SUSECVE-2017-12652 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for popplerSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes problems in DCTStream error handling in poppler.
Security Issue reference:
* CVE-2010-5110
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5110>
SUSE bug 642785SUSE bug 806793SUSE bug 845765CVE-2010-3702 at SUSECVE-2010-3702 at NVDCVE-2010-3703 at SUSECVE-2010-3703 at NVDCVE-2010-3704 at SUSECVE-2010-3704 at NVDCVE-2010-5110 at SUSECVE-2010-5110 at NVDCVE-2013-1788 at SUSECVE-2013-1788 at NVDCVE-2013-1789 at SUSECVE-2013-1789 at NVDCVE-2013-1790 at SUSECVE-2013-1790 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libproxySUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libproxy fixes a heap-based buffer overflow that could
allow remote servers to have an unspecified impact via a crafted
Content-Length size in an HTTP response header for a proxy.pac file request
(CVE-2012-4505).
Additionally, it fixes parsing of the $no_proxy environment variable when
it contains more than one URL separated by white-spaces.
SUSE bug 761626SUSE bug 784523CVE-2012-4505 at SUSECVE-2012-4505 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for pulseaudioSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for pulseaudio provides the following security fix:
* CVE-2014-3970: Fixed a remote denial of service attack in
module-rtp-recv. (bnc#881524)
Security Issues:
* CVE-2014-3970
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3970>
SUSE bug 881524CVE-2014-3970 at SUSECVE-2014-3970 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for PythonSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update adds a regression fix for retry counter in pythons urllib2.
SUSE bug 609759SUSE bug 609761SUSE bug 638233SUSE bug 682554SUSE bug 742525SUSE bug 764555CVE-2010-1634 at SUSECVE-2010-1634 at NVDCVE-2010-2089 at SUSECVE-2010-2089 at NVDCVE-2010-3493 at SUSECVE-2010-3493 at NVDCVE-2011-1521 at SUSECVE-2011-1521 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libqt4 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libqt4 fixes the following issues:
- CVE-2020-17507: Fix buffer over-read in read_xbm_body (bsc#1176315):
- CVE-2018-15518: Fix 'double free or corruption' in QXmlStreamReader (bsc#1118595)
- CVE-2018-19873: Fix QBmpHandler segfault on malformed BMP file (bsc#1118596)
- CVE-2018-19869: Fix crash when parsing malformed url reference (bsc#1118599)
ModerateSUSE bug 1118595SUSE bug 1118596SUSE bug 1118599SUSE bug 1176315CVE-2018-15518 at SUSECVE-2018-15518 at NVDCVE-2018-19869 at SUSECVE-2018-19869 at NVDCVE-2018-19873 at SUSECVE-2018-19873 at NVDCVE-2020-17507 at SUSECVE-2020-17507 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libraptorSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Specially crafted XML files could have allowed XML External Entity (XXE)
attacks resulting in file theft and a loss of user privacy. This has been
fixed.
SUSE bug 745298CVE-2012-0037 at SUSECVE-2012-0037 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for LibreOfficeSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
LibreOffice 3.4 includes new interesting features and fixes, see
http://www.libreoffice.org/download/3-4-new-features-and-fixes/
<http://www.libreoffice.org/download/3-4-new-features-and-fixes/>
The update fixes the following security issue:
* 704311: libreoffice Lotus Word Pro filter multiple vulnerabilities
(CVE-2011-2685)
* 722075: LibreOffice: Out-of-bounds read in DOC sprm (CVE-2011-2713)
This update also fixes the following non-security issues:
* 653519: Welcome screen missing.
* 653662: libreoffice build calls mkbundle2 (deprecated) instead of
mkbundle
* 663622: Writer crash during document save
* 675868: eliminate wording of ooconvert existed in loconvert --help
* 675961: Libreoffice Copy paste of formula in Writer tables does not
work as expected
* 676858: Document with full page graphic in header will not allow
click-drag or right-click.
* 677354: The languagetool.rpm does not work as expected
* 678998: Libre Office does not detect KDE3
* 680272: Deleting multiple sheets results in run-time error/crash
* 681738: DDE link is lost when .xls file is opened/saved in Calc.
* 683578: Large xlsx file takes extremely long to open with Libreoffice
calc
* 684784: Microsoft Office spreadsheet does not display anything
* 693238: Column format in docx file is not displayed correctly.
* 693477: Format of Word .doc file from HP is bad.
* 694119: Using File-->Send-->Document as E-mail will crash Impress
* 694344: 3rd level bulleted items are not displayed properly.
* 695479: RTF file is not displayed correctly by Writer.
* 696630: DDE link from Calc to Excel needs Excel open to update link
in Calc.
* 699334: Presentation created in MS Office is missing text when opened
in LibreOffice
* 701317: xls spreadsheet macro fails with LibreOffice.
* 702506: Writer crashes when opening docx files.
* 704639: HTML document appearance changes when opened in open office
vs LibreOffice
* 704642: 16 digit numbers change in LibreOffice when opening a file
created in MS Excel
* 705949: Information missing from MS Word document when opened in
LibreOffice (w:sdt)
* 706792: crash when opening a pptx presentation.
* 707486: Macro from excel fails on Selection.Copy when run in Calc.
* 707779: Disappearing text
* 708137: xls spreadsheet is extremely slow to open and check boxes are
broken.
* 708518: Bullet symbol is not rendered correctly in a specific slide.
* 710061: ODP export to PDF produces broken images
* 710920: RPM installation ending with redundant error.
* 711977: File association for fod* files are missing.
* 712358: Some extensions broken after upgrading.
* 715268: Command libreoffice --help does not work when LibreOffice is
already started
* 715416: Impress crashes starting Slide show in the context of dual
monitors extension mode.
* 715931: failed to save an odp file.
* 717262: libtool adds /usr/lib64 into rpath
* 715856: LibreOffice:Stable/libreoffice-converter: Bug
* 677354: The languagetool.rpm does not work as expected.
* 693200: Documents created in MS Office cause LibreOffice to crash
* 693386: Documents created in MS Office bring up the filter selection
dialog when opened with LibreOffice
* 693427: When using QT dialogs and not LibreOffice dialogs causes
LibreOffice to hang when attempting to save a document
* 706731: VBA Macros from MS Office Spreadsheet do not work correct
with LibreOffice 3.3.1
Security Issue references:
* CVE-2011-2685
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2685>
* CVE-2011-2713
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2713>
SUSE bug 653519SUSE bug 653662SUSE bug 663622SUSE bug 675868SUSE bug 675961SUSE bug 676858SUSE bug 678998SUSE bug 680272SUSE bug 681738SUSE bug 683578SUSE bug 684784SUSE bug 693238SUSE bug 693477SUSE bug 694119SUSE bug 694344SUSE bug 695479SUSE bug 696630SUSE bug 699334SUSE bug 702506SUSE bug 704311SUSE bug 704639SUSE bug 704642SUSE bug 705949SUSE bug 706792SUSE bug 707486SUSE bug 707779SUSE bug 708137SUSE bug 708518SUSE bug 710061SUSE bug 710920SUSE bug 711977SUSE bug 712358SUSE bug 715268SUSE bug 715416SUSE bug 715856SUSE bug 715931SUSE bug 717262CVE-2011-2685 at SUSECVE-2011-2685 at NVDCVE-2011-2713 at SUSECVE-2011-2713 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for librsvgSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Specially crafted SVG files could make librsvg dereference a function
pointer which potentially allows to execute arbitrary code (CVE-2011-3146).
Security Issue reference:
* CVE-2011-3146
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3146>
SUSE bug 714980CVE-2011-3146 at SUSECVE-2011-3146 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for librsvg (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
librsvg was updated to fix one security issue.
This security issue was fixed:
- CVE-2013-1881: GNOME libsvg allowed remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue (bsc#840753).
ImportantSUSE bug 840753CVE-2013-1881 at SUSECVE-2013-1881 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for librsvg (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for librsvg fixes the following issues:
- CVE-2019-20446: Fixed an issue where a crafted SVG file with nested
patterns can cause denial of service (bsc#1162501).
NOTE: Librsvg now has limits on the number of loaded XML elements,
and the number of referenced elements within an SVG document.
- CVE-2015-7558: librsvg allowed context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document (bsc#977985).
- CVE-2016-6163: svg pattern linking to non-pattern fallback leads to invalid memory access, allowing to cause DoS (bsc#987877).
- CVE-2018-1000041: Fixed leaking credentials via SVG files that reference UNC paths (bsc#1083232)
- CVE-2016-4348: Fixed a denial of service parsing SVGs with circular definitions _rsvg_css_normalize_font_size() function (bsc#977986)
- Fixed a stack exhaustion with circular references in <use>
elements.
- Fixed a denial-of-service condition from exponential explosion
of rendered elements, through nested use of SVG 'use' elements in
malicious SVGs.
This updated also removes the the Mozilla plugin package. Firefox can render SVG on its own and
the plugin interface is obsolete.
This update for libcroco fixes the following issue:
- Fixed an issue where librsvg was throwing a segmentation fault (bsc#1094213).
ModerateSUSE bug 1083232SUSE bug 1094213SUSE bug 1162501SUSE bug 977985SUSE bug 977986SUSE bug 987877CVE-2015-7558 at SUSECVE-2015-7558 at NVDCVE-2016-4348 at SUSECVE-2016-4348 at NVDCVE-2016-6163 at SUSECVE-2016-6163 at NVDCVE-2018-1000041 at SUSECVE-2018-1000041 at NVDCVE-2019-20446 at SUSECVE-2019-20446 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libsamplerate (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libsamplerate fixes the following issues:
- CVE-2017-7697: Fixed a buffer overflow in calc_output_single. (bsc#1033564)
ModerateSUSE bug 1033564CVE-2017-7697 at SUSECVE-2017-7697 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libsndfileSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
An integer overflow in libsndfile while processing certain PAF files has
been fixed. CVE-2011-2696 has been assigned to this issue. Additionally a
divide by zero error (CVE-2009-4835) has been fixed.
Security Issue references:
* CVE-2011-2696
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2696>
* CVE-2009-4835
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4835>
SUSE bug 631379SUSE bug 705681SUSE bug 911796CVE-2009-4835 at SUSECVE-2009-4835 at NVDCVE-2011-2696 at SUSECVE-2011-2696 at NVDCVE-2014-9496 at SUSECVE-2014-9496 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libsndfile (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The libsndfile package was updated to fix the following security issue:
- CVE-2014-9756: Fixed a divide by zero problem that can lead to a Denial of Service (DoS) (bsc#953521).
- CVE-2015-7805: Fixed heap overflow issue (bsc#953516).
ModerateSUSE bug 953516SUSE bug 953521CVE-2014-9756 at SUSECVE-2014-9756 at NVDCVE-2015-7805 at SUSECVE-2015-7805 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libsndfile (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libsndfile fixes the following issues:
- CVE-2017-7585,CVE-2017-7741,CVE-2017-7742: Some stack-based buffer overflows via a specially crafted FLAC
file were fixed (error in the 'flac_buffer_copy()' function) (bsc#1033054, bsc#1033914, bsc#1033915).
ModerateSUSE bug 1033054SUSE bug 1033914SUSE bug 1033915CVE-2017-7585 at SUSECVE-2017-7585 at NVDCVE-2017-7741 at SUSECVE-2017-7741 at NVDCVE-2017-7742 at SUSECVE-2017-7742 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libsndfile (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libsndfile fixes the following issues:
- CVE-2017-8362: invalid memory read in flac_buffer_copy (flac.c) (bsc#1036943)
- CVE-2017-8365: global buffer overflow in i2les_array (pcm.c) (bsc#1036946)
- CVE-2017-8361: global buffer overflow in flac_buffer_copy (flac.c) (bsc#1036944)
- CVE-2017-8363: heap-based buffer overflow in flac_buffer_copy (flac.c) (bsc#1036945)
- CVE-2017-7585: stack-based buffer overflow via a specially crafted FLAC file (bsc#1033054)
ModerateSUSE bug 1033054SUSE bug 1033914SUSE bug 1033915SUSE bug 1036943SUSE bug 1036944SUSE bug 1036945SUSE bug 1036946CVE-2017-7585 at SUSECVE-2017-7585 at NVDCVE-2017-7741 at SUSECVE-2017-7741 at NVDCVE-2017-7742 at SUSECVE-2017-7742 at NVDCVE-2017-8361 at SUSECVE-2017-8361 at NVDCVE-2017-8362 at SUSECVE-2017-8362 at NVDCVE-2017-8363 at SUSECVE-2017-8363 at NVDCVE-2017-8365 at SUSECVE-2017-8365 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for libsndfile (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
- This update for libsndfile fixes a memory leak in an error path.(bsc#1038856)
- CVE-2017-16942: A divide-by-zero error exists in the function wav_w64_read_fmt_chunk() in wav_w64.c, which may lead to DoS when playing a crafted audio file. (bsc#1069874)
- CVE-2017-14634: In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file. (bsc#1059911)
- CVE-2017-14245: An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of
the NAN and INFINITY floating-point values. (bsc#1059912)
- CVE-2017-14246: An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of
the NAN and INFINITY floating-point values.(bsc#1059913)
ModerateSUSE bug 1038856SUSE bug 1059911SUSE bug 1059912SUSE bug 1059913SUSE bug 1069874CVE-2017-14245 at SUSECVE-2017-14245 at NVDCVE-2017-14246 at SUSECVE-2017-14246 at NVDCVE-2017-14634 at SUSECVE-2017-14634 at NVDCVE-2017-16942 at SUSECVE-2017-16942 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libsndfile (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libsndfile fixes the following issues:
Security issues fixed:
- CVE-2017-17456: Prevent segmentation fault in the function d2alaw_array() that may have lead to a remote DoS (bsc#1071777).
- CVE-2017-17457: Prevent segmentation fault in the function d2ulaw_array() that may have lead to a remote DoS, a different vulnerability than CVE-2017-14246 (bsc#1071767).
- CVE-2018-19758: Fixed a heap-based buffer over-read at wav.c in wav_write_header that could have been used for a denial of service attack (bsc#1117954).
ModerateSUSE bug 1071767SUSE bug 1071777SUSE bug 1117954CVE-2017-17456 at SUSECVE-2017-17456 at NVDCVE-2017-17457 at SUSECVE-2017-17457 at NVDCVE-2018-19758 at SUSECVE-2018-19758 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libsndfile (Critical)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libsndfile fixes the following issues:
- CVE-2021-3246: Fixed a heap buffer overflow vulnerability in msadpcm_decode_block. (bsc#1188540)
CriticalSUSE bug 1188540CVE-2021-3246 at SUSECVE-2021-3246 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libsndfile (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libsndfile fixes the following issues:
- CVE-2021-4156: Fixed heap buffer overflow in flac_buffer_copy that
could potentially lead to heap exploitation (bsc#1194006).
ImportantSUSE bug 1194006CVE-2021-4156 at SUSECVE-2021-4156 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for net-snmpSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for net-snmp fixes a remote denial of service problem inside
snmptrapd when it is started with the '-OQ' option. (CVE-2014-3565,
bnc#894361)
Additionally, a timeout issue during SNMP MIB walk on OID 1.3.6.1.2.1.4.24
when using newer (v5.5+) versions of snmpwalk has been fixed. (bnc#865222)
Security Issues:
* CVE-2014-3565
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565>
SUSE bug 431495SUSE bug 604297SUSE bug 607152SUSE bug 612644SUSE bug 613595SUSE bug 616360SUSE bug 623497SUSE bug 629073SUSE bug 634530SUSE bug 670789SUSE bug 694026SUSE bug 695786SUSE bug 707636SUSE bug 719930SUSE bug 720440SUSE bug 734454SUSE bug 759352SUSE bug 762433SUSE bug 762887SUSE bug 865222SUSE bug 866942SUSE bug 867349SUSE bug 894361CVE-2012-2141 at SUSECVE-2012-2141 at NVDCVE-2014-2284 at SUSECVE-2014-2284 at NVDCVE-2014-2310 at SUSECVE-2014-2310 at NVDCVE-2014-3565 at SUSECVE-2014-3565 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libsoupSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of libsoup fixes a directory traversal attack that affect
application using the library. CVE-2011-2524: CVSS v2 Base Score: 5.0
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Security Issue reference:
* CVE-2011-2524
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2524>
SUSE bug 706630CVE-2011-2524 at SUSECVE-2011-2524 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libsoup (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libsoup fixes the following issues:
Security issue fixed:
- CVE-2018-12910: Fixed a denial of service which was caused handling empty hostnames in get_cookies() (bsc#1100097).
ModerateSUSE bug 1100097CVE-2018-12910 at SUSECVE-2018-12910 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Feature update for libssh2SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This feature update to libssh2_org brings several improvements from the
upstream project, including:
* Support for the 'aes128-ctr', 'aes192-ctr', 'aes256-ctr' and
'arcfour128' ciphers
* Performance improvements in SFTP and SCP
* Support for the ssh-agent
In addition to that some problems were fixed, including a possible
application hang when waiting for a remote server to return the results of
a command.
SUSE bug 756830SUSE bug 921070CVE-2015-1782 at SUSECVE-2015-1782 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libssh2_org (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libssh2_org fixes the following issues:
- Add SHA256 support for DH group exchange (fate#320343, bsc#961964)
- fix CVE-2016-0787 (bsc#967026)
* Weakness in diffie-hellman secret key generation lead to much shorter DH groups
then needed, which could be used to retrieve server keys.
ModerateSUSE bug 961964SUSE bug 967026CVE-2016-0787 at SUSECVE-2016-0787 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libssh2_org (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libssh2_org fixes the following issues:
Security issues fixed:
- CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets (bsc#1128490).
- CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet (bsc#1128492).
- CVE-2019-3860: Fixed Out-of-bounds reads with specially crafted SFTP packets (bsc#1128481).
- CVE-2019-3863: Fixed an Integer overflow in user authenticate keyboard interactive which could allow out-of-bounds writes
with specially crafted keyboard responses (bsc#1128493).
- CVE-2019-3856: Fixed a potential Integer overflow in keyboard interactive handling which could allow out-of-bounds write
with specially crafted payload (bsc#1128472).
- CVE-2019-3859: Fixed Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require
and _libssh2_packet_requirev (bsc#1128480).
- CVE-2019-3855: Fixed a potential Integer overflow in transport read which could allow out-of-bounds write with specially
crafted payload (bsc#1128471).
- CVE-2019-3858: Fixed a potential zero-byte allocation which could lead to an out-of-bounds read with a specially crafted
SFTP packet (bsc#1128476).
- CVE-2019-3857: Fixed a potential Integer overflow which could lead to zero-byte allocation and out-of-bounds with specially
crafted message channel request SSH packet (bsc#1128474).
Other issue addressed:
- Fixed an issue where libssh2 stops parsing known_hosts (bsc#1091236).
ModerateSUSE bug 1091236SUSE bug 1128471SUSE bug 1128472SUSE bug 1128474SUSE bug 1128476SUSE bug 1128480SUSE bug 1128481SUSE bug 1128490SUSE bug 1128492SUSE bug 1128493CVE-2019-3855 at SUSECVE-2019-3855 at NVDCVE-2019-3856 at SUSECVE-2019-3856 at NVDCVE-2019-3857 at SUSECVE-2019-3857 at NVDCVE-2019-3858 at SUSECVE-2019-3858 at NVDCVE-2019-3859 at SUSECVE-2019-3859 at NVDCVE-2019-3860 at SUSECVE-2019-3860 at NVDCVE-2019-3861 at SUSECVE-2019-3861 at NVDCVE-2019-3862 at SUSECVE-2019-3862 at NVDCVE-2019-3863 at SUSECVE-2019-3863 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libssh2_org (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libssh2_org fixes the following issues:
- Incorrect upstream fix for CVE-2019-3859 broke public key authentication [bsc#1133528, bsc#1130103]
ImportantSUSE bug 1130103SUSE bug 1133528CVE-2019-3859 at SUSECVE-2019-3859 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libssh2_org (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libssh2_org fixes the following issues:
- Fix the previous fix for CVE-2019-3860 (bsc#1136570, bsc#1128481)
(Out-of-bounds reads with specially crafted SFTP packets)
ModerateSUSE bug 1128481SUSE bug 1136570CVE-2019-3860 at SUSECVE-2019-3860 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libssh2_org (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libssh2_org fixes the following issue:
- CVE-2019-17498: Fixed an integer overflow in a bounds check that might have led to the disclosure of sensitive information or a denial of service (bsc#1154862).
ModerateSUSE bug 1154862CVE-2019-17498 at SUSECVE-2019-17498 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libtasn1SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
libtasn1 has been updated to fix three security issues:
* asn1_get_bit_der() could have returned negative bit length
(CVE-2014-3468)
* Multiple boundary check issues could have allowed DoS (CVE-2014-3467)
* Possible DoS by NULL pointer dereference in asn1_read_value_type
(CVE-2014-3469)
Security Issues:
* CVE-2014-3468
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468>
* CVE-2014-3467
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467>
* CVE-2014-3469
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469>
SUSE bug 880735SUSE bug 880737SUSE bug 880738SUSE bug 924828CVE-2014-3467 at SUSECVE-2014-3467 at NVDCVE-2014-3468 at SUSECVE-2014-3468 at NVDCVE-2014-3469 at SUSECVE-2014-3469 at NVDCVE-2015-2806 at SUSECVE-2015-2806 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libtasn1 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libtasn1 fixes the following issues:
Security issues fixed:
- CVE-2018-1000654: Fixed a denial of service in the asn1 parser (bsc#1105435).
- CVE-2017-6891: Fixed a stack overflow in asn1_find_node() (bsc#1040621).
ModerateSUSE bug 1040621SUSE bug 1105435CVE-2017-6891 at SUSECVE-2017-6891 at NVDCVE-2018-1000654 at SUSECVE-2018-1000654 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tomcat6SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Tomcat has been updated to version 6.0.41, which brings security and bug
fixes.
The following security fixes have been fixed:
* CVE-2014-0096: A XXE vulnerability via user supplied XSLTs.
* CVE-2014-0099: Request smuggling via malicious content length header.
* CVE-2014-0119: A XML parser hijack by malicious web application.
Bugs fixed:
* Socket bind fails on tomcat startup when using apr (IPV6)
(bnc#881700)
* classpath for org/apache/juli/logging/LogFactory (bnc#844689)
Security Issues:
* CVE-2014-0099
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099>
* CVE-2014-0096
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096>
* CVE-2014-0119
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0119>
SUSE bug 844689SUSE bug 865746SUSE bug 880346SUSE bug 880347SUSE bug 880348SUSE bug 881700CVE-2014-0096 at SUSECVE-2014-0096 at NVDCVE-2014-0099 at SUSECVE-2014-0099 at NVDCVE-2014-0119 at SUSECVE-2014-0119 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libtcnative-1-0 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libtcnative-1-0 fixes the following issues:
- CVE-2015-4000: Disable 512-bit export-grade cryptography to prevent Logjam
vulnerability (bsc#938945)
ModerateSUSE bug 938945CVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libtcnative-1-0 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libtcnative-1-0 to version 1.1.34 fixes the following issues:
- CVE-2017-15698: Fixed an improper handling of fields with more than 127 bytes
which could allow invalid client certificates to be accepted (bsc#1078679).
- CVE-2018-8019: When using an OCSP responder did not correctly handle invalid
responses. This allowed for revoked client certificates to be incorrectly
identified. It was therefore possible for users to authenticate with revoked
certificates when using mutual TLS (bsc#1103348).
- CVE-2018-8020: Did not properly check OCSP pre-produced responses. Revoked
client certificates may have not been properly identified, allowing for users
to authenticate with revoked certificates to connections that require mutual
TLS (bsc#1103347).
For a complete list of changes please see
http://tomcat.apache.org/native-1.1-doc/miscellaneous/changelog.html
ImportantSUSE bug 1078679SUSE bug 1103347SUSE bug 1103348CVE-2017-15698 at SUSECVE-2017-15698 at NVDCVE-2018-8019 at SUSECVE-2018-8019 at NVDCVE-2018-8020 at SUSECVE-2018-8020 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libtiffSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This tiff update fixes several security issues.
* bnc#834477: CVE-2013-4232 CVE-2013-4231: tiff: buffer overflows/use
after free problem
* bnc#834779: CVE-2013-4243: libtiff (gif2tiff): heap-based buffer
overflow in readgifimage()
* bnc#834788: CVE-2013-4244: libtiff (gif2tiff): OOB Write in LZW
decompressor
Security Issue references:
* CVE-2013-4232
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4232>
* CVE-2013-4231
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4231>
* CVE-2013-4243
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4243>
* CVE-2013-4244
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4244>
SUSE bug 599475SUSE bug 672510SUSE bug 682871SUSE bug 683337SUSE bug 687442SUSE bug 753362SUSE bug 767852SUSE bug 767854SUSE bug 770816SUSE bug 781995SUSE bug 787892SUSE bug 788741SUSE bug 791607SUSE bug 817573SUSE bug 818117SUSE bug 834477SUSE bug 834779SUSE bug 834788CVE-2010-4665 at SUSECVE-2010-4665 at NVDCVE-2011-0191 at SUSECVE-2011-0191 at NVDCVE-2011-0192 at SUSECVE-2011-0192 at NVDCVE-2011-1167 at SUSECVE-2011-1167 at NVDCVE-2012-1173 at SUSECVE-2012-1173 at NVDCVE-2012-2088 at SUSECVE-2012-2088 at NVDCVE-2012-2113 at SUSECVE-2012-2113 at NVDCVE-2012-3401 at SUSECVE-2012-3401 at NVDCVE-2012-4447 at SUSECVE-2012-4447 at NVDCVE-2012-4564 at SUSECVE-2012-4564 at NVDCVE-2012-5581 at SUSECVE-2012-5581 at NVDCVE-2013-1960 at SUSECVE-2013-1960 at NVDCVE-2013-1961 at SUSECVE-2013-1961 at NVDCVE-2013-4231 at SUSECVE-2013-4231 at NVDCVE-2013-4232 at SUSECVE-2013-4232 at NVDCVE-2013-4243 at SUSECVE-2013-4243 at NVDCVE-2013-4244 at SUSECVE-2013-4244 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libtirpc, rpcbind (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libtirpc and rpcbind fixes the following issues:
- CVE-2017-8779: A crafted UDP package could lead rpcbind to remote denial-of-service. (bsc#1037559)
ImportantSUSE bug 1037559CVE-2017-8779 at SUSECVE-2017-8779 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libtirpc (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libtirpc fixes the following issues:
- Prevent remote crash of RPC services (bsc#968175)
ModerateSUSE bug 968175cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libtirpc (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libtirpc fixes the following issues:
Security issues fixed:
- CVE-2018-14621: libtirpc: Infinite loop in EMFILE case in svc_vc.c (bsc#1106519)
- CVE-2018-14622: libtirpc: Segmentation fault in makefd_xprt return value in svc_vc.c (bsc#1106517)
ModerateSUSE bug 1106517SUSE bug 1106519SUSE bug 968175CVE-2018-14621 at SUSECVE-2018-14621 at NVDCVE-2018-14622 at SUSECVE-2018-14622 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libunwind (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libunwind fixes the following issues:
- CVE-2015-3239: Fixed an off-by-one in dwarf_to_unw_regnum() (bsc#936786).
ModerateSUSE bug 936786CVE-2015-3239 at SUSECVE-2015-3239 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for nutsSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of nuts fixes a denial of service flaw that could have been
exploited by remote attackers to cause an application crash of upsd.
Security Issue reference:
* CVE-2012-2944
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2944>
SUSE bug 660236SUSE bug 764699CVE-2012-2944 at SUSECVE-2012-2944 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for libvirtSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update adds a dependency on the netcat-openbsd package for improved
compatibility with SUSE Linux Enterprise 11 SP2 interopability.
SUSE bug 594024SUSE bug 609738SUSE bug 614853SUSE bug 618155SUSE bug 626070SUSE bug 691926SUSE bug 703084SUSE bug 704024SUSE bug 752702CVE-2010-2237 at SUSECVE-2010-2237 at NVDCVE-2010-2238 at SUSECVE-2010-2238 at NVDCVE-2010-2239 at SUSECVE-2010-2239 at NVDCVE-2010-2242 at SUSECVE-2010-2242 at NVDCVE-2011-2511 at SUSECVE-2011-2511 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for LibVNCServer (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The libvncserver package was updated to fix the following security issues:
- bsc#897031: fix several security issues:
* CVE-2014-6051: Integer overflow in MallocFrameBuffer() on client side.
* CVE-2014-6052: Lack of malloc() return value checking on client side.
* CVE-2014-6053: Server crash on a very large ClientCutText message.
* CVE-2014-6054: Server crash when scaling factor is set to zero.
* CVE-2014-6055: Multiple stack overflows in File Transfer feature.
ModerateSUSE bug 897031CVE-2014-6051 at SUSECVE-2014-6051 at NVDCVE-2014-6052 at SUSECVE-2014-6052 at NVDCVE-2014-6053 at SUSECVE-2014-6053 at NVDCVE-2014-6054 at SUSECVE-2014-6054 at NVDCVE-2014-6055 at SUSECVE-2014-6055 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libvorbisSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Specially crafted Ogg files could cause a heap-based buffer overflow in the
vorbis audio compression library that could potentially be exploited by
attackers to cause a crash or execute arbitrary code (CVE-2012-0444).
Security Issue reference:
* CVE-2012-0444
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0444>
SUSE bug 608192SUSE bug 747912CVE-2009-2663 at SUSECVE-2009-2663 at NVDCVE-2012-0444 at SUSECVE-2012-0444 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libvorbis (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libvorbis fixes the following issues:
- CVE-2017-14633: out-of-bounds array read vulnerability exists in
function mapping0_forward() could lead to remote denial of service (bsc#1059811)
- CVE-2017-14632: Remote Code Execution upon freeing uninitialized
memory in function vorbis_analysis_headerout(bsc#1059809)
ModerateSUSE bug 1059809SUSE bug 1059811CVE-2017-14632 at SUSECVE-2017-14632 at NVDCVE-2017-14633 at SUSECVE-2017-14633 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libvorbis (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libvorbis fixes the following issues:
- CVE-2018-5146: Fixed out of bounds memory write while processing Vorbis audio data (bsc#1085687).
ModerateSUSE bug 1085687CVE-2018-5146 at SUSECVE-2018-5146 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libvorbis (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libvorbis fixes the following issues:
Security issues fixed:
- CVE-2018-10393: Fixed stack-based buffer over-read in bark_noise_hybridm (bsc#1091072).
- CVE-2017-14160: Fixed out-of-bounds access inside bark_noise_hybridmp function (bsc#1059812).
ModerateSUSE bug 1059812SUSE bug 1091072CVE-2017-14160 at SUSECVE-2017-14160 at NVDCVE-2018-10393 at SUSECVE-2018-10393 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libvorbis (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libvorbis fixes the following issues:
The following security issue was fixed:
- Fixed the validation of channels in mapping0_forward(), which previously
allowed remote attackers to cause a denial of service via specially crafted
files (CVE-2018-10392, bsc#1091070)
ModerateSUSE bug 1091070CVE-2018-10392 at SUSECVE-2018-10392 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openwsmanSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update adds a configuration option to disable SSLv2 and SSLv3 in
openwsman. This is required to mitigate CVE-2014-3566.
To use the new option, edit /etc/openwsman/openwsman.conf and add the
following line to the [server] section:
ssl_disabled_protocols = SSLv2 SSLv3
Security Issues:
* CVE-2014-3566
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566>
SUSE bug 901882CVE-2014-3566 at SUSECVE-2014-3566 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxcryptSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The security update for CVE-2011-2483 broke changing blowfish passwords if
compat mode was turned on (default). This update fixes the regression.
Security Issue reference:
* CVE-2011-2483
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2483>
SUSE bug 713727CVE-2011-2483 at SUSECVE-2011-2483 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxml2SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes a denial of service via recursive entity expansion.
(CVE-2014-3660)
Security Issues:
* CVE-2014-3660
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660>
SUSE bug 648277SUSE bug 661471SUSE bug 697372SUSE bug 732787SUSE bug 739894SUSE bug 748561SUSE bug 764538SUSE bug 769184SUSE bug 793334SUSE bug 805233SUSE bug 829077SUSE bug 854869SUSE bug 901546CVE-2010-4008 at SUSECVE-2010-4008 at NVDCVE-2010-4494 at SUSECVE-2010-4494 at NVDCVE-2011-1944 at SUSECVE-2011-1944 at NVDCVE-2011-2821 at SUSECVE-2011-2821 at NVDCVE-2011-2834 at SUSECVE-2011-2834 at NVDCVE-2011-3102 at SUSECVE-2011-3102 at NVDCVE-2011-3919 at SUSECVE-2011-3919 at NVDCVE-2012-0841 at SUSECVE-2012-0841 at NVDCVE-2012-2807 at SUSECVE-2012-2807 at NVDCVE-2012-5134 at SUSECVE-2012-5134 at NVDCVE-2013-0338 at SUSECVE-2013-0338 at NVDCVE-2013-0339 at SUSECVE-2013-0339 at NVDCVE-2013-2877 at SUSECVE-2013-2877 at NVDCVE-2014-3660 at SUSECVE-2014-3660 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxml2 fixes two security issues:
- libxml2 limits the number of recursions an XML document can contain so to protect against the 'Billion Laughs' denial-of-service attack. Unfortunately, the underlying counter was not incremented properly in all necessary locations. Therefore, specially crafted XML documents could exhaust all available stack space and crash the XML parser without running into the recursion limit. This vulnerability has been fixed. (bsc#975947)
- When running in recovery mode, certain invalid XML documents would trigger an infinite recursion in libxml2 that ran until all stack space was exhausted. This vulnerability could have been used to facilitate a denial-of-sevice attack. (CVE-2016-3627, bsc#972335)
ModerateSUSE bug 972335SUSE bug 975947CVE-2016-3627 at SUSECVE-2016-3627 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxml2 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxml2 fixes the following security issues:
- CVE-2016-2073, CVE-2015-8806, CVE-2016-1839: A Heap-buffer overread
was fixed in libxml2/dict.c [bsc#963963, bsc#965283, bsc#981114].
- CVE-2016-4483: Code was added to avoid an out of bound access when
serializing malformed strings [bsc#978395].
- CVE-2016-1762: Fixed a heap-based buffer overread in xmlNextChar [bsc#981040].
- CVE-2016-1834: Fixed a heap-buffer-overflow in xmlStrncat [bsc#981041].
- CVE-2016-1833: Fixed a heap-based buffer overread in htmlCurrentChar [bsc#981108].
- CVE-2016-1835: Fixed a heap use-after-free in xmlSAX2AttributeNs [bsc#981109].
- CVE-2016-1837: Fixed a heap use-after-free in htmlParsePubidLiteral
and htmlParseSystemiteral [bsc#981111].
- CVE-2016-1838: Fixed a heap-based buffer overread in
xmlParserPrintFileContextInternal [bsc#981112].
- CVE-2016-1840: Fixed a heap-buffer-overflow in xmlFAParsePosCharGroup [bsc#981115].
- CVE-2016-4447: Fixed a heap-based buffer-underreads due to xmlParseName [bsc#981548].
- CVE-2016-4448: Fixed some format string warnings with possible format
string vulnerability [bsc#981549],
- CVE-2016-4449: Fixed inappropriate fetch of entities content [bsc#981550].
- CVE-2016-3705: Fixed missing increment of recursion counter.
ImportantSUSE bug 963963SUSE bug 965283SUSE bug 978395SUSE bug 981040SUSE bug 981041SUSE bug 981108SUSE bug 981109SUSE bug 981111SUSE bug 981112SUSE bug 981114SUSE bug 981115SUSE bug 981548SUSE bug 981549SUSE bug 981550CVE-2015-8806 at SUSECVE-2015-8806 at NVDCVE-2016-1762 at SUSECVE-2016-1762 at NVDCVE-2016-1833 at SUSECVE-2016-1833 at NVDCVE-2016-1834 at SUSECVE-2016-1834 at NVDCVE-2016-1835 at SUSECVE-2016-1835 at NVDCVE-2016-1837 at SUSECVE-2016-1837 at NVDCVE-2016-1838 at SUSECVE-2016-1838 at NVDCVE-2016-1839 at SUSECVE-2016-1839 at NVDCVE-2016-1840 at SUSECVE-2016-1840 at NVDCVE-2016-2073 at SUSECVE-2016-2073 at NVDCVE-2016-3705 at SUSECVE-2016-3705 at NVDCVE-2016-4447 at SUSECVE-2016-4447 at NVDCVE-2016-4448 at SUSECVE-2016-4448 at NVDCVE-2016-4449 at SUSECVE-2016-4449 at NVDCVE-2016-4483 at SUSECVE-2016-4483 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxml2 fixes an issue when processing external entities introduced
with the fix for CVE-2014-0191.
ModerateSUSE bug 996079CVE-2014-0191 at SUSECVE-2014-0191 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxml2 fixes the following issues:
- CVE-2016-4658: Use after free via namespace node in XPointer ranges (bsc#1005544).
ModerateSUSE bug 1005544CVE-2016-4658 at SUSECVE-2016-4658 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxml2 fixes the following issues:
* CVE-2016-9318: libxml2 did not offer a flag directly indicating that the current document may be read but other files may not be opened, which made it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document (bsc#1010675).
* Prevent NULL dereference in xpointer.c and xmlDumpElementContent, and infinite recursion in xmlParseConditionalSections when in recovery mode(bnc#1014873)
ModerateSUSE bug 1010675SUSE bug 1014873CVE-2016-9318 at SUSECVE-2016-9318 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxml2 fixes the following issues:
Security issues fixed:
- CVE-2017-9050: heap-based buffer overflow (xmlDictAddString func) [bsc#1039069, bsc#1039661]
- CVE-2017-9049: heap-based buffer overflow (xmlDictComputeFastKey func) [bsc#1039066]
- CVE-2017-9048: stack overflow vulnerability (xmlSnprintfElementContent func) [bsc#1039063]
- CVE-2017-9047: stack overflow vulnerability (xmlSnprintfElementContent func) [bsc#1039064]
A clarification for the previously released update: For CVE-2016-9318 we decided
not to ship a fix since it can break existing setups. Please take appropriate
actions if you parse untrusted XML files and use the new -noxxe flag if
possible (bnc#1010675, bnc#1013930).
ModerateSUSE bug 1010675SUSE bug 1013930SUSE bug 1039063SUSE bug 1039064SUSE bug 1039066SUSE bug 1039069SUSE bug 1039661CVE-2016-9318 at SUSECVE-2016-9318 at NVDCVE-2017-9047 at SUSECVE-2017-9047 at NVDCVE-2017-9048 at SUSECVE-2017-9048 at NVDCVE-2017-9049 at SUSECVE-2017-9049 at NVDCVE-2017-9050 at SUSECVE-2017-9050 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxml2 fixes the following issues:
Security issues fixed:
* CVE-2017-0663: Fixed a heap buffer overflow in xmlAddID (bsc#1044337)
* CVE-2017-5969: Fixed a NULL pointer deref in xmlDumpElementContent (bsc#1024989)
* CVE-2017-7375: Prevented an unwanted external entity reference (bsc#1044894)
* CVE-2017-7376: Increase buffer space for port in HTTP redirect support (bsc#1044887)
ModerateSUSE bug 1024989SUSE bug 1044337SUSE bug 1044887SUSE bug 1044894CVE-2017-0663 at SUSECVE-2017-0663 at NVDCVE-2017-5969 at SUSECVE-2017-5969 at NVDCVE-2017-7375 at SUSECVE-2017-7375 at NVDCVE-2017-7376 at SUSECVE-2017-7376 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxml2 fixes the following issues:
- CVE-2017-8872: Out-of-bounds read could lead to application crash (bsc#1038444)
ModerateSUSE bug 1038444CVE-2017-8872 at SUSECVE-2017-8872 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxml2 fixes several issues.
Theses security issues were fixed:
- CVE-2017-16932: Fixed infinite recursion could lead to an infinite loop or
memory exhaustion when expanding a parameter entity in a DTD (bsc#1069689).
- CVE-2017-15412: Prevent use after free when calling XPath extension functions
that allowed remote attackers to cause DoS or potentially RCE (bsc#1077993)
- CVE-2016-5131: Use-after-free vulnerability in libxml2 allowed
remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to the XPointer range-to
function. (bsc#1078813)
- CVE-2017-5130: Fixed a potential remote buffer overflow in function
xmlMemoryStrdup() (bsc#1078806)
ModerateSUSE bug 1069689SUSE bug 1077993SUSE bug 1078806SUSE bug 1078813CVE-2016-5131 at SUSECVE-2016-5131 at NVDCVE-2017-15412 at SUSECVE-2017-15412 at NVDCVE-2017-16932 at SUSECVE-2017-16932 at NVDCVE-2017-5130 at SUSECVE-2017-5130 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxml2 fixes the following issues:
Security issue fixed:
- CVE-2018-14404: Prevent NULL pointer dereference in the xmlXPathCompOpEval()
function when parsing an invalid XPath expression in the XPATH_OP_AND or
XPATH_OP_OR case leading to a denial of service attack (bsc#1102046)
Other Issue fixed:
- Fixed a bug related to the fix for CVE-2016-9318 which allowed xsltproc to access
the internet even when --nonet was given and also was making docbook-xsl-stylesheets to have
incomplete xml catalog file (bsc#1010675, bsc#1126613 and bsc#1110146).
ModerateSUSE bug 1010675SUSE bug 1102046SUSE bug 1110146SUSE bug 1126613CVE-2016-9318 at SUSECVE-2016-9318 at NVDCVE-2018-14404 at SUSECVE-2018-14404 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxml2 (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxml2 doesn't fix any additional security issues, but correct its rpm changelog to reflect
all CVEs that have been fixed over the past.
LowSUSE bug 1123919cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxml2 fixes the following issues:
- CVE-2019-20388: Fixed a memory leak in xmlSchemaPreRun (bsc#1161521).
- CVE-2020-7595: Fixed an infinite loop in an EOF situation (bsc#1161517).
- CVE-2019-19956: Fixed a memory leak in xmlParseBalancedChunkMemoryRecover (bsc#1159928).
ModerateSUSE bug 1159928SUSE bug 1161517SUSE bug 1161521CVE-2019-19956 at SUSECVE-2019-19956 at NVDCVE-2019-20388 at SUSECVE-2019-20388 at NVDCVE-2020-7595 at SUSECVE-2020-7595 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxml2 fixes the following issues:
- CVE-2020-24977: Fixed a global-buffer-overflow in xmlEncodeEntitiesInternal (bsc#1176179).
ModerateSUSE bug 1176179CVE-2020-24977 at SUSECVE-2020-24977 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxml2 fixes the following issues:
- CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess (bsc#1185408).
- CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal (bsc#1185410).
- CVE-2021-3516: Fixed a use after free in xmlEncodeEntitiesInternal() in entities.c (bsc#1185409)
ModerateSUSE bug 1185408SUSE bug 1185409SUSE bug 1185410CVE-2014-0191 at SUSECVE-2014-0191 at NVDCVE-2021-3516 at SUSECVE-2021-3516 at NVDCVE-2021-3517 at SUSECVE-2021-3517 at NVDCVE-2021-3518 at SUSECVE-2021-3518 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxml2 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxml2 fixes the following issues:
Security issues fixed:
- CVE-2021-3537: NULL pointer dereference in valid.c:xmlValidBuildAContentModel (bsc#1185698)
- CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess (bsc#1185408).
- CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal (bsc#1185410).
- CVE-2021-3516: Fixed a use after free in xmlEncodeEntitiesInternal() in entities.c (bsc#1185409)
- CVE-2020-24977: Fixed a global-buffer-overflow in xmlEncodeEntitiesInternal (bsc#1176179).
- CVE-2019-20388: Fixed a memory leak in xmlSchemaPreRun (bsc#1161521).
- CVE-2020-7595: Fixed an infinite loop in an EOF situation (bsc#1161517).
- CVE-2019-19956: Fixed a memory leak in xmlParseBalancedChunkMemoryRecover (bsc#1159928).
ImportantSUSE bug 1159928SUSE bug 1161517SUSE bug 1161521SUSE bug 1176179SUSE bug 1185408SUSE bug 1185409SUSE bug 1185410SUSE bug 1185698CVE-2014-0191 at SUSECVE-2014-0191 at NVDCVE-2019-19956 at SUSECVE-2019-19956 at NVDCVE-2019-20388 at SUSECVE-2019-20388 at NVDCVE-2020-24977 at SUSECVE-2020-24977 at NVDCVE-2020-7595 at SUSECVE-2020-7595 at NVDCVE-2021-3516 at SUSECVE-2021-3516 at NVDCVE-2021-3517 at SUSECVE-2021-3517 at NVDCVE-2021-3518 at SUSECVE-2021-3518 at NVDCVE-2021-3537 at SUSECVE-2021-3537 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxml2 fixes the following issues:
- CVE-2021-3541: Fixed exponential entity expansion attack that could bypass all existing protection mechanisms (bsc#1186015).
ModerateSUSE bug 1186015CVE-2021-3541 at SUSECVE-2021-3541 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxml2 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxml2 fixes the following issues:
- CVE-2022-23308: Fixed a use-after-free of ID and IDREF attributes (bsc#1196490).
ImportantSUSE bug 1196490CVE-2022-23308 at SUSECVE-2022-23308 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes the following security issues:
* CVE-2015-1819 Enforce the reader to run in constant memory [bnc#928193]
* CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors [bnc#951734]
* CVE-2015-7942 Fix another variation of overflow in Conditional sections [bnc#951735]
* CVE-2015-8241 Avoid extra processing of MarkupDecl when EOF [bnc#956018]
* CVE-2015-8242 Buffer overead with HTML parser in push mode [bnc#956021]
* CVE-2015-8317 Return if the encoding declaration is broken or encoding conversion failed [bnc#956260]
* CVE-2015-5312 Fix another entity expansion issue [bnc#957105]
* CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey [bnc#957106]
* CVE-2015-7498 Processes entities after encoding conversion failures [bnc#957107]
* CVE-2015-7499 Add xmlHaltParser() to stop the parser / Detect incoherency on GROW [bnc#957109]
* CVE-2015-7500 Fix memory access error due to incorrect entities boundaries [bnc#957110]
ModerateSUSE bug 928193SUSE bug 951734SUSE bug 951735SUSE bug 956018SUSE bug 956021SUSE bug 956260SUSE bug 957105SUSE bug 957106SUSE bug 957107SUSE bug 957109SUSE bug 957110CVE-2015-1819 at SUSECVE-2015-1819 at NVDCVE-2015-5312 at SUSECVE-2015-5312 at NVDCVE-2015-7497 at SUSECVE-2015-7497 at NVDCVE-2015-7498 at SUSECVE-2015-7498 at NVDCVE-2015-7499 at SUSECVE-2015-7499 at NVDCVE-2015-7500 at SUSECVE-2015-7500 at NVDCVE-2015-7941 at SUSECVE-2015-7941 at NVDCVE-2015-7942 at SUSECVE-2015-7942 at NVDCVE-2015-8241 at SUSECVE-2015-8241 at NVDCVE-2015-8242 at SUSECVE-2015-8242 at NVDCVE-2015-8317 at SUSECVE-2015-8317 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxml2 fixes the following security issue:
- CVE-2015-8710: Parsing short unclosed HTML comment could cause uninitialized memory access, which allowed remote attackers to read contents from previous HTTP requests depending on the application (bsc#960674)
ModerateSUSE bug 960674CVE-2015-8710 at SUSECVE-2015-8710 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxsltSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
libxslt received a security update to fix a security issue:
* CVE-2013-4520: The XSL implementation in libxslt allowed remote
attackers to cause a denial of service (crash) via an invalid DTD.
(addendum due to incomplete fix for CVE-2012-2825)
Security Issue references:
* CVE-2012-6139
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6139>
* CVE-2012-2825
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2825>
* CVE-2011-3970
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3970>
SUSE bug 746039SUSE bug 769182SUSE bug 811686SUSE bug 849019CVE-2011-3970 at SUSECVE-2011-3970 at NVDCVE-2012-2825 at SUSECVE-2012-2825 at NVDCVE-2012-6139 at SUSECVE-2012-6139 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxslt (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxslt fixes the following issues:
- CVE-2017-5029: The xsltAddTextString function in transform.c lacked a check
for integer overflow during a size calculation, which allowed a remote attacker
to perform an out of bounds memory write via a crafted HTML page (bsc#1035905).
- CVE-2016-4738: Fix heap overread in xsltFormatNumberConversion: An empty decimal-separator
could cause a heap overread. This can be exploited to leak a couple of bytes after
the buffer that holds the pattern string (bsc#1005591).
- CVE-2015-9019: Properly initialize random generator (bsc#934119).
- CVE-2015-7995: Vulnerability in function xsltStylePreCompute' in preproc.c could cause a
type confusion leading to DoS. (bsc#952474)
ModerateSUSE bug 1005591SUSE bug 1035905SUSE bug 934119SUSE bug 952474CVE-2015-7995 at SUSECVE-2015-7995 at NVDCVE-2015-9019 at SUSECVE-2015-9019 at NVDCVE-2016-4738 at SUSECVE-2016-4738 at NVDCVE-2017-5029 at SUSECVE-2017-5029 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxslt (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxslt fixes the following issues:
Security issue fixed:
- CVE-2019-11068: Fixed a protection mechanism bypass where callers of
xsltCheckRead() and xsltCheckWrite() would permit access upon receiving an
error (bsc#1132160).
ModerateSUSE bug 1132160CVE-2019-11068 at SUSECVE-2019-11068 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libxslt (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libxslt fixes the following issues:
Security issues fixed:
- CVE-2019-13118: Fixed a read of uninitialized stack data (bsc#1140101).
- CVE-2019-13117: Fixed a uninitialized read which allowed to discern whether a byte on the stack contains certain special characters (bsc#1140095).
- CVE-2019-18197: Fixed a dangling pointer in xsltCopyText which may have led to information disclosure (bsc#1154609).
ModerateSUSE bug 1140095SUSE bug 1140101SUSE bug 1154609CVE-2019-11068 at SUSECVE-2019-11068 at NVDCVE-2019-13117 at SUSECVE-2019-13117 at NVDCVE-2019-13118 at SUSECVE-2019-13118 at NVDCVE-2019-18197 at SUSECVE-2019-18197 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libzip1SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The following bug has been fixed:
* empty zip archives could crash programs using libzip (CVE-2011-0421).
Security Issue reference:
* CVE-2011-0421
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421>
SUSE bug 681193CVE-2011-0421 at SUSECVE-2011-0421 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1YOU update for libzyppSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
libzypp did not handle multiple gpg pubkeys in the repomd.xml.key and
content.key consistently and secure. Attackers could have exploited this to
add their own keys and pretend it's from SUSE.
Security Issue reference:
* CVE-2013-3704
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3704>
SUSE bug 684466SUSE bug 694427SUSE bug 709480SUSE bug 828672CVE-2013-3704 at SUSECVE-2013-3704 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for log4j (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for log4j fixes the following issues:
- CVE-2019-17571: Fixed a remote code execution by deserialization of untrusted data in SocketServer (bsc#1159646).
ImportantSUSE bug 1159646CVE-2019-17571 at SUSECVE-2019-17571 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for log4j (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for log4j fixes the following issues:
- CVE-2021-4104: Disable the JMSAppender class from log4j to protect against
the log4jshell vulnerability. [bsc#1193662]
ImportantSUSE bug 1193662CVE-2021-4104 at SUSECVE-2021-4104 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for log4j (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for log4j fixes the following issues:
- CVE-2022-23307: Fixed deserialization flaw in the chainsaw component of log4j leading to malicious code execution. (bsc#1194844)
- CVE-2022-23305: Fixed SQL injection when application is configured to use JDBCAppender. (bsc#1194843)
- CVE-2022-23302: Fixed remote code execution when application is configured to use JMSSink. (bsc#1194842)
ImportantSUSE bug 1194842SUSE bug 1194843SUSE bug 1194844CVE-2022-23302 at SUSECVE-2022-23302 at NVDCVE-2022-23305 at SUSECVE-2022-23305 at NVDCVE-2022-23307 at SUSECVE-2022-23307 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for logrotateSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
In order to make logrotate more robust against manipulated log directories
logrotate was changed to
* add a 'su' config option which makes logrotate run partially as the
specified user
* run external helpers like log file compressors as the user configured
with the 'su' option
* issue a warning for log directories writable by non-root users
* not follow symlinks when rotating logs
Security Issue reference:
* CVE-2011-1550
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1550>
SUSE bug 651685SUSE bug 677335SUSE bug 677336SUSE bug 679661SUSE bug 679662CVE-2011-1098 at SUSECVE-2011-1098 at NVDCVE-2011-1154 at SUSECVE-2011-1154 at NVDCVE-2011-1155 at SUSECVE-2011-1155 at NVDCVE-2011-1550 at SUSECVE-2011-1550 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for logwatchSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes an issue in logwatch where it wouldn't start with the
service dmeventd because the crontab entry in /etc/cron.d/dmeventd was
lacking the user name. In addition the print flag is reset if the output
has to be saved (bnc#559856).
SUSE bug 559856SUSE bug 674984SUSE bug 724164CVE-2011-1018 at SUSECVE-2011-1018 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for LVM2SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
clvmd, when running, allowed unprivileged local users to issue arbitrary
lvm commands (CVE-2010-2526) via incorrect permissions. This has been
fixed.
SUSE bug 622537CVE-2010-2526 at SUSECVE-2010-2526 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for mailman, mailman-debuginfo, mailman-debugsourceSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for mailman resolves the following issues:
* Fix logrotation scripts in mailman erroring out due to non-root
directory ownership (bnc#754623)
* Fix a permission problem in private mailing list archives
(bnc#697638). (CVE-2002-0389)
SUSE bug 621104SUSE bug 637295SUSE bug 671745SUSE bug 677335SUSE bug 697638SUSE bug 750259SUSE bug 754623CVE-2002-0389 at SUSECVE-2002-0389 at NVDCVE-2010-3089 at SUSECVE-2010-3089 at NVDCVE-2010-3090 at SUSECVE-2010-3090 at NVDCVE-2011-0707 at SUSECVE-2011-0707 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for mailman (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for mailman to version 2.1.15 fixes the following issues:
- CVE-2016-6893: Prevent cross-site request forgery (CSRF) vulnerability in the
user options page that allowed remote attackers to hijack the authentication of
arbitrary users for requests that modify an option (bsc#995352).
- Various other hardenings against CSFR attacks
For details please see https://launchpad.net/mailman/+milestone/2.1.15
ModerateSUSE bug 995352CVE-2016-6893 at SUSECVE-2016-6893 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for mailman (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for mailman fixes the following issues:
- Fixed a XSS vulnerability and information leak in user options CGI, which
could be used to execute arbitrary scripts in the user's browser via
specially encoded URLs (bsc#1077358 CVE-2018-5950)
- Fixed a directory traversal vulnerability in MTA transports when using the
recommended Mailman Transport for Exim (bsc#925502 CVE-2015-2775)
- Fixed a XSS vulnerability, which allowed malicious listowners to inject
scripts into the listinfo pages (bsc#1099510 CVE-2018-0618)
- Fixed arbitrary text injection vulnerability in several mailman CGIs
(CVE-2018-13796 bsc#1101288)
- Fixed a CSRF vulnerability on the user options page (CVE-2016-6893 bsc#995352)
ImportantSUSE bug 1077358SUSE bug 1099510SUSE bug 1101288SUSE bug 925502SUSE bug 995352CVE-2015-2775 at SUSECVE-2015-2775 at NVDCVE-2016-6893 at SUSECVE-2016-6893 at NVDCVE-2018-0618 at SUSECVE-2018-0618 at NVDCVE-2018-13796 at SUSECVE-2018-13796 at NVDCVE-2018-5950 at SUSECVE-2018-5950 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for mailman (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for mailman fixes the following issues:
Security issue fixed:
- CVE-2016-6893: Fixed a Cross-site request forgery vulnerability in the admin web interface (bsc#997205).
Following bug was fixed:
- Allow CSRF check to pass in mailman web frontend if the list
name contains a '+' (bsc#1102416)
ImportantSUSE bug 1102416SUSE bug 997205CVE-2016-6893 at SUSECVE-2016-6893 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for mailman (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for mailman fixes the following issues:
- CVE-2019-3693: Fixed a local privilege escalation from wwwrun to root (bsc#1154328).
ImportantSUSE bug 1154328CVE-2019-3693 at SUSECVE-2019-3693 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for mailman (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for mailman fixes the following issues:
Security issue fixed:
- CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion (bsc#1170558).
Non-security issue fixed:
- Fixed rights and ownership on /var/lib/mailman/archives (bsc#1167068).
ImportantSUSE bug 1167068SUSE bug 1170558CVE-2020-12137 at SUSECVE-2020-12137 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for mailman (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for mailman fixes the following issues:
Security issue fixed:
- CVE-2020-12108: Fixed a content injection bug (bsc#1171363).
Non-security issue fixed:
- Don't default to invalid hosts for DEFAULT_EMAIL_HOST (bsc#682920).
ModerateSUSE bug 1171363SUSE bug 682920CVE-2020-12108 at SUSECVE-2020-12108 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for mailman (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for mailman fixes the following issues:
- CVE-2020-15011: Fixed a possible Arbitrary Content Injection via the private archive login page (bsc#1173369).
ImportantSUSE bug 1173369CVE-2020-15011 at SUSECVE-2020-15011 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for mailxSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update provides mailx 12.5, which provides the following fixes:
* Better detection of base64 encoded text if acrossed a line
* A null pointer dereference that lead to a segmentation fault when the
user hit return at a yes/no question has been fixed
* When both standard input and standard output refer to a terminal,
ignore SIGPIPE
* With the '-E' command line option or if the 'skipemptybody' variable
is set, outgoing messages that contain no text in their first or only
part are not sent but silently discarded.
* When an attachment that would have a 'text/something' content type
contains illegal byte sequences, it is now reliably sent out with the
'application/octet-stream' content type instead
* Fixed a bug that caused messages to be truncated with IMAP servers
that use LF as line ending in message data, such as Google Mail
(reported by Matthew L. Shobe).
* Do not run filename expansion for IMAP or POP3 mailboxes names,
making it possible to select mailboxes that contain both brackets and
spaces in their names (reported by Matthew L. Shobe).
* Fixed the format of the timezone in 'Date' header fields for zones in
the Western Hemisphere whose offsets are not an integral number of
hours (patch by Matthew Fischer).
* Fixed a message corruption that occurred when the 'inc' command was
used with a mbox format mailbox after encrypted messages had been
viewed (reported by Martin Neitzel).
* Fixed a condition that caused mailx to hang when looking at a
message, copying that message, and issuing a 'z' command evaluating
an uncached portion of an IMAP folder.
* When the ORGANIZATION variable has an empty value, do not generate an
'Organization:' header field. Previously, this condition resulted in
mailx refusing to send mail
In addition, handling the encoding in non-UTF8 locales was improved
(bnc#753340)
SUSE bug 753340SUSE bug 909208CVE-2004-2771 at SUSECVE-2004-2771 at NVDCVE-2014-7844 at SUSECVE-2014-7844 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for man-pagesSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update to man-pages improves the open(2) man page to describe in more
detail a race condition that can occur between the fork() system call and
direct I/O operations.
SUSE bug 470005SUSE bug 707484SUSE bug 707487SUSE bug 713389SUSE bug 742607SUSE bug 753103CVE-2011-2483 at SUSECVE-2011-2483 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox, mozilla-nss fixes security issues and bugs.
The following vulnerabilities were fixed in Firefox ESR 45.5.1 (bsc#1009026):
- CVE-2016-9079: Use-after-free in SVG Animation (bsc#1012964 MFSA 2016-92)
- CVE-2016-5297: Incorrect argument length checking in Javascript (bsc#1010401)
- CVE-2016-9066: Integer overflow leading to a buffer overflow in nsScriptLoadHandler (bsc#1010404)
- CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1 (bsc#1010395)
- CVE-2016-9064: Addons update must verify IDs match between current and new versions (bsc#1010402)
- CVE-2016-5290: Memory safety bugs fixed in Firefox 50 and Firefox ESR 45.5 (bsc#1010427)
- CVE-2016-5291: Same-origin policy violation using local HTML file and saved shortcut file (bsc#1010410)
The following vulnerabilities were fixed in mozilla-nss 3.21.3:
- CVE-2016-9074: Insufficient timing side-channel resistance in divSpoiler (bsc#1010422)
- CVE-2016-5285: Missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime causes server crash (bsc#1010517)
The following bugs were fixed:
- Firefox would fail to go into fullscreen mode with some window managers (bsc#992549)
- font warning messages would flood console, now using fontconfig configuration from
firefox-fontconfig instead of the system one (bsc#1000751)
ImportantSUSE bug 1000751SUSE bug 1009026SUSE bug 1010395SUSE bug 1010401SUSE bug 1010402SUSE bug 1010404SUSE bug 1010410SUSE bug 1010422SUSE bug 1010427SUSE bug 1010517SUSE bug 1012964SUSE bug 992549CVE-2016-5285 at SUSECVE-2016-5285 at NVDCVE-2016-5290 at SUSECVE-2016-5290 at NVDCVE-2016-5291 at SUSECVE-2016-5291 at NVDCVE-2016-5296 at SUSECVE-2016-5296 at NVDCVE-2016-5297 at SUSECVE-2016-5297 at NVDCVE-2016-9064 at SUSECVE-2016-9064 at NVDCVE-2016-9066 at SUSECVE-2016-9066 at NVDCVE-2016-9074 at SUSECVE-2016-9074 at NVDCVE-2016-9079 at SUSECVE-2016-9079 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for mgetty (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for mgetty fixes the following issues:
- CVE-2018-16741: The function do_activate() did not properly sanitize shell
metacharacters to prevent command injection (bsc#1108752)
- CVE-2018-16745: The mail_to parameter was not sanitized, leading to a buffer
overflow if long untrusted input reached it (bsc#1108756)
- CVE-2018-16744: The mail_to parameter was not sanitized, leading to command
injection if untrusted input reached reach it (bsc#1108757)
- CVE-2018-16742: Prevent stack-based buffer overflow that could have been
triggered via a command-line parameter (bsc#1108762)
- CVE-2018-16743: The command-line parameter username wsa passed unsanitized to
strcpy(), which could have caused a stack-based buffer overflow (bsc#1108761)
ImportantSUSE bug 1108752SUSE bug 1108756SUSE bug 1108757SUSE bug 1108761SUSE bug 1108762CVE-2018-16741 at SUSECVE-2018-16741 at NVDCVE-2018-16742 at SUSECVE-2018-16742 at NVDCVE-2018-16743 at SUSECVE-2018-16743 at NVDCVE-2018-16744 at SUSECVE-2018-16744 at NVDCVE-2018-16745 at SUSECVE-2018-16745 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for mgetty (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for mgetty fixes the following issues:
- CVE-2019-1010190: Fixed a denial of service which could be caused by a local attacker in putwhitespan() (bsc#1142770).
ModerateSUSE bug 1142770CVE-2019-1010190 at SUSECVE-2019-1010190 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for microcode_ctl fixes the following issues:
This new firmware disables branch prediction on AMD family 17h
processor.
Also the CPU microcode for Intel Haswell-X, Skylake-X and Broadwell-X chipsets
was updated to report both branch prediction control via CPUID flag and
ability to control branch prediction via an MSR register.
This update is part of a mitigation for a branch predictor based
information disclosure attack, and needs additional code in the Linux
Kernel to be active (bsc#1068032 CVE-2017-5715)
ImportantSUSE bug 1068032CVE-2017-5715 at SUSECVE-2017-5715 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Update to Intel CPU Microcode version 20180108 (bsc#1075262 CVE-2017-5715)
- The pre-released microcode fixing some important security issues
is now officially published (and included in the added tarball).
ImportantSUSE bug 1075262CVE-2017-5715 at SUSECVE-2017-5715 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ucode-intel fixes the following issues:
The Intel CPU microcode version was updated to version 20180312.
This update enables the IBPB+IBRS based mitigations of the Spectre v2 flaws (boo#1085207 CVE-2017-5715)
- New Platforms
- BDX-DE EGW A0 6-56-5:10 e000009
- SKX B1 6-55-3:97 1000140
- Updates
- SNB D2 6-2a-7:12 29->2d
- JKT C1 6-2d-6:6d 619->61c
- JKT C2 6-2d-7:6d 710->713
- IVB E2 6-3a-9:12 1c->1f
- IVT C0 6-3e-4:ed 428->42c
- IVT D1 6-3e-7:ed 70d->713
- HSW Cx/Dx 6-3c-3:32 22->24
- HSW-ULT Cx/Dx 6-45-1:72 20->23
- CRW Cx 6-46-1:32 17->19
- HSX C0 6-3f-2:6f 3a->3c
- HSX-EX E0 6-3f-4:80 0f->11
- BDW-U/Y E/F 6-3d-4:c0 25->2a
- BDW-H E/G 6-47-1:22 17->1d
- BDX-DE V0/V1 6-56-2:10 0f->15
- BDW-DE V2 6-56-3:10 700000d->7000012
- BDW-DE Y0 6-56-4:10 f00000a->f000011
- SKL-U/Y D0 6-4e-3:c0 ba->c2
- SKL R0 6-5e-3:36 ba->c2
- KBL-U/Y H0 6-8e-9:c0 62->84
- KBL B0 6-9e-9:2a 5e->84
- CFL D0 6-8e-a:c0 70->84
- CFL U0 6-9e-a:22 70->84
- CFL B0 6-9e-b:02 72->84
- SKX H0 6-55-4:b7 2000035->2000043
ImportantSUSE bug 1085207CVE-2017-5715 at SUSECVE-2017-5715 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for microcode_ctl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for microcode_ctl fixes the following security issue:
- CVE-2017-5715: Prevent unauthorized disclosure of information to an attacker
with local user access caused by speculative execution and indirect branch
prediction (bsc#1095735)
ModerateSUSE bug 1095735CVE-2017-5715 at SUSECVE-2017-5715 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for microcode_ctl fixes the following issues:
The Intel CPU Microcode bundle was updated to the 20180703 release
For the listed CPU chipsets this fixes CVE-2018-3640 (Spectre v3a) and
helps mitigating CVE-2018-3639 (Spectre v4) (bsc#1100147 bsc#1087082 bsc#1087083)
More details can be found on:
https://downloadcenter.intel.com/download/27945/Linux-Processor-Microcode-Data-File
Following chipsets are fixed in this round:
Model Stepping F-MO-S/PI Old->New
---- updated platforms ------------------------------------
SNB-EP C1 6-2d-6/6d 0000061c->0000061d Xeon E5
SNB-EP C2 6-2d-7/6d 00000713->00000714 Xeon E5
IVT C0 6-3e-4/ed 0000042c->0000042d Xeon E5 v2; Core i7-4960X/4930K/4820K
IVT D1 6-3e-7/ed 00000713->00000714 Xeon E5 v2
HSX-E/EP/4S C0 6-3f-2/6f 0000003c->0000003d Xeon E5 v3
HSX-EX E0 6-3f-4/80 00000011->00000012 Xeon E7 v3
SKX-SP/D/W/X H0 6-55-4/b7 02000043->0200004d Xeon Bronze 31xx, Silver 41xx, Gold 51xx/61xx Platinum 81xx, D/W-21xx; Core i9-7xxxX
BDX-DE A1 6-56-5/10 0e000009->0e00000a Xeon D-15x3N
BDX-ML B/M/R0 6-4f-1/ef 0b00002c->0b00002e Xeon E5/E7 v4; Core i7-69xx/68xx
ImportantSUSE bug 1087082SUSE bug 1087083SUSE bug 1100147CVE-2018-3639 at SUSECVE-2018-3639 at NVDCVE-2018-3640 at SUSECVE-2018-3640 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update to ucode-intel (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
ucode-intel was updated to the 20180807 release.
For the listed CPU chipsets this fixes CVE-2018-3640 (Spectre v3a)
and is also part of the mitigations for CVE-2018-3639 (Spectre v4)
and CVE-2018-3646 (L1 Terminal Fault).
(bsc#1104134 bsc#1087082 bsc#1087083 bsc#1089343)
Processor Identifier Version Products
Model Stepping F-MO-S/PI Old->New
---- new platforms ----------------------------------------
WSM-EP/WS U1 6-2c-2/03 0000001f Xeon E/L/X56xx, W36xx
NHM-EX D0 6-2e-6/04 0000000d Xeon E/L/X65xx/75xx
BXT C0 6-5c-2/01 00000014 Atom T5500/5700
APL E0 6-5c-a/03 0000000c Atom x5-E39xx
DVN B0 6-5f-1/01 00000024 Atom C3xxx
---- updated platforms ------------------------------------
NHM-EP/WS D0 6-1a-5/03 00000019->0000001d Xeon E/L/X/W55xx
NHM B1 6-1e-5/13 00000007->0000000a Core i7-8xx, i5-7xx; Xeon L3426, X24xx
WSM B1 6-25-2/12 0000000e->00000011 Core i7-6xx, i5-6xx/4xxM, i3-5xx/3xxM, Pentium G69xx, Celeon P45xx; Xeon L3406
WSM K0 6-25-5/92 00000004->00000007 Core i7-6xx, i5-6xx/5xx/4xx, i3-5xx/3xx, Pentium G69xx/P6xxx/U5xxx, Celeron P4xxx/U3xxx
SNB D2 6-2a-7/12 0000002d->0000002e Core Gen2; Xeon E3
WSM-EX A2 6-2f-2/05 00000037->0000003b Xeon E7
IVB E2 6-3a-9/12 0000001f->00000020 Core Gen3 Mobile
HSW-H/S/E3 Cx/Dx 6-3c-3/32 00000024->00000025 Core Gen4 Desktop; Xeon E3 v3
BDW-U/Y E/F 6-3d-4/c0 0000002a->0000002b Core Gen5 Mobile
HSW-ULT Cx/Dx 6-45-1/72 00000023->00000024 Core Gen4 Mobile and derived Pentium/Celeron
HSW-H Cx 6-46-1/32 00000019->0000001a Core Extreme i7-5xxxX
BDW-H/E3 E/G 6-47-1/22 0000001d->0000001e Core i5-5xxxR/C, i7-5xxxHQ/EQ; Xeon E3 v4
SKL-U/Y D0 6-4e-3/c0 000000c2->000000c6 Core Gen6 Mobile
BDX-DE V1 6-56-2/10 00000015->00000017 Xeon D-1520/40
BDX-DE V2/3 6-56-3/10 07000012->07000013 Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19
BDX-DE Y0 6-56-4/10 0f000011->0f000012 Xeon D-1557/59/67/71/77/81/87
APL D0 6-5c-9/03 0000002c->00000032 Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
SKL-H/S/E3 R0 6-5e-3/36 000000c2->000000c6 Core Gen6; Xeon E3 v5
ImportantSUSE bug 1087082SUSE bug 1087083SUSE bug 1089343SUSE bug 1104134CVE-2018-3639 at SUSECVE-2018-3639 at NVDCVE-2018-3640 at SUSECVE-2018-3640 at NVDCVE-2018-3646 at SUSECVE-2018-3646 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for minicom (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for minicom fixes the following issues:
- CVE-2017-7467: Invalid cursor coordinates and scroll regions could lead to code
execution (bsc#1033783)
ModerateSUSE bug 1033783CVE-2017-7467 at SUSECVE-2017-7467 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for mipv6dSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The following issues have been fixed:
* the mipv6 daemon did not check the origin of netlink messages,
therefore allowing local users to spoof messages (CVE-2010-2522).
* remote attackers could cause buffer overflows in mipv6d
(CVE-2010-2523).
Security Issues references:
* CVE-2010-2522
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2522>
* CVE-2010-2523
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2523>
SUSE bug 424311CVE-2010-2522 at SUSECVE-2010-2522 at NVDCVE-2010-2523 at SUSECVE-2010-2523 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for mono-core (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
mono-core was updated to fix the following vulnerabilities:
- CVE-2009-0689: Remote attackers could cause a denial of service and possibly arbitrary code execution through the string-to-double parser implementation (bsc#958097)
- CVE-2012-3543: Remote attackers could cause a denial of service through increased CPU consumption due to lack of protection against predictable hash collisions when processing form parameters (bsc#739119)
ModerateSUSE bug 739119SUSE bug 958097CVE-2009-0689 at SUSECVE-2009-0689 at NVDCVE-2012-3543 at SUSECVE-2012-3543 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-SLES-for-VMware, mozilla-nss (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss fixes the following issues:
Firefox 38.6.1 ESR (bsc#967087)
The following vulnerabilities were fixed:
- CVE-2016-1523: Fixed denial of service in Graphite 2 library (MFSA 2016-14/bmo#1246093)
Firefox 38.6.0 ESR + Mozilla NSS 3.20.2. (bsc#963520)
The following vulnerabilities were fixed:
- CVE-2016-1930: Memory safety bugs fixed in Firefox ESR 38.6 (bsc#963632)
- CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation (bsc#963635)
- CVE-2016-1938: Calculations with mp_div and mp_exptmod in Network Security Services (NSS) canproduce wrong results (bsc#963731)
- CVE-2015-7575: MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature (bsc#959888)
The following improvements were added:
- bsc#954447: Mozilla NSS now supports a number of new DHE ciphersuites
- Tracking protection is now enabled by default
ModerateSUSE bug 954447SUSE bug 959888SUSE bug 963520SUSE bug 963632SUSE bug 963635SUSE bug 963731SUSE bug 967087CVE-2015-7575 at SUSECVE-2015-7575 at NVDCVE-2016-1523 at SUSECVE-2016-1523 at NVDCVE-2016-1930 at SUSECVE-2016-1930 at NVDCVE-2016-1935 at SUSECVE-2016-1935 at NVDCVE-2016-1938 at SUSECVE-2016-1938 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefox, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla Firefox is being updated to the current Firefox 38ESR branch (specifically the 38.2.0ESR release).
Security issues fixed:
- MFSA 2015-78 / CVE-2015-4495: Same origin violation and local file stealing via PDF reader
- MFSA 2015-79 / CVE-2015-4473/CVE-2015-4474: Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)
- MFSA 2015-80 / CVE-2015-4475: Out-of-bounds read with malformed MP3 file
- MFSA 2015-82 / CVE-2015-4478: Redefinition of non-configurable JavaScript object properties
- MFSA 2015-83 / CVE-2015-4479: Overflow issues in libstagefright
- MFSA 2015-87 / CVE-2015-4484: Crash when using shared memory in JavaScript
- MFSA 2015-88 / CVE-2015-4491: Heap overflow in gdk-pixbuf when scaling bitmap images
- MFSA 2015-89 / CVE-2015-4485/CVE-2015-4486: Buffer overflows on Libvpx when decoding WebM video
- MFSA 2015-90 / CVE-2015-4487/CVE-2015-4488/CVE-2015-4489: Vulnerabilities found through code inspection
- MFSA 2015-92 / CVE-2015-4492: Use-after-free in XMLHttpRequest with shared workers
The following vulnerabilities were fixed in ESR31 and are also included here:
- CVE-2015-2724/CVE-2015-2725/CVE-2015-2726: Miscellaneous memory safety hazards (bsc#935979).
- CVE-2015-2728: Type confusion in Indexed Database Manager (bsc#935979).
- CVE-2015-2730: ECDSA signature validation fails to handle some signatures correctly (bsc#935979).
- CVE-2015-2722/CVE-2015-2733: Use-after-free in workers while using XMLHttpRequest (bsc#935979).
- CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737/CVE-2015-2738/CVE-2015-2739/CVE-2015-2740: Vulnerabilities found through code inspection (bsc#935979).
- CVE-2015-2743: Privilege escalation in PDF.js (bsc#935979).
- CVE-2015-4000: NSS accepts export-length DHE keys with regular DHE cipher suites (bsc#935033).
- CVE-2015-2721: NSS incorrectly permits skipping of ServerKeyExchange (bsc#935979).
This update also contains a lot of feature improvements and bug fixes from 31ESR to 38ESR.
Also the Mozilla NSS library switched its CKBI API from 1.98 to 2.4, which is what Firefox 38ESR uses.
Mozilla Firefox and mozilla-nss were updated to fix 17 security issues.
ImportantSUSE bug 935033SUSE bug 935979SUSE bug 940806SUSE bug 940918CVE-2015-2721 at SUSECVE-2015-2721 at NVDCVE-2015-2722 at SUSECVE-2015-2722 at NVDCVE-2015-2724 at SUSECVE-2015-2724 at NVDCVE-2015-2725 at SUSECVE-2015-2725 at NVDCVE-2015-2726 at SUSECVE-2015-2726 at NVDCVE-2015-2728 at SUSECVE-2015-2728 at NVDCVE-2015-2730 at SUSECVE-2015-2730 at NVDCVE-2015-2733 at SUSECVE-2015-2733 at NVDCVE-2015-2734 at SUSECVE-2015-2734 at NVDCVE-2015-2735 at SUSECVE-2015-2735 at NVDCVE-2015-2736 at SUSECVE-2015-2736 at NVDCVE-2015-2737 at SUSECVE-2015-2737 at NVDCVE-2015-2738 at SUSECVE-2015-2738 at NVDCVE-2015-2739 at SUSECVE-2015-2739 at NVDCVE-2015-2740 at SUSECVE-2015-2740 at NVDCVE-2015-2743 at SUSECVE-2015-2743 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDCVE-2015-4473 at SUSECVE-2015-4473 at NVDCVE-2015-4474 at SUSECVE-2015-4474 at NVDCVE-2015-4475 at SUSECVE-2015-4475 at NVDCVE-2015-4478 at SUSECVE-2015-4478 at NVDCVE-2015-4479 at SUSECVE-2015-4479 at NVDCVE-2015-4484 at SUSECVE-2015-4484 at NVDCVE-2015-4485 at SUSECVE-2015-4485 at NVDCVE-2015-4486 at SUSECVE-2015-4486 at NVDCVE-2015-4487 at SUSECVE-2015-4487 at NVDCVE-2015-4488 at SUSECVE-2015-4488 at NVDCVE-2015-4489 at SUSECVE-2015-4489 at NVDCVE-2015-4491 at SUSECVE-2015-4491 at NVDCVE-2015-4492 at SUSECVE-2015-4492 at NVDCVE-2015-4495 at SUSECVE-2015-4495 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for mozilla-nspr (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
mozilla-nspr was update to version 4.10.8 ModerateSUSE bug 935979cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for mozilla-nss fixes the following issues:
Update to version 3.68.1:
- CVE-2021-43527: Fixed a Heap overflow in NSS when verifying DER-encoded DSA or RSA-PSS signatures (bsc#1193170).
ImportantSUSE bug 1193170CVE-2021-43527 at SUSECVE-2021-43527 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Mozilla NSSSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla NSS has been updated to 3.15.2 (bnc#847708) bringing various
features and bugfixes:
The main feature is TLS 1.2 support and its dependend algorithms.
* Support for AES-GCM cipher suites that use the SHA-256 PRF
* MD2, MD4, and MD5 signatures are no longer accepted for OCSP or CRLs
* Add PK11_CipherFinal macro
* sizeof() used incorrectly
* nssutil_ReadSecmodDB() leaks memory
* Allow SSL_HandshakeNegotiatedExtension to be called before the
handshake is finished.
* Deprecate the SSL cipher policy code
* Avoid uninitialized data read in the event of a decryption failure.
(CVE-2013-1739)
Changes coming with version 3.15.1:
* TLS 1.2 (RFC 5246) is supported. HMAC-SHA256 cipher suites (RFC 5246
and RFC 5289) are supported, allowing TLS to be used without MD5 and
SHA-1.
Note the following limitations:
The hash function used in the signature for TLS 1.2 client
authentication must be the hash function of the TLS 1.2 PRF, which is
always SHA-256 in NSS 3.15.1.
AES GCM cipher suites are not yet supported.
o some bugfixes and improvements
Changes with version 3.15
* New Functionality
o Support for OCSP Stapling (RFC 6066, Certificate Status
Request) has been added for both client and server sockets. TLS
client applications may enable this via a call to
SSL_OptionSetDefault(SSL_ENABLE_OCSP_STAPLING, PR_TRUE);
o Added function SECITEM_ReallocItemV2. It replaces function
SECITEM_ReallocItem, which is now declared as obsolete.
o Support for single-operation (eg: not multi-part) symmetric key
encryption and decryption, via PK11_Encrypt and PK11_Decrypt.
o certutil has been updated to support creating name constraints
extensions.
Mozilla NSPR was updated to 4.10.1 bringing api additions and bugfixes.
Security Issue reference:
* CVE-2013-1739
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1739>
SUSE bug 847708CVE-2013-1739 at SUSECVE-2013-1739 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for mozilla-nspr, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for mozilla-nspr, mozilla-nss fixes the following issues:
mozilla-nss was updated to version 3.53.1
- CVE-2019-11745: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate
- CVE-2020-12402: Fixed a potential side channel attack during RSA key generation (bsc#1173032).
- CVE-2020-12399: Fixed a timing attack on DSA signature generation (bsc#1171978).
- CVE-2019-17006: Added length checks for cryptographic primitives (bsc#1159819).
- CVE-2019-11727: A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages.
- Fixed various FIPS issues in libfreebl3 which were causing segfaults in the test suite of chrony (bsc#1168669).
- Fixed an issue where Firefox tab was crashing (bsc#1170908).
Release notes: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.53_release_notes
mozilla-nspr was updated to version 4.25.
ImportantSUSE bug 1141322SUSE bug 1158527SUSE bug 1159819SUSE bug 1168669SUSE bug 1169746SUSE bug 1170908SUSE bug 1171978SUSE bug 1173032CVE-2019-11727 at SUSECVE-2019-11727 at NVDCVE-2019-11745 at SUSECVE-2019-11745 at NVDCVE-2019-17006 at SUSECVE-2019-17006 at NVDCVE-2020-12399 at SUSECVE-2020-12399 at NVDCVE-2020-12402 at SUSECVE-2020-12402 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for mozilla-nspr, mozilla-nss (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for mozilla-nspr fixes the following issues:
mozilla-nspr was updated to version 4.32:
* implement new socket option PR_SockOpt_DontFrag
* support larger DNS records by increasing the default buffer
size for DNS queries
* Lock access to PRCallOnceType members in PR_CallOnce* for
thread safety bmo#1686138
* PR_GetSystemInfo supports a new flag PR_SI_RELEASE_BUILD to get
information about the operating system build version.
Mozilla NSS was updated to version 3.68:
* bmo#1713562 - Fix test leak.
* bmo#1717452 - NSS 3.68 should depend on NSPR 4.32.
* bmo#1693206 - Implement PKCS8 export of ECDSA keys.
* bmo#1712883 - DTLS 1.3 draft-43.
* bmo#1655493 - Support SHA2 HW acceleration using Intel SHA Extension.
* bmo#1713562 - Validate ECH public names.
* bmo#1717610 - Add function to get seconds from epoch from pkix::Time.
update to NSS 3.67
* bmo#1683710 - Add a means to disable ALPN.
* bmo#1715720 - Fix nssckbi version number in NSS 3.67 (was supposed to be incremented in 3.66).
* bmo#1714719 - Set NSS_USE_64 on riscv64 target when using GYP/Ninja.
* bmo#1566124 - Fix counter increase in ppc-gcm-wrap.c.
* bmo#1566124 - Fix AES_GCM mode on ppc64le for messages of length more than 255-byte.
update to NSS 3.66
* bmo#1710716 - Remove Expired Sonera Class2 CA from NSS.
* bmo#1710716 - Remove Expired Root Certificates from NSS - QuoVadis Root Certification Authority.
* bmo#1708307 - Remove Trustis FPS Root CA from NSS.
* bmo#1707097 - Add Certum Trusted Root CA to NSS.
* bmo#1707097 - Add Certum EC-384 CA to NSS.
* bmo#1703942 - Add ANF Secure Server Root CA to NSS.
* bmo#1697071 - Add GLOBALTRUST 2020 root cert to NSS.
* bmo#1712184 - NSS tools manpages need to be updated to reflect that sqlite is the default database.
* bmo#1712230 - Don't build ppc-gcm.s with clang integrated assembler.
* bmo#1712211 - Strict prototype error when trying to compile nss code that includes blapi.h.
* bmo#1710773 - NSS needs FIPS 180-3 FIPS indicators.
* bmo#1709291 - Add VerifyCodeSigningCertificateChain.
update to NSS 3.65
* bmo#1709654 - Update for NetBSD configuration.
* bmo#1709750 - Disable HPKE test when fuzzing.
* bmo#1566124 - Optimize AES-GCM for ppc64le.
* bmo#1699021 - Add AES-256-GCM to HPKE.
* bmo#1698419 - ECH -10 updates.
* bmo#1692930 - Update HPKE to final version.
* bmo#1707130 - NSS should use modern algorithms in PKCS#12 files by default.
* bmo#1703936 - New coverity/cpp scanner errors.
* bmo#1697303 - NSS needs to update it's csp clearing to FIPS 180-3 standards.
* bmo#1702663 - Need to support RSA PSS with Hashing PKCS #11 Mechanisms.
* bmo#1705119 - Deadlock when using GCM and non-thread safe tokens.
update to NSS 3.64
* bmo#1705286 - Properly detect mips64.
* bmo#1687164 - Introduce NSS_DISABLE_CRYPTO_VSX and
disable_crypto_vsx.
* bmo#1698320 - replace __builtin_cpu_supports('vsx') with
ppc_crypto_support() for clang.
* bmo#1613235 - Add POWER ChaCha20 stream cipher vector
acceleration.
Fixed in 3.63
* bmo#1697380 - Make a clang-format run on top of helpful contributions.
* bmo#1683520 - ECCKiila P384, change syntax of nested structs
initialization to prevent build isses with GCC 4.8.
* bmo#1683520 - [lib/freebl/ecl] P-384: allow zero scalars in dual
scalar multiplication.
* bmo#1683520 - ECCKiila P521, change syntax of nested structs
initialization to prevent build isses with GCC 4.8.
* bmo#1683520 - [lib/freebl/ecl] P-521: allow zero scalars in dual
scalar multiplication.
* bmo#1696800 - HACL* update March 2021 - c95ab70fcb2bc21025d8845281bc4bc8987ca683.
* bmo#1694214 - tstclnt can't enable middlebox compat mode.
* bmo#1694392 - NSS does not work with PKCS #11 modules not supporting
profiles.
* bmo#1685880 - Minor fix to prevent unused variable on early return.
* bmo#1685880 - Fix for the gcc compiler version 7 to support setenv
with nss build.
* bmo#1693217 - Increase nssckbi.h version number for March 2021 batch
of root CA changes, CA list version 2.48.
* bmo#1692094 - Set email distrust after to 21-03-01 for Camerfirma's
'Chambers of Commerce' and 'Global Chambersign' roots.
* bmo#1618407 - Symantec root certs - Set CKA_NSS_EMAIL_DISTRUST_AFTER.
* bmo#1693173 - Add GlobalSign R45, E45, R46, and E46 root certs to NSS.
* bmo#1683738 - Add AC RAIZ FNMT-RCM SERVIDORES SEGUROS root cert to NSS.
* bmo#1686854 - Remove GeoTrust PCA-G2 and VeriSign Universal root certs
from NSS.
* bmo#1687822 - Turn off Websites trust bit for the “Staat der
Nederlanden Root CA - G3” root cert in NSS.
* bmo#1692094 - Turn off Websites Trust Bit for 'Chambers of Commerce
Root - 2008' and 'Global Chambersign Root - 2008’.
* bmo#1694291 - Tracing fixes for ECH.
update to NSS 3.62
* bmo#1688374 - Fix parallel build NSS-3.61 with make
* bmo#1682044 - pkix_Build_GatherCerts() + pkix_CacheCert_Add()
can corrupt 'cachedCertTable'
* bmo#1690583 - Fix CH padding extension size calculation
* bmo#1690421 - Adjust 3.62 ABI report formatting for new libabigail
* bmo#1690421 - Install packaged libabigail in docker-builds image
* bmo#1689228 - Minor ECH -09 fixes for interop testing, fuzzing
* bmo#1674819 - Fixup a51fae403328, enum type may be signed
* bmo#1681585 - Add ECH support to selfserv
* bmo#1681585 - Update ECH to Draft-09
* bmo#1678398 - Add Export/Import functions for HPKE context
* bmo#1678398 - Update HPKE to draft-07
update to NSS 3.61
* bmo#1682071 - Fix issue with IKE Quick mode deriving incorrect key
values under certain conditions.
* bmo#1684300 - Fix default PBE iteration count when NSS is compiled
with NSS_DISABLE_DBM.
* bmo#1651411 - Improve constant-timeness in RSA operations.
* bmo#1677207 - Upgrade Google Test version to latest release.
* bmo#1654332 - Add aarch64-make target to nss-try.
Update to NSS 3.60.1:
Notable changes in NSS 3.60:
* TLS 1.3 Encrypted Client Hello (draft-ietf-tls-esni-08) support
has been added, replacing the previous ESNI (draft-ietf-tls-esni-01)
implementation. See bmo#1654332 for more information.
* December 2020 batch of Root CA changes, builtins library updated
to version 2.46. See bmo#1678189, bmo#1678166, and bmo#1670769
for more information.
Update to NSS 3.59.1:
* bmo#1679290 - Fix potential deadlock with certain third-party
PKCS11 modules
Update to NSS 3.59:
Notable changes:
* Exported two existing functions from libnss:
CERT_AddCertToListHeadWithData and CERT_AddCertToListTailWithData
Bugfixes
* bmo#1607449 - Lock cert->nssCertificate to prevent a potential data race
* bmo#1672823 - Add Wycheproof test cases for HMAC, HKDF, and DSA
* bmo#1663661 - Guard against NULL token in nssSlot_IsTokenPresent
* bmo#1670835 - Support enabling and disabling signatures via Crypto Policy
* bmo#1672291 - Resolve libpkix OCSP failures on SHA1 self-signed
root certs when SHA1 signatures are disabled.
* bmo#1644209 - Fix broken SelectedCipherSuiteReplacer filter to
solve some test intermittents
* bmo#1672703 - Tolerate the first CCS in TLS 1.3 to fix a regression in
our CVE-2020-25648 fix that broke purple-discord
(boo#1179382)
* bmo#1666891 - Support key wrap/unwrap with RSA-OAEP
* bmo#1667989 - Fix gyp linking on Solaris
* bmo#1668123 - Export CERT_AddCertToListHeadWithData and
CERT_AddCertToListTailWithData from libnss
* bmo#1634584 - Set CKA_NSS_SERVER_DISTRUST_AFTER for Trustis FPS Root CA
* bmo#1663091 - Remove unnecessary assertions in the streaming
ASN.1 decoder that affected decoding certain PKCS8
private keys when using NSS debug builds
* bmo#670839 - Use ARM crypto extension for AES, SHA1 and SHA2 on MacOS.
update to NSS 3.58
Bugs fixed:
* bmo#1641480 (CVE-2020-25648)
Tighten CCS handling for middlebox compatibility mode.
* bmo#1631890 - Add support for Hybrid Public Key Encryption
(draft-irtf-cfrg-hpke) support for TLS Encrypted Client Hello
(draft-ietf-tls-esni).
* bmo#1657255 - Add CI tests that disable SHA1/SHA2 ARM crypto
extensions.
* bmo#1668328 - Handle spaces in the Python path name when using
gyp on Windows.
* bmo#1667153 - Add PK11_ImportDataKey for data object import.
* bmo#1665715 - Pass the embedded SCT list extension (if present)
to TrustDomain::CheckRevocation instead of the notBefore value.
update to NSS 3.57
* The following CA certificates were Added:
bmo#1663049 - CN=Trustwave Global Certification Authority
SHA-256 Fingerprint: 97552015F5DDFC3C8788C006944555408894450084F100867086BC1A2BB58DC8
bmo#1663049 - CN=Trustwave Global ECC P256 Certification Authority
SHA-256 Fingerprint: 945BBC825EA554F489D1FD51A73DDF2EA624AC7019A05205225C22A78CCFA8B4
bmo#1663049 - CN=Trustwave Global ECC P384 Certification Authority
SHA-256 Fingerprint: 55903859C8C0C3EBB8759ECE4E2557225FF5758BBD38EBD48276601E1BD58097
* The following CA certificates were Removed:
bmo#1651211 - CN=EE Certification Centre Root CA
SHA-256 Fingerprint: 3E84BA4342908516E77573C0992F0979CA084E4685681FF195CCBA8A229B8A76
bmo#1656077 - O=Government Root Certification Authority; C=TW
SHA-256 Fingerprint: 7600295EEFE85B9E1FD624DB76062AAAAE59818A54D2774CD4C0B2C01131E1B3
* Trust settings for the following CA certificates were Modified:
bmo#1653092 - CN=OISTE WISeKey Global Root GA CA
Websites (server authentication) trust bit removed.
* https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.57_release_notes
update to NSS 3.56
Notable changes
* bmo#1650702 - Support SHA-1 HW acceleration on ARMv8
* bmo#1656981 - Use MPI comba and mulq optimizations on x86-64 MacOS.
* bmo#1654142 - Add CPU feature detection for Intel SHA extension.
* bmo#1648822 - Add stricter validation of DH keys in FIPS mode.
* bmo#1656986 - Properly detect arm64 during GYP build architecture
detection.
* bmo#1652729 - Add build flag to disable RC2 and relocate to
lib/freebl/deprecated.
* bmo#1656429 - Correct RTT estimate used in 0-RTT anti-replay.
* bmo#1588941 - Send empty certificate message when scheme selection
fails.
* bmo#1652032 - Fix failure to build in Windows arm64 makefile
cross-compilation.
* bmo#1625791 - Fix deadlock issue in nssSlot_IsTokenPresent.
* bmo#1653975 - Fix 3.53 regression by setting 'all' as the default
makefile target.
* bmo#1659792 - Fix broken libpkix tests with unexpired PayPal cert.
* bmo#1659814 - Fix interop.sh failures with newer tls-interop
commit and dependencies.
* bmo#1656519 - NSPR dependency updated to 4.28
update to NSS 3.55
Notable changes
* P384 and P521 elliptic curve implementations are replaced with
verifiable implementations from Fiat-Crypto [0] and ECCKiila [1].
* PK11_FindCertInSlot is added. With this function, a given slot
can be queried with a DER-Encoded certificate, providing performance
and usability improvements over other mechanisms. (bmo#1649633)
* DTLS 1.3 implementation is updated to draft-38. (bmo#1647752)
Relevant Bugfixes
* bmo#1631583 (CVE-2020-6829, CVE-2020-12400) - Replace P384 and
P521 with new, verifiable implementations from Fiat-Crypto and ECCKiila.
* bmo#1649487 - Move overzealous assertion in VFY_EndWithSignature.
* bmo#1631573 (CVE-2020-12401) - Remove unnecessary scalar padding.
* bmo#1636771 (CVE-2020-12403) - Explicitly disable multi-part
ChaCha20 (which was not functioning correctly) and more strictly
enforce tag length.
* bmo#1649648 - Don't memcpy zero bytes (sanitizer fix).
* bmo#1649316 - Don't memcpy zero bytes (sanitizer fix).
* bmo#1649322 - Don't memcpy zero bytes (sanitizer fix).
* bmo#1653202 - Fix initialization bug in blapitest when compiled
with NSS_DISABLE_DEPRECATED_SEED.
* bmo#1646594 - Fix AVX2 detection in makefile builds.
* bmo#1649633 - Add PK11_FindCertInSlot to search a given slot
for a DER-encoded certificate.
* bmo#1651520 - Fix slotLock race in NSC_GetTokenInfo.
* bmo#1647752 - Update DTLS 1.3 implementation to draft-38.
* bmo#1649190 - Run cipher, sdr, and ocsp tests under standard test cycle in CI.
* bmo#1649226 - Add Wycheproof ECDSA tests.
* bmo#1637222 - Consistently enforce IV requirements for DES and 3DES.
* bmo#1067214 - Enforce minimum PKCS#1 v1.5 padding length in
RSA_CheckSignRecover.
* bmo#1646324 - Advertise PKCS#1 schemes for certificates in the
signature_algorithms extension.
update to NSS 3.54
Notable changes
* Support for TLS 1.3 external pre-shared keys (bmo#1603042).
* Use ARM Cryptography Extension for SHA256, when available
(bmo#1528113)
* The following CA certificates were Added:
bmo#1645186 - certSIGN Root CA G2.
bmo#1645174 - e-Szigno Root CA 2017.
bmo#1641716 - Microsoft ECC Root Certificate Authority 2017.
bmo#1641716 - Microsoft RSA Root Certificate Authority 2017.
* The following CA certificates were Removed:
bmo#1645199 - AddTrust Class 1 CA Root.
bmo#1645199 - AddTrust External CA Root.
bmo#1641718 - LuxTrust Global Root 2.
bmo#1639987 - Staat der Nederlanden Root CA - G2.
bmo#1618402 - Symantec Class 2 Public Primary Certification Authority - G4.
bmo#1618402 - Symantec Class 1 Public Primary Certification Authority - G4.
bmo#1618402 - VeriSign Class 3 Public Primary Certification Authority - G3.
* A number of certificates had their Email trust bit disabled.
See bmo#1618402 for a complete list.
Bugs fixed
* bmo#1528113 - Use ARM Cryptography Extension for SHA256.
* bmo#1603042 - Add TLS 1.3 external PSK support.
* bmo#1642802 - Add uint128 support for HACL* curve25519 on Windows.
* bmo#1645186 - Add 'certSIGN Root CA G2' root certificate.
* bmo#1645174 - Add Microsec's 'e-Szigno Root CA 2017' root certificate.
* bmo#1641716 - Add Microsoft's non-EV root certificates.
* bmo1621151 - Disable email trust bit for 'O=Government
Root Certification Authority; C=TW' root.
* bmo#1645199 - Remove AddTrust root certificates.
* bmo#1641718 - Remove 'LuxTrust Global Root 2' root certificate.
* bmo#1639987 - Remove 'Staat der Nederlanden Root CA - G2' root
certificate.
* bmo#1618402 - Remove Symantec root certificates and disable email trust
bit.
* bmo#1640516 - NSS 3.54 should depend on NSPR 4.26.
* bmo#1642146 - Fix undefined reference to `PORT_ZAlloc_stub' in seed.c.
* bmo#1642153 - Fix infinite recursion building NSS.
* bmo#1642638 - Fix fuzzing assertion crash.
* bmo#1642871 - Enable SSL_SendSessionTicket after resumption.
* bmo#1643123 - Support SSL_ExportEarlyKeyingMaterial with External PSKs.
* bmo#1643557 - Fix numerous compile warnings in NSS.
* bmo#1644774 - SSL gtests to use ClearServerCache when resetting
self-encrypt keys.
* bmo#1645479 - Don't use SECITEM_MakeItem in secutil.c.
* bmo#1646520 - Stricter enforcement of ASN.1 INTEGER encoding.
ModerateSUSE bug 1029961SUSE bug 1174697SUSE bug 1176206SUSE bug 1176934SUSE bug 1179382SUSE bug 1188891CVE-2020-12400 at SUSECVE-2020-12400 at NVDCVE-2020-12401 at SUSECVE-2020-12401 at NVDCVE-2020-12403 at SUSECVE-2020-12403 at NVDCVE-2020-25648 at SUSECVE-2020-25648 at NVDCVE-2020-6829 at SUSECVE-2020-6829 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Mozilla-XULrunnerSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla XULRunner 1.9.1 was updated to the 1.9.1.19 security release.
*
MFSA 2011-12: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code. Credits
*
Mozilla developer Scoobidiver reported a memory safety issue which
affected Firefox 4 and Firefox 3.6 (CVE-2011-0081)
The web development team of Alcidion reported a crash that affected
Firefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0069)
Ian Beer reported a crash that affected Firefox 4, Firefox 3.6 and
Firefox 3.5. (CVE-2011-0070)
Mozilla developers Bob Clary, Henri Sivonen, Marco Bonardo, Mats
Palmgren and Jesse Ruderman reported memory safety issues which
affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0080)
Aki Helin reported memory safety issues which affected Firefox 3.6
and Firefox 3.5. (CVE-2011-0074 , CVE-2011-0075)
Ian Beer reported memory safety issues which affected Firefox 3.6 and
Firefox 3.5. (CVE-2011-0077 , CVE-2011-0078)
Martin Barbella reported a memory safety issue which affected Firefox
3.6 and Firefox 3.5. (CVE-2011-0072)
*
MFSA 2011-13 / CVE-2011-0065 / CVE-2011-0066 / CVE-2011-0073:
Security researcher regenrecht reported several dangling pointer
vulnerabilities via TippingPoint's Zero Day Initiative.
*
MFSA 2011-14 / CVE-2011-0067: Security researcher Paul Stone reported
that a Java applet could be used to mimic interaction with form
autocomplete controls and steal entries from the form history.
*
MFSA 2011-18 / CVE-2011-1202: Chris Evans of the Chrome Security Team
reported that the XSLT generate-id() function returned a string that
revealed a specific valid address of an object on the memory heap. It
is possible that in some cases this address would be valuable
information that could be used by an attacker while exploiting a
different memory corruption but, in order to make an exploit more
reliable or work around mitigation features in the browser or
operating system.
SUSE bug 645315SUSE bug 653606SUSE bug 657016SUSE bug 667155SUSE bug 680771SUSE bug 689281CVE-2010-0179 at SUSECVE-2010-0179 at NVDCVE-2010-1585 at SUSECVE-2010-1585 at NVDCVE-2010-3170 at SUSECVE-2010-3170 at NVDCVE-2010-3174 at SUSECVE-2010-3174 at NVDCVE-2010-3175 at SUSECVE-2010-3175 at NVDCVE-2010-3176 at SUSECVE-2010-3176 at NVDCVE-2010-3177 at SUSECVE-2010-3177 at NVDCVE-2010-3178 at SUSECVE-2010-3178 at NVDCVE-2010-3179 at SUSECVE-2010-3179 at NVDCVE-2010-3180 at SUSECVE-2010-3180 at NVDCVE-2010-3182 at SUSECVE-2010-3182 at NVDCVE-2010-3183 at SUSECVE-2010-3183 at NVDCVE-2010-3765 at SUSECVE-2010-3765 at NVDCVE-2010-3766 at SUSECVE-2010-3766 at NVDCVE-2010-3767 at SUSECVE-2010-3767 at NVDCVE-2010-3768 at SUSECVE-2010-3768 at NVDCVE-2010-3769 at SUSECVE-2010-3769 at NVDCVE-2010-3770 at SUSECVE-2010-3770 at NVDCVE-2010-3771 at SUSECVE-2010-3771 at NVDCVE-2010-3772 at SUSECVE-2010-3772 at NVDCVE-2010-3773 at SUSECVE-2010-3773 at NVDCVE-2010-3774 at SUSECVE-2010-3774 at NVDCVE-2010-3775 at SUSECVE-2010-3775 at NVDCVE-2010-3776 at SUSECVE-2010-3776 at NVDCVE-2010-3777 at SUSECVE-2010-3777 at NVDCVE-2010-3778 at SUSECVE-2010-3778 at NVDCVE-2011-0051 at SUSECVE-2011-0051 at NVDCVE-2011-0053 at SUSECVE-2011-0053 at NVDCVE-2011-0054 at SUSECVE-2011-0054 at NVDCVE-2011-0055 at SUSECVE-2011-0055 at NVDCVE-2011-0056 at SUSECVE-2011-0056 at NVDCVE-2011-0057 at SUSECVE-2011-0057 at NVDCVE-2011-0058 at SUSECVE-2011-0058 at NVDCVE-2011-0059 at SUSECVE-2011-0059 at NVDCVE-2011-0061 at SUSECVE-2011-0061 at NVDCVE-2011-0062 at SUSECVE-2011-0062 at NVDCVE-2011-0065 at SUSECVE-2011-0065 at NVDCVE-2011-0066 at SUSECVE-2011-0066 at NVDCVE-2011-0067 at SUSECVE-2011-0067 at NVDCVE-2011-0069 at SUSECVE-2011-0069 at NVDCVE-2011-0070 at SUSECVE-2011-0070 at NVDCVE-2011-0072 at SUSECVE-2011-0072 at NVDCVE-2011-0073 at SUSECVE-2011-0073 at NVDCVE-2011-0074 at SUSECVE-2011-0074 at NVDCVE-2011-0075 at SUSECVE-2011-0075 at NVDCVE-2011-0077 at SUSECVE-2011-0077 at NVDCVE-2011-0078 at SUSECVE-2011-0078 at NVDCVE-2011-0080 at SUSECVE-2011-0080 at NVDCVE-2011-0081 at SUSECVE-2011-0081 at NVDCVE-2011-1202 at SUSECVE-2011-1202 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Mozilla XULrunnerSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla XULRunner was updated to 1.9.2.27 to fix a security issue with the
embedded libpng, where a integer overflow could allow remote attackers to
crash the browser or potentially execute code (CVE-2011-3026),
Security Issue reference:
* CVE-2011-3026
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026>
SUSE bug 737533SUSE bug 744275SUSE bug 747328CVE-2011-3026 at SUSECVE-2011-3026 at NVDCVE-2011-3659 at SUSECVE-2011-3659 at NVDCVE-2011-3670 at SUSECVE-2011-3670 at NVDCVE-2012-0442 at SUSECVE-2012-0442 at NVDCVE-2012-0444 at SUSECVE-2012-0444 at NVDCVE-2012-0449 at SUSECVE-2012-0449 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for muttSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The mailreader mutt was updated to fix a security issue in displaying mail
headers, where a crafted e-mail could cause a heap overflow, which in turn
might be used by attackers to crash mutt or potentially even execute code.
Security Issues references:
* CVE-2014-0467
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467>
SUSE bug 868115SUSE bug 905481SUSE bug 907453CVE-2014-0467 at SUSECVE-2014-0467 at NVDCVE-2014-9116 at SUSECVE-2014-9116 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for mutt (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for mutt fixes the following issues:
Security issues fixed:
- CVE-2018-14352: Fix imap_quote_string in imap/util.c that does not leave room for quote characters (bsc#1101582).
- CVE-2018-14353: Fix imap_quote_string in imap/util.c that has an integer underflow (bsc#1101581).
- CVE-2018-14362: Fix pop.c that does not forbid characters that may have unsafe interaction with message-cache pathnames (bsc#1101567).
- CVE-2018-14354: Fix arbitrary command execution from remote IMAP servers via backquote characters (bsc#1101578).
- CVE-2018-14356: Fix pop.c that mishandles a zero-length UID (bsc#1101576).
- CVE-2018-14355: Fix imap/util.c that mishandles '..' directory traversal in a mailbox name (bsc#1101577).
- CVE-2018-14349: Fix imap/command.c that mishandles a NO response without a message (bsc#1101589).
- CVE-2018-14350: Fix imap/message.c that has a stack-based buffer overflow for a FETCH response with along INTERNALDATE field (bsc#1101588).
- CVE-2018-14357: Fix that remote IMAP servers are allowed to execute arbitrary commands via backquote characters (bsc#1101573).
- CVE-2018-14359: Fix buffer overflow via base64 data (bsc#1101570).
- CVE-2018-14358: Fix imap/message.c that has a stack-based buffer overflow for a FETCH response with along RFC822.SIZE field (bsc#1101571).
Bug fixes:
- bsc#936807: On entering a 70 character subject line in mutt, a tab is added to the text after 67 characters.
ImportantSUSE bug 1101567SUSE bug 1101570SUSE bug 1101571SUSE bug 1101573SUSE bug 1101576SUSE bug 1101577SUSE bug 1101578SUSE bug 1101581SUSE bug 1101582SUSE bug 1101588SUSE bug 1101589SUSE bug 936807CVE-2018-14349 at SUSECVE-2018-14349 at NVDCVE-2018-14350 at SUSECVE-2018-14350 at NVDCVE-2018-14352 at SUSECVE-2018-14352 at NVDCVE-2018-14353 at SUSECVE-2018-14353 at NVDCVE-2018-14354 at SUSECVE-2018-14354 at NVDCVE-2018-14355 at SUSECVE-2018-14355 at NVDCVE-2018-14356 at SUSECVE-2018-14356 at NVDCVE-2018-14357 at SUSECVE-2018-14357 at NVDCVE-2018-14358 at SUSECVE-2018-14358 at NVDCVE-2018-14359 at SUSECVE-2018-14359 at NVDCVE-2018-14362 at SUSECVE-2018-14362 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for mutt (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for mutt fixes the following issues:
- CVE-2020-14954: Fixed a response injection due to a STARTTLS buffering issue which was
affecting IMAP, SMTP, and POP3 (bsc#1173197).
- CVE-2020-14093: Fixed a potential IMAP Man-in-the-Middle attack via a PREAUTH response (bsc#1172906, bsc#1172935).
- CVE-2020-14154: Fixed an issue where Mutt was ignoring an expired certificate and was proceeding with a connection (bsc#1172906, bsc#1172935).
ImportantSUSE bug 1172906SUSE bug 1172935SUSE bug 1173197CVE-2020-14093 at SUSECVE-2020-14093 at NVDCVE-2020-14154 at SUSECVE-2020-14154 at NVDCVE-2020-14954 at SUSECVE-2020-14954 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for mutt (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for mutt fixes the following issues:
- CVE-2020-28896: incomplete connection termination could lead to sending credentials over unencrypted connections (bsc#1179035)
- Avoid that message with a million tiny parts can freeze MUA for several minutes (bsc#1179113)
ImportantSUSE bug 1179035SUSE bug 1179113CVE-2020-28896 at SUSECVE-2020-28896 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for mutt (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for mutt fixes the following issue:
- CVE-2021-3181: Fixed a memory leak in recipient parsing (bsc#1181221).
ModerateSUSE bug 1181221CVE-2021-3181 at SUSECVE-2021-3181 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for mutt (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for mutt fixes the following issues:
- CVE-2022-1328: Fixed an invalid memory access when reading untrusted uuencoded
data. This could result in including private memory in replies (bsc#1198518).
ModerateSUSE bug 1198518CVE-2022-1328 at SUSECVE-2022-1328 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for mysql (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for mysql fixes the following issues:
- bsc#959724: fix incorrect usage of sprintf/strcpy that caused possible buffer overflow issues at various places
On SUSE Linux Enterprise 11 SP4 this fix was not yet shipped:
- Increase the key length (to 2048 bits) used in vio/viosslfactories.c for creating
Diffie-Hellman keys (Logjam Attack) [bnc#934789] [CVE-2015-4000]
ModerateSUSE bug 934789SUSE bug 959724CVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for nagiosSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The monitoring service Nagios has been updated to fix potential buffer
overflows in its CGI scripts. (CVE-2014-1878)
Security Issue reference:
* CVE-2014-1878
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1878>
SUSE bug 682966SUSE bug 722074SUSE bug 797237SUSE bug 856837SUSE bug 864843CVE-2011-1523 at SUSECVE-2011-1523 at NVDCVE-2012-6096 at SUSECVE-2012-6096 at NVDCVE-2013-7108 at SUSECVE-2013-7108 at NVDCVE-2014-1878 at SUSECVE-2014-1878 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for nagios (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for nagios fixes the following issues:
- CVE-2016-8641 / CVE-2016-10089: fixed possible symlink attacks for files/directories created by root (bsc#1011630 / bsc#1018047)
ModerateSUSE bug 1011630SUSE bug 1018047CVE-2016-10089 at SUSECVE-2016-10089 at NVDCVE-2016-8641 at SUSECVE-2016-8641 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for nagios-nrpeSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
nagios-nrpe has been updated to prevent possible remote command execution
when command arguments are enabled. This issue affects versions 2.15 and
older.
Further information is available at
http://seclists.org/fulldisclosure/2014/Apr/240
<http://seclists.org/fulldisclosure/2014/Apr/240>
These security issues have been fixed:
* Remote command execution (CVE-2014-2913)
Security Issue references:
* CVE-2014-2913
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2913>
SUSE bug 701079SUSE bug 807241SUSE bug 874743CVE-2013-1362 at SUSECVE-2013-1362 at NVDCVE-2014-2913 at SUSECVE-2014-2913 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for nagios-nrpe (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for nagios-nrpe fixes one issue.
This security issue was fixed:
- CVE-2015-4000: Prevent Logjam. The TLS protocol 1.2 and earlier, when a
DHE_EXPORT ciphersuite is enabled on a server but not on a client, did not
properly convey a DHE_EXPORT choice, which allowed man-in-the-middle attackers
to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE
replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT
replaced by DHE (bsc#938906).
ModerateSUSE bug 938906CVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for nautilus (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for nautilus fixes the following security issue:
- CVE-2017-14604: Fixed a file type spoofing attack by adding a
metadata::trusted attribute to a file once the user acknowledges the file as
trusted, and also remove the 'trusted' content in the desktop file
(bsc#1060031).
LowSUSE bug 1060031CVE-2017-14604 at SUSECVE-2017-14604 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for ncurses (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ncurses fixes the following issues:
Security issues fixed:
- CVE-2017-10684: Possible RCE via stack-based buffer overflow in the fmt_entry function. (bsc#1046858)
- CVE-2017-10685: Possible RCE with format string vulnerability in the fmt_entry function. (bsc#1046853)
ImportantSUSE bug 1046853SUSE bug 1046858CVE-2017-10684 at SUSECVE-2017-10684 at NVDCVE-2017-10685 at SUSECVE-2017-10685 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ncurses (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ncurses fixes the following issues:
Security issues fixed:
- CVE-2017-11112: Illegal address access in append_acs. (bsc#1047964)
- CVE-2017-11113: Dereferencing NULL pointer in _nc_parse_entry. (bsc#1047965)
- CVE-2017-10684, CVE-2017-10685: Add modified upstream fix from ncurses 6.0 to avoid broken
termcap format (bsc#1046853, bsc#1046858, bsc#1049344)
ModerateSUSE bug 1046853SUSE bug 1046858SUSE bug 1047964SUSE bug 1047965SUSE bug 1049344CVE-2017-10684 at SUSECVE-2017-10684 at NVDCVE-2017-10685 at SUSECVE-2017-10685 at NVDCVE-2017-11112 at SUSECVE-2017-11112 at NVDCVE-2017-11113 at SUSECVE-2017-11113 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ncurses (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ncurses fixes the following issues:
Security issues fixed:
- CVE-2017-13728: Fix infinite loop in the next_char function in comp_scan.c (bsc#1056136).
- CVE-2017-13729: Fix illegal address access in the _nc_save_str (bsc#1056132).
- CVE-2017-13730: Fix illegal address access in the function _nc_read_entry_source() (bsc#1056131).
- CVE-2017-13731: Fix illegal address access in the function postprocess_termcap() (bsc#1056129).
- CVE-2017-13732: Fix illegal address access in the function dump_uses() (bsc#1056128).
- CVE-2017-13733: Fix illegal address access in the fmt_entry function (bsc#1056127).
- CVE-2017-16879: Fix stack-based buffer overflow in the _nc_write_entry() function (bsc#1069530).
ImportantSUSE bug 1056127SUSE bug 1056128SUSE bug 1056129SUSE bug 1056131SUSE bug 1056132SUSE bug 1056136SUSE bug 1069530CVE-2017-13728 at SUSECVE-2017-13728 at NVDCVE-2017-13729 at SUSECVE-2017-13729 at NVDCVE-2017-13730 at SUSECVE-2017-13730 at NVDCVE-2017-13731 at SUSECVE-2017-13731 at NVDCVE-2017-13732 at SUSECVE-2017-13732 at NVDCVE-2017-13733 at SUSECVE-2017-13733 at NVDCVE-2017-16879 at SUSECVE-2017-16879 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ncurses (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ncurses fixes the following issues:
Security issue fixed:
- CVE-2017-13733: Fix illegal address access in the fmt_entry function (bsc#1056127).
ModerateSUSE bug 1056127CVE-2017-13733 at SUSECVE-2017-13733 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ncurses (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ncurses fixes the following issues:
Security issues fixed:
- CVE-2017-13728: Fixed an infinite loop in the next_char function (bsc#1056136).
- CVE-2017-13729: Fixed an illegal address access in the _nc_save_str (bsc#1056132).
- CVE-2017-13730: Fixed an illegal address access in the function _nc_read_entry_source (bsc#1056131).
- CVE-2017-13731: Fixed an illegal address access in the function postprocess_termcap (bsc#1056129).
- CVE-2017-13732: Fixed an illegal address access in the function dump_uses (bsc#1056128).
- CVE-2017-13733: Fixed an illegal address access in the fmt_entry function (bsc#1056127).
- CVE-2017-13734: Fixed an illegal address access in the _nc_safe_strcat (bsc#1056126).
- CVE-2018-10754: Fixed a denial of service caused by a NULL Pointer Dereference in the _nc_parse_entry() (bsc#1131830).
- CVE-2019-17595: Fixed a heap-based buffer over-read in the fmt_entry function (bsc#1154037)
ModerateSUSE bug 1056126SUSE bug 1056127SUSE bug 1056128SUSE bug 1056129SUSE bug 1056131SUSE bug 1056132SUSE bug 1056136SUSE bug 1131830SUSE bug 1154037CVE-2017-13728 at SUSECVE-2017-13728 at NVDCVE-2017-13729 at SUSECVE-2017-13729 at NVDCVE-2017-13730 at SUSECVE-2017-13730 at NVDCVE-2017-13731 at SUSECVE-2017-13731 at NVDCVE-2017-13732 at SUSECVE-2017-13732 at NVDCVE-2017-13733 at SUSECVE-2017-13733 at NVDCVE-2017-13734 at SUSECVE-2017-13734 at NVDCVE-2018-10754 at SUSECVE-2018-10754 at NVDCVE-2019-17595 at SUSECVE-2019-17595 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ncurses (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ncurses fixes the following issues:
Security issue fixed:
- CVE-2018-19211: Fixed NULL pointer dereference at function _nc_parse_entry in parse_entry.c (bsc#1115929).
Bug fixes:
- Modify bsc#1115929 patch to fix change in form_driver() that breaks ncurses-5.9 and the variable move_after_insert of ncurses-6.1 (bsc#1121450).
ImportantSUSE bug 1115929SUSE bug 1121450CVE-2018-19211 at SUSECVE-2018-19211 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ncurses (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ncurses fixes the following issues:
- CVE-2021-39537: Fixed an heap-based buffer overflow in _nc_captoinfo. (bsc#1190793)
ModerateSUSE bug 1190793CVE-2021-39537 at SUSECVE-2021-39537 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for net-snmp (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
net-snmp was updated to fix one security vulnerability and several bugs.
- fix a vulnerability within the snmp_pdu_parse() function of snmp_api.c. (bnc#940188, CVE-2015-5621)
- Add build requirement 'procps' to fix a net-snmp-config error. (bsc#935863)
- add support for /dev/shm in snmp hostmib (bnc#853382, FATE#316893).
- stop snmptrapd on package removal.
ModerateSUSE bug 853382SUSE bug 935863SUSE bug 940188CVE-2015-5621 at SUSECVE-2015-5621 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for netpbm (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for netpbm fixes the following security issues:
- CVE-2017-2581: An out-of-bounds write in writeRasterPbm() could lead to memory corruption and potential code execution. (bsc#1024287)
ModerateSUSE bug 1024287CVE-2017-2581 at SUSECVE-2017-2581 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for netpbm (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for netpbm fixes the following issues:
Security issues fixed:
- CVE-2017-2579: Fixed out-of-bounds read in expandCodeOntoStack() (bsc#1024288).
- CVE-2017-2580: Fixed out-of-bounds write of heap data in addPixelToRaster() function (bsc#1024291).
- created a netpbm-vulnerable subpackage and move pstopnm there, as it uses ghostscript for conversion (bsc#1136936)
ModerateSUSE bug 1024288SUSE bug 1024291SUSE bug 1136936CVE-2017-2579 at SUSECVE-2017-2579 at NVDCVE-2017-2580 at SUSECVE-2017-2580 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for nfs-clientSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes a DNS spoofing problem with NFS rpc-gssd.
(CVE-2013-1923)(bnc#813464)
It also adds MOUNTD_OPTIONS and GSSD_OPTIONS to /etc/sysconfig/nfs.
(bnc#818094, bnc#816897)
Security Issue reference:
* CVE-2013-1923
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1923>
SUSE bug 648923SUSE bug 663952SUSE bug 666128SUSE bug 670449SUSE bug 680978SUSE bug 687026SUSE bug 689622SUSE bug 689799SUSE bug 701702SUSE bug 733761SUSE bug 743292SUSE bug 752537SUSE bug 756479SUSE bug 813464SUSE bug 816897SUSE bug 818094CVE-2011-1749 at SUSECVE-2011-1749 at NVDCVE-2011-2500 at SUSECVE-2011-2500 at NVDCVE-2013-1923 at SUSECVE-2013-1923 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for nmap (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for nmap fixes the following issues:
Security issue fixed:
- CVE-2018-15173: Fixed a remote denial of service attack via a crafted TCP-based service (bsc#1104139).
ImportantSUSE bug 1104139SUSE bug 1135350CVE-2018-15173 at SUSECVE-2018-15173 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for mozilla-nspr, mozilla-nssSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla NSPR and NSS were updated to fix various security bugs that could
be used to crash the browser or potentially execute code.
Mozilla NSPR 4.10.2 has the following bug fixes:
* Bug 770534: Possible pointer overflow in PL_ArenaAllocate(). Fixed by
Pascal Cuoq and Kamil Dudka.
* Bug 888546: ptio.c:PR_ImportUDPSocket doesn't work. Fixed by Miloslav
Trmac.
* Bug 915522: VS2013 support for NSPR. Fixed by Makoto Kato.
* Bug 927687: Avoid unsigned integer wrapping in PL_ArenaAllocate.
(CVE-2013-5607)
Mozilla NSS 3.15.3 is a patch release for NSS 3.15 and includes the
following bug fixes:
* Bug 925100: Ensure a size is <= half of the maximum PRUint32 value.
(CVE-2013-1741)
* Bug 934016: Handle invalid handshake packets. (CVE-2013-5605)
* Bug 910438: Return the correct result in CERT_VerifyCert on failure,
if a verifyLog isn't used. (CVE-2013-5606)
Security Issue references:
* CVE-2013-1741
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1741>
* CVE-2013-5605
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5605>
* CVE-2013-5606
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5606>
* CVE-2013-5607
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5607>
SUSE bug 850148CVE-2013-1741 at SUSECVE-2013-1741 at NVDCVE-2013-5605 at SUSECVE-2013-5605 at NVDCVE-2013-5606 at SUSECVE-2013-5606 at NVDCVE-2013-5607 at SUSECVE-2013-5607 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for mozilla-nssSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Mozilla NSS was updated to the 3.15.3.1 security release.
The update blacklists an intermediate CA that was used to create
man-in-the-middle certificates.
SUSE bug 854367cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libfreebl3SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update updates Mozilla NSS to 3.12.11.
The update marks the compromised DigiNotar Certificate Authority as
untrusted
For more information read:
MFSA 2011-34
<http://www.mozilla.org/security/announce/2011/mfsa2011-34.html>
* update to 3.12.10
o root CA changes
o filter certain bogus certs (bmo#642815)
o fix minor memory leaks
o other bugfixes
* update to 3.12.9
o fix minor memory leaks (bmo#619268)
o fix crash in nss_cms_decoder_work_data (bmo#607058)
o fix crash in certutil (bmo#620908)
o handle invalid argument in JPAKE (bmo#609068)
o J-PAKE support (API requirement for Firefox >= 4.0b8)
* replaced expired PayPal test certificate (fixing testsuite)
* removed DigiNotar root certifiate from trusted db (bmo#682927)
This update also brings the prerequired Mozilla NSPR to version 4.8.9.
* update to 4.8.9
* update to 4.8.8
o support IPv6 on Android (bmo#626866)
o use AI_ADDRCONFIG for loopback hostnames (bmo#614526)
o support SDP sockets (bmo#518078)
o support m32r architecture (bmo#635667)
o use atomic functions on ARM (bmo#626309)
o some other fixes not affecting the Linux platform
SUSE bug 714931cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ntpSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
The NTP time service could have been used for remote denial of service
amplification attacks.
This issue can be fixed by the administrator as we described in our
security advisory SUSE-SA:2014:001
http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00005.html
<http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00005.html>
and on
http://support.novell.com/security/cve/CVE-2013-5211.html
<http://support.novell.com/security/cve/CVE-2013-5211.html>
this update now also replaces the default ntp.conf template to fix this
problem.
Please note that if you have touched or modified ntp.conf yourself, it will
not be automatically fixed, you need to merge the changes manually as
described.
Additionally the following bug has been fixed:
* ntp start script does not update /var/lib/ntp/etc/localtime file if
/etc/localtime is symlink (bnc#838458)
Security Issues:
* CVE-2013-5211
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5211>
SUSE bug 611513SUSE bug 645356SUSE bug 656345SUSE bug 680301SUSE bug 692969SUSE bug 730374SUSE bug 734467SUSE bug 758253SUSE bug 771480SUSE bug 817893SUSE bug 838458SUSE bug 857195SUSE bug 910764SUSE bug 911792SUSE bug 924202SUSE bug 928321SUSE bug 935409CVE-2013-5211 at SUSECVE-2013-5211 at NVDCVE-2014-9293 at SUSECVE-2014-9293 at NVDCVE-2014-9294 at SUSECVE-2014-9294 at NVDCVE-2014-9295 at SUSECVE-2014-9295 at NVDCVE-2014-9297 at SUSECVE-2014-9297 at NVDCVE-2014-9298 at SUSECVE-2014-9298 at NVDCVE-2015-1799 at SUSECVE-2015-1799 at NVDCVE-2015-3405 at SUSECVE-2015-3405 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for ntp (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This network time protocol server ntp was updated to 4.2.8p6 to fix the following
issues:
Also yast2-ntp-client was updated to match some sntp syntax changes. (bsc#937837)
Major functional changes:
- The 'sntp' commandline tool changed its option handling in a major way.
- 'controlkey 1' is added during update to ntp.conf to allow sntp to work.
- The local clock is being disabled during update.
- ntpd is no longer running chrooted.
Other functional changes:
- ntp-signd is installed.
- 'enable mode7' can be added to the configuration to allow ntdpc to work as compatibility mode option.
- 'kod' was removed from the default restrictions.
- SHA1 keys are used by default instead of MD5 keys.
These security issues were fixed:
- CVE-2015-5219: An endless loop due to incorrect precision to double conversion (bsc#943216).
- CVE-2015-8158: Fixed potential infinite loop in ntpq (bsc#962966).
- CVE-2015-8138: Zero Origin Timestamp Bypass (bsc#963002).
- CVE-2015-7979: Off-path Denial of Service (DoS) attack on authenticated broadcast mode (bsc#962784).
- CVE-2015-7978: Stack exhaustion in recursive traversal of restriction list (bsc#963000).
- CVE-2015-7977: reslist NULL pointer dereference (bsc#962970).
- CVE-2015-7976: ntpq saveconfig command allows dangerous characters in filenames (bsc#962802).
- CVE-2015-7975: nextvar() missing length check (bsc#962988).
- CVE-2015-7974: Skeleton Key: Missing key check allows impersonation between authenticated peers (bsc#962960).
- CVE-2015-7973: Replay attack on authenticated broadcast mode (bsc#962995).
- CVE-2015-8140: ntpq vulnerable to replay attacks (bsc#962994).
- CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin (bsc#962997).
- CVE-2015-5300: MITM attacker could have forced ntpd to make a step larger than the panic threshold (bsc#951629).
- CVE-2015-7871: NAK to the Future: Symmetric association authentication bypass via crypto-NAK (bsc#951608).
- CVE-2015-7855: decodenetnum() will ASSERT botch instead of returning FAIL on some bogus values (bsc#951608).
- CVE-2015-7854: Password Length Memory Corruption Vulnerability (bsc#951608).
- CVE-2015-7853: Invalid length data provided by a custom refclock driver could cause a buffer overflow (bsc#951608).
- CVE-2015-7852: ntpq atoascii() Memory Corruption Vulnerability (bsc#951608).
- CVE-2015-7851: saveconfig Directory Traversal Vulnerability (bsc#951608).
- CVE-2015-7850: remote config logfile-keyfile (bsc#951608).
- CVE-2015-7849: trusted key use-after-free (bsc#951608).
- CVE-2015-7848: mode 7 loop counter underrun (bsc#951608).
- CVE-2015-7701: Slow memory leak in CRYPTO_ASSOC (bsc#951608).
- CVE-2015-7703: configuration directives 'pidfile' and 'driftfile' should only be allowed locally (bsc#951608).
- CVE-2015-7704, CVE-2015-7705: Clients that receive a KoD should validate the origin timestamp field (bsc#951608).
- CVE-2015-7691, CVE-2015-7692, CVE-2015-7702: Incomplete autokey data packet length checks (bsc#951608).
These non-security issues were fixed:
- fate#320758 bsc#975981: Enable compile-time support for MS-SNTP (--enable-ntp-signd).
This replaces the w32 patches in 4.2.4 that added the authreg
directive.
- bsc#962318: Call /usr/sbin/sntp with full path to synchronize in start-ntpd.
When run as cron job, /usr/sbin/ is not in the path, which caused
the synchronization to fail.
- bsc#782060: Speedup ntpq.
- bsc#916617: Add /var/db/ntp-kod.
- bsc#956773: Add ntp-ENOBUFS.patch to limit a warning that might happen quite a lot on loaded systems.
- bsc#951559,bsc#975496: Fix the TZ offset output of sntp during DST.
- Add ntp-fork.patch and build with threads disabled to allow name resolution even when running chrooted.
- Add a controlkey line to /etc/ntp.conf if one does not already exist to allow runtime configuuration via ntpq.
- bsc#946386: Temporarily disable memlock to avoid problems due to high memory usage during name resolution.
- bsc#905885: Use SHA1 instead of MD5 for symmetric keys.
- Improve runtime configuration:
* Read keytype from ntp.conf
* Don't write ntp keys to syslog.
- Fix legacy action scripts to pass on command line arguments.
- bsc#944300: Remove 'kod' from the restrict line in ntp.conf.
- bsc#936327: Use ntpq instead of deprecated ntpdc in start-ntpd.
- Don't let 'keysdir' lines in ntp.conf trigger the 'keys' parser.
- Disable mode 7 (ntpdc) again, now that we don't use it anymore.
- Add 'addserver' as a new legacy action.
- bsc#910063: Fix the comment regarding addserver in ntp.conf.
- bsc#926510: Disable chroot by default.
- bsc#920238: Enable ntpdc for backwards compatibility.
- bsc#784760: Remove local clock from default configuration.
- bsc#942441/fate#319496: Require perl-Socket6.
- Improve runtime configuration:
* Read keytype from ntp.conf
* Don't write ntp keys to syslog.
- bsc#920183: Allow -4 and -6 address qualifiers in 'server' directives.
- Use upstream ntp-wait, because our version is incompatible with
the new ntpq command line syntax.
ImportantSUSE bug 782060SUSE bug 784760SUSE bug 905885SUSE bug 910063SUSE bug 916617SUSE bug 920183SUSE bug 920238SUSE bug 926510SUSE bug 936327SUSE bug 937837SUSE bug 942441SUSE bug 942587SUSE bug 943216SUSE bug 943218SUSE bug 944300SUSE bug 946386SUSE bug 951351SUSE bug 951559SUSE bug 951608SUSE bug 951629SUSE bug 954982SUSE bug 956773SUSE bug 962318SUSE bug 962784SUSE bug 962802SUSE bug 962960SUSE bug 962966SUSE bug 962970SUSE bug 962988SUSE bug 962994SUSE bug 962995SUSE bug 962997SUSE bug 963000SUSE bug 963002SUSE bug 975496SUSE bug 975981CVE-2015-5194 at SUSECVE-2015-5194 at NVDCVE-2015-5219 at SUSECVE-2015-5219 at NVDCVE-2015-5300 at SUSECVE-2015-5300 at NVDCVE-2015-7691 at SUSECVE-2015-7691 at NVDCVE-2015-7692 at SUSECVE-2015-7692 at NVDCVE-2015-7701 at SUSECVE-2015-7701 at NVDCVE-2015-7702 at SUSECVE-2015-7702 at NVDCVE-2015-7703 at SUSECVE-2015-7703 at NVDCVE-2015-7704 at SUSECVE-2015-7704 at NVDCVE-2015-7705 at SUSECVE-2015-7705 at NVDCVE-2015-7848 at SUSECVE-2015-7848 at NVDCVE-2015-7849 at SUSECVE-2015-7849 at NVDCVE-2015-7850 at SUSECVE-2015-7850 at NVDCVE-2015-7851 at SUSECVE-2015-7851 at NVDCVE-2015-7852 at SUSECVE-2015-7852 at NVDCVE-2015-7853 at SUSECVE-2015-7853 at NVDCVE-2015-7854 at SUSECVE-2015-7854 at NVDCVE-2015-7855 at SUSECVE-2015-7855 at NVDCVE-2015-7871 at SUSECVE-2015-7871 at NVDCVE-2015-7973 at SUSECVE-2015-7973 at NVDCVE-2015-7974 at SUSECVE-2015-7974 at NVDCVE-2015-7975 at SUSECVE-2015-7975 at NVDCVE-2015-7976 at SUSECVE-2015-7976 at NVDCVE-2015-7977 at SUSECVE-2015-7977 at NVDCVE-2015-7978 at SUSECVE-2015-7978 at NVDCVE-2015-7979 at SUSECVE-2015-7979 at NVDCVE-2015-8138 at SUSECVE-2015-8138 at NVDCVE-2015-8139 at SUSECVE-2015-8139 at NVDCVE-2015-8140 at SUSECVE-2015-8140 at NVDCVE-2015-8158 at SUSECVE-2015-8158 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ntp (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ntp fixes the following issues:
- Separate the creation of ntp.keys and key #1 in it to avoid
problems when upgrading installations that have the file, but
no key #1, which is needed e.g. by 'rcntp addserver'.
- Update to 4.2.8p7 (bsc#977446):
* CVE-2016-1547, bsc#977459:
Validate crypto-NAKs, AKA: CRYPTO-NAK DoS.
* CVE-2016-1548, bsc#977461: Interleave-pivot
* CVE-2016-1549, bsc#977451:
Sybil vulnerability: ephemeral association attack.
* CVE-2016-1550, bsc#977464: Improve NTP security against buffer
comparison timing attacks.
* CVE-2016-1551, bsc#977450:
Refclock impersonation vulnerability
* CVE-2016-2516, bsc#977452: Duplicate IPs on unconfig
directives will cause an assertion botch in ntpd.
* CVE-2016-2517, bsc#977455: remote configuration trustedkey/
requestkey/controlkey values are not properly validated.
* CVE-2016-2518, bsc#977457: Crafted addpeer with hmode > 7
causes array wraparound with MATCH_ASSOC.
* CVE-2016-2519, bsc#977458: ctl_getitem() return value not
always checked.
* integrate ntp-fork.patch
* Improve the fixes for:
CVE-2015-7704, CVE-2015-7705, CVE-2015-7974
- Restrict the parser in the startup script to the first
occurrance of 'keys' and 'controlkey' in ntp.conf (bsc#957226).
ImportantSUSE bug 957226SUSE bug 977446SUSE bug 977450SUSE bug 977451SUSE bug 977452SUSE bug 977455SUSE bug 977457SUSE bug 977458SUSE bug 977459SUSE bug 977461SUSE bug 977464CVE-2015-7704 at SUSECVE-2015-7704 at NVDCVE-2015-7705 at SUSECVE-2015-7705 at NVDCVE-2015-7974 at SUSECVE-2015-7974 at NVDCVE-2016-1547 at SUSECVE-2016-1547 at NVDCVE-2016-1548 at SUSECVE-2016-1548 at NVDCVE-2016-1549 at SUSECVE-2016-1549 at NVDCVE-2016-1550 at SUSECVE-2016-1550 at NVDCVE-2016-1551 at SUSECVE-2016-1551 at NVDCVE-2016-2516 at SUSECVE-2016-2516 at NVDCVE-2016-2517 at SUSECVE-2016-2517 at NVDCVE-2016-2518 at SUSECVE-2016-2518 at NVDCVE-2016-2519 at SUSECVE-2016-2519 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libtasn1 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for libtasn1 fixes the following issues:
- Malformed asn1 definitions could have caused a segmentation fault in the asn1 definition parser (bsc#961491)
- CVE-2015-3622: Fixed invalid read in octet string decoding (bsc#929414)
- CVE-2016-4008: Fixed infinite loop while parsing DER certificates (bsc#982779)
ModerateSUSE bug 929414SUSE bug 961491SUSE bug 982779CVE-2015-3622 at SUSECVE-2015-3622 at NVDCVE-2016-4008 at SUSECVE-2016-4008 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ntp (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
ntp was updated to version 4.2.8p8 to fix five security issues.
These security issues were fixed:
- CVE-2016-4953: Bad authentication demobilizes ephemeral associations (bsc#982065).
- CVE-2016-4954: Processing spoofed server packets (bsc#982066).
- CVE-2016-4955: Autokey association reset (bsc#982067).
- CVE-2016-4956: Broadcast interleave (bsc#982068).
- CVE-2016-4957: CRYPTO_NAK crash (bsc#982064).
These non-security issues were fixed:
- Keep the parent process alive until the daemon has finished initialisation, to make sure that the PID file exists when the parent returns.
- bsc#979302: Change the process name of the forking DNS worker process to avoid the impression that ntpd is started twice.
- bsc#981422: Don't ignore SIGCHILD because it breaks wait().
ImportantSUSE bug 979302SUSE bug 981422SUSE bug 982056SUSE bug 982064SUSE bug 982065SUSE bug 982066SUSE bug 982067SUSE bug 982068CVE-2016-4953 at SUSECVE-2016-4953 at NVDCVE-2016-4954 at SUSECVE-2016-4954 at NVDCVE-2016-4955 at SUSECVE-2016-4955 at NVDCVE-2016-4956 at SUSECVE-2016-4956 at NVDCVE-2016-4957 at SUSECVE-2016-4957 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ntp fixes the following issues:
ntp was updated to 4.2.8p9.
Security issues fixed:
- CVE-2016-9311, CVE-2016-9310, bsc#1011377: Mode 6
unauthenticated trap information disclosure and DDoS vector.
- CVE-2016-7427, bsc#1011390:
Broadcast Mode Replay Prevention DoS.
- CVE-2016-7428, bsc#1011417:
Broadcast Mode Poll Interval Enforcement DoS.
- CVE-2016-7431, bsc#1011395:
Regression: 010-origin: Zero Origin Timestamp Bypass.
- CVE-2016-7434, bsc#1011398:
Null pointer dereference in _IO_str_init_static_internal().
- CVE-2016-7429, bsc#1011404: Interface selection attack.
- CVE-2016-7426, bsc#1011406:
Client rate limiting and server responses.
- CVE-2016-7433, bsc#1011411: Reboot sync calculation problem.
- CVE-2015-8140: ntpq vulnerable to replay attacks.
- CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin.
- CVE-2015-5219: An endless loop due to incorrect precision to
double conversion (bsc#943216).
Non-security issues fixed:
- Fix a spurious error message.
- Other bugfixes, see /usr/share/doc/packages/ntp/ChangeLog.
- Fix a regression in 'trap' (bsc#981252).
- Reduce the number of netlink groups to listen on for changes to
the local network setup (bsc#992606).
- Fix segfault in 'sntp -a' (bsc#1009434).
- Silence an OpenSSL version warning (bsc#992038).
- Make the resolver task change user and group IDs to the same
values as the main task. (bsc#988028)
- Simplify ntpd's search for its own executable to prevent AppArmor
warnings (bsc#956365).
ModerateSUSE bug 1009434SUSE bug 1011377SUSE bug 1011390SUSE bug 1011395SUSE bug 1011398SUSE bug 1011404SUSE bug 1011406SUSE bug 1011411SUSE bug 1011417SUSE bug 943216SUSE bug 956365SUSE bug 981252SUSE bug 988028SUSE bug 992038SUSE bug 992606CVE-2015-5219 at SUSECVE-2015-5219 at NVDCVE-2015-8139 at SUSECVE-2015-8139 at NVDCVE-2015-8140 at SUSECVE-2015-8140 at NVDCVE-2016-7426 at SUSECVE-2016-7426 at NVDCVE-2016-7427 at SUSECVE-2016-7427 at NVDCVE-2016-7428 at SUSECVE-2016-7428 at NVDCVE-2016-7429 at SUSECVE-2016-7429 at NVDCVE-2016-7431 at SUSECVE-2016-7431 at NVDCVE-2016-7433 at SUSECVE-2016-7433 at NVDCVE-2016-7434 at SUSECVE-2016-7434 at NVDCVE-2016-9310 at SUSECVE-2016-9310 at NVDCVE-2016-9311 at SUSECVE-2016-9311 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This ntp update to version 4.2.8p10 fixes the following issues:
Security issues fixed (bsc#1030050):
- CVE-2017-6464: Denial of Service via Malformed Config
- CVE-2017-6462: Buffer Overflow in DPTS Clock
- CVE-2017-6463: Authenticated DoS via Malicious Config Option
- CVE-2017-6458: Potential Overflows in ctl_put() functions
- CVE-2017-6451: Improper use of snprintf() in mx4200_send()
- CVE-2017-6460: Buffer Overflow in ntpq when fetching reslist
- CVE-2016-9042: 0rigin (zero origin) DoS.
- ntpq_stripquotes() returns incorrect Value
- ereallocarray()/eallocarray() underused
- Copious amounts of Unused Code
- Off-by-one in Oncore GPS Receiver
- Makefile does not enforce Security Flags
Bugfixes:
- Remove spurious log messages (bsc#1014172).
- Fixing ppc and ppc64 linker issue (bsc#1031085).
- clang scan-build findings
- Support for openssl-1.1.0 without compatibility modes
- Bugfix 3072 breaks multicastclient
- forking async worker: interrupted pipe I/O
- (...) time_pps_create: Exec format error
- Incorrect Logic for Peer Event Limiting
- Change the process name of forked DNS worker
- Trap Configuration Fail
- Nothing happens if minsane < maxclock < minclock
- allow -4/-6 on restrict line with mask
- out-of-bound pointers in ctl_putsys and decode_bitflags
- Move ntp-kod to /var/lib/ntp, because /var/db is not a standard directory and causes problems for
transactional updates.
ModerateSUSE bug 1014172SUSE bug 1030050SUSE bug 1031085CVE-2016-9042 at SUSECVE-2016-9042 at NVDCVE-2017-6451 at SUSECVE-2017-6451 at NVDCVE-2017-6458 at SUSECVE-2017-6458 at NVDCVE-2017-6460 at SUSECVE-2017-6460 at NVDCVE-2017-6462 at SUSECVE-2017-6462 at NVDCVE-2017-6463 at SUSECVE-2017-6463 at NVDCVE-2017-6464 at SUSECVE-2017-6464 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ntp fixes the following issues:
- Update to 4.2.8p11 (bsc#1082210):
* CVE-2016-1549: Sybil vulnerability: ephemeral association
attack. While fixed in ntp-4.2.8p7, there are significant
additional protections for this issue in 4.2.8p11.
* CVE-2018-7182: ctl_getitem(): buffer read overrun
leads to undefined behavior and information leak. (bsc#1083426)
* CVE-2018-7170: Multiple authenticated ephemeral
associations. (bsc#1083424)
* CVE-2018-7184: Interleaved symmetric mode cannot
recover from bad state. (bsc#1083422)
* CVE-2018-7185: Unauthenticated packet can reset
authenticated interleaved association. (bsc#1083420)
* CVE-2018-7183: ntpq:decodearr() can write beyond its
buffer limit.(bsc#1083417)
- Don't use libevent's cached time stamps in sntp.
ModerateSUSE bug 1077445SUSE bug 1082210SUSE bug 1083417SUSE bug 1083420SUSE bug 1083422SUSE bug 1083424SUSE bug 1083426CVE-2016-1549 at SUSECVE-2016-1549 at NVDCVE-2018-7170 at SUSECVE-2018-7170 at NVDCVE-2018-7182 at SUSECVE-2018-7182 at NVDCVE-2018-7183 at SUSECVE-2018-7183 at NVDCVE-2018-7184 at SUSECVE-2018-7184 at NVDCVE-2018-7185 at SUSECVE-2018-7185 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
NTP was updated to 4.2.8p12 (bsc#1111853):
- CVE-2018-12327: Fixed stack buffer overflow in the openhost() command-line call of NTPQ/NTPDC. (bsc#1098531)
- CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection (bsc#1083424)
Please also see https://www.nwtime.org/network-time-foundation-publishes-ntp-4-2-8p12/ for more information.
ModerateSUSE bug 1083424SUSE bug 1098531SUSE bug 1111853CVE-2018-12327 at SUSECVE-2018-12327 at NVDCVE-2018-7170 at SUSECVE-2018-7170 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ntp fixes the following issues:
Security issue fixed:
- CVE-2019-8936: Fixed a null pointer exception which could allow an authenticated attcker to cause
segmentation fault to ntpd (bsc#1128525).
Other issues addressed:
- Make sure that SLE12 version is higher than the one in SLE11 (bsc#1001182).
- Fixed several bugs in the BANCOMM reclock driver.
- Fixed ntp_loopfilter.c snprintf compilation warnings.
- Fixed spurious initgroups() error message.
- Fixed STA_NANO struct timex units.
- Fixed GPS week rollover in libparse.
- Fixed incorrect poll interval in packet.
- Added a missing check for ENABLE_CMAC.
ModerateSUSE bug 1001182SUSE bug 1128525CVE-2019-8936 at SUSECVE-2019-8936 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ntp fixes the following issues:
ntp was updated to 4.2.8p15
- CVE-2020-11868: Fixed an issue which a server mode packet with spoofed source address
frequently send to the client ntpd could have caused denial of service (bsc#1169740).
- CVE-2018-8956: Fixed an issue which could have allowed remote attackers to prevent
a broadcast client from synchronizing its clock with a broadcast NTP server via spoofed
mode 3 and mode 5 packets (bsc#1171355).
- CVE-2020-13817: Fixed an issue which an off-path attacker with the ability to query time
from victim's ntpd instance could have modified the victim's clock by a limited amount (bsc#1172651).
- CVE-2020-15025: Fixed an issue which remote attacker could have caused denial of service by consuming
the memory when a CMAC key was used andassociated with a CMAC algorithm in the ntp.keys (bsc#1173334).
ModerateSUSE bug 1169740SUSE bug 1171355SUSE bug 1172651SUSE bug 1173334CVE-2018-8956 at SUSECVE-2018-8956 at NVDCVE-2020-11868 at SUSECVE-2020-11868 at NVDCVE-2020-13817 at SUSECVE-2020-13817 at NVDCVE-2020-15025 at SUSECVE-2020-15025 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for OFEDSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes the following reports for OFED:
* 704914: Fixed NFS client over TCP hangs due to packet loss.
* 693243: Fixed issue with building lustre against ofed-devel.
* 706175: Fix crash on accessing /proc/net/sdpstats
* 722030: Cannot load ib_ipath
* 703752: Prevent BUG_ON triggering on congestion
Security Issue reference:
* CVE-2011-1023
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1023>
SUSE bug 693243SUSE bug 703752SUSE bug 704914SUSE bug 706175SUSE bug 722030CVE-2011-1023 at SUSECVE-2011-1023 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openldap2 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openldap2 fixes the following issues:
- CVE-2020-12243: Fixed a denial of service related to recursive filters (bsc#1170771).
- CVE-2019-13565: Fixed an authentication bypass caused by incorrect authorization of another connection, granting excess connection rights (bsc#1143194).
- CVE-2019-13057: Fixed an issue with improper authorization with delegated database admin privileges (bsc#1143273).
ImportantSUSE bug 1143194SUSE bug 1143273SUSE bug 1170771CVE-2019-13057 at SUSECVE-2019-13057 at NVDCVE-2019-13565 at SUSECVE-2019-13565 at NVDCVE-2020-12243 at SUSECVE-2020-12243 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openldap2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openldap2 fixes the following issues:
- CVE-2020-8023: Fixed a local privilege escalation from ldap to root (bsc#1172698).
ModerateSUSE bug 1172698CVE-2020-8023 at SUSECVE-2020-8023 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openldap2 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openldap2 fixes the following security issue:
- CVE-2020-25692: Fixed an unauthenticated remote denial of service due to incorrect validation of modrdn equality rules (bsc#1178387).
ImportantSUSE bug 1178387CVE-2020-25692 at SUSECVE-2020-25692 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openldap2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openldap2 fixes the following issues:
- CVE-2020-25709: Fixed a crash caused by specially crafted network traffic (bsc#1178909).
- CVE-2020-25710: Fixed a crash caused by specially crafted network traffic (bsc#1178909).
ModerateSUSE bug 1178909CVE-2020-25709 at SUSECVE-2020-25709 at NVDCVE-2020-25710 at SUSECVE-2020-25710 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openldap2 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openldap2 fixes the following issues:
- bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the
X.509 DN parsing in decode.c ber_next_element, resulting in denial
of service.
- bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN
parsing in ad_keystring, resulting in denial of service.
- bsc#1182412 CVE-2020-36228 - integer underflow leading to crash
in the Certificate List Exact Assertion processing, resulting in
denial of service.
- bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the
cancel_extop Cancel operation, resulting in denial of service.
- bsc#1182416 CVE-2020-36225 - double free and slapd crash in the
saslAuthzTo processing, resulting in denial of service.
- bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash
in the saslAuthzTo processing, resulting in denial of service.
- bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd
crash in the saslAuthzTo processing, resulting in denial of service.
- bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the
saslAuthzTo validation, resulting in denial of service.
- bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact
Assertion processing, resulting in denial of service (schema_init.c
serialNumberAndIssuerCheck).
- bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter
control handling, resulting in denial of service (double free and
out-of-bounds read).
- bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur
in the issuerAndThisUpdateCheck function via a crafted packet,
resulting in a denial of service (daemon exit) via a short timestamp.
This is related to schema_init.c and checkTime.
ImportantSUSE bug 1182279SUSE bug 1182408SUSE bug 1182411SUSE bug 1182412SUSE bug 1182413SUSE bug 1182415SUSE bug 1182416SUSE bug 1182417SUSE bug 1182418SUSE bug 1182419SUSE bug 1182420CVE-2020-36221 at SUSECVE-2020-36221 at NVDCVE-2020-36222 at SUSECVE-2020-36222 at NVDCVE-2020-36223 at SUSECVE-2020-36223 at NVDCVE-2020-36224 at SUSECVE-2020-36224 at NVDCVE-2020-36225 at SUSECVE-2020-36225 at NVDCVE-2020-36226 at SUSECVE-2020-36226 at NVDCVE-2020-36227 at SUSECVE-2020-36227 at NVDCVE-2020-36228 at SUSECVE-2020-36228 at NVDCVE-2020-36229 at SUSECVE-2020-36229 at NVDCVE-2020-36230 at SUSECVE-2020-36230 at NVDCVE-2021-27212 at SUSECVE-2021-27212 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openldap2SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
openldap2 was updated to fix three security issues and one non-security
bug.
The following vulnerabilities were fixed:
* A remote attacker could cause a denial of service (slapd crash) by
unbinding immediately after a search request. (bnc#846389,
CVE-2013-4449)
* A remote attacker could cause a denial of service through a NULL
pointer dereference and crash via an empty attribute list in a deref
control in a search request. (bnc#916897, CVE-2015-1545)
* A remote attacker could cause a denial of service (crash) via a
crafted search query with a matched values control. (bnc#916914,
CVE-2015-1546)
The following non-security bug was fixed:
* Prevent connection-0 (internal connection) from showing up in the
monitor back-end. (bnc#905959)
Security Issues:
* CVE-2015-1546
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1546>
* CVE-2015-1545
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1545>
* CVE-2013-4449
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4449>
SUSE bug 846389SUSE bug 905959SUSE bug 916897SUSE bug 916914CVE-2013-4449 at SUSECVE-2013-4449 at NVDCVE-2015-1545 at SUSECVE-2015-1545 at NVDCVE-2015-1546 at SUSECVE-2015-1546 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openldap2 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes the following security issues:
- CVE-2015-6908: The ber_get_next function allowed remote attackers to cause a denial
of service (reachable assertion and application crash) via crafted BER data, as
demonstrated by an attack against slapd. (bsc#945582)
- CVE-2015-4000: Fix weak Diffie-Hellman size vulnerability. (bsc#937766)
ImportantSUSE bug 937766SUSE bug 945582CVE-2015-4000 at SUSECVE-2015-4000 at NVDCVE-2015-6908 at SUSECVE-2015-6908 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for opensc (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for opensc fixes the following issues:
- CVE-2018-16391: Fixed a denial of service when handling responses from a Muscle Card (bsc#1106998)
- CVE-2018-16392: Fixed a denial of service when handling responses from a TCOS Card (bsc#1106999)
- CVE-2018-16393: Fixed buffer overflows when handling responses from Gemsafe V1 Smartcards (bsc#1108318)
- CVE-2018-16418: Fixed buffer overflow when handling string concatenation in util_acl_to_str (bsc#1107039)
- CVE-2018-16419: Fixed several buffer overflows when handling responses from a Cryptoflex card (bsc#1107107)
- CVE-2018-16422: Fixed single byte buffer overflow when handling responses from an esteid Card (bsc#1107038)
- CVE-2018-16423: Fixed double free when handling responses from a smartcard (bsc#1107037)
- CVE-2018-16427: Fixed out of bounds reads when handling responses in OpenSC (bsc#1107033)
ModerateSUSE bug 1104812SUSE bug 1106998SUSE bug 1106999SUSE bug 1107033SUSE bug 1107037SUSE bug 1107038SUSE bug 1107039SUSE bug 1107107SUSE bug 1108318CVE-2018-16391 at SUSECVE-2018-16391 at NVDCVE-2018-16392 at SUSECVE-2018-16392 at NVDCVE-2018-16393 at SUSECVE-2018-16393 at NVDCVE-2018-16418 at SUSECVE-2018-16418 at NVDCVE-2018-16419 at SUSECVE-2018-16419 at NVDCVE-2018-16422 at SUSECVE-2018-16422 at NVDCVE-2018-16423 at SUSECVE-2018-16423 at NVDCVE-2018-16427 at SUSECVE-2018-16427 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for opensc (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for opensc fixes the following issues:
Security issue fixed:
- CVE-2019-6502: Fixed a memory leak in sc_context_create() (bsc#1122756).
LowSUSE bug 1122756CVE-2019-6502 at SUSECVE-2019-6502 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for opensc (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for opensc fixes the following issues:
- CVE-2020-26571: gemsafe GPK smart card software driver stack-based buffer overflow (bsc#1177380)
- CVE-2019-15946: out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry (bsc#1149747)
- CVE-2019-15945: out-of-bounds access of an ASN.1 Bitstring in decode_bit_string (bsc#1149746)
- CVE-2019-19479: incorrect read operation during parsing of a SETCOS file attribute (bsc#1158256)
- CVE-2020-26572: Prevent out of bounds write (bsc#1177378)
ModerateSUSE bug 1149746SUSE bug 1149747SUSE bug 1158256SUSE bug 1177378SUSE bug 1177380CVE-2019-15945 at SUSECVE-2019-15945 at NVDCVE-2019-15946 at SUSECVE-2019-15946 at NVDCVE-2019-19479 at SUSECVE-2019-19479 at NVDCVE-2020-26571 at SUSECVE-2020-26571 at NVDCVE-2020-26572 at SUSECVE-2020-26572 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for opensc (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for opensc fixes the following issues:
- CVE-2021-42780: Fixed use after return in insert_pin() (bsc#1192005).
- CVE-2021-42782: Stack buffer overflow issues in various places (bsc#1191957).
ImportantSUSE bug 1191957SUSE bug 1192005CVE-2021-42780 at SUSECVE-2021-42780 at NVDCVE-2021-42782 at SUSECVE-2021-42782 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for openslpSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Due to a bug in the DA network code, changes in service registrations could
be lost if an old socket connection was used and the remove side closed the
socket in the meantime. The code was changed to reconnect to the DA if this
happens.
Also, a bug in the service lifetime handling was fixed that could lead to
services being removed up to 15 seconds to early.
SUSE bug 564504SUSE bug 597215SUSE bug 601002SUSE bug 626444SUSE bug 642571SUSE bug 648384SUSE bug 658972SUSE bug 667953SUSE bug 693756SUSE bug 723385SUSE bug 778508SUSE bug 855385CVE-2010-3609 at SUSECVE-2010-3609 at NVDCVE-2012-4428 at SUSECVE-2012-4428 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openslp (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openslp fixes the following issues:
- CVE-2017-17833: Prevent heap-related memory corruption issue which may have
manifested itself as a denial-of-service or a remote code-execution
vulnerability (bsc#1090638).
ImportantSUSE bug 1090638CVE-2017-17833 at SUSECVE-2017-17833 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for OpenSSHSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for OpenSSH provides the following fixes:
* Implement remote denial of service hardening (bnc#802639,
CVE-2010-5107)
* Use only FIPS 140-2 approved algorithms when FIPS mode is detected
(bnc#755505, bnc#821039)
* Do not link OpenSSH binaries with LDAP libraries (bnc#826906)
Security Issue reference:
* CVE-2010-5107
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5107>
SUSE bug 604274SUSE bug 628444SUSE bug 660064SUSE bug 663412SUSE bug 683733SUSE bug 692799SUSE bug 694890SUSE bug 703147SUSE bug 703221SUSE bug 708678SUSE bug 709782SUSE bug 719132SUSE bug 744643SUSE bug 749147SUSE bug 752354SUSE bug 755505SUSE bug 756370SUSE bug 802639SUSE bug 821039SUSE bug 826906CVE-2010-5107 at SUSECVE-2010-5107 at NVDCVE-2011-5000 at SUSECVE-2011-5000 at NVDCVE-2012-0814 at SUSECVE-2012-0814 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssh (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
openssh was updated to fix four security issues.
These security issues were fixed:
- CVE-2015-5352: The x11_open_helper function in channels.c in ssh in OpenSSH when ForwardX11Trusted mode is not used, lacked a check of the refusal deadline for X connections, which made it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window (bsc#936695).
- CVE-2015-5600: The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH did not properly restrict the processing of keyboard-interactive devices within a single connection, which made it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list (bsc#938746).
- CVE-2015-4000: Removed and disabled weak DH groups (bsc#932483).
- Hardening patch to fix sftp RCE (bsc#903649).
These non-security issues were fixed:
- bsc#914309: sshd inherits oom_adj -17 on SIGHUP causing DoS potential for oom_killer.
- bsc#673532: limits.conf fsize change in SLES10SP3 causing problems to WebSphere mqm user.
ModerateSUSE bug 673532SUSE bug 903649SUSE bug 905118SUSE bug 914309SUSE bug 932483SUSE bug 936695SUSE bug 938746CVE-2015-4000 at SUSECVE-2015-4000 at NVDCVE-2015-5352 at SUSECVE-2015-5352 at NVDCVE-2015-5600 at SUSECVE-2015-5600 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssh (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssh fixes security issues and bugs.
The following vulnerabilities were fixed:
- CVE-2016-6210: User enumeration through the timing of password (bsc#989363)
- CVE-2016-3115: Missing sanitisation of untrusted input allows an authenticated user who is able to request X11 forwarding inject commands to xauth (bsc#970632)
- CVE-2016-1908: X11 SECURITY circumvention when forwarding X11 connections (bsc#962313)
- CVE-2015-8325: Malicious users may attach /bin/login via LD_PRELOAD or similar environment variables set via PAM if PAM is configured to read user-specified environment and UseLogin=yes is set is sshd_config (bsc#975865)
- CVE-2016-6515: Remote attackers could cause a denial of service by providing exceptionally long passwords (bsc#992533)
The following security related changes are included:
- bsc#932483, bsc#948902: Disable DH parameters under 2048 bits by default and allow lowering the limit back to the RFC 4419 specified minimum through an option (bsc#932483, bsc#948902)
- bsc#948902: Allow lowering the DH groups parameter limit in server as well as when GSSAPI key exchange is used
The following tracked changes are included:
- bsc#981654: avoid complaining about unset DISPLAY variable
- bsc#959096: initialise msg_id to prevent disconnections
- bsc#962794: relax version requires for the openssh-askpass subpackage
ModerateSUSE bug 932483SUSE bug 948902SUSE bug 959096SUSE bug 962313SUSE bug 962794SUSE bug 970632SUSE bug 975865SUSE bug 981654SUSE bug 989363SUSE bug 992533CVE-2015-8325 at SUSECVE-2015-8325 at NVDCVE-2016-1908 at SUSECVE-2016-1908 at NVDCVE-2016-3115 at SUSECVE-2016-3115 at NVDCVE-2016-6210 at SUSECVE-2016-6210 at NVDCVE-2016-6515 at SUSECVE-2016-6515 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssh (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssh fixes the following issues:
- CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480, CVE-2016-8858)
- Properly verify CIDR masks in configuration (bsc#1005893)
LowSUSE bug 1005480SUSE bug 1005893CVE-2016-8858 at SUSECVE-2016-8858 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssh, openssh-askpass, openssh-openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssh, openssh-askpass, openssh-openssl1 fixes the following issues:
Upgrade to OpenSSH version 6.6p1 (bsc#1077104, bsc#1034467)
This also adds another build using '-openssl1' suffix, which can be installed
- require openssh-askpass of the same version or newer.
- change the Supplements tag to combination of both openssh and X11
to prevent accidental imports of the X11 packages into minimal
installs (bsc#886235)
ModerateSUSE bug 1034467SUSE bug 1077104SUSE bug 886235cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssh (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssh version 6.6p1 fixes the following issues:
Security issues fixed:
- CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions (bsc#1121571)
The regular openssh version was updated to openssh 6.6p1, the -openssl1 variant was at this version already.
ImportantSUSE bug 1121571CVE-2018-20685 at SUSECVE-2018-20685 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssh (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssh fixes the following issues:
Security vulnerabilities addressed:
- CVE-2019-6109: Fixed an character encoding issue in the progress display of
the scp client that could be used to manipulate client output, allowing
for spoofing during file transfers (bsc#1121816).
- CVE-2019-6111: Properly validate object names received by the scp client to
prevent arbitrary file overwrites when interacting with a malicious SSH server
(bsc#1121821).
Other issues fixed:
- Fixed two race conditions in sshd relating to SIGHUP (bsc#1119183).
- Returned proper reason for port forwarding failures (bsc#1090671).
- Fixed SSHD termination of multichannel sessions with non-root users (bsc#1115550).
ModerateSUSE bug 1090671SUSE bug 1115550SUSE bug 1119183SUSE bug 1121816SUSE bug 1121821SUSE bug 1131709CVE-2019-6109 at SUSECVE-2019-6109 at NVDCVE-2019-6111 at SUSECVE-2019-6111 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for opensshSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for OpenSSH provides fixes for the following issues:
* Exit sshd normally when port is already in use. (bnc#832628)
* Use hardware crypto engines where available. (bnc#826427)
* Use correct options for login when it is used. (bnc#833605)
* Move FIPS messages to higher debug level. (bnc#862875)
* Fix forwarding with IPv6 addresses in DISPLAY. (bnc#847710)
* Do not link OpenSSH binaries with LDAP libraries. (bnc#826906)
* Parse AcceptEnv properly. (bnc#869101, CVE-2014-2532)
* Properly terminate connections on server reboot/powerdown.
(bnc#798362)
Security Issue reference:
* CVE-2014-2532
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532>
SUSE bug 798362SUSE bug 826427SUSE bug 826906SUSE bug 832628SUSE bug 833605SUSE bug 847710SUSE bug 862875SUSE bug 869101CVE-2014-2532 at SUSECVE-2014-2532 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssh-openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssh-openssl1 fixes the following security issues:
- CVE-2016-10708: sshd allowed remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c. (bsc#1076957)
- CVE-2018-15473: OpenSSH was prone to a user existance oracle vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. (bsc#1105010)
Non security bugfixes:
- Fix for sftp client because it returns wrong error code upon failure (bsc#1091396)
- Stop leaking File descriptors (bsc#964336)
ModerateSUSE bug 1076957SUSE bug 1091396SUSE bug 1105010SUSE bug 1115654SUSE bug 1116577SUSE bug 964336CVE-2016-10708 at SUSECVE-2016-10708 at NVDCVE-2018-15473 at SUSECVE-2018-15473 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update of openssl fixes a regression caused by the security fix for CVE-2015-0287,
after which DSA keys could occasionaly not loaded from disk. (bsc#937492)
ModerateSUSE bug 937492CVE-2015-0287 at SUSECVE-2015-0287 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl fixes the following issues:
- CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure
OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS
routines so any application which reads PKCS#7 or CMS data from untrusted
sources is affected. SSL/TLS is not affected. (bsc#957812)
- Prevent segfault in s_client with invalid options (bsc#952099)
ModerateSUSE bug 952099SUSE bug 957812CVE-2015-3195 at SUSECVE-2015-3195 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl fixes various security issues and bugs:
Security issues fixed:
- CVE-2016-0800 aka the 'DROWN' attack (bsc#968046):
OpenSSL was vulnerable to a cross-protocol attack that could lead to
decryption of TLS sessions by using a server supporting SSLv2 and
EXPORT cipher suites as a Bleichenbacher RSA padding oracle.
This update changes the openssl library to:
* Disable SSLv2 protocol support by default.
This can be overridden by setting the environment variable
'OPENSSL_ALLOW_SSL2' or by using SSL_CTX_clear_options using the
SSL_OP_NO_SSLv2 flag.
Note that various services and clients had already disabled SSL
protocol 2 by default previously.
* Disable all weak EXPORT ciphers by default. These can be reenabled
if required by old legacy software using the environment variable
'OPENSSL_ALLOW_EXPORT'.
- CVE-2016-0705 (bnc#968047):
A double free() bug in the DSA ASN1 parser code was fixed that could
be abused to facilitate a denial-of-service attack.
- CVE-2016-0797 (bnc#968048):
The BN_hex2bn() and BN_dec2bn() functions had a bug that could result
in an attempt to de-reference a NULL pointer leading to crashes.
This could have security consequences if these functions were ever
called by user applications with large untrusted hex/decimal data. Also,
internal usage of these functions in OpenSSL uses data from config files
or application command line arguments. If user developed applications
generated config file data based on untrusted data, then this could
have had security consequences as well.
- CVE-2016-0799 (bnc#968374)
On many 64 bit systems, the internal fmtstr() and doapr_outch()
functions could miscalculate the length of a string and attempt to
access out-of-bounds memory locations. These problems could have
enabled attacks where large amounts of untrusted data is passed to
the BIO_*printf functions. If applications use these functions in
this way then they could have been vulnerable. OpenSSL itself uses
these functions when printing out human-readable dumps of ASN.1
data. Therefore applications that print this data could have been
vulnerable if the data is from untrusted sources. OpenSSL command line
applications could also have been vulnerable when they print out ASN.1
data, or if untrusted data is passed as command line arguments. Libssl
is not considered directly vulnerable.
- CVE-2015-3197 (bsc#963415):
The SSLv2 protocol did not block disabled ciphers.
Note that the March 1st 2016 release also references following CVEs
that were fixed by us with CVE-2015-0293 in 2015:
- CVE-2016-0703 (bsc#968051): This issue only affected versions of
OpenSSL prior to March 19th 2015 at which time the code was refactored
to address vulnerability CVE-2015-0293. It would have made the above
'DROWN' attack much easier.
- CVE-2016-0704 (bsc#968053): 'Bleichenbacher oracle in SSLv2'
This issue only affected versions of OpenSSL prior to March 19th
2015 at which time the code was refactored to address vulnerability
CVE-2015-0293. It would have made the above 'DROWN' attack much easier.
Also fixes the following bug:
- Avoid running OPENSSL_config twice. This avoids breaking
engine loading and also fixes a memory leak in libssl. (bsc#952871 bsc#967787)
ImportantSUSE bug 952871SUSE bug 963415SUSE bug 967787SUSE bug 968046SUSE bug 968047SUSE bug 968048SUSE bug 968051SUSE bug 968053SUSE bug 968374CVE-2015-3197 at SUSECVE-2015-3197 at NVDCVE-2016-0702 at SUSECVE-2016-0702 at NVDCVE-2016-0703 at SUSECVE-2016-0703 at NVDCVE-2016-0705 at SUSECVE-2016-0705 at NVDCVE-2016-0797 at SUSECVE-2016-0797 at NVDCVE-2016-0799 at SUSECVE-2016-0799 at NVDCVE-2016-0800 at SUSECVE-2016-0800 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl fixes the following issues:
Security issues fixed:
- CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)
- CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)
- CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)
- CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)
- CVE-2016-0702: Side channel attack on modular exponentiation 'CacheBleed' (bsc#968050)
Bugs fixed:
- fate#320304: build 32bit devel package
- bsc#976943: Fix buffer overrun in ASN1_parse
- bsc#973223: allow weak DH groups, vulnerable to the logjam attack,
when environment variable OPENSSL_ALLOW_LOGJAM_ATTACK is set
- bsc#889013: Rename README.SuSE to the new spelling
ImportantSUSE bug 889013SUSE bug 968050SUSE bug 976942SUSE bug 976943SUSE bug 977614SUSE bug 977615SUSE bug 977617CVE-2016-0702 at SUSECVE-2016-0702 at NVDCVE-2016-2105 at SUSECVE-2016-2105 at NVDCVE-2016-2106 at SUSECVE-2016-2106 at NVDCVE-2016-2108 at SUSECVE-2016-2108 at NVDCVE-2016-2109 at SUSECVE-2016-2109 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl fixes the following issues:
OpenSSL Security Advisory [22 Sep 2016] (bsc#999665)
Severity: High
* OCSP Status Request extension unbounded memory growth (CVE-2016-6304) (bsc#999666)
Severity: Low
* Pointer arithmetic undefined behavior (CVE-2016-2177) (bsc#982575)
* Constant time flag not preserved in DSA signing (CVE-2016-2178) (bsc#983249)
* DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)
* DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)
* OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)
* Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183) (bsc#995359)
* Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)
* OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)
* Certificate message OOB reads (CVE-2016-6306) (bsc#999668)
More information can be found on: https://www.openssl.org/news/secadv/20160922.txt
Bugs fixed:
* Update expired S/MIME certs (bsc#979475)
* Fix crash in print_notice (bsc#998190)
* Resume reading from /dev/urandom when interrupted by a signal (bsc#995075)
ImportantSUSE bug 979475SUSE bug 982575SUSE bug 983249SUSE bug 993819SUSE bug 994749SUSE bug 994844SUSE bug 995075SUSE bug 995324SUSE bug 995359SUSE bug 995377SUSE bug 998190SUSE bug 999665SUSE bug 999666SUSE bug 999668CVE-2016-2177 at SUSECVE-2016-2177 at NVDCVE-2016-2178 at SUSECVE-2016-2178 at NVDCVE-2016-2179 at SUSECVE-2016-2179 at NVDCVE-2016-2181 at SUSECVE-2016-2181 at NVDCVE-2016-2182 at SUSECVE-2016-2182 at NVDCVE-2016-2183 at SUSECVE-2016-2183 at NVDCVE-2016-6302 at SUSECVE-2016-6302 at NVDCVE-2016-6303 at SUSECVE-2016-6303 at NVDCVE-2016-6304 at SUSECVE-2016-6304 at NVDCVE-2016-6306 at SUSECVE-2016-6306 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl fixes the following issues contained in the
OpenSSL Security Advisory [26 Jan 2017] (bsc#1021641)
Security issues fixed:
- CVE-2016-7056: A local ECSDA P-256 timing attack that might have allowed key recovery was fixed (bsc#1019334)
- CVE-2016-8610: A remote denial of service in SSL alert handling was fixed (bsc#1005878)
- degrade 3DES to MEDIUM in SSL2 (bsc#1001912)
- CVE-2016-2108: Added a missing commit for CVE-2016-2108, fixing the negative zero handling in the ASN.1 decoder (bsc#1004499)
Bugs fixed:
- fix crash in openssl speed (bsc#1000677)
- don't attempt session resumption if no ticket is present and session
ID length is zero (bsc#984663)
ModerateSUSE bug 1000677SUSE bug 1001912SUSE bug 1004499SUSE bug 1005878SUSE bug 1019334SUSE bug 1021641SUSE bug 984663CVE-2016-2108 at SUSECVE-2016-2108 at NVDCVE-2016-7056 at SUSECVE-2016-7056 at NVDCVE-2016-8610 at SUSECVE-2016-8610 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl fixes the following issues:
- CVE-2018-0739: Constructed ASN.1 types with a recursive definition could exceed
the stack. This could result in a Denial Of Service attack. (bsc#1087102)
ImportantSUSE bug 1087102CVE-2018-0739 at SUSECVE-2018-0739 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl fixes the following issues:
- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based
ciphersuite a malicious server could have sent a very large prime value to the
client. This caused the client to spend an unreasonably long period of time
generating a key for this prime resulting in a hang until the client has
finished. This could be exploited in a Denial Of Service attack (bsc#1097158).
- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)
ModerateSUSE bug 1097158SUSE bug 1097624SUSE bug 1098592CVE-2018-0732 at SUSECVE-2018-0732 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl fixes the following security issue:
- CVE-2018-0737: The RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could have recovered the private key (bsc#1089039)
ModerateSUSE bug 1089039CVE-2018-0737 at SUSECVE-2018-0737 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl fixes the following issues:
Security issues fixed:
- CVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652).
- CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses (bsc#1113534).
- CVE-2016-8610: Adjusted current fix and add missing error string (bsc#1110018).
- Fixed the 'One and Done' side-channel attack on RSA (bsc#1104789).
ModerateSUSE bug 1104789SUSE bug 1110018SUSE bug 1113534SUSE bug 1113652CVE-2016-8610 at SUSECVE-2016-8610 at NVDCVE-2018-0734 at SUSECVE-2018-0734 at NVDCVE-2018-5407 at SUSECVE-2018-5407 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl fixes the following issues:
Security issues fixed:
- CVE-2019-1559: Fix 0-byte record padding oracle via SSL_shutdown (bsc#1127080)
- Reject invalid EC point coordinates (bsc#1131291)
- Mitigate the 'The 9 Lives of Bleichenbacher's CAT: Cache ATtacks on TLS Implementations' attack (bsc#1117951)
ModerateSUSE bug 1117951SUSE bug 1127080SUSE bug 1131291CVE-2019-1559 at SUSECVE-2019-1559 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl fixes the following issues:
OpenSSL Security Advisory [10 September 2019]
- CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance (bsc#1150003).
- CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key (bsc#1150250).
ModerateSUSE bug 1150003SUSE bug 1150250CVE-2019-1547 at SUSECVE-2019-1547 at NVDCVE-2019-1563 at SUSECVE-2019-1563 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl fixes the following issues:
- Included the missing cms and pk7 fixes of CVE-2019-1563 (bsc#1153785).
ImportantSUSE bug 1153785CVE-2019-1563 at SUSECVE-2019-1563 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl fixes the following issues:
- Add missing commits for fixing the security issue called 'The 9 Lives of Bleichenbacher's CAT'. (bsc#1117951)
- Fix a memory leak problem in function 'BN_copy()'. (bsc#1160163)
ModerateSUSE bug 1117951SUSE bug 1160163cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl fixes the following issues:
- CVE-2020-1968: Introduced hardening against the Raccoon attack by always generating fresh DH keys
and never reuse them across multiple TLS connections (bsc#1176331).
ImportantSUSE bug 1176331CVE-2020-1968 at SUSECVE-2020-1968 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl fixes the following issues:
- CVE-2021-23840: Fixed an Integer overflow in CipherUpdate (bsc#1182333)
- CVE-2021-23841: Fixed a Null pointer dereference in X509_issuer_and_serial_hash() (bsc#1182331)
ModerateSUSE bug 1182331SUSE bug 1182333CVE-2021-23840 at SUSECVE-2021-23840 at NVDCVE-2021-23841 at SUSECVE-2021-23841 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl fixes the following security issue:
- CVE-2021-3712: a bug in the code for printing certificate details could lead
to a buffer overrun that a malicious actor could exploit to crash the
application, causing a denial-of-service attack. [bsc#1189521]
ImportantSUSE bug 1189521CVE-2021-3712 at SUSECVE-2021-3712 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl fixes the following issues:
- CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712.
Read buffer overruns processing ASN.1 strings (bsc#1189521).
LowSUSE bug 1189521CVE-2021-3712 at SUSECVE-2021-3712 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl fixes the following issues:
- CVE-2022-0778: Infinite loop in BN_mod_sqrt() reachable when parsing certificates (bsc#1196877).
ImportantSUSE bug 1196877CVE-2022-0778 at SUSECVE-2022-0778 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl-certsSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
openssl-certs has been updated to include four new and remove two
certificates:
* new: Atos_TrustedRoot_2011:2.8.92.51.203.98.44.95.179.50.crt
* new:
E-Tugra_Certification_Authority:2.8.106.104.62.156.81.155.203.83.crt
* new:
TeliaSonera_Root_CA_v1:2.17.0.149.190.22.160.247.46.70.241.123.57.130.114.250.139.205.150.crt
* new: T-TeleSec_GlobalRoot_Class_2:2.1.1.crt
* removed: Firmaprofesional_Root_CA:2.1.1.crt
* removed: TDC_OCES_Root_CA:2.4.62.72.189.196.crt
SUSE bug 714931SUSE bug 760503SUSE bug 783509SUSE bug 796628SUSE bug 854367SUSE bug 860581SUSE bug 865080SUSE bug 875647SUSE bug 881241cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl1 fixes the following issues:
Security issues fixed:
- CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)
- CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (bsc#977616)
- CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)
- CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)
- CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)
Bugs fixed:
- bsc#971354: libopenssl1_0_0 now Recommends: openssl1 to get correct SSL Root
Certificate hashes
- bsc#889013: Rename README.SuSE to the new spelling README.SUSE
- bsc#976943: Fixed a buffer overrun in ASN1_parse.
- bsc#977621: Preserve negotiated digests for SNI (bsc#977621)
ImportantSUSE bug 889013SUSE bug 971354SUSE bug 976942SUSE bug 976943SUSE bug 977614SUSE bug 977615SUSE bug 977616SUSE bug 977617SUSE bug 977621CVE-2016-2105 at SUSECVE-2016-2105 at NVDCVE-2016-2106 at SUSECVE-2016-2106 at NVDCVE-2016-2107 at SUSECVE-2016-2107 at NVDCVE-2016-2108 at SUSECVE-2016-2108 at NVDCVE-2016-2109 at SUSECVE-2016-2109 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl1 fixes the following issues:
penSSL Security Advisory [22 Sep 2016] (bsc#999665)
Severity: High
* OCSP Status Request extension unbounded memory growth (CVE-2016-6304) (bsc#999666)
Severity: Low
* Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575)
* Constant time flag not preserved in DSA signing (CVE-2016-2178) (bsc#983249)
* DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)
* OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (bsc#990419)
* DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)
* OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)
* Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183) (bsc#995359)
* Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)
* OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)
* Certificate message OOB reads (CVE-2016-6306) (bsc#999668)
More information can be found on: https://www.openssl.org/news/secadv/20160922.txt
Also following bugs were fixed:
* update expired S/MIME certs (bsc#979475)
* improve s390x performance (bsc#982745)
* fix crash in print_notice (bsc#998190)
* resume reading from /dev/urandom when interrupted by a signal (bsc#995075)
ImportantSUSE bug 979475SUSE bug 982575SUSE bug 982745SUSE bug 983249SUSE bug 990419SUSE bug 993819SUSE bug 994749SUSE bug 994844SUSE bug 995075SUSE bug 995324SUSE bug 995359SUSE bug 995377SUSE bug 998190SUSE bug 999665SUSE bug 999666SUSE bug 999668CVE-2016-2177 at SUSECVE-2016-2177 at NVDCVE-2016-2178 at SUSECVE-2016-2178 at NVDCVE-2016-2179 at SUSECVE-2016-2179 at NVDCVE-2016-2180 at SUSECVE-2016-2180 at NVDCVE-2016-2181 at SUSECVE-2016-2181 at NVDCVE-2016-2182 at SUSECVE-2016-2182 at NVDCVE-2016-2183 at SUSECVE-2016-2183 at NVDCVE-2016-6302 at SUSECVE-2016-6302 at NVDCVE-2016-6303 at SUSECVE-2016-6303 at NVDCVE-2016-6304 at SUSECVE-2016-6304 at NVDCVE-2016-6306 at SUSECVE-2016-6306 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl1 fixes the following issues contained in the
OpenSSL Security Advisory [26 Jan 2017] (bsc#1021641)
Security issues fixed:
- CVE-2016-7056: A local ECSDA P-256 timing attack that might have allowed key recovery was fixed (bsc#1019334)
- CVE-2016-8610: A remote denial of service in SSL alert handling was fixed (bsc#1005878)
- CVE-2017-3731: Truncated packet could crash via OOB read (bsc#1022085)
- Degrade the 3DES cipher to MEDIUM in SSLv2 (bsc#1001912)
- CVE-2016-2108: Added a missing commit for CVE-2016-2108, fixing the negative zero handling in the ASN.1 decoder (bsc#1004499)
Bugs fixed:
- fix crash in openssl speed (bsc#1000677)
- call c_rehash in %post (bsc#1001707)
- ship static libraries in the devel package (bsc#1022644)
ModerateSUSE bug 1000677SUSE bug 1001707SUSE bug 1001912SUSE bug 1004499SUSE bug 1005878SUSE bug 1019334SUSE bug 1021641SUSE bug 1022085SUSE bug 1022644CVE-2016-2108 at SUSECVE-2016-2108 at NVDCVE-2016-7056 at SUSECVE-2016-7056 at NVDCVE-2016-8610 at SUSECVE-2016-8610 at NVDCVE-2017-3731 at SUSECVE-2017-3731 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl1 fixes the following issues:
Security issues fixed:
- CVE-2017-3735: Malformed X.509 IPAdressFamily could cause OOB read (bsc#1056058)
- adjust DEFAULT_SUSE to meet 1.0.2 and current state (bsc#1027908)
- out of bounds read+crash in DES_fcrypt (bsc#1065363)
- DEFAULT_SUSE cipher list is missing ECDHE-ECDSA ciphers (bsc#1055825)
- Missing important ciphers in openssl 1.0.1i-47.1 (bsc#990592)
Bug fixes:
- support alternate root ca chains (bsc#1032261)
- Require openssl1, so c_rehash1 is available during %post to hash the certificates (bsc#1057660)
ImportantSUSE bug 1027908SUSE bug 1032261SUSE bug 1055825SUSE bug 1056058SUSE bug 1057660SUSE bug 1065363SUSE bug 990592CVE-2017-3735 at SUSECVE-2017-3735 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl1 fixes the following issues:
- CVE-2018-0739: Constructed ASN.1 types with a recursive definition could exceed
the stack. This could result in a Denial Of Service attack. (bsc#1087102)
ImportantSUSE bug 1087102CVE-2018-0739 at SUSECVE-2018-0739 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl1 fixes the following security issues:
- CVE-2018-0737: The RSA Key generation algorithm has been shown to be
vulnerable to a cache timing side channel attack. An attacker with sufficient
access to mount cache timing attacks during the RSA key generation process
could have recovered the private key (bsc#1089039)
- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based
ciphersuite a malicious server could have sent a very large prime value to the
client. This caused the client to spend an unreasonably long period of time
generating a key for this prime resulting in a hang until the client has
finished. This could be exploited in a Denial Of Service attack (bsc#1097158)
- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)
ModerateSUSE bug 1089039SUSE bug 1097158SUSE bug 1097624SUSE bug 1098592CVE-2018-0732 at SUSECVE-2018-0732 at NVDCVE-2018-0737 at SUSECVE-2018-0737 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl1 fixes the following issues:
Security issues fixed:
- CVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652).
- CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses (bsc#1113534).
- CVE-2016-8610: Adjusted current fix and add missing error string (bsc#1110018).
- Fixed the 'One and Done' side-channel attack on RSA (bsc#1104789).
ModerateSUSE bug 1104789SUSE bug 1110018SUSE bug 1113534SUSE bug 1113652CVE-2016-8610 at SUSECVE-2016-8610 at NVDCVE-2018-0734 at SUSECVE-2018-0734 at NVDCVE-2018-5407 at SUSECVE-2018-5407 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl1 fixes the following security issues:
- CVE-2019-1559: Fix 0-byte record padding oracle via SSL_shutdown (bsc#1127080)
- Reject invalid EC point coordinates (bsc#1131291)
- Fixed 'The 9 Lives of Bleichenbacher's CAT: Cache ATtacks on TLS Implementations' (bsc#1117951)
ModerateSUSE bug 1117951SUSE bug 1127080SUSE bug 1131291CVE-2019-1559 at SUSECVE-2019-1559 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl1 fixes the following issues:
OpenSSL Security Advisory [10 September 2019]
* CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance. (bsc#1150003)
* CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key (bsc#1150250)
ModerateSUSE bug 1150003SUSE bug 1150250CVE-2019-1547 at SUSECVE-2019-1547 at NVDCVE-2019-1563 at SUSECVE-2019-1563 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl1 fixes the following issues:
- Add missing commits fixing the security issue called 'The 9 Lives of Bleichenbacher's CAT'. (bsc#1117951)
- Fix a memory problem in 'BN_copy()'. (bsc#1160163)
ModerateSUSE bug 1117951SUSE bug 1160163cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl1 fixes the following issues:
- CVE-2020-1968: Introduced hardening against the Raccoon attack by always generating fresh DH keys
and never reuse them across multiple TLS connections (bsc#1176331).
ImportantSUSE bug 1176331CVE-2020-1968 at SUSECVE-2020-1968 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl1 fixes the following issues:
- CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME (bsc#1179491).
ImportantSUSE bug 1179491CVE-2020-1971 at SUSECVE-2020-1971 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl1 fixes the following issues:
- CVE-2021-23840: Fixed an Integer overflow in CipherUpdate (bsc#1182333)
- CVE-2021-23841: Fixed a Null pointer dereference in X509_issuer_and_serial_hash() (bsc#1182331)
ModerateSUSE bug 1182331SUSE bug 1182333CVE-2021-23840 at SUSECVE-2021-23840 at NVDCVE-2021-23841 at SUSECVE-2021-23841 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl1 fixes the following security issue:
- CVE-2021-3712: a bug in the code for printing certificate details could
lead to a buffer overrun that a malicious actor could exploit to crash
the application, causing a denial-of-service attack. [bsc#1189521]
ImportantSUSE bug 1189521CVE-2021-3712 at SUSECVE-2021-3712 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl1 (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl1 fixes the following issues:
- CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712.
Read buffer overruns processing ASN.1 strings (bsc#1189521).
LowSUSE bug 1189521CVE-2021-3712 at SUSECVE-2021-3712 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openssl1 fixes the following issues:
- CVE-2022-0778: Fixed an infinite loop in BN_mod_sqrt() reachable when parsing certificates (bsc#1196877)
ImportantSUSE bug 1196877CVE-2022-0778 at SUSECVE-2022-0778 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openswanSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update amends an incomplete fix for CVE-2013-6466 (NULL pointer DoS).
CVE-2014-2037 has been assigned to this issue.
Security Issues:
* CVE-2014-2037
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2037>
SUSE bug 713986SUSE bug 727002SUSE bug 824316SUSE bug 859220SUSE bug 860542CVE-2011-4073 at SUSECVE-2011-4073 at NVDCVE-2013-2053 at SUSECVE-2013-2053 at NVDCVE-2013-6466 at SUSECVE-2013-6466 at NVDCVE-2013-7294 at SUSECVE-2013-7294 at NVDCVE-2014-2037 at SUSECVE-2014-2037 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openvpnSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
OpenVPN used a non-constant-time memcmp in HMAC comparison in
openvpn_decrypt that might have allowed remote attackers to gain knowledge
of plaintext data. (CVE-2013-2061)
Security Issues:
* CVE-2013-2061
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2061>
SUSE bug 843509SUSE bug 895882SUSE bug 907764CVE-2013-2061 at SUSECVE-2013-2061 at NVDCVE-2014-8104 at SUSECVE-2014-8104 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openvpn (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openvpn fixes the following issues:
- CVE-2017-7478: openvpn: Authenticated user can DoS server by using a big payload in P_CONTROL (bsc#1038709)
- CVE-2017-7479: openvpn: Denial of Service due to Exhaustion of Packet-ID counter (bsc#1038711)
- Hardening measures found by internal audit (bsc#1038713)
ImportantSUSE bug 1038709SUSE bug 1038711SUSE bug 1038713CVE-2017-7478 at SUSECVE-2017-7478 at NVDCVE-2017-7479 at SUSECVE-2017-7479 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openvpn (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openvpn fixes the following issues:
- It was possible to trigger an assertion by sending a malformed IPv6 packet.
That issue could have been abused to remotely shutdown an openvpn server or
client, if IPv6 and --mssfix were enabled and if the IPv6 networks used
inside the VPN were known. [bsc#1044947, CVE-2017-7508]
ImportantSUSE bug 1044947CVE-2017-7508 at SUSECVE-2017-7508 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openvpn (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openvpn fixes the following security issue:
- CVE-2017-12166: OpenVPN was vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. (bsc#1060877).
ImportantSUSE bug 1060877CVE-2017-12166 at SUSECVE-2017-12166 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openvpn (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openvpn fixes the following issues:
- CVE-2016-6329: OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a \'Sweet32\' attack. (bsc#995374)
ModerateSUSE bug 995374CVE-2016-6329 at SUSECVE-2016-6329 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for openwsman (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for openwsman fixes the following issues:
Security issues fixed:
- CVE-2019-3816: Fixed a vulnerability in openwsmand deamon which could lead to arbitary file disclosure (bsc#1122623).
- CVE-2019-3833: Fixed a vulnerability in process_connection() which could allow an attacker to trigger an infinite
loop which leads to Denial of Service (bsc#1122623).
ImportantSUSE bug 1122623CVE-2019-3816 at SUSECVE-2019-3816 at NVDCVE-2019-3833 at SUSECVE-2019-3833 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for opieSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes off-by-one errors in opiesu (CVE-2011-2489) and missing
setuid() return value checks in opielogin (CVE-2011-2490).
This update also removes the setuid bit from opiesu program. If you rely on
the setuid bit on opiesu, add the following line to /etc/permissions.local:
/usr/bin/opiesu root:root 4755
Security Issue references:
* CVE-2011-2489
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2489>
* CVE-2011-2490
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2490>
SUSE bug 698772CVE-2011-2489 at SUSECVE-2011-2489 at NVDCVE-2011-2490 at SUSECVE-2011-2490 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for orca (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This orca update fixes the following security issue.
- Don't try to import modules from current working directory (bsc#916835, CVE-2013-4245).
ModerateSUSE bug 916835CVE-2013-4245 at SUSECVE-2013-4245 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for pamSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes a double-free issue in pam_tty_audit that causes, when
enabled, the login to crash and no longer work.
SUSE bug 631802SUSE bug 724480SUSE bug 726071SUSE bug 759130CVE-2010-3316 at SUSECVE-2010-3316 at NVDCVE-2011-3148 at SUSECVE-2011-3148 at NVDCVE-2011-3149 at SUSECVE-2011-3149 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for pam (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for pam fixes the following issues:
Security issues fixed:
- CVE-2015-3238: Fixed a denial of service and information leak which could be caused by very long passwords (bsc#934920).
- CVE-2013-7041: Fixed a potential authentication bypass where password hashes weren't compared case-sensitively (bsc#854480).
ModerateSUSE bug 854480SUSE bug 934920CVE-2013-7041 at SUSECVE-2013-7041 at NVDCVE-2015-3238 at SUSECVE-2015-3238 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for pam-modules (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for pam-modules fixes the following issue.
This security issue was fixed:
- CVE-2011-3172: Ensure that unix2_chkpwd calls pam_acct_mgmt to prevent usage
of locked accounts (bsc#707645, bsc#839386).
ModerateSUSE bug 707645SUSE bug 839386CVE-2011-3172 at SUSECVE-2011-3172 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for pam_pkcs11 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for pam_pkcs11 fixes the following security issues:
- It was possible to replay an authentication by using a specially prepared smartcard or token (bsc#1105012)
- Prevent buffer overflow if a user has a home directory with a length of more than 512 bytes (bsc#1105012)
- Memory not cleaned properly before free() (bsc#1105012)
ModerateSUSE bug 1105012cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for pangoSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Specially crafted font files could cause a heap corruption in applications
linked against pango (CVE-2011-0064, CVE-2011-0020).
Security Issue references:
* CVE-2011-0064
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0064>
* CVE-2011-0020
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0020>
SUSE bug 666101SUSE bug 672502CVE-2011-0020 at SUSECVE-2011-0020 at NVDCVE-2011-0064 at SUSECVE-2011-0064 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for patch (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for patch fixes several issues.
These security issues were fixed:
- CVE-2018-1000156: patch: Malicious patch files cause ed to execute arbitrary commands (bsc#1088420).
- CVE-2014-9637: Prevent DoS by remote attackers (memory consumption and
segmentation fault) via a crafted diff file (bsc#914891).
- CVE-2016-10713: Prevent out-of-bounds access within pch_write_line() that
could have lead to DoS via a crafted input file (bsc#1080918).
- CVE-2010-4651: Fixed a directory traversal bug (bsc#662957):
ImportantSUSE bug 1059698SUSE bug 1080918SUSE bug 1088420SUSE bug 662957SUSE bug 914891CVE-2010-4651 at SUSECVE-2010-4651 at NVDCVE-2014-9637 at SUSECVE-2014-9637 at NVDCVE-2016-10713 at SUSECVE-2016-10713 at NVDCVE-2018-1000156 at SUSECVE-2018-1000156 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for pcsc-liteSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
An integer overflow in pcsc-ccid and a buffer overflow in pcsc-lite while
handling smart card responses have been fixed.
CVE-2010-4530 and CVE-2010-4531 have been assigned to these issues.
Additionally a new device ID for card readers was added.
Security Issue references:
* CVE-2010-4531
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4531>
* CVE-2010-4530
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4530>
SUSE bug 651759SUSE bug 661000CVE-2010-4530 at SUSECVE-2010-4530 at NVDCVE-2010-4531 at SUSECVE-2010-4531 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for pcsc-liteSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of pcsc-lite fixes a local vulnerability (stack overflow) which
allowed every user with write-access to '/var/run/pcscd/pcscd.comm' to gain
root privileges. CVE-2010-0407 has been assigned to this issue.
SUSE bug 609317CVE-2010-0407 at SUSECVE-2010-0407 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for perfSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The following perf tool bugs have been fixed:
* it was issuing excessive number of gettimeofday calls creating noise
when trying to measure performance (bnc#607339).
* it would consider a file named 'config' in the
current-working-directory as containing perf configuration data, this
fact could be exploited by a malicious user (bnc#711414,
CVE-2011-2905) .
Security Issue reference:
* CVE-2011-2905
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2905>
SUSE bug 607339SUSE bug 711414CVE-2011-2905 at SUSECVE-2011-2905 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for perlSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for Perl provides fixes for the following issues:
* A memory leak and an infinite recursion in Data::Dumper.
(CVE-2014-4330)
* A memory leak in the DBI module.
Security Issues:
* CVE-2014-4330
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4330>
SUSE bug 557636SUSE bug 596167SUSE bug 603840SUSE bug 605918SUSE bug 605928SUSE bug 657343SUSE bug 657625SUSE bug 676086SUSE bug 684799SUSE bug 789994SUSE bug 796014SUSE bug 797060SUSE bug 804415SUSE bug 838333SUSE bug 896715CVE-2010-1168 at SUSECVE-2010-1168 at NVDCVE-2010-1447 at SUSECVE-2010-1447 at NVDCVE-2010-2761 at SUSECVE-2010-2761 at NVDCVE-2010-3172 at SUSECVE-2010-3172 at NVDCVE-2010-4777 at SUSECVE-2010-4777 at NVDCVE-2013-1667 at SUSECVE-2013-1667 at NVDCVE-2014-4330 at SUSECVE-2014-4330 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for perl (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for perl fixes the following issues:
These security issues were fixed:
- CVE-2018-12015: The Archive::Tar module allowed remote attackers to bypass a
directory-traversal protection mechanism and overwrite arbitrary files
(bsc#1096718)
- CVE-2018-6913: Prevent heap-based buffer overflow in the pack function that
allowed context-dependent attackers to execute arbitrary code via a large item
count (bsc#1082216).
- CVE-2018-6798: Matching a crafted locale dependent regular expression could
have caused a heap-based buffer over-read and potentially information
disclosure (bsc#1082233).
- CVE-2017-6512: Prevent race condition in the rmtree and remove_tree functions
in the File-Path module that allowed attackers to set the mode on arbitrary
files via vectors involving directory-permission loosening logic (bsc#1047178)
- CVE-2016-6185: The XSLoader::load method did not properly locate .so files
when called in a string eval, which might have allowed local users to execute
arbitrary code via a Trojan horse library under the current working directory
(bsc#988311)
- CVE-2016-1238: (1) cpan/Archive-Tar/bin/ptar, (2)
cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4)
cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs,
(7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9)
cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump, (11)
cpan/ExtUtils-MakeMaker/bin/instmodsh, (12) cpan/IO-Compress/bin/zipdetails,
(13) cpan/JSON-PP/bin/json_pp, (14) cpan/Test-Harness/bin/prove, (15)
dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp, (16) dist/Module-CoreList/corelist,
(17) ext/Pod-Html/bin/pod2html, (18) utils/c2ph.PL, (19) utils/h2ph.PL, (20)
utils/h2xs.PL, (21) utils/libnetcfg.PL, (22) utils/perlbug.PL, (23)
utils/perldoc.PL, (24) utils/perlivp.PL, and (25) utils/splain.PL did not
properly remove . (period) characters from the end of the includes directory
array, which might have allowed local users to gain privileges via a Trojan
horse module under the current working directory (bsc#987887)
- CVE-2015-8853: The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3
functions allowed context-dependent attackers to cause a denial of service
(infinite loop) via crafted utf-8 data (bsc#976584)
- CVE-2016-2381: Perl might have allowed context-dependent attackers to bypass
the taint protection mechanism in a child process via duplicate environment
variables in envp (bsc#967082)
These non-security issues were fixed:
- Fix perl panic with utf8_mg_pos_cache_update [bsc#929027]
- Fix sprintf calling sv_pos_u2b with a wrong offset, leading to a panic [bsc#900455]
ModerateSUSE bug 1047178SUSE bug 1082216SUSE bug 1082233SUSE bug 1096718SUSE bug 900455SUSE bug 929027SUSE bug 967082SUSE bug 976584SUSE bug 987887SUSE bug 988311CVE-2015-8853 at SUSECVE-2015-8853 at NVDCVE-2016-1238 at SUSECVE-2016-1238 at NVDCVE-2016-2381 at SUSECVE-2016-2381 at NVDCVE-2016-6185 at SUSECVE-2016-6185 at NVDCVE-2017-6512 at SUSECVE-2017-6512 at NVDCVE-2018-12015 at SUSECVE-2018-12015 at NVDCVE-2018-6798 at SUSECVE-2018-6798 at NVDCVE-2018-6913 at SUSECVE-2018-6913 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for perl-Archive-Zip (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for perl-Archive-Zip fixes the following security issue:
- CVE-2018-10860: Prevent directory traversal caused by not properly sanitizing
paths while extracting zip files. An attacker able to provide a specially
crafted archive for processing could have used this flaw to write or overwrite
arbitrary files in the context of the perl interpreter (bsc#1099497).
ModerateSUSE bug 1099497CVE-2018-10860 at SUSECVE-2018-10860 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for perl-Config-GeneralSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update adds the perl-Config-General to the SLES update channel, which
is a new requirement after the last tgt security release.
* 697106: tgt is not installable
SUSE bug 697106cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for perl-Convert-ASN1 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for perl-Convert-ASN1 fixes the following issue:
- CVE-2013-7488: Fixed an infinite loop via unexpected input (bsc#1168934).
ModerateSUSE bug 1168934CVE-2013-7488 at SUSECVE-2013-7488 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for perl-DBD-mysql (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for perl-DBD-mysql fixes the following issues:
- Add patch to fix CVE-2016-1251 (bsc#1012546) use-after-free for repeated
fetchrow_arrayref calls when mysql_server_prepare=1
ModerateSUSE bug 1012546CVE-2016-1251 at SUSECVE-2016-1251 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for perl-DBD-mysql (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for perl-DBD-mysql fixes the following issues:
- CVE-2016-1246: Buffer overflow allowed context-dependent attackers to cause a denial of service (crash) via vectors related to an error message (bsc#1002626).
- CVE-2016-1249: Out-of-bounds read when using server-side prepared statement support (bsc#1010457).
ModerateSUSE bug 1002626SUSE bug 1010457CVE-2016-1246 at SUSECVE-2016-1246 at NVDCVE-2016-1249 at SUSECVE-2016-1249 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for perl-DBD-mysql (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for perl-DBD-mysql fixes the following issues:
- CVE-2017-10789: The DBD::mysql module when with mysql_ssl=1 setting enabled, means that SSL is optional
(even though this setting's documentation has a \'your communication with the server will be encrypted\' statement),
which could lead man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack,
a related issue to CVE-2015-3152. (bsc#1047059)
- CVE-2017-10788: The DBD::mysql module through 4.043 for Perl allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by triggering (1) certain error responses from a MySQL server or (2) a loss of a network connection to a MySQL server. The use-after-free defect was introduced by relying on incorrect Oracle mysql_stmt_close documentation and code examples. (bsc#1047095)
ModerateSUSE bug 1047059SUSE bug 1047095CVE-2017-10788 at SUSECVE-2017-10788 at NVDCVE-2017-10789 at SUSECVE-2017-10789 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for perl-DBI (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for perl-DBI fixes the following issues:
Security issues fixed:
- CVE-2020-14392: Memory corruption in XS functions when Perl stack is reallocated (bsc#1176412).
- CVE-2020-14393: Fixed a buffer overflow on an overlong DBD class name (bsc#1176409).
ImportantSUSE bug 1176409SUSE bug 1176412CVE-2020-14392 at SUSECVE-2020-14392 at NVDCVE-2020-14393 at SUSECVE-2020-14393 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for perl-DBI (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for perl-DBI fixes the following issues:
- CVE-2019-20919: Fixed a NULL profile dereference in dbi_profile (bsc#1176764).
- CVE-2013-7490: Fixed memory corruption when using many arguments
to methods for CallbacksUsing (bsc#1176496).
- CVE-2013-7491: Fixed a stack corruption when a user-defined function required a
non-trivial amount of memory (bsc#1176493).
ImportantSUSE bug 1176493SUSE bug 1176496SUSE bug 1176764CVE-2013-7490 at SUSECVE-2013-7490 at NVDCVE-2013-7491 at SUSECVE-2013-7491 at NVDCVE-2019-20919 at SUSECVE-2019-20919 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for perl-PlRPC (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for perl-PlRPC fixes the following issues:
- Security notice: [bsc#858243, CVE-2013-7284]
* Document security vulnerability on Storable and reply attack
- Add perl-PlRPC-CVE-2013-7284.patch
ModerateSUSE bug 858243CVE-2013-7284 at SUSECVE-2013-7284 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for perl-XML-LibXML (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for perl-XML-LibXML fixes the following issues:
- CVE-2017-10672: A use-after-free allowed remote attackers to potentially
execute arbitrary code by controlling the arguments to a replaceChild call
(bsc#1046848)
ImportantSUSE bug 1046848CVE-2017-10672 at SUSECVE-2017-10672 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for perl-libwww-perlSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
In the last update there was a SSL backend change which causes problems
with https connections over a proxy. Fixed by this update.
SUSE bug 693999SUSE bug 698503CVE-2011-0633 at SUSECVE-2011-0633 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The PHP5 script interpreter was updated to fix security issues:
* CVE-2015-6836: A SOAP serialize_function_call() type confusion leading to remote code execution problem was fixed. [bnc#945428]
* CVE-2015-6837 CVE-2015-6838: Two NULL pointer dereferences in the XSLTProcessor class were fixed. [bnc#945412]
ImportantSUSE bug 945412SUSE bug 945428CVE-2015-6836 at SUSECVE-2015-6836 at NVDCVE-2015-6837 at SUSECVE-2015-6837 at NVDCVE-2015-6838 at SUSECVE-2015-6838 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
- CVE-2015-8835: SoapClient s_call method suffered from a type confusion issue that could have lead to crashes [bsc#973351]
- CVE-2016-3141: A use-after-free / double-free in the WDDX
deserialization could lead to crashes or potential code
execution. [bsc#969821]
- CVE-2014-9767: A directory traversal when extracting zip files was fixed that could lead to
overwritten files. [bsc#971612]
- CVE-2016-3185: A type confusion vulnerability in
make_http_soap_request() could lead to crashes or potentially code
execution. [bsc#971611]
- CVE-2016-4070: The libxml_disable_entity_loader() setting was shared between threads, which could have resulted in XML external entity injection and entity expansion issues [bsc#976997]
- CVE-2015-8866: A remote attacker could have caused denial of service due to incorrect handling of large strings in php_raw_url_encode() [bsc#976996]
ImportantSUSE bug 969821SUSE bug 971611SUSE bug 971612SUSE bug 973351SUSE bug 976996SUSE bug 976997CVE-2014-9767 at SUSECVE-2014-9767 at NVDCVE-2015-8835 at SUSECVE-2015-8835 at NVDCVE-2015-8866 at SUSECVE-2015-8866 at NVDCVE-2016-3141 at SUSECVE-2016-3141 at NVDCVE-2016-3185 at SUSECVE-2016-3185 at NVDCVE-2016-4070 at SUSECVE-2016-4070 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
- CVE-2015-8879: The odbc_bindcols function in ext/odbc/php_odbc.c in PHP mishandles driver behavior for SQL_WVARCHAR columns, which allowed remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table (bsc#981050).
- CVE-2015-8874: Stack consumption vulnerability in GD in PHP allowed remote attackers to cause a denial of service via a crafted imagefilltoborder call (bsc#980375).
- CVE-2015-8873: Stack consumption vulnerability in Zend/zend_exceptions.c in PHP allowed remote attackers to cause a denial of service (segmentation fault) via recursive method calls (bsc#980373).
- CVE-2016-4346: Integer overflow in the str_pad function in ext/standard/string.c in PHP allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow (bsc#977994).
- CVE-2016-4542: The exif_process_IFD_TAG function in ext/exif/exif.c in PHP did not properly construct spprintf arguments, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data (bsc#978830).
- CVE-2016-4543: The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP did not validate IFD sizes, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data (bsc#978830.
- CVE-2016-4544: The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP did not validate TIFF start data, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data (bsc#978830.
- CVE-2016-4537: The bcpowmod function in ext/bcmath/bcmath.c in PHP accepted a negative integer for the scale argument, which allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call (bsc#978827).
- CVE-2016-4538: The bcpowmod function in ext/bcmath/bcmath.c in PHP modified certain data structures without considering whether they are copies of the _zero_, _one_, or _two_ global variable, which allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call (bsc#978827).
- CVE-2016-4539: The xml_parse_into_struct function in ext/xml/xml.c in PHP allowed remote attackers to cause a denial of service (buffer under-read and segmentation fault) or possibly have unspecified other impact via crafted XML data in the second argument, leading to a parser level of zero (bsc#978828).
- CVE-2016-5094: Don't create strings with lengths outside int range (bnc#982011).
- CVE-2016-5095: Don't create strings with lengths outside int range (bnc#982012).
ModerateSUSE bug 977994SUSE bug 978827SUSE bug 978828SUSE bug 978830SUSE bug 980373SUSE bug 980375SUSE bug 981050SUSE bug 982011SUSE bug 982012CVE-2015-8873 at SUSECVE-2015-8873 at NVDCVE-2015-8874 at SUSECVE-2015-8874 at NVDCVE-2015-8879 at SUSECVE-2015-8879 at NVDCVE-2016-4346 at SUSECVE-2016-4346 at NVDCVE-2016-4537 at SUSECVE-2016-4537 at NVDCVE-2016-4538 at SUSECVE-2016-4538 at NVDCVE-2016-4539 at SUSECVE-2016-4539 at NVDCVE-2016-4542 at SUSECVE-2016-4542 at NVDCVE-2016-4543 at SUSECVE-2016-4543 at NVDCVE-2016-4544 at SUSECVE-2016-4544 at NVDCVE-2016-5094 at SUSECVE-2016-5094 at NVDCVE-2016-5095 at SUSECVE-2016-5095 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
php5 was updated to fix the following security issues:
- CVE-2016-6297: Stack-based buffer overflow vulnerability in php_stream_zip_opener (bsc#991426).
- CVE-2016-6291: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE (bsc#991427).
- CVE-2016-6289: Integer overflow leads to buffer overflow in virtual_file_ex (bsc#991428).
- CVE-2016-6290: Use after free in unserialize() with Unexpected Session Deserialization (bsc#991429).
- CVE-2016-5399: Improper error handling in bzread() (bsc#991430).
- CVE-2016-6288: Buffer over-read in php_url_parse_ex (bsc#991433).
- CVE-2016-6296: Heap buffer overflow vulnerability in simplestring_addn in simplestring.c (bsc#991437).
- CVE-2016-5769: Mcrypt: Heap Overflow due to integer overflows (bsc#986388).
- CVE-2015-8935: XSS in header() with Internet Explorer (bsc#986004).
- CVE-2016-5772: Double free corruption in wddx_deserialize (bsc#986244).
- CVE-2016-5766: Integer Overflow in _gd2GetHeader() resulting in heap overflow (bsc#986386).
- CVE-2016-5767: Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow (bsc#986393).
ImportantSUSE bug 986004SUSE bug 986244SUSE bug 986386SUSE bug 986388SUSE bug 986393SUSE bug 991426SUSE bug 991427SUSE bug 991428SUSE bug 991429SUSE bug 991430SUSE bug 991433SUSE bug 991437CVE-2015-8935 at SUSECVE-2015-8935 at NVDCVE-2016-5399 at SUSECVE-2016-5399 at NVDCVE-2016-5766 at SUSECVE-2016-5766 at NVDCVE-2016-5767 at SUSECVE-2016-5767 at NVDCVE-2016-5769 at SUSECVE-2016-5769 at NVDCVE-2016-5772 at SUSECVE-2016-5772 at NVDCVE-2016-6288 at SUSECVE-2016-6288 at NVDCVE-2016-6289 at SUSECVE-2016-6289 at NVDCVE-2016-6290 at SUSECVE-2016-6290 at NVDCVE-2016-6291 at SUSECVE-2016-6291 at NVDCVE-2016-6296 at SUSECVE-2016-6296 at NVDCVE-2016-6297 at SUSECVE-2016-6297 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
* CVE-2016-7124: Create an Unexpected Object and Don't Invoke __wakeup() in Deserialization
* CVE-2016-7125: PHP Session Data Injection Vulnerability
* CVE-2016-7126: select_colors write out-of-bounds
* CVE-2016-7127: imagegammacorrect allowed arbitrary write access
* CVE-2016-7128: Memory Leakage In exif_process_IFD_in_TIFF
* CVE-2016-7129: wddx_deserialize allowed illegal memory access
* CVE-2016-7130: wddx_deserialize null dereference
* CVE-2016-7131: wddx_deserialize null dereference with invalid xml
* CVE-2016-7132: wddx_deserialize null dereference in php_wddx_pop_element
* CVE-2016-7411: php5: Memory corruption when destructing deserialized object
* CVE-2016-7413: Use after free in wddx_deserialize
* CVE-2016-7418: Null pointer dereference in php_wddx_push_element
ImportantSUSE bug 997206SUSE bug 997207SUSE bug 997208SUSE bug 997210SUSE bug 997211SUSE bug 997220SUSE bug 997225SUSE bug 997230SUSE bug 997257SUSE bug 999679SUSE bug 999682SUSE bug 999819CVE-2016-7124 at SUSECVE-2016-7124 at NVDCVE-2016-7125 at SUSECVE-2016-7125 at NVDCVE-2016-7126 at SUSECVE-2016-7126 at NVDCVE-2016-7127 at SUSECVE-2016-7127 at NVDCVE-2016-7128 at SUSECVE-2016-7128 at NVDCVE-2016-7129 at SUSECVE-2016-7129 at NVDCVE-2016-7130 at SUSECVE-2016-7130 at NVDCVE-2016-7131 at SUSECVE-2016-7131 at NVDCVE-2016-7132 at SUSECVE-2016-7132 at NVDCVE-2016-7411 at SUSECVE-2016-7411 at NVDCVE-2016-7413 at SUSECVE-2016-7413 at NVDCVE-2016-7418 at SUSECVE-2016-7418 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
- CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf (bsc#1004924)
- CVE-2016-6911: Check for out-of-bound read in dynamicGetbuf() (bsc#1005274)
ModerateSUSE bug 1004924SUSE bug 1005274CVE-2016-6911 at SUSECVE-2016-6911 at NVDCVE-2016-8670 at SUSECVE-2016-8670 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
* CVE-2016-9933 Possible stack overflow on truecolor images handling [bsc#1015187]
* CVE-2016-9934 Dereference from NULL pointer could lead to crash [bsc#1015188]
* CVE-2016-9935 Invalid read could lead to crash [bsc#1015189]
ModerateSUSE bug 1015187SUSE bug 1015188SUSE bug 1015189CVE-2016-9933 at SUSECVE-2016-9933 at NVDCVE-2016-9934 at SUSECVE-2016-9934 at NVDCVE-2016-9935 at SUSECVE-2016-9935 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
- CVE-2016-10158: The exif_convert_any_to_int function in ext/exif/exif.c
in PHP allowed remote attackers to cause a denial of service (application
crash) via crafted EXIF data that triggers an attempt to divide the
minimum representable negative integer by -1. (bsc#1022219)
- CVE-2016-10161: The object_common1 function in
ext/standard/var_unserializer.c in PHP allowed remote attackers to
cause a denial of service (buffer over-read and application crash) via
crafted serialized data that is mishandled in a finish_nested_data call.
(bsc#1022260)
- CVE-2016-10167: A denial of service problem in gdImageCreateFromGd2Ctx()
could lead to php out of memory even on small files. (bsc#1022264)
- CVE-2016-10168: A signed integer overflow in the gd module could lead
to memory corruption (bsc#1022265)
ImportantSUSE bug 1022219SUSE bug 1022260SUSE bug 1022264SUSE bug 1022265CVE-2016-10158 at SUSECVE-2016-10158 at NVDCVE-2016-10161 at SUSECVE-2016-10161 at NVDCVE-2016-10167 at SUSECVE-2016-10167 at NVDCVE-2016-10168 at SUSECVE-2016-10168 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
- CVE-2017-9227: A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching. (bsc#1040883)
- CVE-2017-9226: A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. (bsc#1040889)
- CVE-2017-9224: A stack out-of-bounds read occurs in match_at() during regular expression searching. (bsc#1040891)
ModerateSUSE bug 1040883SUSE bug 1040889SUSE bug 1040891CVE-2017-9224 at SUSECVE-2017-9224 at NVDCVE-2017-9226 at SUSECVE-2017-9226 at NVDCVE-2017-9227 at SUSECVE-2017-9227 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
- CVE-2016-10397: parse_url() can be bypassed to return fake host. (bsc#1047454)
- CVE-2017-11144: The opensslextension PEM sealing code did not check the return value of the
OpenSSL sealingfunction, which could lead to a crash. (bsc#1048096)
- CVE-2017-11145: Lack of bounds checks in timelib_meridian coud lead to information leak. (bsc#1048112)
- CVE-2016-5766: Integer Overflow in _gd2GetHeader() could lead to heap overflow (bsc#986386)
- CVE-2017-11628: Stack-base dbuffer overflow in zend_ini_do_op() could lead to denial of service (bsc#1050726)
- CVE-2017-7890: Buffer over-read from unitialized data in gdImageCreateFromGifCtx could lead to denial of service (bsc#1050241)
ModerateSUSE bug 1047454SUSE bug 1048096SUSE bug 1048112SUSE bug 1050241SUSE bug 1050726SUSE bug 986386CVE-2016-10168 at SUSECVE-2016-10168 at NVDCVE-2016-10397 at SUSECVE-2016-10397 at NVDCVE-2016-5766 at SUSECVE-2016-5766 at NVDCVE-2017-11144 at SUSECVE-2017-11144 at NVDCVE-2017-11145 at SUSECVE-2017-11145 at NVDCVE-2017-11628 at SUSECVE-2017-11628 at NVDCVE-2017-7890 at SUSECVE-2017-7890 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes one issues.
This security issue was fixed:
- CVE-2017-12933: The finish_nested_data function in ext/standard/var_unserializer.re was prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue could have had an unspecified impact on the integrity of PHP (bsc#1054430)
ModerateSUSE bug 1054430CVE-2017-12933 at SUSECVE-2017-12933 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
Security issues fixed:
- CVE-2017-9228: Fix heap out-of-bounds write that occurs in bitset_set_range() during regex compilation (bsc#1069606).
- CVE-2017-9229: Fix invalid pointer dereference in left_adjust_char_head() (bsc#1069631).
ModerateSUSE bug 1069606SUSE bug 1069631CVE-2017-9228 at SUSECVE-2017-9228 at NVDCVE-2017-9229 at SUSECVE-2017-9229 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes one issues.
This security issue was fixed:
- CVE-2016-10712: In PHP all of the return values of stream_get_meta_data could be controlled if the input can be controlled (e.g., during file uploads). (bsc#1080234)
- CVE-2018-5711: Prevent integer signedness error that could have lead to an infinite loop via a crafted GIF file allowing for DoS (bsc#1076391).
ImportantSUSE bug 1076391SUSE bug 1080234CVE-2016-10712 at SUSECVE-2016-10712 at NVDCVE-2018-5711 at SUSECVE-2018-5711 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
Security issues fixed:
- CVE-2018-7584: Fixed stack-based buffer under-read while parsing an HTTPresponse in the php_stream_url_wrap_http_ex (bsc#1083639).
ModerateSUSE bug 1083639CVE-2018-7584 at SUSECVE-2018-7584 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
Security issues fixed:
- CVE-2018-10546: Fix an infinite loop exists in ext/iconv/iconv.c (bsc#1091363).
- CVE-2018-10548: Fix remote denial of service in ext/ldap/ldap.c (bsc#1091355).
ModerateSUSE bug 1091355SUSE bug 1091363CVE-2018-10546 at SUSECVE-2018-10546 at NVDCVE-2018-10548 at SUSECVE-2018-10548 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
- CVE-2018-12882: exif_read_from_impl allowed attackers to trigger a
use-after-free (in exif_read_from_file) because it closed a stream that it is
not responsible for closing (bsc#1099098)
ModerateSUSE bug 1099098CVE-2018-12882 at SUSECVE-2018-12882 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
The following security vulnerabilities were fixed:
- CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a
'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled
in the php_handler function (bsc#1108753)
- CVE-2018-14851: Fixed an out-of-bounds read and application crash in
exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c, which allowed remote
attackers to cause a denial of service (bsc#1103659)
- CVE-2018-14883: Fixed an integer overflow that could lead to a heap-based
buffer over-read in exif_thumbnail_extract of exif.c and allowed remote
attackers to cause a denial of service (bsc#1103836)
- CVE-2017-9118: Fixed an out of bounds access in php_pcre_replace_impl via a
crafted preg_replace call (bsc#1105466)
ModerateSUSE bug 1103659SUSE bug 1103836SUSE bug 1105466SUSE bug 1108753CVE-2017-9118 at SUSECVE-2017-9118 at NVDCVE-2018-14851 at SUSECVE-2018-14851 at NVDCVE-2018-14883 at SUSECVE-2018-14883 at NVDCVE-2018-17082 at SUSECVE-2018-17082 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for php5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
Security issue fixed:
- CVE-2018-19518: Fixed imap_open script injection flaw (bsc#1117107).
ModerateSUSE bug 1117107CVE-2018-19518 at SUSECVE-2018-19518 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
Security vulnerabilities addressed:
- CVE-2019-6977: Fixed a heap-based buffer overflow in the GD graphics library (bsc#1123354).
- CVE-2019-6978: Fixed a double free in the GD graphics library (bsc#1123522).
ModerateSUSE bug 1123354SUSE bug 1123522CVE-2019-6977 at SUSECVE-2019-6977 at NVDCVE-2019-6978 at SUSECVE-2019-6978 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
Security issues fixed:
- CVE-2019-9637: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128892).
- CVE-2019-9638: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension ((bsc#1128889).
- CVE-2019-9639: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128887).
- CVE-2019-9640: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128883).
- CVE-2019-9024: Fixed a vulnerability in xmlrpc_decode function which could allow to a hostile XMLRPC server
to cause memory read outside the allocated areas (bsc#1126821).
- CVE-2019-9020: Fixed a heap out of bounds in xmlrpc_decode function (bsc#1126711).
- CVE-2019-9023: Fixed multiple heap-based buffer over-read instances in mbstring regular expression functions (bsc#1126823).
- CVE-2019-9641: Fixed multiple invalid memory access in EXIF extension and improved insecure implementation
of rename function (bsc#1128722).
ModerateSUSE bug 1126711SUSE bug 1126821SUSE bug 1126823SUSE bug 1128722SUSE bug 1128883SUSE bug 1128887SUSE bug 1128889SUSE bug 1128892CVE-2019-9020 at SUSECVE-2019-9020 at NVDCVE-2019-9023 at SUSECVE-2019-9023 at NVDCVE-2019-9024 at SUSECVE-2019-9024 at NVDCVE-2019-9637 at SUSECVE-2019-9637 at NVDCVE-2019-9638 at SUSECVE-2019-9638 at NVDCVE-2019-9639 at SUSECVE-2019-9639 at NVDCVE-2019-9640 at SUSECVE-2019-9640 at NVDCVE-2019-9641 at SUSECVE-2019-9641 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
Security issues fixed:
- CVE-2019-11034: Fixed a heap-buffer overflow in php_ifd_get32si() (bsc#1132838).
- CVE-2019-11035: Fixed a heap-buffer overflow in exif_iif_add_value() (bsc#1132837).
- CVE-2019-11036: Fixed buffer over-read in exif_process_IFD_TAG function leading to information disclosure (bsc#1134322).
ModerateSUSE bug 1132837SUSE bug 1132838SUSE bug 1134322CVE-2019-11034 at SUSECVE-2019-11034 at NVDCVE-2019-11035 at SUSECVE-2019-11035 at NVDCVE-2019-11036 at SUSECVE-2019-11036 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
Security issues fixed:
- CVE-2019-11039: Fixed a heap-buffer-overflow on php_jpg_get16 (bsc#1138173).
- CVE-2019-11040: Fixed an out-of-bounds read due to an integer overflow in
iconv.c:_php_iconv_mime_decode() (bsc#1138172).
ModerateSUSE bug 1138172SUSE bug 1138173CVE-2019-11039 at SUSECVE-2019-11039 at NVDCVE-2019-11040 at SUSECVE-2019-11040 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
Security issues fixed:
- CVE-2019-11038: Fixed a information disclosure in gdImageCreateFromXbm() (bsc#1140118).
- CVE-2019-11041: Fixed heap buffer over-read in exif_scan_thumbnail() (bsc#1146360).
- CVE-2019-11042: Fixed heap buffer over-read in exif_process_user_comment() (bsc#1145095).
ImportantSUSE bug 1140118SUSE bug 1145095SUSE bug 1146360CVE-2019-11038 at SUSECVE-2019-11038 at NVDCVE-2019-11041 at SUSECVE-2019-11041 at NVDCVE-2019-11042 at SUSECVE-2019-11042 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
Security issues fixed:
- CVE-2020-7059: Fixed an out-of-bounds read in php_strip_tags_ex (bsc#1162629).
- CVE-2019-11045: Fixed an issue with the PHP DirectoryIterator class that accepts filenames with embedded \0 bytes (bsc#1159923).
- CVE-2019-11046: Fixed an out-of-bounds read in bc_shift_addsub (bsc#1159924).
- CVE-2019-11047: Fixed an information disclosure in exif_read_data (bsc#1159922).
- CVE-2019-11050: Fixed a buffer over-read in the EXIF extension (bsc#1159927).
- CVE-2019-20433: Fixed a buffer over-read when processing strings ending with a single '\0' byte with ucs-2 and ucs-4 encoding (bsc#1161982).
ImportantSUSE bug 1159922SUSE bug 1159923SUSE bug 1159924SUSE bug 1159927SUSE bug 1161982SUSE bug 1162629CVE-2019-11045 at SUSECVE-2019-11045 at NVDCVE-2019-11046 at SUSECVE-2019-11046 at NVDCVE-2019-11047 at SUSECVE-2019-11047 at NVDCVE-2019-11050 at SUSECVE-2019-11050 at NVDCVE-2019-20433 at SUSECVE-2019-20433 at NVDCVE-2020-7059 at SUSECVE-2020-7059 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php7 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php7 fixes the following issues:
- CVE-2020-7064: Fixed a one byte read of uninitialized memory in exif_read_data() (bsc#1168326).
- CVE-2020-7066: Fixed URL truncation get_headers() if the URL contains zero (\0) character (bsc#1168352).
- CVE-2019-11048: Improved the handling of overly long filenames or field names in HTTP file uploads (bsc#1171999).
ModerateSUSE bug 1168326SUSE bug 1168352SUSE bug 1171999CVE-2019-11048 at SUSECVE-2019-11048 at NVDCVE-2020-7064 at SUSECVE-2020-7064 at NVDCVE-2020-7066 at SUSECVE-2020-7066 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
- CVE-2020-7070: Fixed an issue where percent-encoded cookies could have been used to overwrite existing prefixed cookie names (bsc#1177352).
ImportantSUSE bug 1177352CVE-2020-7070 at SUSECVE-2020-7070 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issue:
- CVE-2020-7071: Fixed an insufficient filter in parse_url() that accepted URLs with invalid userinfo (bsc#1180706).
- CVE-2021-21702: NULL pointer dereference in SoapClient (bsc#1182049)
ImportantSUSE bug 1180706SUSE bug 1182049CVE-2020-7071 at SUSECVE-2020-7071 at NVDCVE-2021-21702 at SUSECVE-2021-21702 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for php5 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for php5 fixes the following issues:
- CVE-2021-21705 [bsc#1188037]: SSRF bypass in FILTER_VALIDATE_URL
ModerateSUSE bug 1188037CVE-2021-21705 at SUSECVE-2021-21705 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for pixman (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for pixman fixes the following issues:
- This issue is needed to fix security issue in qemu that is tracked by CVE-2017-2633.
ModerateSUSE bug 1074701CVE-2017-2633 at SUSECVE-2017-2633 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for policycoreutils (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for policycoreutils fixes the following issues:
* CVE-2016-7545: nonpriv session can escape to parent [bsc#1000998]
LowSUSE bug 1000998CVE-2016-7545 at SUSECVE-2016-7545 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for policycoreutils (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for policycoreutils fixes the following issues:
- CVE-2018-1063: Prevent chcon from following symlinks in /tmp, /var/tmp,
/var/run and /var/lib/debug (bsc#1083624).
ModerateSUSE bug 1083624CVE-2018-1063 at SUSECVE-2018-1063 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for poppler (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for poppler fixes the following issues:
Security issues fixed:
- CVE-2015-8868: Corrupted PDF file can corrupt heap, causing DoS (bsc#976844)
ModerateSUSE bug 976844CVE-2015-8868 at SUSECVE-2015-8868 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for poppler (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for poppler fixes the following issues:
- CVE-2017-14977: Fixed a NULL pointer dereference vulnerability in the
FoFiTrueType::getCFFBlock() function in FoFiTrueType.cc that occurred due to
lack of validation of a table pointer, which allows an attacker to launch a
denial of service attack. (bsc#1061265)
- CVE-2017-1000456: Validate boundaries in TextPool::addWord to prevent
overflows in subsequent calculations (bsc#1074453)
- CVE-2017-15565: Prevent NULL Pointer dereference in the
GfxImageColorMap::getGrayLine() function via a crafted PDF document
(bsc#1064593)
ModerateSUSE bug 1061265SUSE bug 1064593SUSE bug 1074453CVE-2017-1000456 at SUSECVE-2017-1000456 at NVDCVE-2017-14977 at SUSECVE-2017-14977 at NVDCVE-2017-15565 at SUSECVE-2017-15565 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for RPMSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Multiple security vulnerabilities were reported in RPM which could be
exploited via specially crafted RPM files to cause a denial of service
(application crash) or potentially allow attackers to execute arbitrary
code.
Additionally, a non-security issue was fixed that could cause a division by
zero in cycles calculation under rare circumstances.
Security Issue references:
* CVE-2012-0815
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0815>
* CVE-2012-0060
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0060>
* CVE-2012-0061
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0061>
SUSE bug 610941SUSE bug 615409SUSE bug 656132SUSE bug 720824SUSE bug 747225SUSE bug 754281SUSE bug 754284SUSE bug 754285SUSE bug 892431SUSE bug 906803SUSE bug 908128CVE-2010-2059 at SUSECVE-2010-2059 at NVDCVE-2011-3378 at SUSECVE-2011-3378 at NVDCVE-2012-0060 at SUSECVE-2012-0060 at NVDCVE-2012-0061 at SUSECVE-2012-0061 at NVDCVE-2012-0815 at SUSECVE-2012-0815 at NVDCVE-2013-6435 at SUSECVE-2013-6435 at NVDCVE-2014-8118 at SUSECVE-2014-8118 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for PostfixSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update adds a hook to the sysv5 init script to recreate postmaps upon
server start, restart or reload if configured to do so via
/etc/sysconfig/postfix.
This fixes a regression from the previous update where the invocation of
SuSEconfig postfix module was removed from the post installation script.
SUSE bug 622873SUSE bug 677792SUSE bug 689021SUSE bug 690213SUSE bug 728308CVE-2011-0411 at SUSECVE-2011-0411 at NVDCVE-2011-1720 at SUSECVE-2011-1720 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql94 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of postgresql94 to 9.4.5 fixes the following issues:
* CVE-2015-5289: json or jsonb input values constructed from arbitrary user input could have crashed the PostgreSQL server and caused a denial of service (bsc#949670)
* CVE-2015-5288: crypt() (pgCrypto extension) couldi potentially be exploited to read a few additional bytes of memory (bsc#949669)
Also contains all changes and bugfixes in the upstream 9.4.5 release:
http://www.postgresql.org/docs/current/static/release-9-4-5.html
ModerateSUSE bug 949669SUSE bug 949670CVE-2015-5288 at SUSECVE-2015-5288 at NVDCVE-2015-5289 at SUSECVE-2015-5289 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for PostgreSQLSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
PostgreSQL has been updated to version 8.3.23 which fixes various bugs and
one security issue.
The security issue fixed in this release, CVE-2013-0255, allowed a
previously authenticated user to crash the server by calling an internal
function with invalid arguments. This issue was discovered by independent
security researcher Sumit Soni this week and reported via Secunia SVCRP,
and we are grateful for their efforts in making PostgreSQL more secure.
More information can be found at
http://www.postgresql.org/about/news/1446/
<http://www.postgresql.org/about/news/1446/>
Security Issue reference:
* CVE-2013-0255
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255>
SUSE bug 588996SUSE bug 605845SUSE bug 605926SUSE bug 607778SUSE bug 660478SUSE bug 701489SUSE bug 749299SUSE bug 749303SUSE bug 760511SUSE bug 765069SUSE bug 766799SUSE bug 767505SUSE bug 770193SUSE bug 773771SUSE bug 774616SUSE bug 774617SUSE bug 775399SUSE bug 775402SUSE bug 776523SUSE bug 776524SUSE bug 802679CVE-2010-0733 at SUSECVE-2010-0733 at NVDCVE-2010-1169 at SUSECVE-2010-1169 at NVDCVE-2010-1170 at SUSECVE-2010-1170 at NVDCVE-2010-1975 at SUSECVE-2010-1975 at NVDCVE-2010-4014 at SUSECVE-2010-4014 at NVDCVE-2010-4015 at SUSECVE-2010-4015 at NVDCVE-2012-0866 at SUSECVE-2012-0866 at NVDCVE-2012-0868 at SUSECVE-2012-0868 at NVDCVE-2012-2143 at SUSECVE-2012-2143 at NVDCVE-2012-2655 at SUSECVE-2012-2655 at NVDCVE-2012-3488 at SUSECVE-2012-3488 at NVDCVE-2012-3489 at SUSECVE-2012-3489 at NVDCVE-2013-0255 at SUSECVE-2013-0255 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql-init (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for postgresql-init fixes the following issues:
- CVE-2017-14798: A race condition in the init script could be used by attackers able to access the postgresql account to escalate their privileges to root (bsc#1062722)
ModerateSUSE bug 1062722CVE-2017-14798 at SUSECVE-2017-14798 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql10 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for postgresql10 brings version 10.6 to SUSE Linux Enterprise 11.
This release marks the change of the versioning scheme for PostgreSQL
to a 'x.y' format. This means the next minor releases of PostgreSQL
will be 10.1, 10.2, ... and the next major release will be 11.
* Logical Replication
Logical replication extends the current replication features of
PostgreSQL with the ability to send modifications on a per-database
and per-table level to different PostgreSQL databases. Users can now
fine-tune the data replicated to various database clusters and will
have the ability to perform zero-downtime upgrades to future major
PostgreSQL versions.
* Declarative Table Partitioning
Table partitioning has existed for years in PostgreSQL but required a
user to maintain a nontrivial set of rules and triggers for the
partitioning to work. PostgreSQL 10 introduces a table partitioning
syntax that lets users easily create and maintain range and list
partitioned tables.
* Improved Query Parallelism
PostgreSQL 10 provides better support for parallelized queries by
allowing more parts of the query execution process to be
parallelized. Improvements include additional types of data scans that
are parallelized as well as optimizations when the data is recombined,
such as pre-sorting. These enhancements allow results to be returned
more quickly.
* Quorum Commit for Synchronous Replication
PostgreSQL 10 introduces quorum commit for synchronous replication,
which allows for flexibility in how a primary database receives
acknowledgement that changes were successfully written to remote
replicas.
ModerateSUSE bug 1108308cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql10 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for postgresql10 fixes the following issues:
Security issue fixed:
- CVE-2019-10130: Prevent row-level security policies from being bypassed via selectivity estimators (bsc#1134689).
Bug fixes:
- For a complete list of fixes check the release notes.
* https://www.postgresql.org/docs/10/release-10-8.html
* https://www.postgresql.org/docs/10/release-10-7.html
ModerateSUSE bug 1134689CVE-2019-10130 at SUSECVE-2019-10130 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql10 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for postgresql10 to version 10.9 fixes the following issues:
Security issue fixed:
- CVE-2019-10164: Fixed buffer-overflow vulnerabilities in SCRAM verifier parsing (bsc#1138034).
More information at https://www.postgresql.org/docs/10/release-10-9.html
ImportantSUSE bug 1138034CVE-2019-10164 at SUSECVE-2019-10164 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql10 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for postgresql10 fixes the following issues:
Security issue fixed:
- CVE-2019-10208: Fixed arbitrary SQL execution via suitable SECURITY DEFINER function under the identity of the function owner (bsc#1145092).
ImportantSUSE bug 1145092CVE-2019-10208 at SUSECVE-2019-10208 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql10 (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for postgresql10 fixes the following issues:
PostgreSQL was updated to version 10.12.
Security issue fixed:
- CVE-2020-1720: Fixed a missing authorization check in the ALTER ... DEPENDS ON extension (bsc#1163985).
LowSUSE bug 1163985CVE-2020-1720 at SUSECVE-2020-1720 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql10 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for postgresql10 fixes the following issues:
- update to 10.14:
* CVE-2020-14349, bsc#1175193: Set a secure search_path in
logical replication walsenders and apply workers
* CVE-2020-14350, bsc#1175194: Make contrib modules' installation
scripts more secure.
* https://www.postgresql.org/docs/10/release-10-14.html
- update to 10.13 (bsc#1171924).
https://www.postgresql.org/about/news/2038/
https://www.postgresql.org/docs/10/release-10-13.html
ImportantSUSE bug 1171924SUSE bug 1175193SUSE bug 1175194CVE-2020-14349 at SUSECVE-2020-14349 at NVDCVE-2020-14350 at SUSECVE-2020-14350 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql10 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for postgresql10 fixes the following issues:
- Upgrade to version 10.15:
* CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD
and firing of deferred triggers within index expressions and
materialized view queries.
* CVE-2020-25694, bsc#1178667:
a) Fix usage of complex connection-string parameters in pg_dump,
pg_restore, clusterdb, reindexdb, and vacuumdb.
b) When psql's \connect command re-uses connection parameters,
ensure that all non-overridden parameters from a previous
connection string are re-used.
* CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from
modifying specially-treated variables.
* https://www.postgresql.org/about/news/2111/
* https://www.postgresql.org/docs/10/release-10-15.html
- Upgrade to version 10.15:
* CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD
and firing of deferred triggers within index expressions and
materialized view queries.
* CVE-2020-25694, bsc#1178667:
a) Fix usage of complex connection-string parameters in pg_dump,
pg_restore, clusterdb, reindexdb, and vacuumdb.
b) When psql's \connect command re-uses connection parameters,
ensure that all non-overridden parameters from a previous
connection string are re-used.
* CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from
modifying specially-treated variables.
* https://www.postgresql.org/about/news/2111/
* https://www.postgresql.org/docs/10/release-10-15.html
ImportantSUSE bug 1178666SUSE bug 1178667SUSE bug 1178668CVE-2020-25694 at SUSECVE-2020-25694 at NVDCVE-2020-25695 at SUSECVE-2020-25695 at NVDCVE-2020-25696 at SUSECVE-2020-25696 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql10 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for postgresql10 fixes the following issues:
- Upgrade to version 10.17:
- CVE-2021-32027: Fixed integer overflows in array subscripting calculations (bsc#1185924).
- CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists (bsc#1185925).
ModerateSUSE bug 1185924SUSE bug 1185925CVE-2021-32027 at SUSECVE-2021-32027 at NVDCVE-2021-32028 at SUSECVE-2021-32028 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql10 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for postgresql10 fixes the following issues:
- CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake (bsc#1192516).
- CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake (bsc#1192516).
ImportantSUSE bug 1192516CVE-2021-23214 at SUSECVE-2021-23214 at NVDCVE-2021-23222 at SUSECVE-2021-23222 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql91SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The PostgreSQL database server was updated to 9.1.15, fixing bugs and
security issues:
* Fix buffer overruns in to_char() (CVE-2015-0241).
* Fix buffer overrun in replacement *printf() functions
(CVE-2015-0242).
* Fix buffer overruns in contrib/pgcrypto (CVE-2015-0243).
* Fix possible loss of frontend/backend protocol synchronization after
an error (CVE-2015-0244).
* Fix information leak via constraint-violation error messages
(CVE-2014-8161).
For a comprehensive list of fixes, please refer to the following release
notes:
* http://www.postgresql.org/docs/9.1/static/release-9-1-15.html
<http://www.postgresql.org/docs/9.1/static/release-9-1-15.html>
* http://www.postgresql.org/docs/9.1/static/release-9-1-14.html
<http://www.postgresql.org/docs/9.1/static/release-9-1-14.html>
* http://www.postgresql.org/docs/9.1/static/release-9-1-13.html
<http://www.postgresql.org/docs/9.1/static/release-9-1-13.html>
Security Issues:
* CVE-2015-0241
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0241>
* CVE-2015-0243
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0243>
* CVE-2015-0244
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0244>
* CVE-2014-8161
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8161>
SUSE bug 916953CVE-2014-8161 at SUSECVE-2014-8161 at NVDCVE-2015-0241 at SUSECVE-2015-0241 at NVDCVE-2015-0243 at SUSECVE-2015-0243 at NVDCVE-2015-0244 at SUSECVE-2015-0244 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql91SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update provides PostgreSQL 9.1.18, which brings fixes for security
issues and other enhancements.
The following vulnerabilities have been fixed:
* CVE-2015-3165: Avoid possible crash when client disconnects.
(bsc#931972)
* CVE-2015-3166: Consistently check for failure of the *printf().
(bsc#931973)
* CVE-2015-3167: In contrib/pgcrypto, uniformly report decryption
failures. (bsc#931974)
For a comprehensive list of changes, please refer to
http://www.postgresql.org/docs/9.1/static/release-9-1-18.html
<http://www.postgresql.org/docs/9.1/static/release-9-1-18.html> .
This update also includes changes in PostgreSQL's packaging to prepare for
the migration to the new major version 9.4. (FATE#316970, bsc#907651)
Security Issues:
* CVE-2015-3165
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3165>
* CVE-2015-3166
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3166>
* CVE-2015-3167
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3167>
SUSE bug 907651SUSE bug 931972SUSE bug 931973SUSE bug 931974SUSE bug 932040CVE-2015-3165 at SUSECVE-2015-3165 at NVDCVE-2015-3166 at SUSECVE-2015-3166 at NVDCVE-2015-3167 at SUSECVE-2015-3167 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql91 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of postgresql91 to 9.1.19 fixes the following issues:
* CVE-2015-5288: crypt() (pgCrypto extension) couldi potentially be exploited to read a few additional bytes of memory (bsc#949669)
Also contains all changes and bugfixes in the upstream 9.1.19 release:
http://www.postgresql.org/docs/9.1/static/release-9-1-19.html
ModerateSUSE bug 949669CVE-2015-5288 at SUSECVE-2015-5288 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql94 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for postgresql94 fixes the following issues:
- Security and bugfix release 9.4.6:
* *** IMPORTANT ***
Users of version 9.4 will need to reindex any jsonb_path_ops
indexes they have created, in order to fix a persistent issue
with missing index entries.
* Fix infinite loops and buffer-overrun problems in regular
expressions (CVE-2016-0773, bsc#966436).
* Fix regular-expression compiler to handle loops of constraint
arcs (CVE-2007-4772).
* Prevent certain PL/Java parameters from being set by
non-superusers (CVE-2016-0766, bsc#966435).
* Fix many issues in pg_dump with specific object types
* Prevent over-eager pushdown of HAVING clauses for
GROUPING SETS
* Fix deparsing error with ON CONFLICT ... WHERE clauses
* Fix tableoid errors for postgres_fdw
* Prevent floating-point exceptions in pgbench
* Make \det search Foreign Table names consistently
* Fix quoting of domain constraint names in pg_dump
* Prevent putting expanded objects into Const nodes
* Allow compile of PL/Java on Windows
* Fix 'unresolved symbol' errors in PL/Python execution
* Allow Python2 and Python3 to be used in the same database
* Add support for Python 3.5 in PL/Python
* Fix issue with subdirectory creation during initdb
* Make pg_ctl report status correctly on Windows
* Suppress confusing error when using pg_receivexlog with older
servers
* Multiple documentation corrections and additions
* Fix erroneous hash calculations in gin_extract_jsonb_path()
- For the full release notse, see:
http://www.postgresql.org/docs/9.4/static/release-9-4-6.html
- Security and bugfix release 9.4.5:
* CVE-2015-5289, bsc#949670: json or jsonb input values
constructed from arbitrary user input can crash the PostgreSQL
server and cause a denial of service.
* CVE-2015-5288, bsc#949669: The crypt() function included with
the optional pgCrypto extension could be exploited to read a
few additional bytes of memory. No working exploit for this
issue has been developed.
- For the full release notse, see:
http://www.postgresql.org/docs/current/static/release-9-4-5.html
- Relax dependency on libpq to major version.
ImportantSUSE bug 949669SUSE bug 949670SUSE bug 966435SUSE bug 966436CVE-2007-4772 at SUSECVE-2007-4772 at NVDCVE-2015-5288 at SUSECVE-2015-5288 at NVDCVE-2015-5289 at SUSECVE-2015-5289 at NVDCVE-2016-0766 at SUSECVE-2016-0766 at NVDCVE-2016-0773 at SUSECVE-2016-0773 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql94 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for postgresql94 to version 9.4.9 fixes the several issues.
These security issues were fixed:
- CVE-2016-5423: CASE/WHEN with inlining can cause untrusted pointer dereference (bsc#993454).
- CVE-2016-5424: Fix client programs' handling of special characters in database and role names (bsc#993453).
For the non-security issues please refer to
- http://www.postgresql.org/docs/9.4/static/release-9-4-9.html
- http://www.postgresql.org/docs/9.4/static/release-9-4-8.html
- http://www.postgresql.org/docs/9.4/static/release-9-4-7.html
ImportantSUSE bug 993453SUSE bug 993454CVE-2016-5423 at SUSECVE-2016-5423 at NVDCVE-2016-5424 at SUSECVE-2016-5424 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql94 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for postgresql93 fixes the following issues:
- bsc#1029547: Fix tests with timezone 2017a
- CVE-2017-7486: Restrict visibility of
pg_user_mappings.umoptions, to protect passwords stored as
user mapping options. (bsc#1037624)
- CVE-2017-7485: Recognize PGREQUIRESSL variable again. (bsc#1038293)
- CVE-2017-7484: Prevent exposure of statistical information via leaky operators. (bsc#1037603)
ModerateSUSE bug 1029547SUSE bug 1037603SUSE bug 1037624SUSE bug 1038293CVE-2017-7484 at SUSECVE-2017-7484 at NVDCVE-2017-7485 at SUSECVE-2017-7485 at NVDCVE-2017-7486 at SUSECVE-2017-7486 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql94 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Postgresql94 was updated to 9.4.13 to fix the following issues:
* CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685)
* CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684)
* CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259)
The changelog for this release is here:
https://www.postgresql.org/docs/9.4/static/release-9-4-13.html
ImportantSUSE bug 1051684SUSE bug 1051685SUSE bug 1053259CVE-2017-7546 at SUSECVE-2017-7546 at NVDCVE-2017-7547 at SUSECVE-2017-7547 at NVDCVE-2017-7548 at SUSECVE-2017-7548 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql94 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for postgresql94 fixes the following issues:
Security issues fixed:
- CVE-2017-15098: Fix crash due to rowtype mismatch in json{b}_populate_recordset() (bsc#1067844).
- CVE-2017-12172: Start scripts permit database administrator to modify root-owned files. This issue did not affect SUSE (bsc#1062538).
Bug fixes:
- Update to version 9.4.15
* https://www.postgresql.org/docs/9.4/static/release-9-4-15.html
* https://www.postgresql.org/docs/9.4/static/release-9-4-14.html
ModerateSUSE bug 1062538SUSE bug 1067844CVE-2017-12172 at SUSECVE-2017-12172 at NVDCVE-2017-15098 at SUSECVE-2017-15098 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql94 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for postgresql94 fixes the following issues:
PostgreSQL was updated to version 9.4.16, full release notes:
https://www.postgresql.org/docs/9.4/static/release-9-4-16.html
Security issues fixed:
- CVE-2018-1053: Ensure that all temporary files made by pg_upgrade are non-world-readable. (bsc#1077983)
ModerateSUSE bug 1077983CVE-2018-1053 at SUSECVE-2018-1053 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql94 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for postgresql94 fixes the following issues:
Security issues fixed:
- CVE-2018-1058: Fixed uncontrolled search path element in pg_dump and other client applications (bsc#1081925).
Bug fixes:
- See release notes for details:
* https://www.postgresql.org/docs/9.4/static/release-9-4-17.html
* https://www.postgresql.org/docs/9.4/static/release-9-4-16.html
ModerateSUSE bug 1081925CVE-2018-1058 at SUSECVE-2018-1058 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql94 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for postgresql94 fixes the following issues:
postgresql was updated to 9.4.19:
https://www.postgresql.org/docs/current/static/release-9-4-19.html
* CVE-2018-10915, bsc#1104199: Fix failure to reset libpq's state
fully between connection attempts.
postgresql was updated to 9.4.18:
- https://www.postgresql.org/about/news/1851/
- https://www.postgresql.org/docs/current/static/release-9-4-18.html
A dump/restore is not required for those running 9.4.X.
However, if the function marking mistakes mentioned in the first
changelog entry below affect you, you will want to take steps to
correct your database catalogs.
ImportantSUSE bug 1104199CVE-2018-10915 at SUSECVE-2018-10915 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for postgresql94 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for postgresql94 fixes the following issues:
Security issue fixed:
- CVE-2019-10208: Fixed arbitrary SQL execution via suitable SECURITY DEFINER function under the identity of the function owner (bsc#1145092).
ImportantSUSE bug 1145092CVE-2019-10208 at SUSECVE-2019-10208 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for pppSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This ppp update fixes a potential security issue where an unprivileged
attacker could have accessed privileged options:
* integer overflow in option parsing (CVE-2014-3158, bnc#891489)
Security Issues:
* CVE-2014-3158
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3158>
SUSE bug 629729SUSE bug 891489CVE-2014-3158 at SUSECVE-2014-3158 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ppp (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The ppp package was updated to fix the following security issue:
- CVE-2015-3310: Fixed a buffer overflow in radius plug-in's rc_mksid() (bsc#927841).
ModerateSUSE bug 927841CVE-2015-3310 at SUSECVE-2015-3310 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for ppp (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ppp fixes the following security issue:
- CVE-2020-8597: Fixed a buffer overflow in the eap_request and eap_response functions (bsc#1162610).
ImportantSUSE bug 1162610CVE-2020-8597 at SUSECVE-2020-8597 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for procmailSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
procmail was updated to fix a security issue in its formail helper.
* When formail processed specially crafted e-mail headers a heap
corruption could be triggered, which would lead to a crash of
formail. (CVE-2014-3618)
Security Issues:
* CVE-2014-3618
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3618>
SUSE bug 894999CVE-2014-3618 at SUSECVE-2014-3618 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for procmail (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for procmail fixes the following issues:
Security issue fixed:
- CVE-2017-16844: Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than CVE-2014-3618. (bnc#1068648)
ModerateSUSE bug 1068648CVE-2017-16844 at SUSECVE-2017-16844 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for puppetSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Puppet was updated to fix the following security issues:
* Unsafe use of temporary files. (CVE-2013-4969)
* Arbitrary code execution with required social engineering.
(CVE-2014-3248, CVE-2014-3250)
Security Issues references:
* CVE-2014-3248
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3248>
* CVE-2013-4969
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4969>
* CVE-2014-3250
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3250>
SUSE bug 620808SUSE bug 623884SUSE bug 721139SUSE bug 726372SUSE bug 727024SUSE bug 727025SUSE bug 739361SUSE bug 747657SUSE bug 755726SUSE bug 755869SUSE bug 755870SUSE bug 755871SUSE bug 755872SUSE bug 770828SUSE bug 770829SUSE bug 770833SUSE bug 809839SUSE bug 825878SUSE bug 835122SUSE bug 835848SUSE bug 853982SUSE bug 856843SUSE bug 864082SUSE bug 879913CVE-2011-3848 at SUSECVE-2011-3848 at NVDCVE-2011-3869 at SUSECVE-2011-3869 at NVDCVE-2011-3870 at SUSECVE-2011-3870 at NVDCVE-2011-3871 at SUSECVE-2011-3871 at NVDCVE-2011-3872 at SUSECVE-2011-3872 at NVDCVE-2012-1053 at SUSECVE-2012-1053 at NVDCVE-2012-1054 at SUSECVE-2012-1054 at NVDCVE-2012-1986 at SUSECVE-2012-1986 at NVDCVE-2012-1987 at SUSECVE-2012-1987 at NVDCVE-2012-1988 at SUSECVE-2012-1988 at NVDCVE-2012-1989 at SUSECVE-2012-1989 at NVDCVE-2012-3864 at SUSECVE-2012-3864 at NVDCVE-2012-3865 at SUSECVE-2012-3865 at NVDCVE-2012-3867 at SUSECVE-2012-3867 at NVDCVE-2013-1640 at SUSECVE-2013-1640 at NVDCVE-2013-1652 at SUSECVE-2013-1652 at NVDCVE-2013-1653 at SUSECVE-2013-1653 at NVDCVE-2013-1654 at SUSECVE-2013-1654 at NVDCVE-2013-1655 at SUSECVE-2013-1655 at NVDCVE-2013-2274 at SUSECVE-2013-2274 at NVDCVE-2013-2275 at SUSECVE-2013-2275 at NVDCVE-2013-3567 at SUSECVE-2013-3567 at NVDCVE-2013-4761 at SUSECVE-2013-4761 at NVDCVE-2013-4969 at SUSECVE-2013-4969 at NVDCVE-2014-3248 at SUSECVE-2014-3248 at NVDCVE-2014-3250 at SUSECVE-2014-3250 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for puppet (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for puppet fixes the following issues:
- CVE-2017-2295: Fixed a security vulnerability where an attacker could
force YAML deserialization in an unsafe manner, which would lead to
remote code execution.
In default, this update would break a backwards compatibility
with Puppet agents older than 3.2.2 as the SLE11 master doesn't
support other fact formats than pson in default anymore.
In order to allow users to continue using their SLE11 agents
a patch was added that enables sending PSON from agents.
For non-SUSE clients older that 3.2.2 a new puppet master boolean option
'dangerous_fact_formats' was added. When it's set to true it
enables using dangerous fact formats (e.g. YAML). When it's set
to false, only PSON fact format is accepted. (bsc#1040151),
(bsc#1077767)
ModerateSUSE bug 1040151SUSE bug 1077767CVE-2017-2295 at SUSECVE-2017-2295 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for puppet (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for puppet fixes the following issues:
Security issue fixed:
- CVE-2020-7942: Added a warning for a vulnerable configuration option, which could allow
for information disclosure in certain setups. Disabling it my break some setups. (bsc#1167645)
Non-security issue fixed:
- Fixed deletion of puppet master file /etc/puppet/manifests/site.pp during updates (bsc#935899).
ModerateSUSE bug 1167645SUSE bug 935899CVE-2020-7942 at SUSECVE-2020-7942 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for pure-ftpdSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for pure-ftpd provides the following fixes:
* 524121: configurable ldap port for ftp server
* 655608: mdtm and some other commands fail, using full path of remote
server access
* 717802: FTP Remote server navigation not working for file/directory
operations when full path is specified.
Every Open Enterprise Server user should immediately install this update.
SUSE bug 524121SUSE bug 638626SUSE bug 655608SUSE bug 675934SUSE bug 676680SUSE bug 685447SUSE bug 686590SUSE bug 693165SUSE bug 694531SUSE bug 698253SUSE bug 699300SUSE bug 700335SUSE bug 700611SUSE bug 703035SUSE bug 717802SUSE bug 721118SUSE bug 828469SUSE bug 856424SUSE bug 902229CVE-2011-1575 at SUSECVE-2011-1575 at NVDCVE-2011-3171 at SUSECVE-2011-3171 at NVDCVE-2014-3566 at SUSECVE-2014-3566 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python fixes the following issues:
- CVE-2016-0772: smtplib vulnerability opens startTLS stripping attack (bsc#984751)
- CVE-2016-5699: incorrect validation of HTTP headers allow header injection (bsc#985348)
- CVE-2016-1000110: HTTPoxy vulnerability in urllib, fixed by disregarding HTTP_PROXY
when REQUEST_METHOD is also set (bsc#989523)
ModerateSUSE bug 984751SUSE bug 985348SUSE bug 989523CVE-2016-0772 at SUSECVE-2016-0772 at NVDCVE-2016-1000110 at SUSECVE-2016-1000110 at NVDCVE-2016-5699 at SUSECVE-2016-5699 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python fixes the following issues:
- CVE-2017-1000158: Fixed integer overflow in thePyString_DecodeEscape function (bsc#1068664).
ModerateSUSE bug 1068664CVE-2017-1000158 at SUSECVE-2017-1000158 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python fixes the following issues:
The following security vulnerabilities were addressed:
- Add a check to Lib/wave.py that verifies that at least one channel is
provided. Prior to this, attackers could cause a denial of service via a
crafted wav format audio file. [bsc#1083507, CVE-2017-18207]
ModerateSUSE bug 1083507CVE-2017-18207 at SUSECVE-2017-18207 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python-base fixes the following issues:
Security issues fixed:
- CVE-2018-1061: Fixed DoS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib (bsc#1088004).
- CVE-2018-1060: Fixed DoS via regular expression catastrophic backtracking in apop() method in pop3lib (bsc#1088009).
- CVE-2016-5636: Fixed heap overflow in zipimporter module (bsc#985177)
Bug fixes:
- bsc#1086001: python tarfile uses random order.
ImportantSUSE bug 1086001SUSE bug 1088004SUSE bug 1088009SUSE bug 985177CVE-2016-5636 at SUSECVE-2016-5636 at NVDCVE-2018-1060 at SUSECVE-2018-1060 at NVDCVE-2018-1061 at SUSECVE-2018-1061 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python fixes the following issue:
- CVE-2018-14647: Python's elementtree C accelerator failed to initialise
Expat's hash salt during initialization. This could make it easy to conduct
denial of service attacks against Expat by constructing an XML document that
would cause pathological hash collisions in Expat's internal data structures,
consuming large amounts CPU and RAM (bsc#1109847)
ModerateSUSE bug 1109847CVE-2018-14647 at SUSECVE-2018-14647 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python fixes the following issues:
Security issues fixed:
- CVE-2019-9948: Fixed a 'file:' blacklist bypass in URIs by using the 'local-file:' scheme instead (bsc#1130847).
- CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization (bsc#1129346).
ImportantSUSE bug 1129346SUSE bug 1130847CVE-2019-9636 at SUSECVE-2019-9636 at NVDCVE-2019-9948 at SUSECVE-2019-9948 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python fixes the following issues:
- CVE-2019-10160: Fixed a regression in urlparse() and urlsplit() introduced by the fix for CVE-2019-9636 (bsc#1138459).
- CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain validation (bsc#1141853).
ImportantSUSE bug 1138459SUSE bug 1141853CVE-2018-20852 at SUSECVE-2018-20852 at NVDCVE-2019-10160 at SUSECVE-2019-10160 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python fixes the following issues:
Security issue fixed:
- CVE-2019-16056: Fixed a parser issue in the email module. (bsc#1149955)
ModerateSUSE bug 1149955CVE-2019-16056 at SUSECVE-2019-16056 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python fixes the following security issue:
- CVE-2020-8492: Fixed a regular expression in urllib that was prone to denial of service via HTTP (bsc#1162367).
ModerateSUSE bug 1162367CVE-2020-8492 at SUSECVE-2020-8492 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python fixes the following issues:
Security issues fixed:
- CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen().
Now an InvalidURL exception is raised (bsc#1155094).
- CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs (bsc#1162825).
ModerateSUSE bug 1155094SUSE bug 1162825CVE-2019-18348 at SUSECVE-2019-18348 at NVDCVE-2019-9674 at SUSECVE-2019-9674 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python fixes the following issues:
- CVE-2019-20907: Avoid a possible infinite loop caused by specifically crafted tarballs (bsc#1174091).
ModerateSUSE bug 1174091CVE-2019-20907 at SUSECVE-2019-20907 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python fixes the following issues:
- bsc#1177211 (CVE-2020-26116) no longer allowing special characters in the method parameter
of HTTPConnection.putrequest in httplib, stopping injection of headers.
ImportantSUSE bug 1177211CVE-2020-26116 at SUSECVE-2020-26116 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python fixes the following issues:
- CVE-2021-23336: which forbids use of semicolon as a query string separator (bpo#42967, bsc#1182379, CVE-2021-23336).
- Switch off -O0 non-optimization.
- CVE-2021-3177: fixing bsc#1181126 (CVE-2021-3177) buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution.
ModerateSUSE bug 1181126SUSE bug 1182379CVE-2021-23336 at SUSECVE-2021-23336 at NVDCVE-2021-3177 at SUSECVE-2021-3177 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python fixes the following issues:
- CVE-2021-3737: Fixed http client infinite line reading (DoS) after a http 100. (bsc#1189241)
- CVE-2021-3733: Fixed ReDoS in urllib.request. (bsc#1189287)
- CVE-2019-9947: Fixed a CRLF injection that can occur if the attacker controls a url parameter. (bsc#1130840)
ModerateSUSE bug 1130840SUSE bug 1189241SUSE bug 1189287CVE-2019-9947 at SUSECVE-2019-9947 at NVDCVE-2021-3733 at SUSECVE-2021-3733 at NVDCVE-2021-3737 at SUSECVE-2021-3737 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for PythonSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This Python update fixes a certificate hostname issue.
* bnc#834601: CVE-2013-4238: python: SSL module does not handle
certificates that contain hostnames with NULL bytes
Security Issue reference:
* CVE-2013-4238
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238>
SUSE bug 834601CVE-2013-4238 at SUSECVE-2013-4238 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for PythonSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Python has been updated to fix one security issue:
* Potential wraparound/overflow in buffer() (CVE-2014-7185)
As an additional hardening measure SSLv2 was disabled (bnc#901715).
Security Issues:
* CVE-2014-7185
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7185>
SUSE bug 898572SUSE bug 901715CVE-2014-7185 at SUSECVE-2014-7185 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for pythonSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for Python fixes the following security issues:
* bnc#834601: SSL module does not handle certificates that contain
hostnames with NULL bytes. (CVE-2013-4238)
* bnc#856836: Various stdlib read flaws. (CVE-2013-1752)
Additionally, the following non-security issues have been fixed:
* bnc#859068: Turn off OpenSSL's aggressive optimizations that conflict
with Python's GC.
* bnc#847135: Setting fips=1 at boot time causes problems with Python
due to MD5 usage.
Security Issue references:
* CVE-2013-4073
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4073>
* CVE-2013-4238
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238>
SUSE bug 834601SUSE bug 847135SUSE bug 856836SUSE bug 859068CVE-2013-4073 at SUSECVE-2013-4073 at NVDCVE-2013-4238 at SUSECVE-2013-4238 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for PythonSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Python was updated to fix a security issue in the socket.recvfrom_into
function, where data could be written over the end of the buffer.
(CVE-2014-1912)
Security Issue reference:
* CVE-2014-1912
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912>
SUSE bug 863741CVE-2014-1912 at SUSECVE-2014-1912 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for PythonSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update for Python provides fixes for the following issues:
* CGIHTTPServer file disclosure and directory traversal through
URL-encoded characters. (CVE-2014-4650)
* The urlparse module has been updated to correctly parse IPv6
addresses. (bnc#872848)
* Correctly enable IPv6 support.
Security Issues:
* CVE-2014-4650
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4650>
SUSE bug 827982SUSE bug 834601SUSE bug 847135SUSE bug 856836SUSE bug 859068SUSE bug 863741SUSE bug 872848SUSE bug 885882CVE-2013-1752 at SUSECVE-2013-1752 at NVDCVE-2013-4238 at SUSECVE-2013-4238 at NVDCVE-2014-1912 at SUSECVE-2014-1912 at NVDCVE-2014-4650 at SUSECVE-2014-4650 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for python-imagingSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This python-imaging update fixes the following two security issues:
* bnc#863541: Fixed insecure temporary file creation and handling
(CVE-2014-1932, CVE-2014-1933)
Security Issue references:
* CVE-2014-1932
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1932>
* CVE-2014-1933
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1933>
SUSE bug 863541CVE-2014-1932 at SUSECVE-2014-1932 at NVDCVE-2014-1933 at SUSECVE-2014-1933 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python-lxmlSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This security update for python-lxml fixes an input sanitization flaw in
clean_html. (CVE-2014-3146)
Security Issues:
* CVE-2014-3146
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3146>
SUSE bug 657698SUSE bug 746129SUSE bug 877258CVE-2014-3146 at SUSECVE-2014-3146 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python-numpy (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python-numpy fixes the following issues:
Security issue fixed:
- CVE-2019-6446: Set allow_pickle to false by default to restrict loading untrusted content (bsc#1122208).
With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by
misusing numpy.load(). A warning during runtime will show-up when the allow_pickle is not explicitly set.
NOTE: By applying this update the behavior of python-numpy changes, which might break your application.
In order to get the old behaviour back, you have to explicitly set `allow_pickle` to True. Be aware
that this should only be done for trusted input, as loading untrusted input might lead to arbitrary code
execution.
ImportantSUSE bug 1122208CVE-2019-6446 at SUSECVE-2019-6446 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python-pamSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
python-pam was prone to a double-free issue which is fixed by this update.
(CVE-2012-1502).
Security Issues:
* CVE-2012-1502
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1502>
SUSE bug 751005CVE-2012-1502 at SUSECVE-2012-1502 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for python-pywbemSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python-pywbem fixes the following issue:
* Do not remove 'pwd' library from the import list. (bnc#876783)
SUSE bug 856108SUSE bug 856323SUSE bug 876783CVE-2013-6418 at SUSECVE-2013-6418 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for libpython2_6-1_0, libpython2_6-1_0-32bit, libpython2_6-1_0-x86, python, python-32bit, python-base, python-base-32bit, python-base-debuginfo, python-base-debuginfo-32bit, python-base-debuginfo-x86, python-base-debugsource, python-base-x86, python-curses, python-debuginfo, python-debuginfo-32bit, python-debuginfo-x86, python-debugsource, python-demo, python-devel, python-doc, python-doc-pdf, python-gdbm, python-idle, python-tk, python-x86, python-xmlSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update to python 2.6.8 fixes the following bugs, among others:
* XMLRPC Server DoS (CVE-2012-0845, bnc#747125)
* hash randomization issues (CVE-2012-1150, bnc#751718)
* insecure creation of .pypirc (CVE-2011-4944, bnc#754447)
* SimpleHTTPServer XSS (CVE-2011-1015, bnc#752375)
* functions can accept unicode kwargs (bnc#744287)
* python MainThread lacks ident (bnc#754547)
* TypeError: waitpid() takes no keyword arguments (bnc#751714)
* Source code exposure in CGIHTTPServer module (CVE-2011-1015,
bnc#674646)
* Insecure redirect processing in urllib2 (CVE-2011-1521, bnc#682554)
The hash randomization fix is by default disabled to keep compatibility
with existing python code when it extracts hashes.
To enable the hash seed randomization you can use: - pass -R to the python
interpreter commandline. - set the environment variable
PYTHONHASHSEED=random to enable it for programs. You can also set this
environment variable to a fixed hash seed by specifying a integer value
between 0 and MAX_UINT.
In generally enabling this is only needed when malicious third parties can
inject values into your hash tables.
The update to 2.6.8 also provides many compatibility fixes with OpenStack.
Security Issues:
* CVE-2011-1015
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1015>
* CVE-2011-1521
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1521>
* CVE-2011-4944
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4944>
* CVE-2012-0845
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845>
* CVE-2012-1150
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150>
SUSE bug 744287SUSE bug 747125SUSE bug 748079SUSE bug 751714SUSE bug 751718SUSE bug 752375SUSE bug 754447SUSE bug 754547CVE-2011-1015 at SUSECVE-2011-1015 at NVDCVE-2011-1521 at SUSECVE-2011-1521 at NVDCVE-2011-4944 at SUSECVE-2011-4944 at NVDCVE-2012-0845 at SUSECVE-2012-0845 at NVDCVE-2012-1150 at SUSECVE-2012-1150 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python27 fixes the following issues:
Security issues fixed:
- CVE-2017-1000158: Fixed integer overflows in PyString_DecodeEscape that could have resulted in
heap-based buffer overflow attacks and possible arbitrary code execution (bsc#1068664).
- CVE-2018-1000030: Fixed crash inside the Python interpreter when multiple threads used the same
I/O stream concurrently (bsc#1079300).
ModerateSUSE bug 1068664SUSE bug 1079300CVE-2017-1000158 at SUSECVE-2017-1000158 at NVDCVE-2018-1000030 at SUSECVE-2018-1000030 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python27 fixes the following issues:
The following security vulnerabilities were addressed:
- Add a check to Lib/wave.py that verifies that at least one channel is
provided. Prior to this, attackers could cause a denial of service via a
crafted wav format audio file. [bsc#1083507, CVE-2017-18207]
ModerateSUSE bug 1083507CVE-2017-18207 at SUSECVE-2017-18207 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python27 fixes the following issue:
- CVE-2018-1000802: Prevent command injection in shutil module (make_archive
function) via passage of unfiltered user input (bsc#1109663)
- CVE-2018-14647: Python's elementtree C accelerator failed to initialise
Expat's hash salt during initialization. This could make it easy to conduct
denial of service attacks against Expat by constructing an XML document that
would cause pathological hash collisions in Expat's internal data structures,
consuming large amounts CPU and RAM (bsc#1109847).
ModerateSUSE bug 1109663SUSE bug 1109847CVE-2018-1000802 at SUSECVE-2018-1000802 at NVDCVE-2018-14647 at SUSECVE-2018-14647 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python27 fixes the following issues:
Security issue fixed:
- CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser (bsc#1122191)
ModerateSUSE bug 1122191CVE-2019-5010 at SUSECVE-2019-5010 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python27 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python27 fixes the following issues:
Security issues fixed:
- CVE-2019-9948: Fixed a 'file:' blacklist bypass in URIs by using the 'local-file:' scheme instead (bsc#1130847).
- CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization (bsc#1129346).
ImportantSUSE bug 1129346SUSE bug 1130847CVE-2019-9636 at SUSECVE-2019-9636 at NVDCVE-2019-9948 at SUSECVE-2019-9948 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python27 fixes the following issues:
Security issue fixed:
- CVE-2019-16056: Fixed a parser issue in the email module. (bsc#1149955)
- CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py (bsc#1153238).
ModerateSUSE bug 1149955SUSE bug 1153238CVE-2019-16056 at SUSECVE-2019-16056 at NVDCVE-2019-16935 at SUSECVE-2019-16935 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python27 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python27 fixes the following issues:
python27 was updated to version 2.7.17.
- CVE-2019-18348: Fixed a CRLF injection via the host part
of the url passed to urlopen(). Now an InvalidURL exception
is raised (bsc#1155094).
- CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs (bsc#1162825).
- CVE-2020-8492: Fixed a regular expression in urllib that was prone to denial of service via HTTP (bsc#1162367).
- Unified packages among openSUSE:Factory and SLE versions (bsc#1159035).
- Added idle.desktop and idle.appdata.xml to provide IDLE in menus (bsc#1153830).
- Changed name of idle27 icons to idle27.png (bsc#1165894).
ImportantSUSE bug 1155094SUSE bug 1162367SUSE bug 1162825SUSE bug 1165894CVE-2019-18348 at SUSECVE-2019-18348 at NVDCVE-2019-9674 at SUSECVE-2019-9674 at NVDCVE-2020-8492 at SUSECVE-2020-8492 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python27 fixes the following issues:
- CVE-2019-20907, bsc#1174091: avoiding possible infinite loop in specifically crafted tarball.
ModerateSUSE bug 1174091CVE-2019-20907 at SUSECVE-2019-20907 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python27 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python27 fixes the following issues:
- Fixed a directory traversal in _download_http_url() (bsc#1176262 CVE-2019-20916)
ImportantSUSE bug 1176262CVE-2019-20916 at SUSECVE-2019-20916 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python27 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python27 fixes the following issues:
- buffer overflow in PyCArg_repr in _ctypes/callproc.c,
which may lead to remote code execution (bsc#1181126, CVE-2021-3177).
- Provide the newest setuptools wheel (bsc#1176262,
CVE-2019-20916) in their correct form (bsc#1180686).
ImportantSUSE bug 1176262SUSE bug 1180686SUSE bug 1181126CVE-2019-20916 at SUSECVE-2019-20916 at NVDCVE-2021-3177 at SUSECVE-2021-3177 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python27 fixes the following issues:
- python27 was upgraded to 2.7.18
- CVE-2021-23336: Fixed a potential web cache poisoning by using a
semicolon in query parameters use of semicolon as a query string
separator (bsc#1182379).
ModerateSUSE bug 1182379CVE-2021-23336 at SUSECVE-2021-23336 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python27 fixes the following issues:
- CVE-2021-3737: Fixed http client infinite line reading (DoS) after a http 100. (bsc#1189241)
- CVE-2021-3733: Fixed ReDoS in urllib.request. (bsc#1189287)
- CVE-2020-26116: Fixed a CRLF injection via HTTP request method in httplib/http.client. (bsc#1177211)
ModerateSUSE bug 1177211SUSE bug 1187668SUSE bug 1189241SUSE bug 1189287CVE-2020-26116 at SUSECVE-2020-26116 at NVDCVE-2021-3733 at SUSECVE-2021-3733 at NVDCVE-2021-3737 at SUSECVE-2021-3737 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python27 fixes the following issues:
- CVE-2022-0391: Fixed newline and tabs sanitation in urllib.parse (bsc#1195396).
- CVE-2021-4189: Fixed incorrect trust of PASV response (bsc#1194146).
ModerateSUSE bug 1194146SUSE bug 1195396CVE-2021-4189 at SUSECVE-2021-4189 at NVDCVE-2022-0391 at SUSECVE-2022-0391 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for python27 fixes the following issues:
- CVE-2021-3572: Fixed an improper handling of unicode characters in pip (bsc#1186819).
ModerateSUSE bug 1186819CVE-2021-3572 at SUSECVE-2021-3572 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for python 2.7 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update provides various modules for Python 2.7.
It also updates python 2.7 to the 2.7.16 release, fixing security issues and bugs.
The following packages are included in the update:
- cloud-init
- growpart
- python27-argparse
- python27-blinker
- python27-boto3
- python27-botocore
- python27-cffi
- python27-Cheetah
- python27-configobj
- python27-cryptography
- python27-dateutil
- python27-docutils
- python27-ecdsa
- python27-enum34
- python27-futures
- python27-httplib2
- python27-idna
- python27-ipaddress
- python27-Jinja2
- python27-jmespath
- python27-jsonpatch
- python27-jsonpointer
- python27-jsonschema
- python27-lockfile
- python27-MarkupSafe
- python27-oauthlib
- python27-oauth
- python27-paramiko
- python27-ply
- python27-PrettyTable
- python27-pyasn1-modules
- python27-pyasn1
- python27-pycparser
- python27-pycrypto
- python27-PyJWT
- python27-pyserial
- python27-pytest
- python27-python-daemon
- python27-PyYAML
- python27-requests
- python27-s3transfer
- python27-setuptools
- python27-simplejson
- python27-six
ModerateSUSE bug 1007084SUSE bug 1014478SUSE bug 1015776SUSE bug 1054106SUSE bug 1054413SUSE bug 1064755SUSE bug 1073879SUSE bug 1075263SUSE bug 1082318SUSE bug 1097455SUSE bug 1098681SUSE bug 905354SUSE bug 962170SUSE bug 974705SUSE bug 974993SUSE bug 975949SUSE bug 998103SUSE bug 998378CVE-2017-12880 at SUSECVE-2017-12880 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for quaggaSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update of quagga fixes two security issues:
* CVE-2013-0149: specially-crafted OSPF packets caused the routing
table to be erased (bnc#822572)
* CVE-2013-2236: local network stack overflow (bnc#828117)
Security Issue references:
* CVE-2013-2236
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2236>
* CVE-2013-0149
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0149>
SUSE bug 634300SUSE bug 654270SUSE bug 677335SUSE bug 718056SUSE bug 718058SUSE bug 718059SUSE bug 718061SUSE bug 718062SUSE bug 752204SUSE bug 752205SUSE bug 752206SUSE bug 759081SUSE bug 822572SUSE bug 828117CVE-2010-1674 at SUSECVE-2010-1674 at NVDCVE-2010-1675 at SUSECVE-2010-1675 at NVDCVE-2010-2948 at SUSECVE-2010-2948 at NVDCVE-2010-2949 at SUSECVE-2010-2949 at NVDCVE-2011-3323 at SUSECVE-2011-3323 at NVDCVE-2011-3324 at SUSECVE-2011-3324 at NVDCVE-2011-3325 at SUSECVE-2011-3325 at NVDCVE-2011-3326 at SUSECVE-2011-3326 at NVDCVE-2011-3327 at SUSECVE-2011-3327 at NVDCVE-2012-0249 at SUSECVE-2012-0249 at NVDCVE-2012-0250 at SUSECVE-2012-0250 at NVDCVE-2012-0255 at SUSECVE-2012-0255 at NVDCVE-2012-1820 at SUSECVE-2012-1820 at NVDCVE-2013-0149 at SUSECVE-2013-0149 at NVDCVE-2013-2236 at SUSECVE-2013-2236 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for quagga (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for quagga fixes the following security issue:
- CVE-2016-2342: Quagga was extended the prefixlen check to ensure it is
within the bound of the NLRI packet data and the on-stack prefix structure
and the maximum size for the address family (bsc#970952).
ModerateSUSE bug 970952CVE-2016-2342 at SUSECVE-2016-2342 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for quagga (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for quagga fixes one security issue:
- bsc#770619: Disallow unprivileged users to enter config directory /etc/quagga
(group: quagga, mode: 750) and read configuration files installed
there (group: quagga, mode: 640).
LowSUSE bug 770619cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for quagga (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for quagga fixes the following issue:
Security issue fixed:
- CVE-2016-4049: Fix for a buffer overflow error in bgp_dump_routes_func. (bsc#977012)
ModerateSUSE bug 977012CVE-2016-4049 at SUSECVE-2016-4049 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for quagga (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for quagga fixes the following issues:
- CVE-2016-1245: Fix for a zebra stack overrun in IPv6 RA receive code (bsc#1005258).
ImportantSUSE bug 1005258CVE-2016-1245 at SUSECVE-2016-1245 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for quagga (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for quagga fixes the following issues:
- The Quagga BGP daemon contained a bug in the AS_PATH size calculation that
could have been exploited to facilitate a remote denial-of-service attack via
specially crafted BGP UPDATE messages. [CVE-2017-16227, bsc#1065641]
- The Quagga BGP daemon did not check whether data sent to peers via NOTIFY had
an invalid attribute length. It was possible to exploit this issue and cause
the bgpd process to leak sensitive information over the network to a
configured peer. [CVE-2018-5378, bsc#1079798]
- The Quagga BGP daemon used to double-free memory when processing certain
forms of UPDATE messages. This issue could be exploited by sending an
optional/transitive UPDATE attribute that all conforming eBGP speakers should
pass along. Consequently, a single UPDATE message could have affected many
bgpd processes across a wide area of a network. Through this vulnerability,
attackers could potentially have taken over control of affected bgpd
processes remotely. [CVE-2018-5379, bsc#1079799]
- It was possible to overrun internal BGP code-to-string conversion tables in
the Quagga BGP daemon. Configured peers could have exploited this issue and
cause bgpd to emit debug and warning messages into the logs that would
contained arbitrary bytes. [CVE-2018-5380, bsc#1079800]
- The Quagga BGP daemon could have entered an infinite loop if sent an invalid
OPEN message by a configured peer. If this issue was exploited, then bgpd
would cease to respond to any other events. BGP sessions would have been
dropped and not be reestablished. The CLI interface would have been
unresponsive. The bgpd daemon would have stayed in this state until
restarted. [CVE-2018-5381, bsc#1079801]
- The Quagga daemon's telnet 'vty' CLI contains an unbounded memory allocation
bug that could be exploited for a denial-of-service attack on the daemon.
This issue has been fixed. [CVE-2017-5495, bsc#1021669]
- The telnet 'vty' CLI of the Quagga daemon is no longer enabled by default,
because the passwords in the default 'zebra.conf' config file are now
disabled. The vty interface is available via 'vtysh' utility using pam
authentication to permit management access for root without password.
[bsc#1021669]
ImportantSUSE bug 1021669SUSE bug 1065641SUSE bug 1079798SUSE bug 1079799SUSE bug 1079800SUSE bug 1079801CVE-2017-16227 at SUSECVE-2017-16227 at NVDCVE-2017-5495 at SUSECVE-2017-5495 at NVDCVE-2018-5378 at SUSECVE-2018-5378 at NVDCVE-2018-5379 at SUSECVE-2018-5379 at NVDCVE-2018-5380 at SUSECVE-2018-5380 at NVDCVE-2018-5381 at SUSECVE-2018-5381 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for quotaSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The quota package was updated to fix an issue with tcp_wrappers, where
hosts.allow/deny files would have not been correctly honored.
(CVE-2012-3417)
Security Issue reference:
* CVE-2012-3417
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3417>
SUSE bug 636551SUSE bug 687699SUSE bug 728626SUSE bug 772570CVE-2012-3417 at SUSECVE-2012-3417 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for radvdSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of radvd fixes the following security flaws:
* arbitrary file overwrite flaw through unsanitized interface names
(CVE-2011-3602),
* missing return value checks in privsep_init() which could cause radvd
to keep running with root privileges (CVE-2011-3603),
* buffer overread flaws in the process_ra() function (CVE-2011-3604),
* temporary denial of service flaw triggered by a flood of
ND_ROUTER_SOLICIT (CVE-2011-3605)
Security Issue references:
* CVE-2011-3601
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3601>
* CVE-2011-3602
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3602>
* CVE-2011-3603
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3603>
* CVE-2011-3604
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3604>
* CVE-2011-3605
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3605>
SUSE bug 721968CVE-2011-3601 at SUSECVE-2011-3601 at NVDCVE-2011-3602 at SUSECVE-2011-3602 at NVDCVE-2011-3603 at SUSECVE-2011-3603 at NVDCVE-2011-3604 at SUSECVE-2011-3604 at NVDCVE-2011-3605 at SUSECVE-2011-3605 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for sendmailSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
sendmail has been updated to properly close file descriptors before
executing programs.
These security issues were fixed:
* Not properly closing file descriptors before executing programs
(CVE-2014-3956).
Security Issues:
* CVE-2014-3956
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956>
SUSE bug 881284CVE-2014-3956 at SUSECVE-2014-3956 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for rsyncSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This collective update for rsync provides the following fixes:
* Fix crash on Z_BUF_ERROR in see_deflate_token (bnc#753035)
* call localtime() once before chroot to initialize time zone
(bnc#766313)
SUSE bug 684387SUSE bug 694030SUSE bug 753035SUSE bug 766313CVE-2011-1097 at SUSECVE-2011-1097 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for rsync (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for rsync fixes two security issues:
- CVE-2014-8242: Checksum collisions leading to a denial of service (bsc#900914)
- CVE-2014-9512: Malicious servers could send files outside of the transferred directory (bsc#915410)
ModerateSUSE bug 900914SUSE bug 915410CVE-2014-8242 at SUSECVE-2014-8242 at NVDCVE-2014-9512 at SUSECVE-2014-9512 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for rsync (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for rsync fixes the following issues:
- CVE-2014-9512: rsync allowed remote attackers to write to arbitrary files via a
symlink attack on a file in the synchronization path. (bsc#915410)
- The rsyncd daemon doesn't handle the HUP signal. Fix 'reload' action in the init
script to restart the service. (bsc#791660)
ModerateSUSE bug 791660SUSE bug 915410CVE-2014-9512 at SUSECVE-2014-9512 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for rsync (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for rsync fixes several issues.
These security issues were fixed:
- CVE-2017-17434: The daemon in rsync did not check for fnamecmp filenames in
the daemon_filter_list data structure (in the recv_files function in
receiver.c) and also did not apply the sanitize_paths protection mechanism to
pathnames found in 'xname follows' strings (in the read_ndx_and_attrs function
in rsync.c), which allowed remote attackers to bypass intended access
restrictions' (bsc#1071460).
- CVE-2017-17433: The recv_files function in receiver.c in the daemon in rsync,
proceeded with certain file metadata updates before checking for a filename in
the daemon_filter_list data structure, which allowed remote attackers to bypass
intended access restrictions (bsc#1071459).
- CVE-2017-16548: The receive_xattr function in xattrs.c in rsync did not check
for a trailing '\\0' character in an xattr name, which allowed remote attackers
to cause a denial of service (heap-based buffer over-read and application
crash) or possibly have unspecified other impact by sending crafted data to the
daemon (bsc#1066644).
ModerateSUSE bug 1066644SUSE bug 1071459SUSE bug 1071460CVE-2017-16548 at SUSECVE-2017-16548 at NVDCVE-2017-17433 at SUSECVE-2017-17433 at NVDCVE-2017-17434 at SUSECVE-2017-17434 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for rsync (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for rsync fixes one issues.
This security issue was fixed:
- CVE-2018-5764: The parse_arguments function in options.c did not prevent
multiple --protect-args uses, which allowed remote attackers to bypass an
argument-sanitization protection mechanism (bsc#1076503)
ModerateSUSE bug 1076503CVE-2018-5764 at SUSECVE-2018-5764 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for rsyslogSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
rsyslog has been updated to fix a remote denial of service issue:
* Under certain configurations, a local or remote attacker able to send
syslog messages to the server could have crashed the log server due
to an array overread. (CVE-2014-3634, CVE-2014-3683)
Security Issues:
* CVE-2014-3634
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3634>
* CVE-2014-3683
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3683>
SUSE bug 632290SUSE bug 682012SUSE bug 897262SUSE bug 899756CVE-2014-3634 at SUSECVE-2014-3634 at NVDCVE-2014-3683 at SUSECVE-2014-3683 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for rubySUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This Ruby update fixes the following security issue:
* bnc#808137: Fixed entity expansion DoS vulnerability in REXML
(CVE-2013-1821).
Security Issue reference:
* CVE-2013-1821
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1821>
SUSE bug 554178SUSE bug 570616SUSE bug 600752SUSE bug 673740SUSE bug 673750SUSE bug 682287SUSE bug 697384SUSE bug 783525SUSE bug 808137SUSE bug 827265SUSE bug 851803SUSE bug 902851SUSE bug 905326CVE-2009-0689 at SUSECVE-2009-0689 at NVDCVE-2009-4492 at SUSECVE-2009-4492 at NVDCVE-2010-0541 at SUSECVE-2010-0541 at NVDCVE-2011-0188 at SUSECVE-2011-0188 at NVDCVE-2011-1004 at SUSECVE-2011-1004 at NVDCVE-2011-1005 at SUSECVE-2011-1005 at NVDCVE-2012-4481 at SUSECVE-2012-4481 at NVDCVE-2012-4522 at SUSECVE-2012-4522 at NVDCVE-2013-1821 at SUSECVE-2013-1821 at NVDCVE-2013-4073 at SUSECVE-2013-4073 at NVDCVE-2013-4164 at SUSECVE-2013-4164 at NVDCVE-2014-8080 at SUSECVE-2014-8080 at NVDCVE-2014-8090 at SUSECVE-2014-8090 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for ruby (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for ruby fixes the following issues:
Secuirty issues fixed:
- CVE-2015-1855: Ruby OpenSSL Hostname Verification (bsc#926974)
- CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL (bsc#959495)
Bugfixes:
- fix small mistake in the backport for (bsc#986630)
ModerateSUSE bug 926974SUSE bug 959495SUSE bug 986630CVE-2015-1855 at SUSECVE-2015-1855 at NVDCVE-2015-7551 at SUSECVE-2015-7551 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for rubySUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of ruby provides 1.8.7p357, which contains many stability fixes
and bug fixes while maintaining full compatibility with the previous
version. A detailailed list of changes is available from
http://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLog
<http://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLog> .
The most important fixes are:
* Hash functions are now using a randomized seed to avoid algorithmic
complexity attacks. If available, OpenSSL::Random.seed at the
SecureRandom.random_bytes is used to achieve this. (CVE-2011-4815
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4815> )
* mkconfig.rb: fix for continued lines.
* Fix Infinity to be greater than any bignum number.
* Initialize store->ex_data.sk.
* Several IPv6 related fixes.
* Fixes for zlib.
* Reinitialize PRNG when forking children (CVE-2011-2686
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2686> ,
CVE-2011-3009
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3009> )
* Fixes to securerandom. (CVE-2011-2705
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2705> )
* Fix uri route_to
* Fix race condition with variables and autoload.
SUSE bug 704409SUSE bug 739122SUSE bug 740796CVE-2011-2686 at SUSECVE-2011-2686 at NVDCVE-2011-2705 at SUSECVE-2011-2705 at NVDCVE-2011-3009 at SUSECVE-2011-3009 at NVDCVE-2011-4815 at SUSECVE-2011-4815 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for rzsz (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for rzsz fixes the following issues:
- L3: sz of rzsz segfaults in zsdata() (bsc#1086416)
- VUL-0: CVE-2018-10195: rzsz: sz can leak data to receiving side (bsc#1090051)
- rzsz-0.12.20-976.7: illegal use of freed variable (bsc#529899)
- /usr/bin/lsb segfaults [rzsz] (bsc#1076576)
ModerateSUSE bug 1076576SUSE bug 1086416SUSE bug 1090051SUSE bug 529899CVE-2018-10195 at SUSECVE-2018-10195 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for SambaSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This updates Samba to the latest state for SLE 10 SP4 and SLE 11 SP 1.
* Fixing libsmbsharemode dependency on ldap and krb5 libs in Makefile;
(bnc #729516).
* Add 'ldapsam:login cache' parameter to allow explicit disabling of
the login cache; (bnc#723261).
* Fix samba duplicates file content on appending. Move posix case
semantics out from under the VFS; (bso#6898); (bnc#681208).
* Make winbind child reconnect when remote end has closed, fix failing
sudo; (bso#7295); (bnc#569721).
* Fixed the DFS referral response for msdfs root; (bnc#703655).
* Fix CUPS print job IDs; (bso#7288); (bnc#701257).
* Fix winbind internal error; (bso#7636); (bnc#659424).
* Fix printing from Windows 7 clients; (bso#7567); (bnc#687535).
* Update pidl and always compile IDL at build time; (bnc#688810).
* Abide by print$ share 'force user' & 'force group' settings when
handling AddprinterDriver and DeletePrinterDriver requests;
(bso#7921); (bnc#653353).
SUSE Linux Enterprise 11 only:
* mount.cifs: don't try to alter mtab if it's a symlink; (bnc#710791).
* Fix smbclient -Tc failing on 8GB sized tar files on s390x
(bnc#726145)
SUSE bug 569721SUSE bug 592198SUSE bug 599873SUSE bug 605935SUSE bug 613459SUSE bug 619787SUSE bug 643119SUSE bug 643787SUSE bug 649526SUSE bug 649636SUSE bug 653353SUSE bug 657026SUSE bug 659424SUSE bug 668773SUSE bug 675478SUSE bug 675978SUSE bug 681208SUSE bug 687535SUSE bug 688810SUSE bug 692607SUSE bug 694836SUSE bug 698209SUSE bug 701257SUSE bug 703655SUSE bug 710791SUSE bug 723261SUSE bug 726145SUSE bug 729516CVE-2010-1635 at SUSECVE-2010-1635 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for samba fixes the following security issues:
- CVE-2015-5252: Insufficient symlink verification (file access outside the share) (bsc#958582).
- CVE-2015-5296: No man in the middle protection when forcing smb encryption on the client
side (bsc#958584).
- CVE-2015-5299: Currently the snapshot browsing is not secure thru windows previous version
(shadow_copy2) (bsc#958583).
ModerateSUSE bug 295284SUSE bug 958582SUSE bug 958583SUSE bug 958584CVE-2015-5252 at SUSECVE-2015-5252 at NVDCVE-2015-5296 at SUSECVE-2015-5296 at NVDCVE-2015-5299 at SUSECVE-2015-5299 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for samba (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for samba fixes the following issues:
- CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change
permissions on link target (bso#11648 bsc#968222).
ImportantSUSE bug 968222CVE-2015-7560 at SUSECVE-2015-7560 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for samba (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for samba fixes the following issues:
Security issues fixed:
- CVE-2016-2110: A man-in-the-middle can downgrade NTLMSSP authentication. (bso#11688)(bsc#973031)
- CVE-2016-2111: Domain controller netlogon member computer can be spoofed. (bso#11749)(bsc#973032)
- CVE-2016-2112: LDAP conenctions vulnerable to downgrade and MITM attack. (bso#11644)(bsc#973033)
- CVE-2016-2113: TLS certificate validation missing. (bso#11752)(bsc#973034)
- CVE-2016-2115: Named pipe IPC vulnerable to MITM attacks. (bso#11756)(bsc#973036)
Bugs fixed:
- Getting and setting Windows ACLs on symlinks can change permissions on link ImportantSUSE bug 973031SUSE bug 973032SUSE bug 973033SUSE bug 973034SUSE bug 973036CVE-2016-2110 at SUSECVE-2016-2110 at NVDCVE-2016-2111 at SUSECVE-2016-2111 at NVDCVE-2016-2112 at SUSECVE-2016-2112 at NVDCVE-2016-2113 at SUSECVE-2016-2113 at NVDCVE-2016-2115 at SUSECVE-2016-2115 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for samba (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for samba fixes the following issues:
- CVE-2015-5370: The DCERPC server and client were vulnerable to DOS and MITM attacks.
(bsc#936862).
ImportantSUSE bug 936862CVE-2015-5370 at SUSECVE-2015-5370 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for samba fixes the following issues:
- CVE-2016-2125: Don't send delegated credentials to all servers (bsc#1014441).
- CVE-2016-2126: Denial of service due to a client triggered crash in the winbindd parent process (bsc#1014442).
ModerateSUSE bug 1014441SUSE bug 1014442CVE-2016-2125 at SUSECVE-2016-2125 at NVDCVE-2016-2126 at SUSECVE-2016-2126 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for samba fixes several issues.
These security issues were fixed:
- CVE-2017-12163: Prevent client short SMB1 write from writing server memory to
file, leaking information from the server to the client (bsc#1058624).
- CVE-2017-12150: Always enforce smb signing when it is configured (bsc#1058622).
- CVE-2017-2619: Symlink race permited opening files outside share directory (bsc#1027147).
These non-security issues were fixed:
- Allow SESSION KEY setup without signing (bsc#1009711).
ModerateSUSE bug 1009711SUSE bug 1027147SUSE bug 1058622SUSE bug 1058624CVE-2017-12150 at SUSECVE-2017-12150 at NVDCVE-2017-12163 at SUSECVE-2017-12163 at NVDCVE-2017-2619 at SUSECVE-2017-2619 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for samba fixes the following issues:
- CVE-2017-15275: s3: smbd: Chain code can return uninitialized
memory when talloc buffer is grown; (bsc#1063008); (bso#13077);
ModerateSUSE bug 1063008CVE-2017-15275 at SUSECVE-2017-15275 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for samba (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for samba fixes the following issues:
The following security issue was fixed:
- CVE-2018-10858: Insufficient input validation on client directory listing in libsmbclient (bsc#1103411).
ImportantSUSE bug 1103411CVE-2018-10858 at SUSECVE-2018-10858 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for samba fixes the following issues:
Security issue fixed:
- CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed
an unprivileged user to save registry files outside a share (bsc#1131060).
ModerateSUSE bug 1131060CVE-2019-3880 at SUSECVE-2019-3880 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for samba (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for samba fixes the following issue:
- CVE-2019-10218: Fixed a path injection caused by filenames containing path separators (bso#14071) (bsc#1144902).
ImportantSUSE bug 1144902CVE-2019-10218 at SUSECVE-2019-10218 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for samba fixes the following issues:
- CVE-2020-10745: Fixed an issue which parsing and packing of NBT and DNS packets
containing dots could potentially have consumed excessive CPU (bsc#1173160).
ModerateSUSE bug 1173160CVE-2020-10745 at SUSECVE-2020-10745 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for samba (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for samba fixes the following issues:
- CVE-2020-25717: A user in an AD Domain could become root on domain members (bsc#1192284).
- Added missing man page updates
ImportantSUSE bug 1192284SUSE bug 1196717SUSE bug 577868SUSE bug 656867SUSE bug 973032SUSE bug 973033SUSE bug 973036CVE-2020-25717 at SUSECVE-2020-25717 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for sane-backends (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for sane-backends fixes the following issues:
- saned could have leaked uninitialized memory back to its requesters for some
opcodes, allowing for information disclosure of saned memory
(CVE-2017-6318, bsc#1027197).
ModerateSUSE bug 1027197CVE-2017-6318 at SUSECVE-2017-6318 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for sblim-sfcbSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This collective update for the Small Footprint CIM Broker (sblim-sfcb)
provides the following fixes:
* Fix possible crash in case of bad content length (bnc#794021,
upstream #3001896)
* Fix possible crash when httpMaxContentLength is set to 0 allowing
specific Content-Lengh values to cause a buffer overflow (bnc#794021,
upstream #3001915).
Security Issue references:
* CVE-2010-1937
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1937>
* CVE-2010-2054
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2054>
SUSE bug 612033SUSE bug 612043SUSE bug 621620SUSE bug 625780SUSE bug 625782SUSE bug 645804SUSE bug 667729SUSE bug 680142SUSE bug 713687SUSE bug 716299SUSE bug 794021CVE-2010-1937 at SUSECVE-2010-1937 at NVDCVE-2010-2054 at SUSECVE-2010-2054 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for sblim-sfcb (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of sblim-sfcb fixes a potential NULL pointer crash in lookupProviders() (CVE-2015-5185).
ModerateSUSE bug 942628CVE-2015-5185 at SUSECVE-2015-5185 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for screen (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for screen fixes the following issues:
Security issue fixed:
- CVE-2015-6806: Fixed a stack overflow due to deep recursion (bsc#944458).
LowSUSE bug 944458CVE-2015-6806 at SUSECVE-2015-6806 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for socatSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes two small security issues in socat:
* Fixed a stack overflow in commandline parsing (bnc#627475 /
CVE-2010-2799) Only exploitable if an attacker can control the
commandline parameters.
* Fixed heap overflow in READLINE output mode (bnc#759859 /
CVE-2012-0219)
Security Issue references:
* CVE-2012-0219
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0219>
* CVE-2010-2799
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2799>
SUSE bug 627475SUSE bug 759859CVE-2010-2799 at SUSECVE-2010-2799 at NVDCVE-2012-0219 at SUSECVE-2012-0219 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for socat (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for socat fixes the following issues:
- CVE-2013-3571: Fix a file descriptor leak that could have been misused for a denial of service attack against socat running in server mode (bsc#821985)
- CVE-2014-0019: PROXY-CONNECT address was vulnerable to a stack buffer overflow (bsc#860991)
- Fix a stack overflow in the parser that could have been leveraged to execute arbitrary code (bsc#964844)
ModerateSUSE bug 821985SUSE bug 860991SUSE bug 964844CVE-2013-3571 at SUSECVE-2013-3571 at NVDCVE-2014-0019 at SUSECVE-2014-0019 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1YOU update for Software Update StackSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This 2012/02 update for the Software Management Update Stack provides the
following fixes:
Libzypp and libsatsolver:
* change splitprovides so that they only work on packages that are to
be updated (bnc#740982)
* Fix and optimize Pathname ctor and provide testcases (bnc#721128)
* Fix code10 to code11 conversion of product metadata (bnc#711429)
* Fix arch name typo in code10 to code11 conversion (bnc#711429)
* Do not differ between type nfs and nfs4 when checking the mount table
(bnc#710269)
* Fix and optimize Pathname ctor and provide testcases (bnc#721128)
* Require curl version that provides gssapi delegation (bnc#735284)
zypper:
* Fix 'zypper search' xml output (bnc#687529)
* Allow white space before key=value pair (bnc#722250)
* Update manpage to give some repo URI examples (bnc#680630)
yast2-wagon:
* install also all applicable patches (except optional ones) (part of
fate#311994)
* force product upgrade in full migration mode, handle product name
changes (bnc#735826)
* Do not allow to continue without package lock (BNC #616982)
* added new core/full migration selection dialog (fate#311994)
* if the system is managed by SUSE Manager display a message and exit
(fate#311994)
* added a new client for selecting DUP repositories (fate#311994)
* added a new client for checking registration status before starting
migration (fate#309594)
* implemented download in advance mode support (fate#308951)
* display solver error in the migration propsal, do not allow starting
migration when there is an unsolved problem (bnc#708676)
* do not disable current repositories, minimal migration uses 'DUP
from' feature so they can stay enabled (bnc#708632)
* fixed registration status check when registering against SMT
(bnc#708888)
* properly display selected migration type when going back in the
migration workflow (bnc#708667)
* reset and repropose package selection when migration type is changed
(bnc#708641)
* display 'Registration Code' checkbox in the registration step
(bnc#724957)
* fixed registration status check when there is only one product
installed (bnc#732813)
* do full migration only from SP2 repos (but also install patches in
addition to minimal migration) (fate#311994)
yast2-packager:
* fixed UI syntax error in package callbacks when there is a popup
window displayed (bnc#722039, bnc#622286)
* correctly display download progress in DownloadInAdvance libzypp mode
(bnc#616708)
* fix download progress when using add-ons (bnc#663301)
yast2-pkg-bindings:
* fixed reloading of repositories which have been removed during
service reload (bnc#724449)
* fixed saving additional repositories added by registration
(bnc#742033)
curl:
* Added also the --delegation option to the curl tool (bnc#698796#c12).
* Add CURLOPT_GSSAPI_DELEGATION libcurl option (bnc#698796#c12) plus a
couple of minor fixes and cleanups.
* Curl_input_negotiate: do not delegate GSSAPI credentials (bnc#698796,
CVE-2011-2192).
* Update to 7.19.7, which provides many bugfixes
* fix for a regression in handling of '[protocol]_proxy' environment
variables.
SUSE bug 616708SUSE bug 616982SUSE bug 622286SUSE bug 663301SUSE bug 680630SUSE bug 687529SUSE bug 698796SUSE bug 708632SUSE bug 708641SUSE bug 708667SUSE bug 708676SUSE bug 708888SUSE bug 709480SUSE bug 709494SUSE bug 710269SUSE bug 711429SUSE bug 721128SUSE bug 722039SUSE bug 722250SUSE bug 724449SUSE bug 724957SUSE bug 732813SUSE bug 735284SUSE bug 735826SUSE bug 740982SUSE bug 742033SUSE bug 742306CVE-2011-2192 at SUSECVE-2011-2192 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for speex (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for speex fixes the following issues:
- CVE-2020-23903: Fixed zero division error in read_samples (bsc#1192580).
ModerateSUSE bug 1192580CVE-2020-23903 at SUSECVE-2020-23903 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for sqlite3 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for sqlite3 fixes the following issues:
Security issue fixed:
- CVE-2019-8457: Fixed an heap out-of-bound read in the rtreenode() when handling invalid rtree tables (bsc#1136976).
ImportantSUSE bug 1136976CVE-2019-8457 at SUSECVE-2019-8457 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for sqlite3 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for sqlite3 fixes the following issues:
- CVE-2017-2518: Fixed a use-after-free vulnerability which could have
led to buffer overflow via a crafted SQL statement (bsc#1155787).
- CVE-2018-8740: Fixed a null pointer dereference caused when CREATE
TABLE AS statement is used (bsc#1085790).
ImportantSUSE bug 1085790SUSE bug 1155787CVE-2017-2518 at SUSECVE-2017-2518 at NVDCVE-2018-8740 at SUSECVE-2018-8740 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for SquidSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This Squid update fixes a buffer overflow issue when squid attempted to
resolve an overly long hostname. This could have been triggered with
specially crafted http requests. (bnc#829084, CVE-2013-4115)
This update also includes a correction to the last change for logrotate.
(bnc#677335)
Security Issue reference:
* CVE-2013-4115
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4115>
SUSE bug 587375SUSE bug 677335SUSE bug 794954SUSE bug 796999SUSE bug 829084CVE-2010-0639 at SUSECVE-2010-0639 at NVDCVE-2012-5643 at SUSECVE-2012-5643 at NVDCVE-2013-0188 at SUSECVE-2013-0188 at NVDCVE-2013-4115 at SUSECVE-2013-4115 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for squid (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
squid was updated to fix two security issues.
These security issues were fixed:
- CVE-2014-6270: Fixed an off by one in snmp subsystem (bsc#895773).
- CVE-2014-9749: Fixed a nonce replay vulnerability in Digest authentication (bsc#949942).
ModerateSUSE bug 895773SUSE bug 949942CVE-2014-6270 at SUSECVE-2014-6270 at NVDCVE-2014-9749 at SUSECVE-2014-9749 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for squid (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for squid fixes the following issues:
- CVE-2016-4051: backport fix buffer overflow in cachemgr.cgi (bsc#976553)
- CVE-2016-4554: backport fix for header smuggling issue in HTTP Request processing (bsc#979010)
ModerateSUSE bug 976553SUSE bug 979010CVE-2016-4051 at SUSECVE-2016-4051 at NVDCVE-2016-4554 at SUSECVE-2016-4554 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for squid (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for squid fixes the following issues:
Security issue fixed:
- CVE-2019-13345: Fixed a cross site scripting vulnerability via user_name or auth parameter in cachemgr.cgi (bsc#1140738).
ModerateSUSE bug 1140738CVE-2019-13345 at SUSECVE-2019-13345 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for squid (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for squid fixes the following issues:
- CVE-2020-15810: Fixed a HTTP Request Smuggling that could have resulted in cache poisoning (bsc#1175664).
- CVE-2019-12523: Disabled urn parsing and parsing of unknown schemes (bsc#1156329).
- CVE-2019-18676: Disabled urn parsing and parsing of unknown schemes (bsc#1156329).
ImportantSUSE bug 1156329SUSE bug 1175664CVE-2019-12523 at SUSECVE-2019-12523 at NVDCVE-2019-18676 at SUSECVE-2019-18676 at NVDCVE-2020-15810 at SUSECVE-2020-15810 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for squid3SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Squid3 was updated to fix a denial of service in Range Header processing,
which would have allowed proxy users to crash the squid proxy process.
(CVE-2014-3609)
Security Issues:
* CVE-2014-3609
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3609>
SUSE bug 677335SUSE bug 710376SUSE bug 715171SUSE bug 727492SUSE bug 737905SUSE bug 794954SUSE bug 796999SUSE bug 867533SUSE bug 893649CVE-2011-3205 at SUSECVE-2011-3205 at NVDCVE-2011-4096 at SUSECVE-2011-4096 at NVDCVE-2012-5643 at SUSECVE-2012-5643 at NVDCVE-2013-0188 at SUSECVE-2013-0188 at NVDCVE-2014-0128 at SUSECVE-2014-0128 at NVDCVE-2014-3609 at SUSECVE-2014-3609 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for squid3 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for squid3 fixes the following issues:
- Multiple issues in pinger ICMP processing. (CVE-2014-7141, CVE-2014-7142)
- CVE-2016-3947: Buffer overrun issue in pinger
ICMPv6 processing. (bsc#973782)
- CVE-2016-4554: fix header smuggling issue in HTTP Request processing (bsc#979010)
- Fix multiple Denial of Service issues in HTTP Response processing.
(CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572,
bsc#968392, bsc#968393, bsc#968394, bsc#968395)
- Regression caused by the DoS fixes above (bsc#993299)
- CVE-2016-3948: Fix denial of service in HTTP Response processing (bsc#973783)
- CVE-2016-4051: fixes buffer overflow in cachemgr.cgi (bsc#976553)
- CVE-2016-4052, CVE-2016-4053, CVE-2016-4054:
* fixes multiple issues in ESI processing (bsc#976556)
- CVE-2016-4556: fixes double free vulnerability in Esi.cc (bsc#979008)
- CVE-2015-5400: Improper Protection of Alternate Path (bsc#938715)
- CVE-2014-6270: fix off-by-one in snmp subsystem (bsc#895773)
- Memory leak in squid3 when using external_acl (bsc#976708)
ImportantSUSE bug 895773SUSE bug 902197SUSE bug 938715SUSE bug 963539SUSE bug 967011SUSE bug 968392SUSE bug 968393SUSE bug 968394SUSE bug 968395SUSE bug 973782SUSE bug 973783SUSE bug 976553SUSE bug 976556SUSE bug 976708SUSE bug 979008SUSE bug 979009SUSE bug 979010SUSE bug 979011SUSE bug 993299CVE-2011-3205 at SUSECVE-2011-3205 at NVDCVE-2011-4096 at SUSECVE-2011-4096 at NVDCVE-2012-5643 at SUSECVE-2012-5643 at NVDCVE-2013-0188 at SUSECVE-2013-0188 at NVDCVE-2013-4115 at SUSECVE-2013-4115 at NVDCVE-2014-0128 at SUSECVE-2014-0128 at NVDCVE-2014-6270 at SUSECVE-2014-6270 at NVDCVE-2014-7141 at SUSECVE-2014-7141 at NVDCVE-2014-7142 at SUSECVE-2014-7142 at NVDCVE-2015-5400 at SUSECVE-2015-5400 at NVDCVE-2016-2390 at SUSECVE-2016-2390 at NVDCVE-2016-2569 at SUSECVE-2016-2569 at NVDCVE-2016-2570 at SUSECVE-2016-2570 at NVDCVE-2016-2571 at SUSECVE-2016-2571 at NVDCVE-2016-2572 at SUSECVE-2016-2572 at NVDCVE-2016-3947 at SUSECVE-2016-3947 at NVDCVE-2016-3948 at SUSECVE-2016-3948 at NVDCVE-2016-4051 at SUSECVE-2016-4051 at NVDCVE-2016-4052 at SUSECVE-2016-4052 at NVDCVE-2016-4053 at SUSECVE-2016-4053 at NVDCVE-2016-4054 at SUSECVE-2016-4054 at NVDCVE-2016-4553 at SUSECVE-2016-4553 at NVDCVE-2016-4554 at SUSECVE-2016-4554 at NVDCVE-2016-4555 at SUSECVE-2016-4555 at NVDCVE-2016-4556 at SUSECVE-2016-4556 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for squid3 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for squid3 fixes the following issues:
- CVE-2016-10002: Fixed incorrect processing of responses to If-None-Modified HTTP conditional requests. This allowed responses containing private data to clients it should not have reached (bsc#1016168)
- CVE-2014-9749: Prevent nonce replay in Digest authentication, preventing the reuse of stale auth tokens (bsc#949942)
ModerateSUSE bug 1016168SUSE bug 949942CVE-2014-9749 at SUSECVE-2014-9749 at NVDCVE-2016-10002 at SUSECVE-2016-10002 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for squid3 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for squid3 fixes the following issues:
Security issues fixed:
- CVE-2018-1000024: DoS fix caused by incorrect pointer handling when processing ESI
responses. This affects the default custom esi_parser (bsc#1077003).
- CVE-2018-1000027: DoS fix caused by incorrect pointer handing whien processing ESI
responses or downloading intermediate CA certificates (bsc#1077006).
ModerateSUSE bug 1077003SUSE bug 1077006CVE-2018-1000024 at SUSECVE-2018-1000024 at NVDCVE-2018-1000027 at SUSECVE-2018-1000027 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for squid3 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for squid3 fixes the following issues:
- CVE-2018-1172: Fixed a DoS caused by incorrect handling of ESI responses. (bsc#1090089, SQUID-2018:3)
ImportantSUSE bug 1090089CVE-2018-1172 at SUSECVE-2018-1172 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for squid3 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for squid3 fixes the following issues:
Security issue fixed:
- CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling (bsc#1113668).
ImportantSUSE bug 1113668CVE-2018-19131 at SUSECVE-2018-19131 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for squid3 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for squid3 fixes the following issues:
- Fixed a Cache Poisoning and Request Smuggling
attack (CVE-2020-15049, bsc#1173455)
- Fixed incorrect buffer handling that can
result in cache poisoning, remote execution, and
denial of service attacks when processing ESI responses
(CVE-2019-12519, CVE-2019-12521, bsc#1169659)
- Fixed handling of hostname in
cachemgr.cgi (CVE-2019-18860, bsc#1167373)
- Fixed a potential remote execution vulnerability
when using HTTP Digest Authentication (CVE-2020-11945, bsc#1170313)
- Fixed a potential ACL bypass, cache-bypass
and cross-site scripting attack when processing invalid HTTP
Request messages (CVE-2019-12520, CVE-2019-12524, bsc#1170423)
- Fixed a potential denial of service when
processing TLS certificates during HTTPS connections
(CVE-2020-14059, bsc#1173304)
- Fixed a potential denial of service associated
with incorrect buffer management of HTTP Basic Authentication
credentials (bsc#1141329, CVE-2019-12529)
- Fixed an incorrect buffer management resulting
in vulnerability to a denial of service during processing of
HTTP Digest Authentication credentials (bsc#1141332, CVE-2019-12525)
- Fix XSS via user_name or auth parameter
in cachemgr.cgi (bsc#1140738, CVE-2019-13345)
- Fixed a potential code execution vulnerability
(CVE-2019-12526, bsc#1156326)
- Fixed HTTP Request Splitting in HTTP
message processing and information disclosure in
HTTP Digest Authentication
(CVE-2019-18678, CVE-2019-18679, bsc#1156323, bsc#1156324)
- Fixed a security issue allowing a remote
client ability to cause use a buffer overflow when squid is
acting as reverse-proxy.
(CVE-2020-8449, CVE-2020-8450, bsc#1162687)
- Fixed a security issue allowing for information
disclosure in FTP gateway (CVE-2019-12528, bsc#1162689)
- Fixed a security issue in ext_lm_group_acl
when processing NTLM Authentication credentials.
(CVE-2020-8517, bsc#1162691)
- Fixed Cross-Site Request Forgery in
HTTP Request processing (CVE-2019-18677, bsc#1156328)
- Disable urn parsing and parsing of
unknown schemes (bsc#1156329, CVE-2019-12523, CVE-2019-18676)
ImportantSUSE bug 1140738SUSE bug 1141329SUSE bug 1141332SUSE bug 1156323SUSE bug 1156324SUSE bug 1156326SUSE bug 1156328SUSE bug 1156329SUSE bug 1162687SUSE bug 1162689SUSE bug 1162691SUSE bug 1167373SUSE bug 1169659SUSE bug 1170313SUSE bug 1170423SUSE bug 1173304SUSE bug 1173455CVE-2019-12519 at SUSECVE-2019-12519 at NVDCVE-2019-12520 at SUSECVE-2019-12520 at NVDCVE-2019-12521 at SUSECVE-2019-12521 at NVDCVE-2019-12523 at SUSECVE-2019-12523 at NVDCVE-2019-12524 at SUSECVE-2019-12524 at NVDCVE-2019-12525 at SUSECVE-2019-12525 at NVDCVE-2019-12526 at SUSECVE-2019-12526 at NVDCVE-2019-12528 at SUSECVE-2019-12528 at NVDCVE-2019-12529 at SUSECVE-2019-12529 at NVDCVE-2019-13345 at SUSECVE-2019-13345 at NVDCVE-2019-18676 at SUSECVE-2019-18676 at NVDCVE-2019-18677 at SUSECVE-2019-18677 at NVDCVE-2019-18678 at SUSECVE-2019-18678 at NVDCVE-2019-18679 at SUSECVE-2019-18679 at NVDCVE-2019-18860 at SUSECVE-2019-18860 at NVDCVE-2020-11945 at SUSECVE-2020-11945 at NVDCVE-2020-14059 at SUSECVE-2020-14059 at NVDCVE-2020-15049 at SUSECVE-2020-15049 at NVDCVE-2020-8449 at SUSECVE-2020-8449 at NVDCVE-2020-8450 at SUSECVE-2020-8450 at NVDCVE-2020-8517 at SUSECVE-2020-8517 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for squid3 (Critical)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for squid3 fixes the following issues:
- CVE-2020-15811: Fixed an HTTP request splitting vulnerability (bsc#1175665).
- CVE-2020-24606: Fixed a DoS vulnerability when processing Cache Digest Responses (bsc#1175671).
- CVE-2020-15810: Fixed an HTTP request smuggling vulnerability (bsc#1175664).
CriticalSUSE bug 1175664SUSE bug 1175665SUSE bug 1175671CVE-2020-15810 at SUSECVE-2020-15810 at NVDCVE-2020-15811 at SUSECVE-2020-15811 at NVDCVE-2020-24606 at SUSECVE-2020-24606 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for squid3 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for squid3 fixes the following issues:
- CVE-2021-28651: Fixed a denial of service issue when processing URN
resource identifiers (bsc#1185921).
- CVE-2020-25097: Fixed an HTTP request smuggling issue (bsc#1183436).
ImportantSUSE bug 1183436SUSE bug 1185921CVE-2020-25097 at SUSECVE-2020-25097 at NVDCVE-2021-28651 at SUSECVE-2021-28651 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for squidGuard (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
squidGuard was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-8936: Reflected cross site scripting vulnerability because of insufficient escaping (bsc#985612).
ModerateSUSE bug 985612CVE-2015-8936 at SUSECVE-2015-8936 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for strongswanSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes a NULL ptr dereference (DoS) via ID_DER_ASN1_DN ID
payloads.
Security Issue reference:
* CVE-2014-2891
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2891>
SUSE bug 615915SUSE bug 677041SUSE bug 761325SUSE bug 779038SUSE bug 815236SUSE bug 833278SUSE bug 840826SUSE bug 847506SUSE bug 870572SUSE bug 876449SUSE bug 933591CVE-2010-2628 at SUSECVE-2010-2628 at NVDCVE-2012-2388 at SUSECVE-2012-2388 at NVDCVE-2013-2944 at SUSECVE-2013-2944 at NVDCVE-2013-5018 at SUSECVE-2013-5018 at NVDCVE-2014-2338 at SUSECVE-2014-2338 at NVDCVE-2014-2891 at SUSECVE-2014-2891 at NVDCVE-2015-4171 at SUSECVE-2015-4171 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for strongswan (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The strongswan package was updated to fix the following security issue:
- CVE-2015-8023: Fixed an authentication bypass vulnerability in the eap-mschapv2 plugin (bsc#953817).
ModerateSUSE bug 953817CVE-2015-8023 at SUSECVE-2015-8023 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for strongswan (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for strongswan fixes the following issues:
- CVE-2017-9022: Insufficient Input Validation in gmp Plugin leads to Denial of service (bsc#1039514)
- CVE-2017-9023: Incorrect x509 ASN.1 parser error handling could lead to Denial of service (bsc#1039515)
ImportantSUSE bug 1039514SUSE bug 1039515CVE-2017-9022 at SUSECVE-2017-9022 at NVDCVE-2017-9023 at SUSECVE-2017-9023 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for strongswan (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for strongswan fixes the following issues:
- CVE-2017-11185: Specific RSA signatures passed to the gmp plugin for verification can
cause a null-pointer dereference and it may lead to a denial of service (bsc#1051222)
ModerateSUSE bug 1051222CVE-2017-11185 at SUSECVE-2017-11185 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for strongswan (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for strongswan fixes the following issues:
- CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker
with local user credentials to resource exhaustion and denial of service while
reading from the socket (bsc#1094462).
ModerateSUSE bug 1094462CVE-2018-5388 at SUSECVE-2018-5388 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for strongswan (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for strongswan fixes the following issues:
- CVE-2021-41991: Fixed an integer overflow when replacing certificates in cache. (bsc#1191435)
ImportantSUSE bug 1191435CVE-2021-41991 at SUSECVE-2021-41991 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for strongswan (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for strongswan fixes the following issues:
- CVE-2018-16151: Fixed flaws in gmp plugin that could lead to authorization bypass. (bsc#1107874)
- CVE-2018-16152: Fixed flaws in gmp plugin that could lead to authorization bypass. (bsc#1107874)
- CVE-2018-17540: Fixed insufficient input validation in gmp plugin. (bsc#1109845)
- CVE-2021-45079: Fixed authentication bypass in EAP authentication. (bsc#1194471)
ImportantSUSE bug 1107874SUSE bug 1109845SUSE bug 1194471CVE-2018-16151 at SUSECVE-2018-16151 at NVDCVE-2018-16152 at SUSECVE-2018-16152 at NVDCVE-2018-17540 at SUSECVE-2018-17540 at NVDCVE-2021-45079 at SUSECVE-2021-45079 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for stunnelSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for stunnel fixes a buffer overflow vulnerability caused by
incorrect integer conversion in the NTLM authentication of the CONNECT
protocol negotiation (CVE-2013-1762).
Security Issue reference:
* CVE-2013-1762
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1762>
SUSE bug 674554SUSE bug 697549SUSE bug 775262SUSE bug 776756SUSE bug 807450CVE-2013-1762 at SUSECVE-2013-1762 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for sudoSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This security update for sudo provides a fix for the following issue:
* A security policy bypass when env_reset is disabled. (CVE-2014-0106,
bnc#866503)
Security Issues references:
* CVE-2014-0106
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0106>
SUSE bug 667558SUSE bug 681296SUSE bug 720181SUSE bug 724490SUSE bug 739214SUSE bug 760697SUSE bug 762327SUSE bug 806919SUSE bug 806921SUSE bug 817349SUSE bug 817350SUSE bug 866503CVE-2012-2337 at SUSECVE-2012-2337 at NVDCVE-2013-1775 at SUSECVE-2013-1775 at NVDCVE-2013-1776 at SUSECVE-2013-1776 at NVDCVE-2013-2776 at SUSECVE-2013-2776 at NVDCVE-2013-2777 at SUSECVE-2013-2777 at NVDCVE-2014-0106 at SUSECVE-2014-0106 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for sudo (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for sudo fixes the following issues:
Security issues:
- CVE-2016-7032: noexec bypass via system() and popen(). (bsc#1007766)
- CVE-2016-7076: noexec bypass via wordexp(). (bsc#1007501)
- CVE-2014-9680: unsafe handling of TZ environment variable. (bsc#917806)
Bug fixes:
- bsc#823292: Fix the default flag settings in manual page to reflect changes caused
by sudoers patch.
- bsc#823796: Escape the command args for 'sudo -i' and 'sudo -s'.
ModerateSUSE bug 1007501SUSE bug 1007766SUSE bug 823292SUSE bug 823796SUSE bug 917806CVE-2014-9680 at SUSECVE-2014-9680 at NVDCVE-2016-7032 at SUSECVE-2016-7032 at NVDCVE-2016-7076 at SUSECVE-2016-7076 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for sudo (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for sudo fixes the following issue:
- CVE-2019-14287: Fixed an issue where a user with sudo privileges that allowed them to run commands with an arbitrary uid, could run commands as root, despite being forbidden to do so in sudoers (bsc#1153674).
ImportantSUSE bug 1153674CVE-2019-14287 at SUSECVE-2019-14287 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for supportutilsSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This collective update provides the newest version of supportutils, which
contains the following tools used for troubleshooting : supportconfig,
chkbin, schealth, getappcore, analyzevmcore.
The fixes in detail are:
* fixed multiple Novell DNS configuration files (bnc#765150)
* fixed HA error when cibadmin -Q doesn't connect
* fixed ldapsearch search on non-default port (bnc#756890)
* added systool base output to sysfs.txt
* analyzevmcore files included in crash.txt
* /etc/services included in network.txt
* added analyzevmcore
* added getappcore
* changed to systool for sysfs.txt
* added local binary list (bnc#743084)
* added curl check for update registrations
* fixed conf file execution in plugins directory (bnc#743454)
* added a supportconfig summary in summary.xml
* added /etc/init.d/halt.local to boot.txt
* added fslist_ufiles_info (bnc#738475)
* fixed fslist_info order (bnc#738472)
* added kdump rpm check for sles11sp1 (bnc#738110)
* added plugin-icommand to scplugin.rc for internal bash commands
* added /proc/sys to proc.txt
* removed extra bridge command
* the -v for rpm validation now works on all versions
* added netstat check for port 6901 to novell-dfs.txt (bnc#712874)
* added rpm packages to samba.txt list (bnc#727546)
* added sbd HAE information to ha.txt (bnc#710484)
* added KVM information to SLE11GA
* added LANG for consistent output (bnc#718091)
* improved novell-dfs.txt (bnc#712874)
* added /var/log/xdm.errors to x.txt (bnc#710066)
SUSE bug 595768SUSE bug 596846SUSE bug 599594SUSE bug 599742SUSE bug 600165SUSE bug 604406SUSE bug 607733SUSE bug 619248SUSE bug 620273SUSE bug 621190SUSE bug 623364SUSE bug 624142SUSE bug 624976SUSE bug 630470SUSE bug 630497SUSE bug 631435SUSE bug 632315SUSE bug 635114SUSE bug 637038SUSE bug 637675SUSE bug 638813SUSE bug 640554SUSE bug 641126SUSE bug 642837SUSE bug 643575SUSE bug 645418SUSE bug 646645SUSE bug 649282SUSE bug 649603SUSE bug 652675SUSE bug 652693SUSE bug 653544SUSE bug 656855SUSE bug 659243SUSE bug 659254SUSE bug 661611SUSE bug 667677SUSE bug 674469SUSE bug 674641SUSE bug 675622SUSE bug 683511SUSE bug 683514SUSE bug 683516SUSE bug 683962SUSE bug 692308SUSE bug 692344SUSE bug 692379SUSE bug 692727SUSE bug 697538SUSE bug 699734SUSE bug 700317SUSE bug 700389SUSE bug 701372SUSE bug 703005SUSE bug 703006SUSE bug 703310SUSE bug 703599SUSE bug 704195SUSE bug 710066SUSE bug 710484SUSE bug 712874SUSE bug 718091SUSE bug 727546SUSE bug 738110SUSE bug 738472SUSE bug 738475SUSE bug 743084SUSE bug 743454SUSE bug 756890SUSE bug 765150CVE-2010-3912 at SUSECVE-2010-3912 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for sysconfigSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update to sysconfig fixes the following issues:
* bnc#737333: Improved the bonding setup documentation.
* bnc#737078: Fixed /etc/init.d/network to not fail when a hotplug
bonding slave interface is not available at boot time.
SUSE bug 559170SUSE bug 572367SUSE bug 576355SUSE bug 580018SUSE bug 607511SUSE bug 609809SUSE bug 616765SUSE bug 617373SUSE bug 630434SUSE bug 637183SUSE bug 644738SUSE bug 648830SUSE bug 660774SUSE bug 669361SUSE bug 670871SUSE bug 697929SUSE bug 698478SUSE bug 735394SUSE bug 737078SUSE bug 737333CVE-2011-4182 at SUSECVE-2011-4182 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for syslog-ng (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for syslog-ng fixes the following issues:
- CVE-2020-8019: Fixed a local privilege escalation during package update (bsc#1169385).
ModerateSUSE bug 1169385CVE-2020-8019 at SUSECVE-2020-8019 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for system-config-printerSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes an issue with Samba authentication, where a pop up window
wasn't displayed immediately when sending a job to a Samba printer
(bnc#590397).
SUSE bug 590397SUSE bug 596445SUSE bug 623894SUSE bug 733542SUSE bug 735322CVE-2011-2899 at SUSECVE-2011-2899 at NVDCVE-2011-4405 at SUSECVE-2011-4405 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for system-config-printer (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for system-config-printer fixes the following issues:
Security issue fixed:
- CVE-2012-4510: Fixed an issue in the CUPS PolicyKit helper that allowed attackers, with user assistance, to overwrite specific files or upload sensitive data to a CUPS resource (bsc#783488).
ModerateSUSE bug 783488CVE-2012-4510 at SUSECVE-2012-4510 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for t1libSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of t1lib fixes memory corruptions and a heap-based overflow in
the afm font parser.
Security Issue references:
* CVE-2011-0764
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0764>
* CVE-2011-1552
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1552>
* CVE-2011-1553
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1553>
* CVE-2011-1554
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1554>
* CVE-2011-0433
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0433>
SUSE bug 662411SUSE bug 684802SUSE bug 757961CVE-2010-2642 at SUSECVE-2010-2642 at NVDCVE-2011-0433 at SUSECVE-2011-0433 at NVDCVE-2011-0764 at SUSECVE-2011-0764 at NVDCVE-2011-1552 at SUSECVE-2011-1552 at NVDCVE-2011-1553 at SUSECVE-2011-1553 at NVDCVE-2011-1554 at SUSECVE-2011-1554 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for taglibSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The following issue has been fixed:
* specially crafted ogg files could have crashed taglib
Security Issue references:
* CVE-2012-1108
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1108>
* CVE-2012-1584
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1584>
SUSE bug 750690SUSE bug 750691SUSE bug 750693CVE-2012-1108 at SUSECVE-2012-1108 at NVDCVE-2012-1584 at SUSECVE-2012-1584 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tar (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tar fixes the following issues:
- Fix the POINTYFEATHER vulnerability - GNU tar archiver can be tricked
into extracting files and directories in the given destination, regardless
of the path name(s) specified on the command line [bsc#1007188]
[CVE-2016-6321]
ModerateSUSE bug 1007188CVE-2016-6321 at SUSECVE-2016-6321 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tar (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tar to version 1.27.1 fixes the following issues:
tar 1.27.1 brings following changes (jsc#ECO-339)
* Sparse files with large data
* No backticks in quoting
* --owner and --group names and numbers
* Support for POSIX ACLs, extended attributes and SELinux context.
* Passing command line arguments to external commands.
* New configure option --enable-gcc-warnings, intended for debugging.
* New warning control option --warning=[no-]record-size
* New command line option --keep-directory-symlink
* Fix unquoting of file names obtained via the -T option.
* Fix GNU long link header timestamp (backward compatibility).
Security issues fixed:
- CVE-2019-9923: Fixed a denial of service while parsing certain archives with malformed extended headers in pax_decode_header() (bsc#1130496).
- CVE-2018-20482: Fixed a denial of service when the '--sparse' option mishandles file shrinkage during read access (bsc#1120610).
ModerateSUSE bug 1120610SUSE bug 1130496SUSE bug 1152736CVE-2018-20482 at SUSECVE-2018-20482 at NVDCVE-2019-9923 at SUSECVE-2019-9923 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tar (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tar fixes the following issues:
CVE-2021-20193: Memory leak in read_header() in list.c (bsc#1181131)
LowSUSE bug 1181131CVE-2021-20193 at SUSECVE-2021-20193 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tcpdumpSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
When running tcpdump, a remote unauthenticated user could have crashed the
application or, potentially, execute arbitrary code by injecting crafted
packages into the network.
The following vulnerabilities in protocol printers have been fixed:
* IPv6 mobility printer remote DoS (CVE-2015-0261, bnc#922220)
* Ethernet printer remote DoS (CVE-2015-2154, bnc#922222)
* PPP printer remote DoS (CVE-2014-9140, bnc#923142)
Security Issues:
* CVE-2015-0261
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0261>
* CVE-2015-2154
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2154>
* CVE-2014-9140
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9140>
SUSE bug 905870SUSE bug 905872SUSE bug 922220SUSE bug 922222SUSE bug 923142CVE-2014-8767 at SUSECVE-2014-8767 at NVDCVE-2014-8769 at SUSECVE-2014-8769 at NVDCVE-2014-9140 at SUSECVE-2014-9140 at NVDCVE-2015-0261 at SUSECVE-2015-0261 at NVDCVE-2015-2154 at SUSECVE-2015-2154 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tcpdump (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tcpdump fixes the following issues:
Security issues fixed (bsc#1020940):
- CVE-2016-7922: Corrected buffer overflow in AH parser print-ah.c:ah_print().
- CVE-2016-7923: Corrected buffer overflow in ARP parser print-arp.c:arp_print().
- CVE-2016-7925: Corrected buffer overflow in compressed SLIP parser print-sl.c:sl_if_print().
- CVE-2016-7926: Corrected buffer overflow in the Ethernet parser print-ether.c:ethertype_print().
- CVE-2016-7927: Corrected buffer overflow in the IEEE 802.11 parser print-802_11.c:ieee802_11_radio_print().
- CVE-2016-7928: Corrected buffer overflow in the IPComp parser print-ipcomp.c:ipcomp_print().
- CVE-2016-7931: Corrected buffer overflow in the MPLS parser print-mpls.c:mpls_print().
- CVE-2016-7936: Corrected buffer overflow in the UDP parser print-udp.c:udp_print().
- CVE-2016-7934,CVE-2016-7935,CVE-2016-7937: Corrected segmentation faults in function udp_print().
- CVE-2016-7939: Corrected buffer overflows in GRE parser print-gre.c:(multiple functions).
- CVE-2016-7940: Corrected buffer overflows in STP parser print-stp.c:(multiple functions).
- CVE-2016-7973: Corrected buffer overflow in AppleTalk parser print-atalk.c.
- CVE-2016-7974: Corrected buffer overflow in IP parser print-ip.c:(multiple functions).
- CVE-2016-7975: Corrected buffer overflow in TCP parser print-tcp.c:tcp_print().
- CVE-2016-7983,CVE-2016-7984: Corrected buffer overflow in TFTP parser print-tftp.c:tftp_print().
- CVE-2016-7992: Corrected buffer overflow in Classical IP over ATM parser print-cip.c.
- CVE-2016-7993: Corrected buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, etc.).
- CVE-2016-8574: Corrected buffer overflow in FRF.15 parser print-fr.c:frf15_print().
- CVE-2017-5202: Corrected buffer overflow in ISO CLNS parser print-isoclns.c:clnp_print().
- CVE-2017-5203: Corrected buffer overflow in BOOTP parser print-bootp.c:bootp_print().
- CVE-2017-5204: Corrected buffer overflow in IPv6 parser print-ip6.c:ip6_print().
- CVE-2017-5483: Corrected buffer overflow in SNMP parser print-snmp.c:asn1_parse().
- CVE-2017-5484: Corrected buffer overflow in ATM parser print-atm.c:sig_print().
- CVE-2017-5485: Corrected buffer overflow in ISO CLNS parser addrtoname.c:lookup_nsap().
- CVE-2017-5486: Corrected buffer overflow in ISO CLNS parser print-isoclns.c:clnp_print().
ModerateSUSE bug 1020940CVE-2016-7922 at SUSECVE-2016-7922 at NVDCVE-2016-7923 at SUSECVE-2016-7923 at NVDCVE-2016-7925 at SUSECVE-2016-7925 at NVDCVE-2016-7926 at SUSECVE-2016-7926 at NVDCVE-2016-7927 at SUSECVE-2016-7927 at NVDCVE-2016-7928 at SUSECVE-2016-7928 at NVDCVE-2016-7931 at SUSECVE-2016-7931 at NVDCVE-2016-7934 at SUSECVE-2016-7934 at NVDCVE-2016-7935 at SUSECVE-2016-7935 at NVDCVE-2016-7936 at SUSECVE-2016-7936 at NVDCVE-2016-7937 at SUSECVE-2016-7937 at NVDCVE-2016-7939 at SUSECVE-2016-7939 at NVDCVE-2016-7940 at SUSECVE-2016-7940 at NVDCVE-2016-7973 at SUSECVE-2016-7973 at NVDCVE-2016-7974 at SUSECVE-2016-7974 at NVDCVE-2016-7975 at SUSECVE-2016-7975 at NVDCVE-2016-7983 at SUSECVE-2016-7983 at NVDCVE-2016-7984 at SUSECVE-2016-7984 at NVDCVE-2016-7992 at SUSECVE-2016-7992 at NVDCVE-2016-7993 at SUSECVE-2016-7993 at NVDCVE-2016-8574 at SUSECVE-2016-8574 at NVDCVE-2017-5202 at SUSECVE-2017-5202 at NVDCVE-2017-5203 at SUSECVE-2017-5203 at NVDCVE-2017-5204 at SUSECVE-2017-5204 at NVDCVE-2017-5483 at SUSECVE-2017-5483 at NVDCVE-2017-5484 at SUSECVE-2017-5484 at NVDCVE-2017-5485 at SUSECVE-2017-5485 at NVDCVE-2017-5486 at SUSECVE-2017-5486 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tcpdump (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tcpdump fixes the following issues:
Security issues fixed:
- CVE-2017-11108: Crafted input allowed remote DoS (bsc#1047873)
- CVE-2017-11541: Prevent a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c (bsc#1057247).
- CVE-2017-11542: Prevent a heap-based buffer over-read in the pimv1_print function in print-pim.c (bsc#1057247).
- CVE-2017-11543: Prevent a buffer overflow in the sliplink_print function in print-sl.c (bsc#1057247).
- CVE-2017-13011: Several protocol parsers in tcpdump could have caused a buffer overflow in util-print.c:bittok2str_internal() (bsc#1057247).
ModerateSUSE bug 1047873SUSE bug 1057247CVE-2017-11108 at SUSECVE-2017-11108 at NVDCVE-2017-11541 at SUSECVE-2017-11541 at NVDCVE-2017-11542 at SUSECVE-2017-11542 at NVDCVE-2017-11543 at SUSECVE-2017-11543 at NVDCVE-2017-13011 at SUSECVE-2017-13011 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for tcpdump (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tcpdump provides the following fix:
- The original fix for CVE-2016-7975 was using a variable before declaring it. Fix this
by moving the declaration before any usage. (bsc#1094241, CVE-2016-7975)
ModerateSUSE bug 1094241CVE-2016-7975 at SUSECVE-2016-7975 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tcpdump (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tcpdump fixes the following issues:
Security issues fixed:
- CVE-2017-12995: Fixed an infinite loop in the DNS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12893: Fixed a buffer over-read in the SMB/CIFS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12894: Fixed a buffer over-read in several protocol parsers that allowed remote DoS (bsc#1057247).
- CVE-2017-12896: Fixed a buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12897: Fixed a buffer over-read in the ISO CLNS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12898: Fixed a buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12899: Fixed a buffer over-read in the DECnet parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12900: Fixed a buffer over-read in the in several protocol parsers that allowed remote DoS (bsc#1057247).
- CVE-2017-12901: Fixed a buffer over-read in the EIGRP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12902: Fixed a buffer over-read in the Zephyr parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12985: Fixed a buffer over-read in the IPv6 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12986: Fixed a buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12987: Fixed a buffer over-read in the 802.11 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12988: Fixed a buffer over-read in the telnet parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12991: Fixed a buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12992: Fixed a buffer over-read in the RIPng parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12993: Fixed a buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12996: Fixed a buffer over-read in the PIMv2 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12998: Fixed a buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12999: Fixed a buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13001: Fixed a buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13002: Fixed a buffer over-read in the AODV parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13003: Fixed a buffer over-read in the LMP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13004: Fixed a buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13005: Fixed a buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13006: Fixed a buffer over-read in the L2TP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13008: Fixed a buffer over-read in the IEEE 802.11 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13009: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13010: Fixed a buffer over-read in the BEEP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13012: Fixed a buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13013: Fixed a buffer over-read in the ARP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13014: Fixed a buffer over-read in the White Board protocol parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13016: Fixed a buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13017: Fixed a buffer over-read in the DHCPv6 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13018: Fixed a buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13019: Fixed a buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13021: Fixed a buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13022: Fixed a buffer over-read in the IP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13023: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13024: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13025: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13027: Fixed a buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13028: Fixed a buffer over-read in the BOOTP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13029: Fixed a buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13030: Fixed a buffer over-read in the PIM parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13031: Fixed a buffer over-read in the IPv6 fragmentation header parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13032: Fixed a buffer over-read in the RADIUS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13034: Fixed a buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13035: Fixed a buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13036: Fixed a buffer over-read in the OSPFv3 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13037: Fixed a buffer over-read in the IP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13038: Fixed a buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13041: Fixed a buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13047: Fixed a buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13048: Fixed a buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13049: Fixed a buffer over-read in the Rx protocol parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13051: Fixed a buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13053: Fixed a buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13055: Fixed a buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13687: Fixed a buffer over-read in the Cisco HDLC parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13688: Fixed a buffer over-read in the OLSR parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13689: Fixed a buffer over-read in the IKEv1 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13725: Fixed a buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247).
- CVE-2018-10103: Fixed a mishandling of the printing of SMB data (bsc#1153098).
- CVE-2018-10105: Fixed a mishandling of the printing of SMB data (bsc#1153098).
- CVE-2018-14461: Fixed a buffer over-read in print-ldp.c:ldp_tlv_print (bsc#1153098).
- CVE-2018-14462: Fixed a buffer over-read in print-icmp.c:icmp_print (bsc#1153098).
- CVE-2018-14463: Fixed a buffer over-read in print-vrrp.c:vrrp_print (bsc#1153098).
- CVE-2018-14464: Fixed a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).
- CVE-2018-14465: Fixed a buffer over-read in print-rsvp.c:rsvp_obj_print (bsc#1153098).
- CVE-2018-14466: Fixed a buffer over-read in print-rx.c:rx_cache_find (bsc#1153098).
- CVE-2018-14467: Fixed a buffer over-read in print-bgp.c:bgp_capabilities_print (bsc#1153098).
- CVE-2018-14468: Fixed a buffer over-read in print-fr.c:mfr_print (bsc#1153098).
- CVE-2018-14469: Fixed a buffer over-read in print-isakmp.c:ikev1_n_print (bsc#1153098).
- CVE-2018-14881: Fixed a buffer over-read in the BGP parser (bsc#1153098).
- CVE-2018-14882: Fixed a buffer over-read in the ICMPv6 parser (bsc#1153098).
- CVE-2018-16229: Fixed a buffer over-read in the DCCP parser (bsc#1153098).
- CVE-2018-16230: Fixed a buffer over-read in the BGP parser in print-bgp.c:bgp_attr_print (bsc#1153098).
- CVE-2018-16300: Fixed an unlimited recursion in the BGP parser that allowed denial-of-service by stack consumption (bsc#1153098).
- CVE-2018-16301: Fixed a buffer overflow (bsc#1153332 bsc#1153098).
- CVE-2018-16451: Fixed several buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN (bsc#1153098).
- CVE-2018-16452: Fixed a stack exhaustion in smbutil.c:smb_fdata (bsc#1153098).
- CVE-2019-15166: Fixed a bounds check in lmp_print_data_link_subobjs (bsc#1153098).
ImportantSUSE bug 1057247SUSE bug 1153098SUSE bug 1153332CVE-2017-12893 at SUSECVE-2017-12893 at NVDCVE-2017-12894 at SUSECVE-2017-12894 at NVDCVE-2017-12896 at SUSECVE-2017-12896 at NVDCVE-2017-12897 at SUSECVE-2017-12897 at NVDCVE-2017-12898 at SUSECVE-2017-12898 at NVDCVE-2017-12899 at SUSECVE-2017-12899 at NVDCVE-2017-12900 at SUSECVE-2017-12900 at NVDCVE-2017-12901 at SUSECVE-2017-12901 at NVDCVE-2017-12902 at SUSECVE-2017-12902 at NVDCVE-2017-12985 at SUSECVE-2017-12985 at NVDCVE-2017-12986 at SUSECVE-2017-12986 at NVDCVE-2017-12987 at SUSECVE-2017-12987 at NVDCVE-2017-12988 at SUSECVE-2017-12988 at NVDCVE-2017-12991 at SUSECVE-2017-12991 at NVDCVE-2017-12992 at SUSECVE-2017-12992 at NVDCVE-2017-12993 at SUSECVE-2017-12993 at NVDCVE-2017-12995 at SUSECVE-2017-12995 at NVDCVE-2017-12996 at SUSECVE-2017-12996 at NVDCVE-2017-12998 at SUSECVE-2017-12998 at NVDCVE-2017-12999 at SUSECVE-2017-12999 at NVDCVE-2017-13001 at SUSECVE-2017-13001 at NVDCVE-2017-13002 at SUSECVE-2017-13002 at NVDCVE-2017-13003 at SUSECVE-2017-13003 at NVDCVE-2017-13004 at SUSECVE-2017-13004 at NVDCVE-2017-13005 at SUSECVE-2017-13005 at NVDCVE-2017-13006 at SUSECVE-2017-13006 at NVDCVE-2017-13008 at SUSECVE-2017-13008 at NVDCVE-2017-13009 at SUSECVE-2017-13009 at NVDCVE-2017-13010 at SUSECVE-2017-13010 at NVDCVE-2017-13012 at SUSECVE-2017-13012 at NVDCVE-2017-13013 at SUSECVE-2017-13013 at NVDCVE-2017-13014 at SUSECVE-2017-13014 at NVDCVE-2017-13016 at SUSECVE-2017-13016 at NVDCVE-2017-13017 at SUSECVE-2017-13017 at NVDCVE-2017-13018 at SUSECVE-2017-13018 at NVDCVE-2017-13019 at SUSECVE-2017-13019 at NVDCVE-2017-13021 at SUSECVE-2017-13021 at NVDCVE-2017-13022 at SUSECVE-2017-13022 at NVDCVE-2017-13023 at SUSECVE-2017-13023 at NVDCVE-2017-13024 at SUSECVE-2017-13024 at NVDCVE-2017-13025 at SUSECVE-2017-13025 at NVDCVE-2017-13027 at SUSECVE-2017-13027 at NVDCVE-2017-13028 at SUSECVE-2017-13028 at NVDCVE-2017-13029 at SUSECVE-2017-13029 at NVDCVE-2017-13030 at SUSECVE-2017-13030 at NVDCVE-2017-13031 at SUSECVE-2017-13031 at NVDCVE-2017-13032 at SUSECVE-2017-13032 at NVDCVE-2017-13034 at SUSECVE-2017-13034 at NVDCVE-2017-13035 at SUSECVE-2017-13035 at NVDCVE-2017-13036 at SUSECVE-2017-13036 at NVDCVE-2017-13037 at SUSECVE-2017-13037 at NVDCVE-2017-13038 at SUSECVE-2017-13038 at NVDCVE-2017-13041 at SUSECVE-2017-13041 at NVDCVE-2017-13047 at SUSECVE-2017-13047 at NVDCVE-2017-13048 at SUSECVE-2017-13048 at NVDCVE-2017-13049 at SUSECVE-2017-13049 at NVDCVE-2017-13051 at SUSECVE-2017-13051 at NVDCVE-2017-13053 at SUSECVE-2017-13053 at NVDCVE-2017-13055 at SUSECVE-2017-13055 at NVDCVE-2017-13687 at SUSECVE-2017-13687 at NVDCVE-2017-13688 at SUSECVE-2017-13688 at NVDCVE-2017-13689 at SUSECVE-2017-13689 at NVDCVE-2017-13725 at SUSECVE-2017-13725 at NVDCVE-2018-10103 at SUSECVE-2018-10103 at NVDCVE-2018-10105 at SUSECVE-2018-10105 at NVDCVE-2018-14461 at SUSECVE-2018-14461 at NVDCVE-2018-14462 at SUSECVE-2018-14462 at NVDCVE-2018-14463 at SUSECVE-2018-14463 at NVDCVE-2018-14464 at SUSECVE-2018-14464 at NVDCVE-2018-14465 at SUSECVE-2018-14465 at NVDCVE-2018-14466 at SUSECVE-2018-14466 at NVDCVE-2018-14467 at SUSECVE-2018-14467 at NVDCVE-2018-14468 at SUSECVE-2018-14468 at NVDCVE-2018-14469 at SUSECVE-2018-14469 at NVDCVE-2018-14881 at SUSECVE-2018-14881 at NVDCVE-2018-14882 at SUSECVE-2018-14882 at NVDCVE-2018-16229 at SUSECVE-2018-16229 at NVDCVE-2018-16230 at SUSECVE-2018-16230 at NVDCVE-2018-16300 at SUSECVE-2018-16300 at NVDCVE-2018-16301 at SUSECVE-2018-16301 at NVDCVE-2018-16451 at SUSECVE-2018-16451 at NVDCVE-2018-16452 at SUSECVE-2018-16452 at NVDCVE-2019-15166 at SUSECVE-2019-15166 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tcpdump (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tcpdump fixes the following issues:
- CVE-2020-8037: Fixed an issue where PPP decapsulator did not allocate the right buffer size (bsc#1178466).
ModerateSUSE bug 1178466CVE-2020-8037 at SUSECVE-2020-8037 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tcpdump (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tcpdump fixes the following issues:
- CVE-2018-16301: Fixed segfault when handling large files (bsc#1195825).
ModerateSUSE bug 1195825CVE-2018-16301 at SUSECVE-2018-16301 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tftpSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Malicious clients could overflow a buffer in tftpd by specifying a large
value for the utimeout option (CVE-2011-2199).
Security Issue reference:
* CVE-2011-2199
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2199>
SUSE bug 630297SUSE bug 699714CVE-2011-2199 at SUSECVE-2011-2199 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tgtSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of tgt fixes multiple bugs:
* tgtadm user unbind broken [bnc#633111]
* iscsitarget package not supported [bnc#513934]
* iscsitarget vs. tgt (and /etc/ietd.conf) [bnc#598927]
* tgt fix double free() flaw [bnc#665415, CVE-2011-0001]
Security Issue reference:
* CVE-2011-0001
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0001>
SUSE bug 513934SUSE bug 592928SUSE bug 598927SUSE bug 618574SUSE bug 633111SUSE bug 665415CVE-2010-0743 at SUSECVE-2010-0743 at NVDCVE-2010-2221 at SUSECVE-2010-2221 at NVDCVE-2011-0001 at SUSECVE-2011-0001 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
tiff was updated to fix six security issues found by fuzzing initiatives.
These security issues were fixed:
- CVE-2014-8127: Out-of-bounds write (bnc#914890).
- CVE-2014-8128: Out-of-bounds write (bnc#914890).
- CVE-2014-8129: Out-of-bounds write (bnc#914890).
- CVE-2014-8130: Out-of-bounds write (bnc#914890).
- CVE-2014-9655: Access of uninitialized memory (bnc#916927).
ModerateSUSE bug 914890SUSE bug 916927CVE-2014-8127 at SUSECVE-2014-8127 at NVDCVE-2014-8128 at SUSECVE-2014-8128 at NVDCVE-2014-8129 at SUSECVE-2014-8129 at NVDCVE-2014-8130 at SUSECVE-2014-8130 at NVDCVE-2014-9655 at SUSECVE-2014-9655 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tiff fixes the following issues:
- CVE-2015-8781, CVE-2015-8782, CVE-2015-8783: Out-of-bounds writes for invalid images (bsc#964225)
- CVE-2015-7554: Out-of-bounds Write in the thumbnail and tiffcmp tools (bsc#960341)
ModerateSUSE bug 960341SUSE bug 964225CVE-2015-7554 at SUSECVE-2015-7554 at NVDCVE-2015-8781 at SUSECVE-2015-8781 at NVDCVE-2015-8782 at SUSECVE-2015-8782 at NVDCVE-2015-8783 at SUSECVE-2015-8783 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tiff fixes the following issues:
- CVE-2016-3622: Specially crafted TIFF images could trigger a crash in tiff2rgba (bsc#974449)
- Various out-of-bound write vulnerabilities with unspecified impact (MSVR 35093, MSVR 35094, MSVR 35095, MSVR 35096, MSVR 35097, MSVR 35098)
- CVE-2016-5314: Specially crafted TIFF images could trigger a crash that could result in DoS (bsc#984831)
- CVE-2016-5316: Specially crafted TIFF images could trigger a crash in the rgb2ycbcr tool, leading to Doa (bsc#984837)
- CVE-2016-5317: Specially crafted TIFF images could trigger a crash through an out of bound write (bsc#984842)
- CVE-2016-5320: Specially crafted TIFF images could trigger a crash or potentially allow remote code execution when using the rgb2ycbcr command (bsc#984808)
- CVE-2016-5875: Specially crafted TIFF images could trigger could allow arbitrary code execution (bsc#987351)
- CVE-2016-3623: Specially crafted TIFF images could trigger a crash in rgb2ycbcr (bsc#974618)
- CVE-2016-3945: Specially crafted TIFF images could trigger a crash or allow for arbitrary command execution via tiff2rgba (bsc#974614)
- CVE-2016-3990: Specially crafted TIFF images could trigger a crash or allow for arbitrary command execution (bsc#975069)
- CVE-2016-3186: Specially crafted TIFF imaged could trigger a crash in the gif2tiff command via a buffer overflow (bsc#973340)
ModerateSUSE bug 973340SUSE bug 974449SUSE bug 974614SUSE bug 974618SUSE bug 975069SUSE bug 984808SUSE bug 984831SUSE bug 984837SUSE bug 984842SUSE bug 987351CVE-2016-3186 at SUSECVE-2016-3186 at NVDCVE-2016-3622 at SUSECVE-2016-3622 at NVDCVE-2016-3623 at SUSECVE-2016-3623 at NVDCVE-2016-3945 at SUSECVE-2016-3945 at NVDCVE-2016-3990 at SUSECVE-2016-3990 at NVDCVE-2016-5314 at SUSECVE-2016-5314 at NVDCVE-2016-5316 at SUSECVE-2016-5316 at NVDCVE-2016-5317 at SUSECVE-2016-5317 at NVDCVE-2016-5320 at SUSECVE-2016-5320 at NVDCVE-2016-5875 at SUSECVE-2016-5875 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tiff fixes the following issues:
- CVE-2016-9453: The t2p_readwrite_pdf_image_tile function allowed remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one (bsc#1011107).
- CVE-2016-5652: An exploitable heap-based buffer overflow existed in the handling of TIFF images in the TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means (bsc#1007280).
- CVE-2017-11335: There is a heap based buffer overflow in tools/tiff2pdf.c via a PlanarConfig=Contig image, which caused a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). A crafted input may lead to a remote denial of service attack or an arbitrary code execution attack (bsc#1048937).
- CVE-2016-9536: tools/tiff2pdf.c had an out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). Reported as MSVR 35098, aka 't2p_process_jpeg_strip heap-buffer-overflow.' (bsc#1011845)
- CVE-2017-9935: In LibTIFF, there was a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_free, memory corruption in t2p_readwrite_pdf_image, or a double free in t2p_free. Given these possibilities, it probably could cause arbitrary code execution (bsc#1046077).
- CVE-2017-17973: There is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. (bsc#1074318)
- CVE-2015-7554: The _TIFFVGetField function in tif_dir.c allowed attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image (bsc#960341).
- CVE-2016-5318: Stack-based buffer overflow in the _TIFFVGetField function allowed remote attackers to crash the application via a crafted tiff (bsc#983436).
- CVE-2016-10095: Stack-based buffer overflow in the _TIFFVGetField function in tif_dir.c allowed remote attackers to cause a denial of service (crash) via a crafted TIFF file (bsc#1017690,).
- CVE-2016-10268: tools/tiffcp.c allowed remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to 'READ of size 78490' and libtiff/tif_unix.c:115:23 (bsc#1031255)
- An overlapping of memcpy parameters was fixed which could lead to content corruption (bsc#1017691).
- Fixed an invalid memory read which could lead to a crash (bsc#1017692).
- Fixed a NULL pointer dereference in TIFFReadRawData (tiffinfo.c) that could crash the decoder (bsc#1017688).
ModerateSUSE bug 1007280SUSE bug 1011107SUSE bug 1011845SUSE bug 1017688SUSE bug 1017690SUSE bug 1017691SUSE bug 1017692SUSE bug 1031255SUSE bug 1046077SUSE bug 1048937SUSE bug 1074318SUSE bug 960341SUSE bug 983436CVE-2015-7554 at SUSECVE-2015-7554 at NVDCVE-2016-10095 at SUSECVE-2016-10095 at NVDCVE-2016-10268 at SUSECVE-2016-10268 at NVDCVE-2016-3945 at SUSECVE-2016-3945 at NVDCVE-2016-5318 at SUSECVE-2016-5318 at NVDCVE-2016-5652 at SUSECVE-2016-5652 at NVDCVE-2016-9453 at SUSECVE-2016-9453 at NVDCVE-2016-9536 at SUSECVE-2016-9536 at NVDCVE-2017-11335 at SUSECVE-2017-11335 at NVDCVE-2017-17973 at SUSECVE-2017-17973 at NVDCVE-2017-9935 at SUSECVE-2017-9935 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tiff fixes the following issues:
Security issues fixed:
- CVE-2016-5315: The setByteArray function in tif_dir.c allowed remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. (bsc#984809)
- CVE-2016-10267: LibTIFF allowed remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8. (bsc#1017694)
- CVE-2016-10269: LibTIFF allowed remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to 'READ of size 512' and libtiff/tif_unix.c:340:2. (bsc#1031254)
- CVE-2016-10270: LibTIFF allowed remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to 'READ of size 8' and libtiff/tif_read.c:523:22. (bsc#1031250)
- CVE-2017-18013: In LibTIFF, there was a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. (bsc#1074317)
- CVE-2017-7593: tif_read.c did not ensure that tif_rawdata is properly initialized, which might have allowed remote attackers to obtain sensitive information from process memory via a crafted image. (bsc#1033129)
- CVE-2017-7595: The JPEGSetupEncode function in tiff_jpeg.c allowed remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. (bsc#1033127)
- CVE-2017-7596: LibTIFF had an 'outside the range of representable values of type float' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033126)
- CVE-2017-7597: tif_dirread.c had an 'outside the range of representable values of type float' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033120)
- CVE-2017-7599: LibTIFF had an 'outside the range of representable values of type short' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033113)
- CVE-2017-7600: LibTIFF had an 'outside the range of representable values of type unsigned char' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033112)
- CVE-2017-7601: LibTIFF had a 'shift exponent too large for 64-bit type long' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033111)
- CVE-2017-7602: LibTIFF had a signed integer overflow, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033109)
- Multiple divide by zero issues
- CVE-2016-5314: Buffer overflow in the PixarLogDecode function in tif_pixarlog.c allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr. (bsc#987351 bsc#984808 bsc#984831)
ModerateSUSE bug 1017694SUSE bug 1031250SUSE bug 1031254SUSE bug 1033109SUSE bug 1033111SUSE bug 1033112SUSE bug 1033113SUSE bug 1033120SUSE bug 1033126SUSE bug 1033127SUSE bug 1033129SUSE bug 1074317SUSE bug 984808SUSE bug 984809SUSE bug 984831SUSE bug 987351CVE-2016-10267 at SUSECVE-2016-10267 at NVDCVE-2016-10269 at SUSECVE-2016-10269 at NVDCVE-2016-10270 at SUSECVE-2016-10270 at NVDCVE-2016-5314 at SUSECVE-2016-5314 at NVDCVE-2016-5315 at SUSECVE-2016-5315 at NVDCVE-2017-18013 at SUSECVE-2017-18013 at NVDCVE-2017-7593 at SUSECVE-2017-7593 at NVDCVE-2017-7595 at SUSECVE-2017-7595 at NVDCVE-2017-7596 at SUSECVE-2017-7596 at NVDCVE-2017-7597 at SUSECVE-2017-7597 at NVDCVE-2017-7599 at SUSECVE-2017-7599 at NVDCVE-2017-7600 at SUSECVE-2017-7600 at NVDCVE-2017-7601 at SUSECVE-2017-7601 at NVDCVE-2017-7602 at SUSECVE-2017-7602 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tiff fixes the following security issues:
- CVE-2017-5225: Prevent heap buffer overflow in the tools/tiffcp that could
have caused DoS or code execution via a crafted BitsPerSample value
(bsc#1019611)
- CVE-2018-7456: Prevent a NULL Pointer dereference in the function
TIFFPrintDirectory when using the tiffinfo tool to print crafted TIFF
information, a different vulnerability than CVE-2017-18013 (bsc#1082825)
- CVE-2017-11613: Prevent denial of service in the TIFFOpen function. During
the TIFFOpen process, td_imagelength is not checked. The value of
td_imagelength can be directly controlled by an input file. In the
ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called
based on td_imagelength. If the value of td_imagelength is set close to the
amount of system memory, it will hang the system or trigger the OOM killer
(bsc#1082332)
- CVE-2016-10266: Prevent remote attackers to cause a denial of service
(divide-by-zero error and application crash) via a crafted TIFF image, related
to libtiff/tif_read.c:351:22 (bsc#1031263)
- CVE-2018-8905: Prevent heap-based buffer overflow in the function
LZWDecodeCompat via a crafted TIFF file (bsc#1086408)
- CVE-2016-9540: Prevent out-of-bounds write on tiled images with odd tile
width versus image width (bsc#1011839).
- CVE-2016-9535: tif_predict.h and tif_predict.c had assertions that could have
lead to assertion failures in debug mode, or buffer overflows in release mode,
when dealing with unusual tile size like YCbCr with subsampling (bsc#1011846).
- CVE-2016-9535: tif_predict.h and tif_predict.c had assertions that could have
lead to assertion failures in debug mode, or buffer overflows in release mode,
when dealing with unusual tile size like YCbCr with subsampling (bsc#1011846).
- Removed assert in readSeparateTilesIntoBuffer() function (bsc#1017689).
- CVE-2016-10095: Prevent stack-based buffer overflow in the _TIFFVGetField
function that allowed remote attackers to cause a denial of service (crash) via
a crafted TIFF file (bsc#1017690).
- CVE-2016-8331: Prevent remote code execution because of incorrect handling of
TIFF images. A crafted TIFF document could have lead to a type confusion
vulnerability resulting in remote code execution. This vulnerability could have
been be triggered via a TIFF file delivered to the application using LibTIFF's
tag extension functionality (bsc#1007276).
- CVE-2016-3632: The _TIFFVGetField function allowed remote attackers to cause
a denial of service (out-of-bounds write) or execute arbitrary code via a
crafted TIFF image (bsc#974621).
ModerateSUSE bug 1007276SUSE bug 1011839SUSE bug 1011846SUSE bug 1017689SUSE bug 1017690SUSE bug 1019611SUSE bug 1031263SUSE bug 1082332SUSE bug 1082825SUSE bug 1086408SUSE bug 974621CVE-2014-8128 at SUSECVE-2014-8128 at NVDCVE-2015-7554 at SUSECVE-2015-7554 at NVDCVE-2016-10095 at SUSECVE-2016-10095 at NVDCVE-2016-10266 at SUSECVE-2016-10266 at NVDCVE-2016-3632 at SUSECVE-2016-3632 at NVDCVE-2016-5318 at SUSECVE-2016-5318 at NVDCVE-2016-8331 at SUSECVE-2016-8331 at NVDCVE-2016-9535 at SUSECVE-2016-9535 at NVDCVE-2016-9540 at SUSECVE-2016-9540 at NVDCVE-2017-11613 at SUSECVE-2017-11613 at NVDCVE-2017-5225 at SUSECVE-2017-5225 at NVDCVE-2018-7456 at SUSECVE-2018-7456 at NVDCVE-2018-8905 at SUSECVE-2018-8905 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tiff fixes the following issues:
The following security vulnerabilities were addressed:
- CVE-2015-8668: Fixed a heap-based buffer overflow in the PackBitsPreEncode
function in tif_packbits.c in bmp2tiff, which allowed remote attackers to
execute arbitrary code or cause a denial of service via a large width field
in a specially crafted BMP image. (bsc#960589)
- CVE-2018-10779: Fixed a heap-based buffer over-read in TIFFWriteScanline() in
tif_write.c (bsc#1092480)
- CVE-2017-17942: Fixed a heap-based buffer overflow in the function
PackBitsEncode in tif_packbits.c. (bsc#1074186)
- CVE-2016-5319: Fixed a beap-based buffer overflow in bmp2tiff (bsc#983440)
ModerateSUSE bug 1074186SUSE bug 1092480SUSE bug 960589SUSE bug 983440CVE-2015-8668 at SUSECVE-2015-8668 at NVDCVE-2016-5319 at SUSECVE-2016-5319 at NVDCVE-2017-17942 at SUSECVE-2017-17942 at NVDCVE-2018-10779 at SUSECVE-2018-10779 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tiff fixes the following issues:
- CVE-2018-17100: There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file. (bsc#1108637)
- CVE-2018-17101: There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. (bsc#1108627)
- CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935. (bsc#1110358)
- CVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209. (bsc#1106853)
ModerateSUSE bug 1106853SUSE bug 1108627SUSE bug 1108637SUSE bug 1110358CVE-2017-11613 at SUSECVE-2017-11613 at NVDCVE-2017-9935 at SUSECVE-2017-9935 at NVDCVE-2018-16335 at SUSECVE-2018-16335 at NVDCVE-2018-17100 at SUSECVE-2018-17100 at NVDCVE-2018-17101 at SUSECVE-2018-17101 at NVDCVE-2018-17795 at SUSECVE-2018-17795 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tiff fixes the following issues:
Security issues fixed:
- CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tif_lzw.c (bsc#1113672).
- CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf (bsc#1099257).
- CVE-2017-9147: Fixed invalid read in the _TIFFVGetField function in tif_dir.c, that allowed remote attackers to cause a DoS via acrafted TIFF file (bsc#1040322).
- CVE-2017-9117: Fixed BMP images processing that was verified without biWidth and biHeight values (bsc#1040080).
- CVE-2017-17942: Fixed issue in the function PackBitsEncode that could have led to a heap overflow and caused a DoS (bsc#1074186).
- CVE-2016-9273: Fixed heap-based buffer overflow issue (bsc#1010163).
- CVE-2016-5319: Fixed heap-based buffer overflow in PackBitsEncode (bsc#983440).
- CVE-2016-3621: Fixed out-of-bounds read in the bmp2tiff tool (lzw packing) (bsc#974448).
- CVE-2016-3620: Fixed out-of-bounds read in the bmp2tiff tool (zip packing) (bsc#974447)
- CVE-2016-3619: Fixed out-of-bounds read in the bmp2tiff tool (none packing) (bsc#974446)
- CVE-2015-8870: Fixed integer overflow in tools/bmp2tiff.c that allowed remote attackers to causea DOS (bsc#1014461).
Non-security issues fixed:
- asan_build: build ASAN included
- debug_build: build more suitable for debugging
ModerateSUSE bug 1010163SUSE bug 1014461SUSE bug 1040080SUSE bug 1040322SUSE bug 1074186SUSE bug 1099257SUSE bug 1113672SUSE bug 974446SUSE bug 974447SUSE bug 974448SUSE bug 983440CVE-2015-8870 at SUSECVE-2015-8870 at NVDCVE-2016-3619 at SUSECVE-2016-3619 at NVDCVE-2016-3620 at SUSECVE-2016-3620 at NVDCVE-2016-3621 at SUSECVE-2016-3621 at NVDCVE-2016-5319 at SUSECVE-2016-5319 at NVDCVE-2016-9273 at SUSECVE-2016-9273 at NVDCVE-2017-17942 at SUSECVE-2017-17942 at NVDCVE-2017-9117 at SUSECVE-2017-9117 at NVDCVE-2017-9147 at SUSECVE-2017-9147 at NVDCVE-2018-12900 at SUSECVE-2018-12900 at NVDCVE-2018-18661 at SUSECVE-2018-18661 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tiff fixes the following issues:
Security issues fixed:
- CVE-2016-10094: Fixed heap-based buffer overflow in the _tiffWriteProc function (bsc#1017693).
- CVE-2016-10093: Fixed heap-based buffer overflow in the _TIFFmemcpy function (bsc#1017693).
- CVE-2016-10092: Fixed heap-based buffer overflow in the TIFFReverseBits function (bsc#1017693).
ModerateSUSE bug 1017693CVE-2016-10092 at SUSECVE-2016-10092 at NVDCVE-2016-10093 at SUSECVE-2016-10093 at NVDCVE-2016-10094 at SUSECVE-2016-10094 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tiff (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tiff fixes the following issue:
Security vulnerabilities fixed:
- CVE-2016-5102: Fixed a buffer overflow in readgifimage() (bsc#983268)
- CVE-2019-6128: Fixed a memory leak in the TIFFFdOpen function in tif_unix.c (bsc#1121626)
LowSUSE bug 1121626SUSE bug 983268CVE-2016-5102 at SUSECVE-2016-5102 at NVDCVE-2019-6128 at SUSECVE-2019-6128 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tiff (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tiff fixes the following issues:
- CVE-2015-8683: Fixed out-of-bounds when reading CIE Lab image format files (bsc#1156754).
- CVE-2015-8665: Fixed out-of-bounds read in tif_getimage.c (bsc#1156749).
- CVE-2020-35521: Fixed memory allocation failure in tif_read.c (bsc#1182808).
- CVE-2020-35522: Fixed memory allocation failure in tif_pixarlog.c (bsc#1182809).
- CVE-2020-35523: Fixed integer overflow in tif_getimage.c (bsc#1182811).
- CVE-2020-35524: Fixed heap-based buffer overflow in TIFF2PDF tool (bsc#1182812).
ImportantSUSE bug 1156749SUSE bug 1156754SUSE bug 1182808SUSE bug 1182809SUSE bug 1182811SUSE bug 1182812CVE-2015-8665 at SUSECVE-2015-8665 at NVDCVE-2015-8683 at SUSECVE-2015-8683 at NVDCVE-2020-35521 at SUSECVE-2020-35521 at NVDCVE-2020-35522 at SUSECVE-2020-35522 at NVDCVE-2020-35523 at SUSECVE-2020-35523 at NVDCVE-2020-35524 at SUSECVE-2020-35524 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tightvnc (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tightvnc fixes the following issues:
- CVE-2019-15679: Fixed a heap buffer overflow in InitialiseRFBConnection
which might lead to code execution (bsc#1155476).
- CVE-2019-8287: Fixed a global buffer overflow in HandleCoRREBBPmay which
might lead to code execution (bsc#1155472).
- CVE-2019-15680: Fixed a null pointer dereference in HandleZlibBPP which
could have led to denial of service (bsc#1155452).
- CVE-2019-15678: Fixed a heap buffer overflow in rfbServerCutText handler
(bsc#1155442).
ImportantSUSE bug 1155442SUSE bug 1155452SUSE bug 1155472SUSE bug 1155476CVE-2019-15678 at SUSECVE-2019-15678 at NVDCVE-2019-15679 at SUSECVE-2019-15679 at NVDCVE-2019-15680 at SUSECVE-2019-15680 at NVDCVE-2019-8287 at SUSECVE-2019-8287 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tomcat6 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tomcat6 fixes the following issue:
- CVE-2016-5388 Setting HTTP_PROXY environment variable via Proxy header (bsc#988489)
ModerateSUSE bug 988489CVE-2016-5388 at SUSECVE-2016-5388 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tomcat6SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of tomcat6 fixes:
* apache-tomcat-CVE-2012-3544.patch (bnc#831119)
* use chown --no-dereference to prevent symlink attacks on log
(bnc#822177#c7/prevents CVE-2013-1976)
* Fix tomcat init scripts generating malformed classpath
(http://youtrack.jetbrains.com/issue/JT-18545) bnc#804992 (patch from
m407)
* fix a typo in initscript (bnc#768772 )
* copy all shell scripts (bnc#818948)
Security Issue reference:
* CVE-2012-3544
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544>
* CVE-2013-1976
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1976>
* CVE-2012-0022
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022>
SUSE bug 735343SUSE bug 742477SUSE bug 768772SUSE bug 789406SUSE bug 791423SUSE bug 791424SUSE bug 791426SUSE bug 791679SUSE bug 793391SUSE bug 793394SUSE bug 794548SUSE bug 804992SUSE bug 818948SUSE bug 822177SUSE bug 831119SUSE bug 906152SUSE bug 917127SUSE bug 918195SUSE bug 926762SUSE bug 931442SUSE bug 932698CVE-2011-1184 at SUSECVE-2011-1184 at NVDCVE-2011-5062 at SUSECVE-2011-5062 at NVDCVE-2011-5063 at SUSECVE-2011-5063 at NVDCVE-2011-5064 at SUSECVE-2011-5064 at NVDCVE-2012-0022 at SUSECVE-2012-0022 at NVDCVE-2012-2733 at SUSECVE-2012-2733 at NVDCVE-2012-3544 at SUSECVE-2012-3544 at NVDCVE-2012-3546 at SUSECVE-2012-3546 at NVDCVE-2012-4431 at SUSECVE-2012-4431 at NVDCVE-2012-4534 at SUSECVE-2012-4534 at NVDCVE-2012-5568 at SUSECVE-2012-5568 at NVDCVE-2012-5885 at SUSECVE-2012-5885 at NVDCVE-2012-5886 at SUSECVE-2012-5886 at NVDCVE-2012-5887 at SUSECVE-2012-5887 at NVDCVE-2013-1976 at SUSECVE-2013-1976 at NVDCVE-2014-0227 at SUSECVE-2014-0227 at NVDCVE-2014-0230 at SUSECVE-2014-0230 at NVDCVE-2014-7810 at SUSECVE-2014-7810 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tomcat6 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tomcat6 fixes the following issues:
The version was updated from 6.0.41 to 6.0.45.
Security issues fixed:
* CVE-2015-5174: Directory traversal vulnerability in RequestUtil.java
in Apache Tomcat allowed remote authenticated users to bypass intended
SecurityManager restrictions and list a parent directory via a /.. (slash
dot dot) in a pathname used by a web application in a getResource,
getResourceAsStream, or getResourcePaths call, as demonstrated by the
$CATALINA_BASE/webapps directory. (bsc#967967)
* CVE-2015-5345: The Mapper component in Apache Tomcat processes redirects
before considering security constraints and Filters, which allowed remote
attackers to determine the existence of a directory via a URL that lacks
a trailing / (slash) character. (bsc#967965)
* CVE-2016-0706: Apache Tomcat did not place
org.apache.catalina.manager.StatusManagerServlet on the
org/apache/catalina/core/RestrictedServlets.properties list, which
allowed remote authenticated users to bypass intended SecurityManager
restrictions and read arbitrary HTTP requests, and consequently discover
session ID values, via a crafted web application. (bsc#967815)
* CVE-2016-0714: The session-persistence implementation in Apache Tomcat
mishandled session attributes, which allowed remote authenticated users
to bypass intended SecurityManager restrictions and execute arbitrary
code in a privileged context via a web application that places a crafted
object in a session. (bsc#967964)
ImportantSUSE bug 934219SUSE bug 967815SUSE bug 967964SUSE bug 967965SUSE bug 967967CVE-2015-5174 at SUSECVE-2015-5174 at NVDCVE-2015-5345 at SUSECVE-2015-5345 at NVDCVE-2016-0706 at SUSECVE-2016-0706 at NVDCVE-2016-0714 at SUSECVE-2016-0714 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tomcat6 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tomcat6 fixes the following issues:
Tomcat was updated to version 6.0.53:
The full changelog is:
http://tomcat.apache.org/tomcat-6.0-doc/changelog.html
Security issues fixed:
- CVE-2017-5647: A bug in the handling of pipelined requests could lead to information disclosure (bsc#1036642)
- CVE-2016-8745: Regression in the error handling methods could lead to information disclosure (bsc#1015119)
- CVE-2016-8735: Remote code execution vulnerability in JmxRemoteLifecycleListener (bsc#1011805)
- CVE-2016-6816: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests (bsc#1011812)
- CVE-2016-6797: Unrestricted Access to Global Resources (bsc#1007853)
- CVE-2016-6796: Manager Bypass (bsc#1007858)
- CVE-2016-6794: System Property Disclosure (bsc#1007857)
- CVE-2016-5018: Security Manager Bypass (bsc#1007855)
- CVE-2016-0762: Realm Timing Attack (bsc#1007854)
- CVE-2016-5388: an arbitrary HTTP_PROXY environment variable might allow remote attackers to redirect outbound HTTP traffic (bsc#988489)
ImportantSUSE bug 1007853SUSE bug 1007854SUSE bug 1007855SUSE bug 1007857SUSE bug 1007858SUSE bug 1011805SUSE bug 1011812SUSE bug 1015119SUSE bug 1033448SUSE bug 1036642SUSE bug 988489CVE-2016-0762 at SUSECVE-2016-0762 at NVDCVE-2016-5018 at SUSECVE-2016-5018 at NVDCVE-2016-5388 at SUSECVE-2016-5388 at NVDCVE-2016-6794 at SUSECVE-2016-6794 at NVDCVE-2016-6796 at SUSECVE-2016-6796 at NVDCVE-2016-6797 at SUSECVE-2016-6797 at NVDCVE-2016-6816 at SUSECVE-2016-6816 at NVDCVE-2016-8735 at SUSECVE-2016-8735 at NVDCVE-2016-8745 at SUSECVE-2016-8745 at NVDCVE-2017-5647 at SUSECVE-2017-5647 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tomcat6 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tomcat6 fixes the following security issues:
- : The error page mechanism of the Java Servlet Specification
requires that, when an error occurs and an error page is configured for the
error that occurred, the original request and response are forwarded to the
error page. This means that the request is presented to the error page with the
original HTTP method. If the error page is a static file, expected behaviour is
to serve content of the file as if processing a GET request, regardless of the
actual HTTP method. The Default Servlet in Tomcat did not do this. Depending on
the original request this could lead to unexpected and undesirable results for
static error pages including, if the DefaultServlet is configured to permit
writes, the replacement or removal of the custom error page (bsc#1042910).
- : The URL pattern of '' was not correctly handled when used as
part of a security constraint definition. This caused the constraint to be
ignored. It was possible for unauthorised users to gain access to web
application resources that should have been protected. Only security
constraints with a URL pattern of the empty string were affected (bsc#1082480).
ModerateSUSE bug 1042910SUSE bug 1082480CVE-2017-5664 at SUSECVE-2017-5664 at NVDCVE-2018-1304 at SUSECVE-2018-1304 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tomcat6 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tomcat6 fixes the following issue:
Security issue fixed:
- CVE-2018-11784: Fixed problem with specially crafted URLs that could be used to cause a redirect to any URI of an attackers choise (bsc#1110850).
ModerateSUSE bug 1110850CVE-2018-11784 at SUSECVE-2018-11784 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tomcat6 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tomcat6 fixes the following issues:
- CVE-2020-1938: Fixed a file contents disclosure vulnerability (bsc#1164692).
ImportantSUSE bug 1164692CVE-2020-1938 at SUSECVE-2020-1938 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tomcat6 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tomcat6 fixes the following issues:
CVE-2020-9484 (bsc#1171928)
Apache Tomcat Remote Code Execution via session persistence
If an attacker was able to control the contents and name of a file on a
server configured to use the PersistenceManager, then the attacker could
have triggered a remote code execution via deserialization of the file under
their control.
CVE-2019-12418 (bsc#1159723)
Local privilege escalation by manipulating the RMI registry and performing a man-in-the-middle attack
When Tomcat is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files was able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface.
The attacker could then use these credentials to access the JMX interface and gain complete control over the Tomcat instance.
CVE-2019-0221 (bsc#1136085)
The SSI printenv command echoed user provided data without escaping, which
made it vulnerable to XSS.
ImportantSUSE bug 1136085SUSE bug 1159723SUSE bug 1171928CVE-2019-0221 at SUSECVE-2019-0221 at NVDCVE-2019-12418 at SUSECVE-2019-12418 at NVDCVE-2020-9484 at SUSECVE-2020-9484 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for tomcat6 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for tomcat6 fixes the following issues:
- CVE-2021-25329: Fixed completely CVE-2020-9484 (bsc#1182909).
- CVE-2021-24122: Fixed an information disclosure (bsc#1180947).
- CVE-2017-12617: Fixed a file inclusion vulnerability through a crafted request (bsc#1059554).
ImportantSUSE bug 1059554SUSE bug 1180947SUSE bug 1182909CVE-2017-12617 at SUSECVE-2017-12617 at NVDCVE-2021-24122 at SUSECVE-2021-24122 at NVDCVE-2021-25329 at SUSECVE-2021-25329 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for transfig (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for transfig fixes the following issues:
Security issue fixed:
- CVE-2017-16899: Fix array index error in the fig2dev program (bsc#1069257).
ModerateSUSE bug 1069257CVE-2017-16899 at SUSECVE-2017-16899 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for transfig (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for transfig fixes the following issues:
Security issue fixed:
- CVE-2018-16140: Fixed a buffer underwrite vulnerability in get_line() in
read.c, which allowed an attacker to write prior to the beginning of the
buffer via specially crafted .fig file (bsc#1106531)
LowSUSE bug 1106531CVE-2018-16140 at SUSECVE-2018-16140 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for transfig (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for transfig fixes the following issues:
- CVE-2021-3561: Fixed global buffer overflow in fig2dev/read.c in function read_colordef() (bsc#1186329).
- CVE-2019-19797: Fixed out-of-bounds write in read_colordef in read.c (bsc#1159293).
- CVE-2019-19746: Fixed segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type (bsc#1159130).
- CVE-2019-19555: Fixed stack-based buffer overflow because of an incorrect sscanf (bsc#1161698).
- CVE-2019-14275: Fixed stack-based buffer overflow in the calc_arrow function in bound.c (bsc#1143650).
- CVE-2020-21680: Fixed a stack-based buffer overflow in the put_arrow() component in genpict2e.c (bsc#1189343).
- CVE-2020-21681: Fixed a global buffer overflow in the set_color component in genge.c (bsc#1189345).
- CVE-2020-21682: Fixed a global buffer overflow in the set_fill component in genge.c (bsc#1189346).
- CVE-2020-21683: Fixed a global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c (bsc#1189325).
- Do hardening via compile and linker flags
- Fixed last added upstream commit (boo#1136882)
ImportantSUSE bug 1136882SUSE bug 1143650SUSE bug 1159130SUSE bug 1159293SUSE bug 1161698SUSE bug 1186329SUSE bug 1189325SUSE bug 1189343SUSE bug 1189345SUSE bug 1189346CVE-2019-14275 at SUSECVE-2019-14275 at NVDCVE-2019-19555 at SUSECVE-2019-19555 at NVDCVE-2019-19746 at SUSECVE-2019-19746 at NVDCVE-2019-19797 at SUSECVE-2019-19797 at NVDCVE-2020-21680 at SUSECVE-2020-21680 at NVDCVE-2020-21681 at SUSECVE-2020-21681 at NVDCVE-2020-21682 at SUSECVE-2020-21682 at NVDCVE-2020-21683 at SUSECVE-2020-21683 at NVDCVE-2021-3561 at SUSECVE-2021-3561 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for transfig (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for transfig fixes the following issues:
Update to fig2dev version 3.2.8 Patchlevel 8b (Aug 2021)
- bsc#1190618, CVE-2020-21529: stack buffer overflow in the bezier_spline function in genepic.c.
- bsc#1190615, CVE-2020-21530: segmentation fault in the read_objects function in read.c.
- bsc#1190617, CVE-2020-21531: global buffer overflow in the conv_pattern_index function in gencgm.c.
- bsc#1190616, CVE-2020-21532: global buffer overflow in the setfigfont function in genepic.c.
- bsc#1190612, CVE-2020-21533: stack buffer overflow in the read_textobject function in read.c.
- bsc#1190611, CVE-2020-21534: global buffer overflow in the get_line function in read.c.
- bsc#1190607, CVE-2020-21535: segmentation fault in the gencgm_start function in gencgm.c.
- bsc#1192019, CVE-2021-32280: NULL pointer dereference in compute_closed_spline() in trans_spline.c
ImportantSUSE bug 1190607SUSE bug 1190611SUSE bug 1190612SUSE bug 1190615SUSE bug 1190616SUSE bug 1190617SUSE bug 1190618SUSE bug 1192019CVE-2020-21529 at SUSECVE-2020-21529 at NVDCVE-2020-21530 at SUSECVE-2020-21530 at NVDCVE-2020-21531 at SUSECVE-2020-21531 at NVDCVE-2020-21532 at SUSECVE-2020-21532 at NVDCVE-2020-21533 at SUSECVE-2020-21533 at NVDCVE-2020-21534 at SUSECVE-2020-21534 at NVDCVE-2020-21535 at SUSECVE-2020-21535 at NVDCVE-2021-32280 at SUSECVE-2021-32280 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for unrar (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for unrar fixes the following issues:
- CVE-2012-6706: decoding malicious RAR files could have lead to memory corruption or code execution. (bsc#1045315).
ImportantSUSE bug 1045315CVE-2012-6706 at SUSECVE-2012-6706 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for unrar (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for unrar to version 5.6.1 fixes several issues.
These security issues were fixed:
- CVE-2017-12938: Prevent remote attackers to bypass a directory-traversal
protection mechanism via vectors involving a symlink to the . directory, a
symlink to the .. directory, and a regular file (bsc#1054038).
- CVE-2017-12940: Prevent out-of-bounds read in the EncodeFileName::Decode call
within the Archive::ReadHeader15 function (bsc#1054038).
- CVE-2017-12941: Prevent an out-of-bounds read in the Unpack::Unpack20
function (bsc#1054038).
- CVE-2017-12942: Prevent a buffer overflow in the Unpack::LongLZ function
(bsc#1054038).
These non-security issues were fixed:
- Added extraction support for .LZ archives created by Lzip compressor
- Enable unpacking of files in ZIP archives compressed with XZ algorithm and
encrypted with AES
- Added support for PAX extended headers inside of TAR archive
- If RAR recovery volumes (.rev files) are present in the same folder as usual
RAR volumes, archive test command verifies .rev contents after completing
testing .rar files
- By default unrar skips symbolic links with absolute paths in link target when
extracting unless -ola command line switch is specified
- Added support for AES-NI CPU instructions
- Support for a new RAR 5.0 archiving format
- Wildcard exclusion mask for folders
- Added libunrar* and libunrar*-devel subpackages (bsc#513804)
- Prevent conditional jumps depending on uninitialised values (bsc#1046882)
ModerateSUSE bug 1046882SUSE bug 1054038SUSE bug 513804SUSE bug 693890CVE-2012-6706 at SUSECVE-2012-6706 at NVDCVE-2017-12938 at SUSECVE-2017-12938 at NVDCVE-2017-12940 at SUSECVE-2017-12940 at NVDCVE-2017-12941 at SUSECVE-2017-12941 at NVDCVE-2017-12942 at SUSECVE-2017-12942 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for unzipSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes the following security issues:
* CVE-2014-8139: input sanitization errors (bnc#909214)
* CVE-2014-9636: out-of-bounds read/write in test_compr_eb()
(bnc#914442)
Security Issues:
* CVE-2014-9636
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9636>
* CVE-2014-8139
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139>
SUSE bug 909214SUSE bug 914442CVE-2014-8139 at SUSECVE-2014-8139 at NVDCVE-2014-8140 at SUSECVE-2014-8140 at NVDCVE-2014-8141 at SUSECVE-2014-8141 at NVDCVE-2014-9636 at SUSECVE-2014-9636 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for unzip (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for unzip fixes the following issues:
- CVE-2014-9913: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption (bsc#1013993)
- CVE-2015-7696: Specially crafted zip files with password protection could trigger a crash and lead to denial of service (bsc#950110)
- CVE-2016-9844: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption (bsc#1013992)
ModerateSUSE bug 1013992SUSE bug 1013993SUSE bug 950110CVE-2014-9913 at SUSECVE-2014-9913 at NVDCVE-2015-7696 at SUSECVE-2015-7696 at NVDCVE-2016-9844 at SUSECVE-2016-9844 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for unzip (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for unzip fixes the following issues:
- CVE-2018-1000035: Fixed a heap-based buffer overflow in password protected ZIP archives (bsc#1080074)
ModerateSUSE bug 1080074CVE-2018-1000035 at SUSECVE-2018-1000035 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for unzip (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for unzip fixes the following issues:
- CVE-2018-18384: Fixed buffer overflow when listing archives (bsc#1110194)
ModerateSUSE bug 1110194CVE-2018-18384 at SUSECVE-2018-18384 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for unzip (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for unzip fixes the following issues:
- CVE-2021-4217: Fixed null pointer dereference in Unicode strings code (bsc#1196175).
ModerateSUSE bug 1196175CVE-2021-4217 at SUSECVE-2021-4217 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for FUSESUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The following security issues were fixed:
* CVE-2010-3879: FUSE allowed local users to create mtab entries with
arbitrary pathnames, and consequently unmount any filesystem, via a
symlink attack on the parent directory of the mountpoint of a FUSE
filesystem.
* CVE-2011-0541: Avoid mounting a directory including evaluation of
symlinks, which might have allowed local attackers to mount
filesystems anywhere in the system.
* CVE-2011-0543: Avoid symlink attacks on the mount point written in
the mtab file.
Four bugs were fixed:
* fixed retrying nfs mounts on rpc timeouts
* allow seperate control of the internet protocol uses by rpc.mount
seperately of the protocol used by nfs.
* Fixed locking in libuuid/uuid to avoid duplicate uuids.
* mkswap bad block check marked every block bad in O(n!) time on a good
device
New features were implemented:
* mount now has --fake and --no-canonicalize options, required for the
symlink security fixes. These were backported from mainline.
* mount can now auto-detect and differentiate between squashfs3 and
squashfs (v4) filesystems, allowing backward compatibility to the
SUSE Linux Enterprise 11 GA codebase.
Security Issues:
* CVE-2010-3879
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3879>
* CVE-2011-0541
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0541>
* CVE-2011-0543
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0543>
SUSE bug 635393SUSE bug 651598SUSE bug 663385SUSE bug 666893SUSE bug 667215SUSE bug 668820CVE-2010-3879 at SUSECVE-2010-3879 at NVDCVE-2011-0541 at SUSECVE-2011-0541 at NVDCVE-2011-0543 at SUSECVE-2011-0543 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for vim (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for vim fixes the following security issues:
- Fixed CVE-2016-1248, an arbitrary command execution vulnerability
(bsc#1010685)
ImportantSUSE bug 1010685CVE-2016-1248 at SUSECVE-2016-1248 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for vim (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for vim fixes the following issues:
- CVE-2017-5953: Fixed a possible overflow with corrupted spell file (bsc#1024724)
ModerateSUSE bug 1024724CVE-2017-5953 at SUSECVE-2017-5953 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for vim (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for vim fixes the following issues:
Security issue fixed:
- CVE-2019-12735: Fixed a potential arbitrary code execution vulnerability in getchar.c (bsc#1137443).
ImportantSUSE bug 1137443CVE-2019-12735 at SUSECVE-2019-12735 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for vim (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for vim fixes the following issues:
- CVE-2019-20807: Fixed an issue where escaping from the restrictive mode of vim
was possible using interfaces (bsc#1172225).
ModerateSUSE bug 1172225CVE-2019-20807 at SUSECVE-2019-20807 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for vinoSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
vino has been updated to fix a remote denial of service problem where
remote attackers could have caused an infinite loop in vino (CPU
consumption). (CVE-2013-5745)
Security Issue reference:
* CVE-2013-5745
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5745>
SUSE bug 691207SUSE bug 843174CVE-2011-0904 at SUSECVE-2011-0904 at NVDCVE-2011-0905 at SUSECVE-2011-0905 at NVDCVE-2013-5745 at SUSECVE-2013-5745 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for vino (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for vino fixes the following issues:
- CVE-2019-15681: Fixed a memory leak which could have allowed to a
remote attacker to read stack memory (bsc#1155419).
ModerateSUSE bug 1155419CVE-2019-15681 at SUSECVE-2019-15681 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for vsftpdSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The following issues have been fixed:
* #767364: vsftpd problem with subsequent ssl data connections
* #762381: 500 OOPS: child died error from vsftp
SUSE bug 676259SUSE bug 734424SUSE bug 762381SUSE bug 767364SUSE bug 900326SUSE bug 915522CVE-2011-0762 at SUSECVE-2011-0762 at NVDCVE-2015-1419 at SUSECVE-2015-1419 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for vte, vte-debuginfo, vte-debugsource, vte-devel, vte-doc, vte-langSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes a vulnerability of VTE to an old title set and query
attack which could be used by remote attackers to execute arbitrary code (
CVE-2010-2713 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2713>
).
SUSE bug 621097CVE-2010-2713 at SUSECVE-2010-2713 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for w3mSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
w3m does not handle embedded NUL characters in the common name and in
subject alternative names of X.509 certificates (CVE-2010-2074
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2074> ). This
update fixes the issue and also turns on verification of x509 certificates
by default which was not the case before.
SUSE bug 609451CVE-2010-2074 at SUSECVE-2010-2074 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for w3m (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for w3m fixes the following issues:
- update to debian git version (bsc#1011293)
addressed security issues:
CVE-2016-9621: w3m: global-buffer-overflow write (bsc#1012020)
CVE-2016-9622: w3m: null deref (bsc#1012021)
CVE-2016-9623: w3m: null deref (bsc#1012022)
CVE-2016-9624: w3m: near-null deref (bsc#1012023)
CVE-2016-9625: w3m: stack overflow (bsc#1012024)
CVE-2016-9626: w3m: stack overflow (bsc#1012025)
CVE-2016-9627: w3m: heap overflow read + deref (bsc#1012026)
CVE-2016-9628: w3m: null deref (bsc#1012027)
CVE-2016-9629: w3m: null deref (bsc#1012028)
CVE-2016-9630: w3m: global-buffer-overflow read (bsc#1012029)
CVE-2016-9631: w3m: null deref (bsc#1012030)
CVE-2016-9632: w3m: global-buffer-overflow read (bsc#1012031)
CVE-2016-9633: w3m: OOM (bsc#1012032)
CVE-2016-9434: w3m: null deref (bsc#1011283)
CVE-2016-9435: w3m: use uninit value (bsc#1011284)
CVE-2016-9436: w3m: use uninit value (bsc#1011285)
CVE-2016-9437: w3m: write to rodata (bsc#1011286)
CVE-2016-9438: w3m: null deref (bsc#1011287)
CVE-2016-9439: w3m: stack overflow (bsc#1011288)
CVE-2016-9440: w3m: near-null deref (bsc#1011289)
CVE-2016-9441: w3m: near-null deref (bsc#1011290)
CVE-2016-9442: w3m: potential heap buffer corruption (bsc#1011291)
CVE-2016-9443: w3m: null deref (bsc#1011292)
ModerateSUSE bug 1011269SUSE bug 1011270SUSE bug 1011271SUSE bug 1011272SUSE bug 1011283SUSE bug 1011284SUSE bug 1011285SUSE bug 1011286SUSE bug 1011287SUSE bug 1011288SUSE bug 1011289SUSE bug 1011290SUSE bug 1011291SUSE bug 1011292SUSE bug 1011293SUSE bug 1012020SUSE bug 1012021SUSE bug 1012022SUSE bug 1012023SUSE bug 1012024SUSE bug 1012025SUSE bug 1012026SUSE bug 1012027SUSE bug 1012028SUSE bug 1012029SUSE bug 1012030SUSE bug 1012031SUSE bug 1012032CVE-2010-2074 at SUSECVE-2010-2074 at NVDCVE-2016-9422 at SUSECVE-2016-9422 at NVDCVE-2016-9423 at SUSECVE-2016-9423 at NVDCVE-2016-9424 at SUSECVE-2016-9424 at NVDCVE-2016-9425 at SUSECVE-2016-9425 at NVDCVE-2016-9434 at SUSECVE-2016-9434 at NVDCVE-2016-9435 at SUSECVE-2016-9435 at NVDCVE-2016-9436 at SUSECVE-2016-9436 at NVDCVE-2016-9437 at SUSECVE-2016-9437 at NVDCVE-2016-9438 at SUSECVE-2016-9438 at NVDCVE-2016-9439 at SUSECVE-2016-9439 at NVDCVE-2016-9440 at SUSECVE-2016-9440 at NVDCVE-2016-9441 at SUSECVE-2016-9441 at NVDCVE-2016-9442 at SUSECVE-2016-9442 at NVDCVE-2016-9443 at SUSECVE-2016-9443 at NVDCVE-2016-9621 at SUSECVE-2016-9621 at NVDCVE-2016-9622 at SUSECVE-2016-9622 at NVDCVE-2016-9623 at SUSECVE-2016-9623 at NVDCVE-2016-9624 at SUSECVE-2016-9624 at NVDCVE-2016-9625 at SUSECVE-2016-9625 at NVDCVE-2016-9626 at SUSECVE-2016-9626 at NVDCVE-2016-9627 at SUSECVE-2016-9627 at NVDCVE-2016-9628 at SUSECVE-2016-9628 at NVDCVE-2016-9629 at SUSECVE-2016-9629 at NVDCVE-2016-9630 at SUSECVE-2016-9630 at NVDCVE-2016-9631 at SUSECVE-2016-9631 at NVDCVE-2016-9632 at SUSECVE-2016-9632 at NVDCVE-2016-9633 at SUSECVE-2016-9633 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for w3m (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for w3m fixes several issues.
These security issues were fixed:
- CVE-2018-6196: Prevent infinite recursion in HTMLlineproc0 caused by the feed_table_block_tag function which did not prevent a negative indent value (bsc#1077559)
- CVE-2018-6197: Prevent NULL pointer dereference in formUpdateBuffer (bsc#1077568)
- CVE-2018-6198: w3m did not properly handle temporary files when the ~/.w3m directory is unwritable, which allowed a local attacker to craft a symlink attack to overwrite arbitrary files (bsc#1077572)
ModerateSUSE bug 1077559SUSE bug 1077568SUSE bug 1077572CVE-2018-6196 at SUSECVE-2018-6196 at NVDCVE-2018-6197 at SUSECVE-2018-6197 at NVDCVE-2018-6198 at SUSECVE-2018-6198 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wavpack (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for wavpack fixes the following issues:
- CVE-2016-10169 CVE-2016-10170 CVE-2016-10171 CVE-2016-10172: Make sure upper and lower boundaries make sense, to avoid out of bounds memory reads that could lead to crashes or disclosing memory. (bsc#1021483)
ModerateSUSE bug 1021483CVE-2016-10169 at SUSECVE-2016-10169 at NVDCVE-2016-10170 at SUSECVE-2016-10170 at NVDCVE-2016-10171 at SUSECVE-2016-10171 at NVDCVE-2016-10172 at SUSECVE-2016-10172 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wavpack (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for wavpack fixes the following issues:
Security issues fixed:
- CVE-2018-19840: Fixed a denial-of-service in the WavpackPackInit function from pack_utils.c (bsc#1120930)
ModerateSUSE bug 1120930CVE-2018-19840 at SUSECVE-2018-19840 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wavpack (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for wavpack fixes the following issues:
- CVE-2020-35738: Fixed an out-of-bounds write in WavpackPackSamples (bsc#1180414).
ImportantSUSE bug 1180414CVE-2020-35738 at SUSECVE-2020-35738 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wgetSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
wget has been updated to fix one security issue and two non-security
issues.
This security issue has been fixed:
* FTP symlink arbitrary filesystem access (CVE-2014-4877).
These non-security issues have been fixed:
* Fix displaying of download time (bnc#901276).
* Fix 0 size FTP downloads after failure (bnc#885069).
Security Issues:
* CVE-2014-4877
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877>
SUSE bug 885069SUSE bug 901276SUSE bug 902709CVE-2014-4877 at SUSECVE-2014-4877 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for wget (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for wget fixes the following issues:
- CVE-2016-4971: A HTTP to FTP redirection file name confusion vulnerability was fixed.
(bsc#984060).
- CVE-2016-7098: A potential race condition was fixed by creating files with .tmp ext
and making them accessible to the current user only. (bsc#995964)
Bug fixed:
- Wget failed with basicauth: Failed writing HTTP request: Bad file descriptor
(bsc#958342)
ModerateSUSE bug 958342SUSE bug 984060SUSE bug 995964CVE-2016-4971 at SUSECVE-2016-4971 at NVDCVE-2016-7098 at SUSECVE-2016-7098 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wget (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for wget fixes the following issues:
Security issue fixed:
- CVE-2017-6508: (url_parse): Reject control characters in host part of URL (bsc#1028301).
ModerateSUSE bug 1028301CVE-2017-6508 at SUSECVE-2017-6508 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wget (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for wget fixes the following issues:
- CVE-2018-0494: Fixed Cookie injection vulnerability by checking for
and joining continuation lines. (bsc#1092061)
ModerateSUSE bug 1092061CVE-2018-0494 at SUSECVE-2018-0494 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wiresharkSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
wireshark has been updated to version 1.10.11 to fix five security issues.
These security issues have been fixed:
* SigComp UDVM buffer overflow (CVE-2014-8710).
* AMQP dissector crash (CVE-2014-8711).
* NCP dissector crashes (CVE-2014-8712, CVE-2014-8713).
* TN5250 infinite loops (CVE-2014-8714).
This non-security issue was fixed: - enable zlib (bnc#899303).
Further bug fixes and updated protocol support are listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html
<https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html>
Security Issues:
* CVE-2014-8711
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8711>
* CVE-2014-8710
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8710>
* CVE-2014-8714
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8714>
* CVE-2014-8712
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8712>
* CVE-2014-8713
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8713>
SUSE bug 603251SUSE bug 613487SUSE bug 630599SUSE bug 643078SUSE bug 655448SUSE bug 662029SUSE bug 669908SUSE bug 672916SUSE bug 678567SUSE bug 678568SUSE bug 678569SUSE bug 678571SUSE bug 688109SUSE bug 697516SUSE bug 706728SUSE bug 718032SUSE bug 741187SUSE bug 741188SUSE bug 741190SUSE bug 754474SUSE bug 754476SUSE bug 754477SUSE bug 763855SUSE bug 763857SUSE bug 763859SUSE bug 772738SUSE bug 776083SUSE bug 792005SUSE bug 801131SUSE bug 807942SUSE bug 813217SUSE bug 816517SUSE bug 816887SUSE bug 820973SUSE bug 824900SUSE bug 831718SUSE bug 839607SUSE bug 848738SUSE bug 855980SUSE bug 856495SUSE bug 856496SUSE bug 856498SUSE bug 867485SUSE bug 889854SUSE bug 889899SUSE bug 889900SUSE bug 889901SUSE bug 889906SUSE bug 897055SUSE bug 899303SUSE bug 905245SUSE bug 905246SUSE bug 905247SUSE bug 905248SUSE bug 912365SUSE bug 912368SUSE bug 912369SUSE bug 912370SUSE bug 912372SUSE bug 920696SUSE bug 920697SUSE bug 920699SUSE bug 930691CVE-2010-1455 at SUSECVE-2010-1455 at NVDCVE-2010-2283 at SUSECVE-2010-2283 at NVDCVE-2010-2284 at SUSECVE-2010-2284 at NVDCVE-2010-2285 at SUSECVE-2010-2285 at NVDCVE-2010-2286 at SUSECVE-2010-2286 at NVDCVE-2010-2287 at SUSECVE-2010-2287 at NVDCVE-2010-2992 at SUSECVE-2010-2992 at NVDCVE-2010-2993 at SUSECVE-2010-2993 at NVDCVE-2010-2994 at SUSECVE-2010-2994 at NVDCVE-2010-2995 at SUSECVE-2010-2995 at NVDCVE-2010-3445 at SUSECVE-2010-3445 at NVDCVE-2010-4300 at SUSECVE-2010-4300 at NVDCVE-2010-4301 at SUSECVE-2010-4301 at NVDCVE-2010-4538 at SUSECVE-2010-4538 at NVDCVE-2011-0444 at SUSECVE-2011-0444 at NVDCVE-2011-0445 at SUSECVE-2011-0445 at NVDCVE-2011-0538 at SUSECVE-2011-0538 at NVDCVE-2011-0713 at SUSECVE-2011-0713 at NVDCVE-2011-1138 at SUSECVE-2011-1138 at NVDCVE-2011-1139 at SUSECVE-2011-1139 at NVDCVE-2011-1140 at SUSECVE-2011-1140 at NVDCVE-2011-1143 at SUSECVE-2011-1143 at NVDCVE-2011-1590 at SUSECVE-2011-1590 at NVDCVE-2011-1591 at SUSECVE-2011-1591 at NVDCVE-2011-1592 at SUSECVE-2011-1592 at NVDCVE-2011-1957 at SUSECVE-2011-1957 at NVDCVE-2011-1958 at SUSECVE-2011-1958 at NVDCVE-2011-1959 at SUSECVE-2011-1959 at NVDCVE-2011-2174 at SUSECVE-2011-2174 at NVDCVE-2011-2175 at SUSECVE-2011-2175 at NVDCVE-2011-2597 at SUSECVE-2011-2597 at NVDCVE-2011-2698 at SUSECVE-2011-2698 at NVDCVE-2011-3266 at SUSECVE-2011-3266 at NVDCVE-2011-3360 at SUSECVE-2011-3360 at NVDCVE-2011-3483 at SUSECVE-2011-3483 at NVDCVE-2012-0041 at SUSECVE-2012-0041 at NVDCVE-2012-0042 at SUSECVE-2012-0042 at NVDCVE-2012-0043 at SUSECVE-2012-0043 at NVDCVE-2012-0066 at SUSECVE-2012-0066 at NVDCVE-2012-0067 at SUSECVE-2012-0067 at NVDCVE-2012-0068 at SUSECVE-2012-0068 at NVDCVE-2012-1593 at SUSECVE-2012-1593 at NVDCVE-2012-1595 at SUSECVE-2012-1595 at NVDCVE-2012-1596 at SUSECVE-2012-1596 at NVDCVE-2012-2392 at SUSECVE-2012-2392 at NVDCVE-2012-2393 at SUSECVE-2012-2393 at NVDCVE-2012-2394 at SUSECVE-2012-2394 at NVDCVE-2012-4048 at SUSECVE-2012-4048 at NVDCVE-2012-4049 at SUSECVE-2012-4049 at NVDCVE-2012-4285 at SUSECVE-2012-4285 at NVDCVE-2012-4288 at SUSECVE-2012-4288 at NVDCVE-2012-4289 at SUSECVE-2012-4289 at NVDCVE-2012-4290 at SUSECVE-2012-4290 at NVDCVE-2012-4291 at SUSECVE-2012-4291 at NVDCVE-2012-4292 at SUSECVE-2012-4292 at NVDCVE-2012-4293 at SUSECVE-2012-4293 at NVDCVE-2012-4296 at SUSECVE-2012-4296 at NVDCVE-2012-5592 at SUSECVE-2012-5592 at NVDCVE-2012-5593 at SUSECVE-2012-5593 at NVDCVE-2012-5594 at SUSECVE-2012-5594 at NVDCVE-2012-5595 at SUSECVE-2012-5595 at NVDCVE-2012-5596 at SUSECVE-2012-5596 at NVDCVE-2012-5597 at SUSECVE-2012-5597 at NVDCVE-2012-5598 at SUSECVE-2012-5598 at NVDCVE-2012-5599 at SUSECVE-2012-5599 at NVDCVE-2012-5600 at SUSECVE-2012-5600 at NVDCVE-2012-5601 at SUSECVE-2012-5601 at NVDCVE-2012-5602 at SUSECVE-2012-5602 at NVDCVE-2013-1572 at SUSECVE-2013-1572 at NVDCVE-2013-1573 at SUSECVE-2013-1573 at NVDCVE-2013-1574 at SUSECVE-2013-1574 at NVDCVE-2013-1575 at SUSECVE-2013-1575 at NVDCVE-2013-1576 at SUSECVE-2013-1576 at NVDCVE-2013-1577 at SUSECVE-2013-1577 at NVDCVE-2013-1578 at SUSECVE-2013-1578 at NVDCVE-2013-1579 at SUSECVE-2013-1579 at NVDCVE-2013-1580 at SUSECVE-2013-1580 at NVDCVE-2013-1581 at SUSECVE-2013-1581 at NVDCVE-2013-1582 at SUSECVE-2013-1582 at NVDCVE-2013-1583 at SUSECVE-2013-1583 at NVDCVE-2013-1584 at SUSECVE-2013-1584 at NVDCVE-2013-1585 at SUSECVE-2013-1585 at NVDCVE-2013-1586 at SUSECVE-2013-1586 at NVDCVE-2013-1587 at SUSECVE-2013-1587 at NVDCVE-2013-1588 at SUSECVE-2013-1588 at NVDCVE-2013-1589 at SUSECVE-2013-1589 at NVDCVE-2013-1590 at SUSECVE-2013-1590 at NVDCVE-2013-2475 at SUSECVE-2013-2475 at NVDCVE-2013-2476 at SUSECVE-2013-2476 at NVDCVE-2013-2477 at SUSECVE-2013-2477 at NVDCVE-2013-2478 at SUSECVE-2013-2478 at NVDCVE-2013-2479 at SUSECVE-2013-2479 at NVDCVE-2013-2480 at SUSECVE-2013-2480 at NVDCVE-2013-2481 at SUSECVE-2013-2481 at NVDCVE-2013-2482 at SUSECVE-2013-2482 at NVDCVE-2013-2483 at SUSECVE-2013-2483 at NVDCVE-2013-2484 at SUSECVE-2013-2484 at NVDCVE-2013-2485 at SUSECVE-2013-2485 at NVDCVE-2013-2486 at SUSECVE-2013-2486 at NVDCVE-2013-2487 at SUSECVE-2013-2487 at NVDCVE-2013-2488 at SUSECVE-2013-2488 at NVDCVE-2013-3555 at SUSECVE-2013-3555 at NVDCVE-2013-3556 at SUSECVE-2013-3556 at NVDCVE-2013-3557 at SUSECVE-2013-3557 at NVDCVE-2013-3558 at SUSECVE-2013-3558 at NVDCVE-2013-3559 at SUSECVE-2013-3559 at NVDCVE-2013-3560 at SUSECVE-2013-3560 at NVDCVE-2013-3561 at SUSECVE-2013-3561 at NVDCVE-2013-3562 at SUSECVE-2013-3562 at NVDCVE-2013-4074 at SUSECVE-2013-4074 at NVDCVE-2013-4075 at SUSECVE-2013-4075 at NVDCVE-2013-4076 at SUSECVE-2013-4076 at NVDCVE-2013-4077 at SUSECVE-2013-4077 at NVDCVE-2013-4078 at SUSECVE-2013-4078 at NVDCVE-2013-4079 at SUSECVE-2013-4079 at NVDCVE-2013-4080 at SUSECVE-2013-4080 at NVDCVE-2013-4081 at SUSECVE-2013-4081 at NVDCVE-2013-4082 at SUSECVE-2013-4082 at NVDCVE-2013-4083 at SUSECVE-2013-4083 at NVDCVE-2013-4929 at SUSECVE-2013-4929 at NVDCVE-2013-4930 at SUSECVE-2013-4930 at NVDCVE-2013-4931 at SUSECVE-2013-4931 at NVDCVE-2013-4932 at SUSECVE-2013-4932 at NVDCVE-2013-4933 at SUSECVE-2013-4933 at NVDCVE-2013-4934 at SUSECVE-2013-4934 at NVDCVE-2013-4935 at SUSECVE-2013-4935 at NVDCVE-2013-6336 at SUSECVE-2013-6336 at NVDCVE-2013-6337 at SUSECVE-2013-6337 at NVDCVE-2013-6338 at SUSECVE-2013-6338 at NVDCVE-2013-6339 at SUSECVE-2013-6339 at NVDCVE-2013-6340 at SUSECVE-2013-6340 at NVDCVE-2013-7112 at SUSECVE-2013-7112 at NVDCVE-2013-7113 at SUSECVE-2013-7113 at NVDCVE-2013-7114 at SUSECVE-2013-7114 at NVDCVE-2014-2281 at SUSECVE-2014-2281 at NVDCVE-2014-2282 at SUSECVE-2014-2282 at NVDCVE-2014-2283 at SUSECVE-2014-2283 at NVDCVE-2014-2299 at SUSECVE-2014-2299 at NVDCVE-2014-6421 at SUSECVE-2014-6421 at NVDCVE-2014-6422 at SUSECVE-2014-6422 at NVDCVE-2014-6423 at SUSECVE-2014-6423 at NVDCVE-2014-6424 at SUSECVE-2014-6424 at NVDCVE-2014-6427 at SUSECVE-2014-6427 at NVDCVE-2014-6428 at SUSECVE-2014-6428 at NVDCVE-2014-6429 at SUSECVE-2014-6429 at NVDCVE-2014-6430 at SUSECVE-2014-6430 at NVDCVE-2014-6431 at SUSECVE-2014-6431 at NVDCVE-2014-6432 at SUSECVE-2014-6432 at NVDCVE-2014-8710 at SUSECVE-2014-8710 at NVDCVE-2014-8711 at SUSECVE-2014-8711 at NVDCVE-2014-8712 at SUSECVE-2014-8712 at NVDCVE-2014-8713 at SUSECVE-2014-8713 at NVDCVE-2014-8714 at SUSECVE-2014-8714 at NVDCVE-2015-0559 at SUSECVE-2015-0559 at NVDCVE-2015-0560 at SUSECVE-2015-0560 at NVDCVE-2015-0561 at SUSECVE-2015-0561 at NVDCVE-2015-0562 at SUSECVE-2015-0562 at NVDCVE-2015-0563 at SUSECVE-2015-0563 at NVDCVE-2015-0564 at SUSECVE-2015-0564 at NVDCVE-2015-2188 at SUSECVE-2015-2188 at NVDCVE-2015-2189 at SUSECVE-2015-2189 at NVDCVE-2015-2191 at SUSECVE-2015-2191 at NVDCVE-2015-3811 at SUSECVE-2015-3811 at NVDCVE-2015-3812 at SUSECVE-2015-3812 at NVDCVE-2015-3814 at SUSECVE-2015-3814 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Wireshark has been updated to 1.12.7. (FATE#319388)
The following vulnerabilities have been fixed:
* Wireshark could crash when adding an item to the protocol tree. wnpa-sec-2015-21 CVE-2015-6241
* Wireshark could attempt to free invalid memory. wnpa-sec-2015-22 CVE-2015-6242
* Wireshark could crash when searching for a protocol dissector. wnpa-sec-2015-23 CVE-2015-6243
* The ZigBee dissector could crash. wnpa-sec-2015-24 CVE-2015-6244
* The GSM RLC/MAC dissector could go into an infinite loop. wnpa-sec-2015-25 CVE-2015-6245
* The WaveAgent dissector could crash. wnpa-sec-2015-26 CVE-2015-6246
* The OpenFlow dissector could go into an infinite loop. wnpa-sec-2015-27 CVE-2015-6247
* Wireshark could crash due to invalid ptvcursor length checking. wnpa-sec-2015-28 CVE-2015-6248
* The WCCP dissector could crash. wnpa-sec-2015-29 CVE-2015-6249
* Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.12.7.html
Also a fix from 1.12.6 in GSM DTAP was backported. (bnc#935158 CVE-2015-4652)
ModerateSUSE bug 935158SUSE bug 941500CVE-2015-3813 at SUSECVE-2015-3813 at NVDCVE-2015-4652 at SUSECVE-2015-4652 at NVDCVE-2015-6241 at SUSECVE-2015-6241 at NVDCVE-2015-6242 at SUSECVE-2015-6242 at NVDCVE-2015-6243 at SUSECVE-2015-6243 at NVDCVE-2015-6244 at SUSECVE-2015-6244 at NVDCVE-2015-6245 at SUSECVE-2015-6245 at NVDCVE-2015-6246 at SUSECVE-2015-6246 at NVDCVE-2015-6247 at SUSECVE-2015-6247 at NVDCVE-2015-6248 at SUSECVE-2015-6248 at NVDCVE-2015-6249 at SUSECVE-2015-6249 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wireshark (Low)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update contains Wireshark 1.12.9 and fixes the following issues:
* CVE-2015-7830: pcapng file parser could crash while copying an interface filter (bsc#950437)
* CVE-2015-8711: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
* CVE-2015-8712: The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8713: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
* CVE-2015-8714: The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8715: epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
* CVE-2015-8716: The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8717: The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8718: Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the 'Match MSG/RES packets for async NLM' option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8719: The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8720: The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8721: Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression.
* CVE-2015-8722: epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
* CVE-2015-8723: The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted
* CVE-2015-8724: The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
* CVE-2015-8725: The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
* CVE-2015-8726: wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
* CVE-2015-8727: The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.
* CVE-2015-8728: The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet.
* CVE-2015-8729: The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
* CVE-2015-8730: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet.
* CVE-2015-8731: The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
* CVE-2015-8732: The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
* CVE-2015-8733: The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
LowSUSE bug 950437SUSE bug 960382CVE-2015-7830 at SUSECVE-2015-7830 at NVDCVE-2015-8711 at SUSECVE-2015-8711 at NVDCVE-2015-8712 at SUSECVE-2015-8712 at NVDCVE-2015-8713 at SUSECVE-2015-8713 at NVDCVE-2015-8714 at SUSECVE-2015-8714 at NVDCVE-2015-8715 at SUSECVE-2015-8715 at NVDCVE-2015-8716 at SUSECVE-2015-8716 at NVDCVE-2015-8717 at SUSECVE-2015-8717 at NVDCVE-2015-8718 at SUSECVE-2015-8718 at NVDCVE-2015-8719 at SUSECVE-2015-8719 at NVDCVE-2015-8720 at SUSECVE-2015-8720 at NVDCVE-2015-8721 at SUSECVE-2015-8721 at NVDCVE-2015-8722 at SUSECVE-2015-8722 at NVDCVE-2015-8723 at SUSECVE-2015-8723 at NVDCVE-2015-8724 at SUSECVE-2015-8724 at NVDCVE-2015-8725 at SUSECVE-2015-8725 at NVDCVE-2015-8726 at SUSECVE-2015-8726 at NVDCVE-2015-8727 at SUSECVE-2015-8727 at NVDCVE-2015-8728 at SUSECVE-2015-8728 at NVDCVE-2015-8729 at SUSECVE-2015-8729 at NVDCVE-2015-8730 at SUSECVE-2015-8730 at NVDCVE-2015-8731 at SUSECVE-2015-8731 at NVDCVE-2015-8732 at SUSECVE-2015-8732 at NVDCVE-2015-8733 at SUSECVE-2015-8733 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update to Wireshark 1 12.11 fixes a number issues in protocol dissectors that could have allowed a remote attacker to crash Wireshark or cause excessive CPU usage through specially crafted packages inserted into the network or a capture file.
- The PKTC dissector could crash (wnpa-sec-2016-22)
- The PKTC dissector could crash (wnpa-sec-2016-23)
- The IAX2 dissector could go into an infinite loop (wnpa-sec-2016-24)
- Wireshark and TShark could exhaust the stack (wnpa-sec-2016-25)
- The GSM CBCH dissector could crash (wnpa-sec-2016-26)
- The NCP dissector could crash (wnpa-sec-2016-28)
- CVE-2016-2523: DNP dissector infinite loop (wnpa-sec-2016-03)
- CVE-2016-2530: RSL dissector crash (wnpa-sec-2016-10)
- CVE-2016-2531: RSL dissector crash (wnpa-sec-2016-10)
- CVE-2016-2532: LLRP dissector crash (wnpa-sec-2016-11)
- GSM A-bis OML dissector crash (wnpa-sec-2016-14)
- ASN.1 BER dissector crash (wnpa-sec-2016-15)
- ASN.1 BER dissector crash (wnpa-sec-2016-18)
Also containsfurther bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.12.11.html
https://www.wireshark.org/docs/relnotes/wireshark-1.12.10.html
ModerateSUSE bug 968565SUSE bug 976944CVE-2016-2523 at SUSECVE-2016-2523 at NVDCVE-2016-2530 at SUSECVE-2016-2530 at NVDCVE-2016-2531 at SUSECVE-2016-2531 at NVDCVE-2016-2532 at SUSECVE-2016-2532 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update to wireshark 1.12.13 fixes the following issues:
- CVE-2016-6504: wireshark: NDS dissector crash (bsc#991012)
- CVE-2016-6505: wireshark: PacketBB dissector could divide by zero (bsc#991013)
- CVE-2016-6506: wireshark: WSP infinite loop (bsc#991015)
- CVE-2016-6507: wireshark: MMSE infinite loop (bsc#991016)
- CVE-2016-6508: wireshark: RLC long loop (bsc#991017)
- CVE-2016-6509: wireshark: LDSS dissector crash (bsc#991018)
- CVE-2016-6510: wireshark: RLC dissector crash (bsc#991019)
- CVE-2016-6511: wireshark: OpenFlow long loop (bnc991020)
- CVE-2016-5350: SPOOLS infinite loop (bsc#983671)
- CVE-2016-5351: IEEE 802.11 dissector crash (bsc#983671)
- CVE-2016-5352: IEEE 802.11 dissector crash, different from wpna-sec-2016-30 (bsc#983671)
- CVE-2016-5353: UMTS FP crash (bsc#983671)
- CVE-2016-5354: USB dissector crash (bsc#983671)
- CVE-2016-5355: Toshiba file parser crash (bsc#983671)
- CVE-2016-5356: CoSine file parser crash (bsc#983671)
- CVE-2016-5357: NetScreen file parser crash (bsc#983671)
- CVE-2016-5358: Ethernet dissector crash (bsc#983671)
- CVE-2016-5359: WBXML infinite loop (bsc#983671)
For more details please see:
https://www.wireshark.org/docs/relnotes/wireshark-1.12.12.html
https://www.wireshark.org/docs/relnotes/wireshark-1.12.13.html
ModerateSUSE bug 983671SUSE bug 991012SUSE bug 991013SUSE bug 991015SUSE bug 991016SUSE bug 991017SUSE bug 991018SUSE bug 991019SUSE bug 991020CVE-2016-5350 at SUSECVE-2016-5350 at NVDCVE-2016-5351 at SUSECVE-2016-5351 at NVDCVE-2016-5352 at SUSECVE-2016-5352 at NVDCVE-2016-5353 at SUSECVE-2016-5353 at NVDCVE-2016-5354 at SUSECVE-2016-5354 at NVDCVE-2016-5355 at SUSECVE-2016-5355 at NVDCVE-2016-5356 at SUSECVE-2016-5356 at NVDCVE-2016-5357 at SUSECVE-2016-5357 at NVDCVE-2016-5358 at SUSECVE-2016-5358 at NVDCVE-2016-5359 at SUSECVE-2016-5359 at NVDCVE-2016-6504 at SUSECVE-2016-6504 at NVDCVE-2016-6505 at SUSECVE-2016-6505 at NVDCVE-2016-6506 at SUSECVE-2016-6506 at NVDCVE-2016-6507 at SUSECVE-2016-6507 at NVDCVE-2016-6508 at SUSECVE-2016-6508 at NVDCVE-2016-6509 at SUSECVE-2016-6509 at NVDCVE-2016-6510 at SUSECVE-2016-6510 at NVDCVE-2016-6511 at SUSECVE-2016-6511 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Wireshark was updated to version 2.0.12, which brings several new features, enhancements
and bug fixes.
These security issues were fixed:
- CVE-2017-7700: In Wireshark the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size (bsc#1033936).
- CVE-2017-7701: In Wireshark the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type (bsc#1033937).
- CVE-2017-7702: In Wireshark the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation (bsc#1033938).
- CVE-2017-7703: In Wireshark the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly (bsc#1033939).
- CVE-2017-7704: In Wireshark the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value (bsc#1033940).
- CVE-2017-7705: In Wireshark the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset (bsc#1033941).
- CVE-2017-7745: In Wireshark the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check (bsc#1033942).
- CVE-2017-7746: In Wireshark the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length (bsc#1033943).
- CVE-2017-7747: In Wireshark the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-packetbb.c by restricting additions to the protocol tree (bsc#1033944).
- CVE-2017-7748: In Wireshark the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check (bsc#1033945).
- CVE-2016-7179: Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark allowed remote attackers to cause a denial of service (application crash) via a crafted packet (bsc#998963).
- CVE-2016-9376: In Wireshark the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large (bsc#1010735).
- CVE-2016-9375: In Wireshark the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful (bsc#1010740).
- CVE-2016-9374: In Wireshark the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable (bsc#1010752).
- CVE-2016-9373: In Wireshark the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private strings (bsc#1010754).
- CVE-2016-7175: epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark mishandled MAC address data, which allowed remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet (bsc#998761).
- CVE-2016-7176: epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark called snprintf with one of its input buffers as the output buffer, which allowed remote attackers to cause a denial of service (copy overlap and application crash) via a crafted packet (bsc#998762).
- CVE-2016-7177: epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark did not restrict the number of channels, which allowed remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet (bsc#998763).
- CVE-2016-7180: epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark did not properly consider whether a string is constant, which allowed remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet (bsc#998800).
- CVE-2016-7178: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark did not ensure that memory is allocated for certain data structures, which allowed remote attackers to cause a denial of service (invalid write access and application crash) via a crafted packet (bsc#998964).
- CVE-2017-6014: In Wireshark a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory (bsc#1025913).
- CVE-2017-5596: In Wireshark the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow (bsc#1021739).
- CVE-2017-5597: In Wireshark the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow (bsc#1021739).
ModerateSUSE bug 1002981SUSE bug 1010735SUSE bug 1010740SUSE bug 1010752SUSE bug 1010754SUSE bug 1010911SUSE bug 1021739SUSE bug 1025913SUSE bug 1027998SUSE bug 1033936SUSE bug 1033937SUSE bug 1033938SUSE bug 1033939SUSE bug 1033940SUSE bug 1033941SUSE bug 1033942SUSE bug 1033943SUSE bug 1033944SUSE bug 1033945SUSE bug 998761SUSE bug 998762SUSE bug 998763SUSE bug 998800SUSE bug 998963SUSE bug 998964CVE-2016-7175 at SUSECVE-2016-7175 at NVDCVE-2016-7176 at SUSECVE-2016-7176 at NVDCVE-2016-7177 at SUSECVE-2016-7177 at NVDCVE-2016-7178 at SUSECVE-2016-7178 at NVDCVE-2016-7179 at SUSECVE-2016-7179 at NVDCVE-2016-7180 at SUSECVE-2016-7180 at NVDCVE-2016-9373 at SUSECVE-2016-9373 at NVDCVE-2016-9374 at SUSECVE-2016-9374 at NVDCVE-2016-9375 at SUSECVE-2016-9375 at NVDCVE-2016-9376 at SUSECVE-2016-9376 at NVDCVE-2017-5596 at SUSECVE-2017-5596 at NVDCVE-2017-5597 at SUSECVE-2017-5597 at NVDCVE-2017-6014 at SUSECVE-2017-6014 at NVDCVE-2017-7700 at SUSECVE-2017-7700 at NVDCVE-2017-7701 at SUSECVE-2017-7701 at NVDCVE-2017-7702 at SUSECVE-2017-7702 at NVDCVE-2017-7703 at SUSECVE-2017-7703 at NVDCVE-2017-7704 at SUSECVE-2017-7704 at NVDCVE-2017-7705 at SUSECVE-2017-7705 at NVDCVE-2017-7745 at SUSECVE-2017-7745 at NVDCVE-2017-7746 at SUSECVE-2017-7746 at NVDCVE-2017-7747 at SUSECVE-2017-7747 at NVDCVE-2017-7748 at SUSECVE-2017-7748 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The network analysis tool wireshark was updated to version 2.0.13 to fix the following issues:
* CVE-2017-9352: Bazaar dissector infinite loop (wnpa-sec-2017-22) (bsc#1042304)
* CVE-2017-9348: DOF dissector read overflow (wnpa-sec-2017-23) (bsc#1042303)
* CVE-2017-9351: DHCP dissector read overflow (wnpa-sec-2017-24) (bsc#1042302)
* CVE-2017-9346: SoulSeek dissector infinite loop (wnpa-sec-2017-25) (bsc#1042301)
* CVE-2017-9345: DNS dissector infinite loop (wnpa-sec-2017-26) (bsc#1042300)
* CVE-2017-9349: DICOM dissector infinite loop (wnpa-sec-2017-27) (bsc#1042305)
* CVE-2017-9350: openSAFETY dissector memory exh.. (wnpa-sec-2017-28) (bsc#1042299)
* CVE-2017-9344: BT L2CAP dissector divide by zero (wnpa-sec-2017-29) (bsc#1042298)
* CVE-2017-9343: MSNIP dissector crash (wnpa-sec-2017-30) (bsc#1042309)
* CVE-2017-9347: ROS dissector crash (wnpa-sec-2017-31) (bsc#1042308)
* CVE-2017-9354: RGMP dissector crash (wnpa-sec-2017-32) (bsc#1042307)
* CVE-2017-9353: wireshark: IPv6 dissector crash (wnpa-sec-2017-33) (bsc#1042306)
ModerateSUSE bug 1042298SUSE bug 1042299SUSE bug 1042300SUSE bug 1042301SUSE bug 1042302SUSE bug 1042303SUSE bug 1042304SUSE bug 1042305SUSE bug 1042306SUSE bug 1042307SUSE bug 1042308SUSE bug 1042309CVE-2017-9343 at SUSECVE-2017-9343 at NVDCVE-2017-9344 at SUSECVE-2017-9344 at NVDCVE-2017-9345 at SUSECVE-2017-9345 at NVDCVE-2017-9346 at SUSECVE-2017-9346 at NVDCVE-2017-9347 at SUSECVE-2017-9347 at NVDCVE-2017-9348 at SUSECVE-2017-9348 at NVDCVE-2017-9349 at SUSECVE-2017-9349 at NVDCVE-2017-9350 at SUSECVE-2017-9350 at NVDCVE-2017-9351 at SUSECVE-2017-9351 at NVDCVE-2017-9352 at SUSECVE-2017-9352 at NVDCVE-2017-9353 at SUSECVE-2017-9353 at NVDCVE-2017-9354 at SUSECVE-2017-9354 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This wireshark update to version 2.2.8 fixes the following issues:
Security issues fixed:
- CVE-2017-11411: The openSAFETY dissectorcould crash or exhaust system memory because of missing
length validation. (bsc#1049621)
- CVE-2017-11410: The WBXML dissector could go into an infinite loop. (bsc#1049255)
- CVE-2017-11408: The AMQP dissector could crash. (bsc#1049255)
- CVE-2017-11407: The MQ dissector could crash. (bsc#1049255)
- CVE-2017-11406: The DOCSIS dissector could go into an infinite loop. (bsc#1049255)
ModerateSUSE bug 1049255SUSE bug 1049621CVE-2017-11406 at SUSECVE-2017-11406 at NVDCVE-2017-11407 at SUSECVE-2017-11407 at NVDCVE-2017-11408 at SUSECVE-2017-11408 at NVDCVE-2017-11410 at SUSECVE-2017-11410 at NVDCVE-2017-11411 at SUSECVE-2017-11411 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for wireshark to version 2.2.11 fixes several issues.
These security issues were fixed:
- CVE-2017-13767: The MSDP dissector could have gone into an infinite loop.
This was addressed by adding length validation (bsc#1056248)
- CVE-2017-13766: The Profinet I/O dissector could have crash with an
out-of-bounds write. This was addressed by adding string validation
(bsc#1056249)
- CVE-2017-13765: The IrCOMM dissector had a buffer over-read and application
crash. This was addressed by adding length validation (bsc#1056251)
- CVE-2017-9766: PROFINET IO data with a high recursion depth allowed remote
attackers to cause a denial of service (stack exhaustion) in the
dissect_IODWriteReq function (bsc#1045341)
- CVE-2017-9617: Deeply nested DAAP data may have cause stack exhaustion
(uncontrolled recursion) in the dissect_daap_one_tag function in the DAAP
dissector (bsc#1044417)
- CVE-2017-15192: The BT ATT dissector could crash. This was addressed
in epan/dissectors/packet-btatt.c by considering a case where not all
of the BTATT packets have the same encapsulation level. (bsc#1062645)
- CVE-2017-15193: The MBIM dissector could crash or exhaust system
memory. This was addressed in epan/dissectors/packet-mbim.c by changing
the memory-allocation approach. (bsc#1062645)
- CVE-2017-15191: The DMP dissector could crash. This was addressed in
epan/dissectors/packet-dmp.c by validating a string length. (bsc#1062645)
- CVE-2017-17083: NetBIOS dissector could crash. This was addressed in
epan/dissectors/packet-netbios.c by ensuring that write operations are
bounded by the beginning of a buffer. (bsc#1070727)
- CVE-2017-17084: IWARP_MPA dissector could crash. This was addressed
in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU
length. (bsc#1070727)
- CVE-2017-17085: the CIP Safety dissector could crash. This was
addressed in epan/dissectors/packet-cipsafety.c by validating the packet
length. (bsc#1070727)
ModerateSUSE bug 1044417SUSE bug 1045341SUSE bug 1056248SUSE bug 1056249SUSE bug 1056251SUSE bug 1062645SUSE bug 1070727CVE-2017-13765 at SUSECVE-2017-13765 at NVDCVE-2017-13766 at SUSECVE-2017-13766 at NVDCVE-2017-13767 at SUSECVE-2017-13767 at NVDCVE-2017-15191 at SUSECVE-2017-15191 at NVDCVE-2017-15192 at SUSECVE-2017-15192 at NVDCVE-2017-15193 at SUSECVE-2017-15193 at NVDCVE-2017-17083 at SUSECVE-2017-17083 at NVDCVE-2017-17084 at SUSECVE-2017-17084 at NVDCVE-2017-17085 at SUSECVE-2017-17085 at NVDCVE-2017-9617 at SUSECVE-2017-9617 at NVDCVE-2017-9766 at SUSECVE-2017-9766 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for wireshark to version 2.2.12 fixes the following issues:
- CVE-2018-5334: IxVeriWave file could crash (bsc#1075737)
- CVE-2018-5335: WCP dissector could crash (bsc#1075738)
- CVE-2018-5336: Multiple dissector crashes (bsc#1075739)
- CVE-2017-17935: Incorrect handling of '\n' in file_read_line function could
have lead to denial of service (bsc#1074171)
This release no longer enables the Linux kernel BPF JIT compiler via the
net.core.bpf_jit_enable sysctl, as this would make systems more vulnerable
to Spectre variant 1 CVE-2017-5753 - (bsc#1075748)
Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.12.html
ModerateSUSE bug 1074171SUSE bug 1075737SUSE bug 1075738SUSE bug 1075739SUSE bug 1075748CVE-2017-17935 at SUSECVE-2017-17935 at NVDCVE-2018-5334 at SUSECVE-2018-5334 at NVDCVE-2018-5335 at SUSECVE-2018-5335 at NVDCVE-2018-5336 at SUSECVE-2018-5336 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for wireshark fixes the following issues:
Security issue fixed (bsc#1082692):
- CVE-2018-7335: The IEEE 802.11 dissector could crash (wnpa-sec-2018-05)
- CVE-2018-7321: thrift long dissector loop (dissect_thrift_map)
- CVE-2018-7322: DICOM: inifinite loop (dissect_dcm_tag)
- CVE-2018-7323: WCCP: very long loop (dissect_wccp2_alternate_mask_value_set_element)
- CVE-2018-7324: SCCP: infinite loop (dissect_sccp_optional_parameters)
- CVE-2018-7325: RPKI-Router Protocol: infinite loop (dissect_rpkirtr_pdu)
- CVE-2018-7326: LLTD: infinite loop (dissect_lltd_tlv)
- CVE-2018-7327: openflow_v6: infinite loop (dissect_openflow_bundle_control_v6)
- CVE-2018-7328: USB-DARWIN: long loop (dissect_darwin_usb_iso_transfer)
- CVE-2018-7329: S7COMM: infinite loop (s7comm_decode_ud_cpu_alarm_main)
- CVE-2018-7330: thread_meshcop: infinite loop (get_chancount)
- CVE-2018-7331: GTP: infinite loop (dissect_gprscdr_GGSNPDPRecord, dissect_ber_set)
- CVE-2018-7332: RELOAD: infinite loop (dissect_statans)
- CVE-2018-7333: RPCoRDMA: infinite loop in get_write_list_chunk_count
- CVE-2018-7421: Multiple dissectors could go into large infinite loops (wnpa-sec-2018-06)
- CVE-2018-7334: The UMTS MAC dissector could crash (wnpa-sec-2018-07)
- CVE-2018-7337: The DOCSIS dissector could crash (wnpa-sec-2018-08)
- CVE-2018-7336: The FCP dissector could crash (wnpa-sec-2018-09)
- CVE-2018-7320: The SIGCOMP dissector could crash (wnpa-sec-2018-10)
- CVE-2018-7420: The pcapng file parser could crash (wnpa-sec-2018-11)
- CVE-2018-7417: The IPMI dissector could crash (wnpa-sec-2018-12)
- CVE-2018-7418: The SIGCOMP dissector could crash (wnpa-sec-2018-13)
- CVE-2018-7419: The NBAP disssector could crash (wnpa-sec-2018-14)
- CVE-2017-17997: Misuse of NULL pointer in MRDISC dissector (bsc#1077080).
ModerateSUSE bug 1077080SUSE bug 1082692CVE-2017-17997 at SUSECVE-2017-17997 at NVDCVE-2018-7320 at SUSECVE-2018-7320 at NVDCVE-2018-7321 at SUSECVE-2018-7321 at NVDCVE-2018-7322 at SUSECVE-2018-7322 at NVDCVE-2018-7323 at SUSECVE-2018-7323 at NVDCVE-2018-7324 at SUSECVE-2018-7324 at NVDCVE-2018-7325 at SUSECVE-2018-7325 at NVDCVE-2018-7326 at SUSECVE-2018-7326 at NVDCVE-2018-7327 at SUSECVE-2018-7327 at NVDCVE-2018-7328 at SUSECVE-2018-7328 at NVDCVE-2018-7329 at SUSECVE-2018-7329 at NVDCVE-2018-7330 at SUSECVE-2018-7330 at NVDCVE-2018-7331 at SUSECVE-2018-7331 at NVDCVE-2018-7332 at SUSECVE-2018-7332 at NVDCVE-2018-7333 at SUSECVE-2018-7333 at NVDCVE-2018-7334 at SUSECVE-2018-7334 at NVDCVE-2018-7335 at SUSECVE-2018-7335 at NVDCVE-2018-7336 at SUSECVE-2018-7336 at NVDCVE-2018-7337 at SUSECVE-2018-7337 at NVDCVE-2018-7417 at SUSECVE-2018-7417 at NVDCVE-2018-7418 at SUSECVE-2018-7418 at NVDCVE-2018-7419 at SUSECVE-2018-7419 at NVDCVE-2018-7420 at SUSECVE-2018-7420 at NVDCVE-2018-7421 at SUSECVE-2018-7421 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for wireshark fixes the following issues:
- Update to wireshark 2.2.14, fix such issues:
* bsc#1088200 VUL-0: wireshark: multiple vulnerabilities
fixed in 2.2.14, 2.4.6
* CVE-2018-9256: LWAPP dissector crash
* CVE-2018-9260: IEEE 802.15.4 dissector crash
* CVE-2018-9261: NBAP dissector crash
* CVE-2018-9262: VLAN dissector crash
* CVE-2018-9263: Kerberos dissector crash
* CVE-2018-9264: ADB dissector crash
* CVE-2018-9265: tn3270 dissector has a memory leak
* CVE-2018-9266: ISUP dissector memory leak
* CVE-2018-9267: LAPD dissector memory leak
* CVE-2018-9268: SMB2 dissector memory leak
* CVE-2018-9269: GIOP dissector memory leak
* CVE-2018-9270: OIDS dissector memory leak
* CVE-2018-9271: multipart dissector memory leak
* CVE-2018-9272: h223 dissector memory leak
* CVE-2018-9273: pcp dissector memory leak
* CVE-2018-9274: failure message memory leak
* CVE-2018-9259: MP4 dissector crash
ModerateSUSE bug 1088200CVE-2018-9256 at SUSECVE-2018-9256 at NVDCVE-2018-9259 at SUSECVE-2018-9259 at NVDCVE-2018-9260 at SUSECVE-2018-9260 at NVDCVE-2018-9261 at SUSECVE-2018-9261 at NVDCVE-2018-9262 at SUSECVE-2018-9262 at NVDCVE-2018-9263 at SUSECVE-2018-9263 at NVDCVE-2018-9264 at SUSECVE-2018-9264 at NVDCVE-2018-9265 at SUSECVE-2018-9265 at NVDCVE-2018-9266 at SUSECVE-2018-9266 at NVDCVE-2018-9267 at SUSECVE-2018-9267 at NVDCVE-2018-9268 at SUSECVE-2018-9268 at NVDCVE-2018-9269 at SUSECVE-2018-9269 at NVDCVE-2018-9270 at SUSECVE-2018-9270 at NVDCVE-2018-9271 at SUSECVE-2018-9271 at NVDCVE-2018-9272 at SUSECVE-2018-9272 at NVDCVE-2018-9273 at SUSECVE-2018-9273 at NVDCVE-2018-9274 at SUSECVE-2018-9274 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for wireshark fixes the following issues:
Security issues fixed:
- bsc#1094301: Wireshark security update to 2.6.1, 2.4.7, 2.2.15
- CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, bsc#1101810)
- CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, bsc#1101776)
- CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, bsc#1101786)
- CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, bsc#1101788)
- CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, bsc#1101804)
- CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, bsc#1101777)
- CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, bsc#1101802)
- CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, bsc#1101800)
- CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, bsc#1101791)
- CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, bsc#1101794)
- CVE-2018-11355: Fix RTCP dissector crash (bsc#1094301).
- CVE-2018-11362: Fix LDSS dissector crash (bsc#1094301).
- CVE-2018-11361: Fix IEEE 802.11 dissector crash (bsc#1094301).
- CVE-2018-11360: Fix GSM A DTAP dissector crash (bsc#1094301).
- CVE-2018-11358: Fix Q.931 dissector crash (bsc#1094301).
- CVE-2018-11359: Fix multiple dissectors crashs (bsc#1094301).
- CVE-2018-11356: Fix DNS dissector crash (bsc#1094301).
- CVE-2018-11357: Fix multiple dissectors that could consume excessive memory (bsc#1094301).
- CVE-2018-11354: Fix IEEE 1905.1a dissector crash (bsc#1094301).
ModerateSUSE bug 1094301SUSE bug 1101776SUSE bug 1101777SUSE bug 1101786SUSE bug 1101788SUSE bug 1101791SUSE bug 1101794SUSE bug 1101800SUSE bug 1101802SUSE bug 1101804SUSE bug 1101810CVE-2018-11354 at SUSECVE-2018-11354 at NVDCVE-2018-11355 at SUSECVE-2018-11355 at NVDCVE-2018-11356 at SUSECVE-2018-11356 at NVDCVE-2018-11357 at SUSECVE-2018-11357 at NVDCVE-2018-11358 at SUSECVE-2018-11358 at NVDCVE-2018-11359 at SUSECVE-2018-11359 at NVDCVE-2018-11360 at SUSECVE-2018-11360 at NVDCVE-2018-11361 at SUSECVE-2018-11361 at NVDCVE-2018-11362 at SUSECVE-2018-11362 at NVDCVE-2018-14339 at SUSECVE-2018-14339 at NVDCVE-2018-14340 at SUSECVE-2018-14340 at NVDCVE-2018-14341 at SUSECVE-2018-14341 at NVDCVE-2018-14342 at SUSECVE-2018-14342 at NVDCVE-2018-14343 at SUSECVE-2018-14343 at NVDCVE-2018-14344 at SUSECVE-2018-14344 at NVDCVE-2018-14367 at SUSECVE-2018-14367 at NVDCVE-2018-14368 at SUSECVE-2018-14368 at NVDCVE-2018-14369 at SUSECVE-2018-14369 at NVDCVE-2018-14370 at SUSECVE-2018-14370 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for wireshark fixes the following issues:
Update wireshark to version 2.2.17 (bsc#1106514):
Security issues fixed:
- CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44)
- CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45)
- CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46)
Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.17.html
ModerateSUSE bug 1106514CVE-2018-16056 at SUSECVE-2018-16056 at NVDCVE-2018-16057 at SUSECVE-2018-16057 at NVDCVE-2018-16058 at SUSECVE-2018-16058 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for wpa_supplicantSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes a remote code execution vulnerability in wpa_supplicant's
wpa_cli and hostapd_cli tools. CVE-2014-3686 has been assigned to this
issue.
Additionally, password based authentication with PKCS#5v2 has been enabled.
Security Issues:
* CVE-2014-3686
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686>
SUSE bug 868937SUSE bug 900611CVE-2014-3686 at SUSECVE-2014-3686 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xalan-j2SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
xalan-j2 has been updated to ensure that secure processing can't be
circumvented (CVE-2014-0107).
Security Issues:
* CVE-2014-0107
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0107>
SUSE bug 870082CVE-2014-0107 at SUSECVE-2014-0107 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for XenSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes the following security issues in Xen:
* CVE-2012-5510: Grant table version switch list corruption
vulnerability (XSA-26)
* CVE-2012-5511: Several HVM operations do not validate the range of
their inputs (XSA-27)
* CVE-2012-5513: XENMEM_exchange may overwrite hypervisor memory
(XSA-29)
* CVE-2012-5514: Missing unlock in
guest_physmap_mark_populate_on_demand() (XSA-30)
* CVE-2012-5515: Several memory hypercall operations allow invalid
extent order values (XSA-31)
Also the following fix has been applied:
* bnc#777628 - guest 'disappears' after live migration
Updated block-dmmd script
Security Issues references:
* CVE-2012-5513
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5513>
* CVE-2012-5514
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5514>
* CVE-2012-5511
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5511>
* CVE-2012-5510
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5510>
* CVE-2012-5515
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5515>
SUSE bug 777628SUSE bug 789944SUSE bug 789945SUSE bug 789948SUSE bug 789950SUSE bug 789951SUSE bug 826717SUSE bug 880751SUSE bug 895798SUSE bug 895799SUSE bug 895802SUSE bug 903850SUSE bug 903967SUSE bug 903970SUSE bug 905465SUSE bug 905467SUSE bug 906439SUSE bug 927967SUSE bug 929339CVE-2012-5510 at SUSECVE-2012-5510 at NVDCVE-2012-5511 at SUSECVE-2012-5511 at NVDCVE-2012-5513 at SUSECVE-2012-5513 at NVDCVE-2012-5514 at SUSECVE-2012-5514 at NVDCVE-2012-5515 at SUSECVE-2012-5515 at NVDCVE-2013-3495 at SUSECVE-2013-3495 at NVDCVE-2014-4021 at SUSECVE-2014-4021 at NVDCVE-2014-7154 at SUSECVE-2014-7154 at NVDCVE-2014-7155 at SUSECVE-2014-7155 at NVDCVE-2014-7156 at SUSECVE-2014-7156 at NVDCVE-2014-8594 at SUSECVE-2014-8594 at NVDCVE-2014-8595 at SUSECVE-2014-8595 at NVDCVE-2014-8866 at SUSECVE-2014-8866 at NVDCVE-2014-8867 at SUSECVE-2014-8867 at NVDCVE-2014-9030 at SUSECVE-2014-9030 at NVDCVE-2015-3340 at SUSECVE-2015-3340 at NVDCVE-2015-3456 at SUSECVE-2015-3456 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for xen (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSS
Xen was updated to fix the following security issues:
* CVE-2015-5154: Host code execution via IDE subsystem CD-ROM (bsc#938344)
* CVE-2015-5165: QEMU leak of uninitialized heap memory in rtl8139 device model (XSA-140, bsc#939712)
ImportantSUSE bug 938344SUSE bug 939712CVE-2015-5154 at SUSECVE-2015-5154 at NVDCVE-2015-5165 at SUSECVE-2015-5165 at NVDcpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for xen (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Xen was updated to fix the following security issues:
* CVE-2015-5154: Host code execution via IDE subsystem CD-ROM (bsc#938344)
* CVE-2015-5165: QEMU leak of uninitialized heap memory in rtl8139 device model (XSA-140, bsc#939712)
ImportantSUSE bug 938344SUSE bug 939712CVE-2015-5154 at SUSECVE-2015-5154 at NVDCVE-2015-5165 at SUSECVE-2015-5165 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xen (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
xen was updated to fix eight security issues.
These security issues were fixed:
- CVE-2015-4037: The slirp_smb function in net/slirp.c created temporary files with predictable names, which allowed local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program (bsc#932267).
- CVE-2014-0222: Integer overflow in the qcow_open function allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642).
- CVE-2015-7835: Uncontrolled creation of large page mappings by PV guests (bsc#950367).
- CVE-2015-5239: Integer overflow in vnc_client_read() and protocol_client_msg() (bsc#944463).
- CVE-2015-6815: With e1000 NIC emulation support it was possible to enter an infinite loop (bsc#944697).
- CVE-2015-7969: Leak of main per-domain vcpu pointer array leading to denial of service (bsc#950703).
- CVE-2015-7969: Leak of per-domain profiling- related vcpu pointer array leading to denial of service (bsc#950705).
- CVE-2015-7971: Some pmu and profiling hypercalls log without rate limiting (bsc#950706).
ImportantSUSE bug 877642SUSE bug 932267SUSE bug 944463SUSE bug 944697SUSE bug 950367SUSE bug 950703SUSE bug 950705SUSE bug 950706CVE-2014-0222 at SUSECVE-2014-0222 at NVDCVE-2015-4037 at SUSECVE-2015-4037 at NVDCVE-2015-5239 at SUSECVE-2015-5239 at NVDCVE-2015-6815 at SUSECVE-2015-6815 at NVDCVE-2015-7835 at SUSECVE-2015-7835 at NVDCVE-2015-7969 at SUSECVE-2015-7969 at NVDCVE-2015-7971 at SUSECVE-2015-7971 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xen (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
xen was updated to fix 41 security issues.
These security issues were fixed:
- CVE-2013-4533: Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm image (bsc#864655).
- CVE-2013-4534: Buffer overflow in hw/intc/openpic.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via vectors related to IRQDest elements (bsc#864811).
- CVE-2013-4537: The ssi_sd_transfer function in hw/sd/ssi-sd.c allowed remote attackers to execute arbitrary code via a crafted arglen value in a savevm image (bsc#864391).
- CVE-2013-4538: Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c allowed remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image (bsc#864769).
- CVE-2013-4539: Multiple buffer overflows in the tsc210x_load function in hw/input/tsc210x.c might have allowed remote attackers to execute arbitrary code via a crafted (1) precision, (2) nextprecision, (3) function, or (4) nextfunction value in a savevm image (bsc#864805).
- CVE-2014-0222: Integer overflow in the qcow_open function in block/qcow.c allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642).
- CVE-2014-0222: Integer overflow in the qcow_open function in block/qcow.c allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642).
- CVE-2014-3640: The sosendto function in slirp/udp.c allowed local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket (bsc#897654).
- CVE-2014-3689: The vmware-vga driver (hw/display/vmware_vga.c) allowed local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling (bsc#901508).
- CVE-2014-7815: The set_pixel_format function in ui/vnc.c allowed remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value (bsc#902737).
- CVE-2015-4037: The slirp_smb function in net/slirp.c created temporary files with predictable names, which allowed local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program (bnc#932267).
- CVE-2015-5239: Integer overflow in vnc_client_read() and protocol_client_msg() (bnc#944463).
- CVE-2015-5278: Infinite loop in ne2000_receive() function (bsc#945989).
- CVE-2015-5307: The KVM subsystem allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c (bnc#953527).
- CVE-2015-6815: e1000: infinite loop issue (bnc#944697).
- CVE-2015-7504: Heap buffer overflow vulnerability in pcnet emulator (XSA-162) (bnc#956411).
- CVE-2015-7512: Buffer overflow in the pcnet_receive function in hw/net/pcnet.c, when a guest NIC has a larger MTU, allowed remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet (bsc#957162).
- CVE-2015-7835: The mod_l2_entry function in arch/x86/mm.c did not properly validate level 2 page table entries, which allowed local PV guest administrators to gain privileges via a crafted superpage mapping (bnc#950367).
- CVE-2015-7969: Multiple memory leaks allowed local guest administrators or domains with certain permission to cause a denial of service (memory consumption) via a large number of 'teardowns' of domains with the vcpu pointer array allocated using the (1) XEN_DOMCTL_max_vcpus hypercall or the xenoprofile state vcpu pointer array allocated using the (2) XENOPROF_get_buffer or (3) XENOPROF_set_passive hypercall (bnc#950703).
- CVE-2015-7969: Multiple memory leaks allowed local guest administrators or domains with certain permission to cause a denial of service (memory consumption) via a large number of 'teardowns' of domains with the vcpu pointer array allocated using the (1) XEN_DOMCTL_max_vcpus hypercall or the xenoprofile state vcpu pointer array allocated using the (2) XENOPROF_get_buffer or (3) XENOPROF_set_passive hypercall (bnc#950703).
- CVE-2015-7970: The p2m_pod_emergency_sweep function in arch/x86/mm/p2m-pod.c was not preemptible, which allowed local x86 HVM guest administrators to cause a denial of service (CPU consumption and possibly reboot) via crafted memory contents that triggers a 'time-consuming linear scan,' related to Populate-on-Demand (bnc#950704).
- CVE-2015-7971: There was no limit on the number of printk console messages when logging certain pmu and profiling hypercalls, which allowed local guests to cause a denial of service via a sequence of crafted (1) HYPERCALL_xenoprof_op hypercalls, which are not properly handled in the do_xenoprof_op function in common/xenoprof.c, or (2) HYPERVISOR_xenpmu_op hypercalls, which are not properly handled in the do_xenpmu_op function in arch/x86/cpu/vpmu.c (bnc#950706).
- CVE-2015-7972: The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c did not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allowed local HVM guest users to cause a denial of service (guest crash) via unspecified vectors related to 'heavy memory pressure (bnc#951845).
- CVE-2015-8104: The KVM subsystem allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c (bnc#954404).
- CVE-2015-8339: The memory_exchange function in common/memory.c did not properly hand back pages to a domain, which might allowed guest OS administrators to cause a denial of service (host crash) via unspecified vectors related to domain teardown (bnc#956408).
- CVE-2015-8345: eepro100: infinite loop in processing command block list (bsc#956829).
- CVE-2015-8504: VNC: floating point exception (bsc#958491).
- CVE-2015-8550: Paravirtualized drivers were incautious about shared memory contents (XSA-155) (bsc#957988).
- CVE-2015-8554: qemu-dm buffer overrun in MSI-X handling (XSA-164) (bsc#958007).
- CVE-2015-8555: Information leak in legacy x86 FPU/XMM initialization (XSA-165) (bsc#958009).
- CVE-2015-8558: Infinite loop in ehci_advance_state resulted in DoS (bsc#959005).
- CVE-2015-8743: ne2000: OOB memory access in ioport r/w functions (bsc#960725).
- CVE-2015-8745: Reading IMR registers lead to a crash via assert(2) call (bsc#960707).
- CVE-2016-1571: VMX: intercept issue with INVLPG on non-canonical address (XSA-168) (bsc#960862).
- CVE-2016-1714: nvram: OOB r/w access in processing firmware configurations (bsc#961691).
- CVE-2016-1981: e1000 infinite loop in start_xmit and e1000_receive_iov routines (bsc#963782).
- CVE-2016-2270: Xen allowed local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings (bsc#965315).
- CVE-2016-2271: VMX when using an Intel or Cyrix CPU, allowed local HVM guest users to cause a denial of service (guest crash) via vectors related to a non-canonical RIP (bsc#965317).
- CVE-2016-2391: usb: multiple eof_timers in ohci module lead to NULL pointer dereference (bsc#967013).
- CVE-2016-2841: ne2000: Infinite loop in ne2000_receive (bsc#969350).
- XSA-166: ioreq handling possibly susceptible to multiple read issue (bsc#958523).
This non-security issue was fixed:
- bsc#967630: Discrepancy in reported memory size with correction XSA-153 for xend
ImportantSUSE bug 864391SUSE bug 864655SUSE bug 864769SUSE bug 864805SUSE bug 864811SUSE bug 877642SUSE bug 897654SUSE bug 901508SUSE bug 902737SUSE bug 932267SUSE bug 944463SUSE bug 944697SUSE bug 945989SUSE bug 950367SUSE bug 950703SUSE bug 950704SUSE bug 950706SUSE bug 951845SUSE bug 953527SUSE bug 954404SUSE bug 956408SUSE bug 956411SUSE bug 956829SUSE bug 957162SUSE bug 957988SUSE bug 958007SUSE bug 958009SUSE bug 958491SUSE bug 958493SUSE bug 958523SUSE bug 959005SUSE bug 960707SUSE bug 960725SUSE bug 960726SUSE bug 960862SUSE bug 961691SUSE bug 961692SUSE bug 962335SUSE bug 962360SUSE bug 962611SUSE bug 962627SUSE bug 962642SUSE bug 962758SUSE bug 963782SUSE bug 963783SUSE bug 964452SUSE bug 964644SUSE bug 964925SUSE bug 964947SUSE bug 965112SUSE bug 965315SUSE bug 965317SUSE bug 967013SUSE bug 967101SUSE bug 967630SUSE bug 969350SUSE bug 969351CVE-2013-4533 at SUSECVE-2013-4533 at NVDCVE-2013-4534 at SUSECVE-2013-4534 at NVDCVE-2013-4537 at SUSECVE-2013-4537 at NVDCVE-2013-4538 at SUSECVE-2013-4538 at NVDCVE-2013-4539 at SUSECVE-2013-4539 at NVDCVE-2014-0222 at SUSECVE-2014-0222 at NVDCVE-2014-3640 at SUSECVE-2014-3640 at NVDCVE-2014-3689 at SUSECVE-2014-3689 at NVDCVE-2014-7815 at SUSECVE-2014-7815 at NVDCVE-2015-4037 at SUSECVE-2015-4037 at NVDCVE-2015-5239 at SUSECVE-2015-5239 at NVDCVE-2015-5278 at SUSECVE-2015-5278 at NVDCVE-2015-5307 at SUSECVE-2015-5307 at NVDCVE-2015-6815 at SUSECVE-2015-6815 at NVDCVE-2015-7504 at SUSECVE-2015-7504 at NVDCVE-2015-7512 at SUSECVE-2015-7512 at NVDCVE-2015-7835 at SUSECVE-2015-7835 at NVDCVE-2015-7969 at SUSECVE-2015-7969 at NVDCVE-2015-7970 at SUSECVE-2015-7970 at NVDCVE-2015-7971 at SUSECVE-2015-7971 at NVDCVE-2015-7972 at SUSECVE-2015-7972 at NVDCVE-2015-8104 at SUSECVE-2015-8104 at NVDCVE-2015-8339 at SUSECVE-2015-8339 at NVDCVE-2015-8345 at SUSECVE-2015-8345 at NVDCVE-2015-8504 at SUSECVE-2015-8504 at NVDCVE-2015-8550 at SUSECVE-2015-8550 at NVDCVE-2015-8554 at SUSECVE-2015-8554 at NVDCVE-2015-8555 at SUSECVE-2015-8555 at NVDCVE-2015-8558 at SUSECVE-2015-8558 at NVDCVE-2015-8743 at SUSECVE-2015-8743 at NVDCVE-2015-8745 at SUSECVE-2015-8745 at NVDCVE-2016-1571 at SUSECVE-2016-1571 at NVDCVE-2016-1714 at SUSECVE-2016-1714 at NVDCVE-2016-1981 at SUSECVE-2016-1981 at NVDCVE-2016-2270 at SUSECVE-2016-2270 at NVDCVE-2016-2271 at SUSECVE-2016-2271 at NVDCVE-2016-2391 at SUSECVE-2016-2391 at NVDCVE-2016-2841 at SUSECVE-2016-2841 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xen (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host (bsc#1011652)
- CVE-2016-9386: x86 null segments were not always treated as unusable allowing an unprivileged guest user program to elevate its privilege to that of the guest operating system. Exploit of this vulnerability is easy on Intel and more complicated on AMD (bsc#1009100)
- CVE-2016-9382: x86 task switch to VM86 mode was mis-handled, allowing a unprivileged guest process to escalate its privilege to that of the guest operating system on AMD hardware. On Intel hardware a malicious unprivileged guest process can crash the guest (bsc#1009103)
- CVE-2016-9383: The x86 64-bit bit test instruction emulation was broken, allowing a guest to modify arbitrary memory leading to arbitray code execution (bsc#1009107)
- CVE-2016-9381: Improper processing of shared rings allowing guest administrators take over the qemu process, elevating their privilege to that of the qemu process (bsc#1009109)
- CVE-2016-9380: Delimiter injection vulnerabilities in pygrub allowed guest administrators to obtain the contents of sensitive host files or delete the files (bsc#1009111)
- CVE-2016-9379: Delimiter injection vulnerabilities in pygrub allowed guest administrators to obtain the contents of sensitive host files or delete the files (bsc#1009111)
- CVE-2016-7777: Xen did not properly honor CR0.TS and CR0.EM, which allowed local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emulate it (bsc#1000106)
- CVE-2016-8910: The rtl8139_cplus_transmit function in hw/net/rtl8139.c allowed local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count (bsc#1007157)
- CVE-2016-8667: The rc4030_write function in hw/dma/rc4030.c in allowed local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large interval timer reload value (bsc#1005004)
- CVE-2016-8669: The serial_update_parameters function in hw/char/serial.c allowed local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base (bsc#1005005)
- CVE-2016-7908: The mcf_fec_do_tx function in hw/net/mcf_fec.c did not properly limit the buffer descriptor count when transmitting packets, which allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags (bsc#1003030)
- CVE-2016-7909: The pcnet_rdra_addr function in hw/net/pcnet.c allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to 0 (bsc#1003032)
- CVE-2016-6351: The esp_do_dma function in hw/scsi/esp.c, when built with ESP/NCR53C9x controller emulation support, allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or execute arbitrary code on the host via vectors involving DMA read into ESP command buffer (bsc#990843)
- CVE-2016-7094: Buffer overflow in Xen allowed local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update (bsc#995792)
- CVE-2016-7092: The get_page_from_l3e function in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables (bsc#995785)
- CVE-2016-6258: The PV pagetable code in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries (bsc#988675)
- CVE-2016-5338: The (1) esp_reg_read and (2) esp_reg_write functions allowed local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the host via vectors related to the information transfer buffer (bsc#983984)
- CVE-2016-5238: The get_cmd function in hw/scsi/esp.c might have allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode (bsc#982960)
- CVE-2014-3672: The qemu implementation in libvirt Xen allowed local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr (bsc#981264)
- CVE-2016-4441: The get_cmd function in the 53C9X Fast SCSI Controller (FSC) support did not properly check DMA length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command (bsc#980724)
- CVE-2016-4439: The esp_reg_write function in the 53C9X Fast SCSI Controller (FSC) support did not properly check command buffer length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the host via unspecified vectors (bsc#980716)
- CVE-2016-3710: The VGA module improperly performed bounds checking on banked access to video memory, which allowed local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the 'Dark Portal' issue (bsc#978164)
- CVE-2016-4480: The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen did not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might have allowed local guest OS users to gain privileges via a crafted mapping of memory (bsc#978295)
- CVE-2016-3960: Integer overflow in the x86 shadow pagetable code allowed local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping (bsc#974038)
- CVE-2016-3158: The xrstor function did not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allowed local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits (bsc#973188)
- CVE-2016-4001: Buffer overflow in the stellaris_enet_receive function, when the Stellaris ethernet controller is configured to accept large packets, allowed remote attackers to cause a denial of service (QEMU crash) via a large packet (bsc#975130)
- CVE-2016-4002: Buffer overflow in the mipsnet_receive function, when the guest NIC is configured to accept large packets, allowed remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes (bsc#975138)
- CVE-2016-2841: The ne2000_receive function in the NE2000 NIC emulation support (hw/net/ne2000.c) allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via crafted values for the PSTART and PSTOP registers, involving ring buffer control (bsc#969351).
- CVE-2016-2391: The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) allowed local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers (bsc#967101).
- CVE-2016-2270: Xen allowed local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings (bsc#965315).
- CVE-2016-2271: VMX in Xen, when using an Intel or Cyrix CPU, allowed local HVM guest users to cause a denial of service (guest crash) via vectors related to a non-canonical RIP (bsc#965317).
- CVE-2014-3640: The sosendto function in slirp/udp.c allowed local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket (bsc#965112).
- CVE-2015-5278: Infinite loop in ne2000_receive() function allowed a privileged user inside the guest to crash the Qemu instance resulting in DoS (bsc#964947).
- CVE-2013-4533: Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm image (bsc#964644).
- CVE-2014-0222: Integer overflow in the qcow_open function in block/qcow.c allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#964925).
- CVE-2013-4534: Buffer overflow in hw/intc/openpic.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via vectors related to IRQDest elements (bsc#964452).
- CVE-2016-1981: A:infinite loop in start_xmit and e1000_receive_iov routines allowed a privileged user inside the guest to crash the Qemu instance resulting in DoS (bsc#963783).
- CVE-2013-4539: Multiple buffer overflows in the tsc210x_load function in hw/input/tsc210x.c might have allowed remote attackers to execute arbitrary code via a crafted (1) precision, (2) nextprecision, (3) function, or (4) nextfunction value in a savevm image (bsc#962758).
- CVE-2013-4537: The ssi_sd_transfer function in hw/sd/ssi-sd.c allowed remote attackers to execute arbitrary code via a crafted arglen value in a savevm image (bsc#962642).
- CVE-2014-7815: The set_pixel_format function in ui/vnc.c allowed remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value (bsc#962627).
- CVE-2014-3689: The vmware-vga driver (hw/display/vmware_vga.c) allowed local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling (bsc#962611).
- CVE-2013-4538: Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c allowed remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image (bsc#962335).
- CVE-2015-7512: Buffer overflow in the pcnet_receive function in hw/net/pcnet.c, when a guest NIC has a larger MTU, allowed remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet (bsc#962360).
- CVE-2016-1714: The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c when built with the Firmware Configuration device emulation support, allowed guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service (out-of-bounds read or write access and process crash) or possibly execute arbitrary code via an invalid current entry value in a firmware configuration (bsc#961692).
- CVE-2016-1571: The paging_invlpg function in include/asm-x86/paging.h in Xen when using shadow mode paging or nested virtualization is enabled, allowed local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a hypervisor bug check (bsc#960862).
- CVE-2015-8743: A OOB memory access in ioport r/w functions allowed a privileged (CAP_SYS_RAWIO) user/process to use this flaw to leak or corrupt Qemu memory bytes (bsc#960726).
- CVE-2015-8550: Xen, when used on a system providing PV backends, allowed local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability (bsc#957988).
- CVE-2015-8554: Buffer overflow in hw/pt-msi.c in Xen, when using the qemu-xen-traditional (aka qemu-dm) device model, allowed local x86 HVM guest administrators to gain privileges by leveraging a system with access to a passed-through MSI-X capable physical PCI device and MSI-X table entries, related to a 'write path.' (bsc#958007).
- CVE-2015-8555: Xen did not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allowed local guest domains to obtain sensitive information from other domains via unspecified vectors (bsc#958009).
- CVE-2015-8339: The memory_exchange function in common/memory.c in Xen did not properly hand back pages to a domain, which might have allowed guest OS administrators to cause a denial of service (host crash) via unspecified vectors related to domain teardown (bsc#956408).
- CVE-2015-8104: The KVM subsystem might have allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c (bsc#954405).
- CVE-2015-5307: The KVM subsystem might allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c (bsc#953527).
- CVE-2015-7970: The p2m_pod_emergency_sweep function in arch/x86/mm/p2m-pod.c in Xen was not preemptible, which allowed local x86 HVM guest administrators to cause a denial of service (CPU consumption and possibly reboot) via crafted memory contents that triggers a 'time-consuming linear scan,' related to Populate-on-Demand (bsc#950704).
- CVE-2015-7972: The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen did not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allowed local HVM guest users to cause a denial of service (guest crash) via unspecified vectors related to 'heavy memory pressure.' (bsc#951845).
- CVE-2015-7969: Multiple memory leaks in Xen allowed local guest administrators or domains with certain permission to cause a denial of service (memory consumption) via a large number of 'teardowns' of domains with the vcpu pointer array allocated using the (1) XEN_DOMCTL_max_vcpus hypercall or the xenoprofile state vcpu pointer array allocated using the (2) XENOPROF_get_buffer or (3) XENOPROF_set_passive hypercall (bsc#950703).
- CVE-2015-7969: Multiple memory leaks in Xen allowed local guest administrators or domains with certain permission to cause a denial of service (memory consumption) via a large number of 'teardowns' of domains with the vcpu pointer array allocated using the (1) XEN_DOMCTL_max_vcpus hypercall or the xenoprofile state vcpu pointer array allocated using the (2) XENOPROF_get_buffer or (3) XENOPROF_set_passive hypercall (bsc#950705).
- CVE-2015-7971: Xen did not limit the number of printk console messages when logging certain pmu and profiling hypercalls, which allowed local guests to cause a denial of service via a sequence of crafted (1) HYPERCALL_xenoprof_op hypercalls, which are not properly handled in the do_xenoprof_op function in common/xenoprof.c, or (2) HYPERVISOR_xenpmu_op hypercalls, which are not properly handled in the do_xenpmu_op function in arch/x86/cpu/vpmu.c (bsc#950706).
- CVE-2015-4037: The slirp_smb function in net/slirp.c in created temporary files with predictable names, which allowed local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files the program (bsc#932267).
- CVE-2014-0222: Integer overflow in the qcow_open function in block/qcow.c allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642).
- CVE-2015-7835: The mod_l2_entry function in arch/x86/mm.c did not properly validate level 2 page table entries, which allowed local PV guest administrators to gain privileges via a crafted superpage mapping (bsc#950367).
- CVE-2015-8504: The VNC display driver support was vulnerable to an arithmetic exception flaw that allowed a privileged remote client to crash the guest resulting in DoS (bsc#958493).
- CVE-2015-8345: The i8255x (PRO100) emulation support was vulnerable to an infinite loop issue that allowed a privileged (CAP_SYS_RAWIO) user inside guest to crash the Qemu instance resulting in DoS (bsc#956832).
- CVE-2015-7504: When using the AMD PC-Net II emulator(hw/net/pcnet.c) a heap buffer overflow could be triggered that could have allowed a guest to to take over the qemu process (bsc#956411).
- CVE-2015-5239: The VNC display driver was vulnerable to an infinite loop issue that allowed a privileged user inside guest to crash the Qemu instance resulting in DoS (bsc#944463).
- CVE-2015-6815: The e1000 NIC emulation support was vulnerable to an infinite loop issue that allowed a privileged user inside guest to crash the Qemu instance resulting in DoS (bsc#944697).
These non-security issues were fixed:
- bsc#1000893: virsh setmem won't allow to set current guest memory to max limit
- bsc#967630: Discrepancy in reported memory size with correction XSA-153 for xend
ImportantSUSE bug 1000106SUSE bug 1000893SUSE bug 1003030SUSE bug 1003032SUSE bug 1005004SUSE bug 1005005SUSE bug 1007157SUSE bug 1009100SUSE bug 1009103SUSE bug 1009107SUSE bug 1009109SUSE bug 1009111SUSE bug 1011652SUSE bug 877642SUSE bug 932267SUSE bug 944463SUSE bug 944697SUSE bug 950367SUSE bug 950703SUSE bug 950704SUSE bug 950705SUSE bug 950706SUSE bug 951845SUSE bug 953527SUSE bug 954405SUSE bug 956408SUSE bug 956411SUSE bug 956832SUSE bug 957988SUSE bug 958007SUSE bug 958009SUSE bug 958493SUSE bug 958523SUSE bug 960726SUSE bug 960862SUSE bug 961692SUSE bug 962335SUSE bug 962360SUSE bug 962611SUSE bug 962627SUSE bug 962642SUSE bug 962758SUSE bug 963783SUSE bug 964452SUSE bug 964644SUSE bug 964925SUSE bug 964947SUSE bug 965112SUSE bug 965315SUSE bug 965317SUSE bug 967101SUSE bug 967630SUSE bug 969351SUSE bug 973188SUSE bug 974038SUSE bug 975130SUSE bug 975138SUSE bug 978164SUSE bug 978295SUSE bug 980716SUSE bug 980724SUSE bug 981264SUSE bug 982960SUSE bug 983984SUSE bug 988675SUSE bug 990843SUSE bug 995785SUSE bug 995792CVE-2013-4533 at SUSECVE-2013-4533 at NVDCVE-2013-4534 at SUSECVE-2013-4534 at NVDCVE-2013-4537 at SUSECVE-2013-4537 at NVDCVE-2013-4538 at SUSECVE-2013-4538 at NVDCVE-2013-4539 at SUSECVE-2013-4539 at NVDCVE-2014-0222 at SUSECVE-2014-0222 at NVDCVE-2014-3615 at SUSECVE-2014-3615 at NVDCVE-2014-3640 at SUSECVE-2014-3640 at NVDCVE-2014-3672 at SUSECVE-2014-3672 at NVDCVE-2014-3689 at SUSECVE-2014-3689 at NVDCVE-2014-7815 at SUSECVE-2014-7815 at NVDCVE-2015-4037 at SUSECVE-2015-4037 at NVDCVE-2015-5239 at SUSECVE-2015-5239 at NVDCVE-2015-5278 at SUSECVE-2015-5278 at NVDCVE-2015-5307 at SUSECVE-2015-5307 at NVDCVE-2015-6815 at SUSECVE-2015-6815 at NVDCVE-2015-7504 at SUSECVE-2015-7504 at NVDCVE-2015-7512 at SUSECVE-2015-7512 at NVDCVE-2015-7835 at SUSECVE-2015-7835 at NVDCVE-2015-7969 at SUSECVE-2015-7969 at NVDCVE-2015-7970 at SUSECVE-2015-7970 at NVDCVE-2015-7971 at SUSECVE-2015-7971 at NVDCVE-2015-7972 at SUSECVE-2015-7972 at NVDCVE-2015-8104 at SUSECVE-2015-8104 at NVDCVE-2015-8339 at SUSECVE-2015-8339 at NVDCVE-2015-8340 at SUSECVE-2015-8340 at NVDCVE-2015-8345 at SUSECVE-2015-8345 at NVDCVE-2015-8504 at SUSECVE-2015-8504 at NVDCVE-2015-8550 at SUSECVE-2015-8550 at NVDCVE-2015-8554 at SUSECVE-2015-8554 at NVDCVE-2015-8555 at SUSECVE-2015-8555 at NVDCVE-2015-8743 at SUSECVE-2015-8743 at NVDCVE-2016-1571 at SUSECVE-2016-1571 at NVDCVE-2016-1714 at SUSECVE-2016-1714 at NVDCVE-2016-1981 at SUSECVE-2016-1981 at NVDCVE-2016-2270 at SUSECVE-2016-2270 at NVDCVE-2016-2271 at SUSECVE-2016-2271 at NVDCVE-2016-2391 at SUSECVE-2016-2391 at NVDCVE-2016-2841 at SUSECVE-2016-2841 at NVDCVE-2016-3158 at SUSECVE-2016-3158 at NVDCVE-2016-3159 at SUSECVE-2016-3159 at NVDCVE-2016-3710 at SUSECVE-2016-3710 at NVDCVE-2016-3960 at SUSECVE-2016-3960 at NVDCVE-2016-4001 at SUSECVE-2016-4001 at NVDCVE-2016-4002 at SUSECVE-2016-4002 at NVDCVE-2016-4439 at SUSECVE-2016-4439 at NVDCVE-2016-4441 at SUSECVE-2016-4441 at NVDCVE-2016-4480 at SUSECVE-2016-4480 at NVDCVE-2016-5238 at SUSECVE-2016-5238 at NVDCVE-2016-5338 at SUSECVE-2016-5338 at NVDCVE-2016-6258 at SUSECVE-2016-6258 at NVDCVE-2016-6351 at SUSECVE-2016-6351 at NVDCVE-2016-7092 at SUSECVE-2016-7092 at NVDCVE-2016-7094 at SUSECVE-2016-7094 at NVDCVE-2016-7777 at SUSECVE-2016-7777 at NVDCVE-2016-7908 at SUSECVE-2016-7908 at NVDCVE-2016-7909 at SUSECVE-2016-7909 at NVDCVE-2016-8667 at SUSECVE-2016-8667 at NVDCVE-2016-8669 at SUSECVE-2016-8669 at NVDCVE-2016-8910 at SUSECVE-2016-8910 at NVDCVE-2016-9379 at SUSECVE-2016-9379 at NVDCVE-2016-9380 at SUSECVE-2016-9380 at NVDCVE-2016-9381 at SUSECVE-2016-9381 at NVDCVE-2016-9382 at SUSECVE-2016-9382 at NVDCVE-2016-9383 at SUSECVE-2016-9383 at NVDCVE-2016-9386 at SUSECVE-2016-9386 at NVDCVE-2016-9637 at SUSECVE-2016-9637 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xen (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xen fixes the following issues:
- A Mishandling of SYSCALL singlestep during emulation which could
have lead to privilege escalation. (XSA-204, bsc#1016340, CVE-2016-10013)
- CMPXCHG8B emulation failed to ignore operand size override which could have
lead to information disclosure. (XSA-200, bsc#1012651, CVE-2016-9932)
- PV guests may have been able to mask interrupts causing a Denial of Service.
(XSA-202, bsc#1014298, CVE-2016-10024)
ImportantSUSE bug 1012651SUSE bug 1014298SUSE bug 1016340CVE-2016-10013 at SUSECVE-2016-10013 at NVDCVE-2016-10024 at SUSECVE-2016-10024 at NVDCVE-2016-9932 at SUSECVE-2016-9932 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xen (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xen fixes several issues:
These security issues were fixed:
- CVE-2017-2620: In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine cirrus_bitblt_cputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation (bsc#1024834)
- CVE-2017-2615: An error in the bitblt copy operation could have allowed a malicious guest administrator to cause an out of bounds memory access, possibly leading to information disclosure or privilege escalation (bsc#1023004)
- CVE-2014-8106: A heap-based buffer overflow in the Cirrus VGA emulator allowed local guest users to execute arbitrary code via vectors related to blit regions (bsc#907805)
- A malicious guest could have, by frequently rebooting over extended periods of time, run the host system out of memory, resulting in a Denial of Service (DoS) (bsc#1022871)
- CVE-2016-9922: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1015169)
- CVE-2016-9776: The ColdFire Fast Ethernet Controller emulator support was vulnerable to an infinite loop issue while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could have used this issue to crash the Qemu process on the host leading to DoS (bsc#1013657)
- CVE-2016-10024: Xen allowed local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations (bsc#1014298).
- CVE-2017-7228: Broken check in memory_exchange() permited PV guest breakout (bsc#1030442).
- CVE-2017-6505: The ohci_service_ed_list function in hw/usb/hcd-ohci.c allowed local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors (bsc#1028235).
ImportantSUSE bug 1013657SUSE bug 1014298SUSE bug 1015169SUSE bug 1022871SUSE bug 1023004SUSE bug 1024834SUSE bug 1028235SUSE bug 1030442SUSE bug 907805CVE-2014-8106 at SUSECVE-2014-8106 at NVDCVE-2016-10024 at SUSECVE-2016-10024 at NVDCVE-2016-9776 at SUSECVE-2016-9776 at NVDCVE-2016-9921 at SUSECVE-2016-9921 at NVDCVE-2016-9922 at SUSECVE-2016-9922 at NVDCVE-2017-2615 at SUSECVE-2017-2615 at NVDCVE-2017-2620 at SUSECVE-2017-2620 at NVDCVE-2017-6505 at SUSECVE-2017-6505 at NVDCVE-2017-7228 at SUSECVE-2017-7228 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xen (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xen fixes the following security issues:
- A malicious 64-bit PV guest may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks by placing a IRET hypercall in the middle of a multicall batch (XSA-213, bsc#1034843)
- A malicious pair of guests may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks because of a missing check when transfering pages via GNTTABOP_transfer (XSA-214, bsc#1034844).
- CVE-2017-7718: hw/display/cirrus_vga_rop.h allowed local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions (bsc#1034994).
- CVE-2016-9603: A privileged user within the guest VM could have caused a heap overflow in the device model process, potentially escalating their privileges to that of the device model process (bsc#1028655)
- CVE-2017-7995: Incorrect address range validation potentially allowing PV guests to access MMIO memory with read side effects (bsc#1033948).
- Incorrect checks when handling exceptions allowed a malicious or buggy 64-bit PV guest to modify part of a physical memory page not belonging to it, potentially allowing for all of privilege escalation, host or other guest crashes, and information leaks (XSA-215, bsc#1034845)
ImportantSUSE bug 1028655SUSE bug 1033948SUSE bug 1034843SUSE bug 1034844SUSE bug 1034845SUSE bug 1034994CVE-2016-9603 at SUSECVE-2016-9603 at NVDCVE-2017-7718 at SUSECVE-2017-7718 at NVDCVE-2017-7995 at SUSECVE-2017-7995 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xen (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2017-12855: Premature clearing of GTF_writing / GTF_reading lead to
potentially leaking sensitive information (XSA-230 bsc#1052686).
- CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious
guest to crash the host or potentially escalate privileges/leak information
(XSA-226, bsc#1051787).
- CVE-2017-12137: Incorrectly-aligned updates to pagetables allowed for
privilege escalation (XSA-227, bsc#1051788).
- CVE-2017-11434: The dhcp_decode function in slirp/bootp.c allowed local guest
OS users to cause a denial of service (out-of-bounds read) via a crafted DHCP
options string (bsc#1049578).
- CVE-2017-10664: qemu-nbd did not ignore SIGPIPE, which allowed remote
attackers to cause a denial of service (daemon crash) by disconnecting during
a server-to-client reply attempt (bsc#1046637).
- CVE-2017-8905: Fixed a memory corruption via a failsafe callback, which might
have allowed PV guest OS users to execute arbitrary code on the host OS
(XSA-215, bsc#1034845).
- CVE-2017-10912: Xen mishandled page transfer, which allowed guest OS users to
obtain privileged host OS access (XSA-217, bsc#1042882).
- CVE-2017-10918: Xen did not validate memory allocations during certain P2M
operations, which allowed guest OS users to obtain privileged host OS access
(XSA-222, bsc#1042931).
- CVE-2017-10920: The grant-table feature in Xen mishandled a GNTMAP_device_map
and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping,
which allowed guest OS users to cause a denial of service (count mismanagement
and memory corruption) or obtain privileged host OS access (XSA-224,
bsc#1042938).
- CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to
cause a denial of service (infinite loop) by leveraging an incorrect return
value (bsc#1042160)
- CVE-2017-8309: Memory leak in the audio/audio.c allowed remote attackers to
cause a denial of service (memory consumption) by repeatedly starting and
stopping audio capture (bsc#1037243)
ImportantSUSE bug 1034845SUSE bug 1037243SUSE bug 1042160SUSE bug 1042882SUSE bug 1042931SUSE bug 1042938SUSE bug 1046637SUSE bug 1049578SUSE bug 1051787SUSE bug 1051788SUSE bug 1052686CVE-2017-10664 at SUSECVE-2017-10664 at NVDCVE-2017-10912 at SUSECVE-2017-10912 at NVDCVE-2017-10918 at SUSECVE-2017-10918 at NVDCVE-2017-10920 at SUSECVE-2017-10920 at NVDCVE-2017-11434 at SUSECVE-2017-11434 at NVDCVE-2017-12135 at SUSECVE-2017-12135 at NVDCVE-2017-12137 at SUSECVE-2017-12137 at NVDCVE-2017-12855 at SUSECVE-2017-12855 at NVDCVE-2017-8309 at SUSECVE-2017-8309 at NVDCVE-2017-8905 at SUSECVE-2017-8905 at NVDCVE-2017-9330 at SUSECVE-2017-9330 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xen (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2017-14317: A race in cxenstored may have cause a double-free allowind for
DoS of the xenstored daemon (XSA-233, bsc#1056281).
- CVE-2017-14319: An error while handling grant mappings allowed malicious or
buggy x86 PV guest to escalate its privileges or crash the hypervisor (XSA-234,
bsc#1056282).
ImportantSUSE bug 1056281SUSE bug 1056282CVE-2017-14317 at SUSECVE-2017-14317 at NVDCVE-2017-14319 at SUSECVE-2017-14319 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xen (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xen fixes several issues:
These security issues were fixed:
- CVE-2017-5526: The ES1370 audio device emulation support was vulnerable to a
memory leakage issue allowing a privileged user inside the guest to cause a DoS
and/or potentially crash the Qemu process on the host (bsc#1059777)
- CVE-2017-15593: Missing cleanup in the page type system allowed a malicious or
buggy PV guest to cause DoS (XSA-242 bsc#1061084)
- CVE-2017-15592: A problem in the shadow pagetable code allowed a malicious or
buggy HVM guest to cause DoS or cause hypervisor memory corruption potentially
allowing the guest to escalate its privilege (XSA-243 bsc#1061086)
- CVE-2017-15594: Problematic handling of the selector fields in the Interrupt
Descriptor Table (IDT) allowed a malicious or buggy x86 PV guest to escalate
its privileges or cause DoS (XSA-244 bsc#1061087)
- CVE-2017-15589: Intercepted I/O write operations with less than a full machine
word's worth of data were not properly handled, which allowed a malicious
unprivileged x86 HVM guest to obtain sensitive information from the host or
other guests (XSA-239 bsc#1061080)
- CVE-2017-15595: In certain configurations of linear page tables a stack overflow
might have occured that allowed a malicious or buggy PV guest to cause DoS and
potentially privilege escalation and information leaks (XSA-240 bsc#1061081)
- CVE-2017-15588: Under certain conditions x86 PV guests could have caused the
hypervisor to miss a necessary TLB flush for a page. This allowed a malicious
x86 PV guest to access all of system memory, allowing for privilege escalation,
DoS, and information leaks (XSA-241 bsc#1061082)
- CVE-2017-15590: Multiple issues existed with the setup of PCI MSI interrupts
that allowed a malicious or buggy guest to cause DoS and potentially privilege
escalation and information leaks (XSA-237 bsc#1061076)
ImportantSUSE bug 1059777SUSE bug 1061076SUSE bug 1061080SUSE bug 1061081SUSE bug 1061082SUSE bug 1061084SUSE bug 1061086SUSE bug 1061087CVE-2017-15588 at SUSECVE-2017-15588 at NVDCVE-2017-15589 at SUSECVE-2017-15589 at NVDCVE-2017-15590 at SUSECVE-2017-15590 at NVDCVE-2017-15592 at SUSECVE-2017-15592 at NVDCVE-2017-15593 at SUSECVE-2017-15593 at NVDCVE-2017-15594 at SUSECVE-2017-15594 at NVDCVE-2017-15595 at SUSECVE-2017-15595 at NVDCVE-2017-5526 at SUSECVE-2017-5526 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xen (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xen fixes several issues.
These security issues were fixed:
- bsc#1068187: Failure to recognize errors in the Populate on Demand (PoD) code
allowed for DoS (XSA-246)
- bsc#1068191: Missing p2m error checking in PoD code allowed unprivileged guests
to retain a writable mapping of freed memory leading to information leaks,
privilege escalation or DoS (XSA-247).
- CVE-2017-15289: The mode4and5 write functions allowed local OS guest privileged
users to cause a denial of service (out-of-bounds write access and Qemu process
crash) via vectors related to dst calculation (bsc#1063123)
- CVE-2017-15595: x86 PV guest OS users were able to cause a DoS (unbounded
recursion, stack consumption, and hypervisor crash) or possibly gain privileges
via crafted page-table stacking (bsc#1061081).
- CVE-2017-15592: x86 HVM guest OS users were able to cause a DoS (hypervisor
crash) or possibly gain privileges because self-linear shadow mappings were
mishandled for translated guests (bsc#1061086).
ImportantSUSE bug 1061081SUSE bug 1061086SUSE bug 1063123SUSE bug 1068187SUSE bug 1068191CVE-2017-15289 at SUSECVE-2017-15289 at NVDCVE-2017-15592 at SUSECVE-2017-15592 at NVDCVE-2017-15595 at SUSECVE-2017-15595 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xen (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2018-8897: Prevent mishandling of debug exceptions on x86 (XSA-260, bsc#1090820)
- Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy
HVM guests from causing a hypervisor crash or potentially privilege
escalation/information leaks (XSA-261, bsc#1090822)
- Prevent unbounded loop, induced by qemu allowing an attacker to permanently
keep a physical CPU core busy (XSA-262, bsc#1090823)
- CVE-2018-5683: The vga_draw_text function allowed local OS guest privileged
users to cause a denial of service (out-of-bounds read and QEMU process crash)
by leveraging improper memory address validation (bsc#1076116)
- CVE-2017-18030: The cirrus_invalidate_region function allowed local OS guest
privileged users to cause a denial of service (out-of-bounds array access and
QEMU process crash) via vectors related to negative pitch (bsc#1076180)
- CVE-2017-17566: Prevent PV guest OS users to cause a denial of service (host
OS crash) or gain host OS privileges in shadow mode by mapping a certain
auxiliary page (bsc#1070158)
- CVE-2017-17564: Prevent guest OS users to cause a denial of service (host OS
crash) or gain host OS privileges by leveraging incorrect error handling for
reference counting in shadow mode (bsc#1070160)
- CVE-2017-17565: Prevent PV guest OS users to cause a denial of service (host
OS crash) if shadow mode and log-dirty mode are in place, because of an
incorrect assertion related to M2P (bsc#1070163)
- CVE-2017-5715: Prevent side channel attacks aka Spectre and Meltdown (bsc#1068032)
- Prevent denial of service against xenstore via repeated updates (bsc#1030144, XSA-206)
ImportantSUSE bug 1030144SUSE bug 1068032SUSE bug 1070158SUSE bug 1070160SUSE bug 1070163SUSE bug 1076116SUSE bug 1076180SUSE bug 1089152SUSE bug 1090820SUSE bug 1090822SUSE bug 1090823CVE-2017-17564 at SUSECVE-2017-17564 at NVDCVE-2017-17565 at SUSECVE-2017-17565 at NVDCVE-2017-17566 at SUSECVE-2017-17566 at NVDCVE-2017-18030 at SUSECVE-2017-18030 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2018-5683 at SUSECVE-2018-5683 at NVDCVE-2018-8897 at SUSECVE-2018-8897 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xen (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xen fixes the following issues:
Security issues fixed:
- bsc#1074562 - VUL-0: CVE-2017-5753,CVE-2017-5715,CVE-2017-5754
xen: Information leak via side effects of speculative execution
(XSA-254). Includes Spectre v2 mitigation.
- bsc#1089635 - VUL-0: CVE-2018-10471: xen: x86: PV guest may crash
Xen with XPTI (XSA-259)
- bsc#1092631 - VUL-0: CVE-2018-3639: xen: V4 – Speculative Store
Bypass aka 'Memory Disambiguation' (XSA-263)
- bsc#1095242 - VUL-0: CVE-2018-3665: xen: Lazy FP Save/Restore
(XSA-267)
- bsc#1091107 - VUL-0: CVE-2018-3646: xen: L1 Terminal Fault -VMM
(XSA-273)
- bsc#1115040 - VUL-0: CVE-2018-19961 CVE-2018-19962: xen:
insufficient TLB flushing / improper large page mappings with AMD
IOMMUs (XSA-275)
- bsc#1115047 - VUL-0: CVE-2018-19966: xen: Fix for XSA-240
conflicts with shadow paging (XSA-280)
- bsc#1114988 - VUL-0: CVE-2018-19967: xen: guest use of HLE
constructs may lock up host (XSA-282)
- bsc#1126140 - VUL-0: CVE-2019-17340: xen: XSA-284: grant table
transfer issues on large hosts
- bsc#1126141 - VUL-0: CVE-2019-17341: xen: XSA-285: race with
pass-through device hotplug
- bsc#1177409 - VUL-0: CVE-2020-27674: xen: x86 PV guest
INVLPG-like flushes may leave stale TLB entries (XSA-286)
- bsc#1126192 - VUL-0: CVE-2019-17342: xen: XSA-287: x86:
steal_page violates page_struct access discipline
- bsc#1126195 - VUL-0: CVE-2019-17343: xen: XSA-288: x86:
Inconsistent PV IOMMU discipline
- bsc#1126196 - VUL-0: CVE-2019-17344: xen: XSA-290: missing
preemption in x86 PV page table unvalidation
- bsc#1111331 - VUL-0: CPU issues Q2 2019 aka 'Group 4'
CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
- bsc#1154458 - VUL-0: CVE-2019-18421: xen: XSA-299: Issues with
restartable PV type change operations
- bsc#1155945 - VUL-0: CVE-2018-12207: xen: Machine Check Error
Avoidance on Page Size Change (aka IFU issue)
- bsc#1158004 - VUL-0: CVE-2019-19583: xen: XSA-308 - VMX: VMentry
failure with debug exceptions and blocked states
- bsc#1158005 - VUL-0: CVE-2019-19578: xen: XSA-309 - Linear
pagetable use / entry miscounts
- bsc#1158006 - VUL-0: CVE-2019-19580: xen: XSA-310 - Further
issues with restartable PV type change operations
- bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer
Data Sampling (SRBDS) aka 'CrossTalk' (XSA-320)
- bsc#1173380 - VUL-0: CVE-2020-15567: xen: XSA-328 - non-atomic
modification of live EPT PTE
- bsc#1176343 - VUL-0: CVE-2020-25604: xen: race when migrating
timers between x86 HVM vCPU-s (XSA-336)
- bsc#1176344 - VUL-0: CVE-2020-25595: xen: PCI passthrough code
reading back hardware registers (XSA-337)
- bsc#1176345 - VUL-0: CVE-2020-25596: xen: x86 pv guest kernel
DoS via SYSENTER (XSA-339)
- bsc#1177412 - VUL-0: CVE-2020-27672: xen: Race condition in Xen
mapping code (XSA-345)
- bsc#1177414 - VUL-0: CVE-2020-27670: xen: unsafe AMD IOMMU page
table updates (XSA-347)
- bsc#1179506 - VUL-0: CVE-2020-29566: xen: undue recursion in x86
HVM context switch code (XSA-348)
- bsc#1178591 - VUL-0: CVE-2020-28368: xen: Intel RAPL sidechannel
- bsc#1179496 - VUL-0: CVE-2020-29480: xen: xenstore: watch
notifications lacking permission checks (XSA-115)
- bsc#1179498 - VUL-0: CVE-2020-29481: xen: xenstore: new domains
inheriting existing node permissions (XSA-322)
- bsc#1179501 - VUL-0: CVE-2020-29484: xen: xenstore: guests can
crash xenstored via watchs (XSA-324)
- bsc#1179502 - VUL-0: CVE-2020-29483: xen: xenstore: guests can
disturb domain cleanup (XSA-325)
- bsc#1179477 - VUL-0: CVE-2020-29130: xen: out-of-bounds access
while processing ARP packets
- bsc#1169392 - VUL-0: CVE-2020-11742: xen: Bad continuation
handling in GNTTABOP_copy (XSA-318)
- bsc#1168140 - VUL-0: CVE-2020-11740, CVE-2020-11741: xen: XSA-313
multiple xenoprof issues
- bsc#1161181 - VUL-0: CVE-2020-7211: xen: potential directory
traversal using relative paths via tftp server on Windows host
- bsc#1154456 - VUL-0: CVE-2019-18425: xen: XSA-298: missing
descriptor table limit checking in x86 PV emulation
- bsc#1149813 - VUL-0: CVE-2019-15890: xen: use-after-free during
packet reassembly
- bsc#1146874 - VUL-0: CVE-2019-12068: xen: infinite loop while
executing script
- bsc#1143797 - VUL-0: CVE-2019-14378: xen: heap buffer overflow
during packet reassembly in slirp networking implementation
- bsc#1130680 - VUL-0: CVE-2018-20815: xen: qemu: device_tree:
heap buffer overflow while loading device tree blob
- bsc#1129623 - VUL-1: CVE-2019-9824: xen: information leakage in
tcp_emu() due to uninitialized stack variables
- bsc#1123157 - VUL-0: CVE-2019-6778: xen: A heap buffer overflow
in tcp_emu() found in slirp
- bsc#1117756 - VUL-0: CVE-2018-19665: xen: Integer overflow in
Bluetooth routines allows memory corruption
- bsc#1114423 - VUL-0: CVE-2018-18849: xen: QEMU: lsi53c895a: OOB
msg buffer access leads to DoS
- bsc#1111014 - VUL-0: CVE-2018-17963: xen: net: ignore packets with
large size
- bsc#1097521 - VUL-0: CVE-2018-12891: xen: preemption checks
bypassed in x86 PV MM handling (XSA-264)
- bsc#1097522 - VUL-0: CVE-2018-12893: xen: x86: #DB exception
safety check can be triggered by a guest (XSA-265)
- bsc#1096224 - VUL-0: CVE-2018-11806: xen: slirp: heap buffer
overflow while reassembling fragmented datagrams
- bsc#1090822 - VUL-0: CVE-2018-10982: xen: x86 vHPET interrupt
injection errors (XSA-261)
- bsc#1090823 - VUL-0: CVE-2018-10981: xen: qemu may drive Xen into
unbounded loop (XSA-262)
Non-security issues fixed:
- Upstream prereq patches for XSA-273 (bsc#1091107)
- Additional upstream adjustments (bsc#1027519)
- bsc#1022555 - L3: Timeout in 'execution of /etc/xen/scripts/block add'
- bsc#1029827 - Forward port xenstored
ImportantSUSE bug 1022555SUSE bug 1027519SUSE bug 1029827SUSE bug 1074562SUSE bug 1089635SUSE bug 1090822SUSE bug 1090823SUSE bug 1091107SUSE bug 1092631SUSE bug 1095242SUSE bug 1096224SUSE bug 1097521SUSE bug 1097522SUSE bug 1111014SUSE bug 1111331SUSE bug 1114423SUSE bug 1114988SUSE bug 1115040SUSE bug 1115047SUSE bug 1117756SUSE bug 1123157SUSE bug 1126140SUSE bug 1126141SUSE bug 1126192SUSE bug 1126195SUSE bug 1126196SUSE bug 1129623SUSE bug 1130680SUSE bug 1143797SUSE bug 1146874SUSE bug 1149813SUSE bug 1154456SUSE bug 1154458SUSE bug 1155945SUSE bug 1158004SUSE bug 1158005SUSE bug 1158006SUSE bug 1161181SUSE bug 1168140SUSE bug 1169392SUSE bug 1172205SUSE bug 1173380SUSE bug 1176343SUSE bug 1176344SUSE bug 1176345SUSE bug 1177409SUSE bug 1177412SUSE bug 1177414SUSE bug 1178591SUSE bug 1179477SUSE bug 1179496SUSE bug 1179498SUSE bug 1179501SUSE bug 1179502SUSE bug 1179506CVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5753 at SUSECVE-2017-5753 at NVDCVE-2017-5754 at SUSECVE-2017-5754 at NVDCVE-2018-10471 at SUSECVE-2018-10471 at NVDCVE-2018-10981 at SUSECVE-2018-10981 at NVDCVE-2018-10982 at SUSECVE-2018-10982 at NVDCVE-2018-11806 at SUSECVE-2018-11806 at NVDCVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2018-12207 at SUSECVE-2018-12207 at NVDCVE-2018-12891 at SUSECVE-2018-12891 at NVDCVE-2018-12893 at SUSECVE-2018-12893 at NVDCVE-2018-17963 at SUSECVE-2018-17963 at NVDCVE-2018-18849 at SUSECVE-2018-18849 at NVDCVE-2018-19665 at SUSECVE-2018-19665 at NVDCVE-2018-19961 at SUSECVE-2018-19961 at NVDCVE-2018-19962 at SUSECVE-2018-19962 at NVDCVE-2018-19966 at SUSECVE-2018-19966 at NVDCVE-2018-19967 at SUSECVE-2018-19967 at NVDCVE-2018-20815 at SUSECVE-2018-20815 at NVDCVE-2018-3639 at SUSECVE-2018-3639 at NVDCVE-2018-3646 at SUSECVE-2018-3646 at NVDCVE-2018-3665 at SUSECVE-2018-3665 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDCVE-2019-12068 at SUSECVE-2019-12068 at NVDCVE-2019-14378 at SUSECVE-2019-14378 at NVDCVE-2019-15890 at SUSECVE-2019-15890 at NVDCVE-2019-17340 at SUSECVE-2019-17340 at NVDCVE-2019-17341 at SUSECVE-2019-17341 at NVDCVE-2019-17342 at SUSECVE-2019-17342 at NVDCVE-2019-17343 at SUSECVE-2019-17343 at NVDCVE-2019-17344 at SUSECVE-2019-17344 at NVDCVE-2019-18421 at SUSECVE-2019-18421 at NVDCVE-2019-18425 at SUSECVE-2019-18425 at NVDCVE-2019-19578 at SUSECVE-2019-19578 at NVDCVE-2019-19580 at SUSECVE-2019-19580 at NVDCVE-2019-19583 at SUSECVE-2019-19583 at NVDCVE-2019-6778 at SUSECVE-2019-6778 at NVDCVE-2019-9824 at SUSECVE-2019-9824 at NVDCVE-2020-0543 at SUSECVE-2020-0543 at NVDCVE-2020-11740 at SUSECVE-2020-11740 at NVDCVE-2020-11741 at SUSECVE-2020-11741 at NVDCVE-2020-11742 at SUSECVE-2020-11742 at NVDCVE-2020-15567 at SUSECVE-2020-15567 at NVDCVE-2020-25595 at SUSECVE-2020-25595 at NVDCVE-2020-25596 at SUSECVE-2020-25596 at NVDCVE-2020-25604 at SUSECVE-2020-25604 at NVDCVE-2020-27670 at SUSECVE-2020-27670 at NVDCVE-2020-27672 at SUSECVE-2020-27672 at NVDCVE-2020-27674 at SUSECVE-2020-27674 at NVDCVE-2020-28368 at SUSECVE-2020-28368 at NVDCVE-2020-29130 at SUSECVE-2020-29130 at NVDCVE-2020-29480 at SUSECVE-2020-29480 at NVDCVE-2020-29481 at SUSECVE-2020-29481 at NVDCVE-2020-29483 at SUSECVE-2020-29483 at NVDCVE-2020-29484 at SUSECVE-2020-29484 at NVDCVE-2020-29566 at SUSECVE-2020-29566 at NVDCVE-2020-7211 at SUSECVE-2020-7211 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xen (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xen fixes the following issues:
- L3: xenstored crashing with segfault after applying latest xen updates on SLES12 SP2 (LTSS) Server (bsc#1182155)
- CVE-2020-14364: out-of-bounds r/w access issue while processing usb packets (bsc#1175534)
- CVE-2020-8608: potential OOB access due to unsafe snprintf() usages (bsc#1163019)
ImportantSUSE bug 1163019SUSE bug 1175534SUSE bug 1182155CVE-2020-14364 at SUSECVE-2020-14364 at NVDCVE-2020-8608 at SUSECVE-2020-8608 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for XenSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Collective May/2011 update for Xen
Xen:
* 679344: Xen: multi-vCPU pv guest may crash host
* 675817: Kernel panic when creating HVM guests on AMD platforms with
XSAVE
* 678871: dom0 hangs long time when starting hvm guests with memory >=
64GB
* 675363: Random lockups with kernel-xen. Possibly graphics related
* 678229: restore of sles HVM fails
* 672833: xen-tools bug causing problems with Ubuntu 10.10 under Xen 4.
* 665610: xm console > 1 to same VM messes up both consoles
* 687981: mistyping model type when defining VIF crashes VM
* 688473: Fix potential buffer overflow in decode
* 691238: revert accidental behaviour change in xm list
* 680824: dom0 can't recognize boot disk when IOMMU is enabled
* 623680: xen kernel freezes during boot when processor module is
loaded
vm-install:
* 678152: virt-manager: harmless block device admin actions on FV
guests mess up network (VIF) device type ==> network lost.
* 688757: SLED10SP4 fully virtualized in SLES10SP4 XEN - kernel panic
libvirt:
* 674371: qemu aio mode per disk
* 675861: Force FLR on for buggy SR-IOV devices
* 678406: libvirt: several API calls do not honour read-only
* 684877: libvirt: error reporting in libvirtd is not thread safe
* 686737: virsh: Add option 'model' to attach-interface
* 681546: Fix xmdomain.cfg to libvirt XML format conversion
* 688306: Handle support for recent KVM versions
Security Issue references:
* CVE-2011-1146
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1146>
* CVE-2011-1486
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1486>
* CVE-2011-1166
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166>
* CVE-2011-1583
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1583>
SUSE bug 623680SUSE bug 665610SUSE bug 672833SUSE bug 674371SUSE bug 675363SUSE bug 675817SUSE bug 675861SUSE bug 678152SUSE bug 678229SUSE bug 678406SUSE bug 678871SUSE bug 679344SUSE bug 680824SUSE bug 681546SUSE bug 684877SUSE bug 686737SUSE bug 687981SUSE bug 688306SUSE bug 688473SUSE bug 688757SUSE bug 691238CVE-2011-1146 at SUSECVE-2011-1146 at NVDCVE-2011-1166 at SUSECVE-2011-1166 at NVDCVE-2011-1486 at SUSECVE-2011-1486 at NVDCVE-2011-1583 at SUSECVE-2011-1583 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for XenSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Security / Collective Update for Xen
Xen:
* bnc#702025 - VUL-0: xen: VT-d (PCI passthrough) MSI trap injection
(CVE-2011-1898)
* bnc#703924 - update block-npiv scripts to support BFA HBA
* bnc#689954 - L3: Live migrations fail when guest crashes:
domain_crash_sync called from entry.S
* bnc#693472 - Bridge hangs cause redundant ring failures in SLE 11 SP1
HAE + XEN
* bnc#582265 - xen-scsi.ko not supported
* bnc#670465 - When connecting to Xen guest through vncviewer mouse
tracking is off.
* bnc#684305 - on_crash is being ignored with kdump now working in HVM
* bnc#684297 - HVM taking too long to dump vmcore
* bnc#704160 - crm resource migrate fails with xen machines
* bnc#706574 - xm console DomUName hang after 'xm save/restore' of PVM
on the latest Xen
vm-install:
* bnc#692625 - virt-manager has problems to install guest from multiple
CD
Security Issue reference:
* CVE-2011-1898
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1898>
SUSE bug 582265SUSE bug 670465SUSE bug 684297SUSE bug 684305SUSE bug 689954SUSE bug 692625SUSE bug 693472SUSE bug 702025SUSE bug 703924SUSE bug 704160SUSE bug 706574CVE-2011-1898 at SUSECVE-2011-1898 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for XenSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This collective October/2011 Update for Xen provides the following fixes:
Xen:
* 712823: Xen guest does not start reliable when rebooted
* 694863: kexec fails in xen
* 691256: remove /etc/init.d/xencommons, its unused and breaks
upgrading/downgrading of the xen-tools package because this runlevel
script remains enabled in this sles11sp1 package
* 716695: domUs using tap devices will not start
* 683580: Xen Hypervisor occasionally hangs forever during boot up
after the message 'Enabled directed EOI with ioapic_ack_old on!
* 701686: kdump hangs on megaraid_sas driver
* 712051: Xen DoS using IOMMU faults from PCI-passthrough guest
(CVE-2011-3131).
* 715655: Add support for performance counters for Westmere and
SandyBridge
* 706106: Fix inconsistent reporting of VM names during migration
* 704160: crm resource migrate fails with xen machines
* 706574: xm console DomUName hangs after 'xm save/restore' of PVM on
the latest Xen
* 725169: Hang when using Microcode update on AMD
Libvirt:
* 706436: KVM crash dump speed limited by libvirt
vm-install:
* 722794: Support for RHEL 6 is missing from vm-install
Security Issue reference:
* CVE-2011-3131
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3131>
SUSE bug 683580SUSE bug 691256SUSE bug 694863SUSE bug 701686SUSE bug 704160SUSE bug 706106SUSE bug 706436SUSE bug 706574SUSE bug 712051SUSE bug 712823SUSE bug 715655SUSE bug 716695SUSE bug 722794SUSE bug 725169CVE-2011-3131 at SUSECVE-2011-3131 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Xen and libvirtSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This collective update 2012/02 for Xen provides fixes for the following
reports:
Xen:
* 740165: Fix heap overflow in e1000 device emulation (applicable to
Xen qemu - CVE-2012-0029)
* 739585: Xen block-attach fails after repeated attach/detach
* 727515: Fragmented packets hang network boot of HVM guest
* 736824: Microcode patches for AMD's 15h processors panic the system
* 732782: xm create hangs when maxmen value is enclosed in 'quotes'
* 734826: xm rename doesn't work anymore
* 694863: kexec fails in xen
* 726332: Fix considerable performance hit by previous changeset
* 649209: Fix slow Xen live migrations
libvirt
* 735403: Fix connection with virt-manager as normal user
virt-utils
* Add Support for creating images that can be run on Microsoft Hyper-V
host (Fix vpc file format. Add support for fixed disks)
Security Issue references:
* CVE-2012-0029
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029>
SUSE bug 649209SUSE bug 694863SUSE bug 725169SUSE bug 726332SUSE bug 727515SUSE bug 732782SUSE bug 734826SUSE bug 735403SUSE bug 736824SUSE bug 739585SUSE bug 740165CVE-2012-0029 at SUSECVE-2012-0029 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for XenSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Three security issues were found in XEN.
Two security issues are fixed by this update:
*
CVE-2012-0217: Due to incorrect fault handling in the XEN hypervisor
it was possible for a XEN guest domain administrator to execute code
in the XEN host environment.
*
CVE-2012-0218: Also a guest user could crash the guest XEN kernel due
to a protection fault bounce.
The third fix is changing the Xen behaviour on certain hardware:
*
CVE-2012-2934: The issue is a denial of service issue on older
pre-SVM AMD CPUs (AMD Erratum 121).
AMD Erratum #121 is described in 'Revision Guide for AMD Athlon 64
and AMD Opteron Processors':
http://support.amd.com/us/Processor_TechDocs/25759.pdf
<http://support.amd.com/us/Processor_TechDocs/25759.pdf>
The following 130nm and 90nm (DDR1-only) AMD processors are subject
to this erratum:
o
First-generation AMD-Opteron(tm) single and dual core
processors in either 939 or 940 packages:
+ AMD Opteron(tm) 100-Series Processors
+ AMD Opteron(tm) 200-Series Processors
+ AMD Opteron(tm) 800-Series Processors
+ AMD Athlon(tm) processors in either 754, 939 or 940
packages
+ AMD Sempron(tm) processor in either 754 or 939 packages
+ AMD Turion(tm) Mobile Technology in 754 package
This issue does not effect Intel processors.
The impact of this flaw is that a malicious PV guest user can halt
the host system.
As this is a hardware flaw, it is not fixable except by upgrading
your hardware to a newer revision, or not allowing untrusted 64bit
guestsystems.
The patch changes the behaviour of the host system booting, which
makes it unable to create guest machines until a specific boot option
is set.
There is a new XEN boot option 'allow_unsafe' for GRUB which allows
the host to start guests again.
This is added to /boot/grub/menu.lst in the line looking like this:
kernel /boot/xen.gz .... allow_unsafe
Note: .... in this example represents the existing boot options for
the host.
Security Issue references:
* CVE-2012-0217
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0217>
* CVE-2012-0218
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0218>
* CVE-2012-2934
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2934>
SUSE bug 757537SUSE bug 757970SUSE bug 764077CVE-2012-0217 at SUSECVE-2012-0217 at NVDCVE-2012-0218 at SUSECVE-2012-0218 at NVDCVE-2012-2934 at SUSECVE-2012-2934 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for Xen SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
Xen was updated to fix several security issues:
*
CVE-2012-3433: A xen HVM guest destroy p2m teardown host DoS
vulnerability was fixed, where malicious guest could lock/crash the
host.
*
CVE-2012-3432: A xen HVM guest user mode MMIO emulation DoS was
fixed.
*
CVE-2012-2625: The xen pv bootloader doesn't check the size of the
bzip2 or lzma compressed kernel, leading to denial of service
(crash).
Also the following bug in XEN was fixed:
* bnc#746702 - Xen HVM DomU crash during Windows Server 2008 R2
install, when maxmem > memory
This update also included bugfixes for:
* vm-install: - bnc#762963 - ReaR: Unable to recover a paravirtualized
XEN guest
Security Issue references:
* CVE-2012-3432
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3432>
* CVE-2012-3433
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3433>
* CVE-2012-2625
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2625>
SUSE bug 744771SUSE bug 746702SUSE bug 762484SUSE bug 762963SUSE bug 773393SUSE bug 773401CVE-2012-2625 at SUSECVE-2012-2625 at NVDCVE-2012-3432 at SUSECVE-2012-3432 at NVDCVE-2012-3433 at SUSECVE-2012-3433 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for XenSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
XEN was updated to fix multiple bugs and security issues.
The following security issues have been fixed:
* CVE-2012-3494: xen: hypercall set_debugreg vulnerability (XSA-12)
* CVE-2012-3496: xen: XENMEM_populate_physmap DoS vulnerability
(XSA-14)
* CVE-2012-3515: xen: Qemu VT100 emulation vulnerability (XSA-17)
Also the following bugs have been fixed:
* pvscsi support of attaching Luns - bnc#776995
Security Issue references:
* CVE-2012-3496
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3496>
* CVE-2012-3494
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3494>
* CVE-2012-3495
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3495>
* CVE-2012-3498
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3498>
* CVE-2012-3516
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3516>
* CVE-2012-3515
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3515>
SUSE bug 776995SUSE bug 777084SUSE bug 777090SUSE bug 777091CVE-2012-3494 at SUSECVE-2012-3494 at NVDCVE-2012-3495 at SUSECVE-2012-3495 at NVDCVE-2012-3496 at SUSECVE-2012-3496 at NVDCVE-2012-3498 at SUSECVE-2012-3498 at NVDCVE-2012-3515 at SUSECVE-2012-3515 at NVDCVE-2012-3516 at SUSECVE-2012-3516 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for XenSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
XEN received various security fixes:
* CVE-2012-4411: XEN / qemu: guest administrator can access qemu
monitor console (XSA-19)
* CVE-2012-4535: xen: Timer overflow DoS vulnerability (XSA-20)
* CVE-2012-4537: xen: Memory mapping failure DoS vulnerability (XSA-22)
* CVE-2012-4538: xen: Unhooking empty PAE entries DoS vulnerability
(XSA-23)
* CVE-2012-4539: xen: Grant table hypercall infinite loop DoS
vulnerability (XSA-24)
* CVE-2012-3497: xen: multiple TMEM hypercall vulnerabilities (XSA-15)
Security Issue references:
* CVE-2012-4539
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4539>
* CVE-2012-3497
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3497>
* CVE-2012-4411
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4411>
* CVE-2012-4535
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4535>
* CVE-2012-4537
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4537>
* CVE-2012-4536
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4536>
* CVE-2012-4538
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4538>
* CVE-2012-4539
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4539>
* CVE-2012-4544
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4544>
SUSE bug 777890SUSE bug 779212SUSE bug 786516SUSE bug 786517SUSE bug 786519SUSE bug 786520CVE-2012-3497 at SUSECVE-2012-3497 at NVDCVE-2012-4411 at SUSECVE-2012-4411 at NVDCVE-2012-4535 at SUSECVE-2012-4535 at NVDCVE-2012-4536 at SUSECVE-2012-4536 at NVDCVE-2012-4537 at SUSECVE-2012-4537 at NVDCVE-2012-4538 at SUSECVE-2012-4538 at NVDCVE-2012-4539 at SUSECVE-2012-4539 at NVDCVE-2012-4544 at SUSECVE-2012-4544 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for XenSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
XEN has been updated to fix various security issues:
* CVE-2013-1917: Xen PV DoS vulnerability with SYSENTER
* CVE-2013-1918: XSA-45: Several long latency operations are not
preemptible
* CVE-2013-1919: Several access permission issues with IRQs for
unprivileged guests
* CVE-2013-1920: XSA-47: Potential use of freed memory in event channel
operations
* CVE-2013-1952: XSA-49: VT-d interrupt remapping source validation
flaw for bridges
* CVE-2013-1964: XSA-50: grant table hypercall acquire/release
imbalance
* CVE-2013-2076: XSA-52: Information leak on XSAVE/XRSTOR capable AMD
CPUs
* CVE-2013-2077: XSA-53: Hypervisor crash due to missing exception
recovery on XRSTOR
* CVE-2013-2194: XSA-55: Multiple vulnerabilities in libelf PV kernel
handling (also CVE-2013-2195 and CVE-2013-2196)
* CVE-2013-2072: XSA-56: Buffer overflow in xencontrol Python bindings
affecting xend
* CVE-2013-2211: XSA-57: libxl allows guest write access to sensitive
console related xenstore keys
* CVE-2013-1432: XSA-58: x86: fix page refcount handling in page table
pin error path
* CVE-2013-4329: XSA-61: libxl partially sets up HVM passthrough even
with disabled iommu
* CVE-2013-1442: XSA-62: xen: Information leak on AVX and/or LWP
capable CPUs
* CVE-2013-4355: XSA-63: Information leaks through I/O instruction
emulation
* CVE-2013-4361: XSA-66: Information leak through fbld instruction
emulation
* CVE-2013-4368: XSA-67: Information leak through outs instruction
emulation
* CVE-2012-4544: XSA-25: Domain builder Out-of-memory due to malicious
kernel/ramdisk
* CVE-2013-0153: interrupt remap entries shared and old ones not
cleared on AMD IOMMUs
* CVE-2013-0154: XSA-37: Hypervisor crash due to incorrect ASSERT
(debug build only)
* CVE-2012-6075: qemu / kvm-qemu: e1000 overflows under some conditions
* CVE-2012-5634: XSA-33: VT-d interrupt remapping source validation
flaw.
Security Issue references:
* CVE-2012-4544
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4544>
* CVE-2012-5634
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5634>
* CVE-2012-6075
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6075>
* CVE-2013-0153
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0153>
* CVE-2013-0154
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0154>
* CVE-2013-1432
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1432>
* CVE-2013-1442
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1442>
* CVE-2013-1917
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1917>
* CVE-2013-1918
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1918>
* CVE-2013-1919
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1919>
* CVE-2013-1920
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1920>
* CVE-2013-1952
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1952>
* CVE-2013-1964
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1964>
* CVE-2013-2072
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2072>
* CVE-2013-2076
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2076>
* CVE-2013-2077
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2077>
* CVE-2013-2194
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2194>
* CVE-2013-2195
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2195>
* CVE-2013-2196
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2196>
* CVE-2013-2211
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2211>
* CVE-2013-4329
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4329>
* CVE-2013-4355
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4355>
* CVE-2013-4361
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4361>
* CVE-2013-4368
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4368>
SUSE bug 787163SUSE bug 794316SUSE bug 797031SUSE bug 797523SUSE bug 800275SUSE bug 813673SUSE bug 813675SUSE bug 813677SUSE bug 816156SUSE bug 816159SUSE bug 816163SUSE bug 819416SUSE bug 820917SUSE bug 820919SUSE bug 823011SUSE bug 823608SUSE bug 826882SUSE bug 839596SUSE bug 839618SUSE bug 840592SUSE bug 841766SUSE bug 842511CVE-2012-4544 at SUSECVE-2012-4544 at NVDCVE-2012-5634 at SUSECVE-2012-5634 at NVDCVE-2012-6075 at SUSECVE-2012-6075 at NVDCVE-2013-0153 at SUSECVE-2013-0153 at NVDCVE-2013-0154 at SUSECVE-2013-0154 at NVDCVE-2013-1432 at SUSECVE-2013-1432 at NVDCVE-2013-1442 at SUSECVE-2013-1442 at NVDCVE-2013-1917 at SUSECVE-2013-1917 at NVDCVE-2013-1918 at SUSECVE-2013-1918 at NVDCVE-2013-1919 at SUSECVE-2013-1919 at NVDCVE-2013-1920 at SUSECVE-2013-1920 at NVDCVE-2013-1952 at SUSECVE-2013-1952 at NVDCVE-2013-1964 at SUSECVE-2013-1964 at NVDCVE-2013-2072 at SUSECVE-2013-2072 at NVDCVE-2013-2076 at SUSECVE-2013-2076 at NVDCVE-2013-2077 at SUSECVE-2013-2077 at NVDCVE-2013-2194 at SUSECVE-2013-2194 at NVDCVE-2013-2195 at SUSECVE-2013-2195 at NVDCVE-2013-2196 at SUSECVE-2013-2196 at NVDCVE-2013-2211 at SUSECVE-2013-2211 at NVDCVE-2013-4329 at SUSECVE-2013-4329 at NVDCVE-2013-4355 at SUSECVE-2013-4355 at NVDCVE-2013-4361 at SUSECVE-2013-4361 at NVDCVE-2013-4368 at SUSECVE-2013-4368 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for XenSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise Server 11 Service Pack 1 Xen hypervisor and
toolset have been updated to fix various security issues:
The following security issues have been addressed:
*
XSA-60: CVE-2013-2212: The vmx_set_uc_mode function in Xen 3.3
through 4.3, when disabling chaches, allows local HVM guests with
access to memory mapped I/O regions to cause a denial of service (CPU
consumption and possibly hypervisor or guest kernel panic) via a
crafted GFN range. (bnc#831120)
*
XSA-73: CVE-2013-4494: Xen before 4.1.x, 4.2.x, and 4.3.x does not
take the page_alloc_lock and grant_table.lock in the same order,
which allows local guest administrators with access to multiple vcpus
to cause a denial of service (host deadlock) via unspecified vectors.
(bnc#848657)
*
XSA-74: CVE-2013-4553: The XEN_DOMCTL_getmemlist hypercall in Xen
3.4.x through 4.3.x (possibly 4.3.1) does not always obtain the
page_alloc_lock and mm_rwlock in the same order, which allows local
guest administrators to cause a denial of service (host deadlock).
(bnc#849667)
*
XSA-76: CVE-2013-4554: Xen 3.0.3 through 4.1.x (possibly 4.1.6.1),
4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly
prevent access to hypercalls, which allows local guest users to gain
privileges via a crafted application running in ring 1 or 2.
(bnc#849668)
*
XSA-82: CVE-2013-6885: The microcode on AMD 16h 00h through 0Fh
processors does not properly handle the interaction between locked
instructions and write-combined memory types, which allows local
users to cause a denial of service (system hang) via a crafted
application, aka the errata 793 issue. (bnc#853049)
*
XSA-84: CVE-2014-1891: The FLASK_{GET,SET}BOOL, FLASK_USER and
FLASK_CONTEXT_TO_SID suboperations of the flask hypercall are
vulnerable to an integer overflow on the input size. The hypercalls
attempt to allocate a buffer which is 1 larger than this size and is
therefore vulnerable to integer overflow and an attempt to allocate
then access a zero byte buffer. (bnc#860163)
*
XSA-84: CVE-2014-1892 CVE-2014-1893: Xen 3.3 through 4.1, while not
affected by the above overflow, have a different overflow issue on
FLASK_{GET,SET}BOOL and expose unreasonably large memory allocation
to aribitrary guests. (bnc#860163)
*
XSA-84: CVE-2014-1894: Xen 3.2 (and presumably earlier) exhibit both
problems with the overflow issue being present for more than just the
suboperations listed above. (bnc#860163)
Security Issues references:
* CVE-2013-2212
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2212>
* CVE-2013-4494
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4494>
* CVE-2013-4553
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4553>
* CVE-2013-4554
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4554>
* CVE-2013-6885
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885>
* CVE-2014-1891
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1891>
* CVE-2014-1892
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1892>
* CVE-2014-1893
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1893>
* CVE-2014-1894
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1894>
SUSE bug 777628SUSE bug 777890SUSE bug 779212SUSE bug 786516SUSE bug 786517SUSE bug 786519SUSE bug 786520SUSE bug 787163SUSE bug 789944SUSE bug 789945SUSE bug 789948SUSE bug 789950SUSE bug 789951SUSE bug 794316SUSE bug 797031SUSE bug 797523SUSE bug 800275SUSE bug 805094SUSE bug 813673SUSE bug 813675SUSE bug 813677SUSE bug 816156SUSE bug 816159SUSE bug 816163SUSE bug 819416SUSE bug 820917SUSE bug 820919SUSE bug 823011SUSE bug 823608SUSE bug 826882SUSE bug 831120SUSE bug 839596SUSE bug 839618SUSE bug 840592SUSE bug 841766SUSE bug 842511SUSE bug 848657SUSE bug 849667SUSE bug 849668SUSE bug 853049SUSE bug 860163CVE-2006-1056 at SUSECVE-2006-1056 at NVDCVE-2007-0998 at SUSECVE-2007-0998 at NVDCVE-2012-3497 at SUSECVE-2012-3497 at NVDCVE-2012-4411 at SUSECVE-2012-4411 at NVDCVE-2012-4535 at SUSECVE-2012-4535 at NVDCVE-2012-4537 at SUSECVE-2012-4537 at NVDCVE-2012-4538 at SUSECVE-2012-4538 at NVDCVE-2012-4539 at SUSECVE-2012-4539 at NVDCVE-2012-4544 at SUSECVE-2012-4544 at NVDCVE-2012-5510 at SUSECVE-2012-5510 at NVDCVE-2012-5511 at SUSECVE-2012-5511 at NVDCVE-2012-5513 at SUSECVE-2012-5513 at NVDCVE-2012-5514 at SUSECVE-2012-5514 at NVDCVE-2012-5515 at SUSECVE-2012-5515 at NVDCVE-2012-5634 at SUSECVE-2012-5634 at NVDCVE-2012-6075 at SUSECVE-2012-6075 at NVDCVE-2012-6333 at SUSECVE-2012-6333 at NVDCVE-2013-0153 at SUSECVE-2013-0153 at NVDCVE-2013-0154 at SUSECVE-2013-0154 at NVDCVE-2013-1432 at SUSECVE-2013-1432 at NVDCVE-2013-1442 at SUSECVE-2013-1442 at NVDCVE-2013-1917 at SUSECVE-2013-1917 at NVDCVE-2013-1918 at SUSECVE-2013-1918 at NVDCVE-2013-1919 at SUSECVE-2013-1919 at NVDCVE-2013-1920 at SUSECVE-2013-1920 at NVDCVE-2013-1952 at SUSECVE-2013-1952 at NVDCVE-2013-1964 at SUSECVE-2013-1964 at NVDCVE-2013-2072 at SUSECVE-2013-2072 at NVDCVE-2013-2076 at SUSECVE-2013-2076 at NVDCVE-2013-2077 at SUSECVE-2013-2077 at NVDCVE-2013-2194 at SUSECVE-2013-2194 at NVDCVE-2013-2195 at SUSECVE-2013-2195 at NVDCVE-2013-2196 at SUSECVE-2013-2196 at NVDCVE-2013-2211 at SUSECVE-2013-2211 at NVDCVE-2013-2212 at SUSECVE-2013-2212 at NVDCVE-2013-4329 at SUSECVE-2013-4329 at NVDCVE-2013-4355 at SUSECVE-2013-4355 at NVDCVE-2013-4361 at SUSECVE-2013-4361 at NVDCVE-2013-4368 at SUSECVE-2013-4368 at NVDCVE-2013-4494 at SUSECVE-2013-4494 at NVDCVE-2013-4553 at SUSECVE-2013-4553 at NVDCVE-2013-4554 at SUSECVE-2013-4554 at NVDCVE-2013-6885 at SUSECVE-2013-6885 at NVDCVE-2014-1891 at SUSECVE-2014-1891 at NVDCVE-2014-1892 at SUSECVE-2014-1892 at NVDCVE-2014-1893 at SUSECVE-2014-1893 at NVDCVE-2014-1894 at SUSECVE-2014-1894 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for XenSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The SUSE Linux Enterprise 11 Service Pack 1 Xen package was updated to fix
the following security issues:
* XSA-106: Missing privilege level checks in x86 emulation of software
interrupts (bnc#895802)
* XSA-105: Missing privilege level checks in x86 HLT, LGDT, LIDT, and
LMSW emulation (bnc#895799)
* XSA-104: Race condition in HVMOP_track_dirty_vram (bnc#895798)
* XSA-100: CVE-2014-4021: Hypervisor heap contents leaked to guests
(bnc#880751)
Security Issues:
* CVE-2014-4021
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4021>
SUSE bug 880751SUSE bug 895798SUSE bug 895799SUSE bug 895802CVE-2014-4021 at SUSECVE-2014-4021 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for XenSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
The Virtualization service XEN was updated to fix various bugs and security
issues.
The following security issues have been fixed:
*
CVE-2015-2756: XSA-126: Unmediated PCI command register access in
qemu could have lead to denial of service attacks against the host,
if PCI cards are - passed through to guests.
*
XSA-125: Long latency MMIO mapping operations were not preemptible.
*
CVE-2015-2151: XSA-123: Instructions with register operands ignored
eventual segment overrides encoded for them. Due to an insufficiently
conditional assignment such a bogus segment override could have,
however, corrupted a pointer used subsequently to store the result of
the instruction.
*
CVE-2015-2045: XSA-122: The code handling certain sub-operations of
the HYPERVISOR_xen_version hypercall failed to fully initialize all
fields of structures subsequently copied back to guest memory. Due to
this hypervisor stack contents were copied into the destination of
the operation, thus becoming visible to the guest.
*
CVE-2015-2044: XSA-121: Emulation routines in the hypervisor dealing
with certain system devices checked whether the access size by the
guest is a supported one. When the access size is unsupported these
routines failed to set the data to be returned to the guest for read
accesses, so that hypervisor stack contents were copied into the
destination of the operation, thus becoming visible to the guest.
Security Issues:
* CVE-2015-2044
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2044>
* CVE-2015-2045
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2045>
* CVE-2015-2151
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2151>
* CVE-2015-2756
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2756>
SUSE bug 918995SUSE bug 918998SUSE bug 919464SUSE bug 922705SUSE bug 922706CVE-2015-2044 at SUSECVE-2015-2044 at NVDCVE-2015-2045 at SUSECVE-2015-2045 at NVDCVE-2015-2151 at SUSECVE-2015-2151 at NVDCVE-2015-2756 at SUSECVE-2015-2756 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for XenSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
Xen was updated to fix six security issues:
* CVE-2015-4103: Potential unintended writes to host MSI message data
field via qemu. (XSA-128, bsc#931625)
* CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests.
(XSA-129, bsc#931626)
* CVE-2015-4105: Guest triggerable qemu MSI-X pass-through error
messages. (XSA-130, bsc#931627)
* CVE-2015-4106: Unmediated PCI register access in qemu. (XSA-131,
bsc#931628)
* CVE-2015-3209: heap overflow in qemu pcnet controller allowing guest
to host escape. (XSA-135, bsc#932770)
* CVE-2015-4164: DoS through iret hypercall handler. (XSA-136,
bsc#932996)
Security Issues:
* CVE-2015-4103
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4103>
* CVE-2015-4104
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4104>
* CVE-2015-4105
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4105>
* CVE-2015-4106
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4106>
* CVE-2015-4164
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4164>
* CVE-2015-3209
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3209>
SUSE bug 931625SUSE bug 931626SUSE bug 931627SUSE bug 931628SUSE bug 932770SUSE bug 932996CVE-2015-3209 at SUSECVE-2015-3209 at NVDCVE-2015-4103 at SUSECVE-2015-4103 at NVDCVE-2015-4104 at SUSECVE-2015-4104 at NVDCVE-2015-4105 at SUSECVE-2015-4105 at NVDCVE-2015-4106 at SUSECVE-2015-4106 at NVDCVE-2015-4164 at SUSECVE-2015-4164 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for xen (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes the following security issues:
- bsc#956832 - CVE-2015-8345: xen: qemu: net: eepro100:
infinite loop in processing command block list
- bsc#956408 - CVE-2015-8339, CVE-2015-8340: xen:
XENMEM_exchange error handling issues (XSA-159)
- bsc#956411 - CVE-2015-7504: xen: heap buffer overflow
vulnerability in pcnet emulator (XSA-162)
- bsc#954405 - CVE-2015-8104: Xen: guest to host DoS by
triggering an infinite loop in microcode via #DB exception
- bsc#953527 - CVE-2015-5307: kernel: kvm/xen: x86: avoid
guest->host DOS by intercepting #AC (XSA-156)
- bsc#950704 - CVE-2015-7970: xen: x86: Long latency
populate-on-demand operation is not preemptible (XSA-150)
- bsc#951845 - CVE-2015-7972: xen: x86: populate-on-demand
balloon size inaccuracy can crash guests (XSA-153)
- bsc#950703 - CVE-2015-7969: xen: leak of main per-domain
vcpu pointer array (DoS) (XSA-149)
- bsc#950705 - CVE-2015-7969: xen: x86: leak of per-domain
profiling-related vcpu pointer array (DoS) (XSA-151)
- bsc#950706 - CVE-2015-7971: xen: x86: some pmu and
profiling hypercalls log without rate limiting (XSA-152) ModerateSUSE bug 950703SUSE bug 950704SUSE bug 950705SUSE bug 950706SUSE bug 951845SUSE bug 953527SUSE bug 954405SUSE bug 956408SUSE bug 956411SUSE bug 956832CVE-2015-5307 at SUSECVE-2015-5307 at NVDCVE-2015-7504 at SUSECVE-2015-7504 at NVDCVE-2015-7969 at SUSECVE-2015-7969 at NVDCVE-2015-7970 at SUSECVE-2015-7970 at NVDCVE-2015-7971 at SUSECVE-2015-7971 at NVDCVE-2015-7972 at SUSECVE-2015-7972 at NVDCVE-2015-8104 at SUSECVE-2015-8104 at NVDCVE-2015-8339 at SUSECVE-2015-8339 at NVDCVE-2015-8340 at SUSECVE-2015-8340 at NVDCVE-2015-8345 at SUSECVE-2015-8345 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xerces-j2 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
xerces-j2 was updated to fix several issues.
This security issue was fixed:
- bsc#814241: Prevent possible DoS through very long attribute names
This non-security issue was fixed:
- Prevent StackOverflowError when applying a pattern restriction on long strings
while trying to validate an XML file against a schema (bsc#1047536, bsc#879138)
ModerateSUSE bug 1047536SUSE bug 814241SUSE bug 879138cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xerces-j2 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xerces-j2 fixes the following issues:
- CVE-2022-23437: Fixed infinite loop within Apache XercesJ xml parser (bsc#1195108).
ImportantSUSE bug 1195108CVE-2022-23437 at SUSECVE-2022-23437 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xinetdSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
The multiplexing system xinetd was updated to fix security issues and a
bug.
Security issues fixed:
* CVE-2013-4342: xinetd ignores user and group directives for tcpmux
services.
* CVE-2012-0862: xinetd enables all services when tcp multiplexing is
used.
Bug fixed:
* Services started by xinetd were limited to 1024 open file
descriptors. (bnc#855685)
Security Issues references:
* CVE-2012-0862
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0862>
* CVE-2013-4342
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4342>
SUSE bug 598305SUSE bug 726737SUSE bug 762294SUSE bug 844230SUSE bug 855685CVE-2012-0862 at SUSECVE-2012-0862 at NVDCVE-2013-4342 at SUSECVE-2013-4342 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Recommended update for xorg-x11SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This collective update for Xorg fixes the following issues:
* Fixes xdm segfault during login when using ldap's 'Create Home
Directory on Login' (bnc #693385)
* run cpp with option '-traditional-cpp' since '-a' option has been
removed with newer cpp (bnc#702029)
* fix listing in 'xauth list' when using ssh tunneled connections
(bnc#667577)
SUSE bug 598422SUSE bug 667577SUSE bug 674733SUSE bug 693385SUSE bug 702029CVE-2011-0465 at SUSECVE-2011-0465 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-serverSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes the following security issue with xorg-x11-server:
* bnc#853846: xorg-x11-server: An integer underflow when handling
trapezoids could have been used to crash the X Server (CVE-2013-6424)
Security Issue reference:
* CVE-2013-6424
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6424>
SUSE bug 462283SUSE bug 597232SUSE bug 605015SUSE bug 605191SUSE bug 618152SUSE bug 619232SUSE bug 625598SUSE bug 639082SUSE bug 647568SUSE bug 648557SUSE bug 653915SUSE bug 660797SUSE bug 722944SUSE bug 734815SUSE bug 743810SUSE bug 744625SUSE bug 813178SUSE bug 813683SUSE bug 814653SUSE bug 816813SUSE bug 843652SUSE bug 853846SUSE bug 907268SUSE bug 915810SUSE bug 928520CVE-2010-2240 at SUSECVE-2010-2240 at NVDCVE-2011-4028 at SUSECVE-2011-4028 at NVDCVE-2011-4029 at SUSECVE-2011-4029 at NVDCVE-2013-1940 at SUSECVE-2013-1940 at NVDCVE-2013-4396 at SUSECVE-2013-4396 at NVDCVE-2013-6424 at SUSECVE-2013-6424 at NVDCVE-2014-8091 at SUSECVE-2014-8091 at NVDCVE-2014-8092 at SUSECVE-2014-8092 at NVDCVE-2014-8093 at SUSECVE-2014-8093 at NVDCVE-2014-8094 at SUSECVE-2014-8094 at NVDCVE-2014-8095 at SUSECVE-2014-8095 at NVDCVE-2014-8096 at SUSECVE-2014-8096 at NVDCVE-2014-8097 at SUSECVE-2014-8097 at NVDCVE-2014-8098 at SUSECVE-2014-8098 at NVDCVE-2014-8099 at SUSECVE-2014-8099 at NVDCVE-2014-8100 at SUSECVE-2014-8100 at NVDCVE-2014-8101 at SUSECVE-2014-8101 at NVDCVE-2014-8102 at SUSECVE-2014-8102 at NVDCVE-2015-0255 at SUSECVE-2015-0255 at NVDCVE-2015-3418 at SUSECVE-2015-3418 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for xorg-x11-libsSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
xorg-x11-libs was patched to fix the following security issues:
* Integer overflow of allocations in font metadata file parsing.
(CVE-2014-0209)
* libxfont not validating length fields when parsing xfs protocol
replies. (CVE-2014-0210)
* Integer overflows causing miscalculating memory needs for xfs
replies. (CVE-2014-0211)
Further information is available at
http://lists.x.org/archives/xorg-announce/2014-May/002431.html
<http://lists.x.org/archives/xorg-announce/2014-May/002431.html> .
Security Issues references:
* CVE-2014-0209
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0209>
* CVE-2014-0210
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0210>
* CVE-2014-0211
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0211>
SUSE bug 815451SUSE bug 821663SUSE bug 854915SUSE bug 857544SUSE bug 921978CVE-2013-1984 at SUSECVE-2013-1984 at NVDCVE-2013-1985 at SUSECVE-2013-1985 at NVDCVE-2013-1986 at SUSECVE-2013-1986 at NVDCVE-2013-1988 at SUSECVE-2013-1988 at NVDCVE-2013-1990 at SUSECVE-2013-1990 at NVDCVE-2013-1991 at SUSECVE-2013-1991 at NVDCVE-2013-1992 at SUSECVE-2013-1992 at NVDCVE-2013-1995 at SUSECVE-2013-1995 at NVDCVE-2013-1996 at SUSECVE-2013-1996 at NVDCVE-2013-1998 at SUSECVE-2013-1998 at NVDCVE-2013-1999 at SUSECVE-2013-1999 at NVDCVE-2013-2000 at SUSECVE-2013-2000 at NVDCVE-2013-2001 at SUSECVE-2013-2001 at NVDCVE-2013-2003 at SUSECVE-2013-2003 at NVDCVE-2013-2063 at SUSECVE-2013-2063 at NVDCVE-2013-6462 at SUSECVE-2013-6462 at NVDCVE-2014-0209 at SUSECVE-2014-0209 at NVDCVE-2014-0210 at SUSECVE-2014-0210 at NVDCVE-2014-0211 at SUSECVE-2014-0211 at NVDCVE-2015-1802 at SUSECVE-2015-1802 at NVDCVE-2015-1803 at SUSECVE-2015-1803 at NVDCVE-2015-1804 at SUSECVE-2015-1804 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for xorg-x11-libICE (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-libICE fixes the following issues:
- CVE-2017-2626: Creation of the ICE auth session cookies used insufficient randomness, making these cookies
predictable. A more random generation method has been implemented. (boo#1025068)
ModerateSUSE bug 1025068CVE-2017-2626 at SUSECVE-2017-2626 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-libX11SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update of xorg-x11-libX11 fixes several security issues (bnc#815451,
bnc#821664).
Security Issue references:
* CVE-2013-1981
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1981>
* CVE-2013-1997
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1997>
* CVE-2013-2004
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2004>
SUSE bug 714901SUSE bug 815451SUSE bug 821664SUSE bug 824294CVE-2013-1981 at SUSECVE-2013-1981 at NVDCVE-2013-1997 at SUSECVE-2013-1997 at NVDCVE-2013-2004 at SUSECVE-2013-2004 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for xorg-x11-libX11 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
xorg-x11-libX11 was updated to fix one security issue.
This security issue was fixed:
- CVE-2013-7439: Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allowed remote attackers to have unspecified impact via a crafted request, which triggered a buffer overflow (bsc#927220).
ModerateSUSE bug 927220CVE-2013-7439 at SUSECVE-2013-7439 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for xorg-x11-libX11 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-libX11 fixes the following issues:
- plug a memory leak (bsc#1002991, CVE-2016-7942)
- insufficient validation of data from the X server can cause
out of boundary memory read (XGetImage()) or write (XListFonts())
(bsc#1002991, CVE-2016-7942)
ModerateSUSE bug 1002991CVE-2016-7942 at SUSECVE-2016-7942 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-libX11 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-libX11 fixes the following issues:
- a regression introduced by the security fix for CVE-2013-1997
(bnc#824294). Keyboard mappings for special characters on Non-English
keyboards might have been broken. (bnc#1019642)
ModerateSUSE bug 1019642CVE-2013-1997 at SUSECVE-2013-1997 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-libX11 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-libX11 fixes the following issues:
- CVE-2018-14599: The function XListExtensions was vulnerable to an off-by-one
error caused by malicious server responses, leading to DoS or possibly
unspecified other impact (bsc#1102062)
- CVE-2018-14600: The function XListExtensions interpreted a variable as signed
instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes),
leading to DoS or remote code execution (bsc#1102068)
- CVE-2018-14598: A malicious server could have sent a reply in which the first
string overflows, causing a variable to be set to NULL that will be freed later
on, leading to DoS (segmentation fault) (bsc#1102073)
ModerateSUSE bug 1102062SUSE bug 1102068SUSE bug 1102073CVE-2018-14598 at SUSECVE-2018-14598 at NVDCVE-2018-14599 at SUSECVE-2018-14599 at NVDCVE-2018-14600 at SUSECVE-2018-14600 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-libX11 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-libX11 fixes the following issues:
- Fixed XIM client heap overflows (CVE-2020-14344, bsc#1174628)
ImportantSUSE bug 1174628CVE-2020-14344 at SUSECVE-2020-14344 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-libX11 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-libX11 fixes the following issues:
- Fixed XIM client heap overflows (CVE-2020-14344, bsc#1174628).
ImportantSUSE bug 1174628CVE-2020-14344 at SUSECVE-2020-14344 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-libX11 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-libX11 fixes the following issues:
- CVE-2020-14363: Fix an integer overflow in init_om() (bsc#1175239).
ModerateSUSE bug 1175239CVE-2020-14363 at SUSECVE-2020-14363 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-libX11 (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-libX11 fixes the following issues:
- CVE-2021-31535: Fixed missing request length checks in libX11 (bsc#1182506).
ModerateSUSE bug 1182506CVE-2021-31535 at SUSECVE-2021-31535 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-libX11 (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-libX11 fixes the following issues:
- Regression in the fix for CVE-2021-31535, causing segfaults for xforms applications like fdesign (bsc#1186643).
ImportantSUSE bug 1186643CVE-2021-31535 at SUSECVE-2021-31535 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-libXdmcp (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-libXdmcp fixes the following issues:
- CVE-2017-2625: The generation of session key in XDM using libXdmcp might have used weak entropy, making
the session keys predictable (bsc#1025046)
ModerateSUSE bug 1025046CVE-2017-2625 at SUSECVE-2017-2625 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-libXextSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update of xorg-x11-libXext fixes several integer overflow issues
(bnc#815451, bnc#821665, CVE-2013-1982).
Security Issue reference:
* CVE-2013-1982
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1982>
SUSE bug 815451SUSE bug 821665CVE-2013-1982 at SUSECVE-2013-1982 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for xorg-x11-libXfixesSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update of xorg-x11-libXfixes fixes a integer overflow issue
(bnc#815451, bnc#821667, CVE-2013-1983).
Security Issue reference:
* CVE-2013-1983
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1983>
SUSE bug 815451SUSE bug 821667CVE-2013-1983 at SUSECVE-2013-1983 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for xorg-x11-libXfixes (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-libXfixes fixes the following issues:
- insufficient validation of data from the X server can cause an
integer overflow on 32 bit architectures (bsc#1002995, CVE-2016-7944)
ModerateSUSE bug 1002995CVE-2016-7944 at SUSECVE-2016-7944 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-libXpSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update of xorg-x11-libXp fixes several integer overflow issues
(bnc#815451, bnc#821668, CVE-2013-2062).
Security Issue reference:
* CVE-2013-2062
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2062>
SUSE bug 815451SUSE bug 821668CVE-2013-2062 at SUSECVE-2013-2062 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for xorg-x11-libXpm (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-libXpm fixes the following security issue:
- A heap overflow in XPM handling could be used by attackers supplying
XPM files to crash or potentially execute code. (bsc#1021315)
ModerateSUSE bug 1021315CVE-2016-10164 at SUSECVE-2016-10164 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-libXrenderSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update of xorg-x11-libXrender fixes several integer overflow issues
(bnc#815451, bnc#821669, CVE-2013-1987).
Security Issue reference:
* CVE-2013-1987
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1987>
SUSE bug 815451SUSE bug 821669CVE-2013-1987 at SUSECVE-2013-1987 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for xorg-x11-libXrender (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-libXrender fixes the following issues:
- insufficient validation of data from the X server can cause out
of boundary memory writes (bsc#1003002, CVE-2016-7949, CVE-2016-7950)
ModerateSUSE bug 1003002CVE-2016-7949 at SUSECVE-2016-7949 at NVDCVE-2016-7950 at SUSECVE-2016-7950 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-libXtSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update of xorg-x11-libXt fixes several integer and buffer overflow
issues (bnc#815451, bnc#821670, CVE-2013-2002, CVE-2013-2005).
Security Issue references:
* CVE-2013-2002
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2002>
* CVE-2013-2005
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2005>
SUSE bug 815451SUSE bug 821670CVE-2013-2002 at SUSECVE-2013-2002 at NVDCVE-2013-2005 at SUSECVE-2013-2005 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for xorg-x11-libXvSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update of xorg-x11-libXv fixes several integer and buffer overflow
issues (bnc#815451, bnc#821671, CVE-2013-1989, CVE-2013-2066).
Security Issue references:
* CVE-2013-1989
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1989>
* CVE-2013-2066
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2066>
SUSE bug 815451SUSE bug 821671CVE-2013-1989 at SUSECVE-2013-1989 at NVDCVE-2013-2066 at SUSECVE-2013-2066 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for xorg-x11-libXv (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-libXv fixes the following issues:
- insufficient validation of data from the X server can cause
memory corruption (bsc#1003017, CVE-2016-5407)
ModerateSUSE bug 1003017CVE-2016-5407 at SUSECVE-2016-5407 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for xorg-x11-libs (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-libs fixes the following issues:
- The original fix for CVE-2015-1804 prevented DWIDTH to be negative. However, the
spec states that 'DWIDTH [...] is a vector indicating the position of the next
glyph's origin relative to the origin of this glyph'. Consequently, negative
DWIDTH values should be allowed. (bsc#958383)
ModerateSUSE bug 958383CVE-2015-1804 at SUSECVE-2015-1804 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-libs (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-libs fixes the following issues:
- insufficient validation of data from the X server can cause a
one byte buffer read underrun (bsc#1003023, CVE-2016-7953)
- insufficient validation of data from the X server can cause out
of boundary memory access or endless loops (Denial of Service)
(bsc#1003012, CVE-2016-7951, CVE-2016-7952)
- insufficient validation of data from the X server can cause out
of boundary memory writes (bsc#1003000, CVE-2016-7947, CVE-2016-7948)
- insufficient validation of data from the X server can cause out
of boundary memory access or endless loops (Denial of Service).
(bsc#1002998, CVE-2016-7945, CVE-2016-7946)
ModerateSUSE bug 1002998SUSE bug 1003000SUSE bug 1003012SUSE bug 1003023CVE-2016-7945 at SUSECVE-2016-7945 at NVDCVE-2016-7946 at SUSECVE-2016-7946 at NVDCVE-2016-7947 at SUSECVE-2016-7947 at NVDCVE-2016-7948 at SUSECVE-2016-7948 at NVDCVE-2016-7951 at SUSECVE-2016-7951 at NVDCVE-2016-7952 at SUSECVE-2016-7952 at NVDCVE-2016-7953 at SUSECVE-2016-7953 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-libs (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-libs fixes several issues.
These security issues were fixed:
- CVE-2017-16612: Heap overflows due to an integer overflow while parsing images and a signedness issue while parsing comments (bsc#1065386).
- CVE-2017-13720: Improper check for end of string in PatterMatch caused invalid reads (bsc#1054285)
- CVE-2017-13722: Malformed PCF file could have caused DoS or leak information (bsc#1049692)
- Prevent the X server from accessing arbitrary files as root. It is not possible to leak information, but special files can be touched allowing for causing side effects (bsc#1050459)
ModerateSUSE bug 1049692SUSE bug 1050459SUSE bug 1054285SUSE bug 1065386CVE-2017-13720 at SUSECVE-2017-13720 at NVDCVE-2017-13722 at SUSECVE-2017-13722 at NVDCVE-2017-16612 at SUSECVE-2017-16612 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-libs (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-libs fixes the following security issue:
- CVE-2015-9262: _XcursorThemeInherits allowed remote attackers to cause denial
of service or potentially code execution via a one-byte heap overflow
(bsc#1103511)
ModerateSUSE bug 1103511CVE-2015-9262 at SUSECVE-2015-9262 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-libxcbSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-LTSSSUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-libxcb addresses the following issues:
* Fix a deadlock with multi-threaded applications running on real time
kernels. (bnc#818829)
* Fix an integer overflow in read_packet(). (bnc#821584, CVE-2013-2064)
Security Issue reference:
* CVE-2013-2064
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2064>
SUSE bug 818829SUSE bug 821584CVE-2013-2064 at SUSECVE-2013-2064 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1cpe:/o:suse:suse_sles_ltss:11:sp1Security update for xorg-x11-server (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-server fixes the following issues:
Security issues:
- CVE-2017-2624: Prevent timing attack against MIT cookie. (bsc#1025029)
Non security issues:
- Remove unused function with use-after-free issue. (bsc#1025035)
- Use arc4random to generate cookies. (bsc#1025084)
ModerateSUSE bug 1025029SUSE bug 1025035SUSE bug 1025084CVE-2017-2624 at SUSECVE-2017-2624 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-server (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-server provides the following fixes:
Security issues fixed:
- CVE-2017-12184,CVE-2017-12185,CVE-2017-12186,CVE-2017-12187: Fixed
unvalidated lengths in multiple extensions (bsc#1063034)
- CVE-2017-12183: Fixed some unvalidated lengths in the XFIXES
extension. (bsc#1063035)
- CVE-2017-12180,CVE-2017-12181,CVE-2017-12182: Fixed various unvalidated
lengths in the XFree86-VidMode/XFree86-DGA/XFree86-DRI extensions
(bsc#1063037)
- CVE-2017-12179: Fixed an integer overflow and unvalidated length in
(S)ProcXIBarrierReleasePointer in Xi (bsc#1063038)
- CVE-2017-12178: Fixed a wrong extra length check in
ProcXIChangeHierarchy in Xi (bsc#1063039)
- CVE-2017-12177: Fixed an unvalidated variable-length request in
ProcDbeGetVisualInfo (bsc#1063040)
- CVE-2017-12176: Fixed an unvalidated extra length in
ProcEstablishConnection (bsc#1063041)
- Improve the entropy when generating random data used in X.org server authorization
cookies generation by using getentropy() and getrandom() when available (bsc#1025084)
ModerateSUSE bug 1025084SUSE bug 1063034SUSE bug 1063035SUSE bug 1063037SUSE bug 1063038SUSE bug 1063039SUSE bug 1063040SUSE bug 1063041CVE-2017-12176 at SUSECVE-2017-12176 at NVDCVE-2017-12177 at SUSECVE-2017-12177 at NVDCVE-2017-12178 at SUSECVE-2017-12178 at NVDCVE-2017-12179 at SUSECVE-2017-12179 at NVDCVE-2017-12180 at SUSECVE-2017-12180 at NVDCVE-2017-12181 at SUSECVE-2017-12181 at NVDCVE-2017-12182 at SUSECVE-2017-12182 at NVDCVE-2017-12183 at SUSECVE-2017-12183 at NVDCVE-2017-12184 at SUSECVE-2017-12184 at NVDCVE-2017-12185 at SUSECVE-2017-12185 at NVDCVE-2017-12186 at SUSECVE-2017-12186 at NVDCVE-2017-12187 at SUSECVE-2017-12187 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-server fixes the following issues:
Security issue fixed:
- CVE-2018-14665: Local attackers could overwrite system files in any directory using the -logfile option and gain privileges (bsc#1111697)
ImportantSUSE bug 1111697CVE-2018-14665 at SUSECVE-2018-14665 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-server fixes the following issues:
- CVE-2020-14347: Leak of uninitialized heap memory from the X server to clients on pixmap allocation (bsc#1174633, ZDI-CAN-11426).
- CVE-2020-14345: XKB out-of-bounds access privilege escalation vulnerability (bsc#1174635, ZDI-CAN-11428).
ImportantSUSE bug 1174633SUSE bug 1174635CVE-2020-14345 at SUSECVE-2020-14345 at NVDCVE-2020-14347 at SUSECVE-2020-14347 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-server fixes the following issues:
- CVE-2020-14361: Fix XkbSelectEvents() integer underflow (bsc#1174910 ZDI-CAN-11573).
- CVE-2020-14362: Fix XRecordRegisterClients() Integer underflow (bsc#1174913 ZDI-CAN-11574).
ImportantSUSE bug 1174910SUSE bug 1174913CVE-2020-14361 at SUSECVE-2020-14361 at NVDCVE-2020-14362 at SUSECVE-2020-14362 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-server fixes the following issues:
- CVE-2020-25712: Fixed a heap-based buffer overflow which could have led to privilege escalation (bsc#1177596).
- CVE-2020-14360: Fixed an out of bounds memory accesses on too short request which could lead to denial of service (bsc#1174908).
ImportantSUSE bug 1174908SUSE bug 1177596CVE-2020-14360 at SUSECVE-2020-14360 at NVDCVE-2020-25712 at SUSECVE-2020-25712 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-server fixes the following issues:
- CVE-2021-3472: XChangeFeedbackControl Integer Underflow Privilege Escalation (bsc#1180128)
ImportantSUSE bug 1180128CVE-2021-3472 at SUSECVE-2021-3472 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-server fixes the following issues:
- CVE-2021-4008: Fixed Privilege Escalation Vulnerability via Out-Of-Bounds Access in SProcRenderCompositeGlyphs (bsc#1193030).
ImportantSUSE bug 1193030CVE-2021-4008 at SUSECVE-2021-4008 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-server fixes the following issues:
- CVE-2021-4011: The handlers for the RecordCreateContext and RecordRegisterClients
requests of the Record extension do not properly validate the request
length leading to out of bounds memory write. (bsc#1190489)
ImportantSUSE bug 1190489CVE-2021-4011 at SUSECVE-2021-4011 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xorg-x11-server-dmx, xorg-x11-server-dmx-debuginfo, xorg-x11-server-dmx-debugsourceSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of xorg-x11-server-dmx fixed the following security issues:
CVE-2010-2240 - memory exhaustion flaw CVE-2011-4028 / CVE-2011-4029 - race
condition flaw
Security Issues:
* CVE-2010-2240
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2240>
* CVE-2011-4028
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4028>
* CVE-2011-4029
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4029>
SUSE bug 746949CVE-2010-2240 at SUSECVE-2010-2240 at NVDCVE-2011-4028 at SUSECVE-2011-4028 at NVDCVE-2011-4029 at SUSECVE-2011-4029 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for XorgSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xorg-x11-server and xorg-x11-libs brings improved
compatibility fixes and enhancements for X.org. The main feature is support
for Multi monitor configurations with independent heads, which used to be
supported with SUSE Linux Enterprise 10 (VGA Arbitration Support).
During update to Service Pack 1, the support for AppGroup Extension was
removed from the X11 Server. This update fixes this regression and adds
back the support (bnc#709943).
Additionally this update fixes bugs in the AppGroup Extensions, which
resulted in Xserver crashes (bnc #716355).
It also fixes an issue with changing the mouse mode to absolute
(bnc#704467).
It also fixes an issue with button release on non-core pointing devices
(bnc#698281).
In addition to that, multiple missing or incorrect bounds checking flaws
were fixed in in GLX (CVE-2010-4818) and in the X Render Extension
(CVE-2010-4819) were fixed, which could be used to crash the X server.
A regression in handling TWM was fixed as well (bnc#709987).
Security Issue references:
* CVE-2010-4818
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4818>
* CVE-2010-4819
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4819>
SUSE bug 648287SUSE bug 648290SUSE bug 698281SUSE bug 704467SUSE bug 709943SUSE bug 709987SUSE bug 714677SUSE bug 716355CVE-2010-4818 at SUSECVE-2010-4818 at NVDCVE-2010-4819 at SUSECVE-2010-4819 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xpdfSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
A specially crafted PDF files could crash xpdf or potentially even cause
execution of arbitrary code (CVE-2010-3702, CVE-2010-3703, CVE-2010-3704)
Security Issue references:
* CVE-2010-3702
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702>
* CVE-2010-3703
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703>
* CVE-2010-3704
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704>
SUSE bug 644112CVE-2010-3702 at SUSECVE-2010-3702 at NVDCVE-2010-3703 at SUSECVE-2010-3703 at NVDCVE-2010-3704 at SUSECVE-2010-3704 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xpdf-toolsSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update of xpdf fixes an out-of-bounds write in CharCodeToUnicode.cc
and a bad instruction pointer while parsing malformed PDF files.
Security Issue references:
* CVE-2010-2642
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642>
* CVE-2010-4653
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4653>
* CVE-2010-4654
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4654>
SUSE bug 661018SUSE bug 664484cpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xscreensaver (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The xscreensaver package was updated to fix the following security and non security issues:
- CVE-2015-8025: Fixed a crash when hot-swapping monitors while locked (bsc#952062).
- Added xscreensaver-in_signal_handler_p.patch needed for fix of signal handling.
- Refresh xscreensaver-stars.patch.
ModerateSUSE bug 952062CVE-2015-8025 at SUSECVE-2015-8025 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xterm (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xterm fixes the following issues:
- CVE-2021-27135: Fixed buffer-overflow when clicking on selected utf8 text. (bsc#1182091)
ImportantSUSE bug 1182091CVE-2021-27135 at SUSECVE-2021-27135 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for xz (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for xz fixes the following issues:
- CVE-2022-1271: Fixed an incorrect escaping of malicious filenames (ZDI-CAN-16587). (bsc#1198062)
ImportantSUSE bug 1198062CVE-2022-1271 at SUSECVE-2022-1271 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Recommended update for yast2-coreSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update fixes parsing of configuration files with option values longer
than 2048 characters.
In some cases, this could cause SuSEFirewall2 configurations to become
corrupted (bnc#763386).
SUSE bug 492746SUSE bug 700876SUSE bug 706705SUSE bug 763386CVE-2011-2483 at SUSECVE-2011-2483 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for yast2-storage (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for yast2-storage fixes the following issue:
- Use stdin, not tmp files for passwords (bsc#986971, CVE-2016-5746)
ModerateSUSE bug 986971CVE-2016-5746 at SUSECVE-2016-5746 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for zlib (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for zlib fixes the following issues:
CVE-2016-9843: Big-endian out-of-bounds pointer (bsc#1013882)
CVE-2016-9840 CVE-2016-9841: Out-of-bounds pointer arithmetic in inftrees.c (bsc#1003579)
Incompatible declarations for external linkage function deflate (bsc#1003577)
Empty text files compressed with gzip result in empty .gz file which cannot be uncompressed (bsc#920442)
ModerateSUSE bug 1003577SUSE bug 1003579SUSE bug 1003580SUSE bug 1013882SUSE bug 912771SUSE bug 920442CVE-2016-9840 at SUSECVE-2016-9840 at NVDCVE-2016-9841 at SUSECVE-2016-9841 at NVDCVE-2016-9843 at SUSECVE-2016-9843 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for zlib (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for zlib fixes the following issues:
- CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459).
ImportantSUSE bug 1197459CVE-2018-25032 at SUSECVE-2018-25032 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for zsh (Moderate)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for zsh fixes the following issues:
- CVE-2018-1100: Fixed a buffer overflow in
utils.c:checkmailpath() that could lead to local arbitrary code
execution ( bsc#1089030)
ModerateSUSE bug 1089030CVE-2018-1100 at SUSECVE-2018-1100 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for zsh (Important)SUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
This update for zsh fixes the following issues:
- CVE-2019-20044: Fixed an insecure dropping of privileges when unsetting
the PRIVILEGED option (bsc#1163882).
- CVE-2018-13259: Fixed an unexpected truncation of long shebang lines (bsc#1107294).
- CVE-2018-7549: Fixed a crash when an empty hash table (bsc#1082991).
- CVE-2018-1083: Fixed a stack-based buffer overflow when using tab completion
on directories with long names (bsc#1087026).
- CVE-2018-1071: Fixed a stack-based buffer overflow when executing certain
commands (bsc#1084656).
- CVE-2018-0502: Fixed a mishandling of shebang lines (bsc#1107296).
- CVE-2017-18206: Fixed a buffer overflow related to symlink processing (bsc#1083002).
- CVE-2017-18205: Fixed an application crash when using cd with no
arguments (bsc#1082998).
- CVE-2016-10714: Fixed a potential application crash when handling maximum
length paths (bsc#1083250).
- CVE-2014-10072: Fixed a buffer overflow when scanning very long directory
paths for symbolic links (bsc#1082975).
- CVE-2014-10071: Fixed a buffer overflow when redirecting output to a long
file descriptor (bsc#1082977).
- CVE-2014-10070: Fixed a privilege escalation vulnerability via environment
variables (bsc#1082885).
ImportantSUSE bug 1082885SUSE bug 1082975SUSE bug 1082977SUSE bug 1082991SUSE bug 1082998SUSE bug 1083002SUSE bug 1083250SUSE bug 1084656SUSE bug 1087026SUSE bug 1107294SUSE bug 1107296SUSE bug 1163882CVE-2014-10070 at SUSECVE-2014-10070 at NVDCVE-2014-10071 at SUSECVE-2014-10071 at NVDCVE-2014-10072 at SUSECVE-2014-10072 at NVDCVE-2016-10714 at SUSECVE-2016-10714 at NVDCVE-2017-18205 at SUSECVE-2017-18205 at NVDCVE-2017-18206 at SUSECVE-2017-18206 at NVDCVE-2018-0502 at SUSECVE-2018-0502 at NVDCVE-2018-1071 at SUSECVE-2018-1071 at NVDCVE-2018-1083 at SUSECVE-2018-1083 at NVDCVE-2018-13259 at SUSECVE-2018-13259 at NVDCVE-2018-7549 at SUSECVE-2018-7549 at NVDCVE-2019-20044 at SUSECVE-2019-20044 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for zypperSUSE Linux Enterprise Server 11 SP1SUSE Linux Enterprise Server 11 SP1-TERADATA
The zypper setuid wrapper links against libzypp. This is not needed and
adds unnecessary attack vectors. CVE-2012-0420 has been assigned to this
issue.
Security Issue reference:
* CVE-2012-0420
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0420>
SUSE bug 770630CVE-2012-0420 at SUSECVE-2012-0420 at NVDcpe:/o:suse:sles:11:sp1:teradatacpe:/o:suse:suse_sles:11:sp1Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
MozillaFirefox was updated to version 24.6.0 to fix six security issues:
* Miscellaneous memory safety hazards. (CVE-2014-1533, CVE-2014-1534)
* Use-after-free and out of bounds issues found using Address
Sanitizer. (CVE-2014-1536, CVE-2014-1537, CVE-2014-1538)
* Use-after-free with SMIL Animation Controller. (CVE-2014-1541)
mozilla-nspr was updated to version 4.10.6 to fix one security issue:
* Out of bounds write in NSPR. (CVE-2014-1545)
Further information can be found at
https://www.mozilla.org/security/announce/
<https://www.mozilla.org/security/announce/> .
Security Issues references:
* CVE-2014-1533
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1533>
* CVE-2014-1534
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1534>
* CVE-2014-1536
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1536>
* CVE-2014-1537
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1537>
* CVE-2014-1538
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1538>
* CVE-2014-1541
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1541>
* CVE-2014-1545
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1545>
SUSE bug 881874CVE-2014-1533 at SUSECVE-2014-1533 at NVDCVE-2014-1534 at SUSECVE-2014-1534 at NVDCVE-2014-1536 at SUSECVE-2014-1536 at NVDCVE-2014-1537 at SUSECVE-2014-1537 at NVDCVE-2014-1538 at SUSECVE-2014-1538 at NVDCVE-2014-1541 at SUSECVE-2014-1541 at NVDCVE-2014-1545 at SUSECVE-2014-1545 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for ImageMagickSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
ImageMagick has been updated to fix an integer overflow (CVE-2012-3438).
Also a slowness in 'convert' when resizing JPEG images has been addressed
(bnc#754481).
SUSE bug 754481SUSE bug 773612CVE-2012-3438 at SUSECVE-2012-3438 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for ImageMagick fixes the following issues:
Security issues fixed:
- Several coders were vulnerable to remote code execution attacks,
these coders have now been disabled. They can be re-enabled by
exporting the following environment variable
MAGICK_CODER_MODULE_PATH=/usr/lib64/ImageMagick-6.4.3/modules-Q16/coders/vulnerable/
(bsc#978061)
- CVE-2016-3714: Insufficient shell characters filtering leads to
(potentially remote) code execution
- CVE-2016-3715: Possible file deletion by using ImageMagick's
'ephemeral' pseudo protocol which deletes files after reading.
- CVE-2016-3716: Possible file moving by using ImageMagick's 'msl'
pseudo protocol with any extension in any folder.
- CVE-2016-3717: Possible local file read by using ImageMagick's
'label' pseudo protocol to get content of the files from the server.
- CVE-2016-3718: Possible Server Side Request Forgery (SSRF) to make
HTTP GET or FTP request.
Bugs fixed:
- Use external svg loader (rsvg) ImportantSUSE bug 978061CVE-2016-3714 at SUSECVE-2016-3714 at NVDCVE-2016-3715 at SUSECVE-2016-3715 at NVDCVE-2016-3716 at SUSECVE-2016-3716 at NVDCVE-2016-3717 at SUSECVE-2016-3717 at NVDCVE-2016-3718 at SUSECVE-2016-3718 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for ImageMagick fixes the following issues:
- bsc#978061: A vulnerability in ImageMagick's 'https' module allowed users to
execute arbitrary shell commands on the host performing the image conversion.
The issue had the potential for remote command injection. This update mitigates
the vulnerability by disabling all access to the 'https' module in the
'delegates.xml' config file. (CVE-2016-3714)
ImportantSUSE bug 978061CVE-2016-3714 at SUSECVE-2016-3714 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for ImageMagick fixes the following issues:
- CVE-2016-5118: popen() shell vulnerability via filenames (bsc#982178)
ImportantSUSE bug 982178CVE-2016-5118 at SUSECVE-2016-5118 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for MesaSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update of Mesa fixes multiple integer overflows.
Security Issue reference:
* CVE-2013-1993
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1993>
SUSE bug 815451SUSE bug 821855CVE-2013-1993 at SUSECVE-2013-1993 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
This update to Firefox 17.0.9esr (bnc#840485) addresses:
* MFSA 2013-91 User-defined properties on DOM proxies get the wrong
'this' object
o (CVE-2013-1737)
* MFSA 2013-90 Memory corruption involving scrolling
o use-after-free in mozilla::layout::ScrollbarActivity
(CVE-2013-1735)
o Memory corruption in nsGfxScrollFrameInner::IsLTR()
(CVE-2013-1736)
* MFSA 2013-89 Buffer overflow with multi-column, lists, and floats
o buffer overflow at nsFloatManager::GetFlowArea() with multicol,
list, floats (CVE-2013-1732)
* MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes
o compartment mismatch in nsXBLBinding::DoInitJSClass
(CVE-2013-1730)
* MFSA 2013-83 Mozilla Updater does not lock MAR file after signature
verification
o MAR signature bypass in Updater could lead to downgrade
(CVE-2013-1726)
* MFSA 2013-82 Calling scope for new Javascript objects can lead to
memory corruption
o ABORT: bad scope for new JSObjects: ReparentWrapper /
document.open (CVE-2013-1725)
* MFSA 2013-79 Use-after-free in Animation Manager during stylesheet
cloning
o Heap-use-after-free in nsAnimationManager::BuildAnimations
(CVE-2013-1722)
* MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 /
rv:17.0.9)
o Memory safety bugs fixed in Firefox 17.0.9 and Firefox 24.0
(CVE-2013-1718)
* MFSA 2013-65 Buffer underflow when generating CRMF requests
o ASAN heap-buffer-overflow (read 1) in
cryptojs_interpret_key_gen_type (CVE-2013-1705)
Security Issue references:
* CVE-2013-1737
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1737>
* CVE-2013-1735
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1735>
* CVE-2013-1736
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1736>
* CVE-2013-1732
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1732>
* CVE-2013-1730
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1730>
* CVE-2013-1726
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1726>
* CVE-2013-1725
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1725>
* CVE-2013-1722
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1722>
* CVE-2013-1718
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1718>
* CVE-2013-1705
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1705>
SUSE bug 833389SUSE bug 840485SUSE bug 917597CVE-2013-1701 at SUSECVE-2013-1701 at NVDCVE-2013-1702 at SUSECVE-2013-1702 at NVDCVE-2013-1705 at SUSECVE-2013-1705 at NVDCVE-2013-1706 at SUSECVE-2013-1706 at NVDCVE-2013-1707 at SUSECVE-2013-1707 at NVDCVE-2013-1709 at SUSECVE-2013-1709 at NVDCVE-2013-1710 at SUSECVE-2013-1710 at NVDCVE-2013-1712 at SUSECVE-2013-1712 at NVDCVE-2013-1713 at SUSECVE-2013-1713 at NVDCVE-2013-1714 at SUSECVE-2013-1714 at NVDCVE-2013-1717 at SUSECVE-2013-1717 at NVDCVE-2013-1718 at SUSECVE-2013-1718 at NVDCVE-2013-1722 at SUSECVE-2013-1722 at NVDCVE-2013-1725 at SUSECVE-2013-1725 at NVDCVE-2013-1726 at SUSECVE-2013-1726 at NVDCVE-2013-1730 at SUSECVE-2013-1730 at NVDCVE-2013-1732 at SUSECVE-2013-1732 at NVDCVE-2013-1735 at SUSECVE-2013-1735 at NVDCVE-2013-1736 at SUSECVE-2013-1736 at NVDCVE-2013-1737 at SUSECVE-2013-1737 at NVDCVE-2015-0822 at SUSECVE-2015-0822 at NVDCVE-2015-0827 at SUSECVE-2015-0827 at NVDCVE-2015-0831 at SUSECVE-2015-0831 at NVDCVE-2015-0836 at SUSECVE-2015-0836 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
MozillaFirefox was updated to version 38.5.0 ESR.
It fixes the following security issues:
* MFSA 2015-134/CVE-2015-7201/CVE-2015-7202
Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)
* MFSA 2015-138/CVE-2015-7210
Use-after-free in WebRTC when datachannel is used after being
destroyed
* MFSA 2015-139/CVE-2015-7212
Integer overflow allocating extremely large textures
* MFSA 2015-145/CVE-2015-7205
Underflow through code inspection
* MFSA 2015-146/CVE-2015-7213
Integer overflow in MP4 playback in 64-bit versions
* MFSA 2015-147/CVE-2015-7222
Integer underflow and buffer overflow processing MP4 metadata
in libstagefright
* MFSA 2015-149/CVE-2015-7214
Cross-site reading attack through data and view-source URIs
ImportantSUSE bug 959277CVE-2015-7201 at SUSECVE-2015-7201 at NVDCVE-2015-7202 at SUSECVE-2015-7202 at NVDCVE-2015-7205 at SUSECVE-2015-7205 at NVDCVE-2015-7210 at SUSECVE-2015-7210 at NVDCVE-2015-7212 at SUSECVE-2015-7212 at NVDCVE-2015-7213 at SUSECVE-2015-7213 at NVDCVE-2015-7214 at SUSECVE-2015-7214 at NVDCVE-2015-7222 at SUSECVE-2015-7222 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for MozillaFirefox (Moderate)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update to MozillaFirefox 38.8.0 ESR fixes the following security issues (bsc#977333):
- CVE-2016-2805: Miscellaneous memory safety hazards - MFSA 2016-39 (bsc#977374)
- CVE-2016-2807: Miscellaneous memory safety hazards - MFSA 2016-39 (bsc#977376)
- CVE-2016-2808: Write to invalid HashMap entry through JavaScript.watch() - MFSA 2016-47 (bsc#977386)
- CVE-2016-2814: Buffer overflow in libstagefright with CENC offsets - MFSA 2016-44 (bsc#977381)
ModerateSUSE bug 977333SUSE bug 977374SUSE bug 977376SUSE bug 977381SUSE bug 977386CVE-2016-2805 at SUSECVE-2016-2805 at NVDCVE-2016-2807 at SUSECVE-2016-2807 at NVDCVE-2016-2808 at SUSECVE-2016-2808 at NVDCVE-2016-2814 at SUSECVE-2016-2814 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for MozillaFirefox, MozillaFirefox-branding-SLED, mozilla-nspr and mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nspr and mozilla-nss were updated to fix nine security issues.
MozillaFirefox was updated to version 45.3.0 ESR. mozilla-nss was updated to version 3.21.1, mozilla-nspr to version 4.12.
These security issues were fixed in 45.3.0ESR:
- CVE-2016-2835/CVE-2016-2836: Miscellaneous memory safety hazards (rv:48.0 / rv:45.3) (MFSA 2016-62)
- CVE-2016-2830: Favicon network connection can persist when page is closed (MFSA 2016-63)
- CVE-2016-2838: Buffer overflow rendering SVG with bidirectional content (MFSA 2016-64)
- CVE-2016-2839: Cairo rendering crash due to memory allocation issue with FFmpeg 0.10 (MFSA 2016-65)
- CVE-2016-5252: Stack underflow during 2D graphics rendering (MFSA 2016-67)
- CVE-2016-5254: Use-after-free when using alt key and toplevel menus (MFSA 2016-70)
- CVE-2016-5258: Use-after-free in DTLS during WebRTC session shutdown (MFSA 2016-72)
- CVE-2016-5259: Use-after-free in service workers with nested sync events (MFSA 2016-73)
- CVE-2016-5262: Scripts on marquee tag can execute in sandboxed iframes (MFSA 2016-76)
- CVE-2016-2837: Buffer overflow in ClearKey Content Decryption Module (CDM) during video playback (MFSA 2016-77)
- CVE-2016-5263: Type confusion in display transformation (MFSA 2016-78)
- CVE-2016-5264: Use-after-free when applying SVG effects (MFSA 2016-79)
- CVE-2016-5265: Same-origin policy violation using local HTML file and saved shortcut file (MFSA 2016-80)
- CVE-2016-6354: Fix for possible buffer overrun (bsc#990856)
Security issues fixed in 45.2.0.ESR:
- CVE-2016-2834: Memory safety bugs in NSS (MFSA 2016-61) (bsc#983639).
- CVE-2016-2824: Out-of-bounds write with WebGL shader (MFSA 2016-53) (bsc#983651).
- CVE-2016-2822: Addressbar spoofing though the SELECT element (MFSA 2016-52) (bsc#983652).
- CVE-2016-2821: Use-after-free deleting tables from a contenteditable document (MFSA 2016-51) (bsc#983653).
- CVE-2016-2819: Buffer overflow parsing HTML5 fragments (MFSA 2016-50) (bsc#983655).
- CVE-2016-2828: Use-after-free when textures are used in WebGL operations after recycle pool destruction (MFSA 2016-56) (bsc#983646).
- CVE-2016-2831: Entering fullscreen and persistent pointerlock without user permission (MFSA 2016-58) (bsc#983643).
- CVE-2016-2815, CVE-2016-2818: Miscellaneous memory safety hazards (MFSA 2016-49) (bsc#983638)
These non-security issues were fixed:
- Fix crashes on aarch64
* Determine page size at runtime (bsc#984006)
* Allow aarch64 to work in safe mode (bsc#985659)
- Fix crashes on mainframes
- Temporarily bind Firefox to the first CPU as a hotfix
for an apparent race condition (bsc#989196, bsc#990628)
All extensions must now be signed by addons.mozilla.org. Please read README.SUSE for more details.
ImportantSUSE bug 983549SUSE bug 983638SUSE bug 983639SUSE bug 983643SUSE bug 983646SUSE bug 983651SUSE bug 983652SUSE bug 983653SUSE bug 983655SUSE bug 984006SUSE bug 985659SUSE bug 989196SUSE bug 990628SUSE bug 990856SUSE bug 991809CVE-2016-2815 at SUSECVE-2016-2815 at NVDCVE-2016-2818 at SUSECVE-2016-2818 at NVDCVE-2016-2819 at SUSECVE-2016-2819 at NVDCVE-2016-2821 at SUSECVE-2016-2821 at NVDCVE-2016-2822 at SUSECVE-2016-2822 at NVDCVE-2016-2824 at SUSECVE-2016-2824 at NVDCVE-2016-2828 at SUSECVE-2016-2828 at NVDCVE-2016-2830 at SUSECVE-2016-2830 at NVDCVE-2016-2831 at SUSECVE-2016-2831 at NVDCVE-2016-2834 at SUSECVE-2016-2834 at NVDCVE-2016-2835 at SUSECVE-2016-2835 at NVDCVE-2016-2836 at SUSECVE-2016-2836 at NVDCVE-2016-2837 at SUSECVE-2016-2837 at NVDCVE-2016-2838 at SUSECVE-2016-2838 at NVDCVE-2016-2839 at SUSECVE-2016-2839 at NVDCVE-2016-5252 at SUSECVE-2016-5252 at NVDCVE-2016-5254 at SUSECVE-2016-5254 at NVDCVE-2016-5258 at SUSECVE-2016-5258 at NVDCVE-2016-5259 at SUSECVE-2016-5259 at NVDCVE-2016-5262 at SUSECVE-2016-5262 at NVDCVE-2016-5263 at SUSECVE-2016-5263 at NVDCVE-2016-5264 at SUSECVE-2016-5264 at NVDCVE-2016-5265 at SUSECVE-2016-5265 at NVDCVE-2016-6354 at SUSECVE-2016-6354 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
MozillaFirefox was updated to 45.4.0 ESR to fix the following issues (bsc#999701):
The following security issue were fixed:
* MFSA 2016-86/CVE-2016-5270: Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString
* MFSA 2016-86/CVE-2016-5272: Bad cast in nsImageGeometryMixin
* MFSA 2016-86/CVE-2016-5276: Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList
* MFSA 2016-86/CVE-2016-5274: use-after-free in nsFrameManager::CaptureFrameState
* MFSA 2016-86/CVE-2016-5277: Heap-use-after-free in nsRefreshDriver::Tick
* MFSA 2016-86/CVE-2016-5278: Heap-buffer-overflow in nsBMPEncoder::AddImageFrame
* MFSA 2016-86/CVE-2016-5280: Use-after-free in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap
* MFSA 2016-86/CVE-2016-5281: use-after-free in DOMSVGLength
* MFSA 2016-86/CVE-2016-5284: Add-on update site certificate pin expiration
* MFSA 2016-86/CVE-2016-5250: Resource Timing API is storing resources sent by the previous page
* MFSA 2016-86/CVE-2016-5261: Integer overflow and memory corruption in WebSocketChannel
* MFSA 2016-86/CVE-2016-5257: Various memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4
ImportantSUSE bug 999701CVE-2016-5250 at SUSECVE-2016-5250 at NVDCVE-2016-5257 at SUSECVE-2016-5257 at NVDCVE-2016-5261 at SUSECVE-2016-5261 at NVDCVE-2016-5270 at SUSECVE-2016-5270 at NVDCVE-2016-5272 at SUSECVE-2016-5272 at NVDCVE-2016-5274 at SUSECVE-2016-5274 at NVDCVE-2016-5276 at SUSECVE-2016-5276 at NVDCVE-2016-5277 at SUSECVE-2016-5277 at NVDCVE-2016-5278 at SUSECVE-2016-5278 at NVDCVE-2016-5280 at SUSECVE-2016-5280 at NVDCVE-2016-5281 at SUSECVE-2016-5281 at NVDCVE-2016-5284 at SUSECVE-2016-5284 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
MozillaFirefox 45 ESR was updated to 45.6 to fix the following issues:
* MFSA 2016-95/CVE-2016-9897: Memory corruption in libGLES
* MFSA 2016-95/CVE-2016-9901: Data from Pocket server improperly sanitized before execution
* MFSA 2016-95/CVE-2016-9898: Use-after-free in Editor while manipulating DOM subtrees
* MFSA 2016-95/CVE-2016-9899: Use-after-free while manipulating DOM events and audio elements
* MFSA 2016-95/CVE-2016-9904: Cross-origin information leak in shared atoms
* MFSA 2016-95/CVE-2016-9905: Crash in EnumerateSubDocuments
* MFSA 2016-95/CVE-2016-9895: CSP bypass using marquee tag
* MFSA 2016-95/CVE-2016-9900: Restricted external resources can be loaded by SVG images through data URLs
* MFSA 2016-95/CVE-2016-9893: Memory safety bugs fixed in Firefox 50.1 and Firefox ESR 45.6
* MFSA 2016-95/CVE-2016-9902: Pocket extension does not validate the origin of events
Please see https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/
for more information.
- Fix fontconfig issue (bsc#1000751) on 32bit systems as well.
ImportantSUSE bug 1000751SUSE bug 1015422CVE-2016-9893 at SUSECVE-2016-9893 at NVDCVE-2016-9895 at SUSECVE-2016-9895 at NVDCVE-2016-9897 at SUSECVE-2016-9897 at NVDCVE-2016-9898 at SUSECVE-2016-9898 at NVDCVE-2016-9899 at SUSECVE-2016-9899 at NVDCVE-2016-9900 at SUSECVE-2016-9900 at NVDCVE-2016-9901 at SUSECVE-2016-9901 at NVDCVE-2016-9902 at SUSECVE-2016-9902 at NVDCVE-2016-9904 at SUSECVE-2016-9904 at NVDCVE-2016-9905 at SUSECVE-2016-9905 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This MozillaFirefox and mozilla-nss update fixes several security and
non-security issues.
MozillaFirefox has been updated to version 24.5.0esr which fixes the
following issues:
* MFSA 2014-34/CVE-2014-1518
Miscellaneous memory safety hazards
* MFSA 2014-37/CVE-2014-1523
Out of bounds read while decoding JPG images
* MFSA 2014-38/CVE-2014-1524
Buffer overflow when using non-XBL object as XBL
* MFSA 2014-42/CVE-2014-1529
Privilege escalation through Web Notification API
* MFSA 2014-43/CVE-2014-1530
Cross-site scripting (XSS) using history navigations
* MFSA 2014-44/CVE-2014-1531
Use-after-free in imgLoader while resizing images
* MFSA 2014-46/CVE-2014-1532
Use-after-free in nsHostResolver
Mozilla NSS has been updated to version 3.16
* required for Firefox 29
* CVE-2014-1492_ In a wildcard certificate, the wildcard character
should not be embedded within the U-label of an internationalized
domain name. See the last bullet point in RFC 6125, Section 7.2.
* Update of root certificates.
Security Issue references:
* CVE-2014-1532
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1532>
* CVE-2014-1531
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1531>
* CVE-2014-1530
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1530>
* CVE-2014-1529
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1529>
* CVE-2014-1524
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1524>
* CVE-2014-1523
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1523>
* CVE-2014-1520
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1520>
* CVE-2014-1518
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1518>
SUSE bug 865539SUSE bug 869827SUSE bug 875378SUSE bug 875803CVE-2014-1518 at SUSECVE-2014-1518 at NVDCVE-2014-1520 at SUSECVE-2014-1520 at NVDCVE-2014-1523 at SUSECVE-2014-1523 at NVDCVE-2014-1524 at SUSECVE-2014-1524 at NVDCVE-2014-1529 at SUSECVE-2014-1529 at NVDCVE-2014-1530 at SUSECVE-2014-1530 at NVDCVE-2014-1531 at SUSECVE-2014-1531 at NVDCVE-2014-1532 at SUSECVE-2014-1532 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for xen (Moderate)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This security update of Xen fixes the following issues:
* bsc#939712 (XSA-140): QEMU leak of uninitialized heap
memory in rtl8139 device model (CVE-2015-5165)
* bsc#938344: qemu,kvm,xen: host code
execution via IDE subsystem CD-ROM (CVE-2015-5154)
ModerateSUSE bug 938344SUSE bug 939712CVE-2015-5154 at SUSECVE-2015-5154 at NVDCVE-2015-5165 at SUSECVE-2015-5165 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Recommended update for antSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update for ant adds a fix for the following reports for ant:
* 785695: RPM task converts dashes (-) to underscores (_)
In addition, a security fix for a denial of service via specially crafted
input has been added (CVE-2012-2098)
Security Issue reference:
* CVE-2012-2098
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2098>
SUSE bug 763820SUSE bug 785695CVE-2012-2098 at SUSECVE-2012-2098 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Recommended update for apache2SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
This update for apache2 provides the following fixes:
*
Make sure that the tty from which Apache starts has echo mode set to
on; otherwise, subsequently checking if echo mode was off results in
the false detection that Apache is still waiting for a certificate
pass-phrase to be entered, leading to a failure with Xen virtual
guests that may have the terminal set to -echo. (bnc#852401)
*
Partially revert the fix for bnc#815621 (PR50481); this upstream
change has unwanted side effects with large request headers, where
the LimitRequestFieldsize option is ignored. (bnc#844212)
SUSE bug 722545SUSE bug 757710SUSE bug 774045SUSE bug 777260SUSE bug 782956SUSE bug 788121SUSE bug 791794SUSE bug 793004SUSE bug 798733SUSE bug 806458SUSE bug 807152SUSE bug 815621SUSE bug 829056SUSE bug 829057SUSE bug 844212SUSE bug 852401SUSE bug 859916SUSE bug 869105SUSE bug 869106SUSE bug 887765SUSE bug 887768CVE-2012-0021 at SUSECVE-2012-0021 at NVDCVE-2012-0883 at SUSECVE-2012-0883 at NVDCVE-2012-2687 at SUSECVE-2012-2687 at NVDCVE-2012-3499 at SUSECVE-2012-3499 at NVDCVE-2012-4557 at SUSECVE-2012-4557 at NVDCVE-2012-4558 at SUSECVE-2012-4558 at NVDCVE-2013-1862 at SUSECVE-2013-1862 at NVDCVE-2013-1896 at SUSECVE-2013-1896 at NVDCVE-2013-6438 at SUSECVE-2013-6438 at NVDCVE-2014-0098 at SUSECVE-2014-0098 at NVDCVE-2014-0226 at SUSECVE-2014-0226 at NVDCVE-2014-0231 at SUSECVE-2014-0231 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for apache2-mod_nssSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes the following security issues with apache2-mod_nss:
* bnc#853039: client certificate verification problematic
(CVE-2013-4566)
Security Issue reference:
* CVE-2013-4566
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4566>
SUSE bug 847216SUSE bug 853039CVE-2013-4566 at SUSECVE-2013-4566 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for apache2-mod_nss (Moderate)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update provides apache2-mod_nss 1.0.14, which brings several fixes and
enhancements:
- SHA256 cipher names change spelling from *_sha256 to *_sha_256.
- Drop mod_nss_migrate.pl and use upstream migrate script instead.
- Check for Apache user owner/group read permissions of NSS database at startup.
- Update default ciphers to something more modern and secure.
- Check for host and netstat commands in gencert before trying to use them.
- Don't ignore NSSProtocol when NSSFIPS is enabled.
- Use proper shell syntax to avoid creating /0 in gencert.
- Add server support for DHE ciphers.
- Extract SAN from server/client certificates into env.
- Fix memory leaks and other coding issues caught by clang analyzer.
- Add support for Server Name Indication (SNI)
- Add support for SNI for reverse proxy connections.
- Add RenegBufferSize? option.
- Add support for TLS Session Tickets (RFC 5077).
- Implement a slew more OpenSSL cipher macros.
- Fix a number of illegal memory accesses and memory leaks.
- Support for SHA384 ciphers if they are available in the version of NSS mod_nss is built against.
- Add the SECURE_RENEG environment variable.
- Add some hints when NSS database cannot be initialized.
- Code cleanup including trailing whitespace and compiler warnings.
- Modernize autotools configuration slightly, add config.h.
- Add small test suite for SNI.
- Add compatibility for mod_ssl-style cipher definitions.
- Add Camelia ciphers.
- Remove Fortezza ciphers.
- Add TLSv1.2-specific ciphers.
- Initialize cipher list when re-negotiating handshake.
- Completely remove support for SSLv2.
- Add support for sqlite NSS databases.
- Compare subject CN and VS hostname during server start up.
- Add support for enabling TLS v1.2.
- Don't enable SSL 3 by default. (CVE-2014-3566)
- Improve protocol testing.
- Add nss_pcache man page.
- Fix argument handling in nss_pcache.
- Support httpd 2.4+.
- Allow users to configure a helper to ask for certificate passphrases via
NSSPassPhraseDialog. (bsc#975394)
ModerateSUSE bug 975394SUSE bug 979688CVE-2013-4566 at SUSECVE-2013-4566 at NVDCVE-2014-3566 at SUSECVE-2014-3566 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for PHP5SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes the following issues:
* memory corruption in openssl_parse_x509 (CVE-2013-6420)
* man-in-the-middle attacks by specially crafting certificates
(CVE-2013-4248)
Security Issue references:
* CVE-2013-6420
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420>
* CVE-2013-4248
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4248>
SUSE bug 775852SUSE bug 778003SUSE bug 783239SUSE bug 807707SUSE bug 828020SUSE bug 829207SUSE bug 837746SUSE bug 854880SUSE bug 868624SUSE bug 882992CVE-2011-1398 at SUSECVE-2011-1398 at NVDCVE-2011-4388 at SUSECVE-2011-4388 at NVDCVE-2013-1635 at SUSECVE-2013-1635 at NVDCVE-2013-1643 at SUSECVE-2013-1643 at NVDCVE-2013-4113 at SUSECVE-2013-4113 at NVDCVE-2013-4248 at SUSECVE-2013-4248 at NVDCVE-2013-4635 at SUSECVE-2013-4635 at NVDCVE-2013-6420 at SUSECVE-2013-6420 at NVDCVE-2014-2497 at SUSECVE-2014-2497 at NVDCVE-2014-4049 at SUSECVE-2014-4049 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for PHP5SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes the following issues:
* memory corruption in openssl_parse_x509 (CVE-2013-6420)
* Heap buffer over-read in DateInterval (CVE-2013-6712)
* man-in-the-middle attacks by specially crafting certificates
(CVE-2013-4248)
Security Issue references:
* CVE-2013-6420
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420>
* CVE-2013-6712
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6712>
* CVE-2013-4248
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4248>
SUSE bug 741520SUSE bug 741859SUSE bug 743308SUSE bug 746661SUSE bug 749111SUSE bug 752030SUSE bug 760536SUSE bug 761631SUSE bug 763814SUSE bug 766798SUSE bug 769785SUSE bug 772580SUSE bug 772582SUSE bug 775852SUSE bug 778003SUSE bug 807707SUSE bug 828020SUSE bug 829207SUSE bug 854880SUSE bug 868624SUSE bug 880904SUSE bug 880905SUSE bug 882992CVE-2011-1398 at SUSECVE-2011-1398 at NVDCVE-2011-4153 at SUSECVE-2011-4153 at NVDCVE-2011-4388 at SUSECVE-2011-4388 at NVDCVE-2012-0057 at SUSECVE-2012-0057 at NVDCVE-2012-0807 at SUSECVE-2012-0807 at NVDCVE-2012-0831 at SUSECVE-2012-0831 at NVDCVE-2012-1172 at SUSECVE-2012-1172 at NVDCVE-2012-1823 at SUSECVE-2012-1823 at NVDCVE-2012-2143 at SUSECVE-2012-2143 at NVDCVE-2012-2311 at SUSECVE-2012-2311 at NVDCVE-2012-2335 at SUSECVE-2012-2335 at NVDCVE-2012-2336 at SUSECVE-2012-2336 at NVDCVE-2012-2386 at SUSECVE-2012-2386 at NVDCVE-2012-2688 at SUSECVE-2012-2688 at NVDCVE-2012-3365 at SUSECVE-2012-3365 at NVDCVE-2013-1635 at SUSECVE-2013-1635 at NVDCVE-2013-1643 at SUSECVE-2013-1643 at NVDCVE-2013-4113 at SUSECVE-2013-4113 at NVDCVE-2013-4248 at SUSECVE-2013-4248 at NVDCVE-2013-4635 at SUSECVE-2013-4635 at NVDCVE-2013-6420 at SUSECVE-2013-6420 at NVDCVE-2013-6712 at SUSECVE-2013-6712 at NVDCVE-2014-0237 at SUSECVE-2014-0237 at NVDCVE-2014-0238 at SUSECVE-2014-0238 at NVDCVE-2014-2497 at SUSECVE-2014-2497 at NVDCVE-2014-4049 at SUSECVE-2014-4049 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for automakeSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update of automake fixes a race condition in 'distcheck'
(CVE-2012-3386).
Also a bug where world writeable tarballs were generated during 'make dist'
has been fixed (CVE-2009-4029).
Security Issue reference:
* CVE-2012-3386
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3386>
* CVE-2009-4029
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4029>
SUSE bug 559815SUSE bug 770618CVE-2012-3386 at SUSECVE-2012-3386 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Recommended update for bashSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
This update for bash provides fixes for the following issues:
* Fix crash when expanding '$[' without matching ']'. (bnc#844550)
* Do not restart the sighandler after a trap is reset. (bnc#820149)
* Workaround crash in libreadline. (bnc#819783)
* Mark skeleton files as configurations files. (bnc#776694)
SUSE bug 776694SUSE bug 819783SUSE bug 820149SUSE bug 844550SUSE bug 896776SUSE bug 898346SUSE bug 898603SUSE bug 898604CVE-2014-6271 at SUSECVE-2014-6271 at NVDCVE-2014-7169 at SUSECVE-2014-7169 at NVDCVE-2014-7186 at SUSECVE-2014-7186 at NVDCVE-2014-7187 at SUSECVE-2014-7187 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for bindSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes a DoS vulnerability in bind when handling malformed
NSEC3-signed zones. CVE-2014-0591 has been assigned to this issue.
Security Issue references:
* CVE-2014-0591
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591>
SUSE bug 743758SUSE bug 765315SUSE bug 772945SUSE bug 780157SUSE bug 784602SUSE bug 796112SUSE bug 815230SUSE bug 819475SUSE bug 831899SUSE bug 858639SUSE bug 882511SUSE bug 908994CVE-2012-1667 at SUSECVE-2012-1667 at NVDCVE-2012-3817 at SUSECVE-2012-3817 at NVDCVE-2012-4244 at SUSECVE-2012-4244 at NVDCVE-2012-5166 at SUSECVE-2012-5166 at NVDCVE-2013-4854 at SUSECVE-2013-4854 at NVDCVE-2014-0591 at SUSECVE-2014-0591 at NVDCVE-2014-8500 at SUSECVE-2014-8500 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for bind (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
bind was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-5477: Remote DoS via TKEY queries (bsc#939567)
Exposure to this issue can not be prevented by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet handling.
ImportantSUSE bug 939567CVE-2015-5477 at SUSECVE-2015-5477 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for bind (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
The nameserver bind was updated to fix a remote denial of service (crash) attack against
bind nameservers doing validation on DNSSEC signed records. (CVE-2015-5722, bsc#944066).
ImportantSUSE bug 944066CVE-2015-5722 at SUSECVE-2015-5722 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for bind (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update fixes the following security issue:
- CVE-2015-8000: Fix remote denial of service by misparsing incoming responses (bsc#958861).
It also fixes a bug:
- Fix a regression in caching entries with a TTL of 0 (bsc#923281).
ImportantSUSE bug 923281SUSE bug 958861CVE-2015-8000 at SUSECVE-2015-8000 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for bind (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for bind fixes the following issues:
- CVE-2015-8704: Specific APL data allowed remote attacker to trigger a crash in certain configurations (bsc#962189)
ImportantSUSE bug 962189CVE-2015-8704 at SUSECVE-2015-8704 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for bind (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for bind fixes the following issues:
Fix two assertion failures that can lead to a remote denial of service attack:
* CVE-2016-1285: An error when parsing signature records for DNAME can lead to named exiting due to an assertion failure. (bsc#970072)
* CVE-2016-1286: An error when parsing signature records for DNAME records having specific properties can lead to named exiting due to an assertion failure in resolver.c or db.c. (bsc#970073)
ImportantSUSE bug 970072SUSE bug 970073CVE-2016-1285 at SUSECVE-2016-1285 at NVDCVE-2016-1286 at SUSECVE-2016-1286 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for bind (Critical)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
The nameserver bind was updated to fix a remote denial of service
vulnerability, where a crafted packet could cause the nameserver to abort. (CVE-2016-2776, bsc#1000362)
CriticalSUSE bug 1000362CVE-2016-2776 at SUSECVE-2016-2776 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for bind (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for bind fixes the following issues:
- A defect in BIND's handling of responses containing a DNAME answer had
the potential to trigger assertion errors in the server remotely,
thereby facilitating a denial-of-service attack. (CVE-2016-8864, bsc#1007829).
- Fix BIND to return a valid hostname in response to ldapdump queries.
(bsc#965748)
ImportantSUSE bug 1007829SUSE bug 965748CVE-2016-8864 at SUSECVE-2016-8864 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for bind (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for bind fixes the following issues:
- Fix a potential assertion failure that could have been triggered by a
malformed response to an ANY query, thereby facilitating a denial-of-service
attack. [CVE-2016-9131, bsc#1018700, bsc#1018699]
- Fix a potential assertion failure that could have been triggered by
responding to a query with inconsistent DNSSEC information, thereby
facilitating a denial-of-service attack. [CVE-2016-9147, bsc#1018701,
bsc#1018699]
- Fix potential assertion failure that could have been triggered by DNS
responses that contain unusually-formed DS resource records, facilitating a
denial-of-service attack. [CVE-2016-9444, bsc#1018702, bsc#1018699]
ImportantSUSE bug 1018699SUSE bug 1018700SUSE bug 1018701SUSE bug 1018702CVE-2016-9131 at SUSECVE-2016-9131 at NVDCVE-2016-9147 at SUSECVE-2016-9147 at NVDCVE-2016-9444 at SUSECVE-2016-9444 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for bsdtar (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
bsdtar was updated to fix seven security issues.
These security issues were fixed:
- CVE-2015-8929: Memory leak in tar parser (bsc#985669).
- CVE-2016-4809: Memory allocate error with symbolic links in cpio archives (bsc#984990).
- CVE-2015-8920: Stack out of bounds read in ar parser (bsc#985675).
- CVE-2015-8921: Global out of bounds read in mtree parser (bsc#985682).
- CVE-2015-8924: Heap buffer read overflow in tar (bsc#985609).
- CVE-2015-8918: Overlapping memcpy in CAB parser (bsc#985698).
- CVE-2015-2304: Reject absolute paths in input mode of bsdcpio exactly when '..' is rejected (bsc#920870).
ImportantSUSE bug 920870SUSE bug 984990SUSE bug 985609SUSE bug 985669SUSE bug 985675SUSE bug 985682SUSE bug 985698CVE-2015-2304 at SUSECVE-2015-2304 at NVDCVE-2015-8918 at SUSECVE-2015-8918 at NVDCVE-2015-8920 at SUSECVE-2015-8920 at NVDCVE-2015-8921 at SUSECVE-2015-8921 at NVDCVE-2015-8924 at SUSECVE-2015-8924 at NVDCVE-2015-8929 at SUSECVE-2015-8929 at NVDCVE-2016-4809 at SUSECVE-2016-4809 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for MonoSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
Mono was updated to fix a cross site scripting attack in the System.Web
class 'forbidden extensions' filtering has been fixed. (CVE-2012-3382)
Security Issue reference:
* CVE-2012-3382
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3382>
SUSE bug 769799CVE-2012-3382 at SUSECVE-2012-3382 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for SambaSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes the following security issues with Samba:
* bnc#844720: DCERPC frag_len not checked (CVE-2013-4408)
* bnc#853347: winbind pam security problem (CVE-2012-6150)
* bnc#848101: No access check verification on stream files
(CVE-2013-4475)
And fixes the following non-security issues:
* bnc#853021: libsmbclient0 package description contains comments
* bnc#817880: rpcclient adddriver and setdrive do not set all needed
registry entries
* bnc#838472: Client trying to delete print job fails: Samba returns:
WERR_INVALID_PRINTER_NAME
* bnc#854520 and bnc#849226: various upstream fixes
Security Issue references:
* CVE-2012-6150
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6150>
* CVE-2013-4408
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408>
* CVE-2013-4475
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475>
SUSE bug 437293SUSE bug 726937SUSE bug 765270SUSE bug 769957SUSE bug 770056SUSE bug 770262SUSE bug 771516SUSE bug 779269SUSE bug 783384SUSE bug 783719SUSE bug 786350SUSE bug 786677SUSE bug 787983SUSE bug 788159SUSE bug 790741SUSE bug 791183SUSE bug 792294SUSE bug 792340SUSE bug 798856SUSE bug 799641SUSE bug 800782SUSE bug 800982SUSE bug 802031SUSE bug 806501SUSE bug 807334SUSE bug 812929SUSE bug 815994SUSE bug 817880SUSE bug 820531SUSE bug 824833SUSE bug 829969SUSE bug 838472SUSE bug 844307SUSE bug 844720SUSE bug 848101SUSE bug 849224SUSE bug 849226SUSE bug 853021SUSE bug 853347SUSE bug 854520SUSE bug 863748SUSE bug 865561SUSE bug 872396SUSE bug 872912SUSE bug 879390SUSE bug 880962SUSE bug 882356SUSE bug 883758SUSE bug 883870SUSE bug 886193SUSE bug 898031SUSE bug 899558SUSE bug 913001SUSE bug 917376CVE-2012-6150 at SUSECVE-2012-6150 at NVDCVE-2013-0213 at SUSECVE-2013-0213 at NVDCVE-2013-0214 at SUSECVE-2013-0214 at NVDCVE-2013-4124 at SUSECVE-2013-4124 at NVDCVE-2013-4408 at SUSECVE-2013-4408 at NVDCVE-2013-4475 at SUSECVE-2013-4475 at NVDCVE-2013-4496 at SUSECVE-2013-4496 at NVDCVE-2014-0178 at SUSECVE-2014-0178 at NVDCVE-2014-0244 at SUSECVE-2014-0244 at NVDCVE-2014-3493 at SUSECVE-2014-3493 at NVDCVE-2015-0240 at SUSECVE-2015-0240 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Recommended update for cifs-utilsSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update to cifs-utils fixes the package's post installation scripts to
correctly restart the CIFS client during an update.
SUSE bug 747906SUSE bug 754443SUSE bug 761150CVE-2012-1586 at SUSECVE-2012-1586 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for clamavSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
This update contains clamav 0.97.8 which fixes security issues
(bnc#816865):
* CVE-2013-2020: Fix heap corruption
* CVE-2013-2021: Fix overflow due to PDF key length computation.
Security Issue references:
* CVE-2013-2020
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2020>
* CVE-2013-2021
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2021>
SUSE bug 780181SUSE bug 809945SUSE bug 816865SUSE bug 899395SUSE bug 903489SUSE bug 903719SUSE bug 904207SUSE bug 906077SUSE bug 906770SUSE bug 915512SUSE bug 916214SUSE bug 916215SUSE bug 916217CVE-2013-2020 at SUSECVE-2013-2020 at NVDCVE-2013-2021 at SUSECVE-2013-2021 at NVDCVE-2013-6497 at SUSECVE-2013-6497 at NVDCVE-2014-9050 at SUSECVE-2014-9050 at NVDCVE-2014-9328 at SUSECVE-2014-9328 at NVDCVE-2015-1461 at SUSECVE-2015-1461 at NVDCVE-2015-1462 at SUSECVE-2015-1462 at NVDCVE-2015-1463 at SUSECVE-2015-1463 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for coreutilsSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This coreutils update fixes three minor security issues.
* #798538 - VUL-1: CVE-2013-0221: segmentation fault in 'sort -d' and
'sort -M' with long line input
* #796243 - VUL-1: CVE-2013-0222: segmentation fault in 'uniq' with
long line input
* #798541 - VUL-1: CVE-2013-0223: segmentation fault in 'join -i' with
long line input
Security Issue references:
* CVE-2013-0221
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0221>
* CVE-2013-0222
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0222>
* CVE-2013-0223
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0223>
SUSE bug 697897SUSE bug 752943SUSE bug 754559SUSE bug 763536SUSE bug 796243SUSE bug 798538SUSE bug 798541SUSE bug 800908SUSE bug 808907CVE-2013-0221 at SUSECVE-2013-0221 at NVDCVE-2013-0222 at SUSECVE-2013-0222 at NVDCVE-2013-0223 at SUSECVE-2013-0223 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for CUPSSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
The following security issue has been fixed in the CUPS print daemon
CVE-2012-5519:
The patch adds better default protection against misuse of privileges by
normal users who have been specifically allowed by root to do cupsd
configuration changes
The new ConfigurationChangeRestriction cupsd.conf directive specifies the
level of restriction for cupsd.conf changes that happen via HTTP/IPP
requests to the running cupsd (e.g. via CUPS web interface or via the
cupsctl command).
By default certain cupsd.conf directives that deal with filenames, paths,
and users can no longer be changed via requests to the running cupsd but
only by manual editing the cupsd.conf file and its default file permissions
permit only root to write the cupsd.conf file.
Those directives are: ConfigurationChangeRestriction, AccessLog,
BrowseLDAPCACertFile, CacheDir, ConfigFilePerm, DataDir, DocumentRoot,
ErrorLog, FileDevice, FontPath, Group, LogFilePerm, PageLog, Printcap,
PrintcapFormat, PrintcapGUI, RemoteRoot, RequestRoot, ServerBin,
ServerCertificate, ServerKey, ServerRoot, StateDir, SystemGroup,
SystemGroupAuthKey, TempDir, User.
The default group of users who are allowed to do cupsd configuration
changes
via requests to the running cupsd (i.e. the SystemGroup directive in
cupsd.conf) is set to 'root' only.
Additionally the following bug has been fixed:
* strip trailing '@REALM' from username for Kerberos authentication
(CUPS STR#3972 bnc#827109)
Security Issue reference:
* CVE-2012-5519
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5519>
SUSE bug 789566SUSE bug 802408SUSE bug 827109CVE-2012-5519 at SUSECVE-2012-5519 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for curlSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes the re-use of wrong HTTP NTLM connections in libcurl.
(CVE-2014-0015)
Security Issue reference:
* CVE-2014-0015
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015>
SUSE bug 765342SUSE bug 769247SUSE bug 810760SUSE bug 814655SUSE bug 824517SUSE bug 849596SUSE bug 858673CVE-2013-1944 at SUSECVE-2013-1944 at NVDCVE-2013-2174 at SUSECVE-2013-2174 at NVDCVE-2013-4545 at SUSECVE-2013-4545 at NVDCVE-2014-0015 at SUSECVE-2014-0015 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Recommended update for dbusSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes a regression in the previous security update that caused
dbus-daemon-launch-helper to stop working (bnc#697105).
SUSE bug 697105SUSE bug 764047CVE-2012-3524 at SUSECVE-2012-3524 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for dhcpSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
The ISC DHCP server had a denial of service issue in handling specific DDNS
requests which could cause a out of memory usage situation. (CVE-2013-2266)
This update also adds a dhcp6-server service template for SuSEfirewall2
(bnc#783002)
Security Issues:
* CVE-2013-2266
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2266>
SUSE bug 762108SUSE bug 767661SUSE bug 770236SUSE bug 772924SUSE bug 780167SUSE bug 783002SUSE bug 784640SUSE bug 788787SUSE bug 791280SUSE bug 791289SUSE bug 794578SUSE bug 811934CVE-2012-3570 at SUSECVE-2012-3570 at NVDCVE-2012-3571 at SUSECVE-2012-3571 at NVDCVE-2012-3954 at SUSECVE-2012-3954 at NVDCVE-2012-3955 at SUSECVE-2012-3955 at NVDCVE-2013-2266 at SUSECVE-2013-2266 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for dhcp (Moderate)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for dhcp fixes the following issues:
- CVE-2016-2774: Fixed a denial of service attack against the DHCP server over the OMAPI TCP socket, which could be used
by network adjacent attackers to make the DHCP server non-functional (bsc#969820).
ModerateSUSE bug 969820CVE-2016-2774 at SUSECVE-2016-2774 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for dhcpcd (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
dhcpcd was updated to fix three security issues.
These security issues were fixed:
- CVE-2012-6698: A potential out of bounds write was fixed, which could lead to memory corruption, triggerable by network local attackers.
- CVE-2012-6699: A loop error was fixed that could lead out of bound reads, triggerable by network local attackers.
- CVE-2012-6700: An incorrect free could lead to crashes, triggerable by network local attackers.
ImportantSUSE bug 955762CVE-2012-6698 at SUSECVE-2012-6698 at NVDCVE-2012-6699 at SUSECVE-2012-6699 at NVDCVE-2012-6700 at SUSECVE-2012-6700 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Recommended update for evolutionSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This consolidated update for Evolution provides smart card support, patches
for Change Password Feature, Out of Office Feature, Find Item Feature, Free
Busy and Other stability patches.
In addition a low security issue has been fixed:
* CVE-2011-3201: A malicious site can specify an attach= parameter to
the URL, which can attach arbitrary files to a mail message.
SUSE bug 713610SUSE bug 714939SUSE bug 736655SUSE bug 749224SUSE bug 754953SUSE bug 759519CVE-2011-3201 at SUSECVE-2011-3201 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for fastjarSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This fastjar update fixes a directory traversal issue (bnc#607043).
Security Issue reference:
* CVE-2010-0831
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0831>
SUSE bug 607043CVE-2010-0831 at SUSECVE-2010-0831 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
MozillaFirefox was updated to 10.0.7ESR release, fixing a lot of bugs and
security problems.
The following security issues have been addressed:
*
MFSA 2012-57: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products.
*
CVE-2012-1971: Gary Kwong, Christian Holler, Jesse Ruderman, Steve
Fink, Bob Clary, Andrew Sutherland, and Jason Smith reported memory
safety problems and crashes that affect Firefox 14.
*
CVE-2012-1970: Gary Kwong, Christian Holler, Jesse Ruderman, John
Schoenick, Vladimir Vukicevic and Daniel Holbert reported memory
safety problems and crashes that affect Firefox ESR 10 and Firefox
14.
*
MFSA 2012-58: Security researcher Abhishek Arya (Inferno) of Google
Chrome Security Team discovered a series of use-after-free issues
using the Address Sanitizer tool. Many of these issues are
potentially exploitable, allowing for remote code execution.
o Heap-use-after-free in nsHTMLEditor::CollapseAdjacentTextNodes
CVE-2012-1972
o Heap-use-after-free in nsObjectLoadingContent::LoadObject
CVE-2012-1973
o Heap-use-after-free in gfxTextRun::CanBreakLineBefore
CVE-2012-1974
o Heap-use-after-free in PresShell::CompleteMove CVE-2012-1975
o Heap-use-after-free in nsHTMLSelectElement::SubmitNamesValues
CVE-2012-1976
o Heap-use-after-free in MediaStreamGraphThreadRunnable::Run()
CVE-2012-3956
o Heap-buffer-overflow in nsBlockFrame::MarkLineDirty
CVE-2012-3957
o Heap-use-after-free in nsHTMLEditRules::DeleteNonTableElements
CVE-2012-3958
o Heap-use-after-free in nsRangeUpdater::SelAdjDeleteNode
CVE-2012-3959
o Heap-use-after-free in mozSpellChecker::SetCurrentDictionary
CVE-2012-3960
o Heap-use-after-free in RangeData::~RangeData CVE-2012-3961
o Bad iterator in text runs CVE-2012-3962
o use after free in js::gc::MapAllocToTraceKind CVE-2012-3963
o Heap-use-after-free READ 8 in gfxTextRun::GetUserData
CVE-2012-3964
*
MFSA 2012-59 / CVE-2012-1956: Security researcher Mariusz Mlynski
reported that it is possible to shadow the location object using
Object.defineProperty. This could be used to confuse the current
location to plugins, allowing for possible cross-site scripting (XSS)
attacks.
*
MFSA 2012-60 / CVE-2012-3965: Security researcher Mariusz Mlynski
reported that when a page opens a new tab, a subsequent window can
then be opened that can be navigated to about:newtab, a chrome
privileged page. Once about:newtab is loaded, the special context can
potentially be used to escalate privilege, allowing for arbitrary
code execution on the local system in a maliciously crafted attack.
*
MFSA 2012-61 / CVE-2012-3966: Security researcher Frederic Hoguin
reported two related issues with the decoding of bitmap (.BMP) format
images embedded in icon (.ICO) format files. When processing a
negative 'height' header value for the bitmap image, a memory
corruption can be induced, allowing an attacker to write random
memory and cause a crash. This crash may be potentially exploitable.
*
MFSA 2012-62: Security researcher miaubiz used the Address Sanitizer
tool to discover two WebGL issues. The first issue is a
use-after-free when WebGL shaders are called after being destroyed.
The second issue exposes a problem with Mesa drivers on Linux,
leading to a potentially exploitable crash.
o
use after free, webgl fragment shader deleted by accessor
CVE-2012-3968
o
stack scribbling with 4-byte values choosable among a few
values, when using more than 16 sampler uniforms, on Mesa, with
all drivers CVE-2012-3967
*
MFSA 2012-63: Security researcher Arthur Gerkis used the Address
Sanitizer tool to find two issues involving Scalable Vector Graphics
(SVG) files. The first issue is a buffer overflow in Gecko's SVG
filter code when the sum of two values is too large to be stored as a
signed 32-bit integer, causing the function to write past the end of
an array. The second issue is a use-after-free when an element with a
'requiredFeatures' attribute is moved between documents. In that
situation, the internal representation of the 'requiredFeatures'
value could be freed prematurely. Both issues are potentially
exploitable.
o
Heap-buffer-overflow in nsSVGFEMorphologyElement::Filter
CVE-2012-3969
o
Heap-use-after-free in nsTArray_base::Length() CVE-2012-3970
*
MFSA 2012-64 / CVE-2012-3971: Using the Address Sanitizer tool,
Mozilla security researcher Christoph Diehl discovered two memory
corruption issues involving the Graphite 2 library used in Mozilla
products. Both of these issues can cause a potentially exploitable
crash. These problems were fixed in the Graphite 2 library, which has
been updated for Mozilla products.
*
MFSA 2012-65 / CVE-2012-3972: Security research Nicolas Gregoire used
the Address Sanitizer tool to discover an out-of-bounds read in the
format-number feature of XSLT, which can cause inaccurate formatting
of numbers and information leakage. This is not directly exploitable.
*
MFSA 2012-66 / CVE-2012-3973: Mozilla security researcher Mark
Goodwin discovered an issue with the Firefox developer tools'
debugger. If remote debugging is disabled, but the experimental
HTTPMonitor extension has been installed and enabled, a remote user
can connect to and use the remote debugging service through the port
used by HTTPMonitor. A remote-enabled flag has been added to resolve
this problem and close the port unless debugging is explicitly
enabled.
*
MFSA 2012-67 / CVE-2012-3974: Security researcher Masato Kinugawa
reported that if a crafted executable is placed in the root partition
on a Windows file system, the Firefox and Thunderbird installer will
launch this program after a standard installation instead of Firefox
or Thunderbird, running this program with the user's privileges.
*
MFSA 2012-68 / CVE-2012-3975: Security researcher vsemozhetbyt
reported that when the DOMParser is used to parse text/html data in a
Firefox extension, linked resources within this HTML data will be
loaded. If the data being parsed in the extension is untrusted, it
could lead to information leakage and can potentially be combined
with other attacks to become exploitable.
*
MFSA 2012-69 / CVE-2012-3976: Security researcher Mark Poticha
reported an issue where incorrect SSL certificate information can be
displayed on the addressbar, showing the SSL data for a previous site
while another has been loaded. This is caused by two onLocationChange
events being fired out of the expected order, leading to the
displayed certificate data to not be updated. This can be used for
phishing attacks by allowing the user to input form or other data on
a newer, attacking, site while the credentials of an older site
appear on the addressbar.
*
MFSA 2012-70 / CVE-2012-3978: Mozilla security researcher
moz_bug_r_a4 reported that certain security checks in the location
object can be bypassed if chrome code is called content in a specific
manner. This allowed for the loading of restricted content. This can
be combined with other issues to become potentially exploitable.
*
MFSA 2012-71 / CVE-2012-3979: Mozilla developer Blake Kaplan reported
that __android_log_print is called insecurely in places. If a
malicious web page used a dump() statement with a specially crafted
string, it can trigger a potentially exploitable crash.
This vulnerability only affects Firefox for Android.
*
MFSA 2012-72 / CVE-2012-3980: Security researcher Colby Russell
discovered that eval in the web console can execute injected code
with chrome privileges, leading to the running of malicious code in a
privileged context. This allows for arbitrary code execution through
a malicious web page if the web console is invoked by the user.
SUSE bug 777588CVE-2012-1956 at SUSECVE-2012-1956 at NVDCVE-2012-1970 at SUSECVE-2012-1970 at NVDCVE-2012-1971 at SUSECVE-2012-1971 at NVDCVE-2012-1972 at SUSECVE-2012-1972 at NVDCVE-2012-1973 at SUSECVE-2012-1973 at NVDCVE-2012-1974 at SUSECVE-2012-1974 at NVDCVE-2012-1975 at SUSECVE-2012-1975 at NVDCVE-2012-1976 at SUSECVE-2012-1976 at NVDCVE-2012-3956 at SUSECVE-2012-3956 at NVDCVE-2012-3957 at SUSECVE-2012-3957 at NVDCVE-2012-3958 at SUSECVE-2012-3958 at NVDCVE-2012-3959 at SUSECVE-2012-3959 at NVDCVE-2012-3960 at SUSECVE-2012-3960 at NVDCVE-2012-3961 at SUSECVE-2012-3961 at NVDCVE-2012-3962 at SUSECVE-2012-3962 at NVDCVE-2012-3963 at SUSECVE-2012-3963 at NVDCVE-2012-3964 at SUSECVE-2012-3964 at NVDCVE-2012-3965 at SUSECVE-2012-3965 at NVDCVE-2012-3966 at SUSECVE-2012-3966 at NVDCVE-2012-3967 at SUSECVE-2012-3967 at NVDCVE-2012-3968 at SUSECVE-2012-3968 at NVDCVE-2012-3969 at SUSECVE-2012-3969 at NVDCVE-2012-3970 at SUSECVE-2012-3970 at NVDCVE-2012-3971 at SUSECVE-2012-3971 at NVDCVE-2012-3972 at SUSECVE-2012-3972 at NVDCVE-2012-3973 at SUSECVE-2012-3973 at NVDCVE-2012-3974 at SUSECVE-2012-3974 at NVDCVE-2012-3975 at SUSECVE-2012-3975 at NVDCVE-2012-3976 at SUSECVE-2012-3976 at NVDCVE-2012-3978 at SUSECVE-2012-3978 at NVDCVE-2012-3979 at SUSECVE-2012-3979 at NVDCVE-2012-3980 at SUSECVE-2012-3980 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
MozillaFirefox was updated to the 10.0.9ESR security release which fixes
bugs and security issues:
*
MFSA 2012-73 / CVE-2012-3977: Security researchers Thai Duong and
Juliano Rizzo reported that SPDY's request header compression leads
to information leakage, which can allow the extraction of private
data such as session cookies, even over an encrypted SSL connection.
(This does not affect Firefox 10 as it does not feature the SPDY
extension. It was silently fixed for Firefox 15.)
*
MFSA 2012-74: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products.
*
CVE-2012-3983: Henrik Skupin, Jesse Ruderman and moz_bug_r_a4
reported memory safety problems and crashes that affect Firefox 15.
*
CVE-2012-3982: Christian Holler and Jesse Ruderman reported memory
safety problems and crashes that affect Firefox ESR 10 and Firefox
15.
*
MFSA 2012-75 / CVE-2012-3984: Security researcher David Bloom of Cue
discovered that 'select' elements are always-on-top chromeless
windows and that navigation away from a page with an active 'select'
menu does not remove this window.When another menu is opened
programmatically on a new page, the original 'select' menu can be
retained and arbitrary HTML content within it rendered, allowing an
attacker to cover arbitrary portions of the new page through absolute
positioning/scrolling, leading to spoofing attacks. Security
researcher Jordi Chancel found a variation that would allow for
click-jacking attacks was well.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products. References
Navigation away from a page with an active 'select' dropdown menu can
be used for URL spoofing, other evil
Firefox 10.0.1 : Navigation away from a page with multiple active
'select' dropdown menu can be used for Spoofing And ClickJacking with
XPI using window.open and geolocalisation
*
MFSA 2012-76 / CVE-2012-3985: Security researcher Collin Jackson
reported a violation of the HTML5 specifications for document.domain
behavior. Specified behavior requires pages to only have access to
windows in a new document.domain but the observed violation allowed
pages to retain access to windows from the page's initial origin in
addition to the new document.domain. This could potentially lead to
cross-site scripting (XSS) attacks.
*
MFSA 2012-77 / CVE-2012-3986: Mozilla developer Johnny Stenback
discovered that several methods of a feature used for testing
(DOMWindowUtils) are not protected by existing security checks,
allowing these methods to be called through script by web pages. This
was addressed by adding the existing security checks to these
methods.
*
MFSA 2012-78 / CVE-2012-3987: Security researcher Warren He reported
that when a page is transitioned into Reader Mode in Firefox for
Android, the resulting page has chrome privileges and its content is
not thoroughly sanitized. A successful attack requires user enabling
of reader mode for a malicious page, which could then perform an
attack similar to cross-site scripting (XSS) to gain the privileges
allowed to Firefox on an Android device. This has been fixed by
changing the Reader Mode page into an unprivileged page.
This vulnerability only affects Firefox for Android.
*
MFSA 2012-79 / CVE-2012-3988: Security researcher Soroush Dalili
reported that a combination of invoking full screen mode and
navigating backwards in history could, in some circumstances, cause a
hang or crash due to a timing dependent use-after-free pointer
reference. This crash may be potentially exploitable.
*
MFSA 2012-80 / CVE-2012-3989: Mozilla community member Ms2ger
reported a crash due to an invalid cast when using the instanceof
operator on certain types of JavaScript objects. This can lead to a
potentially exploitable crash.
*
MFSA 2012-81 / CVE-2012-3991: Mozilla community member Alice White
reported that when the GetProperty function is invoked through JSAPI,
security checking can be bypassed when getting cross-origin
properties. This potentially allowed for arbitrary code execution.
*
MFSA 2012-82 / CVE-2012-3994: Security researcher Mariusz Mlynski
reported that the location property can be accessed by binary plugins
through top.location and top can be shadowed by Object.defineProperty
as well. This can allow for possible cross-site scripting (XSS)
attacks through plugins.
*
MFSA 2012-83: Security researcher Mariusz Mlynski reported that when
InstallTrigger fails, it throws an error wrapped in a Chrome Object
Wrapper (COW) that fails to specify exposed properties. These can
then be added to the resulting object by an attacker, allowing access
to chrome privileged functions through script.
While investigating this issue, Mozilla security researcher
moz_bug_r_a4 found that COW did not disallow accessing of properties
from a standard prototype in some situations, even when the original
issue had been fixed.
These issues could allow for a cross-site scripting (XSS) attack or
arbitrary code execution.
*
CVE-2012-3993: XrayWrapper pollution via unsafe COW
*
CVE-2012-4184: ChromeObjectWrapper is not implemented as intended
*
MFSA 2012-84 / CVE-2012-3992: Security researcher Mariusz Mlynski
reported an issue with spoofing of the location property. In this
issue, writes to location.hash can be used in concert with scripted
history navigation to cause a specific website to be loaded into the
history object. The baseURI can then be changed to this stored site,
allowing an attacker to inject a script or intercept posted data
posted to a location specified with a relative path.
*
MFSA 2012-85: Security researcher Abhishek Arya (Inferno) of the
Google Chrome Security Team discovered a series of use-after-free,
buffer overflow, and out of bounds read issues using the Address
Sanitizer tool in shipped software. These issues are potentially
exploitable, allowing for remote code execution. We would also like
to thank Abhishek for reporting two additional use-after-free flaws
introduced during Firefox 16 development and fixed before general
release.
*
CVE-2012-3995: Out of bounds read in IsCSSWordSpacingSpace
*
CVE-2012-4179: Heap-use-after-free in
nsHTMLCSSUtils::CreateCSSPropertyTxn
*
CVE-2012-4180: Heap-buffer-overflow in
nsHTMLEditor::IsPrevCharInNodeWhitespace
*
CVE-2012-4181: Heap-use-after-free in
nsSMILAnimationController::DoSample
*
CVE-2012-4182: Heap-use-after-free in nsTextEditRules::WillInsert
*
CVE-2012-4183: Heap-use-after-free in
DOMSVGTests::GetRequiredFeatures
*
MFSA 2012-86: Security researcher Atte Kettunen from OUSPG reported
several heap memory corruption issues found using the Address
Sanitizer tool. These issues are potentially exploitable, allowing
for remote code execution.
*
CVE-2012-4185: Global-buffer-overflow in nsCharTraits::length
*
CVE-2012-4186: Heap-buffer-overflow in nsWaveReader::DecodeAudioData
*
CVE-2012-4187: Crash with ASSERTION: insPos too small
*
CVE-2012-4188: Heap-buffer-overflow in Convolve3x3
*
MFSA 2012-87 / CVE-2012-3990: Security researcher miaubiz used the
Address Sanitizer tool to discover a use-after-free in the IME State
Manager code. This could lead to a potentially exploitable crash.
*
MFSA 2012-89 / CVE-2012-4192 / CVE-2012-4193: Mozilla security
researcher moz_bug_r_a4 reported a regression where security wrappers
are unwrapped without doing a security check in defaultValue(). This
can allow for improper access access to the Location object. In
versions 15 and earlier of affected products, there was also the
potential for arbitrary code execution.
Security Issue reference:
* CVE-2012-3977
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3977>
* CVE-2012-3982
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3982>
* CVE-2012-3983
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3983>
* CVE-2012-3984
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3984>
* CVE-2012-3985
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3985>
* CVE-2012-3986
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3986>
* CVE-2012-3987
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3987>
* CVE-2012-3988
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3988>
* CVE-2012-3989
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3989>
* CVE-2012-3990
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3990>
* CVE-2012-3991
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3991>
* CVE-2012-3992
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3992>
* CVE-2012-3993
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3993>
* CVE-2012-3994
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3994>
* CVE-2012-3995
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3995>
* CVE-2012-4179
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4179>
* CVE-2012-4180
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4180>
* CVE-2012-4181
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4181>
* CVE-2012-4182
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4182>
* CVE-2012-4183
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4183>
* CVE-2012-4184
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4184>
* CVE-2012-4185
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4185>
* CVE-2012-4186
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4186>
* CVE-2012-4187
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4187>
* CVE-2012-4188
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4188>
* CVE-2012-4192
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4192>
* CVE-2012-4193
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4193>
SUSE bug 783533CVE-2012-3977 at SUSECVE-2012-3977 at NVDCVE-2012-3982 at SUSECVE-2012-3982 at NVDCVE-2012-3983 at SUSECVE-2012-3983 at NVDCVE-2012-3984 at SUSECVE-2012-3984 at NVDCVE-2012-3985 at SUSECVE-2012-3985 at NVDCVE-2012-3986 at SUSECVE-2012-3986 at NVDCVE-2012-3987 at SUSECVE-2012-3987 at NVDCVE-2012-3988 at SUSECVE-2012-3988 at NVDCVE-2012-3989 at SUSECVE-2012-3989 at NVDCVE-2012-3990 at SUSECVE-2012-3990 at NVDCVE-2012-3991 at SUSECVE-2012-3991 at NVDCVE-2012-3992 at SUSECVE-2012-3992 at NVDCVE-2012-3993 at SUSECVE-2012-3993 at NVDCVE-2012-3994 at SUSECVE-2012-3994 at NVDCVE-2012-3995 at SUSECVE-2012-3995 at NVDCVE-2012-4179 at SUSECVE-2012-4179 at NVDCVE-2012-4180 at SUSECVE-2012-4180 at NVDCVE-2012-4181 at SUSECVE-2012-4181 at NVDCVE-2012-4182 at SUSECVE-2012-4182 at NVDCVE-2012-4183 at SUSECVE-2012-4183 at NVDCVE-2012-4184 at SUSECVE-2012-4184 at NVDCVE-2012-4185 at SUSECVE-2012-4185 at NVDCVE-2012-4186 at SUSECVE-2012-4186 at NVDCVE-2012-4187 at SUSECVE-2012-4187 at NVDCVE-2012-4188 at SUSECVE-2012-4188 at NVDCVE-2012-4192 at SUSECVE-2012-4192 at NVDCVE-2012-4193 at SUSECVE-2012-4193 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
MozillaFirefox was updated to the 10.0.10ESR security release.
The following issue has been fixed:
*
MFSA 2012-90: Mozilla has fixed a number of issues related to the
Location object in order to enhance overall security. Details for
each of the current fixed issues are below.
Thunderbird is only affected by window.location issues through RSS
feeds and extensions that load web content.
*
CVE-2012-4194: Security researcher Mariusz Mlynski reported that the
true value of window.location could be shadowed by user content
through the use of the valueOf method, which can be combined with
some plugins to perform a cross-site scripting (XSS) attack on users.
*
CVE-2012-4195: Mozilla security researcher moz_bug_r_a4 discovered
that the CheckURL function in window.location can be forced to return
the wrong calling document and principal, allowing a cross-site
scripting (XSS) attack. There is also the possibility of gaining
arbitrary code execution if the attacker can take advantage of an
add-on that interacts with the page content.
*
CVE-2012-4196: Security researcher Antoine Delignat-Lavaud of the
PROSECCO research team at INRIA Paris reported the ability to use
property injection by prototype to bypass security wrapper
protections on the Location object, allowing the cross-origin reading
of the Location object.
SUSE bug 786522CVE-2012-4194 at SUSECVE-2012-4194 at NVDCVE-2012-4195 at SUSECVE-2012-4195 at NVDCVE-2012-4196 at SUSECVE-2012-4196 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
Mozilla Firefox has been updated to the 10.0.11 ESR security release, which
fixes various bugs and security issues.
*
MFSA 2012-106: Security researcher miaubiz used the Address Sanitizer
tool to discover a series critically rated of use-after-free, buffer
overflow, and memory corruption issues in shipped software. These
issues are potentially exploitable, allowing for remote code
execution. We would also like to thank miaubiz for reporting two
additional use-after-free and memory corruption issues introduced
during Firefox development that have been fixed before general
release.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products. References
The following issues have been fixed in Firefox 17 and ESR 10.0.11:
o use-after-free when loading html file on osx (CVE-2012-5830)
o Mesa crashes on certain texImage2D calls involving level>0
(CVE-2012-5833)
o integer overflow, invalid write w/webgl bufferdata
(CVE-2012-5835)
The following issues have been fixed in Firefox 17:
o crash in copyTexImage2D with image dimensions too large for
given level (CVE-2012-5838)
*
MFSA 2012-105: Security researcher Abhishek Arya (Inferno) of the
Google Chrome Security Team discovered a series critically rated of
use-after-free and buffer overflow issues using the Address Sanitizer
tool in shipped software. These issues are potentially exploitable,
allowing for remote code execution. We would also like to thank
Abhishek for reporting five additional use-after-free, out of bounds
read, and buffer overflow flaws introduced during Firefox development
that have been fixed before general release.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products. References
The following issues have been fixed in Firefox 17 and ESR 10.0.11:
o Heap-use-after-free in nsTextEditorState::PrepareEditor
(CVE-2012-4214)
o Heap-use-after-free in nsPlaintextEditor::FireClipboardEvent
(CVE-2012-4215)
o Heap-use-after-free in gfxFont::GetFontEntry (CVE-2012-4216)
o Heap-buffer-overflow in nsWindow::OnExposeEvent (CVE-2012-5829)
o heap-buffer-overflow in
gfxShapedWord::CompressedGlyph::IsClusterStart
o CVE-2012-5839
o Heap-use-after-free in nsTextEditorState::PrepareEditor
(CVE-2012-5840)
The following issues have been fixed in Firefox 17:
o Heap-use-after-free in XPCWrappedNative::Mark (CVE-2012-4212)
o Heap-use-after-free in nsEditor::FindNextLeafNode
(CVE-2012-4213)
o Heap-use-after-free in nsViewManager::ProcessPendingUpdates
(CVE-2012-4217)
o Heap-use-after-free BuildTextRunsScanner::BreakSink::SetBreaks
(CVE-2012-4218)
*
MFSA 2012-104 / CVE-2012-4210: Security researcher Mariusz Mlynski
reported that when a maliciously crafted stylesheet is inspected in
the Style Inspector, HTML and CSS can run in a chrome privileged
context without being properly sanitized first. This can lead to
arbitrary code execution.
*
MFSA 2012-103 / CVE-2012-4209: Security researcher Mariusz Mlynski
reported that the location property can be accessed by binary plugins
through top.location with a frame whose name attribute's value is set
to 'top'. This can allow for possible cross-site scripting (XSS)
attacks through plugins.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products.
*
MFSA 2012-102 / CVE-2012-5837: Security researcher Masato Kinugawa
reported that when script is entered into the Developer Toolbar, it
runs in a chrome privileged context. This allows for arbitrary code
execution or cross-site scripting (XSS) if a user can be convinced to
paste malicious code into the Developer Toolbar.
*
MFSA 2012-101 / CVE-2012-4207: Security researcher Masato Kinugawa
found when HZ-GB-2312 charset encoding is used for text, the '~'
character will destroy another character near the chunk delimiter.
This can lead to a cross-site scripting (XSS) attack in pages encoded
in HZ-GB-2312.
*
MFSA 2012-100 / CVE-2012-5841: Mozilla developer Bobby Holley
reported that security wrappers filter at the time of property
access, but once a function is returned, the caller can use this
function without further security checks. This affects cross-origin
wrappers, allowing for write actions on objects when only read
actions should be properly allowed. This can lead to cross-site
scripting (XSS) attacks.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products.
*
MFSA 2012-99 / CVE-2012-4208: Mozilla developer Peter Van der Beken
discovered that same-origin XrayWrappers expose chrome-only
properties even when not in a chrome compartment. This can allow web
content to get properties of DOM objects that are intended to be
chrome-only.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products.
*
MFSA 2012-98 / CVE-2012-4206: Security researcher Robert Kugler
reported that when a specifically named DLL file on a Windows
computer is placed in the default downloads directory with the
Firefox installer, the Firefox installer will load this DLL when it
is launched. In circumstances where the installer is run by an
administrator privileged account, this allows for the downloaded DLL
file to be run with administrator privileges. This can lead to
arbitrary code execution from a privileged account.
*
MFSA 2012-97 / CVE-2012-4205: Mozilla developer Gabor Krizsanits
discovered that XMLHttpRequest objects created within sandboxes have
the system principal instead of the sandbox principal. This can lead
to cross-site request forgery (CSRF) or information theft via an
add-on running untrusted code in a sandbox.
*
MFSA 2012-96 / CVE-2012-4204: Security researcher Scott Bell of
Security-Assessment.com used the Address Sanitizer tool to discover a
memory corruption in str_unescape in the Javascript engine. This
could potentially lead to arbitrary code execution.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products.
*
MFSA 2012-95 / CVE-2012-4203: Security researcher kakzz.ng@gmail.com
reported that if a javascript: URL is selected from the list of
Firefox 'new tab' page, the script will inherit the privileges of the
privileged 'new tab' page. This allows for the execution of locally
installed programs if a user can be convinced to save a bookmark of a
malicious javascript: URL.
*
MFSA 2012-94 / CVE-2012-5836: Security researcher Jonathan Stephens
discovered that combining SVG text on a path with the setting of CSS
properties could lead to a potentially exploitable crash.
*
MFSA 2012-93 / CVE-2012-4201: Mozilla security researcher
moz_bug_r_a4 reported that if code executed by the evalInSandbox
function sets location.href, it can get the wrong subject principal
for the URL check, ignoring the sandbox's Javascript context and
gaining the context of evalInSandbox object. This can lead to
malicious web content being able to perform a cross-site scripting
(XSS) attack or stealing a copy of a local file if the user has
installed an add-on vulnerable to this attack.
*
MFSA 2012-92 / CVE-2012-4202: Security researcher Atte Kettunen from
OUSPG used the Address Sanitizer tool to discover a buffer overflow
while rendering GIF format images. This issue is potentially
exploitable and could lead to arbitrary code execution.
*
MFSA 2012-91: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products. References
Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey,
Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, and Bill
McCloskey reported memory safety problems and crashes that affect
Firefox 16. (CVE-2012-5843)
Jesse Ruderman, Andrew McCreight, Bob Clary, and Kyle Huey reported
memory safety problems and crashes that affect Firefox ESR 10 and
Firefox 16. (CVE-2012-5842)
SUSE bug 790140CVE-2012-4201 at SUSECVE-2012-4201 at NVDCVE-2012-4202 at SUSECVE-2012-4202 at NVDCVE-2012-4203 at SUSECVE-2012-4203 at NVDCVE-2012-4204 at SUSECVE-2012-4204 at NVDCVE-2012-4205 at SUSECVE-2012-4205 at NVDCVE-2012-4206 at SUSECVE-2012-4206 at NVDCVE-2012-4207 at SUSECVE-2012-4207 at NVDCVE-2012-4208 at SUSECVE-2012-4208 at NVDCVE-2012-4209 at SUSECVE-2012-4209 at NVDCVE-2012-4210 at SUSECVE-2012-4210 at NVDCVE-2012-4212 at SUSECVE-2012-4212 at NVDCVE-2012-4213 at SUSECVE-2012-4213 at NVDCVE-2012-4214 at SUSECVE-2012-4214 at NVDCVE-2012-4215 at SUSECVE-2012-4215 at NVDCVE-2012-4216 at SUSECVE-2012-4216 at NVDCVE-2012-4217 at SUSECVE-2012-4217 at NVDCVE-2012-4218 at SUSECVE-2012-4218 at NVDCVE-2012-5829 at SUSECVE-2012-5829 at NVDCVE-2012-5830 at SUSECVE-2012-5830 at NVDCVE-2012-5833 at SUSECVE-2012-5833 at NVDCVE-2012-5835 at SUSECVE-2012-5835 at NVDCVE-2012-5836 at SUSECVE-2012-5836 at NVDCVE-2012-5837 at SUSECVE-2012-5837 at NVDCVE-2012-5838 at SUSECVE-2012-5838 at NVDCVE-2012-5839 at SUSECVE-2012-5839 at NVDCVE-2012-5840 at SUSECVE-2012-5840 at NVDCVE-2012-5841 at SUSECVE-2012-5841 at NVDCVE-2012-5842 at SUSECVE-2012-5842 at NVDCVE-2012-5843 at SUSECVE-2012-5843 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
Mozilla Firefox was updated to the 10.0.12ESR release.
*
MFSA 2013-01: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
o Christoph Diehl, Christian Holler, Mats Palmgren, and Chiaki
Ishikawa reported memory safety problems and crashes that
affect Firefox ESR 10, Firefox ESR 17, and Firefox 17. (
CVE-2013-0769
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0769>
)
o Bill Gianopoulos, Benoit Jacob, Christoph Diehl, Christian
Holler, Gary Kwong, Robert O'Callahan, and Scoobidiver reported
memory safety problems and crashes that affect Firefox ESR 17
and Firefox 17. (CVE-2013-0749
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0749>
)
o Jesse Ruderman, Christian Holler, Julian Seward, and
Scoobidiver reported memory safety problems and crashes that
affect Firefox 17. (CVE-2013-0770
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0770>
)
*
MFSA 2013-02: Security researcher Abhishek Arya (Inferno) of the
Google Chrome Security Team discovered a series critically rated of
use-after-free, out of bounds read, and buffer overflow issues using
the Address Sanitizer tool in shipped software. These issues are
potentially exploitable, allowing for remote code execution. We would
also like to thank Abhishek for reporting three additional
user-after-free and out of bounds read flaws introduced during
Firefox development that were fixed before general release.
The following issue was fixed in Firefox 18:
o Global-buffer-overflow in
CharDistributionAnalysis::HandleOneChar (CVE-2013-0760
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0760>
)
The following issues were fixed in Firefox 18, ESR 17.0.1, and ESR
10.0.12:
o Heap-use-after-free in imgRequest::OnStopFrame (CVE-2013-0762
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0762>
)
o Heap-use-after-free in ~nsHTMLEditRules (CVE-2013-0766
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0766>
)
o Out of bounds read in nsSVGPathElement::GetPathLengthScale (
CVE-2013-0767
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0767>
)
The following issues were fixed in Firefox 18 and ESR 17.0.1:
o Heap-use-after-free in mozilla::TrackUnionStream::EndTrack (
CVE-2013-0761
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0761>
)
o Heap-use-after-free in Mesa, triggerable by resizing a WebGL
canvas (CVE-2013-0763
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0763>
)
o Heap-buffer-overflow in gfxTextRun::ShrinkToLigatureBoundaries
(CVE-2013-0771
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0771>
)
The following issue was fixed in Firefox 18 and in the earlier ESR
10.0.11 release:
o Heap-buffer-overflow in nsWindow::OnExposeEvent (CVE-2012-5829
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5829>
)
*
MFSA 2013-03: Security researcher miaubiz used the Address Sanitizer
tool to discover a buffer overflow in Canvas when specific bad height
and width values were given through HTML. This could lead to a
potentially exploitable crash. (CVE-2013-0768
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0768> )
Miaubiz also found a potentially exploitable crash when 2D and 3D
content was mixed which was introduced during Firefox development and
fixed before general release.
*
MFSA 2013-04: Security researcher Masato Kinugawa found a flaw in
which the displayed URL values within the addressbar can be spoofed
by a page during loading. This allows for phishing attacks where a
malicious page can spoof the identify of another site. (
CVE-2013-0759
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0759> )
*
MFSA 2013-05: Using the Address Sanitizer tool, security researcher
Atte Kettunen from OUSPG discovered that the combination of large
numbers of columns and column groups in a table could cause the array
containing the columns during rendering to overwrite itself. This can
lead to a user-after-free causing a potentially exploitable crash. (
CVE-2013-0744
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0744> )
*
MFSA 2013-06: Mozilla developer Wesley Johnston reported that when
there are two or more iframes on the same HTML page, an iframe is
able to see the touch events and their targets that occur within the
other iframes on the page. If the iframes are from the same origin,
they can also access the properties and methods of the targets of
other iframes but same-origin policy (SOP) restricts access across
domains. This allows for information leakage and possibilities for
cross-site scripting (XSS) if another vulnerability can be used to
get around SOP restrictions. (CVE-2013-0751
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0751> )
*
MFSA 2013-07: Mozilla community member Jerry Baker reported a
crashing issue found through Thunderbird when downloading messages
over a Secure Sockets Layer (SSL) connection. This was caused by a
bug in the networking code assuming that secure connections were
entirely handled on the socket transport thread when they can occur
on a variety of threads. The resulting crash was potentially
exploitable. (CVE-2013-0764
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0764> )
*
MFSA 2013-08: Mozilla developer Olli Pettay discovered that the
AutoWrapperChanger class fails to keep some javascript objects alive
during garbage collection. This can lead to an exploitable crash
allowing for arbitrary code execution. (CVE-2013-0745
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0745> )
*
MFSA 2013-09: Mozilla developer Boris Zbarsky reported reported a
problem where jsval-returning quickstubs fail to wrap their return
values, causing a compartment mismatch. This mismatch can cause
garbage collection to occur incorrectly and lead to a potentially
exploitable crash. (CVE-2013-0746
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0746> )
*
MFSA 2013-10: Mozilla security researcher Jesse Ruderman reported
that events in the plugin handler can be manipulated by web content
to bypass same-origin policy (SOP) restrictions. This can allow for
clickjacking on malicious web pages. (CVE-2013-0747
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0747> )
*
MFSA 2013-11: Mozilla security researcher Jesse Ruderman discovered
that using the toString function of XBL objects can lead to
inappropriate information leakage by revealing the address space
layout instead of just the ID of the object. This layout information
could potentially be used to bypass ASLR and other security
protections. (CVE-2013-0748
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0748> )
*
MFSA 2013-12: Security researcher pa_kt reported a flaw via
TippingPoint's Zero Day Initiative that an integer overflow is
possible when calculating the length for a Javascript string
concatenation, which is then used for memory allocation. This results
in a buffer overflow, leading to a potentially exploitable memory
corruption. (CVE-2013-0750
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0750> )
*
MFSA 2013-13: Security researcher Sviatoslav Chagaev reported that
when using an XBL file containing multiple XML bindings with SVG
content, a memory corruption can occur. In concern with remote XUL,
this can lead to an exploitable crash. (CVE-2013-0752
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0752> )
*
MFSA 2013-14: Security researcher Mariusz Mlynski reported that it is
possible to change the prototype of an object and bypass Chrome
Object Wrappers (COW) to gain access to chrome privileged functions.
This could allow for arbitrary code execution. (CVE-2013-0757
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0757> )
*
MFSA 2013-15: Security researcher Mariusz Mlynski reported that it is
possible to open a chrome privileged web page through plugin objects
through interaction with SVG elements. This could allow for arbitrary
code execution. (CVE-2013-0758
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0758> )
*
MFSA 2013-16: Security researcher regenrecht reported, via
TippingPoint's Zero Day Initiative, a use-after-free in XMLSerializer
by the exposing of serializeToStream to web content. This can lead to
arbitrary code execution when exploited. (CVE-2013-0753
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0753> )
*
MFSA 2013-17: Security researcher regenrecht reported, via
TippingPoint's Zero Day Initiative, a use-after-free within the
ListenerManager when garbage collection is forced after data in
listener objects have been allocated in some circumstances. This
results in a use-after-free which can lead to arbitrary code
execution. (CVE-2013-0754
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0754> )
*
MFSA 2013-18: Security researcher regenrecht reported, via
TippingPoint's Zero Day Initiative, a use-after-free using the domDoc
pointer within Vibrate library. This can lead to arbitrary code
execution when exploited. (CVE-2013-0755
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0755> )
*
MFSA 2013-19: Security researcher regenrecht reported, via
TippingPoint's Zero Day Initiative, a garbage collection flaw in
Javascript Proxy objects. This can lead to a use-after-free leading
to arbitrary code execution. (CVE-2013-0756
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0756> )
*
MFSA 2013-20: Google reported to Mozilla that TURKTRUST, a
certificate authority in Mozilla's root program, had mis-issued two
intermediate certificates to customers. The issue was not specific to
Firefox but there was evidence that one of the certificates was used
for man-in-the-middle (MITM) traffic management of domain names that
the customer did not legitimately own or control. This issue was
resolved by revoking the trust for these specific mis-issued
certificates. (CVE-2013-0743
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0743> )
SUSE bug 796895CVE-2012-5829 at SUSECVE-2012-5829 at NVDCVE-2013-0743 at SUSECVE-2013-0743 at NVDCVE-2013-0744 at SUSECVE-2013-0744 at NVDCVE-2013-0745 at SUSECVE-2013-0745 at NVDCVE-2013-0746 at SUSECVE-2013-0746 at NVDCVE-2013-0747 at SUSECVE-2013-0747 at NVDCVE-2013-0748 at SUSECVE-2013-0748 at NVDCVE-2013-0749 at SUSECVE-2013-0749 at NVDCVE-2013-0750 at SUSECVE-2013-0750 at NVDCVE-2013-0751 at SUSECVE-2013-0751 at NVDCVE-2013-0752 at SUSECVE-2013-0752 at NVDCVE-2013-0753 at SUSECVE-2013-0753 at NVDCVE-2013-0754 at SUSECVE-2013-0754 at NVDCVE-2013-0755 at SUSECVE-2013-0755 at NVDCVE-2013-0756 at SUSECVE-2013-0756 at NVDCVE-2013-0757 at SUSECVE-2013-0757 at NVDCVE-2013-0758 at SUSECVE-2013-0758 at NVDCVE-2013-0759 at SUSECVE-2013-0759 at NVDCVE-2013-0760 at SUSECVE-2013-0760 at NVDCVE-2013-0761 at SUSECVE-2013-0761 at NVDCVE-2013-0762 at SUSECVE-2013-0762 at NVDCVE-2013-0763 at SUSECVE-2013-0763 at NVDCVE-2013-0764 at SUSECVE-2013-0764 at NVDCVE-2013-0766 at SUSECVE-2013-0766 at NVDCVE-2013-0767 at SUSECVE-2013-0767 at NVDCVE-2013-0768 at SUSECVE-2013-0768 at NVDCVE-2013-0769 at SUSECVE-2013-0769 at NVDCVE-2013-0770 at SUSECVE-2013-0770 at NVDCVE-2013-0771 at SUSECVE-2013-0771 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
MozillaFirefox has been updated to the 17.0.4ESR release which fixes one
important security issue:
* MFSA 2013-29 / CVE-2013-0787: VUPEN Security, via TippingPoint's Zero
Day Initiative, reported a use-after-free within the HTML editor when
content script is run by the document.execCommand() function while
internal editor operations are occurring. This could allow for
arbitrary code execution.
Security Issue reference:
* CVE-2013-0787
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0787>
SUSE bug 804248SUSE bug 806669SUSE bug 808243CVE-2013-0765 at SUSECVE-2013-0765 at NVDCVE-2013-0772 at SUSECVE-2013-0772 at NVDCVE-2013-0773 at SUSECVE-2013-0773 at NVDCVE-2013-0774 at SUSECVE-2013-0774 at NVDCVE-2013-0775 at SUSECVE-2013-0775 at NVDCVE-2013-0776 at SUSECVE-2013-0776 at NVDCVE-2013-0780 at SUSECVE-2013-0780 at NVDCVE-2013-0782 at SUSECVE-2013-0782 at NVDCVE-2013-0783 at SUSECVE-2013-0783 at NVDCVE-2013-0787 at SUSECVE-2013-0787 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
MozillaFirefox has been updated to the 17.0.5ESR release fixing bugs and
security issues.
Also Mozilla NSS has been updated to version 3.14.3 and Mozilla NSPR to
4.9.6.
*
MFSA 2013-30: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
Olli Pettay, Jesse Ruderman, Boris Zbarsky, Christian Holler, Milan
Sreckovic, and Joe Drew reported memory safety problems and crashes
that affect Firefox ESR 17, and Firefox 19. (CVE-2013-0788)
Andrew McCreight, Randell Jesup, Gary Kwong, Jesse Ruderman,
Christian Holler, and Mats Palmgren reported memory safety problems
and crashes that affect Firefox 19. (CVE-2013-0789)
Jim Chen reported a memory safety problem that affects Firefox for
Android
*
(CVE-2013-0790)
*
MFSA 2013-31 / CVE-2013-0800: Security researcher Abhishek Arya
(Inferno) of the Google Chrome Security Team used the Address
Sanitizer tool to discover an out-of-bounds write in Cairo graphics
library. When certain values are passed to it during rendering, Cairo
attempts to use negative boundaries or sizes for boxes, leading to a
potentially exploitable crash in some instances.
*
MFSA 2013-32 / CVE-2013-0799: Security researcher Frederic Hoguin
discovered that the Mozilla Maintenance Service on Windows was
vulnerable to a buffer overflow. This system is used to update
software without invoking the User Account Control (UAC) prompt. The
Mozilla Maintenance Service is configured to allow unprivileged users
to start it with arbitrary arguments. By manipulating the data passed
in these arguments, an attacker can execute arbitrary code with the
system privileges used by the service. This issue requires local file
system access to be exploitable.
*
MFSA 2013-33 / CVE-2013-0798: Security researcher Shuichiro Suzuki of
the Fourteenforty Research Institute reported the app_tmp directory
is set to be world readable and writeable by Firefox for Android.
This potentially allows for third party applications to replace or
alter Firefox add-ons when downloaded because they are temporarily
stored in the app_tmp directory before installation.
This vulnerability only affects Firefox for Android.
*
MFSA 2013-34 / CVE-2013-0797: Security researcher Ash reported an
issue with the Mozilla Updater. The Mozilla Updater can be made to
load a malicious local DLL file in a privileged context through
either the Mozilla Maintenance Service or independently on systems
that do not use the service. This occurs when the DLL file is placed
in a specific location on the local system before the Mozilla Updater
is run. Local file system access is necessary in order for this issue
to be exploitable.
*
MFSA 2013-35 / CVE-2013-0796: Security researcher miaubiz used the
Address Sanitizer tool to discover a crash in WebGL rendering when
memory is freed that has not previously been allocated. This issue
only affects Linux users who have Intel Mesa graphics drivers. The
resulting crash could be potentially exploitable.
*
MFSA 2013-36 / CVE-2013-0795: Security researcher Cody Crews reported
a mechanism to use the cloneNode method to bypass System Only
Wrappers (SOW) and clone a protected node. This allows violation of
the browser's same origin policy and could also lead to privilege
escalation and the execution of arbitrary code.
*
MFSA 2013-37 / CVE-2013-0794: Security researcher shutdown reported a
method for removing the origin indication on tab-modal dialog boxes
in combination with browser navigation. This could allow an
attacker's dialog to overlay a page and show another site's content.
This can be used for phishing by allowing users to enter data into a
modal prompt dialog on an attacking, site while appearing to be from
the displayed site.
*
MFSA 2013-38 / CVE-2013-079: Security researcher Mariusz Mlynski
reported a method to use browser navigations through history to load
an arbitrary website with that page's baseURI property pointing to
another site instead of the seemingly loaded one. The user will
continue to see the incorrect site in the addressbar of the browser.
This allows for a cross-site scripting (XSS) attack or the theft of
data through a phishing attack.
*
MFSA 2013-39 / CVE-2013-0792: Mozilla community member Tobias Schula
reported that if gfx.color_management.enablev4 preference is enabled
manually in about:config, some grayscale PNG images will be rendered
incorrectly and cause memory corruption during PNG decoding when
certain color profiles are in use. A crafted PNG image could use this
flaw to leak data through rendered images drawing from random memory.
By default, this preference is not enabled.
*
MFSA 2013-40 / CVE-2013-0791: Mozilla community member Ambroz Bizjak
reported an out-of-bounds array read in the CERT_DecodeCertPackage
function of the Network Security Services (NSS) libary when decoding
a certificate. When this occurs, it will lead to memory corruption
and a non-exploitable crash.
Security Issue references:
* CVE-2013-0788
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0788>
* CVE-2013-0789
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0789>
* CVE-2013-0790
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0790>
* CVE-2013-0791
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0791>
* CVE-2013-0792
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0792>
* CVE-2013-0794
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0794>
* CVE-2013-0795
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0795>
* CVE-2013-0796
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0796>
* CVE-2013-0797
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0797>
* CVE-2013-0798
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0798>
* CVE-2013-0799
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0799>
* CVE-2013-0800
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0800>
SUSE bug 813026CVE-2013-0788 at SUSECVE-2013-0788 at NVDCVE-2013-0789 at SUSECVE-2013-0789 at NVDCVE-2013-0790 at SUSECVE-2013-0790 at NVDCVE-2013-0791 at SUSECVE-2013-0791 at NVDCVE-2013-0792 at SUSECVE-2013-0792 at NVDCVE-2013-0794 at SUSECVE-2013-0794 at NVDCVE-2013-0795 at SUSECVE-2013-0795 at NVDCVE-2013-0796 at SUSECVE-2013-0796 at NVDCVE-2013-0797 at SUSECVE-2013-0797 at NVDCVE-2013-0798 at SUSECVE-2013-0798 at NVDCVE-2013-0799 at SUSECVE-2013-0799 at NVDCVE-2013-0800 at SUSECVE-2013-0800 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
Mozilla Firefox has been updated to the17.0.6ESR security release.
*
MFSA 2013-30: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
Olli Pettay, Jesse Ruderman, Boris Zbarsky, Christian Holler, Milan
Sreckovic, and Joe Drew reported memory safety problems and crashes
that affect Firefox ESR 17, and Firefox 19. (CVE-2013-0788)
*
MFSA 2013-31 / CVE-2013-0800: Security researcher Abhishek Arya
(Inferno) of the Google Chrome Security Team used the Address
Sanitizer tool to discover an out-of-bounds write in Cairo graphics
library. When certain values are passed to it during rendering, Cairo
attempts to use negative boundaries or sizes for boxes, leading to a
potentially exploitable crash in some instances.
*
MFSA 2013-32 / CVE-2013-0799: Security researcher Frederic Hoguin
discovered that the Mozilla Maintenance Service on Windows was
vulnerable to a buffer overflow. This system is used to update
software without invoking the User Account Control (UAC) prompt. The
Mozilla Maintenance Service is configured to allow unprivileged users
to start it with arbitrary arguments. By manipulating the data passed
in these arguments, an attacker can execute arbitrary code with the
system privileges used by the service. This issue requires local file
system access to be exploitable.
*
MFSA 2013-34 / CVE-2013-0797: Security researcher Ash reported an
issue with the Mozilla Updater. The Mozilla Updater can be made to
load a malicious local DLL file in a privileged context through
either the Mozilla Maintenance Service or independently on systems
that do not use the service. This occurs when the DLL file is placed
in a specific location on the local system before the Mozilla Updater
is run. Local file system access is necessary in order for this issue
to be exploitable.
*
MFSA 2013-35 / CVE-2013-0796: Security researcher miaubiz used the
Address Sanitizer tool to discover a crash in WebGL rendering when
memory is freed that has not previously been allocated. This issue
only affects Linux users who have Intel Mesa graphics drivers. The
resulting crash could be potentially exploitable.
*
MFSA 2013-36 / CVE-2013-0795: Security researcher Cody Crews reported
a mechanism to use the cloneNode method to bypass System Only
Wrappers (SOW) and clone a protected node. This allows violation of
the browser's same origin policy and could also lead to privilege
escalation and the execution of arbitrary code.
*
MFSA 2013-37 / CVE-2013-0794: Security researcher shutdown reported a
method for removing the origin indication on tab-modal dialog boxes
in combination with browser navigation. This could allow an
attacker's dialog to overlay a page and show another site's content.
This can be used for phishing by allowing users to enter data into a
modal prompt dialog on an attacking, site while appearing to be from
the displayed site.
*
MFSA 2013-38 / CVE-2013-0793: Security researcher Mariusz Mlynski
reported a method to use browser navigations through history to load
an arbitrary website with that page's baseURI property pointing to
another site instead of the seemingly loaded one. The user will
continue to see the incorrect site in the addressbar of the browser.
This allows for a cross-site scripting (XSS) attack or the theft of
data through a phishing attack.
*
MFSA 2013-39 / CVE-2013-0792: Mozilla community member Tobias Schula
reported that if gfx.color_management.enablev4 preference is enabled
manually in about:config, some grayscale PNG images will be rendered
incorrectly and cause memory corruption during PNG decoding when
certain color profiles are in use. A crafted PNG image could use this
flaw to leak data through rendered images drawing from random memory.
By default, this preference is not enabled.
*
MFSA 2013-40 / CVE-2013-0791: Mozilla community member Ambroz Bizjak
reported an out-of-bounds array read in the CERT_DecodeCertPackage
function of the Network Security Services (NSS) libary when decoding
a certificate. When this occurs, it will lead to memory corruption
and a non-exploitable crash.
Security Issue references:
* CVE-2013-0788
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0788>
* CVE-2013-0791
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0791>
* CVE-2013-0792
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0792>
* CVE-2013-0793
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0793>
* CVE-2013-0794
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0794>
* CVE-2013-0795
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0795>
* CVE-2013-0796
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0796>
* CVE-2013-0797
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0797>
* CVE-2013-0799
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0799>
* CVE-2013-0800
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0800>
SUSE bug 792432SUSE bug 819204CVE-2013-0788 at SUSECVE-2013-0788 at NVDCVE-2013-0791 at SUSECVE-2013-0791 at NVDCVE-2013-0792 at SUSECVE-2013-0792 at NVDCVE-2013-0793 at SUSECVE-2013-0793 at NVDCVE-2013-0794 at SUSECVE-2013-0794 at NVDCVE-2013-0795 at SUSECVE-2013-0795 at NVDCVE-2013-0796 at SUSECVE-2013-0796 at NVDCVE-2013-0797 at SUSECVE-2013-0797 at NVDCVE-2013-0799 at SUSECVE-2013-0799 at NVDCVE-2013-0800 at SUSECVE-2013-0800 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
Mozilla Firefox has been updated to the 17.0.7 ESR version, fixing bugs and
security fixes.
*
MFSA 2013-49: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
Gary Kwong, Jesse Ruderman, and Andrew McCreight reported memory
safety problems and crashes that affect Firefox ESR 17, and Firefox
21. (CVE-2013-1682)
*
MFSA 2013-50: Security researcher Abhishek Arya (Inferno) of the
Google Chrome Security Team used the Address Sanitizer tool to
discover a series of use-after-free problems rated critical as
security issues in shipped software. Some of these issues are
potentially exploitable, allowing for remote code execution. We would
also like to thank Abhishek for reporting additional use-after-free
and buffer overflow flaws in code introduced during Firefox
development. These were fixed before general release.
o Heap-use-after-free in
mozilla::dom::HTMLMediaElement::LookupMediaElementURITable
(CVE-2013-1684)
o Heap-use-after-free in nsIDocument::GetRootElement
(CVE-2013-1685)
o Heap-use-after-free in mozilla::ResetDir (CVE-2013-1686)
*
MFSA 2013-51 / CVE-2013-1687: Security researcher Mariusz Mlynski
reported that it is possible to compile a user-defined function in
the XBL scope of a specific element and then trigger an event within
this scope to run code. In some circumstances, when this code is run,
it can access content protected by System Only Wrappers (SOW) and
chrome-privileged pages. This could potentially lead to arbitrary
code execution. Additionally, Chrome Object Wrappers (COW) can be
bypassed by web content to access privileged methods, leading to a
cross-site scripting (XSS) attack from privileged pages.
*
MFSA 2013-53 / CVE-2013-1690: Security researcher Nils reported that
specially crafted web content using the onreadystatechange event and
reloading of pages could sometimes cause a crash when unmapped memory
is executed. This crash is potentially exploitable.
*
MFSA 2013-54 / CVE-2013-1692: Security researcher Johnathan Kuskos
reported that Firefox is sending data in the body of XMLHttpRequest
(XHR) HEAD requests, which goes agains the XHR specification. This
can potentially be used for Cross-Site Request Forgery (CSRF) attacks
against sites which do not distinguish between HEAD and POST
requests.
*
MFSA 2013-55 / CVE-2013-1693: Security researcher Paul Stone of
Context Information Security discovered that timing differences in
the processing of SVG format images with filters could allow for
pixel values to be read. This could potentially allow for text values
to be read across domains, leading to information disclosure.
*
MFSA 2013-59 / CVE-2013-1697: Mozilla security researcher
moz_bug_r_a4 reported that XrayWrappers can be bypassed to call
content-defined toString and valueOf methods through DefaultValue.
This can lead to unexpected behavior when privileged code acts on the
incorrect values.
Security Issue references:
* CVE-2013-1682
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1682>
* CVE-2013-1684
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1684>
* CVE-2013-1685
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1685>
* CVE-2013-1686
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1686>
* CVE-2013-1687
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1687>
* CVE-2013-1690
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1690>
* CVE-2013-1692
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1692>
* CVE-2013-1693
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1693>
* CVE-2013-1697
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1697>
SUSE bug 825935CVE-2013-1682 at SUSECVE-2013-1682 at NVDCVE-2013-1684 at SUSECVE-2013-1684 at NVDCVE-2013-1685 at SUSECVE-2013-1685 at NVDCVE-2013-1686 at SUSECVE-2013-1686 at NVDCVE-2013-1687 at SUSECVE-2013-1687 at NVDCVE-2013-1690 at SUSECVE-2013-1690 at NVDCVE-2013-1692 at SUSECVE-2013-1692 at NVDCVE-2013-1693 at SUSECVE-2013-1693 at NVDCVE-2013-1697 at SUSECVE-2013-1697 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
Mozilla Firefox was updated to the 17.0.10ESR release, fixing various bugs
and security issues:
MFSA 2013-93: Mozilla developers identified and fixed several memory safety
bugs in the browser engine used in Firefox and other Mozilla-based
products. Some of these bugs showed evidence of memory corruption under
certain circumstances, and we presume that with enough effort at least some
of these could be exploited to run arbitrary code.
Jesse Ruderman and Christoph Diehl reported memory safety problems and
crashes that affect Firefox ESR 17, Firefox ESR 24, and Firefox 24.
(CVE-2013-5590)
Carsten Book reported a crash fixed in the NSS library used by
Mozilla-based products fixed in Firefox 25, Firefox ESR 24.1, and Firefox
ESR 17.0.10.(CVE-2013-1739)
MFSA 2013-95 / CVE-2013-5604: Security researcher Abhishek Arya (Inferno)
of the Google Chrome Security Team used the Address Sanitizer tool to
discover an access violation due to uninitialized data during Extensible
Stylesheet Language Transformation (XSLT) processing. This leads to a
potentially exploitable crash.
MFSA 2013-96 / CVE-2013-5595: Compiler Engineer Dan Gohman of Google
discovered a flaw in the JavaScript engine where memory was being
incorrectly allocated for some functions and the calls for allocations were
not always properly checked for overflow, leading to potential buffer
overflows. When combined with other vulnerabilities, these flaws could be
potentially exploitable.
MFSA 2013-98 / CVE-2013-5597: Security researcher Byoungyoung Lee of
Georgia Tech Information Security Center (GTISC) used the Address Sanitizer
tool to discover a use-after-free during state change events while updating
the offline cache. This leads to a potentially exploitable crash.
MFSA 2013-100: Security researcher Nils used the Address Sanitizer tool
while fuzzing to discover missing strong references in browsing engine
leading to use-after-frees. This can lead to a potentially exploitable
crash.
* ASAN heap-use-after-free in nsIPresShell::GetPresContext() with
canvas, onresize and mozTextStyle (CVE-2013-5599)
* ASAN use-after-free in nsIOService::NewChannelFromURIWithProxyFlags
with Blob URL (CVE-2013-5600)
* ASAN use-after free in GC allocation in
nsEventListenerManager::SetEventHandler (CVE-2013-5601)
MFSA 2013-101 / CVE-2013-5602: Security researcher Nils used the Address
Sanitizer tool while fuzzing to discover a memory corruption issue with the
JavaScript engine when using workers with direct proxies. This results in a
potentially exploitable crash.
Security Issues:
* CVE-2013-1739
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1739>
SUSE bug 847708CVE-2013-1739 at SUSECVE-2013-1739 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
Mozilla Firefox was updated to the 24.3.0ESR security release.
The following security issues have been fixed:
*
MFSA 2014-01: Memory safety bugs fixed in Firefox ESR 24.3 and
Firefox 27.0 (CVE-2014-1477)(bnc#862345)
*
MFSA 2014-02: Using XBL scopes its possible to steal(clone) native
anonymous content (CVE-2014-1479)(bnc#862348)
*
MFSA 2014-03: Download 'open file' dialog delay is too quick, doesn't
prevent clickjacking (CVE-2014-1480)
*
MFSA 2014-04: Image decoding causing FireFox to crash with Goo Create
(CVE-2014-1482)(bnc#862356)
*
MFSA 2014-05: caretPositionFromPoint and elementFromPoint leak
information about iframe contents via timing information
(CVE-2014-1483)(bnc#862360)
*
MFSA 2014-06: Fennec leaks profile path to logcat (CVE-2014-1484)
*
MFSA 2014-07: CSP should block XSLT as script, not as style
(CVE-2014-1485)
*
MFSA 2014-08: imgRequestProxy Use-After-Free Remote Code Execution
Vulnerability (CVE-2014-1486)
*
MFSA 2014-09: Cross-origin information disclosure with error message
of Web Workers (CVE-2014-1487)
*
MFSA 2014-10: settings & history ID bug (CVE-2014-1489)
*
MFSA 2014-11: Firefox reproducibly crashes when using asm.js code in
workers and transferable objects (CVE-2014-1488)
*
MFSA 2014-12: TOCTOU, potential use-after-free in libssl's session
ticket processing (CVE-2014-1490)(bnc#862300) Do not allow p-1 as a
public DH value (CVE-2014-1491)(bnc#862289)
*
MFSA 2014-13: Inconsistent this value when invoking getters on window
(CVE-2014-1481)(bnc#862309)
Also Mozilla NSS was updated to 3.15.4 release.
* required for Firefox 27
* regular CA root store update (1.96)
* some OSCP improvments
* other bugfixes
Security Issue references:
* CVE-2014-1477
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1477>
* CVE-2014-1479
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1479>
* CVE-2014-1480
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1480>
* CVE-2014-1481
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1481>
* CVE-2014-1482
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1482>
* CVE-2014-1483
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1483>
* CVE-2014-1484
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1484>
* CVE-2014-1485
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1485>
* CVE-2014-1486
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1486>
* CVE-2014-1487
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1487>
* CVE-2014-1488
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1488>
* CVE-2014-1489
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1489>
* CVE-2014-1490
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1490>
* CVE-2014-1491
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1491>
SUSE bug 859055SUSE bug 861847CVE-2014-1477 at SUSECVE-2014-1477 at NVDCVE-2014-1479 at SUSECVE-2014-1479 at NVDCVE-2014-1480 at SUSECVE-2014-1480 at NVDCVE-2014-1481 at SUSECVE-2014-1481 at NVDCVE-2014-1482 at SUSECVE-2014-1482 at NVDCVE-2014-1483 at SUSECVE-2014-1483 at NVDCVE-2014-1484 at SUSECVE-2014-1484 at NVDCVE-2014-1485 at SUSECVE-2014-1485 at NVDCVE-2014-1486 at SUSECVE-2014-1486 at NVDCVE-2014-1487 at SUSECVE-2014-1487 at NVDCVE-2014-1488 at SUSECVE-2014-1488 at NVDCVE-2014-1489 at SUSECVE-2014-1489 at NVDCVE-2014-1490 at SUSECVE-2014-1490 at NVDCVE-2014-1491 at SUSECVE-2014-1491 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
Mozilla Firefox has been updated to the 24.7ESR security release.
Security issues fixed in this release:
* CVE-2014-1544 -
https://www.mozilla.org/security/announce/2014/mfsa2014-63.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-63.html>
* CVE-2014-1548 -
https://www.mozilla.org/security/announce/2014/mfsa2014-56.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-56.html>
* CVE-2014-1549 -
https://www.mozilla.org/security/announce/2014/mfsa2014-57.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-57.html>
* CVE-2014-1550 -
https://www.mozilla.org/security/announce/2014/mfsa2014-58.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-58.html>
* CVE-2014-1551 -
https://www.mozilla.org/security/announce/2014/mfsa2014-59.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-59.html>
* CVE-2014-1552 -
https://www.mozilla.org/security/announce/2014/mfsa2014-66.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-66.html>
* CVE-2014-1555 -
https://www.mozilla.org/security/announce/2014/mfsa2014-61.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-61.html>
* CVE-2014-1556 -
https://www.mozilla.org/security/announce/2014/mfsa2014-62.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-62.html>
* CVE-2014-1557 -
https://www.mozilla.org/security/announce/2014/mfsa2014-64.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-64.html>
* CVE-2014-1558,CVE-2014-1559,CVE-2014-1560 -
https://www.mozilla.org/security/announce/2014/mfsa2014-65.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-65.html>
* CVE-2014-1561 -
https://www.mozilla.org/security/announce/2014/mfsa2014-60.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-60.html>
Security Issues:
* CVE-2014-1557
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1557>
* CVE-2014-1547
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1547>
* CVE-2014-1548
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1548>
* CVE-2014-1556
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1556>
* CVE-2014-1544
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544>
* CVE-2014-1555
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1555>
SUSE bug 887746CVE-2014-1544 at SUSECVE-2014-1544 at NVDCVE-2014-1547 at SUSECVE-2014-1547 at NVDCVE-2014-1548 at SUSECVE-2014-1548 at NVDCVE-2014-1555 at SUSECVE-2014-1555 at NVDCVE-2014-1556 at SUSECVE-2014-1556 at NVDCVE-2014-1557 at SUSECVE-2014-1557 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
Mozilla Firefox was updated to the 24.8.0ESR release, fixing security
issues and bugs.
Only some of the published security advisories affect the Mozilla Firefox
24ESR codestream:
* MFSA 2014-72 / CVE-2014-1567: Security researcher regenrecht
reported, via TippingPoint's Zero Day Initiative, a use-after-free
during text layout when interacting with the setting of text
direction. This results in a use-after-free which can lead to
arbitrary code execution.
* MFSA 2014-67: Mozilla developers and community identified and fixed
several memory safety bugs in the browser engine used in Firefox and
other Mozilla-based products. Some of these bugs showed evidence of
memory corruption under certain circumstances, and we presume that
with enough effort at least some of these could be exploited to run
arbitrary code.
* Jan de Mooij reported a memory safety problem that affects Firefox
ESR 24.7, ESR 31 and Firefox 31. (CVE-2014-1562)
More information is referenced on:
https://www.mozilla.org/security/announce/
<https://www.mozilla.org/security/announce/> .
Security Issues:
* CVE-2014-1562
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562>
* CVE-2014-1567
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567>
SUSE bug 894370CVE-2014-1562 at SUSECVE-2014-1562 at NVDCVE-2014-1567 at SUSECVE-2014-1567 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
Mozilla Firefox has been updated to the 31.3ESR release fixing bugs and
security issues.
*
MFSA 2014-83 / CVE-2014-1588 / CVE-2014-1587: Mozilla developers and
community identified and fixed several memory safety bugs in the
browser engine used in Firefox and other Mozilla-based products. Some
of these bugs showed evidence of memory corruption under certain
circumstances, and we presume that with enough effort at least some
of these could be exploited to run arbitrary code.
*
MFSA 2014-85 / CVE-2014-1590: Security researcher Joe Vennix from
Rapid7 reported that passing a JavaScript object to XMLHttpRequest
that mimics an input stream will a crash. This crash is not
exploitable and can only be used for denial of service attacks.
*
MFSA 2014-87 / CVE-2014-1592: Security researcher Berend-Jan Wever
reported a use-after-free created by triggering the creation of a
second root element while parsing HTML written to a document created
with document.open(). This leads to a potentially exploitable crash.
*
MFSA 2014-88 / CVE-2014-1593: Security researcher Abhishek Arya
(Inferno) of the Google Chrome Security Team used the Address
Sanitizer tool to discover a buffer overflow during the parsing of
media content. This leads to a potentially exploitable crash.
*
MFSA 2014-89 / CVE-2014-1594: Security researchers Byoungyoung Lee,
Chengyu Song, and Taesoo Kim at the Georgia Tech Information Security
Center (GTISC) reported a bad casting from the BasicThebesLayer to
BasicContainerLayer, resulting in undefined behavior. This behavior
is potentially exploitable with some compilers but no clear mechanism
to trigger it through web content was identified.
*
MFSA 2014-90 / CVE-2014-1595: Security researcher Kent Howard
reported an Apple issue present in OS X 10.10 (Yosemite) where log
files are created by the CoreGraphics framework of OS X in the /tmp
local directory. These log files contain a record of all inputs into
Mozilla programs during their operation. In versions of OS X from
versions 10.6 through 10.9, the CoreGraphics had this logging ability
but it was turned off by default. In OS X 10.10, this logging was
turned on by default for some applications that use a custom memory
allocator, such as jemalloc, because of an initialization bug in the
framework. This issue has been addressed in Mozilla products by
explicitly turning off the framework's logging of input events. On
vulnerable systems, this issue can result in private data such as
usernames, passwords, and other inputed data being saved to a log
file on the local system.
Security Issues:
* CVE-2014-1587
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1587>
* CVE-2014-1588
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1588>
* CVE-2014-1589
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1589>
* CVE-2014-1590
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1590>
* CVE-2014-1591
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1591>
* CVE-2014-1592
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1592>
* CVE-2014-1593
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1593>
* CVE-2014-1594
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1594>
* CVE-2014-1595
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1595>
SUSE bug 908009CVE-2014-1587 at SUSECVE-2014-1587 at NVDCVE-2014-1588 at SUSECVE-2014-1588 at NVDCVE-2014-1589 at SUSECVE-2014-1589 at NVDCVE-2014-1590 at SUSECVE-2014-1590 at NVDCVE-2014-1591 at SUSECVE-2014-1591 at NVDCVE-2014-1592 at SUSECVE-2014-1592 at NVDCVE-2014-1593 at SUSECVE-2014-1593 at NVDCVE-2014-1594 at SUSECVE-2014-1594 at NVDCVE-2014-1595 at SUSECVE-2014-1595 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
Mozilla Firefox has been updated to the 31.4.0ESR release, fixing bugs and
security issues.
Mozilla NSS has been updated to 3.17.3, fixing a security issue and
updating the root certificate list.
For more information, please see
https://www.mozilla.org/en-US/security/advisories/
<https://www.mozilla.org/en-US/security/advisories/>
Security Issues:
* CVE-2014-1569
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1569>
* CVE-2014-8634
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8634>
* CVE-2014-8639
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8639>
* CVE-2014-8641
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8641>
* CVE-2014-8638
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8638>
* CVE-2014-8636
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8636>
* CVE-2014-8637
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8637>
* CVE-2014-8640
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8640>
SUSE bug 906111SUSE bug 909563SUSE bug 910647SUSE bug 910669CVE-2014-1569 at SUSECVE-2014-1569 at NVDCVE-2014-8634 at SUSECVE-2014-8634 at NVDCVE-2014-8636 at SUSECVE-2014-8636 at NVDCVE-2014-8637 at SUSECVE-2014-8637 at NVDCVE-2014-8638 at SUSECVE-2014-8638 at NVDCVE-2014-8639 at SUSECVE-2014-8639 at NVDCVE-2014-8640 at SUSECVE-2014-8640 at NVDCVE-2014-8641 at SUSECVE-2014-8641 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
MozillaFirefox was updated to the 31.5.3ESR release to fix two security
vulnerabilities:
*
MFSA 2015-29 / CVE-2015-0817: Security researcher ilxu1a reported,
through HP Zero Day Initiative's Pwn2Own contest, a flaw in Mozilla's
implementation of typed array bounds checking in JavaScript
just-in-time compilation (JIT) and its management of bounds checking
for heap access. This flaw can be leveraged into the reading and
writing of memory allowing for arbitrary code execution on the local
system.
*
MFSA 2015-28 / CVE-2015-0818: Security researcher Mariusz Mlynski
reported, through HP Zero Day Initiative's Pwn2Own contest, a method
to run arbitrary scripts in a privileged context. This bypassed the
same-origin policy protections by using a flaw in the processing of
SVG format content navigation.
Security Issues:
* CVE-2015-0817
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0817>
* CVE-2015-0818
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0818>
SUSE bug 923534CVE-2015-0817 at SUSECVE-2015-0817 at NVDCVE-2015-0818 at SUSECVE-2015-0818 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
Mozilla Firefox was updated to 38.2.1 ESR, fixing two severe security bugs. (bsc#943608)
* MFSA 2015-94/CVE-2015-4497 (bsc#943557): Use-after-free when resizing canvas element during restyling
* MFSA 2015-95/CVE-2015-4498 (bsc#943558): Add-on notification bypass through data URLs
ImportantSUSE bug 943557SUSE bug 943558SUSE bug 943608CVE-2015-4497 at SUSECVE-2015-4497 at NVDCVE-2015-4498 at SUSECVE-2015-4498 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for MozillaFirefox, mozilla-nspr (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
Mozilla Firefox was updated to version 38.3.0 ESR (bsc#947003),
fixing bugs and security issues.
* MFSA 2015-96/CVE-2015-4500/CVE-2015-4501
Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)
* MFSA 2015-101/CVE-2015-4506
Buffer overflow in libvpx while parsing vp9 format video
* MFSA 2015-105/CVE-2015-4511
Buffer overflow while decoding WebM video
* MFSA 2015-106/CVE-2015-4509
Use-after-free while manipulating HTML media content
* MFSA 2015-110/CVE-2015-4519
Dragging and dropping images exposes final URL after
redirects
* MFSA 2015-111/CVE-2015-4520
Errors in the handling of CORS preflight request headers
* MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522
CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177
CVE-2015-7180
Vulnerabilities found through code inspection
More details can be found on
https://www.mozilla.org/en-US/security/advisories/
The Mozilla NSPR library was updated to version 4.10.9, fixing various bugs.
ImportantSUSE bug 947003CVE-2015-4500 at SUSECVE-2015-4500 at NVDCVE-2015-4501 at SUSECVE-2015-4501 at NVDCVE-2015-4506 at SUSECVE-2015-4506 at NVDCVE-2015-4509 at SUSECVE-2015-4509 at NVDCVE-2015-4511 at SUSECVE-2015-4511 at NVDCVE-2015-4517 at SUSECVE-2015-4517 at NVDCVE-2015-4519 at SUSECVE-2015-4519 at NVDCVE-2015-4520 at SUSECVE-2015-4520 at NVDCVE-2015-4521 at SUSECVE-2015-4521 at NVDCVE-2015-4522 at SUSECVE-2015-4522 at NVDCVE-2015-7174 at SUSECVE-2015-7174 at NVDCVE-2015-7175 at SUSECVE-2015-7175 at NVDCVE-2015-7176 at SUSECVE-2015-7176 at NVDCVE-2015-7177 at SUSECVE-2015-7177 at NVDCVE-2015-7180 at SUSECVE-2015-7180 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This Mozilla Firefox, NSS and NSPR update fixes the following security
and non security issues.
- mozilla-nspr was updated to version 4.10.10 (bsc#952810)
* MFSA 2015-133/CVE-2015-7183
(bmo#1205157)
NSPR memory corruption issues
- mozilla-nss was updated to 3.19.2.1 (bsc#952810)
* MFSA 2015-133/CVE-2015-7181/CVE-2015-7182
(bmo#1192028, bmo#1202868)
NSS and NSPR memory corruption issues
- MozillaFirefox was updated to 38.4.0 ESR (bsc#952810)
* MFSA 2015-116/CVE-2015-4513
(bmo#1107011, bmo#1191942, bmo#1193038, bmo#1204580,
bmo#1204669, bmo#1204700, bmo#1205707, bmo#1206564,
bmo#1208665, bmo#1209471, bmo#1213979)
Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)
* MFSA 2015-122/CVE-2015-7188
(bmo#1199430)
Trailing whitespace in IP address hostnames can bypass
same-origin policy
* MFSA 2015-123/CVE-2015-7189
(bmo#1205900)
Buffer overflow during image interactions in canvas
* MFSA 2015-127/CVE-2015-7193
(bmo#1210302)
CORS preflight is bypassed when non-standard Content-Type
headers are received
* MFSA 2015-128/CVE-2015-7194
(bmo#1211262)
Memory corruption in libjar through zip files
* MFSA 2015-130/CVE-2015-7196
(bmo#1140616)
JavaScript garbage collection crash with Java applet
* MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
(bmo#1204061, bmo#1188010, bmo#1204155)
Vulnerabilities found through code inspection
* MFSA 2015-132/CVE-2015-7197
(bmo#1204269)
Mixed content WebSocket policy bypass through workers
* MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183
(bmo#1202868, bmo#1192028, bmo#1205157)
NSS and NSPR memory corruption issues
- fix printing on landscape media (bsc#908275)
ImportantSUSE bug 908275SUSE bug 952810CVE-2015-4513 at SUSECVE-2015-4513 at NVDCVE-2015-7181 at SUSECVE-2015-7181 at NVDCVE-2015-7182 at SUSECVE-2015-7182 at NVDCVE-2015-7183 at SUSECVE-2015-7183 at NVDCVE-2015-7188 at SUSECVE-2015-7188 at NVDCVE-2015-7189 at SUSECVE-2015-7189 at NVDCVE-2015-7193 at SUSECVE-2015-7193 at NVDCVE-2015-7194 at SUSECVE-2015-7194 at NVDCVE-2015-7196 at SUSECVE-2015-7196 at NVDCVE-2015-7197 at SUSECVE-2015-7197 at NVDCVE-2015-7198 at SUSECVE-2015-7198 at NVDCVE-2015-7199 at SUSECVE-2015-7199 at NVDCVE-2015-7200 at SUSECVE-2015-7200 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues:
Mozilla Firefox was updated to 38.7.0 ESR (bsc#969894), fixing
following security issues:
* MFSA 2016-16/CVE-2016-1952/CVE-2016-1953
Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)
* MFSA 2016-17/CVE-2016-1954
Local file overwriting and potential privilege escalation
through CSP reports
* MFSA 2016-20/CVE-2016-1957
Memory leak in libstagefright when deleting an array during
MP4 processing
* MFSA 2016-21/CVE-2016-1958
Displayed page address can be overridden
* MFSA 2016-23/CVE-2016-1960
Use-after-free in HTML5 string parser
* MFSA 2016-24/CVE-2016-1961
Use-after-free in SetBody
* MFSA 2016-25/CVE-2016-1962
Use-after-free when using multiple WebRTC data channels
* MFSA 2016-27/CVE-2016-1964
Use-after-free during XML transformations
* MFSA 2016-28/CVE-2016-1965
Addressbar spoofing though history navigation and Location
protocol property
* MFSA 2016-31/CVE-2016-1966
Memory corruption with malicious NPAPI plugin
* MFSA 2016-34/CVE-2016-1974
Out-of-bounds read in HTML parser following a failed
allocation
* MFSA 2016-35/CVE-2016-1950
Buffer overflow during ASN.1 decoding in NSS
* MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/
CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/
CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/
CVE-2016-2800/CVE-2016-2801/CVE-2016-2802
Font vulnerabilities in the Graphite 2 library
Mozilla NSPR was updated to version 4.12 (bsc#969894), fixing following bugs:
* added a PR_GetEnvSecure function, which attempts to detect if
the program is being executed with elevated privileges, and
returns NULL if detected. It is recommended to use this function
in general purpose library code.
* fixed a memory allocation bug related to the PR_*printf functions
* exported API PR_DuplicateEnvironment, which had already been
added in NSPR 4.10.9
* added support for FreeBSD aarch64
* several minor correctness and compatibility fixes
Mozilla NSS was updated to fix security issues (bsc#969894):
* MFSA 2016-15/CVE-2016-1978
Use-after-free in NSS during SSL connections in low memory
* MFSA 2016-35/CVE-2016-1950
Buffer overflow during ASN.1 decoding in NSS
* MFSA 2016-36/CVE-2016-1979
Use-after-free during processing of DER encoded keys in NSS
ImportantSUSE bug 969894CVE-2016-1950 at SUSECVE-2016-1950 at NVDCVE-2016-1952 at SUSECVE-2016-1952 at NVDCVE-2016-1953 at SUSECVE-2016-1953 at NVDCVE-2016-1954 at SUSECVE-2016-1954 at NVDCVE-2016-1957 at SUSECVE-2016-1957 at NVDCVE-2016-1958 at SUSECVE-2016-1958 at NVDCVE-2016-1960 at SUSECVE-2016-1960 at NVDCVE-2016-1961 at SUSECVE-2016-1961 at NVDCVE-2016-1962 at SUSECVE-2016-1962 at NVDCVE-2016-1964 at SUSECVE-2016-1964 at NVDCVE-2016-1965 at SUSECVE-2016-1965 at NVDCVE-2016-1966 at SUSECVE-2016-1966 at NVDCVE-2016-1974 at SUSECVE-2016-1974 at NVDCVE-2016-1977 at SUSECVE-2016-1977 at NVDCVE-2016-1978 at SUSECVE-2016-1978 at NVDCVE-2016-1979 at SUSECVE-2016-1979 at NVDCVE-2016-2790 at SUSECVE-2016-2790 at NVDCVE-2016-2791 at SUSECVE-2016-2791 at NVDCVE-2016-2792 at SUSECVE-2016-2792 at NVDCVE-2016-2793 at SUSECVE-2016-2793 at NVDCVE-2016-2794 at SUSECVE-2016-2794 at NVDCVE-2016-2795 at SUSECVE-2016-2795 at NVDCVE-2016-2796 at SUSECVE-2016-2796 at NVDCVE-2016-2797 at SUSECVE-2016-2797 at NVDCVE-2016-2798 at SUSECVE-2016-2798 at NVDCVE-2016-2799 at SUSECVE-2016-2799 at NVDCVE-2016-2800 at SUSECVE-2016-2800 at NVDCVE-2016-2801 at SUSECVE-2016-2801 at NVDCVE-2016-2802 at SUSECVE-2016-2802 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This version update of Mozilla Firefox to 31.2.0ESR brings improvements,
stability fixes and also security fixes for the following CVEs:
CVE-2014-1574, CVE-2014-1575, CVE-2014-1576 ,CVE-2014-1577, CVE-2014-1578,
CVE-2014-1581, CVE-2014-1583, CVE-2014-1585, CVE-2014-1586
It also disables SSLv3 by default to mitigate the protocol downgrade attack
known as POODLE.
This update fixes some regressions introduced by the previously released
update.
Security Issues:
* CVE-2014-1574
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1574>
* CVE-2014-1575
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1575>
* CVE-2014-1576
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1576>
* CVE-2014-1577
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1577>
* CVE-2014-1578
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1578>
* CVE-2014-1581
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1581>
* CVE-2014-1583
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1583>
* CVE-2014-1585
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1585>
* CVE-2014-1586
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1586>
SUSE bug 900941SUSE bug 905056SUSE bug 905528CVE-2014-1574 at SUSECVE-2014-1574 at NVDCVE-2014-1575 at SUSECVE-2014-1575 at NVDCVE-2014-1576 at SUSECVE-2014-1576 at NVDCVE-2014-1577 at SUSECVE-2014-1577 at NVDCVE-2014-1578 at SUSECVE-2014-1578 at NVDCVE-2014-1581 at SUSECVE-2014-1581 at NVDCVE-2014-1583 at SUSECVE-2014-1583 at NVDCVE-2014-1585 at SUSECVE-2014-1585 at NVDCVE-2014-1586 at SUSECVE-2014-1586 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for freeradiusSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update for freeradius-server provides the following fixes and
improvements:
* Increase the vendor IDs limit from 32767 to 65535 (bnc#791666)
* Fix issues with escaping special characters in password (bnc#797515)
* Respect expired passwords and accounts when using the unix module
(bnc#797313, CVE-2011-4966).
Security Issue reference:
* CVE-2011-4966
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4966>
SUSE bug 791666SUSE bug 797313SUSE bug 797515CVE-2011-4966 at SUSECVE-2011-4966 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for freetype2SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes:
* OOB access in bdf_free_font() and _bdf_parse_glyphs() (CVE-2012-5668
and CVE-2012-5669)
As well as the following non-security bugs:
* [bdf] Savannah bug #37905.
o src/bdf/bdflib.c (_bdf_parse_start): Reset `props_size' to zero
in case of allocation error; this value gets used in a loop in
* [bdf] Fix Savannah bug #37906.
o src/bdf/bdflib.c (_bdf_parse_glyphs): Use correct array size
for checking `glyph_enc'.
Security Issue references:
* CVE-2012-5668
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5668>
* CVE-2012-5669
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5669>
SUSE bug 795826CVE-2012-5668 at SUSECVE-2012-5668 at NVDCVE-2012-5669 at SUSECVE-2012-5669 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for ghostscriptSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes an array index error leading to a heap-based buffer
overflow in ghostscript-library. CVE-2012-4405 has been assigned to this
issue.
Security Issue reference:
* CVE-2012-4405
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4405>
SUSE bug 779700CVE-2012-4405 at SUSECVE-2012-4405 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for ghostscript-library (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for ghostscript-library fixes the following issues:
- Multiple security vulnerabilities have been discovered where ghostscript's
'-dsafer' flag did not provide sufficient protection against unintended
access to the file system. Thus, a machine that would process a specially
crafted Postscript file would potentially leak sensitive information to an
attacker. (CVE-2013-5653, CVE-2016-7977, bsc#1001951)
- Insufficient validation of the type of input in .initialize_dsc_parser used
to allow remote code execution. (CVE-2016-7979, bsc#1001951)
- An integer overflow in the gs_heap_alloc_bytes function used to allow remote
attackers to cause a denial of service (crash) via specially crafted
Postscript files. (CVE-2015-3228, boo#939342)
ImportantSUSE bug 1001951SUSE bug 939342CVE-2013-5653 at SUSECVE-2013-5653 at NVDCVE-2015-3228 at SUSECVE-2015-3228 at NVDCVE-2016-7977 at SUSECVE-2016-7977 at NVDCVE-2016-7979 at SUSECVE-2016-7979 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for glibcSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
This update for glibc contains the following fixes:
* Fix integer overflows in malloc (CVE-2013-4332, bnc#839870)
* Fix buffer overflow in glob (bnc#691365)
* Fix buffer overflow in strcoll (CVE-2012-4412, bnc#779320)
* Update mount flags in <sys/mount.h> (bnc#791928)
* Fix buffer overrun in regexp matcher (CVE-2013-0242, bnc#801246)
* Fix memory leaks in dlopen (bnc#811979)
* Fix stack overflow in getaddrinfo with many results (CVE-2013-1914,
bnc#813121)
* Fix check for XEN build in glibc_post_upgrade that causes missing
init re-exec (bnc#818628)
* Don't raise UNDERFLOW in tan/tanf for small but normal argument
(bnc#819347)
* Properly cross page boundary in SSE4.2 implementation of strcmp
(bnc#822210)
* Fix robust mutex handling after fork (bnc#827811)
* Fix missing character in IBM-943 charset (bnc#828235)
* Fix use of alloca in gaih_inet (bnc#828637)
* Initialize pointer guard also in static executables (CVE-2013-4788,
bnc#830268)
* Fix readdir_r with long file names (CVE-2013-4237, bnc#834594).
Security Issues:
* CVE-2012-4412
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4412>
* CVE-2013-0242
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0242>
* CVE-2013-1914
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1914>
* CVE-2013-4237
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4237>
* CVE-2013-4332
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4332>
* CVE-2013-4788
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4788>
SUSE bug 684534SUSE bug 691365SUSE bug 741345SUSE bug 743689SUSE bug 744996SUSE bug 745658SUSE bug 746824SUSE bug 747768SUSE bug 750741SUSE bug 760795SUSE bug 763512SUSE bug 767266SUSE bug 770891SUSE bug 775690SUSE bug 777233SUSE bug 779320SUSE bug 783060SUSE bug 785041SUSE bug 791928SUSE bug 793146SUSE bug 795129SUSE bug 801246SUSE bug 811979SUSE bug 813121SUSE bug 818628SUSE bug 819347SUSE bug 822210SUSE bug 827811SUSE bug 828235SUSE bug 828637SUSE bug 830268SUSE bug 834594SUSE bug 836746SUSE bug 839870SUSE bug 844309SUSE bug 864081SUSE bug 882600SUSE bug 887022SUSE bug 892073SUSE bug 894553SUSE bug 894556SUSE bug 906371SUSE bug 909053SUSE bug 910599SUSE bug 913646SUSE bug 915526SUSE bug 916222SUSE bug 918233CVE-2012-0864 at SUSECVE-2012-0864 at NVDCVE-2012-3404 at SUSECVE-2012-3404 at NVDCVE-2012-3405 at SUSECVE-2012-3405 at NVDCVE-2012-3406 at SUSECVE-2012-3406 at NVDCVE-2012-3480 at SUSECVE-2012-3480 at NVDCVE-2012-4412 at SUSECVE-2012-4412 at NVDCVE-2012-6656 at SUSECVE-2012-6656 at NVDCVE-2013-0242 at SUSECVE-2013-0242 at NVDCVE-2013-1914 at SUSECVE-2013-1914 at NVDCVE-2013-4237 at SUSECVE-2013-4237 at NVDCVE-2013-4332 at SUSECVE-2013-4332 at NVDCVE-2013-4357 at SUSECVE-2013-4357 at NVDCVE-2013-4788 at SUSECVE-2013-4788 at NVDCVE-2013-7423 at SUSECVE-2013-7423 at NVDCVE-2014-5119 at SUSECVE-2014-5119 at NVDCVE-2014-6040 at SUSECVE-2014-6040 at NVDCVE-2014-7817 at SUSECVE-2014-7817 at NVDCVE-2014-9402 at SUSECVE-2014-9402 at NVDCVE-2015-0235 at SUSECVE-2015-0235 at NVDCVE-2015-1472 at SUSECVE-2015-1472 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for glibc fixes the following issues:
- CVE-2015-7547: A stack-based buffer overflow in getaddrinfo allowed remote attackers to cause a crash or execute arbitrary code via crafted and timed DNS responses (bsc#961721)
- CVE-2015-8777: Insufficient checking of LD_POINTER_GUARD environment variable allowed local attackers to bypass the pointer guarding protection of the dynamic loader on set-user-ID and set-group-ID programs (bsc#950944)
- CVE-2015-8776: Out-of-range time values passed to the strftime function may cause it to crash, leading to a denial of service, or potentially disclosure information (bsc#962736)
- CVE-2015-8778: Integer overflow in hcreate and hcreate_r could have caused an out-of-bound memory access. leading to application crashes or, potentially, arbitrary code execution (bsc#962737)
- CVE-2014-9761: A stack overflow (unbounded alloca) could have caused applications which process long strings with the nan function to crash or, potentially, execute arbitrary code. (bsc#962738)
- CVE-2015-8779: A stack overflow (unbounded alloca) in the catopen function could have caused applications which pass long strings to the catopen function to crash or, potentially execute arbitrary code. (bsc#962739)
- CVE-2013-2207: pt_chown tricked into granting access to another users pseudo-terminal (bsc#830257)
- CVE-2013-4458: Stack (frame) overflow in getaddrinfo() when called with AF_INET6 (bsc#847227)
- CVE-2014-8121: denial of service issue in the NSS backends (bsc#918187)
- bsc#920338: Read past end of pattern in fnmatch
- CVE-2015-1781: buffer overflow in nss_dns (bsc#927080)
The following non-security bugs were fixed:
- bnc#892065: SIGSEV tst-setlocale3 in glibc-2.11.3-17.68.1
- bnc#863499: Memory leak in getaddrinfo when many RRs are returned
- bsc#892065: Avoid unbound alloca in setenv
- bsc#945779: Properly reread entry after failure in nss_files getent function
ImportantSUSE bug 830257SUSE bug 847227SUSE bug 863499SUSE bug 892065SUSE bug 918187SUSE bug 920338SUSE bug 927080SUSE bug 945779SUSE bug 950944SUSE bug 961721SUSE bug 962736SUSE bug 962737SUSE bug 962738SUSE bug 962739CVE-2013-2207 at SUSECVE-2013-2207 at NVDCVE-2013-4458 at SUSECVE-2013-4458 at NVDCVE-2014-8121 at SUSECVE-2014-8121 at NVDCVE-2014-9761 at SUSECVE-2014-9761 at NVDCVE-2015-1781 at SUSECVE-2015-1781 at NVDCVE-2015-7547 at SUSECVE-2015-7547 at NVDCVE-2015-8776 at SUSECVE-2015-8776 at NVDCVE-2015-8777 at SUSECVE-2015-8777 at NVDCVE-2015-8778 at SUSECVE-2015-8778 at NVDCVE-2015-8779 at SUSECVE-2015-8779 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for GnuTLSSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
This update of GnuTLS fixes a regression introduced by the previous update
that could have resulted in a Denial of Service (application crash).
Security Issue reference:
* CVE-2013-2116
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2116>
SUSE bug 760265SUSE bug 802651SUSE bug 821818SUSE bug 835760SUSE bug 865804SUSE bug 865993SUSE bug 880730SUSE bug 880910CVE-2013-1619 at SUSECVE-2013-1619 at NVDCVE-2013-2116 at SUSECVE-2013-2116 at NVDCVE-2014-0092 at SUSECVE-2014-0092 at NVDCVE-2014-3466 at SUSECVE-2014-3466 at NVDCVE-2014-3467 at SUSECVE-2014-3467 at NVDCVE-2014-3468 at SUSECVE-2014-3468 at NVDCVE-2014-3469 at SUSECVE-2014-3469 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for gpg2SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This GnuPG update fixes two security issues:
* CVE-2013-4351: GnuPG treated no-usage-permitted keys as
all-usages-permitted.
* CVE-2013-4402: An infinite recursion in the compressed packet parser
was fixed.
Security Issue reference:
* CVE-2013-4351
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351>
* CVE-2013-4402
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402>
SUSE bug 778723SUSE bug 780943SUSE bug 798465SUSE bug 808958SUSE bug 840510SUSE bug 844175CVE-2012-6085 at SUSECVE-2012-6085 at NVDCVE-2013-4351 at SUSECVE-2013-4351 at NVDCVE-2013-4402 at SUSECVE-2013-4402 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for gtk2SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
The following issue has been fixed:
* Specially crafted GIF and XBM files could have crashed gtk2
(CVE-2012-2370,CVE-2011-2485)
Security Issue references:
* CVE-2012-2370
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2370>
* CVE-2011-2485
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2485>
SUSE bug 702028SUSE bug 762735CVE-2011-2485 at SUSECVE-2011-2485 at NVDCVE-2012-2370 at SUSECVE-2012-2370 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for hplipSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
hplip was updated to fix three security issues:
*
CVE-2013-0200: Some local file overwrite problems via predictable
/tmp filenames were fixed.
*
CVE-2013-4325: hplip used an insecure polkit DBUS API (polkit-process
subject race condition) which could lead to local privilege
escalation.
*
CVE-2013-6402: hplip uses arbitrary file creation/overwrite (via
hardcoded file name /tmp/hp-pkservice.log)
Security Issue references:
* CVE-2013-4325
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4325>
* CVE-2013-0200
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0200>
* CVE-2013-6402
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6402>
SUSE bug 808355SUSE bug 835827SUSE bug 836937SUSE bug 852368CVE-2013-0200 at SUSECVE-2013-0200 at NVDCVE-2013-4325 at SUSECVE-2013-4325 at NVDCVE-2013-6402 at SUSECVE-2013-6402 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Recommended update for hyper-vSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes the following issues:
* a send/recv buffer allocation bug (bnc#828714)
* wrong IPv6 subnet enumeration (bnc#828714)
* Latest version of hyper-v-3-0.5.1 causes more CPU usage and issues
warnings (bnc#770763)
SUSE bug 676890SUSE bug 761200SUSE bug 770763SUSE bug 790469SUSE bug 791605SUSE bug 828714CVE-2012-2669 at SUSECVE-2012-2669 at NVDCVE-2012-5532 at SUSECVE-2012-5532 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Recommended update for ibutilsSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update for InfiniBand Diagnostic Tools (ibutils) fixes a syntax error
that affected the ibdiagnet, ibdiagpath and ibdiagui utilities.
SUSE bug 811660SUSE bug 832643CVE-2013-1894 at SUSECVE-2013-1894 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for icuSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update is rereleased because some architectures were missed on the
first try. It fixes the following security issues:
* Specially crafted strings could cause a buffer overflow in icu (
CVE-2011-4599
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4599> )
* An integer overflow in the getSymbol() function could crash
applications using icu (CVE-2010-4409
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4409> )
SUSE bug 657910SUSE bug 736146CVE-2011-4599 at SUSECVE-2011-4599 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for innSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
A STARTTLS injection issue has been fixed in inn. CVE-2012-3523 was
assigned to this issue.
Security Issue reference:
* CVE-2012-3523
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3523>
SUSE bug 776967CVE-2012-3523 at SUSECVE-2012-3523 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Recommended update for inst-source-utilsSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update to inst-source-utils fixes create_sha1sums for signing to write
correct pubkey.
SUSE bug 604730SUSE bug 792914CVE-2012-0427 at SUSECVE-2012-0427 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for jakarta-commons-fileuploadSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
jakarta-commons-fileupload received a security fix:
* A poison null byte flaw was found in the implementation of the
DiskFileItem class. A remote attacker could able to supply a
serialized instance of the DiskFileItem class, which would be
deserialized on a server, could use this flaw to write arbitrary
content to any location on the server that is permitted by the user
running the application server process. (CVE-2013-2186)
Security Issue reference:
* CVE-2013-2186
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2186>
SUSE bug 846174CVE-2013-2186 at SUSECVE-2013-2186 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for jakartaSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
The following issue has been fixed:
* SSL certificate hostname verification was not done and is fixed by
this update. (CVE-2012-5783)
Security Issue reference:
* CVE-2012-5783
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5783>
SUSE bug 803332CVE-2012-5783 at SUSECVE-2012-5783 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for java-1_4_2-ibmSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
IBM Java 1.4.2 was updated to SR13-FP18 to fix bugs and security issues.
Please see also
http://www.ibm.com/developerworks/java/jdk/alerts/
<http://www.ibm.com/developerworks/java/jdk/alerts/>
Also the following bug has been fixed:
* mark files in jre/bin and bin/ as executable (bnc#823034)
Security Issue references:
* CVE-2013-3009
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3009>
* CVE-2013-3011
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3011>
* CVE-2013-3012
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3012>
* CVE-2013-2469
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2469>
* CVE-2013-2465
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2465>
* CVE-2013-2464
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2464>
* CVE-2013-2463
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2463>
* CVE-2013-2473
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2473>
* CVE-2013-2472
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2472>
* CVE-2013-2471
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2471>
* CVE-2013-2470
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2470>
* CVE-2013-2459
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2459>
* CVE-2013-2456
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2456>
* CVE-2013-2447
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2447>
* CVE-2013-2452
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2452>
* CVE-2013-2446
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2446>
* CVE-2013-2450
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2450>
* CVE-2013-1500
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1500>
SUSE bug 494536SUSE bug 592934SUSE bug 666744SUSE bug 758651SUSE bug 778629SUSE bug 788750SUSE bug 798535SUSE bug 809321SUSE bug 813939SUSE bug 819288SUSE bug 823034SUSE bug 829212CVE-2012-1531 at SUSECVE-2012-1531 at NVDCVE-2012-1713 at SUSECVE-2012-1713 at NVDCVE-2012-1717 at SUSECVE-2012-1717 at NVDCVE-2012-1718 at SUSECVE-2012-1718 at NVDCVE-2012-1719 at SUSECVE-2012-1719 at NVDCVE-2012-3216 at SUSECVE-2012-3216 at NVDCVE-2012-5073 at SUSECVE-2012-5073 at NVDCVE-2012-5079 at SUSECVE-2012-5079 at NVDCVE-2012-5081 at SUSECVE-2012-5081 at NVDCVE-2012-5083 at SUSECVE-2012-5083 at NVDCVE-2012-5084 at SUSECVE-2012-5084 at NVDCVE-2013-0424 at SUSECVE-2013-0424 at NVDCVE-2013-0425 at SUSECVE-2013-0425 at NVDCVE-2013-0426 at SUSECVE-2013-0426 at NVDCVE-2013-0428 at SUSECVE-2013-0428 at NVDCVE-2013-0432 at SUSECVE-2013-0432 at NVDCVE-2013-0434 at SUSECVE-2013-0434 at NVDCVE-2013-0440 at SUSECVE-2013-0440 at NVDCVE-2013-0442 at SUSECVE-2013-0442 at NVDCVE-2013-0443 at SUSECVE-2013-0443 at NVDCVE-2013-0485 at SUSECVE-2013-0485 at NVDCVE-2013-0809 at SUSECVE-2013-0809 at NVDCVE-2013-1476 at SUSECVE-2013-1476 at NVDCVE-2013-1478 at SUSECVE-2013-1478 at NVDCVE-2013-1480 at SUSECVE-2013-1480 at NVDCVE-2013-1481 at SUSECVE-2013-1481 at NVDCVE-2013-1491 at SUSECVE-2013-1491 at NVDCVE-2013-1493 at SUSECVE-2013-1493 at NVDCVE-2013-1500 at SUSECVE-2013-1500 at NVDCVE-2013-1537 at SUSECVE-2013-1537 at NVDCVE-2013-1557 at SUSECVE-2013-1557 at NVDCVE-2013-1569 at SUSECVE-2013-1569 at NVDCVE-2013-2383 at SUSECVE-2013-2383 at NVDCVE-2013-2384 at SUSECVE-2013-2384 at NVDCVE-2013-2394 at SUSECVE-2013-2394 at NVDCVE-2013-2417 at SUSECVE-2013-2417 at NVDCVE-2013-2419 at SUSECVE-2013-2419 at NVDCVE-2013-2420 at SUSECVE-2013-2420 at NVDCVE-2013-2429 at SUSECVE-2013-2429 at NVDCVE-2013-2430 at SUSECVE-2013-2430 at NVDCVE-2013-2432 at SUSECVE-2013-2432 at NVDCVE-2013-2446 at SUSECVE-2013-2446 at NVDCVE-2013-2447 at SUSECVE-2013-2447 at NVDCVE-2013-2450 at SUSECVE-2013-2450 at NVDCVE-2013-2452 at SUSECVE-2013-2452 at NVDCVE-2013-2456 at SUSECVE-2013-2456 at NVDCVE-2013-2459 at SUSECVE-2013-2459 at NVDCVE-2013-2463 at SUSECVE-2013-2463 at NVDCVE-2013-2464 at SUSECVE-2013-2464 at NVDCVE-2013-2465 at SUSECVE-2013-2465 at NVDCVE-2013-2469 at SUSECVE-2013-2469 at NVDCVE-2013-2470 at SUSECVE-2013-2470 at NVDCVE-2013-2471 at SUSECVE-2013-2471 at NVDCVE-2013-2472 at SUSECVE-2013-2472 at NVDCVE-2013-2473 at SUSECVE-2013-2473 at NVDCVE-2013-3009 at SUSECVE-2013-3009 at NVDCVE-2013-3011 at SUSECVE-2013-3011 at NVDCVE-2013-3012 at SUSECVE-2013-3012 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for IBM Java 6SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
IBM Java 6 SR15 has been released and fixes lots of bugs and security
issues.
More information can be found on:
http://www.ibm.com/developerworks/java/jdk/alerts/
<http://www.ibm.com/developerworks/java/jdk/alerts/>
Security Issue references:
* CVE-2013-5458
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5458>
* CVE-2013-5456
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5456>
* CVE-2013-5457
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5457>
* CVE-2013-4041
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4041>
* CVE-2013-5375
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5375>
* CVE-2013-5372
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5372>
* CVE-2013-5843
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5843>
* CVE-2013-5789
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5789>
* CVE-2013-5830
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5830>
* CVE-2013-5829
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5829>
* CVE-2013-5787
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5787>
* CVE-2013-5788
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5788>
* CVE-2013-5824
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5824>
* CVE-2013-5842
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5842>
* CVE-2013-5782
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5782>
* CVE-2013-5817
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5817>
* CVE-2013-5809
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5809>
* CVE-2013-5814
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5814>
* CVE-2013-5832
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5832>
* CVE-2013-5850
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5850>
* CVE-2013-5838
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5838>
* CVE-2013-5802
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802>
* CVE-2013-5812
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5812>
* CVE-2013-5804
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5804>
* CVE-2013-5783
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5783>
* CVE-2013-3829
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3829>
* CVE-2013-5823
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5823>
* CVE-2013-5831
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5831>
* CVE-2013-5820
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5820>
* CVE-2013-5819
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5819>
* CVE-2013-5818
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5818>
* CVE-2013-5848
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5848>
* CVE-2013-5776
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5776>
* CVE-2013-5774
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5774>
* CVE-2013-5825
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5825>
* CVE-2013-5840
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5840>
* CVE-2013-5801
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5801>
* CVE-2013-5778
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5778>
* CVE-2013-5851
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5851>
* CVE-2013-5800
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5800>
* CVE-2013-5784
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5784>
* CVE-2013-5849
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5849>
* CVE-2013-5790
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5790>
* CVE-2013-5780
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5780>
* CVE-2013-5797
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5797>
* CVE-2013-5803
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5803>
* CVE-2013-5772
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772>
SUSE bug 592934SUSE bug 666744SUSE bug 771808SUSE bug 773021SUSE bug 778629SUSE bug 785631SUSE bug 788750SUSE bug 798535SUSE bug 808625SUSE bug 813939SUSE bug 817062SUSE bug 819288SUSE bug 823034SUSE bug 829212SUSE bug 849212SUSE bug 862064SUSE bug 877430SUSE bug 891700SUSE bug 901223SUSE bug 904889SUSE bug 912434SUSE bug 912447SUSE bug 916265SUSE bug 916266SUSE bug 930365SUSE bug 931702CVE-2012-0551 at SUSECVE-2012-0551 at NVDCVE-2012-1531 at SUSECVE-2012-1531 at NVDCVE-2012-1532 at SUSECVE-2012-1532 at NVDCVE-2012-1533 at SUSECVE-2012-1533 at NVDCVE-2012-1541 at SUSECVE-2012-1541 at NVDCVE-2012-1713 at SUSECVE-2012-1713 at NVDCVE-2012-1716 at SUSECVE-2012-1716 at NVDCVE-2012-1717 at SUSECVE-2012-1717 at NVDCVE-2012-1718 at SUSECVE-2012-1718 at NVDCVE-2012-1719 at SUSECVE-2012-1719 at NVDCVE-2012-1721 at SUSECVE-2012-1721 at NVDCVE-2012-1722 at SUSECVE-2012-1722 at NVDCVE-2012-1725 at SUSECVE-2012-1725 at NVDCVE-2012-3143 at SUSECVE-2012-3143 at NVDCVE-2012-3159 at SUSECVE-2012-3159 at NVDCVE-2012-3213 at SUSECVE-2012-3213 at NVDCVE-2012-3216 at SUSECVE-2012-3216 at NVDCVE-2012-3342 at SUSECVE-2012-3342 at NVDCVE-2012-5068 at SUSECVE-2012-5068 at NVDCVE-2012-5069 at SUSECVE-2012-5069 at NVDCVE-2012-5071 at SUSECVE-2012-5071 at NVDCVE-2012-5072 at SUSECVE-2012-5072 at NVDCVE-2012-5073 at SUSECVE-2012-5073 at NVDCVE-2012-5075 at SUSECVE-2012-5075 at NVDCVE-2012-5079 at SUSECVE-2012-5079 at NVDCVE-2012-5081 at SUSECVE-2012-5081 at NVDCVE-2012-5083 at SUSECVE-2012-5083 at NVDCVE-2012-5084 at SUSECVE-2012-5084 at NVDCVE-2012-5089 at SUSECVE-2012-5089 at NVDCVE-2013-0169 at SUSECVE-2013-0169 at NVDCVE-2013-0351 at SUSECVE-2013-0351 at NVDCVE-2013-0401 at SUSECVE-2013-0401 at NVDCVE-2013-0409 at SUSECVE-2013-0409 at NVDCVE-2013-0419 at SUSECVE-2013-0419 at NVDCVE-2013-0423 at SUSECVE-2013-0423 at NVDCVE-2013-0424 at SUSECVE-2013-0424 at NVDCVE-2013-0425 at SUSECVE-2013-0425 at NVDCVE-2013-0426 at SUSECVE-2013-0426 at NVDCVE-2013-0427 at SUSECVE-2013-0427 at NVDCVE-2013-0428 at SUSECVE-2013-0428 at NVDCVE-2013-0432 at SUSECVE-2013-0432 at NVDCVE-2013-0433 at SUSECVE-2013-0433 at NVDCVE-2013-0434 at SUSECVE-2013-0434 at NVDCVE-2013-0435 at SUSECVE-2013-0435 at NVDCVE-2013-0438 at SUSECVE-2013-0438 at NVDCVE-2013-0440 at SUSECVE-2013-0440 at NVDCVE-2013-0441 at SUSECVE-2013-0441 at NVDCVE-2013-0442 at SUSECVE-2013-0442 at NVDCVE-2013-0443 at SUSECVE-2013-0443 at NVDCVE-2013-0445 at SUSECVE-2013-0445 at NVDCVE-2013-0446 at SUSECVE-2013-0446 at NVDCVE-2013-0450 at SUSECVE-2013-0450 at NVDCVE-2013-0485 at SUSECVE-2013-0485 at NVDCVE-2013-0809 at SUSECVE-2013-0809 at NVDCVE-2013-1473 at SUSECVE-2013-1473 at NVDCVE-2013-1476 at SUSECVE-2013-1476 at NVDCVE-2013-1478 at SUSECVE-2013-1478 at NVDCVE-2013-1480 at SUSECVE-2013-1480 at NVDCVE-2013-1481 at SUSECVE-2013-1481 at NVDCVE-2013-1486 at SUSECVE-2013-1486 at NVDCVE-2013-1487 at SUSECVE-2013-1487 at NVDCVE-2013-1491 at SUSECVE-2013-1491 at NVDCVE-2013-1493 at SUSECVE-2013-1493 at NVDCVE-2013-1500 at SUSECVE-2013-1500 at NVDCVE-2013-1537 at SUSECVE-2013-1537 at NVDCVE-2013-1540 at SUSECVE-2013-1540 at NVDCVE-2013-1557 at SUSECVE-2013-1557 at NVDCVE-2013-1563 at SUSECVE-2013-1563 at NVDCVE-2013-1569 at SUSECVE-2013-1569 at NVDCVE-2013-1571 at SUSECVE-2013-1571 at NVDCVE-2013-2383 at SUSECVE-2013-2383 at NVDCVE-2013-2384 at SUSECVE-2013-2384 at NVDCVE-2013-2394 at SUSECVE-2013-2394 at NVDCVE-2013-2407 at SUSECVE-2013-2407 at NVDCVE-2013-2412 at SUSECVE-2013-2412 at NVDCVE-2013-2417 at SUSECVE-2013-2417 at NVDCVE-2013-2418 at SUSECVE-2013-2418 at NVDCVE-2013-2419 at SUSECVE-2013-2419 at NVDCVE-2013-2420 at SUSECVE-2013-2420 at NVDCVE-2013-2422 at SUSECVE-2013-2422 at NVDCVE-2013-2424 at SUSECVE-2013-2424 at NVDCVE-2013-2429 at SUSECVE-2013-2429 at NVDCVE-2013-2430 at SUSECVE-2013-2430 at NVDCVE-2013-2432 at SUSECVE-2013-2432 at NVDCVE-2013-2433 at SUSECVE-2013-2433 at NVDCVE-2013-2435 at SUSECVE-2013-2435 at NVDCVE-2013-2437 at SUSECVE-2013-2437 at NVDCVE-2013-2440 at SUSECVE-2013-2440 at NVDCVE-2013-2442 at SUSECVE-2013-2442 at NVDCVE-2013-2443 at SUSECVE-2013-2443 at NVDCVE-2013-2444 at SUSECVE-2013-2444 at NVDCVE-2013-2446 at SUSECVE-2013-2446 at NVDCVE-2013-2447 at SUSECVE-2013-2447 at NVDCVE-2013-2448 at SUSECVE-2013-2448 at NVDCVE-2013-2450 at SUSECVE-2013-2450 at NVDCVE-2013-2451 at SUSECVE-2013-2451 at NVDCVE-2013-2452 at SUSECVE-2013-2452 at NVDCVE-2013-2453 at SUSECVE-2013-2453 at NVDCVE-2013-2454 at SUSECVE-2013-2454 at NVDCVE-2013-2455 at SUSECVE-2013-2455 at NVDCVE-2013-2456 at SUSECVE-2013-2456 at NVDCVE-2013-2457 at SUSECVE-2013-2457 at NVDCVE-2013-2459 at SUSECVE-2013-2459 at NVDCVE-2013-2463 at SUSECVE-2013-2463 at NVDCVE-2013-2464 at SUSECVE-2013-2464 at NVDCVE-2013-2465 at SUSECVE-2013-2465 at NVDCVE-2013-2466 at SUSECVE-2013-2466 at NVDCVE-2013-2468 at SUSECVE-2013-2468 at NVDCVE-2013-2469 at SUSECVE-2013-2469 at NVDCVE-2013-2470 at SUSECVE-2013-2470 at NVDCVE-2013-2471 at SUSECVE-2013-2471 at NVDCVE-2013-2472 at SUSECVE-2013-2472 at NVDCVE-2013-2473 at SUSECVE-2013-2473 at NVDCVE-2013-3009 at SUSECVE-2013-3009 at NVDCVE-2013-3011 at SUSECVE-2013-3011 at NVDCVE-2013-3012 at SUSECVE-2013-3012 at NVDCVE-2013-3743 at SUSECVE-2013-3743 at NVDCVE-2013-3829 at SUSECVE-2013-3829 at NVDCVE-2013-4002 at SUSECVE-2013-4002 at NVDCVE-2013-4041 at SUSECVE-2013-4041 at NVDCVE-2013-5372 at SUSECVE-2013-5372 at NVDCVE-2013-5375 at SUSECVE-2013-5375 at NVDCVE-2013-5456 at SUSECVE-2013-5456 at NVDCVE-2013-5457 at SUSECVE-2013-5457 at NVDCVE-2013-5458 at SUSECVE-2013-5458 at NVDCVE-2013-5772 at SUSECVE-2013-5772 at NVDCVE-2013-5774 at SUSECVE-2013-5774 at NVDCVE-2013-5776 at SUSECVE-2013-5776 at NVDCVE-2013-5778 at SUSECVE-2013-5778 at NVDCVE-2013-5780 at SUSECVE-2013-5780 at NVDCVE-2013-5782 at SUSECVE-2013-5782 at NVDCVE-2013-5783 at SUSECVE-2013-5783 at NVDCVE-2013-5784 at SUSECVE-2013-5784 at NVDCVE-2013-5787 at SUSECVE-2013-5787 at NVDCVE-2013-5788 at SUSECVE-2013-5788 at NVDCVE-2013-5789 at SUSECVE-2013-5789 at NVDCVE-2013-5790 at SUSECVE-2013-5790 at NVDCVE-2013-5797 at SUSECVE-2013-5797 at NVDCVE-2013-5800 at SUSECVE-2013-5800 at NVDCVE-2013-5801 at SUSECVE-2013-5801 at NVDCVE-2013-5802 at SUSECVE-2013-5802 at NVDCVE-2013-5803 at SUSECVE-2013-5803 at NVDCVE-2013-5804 at SUSECVE-2013-5804 at NVDCVE-2013-5809 at SUSECVE-2013-5809 at NVDCVE-2013-5812 at SUSECVE-2013-5812 at NVDCVE-2013-5814 at SUSECVE-2013-5814 at NVDCVE-2013-5817 at SUSECVE-2013-5817 at NVDCVE-2013-5818 at SUSECVE-2013-5818 at NVDCVE-2013-5819 at SUSECVE-2013-5819 at NVDCVE-2013-5820 at SUSECVE-2013-5820 at NVDCVE-2013-5823 at SUSECVE-2013-5823 at NVDCVE-2013-5824 at SUSECVE-2013-5824 at NVDCVE-2013-5825 at SUSECVE-2013-5825 at NVDCVE-2013-5829 at SUSECVE-2013-5829 at NVDCVE-2013-5830 at SUSECVE-2013-5830 at NVDCVE-2013-5831 at SUSECVE-2013-5831 at NVDCVE-2013-5832 at SUSECVE-2013-5832 at NVDCVE-2013-5838 at SUSECVE-2013-5838 at NVDCVE-2013-5840 at SUSECVE-2013-5840 at NVDCVE-2013-5842 at SUSECVE-2013-5842 at NVDCVE-2013-5843 at SUSECVE-2013-5843 at NVDCVE-2013-5848 at SUSECVE-2013-5848 at NVDCVE-2013-5849 at SUSECVE-2013-5849 at NVDCVE-2013-5850 at SUSECVE-2013-5850 at NVDCVE-2013-5851 at SUSECVE-2013-5851 at NVDCVE-2013-5878 at SUSECVE-2013-5878 at NVDCVE-2013-5884 at SUSECVE-2013-5884 at NVDCVE-2013-5887 at SUSECVE-2013-5887 at NVDCVE-2013-5888 at SUSECVE-2013-5888 at NVDCVE-2013-5889 at SUSECVE-2013-5889 at NVDCVE-2013-5896 at SUSECVE-2013-5896 at NVDCVE-2013-5898 at SUSECVE-2013-5898 at NVDCVE-2013-5899 at SUSECVE-2013-5899 at NVDCVE-2013-5907 at SUSECVE-2013-5907 at NVDCVE-2013-5910 at SUSECVE-2013-5910 at NVDCVE-2013-6629 at SUSECVE-2013-6629 at NVDCVE-2013-6954 at SUSECVE-2013-6954 at NVDCVE-2014-0368 at SUSECVE-2014-0368 at NVDCVE-2014-0373 at SUSECVE-2014-0373 at NVDCVE-2014-0375 at SUSECVE-2014-0375 at NVDCVE-2014-0376 at SUSECVE-2014-0376 at NVDCVE-2014-0387 at SUSECVE-2014-0387 at NVDCVE-2014-0403 at SUSECVE-2014-0403 at NVDCVE-2014-0410 at SUSECVE-2014-0410 at NVDCVE-2014-0411 at SUSECVE-2014-0411 at NVDCVE-2014-0415 at SUSECVE-2014-0415 at NVDCVE-2014-0416 at SUSECVE-2014-0416 at NVDCVE-2014-0417 at SUSECVE-2014-0417 at NVDCVE-2014-0422 at SUSECVE-2014-0422 at NVDCVE-2014-0423 at SUSECVE-2014-0423 at NVDCVE-2014-0424 at SUSECVE-2014-0424 at NVDCVE-2014-0428 at SUSECVE-2014-0428 at NVDCVE-2014-0429 at SUSECVE-2014-0429 at NVDCVE-2014-0446 at SUSECVE-2014-0446 at NVDCVE-2014-0449 at SUSECVE-2014-0449 at NVDCVE-2014-0451 at SUSECVE-2014-0451 at NVDCVE-2014-0452 at SUSECVE-2014-0452 at NVDCVE-2014-0453 at SUSECVE-2014-0453 at NVDCVE-2014-0457 at SUSECVE-2014-0457 at NVDCVE-2014-0458 at SUSECVE-2014-0458 at NVDCVE-2014-0459 at SUSECVE-2014-0459 at NVDCVE-2014-0460 at SUSECVE-2014-0460 at NVDCVE-2014-0461 at SUSECVE-2014-0461 at NVDCVE-2014-0878 at SUSECVE-2014-0878 at NVDCVE-2014-1876 at SUSECVE-2014-1876 at NVDCVE-2014-2398 at SUSECVE-2014-2398 at NVDCVE-2014-2401 at SUSECVE-2014-2401 at NVDCVE-2014-2409 at SUSECVE-2014-2409 at NVDCVE-2014-2412 at SUSECVE-2014-2412 at NVDCVE-2014-2414 at SUSECVE-2014-2414 at NVDCVE-2014-2420 at SUSECVE-2014-2420 at NVDCVE-2014-2421 at SUSECVE-2014-2421 at NVDCVE-2014-2423 at SUSECVE-2014-2423 at NVDCVE-2014-2427 at SUSECVE-2014-2427 at NVDCVE-2014-2428 at SUSECVE-2014-2428 at NVDCVE-2014-8891 at SUSECVE-2014-8891 at NVDCVE-2014-8892 at SUSECVE-2014-8892 at NVDCVE-2015-0138 at SUSECVE-2015-0138 at NVDCVE-2015-0192 at SUSECVE-2015-0192 at NVDCVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0458 at SUSECVE-2015-0458 at NVDCVE-2015-0459 at SUSECVE-2015-0459 at NVDCVE-2015-0469 at SUSECVE-2015-0469 at NVDCVE-2015-0477 at SUSECVE-2015-0477 at NVDCVE-2015-0478 at SUSECVE-2015-0478 at NVDCVE-2015-0480 at SUSECVE-2015-0480 at NVDCVE-2015-0488 at SUSECVE-2015-0488 at NVDCVE-2015-0491 at SUSECVE-2015-0491 at NVDCVE-2015-1914 at SUSECVE-2015-1914 at NVDCVE-2015-2808 at SUSECVE-2015-2808 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
IBM Java was updated to version 6 SR16 FP7 (6.0-16.7) to fix several security issues and bugs.
The following vulnerabilities were fixed:
* CVE-2015-1931: IBM Java Security Components store plain text data in memory dumps, which could allow a local attacker to obtain information to aid in further attacks against the system.
* CVE-2015-2590: Easily exploitable vulnerability in the Libraries component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-2601: Easily exploitable vulnerability in the JCE component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2621: Easily exploitable vulnerability in the JMX component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2625: Very difficult to exploit vulnerability in the JSSE component allowed successful unauthenticated network attacks via SSL/TLS. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2632: Easily exploitable vulnerability in the 2D component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2637: Easily exploitable vulnerability in the 2D component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2638: Easily exploitable vulnerability in the 2D component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-2664: Difficult to exploit vulnerability in the Deployment component requiring logon to Operating System. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-2808: Very difficult to exploit vulnerability in the JSSE component allowed successful unauthenticated network attacks via SSL/TLS. Successful attack of this vulnerability could have resulted in unauthorized update, insert or delete access to some Java accessible data as well as read access to a subset of Java accessible data.
* CVE-2015-4000: Very difficult to exploit vulnerability in the JSSE component allowed successful unauthenticated network attacks via SSL/TLS. Successful attack of this vulnerability could have resulted in unauthorized update, insert or delete access to some Java accessible data as well as read access to a subset of Java Embedded accessible data. (bnc#935540)
* CVE-2015-4731: Easily exploitable vulnerability in the JMX component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-4732: Easily exploitable vulnerability in the Libraries component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-4733: Easily exploitable vulnerability in the RMI component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-4748: Very difficult to exploit vulnerability in the Security component allowed successful unauthenticated network attacks via OCSP. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-4749: Difficult to exploit vulnerability in the JNDI component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized ability to cause a partial denial of service (partial DOS).
* CVE-2015-4760: Easily exploitable vulnerability in the 2D component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
The following non-security bugs were fixed:
* bsc#936844: misconfigured update-alternative entries
* bsc#941939: provide %{name} instead of %{sdklnk} only in _jvmprivdir
ImportantSUSE bug 935540SUSE bug 936844SUSE bug 938895SUSE bug 941939CVE-2015-1931 at SUSECVE-2015-1931 at NVDCVE-2015-2590 at SUSECVE-2015-2590 at NVDCVE-2015-2601 at SUSECVE-2015-2601 at NVDCVE-2015-2621 at SUSECVE-2015-2621 at NVDCVE-2015-2625 at SUSECVE-2015-2625 at NVDCVE-2015-2632 at SUSECVE-2015-2632 at NVDCVE-2015-2637 at SUSECVE-2015-2637 at NVDCVE-2015-2638 at SUSECVE-2015-2638 at NVDCVE-2015-2664 at SUSECVE-2015-2664 at NVDCVE-2015-2808 at SUSECVE-2015-2808 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDCVE-2015-4731 at SUSECVE-2015-4731 at NVDCVE-2015-4732 at SUSECVE-2015-4732 at NVDCVE-2015-4733 at SUSECVE-2015-4733 at NVDCVE-2015-4748 at SUSECVE-2015-4748 at NVDCVE-2015-4749 at SUSECVE-2015-4749 at NVDCVE-2015-4760 at SUSECVE-2015-4760 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for java-1_6_0-ibm fixes the following issues by updating to 6.0-16.20 (bsc#963937)
- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances
- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials
- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information
- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact
- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information
- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service
- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact
- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact
The following bugs were fixed:
- bsc#960402: resolve package conflicts in devel package
- bsc#960286: resolve package conflicts in the fonts subpackage
ImportantSUSE bug 960286SUSE bug 960402SUSE bug 963937CVE-2015-5041 at SUSECVE-2015-5041 at NVDCVE-2015-7575 at SUSECVE-2015-7575 at NVDCVE-2015-7981 at SUSECVE-2015-7981 at NVDCVE-2015-8126 at SUSECVE-2015-8126 at NVDCVE-2015-8472 at SUSECVE-2015-8472 at NVDCVE-2015-8540 at SUSECVE-2015-8540 at NVDCVE-2016-0402 at SUSECVE-2016-0402 at NVDCVE-2016-0448 at SUSECVE-2016-0448 at NVDCVE-2016-0466 at SUSECVE-2016-0466 at NVDCVE-2016-0483 at SUSECVE-2016-0483 at NVDCVE-2016-0494 at SUSECVE-2016-0494 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This IBM Java 1.6.0 SR16 FP25 release fixes the following issues:
Security issues fixed:
- CVE-2016-0264: buffer overflow vulnerability in the IBM JVM (bsc#977648)
- CVE-2016-0363: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix (bsc#977650)
- CVE-2016-0376: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix (bsc#977646)
- The following CVEs got also fixed during this update. (bsc#979252)
CVE-2016-3443, CVE-2016-0687, CVE-2016-0686, CVE-2016-3427, CVE-2016-3449, CVE-2016-3422, CVE-2016-3426
ImportantSUSE bug 977646SUSE bug 977648SUSE bug 977650SUSE bug 979252CVE-2016-0264 at SUSECVE-2016-0264 at NVDCVE-2016-0363 at SUSECVE-2016-0363 at NVDCVE-2016-0376 at SUSECVE-2016-0376 at NVDCVE-2016-0686 at SUSECVE-2016-0686 at NVDCVE-2016-0687 at SUSECVE-2016-0687 at NVDCVE-2016-3422 at SUSECVE-2016-3422 at NVDCVE-2016-3426 at SUSECVE-2016-3426 at NVDCVE-2016-3427 at SUSECVE-2016-3427 at NVDCVE-2016-3443 at SUSECVE-2016-3443 at NVDCVE-2016-3449 at SUSECVE-2016-3449 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
IBM Java 6 was updated to version 6.0-16.30.
Following security issue was fixed: CVE-2016-3485
Please see https://www.ibm.com/developerworks/java/jdk/alerts/ for more information.
ImportantSUSE bug 992537CVE-2016-3485 at SUSECVE-2016-3485 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for java-1_6_0-ibm fixes the following issues:
- Version update to 6.0-16.35 (bsc#1009280) fixing the following CVE's:
CVE-2016-5568, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597, CVE-2016-5554,
CVE-2016-5542
ImportantSUSE bug 1009280CVE-2016-5542 at SUSECVE-2016-5542 at NVDCVE-2016-5554 at SUSECVE-2016-5554 at NVDCVE-2016-5556 at SUSECVE-2016-5556 at NVDCVE-2016-5568 at SUSECVE-2016-5568 at NVDCVE-2016-5573 at SUSECVE-2016-5573 at NVDCVE-2016-5597 at SUSECVE-2016-5597 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for java-1_6_0-ibm fixes the following issues:
- Version update to 6.0-16.15 bsc#955131:
CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810
CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844
CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883
CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006
CVE-2015-2808 CVE-2015-2625 CVE-2015-0491 CVE-2015-0459 CVE-2015-0469
CVE-2015-0458 CVE-2015-0480 CVE-2015-0488 CVE-2015-0478 CVE-2015-0477
CVE-2015-0204 ImportantSUSE bug 955131CVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0458 at SUSECVE-2015-0458 at NVDCVE-2015-0459 at SUSECVE-2015-0459 at NVDCVE-2015-0469 at SUSECVE-2015-0469 at NVDCVE-2015-0477 at SUSECVE-2015-0477 at NVDCVE-2015-0478 at SUSECVE-2015-0478 at NVDCVE-2015-0480 at SUSECVE-2015-0480 at NVDCVE-2015-0488 at SUSECVE-2015-0488 at NVDCVE-2015-0491 at SUSECVE-2015-0491 at NVDCVE-2015-2625 at SUSECVE-2015-2625 at NVDCVE-2015-2808 at SUSECVE-2015-2808 at NVDCVE-2015-4734 at SUSECVE-2015-4734 at NVDCVE-2015-4803 at SUSECVE-2015-4803 at NVDCVE-2015-4805 at SUSECVE-2015-4805 at NVDCVE-2015-4806 at SUSECVE-2015-4806 at NVDCVE-2015-4810 at SUSECVE-2015-4810 at NVDCVE-2015-4835 at SUSECVE-2015-4835 at NVDCVE-2015-4840 at SUSECVE-2015-4840 at NVDCVE-2015-4842 at SUSECVE-2015-4842 at NVDCVE-2015-4843 at SUSECVE-2015-4843 at NVDCVE-2015-4844 at SUSECVE-2015-4844 at NVDCVE-2015-4860 at SUSECVE-2015-4860 at NVDCVE-2015-4871 at SUSECVE-2015-4871 at NVDCVE-2015-4872 at SUSECVE-2015-4872 at NVDCVE-2015-4882 at SUSECVE-2015-4882 at NVDCVE-2015-4883 at SUSECVE-2015-4883 at NVDCVE-2015-4893 at SUSECVE-2015-4893 at NVDCVE-2015-4902 at SUSECVE-2015-4902 at NVDCVE-2015-4903 at SUSECVE-2015-4903 at NVDCVE-2015-4911 at SUSECVE-2015-4911 at NVDCVE-2015-5006 at SUSECVE-2015-5006 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for IBM Java 7SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
IBM Java 7 SR6 has been released and fixes lots of bugs and security
issues.
More information can be found on:
http://www.ibm.com/developerworks/java/jdk/alerts/
<http://www.ibm.com/developerworks/java/jdk/alerts/>
Security Issue references:
* CVE-2013-5458
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5458>
* CVE-2013-5456
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5456>
* CVE-2013-5457
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5457>
* CVE-2013-4041
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4041>
* CVE-2013-5375
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5375>
* CVE-2013-5372
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5372>
* CVE-2013-5843
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5843>
* CVE-2013-5789
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5789>
* CVE-2013-5830
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5830>
* CVE-2013-5829
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5829>
* CVE-2013-5787
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5787>
* CVE-2013-5788
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5788>
* CVE-2013-5824
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5824>
* CVE-2013-5842
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5842>
* CVE-2013-5782
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5782>
* CVE-2013-5817
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5817>
* CVE-2013-5809
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5809>
* CVE-2013-5814
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5814>
* CVE-2013-5832
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5832>
* CVE-2013-5850
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5850>
* CVE-2013-5838
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5838>
* CVE-2013-5802
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802>
* CVE-2013-5812
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5812>
* CVE-2013-5804
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5804>
* CVE-2013-5783
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5783>
* CVE-2013-3829
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3829>
* CVE-2013-5823
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5823>
* CVE-2013-5831
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5831>
* CVE-2013-5820
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5820>
* CVE-2013-5819
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5819>
* CVE-2013-5818
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5818>
* CVE-2013-5848
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5848>
* CVE-2013-5776
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5776>
* CVE-2013-5774
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5774>
* CVE-2013-5825
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5825>
* CVE-2013-5840
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5840>
* CVE-2013-5801
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5801>
* CVE-2013-5778
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5778>
* CVE-2013-5851
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5851>
* CVE-2013-5800
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5800>
* CVE-2013-5784
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5784>
* CVE-2013-5849
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5849>
* CVE-2013-5790
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5790>
* CVE-2013-5780
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5780>
* CVE-2013-5797
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5797>
* CVE-2013-5803
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5803>
* CVE-2013-5772
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772>
SUSE bug 592934SUSE bug 772640SUSE bug 780897SUSE bug 788750SUSE bug 798535SUSE bug 813939SUSE bug 817062SUSE bug 819285SUSE bug 819288SUSE bug 823034SUSE bug 829212SUSE bug 849212SUSE bug 862064SUSE bug 877429SUSE bug 891701SUSE bug 901223SUSE bug 901239SUSE bug 904889SUSE bug 912434SUSE bug 912447SUSE bug 916265SUSE bug 916266SUSE bug 930365SUSE bug 931702CVE-2012-0547 at SUSECVE-2012-0547 at NVDCVE-2012-0551 at SUSECVE-2012-0551 at NVDCVE-2012-1531 at SUSECVE-2012-1531 at NVDCVE-2012-1532 at SUSECVE-2012-1532 at NVDCVE-2012-1533 at SUSECVE-2012-1533 at NVDCVE-2012-1541 at SUSECVE-2012-1541 at NVDCVE-2012-1682 at SUSECVE-2012-1682 at NVDCVE-2012-1713 at SUSECVE-2012-1713 at NVDCVE-2012-1716 at SUSECVE-2012-1716 at NVDCVE-2012-1717 at SUSECVE-2012-1717 at NVDCVE-2012-1718 at SUSECVE-2012-1718 at NVDCVE-2012-1719 at SUSECVE-2012-1719 at NVDCVE-2012-1721 at SUSECVE-2012-1721 at NVDCVE-2012-1722 at SUSECVE-2012-1722 at NVDCVE-2012-1725 at SUSECVE-2012-1725 at NVDCVE-2012-1726 at SUSECVE-2012-1726 at NVDCVE-2012-3136 at SUSECVE-2012-3136 at NVDCVE-2012-3143 at SUSECVE-2012-3143 at NVDCVE-2012-3159 at SUSECVE-2012-3159 at NVDCVE-2012-3174 at SUSECVE-2012-3174 at NVDCVE-2012-3213 at SUSECVE-2012-3213 at NVDCVE-2012-3216 at SUSECVE-2012-3216 at NVDCVE-2012-3342 at SUSECVE-2012-3342 at NVDCVE-2012-4681 at SUSECVE-2012-4681 at NVDCVE-2012-5067 at SUSECVE-2012-5067 at NVDCVE-2012-5069 at SUSECVE-2012-5069 at NVDCVE-2012-5070 at SUSECVE-2012-5070 at NVDCVE-2012-5071 at SUSECVE-2012-5071 at NVDCVE-2012-5072 at SUSECVE-2012-5072 at NVDCVE-2012-5073 at SUSECVE-2012-5073 at NVDCVE-2012-5074 at SUSECVE-2012-5074 at NVDCVE-2012-5075 at SUSECVE-2012-5075 at NVDCVE-2012-5076 at SUSECVE-2012-5076 at NVDCVE-2012-5077 at SUSECVE-2012-5077 at NVDCVE-2012-5079 at SUSECVE-2012-5079 at NVDCVE-2012-5081 at SUSECVE-2012-5081 at NVDCVE-2012-5083 at SUSECVE-2012-5083 at NVDCVE-2012-5084 at SUSECVE-2012-5084 at NVDCVE-2012-5086 at SUSECVE-2012-5086 at NVDCVE-2012-5087 at SUSECVE-2012-5087 at NVDCVE-2012-5088 at SUSECVE-2012-5088 at NVDCVE-2012-5089 at SUSECVE-2012-5089 at NVDCVE-2013-0169 at SUSECVE-2013-0169 at NVDCVE-2013-0351 at SUSECVE-2013-0351 at NVDCVE-2013-0401 at SUSECVE-2013-0401 at NVDCVE-2013-0409 at SUSECVE-2013-0409 at NVDCVE-2013-0419 at SUSECVE-2013-0419 at NVDCVE-2013-0422 at SUSECVE-2013-0422 at NVDCVE-2013-0423 at SUSECVE-2013-0423 at NVDCVE-2013-0424 at SUSECVE-2013-0424 at NVDCVE-2013-0425 at SUSECVE-2013-0425 at NVDCVE-2013-0426 at SUSECVE-2013-0426 at NVDCVE-2013-0427 at SUSECVE-2013-0427 at NVDCVE-2013-0428 at SUSECVE-2013-0428 at NVDCVE-2013-0431 at SUSECVE-2013-0431 at NVDCVE-2013-0432 at SUSECVE-2013-0432 at NVDCVE-2013-0433 at SUSECVE-2013-0433 at NVDCVE-2013-0434 at SUSECVE-2013-0434 at NVDCVE-2013-0435 at SUSECVE-2013-0435 at NVDCVE-2013-0437 at SUSECVE-2013-0437 at NVDCVE-2013-0438 at SUSECVE-2013-0438 at NVDCVE-2013-0440 at SUSECVE-2013-0440 at NVDCVE-2013-0441 at SUSECVE-2013-0441 at NVDCVE-2013-0442 at SUSECVE-2013-0442 at NVDCVE-2013-0443 at SUSECVE-2013-0443 at NVDCVE-2013-0444 at SUSECVE-2013-0444 at NVDCVE-2013-0445 at SUSECVE-2013-0445 at NVDCVE-2013-0446 at SUSECVE-2013-0446 at NVDCVE-2013-0449 at SUSECVE-2013-0449 at NVDCVE-2013-0450 at SUSECVE-2013-0450 at NVDCVE-2013-0485 at SUSECVE-2013-0485 at NVDCVE-2013-0809 at SUSECVE-2013-0809 at NVDCVE-2013-1473 at SUSECVE-2013-1473 at NVDCVE-2013-1476 at SUSECVE-2013-1476 at NVDCVE-2013-1478 at SUSECVE-2013-1478 at NVDCVE-2013-1480 at SUSECVE-2013-1480 at NVDCVE-2013-1484 at SUSECVE-2013-1484 at NVDCVE-2013-1485 at SUSECVE-2013-1485 at NVDCVE-2013-1486 at SUSECVE-2013-1486 at NVDCVE-2013-1487 at SUSECVE-2013-1487 at NVDCVE-2013-1491 at SUSECVE-2013-1491 at NVDCVE-2013-1493 at SUSECVE-2013-1493 at NVDCVE-2013-1500 at SUSECVE-2013-1500 at NVDCVE-2013-1537 at SUSECVE-2013-1537 at NVDCVE-2013-1540 at SUSECVE-2013-1540 at NVDCVE-2013-1557 at SUSECVE-2013-1557 at NVDCVE-2013-1563 at SUSECVE-2013-1563 at NVDCVE-2013-1569 at SUSECVE-2013-1569 at NVDCVE-2013-1571 at SUSECVE-2013-1571 at NVDCVE-2013-2383 at SUSECVE-2013-2383 at NVDCVE-2013-2384 at SUSECVE-2013-2384 at NVDCVE-2013-2394 at SUSECVE-2013-2394 at NVDCVE-2013-2400 at SUSECVE-2013-2400 at NVDCVE-2013-2407 at SUSECVE-2013-2407 at NVDCVE-2013-2412 at SUSECVE-2013-2412 at NVDCVE-2013-2417 at SUSECVE-2013-2417 at NVDCVE-2013-2418 at SUSECVE-2013-2418 at NVDCVE-2013-2419 at SUSECVE-2013-2419 at NVDCVE-2013-2420 at SUSECVE-2013-2420 at NVDCVE-2013-2422 at SUSECVE-2013-2422 at NVDCVE-2013-2424 at SUSECVE-2013-2424 at NVDCVE-2013-2429 at SUSECVE-2013-2429 at NVDCVE-2013-2430 at SUSECVE-2013-2430 at NVDCVE-2013-2432 at SUSECVE-2013-2432 at NVDCVE-2013-2433 at SUSECVE-2013-2433 at NVDCVE-2013-2435 at SUSECVE-2013-2435 at NVDCVE-2013-2437 at SUSECVE-2013-2437 at NVDCVE-2013-2440 at SUSECVE-2013-2440 at NVDCVE-2013-2442 at SUSECVE-2013-2442 at NVDCVE-2013-2443 at SUSECVE-2013-2443 at NVDCVE-2013-2444 at SUSECVE-2013-2444 at NVDCVE-2013-2446 at SUSECVE-2013-2446 at NVDCVE-2013-2447 at SUSECVE-2013-2447 at NVDCVE-2013-2448 at SUSECVE-2013-2448 at NVDCVE-2013-2449 at SUSECVE-2013-2449 at NVDCVE-2013-2450 at SUSECVE-2013-2450 at NVDCVE-2013-2451 at SUSECVE-2013-2451 at NVDCVE-2013-2452 at SUSECVE-2013-2452 at NVDCVE-2013-2453 at SUSECVE-2013-2453 at NVDCVE-2013-2454 at SUSECVE-2013-2454 at NVDCVE-2013-2455 at SUSECVE-2013-2455 at NVDCVE-2013-2456 at SUSECVE-2013-2456 at NVDCVE-2013-2457 at SUSECVE-2013-2457 at NVDCVE-2013-2458 at SUSECVE-2013-2458 at NVDCVE-2013-2459 at SUSECVE-2013-2459 at NVDCVE-2013-2460 at SUSECVE-2013-2460 at NVDCVE-2013-2462 at SUSECVE-2013-2462 at NVDCVE-2013-2463 at SUSECVE-2013-2463 at NVDCVE-2013-2464 at SUSECVE-2013-2464 at NVDCVE-2013-2465 at SUSECVE-2013-2465 at NVDCVE-2013-2466 at SUSECVE-2013-2466 at NVDCVE-2013-2468 at SUSECVE-2013-2468 at NVDCVE-2013-2469 at SUSECVE-2013-2469 at NVDCVE-2013-2470 at SUSECVE-2013-2470 at NVDCVE-2013-2471 at SUSECVE-2013-2471 at NVDCVE-2013-2472 at SUSECVE-2013-2472 at NVDCVE-2013-2473 at SUSECVE-2013-2473 at NVDCVE-2013-3006 at SUSECVE-2013-3006 at NVDCVE-2013-3007 at SUSECVE-2013-3007 at NVDCVE-2013-3008 at SUSECVE-2013-3008 at NVDCVE-2013-3009 at SUSECVE-2013-3009 at NVDCVE-2013-3010 at SUSECVE-2013-3010 at NVDCVE-2013-3011 at SUSECVE-2013-3011 at NVDCVE-2013-3012 at SUSECVE-2013-3012 at NVDCVE-2013-3743 at SUSECVE-2013-3743 at NVDCVE-2013-3744 at SUSECVE-2013-3744 at NVDCVE-2013-3829 at SUSECVE-2013-3829 at NVDCVE-2013-4002 at SUSECVE-2013-4002 at NVDCVE-2013-4041 at SUSECVE-2013-4041 at NVDCVE-2013-5372 at SUSECVE-2013-5372 at NVDCVE-2013-5375 at SUSECVE-2013-5375 at NVDCVE-2013-5456 at SUSECVE-2013-5456 at NVDCVE-2013-5457 at SUSECVE-2013-5457 at NVDCVE-2013-5458 at SUSECVE-2013-5458 at NVDCVE-2013-5772 at SUSECVE-2013-5772 at NVDCVE-2013-5774 at SUSECVE-2013-5774 at NVDCVE-2013-5776 at SUSECVE-2013-5776 at NVDCVE-2013-5778 at SUSECVE-2013-5778 at NVDCVE-2013-5780 at SUSECVE-2013-5780 at NVDCVE-2013-5782 at SUSECVE-2013-5782 at NVDCVE-2013-5783 at SUSECVE-2013-5783 at NVDCVE-2013-5784 at SUSECVE-2013-5784 at NVDCVE-2013-5787 at SUSECVE-2013-5787 at NVDCVE-2013-5788 at SUSECVE-2013-5788 at NVDCVE-2013-5789 at SUSECVE-2013-5789 at NVDCVE-2013-5790 at SUSECVE-2013-5790 at NVDCVE-2013-5797 at SUSECVE-2013-5797 at NVDCVE-2013-5800 at SUSECVE-2013-5800 at NVDCVE-2013-5801 at SUSECVE-2013-5801 at NVDCVE-2013-5802 at SUSECVE-2013-5802 at NVDCVE-2013-5803 at SUSECVE-2013-5803 at NVDCVE-2013-5804 at SUSECVE-2013-5804 at NVDCVE-2013-5809 at SUSECVE-2013-5809 at NVDCVE-2013-5812 at SUSECVE-2013-5812 at NVDCVE-2013-5814 at SUSECVE-2013-5814 at NVDCVE-2013-5817 at SUSECVE-2013-5817 at NVDCVE-2013-5818 at SUSECVE-2013-5818 at NVDCVE-2013-5819 at SUSECVE-2013-5819 at NVDCVE-2013-5820 at SUSECVE-2013-5820 at NVDCVE-2013-5823 at SUSECVE-2013-5823 at NVDCVE-2013-5824 at SUSECVE-2013-5824 at NVDCVE-2013-5825 at SUSECVE-2013-5825 at NVDCVE-2013-5829 at SUSECVE-2013-5829 at NVDCVE-2013-5830 at SUSECVE-2013-5830 at NVDCVE-2013-5831 at SUSECVE-2013-5831 at NVDCVE-2013-5832 at SUSECVE-2013-5832 at NVDCVE-2013-5838 at SUSECVE-2013-5838 at NVDCVE-2013-5840 at SUSECVE-2013-5840 at NVDCVE-2013-5842 at SUSECVE-2013-5842 at NVDCVE-2013-5843 at SUSECVE-2013-5843 at NVDCVE-2013-5848 at SUSECVE-2013-5848 at NVDCVE-2013-5849 at SUSECVE-2013-5849 at NVDCVE-2013-5850 at SUSECVE-2013-5850 at NVDCVE-2013-5851 at SUSECVE-2013-5851 at NVDCVE-2013-5878 at SUSECVE-2013-5878 at NVDCVE-2013-5884 at SUSECVE-2013-5884 at NVDCVE-2013-5887 at SUSECVE-2013-5887 at NVDCVE-2013-5888 at SUSECVE-2013-5888 at NVDCVE-2013-5889 at SUSECVE-2013-5889 at NVDCVE-2013-5896 at SUSECVE-2013-5896 at NVDCVE-2013-5898 at SUSECVE-2013-5898 at NVDCVE-2013-5899 at SUSECVE-2013-5899 at NVDCVE-2013-5907 at SUSECVE-2013-5907 at NVDCVE-2013-5910 at SUSECVE-2013-5910 at NVDCVE-2013-6629 at SUSECVE-2013-6629 at NVDCVE-2013-6954 at SUSECVE-2013-6954 at NVDCVE-2014-0368 at SUSECVE-2014-0368 at NVDCVE-2014-0373 at SUSECVE-2014-0373 at NVDCVE-2014-0375 at SUSECVE-2014-0375 at NVDCVE-2014-0376 at SUSECVE-2014-0376 at NVDCVE-2014-0387 at SUSECVE-2014-0387 at NVDCVE-2014-0403 at SUSECVE-2014-0403 at NVDCVE-2014-0410 at SUSECVE-2014-0410 at NVDCVE-2014-0411 at SUSECVE-2014-0411 at NVDCVE-2014-0415 at SUSECVE-2014-0415 at NVDCVE-2014-0416 at SUSECVE-2014-0416 at NVDCVE-2014-0417 at SUSECVE-2014-0417 at NVDCVE-2014-0422 at SUSECVE-2014-0422 at NVDCVE-2014-0423 at SUSECVE-2014-0423 at NVDCVE-2014-0424 at SUSECVE-2014-0424 at NVDCVE-2014-0428 at SUSECVE-2014-0428 at NVDCVE-2014-0429 at SUSECVE-2014-0429 at NVDCVE-2014-0446 at SUSECVE-2014-0446 at NVDCVE-2014-0448 at SUSECVE-2014-0448 at NVDCVE-2014-0449 at SUSECVE-2014-0449 at NVDCVE-2014-0451 at SUSECVE-2014-0451 at NVDCVE-2014-0452 at SUSECVE-2014-0452 at NVDCVE-2014-0453 at SUSECVE-2014-0453 at NVDCVE-2014-0454 at SUSECVE-2014-0454 at NVDCVE-2014-0455 at SUSECVE-2014-0455 at NVDCVE-2014-0457 at SUSECVE-2014-0457 at NVDCVE-2014-0458 at SUSECVE-2014-0458 at NVDCVE-2014-0459 at SUSECVE-2014-0459 at NVDCVE-2014-0460 at SUSECVE-2014-0460 at NVDCVE-2014-0461 at SUSECVE-2014-0461 at NVDCVE-2014-0878 at SUSECVE-2014-0878 at NVDCVE-2014-1876 at SUSECVE-2014-1876 at NVDCVE-2014-2398 at SUSECVE-2014-2398 at NVDCVE-2014-2401 at SUSECVE-2014-2401 at NVDCVE-2014-2402 at SUSECVE-2014-2402 at NVDCVE-2014-2409 at SUSECVE-2014-2409 at NVDCVE-2014-2412 at SUSECVE-2014-2412 at NVDCVE-2014-2414 at SUSECVE-2014-2414 at NVDCVE-2014-2420 at SUSECVE-2014-2420 at NVDCVE-2014-2421 at SUSECVE-2014-2421 at NVDCVE-2014-2423 at SUSECVE-2014-2423 at NVDCVE-2014-2427 at SUSECVE-2014-2427 at NVDCVE-2014-2428 at SUSECVE-2014-2428 at NVDCVE-2014-8891 at SUSECVE-2014-8891 at NVDCVE-2014-8892 at SUSECVE-2014-8892 at NVDCVE-2015-0138 at SUSECVE-2015-0138 at NVDCVE-2015-0192 at SUSECVE-2015-0192 at NVDCVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0458 at SUSECVE-2015-0458 at NVDCVE-2015-0459 at SUSECVE-2015-0459 at NVDCVE-2015-0469 at SUSECVE-2015-0469 at NVDCVE-2015-0477 at SUSECVE-2015-0477 at NVDCVE-2015-0478 at SUSECVE-2015-0478 at NVDCVE-2015-0480 at SUSECVE-2015-0480 at NVDCVE-2015-0488 at SUSECVE-2015-0488 at NVDCVE-2015-0491 at SUSECVE-2015-0491 at NVDCVE-2015-1914 at SUSECVE-2015-1914 at NVDCVE-2015-2808 at SUSECVE-2015-2808 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
java-1_7_0-ibm was updated to fix 21 security issues.
These security issues were fixed:
- CVE-2015-4729: Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allowed remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment (bsc#938895).
- CVE-2015-4748: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security (bsc#938895).
- CVE-2015-2664: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allowed local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment (bsc#938895).
- CVE-2015-0192: Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allowed remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine (bsc#938895).
- CVE-2015-2613: Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality via vectors related to JCE (bsc#938895).
- CVE-2015-4731: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX (bsc#938895).
- CVE-2015-2637: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality via unknown vectors related to 2D (bsc#938895).
- CVE-2015-4733: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI (bsc#938895).
- CVE-2015-4732: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-2590 (bsc#938895).
- CVE-2015-2621: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33, allowed remote attackers to affect confidentiality via vectors related to JMX (bsc#938895).
- CVE-2015-2619: Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, JavaFX 2.2.80, and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality via unknown vectors related to 2D (bsc#938895).
- CVE-2015-2590: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732 (bsc#938895).
- CVE-2015-2638: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D (bsc#938895).
- CVE-2015-2625: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality via vectors related to JSSE (bsc#938895).
- CVE-2015-2632: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allowed remote attackers to affect confidentiality via unknown vectors related to 2D (bsc#938895).
- CVE-2015-1931: Unspecified vulnerability (bsc#938895).
- CVE-2015-4760: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D (bsc#938895).
- CVE-2015-4000: The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, did not properly convey a DHE_EXPORT choice, which allowed man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the 'Logjam' issue (bsc#935540).
- CVE-2015-2601: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality via vectors related to JCE (bsc#938895).
- CVE-2015-2808: The RC4 algorithm, as used in the TLS protocol and SSL protocol, did not properly combine state data with key data during the initialization phase, which made it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the 'Bar Mitzvah' issue (bsc#938895).
- CVE-2015-4749: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect availability via vectors related to JNDI (bsc#938895).
ImportantSUSE bug 935540SUSE bug 938895CVE-2015-0192 at SUSECVE-2015-0192 at NVDCVE-2015-1931 at SUSECVE-2015-1931 at NVDCVE-2015-2590 at SUSECVE-2015-2590 at NVDCVE-2015-2601 at SUSECVE-2015-2601 at NVDCVE-2015-2613 at SUSECVE-2015-2613 at NVDCVE-2015-2619 at SUSECVE-2015-2619 at NVDCVE-2015-2621 at SUSECVE-2015-2621 at NVDCVE-2015-2625 at SUSECVE-2015-2625 at NVDCVE-2015-2632 at SUSECVE-2015-2632 at NVDCVE-2015-2637 at SUSECVE-2015-2637 at NVDCVE-2015-2638 at SUSECVE-2015-2638 at NVDCVE-2015-2664 at SUSECVE-2015-2664 at NVDCVE-2015-2808 at SUSECVE-2015-2808 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDCVE-2015-4729 at SUSECVE-2015-4729 at NVDCVE-2015-4731 at SUSECVE-2015-4731 at NVDCVE-2015-4732 at SUSECVE-2015-4732 at NVDCVE-2015-4733 at SUSECVE-2015-4733 at NVDCVE-2015-4748 at SUSECVE-2015-4748 at NVDCVE-2015-4749 at SUSECVE-2015-4749 at NVDCVE-2015-4760 at SUSECVE-2015-4760 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
The java-1_7_0-ibm package was updated to version 7.0-9.20 to fix several security and non security issues:
- bnc#955131: Version update to 7.0-9.20:
CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810
CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844
CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883
CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006
- Add backcompat symlinks for sdkdir
- bnc#941939: Fix to provide %{name} instead of %{sdklnk} only in _jvmprivdir
ImportantSUSE bug 941939SUSE bug 955131CVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0458 at SUSECVE-2015-0458 at NVDCVE-2015-0459 at SUSECVE-2015-0459 at NVDCVE-2015-0469 at SUSECVE-2015-0469 at NVDCVE-2015-0477 at SUSECVE-2015-0477 at NVDCVE-2015-0478 at SUSECVE-2015-0478 at NVDCVE-2015-0480 at SUSECVE-2015-0480 at NVDCVE-2015-0488 at SUSECVE-2015-0488 at NVDCVE-2015-0491 at SUSECVE-2015-0491 at NVDCVE-2015-4734 at SUSECVE-2015-4734 at NVDCVE-2015-4803 at SUSECVE-2015-4803 at NVDCVE-2015-4805 at SUSECVE-2015-4805 at NVDCVE-2015-4806 at SUSECVE-2015-4806 at NVDCVE-2015-4810 at SUSECVE-2015-4810 at NVDCVE-2015-4835 at SUSECVE-2015-4835 at NVDCVE-2015-4840 at SUSECVE-2015-4840 at NVDCVE-2015-4842 at SUSECVE-2015-4842 at NVDCVE-2015-4843 at SUSECVE-2015-4843 at NVDCVE-2015-4844 at SUSECVE-2015-4844 at NVDCVE-2015-4860 at SUSECVE-2015-4860 at NVDCVE-2015-4871 at SUSECVE-2015-4871 at NVDCVE-2015-4872 at SUSECVE-2015-4872 at NVDCVE-2015-4882 at SUSECVE-2015-4882 at NVDCVE-2015-4883 at SUSECVE-2015-4883 at NVDCVE-2015-4893 at SUSECVE-2015-4893 at NVDCVE-2015-4902 at SUSECVE-2015-4902 at NVDCVE-2015-4903 at SUSECVE-2015-4903 at NVDCVE-2015-4911 at SUSECVE-2015-4911 at NVDCVE-2015-5006 at SUSECVE-2015-5006 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for java-1_7_0-ibm fixes the following issues by updating to 7.0-9.30 (bsc#963937):
- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances
- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials
- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information
- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact
- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information
- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service
- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact
- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact
The following bugs were fixed:
- bsc#960402: resolve package conflicts in devel package
ImportantSUSE bug 960402SUSE bug 963937CVE-2015-5041 at SUSECVE-2015-5041 at NVDCVE-2015-7575 at SUSECVE-2015-7575 at NVDCVE-2015-7981 at SUSECVE-2015-7981 at NVDCVE-2015-8126 at SUSECVE-2015-8126 at NVDCVE-2015-8472 at SUSECVE-2015-8472 at NVDCVE-2015-8540 at SUSECVE-2015-8540 at NVDCVE-2016-0402 at SUSECVE-2016-0402 at NVDCVE-2016-0448 at SUSECVE-2016-0448 at NVDCVE-2016-0466 at SUSECVE-2016-0466 at NVDCVE-2016-0483 at SUSECVE-2016-0483 at NVDCVE-2016-0494 at SUSECVE-2016-0494 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This IBM Java 1.7.0 SR9 FP40 release fixes the following issues:
Security issues fixed:
- CVE-2016-0264: buffer overflow vulnerability in the IBM JVM (bsc#977648)
- CVE-2016-0363: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix (bsc#977650)
- CVE-2016-0376: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix (bsc#977646)
- The following CVEs got also fixed during this update. (bsc#979252)
CVE-2016-3443, CVE-2016-0687, CVE-2016-0686, CVE-2016-3427, CVE-2016-3449, CVE-2016-3422, CVE-2016-3426
ImportantSUSE bug 977646SUSE bug 977648SUSE bug 977650SUSE bug 979252CVE-2016-0264 at SUSECVE-2016-0264 at NVDCVE-2016-0363 at SUSECVE-2016-0363 at NVDCVE-2016-0376 at SUSECVE-2016-0376 at NVDCVE-2016-0686 at SUSECVE-2016-0686 at NVDCVE-2016-0687 at SUSECVE-2016-0687 at NVDCVE-2016-3422 at SUSECVE-2016-3422 at NVDCVE-2016-3426 at SUSECVE-2016-3426 at NVDCVE-2016-3427 at SUSECVE-2016-3427 at NVDCVE-2016-3443 at SUSECVE-2016-3443 at NVDCVE-2016-3449 at SUSECVE-2016-3449 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
IBM Java 7 was updated to 7.1-9.50, fixing bugs and security issues (bsc#992537).
Security issues fixed:
CVE-2016-3485 CVE-2016-3511 CVE-2016-3598
Please see https://www.ibm.com/developerworks/java/jdk/alerts/ for more information.
ImportantSUSE bug 992537CVE-2016-3485 at SUSECVE-2016-3485 at NVDCVE-2016-3511 at SUSECVE-2016-3511 at NVDCVE-2016-3598 at SUSECVE-2016-3598 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for java-1_7_0-ibm fixes the following issues:
- Version update to 7.0-9.60 (bsc#1009280, bsc#992537) fixing the following CVE's:
CVE-2016-5568, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597, CVE-2016-5554,
CVE-2016-5542
ImportantSUSE bug 1009280SUSE bug 992537CVE-2016-5542 at SUSECVE-2016-5542 at NVDCVE-2016-5554 at SUSECVE-2016-5554 at NVDCVE-2016-5556 at SUSECVE-2016-5556 at NVDCVE-2016-5568 at SUSECVE-2016-5568 at NVDCVE-2016-5573 at SUSECVE-2016-5573 at NVDCVE-2016-5597 at SUSECVE-2016-5597 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for kdelibs4SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This kdelibs4 update fixes several security issues related to
khtml/konqueror.
* Fix security issues and null pointer references in khtml/konqueror
(bnc#787520) (CVE-2012-4512, CVE-2012-4513, CVE-2012-4515)
Security Issue references:
* CVE-2012-4512
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4512>
* CVE-2012-4513
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4513>
* CVE-2012-4515
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4515>
SUSE bug 617423SUSE bug 758017SUSE bug 787520SUSE bug 807314SUSE bug 809065CVE-2012-4512 at SUSECVE-2012-4512 at NVDCVE-2012-4513 at SUSECVE-2012-4513 at NVDCVE-2012-4515 at SUSECVE-2012-4515 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for Linux kernelSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
The SUSE Linux Enterprise 11 Service Pack 2 kernel was updated to fix a
regression introduced by the previous update:
* scsi_dh_alua: Incorrect reference counting in the SCSI ALUA
initialization code lead to system crashes on boot (bnc#858831).
As the update introducing the regression was marked security, this is also
marked security even though this bug is not security relevant.
SUSE bug 556135SUSE bug 578046SUSE bug 624072SUSE bug 651219SUSE bug 676204SUSE bug 688996SUSE bug 698102SUSE bug 703156SUSE bug 704280SUSE bug 705551SUSE bug 708296SUSE bug 708836SUSE bug 713148SUSE bug 714604SUSE bug 715635SUSE bug 716850SUSE bug 716971SUSE bug 718521SUSE bug 718863SUSE bug 718910SUSE bug 718918SUSE bug 720946SUSE bug 721587SUSE bug 721857SUSE bug 722398SUSE bug 722560SUSE bug 723776SUSE bug 725152SUSE bug 725355SUSE bug 725592SUSE bug 728840SUSE bug 729247SUSE bug 729854SUSE bug 730117SUSE bug 730118SUSE bug 730660SUSE bug 731035SUSE bug 731387SUSE bug 731739SUSE bug 732070SUSE bug 732296SUSE bug 732908SUSE bug 733761SUSE bug 734900SUSE bug 735909SUSE bug 736149SUSE bug 736255SUSE bug 736697SUSE bug 738210SUSE bug 738284SUSE bug 738528SUSE bug 738583SUSE bug 738597SUSE bug 738644SUSE bug 738679SUSE bug 739728SUSE bug 739837SUSE bug 740180SUSE bug 740291SUSE bug 741814SUSE bug 741824SUSE bug 742845SUSE bug 742871SUSE bug 743232SUSE bug 743579SUSE bug 744198SUSE bug 744314SUSE bug 744315SUSE bug 744392SUSE bug 744404SUSE bug 744655SUSE bug 744658SUSE bug 744692SUSE bug 744758SUSE bug 744795SUSE bug 745088SUSE bug 745400SUSE bug 745422SUSE bug 745424SUSE bug 745640SUSE bug 745741SUSE bug 745832SUSE bug 745867SUSE bug 745876SUSE bug 745929SUSE bug 746373SUSE bug 746454SUSE bug 746500SUSE bug 746509SUSE bug 746526SUSE bug 746579SUSE bug 746717SUSE bug 746883SUSE bug 746938SUSE bug 747071SUSE bug 747159SUSE bug 747404SUSE bug 747867SUSE bug 747878SUSE bug 747944SUSE bug 748112SUSE bug 748384SUSE bug 748456SUSE bug 748463SUSE bug 748629SUSE bug 748632SUSE bug 748806SUSE bug 748827SUSE bug 748854SUSE bug 748859SUSE bug 748862SUSE bug 748896SUSE bug 749049SUSE bug 749115SUSE bug 749291SUSE bug 749417SUSE bug 749543SUSE bug 749569SUSE bug 749651SUSE bug 749787SUSE bug 749980SUSE bug 750041SUSE bug 750079SUSE bug 750173SUSE bug 750402SUSE bug 750426SUSE bug 750459SUSE bug 750959SUSE bug 750995SUSE bug 751015SUSE bug 751171SUSE bug 751322SUSE bug 751550SUSE bug 751743SUSE bug 751885SUSE bug 751903SUSE bug 751916SUSE bug 752022SUSE bug 752067SUSE bug 752352SUSE bug 752408SUSE bug 752484SUSE bug 752544SUSE bug 752599SUSE bug 752634SUSE bug 752972SUSE bug 753172SUSE bug 753353SUSE bug 753371SUSE bug 753617SUSE bug 753698SUSE bug 754052SUSE bug 754085SUSE bug 754391SUSE bug 754428SUSE bug 754583SUSE bug 754670SUSE bug 754690SUSE bug 754898SUSE bug 754969SUSE bug 755178SUSE bug 755537SUSE bug 755546SUSE bug 755620SUSE bug 755758SUSE bug 755812SUSE bug 756050SUSE bug 756236SUSE bug 756276SUSE bug 756585SUSE bug 756821SUSE bug 756840SUSE bug 756940SUSE bug 757059SUSE bug 757077SUSE bug 757202SUSE bug 757205SUSE bug 757289SUSE bug 757315SUSE bug 757373SUSE bug 757517SUSE bug 757565SUSE bug 757719SUSE bug 757783SUSE bug 757789SUSE bug 757950SUSE bug 758040SUSE bug 758104SUSE bug 758243SUSE bug 758279SUSE bug 758532SUSE bug 758540SUSE bug 758703SUSE bug 758731SUSE bug 758813SUSE bug 758833SUSE bug 759336SUSE bug 759340SUSE bug 759539SUSE bug 759541SUSE bug 759545SUSE bug 759657SUSE bug 759805SUSE bug 759908SUSE bug 759971SUSE bug 760015SUSE bug 760237SUSE bug 760279SUSE bug 760346SUSE bug 760407SUSE bug 760806SUSE bug 760833SUSE bug 760974SUSE bug 761087SUSE bug 761158SUSE bug 761245SUSE bug 761387SUSE bug 761772SUSE bug 761774SUSE bug 761775SUSE bug 761849SUSE bug 762099SUSE bug 762158SUSE bug 762214SUSE bug 762259SUSE bug 762285SUSE bug 762329SUSE bug 762366SUSE bug 762414SUSE bug 762424SUSE bug 762693SUSE bug 762991SUSE bug 762992SUSE bug 763026SUSE bug 763198SUSE bug 763267SUSE bug 763307SUSE bug 763463SUSE bug 763485SUSE bug 763494SUSE bug 763628SUSE bug 763654SUSE bug 763717SUSE bug 763754SUSE bug 763858SUSE bug 763954SUSE bug 763968SUSE bug 764091SUSE bug 764150SUSE bug 764209SUSE bug 764339SUSE bug 764500SUSE bug 764900SUSE bug 765102SUSE bug 765253SUSE bug 765320SUSE bug 765523SUSE bug 765524SUSE bug 766027SUSE bug 766156SUSE bug 766410SUSE bug 766445SUSE bug 766654SUSE bug 766733SUSE bug 767281SUSE bug 767469SUSE bug 767610SUSE bug 767612SUSE bug 767684SUSE bug 767983SUSE bug 768052SUSE bug 768084SUSE bug 768470SUSE bug 768504SUSE bug 768632SUSE bug 769035SUSE bug 769195SUSE bug 769251SUSE bug 769407SUSE bug 769644SUSE bug 769685SUSE bug 769784SUSE bug 769896SUSE bug 770034SUSE bug 770238SUSE bug 770269SUSE bug 770695SUSE bug 770763SUSE bug 771102SUSE bug 771242SUSE bug 771361SUSE bug 771398SUSE bug 771428SUSE bug 771619SUSE bug 771706SUSE bug 771778SUSE bug 772407SUSE bug 772420SUSE bug 772427SUSE bug 772454SUSE bug 772473SUSE bug 772483SUSE bug 772566SUSE bug 772786SUSE bug 772831SUSE bug 772893SUSE bug 773006SUSE bug 773007SUSE bug 773251SUSE bug 773255SUSE bug 773267SUSE bug 773319SUSE bug 773320SUSE bug 773383SUSE bug 773406SUSE bug 773487SUSE bug 773577SUSE bug 773606SUSE bug 773688SUSE bug 773699SUSE bug 773831SUSE bug 773837SUSE bug 773878SUSE bug 774073SUSE bug 774285SUSE bug 774289SUSE bug 774500SUSE bug 774523SUSE bug 774612SUSE bug 774859SUSE bug 774902SUSE bug 774964SUSE bug 774973SUSE bug 775182SUSE bug 775373SUSE bug 775394SUSE bug 775577SUSE bug 775685SUSE bug 775984SUSE bug 776019SUSE bug 776044SUSE bug 776081SUSE bug 776095SUSE bug 776127SUSE bug 776144SUSE bug 776787SUSE bug 776896SUSE bug 777024SUSE bug 777269SUSE bug 777283SUSE bug 777616SUSE bug 777746SUSE bug 778082SUSE bug 778136SUSE bug 778334SUSE bug 778630SUSE bug 778822SUSE bug 779294SUSE bug 779330SUSE bug 779461SUSE bug 779462SUSE bug 779488SUSE bug 779577SUSE bug 779699SUSE bug 779750SUSE bug 779969SUSE bug 780008SUSE bug 780012SUSE bug 780216SUSE bug 780461SUSE bug 780876SUSE bug 780977SUSE bug 781018SUSE bug 781134SUSE bug 781327SUSE bug 781484SUSE bug 781574SUSE bug 782369SUSE bug 782721SUSE bug 783475SUSE bug 783515SUSE bug 783965SUSE bug 784192SUSE bug 784334SUSE bug 784576SUSE bug 785100SUSE bug 785496SUSE bug 785554SUSE bug 785851SUSE bug 785901SUSE bug 786013SUSE bug 786150SUSE bug 786814SUSE bug 786900SUSE bug 786976SUSE bug 787168SUSE bug 787202SUSE bug 787348SUSE bug 787576SUSE bug 787821SUSE bug 787843SUSE bug 787848SUSE bug 788277SUSE bug 788452SUSE bug 788590SUSE bug 788826SUSE bug 789010SUSE bug 789115SUSE bug 789235SUSE bug 789311SUSE bug 789359SUSE bug 789648SUSE bug 789703SUSE bug 789836SUSE bug 789993SUSE bug 790457SUSE bug 790498SUSE bug 790867SUSE bug 790920SUSE bug 790935SUSE bug 791498SUSE bug 791853SUSE bug 791904SUSE bug 792270SUSE bug 792500SUSE bug 792584SUSE bug 792656SUSE bug 792674SUSE bug 792793SUSE bug 792834SUSE bug 793104SUSE bug 793139SUSE bug 793593SUSE bug 793671SUSE bug 794231SUSE bug 794513SUSE bug 794529SUSE bug 794805SUSE bug 794824SUSE bug 795269SUSE bug 795354SUSE bug 795928SUSE bug 795957SUSE bug 795961SUSE bug 796412SUSE bug 796418SUSE bug 796823SUSE bug 797042SUSE bug 797175SUSE bug 797526SUSE bug 798050SUSE bug 798921SUSE bug 798960SUSE bug 799197SUSE bug 799209SUSE bug 799270SUSE bug 799275SUSE bug 799578SUSE bug 799909SUSE bug 799926SUSE bug 800280SUSE bug 800701SUSE bug 800907SUSE bug 801038SUSE bug 801178SUSE bug 801427SUSE bug 801713SUSE bug 801717SUSE bug 801720SUSE bug 801782SUSE bug 802153SUSE bug 802353SUSE bug 802445SUSE bug 802642SUSE bug 802712SUSE bug 803056SUSE bug 803067SUSE bug 803320SUSE bug 803394SUSE bug 803674SUSE bug 803712SUSE bug 804154SUSE bug 804220SUSE bug 804482SUSE bug 804609SUSE bug 804656SUSE bug 804950SUSE bug 805227SUSE bug 805371SUSE bug 805804SUSE bug 805823SUSE bug 805945SUSE bug 806138SUSE bug 806238SUSE bug 806395SUSE bug 806396SUSE bug 806404SUSE bug 806431SUSE bug 806466SUSE bug 806469SUSE bug 806492SUSE bug 806631SUSE bug 806825SUSE bug 806847SUSE bug 806908SUSE bug 806976SUSE bug 806980SUSE bug 806988SUSE bug 807431SUSE bug 807434SUSE bug 807471SUSE bug 807502SUSE bug 807517SUSE bug 807560SUSE bug 807853SUSE bug 808166SUSE bug 808307SUSE bug 808358SUSE bug 808647SUSE bug 808827SUSE bug 808829SUSE bug 808940SUSE bug 808966SUSE bug 808991SUSE bug 809122SUSE bug 809155SUSE bug 809166SUSE bug 809375SUSE bug 809493SUSE bug 809748SUSE bug 809895SUSE bug 809902SUSE bug 809903SUSE bug 810323SUSE bug 810473SUSE bug 810580SUSE bug 810624SUSE bug 810722SUSE bug 812281SUSE bug 812315SUSE bug 812526SUSE bug 812974SUSE bug 813245SUSE bug 813604SUSE bug 813733SUSE bug 813963SUSE bug 814336SUSE bug 814719SUSE bug 814788SUSE bug 815320SUSE bug 815356SUSE bug 815444SUSE bug 815745SUSE bug 816043SUSE bug 816099SUSE bug 816443SUSE bug 816451SUSE bug 816586SUSE bug 816668SUSE bug 816708SUSE bug 817010SUSE bug 817035SUSE bug 817339SUSE bug 817377SUSE bug 818053SUSE bug 818327SUSE bug 818371SUSE bug 818465SUSE bug 818514SUSE bug 818516SUSE bug 818545SUSE bug 818798SUSE bug 819295SUSE bug 819351SUSE bug 819363SUSE bug 819519SUSE bug 819523SUSE bug 819655SUSE bug 819789SUSE bug 819979SUSE bug 820102SUSE bug 820172SUSE bug 820338SUSE bug 820434SUSE bug 820848SUSE bug 821052SUSE bug 821235SUSE bug 821259SUSE bug 821465SUSE bug 821560SUSE bug 821930SUSE bug 821980SUSE bug 822066SUSE bug 822077SUSE bug 822431SUSE bug 822575SUSE bug 822722SUSE bug 822825SUSE bug 823082SUSE bug 823342SUSE bug 823497SUSE bug 823517SUSE bug 823618SUSE bug 824159SUSE bug 824295SUSE bug 824915SUSE bug 825048SUSE bug 825142SUSE bug 825227SUSE bug 825591SUSE bug 825657SUSE bug 825696SUSE bug 825887SUSE bug 825896SUSE bug 826102SUSE bug 826350SUSE bug 826602SUSE bug 826756SUSE bug 826960SUSE bug 827246SUSE bug 827372SUSE bug 827376SUSE bug 827378SUSE bug 827416SUSE bug 827749SUSE bug 827750SUSE bug 827767SUSE bug 828119SUSE bug 828192SUSE bug 828236SUSE bug 828574SUSE bug 828714SUSE bug 828894SUSE bug 829082SUSE bug 829357SUSE bug 829622SUSE bug 829682SUSE bug 830901SUSE bug 831029SUSE bug 831055SUSE bug 831058SUSE bug 831143SUSE bug 831168SUSE bug 831380SUSE bug 831410SUSE bug 831949SUSE bug 832292SUSE bug 833321SUSE bug 833588SUSE bug 833635SUSE bug 833820SUSE bug 833858SUSE bug 834204SUSE bug 834473SUSE bug 834600SUSE bug 834708SUSE bug 834808SUSE bug 834905SUSE bug 835074SUSE bug 835094SUSE bug 835186SUSE bug 835684SUSE bug 835839SUSE bug 835930SUSE bug 836218SUSE bug 836347SUSE bug 836718SUSE bug 836801SUSE bug 837372SUSE bug 837739SUSE bug 837803SUSE bug 838346SUSE bug 838448SUSE bug 838623SUSE bug 839407SUSE bug 840226SUSE bug 840830SUSE bug 841094SUSE bug 841402SUSE bug 841445SUSE bug 841498SUSE bug 842063SUSE bug 842239SUSE bug 842604SUSE bug 843185SUSE bug 843419SUSE bug 843429SUSE bug 843445SUSE bug 843642SUSE bug 843645SUSE bug 844513SUSE bug 845621SUSE bug 845729SUSE bug 846036SUSE bug 846404SUSE bug 846984SUSE bug 847261SUSE bug 847652SUSE bug 847672SUSE bug 848321SUSE bug 848336SUSE bug 848544SUSE bug 848652SUSE bug 849021SUSE bug 849029SUSE bug 849034SUSE bug 849364SUSE bug 849404SUSE bug 849675SUSE bug 849809SUSE bug 849848SUSE bug 849950SUSE bug 850640SUSE bug 851066SUSE bug 851101SUSE bug 851314SUSE bug 851426SUSE bug 852373SUSE bug 852488SUSE bug 852553SUSE bug 852558SUSE bug 852559SUSE bug 852624SUSE bug 852967SUSE bug 853050SUSE bug 853051SUSE bug 853052SUSE bug 853455SUSE bug 854025SUSE bug 854546SUSE bug 854634SUSE bug 854722SUSE bug 855037SUSE bug 855347SUSE bug 855885SUSE bug 856083SUSE bug 857499SUSE bug 857643SUSE bug 858280SUSE bug 858534SUSE bug 858604SUSE bug 858831SUSE bug 858869SUSE bug 858870SUSE bug 858872SUSE bug 862429SUSE bug 863300SUSE bug 863335SUSE bug 864025SUSE bug 864049SUSE bug 864464SUSE bug 864833SUSE bug 865307SUSE bug 865310SUSE bug 865330SUSE bug 865342SUSE bug 865442SUSE bug 865783SUSE bug 866102SUSE bug 866911SUSE bug 867531SUSE bug 867723SUSE bug 867953SUSE bug 868528SUSE bug 868653SUSE bug 869033SUSE bug 869563SUSE bug 870161SUSE bug 870173SUSE bug 870576SUSE bug 870801SUSE bug 871325SUSE bug 871561SUSE bug 871676SUSE bug 871797SUSE bug 871854SUSE bug 871861SUSE bug 872634SUSE bug 873061SUSE bug 873374SUSE bug 874108SUSE bug 875051SUSE bug 875690SUSE bug 875798SUSE bug 876102SUSE bug 876590SUSE bug 876633SUSE bug 877257SUSE bug 877775SUSE bug 878115SUSE bug 878509SUSE bug 879921SUSE bug 880484SUSE bug 880892SUSE bug 881051SUSE bug 882804SUSE bug 883096SUSE bug 883724SUSE bug 883795SUSE bug 883948SUSE bug 885422SUSE bug 885725SUSE bug 886474SUSE bug 887082SUSE bug 889173SUSE bug 889324SUSE bug 892490SUSE bug 892782SUSE bug 895680SUSE bug 896382SUSE bug 896390SUSE bug 896391SUSE bug 896392SUSE bug 897995SUSE bug 898693SUSE bug 899192SUSE bug 901885SUSE bug 902232SUSE bug 902346SUSE bug 902349SUSE bug 902351SUSE bug 902675SUSE bug 903640SUSE bug 904013SUSE bug 904700SUSE bug 905100SUSE bug 905312SUSE bug 905799SUSE bug 906586SUSE bug 907189SUSE bug 907338SUSE bug 907396SUSE bug 907818SUSE bug 909077SUSE bug 909078SUSE bug 910251SUSE bug 912654SUSE bug 912705SUSE bug 915335CVE-2011-1083 at SUSECVE-2011-1083 at NVDCVE-2011-2494 at SUSECVE-2011-2494 at NVDCVE-2011-4086 at SUSECVE-2011-4086 at NVDCVE-2011-4127 at SUSECVE-2011-4127 at NVDCVE-2011-4131 at SUSECVE-2011-4131 at NVDCVE-2011-4132 at SUSECVE-2011-4132 at NVDCVE-2012-0957 at SUSECVE-2012-0957 at NVDCVE-2012-1097 at SUSECVE-2012-1097 at NVDCVE-2012-1146 at SUSECVE-2012-1146 at NVDCVE-2012-1179 at SUSECVE-2012-1179 at NVDCVE-2012-1601 at SUSECVE-2012-1601 at NVDCVE-2012-2119 at SUSECVE-2012-2119 at NVDCVE-2012-2127 at SUSECVE-2012-2127 at NVDCVE-2012-2133 at SUSECVE-2012-2133 at NVDCVE-2012-2136 at SUSECVE-2012-2136 at NVDCVE-2012-2137 at SUSECVE-2012-2137 at NVDCVE-2012-2313 at SUSECVE-2012-2313 at NVDCVE-2012-2319 at SUSECVE-2012-2319 at NVDCVE-2012-2372 at SUSECVE-2012-2372 at NVDCVE-2012-2373 at SUSECVE-2012-2373 at NVDCVE-2012-2375 at SUSECVE-2012-2375 at NVDCVE-2012-2390 at SUSECVE-2012-2390 at NVDCVE-2012-2745 at SUSECVE-2012-2745 at NVDCVE-2012-3375 at SUSECVE-2012-3375 at NVDCVE-2012-3400 at SUSECVE-2012-3400 at NVDCVE-2012-3412 at SUSECVE-2012-3412 at NVDCVE-2012-3430 at SUSECVE-2012-3430 at NVDCVE-2012-4398 at SUSECVE-2012-4398 at NVDCVE-2012-4461 at SUSECVE-2012-4461 at NVDCVE-2012-4508 at SUSECVE-2012-4508 at NVDCVE-2012-4530 at SUSECVE-2012-4530 at NVDCVE-2012-4565 at SUSECVE-2012-4565 at NVDCVE-2012-5517 at SUSECVE-2012-5517 at NVDCVE-2012-6548 at SUSECVE-2012-6548 at NVDCVE-2012-6549 at SUSECVE-2012-6549 at NVDCVE-2013-0160 at SUSECVE-2013-0160 at NVDCVE-2013-0216 at SUSECVE-2013-0216 at NVDCVE-2013-0231 at SUSECVE-2013-0231 at NVDCVE-2013-0268 at SUSECVE-2013-0268 at NVDCVE-2013-0311 at SUSECVE-2013-0311 at NVDCVE-2013-0349 at SUSECVE-2013-0349 at NVDCVE-2013-0871 at SUSECVE-2013-0871 at NVDCVE-2013-0913 at SUSECVE-2013-0913 at NVDCVE-2013-0914 at SUSECVE-2013-0914 at NVDCVE-2013-1059 at SUSECVE-2013-1059 at NVDCVE-2013-1767 at SUSECVE-2013-1767 at NVDCVE-2013-1772 at SUSECVE-2013-1772 at NVDCVE-2013-1774 at SUSECVE-2013-1774 at NVDCVE-2013-1792 at SUSECVE-2013-1792 at NVDCVE-2013-1796 at SUSECVE-2013-1796 at NVDCVE-2013-1797 at SUSECVE-2013-1797 at NVDCVE-2013-1798 at SUSECVE-2013-1798 at NVDCVE-2013-1819 at SUSECVE-2013-1819 at NVDCVE-2013-1848 at SUSECVE-2013-1848 at NVDCVE-2013-1860 at SUSECVE-2013-1860 at NVDCVE-2013-1929 at SUSECVE-2013-1929 at NVDCVE-2013-1979 at SUSECVE-2013-1979 at NVDCVE-2013-2094 at SUSECVE-2013-2094 at NVDCVE-2013-2148 at SUSECVE-2013-2148 at NVDCVE-2013-2164 at SUSECVE-2013-2164 at NVDCVE-2013-2206 at SUSECVE-2013-2206 at NVDCVE-2013-2232 at SUSECVE-2013-2232 at NVDCVE-2013-2234 at SUSECVE-2013-2234 at NVDCVE-2013-2237 at SUSECVE-2013-2237 at NVDCVE-2013-2634 at SUSECVE-2013-2634 at NVDCVE-2013-2635 at SUSECVE-2013-2635 at NVDCVE-2013-2850 at SUSECVE-2013-2850 at NVDCVE-2013-2851 at SUSECVE-2013-2851 at NVDCVE-2013-2893 at SUSECVE-2013-2893 at NVDCVE-2013-2897 at SUSECVE-2013-2897 at NVDCVE-2013-2899 at SUSECVE-2013-2899 at NVDCVE-2013-2929 at SUSECVE-2013-2929 at NVDCVE-2013-3076 at SUSECVE-2013-3076 at NVDCVE-2013-3222 at SUSECVE-2013-3222 at NVDCVE-2013-3223 at SUSECVE-2013-3223 at NVDCVE-2013-3224 at SUSECVE-2013-3224 at NVDCVE-2013-3225 at SUSECVE-2013-3225 at NVDCVE-2013-3227 at SUSECVE-2013-3227 at NVDCVE-2013-3228 at SUSECVE-2013-3228 at NVDCVE-2013-3229 at SUSECVE-2013-3229 at NVDCVE-2013-3231 at SUSECVE-2013-3231 at NVDCVE-2013-3232 at SUSECVE-2013-3232 at NVDCVE-2013-3234 at SUSECVE-2013-3234 at NVDCVE-2013-3235 at SUSECVE-2013-3235 at NVDCVE-2013-4162 at SUSECVE-2013-4162 at NVDCVE-2013-4163 at SUSECVE-2013-4163 at NVDCVE-2013-4299 at SUSECVE-2013-4299 at NVDCVE-2013-4345 at SUSECVE-2013-4345 at NVDCVE-2013-4470 at SUSECVE-2013-4470 at NVDCVE-2013-4483 at SUSECVE-2013-4483 at NVDCVE-2013-4511 at SUSECVE-2013-4511 at NVDCVE-2013-4514 at SUSECVE-2013-4514 at NVDCVE-2013-4515 at SUSECVE-2013-4515 at NVDCVE-2013-4579 at SUSECVE-2013-4579 at NVDCVE-2013-4587 at SUSECVE-2013-4587 at NVDCVE-2013-4592 at SUSECVE-2013-4592 at NVDCVE-2013-6367 at SUSECVE-2013-6367 at NVDCVE-2013-6368 at SUSECVE-2013-6368 at NVDCVE-2013-6378 at SUSECVE-2013-6378 at NVDCVE-2013-6380 at SUSECVE-2013-6380 at NVDCVE-2013-6382 at SUSECVE-2013-6382 at NVDCVE-2013-6383 at SUSECVE-2013-6383 at NVDCVE-2013-6463 at SUSECVE-2013-6463 at NVDCVE-2013-6885 at SUSECVE-2013-6885 at NVDCVE-2013-7027 at SUSECVE-2013-7027 at NVDCVE-2013-7263 at SUSECVE-2013-7263 at NVDCVE-2013-7264 at SUSECVE-2013-7264 at NVDCVE-2013-7265 at SUSECVE-2013-7265 at NVDCVE-2013-7339 at SUSECVE-2013-7339 at NVDCVE-2014-0055 at SUSECVE-2014-0055 at NVDCVE-2014-0069 at SUSECVE-2014-0069 at NVDCVE-2014-0077 at SUSECVE-2014-0077 at NVDCVE-2014-0101 at SUSECVE-2014-0101 at NVDCVE-2014-0131 at SUSECVE-2014-0131 at NVDCVE-2014-0181 at SUSECVE-2014-0181 at NVDCVE-2014-0196 at SUSECVE-2014-0196 at NVDCVE-2014-1444 at SUSECVE-2014-1444 at NVDCVE-2014-1445 at SUSECVE-2014-1445 at NVDCVE-2014-1446 at SUSECVE-2014-1446 at NVDCVE-2014-1737 at SUSECVE-2014-1737 at NVDCVE-2014-1738 at SUSECVE-2014-1738 at NVDCVE-2014-1739 at SUSECVE-2014-1739 at NVDCVE-2014-1874 at SUSECVE-2014-1874 at NVDCVE-2014-2039 at SUSECVE-2014-2039 at NVDCVE-2014-2309 at SUSECVE-2014-2309 at NVDCVE-2014-2523 at SUSECVE-2014-2523 at NVDCVE-2014-2678 at SUSECVE-2014-2678 at NVDCVE-2014-2706 at SUSECVE-2014-2706 at NVDCVE-2014-2851 at SUSECVE-2014-2851 at NVDCVE-2014-3122 at SUSECVE-2014-3122 at NVDCVE-2014-3144 at SUSECVE-2014-3144 at NVDCVE-2014-3145 at SUSECVE-2014-3145 at NVDCVE-2014-3153 at SUSECVE-2014-3153 at NVDCVE-2014-3181 at SUSECVE-2014-3181 at NVDCVE-2014-3184 at SUSECVE-2014-3184 at NVDCVE-2014-3185 at SUSECVE-2014-3185 at NVDCVE-2014-3186 at SUSECVE-2014-3186 at NVDCVE-2014-3601 at SUSECVE-2014-3601 at NVDCVE-2014-3610 at SUSECVE-2014-3610 at NVDCVE-2014-3646 at SUSECVE-2014-3646 at NVDCVE-2014-3647 at SUSECVE-2014-3647 at NVDCVE-2014-3673 at SUSECVE-2014-3673 at NVDCVE-2014-3687 at SUSECVE-2014-3687 at NVDCVE-2014-3688 at SUSECVE-2014-3688 at NVDCVE-2014-3690 at SUSECVE-2014-3690 at NVDCVE-2014-3917 at SUSECVE-2014-3917 at NVDCVE-2014-4508 at SUSECVE-2014-4508 at NVDCVE-2014-4608 at SUSECVE-2014-4608 at NVDCVE-2014-4652 at SUSECVE-2014-4652 at NVDCVE-2014-4653 at SUSECVE-2014-4653 at NVDCVE-2014-4654 at SUSECVE-2014-4654 at NVDCVE-2014-4655 at SUSECVE-2014-4655 at NVDCVE-2014-4656 at SUSECVE-2014-4656 at NVDCVE-2014-4667 at SUSECVE-2014-4667 at NVDCVE-2014-4699 at SUSECVE-2014-4699 at NVDCVE-2014-4943 at SUSECVE-2014-4943 at NVDCVE-2014-5077 at SUSECVE-2014-5077 at NVDCVE-2014-5471 at SUSECVE-2014-5471 at NVDCVE-2014-5472 at SUSECVE-2014-5472 at NVDCVE-2014-7826 at SUSECVE-2014-7826 at NVDCVE-2014-7841 at SUSECVE-2014-7841 at NVDCVE-2014-7842 at SUSECVE-2014-7842 at NVDCVE-2014-8133 at SUSECVE-2014-8133 at NVDCVE-2014-8134 at SUSECVE-2014-8134 at NVDCVE-2014-8369 at SUSECVE-2014-8369 at NVDCVE-2014-8559 at SUSECVE-2014-8559 at NVDCVE-2014-8709 at SUSECVE-2014-8709 at NVDCVE-2014-9090 at SUSECVE-2014-9090 at NVDCVE-2014-9322 at SUSECVE-2014-9322 at NVDCVE-2014-9584 at SUSECVE-2014-9584 at NVDCVE-2014-9585 at SUSECVE-2014-9585 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
The SUSE Linux Enterprise 11 SP 2 kernel was updated to fix two security issues.
The following security bugs were fixed:
- CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg* or /dev/bsg* to elevate their privileges (bsc#1013604).
- CVE-2016-9794: A use-after-free vulnerability in the ALSA pcm layer allowed local users to cause a denial of service, memory corruption or possibly even to elevate their privileges (bsc#1013533).
ImportantSUSE bug 1013533SUSE bug 1013604CVE-2016-9576 at SUSECVE-2016-9576 at NVDCVE-2016-9794 at SUSECVE-2016-9794 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
The SUSE Linux Enterprise 11 SP2 LTSS kernel was updated to receive various security and bugfixes.
This is the last planned LTSS kernel update for the SUSE Linux Enterprise Server 11 SP2 LTSS.
The following security bugs were fixed:
- CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bnc#1017710).
- CVE-2004-0230: TCP, when using a large Window Size, made it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP (bnc#969340).
- CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831).
- CVE-2016-8399: An out of bounds read in the ping protocol handler could have lead to information disclosure (bsc#1014746).
- CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531).
- CVE-2012-6704: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option (bnc#1013542).
- CVE-2016-9756: arch/x86/kvm/emulate.c in the Linux kernel did not properly initialize Code Segment (CS) in certain error cases, which allowed local users to obtain sensitive information from kernel stack memory via a crafted application (bnc#1013038).
- CVE-2016-3841: The IPv6 stack in the Linux kernel mishandled options data, which allowed local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call (bnc#992566).
- CVE-2016-9685: Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel allowed local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations (bnc#1012832).
- CVE-2015-1350: The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecified removing extended privilege attributes, which allowed local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program (bnc#914939).
- CVE-2015-8962: Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call (bnc#1010501).
- CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacked chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685).
- CVE-2016-7910: Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel allowed local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed (bnc#1010716).
- CVE-2016-7911: Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call (bnc#1010711).
- CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a tty data structure (bnc#1010507).
- CVE-2016-7916: Race condition in the environ_read function in fs/proc/base.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete (bnc#1010467).
- CVE-2016-8646: The hash_accept function in crypto/algif_hash.c in the Linux kernel allowed local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data (bnc#1010150).
- CVE-2016-8633: drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allowed remote attackers to execute arbitrary code via crafted fragmented packets (bnc#1008833).
- CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in the Linux kernel used an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bnc#1004517).
- CVE-2016-7097: The filesystem implementation in the Linux kernel preserves the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions (bnc#995968).
- CVE-2017-5551: The filesystem implementation in the Linux kernel preserves the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. This CVE tracks the fix for the tmpfs filesystem. (bsc#1021258).
- CVE-2015-8956: The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel allowed local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket (bnc#1003925).
- CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077).
- CVE-2016-0823: The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel allowed local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721 (bnc#994759).
- CVE-2016-7425: The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel did not restrict a certain length field, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code (bnc#999932).
- CVE-2016-6828: The tcp_check_send_head function in include/net/tcp.h in the Linux kernel did not properly maintain certain SACK state after a failed data copy, which allowed local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option (bnc#994296).
- CVE-2016-6480: Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a 'double fetch' vulnerability (bnc#991608).
- CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary (bsc#986365).
- CVE-2015-7513: arch/x86/kvm/x86.c in the Linux kernel did not reset the PIT counter values during state restoration, which allowed guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions (bnc#960689).
- CVE-2013-4312: The Linux kernel allowed local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c (bnc#839104).
- CVE-2016-4997: The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362).
- CVE-2016-5829: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call (bnc#986572).
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bnc#984755).
- CVE-2016-5244: The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel did not initialize a certain structure member, which allowed remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message (bnc#983213).
- CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bnc#983143).
- CVE-2016-4913: The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel mishandled NM (aka alternate name) entries containing \0 characters, which allowed local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem (bnc#980725).
- CVE-2016-4580: The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel did not properly initialize a certain data structure, which allowed attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request (bnc#981267).
- CVE-2016-4805: Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions (bnc#980371).
- CVE-2015-7833: The usbvision driver in the Linux kernel allowed physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor (bnc#950998).
- CVE-2016-2187: The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971944).
- CVE-2016-4482: The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call (bnc#978401).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bnc#979548).
- CVE-2016-4485: The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel did not initialize a certain data structure, which allowed attackers to obtain sensitive information from kernel stack memory by reading a message (bnc#978821).
- CVE-2016-4578: sound/core/timer.c in the Linux kernel did not initialize certain r1 data structures, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions (bnc#979879).
- CVE-2016-4569: The snd_timer_user_params function in sound/core/timer.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface (bnc#979213).
The following non-security bugs were fixed:
- arch/powerpc: Remove duplicate/redundant Altivec entries (bsc#967716).
- cdc-acm: added sanity checking for probe() (bsc#993891).
- cgroups: do not attach task to subsystem if migration failed (bnc#979274).
- cgroups: more safe tasklist locking in cgroup_attach_proc (bnc#979274).
- dasd: fix hanging system after LCU changes (bnc#968500, LTC#136671).
- dasd: Fix unresumed device after suspend/resume (bnc#927287, LTC#123892).
- ipv4/fib: do not warn when primary address is missing if in_dev is dead (bsc#971360).
- kabi, unix: properly account for FDs passed over unix sockets (bnc#839104).
- kaweth: fix firmware download (bsc#993890).
- kaweth: fix oops upon failed memory allocation (bsc#993890).
- kvm: x86: SYSENTER emulation is broken (bsc#994618).
- mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED (VM Functionality, bnc#986445).
- mremap: enforce rmap src/dst vma ordering in case of vma_merge() succeeding in copy_vma() (VM Functionality, bsc#1008645).
- nfs4: reset states to use open_stateid when returning delegation voluntarily (bsc#1007944).
- nfs: Do not disconnect open-owner on NFS4ERR_BAD_SEQID (bsc#989261, bsc#1011482).
- nfs: do not do blind d_drop() in nfs_prime_dcache() (bnc#908069 bnc#896484 bsc#963053).
- nfs_prime_dcache needs fh to be set (bnc#908069 bnc#896484 bsc#963053).
- nfs: Refresh open-owner id when server says SEQID is bad (bsc#989261).
- nfsv4: Ensure that we do not drop a state owner more than once (bsc#979595).
- nfsv4: fix broken patch relating to v4 read delegations (bsc#956514, bsc#989261, bsc#979595, bsc#1011482).
- nfsv4: nfs4_proc_renew should be declared static (bnc#863873).
- nfsv4: OPEN must handle the NFS4ERR_IO return code correctly (bsc#979595).
- nfsv4: Recovery of recalled read delegations is broken (bsc#956514 bsc#1011482).
- nfsv4: The NFSv4.0 client must send RENEW calls if it holds a delegation (bnc#863873).
- powerpc: Add ability to build little endian kernels (bsc#967716).
- powerpc: Avoid load of static chain register when calling nested functions through a pointer on 64bit (bsc#967716).
- powerpc: Do not build assembly files with ABIv2 (bsc#967716).
- powerpc: Do not use ELFv2 ABI to build the kernel (bsc#967716).
- powerpc: dtc is required to build dtb files (bsc#967716).
- powerpc: Fix 64 bit builds with binutils 2.24 (bsc#967716).
- powerpc: Fix error when cross building TAGS & cscope (bsc#967716).
- powerpc: Make the vdso32 also build big-endian (bsc#967716).
- powerpc: Remove altivec fix for gcc versions before 4.0 (bsc#967716).
- powerpc: Remove buggy 9-year-old test for binutils < 2.12.1 (bsc#967716).
- powerpc: Require gcc 4.0 on 64-bit (bsc#967716).
- ppp: defer netns reference release for ppp channel (bsc#980371).
- qeth: delete napi struct when removing a qeth device (bnc#979915, LTC#143590).
- qeth: Fix crash on initial MTU size change (bnc#835175, LTC#96809).
- qeth: postpone freeing of qdio memory (bnc#874145, LTC#107873).
- rpm/kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)
- Revert 's390/mm: fix asce_bits handling with dynamic pagetable levels' This reverts commit 6e00b1d803fa2ab4b130e04b7fbcc99f0b5ecba8.
- rpm/config.sh: Set the release string to 0.7.<RELEASE> (bsc#997059)
- rpm/mkspec: Read a default release string from rpm/config.sh (bsc997059)
- s390/dasd: fix failfast for disconnected devices (bnc#958000, LTC#135138).
- s390/dasd: fix hanging device after clear subchannel (bnc#994436, LTC#144640).
- s390/dasd: fix kernel panic when alias is set offline (bnc#940966, LTC#128595).
- s390/dasd: fix list_del corruption after lcu changes (bnc#954984, LTC#133077).
- s390/mm: fix asce_bits handling with dynamic pagetable levels (bnc#979915, LTC#141456). Conflicts: series.conf
- s390/pageattr: do a single TLB flush for change_page_attr (bsc#1009443,LTC#148182).
- Set CONFIG_DEBUG_INFO=y and CONFIG_DEBUG_INFO_REDUCED=n on all platforms The specfile adjusts the config if necessary, but a new version of run_oldconfig.sh requires the settings to be present in the repository.
- usb: fix typo in wMaxPacketSize validation (bsc#991665).
- usb: validate wMaxPacketValue entries in endpoint descriptors (bnc#991665).
ImportantSUSE bug 1003077SUSE bug 1003925SUSE bug 1004517SUSE bug 1007944SUSE bug 1008645SUSE bug 1008831SUSE bug 1008833SUSE bug 1009443SUSE bug 1010150SUSE bug 1010467SUSE bug 1010501SUSE bug 1010507SUSE bug 1010711SUSE bug 1010716SUSE bug 1011482SUSE bug 1011685SUSE bug 1012422SUSE bug 1012832SUSE bug 1013038SUSE bug 1013531SUSE bug 1013542SUSE bug 1014746SUSE bug 1017710SUSE bug 1021258SUSE bug 835175SUSE bug 839104SUSE bug 863873SUSE bug 874145SUSE bug 896484SUSE bug 908069SUSE bug 914939SUSE bug 922947SUSE bug 927287SUSE bug 940966SUSE bug 950998SUSE bug 954984SUSE bug 956514SUSE bug 958000SUSE bug 960689SUSE bug 963053SUSE bug 967716SUSE bug 968500SUSE bug 969340SUSE bug 971360SUSE bug 971944SUSE bug 978401SUSE bug 978821SUSE bug 979213SUSE bug 979274SUSE bug 979548SUSE bug 979595SUSE bug 979879SUSE bug 979915SUSE bug 980363SUSE bug 980371SUSE bug 980725SUSE bug 981267SUSE bug 983143SUSE bug 983213SUSE bug 984755SUSE bug 986362SUSE bug 986365SUSE bug 986445SUSE bug 986572SUSE bug 989261SUSE bug 991608SUSE bug 991665SUSE bug 992566SUSE bug 993890SUSE bug 993891SUSE bug 994296SUSE bug 994436SUSE bug 994618SUSE bug 994759SUSE bug 995968SUSE bug 997059SUSE bug 999932CVE-2004-0230 at SUSECVE-2004-0230 at NVDCVE-2012-6704 at SUSECVE-2012-6704 at NVDCVE-2013-4312 at SUSECVE-2013-4312 at NVDCVE-2015-1350 at SUSECVE-2015-1350 at NVDCVE-2015-7513 at SUSECVE-2015-7513 at NVDCVE-2015-7833 at SUSECVE-2015-7833 at NVDCVE-2015-8956 at SUSECVE-2015-8956 at NVDCVE-2015-8962 at SUSECVE-2015-8962 at NVDCVE-2015-8964 at SUSECVE-2015-8964 at NVDCVE-2016-0823 at SUSECVE-2016-0823 at NVDCVE-2016-10088 at SUSECVE-2016-10088 at NVDCVE-2016-1583 at SUSECVE-2016-1583 at NVDCVE-2016-2187 at SUSECVE-2016-2187 at NVDCVE-2016-2189 at SUSECVE-2016-2189 at NVDCVE-2016-3841 at SUSECVE-2016-3841 at NVDCVE-2016-4470 at SUSECVE-2016-4470 at NVDCVE-2016-4482 at SUSECVE-2016-4482 at NVDCVE-2016-4485 at SUSECVE-2016-4485 at NVDCVE-2016-4565 at SUSECVE-2016-4565 at NVDCVE-2016-4569 at SUSECVE-2016-4569 at NVDCVE-2016-4578 at SUSECVE-2016-4578 at NVDCVE-2016-4580 at SUSECVE-2016-4580 at NVDCVE-2016-4805 at SUSECVE-2016-4805 at NVDCVE-2016-4913 at SUSECVE-2016-4913 at NVDCVE-2016-4997 at SUSECVE-2016-4997 at NVDCVE-2016-5244 at SUSECVE-2016-5244 at NVDCVE-2016-5829 at SUSECVE-2016-5829 at NVDCVE-2016-6480 at SUSECVE-2016-6480 at NVDCVE-2016-6828 at SUSECVE-2016-6828 at NVDCVE-2016-7042 at SUSECVE-2016-7042 at NVDCVE-2016-7097 at SUSECVE-2016-7097 at NVDCVE-2016-7117 at SUSECVE-2016-7117 at NVDCVE-2016-7425 at SUSECVE-2016-7425 at NVDCVE-2016-7910 at SUSECVE-2016-7910 at NVDCVE-2016-7911 at SUSECVE-2016-7911 at NVDCVE-2016-7916 at SUSECVE-2016-7916 at NVDCVE-2016-8399 at SUSECVE-2016-8399 at NVDCVE-2016-8632 at SUSECVE-2016-8632 at NVDCVE-2016-8633 at SUSECVE-2016-8633 at NVDCVE-2016-8646 at SUSECVE-2016-8646 at NVDCVE-2016-9555 at SUSECVE-2016-9555 at NVDCVE-2016-9685 at SUSECVE-2016-9685 at NVDCVE-2016-9756 at SUSECVE-2016-9756 at NVDCVE-2016-9793 at SUSECVE-2016-9793 at NVDCVE-2017-5551 at SUSECVE-2017-5551 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
The SUSE Linux Enterprise Server 11 SP2 LTSS kernel was updated to
receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2015-5707: An integer overflow in the SCSI generic driver could
be potentially used by local attackers to crash the kernel or execute
code.
- CVE-2015-2830: arch/x86/kernel/entry_64.S in the Linux kernel did
not prevent the TS_COMPAT flag from reaching a user-mode task, which
might have allowed local users to bypass the seccomp or audit protection
mechanism via a crafted application that uses the (1) fork or (2) close
system call, as demonstrated by an attack against seccomp before 3.16
(bnc#926240).
- CVE-2015-0777: drivers/xen/usbback/usbback.c in the Linux kernel
allowed guest OS users to obtain sensitive information from uninitialized
locations in host OS kernel memory via unspecified vectors (bnc#917830).
- CVE-2015-2150: Xen and the Linux kernel did not properly restrict access
to PCI command registers, which might have allowed local guest users to
cause a denial of service (non-maskable interrupt and host crash) by
disabling the (1) memory or (2) I/O decoding for a PCI Express device
and then accessing the device, which triggers an Unsupported Request
(UR) response (bnc#919463).
- CVE-2015-5364: A remote denial of service (hang) via UDP flood with
incorrect package checksums was fixed. (bsc#936831).
- CVE-2015-5366: A remote denial of service (unexpected error returns)
via UDP flood with incorrect package checksums was fixed. (bsc#936831).
- CVE-2015-1420: CVE-2015-1420: Race condition in the handle_to_path
function in fs/fhandle.c in the Linux kernel allowed local users to bypass
intended size restrictions and trigger read operations on additional
memory locations by changing the handle_bytes value of a file handle
during the execution of this function (bnc#915517).
- CVE-2015-4700: A local user could have created a bad instruction in
the JIT processed BPF code, leading to a kernel crash (bnc#935705).
- CVE-2015-1805: The (1) pipe_read and (2) pipe_write implementations in
fs/pipe.c in the Linux kernel did not properly consider the side effects
of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls,
which allowed local users to cause a denial of service (system crash)
or possibly gain privileges via a crafted application, aka an 'I/O vector
array overrun' (bnc#933429).
- CVE-2015-3331: The __driver_rfc4106_decrypt function in
arch/x86/crypto/aesni-intel_glue.c in the Linux kernel did not properly
determine the memory locations used for encrypted data, which allowed
context-dependent attackers to cause a denial of service (buffer overflow
and system crash) or possibly execute arbitrary code by triggering a
crypto API call, as demonstrated by use of a libkcapi test program with
an AF_ALG(aead) socket (bnc#927257).
- CVE-2015-2922: The ndisc_router_discovery function in net/ipv6/ndisc.c
in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack
in the Linux kernel allowed remote attackers to reconfigure a hop-limit
setting via a small hop_limit value in a Router Advertisement (RA)
message (bnc#922583).
- CVE-2015-2041: net/llc/sysctl_net_llc.c in the Linux kernel used an
incorrect data type in a sysctl table, which allowed local users to
obtain potentially sensitive information from kernel memory or possibly
have unspecified other impact by accessing a sysctl entry (bnc#919007).
- CVE-2015-3636: The ping_unhash function in net/ipv4/ping.c in the
Linux kernel did not initialize a certain list data structure during an
unhash operation, which allowed local users to gain privileges or cause
a denial of service (use-after-free and system crash) by leveraging the
ability to make a SOCK_DGRAM socket system call for the IPPROTO_ICMP or
IPPROTO_ICMPV6 protocol, and then making a connect system call after a
disconnect (bnc#929525).
- CVE-2014-8086: Race condition in the ext4_file_write_iter function
in fs/ext4/file.c in the Linux kernel allowed local users to cause a
denial of service (file unavailability) via a combination of a write
action and an F_SETFL fcntl operation for the O_DIRECT flag (bnc#900881).
- CVE-2014-8159: The InfiniBand (IB) implementation in the Linux kernel
did not properly restrict use of User Verbs for registration of memory
regions, which allowed local users to access arbitrary physical memory
locations, and consequently cause a denial of service (system crash)
or gain privileges, by leveraging permissions on a uverbs device under
/dev/infiniband/ (bnc#914742).
- CVE-2014-9683: Off-by-one error in the ecryptfs_decode_from_filename
function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux
kernel allowed local users to cause a denial of service (buffer overflow
and system crash) or possibly gain privileges via a crafted filename
(bnc#918333).
- CVE-2015-2042: net/rds/sysctl.c in the Linux kernel used an incorrect
data type in a sysctl table, which allowed local users to obtain
potentially sensitive information from kernel memory or possibly have
unspecified other impact by accessing a sysctl entry (bnc#919018).
- CVE-2015-1421: Use-after-free vulnerability in the sctp_assoc_update
function in net/sctp/associola.c in the Linux kernel allowed remote
attackers to cause a denial of service (slab corruption and panic) or
possibly have unspecified other impact by triggering an INIT collision
that leads to improper handling of shared-key data (bnc#915577).
The following non-security bugs were fixed:
- HID: add ALWAYS_POLL quirk for a Logitech 0xc007 (bnc#931474).
- HID: add HP OEM mouse to quirk ALWAYS_POLL (bnc#931474).
- HID: add quirk for PIXART OEM mouse used by HP (bnc#931474).
- HID: usbhid: add always-poll quirk (bnc#931474).
- HID: usbhid: add another mouse that needs QUIRK_ALWAYS_POLL (bnc#931474).
- HID: usbhid: enable always-poll quirk for Elan Touchscreen 009b (bnc#931474).
- HID: usbhid: enable always-poll quirk for Elan Touchscreen 0103 (bnc#931474).
- HID: usbhid: enable always-poll quirk for Elan Touchscreen 016f (bnc#931474).
- HID: usbhid: enable always-poll quirk for Elan Touchscreen.
- HID: usbhid: fix PIXART optical mouse (bnc#931474).
- HID: usbhid: more mice with ALWAYS_POLL (bnc#931474).
- HID: usbhid: yet another mouse with ALWAYS_POLL (bnc#931474).
- bnx2x: Fix kdump when iommu=on (bug#921769).
- cifs: fix use-after-free bug in find_writable_file (bnc#909477).
- coredump: ensure the fpu state is flushed for proper multi-threaded core dump (bsc#904671, bsc#929360).
- dm: fixed that LVM merge snapshot of root logical volume were not working (bsc#928801)
- deal with deadlock in d_walk fix (bnc#929148, bnc#929283).
- e1000: do not enable dma receives until after dma address has been setup (bsc#821931).
- fsnotify: Fix handling of renames in audit (bnc#915200).
- inet: add a redirect generation id in inetpeer (bnc#860593).
- inetpeer: initialize ->redirect_genid in inet_getpeer() (bnc#860593).
- kabi: hide bnc#860593 changes of struct inetpeer_addr_base (bnc#860593).
- kernel: fix data corruption when reading /proc/sysinfo (bsc#891087, bsc#937986, LTC#114480).
- libata: prevent HSM state change race between ISR and PIO (bsc#923245).
- time, ntp: Do not update time_state in middle of leap second (bsc#912916).
- s390-3215-tty-close-crash.patch: kernel: 3215 tty close crash (bsc#916010, LTC#120873).
- s390-3215-tty-close-race.patch: kernel: 3215 console crash (bsc#916010, LTC#94302).
- s390-3215-tty-hang.patch: Renamed from patches.arch/s390-tty-hang.patch.
- s390-3215-tty-hang.patch: Update references (bnc#898693, bnc#897995, LTC#114562).
- s390-dasd-retry-partition-detection.patch: s390/dasd: retry partition detection (bsc#916010, LTC#94302).
- s390-dasd-retry-partition-detection.patch: Update references (bsc#916010, LTC#120565).
- s390-sclp-tty-refcount.patch: kernel: sclp console tty reference counting (bsc#916010, LTC#115466).
- scsi: vmw_pvscsi: Fix pvscsi_abort() function (bnc#940398 bsc#930934).
- scsi/sg: sg_start_req(): make sure that there is not too many elements in iovec (bsc#940338).
- x86, xsave: remove thread_has_fpu() bug check in __sanitize_i387_state() (bsc#904671, bsc#929360).
- x86-mm-send-tlb-flush-ipis-to-online-cpus-only.patch: x86, mm: Send tlb flush IPIs to online cpus only (bnc#798406).
- x86/mm: Improve AMD Bulldozer ASLR workaround (bsc#937032).
- x86/reboot: Fix a warning message triggered by stop_other_cpus() (bnc#930284).
- xen: Correctly re-enable interrupts in xen_spin_wait() (bsc#879878, bsc#908870).
- xfs: prevent deadlock trying to cover an active log (bsc#917093).
ImportantSUSE bug 798406SUSE bug 821931SUSE bug 860593SUSE bug 879878SUSE bug 891087SUSE bug 897995SUSE bug 898693SUSE bug 900881SUSE bug 904671SUSE bug 908870SUSE bug 909477SUSE bug 912916SUSE bug 914742SUSE bug 915200SUSE bug 915517SUSE bug 915577SUSE bug 916010SUSE bug 917093SUSE bug 917830SUSE bug 918333SUSE bug 919007SUSE bug 919018SUSE bug 919463SUSE bug 921769SUSE bug 922583SUSE bug 923245SUSE bug 926240SUSE bug 927257SUSE bug 928801SUSE bug 929148SUSE bug 929283SUSE bug 929360SUSE bug 929525SUSE bug 930284SUSE bug 930934SUSE bug 931474SUSE bug 933429SUSE bug 935705SUSE bug 936831SUSE bug 937032SUSE bug 937986SUSE bug 940338SUSE bug 940398CVE-2014-8086 at SUSECVE-2014-8086 at NVDCVE-2014-8159 at SUSECVE-2014-8159 at NVDCVE-2014-9683 at SUSECVE-2014-9683 at NVDCVE-2015-0777 at SUSECVE-2015-0777 at NVDCVE-2015-1420 at SUSECVE-2015-1420 at NVDCVE-2015-1421 at SUSECVE-2015-1421 at NVDCVE-2015-1805 at SUSECVE-2015-1805 at NVDCVE-2015-2041 at SUSECVE-2015-2041 at NVDCVE-2015-2042 at SUSECVE-2015-2042 at NVDCVE-2015-2150 at SUSECVE-2015-2150 at NVDCVE-2015-2830 at SUSECVE-2015-2830 at NVDCVE-2015-2922 at SUSECVE-2015-2922 at NVDCVE-2015-3331 at SUSECVE-2015-3331 at NVDCVE-2015-3636 at SUSECVE-2015-3636 at NVDCVE-2015-4700 at SUSECVE-2015-4700 at NVDCVE-2015-5364 at SUSECVE-2015-5364 at NVDCVE-2015-5366 at SUSECVE-2015-5366 at NVDCVE-2015-5707 at SUSECVE-2015-5707 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
The SUSE Linux Enterprise 11 SP2 kernel was updated to receive various security and bug fixes.
The following security bugs were fixed:
- CVE-2016-4486: Fixed 4 byte information leak in net/core/rtnetlink.c (bsc#978822).
- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bnc#971126).
- CVE-2016-2847: fs/pipe.c in the Linux kernel did not limit the amount of unread data in pipes, which allowed local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes (bnc#970948).
- CVE-2016-2188: The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970956).
- CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor (bnc#970911).
- CVE-2016-3137: drivers/usb/serial/cypress_m8.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions (bnc#970970).
- CVE-2016-3140: The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970892).
- CVE-2016-2186: The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970958).
- CVE-2016-2185: The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971124).
- CVE-2016-3156: The IPv4 implementation in the Linux kernel mishandles destruction of device objects, which allowed guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses (bnc#971360).
- CVE-2016-2184: The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971125).
- CVE-2016-3139: The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970909).
- CVE-2016-2143: The fork implementation in the Linux kernel on s390 platforms mishandled the case of four page-table levels, which allowed local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h (bnc#970504).
- CVE-2016-2782: The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint (bnc#968670).
- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bnc#968010).
- CVE-2015-7566: The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint (bnc#961512).
- CVE-2016-2549: sound/core/hrtimer.c in the Linux kernel did not prevent recursive callback access, which allowed local users to cause a denial of service (deadlock) via a crafted ioctl call (bnc#968013).
- CVE-2016-2547: sound/core/timer.c in the Linux kernel employed a locking approach that did not consider slave timer instances, which allowed local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call (bnc#968011).
- CVE-2016-2548: sound/core/timer.c in the Linux kernel retained certain linked lists after a close or stop action, which allowed local users to cause a denial of service (system crash) via a crafted ioctl call, related to the (1) snd_timer_close and (2) _snd_timer_stop functions (bnc#968012).
- CVE-2016-2546: sound/core/timer.c in the Linux kernel used an incorrect type of mutex, which allowed local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call (bnc#967975).
- CVE-2016-2545: The snd_timer_interrupt function in sound/core/timer.c in the Linux kernel did not properly maintain a certain linked list, which allowed local users to cause a denial of service (race condition and system crash) via a crafted ioctl call (bnc#967974).
- CVE-2016-2544: Race condition in the queue_delete function in sound/core/seq/seq_queue.c in the Linux kernel allowed local users to cause a denial of service (use-after-free and system crash) by making an ioctl call at a certain time (bnc#967973).
- CVE-2016-2543: The snd_seq_ioctl_remove_events function in sound/core/seq/seq_clientmgr.c in the Linux kernel did not verify FIFO assignment before proceeding with FIFO clearing, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted ioctl call (bnc#967972).
- CVE-2016-2384: Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor (bnc#966693).
- CVE-2015-8812: drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel did not properly identify error conditions, which allowed remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets (bnc#966437).
- CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel allowed local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov (bnc#963765).
- CVE-2016-2069: Race condition in arch/x86/mm/tlb.c in the Linux kernel .4.1 allowed local users to gain privileges by triggering access to a paging structure by a different CPU (bnc#963767).
- CVE-2016-0723: Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call (bnc#961500).
- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bnc#955654).
- CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux kernel did not properly manage the relationship between a lock and a socket, which allowed local users to cause a denial of service (deadlock) via a crafted sctp_accept call (bnc#961509).
- CVE-2015-7515: The aiptek_probe function in drivers/input/tablet/aiptek.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device that lacks endpoints (bnc#956708).
- CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel did not validate attempted changes to the MTU value, which allowed context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU of an interface, as demonstrated by a Router Advertisement (RA) message that is not validated by a daemon, a different vulnerability than CVE-2015-0272 (bnc#955354).
- CVE-2015-7550: The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel did not properly use a semaphore, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls (bnc#958951).
- CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959190).
- CVE-2015-8575: The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel did not verify an address length, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application (bnc#959399).
- CVE-2015-8543: The networking implementation in the Linux kernel did not validate protocol identifiers for certain protocol families, which allowed local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application (bnc#958886).
- CVE-2015-8539: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and security/keys/user_defined.c (bnc#958463).
- CVE-2015-7509: fs/ext4/namei.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015 (bnc#956709).
- CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936).
- CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c (bnc#954404).
- CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c (bnc#953527).
- CVE-2015-7990: Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bnc#952384).
- CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (OOPS) via crafted keyctl commands (bnc#951440).
- CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bnc#945825).
- CVE-2015-6252: The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel allowed local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation (bnc#942367).
- CVE-2015-3339: Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel allowed local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped (bnc#928130).
The following non-security bugs were fixed:
- Fix handling of re-write-before-commit for mmapped NFS pages (bsc#964201).
- Fix lpfc_send_rscn_event allocation size claims bnc#935757
- Fix ntpd clock synchronization in Xen PV domains (bnc#816446).
- Fix vmalloc_fault oops during lazy MMU updates (bsc#948562).
- Make sure XPRT_CONNECTING gets cleared when needed (bsc#946309).
- SCSI: bfa: Fix to handle firmware tskim abort request response (bsc#972510).
- USB: usbip: fix potential out-of-bounds write (bnc#975945).
- af_unix: Guard against other == sk in unix_dgram_sendmsg (bsc#973570).
- dm-snap: avoid deadock on s->lock when a read is split (bsc#939826).
- mm/hugetlb: check for pte NULL pointer in __page_check_address() (bsc#977847).
- nf_conntrack: fix bsc#758540 kabi fix (bsc#946117).
- privcmd: allow preempting long running user-mode originating hypercalls (bnc#861093).
- s390/cio: collect format 1 channel-path description data (bsc#966460, bsc#966662).
- s390/cio: ensure consistent measurement state (bsc#966460, bsc#966662).
- s390/cio: fix measurement characteristics memleak (bsc#966460, bsc#966662).
- s390/cio: update measurement characteristics (bsc#966460, bsc#966662).
- xfs: Fix lost direct IO write in the last block (bsc#949744).
ImportantSUSE bug 816446SUSE bug 861093SUSE bug 928130SUSE bug 935757SUSE bug 939826SUSE bug 942367SUSE bug 945825SUSE bug 946117SUSE bug 946309SUSE bug 948562SUSE bug 949744SUSE bug 949936SUSE bug 951440SUSE bug 952384SUSE bug 953527SUSE bug 954404SUSE bug 955354SUSE bug 955654SUSE bug 956708SUSE bug 956709SUSE bug 958463SUSE bug 958886SUSE bug 958951SUSE bug 959190SUSE bug 959399SUSE bug 961500SUSE bug 961509SUSE bug 961512SUSE bug 963765SUSE bug 963767SUSE bug 964201SUSE bug 966437SUSE bug 966460SUSE bug 966662SUSE bug 966693SUSE bug 967972SUSE bug 967973SUSE bug 967974SUSE bug 967975SUSE bug 968010SUSE bug 968011SUSE bug 968012SUSE bug 968013SUSE bug 968670SUSE bug 970504SUSE bug 970892SUSE bug 970909SUSE bug 970911SUSE bug 970948SUSE bug 970956SUSE bug 970958SUSE bug 970970SUSE bug 971124SUSE bug 971125SUSE bug 971126SUSE bug 971360SUSE bug 972510SUSE bug 973570SUSE bug 975945SUSE bug 977847SUSE bug 978822CVE-2013-2015 at SUSECVE-2013-2015 at NVDCVE-2013-7446 at SUSECVE-2013-7446 at NVDCVE-2015-0272 at SUSECVE-2015-0272 at NVDCVE-2015-3339 at SUSECVE-2015-3339 at NVDCVE-2015-5307 at SUSECVE-2015-5307 at NVDCVE-2015-6252 at SUSECVE-2015-6252 at NVDCVE-2015-6937 at SUSECVE-2015-6937 at NVDCVE-2015-7509 at SUSECVE-2015-7509 at NVDCVE-2015-7515 at SUSECVE-2015-7515 at NVDCVE-2015-7550 at SUSECVE-2015-7550 at NVDCVE-2015-7566 at SUSECVE-2015-7566 at NVDCVE-2015-7799 at SUSECVE-2015-7799 at NVDCVE-2015-7872 at SUSECVE-2015-7872 at NVDCVE-2015-7990 at SUSECVE-2015-7990 at NVDCVE-2015-8104 at SUSECVE-2015-8104 at NVDCVE-2015-8215 at SUSECVE-2015-8215 at NVDCVE-2015-8539 at SUSECVE-2015-8539 at NVDCVE-2015-8543 at SUSECVE-2015-8543 at NVDCVE-2015-8569 at SUSECVE-2015-8569 at NVDCVE-2015-8575 at SUSECVE-2015-8575 at NVDCVE-2015-8767 at SUSECVE-2015-8767 at NVDCVE-2015-8785 at SUSECVE-2015-8785 at NVDCVE-2015-8812 at SUSECVE-2015-8812 at NVDCVE-2015-8816 at SUSECVE-2015-8816 at NVDCVE-2016-0723 at SUSECVE-2016-0723 at NVDCVE-2016-2069 at SUSECVE-2016-2069 at NVDCVE-2016-2143 at SUSECVE-2016-2143 at NVDCVE-2016-2184 at SUSECVE-2016-2184 at NVDCVE-2016-2185 at SUSECVE-2016-2185 at NVDCVE-2016-2186 at SUSECVE-2016-2186 at NVDCVE-2016-2188 at SUSECVE-2016-2188 at NVDCVE-2016-2384 at SUSECVE-2016-2384 at NVDCVE-2016-2543 at SUSECVE-2016-2543 at NVDCVE-2016-2544 at SUSECVE-2016-2544 at NVDCVE-2016-2545 at SUSECVE-2016-2545 at NVDCVE-2016-2546 at SUSECVE-2016-2546 at NVDCVE-2016-2547 at SUSECVE-2016-2547 at NVDCVE-2016-2548 at SUSECVE-2016-2548 at NVDCVE-2016-2549 at SUSECVE-2016-2549 at NVDCVE-2016-2782 at SUSECVE-2016-2782 at NVDCVE-2016-2847 at SUSECVE-2016-2847 at NVDCVE-2016-3134 at SUSECVE-2016-3134 at NVDCVE-2016-3137 at SUSECVE-2016-3137 at NVDCVE-2016-3138 at SUSECVE-2016-3138 at NVDCVE-2016-3139 at SUSECVE-2016-3139 at NVDCVE-2016-3140 at SUSECVE-2016-3140 at NVDCVE-2016-3156 at SUSECVE-2016-3156 at NVDCVE-2016-4486 at SUSECVE-2016-4486 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
The SUSE Linux Enterprise 11 SP2 LTSS kernel was updated to fix one security issue.
This security bug was fixed:
- CVE-2016-5195: Local privilege escalation using MAP_PRIVATE. It is reportedly exploited in the wild (bsc#1004418).
ImportantSUSE bug 1004418CVE-2016-5195 at SUSECVE-2016-5195 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for krb5SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update for krb5 fixes the following security issue:
* If a KDC serves multiple realms, certain requests could cause
setup_server_realm() to dereference a null pointer, crashing the KDC.
(CVE-2013-1418)
Security Issues:
* CVE-2013-1418
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1418>
SUSE bug 787272SUSE bug 806715SUSE bug 825985SUSE bug 849240CVE-2002-2443 at SUSECVE-2002-2443 at NVDCVE-2013-1415 at SUSECVE-2013-1415 at NVDCVE-2013-1418 at SUSECVE-2013-1418 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for KVMSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes a file permission issue with qga (the QEMU Guest Agent)
from the qemu/kvm package and includes several bug-fixes.
(bnc#818182) (CVE-2013-2007) (bnc#786813) (bnc#725008) (bnc#712137)
(bnc#824340)
Security Issues:
* CVE-2013-2007
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2007>
SUSE bug 709405SUSE bug 712137SUSE bug 722643SUSE bug 722958SUSE bug 724813SUSE bug 725008SUSE bug 747339SUSE bug 753313SUSE bug 757031SUSE bug 764526SUSE bug 770153SUSE bug 772586SUSE bug 777084SUSE bug 786813SUSE bug 818182SUSE bug 824340SUSE bug 834196SUSE bug 929339CVE-2012-2652 at SUSECVE-2012-2652 at NVDCVE-2012-3515 at SUSECVE-2012-3515 at NVDCVE-2013-2007 at SUSECVE-2013-2007 at NVDCVE-2015-3456 at SUSECVE-2015-3456 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
kvm was updated to fix two security issues.
The following vulnerabilities were fixed:
- CVE-2015-5154: Host code execution via IDE subsystem CD-ROM (bsc#938344).
- CVE-2015-3209: Fix buffer overflow in pcnet emulation (bsc#932770).
ImportantSUSE bug 932770SUSE bug 938344CVE-2015-3209 at SUSECVE-2015-3209 at NVDCVE-2015-5154 at SUSECVE-2015-5154 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for lcmsSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
The lcms userland utilities were updated to fix stack overflows.
* CVE-2013-4276: Multiple stack-based buffer overflows in LittleCMS
allowed remote attackers to cause a denial of service (crash) via a
crafted (1) ICC color profile to the icctrans utility or (2) TIFF
image to the tiffdiff utility.
Security Issues:
* CVE-2013-4276
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4276>
SUSE bug 843716CVE-2013-4276 at SUSECVE-2013-4276 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for SambaSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update of Samba fixes one security issue and several bugs.
The security fix is:
* Ensure that users cannot hand out their own privileges to everyone,
only administrators are allowed to do that. (CVE-2012-2111
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111> )
The non-security bug fixes merged from upstream Samba are:
* Fix default name resolve order. (docs-xml, bso#7564).
* Fix a segfault in vfs_aio_fork. (s3-aio-fork, bso#8836).
* Remove whitespace in example samba.ldif. (docs, bso#8789)
* Move print_backend_init() behind init_system_info(). (s3-smbd,
bso#8845)
* Prepend '/' to filename argument. (s3-docs, bso#8826)
SUSE bug 732395SUSE bug 732572SUSE bug 741854SUSE bug 743986SUSE bug 746825SUSE bug 747934SUSE bug 751454SUSE bug 752797SUSE bug 757080SUSE bug 757576CVE-2012-0817 at SUSECVE-2012-0817 at NVDCVE-2012-0870 at SUSECVE-2012-0870 at NVDCVE-2012-1182 at SUSECVE-2012-1182 at NVDCVE-2012-2111 at SUSECVE-2012-2111 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for libqt4SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
libqt4 has been updated to fix several security issues.
* An information disclosure via QSharedMemory was fixed which allowed
local attackers to read information (e.g. bitmap content) from the
attacked user (CVE-2013-0254).
* openssl-incompatibility-fix.diff: Fix wrong error reporting when
using a binary incompatible version of openSSL (bnc#797006,
CVE-2012-6093)
* Various compromised SSL root certificates were blacklisted.
Also a non-security bugfix has been applied:
* Add fix for qdbusviewer not matching args (bnc#784197)
Security Issue reference:
* CVE-2013-0254
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0254>
SUSE bug 779952SUSE bug 784197SUSE bug 797006SUSE bug 802634CVE-2012-4929 at SUSECVE-2012-4929 at NVDCVE-2013-0254 at SUSECVE-2013-0254 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for PostgreSQLSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update to version 9.1.9 fixes:
* CVE-2013-1899: Fix insecure parsing of server command-line switches.
* CVE-2013-1900: Reset OpenSSL randomness state in each postmaster
child process.
* CVE-2013-1901: Make REPLICATION privilege checks test current user
not authenticated user.
Security Issue references:
* CVE-2013-1899
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1899>
* CVE-2013-1900
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1900>
* CVE-2013-1901
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1901>
SUSE bug 802679SUSE bug 812525CVE-2013-0255 at SUSECVE-2013-0255 at NVDCVE-2013-1899 at SUSECVE-2013-1899 at NVDCVE-2013-1900 at SUSECVE-2013-1900 at NVDCVE-2013-1901 at SUSECVE-2013-1901 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for mozilla-nssSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
Mozilla NSS was updated to 3.16.5 to fix a RSA certificate forgery issue.
MFSA 2014-73 / CVE-2014-1568: Antoine Delignat-Lavaud, security researcher
at Inria Paris in team Prosecco, reported an issue in Network Security
Services (NSS) libraries affecting all versions. He discovered that NSS is
vulnerable to a variant of a signature forgery attack previously published
by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values
involved in a signature and could lead to the forging of RSA certificates.
The Advanced Threat Research team at Intel Security also independently
discovered and reported this issue.
Security Issues:
* CVE-2014-1568
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568>
SUSE bug 897890CVE-2014-1568 at SUSECVE-2014-1568 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for libgcryptSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update of libgcrypt mitigates the Yarom/Falkner flush+reload
side-channel attack on RSA secret keys (CVE-2013-4242).
Security Issue reference:
* CVE-2013-4242
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4242>
SUSE bug 831359CVE-2013-4242 at SUSECVE-2013-4242 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for liblzo2-2SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
lzo has been updated to fix a potential denial of service issue or possible
remote code execution by allowing an attacker, if the LZO decompression
algorithm is used in a threaded or kernel context, to corrupt memory
structures that control the flow of execution in other contexts.
(CVE-2014-4607)
Security Issues:
* CVE-2014-4607
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4607>
SUSE bug 883947CVE-2014-4607 at SUSECVE-2014-4607 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for MySQLSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
A stack-based buffer overflow in MySQL has been fixed that could have
caused a Denial of Service or potentially allowed the execution of
arbitrary code (CVE-2012-5611).
Security Issue references:
* CVE-2012-5615
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615>
* CVE-2012-5615
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615>
* CVE-2012-5613
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5613>
* CVE-2012-5612
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5612>
* CVE-2012-5611
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5611>
SUSE bug 792444SUSE bug 934789CVE-2012-5611 at SUSECVE-2012-5611 at NVDCVE-2012-5612 at SUSECVE-2012-5612 at NVDCVE-2012-5613 at SUSECVE-2012-5613 at NVDCVE-2012-5615 at SUSECVE-2012-5615 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for OpenSSLSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
OpenSSL has been updated to fix several security issues:
* CVE-2012-4929: Avoid the openssl CRIME attack by disabling SSL
compression by default. Setting the environment variable
'OPENSSL_NO_DEFAULT_ZLIB' to 'no' enables compression again.
* CVE-2013-0169: Timing attacks against TLS could be used by physically
local attackers to gain access to transmitted plain text or private
keymaterial. This issue is also known as the 'Lucky-13' issue.
* CVE-2013-0166: A OCSP invalid key denial of service issue was fixed.
Security Issue references:
* CVE-2013-0169
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169>
* CVE-2013-0166
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0166>
SUSE bug 779952SUSE bug 802648SUSE bug 802746SUSE bug 859228SUSE bug 859924SUSE bug 860332SUSE bug 862181SUSE bug 869945SUSE bug 870192SUSE bug 880891SUSE bug 890764SUSE bug 890767SUSE bug 890768SUSE bug 890769SUSE bug 890770SUSE bug 892403SUSE bug 901223SUSE bug 901277SUSE bug 912014SUSE bug 912015SUSE bug 912018SUSE bug 912293SUSE bug 912294SUSE bug 912296SUSE bug 915976SUSE bug 919648SUSE bug 920236SUSE bug 922488SUSE bug 922496SUSE bug 922499SUSE bug 922500SUSE bug 922501SUSE bug 929678SUSE bug 931698SUSE bug 933911SUSE bug 934487SUSE bug 934489SUSE bug 934491SUSE bug 934493CVE-2009-5146 at SUSECVE-2009-5146 at NVDCVE-2013-0166 at SUSECVE-2013-0166 at NVDCVE-2013-0169 at SUSECVE-2013-0169 at NVDCVE-2014-0076 at SUSECVE-2014-0076 at NVDCVE-2014-0221 at SUSECVE-2014-0221 at NVDCVE-2014-0224 at SUSECVE-2014-0224 at NVDCVE-2014-3470 at SUSECVE-2014-3470 at NVDCVE-2014-3505 at SUSECVE-2014-3505 at NVDCVE-2014-3506 at SUSECVE-2014-3506 at NVDCVE-2014-3507 at SUSECVE-2014-3507 at NVDCVE-2014-3508 at SUSECVE-2014-3508 at NVDCVE-2014-3510 at SUSECVE-2014-3510 at NVDCVE-2014-3513 at SUSECVE-2014-3513 at NVDCVE-2014-3566 at SUSECVE-2014-3566 at NVDCVE-2014-3567 at SUSECVE-2014-3567 at NVDCVE-2014-3568 at SUSECVE-2014-3568 at NVDCVE-2014-3570 at SUSECVE-2014-3570 at NVDCVE-2014-3571 at SUSECVE-2014-3571 at NVDCVE-2014-3572 at SUSECVE-2014-3572 at NVDCVE-2014-8275 at SUSECVE-2014-8275 at NVDCVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0205 at SUSECVE-2015-0205 at NVDCVE-2015-0209 at SUSECVE-2015-0209 at NVDCVE-2015-0286 at SUSECVE-2015-0286 at NVDCVE-2015-0287 at SUSECVE-2015-0287 at NVDCVE-2015-0288 at SUSECVE-2015-0288 at NVDCVE-2015-0289 at SUSECVE-2015-0289 at NVDCVE-2015-0292 at SUSECVE-2015-0292 at NVDCVE-2015-0293 at SUSECVE-2015-0293 at NVDCVE-2015-1788 at SUSECVE-2015-1788 at NVDCVE-2015-1789 at SUSECVE-2015-1789 at NVDCVE-2015-1790 at SUSECVE-2015-1790 at NVDCVE-2015-1791 at SUSECVE-2015-1791 at NVDCVE-2015-1792 at SUSECVE-2015-1792 at NVDCVE-2015-3216 at SUSECVE-2015-3216 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for libotrSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes various heap overflows in libotr. CVE-2012-3461 has been
assigned to this issue.
Security Issue reference:
* CVE-2012-3461
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3461>
SUSE bug 777468CVE-2012-3461 at SUSECVE-2012-3461 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for pcpSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
pcp was updated to version 3.6.10 which fixes security issues and also
brings a lot of new features.
*
Update to pcp-3.6.10.
o Transition daemons to run under an unprivileged account.
o Fixes for security advisory CVE-2012-5530: tmpfile flaws;
(bnc#782967).
o Fix pcp(1) command short-form pmlogger reporting.
o Fix pmdalogger error handling for directory files.
o Fix pmstat handling of odd corner case in CPU metrics.
o Correct the python ctype used for pmAtomValue 32bit ints.
o Add missing RPM spec dependency for python-ctypes.
o Corrections to pmdamysql metrics units.
o Add pmdamysql slave status metrics.
o Improve pmcollectl error messages.
o Parameterize pmcollectl CPU counts in interrupt subsys.
o Fix generic RPM packaging for powerpc builds.
o Fix python API use of reentrant libpcp string routines.
o Python code backporting for RHEL5 in qa and pmcollectl.
o Fix edge cases in capturing interrupt error counts.
*
Update to pcp-3.6.9.
o Python wrapper for the pmimport API
o Make sar2pcp work with the sysstat versions from RHEL5, RHEL6,
and all recent Fedora versions (which is almost all current
versions of sysstat verified).
o Added a number of additional metrics into the importer for
people starting to use it to analyse sar data from real
customer incidents.
o Rework use of C99 'restrict' keyword in pmdalogger (Debian bug:
689552)
o Alot of work on the PCP QA suite, special thanks to Tomas
Dohnalek for all his efforts there.
o Win32 build updates
o Add 'raw' disk active metrics so that existing tools like
iostat can be emulated
o Allow sar2pcp to accept XML input directly (.xml suffix),
allowing it to not have to run on the same platform as the
sadc/sadf that originally generated it.
o Add PMI error codes into the PCP::LogImport perl module.
o Fix a typo in pmiUnits man page synopsis section
o Resolve pmdalinux ordering issue in NUMA/CPU indom setup
(Redhat bug: 858384)
o Remove unused pmcollectl imports (Redhat bug: 863210)
o Allow event traces to be used in libpcp interpolate mode
*
Update to pcp-3.6.8.
o Corrects the disk/partition identification for the MMC driver,
which makes disk indom handling correct on the Raspberry Pi
(http://www.raspberrypi.org/)
o Several minor/basic fixes for pmdaoracle.
o Improve pmcollectl compatibility.
o Make a few clarifications to pmcollectl.1.
o Improve python API test coverage.
o Numerous updates to the test suite in general.
o Allow pmda Install scripts to specify own dso name again.
o Reconcile spec file differences between PCP flavours.
o Fix handling of multiple contexts with a remote namespace.
o Core socket interface abstractions to support NSS (later).
o Fix man page SYNOPSIS section for pmUnpackEventRecords.
o Add --disable-shared build option for static builds.
*
Update to pcp-3.6.6.
o Added the python PMAPI bindings and an initial python client in
pmcollectl. Separate, new package exists for python libs for
those platforms that split out packages (rpm, deb).
o Added a pcp-testsuite package for those platforms that might
want this (rpm, deb again, mainly)
o Re-introduced the pcp/qa subdirectory in pcp and deprecated the
external pcpqa git tree.
o Fix potential buffer overflow in pmlogger host name handling.
o Reworked the configure --prefix handling to be more like the
rest of the open source world.
o Ensure the __pmDecodeText ident parameter is always set
Resolves Red Hat bugzilla bug #841306.
Security Issue references:
* CVE-2012-3418
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3418>
* CVE-2012-3419
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3419>
* CVE-2012-3420
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3420>
* CVE-2012-3421
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3421>
SUSE bug 732763SUSE bug 775009SUSE bug 775010SUSE bug 775011SUSE bug 775013SUSE bug 782967CVE-2012-3418 at SUSECVE-2012-3418 at NVDCVE-2012-3419 at SUSECVE-2012-3419 at NVDCVE-2012-3420 at SUSECVE-2012-3420 at NVDCVE-2012-3421 at SUSECVE-2012-3421 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for pixmanSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes the following security issue with pixman:
* Integer underflow when handling trapezoids. (bnc#853824,
CVE-2013-6425)
Security Issues:
* CVE-2013-6425
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6425>
SUSE bug 853824CVE-2013-6425 at SUSECVE-2013-6425 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for popplerSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update of poppler fixes the following vulnerabilities:
* CVE-2013-1788: Various invalid memory issues could be used by
attackers supplying PDFs to crash the PDF viewer or potentially
execute code.
* CVE-2013-1789: A crash in poppler could be used by attackers
providing PDFs to crash the PDF viewer.
* CVE-2013-1790: An uninitialized memory read could be used by
attackers providing PDFs to crash the PDF viewer.
Security Issue references:
* CVE-2013-1788
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1788>
* CVE-2013-1789
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1789>
* CVE-2013-1790
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1790>
SUSE bug 806793CVE-2013-1788 at SUSECVE-2013-1788 at NVDCVE-2013-1789 at SUSECVE-2013-1789 at NVDCVE-2013-1790 at SUSECVE-2013-1790 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for libproxySUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update for libproxy fixes a heap-based buffer overflow that could have
allowed remote servers to have an unspecified impact via a crafted
Content-Length size in an HTTP response header for a proxy.pac file request
(CVE-2012-4505).
Additionally, it fixes parsing of the $no_proxy environment variable when
it contains more than one URL separated by white-spaces.
Security Issue reference:
* CVE-2012-4505
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4505>
SUSE bug 761626SUSE bug 784523CVE-2012-4505 at SUSECVE-2012-4505 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Recommended update for libsoupSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update of libsoup disables the previously enabled SSL certificate
checking, potentially allowing Man in the Middle attacks. This was
necessary as a many customers still use self-signed certificate setups and
necessary user interface changes are too intrusive.
SUSE bug 758431SUSE bug 771609CVE-2012-2132 at SUSECVE-2012-2132 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for libtiffSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This tiff update fixes several security issues.
* bnc#834477: CVE-2013-4232 CVE-2013-4231: tiff: buffer overflows/use
after free problem
* bnc#834779: CVE-2013-4243: libtiff (gif2tiff): heap-based buffer
overflow in readgifimage()
* bnc#834788: CVE-2013-4244: libtiff (gif2tiff): OOB Write in LZW
decompressor
Security Issue references:
* CVE-2013-4232
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4232>
* CVE-2013-4231
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4231>
* CVE-2013-4243
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4243>
* CVE-2013-4244
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4244>
SUSE bug 781995SUSE bug 787892SUSE bug 788741SUSE bug 791607SUSE bug 817573SUSE bug 818117SUSE bug 834477SUSE bug 834779SUSE bug 834788CVE-2012-4447 at SUSECVE-2012-4447 at NVDCVE-2012-4564 at SUSECVE-2012-4564 at NVDCVE-2012-5581 at SUSECVE-2012-5581 at NVDCVE-2013-1960 at SUSECVE-2013-1960 at NVDCVE-2013-1961 at SUSECVE-2013-1961 at NVDCVE-2013-4231 at SUSECVE-2013-4231 at NVDCVE-2013-4232 at SUSECVE-2013-4232 at NVDCVE-2013-4243 at SUSECVE-2013-4243 at NVDCVE-2013-4244 at SUSECVE-2013-4244 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Recommended update for trousersSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This collective update for the trousers library and daemon fixes the
following issues:
*
One minor security issue for cases where tcsd is enabled for TCP:
CVE-2012-0698: tcsd in TrouSerS allowed remote attackers to cause a
denial of service (daemon crash) via a crafted type_offset value in a
TCP packet to port 30003.
*
An issue in the trousers library which prevents disabling of TPM
physical presence.
SUSE bug 778897SUSE bug 791029CVE-2012-0698 at SUSECVE-2012-0698 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for libvirtSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This libvirt update fixes a security issue.
* bnc#838638: CVE-2013-4296: EMBARGOED: libvirt: Fix crash in
remoteDispatchDomainMemoryStats
* bnc#817008: Regression: vm-install fails to display on SLES 11 SP2
UV2000
Security Issue reference:
* CVE-2013-4296
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4296>
SUSE bug 782311SUSE bug 800976SUSE bug 805843SUSE bug 817008SUSE bug 838638CVE-2013-0170 at SUSECVE-2013-0170 at NVDCVE-2013-4296 at SUSECVE-2013-4296 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for libvirtSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
libvirt received security and bugfixes:
* CVE-2012-4423: Fixed a libvirt remote denial of service (crash)
problem.
The following bugs have been fixed:
* qemu: Fix probing for guest capabilities
* xen-xm: Generate UUID if not specified
* xenParseXM: don't dereference NULL pointer when script is empty
Security Issue references:
* CVE-2012-4539
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4539>
* CVE-2012-3497
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3497>
* CVE-2012-4411
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4411>
* CVE-2012-4535
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4535>
* CVE-2012-4537
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4537>
* CVE-2012-4536
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4536>
* CVE-2012-4538
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4538>
* CVE-2012-4539
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4539>
* CVE-2012-4544
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4544>
SUSE bug 772586SUSE bug 773621SUSE bug 773626SUSE bug 780432CVE-2012-3497 at SUSECVE-2012-3497 at NVDCVE-2012-4411 at SUSECVE-2012-4411 at NVDCVE-2012-4535 at SUSECVE-2012-4535 at NVDCVE-2012-4536 at SUSECVE-2012-4536 at NVDCVE-2012-4537 at SUSECVE-2012-4537 at NVDCVE-2012-4538 at SUSECVE-2012-4538 at NVDCVE-2012-4539 at SUSECVE-2012-4539 at NVDCVE-2012-4544 at SUSECVE-2012-4544 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for libxml2SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes a DoS vulnerability in libxml2. CVE-2013-2877 has been
assigned to this issue.
Security Issue reference:
* CVE-2013-2877
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2877>
SUSE bug 793334SUSE bug 805233SUSE bug 829077SUSE bug 854869CVE-2012-5134 at SUSECVE-2012-5134 at NVDCVE-2013-0338 at SUSECVE-2013-0338 at NVDCVE-2013-0339 at SUSECVE-2013-0339 at NVDCVE-2013-2877 at SUSECVE-2013-2877 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for libxml2 (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for libxml2 fixes the following security issues:
- CVE-2016-2073, CVE-2015-8806, CVE-2016-1839: A Heap-buffer overread
was fixed in libxml2/dict.c [bsc#963963, bsc#965283, bsc#981114].
- CVE-2016-4483: Code was added to avoid an out of bound access when
serializing malformed strings [bsc#978395].
- CVE-2016-1762: Fixed a heap-based buffer overread in xmlNextChar [bsc#981040].
- CVE-2016-1834: Fixed a heap-buffer-overflow in xmlStrncat [bsc#981041].
- CVE-2016-1833: Fixed a heap-based buffer overread in htmlCurrentChar [bsc#981108].
- CVE-2016-1835: Fixed a heap use-after-free in xmlSAX2AttributeNs [bsc#981109].
- CVE-2016-1837: Fixed a heap use-after-free in htmlParsePubidLiteral
and htmlParseSystemiteral [bsc#981111].
- CVE-2016-1838: Fixed a heap-based buffer overread in
xmlParserPrintFileContextInternal [bsc#981112].
- CVE-2016-1840: Fixed a heap-buffer-overflow in xmlFAParsePosCharGroup [bsc#981115].
- CVE-2016-4447: Fixed a heap-based buffer-underreads due to xmlParseName [bsc#981548].
- CVE-2016-4448: Fixed some format string warnings with possible format
string vulnerability [bsc#981549],
- CVE-2016-4449: Fixed inappropriate fetch of entities content [bsc#981550].
- CVE-2016-3705: Fixed missing increment of recursion counter.
ImportantSUSE bug 963963SUSE bug 965283SUSE bug 978395SUSE bug 981040SUSE bug 981041SUSE bug 981108SUSE bug 981109SUSE bug 981111SUSE bug 981112SUSE bug 981114SUSE bug 981115SUSE bug 981548SUSE bug 981549SUSE bug 981550CVE-2015-8806 at SUSECVE-2015-8806 at NVDCVE-2016-1762 at SUSECVE-2016-1762 at NVDCVE-2016-1833 at SUSECVE-2016-1833 at NVDCVE-2016-1834 at SUSECVE-2016-1834 at NVDCVE-2016-1835 at SUSECVE-2016-1835 at NVDCVE-2016-1837 at SUSECVE-2016-1837 at NVDCVE-2016-1838 at SUSECVE-2016-1838 at NVDCVE-2016-1839 at SUSECVE-2016-1839 at NVDCVE-2016-1840 at SUSECVE-2016-1840 at NVDCVE-2016-2073 at SUSECVE-2016-2073 at NVDCVE-2016-3705 at SUSECVE-2016-3705 at NVDCVE-2016-4447 at SUSECVE-2016-4447 at NVDCVE-2016-4448 at SUSECVE-2016-4448 at NVDCVE-2016-4449 at SUSECVE-2016-4449 at NVDCVE-2016-4483 at SUSECVE-2016-4483 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for libxsltSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
libxslt received a security update to fix a security issue:
* CVE-2013-4520: The XSL implementation in libxslt allowed remote
attackers to cause a denial of service (crash) via an invalid DTD.
(addendum due to incomplete fix for CVE-2012-2825)
Security Issue references:
* CVE-2012-6139
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6139>
* CVE-2012-2825
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2825>
* CVE-2011-3970
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3970>
SUSE bug 811686SUSE bug 849019CVE-2011-3970 at SUSECVE-2011-3970 at NVDCVE-2012-2825 at SUSECVE-2012-2825 at NVDCVE-2012-6139 at SUSECVE-2012-6139 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for libzyppSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
libzypp did not handle multiple gpg pubkeys in the repomd.xml.key and
content.key consistently and secure. Attackers could have exploited this to
add their own keys and pretend it's from SUSE.
Security Issue reference:
* CVE-2013-3704
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3704>
SUSE bug 779177SUSE bug 792901SUSE bug 828672CVE-2013-3704 at SUSECVE-2013-3704 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for MozillaFirefox, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for MozillaFirefox, mozilla-nss fixes security issues and bugs.
The following vulnerabilities were fixed in Firefox ESR 45.5.1 (bsc#1009026):
- CVE-2016-9079: Use-after-free in SVG Animation (bsc#1012964 MFSA 2016-92)
- CVE-2016-5297: Incorrect argument length checking in Javascript (bsc#1010401)
- CVE-2016-9066: Integer overflow leading to a buffer overflow in nsScriptLoadHandler (bsc#1010404)
- CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1 (bsc#1010395)
- CVE-2016-9064: Addons update must verify IDs match between current and new versions (bsc#1010402)
- CVE-2016-5290: Memory safety bugs fixed in Firefox 50 and Firefox ESR 45.5 (bsc#1010427)
- CVE-2016-5291: Same-origin policy violation using local HTML file and saved shortcut file (bsc#1010410)
The following vulnerabilities were fixed in mozilla-nss 3.21.3:
- CVE-2016-9074: Insufficient timing side-channel resistance in divSpoiler (bsc#1010422)
- CVE-2016-5285: Missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime causes server crash (bsc#1010517)
The following bugs were fixed:
- Firefox would fail to go into fullscreen mode with some window managers (bsc#992549)
- font warning messages would flood console, now using fontconfig configuration from
firefox-fontconfig instead of the system one (bsc#1000751)
ImportantSUSE bug 1000751SUSE bug 1009026SUSE bug 1010395SUSE bug 1010401SUSE bug 1010402SUSE bug 1010404SUSE bug 1010410SUSE bug 1010422SUSE bug 1010427SUSE bug 1010517SUSE bug 1012964SUSE bug 992549CVE-2016-5285 at SUSECVE-2016-5285 at NVDCVE-2016-5290 at SUSECVE-2016-5290 at NVDCVE-2016-5291 at SUSECVE-2016-5291 at NVDCVE-2016-5296 at SUSECVE-2016-5296 at NVDCVE-2016-5297 at SUSECVE-2016-5297 at NVDCVE-2016-9064 at SUSECVE-2016-9064 at NVDCVE-2016-9066 at SUSECVE-2016-9066 at NVDCVE-2016-9074 at SUSECVE-2016-9074 at NVDCVE-2016-9079 at SUSECVE-2016-9079 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for MozillaFirefox, MozillaFirefox-branding-SLED, MozillaFirefox-branding-SLES-for-VMware, mozilla-nss (Moderate)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss fixes the following issues:
Firefox 38.6.1 ESR (bsc#967087)
The following vulnerabilities were fixed:
- CVE-2016-1523: Fixed denial of service in Graphite 2 library (MFSA 2016-14/bmo#1246093)
Firefox 38.6.0 ESR + Mozilla NSS 3.20.2. (bsc#963520)
The following vulnerabilities were fixed:
- CVE-2016-1930: Memory safety bugs fixed in Firefox ESR 38.6 (bsc#963632)
- CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation (bsc#963635)
- CVE-2016-1938: Calculations with mp_div and mp_exptmod in Network Security Services (NSS) canproduce wrong results (bsc#963731)
- CVE-2015-7575: MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature (bsc#959888)
The following improvements were added:
- bsc#954447: Mozilla NSS now supports a number of new DHE ciphersuites
- Tracking protection is now enabled by default
ModerateSUSE bug 954447SUSE bug 959888SUSE bug 963520SUSE bug 963632SUSE bug 963635SUSE bug 963731SUSE bug 967087CVE-2015-7575 at SUSECVE-2015-7575 at NVDCVE-2016-1523 at SUSECVE-2016-1523 at NVDCVE-2016-1930 at SUSECVE-2016-1930 at NVDCVE-2016-1935 at SUSECVE-2016-1935 at NVDCVE-2016-1938 at SUSECVE-2016-1938 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for MozillaFirefox, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
Mozilla Firefox is being updated to the current Firefox 38ESR branch (specifically the 38.2.0ESR release).
Security issues fixed:
- MFSA 2015-78 / CVE-2015-4495: Same origin violation and local file stealing via PDF reader
- MFSA 2015-79 / CVE-2015-4473/CVE-2015-4474: Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)
- MFSA 2015-80 / CVE-2015-4475: Out-of-bounds read with malformed MP3 file
- MFSA 2015-82 / CVE-2015-4478: Redefinition of non-configurable JavaScript object properties
- MFSA 2015-83 / CVE-2015-4479: Overflow issues in libstagefright
- MFSA 2015-87 / CVE-2015-4484: Crash when using shared memory in JavaScript
- MFSA 2015-88 / CVE-2015-4491: Heap overflow in gdk-pixbuf when scaling bitmap images
- MFSA 2015-89 / CVE-2015-4485/CVE-2015-4486: Buffer overflows on Libvpx when decoding WebM video
- MFSA 2015-90 / CVE-2015-4487/CVE-2015-4488/CVE-2015-4489: Vulnerabilities found through code inspection
- MFSA 2015-92 / CVE-2015-4492: Use-after-free in XMLHttpRequest with shared workers
The following vulnerabilities were fixed in ESR31 and are also included here:
- CVE-2015-2724/CVE-2015-2725/CVE-2015-2726: Miscellaneous memory safety hazards (bsc#935979).
- CVE-2015-2728: Type confusion in Indexed Database Manager (bsc#935979).
- CVE-2015-2730: ECDSA signature validation fails to handle some signatures correctly (bsc#935979).
- CVE-2015-2722/CVE-2015-2733: Use-after-free in workers while using XMLHttpRequest (bsc#935979).
- CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737/CVE-2015-2738/CVE-2015-2739/CVE-2015-2740: Vulnerabilities found through code inspection (bsc#935979).
- CVE-2015-2743: Privilege escalation in PDF.js (bsc#935979).
- CVE-2015-4000: NSS accepts export-length DHE keys with regular DHE cipher suites (bsc#935033).
- CVE-2015-2721: NSS incorrectly permits skipping of ServerKeyExchange (bsc#935979).
This update also contains a lot of feature improvements and bug fixes from 31ESR to 38ESR.
Also the Mozilla NSS library switched its CKBI API from 1.98 to 2.4, which is what Firefox 38ESR uses.
Mozilla Firefox and mozilla-nss were updated to fix 17 security issues.
ImportantSUSE bug 935033SUSE bug 935979SUSE bug 940806SUSE bug 940918CVE-2015-2721 at SUSECVE-2015-2721 at NVDCVE-2015-2722 at SUSECVE-2015-2722 at NVDCVE-2015-2724 at SUSECVE-2015-2724 at NVDCVE-2015-2725 at SUSECVE-2015-2725 at NVDCVE-2015-2726 at SUSECVE-2015-2726 at NVDCVE-2015-2728 at SUSECVE-2015-2728 at NVDCVE-2015-2730 at SUSECVE-2015-2730 at NVDCVE-2015-2733 at SUSECVE-2015-2733 at NVDCVE-2015-2734 at SUSECVE-2015-2734 at NVDCVE-2015-2735 at SUSECVE-2015-2735 at NVDCVE-2015-2736 at SUSECVE-2015-2736 at NVDCVE-2015-2737 at SUSECVE-2015-2737 at NVDCVE-2015-2738 at SUSECVE-2015-2738 at NVDCVE-2015-2739 at SUSECVE-2015-2739 at NVDCVE-2015-2740 at SUSECVE-2015-2740 at NVDCVE-2015-2743 at SUSECVE-2015-2743 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDCVE-2015-4473 at SUSECVE-2015-4473 at NVDCVE-2015-4474 at SUSECVE-2015-4474 at NVDCVE-2015-4475 at SUSECVE-2015-4475 at NVDCVE-2015-4478 at SUSECVE-2015-4478 at NVDCVE-2015-4479 at SUSECVE-2015-4479 at NVDCVE-2015-4484 at SUSECVE-2015-4484 at NVDCVE-2015-4485 at SUSECVE-2015-4485 at NVDCVE-2015-4486 at SUSECVE-2015-4486 at NVDCVE-2015-4487 at SUSECVE-2015-4487 at NVDCVE-2015-4488 at SUSECVE-2015-4488 at NVDCVE-2015-4489 at SUSECVE-2015-4489 at NVDCVE-2015-4491 at SUSECVE-2015-4491 at NVDCVE-2015-4492 at SUSECVE-2015-4492 at NVDCVE-2015-4495 at SUSECVE-2015-4495 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for mozilla-nspr (Moderate)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
mozilla-nspr was update to version 4.10.8 ModerateSUSE bug 935979cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for Mozilla NSSSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
Mozilla NSS has been updated to 3.15.2 (bnc#847708) bringing various
features and bugfixes:
The main feature is TLS 1.2 support and its dependent algorithms.
* Support for AES-GCM ciphersuites that use the SHA-256 PRF
* MD2, MD4, and MD5 signatures are no longer accepted for OCSP or CRLs
* Add PK11_CipherFinal macro
* sizeof() used incorrectly
* nssutil_ReadSecmodDB() leaks memory
* Allow SSL_HandshakeNegotiatedExtension to be called before the
handshake is finished.
* Deprecate the SSL cipher policy code
* Avoid uninitialized data read in the event of a decryption failure.
(CVE-2013-1739)
Changes coming with version 3.15.1:
* TLS 1.2 (RFC 5246) is supported. HMAC-SHA256 cipher suites (RFC 5246
and RFC 5289) are supported, allowing TLS to be used without MD5 and
SHA-1.
Note the following limitations:
The hash function used in the signature for TLS 1.2 client
authentication must be the hash function of the TLS 1.2 PRF, which is
always SHA-256 in NSS 3.15.1. AES GCM cipher suites are not yet
supported.
o some bugfixes and improvements
Changes with version 3.15
* New Functionality
o Support for OCSP Stapling (RFC 6066, Certificate Status
Request) has been added for both client and server sockets. TLS
client applications may enable this via a call to
SSL_OptionSetDefault(SSL_ENABLE_OCSP_STAPLING, PR_TRUE);
o Added function SECITEM_ReallocItemV2. It replaces function
SECITEM_ReallocItem, which is now declared as obsolete.
o Support for single-operation (eg: not multi-part) symmetric key
encryption and decryption, via PK11_Encrypt and PK11_Decrypt.
o certutil has been updated to support creating name constraints
extensions.
Security Issue reference:
* CVE-2013-1739
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1739>
SUSE bug 847708CVE-2013-1739 at SUSECVE-2013-1739 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for nagiosSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes a DoS vulnerability in process_cgivars() of the nagios
package. CVE-2013-7108 has been assigned to this issue.
Security Issue reference:
* CVE-2013-7108
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7108>
SUSE bug 797237SUSE bug 856837CVE-2012-6096 at SUSECVE-2012-6096 at NVDCVE-2013-7108 at SUSECVE-2013-7108 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for nagios-nrpe, nagios-plugins-nrpeSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
Nagios NRPE was updated to add more blacklisting to avoid shell injection
via nagios request packets (CVE-2013-1362).
Security Issues:
* CVE-2013-1362
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1362>
SUSE bug 807241CVE-2013-1362 at SUSECVE-2013-1362 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Recommended update for nfs-clientSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update for nfs-utils provides the following fixes:
* Fix decoding of octal encoded fields in idmapd. (bnc#802823)
* Improve support for GSS security negotiation with old servers.
(bnc#844015)
* Correctly handle sub-directory exports from file systems with 64-bit
inode numbers. (bnc#841971)
* Ensure ldconfig cache is updated when libraries exist on NFS mounted
file system. (bnc#834164)
* Make it easy to enable NFSv4.1 support on server. (bnc#832264)
SUSE bug 752537SUSE bug 756479SUSE bug 758492SUSE bug 772120SUSE bug 775216SUSE bug 787272SUSE bug 788245SUSE bug 800414SUSE bug 802823SUSE bug 813464SUSE bug 816897SUSE bug 818094SUSE bug 832264SUSE bug 834164SUSE bug 841971SUSE bug 844015CVE-2013-1923 at SUSECVE-2013-1923 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for mozilla-nspr, mozilla-nssSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
Mozilla NSPR and NSS were updated to fix various security bugs that could
be used to crash the browser or potentially execute code.
Mozilla NSPR 4.10.2 has the following bug fixes:
* Bug 770534: Possible pointer overflow in PL_ArenaAllocate(). Fixed by
Pascal Cuoq and Kamil Dudka.
* Bug 888546: ptio.c:PR_ImportUDPSocket doesn't work. Fixed by Miloslav
Trmac.
* Bug 915522: VS2013 support for NSPR. Fixed by Makoto Kato.
* Bug 927687: Avoid unsigned integer wrapping in PL_ArenaAllocate.
(CVE-2013-5607)
Mozilla NSS 3.15.3 is a patch release for NSS 3.15 and includes the
following bug fixes:
* Bug 925100: Ensure a size is <= half of the maximum PRUint32 value.
(CVE-2013-1741)
* Bug 934016: Handle invalid handshake packets. (CVE-2013-5605)
* Bug 910438: Return the correct result in CERT_VerifyCert on failure,
if a verifyLog isn't used. (CVE-2013-5606)
Security Issue references:
* CVE-2013-1741
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1741>
* CVE-2013-5605
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5605>
* CVE-2013-5606
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5606>
* CVE-2013-5607
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5607>
SUSE bug 850148CVE-2013-1741 at SUSECVE-2013-1741 at NVDCVE-2013-5605 at SUSECVE-2013-5605 at NVDCVE-2013-5606 at SUSECVE-2013-5606 at NVDCVE-2013-5607 at SUSECVE-2013-5607 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for libfreebl3SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
Mozilla NSS has been updated to the 3.15.3.1 security release.
The update blacklists an intermediate CA that was abused to create man in
the middle certificates.
SUSE bug 854367cpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Recommended update for ntpSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
This collective update for the Network Time Protocol daemon (ntp) provides
fixes for the following reports:
* 758253: ntp fails if a host has more than 1024 IP addresses
* 771480: sntp not able to sync against Windows ntp server.
SUSE bug 758253SUSE bug 771480SUSE bug 910764SUSE bug 911792CVE-2014-9293 at SUSECVE-2014-9293 at NVDCVE-2014-9294 at SUSECVE-2014-9294 at NVDCVE-2014-9295 at SUSECVE-2014-9295 at NVDCVE-2014-9297 at SUSECVE-2014-9297 at NVDCVE-2014-9298 at SUSECVE-2014-9298 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for ntp (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This network time protocol server ntp was updated to 4.2.8p6 to fix the following
issues:
Also yast2-ntp-client was updated to match some sntp syntax changes. (bsc#937837)
Major functional changes:
- The 'sntp' commandline tool changed its option handling in a major way.
- 'controlkey 1' is added during update to ntp.conf to allow sntp to work.
- The local clock is being disabled during update.
- ntpd is no longer running chrooted.
Other functional changes:
- ntp-signd is installed.
- 'enable mode7' can be added to the configuration to allow ntdpc to work as compatibility mode option.
- 'kod' was removed from the default restrictions.
- SHA1 keys are used by default instead of MD5 keys.
These security issues were fixed:
- CVE-2015-5219: An endless loop due to incorrect precision to double conversion (bsc#943216).
- CVE-2015-8158: Fixed potential infinite loop in ntpq (bsc#962966).
- CVE-2015-8138: Zero Origin Timestamp Bypass (bsc#963002).
- CVE-2015-7979: Off-path Denial of Service (DoS) attack on authenticated broadcast mode (bsc#962784).
- CVE-2015-7978: Stack exhaustion in recursive traversal of restriction list (bsc#963000).
- CVE-2015-7977: reslist NULL pointer dereference (bsc#962970).
- CVE-2015-7976: ntpq saveconfig command allows dangerous characters in filenames (bsc#962802).
- CVE-2015-7975: nextvar() missing length check (bsc#962988).
- CVE-2015-7974: Skeleton Key: Missing key check allows impersonation between authenticated peers (bsc#962960).
- CVE-2015-7973: Replay attack on authenticated broadcast mode (bsc#962995).
- CVE-2015-8140: ntpq vulnerable to replay attacks (bsc#962994).
- CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin (bsc#962997).
- CVE-2015-5300: MITM attacker could have forced ntpd to make a step larger than the panic threshold (bsc#951629).
- CVE-2015-7871: NAK to the Future: Symmetric association authentication bypass via crypto-NAK (bsc#951608).
- CVE-2015-7855: decodenetnum() will ASSERT botch instead of returning FAIL on some bogus values (bsc#951608).
- CVE-2015-7854: Password Length Memory Corruption Vulnerability (bsc#951608).
- CVE-2015-7853: Invalid length data provided by a custom refclock driver could cause a buffer overflow (bsc#951608).
- CVE-2015-7852: ntpq atoascii() Memory Corruption Vulnerability (bsc#951608).
- CVE-2015-7851: saveconfig Directory Traversal Vulnerability (bsc#951608).
- CVE-2015-7850: remote config logfile-keyfile (bsc#951608).
- CVE-2015-7849: trusted key use-after-free (bsc#951608).
- CVE-2015-7848: mode 7 loop counter underrun (bsc#951608).
- CVE-2015-7701: Slow memory leak in CRYPTO_ASSOC (bsc#951608).
- CVE-2015-7703: configuration directives 'pidfile' and 'driftfile' should only be allowed locally (bsc#951608).
- CVE-2015-7704, CVE-2015-7705: Clients that receive a KoD should validate the origin timestamp field (bsc#951608).
- CVE-2015-7691, CVE-2015-7692, CVE-2015-7702: Incomplete autokey data packet length checks (bsc#951608).
These non-security issues were fixed:
- fate#320758 bsc#975981: Enable compile-time support for MS-SNTP (--enable-ntp-signd).
This replaces the w32 patches in 4.2.4 that added the authreg
directive.
- bsc#962318: Call /usr/sbin/sntp with full path to synchronize in start-ntpd.
When run as cron job, /usr/sbin/ is not in the path, which caused
the synchronization to fail.
- bsc#782060: Speedup ntpq.
- bsc#916617: Add /var/db/ntp-kod.
- bsc#956773: Add ntp-ENOBUFS.patch to limit a warning that might happen quite a lot on loaded systems.
- bsc#951559,bsc#975496: Fix the TZ offset output of sntp during DST.
- Add ntp-fork.patch and build with threads disabled to allow name resolution even when running chrooted.
- Add a controlkey line to /etc/ntp.conf if one does not already exist to allow runtime configuuration via ntpq.
- bsc#946386: Temporarily disable memlock to avoid problems due to high memory usage during name resolution.
- bsc#905885: Use SHA1 instead of MD5 for symmetric keys.
- Improve runtime configuration:
* Read keytype from ntp.conf
* Don't write ntp keys to syslog.
- Fix legacy action scripts to pass on command line arguments.
- bsc#944300: Remove 'kod' from the restrict line in ntp.conf.
- bsc#936327: Use ntpq instead of deprecated ntpdc in start-ntpd.
- Don't let 'keysdir' lines in ntp.conf trigger the 'keys' parser.
- Disable mode 7 (ntpdc) again, now that we don't use it anymore.
- Add 'addserver' as a new legacy action.
- bsc#910063: Fix the comment regarding addserver in ntp.conf.
- bsc#926510: Disable chroot by default.
- bsc#920238: Enable ntpdc for backwards compatibility.
- bsc#784760: Remove local clock from default configuration.
- bsc#942441/fate#319496: Require perl-Socket6.
- Improve runtime configuration:
* Read keytype from ntp.conf
* Don't write ntp keys to syslog.
- bsc#920183: Allow -4 and -6 address qualifiers in 'server' directives.
- Use upstream ntp-wait, because our version is incompatible with
the new ntpq command line syntax.
ImportantSUSE bug 782060SUSE bug 784760SUSE bug 905885SUSE bug 910063SUSE bug 916617SUSE bug 920183SUSE bug 920238SUSE bug 926510SUSE bug 936327SUSE bug 937837SUSE bug 942441SUSE bug 942587SUSE bug 943216SUSE bug 943218SUSE bug 944300SUSE bug 946386SUSE bug 951351SUSE bug 951559SUSE bug 951608SUSE bug 951629SUSE bug 954982SUSE bug 956773SUSE bug 962318SUSE bug 962784SUSE bug 962802SUSE bug 962960SUSE bug 962966SUSE bug 962970SUSE bug 962988SUSE bug 962994SUSE bug 962995SUSE bug 962997SUSE bug 963000SUSE bug 963002SUSE bug 975496SUSE bug 975981CVE-2015-5194 at SUSECVE-2015-5194 at NVDCVE-2015-5219 at SUSECVE-2015-5219 at NVDCVE-2015-5300 at SUSECVE-2015-5300 at NVDCVE-2015-7691 at SUSECVE-2015-7691 at NVDCVE-2015-7692 at SUSECVE-2015-7692 at NVDCVE-2015-7701 at SUSECVE-2015-7701 at NVDCVE-2015-7702 at SUSECVE-2015-7702 at NVDCVE-2015-7703 at SUSECVE-2015-7703 at NVDCVE-2015-7704 at SUSECVE-2015-7704 at NVDCVE-2015-7705 at SUSECVE-2015-7705 at NVDCVE-2015-7848 at SUSECVE-2015-7848 at NVDCVE-2015-7849 at SUSECVE-2015-7849 at NVDCVE-2015-7850 at SUSECVE-2015-7850 at NVDCVE-2015-7851 at SUSECVE-2015-7851 at NVDCVE-2015-7852 at SUSECVE-2015-7852 at NVDCVE-2015-7853 at SUSECVE-2015-7853 at NVDCVE-2015-7854 at SUSECVE-2015-7854 at NVDCVE-2015-7855 at SUSECVE-2015-7855 at NVDCVE-2015-7871 at SUSECVE-2015-7871 at NVDCVE-2015-7973 at SUSECVE-2015-7973 at NVDCVE-2015-7974 at SUSECVE-2015-7974 at NVDCVE-2015-7975 at SUSECVE-2015-7975 at NVDCVE-2015-7976 at SUSECVE-2015-7976 at NVDCVE-2015-7977 at SUSECVE-2015-7977 at NVDCVE-2015-7978 at SUSECVE-2015-7978 at NVDCVE-2015-7979 at SUSECVE-2015-7979 at NVDCVE-2015-8138 at SUSECVE-2015-8138 at NVDCVE-2015-8139 at SUSECVE-2015-8139 at NVDCVE-2015-8140 at SUSECVE-2015-8140 at NVDCVE-2015-8158 at SUSECVE-2015-8158 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for ntp (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for ntp fixes the following issues:
- Separate the creation of ntp.keys and key #1 in it to avoid
problems when upgrading installations that have the file, but
no key #1, which is needed e.g. by 'rcntp addserver'.
- Update to 4.2.8p7 (bsc#977446):
* CVE-2016-1547, bsc#977459:
Validate crypto-NAKs, AKA: CRYPTO-NAK DoS.
* CVE-2016-1548, bsc#977461: Interleave-pivot
* CVE-2016-1549, bsc#977451:
Sybil vulnerability: ephemeral association attack.
* CVE-2016-1550, bsc#977464: Improve NTP security against buffer
comparison timing attacks.
* CVE-2016-1551, bsc#977450:
Refclock impersonation vulnerability
* CVE-2016-2516, bsc#977452: Duplicate IPs on unconfig
directives will cause an assertion botch in ntpd.
* CVE-2016-2517, bsc#977455: remote configuration trustedkey/
requestkey/controlkey values are not properly validated.
* CVE-2016-2518, bsc#977457: Crafted addpeer with hmode > 7
causes array wraparound with MATCH_ASSOC.
* CVE-2016-2519, bsc#977458: ctl_getitem() return value not
always checked.
* integrate ntp-fork.patch
* Improve the fixes for:
CVE-2015-7704, CVE-2015-7705, CVE-2015-7974
- Restrict the parser in the startup script to the first
occurrance of 'keys' and 'controlkey' in ntp.conf (bsc#957226).
ImportantSUSE bug 957226SUSE bug 977446SUSE bug 977450SUSE bug 977451SUSE bug 977452SUSE bug 977455SUSE bug 977457SUSE bug 977458SUSE bug 977459SUSE bug 977461SUSE bug 977464CVE-2015-7704 at SUSECVE-2015-7704 at NVDCVE-2015-7705 at SUSECVE-2015-7705 at NVDCVE-2015-7974 at SUSECVE-2015-7974 at NVDCVE-2016-1547 at SUSECVE-2016-1547 at NVDCVE-2016-1548 at SUSECVE-2016-1548 at NVDCVE-2016-1549 at SUSECVE-2016-1549 at NVDCVE-2016-1550 at SUSECVE-2016-1550 at NVDCVE-2016-1551 at SUSECVE-2016-1551 at NVDCVE-2016-2516 at SUSECVE-2016-2516 at NVDCVE-2016-2517 at SUSECVE-2016-2517 at NVDCVE-2016-2518 at SUSECVE-2016-2518 at NVDCVE-2016-2519 at SUSECVE-2016-2519 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for ntp (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
ntp was updated to version 4.2.8p8 to fix five security issues.
These security issues were fixed:
- CVE-2016-4953: Bad authentication demobilizes ephemeral associations (bsc#982065).
- CVE-2016-4954: Processing spoofed server packets (bsc#982066).
- CVE-2016-4955: Autokey association reset (bsc#982067).
- CVE-2016-4956: Broadcast interleave (bsc#982068).
- CVE-2016-4957: CRYPTO_NAK crash (bsc#982064).
These non-security issues were fixed:
- Keep the parent process alive until the daemon has finished initialisation, to make sure that the PID file exists when the parent returns.
- bsc#979302: Change the process name of the forking DNS worker process to avoid the impression that ntpd is started twice.
- bsc#981422: Don't ignore SIGCHILD because it breaks wait().
ImportantSUSE bug 979302SUSE bug 981422SUSE bug 982056SUSE bug 982064SUSE bug 982065SUSE bug 982066SUSE bug 982067SUSE bug 982068CVE-2016-4953 at SUSECVE-2016-4953 at NVDCVE-2016-4954 at SUSECVE-2016-4954 at NVDCVE-2016-4955 at SUSECVE-2016-4955 at NVDCVE-2016-4956 at SUSECVE-2016-4956 at NVDCVE-2016-4957 at SUSECVE-2016-4957 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for ntp fixes the following issues:
ntp was updated to 4.2.8p9.
Security issues fixed:
- CVE-2016-9311, CVE-2016-9310, bsc#1011377: Mode 6
unauthenticated trap information disclosure and DDoS vector.
- CVE-2016-7427, bsc#1011390:
Broadcast Mode Replay Prevention DoS.
- CVE-2016-7428, bsc#1011417:
Broadcast Mode Poll Interval Enforcement DoS.
- CVE-2016-7431, bsc#1011395:
Regression: 010-origin: Zero Origin Timestamp Bypass.
- CVE-2016-7434, bsc#1011398:
Null pointer dereference in _IO_str_init_static_internal().
- CVE-2016-7429, bsc#1011404: Interface selection attack.
- CVE-2016-7426, bsc#1011406:
Client rate limiting and server responses.
- CVE-2016-7433, bsc#1011411: Reboot sync calculation problem.
- CVE-2015-8140: ntpq vulnerable to replay attacks.
- CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin.
- CVE-2015-5219: An endless loop due to incorrect precision to
double conversion (bsc#943216).
Non-security issues fixed:
- Fix a spurious error message.
- Other bugfixes, see /usr/share/doc/packages/ntp/ChangeLog.
- Fix a regression in 'trap' (bsc#981252).
- Reduce the number of netlink groups to listen on for changes to
the local network setup (bsc#992606).
- Fix segfault in 'sntp -a' (bsc#1009434).
- Silence an OpenSSL version warning (bsc#992038).
- Make the resolver task change user and group IDs to the same
values as the main task. (bsc#988028)
- Simplify ntpd's search for its own executable to prevent AppArmor
warnings (bsc#956365).
ModerateSUSE bug 1009434SUSE bug 1011377SUSE bug 1011390SUSE bug 1011395SUSE bug 1011398SUSE bug 1011404SUSE bug 1011406SUSE bug 1011411SUSE bug 1011417SUSE bug 943216SUSE bug 956365SUSE bug 981252SUSE bug 988028SUSE bug 992038SUSE bug 992606CVE-2015-5219 at SUSECVE-2015-5219 at NVDCVE-2015-8139 at SUSECVE-2015-8139 at NVDCVE-2015-8140 at SUSECVE-2015-8140 at NVDCVE-2016-7426 at SUSECVE-2016-7426 at NVDCVE-2016-7427 at SUSECVE-2016-7427 at NVDCVE-2016-7428 at SUSECVE-2016-7428 at NVDCVE-2016-7429 at SUSECVE-2016-7429 at NVDCVE-2016-7431 at SUSECVE-2016-7431 at NVDCVE-2016-7433 at SUSECVE-2016-7433 at NVDCVE-2016-7434 at SUSECVE-2016-7434 at NVDCVE-2016-9310 at SUSECVE-2016-9310 at NVDCVE-2016-9311 at SUSECVE-2016-9311 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Recommended update for openCryptokiSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update for openCryptoki changes the default mode of
/var/lock/openCryptoki to allow writes from members of group pkcs11.
SUSE bug 769412SUSE bug 779211SUSE bug 810121CVE-2012-4454 at SUSECVE-2012-4454 at NVDCVE-2012-4455 at SUSECVE-2012-4455 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for OpenSSHSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update for OpenSSH provides the following fixes:
* Implement remote denial of service hardening. (bnc#802639,
CVE-2010-5107)
* Use only FIPS 140-2 approved algorithms when FIPS mode is detected.
(bnc#755505, bnc#821039)
* Do not link OpenSSH binaries with LDAP libraries. (bnc#826906)
Security Issue reference:
* CVE-2010-5107
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5107>
SUSE bug 755505SUSE bug 802639SUSE bug 821039SUSE bug 826906CVE-2010-5107 at SUSECVE-2010-5107 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for openssh (Moderate)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
openssh was updated to fix four security issues.
These security issues were fixed:
- CVE-2015-5352: The x11_open_helper function in channels.c in ssh in OpenSSH when ForwardX11Trusted mode is not used, lacked a check of the refusal deadline for X connections, which made it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window (bsc#936695).
- CVE-2015-5600: The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH did not properly restrict the processing of keyboard-interactive devices within a single connection, which made it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list (bsc#938746).
- CVE-2015-4000: Removed and disabled weak DH groups (bsc#932483).
- Hardening patch to fix sftp RCE (bsc#903649).
These non-security issues were fixed:
- bsc#914309: sshd inherits oom_adj -17 on SIGHUP causing DoS potential for oom_killer.
- bsc#673532: limits.conf fsize change in SLES10SP3 causing problems to WebSphere mqm user.
ModerateSUSE bug 673532SUSE bug 903649SUSE bug 905118SUSE bug 914309SUSE bug 932483SUSE bug 936695SUSE bug 938746CVE-2015-4000 at SUSECVE-2015-4000 at NVDCVE-2015-5352 at SUSECVE-2015-5352 at NVDCVE-2015-5600 at SUSECVE-2015-5600 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Recommended update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update of openssl fixes a regression caused by the security fix for CVE-2015-0287,
after which DSA keys could occasionaly not loaded from disk. (bsc#937492)
ModerateSUSE bug 937492CVE-2015-0287 at SUSECVE-2015-0287 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for openssl fixes the following issues:
- CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure
OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS
routines so any application which reads PKCS#7 or CMS data from untrusted
sources is affected. SSL/TLS is not affected. (bsc#957812)
- Prevent segfault in s_client with invalid options (bsc#952099)
ModerateSUSE bug 952099SUSE bug 957812CVE-2015-3195 at SUSECVE-2015-3195 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for openssl fixes various security issues and bugs:
Security issues fixed:
- CVE-2016-0800 aka the 'DROWN' attack (bsc#968046):
OpenSSL was vulnerable to a cross-protocol attack that could lead to
decryption of TLS sessions by using a server supporting SSLv2 and
EXPORT cipher suites as a Bleichenbacher RSA padding oracle.
This update changes the openssl library to:
* Disable SSLv2 protocol support by default.
This can be overridden by setting the environment variable
'OPENSSL_ALLOW_SSL2' or by using SSL_CTX_clear_options using the
SSL_OP_NO_SSLv2 flag.
Note that various services and clients had already disabled SSL
protocol 2 by default previously.
* Disable all weak EXPORT ciphers by default. These can be reenabled
if required by old legacy software using the environment variable
'OPENSSL_ALLOW_EXPORT'.
- CVE-2016-0705 (bnc#968047):
A double free() bug in the DSA ASN1 parser code was fixed that could
be abused to facilitate a denial-of-service attack.
- CVE-2016-0797 (bnc#968048):
The BN_hex2bn() and BN_dec2bn() functions had a bug that could result
in an attempt to de-reference a NULL pointer leading to crashes.
This could have security consequences if these functions were ever
called by user applications with large untrusted hex/decimal data. Also,
internal usage of these functions in OpenSSL uses data from config files
or application command line arguments. If user developed applications
generated config file data based on untrusted data, then this could
have had security consequences as well.
- CVE-2016-0799 (bnc#968374)
On many 64 bit systems, the internal fmtstr() and doapr_outch()
functions could miscalculate the length of a string and attempt to
access out-of-bounds memory locations. These problems could have
enabled attacks where large amounts of untrusted data is passed to
the BIO_*printf functions. If applications use these functions in
this way then they could have been vulnerable. OpenSSL itself uses
these functions when printing out human-readable dumps of ASN.1
data. Therefore applications that print this data could have been
vulnerable if the data is from untrusted sources. OpenSSL command line
applications could also have been vulnerable when they print out ASN.1
data, or if untrusted data is passed as command line arguments. Libssl
is not considered directly vulnerable.
- CVE-2015-3197 (bsc#963415):
The SSLv2 protocol did not block disabled ciphers.
Note that the March 1st 2016 release also references following CVEs
that were fixed by us with CVE-2015-0293 in 2015:
- CVE-2016-0703 (bsc#968051): This issue only affected versions of
OpenSSL prior to March 19th 2015 at which time the code was refactored
to address vulnerability CVE-2015-0293. It would have made the above
'DROWN' attack much easier.
- CVE-2016-0704 (bsc#968053): 'Bleichenbacher oracle in SSLv2'
This issue only affected versions of OpenSSL prior to March 19th
2015 at which time the code was refactored to address vulnerability
CVE-2015-0293. It would have made the above 'DROWN' attack much easier.
Also fixes the following bug:
- Avoid running OPENSSL_config twice. This avoids breaking
engine loading and also fixes a memory leak in libssl. (bsc#952871 bsc#967787)
ImportantSUSE bug 952871SUSE bug 963415SUSE bug 967787SUSE bug 968046SUSE bug 968047SUSE bug 968048SUSE bug 968051SUSE bug 968053SUSE bug 968374CVE-2015-3197 at SUSECVE-2015-3197 at NVDCVE-2016-0702 at SUSECVE-2016-0702 at NVDCVE-2016-0703 at SUSECVE-2016-0703 at NVDCVE-2016-0705 at SUSECVE-2016-0705 at NVDCVE-2016-0797 at SUSECVE-2016-0797 at NVDCVE-2016-0799 at SUSECVE-2016-0799 at NVDCVE-2016-0800 at SUSECVE-2016-0800 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for openssl fixes the following issues:
Security issues fixed:
- CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)
- CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)
- CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)
- CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)
- CVE-2016-0702: Side channel attack on modular exponentiation 'CacheBleed' (bsc#968050)
Bugs fixed:
- fate#320304: build 32bit devel package
- bsc#976943: Fix buffer overrun in ASN1_parse
- bsc#973223: allow weak DH groups, vulnerable to the logjam attack,
when environment variable OPENSSL_ALLOW_LOGJAM_ATTACK is set
- bsc#889013: Rename README.SuSE to the new spelling
ImportantSUSE bug 889013SUSE bug 968050SUSE bug 976942SUSE bug 976943SUSE bug 977614SUSE bug 977615SUSE bug 977617CVE-2016-0702 at SUSECVE-2016-0702 at NVDCVE-2016-2105 at SUSECVE-2016-2105 at NVDCVE-2016-2106 at SUSECVE-2016-2106 at NVDCVE-2016-2108 at SUSECVE-2016-2108 at NVDCVE-2016-2109 at SUSECVE-2016-2109 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for openssl fixes the following issues:
OpenSSL Security Advisory [22 Sep 2016] (bsc#999665)
Severity: High
* OCSP Status Request extension unbounded memory growth (CVE-2016-6304) (bsc#999666)
Severity: Low
* Pointer arithmetic undefined behavior (CVE-2016-2177) (bsc#982575)
* Constant time flag not preserved in DSA signing (CVE-2016-2178) (bsc#983249)
* DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)
* DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)
* OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)
* Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183) (bsc#995359)
* Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)
* OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)
* Certificate message OOB reads (CVE-2016-6306) (bsc#999668)
More information can be found on: https://www.openssl.org/news/secadv/20160922.txt
Bugs fixed:
* Update expired S/MIME certs (bsc#979475)
* Fix crash in print_notice (bsc#998190)
* Resume reading from /dev/urandom when interrupted by a signal (bsc#995075)
ImportantSUSE bug 979475SUSE bug 982575SUSE bug 983249SUSE bug 993819SUSE bug 994749SUSE bug 994844SUSE bug 995075SUSE bug 995324SUSE bug 995359SUSE bug 995377SUSE bug 998190SUSE bug 999665SUSE bug 999666SUSE bug 999668CVE-2016-2177 at SUSECVE-2016-2177 at NVDCVE-2016-2178 at SUSECVE-2016-2178 at NVDCVE-2016-2179 at SUSECVE-2016-2179 at NVDCVE-2016-2181 at SUSECVE-2016-2181 at NVDCVE-2016-2182 at SUSECVE-2016-2182 at NVDCVE-2016-2183 at SUSECVE-2016-2183 at NVDCVE-2016-6302 at SUSECVE-2016-6302 at NVDCVE-2016-6303 at SUSECVE-2016-6303 at NVDCVE-2016-6304 at SUSECVE-2016-6304 at NVDCVE-2016-6306 at SUSECVE-2016-6306 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for openssl-certsSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
openssl-certs was updated with the current certificate data available from
mozilla.org.
Changes:
* Updated certificates to revision 1.95
* Distrust a sub-ca that issued google.com certificates. 'Distrusted AC
DG Tresor SSL' (bnc#854367)
Many CA updates from Mozilla:
* new: CA_Disig_Root_R1:2.9.0.195.3.154.238.80.144.110.40.crt server
auth, code signing, email signing
* new: CA_Disig_Root_R2:2.9.0.146.184.136.219.176.138.193.99.crt server
auth, code signing, email signing
* new:
China_Internet_Network_Information_Center_EV_Certificates_Root:2.4.72.159.0.1.crt
server auth
* changed:
Digital_Signature_Trust_Co._Global_CA_1:2.4.54.112.21.150.crt removed
code signing and server auth abilities
* changed:
Digital_Signature_Trust_Co._Global_CA_3:2.4.54.110.211.206.crt
removed code signing and server auth abilities
* new: D-TRUST_Root_Class_3_CA_2_2009:2.3.9.131.243.crt server auth
* new: D-TRUST_Root_Class_3_CA_2_EV_2009:2.3.9.131.244.crt server auth
* removed:
Entrust.net_Premium_2048_Secure_Server_CA:2.4.56.99.185.102.crt
* new: Entrust.net_Premium_2048_Secure_Server_CA:2.4.56.99.222.248.crt
* removed: Equifax_Secure_eBusiness_CA_2:2.4.55.112.207.181.crt
* new: PSCProcert:2.1.11.crt server auth, code signing, email signing
* new:
Swisscom_Root_CA_2:2.16.30.158.40.232.72.242.229.239.195.124.74.30.90.24.103.182.crt
server auth, code signing, email signing
* new:
Swisscom_Root_EV_CA_2:2.17.0.242.250.100.226.116.99.211.141.253.16.29.4.31.118.202.88.crt
server auth, code signing
* changed:
TC_TrustCenter_Universal_CA_III:2.14.99.37.0.1.0.2.20.141.51.21.2.228.108.244.crt
removed all abilities
* new: TURKTRUST_Certificate_Services_Provider_Root_2007:2.1.1.crt
server auth, code signing
* changed: TWCA_Root_Certification_Authority:2.1.1.crt added code
signing ability
* new 'EE Certification Centre Root CA'
* new 'T-TeleSec GlobalRoot Class 3'
* revoke mis-issued intermediate CAs from TURKTRUST.
SUSE bug 783509SUSE bug 796628SUSE bug 854367SUSE bug 860581SUSE bug 865080cpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for openswanSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes a Denial of Service (DoS) vulnerability via IKEv2 I1
notifications in openswan. CVE-2013-7294 has been assigned to this issue.
Security Issues:
* CVE-2013-7294
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7294>
SUSE bug 824316SUSE bug 859220CVE-2013-2053 at SUSECVE-2013-2053 at NVDCVE-2013-7294 at SUSECVE-2013-7294 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for openvpnSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
OpenVPN used a non-constant-time memcmp in HMAC comparison in
openvpn_decrypt that might have allowed remote attackers to gain knowledge
of plaintext data. (CVE-2013-2061)
Security Issues:
* CVE-2013-2061
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2061>
SUSE bug 843509CVE-2013-2061 at SUSECVE-2013-2061 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for PerlSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update of Perl 5 fixes the following security issues:
* fix rehash DoS [bnc#804415] [CVE-2013-1667]
* improve CGI crlf escaping [bnc#789994] [CVE-2012-5526]
* fix glob denial of service [bnc#796014] [CVE-2011-2728]
* sanitize input in Maketext.pm [bnc#797060] [CVE-2012-6329]
Security Issue references:
* CVE-2013-1667
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1667>
SUSE bug 778763SUSE bug 789994SUSE bug 791524SUSE bug 796014SUSE bug 797060SUSE bug 804415CVE-2013-1667 at SUSECVE-2013-1667 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for php5 (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
The PHP5 script interpreter was updated to fix security issues:
* CVE-2015-6836: A SOAP serialize_function_call() type confusion leading to remote code execution problem was fixed. [bnc#945428]
* CVE-2015-6837 CVE-2015-6838: Two NULL pointer dereferences in the XSLTProcessor class were fixed. [bnc#945412]
ImportantSUSE bug 945412SUSE bug 945428CVE-2015-6836 at SUSECVE-2015-6836 at NVDCVE-2015-6837 at SUSECVE-2015-6837 at NVDCVE-2015-6838 at SUSECVE-2015-6838 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for php5 (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
php5 was updated to fix the following security issues:
- CVE-2016-6297: Stack-based buffer overflow vulnerability in php_stream_zip_opener (bsc#991426).
- CVE-2016-6291: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE (bsc#991427).
- CVE-2016-6289: Integer overflow leads to buffer overflow in virtual_file_ex (bsc#991428).
- CVE-2016-6290: Use after free in unserialize() with Unexpected Session Deserialization (bsc#991429).
- CVE-2016-5399: Improper error handling in bzread() (bsc#991430).
- CVE-2016-6288: Buffer over-read in php_url_parse_ex (bsc#991433).
- CVE-2016-6296: Heap buffer overflow vulnerability in simplestring_addn in simplestring.c (bsc#991437).
- CVE-2016-5769: Mcrypt: Heap Overflow due to integer overflows (bsc#986388).
- CVE-2015-8935: XSS in header() with Internet Explorer (bsc#986004).
- CVE-2016-5772: Double free corruption in wddx_deserialize (bsc#986244).
- CVE-2016-5766: Integer Overflow in _gd2GetHeader() resulting in heap overflow (bsc#986386).
- CVE-2016-5767: Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow (bsc#986393).
ImportantSUSE bug 986004SUSE bug 986244SUSE bug 986386SUSE bug 986388SUSE bug 986393SUSE bug 991426SUSE bug 991427SUSE bug 991428SUSE bug 991429SUSE bug 991430SUSE bug 991433SUSE bug 991437CVE-2015-8935 at SUSECVE-2015-8935 at NVDCVE-2016-5399 at SUSECVE-2016-5399 at NVDCVE-2016-5766 at SUSECVE-2016-5766 at NVDCVE-2016-5767 at SUSECVE-2016-5767 at NVDCVE-2016-5769 at SUSECVE-2016-5769 at NVDCVE-2016-5772 at SUSECVE-2016-5772 at NVDCVE-2016-6288 at SUSECVE-2016-6288 at NVDCVE-2016-6289 at SUSECVE-2016-6289 at NVDCVE-2016-6290 at SUSECVE-2016-6290 at NVDCVE-2016-6291 at SUSECVE-2016-6291 at NVDCVE-2016-6296 at SUSECVE-2016-6296 at NVDCVE-2016-6297 at SUSECVE-2016-6297 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for php53 to version 5.3.17 fixes the following issues:
These security issues were fixed:
- CVE-2016-5093: get_icu_value_internal out-of-bounds read (bnc#982010).
- CVE-2016-5094: Don't create strings with lengths outside int range (bnc#982011).
- CVE-2016-5095: Don't create strings with lengths outside int range (bnc#982012).
- CVE-2016-5096: int/size_t confusion in fread (bsc#982013).
- CVE-2016-5114: fpm_log.c memory leak and buffer overflow (bnc#982162).
- CVE-2015-8879: The odbc_bindcols function in ext/odbc/php_odbc.c in PHP mishandles driver behavior for SQL_WVARCHAR columns, which allowed remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table (bsc#981050).
- CVE-2015-4116: Use-after-free vulnerability in the spl_ptr_heap_insert function in ext/spl/spl_heap.c in PHP allowed remote attackers to execute arbitrary code by triggering a failed SplMinHeap::compare operation (bsc#980366).
- CVE-2015-8874: Stack consumption vulnerability in GD in PHP allowed remote attackers to cause a denial of service via a crafted imagefilltoborder call (bsc#980375).
- CVE-2015-8873: Stack consumption vulnerability in Zend/zend_exceptions.c in PHP allowed remote attackers to cause a denial of service (segmentation fault) via recursive method calls (bsc#980373).
- CVE-2016-4540: The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset (bsc#978829).
- CVE-2016-4541: The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in PHP allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset (bsc#978829.
- CVE-2016-4542: The exif_process_IFD_TAG function in ext/exif/exif.c in PHP did not properly construct spprintf arguments, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data (bsc#978830).
- CVE-2016-4543: The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP did not validate IFD sizes, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data (bsc#978830.
- CVE-2016-4544: The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP did not validate TIFF start data, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data (bsc#978830.
- CVE-2016-4537: The bcpowmod function in ext/bcmath/bcmath.c in PHP accepted a negative integer for the scale argument, which allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call (bsc#978827).
- CVE-2016-4538: The bcpowmod function in ext/bcmath/bcmath.c in PHP modified certain data structures without considering whether they are copies of the _zero_, _one_, or _two_ global variable, which allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call (bsc#978827).
- CVE-2016-4539: The xml_parse_into_struct function in ext/xml/xml.c in PHP allowed remote attackers to cause a denial of service (buffer under-read and segmentation fault) or possibly have unspecified other impact via crafted XML data in the second argument, leading to a parser level of zero (bsc#978828).
- CVE-2016-4342: ext/phar/phar_object.c in PHP mishandles zero-length uncompressed data, which allowed remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) TAR, (2) ZIP, or (3) PHAR archive (bsc#977991).
- CVE-2016-4346: Integer overflow in the str_pad function in ext/standard/string.c in PHP allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow (bsc#977994).
- CVE-2016-4073: Multiple integer overflows in the mbfl_strcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP allowed remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted mb_strcut call (bsc#977003).
- CVE-2015-8867: The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP incorrectly relied on the deprecated RAND_pseudo_bytes function, which made it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors (bsc#977005).
- CVE-2016-4070: Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP allowed remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function (bsc#976997).
- CVE-2015-8866: ext/libxml/libxml.c in PHP when PHP-FPM is used, did not isolate each thread from libxml_disable_entity_loader changes in other threads, which allowed remote attackers to conduct XML External Entity (XXE) and XML Entity Expansion (XEE) attacks via a crafted XML document, a related issue to CVE-2015-5161 (bsc#976996).
- CVE-2015-8838: ext/mysqlnd/mysqlnd.c in PHP used a client SSL option to mean that SSL is optional, which allowed man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152 (bsc#973792).
- CVE-2015-8835: The make_http_soap_request function in ext/soap/php_http.c in PHP did not properly retrieve keys, which allowed remote attackers to cause a denial of service (NULL pointer dereference, type confusion, and application crash) or possibly execute arbitrary code via crafted serialized data representing a numerically indexed _cookies array, related to the SoapClient::__call method in ext/soap/soap.c (bsc#973351).
- CVE-2016-3141: Use-after-free vulnerability in wddx.c in the WDDX extension in PHP allowed remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact by triggering a wddx_deserialize call on XML data containing a crafted var element (bsc#969821).
- CVE-2016-3142: The phar_parse_zipfile function in zip.c in the PHAR extension in PHP allowed remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) by placing a PK\x05\x06 signature at an invalid location (bsc#971912).
- CVE-2014-9767: Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP ext/zip/ext_zip.cpp in HHVM allowed remote attackers to create arbitrary empty directories via a crafted ZIP archive (bsc#971612).
- CVE-2016-3185: The make_http_soap_request function in ext/soap/php_http.c in PHP allowed remote attackers to obtain sensitive information from process memory or cause a denial of service (type confusion and application crash) via crafted serialized _cookies data, related to the SoapClient::__call method in ext/soap/soap.c (bsc#971611).
- CVE-2016-2554: Stack-based buffer overflow in ext/phar/tar.c in PHP allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TAR archive (bsc#968284).
- CVE-2015-7803: The phar_get_entry_data function in ext/phar/util.c in PHP allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry in which the Link indicator references a file that did not exist (bsc#949961).
- CVE-2015-6831: Multiple use-after-free vulnerabilities in SPL in PHP allowed remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled during unserialization (bsc#942291).
- CVE-2015-6833: Directory traversal vulnerability in the PharData class in PHP allowed remote attackers to write to arbitrary files via a .. (dot dot) in a ZIP archive entry that is mishandled during an extractTo call (bsc#942296.
- CVE-2015-6836: The SoapClient __call method in ext/soap/soap.c in PHP did not properly manage headers, which allowed remote attackers to execute arbitrary code via crafted serialized data that triggers a 'type confusion' in the serialize_function_call function (bsc#945428).
- CVE-2015-6837: The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP when libxml2 is used, did not consider the possibility of a NULL valuePop return value proceeding with a free operation during initial error checking, which allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6838 (bsc#945412).
- CVE-2015-6838: The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP when libxml2 is used, did not consider the possibility of a NULL valuePop return value proceeding with a free operation after the principal argument loop, which allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6837 (bsc#945412).
- CVE-2015-5590: Stack-based buffer overflow in the phar_fix_filepath function in ext/phar/phar.c in PHP allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value, as demonstrated by mishandling of an e-mail attachment by the imap PHP extension (bsc#938719).
- CVE-2015-5589: The phar_convert_to_other function in ext/phar/phar_object.c in PHP did not validate a file pointer a close operation, which allowed remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted TAR archive that is mishandled in a Phar::convertToData call (bsc#938721).
- CVE-2015-4602: The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP allowed remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to a 'type confusion' issue (bsc#935224).
- CVE-2015-4599: The SoapFault::__toString method in ext/soap/soap.c in PHP allowed remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a 'type confusion' issue (bsc#935226).
- CVE-2015-4600: The SoapClient implementation in PHP allowed remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to 'type confusion' issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods (bsc#935226).
- CVE-2015-4601: PHP allowed remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to 'type confusion' issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a different issue than CVE-2015-4600 (bsc#935226.
- CVE-2015-4603: The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP allowed remote attackers to execute arbitrary code via an unexpected data type, related to a 'type confusion' issue (bsc#935234).
- CVE-2015-4644: The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP did not validate token extraction for table names, which might allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352 (bsc#935274).
- CVE-2015-4643: Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP allowed remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4022 (bsc#935275).
- CVE-2015-3411: PHP did not ensure that pathnames lack %00 sequences, which might have allowed remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\0.xml attack that bypasses an intended configuration in which client users may read only .xml files (bsc#935227).
- CVE-2015-3412: PHP did not ensure that pathnames lack %00 sequences, which might have allowed remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_path function in ext/standard/streamsfuncs.c, as demonstrated by a filename\0.extension attack that bypasses an intended configuration in which client users may read files with only one specific extension (bsc#935229).
- CVE-2015-4598: PHP did not ensure that pathnames lack %00 sequences, which might have allowed remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2) the GD imagepsloadfont function, as demonstrated by a filename\0.html attack that bypasses an intended configuration in which client users may write to only .html files (bsc#935232).
- CVE-2015-4148: The do_soap_call function in ext/soap/soap.c in PHP did not verify that the uri property is a string, which allowed remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a 'type confusion' issue (bsc#933227).
- CVE-2015-4024: Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP allowed remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome (bsc#931421).
- CVE-2015-4026: The pcntl_exec implementation in PHP truncates a pathname upon encountering a \x00 character, which might allowed remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243 (bsc#931776).
- CVE-2015-4022: Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP allowed remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow (bsc#931772).
- CVE-2015-4021: The phar_parse_tarfile function in ext/phar/tar.c in PHP did not verify that the first character of a filename is different from the \0 character, which allowed remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive (bsc#931769).
- CVE-2015-3329: Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP allowed remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive (bsc#928506).
- CVE-2015-2783: ext/phar/phar.c in PHP allowed remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions (bsc#928511).
- CVE-2015-2787: Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP allowed remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231 (bsc#924972).
- CVE-2014-9709: The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP allowed remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function (bsc#923945).
- CVE-2015-2301: Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP allowed remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file (bsc#922452).
- CVE-2015-2305: Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) 32-bit platforms might have allowed context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow (bsc#921950).
- CVE-2014-9705: Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP allowed remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries (bsc#922451).
- CVE-2015-0273: Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP allowed remote attackers to execute arbitrary code via crafted serialized input containing a (1) R or (2) r type specifier in (a) DateTimeZone data handled by the php_date_timezone_initialize_from_hash function or (b) DateTime data handled by the php_date_initialize_from_hash function (bsc#918768).
- CVE-2014-9652: The mconvert function in softmagic.c in file as used in the Fileinfo component in PHP did not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allowed remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file (bsc#917150).
- CVE-2014-8142: Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP allowed remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys within the serialized properties of an object, a different vulnerability than CVE-2004-1019 (bsc#910659).
- CVE-2015-0231: Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP allowed remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate numerical keys within the serialized properties of an object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8142 (bsc#910659).
- CVE-2014-8142: Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP allowed remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys within the serialized properties of an object, a different vulnerability than CVE-2004-1019 (bsc#910659).
- CVE-2015-0232: The exif_process_unicode function in ext/exif/exif.c in PHP allowed remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free and application crash) via crafted EXIF data in a JPEG image (bsc#914690).
- CVE-2014-3670: The exif_ifd_make_value function in exif.c in the EXIF extension in PHP operates on floating-point arrays incorrectly, which allowed remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by the exif_thumbnail function (bsc#902357).
- CVE-2014-3669: Integer overflow in the object_custom function in ext/standard/var_unserializer.c in PHP allowed remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an argument to the unserialize function that triggers calculation of a large length value (bsc#902360).
- CVE-2014-3668: Buffer overflow in the date_from_ISO8601 function in the mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP allowed remote attackers to cause a denial of service (application crash) via (1) a crafted first argument to the xmlrpc_set_type function or (2) a crafted argument to the xmlrpc_decode function, related to an out-of-bounds read operation (bsc#902368).
- CVE-2014-5459: The PEAR_REST class in REST.php in PEAR in PHP allowed local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions (bsc#893849).
- CVE-2014-3597: Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP allowed remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049 (bsc#893853).
- CVE-2014-4670: Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL component in PHP allowed context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted iterator usage within applications in certain web-hosting environments (bsc#886059).
- CVE-2014-4698: Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP allowed context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments (bsc#886060).
- CVE-2014-4721: The phpinfo implementation in ext/standard/info.c in PHP did not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might allowed context-dependent attackers to obtain sensitive information from process memory by using the integer data type with crafted values, related to a 'type confusion' vulnerability, as demonstrated by reading a private SSL key in an Apache HTTP Server web-hosting environment with mod_ssl and a PHP 5.3.x mod_php (bsc#885961).
- CVE-2014-0207: The cdf_read_short_sector function in cdf.c in file as used in the Fileinfo component in PHP allowed remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file (bsc#884986).
- CVE-2014-3478: Buffer overflow in the mconvert function in softmagic.c in file as used in the Fileinfo component in PHP allowed remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion (bsc#884987).
- CVE-2014-3479: The cdf_check_stream_offset function in cdf.c in file as used in the Fileinfo component in PHP relies on incorrect sector-size data, which allowed remote attackers to cause a denial of service (application crash) via a crafted stream offset in a CDF file (bsc#884989).
- CVE-2014-3480: The cdf_count_chain function in cdf.c in file as used in the Fileinfo component in PHP did not properly validate sector-count data, which allowed remote attackers to cause a denial of service (application crash) via a crafted CDF file (bsc#884990).
- CVE-2014-3487: The cdf_read_property_info function in file as used in the Fileinfo component in PHP did not properly validate a stream offset, which allowed remote attackers to cause a denial of service (application crash) via a crafted CDF file (bsc#884991).
- CVE-2014-3515: The SPL component in PHP incorrectly anticipates that certain data structures will have the array data type after unserialization, which allowed remote attackers to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, related to 'type confusion' issues in (1) ArrayObject and (2) SPLObjectStorage (bsc#884992).
These non-security issues were fixed:
- bnc#935074: compare with SQL_NULL_DATA correctly
- bnc#935074: fix segfault in odbc_fetch_array
- bnc#919080: fix timezone map
- bnc#925109: unserialize SoapClient type confusion
ImportantSUSE bug 884986SUSE bug 884987SUSE bug 884989SUSE bug 884990SUSE bug 884991SUSE bug 884992SUSE bug 885961SUSE bug 886059SUSE bug 886060SUSE bug 893849SUSE bug 893853SUSE bug 902357SUSE bug 902360SUSE bug 902368SUSE bug 910659SUSE bug 914690SUSE bug 917150SUSE bug 918768SUSE bug 919080SUSE bug 921950SUSE bug 922451SUSE bug 922452SUSE bug 923945SUSE bug 924972SUSE bug 925109SUSE bug 928506SUSE bug 928511SUSE bug 931421SUSE bug 931769SUSE bug 931772SUSE bug 931776SUSE bug 933227SUSE bug 935074SUSE bug 935224SUSE bug 935226SUSE bug 935227SUSE bug 935229SUSE bug 935232SUSE bug 935234SUSE bug 935274SUSE bug 935275SUSE bug 938719SUSE bug 938721SUSE bug 942291SUSE bug 942296SUSE bug 945412SUSE bug 945428SUSE bug 949961SUSE bug 968284SUSE bug 969821SUSE bug 971611SUSE bug 971612SUSE bug 971912SUSE bug 973351SUSE bug 973792SUSE bug 976996SUSE bug 976997SUSE bug 977003SUSE bug 977005SUSE bug 977991SUSE bug 977994SUSE bug 978827SUSE bug 978828SUSE bug 978829SUSE bug 978830SUSE bug 980366SUSE bug 980373SUSE bug 980375SUSE bug 981050SUSE bug 982010SUSE bug 982011SUSE bug 982012SUSE bug 982013SUSE bug 982162CVE-2004-1019 at SUSECVE-2004-1019 at NVDCVE-2006-7243 at SUSECVE-2006-7243 at NVDCVE-2014-0207 at SUSECVE-2014-0207 at NVDCVE-2014-3478 at SUSECVE-2014-3478 at NVDCVE-2014-3479 at SUSECVE-2014-3479 at NVDCVE-2014-3480 at SUSECVE-2014-3480 at NVDCVE-2014-3487 at SUSECVE-2014-3487 at NVDCVE-2014-3515 at SUSECVE-2014-3515 at NVDCVE-2014-3597 at SUSECVE-2014-3597 at NVDCVE-2014-3668 at SUSECVE-2014-3668 at NVDCVE-2014-3669 at SUSECVE-2014-3669 at NVDCVE-2014-3670 at SUSECVE-2014-3670 at NVDCVE-2014-4049 at SUSECVE-2014-4049 at NVDCVE-2014-4670 at SUSECVE-2014-4670 at NVDCVE-2014-4698 at SUSECVE-2014-4698 at NVDCVE-2014-4721 at SUSECVE-2014-4721 at NVDCVE-2014-5459 at SUSECVE-2014-5459 at NVDCVE-2014-8142 at SUSECVE-2014-8142 at NVDCVE-2014-9652 at SUSECVE-2014-9652 at NVDCVE-2014-9705 at SUSECVE-2014-9705 at NVDCVE-2014-9709 at SUSECVE-2014-9709 at NVDCVE-2014-9767 at SUSECVE-2014-9767 at NVDCVE-2015-0231 at SUSECVE-2015-0231 at NVDCVE-2015-0232 at SUSECVE-2015-0232 at NVDCVE-2015-0273 at SUSECVE-2015-0273 at NVDCVE-2015-1352 at SUSECVE-2015-1352 at NVDCVE-2015-2301 at SUSECVE-2015-2301 at NVDCVE-2015-2305 at SUSECVE-2015-2305 at NVDCVE-2015-2783 at SUSECVE-2015-2783 at NVDCVE-2015-2787 at SUSECVE-2015-2787 at NVDCVE-2015-3152 at SUSECVE-2015-3152 at NVDCVE-2015-3329 at SUSECVE-2015-3329 at NVDCVE-2015-3411 at SUSECVE-2015-3411 at NVDCVE-2015-3412 at SUSECVE-2015-3412 at NVDCVE-2015-4021 at SUSECVE-2015-4021 at NVDCVE-2015-4022 at SUSECVE-2015-4022 at NVDCVE-2015-4024 at SUSECVE-2015-4024 at NVDCVE-2015-4026 at SUSECVE-2015-4026 at NVDCVE-2015-4116 at SUSECVE-2015-4116 at NVDCVE-2015-4148 at SUSECVE-2015-4148 at NVDCVE-2015-4598 at SUSECVE-2015-4598 at NVDCVE-2015-4599 at SUSECVE-2015-4599 at NVDCVE-2015-4600 at SUSECVE-2015-4600 at NVDCVE-2015-4601 at SUSECVE-2015-4601 at NVDCVE-2015-4602 at SUSECVE-2015-4602 at NVDCVE-2015-4603 at SUSECVE-2015-4603 at NVDCVE-2015-4643 at SUSECVE-2015-4643 at NVDCVE-2015-4644 at SUSECVE-2015-4644 at NVDCVE-2015-5161 at SUSECVE-2015-5161 at NVDCVE-2015-5589 at SUSECVE-2015-5589 at NVDCVE-2015-5590 at SUSECVE-2015-5590 at NVDCVE-2015-6831 at SUSECVE-2015-6831 at NVDCVE-2015-6833 at SUSECVE-2015-6833 at NVDCVE-2015-6836 at SUSECVE-2015-6836 at NVDCVE-2015-6837 at SUSECVE-2015-6837 at NVDCVE-2015-6838 at SUSECVE-2015-6838 at NVDCVE-2015-7803 at SUSECVE-2015-7803 at NVDCVE-2015-8835 at SUSECVE-2015-8835 at NVDCVE-2015-8838 at SUSECVE-2015-8838 at NVDCVE-2015-8866 at SUSECVE-2015-8866 at NVDCVE-2015-8867 at SUSECVE-2015-8867 at NVDCVE-2015-8873 at SUSECVE-2015-8873 at NVDCVE-2015-8874 at SUSECVE-2015-8874 at NVDCVE-2015-8879 at SUSECVE-2015-8879 at NVDCVE-2016-2554 at SUSECVE-2016-2554 at NVDCVE-2016-3141 at SUSECVE-2016-3141 at NVDCVE-2016-3142 at SUSECVE-2016-3142 at NVDCVE-2016-3185 at SUSECVE-2016-3185 at NVDCVE-2016-4070 at SUSECVE-2016-4070 at NVDCVE-2016-4073 at SUSECVE-2016-4073 at NVDCVE-2016-4342 at SUSECVE-2016-4342 at NVDCVE-2016-4346 at SUSECVE-2016-4346 at NVDCVE-2016-4537 at SUSECVE-2016-4537 at NVDCVE-2016-4538 at SUSECVE-2016-4538 at NVDCVE-2016-4539 at SUSECVE-2016-4539 at NVDCVE-2016-4540 at SUSECVE-2016-4540 at NVDCVE-2016-4541 at SUSECVE-2016-4541 at NVDCVE-2016-4542 at SUSECVE-2016-4542 at NVDCVE-2016-4543 at SUSECVE-2016-4543 at NVDCVE-2016-4544 at SUSECVE-2016-4544 at NVDCVE-2016-5093 at SUSECVE-2016-5093 at NVDCVE-2016-5094 at SUSECVE-2016-5094 at NVDCVE-2016-5095 at SUSECVE-2016-5095 at NVDCVE-2016-5096 at SUSECVE-2016-5096 at NVDCVE-2016-5114 at SUSECVE-2016-5114 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for php53 fixes the following security issues:
* CVE-2014-3587: Integer overflow in the cdf_read_property_info affecting SLES11 SP3 [bsc#987530]
* CVE-2016-6297: Stack-based buffer overflow vulnerability in php_stream_zip_opener [bsc#991426]
* CVE-2016-6291: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE [bsc#991427]
* CVE-2016-6289: Integer overflow leads to buffer overflow in virtual_file_ex [bsc#991428]
* CVE-2016-6290: Use after free in unserialize() with Unexpected Session Deserialization [bsc#991429]
* CVE-2016-5399: Improper error handling in bzread() [bsc#991430]
* CVE-2016-6288: Buffer over-read in php_url_parse_ex [bsc#991433]
* CVE-2016-6296: Heap buffer overflow vulnerability in simplestring_addn in simplestring.c [bsc#991437]
* CVE-2016-7124: Create an Unexpected Object and Don't Invoke __wakeup() in Deserialization
* CVE-2016-7125: PHP Session Data Injection Vulnerability
* CVE-2016-7126: select_colors write out-of-bounds
* CVE-2016-7127: imagegammacorrect allowed arbitrary write access
* CVE-2016-7128: Memory Leakage In exif_process_IFD_in_TIFF
* CVE-2016-7129: wddx_deserialize allows illegal memory access
* CVE-2016-7130: wddx_deserialize null dereference
* CVE-2016-7131: wddx_deserialize null dereference with invalid xml
* CVE-2016-7132: wddx_deserialize null dereference in php_wddx_pop_element
ImportantSUSE bug 987530SUSE bug 991426SUSE bug 991427SUSE bug 991428SUSE bug 991429SUSE bug 991430SUSE bug 991433SUSE bug 991437SUSE bug 997206SUSE bug 997207SUSE bug 997208SUSE bug 997210SUSE bug 997211SUSE bug 997220SUSE bug 997225SUSE bug 997230SUSE bug 997257CVE-2014-3587 at SUSECVE-2014-3587 at NVDCVE-2016-5399 at SUSECVE-2016-5399 at NVDCVE-2016-6288 at SUSECVE-2016-6288 at NVDCVE-2016-6289 at SUSECVE-2016-6289 at NVDCVE-2016-6290 at SUSECVE-2016-6290 at NVDCVE-2016-6291 at SUSECVE-2016-6291 at NVDCVE-2016-6296 at SUSECVE-2016-6296 at NVDCVE-2016-6297 at SUSECVE-2016-6297 at NVDCVE-2016-7124 at SUSECVE-2016-7124 at NVDCVE-2016-7125 at SUSECVE-2016-7125 at NVDCVE-2016-7126 at SUSECVE-2016-7126 at NVDCVE-2016-7127 at SUSECVE-2016-7127 at NVDCVE-2016-7128 at SUSECVE-2016-7128 at NVDCVE-2016-7129 at SUSECVE-2016-7129 at NVDCVE-2016-7130 at SUSECVE-2016-7130 at NVDCVE-2016-7131 at SUSECVE-2016-7131 at NVDCVE-2016-7132 at SUSECVE-2016-7132 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for php53 fixes the following issues:
* CVE-2016-7411: php5: Memory corruption when destructing deserialized object
* CVE-2016-7412: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG in BIT field
* CVE-2016-7413: Use after free in wddx_deserialize
* CVE-2016-7414: Out of bounds heap read when verifying signature of zip phar in phar_parse_zipfile
* CVE-2016-7416: Stack based buffer overflow in msgfmt_format_message
* CVE-2016-7417: Missing type check when unserializing SplArray
* CVE-2016-7418: Null pointer dereference in php_wddx_push_element
ImportantSUSE bug 999679SUSE bug 999680SUSE bug 999682SUSE bug 999684SUSE bug 999685SUSE bug 999819SUSE bug 999820CVE-2016-7411 at SUSECVE-2016-7411 at NVDCVE-2016-7412 at SUSECVE-2016-7412 at NVDCVE-2016-7413 at SUSECVE-2016-7413 at NVDCVE-2016-7414 at SUSECVE-2016-7414 at NVDCVE-2016-7416 at SUSECVE-2016-7416 at NVDCVE-2016-7417 at SUSECVE-2016-7417 at NVDCVE-2016-7418 at SUSECVE-2016-7418 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Recommended update for poptSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
New rpm versions write the package database entries for pubkeys in a
slightly different way than the version of rpm used in SLE 11 does, this
results in rpm writing to already freed memory and terminating with a
segmentation fault.
This issue may happen when building a SLE 11 image with kiwi on a system
that uses a new version of rpm.
This update makes rpm cope with the new entries.
SUSE bug 747225SUSE bug 754281SUSE bug 754284SUSE bug 754285SUSE bug 787156SUSE bug 792885SUSE bug 793395SUSE bug 812591CVE-2012-0060 at SUSECVE-2012-0060 at NVDCVE-2012-0061 at SUSECVE-2012-0061 at NVDCVE-2012-0815 at SUSECVE-2012-0815 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for PostgreSQLSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
PostgreSQL has been updated to version 8.3.23 which fixes various bugs and
one security issue.
The security issue fixed in this release, CVE-2013-0255, allowed a
previously authenticated user to crash the server by calling an internal
function with invalid arguments. This issue was discovered by independent
security researcher Sumit Soni this week and reported via Secunia SVCRP,
and we are grateful for their efforts in making PostgreSQL more secure.
More information can be found at
http://www.postgresql.org/about/news/1446/
<http://www.postgresql.org/about/news/1446/>
Security Issue reference:
* CVE-2013-0255
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255>
SUSE bug 802679CVE-2013-0255 at SUSECVE-2013-0255 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for puppetSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
This update for puppet fixes a remote code execution vulnerability in the
'resource_type' service. (CVE-2013-4761)
Additionally, the update prevents puppet from executing initialization
scripts that could trigger a system reboot when handling 'puppet resource
service' calls.
Security Issue reference:
* CVE-2013-4761
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4761>
SUSE bug 809839SUSE bug 825878SUSE bug 835122SUSE bug 835848SUSE bug 853982SUSE bug 864082CVE-2013-1640 at SUSECVE-2013-1640 at NVDCVE-2013-1652 at SUSECVE-2013-1652 at NVDCVE-2013-1653 at SUSECVE-2013-1653 at NVDCVE-2013-1654 at SUSECVE-2013-1654 at NVDCVE-2013-1655 at SUSECVE-2013-1655 at NVDCVE-2013-2274 at SUSECVE-2013-2274 at NVDCVE-2013-2275 at SUSECVE-2013-2275 at NVDCVE-2013-3567 at SUSECVE-2013-3567 at NVDCVE-2013-4761 at SUSECVE-2013-4761 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for PythonSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This python update fixes a certificate hostname issue.
* bnc#834601: CVE-2013-4238: python: SSL module does not handle
certificates that contain hostnames with NULL bytes
Security Issue reference:
* CVE-2013-4238
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238>
SUSE bug 834601CVE-2013-4238 at SUSECVE-2013-4238 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for PythonSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
Python has been updated to version 2.6.9, which brings many fixes for bugs
and security issues:
* SSL Root Certificate validation is now enabled by default.
(bnc#827982)
* Fixed a overflow in socket.recvfrom_into where incorrect python
programs could have been exploited remotely via a buffer overrun.
(CVE-2014-1912)
* Multiple unbound readline() DoS flaws in python stdlib have been
fixed. (CVE-2013-1752)
* Handling of embedded \0 in SSL certificate fields has been fixed.
(CVE-2013-4238)
* CGIHTTPServer file disclosure and directory traversal through
URL-encoded characters has been fixed. (CVE-2014-4650)
Additionally, the following non-security issues have been fixed:
* Turn off OpenSSL's aggressive optimizations that conflict with
Python's GC. (bnc#859068)
* Fix usage of MD5 in hmac module when the cipher is not available in
FIPS mode. (bnc#847135)
* Update 'urlparse' module to correctly parse IPv6 addresses.
(bnc#872848)
* Correctly enable IPv6 support.
Security Issues:
* CVE-2013-4238
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238>
* CVE-2014-1912
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912>
* CVE-2013-1752
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1752>
* CVE-2014-4650
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4650>
SUSE bug 827982SUSE bug 834601SUSE bug 847135SUSE bug 856836SUSE bug 859068SUSE bug 863741SUSE bug 872848SUSE bug 885882CVE-2013-1752 at SUSECVE-2013-1752 at NVDCVE-2013-4238 at SUSECVE-2013-4238 at NVDCVE-2014-1912 at SUSECVE-2014-1912 at NVDCVE-2014-4650 at SUSECVE-2014-4650 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for quaggaSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update of quagga fixes two security issues:
* CVE-2013-0149: specially-crafted OSPF packets could have caused the
routing table to be erased (bnc#822572)
* CVE-2013-2236: local network stack overflow (bnc#828117)
Security Issue references:
* CVE-2013-2236
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2236>
* CVE-2013-0149
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0149>
SUSE bug 781567SUSE bug 822572SUSE bug 828117CVE-2013-0149 at SUSECVE-2013-0149 at NVDCVE-2013-2236 at SUSECVE-2013-2236 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Recommended update for quotaSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes repquota and warnquota are not properly working for XFS
filesystems (bnc#783171).
SUSE bug 772570SUSE bug 783171CVE-2012-3417 at SUSECVE-2012-3417 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for rubySUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
The following security issue has been fixed:
* CVE-2013-4164: heap overflow in float point parsing
Security Issue references:
* CVE-2013-4164
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4164>
* CVE-2009-0689
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689>
SUSE bug 783525SUSE bug 808137SUSE bug 827265SUSE bug 851803CVE-2009-0689 at SUSECVE-2009-0689 at NVDCVE-2012-4522 at SUSECVE-2012-4522 at NVDCVE-2013-1821 at SUSECVE-2013-1821 at NVDCVE-2013-4073 at SUSECVE-2013-4073 at NVDCVE-2013-4164 at SUSECVE-2013-4164 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for samba (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for Samba fixes the following security issues:
- CVE-2015-5330: Remote read memory exploit in LDB (bnc#958586).
- CVE-2015-5252: Insufficient symlink verification (file access outside the share) (bnc#958582).
- CVE-2015-5296: No man in the middle protection when forcing smb encryption on the client side (bnc#958584).
- CVE-2015-5299: Currently the snapshot browsing is not secure thru windows previous version (shadow_copy2) (bnc#958583).
Non-security issues fixed:
- Prevent null pointer access in samlogon fallback when security credentials are null
(bnc#949022).
- Address unrecoverable winbind failure: 'key length too large' (bnc#934299).
- Take resource group sids into account when caching netsamlogon data (bnc#912457).
- Use domain name if search by domain SID fails to send SIDHistory lookups to correct
idmap backend (bnc#773464).
- Remove deprecated base_rid example from idmap_rid manpage (bnc#913304).
- Purge printer name cache on spoolss SetPrinter change (bnc#901813).
- Fix lookup of groups with 'Local Domain' scope from Active Directory (bnc#948244).
ImportantSUSE bug 295284SUSE bug 773464SUSE bug 901813SUSE bug 912457SUSE bug 913304SUSE bug 934299SUSE bug 948244SUSE bug 949022SUSE bug 958582SUSE bug 958583SUSE bug 958584SUSE bug 958586CVE-2015-5252 at SUSECVE-2015-5252 at NVDCVE-2015-5296 at SUSECVE-2015-5296 at NVDCVE-2015-5299 at SUSECVE-2015-5299 at NVDCVE-2015-5330 at SUSECVE-2015-5330 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for samba (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for samba fixes the following issues:
Security issue fixed:
- CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link
target; (bso#11648); (bsc#968222).
Bugs fixed:
- Fix leaking memory in libsmbclient: Add missing talloc
stackframe; (bso#11177); (bsc#967017).
- Ensure samlogon fallback requests are rerouted after kerberos failure;
(bsc#953382).
- Ensure attempt to ssh into locked account triggers
'Your account is disabled.....' to the console; (bsc#953382).
- Make the winbind package depend on the matching libwbclient version and
vice versa; (bsc#936909).
ImportantSUSE bug 936909SUSE bug 953382SUSE bug 967017SUSE bug 968222CVE-2015-7560 at SUSECVE-2015-7560 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for samba (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
samba was updated to fix seven security issues.
These security issues were fixed:
- CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks (bsc#936862).
- CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication (bsc#973031).
- CVE-2016-2111: Domain controller netlogon member computer could have been spoofed (bsc#973032).
- CVE-2016-2112: LDAP conenctions were vulnerable to downgrade and MITM attack (bsc#973033).
- CVE-2016-2113: TLS certificate validation were missing (bsc#973034).
- CVE-2016-2115: Named pipe IPC were vulnerable to MITM attacks (bsc#973036).
- CVE-2016-2118: 'Badlock' DCERPC impersonation of authenticated account were possible (bsc#971965).
These non-security issues were fixed:
- bsc#967017: Fix leaking memory in libsmbclient in cli_set_mntpoint function
- Getting and setting Windows ACLs on symlinks can change permissions on link
ImportantSUSE bug 936862SUSE bug 967017SUSE bug 971965SUSE bug 973031SUSE bug 973032SUSE bug 973033SUSE bug 973034SUSE bug 973036CVE-2015-5370 at SUSECVE-2015-5370 at NVDCVE-2016-2110 at SUSECVE-2016-2110 at NVDCVE-2016-2111 at SUSECVE-2016-2111 at NVDCVE-2016-2112 at SUSECVE-2016-2112 at NVDCVE-2016-2113 at SUSECVE-2016-2113 at NVDCVE-2016-2115 at SUSECVE-2016-2115 at NVDCVE-2016-2118 at SUSECVE-2016-2118 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for samba provides the following fixes:
Security issues fixed:
- CVE-2016-2125: Don't send delegated credentials to all servers. (bsc#1014441)
- CVE-2016-2126: Prevent denial of service due to a client triggered crash in the winbindd
parent process. (bsc#1014442)
Non security issues fixed:
- Allow SESSION KEY setup without signing. (bsc#1009711)
- Fix crash bug in tevent_queue_immediate_trigger(). (bsc#1003731)
- Don't fail when using default domain with user@domain.com format. (bsc#997833)
- Prevent core, make sure response->extra_data.data is always cleared out. (bsc#993692)
- Honor smb.conf socket options in winbind. (bsc#975131)
- Fix crash with net rpc join. (bsc#978898)
- Fix a regression verifying the security trailer. (bsc#978898)
- Fix updating netlogon credentials. (bsc#978898)
ModerateSUSE bug 1003731SUSE bug 1009711SUSE bug 1014441SUSE bug 1014442SUSE bug 975131SUSE bug 978898SUSE bug 993692SUSE bug 997833CVE-2016-2125 at SUSECVE-2016-2125 at NVDCVE-2016-2126 at SUSECVE-2016-2126 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Recommended update for sblim-sfcbSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update for sblim-sfcb provides the following fixes:
* Improve robustness of sblim-sfcb request header parsing, fixing
errors when the XML header of posted request is too big.
* Fix a resource leak leading to failure to operate when using the
'SfcbLocal' client interface together with Openwsman.
SUSE bug 744995SUSE bug 767533SUSE bug 770234SUSE bug 770430SUSE bug 782327SUSE bug 820035SUSE bug 830525CVE-2012-3381 at SUSECVE-2012-3381 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for squidSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This squid update fixes a buffer overflow issue when squid attempts to
resolve an overly long hostname. This can be triggered with specially
crafted http requests. (bnc#829084, CVE-2013-4115)
This update also includes a correction to the last change for logrotate.
(bnc#677335)
Security Issue reference:
* CVE-2013-4115
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4115>
SUSE bug 677335SUSE bug 794954SUSE bug 796999SUSE bug 829084CVE-2012-5643 at SUSECVE-2012-5643 at NVDCVE-2013-0188 at SUSECVE-2013-0188 at NVDCVE-2013-4115 at SUSECVE-2013-4115 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for squid3SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
A denial of service problem in Squid3 initiated via invalid Content-Length
headers and memory leaks has been fixed. (CVE-2012-5643,CVE-2013-0189,
SQUID-2012:1)
Also a logrotate permission issue has been fixed.
Security Issue references:
* CVE-2012-5643
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5643>
* CVE-2013-0188
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0188>
SUSE bug 677335SUSE bug 794954SUSE bug 796999CVE-2012-5643 at SUSECVE-2012-5643 at NVDCVE-2013-0188 at SUSECVE-2013-0188 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for strongswanSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
This strongswan update fixes security issues and bugs:
* CVE-2013-5018: Specially crafted XAuth usernames and EAP identities
can cause a crash in strongswan.
* CVE-2013-6075: A crafted ID packet can be used by remote attackers to
crash the server or potentially gain authentication privileges under
certain circumstances.
Also a bug with route recursion limits was fixed:
* Charon SEGFAULT when left=%any / recursion limit. (bnc#840826)
Security Issues:
* CVE-2013-5018
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5018>
SUSE bug 779038SUSE bug 815236SUSE bug 833278SUSE bug 840826SUSE bug 847506SUSE bug 870572CVE-2013-2944 at SUSECVE-2013-2944 at NVDCVE-2013-5018 at SUSECVE-2013-5018 at NVDCVE-2014-2338 at SUSECVE-2014-2338 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for stunnelSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update for stunnel fixes a buffer overflow vulnerability caused by
incorrect integer conversion in the NTLM authentication of the CONNECT
protocol negotiation (CVE-2013-1762).
Security Issue reference:
* CVE-2013-1762
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1762>
SUSE bug 775262SUSE bug 776756SUSE bug 807450CVE-2013-1762 at SUSECVE-2013-1762 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for sudoSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes the following security issues which allowed to bypass the
sudo authentication: CVE-2013-1775, CVE-2013-1776, CVE-2013-2776 and
CVE-2013-2777.
Security Issue references:
* CVE-2013-1775
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1775>
* CVE-2013-1776
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1776>
* CVE-2013-2776
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2776>
* CVE-2013-2777
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2777>
SUSE bug 806919SUSE bug 806921SUSE bug 817349SUSE bug 817350CVE-2013-1775 at SUSECVE-2013-1775 at NVDCVE-2013-1776 at SUSECVE-2013-1776 at NVDCVE-2013-2776 at SUSECVE-2013-2776 at NVDCVE-2013-2777 at SUSECVE-2013-2777 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for systemtapSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This collective update for systemtap provides the following fixes:
* Change how systemtap looks for tracepoint header files. (bnc#796574)
* Systemtap manually loads libebl backends. Add libebl1 dependency.
(bnc#800335)
* Fix kernel panic when processing malformed DWARF unwind data.
(bnc#748564, CVE-2012-0875)
Security Issue reference:
* CVE-2012-0875
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0875>
SUSE bug 748564SUSE bug 796574SUSE bug 800335CVE-2012-0875 at SUSECVE-2012-0875 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for tomcat6SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update of tomcat6 fixes:
* apache-tomcat-CVE-2012-3544.patch (bnc#831119)
* use chown --no-dereference to prevent symlink attacks on log
(bnc#822177#c7/prevents CVE-2013-1976)
* Fix tomcat init scripts generating malformed classpath (
http://youtrack.jetbrains.com/issue/JT-18545
<http://youtrack.jetbrains.com/issue/JT-18545> ) bnc#804992 (patch
from m407)
* fix a typo in initscript (bnc#768772 )
* copy all shell scripts (bnc#818948)
Security Issue references:
* CVE-2012-3544
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544>
* CVE-2013-1976
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1976>
* CVE-2012-0022
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022>
SUSE bug 768772SUSE bug 789406SUSE bug 791423SUSE bug 791424SUSE bug 791426SUSE bug 791679SUSE bug 793391SUSE bug 793394SUSE bug 794548SUSE bug 804992SUSE bug 818948SUSE bug 822177SUSE bug 831119CVE-2012-0022 at SUSECVE-2012-0022 at NVDCVE-2012-2733 at SUSECVE-2012-2733 at NVDCVE-2012-3544 at SUSECVE-2012-3544 at NVDCVE-2012-3546 at SUSECVE-2012-3546 at NVDCVE-2012-4431 at SUSECVE-2012-4431 at NVDCVE-2012-4534 at SUSECVE-2012-4534 at NVDCVE-2012-5568 at SUSECVE-2012-5568 at NVDCVE-2012-5885 at SUSECVE-2012-5885 at NVDCVE-2012-5886 at SUSECVE-2012-5886 at NVDCVE-2012-5887 at SUSECVE-2012-5887 at NVDCVE-2013-1976 at SUSECVE-2013-1976 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for vinoSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
vino has been updated to fix a remote denial of service problem where
remote attackers could have caused a infinite loop in vino (CPU
consumption). (CVE-2013-5745)
Security Issue reference:
* CVE-2013-5745
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5745>
SUSE bug 843174CVE-2013-5745 at SUSECVE-2013-5745 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Recommended update for vm-installSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
vm-install received various bugfixes:
* bnc#779494 - SM wont install on KVM/Virt-Manager
* bnc#779280 - vm-install doesn't honour / correctly document disk
* Changed documentation link to suse.com.
Security Issue references:
* CVE-2012-4539
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4539>
* CVE-2012-3497
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3497>
* CVE-2012-4411
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4411>
* CVE-2012-4535
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4535>
* CVE-2012-4537
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4537>
* CVE-2012-4536
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4536>
* CVE-2012-4538
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4538>
* CVE-2012-4539
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4539>
* CVE-2012-4544
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4544>
SUSE bug 779280SUSE bug 779494CVE-2012-3497 at SUSECVE-2012-3497 at NVDCVE-2012-4411 at SUSECVE-2012-4411 at NVDCVE-2012-4535 at SUSECVE-2012-4535 at NVDCVE-2012-4536 at SUSECVE-2012-4536 at NVDCVE-2012-4537 at SUSECVE-2012-4537 at NVDCVE-2012-4538 at SUSECVE-2012-4538 at NVDCVE-2012-4539 at SUSECVE-2012-4539 at NVDCVE-2012-4544 at SUSECVE-2012-4544 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for wgetSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
wget was updated to fix one security issue and two non-security issues:
* FTP symbolic link arbitrary filesystem access (CVE-2014-4877).
* Fix displaying of download time (bnc#901276).
* Fix 0 size FTP downloads after failure (bnc#885069).
Security Issues:
* CVE-2014-4877
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877>
SUSE bug 885069SUSE bug 901276SUSE bug 902709CVE-2014-4877 at SUSECVE-2014-4877 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for wiresharkSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
wireshark was updated to security update version 1.8.12, fixing bugs and
security issues.
* The SIP dissector could go into an infinite loop.
wnpa-sec-2013-66 CVE-2013-7112
* The NTLMSSP v2 dissector could crash. Discovered by Garming Sam.
wnpa-sec-2013-68 CVE-2013-7114
Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.8.12.html
<https://www.wireshark.org/docs/relnotes/wireshark-1.8.12.html>
Security Issue references:
* CVE-2013-7112
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7112>
* CVE-2013-7113
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7113>
* CVE-2013-7114
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7114>
SUSE bug 772738SUSE bug 776083SUSE bug 792005SUSE bug 801131SUSE bug 807942SUSE bug 813217SUSE bug 816517SUSE bug 816887SUSE bug 820973SUSE bug 824900SUSE bug 831718SUSE bug 839607SUSE bug 848738SUSE bug 855980SUSE bug 856496SUSE bug 856498CVE-2012-4048 at SUSECVE-2012-4048 at NVDCVE-2012-4049 at SUSECVE-2012-4049 at NVDCVE-2012-4285 at SUSECVE-2012-4285 at NVDCVE-2012-4288 at SUSECVE-2012-4288 at NVDCVE-2012-4289 at SUSECVE-2012-4289 at NVDCVE-2012-4290 at SUSECVE-2012-4290 at NVDCVE-2012-4291 at SUSECVE-2012-4291 at NVDCVE-2012-4292 at SUSECVE-2012-4292 at NVDCVE-2012-4293 at SUSECVE-2012-4293 at NVDCVE-2012-4296 at SUSECVE-2012-4296 at NVDCVE-2012-5592 at SUSECVE-2012-5592 at NVDCVE-2012-5593 at SUSECVE-2012-5593 at NVDCVE-2012-5594 at SUSECVE-2012-5594 at NVDCVE-2012-5595 at SUSECVE-2012-5595 at NVDCVE-2012-5596 at SUSECVE-2012-5596 at NVDCVE-2012-5597 at SUSECVE-2012-5597 at NVDCVE-2012-5598 at SUSECVE-2012-5598 at NVDCVE-2012-5599 at SUSECVE-2012-5599 at NVDCVE-2012-5600 at SUSECVE-2012-5600 at NVDCVE-2012-5601 at SUSECVE-2012-5601 at NVDCVE-2012-5602 at SUSECVE-2012-5602 at NVDCVE-2013-1572 at SUSECVE-2013-1572 at NVDCVE-2013-1573 at SUSECVE-2013-1573 at NVDCVE-2013-1574 at SUSECVE-2013-1574 at NVDCVE-2013-1575 at SUSECVE-2013-1575 at NVDCVE-2013-1576 at SUSECVE-2013-1576 at NVDCVE-2013-1577 at SUSECVE-2013-1577 at NVDCVE-2013-1578 at SUSECVE-2013-1578 at NVDCVE-2013-1579 at SUSECVE-2013-1579 at NVDCVE-2013-1580 at SUSECVE-2013-1580 at NVDCVE-2013-1581 at SUSECVE-2013-1581 at NVDCVE-2013-1582 at SUSECVE-2013-1582 at NVDCVE-2013-1583 at SUSECVE-2013-1583 at NVDCVE-2013-1584 at SUSECVE-2013-1584 at NVDCVE-2013-1585 at SUSECVE-2013-1585 at NVDCVE-2013-1586 at SUSECVE-2013-1586 at NVDCVE-2013-1587 at SUSECVE-2013-1587 at NVDCVE-2013-1588 at SUSECVE-2013-1588 at NVDCVE-2013-1589 at SUSECVE-2013-1589 at NVDCVE-2013-1590 at SUSECVE-2013-1590 at NVDCVE-2013-2475 at SUSECVE-2013-2475 at NVDCVE-2013-2476 at SUSECVE-2013-2476 at NVDCVE-2013-2477 at SUSECVE-2013-2477 at NVDCVE-2013-2478 at SUSECVE-2013-2478 at NVDCVE-2013-2479 at SUSECVE-2013-2479 at NVDCVE-2013-2480 at SUSECVE-2013-2480 at NVDCVE-2013-2481 at SUSECVE-2013-2481 at NVDCVE-2013-2482 at SUSECVE-2013-2482 at NVDCVE-2013-2483 at SUSECVE-2013-2483 at NVDCVE-2013-2484 at SUSECVE-2013-2484 at NVDCVE-2013-2485 at SUSECVE-2013-2485 at NVDCVE-2013-2486 at SUSECVE-2013-2486 at NVDCVE-2013-2487 at SUSECVE-2013-2487 at NVDCVE-2013-2488 at SUSECVE-2013-2488 at NVDCVE-2013-3555 at SUSECVE-2013-3555 at NVDCVE-2013-3556 at SUSECVE-2013-3556 at NVDCVE-2013-3557 at SUSECVE-2013-3557 at NVDCVE-2013-3558 at SUSECVE-2013-3558 at NVDCVE-2013-3559 at SUSECVE-2013-3559 at NVDCVE-2013-3560 at SUSECVE-2013-3560 at NVDCVE-2013-3561 at SUSECVE-2013-3561 at NVDCVE-2013-3562 at SUSECVE-2013-3562 at NVDCVE-2013-4074 at SUSECVE-2013-4074 at NVDCVE-2013-4075 at SUSECVE-2013-4075 at NVDCVE-2013-4076 at SUSECVE-2013-4076 at NVDCVE-2013-4077 at SUSECVE-2013-4077 at NVDCVE-2013-4078 at SUSECVE-2013-4078 at NVDCVE-2013-4079 at SUSECVE-2013-4079 at NVDCVE-2013-4080 at SUSECVE-2013-4080 at NVDCVE-2013-4081 at SUSECVE-2013-4081 at NVDCVE-2013-4082 at SUSECVE-2013-4082 at NVDCVE-2013-4083 at SUSECVE-2013-4083 at NVDCVE-2013-4929 at SUSECVE-2013-4929 at NVDCVE-2013-4930 at SUSECVE-2013-4930 at NVDCVE-2013-4931 at SUSECVE-2013-4931 at NVDCVE-2013-4932 at SUSECVE-2013-4932 at NVDCVE-2013-4933 at SUSECVE-2013-4933 at NVDCVE-2013-4934 at SUSECVE-2013-4934 at NVDCVE-2013-4935 at SUSECVE-2013-4935 at NVDCVE-2013-6336 at SUSECVE-2013-6336 at NVDCVE-2013-6337 at SUSECVE-2013-6337 at NVDCVE-2013-6338 at SUSECVE-2013-6338 at NVDCVE-2013-6339 at SUSECVE-2013-6339 at NVDCVE-2013-6340 at SUSECVE-2013-6340 at NVDCVE-2013-7112 at SUSECVE-2013-7112 at NVDCVE-2013-7113 at SUSECVE-2013-7113 at NVDCVE-2013-7114 at SUSECVE-2013-7114 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for XenSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP2
XEN has been updated to fix various bugs and security issues:
*
CVE-2013-0153: (XSA 36) To avoid an erratum in early hardware, the
Xen AMD IOMMU code by default choose to use a single interrupt
remapping table for the whole system. This sharing implied that any
guest with a passed through PCI device that is bus mastering capable
can inject interrupts into other guests, including domain 0. This has
been disabled for AMD chipsets not capable of it.
*
CVE-2012-6075: qemu: The e1000 had overflows under some conditions,
potentially corrupting memory.
*
CVE-2013-0154: (XSA 37) Hypervisor crash due to incorrect ASSERT
(debug build only)
*
CVE-2012-5634: (XSA-33) A VT-d interrupt remapping source validation
flaw was fixed.
Also the following bugs have been fixed:
* bnc#805094 - xen hot plug attach/detach fails
* bnc#802690 - domain locking can prevent a live migration from
completing
* bnc#797014 - no way to control live migrations
o fix logic error in stdiostream_progress
o restore logging in xc_save
o add options to control migration tunables
* bnc#806736: enabling xentrace crashes hypervisor
* Upstream patches from Jan 26287-sched-credit-pick-idle.patch
26501-VMX-simplify-CR0-update.patch
26502-VMX-disable-SMEP-when-not-paging.patch
26516-ACPI-parse-table-retval.patch (Replaces
CVE-2013-0153-xsa36.patch) 26517-AMD-IOMMU-clear-irtes.patch
(Replaces CVE-2013-0153-xsa36.patch)
26518-AMD-IOMMU-disable-if-SATA-combined-mode.patch (Replaces
CVE-2013-0153-xsa36.patch)
26519-AMD-IOMMU-perdev-intremap-default.patch (Replaces
CVE-2013-0153-xsa36.patch) 26526-pvdrv-no-devinit.patch
26531-AMD-IOMMU-IVHD-special-missing.patch (Replaces
CVE-2013-0153-xsa36.patch)
* bnc#798188 - Add $network to xend initscript dependencies
* bnc#799694 - Unable to dvd or cdrom-boot DomU after xen-tools update
Fixed with update to Xen version 4.1.4
* bnc#800156 - L3: HP iLo Generate NMI function not working in XEN
kernel
* Upstream patches from Jan 26404-x86-forward-both-NMI-kinds.patch
26427-x86-AMD-enable-WC+.patch
* bnc#793927 - Xen VMs with more than 2 disks randomly fail to start
* Upstream patches from Jan 26332-x86-compat-show-guest-stack-mfn.patch
26333-x86-get_page_type-assert.patch (Replaces
CVE-2013-0154-xsa37.patch)
26340-VT-d-intremap-verify-legacy-bridge.patch (Replaces
CVE-2012-5634-xsa33.patch) 26370-libxc-x86-initial-mapping-fit.patch
* Update to Xen 4.1.4 c/s 23432
* Update xenpaging.guest-memusage.patch add rule for xenmem to avoid
spurious build failures
* Upstream patches from Jan 26179-PCI-find-next-cap.patch
26183-x86-HPET-masking.patch 26188-x86-time-scale-asm.patch
26200-IOMMU-debug-verbose.patch 26203-x86-HAP-dirty-vram-leak.patch
26229-gnttab-version-switch.patch (Replaces
CVE-2012-5510-xsa26.patch) 26230-x86-HVM-limit-batches.patch
(Replaces CVE-2012-5511-xsa27.patch)
26231-memory-exchange-checks.patch (Replaces
CVE-2012-5513-xsa29.patch) 26232-x86-mark-PoD-error-path.patch
(Replaces CVE-2012-5514-xsa30.patch) 26233-memop-order-checks.patch
(Replaces CVE-2012-5515-xsa31.patch)
26235-IOMMU-ATS-max-queue-depth.patch
26272-x86-EFI-makefile-cflags-filter.patch
26294-x86-AMD-Fam15-way-access-filter.patch CVE-2013-0154-xsa37.patch
* Restore c/s 25751 in 23614-x86_64-EFI-boot.patch. Modify the EFI
Makefile to do additional filtering.
Security Issue references:
* CVE-2013-0153
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0153>
* CVE-2012-6075
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6075>
* CVE-2012-5634
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5634>
SUSE bug 777628SUSE bug 789940SUSE bug 789944SUSE bug 789945SUSE bug 789948SUSE bug 789950SUSE bug 789951SUSE bug 789988SUSE bug 792476SUSE bug 793927SUSE bug 794316SUSE bug 797014SUSE bug 797031SUSE bug 797523SUSE bug 798188SUSE bug 799694SUSE bug 800156SUSE bug 800275SUSE bug 802690SUSE bug 805094SUSE bug 806736SUSE bug 910441SUSE bug 927967SUSE bug 929339CVE-2012-5510 at SUSECVE-2012-5510 at NVDCVE-2012-5511 at SUSECVE-2012-5511 at NVDCVE-2012-5512 at SUSECVE-2012-5512 at NVDCVE-2012-5513 at SUSECVE-2012-5513 at NVDCVE-2012-5514 at SUSECVE-2012-5514 at NVDCVE-2012-5515 at SUSECVE-2012-5515 at NVDCVE-2012-5634 at SUSECVE-2012-5634 at NVDCVE-2012-6075 at SUSECVE-2012-6075 at NVDCVE-2013-0153 at SUSECVE-2013-0153 at NVDCVE-2015-3340 at SUSECVE-2015-3340 at NVDCVE-2015-3456 at SUSECVE-2015-3456 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for xenSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
xen was updated to fix 14 security issues:
* Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling
(CVE-2014-9030).
* Insufficient bounding of 'REP MOVS' to MMIO emulated inside the
hypervisor (CVE-2014-8867).
* Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW
emulation (CVE-2014-7155).
* Hypervisor heap contents leaked to guests (CVE-2014-4021).
* Missing privilege level checks in x86 emulation of far branches
(CVE-2014-8595).
* Insufficient restrictions on certain MMU update hypercalls
(CVE-2014-8594).
* Intel VT-d Interrupt Remapping engines can be evaded by native NMI
interrupts (CVE-2013-3495).
* Missing privilege level checks in x86 emulation of software
interrupts (CVE-2014-7156).
* Race condition in HVMOP_track_dirty_vram (CVE-2014-7154).
* Improper MSR range used for x2APIC emulation (CVE-2014-7188).
* HVMOP_set_mem_type allows invalid P2M entries to be created
(CVE-2014-3124).
* HVMOP_set_mem_access is not preemptible (CVE-2014-2599).
* Excessive checking in compatibility mode hypercall argument
translation (CVE-2014-8866).
* Guest user mode triggerable VM exits not handled by hypervisor
(bnc#903850).
This non-security bug was fixed:
* Increase limit domUloader to 32MB (bnc#901317).
Security Issues:
* CVE-2014-9030
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9030>
* CVE-2014-8867
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8867>
* CVE-2014-7155
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7155>
* CVE-2014-4021
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4021>
* CVE-2014-8595
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8595>
* CVE-2014-8594
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8594>
* CVE-2013-3495
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3495>
* CVE-2014-7156
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7156>
* CVE-2014-7154
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7154>
* CVE-2014-7188
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7188>
* CVE-2014-3124
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3124>
* CVE-2014-2599
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2599>
* CVE-2014-8866
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8866>
SUSE bug 826717SUSE bug 867910SUSE bug 875668SUSE bug 880751SUSE bug 895798SUSE bug 895799SUSE bug 895802SUSE bug 897657SUSE bug 901317SUSE bug 903850SUSE bug 903967SUSE bug 903970SUSE bug 905465SUSE bug 905467SUSE bug 906439CVE-2013-3495 at SUSECVE-2013-3495 at NVDCVE-2014-2599 at SUSECVE-2014-2599 at NVDCVE-2014-3124 at SUSECVE-2014-3124 at NVDCVE-2014-4021 at SUSECVE-2014-4021 at NVDCVE-2014-7154 at SUSECVE-2014-7154 at NVDCVE-2014-7155 at SUSECVE-2014-7155 at NVDCVE-2014-7156 at SUSECVE-2014-7156 at NVDCVE-2014-7188 at SUSECVE-2014-7188 at NVDCVE-2014-8594 at SUSECVE-2014-8594 at NVDCVE-2014-8595 at SUSECVE-2014-8595 at NVDCVE-2014-8866 at SUSECVE-2014-8866 at NVDCVE-2014-8867 at SUSECVE-2014-8867 at NVDCVE-2014-9030 at SUSECVE-2014-9030 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for xen (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
xen was updated to fix eight security issues.
These security issues were fixed:
- CVE-2015-4037: The slirp_smb function in net/slirp.c created temporary files with predictable names, which allowed local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program (bsc#932267).
- CVE-2014-0222: Integer overflow in the qcow_open function allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642).
- CVE-2015-7835: Uncontrolled creation of large page mappings by PV guests (bsc#950367).
- CVE-2015-5239: Integer overflow in vnc_client_read() and protocol_client_msg() (bsc#944463).
- CVE-2015-6815: With e1000 NIC emulation support it was possible to enter an infinite loop (bsc#944697).
- CVE-2015-7969: Leak of main per-domain vcpu pointer array leading to denial of service (bsc#950703).
- CVE-2015-7969: Leak of per-domain profiling- related vcpu pointer array leading to denial of service (bsc#950705).
- CVE-2015-7971: Some pmu and profiling hypercalls log without rate limiting (bsc#950706).
ImportantSUSE bug 877642SUSE bug 932267SUSE bug 944463SUSE bug 944697SUSE bug 950367SUSE bug 950703SUSE bug 950705SUSE bug 950706CVE-2014-0222 at SUSECVE-2014-0222 at NVDCVE-2015-4037 at SUSECVE-2015-4037 at NVDCVE-2015-5239 at SUSECVE-2015-5239 at NVDCVE-2015-6815 at SUSECVE-2015-6815 at NVDCVE-2015-7835 at SUSECVE-2015-7835 at NVDCVE-2015-7969 at SUSECVE-2015-7969 at NVDCVE-2015-7971 at SUSECVE-2015-7971 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for xen (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
xen was updated to fix 27 security issues.
These security issues were fixed:
- CVE-2013-4533: Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm image (bsc#864655).
- CVE-2013-4534: Buffer overflow in hw/intc/openpic.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via vectors related to IRQDest elements (bsc#864811).
- CVE-2013-4537: The ssi_sd_transfer function in hw/sd/ssi-sd.c allowed remote attackers to execute arbitrary code via a crafted arglen value in a savevm image (bsc#864391).
- CVE-2013-4538: Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c allowed remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image (bsc#864769).
- CVE-2013-4539: Multiple buffer overflows in the tsc210x_load function in hw/input/tsc210x.c might have allowed remote attackers to execute arbitrary code via a crafted (1) precision, (2) nextprecision, (3) function, or (4) nextfunction value in a savevm image (bsc#864805).
- CVE-2014-0222: Integer overflow in the qcow_open function in block/qcow.c allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642).
- CVE-2014-3640: The sosendto function in slirp/udp.c allowed local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket (bsc#897654).
- CVE-2014-3689: The vmware-vga driver (hw/display/vmware_vga.c) allowed local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling (bsc#901508).
- CVE-2014-7815: The set_pixel_format function in ui/vnc.c allowed remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value (bsc#902737).
- CVE-2015-5278: Infinite loop in ne2000_receive() function (bsc#945989).
- CVE-2015-7512: Buffer overflow in the pcnet_receive function in hw/net/pcnet.c, when a guest NIC has a larger MTU, allowed remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet (bsc#957162).
- CVE-2015-8504: VNC: floating point exception (bsc#958491).
- CVE-2015-8550: Paravirtualized drivers were incautious about shared memory contents (XSA-155) (bsc#957988).
- CVE-2015-8554: qemu-dm buffer overrun in MSI-X handling (XSA-164) (bsc#958007).
- CVE-2015-8555: Information leak in legacy x86 FPU/XMM initialization (XSA-165) (bsc#958009).
- CVE-2015-8558: Infinite loop in ehci_advance_state resulted in DoS (bsc#959005).
- CVE-2015-8743: ne2000: OOB memory access in ioport r/w functions (bsc#960725).
- CVE-2015-8745: Reading IMR registers lead to a crash via assert(2) call (bsc#960707).
- CVE-2016-1570: The PV superpage functionality in arch/x86/mm.c allowed local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1) MMUEXT_MARK_SUPER or (2) MMUEXT_UNMARK_SUPER sub-op in the HYPERVISOR_mmuext_op hypercall or (3) unknown vectors related to page table updates (bsc#960861).
- CVE-2016-1571: VMX: intercept issue with INVLPG on non-canonical address (XSA-168) (bsc#960862).
- CVE-2016-1714: nvram: OOB r/w access in processing firmware configurations (bsc#961691).
- CVE-2016-1981: e1000 infinite loop in start_xmit and e1000_receive_iov routines (bsc#963782).
- CVE-2016-2270: Xen allowed local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings (bsc#965315).
- CVE-2016-2271: VMX when using an Intel or Cyrix CPU, allowed local HVM guest users to cause a denial of service (guest crash) via vectors related to a non-canonical RIP (bsc#965317).
- CVE-2016-2391: usb: multiple eof_timers in ohci module lead to NULL pointer dereference (bsc#967013).
- CVE-2016-2841: ne2000: Infinite loop in ne2000_receive (bsc#969350).
- XSA-166: ioreq handling possibly susceptible to multiple read issue (bsc#958523).
This non-security issue was fixed:
- bsc#967630: Discrepancy in reported memory size with correction XSA-153 for xend
ImportantSUSE bug 864391SUSE bug 864655SUSE bug 864769SUSE bug 864805SUSE bug 864811SUSE bug 877642SUSE bug 897654SUSE bug 901508SUSE bug 902737SUSE bug 945989SUSE bug 957162SUSE bug 957988SUSE bug 958007SUSE bug 958009SUSE bug 958491SUSE bug 958523SUSE bug 959005SUSE bug 960707SUSE bug 960725SUSE bug 960861SUSE bug 960862SUSE bug 961691SUSE bug 963782SUSE bug 965315SUSE bug 965317SUSE bug 967013SUSE bug 967630SUSE bug 969350CVE-2013-4533 at SUSECVE-2013-4533 at NVDCVE-2013-4534 at SUSECVE-2013-4534 at NVDCVE-2013-4537 at SUSECVE-2013-4537 at NVDCVE-2013-4538 at SUSECVE-2013-4538 at NVDCVE-2013-4539 at SUSECVE-2013-4539 at NVDCVE-2014-0222 at SUSECVE-2014-0222 at NVDCVE-2014-3640 at SUSECVE-2014-3640 at NVDCVE-2014-3689 at SUSECVE-2014-3689 at NVDCVE-2014-7815 at SUSECVE-2014-7815 at NVDCVE-2015-5278 at SUSECVE-2015-5278 at NVDCVE-2015-7512 at SUSECVE-2015-7512 at NVDCVE-2015-8504 at SUSECVE-2015-8504 at NVDCVE-2015-8550 at SUSECVE-2015-8550 at NVDCVE-2015-8554 at SUSECVE-2015-8554 at NVDCVE-2015-8555 at SUSECVE-2015-8555 at NVDCVE-2015-8558 at SUSECVE-2015-8558 at NVDCVE-2015-8743 at SUSECVE-2015-8743 at NVDCVE-2015-8745 at SUSECVE-2015-8745 at NVDCVE-2016-1570 at SUSECVE-2016-1570 at NVDCVE-2016-1571 at SUSECVE-2016-1571 at NVDCVE-2016-1714 at SUSECVE-2016-1714 at NVDCVE-2016-1981 at SUSECVE-2016-1981 at NVDCVE-2016-2270 at SUSECVE-2016-2270 at NVDCVE-2016-2271 at SUSECVE-2016-2271 at NVDCVE-2016-2391 at SUSECVE-2016-2391 at NVDCVE-2016-2841 at SUSECVE-2016-2841 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for xen (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2016-7094: Buffer overflow in Xen allowed local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update (bsc#995792)
- CVE-2016-7092: The get_page_from_l3e function in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables (bsc#995785)
- CVE-2016-6258: The PV pagetable code in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries (bsc#988675)
- CVE-2016-5338: The (1) esp_reg_read and (2) esp_reg_write functions allowed local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the host via vectors related to the information transfer buffer (bsc#983984)
- CVE-2016-5238: The get_cmd function in hw/scsi/esp.c might have allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode (bsc#982960)
- CVE-2014-3672: The qemu implementation in libvirt Xen allowed local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr (bsc#981264)
- CVE-2016-4441: The get_cmd function in the 53C9X Fast SCSI Controller (FSC) support did not properly check DMA length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command (bsc#980724)
- CVE-2016-4439: The esp_reg_write function in the 53C9X Fast SCSI Controller (FSC) support did not properly check command buffer length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the host via unspecified vectors (bsc#980716)
- CVE-2016-3710: The VGA module improperly performed bounds checking on banked access to video memory, which allowed local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the 'Dark Portal' issue (bsc#978164)
- CVE-2016-4480: The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen did not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might have allowed local guest OS users to gain privileges via a crafted mapping of memory (bsc#978295)
- CVE-2016-3960: Integer overflow in the x86 shadow pagetable code allowed local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping (bsc#974038)
- CVE-2016-3158: The xrstor function did not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allowed local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits (bsc#973188)
- CVE-2016-4001: Buffer overflow in the stellaris_enet_receive function, when the Stellaris ethernet controller is configured to accept large packets, allowed remote attackers to cause a denial of service (QEMU crash) via a large packet (bsc#975130)
- CVE-2016-4002: Buffer overflow in the mipsnet_receive function, when the guest NIC is configured to accept large packets, allowed remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes (bsc#975138)
ImportantSUSE bug 973188SUSE bug 974038SUSE bug 975130SUSE bug 975138SUSE bug 978164SUSE bug 978295SUSE bug 980716SUSE bug 980724SUSE bug 981264SUSE bug 982960SUSE bug 983984SUSE bug 988675SUSE bug 995785SUSE bug 995792CVE-2014-3615 at SUSECVE-2014-3615 at NVDCVE-2014-3672 at SUSECVE-2014-3672 at NVDCVE-2016-3158 at SUSECVE-2016-3158 at NVDCVE-2016-3159 at SUSECVE-2016-3159 at NVDCVE-2016-3710 at SUSECVE-2016-3710 at NVDCVE-2016-3960 at SUSECVE-2016-3960 at NVDCVE-2016-4001 at SUSECVE-2016-4001 at NVDCVE-2016-4002 at SUSECVE-2016-4002 at NVDCVE-2016-4439 at SUSECVE-2016-4439 at NVDCVE-2016-4441 at SUSECVE-2016-4441 at NVDCVE-2016-4480 at SUSECVE-2016-4480 at NVDCVE-2016-5238 at SUSECVE-2016-5238 at NVDCVE-2016-5338 at SUSECVE-2016-5338 at NVDCVE-2016-6258 at SUSECVE-2016-6258 at NVDCVE-2016-7092 at SUSECVE-2016-7092 at NVDCVE-2016-7094 at SUSECVE-2016-7094 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for xen (Important)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
xen was updated to fix several security issues.
These security issues were fixed:
- CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host (bsc#1011652).
- CVE-2016-9386: x86 null segments were not always treated as unusable allowing an unprivileged guest user program to elevate its privilege to that of the guest operating system. Exploit of this vulnerability is easy on Intel and more complicated on AMD (bsc#1009100)
- CVE-2016-9382: x86 task switch to VM86 mode was mis-handled, allowing a unprivileged guest process to escalate its privilege to that of the guest operating system on AMD hardware. On Intel hardware a malicious unprivileged guest process can crash the guest (bsc#1009103)
- CVE-2016-9383: The x86 64-bit bit test instruction emulation was broken, allowing a guest to modify arbitrary memory leading to arbitray code execution (bsc#1009107)
- CVE-2016-9381: Improper processing of shared rings allowing guest administrators take over the qemu process, elevating their privilege to that of the qemu process (bsc#1009109)
- CVE-2016-9380: Delimiter injection vulnerabilities in pygrub allowed guest administrators to obtain the contents of sensitive host files or delete the files (bsc#1009111)
- CVE-2016-9379: Delimiter injection vulnerabilities in pygrub allowed guest administrators to obtain the contents of sensitive host files or delete the files (bsc#1009111)
- CVE-2016-7777: Xen did not properly honor CR0.TS and CR0.EM, which allowed local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emulate it (bsc#1000106)
- CVE-2016-8910: The rtl8139_cplus_transmit function in hw/net/rtl8139.c allowed local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count (bsc#1007157)
- CVE-2016-8667: The rc4030_write function in hw/dma/rc4030.c in allowed local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large interval timer reload value (bsc#1005004)
- CVE-2016-8669: The serial_update_parameters function in hw/char/serial.c allowed local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base (bsc#1005005)
- CVE-2016-7908: The mcf_fec_do_tx function in hw/net/mcf_fec.c did not properly limit the buffer descriptor count when transmitting packets, which allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags (bsc#1003030)
- CVE-2016-7909: The pcnet_rdra_addr function in hw/net/pcnet.c allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to 0 (bsc#1003032)
- CVE-2016-6351: The esp_do_dma function in hw/scsi/esp.c, when built with ESP/NCR53C9x controller emulation support, allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or execute arbitrary code on the host via vectors involving DMA read into ESP command buffer (bsc#990843)
This non-security issue was fixed:
- bsc#1000893: virsh setmem didn't allow to set current guest memory to max limit
ImportantSUSE bug 1000106SUSE bug 1000893SUSE bug 1003030SUSE bug 1003032SUSE bug 1005004SUSE bug 1005005SUSE bug 1007157SUSE bug 1009100SUSE bug 1009103SUSE bug 1009107SUSE bug 1009109SUSE bug 1009111SUSE bug 1011652SUSE bug 990843CVE-2016-6351 at SUSECVE-2016-6351 at NVDCVE-2016-7777 at SUSECVE-2016-7777 at NVDCVE-2016-7908 at SUSECVE-2016-7908 at NVDCVE-2016-7909 at SUSECVE-2016-7909 at NVDCVE-2016-8667 at SUSECVE-2016-8667 at NVDCVE-2016-8669 at SUSECVE-2016-8669 at NVDCVE-2016-8910 at SUSECVE-2016-8910 at NVDCVE-2016-9379 at SUSECVE-2016-9379 at NVDCVE-2016-9380 at SUSECVE-2016-9380 at NVDCVE-2016-9381 at SUSECVE-2016-9381 at NVDCVE-2016-9382 at SUSECVE-2016-9382 at NVDCVE-2016-9383 at SUSECVE-2016-9383 at NVDCVE-2016-9386 at SUSECVE-2016-9386 at NVDCVE-2016-9637 at SUSECVE-2016-9637 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Recommended update for KVM and XenSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This collective update for Xen 2012/06 on SUSE Linux Enterprise 11 SP2
provides the following fixes:
Xen
* 757537: xen: CVE-2012-0217 PV guest escalation
* 757970: xen: CVE-2012-0218 guest denial of service on syscall GPF
generation
*
764077: xen: CVE-2012-2934 Report a denial of service issue on old,
pre-SVM AMD CPUs (AMD Erratum 121).
AMD Erratum #121 is described in 'Revision Guide for AMD Athlon 64
and AMD Opteron Processors':
http://support.amd.com/us/Processor_TechDocs/25759.pdf
<http://support.amd.com/us/Processor_TechDocs/25759.pdf>
The following 130nm and 90nm (DDR1-only) AMD processors are subject
to this erratum:
o
First-generation AMD-Opteron(tm) single and dual core
processors in either 939 or 940 packages:
+ AMD Opteron(tm) 100-Series Processors
+ AMD Opteron(tm) 200-Series Processors
+ AMD Opteron(tm) 800-Series Processors
+ AMD Athlon(tm) processors in either 754, 939 or 940
packages
+ AMD Sempron(tm) processor in either 754 or 939 packages
+ AMD Turion(tm) Mobile Technology in 754 package
This issue does not effect Intel processors.
The impact of this flaw is that a malicious PV guest user can halt
the host system.
As this is a hardware flaw, it is not fixable except by upgrading
your hardware to a newer revision, or not allowing untrusted 64bit
guestsystems.
The patch changes the behaviour of the host system booting, which
makes it unable to create guest machines until a specific boot option
is set.
There is a new XEN boot option 'allow_unsafe' for GRUB which allows
the host to start guests again.
This is added to /boot/grub/menu.lst in the line looking like this:
kernel /boot/xen.gz .... allow_unsafe
or add this option to the XEN_APPEND line /etc/sysconfig/bootloader,
like e.g.:
XEN_APPEND='allow_unsafe'
Note: .... in the first example represents the existing boot options
for the host.
*
753165: xen/scripts/network-bridge wont create bridge
* 745880: cpuid setting is not preserved across xend restarts
* 747331: standard 'newburn' kernel QA stress test freezes the guest
* 745367: MCE bank handling during migration
* 744771: VM with passed through PCI card fails to reboot under dom0
load
* 746702: Xen HVM DomU crash during Windows Server 2008 install, when
maxmem > memory
* 745005: Update vif configuration examples in xmexample*
* 743414: using vifname is ignored when defining a xen virtual
interface with xl/libxl
* 739585: Xen block-attach fails after repeated attach/detach
* Fate 310510: fix xenpaging
vm-install
* 760557: Fix error on two virtual discs with conflicting virtual names
* 760023: Can't upgrade an OES 2 (64-bit) XEN Guest Server to OES 11
* 757346: XEN guest OS installation (SLES 11 SP2 guest) fails on SLED
11 SP2
* 742773: vm-install shows bogus error msg without defined installation
source
* KVM: Add 'unsafe' and 'directsync' as options to cache_mode
* KVM: During installation set the target disk to 'unsafe' mode for
better performance.
* 761142: vm-install fails to create its new VM: bogus 'Not enough
space on device' message
* 754906: virt-manager is not allowing to upgrade oes11 to oes11sp1
machine
virt-manager
* 746613: validation error when adding USB redirection
* KVM: Add cache mode support for directsync and unsafe
libvirt
* 747172: PCI device passthrough fails with 'Broadcom NetXtreme II
BCM5709 Gigabit Ethernet' (bnx2) (kvm)
* 745890: Unable to start xen domains with virsh when using libxenlight
toolstack and apparmor
* KVM: Add support for qemu's 'unsafe' cache mode (directsync mode
already there)
virt-utils
* vpc: Round up image size during fixed image creation
* fate 309765: Create images that can be run on Microsoft Hyper-V host
Added the VHD Fixed Disk format support
yast2-vm
* 720929: Upgrade from OES 2 SP2 to OES 11 RC3 re-adds
'x0..respawn..xterm' to inittab
* 733715: Fix typo in relocation-server.pot
Security Issue references:
* CVE-2012-0217
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0217>
* CVE-2012-0218
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0218>
* CVE-2012-2934
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2934>
SUSE bug 720929SUSE bug 733715SUSE bug 739585SUSE bug 742773SUSE bug 743414SUSE bug 744771SUSE bug 745005SUSE bug 745367SUSE bug 745880SUSE bug 745890SUSE bug 746613SUSE bug 746702SUSE bug 747172SUSE bug 747331SUSE bug 753165SUSE bug 754906SUSE bug 757346SUSE bug 757537SUSE bug 757970SUSE bug 760023SUSE bug 760557SUSE bug 761142SUSE bug 764077CVE-2012-0217 at SUSECVE-2012-0217 at NVDCVE-2012-0218 at SUSECVE-2012-0218 at NVDCVE-2012-2934 at SUSECVE-2012-2934 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for Xen and libvirtSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
Xen was updated to fix several security issues:
*
CVE-2012-3433: A xen HVM guest destroy p2m teardown host DoS
vulnerability was fixed, where malicious guest could lock/crash the
host.
*
CVE-2012-3432: A xen HVM guest user mode MMIO emulation DoS was
fixed.
*
CVE-2012-2625: The xen pv bootloader doesn't check the size of the
bzip2 or lzma compressed kernel, leading to denial of service
(crash).
Also the following bug in XEN has been fixed:
* bnc#746702 - Xen HVM DomU crash during Windows Server 2008 R2
install, when maxmem > memory
This update also included bugfixes for:
*
vm-install: - bnc#762963 - ReaR: Unable to recover a paravirtualized
XEN guest
*
virt-manager - SLE11-SP2 ONLY
* bnc#764982 - virt-manager fails to start after upgrade to SLES11 SP2
from SLES10
Security Issue reference:
* CVE-2012-3432
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3432>
SUSE bug 746702SUSE bug 762484SUSE bug 762963SUSE bug 764982SUSE bug 766283SUSE bug 773393SUSE bug 773401SUSE bug 773955CVE-2012-3432 at SUSECVE-2012-3432 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for XenSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
XEN was updated 4.1.3 to fix multiple bugs and security issues.
The following security issues have been fixed:
* CVE-2012-3494: xen: hypercall set_debugreg vulnerability (XSA-12)
* CVE-2012-3495: xen: hypercall physdev_get_free_pirq vulnerability
(XSA-13)
* CVE-2012-3496: xen: XENMEM_populate_physmap DoS vulnerability
(XSA-14)
* CVE-2012-3498: xen: PHYSDEVOP_map_pirq index vulnerability (XSA-16)
* CVE-2012-3515: xen: Qemu VT100 emulation vulnerability (XSA-17)
Also the following bugs have been fixed:
* pvscsi support of attaching Luns - bnc#776995
The following related bugs in vm-install 0.5.12 have been fixed:
* bnc#776300 - vm-install does not pass --extra-args in --upgrade
* Add for support Open Enterprise Server 11
* Add support for Windows 8 and Windows Server 2012
* Add support for Ubuntu 12 (Precise Pangolin)
Security Issue references:
* CVE-2012-3496
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3496>
* CVE-2012-3494
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3494>
* CVE-2012-3495
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3495>
* CVE-2012-3498
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3498>
* CVE-2012-3515
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3515>
SUSE bug 776300SUSE bug 776995SUSE bug 777084SUSE bug 777086SUSE bug 777088SUSE bug 777090SUSE bug 777091CVE-2012-3494 at SUSECVE-2012-3494 at NVDCVE-2012-3495 at SUSECVE-2012-3495 at NVDCVE-2012-3496 at SUSECVE-2012-3496 at NVDCVE-2012-3498 at SUSECVE-2012-3498 at NVDCVE-2012-3515 at SUSECVE-2012-3515 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for XenSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
XEN was updated to fix various bugs and security issues:
The following security issues have been fixed:
* CVE-2012-4544: xen: Domain builder Out-of-memory due to malicious
kernel/ramdisk (XSA 25)
* CVE-2012-4411: XEN / qemu: guest administrator can access qemu
monitor console (XSA-19)
* CVE-2012-4535: xen: Timer overflow DoS vulnerability (XSA 20)
* CVE-2012-4536: xen: pirq range check DoS vulnerability (XSA 21)
* CVE-2012-4537: xen: Memory mapping failure DoS vulnerability (XSA 22)
* CVE-2012-4538: xen: Unhooking empty PAE entries DoS vulnerability
(XSA 23)
* CVE-2012-4539: xen: Grant table hypercall infinite loop DoS
vulnerability (XSA 24)
* CVE-2012-3497: xen: multiple TMEM hypercall vulnerabilities (XSA-15)
Also the following bugs have been fixed and upstream patches have been
applied:
*
bnc#784087 - L3: Xen BUG at io_apic.c:129
26102-x86-IOAPIC-legacy-not-first.patch
*
Upstream patches merged:
26054-x86-AMD-perf-ctr-init.patch
26055-x86-oprof-hvm-mode.patch
26056-page-alloc-flush-filter.patch
26061-x86-oprof-counter-range.patch
26062-ACPI-ERST-move-data.patch
26063-x86-HPET-affinity-lock.patch
26093-HVM-PoD-grant-mem-type.patch
25931-x86-domctl-iomem-mapping-checks.patch
25952-x86-MMIO-remap-permissions.patch
25808-domain_create-return-value.patch
25814-x86_64-set-debugreg-guest.patch
25815-x86-PoD-no-bug-in-non-translated.patch
25816-x86-hvm-map-pirq-range-check.patch
25833-32on64-bogus-pt_base-adjust.patch
25834-x86-S3-MSI-resume.patch
25835-adjust-rcu-lock-domain.patch
25836-VT-d-S3-MSI-resume.patch
25850-tmem-xsa-15-1.patch
25851-tmem-xsa-15-2.patch
25852-tmem-xsa-15-3.patch
25853-tmem-xsa-15-4.patch
25854-tmem-xsa-15-5.patch
25855-tmem-xsa-15-6.patch
25856-tmem-xsa-15-7.patch
25857-tmem-xsa-15-8.patch
25858-tmem-xsa-15-9.patch
25859-tmem-missing-break.patch
25860-tmem-cleanup.patch
25883-pt-MSI-cleanup.patch
25927-x86-domctl-ioport-mapping-range.patch
25929-tmem-restore-pool-version.patch
*
bnc#778105 - first XEN-PV VM fails to spawn
xend: Increase wait time for disk to appear in host bootloader
Modified existing xen-domUloader.diff
25752-ACPI-pm-op-valid-cpu.patch
25754-x86-PoD-early-access.patch
25755-x86-PoD-types.patch
25756-x86-MMIO-max-mapped-pfn.patch
Security Issue references:
* CVE-2012-4539
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4539>
* CVE-2012-3497
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3497>
* CVE-2012-4411
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4411>
* CVE-2012-4535
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4535>
* CVE-2012-4537
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4537>
* CVE-2012-4536
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4536>
* CVE-2012-4538
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4538>
* CVE-2012-4539
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4539>
* CVE-2012-4544
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4544>
SUSE bug 777890SUSE bug 778105SUSE bug 779212SUSE bug 784087SUSE bug 786516SUSE bug 786517SUSE bug 786518SUSE bug 786519SUSE bug 786520SUSE bug 787163CVE-2012-3497 at SUSECVE-2012-3497 at NVDCVE-2012-4411 at SUSECVE-2012-4411 at NVDCVE-2012-4535 at SUSECVE-2012-4535 at NVDCVE-2012-4536 at SUSECVE-2012-4536 at NVDCVE-2012-4537 at SUSECVE-2012-4537 at NVDCVE-2012-4538 at SUSECVE-2012-4538 at NVDCVE-2012-4539 at SUSECVE-2012-4539 at NVDCVE-2012-4544 at SUSECVE-2012-4544 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for XenSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
XEN has been updated to 4.1.5 c/s 23509 to fix various bugs and security
issues.
The following security issues have been fixed:
*
CVE-2013-1918: Certain page table manipulation operations in Xen
4.1.x, 4.2.x, and earlier were not preemptible, which allowed local
PV kernels to cause a denial of service via vectors related to deep
page table traversal.
*
CVE-2013-1952: Xen 4.x, when using Intel VT-d for a bus mastering
capable PCI device, did not properly check the source when accessing
a bridge devices interrupt remapping table entries for MSI
interrupts, which allowed local guest domains to cause a denial of
service (interrupt injection) via unspecified vectors.
*
CVE-2013-2076: A information leak in the XSAVE/XRSTOR instructions
could be used to determine state of floating point operations in
other domains.
*
CVE-2013-2077: A denial of service (hypervisor crash) was possible
due to missing exception recovery on XRSTOR, that could be used to
crash the machine by PV guest users.
*
CVE-2013-2078: A denial of service (hypervisor crash) was possible
due to missing exception recovery on XSETBV, that could be used to
crash the machine by PV guest users.
*
CVE-2013-2072: Systems which allow untrusted administrators to
configure guest vcpu affinity may be exploited to trigger a buffer
overrun and corrupt memory.
*
CVE-2013-1917: Xen 3.1 through 4.x, when running 64-bit hosts on
Intel CPUs, did not clear the NT flag when using an IRET after a
SYSENTER instruction, which allowed PV guest users to cause a denial
of service (hypervisor crash) by triggering a #GP fault, which is not
properly handled by another IRET instruction.
*
CVE-2013-1919: Xen 4.2.x and 4.1.x did not properly restrict access
to IRQs, which allowed local stub domain clients to gain access to
IRQs and cause a denial of service via vectors related to
'passed-through IRQs or PCI devices.'
*
CVE-2013-1920: Xen 4.2.x, 4.1.x, and earlier, when the hypervisor is
running 'under memory pressure' and the Xen Security Module (XSM) is
enabled, used the wrong ordering of operations when extending the
per-domain event channel tracking table, which caused a
use-after-free and allowed local guest kernels to inject arbitrary
events and gain privileges via unspecified vectors.
*
CVE-2013-1964: Xen 4.0.x and 4.1.x incorrectly released a grant
reference when releasing a non-v1, non-transitive grant, which
allowed local guest administrators to cause a denial of service (host
crash), obtain sensitive information, or possible have other impacts
via unspecified vectors.
Bugfixes:
*
Upstream patches from Jan
26956-x86-mm-preemptible-cleanup.patch
27071-x86-IO-APIC-fix-guest-RTE-write-corner-cases.patch
27072-x86-shadow-fix-off-by-one-in-MMIO-permission-check.patch
27079-fix-XSA-46-regression-with-xend-xm.patch
27083-AMD-iommu-SR56x0-Erratum-64-Reset-all-head-tail-pointers.patch
*
Update to Xen 4.1.5 c/s 23509
There were many xen.spec file patches dropped as now being included
in the 4.1.5 tarball.
*
bnc#809662 - can't use pv-grub to start domU (pygrub does work)
xen.spec
*
Upstream patches from Jan
26702-powernow-add-fixups-for-AMD-P-state-figures.patch
26704-x86-MCA-suppress-bank-clearing-for-certain-injected-events.patch
26731-AMD-IOMMU-Process-softirqs-while-building-dom0-iommu-mappings.patch
26733-VT-d-Enumerate-IOMMUs-when-listing-capabilities.patch
26734-ACPI-ERST-Name-table-in-otherwise-opaque-error-messages.patch
26736-ACPI-APEI-Unlock-apei_iomaps_lock-on-error-path.patch
26737-ACPI-APEI-Add-apei_exec_run_optional.patch
26742-IOMMU-properly-check-whether-interrupt-remapping-is-enabled.patch
26743-VT-d-deal-with-5500-5520-X58-errata.patch
26744-AMD-IOMMU-allow-disabling-only-interrupt-remapping.patch
26749-x86-reserve-pages-when-SandyBridge-integrated-graphics.patch
26765-hvm-Clean-up-vlapic_reg_write-error-propagation.patch
26770-x86-irq_move_cleanup_interrupt-must-ignore-legacy-vectors.patch
26771-x86-S3-Restore-broken-vcpu-affinity-on-resume.patch
26772-VMX-Always-disable-SMEP-when-guest-is-in-non-paging-mode.patch
26773-x86-mm-shadow-spurious-warning-when-unmapping-xenheap-pages.patch
26799-x86-don-t-pass-negative-time-to-gtime_to_gtsc.patch
26851-iommu-crash-Interrupt-remapping-is-also-disabled-on-crash.patch
*
bnc#814709 - Unable to create XEN virtual machines in SLED 11 SP2 on
Kyoto
xend-cpuinfo-model-name.patch
*
Upstream patches from Jan
26536-xenoprof-div-by-0.patch
26578-AMD-IOMMU-replace-BUG_ON.patch
26656-x86-fix-null-pointer-dereference-in-intel_get_extended_msrs.patch
26659-AMD-IOMMU-erratum-746-workaround.patch
26660-x86-fix-CMCI-injection.patch
26672-vmx-fix-handling-of-NMI-VMEXIT.patch
26673-Avoid-stale-pointer-when-moving-domain-to-another-cpupool.patch
26676-fix-compat-memory-exchange-op-splitting.patch
26677-x86-make-certain-memory-sub-ops-return-valid-values.patch
26678-SEDF-avoid-gathering-vCPU-s-on-pCPU0.patch
26679-x86-defer-processing-events-on-the-NMI-exit-path.patch
26683-credit1-Use-atomic-bit-operations-for-the-flags-structure.patch
26692-x86-MSI-fully-protect-MSI-X-table.patch
Security Issue references:
* CVE-2013-1917
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1917>
* CVE-2013-1918
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1918>
* CVE-2013-1919
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1919>
* CVE-2013-1920
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1920>
* CVE-2013-1952
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1952>
* CVE-2013-1964
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1964>
* CVE-2013-2072
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2072>
* CVE-2013-2076
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2076>
* CVE-2013-2077
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2077>
* CVE-2013-2078
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2078>
SUSE bug 801663SUSE bug 809662SUSE bug 813673SUSE bug 813675SUSE bug 813677SUSE bug 814709SUSE bug 816156SUSE bug 816159SUSE bug 816163SUSE bug 819416SUSE bug 820917SUSE bug 820919SUSE bug 820920CVE-2013-1917 at SUSECVE-2013-1917 at NVDCVE-2013-1918 at SUSECVE-2013-1918 at NVDCVE-2013-1919 at SUSECVE-2013-1919 at NVDCVE-2013-1920 at SUSECVE-2013-1920 at NVDCVE-2013-1952 at SUSECVE-2013-1952 at NVDCVE-2013-1964 at SUSECVE-2013-1964 at NVDCVE-2013-2072 at SUSECVE-2013-2072 at NVDCVE-2013-2076 at SUSECVE-2013-2076 at NVDCVE-2013-2077 at SUSECVE-2013-2077 at NVDCVE-2013-2078 at SUSECVE-2013-2078 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for XenSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
XEN has been updated to version 4.1.6 which fixes various bugs and security
issues.
* CVE-2013-4416: XSA-72: Fixed ocaml xenstored that mishandled
oversized message replies.
* CVE-2013-4355: XSA-63: Fixed information leaks through I/O
instruction emulation
* CVE-2013-4361: XSA-66: Fixed information leak through fbld
instruction emulation
* CVE-2013-4368: XSA-67: Fixed information leak through outs
instruction emulation
* CVE-2013-1442: XSA-62: Fixed information leak on AVX and/or LWP
capable CPUs
* CVE-2013-4329: XSA-61: libxl partially sets up HVM passthrough even
with disabled iommu
* CVE-2013-1432: XSA-58: x86: fix page refcount handling in page table
pin error path
* CVE-2013-2211: XSA-57: libxl allows guest write access to sensitive
console related xenstore keys
* xen: XSA-55: Multiple vulnerabilities in libelf PV kernel handling
(CVE-2013-2194 CVE-2013-2195 CVE-2013-2196)
Various bugs have also been fixed:
* Improvements to block-dmmd script (bnc#828623)
* MTU size on Dom0 gets reset when booting DomU with e1000 device
(bnc#840196)
* In HP's UEFI x86_64 platform and with xen environment, in booting
stage ,xen hypervisor will panic. (bnc#833251)
* Xen: migration broken from xsave-capable to xsave-incapable host
(bnc#833796)
* In xen, 'shutdown -y 0 -h' cannot power off system (bnc#834751)
* In HP's UEFI x86_64 platform and sles11sp3 with xen environment, xen
hypervisor will panic on multiple blades nPar. (bnc#839600)
* Failed to setup devices for vm instance when start multiple vms
simultaneously (bnc#824676)
* migrate.py support of short options dropped by PTF (bnc#824676)
* after live migration rcu_sched_state detected stalls add new option
xm migrate --min_remaing (bnc#803712)
* various upstream fixes have been included
Security Issue references:
* CVE-2013-1432
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1432>
* CVE-2013-1442
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1442>
* CVE-2013-2194
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2194>
* CVE-2013-2195
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2195>
* CVE-2013-2196
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2196>
* CVE-2013-2211
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2211>
* CVE-2013-4329
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4329>
* CVE-2013-4355
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4355>
* CVE-2013-4361
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4361>
* CVE-2013-4368
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4368>
* CVE-2013-4416
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4416>
SUSE bug 803712SUSE bug 823011SUSE bug 823608SUSE bug 823786SUSE bug 824676SUSE bug 826882SUSE bug 828623SUSE bug 833251SUSE bug 833796SUSE bug 834751SUSE bug 839596SUSE bug 839600SUSE bug 839618SUSE bug 840196SUSE bug 840592SUSE bug 841766SUSE bug 842511SUSE bug 845520CVE-2013-1432 at SUSECVE-2013-1432 at NVDCVE-2013-1442 at SUSECVE-2013-1442 at NVDCVE-2013-2194 at SUSECVE-2013-2194 at NVDCVE-2013-2195 at SUSECVE-2013-2195 at NVDCVE-2013-2196 at SUSECVE-2013-2196 at NVDCVE-2013-2211 at SUSECVE-2013-2211 at NVDCVE-2013-4329 at SUSECVE-2013-4329 at NVDCVE-2013-4355 at SUSECVE-2013-4355 at NVDCVE-2013-4361 at SUSECVE-2013-4361 at NVDCVE-2013-4368 at SUSECVE-2013-4368 at NVDCVE-2013-4416 at SUSECVE-2013-4416 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for XenSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
Xen has been updated to fix a security issue and a bug:
* CVE-2013-4494: XSA-73: A lock order reversal between page allocation
and grant table locks could lead to host crashes or even host code
execution.
A non-security bug has also been fixed:
* It is possible to start a VM twice on the same node (bnc#840997)
Security Issue references:
* CVE-2013-4494
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4494>
SUSE bug 840997SUSE bug 848657CVE-2013-4494 at SUSECVE-2013-4494 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for XenSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
The SUSE Linux Enterprise Server 11 Service Pack 2 LTSS Xen hypervisor and
toolset has been updated to fix various security issues and several bugs.
The following security issues have been addressed:
*
XSA-88: CVE-2014-1950: Use-after-free vulnerability in the
xc_cpupool_getinfo function in Xen 4.1.x through 4.3.x, when using a
multithreaded toolstack, does not properly handle a failure by the
xc_cpumap_alloc function, which allows local users with access to
management functions to cause a denial of service (heap corruption)
and possibly gain privileges via unspecified vectors. (bnc#861256)
*
XSA-87: CVE-2014-1666: The do_physdev_op function in Xen 4.1.5,
4.1.6.1, 4.2.2 through 4.2.3, and 4.3.x does not properly restrict
access to the (1) PHYSDEVOP_prepare_msix and (2)
PHYSDEVOP_release_msix operations, which allows local PV guests to
cause a denial of service (host or guest malfunction) or possibly
gain privileges via unspecified vectors. (bnc#860302)
*
XSA-84: CVE-2014-1894: Xen 3.2 (and presumably earlier) exhibit both
problems with the overflow issue being present for more than just the
suboperations listed above. (bnc#860163)
*
XSA-84: CVE-2014-1892 CVE-2014-1893: Xen 3.3 through 4.1, while not
affected by the above overflow, have a different overflow issue on
FLASK_{GET,SET}BOOL and expose unreasonably large memory allocation
to aribitrary guests. (bnc#860163)
*
XSA-84: CVE-2014-1891: The FLASK_{GET,SET}BOOL, FLASK_USER and
FLASK_CONTEXT_TO_SID suboperations of the flask hypercall are
vulnerable to an integer overflow on the input size. The hypercalls
attempt to allocate a buffer which is 1 larger than this size and is
therefore vulnerable to integer overflow and an attempt to allocate
then access a zero byte buffer. (bnc#860163)
*
XSA-82: CVE-2013-6885: The microcode on AMD 16h 00h through 0Fh
processors does not properly handle the interaction between locked
instructions and write-combined memory types, which allows local
users to cause a denial of service (system hang) via a crafted
application, aka the errata 793 issue. (bnc#853049)
*
XSA-76: CVE-2013-4554: Xen 3.0.3 through 4.1.x (possibly 4.1.6.1),
4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly
prevent access to hypercalls, which allows local guest users to gain
privileges via a crafted application running in ring 1 or 2.
(bnc#849668)
*
XSA-74: CVE-2013-4553: The XEN_DOMCTL_getmemlist hypercall in Xen
3.4.x through 4.3.x (possibly 4.3.1) does not always obtain the
page_alloc_lock and mm_rwlock in the same order, which allows local
guest administrators to cause a denial of service (host deadlock).
(bnc#849667)
*
XSA-60: CVE-2013-2212: The vmx_set_uc_mode function in Xen 3.3
through 4.3, when disabling chaches, allows local HVM guests with
access to memory mapped I/O regions to cause a denial of service (CPU
consumption and possibly hypervisor or guest kernel panic) via a
crafted GFN range. (bnc#831120)
Also the following non-security bugs have been fixed:
* Boot Failure with xen kernel in UEFI mode with error 'No memory for
trampoline' (bnc#833483)
* Fixed Xen hypervisor panic on 8-blades nPar with 46-bit memory
addressing. (bnc#848014)
* In HP's UEFI x86_64 platform and sles11sp3 with xen environment, dom0
will soft lockup on multiple blades nPar. (bnc#842417)
* Soft lockup with PCI passthrough and many VCPUs (bnc#846849)
Security Issue references:
* CVE-2013-2212
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2212>
* CVE-2013-4553
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4553>
* CVE-2013-4554
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4554>
* CVE-2013-6885
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885>
* CVE-2014-1666
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1666>
* CVE-2014-1891
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1891>
* CVE-2014-1892
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1892>
* CVE-2014-1893
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1893>
* CVE-2014-1894
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1894>
* CVE-2014-1950
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1950>
SUSE bug 831120SUSE bug 833483SUSE bug 842417SUSE bug 846849SUSE bug 848014SUSE bug 849667SUSE bug 849668SUSE bug 853049SUSE bug 860163SUSE bug 860302SUSE bug 861256CVE-2013-2212 at SUSECVE-2013-2212 at NVDCVE-2013-4553 at SUSECVE-2013-4553 at NVDCVE-2013-4554 at SUSECVE-2013-4554 at NVDCVE-2013-6885 at SUSECVE-2013-6885 at NVDCVE-2014-1666 at SUSECVE-2014-1666 at NVDCVE-2014-1891 at SUSECVE-2014-1891 at NVDCVE-2014-1892 at SUSECVE-2014-1892 at NVDCVE-2014-1893 at SUSECVE-2014-1893 at NVDCVE-2014-1894 at SUSECVE-2014-1894 at NVDCVE-2014-1950 at SUSECVE-2014-1950 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for XenSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
The Virtualization service XEN was updated to fix various bugs and security
issues.
The following security issues have been fixed:
*
CVE-2015-2756: XSA-126: Unmediated PCI command register access in
qemu could have lead to denial of service attacks against the host,
if PCI cards are passed through to guests.
*
XSA-125: Long latency MMIO mapping operations were not preemptible.
*
CVE-2015-2151: XSA-123: Instructions with register operands ignored
eventual segment overrides encoded for them. Due to an insufficiently
conditional assignment such a bogus segment override could have,
however, corrupted a pointer used subsequently to store the result of
the instruction.
*
CVE-2015-2045: XSA-122: The code handling certain sub-operations of
the HYPERVISOR_xen_version hypercall failed to fully initialize all
fields of structures subsequently copied back to guest memory. Due to
this hypervisor stack contents were copied into the destination of
the operation, thus becoming visible to the guest.
*
CVE-2015-2044: XSA-121: Emulation routines in the hypervisor dealing
with certain system devices checked whether the access size by the
guest is a supported one. When the access size is unsupported these
routines failed to set the data to be returned to the guest for read
accesses, so that hypervisor stack contents were copied into the
destination of the operation, thus becoming visible to the guest.
Also fixed:
* Regular crashes of dom-0 on different servers due to races in MCE
access were fixed. bsc#907755
Security Issues:
* CVE-2015-2044
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2044>
* CVE-2015-2045
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2045>
* CVE-2015-2151
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2151>
* CVE-2015-2756
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2756>
SUSE bug 907755SUSE bug 918995SUSE bug 918998SUSE bug 919464SUSE bug 922705SUSE bug 922706CVE-2015-2044 at SUSECVE-2015-2044 at NVDCVE-2015-2045 at SUSECVE-2015-2045 at NVDCVE-2015-2151 at SUSECVE-2015-2151 at NVDCVE-2015-2756 at SUSECVE-2015-2756 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for XenSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
Xen was updated to fix six security issues:
* CVE-2015-4103: Potential unintended writes to host MSI message data
field via qemu. (XSA-128, bsc#931625)
* CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests.
(XSA-129, bsc#931626)
* CVE-2015-4105: Guest triggerable qemu MSI-X pass-through error
messages. (XSA-130, bsc#931627)
* CVE-2015-4106: Unmediated PCI register access in qemu. (XSA-131,
bsc#931628)
* CVE-2015-3209: Heap overflow in qemu pcnet controller allowing guest
to host escape. (XSA-135, bsc#932770)
* CVE-2015-4164: DoS through iret hypercall handler. (XSA-136,
bsc#932996)
Security Issues:
* CVE-2015-4103
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4103>
* CVE-2015-4104
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4104>
* CVE-2015-4105
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4105>
* CVE-2015-4106
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4106>
* CVE-2015-4163
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4163>
* CVE-2015-4164
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4164>
* CVE-2015-3209
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3209>
SUSE bug 931625SUSE bug 931626SUSE bug 931627SUSE bug 931628SUSE bug 932770SUSE bug 932996CVE-2015-3209 at SUSECVE-2015-3209 at NVDCVE-2015-4103 at SUSECVE-2015-4103 at NVDCVE-2015-4104 at SUSECVE-2015-4104 at NVDCVE-2015-4105 at SUSECVE-2015-4105 at NVDCVE-2015-4106 at SUSECVE-2015-4106 at NVDCVE-2015-4163 at SUSECVE-2015-4163 at NVDCVE-2015-4164 at SUSECVE-2015-4164 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for xen (Moderate)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
This update fixes the following security issues:
- bsc#956832 - CVE-2015-8345: xen: qemu: net: eepro100:
infinite loop in processing command block list
- bsc#956408 - CVE-2015-8339, CVE-2015-8340: xen:
XENMEM_exchange error handling issues (XSA-159)
xsa159.patch
- bsc#956411 - CVE-2015-7504: xen: heap buffer overflow
vulnerability in pcnet emulator (XSA-162)
- bsc#954405 - CVE-2015-8104: Xen: guest to host DoS by
triggering an infinite loop in microcode via #DB exception
- bsc#953527 - CVE-2015-5307: kernel: kvm/xen: x86: avoid
guest->host DOS by intercepting #AC (XSA-156)
- bsc#950704 - CVE-2015-7970: xen: x86: Long latency
populate-on-demand operation is not preemptible (XSA-150)
- bsc#951845 - CVE-2015-7972: xen: x86: populate-on-demand
balloon size inaccuracy can crash guests (XSA-153)
- bsc#950703 - CVE-2015-7969: xen: leak of main per-domain
vcpu pointer array (DoS) (XSA-149)
- bsc#950705 - CVE-2015-7969: xen: x86: leak of per-domain
profiling-related vcpu pointer array (DoS) (XSA-151)
- bsc#950706 - CVE-2015-7971: xen: x86: some pmu and
profiling hypercalls log without rate limiting (XSA-152) ModerateSUSE bug 950703SUSE bug 950704SUSE bug 950705SUSE bug 950706SUSE bug 951845SUSE bug 953527SUSE bug 954405SUSE bug 956408SUSE bug 956411SUSE bug 956832CVE-2015-5307 at SUSECVE-2015-5307 at NVDCVE-2015-7504 at SUSECVE-2015-7504 at NVDCVE-2015-7969 at SUSECVE-2015-7969 at NVDCVE-2015-7970 at SUSECVE-2015-7970 at NVDCVE-2015-7971 at SUSECVE-2015-7971 at NVDCVE-2015-7972 at SUSECVE-2015-7972 at NVDCVE-2015-8104 at SUSECVE-2015-8104 at NVDCVE-2015-8339 at SUSECVE-2015-8339 at NVDCVE-2015-8340 at SUSECVE-2015-8340 at NVDCVE-2015-8345 at SUSECVE-2015-8345 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for xinetdSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
Xinetd receives a LTSS rollup update to fix two security issues:
* CVE-2012-0862: xinetd enabled all services when tcp multiplexing is
used.
* CVE-2013-4342: xinetd ignored user and group directives for tcpmux
services, running services as root.
While both issues are not so problematic on their own, in combination the
impact is greater and enabling tcpmux would be risky.
Security Issues:
* CVE-2013-4342
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4342>
* CVE-2012-0862
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0862>
SUSE bug 762294SUSE bug 844230CVE-2012-0862 at SUSECVE-2012-0862 at NVDCVE-2013-4342 at SUSECVE-2013-4342 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for xorg-x11-serverSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes the following security issue with xorg-x11-server:
* bnc#853846: integer underflow when handling trapezoids
(CVE-2013-6424)
Security Issue reference:
* CVE-2013-6424
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6424>
SUSE bug 743450SUSE bug 743810SUSE bug 744625SUSE bug 774315SUSE bug 782319SUSE bug 787170SUSE bug 813178SUSE bug 813683SUSE bug 814653SUSE bug 816813SUSE bug 843652SUSE bug 853846CVE-2013-1940 at SUSECVE-2013-1940 at NVDCVE-2013-4396 at SUSECVE-2013-4396 at NVDCVE-2013-6424 at SUSECVE-2013-6424 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for xorg-x11SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update fixes a stack buffer overflow in xorg-x11 in the
bdfReadCharacters() function. CVE-2013-6462 has been assigned to this
issue.
Security Issue reference:
* CVE-2013-6462
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6462>
SUSE bug 815451SUSE bug 821663SUSE bug 854915CVE-2013-1984 at SUSECVE-2013-1984 at NVDCVE-2013-1985 at SUSECVE-2013-1985 at NVDCVE-2013-1986 at SUSECVE-2013-1986 at NVDCVE-2013-1988 at SUSECVE-2013-1988 at NVDCVE-2013-1990 at SUSECVE-2013-1990 at NVDCVE-2013-1991 at SUSECVE-2013-1991 at NVDCVE-2013-1992 at SUSECVE-2013-1992 at NVDCVE-2013-1995 at SUSECVE-2013-1995 at NVDCVE-2013-1996 at SUSECVE-2013-1996 at NVDCVE-2013-1998 at SUSECVE-2013-1998 at NVDCVE-2013-1999 at SUSECVE-2013-1999 at NVDCVE-2013-2000 at SUSECVE-2013-2000 at NVDCVE-2013-2001 at SUSECVE-2013-2001 at NVDCVE-2013-2003 at SUSECVE-2013-2003 at NVDCVE-2013-2063 at SUSECVE-2013-2063 at NVDCVE-2013-6462 at SUSECVE-2013-6462 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for xorg-x11-libX11SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update of xorg-x11-libX11 fixes several security issues (bnc#815451,
bnc#821664).
Security Issue references:
* CVE-2013-1981
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1981>
* CVE-2013-1997
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1997>
* CVE-2013-2004
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2004>
SUSE bug 815451SUSE bug 821664CVE-2013-1981 at SUSECVE-2013-1981 at NVDCVE-2013-1997 at SUSECVE-2013-1997 at NVDCVE-2013-2004 at SUSECVE-2013-2004 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for xorg-x11-libX11 (Moderate)SUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server 11 SP2-LTSS
xorg-x11-libX11 was updated to fix one security issue.
This security issue was fixed:
- CVE-2013-7439: Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allowed remote attackers to have unspecified impact via a crafted request, which triggered a buffer overflow (bsc#927220).
ModerateSUSE bug 927220CVE-2013-7439 at SUSECVE-2013-7439 at NVDcpe:/o:suse:suse_sles:11:sp2cpe:/o:suse:suse_sles_ltss:11:sp2Security update for xorg-x11-libXextSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update of xorg-x11-libXext fixes several integer overflow issues
(bnc#815451, bnc#821665, CVE-2013-1982)
Security Issue reference:
* CVE-2013-1982
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1982>
SUSE bug 815451SUSE bug 821665CVE-2013-1982 at SUSECVE-2013-1982 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for xorg-x11-libXfixesSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update of xorg-x11-libXfixes fixes a integer overflow issue
(bnc#815451, bnc#821667, CVE-2013-1983).
Security Issue reference:
* CVE-2013-1983
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1983>
SUSE bug 815451SUSE bug 821667CVE-2013-1983 at SUSECVE-2013-1983 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for xorg-x11-libXpSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update of xorg-x11-libXp fixes several integer overflow issues
(bnc#815451, bnc#821668, CVE-2013-2062).
Security Issue reference:
* CVE-2013-2062
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2062>
SUSE bug 815451SUSE bug 821668CVE-2013-2062 at SUSECVE-2013-2062 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for xorg-x11-libXrenderSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update of xorg-x11-libXrender fixes several integer overflow issues
(bnc#815451, bnc#821669, CVE-2013-1987).
Security Issue reference:
* CVE-2013-1987
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1987>
SUSE bug 815451SUSE bug 821669CVE-2013-1987 at SUSECVE-2013-1987 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for xorg-x11-libXtSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update of xorg-x11-libXt fixes several integer and buffer overflow
issues (bnc#815451, bnc#821670, CVE-2013-2002, CVE-2013-2005).
Security Issue references:
* CVE-2013-2002
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2002>
* CVE-2013-2005
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2005>
SUSE bug 815451SUSE bug 821670CVE-2013-2002 at SUSECVE-2013-2002 at NVDCVE-2013-2005 at SUSECVE-2013-2005 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for xorg-x11-libXvSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update of xorg-x11-libXv fixes several integer and buffer overflow
issues (bnc#815451, bnc#821671, CVE-2013-1989, CVE-2013-2066).
Security Issue references:
* CVE-2013-1989
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1989>
* CVE-2013-2066
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2066>
SUSE bug 815451SUSE bug 821671CVE-2013-1989 at SUSECVE-2013-1989 at NVDCVE-2013-2066 at SUSECVE-2013-2066 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for xorg-x11-libxcbSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update for xorg-x11-libxcb addresses the following security issues:
* Fix a deadlock with multi-threaded applications running on real time
kernels. (bnc#818829)
* Fix an integer overflow in read_packet(). (bnc#821584, CVE-2013-2064)
Security Issues:
* CVE-2013-2064
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2064>
SUSE bug 818829SUSE bug 821584CVE-2013-2064 at SUSECVE-2013-2064 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Recommended update for xorg-x11-server-rdpSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update for X.Org's RDP server (xorg-x11-server-rdp) resolves a problem
in the idletime counter that could cause excessive wake-ups, using a lot of
CPU time.
SUSE bug 746949SUSE bug 770683CVE-2010-2240 at SUSECVE-2010-2240 at NVDCVE-2011-4028 at SUSECVE-2011-4028 at NVDCVE-2011-4029 at SUSECVE-2011-4029 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Recommended update for yast2-networkSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
This update for YaST's Network Configuration module (yast2-network)
provides the following fixes:
* Do not propose bridge devices when virtualization is used on s390x.
(bnc#817943)
* Fixed parsing of hostname in DNS module. (bnc#813232)
* Added loading tun/tap settings from netconfig. (bnc#793367)
* Fixed biosdevname renaming in case of buggy SMBIOS. (bnc#821427)
SUSE bug 719881SUSE bug 747844SUSE bug 748251SUSE bug 749365SUSE bug 752464SUSE bug 769081SUSE bug 769175SUSE bug 778665SUSE bug 779531SUSE bug 781330SUSE bug 782283SUSE bug 790202SUSE bug 790219SUSE bug 793367SUSE bug 796580SUSE bug 810525SUSE bug 813232SUSE bug 813835SUSE bug 817006SUSE bug 817943SUSE bug 821427CVE-2012-0425 at SUSECVE-2012-0425 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for zypperSUSE Linux Enterprise Server 11 SP2SUSE Linux Enterprise Server for SAP Applications 11 SP2
The following issue has been fixed:
* The zypper setuid wrapper linked against libzypp. This is not needed
and added unnecessary attack vectors. CVE-2012-0420 has been assigned
to this issue.
Security Issue reference:
* CVE-2012-0420
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0420>
SUSE bug 770630CVE-2012-0420 at SUSECVE-2012-0420 at NVDcpe:/o:suse:sles_sap:11:sp2cpe:/o:suse:suse_sles:11:sp2Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 102.10.0 ESR
Placeholder changelog-entry (bsc#1210212)
ImportantSUSE bug 1210212cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
MozillaFirefox was updated to version 24.6.0 to fix six security issues:
* Miscellaneous memory safety hazards. (CVE-2014-1533, CVE-2014-1534)
* Use-after-free and out of bounds issues found using Address
Sanitizer. (CVE-2014-1536, CVE-2014-1537, CVE-2014-1538)
* Use-after-free with SMIL Animation Controller. (CVE-2014-1541)
mozilla-nspr was updated to version 4.10.6 to fix one security issue:
* Out of bounds write in NSPR. (CVE-2014-1545)
Further information can be found at
https://www.mozilla.org/security/announce/
<https://www.mozilla.org/security/announce/> .
Security Issues references:
* CVE-2014-1533
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1533>
* CVE-2014-1534
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1534>
* CVE-2014-1536
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1536>
* CVE-2014-1537
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1537>
* CVE-2014-1538
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1538>
* CVE-2014-1541
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1541>
* CVE-2014-1545
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1545>
SUSE bug 881874CVE-2014-1533 at SUSECVE-2014-1533 at NVDCVE-2014-1534 at SUSECVE-2014-1534 at NVDCVE-2014-1536 at SUSECVE-2014-1536 at NVDCVE-2014-1537 at SUSECVE-2014-1537 at NVDCVE-2014-1538 at SUSECVE-2014-1538 at NVDCVE-2014-1541 at SUSECVE-2014-1541 at NVDCVE-2014-1545 at SUSECVE-2014-1545 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for Image MagickSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
ImageMagick has been updated to fix four security issues:
* Crafted jpeg file could have lead to a Denial of Service
(CVE-2014-8716).
* Out-of-bounds memory access in resize code (CVE-2014-8354)
* Out-of-bounds memory access in PCX parser (CVE-2014-8355).
* Out-of-bounds memory error in DCM decode (CVE-2014-8562).
Security Issues:
* CVE-2014-8716
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8716>
* CVE-2014-8355
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8355>
* CVE-2014-8354
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8354>
* CVE-2014-8562
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8562>
SUSE bug 863838SUSE bug 903204SUSE bug 903216SUSE bug 903638SUSE bug 905260CVE-2014-1947 at SUSECVE-2014-1947 at NVDCVE-2014-8354 at SUSECVE-2014-8354 at NVDCVE-2014-8355 at SUSECVE-2014-8355 at NVDCVE-2014-8562 at SUSECVE-2014-8562 at NVDCVE-2014-8716 at SUSECVE-2014-8716 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
Security issues fixed:
- Several coders were vulnerable to remote code execution attacks,
these coders have now been disabled. They can be re-enabled by
exporting the following environment variable
MAGICK_CODER_MODULE_PATH=/usr/lib64/ImageMagick-6.4.3/modules-Q16/coders/vulnerable/
(bsc#978061)
- CVE-2016-3714: Insufficient shell characters filtering leads to
(potentially remote) code execution
- CVE-2016-3715: Possible file deletion by using ImageMagick's
'ephemeral' pseudo protocol which deletes files after reading.
- CVE-2016-3716: Possible file moving by using ImageMagick's 'msl'
pseudo protocol with any extension in any folder.
- CVE-2016-3717: Possible local file read by using ImageMagick's
'label' pseudo protocol to get content of the files from the server.
- CVE-2016-3718: Possible Server Side Request Forgery (SSRF) to make
HTTP GET or FTP request.
Bugs fixed:
- Use external svg loader (rsvg) ImportantSUSE bug 978061CVE-2016-3714 at SUSECVE-2016-3714 at NVDCVE-2016-3715 at SUSECVE-2016-3715 at NVDCVE-2016-3716 at SUSECVE-2016-3716 at NVDCVE-2016-3717 at SUSECVE-2016-3717 at NVDCVE-2016-3718 at SUSECVE-2016-3718 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
- bsc#978061: A vulnerability in ImageMagick's 'https' module allowed users to
execute arbitrary shell commands on the host performing the image conversion.
The issue had the potential for remote command injection. This update mitigates
the vulnerability by disabling all access to the 'https' module in the
'delegates.xml' config file. (CVE-2016-3714)
ImportantSUSE bug 978061CVE-2016-3714 at SUSECVE-2016-3714 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2016-5118: popen() shell vulnerability via filenames (bsc#982178)
ImportantSUSE bug 982178CVE-2016-5118 at SUSECVE-2016-5118 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
ImageMagick was updated to fix 55 security issues.
These security issues were fixed:
- CVE-2014-9810: SEGV in dpx file handler (bsc#983803).
- CVE-2014-9811: Crash in xwd file handler (bsc#984032).
- CVE-2014-9812: NULL pointer dereference in ps file handling (bsc#984137).
- CVE-2014-9813: Crash on corrupted viff file (bsc#984035).
- CVE-2014-9814: NULL pointer dereference in wpg file handling (bsc#984193).
- CVE-2014-9815: Crash on corrupted wpg file (bsc#984372).
- CVE-2014-9816: Out of bound access in viff image (bsc#984398).
- CVE-2014-9817: Heap buffer overflow in pdb file handling (bsc#984400).
- CVE-2014-9818: Out of bound access on malformed sun file (bsc#984181).
- CVE-2014-9819: Heap overflow in palm files (bsc#984142).
- CVE-2014-9830: Handling of corrupted sun file (bsc#984135).
- CVE-2014-9831: Handling of corrupted wpg file (bsc#984375).
- CVE-2014-9836: Crash in xpm file handling (bsc#984023).
- CVE-2014-9851: Crash when parsing resource block (bsc#984160).
- CVE-2016-5689: NULL ptr dereference in dcm coder (bsc#985460).
- CVE-2014-9853: Memory leak in rle file handling (bsc#984408).
- CVE-2015-8902: PDB file DoS (CPU consumption) (bsc#983253).
- CVE-2015-8903: Denial of service (cpu) in vicar (bsc#983259).
- CVE-2015-8901: MIFF file DoS (endless loop) (bsc#983234).
- CVE-2014-9834: Heap overflow in pict file (bsc#984436).
- CVE-2014-9806: Prevent file descriptr leak due to corrupted file (bsc#983774).
- CVE-2014-9838: Out of memory crash in magick/cache.c (bsc#984370).
- CVE-2014-9854: Filling memory during identification of TIFF image (bsc#984184).
- CVE-2015-8898: Prevent null pointer access in magick/constitute.c (bsc#983746).
- CVE-2015-8894: Double free in coders/tga.c:221 (bsc#983523).
- CVE-2015-8896: Double free / integer truncation issue in coders/pict.c:2000 (bsc#983533).
- CVE-2015-8897: Out of bounds error in SpliceImage (bsc#983739).
- CVE-2016-5690: Bad foor loop in DCM coder (bsc#985451).
- CVE-2016-5691: Checks for pixel.red/green/blue in dcm coder (bsc#985456).
- CVE-2014-9805: SEGV due to a corrupted pnm file. (bsc#983752).
- CVE-2014-9808: SEGV due to corrupted dpc images. (bsc#983796).
- CVE-2014-9820: heap overflow in xpm files (bsc#984150).
- CVE-2014-9823: heap overflow in palm file (bsc#984401).
- CVE-2014-9822: heap overflow in quantum file (bsc#984187).
- CVE-2014-9839: Theoretical out of bound access in magick/colormap-private.h (bsc#984379).
- CVE-2014-9824: Heap overflow in psd file (bsc#984185).
- CVE-2014-9809: Fix a SEGV due to corrupted xwd images. (bsc#983799).
- CVE-2014-9826: Incorrect error handling in sun files (bsc#984186).
- CVE-2014-9842: Memory leak in psd handling (bsc#984374).
- CVE-2016-5687: Out of bounds read in DDS coder (bsc#985448).
- CVE-2014-9840: Out of bound access in palm file (bsc#984433).
- CVE-2014-9847: Incorrect handling of 'previous' image in the JNG decoder (bsc#984144).
- CVE-2014-9846: Added checks to prevent overflow in rle file. (bsc#983521).
- CVE-2014-9845: Crash due to corrupted dib file (bsc#984394).
- CVE-2014-9844: Out of bound issue in rle file (bsc#984373).
- CVE-2014-9849: Crash in png coder (bsc#984018).
- CVE-2016-5688: Various invalid memory reads in ImageMagick WPG (bsc#985442).
- CVE-2014-9807: Fix a double free in pdb coder. (bsc#983794).
- CVE-2014-9829: Out of bound access in sun file (bsc#984409).
- CVE-2016-4564: The DrawImage function in MagickCore/draw.c in ImageMagick made an incorrect function call in attempting to locate the next token, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983308).
- CVE-2016-4563: The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick mishandled the relationship between the BezierQuantum value and certain strokes data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983305).
- CVE-2016-4562: The DrawDashPolygon function in MagickCore/draw.c in ImageMagick mishandled calculations of certain vertices integer data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983292).
- CVE-2014-9837: Additional PNM sanity checks (bsc#984166).
- CVE-2014-9835: Heap overflow in wpf file (bsc#984145).
- CVE-2014-9828: Corrupted (too many colors) psd file (bsc#984028).
- CVE-2016-5841: Integer overflow could have read to RCE (bnc#986609).
- CVE-2016-5842: Out-of-bounds read in MagickCore/property.c:1396 could have lead to memory leak (bnc#986608).
ImportantSUSE bug 983234SUSE bug 983253SUSE bug 983259SUSE bug 983292SUSE bug 983305SUSE bug 983308SUSE bug 983521SUSE bug 983523SUSE bug 983533SUSE bug 983739SUSE bug 983746SUSE bug 983752SUSE bug 983774SUSE bug 983794SUSE bug 983796SUSE bug 983799SUSE bug 983803SUSE bug 984018SUSE bug 984023SUSE bug 984028SUSE bug 984032SUSE bug 984035SUSE bug 984135SUSE bug 984137SUSE bug 984142SUSE bug 984144SUSE bug 984145SUSE bug 984150SUSE bug 984160SUSE bug 984166SUSE bug 984181SUSE bug 984184SUSE bug 984185SUSE bug 984186SUSE bug 984187SUSE bug 984193SUSE bug 984370SUSE bug 984372SUSE bug 984373SUSE bug 984374SUSE bug 984375SUSE bug 984379SUSE bug 984394SUSE bug 984398SUSE bug 984400SUSE bug 984401SUSE bug 984408SUSE bug 984409SUSE bug 984433SUSE bug 984436SUSE bug 985442SUSE bug 985448SUSE bug 985451SUSE bug 985456SUSE bug 985460SUSE bug 986608SUSE bug 986609CVE-2014-9805 at SUSECVE-2014-9805 at NVDCVE-2014-9806 at SUSECVE-2014-9806 at NVDCVE-2014-9807 at SUSECVE-2014-9807 at NVDCVE-2014-9808 at SUSECVE-2014-9808 at NVDCVE-2014-9809 at SUSECVE-2014-9809 at NVDCVE-2014-9810 at SUSECVE-2014-9810 at NVDCVE-2014-9811 at SUSECVE-2014-9811 at NVDCVE-2014-9812 at SUSECVE-2014-9812 at NVDCVE-2014-9813 at SUSECVE-2014-9813 at NVDCVE-2014-9814 at SUSECVE-2014-9814 at NVDCVE-2014-9815 at SUSECVE-2014-9815 at NVDCVE-2014-9816 at SUSECVE-2014-9816 at NVDCVE-2014-9817 at SUSECVE-2014-9817 at NVDCVE-2014-9818 at SUSECVE-2014-9818 at NVDCVE-2014-9819 at SUSECVE-2014-9819 at NVDCVE-2014-9820 at SUSECVE-2014-9820 at NVDCVE-2014-9822 at SUSECVE-2014-9822 at NVDCVE-2014-9823 at SUSECVE-2014-9823 at NVDCVE-2014-9824 at SUSECVE-2014-9824 at NVDCVE-2014-9826 at SUSECVE-2014-9826 at NVDCVE-2014-9828 at SUSECVE-2014-9828 at NVDCVE-2014-9829 at SUSECVE-2014-9829 at NVDCVE-2014-9830 at SUSECVE-2014-9830 at NVDCVE-2014-9831 at SUSECVE-2014-9831 at NVDCVE-2014-9834 at SUSECVE-2014-9834 at NVDCVE-2014-9835 at SUSECVE-2014-9835 at NVDCVE-2014-9836 at SUSECVE-2014-9836 at NVDCVE-2014-9837 at SUSECVE-2014-9837 at NVDCVE-2014-9838 at SUSECVE-2014-9838 at NVDCVE-2014-9839 at SUSECVE-2014-9839 at NVDCVE-2014-9840 at SUSECVE-2014-9840 at NVDCVE-2014-9842 at SUSECVE-2014-9842 at NVDCVE-2014-9844 at SUSECVE-2014-9844 at NVDCVE-2014-9845 at SUSECVE-2014-9845 at NVDCVE-2014-9846 at SUSECVE-2014-9846 at NVDCVE-2014-9847 at SUSECVE-2014-9847 at NVDCVE-2014-9849 at SUSECVE-2014-9849 at NVDCVE-2014-9851 at SUSECVE-2014-9851 at NVDCVE-2014-9853 at SUSECVE-2014-9853 at NVDCVE-2014-9854 at SUSECVE-2014-9854 at NVDCVE-2015-8894 at SUSECVE-2015-8894 at NVDCVE-2015-8896 at SUSECVE-2015-8896 at NVDCVE-2015-8897 at SUSECVE-2015-8897 at NVDCVE-2015-8898 at SUSECVE-2015-8898 at NVDCVE-2015-8901 at SUSECVE-2015-8901 at NVDCVE-2015-8902 at SUSECVE-2015-8902 at NVDCVE-2015-8903 at SUSECVE-2015-8903 at NVDCVE-2016-4562 at SUSECVE-2016-4562 at NVDCVE-2016-4563 at SUSECVE-2016-4563 at NVDCVE-2016-4564 at SUSECVE-2016-4564 at NVDCVE-2016-5687 at SUSECVE-2016-5687 at NVDCVE-2016-5688 at SUSECVE-2016-5688 at NVDCVE-2016-5689 at SUSECVE-2016-5689 at NVDCVE-2016-5690 at SUSECVE-2016-5690 at NVDCVE-2016-5691 at SUSECVE-2016-5691 at NVDCVE-2016-5841 at SUSECVE-2016-5841 at NVDCVE-2016-5842 at SUSECVE-2016-5842 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
- security update:
* CVE-2016-6520: buffer overflow [bsc#991872]
* CVE-2016-6491: Out-of-bounds read in CopyMagickMemory [bsc#991445]
ModerateSUSE bug 991445SUSE bug 991872CVE-2016-6491 at SUSECVE-2016-6491 at NVDCVE-2016-6520 at SUSECVE-2016-6520 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
These vulnerabilities could be triggered by processing specially crafted image files,
which could lead to a process crash or resource consumtion, or potentially have
unspecified futher impact.
- CVE-2016-8862: Memory allocation failure in AcquireMagickMemory (bsc#1007245)
- CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714)
- CVE-2015-8959: DOS due to corrupted DDS files (bsc#1000713)
- CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711)
- CVE-2016-6823: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066)
- CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688)
- CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689)
- CVE-2016-7529: out of bound in quantum handling (bsc#1000399)
- CVE-2016-7101: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221)
- CVE-2016-7527: out of bound access in wpg file coder: (bsc#1000436)
- CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629)
- CVE-2016-7528: out of bound access in xcf file coder (bsc#1000434)
- CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127)
- CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125)
- CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123)
- Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209)
- CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701)
- CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700)
- CVE-2016-7530: Out of bound in quantum handling (bsc#1000703)
- CVE-2016-7531: Pbd file out of bound access (bsc#1000704)
- CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707)
- CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709)
- CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698)
- CVE-2016-7517: out-of-bounds read in coders/pict.c (bsc#1000693)
- CVE-2016-7516: Out of bounds problem in rle, pict, viff and sun files (bsc#1000692)
- CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691)
- CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690)
- CVE-2016-7519: out-of-bounds read in coders/rle.c (bsc#1000695)
- CVE-2016-7518: out-of-bounds read in coders/sun.c (bsc#1000694)
- CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422)
- CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699)
- CVE-2016-7799: mogrify global buffer overflow (bsc#1002421)
ImportantSUSE bug 1000399SUSE bug 1000434SUSE bug 1000436SUSE bug 1000688SUSE bug 1000689SUSE bug 1000690SUSE bug 1000691SUSE bug 1000692SUSE bug 1000693SUSE bug 1000694SUSE bug 1000695SUSE bug 1000698SUSE bug 1000699SUSE bug 1000700SUSE bug 1000701SUSE bug 1000703SUSE bug 1000704SUSE bug 1000707SUSE bug 1000709SUSE bug 1000711SUSE bug 1000713SUSE bug 1000714SUSE bug 1001066SUSE bug 1001221SUSE bug 1002209SUSE bug 1002421SUSE bug 1002422SUSE bug 1003629SUSE bug 1005123SUSE bug 1005125SUSE bug 1005127SUSE bug 1007245CVE-2014-9907 at SUSECVE-2014-9907 at NVDCVE-2015-8957 at SUSECVE-2015-8957 at NVDCVE-2015-8958 at SUSECVE-2015-8958 at NVDCVE-2015-8959 at SUSECVE-2015-8959 at NVDCVE-2016-5687 at SUSECVE-2016-5687 at NVDCVE-2016-6823 at SUSECVE-2016-6823 at NVDCVE-2016-7101 at SUSECVE-2016-7101 at NVDCVE-2016-7514 at SUSECVE-2016-7514 at NVDCVE-2016-7515 at SUSECVE-2016-7515 at NVDCVE-2016-7516 at SUSECVE-2016-7516 at NVDCVE-2016-7517 at SUSECVE-2016-7517 at NVDCVE-2016-7518 at SUSECVE-2016-7518 at NVDCVE-2016-7519 at SUSECVE-2016-7519 at NVDCVE-2016-7522 at SUSECVE-2016-7522 at NVDCVE-2016-7523 at SUSECVE-2016-7523 at NVDCVE-2016-7524 at SUSECVE-2016-7524 at NVDCVE-2016-7525 at SUSECVE-2016-7525 at NVDCVE-2016-7526 at SUSECVE-2016-7526 at NVDCVE-2016-7527 at SUSECVE-2016-7527 at NVDCVE-2016-7528 at SUSECVE-2016-7528 at NVDCVE-2016-7529 at SUSECVE-2016-7529 at NVDCVE-2016-7530 at SUSECVE-2016-7530 at NVDCVE-2016-7531 at SUSECVE-2016-7531 at NVDCVE-2016-7533 at SUSECVE-2016-7533 at NVDCVE-2016-7535 at SUSECVE-2016-7535 at NVDCVE-2016-7537 at SUSECVE-2016-7537 at NVDCVE-2016-7799 at SUSECVE-2016-7799 at NVDCVE-2016-7800 at SUSECVE-2016-7800 at NVDCVE-2016-7996 at SUSECVE-2016-7996 at NVDCVE-2016-7997 at SUSECVE-2016-7997 at NVDCVE-2016-8682 at SUSECVE-2016-8682 at NVDCVE-2016-8683 at SUSECVE-2016-8683 at NVDCVE-2016-8684 at SUSECVE-2016-8684 at NVDCVE-2016-8862 at SUSECVE-2016-8862 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
* CVE-2016-9556: Possible Heap-overflow found by fuzzing [bsc#1011130]
* CVE-2016-9559: Possible Null pointer access found by fuzzing [bsc#1011136]
* CVE-2016-8707: Possible code execution in the tiff deflate convert code [bsc#1014159]
* CVE-2016-9773: Possible Heap overflow in IsPixelGray [bsc#1013376]
* CVE-2016-8866: Possible memory allocation failure in AcquireMagickMemory [bsc#1009318]
ModerateSUSE bug 1009318SUSE bug 1011130SUSE bug 1011136SUSE bug 1013376SUSE bug 1014159CVE-2016-7530 at SUSECVE-2016-7530 at NVDCVE-2016-8707 at SUSECVE-2016-8707 at NVDCVE-2016-8866 at SUSECVE-2016-8866 at NVDCVE-2016-9556 at SUSECVE-2016-9556 at NVDCVE-2016-9559 at SUSECVE-2016-9559 at NVDCVE-2016-9773 at SUSECVE-2016-9773 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2016-10046: Prevent buffer overflow in draw.c caused by an incorrect length calculation (bsc#1017308)
- CVE-2016-10048: Arbitrary module could have been load because relative path were not escaped (bsc#1017310)
- CVE-2016-10049: Corrupt RLE files could have overflowed a buffer due to a incorrect length calculation (bsc#1017311)
- CVE-2016-10050: Corrupt RLE files could have overflowed a heap buffer due to a missing offset check (bsc#1017312)
- CVE-2016-10051: Fixed use after free when reading PWP files (bsc#1017313)
- CVE-2016-10052: Added bound check to exif parsing of JPEG files (bsc#1017314).
- CVE-2016-10059: Unchecked calculation when reading TIFF files could have lead to a buffer overflow (bsc#1017318)
- CVE-2016-10060: Improved error handling when writing files to not mask errors (bsc#1017319).
- CVE-2016-10063: Check validity of extend during TIFF file reading (bsc#1017320).
- CVE-2016-10064: Improved checks for buffer overflow when reading TIFF files (bsc#1017321)
- CVE-2016-10065: Unchecked calculations when reading VIFF files could have lead to out of bound reads (bsc#1017322)
- CVE-2016-10068: Prevent NULL pointer access when using the MSL interpreter (bsc#1017324)
- CVE-2016-10070: Prevent allocating the wrong amount of memory when reading mat files (bsc#1017326)
- CVE-2016-10071: Prevent allocating the wrong amount of memory when reading mat files (bsc#1017326).
- CVE-2016-10144: Added a check after allocating memory when parsing IPL files (bsc#1020433).
- CVE-2016-10145: Fixed of-by-one in string copy operation when parsing WPG files (bsc#1020435).
- CVE-2016-10146: Captions and labels were handled incorrectly, causing a memory leak that could have lead to DoS (bsc#1020443)
- CVE-2017-5506: Missing offset check leading to a double-free (bsc#1020436).
- CVE-2017-5507: Fixed a memory leak when reading MPC files allowing for DoS (bsc#1020439).
- CVE-2017-5508: Increase the amount of memory allocated for TIFF pixels to prevent a heap buffer-overflow (bsc#1020441).
- CVE-2017-5511: A missing cast when reading PSD files could have caused memory corruption by a heap overflow (bsc#1020448)
This update removes the fix for CVE-2016-9773. ImageMagick-6 was not affected by CVE-2016-9773 and it caused a regression (at least in GraphicsMagick) (bsc#1017421).
ModerateSUSE bug 1017308SUSE bug 1017310SUSE bug 1017311SUSE bug 1017312SUSE bug 1017313SUSE bug 1017314SUSE bug 1017318SUSE bug 1017319SUSE bug 1017320SUSE bug 1017321SUSE bug 1017322SUSE bug 1017324SUSE bug 1017326SUSE bug 1017421SUSE bug 1020433SUSE bug 1020435SUSE bug 1020436SUSE bug 1020439SUSE bug 1020441SUSE bug 1020443SUSE bug 1020448CVE-2016-10046 at SUSECVE-2016-10046 at NVDCVE-2016-10048 at SUSECVE-2016-10048 at NVDCVE-2016-10049 at SUSECVE-2016-10049 at NVDCVE-2016-10050 at SUSECVE-2016-10050 at NVDCVE-2016-10051 at SUSECVE-2016-10051 at NVDCVE-2016-10052 at SUSECVE-2016-10052 at NVDCVE-2016-10059 at SUSECVE-2016-10059 at NVDCVE-2016-10060 at SUSECVE-2016-10060 at NVDCVE-2016-10063 at SUSECVE-2016-10063 at NVDCVE-2016-10064 at SUSECVE-2016-10064 at NVDCVE-2016-10065 at SUSECVE-2016-10065 at NVDCVE-2016-10068 at SUSECVE-2016-10068 at NVDCVE-2016-10070 at SUSECVE-2016-10070 at NVDCVE-2016-10071 at SUSECVE-2016-10071 at NVDCVE-2016-10144 at SUSECVE-2016-10144 at NVDCVE-2016-10145 at SUSECVE-2016-10145 at NVDCVE-2016-10146 at SUSECVE-2016-10146 at NVDCVE-2017-5506 at SUSECVE-2017-5506 at NVDCVE-2017-5507 at SUSECVE-2017-5507 at NVDCVE-2017-5508 at SUSECVE-2017-5508 at NVDCVE-2017-5511 at SUSECVE-2017-5511 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for ImageMagick (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick provides the following fixes:
- Fix segmentation fault when wrong parameter supplied to conjure command (bsc#1027480).
- Improve CVE-2016-7518 patch to fix sun coder (bsc#1028079 comment 5).
LowSUSE bug 1027480SUSE bug 1028079CVE-2016-7518 at SUSECVE-2016-7518 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
This security issue was fixed:
- CVE-2017-7941: The ReadSGIImage function in sgi.c allowed remote attackers to consume an
amount of available memory via a crafted file (bsc#1034876).
- CVE-2017-8351: ImageMagick, GraphicsMagick: denial of service (memory leak) via a crafted
file (ReadPCDImage func in pcd.c) (bsc#1036986).
- CVE-2017-8352: denial of service (memory leak) via a crafted file (ReadXWDImage func in
xwd.c) (bsc#1036987)
- CVE-2017-8349: denial of service (memory leak) via a crafted file (ReadSFWImage func in
sfw.c) (bsc#1036984)
- CVE-2017-8350: denial of service (memory leak) via a crafted file (ReadJNGImage function in
png.c) (bsc#1036985)
- CVE-2017-8345: denial of service (memory leak) via a crafted file (ReadMNGImage func in
png.c) (bsc#1036980)
- CVE-2017-8346: denial of service (memory leak) via a crafted file (ReadDCMImage func in
dcm.c) (bsc#1036981)
- CVE-2017-8353: denial of service (memory leak) via a crafted file (ReadPICTImage func in
pict.c) (bsc#1036988)
- CVE-2017-8830: denial of service (memory leak) via a crafted file (ReadBMPImage func in
bmp.c:1379) (bsc#1038000)
- CVE-2017-7606: denial of service (application crash) or possibly have unspecified other
impact via a crafted image (bsc#1033091)
- CVE-2017-8765: memory leak vulnerability via a crafted ICON file (ReadICONImage in
coders\icon.c) (bsc#1037527)
- CVE-2017-8355: denial of service (memory leak) via a crafted file (ReadMTVImage func in
mtv.c) (bsc#1036990)
- CVE-2017-8344: denial of service (memory leak) via a crafted file (ReadPCXImage func in
pcx.c) (bsc#1036978)
- CVE-2017-9098: uninitialized memory usage in the ReadRLEImage RLE decoder
function coders/rle.c (bsc#1040025)
- CVE-2017-9141: Missing checks in the ReadDDSImage function in
coders/dds.c could lead to a denial of service (assertion) (bsc#1040303)
- CVE-2017-9142: Missing checks in theReadOneJNGImage function in
coders/png.c could lead to denial of service (assertion) (bsc#1040304)
- CVE-2017-9143: A possible denial of service attack via crafted .art
file in ReadARTImage function in coders/art.c (bsc#1040306)
- CVE-2017-9144: A crafted RLE image can trigger a crash in coders/rle.c
could lead to a denial of service (crash) (bsc#1040332)
ModerateSUSE bug 1033091SUSE bug 1034870SUSE bug 1034872SUSE bug 1034876SUSE bug 1036976SUSE bug 1036978SUSE bug 1036980SUSE bug 1036981SUSE bug 1036983SUSE bug 1036984SUSE bug 1036985SUSE bug 1036986SUSE bug 1036987SUSE bug 1036988SUSE bug 1036989SUSE bug 1036990SUSE bug 1037527SUSE bug 1038000SUSE bug 1040025SUSE bug 1040303SUSE bug 1040304SUSE bug 1040306SUSE bug 1040332CVE-2014-9846 at SUSECVE-2014-9846 at NVDCVE-2016-10050 at SUSECVE-2016-10050 at NVDCVE-2017-7606 at SUSECVE-2017-7606 at NVDCVE-2017-7941 at SUSECVE-2017-7941 at NVDCVE-2017-7942 at SUSECVE-2017-7942 at NVDCVE-2017-7943 at SUSECVE-2017-7943 at NVDCVE-2017-8344 at SUSECVE-2017-8344 at NVDCVE-2017-8345 at SUSECVE-2017-8345 at NVDCVE-2017-8346 at SUSECVE-2017-8346 at NVDCVE-2017-8348 at SUSECVE-2017-8348 at NVDCVE-2017-8349 at SUSECVE-2017-8349 at NVDCVE-2017-8350 at SUSECVE-2017-8350 at NVDCVE-2017-8351 at SUSECVE-2017-8351 at NVDCVE-2017-8352 at SUSECVE-2017-8352 at NVDCVE-2017-8353 at SUSECVE-2017-8353 at NVDCVE-2017-8354 at SUSECVE-2017-8354 at NVDCVE-2017-8355 at SUSECVE-2017-8355 at NVDCVE-2017-8357 at SUSECVE-2017-8357 at NVDCVE-2017-8765 at SUSECVE-2017-8765 at NVDCVE-2017-8830 at SUSECVE-2017-8830 at NVDCVE-2017-9098 at SUSECVE-2017-9098 at NVDCVE-2017-9141 at SUSECVE-2017-9141 at NVDCVE-2017-9142 at SUSECVE-2017-9142 at NVDCVE-2017-9143 at SUSECVE-2017-9143 at NVDCVE-2017-9144 at SUSECVE-2017-9144 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2017-9439: A memory leak was found in the function ReadPDBImage incoders/pdb.c (bsc#1042826)
- CVE-2017-9501: An assertion failure could cause a denial of service via a crafted file (bsc#1043289)
- CVE-2017-11403: ReadMNGImage function in coders/png.c has an out-of-order CloseBlob call, resulting
in a use-after-free via acrafted file (bsc#1049072)
ImportantSUSE bug 1042826SUSE bug 1043289SUSE bug 1049072CVE-2017-11403 at SUSECVE-2017-11403 at NVDCVE-2017-9439 at SUSECVE-2017-9439 at NVDCVE-2017-9501 at SUSECVE-2017-9501 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes several issues.
These security issues were fixed:
- CVE-2017-11534: Processing a crafted file in convert could have lead to a
Memory Leak in the lite_font_map() function in coders/wmf.c (bsc#1050135).
- CVE-2017-13133: The load_level function in coders/xcf.c lacked offset
validation, which allowed attackers to cause a denial of service (load_tile
memory exhaustion) via a crafted file (bsc#1055219).
- CVE-2017-13139: The ReadOneMNGImage function in coders/png.c had an
out-of-bounds read with the MNG CLIP chunk (bsc#1055430).
- CVE-2017-15033: Fixed a memory leak in ReadYUVImage in coders/yuv.c
(bsc#1061873).
ModerateSUSE bug 1050135SUSE bug 1055219SUSE bug 1055430SUSE bug 1061873CVE-2017-11534 at SUSECVE-2017-11534 at NVDCVE-2017-13133 at SUSECVE-2017-13133 at NVDCVE-2017-13139 at SUSECVE-2017-13139 at NVDCVE-2017-15033 at SUSECVE-2017-15033 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
* CVE-2017-14607: out of bounds read flaw related to ReadTIFFImagehas
could possibly disclose potentially sensitive memory [bsc#1059778]
* CVE-2017-11640: NULL pointer deref in WritePTIFImage() in coders/tiff.c [bsc#1050632]
* CVE-2017-14342: a memory exhaustion vulnerability in ReadWPGImage
in coders/wpg.c could lead to denial of service [bsc#1058485]
* CVE-2017-14341: Infinite loop in the ReadWPGImage function [bsc#1058637]
* CVE-2017-16546: problem in the function ReadWPGImage in coders/wpg.c
could lead to denial of service [bsc#1067181]
* CVE-2017-16545: The ReadWPGImage function in coders/wpg.c in
validation problems could lead to denial of service [bsc#1067184]
* CVE-2017-14175: Lack of End of File check could lead to denial of service [bsc#1057719]
* CVE-2017-13769: denial of service issue in function WriteTHUMBNAILImage in coders/thumbnail.c [bsc#1056432]
* CVE-2017-13134: a heap-based buffer over-read was found in thefunction SFWScan
in coders/sfw.c, which allows attackers to cause adenial of service via a crafted file. [bsc#1055214]
* CVE-2017-11478: ReadOneDJVUImage in coders/djvu.c in ImageMagick allows remote attackers to cause a DoS [bsc#1049796]
* CVE-2017-15930: Null Pointer dereference while transfering JPEG scanlines could lead to denial of service [bsc#1066003]
* CVE-2017-12983: Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c
allows remote attackers to cause a denial of service [bsc#1054757]
* CVE-2017-14531: memory exhaustion issue in ReadSUNImage incoders/sun.c. [bsc#1059666]
* CVE-2017-12435: Memory exhaustion in ReadSUNImage in coders/sun.c,
which allows attackers to cause denial of service [bsc#1052553]
* CVE-2017-12587: User controlable large loop in the ReadPWPImage in coders\pwp.c could lead to denial of service [bsc#1052450]
* CVE-2017-14173: unction ReadTXTImage is vulnerable to a integer overflow that could lead to denial of service [bsc#1057729]
* CVE-2017-11188: ImageMagick: The ReadDPXImage function in codersdpx.c in ImageMagick 7.0.6-0 has a largeloop vulnerability that can cause CPU exhaustion via a crafted DPX file, relatedto lack of an EOF check. [bnc#1048457]
* CVE-2017-11527: ImageMagick: ReadDPXImage in coders/dpx.c allows remote attackers to cause DoS [bnc#1050116]
* CVE-2017-11535: GraphicsMagick, ImageMagick: Heap-based buffer over-read in WritePSImage() in coders/ps.c [bnc#1050139]
* CVE-2017-11752: ImageMagick: ReadMAGICKImage in coders/magick.c allows to cause DoS [bnc#1051441]
* CVE-2017-12140: ImageMagick: ReadDCMImage in codersdcm.c has a ninteger signedness error leading to excessive memory consumption [bnc#1051847]
* CVE-2017-12669: ImageMagick: Memory leak in WriteCALSImage in coders/cals.c [bnc#1052689]
* CVE-2017-12662: GraphicsMagick, ImageMagick: Memory leak in WritePDFImage in coders/pdf.c [bnc#1052758]
* CVE-2017-12644: ImageMagick: Memory leak in ReadDCMImage in codersdcm.c [bnc#1052764]
* CVE-2017-14172: ImageMagick: Lack of end of file check in ReadPSImage() could lead to a denial of service [bnc#1057730]
* CVE-2017-14733: GraphicsMagick: Heap overflow on ReadRLEImage in coders/rle.c could lead to denial of service [bnc#1060577]
ImportantSUSE bug 1048457SUSE bug 1049796SUSE bug 1050116SUSE bug 1050139SUSE bug 1050632SUSE bug 1051441SUSE bug 1051847SUSE bug 1052450SUSE bug 1052553SUSE bug 1052689SUSE bug 1052758SUSE bug 1052764SUSE bug 1054757SUSE bug 1055214SUSE bug 1056432SUSE bug 1057719SUSE bug 1057729SUSE bug 1057730SUSE bug 1058485SUSE bug 1058637SUSE bug 1059666SUSE bug 1059778SUSE bug 1060577SUSE bug 1066003SUSE bug 1067181SUSE bug 1067184CVE-2017-11188 at SUSECVE-2017-11188 at NVDCVE-2017-11478 at SUSECVE-2017-11478 at NVDCVE-2017-11527 at SUSECVE-2017-11527 at NVDCVE-2017-11535 at SUSECVE-2017-11535 at NVDCVE-2017-11640 at SUSECVE-2017-11640 at NVDCVE-2017-11752 at SUSECVE-2017-11752 at NVDCVE-2017-12140 at SUSECVE-2017-12140 at NVDCVE-2017-12435 at SUSECVE-2017-12435 at NVDCVE-2017-12587 at SUSECVE-2017-12587 at NVDCVE-2017-12644 at SUSECVE-2017-12644 at NVDCVE-2017-12662 at SUSECVE-2017-12662 at NVDCVE-2017-12669 at SUSECVE-2017-12669 at NVDCVE-2017-12983 at SUSECVE-2017-12983 at NVDCVE-2017-13134 at SUSECVE-2017-13134 at NVDCVE-2017-13769 at SUSECVE-2017-13769 at NVDCVE-2017-14172 at SUSECVE-2017-14172 at NVDCVE-2017-14173 at SUSECVE-2017-14173 at NVDCVE-2017-14175 at SUSECVE-2017-14175 at NVDCVE-2017-14341 at SUSECVE-2017-14341 at NVDCVE-2017-14342 at SUSECVE-2017-14342 at NVDCVE-2017-14531 at SUSECVE-2017-14531 at NVDCVE-2017-14607 at SUSECVE-2017-14607 at NVDCVE-2017-14733 at SUSECVE-2017-14733 at NVDCVE-2017-15930 at SUSECVE-2017-15930 at NVDCVE-2017-16545 at SUSECVE-2017-16545 at NVDCVE-2017-16546 at SUSECVE-2017-16546 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes several issues.
These security issues were fixed:
- CVE-2017-14343: Fixed a memory leak vulnerability in ReadXCFImage in
coders/xcf.c via a crafted xcf image file (bsc#1058422).
- CVE-2017-12691: The ReadOneLayer function in coders/xcf.c allowed remote
attackers to cause a denial of service (memory consumption) via a crafted file
(bsc#1058422).
- CVE-2017-14042: Prevent memory allocation failure in the ReadPNMImage
function in coders/pnm.c. The vulnerability caused a big memory allocation,
which may have lead to remote denial of service in the MagickRealloc function
in magick/memory.c (bsc#1056550).
- CVE-2017-15281: ReadPSDImage in coders/psd.c allowed remote attackers to
cause a denial of service (application crash) or possibly have unspecified
other impact via a crafted file (bsc#1063049).
- CVE-2017-13061: A length-validation vulnerability in the function
ReadPSDLayersInternal in coders/psd.c allowed attackers to cause a denial of
service (ReadPSDImage memory exhaustion) via a crafted file (bsc#1055063).
- CVE-2017-12563: A memory exhaustion vulnerability in the function
ReadPSDImage in coders/psd.c allowed attackers to cause a denial of service
(bsc#1052460).
- CVE-2017-14174: coders/psd.c allowed for DoS in ReadPSDLayersInternal() due
to lack of an EOF (End of File) check might have caused huge CPU consumption.
When a crafted PSD file, which claims a large 'length' field in the header but
did not contain sufficient backing data, is provided, the loop over 'length'
would consume huge CPU resources, since there is no EOF check inside the loop
(bsc#1057723).
- CVE-2017-13062: A memory leak vulnerability in the function formatIPTC in
coders/meta.c allowed attackers to cause a denial of service (WriteMETAImage
memory consumption) via a crafted file (bsc#1055053).
- CVE-2017-15277: ReadGIFImage in coders/gif.c left the palette uninitialized
when processing a GIF file that has neither a global nor local palette. If this
functionality was used as a library loaded into a process that operates on
interesting data, this data sometimes could have been leaked via the
uninitialized palette (bsc#1063050).
ModerateSUSE bug 1052460SUSE bug 1055053SUSE bug 1055063SUSE bug 1056550SUSE bug 1057723SUSE bug 1058422SUSE bug 1063049SUSE bug 1063050CVE-2017-12563 at SUSECVE-2017-12563 at NVDCVE-2017-12691 at SUSECVE-2017-12691 at NVDCVE-2017-13061 at SUSECVE-2017-13061 at NVDCVE-2017-13062 at SUSECVE-2017-13062 at NVDCVE-2017-14042 at SUSECVE-2017-14042 at NVDCVE-2017-14174 at SUSECVE-2017-14174 at NVDCVE-2017-14343 at SUSECVE-2017-14343 at NVDCVE-2017-15277 at SUSECVE-2017-15277 at NVDCVE-2017-15281 at SUSECVE-2017-15281 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes several issues.
These security issues were fixed:
- CVE-2017-12672: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of
service (bsc#1052720).
- CVE-2017-13060: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of
service via a crafted file (bsc#1055065).
- CVE-2017-11724: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c involving the quantum_info and clone_info data
structures (bsc#1051446).
- CVE-2017-12670: Added validation in coders/mat.c to prevent an assertion
failure in the function DestroyImage in MagickCore/image.c, which allowed
attackers to cause a denial of service (bsc#1052731).
- CVE-2017-12667: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c (bsc#1052732).
- CVE-2017-13146: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c (bsc#1055323).
- CVE-2017-10800: Processing MATLAB images in coders/mat.c could have lead to a
denial of service (OOM) in ReadMATImage() if the size specified for a MAT
Object was larger than the actual amount of data (bsc#1047044)
- CVE-2017-13648: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c (bsc#1055434).
- CVE-2017-11141: Fixed a memory leak vulnerability in the function
ReadMATImage in coders\mat.c that could have caused memory exhaustion via a
crafted MAT file, related to incorrect ordering of a SetImageExtent call
(bsc#1047898).
- CVE-2017-11529: The ReadMATImage function in coders/mat.c allowed remote
attackers to cause a denial of service (memory leak) via a crafted file
(bsc#1050120).
- CVE-2017-12564: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of
service (bsc#1052468).
- CVE-2017-12434: Added a missing NULL check in the function ReadMATImage in
coders/mat.c, which allowed attackers to cause a denial of service (assertion
failure) in DestroyImageInfo in image.c (bsc#1052550).
- CVE-2017-12675: Added a missing check for multidimensional data coders/mat.c,
that could have lead to a memory leak in the function ReadImage in
MagickCore/constitute.c, which allowed attackers to cause a denial of service
(bsc#1052710).
- CVE-2017-14326: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of
service via a crafted file (bsc#1058640).
- CVE-2017-11644: Processesing a crafted file in convert could have lead to a
memory leak in the ReadMATImage() function in coders/mat.c (bsc#1050606).
- CVE-2017-13658: Added a missing NULL check in the ReadMATImage function in
coders/mat.c, which could have lead to a denial of service (assertion failure
and application exit) in the DestroyImageInfo function in MagickCore/image.c
(bsc#1055855).
- CVE-2017-14533: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c (bsc#1059751).
- CVE-2017-17881: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of
service via a crafted MAT image file (bsc#1074123).
- CVE-2017-1000476: Prevent CPU exhaustion in the function ReadDDSInfo in
coders/dds.c, which allowed attackers to cause a denial of service
(bsc#1074610).
- CVE-2017-9409: Fixed a memory leak vulnerability in the function ReadMPCImage
in mpc.c, which allowed attackers to cause a denial of service via a crafted
file (bsc#1042948).
- CVE-2017-11449: coders/mpc did not enable seekable streams and thus could not
validate blob sizes, which allowed remote attackers to cause a denial of service
(application crash) or possibly have unspecified other impact via an image
received from stdin (bsc#1049373)
- CVE-2017-12430: A memory exhaustion in the function ReadMPCImage in
coders/mpc.c allowed attackers to cause DoS (bsc#1052252)
- CVE-2017-12642: Prevent a memory leak vulnerability in ReadMPCImage in
coders\mpc.c via crafted file allowing for DoS (bsc#1052771)
- CVE-2017-14249: A mishandled EOF check in ReadMPCImage in coders/mpc.c that
lead to a division by zero in GetPixelCacheTileSize in MagickCore/cache.c
allowed remote attackers to cause a denial of service via a crafted file
(bsc#1058082)
- CVE-2017-1000445: Added a NUL pointer check in the MagickCore component that
might have lead to denial of service (bsc#1074425).
- CVE-2017-11751: Fixed a memory leak vulnerability in the function
WritePICONImage in coders/xpm.c that allowed remote attackers to cause a denial
of service via a crafted file (bsc#1051412).
- CVE-2017-17680: Fixed a memory leak vulnerability in the function
ReadXPMImage in coders/xpm.c, which allowed attackers to cause a denial of
service via a crafted xpm image file (bsc#1072902).
- CVE-2017-17882: Fixed a memory leak vulnerability in the function
ReadXPMImage in coders/xpm.c, which allowed attackers to cause a denial of
service via a crafted XPM image file (bsc#1074122).
- CVE-2018-5246: Fixed memory leak vulnerability in ReadPATTERNImage in
coders/pattern.c (bsc#1074973).
- CVE-2017-18022: Fixed memory leak vulnerability in MontageImageCommand in
MagickWand/montage.c (bsc#1074975)
- CVE-2018-5247: Fixed memory leak vulnerability in ReadRLAImage in
coders/rla.c (bsc#1074969)
ModerateSUSE bug 1042948SUSE bug 1047044SUSE bug 1047898SUSE bug 1049373SUSE bug 1050120SUSE bug 1050606SUSE bug 1051412SUSE bug 1051446SUSE bug 1052252SUSE bug 1052468SUSE bug 1052550SUSE bug 1052710SUSE bug 1052720SUSE bug 1052731SUSE bug 1052732SUSE bug 1052771SUSE bug 1055065SUSE bug 1055323SUSE bug 1055434SUSE bug 1055855SUSE bug 1058082SUSE bug 1058640SUSE bug 1059751SUSE bug 1072902SUSE bug 1074122SUSE bug 1074123SUSE bug 1074425SUSE bug 1074610SUSE bug 1074969SUSE bug 1074973SUSE bug 1074975CVE-2017-1000445 at SUSECVE-2017-1000445 at NVDCVE-2017-1000476 at SUSECVE-2017-1000476 at NVDCVE-2017-10800 at SUSECVE-2017-10800 at NVDCVE-2017-11141 at SUSECVE-2017-11141 at NVDCVE-2017-11449 at SUSECVE-2017-11449 at NVDCVE-2017-11529 at SUSECVE-2017-11529 at NVDCVE-2017-11644 at SUSECVE-2017-11644 at NVDCVE-2017-11724 at SUSECVE-2017-11724 at NVDCVE-2017-11751 at SUSECVE-2017-11751 at NVDCVE-2017-12430 at SUSECVE-2017-12430 at NVDCVE-2017-12434 at SUSECVE-2017-12434 at NVDCVE-2017-12564 at SUSECVE-2017-12564 at NVDCVE-2017-12642 at SUSECVE-2017-12642 at NVDCVE-2017-12667 at SUSECVE-2017-12667 at NVDCVE-2017-12670 at SUSECVE-2017-12670 at NVDCVE-2017-12672 at SUSECVE-2017-12672 at NVDCVE-2017-12675 at SUSECVE-2017-12675 at NVDCVE-2017-13060 at SUSECVE-2017-13060 at NVDCVE-2017-13146 at SUSECVE-2017-13146 at NVDCVE-2017-13648 at SUSECVE-2017-13648 at NVDCVE-2017-13658 at SUSECVE-2017-13658 at NVDCVE-2017-14249 at SUSECVE-2017-14249 at NVDCVE-2017-14326 at SUSECVE-2017-14326 at NVDCVE-2017-14533 at SUSECVE-2017-14533 at NVDCVE-2017-17680 at SUSECVE-2017-17680 at NVDCVE-2017-17881 at SUSECVE-2017-17881 at NVDCVE-2017-17882 at SUSECVE-2017-17882 at NVDCVE-2017-18022 at SUSECVE-2017-18022 at NVDCVE-2017-9409 at SUSECVE-2017-9409 at NVDCVE-2018-5246 at SUSECVE-2018-5246 at NVDCVE-2018-5247 at SUSECVE-2018-5247 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes several issues.
These security issues were fixed:
- CVE-2018-5685: Prevent infinite loop and application hang in the ReadBMPImage
function. Remote attackers could leverage this vulnerability to cause a denial
of service via an image file with a crafted bit-field mask value (bsc#1075939)
- CVE-2017-11639: Prevent heap-based buffer over-read in the WriteCIPImage()
function, related to the GetPixelLuma function in MagickCore/pixel-accessor.h
(bsc#1050635).
- CVE-2017-11525: Prevent memory consumption in the ReadCINImage function that
allowed remote attackers to cause a denial of service (bsc#1050098).
- CVE-2017-9262: The ReadJNGImage function in coders/png.c allowed attackers to
cause a denial of service (memory leak) via a crafted file (bsc#1043353)
- CVE-2017-9261: The ReadMNGImage function in coders/png.c allowed
attackers to cause a denial of service (memory leak) via a crafted file (bsc#1043354)
- CVE-2017-10995: The mng_get_long function in coders/png.c allowed remote
attackers to cause a denial of service (heap-based buffer over-read and
application crash) via a crafted MNG image (bsc#1047908)
- CVE-2017-11539: Prevent memory leak in the ReadOnePNGImage() function in
coders/png.c (bsc#1050037)
- CVE-2017-11505: The ReadOneJNGImage function in coders/png.c allowed remote
attackers to cause a denial of service (large loop and CPU consumption) via
a crafted file (bsc#1050072)
- CVE-2017-11526: The ReadOneMNGImage function in coders/png.c allowed remote
attackers to cause a denial of service (large loop and CPU consumption) via a
crafted file (bsc#1050100)
- CVE-2017-11750: The ReadOneJNGImage function in coders/png.c allowed remote
attackers to cause a denial of service (NULL pointer dereference) via a crafted
file (bsc#1051442)
- CVE-2017-12565: Prevent memory leak in the function ReadOneJNGImage in
coders/png.c, which allowed attackers to cause a denial of service (bsc#1052470)
- CVE-2017-12676: Prevent memory leak in the function ReadOneJNGImage in
coders/png.c, which allowed attackers to cause a denial of service (bsc#1052708)
- CVE-2017-12673: Prevent memory leak in the function ReadOneMNGImage in
coders/png.c, which allowed attackers to cause a denial of service (bsc#1052717)
- CVE-2017-12671: Added NULL assignment in coders/png.c to prevent an invalid
free in the function RelinquishMagickMemory in MagickCore/memory.c, which
allowed attackers to cause a denial of service (bsc#1052721)
- CVE-2017-12643: Prevent a memory exhaustion vulnerability in ReadOneJNGImage
in coders\png.c (bsc#1052768)
- CVE-2017-12641: Prevent a memory leak vulnerability in ReadOneJNGImage in
coders\png.c (bsc#1052777)
- CVE-2017-12640: Prevent an out-of-bounds read vulnerability in
ReadOneMNGImage in coders/png.c (bsc#1052781)
- CVE-2017-12935: The ReadMNGImage function in coders/png.c mishandled large
MNG images, leading to an invalid memory read in the SetImageColorCallBack
function in magick/image.c (bsc#1054600)
- CVE-2017-13147: Prevent allocation failure in the function ReadMNGImage in
coders/png.c when a small MNG file has a MEND chunk with a large length value
(bsc#1055374)
- CVE-2017-13142: Added additional checks for short files to prevent a crafted
PNG file from triggering a crash (bsc#1055455)
- CVE-2017-13141: Prevent memory leak in ReadOnePNGImage in coders/png.c
(bsc#1055456)
- CVE-2017-14103: The ReadJNGImage and ReadOneJNGImage functions in
coders/png.c did not properly manage image pointers after certain error
conditions, which allowed remote attackers to conduct use-after-free attacks
via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call
(bsc#1057000)
- CVE-2017-14649: ReadOneJNGImage in coders/png.c did not properly validate JNG
data, leading to a denial of service (assertion failure in
magick/pixel_cache.c, and application crash) (bsc#1060162)
- CVE-2017-15218: Prevent memory leak in ReadOneJNGImage in coders/png.c
(bsc#1062752)
- CVE-2017-17504: Prevent heap-based buffer over-read via a crafted file in
Magick_png_read_raw_profile, related to ReadOneMNGImage (bsc#1072362)
- CVE-2017-17879: Prevent heap-based buffer over-read in ReadOneMNGImage in
coders/png.c, related to length calculation and caused by an off-by-one error
(bsc#1074125)
- CVE-2017-17914: Prevent crafted files to cause a large loop in
ReadOneMNGImage (bsc#1074185)
- CVE-2017-17884: Prevent memory leak in the function WriteOnePNGImage in
coders/png.c, which allowed attackers to cause a denial of service via a
crafted PNG image file (bsc#1074120)
- Prevent memory leak in svg.c, which allowed attackers to cause a denial of
service via a crafted SVG image file (bsc#1074120)
- Prevent small memory leak when processing PWP image files (bsc#1074309)
- CVE-2017-18029: Prevent memory leak in the function ReadMATImage which allowed
remote attackers to cause a denial of service via a crafted file (bsc#1076021)
- CVE-2017-18027: Prevent memory leak vulnerability in the function
ReadMATImage which allowed remote attackers to cause a denial of service via a
crafted file (bsc#1076051)
ModerateSUSE bug 1043353SUSE bug 1043354SUSE bug 1047908SUSE bug 1050037SUSE bug 1050072SUSE bug 1050098SUSE bug 1050100SUSE bug 1050635SUSE bug 1051442SUSE bug 1052470SUSE bug 1052708SUSE bug 1052717SUSE bug 1052721SUSE bug 1052768SUSE bug 1052777SUSE bug 1052781SUSE bug 1054600SUSE bug 1055374SUSE bug 1055455SUSE bug 1055456SUSE bug 1057000SUSE bug 1060162SUSE bug 1062752SUSE bug 1072362SUSE bug 1074120SUSE bug 1074125SUSE bug 1074185SUSE bug 1074309SUSE bug 1075939SUSE bug 1076021SUSE bug 1076051CVE-2017-10995 at SUSECVE-2017-10995 at NVDCVE-2017-11505 at SUSECVE-2017-11505 at NVDCVE-2017-11525 at SUSECVE-2017-11525 at NVDCVE-2017-11526 at SUSECVE-2017-11526 at NVDCVE-2017-11539 at SUSECVE-2017-11539 at NVDCVE-2017-11639 at SUSECVE-2017-11639 at NVDCVE-2017-11750 at SUSECVE-2017-11750 at NVDCVE-2017-12565 at SUSECVE-2017-12565 at NVDCVE-2017-12640 at SUSECVE-2017-12640 at NVDCVE-2017-12641 at SUSECVE-2017-12641 at NVDCVE-2017-12643 at SUSECVE-2017-12643 at NVDCVE-2017-12671 at SUSECVE-2017-12671 at NVDCVE-2017-12673 at SUSECVE-2017-12673 at NVDCVE-2017-12676 at SUSECVE-2017-12676 at NVDCVE-2017-12935 at SUSECVE-2017-12935 at NVDCVE-2017-13141 at SUSECVE-2017-13141 at NVDCVE-2017-13142 at SUSECVE-2017-13142 at NVDCVE-2017-13147 at SUSECVE-2017-13147 at NVDCVE-2017-14103 at SUSECVE-2017-14103 at NVDCVE-2017-14649 at SUSECVE-2017-14649 at NVDCVE-2017-15218 at SUSECVE-2017-15218 at NVDCVE-2017-17504 at SUSECVE-2017-17504 at NVDCVE-2017-17879 at SUSECVE-2017-17879 at NVDCVE-2017-17884 at SUSECVE-2017-17884 at NVDCVE-2017-17914 at SUSECVE-2017-17914 at NVDCVE-2017-18027 at SUSECVE-2017-18027 at NVDCVE-2017-18029 at SUSECVE-2017-18029 at NVDCVE-2017-9261 at SUSECVE-2017-9261 at NVDCVE-2017-9262 at SUSECVE-2017-9262 at NVDCVE-2018-5685 at SUSECVE-2018-5685 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2017-9407: In ImageMagick, the ReadPALMImage function in palm.c allowed attackers to cause a denial of service (memory leak) via a crafted file. (bsc#1042824)
- CVE-2017-11448: The ReadJPEGImage function in coders/jpeg.c in ImageMagick allowed remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file. (bsc#1049375)
- CVE-2017-11450: A remote denial of service in coders/jpeg.c was fixed (bsc#1049374)
- CVE-2017-11537: When ImageMagick processed a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in coders/palm.c, related to an incorrect bits-per-pixel calculation. (bsc#1050048)
- CVE-2017-12418: ImageMagick had memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c. (bsc#1052207)
- CVE-2017-12432: In ImageMagick, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allowed attackers to cause a denial of service. (bsc#1052254)
- CVE-2017-12654: The ReadPICTImage function in coders/pict.c in ImageMagick allowed attackers to cause a denial of service (memory leak) via a crafted file. (bsc#1052761)
- CVE-2017-12664: ImageMagick had a memory leak vulnerability in WritePALMImage in coders/palm.c. (bsc#1052750)
- CVE-2017-12665: ImageMagick had a memory leak vulnerability in WritePICTImage in coders/pict.c. (bsc#1052747)
- CVE-2017-12668: ImageMagick had a memory leak vulnerability in WritePCXImage in coders/pcx.c. (bsc#1052688)
- CVE-2017-13058: In ImageMagick, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allowed attackers to cause a denial of service via a crafted file. (bsc#1055069)
- CVE-2017-14224: A heap-based buffer overflow in WritePCXImage in coders/pcx.c could lead to denial of service or code execution. (bsc#1058009)
- CVE-2017-17885: In ImageMagick, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allowed attackers to cause a denial of service via a crafted PICT image file. (bsc#1074119)
- CVE-2017-18028: A memory exhaustion in the function ReadTIFFImage in coders/tiff.c was fixed. (bsc#1076182)
- CVE-2018-6405: In the ReadDCMImage function in coders/dcm.c in ImageMagick, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allowed remote attackers to cause a denial of service. (bsc#1078433)
- CVE-2017-12427: ProcessMSLScript coders/msl.c allowed remote attackers to cause a DoS (bsc#1052248)
- CVE-2017-12566: A memory leak in ReadMVGImage in coders/mvg.c, could have allowed attackers to cause DoS (bsc#1052472)
- CVE-2017-11638, CVE-2017-11642: A NULL pointer dereference in theWriteMAPImage() in coders/map.c was fixed which could lead to a crash (bsc#1050617)
- CVE-2017-13131: A memory leak vulnerability was found in thefunction ReadMIFFImage in coders/miff.c, which allowed attackers tocause a denial of service (memory consumption in NewL (bsc#1055229)
- CVE-2017-11166: In ReadXWDImage in coders\xwd.c a memoryleak could have caused memory exhaustion via a crafted length (bsc#1048110)
- CVE-2017-12674: A CPU exhaustion in ReadPDBImage in coders/pdb.c was fixed, which allowed attackers to cause DoS (bsc#1052711)
- CVE-2017-12429: A memory exhaustion flaw in ReadMIFFImage in coders/miff.c was fixed, which allowed attackers to cause DoS (bsc#1052251)
- CVE-2017-11637: A NULL pointer dereference in WritePCLImage() in coders/pcl.c was fixed which could lead to a crash (bsc#1050669)
ModerateSUSE bug 1042824SUSE bug 1048110SUSE bug 1049374SUSE bug 1049375SUSE bug 1050048SUSE bug 1050617SUSE bug 1050669SUSE bug 1052207SUSE bug 1052248SUSE bug 1052251SUSE bug 1052254SUSE bug 1052472SUSE bug 1052688SUSE bug 1052711SUSE bug 1052747SUSE bug 1052750SUSE bug 1052761SUSE bug 1055069SUSE bug 1055229SUSE bug 1058009SUSE bug 1074119SUSE bug 1076182SUSE bug 1078433CVE-2017-11166 at SUSECVE-2017-11166 at NVDCVE-2017-11448 at SUSECVE-2017-11448 at NVDCVE-2017-11450 at SUSECVE-2017-11450 at NVDCVE-2017-11537 at SUSECVE-2017-11537 at NVDCVE-2017-11637 at SUSECVE-2017-11637 at NVDCVE-2017-11638 at SUSECVE-2017-11638 at NVDCVE-2017-11642 at SUSECVE-2017-11642 at NVDCVE-2017-12418 at SUSECVE-2017-12418 at NVDCVE-2017-12427 at SUSECVE-2017-12427 at NVDCVE-2017-12429 at SUSECVE-2017-12429 at NVDCVE-2017-12432 at SUSECVE-2017-12432 at NVDCVE-2017-12566 at SUSECVE-2017-12566 at NVDCVE-2017-12654 at SUSECVE-2017-12654 at NVDCVE-2017-12664 at SUSECVE-2017-12664 at NVDCVE-2017-12665 at SUSECVE-2017-12665 at NVDCVE-2017-12668 at SUSECVE-2017-12668 at NVDCVE-2017-12674 at SUSECVE-2017-12674 at NVDCVE-2017-13058 at SUSECVE-2017-13058 at NVDCVE-2017-13131 at SUSECVE-2017-13131 at NVDCVE-2017-14224 at SUSECVE-2017-14224 at NVDCVE-2017-17885 at SUSECVE-2017-17885 at NVDCVE-2017-18028 at SUSECVE-2017-18028 at NVDCVE-2017-9407 at SUSECVE-2017-9407 at NVDCVE-2018-6405 at SUSECVE-2018-6405 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2017-9405: A memory leak in the ReadICONImage function was fixed that could lead to DoS via memory exhaustion (bsc#1042911)
- CVE-2017-11528: ReadDIBImage in coders/dib.c allows remote attackers to cause DoS via memory exhaustion (bsc#1050119)
- CVE-2017-11530: ReadEPTImage in coders/ept.c allows remote attackers to cause DoS via memory exhaustion (bsc#1050122)
- CVE-2017-11533: A information leak by 1 byte due to heap-based buffer over-read in the WriteUILImage() in coders/uil.c was fixed (bsc#1050132)
- CVE-2017-12663: A memory leak in WriteMAPImage in coders/map.c was fixed that could lead to a DoS via memory exhaustion (bsc#1052754)
- CVE-2017-17682: A large loop vulnerability was fixed in ExtractPostscript in coders/wpg.c, which allowed attackers to cause a denial of service (CPU exhaustion) (bsc#1072898)
ModerateSUSE bug 1042911SUSE bug 1050119SUSE bug 1050122SUSE bug 1050132SUSE bug 1052754SUSE bug 1072898CVE-2017-11528 at SUSECVE-2017-11528 at NVDCVE-2017-11530 at SUSECVE-2017-11530 at NVDCVE-2017-11533 at SUSECVE-2017-11533 at NVDCVE-2017-12663 at SUSECVE-2017-12663 at NVDCVE-2017-17682 at SUSECVE-2017-17682 at NVDCVE-2017-9405 at SUSECVE-2017-9405 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes several issues.
These security issues were fixed:
- CVE-2018-8804: The WriteEPTImage function allowed remote attackers to cause a
denial of service (double free and application crash) or possibly have
unspecified other impact via a crafted file (bsc#1086011)
- CVE-2017-11524: The WriteBlob function allowed remote attackers to cause a
denial of service (assertion failure and application exit) via a crafted file
(bsc#1050087)
- CVE-2017-18219: Prevent allocation failure in the function ReadOnePNGImage,
which allowed attackers to cause a denial of service via a crafted file that
triggers an attempt at a large png_pixels array allocation (bsc#1084060).
- CVE-2017-9500: Prevent assertion failure in the function
ResetImageProfileIterator, which allowed attackers to cause a denial of service
via a crafted file (bsc#1043290)
- CVE-2017-16353: Prevent memory information disclosure in the DescribeImage
function caused by a heap-based buffer over-read. The portion of the code
containing the vulnerability is responsible for printing the IPTC Profile
information contained in the image. This vulnerability can be triggered with a
specially crafted MIFF file. There is an out-of-bounds buffer dereference
because certain increments were never checked (bsc#1066170)
- CVE-2017-16352: Prevent a heap-based buffer overflow in the 'Display visual
image directory' feature of the DescribeImage() function. One possible way to
trigger the vulnerability is to run the identify command on a specially crafted
MIFF format file with the verbose flag (bsc#1066168)
- CVE-2017-14314: Prevent off-by-one error in the DrawImage function that
allowed remote attackers to cause a denial of service (DrawDashPolygon
heap-based buffer over-read and application crash) via a crafted file
(bsc#1058630)
- CVE-2017-13768: Prevent NULL pointer dereference in the IdentifyImage
function that allowed an attacker to perform denial of service by sending a
crafted image file (bsc#1056434)
- CVE-2017-14505: Fixed handling of NULL arrays, which allowed attackers to
perform Denial of Service (NULL pointer dereference and application crash in
AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image
File as input (bsc#1059735)
- CVE-2018-7443: The ReadTIFFImage function did not properly validate the
amount of image data in a file, which allowed remote attackers to cause a
denial of service (memory allocation failure in the AcquireMagickMemory
function in MagickCore/memory.c) (bsc#1082792)
- CVE-2017-15016: Prevent NULL pointer dereference vulnerability in
ReadEnhMetaFile allowing for denial of service (bsc#1082291)
- CVE-2017-15017: Prevent NULL pointer dereference vulnerability in
ReadOneMNGImage allowing for denial of service (bsc#1082283)
- CVE-2017-12692: The ReadVIFFImage function allowed remote attackers to cause
a denial of service (memory consumption) via a crafted VIFF file (bsc#1082362)
- CVE-2017-12693: The ReadBMPImage function allowed remote attackers to cause a
denial of service (memory consumption) via a crafted BMP file (bsc#1082348)
ModerateSUSE bug 1043290SUSE bug 1050087SUSE bug 1056434SUSE bug 1058630SUSE bug 1059735SUSE bug 1066168SUSE bug 1066170SUSE bug 1082283SUSE bug 1082291SUSE bug 1082348SUSE bug 1082362SUSE bug 1082792SUSE bug 1084060SUSE bug 1086011CVE-2017-11524 at SUSECVE-2017-11524 at NVDCVE-2017-12691 at SUSECVE-2017-12691 at NVDCVE-2017-12692 at SUSECVE-2017-12692 at NVDCVE-2017-12693 at SUSECVE-2017-12693 at NVDCVE-2017-13768 at SUSECVE-2017-13768 at NVDCVE-2017-14314 at SUSECVE-2017-14314 at NVDCVE-2017-14343 at SUSECVE-2017-14343 at NVDCVE-2017-14505 at SUSECVE-2017-14505 at NVDCVE-2017-15016 at SUSECVE-2017-15016 at NVDCVE-2017-15017 at SUSECVE-2017-15017 at NVDCVE-2017-16352 at SUSECVE-2017-16352 at NVDCVE-2017-16353 at SUSECVE-2017-16353 at NVDCVE-2017-18219 at SUSECVE-2017-18219 at NVDCVE-2017-9500 at SUSECVE-2017-9500 at NVDCVE-2018-7443 at SUSECVE-2018-7443 at NVDCVE-2018-8804 at SUSECVE-2018-8804 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
- security update (png.c)
* CVE-2018-9018: divide-by-zero in the ReadMNGImage function of coders/png.c.
Attackers could leverage this vulnerability to cause a crash and denial of service
via a crafted mng file. [bsc#1086773]
* CVE-2018-10177: there is an infinite loop in the ReadOneMNGImagefunction of the coders/png.c file. Remote attackers could leverage thisvulnerability to cause a denial of service (bsc#1089781)
- security update (wand)
* CVE-2017-18252: The MogrifyImageList function in MagickWand/mogrify.c could allow
attackers to cause a denial of service via a crafted file. [bsc#1087033]
- security update (gif.c)
* CVE-2017-18254: A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c,
which could lead to denial of service via a crafted file. [bsc#1087027]
- security update (core)
* CVE-2017-10928: a heap-based buffer over-read in the GetNextToken function in token.c
could allow attackers to obtain sensitive information from process memory or possibly have
unspecified other impact via a crafted SVG document that is mishandled in the
GetUserSpaceCoordinateValue function in coders/svg.c. [bsc#1047356]
- security update (pcd.c)
* CVE-2017-18251: A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c,
which could lead to a denial of service via a crafted file. [bsc#1087037]
- security update (gif.c)
* CVE-2017-18254: A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which could lead to denial of service via a crafted file. [bsc#1087027]
- security update (tiff.c)
* CVE-2018-8960: The ReadTIFFImage function in coders/tiff.c in ImageMagick memory allocation issue could lead to denial of service (bsc#1086782)
ModerateSUSE bug 1047356SUSE bug 1086773SUSE bug 1086782SUSE bug 1087027SUSE bug 1087033SUSE bug 1087037SUSE bug 1089781CVE-2017-1000476 at SUSECVE-2017-1000476 at NVDCVE-2017-10928 at SUSECVE-2017-10928 at NVDCVE-2017-18251 at SUSECVE-2017-18251 at NVDCVE-2017-18252 at SUSECVE-2017-18252 at NVDCVE-2017-18254 at SUSECVE-2017-18254 at NVDCVE-2018-10177 at SUSECVE-2018-10177 at NVDCVE-2018-8960 at SUSECVE-2018-8960 at NVDCVE-2018-9018 at SUSECVE-2018-9018 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2018-11251: Heap-based buffer over-read in ReadSUNImage in coders/sun.c,
which allows attackers to cause denial of service (bsc#1094237)
- CVE-2017-18271: Infinite loop in the function ReadMIFFImage in coders/miff.c,
which allows attackers to cause a denial of service (bsc#1094204)
- CVE-2017-13758: Heap-based buffer overflow in the TracePoint() in
MagickCore/draw.c, which allows attackers to cause a denial of
service(bsc#1056277)
- CVE-2018-10805: Fixed several memory leaks in rgb.c, cmyk.c, gray.c, and
ycbcr.c (bsc#1095812)
- CVE-2018-12600: The ReadDIBImage and WriteDIBImage functions allowed
attackers to cause an out of bounds write via a crafted file (bsc#1098545)
- CVE-2018-12599: The ReadBMPImage and WriteBMPImage fucntions allowed
attackers to cause an out of bounds write via a crafted file (bsc#1098546)
- CVE-2018-14434: Fixed a memory leak for a colormap in WriteMPCImage in coders/mpc.c (bsc#1102003)
- CVE-2018-14435: Fixed a memory leak in DecodeImage in coders/pcd.c (bsc#1102007)
- CVE-2018-14436: Fixed a memory leak in ReadMIFFImage in coders/miff.c (bsc#1102005)
- CVE-2018-14437: Fixed a memory leak in parse8BIM in coders/meta.c (bsc#1102004)
ModerateSUSE bug 1056277SUSE bug 1094204SUSE bug 1094237SUSE bug 1095812SUSE bug 1098545SUSE bug 1098546SUSE bug 1102003SUSE bug 1102004SUSE bug 1102005SUSE bug 1102007CVE-2017-13758 at SUSECVE-2017-13758 at NVDCVE-2017-18271 at SUSECVE-2017-18271 at NVDCVE-2018-10805 at SUSECVE-2018-10805 at NVDCVE-2018-11251 at SUSECVE-2018-11251 at NVDCVE-2018-12599 at SUSECVE-2018-12599 at NVDCVE-2018-12600 at SUSECVE-2018-12600 at NVDCVE-2018-14434 at SUSECVE-2018-14434 at NVDCVE-2018-14435 at SUSECVE-2018-14435 at NVDCVE-2018-14436 at SUSECVE-2018-14436 at NVDCVE-2018-14437 at SUSECVE-2018-14437 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
Security issue fixed:
- Hide PS, XPS and PDF coders into */vulnerable (bsc#1105592)
ImportantSUSE bug 1105592cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following security issue:
- CVE-2017-17934: Prevent memory leaks, related to MSLPopImage and
ProcessMSLScript, and associated with mishandling of MSLPushImage calls
(bsc#1074170).
- CVE-2018-16750: Prevent memory leak in the formatIPTCfromBuffer function
(bsc#1108283)
- CVE-2018-16749: Added missing NULL check in ReadOneJNGImage that allowed an
attacker to cause a denial of service (WriteBlob assertion failure and
application exit) via a crafted file (bsc#1108282)
- CVE-2018-16413: Prevent heap-based buffer over-read in the PushShortPixel
function leading to DoS (bsc#1106989).
- CVE-2018-16323: ReadXBMImage left data uninitialized when processing an XBM
file that has a negative pixel value. If the affected code was used as a
library loaded into a process that includes sensitive information, that
information sometimes can be leaked via the image data (bsc#1106855)
- CVE-2018-16642: The function InsertRow allowed remote attackers to cause a
denial of service via a crafted image file due to an out-of-bounds write
(bsc#1107616)
- CVE-2018-16643: The functions ReadDCMImage, ReadPWPImage, ReadCALSImage, and
ReadPICTImage did check the return value of the fputc function, which allowed
remote attackers to cause a denial of service via a crafted image file
(bsc#1107612)
- CVE-2018-16644: Added missing check for length in the functions ReadDCMImage
and ReadPICTImage, which allowed remote attackers to cause a denial of service
via a crafted image (bsc#1107609)
- CVE-2018-16645: Prevent excessive memory allocation issue in the functions
ReadBMPImage and ReadDIBImage, which allowed remote attackers to cause a denial
of service via a crafted image file (bsc#1107604)
- CVE-2018-18024: Fixed an infinite loop in the ReadBMPImage function of
the coders/bmp.c file. Remote attackers could leverage this vulnerability
to cause a denial of service via a crafted bmp file (bsc#1111069)
- CVE-2018-18016: Fixed a memory leak in WritePCXImage (bsc#1111072)
- CVE-2018-17965: Fixed a memory leak in WriteSGIImage (bsc#1110747)
- CVE-2018-17966: Fixed a memory leak in WritePDBImage (bsc#1110746)
ModerateSUSE bug 1074170SUSE bug 1106855SUSE bug 1106989SUSE bug 1107604SUSE bug 1107609SUSE bug 1107612SUSE bug 1107616SUSE bug 1108282SUSE bug 1108283SUSE bug 1110746SUSE bug 1110747SUSE bug 1111069SUSE bug 1111072CVE-2017-17934 at SUSECVE-2017-17934 at NVDCVE-2018-16323 at SUSECVE-2018-16323 at NVDCVE-2018-16413 at SUSECVE-2018-16413 at NVDCVE-2018-16642 at SUSECVE-2018-16642 at NVDCVE-2018-16643 at SUSECVE-2018-16643 at NVDCVE-2018-16644 at SUSECVE-2018-16644 at NVDCVE-2018-16645 at SUSECVE-2018-16645 at NVDCVE-2018-16749 at SUSECVE-2018-16749 at NVDCVE-2018-16750 at SUSECVE-2018-16750 at NVDCVE-2018-17965 at SUSECVE-2018-17965 at NVDCVE-2018-17966 at SUSECVE-2018-17966 at NVDCVE-2018-18016 at SUSECVE-2018-18016 at NVDCVE-2018-18024 at SUSECVE-2018-18024 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2017-14997: ImageMagick allowed remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c. (bsc#1112399)
- CVE-2018-16644: A regression in the security fix for the pict coder was fixed (bsc#1107609)
- CVE-2017-11532: When ImageMagick processed a crafted file in convert, it could lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c. (bsc#1050129)
- CVE-2017-11639: A regression in the security fix in the cip coder was fixed (bsc#1050635)
ModerateSUSE bug 1050129SUSE bug 1050635SUSE bug 1107609SUSE bug 1112399CVE-2017-11532 at SUSECVE-2017-11532 at NVDCVE-2017-11639 at SUSECVE-2017-11639 at NVDCVE-2017-14997 at SUSECVE-2017-14997 at NVDCVE-2018-16644 at SUSECVE-2018-16644 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2019-7175: Fixed multiple memory leaks in DecodeImage function (bsc#1128649).
- CVE-2018-18544: Fixed memory leak in the function WriteMSLImage (bsc#1113064).
- CVE-2018-20467: Fixed infinite loop in coders/bmp.c (bsc#1120381).
- CVE-2019-7397: Fixed a memory leak in the function WritePDFImage (bsc#1124366).
- CVE-2018-16413: Prevent heap-based buffer over-read in the PushShortPixel
function leading to DoS (bsc#1106989).
- CVE-2018-16412: Prevent heap-based buffer over-read in the ParseImageResourceBlocks
function leading to DOS (bsc#1106996).
- CVE-2019-7398: Fixed a memory leak in the function WriteDIBImage (bsc#1124365).
ModerateSUSE bug 1106989SUSE bug 1106996SUSE bug 1113064SUSE bug 1120381SUSE bug 1124365SUSE bug 1124366SUSE bug 1128649CVE-2018-16412 at SUSECVE-2018-16412 at NVDCVE-2018-16413 at SUSECVE-2018-16413 at NVDCVE-2018-18544 at SUSECVE-2018-18544 at NVDCVE-2018-20467 at SUSECVE-2018-20467 at NVDCVE-2019-7175 at SUSECVE-2019-7175 at NVDCVE-2019-7397 at SUSECVE-2019-7397 at NVDCVE-2019-7398 at SUSECVE-2019-7398 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2019-9956: Fixed a stack-based buffer overflow in PopHexPixel() (bsc#1130330).
- CVE-2019-10650: Fixed a heap-based buffer over-read in WriteTIFFImage() (bsc#1131317).
- CVE-2019-11007: Fixed a heap-based buffer overflow in ReadMNGImage() (bsc#1132060).
- CVE-2019-11009: Fixed a heap-based buffer over-read in ReadXWDImage() (bsc#1132053).
- CVE-2019-11472: Fixed a denial-of-service in ReadXWDImage() (bsc#1133204).
- CVE-2019-11470: Fixed a denial-of-service in ReadCINImage() (bsc#1133205).
- CVE-2019-11506: Fixed a heap-based buffer overflow in the WriteMATLABImage() (bsc#1133498).
- CVE-2019-11505: Fixed a heap-based buffer overflow in the WritePDBImage() (bsc#1133501).
ModerateSUSE bug 1130330SUSE bug 1131317SUSE bug 1132053SUSE bug 1132060SUSE bug 1133204SUSE bug 1133205SUSE bug 1133498SUSE bug 1133501CVE-2019-10650 at SUSECVE-2019-10650 at NVDCVE-2019-11007 at SUSECVE-2019-11007 at NVDCVE-2019-11009 at SUSECVE-2019-11009 at NVDCVE-2019-11470 at SUSECVE-2019-11470 at NVDCVE-2019-11472 at SUSECVE-2019-11472 at NVDCVE-2019-11505 at SUSECVE-2019-11505 at NVDCVE-2019-11506 at SUSECVE-2019-11506 at NVDCVE-2019-9956 at SUSECVE-2019-9956 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
Security issue fixed:
- CVE-2019-10131: Fixed a off-by-one read in formatIPTCfromBuffer function in coders/meta.c (bsc#1134075).
- CVE-2017-12805: Fixed a denial of service through memory exhaustion in ReadTIFFImage() (bsc#1135236).
- CVE-2019-11598: Fixed a heap-based buffer over-read in WritePNMImage() (bsc#1136732)
We also now disable PCL in the -SUSE configuration, as it also uses ghostscript for decoding (bsc#1136183)
LowSUSE bug 1134075SUSE bug 1135232SUSE bug 1135236SUSE bug 1136183SUSE bug 1136732CVE-2017-12805 at SUSECVE-2017-12805 at NVDCVE-2017-12806 at SUSECVE-2017-12806 at NVDCVE-2019-10131 at SUSECVE-2019-10131 at NVDCVE-2019-11598 at SUSECVE-2019-11598 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2019-11597: Fixed a heap-based buffer over-read in the WriteTIFFImage() (bsc#1138464).
- Fixed a file content disclosure via SVG and WMF decoding (bsc#1138425).
ModerateSUSE bug 1138425SUSE bug 1138464CVE-2019-11597 at SUSECVE-2019-11597 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2019-13301: Fixed a memory leak in AcquireMagickMemory() (bsc#1140554).
- CVE-2019-13311: Fixed a memory leak at AcquireMagickMemory because of a wand/mogrify.c error (bsc#1140513).
- CVE-2019-13454: Fixed a division by zero in RemoveDuplicateLayers in MagickCore/layer.c (bsc#1141171).
- CVE-2019-13295: Fixed a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140664).
- CVE-2019-13297: Fixed a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140666).
- CVE-2019-12979: Fixed the use of uninitialized values in SyncImageSettings() (bsc#1139886).
- CVE-2019-12975: Fixed a memory leak in the WriteDPXImage() in coders/dpx.c (bsc#1140106).
- CVE-2019-13135: Fixed the use of uninitialized values in ReadCUTImage() (bsc#1140103).
- CVE-2019-13133: Fixed a memory leak in the ReadBMPImage() (bsc#1140100).
- CVE-2019-13134: Fixed a memory leak in the ReadVIFFImage() (bsc#1140102).
- CVE-2019-12976: Fixed a memory leak in the ReadPCLImage() in coders/pcl.c(bsc#1140110).
ModerateSUSE bug 1139886SUSE bug 1140100SUSE bug 1140102SUSE bug 1140103SUSE bug 1140106SUSE bug 1140110SUSE bug 1140513SUSE bug 1140554SUSE bug 1140664SUSE bug 1140666SUSE bug 1141171CVE-2019-12975 at SUSECVE-2019-12975 at NVDCVE-2019-12976 at SUSECVE-2019-12976 at NVDCVE-2019-12979 at SUSECVE-2019-12979 at NVDCVE-2019-13133 at SUSECVE-2019-13133 at NVDCVE-2019-13134 at SUSECVE-2019-13134 at NVDCVE-2019-13135 at SUSECVE-2019-13135 at NVDCVE-2019-13295 at SUSECVE-2019-13295 at NVDCVE-2019-13297 at SUSECVE-2019-13297 at NVDCVE-2019-13301 at SUSECVE-2019-13301 at NVDCVE-2019-13311 at SUSECVE-2019-13311 at NVDCVE-2019-13454 at SUSECVE-2019-13454 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2019-15139: Fixed a denial-of-service vulnerability in ReadXWDImage. (bsc#1146213)
- CVE-2019-15140: Fixed a use-after-free bug in the Matlab image parser. (bsc#1146212)
- CVE-2019-15141: Fixed a divide-by-zero vulnerability in the MeanShiftImage function. (bsc#1146211)
- CVE-2019-14980: Fixed an application crash resulting from a heap-based buffer over-read in WriteTIFFImage. (bsc#1146068)
- CVE-2019-16708: Fixed a memory leak in magick/xwindow.c (bsc#1151781).
- CVE-2019-16709: Fixed a memory leak in coders/dps.c (bsc#1151782).
- CVE-2019-16710: Fixed a memory leak in coders/dot.c (bsc#1151783).
- CVE-2019-16713: Fixed a memory leak in coders/dot.c (bsc#1151786).
ModerateSUSE bug 1133204SUSE bug 1146068SUSE bug 1146211SUSE bug 1146212SUSE bug 1146213SUSE bug 1151781SUSE bug 1151782SUSE bug 1151783SUSE bug 1151786CVE-2019-11472 at SUSECVE-2019-11472 at NVDCVE-2019-14980 at SUSECVE-2019-14980 at NVDCVE-2019-15139 at SUSECVE-2019-15139 at NVDCVE-2019-15140 at SUSECVE-2019-15140 at NVDCVE-2019-15141 at SUSECVE-2019-15141 at NVDCVE-2019-16708 at SUSECVE-2019-16708 at NVDCVE-2019-16709 at SUSECVE-2019-16709 at NVDCVE-2019-16710 at SUSECVE-2019-16710 at NVDCVE-2019-16713 at SUSECVE-2019-16713 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2019-19948: Fixed a heap-based buffer overflow in WriteSGIImage() (bsc#1159861).
- CVE-2019-19949: Fixed a heap-based buffer over-read in WritePNGImage() (bsc#1160369).
ModerateSUSE bug 1159861SUSE bug 1160369CVE-2019-19948 at SUSECVE-2019-19948 at NVDCVE-2019-19949 at SUSECVE-2019-19949 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2017-11527: Fixed a denial of service in inReadDPXImage() (bsc#1047054).
ModerateSUSE bug 1047054CVE-2017-11527 at SUSECVE-2017-11527 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2020-27560: Fixed potential denial of service in OptimizeLayerFrames function in MagickCore/layer.c (bsc#1178067).
ModerateSUSE bug 1178067CVE-2020-27560 at SUSECVE-2020-27560 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2020-19667: Fixed a stack buffer overflow in XPM coder could result in a crash (bsc#1179103).
- CVE-2020-25664: Fixed a heap-based buffer overflow in PopShortPixel (bsc#1179202).
- CVE-2020-25666: Fixed an outside the range of representable values of type 'int' and signed integer overflow (bsc#1179212).
- CVE-2020-27751: Fixed an integer overflow in MagickCore/quantum-export.c (bsc#1179269).
- CVE-2020-27752: Fixed a heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h (bsc#1179346).
- CVE-2020-27753: Fixed memory leaks in AcquireMagickMemory function (bsc#1179397).
- CVE-2020-27754: Fixed an outside the range of representable values of type 'long' and signed integer overflow at MagickCore/quantize.c (bsc#1179336).
- CVE-2020-27755: Fixed memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c (bsc#1179345).
- CVE-2020-27757: Fixed an outside the range of representable values of type 'unsigned long long' at MagickCore/quantum-private.h (bsc#1179268).
- CVE-2020-27759: Fixed an outside the range of representable values of type 'int' at MagickCore/quantize.c (bsc#1179313).
- CVE-2020-27760: Fixed a division by zero at MagickCore/enhance.c (bsc#1179281).
- CVE-2020-27761: Fixed an outside the range of representable values of type 'unsigned long' at coders/palm.c (bsc#1179315).
- CVE-2020-27763: Fixed a division by zero at MagickCore/resize.c (bsc#1179312).
- CVE-2020-27765: Fixed a division by zero at MagickCore/segment.c (bsc#1179311).
- CVE-2020-27767: Fixed an outside the range of representable values of type 'float' at MagickCore/quantum.h (bsc#1179322).
- CVE-2020-27768: Fixed an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h (bsc#1179339).
- CVE-2020-27769: Fixed an outside the range of representable values of type 'float' at MagickCore/quantize.c (bsc#1179321).
- CVE-2020-27771: Fixed an outside the range of representable values of type 'unsigned char' at coders/pdf.c (bsc#1179327).
- CVE-2020-27772: Fixed an outside the range of representable values of type 'unsigned int' at coders/bmp.c (bsc#1179347).
- CVE-2020-27775: Fixed an outside the range of representable values of type 'unsigned char' at MagickCore/quantum.h (bsc#1179338).
ModerateSUSE bug 1179103SUSE bug 1179202SUSE bug 1179212SUSE bug 1179269SUSE bug 1179281SUSE bug 1179311SUSE bug 1179312SUSE bug 1179313SUSE bug 1179315SUSE bug 1179321SUSE bug 1179322SUSE bug 1179327SUSE bug 1179336SUSE bug 1179338SUSE bug 1179339SUSE bug 1179345SUSE bug 1179346SUSE bug 1179347SUSE bug 1179397CVE-2020-19667 at SUSECVE-2020-19667 at NVDCVE-2020-25664 at SUSECVE-2020-25664 at NVDCVE-2020-25666 at SUSECVE-2020-25666 at NVDCVE-2020-27751 at SUSECVE-2020-27751 at NVDCVE-2020-27752 at SUSECVE-2020-27752 at NVDCVE-2020-27753 at SUSECVE-2020-27753 at NVDCVE-2020-27754 at SUSECVE-2020-27754 at NVDCVE-2020-27755 at SUSECVE-2020-27755 at NVDCVE-2020-27759 at SUSECVE-2020-27759 at NVDCVE-2020-27760 at SUSECVE-2020-27760 at NVDCVE-2020-27761 at SUSECVE-2020-27761 at NVDCVE-2020-27763 at SUSECVE-2020-27763 at NVDCVE-2020-27765 at SUSECVE-2020-27765 at NVDCVE-2020-27767 at SUSECVE-2020-27767 at NVDCVE-2020-27768 at SUSECVE-2020-27768 at NVDCVE-2020-27769 at SUSECVE-2020-27769 at NVDCVE-2020-27771 at SUSECVE-2020-27771 at NVDCVE-2020-27772 at SUSECVE-2020-27772 at NVDCVE-2020-27775 at SUSECVE-2020-27775 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2021-20176: Fixed an issue where processing a crafted file could lead to division by zero (bsc#1181836).
- CVE-2020-25665: Fixed heap-based buffer overflow in WritePALMImage (bsc#1179208).
ModerateSUSE bug 1179208SUSE bug 1181836CVE-2020-25665 at SUSECVE-2020-25665 at NVDCVE-2021-20176 at SUSECVE-2021-20176 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2021-20243 [bsc#1182336]: Division by zero in GetResizeFilterWeight in MagickCore/resize.c
- CVE-2021-20244 [bsc#1182325]: Division by zero in ImplodeImage in MagickCore/visual-effects.c
- CVE-2021-20246 [bsc#1182337]: Division by zero in ScaleResampleFilter in MagickCore/resample.c
ModerateSUSE bug 1182325SUSE bug 1182336SUSE bug 1182337CVE-2021-20243 at SUSECVE-2021-20243 at NVDCVE-2021-20244 at SUSECVE-2021-20244 at NVDCVE-2021-20246 at SUSECVE-2021-20246 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2021-20309: Division by zero in WaveImage() of MagickCore/visual-effects. (bsc#1184624)
- CVE-2021-20312: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c (bsc#1184627)
- CVE-2021-20313: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signature.c (bsc#1184628)
ModerateSUSE bug 1184624SUSE bug 1184627SUSE bug 1184628CVE-2021-20309 at SUSECVE-2021-20309 at NVDCVE-2021-20312 at SUSECVE-2021-20312 at NVDCVE-2021-20313 at SUSECVE-2021-20313 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2022-28463: Fixed buffer overflow in coders/cin.c (bsc#1199350).
ModerateSUSE bug 1199350CVE-2022-28463 at SUSECVE-2022-28463 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2019-17540: Fixed heap-based buffer overflow in ReadPSInfo in coders/ps.c. (bsc#1153866)
- CVE-2022-32546: Fixed an outside the range of representable values of type. (bsc#1200389)
- CVE-2022-32547: Fixed a load of misaligned address at MagickCore/property.c. (bsc#1200387)
ModerateSUSE bug 1153866SUSE bug 1200387SUSE bug 1200389CVE-2019-17540 at SUSECVE-2019-17540 at NVDCVE-2022-32546 at SUSECVE-2022-32546 at NVDCVE-2022-32547 at SUSECVE-2022-32547 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ImageMagick fixes the following issues:
- CVE-2023-1289: Fixed segmentation fault and possible DoS via specially crafted SVG. (bsc#1209141)
ModerateSUSE bug 1209141CVE-2023-1289 at SUSECVE-2023-1289 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for LibVNCServer (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
LibVNCServer was updated to fix two security issues.
These security issues were fixed:
- CVE-2016-9941: Heap-based buffer overflow in rfbproto.c allowed remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area (bsc#1017711)
- CVE-2016-9942: Heap-based buffer overflow in ultra.c allowed remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions (bsc#1017712)
ImportantSUSE bug 1017711SUSE bug 1017712CVE-2016-9941 at SUSECVE-2016-9941 at NVDCVE-2016-9942 at SUSECVE-2016-9942 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for LibVNCServer (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for LibVNCServer fixes the following issues:
- CVE-2018-7225: Missing input sanitization inside rfbserver.c rfbProcessClientNormalMessage() (bsc#1081493).
ModerateSUSE bug 1081493CVE-2018-7225 at SUSECVE-2018-7225 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for LibVNCServer (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for LibVNCServer fixes the following issues:
Security issues fixed:
- CVE-2018-15126: Fixed use-after-free in file transfer extension (bsc#1120114)
- CVE-2018-6307: Fixed use-after-free in file transfer extension server code (bsc#1120115)
- CVE-2018-20020: Fixed heap out-of-bound write inside structure in VNC client code (bsc#1120116)
- CVE-2018-15127: Fixed heap out-of-bounds write in rfbserver.c (bsc#1120117)
- CVE-2018-20019: Fixed multiple heap out-of-bound writes in VNC client code (bsc#1120118)
- CVE-2018-20022: Fixed information disclosure through improper initialization in VNC client code (bsc#1120120)
- CVE-2018-20024: Fixed NULL pointer dereference in VNC client code (bsc#1120121)
- CVE-2018-20021: Fixed infinite loop in VNC client code (bsc#1120122)
ImportantSUSE bug 1120114SUSE bug 1120115SUSE bug 1120116SUSE bug 1120117SUSE bug 1120118SUSE bug 1120120SUSE bug 1120121SUSE bug 1120122CVE-2018-15126 at SUSECVE-2018-15126 at NVDCVE-2018-15127 at SUSECVE-2018-15127 at NVDCVE-2018-20019 at SUSECVE-2018-20019 at NVDCVE-2018-20020 at SUSECVE-2018-20020 at NVDCVE-2018-20021 at SUSECVE-2018-20021 at NVDCVE-2018-20022 at SUSECVE-2018-20022 at NVDCVE-2018-20024 at SUSECVE-2018-20024 at NVDCVE-2018-6307 at SUSECVE-2018-6307 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for LibVNCServer (Critical)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for LibVNCServer fixes the following issues:
Security issues fixed:
- CVE-2018-20749: Fixed a heap out of bounds write vulnerability in rfbserver.c (bsc#1123828)
- CVE-2018-20750: Fixed a heap out of bounds write vulnerability in rfbserver.c (bsc#1123832)
- CVE-2018-20748: Fixed multiple heap out-of-bound writes in VNC client code (bsc#1123823)
CriticalSUSE bug 1123823SUSE bug 1123828SUSE bug 1123832CVE-2018-20748 at SUSECVE-2018-20748 at NVDCVE-2018-20749 at SUSECVE-2018-20749 at NVDCVE-2018-20750 at SUSECVE-2018-20750 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for LibVNCServer (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for LibVNCServer fixes the following issues:
- CVE-2019-15690: Fixed a heap buffer overflow (bsc#1160471).
- CVE-2019-15681: Fixed a memory leak which could have allowed to a remote attacker to read stack memory (bsc#1155419).
- CVE-2019-20788: Fixed a integer overflow and heap-based buffer overflow via a large height or width value (bsc#1170441).
ImportantSUSE bug 1155419SUSE bug 1160471SUSE bug 1170441CVE-2019-15681 at SUSECVE-2019-15681 at NVDCVE-2019-15690 at SUSECVE-2019-15690 at NVDCVE-2019-20788 at SUSECVE-2019-20788 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for LibVNCServer (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for LibVNCServer fixes the following issues:
- security update
- added patches
fix CVE-2020-14398 [bsc#1173880], improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c
+ LibVNCServer-CVE-2020-14398.patch
fix CVE-2020-14397 [bsc#1173700], NULL pointer dereference in libvncserver/rfbregion.c
+ LibVNCServer-CVE-2020-14397.patch
fix CVE-2020-14399 [bsc#1173743], Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c.
+ LibVNCServer-CVE-2020-14399.patch
fix CVE-2020-14400 [bsc#1173691], Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c.
+ LibVNCServer-CVE-2020-14400.patch
fix CVE-2020-14401 [bsc#1173694], potential integer overflows in libvncserver/scale.c
+ LibVNCServer-CVE-2020-14401.patch
fix CVE-2020-14402 [bsc#1173701], out-of-bounds access via encodings.
+ LibVNCServer-CVE-2020-14402,14403,14404.patch
ImportantSUSE bug 1173691SUSE bug 1173694SUSE bug 1173700SUSE bug 1173701SUSE bug 1173743SUSE bug 1173880CVE-2020-14397 at SUSECVE-2020-14397 at NVDCVE-2020-14398 at SUSECVE-2020-14398 at NVDCVE-2020-14399 at SUSECVE-2020-14399 at NVDCVE-2020-14400 at SUSECVE-2020-14400 at NVDCVE-2020-14401 at SUSECVE-2020-14401 at NVDCVE-2020-14402 at SUSECVE-2020-14402 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for LibVNCServer (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for LibVNCServer fixes the following issues:
- CVE-2020-25708 [bsc#1178682], libvncserver/rfbserver.c has a divide by zero which could result in DoS
ImportantSUSE bug 1178682CVE-2020-25708 at SUSECVE-2020-25708 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for LibVNCServer (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for LibVNCServer fixes the following issues:
- CVE-2020-29260: Fixed memory leakage via rfbClientCleanup() (bsc#1203106).
ModerateSUSE bug 1203106CVE-2020-29260 at SUSECVE-2020-29260 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for MesaSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for Mesa provides the following fixes:
* Re-enable build and packaging of OSMesa libs. (bnc#874107)
* Build against fixed llvm, addressing a problem that prevented X from
starting on some VIA cpus. (bnc#838893)
SUSE bug 828007SUSE bug 838893SUSE bug 874107CVE-2013-1872 at SUSECVE-2013-1872 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for Mesa (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for Mesa fixes the following issues:
Security issue fixed:
- CVE-2019-5068: Fixed exploitable shared memory permissions vulnerability (bsc#1156015).
Bug fixes:
- Initialize AMD RSxxx chipsets correctly, fixing corruption of the graphical login screen (bsc#985650).
ModerateSUSE bug 1156015SUSE bug 985650CVE-2019-5068 at SUSECVE-2019-5068 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update to Firefox 17.0.9esr (bnc#840485) addresses:
* MFSA 2013-91 User-defined properties on DOM proxies get the wrong
'this' object
o (CVE-2013-1737)
* MFSA 2013-90 Memory corruption involving scrolling
o use-after-free in mozilla::layout::ScrollbarActivity
(CVE-2013-1735)
o Memory corruption in nsGfxScrollFrameInner::IsLTR()
(CVE-2013-1736)
* MFSA 2013-89 Buffer overflow with multi-column, lists, and floats
o buffer overflow at nsFloatManager::GetFlowArea() with multicol,
list, floats (CVE-2013-1732)
* MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes
o compartment mismatch in nsXBLBinding::DoInitJSClass
(CVE-2013-1730)
* MFSA 2013-83 Mozilla Updater does not lock MAR file after signature
verification
o MAR signature bypass in Updater could lead to downgrade
(CVE-2013-1726)
* MFSA 2013-82 Calling scope for new Javascript objects can lead to
memory corruption
o ABORT: bad scope for new JSObjects: ReparentWrapper /
document.open (CVE-2013-1725)
* MFSA 2013-79 Use-after-free in Animation Manager during stylesheet
cloning
o Heap-use-after-free in nsAnimationManager::BuildAnimations
(CVE-2013-1722)
* MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 /
rv:17.0.9)
o Memory safety bugs fixed in Firefox 17.0.9 and Firefox 24.0
(CVE-2013-1718)
* MFSA 2013-65 Buffer underflow when generating CRMF requests
o ASAN heap-buffer-overflow (read 1) in
cryptojs_interpret_key_gen_type (CVE-2013-1705)
Security Issue references:
* CVE-2013-1737
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1737>
* CVE-2013-1735
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1735>
* CVE-2013-1736
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1736>
* CVE-2013-1732
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1732>
* CVE-2013-1730
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1730>
* CVE-2013-1726
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1726>
* CVE-2013-1725
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1725>
* CVE-2013-1722
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1722>
* CVE-2013-1718
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1718>
* CVE-2013-1705
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1705>
SUSE bug 833389SUSE bug 840485SUSE bug 916196SUSE bug 917100SUSE bug 917300SUSE bug 917597CVE-2013-1701 at SUSECVE-2013-1701 at NVDCVE-2013-1702 at SUSECVE-2013-1702 at NVDCVE-2013-1705 at SUSECVE-2013-1705 at NVDCVE-2013-1706 at SUSECVE-2013-1706 at NVDCVE-2013-1707 at SUSECVE-2013-1707 at NVDCVE-2013-1709 at SUSECVE-2013-1709 at NVDCVE-2013-1710 at SUSECVE-2013-1710 at NVDCVE-2013-1712 at SUSECVE-2013-1712 at NVDCVE-2013-1713 at SUSECVE-2013-1713 at NVDCVE-2013-1714 at SUSECVE-2013-1714 at NVDCVE-2013-1717 at SUSECVE-2013-1717 at NVDCVE-2013-1718 at SUSECVE-2013-1718 at NVDCVE-2013-1722 at SUSECVE-2013-1722 at NVDCVE-2013-1725 at SUSECVE-2013-1725 at NVDCVE-2013-1726 at SUSECVE-2013-1726 at NVDCVE-2013-1730 at SUSECVE-2013-1730 at NVDCVE-2013-1732 at SUSECVE-2013-1732 at NVDCVE-2013-1735 at SUSECVE-2013-1735 at NVDCVE-2013-1736 at SUSECVE-2013-1736 at NVDCVE-2013-1737 at SUSECVE-2013-1737 at NVDCVE-2015-0822 at SUSECVE-2015-0822 at NVDCVE-2015-0827 at SUSECVE-2015-0827 at NVDCVE-2015-0831 at SUSECVE-2015-0831 at NVDCVE-2015-0836 at SUSECVE-2015-0836 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Critical)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This security update (bsc#940918) fixes the following issues:
* MFSA 2015-78 (CVE-2015-4495, bmo#1178058): Same origin violation
* Remove PlayPreview registration from PDF Viewer (bmo#1179262)
CriticalSUSE bug 940918CVE-2015-4495 at SUSECVE-2015-4495 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
MozillaFirefox was updated to version 38.5.0 esr to fix the following issues:
Following security issues were fixed:
* MFSA 2015-134/CVE-2015-7201/CVE-2015-7202
Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)
* MFSA 2015-138/CVE-2015-7210
Use-after-free in WebRTC when datachannel is used after being
destroyed
* MFSA 2015-139/CVE-2015-7212
Integer overflow allocating extremely large textures
* MFSA 2015-145/CVE-2015-7205
Underflow through code inspection
* MFSA 2015-146/CVE-2015-7213
Integer overflow in MP4 playback in 64-bit versions
* MFSA 2015-147/CVE-2015-7222
Integer underflow and buffer overflow processing MP4 metadata
in libstagefright
* MFSA 2015-149/CVE-2015-7214
Cross-site reading attack through data and view-source URIs
ImportantSUSE bug 959277CVE-2015-7201 at SUSECVE-2015-7201 at NVDCVE-2015-7202 at SUSECVE-2015-7202 at NVDCVE-2015-7205 at SUSECVE-2015-7205 at NVDCVE-2015-7210 at SUSECVE-2015-7210 at NVDCVE-2015-7212 at SUSECVE-2015-7212 at NVDCVE-2015-7213 at SUSECVE-2015-7213 at NVDCVE-2015-7214 at SUSECVE-2015-7214 at NVDCVE-2015-7222 at SUSECVE-2015-7222 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
- update to Firefox 38.6.1 ESR (bsc#967087)
* MFSA 2016-14/CVE-2016-1523
(bmo#1246093)
Vulnerabilities in Graphite 2
ImportantSUSE bug 967087CVE-2016-1523 at SUSECVE-2016-1523 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update to MozillaFirefox 38.8.0 ESR fixes the following security issues (bsc#977333):
- CVE-2016-2805: Miscellaneous memory safety hazards - MFSA 2016-39 (bsc#977374)
- CVE-2016-2807: Miscellaneous memory safety hazards - MFSA 2016-39 (bsc#977376)
- CVE-2016-2808: Write to invalid HashMap entry through JavaScript.watch() - MFSA 2016-47 (bsc#977386)
- CVE-2016-2814: Buffer overflow in libstagefright with CENC offsets - MFSA 2016-44 (bsc#977381)
ImportantSUSE bug 977333SUSE bug 977374SUSE bug 977376SUSE bug 977381SUSE bug 977386CVE-2016-2805 at SUSECVE-2016-2805 at NVDCVE-2016-2807 at SUSECVE-2016-2807 at NVDCVE-2016-2808 at SUSECVE-2016-2808 at NVDCVE-2016-2814 at SUSECVE-2016-2814 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for MozillaFirefox, MozillaFirefox-branding-SLE and mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
MozillaFirefox, MozillaFirefox-branding-SLE and mozilla-nss were updated to fix nine security issues.
MozillaFirefox was updated to version 45.2.0 ESR. mozilla-nss was updated to version 3.21.1.
These security issues were fixed:
- CVE-2016-2834: Memory safety bugs in NSS (MFSA 2016-61) (bsc#983639).
- CVE-2016-2824: Out-of-bounds write with WebGL shader (MFSA 2016-53) (bsc#983651).
- CVE-2016-2822: Addressbar spoofing though the SELECT element (MFSA 2016-52) (bsc#983652).
- CVE-2016-2821: Use-after-free deleting tables from a contenteditable document (MFSA 2016-51) (bsc#983653).
- CVE-2016-2819: Buffer overflow parsing HTML5 fragments (MFSA 2016-50) (bsc#983655).
- CVE-2016-2828: Use-after-free when textures are used in WebGL operations after recycle pool destruction (MFSA 2016-56) (bsc#983646).
- CVE-2016-2831: Entering fullscreen and persistent pointerlock without user permission (MFSA 2016-58) (bsc#983643).
- CVE-2016-2815, CVE-2016-2818: Miscellaneous memory safety hazards (MFSA 2016-49) (bsc#983638)
These non-security issues were fixed:
- Fix crashes on aarch64
* Determine page size at runtime (bsc#984006)
* Allow aarch64 to work in safe mode (bsc#985659)
- Fix crashes on mainframes
All extensions must now be signed by addons.mozilla.org. Please read README.SUSE for more details.
ImportantSUSE bug 983549SUSE bug 983638SUSE bug 983639SUSE bug 983643SUSE bug 983646SUSE bug 983651SUSE bug 983652SUSE bug 983653SUSE bug 983655SUSE bug 984006SUSE bug 985659CVE-2016-2815 at SUSECVE-2016-2815 at NVDCVE-2016-2818 at SUSECVE-2016-2818 at NVDCVE-2016-2819 at SUSECVE-2016-2819 at NVDCVE-2016-2821 at SUSECVE-2016-2821 at NVDCVE-2016-2822 at SUSECVE-2016-2822 at NVDCVE-2016-2824 at SUSECVE-2016-2824 at NVDCVE-2016-2828 at SUSECVE-2016-2828 at NVDCVE-2016-2831 at SUSECVE-2016-2831 at NVDCVE-2016-2834 at SUSECVE-2016-2834 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
MozillaFirefox was updated to 45.3.0 ESR to fix the following issues
(bsc#991809):
* MFSA 2016-62/CVE-2016-2835/CVE-2016-2836
Miscellaneous memory safety hazards (rv:48.0 / rv:45.3)
* MFSA 2016-63/CVE-2016-2830
Favicon network connection can persist when page is closed
* MFSA 2016-64/CVE-2016-2838
Buffer overflow rendering SVG with bidirectional content
* MFSA 2016-65/CVE-2016-2839
Cairo rendering crash due to memory allocation issue with
FFmpeg 0.10
* MFSA 2016-67/CVE-2016-5252
Stack underflow during 2D graphics rendering
* MFSA 2016-70/CVE-2016-5254
Use-after-free when using alt key and toplevel menus
* MFSA 2016-72/CVE-2016-5258
Use-after-free in DTLS during WebRTC session shutdown
* MFSA 2016-73/CVE-2016-5259
Use-after-free in service workers with nested sync events
* MFSA 2016-76/CVE-2016-5262
Scripts on marquee tag can execute in sandboxed iframes
* MFSA 2016-77/CVE-2016-2837
Buffer overflow in ClearKey Content Decryption Module (CDM)
during video playback
* MFSA 2016-78/CVE-2016-5263
Type confusion in display transformation
* MFSA 2016-79/CVE-2016-5264
Use-after-free when applying SVG effects
* MFSA 2016-80/CVE-2016-5265
Same-origin policy violation using local HTML file and saved
shortcut file
* CVE-2016-6354: Fix for possible buffer overrun (bsc#990856)
Also a temporary workaround was added:
- Temporarily bind Firefox to the first CPU as a hotfix
for an apparent race condition (bsc#989196, bsc#990628)
ImportantSUSE bug 989196SUSE bug 990628SUSE bug 990856SUSE bug 991809CVE-2016-2830 at SUSECVE-2016-2830 at NVDCVE-2016-2835 at SUSECVE-2016-2835 at NVDCVE-2016-2836 at SUSECVE-2016-2836 at NVDCVE-2016-2837 at SUSECVE-2016-2837 at NVDCVE-2016-2838 at SUSECVE-2016-2838 at NVDCVE-2016-2839 at SUSECVE-2016-2839 at NVDCVE-2016-5252 at SUSECVE-2016-5252 at NVDCVE-2016-5254 at SUSECVE-2016-5254 at NVDCVE-2016-5258 at SUSECVE-2016-5258 at NVDCVE-2016-5259 at SUSECVE-2016-5259 at NVDCVE-2016-5262 at SUSECVE-2016-5262 at NVDCVE-2016-5263 at SUSECVE-2016-5263 at NVDCVE-2016-5264 at SUSECVE-2016-5264 at NVDCVE-2016-5265 at SUSECVE-2016-5265 at NVDCVE-2016-6354 at SUSECVE-2016-6354 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
MozillaFirefox was updated to 45.4.0 ESR to fix the following issues (bsc#999701):
The following security issue were fixed:
* MFSA 2016-86/CVE-2016-5270: Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString
* MFSA 2016-86/CVE-2016-5272: Bad cast in nsImageGeometryMixin
* MFSA 2016-86/CVE-2016-5276: Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList
* MFSA 2016-86/CVE-2016-5274: use-after-free in nsFrameManager::CaptureFrameState
* MFSA 2016-86/CVE-2016-5277: Heap-use-after-free in nsRefreshDriver::Tick
* MFSA 2016-86/CVE-2016-5278: Heap-buffer-overflow in nsBMPEncoder::AddImageFrame
* MFSA 2016-86/CVE-2016-5280: Use-after-free in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap
* MFSA 2016-86/CVE-2016-5281: use-after-free in DOMSVGLength
* MFSA 2016-86/CVE-2016-5284: Add-on update site certificate pin expiration
* MFSA 2016-86/CVE-2016-5250: Resource Timing API is storing resources sent by the previous page
* MFSA 2016-86/CVE-2016-5261: Integer overflow and memory corruption in WebSocketChannel
* MFSA 2016-86/CVE-2016-5257: Various memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4
ImportantSUSE bug 999701CVE-2016-5250 at SUSECVE-2016-5250 at NVDCVE-2016-5257 at SUSECVE-2016-5257 at NVDCVE-2016-5261 at SUSECVE-2016-5261 at NVDCVE-2016-5270 at SUSECVE-2016-5270 at NVDCVE-2016-5272 at SUSECVE-2016-5272 at NVDCVE-2016-5274 at SUSECVE-2016-5274 at NVDCVE-2016-5276 at SUSECVE-2016-5276 at NVDCVE-2016-5277 at SUSECVE-2016-5277 at NVDCVE-2016-5278 at SUSECVE-2016-5278 at NVDCVE-2016-5280 at SUSECVE-2016-5280 at NVDCVE-2016-5281 at SUSECVE-2016-5281 at NVDCVE-2016-5284 at SUSECVE-2016-5284 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
MozillaFirefox 45 ESR was updated to 45.6 to fix the following issues:
* MFSA 2016-95/CVE-2016-9897: Memory corruption in libGLES
* MFSA 2016-95/CVE-2016-9901: Data from Pocket server improperly sanitized before execution
* MFSA 2016-95/CVE-2016-9898: Use-after-free in Editor while manipulating DOM subtrees
* MFSA 2016-95/CVE-2016-9899: Use-after-free while manipulating DOM events and audio elements
* MFSA 2016-95/CVE-2016-9904: Cross-origin information leak in shared atoms
* MFSA 2016-95/CVE-2016-9905: Crash in EnumerateSubDocuments
* MFSA 2016-95/CVE-2016-9895: CSP bypass using marquee tag
* MFSA 2016-95/CVE-2016-9900: Restricted external resources can be loaded by SVG images through data URLs
* MFSA 2016-95/CVE-2016-9893: Memory safety bugs fixed in Firefox 50.1 and Firefox ESR 45.6
* MFSA 2016-95/CVE-2016-9902: Pocket extension does not validate the origin of events
Please see https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/
for more information.
Also the following bug was fixed:
- Fix fontconfig issue (bsc#1000751) on 32bit systems as well.
ImportantSUSE bug 1000751SUSE bug 1015422CVE-2016-9893 at SUSECVE-2016-9893 at NVDCVE-2016-9895 at SUSECVE-2016-9895 at NVDCVE-2016-9897 at SUSECVE-2016-9897 at NVDCVE-2016-9898 at SUSECVE-2016-9898 at NVDCVE-2016-9899 at SUSECVE-2016-9899 at NVDCVE-2016-9900 at SUSECVE-2016-9900 at NVDCVE-2016-9901 at SUSECVE-2016-9901 at NVDCVE-2016-9902 at SUSECVE-2016-9902 at NVDCVE-2016-9904 at SUSECVE-2016-9904 at NVDCVE-2016-9905 at SUSECVE-2016-9905 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
MozillaFirefox 45 ESR was updated to 45.7 to fix the following issues (bsc#1021991):
* MFSA 2017-02/CVE-2017-5378: Pointer and frame data leakage of Javascript objects (bsc#1021818)
* MFSA 2017-02/CVE-2017-5396: Use-after-free with Media Decoder (bsc#1021821)
* MFSA 2017-02/CVE-2017-5386: WebExtensions can use data: protocol to affect other extensions (bsc#1021823)
* MFSA 2017-02/CVE-2017-5380: Potential use-after-free during DOM manipulations (bsc#1021819)
* MFSA 2017-02/CVE-2017-5390: Insecure communication methods in Developer Tools JSON viewer (bsc#1021820)
* MFSA 2017-02/CVE-2017-5373: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7 (bsc#1021824)
* MFSA 2017-02/CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP (bsc#1021814)
* MFSA 2017-02/CVE-2017-5376: Use-after-free in XSL (bsc#1021817)
* MFSA 2017-02/CVE-2017-5383: Location bar spoofing with unicode characters (bsc#1021822)
Please see https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/
for more information.
ImportantSUSE bug 1021814SUSE bug 1021817SUSE bug 1021818SUSE bug 1021819SUSE bug 1021820SUSE bug 1021821SUSE bug 1021822SUSE bug 1021823SUSE bug 1021824SUSE bug 1021991CVE-2017-5373 at SUSECVE-2017-5373 at NVDCVE-2017-5375 at SUSECVE-2017-5375 at NVDCVE-2017-5376 at SUSECVE-2017-5376 at NVDCVE-2017-5378 at SUSECVE-2017-5378 at NVDCVE-2017-5380 at SUSECVE-2017-5380 at NVDCVE-2017-5383 at SUSECVE-2017-5383 at NVDCVE-2017-5386 at SUSECVE-2017-5386 at NVDCVE-2017-5390 at SUSECVE-2017-5390 at NVDCVE-2017-5396 at SUSECVE-2017-5396 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox to ESR 45.8 fixes the following issues:
Security issues fixed (bsc#1028391):
- CVE-2017-5402: Use-after-free working with events in FontFace objects
- CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping
- CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
- CVE-2017-5401: Memory Corruption when handling ErrorResult
- CVE-2017-5407: Pixel and history stealing via floating-point timing side channel with SVG filters
- CVE-2017-5404: Use-after-free working with ranges in selections
- CVE-2017-5405: FTP response codes can cause use of uninitialized values for ports
- CVE-2017-5408: Cross-origin reading of video captions in violation of CORS
- CVE-2017-5409: File deletion via callback parameter in Mozilla Windows Updater and Maintenance Service
- CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8
Bugfixes:
- fix crashes on Itanium (bsc#1027527)
ImportantSUSE bug 1027527SUSE bug 1028391CVE-2017-5398 at SUSECVE-2017-5398 at NVDCVE-2017-5400 at SUSECVE-2017-5400 at NVDCVE-2017-5401 at SUSECVE-2017-5401 at NVDCVE-2017-5402 at SUSECVE-2017-5402 at NVDCVE-2017-5404 at SUSECVE-2017-5404 at NVDCVE-2017-5405 at SUSECVE-2017-5405 at NVDCVE-2017-5407 at SUSECVE-2017-5407 at NVDCVE-2017-5408 at SUSECVE-2017-5408 at NVDCVE-2017-5409 at SUSECVE-2017-5409 at NVDCVE-2017-5410 at SUSECVE-2017-5410 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for MozillaFirefox, mozilla-nss, mozilla-nspr (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
Mozilla Firefox was updated to the Firefox ESR release 45.9.
Mozilla NSS was updated to support TLS 1.3 (close to release draft) and various new
ciphers, PRFs, Diffie Hellman key agreement and support for more hashes.
Security issues fixed in Firefox (bsc#1035082)
- MFSA 2017-11/CVE-2017-5469: Potential Buffer overflow in flex-generated code
- MFSA 2017-11/CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1
- MFSA 2017-11/CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing
- MFSA 2017-11/CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing
- MFSA 2017-11/CVE-2017-5437: Vulnerabilities in Libevent library
- MFSA 2017-11/CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2
- MFSA 2017-11/CVE-2017-5435: Use-after-free during transaction processing in the editor
- MFSA 2017-11/CVE-2017-5434: Use-after-free during focus handling
- MFSA 2017-11/CVE-2017-5433: Use-after-free in SMIL animation functions
- MFSA 2017-11/CVE-2017-5432: Use-after-free in text input selection
- MFSA 2017-11/CVE-2017-5464: Memory corruption with accessibility and DOM manipulation
- MFSA 2017-11/CVE-2017-5465: Out-of-bounds read in ConvolvePixel
- MFSA 2017-11/CVE-2017-5460: Use-after-free in frame selection
- MFSA 2017-11/CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor
- MFSA 2017-11/CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data
- MFSA 2017-11/CVE-2017-5447: Out-of-bounds read during glyph processing
- MFSA 2017-11/CVE-2017-5444: Buffer overflow while parsing application/http-index-format content
- MFSA 2017-11/CVE-2017-5445: Uninitialized values used while parsing application/http-index-format content
- MFSA 2017-11/CVE-2017-5442: Use-after-free during style changes
- MFSA 2017-11/CVE-2017-5443: Out-of-bounds write during BinHex decoding
- MFSA 2017-11/CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT processing
- MFSA 2017-11/CVE-2017-5441: Use-after-free with selection during scroll events
- MFSA 2017-11/CVE-2017-5459: Buffer overflow in WebGL
Mozilla NSS was updated to 3.29.5, bringing new features and fixing bugs:
- Update to NSS 3.29.5:
* MFSA 2017-11/CVE-2017-5461: Rare crashes in the base 64 decoder and encoder were fixed.
* MFSA 2017-11/CVE-2017-5462: A carry over bug in the RNG was fixed.
* CVE-2016-9574: Remote DoS during session handshake when using SessionTicket extention and ECDHE-ECDSA (bsc#1015499).
* requires NSPR >= 4.13.1
- Update to NSS 3.29.3
* enables TLS 1.3 by default
- Fixed a bug in hash computation (and build with
GCC 7 which complains about shifts of boolean values).
(bsc#1030071, bmo#1348767)
- Update to NSS 3.28.3
This is a patch release to fix binary compatibility issues.
- Update to NSS 3.28.1
This is a patch release to update the list of root CA certificates.
* The following CA certificates were Removed
CN = Buypass Class 2 CA 1
CN = Root CA Generalitat Valenciana
OU = RSA Security 2048 V3
* The following CA certificates were Added
OU = AC RAIZ FNMT-RCM
CN = Amazon Root CA 1
CN = Amazon Root CA 2
CN = Amazon Root CA 3
CN = Amazon Root CA 4
CN = LuxTrust Global Root 2
CN = Symantec Class 1 Public Primary Certification Authority - G4
CN = Symantec Class 1 Public Primary Certification Authority - G6
CN = Symantec Class 2 Public Primary Certification Authority - G4
CN = Symantec Class 2 Public Primary Certification Authority - G6
* The version number of the updated root CA list has been set to 2.11
- Update to NSS 3.28
New functionality:
* NSS includes support for TLS 1.3 draft -18. This includes a number
of improvements to TLS 1.3:
- The signed certificate timestamp, used in certificate
transparency, is supported in TLS 1.3.
- Key exporters for TLS 1.3 are supported. This includes the early
key exporter, which can be used if 0-RTT is enabled. Note that
there is a difference between TLS 1.3 and key exporters in older
versions of TLS. TLS 1.3 does not distinguish between an empty
context and no context.
- The TLS 1.3 (draft) protocol can be enabled, by defining
NSS_ENABLE_TLS_1_3=1 when building NSS.
- NSS includes support for the X25519 key exchange algorithm,
which is supported and enabled by default in all versions of TLS.
Notable Changes:
* NSS can no longer be compiled with support for additional elliptic curves.
This was previously possible by replacing certain NSS source files.
* NSS will now detect the presence of tokens that support additional
elliptic curves and enable those curves for use in TLS.
Note that this detection has a one-off performance cost, which can be
avoided by using the SSL_NamedGroupConfig function to limit supported
groups to those that NSS provides.
* PKCS#11 bypass for TLS is no longer supported and has been removed.
* Support for 'export' grade SSL/TLS cipher suites has been removed.
* NSS now uses the signature schemes definition in TLS 1.3.
This also affects TLS 1.2. NSS will now only generate signatures with the
combinations of hash and signature scheme that are defined in TLS 1.3,
even when negotiating TLS 1.2.
- This means that SHA-256 will only be used with P-256 ECDSA certificates,
SHA-384 with P-384 certificates, and SHA-512 with P-521 certificates.
SHA-1 is permitted (in TLS 1.2 only) with any certificate for backward
compatibility reasons.
- NSS will now no longer assume that default signature schemes are
supported by a peer if there was no commonly supported signature scheme.
* NSS will now check if RSA-PSS signing is supported by the token that holds
the private key prior to using it for TLS.
* The certificate validation code contains checks to no longer trust
certificates that are issued by old WoSign and StartCom CAs after
October 21, 2016. This is equivalent to the behavior that Mozilla will
release with Firefox 51.
- Update to NSS 3.27.2
* Fixed SSL_SetTrustAnchors leaks (bmo#1318561)
- raised the minimum softokn/freebl version to 3.28 as reported in (boo#1021636)
- Update to NSS 3.26.2
New Functionality:
* the selfserv test utility has been enhanced to support ALPN
(HTTP/1.1) and 0-RTT
* added support for the System-wide crypto policy available on
Fedora Linux see http://fedoraproject.org/wiki/Changes/CryptoPolicy
* introduced build flag NSS_DISABLE_LIBPKIX that allows compilation
of NSS without the libpkix library
Notable Changes:
* The following CA certificate was Added
CN = ISRG Root X1
* NPN is disabled and ALPN is enabled by default
* the NSS test suite now completes with the experimental TLS 1.3
code enabled
* several test improvements and additions, including a NIST known answer test
Changes in 3.26.2
* MD5 signature algorithms sent by the server in CertificateRequest
messages are now properly ignored. Previously, with rare server
configurations, an MD5 signature algorithm might have been selected
for client authentication and caused the client to abort the
connection soon after.
- Update to NSS 3.25
New functionality:
* Implemented DHE key agreement for TLS 1.3
* Added support for ChaCha with TLS 1.3
* Added support for TLS 1.2 ciphersuites that use SHA384 as the PRF
* In previous versions, when using client authentication with TLS 1.2,
NSS only supported certificate_verify messages that used the same
signature hash algorithm as used by the PRF. This limitation has
been removed.
Notable changes:
* An SSL socket can no longer be configured to allow both TLS 1.3 and SSLv3
* Regression fix: NSS no longer reports a failure if an application
attempts to disable the SSLv2 protocol.
* The list of trusted CA certificates has been updated to version 2.8
* The following CA certificate was Removed
Sonera Class1 CA
* The following CA certificates were Added
Hellenic Academic and Research Institutions RootCA 2015
Hellenic Academic and Research Institutions ECC RootCA 2015
Certplus Root CA G1
Certplus Root CA G2
OpenTrust Root CA G1
OpenTrust Root CA G2
OpenTrust Root CA G3
- Update to NSS 3.24
New functionality:
* NSS softoken has been updated with the latest National Institute
of Standards and Technology (NIST) guidance (as of 2015):
- Software integrity checks and POST functions are executed on
shared library load. These checks have been disabled by default,
as they can cause a performance regression. To enable these
checks, you must define symbol NSS_FORCE_FIPS when building NSS.
- Counter mode and Galois/Counter Mode (GCM) have checks to
prevent counter overflow.
- Additional CSPs are zeroed in the code.
- NSS softoken uses new guidance for how many Rabin-Miller tests
are needed to verify a prime based on prime size.
* NSS softoken has also been updated to allow NSS to run in FIPS
Level 1 (no password). This mode is triggered by setting the
database password to the empty string. In FIPS mode, you may move
from Level 1 to Level 2 (by setting an appropriate password),
but not the reverse.
* A SSL_ConfigServerCert function has been added for configuring
SSL/TLS server sockets with a certificate and private key. Use
this new function in place of SSL_ConfigSecureServer,
SSL_ConfigSecureServerWithCertChain, SSL_SetStapledOCSPResponses,
and SSL_SetSignedCertTimestamps. SSL_ConfigServerCert automatically
determines the certificate type from the certificate and private key.
The caller is no longer required to use SSLKEAType explicitly to
select a 'slot' into which the certificate is configured (which
incorrectly identifies a key agreement type rather than a certificate).
Separate functions for configuring Online Certificate Status Protocol
(OCSP) responses or Signed Certificate Timestamps are not needed,
since these can be added to the optional SSLExtraServerCertData struct
provided to SSL_ConfigServerCert. Also, partial support for RSA
Probabilistic Signature Scheme (RSA-PSS) certificates has been added.
Although these certificates can be configured, they will not be
used by NSS in this version.
* Deprecate the member attribute authAlgorithm of type SSLCipherSuiteInfo.
Instead, applications should use the newly added attribute authType.
* Add a shared library (libfreeblpriv3) on Linux platforms that
define FREEBL_LOWHASH.
* Remove most code related to SSL v2, including the ability to actively
send a SSLv2-compatible client hello. However, the server-side
implementation of the SSL/TLS protocol still supports processing
of received v2-compatible client hello messages.
* Disable (by default) NSS support in optimized builds for logging SSL/TLS
key material to a logfile if the SSLKEYLOGFILE environment variable
is set. To enable the functionality in optimized builds, you must define
the symbol NSS_ALLOW_SSLKEYLOGFILE when building NSS.
* Update NSS to protect it against the Cachebleed attack.
* Disable support for DTLS compression.
* Improve support for TLS 1.3. This includes support for DTLS 1.3.
Note that TLS 1.3 support is experimental and not suitable for
production use.
- Update to NSS 3.23
New functionality:
* ChaCha20/Poly1305 cipher and TLS cipher suites now supported
* Experimental-only support TLS 1.3 1-RTT mode (draft-11).
This code is not ready for production use.
Notable changes:
* The list of TLS extensions sent in the TLS handshake has been
reordered to increase compatibility of the Extended Master Secret
with with servers
* The build time environment variable NSS_ENABLE_ZLIB has been
renamed to NSS_SSL_ENABLE_ZLIB
* The build time environment variable NSS_DISABLE_CHACHAPOLY was
added, which can be used to prevent compilation of the
ChaCha20/Poly1305 code.
* The following CA certificates were Removed
- Staat der Nederlanden Root CA
- NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado
- NetLock Kozjegyzoi (Class A) Tanusitvanykiado
- NetLock Uzleti (Class B) Tanusitvanykiado
- NetLock Expressz (Class C) Tanusitvanykiado
- VeriSign Class 1 Public PCA - G2
- VeriSign Class 3 Public PCA
- VeriSign Class 3 Public PCA - G2
- CA Disig
* The following CA certificates were Added
+ SZAFIR ROOT CA2
+ Certum Trusted Network CA 2
* The following CA certificate had the Email trust bit turned on
+ Actalis Authentication Root CA
Security fixes:
* CVE-2016-2834: Memory safety bugs (boo#983639)
MFSA-2016-61 bmo#1206283 bmo#1221620 bmo#1241034 bmo#1241037
- Update to NSS 3.22.3
* Increase compatibility of TLS extended master secret,
don't send an empty TLS extension last in the handshake
(bmo#1243641)
* Fixed a heap-based buffer overflow related to the parsing of
certain ASN.1 structures. An attacker could create a specially-crafted
certificate which, when parsed by NSS, would cause a crash or
execution of arbitrary code with the permissions of the user.
(CVE-2016-1950, bmo#1245528)
- Update to NSS 3.22.2
New functionality:
* RSA-PSS signatures are now supported (bmo#1215295)
* Pseudorandom functions based on hashes other than SHA-1 are now supported
* Enforce an External Policy on NSS from a config file (bmo#1009429)
- CVE-2016-8635: Fix for DH small subgroup confinement attack (bsc#1015547)
Mozilla NSPR was updated to version 4.13.1:
The previously released version 4.13 had changed pipes to be
nonblocking by default, and as a consequence, PollEvent was
changed to not block on clear.
The NSPR development team received reports that these changes
caused regressions in some applications that use NSPR, and it
has been decided to revert the changes made in NSPR 4.13.
NSPR 4.13.1 restores the traditional behavior of pipes and
PollEvent.
Mozilla NSPR update to version 4.13 had these changes:
- PL_strcmp (and others) were fixed to return consistent results
when one of the arguments is NULL.
- PollEvent was fixed to not block on clear.
- Pipes are always nonblocking.
- PR_GetNameForIdentity: added thread safety lock and bound checks.
- Removed the PLArena freelist.
- Avoid some integer overflows.
- fixed several comments.
ImportantSUSE bug 1015499SUSE bug 1015547SUSE bug 1021636SUSE bug 1030071SUSE bug 1035082SUSE bug 983639CVE-2016-1950 at SUSECVE-2016-1950 at NVDCVE-2016-2834 at SUSECVE-2016-2834 at NVDCVE-2016-8635 at SUSECVE-2016-8635 at NVDCVE-2016-9574 at SUSECVE-2016-9574 at NVDCVE-2017-5429 at SUSECVE-2017-5429 at NVDCVE-2017-5432 at SUSECVE-2017-5432 at NVDCVE-2017-5433 at SUSECVE-2017-5433 at NVDCVE-2017-5434 at SUSECVE-2017-5434 at NVDCVE-2017-5435 at SUSECVE-2017-5435 at NVDCVE-2017-5436 at SUSECVE-2017-5436 at NVDCVE-2017-5437 at SUSECVE-2017-5437 at NVDCVE-2017-5438 at SUSECVE-2017-5438 at NVDCVE-2017-5439 at SUSECVE-2017-5439 at NVDCVE-2017-5440 at SUSECVE-2017-5440 at NVDCVE-2017-5441 at SUSECVE-2017-5441 at NVDCVE-2017-5442 at SUSECVE-2017-5442 at NVDCVE-2017-5443 at SUSECVE-2017-5443 at NVDCVE-2017-5444 at SUSECVE-2017-5444 at NVDCVE-2017-5445 at SUSECVE-2017-5445 at NVDCVE-2017-5446 at SUSECVE-2017-5446 at NVDCVE-2017-5447 at SUSECVE-2017-5447 at NVDCVE-2017-5448 at SUSECVE-2017-5448 at NVDCVE-2017-5459 at SUSECVE-2017-5459 at NVDCVE-2017-5460 at SUSECVE-2017-5460 at NVDCVE-2017-5461 at SUSECVE-2017-5461 at NVDCVE-2017-5462 at SUSECVE-2017-5462 at NVDCVE-2017-5464 at SUSECVE-2017-5464 at NVDCVE-2017-5465 at SUSECVE-2017-5465 at NVDCVE-2017-5469 at SUSECVE-2017-5469 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for MozillaFirefox, MozillaFirefox-branding-SLED, firefox-gcc5, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox and mozilla-nss fixes the following issues:
Security issues fixed:
- Fixes in Firefox ESR 52.2 (bsc#1043960,MFSA 2017-16)
- CVE-2017-7758: Out-of-bounds read in Opus encoder
- CVE-2017-7749: Use-after-free during docshell reloading
- CVE-2017-7751: Use-after-free with content viewer listeners
- CVE-2017-5472: Use-after-free using destroyed node when regenerating trees
- CVE-2017-5470: Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2
- CVE-2017-7752: Use-after-free with IME input
- CVE-2017-7750: Use-after-free with track elements
- CVE-2017-7768: 32 byte arbitrary file read through Mozilla Maintenance Service
- CVE-2017-7778: Vulnerabilities in the Graphite 2 library
- CVE-2017-7754: Out-of-bounds read in WebGL with ImageInfo object
- CVE-2017-7755: Privilege escalation through Firefox Installer with same directory DLL files
- CVE-2017-7756: Use-after-free and use-after-scope logging XHR header errors
- CVE-2017-7757: Use-after-free in IndexedDB
- CVE-2017-7761: File deletion and privilege escalation through Mozilla Maintenance Service helper.exe application
- CVE-2017-7763: Mac fonts render some unicode characters as spaces
- CVE-2017-7765: Mark of the Web bypass when saving executable files
- CVE-2017-7764: Domain spoofing with combination of Canadian Syllabics and other unicode blocks
- update to Firefox ESR 52.1 (bsc#1035082,MFSA 2017-12)
- CVE-2016-10196: Vulnerabilities in Libevent library
- CVE-2017-5443: Out-of-bounds write during BinHex decoding
- CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1
- CVE-2017-5464: Memory corruption with accessibility and DOM manipulation
- CVE-2017-5465: Out-of-bounds read in ConvolvePixel
- CVE-2017-5466: Origin confusion when reloading isolated data:text/html URL
- CVE-2017-5467: Memory corruption when drawing Skia content
- CVE-2017-5460: Use-after-free in frame selection
- CVE-2017-5461: Out-of-bounds write in Base64 encoding in NSS
- CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor
- CVE-2017-5449: Crash during bidirectional unicode manipulation with animation
- CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data
- CVE-2017-5447: Out-of-bounds read during glyph processing
- CVE-2017-5444: Buffer overflow while parsing application/http-index-format content
- CVE-2017-5445: Uninitialized values used while parsing application/http- index-format content
- CVE-2017-5442: Use-after-free during style changes
- CVE-2017-5469: Potential Buffer overflow in flex-generated code
- CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT processing
- CVE-2017-5441: Use-after-free with selection during scroll events
- CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing
- CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing
- CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2
- CVE-2017-5435: Use-after-free during transaction processing in the editor
- CVE-2017-5434: Use-after-free during focus handling
- CVE-2017-5433: Use-after-free in SMIL animation functions
- CVE-2017-5432: Use-after-free in text input selection
- CVE-2017-5430: Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1
- CVE-2017-5459: Buffer overflow in WebGL
- CVE-2017-5462: DRBG flaw in NSS
- CVE-2017-5455: Sandbox escape through internal feed reader APIs
- CVE-2017-5454: Sandbox escape allowing file system read access through file picker
- CVE-2017-5456: Sandbox escape allowing local file system access
- CVE-2017-5451: Addressbar spoofing with onblur event
- General
- CVE-2015-5276: Fix for C++11 std::random_device short reads (bsc#945842)
Bugfixes:
- workaround for Firefox hangs (bsc#1031485, bsc#1025108)
- Update to gcc-5-branch head.
* Includes fixes for (bsc#966220), (bsc#962765), (bsc#964468), (bsc#939460),
(bsc#930496), (bsc#930392) and (bsc#955382).
- Add fix to revert accidential libffi ABI breakage on AARCH64. (bsc#968771)
- Build s390[x] with --with-tune=z9-109 --with-arch=z900 on SLE11 again. (bsc#954002)
- Fix libffi include install. (bsc#935510)
ImportantSUSE bug 1025108SUSE bug 1031485SUSE bug 1035082SUSE bug 1043960SUSE bug 930392SUSE bug 930496SUSE bug 935510SUSE bug 939460SUSE bug 945842SUSE bug 953831SUSE bug 954002SUSE bug 955382SUSE bug 962765SUSE bug 964468SUSE bug 966220SUSE bug 968771CVE-2015-5276 at SUSECVE-2015-5276 at NVDCVE-2016-10196 at SUSECVE-2016-10196 at NVDCVE-2017-5429 at SUSECVE-2017-5429 at NVDCVE-2017-5430 at SUSECVE-2017-5430 at NVDCVE-2017-5432 at SUSECVE-2017-5432 at NVDCVE-2017-5433 at SUSECVE-2017-5433 at NVDCVE-2017-5434 at SUSECVE-2017-5434 at NVDCVE-2017-5435 at SUSECVE-2017-5435 at NVDCVE-2017-5436 at SUSECVE-2017-5436 at NVDCVE-2017-5438 at SUSECVE-2017-5438 at NVDCVE-2017-5439 at SUSECVE-2017-5439 at NVDCVE-2017-5440 at SUSECVE-2017-5440 at NVDCVE-2017-5441 at SUSECVE-2017-5441 at NVDCVE-2017-5442 at SUSECVE-2017-5442 at NVDCVE-2017-5443 at SUSECVE-2017-5443 at NVDCVE-2017-5444 at SUSECVE-2017-5444 at NVDCVE-2017-5445 at SUSECVE-2017-5445 at NVDCVE-2017-5446 at SUSECVE-2017-5446 at NVDCVE-2017-5447 at SUSECVE-2017-5447 at NVDCVE-2017-5448 at SUSECVE-2017-5448 at NVDCVE-2017-5449 at SUSECVE-2017-5449 at NVDCVE-2017-5451 at SUSECVE-2017-5451 at NVDCVE-2017-5454 at SUSECVE-2017-5454 at NVDCVE-2017-5455 at SUSECVE-2017-5455 at NVDCVE-2017-5456 at SUSECVE-2017-5456 at NVDCVE-2017-5459 at SUSECVE-2017-5459 at NVDCVE-2017-5460 at SUSECVE-2017-5460 at NVDCVE-2017-5461 at SUSECVE-2017-5461 at NVDCVE-2017-5462 at SUSECVE-2017-5462 at NVDCVE-2017-5464 at SUSECVE-2017-5464 at NVDCVE-2017-5465 at SUSECVE-2017-5465 at NVDCVE-2017-5466 at SUSECVE-2017-5466 at NVDCVE-2017-5467 at SUSECVE-2017-5467 at NVDCVE-2017-5469 at SUSECVE-2017-5469 at NVDCVE-2017-5470 at SUSECVE-2017-5470 at NVDCVE-2017-5472 at SUSECVE-2017-5472 at NVDCVE-2017-7749 at SUSECVE-2017-7749 at NVDCVE-2017-7750 at SUSECVE-2017-7750 at NVDCVE-2017-7751 at SUSECVE-2017-7751 at NVDCVE-2017-7752 at SUSECVE-2017-7752 at NVDCVE-2017-7754 at SUSECVE-2017-7754 at NVDCVE-2017-7755 at SUSECVE-2017-7755 at NVDCVE-2017-7756 at SUSECVE-2017-7756 at NVDCVE-2017-7757 at SUSECVE-2017-7757 at NVDCVE-2017-7758 at SUSECVE-2017-7758 at NVDCVE-2017-7761 at SUSECVE-2017-7761 at NVDCVE-2017-7763 at SUSECVE-2017-7763 at NVDCVE-2017-7764 at SUSECVE-2017-7764 at NVDCVE-2017-7765 at SUSECVE-2017-7765 at NVDCVE-2017-7768 at SUSECVE-2017-7768 at NVDCVE-2017-7778 at SUSECVE-2017-7778 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
Mozilla Firefox was updated to the ESR 52.3 release (bsc#1052829)
Following security issues were fixed:
* MFSA 2017-19/CVE-2017-7807: Domain hijacking through AppCache fallback
* MFSA 2017-19/CVE-2017-7791: Spoofing following page navigation with data: protocol and modal alerts
* MFSA 2017-19/CVE-2017-7792: Buffer overflow viewing certificates with an extremely long OID
* MFSA 2017-19/CVE-2017-7782: WindowsDllDetourPatcher allocates memory without DEP protections
* MFSA 2017-19/CVE-2017-7787: Same-origin policy bypass with iframes through page reloads
* MFSA 2017-19/CVE-2017-7786: Buffer overflow while painting non-displayable SVG
* MFSA 2017-19/CVE-2017-7785: Buffer overflow manipulating ARIA attributes in DOM
* MFSA 2017-19/CVE-2017-7784: Use-after-free with image observers
* MFSA 2017-19/CVE-2017-7753: Out-of-bounds read with cached style data and pseudo-elements
* MFSA 2017-19/CVE-2017-7798: XUL injection in the style editor in devtools
* MFSA 2017-19/CVE-2017-7804: Memory protection bypass through WindowsDllDetourPatcher
* MFSA 2017-19/CVE-2017-7779: Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3
* MFSA 2017-19/CVE-2017-7800: Use-after-free in WebSockets during disconnection
* MFSA 2017-19/CVE-2017-7801: Use-after-free with marquee during window resizing
* MFSA 2017-19/CVE-2017-7802: Use-after-free resizing image elements
* MFSA 2017-19/CVE-2017-7803: CSP containing 'sandbox' improperly applied
This update also fixes:
- fixed firefox hangs after a while in FUTEX_WAIT_PRIVATE if
cgroups enabled and running on cpu >=1 (bsc#1031485)
- The Itanium ia64 build was fixed.
ImportantSUSE bug 1031485SUSE bug 1052829CVE-2017-7753 at SUSECVE-2017-7753 at NVDCVE-2017-7779 at SUSECVE-2017-7779 at NVDCVE-2017-7782 at SUSECVE-2017-7782 at NVDCVE-2017-7784 at SUSECVE-2017-7784 at NVDCVE-2017-7785 at SUSECVE-2017-7785 at NVDCVE-2017-7786 at SUSECVE-2017-7786 at NVDCVE-2017-7787 at SUSECVE-2017-7787 at NVDCVE-2017-7791 at SUSECVE-2017-7791 at NVDCVE-2017-7792 at SUSECVE-2017-7792 at NVDCVE-2017-7798 at SUSECVE-2017-7798 at NVDCVE-2017-7800 at SUSECVE-2017-7800 at NVDCVE-2017-7801 at SUSECVE-2017-7801 at NVDCVE-2017-7802 at SUSECVE-2017-7802 at NVDCVE-2017-7803 at SUSECVE-2017-7803 at NVDCVE-2017-7804 at SUSECVE-2017-7804 at NVDCVE-2017-7807 at SUSECVE-2017-7807 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox ESR 52.5 fixes the following issues:
Security issues fixed:
- CVE-2017-7826: Memory safety bugs fixed (bsc#1068101).
- CVE-2017-7828: Use-after-free of PressShell while restyling layout (bsc#1068101).
- CVE-2017-7830: Cross-origin URL information leak through Resource Timing API (bsc#1068101).
Mozilla Foundation Security Advisory (MFSA 2017-25):
- https://www.mozilla.org/en-US/security/advisories/mfsa2017-25/
ImportantSUSE bug 1068101CVE-2017-7826 at SUSECVE-2017-7826 at NVDCVE-2017-7828 at SUSECVE-2017-7828 at NVDCVE-2017-7830 at SUSECVE-2017-7830 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox to version ESR 52.6 fixes several issues.
These security issues were fixed:
- CVE-2018-5091: Use-after-free with DTMF timers (bsc#1077291).
- CVE-2018-5095: Integer overflow in Skia library during edge builder allocation (bsc#1077291).
- CVE-2018-5096: Use-after-free while editing form elements (bsc#1077291).
- CVE-2018-5097: Use-after-free when source document is manipulated during XSLT (bsc#1077291).
- CVE-2018-5098: Use-after-free while manipulating form input elements (bsc#1077291).
- CVE-2018-5099: Use-after-free with widget listener (bsc#1077291).
- CVE-2018-5102: Use-after-free in HTML media elements (bsc#1077291).
- CVE-2018-5103: Use-after-free during mouse event handling (bsc#1077291).
- CVE-2018-5104: Use-after-free during font face manipulation (bsc#1077291).
- CVE-2018-5117: URL spoofing with right-to-left text aligned left-to-right (bsc#1077291).
- CVE-2018-5089: Various memory safety bugs (bsc#1077291).
ImportantSUSE bug 1077291CVE-2018-5089 at SUSECVE-2018-5089 at NVDCVE-2018-5091 at SUSECVE-2018-5091 at NVDCVE-2018-5095 at SUSECVE-2018-5095 at NVDCVE-2018-5096 at SUSECVE-2018-5096 at NVDCVE-2018-5097 at SUSECVE-2018-5097 at NVDCVE-2018-5098 at SUSECVE-2018-5098 at NVDCVE-2018-5099 at SUSECVE-2018-5099 at NVDCVE-2018-5102 at SUSECVE-2018-5102 at NVDCVE-2018-5103 at SUSECVE-2018-5103 at NVDCVE-2018-5104 at SUSECVE-2018-5104 at NVDCVE-2018-5117 at SUSECVE-2018-5117 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for MozillaFirefox (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Security issues fixed in Firefox ESR 52.7.3 (bsc#1085130):
- CVE-2018-5125: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7
- CVE-2018-5127: Buffer overflow manipulating SVG animatedPathSegList
- CVE-2018-5129: Out-of-bounds write with malformed IPC messages
- CVE-2018-5130: Mismatched RTP payload type can trigger memory corruption
- CVE-2018-5131: Fetch API improperly returns cached copies of no-store/no-cache resources
- CVE-2018-5144: Integer overflow during Unicode conversion
- CVE-2018-5145: Memory safety bugs fixed in Firefox ESR 52.7
- CVE-2018-5146: Out of bounds memory write in libvorbis (bsc#1085671)
- CVE-2018-5147: Out of bounds memory write in libtremor (bsc#1085671)
- CVE-2018-5148: Use-after-free in compositor (MFSA 2018-10) (bsc#1087059)
ModerateSUSE bug 1085130SUSE bug 1085671SUSE bug 1087059CVE-2018-5125 at SUSECVE-2018-5125 at NVDCVE-2018-5127 at SUSECVE-2018-5127 at NVDCVE-2018-5129 at SUSECVE-2018-5129 at NVDCVE-2018-5130 at SUSECVE-2018-5130 at NVDCVE-2018-5131 at SUSECVE-2018-5131 at NVDCVE-2018-5144 at SUSECVE-2018-5144 at NVDCVE-2018-5145 at SUSECVE-2018-5145 at NVDCVE-2018-5146 at SUSECVE-2018-5146 at NVDCVE-2018-5147 at SUSECVE-2018-5147 at NVDCVE-2018-5148 at SUSECVE-2018-5148 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox to ESR 52.8 release fixes the following issues:
Update to Firefox ESR 52.8 (bsc#1092548)
Security issues fixed:
- MFSA 2018-12/CVE-2018-5159: Integer overflow and out-of-bounds write in Skia
- MFSA 2018-12/CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer
- MFSA 2018-12/CVE-2018-5168: Lightweight themes can be installed without user interaction
- MFSA 2018-12/CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8
- MFSA 2018-12/CVE-2018-5155: Use-after-free with SVG animations and text paths
- MFSA 2018-12/CVE-2018-5183: Backport critical security fixes in Skia
- MFSA 2018-12/CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files
- MFSA 2018-12/CVE-2018-5154: Use-after-free with SVG animations and clip paths
- MFSA 2018-12/CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension
ImportantSUSE bug 1092548CVE-2018-5150 at SUSECVE-2018-5150 at NVDCVE-2018-5154 at SUSECVE-2018-5154 at NVDCVE-2018-5155 at SUSECVE-2018-5155 at NVDCVE-2018-5157 at SUSECVE-2018-5157 at NVDCVE-2018-5158 at SUSECVE-2018-5158 at NVDCVE-2018-5159 at SUSECVE-2018-5159 at NVDCVE-2018-5168 at SUSECVE-2018-5168 at NVDCVE-2018-5174 at SUSECVE-2018-5174 at NVDCVE-2018-5178 at SUSECVE-2018-5178 at NVDCVE-2018-5183 at SUSECVE-2018-5183 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following security issue:
- CVE-2018-6126: Prevent heap buffer overflow in rasterizing paths in SVG with Skia (bsc#1096449).
ImportantSUSE bug 1096449CVE-2018-6126 at SUSECVE-2018-6126 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox to version ESR 52.9 fixes the following issues:
- CVE-2018-5188: Various memory safety bugs (bsc#1098998)
- CVE-2018-12368: No warning when opening executable SettingContent-ms files
- CVE-2018-12366: Invalid data handling during QCMS transformations
- CVE-2018-12365: Compromised IPC child process can list local filenames
- CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins
- CVE-2018-12363: Use-after-free when appending DOM nodes
- CVE-2018-12362: Integer overflow in SSSE3 scaler
- CVE-2018-12360: Use-after-free when using focus()
- CVE-2018-5156: Media recorder segmentation fault when track type is changed during capture
- CVE-2018-12359: Buffer overflow using computed size of canvas element
ImportantSUSE bug 1098998CVE-2018-12359 at SUSECVE-2018-12359 at NVDCVE-2018-12360 at SUSECVE-2018-12360 at NVDCVE-2018-12362 at SUSECVE-2018-12362 at NVDCVE-2018-12363 at SUSECVE-2018-12363 at NVDCVE-2018-12364 at SUSECVE-2018-12364 at NVDCVE-2018-12365 at SUSECVE-2018-12365 at NVDCVE-2018-12366 at SUSECVE-2018-12366 at NVDCVE-2018-12368 at SUSECVE-2018-12368 at NVDCVE-2018-5156 at SUSECVE-2018-5156 at NVDCVE-2018-5188 at SUSECVE-2018-5188 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox to version ESR 60.8 fixes the following issues:
Security issues fixed:
- CVE-2019-9811: Sandbox escape via installation of malicious language pack (bsc#1140868).
- CVE-2019-11711: Script injection within domain through inner window reuse (bsc#1140868).
- CVE-2019-11712: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects (bsc#1140868).
- CVE-2019-11713: Use-after-free with HTTP/2 cached stream (bsc#1140868).
- CVE-2019-11729: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (bsc#1140868).
- CVE-2019-11715: HTML parsing error can contribute to content XSS (bsc#1140868).
- CVE-2019-11717: Caret character improperly escaped in origins (bsc#1140868).
- CVE-2019-11719: Out-of-bounds read when importing curve25519 private key (bsc#1140868).
- CVE-2019-11730: Same-origin policy treats all files in a directory as having the same-origin (bsc#1140868).
- CVE-2019-11709: Multiple Memory safety bugs fixed (bsc#1140868).
- CVE-2019-11708: Fix sandbox escape using Prompt:Open (bsc#1138872).
- CVE-2019-11707: Fixed a type confusion vulnerability in Arrary.pop (bsc#1138614)
Non-security issues fixed:
- Fix broken language plugins (bsc#1137792)
ImportantSUSE bug 1137792SUSE bug 1138614SUSE bug 1138872SUSE bug 1140868CVE-2019-11707 at SUSECVE-2019-11707 at NVDCVE-2019-11708 at SUSECVE-2019-11708 at NVDCVE-2019-11709 at SUSECVE-2019-11709 at NVDCVE-2019-11711 at SUSECVE-2019-11711 at NVDCVE-2019-11712 at SUSECVE-2019-11712 at NVDCVE-2019-11713 at SUSECVE-2019-11713 at NVDCVE-2019-11715 at SUSECVE-2019-11715 at NVDCVE-2019-11717 at SUSECVE-2019-11717 at NVDCVE-2019-11719 at SUSECVE-2019-11719 at NVDCVE-2019-11729 at SUSECVE-2019-11729 at NVDCVE-2019-11730 at SUSECVE-2019-11730 at NVDCVE-2019-9811 at SUSECVE-2019-9811 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues:
Update Firefox Extended Support Release to 68.3.0 ESR (MFSA 2019-37 / bsc#1158328)
Security issues fixed:
- CVE-2019-17008: Use-after-free in worker destruction (bmo#1546331).
- CVE-2019-13722: Stack corruption due to incorrect number of arguments in WebRTC code (bmo#1580156).
- CVE-2019-11745: Out of bounds write in NSS when encrypting with a block cipher (bmo#1586176).
- CVE-2019-17009: Updater temporary files accessible to unprivileged processes (bmo#1510494).
- CVE-2019-17010: Use-after-free when performing device orientation checks (bmo#1581084).
- CVE-2019-17005: Buffer overflow in plain text serializer (bmo#1584170).
- CVE-2019-17011: Use-after-free when retrieving a document in antitracking (bmo#1591334).
- CVE-2019-17012: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209, bmo#1580288, bmo#1585760, bmo#1592502).
Update mozilla-nss to version 3.47.1 (bsc#1158527):
Security issues fixed:
- CVE-2019-11745: EncryptUpdate should use maxout, not block size.
Bug fixes:
- Fix a crash that could be caused by client certificates during startup (bmo#1590495, bsc#1158527)
- Fix compile-time warnings from uninitialized variables in a perl script (bmo#1589810)
- Support AES HW acceleration on ARMv8 (bmo#1152625)
- Allow per-socket run-time ordering of the cipher suites presented in ClientHello (bmo#1267894)
- Add CMAC to FreeBL and PKCS #11 libraries (bmo#1570501)
- Remove arbitrary HKDF output limit by allocating space as needed (bmo#1577953)
Update mozilla-nspr to version 4.23:
Bug fixes:
- fixed a build failure that was introduced in 4.22
- correctness fix for Win64 socket polling
- whitespace in C files was cleaned up and no longer uses tab characters for indenting
- added support for the ARC architecture
- removed support for the following platforms: OSF1/Tru64, DGUX, IRIX, Symbian, BeOS
- correctness and build fixes
ImportantSUSE bug 1158328SUSE bug 1158527CVE-2019-11745 at SUSECVE-2019-11745 at NVDCVE-2019-13722 at SUSECVE-2019-13722 at NVDCVE-2019-17005 at SUSECVE-2019-17005 at NVDCVE-2019-17008 at SUSECVE-2019-17008 at NVDCVE-2019-17009 at SUSECVE-2019-17009 at NVDCVE-2019-17010 at SUSECVE-2019-17010 at NVDCVE-2019-17011 at SUSECVE-2019-17011 at NVDCVE-2019-17012 at SUSECVE-2019-17012 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 68.4.1 ESR
* Fixed: Security fix
MFSA 2020-03 (bsc#1160498)
* CVE-2019-17026 (bmo#1607443)
IonMonkey type confusion with StoreElementHole and
FallibleStoreElement
- Firefox Extended Support Release 68.4.0 ESR
* Fixed: Various security fixes
MFSA 2020-02 (bsc#1160305)
* CVE-2019-17015 (bmo#1599005)
Memory corruption in parent process during new content
process initialization on Windows
* CVE-2019-17016 (bmo#1599181)
Bypass of @namespace CSS sanitization during pasting
* CVE-2019-17017 (bmo#1603055)
Type Confusion in XPCVariant.cpp
* CVE-2019-17021 (bmo#1599008)
Heap address disclosure in parent process during content
process initialization on Windows
* CVE-2019-17022 (bmo#1602843)
CSS sanitization does not escape HTML tags
* CVE-2019-17024 (bmo#1507180, bmo#1595470, bmo#1598605,
bmo#1601826)
Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
ImportantSUSE bug 1160305SUSE bug 1160498CVE-2019-17015 at SUSECVE-2019-17015 at NVDCVE-2019-17016 at SUSECVE-2019-17016 at NVDCVE-2019-17017 at SUSECVE-2019-17017 at NVDCVE-2019-17021 at SUSECVE-2019-17021 at NVDCVE-2019-17022 at SUSECVE-2019-17022 at NVDCVE-2019-17024 at SUSECVE-2019-17024 at NVDCVE-2019-17026 at SUSECVE-2019-17026 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox was updated to version 68.5.0 ESR (bsc#1163368).
Security issues fixed:
- CVE-2020-6796: Fixed a missing bounds check on shared memory in the parent process (bsc#1163368).
- CVE-2020-6798: Fixed a JavaScript code injection issue caused by the incorrect parsing of template tags (bsc#1163368).
- CVE-2020-6799: Fixed a local arbitrary code execution issue when handling PDF links from other applications (bsc#1163368).
- CVE-2020-6800: Fixed several memory safety bugs (bsc#1163368).
Non-security issues fixed:
- Fixed various issues opening files with spaces in their path (bmo#1601905, bmo#1602726).
ImportantSUSE bug 1161799SUSE bug 1163368CVE-2020-6796 at SUSECVE-2020-6796 at NVDCVE-2020-6797 at SUSECVE-2020-6797 at NVDCVE-2020-6798 at SUSECVE-2020-6798 at NVDCVE-2020-6799 at SUSECVE-2020-6799 at NVDCVE-2020-6800 at SUSECVE-2020-6800 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
MozillaFirefox was updated to 68.6.0 ESR (MFSA 2020-09 bsc#1132665)
- CVE-2020-6805: Fixed a use-after-free when removing data about origins
- CVE-2020-6806: Fixed improper protections against state confusion
- CVE-2020-6807: Fixed a use-after-free in cubeb during stream destruction
- CVE-2020-6811: Fixed an issue where copy as cURL' feature did not fully
escape website-controlled data potentially leading to command injection
- CVE-2019-20503: Fixed out of bounds reads in sctp_load_addresses_from_init
- CVE-2020-6812: Fixed an issue where the names of AirPods with personally
identifiable information were exposed to websites with camera or microphone
permission
- CVE-2020-6814: Fixed multiple memory safety bugs
- Fixed an issue with minimizing a window (bsc#1132665).
ImportantSUSE bug 1132665CVE-2019-20503 at SUSECVE-2019-20503 at NVDCVE-2020-6805 at SUSECVE-2020-6805 at NVDCVE-2020-6806 at SUSECVE-2020-6806 at NVDCVE-2020-6807 at SUSECVE-2020-6807 at NVDCVE-2020-6811 at SUSECVE-2020-6811 at NVDCVE-2020-6812 at SUSECVE-2020-6812 at NVDCVE-2020-6814 at SUSECVE-2020-6814 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 68.6.1 ESR
MFSA 2020-11 (bsc#1168630)
* CVE-2020-6819 (bmo#1620818)
Use-after-free while running the nsDocShell destructor
* CVE-2020-6820 (bmo#1626728)
Use-after-free when handling a ReadableStream
ImportantSUSE bug 1168630CVE-2020-6819 at SUSECVE-2020-6819 at NVDCVE-2020-6820 at SUSECVE-2020-6820 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox to version 68.7.0 ESR fixes the following issues:
- CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage method (bsc#1168874).
- CVE-2020-6822: Fixed out of bounds write in GMPDecodeData when processing large images (bsc#1168874).
- CVE-2020-6825: Fixed Memory safety bugs (bsc#1168874).
- CVE-2020-6827: Custom Tabs could have the URI spoofed (bsc#1168874).
- CVE-2020-6828: Preference overwrite via crafted Intent (bsc#1168874).
ImportantSUSE bug 1168874CVE-2020-6821 at SUSECVE-2020-6821 at NVDCVE-2020-6822 at SUSECVE-2020-6822 at NVDCVE-2020-6825 at SUSECVE-2020-6825 at NVDCVE-2020-6827 at SUSECVE-2020-6827 at NVDCVE-2020-6828 at SUSECVE-2020-6828 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 68.8.0 ESR
MFSA 2020-17 (bsc#1171186)
* CVE-2020-12387 (bmo#1545345)
Use-after-free during worker shutdown
* CVE-2020-12388 (bmo#1618911)
Sandbox escape with improperly guarded Access Tokens
* CVE-2020-12389 (bmo#1554110)
Sandbox escape with improperly separated process types
* CVE-2020-6831 (bmo#1632241)
Buffer overflow in SCTP chunk input validation
* CVE-2020-12392 (bmo#1614468)
Arbitrary local file access with 'Copy as cURL'
* CVE-2020-12393 (bmo#1615471)
Devtools' 'Copy as cURL' feature did not fully escape
website-controlled data, potentially leading to command
injection
* CVE-2020-12395 (bmo#1595886, bmo#1611482, bmo#1614704,
bmo#1624098, bmo#1625749, bmo#1626382, bmo#1628076,
bmo#1631508)
Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8
- Since firefox-gcc8 now has disabled autoreqprov for firefox-libstdc++6
and firefox-libgcc_s1, those packages don't provide some capabilities,
we have to disable AutoReqProv in MozillaFirefox too so they're not added as
automatic requirements. (bsc#1162828)
ImportantSUSE bug 1162828SUSE bug 1171186CVE-2020-12387 at SUSECVE-2020-12387 at NVDCVE-2020-12388 at SUSECVE-2020-12388 at NVDCVE-2020-12389 at SUSECVE-2020-12389 at NVDCVE-2020-12392 at SUSECVE-2020-12392 at NVDCVE-2020-12393 at SUSECVE-2020-12393 at NVDCVE-2020-12395 at SUSECVE-2020-12395 at NVDCVE-2020-6831 at SUSECVE-2020-6831 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
- MozillaFirefox was updated to version 68.9.0 Extended Support Release (bsc#1172402).
- CVE-2020-12405: Fixed a use-after-free in SharedWorkerService.
- CVE-2020-12406: Fixed a JavaScript Type confusion with NativeTypes.
- CVE-2020-12410: Fixed multiple memory safety bugs.
ImportantSUSE bug 1172402CVE-2020-12405 at SUSECVE-2020-12405 at NVDCVE-2020-12406 at SUSECVE-2020-12406 at NVDCVE-2020-12410 at SUSECVE-2020-12410 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox to version 78.0.1 ESR fixes the following issues:
Security issues fixed:
- CVE-2020-12415: AppCache manifest poisoning due to url encoded character processing (bsc#1173576).
- CVE-2020-12416: Use-after-free in WebRTC VideoBroadcaster (bsc#1173576).
- CVE-2020-12417: Memory corruption due to missing sign-extension for ValueTags on ARM64 (bsc#1173576).
- CVE-2020-12418: Information disclosure due to manipulated URL object (bsc#1173576).
- CVE-2020-12419: Use-after-free in nsGlobalWindowInner (bsc#1173576).
- CVE-2020-12420: Use-After-Free when trying to connect to a STUN server (bsc#1173576).
- CVE-2020-12402: RSA Key Generation vulnerable to side-channel attack (bsc#1173576).
- CVE-2020-12421: Add-On updates did not respect the same certificate trust rules as software updates (bsc#1173576).
- CVE-2020-12422: Integer overflow in nsJPEGEncoder::emptyOutputBuffer (bsc#1173576).
- CVE-2020-12423: DLL Hijacking due to searching %PATH% for a library (bsc#1173576).
- CVE-2020-12424: WebRTC permission prompt could have been bypassed by a compromised content process (bsc#1173576).
- CVE-2020-12425: Out of bound read in Date.parse() (bsc#1173576).
- CVE-2020-12426: Memory safety bugs fixed in Firefox 78 (bsc#1173576).
- FIPS: MozillaFirefox: allow /proc/sys/crypto/fips_enabled (bsc#1167231).
Non-security issues fixed:
- Fixed interaction with freetype6 (bsc#1173613).
ImportantSUSE bug 1166238SUSE bug 1167231SUSE bug 1173576CVE-2020-12402 at SUSECVE-2020-12402 at NVDCVE-2020-12415 at SUSECVE-2020-12415 at NVDCVE-2020-12416 at SUSECVE-2020-12416 at NVDCVE-2020-12417 at SUSECVE-2020-12417 at NVDCVE-2020-12418 at SUSECVE-2020-12418 at NVDCVE-2020-12419 at SUSECVE-2020-12419 at NVDCVE-2020-12420 at SUSECVE-2020-12420 at NVDCVE-2020-12421 at SUSECVE-2020-12421 at NVDCVE-2020-12422 at SUSECVE-2020-12422 at NVDCVE-2020-12423 at SUSECVE-2020-12423 at NVDCVE-2020-12424 at SUSECVE-2020-12424 at NVDCVE-2020-12425 at SUSECVE-2020-12425 at NVDCVE-2020-12426 at SUSECVE-2020-12426 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
- Fix broken translation-loading (boo#1173991)
* allow addon sideloading
* mark signatures for langpacks non-mandatory
* do not autodisable user profile scopes
- Google API key is not usable for geolocation service any more
- Mozilla Firefox 78.1 ESR
* Fixed: Various stability, functionality, and security fixe
(MFSA 2020-32) (bsc#1174538).
* CVE-2020-15652 (bmo#1634872)
Potential leak of redirect targets when loading scripts in a
worker
* CVE-2020-6514 (bmo#1642792)
WebRTC data channel leaks internal address to peer
* CVE-2020-15655 (bmo#1645204)
Extension APIs could be used to bypass Same-Origin Policy
* CVE-2020-15653 (bmo#1521542)
Bypassing iframe sandbox when allowing popups
* CVE-2020-6463 (bmo#1635293)
Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture
* CVE-2020-15656 (bmo#1647293)
Type confusion for special arguments in IonMonkey
* CVE-2020-15658 (bmo#1637745)
Overriding file type when saving to disk
* CVE-2020-15657 (bmo#1644954)
DLL hijacking due to incorrect loading path
* CVE-2020-15654 (bmo#1648333)
Custom cursor can overlay user interface
* CVE-2020-15659 (bmo#1550133, bmo#1633880, bmo#1643613,
bmo#1644839, bmo#1645835, bmo#1646006, bmo#1646787,
bmo#1649347, bmo#1650811, bmo#1651678)
Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1
- Add sle11-icu-generation-python3.patch to fix icu-generation
on big endian platforms
- Mozilla Firefox 78.0.2 ESR
* MFSA 2020-28 (bsc#1173948)
* MFSA-2020-0003 (bmo#1644076)
X-Frame-Options bypass using object or embed tags
* Fixed: Fixed an accessibility regression in reader mode
(bmo#1650922)
* Fixed: Made the address bar more resilient to data corruption
in the user profile (bmo#1649981)
* Fixed: Fixed a regression opening certain external
applications (bmo#1650162)
ModerateSUSE bug 1173948SUSE bug 1173991SUSE bug 1174538CVE-2020-15652 at SUSECVE-2020-15652 at NVDCVE-2020-15653 at SUSECVE-2020-15653 at NVDCVE-2020-15654 at SUSECVE-2020-15654 at NVDCVE-2020-15655 at SUSECVE-2020-15655 at NVDCVE-2020-15656 at SUSECVE-2020-15656 at NVDCVE-2020-15657 at SUSECVE-2020-15657 at NVDCVE-2020-15658 at SUSECVE-2020-15658 at NVDCVE-2020-15659 at SUSECVE-2020-15659 at NVDCVE-2020-6463 at SUSECVE-2020-6463 at NVDCVE-2020-6514 at SUSECVE-2020-6514 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.2.0 ESR
* Fixed: Various stability, functionality, and security fixes
- Mozilla Firefox ESR 78.2
MFSA 2020-38 (bsc#1175686)
* CVE-2020-15663 (bmo#1643199)
Downgrade attack on the Mozilla Maintenance Service could
have resulted in escalation of privilege
* CVE-2020-15664 (bmo#1658214)
Attacker-induced prompt for extension installation
* CVE-2020-15670 (bmo#1651001, bmo#1651449, bmo#1653626,
bmo#1656957)
Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2
- Fixed Firefox tab crash in FIPS mode (bsc#1174284).
ModerateSUSE bug 1174284SUSE bug 1175686CVE-2020-15663 at SUSECVE-2020-15663 at NVDCVE-2020-15664 at SUSECVE-2020-15664 at NVDCVE-2020-15670 at SUSECVE-2020-15670 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox was updated to 78.3.0 ESR (bsc#1176756, MFSA 2020-43)
- CVE-2020-15677: Download origin spoofing via redirect
- CVE-2020-15676: Fixed an XSS when pasting attacker-controlled data into a
contenteditable element
- CVE-2020-15678: When recursing through layers while scrolling, an iterator
may have become invalid, resulting in a potential use-after-free scenario
- CVE-2020-15673: Fixed memory safety bugs
- Attempt to fix langpack-parallelization by introducing separate
obj-dirs for each lang (bsc#1173986, bsc#1167976)
- Fixed problems with compiler builtins on SLE-11 (bsc#1175046)
ImportantSUSE bug 1167976SUSE bug 1173986SUSE bug 1175046SUSE bug 1176756CVE-2020-15673 at SUSECVE-2020-15673 at NVDCVE-2020-15676 at SUSECVE-2020-15676 at NVDCVE-2020-15677 at SUSECVE-2020-15677 at NVDCVE-2020-15678 at SUSECVE-2020-15678 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.4.0 ESR
* Fixed: Various stability, functionality, and security fixes MFSA 2020-46 (bsc#1177872)
* CVE-2020-15969 Use-after-free in usersctp
* CVE-2020-15683 Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4
* Fixed: Fixed legacy preferences not being properly applied when set via GPO
ImportantSUSE bug 1177872CVE-2020-15683 at SUSECVE-2020-15683 at NVDCVE-2020-15969 at SUSECVE-2020-15969 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.4.1 ESR
* Fixed: Security fix
MFSA 2020-49 (bsc#1178588)
* CVE-2020-26950 (bmo#1675905)
Write side effects in MCallGetProperty opcode not accounted
for
ImportantSUSE bug 1178588CVE-2020-26950 at SUSECVE-2020-26950 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.5.0 ESR (bsc#1178824)
* CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code
* CVE-2020-16012: Variable time processing of cross-origin images during drawImage calls
* CVE-2020-26953: Fullscreen could be enabled without displaying the security UI
* CVE-2020-26956: XSS through paste (manual and clipboard API)
* CVE-2020-26958: Requests intercepted through ServiceWorkers lacked MIME type restrictions
* CVE-2020-26959: Use-after-free in WebRequestService
* CVE-2020-26960: Potential use-after-free in uses of nsTArray
* CVE-2020-15999: Heap buffer overflow in freetype
* CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses
* CVE-2020-26965: Software keyboards may have remembered typed passwords
* CVE-2020-26966: Single-word search queries were also broadcast to local network
* CVE-2020-26968: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5
ImportantSUSE bug 1178824CVE-2020-15999 at SUSECVE-2020-15999 at NVDCVE-2020-16012 at SUSECVE-2020-16012 at NVDCVE-2020-26951 at SUSECVE-2020-26951 at NVDCVE-2020-26953 at SUSECVE-2020-26953 at NVDCVE-2020-26956 at SUSECVE-2020-26956 at NVDCVE-2020-26958 at SUSECVE-2020-26958 at NVDCVE-2020-26959 at SUSECVE-2020-26959 at NVDCVE-2020-26960 at SUSECVE-2020-26960 at NVDCVE-2020-26961 at SUSECVE-2020-26961 at NVDCVE-2020-26965 at SUSECVE-2020-26965 at NVDCVE-2020-26966 at SUSECVE-2020-26966 at NVDCVE-2020-26968 at SUSECVE-2020-26968 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Critical)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.6.0 ESR
* Fixed: Various stability, functionality, and security fixes
MFSA 2020-55 (bsc#1180039)
* CVE-2020-16042 (bmo#1679003)
Operations on a BigInt could have caused uninitialized memory
to be exposed
* CVE-2020-26971 (bmo#1663466)
Heap buffer overflow in WebGL
* CVE-2020-26973 (bmo#1680084)
CSS Sanitizer performed incorrect sanitization
* CVE-2020-26974 (bmo#1681022)
Incorrect cast of StyleGenericFlexBasis resulted in a heap
use-after-free
* CVE-2020-26978 (bmo#1677047)
Internal network hosts could have been probed by a malicious
webpage
* CVE-2020-35111 (bmo#1657916)
The proxy.onRequest API did not catch view-source URLs
* CVE-2020-35112 (bmo#1661365)
Opening an extension-less download may have inadvertently
launched an executable instead
* CVE-2020-35113 (bmo#1664831, bmo#1673589)
Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6
CriticalSUSE bug 1180039CVE-2020-16042 at SUSECVE-2020-16042 at NVDCVE-2020-26971 at SUSECVE-2020-26971 at NVDCVE-2020-26973 at SUSECVE-2020-26973 at NVDCVE-2020-26974 at SUSECVE-2020-26974 at NVDCVE-2020-26978 at SUSECVE-2020-26978 at NVDCVE-2020-35111 at SUSECVE-2020-35111 at NVDCVE-2020-35112 at SUSECVE-2020-35112 at NVDCVE-2020-35113 at SUSECVE-2020-35113 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.6.1 ESR
* Fixed: Critical security issue MFSA 2021-01 (bsc#1180623)
* CVE-2020-16044
Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
ImportantSUSE bug 1180623CVE-2020-16044 at SUSECVE-2020-16044 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.7.0 ESR (MFSA 2021-04, bsc#1181414)
* CVE-2021-23953: Fixed a Cross-origin information leakage via redirected PDF requests
* CVE-2021-23954: Fixed a type confusion when using logical assignment operators in JavaScript switch statements
* CVE-2020-26976: Fixed an issue where HTTPS pages could have been intercepted by a registered service worker when they should not have been
* CVE-2021-23960: Fixed a use-after-poison for incorrectly redeclared JavaScript variables during GC
* CVE-2021-23964: Fixed Memory safety bugs
ImportantSUSE bug 1181414CVE-2020-26976 at SUSECVE-2020-26976 at NVDCVE-2021-23953 at SUSECVE-2021-23953 at NVDCVE-2021-23954 at SUSECVE-2021-23954 at NVDCVE-2021-23960 at SUSECVE-2021-23960 at NVDCVE-2021-23964 at SUSECVE-2021-23964 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 78.7.1 ESR (bsc#1181848)
- Fixed: Prevent access to NTFS special paths that could lead to filesystem corruption.
- Buffer overflow in depth pitch calculations for compressed textures
LowSUSE bug 1181848cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.8.0 ESR
* Fixed: Various stability, functionality, and security fixes
MFSA 2021-08 (bsc#1182614)
* CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect
* CVE-2021-23968: Content Security Policy violation report could have contained the destination of a redirect
* CVE-2021-23973: MediaError message property could have leaked information about cross-origin resources
* CVE-2021-23978: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8
ImportantSUSE bug 1182357SUSE bug 1182614CVE-2021-23968 at SUSECVE-2021-23968 at NVDCVE-2021-23969 at SUSECVE-2021-23969 at NVDCVE-2021-23973 at SUSECVE-2021-23973 at NVDCVE-2021-23978 at SUSECVE-2021-23978 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox was updated to 78.9.0 ESR (MFSA 2021-11, bsc#1183942)
* CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an out-of-bound read
* CVE-2021-23982: Internal network hosts could have been probed by a malicious webpage
* CVE-2021-23984: Malicious extensions could have spoofed popup information
* CVE-2021-23987: Memory safety bugs
ImportantSUSE bug 1183942CVE-2021-23981 at SUSECVE-2021-23981 at NVDCVE-2021-23982 at SUSECVE-2021-23982 at NVDCVE-2021-23984 at SUSECVE-2021-23984 at NVDCVE-2021-23987 at SUSECVE-2021-23987 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
- Firefox was updated to 78.10.0 ESR (bsc#1184960)
* CVE-2021-23994: Out of bound write due to lazy initialization
* CVE-2021-23995: Use-after-free in Responsive Design Mode
* CVE-2021-23998: Secure Lock icon could have been spoofed
* CVE-2021-23961: More internal network hosts could have been probed by a malicious webpage
* CVE-2021-23999: Blob URLs may have been granted additional privileges
* CVE-2021-24002: Arbitrary FTP command execution on FTP servers using an encoded URL
* CVE-2021-29945: Incorrect size computation in WebAssembly JIT could lead to null-reads
* CVE-2021-29946: Port blocking could be bypassed
ImportantSUSE bug 1184960CVE-2021-23961 at SUSECVE-2021-23961 at NVDCVE-2021-23994 at SUSECVE-2021-23994 at NVDCVE-2021-23995 at SUSECVE-2021-23995 at NVDCVE-2021-23998 at SUSECVE-2021-23998 at NVDCVE-2021-23999 at SUSECVE-2021-23999 at NVDCVE-2021-24002 at SUSECVE-2021-24002 at NVDCVE-2021-29945 at SUSECVE-2021-29945 at NVDCVE-2021-29946 at SUSECVE-2021-29946 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 78.11.0 ESR (bsc#1186696)
* CVE-2021-29964: Out of bounds-read when parsing a `WM_COPYDATA` message
* CVE-2021-29967: Memory safety bugs fixed in Firefox
ModerateSUSE bug 1185633SUSE bug 1186696CVE-2021-29951 at SUSECVE-2021-29951 at NVDCVE-2021-29964 at SUSECVE-2021-29964 at NVDCVE-2021-29967 at SUSECVE-2021-29967 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 78.12.0 ESR
* Fixed: Various stability, functionality, and security fixes
MFSA 2021-29 (bsc#1188275)
* CVE-2021-29970: Use-after-free in accessibility features of a document
* CVE-2021-30547: Out of bounds write in ANGLE
* CVE-2021-29976: Memory safety bugs fixed in Firefox 90 and Firefox ESR 78.12
ImportantSUSE bug 1188275CVE-2021-29970 at SUSECVE-2021-29970 at NVDCVE-2021-29976 at SUSECVE-2021-29976 at NVDCVE-2021-30547 at SUSECVE-2021-30547 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 78.13.0 ESR (MFSA 2021-34, bsc#1188891):
- CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption
- CVE-2021-29988: Memory corruption as a result of incorrect style treatment
- CVE-2021-29984: Incorrect instruction reordering during JIT optimization
- CVE-2021-29980: Uninitialized memory in a canvas object could have led to memory corruption
- CVE-2021-29985: Use-after-free media channels
- CVE-2021-29989: Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13
ImportantSUSE bug 1188891CVE-2021-29980 at SUSECVE-2021-29980 at NVDCVE-2021-29984 at SUSECVE-2021-29984 at NVDCVE-2021-29985 at SUSECVE-2021-29985 at NVDCVE-2021-29986 at SUSECVE-2021-29986 at NVDCVE-2021-29988 at SUSECVE-2021-29988 at NVDCVE-2021-29989 at SUSECVE-2021-29989 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
This update contains the Firefox Extended Support Release 91.1.0 ESR.
* Fixed: Various stability, functionality, and security fixes
MFSA 2021-40 (bsc#1190269, bsc#1190274):
* CVE-2021-38492: Navigating to `mk:` URL scheme could load Internet Explorer
* CVE-2021-38495: Memory safety bugs fixed in Firefox 92 and Firefox ESR 91.1
Firefox 91.0.1esr ESR
* Fixed: Fixed an issue causing buttons on the tab bar to be
resized when loading certain websites (bug 1704404)
* Fixed: Fixed an issue which caused tabs from private windows
to be visible in non-private windows when viewing switch-to-
tab results in the address bar panel (bug 1720369)
* Fixed: Various stability fixes
* Fixed: Security fix MFSA 2021-37 (bsc#1189547)
* CVE-2021-29991 (bmo#1724896)
Header Splitting possible with HTTP/3 Responses
Firefox Extended Support Release 91.0 ESR
* New: Some of the highlights of the new Extended Support Release are:
- A number of user interface changes. For more information,
see the Firefox 89 release notes.
- Firefox now supports logging into Microsoft, work, and
school accounts using Windows single sign-on. Learn more
- On Windows, updates can now be applied in the background
while Firefox is not running.
- Firefox for Windows now offers a new page about:third-party
to help identify compatibility issues caused by third-party
applications
- Version 2 of Firefox's SmartBlock feature further improves
private browsing. Third party Facebook scripts are blocked to
prevent you from being tracked, but are now automatically
loaded 'just in time' if you decide to 'Log in with Facebook'
on any website.
- Enhanced the privacy of the Firefox Browser's Private
Browsing mode with Total Cookie Protection, which confines
cookies to the site where they were created, preventing
companis from using cookies to track your browsing across
sites. This feature was originally launched in Firefox's ETP
Strict mode.
- PDF forms now support JavaScript embedded in PDF files.
Some PDF forms use JavaScript for validation and other
interactive features.
- You'll encounter less website breakage in Private Browsing
and Strict Enhanced Tracking Protection with SmartBlock,
which provides stand-in scripts so that websites load
properly.
- Improved Print functionality with a cleaner design and
better integration with your computer's printer settings.
- Firefox now protects you from supercookies, a type of
tracker that can stay hidden in your browser and track you
online, even after you clear cookies. By isolating
supercookies, Firefox prevents them from tracking your web
browsing from one site to the next.
- Firefox now remembers your preferred location for saved
bookmarks, displays the bookmarks toolbar by default on new
tabs, and gives you easy access to all of your bookmarks via
a toolbar folder.
- Native support for macOS devices built with Apple Silicon
CPUs brings dramatic performance improvements over the non-
native build that was shipped in Firefox 83: Firefox launches
over 2.5 times faster and web apps are now twice as
responsive (per the SpeedoMeter 2.0 test). If you are on a
new Apple device, follow these steps to upgrade to the latest
Firefox.
- Pinch zooming will now be supported for our users with
Windows touchscreen devices and touchpads on Mac devices.
Firefox users may now use pinch to zoom on touch-capable
devices to zoom in and out of webpages.
- We’ve improved functionality and design for a number of
Firefox search features:
* Selecting a search engine at the bottom of the search
panel now enters search mode for that engine, allowing you to
see suggestions (if available) for your search terms. The old
behavior (immediately performing a search) is available with
a shift-click.
* When Firefox autocompletes the URL of one of your search
engines, you can now search with that engine directly in the
address bar by selecting the shortcut in the address bar
results.
* We’ve added buttons at the bottom of the search panel to
allow you to search your bookmarks, open tabs, and history.
- Firefox supports AcroForm, which will allow you to fill in,
print, and save supported PDF forms and the PDF viewer also
has a new fresh look.
- For our users in the US and Canada, Firefox can now save,
manage, and auto-fill credit card information for you, making
shopping on Firefox ever more convenient.
- In addition to our default, dark and light themes, with
this release, Firefox introduces the Alpenglow theme: a
colorful appearance for buttons, menus, and windows. You can
update your Firefox themes under settings or preferences.
* Changed: Firefox no longer supports Adobe Flash. There is no
setting available to re-enable Flash support.
* Enterprise: Various bug fixes and new policies have been
implemented in the latest version of Firefox. See more
details in the Firefox for Enterprise 91 Release Notes.
MFSA 2021-33 (bsc#1188891):
* CVE-2021-29986: Race condition when resolving DNS names could have led to
memory corruption
* CVE-2021-29981: Live range splitting could have led to conflicting
assignments in the JIT
* CVE-2021-29988: Memory corruption as a result of incorrect style treatment
* CVE-2021-29983: Firefox for Android could get stuck in fullscreen mode
* CVE-2021-29984: Incorrect instruction reordering during JIT optimization
* CVE-2021-29980: Uninitialized memory in a canvas object could have led to
memory corruption
* CVE-2021-29987: Users could have been tricked into accepting unwanted
permissions on Linux
* CVE-2021-29985: Use-after-free media channels
* CVE-2021-29982: Single bit data leak due to incorrect JIT optimization and
type confusion
* CVE-2021-29989: Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13
* CVE-2021-29990: Memory safety bugs fixed in Firefox 91
ImportantSUSE bug 1188891SUSE bug 1189547SUSE bug 1190269SUSE bug 1190274CVE-2021-29980 at SUSECVE-2021-29980 at NVDCVE-2021-29981 at SUSECVE-2021-29981 at NVDCVE-2021-29982 at SUSECVE-2021-29982 at NVDCVE-2021-29983 at SUSECVE-2021-29983 at NVDCVE-2021-29984 at SUSECVE-2021-29984 at NVDCVE-2021-29985 at SUSECVE-2021-29985 at NVDCVE-2021-29986 at SUSECVE-2021-29986 at NVDCVE-2021-29987 at SUSECVE-2021-29987 at NVDCVE-2021-29988 at SUSECVE-2021-29988 at NVDCVE-2021-29989 at SUSECVE-2021-29989 at NVDCVE-2021-29990 at SUSECVE-2021-29990 at NVDCVE-2021-29991 at SUSECVE-2021-29991 at NVDCVE-2021-38492 at SUSECVE-2021-38492 at NVDCVE-2021-38495 at SUSECVE-2021-38495 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
MozillaFirefox was updated to Extended Support Release 91.3.0 ESR
* Fixed: Various stability, functionality, and security fixes
MFSA 2021-49 (bsc#1192250)
* CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets
* CVE-2021-38504: Use-after-free in file picker dialog
* CVE-2021-38505: Windows 10 Cloud Clipboard may have recorded sensitive user data
* CVE-2021-38506: Firefox could be coaxed into going into fullscreen mode without notification or warning
* CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports
* CVE-2021-38508: Permission Prompt could be overlaid, resulting in user confusion and potential spoofing
* CVE-2021-38509: Javascript alert box could have been spoofed onto an arbitrary domain
* CVE-2021-38510: Download Protections were bypassed by .inetloc files on Mac OS
* MOZ-2021-0008: Use-after-free in HTTP2 Session object
* MOZ-2021-0007: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3
ImportantSUSE bug 1192250CVE-2021-38503 at SUSECVE-2021-38503 at NVDCVE-2021-38504 at SUSECVE-2021-38504 at NVDCVE-2021-38505 at SUSECVE-2021-38505 at NVDCVE-2021-38506 at SUSECVE-2021-38506 at NVDCVE-2021-38507 at SUSECVE-2021-38507 at NVDCVE-2021-38508 at SUSECVE-2021-38508 at NVDCVE-2021-38509 at SUSECVE-2021-38509 at NVDCVE-2021-38510 at SUSECVE-2021-38510 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Update to Extended Support Release 91.4.0 (bsc#1193485):
- CVE-2021-43536: URL leakage when navigating while executing asynchronous function
- CVE-2021-43537: Heap buffer overflow when using structured clone
- CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both
- CVE-2021-43539: GC rooting failure when calling wasm instance methods
- CVE-2021-43541: External protocol handler parameters were unescaped
- CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler
- CVE-2021-43543: Bypass of CSP sandbox directive when embedding
- CVE-2021-43545: Denial of Service when using the Location API in a loop
- CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed
- Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4
- Removed x-scheme-handler/ftp from MozillaFirefox.desktop (bsc#1193321)
ImportantSUSE bug 1193321SUSE bug 1193485CVE-2021-43536 at SUSECVE-2021-43536 at NVDCVE-2021-43537 at SUSECVE-2021-43537 at NVDCVE-2021-43538 at SUSECVE-2021-43538 at NVDCVE-2021-43539 at SUSECVE-2021-43539 at NVDCVE-2021-43541 at SUSECVE-2021-43541 at NVDCVE-2021-43542 at SUSECVE-2021-43542 at NVDCVE-2021-43543 at SUSECVE-2021-43543 at NVDCVE-2021-43545 at SUSECVE-2021-43545 at NVDCVE-2021-43546 at SUSECVE-2021-43546 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
- CVE-2021-4140: Fixed iframe sandbox bypass with XSLT (bsc#1194547).
- CVE-2022-22737: Fixed race condition when playing audio files (bsc#1194547).
- CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur (bsc#1194547).
- CVE-2022-22739: Fixed missing throttling on external protocol launch dialog (bsc#1194547).
- CVE-2022-22740: Fixed use-after-free of ChannelEventQueue::mOwner (bsc#1194547).
- CVE-2022-22741: Fixed browser window spoof using fullscreen mode (bsc#1194547).
- CVE-2022-22742: Fixed out-of-bounds memory access when inserting text in edit mode (bsc#1194547).
- CVE-2022-22743: Fixed browser window spoof using fullscreen mode (bsc#1194547).
- CVE-2022-22744: Fixed possible command injection via the 'Copy as curl' feature in DevTools (bsc#1194547).
- CVE-2022-22745: Fixed leaking cross-origin URLs through securitypolicyviolation event (bsc#1194547).
- CVE-2022-22746: Fixed calling into reportValidity could have lead to fullscreen window spoof (bsc#1194547).
- CVE-2022-22747: Fixed crash when handling empty pkcs7 sequence(bsc#1194547).
- CVE-2022-22748: Fixed spoofed origin on external protocol launch dialog (bsc#1194547).
- CVE-2022-22751: Fixed memory safety bugs (bsc#1194547).
ImportantSUSE bug 1194547CVE-2021-4140 at SUSECVE-2021-4140 at NVDCVE-2022-22737 at SUSECVE-2022-22737 at NVDCVE-2022-22738 at SUSECVE-2022-22738 at NVDCVE-2022-22739 at SUSECVE-2022-22739 at NVDCVE-2022-22740 at SUSECVE-2022-22740 at NVDCVE-2022-22741 at SUSECVE-2022-22741 at NVDCVE-2022-22742 at SUSECVE-2022-22742 at NVDCVE-2022-22743 at SUSECVE-2022-22743 at NVDCVE-2022-22744 at SUSECVE-2022-22744 at NVDCVE-2022-22745 at SUSECVE-2022-22745 at NVDCVE-2022-22746 at SUSECVE-2022-22746 at NVDCVE-2022-22747 at SUSECVE-2022-22747 at NVDCVE-2022-22748 at SUSECVE-2022-22748 at NVDCVE-2022-22751 at SUSECVE-2022-22751 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.6.0 ESR / MFSA 2022-05 (bsc#1195682)
- CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance Service
- CVE-2022-22754: Extensions could have bypassed permission confirmation during update
- CVE-2022-22756: Drag and dropping an image could have resulted in the dropped object being an executable
- CVE-2022-22759: Sandboxed iframes could have executed script if the parent appended elements
- CVE-2022-22760: Cross-Origin responses could be distinguished between script and non-script content-types
- CVE-2022-22761: frame-ancestors Content Security Policy directive was not enforced for framed extension pages
- CVE-2022-22763: Script Execution during invalid object state
- CVE-2022-22764: Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6
Firefox Extended Support Release 91.5.1 ESR (bsc#1195230)
- Fixed an issue that allowed unexpected data to be submitted in some of our search telemetry
ImportantSUSE bug 1195230SUSE bug 1195682CVE-2022-22753 at SUSECVE-2022-22753 at NVDCVE-2022-22754 at SUSECVE-2022-22754 at NVDCVE-2022-22756 at SUSECVE-2022-22756 at NVDCVE-2022-22759 at SUSECVE-2022-22759 at NVDCVE-2022-22760 at SUSECVE-2022-22760 at NVDCVE-2022-22761 at SUSECVE-2022-22761 at NVDCVE-2022-22763 at SUSECVE-2022-22763 at NVDCVE-2022-22764 at SUSECVE-2022-22764 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.7.0 ESR (bsc#1196900):
- CVE-2022-26383: Browser window spoof using fullscreen mode
- CVE-2022-26384: iframe allow-scripts sandbox bypass
- CVE-2022-26387: Time-of-check time-of-use bug when verifying add-on signatures
- CVE-2022-26381: Use-after-free in text reflows
- CVE-2022-26386: Temporary files downloaded to /tmp and accessible by other local users
Firefox Extended Support Release 91.6.1 ESR (bsc#1196809):
- CVE-2022-26485: Use-after-free in XSLT parameter processing
- CVE-2022-26486: Use-after-free in WebGPU IPC Framework
ImportantSUSE bug 1196809SUSE bug 1196900CVE-2022-26381 at SUSECVE-2022-26381 at NVDCVE-2022-26383 at SUSECVE-2022-26383 at NVDCVE-2022-26384 at SUSECVE-2022-26384 at NVDCVE-2022-26386 at SUSECVE-2022-26386 at NVDCVE-2022-26387 at SUSECVE-2022-26387 at NVDCVE-2022-26485 at SUSECVE-2022-26485 at NVDCVE-2022-26486 at SUSECVE-2022-26486 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.8.0 ESR (bsc#1197903):
MFSA 2022-14 (bsc#1197903)
* CVE-2022-1097: Fixed memory safety violations that could occur when PKCS#11 tokens are removed while in use
* CVE-2022-28281: Fixed an out of bounds write due to unexpected WebAuthN Extensions
* CVE-2022-1196: Fixed a use-after-free after VR Process destruction
* CVE-2022-28282: Fixed a use-after-free in DocumentL10n::TranslateDocument
* CVE-2022-28285: Fixed incorrect AliasSet used in JIT Codegen
* CVE-2022-28286: Fixed that iframe contents could be rendered outside the border
* CVE-2022-24713: Fixed a denial of service via complex regular expressions
* CVE-2022-28289: Memory safety bugs fixed in Firefox 99 and Firefox ESR 91.8
ImportantSUSE bug 1197903CVE-2022-1097 at SUSECVE-2022-1097 at NVDCVE-2022-1196 at SUSECVE-2022-1196 at NVDCVE-2022-24713 at SUSECVE-2022-24713 at NVDCVE-2022-28281 at SUSECVE-2022-28281 at NVDCVE-2022-28282 at SUSECVE-2022-28282 at NVDCVE-2022-28285 at SUSECVE-2022-28285 at NVDCVE-2022-28286 at SUSECVE-2022-28286 at NVDCVE-2022-28289 at SUSECVE-2022-28289 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.9.0 ESR
MFSA 2022-17 (bsc#1198970)
* CVE-2022-29914: Fullscreen notification bypass using popups
* CVE-2022-29909: Bypassing permission prompt in nested browsing contexts
* CVE-2022-29916: Leaking browser history with CSS variables
* CVE-2022-29911: iframe Sandbox bypass
* CVE-2022-29912: Reader mode bypassed SameSite cookies
* CVE-2022-29917: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9
ImportantSUSE bug 1198970CVE-2022-29909 at SUSECVE-2022-29909 at NVDCVE-2022-29911 at SUSECVE-2022-29911 at NVDCVE-2022-29912 at SUSECVE-2022-29912 at NVDCVE-2022-29914 at SUSECVE-2022-29914 at NVDCVE-2022-29916 at SUSECVE-2022-29916 at NVDCVE-2022-29917 at SUSECVE-2022-29917 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.9.0 ESR (MFSA 2022-17)(bsc#1198970):
- CVE-2022-29914: Fullscreen notification bypass using popups
- CVE-2022-29909: Bypassing permission prompt in nested browsing contexts
- CVE-2022-29916: Leaking browser history with CSS variables
- CVE-2022-29911: iframe Sandbox bypass
- CVE-2022-29912: Reader mode bypassed SameSite cookies
- CVE-2022-29917: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9
ImportantSUSE bug 1198970CVE-2022-29909 at SUSECVE-2022-29909 at NVDCVE-2022-29911 at SUSECVE-2022-29911 at NVDCVE-2022-29912 at SUSECVE-2022-29912 at NVDCVE-2022-29914 at SUSECVE-2022-29914 at NVDCVE-2022-29916 at SUSECVE-2022-29916 at NVDCVE-2022-29917 at SUSECVE-2022-29917 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.9.1 ESR - MFSA 2022-19 (bsc#1199768):
- CVE-2022-1802: Prototype pollution in Top-Level Await implementation
- CVE-2022-1529: Untrusted input used in JavaScript object indexing, leading to prototype pollution
ImportantSUSE bug 1199768CVE-2022-1529 at SUSECVE-2022-1529 at NVDCVE-2022-1802 at SUSECVE-2022-1802 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.10.0 ESR (MFSA 2022-21)(bsc#1200027)
- CVE-2022-31736: Cross-Origin resource's length leaked
- CVE-2022-31737: Heap buffer overflow in WebGL
- CVE-2022-31738: Browser window spoof using fullscreen mode
- CVE-2022-31739: Attacker-influenced path traversal when saving downloaded files
- CVE-2022-31740: Register allocation problem in WASM on arm64
- CVE-2022-31741: Uninitialized variable leads to invalid memory read
- CVE-2022-31742: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information
- CVE-2022-31747: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10
ImportantSUSE bug 1200027CVE-2022-31736 at SUSECVE-2022-31736 at NVDCVE-2022-31737 at SUSECVE-2022-31737 at NVDCVE-2022-31738 at SUSECVE-2022-31738 at NVDCVE-2022-31739 at SUSECVE-2022-31739 at NVDCVE-2022-31740 at SUSECVE-2022-31740 at NVDCVE-2022-31741 at SUSECVE-2022-31741 at NVDCVE-2022-31742 at SUSECVE-2022-31742 at NVDCVE-2022-31747 at SUSECVE-2022-31747 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Update to Firefox Extended Support Release 91.11.0 ESR (MFSA 2022-25) (bsc#1200793):
- CVE-2022-2200: Undesired attributes could be set as part of prototype pollution (bmo#1771381)
- CVE-2022-31744: CSP bypass enabling stylesheet injection (bmo#1757604)
- CVE-2022-34468: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI (bmo#1768537)
- CVE-2022-34470: Use-after-free in nsSHistory (bmo#1765951)
- CVE-2022-34472: Unavailable PAC file resulted in OCSP requests being blocked (bmo#1770123)
- CVE-2022-34478: Microsoft protocols can be attacked if a user accepts a prompt (bmo#1773717)
- CVE-2022-34479: A popup window could be resized in a way to overlay the address bar with web content (bmo#1745595)
- CVE-2022-34481: Potential integer overflow in ReplaceElementsAt (bmo#1497246)
- CVE-2022-34484: Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11 (bmo#1763634, bmo#1772651)
ImportantSUSE bug 1200793CVE-2022-2200 at SUSECVE-2022-2200 at NVDCVE-2022-31744 at SUSECVE-2022-31744 at NVDCVE-2022-34468 at SUSECVE-2022-34468 at NVDCVE-2022-34470 at SUSECVE-2022-34470 at NVDCVE-2022-34472 at SUSECVE-2022-34472 at NVDCVE-2022-34478 at SUSECVE-2022-34478 at NVDCVE-2022-34479 at SUSECVE-2022-34479 at NVDCVE-2022-34481 at SUSECVE-2022-34481 at NVDCVE-2022-34484 at SUSECVE-2022-34484 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.12.0 ESR (bsc#1201758):
- CVE-2022-36319: Mouse Position spoofing with CSS transforms
- CVE-2022-36318: Directory indexes for bundled resources reflected URL parameters
ImportantSUSE bug 1201758CVE-2022-36318 at SUSECVE-2022-36318 at NVDCVE-2022-36319 at SUSECVE-2022-36319 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.13.0 ESR (bsc#1202645):
- CVE-2022-38472: Fixed a potential address bar spoofing via XSLT error handling.
- CVE-2022-38473: Fixed an issue where cross-origin XSLT documents could inherit the parent's permissions.
- CVE-2022-38478: Fixed various memory safety issues.
ImportantSUSE bug 1202645CVE-2022-38472 at SUSECVE-2022-38472 at NVDCVE-2022-38473 at SUSECVE-2022-38473 at NVDCVE-2022-38478 at SUSECVE-2022-38478 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Mozilla Firefox was updated to 102.2.0esr ESR:
* Fixed: Various stability, functionality, and security fixes.
- MFSA 2022-34 (bsc#1202645)
* CVE-2022-38472 (bmo#1769155)
Address bar spoofing via XSLT error handling
* CVE-2022-38473 (bmo#1771685)
Cross-origin XSLT Documents would have inherited the parent's
permissions
* CVE-2022-38476 (bmo#1760998)
Data race and potential use-after-free in PK11_ChangePW
* CVE-2022-38477 (bmo#1760611, bmo#1770219, bmo#1771159,
bmo#1773363)
Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2
* CVE-2022-38478 (bmo#1770630, bmo#1776658)
Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2,
and Firefox ESR 91.13
Firefox Extended Support Release 102.1 ESR
* Fixed: Various stability, functionality, and security fixes.
- MFSA 2022-30 (bsc#1201758)
* CVE-2022-36319 (bmo#1737722)
Mouse Position spoofing with CSS transforms
* CVE-2022-36318 (bmo#1771774)
Directory indexes for bundled resources reflected URL
parameters
* CVE-2022-36314 (bmo#1773894)
Opening local <code>.lnk</code> files could cause unexpected
network loads
* CVE-2022-2505 (bmo#1769739, bmo#1772824)
Memory safety bugs fixed in Firefox 103 and 102.1
- Firefox Extended Support Release 102.0.1 ESR
* Fixed: Fixed bookmark shortcut creation by dragging to
Windows File Explorer and dropping partially broken
(bmo#1774683)
* Fixed: Fixed bookmarks sidebar flashing white when opened in
dark mode (bmo#1776157)
* Fixed: Fixed multilingual spell checking not working with
content in both English and a non-Latin alphabet
(bmo#1773802)
* Fixed: Developer tools: Fixed an issue where the console
output keep getting scrolled to the bottom when the last
visible message is an evaluation result (bmo#1776262)
* Fixed: Fixed *Delete cookies and site data when Firefox is
closed* checkbox getting disabled on startup (bmo#1777419)
* Fixed: Various stability fixes
Firefox 102.0 ESR:
* New:
- We now provide more secure connections: Firefox can
now automatically upgrade to HTTPS using HTTPS RR as Alt-Svc
headers.
- For added viewing pleasure, full-range color levels are now
supported for video playback on many systems.
- Find it easier now! Mac users can now access the macOS
share options from the Firefox File menu.
- Voil?! Support for images containing ICC v4 profiles is
enabled on macOS.
- Firefox now supports the new AVIF image format, which is
based on the modern and royalty-free AV1 video codec. It
offers significant bandwidth savings for sites compared to
existing image formats. It also supports transparency and
other advanced features.
- Firefox PDF viewer now supports filling more forms (e.g.,
XFA-based forms, used by multiple governments and banks).
Learn more.
- When available system memory is critically low, Firefox on
Windows will automatically unload tabs based on their last
access time, memory usage, and other attributes. This helps
to reduce Firefox out-of-memory crashes. Forgot something?
Switching to an unloaded tab automatically reloads it.
- To prevent session loss for macOS users who are running
Firefox from a mounted .dmg file, they’ll now be prompted to
finish installation. Bear in mind, this permission prompt
only appears the first time these users run Firefox on their
computer.
- For your safety, Firefox now blocks downloads that rely on
insecure connections, protecting against potentially
malicious or unsafe downloads. Learn more and see where to
find downloads in Firefox.
- Improved web compatibility for privacy protections with
SmartBlock 3.0: In Private Browsing and Strict Tracking
Protection, Firefox goes to great lengths to protect your web
browsing activity from trackers. As part of this, the built-
in content blocking will automatically block third-party
scripts, images, and other content from being loaded from
cross-site tracking companies reported by Disconnect. Learn
more.
- Introducing a new referrer tracking protection in Strict
Tracking Protection and Private Browsing. This feature
prevents sites from unknowingly leaking private information
to trackers. Learn more.
- Introducing Firefox Suggest, a feature that provides
website suggestions as you type into the address bar. Learn
more about this faster way to navigate the web and locale-
specific features.
- Firefox macOS now uses Apple's low-power mode for
fullscreen video on sites such as YouTube and Twitch. This
meaningfully extends battery life in long viewing sessions.
Now your kids can find out what the fox says on a loop
without you ever missing a beat…
- With this release, power users can use about:unloads to
release system resources by manually unloading tabs without
closing them.
- On Windows, there will now be fewer interruptions because
Firefox won’t prompt you for updates. Instead, a background
agent will download and install updates even if Firefox is
closed.
- On Linux, we’ve improved WebGL performance and reduced
power consumption for many users.
- To better protect all Firefox users against side-channel
attacks, such as Spectre, we introduced Site Isolation.
- Firefox no longer warns you by default when you exit the
browser or close a window using a menu, button, or three-key
command. This should cut back on unwelcome notifications,
which is always nice—however, if you prefer a bit of notice,
you’ll still have full control over the quit/close modal
behavior. All warnings can be managed within Firefox
Settings. No worries! More details here.
- Firefox supports the new Snap Layouts menus when running on
Windows 11.
- RLBox—a new technology that hardens Firefox against
potential security vulnerabilities in third-party
libraries—is now enabled on all platforms.
- We’ve reduced CPU usage on macOS in Firefox and
WindowServer during event processing.
- We’ve also reduced the power usage of software decoded
video on macOS, especially in fullscreen. This includes
streaming sites such as Netflix and Amazon Prime Video.
- You can now move the Picture-in-Picture toggle button to
the opposite side of the video. Simply look for the new
context menu option Move Picture-in-Picture Toggle to Left
(Right) Side.
- We’ve made significant improvements in noise suppression
and auto-gain-control, as well as slight improvements in
echo-cancellation to provide you with a better overall
experience.
- We’ve also significantly reduced main-thread load.
- When printing, you can now choose to print only the
odd/even pages.
- Firefox now supports and displays the new style of
scrollbars on Windows 11.
- Firefox has a new optimized download flow. Instead of
prompting every time, files will download automatically.
However, they can still be opened from the downloads panel
with just one click. Easy! More information
- Firefox no longer asks what to do for each file by default.
You won’t be prompted to choose a helper application or save
to disk before downloading a file unless you have changed
your download action setting for that type of file.
- Any files you download will be immediately saved on your
disk. Depending on the current configuration, they’ll be
saved in your preferred download folder, or you’ll be asked
to select a location for each download. Windows and Linux
users will find their downloaded files in the destination
folder. They’ll no longer be put in the Temp folder.
- Firefox allows users to choose from a number of built-in
search engines to set as their default. In this release, some
users who had previously configured a default engine might
notice their default search engine has changed since Mozilla
was unable to secure formal permission to continue including
certain search engines in Firefox.
- You can now toggle Narrate in ReaderMode with the keyboard
shortcut 'n.'
- You can find added support for search—with or without
diacritics—in the PDF viewer.
- The Linux sandbox has been strengthened: processes exposed
to web content no longer have access to the X Window system
(X11).
- Firefox now supports credit card autofill and capture in
Germany, France, and the United Kingdom.
- We now support captions/subtitles display on YouTube, Prime
Video, and Netflix videos you watch in Picture-in-Picture.
Just turn on the subtitles on the in-page video player, and
they will appear in PiP.
- Picture-in-Picture now also supports video captions on
websites that use Web Video Text Track (WebVTT) format (e.g.,
Coursera.org, Canadian Broadcasting Corporation, and many
more).
- On the first run after install, Firefox detects when its
language does not match the operating system language and
offers the user a choice between the two languages.
- Firefox spell checking now checks spelling in multiple
languages. To enable additional languages, select them in the
text field’s context menu.
- HDR video is now supported in Firefox on Mac—starting with
YouTube! Firefox users on macOS 11+ (with HDR-compatible
screens) can enjoy higher-fidelity video content. No need to
manually flip any preferences to turn HDR video support
on—just make sure battery preferences are NOT set to
“optimize video streaming while on battery”.
- Hardware-accelerated AV1 video decoding is enabled on
Windows with supported GPUs (Intel Gen 11+, AMD RDNA 2
Excluding Navi 24, GeForce 30). Installing the AV1 Video
Extension from the Microsoft Store may also be required.
- Video overlay is enabled on Windows for Intel GPUs,
reducing power usage during video playback.
- Improved fairness between painting and handling other
events. This noticeably improves the performance of the
volume slider on Twitch.
- Scrollbars on Linux and Windows 11 won't take space by
default. On Linux, users can change this in Settings. On
Windows, Firefox follows the system setting (System Settings
> Accessibility > Visual Effects > Always show scrollbars).
- Firefox now ignores less restricted referrer
policies—including unsafe-url, no-referrer-when-downgrade,
and origin-when-cross-origin—for cross-site
subresource/iframe requests to prevent privacy leaks from the
referrer.
- Reading is now easier with the prefers-contrast media
query, which allows sites to detect if the user has requested
that web content is presented with a higher (or lower)
contrast.
- All non-configured MIME types can now be assigned a custom
action upon download completion.
- Firefox now allows users to use as many microphones as they
want, at the same time, during video conferencing. The most
exciting benefit is that you can easily switch your
microphones at any time (if your conferencing service
provider enables this flexibility).
- Print preview has been updated.
* Fixed: Various security fixes.
- MFSA 2022-24 (bsc#1200793)
* CVE-2022-34479 (bmo#1745595)
A popup window could be resized in a way to overlay the
address bar with web content
* CVE-2022-34470 (bmo#1765951)
Use-after-free in nsSHistory
* CVE-2022-34468 (bmo#1768537)
CSP sandbox header without `allow-scripts` can be bypassed
via retargeted javascript: URI
* CVE-2022-34482 (bmo#845880)
Drag and drop of malicious image could have led to malicious
executable and potential code execution
* CVE-2022-34483 (bmo#1335845)
Drag and drop of malicious image could have led to malicious
executable and potential code execution
* CVE-2022-34476 (bmo#1387919)
ASN.1 parser could have been tricked into accepting malformed
ASN.1
* CVE-2022-34481 (bmo#1483699, bmo#1497246)
Potential integer overflow in ReplaceElementsAt
* CVE-2022-34474 (bmo#1677138)
Sandboxed iframes could redirect to external schemes
* CVE-2022-34469 (bmo#1721220)
TLS certificate errors on HSTS-protected domains could be
bypassed by the user on Firefox for Android
* CVE-2022-34471 (bmo#1766047)
Compromised server could trick a browser into an addon
downgrade
* CVE-2022-34472 (bmo#1770123)
Unavailable PAC file resulted in OCSP requests being blocked
* CVE-2022-34478 (bmo#1773717)
Microsoft protocols can be attacked if a user accepts a
prompt
* CVE-2022-2200 (bmo#1771381)
Undesired attributes could be set as part of prototype
pollution
* CVE-2022-34480 (bmo#1454072)
Free of uninitialized pointer in lg_init
* CVE-2022-34477 (bmo#1731614)
MediaError message property leaked information on cross-
origin same-site pages
* CVE-2022-34475 (bmo#1757210)
HTML Sanitizer could have been bypassed via same-origin
script via use tags
* CVE-2022-34473 (bmo#1770888)
HTML Sanitizer could have been bypassed via use tags
* CVE-2022-34484 (bmo#1763634, bmo#1772651)
Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11
* CVE-2022-34485 (bmo#1768409, bmo#1768578)
Memory safety bugs fixed in Firefox 102
ImportantSUSE bug 1200793SUSE bug 1201758SUSE bug 1202645CVE-2022-2200 at SUSECVE-2022-2200 at NVDCVE-2022-2505 at SUSECVE-2022-2505 at NVDCVE-2022-34468 at SUSECVE-2022-34468 at NVDCVE-2022-34469 at SUSECVE-2022-34469 at NVDCVE-2022-34470 at SUSECVE-2022-34470 at NVDCVE-2022-34471 at SUSECVE-2022-34471 at NVDCVE-2022-34472 at SUSECVE-2022-34472 at NVDCVE-2022-34473 at SUSECVE-2022-34473 at NVDCVE-2022-34474 at SUSECVE-2022-34474 at NVDCVE-2022-34475 at SUSECVE-2022-34475 at NVDCVE-2022-34476 at SUSECVE-2022-34476 at NVDCVE-2022-34477 at SUSECVE-2022-34477 at NVDCVE-2022-34478 at SUSECVE-2022-34478 at NVDCVE-2022-34479 at SUSECVE-2022-34479 at NVDCVE-2022-34480 at SUSECVE-2022-34480 at NVDCVE-2022-34481 at SUSECVE-2022-34481 at NVDCVE-2022-34482 at SUSECVE-2022-34482 at NVDCVE-2022-34483 at SUSECVE-2022-34483 at NVDCVE-2022-34484 at SUSECVE-2022-34484 at NVDCVE-2022-34485 at SUSECVE-2022-34485 at NVDCVE-2022-36314 at SUSECVE-2022-36314 at NVDCVE-2022-36318 at SUSECVE-2022-36318 at NVDCVE-2022-36319 at SUSECVE-2022-36319 at NVDCVE-2022-38472 at SUSECVE-2022-38472 at NVDCVE-2022-38473 at SUSECVE-2022-38473 at NVDCVE-2022-38476 at SUSECVE-2022-38476 at NVDCVE-2022-38477 at SUSECVE-2022-38477 at NVDCVE-2022-38478 at SUSECVE-2022-38478 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security Update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Mozilla Firefox was updated from 102.2.0esr to 102.3.0esr (bsc#1203477):
- CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages.
- CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads.
- CVE-2022-40958: Fixed bypassing secure context restriction for cookies with __Host and __Secure prefix.
- CVE-2022-40956: Fixed content-security-policy base-uri bypass.
- CVE-2022-40957: Fixed incoherent instruction cache when building WASM on ARM64.
- CVE-2022-40962: Fixed memory safety bugs fixed in Firefox 105 and Firefox ESR 102.3.
ImportantSUSE bug 1203477CVE-2022-40956 at SUSECVE-2022-40956 at NVDCVE-2022-40957 at SUSECVE-2022-40957 at NVDCVE-2022-40958 at SUSECVE-2022-40958 at NVDCVE-2022-40959 at SUSECVE-2022-40959 at NVDCVE-2022-40960 at SUSECVE-2022-40960 at NVDCVE-2022-40962 at SUSECVE-2022-40962 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Updated to version 102.4.0 ESR (bsc#1204421):
- CVE-2022-42927: Fixed same-origin policy violation that could have leaked cross-origin URLs.
- CVE-2022-42928: Fixed memory Corruption in JS Engine.
- CVE-2022-42929: Fixed denial of Service via window.print.
- CVE-2022-42932: Fixed memory safety bugs.
ImportantSUSE bug 1204421CVE-2022-3266 at SUSECVE-2022-3266 at NVDCVE-2022-40956 at SUSECVE-2022-40956 at NVDCVE-2022-40957 at SUSECVE-2022-40957 at NVDCVE-2022-40958 at SUSECVE-2022-40958 at NVDCVE-2022-40959 at SUSECVE-2022-40959 at NVDCVE-2022-40960 at SUSECVE-2022-40960 at NVDCVE-2022-40962 at SUSECVE-2022-40962 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox, firefox-gtk3 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox, firefox-gtk3 fixes the following issues:
MozillaFirefox:
Update to Firefox Extended Support Release 102.5.0 ESR (MFSA 2022-48, bsc#1205270):
- CVE-2022-45403: Service Workers might have learned size of cross-origin media files
- CVE-2022-45404: Fullscreen notification bypass
- CVE-2022-45405: Use-after-free in InputStream implementation
- CVE-2022-45406: Use-after-free of a JavaScript Realm
- CVE-2022-45408: Fullscreen notification bypass via windowName
- CVE-2022-45409: Use-after-free in Garbage Collection
- CVE-2022-45410: ServiceWorker-intercepted requests bypassed SameSite cookie policy
- CVE-2022-45411: Cross-Site Tracing was possible via non-standard override headers
- CVE-2022-45412: Symlinks may resolve to partially uninitialized buffers
- CVE-2022-45416: Keystroke Side-Channel Leakage
- CVE-2022-45418: Custom mouse cursor could have been drawn over browser UI
- CVE-2022-45420: Iframe contents could be rendered outside the iframe
- CVE-2022-45421: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5
- Specify the explicit version of the firefox-lib* dependencies
to force rpm to complain if not all dependencies are up to date
(bsc#1204758)
firefox-gtk3:
- Specify the explicit version of the firefox-lib* dependencies
to force rpm to complain if not all dependencies are up to date
(bsc#1204758)
ImportantSUSE bug 1204758SUSE bug 1205270CVE-2022-45403 at SUSECVE-2022-45403 at NVDCVE-2022-45404 at SUSECVE-2022-45404 at NVDCVE-2022-45405 at SUSECVE-2022-45405 at NVDCVE-2022-45406 at SUSECVE-2022-45406 at NVDCVE-2022-45408 at SUSECVE-2022-45408 at NVDCVE-2022-45409 at SUSECVE-2022-45409 at NVDCVE-2022-45410 at SUSECVE-2022-45410 at NVDCVE-2022-45411 at SUSECVE-2022-45411 at NVDCVE-2022-45412 at SUSECVE-2022-45412 at NVDCVE-2022-45416 at SUSECVE-2022-45416 at NVDCVE-2022-45418 at SUSECVE-2022-45418 at NVDCVE-2022-45420 at SUSECVE-2022-45420 at NVDCVE-2022-45421 at SUSECVE-2022-45421 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 102.6.0 ESR (bsc#1206242):
- CVE-2022-46880: Use-after-free in WebGL
- CVE-2022-46872: Arbitrary file read from a compromised content process
- CVE-2022-46881: Memory corruption in WebGL
- CVE-2022-46874: Drag and Dropped Filenames could have been truncated to malicious extensions
- CVE-2022-46875: Download Protections were bypassed by .atloc and .ftploc files on Mac OS
- CVE-2022-46882: Use-after-free in WebGL
- CVE-2022-46878: Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6
ImportantSUSE bug 1206242CVE-2022-46872 at SUSECVE-2022-46872 at NVDCVE-2022-46874 at SUSECVE-2022-46874 at NVDCVE-2022-46875 at SUSECVE-2022-46875 at NVDCVE-2022-46878 at SUSECVE-2022-46878 at NVDCVE-2022-46880 at SUSECVE-2022-46880 at NVDCVE-2022-46881 at SUSECVE-2022-46881 at NVDCVE-2022-46882 at SUSECVE-2022-46882 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Update to version 102.9.0 ESR (bsc#1209173):
- CVE-2023-28159: Fullscreen Notification could have been hidden by download popups on Android
- CVE-2023-25748: Fullscreen Notification could have been hidden by window prompts on Android
- CVE-2023-25749: Firefox for Android may have opened third-party apps without a prompt
- CVE-2023-25750: Potential ServiceWorker cache leak during private browsing mode
- CVE-2023-25751: Incorrect code generation during JIT compilation
- CVE-2023-28160: Redirect to Web Extension files may have leaked local path
- CVE-2023-28164: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation
- CVE-2023-28161: One-time permissions granted to a local file were extended to other local files loaded in the same tab
- CVE-2023-28162: Invalid downcast in Worklets
- CVE-2023-25752: Potential out-of-bounds when accessing throttled streams
- CVE-2023-28163: Windows Save As dialog resolved environment variables
- CVE-2023-28176: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9
- CVE-2023-28177: Memory safety bugs fixed in Firefox 111
ImportantSUSE bug 1209173CVE-2023-25748 at SUSECVE-2023-25748 at NVDCVE-2023-25749 at SUSECVE-2023-25749 at NVDCVE-2023-25750 at SUSECVE-2023-25750 at NVDCVE-2023-25751 at SUSECVE-2023-25751 at NVDCVE-2023-25752 at SUSECVE-2023-25752 at NVDCVE-2023-28159 at SUSECVE-2023-28159 at NVDCVE-2023-28160 at SUSECVE-2023-28160 at NVDCVE-2023-28161 at SUSECVE-2023-28161 at NVDCVE-2023-28162 at SUSECVE-2023-28162 at NVDCVE-2023-28163 at SUSECVE-2023-28163 at NVDCVE-2023-28164 at SUSECVE-2023-28164 at NVDCVE-2023-28176 at SUSECVE-2023-28176 at NVDCVE-2023-28177 at SUSECVE-2023-28177 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox fixes the following issues:
Extended Support Release 102.11.0 ESR (bsc#1211175):
- CVE-2023-32205: Browser prompts could have been obscured by popups
- CVE-2023-32206: Crash in RLBox Expat driver
- CVE-2023-32207: Potential permissions request bypass via clickjacking
- CVE-2023-32211: Content process crash due to invalid wasm code
- CVE-2023-32212: Potential spoof due to obscured address bar
- CVE-2023-32213: Potential memory corruption in FileReader::DoReadData()
- CVE-2023-32214: Potential DoS via exposed protocol handlers
- CVE-2023-32215: Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11
ImportantSUSE bug 1211175CVE-2023-32205 at SUSECVE-2023-32205 at NVDCVE-2023-32206 at SUSECVE-2023-32206 at NVDCVE-2023-32207 at SUSECVE-2023-32207 at NVDCVE-2023-32211 at SUSECVE-2023-32211 at NVDCVE-2023-32212 at SUSECVE-2023-32212 at NVDCVE-2023-32213 at SUSECVE-2023-32213 at NVDCVE-2023-32214 at SUSECVE-2023-32214 at NVDCVE-2023-32215 at SUSECVE-2023-32215 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This Mozilla Firefox and Mozilla NSS update to 24.5.0esr fixes the
following several security and non-security issues:
* MFSA 2014-34/CVE-2014-1518
Miscellaneous memory safety hazards
* MFSA 2014-37/CVE-2014-1523
Out of bounds read while decoding JPG images
* MFSA 2014-38/CVE-2014-1524
Buffer overflow when using non-XBL object as XBL
* MFSA 2014-42/CVE-2014-1529
Privilege escalation through Web Notification API
* MFSA 2014-43/CVE-2014-1530
Cross-site scripting (XSS) using history navigations
* MFSA 2014-44/CVE-2014-1531
Use-after-free in imgLoader while resizing images
* MFSA 2014-46/CVE-2014-1532
Use-after-free in nsHostResolver
Mozilla NSS has been updated to 3.16:
* required for Firefox 29
* CVE-2014-1492: In a wildcard certificate, the wildcard character
should not be embedded within the U-label of an internationalized
domain name. See the last bullet point in RFC 6125, Section 7.2.
* Update of root certificates.
Security Issue references:
* CVE-2014-1532
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1532>
* CVE-2014-1531
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1531>
* CVE-2014-1530
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1530>
* CVE-2014-1529
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1529>
* CVE-2014-1524
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1524>
* CVE-2014-1523
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1523>
* CVE-2014-1520
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1520>
* CVE-2014-1518
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1518>
SUSE bug 865539SUSE bug 869827SUSE bug 875378SUSE bug 875803CVE-2014-1518 at SUSECVE-2014-1518 at NVDCVE-2014-1520 at SUSECVE-2014-1520 at NVDCVE-2014-1523 at SUSECVE-2014-1523 at NVDCVE-2014-1524 at SUSECVE-2014-1524 at NVDCVE-2014-1529 at SUSECVE-2014-1529 at NVDCVE-2014-1530 at SUSECVE-2014-1530 at NVDCVE-2014-1531 at SUSECVE-2014-1531 at NVDCVE-2014-1532 at SUSECVE-2014-1532 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Mozilla Firefox was updated to 31.6.0 ESR to fix five security issues.
The following vulnerabilities have been fixed:
* Miscellaneous memory safety hazards (MFSA
2015-30/CVE-2015-0814/CVE-2015-0815)
* Use-after-free when using the Fluendo MP3 GStreamer plugin (MFSA
2015-31/CVE-2015-0813)
* resource:// documents can load privileged pages (MFSA
2015-33/CVE-2015-0816)
* CORS requests should not follow 30x redirections after preflight
(MFSA 2015-37/CVE-2015-0807)
* Same-origin bypass through anchor navigation (MFSA
2015-40/CVE-2015-0801)
Security Issues:
* CVE-2015-0801
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0801>
* CVE-2015-0807
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0807>
* CVE-2015-0813
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0813>
* CVE-2015-0814
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0814>
* CVE-2015-0816
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0816>
SUSE bug 925368CVE-2015-0801 at SUSECVE-2015-0801 at NVDCVE-2015-0807 at SUSECVE-2015-0807 at NVDCVE-2015-0813 at SUSECVE-2015-0813 at NVDCVE-2015-0814 at SUSECVE-2015-0814 at NVDCVE-2015-0816 at SUSECVE-2015-0816 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
MozillaFirefox, mozilla-nspr and mozilla-nss were updated to fix 17 security issues.
For more details please check the changelogs.
These security issues were fixed:
- CVE-2015-2724/CVE-2015-2725/CVE-2015-2726: Miscellaneous memory safety hazards (bsc#935979).
- CVE-2015-2728: Type confusion in Indexed Database Manager (bsc#935979).
- CVE-2015-2730: ECDSA signature validation fails to handle some signatures correctly (bsc#935979).
- CVE-2015-2722/CVE-2015-2733: Use-after-free in workers while using XMLHttpRequest (bsc#935979).
- CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737/CVE-2015-2738/CVE-2015-2739/CVE-2015-2740: Vulnerabilities found through code inspection (bsc#935979).
- CVE-2015-2743: Privilege escalation in PDF.js (bsc#935979).
- CVE-2015-4000: NSS accepts export-length DHE keys with regular DHE cipher suites (bsc#935033).
- CVE-2015-2721: NSS incorrectly permits skipping of ServerKeyExchange (bsc#935979).
This non-security issue was fixed:
- bsc#908275: Firefox did not print in landscape orientation.
ImportantSUSE bug 908275SUSE bug 935033SUSE bug 935979CVE-2015-2721 at SUSECVE-2015-2721 at NVDCVE-2015-2722 at SUSECVE-2015-2722 at NVDCVE-2015-2724 at SUSECVE-2015-2724 at NVDCVE-2015-2725 at SUSECVE-2015-2725 at NVDCVE-2015-2726 at SUSECVE-2015-2726 at NVDCVE-2015-2728 at SUSECVE-2015-2728 at NVDCVE-2015-2730 at SUSECVE-2015-2730 at NVDCVE-2015-2733 at SUSECVE-2015-2733 at NVDCVE-2015-2734 at SUSECVE-2015-2734 at NVDCVE-2015-2735 at SUSECVE-2015-2735 at NVDCVE-2015-2736 at SUSECVE-2015-2736 at NVDCVE-2015-2737 at SUSECVE-2015-2737 at NVDCVE-2015-2738 at SUSECVE-2015-2738 at NVDCVE-2015-2739 at SUSECVE-2015-2739 at NVDCVE-2015-2740 at SUSECVE-2015-2740 at NVDCVE-2015-2743 at SUSECVE-2015-2743 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues:
Mozilla Firefox was updated to 38.7.0 ESR (bsc#969894)
* MFSA 2016-16/CVE-2016-1952/CVE-2016-1953
Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)
* MFSA 2016-17/CVE-2016-1954
Local file overwriting and potential privilege escalation
through CSP reports
* MFSA 2016-20/CVE-2016-1957
A memory leak in libstagefright when deleting an array during
MP4 processing was fixed.
* MFSA 2016-21/CVE-2016-1958
The displayed page address can be overridden
* MFSA 2016-23/CVE-2016-1960
A use-after-free in HTML5 string parser was fixed.
* MFSA 2016-24/CVE-2016-1961
A use-after-free in SetBody was fixed.
* MFSA 2016-25/CVE-2016-1962
A use-after-free when using multiple WebRTC data channels was fixed.
* MFSA 2016-27/CVE-2016-1964
A use-after-free during XML transformations was fixed.
* MFSA 2016-28/CVE-2016-1965
Addressbar spoofing though history navigation and Location
protocol property was fixed.
* MFSA 2016-31/CVE-2016-1966
Memory corruption with malicious NPAPI plugin was fixed.
* MFSA 2016-34/CVE-2016-1974
A out-of-bounds read in the HTML parser following a failed
allocation was fixed.
* MFSA 2016-35/CVE-2016-1950
A buffer overflow during ASN.1 decoding in NSS was fixed.
* MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/
CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/
CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/
CVE-2016-2800/CVE-2016-2801/CVE-2016-2802
Various font vulnerabilities were fixed in the embedded Graphite 2 library
Mozilla NSS was updated to fix:
* MFSA 2016-15/CVE-2016-1978
Use-after-free in NSS during SSL connections in low memory
* MFSA 2016-35/CVE-2016-1950
Buffer overflow during ASN.1 decoding in NSS
* MFSA 2016-36/CVE-2016-1979
Use-after-free during processing of DER encoded keys in NSS
Mozilla NSPR was updated to version 4.12 (bsc#969894)
* added a PR_GetEnvSecure function, which attempts to detect if
the program is being executed with elevated privileges, and
returns NULL if detected. It is recommended to use this function
in general purpose library code.
* fixed a memory allocation bug related to the PR_*printf functions
* exported API PR_DuplicateEnvironment, which had already been
added in NSPR 4.10.9
* added support for FreeBSD aarch64
* several minor correctness and compatibility fixes
* Enable atomic instructions on mips (bmo#1129878)
* Fix mips assertion failure when creating thread with custom
stack size (bmo#1129968)
ImportantSUSE bug 969894CVE-2016-1950 at SUSECVE-2016-1950 at NVDCVE-2016-1952 at SUSECVE-2016-1952 at NVDCVE-2016-1953 at SUSECVE-2016-1953 at NVDCVE-2016-1954 at SUSECVE-2016-1954 at NVDCVE-2016-1957 at SUSECVE-2016-1957 at NVDCVE-2016-1958 at SUSECVE-2016-1958 at NVDCVE-2016-1960 at SUSECVE-2016-1960 at NVDCVE-2016-1961 at SUSECVE-2016-1961 at NVDCVE-2016-1962 at SUSECVE-2016-1962 at NVDCVE-2016-1964 at SUSECVE-2016-1964 at NVDCVE-2016-1965 at SUSECVE-2016-1965 at NVDCVE-2016-1966 at SUSECVE-2016-1966 at NVDCVE-2016-1974 at SUSECVE-2016-1974 at NVDCVE-2016-1977 at SUSECVE-2016-1977 at NVDCVE-2016-1978 at SUSECVE-2016-1978 at NVDCVE-2016-1979 at SUSECVE-2016-1979 at NVDCVE-2016-2790 at SUSECVE-2016-2790 at NVDCVE-2016-2791 at SUSECVE-2016-2791 at NVDCVE-2016-2792 at SUSECVE-2016-2792 at NVDCVE-2016-2793 at SUSECVE-2016-2793 at NVDCVE-2016-2794 at SUSECVE-2016-2794 at NVDCVE-2016-2795 at SUSECVE-2016-2795 at NVDCVE-2016-2796 at SUSECVE-2016-2796 at NVDCVE-2016-2797 at SUSECVE-2016-2797 at NVDCVE-2016-2798 at SUSECVE-2016-2798 at NVDCVE-2016-2799 at SUSECVE-2016-2799 at NVDCVE-2016-2800 at SUSECVE-2016-2800 at NVDCVE-2016-2801 at SUSECVE-2016-2801 at NVDCVE-2016-2802 at SUSECVE-2016-2802 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for MozillaFirefox, rust-cbindgen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox, rust-cbindgen fixes the following issues:
MozillaFirefox was updated to Extended Support Release 91.2.0 ESR
* Fixed: Various stability, functionality, and security fixes
MFSA 2021-45 (bsc#1191332)
* CVE-2021-38496: Use-after-free in MessageTask
* CVE-2021-38497: Validation message could have been overlaid on another origin
* CVE-2021-38498: Use-after-free of nsLanguageAtomService object
* CVE-2021-32810: Data race in crossbeam-deque
* CVE-2021-38500: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2
* CVE-2021-38501: Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2
- Fixed crash in FIPS mode (bsc#1190710)
Firefox Extended Support Release 91.1.0 ESR
* Fixed: Various stability, functionality, and security fixes
MFSA 2021-40 (bsc#1190269, bsc#1190274)
* CVE-2021-38492: Navigating to `mk:` URL scheme could load Internet Explorer
* CVE-2021-38495: Memory safety bugs fixed in Firefox 92 and Firefox ESR 91.1
Firefox 91.0.1esr ESR
* Fixed: Fixed an issue causing buttons on the tab bar to be
resized when loading certain websites (bug 1704404)
(bmo#1704404)
* Fixed: Fixed an issue which caused tabs from private windows
to be visible in non-private windows when viewing switch-to-
tab results in the address bar panel (bug 1720369)
(bmo#1720369)
* Fixed: Various stability fixes
* Fixed: Security fix
MFSA 2021-37 (bsc#1189547)
* CVE-2021-29991 (bmo#1724896)
Header Splitting possible with HTTP/3 Responses
Firefox Extended Support Release 91.0 ESR
* New: Some of the highlights of the new Extended Support
Release are:
- A number of user interface changes. For more information,
see the Firefox 89 release notes.
- Firefox now supports logging into Microsoft, work, and
school accounts using Windows single sign-on. Learn more
- On Windows, updates can now be applied in the background
while Firefox is not running.
- Firefox for Windows now offers a new page about:third-party
to help identify compatibility issues caused by third-party
applications
- Version 2 of Firefox's SmartBlock feature further improves
private browsing. Third party Facebook scripts are blocked to
prevent you from being tracked, but are now automatically
loaded 'just in time' if you decide to 'Log in with Facebook'
on any website.
- Enhanced the privacy of the Firefox Browser's Private
Browsing mode with Total Cookie Protection, which confines
cookies to the site where they were created, preventing
companis from using cookies to track your browsing across
sites. This feature was originally launched in Firefox's ETP
Strict mode.
- PDF forms now support JavaScript embedded in PDF files.
Some PDF forms use JavaScript for validation and other
interactive features.
- You'll encounter less website breakage in Private Browsing
and Strict Enhanced Tracking Protection with SmartBlock,
which provides stand-in scripts so that websites load
properly.
- Improved Print functionality with a cleaner design and
better integration with your computer's printer settings.
- Firefox now protects you from supercookies, a type of
tracker that can stay hidden in your browser and track you
online, even after you clear cookies. By isolating
supercookies, Firefox prevents them from tracking your web
browsing from one site to the next.
- Firefox now remembers your preferred location for saved
bookmarks, displays the bookmarks toolbar by default on new
tabs, and gives you easy access to all of your bookmarks via
a toolbar folder.
- Native support for macOS devices built with Apple Silicon
CPUs brings dramatic performance improvements over the non-
native build that was shipped in Firefox 83: Firefox launches
over 2.5 times faster and web apps are now twice as
responsive (per the SpeedoMeter 2.0 test). If you are on a
new Apple device, follow these steps to upgrade to the latest
Firefox.
- Pinch zooming will now be supported for our users with
Windows touchscreen devices and touchpads on Mac devices.
Firefox users may now use pinch to zoom on touch-capable
devices to zoom in and out of webpages.
- We’ve improved functionality and design for a number of
Firefox search features:
* Selecting a search engine at the bottom of the search
panel now enters search mode for that engine, allowing you to
see suggestions (if available) for your search terms. The old
behavior (immediately performing a search) is available with
a shift-click.
* When Firefox autocompletes the URL of one of your search
engines, you can now search with that engine directly in the
address bar by selecting the shortcut in the address bar
results.
* We’ve added buttons at the bottom of the search panel to
allow you to search your bookmarks, open tabs, and history.
- Firefox supports AcroForm, which will allow you to fill in,
print, and save supported PDF forms and the PDF viewer also
has a new fresh look.
- For our users in the US and Canada, Firefox can now save,
manage, and auto-fill credit card information for you, making
shopping on Firefox ever more convenient.
- In addition to our default, dark and light themes, with
this release, Firefox introduces the Alpenglow theme: a
colorful appearance for buttons, menus, and windows. You can
update your Firefox themes under settings or preferences.
* Changed: Firefox no longer supports Adobe Flash. There is no
setting available to re-enable Flash support.
* Enterprise: Various bug fixes and new policies have been
implemented in the latest version of Firefox. See more
details in the Firefox for Enterprise 91 Release Notes.
MFSA 2021-33 (bsc#1188891)
* CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption
* CVE-2021-29981: Live range splitting could have led to conflicting assignments in the JIT
* CVE-2021-29988: Memory corruption as a result of incorrect style treatment
* CVE-2021-29983: Firefox for Android could get stuck in fullscreen mode
* CVE-2021-29984: Incorrect instruction reordering during JIT optimization
* CVE-2021-29980: Uninitialized memory in a canvas object could have led to memory corruption
* CVE-2021-29987: Users could have been tricked into accepting unwanted permissions on Linux
* CVE-2021-29985: Use-after-free media channels
* CVE-2021-29982: Single bit data leak due to incorrect JIT optimization and type confusion
* CVE-2021-29989: Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13
* CVE-2021-29990: Memory safety bugs fixed in Firefox 91
rust-cbindgen was updated to 0.19.0.
ImportantSUSE bug 1188891SUSE bug 1189547SUSE bug 1190269SUSE bug 1190274SUSE bug 1190710SUSE bug 1191332CVE-2021-29980 at SUSECVE-2021-29980 at NVDCVE-2021-29981 at SUSECVE-2021-29981 at NVDCVE-2021-29982 at SUSECVE-2021-29982 at NVDCVE-2021-29983 at SUSECVE-2021-29983 at NVDCVE-2021-29984 at SUSECVE-2021-29984 at NVDCVE-2021-29985 at SUSECVE-2021-29985 at NVDCVE-2021-29986 at SUSECVE-2021-29986 at NVDCVE-2021-29987 at SUSECVE-2021-29987 at NVDCVE-2021-29988 at SUSECVE-2021-29988 at NVDCVE-2021-29989 at SUSECVE-2021-29989 at NVDCVE-2021-29990 at SUSECVE-2021-29990 at NVDCVE-2021-29991 at SUSECVE-2021-29991 at NVDCVE-2021-32810 at SUSECVE-2021-32810 at NVDCVE-2021-38492 at SUSECVE-2021-38492 at NVDCVE-2021-38495 at SUSECVE-2021-38495 at NVDCVE-2021-38496 at SUSECVE-2021-38496 at NVDCVE-2021-38497 at SUSECVE-2021-38497 at NVDCVE-2021-38498 at SUSECVE-2021-38498 at NVDCVE-2021-38500 at SUSECVE-2021-38500 at NVDCVE-2021-38501 at SUSECVE-2021-38501 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for NetworkManager-kde4 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This NetworkManager-kde4 update fixes the following security and non security issues:
- Fixed a long standing security issue. This makes knetworkmanager probe the RADIUS server for a CA certificate subject and hash if no CA certificate is specified. knetworkmanager then stores this data and send it to NetworkManager for it to do a network validation in the absence of a real certificate (bsc#726349)
- Disabled the loading by default of the NetworkManager plasma applet since it doesn't work.
- Fixed a crash due to the use of an uninitialized variable in the plasma applet in case someone runs it manually (bsc#663413)
ModerateSUSE bug 663413SUSE bug 726349cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for OpenEXR (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for OpenEXR fixes the following issues:
* CVE-2017-9110: In OpenEXR, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash. (bsc#1040107)
* CVE-2017-9114: In OpenEXR, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash. (bsc#1040114)
* CVE-2017-12596: In OpenEXR, a crafted image causes a heap-based buffer over-read in the hufDecode function in IlmImf/ImfHuf.cpp during exrmaketiled execution; it could have resulted in denial of service or possibly unspecified other impact. (bsc#1052522)
ModerateSUSE bug 1040107SUSE bug 1040114SUSE bug 1052522CVE-2017-12596 at SUSECVE-2017-12596 at NVDCVE-2017-9110 at SUSECVE-2017-9110 at NVDCVE-2017-9114 at SUSECVE-2017-9114 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for OpenEXR (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for OpenEXR fixes the following issues:
Security issues fixed:
- CVE-2017-9111: Fixed an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h (bsc#1040109).
- CVE-2017-9113: Fixed an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp (bsc#1040113).
- CVE-2017-9115: Fixed an invalid write of size 2 in the = operator function inhalf.h (bsc#1040115).
- CVE-2017-9112: Fixed invalid read of size 1 in the getBits function in ImfHuf.cpp. (This was already fixed by the previous update bug not referenced.) (bsc#1040112)
ModerateSUSE bug 1040109SUSE bug 1040112SUSE bug 1040113SUSE bug 1040115CVE-2017-9111 at SUSECVE-2017-9111 at NVDCVE-2017-9112 at SUSECVE-2017-9112 at NVDCVE-2017-9113 at SUSECVE-2017-9113 at NVDCVE-2017-9115 at SUSECVE-2017-9115 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for OpenEXR (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for OpenEXR fixes the following issues:
- CVE-2017-14988: Fixed a denial of service in Header::readfrom() (bsc#1061305).
ModerateSUSE bug 1061305CVE-2017-9110 at SUSECVE-2017-9110 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for OpenEXR (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for OpenEXR fixes the following issues:
- CVE-2020-11764: Fixed an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp (bsc#1169574).
- CVE-2020-11763: Fixed an out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp (bsc#1169576).
- CVE-2020-11761: Fixed an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder:refill in ImfFastHuf.cpp (bsc#1169578).
ModerateSUSE bug 1169574SUSE bug 1169576SUSE bug 1169578CVE-2020-11761 at SUSECVE-2020-11761 at NVDCVE-2020-11763 at SUSECVE-2020-11763 at NVDCVE-2020-11764 at SUSECVE-2020-11764 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for OpenEXR (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for OpenEXR fixes the following issues:
Security issues fixed:
- CVE-2020-16588: Fixed a null pointer deference in generatePreview (bsc#1179879).
- CVE-2020-16589: Fixed a heap-based buffer overflow in writeTileData in ImfTiledOutputFile.cpp (bsc#1179879).
ModerateSUSE bug 1179879CVE-2020-16588 at SUSECVE-2020-16588 at NVDCVE-2020-16589 at SUSECVE-2020-16589 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for OpenEXR (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for OpenEXR fixes the following issues:
- CVE-2021-3475: Integer-overflow in Imf_2_5::calculateNumTiles (bsc#1184173)
- CVE-2021-3476: Undefined-shift in Imf_2_5::unpack14 (bsc#1184172)
ModerateSUSE bug 1184172SUSE bug 1184173CVE-2021-3475 at SUSECVE-2021-3475 at NVDCVE-2021-3476 at SUSECVE-2021-3476 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for OpenEXR (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for OpenEXR fixes the following issues:
- Fixed CVE-2021-3479 [bsc#1184354]: Out-of-memory caused by allocation of a very large buffer
- Fixed CVE-2021-3605 [bsc#1187395]: Heap buffer overflow in the rleUncompress function
ImportantSUSE bug 1184354SUSE bug 1187395CVE-2021-3479 at SUSECVE-2021-3479 at NVDCVE-2021-3605 at SUSECVE-2021-3605 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for OpenEXR (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for OpenEXR fixes the following issues:
- CVE-2021-20298: Fixed out-of-memory in B44Compressor (bsc#1188460).
- CVE-2021-20300: Fixed integer-overflow in Imf_2_5:hufUncompress (bsc#1188458).
- CVE-2021-20303: Fixed heap-buffer-overflow in Imf_2_5::copyIntoFrameBuffe (bsc#1188457).
- CVE-2021-20304: Fixed undefined-shift in Imf_2_5:hufDecode (bsc#1188461).
- CVE-2021-3941: Fixed divide-by-zero in Imf_3_1:RGBtoXYZ (bsc#1192556).
ModerateSUSE bug 1188457SUSE bug 1188458SUSE bug 1188460SUSE bug 1188461SUSE bug 1192556CVE-2021-20298 at SUSECVE-2021-20298 at NVDCVE-2021-20300 at SUSECVE-2021-20300 at NVDCVE-2021-20303 at SUSECVE-2021-20303 at NVDCVE-2021-20304 at SUSECVE-2021-20304 at NVDCVE-2021-3941 at SUSECVE-2021-3941 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for SDL (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for SDL fixes the following issues:
Security issues fixed:
- CVE-2019-7572: Fixed a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.(bsc#1124806).
- CVE-2019-7578: Fixed a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c (bsc#1125099).
- CVE-2019-7576: Fixed heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124799).
- CVE-2019-7573: Fixed a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124805).
- CVE-2019-7635: Fixed a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c. (bsc#1124827).
- CVE-2019-7636: Fixed a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c (bsc#1124826).
- CVE-2019-7638: Fixed a heap-based buffer over-read in Map1toN in video/SDL_pixels.c (bsc#1124824).
- CVE-2019-7574: Fixed a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c (bsc#1124803).
- CVE-2019-7575: Fixed a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c (bsc#1124802).
- CVE-2019-7637: Fixed a heap-based buffer overflow in SDL_FillRect function in SDL_surface.c (bsc#1124825).
- CVE-2019-7577: Fixed a buffer over read in SDL_LoadWAV_RW in audio/SDL_wave.c (bsc#1124800).
ModerateSUSE bug 1124799SUSE bug 1124800SUSE bug 1124802SUSE bug 1124803SUSE bug 1124805SUSE bug 1124806SUSE bug 1124824SUSE bug 1124825SUSE bug 1124826SUSE bug 1124827SUSE bug 1125099CVE-2019-7572 at SUSECVE-2019-7572 at NVDCVE-2019-7573 at SUSECVE-2019-7573 at NVDCVE-2019-7574 at SUSECVE-2019-7574 at NVDCVE-2019-7575 at SUSECVE-2019-7575 at NVDCVE-2019-7576 at SUSECVE-2019-7576 at NVDCVE-2019-7577 at SUSECVE-2019-7577 at NVDCVE-2019-7578 at SUSECVE-2019-7578 at NVDCVE-2019-7635 at SUSECVE-2019-7635 at NVDCVE-2019-7636 at SUSECVE-2019-7636 at NVDCVE-2019-7637 at SUSECVE-2019-7637 at NVDCVE-2019-7638 at SUSECVE-2019-7638 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for SDL (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for SDL fixes the following issues:
Secuirty issue fixed:
- CVE-2019-13616: Fixed heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit (bsc#1141844).
ModerateSUSE bug 1141844CVE-2019-13616 at SUSECVE-2019-13616 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for SDL (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for SDL fixes the following issues:
- CVE-2020-14410: Fixed a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c (bsc#1181201).
- CVE-2019-7637: Fixed a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c (bsc#1124825).
- CVE-2021-33657: Fix a buffer overflow when parsing a crafted BMP image (bsc#1198001).
- CVE-2020-14409: Fixed an integer overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c (bsc#1181202).
ImportantSUSE bug 1124825SUSE bug 1181201SUSE bug 1181202SUSE bug 1198001CVE-2019-7637 at SUSECVE-2019-7637 at NVDCVE-2020-14409 at SUSECVE-2020-14409 at NVDCVE-2020-14410 at SUSECVE-2020-14410 at NVDCVE-2021-33657 at SUSECVE-2021-33657 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for SDL (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for SDL fixes the following issues:
- CVE-2022-34568: Fixed a use after free issue (bsc#1201977).
LowSUSE bug 1201977CVE-2022-34568 at SUSECVE-2022-34568 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for SuSEfirewall2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for SuSEfirewall2 fixes the following issues:
- CVE-2017-15638: Fixed a security issue with too open implicit portmapper rules
(bsc#1064127): A source net restriction for _rpc_ services
was not taken into account for the implicitly added rules for port 111,
making the portmap service accessible to everyone in the affected zone.
ModerateSUSE bug 1064127CVE-2017-15638 at SUSECVE-2017-15638 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for a2psSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The text to postscript converter a2ps received a security update.
The fixps script did not call ghostscript with the -DSAFER option, allowing
command execution by attacker supplied postscript files.
Security Issue reference:
* CVE-2014-0466
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0466>
SUSE bug 871097CVE-2014-0466 at SUSECVE-2014-0466 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for adns (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for adns fixes the following issues:
- CVE-2017-9103,CVE-2017-9104,CVE-2017-9105,CVE-2017-9109: Fixed an issue in local recursive resolver
which could have led to remote code execution (bsc#1172265).
- CVE-2017-9106: Fixed an issue with upstream DNS data sources which could have led to denial of
service (bsc#1172265).
- CVE-2017-9107: Fixed an issue when quering domain names which could have led to denial of service (bsc#1172265).
- CVE-2017-9108: Fixed an issue which could have led to denial of service (bsc#1172265).
ImportantSUSE bug 1172265CVE-2017-9103 at SUSECVE-2017-9103 at NVDCVE-2017-9104 at SUSECVE-2017-9104 at NVDCVE-2017-9105 at SUSECVE-2017-9105 at NVDCVE-2017-9106 at SUSECVE-2017-9106 at NVDCVE-2017-9107 at SUSECVE-2017-9107 at NVDCVE-2017-9108 at SUSECVE-2017-9108 at NVDCVE-2017-9109 at SUSECVE-2017-9109 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for aide (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for aide fixes the following issues:
- CVE-2021-45417: Fix a bufferoverflow in base64 functions (bsc#1194735)
ImportantSUSE bug 1194735CVE-2021-45417 at SUSECVE-2021-45417 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for amanda (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for amanda fixes the following issues:
Security issue fixed:
- CVE-2016-10729: Fixed a local privilege escalation from amanda to root via unsafe tar command options (bsc#1112916).
ModerateSUSE bug 1112916CVE-2016-10729 at SUSECVE-2016-10729 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for amanda (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for amanda fixes the following issues:
- CVE-2022-37704: Fixed a local privilege escalation (bsc#1208033).
- CVE-2022-37705: Fixed a local privilege escalation in the runtar SUID binary (bsc#1208032).
ImportantSUSE bug 1208032SUSE bug 1208033CVE-2022-37704 at SUSECVE-2022-37704 at NVDCVE-2022-37705 at SUSECVE-2022-37705 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for amanda (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for amanda fixes the following issues:
- CVE-2022-37703: Fixed information leak vulnerability in the calcsize SUID binary (bsc#1203390).
ModerateSUSE bug 1203390CVE-2022-37703 at SUSECVE-2022-37703 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ansible (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ansible to version 2.2.0.0 fixes the following issues:
- CVE-2016-8628: Command injection by compromised server via fact variables (bsc#1008037).
- CVE-2016-8614: Improper verification of key fingerprints in apt_key module (bsc#1008038).
- CVE-2016-8647: in some circumstances the mysql_user module may fail to correctly change a password (bsc#1010940).
- CVE-2016-9587: Prevent compromised host to execute commands on the controller (bsc#1019021).
For more information about the upstream bugs fixed please see
/usr/share/doc/packages/ansible/CHANGELOG.md
ModerateSUSE bug 1008037SUSE bug 1008038SUSE bug 1010940SUSE bug 1019021CVE-2016-8614 at SUSECVE-2016-8614 at NVDCVE-2016-8628 at SUSECVE-2016-8628 at NVDCVE-2016-8647 at SUSECVE-2016-8647 at NVDCVE-2016-9587 at SUSECVE-2016-9587 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ansible (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ansible fixes the following issues:
- CVE-2017-7481: Data for lookup plugins used as variables was not being marked as 'unsafe' and could lead to unintentional disclosure of information. (bsc#1038785)
ModerateSUSE bug 1038785CVE-2017-7481 at SUSECVE-2017-7481 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ansible (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ansible fixes the following issues:
Ansible was updated to 2.3.2.0. A full list of changes can be found in
/usr/share/doc/packages/ansible/CHANGELOG.md
Security issues fixed:
- CVE-2017-7550: Passing passwords in the params field in the Jenkins plugin was disallowed
as it can be leaked into log files because contents of params are not protected.
Instead, the password now must be configured separately as url_password.
(bsc#1065872)
ImportantSUSE bug 1059235SUSE bug 1065872CVE-2017-7550 at SUSECVE-2017-7550 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ansible, python-straight-plugin (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ansible, python-straight-plugin fixes the following issues:
ansible was updated to version 2.9.9
Security issues fixed:
- CVE-2020-1753: Fixed an issue where kubectl connection plugin leaks sensitive information (bsc#1166389).
- CVE-2020-1746: Fixed a potential information leak in ldap_attr and ldap_entry modules (bsc#1165393).
- CVE-2020-1733,CVE-2020-10744: Fixed a race condition and insecure permissions which could have allowed
another user on the node to gain control of the become user (bsc#1171823 and bsc#1164140).
- CVE-2020-1740: Fixed a potential secret leak to other local users (bsc#1164135).
- CVE-2020-1739: Fixed an issue which could have disclosed the password to other users within the same node, when it was set with the argument 'password' of svn module (bsc#1164133).
- CVE-2020-1738: Fixed an issue which could have allowed a malicious user to select the module sent to the node (bsc#1164136).
- CVE-2020-1737: Fixed an issue in extract-zip which could have allowed path traversal attacks (bsc#1164138).
- CVE-2020-1736: Fixed an improper implementation of impatomic_move primitive which could have resulted in world-readable or with less restricted permissions before the move files in the destination (bsc#1164134).
- CVE-2020-1735: Fixed a potential path injection which could have allowed a remote user to choose the destination path on the controller node (bsc#1164137).
- CVE-2020-1734: Fixed an improper default setting in pipe lookup plugin which could have allowed running arbitrary commands by overwriting ansible facts (bsc#1164139).
- CVE-2020-10729: Fixed an issue where two random password lookups in same task return same value (bsc#1171162).
- CVE-2020-10691: Fixed an improper sanitization in ansible-galaxy which could have allowed attackers to execute archive traversal attacks (bsc#1167873).
- CVE-2020-10685: Fixed an potential information disclosure when a module was using a file that was encrypted with vault (bsc#1167440)
- CVE-2020-10684: Fixed a potential code injection when ansible_facts was used as a subkey (bsc#1167532).
- CVE-2019-3828: Fixed a path traversal in the fetch module (bsc#1126503).
- CVE-2019-14905: Fixed a potential command injection in nxos_file_copy (bsc#1157569).
- CVE-2019-14904: Fixed an issue which could have allowed a malicious user to execute commands into the server manipulating the module behaviour (bsc#1157968).
- CVE-2019-14864: Fixed an issue which could have led to sensitive information disclosure (bsc#1154830).
- CVE-2019-14858: Fixed an issue where data in the sub parameter would have presented with increased verbosity (bsc#1154231)
- CVE-2019-14856: Fixed insufficient fix for CVE-2019-10206 (bsc#1154232).
- CVE-2019-14846: Fixed an issue which could have allowed secrets disclosure on logs due to hardcoded display to DEBUG level (bsc#1153452)
- CVE-2019-10217: Fixed an issue with fields managing sensitive data which could have leaked sensitive data when running ansible playbooks (bsc#1144453).
- CVE-2019-10206: Fixed improper implementation of ansible-playbook -k and ansible cli tools when prompt passwords (bsc#1142690).
- CVE-2019-10156: Fixed an issue when templating which could have caused an unexpected key file to be set on remote node (bsc#1137528).
- CVE-2018-16876: Fixed an issue in retry task when run with -vvv fails which could have leaked sensitive data (bsc#1118896).
- CVE-2018-16837: Fixed an issue which user module was leaking any data had been passed on as a parameter to ssh-keygen (bsc#1112959).
- CVE-2018-10875: Fixed an issue with ansible.cfg which could have allowed an attaker to execute arbitrary code. (bsc#1099808)
- CVE-2018-10855: Fixed a potential sensitive information disclosure log files and on the terminal of the user running Ansible when the no_log flag has been used (bsc#1097775).
- CVE-2017-7550: Fixed an issue on the way parameters are passed to jenkins_plugin module allowing remote attackers to expose sensitive information from a remote host's logs (bsc#1065872).
Other issues addressed:
- Created missing (empty) template and files directories for 'ansible-galaxy init' during package build (bsc#1137479)
- Added python-passlib which is needed for the 'vars_prompt' feature of ansible (bsc#1080682)
ModerateSUSE bug 1065872SUSE bug 1080682SUSE bug 1097775SUSE bug 1099808SUSE bug 1102126SUSE bug 1109957SUSE bug 1112959SUSE bug 1118896SUSE bug 1126503SUSE bug 1137479SUSE bug 1137528SUSE bug 1142542SUSE bug 1142690SUSE bug 1144453SUSE bug 1153452SUSE bug 1154231SUSE bug 1154232SUSE bug 1154830SUSE bug 1157968SUSE bug 1157969SUSE bug 1164133SUSE bug 1164134SUSE bug 1164135SUSE bug 1164136SUSE bug 1164137SUSE bug 1164138SUSE bug 1164139SUSE bug 1164140SUSE bug 1165393SUSE bug 1166389SUSE bug 1167440SUSE bug 1167532SUSE bug 1171162SUSE bug 1171823CVE-2016-8647 at SUSECVE-2016-8647 at NVDCVE-2017-7550 at SUSECVE-2017-7550 at NVDCVE-2018-10855 at SUSECVE-2018-10855 at NVDCVE-2018-10875 at SUSECVE-2018-10875 at NVDCVE-2018-16837 at SUSECVE-2018-16837 at NVDCVE-2018-16876 at SUSECVE-2018-16876 at NVDCVE-2019-10156 at SUSECVE-2019-10156 at NVDCVE-2019-10206 at SUSECVE-2019-10206 at NVDCVE-2019-10217 at SUSECVE-2019-10217 at NVDCVE-2019-14846 at SUSECVE-2019-14846 at NVDCVE-2019-14856 at SUSECVE-2019-14856 at NVDCVE-2019-14858 at SUSECVE-2019-14858 at NVDCVE-2019-14864 at SUSECVE-2019-14864 at NVDCVE-2019-14904 at SUSECVE-2019-14904 at NVDCVE-2019-14905 at SUSECVE-2019-14905 at NVDCVE-2019-3828 at SUSECVE-2019-3828 at NVDCVE-2020-10684 at SUSECVE-2020-10684 at NVDCVE-2020-10685 at SUSECVE-2020-10685 at NVDCVE-2020-10691 at SUSECVE-2020-10691 at NVDCVE-2020-10729 at SUSECVE-2020-10729 at NVDCVE-2020-10744 at SUSECVE-2020-10744 at NVDCVE-2020-1733 at SUSECVE-2020-1733 at NVDCVE-2020-1734 at SUSECVE-2020-1734 at NVDCVE-2020-1735 at SUSECVE-2020-1735 at NVDCVE-2020-1736 at SUSECVE-2020-1736 at NVDCVE-2020-1737 at SUSECVE-2020-1737 at NVDCVE-2020-1738 at SUSECVE-2020-1738 at NVDCVE-2020-1739 at SUSECVE-2020-1739 at NVDCVE-2020-1740 at SUSECVE-2020-1740 at NVDCVE-2020-1746 at SUSECVE-2020-1746 at NVDCVE-2020-1753 at SUSECVE-2020-1753 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ansible (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ansible fixes the following issues:
- CVE-2020-14330: Fixed an issue where 'no log' values are not stripped
from module response keys (bsc#1174145).
Sensitive values marked with ``no_log=True`` will automatically
have that value stripped from module return values. If
your module could return these sensitive values as
part of a dictionary key name, you should call the
``ansible.module_utils.basic.sanitize_keys()`` function to
strip the values from the keys. See the ``uri`` module for an
example.
ModerateSUSE bug 1174145CVE-2020-14330 at SUSECVE-2020-14330 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ansible (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ansible fixes the following issues:
Update to ansible 2.9.14:
- CVE-2020-1753, bsc#1166389: Kubectl connection plugin - connection plugin now redact kubectl_token and kubectl_password in console log.
- revert CVE-2020-1736. Users are encouraged to specify a mode parameter in their file-based tasks when the files being manipulated contain sensitive data.
- CVE-2020-14365, bsc#1175993: Previously, regardless of the disable_gpg_check option, packages were not GPG validated. They are now.
- CVE-2020-14332, bsc#1174302: copy - Redact the value of the no_log 'content' parameter in the result's invocation.module_args in check mode. Previously when used with check mode and with '-vvv', the module would not censor the content if a change would be made to the destination path.
- CVE-2020-1736, bsc#1164134: atomic_move - Change default permissions when creating temporary files so they are not world readable
- CVE-2020-14330, bsc#1174145: Sanitize no_log values from any response keys that might be returned from the uri module.
- CVE-2019-14846, bsc#1153452: Reset logging level to INFO.
- CVE-2020-10744, bsc#1171823, gh#ansible/ansible#69782: incomplete fix for CVE-2020-1733
ModerateSUSE bug 1153452SUSE bug 1164134SUSE bug 1166389SUSE bug 1171823SUSE bug 1174145SUSE bug 1174302SUSE bug 1175993SUSE bug 1177948CVE-2019-14846 at SUSECVE-2019-14846 at NVDCVE-2020-10744 at SUSECVE-2020-10744 at NVDCVE-2020-14330 at SUSECVE-2020-14330 at NVDCVE-2020-14332 at SUSECVE-2020-14332 at NVDCVE-2020-14365 at SUSECVE-2020-14365 at NVDCVE-2020-1733 at SUSECVE-2020-1733 at NVDCVE-2020-1736 at SUSECVE-2020-1736 at NVDCVE-2020-1753 at SUSECVE-2020-1753 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ansible (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ansible fixes the following issues:
- Update to 2.9.22:
- CVE-2021-3447: multiple modules expose secured values (bsc#1183684)
- CVE-2021-20228: basic.py no_log with fallback option (bsc#1181935)
- CVE-2021-20191: multiple collections exposes secured values (bsc#1181119)
- CVE-2021-20180: bitbucket_pipeline_variable exposes sensitive values (bsc#1180942)
- CVE-2021-20178: user data leak in snmp_facts module (bsc#1180816)
ModerateSUSE bug 1180816SUSE bug 1180942SUSE bug 1181119SUSE bug 1181935SUSE bug 1183684CVE-2021-20178 at SUSECVE-2021-20178 at NVDCVE-2021-20180 at SUSECVE-2021-20180 at NVDCVE-2021-20191 at SUSECVE-2021-20191 at NVDCVE-2021-20228 at SUSECVE-2021-20228 at NVDCVE-2021-3447 at SUSECVE-2021-3447 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ansible (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ansible fixes the following issues:
Update to 2.9.27:
- CVE-2021-3620: ansible-connection module discloses sensitive info in traceback error message (bsc#1187725).
- CVE-2021-3583: Template Injection through yaml multi-line strings with ansible facts used in template (bsc#1188061).
- ansible module nmcli is broken in ansible 2.9.13 (bsc#1176460)
ImportantSUSE bug 1176460SUSE bug 1187725SUSE bug 1188061CVE-2021-3583 at SUSECVE-2021-3583 at NVDCVE-2021-3620 at SUSECVE-2021-3620 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ant (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ant fixes the following issues:
Security issue fixed:
- CVE-2018-10886: Fixed a path traversal vulnerability in malformed zip file
paths, which allowed arbitrary file writes and could potentially lead to
code execution (bsc#1100053)
Other changes made:
- Removed support for javadoc
- Default value for stripAbsolutePathSpec changed to 'true'
ModerateSUSE bug 1100053CVE-2018-10886 at SUSECVE-2018-10886 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ant (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ant fixes the following issues:
- CVE-2021-36374: Fixed an excessive memory allocation when reading a specially
crafted ZIP archive (bsc#1188469).
ModerateSUSE bug 1188469CVE-2021-36374 at SUSECVE-2021-36374 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for apache2SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for the Apache Web Server introduces directives to control two
protocol options:
* HttpContentLengthHeadZero: Allow responses to HEAD request with
Content-Length of 0
* HttpExpectStrict: Allow the administrator to control whether clients
must send '100-continue'
MODULE_MAGIC_NUMBER_MINOR has been increased to 24, as this change is not
forward-compatible. Modules built against this release might not work
correctly with older releases of the Apache Web Server.
SUSE bug 713970SUSE bug 791794SUSE bug 815621SUSE bug 829056SUSE bug 829057SUSE bug 844212SUSE bug 852401SUSE bug 859916SUSE bug 869105SUSE bug 869106SUSE bug 871310SUSE bug 887765SUSE bug 887768SUSE bug 894225SUSE bug 899836SUSE bug 904427SUSE bug 907339SUSE bug 907477CVE-2003-1418 at SUSECVE-2003-1418 at NVDCVE-2013-1862 at SUSECVE-2013-1862 at NVDCVE-2013-1896 at SUSECVE-2013-1896 at NVDCVE-2013-5704 at SUSECVE-2013-5704 at NVDCVE-2013-6438 at SUSECVE-2013-6438 at NVDCVE-2014-0098 at SUSECVE-2014-0098 at NVDCVE-2014-0226 at SUSECVE-2014-0226 at NVDCVE-2014-0231 at SUSECVE-2014-0231 at NVDCVE-2014-3581 at SUSECVE-2014-3581 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Apache was updated to fix one security vulnerability and two bugs.
Following security issue was fixed.
- Fix the chunked transfer coding implementation in the Apache (bsc#938728, CVE-2015-3183)
Bugs fixed:
- add SSLSessionTickets directive (bsc#941676)
- hardcode modules %files (bsc#444878)
- only enable the port 443 for TCP protocol, not UDP. (bsc#931002)
ModerateSUSE bug 444878SUSE bug 931002SUSE bug 938728SUSE bug 941676CVE-2015-3183 at SUSECVE-2015-3183 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apache2 fixes the following issues:
* It used to be possible to set an arbitrary $HTTP_PROXY environment variable
for request handlers -- like CGI scripts -- by including a specially crafted
HTTP header in the request (CVE-2016-5387). As a result, these server
components would potentially direct all their outgoing HTTP traffic through a
malicious proxy server. This patch fixes the issue: the updated Apache server
ignores such HTTP headers and never sets $HTTP_PROXY for sub-processes
(unless a value has been explicitly configured by the administrator in the
configuration file). (bsc#988488)
ModerateSUSE bug 988488CVE-2016-5387 at SUSECVE-2016-5387 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apache2 fixes the following issues:
Security issues fixed:
- CVE-2016-2161: Malicious input to mod_auth_digest could have caused the server to crash,
resulting in DoS (bsc#1016714).
- CVE-2016-8743: Added new directive 'HttpProtocolOptions Strict' to avoid proxy chain
misinterpretation (bsc#1016715).
ModerateSUSE bug 1016714SUSE bug 1016715CVE-2016-2161 at SUSECVE-2016-2161 at NVDCVE-2016-8743 at SUSECVE-2016-8743 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update provides apache2 2.2.34, which brings many fixes and enhancements:
Security issues fixed:
- CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest. (bsc#1048576)
Bug fixes:
- Remove /usr/bin/http2 link only during package uninstall, not upgrade. (bsc#1041830)
- Don't put the backend in error state (by default) when 500/503 error code is overridden. (bsc#951692)
- Allow single-char field names inadvertently disallowed in 2.2.32.
ModerateSUSE bug 1041830SUSE bug 1048576SUSE bug 951692CVE-2017-9788 at SUSECVE-2017-9788 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apache2 fixes the following issues:
- Allow disabling SNI on proxy connections using 'SetEnv proxy-disable-sni 1' in the configuration files. (bsc#1052830)
- Allow ECDH again in mod_ssl, it had been incorrectly disabled with the 2.2.34 update. (bsc#1064561)
Following security issue has been fixed:
- CVE-2017-9798: A use-after-free in the OPTIONS command could be used by attackers to disclose memory of the apache server process, when htaccess uses incorrect Limit statement. (bsc#1058058)
Additionally, references to the following security issues, fixed by the previous version-update of apache2
to Apache HTTPD 2.2.34 have been added:
- CVE-2017-7668: The HTTP strict parsing introduced a bug in token list parsing, which allowed ap_find_token() to
search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may
have be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value. (bsc#1045061)
- CVE-2017-3169: mod_ssl may have de-referenced a NULL pointer when third-party modules call
ap_hook_process_connection() during an HTTP request to an HTTPS port allowing for DoS. (bsc#1045062)
- CVE-2017-3167: Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may have
lead to authentication requirements being bypassed. (bsc#1045065)
- CVE-2017-7679: mod_mime could have read one byte past the end of a buffer when sending a malicious Content-Type
response header. (bsc#1045060)
ModerateSUSE bug 1045060SUSE bug 1045061SUSE bug 1045062SUSE bug 1045065SUSE bug 1052830SUSE bug 1058058SUSE bug 1064561CVE-2009-2699 at SUSECVE-2009-2699 at NVDCVE-2010-0425 at SUSECVE-2010-0425 at NVDCVE-2012-0021 at SUSECVE-2012-0021 at NVDCVE-2014-0118 at SUSECVE-2014-0118 at NVDCVE-2017-3167 at SUSECVE-2017-3167 at NVDCVE-2017-3169 at SUSECVE-2017-3169 at NVDCVE-2017-7668 at SUSECVE-2017-7668 at NVDCVE-2017-7679 at SUSECVE-2017-7679 at NVDCVE-2017-9798 at SUSECVE-2017-9798 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apache2 fixes the following issues:
- security update:
* CVE-2018-1301: Specially crafted requests, in debug mode, could lead to denial of service. [bsc#1086817]
* CVE-2017-15710: failure in the language fallback handling could lead to denial of service. [bsc#1086776]
* CVE-2018-1312: Seed wrongly generated could lead to replay attack in cluster environments. [bsc#1086775]
ModerateSUSE bug 1086775SUSE bug 1086776SUSE bug 1086817CVE-2017-15710 at SUSECVE-2017-15710 at NVDCVE-2018-1301 at SUSECVE-2018-1301 at NVDCVE-2018-1312 at SUSECVE-2018-1312 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for apache2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apache2 fixes the following issues:
* CVE-2019-0220: The Apache HTTP server did not use a consistent strategy for
URL normalization throughout all of its components. In particular,
consecutive slashes were not always collapsed. Attackers could potentially
abuse these inconsistencies to by-pass access control mechanisms and thus
gain unauthorized access to protected parts of the service. [bsc#1131241]
* CVE-2019-0217: A race condition in Apache's 'mod_auth_digest' when running in
a threaded server could have allowed users with valid credentials to
authenticate using another username, bypassing configured access control
restrictions. [bsc#1131239]
ImportantSUSE bug 1131239SUSE bug 1131241CVE-2019-0217 at SUSECVE-2019-0217 at NVDCVE-2019-0220 at SUSECVE-2019-0220 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apache2 fixes the following issues:
Security issues fixed:
- CVE-2019-10092: Fixed limited cross-site scripting in mod_proxy (bsc#1145740).
- CVE-2019-10098: Fixed mod_rewrite configuration vulnerablility to open redirect (bsc#1145738).
ModerateSUSE bug 1145738SUSE bug 1145740CVE-2019-10092 at SUSECVE-2019-10092 at NVDCVE-2019-10098 at SUSECVE-2019-10098 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for apache2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apache2 fixes the following issues:
- CVE-2020-1934: mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server (bsc#1168404).
- CVE-2020-1938: mod_proxy_ajp: Add 'secret' parameter to proxy workers to implement legacy AJP13 authentication (bsc#1169066).
ImportantSUSE bug 1168404SUSE bug 1169066CVE-2020-1934 at SUSECVE-2020-1934 at NVDCVE-2020-1938 at SUSECVE-2020-1938 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apache2 fixes the following issues:
- Fixed potential content spoofing with default error pages(bsc#118270)
ModerateSUSE bug 1145740SUSE bug 1182703CVE-2019-10092 at SUSECVE-2019-10092 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for apache2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apache2 fixes the following issues:
- fixed CVE-2021-30641 [bsc#1187174]: MergeSlashes regression
- fixed CVE-2020-35452 [bsc#1186922]: Single zero byte stack overflow in mod_auth_digest
ImportantSUSE bug 1186922SUSE bug 1187174CVE-2020-35452 at SUSECVE-2020-35452 at NVDCVE-2021-30641 at SUSECVE-2021-30641 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for apache2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apache2 fixes the following issues:
- CVE-2021-39275: Fixed an out-of-bounds write in ap_escape_quotes() via malicious input. (bsc#1190666)
ImportantSUSE bug 1190666CVE-2021-39275 at SUSECVE-2021-39275 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for apache2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apache2 fixes the following issues:
- CVE-2022-22720: HTTP request smuggling due to incorrect error handling (bsc#1197095).
- CVE-2022-22721: possible buffer overflow with very large or unlimited LimitXMLRequestBody (bsc#1197096).
ImportantSUSE bug 1197095SUSE bug 1197096CVE-2022-22720 at SUSECVE-2022-22720 at NVDCVE-2022-22721 at SUSECVE-2022-22721 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for apache2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apache2 fixes the following issues:
- CVE-2022-26377: Fixed possible request smuggling in mod_proxy_ajp (bsc#1200338)
- CVE-2022-28614: Fixed read beyond bounds via ap_rwrite() (bsc#1200340)
- CVE-2022-28615: Fixed read beyond bounds in ap_strcmp_match() (bsc#1200341)
ImportantSUSE bug 1200338SUSE bug 1200340SUSE bug 1200341CVE-2022-26377 at SUSECVE-2022-26377 at NVDCVE-2022-28614 at SUSECVE-2022-28614 at NVDCVE-2022-28615 at SUSECVE-2022-28615 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apache2 fixes the following issues:
- CVE-2022-31813: Fixed mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism (bsc#1200348).
ModerateSUSE bug 1200348CVE-2022-31813 at SUSECVE-2022-31813 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for apache2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apache2 fixes the following issues:
- CVE-2022-37436: Fixed an issue in mod_proxy where a malicious
backend could cause the response headers to be truncated early,
resulting in some headers being incorporated into the response body
(bsc#1207251).
- CVE-2022-36760: Fixed an issue in mod_proxy_ajp that could allow
request smuggling attacks (bsc#1207250).
- CVE-2006-20001: Fixed an issue in mod_proxy_ajp where a request
header could cause memory corruption (bsc#1207247).
ImportantSUSE bug 1207247SUSE bug 1207250SUSE bug 1207251CVE-2006-20001 at SUSECVE-2006-20001 at NVDCVE-2022-36760 at SUSECVE-2022-36760 at NVDCVE-2022-37436 at SUSECVE-2022-37436 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for apache2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apache2 fixes the following issues:
- CVE-2023-25690: Fixed HTTP request splitting with mod_rewrite and mod_proxy (bsc#1209047).
ImportantSUSE bug 1209047CVE-2023-25690 at SUSECVE-2023-25690 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for apache2-mod_jk (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apache2-mod_jk fixes the following issues:
Security issues fixed:
- CVE-2018-11759: Fixed connector path traversal due to mishandled HTTP requests in httpd (bsc#1114612).
- CVE-2014-8111: Apache Tomcat Connectors (mod_jk) ignored JkUnmount rules for subtrees of previous JkMount rules, which allowed remote attackers to access otherwise restricted artifacts via unspecified vectors (bsc#927845).
ModerateSUSE bug 1114612SUSE bug 927845CVE-2014-8111 at SUSECVE-2014-8111 at NVDCVE-2018-11759 at SUSECVE-2018-11759 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for apache2-mod_nssSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update brings several improvements to apache2-mod_nss.
*
More TLS 1.2 ciphers have been added, including AES-GCM and Camelia
ciphers. These can be selected by their tags:
o rsa_aes_128_sha256
o rsa_aes_128_gcm_sha
o rsa_aes_256_sha256
o rsa_camellia_128_sha
o rsa_camellia_256_sha
o ecdh_ecdsa_aes_128_gcm_sha
o ecdhe_ecdsa_aes_128_sha256
o ecdhe_ecdsa_aes_128_gcm_sha
o ecdh_rsa_aes_128_gcm_sha
o ecdhe_rsa_aes_128_sha256
*
The mod_nss.conf.in template was updated to include those ciphers.
(bnc#863035)
*
VirtualHost settings in /etc/apache2/conf.d/mod_nss.conf is now
externalized to /etc/apache2/vhosts.d/vhost-nss.template and not
activated/read by default. (bnc#878681)
*
The Server Name Indication (SNI) extension was implemented.
*
Reading the pass phrase during start-up was improved. (bnc#863518)
SUSE bug 847216SUSE bug 853039SUSE bug 863035SUSE bug 863518SUSE bug 864929SUSE bug 878681SUSE bug 897712SUSE bug 902068CVE-2013-4566 at SUSECVE-2013-4566 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for apache2-mod_nss (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update provides apache2-mod_nss 1.0.14, which brings several fixes and
enhancements:
- SHA256 cipher names change spelling from *_sha256 to *_sha_256.
- Drop mod_nss_migrate.pl and use upstream migrate script instead.
- Check for Apache user owner/group read permissions of NSS database at startup.
- Update default ciphers to something more modern and secure.
- Check for host and netstat commands in gencert before trying to use them.
- Don't ignore NSSProtocol when NSSFIPS is enabled.
- Use proper shell syntax to avoid creating /0 in gencert.
- Add server support for DHE ciphers.
- Extract SAN from server/client certificates into env.
- Fix memory leaks and other coding issues caught by clang analyzer.
- Add support for Server Name Indication (SNI)
- Add support for SNI for reverse proxy connections.
- Add RenegBufferSize? option.
- Add support for TLS Session Tickets (RFC 5077).
- Implement a slew more OpenSSL cipher macros.
- Fix a number of illegal memory accesses and memory leaks.
- Support for SHA384 ciphers if they are available in the version of NSS mod_nss is built against.
- Add the SECURE_RENEG environment variable.
- Add some hints when NSS database cannot be initialized.
- Code cleanup including trailing whitespace and compiler warnings.
- Modernize autotools configuration slightly, add config.h.
- Add small test suite for SNI.
- Add compatibility for mod_ssl-style cipher definitions.
- Add Camelia ciphers.
- Remove Fortezza ciphers.
- Add TLSv1.2-specific ciphers.
- Initialize cipher list when re-negotiating handshake.
- Completely remove support for SSLv2.
- Add support for sqlite NSS databases.
- Compare subject CN and VS hostname during server start up.
- Add support for enabling TLS v1.2.
- Don't enable SSL 3 by default. (CVE-2014-3566)
- Improve protocol testing.
- Add nss_pcache man page.
- Fix argument handling in nss_pcache.
- Support httpd 2.4+.
- Allow users to configure a helper to ask for certificate passphrases via
NSSPassPhraseDialog. (bsc#975394)
ModerateSUSE bug 975394SUSE bug 979688CVE-2013-4566 at SUSECVE-2013-4566 at NVDCVE-2014-3566 at SUSECVE-2014-3566 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for apache2-mod_perl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apache2-mod_perl fixes the following issues:
- CVE-2011-2767: Fixed a vulnerability which could have allowed
perl code execution in the context of user account (bsc#1156944).
ModerateSUSE bug 1156944CVE-2011-2767 at SUSECVE-2011-2767 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes the following vulnerabilities in php:
* Heap corruption issue in exif_thumbnail(). (CVE-2014-3670)
* Integer overflow in unserialize(). (CVE-2014-3669)
* Xmlrpc ISO8601 date format parsing out-of-bounds read in mkgmtime().
(CVE-2014-3668)
Security Issues:
* CVE-2014-3669
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669>
* CVE-2014-3670
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670>
* CVE-2014-3668
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668>
SUSE bug 828020SUSE bug 829207SUSE bug 837746SUSE bug 842676SUSE bug 853045SUSE bug 854880SUSE bug 868624SUSE bug 880904SUSE bug 880905SUSE bug 882992SUSE bug 884986SUSE bug 884987SUSE bug 884989SUSE bug 884990SUSE bug 884991SUSE bug 884992SUSE bug 885961SUSE bug 886059SUSE bug 886060SUSE bug 893849SUSE bug 893853SUSE bug 902357SUSE bug 902360SUSE bug 902368SUSE bug 907519SUSE bug 910659SUSE bug 914690SUSE bug 917150SUSE bug 918768SUSE bug 919080SUSE bug 922022SUSE bug 922451SUSE bug 922452SUSE bug 923946SUSE bug 924972SUSE bug 925109SUSE bug 928506SUSE bug 928511SUSE bug 931421SUSE bug 931769SUSE bug 931772SUSE bug 931776SUSE bug 933227SUSE bug 935074SUSE bug 935224SUSE bug 935226SUSE bug 935227SUSE bug 935232SUSE bug 935234SUSE bug 935274SUSE bug 935275CVE-2013-4113 at SUSECVE-2013-4113 at NVDCVE-2013-4248 at SUSECVE-2013-4248 at NVDCVE-2013-4635 at SUSECVE-2013-4635 at NVDCVE-2013-6420 at SUSECVE-2013-6420 at NVDCVE-2013-6501 at SUSECVE-2013-6501 at NVDCVE-2013-6712 at SUSECVE-2013-6712 at NVDCVE-2014-0207 at SUSECVE-2014-0207 at NVDCVE-2014-0237 at SUSECVE-2014-0237 at NVDCVE-2014-0238 at SUSECVE-2014-0238 at NVDCVE-2014-2497 at SUSECVE-2014-2497 at NVDCVE-2014-3478 at SUSECVE-2014-3478 at NVDCVE-2014-3479 at SUSECVE-2014-3479 at NVDCVE-2014-3480 at SUSECVE-2014-3480 at NVDCVE-2014-3487 at SUSECVE-2014-3487 at NVDCVE-2014-3515 at SUSECVE-2014-3515 at NVDCVE-2014-3668 at SUSECVE-2014-3668 at NVDCVE-2014-3669 at SUSECVE-2014-3669 at NVDCVE-2014-3670 at SUSECVE-2014-3670 at NVDCVE-2014-4049 at SUSECVE-2014-4049 at NVDCVE-2014-4670 at SUSECVE-2014-4670 at NVDCVE-2014-4698 at SUSECVE-2014-4698 at NVDCVE-2014-4721 at SUSECVE-2014-4721 at NVDCVE-2014-5459 at SUSECVE-2014-5459 at NVDCVE-2014-8142 at SUSECVE-2014-8142 at NVDCVE-2014-9652 at SUSECVE-2014-9652 at NVDCVE-2014-9705 at SUSECVE-2014-9705 at NVDCVE-2014-9709 at SUSECVE-2014-9709 at NVDCVE-2015-0231 at SUSECVE-2015-0231 at NVDCVE-2015-0232 at SUSECVE-2015-0232 at NVDCVE-2015-2301 at SUSECVE-2015-2301 at NVDCVE-2015-2305 at SUSECVE-2015-2305 at NVDCVE-2015-2783 at SUSECVE-2015-2783 at NVDCVE-2015-2787 at SUSECVE-2015-2787 at NVDCVE-2015-3329 at SUSECVE-2015-3329 at NVDCVE-2015-3411 at SUSECVE-2015-3411 at NVDCVE-2015-3412 at SUSECVE-2015-3412 at NVDCVE-2015-4021 at SUSECVE-2015-4021 at NVDCVE-2015-4022 at SUSECVE-2015-4022 at NVDCVE-2015-4024 at SUSECVE-2015-4024 at NVDCVE-2015-4026 at SUSECVE-2015-4026 at NVDCVE-2015-4148 at SUSECVE-2015-4148 at NVDCVE-2015-4598 at SUSECVE-2015-4598 at NVDCVE-2015-4599 at SUSECVE-2015-4599 at NVDCVE-2015-4600 at SUSECVE-2015-4600 at NVDCVE-2015-4601 at SUSECVE-2015-4601 at NVDCVE-2015-4602 at SUSECVE-2015-4602 at NVDCVE-2015-4603 at SUSECVE-2015-4603 at NVDCVE-2015-4643 at SUSECVE-2015-4643 at NVDCVE-2015-4644 at SUSECVE-2015-4644 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for apache2-mod_security2SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This apache2-mod_security2 update fixes the following security issue:
* bnc#871309: bypass of intended rules via chunked requests
(CVE-2013-5705)
Security Issues:
* CVE-2013-5705
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5705>
SUSE bug 822664SUSE bug 871309CVE-2013-2765 at SUSECVE-2013-2765 at NVDCVE-2013-5705 at SUSECVE-2013-5705 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for apache2-mod_security2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apache2-mod_security2 fixes the following issues:
- CVE-2022-48279: Fixed a potential firewall bypass due to an
incorrect parsing of HTTP multipart requests (bsc#1207378).
ImportantSUSE bug 1207378CVE-2022-48279 at SUSECVE-2022-48279 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for apport (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apport fixes the following issues:
Security issue fixed:
- CVE-2015-1338: Insecurely created crash dumps could lead to a DoS or privilege escalation through
malicious symlinks. (bsc#947731)
ModerateSUSE bug 947731CVE-2015-1338 at SUSECVE-2015-1338 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for apport (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apport fixes the following issues:
Security issues fixed:
- CVE-2019-7307: Fixed a TOCTOU issue, which allows local users to read arbitrary files. (bsc#1140986)
ModerateSUSE bug 1140986CVE-2019-7307 at SUSECVE-2019-7307 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for apport (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for apport fixes the following issues:
- CVE-2019-11482: Fixed TOCTTOU race conditions when creating a core file (bsc#1155479).
- CVE-2019-11485: Fixed a permission issue with the directory of lock files (bsc#1155481)
- CVE-2019-15790: Fixed the privilleges that reads /proc/$PID/ files to avoid potential information disclosure (bsc#1155482).
- CVE-2020-15701: Fixed a denial of service while parsing apport-ignore.xml (bsc#1174108).
ModerateSUSE bug 1155479SUSE bug 1155481SUSE bug 1155482SUSE bug 1174108CVE-2019-11482 at SUSECVE-2019-11482 at NVDCVE-2019-11485 at SUSECVE-2019-11485 at NVDCVE-2019-15790 at SUSECVE-2019-15790 at NVDCVE-2020-15701 at SUSECVE-2020-15701 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for arpwatch (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for arpwatch fixes the following issues:
- CVE-2021-25321: Fixed local privilege escalation from runtime user to root (bsc#1186240).
ImportantSUSE bug 1186240CVE-2021-25321 at SUSECVE-2021-25321 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for aspell (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for aspell fixes the following issues:
- CVE-2019-17544: Fixed a stack-based buffer over-read in acommon:unescape in common/getdata.cpp via an isolated backslash (bsc#1153892).
ModerateSUSE bug 1153892CVE-2019-17544 at SUSECVE-2019-17544 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for aspell (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for aspell fixes the following security issue:
- CVE-2019-20433: Fixed a buffer over-read when processing strings ending with a single '\0' byte with ucs-2 and ucs-4 encoding (bsc#1161982).
ModerateSUSE bug 1161982CVE-2019-20433 at SUSECVE-2019-20433 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for aspell (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for aspell fixes the following issues:
- CVE-2019-25051: Fixed heap-buffer-overflow in acommon:ObjStack:dup_top (bsc#1188576).
ImportantSUSE bug 1188576CVE-2019-25051 at SUSECVE-2019-25051 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for atftp (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for atftp fixes the following issues:
Security issues fixed:
- CVE-2019-11366: Fixed a denial of service caused by a NULL pointer dereference because thread_list_mutex was not locked (bsc#1133145).
- CVE-2019-11365: Fixed a buffer overflow which could lead to remote code execution caused by an insecure use of strncpy() (bsc#1133114).
ImportantSUSE bug 1133114SUSE bug 1133145CVE-2019-11365 at SUSECVE-2019-11365 at NVDCVE-2019-11366 at SUSECVE-2019-11366 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for atftp (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for atftp fixes the following issues:
- CVE-2021-41054: Fixed buffer overflow caused by combination of data, OACK, and other options (bsc#1190522).
ModerateSUSE bug 1190522CVE-2021-41054 at SUSECVE-2021-41054 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for atftp (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for atftp fixes the following issues:
- CVE-2021-46671: Fixed a potential information leak in atftpd (bnc#1195619).
LowSUSE bug 1195619CVE-2021-46671 at SUSECVE-2021-46671 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for audiofile (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for audiofile fixes the following issues:
Security issues fixed:
- CVE-2017-6827: heap-based buffer overflow in MSADPCM::initializeCoefficients (MSADPCM.cpp) (bsc#1026979)
- CVE-2017-6828: heap-based buffer overflow in readValue (FileHandle.cpp) (bsc#1026980)
- CVE-2017-6829: global buffer overflow in decodeSample (IMA.cpp) (bsc#1026981)
- CVE-2017-6830: heap-based buffer overflow in alaw2linear_buf (G711.cpp) (bsc#1026982)
- CVE-2017-6831: heap-based buffer overflow in IMA::decodeBlockWAVE (IMA.cpp) (bsc#1026983)
- CVE-2017-6832: heap-based buffer overflow in MSADPCM::decodeBlock (MSADPCM.cpp) (bsc#1026984)
- CVE-2017-6833: divide-by-zero in BlockCodec::runPull (BlockCodec.cpp) (bsc#1026985)
- CVE-2017-6834: heap-based buffer overflow in ulaw2linear_buf (G711.cpp) (bsc#1026986)
- CVE-2017-6835: divide-by-zero in BlockCodec::reset1 (BlockCodec.cpp) (bsc#1026988)
- CVE-2017-6836: heap-based buffer overflow in Expand3To4Module::run (SimpleModule.h) (bsc#1026987)
- CVE-2017-6837, CVE-2017-6838, CVE-2017-6839: multiple ubsan crashes (bsc#1026978)
ModerateSUSE bug 1026978SUSE bug 1026979SUSE bug 1026980SUSE bug 1026981SUSE bug 1026982SUSE bug 1026983SUSE bug 1026984SUSE bug 1026985SUSE bug 1026986SUSE bug 1026987SUSE bug 1026988CVE-2017-6827 at SUSECVE-2017-6827 at NVDCVE-2017-6828 at SUSECVE-2017-6828 at NVDCVE-2017-6829 at SUSECVE-2017-6829 at NVDCVE-2017-6830 at SUSECVE-2017-6830 at NVDCVE-2017-6831 at SUSECVE-2017-6831 at NVDCVE-2017-6832 at SUSECVE-2017-6832 at NVDCVE-2017-6833 at SUSECVE-2017-6833 at NVDCVE-2017-6834 at SUSECVE-2017-6834 at NVDCVE-2017-6835 at SUSECVE-2017-6835 at NVDCVE-2017-6836 at SUSECVE-2017-6836 at NVDCVE-2017-6837 at SUSECVE-2017-6837 at NVDCVE-2017-6838 at SUSECVE-2017-6838 at NVDCVE-2017-6839 at SUSECVE-2017-6839 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for augeasSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Augeas has been updated to fix a symlink overwrite problem (CVE-2012-0786,
CVE-2013-6412).
Also a bug has been fixed where 'augtool -s set was failing' (bnc#876044)
Additionally parsing the multipath configuration has been fixed. bnc#871323
Security Issues:
* CVE-2012-0786
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0786>
* CVE-2013-6412
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6412>
SUSE bug 849252SUSE bug 853044SUSE bug 871323SUSE bug 876044SUSE bug 885003CVE-2012-0786 at SUSECVE-2012-0786 at NVDCVE-2013-6412 at SUSECVE-2013-6412 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for augeas (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes an untrusted argument escaping problem (CVE-2014-8119):
* new API - aug_escape_name() - which can be used to escape
untrusted inputs before using them as part of path expressions
* aug_match() is changed to return properly escaped output
ModerateSUSE bug 925225CVE-2014-8119 at SUSECVE-2014-8119 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for augeas (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for augeas fixes the following issues:
Security issues fixed:
- CVE-2017-7555: Fix a memory corruption bug could have lead to arbitrary code execution
by passing crafted strings that would be mis-handled by parse_name() (bsc#1054171).
- CVE-2014-8119: Fix improper handling of escaped strings leading to memory corruption (bsc#925225).
ModerateSUSE bug 1054171SUSE bug 925225CVE-2014-8119 at SUSECVE-2014-8119 at NVDCVE-2017-7555 at SUSECVE-2017-7555 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for automakeSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update of automake fixes a race condition in 'distcheck'.
(CVE-2012-3386)
Also a bug where world writeable tarballs were generated during 'make dist'
has been fixed (CVE-2009-4029).
Security Issue references:
* CVE-2012-3386
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3386>
* CVE-2009-4029
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4029>
SUSE bug 559815SUSE bug 770618CVE-2012-3386 at SUSECVE-2012-3386 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for avahi (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for avahi fixes the following issues:
Security issue fixed:
- CVE-2018-1000845: Fixed DNS amplification and reflection to spoofed addresses (DOS) (bsc#1120281)
ModerateSUSE bug 1120281CVE-2018-1000845 at SUSECVE-2018-1000845 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for avahi (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for avahi fixes the following issues:
- increase data and stack limits to fix remote denial of service (bsc#1085255).
ModerateSUSE bug 1085255cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for avahi (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for avahi fixes the following issues:
- CVE-2021-26720: drop privileges when invoking avahi-daemon-check-dns.sh (bsc#1180827).
- Add sudo to requires: used to drop privileges.
ModerateSUSE bug 1180827CVE-2021-26720 at SUSECVE-2021-26720 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for avahi (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for avahi fixes the following issues:
- CVE-2021-3468: avoid infinite loop by handling HUP event in client_work (bsc#1184521).
ModerateSUSE bug 1184521CVE-2021-3468 at SUSECVE-2021-3468 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for avahi (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for avahi fixes the following issues:
- CVE-2023-1981: Fixed crash in avahi-daemon via DBus (bsc#1210328).
ModerateSUSE bug 1210328CVE-2023-1981 at SUSECVE-2023-1981 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for axis (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for axis fixes the following security issue:
- CVE-2018-8032: Prevent cross-site scripting (XSS) attack in the default
servlet/services (bsc#1103658).
ModerateSUSE bug 1103658CVE-2018-8032 at SUSECVE-2018-8032 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for axis (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for axis fixes the following issues:
Security issue fixed:
- CVE-2012-5784, CVE-2014-3596: Fixed missing connection hostname check against X.509 certificate name (bsc#1134598).
ModerateSUSE bug 1134598CVE-2012-5784 at SUSECVE-2012-5784 at NVDCVE-2014-3596 at SUSECVE-2014-3596 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for bashSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The command-line shell 'bash' evaluates environment variables, which allows
the injection of characters and might be used to access files on the system
in some circumstances (CVE-2014-7169).
Please note that this issue is different from a previously fixed
vulnerability tracked under CVE-2014-6271 and is less serious due to the
special, non-default system configuration that is needed to create an
exploitable situation.
To remove further exploitation potential we now limit the
function-in-environment variable to variables prefixed with BASH_FUNC_.
This hardening feature is work in progress and might be improved in later
updates.
Additionally, two other security issues have been fixed:
* CVE-2014-7186: Nested HERE documents could lead to a crash of bash.
* CVE-2014-7187: Nesting of for loops could lead to a crash of bash.
Security Issues:
* CVE-2014-7169
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169>
* CVE-2014-7186
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186>
* CVE-2014-7187
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187>
SUSE bug 819783SUSE bug 820149SUSE bug 844550SUSE bug 896776SUSE bug 898346SUSE bug 898603SUSE bug 898604CVE-2014-6271 at SUSECVE-2014-6271 at NVDCVE-2014-7169 at SUSECVE-2014-7169 at NVDCVE-2014-7186 at SUSECVE-2014-7186 at NVDCVE-2014-7187 at SUSECVE-2014-7187 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for bash (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bash fixes the following issues:
- CVE-2016-7543: Local attackers could have executed arbitrary commands via specially crafted SHELLOPTS+PS4 variables (bsc#1001299)
- CVE-2016-0634: Malicious hostnames could have allowed arbitrary command execution when $HOSTNAME was expanded in the prompt (bsc#1000396)
- CVE-2014-6278: code execution vulnerability via fd redirection (bsc#898884)
- CVE-2014-6277: Remote attackers could have executed arbitrary code or caused a denial of service due to improper parsing of function definitions in the values of environment variables (bsc#898812)
The following bugs were fixed:
- bsc#971410: bash script would teminated unexpectedly due to mishandled recursive traps
- bsc#913701: bash hangs if DEBUG trap is enabled
The following documentation updates are included:
- bsc#959755: Make clear that the files /etc/profile as well as /etc/bash.bashrc may source other files as well even if the bash does not.
ImportantSUSE bug 1000396SUSE bug 1001299SUSE bug 898812SUSE bug 898884SUSE bug 913701SUSE bug 959755SUSE bug 971410CVE-2014-6277 at SUSECVE-2014-6277 at NVDCVE-2014-6278 at SUSECVE-2014-6278 at NVDCVE-2016-0634 at SUSECVE-2016-0634 at NVDCVE-2016-7543 at SUSECVE-2016-7543 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for bash (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bash fixed several issues
This security issue was fixed:
- CVE-2016-9401: popd in bash might allowed local users to bypass the restricted shell and cause a use-after-free via a crafted address (bsc#1010845).
This non-security issue was fixed:
- Fix when HISTSIZE=0 and chattr +a .bash_history (bsc#1031729)
LowSUSE bug 1010845SUSE bug 1031729SUSE bug 976776CVE-2016-9401 at SUSECVE-2016-9401 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for bcel (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bcel fixes the following issues:
- CVE-2022-42920: Fixed producing arbitrary bytecode via out-of-bounds writing (bsc#1205125).
ModerateSUSE bug 1205125CVE-2022-42920 at SUSECVE-2022-42920 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for bindSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes a DoS vulnerability in bind when handling malformed
NSEC3-signed zones. CVE-2014-0591 has been assigned to this issue.
Security Issue references:
* CVE-2014-0591
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591>
SUSE bug 743758SUSE bug 815230SUSE bug 819475SUSE bug 831899SUSE bug 858639SUSE bug 882511SUSE bug 908994SUSE bug 918330SUSE bug 936476CVE-2013-4854 at SUSECVE-2013-4854 at NVDCVE-2014-0591 at SUSECVE-2014-0591 at NVDCVE-2014-8500 at SUSECVE-2014-8500 at NVDCVE-2015-1349 at SUSECVE-2015-1349 at NVDCVE-2015-4620 at SUSECVE-2015-4620 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for bind (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
bind was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-5477: Remote DoS via TKEY queries (bsc#939567)
Exposure to this issue can not be prevented by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet handling.
ImportantSUSE bug 939567CVE-2015-5477 at SUSECVE-2015-5477 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for bind (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The nameserver bind was updated to fix a remote denial of service (crash) attack against
bind nameservers doing validation on DNSSEC signed records. (CVE-2015-5722, bsc#944066).
ImportantSUSE bug 944066CVE-2015-5722 at SUSECVE-2015-5722 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for bind (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes the following security issue:
- CVE-2015-8000: Fix remote denial of service by misparsing incoming responses (bsc#958861).
It also fixes a bug:
- Fix a regression in caching entries with a TTL of 0 (bsc#923281).
ImportantSUSE bug 923281SUSE bug 958861CVE-2015-8000 at SUSECVE-2015-8000 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for bind (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for bind fixes the following issues:
- CVE-2015-8704: Specific APL data allowed remote attacker to trigger a crash in certain configurations (bsc#962189)
ImportantSUSE bug 962189CVE-2015-8704 at SUSECVE-2015-8704 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for bind (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bind fixes the following issues:
Fix two assertion failures that can lead to a remote denial of service attack:
* CVE-2016-1285: An error when parsing signature records for DNAME can lead to named exiting due to an assertion failure. (bsc#970072)
* CVE-2016-1286: An error when parsing signature records for DNAME records having specific properties can lead to named exiting due to an assertion failure in resolver.c or db.c. (bsc#970073)
ImportantSUSE bug 970072SUSE bug 970073CVE-2016-1285 at SUSECVE-2016-1285 at NVDCVE-2016-1286 at SUSECVE-2016-1286 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for bind (Critical)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
The nameserver bind was updated to fix a remote denial of service
vulnerability, where a crafted packet could cause the nameserver to abort. (CVE-2016-2776, bsc#1000362)
CriticalSUSE bug 1000362CVE-2016-2776 at SUSECVE-2016-2776 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for bind (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bind fixes the following issues:
- A defect in BIND's handling of responses containing a DNAME answer had
the potential to trigger assertion errors in the server remotely,
thereby facilitating a denial-of-service attack. (CVE-2016-8864, bsc#1007829).
- Fix BIND to return a valid hostname in response to ldapdump queries.
(bsc#965748)
ImportantSUSE bug 1007829SUSE bug 965748CVE-2016-8864 at SUSECVE-2016-8864 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for bind (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bind fixes the following issues:
- Fix a potential assertion failure that could have been triggered by a
malformed response to an ANY query, thereby facilitating a denial-of-service
attack. [CVE-2016-9131, bsc#1018700, bsc#1018699]
- Fix a potential assertion failure that could have been triggered by
responding to a query with inconsistent DNSSEC information, thereby
facilitating a denial-of-service attack. [CVE-2016-9147, bsc#1018701,
bsc#1018699]
- Fix potential assertion failure that could have been triggered by DNS
responses that contain unusually-formed DS resource records, facilitating a
denial-of-service attack. [CVE-2016-9444, bsc#1018702, bsc#1018699]
ImportantSUSE bug 1018699SUSE bug 1018700SUSE bug 1018701SUSE bug 1018702CVE-2016-9131 at SUSECVE-2016-9131 at NVDCVE-2016-9147 at SUSECVE-2016-9147 at NVDCVE-2016-9444 at SUSECVE-2016-9444 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for bind (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bind fixes the following issues:
- Fixed a possible denial of service vulnerability (affected only
configurations using both DNS64 and RPZ, CVE-2017-3135, bsc#1024130)
ModerateSUSE bug 1024130CVE-2017-3135 at SUSECVE-2017-3135 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for bind (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bind fixes the following security issues:
CVE-2017-3137 (bsc#1033467):
Mistaken assumptions about the ordering of records in the answer
section of a response containing CNAME or DNAME resource records
could have been exploited to cause a denial of service of a bind
server performing recursion.
CVE-2017-3136 (bsc#1033466):
An attacker could have constructed a query that would cause a denial
of service of servers configured to use DNS64.
CVE-2017-3138 (bsc#1033468):
An attacker with access to the BIND control channel could have caused
the server to stop by triggering an assertion failure.
CVE-2016-6170 (bsc#987866):
Primary DNS servers could have caused a denial of service of secondary DNS servers via a large AXFR response.
IXFR servers could have caused a denial of service of IXFR clients via a large IXFR response.
Remote authenticated users could have caused a denial of service of primary DNS servers via a large UPDATE message.
CVE-2016-2775 (bsc#989528):
When lwresd or the named lwres option were enabled, bind allowed remote attackers to cause a denial of service
(daemon crash) via a long request that uses the lightweight resolver protocol.
ImportantSUSE bug 1033466SUSE bug 1033467SUSE bug 1033468SUSE bug 987866SUSE bug 989528CVE-2016-2775 at SUSECVE-2016-2775 at NVDCVE-2016-6170 at SUSECVE-2016-6170 at NVDCVE-2017-3136 at SUSECVE-2017-3136 at NVDCVE-2017-3137 at SUSECVE-2017-3137 at NVDCVE-2017-3138 at SUSECVE-2017-3138 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for bind (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bind fixes the following issues:
- A regression in the fix for CVE-2017-3137 caused an assert in name.c (bsc#1034162)
ImportantSUSE bug 1034162CVE-2017-3137 at SUSECVE-2017-3137 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for bind (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bind fixes the following issues:
- An attacker with the ability to send and receive messages to an authoritative
DNS server was able to circumvent TSIG authentication of AXFR requests. A
server that relied solely on TSIG keys for protection could be manipulated
into (1) providing an AXFR of a zone to an unauthorized recipient and (2)
accepting bogus Notify packets. [bsc#1046554, CVE-2017-3142]
- An attacker who with the ability to send and receive messages to an
authoritative DNS server and who had knowledge of a valid TSIG key name for
the zone and service being targeted was able to manipulate BIND into
accepting an unauthorized dynamic update. [bsc#1046555, CVE-2017-3143]
ImportantSUSE bug 1046554SUSE bug 1046555CVE-2017-3142 at SUSECVE-2017-3142 at NVDCVE-2017-3143 at SUSECVE-2017-3143 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for bind (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bind fixes several issues.
This security issue was fixed:
- CVE-2017-3145: Improper sequencing during cleanup could have lead to a
use-after-free error that triggered an assertion failure and crash in named
(bsc#1076118).
These non-security issues were fixed:
- Updated named.root file (bsc#1040039)
- Update bind.keys for DNSSEC root KSK rollover (bsc#1047184)
ImportantSUSE bug 1040039SUSE bug 1047184SUSE bug 1076118CVE-2017-3145 at SUSECVE-2017-3145 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for bind (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bind fixes the following issues:
Security issues fixed:
- CVE-2018-5740: Fixed a denial of service vulnerability in the 'deny-answer-aliases' feature (bsc#1104129).
- CVE-2018-5743: Limiting simultaneous TCP clients is ineffective. (bsc#1133185)
- CVE-2018-5745: An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keys. (bsc#1126068)
- CVE-2019-6465: Fixed an issue where controls for zone transfers may not be properly applied to Dynamically Loadable Zones (bsc#1126069).
ImportantSUSE bug 1104129SUSE bug 1126068SUSE bug 1126069SUSE bug 1133185CVE-2018-5740 at SUSECVE-2018-5740 at NVDCVE-2018-5743 at SUSECVE-2018-5743 at NVDCVE-2018-5745 at SUSECVE-2018-5745 at NVDCVE-2019-6465 at SUSECVE-2019-6465 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for bind (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bind fixes the following issues:
- CVE-2020-8616: Fixed the insufficient limit on the number of fetches performed when processing referrals (bsc#1171740).
- CVE-2020-8617: Fixed a logic error in code which checks TSIG validity (bsc#1171740).
- CVE-2018-5741: Fixed the documentation (bsc#1109160).
- Removed rndc.key generation from bind.spec file (bsc#1092283, bsc#1033843)
bind should create the key on first boot or if it went missing.
ImportantSUSE bug 1033843SUSE bug 1092283SUSE bug 1109160SUSE bug 1171740SUSE bug 1172220SUSE bug 1172680CVE-2018-5741 at SUSECVE-2018-5741 at NVDCVE-2020-8616 at SUSECVE-2020-8616 at NVDCVE-2020-8617 at SUSECVE-2020-8617 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for bind (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bind fixes the following issues:
- CVE-2020-8625: A vulnerability in BIND's GSSAPI security policy
negotiation can be targeted by a buffer overflow attack [bsc#1182246, CVE-2020-8625]
ImportantSUSE bug 1182246CVE-2020-8625 at SUSECVE-2020-8625 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for bind (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bind fixes the following issues:
- CVE-2021-25214: Fixed a broken inbound incremental zone update (IXFR) which could have caused named to terminate unexpectedly (bsc#1185345).
- CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records that required the DNAME to be processed to resolve itself (bsc#1185345).
- CVE-2021-25216: Fixed an issue where policy negotiation can be targeted by a buffer overflow attack (bsc#1185345).
ImportantSUSE bug 1185345CVE-2021-25214 at SUSECVE-2021-25214 at NVDCVE-2021-25215 at SUSECVE-2021-25215 at NVDCVE-2021-25216 at SUSECVE-2021-25216 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for bind (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bind fixes the following issues:
- CVE-2021-25219: Fixed lame cache that could have been abused to severely degrade resolver performance (bsc#1192146).
ImportantSUSE bug 1192146CVE-2021-25219 at SUSECVE-2021-25219 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for bind (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bind fixes the following issues:
- CVE-2021-25220: Fixed potentially incorrect answers by cached forwarders (bsc#1197135).
ModerateSUSE bug 1197135CVE-2021-25220 at SUSECVE-2021-25220 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for bind (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bind fixes the following issues:
- CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations (bsc#1203614).
- CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA algorithm (bsc#1203619).
ImportantSUSE bug 1203614SUSE bug 1203619CVE-2022-2795 at SUSECVE-2022-2795 at NVDCVE-2022-38177 at SUSECVE-2022-38177 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for binutilsSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
binutils has been updated to fix eight security issues:
* Lack of range checking leading to controlled write in
_bfd_elf_setup_sections() (CVE-2014-8485).
* Invalid read flaw in libbfd (CVE-2014-8484).
* Write to uninitialized memory in the PE parser (CVE-2014-8501).
* Crash in the PE parser (CVE-2014-8502).
* Segfault in the ihex parser when it encounters a malformed ihex file
(CVE-2014-8503).
* Stack buffer overflow in srec_scan (CVE-2014-8504).
* Out-of-bounds memory write while processing a crafted 'ar' archive
(CVE-2014-8738).
* Directory traversal vulnerability allowing random file
deletion/creation (CVE-2014-8737).
Security Issues:
* CVE-2014-8501
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8501>
* CVE-2014-8502
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8502>
* CVE-2014-8503
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8503>
* CVE-2014-8504
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8504>
* CVE-2014-8485
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8485>
* CVE-2014-8738
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8738>
* CVE-2014-8484
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8484>
* CVE-2014-8737
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8737>
SUSE bug 902676SUSE bug 902677SUSE bug 903655SUSE bug 905735SUSE bug 905736CVE-2014-8484 at SUSECVE-2014-8484 at NVDCVE-2014-8485 at SUSECVE-2014-8485 at NVDCVE-2014-8501 at SUSECVE-2014-8501 at NVDCVE-2014-8502 at SUSECVE-2014-8502 at NVDCVE-2014-8503 at SUSECVE-2014-8503 at NVDCVE-2014-8504 at SUSECVE-2014-8504 at NVDCVE-2014-8737 at SUSECVE-2014-8737 at NVDCVE-2014-8738 at SUSECVE-2014-8738 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Recommended update for binutilsSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
binutils has been updated to version 2.24, from SLE 11-SP4:
* Update to SLE 11-SP4 version of binutils (2.24 based). (bsc#921737)
* Fix for several CVEs found when feeding fuzzed binary files into
various binutils programs like strings, objdump or readelf. [bnc
#902676, #902677, #903655, #905735, #905736] [CVE-2014-8485,
CVE-2014-8484, CVE-2014-8501, CVE-2014-8502, CVE-2014-8503,
CVE-2014-8504, CVE-2014-8738, CVE-2014-8737] [PR17510, PR17512,
PR17521, PR17531, PR17533, PR17552, PR17597, PR17605]
SUSE bug 921737CVE-2014-8484 at SUSECVE-2014-8484 at NVDCVE-2014-8485 at SUSECVE-2014-8485 at NVDCVE-2014-8501 at SUSECVE-2014-8501 at NVDCVE-2014-8502 at SUSECVE-2014-8502 at NVDCVE-2014-8503 at SUSECVE-2014-8503 at NVDCVE-2014-8504 at SUSECVE-2014-8504 at NVDCVE-2014-8737 at SUSECVE-2014-8737 at NVDCVE-2014-8738 at SUSECVE-2014-8738 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for bluez (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bluez fixes the following issues:
Security issue fixed:
- CVE-2017-1000250: Fixed Out-of-bounds heap read in service_search_attr_req check if there is enough data to continue otherwise return an error (bsc#1057342).
ModerateSUSE bug 1057342CVE-2017-1000250 at SUSECVE-2017-1000250 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for bluez (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bluez fixes the following issues:
- CVE-2019-8922: Fixed a buffer overflow in the implementation of the
Service Discovery Protocol (bsc#1193227).
ImportantSUSE bug 1193227CVE-2019-8922 at SUSECVE-2019-8922 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for bluez (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bluez fixes the following issues:
- CVE-2019-8921: Fixed heap-based buffer overflow via crafted request (bsc#1193237).
ImportantSUSE bug 1193237CVE-2019-8921 at SUSECVE-2019-8921 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for bluez (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bluez fixes the following issues:
- CVE-2022-39176: Fixed a memory safety issue that could allow
physically proximate attackers to obtain sensitive information
(bsc#1203121).
- CVE-2022-39177: Fixed a memory safety issue that could allow
physically proximate attackers to cause a denial of service
(bsc#1203120).
ImportantSUSE bug 1203120SUSE bug 1203121CVE-2022-39176 at SUSECVE-2022-39176 at NVDCVE-2022-39177 at SUSECVE-2022-39177 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for bluez (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bluez fixes the following issues:
- Fixed %{_sysconfdir}/udev/rules.d/* not being config, which was introduced by the fix for CVE-2022-39176 (bsc#1203121).
ImportantSUSE bug 1203121CVE-2022-39176 at SUSECVE-2022-39176 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for bsdtar (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
bsdtar was updated to fix seven security issues.
These security issues were fixed:
- CVE-2015-8929: Memory leak in tar parser (bsc#985669).
- CVE-2016-4809: Memory allocate error with symbolic links in cpio archives (bsc#984990).
- CVE-2015-8920: Stack out of bounds read in ar parser (bsc#985675).
- CVE-2015-8921: Global out of bounds read in mtree parser (bsc#985682).
- CVE-2015-8924: Heap buffer read overflow in tar (bsc#985609).
- CVE-2015-8918: Overlapping memcpy in CAB parser (bsc#985698).
- CVE-2015-2304: Reject absolute paths in input mode of bsdcpio exactly when '..' is rejected (bsc#920870).
ImportantSUSE bug 920870SUSE bug 984990SUSE bug 985609SUSE bug 985669SUSE bug 985675SUSE bug 985682SUSE bug 985698CVE-2015-2304 at SUSECVE-2015-2304 at NVDCVE-2015-8918 at SUSECVE-2015-8918 at NVDCVE-2015-8920 at SUSECVE-2015-8920 at NVDCVE-2015-8921 at SUSECVE-2015-8921 at NVDCVE-2015-8924 at SUSECVE-2015-8924 at NVDCVE-2015-8929 at SUSECVE-2015-8929 at NVDCVE-2016-4809 at SUSECVE-2016-4809 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for bsdtar (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bsdtar fixes the following issues:
- CVE-2015-8915: Fixed an invalid read which could have allowed
remote attackers to cause a denial of service (bsc#985601).
- CVE-2015-8925: Fixed an invalid read which could have allowed
remote attackers to cause a denial of service (bsc#985706).
- CVE-2017-14503: Fixed an out of bounds read within lha_read_data_none()
in archive_read_support_format_lha.c (bsc#1059139).
- CVE-2016-8687: Fixed a buffer overflow when printing a filename (bsc#1005070).
ModerateSUSE bug 1005070SUSE bug 1059139SUSE bug 985601SUSE bug 985706CVE-2015-8915 at SUSECVE-2015-8915 at NVDCVE-2015-8925 at SUSECVE-2015-8925 at NVDCVE-2016-8687 at SUSECVE-2016-8687 at NVDCVE-2017-14503 at SUSECVE-2017-14503 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for mono-coreSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update adds handling of SHA256 hashes to parts of the X509 Certificate
classes in the C# implementation of Mono (bnc#871362) and improves handling
of non-existing certificate revocation lists (bnc#810747, bnc#606002).
SUSE bug 606002SUSE bug 810747SUSE bug 871362SUSE bug 921312CVE-2015-2318 at SUSECVE-2015-2318 at NVDCVE-2015-2319 at SUSECVE-2015-2319 at NVDCVE-2015-2320 at SUSECVE-2015-2320 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for bzip2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bzip2 fixes the following issues:
Security issue fixed:
- CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors (bsc#1139083).
- CVE-2016-3189: Fixed a use-after-free in bzip2recover (bsc#985657).
ImportantSUSE bug 1139083SUSE bug 985657CVE-2016-3189 at SUSECVE-2016-3189 at NVDCVE-2019-12900 at SUSECVE-2019-12900 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for bzip2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for bzip2 fixes the following issues:
- Fixed a regression with the fix for CVE-2019-12900, which caused incompatibilities
with files that used many selectors (bsc#1139083).
ImportantSUSE bug 1139083CVE-2019-12900 at SUSECVE-2019-12900 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cairo (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cairo fixes the following issues:
- CVE-2016-9082: Fixed a segfault when using >4GB images since int values were used
for pointer operations (bsc#1007255).
- CVE-2017-9814: Replace malloc with _cairo_malloc and check cmap size before
allocating to prevent DoS (bsc#1049092).
- CVE-2017-7475: Fix a segfault in get_bitmap_surface due to malformed font (bsc#1036789).
ModerateSUSE bug 1007255SUSE bug 1036789SUSE bug 1049092CVE-2016-9082 at SUSECVE-2016-9082 at NVDCVE-2017-7475 at SUSECVE-2017-7475 at NVDCVE-2017-9814 at SUSECVE-2017-9814 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cairo (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cairo fixes the following issues:
- CVE-2019-6462: Fixed a potentially infinite loop (bsc#1122321).
LowSUSE bug 1122321CVE-2019-6462 at SUSECVE-2019-6462 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for SambaSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for Samba provides the following fixes:
* Disable TDB mmap() on s390 systems. (bso#10765, bnc#886193,
bnc#882356)
* Reduce printer_list.tdb lock contention during printcap update.
(bso#10652, bnc#883870)
* Avoid double-free in get_print_db_byname. (bso#10699)
SUSE bug 726937SUSE bug 765270SUSE bug 786677SUSE bug 806501SUSE bug 817880SUSE bug 820531SUSE bug 829969SUSE bug 838472SUSE bug 844307SUSE bug 844720SUSE bug 847009SUSE bug 848101SUSE bug 849224SUSE bug 849226SUSE bug 853021SUSE bug 853347SUSE bug 854520SUSE bug 863748SUSE bug 865561SUSE bug 872396SUSE bug 879390SUSE bug 880962SUSE bug 882356SUSE bug 883758SUSE bug 883870SUSE bug 886193CVE-2012-6150 at SUSECVE-2012-6150 at NVDCVE-2013-4124 at SUSECVE-2013-4124 at NVDCVE-2013-4408 at SUSECVE-2013-4408 at NVDCVE-2013-4475 at SUSECVE-2013-4475 at NVDCVE-2013-4496 at SUSECVE-2013-4496 at NVDCVE-2014-0178 at SUSECVE-2014-0178 at NVDCVE-2014-0244 at SUSECVE-2014-0244 at NVDCVE-2014-3493 at SUSECVE-2014-3493 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for cifs-utils (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cifs-utils fixes the following issues:
Security issue fixed:
- CVE-2014-2830: Fixed pam module pam_cifscreds stack overflow (bsc#870168).
ImportantSUSE bug 870168CVE-2014-2830 at SUSECVE-2014-2830 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cifs-utils (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cifs-utils fixes the following issues:
- CVE-2022-27239: Fixed a buffer overflow in the command line ip option (bsc#1197216).
ImportantSUSE bug 1197216CVE-2022-27239 at SUSECVE-2022-27239 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cifs-utils (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cifs-utils fixes the following issues:
- CVE-2022-29869: Fixed verbose messages on option parsing (bsc#1198976).
ModerateSUSE bug 1198976CVE-2022-29869 at SUSECVE-2022-29869 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for clamavSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The antivirus scanner ClamAV has been updated to version 0.98.3, which
includes the following fixes and enhancements:
* Support for common raw disk image formats using 512 byte sectors,
specifically GPT, APM, and MBR partitioning.
* All ClamAV sockets (clamd, freshclam, clamav-milter, clamdscan,
clamdtop) now support IPV6 addresses and configuration parameters.
* Use OpenSSL file hash functions for improved performance.
* Improved detection of malware scripts within image files.
* Miscellaneous bug fixes and documentation improvements.
SUSE bug 816865SUSE bug 841815SUSE bug 865883SUSE bug 877475SUSE bug 903489SUSE bug 903719SUSE bug 904207SUSE bug 906077SUSE bug 906770SUSE bug 915512SUSE bug 916214SUSE bug 916215SUSE bug 916217SUSE bug 929192CVE-2013-2020 at SUSECVE-2013-2020 at NVDCVE-2013-2021 at SUSECVE-2013-2021 at NVDCVE-2013-6497 at SUSECVE-2013-6497 at NVDCVE-2014-9050 at SUSECVE-2014-9050 at NVDCVE-2014-9328 at SUSECVE-2014-9328 at NVDCVE-2015-1461 at SUSECVE-2015-1461 at NVDCVE-2015-1462 at SUSECVE-2015-1462 at NVDCVE-2015-1463 at SUSECVE-2015-1463 at NVDCVE-2015-2170 at SUSECVE-2015-2170 at NVDCVE-2015-2221 at SUSECVE-2015-2221 at NVDCVE-2015-2222 at SUSECVE-2015-2222 at NVDCVE-2015-2305 at SUSECVE-2015-2305 at NVDCVE-2015-2668 at SUSECVE-2015-2668 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for clamav fixes the following issues:
Security issue fixed:
- CVE-2012-6706: Fixed an arbitrary memory write in VMSF_DELTA filter in libclamunrar (bsc#1045490)
Non security issue fixed:
- Fix permissions of /var/spool/amavis. (bsc#815106)
ImportantSUSE bug 1045490SUSE bug 815106CVE-2012-6706 at SUSECVE-2012-6706 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for clamav fixes the following issues:
- Update to security release 0.99.3 (bsc#1077732)
* CVE-2017-12376 (ClamAV Buffer Overflow in handle_pdfname Vulnerability)
* CVE-2017-12377 (ClamAV Mew Packet Heap Overflow Vulnerability)
* CVE-2017-12379 (ClamAV Buffer Overflow in messageAddArgument Vulnerability)
- these vulnerabilities could have allowed an unauthenticated,
remote attacker to cause a denial of service (DoS) condition
or potentially execute arbitrary code on an affected device.
* CVE-2017-12374 (ClamAV use-after-free Vulnerabilities)
* CVE-2017-12375 (ClamAV Buffer Overflow Vulnerability)
* CVE-2017-12378 (ClamAV Buffer Over Read Vulnerability)
* CVE-2017-12380 (ClamAV Null Dereference Vulnerability)
- these vulnerabilities could have allowed an unauthenticated,
remote attacker to cause a denial of service (DoS) condition on an affected device.
* CVE-2017-6420 (bsc#1052448)
- this vulnerability could have allowed remote attackers to cause a denial of service
(use-after-free) via a crafted PE file with WWPack compression.
* CVE-2017-6419 (bsc#1052449)
- ClamAV could have allowed remote attackers to cause a denial of service
(heap-based buffer overflow and application crash) or possibly
have unspecified other impact via a crafted CHM file.
* CVE-2017-11423 (bsc#1049423)
- ClamAV could have allowed remote attackers to cause a denial of service
(stack-based buffer over-read and application crash) via a crafted CAB file.
* CVE-2017-6418 (bsc#1052466)
- ClamAV could have allowed remote attackers to cause a denial
of service (out-of-bounds read) via a crafted e-mail message.
ImportantSUSE bug 1049423SUSE bug 1052448SUSE bug 1052449SUSE bug 1052466SUSE bug 1077732CVE-2017-11423 at SUSECVE-2017-11423 at NVDCVE-2017-12374 at SUSECVE-2017-12374 at NVDCVE-2017-12375 at SUSECVE-2017-12375 at NVDCVE-2017-12376 at SUSECVE-2017-12376 at NVDCVE-2017-12377 at SUSECVE-2017-12377 at NVDCVE-2017-12378 at SUSECVE-2017-12378 at NVDCVE-2017-12379 at SUSECVE-2017-12379 at NVDCVE-2017-12380 at SUSECVE-2017-12380 at NVDCVE-2017-6418 at SUSECVE-2017-6418 at NVDCVE-2017-6419 at SUSECVE-2017-6419 at NVDCVE-2017-6420 at SUSECVE-2017-6420 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for clamav fixes the following issues:
Security issues fixed:
- CVE-2012-6706: VMSF_DELTA filter inside the unrar implementation allows an arbitrary memory write (bsc#1045315).
- CVE-2017-6419: A heap-based buffer overflow that can lead to a denial of service in libmspack via a crafted CHM file (bsc#1052449).
- CVE-2017-11423: A stack-based buffer over-read that can lead to a denial of service in mspack via a crafted CAB file (bsc#1049423).
- CVE-2018-1000085: An out-of-bounds heap read vulnerability was found in XAR parser that can lead to a denial of service (bsc#1082858).
- CVE-2018-0202: Fixed two vulnerabilities in the PDF parsing code (bsc#1083915).
ImportantSUSE bug 1045315SUSE bug 1049423SUSE bug 1052449SUSE bug 1082858SUSE bug 1083915CVE-2012-6706 at SUSECVE-2012-6706 at NVDCVE-2017-11423 at SUSECVE-2017-11423 at NVDCVE-2017-6419 at SUSECVE-2017-6419 at NVDCVE-2018-0202 at SUSECVE-2018-0202 at NVDCVE-2018-1000085 at SUSECVE-2018-1000085 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for clamav (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for clamav to version 0.100.1 fixes the following issues:
The following security vulnerabilities were addressed:
- CVE-2018-0360: HWP integer overflow, infinite loop vulnerability
(bsc#1101410)
- CVE-2018-0361: PDF object length check, unreasonably long time to parse
relatively small file (bsc#1101412)
- Buffer over-read in unRAR code due to missing max value checks in table
initialization
- Libmspack heap buffer over-read in CHM parser (bsc#1103040)
- PDF parser bugs
The following other changes were made:
- Disable YARA support for licensing reasons (bsc#1101654).
- Add HTTPS support for clamsubmit
- Fix for DNS resolution for users on IPv4-only machines where IPv6 is not
available or is link-local only
ModerateSUSE bug 1101410SUSE bug 1101412SUSE bug 1101654SUSE bug 1103040CVE-2018-0360 at SUSECVE-2018-0360 at NVDCVE-2018-0361 at SUSECVE-2018-0361 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for clamav (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for clamav fixes the following issues:
Clamav was updated to version 0.100.2:
- CVE-2018-15378: Vulnerability in ClamAV's MEW
unpacking feature that could allow an unauthenticated, remote
attacker to cause a denial of service (DoS) condition on an
affected device. (bsc#1110723)
- CVE-2018-14680, CVE-2018-14681, CVE-2018-14682:
more fixes for embedded libmspack. (bsc#1103040)
* Make freshclam more robust against lagging signature mirrors.
* On-Access 'Extra Scanning', an opt-in minor feature of
OnAccess scanning on Linux systems, has been disabled due to a
known issue with resource cleanup OnAccessExtraScanning will
be re-enabled in a future release when the issue is
resolved. In the mean-time, users who enabled the feature in
clamd.conf will see a warning informing them that the feature
is not active. For details, see:
https://bugzilla.clamav.net/show_bug.cgi?id=12048
- Restore exit code compatibility of freshclam with versions before
0.100.0 when the virus database is already up to date
(bsc#1104457).
ModerateSUSE bug 1103040SUSE bug 1104457SUSE bug 1110723CVE-2018-14680 at SUSECVE-2018-14680 at NVDCVE-2018-14681 at SUSECVE-2018-14681 at NVDCVE-2018-14682 at SUSECVE-2018-14682 at NVDCVE-2018-15378 at SUSECVE-2018-15378 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for clamav to version 0.100.3 fixes the following issues:
Security issues fixed (bsc#1130721):
- CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur
when scanning PDF documents.
- CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur
when scanning PE files (i.e. Windows EXE and DLL files).
- CVE-2019-1788: Fixed an out-of-bounds heap write condition which may occur
when scanning OLE2 files such as Microsoft Office 97-2003 documents.
ImportantSUSE bug 1130721CVE-2019-1787 at SUSECVE-2019-1787 at NVDCVE-2019-1788 at SUSECVE-2019-1788 at NVDCVE-2019-1789 at SUSECVE-2019-1789 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for clamav (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for clamav fixes the following issues:
Security issues fixed:
- CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files (bsc#1144504).
- CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors (bsc#1149458).
Non-security issue fixed:
- Added the --max-scantime clamscan option and MaxScanTime clamd configuration option.
ModerateSUSE bug 1144504SUSE bug 1149458CVE-2019-12625 at SUSECVE-2019-12625 at NVDCVE-2019-12900 at SUSECVE-2019-12900 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for clamav fixes the following issues:
- CVE-2019-15961: Fixed a denial of service which might occur when
scanning a specially crafted email file as (bsc#1157763).
ImportantSUSE bug 1157763CVE-2019-15961 at SUSECVE-2019-15961 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for clamav (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for clamav fixes the following issues:
- Update to 0.103.0 to implement jsc#ECO-3010 and bsc#1118459
- This update incorporates incompatible changes that were introduced
in version 0.101.0.
- Accumulated security fixes:
* CVE-2020-3350: Fix a vulnerability wherein a malicious user could
replace a scan target's directory with a symlink to another path
to trick clamscan, clamdscan, or clamonacc into removing or moving
a different file (eg. a critical system file). The issue would
affect users that use the --move or --remove options for clamscan,
clamdscan, and clamonacc. (bsc#1174255)
* CVE-2020-3327: Fix a vulnerability in the ARJ archive parsing
module in ClamAV 0.102.3 that could cause a Denial-of-Service
(DoS) condition. Improper bounds checking results in an
out-of-bounds read which could cause a crash. The previous fix for
this CVE in 0.102.3 was incomplete. This fix correctly resolves
the issue.
* CVE-2020-3481: Fix a vulnerability in the EGG archive module in
ClamAV 0.102.0 - 0.102.3 could cause a Denial-of-Service (DoS)
condition. Improper error handling may result in a crash due to a
NULL pointer dereference. This vulnerability is mitigated for
those using the official ClamAV signature databases because the
file type signatures in daily.cvd will not enable the EGG archive
parser in versions affected by the vulnerability. (bsc#1174250)
* CVE-2020-3341: Fix a vulnerability in the PDF parsing module in
ClamAV 0.101 - 0.102.2 that could cause a Denial-of-Service (DoS)
condition. Improper size checking of a buffer used to initialize AES
decryption routines results in an out-of-bounds read which may cause
a crash. (bsc#1171981)
* CVE-2020-3123: A denial-of-service (DoS) condition may occur when
using the optional credit card data-loss-prevention (DLP) feature.
Improper bounds checking of an unsigned variable resulted in an
out-of-bounds read, which causes a crash.
ModerateSUSE bug 1118459SUSE bug 1171981SUSE bug 1174250SUSE bug 1174255CVE-2020-3123 at SUSECVE-2020-3123 at NVDCVE-2020-3327 at SUSECVE-2020-3327 at NVDCVE-2020-3341 at SUSECVE-2020-3341 at NVDCVE-2020-3350 at SUSECVE-2020-3350 at NVDCVE-2020-3481 at SUSECVE-2020-3481 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for clamav fixes the following issues:
- CVE-2021-1252: Fix for Excel XLM parser infinite loop. (bsc#1184532)
- CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. (bsc#1184533)
- CVE-2021-1405: Fix for mail parser NULL-dereference crash. (bsc#1184534)
- Fix errors when scanning files > 4G (bsc#1181256)
- Update clamav.keyring
- Update to 0.103.2
ImportantSUSE bug 1181256SUSE bug 1184532SUSE bug 1184533SUSE bug 1184534CVE-2021-1252 at SUSECVE-2021-1252 at NVDCVE-2021-1404 at SUSECVE-2021-1404 at NVDCVE-2021-1405 at SUSECVE-2021-1405 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for clamav (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for clamav fixes the following issues:
- CVE-2018-14679: Fixed off-by-one issue in embedded libmspack that could lead to denial of service (bsc#1103032).
- Update to 0.103.4 (bsc#1192346).
- Add documentation about max file size purpose and side effect in the 'clamscan' and 'clamdscan' manpages (bsc#1187509).
- Update to 0.103.3 (bsc#1188284).
ModerateSUSE bug 1103032SUSE bug 1187509SUSE bug 1188284SUSE bug 1192346CVE-2018-14679 at SUSECVE-2018-14679 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for clamav fixes the following issues:
- CVE-2022-20698: Fixed invalid pointer read allowing denial of service crash. (bsc#1194731)
ImportantSUSE bug 1194731CVE-2022-20698 at SUSECVE-2022-20698 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for clamav fixes the following issues:
- CVE-2022-20770: Fixed a possible infinite loop vulnerability in the CHM file parser (bsc#1199242).
- CVE-2022-20796: Fixed a possible NULL-pointer dereference crash in the scan verdict cache check (bsc#1199246).
- CVE-2022-20771: Fixed a possible infinite loop vulnerability in the TIFF file parser (bsc#1199244).
- CVE-2022-20785: Fixed a possible memory leak in the HTML file parser / Javascript normalizer (bsc#1199245).
- CVE-2022-20792: Fixed a possible multi-byte heap buffer overflow write vulnerability in the signature database load module (bsc#1199274).
ImportantSUSE bug 1199242SUSE bug 1199244SUSE bug 1199245SUSE bug 1199246SUSE bug 1199274CVE-2022-20770 at SUSECVE-2022-20770 at NVDCVE-2022-20771 at SUSECVE-2022-20771 at NVDCVE-2022-20785 at SUSECVE-2022-20785 at NVDCVE-2022-20792 at SUSECVE-2022-20792 at NVDCVE-2022-20796 at SUSECVE-2022-20796 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for clamav fixes the following issues:
clamav was updated to 0.103.7 (bsc#1202986)
* Upgrade the vendored UnRAR library to version 6.1.7.
* Fix logical signature 'Intermediates' feature.
* Relax constraints on slightly malformed zip archives that
contain overlapping file entries.
ImportantSUSE bug 1202986cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for clamav (Critical)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for clamav fixes the following issues:
- CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser (bsc#1208363).
- CVE-2023-20052: Fixed a possible remote information leak vulnerability in the DMG file parser (bsc#1208365).
CriticalSUSE bug 1208363SUSE bug 1208365CVE-2023-20032 at SUSECVE-2023-20032 at NVDCVE-2023-20052 at SUSECVE-2023-20052 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended udpate for SUSE Manager Client Tools (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for SUSE Manager Client Tools provides the following fixes and enhancements:
rhnlib:
- Use TLSv1_METHOD in SSL Context (bsc#970989)
suseRegisterInfo:
- Fix file permissions (bsc#970550)
LowSUSE bug 970550SUSE bug 970989cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cloud-init (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cloud-init fixes the following issues:
cloud-init was updated to version 19.4.
Security issues fixed:
- CVE-2020-8631: Replaced the theoretically predictable deterministic RNG with the system RNG (bsc#1162937).
- CVE-2020-8632: Increased the default random password length from 9 to 20 (bsc#1162936).
Non-security issues fixed:
- Entries in the routes definition have changed causing a traceback during rout config file writing. This patch update addresses the issue by extracting the new entries properly (bsc#1163178).
- Do not attempt to configure an ephemeral network on OCI. We boot off iSCSI and the network is up. Just read the data (bsc#1161132, bsc#1161133).
- Support a mix of DHCP and static on a single interface (bsc#1157894).
ModerateSUSE bug 1099358SUSE bug 1125950SUSE bug 1125992SUSE bug 1126101SUSE bug 1129124SUSE bug 1132692SUSE bug 1136440SUSE bug 1141969SUSE bug 1142988SUSE bug 1144363SUSE bug 1144881SUSE bug 1151488SUSE bug 1154092SUSE bug 1155376SUSE bug 1156139SUSE bug 1157894SUSE bug 1161132SUSE bug 1161133SUSE bug 1162936SUSE bug 1162937SUSE bug 1163178CVE-2019-0816 at SUSECVE-2019-0816 at NVDCVE-2020-8631 at SUSECVE-2020-8631 at NVDCVE-2020-8632 at SUSECVE-2020-8632 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cloud-init (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cloud-init fixes the following issues:
- CVE-2021-3429: Fixed an issue where randomly generated passwords
would be logged in clear-text to a world-readable file (bsc#1184758).
ModerateSUSE bug 1184758CVE-2021-3429 at SUSECVE-2021-3429 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Optional OpenSSL 1.0 versions of cyrus-sasl, libcurl4 and libldapSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update includes variants of existing libraries built against OpenSSL
1.0.
As OpenSSL 0.8.9j and OpenSSL 1.0.1 are not binary compatible, but have the
same function names, care must be taken that they are not loaded by the
same program.
As some system libraries also link against libssl.so or libcrypto.so, these
need to be available in variants linked against OpenSSL 1.0. These
libraries are installed below the /opt/suse/ directory hierarchy.
The version and the APIs of these 'shadow' libraries are exactly the same
as the versions in the system, and so are interchangeable.
For building your OpenSSL 1.0 enabled program, link using the linkflags
-L/opt/suse/lib64 -Wl, -rpath, /opt/suse/lib64 (on 32bit systems, use lib
instead of lib64).
This update provides variants for the OpenLDAP2 client, libcurl4 and
cyrus-sasl libraries.
Additionally, two bugs have been fixed in openldap2 regarding IPv6 support:
* tls_checkpeer does not work with IPv6 address as Subject Alternative
Name. (bnc#862623)
* getaddrinfo does not return if ldap is used for host lookups on IPv6
environments. (bnc#843697)
SUSE bug 843697SUSE bug 861014SUSE bug 862623SUSE bug 864912SUSE bug 868627SUSE bug 868629SUSE bug 870444CVE-2014-0138 at SUSECVE-2014-0138 at NVDCVE-2014-0139 at SUSECVE-2014-0139 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Recommended update for coreutilsSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for coreutils provides the following fixes and enhancements:
* cp(1) could read from freed memory and could even make corrupt
copies. This could happen with a very fragmented and sparse input
file, on file systems supporting filemap extent scanning.
(bnc#892862)
* Improve ls(1) efficiency on large directories by caching some system
call error codes (ENOTSUP for example) and not calling them again for
files in the same device. (bnc#886129)
SUSE bug 796243SUSE bug 798538SUSE bug 798541SUSE bug 886129SUSE bug 892862SUSE bug 911832SUSE bug 919809CVE-2013-0221 at SUSECVE-2013-0221 at NVDCVE-2013-0222 at SUSECVE-2013-0222 at NVDCVE-2013-0223 at SUSECVE-2013-0223 at NVDCVE-2014-9471 at SUSECVE-2014-9471 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for coreutils (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for coreutils fixes one issue.
This security issue was fixed:
- CVE-2017-2616: In su with PAM support it was possible for local users to send
SIGKILL to selected other processes with root privileges (bsc#1023041)
ImportantSUSE bug 1023041CVE-2017-2616 at SUSECVE-2017-2616 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for coreutils (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for coreutils fixes the following issues:
Security issues fixed:
- CVE-2015-4041, CVE-2015-4042: Fixed a buffer overflow related to case conversion (bsc#928749).
ModerateSUSE bug 928749CVE-2015-4041 at SUSECVE-2015-4041 at NVDCVE-2015-4042 at SUSECVE-2015-4042 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cpioSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This cpio update fixes the following security issue:
* bnc#907456: heap-based buffer overflow flaw in list_file()
(CVE-2014-9112)
Security Issues:
* CVE-2014-9112
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9112>
SUSE bug 907456CVE-2014-9112 at SUSECVE-2014-9112 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for cpio (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cpio fixes the following issues:
- CVE-2019-14866: Fixed an improper validation of the values written
in the header of a TAR file through the to_oct() function which could
have led to unexpected TAR generation (bsc#1155199).
- CVE-2016-2037: Fixed an out-of-bounds write in the way cpio parses
certain cpio files (bsc#963448).
ModerateSUSE bug 1155199SUSE bug 963448CVE-2016-2037 at SUSECVE-2016-2037 at NVDCVE-2019-14866 at SUSECVE-2019-14866 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cpio (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cpio fixes the following issues:
It was possible to trigger Remote code execution due to a integer overflow (CVE-2021-38185, bsc#1189206)
ImportantSUSE bug 1189206CVE-2021-38185 at SUSECVE-2021-38185 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cpio (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cpio fixes the following issues:
- A patch previously applied to remedy CVE-2021-38185 introduced a regression
that had the potential to cause a segmentation fault in cpio. [bsc#1189465]
ImportantSUSE bug 1189465CVE-2021-38185 at SUSECVE-2021-38185 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cracklib (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cracklib fixes a security issue and a bug:
Security issue fixed:
- Add patch to fix a stack buffer overflow in GECOS parser (bsc#992966 CVE-2016-6318)
The following non security issue was fixed:
- Call textdomain in cracklib-check main function so that program
output is translated accordingly. (bsc#928923)
ModerateSUSE bug 928923SUSE bug 992966CVE-2016-6318 at SUSECVE-2016-6318 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cron (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cron fixes the following issues:
Security issues fixed:
- CVE-2019-9704: Fixed an insufficient check in the return value of calloc which
could allow a local user to create Denial of Service by crashing the deamon (bsc#1128937).
- CVE-2019-9705: Fixed an implementation vulnerability which could allow a local user to
exhaust the memory resulting in Denial of Service (bsc#1128935).
Other issues addressed:
- Fixed an issue with SElinux where cron jobs were bocked when [permisive mode is selected (bsc#1046229).
- Removed a duplicate sprintf and made some monepage changes (bsc#932499).
LowSUSE bug 1046229SUSE bug 1128935SUSE bug 1128937SUSE bug 932499CVE-2019-9704 at SUSECVE-2019-9704 at NVDCVE-2019-9705 at SUSECVE-2019-9705 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ctags (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ctags fixes the following issues:
- CVE-2014-7204: Fixes a potential denial of service caused by an endless loop in javascript parser (bsc#899486).
ModerateSUSE bug 899486CVE-2014-7204 at SUSECVE-2014-7204 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ctags (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ctags fixes the following issues:
- CVE-2022-4515: Fixed a command injection issue via a tag file wih a
crafted filename (bsc#1206543).
ImportantSUSE bug 1206543CVE-2022-4515 at SUSECVE-2022-4515 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for CUPSSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes various issues in CUPS.
* CVE-2014-3537 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031: Various
insufficient symbolic link checking could have lead to privilege
escalation from the lp user to root.
Security Issues:
* CVE-2014-3537
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3537>
* CVE-2014-5029
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5029>
* CVE-2014-5030
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5030>
* CVE-2014-5031
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5031>
SUSE bug 789566SUSE bug 827109SUSE bug 887240SUSE bug 917799SUSE bug 924208CVE-2012-5519 at SUSECVE-2012-5519 at NVDCVE-2014-3537 at SUSECVE-2014-3537 at NVDCVE-2014-5029 at SUSECVE-2014-5029 at NVDCVE-2014-5030 at SUSECVE-2014-5030 at NVDCVE-2014-5031 at SUSECVE-2014-5031 at NVDCVE-2014-9679 at SUSECVE-2014-9679 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for cups (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cups fixes the following issues:
Security issues fixed:
- CVE-2018-4180: Fix local privilege escalation to root in dnssd backend (bsc#1096405).
- CVE-2018-4181: Limited local file reads as root via cupsd.conf include directive (bsc#1096406).
- CVE-2018-4182: Fix cups-exec sandbox bypass due to insecure error handling (bsc#1096407).
- CVE-2018-4183: Fix cups-exec sandbox bypass due to profile misconfiguration (bsc#1096408).
ModerateSUSE bug 1096405SUSE bug 1096406SUSE bug 1096407SUSE bug 1096408CVE-2018-4180 at SUSECVE-2018-4180 at NVDCVE-2018-4181 at SUSECVE-2018-4181 at NVDCVE-2018-4182 at SUSECVE-2018-4182 at NVDCVE-2018-4183 at SUSECVE-2018-4183 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cups (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cups fixes the following issues:
- CVE-2019-8675: Fixed a stack buffer overflow in libcups's asn1_get_type function(bsc#1146358).
- CVE-2019-8696: Fixed a stack buffer overflow in libcups's asn1_get_packed function (bsc#1146359).
- Fixed a double free which was triggered by Java application (bsc#959478).
ImportantSUSE bug 1146358SUSE bug 1146359SUSE bug 959478CVE-2019-8675 at SUSECVE-2019-8675 at NVDCVE-2019-8696 at SUSECVE-2019-8696 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cups (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cups fixes the following issues:
- CVE-2020-3898: Fixed heap buffer overflow in libcups ppdFindOption() function (bsc#1168422).
ImportantSUSE bug 1168422CVE-2020-3898 at SUSECVE-2020-3898 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cups (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cups fixes the following issues:
- CVE-2020-10001: Fixed an out-of-bounds read in the ippReadIO function (bsc#1180520).
ModerateSUSE bug 1180520CVE-2020-10001 at SUSECVE-2020-10001 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cups (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cups fixes the following issues:
- CVE-2021-25317: ownership of /var/log/cups could allow privilege escalation from lp user to root via symlink attacks (bsc#1184161)
ImportantSUSE bug 1184161CVE-2021-25317 at SUSECVE-2021-25317 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curlSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This curl update fixes the following security issues:
* bnc#868627: wrong re-use of connections (CVE-2014-0138).
* bnc#868629: IP address wildcard certificate validation
(CVE-2014-0139).
* bnc#870444: --insecure option inappropriately enforcing security
safeguard.
Security Issue references:
* CVE-2014-0138
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138>
* CVE-2014-0139
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139>
SUSE bug 824517SUSE bug 849596SUSE bug 858673SUSE bug 868627SUSE bug 868629SUSE bug 870444SUSE bug 927174SUSE bug 927556SUSE bug 927746SUSE bug 928533CVE-2013-2174 at SUSECVE-2013-2174 at NVDCVE-2013-4545 at SUSECVE-2013-4545 at NVDCVE-2014-0015 at SUSECVE-2014-0015 at NVDCVE-2014-0138 at SUSECVE-2014-0138 at NVDCVE-2014-0139 at SUSECVE-2014-0139 at NVDCVE-2015-3143 at SUSECVE-2015-3143 at NVDCVE-2015-3148 at SUSECVE-2015-3148 at NVDCVE-2015-3153 at SUSECVE-2015-3153 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for curl fixes the following issues:
- CVE-2016-0755: libcurl would reuse NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer (bsc#962983)
The following non-security bugs were fixed:
- bsc#926511: Check for errors on the control connection during FTP transfers
The following tracked bugs only affect the test suite:
- bsc#962996: Expired cookie in test 46 caused test failures
ModerateSUSE bug 926511SUSE bug 962983SUSE bug 962996CVE-2016-0755 at SUSECVE-2016-0755 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2016-5419: TLS session resumption client cert bypass (bsc#991389)
- CVE-2016-5420: Re-using connections with wrong client cert (bsc#991390)
- CVE-2016-7141: Fixed incorrect reuse of client certificates (bsc#997420).
ModerateSUSE bug 991389SUSE bug 991390SUSE bug 997420CVE-2016-5419 at SUSECVE-2016-5419 at NVDCVE-2016-5420 at SUSECVE-2016-5420 at NVDCVE-2016-7141 at SUSECVE-2016-7141 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for curl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following security issues:
- CVE-2016-8624: invalid URL parsing with '#' (bsc#1005646)
- CVE-2016-8623: Use-after-free via shared cookies (bsc#1005645)
- CVE-2016-8621: curl_getdate read out of bounds (bsc#1005642)
- CVE-2016-8619: double-free in krb5 code (bsc#1005638)
- CVE-2016-8618: double-free in curl_maprintf (bsc#1005637)
- CVE-2016-8617: OOB write via unchecked multiplication (bsc#1005635)
- CVE-2016-8616: case insensitive password comparison (bsc#1005634)
- CVE-2016-8615: cookie injection for other servers (bsc#1005633)
- CVE-2016-7167: escape and unescape integer overflows (bsc#998760)
ImportantSUSE bug 1005633SUSE bug 1005634SUSE bug 1005635SUSE bug 1005637SUSE bug 1005638SUSE bug 1005642SUSE bug 1005645SUSE bug 1005646SUSE bug 998760CVE-2016-7167 at SUSECVE-2016-7167 at NVDCVE-2016-8615 at SUSECVE-2016-8615 at NVDCVE-2016-8616 at SUSECVE-2016-8616 at NVDCVE-2016-8617 at SUSECVE-2016-8617 at NVDCVE-2016-8618 at SUSECVE-2016-8618 at NVDCVE-2016-8619 at SUSECVE-2016-8619 at NVDCVE-2016-8620 at SUSECVE-2016-8620 at NVDCVE-2016-8621 at SUSECVE-2016-8621 at NVDCVE-2016-8622 at SUSECVE-2016-8622 at NVDCVE-2016-8623 at SUSECVE-2016-8623 at NVDCVE-2016-8624 at SUSECVE-2016-8624 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
These security issues were fixed:
- CVE-2016-9586: libcurl printf floating point buffer overflow (bsc#1015332)
- CVE-2017-7407: The ourWriteOut function in tool_writeout.c in curl might have allowed physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which lead to a heap-based buffer over-read (bsc#1032309).
ModerateSUSE bug 1015332SUSE bug 1032309CVE-2016-9586 at SUSECVE-2016-9586 at NVDCVE-2017-7407 at SUSECVE-2017-7407 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2017-1000100: TFP sends more than buffer size and it could lead to a denial of service (bsc#1051644)
- CVE-2017-7407: ourWriteOut function problem could lead to a heap buffer over-read (bsc#1032309)
- CVE-2016-9586: libcurl printf issue could lead to buffer overflow (bsc#1015332)
ModerateSUSE bug 1015332SUSE bug 1032309SUSE bug 1051644CVE-2016-9586 at SUSECVE-2016-9586 at NVDCVE-2017-1000100 at SUSECVE-2017-1000100 at NVDCVE-2017-7407 at SUSECVE-2017-7407 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following security issues:
- CVE-2017-1000254: FTP PWD response parser out of bounds read (bsc#1061876)
ModerateSUSE bug 1061876CVE-2017-1000254 at SUSECVE-2017-1000254 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl several issues.
This security issue was fixed:
- CVE-2018-1000007: Prevent leaking authentication data to third parties when following redirects (bsc#1077001)
This non-security issue was fixed:
- Set DEFAULT_SUSE as the default cipher list (bsc#1027712]
ModerateSUSE bug 1027712SUSE bug 1077001CVE-2016-7141 at SUSECVE-2016-7141 at NVDCVE-2018-1000007 at SUSECVE-2018-1000007 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
curl was updated to version 7.37.0 (fate#325339 bsc#1084137)
This update syncs the curl version to the one in SUSE Linux Enterprise 12
and is full binary compatible to the previous version.
This update is done to allow other third party software like 'R' to
be able to be used on the SUSE Linux Enterprise 11 codebase.
Following security issues were fixed:
- CVE-2018-1000120: A buffer overflow exists in the FTP URL handling that allowed an attacker to cause a denial of service or possible code execution (bsc#1084521).
- CVE-2018-1000121: A NULL pointer dereference exists in the LDAP code that allowed an attacker to cause a denial of service (bsc#1084524).
- CVE-2018-1000122: A buffer over-read exists in the RTSP+RTP handling code that allowed an attacker to cause a denial of service or information leakage (bsc#1084532).
The package also requires a libopenssl that implements the DEFAULT_SUSE cipher list
(bsc#1081056, bsc#1083463,bsc#1086825)
ModerateSUSE bug 1081056SUSE bug 1083463SUSE bug 1084137SUSE bug 1084521SUSE bug 1084524SUSE bug 1084532SUSE bug 1085124SUSE bug 1086825SUSE bug 1087922SUSE bug 1090194CVE-2018-1000120 at SUSECVE-2018-1000120 at NVDCVE-2018-1000121 at SUSECVE-2018-1000121 at NVDCVE-2018-1000122 at SUSECVE-2018-1000122 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2018-1000301: Fixed a buffer over-read caused by bad RTSP headers (bsc#1092098)
ModerateSUSE bug 1092098CVE-2018-1000301 at SUSECVE-2018-1000301 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2018-14618: Prevent integer overflow in the NTLM authentication code
(bsc#1106019).
ModerateSUSE bug 1106019CVE-2018-14618 at SUSECVE-2018-14618 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2018-16840: A use-after-free in SASL handle close was fixed (bsc#1112758)
- CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660)
ModerateSUSE bug 1112758SUSE bug 1113660CVE-2018-16840 at SUSECVE-2018-16840 at NVDCVE-2018-16842 at SUSECVE-2018-16842 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
Security issue fixed:
- CVE-2019-5436: Fixed a heap buffer overflow exists in tftp_receive_packet that receives data from a TFTP server (bsc#1135170).
ImportantSUSE bug 1135170CVE-2019-5436 at SUSECVE-2019-5436 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
Security issue fixed:
- CVE-2019-5482: Fixed a TFTP small blocksize heap buffer overflow (bsc#1149496).
ImportantSUSE bug 1149496CVE-2019-5482 at SUSECVE-2019-5482 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious
server to overwrite a local file when using the -J option (bsc#1173027).
ImportantSUSE bug 1173027CVE-2020-8177 at SUSECVE-2020-8177 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- An application that performs multiple requests with libcurl's
multi API and sets the 'CURLOPT_CONNECT_ONLY' option, might in
rare circumstances experience that when subsequently using the
setup connect-only transfer, libcurl will pick and use the wrong
connection and instead pick another one the application has
created since then. [bsc#1175109, CVE-2020-8231]
ModerateSUSE bug 1175109CVE-2020-8231 at SUSECVE-2020-8231 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2020-8284: Fixed an issue where a malicious FTP server could make curl connect to a different IP (bsc#1179398).
- CVE-2020-8285: Fixed an FTP wildcard stack overflow (bsc#1179399).
ModerateSUSE bug 1179398SUSE bug 1179399CVE-2020-8284 at SUSECVE-2020-8284 at NVDCVE-2020-8285 at SUSECVE-2020-8285 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2021-22876: Fixed an issue where the automatic referer was leaking credentials (bsc#1183933).
ModerateSUSE bug 1183933CVE-2021-22876 at SUSECVE-2021-22876 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2021-22898: Fixed curl TELNET stack contents disclosure (bsc#1186114).
ModerateSUSE bug 1186114CVE-2021-22898 at SUSECVE-2021-22898 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2021-22898: Fixed curl TELNET stack contents disclosure (bsc#1186114).
ModerateSUSE bug 1186114CVE-2021-22898 at SUSECVE-2021-22898 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2021-22925: TELNET stack contents disclosure again. (bsc#1188220)
- CVE-2021-22924: Bad connection reuse due to flawed path name checks. (bsc#1188219)
- CVE-2021-22923: Insufficiently Protected Credentials. (bsc#1188218)
- CVE-2021-22922: Wrong content via metalink not discarded. (bsc#1188217)
ModerateSUSE bug 1188217SUSE bug 1188218SUSE bug 1188219SUSE bug 1188220CVE-2021-22922 at SUSECVE-2021-22922 at NVDCVE-2021-22923 at SUSECVE-2021-22923 at NVDCVE-2021-22924 at SUSECVE-2021-22924 at NVDCVE-2021-22925 at SUSECVE-2021-22925 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2021-22947: Fixed STARTTLS protocol injection via MITM (bsc#1190374).
- CVE-2021-22946: Fixed protocol downgrade required TLS bypassed (bsc#1190373).
ModerateSUSE bug 1190373SUSE bug 1190374CVE-2021-22946 at SUSECVE-2021-22946 at NVDCVE-2021-22947 at SUSECVE-2021-22947 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2022-27776: Fixed Auth/cookie leak on redirect (bsc#1198766)
- CVE-2022-22576: Fixed OAUTH2 bearer bypass in connection re-use (bsc#1198614)
ModerateSUSE bug 1198614SUSE bug 1198766CVE-2022-22576 at SUSECVE-2022-22576 at NVDCVE-2022-27776 at SUSECVE-2022-27776 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2022-27781: Fixed CERTINFO never-ending busy-loop (bsc#1199223)
- CVE-2022-27782: Fixed TLS and SSH connection too eager reuse (bsc#1199224)
ImportantSUSE bug 1199223SUSE bug 1199224CVE-2022-27781 at SUSECVE-2022-27781 at NVDCVE-2022-27782 at SUSECVE-2022-27782 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2022-32208: FTP-KRB bad message verification (bsc#1200737)
ImportantSUSE bug 1200737CVE-2022-32208 at SUSECVE-2022-32208 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2022-35252: Fixed a potential injection of control characters
into cookies, which could be exploited by sister sites to cause a
denial of service (bsc#1202593).
LowSUSE bug 1202593CVE-2022-35252 at SUSECVE-2022-35252 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2022-32221: Fixed POST following PUT confusion (bsc#1204383).
ImportantSUSE bug 1204383CVE-2022-32221 at SUSECVE-2022-32221 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2022-43552: HTTP Proxy deny use-after-free (bsc#1206309).
ModerateSUSE bug 1204383SUSE bug 1206309CVE-2022-32221 at SUSECVE-2022-32221 at NVDCVE-2022-43552 at SUSECVE-2022-43552 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2023-27533: Fixed TELNET option IAC injection (bsc#1209209)
- CVE-2023-27534: Fixed SFTP path ~ resolving discrepancy (bsc#1209210)
- CVE-2023-27535: Fixed FTP too eager connection reuse (bsc#1209211)
- CVE-2023-27536: Fixed GSS delegation too eager connection re-use (bsc#1209212)
- CVE-2023-27538: Fixed SSH connection too eager reuse still (bsc#1209214)
ModerateSUSE bug 1209209SUSE bug 1209210SUSE bug 1209211SUSE bug 1209212SUSE bug 1209214CVE-2023-27533 at SUSECVE-2023-27533 at NVDCVE-2023-27534 at SUSECVE-2023-27534 at NVDCVE-2023-27535 at SUSECVE-2023-27535 at NVDCVE-2023-27536 at SUSECVE-2023-27536 at NVDCVE-2023-27538 at SUSECVE-2023-27538 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for curl fixes the following issues:
- CVE-2023-28320: Fixed siglongjmp race condition (bsc#1211231).
- CVE-2023-28321: Fixed IDN wildcard matching (bsc#1211232).
- CVE-2023-28322: Fixed POST-after-PUT confusion (bsc#1211233).
ImportantSUSE bug 1211231SUSE bug 1211232SUSE bug 1211233SUSE bug 1211339CVE-2023-28320 at SUSECVE-2023-28320 at NVDCVE-2023-28321 at SUSECVE-2023-28321 at NVDCVE-2023-28322 at SUSECVE-2023-28322 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for curlSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes the following security issues:
*
CVE-2014-8150: URL request injection (bnc#911363)
When libcurl sends a request to a server via a HTTP proxy, it copies
the entire URL into the request and sends if off.
If the given URL contains line feeds and carriage returns those will
be sent along to the proxy too, which allows the program to for
example send a separate HTTP request injected embedded in the URL.
*
CVE-2014-3707: duphandle read out of bounds (bnc#901924)
*
CVE-2014-3613: libcurl cookie leaks (bnc#894575)
Additional bug fixed:
* curl_multi_remove_handle: don't crash on multiple removes
(bnc#897816)
Security Issues:
* CVE-2014-8150
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150>
* CVE-2014-3613
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613>
* CVE-2014-3707
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3707>
SUSE bug 870444SUSE bug 884698SUSE bug 885302SUSE bug 894575SUSE bug 897816SUSE bug 901924SUSE bug 911363CVE-2014-3613 at SUSECVE-2014-3613 at NVDCVE-2014-3707 at SUSECVE-2014-3707 at NVDCVE-2014-8150 at SUSECVE-2014-8150 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for cvs (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cvs fixes the following issues:
- CVE-2017-12836: A leading dash in the argument of the '-d' option could lead to argument injection (bsc#1053364)
ModerateSUSE bug 1053364CVE-2017-12836 at SUSECVE-2017-12836 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cyrus-imapd (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cyrus-imapd fixes the following issues:
- Previous versions of cyrus-imapd would not allow its users to disable old SSL
variants that are vulnerable to attacks like BEAST and POODLE. This patch
adds the configuration option 'tls_versions' to remedy that issue. Note that
users who upgrade an existing installation will *not* have their imapd.conf
file overwritten, i.e. their IMAP server will continue to support SSLv2 and
SSLv3 like before. To disable support for those protocols, edit imapd.conf
manually to include 'tls_versions: tls1_0 tls1_1 tls1_2'. New installations,
however, will have an imapd.conf file that contains these settings already,
i.e. newly installed IMAP servers do *not* support unsafe versions of SSL
unless that support is explicitly enabled by the user. (bsc#901748)
- An integer overflow vulnerability in cyrus-imapd's urlfetch range checking
code was fixed. (CVE-2015-8076, CVE-2015-8077, CVE-2015-8078, bsc#981670,
bsc#954200, bsc#954201)
- Support for Elliptic Curve Diffie–Hellman (ECDH) has been added to
cyrus-imapd. (bsc#860611)
ImportantSUSE bug 860611SUSE bug 901748SUSE bug 954200SUSE bug 954201SUSE bug 981670CVE-2014-3566 at SUSECVE-2014-3566 at NVDCVE-2015-8076 at SUSECVE-2015-8076 at NVDCVE-2015-8077 at SUSECVE-2015-8077 at NVDCVE-2015-8078 at SUSECVE-2015-8078 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cyrus-imapd (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cyrus-imapd fixes the following issues:
Security issue fixed:
- CVE-2017-14230: Fixed a off-by-one error in prefix calculation for the LIST command that could cause use of uninitialized memory (bsc#1058021).
LowSUSE bug 1058021CVE-2017-14230 at SUSECVE-2017-14230 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cyrus-imapd (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cyrus-imapd fixes the following issues:
- CVE-2021-33582: Fixed possible hash denial of service (bsc#1189313).
ModerateSUSE bug 1189313CVE-2021-33582 at SUSECVE-2021-33582 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cyrus-sasl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cyrus-sasl fixes the following issues:
- CVE-2019-19906: Fixed an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet (bsc#1159635).
ImportantSUSE bug 1159635CVE-2019-19906 at SUSECVE-2019-19906 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for cyrus-sasl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for cyrus-sasl fixes the following issues:
- CVE-2022-24407: Fixed SQL injection in sql_auxprop_store in plugins/sql.c (bsc#1196036).
ImportantSUSE bug 1196036CVE-2022-24407 at SUSECVE-2022-24407 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for dbus-1SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Various denial of service issues were fixed in the DBUS service.
* CVE-2014-3638: dbus-daemon tracks whether method call messages expect
a reply, so that unsolicited replies can be dropped. As currently
implemented, if there are n parallel method calls in progress, each
method reply takes O(n) CPU time. A malicious user could exploit this
by opening the maximum allowed number of parallel connections and
sending the maximum number of parallel method calls on each one,
causing subsequent method calls to be unreasonably slow, a denial of
service.
* CVE-2014-3639: dbus-daemon allows a small number of 'incomplete'
connections (64 by default) whose identity has not yet been
confirmed. When this limit has been reached, subsequent connections
are dropped. Alban's testing indicates that one malicious process
that makes repeated connection attempts, but never completes the
authentication handshake and instead waits for dbus-daemon to time
out and disconnect it, can cause the majority of legitimate
connection attempts to fail.
Security Issues:
* CVE-2014-3638
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3638>
* CVE-2014-3638
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3638>
SUSE bug 881137SUSE bug 896453CVE-2014-3477 at SUSECVE-2014-3477 at NVDCVE-2014-3638 at SUSECVE-2014-3638 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for dbus-1 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for dbus-1 fixes the following issues:
Security issue fixed:
- CVE-2019-12749: Fixed an implementation flaw in DBUS_COOKIE_SHA1 which
could have allowed local attackers to bypass authentication (bsc#1137832).
ImportantSUSE bug 1137832CVE-2019-12749 at SUSECVE-2019-12749 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for dbus-1 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for dbus-1 fixes the following issues:
- CVE-2020-35512: Fixed a memory safety issue which affected systems
with users with the same numeric UID (bsc#1187105).
ImportantSUSE bug 1187105CVE-2020-35512 at SUSECVE-2020-35512 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for dhcp (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for dhcp fixes the following issues:
- CVE-2015-8605: A remote attacker could have used badly formed packets with an invalid IPv4 UDP length field to cause a DHCP server, client, or relay program to terminate abnormally (bsc#961305)
The following bugs were fixed:
- bsc#936923: Improper lease duration checking
- bsc#880984: Integer overflows in the date and time handling code
- bsc#947780: DHCP server could abort with 'Unable to set up timer: out of range' on very long or infinite timer intervals / lease lifetimes
- bsc#926159: DHCP preferrend and valid lifetime would be logged incorrectly
- bsc#928390: dhclient dit not expose next-server DHCPv4 option to script
- bsc#926159: DHCP preferrend and valid lifetime would be logged incorrectly
ModerateSUSE bug 880984SUSE bug 919959SUSE bug 926159SUSE bug 928390SUSE bug 936923SUSE bug 947780SUSE bug 961305CVE-2015-8605 at SUSECVE-2015-8605 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for dhcp (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for dhcp fixes the following issues:
- CVE-2016-2774: Fixed a denial of service attack against the DHCP server over the OMAPI TCP socket, which could be used
by network adjacent attackers to make the DHCP server non-functional (bsc#969820).
ModerateSUSE bug 969820CVE-2016-2774 at SUSECVE-2016-2774 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for dhcp (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for dhcp fixes several issues.
This security issue was fixed:
- CVE-2017-3144: OMAPI code didn't free socket descriptors when empty message
is received allowing DoS (bsc#1076119)
This non-security issue was fixed:
- Enhance dhclient-script to handle static route updates. (bsc#1023415)
ModerateSUSE bug 1023415SUSE bug 1076119CVE-2017-3144 at SUSECVE-2017-3144 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for dhcp (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for dhcp fixes the following issues:
Security issues fixed:
- CVE-2018-5733: reference count overflow in dhcpd (bsc#1083303).
- CVE-2018-5732: buffer overflow in dhclient (bsc#1083302).
ModerateSUSE bug 1083302SUSE bug 1083303CVE-2018-5732 at SUSECVE-2018-5732 at NVDCVE-2018-5733 at SUSECVE-2018-5733 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for dhcp (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for dhcp fixes the following issues:
- CVE-2021-25217: A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient (bsc#1186382)
ImportantSUSE bug 1186382CVE-2021-25217 at SUSECVE-2021-25217 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for dhcp (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for dhcp fixes the following issues:
- CVE-2022-2928: Fixed an option refcount overflow (bsc#1203988).
- CVE-2022-2929: Fixed a DHCP memory leak (bsc#1203989).
ModerateSUSE bug 1203988SUSE bug 1203989CVE-2022-2928 at SUSECVE-2022-2928 at NVDCVE-2022-2929 at SUSECVE-2022-2929 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for dhcpcd (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
dhcpcd was updated to fix three security issues.
These security issues were fixed:
- CVE-2012-6698: A potential out of bounds write was fixed, which could lead to memory corruption, triggerable by network local attackers.
- CVE-2012-6699: A loop error was fixed that could lead out of bound reads, triggerable by network local attackers.
- CVE-2012-6700: An incorrect free could lead to crashes, triggerable by network local attackers.
ImportantSUSE bug 955762CVE-2012-6698 at SUSECVE-2012-6698 at NVDCVE-2012-6699 at SUSECVE-2012-6699 at NVDCVE-2012-6700 at SUSECVE-2012-6700 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for djvulibre (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for djvulibre fixes the following issues:
Security issues fixed:
- CVE-2019-15142: Fixed heap-based buffer over-read (bsc#1146702).
- CVE-2019-15143: Fixed resource exhaustion caused by corrupted image files (bsc#1146569).
- CVE-2019-15144: Fixed denial-of-service caused by crafted PBM image files (bsc#1146571).
- CVE-2019-15145: Fixed out-of-bounds read caused by corrupted JB2 image files (bsc#1146572).
- Fixed segfault when libtiff encounters corrupted TIFF (upstream issue #295).
ModerateSUSE bug 1146569SUSE bug 1146571SUSE bug 1146572SUSE bug 1146702CVE-2019-15142 at SUSECVE-2019-15142 at NVDCVE-2019-15143 at SUSECVE-2019-15143 at NVDCVE-2019-15144 at SUSECVE-2019-15144 at NVDCVE-2019-15145 at SUSECVE-2019-15145 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for djvulibre (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for djvulibre fixes the following issues:
- CVE-2019-18804: Fixed a null pointer dereference (bsc#1156188).
LowSUSE bug 1156188CVE-2019-18804 at SUSECVE-2019-18804 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for djvulibre (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for djvulibre fixes the following issues:
Security issues fixed:
- CVE-2021-32491 [bsc#1185900]: Integer overflow in function render() in tools/ddjvu via crafted djvu file
- CVE-2021-32492 [bsc#1185904]: Out of bounds read in function DJVU:DataPool:has_data() via crafted djvu file
- CVE-2021-32493 [bsc#1185905]: Heap buffer overflow in function DJVU:GBitmap:decode() via crafted djvu file
ImportantSUSE bug 1185900SUSE bug 1185904SUSE bug 1185905CVE-2021-32491 at SUSECVE-2021-32491 at NVDCVE-2021-32492 at SUSECVE-2021-32492 at NVDCVE-2021-32493 at SUSECVE-2021-32493 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for djvulibre (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for djvulibre fixes the following issues:
- CVE-2021-3500: Stack overflow in function DJVU:DjVuDocument:get_djvu_file() via crafted djvu file (bsc#1186253)
ImportantSUSE bug 1186253CVE-2021-3500 at SUSECVE-2021-3500 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for djvulibre (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for djvulibre fixes the following issues:
- CVE-2021-3630: out-of-bounds write in DJVU:DjVuTXT:decode() in DjVuText.cpp (bsc#1187869)
ImportantSUSE bug 1187869CVE-2021-3630 at SUSECVE-2021-3630 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for djvulibre (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for djvulibre fixes the following issues:
- Extend CVE-2021-3630 fix (bsc#1187869).
ImportantSUSE bug 1187869CVE-2021-3630 at SUSECVE-2021-3630 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for dnsmasqSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update provides dnsmasq version 2.71, which brings several fixes and
enhancements. For a comprehensive list of changes, please refer to the
package change log. (FATE#317370)
SUSE bug 776496SUSE bug 883708SUSE bug 923144SUSE bug 928867CVE-2015-3294 at SUSECVE-2015-3294 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for dnsmasq (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for dnsmasq fixes the following issues:
- CVE-2015-8899: Denial of service between local and remote dns entries (bsc#983273)
ImportantSUSE bug 983273CVE-2015-8899 at SUSECVE-2015-8899 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for dnsmasq (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for dnsmasq fixes the following security issues:
- CVE-2017-14491: 2 byte heap based overflow. [bsc#1060354]
- CVE-2017-14492: heap based overflow. [bsc#1060355]
- CVE-2017-14493: stack based overflow. [bsc#1060360]
- CVE-2017-14494: DHCP - info leak. [bsc#1060361]
- CVE-2017-14495: DNS - OOM DoS. [bsc#1060362]
- CVE-2017-14496: DNS - DoS Integer underflow. [bsc#1060364]
This update brings a (small) potential incompatibility in the handling of
'basename' in --pxe-service. Please read the CHANGELOG and the documentation if
you are using this option.
ImportantSUSE bug 1060354SUSE bug 1060355SUSE bug 1060360SUSE bug 1060361SUSE bug 1060362SUSE bug 1060364CVE-2015-3294 at SUSECVE-2015-3294 at NVDCVE-2015-8899 at SUSECVE-2015-8899 at NVDCVE-2017-14491 at SUSECVE-2017-14491 at NVDCVE-2017-14492 at SUSECVE-2017-14492 at NVDCVE-2017-14493 at SUSECVE-2017-14493 at NVDCVE-2017-14494 at SUSECVE-2017-14494 at NVDCVE-2017-14495 at SUSECVE-2017-14495 at NVDCVE-2017-14496 at SUSECVE-2017-14496 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for dnsmasq (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for dnsmasq fixes the following issues:
Security issue fixed:
- CVE-2017-15107: Fixed a vulnerability in DNSSEC implementation. Processing of
wildcard synthesized NSEC records may result improper validation for non-existance. (bsc#1076958)
ModerateSUSE bug 1076958CVE-2017-15107 at SUSECVE-2017-15107 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for dnsmasq (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for dnsmasq fixes the following issues:
- CVE-2019-14834: Fixed a memory leak which could have allowed to remote attackers
to cause denial of service via DHCP response creation (bsc#1154849)
ModerateSUSE bug 1154849CVE-2019-14834 at SUSECVE-2019-14834 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for dnsmasq (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for dnsmasq fixes the following issues:
Security issues fixed:
- CVE-2020-25684, CVE-2020-25685, CVE-2020-25686: Fixed multiple Cache Poisoning attacks (bsc#1177077).
- CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687: Fixed multiple potential Heap-based overflows when DNSSEC is enabled (bsc#1177077).
Non-security issue fixed:
- Retry query to other servers on receipt of SERVFAIL rcode (bsc#1176076).
ImportantSUSE bug 1176076SUSE bug 1177077CVE-2020-25681 at SUSECVE-2020-25681 at NVDCVE-2020-25682 at SUSECVE-2020-25682 at NVDCVE-2020-25683 at SUSECVE-2020-25683 at NVDCVE-2020-25684 at SUSECVE-2020-25684 at NVDCVE-2020-25685 at SUSECVE-2020-25685 at NVDCVE-2020-25686 at SUSECVE-2020-25686 at NVDCVE-2020-25687 at SUSECVE-2020-25687 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for dnsmasq (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for dnsmasq fixes the following issues:
- CVE-2021-3448: Fixed a potential DNS cache poisoning issue due to a constant
outgoing port being used when for certain use cases of the --server option
(bsc#1183709).
- CVE-2022-0934: Fixed an invalid memory access that could lead to remote denial
of service via crafted packet (bsc#1197872).
Non-security fixes:
- Removed cache size limit (bsc#1138743).
ImportantSUSE bug 1138743SUSE bug 1183709SUSE bug 1197872CVE-2021-3448 at SUSECVE-2021-3448 at NVDCVE-2022-0934 at SUSECVE-2022-0934 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for dnsmasq (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for dnsmasq fixes the following issues:
- CVE-2023-28450: Fixed default maximum size for EDNS.0 UDP packets (bsc#1209358).
ModerateSUSE bug 1209358CVE-2023-28450 at SUSECVE-2023-28450 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for dosfstools (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
dosfstools was updated to fix two security issues.
These security issues were fixed:
- CVE-2015-8872: The set_fat function in fat.c in dosfstools might have allowed attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an 'off-by-two error (bsc#980364).
- CVE-2016-4804: The read_boot function in boot.c in dosfstools allowed attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat function (bsc#980377).
ModerateSUSE bug 980364SUSE bug 980377CVE-2015-8872 at SUSECVE-2015-8872 at NVDCVE-2016-4804 at SUSECVE-2016-4804 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for e2fsprogsSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Two security issues were fixed in e2fsprogs:
* CVE-2015-0247: Various heap overflows were fixed in e2fsprogs (fsck,
dumpe2fs, e2image).
* CVE-2015-1572: Fixed a potential buffer overflow in closefs().
(bsc#918346)
Additionally, badblocks was enhanced to work with very large partitions.
(bsc#932539)
Security Issues:
* CVE-2015-0247
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0247>
* CVE-2015-1572
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1572>
SUSE bug 915402SUSE bug 918346SUSE bug 932539CVE-2015-0247 at SUSECVE-2015-0247 at NVDCVE-2015-1572 at SUSECVE-2015-1572 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for e2fsprogs (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for e2fsprogs fixes the following issues:
Security issue fixed:
- CVE-2019-5188: Fixed a code execution vulnerability in the directory rehashing functionality (bsc#1160571).
Non-security issue fixed:
- Fix resize2fs to not clear resize inode for 0 resvd blocks (bsc#1029927).
- Don't use the extended rec_len encoding for standard file systems (bsc#1038885).
ModerateSUSE bug 1029927SUSE bug 1038885SUSE bug 1160571CVE-2019-5188 at SUSECVE-2019-5188 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ecryptfs-utils (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for ecryptfs-utils fixes the following issues:
- CVE-2016-1572: A local user could have escalated privileges by mounting over special filesystems (bsc#962052)
- CVE-2014-9687: A default salt value reduced complexity of offline precomputation attacks (bsc#920160)
ModerateSUSE bug 920160SUSE bug 962052CVE-2014-9687 at SUSECVE-2014-9687 at NVDCVE-2016-1572 at SUSECVE-2016-1572 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for ed (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ed fixes the following security issues:
- CVE-2017-5357: An invalid free in the regular expression handling
of the 'ed' command processing could allow local users to crash ed. (bsc#1019807)
LowSUSE bug 1019807CVE-2017-5357 at SUSECVE-2017-5357 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for elfutilsSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
elfutils has been updated to fix one security issue:
* CVE-2014-9447: Directory traversal vulnerability in the
read_long_names function in libelf/elf_begin.c in elfutils 0.152 and
0.161 allowed remote attackers to write to arbitrary files to the
root directory via a / (slash) in a crafted archive, as demonstrated
using the ar program (bnc#911662).
Security Issues:
* CVE-2014-9447
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9447>
SUSE bug 911662CVE-2014-9447 at SUSECVE-2014-9447 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for elfutils (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for elfutils fixes the following issues:
Security issues fixed:
- CVE-2018-16403: Fixed a heap-based buffer over-read in in libdw/dwarf_getabbrev.c
and libwd/dwarf_hasattr.c which could have lead to denial of service (bsc#1107067).
- CVE-2016-10254: Fixed a memory allocation failure in alloxate_elf (bsc#1030472).
- CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (bsc#1125007).
- CVE-2016-10255: Fixed a memory allocation failure in libelf_set_rawdata_wrlock (bsc#1030476).
- CVE-2019-7150: Added a missing check in dwfl_segment_report_module which could have allowed truncated files
to be read (bsc#1123685).
- CVE-2018-16062: Fixed a heap-buffer-overflow (bsc#1106390).
- CVE-2017-7611: Fixed a heap-based buffer over-read that could have led to Denial of Service (bsc#1033088).
- CVE-2017-7613: Fixed denial of service caused by the missing validation of the number of sections
and the number of segments in a crafted ELF file (bsc#1033090).
- CVE-2017-7607: Fixed a heap-based buffer overflow in handle_gnu_hash (bsc#1033084).
- CVE-2017-7608: Fixed a heap-based buffer overflow in ebl_object_note_type_name() (bsc#1033085).
- CVE-2017-7610: Fixed a heap-based buffer overflow in check_group (bsc#1033087).
- CVE-2018-18521: Fixed multiple divide-by-zero vulnerabilities in function arlib_add_symbols() (bsc#1112723).
- CVE-2017-7612: Fixed a denial of service in check_sysv_hash() via a crafted ELF file (bsc#1033089).
- CVE-2018-18310: Fixed an invalid address read in dwfl_segment_report_module.c (bsc#1111973).
- CVE-2018-18520: Fixed bad handling of ar files inside are files (bsc#1112726).
- CVE-2017-7613: Missing validation of the number of sections and the number of
segments allowed remote attackers to cause a denial of service (memory
consumption) via a crafted ELF file (bsc#1033090).
- CVE-2017-7612: The check_sysv_hash function allowed remote attackers to cause
a denial of service (heap-based buffer over-read and application crash) via a
crafted ELF file (bsc#1033089).
LowSUSE bug 1030472SUSE bug 1030476SUSE bug 1033084SUSE bug 1033085SUSE bug 1033087SUSE bug 1033088SUSE bug 1033089SUSE bug 1033090SUSE bug 1106390SUSE bug 1107067SUSE bug 1111973SUSE bug 1112723SUSE bug 1112726SUSE bug 1123685SUSE bug 1125007CVE-2016-10254 at SUSECVE-2016-10254 at NVDCVE-2016-10255 at SUSECVE-2016-10255 at NVDCVE-2017-7607 at SUSECVE-2017-7607 at NVDCVE-2017-7608 at SUSECVE-2017-7608 at NVDCVE-2017-7610 at SUSECVE-2017-7610 at NVDCVE-2017-7611 at SUSECVE-2017-7611 at NVDCVE-2017-7612 at SUSECVE-2017-7612 at NVDCVE-2017-7613 at SUSECVE-2017-7613 at NVDCVE-2018-16062 at SUSECVE-2018-16062 at NVDCVE-2018-16403 at SUSECVE-2018-16403 at NVDCVE-2018-18310 at SUSECVE-2018-18310 at NVDCVE-2018-18520 at SUSECVE-2018-18520 at NVDCVE-2018-18521 at SUSECVE-2018-18521 at NVDCVE-2019-7150 at SUSECVE-2019-7150 at NVDCVE-2019-7665 at SUSECVE-2019-7665 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for emacsSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Emacs has been updated to fix the following issues:
* Several cases of insecure usage of temporary files. (CVE-2014-3421,
CVE-2014-3422, CVE-2014-3423, CVE-2014-3424)
* Use of vc-annotate for renamed files when using Git. (bnc#854683)
Security Issues:
* CVE-2014-3421
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421>
* CVE-2014-3422
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422>
* CVE-2014-3423
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3423>
* CVE-2014-3424
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424>
SUSE bug 854683SUSE bug 876847CVE-2014-3421 at SUSECVE-2014-3421 at NVDCVE-2014-3422 at SUSECVE-2014-3422 at NVDCVE-2014-3423 at SUSECVE-2014-3423 at NVDCVE-2014-3424 at SUSECVE-2014-3424 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for emacs (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for emacs fixes one issues.
This security issue was fixed:
- CVE-2017-14482: Remote code execution via mails with 'Content-Type: text/enriched' (bsc#1058425)
ImportantSUSE bug 1058425CVE-2017-14482 at SUSECVE-2017-14482 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for emacs (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for emacs fixes the following issues:
- CVE-2022-45939: Fixed shell command injection via source code files when using ctags (bsc#1205822).
ImportantSUSE bug 1205822CVE-2022-45939 at SUSECVE-2022-45939 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for emacs (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for emacs fixes the following issues:
- CVE-2022-48337: Fixed etags local command injection vulnerability (bsc#1208515).
ImportantSUSE bug 1208515CVE-2022-48337 at SUSECVE-2022-48337 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for evince (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for evince provides the following fix:
- CVE-2017-1000159: Prevent command line injections via filenames when printing to a file. (bsc#1070046)
ModerateSUSE bug 1070046CVE-2017-1000159 at SUSECVE-2017-1000159 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for evince (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for evince fixes the following issues:
Security issues fixed:
- CVE-2019-11459: Fixed an improper error handling in which could have led to use of uninitialized use of memory (bsc#1133037).
- CVE-2019-1010006: Fixed a buffer overflow in backend/tiff/tiff-document.c (bsc#1141619).
ImportantSUSE bug 1133037SUSE bug 1141619CVE-2019-1010006 at SUSECVE-2019-1010006 at NVDCVE-2019-11459 at SUSECVE-2019-11459 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for evolution-data-serverSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
evolution-data-server has been updated to disable support for SSLv3.
This security issues has been fixed:
* SSLv3 POODLE attack (CVE-2014-3566)
Security Issues:
* CVE-2014-3566
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566>
SUSE bug 901553CVE-2014-3566 at SUSECVE-2014-3566 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for evolution-data-server (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for evolution-data-server fixes the following issue:
- CVE-2013-4166: Enclose email addresses in brackets to ensure an exact match (bsc#830491).
ModerateSUSE bug 830491CVE-2013-4166 at SUSECVE-2013-4166 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for exempi (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for exempi fixes the following issues:
Security issue fixed:
- CVE-2018-7730: Fix heap-based buffer overflow in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp (bsc#1085295).
- CVE-2017-18234: Fix use-after-free issue that allows remote attackers to cause a denial of service via a .pdf file (bsc#1085585).
ModerateSUSE bug 1085295SUSE bug 1085585CVE-2017-18234 at SUSECVE-2017-18234 at NVDCVE-2018-7730 at SUSECVE-2018-7730 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for exiv2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for exiv2 fixes the following issues:
- CVE-2021-32617: Fixed denial of service inside inefficient algorithm (quadratic complexity) (bsc#1186192).
- CVE-2017-11591: Fixed floating point exception in Exiv2::ValueType (bsc#1050257).
ModerateSUSE bug 1050257SUSE bug 1186192CVE-2017-11591 at SUSECVE-2017-11591 at NVDCVE-2021-32617 at SUSECVE-2021-32617 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for exiv2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for exiv2 fixes the following issues:
- CVE-2019-13112: Fixed an uncontrolled memory allocation in PngChunk:parseChunkContent causing denial of service. (bsc#1142681)
ModerateSUSE bug 1142681CVE-2019-13112 at SUSECVE-2019-13112 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for exiv2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for exiv2 fixes the following issues:
- CVE-2021-34334: Fixed a deny-of-service due to integer overflow in loop counter (bsc#1189338).
- CVE-2019-13110: Fixed integer-overflow and out-of-bounds read in CiffDirectory:readDirectory leads to denail of service (bsc#1142678).
- CVE-2019-13113: Fixed invalid data location in CRW image file causing denial of service (bsc#1142683).
ImportantSUSE bug 1142678SUSE bug 1142683SUSE bug 1189338CVE-2019-13110 at SUSECVE-2019-13110 at NVDCVE-2019-13113 at SUSECVE-2019-13113 at NVDCVE-2021-34334 at SUSECVE-2021-34334 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for expat (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for expat fixes the following issues:
Security issue fixed:
- CVE-2016-0718: Fix Expat XML parser that mishandles certain kinds of malformed input documents. (bsc#979441)
- CVE-2015-1283: Fix multiple integer overflows. (bnc#980391)
ImportantSUSE bug 979441SUSE bug 980391CVE-2015-1283 at SUSECVE-2015-1283 at NVDCVE-2016-0718 at SUSECVE-2016-0718 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for expat (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for expat fixes the following security issues:
- CVE-2012-6702: Expat, when used in a parser that has not
called XML_SetHashSalt or passed it a seed of 0, made it easier for
context-dependent attackers to defeat cryptographic protection mechanisms
via vectors involving use of the srand function. (bsc#983215)
- CVE-2016-5300: The XML parser in Expat did not use sufficient entropy
for hash initialization, which allowed context-dependent attackers to
cause a denial of service (CPU consumption) via crafted identifiers in
an XML document. NOTE: this vulnerability exists because of an incomplete
fix for CVE-2012-0876. (bsc#983216)
ModerateSUSE bug 1022037SUSE bug 983215SUSE bug 983216CVE-2012-6702 at SUSECVE-2012-6702 at NVDCVE-2016-5300 at SUSECVE-2016-5300 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for expat (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for expat fixes the following issues:
- CVE-2016-9063: Possible integer overflow to fix inside XML_Parse leading to unexpected behaviour (bsc#1047240)
- CVE-2017-9233: External Entity Vulnerability could lead to denial of service (bsc#1047236)
ModerateSUSE bug 1047236SUSE bug 1047240CVE-2016-9063 at SUSECVE-2016-9063 at NVDCVE-2017-9233 at SUSECVE-2017-9233 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for expat (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for expat fixes the following issues:
Security issue fixed:
- CVE-2018-20843: Fixed a denial of service triggered by high resource consumption
in the XML parser when XML names contain a large amount of colons (bsc#1139937).
ModerateSUSE bug 1139937CVE-2018-20843 at SUSECVE-2018-20843 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for expat (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for expat fixes the following issues:
Security issue fixed:
- CVE-2019-15903: Fixed a heap-based buffer over-read caused by crafted XML documents. (bsc#1149429)
ModerateSUSE bug 1149429CVE-2019-15903 at SUSECVE-2019-15903 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for expat (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for expat fixes the following issues:
- CVE-2021-45960: Fixed left shift in the storeAtts function in xmlparse.c that can lead to realloc misbehavior (bsc#1194251).
- CVE-2021-46143: Fixed integer overflow in m_groupSize in doProlog (bsc#1194362).
- CVE-2022-22822: Fixed integer overflow in addBinding in xmlparse.c (bsc#1194474).
- CVE-2022-22823: Fixed integer overflow in build_model in xmlparse.c (bsc#1194476).
- CVE-2022-22824: Fixed integer overflow in defineAttribute in xmlparse.c (bsc#1194477).
- CVE-2022-22825: Fixed integer overflow in lookup in xmlparse.c (bsc#1194478).
- CVE-2022-22826: Fixed integer overflow in nextScaffoldPart in xmlparse.c (bsc#1194479).
- CVE-2022-22827: Fixed integer overflow in storeAtts in xmlparse.c (bsc#1194480).
ImportantSUSE bug 1194251SUSE bug 1194362SUSE bug 1194474SUSE bug 1194476SUSE bug 1194477SUSE bug 1194478SUSE bug 1194479SUSE bug 1194480CVE-2021-45960 at SUSECVE-2021-45960 at NVDCVE-2021-46143 at SUSECVE-2021-46143 at NVDCVE-2022-22822 at SUSECVE-2022-22822 at NVDCVE-2022-22823 at SUSECVE-2022-22823 at NVDCVE-2022-22824 at SUSECVE-2022-22824 at NVDCVE-2022-22825 at SUSECVE-2022-22825 at NVDCVE-2022-22826 at SUSECVE-2022-22826 at NVDCVE-2022-22827 at SUSECVE-2022-22827 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for expat (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for expat fixes the following issues:
- CVE-2022-23852: Fixed signed integer overflow in XML_GetBuffer (bsc#1195054).
- CVE-2022-23990: Fixed integer overflow in the doProlog function (bsc#1195217).
ImportantSUSE bug 1195054SUSE bug 1195217CVE-2022-23852 at SUSECVE-2022-23852 at NVDCVE-2022-23990 at SUSECVE-2022-23990 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for expat (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for expat fixes the following issues:
- CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs (bsc#1196025).
- CVE-2022-25235: Fixed UTF-8 character validation in a certain context (bsc#1196026).
- CVE-2022-25313: Fixed stack exhaustion in build_model() via uncontrolled recursion (bsc#1196168).
- CVE-2022-25314: Fixed integer overflow in copyString (bsc#1196169).
- CVE-2022-25315: Fixed integer overflow in storeRawNames (bsc#1196171).
ImportantSUSE bug 1196025SUSE bug 1196026SUSE bug 1196168SUSE bug 1196169SUSE bug 1196171CVE-2022-25235 at SUSECVE-2022-25235 at NVDCVE-2022-25236 at SUSECVE-2022-25236 at NVDCVE-2022-25313 at SUSECVE-2022-25313 at NVDCVE-2022-25314 at SUSECVE-2022-25314 at NVDCVE-2022-25315 at SUSECVE-2022-25315 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for expat (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for expat fixes the following issues:
- Fixed a regression caused by the patch for CVE-2022-25236 (bsc#1196784).
ImportantSUSE bug 1196025SUSE bug 1196784CVE-2022-25236 at SUSECVE-2022-25236 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for expat (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for expat fixes the following issues:
- CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c (bsc#1203438).
ImportantSUSE bug 1203438CVE-2022-40674 at SUSECVE-2022-40674 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for expat (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for expat fixes the following issues:
- CVE-2022-43680: Fixed use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (bsc#1204708).
ImportantSUSE bug 1204708CVE-2022-43680 at SUSECVE-2022-43680 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for facter (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for facter fixes the following issues:
- CVE-2015-1426: Prevent the EC2 metadata fact from collecting security credentials (bsc#917383).
ModerateSUSE bug 917383CVE-2015-1426 at SUSECVE-2015-1426 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for fastjarSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This fastjar update fixes a directory traversal issue (bnc#607043).
Security Issue reference:
* CVE-2010-0831
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0831>
SUSE bug 607043CVE-2010-0831 at SUSECVE-2010-0831 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for fetchmail (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for fetchmail fixes the following issues:
- CVE-2012-3482: A denial of service vulnerability in the base64 decoder during processing server NTLM protocol exchange was fixed (bsc#775988).
ModerateSUSE bug 775988CVE-2012-3482 at SUSECVE-2012-3482 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for fetchmail (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for fetchmail fixes the following issues:
- CVE-2021-36386: Fixed a missing variable initialization that can cause read from bad memory locations. (bsc#1188875)
ModerateSUSE bug 1188875CVE-2021-36386 at SUSECVE-2021-36386 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for fileSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
file was updated to fix one security issue.
* An out-of-bounds read flaw file's donote() function. This could
possibly lead to file executable crash (CVE-2014-3710).
Security Issues:
* CVE-2014-3710
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710>
SUSE bug 863450SUSE bug 866750SUSE bug 902367CVE-2014-2270 at SUSECVE-2014-2270 at NVDCVE-2014-3710 at SUSECVE-2014-3710 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for file-roller (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for file-roller fixes the following issues:
- Fixed a potential denial of service when extracting a zip files (bsc#937635).
ModerateSUSE bug 937635cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Mozilla Firefox has been updated to the 17.0.7 ESR version, which fixes
bugs and security fixes.
*
MFSA 2013-49: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
Gary Kwong, Jesse Ruderman, and Andrew McCreight reported memory
safety problems and crashes that affect Firefox ESR 17, and Firefox
21. (CVE-2013-1682)
*
MFSA 2013-50: Security researcher Abhishek Arya (Inferno) of the
Google Chrome Security Team used the Address Sanitizer tool to
discover a series of use-after-free problems rated critical as
security issues in shipped software. Some of these issues are
potentially exploitable, allowing for remote code execution. We would
also like to thank Abhishek for reporting additional use-after-free
and buffer overflow flaws in code introduced during Firefox
development. These were fixed before general release.
o Heap-use-after-free in
mozilla::dom::HTMLMediaElement::LookupMediaElementURITable
(CVE-2013-1684)
o Heap-use-after-free in nsIDocument::GetRootElement
(CVE-2013-1685)
o Heap-use-after-free in mozilla::ResetDir (CVE-2013-1686)
*
MFSA 2013-51 / CVE-2013-1687: Security researcher Mariusz Mlynski
reported that it is possible to compile a user-defined function in
the XBL scope of a specific element and then trigger an event within
this scope to run code. In some circumstances, when this code is run,
it can access content protected by System Only Wrappers (SOW) and
chrome-privileged pages. This could potentially lead to arbitrary
code execution. Additionally, Chrome Object Wrappers (COW) can be
bypassed by web content to access privileged methods, leading to a
cross-site scripting (XSS) attack from privileged pages.
*
MFSA 2013-53 / CVE-2013-1690: Security researcher Nils reported that
specially crafted web content using the onreadystatechange event and
reloading of pages could sometimes cause a crash when unmapped memory
is executed. This crash is potentially exploitable.
*
MFSA 2013-54 / CVE-2013-1692: Security researcher Johnathan Kuskos
reported that Firefox is sending data in the body of XMLHttpRequest
(XHR) HEAD requests, which goes agains the XHR specification. This
can potentially be used for Cross-Site Request Forgery (CSRF) attacks
against sites which do not distinguish between HEAD and POST
requests.
*
MFSA 2013-55 / CVE-2013-1693: Security researcher Paul Stone of
Context Information Security discovered that timing differences in
the processing of SVG format images with filters could allow for
pixel values to be read. This could potentially allow for text values
to be read across domains, leading to information disclosure.
*
MFSA 2013-59 / CVE-2013-1697: Mozilla security researcher
moz_bug_r_a4 reported that XrayWrappers can be bypassed to call
content-defined toString and valueOf methods through DefaultValue.
This can lead to unexpected behavior when privileged code acts on the
incorrect values.
*
MFSA 2013-30: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
Olli Pettay, Jesse Ruderman, Boris Zbarsky, Christian Holler, Milan
Sreckovic, and Joe Drew reported memory safety problems and crashes
that affect Firefox ESR 17, and Firefox 19. (CVE-2013-0788)
*
MFSA 2013-31 / CVE-2013-0800: Security researcher Abhishek Arya
(Inferno) of the Google Chrome Security Team used the Address
Sanitizer tool to discover an out-of-bounds write in Cairo graphics
library. When certain values are passed to it during rendering, Cairo
attempts to use negative boundaries or sizes for boxes, leading to a
potentially exploitable crash in some instances.
*
MFSA 2013-32 / CVE-2013-0799: Security researcher Frederic Hoguin
discovered that the Mozilla Maintenance Service on Windows was
vulnerable to a buffer overflow. This system is used to update
software without invoking the User Account Control (UAC) prompt. The
Mozilla Maintenance Service is configured to allow unprivileged users
to start it with arbitrary arguments. By manipulating the data passed
in these arguments, an attacker can execute arbitrary code with the
system privileges used by the service. This issue requires local file
system access to be exploitable.
*
MFSA 2013-34 / CVE-2013-0797: Security researcher Ash reported an
issue with the Mozilla Updater. The Mozilla Updater can be made to
load a malicious local DLL file in a privileged context through
either the Mozilla Maintenance Service or independently on systems
that do not use the service. This occurs when the DLL file is placed
in a specific location on the local system before the Mozilla Updater
is run. Local file system access is necessary in order for this issue
to be exploitable.
*
MFSA 2013-35 / CVE-2013-0796: Security researcher miaubiz used the
Address Sanitizer tool to discover a crash in WebGL rendering when
memory is freed that has not previously been allocated. This issue
only affects Linux users who have Intel Mesa graphics drivers. The
resulting crash could be potentially exploitable.
*
MFSA 2013-36 / CVE-2013-0795: Security researcher Cody Crews reported
a mechanism to use the cloneNode method to bypass System Only
Wrappers (SOW) and clone a protected node. This allows violation of
the browser's same origin policy and could also lead to privilege
escalation and the execution of arbitrary code.
*
MFSA 2013-37 / CVE-2013-0794: Security researcher shutdown reported a
method for removing the origin indication on tab-modal dialog boxes
in combination with browser navigation. This could allow an
attacker's dialog to overlay a page and show another site's content.
This can be used for phishing by allowing users to enter data into a
modal prompt dialog on an attacking, site while appearing to be from
the displayed site.
*
MFSA 2013-38 / CVE-2013-0793: Security researcher Mariusz Mlynski
reported a method to use browser navigations through history to load
an arbitrary website with that page's baseURI property pointing to
another site instead of the seemingly loaded one. The user will
continue to see the incorrect site in the addressbar of the browser.
This allows for a cross-site scripting (XSS) attack or the theft of
data through a phishing attack.
*
MFSA 2013-39 / CVE-2013-0792: Mozilla community member Tobias Schula
reported that if gfx.color_management.enablev4 preference is enabled
manually in about:config, some grayscale PNG images will be rendered
incorrectly and cause memory corruption during PNG decoding when
certain color profiles are in use. A crafted PNG image could use this
flaw to leak data through rendered images drawing from random memory.
By default, this preference is not enabled.
*
MFSA 2013-40 / CVE-2013-0791: Mozilla community member Ambroz Bizjak
reported an out-of-bounds array read in the CERT_DecodeCertPackage
function of the Network Security Services (NSS) libary when decoding
a certificate. When this occurs, it will lead to memory corruption
and a non-exploitable crash.
*
MFSA 2013-41: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
References
o Christoph Diehl, Christian Holler, Jesse Ruderman, Timothy
Nikkel, and Jeff Walden reported memory safety problems and
crashes that affect Firefox ESR 17, and Firefox 20.
o Bob Clary, Ben Turner, Benoit Jacob, Bobby Holley, Christoph
Diehl, Christian Holler, Andrew McCreight, Gary Kwong, Jason
Orendorff, Jesse Ruderman, Matt Wobensmith, and Mats Palmgren
reported memory safety problems and crashes that affect Firefox
20.
*
MFSA 2013-42 / CVE-2013-1670: Security researcher Cody Crews reported
a method to call a content level constructor that allows for this
constructor to have chrome privileged accesss. This affects chrome
object wrappers (COW) and allows for write actions on objects when
only read actions should be allowed. This can lead to cross-site
scripting (XSS) attacks.
*
MFSA 2013-43 / CVE-2013-1671: Mozilla security researcher
moz_bug_r_a4 reported a mechanism to exploit the control when set to
the file type in order to get the full path. This can lead to
information leakage and could be combined with other exploits to
target attacks on the local file system.
*
MFSA 2013-44 / CVE-2013-1672: Security researcher Seb Patane reported
an issue with the Mozilla Maintenance Service on Windows. This issue
allows unprivileged users to local privilege escalation through the
system privileges used by the service when interacting with local
malicious software. This allows the user to bypass integrity checks
leading to local privilege escalation. Local file system access is
necessary in order for this issue to be exploitable and it cannot be
triggered through web content.
*
MFSA 2013-45: Security researcher Robert Kugler discovered that in
some instances the Mozilla Maintenance Service on Windows will be
vulnerable to some previously fixed privilege escalation attacks that
allowed for local privilege escalation. This was caused by the
Mozilla Updater not updating Windows Registry entries for the Mozilla
Maintenance Service, which fixed the earlier issues present if
Firefox 12 had been installed. New installations of Firefox after
version 12 are not affected by this issue. Local file system access
is necessary in order for this issue to be exploitable and it cannot
be triggered through web content. References: - old
MozillaMaintenance Service registry entry not updated leading to
Trusted Path Privilege Escalation (CVE-2013-1673) - Possible
Arbitrary Code Execution by Update Service (CVE-2012-1942)
*
MFSA 2013-46 / CVE-2013-1674: Security researcher Nils reported a
use-after-free when resizing video while playing. This could allow
for arbitrary code execution.
*
MFSA 2013-47 / CVE-2013-1675: Mozilla community member Ms2ger
discovered that some DOMSVGZoomEvent functions are used without being
properly initialized, causing uninitialized memory to be used when
they are called by web content. This could lead to a information
leakage to sites depending on the contents of this uninitialized
memory.
*
MFSA 2013-48: Security researcher Abhishek Arya (Inferno) of the
Google Chrome Security Team used the Address Sanitizer tool to
discover a series of use-after-free, out of bounds read, and invalid
write problems rated as moderate to critical as security issues in
shipped software. Some of these issues are potentially exploitable,
allowing for remote code execution. We would also like to thank
Abhishek for reporting additional use-after-free flaws in dir=auto
code introduced during Firefox development. These were fixed before
general release.
References
o Out of Bounds Read in SelectionIterator::GetNextSegment
(CVE-2013-1676)
o Out-of-bound read in gfxSkipCharsIterator::SetOffsets
(CVE-2013-1677))
o Invalid write in _cairo_xlib_surface_add_glyph (CVE-2013-1678)
o Heap-use-after-free in mozilla::plugins::child::_geturlnotify
(CVE-2013-1679)
o Heap-use-after-free in nsFrameList::FirstChild (CVE-2013-1680)
o Heap-use-after-free in nsContentUtils::RemoveScriptBlocker
(CVE-2013-1681)
*
CVE-2012-1942
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1942>
* CVE-2013-0788
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0788>
* CVE-2013-0791
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0791>
* CVE-2013-0792
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0792>
* CVE-2013-0793
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0793>
* CVE-2013-0794
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0794>
* CVE-2013-0795
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0795>
* CVE-2013-0796
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0796>
* CVE-2013-0797
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0797>
* CVE-2013-0798
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0798>
* CVE-2013-0799
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0799>
* CVE-2013-0800
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0800>
* CVE-2013-0801
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0801>
* CVE-2013-1669
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1669>
* CVE-2013-1670
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1670>
* CVE-2013-1671
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1671>
* CVE-2013-1672
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1672>
* CVE-2013-1673
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1673>
* CVE-2013-1674
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1674>
* CVE-2013-1675
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1675>
* CVE-2013-1676
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1676>
* CVE-2013-1677
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1677>
* CVE-2013-1678
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1678>
* CVE-2013-1679
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1679>
* CVE-2013-1680
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1680>
* CVE-2013-1681
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1681>
* CVE-2013-1682
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1682>
* CVE-2013-1684
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1684>
* CVE-2013-1685
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1685>
* CVE-2013-1686
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1686>
* CVE-2013-1687
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1687>
* CVE-2013-1690
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1690>
* CVE-2013-1692
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1692>
* CVE-2013-1693
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1693>
* CVE-2013-1697
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1697>
SUSE bug 792432SUSE bug 813026SUSE bug 819204SUSE bug 825935CVE-2013-1682 at SUSECVE-2013-1682 at NVDCVE-2013-1684 at SUSECVE-2013-1684 at NVDCVE-2013-1685 at SUSECVE-2013-1685 at NVDCVE-2013-1686 at SUSECVE-2013-1686 at NVDCVE-2013-1687 at SUSECVE-2013-1687 at NVDCVE-2013-1690 at SUSECVE-2013-1690 at NVDCVE-2013-1692 at SUSECVE-2013-1692 at NVDCVE-2013-1693 at SUSECVE-2013-1693 at NVDCVE-2013-1697 at SUSECVE-2013-1697 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Mozilla Firefox has been updated to the 17.0.10ESR release, which fixes
various bugs and security issues:
*
MFSA 2013-93: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.
Jesse Ruderman and Christoph Diehl reported memory safety problems
and crashes that affect Firefox ESR 17, Firefox ESR 24, and Firefox
24. (CVE-2013-5590)
Carsten Book reported a crash fixed in the NSS library used by
Mozilla-based products fixed in Firefox 25, Firefox ESR 24.1, and
Firefox ESR 17.0.10.(CVE-2013-1739)
*
MFSA 2013-95 / CVE-2013-5604: Security researcher Abhishek Arya
(Inferno) of the Google Chrome Security Team used the Address
Sanitizer tool to discover an access violation due to uninitialized
data during Extensible Stylesheet Language Transformation (XSLT)
processing. This leads to a potentially exploitable crash.
*
MFSA 2013-96 / CVE-2013-5595: Compiler Engineer Dan Gohman of Google
discovered a flaw in the JavaScript engine where memory was being
incorrectly allocated for some functions and the calls for
allocations were not always properly checked for overflow, leading to
potential buffer overflows. When combined with other vulnerabilities,
these flaws could be potentially exploitable.
*
MFSA 2013-98 / CVE-2013-5597: Security researcher Byoungyoung Lee of
Georgia Tech Information Security Center (GTISC) used the Address
Sanitizer tool to discover a use-after-free during state change
events while updating the offline cache. This leads to a potentially
exploitable crash.
*
MFSA 2013-100: Security researcher Nils used the Address Sanitizer
tool while fuzzing to discover missing strong references in browsing
engine leading to use-after-frees. This can lead to a potentially
exploitable crash.
o ASAN heap-use-after-free in nsIPresShell::GetPresContext() with
canvas, onresize and mozTextStyle (CVE-2013-5599)
o ASAN use-after-free in
nsIOService::NewChannelFromURIWithProxyFlags with Blob URL
(CVE-2013-5600)
o ASAN use-after free in GC allocation in
nsEventListenerManager::SetEventHandler (CVE-2013-5601)
*
MFSA 2013-101 / CVE-2013-5602: Security researcher Nils used the
Address Sanitizer tool while fuzzing to discover a memory corruption
issue with the JavaScript engine when using workers with direct
proxies. This results in a potentially exploitable crash.
Security Issue reference:
* CVE-2013-1739
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1739>
SUSE bug 847708CVE-2013-1739 at SUSECVE-2013-1739 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This updates the Mozilla Firefox browser to the 24.3.0ESR security release.
The Mozilla NSS libraries are now on version 3.15.4.
The following security issues have been fixed:
*
MFSA 2014-01: Memory safety bugs fixed in Firefox ESR 24.3 and
Firefox 27.0 (CVE-2014-1477)(bnc#862345)
*
MFSA 2014-02: Using XBL scopes its possible to steal(clone) native
anonymous content (CVE-2014-1479)(bnc#862348)
*
MFSA 2014-03: Download 'open file' dialog delay is too quick, doesn't
prevent clickjacking (CVE-2014-1480)
*
MFSA 2014-04: Image decoding causing FireFox to crash with Goo Create
(CVE-2014-1482)(bnc#862356)
*
MFSA 2014-05: caretPositionFromPoint and elementFromPoint leak
information about iframe contents via timing information
(CVE-2014-1483)(bnc#862360)
*
MFSA 2014-06: Fennec leaks profile path to logcat (CVE-2014-1484)
*
MFSA 2014-07: CSP should block XSLT as script, not as style
(CVE-2014-1485)
*
MFSA 2014-08: imgRequestProxy Use-After-Free Remote Code Execution
Vulnerability (CVE-2014-1486)
*
MFSA 2014-09: Cross-origin information disclosure with error message
of Web Workers (CVE-2014-1487)
*
MFSA 2014-10: settings & history ID bug (CVE-2014-1489)
*
MFSA 2014-11: Firefox reproducibly crashes when using asm.js code in
workers and transferable objects (CVE-2014-1488)
*
MFSA 2014-12: TOCTOU, potential use-after-free in libssl's session
ticket processing (CVE-2014-1490)(bnc#862300) Do not allow p-1 as a
public DH value (CVE-2014-1491)(bnc#862289)
*
MFSA 2014-13: Inconsistent this value when invoking getters on window
(CVE-2014-1481)(bnc#862309)
Security Issue references:
* CVE-2014-1477
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1477>
* CVE-2014-1479
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1479>
* CVE-2014-1480
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1480>
* CVE-2014-1481
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1481>
* CVE-2014-1482
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1482>
* CVE-2014-1483
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1483>
* CVE-2014-1484
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1484>
* CVE-2014-1485
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1485>
* CVE-2014-1486
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1486>
* CVE-2014-1487
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1487>
* CVE-2014-1488
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1488>
* CVE-2014-1489
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1489>
* CVE-2014-1490
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1490>
* CVE-2014-1491
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1491>
SUSE bug 859055SUSE bug 861847CVE-2014-1477 at SUSECVE-2014-1477 at NVDCVE-2014-1479 at SUSECVE-2014-1479 at NVDCVE-2014-1480 at SUSECVE-2014-1480 at NVDCVE-2014-1481 at SUSECVE-2014-1481 at NVDCVE-2014-1482 at SUSECVE-2014-1482 at NVDCVE-2014-1483 at SUSECVE-2014-1483 at NVDCVE-2014-1484 at SUSECVE-2014-1484 at NVDCVE-2014-1485 at SUSECVE-2014-1485 at NVDCVE-2014-1486 at SUSECVE-2014-1486 at NVDCVE-2014-1487 at SUSECVE-2014-1487 at NVDCVE-2014-1488 at SUSECVE-2014-1488 at NVDCVE-2014-1489 at SUSECVE-2014-1489 at NVDCVE-2014-1490 at SUSECVE-2014-1490 at NVDCVE-2014-1491 at SUSECVE-2014-1491 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Mozilla Firefox was updated to 24.4.0ESR release, fixing various security
issues and bugs:
*
MFSA 2014-15: Mozilla developers and community identified identified
and fixed several memory safety bugs in the browser engine used in
Firefox and other Mozilla-based products. Some of these bugs showed
evidence of memory corruption under certain circumstances, and we
presume that with enough effort at least some of these could be
exploited to run arbitrary code.
*
Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij, Jesse Ruderman,
Dan Gohman, and Christoph Diehl reported memory safety problems and
crashes that affect Firefox ESR 24.3 and Firefox 27. (CVE-2014-1493)
*
Gregor Wagner, Olli Pettay, Gary Kwong, Jesse Ruderman, Luke Wagner,
Rob Fletcher, and Makoto Kato reported memory safety problems and
crashes that affect Firefox 27. (CVE-2014-1494)
*
MFSA 2014-16 / CVE-2014-1496: Security researcher Ash reported an
issue where the extracted files for updates to existing files are not
read only during the update process. This allows for the potential
replacement or modification of these files during the update process
if a malicious application is present on the local system.
*
MFSA 2014-17 / CVE-2014-1497: Security researcher Atte Kettunen from
OUSPG reported an out of bounds read during the decoding of WAV
format audio files for playback. This could allow web content access
to heap data as well as causing a crash.
*
MFSA 2014-18 / CVE-2014-1498: Mozilla developer David Keeler reported
that the crypto.generateCRFMRequest method did not correctly validate
the key type of the KeyParams argument when generating ec-dual-use
requests. This could lead to a crash and a denial of service (DOS)
attack.
*
MFSA 2014-19 / CVE-2014-1499: Mozilla developer Ehsan Akhgari
reported a spoofing attack where the permission prompt for a WebRTC
session can appear to be from a different site than its actual
originating site if a timed navigation occurs during the prompt
generation. This allows an attacker to potentially gain access to the
webcam or microphone by masquerading as another site and gaining user
permission through spoofing.
*
MFSA 2014-20 / CVE-2014-1500: Security researchers Tim Philipp
Schaefers and Sebastian Neef, the team of Internetwache.org, reported
a mechanism using JavaScript onbeforeunload events with page
navigation to prevent users from closing a malicious page's tab and
causing the browser to become unresponsive. This allows for a denial
of service (DOS) attack due to resource consumption and blocks the
ability of users to exit the application.
*
MFSA 2014-21 / CVE-2014-1501: Security researcher Alex Infuehr
reported that on Firefox for Android it is possible to open links to
local files from web content by selecting 'Open Link in New Tab' from
the context menu using the file: protocol. The web content would have
to know the precise location of a malicious local file in order to
exploit this issue. This issue does not affect Firefox on non-Android
systems.
*
MFSA 2014-22 / CVE-2014-1502: Mozilla developer Jeff Gilbert
discovered a mechanism where a malicious site with WebGL content
could inject content from its context to that of another site's WebGL
context, causing the second site to replace textures and similar
content. This cannot be used to steal data but could be used to
render arbitrary content in these limited circumstances.
*
MFSA 2014-23 / CVE-2014-1504: Security researcher Nicolas Golubovic
reported that the Content Security Policy (CSP) of data: documents
was not saved as part of session restore. If an attacker convinced a
victim to open a document from a data: URL injected onto a page, this
can lead to a Cross-Site Scripting (XSS) attack. The target page may
have a strict CSP that protects against this XSS attack, but if the
attacker induces a browser crash with another bug, an XSS attack
would occur during session restoration, bypassing the CSP on the
site.
*
MFSA 2014-26 / CVE-2014-1508: Security researcher Tyson Smith and
Jesse Schwartzentruber of the BlackBerry Security Automated Analysis
Team used the Address Sanitizer tool while fuzzing to discover an
out-of-bounds read during polygon rendering in MathML. This can allow
web content to potentially read protected memory addresses. In
combination with previous techniques used for SVG timing attacks,
this could allow for text values to be read across domains, leading
to information disclosure.
*
MFSA 2014-27 / CVE-2014-1509: Security researcher John Thomson
discovered a memory corruption in the Cairo graphics library during
font rendering of a PDF file for display. This memory corruption
leads to a potentially exploitable crash and to a denial of service
(DOS). This issues is not able to be triggered in a default
configuration and would require a malicious extension to be
installed.
*
MFSA 2014-28 / CVE-2014-1505: Mozilla developer Robert O'Callahan
reported a mechanism for timing attacks involving SVG filters and
displacements input to feDisplacementMap. This allows displacements
to potentially be correlated with values derived from content. This
is similar to the previously reported techniques used for SVG timing
attacks and could allow for text values to be read across domains,
leading to information disclosure.
*
MFSA 2014-29 / CVE-2014-1510 / CVE-2014-1511: Security researcher
Mariusz Mlynski, via TippingPoint's Pwn2Own contest, reported that it
is possible for untrusted web content to load a chrome-privileged
page by getting JavaScript-implemented WebIDL to call window.open().
A second bug allowed the bypassing of the popup-blocker without user
interaction. Combined these two bugs allow an attacker to load a
JavaScript URL that is executed with the full privileges of the
browser, which allows arbitrary code execution.
*
MFSA 2014-30 / CVE-2014-1512: Security research firm VUPEN, via
TippingPoint's Pwn2Own contest, reported that memory pressure during
Garbage Collection could lead to memory corruption of TypeObjects in
the JS engine, resulting in an exploitable use-after-free condition.
*
MFSA 2014-31 / CVE-2014-1513: Security researcher Jueri Aedla, via
TippingPoint's Pwn2Own contest, reported that TypedArrayObject does
not handle the case where ArrayBuffer objects are neutered, setting
their length to zero while still in use. This leads to out-of-bounds
reads and writes into the JavaScript heap, allowing for arbitrary
code execution.
*
MFSA 2014-32 / CVE-2014-1514: Security researcher George Hotz, via
TippingPoint's Pwn2Own contest, discovered an issue where values are
copied from an array into a second, neutered array. This allows for
an out-of-bounds write into memory, causing an exploitable crash
leading to arbitrary code execution.
SUSE bug 868603CVE-2014-1493 at SUSECVE-2014-1493 at NVDCVE-2014-1494 at SUSECVE-2014-1494 at NVDCVE-2014-1496 at SUSECVE-2014-1496 at NVDCVE-2014-1497 at SUSECVE-2014-1497 at NVDCVE-2014-1498 at SUSECVE-2014-1498 at NVDCVE-2014-1499 at SUSECVE-2014-1499 at NVDCVE-2014-1500 at SUSECVE-2014-1500 at NVDCVE-2014-1501 at SUSECVE-2014-1501 at NVDCVE-2014-1502 at SUSECVE-2014-1502 at NVDCVE-2014-1504 at SUSECVE-2014-1504 at NVDCVE-2014-1505 at SUSECVE-2014-1505 at NVDCVE-2014-1508 at SUSECVE-2014-1508 at NVDCVE-2014-1509 at SUSECVE-2014-1509 at NVDCVE-2014-1510 at SUSECVE-2014-1510 at NVDCVE-2014-1511 at SUSECVE-2014-1511 at NVDCVE-2014-1512 at SUSECVE-2014-1512 at NVDCVE-2014-1513 at SUSECVE-2014-1513 at NVDCVE-2014-1514 at SUSECVE-2014-1514 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Mozilla Firefox has been updated to the 24.7ESR security release.
Security issues fixed in this release:
* CVE-2014-1544 -
https://www.mozilla.org/security/announce/2014/mfsa2014-63.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-63.html>
* CVE-2014-1548 -
https://www.mozilla.org/security/announce/2014/mfsa2014-56.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-56.html>
* CVE-2014-1549 -
https://www.mozilla.org/security/announce/2014/mfsa2014-57.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-57.html>
* CVE-2014-1550 -
https://www.mozilla.org/security/announce/2014/mfsa2014-58.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-58.html>
* CVE-2014-1551 -
https://www.mozilla.org/security/announce/2014/mfsa2014-59.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-59.html>
* CVE-2014-1552 -
https://www.mozilla.org/security/announce/2014/mfsa2014-66.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-66.html>
* CVE-2014-1555 -
https://www.mozilla.org/security/announce/2014/mfsa2014-61.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-61.html>
* CVE-2014-1556 -
https://www.mozilla.org/security/announce/2014/mfsa2014-62.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-62.html>
* CVE-2014-1557 -
https://www.mozilla.org/security/announce/2014/mfsa2014-64.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-64.html>
* CVE-2014-1558,CVE-2014-1559,CVE-2014-1560 -
https://www.mozilla.org/security/announce/2014/mfsa2014-65.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-65.html>
* CVE-2014-1561 -
https://www.mozilla.org/security/announce/2014/mfsa2014-60.html
<https://www.mozilla.org/security/announce/2014/mfsa2014-60.html>
Security Issues:
* CVE-2014-1557
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1557>
* CVE-2014-1547
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1547>
* CVE-2014-1548
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1548>
* CVE-2014-1556
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1556>
* CVE-2014-1544
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544>
* CVE-2014-1555
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1555>
SUSE bug 887746CVE-2014-1544 at SUSECVE-2014-1544 at NVDCVE-2014-1547 at SUSECVE-2014-1547 at NVDCVE-2014-1548 at SUSECVE-2014-1548 at NVDCVE-2014-1555 at SUSECVE-2014-1555 at NVDCVE-2014-1556 at SUSECVE-2014-1556 at NVDCVE-2014-1557 at SUSECVE-2014-1557 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Mozilla Firefox was updated to the 24.8.0ESR release, fixing security
issues and bugs.
Only some of the published security advisories affect the Mozilla Firefox
24ESR codestream:
* MFSA 2014-72 / CVE-2014-1567: Security researcher regenrecht
reported, via TippingPoint's Zero Day Initiative, a use-after-free
during text layout when interacting with the setting of text
direction. This results in a use-after-free which can lead to
arbitrary code execution.
* MFSA 2014-67: Mozilla developers and community identified and fixed
several memory safety bugs in the browser engine used in Firefox and
other Mozilla-based products. Some of these bugs showed evidence of
memory corruption under certain circumstances, and we presume that
with enough effort at least some of these could be exploited to run
arbitrary code.
* Jan de Mooij reported a memory safety problem that affects Firefox
ESR 24.7, ESR 31 and Firefox 31. (CVE-2014-1562)
More information is referenced on:
https://www.mozilla.org/security/announce/
<https://www.mozilla.org/security/announce/> .
Security Issues:
* CVE-2014-1562
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562>
* CVE-2014-1567
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567>
SUSE bug 894370CVE-2014-1562 at SUSECVE-2014-1562 at NVDCVE-2014-1567 at SUSECVE-2014-1567 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Mozilla Firefox has been updated to the 31.3ESR release fixing bugs and
security issues.
*
MFSA 2014-83 / CVE-2014-1588 / CVE-2014-1587: Mozilla developers and
community identified and fixed several memory safety bugs in the
browser engine used in Firefox and other Mozilla-based products. Some
of these bugs showed evidence of memory corruption under certain
circumstances, and we presume that with enough effort at least some
of these could be exploited to run arbitrary code.
*
MFSA 2014-85 / CVE-2014-1590: Security researcher Joe Vennix from
Rapid7 reported that passing a JavaScript object to XMLHttpRequest
that mimics an input stream will a crash. This crash is not
exploitable and can only be used for denial of service attacks.
*
MFSA 2014-87 / CVE-2014-1592: Security researcher Berend-Jan Wever
reported a use-after-free created by triggering the creation of a
second root element while parsing HTML written to a document created
with document.open(). This leads to a potentially exploitable crash.
*
MFSA 2014-88 / CVE-2014-1593: Security researcher Abhishek Arya
(Inferno) of the Google Chrome Security Team used the Address
Sanitizer tool to discover a buffer overflow during the parsing of
media content. This leads to a potentially exploitable crash.
*
MFSA 2014-89 / CVE-2014-1594: Security researchers Byoungyoung Lee,
Chengyu Song, and Taesoo Kim at the Georgia Tech Information Security
Center (GTISC) reported a bad casting from the BasicThebesLayer to
BasicContainerLayer, resulting in undefined behavior. This behavior
is potentially exploitable with some compilers but no clear mechanism
to trigger it through web content was identified.
*
MFSA 2014-90 / CVE-2014-1595: Security researcher Kent Howard
reported an Apple issue present in OS X 10.10 (Yosemite) where log
files are created by the CoreGraphics framework of OS X in the /tmp
local directory. These log files contain a record of all inputs into
Mozilla programs during their operation. In versions of OS X from
versions 10.6 through 10.9, the CoreGraphics had this logging ability
but it was turned off by default. In OS X 10.10, this logging was
turned on by default for some applications that use a custom memory
allocator, such as jemalloc, because of an initialization bug in the
framework. This issue has been addressed in Mozilla products by
explicitly turning off the framework's logging of input events. On
vulnerable systems, this issue can result in private data such as
usernames, passwords, and other inputed data being saved to a log
file on the local system.
Security Issues:
* CVE-2014-1587
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1587>
* CVE-2014-1588
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1588>
* CVE-2014-1589
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1589>
* CVE-2014-1590
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1590>
* CVE-2014-1591
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1591>
* CVE-2014-1592
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1592>
* CVE-2014-1593
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1593>
* CVE-2014-1594
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1594>
* CVE-2014-1595
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1595>
SUSE bug 908009CVE-2014-1587 at SUSECVE-2014-1587 at NVDCVE-2014-1588 at SUSECVE-2014-1588 at NVDCVE-2014-1589 at SUSECVE-2014-1589 at NVDCVE-2014-1590 at SUSECVE-2014-1590 at NVDCVE-2014-1591 at SUSECVE-2014-1591 at NVDCVE-2014-1592 at SUSECVE-2014-1592 at NVDCVE-2014-1593 at SUSECVE-2014-1593 at NVDCVE-2014-1594 at SUSECVE-2014-1594 at NVDCVE-2014-1595 at SUSECVE-2014-1595 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Mozilla Firefox has been updated to the 31.4.0ESR release, fixing bugs and
security issues.
Mozilla NSS has been updated to 3.17.3, fixing a security issue and
updating the root certificate list.
For more information, please see
https://www.mozilla.org/en-US/security/advisories/
<https://www.mozilla.org/en-US/security/advisories/>
Security Issues:
* CVE-2014-1569
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1569>
* CVE-2014-8634
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8634>
* CVE-2014-8639
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8639>
* CVE-2014-8641
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8641>
* CVE-2014-8638
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8638>
* CVE-2014-8636
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8636>
* CVE-2014-8637
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8637>
* CVE-2014-8640
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8640>
SUSE bug 910647SUSE bug 910669SUSE bug 913064SUSE bug 913066SUSE bug 913067SUSE bug 913068SUSE bug 913102SUSE bug 913103SUSE bug 913104CVE-2014-1569 at SUSECVE-2014-1569 at NVDCVE-2014-8634 at SUSECVE-2014-8634 at NVDCVE-2014-8636 at SUSECVE-2014-8636 at NVDCVE-2014-8637 at SUSECVE-2014-8637 at NVDCVE-2014-8638 at SUSECVE-2014-8638 at NVDCVE-2014-8639 at SUSECVE-2014-8639 at NVDCVE-2014-8640 at SUSECVE-2014-8640 at NVDCVE-2014-8641 at SUSECVE-2014-8641 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
MozillaFirefox was updated to the 31.5.3ESR release to fix two security
vulnerabilities:
*
MFSA 2015-29 / CVE-2015-0817: Security researcher ilxu1a reported,
through HP Zero Day Initiative's Pwn2Own contest, a flaw in Mozilla's
implementation of typed array bounds checking in JavaScript
just-in-time compilation (JIT) and its management of bounds checking
for heap access. This flaw can be leveraged into the reading and
writing of memory allowing for arbitary code execution on the local
system.
*
MFSA 2015-28 / CVE-2015-0818: Security researcher Mariusz Mlynski
reported, through HP Zero Day Initiative's Pwn2Own contest, a method
to run arbitrary scripts in a privileged context. This bypassed the
same-origin policy protections by using a flaw in the processing of
SVG format content navigation.
Security Issues:
* CVE-2015-0817
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0817>
* CVE-2015-0818
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0818>
SUSE bug 923534CVE-2015-0817 at SUSECVE-2015-0817 at NVDCVE-2015-0818 at SUSECVE-2015-0818 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update to Firefox 31.7.0 ESR fixes the following issues:
*
MFSA 2015-46 (CVE-2015-2708, CVE-2015-2709): Miscellaneous memory
safety hazards (rv:38.0 / rv:31.7). Upstream references: bmo#1120655,
bmo#1143299, bmo#1151139, bmo#1152177, bmo#1111251, bmo#1117977,
bmo#1128064, bmo#1135066, bmo#1143194, bmo#1146101, bmo#1149526,
bmo#1153688, bmo#1155474.
*
MFSA 2015-47 (CVE-2015-0797): Buffer overflow parsing H.264 video
with Linux Gstreamer. Upstream references: bmo#1080995.
*
MFSA 2015-48 (CVE-2015-2710): Buffer overflow with SVG content and
CSS. Upstream references: bmo#1149542.
*
MFSA 2015-51 (CVE-2015-2713): Use-after-free during text processing
with vertical text enabled. Upstream references: bmo#1153478.
*
MFSA 2015-54 (CVE-2015-2716): Buffer overflow when parsing compressed
XML. Upstream references: bmo#1140537.
Security Issues:
* CVE-2015-0797
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0797>
* CVE-2015-2708
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2708>
* CVE-2015-2709
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2709>
* CVE-2015-2710
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2710>
* CVE-2015-2713
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2713>
* CVE-2015-2716
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2716>
SUSE bug 930622CVE-2015-0797 at SUSECVE-2015-0797 at NVDCVE-2015-2708 at SUSECVE-2015-2708 at NVDCVE-2015-2709 at SUSECVE-2015-2709 at NVDCVE-2015-2710 at SUSECVE-2015-2710 at NVDCVE-2015-2713 at SUSECVE-2015-2713 at NVDCVE-2015-2716 at SUSECVE-2015-2716 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox, mozilla-nspr (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Mozilla Firefox was updated to version 38.3.0 ESR (bsc#947003),
fixing bugs and security issues.
* MFSA 2015-96/CVE-2015-4500/CVE-2015-4501
Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)
* MFSA 2015-101/CVE-2015-4506
Buffer overflow in libvpx while parsing vp9 format video
* MFSA 2015-105/CVE-2015-4511
Buffer overflow while decoding WebM video
* MFSA 2015-106/CVE-2015-4509
Use-after-free while manipulating HTML media content
* MFSA 2015-110/CVE-2015-4519
Dragging and dropping images exposes final URL after
redirects
* MFSA 2015-111/CVE-2015-4520
Errors in the handling of CORS preflight request headers
* MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522
CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177
CVE-2015-7180
Vulnerabilities found through code inspection
More details can be found on
https://www.mozilla.org/en-US/security/advisories/
The Mozilla NSPR library was updated to version 4.10.9, fixing various bugs.
ImportantSUSE bug 947003CVE-2015-4500 at SUSECVE-2015-4500 at NVDCVE-2015-4501 at SUSECVE-2015-4501 at NVDCVE-2015-4506 at SUSECVE-2015-4506 at NVDCVE-2015-4509 at SUSECVE-2015-4509 at NVDCVE-2015-4511 at SUSECVE-2015-4511 at NVDCVE-2015-4517 at SUSECVE-2015-4517 at NVDCVE-2015-4519 at SUSECVE-2015-4519 at NVDCVE-2015-4520 at SUSECVE-2015-4520 at NVDCVE-2015-4521 at SUSECVE-2015-4521 at NVDCVE-2015-4522 at SUSECVE-2015-4522 at NVDCVE-2015-7174 at SUSECVE-2015-7174 at NVDCVE-2015-7175 at SUSECVE-2015-7175 at NVDCVE-2015-7176 at SUSECVE-2015-7176 at NVDCVE-2015-7177 at SUSECVE-2015-7177 at NVDCVE-2015-7180 at SUSECVE-2015-7180 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Mozilla Firefox was updated to version 38.3.0 ESR (bsc#947003),
fixing bugs and security issues.
* MFSA 2015-96/CVE-2015-4500/CVE-2015-4501
Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)
* MFSA 2015-101/CVE-2015-4506
Buffer overflow in libvpx while parsing vp9 format video
* MFSA 2015-105/CVE-2015-4511
Buffer overflow while decoding WebM video
* MFSA 2015-106/CVE-2015-4509
Use-after-free while manipulating HTML media content
* MFSA 2015-110/CVE-2015-4519
Dragging and dropping images exposes final URL after
redirects
* MFSA 2015-111/CVE-2015-4520
Errors in the handling of CORS preflight request headers
* MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522
CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177
CVE-2015-7180
Vulnerabilities found through code inspection
More details can be found on
https://www.mozilla.org/en-US/security/advisories/
ImportantSUSE bug 947003CVE-2015-4500 at SUSECVE-2015-4500 at NVDCVE-2015-4501 at SUSECVE-2015-4501 at NVDCVE-2015-4506 at SUSECVE-2015-4506 at NVDCVE-2015-4509 at SUSECVE-2015-4509 at NVDCVE-2015-4511 at SUSECVE-2015-4511 at NVDCVE-2015-4517 at SUSECVE-2015-4517 at NVDCVE-2015-4519 at SUSECVE-2015-4519 at NVDCVE-2015-4520 at SUSECVE-2015-4520 at NVDCVE-2015-4521 at SUSECVE-2015-4521 at NVDCVE-2015-4522 at SUSECVE-2015-4522 at NVDCVE-2015-7174 at SUSECVE-2015-7174 at NVDCVE-2015-7175 at SUSECVE-2015-7175 at NVDCVE-2015-7176 at SUSECVE-2015-7176 at NVDCVE-2015-7177 at SUSECVE-2015-7177 at NVDCVE-2015-7180 at SUSECVE-2015-7180 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This Mozilla Firefox, NSS and NSPR update fixes the following security
and non security issues.
- mozilla-nspr was updated to version 4.10.10 (bsc#952810)
* MFSA 2015-133/CVE-2015-7183
(bmo#1205157)
NSPR memory corruption issues
- mozilla-nss was updated to 3.19.2.1 (bsc#952810)
* MFSA 2015-133/CVE-2015-7181/CVE-2015-7182
(bmo#1192028, bmo#1202868)
NSS and NSPR memory corruption issues
- MozillaFirefox was updated to 38.4.0 ESR (bsc#952810)
* MFSA 2015-116/CVE-2015-4513
(bmo#1107011, bmo#1191942, bmo#1193038, bmo#1204580,
bmo#1204669, bmo#1204700, bmo#1205707, bmo#1206564,
bmo#1208665, bmo#1209471, bmo#1213979)
Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)
* MFSA 2015-122/CVE-2015-7188
(bmo#1199430)
Trailing whitespace in IP address hostnames can bypass
same-origin policy
* MFSA 2015-123/CVE-2015-7189
(bmo#1205900)
Buffer overflow during image interactions in canvas
* MFSA 2015-127/CVE-2015-7193
(bmo#1210302)
CORS preflight is bypassed when non-standard Content-Type
headers are received
* MFSA 2015-128/CVE-2015-7194
(bmo#1211262)
Memory corruption in libjar through zip files
* MFSA 2015-130/CVE-2015-7196
(bmo#1140616)
JavaScript garbage collection crash with Java applet
* MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
(bmo#1204061, bmo#1188010, bmo#1204155)
Vulnerabilities found through code inspection
* MFSA 2015-132/CVE-2015-7197
(bmo#1204269)
Mixed content WebSocket policy bypass through workers
* MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183
(bmo#1202868, bmo#1192028, bmo#1205157)
NSS and NSPR memory corruption issues
- fix printing on landscape media (bsc#908275)
ImportantSUSE bug 908275SUSE bug 952810CVE-2015-4513 at SUSECVE-2015-4513 at NVDCVE-2015-7181 at SUSECVE-2015-7181 at NVDCVE-2015-7182 at SUSECVE-2015-7182 at NVDCVE-2015-7183 at SUSECVE-2015-7183 at NVDCVE-2015-7188 at SUSECVE-2015-7188 at NVDCVE-2015-7189 at SUSECVE-2015-7189 at NVDCVE-2015-7193 at SUSECVE-2015-7193 at NVDCVE-2015-7194 at SUSECVE-2015-7194 at NVDCVE-2015-7196 at SUSECVE-2015-7196 at NVDCVE-2015-7197 at SUSECVE-2015-7197 at NVDCVE-2015-7198 at SUSECVE-2015-7198 at NVDCVE-2015-7199 at SUSECVE-2015-7199 at NVDCVE-2015-7200 at SUSECVE-2015-7200 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox and mozilla-nss fixes the following issues:
Mozilla Firefox was updated to ESR 52.4 (bsc#1060445)
* MFSA 2017-22/CVE-2017-7825: OS X fonts render some Tibetan and Arabic unicode characters as spaces
* MFSA 2017-22/CVE-2017-7805: Use-after-free in TLS 1.2 generating handshake hashes
* MFSA 2017-22/CVE-2017-7819: Use-after-free while resizing images in design mode
* MFSA 2017-22/CVE-2017-7818: Use-after-free during ARIA array manipulation
* MFSA 2017-22/CVE-2017-7793: Use-after-free with Fetch API
* MFSA 2017-22/CVE-2017-7824: Buffer overflow when drawing and validating elements with ANGLE
* MFSA 2017-22/CVE-2017-7810: Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4
* MFSA 2017-22/CVE-2017-7823: CSP sandbox directive did not create a unique origin
* MFSA 2017-22/CVE-2017-7814: Blob and data URLs bypass phishing and malware protection warnings
Mozilla Network Security Services (Mozilla NSS) received a security fix:
* MFSA 2017-22/CVE-2017-7805: Use-after-free in TLS 1.2 generating handshake hashes (bsc#1061005, bsc#1060445)
ImportantSUSE bug 1060445SUSE bug 1061005CVE-2017-7793 at SUSECVE-2017-7793 at NVDCVE-2017-7805 at SUSECVE-2017-7805 at NVDCVE-2017-7810 at SUSECVE-2017-7810 at NVDCVE-2017-7814 at SUSECVE-2017-7814 at NVDCVE-2017-7818 at SUSECVE-2017-7818 at NVDCVE-2017-7819 at SUSECVE-2017-7819 at NVDCVE-2017-7823 at SUSECVE-2017-7823 at NVDCVE-2017-7824 at SUSECVE-2017-7824 at NVDCVE-2017-7825 at SUSECVE-2017-7825 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for MozillaFirefox, firefox-glib2, firefox-gtk3 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox, firefox-glib2, firefox-gtk3 fixes the following issues:
Mozilla Firefox was updated to the 60.9.0esr release:
Security Advisory MFSA 2019-27:
* Use-after-free while manipulating video
CVE-2019-11746 (bmo#1564449, bsc#1149297)
* XSS by breaking out of title and textarea elements using innerHTML
CVE-2019-11744 (bmo#1562033, bsc#1149297)
* Same-origin policy violation with SVG filters and canvas to steal
cross-origin images
CVE-2019-11742 (bmo#1559715, bsc#1149303)
* Privilege escalation with Mozilla Maintenance Service in custom
Firefox installation location
CVE-2019-11753 (bmo#1574980, bsc#1149295)
* Use-after-free while extracting a key value in IndexedDB
CVE-2019-11752 (bmo#1501152, bsc#1149296)
* Sandbox escape through Firefox Sync
CVE-2019-9812 (bmo#1538008, bmo#1538015, bsc#1149294)
* Cross-origin access to unload event attributes
CVE-2019-11743 (bmo#1560495, bsc#1149298)
Navigation-Timing Level 2 specification
* Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9
CVE-2019-11740 (bmo#1563133, bmo#1573160, bsc#1149299)
- Rebuild glib2 schemas on SLE-11 (bsc#1145550)
Changes in firefox-glib2:
- Fix the rpm macros %glib2_gsettings_schema_* which were replaced with
%nil in Factory because they're no longer needed, but we still need
them in SLE11 (bsc#1145550)
Changes in firefox-gtk3:
- Rebuild so %glib2_gsettings_schema_post gets called with fixed
rpm macros %glib2_gsettings_schema_* in firefox-glib2 package
which were replaced with %nil in Factory because they're no
longer needed, but we still need them in SLE11 (bsc#1145550)
ImportantSUSE bug 1145550SUSE bug 1149294SUSE bug 1149295SUSE bug 1149296SUSE bug 1149297SUSE bug 1149298SUSE bug 1149299SUSE bug 1149303CVE-2019-11740 at SUSECVE-2019-11740 at NVDCVE-2019-11742 at SUSECVE-2019-11742 at NVDCVE-2019-11743 at SUSECVE-2019-11743 at NVDCVE-2019-11744 at SUSECVE-2019-11744 at NVDCVE-2019-11746 at SUSECVE-2019-11746 at NVDCVE-2019-11752 at SUSECVE-2019-11752 at NVDCVE-2019-11753 at SUSECVE-2019-11753 at NVDCVE-2019-9812 at SUSECVE-2019-9812 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for Mozilla Firefox (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update contains the Mozilla Firefox ESR 68.2 release.
Mozilla Firefox was updated to ESR 68.2 release:
* Enterprise: New administrative policies were added. More
information and templates are available at the Policy
Templates page.
* Various security fixes:
MFSA 2019-33 (bsc#1154738)
* CVE-2019-15903: Heap overflow in expat library in XML_GetCurrentLineNumber
* CVE-2019-11757: Use-after-free when creating index updates in IndexedDB
* CVE-2019-11758: Potentially exploitable crash due to 360 Total Security
* CVE-2019-11759: Stack buffer overflow in HKDF output
* CVE-2019-11760: Stack buffer overflow in WebRTC networking
* CVE-2019-11761: Unintended access to a privileged JSONView object
* CVE-2019-11762: document.domain-based origin isolation has same-origin- property violation
* CVE-2019-11763: Incorrect HTML parsing results in XSS bypass technique
* CVE-2019-11764: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2
Other Issues resolved:
* [bsc#1104841] Newer versions of firefox have a dependency on
GLIBCXX_3.4.20
* [bsc#1074235] MozillaFirefox: background tab crash reports sent
inadvertently without user opt-in
* [bsc#1043008] Firefox hangs randomly when browsing and
scrolling
* [bsc#1025108] Firefox stops loading page until mouse is moved
* [bsc#905528] Firefox malfunctions due to broken omni.ja
archives
ImportantSUSE bug 1000036SUSE bug 1001652SUSE bug 1025108SUSE bug 1029377SUSE bug 1029902SUSE bug 1040164SUSE bug 104105SUSE bug 1042670SUSE bug 1043008SUSE bug 1044946SUSE bug 1047925SUSE bug 1047936SUSE bug 1048299SUSE bug 1049186SUSE bug 1050653SUSE bug 1056058SUSE bug 1058013SUSE bug 1066242SUSE bug 1066953SUSE bug 1070738SUSE bug 1070853SUSE bug 1072320SUSE bug 1072322SUSE bug 1073796SUSE bug 1073798SUSE bug 1073799SUSE bug 1073803SUSE bug 1073808SUSE bug 1073818SUSE bug 1073823SUSE bug 1073829SUSE bug 1073830SUSE bug 1073832SUSE bug 1073846SUSE bug 1074235SUSE bug 1077230SUSE bug 1079761SUSE bug 1081750SUSE bug 1082318SUSE bug 1087453SUSE bug 1087459SUSE bug 1087463SUSE bug 1088573SUSE bug 1091764SUSE bug 1094814SUSE bug 1097158SUSE bug 1097375SUSE bug 1097401SUSE bug 1097404SUSE bug 1097748SUSE bug 1104841SUSE bug 1105019SUSE bug 1107030SUSE bug 1109465SUSE bug 1117473SUSE bug 1117626SUSE bug 1117627SUSE bug 1117629SUSE bug 1117630SUSE bug 1120644SUSE bug 1122191SUSE bug 1123482SUSE bug 1124525SUSE bug 1127532SUSE bug 1129346SUSE bug 1130694SUSE bug 1130840SUSE bug 1133452SUSE bug 1133810SUSE bug 1134209SUSE bug 1138459SUSE bug 1140290SUSE bug 1140868SUSE bug 1141853SUSE bug 1144919SUSE bug 1145665SUSE bug 1146090SUSE bug 1146091SUSE bug 1146093SUSE bug 1146094SUSE bug 1146095SUSE bug 1146097SUSE bug 1146099SUSE bug 1146100SUSE bug 1149323SUSE bug 1153423SUSE bug 1154738SUSE bug 1447070SUSE bug 1447409SUSE bug 744625SUSE bug 744629SUSE bug 845955SUSE bug 865853SUSE bug 905528SUSE bug 917607SUSE bug 935856SUSE bug 937414SUSE bug 947747SUSE bug 948045SUSE bug 948602SUSE bug 955142SUSE bug 957814SUSE bug 957815SUSE bug 961254SUSE bug 962297SUSE bug 966076SUSE bug 966077SUSE bug 985201SUSE bug 986541SUSE bug 991344SUSE bug 998743CVE-2013-2882 at SUSECVE-2013-2882 at NVDCVE-2013-6639 at SUSECVE-2013-6639 at NVDCVE-2013-6640 at SUSECVE-2013-6640 at NVDCVE-2013-6668 at SUSECVE-2013-6668 at NVDCVE-2014-0224 at SUSECVE-2014-0224 at NVDCVE-2015-3193 at SUSECVE-2015-3193 at NVDCVE-2015-3194 at SUSECVE-2015-3194 at NVDCVE-2015-5380 at SUSECVE-2015-5380 at NVDCVE-2015-7384 at SUSECVE-2015-7384 at NVDCVE-2016-2086 at SUSECVE-2016-2086 at NVDCVE-2016-2178 at SUSECVE-2016-2178 at NVDCVE-2016-2183 at SUSECVE-2016-2183 at NVDCVE-2016-2216 at SUSECVE-2016-2216 at NVDCVE-2016-5172 at SUSECVE-2016-5172 at NVDCVE-2016-5325 at SUSECVE-2016-5325 at NVDCVE-2016-6304 at SUSECVE-2016-6304 at NVDCVE-2016-6306 at SUSECVE-2016-6306 at NVDCVE-2016-7052 at SUSECVE-2016-7052 at NVDCVE-2016-7099 at SUSECVE-2016-7099 at NVDCVE-2017-1000381 at SUSECVE-2017-1000381 at NVDCVE-2017-10686 at SUSECVE-2017-10686 at NVDCVE-2017-11111 at SUSECVE-2017-11111 at NVDCVE-2017-11499 at SUSECVE-2017-11499 at NVDCVE-2017-14228 at SUSECVE-2017-14228 at NVDCVE-2017-14849 at SUSECVE-2017-14849 at NVDCVE-2017-14919 at SUSECVE-2017-14919 at NVDCVE-2017-15896 at SUSECVE-2017-15896 at NVDCVE-2017-15897 at SUSECVE-2017-15897 at NVDCVE-2017-17810 at SUSECVE-2017-17810 at NVDCVE-2017-17811 at SUSECVE-2017-17811 at NVDCVE-2017-17812 at SUSECVE-2017-17812 at NVDCVE-2017-17813 at SUSECVE-2017-17813 at NVDCVE-2017-17814 at SUSECVE-2017-17814 at NVDCVE-2017-17815 at SUSECVE-2017-17815 at NVDCVE-2017-17816 at SUSECVE-2017-17816 at NVDCVE-2017-17817 at SUSECVE-2017-17817 at NVDCVE-2017-17818 at SUSECVE-2017-17818 at NVDCVE-2017-17819 at SUSECVE-2017-17819 at NVDCVE-2017-17820 at SUSECVE-2017-17820 at NVDCVE-2017-18207 at SUSECVE-2017-18207 at NVDCVE-2017-3735 at SUSECVE-2017-3735 at NVDCVE-2017-3736 at SUSECVE-2017-3736 at NVDCVE-2017-3738 at SUSECVE-2017-3738 at NVDCVE-2018-0732 at SUSECVE-2018-0732 at NVDCVE-2018-1000168 at SUSECVE-2018-1000168 at NVDCVE-2018-12115 at SUSECVE-2018-12115 at NVDCVE-2018-12116 at SUSECVE-2018-12116 at NVDCVE-2018-12121 at SUSECVE-2018-12121 at NVDCVE-2018-12122 at SUSECVE-2018-12122 at NVDCVE-2018-12123 at SUSECVE-2018-12123 at NVDCVE-2018-20406 at SUSECVE-2018-20406 at NVDCVE-2018-20852 at SUSECVE-2018-20852 at NVDCVE-2018-7158 at SUSECVE-2018-7158 at NVDCVE-2018-7159 at SUSECVE-2018-7159 at NVDCVE-2018-7160 at SUSECVE-2018-7160 at NVDCVE-2018-7161 at SUSECVE-2018-7161 at NVDCVE-2018-7167 at SUSECVE-2018-7167 at NVDCVE-2019-10160 at SUSECVE-2019-10160 at NVDCVE-2019-11709 at SUSECVE-2019-11709 at NVDCVE-2019-11710 at SUSECVE-2019-11710 at NVDCVE-2019-11711 at SUSECVE-2019-11711 at NVDCVE-2019-11712 at SUSECVE-2019-11712 at NVDCVE-2019-11713 at SUSECVE-2019-11713 at NVDCVE-2019-11714 at SUSECVE-2019-11714 at NVDCVE-2019-11715 at SUSECVE-2019-11715 at NVDCVE-2019-11716 at SUSECVE-2019-11716 at NVDCVE-2019-11717 at SUSECVE-2019-11717 at NVDCVE-2019-11718 at SUSECVE-2019-11718 at NVDCVE-2019-11719 at SUSECVE-2019-11719 at NVDCVE-2019-11720 at SUSECVE-2019-11720 at NVDCVE-2019-11721 at SUSECVE-2019-11721 at NVDCVE-2019-11723 at SUSECVE-2019-11723 at NVDCVE-2019-11724 at SUSECVE-2019-11724 at NVDCVE-2019-11725 at SUSECVE-2019-11725 at NVDCVE-2019-11727 at SUSECVE-2019-11727 at NVDCVE-2019-11728 at SUSECVE-2019-11728 at NVDCVE-2019-11729 at SUSECVE-2019-11729 at NVDCVE-2019-11730 at SUSECVE-2019-11730 at NVDCVE-2019-11733 at SUSECVE-2019-11733 at NVDCVE-2019-11735 at SUSECVE-2019-11735 at NVDCVE-2019-11736 at SUSECVE-2019-11736 at NVDCVE-2019-11738 at SUSECVE-2019-11738 at NVDCVE-2019-11740 at SUSECVE-2019-11740 at NVDCVE-2019-11742 at SUSECVE-2019-11742 at NVDCVE-2019-11743 at SUSECVE-2019-11743 at NVDCVE-2019-11744 at SUSECVE-2019-11744 at NVDCVE-2019-11746 at SUSECVE-2019-11746 at NVDCVE-2019-11747 at SUSECVE-2019-11747 at NVDCVE-2019-11748 at SUSECVE-2019-11748 at NVDCVE-2019-11749 at SUSECVE-2019-11749 at NVDCVE-2019-11750 at SUSECVE-2019-11750 at NVDCVE-2019-11751 at SUSECVE-2019-11751 at NVDCVE-2019-11752 at SUSECVE-2019-11752 at NVDCVE-2019-11753 at SUSECVE-2019-11753 at NVDCVE-2019-11757 at SUSECVE-2019-11757 at NVDCVE-2019-11758 at SUSECVE-2019-11758 at NVDCVE-2019-11759 at SUSECVE-2019-11759 at NVDCVE-2019-11760 at SUSECVE-2019-11760 at NVDCVE-2019-11761 at SUSECVE-2019-11761 at NVDCVE-2019-11762 at SUSECVE-2019-11762 at NVDCVE-2019-11763 at SUSECVE-2019-11763 at NVDCVE-2019-11764 at SUSECVE-2019-11764 at NVDCVE-2019-13173 at SUSECVE-2019-13173 at NVDCVE-2019-15903 at SUSECVE-2019-15903 at NVDCVE-2019-5010 at SUSECVE-2019-5010 at NVDCVE-2019-5737 at SUSECVE-2019-5737 at NVDCVE-2019-9511 at SUSECVE-2019-9511 at NVDCVE-2019-9512 at SUSECVE-2019-9512 at NVDCVE-2019-9513 at SUSECVE-2019-9513 at NVDCVE-2019-9514 at SUSECVE-2019-9514 at NVDCVE-2019-9515 at SUSECVE-2019-9515 at NVDCVE-2019-9516 at SUSECVE-2019-9516 at NVDCVE-2019-9517 at SUSECVE-2019-9517 at NVDCVE-2019-9518 at SUSECVE-2019-9518 at NVDCVE-2019-9636 at SUSECVE-2019-9636 at NVDCVE-2019-9811 at SUSECVE-2019-9811 at NVDCVE-2019-9812 at SUSECVE-2019-9812 at NVDCVE-2019-9947 at SUSECVE-2019-9947 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox, mozilla-nss, mozilla-nspr (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update contains Mozilla Firefox 60.7ESR.
It brings lots of security fixes and other improvements.
It also includes new additional helper libraries to allow Firefox to run on SUSE Linux Enterprise 11.
ModerateSUSE bug 1137338cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for firefox-harfbuzz (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for firefox-harfbuzz fixes the following issues:
- CVE-2023-25193: Fixed vulnerability that allowed attackers to trigger O(n^2) growth via consecutive marks (bsc#1207922).
ImportantSUSE bug 1207922CVE-2023-25193 at SUSECVE-2023-25193 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for Mozilla FirefoxSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
MozillaFirefox has been updated to the 24.2.0 ESR security release.
This is a major upgrade from the 17 ESR release branch.
Security issues fixed:
* CVE-2013-5611 Application Installation doorhanger persists on
navigation (MFSA 2013-105)
* CVE-2013-5609 Miscellaneous memory safety hazards (rv:24.2) (MFSA
2013-104)
* CVE-2013-5610 Miscellaneous memory safety hazards (rv:26.0) (MFSA
2013-104)
* CVE-2013-5612 Character encoding cross-origin XSS attack (MFSA
2013-106)
* CVE-2013-5614 Sandbox restrictions not applied to nested object
elements (MFSA 2013-107)
* CVE-2013-5616 Use-after-free in event listeners (MFSA 2013-108)
* CVE-2013-5619 Potential overflow in JavaScript binary search
algorithms (MFSA 2013-110)
* CVE-2013-6671 Segmentation violation when replacing ordered list
elements (MFSA 2013-111)
* CVE-2013-6673 Trust settings for built-in roots ignored during EV
certificate validation (MFSA 2013-113)
* CVE-2013-5613 Use-after-free in synthetic mouse movement (MFSA
2013-114)
* CVE-2013-5615 GetElementIC typed array stubs can be generated outside
observed typesets (MFSA 2013-115)
* CVE-2013-6672 Linux clipboard information disclosure though selection
paste (MFSA 2013-112)
* CVE-2013-5618 Use-after-free during Table Editing (MFSA 2013-109)
Security Issue references:
* CVE-2013-5609
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5609>
* CVE-2013-5610
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5610>
* CVE-2013-5611
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5611>
* CVE-2013-5612
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5612>
* CVE-2013-5613
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5613>
* CVE-2013-5614
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5614>
* CVE-2013-5615
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5615>
* CVE-2013-5616
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5616>
* CVE-2013-5618
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5618>
* CVE-2013-5619
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5619>
* CVE-2013-6671
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6671>
* CVE-2013-6672
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6672>
* CVE-2013-6673
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6673>
SUSE bug 854367SUSE bug 854370CVE-2013-5609 at SUSECVE-2013-5609 at NVDCVE-2013-5610 at SUSECVE-2013-5610 at NVDCVE-2013-5611 at SUSECVE-2013-5611 at NVDCVE-2013-5612 at SUSECVE-2013-5612 at NVDCVE-2013-5613 at SUSECVE-2013-5613 at NVDCVE-2013-5614 at SUSECVE-2013-5614 at NVDCVE-2013-5615 at SUSECVE-2013-5615 at NVDCVE-2013-5616 at SUSECVE-2013-5616 at NVDCVE-2013-5618 at SUSECVE-2013-5618 at NVDCVE-2013-5619 at SUSECVE-2013-5619 at NVDCVE-2013-6671 at SUSECVE-2013-6671 at NVDCVE-2013-6672 at SUSECVE-2013-6672 at NVDCVE-2013-6673 at SUSECVE-2013-6673 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefoxSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This version update of Mozilla Firefox to 31.2.0ESR brings improvements,
stability fixes and also security fixes for the following CVEs:
CVE-2014-1574, CVE-2014-1575, CVE-2014-1576 ,CVE-2014-1577, CVE-2014-1578,
CVE-2014-1581, CVE-2014-1583, CVE-2014-1585, CVE-2014-1586
It also disables SSLv3 by default to mitigate the protocol downgrade attack
known as POODLE.
This update fixes some regressions introduced by the previously released
update.
Security Issues:
* CVE-2014-1574
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1574>
* CVE-2014-1575
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1575>
* CVE-2014-1576
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1576>
* CVE-2014-1577
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1577>
* CVE-2014-1578
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1578>
* CVE-2014-1581
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1581>
* CVE-2014-1583
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1583>
* CVE-2014-1585
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1585>
* CVE-2014-1586
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1586>
SUSE bug 900941SUSE bug 905056SUSE bug 905528CVE-2014-1574 at SUSECVE-2014-1574 at NVDCVE-2014-1575 at SUSECVE-2014-1575 at NVDCVE-2014-1576 at SUSECVE-2014-1576 at NVDCVE-2014-1577 at SUSECVE-2014-1577 at NVDCVE-2014-1578 at SUSECVE-2014-1578 at NVDCVE-2014-1581 at SUSECVE-2014-1581 at NVDCVE-2014-1583 at SUSECVE-2014-1583 at NVDCVE-2014-1585 at SUSECVE-2014-1585 at NVDCVE-2014-1586 at SUSECVE-2014-1586 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Mozilla Firefox is being updated to the current Firefox 38ESR branch (specifically the 38.2.0ESR release).
Security issues fixed:
- MFSA 2015-78 / CVE-2015-4495: Same origin violation and local file stealing via PDF reader
- MFSA 2015-79 / CVE-2015-4473/CVE-2015-4474: Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)
- MFSA 2015-80 / CVE-2015-4475: Out-of-bounds read with malformed MP3 file
- MFSA 2015-82 / CVE-2015-4478: Redefinition of non-configurable JavaScript object properties
- MFSA 2015-83 / CVE-2015-4479: Overflow issues in libstagefright
- MFSA 2015-87 / CVE-2015-4484: Crash when using shared memory in JavaScript
- MFSA 2015-88 / CVE-2015-4491: Heap overflow in gdk-pixbuf when scaling bitmap images
- MFSA 2015-89 / CVE-2015-4485/CVE-2015-4486: Buffer overflows on Libvpx when decoding WebM video
- MFSA 2015-90 / CVE-2015-4487/CVE-2015-4488/CVE-2015-4489: Vulnerabilities found through code inspection
- MFSA 2015-92 / CVE-2015-4492: Use-after-free in XMLHttpRequest with shared workers
This update also contains a lot of feature improvements and bug fixes from 31ESR to 38ESR.
Also the Mozilla NSS library switched its CKBI API from 1.98 to 2.4, which is what Firefox 38ESR uses.
ImportantSUSE bug 940806CVE-2015-4473 at SUSECVE-2015-4473 at NVDCVE-2015-4474 at SUSECVE-2015-4474 at NVDCVE-2015-4475 at SUSECVE-2015-4475 at NVDCVE-2015-4478 at SUSECVE-2015-4478 at NVDCVE-2015-4479 at SUSECVE-2015-4479 at NVDCVE-2015-4484 at SUSECVE-2015-4484 at NVDCVE-2015-4485 at SUSECVE-2015-4485 at NVDCVE-2015-4486 at SUSECVE-2015-4486 at NVDCVE-2015-4487 at SUSECVE-2015-4487 at NVDCVE-2015-4488 at SUSECVE-2015-4488 at NVDCVE-2015-4489 at SUSECVE-2015-4489 at NVDCVE-2015-4491 at SUSECVE-2015-4491 at NVDCVE-2015-4492 at SUSECVE-2015-4492 at NVDCVE-2015-4495 at SUSECVE-2015-4495 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for flacSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
flac was updated to fix two security issues:
* Stack overflow may result in arbitrary code execution
(CVE-2014-8962).
* Heap overflow via specially crafted .flac files (CVE-2014-9028).
Security Issues:
* CVE-2014-8962
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8962>
* CVE-2014-9028
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9028>
SUSE bug 906831SUSE bug 907016CVE-2014-8962 at SUSECVE-2014-8962 at NVDCVE-2014-9028 at SUSECVE-2014-9028 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for flac (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for flac fixes the following issues:
- CVE-2021-0561: Fixed out of bound write in append_to_verify_fifo_interleaved_ (bsc#1196660).
ModerateSUSE bug 1196660CVE-2021-0561 at SUSECVE-2021-0561 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for fontconfig (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for fontconfig fixes the following issues:
- security update:
* CVE-2016-5384: Possible double free due to insufficiently validated cache files [bsc#992534]
LowSUSE bug 992534CVE-2016-5384 at SUSECVE-2016-5384 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for foomatic-filters (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes the following security issues:
CVE-2015-8327: adds backtick and semicolon to the list of illegal shell escape characters (bsc#957531).
CVE-2015-8560: fixed code execution via improper escaping of ; (bsc#957531).
ModerateSUSE bug 957531CVE-2015-8327 at SUSECVE-2015-8327 at NVDCVE-2015-8560 at SUSECVE-2015-8560 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for freeradiusSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes a denial of service (crash) security issue rlm_pap hash
processing in FreeRadius, which could have been caused by special passwords
fed into the RLM-PAP password checking method via LDAP by remote attackers.
Security Issue reference:
* CVE-2014-2015
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2015>
SUSE bug 864576CVE-2014-2015 at SUSECVE-2014-2015 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for freeradius-server (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for freeradius-server fixes the following issues:
- CVE-2017-9148: Disable OpenSSL's internal session cache to mitigate
authentication bypass. (bnc#1041445)
- CVE-2015-4680: Add a configuration option to allow checking of all
intermediate certificates for revocations. (bnc#935573)
The following non security issue was fixed:
- Cannot create table radpostauth because of deprecated TIMESTAMP(14) syntax. (bsc#912873)
ModerateSUSE bug 1041445SUSE bug 912873SUSE bug 935573CVE-2015-4680 at SUSECVE-2015-4680 at NVDCVE-2017-9148 at SUSECVE-2017-9148 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for freeradius-server (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for freeradius-server fixes the following issues:
Security issues fixed:
- CVE-2017-10981: DHCP - Fix memory leak in fr_dhcp_decode(). (bnc#1049086)
- CVE-2017-10982: Fix buffer over-read in fr_dhcp_decode_options(). (bsc#1049086)
- CVE-2017-10983: Fix read overflow when decoding option 63. (bnc#1049086)
- CVE-2017-10978: Fix read / write overflow in make_secret(). (bnc#1049086)
- CVE-2017-10979: Fix write overflow in rad_coalesce(). (bsc#1049086)
ModerateSUSE bug 1049086CVE-2017-10978 at SUSECVE-2017-10978 at NVDCVE-2017-10979 at SUSECVE-2017-10979 at NVDCVE-2017-10981 at SUSECVE-2017-10981 at NVDCVE-2017-10982 at SUSECVE-2017-10982 at NVDCVE-2017-10983 at SUSECVE-2017-10983 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for freeradius-server (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for freeradius-server fixes the following issues:
- Moved logrotate options into specific parts for each config as 'global' options
will persist past and clobber global options in the main logrotate config (bsc#1180525)
ModerateSUSE bug 1180525cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for freeradius-server (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for freeradius-server fixes the following issues:
- CVE-2022-41860: Fixed a crash in servers with EAP_SIM manually
configured, which could be triggered via a malformed SIM option
(bsc#1206205).
- CVE-2022-41861: Fixed a server crash that could be triggered by
sending malformed data from a system in the RADIUS circle of trust
(bsc#1206206).
ImportantSUSE bug 1206205SUSE bug 1206206CVE-2022-41860 at SUSECVE-2022-41860 at NVDCVE-2022-41861 at SUSECVE-2022-41861 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for freetype2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update of the freetype2 library fixes two security issues:
- An infinite loop in parse_encoding in t1load.c (CVE-2014-9745, bsc#945849)
- Use of uninitialized memory in ps_parser_load_field, t42_parse_font_matrix and t1_parse_font_matrix (CVE-2014-9747, bsc#947966)
ModerateSUSE bug 945849SUSE bug 947966CVE-2014-9745 at SUSECVE-2014-9745 at NVDCVE-2014-9747 at SUSECVE-2014-9747 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for freetype2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for freetype2 fixes the following issues:
Security issue fixed:
- CVE-2016-10244: The parse_charstrings function in type1/t1load.c did not
ensure that a font contains a glyph name, which allowed remote attackers
to cause a denial of service (heap-based buffer over-read) or possibly
have unspecified other impact via a crafted file (bsc#1028103).
- CVE-2017-8105: Fixed an out-of-bounds write caused by a heap-based
buffer overflow related to the t1_decoder_parse_charstrings function in
psaux/t1decode.ca (bsc#1035807)
- CVE-2017-8287: an out-of-bounds write caused by a heap-based buffer
overflow related to the t1_builder_close_contour function in psaux/psobjs.c
(bsc#1036457)
ModerateSUSE bug 1028103SUSE bug 1035807SUSE bug 1036457CVE-2016-10244 at SUSECVE-2016-10244 at NVDCVE-2017-8105 at SUSECVE-2017-8105 at NVDCVE-2017-8287 at SUSECVE-2017-8287 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for freetype2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for freetype2 fixes the following issues:
Security issue fixed:
- CVE-2016-10328: Fixed heap-based buffer overflow in cff_parser_run function in cff/cffparse.c (bsc#1034191).
ModerateSUSE bug 1034191CVE-2016-10328 at SUSECVE-2016-10328 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for freetype2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for freetype2 fixes the following issues:
- CVE-2015-9381, CVE-2015-9382, CVE-2015-9383: Fixed various invalid memory accesses
when opening a crafted font (bsc#1149384 bsc#1149395 bsc#1149397).
- CVE-2017-8105, CVE-2017-8287: Fixed various invalid memory writes in the type
1 glyph loader (bsc#1035807 bsc#1036457).
ModerateSUSE bug 1035807SUSE bug 1036457SUSE bug 1149384SUSE bug 1149395SUSE bug 1149397CVE-2015-9381 at SUSECVE-2015-9381 at NVDCVE-2015-9382 at SUSECVE-2015-9382 at NVDCVE-2015-9383 at SUSECVE-2015-9383 at NVDCVE-2017-8105 at SUSECVE-2017-8105 at NVDCVE-2017-8287 at SUSECVE-2017-8287 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for freetype2SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The font rendering library freetype2 has been updated to fix various
security issues.
Security Issues:
* CVE-2014-9656
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9656>
* CVE-2014-9657
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9657>
* CVE-2014-9658
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9658>
* CVE-2014-9660
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9660>
* CVE-2014-9661
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9661>
* CVE-2014-9662
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9662>
* CVE-2014-9667
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9667>
* CVE-2014-9666
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9666>
* CVE-2014-9665
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9665>
* CVE-2014-9664
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9664>
* CVE-2014-9663
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9663>
* CVE-2014-9659
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9659>
* CVE-2014-9668
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9668>
* CVE-2014-9669
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9669>
* CVE-2014-9670
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9670>
* CVE-2014-9671
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9671>
* CVE-2014-9672
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9672>
* CVE-2014-9673
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9673>
* CVE-2014-9674
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9674>
* CVE-2014-9675
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9675>
SUSE bug 916856SUSE bug 916857SUSE bug 916858SUSE bug 916859SUSE bug 916861SUSE bug 916863SUSE bug 916864SUSE bug 916865SUSE bug 916870SUSE bug 916871SUSE bug 916872SUSE bug 916873SUSE bug 916874SUSE bug 916879SUSE bug 916881CVE-2014-9656 at SUSECVE-2014-9656 at NVDCVE-2014-9657 at SUSECVE-2014-9657 at NVDCVE-2014-9658 at SUSECVE-2014-9658 at NVDCVE-2014-9659 at SUSECVE-2014-9659 at NVDCVE-2014-9660 at SUSECVE-2014-9660 at NVDCVE-2014-9661 at SUSECVE-2014-9661 at NVDCVE-2014-9662 at SUSECVE-2014-9662 at NVDCVE-2014-9663 at SUSECVE-2014-9663 at NVDCVE-2014-9664 at SUSECVE-2014-9664 at NVDCVE-2014-9665 at SUSECVE-2014-9665 at NVDCVE-2014-9666 at SUSECVE-2014-9666 at NVDCVE-2014-9667 at SUSECVE-2014-9667 at NVDCVE-2014-9668 at SUSECVE-2014-9668 at NVDCVE-2014-9669 at SUSECVE-2014-9669 at NVDCVE-2014-9670 at SUSECVE-2014-9670 at NVDCVE-2014-9671 at SUSECVE-2014-9671 at NVDCVE-2014-9672 at SUSECVE-2014-9672 at NVDCVE-2014-9673 at SUSECVE-2014-9673 at NVDCVE-2014-9674 at SUSECVE-2014-9674 at NVDCVE-2014-9675 at SUSECVE-2014-9675 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Recommended update for freetype2SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for freetype2 adjusts the patch that fixed CVE-2014-9671 for
better backwards compatibility.
As the PCF format doesn't have an official specification, we have to
exactly follow X11's pcfWriteFont and pcfReadFont functions' behavior.
SUSE bug 930711CVE-2014-9671 at SUSECVE-2014-9671 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for fribidi (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for fribidi fixes the following issues:
- CVE-2022-25308: Fixed stack out of bounds read (bsc#1196147).
- CVE-2022-25309: Fixed heap-buffer-overflow in fribidi_cap_rtl_to_unicode (bsc#1196148).
- CVE-2022-25310: Fixed NULL pointer dereference in fribidi_remove_bidi_marks (bsc#1196150).
ModerateSUSE bug 1196147SUSE bug 1196148SUSE bug 1196150CVE-2022-25308 at SUSECVE-2022-25308 at NVDCVE-2022-25309 at SUSECVE-2022-25309 at NVDCVE-2022-25310 at SUSECVE-2022-25310 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for FUSESUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for FUSE fixes the following security issue:
* CVE-2015-3202: FUSE did not clear the environment upon execution of
external programs.
Security Issues:
* CVE-2015-3202
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3202>
SUSE bug 931452CVE-2015-3202 at SUSECVE-2015-3202 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for fuse (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for fuse fixes the following issues:
Security issue fixed:
- CVE-2018-10906: Fix a bypass of the user_allow_other restriction (bsc#1101797)
ModerateSUSE bug 1101797CVE-2018-10906 at SUSECVE-2018-10906 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gcc43 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gcc43 fixes the following issues:
Security issue fixed:
- CVE-2017-1000376: Don't request excutable stack from libffi. [bnc#1045091]
New features:
- Add support for retpolines to mitigate the Spectre Variant 2 attack. [bnc#1074621]
- Add support for zero-sized VLAs and allocas with -fstack-clash-protection. [bnc#1059075]
- Add support for -fstack-clash-protection to mitigate the Stack Clash attack. [bnc#1039513]
Non security bugs fixed:
- Fixed build of 32bit libgcov.a with LFS support. [bsc#1044016]
- Fixed issue with libstdc++ functional when an exception is thrown during construction. [bsc#999596]
- Fixed issue with using gcov and #pragma pack. [bsc#977654]
- Fixed ICE compiling AFS modules for the s390x kernel. [bsc#938159]
- Backport large file support from GCC 4.6.
ModerateSUSE bug 1039513SUSE bug 1044016SUSE bug 1045091SUSE bug 1059075SUSE bug 1074621SUSE bug 938159SUSE bug 977654SUSE bug 999596CVE-2017-1000376 at SUSECVE-2017-1000376 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for gcc43 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gcc43 fixes the following issues:
This update adds support for 'expolines' on s390x, allowing fixing CVE-2017-5715 in a more lightweight fashion. (bsc#1086069)
The option flags are the same as for the x86 retpolines.
A compiler crash when building userland packages with x86 retpolines was fixed. (bsc#1092807)
ModerateSUSE bug 1086069SUSE bug 1092807CVE-2017-5715 at SUSECVE-2017-5715 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for gcc48 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gcc48 fixes the following issues:
Security issues fixed:
- A new option -fstack-clash-protection is now offered, which mitigates the stack clash type of attacks. [bnc#1039513]
- CVE-2017-11671: Fixed rdrand/rdseed code generation issue [bsc#1050947]
Bugs fixed:
- Enable LFS support in 32bit libgcov.a. [bsc#1044016]
- Bump libffi version in libffi.pc to 3.0.11.
- Properly diagnose missing -fsanitize=address support on ppc64le. [bsc#1028744]
- Backport patch for PR65612. [bsc#1022062]
- Re-spin to provide missing libasan0-32bit and other multilibs via the updated product description. [bsc#951644]
- Fixed for DR#1288. [bsc#1011348]
- Fix libffi issue for armv7l. [bsc#988274]
- Fixed a kernel miscompile on aarch64. [bnc #981311]
- Fixed a ppc64le internal compiler error. [bnc #976627]
- Fixed issue with using gcov and #pragma pack. [bsc#977654]
- Fixed samba build on AARCH64. [bsc#970009]
- Build without GRAPHITE where cloog-isl is not available.
- Fixed HTM builtins on powerpc. [bsc#955382]
- Fixed build of SLOF. [bsc#949000]
- Fixed C++11 std::random_device short reads, CVE-2015-5276. [bsc#945842]
- Fixed libffi issues on aarch64. [bsc#948168]
- Fixed no_instrument_function attribute handling on PPC64 with -mprofile-kernel. [bsc#947791]
- Enable 32bit code generation for ppc64le but do not build 32bit
target libraries. Fixes ppc64le kernel compile.
- Update to GCC 4.8.5 release.
* Fixes bogus integer overflow in constant expression. [bsc#934689]
* Fixes ICE with atomics on aarch64. [bsc#930176]
- Fixed reload issue on S390.
- Add patch to keep functions leaf when they are instrumented for
profiling on s390[x]. [bsc#899871]
- Avoid accessing invalid memory when passing aggregates by value. [bsc#922534]
- Build s390[x] with --with-tune=z9-109 --with-arch=z900 on SLE11
again. [bsc#927993]
- Update to gcc-4_8-branch head (r221715).
* Includes GCC 4.8.4 release.
* Includes fix for -imacros bug. [bsc#917169]
* Includes fix for incorrect -Warray-bounds warnings. [bsc#919274]
* Includes updated -mhotpatch for s390x. [bsc#924525]
* Includes fix for ppc64le issue with doubleword vector extract.
[bsc#924687]
- Backport rework of the memory allocator for C++ exceptions used in OOM situations. [bsc#889990]
- Remove invalid use of glibc internals in TSAN.
- Update to gcc-4_8-branch head (r218481).
* Includes patches to allow building against ISL 0.14.
- Disable all languages but C, C++, Fortran and Ada. [fate#316860]
ModerateSUSE bug 1011348SUSE bug 1022062SUSE bug 1028744SUSE bug 1039513SUSE bug 1044016SUSE bug 1050947SUSE bug 878067SUSE bug 889990SUSE bug 899871SUSE bug 917169SUSE bug 919274SUSE bug 922534SUSE bug 924525SUSE bug 924687SUSE bug 927993SUSE bug 930176SUSE bug 934689SUSE bug 945842SUSE bug 947772SUSE bug 947791SUSE bug 948168SUSE bug 949000SUSE bug 951644SUSE bug 955382SUSE bug 970009SUSE bug 976627SUSE bug 977654SUSE bug 981311SUSE bug 988274CVE-2014-5044 at SUSECVE-2014-5044 at NVDCVE-2015-5276 at SUSECVE-2015-5276 at NVDCVE-2017-11671 at SUSECVE-2017-11671 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gcc48 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gcc48 fixes the following issues:
- CVE-2019-14250: Fixed an integer overflow that could lead to an invalid memory
access (bsc#1142649).
Non-security fixes:
- Fixed an issue with manual page builds (bsc#1185395).
- Fixed an issue with static initializers (bsc#1177947).
- Fixed an issue with exception handling on s390x (bsc#1161913).
- Fixed a reload bug on aarch64 (bsc#1093797).
- Added a Spectre V2 mitigation for s390x (bsc#1083945).
ImportantSUSE bug 1071995SUSE bug 1082130SUSE bug 1083945SUSE bug 1087932SUSE bug 1093797SUSE bug 1131264SUSE bug 1142649SUSE bug 1161913SUSE bug 1177947SUSE bug 1178675SUSE bug 1185395CVE-2019-14250 at SUSECVE-2019-14250 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gdSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The graphics drawing library gd has been updated to fix one security issue:
* possible buffer read overflow (CVE-2014-9709)
Security Issues:
* CVE-2014-9709
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709>
SUSE bug 923945CVE-2014-9709 at SUSECVE-2014-9709 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for gd (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gd fixes the following issues:
- security update:
* CVE-2016-6161: global out of bounds read when encoding gif from malformed input withgd2togif [bsc#988032]
ModerateSUSE bug 988032CVE-2016-6161 at SUSECVE-2016-6161 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gd (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gd fixes the following issues:
- CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf (bsc#1004924)
- CVE-2016-6911: Check for out-of-bound read in dynamicGetbuf() (bsc#1005274)
ModerateSUSE bug 1004924SUSE bug 1005274CVE-2016-6911 at SUSECVE-2016-6911 at NVDCVE-2016-8670 at SUSECVE-2016-8670 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gd (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gd fixes the following issues:
* CVE-2016-9933 possible stackoverflow on malicious truecolor images [bsc#1015187]
ModerateSUSE bug 1015187CVE-2016-9933 at SUSECVE-2016-9933 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gd (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gd fixes the following security issues:
- CVE-2016-9317: The gdImageCreate function in the GD Graphics Library
(aka libgd) allowed remote attackers to cause a denial of service
(system hang) via an oversized image. (bsc#1022283)
- CVE-2016-10167: A denial of service problem in gdImageCreateFromGd2Ctx()
could lead to libgd running out of memory even on small files. (bsc#1022264)
- CVE-2016-10168: A signed integer overflow in the GD Graphics Library (aka libgd) could lead
to memory corruption (bsc#1022265)
ModerateSUSE bug 1022264SUSE bug 1022265SUSE bug 1022283CVE-2016-10167 at SUSECVE-2016-10167 at NVDCVE-2016-10168 at SUSECVE-2016-10168 at NVDCVE-2016-9317 at SUSECVE-2016-9317 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gd (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gd fixes several issues.
This security issue was fixed:
- CVE-2018-5711: Prevent integer signedness error that could have lead to an
infinite loop via a crafted GIF file allowing for DoS (bsc#1076391)
This non-security issue was fixed:
- Fixed gd2togif error message (bsc#1025223)
ModerateSUSE bug 1025223SUSE bug 1076391CVE-2018-5711 at SUSECVE-2018-5711 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gd (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gd fixes the following issues:
Security vulnerability addressed:
- CVE-2017-7890: Fixed a buffer over-read into uninitialized memory (bsc#1050241).
- CVE-2019-6978: Fixed a double free in the GD graphics library (bsc#1123522).
- CVE-2019-11038: Fixed a information disclosure in gdImageCreateFromXbm() (bsc#1140120).
ModerateSUSE bug 1050241SUSE bug 1123522SUSE bug 1140120CVE-2017-7890 at SUSECVE-2017-7890 at NVDCVE-2019-11038 at SUSECVE-2019-11038 at NVDCVE-2019-6978 at SUSECVE-2019-6978 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gdb (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gdb fixes the following issues:
Security issue fixed:
- CVE-2019-1010180: Fixed a buffer overflow and out of bound memory access that can lead to deny of service, memory disclosure, and possible code execution (bsc#1142772).
ModerateSUSE bug 1142772CVE-2019-1010180 at SUSECVE-2019-1010180 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gdb (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gdb fixes the following issues:
- CVE-2019-1010180: Fixed a buffer overflow (bsc#1142772).
ModerateSUSE bug 1142772CVE-2019-1010180 at SUSECVE-2019-1010180 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ghostscript-library (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ghostscript fixes the following issues:
- CVE-2016-8602: Insufficient parameter check in .sethalftone5 (bsc#1004237)
ModerateSUSE bug 1004237CVE-2016-8602 at SUSECVE-2016-8602 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ghostscript-library (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ghostscript-library fixes the following issues:
- Multiple security vulnerabilities have been discovered where ghostscript's
'-dsafer' flag did not provide sufficient protection against unintended
access to the file system. Thus, a machine that would process a specially
crafted Postscript file would potentially leak sensitive information to an
attacker. (CVE-2013-5653, CVE-2016-7977, bsc#1001951)
- Insufficient validation of the type of input in .initialize_dsc_parser used
to allow remote code execution. (CVE-2016-7979, bsc#1001951)
- An integer overflow in the gs_heap_alloc_bytes function used to allow remote
attackers to cause a denial of service (crash) via specially crafted
Postscript files. (CVE-2015-3228, boo#939342)
ImportantSUSE bug 1001951SUSE bug 939342CVE-2013-5653 at SUSECVE-2013-5653 at NVDCVE-2015-3228 at SUSECVE-2015-3228 at NVDCVE-2016-7977 at SUSECVE-2016-7977 at NVDCVE-2016-7979 at SUSECVE-2016-7979 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for ghostscript-library (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ghostscript fixes the following security vulnerability:
CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were
exploited in the wild. (bsc#1036453)
ImportantSUSE bug 1036453CVE-2017-8291 at SUSECVE-2017-8291 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ghostscript-library (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ghostscript fixes the following security vulnerability:
CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were
exploited in the wild. (bsc#1036453)
This update is a reissue including the SUSE Linux Enterprise 11 SP3 product.
ImportantSUSE bug 1036453CVE-2017-8291 at SUSECVE-2017-8291 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for ghostscript-library (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ghostscript-library fixes several issues.
These security issues were fixed:
- CVE-2017-7207: The mem_get_bits_rectangle function allowed remote attackers
to cause a denial of service (NULL pointer dereference) via a crafted
PostScript document (bsc#1030263).
- CVE-2016-9601: Prevent heap-buffer overflow by checking for an integer
overflow in jbig2_image_new function (bsc#1018128).
- CVE-2017-9612: The Ins_IP function in base/ttinterp.c allowed remote
attackers to cause a denial of service (use-after-free and application crash)
or possibly have unspecified other impact via a crafted document (bsc#1050891)
- CVE-2017-9726: The Ins_MDRP function in base/ttinterp.c allowed remote
attackers to cause a denial of service (heap-based buffer over-read and
application crash) or possibly have unspecified other impact via a crafted
document (bsc#1050889)
- CVE-2017-9727: The gx_ttfReader__Read function in base/gxttfb.c allowed
remote attackers to cause a denial of service (heap-based buffer over-read and
application crash) or possibly have unspecified other impact via a crafted
document (bsc#1050888)
- CVE-2017-9739: The Ins_JMPR function in base/ttinterp.c allowed remote
attackers to cause a denial of service (heap-based buffer over-read and
application crash) or possibly have unspecified other impact via a crafted
document (bsc#1050887)
- CVE-2017-11714: psi/ztoken.c mishandled references to the scanner state
structure, which allowed remote attackers to cause a denial of service
(application crash) or possibly have unspecified other impact via a crafted
PostScript document, related to an out-of-bounds read in the
igc_reloc_struct_ptr function in psi/igc.c (bsc#1051184)
- CVE-2017-9835: The gs_alloc_ref_array function allowed remote attackers to
cause a denial of service (heap-based buffer overflow and application crash) or
possibly have unspecified other impact via a crafted PostScript document
(bsc#1050879)
- CVE-2016-10219: The intersect function in base/gxfill.c allowed remote
attackers to cause a denial of service (divide-by-zero error and application
crash) via a crafted file (bsc#1032138)
- CVE-2017-9216: Prevent NULL pointer dereference in the jbig2_huffman_get
function in jbig2_huffman.c which allowed for DoS (bsc#1040643)
ModerateSUSE bug 1018128SUSE bug 1030263SUSE bug 1032138SUSE bug 1032230SUSE bug 1040643SUSE bug 1050879SUSE bug 1050887SUSE bug 1050888SUSE bug 1050889SUSE bug 1050891SUSE bug 1051184CVE-2016-10219 at SUSECVE-2016-10219 at NVDCVE-2016-9601 at SUSECVE-2016-9601 at NVDCVE-2017-11714 at SUSECVE-2017-11714 at NVDCVE-2017-7207 at SUSECVE-2017-7207 at NVDCVE-2017-9216 at SUSECVE-2017-9216 at NVDCVE-2017-9612 at SUSECVE-2017-9612 at NVDCVE-2017-9726 at SUSECVE-2017-9726 at NVDCVE-2017-9727 at SUSECVE-2017-9727 at NVDCVE-2017-9739 at SUSECVE-2017-9739 at NVDCVE-2017-9835 at SUSECVE-2017-9835 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ghostscript-library (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ghostscript-library fixes the following issues:
- CVE-2018-10194: Fixed a stack-based buffer overflow in gdevpdts.c (bsc#1090099)
- Fixed a crash in the fix for CVE-2016-9601.
ModerateSUSE bug 1090099CVE-2016-9601 at SUSECVE-2016-9601 at NVDCVE-2018-10194 at SUSECVE-2018-10194 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ghostscript-library (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ghostscript-library fixes the following issues:
- CVE-2018-16511: A type confusion in 'ztype' could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. (bsc#1107426)
- CVE-2018-16540: Attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact. (bsc#1107420)
- CVE-2018-16541: Attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter. (bsc#1107421)
- CVE-2018-16542: Attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter. (bsc#1107413)
- CVE-2018-16509: Incorrect 'restoration of privilege' checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the 'pipe' instruction. (bsc#1107410
- CVE-2018-16513: Attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact. (bsc#1107412)
- CVE-2018-15910: Attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code. (bsc#1106173)
- CVE-2017-9611: The Ins_MIRP function allowed remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. (bsc#1050893)
ImportantSUSE bug 1050893SUSE bug 1106173SUSE bug 1107410SUSE bug 1107412SUSE bug 1107413SUSE bug 1107420SUSE bug 1107421SUSE bug 1107426CVE-2017-9611 at SUSECVE-2017-9611 at NVDCVE-2018-15910 at SUSECVE-2018-15910 at NVDCVE-2018-16509 at SUSECVE-2018-16509 at NVDCVE-2018-16511 at SUSECVE-2018-16511 at NVDCVE-2018-16513 at SUSECVE-2018-16513 at NVDCVE-2018-16540 at SUSECVE-2018-16540 at NVDCVE-2018-16541 at SUSECVE-2018-16541 at NVDCVE-2018-16542 at SUSECVE-2018-16542 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Recommended update for ghostscript-library (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ghostscript-library fixes the following issues:
Security issue fixed:
- CVE-2019-3838: Fixed various bugs which allows to reenable and misuse system Postscript operators to read files from within Postscript files and send them with the help of e.g. the %pipe% to the attacker (bsc#1129186).
ImportantSUSE bug 1129186CVE-2019-3838 at SUSECVE-2019-3838 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ghostscript-library (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ghostscript-library fixes the following issues:
- CVE-2020-27792: Fixed heap-based buffer over write in lp8000_print_page() function in gdevlp8k.c (bsc#1202598)
ModerateSUSE bug 1202598CVE-2020-27792 at SUSECVE-2020-27792 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ghostscript-library (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ghostscript-library fixes the following issues:
- CVE-2023-28879: Fixed buffer Overflow in s_xBCPE_process (bsc#1210062).
ImportantSUSE bug 1210062CVE-2023-28879 at SUSECVE-2023-28879 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for giflib (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for giflib fixes the following issues:
- CVE-2015-7555: Heap overflow in giffix (bsc#960319)
ModerateSUSE bug 960319CVE-2015-7555 at SUSECVE-2015-7555 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for giflib (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
giflib was updated to fix one security issue.
This security issue was fixed:
- CVE-2016-3977: Heap buffer overflow in gif2rgb (bsc#974847).
ModerateSUSE bug 974847CVE-2016-3977 at SUSECVE-2016-3977 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for glib2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for glib2 fixes the following issues:
Security issues fixed:
- CVE-2018-16429: Fixed out-of-bounds read vulnerability ing_markup_parse_context_parse() (bsc#1107116).
- Fixing potentially exploitable bugs in UTF-8 validation in Variant and DBUS message parsing (bsc#1111499).
ModerateSUSE bug 1107116SUSE bug 1111499CVE-2018-16429 at SUSECVE-2018-16429 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for glib2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for glib2 fixes the following issues:
Security issue fixed:
- CVE-2019-12450: Fixed an improper file permission when copy operation
takes place (bsc#1137001).
ImportantSUSE bug 1137001CVE-2019-12450 at SUSECVE-2019-12450 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for glib2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for glib2 fixes the following issues:
- CVE-2021-3800: Fixed a file content leak in pkexec due to charset aliases (bsc#1191489).
- CVE-2018-16428: Fixed a NULL pointer dereference in g_markup_parse_context_end_parse() (bsc#1107121).
ModerateSUSE bug 1107121SUSE bug 1191489CVE-2018-16428 at SUSECVE-2018-16428 at NVDCVE-2021-3800 at SUSECVE-2021-3800 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for glibcSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This glibc update fixes a critical privilege escalation problem and two
non-security issues:
* bnc#892073: An off-by-one error leading to a heap-based buffer
overflow was found in __gconv_translit_find(). An exploit that
targets the problem is publicly available. (CVE-2014-5119)
* bnc#892065: setenv-alloca.patch: Avoid unbound alloca in setenv.
* bnc#888347: printf-multibyte-format.patch: Don't parse %s format
argument as multi-byte string.
Security Issues:
* CVE-2014-5119
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119>
SUSE bug 691365SUSE bug 779320SUSE bug 791928SUSE bug 801246SUSE bug 811979SUSE bug 813121SUSE bug 819347SUSE bug 822210SUSE bug 827811SUSE bug 828235SUSE bug 828637SUSE bug 830268SUSE bug 834594SUSE bug 836746SUSE bug 839870SUSE bug 844309SUSE bug 847227SUSE bug 854445SUSE bug 863499SUSE bug 864081SUSE bug 872832SUSE bug 882028SUSE bug 882600SUSE bug 883217SUSE bug 886416SUSE bug 887022SUSE bug 888347SUSE bug 891843SUSE bug 892065SUSE bug 892073SUSE bug 894553SUSE bug 894556SUSE bug 903288SUSE bug 904461SUSE bug 906371SUSE bug 909053SUSE bug 913646SUSE bug 915526SUSE bug 916222SUSE bug 917072SUSE bug 919678CVE-2012-4412 at SUSECVE-2012-4412 at NVDCVE-2012-6656 at SUSECVE-2012-6656 at NVDCVE-2013-0242 at SUSECVE-2013-0242 at NVDCVE-2013-1914 at SUSECVE-2013-1914 at NVDCVE-2013-4237 at SUSECVE-2013-4237 at NVDCVE-2013-4332 at SUSECVE-2013-4332 at NVDCVE-2013-4357 at SUSECVE-2013-4357 at NVDCVE-2013-4458 at SUSECVE-2013-4458 at NVDCVE-2013-4788 at SUSECVE-2013-4788 at NVDCVE-2013-7423 at SUSECVE-2013-7423 at NVDCVE-2014-0475 at SUSECVE-2014-0475 at NVDCVE-2014-4043 at SUSECVE-2014-4043 at NVDCVE-2014-5119 at SUSECVE-2014-5119 at NVDCVE-2014-6040 at SUSECVE-2014-6040 at NVDCVE-2014-7817 at SUSECVE-2014-7817 at NVDCVE-2014-9402 at SUSECVE-2014-9402 at NVDCVE-2015-0235 at SUSECVE-2015-0235 at NVDCVE-2015-1472 at SUSECVE-2015-1472 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for glibc provides fixes for security and non-security issues.
These security issues have been fixed:
- CVE-2015-1781: Buffer length after padding in resolv/nss_dns/dns-host.c. (bsc#927080)
- CVE-2013-2207: pt_chown did not properly check permissions for tty files, which allowed
local users to change the permission on the files and obtain access to arbitrary
pseudo-terminals by leveraging a FUSE file system. (bsc#830257)
- CVE-2014-8121: DB_LOOKUP in the Name Service Switch (NSS) did not properly check if a
file is open, which allowed remote attackers to cause a denial of service (infinite loop)
by performing a look-up while the database is iterated over the database, which triggers
the file pointer to be reset. (bsc#918187)
- Fix read past end of pattern in fnmatch. (bsc#920338)
These non-security issues have been fixed:
- Fix locking in _IO_flush_all_lockp() to prevent deadlocks in applications. (bsc#851280)
- Record TTL also for DNS PTR queries. (bsc#928723)
- Fix invalid free in ld.so. (bsc#932059)
- Make PowerPC64 default to non-executable stack. (bsc#933770)
- Fix floating point exceptions in some circumstances with exp() and friends. (bsc#933903)
- Fix bad TEXTREL in glibc.i686. (bsc#935286)
ImportantSUSE bug 830257SUSE bug 851280SUSE bug 918187SUSE bug 920338SUSE bug 927080SUSE bug 928723SUSE bug 932059SUSE bug 933770SUSE bug 933903SUSE bug 935286CVE-2013-2207 at SUSECVE-2013-2207 at NVDCVE-2014-8121 at SUSECVE-2014-8121 at NVDCVE-2015-1781 at SUSECVE-2015-1781 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for glibc fixes the following issues:
- CVE-2015-7547: A stack-based buffer overflow in getaddrinfo allowed remote attackers to cause a crash or execute arbitrary code via crafted and timed DNS responses (bsc#961721)
- CVE-2015-8777: Insufficient checking of LD_POINTER_GUARD environment variable allowed local attackers to bypass the pointer guarding protection of the dynamic loader on set-user-ID and set-group-ID programs (bsc#950944)
- CVE-2015-8776: Out-of-range time values passed to the strftime function may cause it to crash, leading to a denial of service, or potentially disclosure information (bsc#962736)
- CVE-2015-8778: Integer overflow in hcreate and hcreate_r could have caused an out-of-bound memory access. leading to application crashes or, potentially, arbitrary code execution (bsc#962737)
- CVE-2014-9761: A stack overflow (unbounded alloca) could have caused applications which process long strings with the nan function to crash or, potentially, execute arbitrary code. (bsc#962738)
- CVE-2015-8779: A stack overflow (unbounded alloca) in the catopen function could have caused applications which pass long strings to the catopen function to crash or, potentially execute arbitrary code. (bsc#962739)
The following non-security bugs were fixed:
- bsc#930721: Accept leading and trailing spaces in getdate input string
- bsc#942317: Recognize power8 platform
- bsc#950944: Always enable pointer guard
- bsc#956988: Fix deadlock in __dl_iterate_phdr
ImportantSUSE bug 930721SUSE bug 942317SUSE bug 950944SUSE bug 956988SUSE bug 961721SUSE bug 962736SUSE bug 962737SUSE bug 962738SUSE bug 962739CVE-2014-9761 at SUSECVE-2014-9761 at NVDCVE-2015-7547 at SUSECVE-2015-7547 at NVDCVE-2015-8776 at SUSECVE-2015-8776 at NVDCVE-2015-8777 at SUSECVE-2015-8777 at NVDCVE-2015-8778 at SUSECVE-2015-8778 at NVDCVE-2015-8779 at SUSECVE-2015-8779 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for glibc (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for glibc fixes the following issues:
- Drop old fix that could break services that start before IPv6 is up. (bsc#931399)
- Do not copy d_name field of struct dirent. (CVE-2016-1234, bsc#969727)
- Fix memory leak in _nss_dns_gethostbyname4_r. (bsc#973010)
- Relocate DSOs in dependency order, fixing a potential crash during symbol
relocation phase. (bsc#986302)
- Fix nscd assertion failure in gc. (bsc#965699)
- Fix stack overflow in _nss_dns_getnetbyname_r. (CVE-2016-3075, bsc#973164)
- Fix getaddrinfo stack overflow in hostent conversion. (CVE-2016-3706, bsc#980483)
- Do not use alloca in clntudp_call. (CVE-2016-4429, bsc#980854)
ModerateSUSE bug 931399SUSE bug 965699SUSE bug 969727SUSE bug 973010SUSE bug 973164SUSE bug 973179SUSE bug 980483SUSE bug 980854SUSE bug 986302CVE-2016-1234 at SUSECVE-2016-1234 at NVDCVE-2016-3075 at SUSECVE-2016-3075 at NVDCVE-2016-3706 at SUSECVE-2016-3706 at NVDCVE-2016-4429 at SUSECVE-2016-4429 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for glibc fixes the following issues:
- CVE-2017-1000366: Fix a potential privilege escalation vulnerability that
allowed unprivileged system users to manipulate the stack of setuid binaries
to gain special privileges. [bsc#1039357]
ImportantSUSE bug 1039357CVE-2017-1000366 at SUSECVE-2017-1000366 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for glibc fixes the following issues:
- A privilege escalation bug in the realpath() function has been fixed.
[CVE-2018-1000001, bsc#1074293]
ImportantSUSE bug 1074293CVE-2018-1000001 at SUSECVE-2018-1000001 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for glibc fixes the following issues:
Security issues:
- CVE-2017-8804: Fix memory leak after deserialization failure in xdr_bytes, xdr_string (bsc#1037930)
- CVE-2017-12132: Reduce EDNS payload size to 1200 bytes (bsc#1051791)
- CVE-2018-6485,CVE-2018-6551: Fix integer overflows in internal memalign and malloc functions (bsc#1079036)
- CVE-2018-1000001: Avoid underflow of malloced area in realpath (bsc#1074293)
Also a non security issue was fixed:
- Do not fail if one of the two responses to AF_UNSPEC fails (bsc#978209)
ImportantSUSE bug 1037930SUSE bug 1051791SUSE bug 1074293SUSE bug 1079036SUSE bug 978209CVE-2017-12132 at SUSECVE-2017-12132 at NVDCVE-2017-8804 at SUSECVE-2017-8804 at NVDCVE-2018-1000001 at SUSECVE-2018-1000001 at NVDCVE-2018-6485 at SUSECVE-2018-6485 at NVDCVE-2018-6551 at SUSECVE-2018-6551 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for glibc (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for glibc fixes the following issues:
Security issues fixed:
- CVE-2017-12133: Avoid use-after-free read access in clntudp_call (bsc#1081556)
Non security issue fixed:
- Fix incorrect getaddrinfo assertion trigger (bsc#1076871)
ModerateSUSE bug 1076871SUSE bug 1081556CVE-2017-12133 at SUSECVE-2017-12133 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for glibc fixes the following issues:
Security issue fixed:
- CVE-2018-11236: Fix 32bit arch integer overflow in stdlib/canonicalize.c when processing very long pathname arguments (bsc#1094161).
Bug fixes:
- bsc#1086690: Fix crash in resolver on memory allocation failure.
- bsc#1077763: Fix allocation in in6ailist_add.
- bsc#1079625: Fix allocation in nss_compat for large number of memberships to a group.
ImportantSUSE bug 1077763SUSE bug 1079625SUSE bug 1086690SUSE bug 1094161CVE-2018-11236 at SUSECVE-2018-11236 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for glibc fixes the following security issues:
- CVE-2017-15670: Prevent off-by-one error that lead to a heap-based buffer
overflow in the glob function, related to the processing of home directories
using the ~ operator followed by a long string (bsc#1064583)
- CVE-2017-15804: The glob function contained a buffer overflow during
unescaping of user names with the ~ operator (bsc#1064580)
- CVE-2015-5180: res_query in libresolv allowed remote attackers to cause a
denial of service (NULL pointer dereference and process crash) (bsc#941234).
This non-security issue was fixed:
- Fix inaccuracies in casin, cacos, casinh, cacosh (bsc#1058774)
ImportantSUSE bug 1058774SUSE bug 1064580SUSE bug 1064583SUSE bug 941234CVE-2015-5180 at SUSECVE-2015-5180 at NVDCVE-2017-15670 at SUSECVE-2017-15670 at NVDCVE-2017-15804 at SUSECVE-2017-15804 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Recommended update for glibc (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for glibc fixes the following issues:
Security issue fixed:
- CVE-2017-15671: Fixed memory leak in glob with GLOB_TILDE (bsc#1064569, BZ #22325).
Non-security issue fixed:
- Avoid access beyond memory bounds in pthread_attr_getaffinity_np (bsc#1110170, BZ #15618).
- Remove improper assert in dlclose (bsc#1110174, BZ #11941).
ModerateSUSE bug 1064569SUSE bug 1110170SUSE bug 1110174CVE-2017-15671 at SUSECVE-2017-15671 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for glibc (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for glibc fixes the following issue:
Security issue fixed:
- CVE-2009-5155: Fixed a local denial of service inside the parse_reg_exp in posix/regcomp.c (bsc#1127223).
ModerateSUSE bug 1127223CVE-2009-5155 at SUSECVE-2009-5155 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for glibc fixes the following issues:
Security issue fixed:
- CVE-2019-9169: Fixed heap-based buffer over-read via an attempted case-insensitive regular-expression match (bsc#1127308).
ImportantSUSE bug 1127308CVE-2019-9169 at SUSECVE-2019-9169 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for glibc (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for glibc fixes the following issues:
- CVE-2021-33574: Use __pthread_attr_copy in mq_notify (bsc#1186489)
- CVE-2021-35942: wordexp: handle overflow in positional parameter number (bsc#1187911)
ModerateSUSE bug 1186489SUSE bug 1187911CVE-2021-33574 at SUSECVE-2021-33574 at NVDCVE-2021-35942 at SUSECVE-2021-35942 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for glibc fixes the following issues:
- CVE-2022-23219: Fixed buffer overflow in sunrpc clnt_create for 'unix' (bsc#1194768, BZ #22542)
- CVE-2022-23218: Fixed buffer overflow in sunrpc svcunix_create (bsc#1194770, BZ #28768)
- CVE-2021-3999: Fixed in getcwd to set errno to ERANGE for size == 1 (bsc#1194640, BZ #28769)
- CVE-2015-8983: Fixed _IO_wstr_overflow integer overflow (bsc#1193615, BZ #17269)
- CVE-2015-8982: Fixed memory handling in strxfrm_l (bsc#1193616, BZ #16009)
ImportantSUSE bug 1193615SUSE bug 1193616SUSE bug 1194640SUSE bug 1194768SUSE bug 1194770CVE-2015-8982 at SUSECVE-2015-8982 at NVDCVE-2015-8983 at SUSECVE-2015-8983 at NVDCVE-2021-3999 at SUSECVE-2021-3999 at NVDCVE-2022-23218 at SUSECVE-2022-23218 at NVDCVE-2022-23219 at SUSECVE-2022-23219 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for glibc fixes the following issues:
Security issues fixed:
- CVE-2020-29573: x86: printf was hardened against non-normal long double values (bsc#1179721, BZ #26649)
- CVE-2021-3326: Fix assertion failure in gconv ISO-2022-JP-3 module (bsc#1181505, BZ #27256)
- CVE-2019-25013: Fix buffer overrun in EUC-KR conversion module (bsc#1182117, BZ #24973)
- CVE-2020-27618: Accept redundant shift sequences in IBM1364 iconv (bsc#1178386, BZ #26224)
- CVE-2020-29562: Fix incorrect UCS4 inner loop bounds in iconv (bsc#1179694, BZ #26923)
- Schedule nscd cache pruning more accurately from re-added values (bsc#1018158)
ImportantSUSE bug 1018158SUSE bug 1178386SUSE bug 1179694SUSE bug 1179721SUSE bug 1181505SUSE bug 1182117CVE-2019-25013 at SUSECVE-2019-25013 at NVDCVE-2020-27618 at SUSECVE-2020-27618 at NVDCVE-2020-29562 at SUSECVE-2020-29562 at NVDCVE-2020-29573 at SUSECVE-2020-29573 at NVDCVE-2021-3326 at SUSECVE-2021-3326 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for glibc (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for glibc fixes the following issues:
- CVE-2015-8985: Fixed assertion failure in pop_fail_stack when executing
a malformed regexp (bsc#1193625)
ModerateSUSE bug 1193625CVE-2015-8985 at SUSECVE-2015-8985 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for glibc (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for glibc fixes the following issues:
- CVE-2016-10739: getaddrinfo: Fully parse IPv4 address strings (bsc#1122729, BZ #20018)
ModerateSUSE bug 1122729CVE-2016-10739 at SUSECVE-2016-10739 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gmp (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gmp fixes the following issues:
- CVE-2021-43618: Fixed buffer overflow on malformed input to mpz_inp_raw (bsc#1192717).
ModerateSUSE bug 1192717CVE-2021-43618 at SUSECVE-2021-43618 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gnome-session (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gnome-session fixes the following issues:
- CVE-2017-11171: Fix a denial of service condition. an unauthenticated local user
can create ICE connections, causing a file descriptor leak in
gnome-session (bsc#1048274).
ModerateSUSE bug 1048274CVE-2017-11171 at SUSECVE-2017-11171 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gnuplot (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gnuplot fixes the following issues:
Security issues fixed:
- CVE-2018-19492: Fixed a buffer overflow in cairotrm_options function (bsc#1117463)
- CVE-2018-19491: Fixed a buffer overflow in the PS_options function (bsc#1117464)
- CVE-2018-19490: Fixed a heap-based buffer overflow in the df_generate_ascii_array_entry function (bsc#1117465)
- CVE-2017-9670: Fixed a uninitialized stack variable vulnerability which could lead to a
Denial of Service (bsc#1044638)
Non-security issues fixed:
- postscript output does not show any German 'umlauts' (bsc#375175)
ModerateSUSE bug 1044638SUSE bug 1117463SUSE bug 1117464SUSE bug 1117465SUSE bug 375175CVE-2017-9670 at SUSECVE-2017-9670 at NVDCVE-2018-19490 at SUSECVE-2018-19490 at NVDCVE-2018-19491 at SUSECVE-2018-19491 at NVDCVE-2018-19492 at SUSECVE-2018-19492 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gnutlsSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
GnuTLS has been patched to ensure proper parsing of session ids during the
TLS/SSL handshake. Additionally, three issues inherited from libtasn1 have
been fixed.
Further information is available at
http://www.gnutls.org/security.html#GNUTLS-SA-2014-3
<http://www.gnutls.org/security.html#GNUTLS-SA-2014-3>
These security issues have been fixed:
* Possible memory corruption during connect (CVE-2014-3466)
* Multiple boundary check issues could allow DoS (CVE-2014-3467)
* asn1_get_bit_der() can return negative bit length (CVE-2014-3468)
* Possible DoS by NULL pointer dereference (CVE-2014-3469)
Security Issue references:
* CVE-2014-3466
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466>
SUSE bug 821818SUSE bug 835760SUSE bug 865804SUSE bug 865993SUSE bug 880730SUSE bug 880910SUSE bug 919938SUSE bug 921684CVE-2009-5138 at SUSECVE-2009-5138 at NVDCVE-2013-2116 at SUSECVE-2013-2116 at NVDCVE-2014-0092 at SUSECVE-2014-0092 at NVDCVE-2014-3466 at SUSECVE-2014-3466 at NVDCVE-2014-8155 at SUSECVE-2014-8155 at NVDCVE-2015-0282 at SUSECVE-2015-0282 at NVDCVE-2015-0294 at SUSECVE-2015-0294 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for gnutls (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This security update of gnutls fixes the following issues:
- use minimal padding for CBC, the default random length padding
causes problems with some servers (bsc#925499)
* added gnutls-use_minimal_cbc_padding.patch
- use the default DH minimum for gnutls-cli instead of hardcoding 512
* CVE-2015-4000 (Logjam) (bsc#932026)
* added gnutls-CVE-2015-4000-logjam-use_the_default_DH_min_for_cli.patch
ModerateSUSE bug 925499SUSE bug 932026CVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for gnutls (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for gnutls fixes the following security issues:
- CVE-2015-8313: First byte of the padding in CBC mode is not checked (bsc#957568)
- CVE-2015-2806: Two-byte stack overflow in asn1_der_decoding (bsc#924828)
ModerateSUSE bug 924828SUSE bug 947271SUSE bug 957568CVE-2015-2806 at SUSECVE-2015-2806 at NVDCVE-2015-8313 at SUSECVE-2015-8313 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for gnutls (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gnutls fixes the following issues:
- Malformed asn1 definitions could cause a segmentation fault in the asn1 definition parser (bsc#961491).
- CVE-2016-8610: Remote denial of service in SSL alert handling (bsc#1005879).
- CVE-2017-5335: Decoding a specially crafted OpenPGP certificate could have lead to heap and stack overflows (bsc#1018832).
- CVE-2017-5336: Decoding a specially crafted OpenPGP certificate could have lead to heap and stack overflows (bsc#1018832).
- CVE-2017-5337: Decoding a specially crafted OpenPGP certificate could have lead to heap and stack overflows (bsc#1018832).
ImportantSUSE bug 1005879SUSE bug 1018832SUSE bug 961491CVE-2016-8610 at SUSECVE-2016-8610 at NVDCVE-2017-5335 at SUSECVE-2017-5335 at NVDCVE-2017-5336 at SUSECVE-2017-5336 at NVDCVE-2017-5337 at SUSECVE-2017-5337 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gnutls (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gnutls fixes the following issues:
- GNUTLS-SA-2017-3 / CVE-2017-7869: An out-of-bounds write in OpenPGP certificate decoding was fixed (bsc#1034173)
- CVE-2017-6891: A potential stack buffer overflow in the bundled libtasn1 was fixed (bsc#1040621)
- An address read of 4 bytes past the end of buffer in OpenPGP certificate parsing was fixed (bsc#1038337)
ModerateSUSE bug 1034173SUSE bug 1038337SUSE bug 1040621CVE-2017-6891 at SUSECVE-2017-6891 at NVDCVE-2017-7869 at SUSECVE-2017-7869 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gnutls (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gnutls fixes the following issues:
Security issues fixed:
- CVE-2018-10846: Improve mitigations against Lucky 13 class of attacks (PRIME + PROBE) (bsc#1105460).
- CVE-2017-10790: Fixed a denial of service in the _asn1_check_identifier() function (bsc#1047002).
ModerateSUSE bug 1047002SUSE bug 1105460CVE-2017-10790 at SUSECVE-2017-10790 at NVDCVE-2018-10846 at SUSECVE-2018-10846 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for GPG2SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
GPG2 has been updated to fix a possible denial of service.
This security issue has been fixed:
* Denial of service through infinite loop with garbled compressed data
packets (CVE-2014-4617)
Security Issues:
* CVE-2014-4617
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617>
SUSE bug 780943SUSE bug 798465SUSE bug 808958SUSE bug 840510SUSE bug 844175SUSE bug 884130CVE-2012-6085 at SUSECVE-2012-6085 at NVDCVE-2013-4351 at SUSECVE-2013-4351 at NVDCVE-2013-4402 at SUSECVE-2013-4402 at NVDCVE-2014-4617 at SUSECVE-2014-4617 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for gpg2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for gpg2 fixes the following issues:
- Fix cve-2015-1606 (bsc#918089)
* Invalid memory read using a garbled keyring
* 0001-Gpg-prevent-an-invalid-memory-read-using-a-garbled-k.patch
- Fix cve-2015-1607 (bsc#918090)
* Memcpy with overlapping ranges
* 0001-Use-inline-functions-to-convert-buffer-data-to-scala.patch
ModerateSUSE bug 918089SUSE bug 918090CVE-2015-1606 at SUSECVE-2015-1606 at NVDCVE-2015-1607 at SUSECVE-2015-1607 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for gpg2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gpg2 fixes the following issues:
- CVE-2018-12020: GnuPG mishandled the original filename during decryption and
verification actions, which allowed remote attackers to spoof the output that
GnuPG sends on file descriptor 2 to other programs that use the '--status-fd 2'
option (bsc#1096745)
ImportantSUSE bug 1096745CVE-2018-12020 at SUSECVE-2018-12020 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for gpg2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gpg2 fixes the following issues:
Security issue fixed:
- CVE-2019-13050: Fixed denial-of-service attacks via big keys. (bsc#1141093)
Non-security issue fixed:
- Allow coredumps in X11 desktop sessions (bsc#1124847).
ModerateSUSE bug 1124847SUSE bug 1141093CVE-2019-13050 at SUSECVE-2019-13050 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gpg2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gpg2 fixes the following issues:
- CVE-2022-34903: Fixed a status injection vulnerability (bsc#1201225).
ImportantSUSE bug 1201225CVE-2022-34903 at SUSECVE-2022-34903 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gpgmeSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This gpgme update fixes the following security issue:
* bnc#890123: Fix possible overflow in gpgsm and uiserver engines
(CVE-2014-3564)
Security Issues:
* CVE-2014-3564
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3564>
SUSE bug 890123CVE-2014-3564 at SUSECVE-2014-3564 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for graphviz (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for graphviz fixes the following issues:
- CVE-2018-10196: Fixed a null dereference in rebuild_vlis (bsc#1093447).
LowSUSE bug 1093447CVE-2018-10196 at SUSECVE-2018-10196 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for grep (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for grep fixes the following issues:
- CVE-2012-5667: Fixed an integer overflow when reading long lines (bsc#795827).
ModerateSUSE bug 795827CVE-2012-5667 at SUSECVE-2012-5667 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for grub2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for grub2 provides the following fixes:
A security issues with a bufferoverflow when reading username and password was fixed (bsc#956631, CVE-2015-8370)
Bugs fixed:
- Expand list of grub.cfg search path in PV Xen guests for systems installed on btrfs
snapshots. (bsc#946148, bsc#952539)
- Add grub.xen config searching path on boot partition. (bsc#884828)
- Add linux16 and initrd16 to grub.xen. (bsc#884830)
ImportantSUSE bug 884828SUSE bug 884830SUSE bug 946148SUSE bug 952539SUSE bug 954592SUSE bug 956631CVE-2015-8370 at SUSECVE-2015-8370 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for grub2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for grub2 fixes the following security issues:
- CVE-2017-9763: Fix a memory leak in grub_ext2_read_block. (bsc#1045063)
- CVE-2020-10713: Prevent parsing overflows from bypassing secure boot
restrictions. (bsc#1168994)
- CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311: Avoid
integer overflows. (bsc#1173812)
- CVE-2020-15706: Avoid a use-after-free when redefining a function during
execution. (bsc#1174463)
- CVE-2020-15707: Fix integer overflows in initrd size handling.
(bsc#1174570)
This update for grub2 fixes the following non-security issue:
- A potential regression has been fixed that would cause systems with an
updated 'grub2' to boot no longer due to a missing 'grub-calloc' linker
symbol. (bsc#1174782)
ImportantSUSE bug 1045063SUSE bug 1084632SUSE bug 1168994SUSE bug 1173812SUSE bug 1174463SUSE bug 1174570SUSE bug 1174782SUSE bug 1175036SUSE bug 1175060CVE-2017-9763 at SUSECVE-2017-9763 at NVDCVE-2020-10713 at SUSECVE-2020-10713 at NVDCVE-2020-14308 at SUSECVE-2020-14308 at NVDCVE-2020-14309 at SUSECVE-2020-14309 at NVDCVE-2020-14310 at SUSECVE-2020-14310 at NVDCVE-2020-14311 at SUSECVE-2020-14311 at NVDCVE-2020-15706 at SUSECVE-2020-15706 at NVDCVE-2020-15707 at SUSECVE-2020-15707 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for grub2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for grub2 fixes the following issues:
- CVE-2020-15705: Fail kernel validation without shim protocol (bsc#1174421).
ImportantSUSE bug 1174421CVE-2020-15705 at SUSECVE-2020-15705 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for grub2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for grub2 fixes the following issues:
grub2 now implements the new 'SBAT' method for SHIM based secure boot revocation. (bsc#1182057)
Following security issues are fixed that can violate secure boot constraints:
- CVE-2020-25632: Fixed a use-after-free in rmmod command (bsc#1176711)
- CVE-2020-25647: Fixed an out-of-bound write in grub_usb_device_initialize() (bsc#1177883)
- CVE-2020-27749: Fixed a stack buffer overflow in grub_parser_split_cmdline (bsc#1179264)
- CVE-2020-27779, CVE-2020-14372: Disallow cutmem and acpi commands in secure boot mode (bsc#1179265 bsc#1175970)
- CVE-2021-20225: Fixed a heap out-of-bounds write in short form option parser (bsc#1182262)
- CVE-2021-20233: Fixed a heap out-of-bound write due to mis-calculation of space required for quoting (bsc#1182263)
grub2 was updated to version 2.02, same as in SUSE Linux Enterprise 12 SP3.
ImportantSUSE bug 1175970SUSE bug 1176711SUSE bug 1177883SUSE bug 1179264SUSE bug 1179265SUSE bug 1182057SUSE bug 1182262SUSE bug 1182263CVE-2017-9763 at SUSECVE-2017-9763 at NVDCVE-2020-14372 at SUSECVE-2020-14372 at NVDCVE-2020-25632 at SUSECVE-2020-25632 at NVDCVE-2020-25647 at SUSECVE-2020-25647 at NVDCVE-2020-27749 at SUSECVE-2020-27749 at NVDCVE-2020-27779 at SUSECVE-2020-27779 at NVDCVE-2021-20225 at SUSECVE-2021-20225 at NVDCVE-2021-20233 at SUSECVE-2021-20233 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for grub2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for grub2 fixes the following issues:
Security fixes and hardenings for boothole 3 / boothole 2022 (bsc#1198581)
- CVE-2021-3695: Fixed that a crafted PNG grayscale image could lead to out-of-bounds write in heap (bsc#1191184)
- CVE-2021-3696: Fixed that a crafted PNG image could lead to out-of-bound write during huffman table handling (bsc#1191185)
- CVE-2021-3697: Fixed that a crafted JPEG image could lead to buffer underflow write in the heap (bsc#1191186)
- CVE-2022-28733: Fixed fragmentation math in net/ip (bsc#1198460)
- CVE-2022-28734: Fixed an out-of-bound write for split http headers (bsc#1198493)
- CVE-2022-28736: Fixed a use-after-free in chainloader command (bsc#1198496)
- Update SBAT security contact (bsc#1193282)
- Bump grub's SBAT generation to 2
ImportantSUSE bug 1191184SUSE bug 1191185SUSE bug 1191186SUSE bug 1193282SUSE bug 1198460SUSE bug 1198493SUSE bug 1198496SUSE bug 1198581CVE-2021-3695 at SUSECVE-2021-3695 at NVDCVE-2021-3696 at SUSECVE-2021-3696 at NVDCVE-2021-3697 at SUSECVE-2021-3697 at NVDCVE-2022-28733 at SUSECVE-2022-28733 at NVDCVE-2022-28734 at SUSECVE-2022-28734 at NVDCVE-2022-28736 at SUSECVE-2022-28736 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for grub2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for grub2 fixes the following issues:
Security Fixes:
- CVE-2022-2601: Fixed buffer overflow in grub_font_construct_glyph (bsc#1205178).
- CVE-2022-3775: Fixed integer underflow in blit_comb() (bsc#1205182).
Other:
- Bump upstream SBAT generation to 3
ImportantSUSE bug 1205178SUSE bug 1205182CVE-2022-2601 at SUSECVE-2022-2601 at NVDCVE-2022-3775 at SUSECVE-2022-3775 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for grub2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update of grub2 fixes the following issues:
- rebuild the package with the new secure boot key (bsc#1209188).
ModerateSUSE bug 1209188cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gstreamer-0_10-plugins-base (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gstreamer-0_10-plugins-base fixes the following issue:
- CVE-2016-9811: Out of bounds memory read in windows_icon_typefind (bsc#1013669).
ModerateSUSE bug 1013669CVE-2016-9811 at SUSECVE-2016-9811 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gstreamer-0_10-plugins-base (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gstreamer-0_10-plugins-base fixes the following issues:
Security issues fixed:
- CVE-2017-5837: Fixed a floating point exception in gst_riff_create_audio_caps (bsc#1024076).
- CVE-2017-5844: Fixed a floating point exception in gst_riff_create_audio_caps (bsc#1024079).
- CVE-2019-9928: Fixed a heap-based overflow in the rtsp connection parser (bsc#1133375).
ImportantSUSE bug 1024076SUSE bug 1024079SUSE bug 1133375CVE-2017-5837 at SUSECVE-2017-5837 at NVDCVE-2017-5844 at SUSECVE-2017-5844 at NVDCVE-2019-9928 at SUSECVE-2019-9928 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gstreamer-0_10-plugins-good (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
gstreamer-0_10-plugins-good was updated to fix six security issues.
These security issues were fixed:
- CVE-2016-9634: Invalid FLIC files could have caused and an out-of-bounds write (bsc#1012102)
- CVE-2016-9635: Invalid FLIC files could have caused and an out-of-bounds write (bsc#1012103)
- CVE-2016-9636: Prevent maliciously crafted flic files from causing invalid memory writes (bsc#1012104).
- CVE-2016-9807: Prevent the reading of invalid memory in flx_decode_chunks, leading to DoS (bsc#1013655)
- CVE-2016-9808: Prevent maliciously crafted flic files from causing invalid memory accesses (bsc#1013653)
- CVE-2016-9810: Invalid files can be used to extraneous unreferences, leading to invalid memory access and DoS (bsc#1013663)
ImportantSUSE bug 1012102SUSE bug 1012103SUSE bug 1012104SUSE bug 1013653SUSE bug 1013655SUSE bug 1013663CVE-2016-9634 at SUSECVE-2016-9634 at NVDCVE-2016-9635 at SUSECVE-2016-9635 at NVDCVE-2016-9636 at SUSECVE-2016-9636 at NVDCVE-2016-9807 at SUSECVE-2016-9807 at NVDCVE-2016-9808 at SUSECVE-2016-9808 at NVDCVE-2016-9810 at SUSECVE-2016-9810 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gstreamer-0_10-plugins-good (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gstreamer-0_10-plugins-good fixes the following issues:
- CVE-2022-1920: Fixed integer overflow in WavPack header handling code (bsc#1201688).
- CVE-2022-1921: Fixed integer overflow resulting in heap corruption in avidemux element (bsc#1201693).
- CVE-2022-1922: Fixed integer overflows in mkv demuxing (bsc#1201702).
- CVE-2022-1923: Fixed integer overflows in mkv demuxing using bzip (bsc#1201704).
- CVE-2022-1924: Fixed integer overflows in mkv demuxing using lzo (bsc#1201706).
- CVE-2022-1925: Fixed integer overflows in mkv demuxing using HEADERSTRIP (bsc#1201707).
- CVE-2022-2122: Fixed integer overflows in qtdemux using zlib (bsc#1201708).
ModerateSUSE bug 1201688SUSE bug 1201693SUSE bug 1201702SUSE bug 1201704SUSE bug 1201706SUSE bug 1201707SUSE bug 1201708CVE-2022-1920 at SUSECVE-2022-1920 at NVDCVE-2022-1921 at SUSECVE-2022-1921 at NVDCVE-2022-1922 at SUSECVE-2022-1922 at NVDCVE-2022-1923 at SUSECVE-2022-1923 at NVDCVE-2022-1924 at SUSECVE-2022-1924 at NVDCVE-2022-1925 at SUSECVE-2022-1925 at NVDCVE-2022-2122 at SUSECVE-2022-2122 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gtk2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
gtk2 was updated to fix two security issues.
These security issues were fixed:
- CVE-2015-4491: Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, allowed remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that were mishandled during scaling (bsc#942801).
- CVE-2015-7674: Fix overflow when scaling GIF files (bsc#948791).
This non-security issue was fixed:
- Add the script which generates gdk-pixbuf64.loaders to the spec file (bsc#922741).
ModerateSUSE bug 922741SUSE bug 942801SUSE bug 948791CVE-2015-4491 at SUSECVE-2015-4491 at NVDCVE-2015-7674 at SUSECVE-2015-7674 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for gdk2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for gdk2 fixes the following security issues:
- CVE-2015-7552: various overflows, including heap overflow in flipping bmp files (bsc#958963)
The following non-security issues were fixed:
- bsc#960155: fix a possible divide by zero ModerateSUSE bug 958963SUSE bug 960155CVE-2015-7552 at SUSECVE-2015-7552 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for gtk2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gtk2 fixes the following security issues:
- CVE-2016-6352: Some crashes were fixed, including a out of bounds
write in the OneLine32() function that could be used by attackers to
crash GTK/GDK programs.
- CVE-2013-7447: Avoid overflow when allocating a cairo pixbuf (bsc#966682).
ModerateSUSE bug 966682SUSE bug 988745SUSE bug 991450CVE-2013-7447 at SUSECVE-2013-7447 at NVDCVE-2016-6352 at SUSECVE-2016-6352 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gtk2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gtk2 fixes the following issues:
This security issue was fixed:
- Add checks for multiplications at several locations to avoid mishandling
memory. This allowed attackers to cause DoS or potentially RCE (bsc#1053417).
ModerateSUSE bug 1053417cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gtk2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gtk2 provides the following fixes:
These security issues were fixed:
- CVE-2017-6312: Prevent integer overflow that allowed context-dependent
attackers to cause a denial of service (segmentation fault and application
crash) via a crafted image entry offset in an ICO file (bsc#1027026).
- CVE-2017-6314: The make_available_at_least function allowed context-dependent
attackers to cause a denial of service (infinite loop) via a large TIFF file
(bsc#1027025).
- CVE-2017-6313: Prevent integer underflow in the load_resources function that
allowed context-dependent attackers to cause a denial of service (out-of-bounds
read and program crash) via a crafted image entry size in an ICO file
(bsc#1027024).
- CVE-2017-2862: Prevent heap overflow in the
gdk_pixbuf__jpeg_image_load_increment function. A specially crafted jpeg file
could have caused a heap overflow resulting in remote code execution
(bsc#1048289)
- CVE-2017-2870: Prevent integer overflow in the tiff_image_parse
functionality. A specially crafted tiff file could have caused a heap-overflow
resulting in remote code execution (bsc#1048544).
This non-security issue was fixed:
- Prevent an infinite loop when a window is destroyed while traversed (bsc#1039465).
ModerateSUSE bug 1027024SUSE bug 1027025SUSE bug 1027026SUSE bug 1039465SUSE bug 1048289SUSE bug 1048544CVE-2017-2862 at SUSECVE-2017-2862 at NVDCVE-2017-2870 at SUSECVE-2017-2870 at NVDCVE-2017-6312 at SUSECVE-2017-6312 at NVDCVE-2017-6313 at SUSECVE-2017-6313 at NVDCVE-2017-6314 at SUSECVE-2017-6314 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for guestfsSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
A predictable socketname in the guestfish commandline tool could be used by
a local attacker to gain access to guestfish sessions of other users on the
same system. (CVE-2013-4419)
Security Issue reference:
* CVE-2013-4419
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4419>
SUSE bug 845720CVE-2013-4419 at SUSECVE-2013-4419 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for guile (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for guile fixes the following issues:
- CVE-2016-8605: Fixed thread-unsafe umask modification (bsc#1004221).
LowSUSE bug 1004221CVE-2016-8605 at SUSECVE-2016-8605 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for gzip (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for gzip fixes the following issues:
- CVE-2022-1271: Fix escaping of malicious filenames. (bsc#1198062)
ImportantSUSE bug 1198062CVE-2022-1271 at SUSECVE-2022-1271 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for hplipSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
hplip was updated to fix three security issues:
*
CVE-2013-0200: Some local file overwrite problems via predictable
/tmp filenames were fixed.
*
CVE-2013-4325: hplip used an insecure polkit DBUS API (polkit-process
subject race condition) which could lead to local privilege
escalation.
*
CVE-2013-6402: hplip uses arbitrary file creation/overwrite (via
hardcoded file name /tmp/hp-pkservice.log).
Security Issue references:
* CVE-2013-4325
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4325>
* CVE-2013-0200
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0200>
* CVE-2013-6402
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6402>
SUSE bug 808355SUSE bug 835827SUSE bug 836937SUSE bug 852368CVE-2013-0200 at SUSECVE-2013-0200 at NVDCVE-2013-4325 at SUSECVE-2013-4325 at NVDCVE-2013-6402 at SUSECVE-2013-6402 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for hunspell (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for hunspell fixes the following issues:
- CVE-2019-16707: Fixed an invalid read in SuggestMgr:leftcommonsubstring (bsc#1151867).
LowSUSE bug 1151867CVE-2019-16707 at SUSECVE-2019-16707 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for ibutilsSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for InfiniBand Diagnostic Tools (ibutils) fixes a syntax error
that affected the ibdiagnet, ibdiagpath and ibdiagui utilities.
SUSE bug 811660SUSE bug 822659SUSE bug 832643CVE-2013-1894 at SUSECVE-2013-1894 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for icuSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes the following security issue in icu:
* CVE-2014-9654: insufficient size limit checks in regular expression
compiler (bsc#917129)
Security Issues:
* CVE-2014-9654
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654>
SUSE bug 917129CVE-2014-9654 at SUSECVE-2014-9654 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for icu (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for icu fixes the following issue:
The previous patch for CVE-2014-9654 was incorrect and lead
to non-working regular expressions. This update fixes this
problem (bsc#952260)
ModerateSUSE bug 952260CVE-2014-9654 at SUSECVE-2014-9654 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for icu (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for icu fixes the following security issues:
- Passing a locale string longer than 255 characters to uloc_getDisplayName()
could have caused a buffer overflow resulting in denial of service or
possible code execution (bsc#1012224, CVE-2014-9911).
ModerateSUSE bug 1012224CVE-2014-9911 at SUSECVE-2014-9911 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for icu (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for icu fixes the following issues:
- CVE-2014-9911: The fix was updated to not crash (NULL ptr deref) when resPath is NULL (bsc#1023033).
ModerateSUSE bug 1023033CVE-2014-9911 at SUSECVE-2014-9911 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for icu (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for icu fixes the following issue:
- Fix international date/time format output (a regression caused by the fix for CVE-2014-9911) (bsc#1037416).
ModerateSUSE bug 1037416CVE-2014-9911 at SUSECVE-2014-9911 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for icu (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for icu fixes the following issues:
- CVE-2016-6293: The uloc_acceptLanguageFromHTTP function in common/uloc.cpp did not ensure that there is a '\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument. (bsc#990636)
- CVE-2017-7868: ICU had an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function. (bsc#1034674)
- CVE-2017-7867: ICU had an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function. (bsc#1034678)
- CVE-2017-14952: Double free in i18n/zonemeta.cpp allowed remote attackers to execute arbitrary code via a crafted string, aka a 'redundant UVector entry clean up function call' issue. (bsc#1067203)
- CVE-2017-17484:The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp mishandled ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted string, as demonstrated by ZNC. (bsc#1072193)
- CVE-2017-15422: An integer overflow in persian calendar calculation was fixed, which could show wrong years. (bsc#1077999)
ImportantSUSE bug 1034674SUSE bug 1034678SUSE bug 1067203SUSE bug 1072193SUSE bug 1077999SUSE bug 990636CVE-2016-6293 at SUSECVE-2016-6293 at NVDCVE-2017-14952 at SUSECVE-2017-14952 at NVDCVE-2017-15422 at SUSECVE-2017-15422 at NVDCVE-2017-17484 at SUSECVE-2017-17484 at NVDCVE-2017-7867 at SUSECVE-2017-7867 at NVDCVE-2017-7868 at SUSECVE-2017-7868 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for icu (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for icu fixes the following issues:
- CVE-2020-10531: Fixed an integer overflow in unicode string handling (bsc#1166844).
ImportantSUSE bug 1166844CVE-2020-10531 at SUSECVE-2020-10531 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for inn (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for inn fixes the following issues:
- CVE-2019-3692: Fixed a local privilege escalation from any user to 'news' (bsc#1154302).
ModerateSUSE bug 1154302CVE-2019-3692 at SUSECVE-2019-3692 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for inn (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for inn fixes the following issues:
- CVE-2021-31998: Fixed locale privialge escalation during the update of inn (bsc#1182321).
ImportantSUSE bug 1182321CVE-2021-31998 at SUSECVE-2021-31998 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for intel-SINIT (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for intel-SINIT fixes the following issues:
Security issue fixed:
- CVE-2011-5174: Fixed security issue in old SINIT files which allowed local users to bypass the TXT protection mechanism (bsc#1069754).
ImportantSUSE bug 1069754CVE-2011-5174 at SUSECVE-2011-5174 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ipsec-tools (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
ipsec-tools was updated to fix one security issue and a bug.
This security issue was fixed:
- CVE-2015-4047: racoon/gssapi.c in ipsec-tools allowed remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests (bsc#931989).
Due to a packaging error, the racoonf.conf config file was symlinked to /usr/share/doc/packages/ipsec-tools/examples/racoon/samples/racoon.conf
on some processor platforms, edits might have happened only in this example file.
Before upgrading, please check if /etc/racoon/racoon.conf is a symlink to this example file and backup the content. (bsc#939810)
ModerateSUSE bug 931989SUSE bug 939810CVE-2015-4047 at SUSECVE-2015-4047 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for ipsec-tools (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ipsec-tools fixes one issue.
This security issue was fixed:
- CVE-2016-10396: The racoon daemon contained a remotely exploitable
computational-complexity attack when parsing and storing ISAKMP fragments that
allowed a remote attacker to exhaust computational resources on the remote
endpoint by repeatedly sending ISAKMP fragment packets in a particular order
(bsc#1047443).
ModerateSUSE bug 1047443CVE-2016-10396 at SUSECVE-2016-10396 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for jakarta-commons-collections (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update to jakarta-commons-collections 3.2.2 fixes the following security issues:
* bsc#954102 code-execution by unserialization
ModerateSUSE bug 954102cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for jakarta-commons-fileuploadSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes a security issue with jakarta-commons-fileupload:
* bnc#862781: denial of service due to too-small buffer size used
(CVE-2014-0050)
Security Issue reference:
* CVE-2014-0050
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050>
SUSE bug 846174SUSE bug 862781CVE-2013-2186 at SUSECVE-2013-2186 at NVDCVE-2014-0050 at SUSECVE-2014-0050 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for jakarta-commons-fileupload (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for jakarta-commons-fileupload fixes the following issue:
Security issue fixed:
- CVE-2016-1000031: Fixed remote execution (bsc#1128963, bsc#1128829).
ImportantSUSE bug 1128829SUSE bug 1128963CVE-2016-1000031 at SUSECVE-2016-1000031 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for jakarta-commons-fileupload (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for jakarta-commons-fileupload fixes the following issues:
- CVE-2016-3092: Fixed a usage of vulnerable FileUpload package can result in denial of service (bsc#986359).
- CVE-2023-24998: Fixed a FileUpload deny of service with excessive parts (bsc#1208513).
ImportantSUSE bug 1208513SUSE bug 986359CVE-2016-3092 at SUSECVE-2016-3092 at NVDCVE-2023-24998 at SUSECVE-2023-24998 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for jakarta-taglibs-standard (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for jakarta-taglibs-standard fixes the following issues:
- CVE-2015-0254: Apache Standard Taglibs allowed remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) x:parse or (2) x:transform JSTL XML tag. (bsc#920813)
ImportantSUSE bug 920813CVE-2015-0254 at SUSECVE-2015-0254 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for jasperSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for jasper fixes the following security issues:
*
CVE-2014-8137: Double free in jas_iccattrval_destroy(). Double call
to free() allowed attackers to cause a denial of service or possibly
have unspecified other impact via unknown vectors. (bsc#909474)
*
CVE-2014-8138: Heap overflow in jas_decode(). This could be used to
do an arbitrary write and could result in arbitrary code execution.
(bsc#909475)
*
CVE-2014-8157: Off-by-one error in the jpc_dec_process_sot(). Could
allow remote attackers to cause a denial of service (crash) or
possibly execute arbitrary code via a crafted JPEG 2000 image, which
triggers a heap-based buffer overflow. (bsc#911837)
*
CVE-2014-8158: Multiple stack-based buffer overflows in jpc_qmfb.c.
Could allow remote attackers to cause a denial of service (crash) or
possibly execute arbitrary code via a crafted JPEG 2000 image.
(bsc#911837)
Security Issues:
* CVE-2014-8138
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8138>
* CVE-2014-8137
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137>
* CVE-2014-8157
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8157>
* CVE-2014-8158
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8158>
SUSE bug 909474SUSE bug 909475SUSE bug 911837CVE-2014-8137 at SUSECVE-2014-8137 at NVDCVE-2014-8138 at SUSECVE-2014-8138 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for jasper (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for jasper fixes the following issues:
Security fixes:
- CVE-2016-8887: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (bsc#1006836)
- CVE-2016-8886: memory allocation failure in jas_malloc (jas_malloc.c) (bsc#1006599)
- CVE-2016-8884,CVE-2016-8885: two null pointer dereferences in bmp_getdata (incomplete fix for CVE-2016-8690) (bsc#1007009)
- CVE-2016-8883: assert in jpc_dec_tiledecode() (bsc#1006598)
- CVE-2016-8882: segfault / null pointer access in jpc_pi_destroy (bsc#1006597)
- CVE-2016-8881: Heap overflow in jpc_getuint16() (bsc#1006593)
- CVE-2016-8880: Heap overflow in jpc_dec_cp_setfromcox() (bsc#1006591)
- CVE-2016-8693: Double free vulnerability in mem_close (bsc#1005242)
- CVE-2016-8691, CVE-2016-8692: Divide by zero in jpc_dec_process_siz (bsc#1005090)
- CVE-2016-8690: Null pointer dereference in bmp_getdata triggered by crafted BMP image (bsc#1005084)
- CVE-2016-2089: invalid read in the JasPer's jas_matrix_clip() function (bsc#963983)
- CVE-2016-1867: Out-of-bounds Read in the JasPer's jpc_pi_nextcprl() function (bsc#961886)
- CVE-2016-1577, CVE-2016-2116: double free vulnerability in the jas_iccattrval_destroy function (bsc#968373)
- CVE-2015-5221: Use-after-free (and double-free) in Jasper JPEG-200 (bsc#942553)
- CVE-2015-5203: Double free corruption in JasPer JPEG-2000 implementation (bsc#941919)
- CVE-2008-3522: multiple integer overflows (bsc#392410)
- bsc#1006839: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (incomplete fix for CVE-2016-8887)
ModerateSUSE bug 1005084SUSE bug 1005090SUSE bug 1005242SUSE bug 1006591SUSE bug 1006593SUSE bug 1006597SUSE bug 1006598SUSE bug 1006599SUSE bug 1006836SUSE bug 1006839SUSE bug 1007009SUSE bug 392410SUSE bug 941919SUSE bug 942553SUSE bug 961886SUSE bug 963983SUSE bug 968373CVE-2008-3522 at SUSECVE-2008-3522 at NVDCVE-2015-5203 at SUSECVE-2015-5203 at NVDCVE-2015-5221 at SUSECVE-2015-5221 at NVDCVE-2016-1577 at SUSECVE-2016-1577 at NVDCVE-2016-1867 at SUSECVE-2016-1867 at NVDCVE-2016-2089 at SUSECVE-2016-2089 at NVDCVE-2016-2116 at SUSECVE-2016-2116 at NVDCVE-2016-8690 at SUSECVE-2016-8690 at NVDCVE-2016-8691 at SUSECVE-2016-8691 at NVDCVE-2016-8692 at SUSECVE-2016-8692 at NVDCVE-2016-8693 at SUSECVE-2016-8693 at NVDCVE-2016-8880 at SUSECVE-2016-8880 at NVDCVE-2016-8881 at SUSECVE-2016-8881 at NVDCVE-2016-8882 at SUSECVE-2016-8882 at NVDCVE-2016-8883 at SUSECVE-2016-8883 at NVDCVE-2016-8884 at SUSECVE-2016-8884 at NVDCVE-2016-8885 at SUSECVE-2016-8885 at NVDCVE-2016-8886 at SUSECVE-2016-8886 at NVDCVE-2016-8887 at SUSECVE-2016-8887 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for jasper (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for jasper fixes the following issues:
Security issues fixed:
- CVE-2016-8654: Heap-based buffer overflow in QMFB code in JPC codec (bsc#1012530)
- CVE-2016-9395: Missing sanity checks on the data in a SIZ marker segment (bsc#1010977).
- CVE-2016-9398: jpc_math.c:94: int jpc_floorlog2(int): Assertion 'x > 0' failed. (bsc#1010979)
- CVE-2016-9560: stack-based buffer overflow in jpc_tsfb_getbands2 (jpc_tsfb.c) (bsc#1011830)
- CVE-2016-9583: Out of bounds heap read in jpc_pi_nextpcrl() (bsc#1015400)
- CVE-2016-9591: Use-after-free on heap in jas_matrix_destroy (bsc#1015993)
- CVE-2016-9600: Null Pointer Dereference due to missing check for UNKNOWN color space in JP2 encoder (bsc#1018088)
- CVE-2016-10251: Use of uninitialized value in jpc_pi_nextcprl (jpc_t2cod.c) (bsc#1029497)
- CVE-2017-5498: left-shift undefined behaviour (bsc#1020353)
- CVE-2017-6850: NULL pointer dereference in jp2_cdef_destroy (jp2_cod.c) (bsc#1021868)
ImportantSUSE bug 1010977SUSE bug 1010979SUSE bug 1011830SUSE bug 1012530SUSE bug 1015400SUSE bug 1015993SUSE bug 1018088SUSE bug 1020353SUSE bug 1021868SUSE bug 1029497CVE-2016-10251 at SUSECVE-2016-10251 at NVDCVE-2016-8654 at SUSECVE-2016-8654 at NVDCVE-2016-9395 at SUSECVE-2016-9395 at NVDCVE-2016-9398 at SUSECVE-2016-9398 at NVDCVE-2016-9560 at SUSECVE-2016-9560 at NVDCVE-2016-9583 at SUSECVE-2016-9583 at NVDCVE-2016-9591 at SUSECVE-2016-9591 at NVDCVE-2016-9600 at SUSECVE-2016-9600 at NVDCVE-2017-5498 at SUSECVE-2017-5498 at NVDCVE-2017-6850 at SUSECVE-2017-6850 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for jasper (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for jasper fixes the following issues:
Security issues fixed:
- CVE-2016-9262: Multiple integer overflows in the jas_realloc function in base/jas_malloc.c and
mem_resize function in base/jas_stream.c allow remote attackers to cause a denial of service via
a crafted image, which triggers use after free vulnerabilities. (bsc#1009994)
- CVE-2016-9388: The ras_getcmap function in ras_dec.c allows remote attackers to cause a denial
of service (assertion failure) via a crafted image file. (bsc#1010975)
- CVE-2016-9389: The jpc_irct and jpc_iict functions in jpc_mct.c allow remote attackers to cause a
denial of service (assertion failure). (bsc#1010968)
- CVE-2016-9390: The jas_seq2d_create function in jas_seq.c allows remote attackers to cause a
denial of service (assertion failure) via a crafted image file. (bsc#1010774)
- CVE-2016-9391: The jpc_bitstream_getbits function in jpc_bs.c allows remote attackers to cause a
denial of service (assertion failure) via a very large integer. (bsc#1010782)
- CVE-2017-1000050: The jp2_encode function in jp2_enc.c allows remote attackers to cause a denial
of service. (bsc#1047958)
CVEs already fixed with previous update:
- CVE-2016-9392: The calcstepsizes function in jpc_dec.c allows remote attackers to cause a denial
of service (assertion failure) via a crafted file. (bsc#1010757)
- CVE-2016-9393: The jpc_pi_nextrpcl function in jpc_t2cod.c allows remote attackers to cause a
denial of service (assertion failure) via a crafted file. (bsc#1010766)
- CVE-2016-9394: The jas_seq2d_create function in jas_seq.c allows remote attackers to cause a
denial of service (assertion failure) via a crafted file. (bsc#1010756)
ModerateSUSE bug 1009994SUSE bug 1010756SUSE bug 1010757SUSE bug 1010766SUSE bug 1010774SUSE bug 1010782SUSE bug 1010968SUSE bug 1010975SUSE bug 1047958CVE-2016-9262 at SUSECVE-2016-9262 at NVDCVE-2016-9388 at SUSECVE-2016-9388 at NVDCVE-2016-9389 at SUSECVE-2016-9389 at NVDCVE-2016-9390 at SUSECVE-2016-9390 at NVDCVE-2016-9391 at SUSECVE-2016-9391 at NVDCVE-2016-9392 at SUSECVE-2016-9392 at NVDCVE-2016-9393 at SUSECVE-2016-9393 at NVDCVE-2016-9394 at SUSECVE-2016-9394 at NVDCVE-2017-1000050 at SUSECVE-2017-1000050 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for jasper (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for jasper fixes the following issues:
Security issues fixed:
- CVE-2018-19540: Fixed a heap based overflow in jas_icctxtdesc_input (bsc#1117508).
- CVE-2018-19541: Fix heap based overread in jas_image_depalettize (bsc#1117507).
- CVE-2018-19542: Fixed a denial of service in jp2_decode (bsc#1117505).
- CVE-2018-19539: Fixed a denial of service in jas_image_readcmpt (bsc#1117511).
- CVE-2018-9055: Fixed a denial of service in jpc_firstone (bsc#1087020).
- CVE-2016-9396: Fixed a denial of service in jpc_cox_getcompparms (bsc#1010783).
ModerateSUSE bug 1010783SUSE bug 1087020SUSE bug 1117505SUSE bug 1117507SUSE bug 1117508SUSE bug 1117511CVE-2016-9396 at SUSECVE-2016-9396 at NVDCVE-2018-19539 at SUSECVE-2018-19539 at NVDCVE-2018-19540 at SUSECVE-2018-19540 at NVDCVE-2018-19541 at SUSECVE-2018-19541 at NVDCVE-2018-19542 at SUSECVE-2018-19542 at NVDCVE-2018-9055 at SUSECVE-2018-9055 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for jasper (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for jasper fixes the following issues:
- CVE-2016-9398: Improved patch for already fixed issue (bsc#1010979).
- CVE-2016-9399: Fix assert in calcstepsizes (bsc#1010980).
- CVE-2016-9397: Fix assert in jpc_dequantize (bsc#1010786).
- CVE-2016-9557: Fix signed integer overflow (bsc#1011829).
- CVE-2017-5499: Validate component depth bit (bsc#1020451).
- CVE-2017-5503: Check bounds in jas_seq2d_bindsub() (bsc#1020456).
- CVE-2017-5504: Check bounds in jas_seq2d_bindsub() (bsc#1020458).
- CVE-2017-5505: Check bounds in jas_seq2d_bindsub() (bsc#1020460).
- CVE-2017-14132: Fix heap base overflow in by checking components (bsc#1057152).
- CVE-2018-9154: Fixed a potential denial of service in jpc_dec_process_sot() (bsc#1092115).
- CVE-2018-9252: Fix reachable assertion in jpc_abstorelstepsize (bsc#1088278).
- CVE-2018-18873: Fix null pointer deref in ras_putdatastd (bsc#1114498).
- CVE-2018-19139: Fix mem leaks by registering jpc_unk_destroyparms (bsc#1115637).
- CVE-2018-19543, bsc#1045450 CVE-2017-9782: Fix numchans mixup (bsc#1117328).
- CVE-2018-20570: Fix heap based buffer over-read in jp2_encode (bsc#1120807).
- CVE-2018-20622: Fix memory leak in jas_malloc.c (bsc#1120805).
LowSUSE bug 1010786SUSE bug 1010979SUSE bug 1010980SUSE bug 1011829SUSE bug 1020451SUSE bug 1020456SUSE bug 1020458SUSE bug 1020460SUSE bug 1045450SUSE bug 1057152SUSE bug 1088278SUSE bug 1092115SUSE bug 1114498SUSE bug 1115637SUSE bug 1117328SUSE bug 1120805SUSE bug 1120807CVE-2016-9397 at SUSECVE-2016-9397 at NVDCVE-2016-9398 at SUSECVE-2016-9398 at NVDCVE-2016-9399 at SUSECVE-2016-9399 at NVDCVE-2016-9557 at SUSECVE-2016-9557 at NVDCVE-2017-14132 at SUSECVE-2017-14132 at NVDCVE-2017-5499 at SUSECVE-2017-5499 at NVDCVE-2017-5503 at SUSECVE-2017-5503 at NVDCVE-2017-5504 at SUSECVE-2017-5504 at NVDCVE-2017-5505 at SUSECVE-2017-5505 at NVDCVE-2017-9782 at SUSECVE-2017-9782 at NVDCVE-2018-18873 at SUSECVE-2018-18873 at NVDCVE-2018-19139 at SUSECVE-2018-19139 at NVDCVE-2018-19543 at SUSECVE-2018-19543 at NVDCVE-2018-20570 at SUSECVE-2018-20570 at NVDCVE-2018-20622 at SUSECVE-2018-20622 at NVDCVE-2018-9154 at SUSECVE-2018-9154 at NVDCVE-2018-9252 at SUSECVE-2018-9252 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for jasper (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for jasper fixes the following issues:
- bsc#1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls
- bsc#1181483 CVE-2021-3272: Fix buffer over-read in jp2_decode
ImportantSUSE bug 1179748SUSE bug 1181483CVE-2020-27828 at SUSECVE-2020-27828 at NVDCVE-2021-3272 at SUSECVE-2021-3272 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for jasper (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for jasper fixes the following issues:
- CVE-2021-27845: Fixed divide-by-zery issue in cp_create() (bsc#1188437).
ModerateSUSE bug 1188437CVE-2021-27845 at SUSECVE-2021-27845 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for jasper (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for jasper fixes the following issues:
- CVE-2021-3467: Fixed NULL pointer deref in jp2_decode() (bsc#1184757).
- CVE-2021-3443: Fixed NULL pointer deref in jp2_decode() (bsc#1184798).
- CVE-2021-26927: Fixed NULL pointer deref in jp2_decode() (bsc#1182104).
- CVE-2021-26926: Fixed an out of bounds read in jp2_decode() (bsc#1182105).
ModerateSUSE bug 1182104SUSE bug 1182105SUSE bug 1184757SUSE bug 1184798CVE-2021-26926 at SUSECVE-2021-26926 at NVDCVE-2021-26927 at SUSECVE-2021-26927 at NVDCVE-2021-3443 at SUSECVE-2021-3443 at NVDCVE-2021-3467 at SUSECVE-2021-3467 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for jasper (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for jasper fixes the following issues:
- CVE-2022-2963: Fixed memory leaks in function cmdopts_parse (bsc#1202642).
ModerateSUSE bug 1202642CVE-2022-2963 at SUSECVE-2022-2963 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for IBM JavaSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
java-1_6_0-ibm has been updated to version 1.6.0_sr16.2 to fix 18 security
issues.
These security issues has been fixed:
* Unspecified vulnerability in Oracle Java SE 6u81 (CVE-2014-3065).
* The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other
products, uses nondeterministic CBC padding, which makes it easier
for man-in-the-middle attackers to obtain cleartext data via a
padding-oracle attack, aka the 'POODLE' issue (CVE-2014-3566).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and
Java SE Embedded 7u60, allows remote attackers to affect
confidentiality, integrity, and availability via vectors related to
AWT (CVE-2014-6513).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20
allows remote attackers to affect confidentiality, integrity, and
availability via unknown vectors related to Deployment, a different
vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6532
(CVE-2014-6503).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20
allows remote attackers to affect confidentiality, integrity, and
availability via unknown vectors related to Deployment, a different
vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6503
(CVE-2014-6532).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20
allows remote attackers to affect confidentiality, integrity, and
availability via unknown vectors related to Deployment, a different
vulnerability than CVE-2014-6493, CVE-2014-6503, and CVE-2014-6532
(CVE-2014-4288).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20
allows remote attackers to affect confidentiality, integrity, and
availability via unknown vectors related to Deployment, a different
vulnerability than CVE-2014-4288, CVE-2014-6503, and CVE-2014-6532
(CVE-2014-6493).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20,
when running on Firefox, allows remote attackers to affect
confidentiality, integrity, and availability via unknown vectors
related to Deployment (CVE-2014-6492).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20
allows local users to affect confidentiality, integrity, and
availability via unknown vectors related to Deployment
(CVE-2014-6458).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20,
when running on Internet Explorer, allows local users to affect
confidentiality, integrity, and availability via unknown vectors
related to Deployment (CVE-2014-6466).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20, and Java SE Embedded 7u60, allows remote attackers to affect
confidentiality, integrity, and availability via unknown vectors
related to Libraries (CVE-2014-6506).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20
allows remote attackers to affect integrity via unknown vectors
related to Deployment (CVE-2014-6515).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20 allows remote attackers to affect confidentiality via unknown
vectors related to 2D (CVE-2014-6511).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20, and Java SE Embedded 7u60, allows remote attackers to affect
confidentiality via unknown vectors related to Libraries
(CVE-2014-6531).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows
remote attackers to affect integrity via unknown vectors related to
Libraries (CVE-2014-6512).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows
remote attackers to affect confidentiality and integrity via vectors
related to JSSE (CVE-2014-6457).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20, and Java SE Embedded 7u60, allows remote attackers to affect
integrity via unknown vectors related to Libraries (CVE-2014-6502).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3
allows remote attackers to affect integrity via unknown vectors
related to Security (CVE-2014-6558).
More information can be found at
http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2014
<http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2014>
Security Issues:
* CVE-2014-3065
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3065>
* CVE-2014-3566
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566>
* CVE-2014-6506
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6506>
* CVE-2014-6511
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6511>
* CVE-2014-6531
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6531>
* CVE-2014-6512
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6512>
* CVE-2014-6457
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6457>
* CVE-2014-6502
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6502>
* CVE-2014-6558
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6558>
* CVE-2014-6513
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6513>
* CVE-2014-6503
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6503>
* CVE-2014-4288
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4288>
* CVE-2014-6493
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6493>
* CVE-2014-6532
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6532>
* CVE-2014-6492
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6492>
* CVE-2014-6458
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6458>
* CVE-2014-6466
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6466>
* CVE-2014-6515
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6515>
* CVE-2014-6456
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6456>
* CVE-2014-6476
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6476>
* CVE-2014-6527
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6527>
SUSE bug 592934SUSE bug 817062SUSE bug 819288SUSE bug 823034SUSE bug 829212SUSE bug 849212SUSE bug 862064SUSE bug 877430SUSE bug 891700SUSE bug 904889SUSE bug 912434SUSE bug 912447SUSE bug 916265SUSE bug 916266SUSE bug 930365SUSE bug 931702CVE-2013-0401 at SUSECVE-2013-0401 at NVDCVE-2013-1491 at SUSECVE-2013-1491 at NVDCVE-2013-1500 at SUSECVE-2013-1500 at NVDCVE-2013-1537 at SUSECVE-2013-1537 at NVDCVE-2013-1540 at SUSECVE-2013-1540 at NVDCVE-2013-1557 at SUSECVE-2013-1557 at NVDCVE-2013-1563 at SUSECVE-2013-1563 at NVDCVE-2013-1569 at SUSECVE-2013-1569 at NVDCVE-2013-1571 at SUSECVE-2013-1571 at NVDCVE-2013-2383 at SUSECVE-2013-2383 at NVDCVE-2013-2384 at SUSECVE-2013-2384 at NVDCVE-2013-2394 at SUSECVE-2013-2394 at NVDCVE-2013-2407 at SUSECVE-2013-2407 at NVDCVE-2013-2412 at SUSECVE-2013-2412 at NVDCVE-2013-2417 at SUSECVE-2013-2417 at NVDCVE-2013-2418 at SUSECVE-2013-2418 at NVDCVE-2013-2419 at SUSECVE-2013-2419 at NVDCVE-2013-2420 at SUSECVE-2013-2420 at NVDCVE-2013-2422 at SUSECVE-2013-2422 at NVDCVE-2013-2424 at SUSECVE-2013-2424 at NVDCVE-2013-2429 at SUSECVE-2013-2429 at NVDCVE-2013-2430 at SUSECVE-2013-2430 at NVDCVE-2013-2432 at SUSECVE-2013-2432 at NVDCVE-2013-2433 at SUSECVE-2013-2433 at NVDCVE-2013-2435 at SUSECVE-2013-2435 at NVDCVE-2013-2437 at SUSECVE-2013-2437 at NVDCVE-2013-2440 at SUSECVE-2013-2440 at NVDCVE-2013-2442 at SUSECVE-2013-2442 at NVDCVE-2013-2443 at SUSECVE-2013-2443 at NVDCVE-2013-2444 at SUSECVE-2013-2444 at NVDCVE-2013-2446 at SUSECVE-2013-2446 at NVDCVE-2013-2447 at SUSECVE-2013-2447 at NVDCVE-2013-2448 at SUSECVE-2013-2448 at NVDCVE-2013-2450 at SUSECVE-2013-2450 at NVDCVE-2013-2451 at SUSECVE-2013-2451 at NVDCVE-2013-2452 at SUSECVE-2013-2452 at NVDCVE-2013-2453 at SUSECVE-2013-2453 at NVDCVE-2013-2454 at SUSECVE-2013-2454 at NVDCVE-2013-2455 at SUSECVE-2013-2455 at NVDCVE-2013-2456 at SUSECVE-2013-2456 at NVDCVE-2013-2457 at SUSECVE-2013-2457 at NVDCVE-2013-2459 at SUSECVE-2013-2459 at NVDCVE-2013-2463 at SUSECVE-2013-2463 at NVDCVE-2013-2464 at SUSECVE-2013-2464 at NVDCVE-2013-2465 at SUSECVE-2013-2465 at NVDCVE-2013-2466 at SUSECVE-2013-2466 at NVDCVE-2013-2468 at SUSECVE-2013-2468 at NVDCVE-2013-2469 at SUSECVE-2013-2469 at NVDCVE-2013-2470 at SUSECVE-2013-2470 at NVDCVE-2013-2471 at SUSECVE-2013-2471 at NVDCVE-2013-2472 at SUSECVE-2013-2472 at NVDCVE-2013-2473 at SUSECVE-2013-2473 at NVDCVE-2013-3009 at SUSECVE-2013-3009 at NVDCVE-2013-3011 at SUSECVE-2013-3011 at NVDCVE-2013-3012 at SUSECVE-2013-3012 at NVDCVE-2013-3743 at SUSECVE-2013-3743 at NVDCVE-2013-3829 at SUSECVE-2013-3829 at NVDCVE-2013-4002 at SUSECVE-2013-4002 at NVDCVE-2013-4041 at SUSECVE-2013-4041 at NVDCVE-2013-5372 at SUSECVE-2013-5372 at NVDCVE-2013-5375 at SUSECVE-2013-5375 at NVDCVE-2013-5456 at SUSECVE-2013-5456 at NVDCVE-2013-5457 at SUSECVE-2013-5457 at NVDCVE-2013-5458 at SUSECVE-2013-5458 at NVDCVE-2013-5772 at SUSECVE-2013-5772 at NVDCVE-2013-5774 at SUSECVE-2013-5774 at NVDCVE-2013-5776 at SUSECVE-2013-5776 at NVDCVE-2013-5778 at SUSECVE-2013-5778 at NVDCVE-2013-5780 at SUSECVE-2013-5780 at NVDCVE-2013-5782 at SUSECVE-2013-5782 at NVDCVE-2013-5783 at SUSECVE-2013-5783 at NVDCVE-2013-5784 at SUSECVE-2013-5784 at NVDCVE-2013-5787 at SUSECVE-2013-5787 at NVDCVE-2013-5788 at SUSECVE-2013-5788 at NVDCVE-2013-5789 at SUSECVE-2013-5789 at NVDCVE-2013-5790 at SUSECVE-2013-5790 at NVDCVE-2013-5797 at SUSECVE-2013-5797 at NVDCVE-2013-5800 at SUSECVE-2013-5800 at NVDCVE-2013-5801 at SUSECVE-2013-5801 at NVDCVE-2013-5802 at SUSECVE-2013-5802 at NVDCVE-2013-5803 at SUSECVE-2013-5803 at NVDCVE-2013-5804 at SUSECVE-2013-5804 at NVDCVE-2013-5809 at SUSECVE-2013-5809 at NVDCVE-2013-5812 at SUSECVE-2013-5812 at NVDCVE-2013-5814 at SUSECVE-2013-5814 at NVDCVE-2013-5817 at SUSECVE-2013-5817 at NVDCVE-2013-5818 at SUSECVE-2013-5818 at NVDCVE-2013-5819 at SUSECVE-2013-5819 at NVDCVE-2013-5820 at SUSECVE-2013-5820 at NVDCVE-2013-5823 at SUSECVE-2013-5823 at NVDCVE-2013-5824 at SUSECVE-2013-5824 at NVDCVE-2013-5825 at SUSECVE-2013-5825 at NVDCVE-2013-5829 at SUSECVE-2013-5829 at NVDCVE-2013-5830 at SUSECVE-2013-5830 at NVDCVE-2013-5831 at SUSECVE-2013-5831 at NVDCVE-2013-5832 at SUSECVE-2013-5832 at NVDCVE-2013-5838 at SUSECVE-2013-5838 at NVDCVE-2013-5840 at SUSECVE-2013-5840 at NVDCVE-2013-5842 at SUSECVE-2013-5842 at NVDCVE-2013-5843 at SUSECVE-2013-5843 at NVDCVE-2013-5848 at SUSECVE-2013-5848 at NVDCVE-2013-5849 at SUSECVE-2013-5849 at NVDCVE-2013-5850 at SUSECVE-2013-5850 at NVDCVE-2013-5851 at SUSECVE-2013-5851 at NVDCVE-2013-5878 at SUSECVE-2013-5878 at NVDCVE-2013-5884 at SUSECVE-2013-5884 at NVDCVE-2013-5887 at SUSECVE-2013-5887 at NVDCVE-2013-5888 at SUSECVE-2013-5888 at NVDCVE-2013-5889 at SUSECVE-2013-5889 at NVDCVE-2013-5896 at SUSECVE-2013-5896 at NVDCVE-2013-5898 at SUSECVE-2013-5898 at NVDCVE-2013-5899 at SUSECVE-2013-5899 at NVDCVE-2013-5907 at SUSECVE-2013-5907 at NVDCVE-2013-5910 at SUSECVE-2013-5910 at NVDCVE-2013-6629 at SUSECVE-2013-6629 at NVDCVE-2013-6954 at SUSECVE-2013-6954 at NVDCVE-2014-0368 at SUSECVE-2014-0368 at NVDCVE-2014-0373 at SUSECVE-2014-0373 at NVDCVE-2014-0375 at SUSECVE-2014-0375 at NVDCVE-2014-0376 at SUSECVE-2014-0376 at NVDCVE-2014-0387 at SUSECVE-2014-0387 at NVDCVE-2014-0403 at SUSECVE-2014-0403 at NVDCVE-2014-0410 at SUSECVE-2014-0410 at NVDCVE-2014-0411 at SUSECVE-2014-0411 at NVDCVE-2014-0415 at SUSECVE-2014-0415 at NVDCVE-2014-0416 at SUSECVE-2014-0416 at NVDCVE-2014-0417 at SUSECVE-2014-0417 at NVDCVE-2014-0422 at SUSECVE-2014-0422 at NVDCVE-2014-0423 at SUSECVE-2014-0423 at NVDCVE-2014-0424 at SUSECVE-2014-0424 at NVDCVE-2014-0428 at SUSECVE-2014-0428 at NVDCVE-2014-0429 at SUSECVE-2014-0429 at NVDCVE-2014-0446 at SUSECVE-2014-0446 at NVDCVE-2014-0449 at SUSECVE-2014-0449 at NVDCVE-2014-0451 at SUSECVE-2014-0451 at NVDCVE-2014-0452 at SUSECVE-2014-0452 at NVDCVE-2014-0453 at SUSECVE-2014-0453 at NVDCVE-2014-0457 at SUSECVE-2014-0457 at NVDCVE-2014-0458 at SUSECVE-2014-0458 at NVDCVE-2014-0459 at SUSECVE-2014-0459 at NVDCVE-2014-0460 at SUSECVE-2014-0460 at NVDCVE-2014-0461 at SUSECVE-2014-0461 at NVDCVE-2014-0878 at SUSECVE-2014-0878 at NVDCVE-2014-1876 at SUSECVE-2014-1876 at NVDCVE-2014-2398 at SUSECVE-2014-2398 at NVDCVE-2014-2401 at SUSECVE-2014-2401 at NVDCVE-2014-2409 at SUSECVE-2014-2409 at NVDCVE-2014-2412 at SUSECVE-2014-2412 at NVDCVE-2014-2414 at SUSECVE-2014-2414 at NVDCVE-2014-2420 at SUSECVE-2014-2420 at NVDCVE-2014-2421 at SUSECVE-2014-2421 at NVDCVE-2014-2423 at SUSECVE-2014-2423 at NVDCVE-2014-2427 at SUSECVE-2014-2427 at NVDCVE-2014-2428 at SUSECVE-2014-2428 at NVDCVE-2014-3065 at SUSECVE-2014-3065 at NVDCVE-2014-3566 at SUSECVE-2014-3566 at NVDCVE-2014-4209 at SUSECVE-2014-4209 at NVDCVE-2014-4218 at SUSECVE-2014-4218 at NVDCVE-2014-4219 at SUSECVE-2014-4219 at NVDCVE-2014-4227 at SUSECVE-2014-4227 at NVDCVE-2014-4244 at SUSECVE-2014-4244 at NVDCVE-2014-4252 at SUSECVE-2014-4252 at NVDCVE-2014-4262 at SUSECVE-2014-4262 at NVDCVE-2014-4263 at SUSECVE-2014-4263 at NVDCVE-2014-4265 at SUSECVE-2014-4265 at NVDCVE-2014-4268 at SUSECVE-2014-4268 at NVDCVE-2014-4288 at SUSECVE-2014-4288 at NVDCVE-2014-6456 at SUSECVE-2014-6456 at NVDCVE-2014-6457 at SUSECVE-2014-6457 at NVDCVE-2014-6458 at SUSECVE-2014-6458 at NVDCVE-2014-6466 at SUSECVE-2014-6466 at NVDCVE-2014-6476 at SUSECVE-2014-6476 at NVDCVE-2014-6492 at SUSECVE-2014-6492 at NVDCVE-2014-6493 at SUSECVE-2014-6493 at NVDCVE-2014-6502 at SUSECVE-2014-6502 at NVDCVE-2014-6503 at SUSECVE-2014-6503 at NVDCVE-2014-6506 at SUSECVE-2014-6506 at NVDCVE-2014-6511 at SUSECVE-2014-6511 at NVDCVE-2014-6512 at SUSECVE-2014-6512 at NVDCVE-2014-6513 at SUSECVE-2014-6513 at NVDCVE-2014-6515 at SUSECVE-2014-6515 at NVDCVE-2014-6527 at SUSECVE-2014-6527 at NVDCVE-2014-6531 at SUSECVE-2014-6531 at NVDCVE-2014-6532 at SUSECVE-2014-6532 at NVDCVE-2014-6558 at SUSECVE-2014-6558 at NVDCVE-2014-8891 at SUSECVE-2014-8891 at NVDCVE-2014-8892 at SUSECVE-2014-8892 at NVDCVE-2015-0138 at SUSECVE-2015-0138 at NVDCVE-2015-0192 at SUSECVE-2015-0192 at NVDCVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0458 at SUSECVE-2015-0458 at NVDCVE-2015-0459 at SUSECVE-2015-0459 at NVDCVE-2015-0469 at SUSECVE-2015-0469 at NVDCVE-2015-0477 at SUSECVE-2015-0477 at NVDCVE-2015-0478 at SUSECVE-2015-0478 at NVDCVE-2015-0480 at SUSECVE-2015-0480 at NVDCVE-2015-0488 at SUSECVE-2015-0488 at NVDCVE-2015-0491 at SUSECVE-2015-0491 at NVDCVE-2015-1914 at SUSECVE-2015-1914 at NVDCVE-2015-2808 at SUSECVE-2015-2808 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
IBM Java was updated to version 6 SR16 FP7 (6.0-16.7) to fix several security issues and bugs.
The following vulnerabilities were fixed:
* CVE-2015-1931: IBM Java Security Components store plain text data in memory dumps, which could allow a local attacker to obtain information to aid in further attacks against the system.
* CVE-2015-2590: Easily exploitable vulnerability in the Libraries component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-2601: Easily exploitable vulnerability in the JCE component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2621: Easily exploitable vulnerability in the JMX component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2625: Very difficult to exploit vulnerability in the JSSE component allowed successful unauthenticated network attacks via SSL/TLS. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2632: Easily exploitable vulnerability in the 2D component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2637: Easily exploitable vulnerability in the 2D component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2638: Easily exploitable vulnerability in the 2D component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-2664: Difficult to exploit vulnerability in the Deployment component requiring logon to Operating System. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-2808: Very difficult to exploit vulnerability in the JSSE component allowed successful unauthenticated network attacks via SSL/TLS. Successful attack of this vulnerability could have resulted in unauthorized update, insert or delete access to some Java accessible data as well as read access to a subset of Java accessible data.
* CVE-2015-4000: Very difficult to exploit vulnerability in the JSSE component allowed successful unauthenticated network attacks via SSL/TLS. Successful attack of this vulnerability could have resulted in unauthorized update, insert or delete access to some Java accessible data as well as read access to a subset of Java Embedded accessible data. (bnc#935540)
* CVE-2015-4731: Easily exploitable vulnerability in the JMX component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-4732: Easily exploitable vulnerability in the Libraries component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-4733: Easily exploitable vulnerability in the RMI component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-4748: Very difficult to exploit vulnerability in the Security component allowed successful unauthenticated network attacks via OCSP. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-4749: Difficult to exploit vulnerability in the JNDI component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized ability to cause a partial denial of service (partial DOS).
* CVE-2015-4760: Easily exploitable vulnerability in the 2D component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
The following non-security bugs were fixed:
* bsc#936844: misconfigured update-alternative entries
* bsc#941939: provide %{name} instead of %{sdklnk} only in _jvmprivdir
ImportantSUSE bug 935540SUSE bug 936844SUSE bug 938895SUSE bug 941939CVE-2015-1931 at SUSECVE-2015-1931 at NVDCVE-2015-2590 at SUSECVE-2015-2590 at NVDCVE-2015-2601 at SUSECVE-2015-2601 at NVDCVE-2015-2621 at SUSECVE-2015-2621 at NVDCVE-2015-2625 at SUSECVE-2015-2625 at NVDCVE-2015-2632 at SUSECVE-2015-2632 at NVDCVE-2015-2637 at SUSECVE-2015-2637 at NVDCVE-2015-2638 at SUSECVE-2015-2638 at NVDCVE-2015-2664 at SUSECVE-2015-2664 at NVDCVE-2015-2808 at SUSECVE-2015-2808 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDCVE-2015-4731 at SUSECVE-2015-4731 at NVDCVE-2015-4732 at SUSECVE-2015-4732 at NVDCVE-2015-4733 at SUSECVE-2015-4733 at NVDCVE-2015-4748 at SUSECVE-2015-4748 at NVDCVE-2015-4749 at SUSECVE-2015-4749 at NVDCVE-2015-4760 at SUSECVE-2015-4760 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_6_0-ibm fixes the following issues by updating to 6.0-16.20 (bsc#963937)
- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances
- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials
- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information
- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact
- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information
- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service
- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact
- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact
The following bugs were fixed:
- bsc#960402: resolve package conflicts in devel package
- bsc#960286: resolve package conflicts in the fonts subpackage
ImportantSUSE bug 960286SUSE bug 960402SUSE bug 963937CVE-2015-5041 at SUSECVE-2015-5041 at NVDCVE-2015-7575 at SUSECVE-2015-7575 at NVDCVE-2015-7981 at SUSECVE-2015-7981 at NVDCVE-2015-8126 at SUSECVE-2015-8126 at NVDCVE-2015-8472 at SUSECVE-2015-8472 at NVDCVE-2015-8540 at SUSECVE-2015-8540 at NVDCVE-2016-0402 at SUSECVE-2016-0402 at NVDCVE-2016-0448 at SUSECVE-2016-0448 at NVDCVE-2016-0466 at SUSECVE-2016-0466 at NVDCVE-2016-0483 at SUSECVE-2016-0483 at NVDCVE-2016-0494 at SUSECVE-2016-0494 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
This update for java-1_6_0-ibm fixes the following issues by updating to 6.0-16.20 (bsc#963937)
- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances
- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials
- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information
- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact
- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information
- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service
- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact
- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact
The following bugs were fixed:
- bsc#960402: resolve package conflicts in devel package
- bsc#960286: resolve package conflicts in the fonts subpackage
ImportantSUSE bug 960286SUSE bug 960402SUSE bug 963937CVE-2015-5041 at SUSECVE-2015-5041 at NVDCVE-2015-7575 at SUSECVE-2015-7575 at NVDCVE-2015-7981 at SUSECVE-2015-7981 at NVDCVE-2015-8126 at SUSECVE-2015-8126 at NVDCVE-2015-8472 at SUSECVE-2015-8472 at NVDCVE-2015-8540 at SUSECVE-2015-8540 at NVDCVE-2016-0402 at SUSECVE-2016-0402 at NVDCVE-2016-0448 at SUSECVE-2016-0448 at NVDCVE-2016-0466 at SUSECVE-2016-0466 at NVDCVE-2016-0483 at SUSECVE-2016-0483 at NVDCVE-2016-0494 at SUSECVE-2016-0494 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This IBM Java 1.6.0 SR16 FP25 release fixes the following issues:
Security issues fixed:
- CVE-2016-0264: buffer overflow vulnerability in the IBM JVM (bsc#977648)
- CVE-2016-0363: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix (bsc#977650)
- CVE-2016-0376: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix (bsc#977646)
- The following CVEs got also fixed during this update. (bsc#979252)
CVE-2016-3443, CVE-2016-0687, CVE-2016-0686, CVE-2016-3427, CVE-2016-3449, CVE-2016-3422, CVE-2016-3426
ImportantSUSE bug 977646SUSE bug 977648SUSE bug 977650SUSE bug 979252CVE-2016-0264 at SUSECVE-2016-0264 at NVDCVE-2016-0363 at SUSECVE-2016-0363 at NVDCVE-2016-0376 at SUSECVE-2016-0376 at NVDCVE-2016-0686 at SUSECVE-2016-0686 at NVDCVE-2016-0687 at SUSECVE-2016-0687 at NVDCVE-2016-3422 at SUSECVE-2016-3422 at NVDCVE-2016-3426 at SUSECVE-2016-3426 at NVDCVE-2016-3427 at SUSECVE-2016-3427 at NVDCVE-2016-3443 at SUSECVE-2016-3443 at NVDCVE-2016-3449 at SUSECVE-2016-3449 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
IBM Java 6 was updated to version 6.0-16.30.
Following security issue was fixed: CVE-2016-3485
Please see https://www.ibm.com/developerworks/java/jdk/alerts/ for more information.
ImportantSUSE bug 992537CVE-2016-3485 at SUSECVE-2016-3485 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_6_0-ibm fixes the following issues:
- Version update to 6.0-16.35 (bsc#1009280) fixing the following CVE's:
CVE-2016-5568, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597, CVE-2016-5554,
CVE-2016-5542
ImportantSUSE bug 1009280CVE-2016-5542 at SUSECVE-2016-5542 at NVDCVE-2016-5554 at SUSECVE-2016-5554 at NVDCVE-2016-5556 at SUSECVE-2016-5556 at NVDCVE-2016-5568 at SUSECVE-2016-5568 at NVDCVE-2016-5573 at SUSECVE-2016-5573 at NVDCVE-2016-5597 at SUSECVE-2016-5597 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for java-1_6_0-ibm (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_6_0-ibm to 8.0-4.1 fixes the following issues:
Security issue fixed:
- CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and
other protocols and products, have a birthday bound of approximately four billion blocks, which
makes it easier for remote attackers to obtain cleartext data via a birthday attack against a
long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode,
aka a 'Sweet32' attack. (bsc#1027038)
ModerateSUSE bug 1027038CVE-2016-2183 at SUSECVE-2016-2183 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_6_0-ibm fixes the following issues:
- CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c
- CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c
- CVE-2016-9842: zlib: Undefined left shift of negative number
- CVE-2016-9843: zlib: Big-endian out-of-bounds pointer
- CVE-2017-1289: IBM JDK: XML External Entity Injection (XXE) error when processing XML data
- CVE-2017-3509: OpenJDK: improper re-use of NTLM authenticated connections
- CVE-2017-3539: OpenJDK: MD5 allowed for jar verification
- CVE-2017-3533: OpenJDK: newline injection in the FTP client
- CVE-2017-3544: OpenJDK: newline injection in the SMTP client
- Version update to 6.0-16.40 bsc#1027038 CVE-2016-2183 ImportantSUSE bug 1027038SUSE bug 1038505CVE-2016-2183 at SUSECVE-2016-2183 at NVDCVE-2016-9840 at SUSECVE-2016-9840 at NVDCVE-2016-9841 at SUSECVE-2016-9841 at NVDCVE-2016-9842 at SUSECVE-2016-9842 at NVDCVE-2016-9843 at SUSECVE-2016-9843 at NVDCVE-2017-1289 at SUSECVE-2017-1289 at NVDCVE-2017-3509 at SUSECVE-2017-3509 at NVDCVE-2017-3514 at SUSECVE-2017-3514 at NVDCVE-2017-3533 at SUSECVE-2017-3533 at NVDCVE-2017-3539 at SUSECVE-2017-3539 at NVDCVE-2017-3544 at SUSECVE-2017-3544 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_6_0-ibm fixes the following issues:
Security issues fixed:
- Security update to version 6.0.16.50 (bsc#1070162)
* CVE-2017-10346 CVE-2017-10285 CVE-2017-10388 CVE-2017-10356
CVE-2017-10293 CVE-2016-9841 CVE-2017-10355 CVE-2017-10357
CVE-2017-10348 CVE-2017-10349 CVE-2017-10347 CVE-2017-10350
CVE-2017-10281 CVE-2017-10295 CVE-2017-10345
ImportantSUSE bug 1070162CVE-2016-9841 at SUSECVE-2016-9841 at NVDCVE-2017-10281 at SUSECVE-2017-10281 at NVDCVE-2017-10285 at SUSECVE-2017-10285 at NVDCVE-2017-10293 at SUSECVE-2017-10293 at NVDCVE-2017-10295 at SUSECVE-2017-10295 at NVDCVE-2017-10345 at SUSECVE-2017-10345 at NVDCVE-2017-10346 at SUSECVE-2017-10346 at NVDCVE-2017-10347 at SUSECVE-2017-10347 at NVDCVE-2017-10348 at SUSECVE-2017-10348 at NVDCVE-2017-10349 at SUSECVE-2017-10349 at NVDCVE-2017-10350 at SUSECVE-2017-10350 at NVDCVE-2017-10355 at SUSECVE-2017-10355 at NVDCVE-2017-10356 at SUSECVE-2017-10356 at NVDCVE-2017-10357 at SUSECVE-2017-10357 at NVDCVE-2017-10388 at SUSECVE-2017-10388 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for java-1_6_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for java-1_6_0-ibm fixes the following issues:
- Version update to 6.0-16.15 bsc#955131:
CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810
CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844
CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883
CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006
CVE-2015-2808 CVE-2015-2625 CVE-2015-0491 CVE-2015-0459 CVE-2015-0469
CVE-2015-0458 CVE-2015-0480 CVE-2015-0488 CVE-2015-0478 CVE-2015-0477
CVE-2015-0204 ImportantSUSE bug 955131CVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0458 at SUSECVE-2015-0458 at NVDCVE-2015-0459 at SUSECVE-2015-0459 at NVDCVE-2015-0469 at SUSECVE-2015-0469 at NVDCVE-2015-0477 at SUSECVE-2015-0477 at NVDCVE-2015-0478 at SUSECVE-2015-0478 at NVDCVE-2015-0480 at SUSECVE-2015-0480 at NVDCVE-2015-0488 at SUSECVE-2015-0488 at NVDCVE-2015-0491 at SUSECVE-2015-0491 at NVDCVE-2015-2625 at SUSECVE-2015-2625 at NVDCVE-2015-2808 at SUSECVE-2015-2808 at NVDCVE-2015-4734 at SUSECVE-2015-4734 at NVDCVE-2015-4803 at SUSECVE-2015-4803 at NVDCVE-2015-4805 at SUSECVE-2015-4805 at NVDCVE-2015-4806 at SUSECVE-2015-4806 at NVDCVE-2015-4810 at SUSECVE-2015-4810 at NVDCVE-2015-4835 at SUSECVE-2015-4835 at NVDCVE-2015-4840 at SUSECVE-2015-4840 at NVDCVE-2015-4842 at SUSECVE-2015-4842 at NVDCVE-2015-4843 at SUSECVE-2015-4843 at NVDCVE-2015-4844 at SUSECVE-2015-4844 at NVDCVE-2015-4860 at SUSECVE-2015-4860 at NVDCVE-2015-4871 at SUSECVE-2015-4871 at NVDCVE-2015-4872 at SUSECVE-2015-4872 at NVDCVE-2015-4882 at SUSECVE-2015-4882 at NVDCVE-2015-4883 at SUSECVE-2015-4883 at NVDCVE-2015-4893 at SUSECVE-2015-4893 at NVDCVE-2015-4902 at SUSECVE-2015-4902 at NVDCVE-2015-4903 at SUSECVE-2015-4903 at NVDCVE-2015-4911 at SUSECVE-2015-4911 at NVDCVE-2015-5006 at SUSECVE-2015-5006 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for IBM JavaSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
java-1_7_0-ibm has been updated to version 1.7.0_sr7.2 to fix 21 security
issues.
These security issues have been fixed:
* Unspecified vulnerability (CVE-2014-3065).
* The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other
products, uses nondeterministic CBC padding, which makes it easier
for man-in-the-middle attackers to obtain cleartext data via a
padding-oracle attack, aka the 'POODLE' issue (CVE-2014-3566).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and
Java SE Embedded 7u60, allows remote attackers to affect
confidentiality, integrity, and availability via vectors related to
AWT (CVE-2014-6513).
* Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows
remote attackers to affect confidentiality, integrity, and
availability via unknown vectors (CVE-2014-6456).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20
allows remote attackers to affect confidentiality, integrity, and
availability via unknown vectors related to Deployment, a different
vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6532
(CVE-2014-6503).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20
allows remote attackers to affect confidentiality, integrity, and
availability via unknown vectors related to Deployment, a different
vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6503
(CVE-2014-6532).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20
allows remote attackers to affect confidentiality, integrity, and
availability via unknown vectors related to Deployment, a different
vulnerability than CVE-2014-6493, CVE-2014-6503, and CVE-2014-6532
(CVE-2014-4288).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20
allows remote attackers to affect confidentiality, integrity, and
availability via unknown vectors related to Deployment, a different
vulnerability than CVE-2014-4288, CVE-2014-6503, and CVE-2014-6532
(CVE-2014-6493).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20,
when running on Firefox, allows remote attackers to affect
confidentiality, integrity, and availability via unknown vectors
related to Deployment (CVE-2014-6492).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20
allows local users to affect confidentiality, integrity, and
availability via unknown vectors related to Deployment
(CVE-2014-6458).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20,
when running on Internet Explorer, allows local users to affect
confidentiality, integrity, and availability via unknown vectors
related to Deployment (CVE-2014-6466).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20, and Java SE Embedded 7u60, allows remote attackers to affect
confidentiality, integrity, and availability via unknown vectors
related to Libraries (CVE-2014-6506).
* Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows
remote attackers to affect integrity via unknown vectors related to
Deployment, a different vulnerability than CVE-2014-6527
(CVE-2014-6476).
* Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20
allows remote attackers to affect integrity via unknown vectors
related to Deployment (CVE-2014-6515).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20 allows remote attackers to affect confidentiality via unknown
vectors related to 2D (CVE-2014-6511).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20, and Java SE Embedded 7u60, allows remote attackers to affect
confidentiality via unknown vectors related to Libraries
(CVE-2014-6531).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows
remote attackers to affect integrity via unknown vectors related to
Libraries (CVE-2014-6512).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows
remote attackers to affect confidentiality and integrity via vectors
related to JSSE (CVE-2014-6457).
* Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows
remote attackers to affect integrity via unknown vectors related to
Deployment, a different vulnerability than CVE-2014-6476
(CVE-2014-6527).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20, and Java SE Embedded 7u60, allows remote attackers to affect
integrity via unknown vectors related to Libraries (CVE-2014-6502).
* Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and
8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3
allows remote attackers to affect integrity via unknown vectors
related to Security (CVE-2014-6558).
More information can be found at
http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2014
<http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2014>
Security Issues:
* CVE-2014-3065
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3065>
* CVE-2014-3566
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566>
* CVE-2014-6506
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6506>
* CVE-2014-6511
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6511>
* CVE-2014-6531
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6531>
* CVE-2014-6512
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6512>
* CVE-2014-6457
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6457>
* CVE-2014-6502
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6502>
* CVE-2014-6558
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6558>
* CVE-2014-6513
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6513>
* CVE-2014-6503
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6503>
* CVE-2014-4288
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4288>
* CVE-2014-6493
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6493>
* CVE-2014-6532
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6532>
* CVE-2014-6492
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6492>
* CVE-2014-6458
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6458>
* CVE-2014-6466
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6466>
* CVE-2014-6515
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6515>
* CVE-2014-6456
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6456>
* CVE-2014-6476
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6476>
* CVE-2014-6527
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6527>
SUSE bug 592934SUSE bug 817062SUSE bug 819285SUSE bug 819288SUSE bug 823034SUSE bug 829212SUSE bug 849212SUSE bug 861782SUSE bug 862064SUSE bug 877429SUSE bug 891701SUSE bug 904889SUSE bug 912434SUSE bug 912447SUSE bug 916265SUSE bug 916266SUSE bug 930365SUSE bug 931702CVE-2013-0401 at SUSECVE-2013-0401 at NVDCVE-2013-1491 at SUSECVE-2013-1491 at NVDCVE-2013-1537 at SUSECVE-2013-1537 at NVDCVE-2013-1540 at SUSECVE-2013-1540 at NVDCVE-2013-1557 at SUSECVE-2013-1557 at NVDCVE-2013-1563 at SUSECVE-2013-1563 at NVDCVE-2013-1569 at SUSECVE-2013-1569 at NVDCVE-2013-2383 at SUSECVE-2013-2383 at NVDCVE-2013-2384 at SUSECVE-2013-2384 at NVDCVE-2013-2394 at SUSECVE-2013-2394 at NVDCVE-2013-2400 at SUSECVE-2013-2400 at NVDCVE-2013-2407 at SUSECVE-2013-2407 at NVDCVE-2013-2417 at SUSECVE-2013-2417 at NVDCVE-2013-2418 at SUSECVE-2013-2418 at NVDCVE-2013-2419 at SUSECVE-2013-2419 at NVDCVE-2013-2420 at SUSECVE-2013-2420 at NVDCVE-2013-2422 at SUSECVE-2013-2422 at NVDCVE-2013-2424 at SUSECVE-2013-2424 at NVDCVE-2013-2429 at SUSECVE-2013-2429 at NVDCVE-2013-2430 at SUSECVE-2013-2430 at NVDCVE-2013-2432 at SUSECVE-2013-2432 at NVDCVE-2013-2433 at SUSECVE-2013-2433 at NVDCVE-2013-2435 at SUSECVE-2013-2435 at NVDCVE-2013-2440 at SUSECVE-2013-2440 at NVDCVE-2013-2442 at SUSECVE-2013-2442 at NVDCVE-2013-2448 at SUSECVE-2013-2448 at NVDCVE-2013-2453 at SUSECVE-2013-2453 at NVDCVE-2013-2454 at SUSECVE-2013-2454 at NVDCVE-2013-2456 at SUSECVE-2013-2456 at NVDCVE-2013-2457 at SUSECVE-2013-2457 at NVDCVE-2013-2458 at SUSECVE-2013-2458 at NVDCVE-2013-2459 at SUSECVE-2013-2459 at NVDCVE-2013-2460 at SUSECVE-2013-2460 at NVDCVE-2013-2462 at SUSECVE-2013-2462 at NVDCVE-2013-2463 at SUSECVE-2013-2463 at NVDCVE-2013-2464 at SUSECVE-2013-2464 at NVDCVE-2013-2465 at SUSECVE-2013-2465 at NVDCVE-2013-2466 at SUSECVE-2013-2466 at NVDCVE-2013-2468 at SUSECVE-2013-2468 at NVDCVE-2013-2469 at SUSECVE-2013-2469 at NVDCVE-2013-2470 at SUSECVE-2013-2470 at NVDCVE-2013-2471 at SUSECVE-2013-2471 at NVDCVE-2013-2472 at SUSECVE-2013-2472 at NVDCVE-2013-2473 at SUSECVE-2013-2473 at NVDCVE-2013-3006 at SUSECVE-2013-3006 at NVDCVE-2013-3007 at SUSECVE-2013-3007 at NVDCVE-2013-3008 at SUSECVE-2013-3008 at NVDCVE-2013-3009 at SUSECVE-2013-3009 at NVDCVE-2013-3010 at SUSECVE-2013-3010 at NVDCVE-2013-3011 at SUSECVE-2013-3011 at NVDCVE-2013-3012 at SUSECVE-2013-3012 at NVDCVE-2013-3743 at SUSECVE-2013-3743 at NVDCVE-2013-3744 at SUSECVE-2013-3744 at NVDCVE-2013-3829 at SUSECVE-2013-3829 at NVDCVE-2013-4002 at SUSECVE-2013-4002 at NVDCVE-2013-4041 at SUSECVE-2013-4041 at NVDCVE-2013-5372 at SUSECVE-2013-5372 at NVDCVE-2013-5375 at SUSECVE-2013-5375 at NVDCVE-2013-5456 at SUSECVE-2013-5456 at NVDCVE-2013-5457 at SUSECVE-2013-5457 at NVDCVE-2013-5458 at SUSECVE-2013-5458 at NVDCVE-2013-5772 at SUSECVE-2013-5772 at NVDCVE-2013-5774 at SUSECVE-2013-5774 at NVDCVE-2013-5776 at SUSECVE-2013-5776 at NVDCVE-2013-5778 at SUSECVE-2013-5778 at NVDCVE-2013-5780 at SUSECVE-2013-5780 at NVDCVE-2013-5782 at SUSECVE-2013-5782 at NVDCVE-2013-5783 at SUSECVE-2013-5783 at NVDCVE-2013-5784 at SUSECVE-2013-5784 at NVDCVE-2013-5787 at SUSECVE-2013-5787 at NVDCVE-2013-5788 at SUSECVE-2013-5788 at NVDCVE-2013-5789 at SUSECVE-2013-5789 at NVDCVE-2013-5790 at SUSECVE-2013-5790 at NVDCVE-2013-5797 at SUSECVE-2013-5797 at NVDCVE-2013-5800 at SUSECVE-2013-5800 at NVDCVE-2013-5801 at SUSECVE-2013-5801 at NVDCVE-2013-5802 at SUSECVE-2013-5802 at NVDCVE-2013-5803 at SUSECVE-2013-5803 at NVDCVE-2013-5804 at SUSECVE-2013-5804 at NVDCVE-2013-5809 at SUSECVE-2013-5809 at NVDCVE-2013-5812 at SUSECVE-2013-5812 at NVDCVE-2013-5814 at SUSECVE-2013-5814 at NVDCVE-2013-5817 at SUSECVE-2013-5817 at NVDCVE-2013-5818 at SUSECVE-2013-5818 at NVDCVE-2013-5819 at SUSECVE-2013-5819 at NVDCVE-2013-5820 at SUSECVE-2013-5820 at NVDCVE-2013-5823 at SUSECVE-2013-5823 at NVDCVE-2013-5824 at SUSECVE-2013-5824 at NVDCVE-2013-5825 at SUSECVE-2013-5825 at NVDCVE-2013-5829 at SUSECVE-2013-5829 at NVDCVE-2013-5830 at SUSECVE-2013-5830 at NVDCVE-2013-5831 at SUSECVE-2013-5831 at NVDCVE-2013-5832 at SUSECVE-2013-5832 at NVDCVE-2013-5838 at SUSECVE-2013-5838 at NVDCVE-2013-5840 at SUSECVE-2013-5840 at NVDCVE-2013-5842 at SUSECVE-2013-5842 at NVDCVE-2013-5843 at SUSECVE-2013-5843 at NVDCVE-2013-5848 at SUSECVE-2013-5848 at NVDCVE-2013-5849 at SUSECVE-2013-5849 at NVDCVE-2013-5850 at SUSECVE-2013-5850 at NVDCVE-2013-5851 at SUSECVE-2013-5851 at NVDCVE-2013-5878 at SUSECVE-2013-5878 at NVDCVE-2013-5884 at SUSECVE-2013-5884 at NVDCVE-2013-5887 at SUSECVE-2013-5887 at NVDCVE-2013-5888 at SUSECVE-2013-5888 at NVDCVE-2013-5889 at SUSECVE-2013-5889 at NVDCVE-2013-5896 at SUSECVE-2013-5896 at NVDCVE-2013-5898 at SUSECVE-2013-5898 at NVDCVE-2013-5899 at SUSECVE-2013-5899 at NVDCVE-2013-5907 at SUSECVE-2013-5907 at NVDCVE-2013-5910 at SUSECVE-2013-5910 at NVDCVE-2013-6629 at SUSECVE-2013-6629 at NVDCVE-2013-6954 at SUSECVE-2013-6954 at NVDCVE-2014-0368 at SUSECVE-2014-0368 at NVDCVE-2014-0373 at SUSECVE-2014-0373 at NVDCVE-2014-0375 at SUSECVE-2014-0375 at NVDCVE-2014-0376 at SUSECVE-2014-0376 at NVDCVE-2014-0387 at SUSECVE-2014-0387 at NVDCVE-2014-0403 at SUSECVE-2014-0403 at NVDCVE-2014-0410 at SUSECVE-2014-0410 at NVDCVE-2014-0411 at SUSECVE-2014-0411 at NVDCVE-2014-0415 at SUSECVE-2014-0415 at NVDCVE-2014-0416 at SUSECVE-2014-0416 at NVDCVE-2014-0417 at SUSECVE-2014-0417 at NVDCVE-2014-0422 at SUSECVE-2014-0422 at NVDCVE-2014-0423 at SUSECVE-2014-0423 at NVDCVE-2014-0424 at SUSECVE-2014-0424 at NVDCVE-2014-0428 at SUSECVE-2014-0428 at NVDCVE-2014-0429 at SUSECVE-2014-0429 at NVDCVE-2014-0446 at SUSECVE-2014-0446 at NVDCVE-2014-0448 at SUSECVE-2014-0448 at NVDCVE-2014-0449 at SUSECVE-2014-0449 at NVDCVE-2014-0451 at SUSECVE-2014-0451 at NVDCVE-2014-0452 at SUSECVE-2014-0452 at NVDCVE-2014-0453 at SUSECVE-2014-0453 at NVDCVE-2014-0454 at SUSECVE-2014-0454 at NVDCVE-2014-0455 at SUSECVE-2014-0455 at NVDCVE-2014-0457 at SUSECVE-2014-0457 at NVDCVE-2014-0458 at SUSECVE-2014-0458 at NVDCVE-2014-0459 at SUSECVE-2014-0459 at NVDCVE-2014-0460 at SUSECVE-2014-0460 at NVDCVE-2014-0461 at SUSECVE-2014-0461 at NVDCVE-2014-0878 at SUSECVE-2014-0878 at NVDCVE-2014-1876 at SUSECVE-2014-1876 at NVDCVE-2014-2398 at SUSECVE-2014-2398 at NVDCVE-2014-2401 at SUSECVE-2014-2401 at NVDCVE-2014-2402 at SUSECVE-2014-2402 at NVDCVE-2014-2409 at SUSECVE-2014-2409 at NVDCVE-2014-2412 at SUSECVE-2014-2412 at NVDCVE-2014-2414 at SUSECVE-2014-2414 at NVDCVE-2014-2420 at SUSECVE-2014-2420 at NVDCVE-2014-2421 at SUSECVE-2014-2421 at NVDCVE-2014-2423 at SUSECVE-2014-2423 at NVDCVE-2014-2427 at SUSECVE-2014-2427 at NVDCVE-2014-2428 at SUSECVE-2014-2428 at NVDCVE-2014-3065 at SUSECVE-2014-3065 at NVDCVE-2014-3566 at SUSECVE-2014-3566 at NVDCVE-2014-4208 at SUSECVE-2014-4208 at NVDCVE-2014-4209 at SUSECVE-2014-4209 at NVDCVE-2014-4218 at SUSECVE-2014-4218 at NVDCVE-2014-4219 at SUSECVE-2014-4219 at NVDCVE-2014-4220 at SUSECVE-2014-4220 at NVDCVE-2014-4221 at SUSECVE-2014-4221 at NVDCVE-2014-4227 at SUSECVE-2014-4227 at NVDCVE-2014-4244 at SUSECVE-2014-4244 at NVDCVE-2014-4252 at SUSECVE-2014-4252 at NVDCVE-2014-4262 at SUSECVE-2014-4262 at NVDCVE-2014-4263 at SUSECVE-2014-4263 at NVDCVE-2014-4265 at SUSECVE-2014-4265 at NVDCVE-2014-4266 at SUSECVE-2014-4266 at NVDCVE-2014-4268 at SUSECVE-2014-4268 at NVDCVE-2014-4288 at SUSECVE-2014-4288 at NVDCVE-2014-6456 at SUSECVE-2014-6456 at NVDCVE-2014-6457 at SUSECVE-2014-6457 at NVDCVE-2014-6458 at SUSECVE-2014-6458 at NVDCVE-2014-6466 at SUSECVE-2014-6466 at NVDCVE-2014-6476 at SUSECVE-2014-6476 at NVDCVE-2014-6492 at SUSECVE-2014-6492 at NVDCVE-2014-6493 at SUSECVE-2014-6493 at NVDCVE-2014-6502 at SUSECVE-2014-6502 at NVDCVE-2014-6503 at SUSECVE-2014-6503 at NVDCVE-2014-6506 at SUSECVE-2014-6506 at NVDCVE-2014-6511 at SUSECVE-2014-6511 at NVDCVE-2014-6512 at SUSECVE-2014-6512 at NVDCVE-2014-6513 at SUSECVE-2014-6513 at NVDCVE-2014-6515 at SUSECVE-2014-6515 at NVDCVE-2014-6527 at SUSECVE-2014-6527 at NVDCVE-2014-6531 at SUSECVE-2014-6531 at NVDCVE-2014-6532 at SUSECVE-2014-6532 at NVDCVE-2014-6558 at SUSECVE-2014-6558 at NVDCVE-2014-8891 at SUSECVE-2014-8891 at NVDCVE-2014-8892 at SUSECVE-2014-8892 at NVDCVE-2015-0138 at SUSECVE-2015-0138 at NVDCVE-2015-0192 at SUSECVE-2015-0192 at NVDCVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0458 at SUSECVE-2015-0458 at NVDCVE-2015-0459 at SUSECVE-2015-0459 at NVDCVE-2015-0469 at SUSECVE-2015-0469 at NVDCVE-2015-0477 at SUSECVE-2015-0477 at NVDCVE-2015-0478 at SUSECVE-2015-0478 at NVDCVE-2015-0480 at SUSECVE-2015-0480 at NVDCVE-2015-0488 at SUSECVE-2015-0488 at NVDCVE-2015-0491 at SUSECVE-2015-0491 at NVDCVE-2015-1914 at SUSECVE-2015-1914 at NVDCVE-2015-2808 at SUSECVE-2015-2808 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
java-1_7_0-ibm was updated to fix 21 security issues.
These security issues were fixed:
- CVE-2015-4729: Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allowed remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment (bsc#938895).
- CVE-2015-4748: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security (bsc#938895).
- CVE-2015-2664: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allowed local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment (bsc#938895).
- CVE-2015-0192: Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allowed remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine (bsc#938895).
- CVE-2015-2613: Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality via vectors related to JCE (bsc#938895).
- CVE-2015-4731: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX (bsc#938895).
- CVE-2015-2637: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality via unknown vectors related to 2D (bsc#938895).
- CVE-2015-4733: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI (bsc#938895).
- CVE-2015-4732: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-2590 (bsc#938895).
- CVE-2015-2621: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33, allowed remote attackers to affect confidentiality via vectors related to JMX (bsc#938895).
- CVE-2015-2619: Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, JavaFX 2.2.80, and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality via unknown vectors related to 2D (bsc#938895).
- CVE-2015-2590: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732 (bsc#938895).
- CVE-2015-2638: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D (bsc#938895).
- CVE-2015-2625: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality via vectors related to JSSE (bsc#938895).
- CVE-2015-2632: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allowed remote attackers to affect confidentiality via unknown vectors related to 2D (bsc#938895).
- CVE-2015-1931: Unspecified vulnerability (bsc#938895).
- CVE-2015-4760: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D (bsc#938895).
- CVE-2015-4000: The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, did not properly convey a DHE_EXPORT choice, which allowed man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the 'Logjam' issue (bsc#935540).
- CVE-2015-2601: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect confidentiality via vectors related to JCE (bsc#938895).
- CVE-2015-2808: The RC4 algorithm, as used in the TLS protocol and SSL protocol, did not properly combine state data with key data during the initialization phase, which made it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the 'Bar Mitzvah' issue (bsc#938895).
- CVE-2015-4749: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allowed remote attackers to affect availability via vectors related to JNDI (bsc#938895).
ImportantSUSE bug 935540SUSE bug 938895CVE-2015-0192 at SUSECVE-2015-0192 at NVDCVE-2015-1931 at SUSECVE-2015-1931 at NVDCVE-2015-2590 at SUSECVE-2015-2590 at NVDCVE-2015-2601 at SUSECVE-2015-2601 at NVDCVE-2015-2613 at SUSECVE-2015-2613 at NVDCVE-2015-2619 at SUSECVE-2015-2619 at NVDCVE-2015-2621 at SUSECVE-2015-2621 at NVDCVE-2015-2625 at SUSECVE-2015-2625 at NVDCVE-2015-2632 at SUSECVE-2015-2632 at NVDCVE-2015-2637 at SUSECVE-2015-2637 at NVDCVE-2015-2638 at SUSECVE-2015-2638 at NVDCVE-2015-2664 at SUSECVE-2015-2664 at NVDCVE-2015-2808 at SUSECVE-2015-2808 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDCVE-2015-4729 at SUSECVE-2015-4729 at NVDCVE-2015-4731 at SUSECVE-2015-4731 at NVDCVE-2015-4732 at SUSECVE-2015-4732 at NVDCVE-2015-4733 at SUSECVE-2015-4733 at NVDCVE-2015-4748 at SUSECVE-2015-4748 at NVDCVE-2015-4749 at SUSECVE-2015-4749 at NVDCVE-2015-4760 at SUSECVE-2015-4760 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The java-1_7_0-ibm package was updated to version 7.0-9.20 to fix several security and non security issues:
- bnc#955131: Version update to 7.0-9.20:
CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810
CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844
CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883
CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006
- Add backcompat symlinks for sdkdir
- bnc#941939: Fix to provide %{name} instead of %{sdklnk} only in _jvmprivdir
ImportantSUSE bug 941939SUSE bug 955131CVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0458 at SUSECVE-2015-0458 at NVDCVE-2015-0459 at SUSECVE-2015-0459 at NVDCVE-2015-0469 at SUSECVE-2015-0469 at NVDCVE-2015-0477 at SUSECVE-2015-0477 at NVDCVE-2015-0478 at SUSECVE-2015-0478 at NVDCVE-2015-0480 at SUSECVE-2015-0480 at NVDCVE-2015-0488 at SUSECVE-2015-0488 at NVDCVE-2015-0491 at SUSECVE-2015-0491 at NVDCVE-2015-4734 at SUSECVE-2015-4734 at NVDCVE-2015-4803 at SUSECVE-2015-4803 at NVDCVE-2015-4805 at SUSECVE-2015-4805 at NVDCVE-2015-4806 at SUSECVE-2015-4806 at NVDCVE-2015-4810 at SUSECVE-2015-4810 at NVDCVE-2015-4835 at SUSECVE-2015-4835 at NVDCVE-2015-4840 at SUSECVE-2015-4840 at NVDCVE-2015-4842 at SUSECVE-2015-4842 at NVDCVE-2015-4843 at SUSECVE-2015-4843 at NVDCVE-2015-4844 at SUSECVE-2015-4844 at NVDCVE-2015-4860 at SUSECVE-2015-4860 at NVDCVE-2015-4871 at SUSECVE-2015-4871 at NVDCVE-2015-4872 at SUSECVE-2015-4872 at NVDCVE-2015-4882 at SUSECVE-2015-4882 at NVDCVE-2015-4883 at SUSECVE-2015-4883 at NVDCVE-2015-4893 at SUSECVE-2015-4893 at NVDCVE-2015-4902 at SUSECVE-2015-4902 at NVDCVE-2015-4903 at SUSECVE-2015-4903 at NVDCVE-2015-4911 at SUSECVE-2015-4911 at NVDCVE-2015-5006 at SUSECVE-2015-5006 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm fixes the following issues by updating to 7.0-9.30 (bsc#963937):
- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances
- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials
- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information
- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact
- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information
- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service
- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact
- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact
The following bugs were fixed:
- bsc#960402: resolve package conflicts in devel package
ImportantSUSE bug 960402SUSE bug 963937CVE-2015-5041 at SUSECVE-2015-5041 at NVDCVE-2015-7575 at SUSECVE-2015-7575 at NVDCVE-2015-7981 at SUSECVE-2015-7981 at NVDCVE-2015-8126 at SUSECVE-2015-8126 at NVDCVE-2015-8472 at SUSECVE-2015-8472 at NVDCVE-2015-8540 at SUSECVE-2015-8540 at NVDCVE-2016-0402 at SUSECVE-2016-0402 at NVDCVE-2016-0448 at SUSECVE-2016-0448 at NVDCVE-2016-0466 at SUSECVE-2016-0466 at NVDCVE-2016-0483 at SUSECVE-2016-0483 at NVDCVE-2016-0494 at SUSECVE-2016-0494 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
This update for java-1_7_0-ibm fixes the following issues by updating to 7.0-9.30 (bsc#963937):
- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances
- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials
- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information
- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact
- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information
- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service
- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact
- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact
The following bugs were fixed:
- bsc#960402: resolve package conflicts in devel package
ImportantSUSE bug 960402SUSE bug 963937CVE-2015-5041 at SUSECVE-2015-5041 at NVDCVE-2015-7575 at SUSECVE-2015-7575 at NVDCVE-2015-7981 at SUSECVE-2015-7981 at NVDCVE-2015-8126 at SUSECVE-2015-8126 at NVDCVE-2015-8472 at SUSECVE-2015-8472 at NVDCVE-2015-8540 at SUSECVE-2015-8540 at NVDCVE-2016-0402 at SUSECVE-2016-0402 at NVDCVE-2016-0448 at SUSECVE-2016-0448 at NVDCVE-2016-0466 at SUSECVE-2016-0466 at NVDCVE-2016-0483 at SUSECVE-2016-0483 at NVDCVE-2016-0494 at SUSECVE-2016-0494 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This IBM Java 1.7.0 SR9 FP40 release fixes the following issues:
Security issues fixed:
- CVE-2016-0264: buffer overflow vulnerability in the IBM JVM (bsc#977648)
- CVE-2016-0363: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix (bsc#977650)
- CVE-2016-0376: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix (bsc#977646)
- The following CVEs got also fixed during this update. (bsc#979252)
CVE-2016-3443, CVE-2016-0687, CVE-2016-0686, CVE-2016-3427, CVE-2016-3449, CVE-2016-3422, CVE-2016-3426
ImportantSUSE bug 977646SUSE bug 977648SUSE bug 977650SUSE bug 979252CVE-2016-0264 at SUSECVE-2016-0264 at NVDCVE-2016-0363 at SUSECVE-2016-0363 at NVDCVE-2016-0376 at SUSECVE-2016-0376 at NVDCVE-2016-0686 at SUSECVE-2016-0686 at NVDCVE-2016-0687 at SUSECVE-2016-0687 at NVDCVE-2016-3422 at SUSECVE-2016-3422 at NVDCVE-2016-3426 at SUSECVE-2016-3426 at NVDCVE-2016-3427 at SUSECVE-2016-3427 at NVDCVE-2016-3443 at SUSECVE-2016-3443 at NVDCVE-2016-3449 at SUSECVE-2016-3449 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
IBM Java 7 was updated to 7.1-9.50, fixing bugs and security issues (bsc#992537).
Security issues fixed:
CVE-2016-3485 CVE-2016-3511 CVE-2016-3598
Please see https://www.ibm.com/developerworks/java/jdk/alerts/ for more information.
ImportantSUSE bug 992537CVE-2016-3485 at SUSECVE-2016-3485 at NVDCVE-2016-3511 at SUSECVE-2016-3511 at NVDCVE-2016-3598 at SUSECVE-2016-3598 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm fixes the following issues:
- Version update to 7.0-9.60 (bsc#1009280, bsc#992537) fixing the following CVE's:
CVE-2016-5568, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597, CVE-2016-5554,
CVE-2016-5542
ImportantSUSE bug 1009280SUSE bug 992537CVE-2016-5542 at SUSECVE-2016-5542 at NVDCVE-2016-5554 at SUSECVE-2016-5554 at NVDCVE-2016-5556 at SUSECVE-2016-5556 at NVDCVE-2016-5568 at SUSECVE-2016-5568 at NVDCVE-2016-5573 at SUSECVE-2016-5573 at NVDCVE-2016-5597 at SUSECVE-2016-5597 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for java-1_7_0-ibm (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_1-ibm fixes the following issues:
Security issue fixed:
- CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and
other protocols and products, have a birthday bound of approximately four billion blocks, which
makes it easier for remote attackers to obtain cleartext data via a birthday attack against a
long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode,
aka a 'Sweet32' attack. (bsc#1027038)
ModerateSUSE bug 1027038CVE-2016-2183 at SUSECVE-2016-2183 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm fixes the following issues:
Version update to 7.0-10.5 bsc#1038505
- CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c
- CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c
- CVE-2016-9842: zlib: Undefined left shift of negative number
- CVE-2016-9843: zlib: Big-endian out-of-bounds pointer
- CVE-2017-1289: IBM JDK: XML External Entity Injection (XXE) error when processing XML data
- CVE-2017-3509: OpenJDK: improper re-use of NTLM authenticated connections
- CVE-2017-3511: OpenJDK: untrusted extension directories search path in Launcher
- CVE-2017-3539: OpenJDK: MD5 allowed for jar verification
- CVE-2017-3533: OpenJDK: newline injection in the FTP client
- CVE-2017-3544: OpenJDK: newline injection in the SMTP client
ImportantSUSE bug 1038505CVE-2016-9840 at SUSECVE-2016-9840 at NVDCVE-2016-9841 at SUSECVE-2016-9841 at NVDCVE-2016-9842 at SUSECVE-2016-9842 at NVDCVE-2016-9843 at SUSECVE-2016-9843 at NVDCVE-2017-1289 at SUSECVE-2017-1289 at NVDCVE-2017-3509 at SUSECVE-2017-3509 at NVDCVE-2017-3511 at SUSECVE-2017-3511 at NVDCVE-2017-3533 at SUSECVE-2017-3533 at NVDCVE-2017-3539 at SUSECVE-2017-3539 at NVDCVE-2017-3544 at SUSECVE-2017-3544 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm fixes the following issues:
This update for java-1_7_1-ibm fixes the following issues:
- Version update to 7.1-4.10 [bsc#1053431]
* CVE-2017-10111 CVE-2017-10110 CVE-2017-10107 CVE-2017-10101
CVE-2017-10096 CVE-2017-10090 CVE-2017-10089 CVE-2017-10087
CVE-2017-10102 CVE-2017-10116 CVE-2017-10074 CVE-2017-10115
CVE-2017-10067 CVE-2017-10125 CVE-2017-10243 CVE-2017-10109
CVE-2017-10108 CVE-2017-10053 CVE-2017-10105 CVE-2017-10081: Multiple unspecified vulnerabilities
in multiple Java components could lead to code execution or sandbox escape
More information can be found here: https://developer.ibm.com/javasdk/support/security-vulnerabilities/#Oracle_July_18_2017_CPU
ImportantSUSE bug 1053431CVE-2017-10053 at SUSECVE-2017-10053 at NVDCVE-2017-10067 at SUSECVE-2017-10067 at NVDCVE-2017-10074 at SUSECVE-2017-10074 at NVDCVE-2017-10081 at SUSECVE-2017-10081 at NVDCVE-2017-10087 at SUSECVE-2017-10087 at NVDCVE-2017-10089 at SUSECVE-2017-10089 at NVDCVE-2017-10090 at SUSECVE-2017-10090 at NVDCVE-2017-10096 at SUSECVE-2017-10096 at NVDCVE-2017-10101 at SUSECVE-2017-10101 at NVDCVE-2017-10102 at SUSECVE-2017-10102 at NVDCVE-2017-10105 at SUSECVE-2017-10105 at NVDCVE-2017-10107 at SUSECVE-2017-10107 at NVDCVE-2017-10108 at SUSECVE-2017-10108 at NVDCVE-2017-10109 at SUSECVE-2017-10109 at NVDCVE-2017-10110 at SUSECVE-2017-10110 at NVDCVE-2017-10111 at SUSECVE-2017-10111 at NVDCVE-2017-10115 at SUSECVE-2017-10115 at NVDCVE-2017-10116 at SUSECVE-2017-10116 at NVDCVE-2017-10125 at SUSECVE-2017-10125 at NVDCVE-2017-10243 at SUSECVE-2017-10243 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm fixes the following issues:
- Security update to version 7.0.10.15 (bsc#1070162):
* CVE-2017-10346 CVE-2017-10285 CVE-2017-10388 CVE-2017-10356
CVE-2017-10293 CVE-2016-9841 CVE-2016-10165 CVE-2017-10355
CVE-2017-10357 CVE-2017-10348 CVE-2017-10349 CVE-2017-10347
CVE-2017-10350 CVE-2017-10281 CVE-2017-10295 CVE-2017-10345
ImportantSUSE bug 1070162CVE-2016-10165 at SUSECVE-2016-10165 at NVDCVE-2016-9841 at SUSECVE-2016-9841 at NVDCVE-2017-10281 at SUSECVE-2017-10281 at NVDCVE-2017-10285 at SUSECVE-2017-10285 at NVDCVE-2017-10293 at SUSECVE-2017-10293 at NVDCVE-2017-10295 at SUSECVE-2017-10295 at NVDCVE-2017-10345 at SUSECVE-2017-10345 at NVDCVE-2017-10346 at SUSECVE-2017-10346 at NVDCVE-2017-10347 at SUSECVE-2017-10347 at NVDCVE-2017-10348 at SUSECVE-2017-10348 at NVDCVE-2017-10349 at SUSECVE-2017-10349 at NVDCVE-2017-10350 at SUSECVE-2017-10350 at NVDCVE-2017-10355 at SUSECVE-2017-10355 at NVDCVE-2017-10356 at SUSECVE-2017-10356 at NVDCVE-2017-10357 at SUSECVE-2017-10357 at NVDCVE-2017-10388 at SUSECVE-2017-10388 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm provides the following fixes:
The version was updated to 7.0.10.20 [bsc#1082810]:
* Following security issues were fixed:
- CVE-2018-2633 CVE-2018-2637 CVE-2018-2634 CVE-2018-2582
CVE-2018-2641 CVE-2018-2618 CVE-2018-2657 CVE-2018-2603
CVE-2018-2599 CVE-2018-2602 CVE-2018-2678 CVE-2018-2677
CVE-2018-2663 CVE-2018-2588 CVE-2018-2579
* Defect fixes:
- IJ04281 Class Libraries: Startup time increase after applying
apar IV96905
- IJ03822 Class Libraries: Update timezone information to tzdata2017c
- IJ03605 Java Virtual Machine: Legacy security for com.ibm.jvm.dump,
trace, log was not enabled by default
- IJ03607 JIT Compiler: Result String contains a redundant dot when
converted from BigDecimal with 0 on all platforms
- IX90185 ORB: Upgrade ibmcfw.jar to version O1800.01
- IJ04282 Security: Change in location and default of jurisdiction
policy files
- IJ03853 Security: IBMCAC provider does not support SHA224
- IJ02679 Security: IBMPKCS11Impl – Bad sessions are being allocated
internally
- IJ02706 Security: IBMPKCS11Impl – Bad sessions are being allocated
internally
- IJ03552 Security: IBMPKCS11Impl - Config file problem with the slot
specification attribute
- IJ01901 Security: IBMPKCS11Impl – SecureRandom.setSeed() exception
- IJ03801 Security: Issue with same DN certs, iKeyman GUI error with
stash, JKS Chain issue and JVM argument parse issue with iKeyman
- IJ02284 JIT Compiler: Division by zero in JIT compiler
- Make it possible to run Java jnlp files from Firefox. (bsc#1057460)
ImportantSUSE bug 1057460SUSE bug 1076390SUSE bug 1082810SUSE bug 929900SUSE bug 966304CVE-2018-2579 at SUSECVE-2018-2579 at NVDCVE-2018-2582 at SUSECVE-2018-2582 at NVDCVE-2018-2588 at SUSECVE-2018-2588 at NVDCVE-2018-2599 at SUSECVE-2018-2599 at NVDCVE-2018-2602 at SUSECVE-2018-2602 at NVDCVE-2018-2603 at SUSECVE-2018-2603 at NVDCVE-2018-2618 at SUSECVE-2018-2618 at NVDCVE-2018-2633 at SUSECVE-2018-2633 at NVDCVE-2018-2634 at SUSECVE-2018-2634 at NVDCVE-2018-2637 at SUSECVE-2018-2637 at NVDCVE-2018-2641 at SUSECVE-2018-2641 at NVDCVE-2018-2657 at SUSECVE-2018-2657 at NVDCVE-2018-2663 at SUSECVE-2018-2663 at NVDCVE-2018-2677 at SUSECVE-2018-2677 at NVDCVE-2018-2678 at SUSECVE-2018-2678 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm fixes the following issues:
IBM Java was updated to 7.1.4.25 (bsc#1093311, bsc#1085449)
Security fixes:
- CVE-2018-2814 CVE-2018-2794 CVE-2018-2783 CVE-2018-2799
CVE-2018-2798 CVE-2018-2797 CVE-2018-2796 CVE-2018-2795
CVE-2018-2800 CVE-2018-2790 CVE-2018-1417
ImportantSUSE bug 1085449SUSE bug 1093311CVE-2018-1417 at SUSECVE-2018-1417 at NVDCVE-2018-2783 at SUSECVE-2018-2783 at NVDCVE-2018-2790 at SUSECVE-2018-2790 at NVDCVE-2018-2794 at SUSECVE-2018-2794 at NVDCVE-2018-2795 at SUSECVE-2018-2795 at NVDCVE-2018-2796 at SUSECVE-2018-2796 at NVDCVE-2018-2797 at SUSECVE-2018-2797 at NVDCVE-2018-2798 at SUSECVE-2018-2798 at NVDCVE-2018-2799 at SUSECVE-2018-2799 at NVDCVE-2018-2800 at SUSECVE-2018-2800 at NVDCVE-2018-2814 at SUSECVE-2018-2814 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm fixes the following issues:
Security issues fixed:
- CVE-2018-1517: Fixed a flaw in the java.math component in IBM SDK, which may
allow an attacker to inflict a denial-of-service attack with specially
crafted String data.
- CVE-2018-1656: Protect against path traversal attacks when extracting
compressed dump files.
- CVE-2018-2940: Fixed an easily exploitable vulnerability in the libraries
subcomponent, which allowed unauthenticated attackers with network access
via multiple protocols to compromise the Java SE, leading to
unauthorized read access.
- CVE-2018-2952: Fixed an easily exploitable vulnerability in the concurrency
subcomponent, which allowed unauthenticated attackers with network access
via multiple protocols to compromise the Java SE, leading to denial of
service.
- CVE-2018-2973: Fixed a difficult to exploit vulnerability in the JSSE
subcomponent, which allowed unauthenticated attackers with network access
via SSL/TLS to compromise the Java SE, leading to unauthorized creation,
deletion or modification access to critical data.
- CVE-2018-12539: Fixed a vulnerability in which users other than the process
owner may be able to use Java Attach API to connect to the IBM JVM on the
same machine and use Attach API operations, including the ability to execute
untrusted arbitrary code.
Other changes made:
- Various JIT/JVM crash fixes
- Version update to 7.1.4.30 (bsc#1104668)
You can find detailed information about this update [here](https://developer.ibm.com/javasdk/support/security-vulnerabilities/#IBM_Security_Update_August_2018).
ImportantSUSE bug 1104668CVE-2018-12539 at SUSECVE-2018-12539 at NVDCVE-2018-1517 at SUSECVE-2018-1517 at NVDCVE-2018-1656 at SUSECVE-2018-1656 at NVDCVE-2018-2940 at SUSECVE-2018-2940 at NVDCVE-2018-2952 at SUSECVE-2018-2952 at NVDCVE-2018-2973 at SUSECVE-2018-2973 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
java-1_7_0-ibm is updated to Java 7.0 Service Refresh 10 Fix Pack 35 (bsc#1116574):
* Class Libraries
- IJ10934 CVE-2018-13785
- IJ10935 CVE-2018-3136
- IJ10895 CVE-2018-3139
- IJ10932 CVE-2018-3149
- IJ10894 CVE-2018-3180
- IJ10933 CVE-2018-3214
- IJ09315 FLOATING POINT EXCEPTION FROM JAVA.TEXT.DECIMALFORMAT. FORMAT
- IJ09088 INTRODUCING A NEW PROPERTY FOR TURKEY TIMEZONE FOR PRODUCTS NOT IDENTIFYING TRT
- IJ10800 REMOVE EXPIRING ROOT CERTIFICATES IN IBM JDK’S CACERTS
* Java Virtual Machine
- IJ10931 CVE-2018-3169
* JIT Compiler
- IJ08205 CRASH WHILE COMPILING
* Security
- IJ10492 'EC KEYSIZE < 384' IS NOT HONORED USING THE 'JDK.TLS.DISABLEDALGORIT HMS' SECURITY PROPERTY
- IJ10491 AES/GCM CIPHER – AAD NOT RESET TO UN-INIT STATE AFTER DOFINAL( ) AND INIT( )
- IJ08442 HTTP PUBLIC KEY PINNING FINGERPRINT,PROBLEM WITH CONVERTING TO JKS KEYSTORE
- IJ09107 IBMPKCS11IMPL CRYPTO PROVIDER – INTERMITTENT ERROR WITH SECP521R1 SIGNATURE ON Z/OS
- IJ10136 IBMPKCS11IMPL – INTERMITTENT ERROR WITH SECP521R1 SIG ON Z/OS AND Z/LINUX
- IJ08530 IBMPKCS11IMPL PROVIDER USES THE WRONG RSA CIPHER MECHANISM FOR THE RSA/ECB/PKCS1PADDING CIPHER
- IJ08723 JAAS THROWS A ‘ARRAY INDEX OUT OF RANGE’ EXCEPTION
- IJ08704 THE SECURITY PROPERTY ‘JDK.CERTPATH.DISABLEDAL GORITHMS’ IS MISTAKENLY BEING USED TO FILTER JAR SIGNING ALGORITHMS
- PH01244 OUTPUT BUFFER TOO SHORT FOR GCM MODE ENCRYPTION USING IBMJCEHYBRID
ImportantSUSE bug 1116574CVE-2018-13785 at SUSECVE-2018-13785 at NVDCVE-2018-3136 at SUSECVE-2018-3136 at NVDCVE-2018-3139 at SUSECVE-2018-3139 at NVDCVE-2018-3149 at SUSECVE-2018-3149 at NVDCVE-2018-3169 at SUSECVE-2018-3169 at NVDCVE-2018-3180 at SUSECVE-2018-3180 at NVDCVE-2018-3214 at SUSECVE-2018-3214 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm to version 7.0.10.40 fixes the following issues:
Security issues fixed:
- CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl (bsc#1122293).
- CVE-2018-11212: Fixed an issue in alloc_sarray function in jmemmgr.c (bsc#1122299).
More information: https://developer.ibm.com/javasdk/support/security-vulnerabilities/#IBM_Security_Update_February_2019
ImportantSUSE bug 1122293SUSE bug 1122299CVE-2018-11212 at SUSECVE-2018-11212 at NVDCVE-2019-2422 at SUSECVE-2019-2422 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm fixes the following issues:
Update to Java 7.0 Service Refresh 10 Fix Pack 45.
Security issues fixed:
- CVE-2019-10245: Fixed Java bytecode verifier issue causing crashes (bsc#1134718).
- CVE-2019-2698: Fixed out of bounds access flaw in the 2D component (bsc#1132729).
- CVE-2019-2697: Fixed flaw inside the 2D component (bsc#1132734).
- CVE-2019-2602: Fixed flaw inside BigDecimal implementation (Component: Libraries) (bsc#1132728).
- CVE-2019-2684: Fixed flaw was found in the RMI registry implementation (bsc#1132732).
ImportantSUSE bug 1132728SUSE bug 1132729SUSE bug 1132732SUSE bug 1132734SUSE bug 1134718CVE-2019-10245 at SUSECVE-2019-10245 at NVDCVE-2019-2602 at SUSECVE-2019-2602 at NVDCVE-2019-2684 at SUSECVE-2019-2684 at NVDCVE-2019-2697 at SUSECVE-2019-2697 at NVDCVE-2019-2698 at SUSECVE-2019-2698 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for java-1_7_0-ibm (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm fixes the following issues:
Update to Java 7.0 Service Refresh 10 Fix Pack 50 (bsc#1147021).
Security issues fixed:
- CVE-2019-2762: Fixed issue inside Component Utilities (bsc#1141782).
- CVE-2019-2766: Fixed issue inside Component Networking (bsc#1141789).
- CVE-2019-2769: Fixed issue inside Component Utilities (bsc#1141783).
- CVE-2019-2816: Fixed issue inside Component Networking (bsc#1147021).
- CVE-2019-4473: Fixed insecure RPATH in multiple binaries on AIX (bsc#1147021).
- CVE-2019-7317: Fixed use-after-free in libpng, affecting client-libs/java.awt (bsc#1147021).
- CVE-2019-11771: Fixed insecure RPATH in OpenJ9 on AIX (bsc#1147021).
- CVE-2019-11775: Fixed failure to privatize a value pulled out of the loop by versioning (bsc#1147021).
ModerateSUSE bug 1141782SUSE bug 1141783SUSE bug 1141789SUSE bug 1147021CVE-2019-11771 at SUSECVE-2019-11771 at NVDCVE-2019-11775 at SUSECVE-2019-11775 at NVDCVE-2019-2762 at SUSECVE-2019-2762 at NVDCVE-2019-2766 at SUSECVE-2019-2766 at NVDCVE-2019-2769 at SUSECVE-2019-2769 at NVDCVE-2019-2816 at SUSECVE-2019-2816 at NVDCVE-2019-4473 at SUSECVE-2019-4473 at NVDCVE-2019-7317 at SUSECVE-2019-7317 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for java-1_7_0-ibm (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm fixes the following issues:
- Update to 7.0 Service Refresh 10 Fix Pack 55 [bsc#1158442, bsc#1154212]
* Security fixes:
CVE-2019-2933 CVE-2019-2945 CVE-2019-2958 CVE-2019-2962
CVE-2019-2964 CVE-2019-2978 CVE-2019-2983 CVE-2019-2988
CVE-2019-2989 CVE-2019-2992 CVE-2019-2999 CVE-2019-2973
CVE-2019-2981
ModerateSUSE bug 1154212SUSE bug 1158442CVE-2019-2933 at SUSECVE-2019-2933 at NVDCVE-2019-2945 at SUSECVE-2019-2945 at NVDCVE-2019-2958 at SUSECVE-2019-2958 at NVDCVE-2019-2962 at SUSECVE-2019-2962 at NVDCVE-2019-2964 at SUSECVE-2019-2964 at NVDCVE-2019-2973 at SUSECVE-2019-2973 at NVDCVE-2019-2978 at SUSECVE-2019-2978 at NVDCVE-2019-2981 at SUSECVE-2019-2981 at NVDCVE-2019-2983 at SUSECVE-2019-2983 at NVDCVE-2019-2988 at SUSECVE-2019-2988 at NVDCVE-2019-2989 at SUSECVE-2019-2989 at NVDCVE-2019-2992 at SUSECVE-2019-2992 at NVDCVE-2019-2999 at SUSECVE-2019-2999 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm fixes the following issues:
Java was updated to 7.0 Service Refresh 10 Fix Pack 60 [bsc#1162972, bsc#1160968].
Security issues fixed:
- CVE-2020-2583: Fixed a serialization vulnerability in BeanContextSupport (bsc#1162972).
- CVE-2020-2593: Fixed an incorrect check in isBuiltinStreamHandler, causing URL normalization issues (bsc#1162972).
- CVE-2020-2604: Fixed a serialization issue in jdk.serialFilter (bsc#1162972).
- CVE-2020-2659: Fixed the incomplete enforcement of the maxDatagramSockets limit in DatagramChannelImpl (bsc#1162972).
ImportantSUSE bug 1160968SUSE bug 1162972CVE-2020-2583 at SUSECVE-2020-2583 at NVDCVE-2020-2593 at SUSECVE-2020-2593 at NVDCVE-2020-2604 at SUSECVE-2020-2604 at NVDCVE-2020-2659 at SUSECVE-2020-2659 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm fixes the following issues:
java-1_7_1-ibm was updated to Java 7.1 Service Refresh 4 Fix Pack 65 (bsc#1172277 and bsc#1169511)
- CVE-2020-2654: Fixed an issue which could have resulted in unauthorized ability to cause a partial denial of service
- CVE-2020-2756: Improved mapping of serial ENUMs
- CVE-2020-2757: Less Blocking Array Queues
- CVE-2020-2781: Improved TLS session handling
- CVE-2020-2800: Improved Headings for HTTP Servers
- CVE-2020-2803: Enhanced buffering of byte buffers
- CVE-2020-2805: Enhanced typing of methods
- CVE-2020-2830: Improved Scanner conversions
ImportantSUSE bug 1169511SUSE bug 1172277CVE-2020-2654 at SUSECVE-2020-2654 at NVDCVE-2020-2756 at SUSECVE-2020-2756 at NVDCVE-2020-2757 at SUSECVE-2020-2757 at NVDCVE-2020-2781 at SUSECVE-2020-2781 at NVDCVE-2020-2800 at SUSECVE-2020-2800 at NVDCVE-2020-2803 at SUSECVE-2020-2803 at NVDCVE-2020-2805 at SUSECVE-2020-2805 at NVDCVE-2020-2830 at SUSECVE-2020-2830 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for java-1_7_0-ibm (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm fixes the following issues:
- Update to Java 7.0 Service Refresh 10 Fix Pack 70 [bsc#1175259, bsc#1174157]
CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14621
CVE-2020-14593 CVE-2020-14583 CVE-2019-17639
* Class Libraries:
- TRANSLATION MESSAGES UPDATE FOR JCL
- UPDATE TIMEZONE INFORMATION TO TZDATA2020A
* Security:
- CERTIFICATEEXCEPTION OCCURS WHEN FILE.ENCODING PROPERTY SET TO
NON DEFAULT VALUE
- The pack200 and unpack200 alternatives should be slaves of java [bsc#1171352]
ModerateSUSE bug 1171352SUSE bug 1174157SUSE bug 1175259CVE-2019-17639 at SUSECVE-2019-17639 at NVDCVE-2020-14577 at SUSECVE-2020-14577 at NVDCVE-2020-14578 at SUSECVE-2020-14578 at NVDCVE-2020-14579 at SUSECVE-2020-14579 at NVDCVE-2020-14583 at SUSECVE-2020-14583 at NVDCVE-2020-14593 at SUSECVE-2020-14593 at NVDCVE-2020-14621 at SUSECVE-2020-14621 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for java-1_7_0-ibm (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm fixes the following issues:
- Update to Java 7.0 Service Refresh 10 Fix Pack 75 [bsc#1180063, bsc#1177943]
CVE-2020-14792 CVE-2020-14797 CVE-2020-14782 CVE-2020-14781
CVE-2020-14779 CVE-2020-14798 CVE-2020-14796 CVE-2020-14803
* Class Libraries:
- Z/OS specific C function send_file is changing the file pointer position
* Security:
- Add the new oracle signer certificate
- Certificate parsing error
- JVM memory growth can be caused by the IBMPKCS11IMPL crypto provider
- Remove check for websphere signed jars
- sessionid.hashcode generates too many collisions
- The Java 8 IBM certpath provider does not honor the user
specified system property for CLR connect timeout
ModerateSUSE bug 1177943SUSE bug 1180063CVE-2020-14779 at SUSECVE-2020-14779 at NVDCVE-2020-14781 at SUSECVE-2020-14781 at NVDCVE-2020-14782 at SUSECVE-2020-14782 at NVDCVE-2020-14792 at SUSECVE-2020-14792 at NVDCVE-2020-14796 at SUSECVE-2020-14796 at NVDCVE-2020-14797 at SUSECVE-2020-14797 at NVDCVE-2020-14798 at SUSECVE-2020-14798 at NVDCVE-2020-14803 at SUSECVE-2020-14803 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm fixes the following issues:
- Update to Java 7.0 Service Refresh 10 Fix Pack 80
[bsc#1182186, bsc#1181239, CVE-2020-27221, CVE-2020-14803]
* CVE-2020-27221: Potential for a stack-based buffer overflow
when the virtual machine or JNI natives are converting from
UTF-8 characters to platform encoding.
* CVE-2020-14803: Unauthenticated attacker with network access
via multiple protocols allows to compromise Java SE.
ImportantSUSE bug 1181239SUSE bug 1182186CVE-2020-14803 at SUSECVE-2020-14803 at NVDCVE-2020-27221 at SUSECVE-2020-27221 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm fixes the following issues:
Update Java 7.0 to Service Refresh 11 Fix Pack 5 (bsc#1197126).
Including fixes for the following vulnerabilities:
CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349,
CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,
CVE-2022-21299, CVE-2022-21296, CVE-2022-21282, CVE-2022-21294,
CVE-2022-21293, CVE-2022-21291, CVE-2022-21283, CVE-2022-21248,
CVE-2022-21271.
ImportantSUSE bug 1194925SUSE bug 1194926SUSE bug 1194927SUSE bug 1194928SUSE bug 1194929SUSE bug 1194930SUSE bug 1194931SUSE bug 1194932SUSE bug 1194933SUSE bug 1194934SUSE bug 1194935SUSE bug 1194937SUSE bug 1194939SUSE bug 1194940SUSE bug 1194941SUSE bug 1196500SUSE bug 1197126CVE-2022-21248 at SUSECVE-2022-21248 at NVDCVE-2022-21271 at SUSECVE-2022-21271 at NVDCVE-2022-21277 at SUSECVE-2022-21277 at NVDCVE-2022-21282 at SUSECVE-2022-21282 at NVDCVE-2022-21283 at SUSECVE-2022-21283 at NVDCVE-2022-21291 at SUSECVE-2022-21291 at NVDCVE-2022-21293 at SUSECVE-2022-21293 at NVDCVE-2022-21294 at SUSECVE-2022-21294 at NVDCVE-2022-21296 at SUSECVE-2022-21296 at NVDCVE-2022-21299 at SUSECVE-2022-21299 at NVDCVE-2022-21305 at SUSECVE-2022-21305 at NVDCVE-2022-21340 at SUSECVE-2022-21340 at NVDCVE-2022-21341 at SUSECVE-2022-21341 at NVDCVE-2022-21349 at SUSECVE-2022-21349 at NVDCVE-2022-21360 at SUSECVE-2022-21360 at NVDCVE-2022-21365 at SUSECVE-2022-21365 at NVDCVE-2022-21366 at SUSECVE-2022-21366 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm fixes the following issues:
Update to Java 7.0 Service Refresh 11 Fix Pack 10 (bsc#1201643), including fixes for:
- CVE-2022-21476 (bsc#1198671), CVE-2022-21449 (bsc#1198670),
CVE-2022-21496 (bsc#1198673), CVE-2022-21434 (bsc#1198674),
CVE-2022-21426 (bsc#1198672), CVE-2022-21443 (bsc#1198675),
CVE-2021-35561 (bsc#1191912), CVE-2022-21299 (bsc#1194931).
ImportantSUSE bug 1191912SUSE bug 1194931SUSE bug 1198670SUSE bug 1198671SUSE bug 1198672SUSE bug 1198673SUSE bug 1198674SUSE bug 1198675SUSE bug 1201643CVE-2021-35561 at SUSECVE-2021-35561 at NVDCVE-2022-21299 at SUSECVE-2022-21299 at NVDCVE-2022-21426 at SUSECVE-2022-21426 at NVDCVE-2022-21434 at SUSECVE-2022-21434 at NVDCVE-2022-21443 at SUSECVE-2022-21443 at NVDCVE-2022-21449 at SUSECVE-2022-21449 at NVDCVE-2022-21476 at SUSECVE-2022-21476 at NVDCVE-2022-21496 at SUSECVE-2022-21496 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for java-1_7_0-ibm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm fixes the following issues:
- Updated to Java 7.0 Service Refresh 11 Fix Pack 15 (bsc#1202427):
- CVE-2022-34169: Fixed an integer truncation issue in the Xalan
Java XSLT library that occurred when processing malicious
stylesheets (bsc#1201684).
- CVE-2022-21549: Fixed an issue that could lead to computing
negative random exponentials (bsc#1201685).
- CVE-2022-21541: Fixed a potential bypass of sandbox restrictions
in the Hotspot component (bsc#1201692).
- CVE-2022-21540: Fixed a potential bypass of sandbox restrictions
in the Hotspot component (bsc#1201694).
ImportantSUSE bug 1201684SUSE bug 1201685SUSE bug 1201692SUSE bug 1201694SUSE bug 1202427CVE-2022-21540 at SUSECVE-2022-21540 at NVDCVE-2022-21541 at SUSECVE-2022-21541 at NVDCVE-2022-21549 at SUSECVE-2022-21549 at NVDCVE-2022-34169 at SUSECVE-2022-34169 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for java-1_7_0-ibm (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_0-ibm fixes the following issues:
- IBM Security Update November 2022: (bsc#1205302, bsc#1204703)
- CVE-2022-3676: A security vulnerability was fixed in version 7.0.11.15, adding the reference here.
ModerateSUSE bug 1204703SUSE bug 1205302CVE-2022-3676 at SUSECVE-2022-3676 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for java-1_7_1-ibm (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for java-1_7_1-ibm fixes the following issues:
- Update to Java 7.1 Service Refresh 5 Fix Pack 0
- CVE-2021-41035: before version 0.29.0, the openj9 JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. (bsc#1194198, bsc#1192052)
- CVE-2021-35586: Excessive memory allocation in BMPImageReader. (bsc#1191914)
- CVE-2021-35564: Certificates with end dates too far in the future can corrupt keystore. (bsc#1191913)
- CVE-2021-35559: Excessive memory allocation in RTFReader. (bsc#1191911)
- CVE-2021-35556: Excessive memory allocation in RTFParser. (bsc#1191910)
- CVE-2021-35565: Loop in HttpsServer triggered during TLS session close. (bsc#1191909)
- CVE-2021-35588: Incomplete validation of inner class references in ClassFileParser. (bsc#1191905)
- CVE-2021-2341: Fixed a flaw inside the FtpClient. (bsc#1188564)
- CVE-2021-2369: JAR file handling problem containing multiple MANIFEST.MF files. (bsc#1188565)
- CVE-2021-2432: Fixed a vulnerability in the omponent JNDI. (bsc#1188568)
- CVE-2021-2163: Incomplete enforcement of JAR signing disabled algorithms. (bsc#1185055)
- CVE-2021-2388: Fixed a flaw inside the Hotspot component performed range check elimination. (bsc#1188566)
ModerateSUSE bug 1185055SUSE bug 1188564SUSE bug 1188565SUSE bug 1188566SUSE bug 1188568SUSE bug 1191905SUSE bug 1191909SUSE bug 1191910SUSE bug 1191911SUSE bug 1191913SUSE bug 1191914SUSE bug 1192052SUSE bug 1194198SUSE bug 1194232CVE-2021-2163 at SUSECVE-2021-2163 at NVDCVE-2021-2341 at SUSECVE-2021-2341 at NVDCVE-2021-2369 at SUSECVE-2021-2369 at NVDCVE-2021-2388 at SUSECVE-2021-2388 at NVDCVE-2021-2432 at SUSECVE-2021-2432 at NVDCVE-2021-35556 at SUSECVE-2021-35556 at NVDCVE-2021-35559 at SUSECVE-2021-35559 at NVDCVE-2021-35564 at SUSECVE-2021-35564 at NVDCVE-2021-35565 at SUSECVE-2021-35565 at NVDCVE-2021-35586 at SUSECVE-2021-35586 at NVDCVE-2021-35588 at SUSECVE-2021-35588 at NVDCVE-2021-41035 at SUSECVE-2021-41035 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for jpeg (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for jpeg fixes the following issues:
* CVE-2017-15232: NULL pointer dereferences in jdpostct.c and jquant1.c could
lead to denial of service (crash) when processing images [bsc#1062937]
* CVE-2018-11813: Fixed the end-of-file mishandling in read_pixel in rdtarga.c,
which allowed remote attackers to cause a denial-of-service via crafted JPG
files due to a large loop [bsc#1096209]
* CVE-2018-1152: Fixed a denial of service in start_input_bmp() rdbmp.c caused
by a divide by zero when processing a crafted BMP image [bsc#1098155]
ModerateSUSE bug 1062937SUSE bug 1096209SUSE bug 1098155CVE-2017-15232 at SUSECVE-2017-15232 at NVDCVE-2018-1152 at SUSECVE-2018-1152 at NVDCVE-2018-11813 at SUSECVE-2018-11813 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for jpeg (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for jpeg fixes the following issue:
Security issue fixed:
- CVE-2018-14498: Fixed a heap-based buffer over read in get_8bit_row function
which could allow to an attacker to cause denial of service (bsc#1128712).
- CVE-2018-11212: Fixed divide by zero in alloc_sarray function in jmemmgr.c (bsc#1122299).
- CVE-2018-14498: Fixed denial of service in get_8bit_row in rdbmp.c (bsc#1128712).
LowSUSE bug 1122299SUSE bug 1128712CVE-2018-11212 at SUSECVE-2018-11212 at NVDCVE-2018-14498 at SUSECVE-2018-14498 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for jpeg (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for jpeg fixes the following issues:
- CVE-2020-14152: Fixed an improper implementation which vould have potentially exhausted the memory (bsc#1172995).
- CVE-2020-13790: Fixed a heap-based buffer over-read via a malformed PPM input file (bsc#1172491).
ModerateSUSE bug 1172491SUSE bug 1172995CVE-2020-13790 at SUSECVE-2020-13790 at NVDCVE-2020-14152 at SUSECVE-2020-14152 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for kdebase4-workspaceSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This kdebase4-workspace update fixes two security issues:
* NULL pointer dereference in KDM and KCheckPass. (CVE-2013-4132)
* Memory leak that could lead to a denial of service. (CVE-2013-4133)
Security Issues references:
* CVE-2013-4132
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4132>
* CVE-2013-4133
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4133>
SUSE bug 829857CVE-2013-4132 at SUSECVE-2013-4132 at NVDCVE-2013-4133 at SUSECVE-2013-4133 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for kdebase4-runtimeSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
kdebase4-runtime has been updated to fix one security issue:
* CVE-2013-7252: Added gpg based encryption support to kwallet
(bnc#857200).
Security Issues:
* CVE-2013-7252
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7252>
SUSE bug 857200CVE-2013-7252 at SUSECVE-2013-7252 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for kdebase4-workspace (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for kdebase4-workspace fixes the following issues:
- CVE-2014-8651: Privilege escalation via KDE Clock KCM helper when non-default polkit settings are used (bsc#904625)
The following non-security bugs were fixed:
- bsc#929718: Make kdm recognize an IPv6 localhost address as localhost
ModerateSUSE bug 904625SUSE bug 929718CVE-2014-8651 at SUSECVE-2014-8651 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for kdelibs3 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for kdelibs3 fixes the following issues:
- CVE-2015-7543: Insecure creation of temporary directories allowed local users
to hijack the IPC by pre-creating the temporary directory (bsc#958347).
ModerateSUSE bug 958347CVE-2015-7543 at SUSECVE-2015-7543 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for kdelibs4SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update of the kdelibs4 KSSL interface makes it select a set of default
ciphers that is recommended for current usage. This update is needed for
Konqueror to restrict its cipher set when using https.
SUSE bug 787520SUSE bug 865241CVE-2012-4512 at SUSECVE-2012-4512 at NVDCVE-2012-4513 at SUSECVE-2012-4513 at NVDCVE-2012-4515 at SUSECVE-2012-4515 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for kdirstatSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The following security issue has been fixed:
* #868682: CVE-2014-2527 CVE-2014-2528: kdirstat: command injection in
kcleanup
Security Issues:
* CVE-2014-2527
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2527>
* CVE-2014-2528
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2528>
SUSE bug 868682CVE-2014-2527 at SUSECVE-2014-2527 at NVDCVE-2014-2528 at SUSECVE-2014-2528 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for Linux kernelSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix
various bugs and security issues.
The following security bugs have been fixed:
*
CVE-2014-1739: The media_device_enum_entities function in
drivers/media/media-device.c in the Linux kernel before 3.14.6 does
not initialize a certain data structure, which allows local users to
obtain sensitive information from kernel memory by leveraging
/dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call
(bnc#882804).
*
CVE-2014-4171: mm/shmem.c in the Linux kernel through 3.15.1 does not
properly implement the interaction between range notification and
hole punching, which allows local users to cause a denial of service
(i_mutex hold) by using the mmap system call to access a hole, as
demonstrated by interfering with intended shmem activity by blocking
completion of (1) an MADV_REMOVE madvise call or (2) an
FALLOC_FL_PUNCH_HOLE fallocate call (bnc#883518).
*
CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel through
3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and
the sep CPU feature flag is set, allows local users to cause a denial
of service (OOPS and system crash) via an invalid syscall number, as
demonstrated by number 1000 (bnc#883724).
*
CVE-2014-4667: The sctp_association_free function in
net/sctp/associola.c in the Linux kernel before 3.15.2 does not
properly manage a certain backlog value, which allows remote
attackers to cause a denial of service (socket outage) via a crafted
SCTP packet (bnc#885422).
*
CVE-2014-4943: The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the
Linux kernel through 3.15.6 allows local users to gain privileges by
leveraging data-structure differences between an l2tp socket and an
inet socket (bnc#887082).
*
CVE-2014-5077: The sctp_assoc_update function in net/sctp/associola.c
in the Linux kernel through 3.15.8, when SCTP authentication is
enabled, allows remote attackers to cause a denial of service (NULL
pointer dereference and OOPS) by starting to establish an association
between two endpoints immediately after an exchange of INIT and INIT
ACK chunks to establish an earlier association between these
endpoints in the opposite direction (bnc#889173).
*
CVE-2014-5471: Stack consumption vulnerability in the
parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the
Linux kernel through 3.16.1 allows local users to cause a denial of
service (uncontrolled recursion, and system crash or reboot) via a
crafted iso9660 image with a CL entry referring to a directory entry
that has a CL entry. (bnc#892490)
*
CVE-2014-5472: The parse_rock_ridge_inode_internal function in
fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users
to cause a denial of service (unkillable mount process) via a crafted
iso9660 image with a self-referential CL entry. (bnc#892490)
*
CVE-2014-2706: Race condition in the mac80211 subsystem in the Linux
kernel before 3.13.7 allows remote attackers to cause a denial of
service (system crash) via network traffic that improperly interacts
with the WLAN_STA_PS_STA state (aka power-save mode), related to
sta_info.c and tx.c. (bnc#871797)
*
CVE-2014-4027: The rd_build_device_space function in
drivers/target/target_core_rd.c in the Linux kernel before 3.14 does
not properly initialize a certain data structure, which allows local
users to obtain sensitive information from ramdisk_mcp memory by
leveraging access to a SCSI initiator. (bnc#882639)
*
CVE-2014-3153 The futex_requeue function in kernel/futex.c in the
Linux kernel through 3.14.5 does not ensure that calls have two
different futex addresses, which allows local users to gain
privileges via a crafted FUTEX_REQUEUE command that facilitates
unsafe waiter modification. (bnc#880892)
*
CVE-2014-6410: Avoid infinite loop when processing indirect ICBs
(bnc#896689)
The following non-security bugs have been fixed:
* ACPI / PAD: call schedule() when need_resched() is true (bnc#866911).
* ACPI: Fix bug when ACPI reset register is implemented in system
memory (bnc#882900).
* ACPI: Limit access to custom_method (bnc#884333).
* ALSA: hda - Enabling Realtek ALC 671 codec (bnc#891746).
* Add option to automatically enforce module signatures when in Secure
Boot mode (bnc#884333).
* Add secure_modules() call (bnc#884333).
* Add wait_on_atomic_t() and wake_up_atomic_t() (bnc#880344).
* Backported new patches of Lock down functions for UEFI secure boot
Also updated series.conf and removed old patches.
* Btrfs: Return EXDEV for cross file system snapshot.
* Btrfs: abort the transaction when we does not find our extent ref.
* Btrfs: avoid warning bomb of btrfs_invalidate_inodes.
* Btrfs: cancel scrub on transaction abortion.
* Btrfs: correctly set profile flags on seqlock retry.
* Btrfs: does not check nodes for extent items.
* Btrfs: fix a possible deadlock between scrub and transaction
committing.
* Btrfs: fix corruption after write/fsync failure + fsync + log
recovery (bnc#894200).
* Btrfs: fix csum tree corruption, duplicate and outdated checksums
(bnc#891619).
* Btrfs: fix double free in find_lock_delalloc_range.
* Btrfs: fix possible memory leak in btrfs_create_tree().
* Btrfs: fix use of uninit 'ret' in end_extent_writepage().
* Btrfs: free delayed node outside of root->inode_lock (bnc#866864).
* Btrfs: make DEV_INFO ioctl available to anyone.
* Btrfs: make FS_INFO ioctl available to anyone.
* Btrfs: make device scan less noisy.
* Btrfs: make sure there are not any read requests before stopping
workers.
* Btrfs: more efficient io tree navigation on wait_extent_bit.
* Btrfs: output warning instead of error when loading free space cache
failed.
* Btrfs: retrieve more info from FS_INFO ioctl.
* Btrfs: return EPERM when deleting a default subvolume (bnc#869934).
* Btrfs: unset DCACHE_DISCONNECTED when mounting default subvol
(bnc#866615).
* Btrfs: use right type to get real comparison.
* Btrfs: wake up @scrub_pause_wait as much as we can.
* Btrfs: wake up transaction thread upon remount.
* CacheFiles: Add missing retrieval completions (bnc#880344).
* CacheFiles: Does not try to dump the index key if the cookie has been
cleared (bnc#880344).
* CacheFiles: Downgrade the requirements passed to the allocator
(bnc#880344).
* CacheFiles: Fix the marking of cached pages (bnc#880344).
* CacheFiles: Implement invalidation (bnc#880344).
* CacheFiles: Make some debugging statements conditional (bnc#880344).
* Drivers: hv: util: Fix a bug in the KVP code (bnc#886840).
* Drivers: hv: vmbus: Fix a bug in the channel callback dispatch code
(bnc#886840).
* FS-Cache: Add transition to handle invalidate immediately after
lookup (bnc#880344).
* FS-Cache: Check that there are no read ops when cookie relinquished
(bnc#880344).
* FS-Cache: Clear remaining page count on retrieval cancellation
(bnc#880344).
* FS-Cache: Convert the object event ID #defines into an enum
(bnc#880344).
* FS-Cache: Does not sleep in page release if __GFP_FS is not set
(bnc#880344).
* FS-Cache: Does not use spin_is_locked() in assertions (bnc#880344).
* FS-Cache: Exclusive op submission can BUG if there is been an I/O
error (bnc#880344).
* FS-Cache: Fix __wait_on_atomic_t() to call the action func if the
counter != 0 (bnc#880344).
* FS-Cache: Fix object state machine to have separate work and wait
states (bnc#880344).
* FS-Cache: Fix operation state management and accounting (bnc#880344).
* FS-Cache: Fix signal handling during waits (bnc#880344).
* FS-Cache: Initialise the object event mask with the calculated mask
(bnc#880344).
* FS-Cache: Limit the number of I/O error reports for a cache
(bnc#880344).
* FS-Cache: Make cookie relinquishment wait for outstanding reads
(bnc#880344).
* FS-Cache: Mark cancellation of in-progress operation (bnc#880344).
* FS-Cache: One of the write operation paths doeses not set the object
state (bnc#880344).
* FS-Cache: Provide proper invalidation (bnc#880344).
* FS-Cache: Simplify cookie retention for fscache_objects, fixing oops
(bnc#880344).
* FS-Cache: The retrieval remaining-pages counter needs to be atomic_t
(bnc#880344).
* FS-Cache: Uninline fscache_object_init() (bnc#880344).
* FS-Cache: Wrap checks on object state (bnc#880344).
* HID: usbhid: add always-poll quirk (bnc#888607).
* HID: usbhid: enable always-poll quirk for Elan Touchscreen
(bnc#888607).
* IB/iser: Add TIMEWAIT_EXIT event handling (bnc#890297).
* Ignore 'flags' change to event_constraint (bnc#876114).
* Ignore data_src/weight changes to perf_sample_data (bnc#876114).
* NFS: Allow more operations in an NFSv4.1 request (bnc#890513).
* NFS: Clean up helper function nfs4_select_rw_stateid() (bnc#888968).
* NFS: Does not copy read delegation stateids in setattr (bnc#888968).
* NFS: Does not use a delegation to open a file when returning that
delegation (bnc#888968, bnc#892200, bnc#893596, bnc#893496)
* NFS: Fixes for NFS RCU-walk support in line with code going upstream
* NFS: Use FS-Cache invalidation (bnc#880344).
* NFS: allow lockless access to access_cache (bnc#866130).
* NFS: avoid mountpoint being displayed as ' (deleted)' in /proc/mounts
(bnc#888591).
* NFS: nfs4_do_open should add negative results to the dcache
(bnc#866130).
* NFS: nfs_migrate_page() does not wait for FS-Cache to finish with a
page (bnc#880344).
* NFS: nfs_open_revalidate: only evaluate parent if it will be used
(bnc#866130).
* NFS: prepare for RCU-walk support but pushing tests later in code
(bnc#866130).
* NFS: support RCU_WALK in nfs_permission() (bnc#866130).
* NFS: teach nfs_lookup_verify_inode to handle LOOKUP_RCU (bnc#866130).
* NFS: teach nfs_neg_need_reval to understand LOOKUP_RCU (bnc#866130).
* NFSD: Does not hand out delegations for 30 seconds after recalling
them (bnc#880370).
* NFSv4 set open access operation call flag in nfs4_init_opendata_res
(bnc#888968, bnc#892200, bnc#893596, bnc#893496).
* NFSv4: Add a helper for encoding opaque data (bnc#888968).
* NFSv4: Add a helper for encoding stateids (bnc#888968).
* NFSv4: Add helpers for basic copying of stateids (bnc#888968).
* NFSv4: Clean up nfs4_select_rw_stateid() (bnc#888968).
* NFSv4: Fix the return value of nfs4_select_rw_stateid (bnc#888968).
* NFSv4: Rename nfs4_copy_stateid() (bnc#888968).
* NFSv4: Resend the READ/WRITE RPC call if a stateid change causes an
error (bnc#888968).
* NFSv4: Simplify the struct nfs4_stateid (bnc#888968).
* NFSv4: The stateid must remain the same for replayed RPC calls
(bnc#888968).
* NFSv4: nfs4_stateid_is_current should return 'true' for an invalid
stateid (bnc#888968).
* One more fix for kABI breakage.
* PCI: Lock down BAR access when module security is enabled
(bnc#884333).
* PCI: enable MPS 'performance' setting to properly handle bridge MPS
(bnc#883376).
* PM / Hibernate: Add memory_rtree_find_bit function (bnc#860441).
* PM / Hibernate: Create a Radix-Tree to store memory bitmap
(bnc#860441).
* PM / Hibernate: Implement position keeping in radix tree
(bnc#860441).
* PM / Hibernate: Iterate over set bits instead of PFNs in
swsusp_free() (bnc#860441).
* PM / Hibernate: Remove the old memory-bitmap implementation
(bnc#860441).
* PM / Hibernate: Touch Soft Lockup Watchdog in rtree_next_node
(bnc#860441).
* Restrict /dev/mem and /dev/kmem when module loading is restricted
(bnc#884333).
* Reuse existing 'state' field to indicate PERF_X86_EVENT_PEBS_LDLAT
(bnc#876114).
* USB: handle LPM errors during device suspend correctly (bnc#849123).
* Update kabi files to reflect fscache change (bnc#880344)
* Update x86_64 config files: re-enable SENSORS_W83627EHF (bnc#891281)
* VFS: Make more complete truncate operation available to CacheFiles
(bnc#880344).
* [FEAT NET1222] ib_uverbs: Allow explicit mmio trigger (FATE#83366,
ltc#83367).
* acpi: Ignore acpi_rsdp kernel parameter when module loading is
restricted (bnc#884333).
* af_iucv: correct cleanup if listen backlog is full (bnc#885262,
LTC#111728).
* asus-wmi: Restrict debugfs interface when module loading is
restricted (bnc#884333).
* autofs4: allow RCU-walk to walk through autofs4 (bnc#866130).
* autofs4: avoid taking fs_lock during rcu-walk (bnc#866130).
* autofs4: does not take spinlock when not needed in
autofs4_lookup_expiring (bnc#866130).
* autofs4: factor should_expire() out of autofs4_expire_indirect
(bnc#866130).
* autofs4: make 'autofs4_can_expire' idempotent (bnc#866130).
* autofs4: remove a redundant assignment (bnc#866130).
* autofs: fix lockref lookup (bnc#888591).
* be2net: add dma_mapping_error() check for dma_map_page()
(bnc#881759).
* block: add cond_resched() to potentially long running ioctl discard
loop (bnc#884725).
* block: fix race between request completion and timeout handling
(bnc#881051).
* cdc-ether: clean packet filter upon probe (bnc#876017).
* cpuset: Fix memory allocator deadlock (bnc#876590).
* crypto: Allow CRYPTO_FIPS without MODULE_SIGNATURES. Not all archs
have them, but some are FIPS certified, with some kernel support.
* crypto: fips - only panic on bad/missing crypto mod signatures
(bnc#887503).
* crypto: testmgr - allow aesni-intel and ghash_clmulni-intel in fips
mode (bnc#889451).
* dasd: validate request size before building CCW/TCW (bnc#891087,
LTC#114068).
* dm mpath: fix race condition between multipath_dtr and pg_init_done
(bnc#826486).
* dm-mpath: fix panic on deleting sg device (bnc#870161).
* drm/ast: AST2000 cannot be detected correctly (bnc#895983).
* drm/ast: Actually load DP501 firmware when required (bnc#895608
bnc#871134).
* drm/ast: Add missing entry to dclk_table[].
* drm/ast: Add reduced non reduced mode parsing for wide screen mode
(bnc#892723).
* drm/ast: initial DP501 support (v0.2) (bnc#871134).
* drm/ast: open key before detect chips (bnc#895983).
* drm/i915: Fix up cpt pixel multiplier enable sequence (bnc#879304).
* drm/i915: Only apply DPMS to the encoder if enabled (bnc#893064).
* drm/i915: clear the FPGA_DBG_RM_NOCLAIM bit at driver init
(bnc#869055).
* drm/i915: create functions for the 'unclaimed register' checks
(bnc#869055).
* drm/i915: use FPGA_DBG for the 'unclaimed register' checks
(bnc#869055).
* drm/mgag200: Initialize data needed to map fbdev memory (bnc
#806990).
* e1000e: enable support for new device IDs (bnc#885509).
* fs/fscache: remove spin_lock() from the condition in while()
(bnc#880344).
* hibernate: Disable in a signed modules environment (bnc#884333).
* hugetlb: does not use ERR_PTR with VM_FAULT* values
* ibmvscsi: Abort init sequence during error recovery (bnc#885382).
* ibmvscsi: Add memory barriers for send / receive (bnc#885382).
* inet: add a redirect generation id in inetpeer (bnc#860593).
* inetpeer: initialize ->redirect_genid in inet_getpeer() (bnc#860593).
* ipv6: tcp: fix tcp_v6_conn_request() (bnc#887645).
* kabi: hide bnc#860593 changes of struct inetpeer_addr_base
(bnc#860593).
* kernel: 3215 tty hang (bnc#891087, LTC#114562).
* kernel: fix data corruption when reading /proc/sysinfo (bnc#891087,
LTC#114480).
* kernel: fix kernel oops with load of fpc register (bnc#889061,
LTC#113596).
* kernel: sclp console tty reference counting (bnc#891087, LTC#115466).
* kexec: Disable at runtime if the kernel enforces module loading
restrictions (bnc#884333).
* md/raid6: avoid data corruption during recovery of double-degraded
RAID6.
* memcg, vmscan: Fix forced scan of anonymous pages (memory reclaim
fix).
* memcg: do not expose uninitialized mem_cgroup_per_node to world
(bnc#883096).
* mm, hugetlb: add VM_NORESERVE check in vma_has_reserves()
* mm, hugetlb: change variable name reservations to resv
* mm, hugetlb: decrement reserve count if VM_NORESERVE alloc page cache
* mm, hugetlb: defer freeing pages when gathering surplus pages
* mm, hugetlb: do not use a page in page cache for cow optimization
* mm, hugetlb: fix and clean-up node iteration code to alloc or free
* mm, hugetlb: fix race in region tracking
* mm, hugetlb: fix subpool accounting handling
* mm, hugetlb: improve page-fault scalability
* mm, hugetlb: improve, cleanup resv_map parameters
* mm, hugetlb: move up the code which check availability of free huge
page
* mm, hugetlb: protect reserved pages when soft offlining a hugepage
* mm, hugetlb: remove decrement_hugepage_resv_vma()
* mm, hugetlb: remove redundant list_empty check in
gather_surplus_pages()
* mm, hugetlb: remove resv_map_put
* mm, hugetlb: remove useless check about mapping type
* mm, hugetlb: return a reserved page to a reserved pool if failed
* mm, hugetlb: trivial commenting fix
* mm, hugetlb: unify region structure handling
* mm, hugetlb: unify region structure handling kabi
* mm, hugetlb: use long vars instead of int in region_count() (Hugetlb
Fault Scalability).
* mm, hugetlb: use vma_resv_map() map types
* mm, oom: fix badness score underflow (bnc#884582, bnc#884767).
* mm, oom: normalize oom scores to oom_score_adj scale only for
userspace (bnc#884582, bnc#884767).
* mm, thp: do not allow thp faults to avoid cpuset restrictions
(bnc#888849).
* net/mlx4_core: Load higher level modules according to ports type
(bnc#887680).
* net/mlx4_core: Load the IB driver when the device supports IBoE
(bnc#887680).
* net/mlx4_en: Fix a race between napi poll function and RX ring
cleanup (bnc#863586).
* net/mlx4_en: Fix selftest failing on non 10G link speed (bnc#888058).
* net: fix checksumming features handling in output path (bnc#891259).
* pagecache_limit: batch large nr_to_scan targets (bnc#895221).
* pagecachelimit: reduce lru_lock congestion for heavy parallel reclaim
fix (bnc#895680).
* perf/core: Add weighted samples (bnc#876114).
* perf/x86: Add flags to event constraints (bnc#876114).
* perf/x86: Add memory profiling via PEBS Load Latency (bnc#876114).
* perf: Add generic memory sampling interface (bnc#876114).
* qla2xxx: Avoid escalating the SCSI error handler if the command is
not found in firmware (bnc#859840).
* qla2xxx: Clear loop_id for ports that are marked lost during fabric
scanning (bnc#859840).
* qla2xxx: Does not check for firmware hung during the reset context
for ISP82XX (bnc#859840).
* qla2xxx: Issue abort command for outstanding commands during cleanup
when only firmware is alive (bnc#859840).
* qla2xxx: Reduce the time we wait for a command to complete during
SCSI error handling (bnc#859840).
* qla2xxx: Set host can_queue value based on available resources
(bnc#859840).
* restore smp_mb() in unlock_new_inode() (bnc#890526).
* s390/pci: introduce lazy IOTLB flushing for DMA unmap (bnc#889061,
LTC#113725).
* sched: fix the theoretical signal_wake_up() vs schedule() race
(bnc#876055).
* sclp_vt220: Enable integrated ASCII console per default (bnc#885262,
LTC#112035).
* scsi_dh: use missing accessor 'scsi_device_from_queue' (bnc#889614).
* scsi_transport_fc: Cap dev_loss_tmo by fast_io_fail (bnc#887608).
* scsiback: correct grant page unmapping.
* scsiback: fix retry handling in __report_luns().
* scsiback: free resources after error.
* sunrpc/auth: allow lockless (rcu) lookup of credential cache
(bnc#866130).
* supported.conf: remove external from drivers/net/veth (bnc#889727)
* supported.conf: support net/sched/act_police.ko (bnc#890426)
* tcp: adapt selected parts of RFC 5682 and PRR logic (bnc#879921).
* tg3: Change nvram command timeout value to 50ms (bnc#855657).
* tg3: Override clock, link aware and link idle mode during NVRAM dump
(bnc#855657).
* tg3: Set the MAC clock to the fastest speed during boot code load
(bnc#855657).
* usb: Does not enable LPM if the exit latency is zero (bnc#832309).
* usbcore: Does not log on consecutive debounce failures of the same
port (bnc#888105).
* usbhid: fix PIXART optical mouse (bnc#888607).
* uswsusp: Disable when module loading is restricted (bnc#884333).
* vscsi: support larger transfer sizes (bnc#774818).
* writeback: Do not sync data dirtied after sync start (bnc#833820).
* x86 thermal: Delete power-limit-notification console messages
(bnc#882317).
* x86 thermal: Disable power limit notification interrupt by default
(bnc#882317).
* x86 thermal: Re-enable power limit notification interrupt by default
(bnc#882317).
* x86, cpu hotplug: Fix stack frame warning in
check_irq_vectors_for_cpu_disable() (bnc#887418).
* x86/UV: Add call to KGDB/KDB from NMI handler (bnc#888847).
* x86/UV: Add kdump to UV NMI handler (bnc#888847).
* x86/UV: Add summary of cpu activity to UV NMI handler (bnc#888847).
* x86/UV: Move NMI support (bnc#888847).
* x86/UV: Update UV support for external NMI signals (bnc#888847).
* x86/uv/nmi: Fix Sparse warnings (bnc#888847).
* x86: Add check for number of available vectors before CPU down
(bnc#887418).
* x86: Lock down IO port access when module security is enabled
(bnc#884333).
* x86: Restrict MSR access when module loading is restricted
(bnc#884333).
Security Issues:
* CVE-2013-1979
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1979>
* CVE-2014-1739
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1739>
* CVE-2014-2706
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2706>
* CVE-2014-4027
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4027>
* CVE-2014-4171
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4171>
* CVE-2014-4508
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508>
* CVE-2014-4667
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667>
* CVE-2014-4943
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943>
* CVE-2014-5077
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5077>
* CVE-2014-5471
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471>
* CVE-2014-5472
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5472>
* CVE-2014-3153
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153>
* CVE-2014-6410
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6410>
The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix
various bugs and security issues.
Following security bugs were fixed: CVE-2013-1979: The scm_set_cred
function in include/net/scm.h in the Linux kernel before 3.8.11 uses
incorrect uid and gid values during credentials passing, which allows local
users to gain privileges via a crafted application (bnc#816708).
CVE-2014-1739: The media_device_enum_entities function in
drivers/media/media-device.c in the Linux kernel before 3.14.6 does not
initialize a certain data structure, which allows local users to obtain
sensitive information from kernel memory by leveraging /dev/media0 read
access for a MEDIA_IOC_ENUM_ENTITIES ioctl call (bnc#882804).
CVE-2014-4171: mm/shmem.c in the Linux kernel through 3.15.1 does not
properly implement the interaction between range notification and hole
punching, which allows local users to cause a denial of service (i_mutex
hold) by using the mmap system call to access a hole, as demonstrated by
interfering with intended shmem activity by blocking completion of (1) an
MADV_REMOVE madvise call or (2) an FALLOC_FL_PUNCH_HOLE fallocate call
(bnc#883518).
CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel through
3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the
sep CPU feature flag is set, allows local users to cause a denial of
service (OOPS and system crash) via an invalid syscall number, as
demonstrated by number 1000 (bnc#883724).
CVE-2014-4667: The sctp_association_free function in net/sctp/associola.c
in the Linux kernel before 3.15.2 does not properly manage a certain
backlog value, which allows remote attackers to cause a denial of service
(socket outage) via a crafted SCTP packet (bnc#885422).
CVE-2014-4943: The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux
kernel through 3.15.6 allows local users to gain privileges by leveraging
data-structure differences between an l2tp socket and an inet socket
(bnc#887082).
CVE-2014-5077: The sctp_assoc_update function in net/sctp/associola.c in
the Linux kernel through 3.15.8, when SCTP authentication is enabled,
allows remote attackers to cause a denial of service (NULL pointer
dereference and OOPS) by starting to establish an association between two
endpoints immediately after an exchange of INIT and INIT ACK chunks to
establish an earlier association between these endpoints in the opposite
direction (bnc#889173).
CVE-2014-5471: Stack consumption vulnerability in the
parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux
kernel through 3.16.1 allows local users to cause a denial of service
(uncontrolled recursion, and system crash or reboot) via a crafted iso9660
image with a CL entry referring to a directory entry that has a CL entry.
(bnc#892490)
CVE-2014-5472: The parse_rock_ridge_inode_internal function in
fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to
cause a denial of service (unkillable mount process) via a crafted iso9660
image with a self-referential CL entry. (bnc#892490)
CVE-2014-2706: Race condition in the mac80211 subsystem in the Linux kernel
before 3.13.7 allows remote attackers to cause a denial of service (system
crash) via network traffic that improperly interacts with the
WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and
tx.c. (bnc#871797)
CVE-2014-4027: The rd_build_device_space function in
drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not
properly initialize a certain data structure, which allows local users to
obtain sensitive information from ramdisk_mcp memory by leveraging access
to a SCSI initiator. (bnc#882639)
CVE-2014-3153 The futex_requeue function in kernel/futex.c in the Linux
kernel through 3.14.5 does not ensure that calls have two different futex
addresses, which allows local users to gain privileges via a crafted
FUTEX_REQUEUE command that facilitates unsafe waiter modification.
(bnc#880892)
CVE-2014-6410: Avoid infinite loop when processing indirect ICBs
(bnc#896689)
The following non-security bugs were fixed: - ACPI / PAD: call schedule()
when need_resched() is true (bnc#866911). - ACPI: Fix bug when ACPI reset
register is implemented in system memory (bnc#882900). - ACPI: Limit access
to custom_method (bnc#884333). - ALSA: hda - Enabling Realtek ALC 671 codec
(bnc#891746). - Add option to automatically enforce module signatures when
in Secure Boot mode (bnc#884333). - Add secure_modules() call (bnc#884333).
- Add wait_on_atomic_t() and wake_up_atomic_t() (bnc#880344). - Backported
new patches of Lock down functions for UEFI secure boot Also updated
series.conf and removed old patches. - Btrfs: Return EXDEV for cross file
system snapshot. - Btrfs: abort the transaction when we does not find our
extent ref. - Btrfs: avoid warning bomb of btrfs_invalidate_inodes. -
Btrfs: cancel scrub on transaction abortion. - Btrfs: correctly set profile
flags on seqlock retry. - Btrfs: does not check nodes for extent items. -
Btrfs: fix a possible deadlock between scrub and transaction committing. -
Btrfs: fix corruption after write/fsync failure + fsync + log recovery
(bnc#894200). - Btrfs: fix csum tree corruption, duplicate and outdated
checksums (bnc#891619). - Btrfs: fix double free in
find_lock_delalloc_range. - Btrfs: fix possible memory leak in
btrfs_create_tree(). - Btrfs: fix use of uninit 'ret' in
end_extent_writepage(). - Btrfs: free delayed node outside of
root->inode_lock (bnc#866864). - Btrfs: make DEV_INFO ioctl available to
anyone. - Btrfs: make FS_INFO ioctl available to anyone. - Btrfs: make
device scan less noisy. - Btrfs: make sure there are not any read requests
before stopping workers. - Btrfs: more efficient io tree navigation on
wait_extent_bit. - Btrfs: output warning instead of error when loading free
space cache failed. - Btrfs: retrieve more info from FS_INFO ioctl. -
Btrfs: return EPERM when deleting a default subvolume (bnc#869934). -
Btrfs: unset DCACHE_DISCONNECTED when mounting default subvol (bnc#866615).
- Btrfs: use right type to get real comparison. - Btrfs: wake up
@scrub_pause_wait as much as we can. - Btrfs: wake up transaction thread
upon remount. - CacheFiles: Add missing retrieval completions (bnc#880344).
- CacheFiles: Does not try to dump the index key if the cookie has been
cleared (bnc#880344). - CacheFiles: Downgrade the requirements passed to
the allocator (bnc#880344). - CacheFiles: Fix the marking of cached pages
(bnc#880344). - CacheFiles: Implement invalidation (bnc#880344). -
CacheFiles: Make some debugging statements conditional (bnc#880344). -
Drivers: hv: util: Fix a bug in the KVP code (bnc#886840). - Drivers: hv:
vmbus: Fix a bug in the channel callback dispatch code (bnc#886840). -
FS-Cache: Add transition to handle invalidate immediately after lookup
(bnc#880344). - FS-Cache: Check that there are no read ops when cookie
relinquished (bnc#880344). - FS-Cache: Clear remaining page count on
retrieval cancellation (bnc#880344). - FS-Cache: Convert the object event
ID #defines into an enum (bnc#880344). - FS-Cache: Does not sleep in page
release if __GFP_FS is not set (bnc#880344). - FS-Cache: Does not use
spin_is_locked() in assertions (bnc#880344). - FS-Cache: Exclusive op
submission can BUG if there is been an I/O error (bnc#880344). - FS-Cache:
Fix __wait_on_atomic_t() to call the action func if the counter != 0
(bnc#880344). - FS-Cache: Fix object state machine to have separate work
and wait states (bnc#880344). - FS-Cache: Fix operation state management
and accounting (bnc#880344). - FS-Cache: Fix signal handling during waits
(bnc#880344). - FS-Cache: Initialise the object event mask with the
calculated mask (bnc#880344). - FS-Cache: Limit the number of I/O error
reports for a cache (bnc#880344). - FS-Cache: Make cookie relinquishment
wait for outstanding reads (bnc#880344). - FS-Cache: Mark cancellation of
in-progress operation (bnc#880344). - FS-Cache: One of the write operation
paths doeses not set the object state (bnc#880344). - FS-Cache: Provide
proper invalidation (bnc#880344). - FS-Cache: Simplify cookie retention for
fscache_objects, fixing oops (bnc#880344). - FS-Cache: The retrieval
remaining-pages counter needs to be atomic_t (bnc#880344). - FS-Cache:
Uninline fscache_object_init() (bnc#880344). - FS-Cache: Wrap checks on
object state (bnc#880344). - HID: usbhid: add always-poll quirk
(bnc#888607). - HID: usbhid: enable always-poll quirk for Elan Touchscreen
(bnc#888607). - IB/iser: Add TIMEWAIT_EXIT event handling (bnc#890297). -
Ignore 'flags' change to event_constraint (bnc#876114). - Ignore
data_src/weight changes to perf_sample_data (bnc#876114). - NFS: Allow more
operations in an NFSv4.1 request (bnc#890513). - NFS: Clean up helper
function nfs4_select_rw_stateid() (bnc#888968). - NFS: Does not copy read
delegation stateids in setattr (bnc#888968). - NFS: Does not use a
delegation to open a file when returning that delegation (bnc#888968,
bnc#892200, bnc#893596, bnc#893496) - NFS: Fixes for NFS RCU-walk support
in line with code going upstream - NFS: Use FS-Cache invalidation
(bnc#880344). - NFS: allow lockless access to access_cache (bnc#866130). -
NFS: avoid mountpoint being displayed as ' (deleted)' in /proc/mounts
(bnc#888591). - NFS: nfs4_do_open should add negative results to the dcache
(bnc#866130). - NFS: nfs_migrate_page() does not wait for FS-Cache to
finish with a page (bnc#880344). - NFS: nfs_open_revalidate: only evaluate
parent if it will be used (bnc#866130). - NFS: prepare for RCU-walk support
but pushing tests later in code (bnc#866130). - NFS: support RCU_WALK in
nfs_permission() (bnc#866130). - NFS: teach nfs_lookup_verify_inode to
handle LOOKUP_RCU (bnc#866130). - NFS: teach nfs_neg_need_reval to
understand LOOKUP_RCU (bnc#866130). - NFSD: Does not hand out delegations
for 30 seconds after recalling them (bnc#880370). - NFSv4 set open access
operation call flag in nfs4_init_opendata_res (bnc#888968, bnc#892200,
bnc#893596, bnc#893496). - NFSv4: Add a helper for encoding opaque data
(bnc#888968). - NFSv4: Add a helper for encoding stateids (bnc#888968). -
NFSv4: Add helpers for basic copying of stateids (bnc#888968). - NFSv4:
Clean up nfs4_select_rw_stateid() (bnc#888968). - NFSv4: Fix the return
value of nfs4_select_rw_stateid (bnc#888968). - NFSv4: Rename
nfs4_copy_stateid() (bnc#888968). - NFSv4: Resend the READ/WRITE RPC call
if a stateid change causes an error (bnc#888968). - NFSv4: Simplify the
struct nfs4_stateid (bnc#888968). - NFSv4: The stateid must remain the same
for replayed RPC calls (bnc#888968). - NFSv4: nfs4_stateid_is_current
should return 'true' for an invalid stateid (bnc#888968). - One more fix
for kABI breakage. - PCI: Lock down BAR access when module security is
enabled (bnc#884333). - PCI: enable MPS 'performance' setting to properly
handle bridge MPS (bnc#883376). - PM / Hibernate: Add memory_rtree_find_bit
function (bnc#860441). - PM / Hibernate: Create a Radix-Tree to store
memory bitmap (bnc#860441). - PM / Hibernate: Implement position keeping in
radix tree (bnc#860441). - PM / Hibernate: Iterate over set bits instead of
PFNs in swsusp_free() (bnc#860441). - PM / Hibernate: Remove the old
memory-bitmap implementation (bnc#860441). - PM / Hibernate: Touch Soft
Lockup Watchdog in rtree_next_node (bnc#860441). - Restrict /dev/mem and
/dev/kmem when module loading is restricted (bnc#884333). - Reuse existing
'state' field to indicate PERF_X86_EVENT_PEBS_LDLAT (bnc#876114). - USB:
handle LPM errors during device suspend correctly (bnc#849123). - Update
kabi files to reflect fscache change (bnc#880344) - Update x86_64 config
files: re-enable SENSORS_W83627EHF (bnc#891281) - VFS: Make more complete
truncate operation available to CacheFiles (bnc#880344). - [FEAT NET1222]
ib_uverbs: Allow explicit mmio trigger (FATE#83366, ltc#83367). - acpi:
Ignore acpi_rsdp kernel parameter when module loading is restricted
(bnc#884333). - af_iucv: correct cleanup if listen backlog is full
(bnc#885262, LTC#111728). - asus-wmi: Restrict debugfs interface when
module loading is restricted (bnc#884333). - autofs4: allow RCU-walk to
walk through autofs4 (bnc#866130). - autofs4: avoid taking fs_lock during
rcu-walk (bnc#866130). - autofs4: does not take spinlock when not needed in
autofs4_lookup_expiring (bnc#866130). - autofs4: factor should_expire() out
of autofs4_expire_indirect (bnc#866130). - autofs4: make
'autofs4_can_expire' idempotent (bnc#866130). - autofs4: remove a redundant
assignment (bnc#866130). - autofs: fix lockref lookup (bnc#888591). -
be2net: add dma_mapping_error() check for dma_map_page() (bnc#881759). -
block: add cond_resched() to potentially long running ioctl discard loop
(bnc#884725). - block: fix race between request completion and timeout
handling (bnc#881051). - cdc-ether: clean packet filter upon probe
(bnc#876017). - cpuset: Fix memory allocator deadlock (bnc#876590). -
crypto: Allow CRYPTO_FIPS without MODULE_SIGNATURES. Not all archs have
them, but some are FIPS certified, with some kernel support. - crypto: fips
- only panic on bad/missing crypto mod signatures (bnc#887503). - crypto:
testmgr - allow aesni-intel and ghash_clmulni-intel in fips mode
(bnc#889451). - dasd: validate request size before building CCW/TCW
(bnc#891087, LTC#114068). - dm mpath: fix race condition between
multipath_dtr and pg_init_done (bnc#826486). - dm-mpath: fix panic on
deleting sg device (bnc#870161). - drm/ast: AST2000 cannot be detected
correctly (bnc#895983). - drm/ast: Actually load DP501 firmware when
required (bnc#895608 bnc#871134). - drm/ast: Add missing entry to
dclk_table[]. - drm/ast: Add reduced non reduced mode parsing for wide
screen mode (bnc#892723). - drm/ast: initial DP501 support (v0.2)
(bnc#871134). - drm/ast: open key before detect chips (bnc#895983). -
drm/i915: Fix up cpt pixel multiplier enable sequence (bnc#879304). -
drm/i915: Only apply DPMS to the encoder if enabled (bnc#893064). -
drm/i915: clear the FPGA_DBG_RM_NOCLAIM bit at driver init (bnc#869055). -
drm/i915: create functions for the 'unclaimed register' checks
(bnc#869055). - drm/i915: use FPGA_DBG for the 'unclaimed register' checks
(bnc#869055). - drm/mgag200: Initialize data needed to map fbdev memory
(bnc #806990). - e1000e: enable support for new device IDs (bnc#885509). -
fs/fscache: remove spin_lock() from the condition in while() (bnc#880344).
- hibernate: Disable in a signed modules environment (bnc#884333). -
hugetlb: does not use ERR_PTR with VM_FAULT* values - ibmvscsi: Abort init
sequence during error recovery (bnc#885382). - ibmvscsi: Add memory
barriers for send / receive (bnc#885382). - inet: add a redirect generation
id in inetpeer (bnc#860593). - inetpeer: initialize ->redirect_genid in
inet_getpeer() (bnc#860593). - ipv6: tcp: fix tcp_v6_conn_request()
(bnc#887645). - kabi: hide bnc#860593 changes of struct inetpeer_addr_base
(bnc#860593). - kernel: 3215 tty hang (bnc#891087, LTC#114562). - kernel:
fix data corruption when reading /proc/sysinfo (bnc#891087, LTC#114480). -
kernel: fix kernel oops with load of fpc register (bnc#889061, LTC#113596).
- kernel: sclp console tty reference counting (bnc#891087, LTC#115466). -
kexec: Disable at runtime if the kernel enforces module loading
restrictions (bnc#884333). - md/raid6: avoid data corruption during
recovery of double-degraded RAID6. - memcg, vmscan: Fix forced scan of
anonymous pages (memory reclaim fix). - memcg: do not expose uninitialized
mem_cgroup_per_node to world (bnc#883096). - mm, hugetlb: add VM_NORESERVE
check in vma_has_reserves() - mm, hugetlb: change variable name
reservations to resv - mm, hugetlb: decrement reserve count if VM_NORESERVE
alloc page cache - mm, hugetlb: defer freeing pages when gathering surplus
pages - mm, hugetlb: do not use a page in page cache for cow optimization -
mm, hugetlb: fix and clean-up node iteration code to alloc or free - mm,
hugetlb: fix race in region tracking - mm, hugetlb: fix subpool accounting
handling - mm, hugetlb: improve page-fault scalability - mm, hugetlb:
improve, cleanup resv_map parameters - mm, hugetlb: move up the code which
check availability of free huge page - mm, hugetlb: protect reserved pages
when soft offlining a hugepage - mm, hugetlb: remove
decrement_hugepage_resv_vma() - mm, hugetlb: remove redundant list_empty
check in gather_surplus_pages() - mm, hugetlb: remove resv_map_put - mm,
hugetlb: remove useless check about mapping type - mm, hugetlb: return a
reserved page to a reserved pool if failed - mm, hugetlb: trivial
commenting fix - mm, hugetlb: unify region structure handling - mm,
hugetlb: unify region structure handling kabi - mm, hugetlb: use long vars
instead of int in region_count() (Hugetlb Fault Scalability). - mm,
hugetlb: use vma_resv_map() map types - mm, oom: fix badness score
underflow (bnc#884582, bnc#884767). - mm, oom: normalize oom scores to
oom_score_adj scale only for userspace (bnc#884582, bnc#884767). - mm, thp:
do not allow thp faults to avoid cpuset restrictions (bnc#888849). -
net/mlx4_core: Load higher level modules according to ports type
(bnc#887680). - net/mlx4_core: Load the IB driver when the device supports
IBoE (bnc#887680). - net/mlx4_en: Fix a race between napi poll function and
RX ring cleanup (bnc#863586). - net/mlx4_en: Fix selftest failing on non
10G link speed (bnc#888058). - net: fix checksumming features handling in
output path (bnc#891259). - pagecache_limit: batch large nr_to_scan targets
(bnc#895221). - pagecachelimit: reduce lru_lock congestion for heavy
parallel reclaim fix (bnc#895680). - perf/core: Add weighted samples
(bnc#876114). - perf/x86: Add flags to event constraints (bnc#876114). -
perf/x86: Add memory profiling via PEBS Load Latency (bnc#876114). - perf:
Add generic memory sampling interface (bnc#876114). - qla2xxx: Avoid
escalating the SCSI error handler if the command is not found in firmware
(bnc#859840). - qla2xxx: Clear loop_id for ports that are marked lost
during fabric scanning (bnc#859840). - qla2xxx: Does not check for firmware
hung during the reset context for ISP82XX (bnc#859840). - qla2xxx: Issue
abort command for outstanding commands during cleanup when only firmware is
alive (bnc#859840). - qla2xxx: Reduce the time we wait for a command to
complete during SCSI error handling (bnc#859840). - qla2xxx: Set host
can_queue value based on available resources (bnc#859840). - restore
smp_mb() in unlock_new_inode() (bnc#890526). - s390/pci: introduce lazy
IOTLB flushing for DMA unmap (bnc#889061, LTC#113725). - sched: fix the
theoretical signal_wake_up() vs schedule() race (bnc#876055). - sclp_vt220:
Enable integrated ASCII console per default (bnc#885262, LTC#112035). -
scsi_dh: use missing accessor 'scsi_device_from_queue' (bnc#889614). -
scsi_transport_fc: Cap dev_loss_tmo by fast_io_fail (bnc#887608). -
scsiback: correct grant page unmapping. - scsiback: fix retry handling in
__report_luns(). - scsiback: free resources after error. - sunrpc/auth:
allow lockless (rcu) lookup of credential cache (bnc#866130). -
supported.conf: remove external from drivers/net/veth (bnc#889727) -
supported.conf: support net/sched/act_police.ko (bnc#890426) - tcp: adapt
selected parts of RFC 5682 and PRR logic (bnc#879921). - tg3: Change nvram
command timeout value to 50ms (bnc#855657). - tg3: Override clock, link
aware and link idle mode during NVRAM dump (bnc#855657). - tg3: Set the MAC
clock to the fastest speed during boot code load (bnc#855657). - usb: Does
not enable LPM if the exit latency is zero (bnc#832309). - usbcore: Does
not log on consecutive debounce failures of the same port (bnc#888105). -
usbhid: fix PIXART optical mouse (bnc#888607). - uswsusp: Disable when
module loading is restricted (bnc#884333). - vscsi: support larger transfer
sizes (bnc#774818). - writeback: Do not sync data dirtied after sync start
(bnc#833820). - x86 thermal: Delete power-limit-notification console
messages (bnc#882317). - x86 thermal: Disable power limit notification
interrupt by default (bnc#882317). - x86 thermal: Re-enable power limit
notification interrupt by default (bnc#882317). - x86, cpu hotplug: Fix
stack frame warning in check_irq_vectors_for_cpu_disable() (bnc#887418). -
x86/UV: Add call to KGDB/KDB from NMI handler (bnc#888847). - x86/UV: Add
kdump to UV NMI handler (bnc#888847). - x86/UV: Add summary of cpu activity
to UV NMI handler (bnc#888847). - x86/UV: Move NMI support (bnc#888847). -
x86/UV: Update UV support for external NMI signals (bnc#888847). -
x86/uv/nmi: Fix Sparse warnings (bnc#888847). - x86: Add check for number
of available vectors before CPU down (bnc#887418). - x86: Lock down IO port
access when module security is enabled (bnc#884333). - x86: Restrict MSR
access when module loading is restricted (bnc#884333).
Security Issues:
* CVE-2013-1979
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1979>
* CVE-2014-1739
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1739>
* CVE-2014-2706
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2706>
* CVE-2014-4027
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4027>
* CVE-2014-4171
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4171>
* CVE-2014-4508
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508>
* CVE-2014-4667
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667>
* CVE-2014-4943
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943>
* CVE-2014-5077
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5077>
* CVE-2014-5471
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471>
* CVE-2014-5472
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5472>
* CVE-2014-3153
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153>
* CVE-2014-6410
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6410>
SUSE bug 599263SUSE bug 708296SUSE bug 733022SUSE bug 745640SUSE bug 755743SUSE bug 760407SUSE bug 763463SUSE bug 763968SUSE bug 765523SUSE bug 767610SUSE bug 769035SUSE bug 769644SUSE bug 770541SUSE bug 771619SUSE bug 773006SUSE bug 773255SUSE bug 773837SUSE bug 774818SUSE bug 779488SUSE bug 783475SUSE bug 785901SUSE bug 786450SUSE bug 787843SUSE bug 789010SUSE bug 789359SUSE bug 792271SUSE bug 793727SUSE bug 794824SUSE bug 797090SUSE bug 797526SUSE bug 797727SUSE bug 797909SUSE bug 798050SUSE bug 800255SUSE bug 800875SUSE bug 801341SUSE bug 801427SUSE bug 803320SUSE bug 804482SUSE bug 804609SUSE bug 804950SUSE bug 805114SUSE bug 805371SUSE bug 805740SUSE bug 805804SUSE bug 806396SUSE bug 806976SUSE bug 806988SUSE bug 806990SUSE bug 807434SUSE bug 807471SUSE bug 807502SUSE bug 808015SUSE bug 808079SUSE bug 808136SUSE bug 808837SUSE bug 808855SUSE bug 808940SUSE bug 809122SUSE bug 809130SUSE bug 809463SUSE bug 809895SUSE bug 809975SUSE bug 810323SUSE bug 810722SUSE bug 812274SUSE bug 812281SUSE bug 812332SUSE bug 812526SUSE bug 812974SUSE bug 813245SUSE bug 813604SUSE bug 813733SUSE bug 813922SUSE bug 814336SUSE bug 815256SUSE bug 815320SUSE bug 815356SUSE bug 816043SUSE bug 816099SUSE bug 816451SUSE bug 816708SUSE bug 817035SUSE bug 817377SUSE bug 818047SUSE bug 818064SUSE bug 818371SUSE bug 818465SUSE bug 818545SUSE bug 819018SUSE bug 819195SUSE bug 819363SUSE bug 819523SUSE bug 819610SUSE bug 819655SUSE bug 819979SUSE bug 820102SUSE bug 820172SUSE bug 820338SUSE bug 820434SUSE bug 820848SUSE bug 821052SUSE bug 821070SUSE bug 821235SUSE bug 821259SUSE bug 821465SUSE bug 821619SUSE bug 821799SUSE bug 821859SUSE bug 821930SUSE bug 821948SUSE bug 821980SUSE bug 822052SUSE bug 822066SUSE bug 822077SUSE bug 822080SUSE bug 822164SUSE bug 822225SUSE bug 822340SUSE bug 822431SUSE bug 822433SUSE bug 822575SUSE bug 822579SUSE bug 822722SUSE bug 822825SUSE bug 822878SUSE bug 823082SUSE bug 823223SUSE bug 823342SUSE bug 823386SUSE bug 823517SUSE bug 823597SUSE bug 823618SUSE bug 823795SUSE bug 824159SUSE bug 824256SUSE bug 824295SUSE bug 824568SUSE bug 824915SUSE bug 825006SUSE bug 825037SUSE bug 825048SUSE bug 825142SUSE bug 825227SUSE bug 825291SUSE bug 825591SUSE bug 825657SUSE bug 825696SUSE bug 825887SUSE bug 825896SUSE bug 826102SUSE bug 826186SUSE bug 826350SUSE bug 826486SUSE bug 826602SUSE bug 826756SUSE bug 826960SUSE bug 826978SUSE bug 827246SUSE bug 827271SUSE bug 827372SUSE bug 827376SUSE bug 827378SUSE bug 827416SUSE bug 827527SUSE bug 827670SUSE bug 827749SUSE bug 827750SUSE bug 827767SUSE bug 827930SUSE bug 827966SUSE bug 828087SUSE bug 828119SUSE bug 828192SUSE bug 828236SUSE bug 828265SUSE bug 828574SUSE bug 828714SUSE bug 828886SUSE bug 828894SUSE bug 828914SUSE bug 829001SUSE bug 829082SUSE bug 829110SUSE bug 829357SUSE bug 829539SUSE bug 829622SUSE bug 829682SUSE bug 830346SUSE bug 830478SUSE bug 830766SUSE bug 830822SUSE bug 830901SUSE bug 830985SUSE bug 831029SUSE bug 831055SUSE bug 831058SUSE bug 831103SUSE bug 831143SUSE bug 831380SUSE bug 831410SUSE bug 831422SUSE bug 831424SUSE bug 831438SUSE bug 831623SUSE bug 831949SUSE bug 832292SUSE bug 832309SUSE bug 832318SUSE bug 832710SUSE bug 833073SUSE bug 833097SUSE bug 833148SUSE bug 833151SUSE bug 833321SUSE bug 833588SUSE bug 833635SUSE bug 833820SUSE bug 833858SUSE bug 833968SUSE bug 834116SUSE bug 834204SUSE bug 834473SUSE bug 834600SUSE bug 834647SUSE bug 834708SUSE bug 834742SUSE bug 834808SUSE bug 834905SUSE bug 835074SUSE bug 835094SUSE bug 835175SUSE bug 835186SUSE bug 835189SUSE bug 835684SUSE bug 835839SUSE bug 835930SUSE bug 836218SUSE bug 836347SUSE bug 836718SUSE bug 836801SUSE bug 837206SUSE bug 837372SUSE bug 837563SUSE bug 837596SUSE bug 837739SUSE bug 837741SUSE bug 837803SUSE bug 838346SUSE bug 838448SUSE bug 838623SUSE bug 839407SUSE bug 839973SUSE bug 840116SUSE bug 840226SUSE bug 840524SUSE bug 840830SUSE bug 841050SUSE bug 841094SUSE bug 841402SUSE bug 841445SUSE bug 841498SUSE bug 841654SUSE bug 841656SUSE bug 842057SUSE bug 842063SUSE bug 842239SUSE bug 842604SUSE bug 842820SUSE bug 843185SUSE bug 843419SUSE bug 843429SUSE bug 843445SUSE bug 843642SUSE bug 843645SUSE bug 843654SUSE bug 843732SUSE bug 843753SUSE bug 843950SUSE bug 844513SUSE bug 845352SUSE bug 845378SUSE bug 845621SUSE bug 845729SUSE bug 846036SUSE bug 846298SUSE bug 846404SUSE bug 846654SUSE bug 846656SUSE bug 846690SUSE bug 846790SUSE bug 846984SUSE bug 846989SUSE bug 847261SUSE bug 847319SUSE bug 847652SUSE bug 847660SUSE bug 847672SUSE bug 847721SUSE bug 847842SUSE bug 848055SUSE bug 848317SUSE bug 848321SUSE bug 848335SUSE bug 848336SUSE bug 848544SUSE bug 848652SUSE bug 848864SUSE bug 849021SUSE bug 849029SUSE bug 849034SUSE bug 849123SUSE bug 849256SUSE bug 849362SUSE bug 849364SUSE bug 849404SUSE bug 849675SUSE bug 849809SUSE bug 849855SUSE bug 849950SUSE bug 850072SUSE bug 850103SUSE bug 850324SUSE bug 850493SUSE bug 850640SUSE bug 850915SUSE bug 851066SUSE bug 851101SUSE bug 851290SUSE bug 851314SUSE bug 851426SUSE bug 851603SUSE bug 851879SUSE bug 852153SUSE bug 852373SUSE bug 852488SUSE bug 852553SUSE bug 852558SUSE bug 852559SUSE bug 852624SUSE bug 852652SUSE bug 852761SUSE bug 852967SUSE bug 853040SUSE bug 853050SUSE bug 853051SUSE bug 853052SUSE bug 853053SUSE bug 853162SUSE bug 853166SUSE bug 853428SUSE bug 853455SUSE bug 853465SUSE bug 854025SUSE bug 854445SUSE bug 854516SUSE bug 854546SUSE bug 854634SUSE bug 854722SUSE bug 855126SUSE bug 855657SUSE bug 855825SUSE bug 856307SUSE bug 856481SUSE bug 856760SUSE bug 856848SUSE bug 857358SUSE bug 857643SUSE bug 857926SUSE bug 858534SUSE bug 858604SUSE bug 858831SUSE bug 858869SUSE bug 858870SUSE bug 858872SUSE bug 859225SUSE bug 859342SUSE bug 859840SUSE bug 860441SUSE bug 860593SUSE bug 861093SUSE bug 861636SUSE bug 861980SUSE bug 862429SUSE bug 862796SUSE bug 862934SUSE bug 862957SUSE bug 863178SUSE bug 863300SUSE bug 863335SUSE bug 863410SUSE bug 863526SUSE bug 863586SUSE bug 863873SUSE bug 864025SUSE bug 864058SUSE bug 864401SUSE bug 864404SUSE bug 864409SUSE bug 864411SUSE bug 864464SUSE bug 864833SUSE bug 864880SUSE bug 865310SUSE bug 865330SUSE bug 865342SUSE bug 865419SUSE bug 865783SUSE bug 865882SUSE bug 866081SUSE bug 866102SUSE bug 866130SUSE bug 866253SUSE bug 866428SUSE bug 866615SUSE bug 866800SUSE bug 866864SUSE bug 866911SUSE bug 867362SUSE bug 867517SUSE bug 867531SUSE bug 867723SUSE bug 867953SUSE bug 868049SUSE bug 868488SUSE bug 868528SUSE bug 868653SUSE bug 868748SUSE bug 869033SUSE bug 869055SUSE bug 869414SUSE bug 869563SUSE bug 869934SUSE bug 870161SUSE bug 870173SUSE bug 870335SUSE bug 870450SUSE bug 870496SUSE bug 870498SUSE bug 870576SUSE bug 870591SUSE bug 870618SUSE bug 870801SUSE bug 870877SUSE bug 870958SUSE bug 871134SUSE bug 871561SUSE bug 871634SUSE bug 871676SUSE bug 871728SUSE bug 871797SUSE bug 871854SUSE bug 871861SUSE bug 871899SUSE bug 872188SUSE bug 872540SUSE bug 872634SUSE bug 873061SUSE bug 873228SUSE bug 873374SUSE bug 873463SUSE bug 874108SUSE bug 874145SUSE bug 874440SUSE bug 874577SUSE bug 875051SUSE bug 875386SUSE bug 875690SUSE bug 875798SUSE bug 876017SUSE bug 876055SUSE bug 876086SUSE bug 876102SUSE bug 876114SUSE bug 876176SUSE bug 876463SUSE bug 876590SUSE bug 876594SUSE bug 876633SUSE bug 877013SUSE bug 877257SUSE bug 877456SUSE bug 877497SUSE bug 877593SUSE bug 877775SUSE bug 878115SUSE bug 878123SUSE bug 878274SUSE bug 878407SUSE bug 878509SUSE bug 879304SUSE bug 879921SUSE bug 879957SUSE bug 880007SUSE bug 880344SUSE bug 880357SUSE bug 880370SUSE bug 880437SUSE bug 880484SUSE bug 880892SUSE bug 881051SUSE bug 881571SUSE bug 881759SUSE bug 881761SUSE bug 881939SUSE bug 882317SUSE bug 882324SUSE bug 882470SUSE bug 882639SUSE bug 882804SUSE bug 882900SUSE bug 883096SUSE bug 883376SUSE bug 883380SUSE bug 883518SUSE bug 883724SUSE bug 883795SUSE bug 883948SUSE bug 884333SUSE bug 884582SUSE bug 884725SUSE bug 884767SUSE bug 884817SUSE bug 885077SUSE bug 885262SUSE bug 885382SUSE bug 885422SUSE bug 885509SUSE bug 885725SUSE bug 886840SUSE bug 887082SUSE bug 887418SUSE bug 887503SUSE bug 887597SUSE bug 887608SUSE bug 887645SUSE bug 887680SUSE bug 888058SUSE bug 888105SUSE bug 888591SUSE bug 888607SUSE bug 888847SUSE bug 888849SUSE bug 888968SUSE bug 889061SUSE bug 889173SUSE bug 889221SUSE bug 889451SUSE bug 889614SUSE bug 889727SUSE bug 890297SUSE bug 890426SUSE bug 890513SUSE bug 890526SUSE bug 891087SUSE bug 891211SUSE bug 891212SUSE bug 891259SUSE bug 891277SUSE bug 891281SUSE bug 891368SUSE bug 891619SUSE bug 891641SUSE bug 891746SUSE bug 891790SUSE bug 892200SUSE bug 892490SUSE bug 892723SUSE bug 892782SUSE bug 893064SUSE bug 893496SUSE bug 893596SUSE bug 893758SUSE bug 894058SUSE bug 894200SUSE bug 894213SUSE bug 894895SUSE bug 895221SUSE bug 895387SUSE bug 895468SUSE bug 895608SUSE bug 895680SUSE bug 895841SUSE bug 895983SUSE bug 896382SUSE bug 896390SUSE bug 896391SUSE bug 896392SUSE bug 896415SUSE bug 896484SUSE bug 896689SUSE bug 897502SUSE bug 897694SUSE bug 897708SUSE bug 898295SUSE bug 898375SUSE bug 898554SUSE bug 899192SUSE bug 899574SUSE bug 899843SUSE bug 900279SUSE bug 900644SUSE bug 900881SUSE bug 901638SUSE bug 902232SUSE bug 902286SUSE bug 902346SUSE bug 902349SUSE bug 902351SUSE bug 902675SUSE bug 903096SUSE bug 903331SUSE bug 903640SUSE bug 903653SUSE bug 904013SUSE bug 904053SUSE bug 904242SUSE bug 904358SUSE bug 904659SUSE bug 904671SUSE bug 904700SUSE bug 904883SUSE bug 904901SUSE bug 905100SUSE bug 905304SUSE bug 905312SUSE bug 905522SUSE bug 905799SUSE bug 906027SUSE bug 906586SUSE bug 907196SUSE bug 907338SUSE bug 907551SUSE bug 907611SUSE bug 907818SUSE bug 908069SUSE bug 908163SUSE bug 908393SUSE bug 908550SUSE bug 908551SUSE bug 908572SUSE bug 908706SUSE bug 908825SUSE bug 909077SUSE bug 909078SUSE bug 909088SUSE bug 909092SUSE bug 909093SUSE bug 909095SUSE bug 909264SUSE bug 909309SUSE bug 909312SUSE bug 909477SUSE bug 909565SUSE bug 909684SUSE bug 909740SUSE bug 909846SUSE bug 910013SUSE bug 910150SUSE bug 910159SUSE bug 910251SUSE bug 910321SUSE bug 910322SUSE bug 910517SUSE bug 911181SUSE bug 911325SUSE bug 911326SUSE bug 912171SUSE bug 912202SUSE bug 912705SUSE bug 912741SUSE bug 913059SUSE bug 913080SUSE bug 913598SUSE bug 914355SUSE bug 914423SUSE bug 914726SUSE bug 914742SUSE bug 914818SUSE bug 914987SUSE bug 915045SUSE bug 915200SUSE bug 915209SUSE bug 915322SUSE bug 915335SUSE bug 915577SUSE bug 915791SUSE bug 915826SUSE bug 916515SUSE bug 916521SUSE bug 916848SUSE bug 916982SUSE bug 917093SUSE bug 917120SUSE bug 917648SUSE bug 917684SUSE bug 917830SUSE bug 917839SUSE bug 917884SUSE bug 918333SUSE bug 919007SUSE bug 919018SUSE bug 919357SUSE bug 919463SUSE bug 919589SUSE bug 919682SUSE bug 919808SUSE bug 920250SUSE bug 921769SUSE bug 922583SUSE bug 923344SUSE bug 924142SUSE bug 924271SUSE bug 924282SUSE bug 924333SUSE bug 924340SUSE bug 925012SUSE bug 925370SUSE bug 925443SUSE bug 925567SUSE bug 925729SUSE bug 926016SUSE bug 926240SUSE bug 926439SUSE bug 926767SUSE bug 927190SUSE bug 927257SUSE bug 927262SUSE bug 927338SUSE bug 928122SUSE bug 928130SUSE bug 928142SUSE bug 928333SUSE bug 928970SUSE bug 929145SUSE bug 929148SUSE bug 929283SUSE bug 929525SUSE bug 929647SUSE bug 930145SUSE bug 930171SUSE bug 930226SUSE bug 930284SUSE bug 930401SUSE bug 930669SUSE bug 930786SUSE bug 930788SUSE bug 931014SUSE bug 931015SUSE bug 931850CVE-2012-2372 at SUSECVE-2012-2372 at NVDCVE-2012-4398 at SUSECVE-2012-4398 at NVDCVE-2013-0160 at SUSECVE-2013-0160 at NVDCVE-2013-1059 at SUSECVE-2013-1059 at NVDCVE-2013-1774 at SUSECVE-2013-1774 at NVDCVE-2013-1819 at SUSECVE-2013-1819 at NVDCVE-2013-1929 at SUSECVE-2013-1929 at NVDCVE-2013-1979 at SUSECVE-2013-1979 at NVDCVE-2013-2146 at SUSECVE-2013-2146 at NVDCVE-2013-2148 at SUSECVE-2013-2148 at NVDCVE-2013-2164 at SUSECVE-2013-2164 at NVDCVE-2013-2206 at SUSECVE-2013-2206 at NVDCVE-2013-2232 at SUSECVE-2013-2232 at NVDCVE-2013-2234 at SUSECVE-2013-2234 at NVDCVE-2013-2237 at SUSECVE-2013-2237 at NVDCVE-2013-2851 at SUSECVE-2013-2851 at NVDCVE-2013-2852 at SUSECVE-2013-2852 at NVDCVE-2013-2889 at SUSECVE-2013-2889 at NVDCVE-2013-2893 at SUSECVE-2013-2893 at NVDCVE-2013-2897 at SUSECVE-2013-2897 at NVDCVE-2013-2899 at SUSECVE-2013-2899 at NVDCVE-2013-2929 at SUSECVE-2013-2929 at NVDCVE-2013-2930 at SUSECVE-2013-2930 at NVDCVE-2013-3076 at SUSECVE-2013-3076 at NVDCVE-2013-3222 at SUSECVE-2013-3222 at NVDCVE-2013-3223 at SUSECVE-2013-3223 at NVDCVE-2013-3224 at SUSECVE-2013-3224 at NVDCVE-2013-3225 at SUSECVE-2013-3225 at NVDCVE-2013-3227 at SUSECVE-2013-3227 at NVDCVE-2013-3228 at SUSECVE-2013-3228 at NVDCVE-2013-3229 at SUSECVE-2013-3229 at NVDCVE-2013-3231 at SUSECVE-2013-3231 at NVDCVE-2013-3232 at SUSECVE-2013-3232 at NVDCVE-2013-3234 at SUSECVE-2013-3234 at NVDCVE-2013-3235 at SUSECVE-2013-3235 at NVDCVE-2013-3301 at SUSECVE-2013-3301 at NVDCVE-2013-4162 at SUSECVE-2013-4162 at NVDCVE-2013-4163 at SUSECVE-2013-4163 at NVDCVE-2013-4299 at SUSECVE-2013-4299 at NVDCVE-2013-4345 at SUSECVE-2013-4345 at NVDCVE-2013-4470 at SUSECVE-2013-4470 at NVDCVE-2013-4483 at SUSECVE-2013-4483 at NVDCVE-2013-4511 at SUSECVE-2013-4511 at NVDCVE-2013-4514 at SUSECVE-2013-4514 at NVDCVE-2013-4515 at SUSECVE-2013-4515 at NVDCVE-2013-4579 at SUSECVE-2013-4579 at NVDCVE-2013-4587 at SUSECVE-2013-4587 at NVDCVE-2013-4592 at SUSECVE-2013-4592 at NVDCVE-2013-6367 at SUSECVE-2013-6367 at NVDCVE-2013-6368 at SUSECVE-2013-6368 at NVDCVE-2013-6376 at SUSECVE-2013-6376 at NVDCVE-2013-6378 at SUSECVE-2013-6378 at NVDCVE-2013-6380 at SUSECVE-2013-6380 at NVDCVE-2013-6382 at SUSECVE-2013-6382 at NVDCVE-2013-6383 at SUSECVE-2013-6383 at NVDCVE-2013-6463 at SUSECVE-2013-6463 at NVDCVE-2013-6885 at SUSECVE-2013-6885 at NVDCVE-2013-7027 at SUSECVE-2013-7027 at NVDCVE-2013-7263 at SUSECVE-2013-7263 at NVDCVE-2013-7264 at SUSECVE-2013-7264 at NVDCVE-2013-7265 at SUSECVE-2013-7265 at NVDCVE-2013-7339 at SUSECVE-2013-7339 at NVDCVE-2014-0055 at SUSECVE-2014-0055 at NVDCVE-2014-0069 at SUSECVE-2014-0069 at NVDCVE-2014-0077 at SUSECVE-2014-0077 at NVDCVE-2014-0101 at SUSECVE-2014-0101 at NVDCVE-2014-0131 at SUSECVE-2014-0131 at NVDCVE-2014-0155 at SUSECVE-2014-0155 at NVDCVE-2014-0181 at SUSECVE-2014-0181 at NVDCVE-2014-0196 at SUSECVE-2014-0196 at NVDCVE-2014-1444 at SUSECVE-2014-1444 at NVDCVE-2014-1445 at SUSECVE-2014-1445 at NVDCVE-2014-1446 at SUSECVE-2014-1446 at NVDCVE-2014-1737 at SUSECVE-2014-1737 at NVDCVE-2014-1738 at SUSECVE-2014-1738 at NVDCVE-2014-1739 at SUSECVE-2014-1739 at NVDCVE-2014-1874 at SUSECVE-2014-1874 at NVDCVE-2014-2309 at SUSECVE-2014-2309 at NVDCVE-2014-2523 at SUSECVE-2014-2523 at NVDCVE-2014-2678 at SUSECVE-2014-2678 at NVDCVE-2014-2706 at SUSECVE-2014-2706 at NVDCVE-2014-2851 at SUSECVE-2014-2851 at NVDCVE-2014-3122 at SUSECVE-2014-3122 at NVDCVE-2014-3144 at SUSECVE-2014-3144 at NVDCVE-2014-3145 at SUSECVE-2014-3145 at NVDCVE-2014-3153 at SUSECVE-2014-3153 at NVDCVE-2014-3181 at SUSECVE-2014-3181 at NVDCVE-2014-3184 at SUSECVE-2014-3184 at NVDCVE-2014-3185 at SUSECVE-2014-3185 at NVDCVE-2014-3186 at SUSECVE-2014-3186 at NVDCVE-2014-3601 at SUSECVE-2014-3601 at NVDCVE-2014-3610 at SUSECVE-2014-3610 at NVDCVE-2014-3646 at SUSECVE-2014-3646 at NVDCVE-2014-3647 at SUSECVE-2014-3647 at NVDCVE-2014-3673 at SUSECVE-2014-3673 at NVDCVE-2014-3687 at SUSECVE-2014-3687 at NVDCVE-2014-3688 at SUSECVE-2014-3688 at NVDCVE-2014-3690 at SUSECVE-2014-3690 at NVDCVE-2014-3917 at SUSECVE-2014-3917 at NVDCVE-2014-4027 at SUSECVE-2014-4027 at NVDCVE-2014-4171 at SUSECVE-2014-4171 at NVDCVE-2014-4508 at SUSECVE-2014-4508 at NVDCVE-2014-4608 at SUSECVE-2014-4608 at NVDCVE-2014-4652 at SUSECVE-2014-4652 at NVDCVE-2014-4653 at SUSECVE-2014-4653 at NVDCVE-2014-4654 at SUSECVE-2014-4654 at NVDCVE-2014-4655 at SUSECVE-2014-4655 at NVDCVE-2014-4656 at SUSECVE-2014-4656 at NVDCVE-2014-4667 at SUSECVE-2014-4667 at NVDCVE-2014-4699 at SUSECVE-2014-4699 at NVDCVE-2014-4943 at SUSECVE-2014-4943 at NVDCVE-2014-5077 at SUSECVE-2014-5077 at NVDCVE-2014-5471 at SUSECVE-2014-5471 at NVDCVE-2014-5472 at SUSECVE-2014-5472 at NVDCVE-2014-6410 at SUSECVE-2014-6410 at NVDCVE-2014-7822 at SUSECVE-2014-7822 at NVDCVE-2014-7826 at SUSECVE-2014-7826 at NVDCVE-2014-7841 at SUSECVE-2014-7841 at NVDCVE-2014-7842 at SUSECVE-2014-7842 at NVDCVE-2014-7970 at SUSECVE-2014-7970 at NVDCVE-2014-8086 at SUSECVE-2014-8086 at NVDCVE-2014-8133 at SUSECVE-2014-8133 at NVDCVE-2014-8134 at SUSECVE-2014-8134 at NVDCVE-2014-8159 at SUSECVE-2014-8159 at NVDCVE-2014-8160 at SUSECVE-2014-8160 at NVDCVE-2014-8369 at SUSECVE-2014-8369 at NVDCVE-2014-8559 at SUSECVE-2014-8559 at NVDCVE-2014-8709 at SUSECVE-2014-8709 at NVDCVE-2014-8884 at SUSECVE-2014-8884 at NVDCVE-2014-9090 at SUSECVE-2014-9090 at NVDCVE-2014-9322 at SUSECVE-2014-9322 at NVDCVE-2014-9419 at SUSECVE-2014-9419 at NVDCVE-2014-9420 at SUSECVE-2014-9420 at NVDCVE-2014-9529 at SUSECVE-2014-9529 at NVDCVE-2014-9584 at SUSECVE-2014-9584 at NVDCVE-2014-9585 at SUSECVE-2014-9585 at NVDCVE-2014-9683 at SUSECVE-2014-9683 at NVDCVE-2015-0777 at SUSECVE-2015-0777 at NVDCVE-2015-1421 at SUSECVE-2015-1421 at NVDCVE-2015-1593 at SUSECVE-2015-1593 at NVDCVE-2015-2041 at SUSECVE-2015-2041 at NVDCVE-2015-2042 at SUSECVE-2015-2042 at NVDCVE-2015-2150 at SUSECVE-2015-2150 at NVDCVE-2015-2830 at SUSECVE-2015-2830 at NVDCVE-2015-2922 at SUSECVE-2015-2922 at NVDCVE-2015-3331 at SUSECVE-2015-3331 at NVDCVE-2015-3339 at SUSECVE-2015-3339 at NVDCVE-2015-3636 at SUSECVE-2015-3636 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2016-3955: The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel allowed remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet (bnc#975945).
- CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary (bnc#986365).
- CVE-2015-7513: arch/x86/kvm/x86.c in the Linux kernel did not reset the PIT counter values during state restoration, which allowed guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions (bnc#960689).
- CVE-2013-4312: The Linux kernel allowed local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c (bnc#839104).
- CVE-2016-4997: The compat IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362).
- CVE-2016-5829: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call (bnc#986572).
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure was initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bnc#984755).
- CVE-2016-5244: The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel did not initialize a certain structure member, which allowed remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message (bnc#983213).
- CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bnc#983143).
- CVE-2016-4913: The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel mishandled NM (aka alternate name) entries containing \0 characters, which allowed local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem (bnc#980725).
- CVE-2016-4580: The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel did not properly initialize a certain data structure, which allowed attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request (bnc#981267).
- CVE-2016-4805: Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions (bnc#980371).
- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bnc#979867).
- CVE-2015-7833: The usbvision driver in the Linux kernel allowed physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor (bnc#950998).
- CVE-2016-2187: The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971944).
- CVE-2016-4482: The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call (bnc#978401).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bnc#979548).
- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bnc#963762).
- CVE-2016-4485: The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel did not initialize a certain data structure, which allowed attackers to obtain sensitive information from kernel stack memory by reading a message (bnc#978821).
- CVE-2016-4578: sound/core/timer.c in the Linux kernel did not initialize certain r1 data structures, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions (bnc#979879).
- CVE-2016-4569: The snd_timer_user_params function in sound/core/timer.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface (bnc#979213).
- CVE-2016-4486: The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#978822).
- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bnc#971126).
- CVE-2016-5696: net/ipv4/tcp_input.c in the Linux kernel did not properly determine the rate of challenge ACK segments, which made it easier for man-in-the-middle attackers to hijack TCP sessions via a blind in-window attack. (bsc#989152)
- CVE-2016-6480: Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a 'double fetch' vulnerability. (bsc#991608)
The following non-security bugs were fixed:
- Update patches.fixes/pci-determine-actual-vpd-size-on-first-access.patch (bsc#971729, bsc#974428).
- Update PCI VPD size patch to upstream:
* PCI: Determine actual VPD size on first access (bsc#971729).
* PCI: Update VPD definitions (bsc#971729). (cherry picked from commit d2af5b7e0cd7ee2a54f02ad65ec300d16b3ad956)
- Update patches.fixes/pci-update-vpd-definitions.patch (bsc#971729, bsc#974428).
- cgroups: do not attach task to subsystem if migration failed (bnc#979274).
- cgroups: more safe tasklist locking in cgroup_attach_proc (bnc#979274).
- fs/cifs: Fix cifs_uniqueid_to_ino_t() function for s390x (bsc#944309)
- fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681)
- hid: add ALWAYS_POLL quirk for a Logitech 0xc055 (bnc#962404).
- hid: add HP OEM mouse to quirk ALWAYS_POLL (bsc#919351).
- hid: add quirk for PIXART OEM mouse used by HP (bsc#919351).
- hid-elo: kill not flush the work.
- ipv4/fib: do not warn when primary address is missing if in_dev is dead (bsc#971360).
- ipv4: fix ineffective source address selection (bsc#980788).
- ipvs: count pre-established TCP states as active (bsc#970114).
- kabi, unix: properly account for FDs passed over unix sockets (bnc#839104).
- mm/hugetlb.c: correct missing private flag clearing (VM Functionality, bnc#971446).
- mm/hugetlb: fix backport of upstream commit 07443a85ad (VM Functionality, bnc#971446).
- mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED (VM Functionality, bnc#986445).
- nfs: Do not attempt to decode missing directory entries (bsc#980931).
- nfs: fix memory corruption rooted in get_ih_name pointer math (bsc#984107).
- nfs: reduce access cache shrinker locking (bnc#866130).
- ppp: defer netns reference release for ppp channel (bsc#980371).
- s390/cio: collect format 1 channel-path description data (bsc#966460,LTC#136434).
- s390/cio: ensure consistent measurement state (bsc#966460,LTC#136434).
- s390/cio: fix measurement characteristics memleak (bsc#966460,LTC#136434).
- s390/cio: update measurement characteristics (bsc#966460,LTC#136434).
- usbhid: add device USB_DEVICE_ID_LOGITECH_C077 (bsc#919351).
- usbhid: more mice with ALWAYS_POLL (bsc#919351).
- usbhid: yet another mouse with ALWAYS_POLL (bsc#919351).
- veth: do not modify ip_summed (bsc#969149).
- virtio_scsi: Implement eh_timed_out callback.
- vmxnet3: segCnt can be 1 for LRO packets (bsc#988065).
- xfs: Avoid grabbing ilock when file size is not changed (bsc#983535).
- xfs: avoid xfs_buf hang in lookup node directory corruption (bsc#989401).
- xfs: only update the last_sync_lsn when a transaction completes (bsc#987709).
ImportantSUSE bug 839104SUSE bug 866130SUSE bug 919351SUSE bug 944309SUSE bug 950998SUSE bug 960689SUSE bug 962404SUSE bug 963655SUSE bug 963762SUSE bug 966460SUSE bug 969149SUSE bug 970114SUSE bug 971126SUSE bug 971360SUSE bug 971446SUSE bug 971729SUSE bug 971944SUSE bug 974428SUSE bug 975945SUSE bug 978401SUSE bug 978821SUSE bug 978822SUSE bug 979213SUSE bug 979274SUSE bug 979548SUSE bug 979681SUSE bug 979867SUSE bug 979879SUSE bug 980371SUSE bug 980725SUSE bug 980788SUSE bug 980931SUSE bug 981267SUSE bug 983143SUSE bug 983213SUSE bug 983535SUSE bug 984107SUSE bug 984755SUSE bug 986362SUSE bug 986365SUSE bug 986445SUSE bug 986572SUSE bug 987709SUSE bug 988065SUSE bug 989152SUSE bug 989401SUSE bug 991608CVE-2013-4312 at SUSECVE-2013-4312 at NVDCVE-2015-7513 at SUSECVE-2015-7513 at NVDCVE-2015-7833 at SUSECVE-2015-7833 at NVDCVE-2016-0758 at SUSECVE-2016-0758 at NVDCVE-2016-1583 at SUSECVE-2016-1583 at NVDCVE-2016-2053 at SUSECVE-2016-2053 at NVDCVE-2016-2187 at SUSECVE-2016-2187 at NVDCVE-2016-3134 at SUSECVE-2016-3134 at NVDCVE-2016-3955 at SUSECVE-2016-3955 at NVDCVE-2016-4470 at SUSECVE-2016-4470 at NVDCVE-2016-4482 at SUSECVE-2016-4482 at NVDCVE-2016-4485 at SUSECVE-2016-4485 at NVDCVE-2016-4486 at SUSECVE-2016-4486 at NVDCVE-2016-4565 at SUSECVE-2016-4565 at NVDCVE-2016-4569 at SUSECVE-2016-4569 at NVDCVE-2016-4578 at SUSECVE-2016-4578 at NVDCVE-2016-4580 at SUSECVE-2016-4580 at NVDCVE-2016-4805 at SUSECVE-2016-4805 at NVDCVE-2016-4913 at SUSECVE-2016-4913 at NVDCVE-2016-4997 at SUSECVE-2016-4997 at NVDCVE-2016-5244 at SUSECVE-2016-5244 at NVDCVE-2016-5696 at SUSECVE-2016-5696 at NVDCVE-2016-5829 at SUSECVE-2016-5829 at NVDCVE-2016-6480 at SUSECVE-2016-6480 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 11 SP 3 kernel was updated to fix two security issues.
The following security bugs were fixed:
- CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg* or /dev/bsg* to elevate their privileges (bsc#1013604).
- CVE-2016-9794: A use-after-free vulnerability in the ALSA pcm layer allowed local users to cause a denial of service, memory corruption or possibly even to elevate their privileges (bsc#1013533).
ImportantSUSE bug 1013533SUSE bug 1013604CVE-2016-9576 at SUSECVE-2016-9576 at NVDCVE-2016-9794 at SUSECVE-2016-9794 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 11 SP3 kernel was updated to fix the following security bug:
CVE-2017-2636: A race condition in the n_hdlc tty Linux kernel driver (drivers/tty/n_hdlc.c)
could have been exploited to gain a local privilege escalation (bnc#1027565)
ImportantSUSE bug 1027565CVE-2017-2636 at SUSECVE-2017-2636 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for the Linux Kernel (Critical)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security fixes.
The following security bugs were fixed:
- CVE-2017-1000364: The default stack guard page was too small and could be 'jumped over' by userland programs using
more than one page of stack in functions and so lead to memory corruption. This update extends the stack guard page
to 1 MB (for 4k pages) and 16 MB (for 64k pages) to reduce this attack vector. This is not a kernel bugfix, but a
hardening measure against this kind of userland attack.(bsc#1039348)
- CVE-2015-3288: mm/memory.c in the Linux kernel mishandled anonymous pages, which allowed local users to gain
privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero
(bnc#979021).
CriticalSUSE bug 1039348SUSE bug 979021CVE-2015-3288 at SUSECVE-2015-3288 at NVDCVE-2017-1000364 at SUSECVE-2017-1000364 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 11 SP3 kernel was updated to fix the following issues:
- A previous security update to address CVE-2017-1000364 caused unintended
side-effects in several other tools, most notably Java. These issues have
been remedied. [bsc#1045340, bsc#1045406]
ImportantSUSE bug 1045340SUSE bug 1045406CVE-2017-1000364 at SUSECVE-2017-1000364 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 11 SP3 kernel was updated to fix the following issues:
- Stack corruption could have lead to local privilege escalation
(bsc#1059525, CVE-2017-1000253).
ImportantSUSE bug 1059525CVE-2017-1000253 at SUSECVE-2017-1000253 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a
local attacker to exploit this vulnerability via a SUID-root binary and obtain
full root privileges (bsc#1108912).
- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local
attackers to use a incorrect bounds check in the CDROM driver
CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)
- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that
could have been used by local attackers to read kernel memory (bnc#1107689)
- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a
denial of service (ias_object use-after-free and system crash) or possibly have
unspecified other impact via an AF_IRDA socket (bnc#1106511)
- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed
local users to cause a denial of service (memory consumption) by repeatedly
binding an AF_IRDA socket (bnc#1106509)
- CVE-2018-15572: The spectre_v2_select_mitigation function did not always fill
RSB upon a context switch, which made it easier for attackers to conduct
userspace-userspace spectreRSB attacks (bnc#1102517)
- CVE-2018-10902: Protect against concurrent access to prevent double realloc
(double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A
malicious local attacker could have used this for privilege escalation
(bnc#1105322).
- CVE-2018-14734: ucma_leave_multicast accessed a certain data structure after
a cleanup step in ucma_process_join, which allowed attackers to cause a denial
of service (use-after-free) (bsc#1103119).
The following non-security bugs were fixed:
- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).
- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).
- KVM: x86: Free vmx_msr_bitmap_longmode while kvm_init failed (bsc#1104367).
- Refresh patches.xen/xen3-x86-l1tf-04-protect-PROT_NONE-ptes.patch (bsc#1105100).
- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- ptrace: fix PTRACE_LISTEN race corrupting task->state (bnc#1107001).
- rpm/kernel-docs.spec.in: Expand kernel tree directly from sources (bsc#1057199)
- x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818).
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081).
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).
- xen x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- xen x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- xen, x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818).
- xen: x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081).
ImportantSUSE bug 1057199SUSE bug 1087081SUSE bug 1092903SUSE bug 1102517SUSE bug 1103119SUSE bug 1104367SUSE bug 1104684SUSE bug 1104818SUSE bug 1105100SUSE bug 1105296SUSE bug 1105322SUSE bug 1105323SUSE bug 1105536SUSE bug 1106369SUSE bug 1106509SUSE bug 1106511SUSE bug 1107001SUSE bug 1107689SUSE bug 1108912CVE-2018-10902 at SUSECVE-2018-10902 at NVDCVE-2018-10940 at SUSECVE-2018-10940 at NVDCVE-2018-14634 at SUSECVE-2018-14634 at NVDCVE-2018-14734 at SUSECVE-2018-14734 at NVDCVE-2018-15572 at SUSECVE-2018-15572 at NVDCVE-2018-16658 at SUSECVE-2018-16658 at NVDCVE-2018-6554 at SUSECVE-2018-6554 at NVDCVE-2018-6555 at SUSECVE-2018-6555 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for the Linux KernelSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata Kernel was updated to fix the
following security issues:
* vfs: Fix race between fcntl() and file->f_flags checks (bnc#900881,
CVE-2014-8086).
* fs: Take i_mutex during prepare_binprm for setid executables
(bnc#928130, CVE-2015-3339).
* ib/uverbs: Prevent integer overflow in ib_umem_get address arithmetic
(bsc#914742, CVE-2014-8159).
* eCryptfs: Remove buggy and unnecessary write in file name decode
routine (bsc#918333, CVE-2014-9683).
* x86/asm/entry/64: Remove a bogus 'ret_from_fork' optimization
(bsc#926240, CVE-2015-2830).
* net/rds: Use correct size for max unacked packets and bytes
(bsc#919018, CVE-2015-2042).
* net/sctp: Fix slab corruption from use after free on INIT collisions
(bsc#915577, CVE-2015-1421).
* usbback: Copy only filled buffers to guest (bsc#917830,
CVE-2015-0777).
* xen-pciback: Limit guest control of command register (bsc#919463,
CVE-2015-2150, XSA-120).
* (update) kvm/x86: Distinguish between stack operation and near
branches (bnc#899192, bsc#924721, CVE-2014-3647).
* (update) kvm/x86: Emulator fixes for eip canonical checks on near
branches (bnc#899192, bsc#924721, CVE-2014-3647).
Additionally, the following non-security issues have been fixed:
* supported.conf: Mark crc32c-intel module as supported (bnc#925927).
* supported.conf: Mark tcp_westwood module as supported (bnc#871224).
* x86/reboot: Fix a warning message triggered by stop_other_cpus()
(bnc#930284).
* Deal with deadlock in d_walk fix (bnc#929148, bnc#929283).
* mm, slab: Lock the correct nodelist after reenabling irqs
(bnc#926439).
* nfs: Don't try to use lock state when we hold a delegation
(bnc#831029).
Security Issues:
* CVE-2014-8086
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8086>
* CVE-2015-3339
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3339>
* CVE-2014-8159
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8159>
* CVE-2014-9683
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9683>
* CVE-2015-2830
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2830>
* CVE-2015-2042
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2042>
* CVE-2015-1421
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1421>
* CVE-2015-0777
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0777>
* CVE-2015-2150
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2150>
* CVE-2014-3647
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3647>
* CVE-2014-3647
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3647>
SUSE bug 831029SUSE bug 871224SUSE bug 900881SUSE bug 914742SUSE bug 915577SUSE bug 917830SUSE bug 918333SUSE bug 919018SUSE bug 919463SUSE bug 924721SUSE bug 925927SUSE bug 926240SUSE bug 926439SUSE bug 928130SUSE bug 929148SUSE bug 929283SUSE bug 930284CVE-2014-3647 at SUSECVE-2014-3647 at NVDCVE-2014-8086 at SUSECVE-2014-8086 at NVDCVE-2014-8159 at SUSECVE-2014-8159 at NVDCVE-2014-9683 at SUSECVE-2014-9683 at NVDCVE-2015-0777 at SUSECVE-2015-0777 at NVDCVE-2015-1421 at SUSECVE-2015-1421 at NVDCVE-2015-2042 at SUSECVE-2015-2042 at NVDCVE-2015-2150 at SUSECVE-2015-2150 at NVDCVE-2015-2830 at SUSECVE-2015-2830 at NVDCVE-2015-3339 at SUSECVE-2015-3339 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix the following bugs and security issues.
The following security issues have been fixed:
- Update patches.fixes/udp-fix-behavior-of-wrong-checksums.patch (bsc#936831, CVE-2015-5364, CVE-2015-5366).
- Btrfs: make xattr replace operations atomic (bnc#923908, CVE-2014-9710).
- udp: fix behavior of wrong checksums (bsc#936831, CVE-2015-5364, CVE-2015-5366).
- vfs: read file_handle only once in handle_to_path (bsc#915517, CVE-2015-1420).
- x86: bpf_jit: fix compilation of large bpf programs (bnc#935705,CVE-2015-4700).
- udf: Check length of extended attributes and allocation (bsc#936831, CVE-2015-5364, CVE-2015-5366).
- Update patches.fixes/udf-Check-component-length-before-reading-it.patch (bsc#933904, CVE-2014-9728, CVE-2014-9730).
- Update patches.fixes/udf-Verify-i_size-when-loading-inode.patch (bsc#933904, CVE-2014-9728, CVE-2014-9729).
- Update patches.fixes/udf-Verify-symlink-size-before-loading-it.patch (bsc#933904, CVE-2014-9728).
- Update patches.fixes/udf-Check-path-length-when-reading-symlink.patch (bnc#933896, CVE-2014-9731).
- pipe: fix iov overrun for failed atomic copy (bsc#933429, CVE-2015-1805).
- ipv6: Don't reduce hop limit for an interface (bsc#922583, CVE-2015-2922).
- net: llc: use correct size for sysctl timeout entries (bsc#919007, CVE-2015-2041).
- ipv4: Missing sk_nulls_node_init() in ping_unhash() (bsc#929525, CVE-2015-3636).
- ipv6: Don't reduce hop limit for an interface (bsc#922583, CVE-2015-2922).
- net: llc: use correct size for sysctl timeout entries (bsc#919007, CVE-2015-2041).
- ipv4: Missing sk_nulls_node_init() in ping_unhash() (bsc#929525, CVE-2015-3636).
The following non-security issues have been fixed:
- mlx4: Check for assigned VFs before disabling SR-IOV (bsc#927355).
- ixgbe: Use pci_vfs_assigned instead of ixgbe_vfs_are_assigned (bsc#927355).
- pci: Add SRIOV helper function to determine if VFs are assigned to guest (bsc#927355).
- net/mlx4_core: Don't disable SRIOV if there are active VFs (bsc#927355).
- udf: Remove repeated loads blocksize (bsc#933907).
- Refresh patches.fixes/deal-with-deadlock-in-d_walk-fix.patch. based on 3.2 stable fix 20defcec264c ('dcache: Fix locking bugs in backported 'deal with deadlock in d_walk()''). Not harmfull for regular SLES kernels but RT or PREEMPT kernels would see disbalance.
- sched: Fix potential near-infinite distribute_cfs_runtime() loop (bnc#930786)
- tty: Correct tty buffer flush (bnc#929647).
- tty: hold lock across tty buffer finding and buffer filling (bnc#929647).
ImportantSUSE bug 915517SUSE bug 919007SUSE bug 922583SUSE bug 923908SUSE bug 927355SUSE bug 929525SUSE bug 929647SUSE bug 930786SUSE bug 933429SUSE bug 933896SUSE bug 933904SUSE bug 933907SUSE bug 935705SUSE bug 936831CVE-2014-9710 at SUSECVE-2014-9710 at NVDCVE-2014-9728 at SUSECVE-2014-9728 at NVDCVE-2014-9729 at SUSECVE-2014-9729 at NVDCVE-2014-9730 at SUSECVE-2014-9730 at NVDCVE-2014-9731 at SUSECVE-2014-9731 at NVDCVE-2015-1420 at SUSECVE-2015-1420 at NVDCVE-2015-1805 at SUSECVE-2015-1805 at NVDCVE-2015-2041 at SUSECVE-2015-2041 at NVDCVE-2015-2922 at SUSECVE-2015-2922 at NVDCVE-2015-3636 at SUSECVE-2015-3636 at NVDCVE-2015-4700 at SUSECVE-2015-4700 at NVDCVE-2015-5364 at SUSECVE-2015-5364 at NVDCVE-2015-5366 at SUSECVE-2015-5366 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server for SAP Applications 11 SP3
The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security and bugfixes.
Following security bugs were fixed:
- CVE-2015-5707: An integer overflow in the SCSI generic driver could
be potentially used by local attackers to crash the kernel or execute
code (bsc#940338).
- CVE-2015-5364: A remote denial of service (hang) via UDP flood with
incorrect package checksums was fixed. (bsc#936831).
- CVE-2015-5366: A remote denial of service (unexpected error returns)
via UDP flood with incorrect package checksums was fixed. (bsc#936831).
- CVE-2015-1420: A race condition in the handle_to_path function in
fs/fhandle.c in the Linux kernel allowed local users to bypass intended
size restrictions and trigger read operations on additional memory
locations by changing the handle_bytes value of a file handle during
the execution of this function (bnc#915517).
- CVE-2015-4700: A local user could have created a bad instruction in
the JIT processed BPF code, leading to a kernel crash (bnc#935705).
- CVE-2015-4167: The UDF filesystem in the Linux kernel was vulnerable
to a crash which could occur while fetching inode information from a
corrupted/malicious udf file system image. (bsc#933907).
- CVE-2014-9728 CVE-2014-9729 CVE-2014-9730 CVE-2014-9731: Various
issues in handling UDF filesystems in the Linux kernel allowed the
corruption of kernel memory and other issues. An attacker able to mount
a corrupted/malicious UDF file system image could cause the kernel to
crash. (bsc#933904 bsc#933896)
- CVE-2015-2150: The Linux kernel did not properly restrict access to
PCI command registers, which might have allowed local guest users to
cause a denial of service (non-maskable interrupt and host crash) by
disabling the (1) memory or (2) I/O decoding for a PCI Express device
and then accessing the device, which triggers an Unsupported Request
(UR) response (bsc#919463).
- CVE-2015-0777: drivers/xen/usbback/usbback.c as used in the Linux
kernel 2.6.x and 3.x in SUSE Linux distributions, allowed guest OS users
to obtain sensitive information from uninitialized locations in host OS
kernel memory via unspecified vectors (bnc#917830).
- CVE-2015-2830: arch/x86/kernel/entry_64.S in the Linux kernel did
not prevent the TS_COMPAT flag from reaching a user-mode task, which
might have allowed local users to bypass the seccomp or audit protection
mechanism via a crafted application that uses the (1) fork or (2) close
system call, as demonstrated by an attack against seccomp before 3.16
(bnc#926240).
- CVE-2015-1805: The Linux kernels implementation of vectored pipe
read and write functionality did not take into account the I/O vectors
that were already processed when retrying after a failed atomic access
operation, potentially resulting in memory corruption due to an I/O vector
array overrun. A local, unprivileged user could use this flaw to crash
the system or, potentially, escalate their privileges on the system.
(bsc#933429).
Also the following non-security bugs were fixed:
- audit: keep inode pinned (bsc#851068).
- btrfs: be aware of btree inode write errors to avoid fs corruption (bnc#942350).
- btrfs: check if previous transaction aborted to avoid fs corruption (bnc#942350).
- btrfs: deal with convert_extent_bit errors to avoid fs corruption (bnc#942350).
- cifs: Fix missing crypto allocation (bnc#937402).
- client MUST ignore EncryptionKeyLength if CAP_EXTENDED_SECURITY is set (bnc#932348).
- drm: ast,cirrus,mgag200: use drm_can_sleep (bnc#883380, bsc#935572).
- drm/cirrus: do not attempt to acquire a reservation while in an interrupt handler (bsc#935572).
- drm/mgag200: do not attempt to acquire a reservation while in an interrupt handler (bsc#935572).
- drm/mgag200: Do not do full cleanup if mgag200_device_init fails.
- ext3: Fix data corruption in inodes with journalled data (bsc#936637)
- ext4: handle SEEK_HOLE/SEEK_DATA generically (bsc#934944).
- fanotify: Fix deadlock with permission events (bsc#935053).
- fork: reset mm->pinned_vm (bnc#937855).
- hrtimer: prevent timer interrupt DoS (bnc#886785).
- hugetlb: do not account hugetlb pages as NR_FILE_PAGES (bnc#930092).
- hugetlb, kabi: do not account hugetlb pages as NR_FILE_PAGES (bnc#930092).
- IB/core: Fix mismatch between locked and pinned pages (bnc#937855).
- iommu/amd: Fix memory leak in free_pagetable (bsc#935866).
- iommu/amd: Handle integer overflow in dma_ops_area_alloc (bsc#931538).
- iommu/amd: Handle large pages correctly in free_pagetable (bsc#935866).
- ipr: Increase default adapter init stage change timeout (bsc#930761).
- ixgbe: Use pci_vfs_assigned instead of ixgbe_vfs_are_assigned (bsc#927355).
- kdump: fix crash_kexec()/smp_send_stop() race in panic() (bnc#937444).
- kernel: add panic_on_warn. (bsc#934742)
- kvm: irqchip: Break up high order allocations of kvm_irq_routing_table (bnc#926953).
- libata: prevent HSM state change race between ISR and PIO (bsc#923245).
- md: use kzalloc() when bitmap is disabled (bsc#939994).
- megaraid_sas: Use correct reset sequence in adp_reset() (bsc#894936).
- mlx4: Check for assigned VFs before disabling SR-IOV (bsc#927355).
- mm/hugetlb: check for pte NULL pointer in __page_check_address() (bnc#929143).
- mm: restrict access to slab files under procfs and sysfs (bnc#936077).
- net: fib6: fib6_commit_metrics: fix potential NULL pointer dereference (bsc#867362).
- net: Fix 'ip rule delete table 256' (bsc#873385).
- net: ipv6: fib: do not sleep inside atomic lock (bsc#867362).
- net/mlx4_core: Do not disable SRIOV if there are active VFs (bsc#927355).
- nfsd: Fix nfsv4 opcode decoding error (bsc#935906).
- nfsd: support disabling 64bit dir cookies (bnc#937503).
- nfs: never queue requests with rq_cong set on the sending queue (bsc#932458).
- nfsv4: Minor cleanups for nfs4_handle_exception and nfs4_async_handle_error (bsc#939910).
- pagecache limit: add tracepoints (bnc#924701).
- pagecache limit: Do not skip over small zones that easily (bnc#925881).
- pagecache limit: export debugging counters via /proc/vmstat (bnc#924701).
- pagecache limit: fix wrong nr_reclaimed count (bnc#924701).
- pagecache limit: reduce starvation due to reclaim retries (bnc#925903).
- pci: Add SRIOV helper function to determine if VFs are assigned to guest (bsc#927355).
- pci: Disable Bus Master only on kexec reboot (bsc#920110).
- pci: disable Bus Master on PCI device shutdown (bsc#920110).
- pci: Disable Bus Master unconditionally in pci_device_shutdown() (bsc#920110).
- pci: Don't try to disable Bus Master on disconnected PCI devices (bsc#920110).
- perf, nmi: Fix unknown NMI warning (bsc#929142).
- perf/x86/intel: Move NMI clearing to end of PMI handler (bsc#929142).
- rtlwifi: rtl8192cu: Fix kernel deadlock (bnc#927786).
- sched: fix __sched_setscheduler() vs load balancing race (bnc#921430)
- scsi_error: add missing case statements in scsi_decide_disposition() (bsc#920733).
- scsi: Set hostbyte status in scsi_check_sense() (bsc#920733).
- scsi: set host msg status correctly (bnc#933936)
- scsi: vmw_pvscsi: Fix pvscsi_abort() function (bnc#940398 bsc#930934).
- st: null pointer dereference panic caused by use after kref_put by st_open (bsc#936875).
- udf: Remove repeated loads blocksize (bsc#933907).
- usb: core: Fix USB 3.0 devices lost in NOTATTACHED state after a hub port reset (bnc#937641).
- vmxnet3: Bump up driver version number (bsc#936423).
- vmxnet3: Changes for vmxnet3 adapter version 2 (fwd) (bug#936423).
- vmxnet3: Fix memory leaks in rx path (fwd) (bug#936423).
- vmxnet3: Register shutdown handler for device (fwd) (bug#936423).
- x86/mm: Improve AMD Bulldozer ASLR workaround (bsc#937032).
- x86, tls: Interpret an all-zero struct user_desc as 'no segment' (bsc#920250).
- x86, tls, ldt: Stop checking lm in LDT_empty (bsc#920250).
- xenbus: add proper handling of XS_ERROR from Xenbus for transactions.
- xfs: avoid mounting of xfs filesystems with inconsistent option (bnc#925705)
- zcrypt: Fixed reset and interrupt handling of AP queues (bnc#936925, LTC#126491).
ImportantSUSE bug 851068SUSE bug 867362SUSE bug 873385SUSE bug 883380SUSE bug 886785SUSE bug 894936SUSE bug 915517SUSE bug 917830SUSE bug 919463SUSE bug 920110SUSE bug 920250SUSE bug 920733SUSE bug 921430SUSE bug 923245SUSE bug 924701SUSE bug 925705SUSE bug 925881SUSE bug 925903SUSE bug 926240SUSE bug 926953SUSE bug 927355SUSE bug 927786SUSE bug 929142SUSE bug 929143SUSE bug 930092SUSE bug 930761SUSE bug 930934SUSE bug 931538SUSE bug 932348SUSE bug 932458SUSE bug 933429SUSE bug 933896SUSE bug 933904SUSE bug 933907SUSE bug 933936SUSE bug 934742SUSE bug 934944SUSE bug 935053SUSE bug 935572SUSE bug 935705SUSE bug 935866SUSE bug 935906SUSE bug 936077SUSE bug 936423SUSE bug 936637SUSE bug 936831SUSE bug 936875SUSE bug 936925SUSE bug 937032SUSE bug 937402SUSE bug 937444SUSE bug 937503SUSE bug 937641SUSE bug 937855SUSE bug 939910SUSE bug 939994SUSE bug 940338SUSE bug 940398SUSE bug 942350CVE-2014-9728 at SUSECVE-2014-9728 at NVDCVE-2014-9729 at SUSECVE-2014-9729 at NVDCVE-2014-9730 at SUSECVE-2014-9730 at NVDCVE-2014-9731 at SUSECVE-2014-9731 at NVDCVE-2015-0777 at SUSECVE-2015-0777 at NVDCVE-2015-1420 at SUSECVE-2015-1420 at NVDCVE-2015-1805 at SUSECVE-2015-1805 at NVDCVE-2015-2150 at SUSECVE-2015-2150 at NVDCVE-2015-2830 at SUSECVE-2015-2830 at NVDCVE-2015-4167 at SUSECVE-2015-4167 at NVDCVE-2015-4700 at SUSECVE-2015-4700 at NVDCVE-2015-5364 at SUSECVE-2015-5364 at NVDCVE-2015-5366 at SUSECVE-2015-5366 at NVDCVE-2015-5707 at SUSECVE-2015-5707 at NVDcpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix bugs and
security issues.
The following security bugs have been fixed:
- CVE-2015-6252: Possible file descriptor leak for each VHOST_SET_LOG_FD
command issued. This could eventually waste available system resources
and create a denial of service. (bsc#942367)
- CVE-2015-5707: Possible integer overflow in the calculation of total
number of pages in bio_map_user_iov(). (bsc#940338)
The following non-security bugs have been fixed:
- ib/iser: Add Discovery support. (bsc#923002)
- ib/iser: Move informational messages from error to info level. (bsc#923002)
- scsi: Limit iscsi kABI changes to discovery session. (bsc#923002)
- scsi: Fix force panic issue with the megaraid_sas driver with Intel Romley hardware. (bsc#938485)
- scsi: Update megaraid_sas's threshold based reply post host index register.(bsc#919808)
- scsi: megaraid_sas: Use correct reset sequence in adp_reset(). (bsc#894936)
- scsi: Fix scsi_error_handler vs. scsi_host_dev_release race. (bsc#942204)
- scsi: Exporting new attrs for iscsi session and connection in sysfs. (bsc#923002)
- ext3: Fix data corruption in inodes with journalled data. (bsc#936637)
- libiscsi: Exporting new attrs for iscsi session and connection in sysfs. (bsc#923002)
- watchdog: Report watchdog state properly after failure. (bsc#937444)
- x86/mm: Improve AMD Bulldozer ASLR workaround. (bsc#937032)
- Make sure that there's not too many elements in iovec. (bsc#940338)
ModerateSUSE bug 894936SUSE bug 919808SUSE bug 923002SUSE bug 936637SUSE bug 937032SUSE bug 937444SUSE bug 938485SUSE bug 940338SUSE bug 942204SUSE bug 942367CVE-2015-5707 at SUSECVE-2015-5707 at NVDCVE-2015-6252 at SUSECVE-2015-6252 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix bugs and
security issues.
The following security issues have been fixed:
- keys: Don't permit request_key() to construct a new keyring (bsc#951440, CVE-2015-7872).
- keys: Fix crash when attempt to garbage collect an uninstantiated keyring (bsc#951440, CVE-2015-7872).
- rds: Verify the underlying transport exists before creating a connection (bsc#945825, CVE-2015-6937).
- ipv6/addrconf: Validate new MTU before applying it (bsc#944296, CVE-2015-0272).
- rcu: Move lockless_dereference() out of rcupdate.h (bsc#938706, CVE-2015-5157).
- x86/ldt: Correct FPU emulation access to LDT (bsc#938706, CVE-2015-5157).
- x86/ldt: Correct LDT access in single stepping logic (bsc#938706, CVE-2015-5157).
- x86/ldt: Further fix FPU emulation (bsc#938706, CVE-2015-5157).
- x86/ldt: Make modify_ldt synchronous (bsc#938706, CVE-2015-5157).
- x86/nmi/64: Switch stacks on userspace NMI entry (bsc#938706, CVE-2015-5157).
The following non-security issues have been fixed:
- Enable x86_64/ec2 configuration (bsc#951771).
- keys: Fix race between key destruction and finding a keyring by name (bsc#951440).
- scsi/hosts: Update to use ida_simple for host_no management (bsc#939926).
- sched/core: Fix task and run queue sched_info::run_delay inconsistencies (bsc#949100).
- x86/tls/ldt: Stop checking lm in LDT_empty (bsc#920250).
- x86/irq: Check for valid irq descriptor in check_irq_vectors_for_cpu_disable (bsc#914726).
- xfs: Fix softlockup in xfs_inode_ag_walk() (bsc#948347).
ImportantSUSE bug 914726SUSE bug 920250SUSE bug 938706SUSE bug 939926SUSE bug 944296SUSE bug 945825SUSE bug 948347SUSE bug 949100SUSE bug 951440SUSE bug 951771CVE-2015-0272 at SUSECVE-2015-0272 at NVDCVE-2015-5157 at SUSECVE-2015-5157 at NVDCVE-2015-6937 at SUSECVE-2015-6937 at NVDCVE-2015-7872 at SUSECVE-2015-7872 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix the following security issues.
- kvm/svm: Unconditionally intercept #DB (bsc#954404, CVE-2015-8104).
- kvm/x86: Work around infinite loop in microcode when #AC is delivered (bsc#953527, CVE-2015-5307).
- rds: Fix race condition when sending a message on unbound socket (bsc#952384, CVE-2015-7990).
ImportantSUSE bug 952384SUSE bug 953527SUSE bug 954404CVE-2015-5307 at SUSECVE-2015-5307 at NVDCVE-2015-7990 at SUSECVE-2015-7990 at NVDCVE-2015-8104 at SUSECVE-2015-8104 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix bugs and
security issues.
The following security issues have been fixed:
- bluetooth: Validate socket address length in sco_sock_bind() (bsc#959399, CVE-2015-8575).
- ext4: Make orphan functions be no-op in no-journal mode (bsc#956709, CVE-2015-7509).
- input/aiptek: Adjust error-handling code label (bsc#956708, CVE-2015-7515).
- input/aiptek: Fix crash on detecting device without endpoints (bsc#956708, CVE-2015-7515).
- isdn_ppp: Add checks for allocation failure in isdn_ppp_open() (bsc#949936, CVE-2015-7799).
- kabi: Protect struct unix_sock layout after epoll fix (bsc#917648, bsc#955654, CVE-2013-7446).
- keys: Fix handling of stored error in a negatively instantiated user key (bsc#958463, CVE-2015-8539).
- keys: Fix race between read and revoke (bsc#958951, CVE-2015-7550).
- net: Add validation for the socket syscall protocol argument (bsc#958886, CVE-2015-8543).
- ppp/slip: Validate VJ compression slot parameters completely (bsc#949936, CVE-2015-7799).
- pptp: Verify sockaddr_len in pptp_bind() and pptp_connect() (bsc#959190, CVE-2015-8569).
- sctp: Prevent soft lockup when sctp_accept() is called during a timeout event (bsc#961509, CVE-2015-8767).
- tty: Fix unsafe ldisc reference via ioctl(TIOCGETD) (bsc#961500, CVE-2016-0723).
- unix: Avoid use-after-free in ep_remove_wait_queue (bsc#917648, bsc#955654, CVE-2013-7446).
- xen/pciback: Don't allow MSI-X ops if PCI_COMMAND_MEMORY is not set (bsc#957990, CVE-2015-8551, CVE-2015-8552, XSA-157).
- xen/pciback: For XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled (bsc#957990, CVE-2015-8551, CVE-2015-8552, XSA-157).
- xen/pciback: Return error on XEN_PCI_OP_enable_msix/XEN_PCI_OP_enable_msi when device has MSI or MSI-X enabled (bsc#957990, CVE-2015-8551, CVE-2015-8552 XSA-157).
- Guarantee one time reads of shared ring contents (bsc#957988, CVE-2015-8550, XSA-155).
The following non-security issues have been fixed:
- new helper: single_open_size() (bsc#928122, bsc#962407).
- proc: Speed up /proc/stat handling (bsc#928122, bsc#962407).
- /proc/stat: Convert to single_open_size() (bsc#928122, bsc#962407).
- xfs: Fix lost direct IO write in the last block (bsc#949744).
- Fix build error caused by missing U8_MAX.
- Add references for bsc#955354 and CVE-2015-8215 to patch.
- Refreshed patch to fix bsc#959705.
ImportantSUSE bug 917648SUSE bug 928122SUSE bug 949744SUSE bug 949936SUSE bug 955354SUSE bug 955654SUSE bug 956708SUSE bug 956709SUSE bug 957988SUSE bug 957990SUSE bug 958463SUSE bug 958886SUSE bug 958951SUSE bug 959190SUSE bug 959399SUSE bug 959705SUSE bug 961500SUSE bug 961509SUSE bug 962407CVE-2013-7446 at SUSECVE-2013-7446 at NVDCVE-2015-7509 at SUSECVE-2015-7509 at NVDCVE-2015-7515 at SUSECVE-2015-7515 at NVDCVE-2015-7550 at SUSECVE-2015-7550 at NVDCVE-2015-7799 at SUSECVE-2015-7799 at NVDCVE-2015-8215 at SUSECVE-2015-8215 at NVDCVE-2015-8539 at SUSECVE-2015-8539 at NVDCVE-2015-8543 at SUSECVE-2015-8543 at NVDCVE-2015-8550 at SUSECVE-2015-8550 at NVDCVE-2015-8551 at SUSECVE-2015-8551 at NVDCVE-2015-8552 at SUSECVE-2015-8552 at NVDCVE-2015-8569 at SUSECVE-2015-8569 at NVDCVE-2015-8575 at SUSECVE-2015-8575 at NVDCVE-2015-8767 at SUSECVE-2015-8767 at NVDCVE-2016-0723 at SUSECVE-2016-0723 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix bugs and
security issues.
The following security issues have been fixed:
- usb/serial/visor: Fix crash on detecting device without write_urbs (bsc#961512, CVE-2015-7566).
- alsa/hrtimer: Fix stall by hrtimer_cancel() (CVE-2016-2549,bsc#968013).
- alsa/timer: Harden slave timer list handling (CVE-2016-2547,CVE-2016-2548,bsc#968011,bsc#968012).
- alsa/timer: Fix race among timer ioctls (CVE-2016-2546,bsc#967975).
- alsa/timer: Fix double unlink of active_list (CVE-2016-2545,bsc#967974).
- alsa/seq: Fix race at timer setup and close (CVE-2016-2544,bsc#967973).
- alsa/seq: Fix missing NULL check at remove_events ioctl (CVE-2016-2543,bsc#967972).
- alsa/usb-audio: Avoid freeing umidi object twice (CVE-2016-2384,bsc#966693).
- iw_cxgb3: Fix incorrectly returning error on success (bsc#966437, CVE-2015-8812).
- fuse: Break infinite loop in fuse_fill_write_pages() (bsc#963765, CVE-2015-8785).
- x86/mm: Add barriers and document switch_mm()-vs-flush synchronization (bsc#963767, CVE-2016-2069).
The following new features have been implemented:
- Indirect request segment descriptors protocol additions (fate#320200, bsc#956084).
- Add BLKIF_OP_INDIRECT to the blkif protocol (fate#320200, bsc#956084).
- blkif: Indirect request segment descriptors definitions (fate#316876, bsc#956084).
- blkfront: Allow using indirect request segment descriptors (fate#316876, bsc#956084).
- Update patches.xen/xen-blkif-discard (fate#309305, bsc#956084).
- Refresh patches.xen/xen-blkif-op-packet (fate#300964, bsc#956084).
- Build Xen blkfront PV driver (bsc#956084).
- Add Xen platform-pci PV driver (bsc#956084).
The following bugs have been fixed:
- Fix PV and pvops builds (bsc#956084).
- Fix blkfront crashes on resume (bsc#956084).
- Limit expansion of names_list (bsc#966102).
ImportantSUSE bug 956084SUSE bug 961512SUSE bug 963765SUSE bug 963767SUSE bug 966102SUSE bug 966437SUSE bug 966693SUSE bug 967972SUSE bug 967973SUSE bug 967974SUSE bug 967975SUSE bug 968011SUSE bug 968012SUSE bug 968013CVE-2015-7566 at SUSECVE-2015-7566 at NVDCVE-2015-8785 at SUSECVE-2015-8785 at NVDCVE-2015-8812 at SUSECVE-2015-8812 at NVDCVE-2016-2069 at SUSECVE-2016-2069 at NVDCVE-2016-2384 at SUSECVE-2016-2384 at NVDCVE-2016-2543 at SUSECVE-2016-2543 at NVDCVE-2016-2544 at SUSECVE-2016-2544 at NVDCVE-2016-2545 at SUSECVE-2016-2545 at NVDCVE-2016-2546 at SUSECVE-2016-2546 at NVDCVE-2016-2547 at SUSECVE-2016-2547 at NVDCVE-2016-2548 at SUSECVE-2016-2548 at NVDCVE-2016-2549 at SUSECVE-2016-2549 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in
the Linux kernel allowed local users to bypass intended AF_UNIX socket
permissions or cause a denial of service (panic) via crafted epoll_ctl
calls (bnc#955654).
- CVE-2015-7509: fs/ext4/namei.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (system crash) via
a crafted no-journal filesystem, a related issue to CVE-2013-2015
(bnc#956707).
- CVE-2015-7515: An out of bounds memory access in the aiptek USB
driver could be used by physical local attackers to crash the kernel
(bnc#956708).
- CVE-2015-7550: The keyctl_read_key function in security/keys/keyctl.c
in the Linux kernel did not properly use a semaphore, which allowed
local users to cause a denial of service (NULL pointer dereference and
system crash) or possibly have unspecified other impact via a crafted
application that leverages a race condition between keyctl_revoke and
keyctl_read calls (bnc#958951).
- CVE-2015-7566: A malicious USB device could cause kernel crashes in
the visor device driver (bnc#961512).
- CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in
the Linux kernel did not ensure that certain slot numbers are valid,
which allowed local users to cause a denial of service (NULL pointer
dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call
(bnc#949936).
- CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux
kernel did not validate attempted changes to the MTU value, which allowed
context-dependent attackers to cause a denial of service (packet loss)
via a value that is (1) smaller than the minimum compliant value or
(2) larger than the MTU of an interface, as demonstrated by a Router
Advertisement (RA) message that is not validated by a daemon, a different
vulnerability than CVE-2015-0272. NOTE: the scope of CVE-2015-0272 is
limited to the NetworkManager product (bnc#955354).
- CVE-2015-8539: The KEYS subsystem in the Linux kernel allowed
local users to gain privileges or cause a denial of service (BUG)
via crafted keyctl commands that negatively instantiate a key, related
to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c,
and security/keys/user_defined.c (bnc#958463).
- CVE-2015-8543: The networking implementation in the Linux kernel
did not validate protocol identifiers for certain protocol families,
which allowed local users to cause a denial of service (NULL function
pointer dereference and system crash) or possibly gain privileges by
leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application
(bnc#958886).
- CVE-2015-8550: Optimizations introduced by the compiler could have
lead to double fetch vulnerabilities, potentially possibly leading to
arbitrary code execution in backend (bsc#957988). (bsc#957988 XSA-155).
- CVE-2015-8551: The PCI backend driver in Xen, when running on an
x86 system and using Linux as the driver domain, allowed local guest
administrators to hit BUG conditions and cause a denial of service
(NULL pointer dereference and host OS crash) by leveraging a system with
access to a passed-through MSI or MSI-X capable physical PCI device
and a crafted sequence of XEN_PCI_OP_* operations, aka 'Linux pciback
missing sanity checks (bnc#957990).
- CVE-2015-8552: The PCI backend driver in Xen, when running on an
x86 system and using Linux as the driver domain, allowed local guest
administrators to generate a continuous stream of WARN messages and
cause a denial of service (disk consumption) by leveraging a system with
access to a passed-through MSI or MSI-X capable physical PCI device and
XEN_PCI_OP_enable_msi operations, aka 'Linux pciback missing sanity checks
(bnc#957990).
- CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in
drivers/net/ppp/pptp.c in the Linux kernel do not verify an address
length, which allowed local users to obtain sensitive information from
kernel memory and bypass the KASLR protection mechanism via a crafted
application (bnc#959190).
- CVE-2015-8575: The sco_sock_bind function in net/bluetooth/sco.c in
the Linux kernel did not verify an address length, which allowed local
users to obtain sensitive information from kernel memory and bypass the
KASLR protection mechanism via a crafted application (bnc#959399).
- CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux kernel did not
properly manage the relationship between a lock and a socket, which
allowed local users to cause a denial of service (deadlock) via a crafted
sctp_accept call (bnc#961509).
- CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c
in the Linux kernel allowed local users to cause a denial of service
(infinite loop) via a writev system call that triggers a zero length
for the first segment of an iov (bnc#963765).
- CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when
the network was considered congested. The kernel would incorrectly
misinterpret the congestion as an error condition and incorrectly
free/clean up the skb. When the device would then send the skb's queued,
these structures would be referenced and may panic the system
or allow an attacker to escalate privileges in a use-after-free
scenario.(bsc#966437).
- CVE-2015-8816: A malicious USB device could cause kernel crashes in
the in hub_activate() function (bnc#968010).
- CVE-2016-0723: Race condition in the tty_ioctl function in
drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain
sensitive information from kernel memory or cause a denial of service
(use-after-free and system crash) by making a TIOCGETD ioctl call during
processing of a TIOCSETD ioctl call (bnc#961500).
- CVE-2016-2069: A race in invalidating paging structures that were not
in use locally could have lead to disclosoure of information or arbitrary
code exectution (bnc#963767).
- CVE-2016-2143: On zSeries a fork of a large process could have caused
memory corruption due to incorrect page table handling. (bnc#970504,
LTC#138810).
- CVE-2016-2184: A malicious USB device could cause kernel crashes in
the alsa usb-audio device driver (bsc#971125).
- CVE-2016-2185: A malicious USB device could cause kernel crashes in
the usb_driver_claim_interface function (bnc#971124).
- CVE-2016-2186: A malicious USB device could cause kernel crashes in
the powermate device driver (bnc#970958).
- CVE-2016-2384: A double free on the ALSA umidi object was
fixed. (bsc#966693).
- CVE-2016-2543: A missing NULL check at remove_events ioctl in the ALSA
seq driver was fixed. (bsc#967972).
- CVE-2016-2544: Fix race at timer setup and close in the ALSA seq driver
was fixed. (bsc#967973).
- CVE-2016-2545: A double unlink of active_list in the ALSA timer driver
was fixed. (bsc#967974).
- CVE-2016-2546: A race among ALSA timer ioctls was fixed (bsc#967975).
- CVE-2016-2547,CVE-2016-2548: The ALSA slave
timer list handling was hardened against hangs and
races. (CVE-2016-2547,CVE-2016-2548,bsc#968011,bsc#968012).
- CVE-2016-2549: A stall in ALSA hrtimer handling was fixed (bsc#968013).
- CVE-2016-2782: A malicious USB device could cause kernel crashes in
the visor device driver (bnc#968670).
- CVE-2016-3137: A malicious USB device could cause kernel crashes in
the cypress_m8 device driver (bnc#970970).
- CVE-2016-3139: A malicious USB device could cause kernel crashes in
the wacom device driver (bnc#970909).
- CVE-2016-3140: A malicious USB device could cause kernel crashes in
the digi_acceleport device driver (bnc#970892).
- CVE-2016-3156: A quadratic algorithm could lead to long
kernel ipv4 hangs when removing a device with a large number of
addresses. (bsc#971360).
- CVE-2016-3955: A remote buffer overflow in the usbip driver could be used
by authenticated attackers to crash the kernel. (bsc#975945)
- CVE-2016-2847: A local user could exhaust kernel memory by pushing lots of data
into pipes. (bsc#970948).
- CVE-2016-2188: A malicious USB device could cause kernel crashes in the
iowarrior device driver (bnc#970956).
- CVE-2016-3138: A malicious USB device could cause kernel crashes in the
cdc-acm device driver (bnc#970911).
The following non-security bugs were fixed:
- af_unix: Guard against other == sk in unix_dgram_sendmsg (bsc#973570).
- blktap: also call blkif_disconnect() when frontend switched to closed (bsc#952976).
- blktap: refine mm tracking (bsc#952976).
- cachefiles: Avoid deadlocks with fs freezing (bsc#935123).
- cifs: Schedule on hard mount retry (bsc#941514).
- cpuset: Fix potential deadlock w/ set_mems_allowed (bsc#960857, bsc#974646).
- dcache: use IS_ROOT to decide where dentry is hashed (bsc#949752).
- driver: Vmxnet3: Fix ethtool -S to return correct rx queue stats (bsc#950750).
- drm/i915: Change semantics of hw_contexts_disabled (bsc#963276).
- drm/i915: Evict CS TLBs between batches (bsc#758040).
- drm/i915: Fix SRC_COPY width on 830/845g (bsc#758040).
- e1000e: Do not read ICR in Other interrupt (bsc#924919).
- e1000e: Do not write lsc to ics in msi-x mode (bsc#924919).
- e1000e: Fix msi-x interrupt automask (bsc#924919).
- e1000e: Remove unreachable code (bsc#924919).
- ext3: fix data=journal fast mount/umount hang (bsc#942082).
- ext3: NULL dereference in ext3_evict_inode() (bsc#942082).
- firmware: Create directories for external firmware (bsc#959312).
- firmware: Simplify directory creation (bsc#959312).
- fs: Avoid deadlocks of fsync_bdev() and fs freezing (bsc#935123).
- fs: Fix deadlocks between sync and fs freezing (bsc#935123).
- ftdi_sio: private backport of TIOCMIWAIT (bnc#956375).
- ipr: Fix incorrect trace indexing (bsc#940913).
- ipr: Fix invalid array indexing for HRRQ (bsc#940913).
- ipv6: make fib6 serial number per namespace (bsc#965319).
- ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs (bsc#956852).
- ipv6: per netns fib6 walkers (bsc#965319).
- ipv6: per netns FIB garbage collection (bsc#965319).
- ipv6: replace global gc_args with local variable (bsc#965319).
- jbd: Fix unreclaimed pages after truncate in data=journal mode (bsc#961516).
- kabi: protect struct netns_ipv6 after FIB6 GC series (bsc#965319).
- kbuild: create directory for dir/file.o (bsc#959312).
- kexec: Fix race between panic() and crash_kexec() called directly (bnc#937444).
- lpfc: Fix null ndlp dereference in target_reset_handler (bsc#951392).
- mld, igmp: Fix reserved tailroom calculation (bsc#956852).
- mm-memcg-print-statistics-from-live-counters-fix (bnc#969307).
- netfilter: xt_recent: fix namespace destroy path (bsc#879378).
- nfs4: treat lock owners as opaque values (bnc#968141).
- nfs: Fix handling of re-write-before-commit for mmapped NFS pages (bsc#964201).
- nfs: use smaller allocations for 'struct id_map' (bsc#965923).
- nfsv4: Fix two infinite loops in the mount code (bsc#954628).
- nfsv4: Recovery of recalled read delegations is broken (bsc#956514).
- panic/x86: Allow cpus to save registers even if they (bnc#940946).
- panic/x86: Fix re-entrance problem due to panic on (bnc#937444).
- pciback: do not allow MSI-X ops if PCI_COMMAND_MEMORY is not set.
- pciback: for XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled.
- pciback: return error on XEN_PCI_OP_enable_msi when device has MSI or MSI-X enabled.
- pciback: return error on XEN_PCI_OP_enable_msix when device has MSI or MSI-X enabled.
- pci: Update VPD size with correct length (bsc#958906).
- quota: Fix deadlock with suspend and quotas (bsc#935123).
- rdma/ucma: Fix AB-BA deadlock (bsc#963998).
- README.BRANCH: Switch to LTSS mode
- Refresh patches.xen/xen3-08-x86-ldt-make-modify_ldt-synchronous.patch (bsc#959705).
- Restore kabi after lock-owner change (bnc#968141).
- s390/pageattr: Do a single TLB flush for change_page_attr (bsc#940413).
- scsi_dh_rdac: always retry MODE SELECT on command lock violation (bsc#956949).
- scsi: mpt2sas: Rearrange the the code so that the completion queues are initialized prior to sending the request to controller firmware (bsc#967863).
- skb: Add inline helper for getting the skb end offset from head (bsc#956852).
- sunrcp: restore fair scheduling to priority queues (bsc#955308).
- sunrpc: refactor rpcauth_checkverf error returns (bsc#955673).
- tcp: avoid order-1 allocations on wifi and tx path (bsc#956852).
- tcp: fix skb_availroom() (bsc#956852).
- tg3: 5715 does not link up when autoneg off (bsc#904035).
- Update patches.fixes/mm-exclude-reserved-pages-from-dirtyable-memory-fix.patch (bnc#940017, bnc#949298, bnc#947128).
- usb: ftdi_sio: fix race condition in TIOCMIWAIT, and abort of TIOCMIWAIT when the device is removed (bnc#956375).
- usb: ftdi_sio: fix status line change handling for TIOCMIWAIT and TIOCGICOUNT (bnc#956375).
- usb: ftdi_sio: fix tiocmget and tiocmset return values (bnc#956375).
- usb: ftdi_sio: fix tiocmget indentation (bnc#956375).
- usb: ftdi_sio: optimise chars_in_buffer (bnc#956375).
- usb: ftdi_sio: refactor modem-control status retrieval (bnc#956375).
- usb: ftdi_sio: remove unnecessary memset (bnc#956375).
- usb: ftdi_sio: use ftdi_get_modem_status in chars_in_buffer (bnc#956375).
- usb: ftdi_sio: use generic chars_in_buffer (bnc#956375).
- usb: serial: export usb_serial_generic_chars_in_buffer (bnc#956375).
- usb: serial: ftdi_sio: Add missing chars_in_buffer function (bnc#956375).
- usbvision fix overflow of interfaces array (bnc#950998).
- veth: extend device features (bsc#879381).
- vfs: Provide function to get superblock and wait for it to thaw (bsc#935123).
- vmxnet3: adjust ring sizes when interface is down (bsc#950750).
- vmxnet3: fix building without CONFIG_PCI_MSI (bsc#958912).
- vmxnet3: fix ethtool ring buffer size setting (bsc#950750).
- vmxnet3: fix netpoll race condition (bsc#958912).
- writeback: Skip writeback for frozen filesystem (bsc#935123).
- x86/evtchn: make use of PHYSDEVOP_map_pirq.
- x86, kvm: fix kvm's usage of kernel_fpu_begin/end() (bsc#961518).
- x86, kvm: fix maintenance of guest/host xcr0 state (bsc#961518).
- x86, kvm: use kernel_fpu_begin/end() in kvm_load/put_guest_fpu() (bsc#961518).
- x86/mce: Fix return value of mce_chrdev_read() when erst is disabled (bsc#934787).
- xen/panic/x86: Allow cpus to save registers even if they (bnc#940946).
- xen/panic/x86: Fix re-entrance problem due to panic on (bnc#937444).
- xen: x86: mm: drop TLB flush from ptep_set_access_flags (bsc#948330).
- xen: x86: mm: only do a local tlb flush in ptep_set_access_flags() (bsc#948330).
- xfrm: do not segment UFO packets (bsc#946122).
- xhci: silence TD warning (bnc#939955).
ImportantSUSE bug 758040SUSE bug 781018SUSE bug 879378SUSE bug 879381SUSE bug 904035SUSE bug 924919SUSE bug 934787SUSE bug 935123SUSE bug 937444SUSE bug 939955SUSE bug 940017SUSE bug 940413SUSE bug 940913SUSE bug 940946SUSE bug 941514SUSE bug 942082SUSE bug 946122SUSE bug 947128SUSE bug 948330SUSE bug 949298SUSE bug 949752SUSE bug 949936SUSE bug 950750SUSE bug 950998SUSE bug 951392SUSE bug 952976SUSE bug 954628SUSE bug 955308SUSE bug 955354SUSE bug 955654SUSE bug 955673SUSE bug 956375SUSE bug 956514SUSE bug 956707SUSE bug 956708SUSE bug 956709SUSE bug 956852SUSE bug 956949SUSE bug 957988SUSE bug 957990SUSE bug 958463SUSE bug 958886SUSE bug 958906SUSE bug 958912SUSE bug 958951SUSE bug 959190SUSE bug 959312SUSE bug 959399SUSE bug 959705SUSE bug 960857SUSE bug 961500SUSE bug 961509SUSE bug 961512SUSE bug 961516SUSE bug 961518SUSE bug 963276SUSE bug 963765SUSE bug 963767SUSE bug 963998SUSE bug 964201SUSE bug 965319SUSE bug 965923SUSE bug 966437SUSE bug 966693SUSE bug 967863SUSE bug 967972SUSE bug 967973SUSE bug 967974SUSE bug 967975SUSE bug 968010SUSE bug 968011SUSE bug 968012SUSE bug 968013SUSE bug 968141SUSE bug 968670SUSE bug 969307SUSE bug 970504SUSE bug 970892SUSE bug 970909SUSE bug 970911SUSE bug 970948SUSE bug 970956SUSE bug 970958SUSE bug 970970SUSE bug 971124SUSE bug 971125SUSE bug 971360SUSE bug 973570SUSE bug 974646SUSE bug 975945CVE-2013-7446 at SUSECVE-2013-7446 at NVDCVE-2015-7509 at SUSECVE-2015-7509 at NVDCVE-2015-7515 at SUSECVE-2015-7515 at NVDCVE-2015-7550 at SUSECVE-2015-7550 at NVDCVE-2015-7566 at SUSECVE-2015-7566 at NVDCVE-2015-7799 at SUSECVE-2015-7799 at NVDCVE-2015-8215 at SUSECVE-2015-8215 at NVDCVE-2015-8539 at SUSECVE-2015-8539 at NVDCVE-2015-8543 at SUSECVE-2015-8543 at NVDCVE-2015-8550 at SUSECVE-2015-8550 at NVDCVE-2015-8551 at SUSECVE-2015-8551 at NVDCVE-2015-8552 at SUSECVE-2015-8552 at NVDCVE-2015-8569 at SUSECVE-2015-8569 at NVDCVE-2015-8575 at SUSECVE-2015-8575 at NVDCVE-2015-8767 at SUSECVE-2015-8767 at NVDCVE-2015-8785 at SUSECVE-2015-8785 at NVDCVE-2015-8812 at SUSECVE-2015-8812 at NVDCVE-2015-8816 at SUSECVE-2015-8816 at NVDCVE-2016-0723 at SUSECVE-2016-0723 at NVDCVE-2016-2069 at SUSECVE-2016-2069 at NVDCVE-2016-2143 at SUSECVE-2016-2143 at NVDCVE-2016-2184 at SUSECVE-2016-2184 at NVDCVE-2016-2185 at SUSECVE-2016-2185 at NVDCVE-2016-2186 at SUSECVE-2016-2186 at NVDCVE-2016-2188 at SUSECVE-2016-2188 at NVDCVE-2016-2384 at SUSECVE-2016-2384 at NVDCVE-2016-2543 at SUSECVE-2016-2543 at NVDCVE-2016-2544 at SUSECVE-2016-2544 at NVDCVE-2016-2545 at SUSECVE-2016-2545 at NVDCVE-2016-2546 at SUSECVE-2016-2546 at NVDCVE-2016-2547 at SUSECVE-2016-2547 at NVDCVE-2016-2548 at SUSECVE-2016-2548 at NVDCVE-2016-2549 at SUSECVE-2016-2549 at NVDCVE-2016-2782 at SUSECVE-2016-2782 at NVDCVE-2016-2847 at SUSECVE-2016-2847 at NVDCVE-2016-3137 at SUSECVE-2016-3137 at NVDCVE-2016-3138 at SUSECVE-2016-3138 at NVDCVE-2016-3139 at SUSECVE-2016-3139 at NVDCVE-2016-3140 at SUSECVE-2016-3140 at NVDCVE-2016-3156 at SUSECVE-2016-3156 at NVDCVE-2016-3955 at SUSECVE-2016-3955 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix bugs and
security issues.
The following security issues have been fixed:
- alsa/usb-audio: Add sanity checks for endpoint accesses (CVE-2016-2184,bsc#971125).
- alsa/usb-audio: Fix NULL dereference in create_fixed_stream_quirk() (CVE-2016-2184,bsc#971125).
- input/powermate: Fix oops with malicious USB descriptors (bsc#970958, CVE-2016-2186).
- ipv4: Don't do expensive useless work during inetdev destroy (CVE-2016-3156, bsc#971360).
- pipe: Limit the per-user amount of pages allocated in pipes (bsc#970948, CVE-2016-2847).
- usb/cdc-acm: More sanity checking (bsc#970911, CVE-2016-3138).
- usb/cypress_m8: Add endpoint sanity check (bsc#970970, CVE-2016-3137).
- usb/digi_acceleport: Do sanity checking for the number of ports (bsc#970892, CVE-2016-3140).
- usb: Fix invalid memory access in hub_activate() (bsc#968010, CVE-2015-8816).
- usb/iowarrior: Fix oops with malicious USB descriptors (bsc#970956, CVE-2016-2188).
- usb/usb_driver_claim_interface: Add sanity checking (bsc#971124, CVE-2016-2185).
- usb/usbip: Fix potential out-of-bounds write (bsc#975945, CVE-2016-3955).
- usb/visor: Fix null-deref at probe (bsc#968670, CVE-2016-2782).
- wacom: Fix crash due to missing endpoint (bsc#970909, CVE-2016-3139).
The NVMe driver was updated to the current SLE11-SP4 version, which includes the
following fixes enhancements:
- NVMe: Free cmdid on nvme_submit_bio error (bsc#913030, fate#317455, fate#320430).
- NVMe: End queued bio requests when freeing queue (bsc#913030, fate#317455, fate#320430).
- NVMe: Set result from user admin command (bsc#913030, fate#317455, fate#320430).
- NVMe: Add result to nvme_get_features (bsc#913030, fate#317455, fate#320430).
- NVMe: Define SMART log (bsc#913030, fate#317455, fate#320430).
- NVMe: Initialize iod nents to 0 (bsc#913030, fate#317455, fate#320430).
- NVMe: Add namespaces with no LBA range feature (bsc#913030, fate#317455, fate#320430).
- NVMe: Add discard support for capable devices (bsc#913030, fate#317455, fate#320430).
- NVMe: Rename nvme.c to nvme-core.c (bsc#913030, fate#317455, fate#320430).
- NVMe: Move structures & definitions to header file (bsc#913030, fate#317455, fate#320430).
- NVMe: Add definitions for format command (bsc#913030, fate#317455, fate#320430).
- NVMe: Add nvme-scsi.c (bsc#913030, fate#317455, fate#320430).
- NVMe: Use round_jiffies_relative() for the periodic, once-per-second (bsc#913030, fate#317455, fate#320430).
- NVMe: Abstract out sector to block number conversion (bsc#913030, fate#317455, fate#320430).
- NVMe: Don't fail initialisation unnecessarily (bsc#913030, fate#317455, fate#320430).
- NVMe: Fix sparse warnings in scsi emulation (bsc#913030, fate#317455, fate#320430).
- NVMe: Fix I/O cancellation status on big-endian machines (bsc#913030, fate#317455, fate#320430).
- NVMe: Fix endian-related problems in user I/O submission path (bsc#913030, fate#317455, fate#320430).
- NVMe: Add a character device for each nvme device (bsc#913030, fate#317455, fate#320430).
- NVMe: Set TASK_INTERRUPTIBLE before processing queues (bsc#913030, fate#317455, fate#320430).
- NVMe: Queue usage fixes in nvme-scsi (bsc#913030, fate#317455, fate#320430).
- NVMe: Add scsi unmap to SG_IO (bsc#913030, fate#317455, fate#320430).
- NVMe: Free admin queue on request_irq error (bsc#913030, fate#317455, fate#320430).
- NVMe: Fix error clean-up on nvme_alloc_queue (bsc#913030, fate#317455, fate#320430).
- NVMe: Check for NULL memory in nvme_dev_add (bsc#913030, fate#317455, fate#320430).
- NVMe: Remove dead code in nvme_dev_add (bsc#913030, fate#317455, fate#320430).
- NVMe: Split non-mergeable bio requests (bsc#913030, fate#317455, fate#320430).
- NVMe: Device specific stripe size handling (bsc#913030, fate#317455, fate#320430).
- NVMe: Meta-data support in NVME_IOCTL_SUBMIT_IO (bsc#913030, fate#317455, fate#320430).
- NVMe: Schedule timeout for sync commands (bsc#913030, fate#317455, fate#320430).
- NVMe: Wait for device to acknowledge shutdown (bsc#913030, fate#317455, fate#320430).
- NVMe: Only clear the enable bit when disabling controller (bsc#913030, fate#317455, fate#320430).
- NVMe: Simplify Firmware Activate code slightly (bsc#913030, fate#317455, fate#320430).
- NVMe: Use user defined admin ioctl timeout (bsc#913030, fate#317455, fate#320430).
- NVMe: Remove redundant version.h header include (bsc#913030, fate#317455, fate#320430).
- NVMe: Fix a signedness bug in nvme_trans_modesel_get_mp (bsc#913030, fate#317455, fate#320430).
- NVMe: Check for integer overflow in nvme_map_user_pages() (bsc#913030, fate#317455, fate#320430).
- NVMe: Fix error return code in nvme_submit_bio_queue() (bsc#913030, fate#317455, fate#320430).
- NVMe: Do not cancel command multiple times (bsc#913030, fate#317455, fate#320430).
- NVMe: Use dma_set_mask() correctly (bsc#913030, fate#317455, fate#320430).
- NVMe: Add MSI support (bsc#913030, fate#317455, fate#320430).
- NVMe: Use kzalloc instead of kmalloc+memset (bsc#913030, fate#317455, fate#320430).
- NVMe: Restructure MSI / MSI-X setup (bsc#913030, fate#317455, fate#320430).
- NVMe: Disk IO statistics (bsc#913030, fate#317455, fate#320430).
- NVMe: Return correct value from interrupt handler (bsc#913030, fate#317455, fate#320430).
- NVMe: Remove 'process_cq did something' message (bsc#913030, fate#317455, fate#320430).
- NVMe: Call nvme_process_cq from submission path (bsc#913030, fate#317455, fate#320430).
- NVMe: Split header file into user-visible and kernel-visible pieces (bsc#913030, fate#317455, fate#320430).
- NVMe: Update nvme_id_power_state with latest spec (bsc#913030, fate#317455, fate#320430).
- NVMe: Namespace IDs are unsigned (bsc#913030, fate#317455, fate#320430).
- NVMe: Fix checkpatch issues (bsc#913030, fate#317455, fate#320430).
- NVMe: Bring up cdev on set feature failure (bsc#913030, fate#317455, fate#320430).
- NVMe: Disk stats for read/write commands only (bsc#913030, fate#317455, fate#320430).
- NVMe: Group pci related actions in functions (bsc#913030, fate#317455, fate#320430).
- NVMe: Separate queue alloc/free from create/delete (bsc#913030, fate#317455, fate#320430).
- NVMe: Separate controller init from disk discovery (bsc#913030, fate#317455, fate#320430).
- NVMe: Use normal shutdown (bsc#913030, fate#317455, fate#320430).
- NVMe: Add pci suspend/resume driver callbacks (bsc#913030, fate#317455, fate#320430).
- NVMe: Handle ioremap failure (bsc#913030, fate#317455, fate#320430).
- NVMe: Merge issue on character device bring-up (bsc#913030, fate#317455, fate#320430).
- DMA-API: block: nvme-core: replace (bsc#913030, fate#317455, fate#320430).
- NVMe: Avoid shift operation when writing cq head doorbell (bsc#913030, fate#317455, fate#320430).
- NVMe: Remove deprecated IRQF_DISABLED (bsc#913030, fate#317455, fate#320430).
- NVMe: Compat SG_IO ioctl (bsc#913030, fate#317455, fate#320430).
- NVMe: Fix lockdep warnings (bsc#913030, fate#317455, fate#320430).
- NVMe: Cache dev->pci_dev in a local pointer (bsc#913030, fate#317455, fate#320430).
- NVMe: Device resume error handling (bsc#913030, fate#317455, fate#320430).
- NVMe: Schedule reset for failed controllers (bsc#913030, fate#317455, fate#320430).
- NVMe: Abort timed out commands (bsc#913030, fate#317455, fate#320430).
- NVMe: Surprise removal handling (bsc#913030, fate#317455, fate#320430).
- NVMe: Async IO queue deletion (bsc#913030, fate#317455, fate#320430).
- NVMe: Dynamically allocate partition numbers (bsc#913030, fate#317455, fate#320430).
- NVMe: Disable admin queue on init failure (bsc#913030, fate#317455, fate#320430).
- NVMe: Add a pci_driver shutdown method (bsc#913030, fate#317455, fate#320430).
- NVMe: Include device and queue numbers in interrupt name (bsc#913030, fate#317455, fate#320430).
- NVMe: Correct uses of INIT_WORK (bsc#913030, fate#317455, fate#320430).
- NVMe: Namespace use after free on surprise removal (bsc#913030, fate#317455, fate#320430).
- NVMe: Add CONFIG_PM_SLEEP to suspend/resume functions (bsc#913030, fate#317455, fate#320430).
- NVMe: Initialize device reference count earlier (bsc#913030, fate#317455, fate#320430).
- NVMe: RCU protected access to io queues (bsc#913030, fate#317455, fate#320430).
- NVMe: IOCTL path RCU protect queue access (bsc#913030, fate#317455, fate#320430).
- NVMe: Fix divide-by-zero in nvme_trans_io_get_num_cmds (bsc#913030, fate#317455, fate#320430).
- NVMe: Replace DEFINE_PCI_DEVICE_TABLE (bsc#913030, fate#317455, fate#320430).
- NVMe: Per-cpu io queues (bsc#913030, fate#317455, fate#320430).
- NVMe: CPU hot plug notification (bsc#913030, fate#317455, fate#320430).
- NVMe: Make I/O timeout a module parameter (bsc#913030, fate#317455, fate#320430).
- NVMe: Start-stop nvme_thread during device add-remove (bsc#913030, fate#317455, fate#320430).
- NVMe: Add getgeo to block ops (bsc#913030, fate#317455, fate#320430).
- NVMe: Retry failed commands with non-fatal errors (bsc#913030, fate#317455, fate#320430).
- NVMe: Update copyright headers (bsc#913030, fate#317455, fate#320430).
- NVMe: Improve error messages (bsc#913030, fate#317455, fate#320430).
- NVMe: Protect against badly formatted CQEs (bsc#913030, fate#317455, fate#320430).
- NVMe: Configure support for block flush (bsc#913030, fate#317455, fate#320430).
- NVMe: Enable BUILD_BUG_ON checks (bsc#913030, fate#317455, fate#320430).
- NVMe: Fix the buffer size passed in GetLogPage(CDW10.NUMD) (bsc#913030, fate#317455, fate#320430).
- NVMe: Prevent possible NULL pointer dereference (bsc#913030, fate#317455, fate#320430).
- NVMe: Make iod bio timeout a parameter (bsc#913030, fate#317455, fate#320430).
- NVMe: Make admin timeout a module parameter (bsc#913030, fate#317455, fate#320430).
- NVMe: Delete NVME_GET_FEAT_TEMP_THRESH (bsc#913030, fate#317455, fate#320430).
- NVMe: Fix nvme get/put queue semantics (bsc#913030, fate#317455, fate#320430).
- NVMe: Adhere to request queue block accounting enable/disable (bsc#913030, fate#317455, fate#320430).
- NVMe: Use last bytes of f/w rev SCSI Inquiry (bsc#913030, fate#317455, fate#320430).
- NVMe: Rename io_timeout to nvme_io_timeout (bsc#913030, fate#317455, fate#320430).
- NVMe: Fix hot cpu notification dead lock (bsc#913030, fate#317455, fate#320430).
- NVMe: Define Log Page constants (bsc#913030, fate#317455, fate#320430).
- NVMe: Use Log Page constants in SCSI emulation (bsc#913030, fate#317455, fate#320430).
- NVMe: Fix START_STOP_UNIT Scsi->NVMe translation (bsc#913030, fate#317455, fate#320430).
- NVMe: Async event request (bsc#913030, fate#317455, fate#320430).
- NVMe: Update list of status codes (bsc#913030, fate#317455, fate#320430).
- NVMe: Mismatched host/device page size support (bsc#913030, fate#317455, fate#320430).
- NVMe: Change nvme_enable_ctrl to set EN and manage CC thru (bsc#913030, fate#317455, fate#320430).
- NVMe: Handling devices incapable of I/O (bsc#913030, fate#317455, fate#320430).
- NVMe: Skip orderly shutdown on failed devices (bsc#913030, fate#317455, fate#320430).
- NVMe: Add shutdown timeout as module parameter (bsc#913030, fate#317455, fate#320430).
- NVMe: Call nvme_free_queue directly (bsc#913030, fate#317455, fate#320430).
- NVMe: Fix filesystem sync deadlock on removal (bsc#913030, fate#317455, fate#320430).
- NVMe: Correctly handle IOCTL_SUBMIT_IO when cpus > online queues (bsc#913030, fate#317455, fate#320430).
- NVMe: Replace rcu_assign_pointer() with RCU_INIT_POINTER() (bsc#913030, fate#317455, fate#320430).
- NVMe: Reference count pci device (bsc#913030, fate#317455, fate#320430).
- NVMe: Remove duplicate compat SG_IO code (bsc#913030, fate#317455, fate#320430).
- NVMe: Fix SG_IO status values (bsc#913030, fate#317455, fate#320430).
- NVMe: Translate NVMe status to errno (bsc#913030, fate#317455, fate#320430).
- NVMe: Fix nvmeq waitqueue entry initialization (bsc#913030, fate#317455, fate#320430).
- NVMe: Add revalidate_disk callback (bsc#913030, fate#317455, fate#320430).
- NVMe: Passthrough IOCTL for IO commands (bsc#913030, fate#317455, fate#320430).
- NVMe: Updates for 1.1 spec (bsc#913030, fate#317455, fate#320430).
- NVMe: Fix device probe waiting on kthread (bsc#913030, fate#317455, fate#320430).
- NVMe: Clear QUEUE_FLAG_STACKABLE (bsc#913030, fate#317455, fate#320430).
- NVMe: Do not open disks that are being deleted (bsc#913030, fate#317455, fate#320430).
- NVMe: Do not over allocate for discard requests (bsc#913030, fate#317455, fate#320430).
- NVMe: Make setup work for devices that don't do INTx (bsc#913030, fate#317455, fate#320430).
- NVMe: Fail pci initialization if the device doesn't have any BARs (bsc#913030, fate#317455, fate#320430).
- NVMe: Return 0 from make request on ended bio (bsc#926480, fate#320430).
- NVMe: Add tracepoints (bsc#926056, fate#320430).
- NVMe: Flush with data support (bsc#926056, fate#320430).
- NVMe: Update namespace and controller identify structures to the 1.1a spec (bsc#926056, fate#320430).
- NVMe: Update data structures for NVMe 1.2 (bsc#926056, fate#320430).
- NVMe: Update SCSI Inquiry VPD 83h translation (bsc#926056, fate#320430).
- NVMe: Register management handle under nvme class (bsc#926056, fate#320430).
- NVMe: Asynchronous controller probe (bsc#926056, fate#320430).
- NVMe: Fix potential corruption during shutdown (bsc#926056, fate#320430).
- NVMe: Fix potential corruption on sync commands (bsc#926056, fate#320430).
- NVMe: Fix PRP list calculation for non-4k system page size (bsc#926056, fate#320430).
- NVMe: Initialize device list head before starting (bsc#926056, fate#320430).
- NVMe: Add translation for block limits (bsc#926056, fate#320430).
- NVMe: Clear BIO_SEG_VALID flag in nvme_bio_split() (bsc#954992, fate#320430).
- NVMe: default to 4k device page size (bsc#967042, fate#320430).
- DMA-API: provide a helper to set both DMA and coherent DMA masks (bug#909498 fate#317395).
- tty: Use lockless flip buffer free list (bsc#913030, fate#317455).
The following bugs have been fixed:
- Return ENODEV instead of EIO when device is removed with IO pending (bsc#963060).
- af_unix: Guard against other == sk in unix_dgram_sendmsg (bsc#973570).
- scsi_dh_alua: Do not block request queue if workqueue is active (bsc#960458).
- xen/panic-handler: Only call the HV when we don't boot into a crash-kernel (bsc#973691).
ImportantSUSE bug 913030SUSE bug 926056SUSE bug 926480SUSE bug 954992SUSE bug 960458SUSE bug 963060SUSE bug 967042SUSE bug 968010SUSE bug 968670SUSE bug 970892SUSE bug 970909SUSE bug 970911SUSE bug 970948SUSE bug 970956SUSE bug 970958SUSE bug 970970SUSE bug 971124SUSE bug 971125SUSE bug 971360SUSE bug 973570SUSE bug 973691SUSE bug 975945CVE-2015-8816 at SUSECVE-2015-8816 at NVDCVE-2016-2184 at SUSECVE-2016-2184 at NVDCVE-2016-2185 at SUSECVE-2016-2185 at NVDCVE-2016-2186 at SUSECVE-2016-2186 at NVDCVE-2016-2188 at SUSECVE-2016-2188 at NVDCVE-2016-2782 at SUSECVE-2016-2782 at NVDCVE-2016-2847 at SUSECVE-2016-2847 at NVDCVE-2016-3137 at SUSECVE-2016-3137 at NVDCVE-2016-3138 at SUSECVE-2016-3138 at NVDCVE-2016-3139 at SUSECVE-2016-3139 at NVDCVE-2016-3140 at SUSECVE-2016-3140 at NVDCVE-2016-3156 at SUSECVE-2016-3156 at NVDCVE-2016-3955 at SUSECVE-2016-3955 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix bugs and
security issues.
The following security issues have been fixed:
- ALSA/timer: Fix leak in events via snd_timer_user_ccallback (bsc#979213, CVE-2016-4569).
- ALSA/timer: Fix leak in events via snd_timer_user_tinterrupt (bsc#979213, CVE-2016-4569).
- ALSA/timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS (bsc#979213, CVE-2016-4569).
- ASN.1: Fix non-match detection failure on data overrun (bsc#963762, CVE-2016-2053).
- ecryptfs: Don't allow mmap when the lower file system doesn't allow it (bsc#983143, CVE-2016-1583).
- get_rock_ridge_filename(): Handle malformed NM entries (bsc#980725, CVE-2016-4913).
- HID: hiddev: Validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands (bsc#986572, CVE-2016-5829).
- IB/security: Restrict use of the write() interface (bsc#979548, CVE-2016-4565).
- Input/gtco: Fix crash on detecting device without endpoints (bsc#971944, CVE-2016-2187).
- Input/gtco: Fix usb_dev leak (bsc#971944, CVE-2016-2187).
- Input/gtco: Use sign_extend32() for sign extension (bsc#971944, CVE-2016-2187).
- KEYS: Fix ASN.1 indefinite length object parsing (bsc#979867, CVE-2016-0758).
- KEYS: Potential uninitialized variable (bsc#984755, CVE-2016-4470).
- [media] usbvision: Fix crash on detecting device with invalid configuration (bsc#950998, CVE-2015-7833).
- netfilter/x_tables: Fix unconditional helper (bsc#971126, CVE-2016-3134).
- netfilter/x_tables: Make sure e->next_offset covers remaining blob size (bsc#971126, CVE-2016-3134).
- netfilter/x_tables: Validate e->target_offset early (bsc#971126, CVE-2016-3134).
- net: Fix a kernel infoleak in x25 module (bsc#981267, CVE-2016-4580).
- net: Fix infoleak in llc (bsc#978821, CVE-2016-4485).
- net: Fix infoleak in rtnetlink (bsc#978822, CVE-2016-4486).
- ppp: Take reference on channels netns (bsc#980371, CVE-2016-4805).
- rds: Fix an infoleak in rds_inc_info_copy (bsc#983213, CVE-2016-5244).
- USB/usbfs: Fix potential infoleak in devio (bsc#978401, CVE-2016-4482).
The following bugs have been fixed:
- hrtimer: Remove HRTIMER_STATE_MIGRATE (bsc#981431).
- ipv4/fib: Don't warn when primary address is missing if in_dev is dead (bsc#971360).
- kexec: Export PG_hwpoison flag into vmcoreinfo (bsc#983544).
Additionally, the following bug references have been added:
- Update tags in two patches for CVE-2016-4578, bsc#979879
ImportantSUSE bug 950998SUSE bug 963762SUSE bug 971126SUSE bug 971360SUSE bug 971944SUSE bug 978401SUSE bug 978821SUSE bug 978822SUSE bug 979213SUSE bug 979548SUSE bug 979867SUSE bug 979879SUSE bug 980371SUSE bug 980725SUSE bug 981267SUSE bug 981431SUSE bug 983143SUSE bug 983213SUSE bug 983544SUSE bug 984755SUSE bug 986572CVE-2015-7833 at SUSECVE-2015-7833 at NVDCVE-2016-0758 at SUSECVE-2016-0758 at NVDCVE-2016-1583 at SUSECVE-2016-1583 at NVDCVE-2016-2053 at SUSECVE-2016-2053 at NVDCVE-2016-2187 at SUSECVE-2016-2187 at NVDCVE-2016-3134 at SUSECVE-2016-3134 at NVDCVE-2016-4470 at SUSECVE-2016-4470 at NVDCVE-2016-4482 at SUSECVE-2016-4482 at NVDCVE-2016-4485 at SUSECVE-2016-4485 at NVDCVE-2016-4486 at SUSECVE-2016-4486 at NVDCVE-2016-4565 at SUSECVE-2016-4565 at NVDCVE-2016-4569 at SUSECVE-2016-4569 at NVDCVE-2016-4578 at SUSECVE-2016-4578 at NVDCVE-2016-4580 at SUSECVE-2016-4580 at NVDCVE-2016-4805 at SUSECVE-2016-4805 at NVDCVE-2016-4913 at SUSECVE-2016-4913 at NVDCVE-2016-5244 at SUSECVE-2016-5244 at NVDCVE-2016-5829 at SUSECVE-2016-5829 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix bugs and
security issues.
The following security issues have been fixed:
- aacraid: Check size values after double-fetch from user (CVE-2016-6480 bsc#991608).
- aacraid: Prevent out-of-bounds access due to changing fip header sizes (bsc#991608, CVE-2016-6480).
- kabi: Revert xt_compat_match_from_user signature change (CVE-2016-4997 bsc#986362).
- kvm/x86: Reload pit counters for all channels when restoring state (bsc#960689 CVE-2015-7513).
- netfilter/arp_tables: Simplify translate_compat_table args (CVE-2016-4997 bsc#986362).
- netfilter/ip6_tables: Simplify translate_compat_table args (CVE-2016-4997 bsc#986362).
- netfilter/ip_tables: Simplify translate_compat_table args (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Add and use xt_check_entry_offsets (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Add compat version of xt_check_entry_offsets (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Assert minimum target size (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Check for bogus target offset (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Check standard target size too (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Do compat validation via translate_table (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Don't move to non-existent next rule (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Don't reject valid target size on some architectures (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Kill check_entry helper (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Speed up jump target validation (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Validate all offsets and sizes in a rule (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Validate targets of jumps (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: xt_compat_match_from_user doesn't need a retval (CVE-2016-4997 bsc#986362).
- scsi/arcmsr: Buffer overflow in arcmsr_iop_message_xfer() (bsc#999932 CVE-2016-7425).
- tcp: Fix use after free in tcp_xmit_retransmit_queue() (CVE-2016-6828 bsc#994296).
- tcp: Make challenge acks less predictable (CVE-2016-5696 bsc#989152).
- unix: Properly account for FDs passed over unix sockets (bsc#839104, CVE-2013-4312).
Additionally the following non-security bugs have been fixed:
- Add blist flags (fate#317533).
- Add support for netvsc build without CONFIG_SYSFS flag (fate#317533).
- clockevents: Export clockevents_config_and_register for module use (fate#317533).
- Fix the VLAN_TAG_PRESENT in netvsc_recv_callback() (fate#317533).
- flow_dissector: Add support for IPPROTO_IPV6 (fate#317533).
- flow_dissector: Clean up IPIP case (fate#317533).
- flow_dissector: Factor out the ports extraction in skb_flow_get_ports (fate#317533).
- flow_dissector: Fail on evil iph->ihl (fate#317533).
- flow_dissector: Fix thoff for IPPROTO_AH (fate#317533).
- flow_dissector: Small optimizations in IPv4 dissect (fate#317533).
- flow_dissector: Use a 64bit load/store (fate#317533).
- flow_dissector: Use IPv6 flow label in flow_dissector (fate#317533).
- flow_keys: Include thoff into flow_keys for later usage (fate#317533).
- flow_keys: Record IP layer protocol in skb_flow_dissect() (fate#317533).
- flow_keys: Remove extern from function prototypes (fate#317533).
- hid/hyperv: Make sure input buffer is big enough (fate#317533).
- hid/hyperv: Match wait_for_completion_timeout return type (fate#317533).
- hid/hyperv: Register as a wakeup source (fate#317533).
- hv/balloon: Make pressure posting thread sleep interruptibly (fate#317533).
- hv/balloon: Ensure pressure reports are posted regularly (fate#317533).
- hv: Change variable type to bool (fate#317533).
- hv/channel: Match var type to return type of wait_for_completion (fate#317533).
- hv/channel_mgmt: Match var type to return type of wait_for_completion (fate#317533).
- hv: Check vmbus_device_create() return value in vmbus_process_offer() (fate#317533).
- hv: Don't do hypercalls when hypercall_page is NULL.
- hv: Eliminate the channel spinlock in the callback path (fate#317533).
- hv: fcopy_open() can be static (fate#317533).
- hv: Fix wrong check for synic_event_page (fate#317533).
- hv/balloon: Avoid memory leak on alloc_error of 2MB memory block.
- hv/balloon: Correctly handle num_pages>INT_MAX case (fate#317533).
- hv/balloon: Correctly handle val.freeram<num_pages case (fate#317533).
- hv/balloon: Do not online pages in offline blocks (fate#317533).
- hv/balloon: Don't lose memory when onlining order is not natural (fate#317533).
- hv/balloon: Don't post pressure status from interrupt context (fate#317533).
- hv/balloon: Eliminate jumps in piecewiese linear floor function (fate#317533).
- hv/balloon: Eliminate the trylock path in acquire/release_region_mutex (fate#317533).
- hv/balloon: Fix a locking bug in the balloon driver (fate#317533).
- hv/balloon: Keep locks balanced on add_memory() failure (fate#317533).
- hv/balloon: Make adjustments in computing the floor (fate#317533).
- hv/balloon: Match var type to return type of wait_for_completion (fate#317533).
- hv/balloon: Refuse to balloon below the floor (fate#317533).
- hv/balloon: Report offline pages as being used (fate#317533).
- hv/balloon: Survive ballooning request with num_pages=0 (fate#317533).
- hv/hv_fcopy: Drop the obsolete message on transfer failure (fate#317533).
- hv/hv_fcopy: Fix a race condition for SMP guest (fate#317533).
- hv/hv_util: Move vmbus_open() to a later place (fate#317533).
- hv/hypervvssd: Call endmntent before call setmntent again (fate#317533).
- hv: Implement the file copy service (fate#317533).
- hv/kvp: Move poll_channel() to hyperv_vmbus.h.
- hv/kvp,vss: Fast propagation of userspace communication failure.
- hv: Make 'monitor_pages' a 'real' pointer array (fate#317533).
- hv: Mark the function hv_synic_free_cpu() as static in hv.c (fate#317533).
- hv_netvsc: Cleanup the test for freeing skb when we use sendbuf mechanism (fate#317533).
- hv_netvsc: Convert to SKB paged frag API.
- hv_netvsc: Include net/flow_keys.h (fate#317533).
- hv_netvsc: Remove vmbus_are_subchannels_present() in rndis_filter_device_add() (fate#317533).
- hv: Remove the per-channel workqueue (fate#317533).
- hv: Remove unnecessary comparison of unsigned against 0 (fate#317533).
- hv: Rename sc_lock to the more generic lock (fate#317533).
- hv: Run non-blocking message handlers in the dispatch tasklet (fate#317533).
- hv_storvsc: Use small sg_tablesize on x86 (bsc#937256).
- hv: Use correct order when freeing monitor_pages (fate#317533).
- hv/util: Make struct hv_do_fcopy match Hyper-V host messages.
- hv/util: Move kvp/vss function declarations to hyperv_vmbus.h.
- hv/util: On device remove, close the channel after de-initializing the service (fate#317533).
- hv/util: Properly pack the data for file copy functionality.
- hv/vmbus: Add gradually increased delay for retries in vmbus_post_msg() (fate#317533).
- hv/vmbus: Add special crash handler (bsc#930770).
- hv/vmbus: Add special kexec handler.
- hv/vmbus: Add support for the NetworkDirect GUID (fate#317533).
- hv/vmbus: Add support for VMBus panic notifier handler (fate#317533).
- hv/vmbus: Avoid double kfree for device_obj (fate#317533).
- hv/vmbus: Avoid scheduling in interrupt context in vmbus_initiate_unload() (bsc#986337).
- hv/vmbus: Avoid wait_for_completion() on crash (bsc#986337).
- hv/vmbus: Cleanup hv_post_message() (fate#317533).
- hv/vmbus: Cleanup the packet send path (fate#317533).
- hv/vmbus: Cleanup vmbus_close_internal() (fate#317533).
- hv/vmbus: Cleanup vmbus_establish_gpadl() (fate#317533).
- hv/vmbus: Cleanup vmbus_post_msg() (fate#317533).
- hv/vmbus: Cleanup vmbus_teardown_gpadl() (fate#317533).
- hv/vmbus: Correcting truncation error for constant HV_CRASH_CTL_CRASH_NOTIFY (fate#317533).
- hv/vmbus: Don't loose HVMSG_TIMER_EXPIRED messages (bsc#986337).
- hv/vmbus: Don't send CHANNELMSG_UNLOAD on pre-Win2012R2 hosts (bsc#986337).
- hv/vmbus: Don't timeout during the initial connection with host (fate#317533).
- hv/vmbus: Don't wait after requesting offers (fate#317533).
- hv/vmbus: Enable interrupt driven flow control (fate#317533).
- hv/vmbus: Export the vmbus_sendpacket_pagebuffer_ctl() (fate#317533).
- hv/vmbus: Extract the mmio information from DSDT (fate#317533).
- hv/vmbus: Fix a bug in channel rescind code (fate#317533).
- hv/vmbus: Fix a bug in rescind processing in vmbus_close_internal() (fate#317533).
- hv/vmbus: Fix a bug in the error path in vmbus_open() (fate#317533).
- hv/vmbus: Fix a bug in vmbus_establish_gpadl() (fate#317533).
- hv/vmbus: Fix a bug in vmbus_open() (fate#317533).
- hv/vmbus: Fix a race condition when unregistering a device.
- hv/vmbus: Fix a signaling host signaling issue (fate#317533).
- hv/vmbus: Fix vmbus_recvpacket_raw() return code (fate#317533).
- hv/vmbus: Get rid of some unnecessary messages (fate#317533).
- hv/vmbus: Get rid of some unused definitions.
- hv/vmbus: Handle both rescind and offer messages in the same context (fate#317533).
- hv/vmbus: Handle various crash scenarios (bsc#986337).
- hv/vmbus: hv_process_timer_expiration() can be static (fate#317533).
- hv/vmbus: Implement a clockevent device (fate#317533).
- hv/vmbus: Implement per-CPU mapping of relid to channel (fate#317533).
- hv/vmbus: Implement the protocol for tearing down vmbus state.
- hv/vmbus: Increase the limit on the number of pfns we can handle (fate#317533).
- hv/vmbus: Introduce a function to remove a rescinded offer (fate#317533).
- hv/vmbus: Kill tasklets on module unload.
- hv/vmbus: Missing curly braces in vmbus_process_offer() (fate#317533).
- hv/vmbus: Negotiate version 3.0 when running on ws2012r2 hosts (fate#317533).
- hv/vmbus_open(): Reset the channel state on ENOMEM (fate#317533).
- hv/vmbus: Perform device register in the per-channel work element (fate#317533).
- hv/vmbus_post_msg: Retry the hypercall on some transient errors (fate#317533).
- hv/vmbus: Prefer 'die' notification chain to 'panic'.
- hv/vmbus: Prevent cpu offlining on newer hypervisors (fate#317533).
- hv/vmbus: Properly handle child device remove (fate#317533).
- hv/vmbus: Properly protect calls to smp_processor_id() (fate#317533).
- hv/vmbus: Remove code duplication in message handling (bsc#986337).
- hv/vmbus: Remove hv_synic_free_cpu() call from hv_synic_cleanup().
- hv/vmbus: Remove the channel from the channel list(s) on failure (fate#317533).
- hv/vmbus: Rename channel work queues (fate#317533).
- hv/vmbus: Serialize Offer and Rescind offer (fate#317533).
- hv/vmbus: Specify the target CPU that should receive notification (fate#317533).
- hv/vmbus: Support an API to send packet with additional
- hv/vmbus: Support an API to send pagebuffers with additional control (fate#317533).
- hv/vmbus: Support a vmbus API for efficiently sending page arrays (fate#317533).
- hv/vmbus: Support per-channel driver state (fate#317533).
- hv/vmbus: Teardown clockevent devices on module unload (fate#317533).
- hv/vmbus: Teardown hv_vmbus_con workqueue and vmbus_connection pages on shutdown (fate#317533).
- hv/vmbus: Teardown synthetic interrupt controllers on module unload (fate#317533).
- hv/vmbus: Unregister panic notifier on module unload.
- hv/vmbus: Use a round-robin algorithm for picking the outgoing channel (fate#317533).
- hv/vmbus: Use get_cpu() to get the current CPU (fate#317533).
- hv/vss: Introduce timeout for communication with userspace.
- hv/vss: Run only on supported host versions (bsc#986337).
- hyperv: Add handler for RNDIS_STATUS_NETWORK_CHANGE event (fate#317533).
- hyperv: Add handling of IP header with option field in netvsc_set_hash() (fate#317533).
- hyperv: Add hash value into RNDIS Per-packet info (fate#317533).
- hyperv: Add IPv6 into the hash computation for vRSS (fate#317533).
- hyperv: Add latest NetVSP versions to auto negotiation (fate#317533).
- hyperv: Add netpoll support (fate#317533).
- hyperv: Add processing of MTU reduced by the host.
- hyperv: Add support for physically discontinuous receive buffer (fate#317533).
- hyperv: Add support for virtual Receive Side Scaling (vRSS) (fate#317533).
- hyperv: Add support for vNIC hot removal.
- hyperv: Adjust the size of sendbuf region to support ws2008r2 (fate#317533).
- hyperv: Change the receive buffer size for legacy hosts (fate#317533).
- hyperv: Enable sendbuf mechanism on the send path (fate#317533).
- hyperv-fb: Add blanking support (fate#317533).
- hyperv-fb: Add pci stub (fate#317533).
- hyperv-fb: Add support for generation 2 virtual machines (fate#317533).
- hyperv-fb: Kick off efifb early (fate#317533).
- hyperv: Fix a bug in netvsc_send() (fate#317533).
- hyperv: Fix a bug in netvsc_start_xmit() (fate#317533).
- hyperv: Fix apparent cut-n-paste error in send path teardown (fate#317533).
- hyperv: Fix error return code in netvsc_init_buf() (fate#317533).
- hyperv: Fix race between probe and open calls (fate#317533).
- hyperv: Fix some variable name typos in send-buffer init/revoke (fate#317533).
- hyperv: Fix sparse warnings (fate#317533).
- hyperv: Fix the carrier status setting (fate#317533).
- hyperv: Fix the error processing in netvsc_send() (fate#317533).
- hyperv: Fix the total_data_buflen in send path (fate#317533).
- hyperv: Fix vlan_proto setting in netvsc_recv_callback() (fate#317533).
- hyperv/hyperv_fb: Match wait_for_completion_timeout return type (fate#317533).
- hyperv: Implement netvsc_get_channels() ethtool op (fate#317533).
- hyperv: Increase the buffer length for netvsc_channel_cb() (fate#317533).
- hyper-v: Make uuid_le const (fate#317533).
- hyperv: Match wait_for_completion_timeout return type (fate#317533).
- hyperv: Move state setting for link query (fate#317533).
- hyperv: Negotiate version with the host without waiting for the daemon (bsc#930821).
- hyperv/netvsc: Match wait_for_completion_timeout return type (fate#317533).
- hyperv: NULL dereference on error (fate#317533).
- hyperv: Properly handle checksum offload (fate#317533).
- hyperv: Remove meaningless pr_err() in vmbus_recvpacket_raw() (fate#317533).
- hyperv: Remove recv_pkt_list and lock (fate#317533).
- hyperv: Simplify the send_completion variables (fate#317533).
- input: Add a driver to support Hyper-V synthetic keyboard (fate#317533).
- input/hyperv-keyboard: Pass through 0xE1 prefix (fate#317533).
- input/hyperv-keyboard: Register as a wakeup source (fate#317533).
- ip: Introduce ip_is_fragment helper inline function (fate#317533).
- ipv6: Add ip6_flowlabel helper (fate#317533).
- ipv6: Add ipv6_addr_hash() helper (fate#317533).
- ipv6: Optimize ipv6 addresses compares (fate#317533).
- kabi: Imported SLE11-SP4 HyperV code has changed kABI in several places. Regenerate it. (bsc#986337)
- kabi/unix: Properly account for FDs passed over unix sockets (bsc#839104).
- kaweth: Fix firmware download (bsc#993890).
- kaweth: Fix oops upon failed memory allocation (bsc#993890).
- kdump: Fix crash_kexec()/smp_send_stop() race in panic() (bsc#937444).
- kexec: Fix race between panic() and crash_kexec() called directly (bsc#937444).
- kvm/x86: SYSENTER emulation is broken (bsc#994618).
- mshyperv: Fix recognition of Hyper-V guest crash MSR's (bsc#986337).
- net: Add function to set the rxhash (fate#317533).
- net: Add skb frag size accessors.
- net: Add skb_get_hash_raw (fate#317533).
- net: Add utility functions to clear rxhash (fate#317533).
- net/hyperv: Address UDP checksum issues (fate#317533).
- net/hyperv: Allocate memory for all possible per-packet information (fate#317533).
- net/hyperv: Cleanup the netvsc receive callback function (fate#317533).
- net/hyperv: Cleanup the receive path (fate#317533).
- net/hyperv: Cleanup the send path (fate#317533).
- net/hyperv: Deletion of an unnecessary check before the function call 'vfree'.
- net/hyperv: Enable large send offload (fate#317533).
- net/hyperv: Enable offloads on the host (fate#317533).
- net/hyperv: Enable receive side IP checksum offload (fate#317533).
- net/hyperv: Enable scatter gather I/O (fate#317533).
- net/hyperv: Enable send side checksum offload (fate#317533).
- net/hyperv: Get rid of the rndis_filter_packet structure (fate#317533).
- net/hyperv: Increase the size of the sendbuf region (fate#317533).
- net/hyperv: Negotiate suitable ndis version for offload support (fate#317533).
- net/hyperv: Remove unnecessary null test before kfree (fate#317533).
- net: Introduce skb_flow_dissect() (fate#317533).
- net: Reset mac header in dev_start_xmit().
- netvsc: Don't flush peers notifying work during setting mtu (fate#317533).
- panic/x86: Allow cpus to save registers even if they (bsc#940946).
- panic/x86: Fix re-entrance problem due to panic on (bsc#937444).
- pci: Disable Bus Master only on kexec reboot (bsc#920110).
- pci: Disable Bus Master on PCI device shutdown (bsc#920110).
- pci: Disable Bus Master unconditionally in pci_device_shutdown() (bsc#920110).
- pci: Don't try to disable Bus Master on disconnected PCI devices (bsc#920110).
- ppp: Defer netns reference release for ppp channel (bsc#980371).
- random32: Add prandom_u32_max (bsc#989152).
- rps: Add flag to skb to indicate rxhash is based on L4 tuple (fate#317533).
- sched: Replace INIT_COMPLETION with reinit_completion (fate#317533).
- scsi: Add a blacklist flag which enables VPD page inquiries (fate#317533).
- scsi/scan: Restrict sequential scan to 256 LUNs (fate#317533).
- scsi/storvsc: Always send on the selected outgoing channel (fate#317533).
- scsi/storvsc: Change the limits to reflect the values on the host (fate#317533).
- scsi/storvsc: Correctly handle TEST_UNIT_READY failure (fate#317533).
- scsi/storvsc: Don't assume that the scatterlist is not chained (fate#317533 bsc#923775).
- scsi/storvsc: Filter commands based on the storage protocol version (fate#317533).
- scsi/storvsc: Fix a bug in copy_from_bounce_buffer() (fate#317533 bsc#923775).
- scsi/storvsc: Fix a bug in handling VMBUS protocol version (fate#317533).
- scsi/storvsc: Implement a eh_timed_out handler (fate#317533).
- scsi/storvsc: Increase the ring buffer size (fate#317533).
- scsi/storvsc: Retrieve information about the capability of the target (fate#317533).
- scsi/storvsc: Set cmd_per_lun to reflect value supported by the Host (fate#317533).
- scsi/storvsc: Set srb_flags in all cases (fate#317533).
- scsi/storvsc: Set the tablesize based on the information given by the host (fate#317533 bsc#923775).
- scsi/storvsc: Size the queue depth based on the ringbuffer size (fate#317533).
- storvsc: Fix a bug in storvsc limits (fate#317533).
- storvsc: Force discovery of LUNs that may have been removed (fate#317533).
- storvsc: Force SPC-3 compliance on win8 and win8 r2 hosts (fate#317533).
- storvsc: Get rid of overly verbose warning messages (fate#317533).
- storvsc: In response to a scan event, scan the host (fate#317533).
- storvsc: Set the SRB flags correctly when no data transfer is needed (bsc#931130).
- tools/hv: Address compiler warnings for hv_fcopy_daemon.c (fate#317533).
- tools/hv: Address compiler warnings for hv_kvp_daemon.c (fate#317533).
- tools/hv: Cache FQDN in kvp_daemon to avoid timeouts (fate#317533).
- tools/hv: Do not add redundant '/' in hv_start_fcopy() (fate#317533).
- tools/hv: Fix file overwriting of hv_fcopy_daemon (fate#317533).
- tools/hv: Handle the case when the target file exists correctly (fate#317533).
- tools/hv: Ignore ENOBUFS and ENOMEM in the KVP daemon.
- tools/hv: Introduce -n/--no-daemon option.
- tools/hv/kvp_daemon: Make IPv6-only-injection work (fate#317533).
- tools/hv: Remove inclusion of linux/types.h (fate#317533).
- tools/hv: Remove unused bytes_written from kvp_update_file() (fate#317533).
- tools/hv: Use single send+recv buffer (fate#317533).
- tools/hv/vssdaemon: Ignore the EBUSY on multiple freezing the same partition.
- tools/hv/vssdaemon: Ignore VFAT mounts during the Freeze operation (fate#317533).
- usb: Fix typo in wMaxPacketSize validation (bsc#991665).
- usb: Validate wMaxPacketValue entries in endpoint descriptors (bsc#991665).
- video/hyperv: Refresh the VM screen by force on VM panic (fate#317533).
- vmbus: Add missing breaks (fate#317533).
- vmbus: Use resource for hyperv mmio region (fate#317533).
- Workaround for disks that report bad optimal transfer length (fate#317533).
- x86/apic: Allow use of lapic timer early calibration result (fate#317533).
- x86/hyperv: Bypass the timer_irq_works() check (fate#317533).
- x86/hyperv: Correctly guard the local APIC calibration code (fate#317533).
- x86/hyperv: Fix build error due to missing <asm/apic.h> include (fate#317533).
- x86/hyperv: Get the local APIC timer frequency from the hypervisor (fate#317533).
- x86/hyperv: Mark the Hyper-V clocksource as being continuous (fate#317533).
- x86/hyperv: Move a variable to avoid an unused variable warning (fate#317533).
- x86/irq, pic: Probe for legacy PIC and set legacy_pic appropriately (fate#317533).
- x86/mm: Create slow_virt_to_phys() (fate#317533).
- x86/mm: Pagetable level size/shift/mask helpers (fate#317533).
- x86/pageattr: Prevent overflow in slow_virt_to_phys() for X86_PAE (fate#317533, bsc#937256).
- xen/panic/x86: Allow cpus to save registers even if they (bsc#940946).
- xen/panic/x86: Fix re-entrance problem due to panic on (bsc#937444).
ImportantSUSE bug 839104SUSE bug 920110SUSE bug 923775SUSE bug 930770SUSE bug 930821SUSE bug 931130SUSE bug 937256SUSE bug 937444SUSE bug 940946SUSE bug 960689SUSE bug 980371SUSE bug 986337SUSE bug 986362SUSE bug 986365SUSE bug 989152SUSE bug 991608SUSE bug 991665SUSE bug 993890SUSE bug 994296SUSE bug 994618SUSE bug 999932CVE-2013-4312 at SUSECVE-2013-4312 at NVDCVE-2015-7513 at SUSECVE-2015-7513 at NVDCVE-2016-4997 at SUSECVE-2016-4997 at NVDCVE-2016-5696 at SUSECVE-2016-5696 at NVDCVE-2016-6480 at SUSECVE-2016-6480 at NVDCVE-2016-6828 at SUSECVE-2016-6828 at NVDCVE-2016-7425 at SUSECVE-2016-7425 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix one security issue.
This kernel reverts the changes introduced by the last kernel update (bsc#1005199).
This security bug was fixed:
- CVE-2016-5195: Local privilege escalation using MAP_PRIVATE. It is reportedly exploited in the wild (bsc#1004418).
ImportantSUSE bug 1004418SUSE bug 1005199CVE-2016-5195 at SUSECVE-2016-5195 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix bugs and
security issues.
The following security issues have been fixed:
- aacraid: Check size values after double-fetch from user (CVE-2016-6480 bsc#991608).
- aacraid: Prevent out-of-bounds access due to changing fip header sizes (bsc#991608, CVE-2016-6480).
- bluetooth: Fix potential NULL dereference in RFCOMM bind callback (bsc#1003925, CVE-2015-8956).
- cdc-acm: Added sanity checking for probe() (bsc#993891).
- kabi: Revert xt_compat_match_from_user signature change (CVE-2016-4997 bsc#986362).
- kaweth: Fix firmware download (bsc#993890).
- kaweth: Fix oops upon failed memory allocation (bsc#993890).
- kvm/x86: Fix SYSENTER emulation (bsc#994618 CVE-2015-0239).
- kvm/x86: Reload pit counters for all channels when restoring state (bsc#960689 CVE-2015-7513).
- netfilter/arp_tables: Simplify translate_compat_table args (CVE-2016-4997 bsc#986362).
- netfilter/ip6_tables: Simplify translate_compat_table args (CVE-2016-4997 bsc#986362).
- netfilter/ip_tables: Simplify translate_compat_table args (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Add and use xt_check_entry_offsets (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Add compat version of xt_check_entry_offsets (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Assert minimum target size (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Check for bogus target offset (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Check standard target size too (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Do compat validation via translate_table (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Don't move to non-existent next rule (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Don't reject valid target size on some architectures (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Kill check_entry helper (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Speed up jump target validation (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Validate all offsets and sizes in a rule (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: Validate targets of jumps (CVE-2016-4997 bsc#986362).
- netfilter/x_tables: xt_compat_match_from_user doesn't need a retval (CVE-2016-4997 bsc#986362).
- net: Fix use after free in the recvmmsg exit path (CVE-2016-7117 bsc#1003077).
- pagemap: Do not leak physical addresses to non-privileged userspace (bsc#994759 CVE-2016-0823).
- ppp: defer netns reference release for ppp channel (bsc#980371 CVE-2016-4805).
- scsi/arcmsr: Buffer overflow in arcmsr_iop_message_xfer() (bsc#999932 CVE-2016-7425).
- tcp: Fix use after free in tcp_xmit_retransmit_queue() (CVE-2016-6828 bsc#994296).
- tcp: Make challenge acks less predictable (CVE-2016-5696 bsc#989152).
- unix: Properly account for FDs passed over unix sockets (bsc#839104, CVE-2013-4312).
- usb: Fix typo in wMaxPacketSize validation (bsc#991665).
- usb: Validate wMaxPacketValue entries in endpoint descriptors (bsc#991665).
Additionally the following non-security bugs have been fixed:
- Backport HyperV drivers from 11-SP4 (fate#317533, bsc#986337).
- kdump: Fix crash_kexec()/smp_send_stop() race in panic() (bsc#937444).
- kexec: Fix race between panic() and crash_kexec() called directly (bsc#937444).
- mm: Fix sleeping function warning from __put_anon_vma (bsc#1005857).
- panic/x86: Allow cpus to save registers even if they (bsc#940946).
- panic/x86: Fix re-entrance problem due to panic on (bsc#937444).
- pci: Disable Bus Master only on kexec reboot (bsc#920110).
- pci: Disable Bus Master on PCI device shutdown (bsc#920110).
- pci: Disable Bus Master unconditionally in pci_device_shutdown() (bsc#920110).
- pci: Don't try to disable Bus Master on disconnected PCI devices (bsc#920110).
- xen/panic/x86: Allow cpus to save registers even if they (bsc#940946).
- xen/panic/x86: Fix re-entrance problem due to panic on (bsc#937444).
ImportantSUSE bug 1003077SUSE bug 1003925SUSE bug 1005857SUSE bug 839104SUSE bug 920110SUSE bug 923775SUSE bug 930770SUSE bug 930821SUSE bug 931130SUSE bug 937256SUSE bug 937444SUSE bug 940946SUSE bug 960689SUSE bug 967716SUSE bug 980371SUSE bug 986337SUSE bug 986362SUSE bug 986365SUSE bug 989152SUSE bug 991608SUSE bug 991665SUSE bug 993890SUSE bug 993891SUSE bug 994296SUSE bug 994618SUSE bug 994759SUSE bug 999932CVE-2013-4312 at SUSECVE-2013-4312 at NVDCVE-2015-0239 at SUSECVE-2015-0239 at NVDCVE-2015-7513 at SUSECVE-2015-7513 at NVDCVE-2015-8956 at SUSECVE-2015-8956 at NVDCVE-2016-0823 at SUSECVE-2016-0823 at NVDCVE-2016-4805 at SUSECVE-2016-4805 at NVDCVE-2016-4997 at SUSECVE-2016-4997 at NVDCVE-2016-5696 at SUSECVE-2016-5696 at NVDCVE-2016-6480 at SUSECVE-2016-6480 at NVDCVE-2016-6828 at SUSECVE-2016-6828 at NVDCVE-2016-7117 at SUSECVE-2016-7117 at NVDCVE-2016-7425 at SUSECVE-2016-7425 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix bugs and
security issues.
The following security issue has been fixed:
- KEYS: Fix short sprintf buffer in /proc/keys show function (bsc#1004517, CVE-2016-7042).
Additionally the following non-security bugs have been fixed:
- net: sched: Shrink struct qdisc_skb_cb to 28 bytes (bsc#919482).
- IB/iser: Replace connection waitqueue with completion object (bsc#997801).
- IB/iser: Protect iser state machine with a mutex (bsc#997801).
- IB/iser: Simplify connection management (bsc#997801).
- IB/iser: Fix device removal flow (bsc#997801).
ImportantSUSE bug 1004517SUSE bug 919482SUSE bug 997801CVE-2016-7042 at SUSECVE-2016-7042 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix the following
issues:
- alsa/pcm: Call kill_fasync() in stream lock (CVE-2016-9794 bsc#1013533).
- block: Fix use-after-free in seq file (CVE-2016-7910 bsc#1010716).
- block: Fix use-after-free in sys_ioprio_get() (CVE-2016-7911 bsc#1010711).
- crypto/algif_hash: Only export and import on sockets with data (CVE-2016-8646,bsc#1010150).
- firewire/net: Guard against rx buffer overflows (bsc#1008833, CVE-2016-8633).
- fs: Avoid premature clearing of capabilities (bsc#914939 CVE-2015-1350).
- fs: Give dentry to inode_change_ok() instead of inode (bsc#914939 CVE-2015-1350).
- hv: Avoid vfree() on crash (bsc#1012471).
- hv_storvsc: Set sg_tablesize to BIO_MAX_PAGES (bsc#1010208).
- ipv6: Add complete rcu protection around np->opt (bsc#992566, CVE-2016-3841).
- ipv6/sctp: Clone options to avoid use after free (bsc#992566, CVE-2016-3841).
- ipv6/tcp: Add rcu locking in tcp_v6_send_synack() (bsc#992566, CVE-2016-3841).
- mremap: Enforce rmap src/dst vma ordering in case of vma_merge() succeeding in copy_vma() (bsc#1008645).
- sctp: Validate chunk len before actually using it (CVE-2016-9555 bsc#1011685).
- sg: Fix double-free when drives detach during SG_IO (CVE-2015-8962 bsc#1010501).
- splice: Introduce FMODE_SPLICE_READ and FMODE_SPLICE_WRITE (CVE-2016-9576, bsc#1013604).
- tty: Prevent ldisc drivers from re-using stale tty fields (bsc#1010507 CVE-2015-8964).
- xfs: Fix two memory leaks in xfs_attr_list.c error paths (bsc#1012832, CVE-2016-9685).
- xfs: Propagate dentry down to inode_change_ok() (bsc#914939 CVE-2015-1350).
ImportantSUSE bug 1008645SUSE bug 1008833SUSE bug 1010150SUSE bug 1010208SUSE bug 1010501SUSE bug 1010507SUSE bug 1010711SUSE bug 1010716SUSE bug 1011685SUSE bug 1012471SUSE bug 1012832SUSE bug 1013533SUSE bug 1013604SUSE bug 914939SUSE bug 992566CVE-2015-1350 at SUSECVE-2015-1350 at NVDCVE-2015-8962 at SUSECVE-2015-8962 at NVDCVE-2015-8964 at SUSECVE-2015-8964 at NVDCVE-2016-3841 at SUSECVE-2016-3841 at NVDCVE-2016-7910 at SUSECVE-2016-7910 at NVDCVE-2016-7911 at SUSECVE-2016-7911 at NVDCVE-2016-8633 at SUSECVE-2016-8633 at NVDCVE-2016-8646 at SUSECVE-2016-8646 at NVDCVE-2016-9555 at SUSECVE-2016-9555 at NVDCVE-2016-9576 at SUSECVE-2016-9576 at NVDCVE-2016-9685 at SUSECVE-2016-9685 at NVDCVE-2016-9794 at SUSECVE-2016-9794 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes.
This update adds mitigations for various side channel attacks against
modern CPUs that could disclose content of otherwise unreadable memory
(bnc#1068032).
- CVE-2017-5753: Local attackers on systems with modern CPUs featuring
deep instruction pipelining could use attacker controllable speculative
execution over code patterns in the Linux Kernel to leak content from
otherwise not readable memory in the same address space, allowing
retrieval of passwords, cryptographic keys and other secrets.
This problem is mitigated by adding speculative fencing on affected
code paths throughout the Linux kernel.
- CVE-2017-5715: Local attackers on systems with modern CPUs featuring
branch prediction could use mispredicted branches to speculatively execute
code patterns that in turn could be made to leak other non-readable
content in the same address space, an attack similar to CVE-2017-5753.
This problem is mitigated by disabling predictive branches, depending
on CPU architecture either by firmware updates and/or fixes in the
user-kernel privilege boundaries.
Please contact your CPU / hardware vendor for potential microcode
or BIOS updates needed for this fix.
As this feature can have a performance impact, it can be disabled
using the 'nospec' kernel commandline option.
- CVE-2017-5754: Local attackers on systems with modern CPUs featuring
deep instruction pipelining could use code patterns in userspace to
speculative executive code that would read otherwise read protected
memory, an attack similar to CVE-2017-5753.
This problem is mitigated by unmapping the Linux Kernel from the user
address space during user code execution, following a approach called
'KAISER'. The terms used here are 'KAISER' / 'Kernel Address Isolation'
and 'PTI' / 'Page Table Isolation'.
This feature is disabled on unaffected architectures.
This feature can be enabled / disabled by the 'pti=[on|off|auto]' or
'nopti' commandline options.
The following security bugs were fixed:
- CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel (BlueZ) was vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space (bnc#1057389).
- CVE-2017-11600: net/xfrm/xfrm_policy.c in the Linux kernel did not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allowed local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message (bnc#1050231).
- CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bnc#1063667).
- CVE-2017-13167: An elevation of privilege vulnerability in the kernel sound timer was fixed. (bnc#1072876).
- CVE-2017-14106: The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel allowed local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path (bnc#1056982).
- CVE-2017-14140: The move_pages system call in mm/migrate.c in the Linux kernel didn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR (bnc#1057179).
- CVE-2017-14340: The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel did not verify that a filesystem has a realtime device, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory (bnc#1058524).
- CVE-2017-15102: The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel allowed local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and a NULL pointer dereference (bnc#1066705).
- CVE-2017-15115: The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel did not check whether the intended netns is used in a peel-off action, which allowed local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls (bnc#1068671).
- CVE-2017-15265: Race condition in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c (bnc#1062520).
- CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192 (bnc#1045327).
- CVE-2017-15868: The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel did not ensure that an l2cap socket is available, which allowed local users to gain privileges via a crafted application (bnc#1071470).
- CVE-2017-16525: The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel allowed local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup (bnc#1066618).
- CVE-2017-16527: sound/usb/mixer.c in the Linux kernel allowed local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066625).
- CVE-2017-16529: The snd_usb_create_streams function in sound/usb/card.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066650).
- CVE-2017-16531: drivers/usb/core/config.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device, related to the USB_DT_INTERFACE_ASSOCIATION descriptor (bnc#1066671).
- CVE-2017-16534: The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066693).
- CVE-2017-16535: The usb_get_bos_descriptor function in drivers/usb/core/config.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066700).
- CVE-2017-16536: The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066606).
- CVE-2017-16537: The imon_probe function in drivers/media/rc/imon.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066573).
- CVE-2017-16538: drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel allowed local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start check and incorrect attach timing (dm04_lme2510_frontend_attach versus dm04_lme2510_tuner) (bnc#1066569).
- CVE-2017-16649: The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel allowed local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1067085).
- CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages (bnc#1069702 1069708).
- CVE-2017-17450: net/netfilter/xt_osf.c in the Linux kernel did not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allowed local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces (bnc#1071695 1074033).
- CVE-2017-17558: The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel did not consider the maximum number of configurations and interfaces before attempting to release resources, which allowed local users to cause a denial of service (out-of-bounds write access) or possibly have unspecified other impact via a crafted USB device (bnc#1072561).
- CVE-2017-17805: The Salsa20 encryption algorithm in the Linux kernel did not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable (bnc#1073792).
- CVE-2017-17806: The HMAC implementation (crypto/hmac.c) in the Linux kernel did not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization (bnc#1073874).
- CVE-2017-7472: The KEYS subsystem in the Linux kernel allowed local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls (bnc#1034862).
- CVE-2017-8824: The dccp_disconnect function in net/dccp/proto.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state (bnc#1070771).
The following non-security bugs were fixed:
- asm alternatives: remove incorrect alignment notes.
- getcwd: Close race with d_move called by lustre (bsc#1052593).
- kabi: silence spurious kabi error in net/sctp/socket.c (bsc#1068671).
- kaiser: add 'nokaiser' boot option, using ALTERNATIVE.
- kaiser: fix ldt freeing.
- kaiser: Kernel Address Isolation.
- kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush.
- kaiser: work around kABI.
- kvm: SVM: Do not intercept new speculative control MSRs (bsc#1068032).
- kvm: x86: Add speculative control CPUID support for guests (bsc#1068032).
- mac80211: do not compare TKIP TX MIC key in reinstall prevention (bsc#1066472).
- mm/mmu_context, sched/core: Fix mmu_context.h assumption.
- nfs: Remove asserts from the NFS XDR code (bsc#1063544).
- ptrace: Add a new thread access check (bsc#1068032).
- Revert 'mac80211: accept key reinstall without changing anything' This reverts commit 1def0d4e1446974356bacd9f4be06eee32b66473.
- s390: add ppa to system call and program check path (bsc#1068032).
- s390: introduce CPU alternatives (bsc#1068032).
- s390/spinlock: add gmb memory barrier (bsc#1068032).
- sched/core: Add switch_mm_irqs_off() and use it in the scheduler.
- sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off().
- scsi: mpt2sas: fix cleanup on controller resource mapping failure (bsc#999245).
- tcp: fix inet6_csk_route_req() for link-local addresses (bsc#1010175).
- tcp: pass fl6 to inet6_csk_route_req() (bsc#1010175).
- tcp: plug dst leak in tcp_v6_conn_request() (bsc#1010175).
- tcp: use inet6_csk_route_req() in tcp_v6_send_synack() (bsc#1010175).
- temporary fix (bsc#1068032).
- usb: uas: fix bug in handling of alternate settings (bsc#1071074).
- x86-64: Give vvars their own page.
- x86-64: Map the HPET NX.
- x86/alternatives: Add instruction padding.
- x86/alternatives: Cleanup DPRINTK macro.
- x86/alternatives: Make JMPs more robust.
- x86/alternatives: Use optimized NOPs for padding.
- x86/boot: Add early cmdline parsing for options with arguments.
- x86, boot: Carve out early cmdline parsing function.
- x86/CPU/AMD: Add speculative control support for AMD (bsc#1068032).
- x86/CPU/AMD: Make the LFENCE instruction serialized (bsc#1068032).
- x86/CPU/AMD: Remove now unused definition of MFENCE_RDTSC feature (bsc#1068032).
- x86/CPU: Check speculation control CPUID bit (bsc#1068032).
- x86/enter: Add macros to set/clear IBRS and set IBPB (bsc#1068032).
- x86/entry: Add a function to overwrite the RSB (bsc#1068032).
- x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (bsc#1068032).
- x86/entry: Use IBRS on entry to kernel space (bsc#1068032).
- x86/feature: Enable the x86 feature to control Speculation (bsc#1068032).
- x86/idle: Disable IBRS when offlining a CPU and re-enable on wakeup (bsc#1068032).
- x86/idle: Toggle IBRS when going idle (bsc#1068032).
- x86/kaiser: Check boottime cmdline params.
- x86/kaiser: disable vmstat accounting.
- x86/kaiser: Move feature detection up (bsc#1068032).
- x86/kaiser: propagate info to /proc/cpuinfo.
- x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling.
- x86/kvm: Add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm (bsc#1068032).
- x86/kvm: Flush IBP when switching VMs (bsc#1068032).
- x86/kvm: Pad RSB on VM transition (bsc#1068032).
- x86/kvm: Toggle IBRS on VM entry and exit (bsc#1068032).
- x86: Make alternative instruction pointers relative.
- x86/microcode/AMD: Add support for fam17h microcode loading (bsc#1068032).
- x86/mm/64: Fix reboot interaction with CR4.PCIDE.
- x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID.
- x86/mm: Add INVPCID helpers.
- x86/mm: Add the 'nopcid' boot option to turn off PCID.
- x86/mm: Build arch/x86/mm/tlb.c even on !SMP.
- x86/mm: Disable PCID on 32-bit kernels.
- x86/mm: Enable CR4.PCIDE on supported systems.
- x86/mm: fix bad backport to disable PCID on Xen.
- x86/mm: Fix INVPCID asm constraint.
- x86/mm: If INVPCID is available, use it to flush global mappings.
- x86/mm/kaiser: re-enable vsyscalls.
- x86/mm: Only set IBPB when the new thread cannot ptrace current thread (bsc#1068032).
- x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code.
- x86/mm, sched/core: Turn off IRQs in switch_mm().
- x86/mm, sched/core: Uninline switch_mm().
- x86/mm: Set IBPB upon context switch (bsc#1068032).
- x86/MSR: Move native_*msr(.. u64) to msr.h (bsc#1068032).
- x86/spec: Add IBRS control functions (bsc#1068032).
- x86/spec: Add 'nospec' chicken bit (bsc#1068032).
- x86/spec: Check CPUID direclty post microcode reload to support IBPB feature (bsc#1068032).
- x86/spec_ctrl: Add an Indirect Branch Predictor barrier (bsc#1068032).
- x86/spec_ctrl: Check whether IBPB is enabled before using it (bsc#1068032).
- x86/spec_ctrl: Check whether IBRS is enabled before using it (bsc#1068032).
- x86/svm: Add code to clear registers on VM exit (bsc#1068032).
- x86/svm: Clobber the RSB on VM exit (bsc#1068032).
- x86/svm: Set IBPB when running a different VCPU (bsc#1068032).
- x86/svm: Set IBRS value on VM entry and exit (bsc#1068032).
- xen/kaiser: add 'nokaiser' boot option, using ALTERNATIVE.
- xen/KAISER: Kernel Address Isolation.
- xen/kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush.
- xen/kaiser: work around kABI.
- xen/x86-64: Give vvars their own page.
- xen/x86-64: Map the HPET NX.
- xen/x86/alternatives: Add instruction padding.
- xen/x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling.
- xen/x86/mm: Enable CR4.PCIDE on supported systems.
- xen/x86/mm/kaiser: re-enable vsyscalls.
- xen/x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code.
- xen: x86/mm, sched/core: Turn off IRQs in switch_mm().
- xen: x86/mm, sched/core: Uninline switch_mm().
ImportantSUSE bug 1010175SUSE bug 1034862SUSE bug 1045327SUSE bug 1050231SUSE bug 1052593SUSE bug 1056982SUSE bug 1057179SUSE bug 1057389SUSE bug 1058524SUSE bug 1062520SUSE bug 1063544SUSE bug 1063667SUSE bug 1066295SUSE bug 1066472SUSE bug 1066569SUSE bug 1066573SUSE bug 1066606SUSE bug 1066618SUSE bug 1066625SUSE bug 1066650SUSE bug 1066671SUSE bug 1066693SUSE bug 1066700SUSE bug 1066705SUSE bug 1067085SUSE bug 1068032SUSE bug 1068671SUSE bug 1069702SUSE bug 1069708SUSE bug 1070771SUSE bug 1071074SUSE bug 1071470SUSE bug 1071695SUSE bug 1072561SUSE bug 1072876SUSE bug 1073792SUSE bug 1073874SUSE bug 1074033SUSE bug 999245CVE-2017-1000251 at SUSECVE-2017-1000251 at NVDCVE-2017-11600 at SUSECVE-2017-11600 at NVDCVE-2017-13080 at SUSECVE-2017-13080 at NVDCVE-2017-13167 at SUSECVE-2017-13167 at NVDCVE-2017-14106 at SUSECVE-2017-14106 at NVDCVE-2017-14140 at SUSECVE-2017-14140 at NVDCVE-2017-14340 at SUSECVE-2017-14340 at NVDCVE-2017-15102 at SUSECVE-2017-15102 at NVDCVE-2017-15115 at SUSECVE-2017-15115 at NVDCVE-2017-15265 at SUSECVE-2017-15265 at NVDCVE-2017-15274 at SUSECVE-2017-15274 at NVDCVE-2017-15868 at SUSECVE-2017-15868 at NVDCVE-2017-16525 at SUSECVE-2017-16525 at NVDCVE-2017-16527 at SUSECVE-2017-16527 at NVDCVE-2017-16529 at SUSECVE-2017-16529 at NVDCVE-2017-16531 at SUSECVE-2017-16531 at NVDCVE-2017-16534 at SUSECVE-2017-16534 at NVDCVE-2017-16535 at SUSECVE-2017-16535 at NVDCVE-2017-16536 at SUSECVE-2017-16536 at NVDCVE-2017-16537 at SUSECVE-2017-16537 at NVDCVE-2017-16538 at SUSECVE-2017-16538 at NVDCVE-2017-16649 at SUSECVE-2017-16649 at NVDCVE-2017-16939 at SUSECVE-2017-16939 at NVDCVE-2017-17450 at SUSECVE-2017-17450 at NVDCVE-2017-17558 at SUSECVE-2017-17558 at NVDCVE-2017-17805 at SUSECVE-2017-17805 at NVDCVE-2017-17806 at SUSECVE-2017-17806 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5753 at SUSECVE-2017-5753 at NVDCVE-2017-5754 at SUSECVE-2017-5754 at NVDCVE-2017-7472 at SUSECVE-2017-7472 at NVDCVE-2017-8824 at SUSECVE-2017-8824 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix bugs and security issues.
The following security issues have been fixed:
- crypto/lrw: Protect gf128mul from NULL pointers. (bsc#1008374, CVE-2015-8970)
- kvm: x86: Drop error recovery in em_jmp_far and em_ret_far. (bsc#1013038, CVE-2016-9756)
- net: Avoid signed overflows for SO_{SND|RCV}BUFFORCE. (bsc#1013531, CVE-2016-9793)
- net: Cleanups in sock_setsockopt(). (bsc#1013542, CVE-2012-6704)
- net/ping: Check minimum size on ICMP header length. (bsc#1014746, CVE-2016-8399)
- posix_acl: Clear SGID bit when setting file permissions. (bsc#995968, CVE-2016-7097)
- sg_write()/bsg_write() is not fit to be called under KERNEL_DS. (bsc#1017710, CVE-2016-10088)
- tmpfs: Clear S_ISGID when setting posix ACLs. (bsc#1021258, CVE-2017-5551)
Additionally the following non-security bugs have been fixed:
- hv: Define the channel type for Hyper-V PCI Express pass-through. (bsc#1018385)
- hv: Export a function that maps Linux CPU num onto Hyper-V proc num. (bsc#1018385)
- hv: Export the API to invoke a hypercall on Hyper-V. (bsc#1018385)
- hv: Remove code duplication between vmbus_recvpacket()/vmbus_recvpacket_raw(). (bsc#1018385)
- hv: vmbus_free_channels(): Remove the redundant free_channel(). (bsc#1018385)
- hv/netvsc: Allocate the receive buffer from the correct NUMA node. (bsc#1018385)
- hv/netvsc: Allocate the sendbuf in a NUMA aware way. (bsc#1018385)
- hv/ring_buffer: Eliminate hv_ringbuffer_peek(). (bsc#1018385)
- hv/ring_buffer: Fix comment style. (bsc#1018385)
- hv/ring_buffer: Remove code duplication from hv_ringbuffer_peek/read(). (bsc#1018385)
- hv/vmbus: Add vendor and device attributes. (bsc#1018385)
- hv/vmbus: Allocate ring buffer memory in NUMA aware fashion. (bsc#1018385)
- hv/vmbus: Avoid infinite loop in init_vp_index(). (bsc#986337)
- hv/vmbus: Base host signaling strictly on the ring state. (bsc#1018385)
- hv/vmbus: Briefly comment num_sc and next_oc. (bsc#1018385)
- hv/vmbus: Change vmbus_connection.channel_lock to mutex. (bsc#1018385)
- hv/vmbus: Cleanup vmbus_set_event(). (bsc#1018385)
- hv/vmbus: Consider ND NIC in binding channels to CPUs. (bsc#1018385)
- hv/vmbus: Decrease num_sc on subchannel removal. (bsc#1018385)
- hv/vmbus: Define a new VMBus message type for hvsock. (bsc#1018385)
- hv/vmbus: Define the new offer type for Hyper-V socket (hvsock). (bsc#1018385)
- hv/vmbus: Distribute subchannels among all vcpus. (bsc#1018385)
- hv/vmbus: Eliminate the spin lock on the read path. (bsc#1018385)
- hv/vmbus: Enable explicit signaling policy for NIC channels. (bsc#1018385)
- hv/vmbus: Export the vmbus_set_event() API. (bsc#1018385)
- hv/vmbus: Finally fix hv_need_to_signal_on_read(). (bsc#1018385)
- hv/vmbus: Fix a Host signaling bug. (bsc#1018385)
- hv/vmbus: Fix init_vp_index() for reloading hv_netvsc. (bsc#1018385)
- hv/vmbus: Fix rescind-offer handling for device without a driver. (bsc#1018385)
- hv/vmbus: Fix signaling logic in hv_need_to_signal_on_read(). (bsc#1018385)
- hv/vmbus: Fix signal to host condition. (bsc#1018385)
- hv/vmbus: Further improve CPU affiliation logic. (bsc#1018385)
- hv/vmbus: Give control over how the ring access is serialized. (bsc#1018385)
- hv/vmbus: Implement APIs to support 'in place' consumption of vmbus packets. (bsc#1018385)
- hv/vmbus: Implement NUMA aware CPU affinity for channels. (bsc#1018385)
- hv/vmbus: Improve the CPU affiliation for channels. (bsc#1018385)
- hv/vmbus: Introduce functions for estimating room in the ring buffer. (bsc#1018385)
- hv/vmbus: Move init_vp_index() call to vmbus_process_offer(). (bsc#1018385)
- hv/vmbus: Move some ring buffer functions to hyperv.h. (bsc#1018385)
- hv/vmbus: On the read path cleanup the logic to interrupt the host. (bsc#1018385)
- hv/vmbus: On write cleanup the logic to interrupt the host. (bsc#1018385)
- hv/vmbus: Permit sending of packets without payload. (bsc#1018385)
- hv/vmbus: Release relid on error in vmbus_process_offer(). (bsc#1018385)
- hv/vmbus: Serialize process_chn_event() and vmbus_close_internal(). (bsc#1018385)
- hv/vmbus: Support handling messages on multiple CPUs. (bsc#1018385)
- hv/vmbus: Suppress some 'hv_vmbus: Unknown GUID' warnings. (bsc#1018385)
- hv/vmbus: Treat Fibre Channel devices as performance critical. (bsc#1018385)
- hv/vmbus: Unify calls to percpu_channel_enq(). (bsc#1018385)
- hv/vmbus: Use the vp_index map even for channels bound to CPU 0. (bsc#1018385)
- hv/vmbus: Use uuid_le_cmp() for comparing GUIDs. (bsc#1018385)
- hv/vmbus: Use uuid_le type consistently. (bsc#1018385)
- hv/vmbus: vmbus_sendpacket_ctl: hvsock: Avoid unnecessary signaling. (bsc#1018385)
- kexec: Add a kexec_crash_loaded() function. (bsc#973691)
- mpi: Fix NULL ptr dereference in mpi_powm(). (bsc#1011820)
- netvsc: Fix checksum on UDP IPV6. (bsc#1018385)
- netvsc: Fix incorrect receive checksum offloading. (bsc#1018385)
- netvsc: Reduce maximum GSO size. (bsc#1018385)
- perf/x86/intel: Move NMI clearing to end of PMI handler. (bsc#929142)
ImportantSUSE bug 1003180SUSE bug 1008374SUSE bug 1011820SUSE bug 1012422SUSE bug 1013038SUSE bug 1013531SUSE bug 1013542SUSE bug 1014746SUSE bug 1017710SUSE bug 1018385SUSE bug 1021258SUSE bug 821612SUSE bug 824171SUSE bug 929142SUSE bug 973691SUSE bug 986337SUSE bug 995968CVE-2012-6704 at SUSECVE-2012-6704 at NVDCVE-2015-8970 at SUSECVE-2015-8970 at NVDCVE-2016-10088 at SUSECVE-2016-10088 at NVDCVE-2016-7097 at SUSECVE-2016-7097 at NVDCVE-2016-8399 at SUSECVE-2016-8399 at NVDCVE-2016-9756 at SUSECVE-2016-9756 at NVDCVE-2016-9793 at SUSECVE-2016-9793 at NVDCVE-2017-5551 at SUSECVE-2017-5551 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix bugs and security issues.
The following security issues have been fixed:
- mm: Avoid setting up anonymous pages into file mapping. (bsc#979021, CVE-2015-3288)
- l2tp: Fix l2tp_ip_bind() return value on SOCK_ZAPPED bailout. (bsc#1028415, CVE-2016-10200)
- l2tp: Fix racy SOCK_ZAPPED flag check in l2tp_ip{,6}_bind(). (bsc#1028415, CVE-2016-10200)
- list: Introduce list_first_entry_or_null. (bsc#1027565, CVE-2017-2636)
- tty/n_hdlc: Get rid of racy n_hdlc.tbuf. (bsc#1027565, CVE-2017-2636)
- tipc: Fix an infoleak in tipc_nl_compat_link_dump. (bsc#983212, CVE-2016-5243)
- sctp: Deny peeloff operation on asocs with threads sleeping on it. (bsc#1027066, CVE-2017-6353)
- tcp: Avoid infinite loop in tcp_splice_read(). (bsc#1026722, CVE-2017-6214)
- dccp: Fix freeing skb too early for IPV6_RECVPKTINFO. (bsc#1026024, CVE-2017-6074)
- sctp: Avoid BUG_ON on sctp_wait_for_sndbuf. (bsc#1025235, CVE-2017-5986)
Additionally the following non-security bugs have been fixed:
- sd: Use async_probe cookie to avoid deadlocks. (bsc#997801)
- USB/serial/kl5kusb105: Fix line-state error handling. (bsc#1021256)
ImportantSUSE bug 1021256SUSE bug 1025235SUSE bug 1026024SUSE bug 1026722SUSE bug 1027066SUSE bug 1027565SUSE bug 1028415SUSE bug 979021SUSE bug 983212SUSE bug 997801CVE-2015-3288 at SUSECVE-2015-3288 at NVDCVE-2016-10200 at SUSECVE-2016-10200 at NVDCVE-2016-5243 at SUSECVE-2016-5243 at NVDCVE-2017-2636 at SUSECVE-2017-2636 at NVDCVE-2017-5986 at SUSECVE-2017-5986 at NVDCVE-2017-6074 at SUSECVE-2017-6074 at NVDCVE-2017-6214 at SUSECVE-2017-6214 at NVDCVE-2017-6353 at SUSECVE-2017-6353 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix bugs and security issues.
The following security issues have been fixed:
- char/lp: Fix possible integer overflow in lp_setup(). (bsc#1039456, CVE-2017-1000363)
- dccp/tcp: Do not inherit mc_list from parent. (bsc#1038544, CVE-2017-8890)
- drm/vmwgfx: Fix integer overflow in vmw_surface_define_ioctl(). (bsc#1031440, CVE-2017-7294)
- drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl(). (bsc#1031052, CVE-2017-7261)
- ipc/shm: Fix shmat mmap nil-page protection. (bsc#1026914, CVE-2017-5669)
- ipv4: Keep skb->dst around in presence of IP options. (bsc#1024938, CVE-2017-5970)
- ipv6: Check ip6_find_1stfragopt() return value properly. (bsc#1039882, CVE-2017-9074)
- ipv6/dccp: Do not inherit ipv6_mc_list from parent. (bsc#1039885, bsc#1040069, CVE-2017-9076, CVE-2017-9077)
- ipv6: Fix out of bound writes in __ip6_append_data(). (bsc#1041431, CVE-2017-9242)
- ipv6: Prevent overrun when parsing v6 header options. (bsc#1039882, CVE-2017-9074)
- ipx: Call ipxitf_put() in ioctl error path. (bsc#1038879, CVE-2017-7487)
- irda: Fix lockdep annotations in hashbin_delete(). (bsc#1027178, CVE-2017-6348)
- keys: Guard against null match function in keyring_search_aux(). (bsc#1030593, CVE-2017-2647, CVE-2017-6951)
- mm: Enlarge stack guard gap. (bsc#1042921, bsc#1039348, CVE-2017-1000364)
- mm/mempolicy.c: Fix error handling in set_mempolicy and mbind. (bsc#1033336, CVE-2017-7616)
- netfilter/arp_tables: Fix invoking 32bit 'iptable -P INPUT ACCEPT' failed in 64bit kernel.
(bsc#986362, bsc#986365, CVE-2016-4997, CVE-2016-4998)
- net/packet: Fix overflow in check for tp_reserve and tp_frame_nr. (bsc#1031579, CVE-2017-7308)
- net/socket: Fix recvmmsg not returning error from sock_error. (bsc#1003077, CVE-2016-7117)
- ping: Implement proper locking. (bsc#1031003, CVE-2017-2671)
- scsi/sg: Check length passed to SG_NEXT_CMD_LEN. (bsc#1030213, CVE-2017-7187)
- sctp: Do not inherit ipv6_{mc|ac|fl}_list from parent. (bsc#1039883, CVE-2017-9075)
- usb/iowarrior: Fix NULL-deref at probe. (bsc#970956, CVE-2016-2188)
- xfrm_user: Validate XFRM_MSG_NEWAE incoming ESN size harder. (bsc#1030573, CVE-2017-7184)
- xfrm_user: Validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window. (bsc#1030573, CVE-2017-7184)
Additionally the following non-security bugs have been fixed:
- acpi: Disable APEI error injection if securelevel is set. (bsc#972891, bsc#1023051)
- firmware: Fix directory creation rule matching with make 3.80 and 3.82. (bsc#1012422)
- kernel-binary.spec: Propagate MAKE_ARGS to %build. (bsc#1012422)
- keys: Disallow keyrings beginning with '.' to be joined as session keyrings. (bsc#1035576)
- mm: Do not collapse stack gap into THP. (bsc#1039348)
- nfsd4: Minor NFSv2/v3 write decoding cleanup. (bsc#1034670)
- nfsd: Check for oversized NFSv2/v3 arguments. (bsc#1034670)
- nfsd: Stricter decoding of write-like NFSv2/v3 ops. (bsc#1034670)
- Use make --output-sync feature when available. (bsc#1012422)
The messages in make output can interleave making it impossible to
extract warnings reliably. Since version 4 GNU Make supports
--output-sync flag that prints output of each sub-command atomically
preventing this issue. Detect the flag and use it if available.
SLE11 has make 3.81 so it is required to include make 4 in the kernel
OBS projects to take advantage of this.
ImportantSUSE bug 1003077SUSE bug 1012422SUSE bug 1023051SUSE bug 1024938SUSE bug 1026914SUSE bug 1027178SUSE bug 1030213SUSE bug 1030573SUSE bug 1030593SUSE bug 1031003SUSE bug 1031052SUSE bug 1031440SUSE bug 1031579SUSE bug 1033336SUSE bug 1034670SUSE bug 1035576SUSE bug 1038544SUSE bug 1038879SUSE bug 1039348SUSE bug 1039456SUSE bug 1039882SUSE bug 1039883SUSE bug 1039885SUSE bug 1040069SUSE bug 1041431SUSE bug 1042921SUSE bug 970956SUSE bug 972891SUSE bug 986362SUSE bug 986365CVE-2016-2188 at SUSECVE-2016-2188 at NVDCVE-2016-4997 at SUSECVE-2016-4997 at NVDCVE-2016-7117 at SUSECVE-2016-7117 at NVDCVE-2017-1000363 at SUSECVE-2017-1000363 at NVDCVE-2017-1000364 at SUSECVE-2017-1000364 at NVDCVE-2017-2647 at SUSECVE-2017-2647 at NVDCVE-2017-2671 at SUSECVE-2017-2671 at NVDCVE-2017-5669 at SUSECVE-2017-5669 at NVDCVE-2017-5970 at SUSECVE-2017-5970 at NVDCVE-2017-6348 at SUSECVE-2017-6348 at NVDCVE-2017-6951 at SUSECVE-2017-6951 at NVDCVE-2017-7184 at SUSECVE-2017-7184 at NVDCVE-2017-7187 at SUSECVE-2017-7187 at NVDCVE-2017-7261 at SUSECVE-2017-7261 at NVDCVE-2017-7294 at SUSECVE-2017-7294 at NVDCVE-2017-7308 at SUSECVE-2017-7308 at NVDCVE-2017-7487 at SUSECVE-2017-7487 at NVDCVE-2017-7616 at SUSECVE-2017-7616 at NVDCVE-2017-8890 at SUSECVE-2017-8890 at NVDCVE-2017-9074 at SUSECVE-2017-9074 at NVDCVE-2017-9075 at SUSECVE-2017-9075 at NVDCVE-2017-9076 at SUSECVE-2017-9076 at NVDCVE-2017-9077 at SUSECVE-2017-9077 at NVDCVE-2017-9242 at SUSECVE-2017-9242 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix bugs and security issues.
A previous security update to address CVE-2017-1000364 caused unintended side-effects in several other tools, most
notably Java. These issues have been remedied:
- mm/mmap: Do not blow on PROT_NONE MAP_FIXED holes in the stack. (bsc#1039348, bsc#1045340, bsc#1045406)
- mm: Do not collapse stack gap into THP. (bsc#1039348, CVE-2017-1000364)
The following other security issues have been fixed:
- usb/serial/io_ti: Fix information leak in completion handler. (bsc#1038982, CVE-2017-8924)
- usb/serial/omninet: Fix reference leaks at open. (bsc#1038981, CVE-2017-8925)
- alsa/timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT. (bsc#1044125, CVE-2017-1000380)
- alsa/timer: Fix race between read and ioctl. (bsc#1044125, CVE-2017-1000380)
Additionally the following non-security bug has been fixed:
- Remove superfluous make flags. (bsc#1012422)
ImportantSUSE bug 1012422SUSE bug 1038981SUSE bug 1038982SUSE bug 1039348SUSE bug 1044125SUSE bug 1045340SUSE bug 1045406CVE-2017-1000364 at SUSECVE-2017-1000364 at NVDCVE-2017-1000380 at SUSECVE-2017-1000380 at NVDCVE-2017-8924 at SUSECVE-2017-8924 at NVDCVE-2017-8925 at SUSECVE-2017-8925 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-14051: An integer overflow in qla2x00_sysfs_write_optrom_ctl function allowed local users to cause a denial of service (memory corruption and system crash) by leveraging root access (bnc#1056588).
- CVE-2017-1000112: Easy to exploit memory corruption in UFO to non-UFO path switch (bsc#1052311).
- CVE-2017-10661: Race condition in fs/timerfd.c allowed local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing (bnc#1053152).
- CVE-2017-12762: A user-controlled buffer wasa copied into a local buffer of constant size using strcpy without a length check which could have caused a buffer overflow (bnc#1053148).
- CVE-2017-8831: The saa7164_bus_get function allowed local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a 'double fetch' vulnerability (bnc#1037994).
- CVE-2017-7542: The ip6_find_1stfragopt function allowed local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket (bnc#1049882).
- CVE-2017-7482: Fixed several cases where a padded len was not 't checked when decoding tickets (bsc#1046107).
- CVE-2017-7533: Race condition in the fsnotify implementation allowed local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions (bnc#1049483).
- CVE-2017-11176: The mq_notify function did not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allowed attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact (bnc#1048275).
- CVE-2017-11473: Buffer overflow in the mp_override_legacy_irq() function allowed local users to gain privileges via a crafted ACPI table (bnc#1049603).
- CVE-2017-1000365: Size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size) did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation (bnc#1039354).
- blkback/blktap: Prevent leak of stack data via response ring. This issue allowed malicious unprivileged guest to obtain sensitive information from the host or other guests (bsc#1042863).
The following non-security bugs were fixed:
- Deleting a gendisk that is not up should not be an error (bsc#1035544).
- USB: wusbcore: fix NULL-deref at probe (bsc#1045487).
- coredump: ensure that SIGKILL always kills the dumping thread (bnc#1054302).
- coredump: only SIGKILL should interrupt the coredumping task (bnc#1054302).
- coredump: sanitize the setting of signal->group_exit_code (bnc#1054302).
- dentry name snapshots (bsc#1049483).
ImportantSUSE bug 1035544SUSE bug 1037994SUSE bug 1039354SUSE bug 1042863SUSE bug 1045487SUSE bug 1046107SUSE bug 1048275SUSE bug 1049483SUSE bug 1049603SUSE bug 1049882SUSE bug 1052311SUSE bug 1053148SUSE bug 1053152SUSE bug 1054302SUSE bug 1056588CVE-2017-1000112 at SUSECVE-2017-1000112 at NVDCVE-2017-1000365 at SUSECVE-2017-1000365 at NVDCVE-2017-10661 at SUSECVE-2017-10661 at NVDCVE-2017-11176 at SUSECVE-2017-11176 at NVDCVE-2017-11473 at SUSECVE-2017-11473 at NVDCVE-2017-12762 at SUSECVE-2017-12762 at NVDCVE-2017-14051 at SUSECVE-2017-14051 at NVDCVE-2017-7482 at SUSECVE-2017-7482 at NVDCVE-2017-7533 at SUSECVE-2017-7533 at NVDCVE-2017-7542 at SUSECVE-2017-7542 at NVDCVE-2017-8831 at SUSECVE-2017-8831 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix bugs and security issues.
The following security issues have been fixed:
- CVE-2017-1000251: bluetooth: Properly check L2CAP configuration option output buffer length. (bsc#1057389)
- CVE-2017-14340: xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present. (bsc#1058524)
- CVE-2017-14140: Sanitize 'move_pages()' permission checks. (bsc#1057179)
Additionally, the following non-security issue has been fixed:
- Fix crash in nfs4_open_prepare (bsc#1052653).
ImportantSUSE bug 1052653SUSE bug 1057179SUSE bug 1057389SUSE bug 1058524CVE-2017-1000251 at SUSECVE-2017-1000251 at NVDCVE-2017-14140 at SUSECVE-2017-14140 at NVDCVE-2017-14340 at SUSECVE-2017-14340 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix bugs and security issues.
The following security issues have been fixed:
- CVE-2017-13080: mac80211: Accept key reinstall without changing anything. (bsc#1063667)
- CVE-2017-15274: keys: Fix dereferencing NULL payload with nonzero length. (bsc#1045327, bsc#1062471)
- CVE-2017-15265: alsa: Fix use-after-free at creating a port. (bsc#1062520)
- CVE-2017-1000253: fs/binfmt: Fix bug in loading of PIE binaries. (bsc#1059525)
Additionally, the following non-security issue has been fixed:
- nfs: Remove asserts from the NFS XDR code. (bsc#1063544)
- fs/binfmt_elf: Return -EINVAL on zero-length mappings. (bsc#1059525)
ImportantSUSE bug 1045327SUSE bug 1059525SUSE bug 1062471SUSE bug 1062520SUSE bug 1063544SUSE bug 1063667CVE-2017-1000253 at SUSECVE-2017-1000253 at NVDCVE-2017-13080 at SUSECVE-2017-13080 at NVDCVE-2017-15265 at SUSECVE-2017-15265 at NVDCVE-2017-15274 at SUSECVE-2017-15274 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix bugs and security issues.
The following security issues have been fixed:
- CVE-2017-16649: net/cdc_ether: Fix divide by 0 on bad descriptors. (bsc#1067085)
- CVE-2017-16649: input/gtco: Fix potential out-of-bound access. (bsc#1067085)
- CVE-2017-16535: usb/core: Fix out-of-bounds access bug in usb_get_bos_descriptor(). (bsc#1066700)
- CVE-2017-15102: usb/misc/legousbtower: Fix NULL pointer dereference. (bsc#1066705)
- CVE-2017-16531: usb: Fix out-of-bounds in usb_set_configuration. (bsc#1066671)
- CVE-2017-16529: alsa/usb-audio: Check out-of-bounds access by corrupted buffer descriptor. (bsc#1066650)
- CVE-2017-16525: usb/serial/console: Fix use-after-free after failed setup. (bsc#1066618)
- CVE-2017-16537: media/imon: Fix NULL pointer dereference in imon_probe. (bsc#1066573)
- CVE-2017-16536: cx231xx-cards: Fix NULL pointer dereference on missing association descriptor. (bsc#1066606)
- CVE-2017-16527: alsa/usb-audio: Kill stray URB at exiting. (bsc#1066625)
Additionally, the following non-security issues have been fixed:
- kernel/params.c: Fix an overflow in param_attr_show. (bsc#1059240)
- mac80211: Don't compare TKIP TX MIC key in reinstall prevention. (bsc#1066472)
ImportantSUSE bug 1059240SUSE bug 1066472SUSE bug 1066573SUSE bug 1066606SUSE bug 1066618SUSE bug 1066625SUSE bug 1066650SUSE bug 1066671SUSE bug 1066700SUSE bug 1066705SUSE bug 1067085CVE-2017-15102 at SUSECVE-2017-15102 at NVDCVE-2017-16525 at SUSECVE-2017-16525 at NVDCVE-2017-16527 at SUSECVE-2017-16527 at NVDCVE-2017-16529 at SUSECVE-2017-16529 at NVDCVE-2017-16531 at SUSECVE-2017-16531 at NVDCVE-2017-16535 at SUSECVE-2017-16535 at NVDCVE-2017-16536 at SUSECVE-2017-16536 at NVDCVE-2017-16537 at SUSECVE-2017-16537 at NVDCVE-2017-16649 at SUSECVE-2017-16649 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 for Teradata kernel was updated to receive various security and bugfixes.
This update adds mitigations for various side channel attacks against modern CPUs that could disclose
content of otherwise unreadable memory (bnc#1068032).
- CVE-2017-5753: Local attackers on systems with modern CPUs featuring
deep instruction pipelining could use attacker controllable speculative
execution over code patterns in the Linux Kernel to leak content from
otherwise not readable memory in the same address space, allowing
retrieval of passwords, cryptographic keys and other secrets.
This problem is mitigated by adding speculative fencing on affected
code paths throughout the Linux kernel.
- CVE-2017-5715: Local attackers on systems with modern CPUs featuring
branch prediction could use mispredicted branches to speculatively execute
code patterns that in turn could be made to leak other non-readable
content in the same address space, an attack similar to CVE-2017-5753.
This problem is mitigated by disabling predictive branches, depending
on CPU architecture either by firmware updates and/or fixes in the
user-kernel privilege boundaries.
This is done with help of Linux Kernel fixes on the Intel/AMD x86_64
architecture.
On x86_64, this requires also updates of the CPU microcode packages,
delivered in seperate updates.
As this feature can have a performance impact, it can be disabled
using the 'nospec' kernel commandline option.
- CVE-2017-5754: Local attackers on systems with modern CPUs featuring
deep instruction pipelining could use code patterns in userspace to
speculative executive code that would read otherwise read protected
memory, an attack similar to CVE-2017-5753.
This problem is mitigated by unmapping the Linux Kernel from the user
address space during user code execution, following a approach called
'KAISER'. The terms used here are 'KAISER' / 'Kernel Address Isolation'
and 'PTI' / 'Page Table Isolation'.
This feature can be enabled / disabled by the 'pti=[on|off|auto]' or
'nopti' commandline options.
The following security bugs were fixed:
- CVE-2017-17806: The HMAC implementation (crypto/hmac.c) in the Linux kernel did not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization (bnc#1073874).
- CVE-2017-17805: The Salsa20 encryption algorithm in the Linux kernel did not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable (bnc#1073792).
- CVE-2017-15868: The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel did not ensure that an l2cap socket is available, which allowed local users to gain privileges via a crafted application (bnc#1071470).
- CVE-2017-13167: An elevation of privilege vulnerability in the kernel sound timer. (bnc#1072876).
- CVE-2017-16538: drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel allowed local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start check and incorrect attach timing (dm04_lme2510_frontend_attach versus dm04_lme2510_tuner) (bnc#1066569).
- CVE-2017-17558: The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel did not consider the maximum number of configurations and interfaces before attempting to release resources, which allowed local users to cause a denial of service (out-of-bounds write access) or possibly have unspecified other impact via a crafted USB device (bnc#1072561).
- CVE-2017-17450: net/netfilter/xt_osf.c in the Linux kernel did not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allowed local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces (bnc#1071695).
- CVE-2017-8824: The dccp_disconnect function in net/dccp/proto.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state (bnc#1070771).
- CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages (bnc#1069702).
- CVE-2017-15115: The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel did not check whether the intended netns is used in a peel-off action, which allowed local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls (bnc#1068671).
- CVE-2017-14106: The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel allowed local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path (bnc#1056982).
- CVE-2017-11600: net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, did not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allowed local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message (bnc#1050231).
- CVE-2017-7472: The KEYS subsystem in the Linux kernel allowed local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls (bnc#1034862).
- CVE-2017-16534: The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066693).
The following non-security bugs were fixed:
- asm alternatives: remove incorrect alignment notes.
- kabi: silence spurious kabi error in net/sctp/socket.c (bsc#1068671).
- kaiser: add 'nokaiser' boot option, using ALTERNATIVE.
- kaiser: fix ldt freeing.
- kaiser: Kernel Address Isolation.
- kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush.
- kvm: SVM: Do not intercept new speculative control MSRs (bsc#1068032).
- kvm: x86: Add speculative control CPUID support for guests (bsc#1068032).
- mm/mmu_context, sched/core: Fix mmu_context.h assumption.
- ptrace: Add a new thread access check (bsc#1068032).
- sched/core: Add switch_mm_irqs_off() and use it in the scheduler.
- sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off().
- temporary fix (bsc#1068032).
- usb: uas: fix bug in handling of alternate settings (bsc#1071074).
- x86-64: Give vvars their own page.
- x86-64: Map the HPET NX.
- x86/alternatives: Add instruction padding.
- x86/alternatives: Cleanup DPRINTK macro.
- x86/alternatives: Make JMPs more robust.
- x86/alternatives: Use optimized NOPs for padding.
- x86/boot: Add early cmdline parsing for options with arguments.
- x86, boot: Carve out early cmdline parsing function.
- x86/CPU/AMD: Add speculative control support for AMD (bsc#1068032).
- x86/CPU/AMD: Make the LFENCE instruction serialized (bsc#1068032).
- x86/CPU/AMD: Remove now unused definition of MFENCE_RDTSC feature (bsc#1068032).
- x86/CPU: Check speculation control CPUID bit (bsc#1068032).
- x86/enter: Add macros to set/clear IBRS and set IBPB (bsc#1068032).
- x86/entry: Add a function to overwrite the RSB (bsc#1068032).
- x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (bsc#1068032).
- x86/entry: Use IBRS on entry to kernel space (bsc#1068032).
- x86/feature: Enable the x86 feature to control Speculation (bsc#1068032).
- x86/idle: Disable IBRS when offlining a CPU and re-enable on wakeup (bsc#1068032).
- x86/idle: Toggle IBRS when going idle (bsc#1068032).
- x86/kaiser: Check boottime cmdline params.
- x86/kaiser: disable vmstat accounting.
- x86/kaiser: Move feature detection up (bsc#1068032).
- x86/kaiser: propagate info to /proc/cpuinfo.
- x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling.
- x86/kvm: Add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm (bsc#1068032).
- x86/kvm: Flush IBP when switching VMs (bsc#1068032).
- x86/kvm: Pad RSB on VM transition (bsc#1068032).
- x86/kvm: Toggle IBRS on VM entry and exit (bsc#1068032).
- x86: Make alternative instruction pointers relative.
- x86/microcode/AMD: Add support for fam17h microcode loading (bsc#1068032).
- x86/mm/64: Fix reboot interaction with CR4.PCIDE.
- x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID.
- x86/mm: Add INVPCID helpers.
- x86/mm: Add the 'nopcid' boot option to turn off PCID.
- x86/mm: Build arch/x86/mm/tlb.c even on !SMP.
- x86/mm: Disable PCID on 32-bit kernels.
- x86/mm: Enable CR4.PCIDE on supported systems.
- x86/mm: fix bad backport to disable PCID on Xen.
- x86/mm: Fix INVPCID asm constraint.
- x86/mm: If INVPCID is available, use it to flush global mappings.
- x86/mm/kaiser: re-enable vsyscalls.
- x86/mm: Only set IBPB when the new thread cannot ptrace current thread (bsc#1068032).
- x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code.
- x86/mm, sched/core: Turn off IRQs in switch_mm().
- x86/mm, sched/core: Uninline switch_mm().
- x86/mm: Set IBPB upon context switch (bsc#1068032).
- x86/MSR: Move native_*msr(.. u64) to msr.h (bsc#1068032).
- x86/spec: Add IBRS control functions (bsc#1068032).
- x86/spec: Add 'nospec' chicken bit (bsc#1068032).
- x86/spec: Check CPUID direclty post microcode reload to support IBPB feature (bsc#1068032).
- x86/spec_ctrl: Add an Indirect Branch Predictor barrier (bsc#1068032).
- x86/spec_ctrl: Check whether IBPB is enabled before using it (bsc#1068032).
- x86/spec_ctrl: Check whether IBRS is enabled before using it (bsc#1068032).
- x86/svm: Add code to clear registers on VM exit (bsc#1068032).
- x86/svm: Clobber the RSB on VM exit (bsc#1068032).
- x86/svm: Set IBPB when running a different VCPU (bsc#1068032).
- x86/svm: Set IBRS value on VM entry and exit (bsc#1068032).
- xen/kaiser: add 'nokaiser' boot option, using ALTERNATIVE.
- xen/KAISER: Kernel Address Isolation.
- xen/kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush.
- xen/kaiser: work around kABI.
- xen/x86-64: Give vvars their own page.
- xen/x86-64: Map the HPET NX.
- xen/x86/alternatives: Add instruction padding.
- xen/x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling.
- xen/x86/mm: Enable CR4.PCIDE on supported systems.
- xen/x86/mm/kaiser: re-enable vsyscalls.
- xen/x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code.
- xen: x86/mm, sched/core: Turn off IRQs in switch_mm().
- xen: x86/mm, sched/core: Uninline switch_mm().
ImportantSUSE bug 1034862SUSE bug 1050231SUSE bug 1056982SUSE bug 1066569SUSE bug 1066693SUSE bug 1068032SUSE bug 1068671SUSE bug 1069702SUSE bug 1070771SUSE bug 1071074SUSE bug 1071470SUSE bug 1071695SUSE bug 1072561SUSE bug 1072876SUSE bug 1073792SUSE bug 1073874CVE-2017-11600 at SUSECVE-2017-11600 at NVDCVE-2017-13167 at SUSECVE-2017-13167 at NVDCVE-2017-14106 at SUSECVE-2017-14106 at NVDCVE-2017-15115 at SUSECVE-2017-15115 at NVDCVE-2017-15868 at SUSECVE-2017-15868 at NVDCVE-2017-16534 at SUSECVE-2017-16534 at NVDCVE-2017-16538 at SUSECVE-2017-16538 at NVDCVE-2017-16939 at SUSECVE-2017-16939 at NVDCVE-2017-17450 at SUSECVE-2017-17450 at NVDCVE-2017-17558 at SUSECVE-2017-17558 at NVDCVE-2017-17805 at SUSECVE-2017-17805 at NVDCVE-2017-17806 at SUSECVE-2017-17806 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5753 at SUSECVE-2017-5753 at NVDCVE-2017-5754 at SUSECVE-2017-5754 at NVDCVE-2017-7472 at SUSECVE-2017-7472 at NVDCVE-2017-8824 at SUSECVE-2017-8824 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 for Teradata kernel was updated to receive various security and bugfixes.
The following security issues have been fixed:
- CVE-2017-13215: crypto/algif_skcipher: Load TX SG list after waiting. (bsc#1075908)
- CVE-2018-1000004: alsa/seq: Make ioctls race-free. (bsc#1076017)
- CVE-2017-5754: kaiser: Disabled on Xen PV. (bsc#1012382 bsc#1068032, bsc#1076154).
Additionally, the following non-security issues have been fixed:
- kaiser: Set _PAGE_NX only if supported. (bnc#1012382, bnc#1076278)
- x86/kaiser: Populate shadow PGD with NX bit only if supported by platform. (bsc#1076154, bsc#1076278)
- x86/paravirt: Dont patch flush_tlb_single. (bsc#1012382, bsc#1076154)
- x86/spec_ctrl: Handle late setting of X86_FEATURE_SPEC_CTRL properly. (bsc#1075994, bsc#1075091)
- x86/spectre_v2: Fix ordering in IBRS initialization. (bsc#1075994, bsc#1075091)
- x86/microcode: Rescan feature flags upon late loading. (bsc#1075994, bsc#1075091)
- x86/CPU: Sync CPU feature flags late. (bsc#1075994, bsc#1075091)
- x86/cpu: Factor out application of forced CPU caps. (bsc#1075994, bsc#1075091)
- storvsc: Do not assume SG list is continuous when doing bounce buffers. (bsc#1075410)
- pti: Unbreak EFI. (bsc#1074709)
- x86/acpi: Reduce code duplication in mp_override_legacy_irq(). (bsc#1068984)
- x86/acpi: Handle SCI interrupts above legacy space gracefully. (bsc#1068984)
- x86/acpi: Reduce code duplication in mp_override_legacy_irq(). (bsc#1068984)
- x86/acpi: Handle SCI interrupts above legacy space gracefully. (bsc#1068984)
ImportantSUSE bug 1012382SUSE bug 1068032SUSE bug 1068984SUSE bug 1074709SUSE bug 1075091SUSE bug 1075410SUSE bug 1075908SUSE bug 1075994SUSE bug 1076017SUSE bug 1076154SUSE bug 1076278CVE-2017-13215 at SUSECVE-2017-13215 at NVDCVE-2017-5754 at SUSECVE-2017-5754 at NVDCVE-2018-1000004 at SUSECVE-2018-1000004 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes.
This update is only provided as a fix update for IBM Z platform.
- CVE-2017-5753 / 'Spectre Attack': IBM Z fixes were included but not enabled in the previous update. This update enables those fixes.
- CVE-2017-5715 / 'Spectre Attack': IBM Z fixes were already included in the previous update. A bugfix for the patches has been applied on top.
- CVE-2017-5754: The IBM Z architecture is not affected by the 'Meltdown' attack.
ImportantSUSE bug 1068032CVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5753 at SUSECVE-2017-5753 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (bnc#1068032).
The previous fix using CPU Microcode has been complemented by building the Linux Kernel with return trampolines aka 'retpolines'.
- CVE-2018-5332: In the Linux kernel the rds_message_alloc_sgs() function did not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c) (bnc#1075621).
- CVE-2018-5333: In the Linux kernel the rds_cmsg_atomic function in net/rds/rdma.c mishandled cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference (bnc#1075617).
- CVE-2017-18017: The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel allowed remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action (bnc#1074488).
- CVE-2017-18079: drivers/input/serio/i8042.c in the Linux kernel allowed attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact because the port->exists value can change after it is validated (bnc#1077922).
- CVE-2017-17741: The KVM implementation in the Linux kernel allowed attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h (bnc#1073311).
- CVE-2017-13215: A elevation of privilege vulnerability in the Upstream kernel skcipher. (bnc#1075908).
- CVE-2018-1000004: In the Linux kernel a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition (bnc#1076017).
The following non-security bugs were fixed:
- cdc-acm: apply quirk for card reader (bsc#1060279).
- Enable CPU vulnerabilities reporting via sysfs
- fork: clear thread stack upon allocation (bsc#1077560).
- kaiser: Set _PAGE_NX only if supported (bnc#1012382, bnc#1076278).
- kbuild: modversions for EXPORT_SYMBOL() for asm (bsc#1074621 bsc#1068032).
- Move kABI fixup for retpolines to proper place.
- powerpc/vdso64: Use double word compare on pointers (bsc#1070781).
- s390: add ppa to the idle loop (bnc#1077406, LTC#163910).
- s390/cpuinfo: show facilities as reported by stfle (bnc#1076849, LTC#163741).
- storvsc: do not assume SG list is continuous when doing bounce buffers (bsc#1075410).
- sysfs/cpu: Add vulnerability folder (bnc#1012382).
- sysfs/cpu: Fix typos in vulnerability documentation (bnc#1012382).
- sysfs: spectre_v2, handle spec_ctrl (bsc#1075994 bsc#1075091).
- x86/acpi: Handle SCI interrupts above legacy space gracefully (bsc#1068984).
- x86/acpi: Reduce code duplication in mp_override_legacy_irq() (bsc#1068984).
- x86/boot: Fix early command-line parsing when matching at end (bsc#1068032).
- x86/cpu: Factor out application of forced CPU caps (bsc#1075994 bsc#1075091).
- x86/cpu: Implement CPU vulnerabilites sysfs functions (bnc#1012382).
- x86/CPU: Sync CPU feature flags late (bsc#1075994 bsc#1075091).
- x86/kaiser: Populate shadow PGD with NX bit only if supported by platform (bsc#1076154 bsc#1076278).
- x86/kaiser: use trampoline stack for kernel entry.
- x86/microcode/intel: Disable late loading on model 79 (bsc#1054305).
- x86/microcode/intel: Extend BDW late-loading further with LLC size check (bsc#1054305).
- x86/microcode/intel: Extend BDW late-loading with a revision check (bsc#1054305).
- x86/microcode: Rescan feature flags upon late loading (bsc#1075994 bsc#1075091).
- x86/retpolines/spec_ctrl: disable IBRS on !SKL if retpolines are active (bsc#1068032).
- x86/spec_ctrl: handle late setting of X86_FEATURE_SPEC_CTRL properly (bsc#1075994 bsc#1075091).
- x86/spectre_v2: fix ordering in IBRS initialization (bsc#1075994 bsc#1075091).
- x86/spectre_v2: nospectre_v2 means nospec too (bsc#1075994 bsc#1075091).
ImportantSUSE bug 1012382SUSE bug 1054305SUSE bug 1060279SUSE bug 1068032SUSE bug 1068984SUSE bug 1070781SUSE bug 1073311SUSE bug 1074488SUSE bug 1074621SUSE bug 1075091SUSE bug 1075410SUSE bug 1075617SUSE bug 1075621SUSE bug 1075908SUSE bug 1075994SUSE bug 1076017SUSE bug 1076154SUSE bug 1076278SUSE bug 1076849SUSE bug 1077406SUSE bug 1077560SUSE bug 1077922CVE-2017-13215 at SUSECVE-2017-13215 at NVDCVE-2017-17741 at SUSECVE-2017-17741 at NVDCVE-2017-18017 at SUSECVE-2017-18017 at NVDCVE-2017-18079 at SUSECVE-2017-18079 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2018-1000004 at SUSECVE-2018-1000004 at NVDCVE-2018-5332 at SUSECVE-2018-5332 at NVDCVE-2018-5333 at SUSECVE-2018-5333 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 for Teradata kernel was updated to receive various security and bugfixes.
The following security issues have been fixed:
- CVE-2017-18203: The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel
allowed local users to cause a denial of service by leveraging a race condition with
__dm_destroy during creation and removal of DM devices. (bsc#1083242)
- CVE-2017-16911: The vhci_hcd driver allowed local attackers to disclose
kernel memory addresses. Successful exploitation required that a USB device was
attached over IP (bsc#1078674).
- CVE-2017-18208: The madvise_willneed function kernel allowed local users to
cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED
for a DAX mapping (bsc#1083494).
- CVE-2018-7566: The ALSA sequencer core initializes the event pool on demand
by invoking snd_seq_pool_init() when the first write happens and the pool is
empty. A user could have reset the pool size manually via ioctl concurrently,
which may have lead UAF or out-of-bound access (bsc#1083483).
- CVE-2017-16644: The hdpvr_probe function allowed local users to cause a
denial of service (improper error handling and system crash) or possibly have
unspecified other impact via a crafted USB device (bsc#1067118).
- CVE-2017-5753 / 'SpectreAttack': Local attackers on systems with modern CPUs featuring
deep instruction pipelining could use attacker controllable speculative
execution over code patterns in the Linux Kernel to leak content from
otherwise not readable memory in the same address space, allowing
retrieval of passwords, cryptographic keys and other secrets.
This problem is mitigated by adding speculative fencing on affected
code paths throughout the Linux kernel.
- CVE-2018-6927: The futex_requeue function allowed attackers to cause a denial
of service (integer overflow) or possibly have unspecified other impact by
triggering a negative wake or requeue value (bsc#1080757).
- CVE-2017-16914: The 'stub_send_ret_submit()' function allowed attackers to
cause a denial of service (NULL pointer dereference) via a specially crafted
USB over IP packet (bsc#1078669).
- CVE-2016-7915: The hid_input_field function allowed physically proximate
attackers to obtain sensitive information from kernel memory or cause a denial
of service (out-of-bounds read) by connecting a device (bsc#1010470).
- CVE-2015-5156: The virtnet_probe function in drivers/net/virtio_net.c in
the Linux kernel attempted to support a FRAGLIST feature without proper
memory allocation, which allowed guest OS users to cause a denial of
service (buffer overflow and memory corruption) via a crafted sequence
of fragmented packets (bsc#940776).
- CVE-2017-12190: The bio_map_user_iov and bio_unmap_user functions did
unbalanced refcounting when a SCSI I/O vector had small consecutive buffers
belonging to the same page. The bio_add_pc_page function merged them into one,
but the page reference was never dropped. This caused a memory leak and
possible system lockup (exploitable against the host OS by a guest OS user, if
a SCSI disk is passed through to a virtual machine) due to an out-of-memory
condition (bsc#1062568).
- CVE-2017-16912: The 'get_pipe()' function allowed attackers to cause a denial
of service (out-of-bounds read) via a specially crafted USB over IP packet
(bsc#1078673).
- CVE-2017-16913: The 'stub_recv_cmd_submit()' function when handling
CMD_SUBMIT packets allowed attackers to cause a denial of service (arbitrary
memory allocation) via a specially crafted USB over IP packet (bsc#1078672).
- CVE-2018-5332: The rds_message_alloc_sgs() function did not validate a value
that is used during DMA page allocation, leading to a heap-based out-of-bounds
write (related to the rds_rdma_extra_size function in net/rds/rdma.c)
(bsc#1075621).
- CVE-2018-5333: The rds_cmsg_atomic function in net/rds/rdma.c mishandled
cases where page pinning fails or an invalid address is supplied, leading to an
rds_atomic_free_op NULL pointer dereference (bsc#1075617).
- CVE-2017-18017: The tcpmss_mangle_packet function allowed remote attackers to
cause a denial of service (use-after-free and memory corruption) or possibly
have unspecified other impact by leveraging the presence of xt_TCPMSS in an
iptables action (bsc#1074488).
- CVE-2017-18079: drivers/input/serio/i8042.c in the Linux kernel allowed
attackers to cause a denial of service (NULL pointer dereference and
system crash) or possibly have unspecified other impact because the
port->exists value can change after it is validated (bsc#1077922).
- CVE-2017-17741: The KVM implementation in the Linux kernel allowed
attackers to obtain potentially sensitive information from kernel
memory, aka a write_mmio stack-based out-of-bounds read, related to
arch/x86/kvm/x86.c and include/trace/events/kvm.h (bsc#1073311).
Additionally, the following non-security issues have been fixed:
- x86/retpoline: Don't perform thunk calls in ring3 vsyscall code. (bsc#1085331)
- sd: Skip async probing for deleted devices. (bsc#1066051)
- x86/espfix: Fix return stack in do_double_fault(). (bsc#1085279)
- scsi: Do not spin-up disconnected devices. (bsc#1073379)
- sd: Reset async_probe cookie after probing. (bsc#1073379)
- sysfs/driver core: Fix glue dir race condition by gdp_mutex. (bsc#1073379)
- block: Do not allow updates through sysfs until registration completes. (bsc#1073379)
- leds: Do not overflow sysfs buffer in led_trigger_show. (bsc#1080464)
- sysfs/spectre_v2: Handle spec_ctrl. (bsc#1075994, bsc#1075091)
- x86/spectre_v2: nospectre_v2 means nospec too. (bsc#1075994, bsc#1075091)
- sysfs/cpu: Fix typos in vulnerability documentation. (bsc#1012382)
- x86/cpu: Implement CPU vulnerabilites sysfs functions. (bsc#1012382)
- sysfs/cpu: Add vulnerability folder. (bsc#1012382)
- kbuild: Modversions for EXPORT_SYMBOL() for asm. (bsc#1074621, bsc#1068032)
- Switch away from trampoline stack to kernel stack in ia32_syscall entry. (bsc#1080579)
- x86/kaiser: Use trampoline stack for kernel entry. (bsc#1077560)
- powerpc/vdso64: Use double word compare on pointers. (bsc#1070781)
- audit: Move the tree pruning to a dedicated thread. (bsc#1075867)
ImportantSUSE bug 1010470SUSE bug 1012382SUSE bug 1062568SUSE bug 1066051SUSE bug 1067118SUSE bug 1068032SUSE bug 1070781SUSE bug 1073311SUSE bug 1073379SUSE bug 1074488SUSE bug 1074621SUSE bug 1075091SUSE bug 1075617SUSE bug 1075621SUSE bug 1075867SUSE bug 1075994SUSE bug 1077560SUSE bug 1077922SUSE bug 1078669SUSE bug 1078672SUSE bug 1078673SUSE bug 1078674SUSE bug 1080464SUSE bug 1080579SUSE bug 1080757SUSE bug 1083242SUSE bug 1083483SUSE bug 1083494SUSE bug 1085279SUSE bug 1085331SUSE bug 940776CVE-2015-5156 at SUSECVE-2015-5156 at NVDCVE-2016-7915 at SUSECVE-2016-7915 at NVDCVE-2017-12190 at SUSECVE-2017-12190 at NVDCVE-2017-16644 at SUSECVE-2017-16644 at NVDCVE-2017-16911 at SUSECVE-2017-16911 at NVDCVE-2017-16912 at SUSECVE-2017-16912 at NVDCVE-2017-16913 at SUSECVE-2017-16913 at NVDCVE-2017-16914 at SUSECVE-2017-16914 at NVDCVE-2017-17741 at SUSECVE-2017-17741 at NVDCVE-2017-18017 at SUSECVE-2017-18017 at NVDCVE-2017-18079 at SUSECVE-2017-18079 at NVDCVE-2017-18203 at SUSECVE-2017-18203 at NVDCVE-2017-18208 at SUSECVE-2017-18208 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5753 at SUSECVE-2017-5753 at NVDCVE-2017-5754 at SUSECVE-2017-5754 at NVDCVE-2018-5332 at SUSECVE-2018-5332 at NVDCVE-2018-5333 at SUSECVE-2018-5333 at NVDCVE-2018-6927 at SUSECVE-2018-6927 at NVDCVE-2018-7566 at SUSECVE-2018-7566 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 for Teradata kernel was updated to receive various security and bugfixes.
The following security issues have been fixed:
- CVE-2017-13166: An elevation of privilege vulnerability in the v4l2 video driver was fixed (bsc#1072865).
- CVE-2017-5715: More improvements and cleanups for retpoline support (bsc#1068032).
- CVE-2017-5753: Introduce new memory barrier gmb() (bsc#1068032).
- CVE-2017-5754: Fix making LFENCE a serializing instruction (bsc#1068032).
Additionally, the following non-security issues have been fixed:
- xen/x86/cpu: Factor out application of forced CPU caps (bsc#1075994, bsc#1075091).
- xen/x86/CPU: Sync CPU feature flags late (bsc#1075994, bsc#1075091). ImportantSUSE bug 1068032SUSE bug 1072865SUSE bug 1075091SUSE bug 1075994SUSE bug 1086827CVE-2017-13166 at SUSECVE-2017-13166 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5753 at SUSECVE-2017-5753 at NVDCVE-2017-5754 at SUSECVE-2017-5754 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 for Teradata kernel was updated to receive various security and bugfixes.
The following security issues have been fixed:
- CVE-2018-8897: An unprivileged system user could use incorrect set up interrupt stacks to crash the Linux kernel
resulting in DoS issue. (bsc#1087088)
- CVE-2018-1000199: perf/hwbp: Simplify the perf-hwbp code and fix documentation. (bsc#1089895)
- CVE-2018-10675: mm/mempolicy: Fix use after free when calling get_mempolicy. (bsc#1091755)
- CVE-2018-10124: The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13,
when an unspecified architecture and compiler is used, might allow local users to cause a denial of
service via an INT_MIN argument (bsc#1089752).
- CVE-2018-10087: The kernel_wait4 function in kernel/exit.c might have allowed
local users to cause a denial of service by triggering an attempted use of the
-INT_MIN value (bsc#1089608).
- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in
drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial of
service (memory consumption) via many read accesses to files in the
/sys/class/sas_phy directory, as demonstrated by the
/sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bsc#1084536).
- CVE-2018-7566: Buffer overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl
write operation to /dev/snd/seq by a local user potentially allowing for code
execution (bnc#1083483).
- CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function in
the ALSA subsystem allowed attackers to gain privileges via unspecified vectors
(bnc#1088260 1088268).
- CVE-2018-8822: Incorrect buffer length handling in the ncp_read_kernel
function could have beenexploited by malicious NCPFS servers to crash the
kernel or execute code (bnc#1086162)
Additionally, the following non-security issues have been fixed:
- x86, mce: Fix mce_start_timer semantics. (bsc#1090607)
- x86/Xen: Disable IBRS around CPU stopper function invocation (none so far).
- xen-netfront: Fix req_prod check to avoid RX hang when index wraps. (bsc#1046610)
- Integrate fixes resulting from bsc#1088147. More info in the respective commit messages.
- kabi/x86/kaiser: Properly align trampoline stack (bsc#1087260).
- posix-timers: Protect posix clock array access against speculation (bsc#1081358).
- mm/mmap.c: Do not blow on PROT_NONE MAP_FIXED holes in the stack (bsc#1039348).
- sd: Check device status after spinup when revalidating the device (bsc#1090366).
- sd: Skip probing after sd_revalidate_disk() (bsc#1090366).
- Fix wrong function name in 0007-sd-Check-device-status-after-spinup-when-revalidatin.patch
- mm: Replace fixes for bsc#1039348, CVE-2017-1000364 with patches from upstream.
ImportantSUSE bug 1039348SUSE bug 1046610SUSE bug 1081358SUSE bug 1083483SUSE bug 1084536SUSE bug 1086162SUSE bug 1087088SUSE bug 1087260SUSE bug 1088147SUSE bug 1088260SUSE bug 1089608SUSE bug 1089752SUSE bug 1089895SUSE bug 1090366SUSE bug 1090607SUSE bug 1091755CVE-2017-0861 at SUSECVE-2017-0861 at NVDCVE-2017-1000364 at SUSECVE-2017-1000364 at NVDCVE-2018-1000199 at SUSECVE-2018-1000199 at NVDCVE-2018-10087 at SUSECVE-2018-10087 at NVDCVE-2018-10124 at SUSECVE-2018-10124 at NVDCVE-2018-10675 at SUSECVE-2018-10675 at NVDCVE-2018-7566 at SUSECVE-2018-7566 at NVDCVE-2018-7757 at SUSECVE-2018-7757 at NVDCVE-2018-8822 at SUSECVE-2018-8822 at NVDCVE-2018-8897 at SUSECVE-2018-8897 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 for Teradata kernel was updated to receive one security and one bugfix.
The following security issue has been fixed:
- CVE-2018-3639: Information leaks using 'Memory Disambiguation' feature
in modern CPUs were mitigated, aka 'Spectre Variant 4' (bnc#1087082).
A new boot commandline option was introduced,
'spec_store_bypass_disable', which can have following values:
- auto: Kernel detects whether your CPU model contains an implementation
of Speculative Store Bypass and picks the most appropriate mitigation.
- on: disable Speculative Store Bypass
- off: enable Speculative Store Bypass
- prctl: Control Speculative Store Bypass per thread via
prctl. Speculative Store Bypass is enabled for a process by default. The
state of the control is inherited on fork.
- seccomp: Same as 'prctl' above, but all seccomp threads will disable
SSB unless they explicitly opt out.
The default is 'seccomp', meaning programs need explicit opt-in into the mitigation.
Status can be queried via the /sys/devices/system/cpu/vulnerabilities/spec_store_bypass file, containing:
- 'Vulnerable'
- 'Mitigation: Speculative Store Bypass disabled'
- 'Mitigation: Speculative Store Bypass disabled via prctl'
- 'Mitigation: Speculative Store Bypass disabled via prctl and seccomp'
Additionally, the following non-security issue has been fixed:
- x86/bugs: make intel_rds_mask() honor X86_FEATURE_SSBD
(bsc#1094019).
ImportantSUSE bug 1087082SUSE bug 1094019CVE-2018-3639 at SUSECVE-2018-3639 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-3639: Information leaks using 'Memory Disambiguation' feature
in modern CPUs were mitigated, aka 'Spectre Variant 4' (bnc#1087082).
A new boot commandline option was introduced,
'spec_store_bypass_disable', which can have following values:
- auto: Kernel detects whether your CPU model contains an implementation
of Speculative Store Bypass and picks the most appropriate mitigation.
- on: disable Speculative Store Bypass
- off: enable Speculative Store Bypass
- prctl: Control Speculative Store Bypass per thread via
prctl. Speculative Store Bypass is enabled for a process by default. The
state of the control is inherited on fork.
- seccomp: Same as 'prctl' above, but all seccomp threads will disable
SSB unless they explicitly opt out.
The default is 'seccomp', meaning programs need explicit opt-in into the mitigation.
Status can be queried via the /sys/devices/system/cpu/vulnerabilities/spec_store_bypass file, containing:
- 'Vulnerable'
- 'Mitigation: Speculative Store Bypass disabled'
- 'Mitigation: Speculative Store Bypass disabled via prctl'
- 'Mitigation: Speculative Store Bypass disabled via prctl and seccomp'
- CVE-2018-1000199: An address corruption flaw was discovered while
modifying a h/w breakpoint via 'modify_user_hw_breakpoint' routine, an
unprivileged user/process could use this flaw to crash the system kernel
resulting in DoS OR to potentially escalate privileges on a the system. (bsc#1089895)
- CVE-2018-10675: The do_get_mempolicy function in mm/mempolicy.c allowed
local users to cause a denial of service (use-after-free) or possibly
have unspecified other impact via crafted system calls (bnc#1091755).
- CVE-2017-5715: The retpoline mitigation for Spectre v2 has been enabled also for 32bit x86.
- CVE-2017-5753: Spectre v1 mitigations have been improved by the versions
merged from the upstream kernel.
The following non-security bugs were fixed:
- Update config files. Set CONFIG_RETPOLINE=y for i386.
- x86/espfix: Fix return stack in do_double_fault() (bsc#1085279).
- xen-netfront: fix req_prod check to avoid RX hang when index wraps (bsc#1046610).
ImportantSUSE bug 1046610SUSE bug 1085279SUSE bug 1087082SUSE bug 1089895SUSE bug 1091755SUSE bug 1092497SUSE bug 1094019CVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5753 at SUSECVE-2017-5753 at NVDCVE-2018-1000199 at SUSECVE-2018-1000199 at NVDCVE-2018-10675 at SUSECVE-2018-10675 at NVDCVE-2018-3639 at SUSECVE-2018-3639 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 for Teradata kernel was updated to receive various security and bugfixes.
The following security issue has been fixed:
- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX
registers) between processes. These registers might contain encryption keys
when doing SSE accelerated AES enc/decryption (bsc#1087086)
Additionally, the following non-security issues have been fixed:
- KVM: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure (bsc#1096242, bsc#1096281).
- Xen counterparts of eager FPU implementation.
- x86/boot: Fix early command-line parsing when partial word matches (bsc#1096140).
- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being disabled (bsc#1096140).
- x86: Fix /proc/mtrr with base/size more than 44bits (bnc#1095456).
ImportantSUSE bug 1087086SUSE bug 1095456SUSE bug 1096140SUSE bug 1096242SUSE bug 1096281CVE-2018-3665 at SUSECVE-2018-3665 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following non-security bugs were fixed:
- fix a leak in /proc/schedstats (bsc#1094876).
- mm: hugetlb: fix softlockup when a large number of hugepages are freed (bsc#1095887).
- perf, nmi: Fix unknown NMI warning (bsc#929142).++ kernel-source.spec (revision 4)Release: <RELEASE>.g06db3a5
- perf/x86/intel: Handle Broadwell family processors (bsc#1093183).
- sched/sysctl: Check user input value of sysctl_sched_time_avg (bsc#1100089).
- signals: avoid unnecessary taking of sighand->siglock (bsc#1096130).
- x64/entry: move ENABLE_IBRS after switching from trampoline stack (bsc#1098658).
- x86/fpu: fix signal handling with eager FPU switching (bsc#1100091).
- x86/traps: add missing kernel CR3 switch in bad_iret path (bsc#1098658).
- x86/traps: Fix bad_iret_stack in fixup_bad_iret() (bsc#1098658).
ModerateSUSE bug 1093183SUSE bug 1094876SUSE bug 1095887SUSE bug 1096130SUSE bug 1097948SUSE bug 1098658SUSE bug 1100089SUSE bug 1100091SUSE bug 929142cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-1000204: A malformed SG_IO ioctl issued for a SCSI device could lead to a local kernel information leak manifesting in up to approximately 1000 memory pages copied to the userspace. The problem has limited scope as non-privileged users usually have no permissions to access SCSI device files. (bnc#1096728).
- CVE-2018-3620: Local attackers on baremetal systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other hyperthreads on the same CPU core, potentially leaking sensitive data. (bnc#1087081).
- CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other hyperthreads on the same CPU core, potentially leaking sensitive data, even from other virtual machines or the host system. (bnc#1089343).
- CVE-2018-13053: The alarm_timer_nsleep function in kernel/time/alarmtimer.c had an integer overflow via a large relative timeout because ktime_add_safe is not used (bnc#1099924).
- CVE-2018-13406: An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used (bnc#1098016 1100418).
- CVE-2016-8405: An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. (bnc#1099942).
- CVE-2018-5814: Multiple race condition errors when handling probe, disconnect, and rebind operations could be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets (bnc#1096480).
- CVE-2018-12233: In the ea_get function in fs/jfs/xattr.c a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. A kmalloc call is incorrect, leading to slab-out-of-bounds in jfs_xattr (bnc#1097234).
- CVE-2017-13305: A information disclosure vulnerability was fixed in the kernel encrypted-keys. (bnc#1094353).
- CVE-2018-1130: A null pointer dereference in dccp_write_xmit() function in net/dccp/output.c was fixed in that allowed a local user to cause a denial of service by a number of certain crafted system calls (bnc#1092904).
- CVE-2018-1068: A flaw was found in the implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory (bnc#1085107).
- CVE-2018-5803: An error in the '_sctp_make_chunk()' function (net/sctp/sm_make_chunk.c) when handling SCTP packets length could be exploited to cause a kernel crash (bnc#1083900).
- CVE-2018-7492: A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function allowed local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST (bnc#1082962).
The following non-security bugs were fixed:
- cpu/hotplug: Add sysfs state interface (bsc#1089343).
- cpu/hotplug: Provide knobs to control SMT (bsc#1089343).
- cpu/hotplug: Provide knobs to control SMT (bsc#1089343).
- cpu/hotplug: Split do_cpu_down() (bsc#1089343).
- disable-prot_none_mitigation.patch: disable prot_none native mitigation (bnc#1104684)
- fix pgd underflow (bnc#1104475) custom walk_page_range rework was incorrect and could underflow pgd if the given range was below a first vma.
- slab: introduce kmalloc_array() (bsc#909361).
- x86/apic: Ignore secondary threads if nosmt=force (bsc#1089343).
- x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info (bsc#1089343).
- x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).
- x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).
- x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings (bsc#1089343).
- x86/cpu/AMD: Remove the pointless detect_ht() call (bsc#1089343).
- x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
- x86/cpu/intel: Evaluate smp_num_siblings early (bsc#1089343).
- x86/cpu: Remove the pointless CPU printout (bsc#1089343).
- x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).
- x86/smpboot: Do not use smp_num_siblings in __max_logical_packages calculation (bsc#1089343).
- x86/smp: Provide topology_is_primary_thread() (bsc#1089343).
- x86/topology: Add topology_max_smt_threads() (bsc#1089343).
- x86/topology: Provide topology_smt_supported() (bsc#1089343).
- xen/x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
- xen/x86/cpu: Remove the pointless CPU printout (bsc#1089343).
- xen/x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).
- x86/mm: Simplify p[g4um]d_page() macros (bnc#1087081, bnc#1104684).
ImportantSUSE bug 1082962SUSE bug 1083900SUSE bug 1085107SUSE bug 1087081SUSE bug 1089343SUSE bug 1092904SUSE bug 1094353SUSE bug 1096480SUSE bug 1096728SUSE bug 1097234SUSE bug 1098016SUSE bug 1099924SUSE bug 1099942SUSE bug 1100418SUSE bug 1104475SUSE bug 1104684SUSE bug 909361CVE-2016-8405 at SUSECVE-2016-8405 at NVDCVE-2017-13305 at SUSECVE-2017-13305 at NVDCVE-2018-1000204 at SUSECVE-2018-1000204 at NVDCVE-2018-1068 at SUSECVE-2018-1068 at NVDCVE-2018-1130 at SUSECVE-2018-1130 at NVDCVE-2018-12233 at SUSECVE-2018-12233 at NVDCVE-2018-13053 at SUSECVE-2018-13053 at NVDCVE-2018-13406 at SUSECVE-2018-13406 at NVDCVE-2018-3620 at SUSECVE-2018-3620 at NVDCVE-2018-3646 at SUSECVE-2018-3646 at NVDCVE-2018-5803 at SUSECVE-2018-5803 at NVDCVE-2018-5814 at SUSECVE-2018-5814 at NVDCVE-2018-7492 at SUSECVE-2018-7492 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2016-8405: An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. (bnc#1099942).
- CVE-2017-13305: A information disclosure vulnerability existed in the encrypted-keys handling. (bnc#1094353).
- CVE-2018-1000204: A malformed SG_IO ioctl issued for a SCSI device could lead to a local kernel information leak manifesting in up to approximately 1000 memory pages copied to the userspace. The problem has limited scope as non-privileged users usually have no permissions to access SCSI device files. (bnc#1096728).
- CVE-2018-1068: A flaw was found in the implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory (bnc#1085107).
- CVE-2018-1130: A null pointer dereference in dccp_write_xmit() function in net/dccp/output.c allowed a local user to cause a denial of service by a number of certain crafted system calls (bnc#1092904).
- CVE-2018-12233: In the ea_get function in fs/jfs/xattr.c a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. A kmalloc call is incorrect, leading to slab-out-of-bounds in jfs_xattr (bnc#1097234).
- CVE-2018-13053: The alarm_timer_nsleep function in kernel/time/alarmtimer.c had an integer overflow via a large relative timeout because ktime_add_safe is not used (bnc#1099924).
- CVE-2018-13406: An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c kernel could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used (bnc#1098016 1100418).
- CVE-2018-3620: Local attackers on baremetal systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other hyperthreads on the same CPU core, potentially leaking sensitive data. (bnc#1087081).
- CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other hyperthreads on the same CPU core, potentially leaking sensitive data, even from other virtual machines or the host system. (bnc#1089343).
- CVE-2018-5803: An error in the '_sctp_make_chunk()' function (net/sctp/sm_make_chunk.c) when handling SCTP packets length could be exploited to cause a kernel crash (bnc#1083900).
- CVE-2018-5814: Multiple race condition errors when handling probe, disconnect, and rebind operations could be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets (bnc#1096480).
- CVE-2018-7492: A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST (bnc#1082962).
The following non-security bugs were fixed:
- cpu/hotplug: Add sysfs state interface (bsc#1089343).
- cpu/hotplug: Provide knobs to control SMT (bsc#1089343).
- cpu/hotplug: Provide knobs to control SMT (bsc#1089343).
- cpu/hotplug: Split do_cpu_down() (bsc#1089343).
- disable-prot_none_mitigation.patch: disable prot_none native mitigation (bnc#1104684)
- fix pgd underflow (bnc#1104475) custom walk_page_range rework was incorrect and could underflow pgd if the given range was below a first vma.
- slab: introduce kmalloc_array() (bsc#909361).
- x86/apic: Ignore secondary threads if nosmt=force (bsc#1089343).
- x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info (bsc#1089343).
- x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).
- x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).
- x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings (bsc#1089343).
- x86/cpu/AMD: Remove the pointless detect_ht() call (bsc#1089343).
- x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
- x86/cpu/intel: Evaluate smp_num_siblings early (bsc#1089343).
- x86/cpu: Remove the pointless CPU printout (bsc#1089343).
- x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).
- x86/smpboot: Do not use smp_num_siblings in __max_logical_packages calculation (bsc#1089343).
- x86/smp: Provide topology_is_primary_thread() (bsc#1089343).
- x86/topology: Add topology_max_smt_threads() (bsc#1089343).
- x86/topology: Provide topology_smt_supported() (bsc#1089343).
- xen/x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
- xen/x86/cpu: Remove the pointless CPU printout (bsc#1089343).
- xen/x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).
- x86/mm: Simplify p[g4um]d_page() macros (bnc#1087081, bnc#1104684).
ImportantSUSE bug 1082962SUSE bug 1083900SUSE bug 1085107SUSE bug 1087081SUSE bug 1089343SUSE bug 1092904SUSE bug 1094353SUSE bug 1096480SUSE bug 1096728SUSE bug 1097234SUSE bug 1098016SUSE bug 1099924SUSE bug 1099942SUSE bug 1100418SUSE bug 1104475SUSE bug 1104684SUSE bug 909361CVE-2016-8405 at SUSECVE-2016-8405 at NVDCVE-2017-13305 at SUSECVE-2017-13305 at NVDCVE-2018-1000204 at SUSECVE-2018-1000204 at NVDCVE-2018-1068 at SUSECVE-2018-1068 at NVDCVE-2018-1130 at SUSECVE-2018-1130 at NVDCVE-2018-12233 at SUSECVE-2018-12233 at NVDCVE-2018-13053 at SUSECVE-2018-13053 at NVDCVE-2018-13406 at SUSECVE-2018-13406 at NVDCVE-2018-3620 at SUSECVE-2018-3620 at NVDCVE-2018-3646 at SUSECVE-2018-3646 at NVDCVE-2018-5803 at SUSECVE-2018-5803 at NVDCVE-2018-5814 at SUSECVE-2018-5814 at NVDCVE-2018-7492 at SUSECVE-2018-7492 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a
local attacker to exploit this vulnerability via a SUID-root binary and obtain
full root privileges (bsc#1108912).
- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local
attackers to use a incorrect bounds check in the CDROM driver
CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)
- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that
could have been used by local attackers to read kernel memory (bnc#1107689)
- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a
denial of service (ias_object use-after-free and system crash) or possibly have
unspecified other impact via an AF_IRDA socket (bnc#1106511)
- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed
local users to cause a denial of service (memory consumption) by repeatedly
binding an AF_IRDA socket (bnc#1106509)
- CVE-2018-15572: The spectre_v2_select_mitigation function did not always fill
RSB upon a context switch, which made it easier for attackers to conduct
userspace-userspace spectreRSB attacks (bnc#1102517)
- CVE-2018-10902: Protect against concurrent access to prevent double realloc
(double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A
malicious local attacker could have used this for privilege escalation
(bnc#1105322).
- CVE-2018-14734: ucma_leave_multicast accessed a certain data structure after
a cleanup step in ucma_process_join, which allowed attackers to cause a denial
of service (use-after-free) (bsc#1103119).
- CVE-2017-5754: Make indirect call speculation safe. (bsc#1068032)
- CVE-2017-5715: Convert entry assembler indirect jumps --ia32. (bsc#1068032)
Additionally, the following non-security issues have been fixed:
- x86/vdso: Fix vDSO build if a retpoline is emitted.
- kvm/vmx: fixes for vmentry_l1d_flush module parameter. (bsc#1106369)
- kvm/vmx: Work around kABI breakage in 'enum vmx_l1d_flush_state'. (bsc#1106369)
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit. (bsc#1087081)
- kabi/x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+. (bsc#1105536)
- xen/x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bsc#1105536).
- xen/x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM. (bsc#1105536)
- xen/x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit. (bsc#1087081)
- kabi/x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+. (bsc#1105536)
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+. (bsc#1105536)
- x86/speculation/l1tf: Suggest what to do on systems with too much RAM. (bsc#1105536)
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM. (bsc#1105536)
- xen/x86/l1tf: Protect PROT_NONE PTEs against speculation fixup. (bsc#1104684, bsc#1104818)
- x86/l1tf: Protect PROT_NONE PTEs against speculation fixup. (bsc#1104684, bsc#1104818)
- rpm/kernel-docs.spec.in: Make unpack scripts executable.
- rpm/kernel-docs.spec.in: Expand kernel tree directly from sources. (bsc#1057199)
ImportantSUSE bug 1012382SUSE bug 1057199SUSE bug 1068032SUSE bug 1087081SUSE bug 1092903SUSE bug 1102517SUSE bug 1103119SUSE bug 1104684SUSE bug 1104818SUSE bug 1105322SUSE bug 1105536SUSE bug 1106369SUSE bug 1106509SUSE bug 1106511SUSE bug 1107689SUSE bug 1108912CVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5754 at SUSECVE-2017-5754 at NVDCVE-2018-10902 at SUSECVE-2018-10902 at NVDCVE-2018-10940 at SUSECVE-2018-10940 at NVDCVE-2018-14634 at SUSECVE-2018-14634 at NVDCVE-2018-14734 at SUSECVE-2018-14734 at NVDCVE-2018-15572 at SUSECVE-2018-15572 at NVDCVE-2018-16658 at SUSECVE-2018-16658 at NVDCVE-2018-6554 at SUSECVE-2018-6554 at NVDCVE-2018-6555 at SUSECVE-2018-6555 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for kernel-source (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to fix bugs and
security issues.
The following security issues have been fixed:
- CVE-2018-14633: security flaw in iscsi target code (bsc#1107829)
- CVE-2018-18281: mremap: properly flush TLB before releasing the page (bsc#1113769)
- CVE-2018-18710: cdrom: fix improper type cast, which can lead to information leak (bsc#1113751)
- CVE-2018-18386: n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)
(bsc#1094825, bsc#1110711)
- CVE-2017-7273: HID: hid-cypress: validate length of report (bsc#1031240)
- CVE-2017-16533: HID: usbhid: fix out-of-bounds bug (bsc#1066674)
- CVE-2017-1000407: KVM: VMX: remove I/O port 0x80 bypass on Intel hosts (bsc#1071021)
- CVE-2018-9516: HID: debug: check length before copy_to_user() (bsc#1108498)
The following bugs have been fixed:
- st: null pointer dereference panic caused by use after kref_put by st_open (bsc#936875, bsc#1113201)
- retpoline: Introduce start/end markers of indirect thunk (bsc#1113337)
ImportantSUSE bug 1031240SUSE bug 1066674SUSE bug 1071021SUSE bug 1094825SUSE bug 1107829SUSE bug 1108498SUSE bug 1110711SUSE bug 1113201SUSE bug 1113337SUSE bug 1113751SUSE bug 1113769SUSE bug 936875CVE-2017-1000407 at SUSECVE-2017-1000407 at NVDCVE-2017-16533 at SUSECVE-2017-16533 at NVDCVE-2017-7273 at SUSECVE-2017-7273 at NVDCVE-2018-14633 at SUSECVE-2018-14633 at NVDCVE-2018-18281 at SUSECVE-2018-18281 at NVDCVE-2018-18386 at SUSECVE-2018-18386 at NVDCVE-2018-18710 at SUSECVE-2018-18710 at NVDCVE-2018-9516 at SUSECVE-2018-9516 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 12 SP3 kernel was updated to 3.0.101 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-9516: In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation (bnc#1108498).
- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).
- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).
- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).
- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation (bnc#1118319).
- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).
- CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused (bnc#1113769).
- CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).
- CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).
- CVE-2017-7273: The cp_report_fixup function in drivers/hid/hid-cypress.c allowed physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report (bnc#1031240).
- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).
- CVE-2017-1000407: Fixed a denial of service, which was caused by flooding the diagnostic port 0x80 an exception leading to a kernel panic (bnc#1071021).
The following non-security bugs were fixed:
- ALSA: pcm: Fix potential deadlock in OSS emulation (bsc#968018, bsc#1104366).
- cpusets, isolcpus: exclude isolcpus from load balancing in cpusets (bsc#1119255).
- Drivers: scsi: storvsc: Change the limits to reflect the values on the host (bug#1107189).
- drivers: scsi: storvsc: Correctly handle TEST_UNIT_READY failure (bug#1107189).
- Drivers: scsi: storvsc: Filter commands based on the storage protocol version (bug#1107189).
- Drivers: scsi: storvsc: Fix a bug in handling VMBUS protocol version (bug#1107189).
- Drivers: scsi: storvsc: Implement a eh_timed_out handler (bug#1107189).
- Drivers: scsi: storvsc: Set cmd_per_lun to reflect value supported by the Host (bug#1107189).
- drivers: scsi: storvsc: Set srb_flags in all cases (bug#1107189).
- EHCI: improved logic for isochronous scheduling (bsc#1117515).
- ipv4: remove the unnecessary variable in udp_mcast_next (bsc#1104070).
- KEYS: prevent creating a different user's keyrings (bnc#1094186).
- KVM: x86: Fix the duplicate failure path handling in vmx_init (bsc#1104367).
- MM: increase safety margin provided by PF_LESS_THROTTLE (bsc#1116412).
- MM/vmscan.c: avoid throttling reclaim for loop-back nfsd threads (bsc#1116412).
- net/ipv6/udp: Fix ipv6 multicast socket filter regression (bsc#1104070).
- NFS: avoid deadlocks with loop-back mounted NFS filesystems (bsc#1116412).
- NFS: avoid waiting at all in nfs_release_page when congested (bsc#1116412).
- NFS: Do not write enable new pages while an invalidation is proceeding (bsc#1116412).
- NFS: Fix a regression in the read() syscall (bsc#1116412).
- NFS: Fix races in nfs_revalidate_mapping (bsc#1116412).
- NFS: fix the handling of NFS_INO_INVALID_DATA flag in nfs_revalidate_mapping (bsc#1116412).
- NFS: Fix writeback performance issue on cache invalidation (bsc#1116412).
- reiserfs: do not preallocate blocks for extended attributes (bsc#990682).
- reiserfs: fix race in readdir (bsc#1039803).
- sched, isolcpu: make cpu_isolated_map visible outside scheduler (bsc#1119255).
- scsi: storvsc: Always send on the selected outgoing channel (bug#1107189).
- scsi: storvsc: Do not assume that the scatterlist is not chained (bug#1107189).
- scsi: storvsc: Fix a bug in copy_from_bounce_buffer() (bug#1107189).
- scsi: storvsc: Increase the ring buffer size (bug#1107189).
- scsi: storvsc: Size the queue depth based on the ringbuffer size (bug#1107189).
- storvsc: fix a bug in storvsc limits (bug#1107189).
- storvsc: force discovery of LUNs that may have been removed (bug#1107189).
- storvsc: get rid of overly verbose warning messages (bug#1107189).
- storvsc: in responce to a scan event, scan the host (bug#1107189).
- storvsc: Set the SRB flags correctly when no data transfer is needed (bug#1107189).
- udp: ipv4: Add udp early demux (bsc#1104070).
- udp: restore UDPlite many-cast delivery (bsc#1104070).
- udp: Simplify __udp*_lib_mcast_deliver (bsc#1104070).
- udp: Use hash2 for long hash1 chains in __udp*_lib_mcast_deliver (bsc#1104070).
- USB: EHCI: add new root-hub state: STOPPING (bsc#1117515).
- USB: EHCI: add pointer to end of async-unlink list (bsc#1117515).
- USB: EHCI: add symbolic constants for QHs (bsc#1117515).
- USB: EHCI: always scan each interrupt QH (bsc#1117515).
- USB: EHCI: do not lose events during a scan (bsc#1117515).
- USB: EHCI: do not refcount iso_stream structures (bsc#1117515).
- USB: EHCI: do not refcount QHs (bsc#1117515).
- USB: EHCI: fix initialization bug in iso_stream_schedule() (bsc#1117515).
- USB: EHCI: fix up locking (bsc#1117515).
- USB: EHCI: initialize data before resetting hardware (bsc#1117515).
- USB: EHCI: introduce high-res timer (bsc#1117515).
- USB: EHCI: remove PS3 status polling (bsc#1117515).
- USB: EHCI: remove unneeded suspend/resume code (bsc#1117515).
- USB: EHCI: rename 'reclaim' (bsc#1117515).
- USB: EHCI: resolve some unlikely races (bsc#1117515).
- USB: EHCI: return void instead of 0 (bsc#1117515).
- USB: EHCI: simplify isochronous scanning (bsc#1117515).
- USB: EHCI: unlink multiple async QHs together (bsc#1117515).
- USB: EHCI: use hrtimer for async schedule (bsc#1117515).
- USB: EHCI: use hrtimer for controller death (bsc#1117515).
- USB: EHCI: use hrtimer for interrupt QH unlink (bsc#1117515).
- USB: EHCI: use hrtimer for (s)iTD deallocation (bsc#1117515).
- USB: EHCI: use hrtimer for the IAA watchdog (bsc#1117515).
- USB: EHCI: use hrtimer for the I/O watchdog (bsc#1117515).
- USB: EHCI: use hrtimer for the periodic schedule (bsc#1117515).
- USB: EHCI: use hrtimer for unlinking empty async QHs (bsc#1117515).
- XFS: do not BUG() on mixed direct and mapped I/O (bsc#1114920).
- XFS: stop searching for free slots in an inode chunk when there are none (bsc#1115007).
- XFS: validate sb_logsunit is a multiple of the fs blocksize (bsc#1115038).
ImportantSUSE bug 1031240SUSE bug 1039803SUSE bug 1066674SUSE bug 1071021SUSE bug 1094186SUSE bug 1094825SUSE bug 1104070SUSE bug 1104366SUSE bug 1104367SUSE bug 1107189SUSE bug 1108498SUSE bug 1109200SUSE bug 1113201SUSE bug 1113751SUSE bug 1113769SUSE bug 1114920SUSE bug 1115007SUSE bug 1115038SUSE bug 1116412SUSE bug 1116841SUSE bug 1117515SUSE bug 1118152SUSE bug 1118319SUSE bug 1119255SUSE bug 1119714SUSE bug 1120743SUSE bug 905299SUSE bug 936875SUSE bug 968018SUSE bug 990682CVE-2017-1000407 at SUSECVE-2017-1000407 at NVDCVE-2017-16533 at SUSECVE-2017-16533 at NVDCVE-2017-7273 at SUSECVE-2017-7273 at NVDCVE-2018-18281 at SUSECVE-2018-18281 at NVDCVE-2018-18386 at SUSECVE-2018-18386 at NVDCVE-2018-18710 at SUSECVE-2018-18710 at NVDCVE-2018-19407 at SUSECVE-2018-19407 at NVDCVE-2018-19824 at SUSECVE-2018-19824 at NVDCVE-2018-19985 at SUSECVE-2018-19985 at NVDCVE-2018-20169 at SUSECVE-2018-20169 at NVDCVE-2018-9516 at SUSECVE-2018-9516 at NVDCVE-2018-9568 at SUSECVE-2018-9568 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security and bugfixes.
Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)
- CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)
- CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)
- CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)
- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
This kernel update contains software mitigations for these issues, which also utilize CPU microcode updates shipped in parallel.
For more information on this set of information leaks, check out https://www.suse.com/support/kb/doc/?id=7023736
The following security bugs were fixed:
- CVE-2013-0216: The Xen netback functionality allowed guest OS users to cause a denial of service (loop) by triggering ring pointer corruption (bnc#800280).
- CVE-2012-3430: The rds_recvmsg function in net/rds/recv.c did not initialize a certain structure member, which allowed local users to obtain potentially sensitive information from kernel stack memory via a recvfrom or recvmsg system call on an RDS socket (bnc#773383).
- CVE-2012-3412: The sfc (aka Solarflare Solarstorm) driver allowed remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value (bnc#774523).
- CVE-2004-0230: TCP, when using a large Window Size, made it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP (bnc#969340).
- CVE-2013-0160: The kernel allowed local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device (bnc#797175).
- CVE-2013-1979: The scm_set_cred function in include/net/scm.h uses incorrect uid and gid values during credentials passing, which allowed local users to gain privileges via a crafted application (bnc#816708).
- CVE-2017-14489: The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c allowed local users to cause a denial of service (panic) by leveraging incorrect length validation (bnc#1059051).
- CVE-2017-18360: In change_port_settings in drivers/usb/serial/io_ti.c a local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates (bnc#1123706).
- CVE-2015-3331: The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c did not properly determine the memory locations used for encrypted data, which allowed context-dependent attackers to cause a denial of service (buffer overflow and system crash) or possibly execute arbitrary code by triggering a crypto API call, as demonstrated by use of a libkcapi test program with an AF_ALG(aead) socket (bnc#927257).
- CVE-2014-9922: The eCryptfs subsystem allowed local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c (bnc#1032340).
- CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831).
- CVE-2018-15594: arch/x86/kernel/paravirt.c mishandled certain indirect calls, which made it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests (bnc#1105348).
- CVE-2016-10741: fs/xfs/xfs_aops.c allowed local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure (bnc#1124010).
- CVE-2014-3611: Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem allowed guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation (bnc#899192).
- CVE-2019-9213: The expand_downwards function in mm/mmap.c lacks a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bnc#1128166).
- CVE-2019-7222: The KVM implementation in has an Information Leak (bnc#1124735).
- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).
- CVE-2018-19985: The function hso_get_config_data in drivers/net/usb/hso.c reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allowed arbitrary read in the kernel address space (bnc#1120743).
- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).
- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).
- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).
The following non-security bugs were fixed:
- copy_mount_string: Limit string length to PATH_MAX (bsc#1082943).
- cpu/speculation: Add 'mitigations=' cmdline option (bsc#1112178).
- lib: add 'on'/'off' support to strtobool (bsc#1125931).
- sched/core: Optimize SCHED_SMT (bsc#1111331).
- sched/smt: Expose sched_smt_present static key (bsc#1111331).
- sched/smt: Make sched_smt_present track topology (bsc#1111331).
- sched/smt: Update sched_smt_present at runtime (bsc#1111331).
- x86, kvm: Remove incorrect redundant assembly constraint (bnc#931850).
- x86/cpu: Sanitize FAM6_ATOM naming (bsc#1111331).
- x86/kvm/vmx: Add MDS protection when L1D Flush is not active (bsc#1111331).
- x86/speculation/mds: Add 'mitigations=' support for MDS (bsc#1111331).
- x86/speculation/mds: Add BUG_MSBDS_ONLY (bsc#1111331).
- x86/speculation/mds: Add SMT warning message (bsc#1111331).
- x86/speculation/mds: Add basic bug infrastructure for MDS (bsc#1111331).
- x86/speculation/mds: Add mds=full,nosmt cmdline option (bsc#1111331).
- x86/speculation/mds: Add mds_clear_cpu_buffers() (bsc#1111331).
- x86/speculation/mds: Add mitigation control for MDS (bsc#1111331).
- x86/speculation/mds: Add mitigation mode VMWERV (bsc#1111331).
- x86/speculation/mds: Add sysfs reporting for MDS (bsc#1111331).
- x86/speculation/mds: Clear CPU buffers on exit to user (bsc#1111331).
- x86/speculation/mds: Conditionally clear CPU buffers on idle entry (bsc#1111331).
- x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (bsc#1111331).
- x86/speculation: Consolidate CPU whitelists (bsc#1111331).
- x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1111331).
- x86/speculation: Move arch_smt_update() call to after mitigation decisions (bsc#1111331).
- x86/speculation: Rework SMT state change (bsc#1111331).
- x86/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
- x86/mce: Handle 'nosmt' offlining properly (bsc#1134729).
- x86/mce/intel: Cleanup CMCI storm logic (bsc#929141).
ImportantSUSE bug 1008831SUSE bug 1032340SUSE bug 1059051SUSE bug 1082943SUSE bug 1103186SUSE bug 1105348SUSE bug 1111331SUSE bug 1112178SUSE bug 1116841SUSE bug 1118152SUSE bug 1118319SUSE bug 1119714SUSE bug 1120743SUSE bug 1123706SUSE bug 1124010SUSE bug 1124735SUSE bug 1125931SUSE bug 1128166SUSE bug 1134729SUSE bug 773383SUSE bug 774523SUSE bug 797175SUSE bug 800280SUSE bug 816708SUSE bug 899192SUSE bug 927257SUSE bug 929141SUSE bug 931850SUSE bug 969340SUSE bug 989152CVE-2004-0230 at SUSECVE-2004-0230 at NVDCVE-2012-3412 at SUSECVE-2012-3412 at NVDCVE-2012-3430 at SUSECVE-2012-3430 at NVDCVE-2013-0160 at SUSECVE-2013-0160 at NVDCVE-2013-0216 at SUSECVE-2013-0216 at NVDCVE-2013-1979 at SUSECVE-2013-1979 at NVDCVE-2014-3611 at SUSECVE-2014-3611 at NVDCVE-2014-9922 at SUSECVE-2014-9922 at NVDCVE-2015-3331 at SUSECVE-2015-3331 at NVDCVE-2016-10741 at SUSECVE-2016-10741 at NVDCVE-2016-8632 at SUSECVE-2016-8632 at NVDCVE-2017-14489 at SUSECVE-2017-14489 at NVDCVE-2017-18360 at SUSECVE-2017-18360 at NVDCVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2018-15594 at SUSECVE-2018-15594 at NVDCVE-2018-19407 at SUSECVE-2018-19407 at NVDCVE-2018-19824 at SUSECVE-2018-19824 at NVDCVE-2018-19985 at SUSECVE-2018-19985 at NVDCVE-2018-20169 at SUSECVE-2018-20169 at NVDCVE-2018-9568 at SUSECVE-2018-9568 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDCVE-2019-7222 at SUSECVE-2019-7222 at NVDCVE-2019-9213 at SUSECVE-2019-9213 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Optional update for Linux kernelSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This SUSE Linux Enterprise 11 Service Pack 3 kernel update introduces the
bigsmp kernel flavor which is optimized for very large systems.
(FATE#317271)
SUSE bug 767610SUSE bug 786450SUSE bug 792271SUSE bug 821619SUSE bug 832710SUSE bug 837563SUSE bug 840524SUSE bug 846404SUSE bug 846690SUSE bug 847652SUSE bug 850915SUSE bug 851426SUSE bug 851603SUSE bug 852553SUSE bug 855126SUSE bug 857926SUSE bug 858869SUSE bug 858870SUSE bug 858872SUSE bug 859840SUSE bug 861636SUSE bug 861980SUSE bug 862429SUSE bug 862934SUSE bug 863300SUSE bug 863335SUSE bug 863410SUSE bug 863873SUSE bug 864404SUSE bug 864464SUSE bug 865310SUSE bug 865330SUSE bug 865882SUSE bug 866081SUSE bug 866102SUSE bug 866615SUSE bug 866800SUSE bug 866864SUSE bug 867362SUSE bug 867517SUSE bug 867531SUSE bug 867723SUSE bug 867953SUSE bug 868488SUSE bug 868528SUSE bug 868653SUSE bug 868748SUSE bug 869033SUSE bug 869414SUSE bug 869563SUSE bug 869934SUSE bug 870173SUSE bug 870335SUSE bug 870450SUSE bug 870496SUSE bug 870498SUSE bug 870576SUSE bug 870591SUSE bug 870618SUSE bug 870877SUSE bug 870958SUSE bug 871561SUSE bug 871634SUSE bug 871676SUSE bug 871728SUSE bug 871854SUSE bug 871861SUSE bug 871899SUSE bug 872188SUSE bug 872540SUSE bug 872634SUSE bug 873061SUSE bug 873374SUSE bug 873463SUSE bug 874108SUSE bug 874145SUSE bug 874440SUSE bug 874577SUSE bug 875386SUSE bug 876102SUSE bug 876114SUSE bug 876176SUSE bug 876463SUSE bug 877013SUSE bug 877257SUSE bug 877497SUSE bug 877775SUSE bug 878115SUSE bug 878123SUSE bug 878274SUSE bug 878407SUSE bug 878509SUSE bug 879921SUSE bug 879957SUSE bug 880007SUSE bug 880357SUSE bug 880437SUSE bug 880484SUSE bug 881571SUSE bug 881761SUSE bug 881939SUSE bug 882324SUSE bug 883380SUSE bug 883795CVE-2012-2372 at SUSECVE-2012-2372 at NVDCVE-2013-2929 at SUSECVE-2013-2929 at NVDCVE-2013-4299 at SUSECVE-2013-4299 at NVDCVE-2013-4579 at SUSECVE-2013-4579 at NVDCVE-2013-6382 at SUSECVE-2013-6382 at NVDCVE-2013-7339 at SUSECVE-2013-7339 at NVDCVE-2014-0055 at SUSECVE-2014-0055 at NVDCVE-2014-0077 at SUSECVE-2014-0077 at NVDCVE-2014-0101 at SUSECVE-2014-0101 at NVDCVE-2014-0131 at SUSECVE-2014-0131 at NVDCVE-2014-0155 at SUSECVE-2014-0155 at NVDCVE-2014-1444 at SUSECVE-2014-1444 at NVDCVE-2014-1445 at SUSECVE-2014-1445 at NVDCVE-2014-1446 at SUSECVE-2014-1446 at NVDCVE-2014-1874 at SUSECVE-2014-1874 at NVDCVE-2014-2309 at SUSECVE-2014-2309 at NVDCVE-2014-2523 at SUSECVE-2014-2523 at NVDCVE-2014-2678 at SUSECVE-2014-2678 at NVDCVE-2014-2851 at SUSECVE-2014-2851 at NVDCVE-2014-3122 at SUSECVE-2014-3122 at NVDCVE-2014-3144 at SUSECVE-2014-3144 at NVDCVE-2014-3145 at SUSECVE-2014-3145 at NVDCVE-2014-3917 at SUSECVE-2014-3917 at NVDCVE-2014-4652 at SUSECVE-2014-4652 at NVDCVE-2014-4653 at SUSECVE-2014-4653 at NVDCVE-2014-4654 at SUSECVE-2014-4654 at NVDCVE-2014-4655 at SUSECVE-2014-4655 at NVDCVE-2014-4656 at SUSECVE-2014-4656 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for Linux kernelSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix
various bugs and security issues.
The following security bugs have been fixed:
*
CVE-2014-1739: The media_device_enum_entities function in
drivers/media/media-device.c in the Linux kernel before 3.14.6 does
not initialize a certain data structure, which allows local users to
obtain sensitive information from kernel memory by leveraging
/dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call
(bnc#882804).
*
CVE-2014-4171: mm/shmem.c in the Linux kernel through 3.15.1 does not
properly implement the interaction between range notification and
hole punching, which allows local users to cause a denial of service
(i_mutex hold) by using the mmap system call to access a hole, as
demonstrated by interfering with intended shmem activity by blocking
completion of (1) an MADV_REMOVE madvise call or (2) an
FALLOC_FL_PUNCH_HOLE fallocate call (bnc#883518).
*
CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel through
3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and
the sep CPU feature flag is set, allows local users to cause a denial
of service (OOPS and system crash) via an invalid syscall number, as
demonstrated by number 1000 (bnc#883724).
*
CVE-2014-4667: The sctp_association_free function in
net/sctp/associola.c in the Linux kernel before 3.15.2 does not
properly manage a certain backlog value, which allows remote
attackers to cause a denial of service (socket outage) via a crafted
SCTP packet (bnc#885422).
*
CVE-2014-4943: The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the
Linux kernel through 3.15.6 allows local users to gain privileges by
leveraging data-structure differences between an l2tp socket and an
inet socket (bnc#887082).
*
CVE-2014-5077: The sctp_assoc_update function in net/sctp/associola.c
in the Linux kernel through 3.15.8, when SCTP authentication is
enabled, allows remote attackers to cause a denial of service (NULL
pointer dereference and OOPS) by starting to establish an association
between two endpoints immediately after an exchange of INIT and INIT
ACK chunks to establish an earlier association between these
endpoints in the opposite direction (bnc#889173).
*
CVE-2014-5471: Stack consumption vulnerability in the
parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the
Linux kernel through 3.16.1 allows local users to cause a denial of
service (uncontrolled recursion, and system crash or reboot) via a
crafted iso9660 image with a CL entry referring to a directory entry
that has a CL entry. (bnc#892490)
*
CVE-2014-5472: The parse_rock_ridge_inode_internal function in
fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users
to cause a denial of service (unkillable mount process) via a crafted
iso9660 image with a self-referential CL entry. (bnc#892490)
*
CVE-2014-2706: Race condition in the mac80211 subsystem in the Linux
kernel before 3.13.7 allows remote attackers to cause a denial of
service (system crash) via network traffic that improperly interacts
with the WLAN_STA_PS_STA state (aka power-save mode), related to
sta_info.c and tx.c. (bnc#871797)
*
CVE-2014-4027: The rd_build_device_space function in
drivers/target/target_core_rd.c in the Linux kernel before 3.14 does
not properly initialize a certain data structure, which allows local
users to obtain sensitive information from ramdisk_mcp memory by
leveraging access to a SCSI initiator. (bnc#882639)
*
CVE-2014-3153 The futex_requeue function in kernel/futex.c in the
Linux kernel through 3.14.5 does not ensure that calls have two
different futex addresses, which allows local users to gain
privileges via a crafted FUTEX_REQUEUE command that facilitates
unsafe waiter modification. (bnc#880892)
*
CVE-2014-6410: Avoid infinite loop when processing indirect ICBs
(bnc#896689)
The following non-security bugs have been fixed:
* ACPI / PAD: call schedule() when need_resched() is true (bnc#866911).
* ACPI: Fix bug when ACPI reset register is implemented in system
memory (bnc#882900).
* ACPI: Limit access to custom_method (bnc#884333).
* ALSA: hda - Enabling Realtek ALC 671 codec (bnc#891746).
* Add option to automatically enforce module signatures when in Secure
Boot mode (bnc#884333).
* Add secure_modules() call (bnc#884333).
* Add wait_on_atomic_t() and wake_up_atomic_t() (bnc#880344).
* Backported new patches of Lock down functions for UEFI secure boot
Also updated series.conf and removed old patches.
* Btrfs: Return EXDEV for cross file system snapshot.
* Btrfs: abort the transaction when we does not find our extent ref.
* Btrfs: avoid warning bomb of btrfs_invalidate_inodes.
* Btrfs: cancel scrub on transaction abortion.
* Btrfs: correctly set profile flags on seqlock retry.
* Btrfs: does not check nodes for extent items.
* Btrfs: fix a possible deadlock between scrub and transaction
committing.
* Btrfs: fix corruption after write/fsync failure + fsync + log
recovery (bnc#894200).
* Btrfs: fix csum tree corruption, duplicate and outdated checksums
(bnc#891619).
* Btrfs: fix double free in find_lock_delalloc_range.
* Btrfs: fix possible memory leak in btrfs_create_tree().
* Btrfs: fix use of uninit 'ret' in end_extent_writepage().
* Btrfs: free delayed node outside of root->inode_lock (bnc#866864).
* Btrfs: make DEV_INFO ioctl available to anyone.
* Btrfs: make FS_INFO ioctl available to anyone.
* Btrfs: make device scan less noisy.
* Btrfs: make sure there are not any read requests before stopping
workers.
* Btrfs: more efficient io tree navigation on wait_extent_bit.
* Btrfs: output warning instead of error when loading free space cache
failed.
* Btrfs: retrieve more info from FS_INFO ioctl.
* Btrfs: return EPERM when deleting a default subvolume (bnc#869934).
* Btrfs: unset DCACHE_DISCONNECTED when mounting default subvol
(bnc#866615).
* Btrfs: use right type to get real comparison.
* Btrfs: wake up @scrub_pause_wait as much as we can.
* Btrfs: wake up transaction thread upon remount.
* CacheFiles: Add missing retrieval completions (bnc#880344).
* CacheFiles: Does not try to dump the index key if the cookie has been
cleared (bnc#880344).
* CacheFiles: Downgrade the requirements passed to the allocator
(bnc#880344).
* CacheFiles: Fix the marking of cached pages (bnc#880344).
* CacheFiles: Implement invalidation (bnc#880344).
* CacheFiles: Make some debugging statements conditional (bnc#880344).
* Drivers: hv: util: Fix a bug in the KVP code (bnc#886840).
* Drivers: hv: vmbus: Fix a bug in the channel callback dispatch code
(bnc#886840).
* FS-Cache: Add transition to handle invalidate immediately after
lookup (bnc#880344).
* FS-Cache: Check that there are no read ops when cookie relinquished
(bnc#880344).
* FS-Cache: Clear remaining page count on retrieval cancellation
(bnc#880344).
* FS-Cache: Convert the object event ID #defines into an enum
(bnc#880344).
* FS-Cache: Does not sleep in page release if __GFP_FS is not set
(bnc#880344).
* FS-Cache: Does not use spin_is_locked() in assertions (bnc#880344).
* FS-Cache: Exclusive op submission can BUG if there is been an I/O
error (bnc#880344).
* FS-Cache: Fix __wait_on_atomic_t() to call the action func if the
counter != 0 (bnc#880344).
* FS-Cache: Fix object state machine to have separate work and wait
states (bnc#880344).
* FS-Cache: Fix operation state management and accounting (bnc#880344).
* FS-Cache: Fix signal handling during waits (bnc#880344).
* FS-Cache: Initialise the object event mask with the calculated mask
(bnc#880344).
* FS-Cache: Limit the number of I/O error reports for a cache
(bnc#880344).
* FS-Cache: Make cookie relinquishment wait for outstanding reads
(bnc#880344).
* FS-Cache: Mark cancellation of in-progress operation (bnc#880344).
* FS-Cache: One of the write operation paths doeses not set the object
state (bnc#880344).
* FS-Cache: Provide proper invalidation (bnc#880344).
* FS-Cache: Simplify cookie retention for fscache_objects, fixing oops
(bnc#880344).
* FS-Cache: The retrieval remaining-pages counter needs to be atomic_t
(bnc#880344).
* FS-Cache: Uninline fscache_object_init() (bnc#880344).
* FS-Cache: Wrap checks on object state (bnc#880344).
* HID: usbhid: add always-poll quirk (bnc#888607).
* HID: usbhid: enable always-poll quirk for Elan Touchscreen
(bnc#888607).
* IB/iser: Add TIMEWAIT_EXIT event handling (bnc#890297).
* Ignore 'flags' change to event_constraint (bnc#876114).
* Ignore data_src/weight changes to perf_sample_data (bnc#876114).
* NFS: Allow more operations in an NFSv4.1 request (bnc#890513).
* NFS: Clean up helper function nfs4_select_rw_stateid() (bnc#888968).
* NFS: Does not copy read delegation stateids in setattr (bnc#888968).
* NFS: Does not use a delegation to open a file when returning that
delegation (bnc#888968, bnc#892200, bnc#893596, bnc#893496)
* NFS: Fixes for NFS RCU-walk support in line with code going upstream
* NFS: Use FS-Cache invalidation (bnc#880344).
* NFS: allow lockless access to access_cache (bnc#866130).
* NFS: avoid mountpoint being displayed as ' (deleted)' in /proc/mounts
(bnc#888591).
* NFS: nfs4_do_open should add negative results to the dcache
(bnc#866130).
* NFS: nfs_migrate_page() does not wait for FS-Cache to finish with a
page (bnc#880344).
* NFS: nfs_open_revalidate: only evaluate parent if it will be used
(bnc#866130).
* NFS: prepare for RCU-walk support but pushing tests later in code
(bnc#866130).
* NFS: support RCU_WALK in nfs_permission() (bnc#866130).
* NFS: teach nfs_lookup_verify_inode to handle LOOKUP_RCU (bnc#866130).
* NFS: teach nfs_neg_need_reval to understand LOOKUP_RCU (bnc#866130).
* NFSD: Does not hand out delegations for 30 seconds after recalling
them (bnc#880370).
* NFSv4 set open access operation call flag in nfs4_init_opendata_res
(bnc#888968, bnc#892200, bnc#893596, bnc#893496).
* NFSv4: Add a helper for encoding opaque data (bnc#888968).
* NFSv4: Add a helper for encoding stateids (bnc#888968).
* NFSv4: Add helpers for basic copying of stateids (bnc#888968).
* NFSv4: Clean up nfs4_select_rw_stateid() (bnc#888968).
* NFSv4: Fix the return value of nfs4_select_rw_stateid (bnc#888968).
* NFSv4: Rename nfs4_copy_stateid() (bnc#888968).
* NFSv4: Resend the READ/WRITE RPC call if a stateid change causes an
error (bnc#888968).
* NFSv4: Simplify the struct nfs4_stateid (bnc#888968).
* NFSv4: The stateid must remain the same for replayed RPC calls
(bnc#888968).
* NFSv4: nfs4_stateid_is_current should return 'true' for an invalid
stateid (bnc#888968).
* One more fix for kABI breakage.
* PCI: Lock down BAR access when module security is enabled
(bnc#884333).
* PCI: enable MPS 'performance' setting to properly handle bridge MPS
(bnc#883376).
* PM / Hibernate: Add memory_rtree_find_bit function (bnc#860441).
* PM / Hibernate: Create a Radix-Tree to store memory bitmap
(bnc#860441).
* PM / Hibernate: Implement position keeping in radix tree
(bnc#860441).
* PM / Hibernate: Iterate over set bits instead of PFNs in
swsusp_free() (bnc#860441).
* PM / Hibernate: Remove the old memory-bitmap implementation
(bnc#860441).
* PM / Hibernate: Touch Soft Lockup Watchdog in rtree_next_node
(bnc#860441).
* Restrict /dev/mem and /dev/kmem when module loading is restricted
(bnc#884333).
* Reuse existing 'state' field to indicate PERF_X86_EVENT_PEBS_LDLAT
(bnc#876114).
* USB: handle LPM errors during device suspend correctly (bnc#849123).
* Update kabi files to reflect fscache change (bnc#880344)
* Update x86_64 config files: re-enable SENSORS_W83627EHF (bnc#891281)
* VFS: Make more complete truncate operation available to CacheFiles
(bnc#880344).
* [FEAT NET1222] ib_uverbs: Allow explicit mmio trigger (FATE#83366,
ltc#83367).
* acpi: Ignore acpi_rsdp kernel parameter when module loading is
restricted (bnc#884333).
* af_iucv: correct cleanup if listen backlog is full (bnc#885262,
LTC#111728).
* asus-wmi: Restrict debugfs interface when module loading is
restricted (bnc#884333).
* autofs4: allow RCU-walk to walk through autofs4 (bnc#866130).
* autofs4: avoid taking fs_lock during rcu-walk (bnc#866130).
* autofs4: does not take spinlock when not needed in
autofs4_lookup_expiring (bnc#866130).
* autofs4: factor should_expire() out of autofs4_expire_indirect
(bnc#866130).
* autofs4: make 'autofs4_can_expire' idempotent (bnc#866130).
* autofs4: remove a redundant assignment (bnc#866130).
* autofs: fix lockref lookup (bnc#888591).
* be2net: add dma_mapping_error() check for dma_map_page()
(bnc#881759).
* block: add cond_resched() to potentially long running ioctl discard
loop (bnc#884725).
* block: fix race between request completion and timeout handling
(bnc#881051).
* cdc-ether: clean packet filter upon probe (bnc#876017).
* cpuset: Fix memory allocator deadlock (bnc#876590).
* crypto: Allow CRYPTO_FIPS without MODULE_SIGNATURES. Not all archs
have them, but some are FIPS certified, with some kernel support.
* crypto: fips - only panic on bad/missing crypto mod signatures
(bnc#887503).
* crypto: testmgr - allow aesni-intel and ghash_clmulni-intel in fips
mode (bnc#889451).
* dasd: validate request size before building CCW/TCW (bnc#891087,
LTC#114068).
* dm mpath: fix race condition between multipath_dtr and pg_init_done
(bnc#826486).
* dm-mpath: fix panic on deleting sg device (bnc#870161).
* drm/ast: AST2000 cannot be detected correctly (bnc#895983).
* drm/ast: Actually load DP501 firmware when required (bnc#895608
bnc#871134).
* drm/ast: Add missing entry to dclk_table[].
* drm/ast: Add reduced non reduced mode parsing for wide screen mode
(bnc#892723).
* drm/ast: initial DP501 support (v0.2) (bnc#871134).
* drm/ast: open key before detect chips (bnc#895983).
* drm/i915: Fix up cpt pixel multiplier enable sequence (bnc#879304).
* drm/i915: Only apply DPMS to the encoder if enabled (bnc#893064).
* drm/i915: clear the FPGA_DBG_RM_NOCLAIM bit at driver init
(bnc#869055).
* drm/i915: create functions for the 'unclaimed register' checks
(bnc#869055).
* drm/i915: use FPGA_DBG for the 'unclaimed register' checks
(bnc#869055).
* drm/mgag200: Initialize data needed to map fbdev memory (bnc
#806990).
* e1000e: enable support for new device IDs (bnc#885509).
* fs/fscache: remove spin_lock() from the condition in while()
(bnc#880344).
* hibernate: Disable in a signed modules environment (bnc#884333).
* hugetlb: does not use ERR_PTR with VM_FAULT* values
* ibmvscsi: Abort init sequence during error recovery (bnc#885382).
* ibmvscsi: Add memory barriers for send / receive (bnc#885382).
* inet: add a redirect generation id in inetpeer (bnc#860593).
* inetpeer: initialize ->redirect_genid in inet_getpeer() (bnc#860593).
* ipv6: tcp: fix tcp_v6_conn_request() (bnc#887645).
* kabi: hide bnc#860593 changes of struct inetpeer_addr_base
(bnc#860593).
* kernel: 3215 tty hang (bnc#891087, LTC#114562).
* kernel: fix data corruption when reading /proc/sysinfo (bnc#891087,
LTC#114480).
* kernel: fix kernel oops with load of fpc register (bnc#889061,
LTC#113596).
* kernel: sclp console tty reference counting (bnc#891087, LTC#115466).
* kexec: Disable at runtime if the kernel enforces module loading
restrictions (bnc#884333).
* md/raid6: avoid data corruption during recovery of double-degraded
RAID6.
* memcg, vmscan: Fix forced scan of anonymous pages (memory reclaim
fix).
* memcg: do not expose uninitialized mem_cgroup_per_node to world
(bnc#883096).
* mm, hugetlb: add VM_NORESERVE check in vma_has_reserves()
* mm, hugetlb: change variable name reservations to resv
* mm, hugetlb: decrement reserve count if VM_NORESERVE alloc page cache
* mm, hugetlb: defer freeing pages when gathering surplus pages
* mm, hugetlb: do not use a page in page cache for cow optimization
* mm, hugetlb: fix and clean-up node iteration code to alloc or free
* mm, hugetlb: fix race in region tracking
* mm, hugetlb: fix subpool accounting handling
* mm, hugetlb: improve page-fault scalability
* mm, hugetlb: improve, cleanup resv_map parameters
* mm, hugetlb: move up the code which check availability of free huge
page
* mm, hugetlb: protect reserved pages when soft offlining a hugepage
* mm, hugetlb: remove decrement_hugepage_resv_vma()
* mm, hugetlb: remove redundant list_empty check in
gather_surplus_pages()
* mm, hugetlb: remove resv_map_put
* mm, hugetlb: remove useless check about mapping type
* mm, hugetlb: return a reserved page to a reserved pool if failed
* mm, hugetlb: trivial commenting fix
* mm, hugetlb: unify region structure handling
* mm, hugetlb: unify region structure handling kabi
* mm, hugetlb: use long vars instead of int in region_count() (Hugetlb
Fault Scalability).
* mm, hugetlb: use vma_resv_map() map types
* mm, oom: fix badness score underflow (bnc#884582, bnc#884767).
* mm, oom: normalize oom scores to oom_score_adj scale only for
userspace (bnc#884582, bnc#884767).
* mm, thp: do not allow thp faults to avoid cpuset restrictions
(bnc#888849).
* net/mlx4_core: Load higher level modules according to ports type
(bnc#887680).
* net/mlx4_core: Load the IB driver when the device supports IBoE
(bnc#887680).
* net/mlx4_en: Fix a race between napi poll function and RX ring
cleanup (bnc#863586).
* net/mlx4_en: Fix selftest failing on non 10G link speed (bnc#888058).
* net: fix checksumming features handling in output path (bnc#891259).
* pagecache_limit: batch large nr_to_scan targets (bnc#895221).
* pagecachelimit: reduce lru_lock congestion for heavy parallel reclaim
fix (bnc#895680).
* perf/core: Add weighted samples (bnc#876114).
* perf/x86: Add flags to event constraints (bnc#876114).
* perf/x86: Add memory profiling via PEBS Load Latency (bnc#876114).
* perf: Add generic memory sampling interface (bnc#876114).
* qla2xxx: Avoid escalating the SCSI error handler if the command is
not found in firmware (bnc#859840).
* qla2xxx: Clear loop_id for ports that are marked lost during fabric
scanning (bnc#859840).
* qla2xxx: Does not check for firmware hung during the reset context
for ISP82XX (bnc#859840).
* qla2xxx: Issue abort command for outstanding commands during cleanup
when only firmware is alive (bnc#859840).
* qla2xxx: Reduce the time we wait for a command to complete during
SCSI error handling (bnc#859840).
* qla2xxx: Set host can_queue value based on available resources
(bnc#859840).
* restore smp_mb() in unlock_new_inode() (bnc#890526).
* s390/pci: introduce lazy IOTLB flushing for DMA unmap (bnc#889061,
LTC#113725).
* sched: fix the theoretical signal_wake_up() vs schedule() race
(bnc#876055).
* sclp_vt220: Enable integrated ASCII console per default (bnc#885262,
LTC#112035).
* scsi_dh: use missing accessor 'scsi_device_from_queue' (bnc#889614).
* scsi_transport_fc: Cap dev_loss_tmo by fast_io_fail (bnc#887608).
* scsiback: correct grant page unmapping.
* scsiback: fix retry handling in __report_luns().
* scsiback: free resources after error.
* sunrpc/auth: allow lockless (rcu) lookup of credential cache
(bnc#866130).
* supported.conf: remove external from drivers/net/veth (bnc#889727)
* supported.conf: support net/sched/act_police.ko (bnc#890426)
* tcp: adapt selected parts of RFC 5682 and PRR logic (bnc#879921).
* tg3: Change nvram command timeout value to 50ms (bnc#855657).
* tg3: Override clock, link aware and link idle mode during NVRAM dump
(bnc#855657).
* tg3: Set the MAC clock to the fastest speed during boot code load
(bnc#855657).
* usb: Does not enable LPM if the exit latency is zero (bnc#832309).
* usbcore: Does not log on consecutive debounce failures of the same
port (bnc#888105).
* usbhid: fix PIXART optical mouse (bnc#888607).
* uswsusp: Disable when module loading is restricted (bnc#884333).
* vscsi: support larger transfer sizes (bnc#774818).
* writeback: Do not sync data dirtied after sync start (bnc#833820).
* x86 thermal: Delete power-limit-notification console messages
(bnc#882317).
* x86 thermal: Disable power limit notification interrupt by default
(bnc#882317).
* x86 thermal: Re-enable power limit notification interrupt by default
(bnc#882317).
* x86, cpu hotplug: Fix stack frame warning in
check_irq_vectors_for_cpu_disable() (bnc#887418).
* x86/UV: Add call to KGDB/KDB from NMI handler (bnc#888847).
* x86/UV: Add kdump to UV NMI handler (bnc#888847).
* x86/UV: Add summary of cpu activity to UV NMI handler (bnc#888847).
* x86/UV: Move NMI support (bnc#888847).
* x86/UV: Update UV support for external NMI signals (bnc#888847).
* x86/uv/nmi: Fix Sparse warnings (bnc#888847).
* x86: Add check for number of available vectors before CPU down
(bnc#887418).
* x86: Lock down IO port access when module security is enabled
(bnc#884333).
* x86: Restrict MSR access when module loading is restricted
(bnc#884333).
Security Issues:
* CVE-2013-1979
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1979>
* CVE-2014-1739
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1739>
* CVE-2014-2706
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2706>
* CVE-2014-4027
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4027>
* CVE-2014-4171
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4171>
* CVE-2014-4508
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508>
* CVE-2014-4667
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667>
* CVE-2014-4943
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943>
* CVE-2014-5077
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5077>
* CVE-2014-5471
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471>
* CVE-2014-5472
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5472>
* CVE-2014-3153
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153>
* CVE-2014-6410
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6410>
The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix
various bugs and security issues.
Following security bugs were fixed: CVE-2013-1979: The scm_set_cred
function in include/net/scm.h in the Linux kernel before 3.8.11 uses
incorrect uid and gid values during credentials passing, which allows local
users to gain privileges via a crafted application (bnc#816708).
CVE-2014-1739: The media_device_enum_entities function in
drivers/media/media-device.c in the Linux kernel before 3.14.6 does not
initialize a certain data structure, which allows local users to obtain
sensitive information from kernel memory by leveraging /dev/media0 read
access for a MEDIA_IOC_ENUM_ENTITIES ioctl call (bnc#882804).
CVE-2014-4171: mm/shmem.c in the Linux kernel through 3.15.1 does not
properly implement the interaction between range notification and hole
punching, which allows local users to cause a denial of service (i_mutex
hold) by using the mmap system call to access a hole, as demonstrated by
interfering with intended shmem activity by blocking completion of (1) an
MADV_REMOVE madvise call or (2) an FALLOC_FL_PUNCH_HOLE fallocate call
(bnc#883518).
CVE-2014-4508: arch/x86/kernel/entry_32.S in the Linux kernel through
3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the
sep CPU feature flag is set, allows local users to cause a denial of
service (OOPS and system crash) via an invalid syscall number, as
demonstrated by number 1000 (bnc#883724).
CVE-2014-4667: The sctp_association_free function in net/sctp/associola.c
in the Linux kernel before 3.15.2 does not properly manage a certain
backlog value, which allows remote attackers to cause a denial of service
(socket outage) via a crafted SCTP packet (bnc#885422).
CVE-2014-4943: The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux
kernel through 3.15.6 allows local users to gain privileges by leveraging
data-structure differences between an l2tp socket and an inet socket
(bnc#887082).
CVE-2014-5077: The sctp_assoc_update function in net/sctp/associola.c in
the Linux kernel through 3.15.8, when SCTP authentication is enabled,
allows remote attackers to cause a denial of service (NULL pointer
dereference and OOPS) by starting to establish an association between two
endpoints immediately after an exchange of INIT and INIT ACK chunks to
establish an earlier association between these endpoints in the opposite
direction (bnc#889173).
CVE-2014-5471: Stack consumption vulnerability in the
parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux
kernel through 3.16.1 allows local users to cause a denial of service
(uncontrolled recursion, and system crash or reboot) via a crafted iso9660
image with a CL entry referring to a directory entry that has a CL entry.
(bnc#892490)
CVE-2014-5472: The parse_rock_ridge_inode_internal function in
fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to
cause a denial of service (unkillable mount process) via a crafted iso9660
image with a self-referential CL entry. (bnc#892490)
CVE-2014-2706: Race condition in the mac80211 subsystem in the Linux kernel
before 3.13.7 allows remote attackers to cause a denial of service (system
crash) via network traffic that improperly interacts with the
WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and
tx.c. (bnc#871797)
CVE-2014-4027: The rd_build_device_space function in
drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not
properly initialize a certain data structure, which allows local users to
obtain sensitive information from ramdisk_mcp memory by leveraging access
to a SCSI initiator. (bnc#882639)
The following non-security bugs were fixed: - ACPI / PAD: call schedule()
when need_resched() is true (bnc#866911). - ACPI: Fix bug when ACPI reset
register is implemented in system memory (bnc#882900). - ACPI: Limit access
to custom_method (bnc#884333). - Add option to automatically enforce module
signatures when in Secure Boot mode (bnc#884333). - Add secure_modules()
call (bnc#884333). - Add wait_on_atomic_t() and wake_up_atomic_t()
(bnc#880344). - Backported new patches of Lock down functions for UEFI
secure boot Also updated series.conf and removed old patches. - Btrfs:
Return EXDEV for cross file system snapshot. - Btrfs: abort the transaction
when we does not find our extent ref. - Btrfs: avoid warning bomb of
btrfs_invalidate_inodes. - Btrfs: cancel scrub on transaction abortion. -
Btrfs: correctly set profile flags on seqlock retry. - Btrfs: does not
check nodes for extent items. - Btrfs: fix a possible deadlock between
scrub and transaction committing. - Btrfs: fix corruption after write/fsync
failure + fsync + log recovery (bnc#894200). - Btrfs: fix csum tree
corruption, duplicate and outdated checksums (bnc#891619). - Btrfs: fix
double free in find_lock_delalloc_range. - Btrfs: fix possible memory leak
in btrfs_create_tree(). - Btrfs: fix use of uninit 'ret' in
end_extent_writepage(). - Btrfs: free delayed node outside of
root->inode_lock (bnc#866864). - Btrfs: make DEV_INFO ioctl available to
anyone. - Btrfs: make FS_INFO ioctl available to anyone. - Btrfs: make
device scan less noisy. - Btrfs: make sure there are not any read requests
before stopping workers. - Btrfs: more efficient io tree navigation on
wait_extent_bit. - Btrfs: output warning instead of error when loading free
space cache failed. - Btrfs: retrieve more info from FS_INFO ioctl. -
Btrfs: return EPERM when deleting a default subvolume (bnc#869934). -
Btrfs: unset DCACHE_DISCONNECTED when mounting default subvol (bnc#866615).
- Btrfs: use right type to get real comparison. - Btrfs: wake up
@scrub_pause_wait as much as we can. - Btrfs: wake up transaction thread
upon remount. - CacheFiles: Add missing retrieval completions (bnc#880344).
- CacheFiles: Does not try to dump the index key if the cookie has been
cleared (bnc#880344). - CacheFiles: Downgrade the requirements passed to
the allocator (bnc#880344). - CacheFiles: Fix the marking of cached pages
(bnc#880344). - CacheFiles: Implement invalidation (bnc#880344). -
CacheFiles: Make some debugging statements conditional (bnc#880344). -
Drivers: hv: util: Fix a bug in the KVP code (bnc#886840). - Drivers: hv:
vmbus: Fix a bug in the channel callback dispatch code (bnc#886840). -
FS-Cache: Add transition to handle invalidate immediately after lookup
(bnc#880344). - FS-Cache: Check that there are no read ops when cookie
relinquished (bnc#880344). - FS-Cache: Clear remaining page count on
retrieval cancellation (bnc#880344). - FS-Cache: Convert the object event
ID #defines into an enum (bnc#880344). - FS-Cache: Does not sleep in page
release if __GFP_FS is not set (bnc#880344). - FS-Cache: Does not use
spin_is_locked() in assertions (bnc#880344). - FS-Cache: Exclusive op
submission can BUG if there is been an I/O error (bnc#880344). - FS-Cache:
Fix __wait_on_atomic_t() to call the action func if the counter != 0
(bnc#880344). - FS-Cache: Fix object state machine to have separate work
and wait states (bnc#880344). - FS-Cache: Fix operation state management
and accounting (bnc#880344). - FS-Cache: Fix signal handling during waits
(bnc#880344). - FS-Cache: Initialise the object event mask with the
calculated mask (bnc#880344). - FS-Cache: Limit the number of I/O error
reports for a cache (bnc#880344). - FS-Cache: Make cookie relinquishment
wait for outstanding reads (bnc#880344). - FS-Cache: Mark cancellation of
in-progress operation (bnc#880344). - FS-Cache: One of the write operation
paths doeses not set the object state (bnc#880344). - FS-Cache: Provide
proper invalidation (bnc#880344). - FS-Cache: Simplify cookie retention for
fscache_objects, fixing oops (bnc#880344). - FS-Cache: The retrieval
remaining-pages counter needs to be atomic_t (bnc#880344). - FS-Cache:
Uninline fscache_object_init() (bnc#880344). - FS-Cache: Wrap checks on
object state (bnc#880344). - HID: usbhid: add always-poll quirk
(bnc#888607). - HID: usbhid: enable always-poll quirk for Elan Touchscreen
(bnc#888607). - IB/iser: Add TIMEWAIT_EXIT event handling (bnc#890297). -
Ignore 'flags' change to event_constraint (bnc#876114). - Ignore
data_src/weight changes to perf_sample_data (bnc#876114). - NFS: Allow more
operations in an NFSv4.1 request (bnc#890513). - NFS: Clean up helper
function nfs4_select_rw_stateid() (bnc#888968). - NFS: Does not copy read
delegation stateids in setattr (bnc#888968). - NFS: Does not use a
delegation to open a file when returning that delegation (bnc#888968,
bnc#892200, bnc#893596, bnc#893496) - NFS: Fixes for NFS RCU-walk support
in line with code going upstream - NFS: Use FS-Cache invalidation
(bnc#880344). - NFS: allow lockless access to access_cache (bnc#866130). -
NFS: avoid mountpoint being displayed as ' (deleted)' in /proc/mounts
(bnc#888591). - NFS: nfs4_do_open should add negative results to the dcache
(bnc#866130). - NFS: nfs_migrate_page() does not wait for FS-Cache to
finish with a page (bnc#880344). - NFS: nfs_open_revalidate: only evaluate
parent if it will be used (bnc#866130). - NFS: prepare for RCU-walk support
but pushing tests later in code (bnc#866130). - NFS: support RCU_WALK in
nfs_permission() (bnc#866130). - NFS: teach nfs_lookup_verify_inode to
handle LOOKUP_RCU (bnc#866130). - NFS: teach nfs_neg_need_reval to
understand LOOKUP_RCU (bnc#866130). - NFSD: Does not hand out delegations
for 30 seconds after recalling them (bnc#880370). - NFSv4 set open access
operation call flag in nfs4_init_opendata_res (bnc#888968, bnc#892200,
bnc#893596, bnc#893496). - NFSv4: Add a helper for encoding opaque data
(bnc#888968). - NFSv4: Add a helper for encoding stateids (bnc#888968). -
NFSv4: Add helpers for basic copying of stateids (bnc#888968). - NFSv4:
Clean up nfs4_select_rw_stateid() (bnc#888968). - NFSv4: Fix the return
value of nfs4_select_rw_stateid (bnc#888968). - NFSv4: Rename
nfs4_copy_stateid() (bnc#888968). - NFSv4: Resend the READ/WRITE RPC call
if a stateid change causes an error (bnc#888968). - NFSv4: Simplify the
struct nfs4_stateid (bnc#888968). - NFSv4: The stateid must remain the same
for replayed RPC calls (bnc#888968). - NFSv4: nfs4_stateid_is_current
should return 'true' for an invalid stateid (bnc#888968). - One more fix
for kABI breakage. - PCI: Lock down BAR access when module security is
enabled (bnc#884333). - PCI: enable MPS 'performance' setting to properly
handle bridge MPS (bnc#883376). - PM / Hibernate: Add memory_rtree_find_bit
function (bnc#860441). - PM / Hibernate: Create a Radix-Tree to store
memory bitmap (bnc#860441). - PM / Hibernate: Implement position keeping in
radix tree (bnc#860441). - PM / Hibernate: Iterate over set bits instead of
PFNs in swsusp_free() (bnc#860441). - PM / Hibernate: Remove the old
memory-bitmap implementation (bnc#860441). - PM / Hibernate: Touch Soft
Lockup Watchdog in rtree_next_node (bnc#860441). - Restrict /dev/mem and
/dev/kmem when module loading is restricted (bnc#884333). - Reuse existing
'state' field to indicate PERF_X86_EVENT_PEBS_LDLAT (bnc#876114). - USB:
handle LPM errors during device suspend correctly (bnc#849123). - Update
kabi files to reflect fscache change (bnc#880344) - VFS: Make more complete
truncate operation available to CacheFiles (bnc#880344). - [FEAT NET1222]
ib_uverbs: Allow explicit mmio trigger (FATE#83366, ltc#83367). - acpi:
Ignore acpi_rsdp kernel parameter when module loading is restricted
(bnc#884333). - af_iucv: correct cleanup if listen backlog is full
(bnc#885262, LTC#111728). - asus-wmi: Restrict debugfs interface when
module loading is restricted (bnc#884333). - autofs4: allow RCU-walk to
walk through autofs4 (bnc#866130). - autofs4: avoid taking fs_lock during
rcu-walk (bnc#866130). - autofs4: does not take spinlock when not needed in
autofs4_lookup_expiring (bnc#866130). - autofs4: factor should_expire() out
of autofs4_expire_indirect (bnc#866130). - autofs4: make
'autofs4_can_expire' idempotent (bnc#866130). - autofs4: remove a redundant
assignment (bnc#866130). - autofs: fix lockref lookup (bnc#888591). -
be2net: add dma_mapping_error() check for dma_map_page() (bnc#881759). -
block: add cond_resched() to potentially long running ioctl discard loop
(bnc#884725). - block: fix race between request completion and timeout
handling (bnc#881051). - cdc-ether: clean packet filter upon probe
(bnc#876017). - cpuset: Fix memory allocator deadlock (bnc#876590). -
crypto: Allow CRYPTO_FIPS without MODULE_SIGNATURES. Not all archs have
them, but some are FIPS certified, with some kernel support. - crypto: fips
- only panic on bad/missing crypto mod signatures (bnc#887503). - crypto:
testmgr - allow aesni-intel and ghash_clmulni-intel in fips mode
(bnc#889451). - dasd: validate request size before building CCW/TCW
(bnc#891087, LTC#114068). - dm mpath: fix race condition between
multipath_dtr and pg_init_done (bnc#826486). - dm-mpath: fix panic on
deleting sg device (bnc#870161). - drm/ast: Add missing entry to
dclk_table[]. - drm/ast: Add reduced non reduced mode parsing for wide
screen mode (bnc#892723). - drm/i915: Only apply DPMS to the encoder if
enabled (bnc#893064). - drm/i915: clear the FPGA_DBG_RM_NOCLAIM bit at
driver init (bnc#869055). - drm/i915: create functions for the 'unclaimed
register' checks (bnc#869055). - drm/i915: use FPGA_DBG for the 'unclaimed
register' checks (bnc#869055). - drm/mgag200: Initialize data needed to map
fbdev memory (bnc #806990). - e1000e: enable support for new device IDs
(bnc#885509). - fs/fscache: remove spin_lock() from the condition in
while() (bnc#880344). - hibernate: Disable in a signed modules environment
(bnc#884333). - hugetlb: does not use ERR_PTR with VM_FAULT* values -
ibmvscsi: Abort init sequence during error recovery (bnc#885382). -
ibmvscsi: Add memory barriers for send / receive (bnc#885382). - inet: add
a redirect generation id in inetpeer (bnc#860593). - inetpeer: initialize
->redirect_genid in inet_getpeer() (bnc#860593). - ipv6: tcp: fix
tcp_v6_conn_request() (bnc#887645). - kabi: hide bnc#860593 changes of
struct inetpeer_addr_base (bnc#860593). - kernel: 3215 tty hang
(bnc#891087, LTC#114562). - kernel: fix data corruption when reading
/proc/sysinfo (bnc#891087, LTC#114480). - kernel: fix kernel oops with load
of fpc register (bnc#889061, LTC#113596). - kernel: sclp console tty
reference counting (bnc#891087, LTC#115466). - kexec: Disable at runtime if
the kernel enforces module loading restrictions (bnc#884333). - md/raid6:
avoid data corruption during recovery of double-degraded RAID6. - memcg,
vmscan: Fix forced scan of anonymous pages (memory reclaim fix). - mm,
hugetlb: add VM_NORESERVE check in vma_has_reserves() - mm, hugetlb: change
variable name reservations to resv - mm, hugetlb: decrement reserve count
if VM_NORESERVE alloc page cache - mm, hugetlb: defer freeing pages when
gathering surplus pages - mm, hugetlb: do not use a page in page cache for
cow optimization - mm, hugetlb: fix and clean-up node iteration code to
alloc or free - mm, hugetlb: fix race in region tracking - mm, hugetlb: fix
subpool accounting handling - mm, hugetlb: improve page-fault scalability -
mm, hugetlb: improve, cleanup resv_map parameters - mm, hugetlb: move up
the code which check availability of free huge page - mm, hugetlb: protect
reserved pages when soft offlining a hugepage - mm, hugetlb: remove
decrement_hugepage_resv_vma() - mm, hugetlb: remove redundant list_empty
check in gather_surplus_pages() - mm, hugetlb: remove resv_map_put - mm,
hugetlb: remove useless check about mapping type - mm, hugetlb: return a
reserved page to a reserved pool if failed - mm, hugetlb: trivial
commenting fix - mm, hugetlb: unify region structure handling - mm,
hugetlb: unify region structure handling kabi - mm, hugetlb: use long vars
instead of int in region_count() (Hugetlb Fault Scalability). - mm,
hugetlb: use vma_resv_map() map types - mm, oom: fix badness score
underflow (bnc#884582, bnc#884767). - mm, oom: normalize oom scores to
oom_score_adj scale only for userspace (bnc#884582, bnc#884767). - mm, thp:
do not allow thp faults to avoid cpuset restrictions (bnc#888849). -
net/mlx4_core: Load higher level modules according to ports type
(bnc#887680). - net/mlx4_core: Load the IB driver when the device supports
IBoE (bnc#887680). - net/mlx4_en: Fix a race between napi poll function and
RX ring cleanup (bnc#863586). - net/mlx4_en: Fix selftest failing on non
10G link speed (bnc#888058). - net: fix checksumming features handling in
output path (bnc#891259). - perf/core: Add weighted samples (bnc#876114). -
perf/x86: Add flags to event constraints (bnc#876114). - perf/x86: Add
memory profiling via PEBS Load Latency (bnc#876114). - perf: Add generic
memory sampling interface (bnc#876114). - qla2xxx: Avoid escalating the
SCSI error handler if the command is not found in firmware (bnc#859840). -
qla2xxx: Clear loop_id for ports that are marked lost during fabric
scanning (bnc#859840). - qla2xxx: Does not check for firmware hung during
the reset context for ISP82XX (bnc#859840). - qla2xxx: Issue abort command
for outstanding commands during cleanup when only firmware is alive
(bnc#859840). - qla2xxx: Reduce the time we wait for a command to complete
during SCSI error handling (bnc#859840). - qla2xxx: Set host can_queue
value based on available resources (bnc#859840). - restore smp_mb() in
unlock_new_inode() (bnc#890526). - s390/pci: introduce lazy IOTLB flushing
for DMA unmap (bnc#889061, LTC#113725). - sched: fix the theoretical
signal_wake_up() vs schedule() race (bnc#876055). - sclp_vt220: Enable
integrated ASCII console per default (bnc#885262, LTC#112035). - scsi_dh:
use missing accessor 'scsi_device_from_queue' (bnc#889614). -
scsi_transport_fc: Cap dev_loss_tmo by fast_io_fail (bnc#887608). -
scsiback: correct grant page unmapping. - scsiback: fix retry handling in
__report_luns(). - scsiback: free resources after error. - sunrpc/auth:
allow lockless (rcu) lookup of credential cache (bnc#866130). -
supported.conf: remove external from drivers/net/veth (bnc#889727) -
supported.conf: support net/sched/act_police.ko (bnc#890426) - tcp: adapt
selected parts of RFC 5682 and PRR logic (bnc#879921). - tg3: Change nvram
command timeout value to 50ms (bnc#855657). - tg3: Override clock, link
aware and link idle mode during NVRAM dump (bnc#855657). - tg3: Set the MAC
clock to the fastest speed during boot code load (bnc#855657). - usb: Does
not enable LPM if the exit latency is zero (bnc#832309). - usbcore: Does
not log on consecutive debounce failures of the same port (bnc#888105). -
usbhid: fix PIXART optical mouse (bnc#888607). - uswsusp: Disable when
module loading is restricted (bnc#884333). - vscsi: support larger transfer
sizes (bnc#774818). - x86 thermal: Delete power-limit-notification console
messages (bnc#882317). - x86 thermal: Disable power limit notification
interrupt by default (bnc#882317). - x86 thermal: Re-enable power limit
notification interrupt by default (bnc#882317). - x86/UV: Add call to
KGDB/KDB from NMI handler (bnc#888847). - x86/UV: Add kdump to UV NMI
handler (bnc#888847). - x86/UV: Add summary of cpu activity to UV NMI
handler (bnc#888847). - x86/UV: Move NMI support (bnc#888847). - x86/UV:
Update UV support for external NMI signals (bnc#888847). - x86/uv/nmi: Fix
Sparse warnings (bnc#888847). - x86: Lock down IO port access when module
security is enabled (bnc#884333). - x86: Restrict MSR access when module
loading is restricted (bnc#884333).
Security Issues:
* CVE-2013-1979
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1979>
* CVE-2014-1739
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1739>
* CVE-2014-2706
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2706>
* CVE-2014-4027
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4027>
* CVE-2014-4171
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4171>
* CVE-2014-4508
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4508>
* CVE-2014-4667
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4667>
* CVE-2014-4943
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4943>
* CVE-2014-5077
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5077>
* CVE-2014-5471
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5471>
* CVE-2014-5472
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5472>
SUSE bug 774818SUSE bug 806990SUSE bug 816708SUSE bug 826486SUSE bug 832309SUSE bug 849123SUSE bug 855657SUSE bug 859840SUSE bug 860441SUSE bug 860593SUSE bug 863586SUSE bug 866130SUSE bug 866615SUSE bug 866864SUSE bug 866911SUSE bug 869055SUSE bug 869934SUSE bug 870161SUSE bug 871797SUSE bug 876017SUSE bug 876055SUSE bug 876114SUSE bug 876590SUSE bug 879921SUSE bug 880344SUSE bug 880370SUSE bug 881051SUSE bug 881759SUSE bug 882317SUSE bug 882639SUSE bug 882804SUSE bug 882900SUSE bug 883376SUSE bug 883518SUSE bug 883724SUSE bug 884333SUSE bug 884582SUSE bug 884725SUSE bug 884767SUSE bug 885262SUSE bug 885382SUSE bug 885422SUSE bug 885509SUSE bug 886840SUSE bug 887082SUSE bug 887503SUSE bug 887608SUSE bug 887645SUSE bug 887680SUSE bug 888058SUSE bug 888105SUSE bug 888591SUSE bug 888607SUSE bug 888847SUSE bug 888849SUSE bug 888968SUSE bug 889061SUSE bug 889173SUSE bug 889451SUSE bug 889614SUSE bug 889727SUSE bug 890297SUSE bug 890426SUSE bug 890513SUSE bug 890526SUSE bug 891087SUSE bug 891259SUSE bug 891619SUSE bug 892200SUSE bug 892490SUSE bug 892723SUSE bug 893064SUSE bug 893496SUSE bug 893596SUSE bug 894200CVE-2013-1979 at SUSECVE-2013-1979 at NVDCVE-2014-1739 at SUSECVE-2014-1739 at NVDCVE-2014-2706 at SUSECVE-2014-2706 at NVDCVE-2014-4027 at SUSECVE-2014-4027 at NVDCVE-2014-4171 at SUSECVE-2014-4171 at NVDCVE-2014-4508 at SUSECVE-2014-4508 at NVDCVE-2014-4667 at SUSECVE-2014-4667 at NVDCVE-2014-4943 at SUSECVE-2014-4943 at NVDCVE-2014-5077 at SUSECVE-2014-5077 at NVDCVE-2014-5471 at SUSECVE-2014-5471 at NVDCVE-2014-5472 at SUSECVE-2014-5472 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes.
The following security bug was fixed:
- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX
registers) between processes. These registers might contain encryption keys
when doing SSE accelerated AES enc/decryption (bsc#1087086)
The following non-security bugs were fixed:
- KVM: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure (bsc#1096242, bsc#1096281).
- Xen counterparts of eager FPU implementation.
- x86/boot: Fix early command-line parsing when partial word matches (bsc#1096140).
- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being disabled (bsc#1096140).
- xen/x86/CPU: Check speculation control CPUID bit (bsc#1068032).
- xen/x86/CPU: Sync CPU feature flags late (bsc#1075994 bsc#1075091).
- xen/x86/cpu: Factor out application of forced CPU caps (bsc#1075994 bsc#1075091).
- xen/x86/cpu: Fix bootup crashes by sanitizing the argument of the 'clearcpuid=' command-line option (bsc#1065600).
- xen/x86/entry/64: Do not use IST entry for #BP stack (bsc#1087088).
- xen/x86/entry: Use IBRS on entry to kernel space (bsc#1068032).
- xen/x86/idle: Toggle IBRS when going idle (bsc#1068032).
- xen/x86/kaiser: Move feature detection up (bsc#1068032).
ImportantSUSE bug 1065600SUSE bug 1068032SUSE bug 1075091SUSE bug 1075994SUSE bug 1087086SUSE bug 1087088SUSE bug 1096140SUSE bug 1096242SUSE bug 1096281CVE-2018-3665 at SUSECVE-2018-3665 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server for SAP Applications 11 SP3
The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to receive various security and bugfixes.
Following security bugs were fixed:
- CVE-2015-8104: Prevent guest to host DoS caused by infinite loop in microcode via #DB exception (bsc#954404).
- CVE-2015-5307: Prevent guest to host DoS caused by infinite loop in microcode via #AC exception (bsc#953527).
- CVE-2015-7990: RDS: Verify the underlying transport exists before creating a connection, preventing possible DoS (bsc#952384).
- CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the x86_64 platform mishandled IRET faults in processing NMIs that occurred during userspace execution, which might have allowed local users to gain privileges by triggering an NMI (bsc#938706).
- CVE-2015-7872: Possible crash when trying to garbage collect an uninstantiated keyring (bsc#951440).
- CVE-2015-0272: Prevent remote DoS using IPv6 RA with bogus MTU by validating before applying it (bsc#944296).
- CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bsc#945825).
- CVE-2015-6252: The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel allowed local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggered permanent file-descriptor allocation (bsc#942367).
The following non-security bugs were fixed:
- alsa: hda - Disable 64bit address for Creative HDA controllers (bsc#814440).
- btrfs: fix hang when failing to submit bio of directIO (bsc#942688).
- btrfs: fix memory corruption on failure to submit bio for direct IO (bsc#942688).
- btrfs: fix put dio bio twice when we submit dio bio fail (bsc#942688).
- dm sysfs: introduce ability to add writable attributes (bsc#904348).
- dm-snap: avoid deadock on s->lock when a read is split (bsc#939826).
- dm: do not start current request if it would have merged with the previous (bsc#904348).
- dm: impose configurable deadline for dm_request_fn merge heuristic (bsc#904348).
- drm/i915: (re)init HPD interrupt storm statistics (bsc#942938).
- drm/i915: Add HPD IRQ storm detection (v5) (bsc#942938).
- drm/i915: Add Reenable Timer to turn Hotplug Detection back on (v4) (bsc#942938).
- drm/i915: Add bit field to record which pins have received HPD events (v3) (bsc#942938).
- drm/i915: Add enum hpd_pin to intel_encoder (bsc#942938).
- drm/i915: Add messages useful for HPD storm detection debugging (v2) (bsc#942938).
- drm/i915: Avoid race of intel_crt_detect_hotplug() with HPD interrupt (bsc#942938).
- drm/i915: Convert HPD interrupts to make use of HPD pin assignment in encoders (v2) (bsc#942938).
- drm/i915: Disable HPD interrupt on pin when irq storm is detected (v3) (bsc#942938).
- drm/i915: Do not WARN nor handle unexpected hpd interrupts on gmch platforms (bsc#942938).
- drm/i915: Enable hotplug interrupts after querying hw capabilities (bsc#942938).
- drm/i915: Fix DDC probe for passive adapters (bsc#900610, fdo#85924).
- drm/i915: Fix hotplug interrupt enabling for SDVOC (bsc#942938).
- drm/i915: Fix up sdvo hpd pins for i965g/gm (bsc#942938).
- drm/i915: Get rid if the '^A' in struct drm_i915_private (bsc#942938).
- drm/i915: Make hpd arrays big enough to avoid out of bounds access (bsc#942938).
- drm/i915: Mask out the HPD irq bits before setting them individually (bsc#942938).
- drm/i915: Only print hotplug event message when hotplug bit is set (bsc#942938).
- drm/i915: Only reprobe display on encoder which has received an HPD event (v2) (bsc#942938).
- drm/i915: Queue reenable timer also when enable_hotplug_processing is false (bsc#942938).
- drm/i915: Remove i965_hpd_irq_setup (bsc#942938).
- drm/i915: Remove pch_rq_mask from struct drm_i915_private (bsc#942938).
- drm/i915: Remove valleyview_hpd_irq_setup (bsc#942938).
- drm/i915: Use an interrupt save spinlock in intel_hpd_irq_handler() (bsc#942938).
- drm/i915: WARN_ONCE() about unexpected interrupts for all chipsets (bsc#942938).
- drm/i915: add hotplug activation period to hotplug update mask (bsc#953980).
- drm/i915: assert_spin_locked for pipestat interrupt enable/disable (bsc#942938).
- drm/i915: clear crt hotplug compare voltage field before setting (bsc#942938).
- drm/i915: close tiny race in the ilk pcu even interrupt setup (bsc#942938).
- drm/i915: fix hotplug event bit tracking (bsc#942938).
- drm/i915: fix hpd interrupt register locking (bsc#942938).
- drm/i915: fix hpd work vs. flush_work in the pageflip code deadlock (bsc#942938).
- drm/i915: fix locking around ironlake_enable|disable_display_irq (bsc#942938).
- drm/i915: fold the hpd_irq_setup call into intel_hpd_irq_handler (bsc#942938).
- drm/i915: fold the no-irq check into intel_hpd_irq_handler (bsc#942938).
- drm/i915: fold the queue_work into intel_hpd_irq_handler (bsc#942938).
- drm/i915: implement ibx_hpd_irq_setup (bsc#942938).
- drm/i915: s/hotplug_irq_storm_detect/intel_hpd_irq_handler/ (bsc#942938).
- ehci-pci: enable interrupt on BayTrail (bnc926007).
- fix lpfc_send_rscn_event allocation size claims bsc#935757
- hugetlb: simplify migrate_huge_page() (bsc#947957, VM Functionality).
- hwpoison, hugetlb: lock_page/unlock_page does not match for handling a free hugepage (bsc#947957).
- ib/iser: Add Discovery support (bsc#923002).
- ib/iser: Move informational messages from error to info level (bsc#923002).
- ib/srp: Avoid skipping srp_reset_host() after a transport error (bsc#904965).
- ib/srp: Fix a sporadic crash triggered by cable pulling (bsc#904965).
- inotify: Fix nested sleeps in inotify_read() (bsc#940925).
- ipv6: fix tunnel error handling (bsc#952579).
- ipv6: probe routes asynchronous in rt6_probe (bsc#936118).
- ipvs: Fix reuse connection if real server is dead (bsc#945827).
- ipvs: drop first packet to dead server (bsc#946078).
- keys: Fix race between key destruction and finding a keyring by name (bsc#951440).
- ktime: add ktime_after and ktime_before helpe (bsc#904348).
- lib/string.c: introduce memchr_inv() (bsc#930788).
- libiscsi: Exporting new attrs for iscsi session and connection in sysfs (bsc#923002).
- macvlan: Support bonding events bsc#948521
- make sure XPRT_CONNECTING gets cleared when needed (bsc#946309).
- memory-failure: do code refactor of soft_offline_page() (bsc#947957).
- memory-failure: fix an error of mce_bad_pages statistics (bsc#947957).
- memory-failure: use num_poisoned_pages instead of mce_bad_pages (bsc#947957).
- memory-hotplug: update mce_bad_pages when removing the memory (bsc#947957).
- mm/memory-failure.c: fix wrong num_poisoned_pages in handling memory error on thp (bsc#947957).
- mm/memory-failure.c: recheck PageHuge() after hugetlb page migrate successfully (bsc#947957).
- mm/migrate.c: pair unlock_page() and lock_page() when migrating huge pages (bsc#947957).
- mm: exclude reserved pages from dirtyable memory 32b fix (bsc#940017, bsc#949298).
- mm: make page pfmemalloc check more robust (bsc#920016).
- netfilter: nf_conntrack_proto_sctp: minimal multihoming support (bsc#932350).
- pci: Add VPD function 0 quirk for Intel Ethernet devices (bsc#943786).
- pci: Add dev_flags bit to access VPD through function 0 (bsc#943786).
- pci: Add flag indicating device has been assigned by KVM (bsc#777565).
- pci: Clear NumVFs when disabling SR-IOV in sriov_init() (bsc#952084).
- pci: Refresh First VF Offset and VF Stride when updating NumVFs (bsc#952084).
- pci: Update NumVFs register when disabling SR-IOV (bsc#952084).
- pci: delay configuration of SRIOV capability (bsc#952084).
- pci: set pci sriov page size before reading SRIOV BAR (bsc#952084).
- pktgen: clean up ktime_t helpers (bsc#904348).
- qla2xxx: Do not reset adapter if SRB handle is in range (bsc#944993).
- qla2xxx: Remove decrement of sp reference count in abort handler (bsc#944993).
- qla2xxx: do not clear slot in outstanding cmd array (bsc#944993).
- r8169: remember WOL preferences on driver load (bsc#942305).
- rcu: Eliminate deadlock between CPU hotplug and expedited grace periods (bsc#949706).
- rtc: cmos: Cancel alarm timer if alarm time is equal to now+1 seconds (bsc#930145).
- sched/core: Fix task and run queue sched_info::run_delay inconsistencies (bsc#949100).
- scsi: fix scsi_error_handler vs. scsi_host_dev_release race (bsc#942204).
- scsi: hosts: update to use ida_simple for host_no (bsc#939926)
- scsi: kabi: allow iscsi disocvery session support (bsc#923002).
- scsi_transport_iscsi: Exporting new attrs for iscsi session and connection in sysfs (bsc#923002).
- sg: fix read() error reporting (bsc#926774).
- usb: xhci: Prefer endpoint context dequeue pointer over stopped_trb (bsc#933721).
- usb: xhci: Reset a halted endpoint immediately when we encounter a stall (bsc#933721).
- usb: xhci: apply XHCI_AVOID_BEI quirk to all Intel xHCI controllers (bsc#944989).
- usb: xhci: do not start a halted endpoint before its new dequeue is set (bsc#933721).
- usb: xhci: handle Config Error Change (CEC) in xhci driver (bsc#933721).
- x86/tsc: Change Fast TSC calibration failed from error to info (bsc#942605).
- x86: mm: drop TLB flush from ptep_set_access_flags (bsc#948330).
- x86: mm: only do a local tlb flush in ptep_set_access_flags() (bsc#948330).
- xfs: Fix lost direct IO write in the last block (bsc#949744).
- xfs: Fix softlockup in xfs_inode_ag_walk() (bsc#948347).
- xfs: add EOFBLOCKS inode tagging/untagging (bsc#930788).
- xfs: add XFS_IOC_FREE_EOFBLOCKS ioctl (bsc#930788).
- xfs: add background scanning to clear eofblocks inodes (bsc#930788).
- xfs: add inode id filtering to eofblocks scan (bsc#930788).
- xfs: add minimum file size filtering to eofblocks scan (bsc#930788).
- xfs: create function to scan and clear EOFBLOCKS inodes (bsc#930788).
- xfs: create helper to check whether to free eofblocks on inode (bsc#930788).
- xfs: introduce a common helper xfs_icluster_size_fsb (bsc#932805).
- xfs: make xfs_free_eofblocks() non-static, return EAGAIN on trylock failure (bsc#930788).
- xfs: support a tag-based inode_ag_iterator (bsc#930788).
- xfs: support multiple inode id filtering in eofblocks scan (bsc#930788).
- xfs: use xfs_icluster_size_fsb in xfs_bulkstat (bsc#932805).
- xfs: use xfs_icluster_size_fsb in xfs_ialloc_inode_init (bsc#932805).
- xfs: use xfs_icluster_size_fsb in xfs_ifree_cluster (bsc#932805).
- xfs: use xfs_icluster_size_fsb in xfs_imap (bsc#932805).
- xhci: Add spurious wakeup quirk for LynxPoint-LP controllers (bsc#949981).
- xhci: Allocate correct amount of scratchpad buffers (bsc#933721).
- xhci: Calculate old endpoints correctly on device reset (bsc#944831).
- xhci: Do not enable/disable RWE on bus suspend/resume (bsc#933721).
- xhci: For streams the css flag most be read from the stream-ctx on ep stop (bsc#945691).
- xhci: Solve full event ring by increasing TRBS_PER_SEGMENT to 256 (bsc#933721).
- xhci: Treat not finding the event_seg on COMP_STOP the same as COMP_STOP_INVAL (bsc#933721).
- xhci: Workaround for PME stuck issues in Intel xhci (bsc#933721).
- xhci: change xhci 1.0 only restrictions to support xhci 1.1 (bsc#949502).
- xhci: do not report PLC when link is in internal resume state (bsc#933721).
- xhci: fix isoc endpoint dequeue from advancing too far on transaction error (bsc#944837).
- xhci: fix reporting of 0-sized URBs in control endpoint (bsc#933721).
- xhci: report U3 when link is in resume state (bsc#933721).
- xhci: rework cycle bit checking for new dequeue pointers (bsc#933721).
- xhci: use uninterruptible sleep for waiting for internal operations (bsc#939955).
ImportantSUSE bug 777565SUSE bug 814440SUSE bug 900610SUSE bug 904348SUSE bug 904965SUSE bug 920016SUSE bug 923002SUSE bug 926007SUSE bug 926709SUSE bug 926774SUSE bug 930145SUSE bug 930788SUSE bug 932350SUSE bug 932805SUSE bug 933721SUSE bug 935053SUSE bug 935757SUSE bug 936118SUSE bug 938706SUSE bug 939826SUSE bug 939926SUSE bug 939955SUSE bug 940017SUSE bug 940925SUSE bug 941202SUSE bug 942204SUSE bug 942305SUSE bug 942367SUSE bug 942605SUSE bug 942688SUSE bug 942938SUSE bug 943786SUSE bug 944296SUSE bug 944831SUSE bug 944837SUSE bug 944989SUSE bug 944993SUSE bug 945691SUSE bug 945825SUSE bug 945827SUSE bug 946078SUSE bug 946309SUSE bug 947957SUSE bug 948330SUSE bug 948347SUSE bug 948521SUSE bug 949100SUSE bug 949298SUSE bug 949502SUSE bug 949706SUSE bug 949744SUSE bug 949981SUSE bug 951440SUSE bug 952084SUSE bug 952384SUSE bug 952579SUSE bug 953527SUSE bug 953980SUSE bug 954404CVE-2015-0272 at SUSECVE-2015-0272 at NVDCVE-2015-5157 at SUSECVE-2015-5157 at NVDCVE-2015-5307 at SUSECVE-2015-5307 at NVDCVE-2015-6252 at SUSECVE-2015-6252 at NVDCVE-2015-6937 at SUSECVE-2015-6937 at NVDCVE-2015-7872 at SUSECVE-2015-7872 at NVDCVE-2015-7990 at SUSECVE-2015-7990 at NVDCVE-2015-8104 at SUSECVE-2015-8104 at NVDcpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to fix one security issue.
This security bug was fixed:
- CVE-2016-5195: Local privilege escalation using MAP_PRIVATE. It is reportedly exploited in the wild (bsc#1004418).
ImportantSUSE bug 1004418CVE-2016-5195 at SUSECVE-2016-5195 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2016-5243: The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel did not properly copy a certain string, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#983212)
- CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415)
- CVE-2017-2647: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c (bsc#1030593).
- CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel was too late in obtaining a certain lock and consequently could not ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003)
- CVE-2017-5669: The do_shmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context (bnc#1026914)
- CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1024938)
- CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bsc#1025235)
- CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024)
- CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722)
- CVE-2017-6348: The hashbin_delete function in net/irda/irqueue.c in the Linux kernel improperly managed lock dropping, which allowed local users to cause a denial of service (deadlock) via crafted operations on IrDA devices (bnc#1027178)
- CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986 (bnc#1027066)
- CVE-2017-6951: The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the 'dead' type (bsc#1029850).
- CVE-2017-7184: The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel did not validate certain size data after an XFRM_MSG_NEWAE update, which allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability (bsc#1030573)
- CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213)
- CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052)
- CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440)
- CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bnc#1031579)
- CVE-2017-7482: Several missing length checks ticket decode allowing for information leak or potentially code execution (bsc#1046107).
- CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel mishandled reference counts, which allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface (bsc#1038879).
- CVE-2017-7533: Race condition in the fsnotify implementation in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions (bnc#1049483 1050677 ).
- CVE-2017-7542: The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel allowed local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket (bnc#1049882).
- CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation (bsc#1033336)
- CVE-2017-8831: The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a 'double fetch' vulnerability. This requires a malicious PCI Card. (bnc#1037994).
- CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bsc#1038544).
- CVE-2017-8924: The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow (bnc#1037182).
- CVE-2017-8925: The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel allowed local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling (bnc#1038981).
- CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel did not consider that the nexthdr field may be associated with an invalid option, which allowed local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls (bnc#1039882).
- CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bsc#1039883).
- CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885).
- CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bsc#1040069).
- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel was too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bnc#1041431).
- CVE-2017-10661: Race condition in fs/timerfd.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing (bnc#1053152).
- CVE-2017-11176: The mq_notify function in the Linux kernel did not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allowed attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact (bnc#1048275).
- CVE-2017-11473: Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel allowed local users to gain privileges via a crafted ACPI table (bnc#1049603).
- CVE-2017-12762: In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. (bnc#1053148).
- CVE-2017-14051: An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash) by leveraging root access (bnc#1056588).
- CVE-2017-1000112: Fixed a race condition in net-packet code that could have been exploited by unprivileged users to gain root access. (bsc#1052311).
- CVE-2017-1000363: Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary could have overflowed the parport_nr array in the following code (bnc#1039456).
- CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation (bnc#1039354).
- CVE-2017-1000380: sound/core/timer.c in the Linux kernel was vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time (bnc#1044125).
The following non-security bugs were fixed:
- acpi: Disable APEI error injection if securelevel is set (bsc#972891, bsc#1023051).
- blkback/blktap: do not leak stack data via response ring (bsc#1042863 XSA-216).
- btrfs: cleanup code of btrfs_balance_delayed_items() (bsc#1034838).
- btrfs: do not run delayed nodes again after all nodes flush (bsc#1034838).
- btrfs: remove btrfs_end_transaction_dmeta() (bsc#1034838).
- btrfs: remove residual code in delayed inode async helper (bsc#1034838).
- btrfs: use flags instead of the bool variants in delayed node (bsc#1034838).
- cifs: cifs_get_root shouldn't use path with tree name, alternate fix (bsc#963655, bsc#979681, bsc#1027406).
- dentry name snapshots (bsc#1049483).
- firmware: fix directory creation rule matching with make 3.80 (bsc#1012422).
- firmware: fix directory creation rule matching with make 3.82 (bsc#1012422).
- Fix vmalloc_fault oops during lazy MMU updates (bsc#948562) (bsc#948562).
- hv: do not lose pending heartbeat vmbus packets (bnc#1006919, bnc#1053760).
- jbd: do not wait (forever) for stale tid caused by wraparound (bsc#1020229).
- jbd: Fix oops in journal_remove_journal_head() (bsc#1017143).
- kernel-binary.spec: Propagate MAKE_ARGS to %build (bsc#1012422)
- keys: Disallow keyrings beginning with '.' to be joined as session keyrings (bnc#1035576).
- nfs: Avoid getting confused by confused server (bsc#1045416).
- nfsd4: minor NFSv2/v3 write decoding cleanup (bsc#1034670).
- nfsd: check for oversized NFSv2/v3 arguments (bsc#1034670).
- nfsd: do not risk using duplicate owner/file/delegation ids (bsc#1029212).
- nfsd: stricter decoding of write-like NFSv2/v3 ops (bsc#1034670).
- nfs: Make nfs_readdir revalidate less often (bsc#1048232).
- pciback: check PF instead of VF for PCI_COMMAND_MEMORY (bsc#957990).
- pciback: only check PF if actually dealing with a VF (bsc#999245).
- pciback: Save the number of MSI-X entries to be copied later (bsc#957988).
- Remove superfluous make flags (bsc#1012422)
- Return short read or 0 at end of a raw device, not EIO (bsc#1039594).
- Revert 'fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681)
- scsi: lpfc: avoid double free of resource identifiers (bsc#989896).
- scsi: virtio_scsi: fix memory leak on full queue condition (bsc#1028880).
- sunrpc: Clean up the slot table allocation (bsc#1013862).
- sunrpc: Initalise the struct xprt upon allocation (bsc#1013862).
- usb: serial: kl5kusb105: fix line-state error handling (bsc#1021256).
- usb: wusbcore: fix NULL-deref at probe (bsc#1045487).
- Use make --output-sync feature when available (bsc#1012422).
- Use PF_LESS_THROTTLE in loop device thread (bsc#1027101).
- xen/PCI-MSI: fix sysfs teardown in DomU (bsc#986924).
ImportantSUSE bug 1006919SUSE bug 1012422SUSE bug 1013862SUSE bug 1017143SUSE bug 1020229SUSE bug 1021256SUSE bug 1023051SUSE bug 1024938SUSE bug 1025013SUSE bug 1025235SUSE bug 1026024SUSE bug 1026722SUSE bug 1026914SUSE bug 1027066SUSE bug 1027101SUSE bug 1027178SUSE bug 1027179SUSE bug 1027406SUSE bug 1028415SUSE bug 1028880SUSE bug 1029212SUSE bug 1029850SUSE bug 1030213SUSE bug 1030573SUSE bug 1030575SUSE bug 1030593SUSE bug 1031003SUSE bug 1031052SUSE bug 1031440SUSE bug 1031481SUSE bug 1031579SUSE bug 1031660SUSE bug 1033287SUSE bug 1033336SUSE bug 1034670SUSE bug 1034838SUSE bug 1035576SUSE bug 1037182SUSE bug 1037183SUSE bug 1037994SUSE bug 1038544SUSE bug 1038564SUSE bug 1038879SUSE bug 1038883SUSE bug 1038981SUSE bug 1038982SUSE bug 1039349SUSE bug 1039354SUSE bug 1039456SUSE bug 1039594SUSE bug 1039882SUSE bug 1039883SUSE bug 1039885SUSE bug 1040069SUSE bug 1041431SUSE bug 1042364SUSE bug 1042863SUSE bug 1042892SUSE bug 1044125SUSE bug 1045416SUSE bug 1045487SUSE bug 1046107SUSE bug 1048232SUSE bug 1048275SUSE bug 1049483SUSE bug 1049603SUSE bug 1049882SUSE bug 1050677SUSE bug 1052311SUSE bug 1053148SUSE bug 1053152SUSE bug 1053760SUSE bug 1056588SUSE bug 870618SUSE bug 948562SUSE bug 957988SUSE bug 957990SUSE bug 963655SUSE bug 972891SUSE bug 979681SUSE bug 983212SUSE bug 986924SUSE bug 989896SUSE bug 999245CVE-2016-10200 at SUSECVE-2016-10200 at NVDCVE-2016-5243 at SUSECVE-2016-5243 at NVDCVE-2017-1000112 at SUSECVE-2017-1000112 at NVDCVE-2017-1000363 at SUSECVE-2017-1000363 at NVDCVE-2017-1000365 at SUSECVE-2017-1000365 at NVDCVE-2017-1000380 at SUSECVE-2017-1000380 at NVDCVE-2017-10661 at SUSECVE-2017-10661 at NVDCVE-2017-11176 at SUSECVE-2017-11176 at NVDCVE-2017-11473 at SUSECVE-2017-11473 at NVDCVE-2017-12762 at SUSECVE-2017-12762 at NVDCVE-2017-14051 at SUSECVE-2017-14051 at NVDCVE-2017-2647 at SUSECVE-2017-2647 at NVDCVE-2017-2671 at SUSECVE-2017-2671 at NVDCVE-2017-5669 at SUSECVE-2017-5669 at NVDCVE-2017-5970 at SUSECVE-2017-5970 at NVDCVE-2017-5986 at SUSECVE-2017-5986 at NVDCVE-2017-6074 at SUSECVE-2017-6074 at NVDCVE-2017-6214 at SUSECVE-2017-6214 at NVDCVE-2017-6348 at SUSECVE-2017-6348 at NVDCVE-2017-6353 at SUSECVE-2017-6353 at NVDCVE-2017-6951 at SUSECVE-2017-6951 at NVDCVE-2017-7184 at SUSECVE-2017-7184 at NVDCVE-2017-7187 at SUSECVE-2017-7187 at NVDCVE-2017-7261 at SUSECVE-2017-7261 at NVDCVE-2017-7294 at SUSECVE-2017-7294 at NVDCVE-2017-7308 at SUSECVE-2017-7308 at NVDCVE-2017-7482 at SUSECVE-2017-7482 at NVDCVE-2017-7487 at SUSECVE-2017-7487 at NVDCVE-2017-7533 at SUSECVE-2017-7533 at NVDCVE-2017-7542 at SUSECVE-2017-7542 at NVDCVE-2017-7616 at SUSECVE-2017-7616 at NVDCVE-2017-8831 at SUSECVE-2017-8831 at NVDCVE-2017-8890 at SUSECVE-2017-8890 at NVDCVE-2017-8924 at SUSECVE-2017-8924 at NVDCVE-2017-8925 at SUSECVE-2017-8925 at NVDCVE-2017-9074 at SUSECVE-2017-9074 at NVDCVE-2017-9075 at SUSECVE-2017-9075 at NVDCVE-2017-9076 at SUSECVE-2017-9076 at NVDCVE-2017-9077 at SUSECVE-2017-9077 at NVDCVE-2017-9242 at SUSECVE-2017-9242 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. (bnc#1107829).
- CVE-2018-14617: There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory (bnc#1102870).
- CVE-2018-16276: An issue was discovered in yurex_read in drivers/usb/misc/yurex.c where local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges (bnc#1106095).
- CVE-2018-12896: An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically made the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922).
The following non-security bugs were fixed:
- net: fix neighbours after MAC change (bnc#905299).
- powerpc: Fix smp_mb__before_spinlock() (bsc#1110247).
- x86/fpu: Do not do __thread_fpu_end() if use_eager_fpu() (bnc#1109967).
- x86/fpu: fix signal handling with eager FPU switching (ia32) (bsc#1108227).
- retpoline: Introduce start/end markers of indirect thunk (bsc#1113337).
ImportantSUSE bug 1099922SUSE bug 1102870SUSE bug 1106095SUSE bug 1107829SUSE bug 1108227SUSE bug 1109967SUSE bug 1110247SUSE bug 1113337SUSE bug 905299CVE-2018-12896 at SUSECVE-2018-12896 at NVDCVE-2018-14617 at SUSECVE-2018-14617 at NVDCVE-2018-14633 at SUSECVE-2018-14633 at NVDCVE-2018-16276 at SUSECVE-2018-16276 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for kernel-source (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise Server 11 SP3 Kernel for Teradata was updated to fix security issues and bugs:
The following security bugs have been fixed:
- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local
attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing
of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be
possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server (bsc#1120843)
- CVE-2019-11190: The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su)
because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the
ptrace_may_access() check has a race condition when reading /proc/pid/stat (bsc#1132472)
- CVE-2018-17972: An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel
through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a
local attacker to exploit racy stack unwinding and leak kernel task stack contents (bsc#1110785)
- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows
a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a
name field may not end with a '\0' character. (bsc#1134848)
- CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8
has multiple race conditions (bsc#1133188)
The following bugs have been fixed:
- Updated broken kabi files (bsc#1132268) ImportantSUSE bug 1110785SUSE bug 1120843SUSE bug 1132268SUSE bug 1132472SUSE bug 1133188SUSE bug 1134848SUSE bug 800280SUSE bug 801178CVE-2013-0216 at SUSECVE-2013-0216 at NVDCVE-2013-0231 at SUSECVE-2013-0231 at NVDCVE-2018-17972 at SUSECVE-2018-17972 at NVDCVE-2019-11190 at SUSECVE-2019-11190 at NVDCVE-2019-11486 at SUSECVE-2019-11486 at NVDCVE-2019-11884 at SUSECVE-2019-11884 at NVDCVE-2019-5489 at SUSECVE-2019-5489 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 kernel version 3.0.101 was updated to 3.12.31
to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-11477: A sequence of SACKs may have been crafted such that one can
trigger an integer overflow, leading to a kernel panic. (bsc#1137586)
- CVE-2019-11478: It was possible to send a crafted sequence of SACKs which
will fragment the TCP retransmission queue. An attacker may have been able to
further exploit the fragmented queue to cause an expensive linked-list walk
for subsequent SACKs received for that same TCP connection.
- CVE-2019-11479: It was possible to send a crafted sequence of SACKs which
would fragment the RACK send map. A remote attacker may have been able to further
exploit the fragmented send map to cause an expensive linked-list walk for
subsequent SACKs received for that same TCP connection. This would have
resulted in excess resource consumption due to low mss values.
The following non-security bugs were fixed:
- kabi: drop LINUX_MIB_TCPWQUEUETOOBIG snmp counter (bsc#1137586).
- mm/fs: fix soft lockup in __shrink_dcache_sb (bsc#1128201).
- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).
- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).
- tcp: limit payload size of sacked skbs (bsc#1137586).
- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).
ImportantSUSE bug 1128201SUSE bug 1137586CVE-2019-11477 at SUSECVE-2019-11477 at NVDCVE-2019-11478 at SUSECVE-2019-11478 at NVDCVE-2019-11479 at SUSECVE-2019-11479 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for kernel-source (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Kernel for Teradata was updated to receive the following fixes:
- CVE-2018-5390: Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue()
and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service (bsc#1102340)
- CVE-2019-11478: The TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be
fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use
this to cause a denial of service (bsc#1137586, bsc#1139751)
- CVE-2017-5753: Systems with microprocessors utilizing speculative execution and branch prediction may allow
unauthorized disclosure of information to an attacker with local user access via a side-channel
analysis (bsc#1068032, bsc#1112824)
- Added Intel feature bits for Speculation Control (bsc#1130209)
- Added definitions for new speculation control MSRs (bsc#1130209)
ImportantSUSE bug 1068032SUSE bug 1090078SUSE bug 1102340SUSE bug 1112824SUSE bug 1130209SUSE bug 1137586SUSE bug 1139751CVE-2017-5753 at SUSECVE-2017-5753 at NVDCVE-2018-5390 at SUSECVE-2018-5390 at NVDCVE-2019-11478 at SUSECVE-2019-11478 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for kernel-source (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for the SUSE Linux Enterprise Server 11 SP3 Kernel for Teradata fixes the following issues:
Security issues fixed:
- CVE-2019-11478: The TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be
fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could
use this to cause a denial of service (bsc#1137586)
- CVE-2019-1125: Exclude ATOMs from speculation through SWAPGS (bsc#1139358)
- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was
found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136424)
- CVE-2019-3459, CVE-2019-3460: A heap address information leak while using L2CAP_GET_CONF_OPT was discovered
in the Linux kernel before 5.1-rc1 (bsc#1120758)
- CVE-2019-3896: A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch.
An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial
of service (DoS) (bsc#1138943)
- CVE-2018-20836: An issue was discovered in the Linux kernel before 4.20. There is a race condition in
smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free (bsc#1134395)
- CVE-2019-12614: An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the
Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a
denial of service (NULL pointer dereference and system crash) (bsc#1137194)
Regular bugs fixed:
- Fixed an issue where the error message 'Hyper-V eth0: unable to send receive completion pkt' was shown (bsc#1136795)
ImportantSUSE bug 1120758SUSE bug 1134395SUSE bug 1136424SUSE bug 1136795SUSE bug 1137194SUSE bug 1137586SUSE bug 1138943SUSE bug 1139358CVE-2018-20836 at SUSECVE-2018-20836 at NVDCVE-2019-1125 at SUSECVE-2019-1125 at NVDCVE-2019-11478 at SUSECVE-2019-11478 at NVDCVE-2019-12614 at SUSECVE-2019-12614 at NVDCVE-2019-3459 at SUSECVE-2019-3459 at NVDCVE-2019-3460 at SUSECVE-2019-3460 at NVDCVE-2019-3846 at SUSECVE-2019-3846 at NVDCVE-2019-3896 at SUSECVE-2019-3896 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for kernel-source (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Kernel for Teradata was updated to receive the following fixes:
The following security issues have been fixed:
- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was
found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136424)
- CVE-2015-9289: In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params
in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the
userspace API. However, the code allows larger values such as 23 (bsc#1143179)
- CVE-2019-14283: In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate
the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered
by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device
by default (bsc#1143191)
- CVE-2019-14284: In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by
setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should
set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy
format operation should be called. It can be triggered by an unprivileged local user even when a floppy
disk has not been inserted. NOTE: QEMU creates the floppy device by default (bsc#1143189)
- CVE-2019-11810: An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can
occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in
drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free
(bsc#1134399)
- CVE-2019-13631: In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through
5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation
of debugging messages (bsc#1142023)
The following bugs have been fixed:
- Fixes an issue in add_disk flow (bsc#1104843)
ImportantSUSE bug 1104843SUSE bug 1134399SUSE bug 1136424SUSE bug 1142023SUSE bug 1143179SUSE bug 1143189SUSE bug 1143191CVE-2015-9289 at SUSECVE-2015-9289 at NVDCVE-2019-11810 at SUSECVE-2019-11810 at NVDCVE-2019-13631 at SUSECVE-2019-13631 at NVDCVE-2019-14283 at SUSECVE-2019-14283 at NVDCVE-2019-14284 at SUSECVE-2019-14284 at NVDCVE-2019-3846 at SUSECVE-2019-3846 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for kernel-source (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for the SUSE Linux Enterprise 11 SP3 Kernel for Teradata fixes the following issues:
Security issues:
- CVE-2019-14835: A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's
vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration.
A privileged guest user able to pass descriptors with invalid length to the host when migration is underway,
could use this flaw to increase their privileges on the host (bsc#1150112)
- CVE-2019-15216: An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference
caused by a malicious USB device in the drivers/usb/misc/yurex.c driver (bsc#1146361)
- CVE-2019-9456: In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a
missing bounds check. This could lead to local escalation of privilege with System execution privileges needed.
User interaction is not needed for exploitation (bsc#1150025)
- CVE-2019-15927: An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in
the function build_audio_procunit in the file sound/usb/mixer.c (bsc#1149522)
- CVE-2019-15902: A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190,
4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of
the upstream 'x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()' commit reintroduced the Spectre
vulnerability that it aimed to eliminate. This occurred because the backport process depends on cherry picking
specific commits, and because two (correctly ordered) code lines were swapped (bsc#1149376)
- CVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer
overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use
this to cause a denial of service (bsc#1137586, bsc#1139751)
- CVE-2019-15219: An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference
caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver (bsc#1146524)
- CVE-2017-18509: An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a
specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop
general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can
be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after
namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of
the ip6_mroute_* functions (bsc#1145477)
- CVE-2019-15212: An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a
malicious USB device in the drivers/usb/misc/rio500.c driver (bsc#1146391)
- CVE-2019-15292: An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in
atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c
(bsc#1146678)
- CVE-2019-15217: An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference
caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver (bsc#1146547)
- CVE-2018-20976: An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after
free exists, related to xfs_fs_fill_super failure (bsc#1146285)
- CVE-2017-18551: An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15.
There is an out of bounds write in the function i2c_smbus_xfer_emulated (bsc#1146163)
- CVE-2019-15118: check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion,
leading to kernel stack exhaustion (bsc#1145922)
ImportantSUSE bug 1137586SUSE bug 1139751SUSE bug 1145477SUSE bug 1145922SUSE bug 1146163SUSE bug 1146285SUSE bug 1146361SUSE bug 1146391SUSE bug 1146524SUSE bug 1146547SUSE bug 1146678SUSE bug 1149376SUSE bug 1149522SUSE bug 1150025SUSE bug 1150112CVE-2017-18509 at SUSECVE-2017-18509 at NVDCVE-2017-18551 at SUSECVE-2017-18551 at NVDCVE-2018-20976 at SUSECVE-2018-20976 at NVDCVE-2019-11477 at SUSECVE-2019-11477 at NVDCVE-2019-14835 at SUSECVE-2019-14835 at NVDCVE-2019-15118 at SUSECVE-2019-15118 at NVDCVE-2019-15212 at SUSECVE-2019-15212 at NVDCVE-2019-15216 at SUSECVE-2019-15216 at NVDCVE-2019-15217 at SUSECVE-2019-15217 at NVDCVE-2019-15219 at SUSECVE-2019-15219 at NVDCVE-2019-15292 at SUSECVE-2019-15292 at NVDCVE-2019-15902 at SUSECVE-2019-15902 at NVDCVE-2019-15927 at SUSECVE-2019-15927 at NVDCVE-2019-9456 at SUSECVE-2019-9456 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the SUSE Linux Enterprise 11 SP3 Kernel for Teradata (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This is an update for the SUSE Linux Enterprise 11 SP3 Kernel for Teradata:
The following security issues have been fixed:
- CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the
Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change,
causing the CPU core to be non-functional. (bsc#1117665)
- CVE-2019-10220: Added sanity checks on the pathnames passed to the user space. (bsc#1144903)
- CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory
support could be used to facilitate sidechannel information leaks out of microarchitectural
buffers, similar to the previously described 'Microarchitectural Data Sampling' attack
The Linux kernel was supplemented with the option to disable TSX operation altogether (requiring
CPU Microcode updates on older systems) and better flushing of microarchitectural buffers (VERW).
The set of options available is described in our TID at https://www.suse.com/support/kb/doc/?id=7024251
(bsc#1139073)
- CVE-2019-14821: An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3,
in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on
an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last'
value could be supplied by a host user-space process. An unprivileged host user or process with access
to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or
potentially escalating privileges on the system. (bcs#1151350)
- CVE-2019-15291: An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference
caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c
driver. (bsc#1146540)
- CVE-2019-15505: drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an
out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir). (bsc#1147122)
- CVE-2019-15807: In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c
when SAS expander discovery fails. This will cause a BUG and denial of service. (bsc#1148938)
- CVE-2019-16232: drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the
alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#1150465)
- CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue
return value, leading to a NULL pointer dereference. (bsc#1150457)
- CVE-2019-16234: drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the
alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#1150452)
- CVE-2019-16413: An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect
i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems.
(bsc#1151347)
- CVE-2019-17052: ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel through
5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka
CID-0614e2b73768. (bsc#1152779)
- CVE-2019-17053: ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux
kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket,
aka CID-e69dbd4619e7. (bsc#1152789)
- CVE-2019-17054: atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through
5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka
CID-6cc03e8aa36c. (bsc#1152786)
- CVE-2019-17055: base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel
through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka
CID-b91ee4aa2a21. (bsc#1152782)
- CVE-2019-17133: In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not
reject a long SSID IE, leading to a Buffer Overflow. (bsc#1153158)
CVE-2019-17133).
- IB/core: Add mitigation for Spectre V1 (bsc#1155671)
- array_index_nospec: Sanitize speculative array (bsc#1155671)
ImportantSUSE bug 1117665SUSE bug 1139073SUSE bug 1144903SUSE bug 1146540SUSE bug 1147122SUSE bug 1148938SUSE bug 1150452SUSE bug 1150457SUSE bug 1150465SUSE bug 1151347SUSE bug 1152779SUSE bug 1152782SUSE bug 1152786SUSE bug 1152789SUSE bug 1153158SUSE bug 1155671CVE-2018-12207 at SUSECVE-2018-12207 at NVDCVE-2019-10220 at SUSECVE-2019-10220 at NVDCVE-2019-11135 at SUSECVE-2019-11135 at NVDCVE-2019-14821 at SUSECVE-2019-14821 at NVDCVE-2019-15291 at SUSECVE-2019-15291 at NVDCVE-2019-15505 at SUSECVE-2019-15505 at NVDCVE-2019-15807 at SUSECVE-2019-15807 at NVDCVE-2019-16232 at SUSECVE-2019-16232 at NVDCVE-2019-16233 at SUSECVE-2019-16233 at NVDCVE-2019-16234 at SUSECVE-2019-16234 at NVDCVE-2019-16413 at SUSECVE-2019-16413 at NVDCVE-2019-17052 at SUSECVE-2019-17052 at NVDCVE-2019-17053 at SUSECVE-2019-17053 at NVDCVE-2019-17054 at SUSECVE-2019-17054 at NVDCVE-2019-17055 at SUSECVE-2019-17055 at NVDCVE-2019-17133 at SUSECVE-2019-17133 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for kernel-source (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This is an update for the SUSE Linux Enterprise 11 SP3 Kernel for Teradata:
* Fixed security issues:
- CVE-2019-19965: In the Linux kernel up to and including 5.4.6, there is a NULL pointer dereference in
drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related
to a PHY down race condition, aka CID-f70267f379b5 (bsc#1159911)
- CVE-2019-19066: A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the
Linux kernel up to and including 5.3.11 allows malicious users to cause a denial of service (memory
consumption) by triggering bfa_port_get_stats() failures, aka CID-0e62395da2bd (bsc#1157303)
- CVE-2019-14896, CVE-2019-14897: It exists that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the
Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code (bsc#1157157, bsc#1157155)
- CVE-2019-20096: In the Linux kernel prior to 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c,
which may cause denial of service, aka CID-1d3ff0950e2b (bsc#1159908)
- CVE-2019-19966: In the Linux kernel prior to 5.1.6, there is a use-after-free in cpia2_exit() in
drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655 (bsc#1159841)
- CVE-2019-19532: In the Linux kernel prior to 5.3.9, there are multiple out-of-bounds write bugs that can be caused by
a malicious USB device in the Linux kernel HID drivers, aka CID-d9d4b1e46d95 (bsc#1158824)
- CVE-2019-19523: In the Linux kernel prior to 5.3.7, there is a use-after-free bug that can be caused by a malicious
USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79 (bsc#1158823)
- CVE-2019-19537: In the Linux kernel prior to 5.2.10, there is a race condition bug that can be caused by a malicious
USB device in the USB character device driver layer, aka CID-303911cfc5b9 (bsc#1158904)
- CVE-2019-19523: In the Linux kernel prior to 5.3.7, there is a use-after-free bug that can be caused by a malicious
USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79 (bsc#1158823)
- CVE-2019-19527: In the Linux kernel prior to 5.2.10, there is a use-after-free bug that can be caused by a malicious
USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e (bsc#1158900)
- CVE-2019-19530: In the Linux kernel prior to 5.2.10, there is a use-after-free bug that can be caused by a malicious
USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef (bsc#1158410)
- CVE-2019-19524: In the Linux kernel prior to 5.3.12, there is a use-after-free bug that can be caused by a malicious
USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9 (bsc#1158413)
- CVE-2019-15213: An issue exists in the Linux kernel prior to 5.2.3. There is a use-after-free caused by a malicious
USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver (bsc#1146544)
- CVE-2019-19531: In the Linux kernel prior to 5.2.9, there is a use-after-free bug that can be caused by a malicious
USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca (bsc#1158445)
- CVE-2019-19227: In the AppleTalk subsystem in the Linux kernel prior to 5.1, there is a potential NULL pointer
dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c
and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, aka CID-9804501fa122 (bsc#1157678)
- CVE-2019-12456: An issue exists in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the
Linux kernel up to and including 5.1.5. It allows local users to cause a denial of service or possibly have unspecified
other impact by changing the value of ioc_number between two kernel reads of that value, aka a 'double fetch' vulnerability (bsc#1136922)
- CVE-2019-19074: A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux
kernel up to and including 5.3.11 allows malicious users to cause a denial of service (memory consumption), aka
CID-728c1e2a05e4 (bsc#1157143)
- CVE-2019-19073: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel up to and including 5.3.11
allow malicious users to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures.
This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service()
function, aka CID-853acf7caf10 (bsc#1157070)
- CVE-2019-15916: An issue exists in the Linux kernel prior to 5.0.1. There is a memory leak in register_queue_kobjects()
in net/core/net-sysfs.c, which will cause denial of service (bsc#1149448)
* Regular bug fixes:
- sd: always retry READ CAPACITY for ALUA state transition (bsc#1160774)
- Disabled asynchronous probing for individual devices (bsc#1154990) ImportantSUSE bug 1117665SUSE bug 1136922SUSE bug 1146544SUSE bug 1149448SUSE bug 1154990SUSE bug 1157070SUSE bug 1157143SUSE bug 1157155SUSE bug 1157157SUSE bug 1157303SUSE bug 1157485SUSE bug 1157678SUSE bug 1158410SUSE bug 1158413SUSE bug 1158445SUSE bug 1158823SUSE bug 1158824SUSE bug 1158900SUSE bug 1158904SUSE bug 1159467SUSE bug 1159841SUSE bug 1159908SUSE bug 1159911SUSE bug 1160774CVE-2018-12207 at SUSECVE-2018-12207 at NVDCVE-2019-12456 at SUSECVE-2019-12456 at NVDCVE-2019-14896 at SUSECVE-2019-14896 at NVDCVE-2019-14897 at SUSECVE-2019-14897 at NVDCVE-2019-15213 at SUSECVE-2019-15213 at NVDCVE-2019-15916 at SUSECVE-2019-15916 at NVDCVE-2019-18660 at SUSECVE-2019-18660 at NVDCVE-2019-19066 at SUSECVE-2019-19066 at NVDCVE-2019-19073 at SUSECVE-2019-19073 at NVDCVE-2019-19074 at SUSECVE-2019-19074 at NVDCVE-2019-19227 at SUSECVE-2019-19227 at NVDCVE-2019-19523 at SUSECVE-2019-19523 at NVDCVE-2019-19524 at SUSECVE-2019-19524 at NVDCVE-2019-19527 at SUSECVE-2019-19527 at NVDCVE-2019-19530 at SUSECVE-2019-19530 at NVDCVE-2019-19531 at SUSECVE-2019-19531 at NVDCVE-2019-19532 at SUSECVE-2019-19532 at NVDCVE-2019-19537 at SUSECVE-2019-19537 at NVDCVE-2019-19965 at SUSECVE-2019-19965 at NVDCVE-2019-19966 at SUSECVE-2019-19966 at NVDCVE-2019-20096 at SUSECVE-2019-20096 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls (bsc#1167629).
- CVE-2020-8647: There was a use-after-free vulnerability in the vc_do_resize function in drivers/tty/vt/vt.c (bsc#1162929).
- CVE-2020-8649: There was a use-after-free vulnerability in the vgacon_invert_region function in drivers/video/console/vgacon.c (bsc#1162931).
- CVE-2020-9383: An issue was discovered set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it (bsc#1165111).
- CVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function in kernel/trace/blktrace.c (bsc#1159285).
- CVE-2020-11608: Fixed a NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints (bsc#1168829).
- CVE-2020-8648: There was a use-after-free vulnerability in the n_tty_receive_buf_common function in drivers/tty/n_tty.c (bsc#1162928).
- CVE-2019-18675: Fixed an Integer Overflow in cpia2_remap_buffer in drivers/media/usb/cpia2/cpia2_core.c because cpia2 has its own mmap implementation. This allowed local users to obtain read and write permissions on kernel physical pages, which can possibly result in a privilege escalation (bsc#1157804).
The following non-security bugs were fixed:
- Input: add safety guards to input_set_keycode() (bsc#1168075).
- blk: Fix kabi due to blk_trace_mutex addition (bsc#1159285).
- blktrace: fix dereference after null check (bsc#1159285).
- blktrace: fix trace mutex deadlock (bsc#1159285).
- ext3: Initialize i_datasync_tid for new inodes (bsc#1145340).
- media: ov519: add missing endpoint sanity checks (bsc#1168829).
- media: stv06xx: add missing descriptor sanity checks (bsc#1168854).
- rpm/kernel-binary.spec.in: Replace Novell with SUSE
- x86: fix speculation bug reporting (bnc#1012382).
ImportantSUSE bug 1012382SUSE bug 1145340SUSE bug 1157804SUSE bug 1159285SUSE bug 1162928SUSE bug 1162929SUSE bug 1162931SUSE bug 1164078SUSE bug 1165111SUSE bug 1167629SUSE bug 1168075SUSE bug 1168649SUSE bug 1168829SUSE bug 1168854CVE-2019-18675 at SUSECVE-2019-18675 at NVDCVE-2019-19768 at SUSECVE-2019-19768 at NVDCVE-2020-10942 at SUSECVE-2020-10942 at NVDCVE-2020-11608 at SUSECVE-2020-11608 at NVDCVE-2020-8647 at SUSECVE-2020-8647 at NVDCVE-2020-8648 at SUSECVE-2020-8648 at NVDCVE-2020-8649 at SUSECVE-2020-8649 at NVDCVE-2020-9383 at SUSECVE-2020-9383 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it.
This attack is known as Special Register Buffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824).
- CVE-2020-12652: Fixed an issue which could have allowed local users to hold an incorrect lock during the ioctl operation and trigger a race condition (bsc#1171218).
- CVE-2020-12653: Fixed an issue in the wifi driver which could have allowed local users to gain privileges or cause a denial of service (bsc#1171195).
- CVE-2020-12654: Fixed an issue in he wifi driver which could have allowed a remote AP to trigger a heap-based buffer overflow (bsc#1171202).
- CVE-2020-12656: Fixed an improper handling of certain domain_release calls leadingch could have led to a memory leak (bsc#1171219).
- CVE-2020-10690: Fixed the race between the release of ptp_clock and cdev (bsc#1170056).
The following non-security bugs were fixed:
- random: always use batched entropy for get_random_u{32,64} (bsc#1164871).
ImportantSUSE bug 1154824SUSE bug 1164871SUSE bug 1170056SUSE bug 1171195SUSE bug 1171202SUSE bug 1171218SUSE bug 1171219CVE-2020-0543 at SUSECVE-2020-0543 at NVDCVE-2020-10690 at SUSECVE-2020-10690 at NVDCVE-2020-12652 at SUSECVE-2020-12652 at NVDCVE-2020-12653 at SUSECVE-2020-12653 at NVDCVE-2020-12654 at SUSECVE-2020-12654 at NVDCVE-2020-12656 at SUSECVE-2020-12656 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-16746: Fixed an improper check of the length of variable elements in a beacon head, leading to a buffer overflow (bsc#1152107).
- CVE-2019-5108: Fixed a denial-of-service vulnerability caused by triggering AP to send IAPP location updates for stations before the required authentication process has completed (bnc#1159912).
- CVE-2019-6133: Fixed an issue where the 'start time' protection mechanism could have been bypassed and therefore authorization decisions are improperly cached (bsc#1128172).
- CVE-2020-0305: Fixed a race condition which could have led to local escalation of privilege (bsc#1174462).
- CVE-2020-0404: Fixed a linked list corruption due to an unusual root cause (bsc#1176423).
- CVE-2020-0431: Fixed an out of bounds write due to a missing bounds check (bsc#1176722).
- CVE-2020-10732: Fixed an improper implementation of userspace core dumps which could have led to crash a trivial program and exfiltrate private kernel data (bsc#1171220).
- CVE-2020-10769: Fixed a buffer over-read in the IPsec Cryptographic algorithm's module, authenc. This flaw allowed a local attacker with user privileges to cause a denial of service (bsc#1173265).
- CVE-2020-10773: Fixed a memory leak on s390/s390x, in the cmm_timeout_hander in file arch/s390/mm/cmm.c (bsc#1172999).
- CVE-2020-11668: Fixed an issue where a malicious USB device pretending to be Xirlink camera could corrupt random kernel memory (bsc#1168952).
- CVE-2020-13974: Fixed an integer overflow in drivers/tty/vt/keyboard.c, if k_ascii is called several times in a row (bsc#1172775).
- CVE-2020-14331: Fixed a missing check in vgacon scrollback handling (bsc#1174205).
- CVE-2020-14353: Fixed an issue where keys - for keyctl prevent creating a different user's keyrings (bsc#1174993).
- CVE-2020-14381: Fixed requeue paths such that filp was valid when dropping the references (bsc#1176011).
- CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory corruption or a denial of service when changing screen size (bsc#1176235).
- CVE-2020-14416: Fixed a race condition in tty->disc_data handling in the slip and slcan line discipline which could have led to a use-after-free (bsc#1162002).
- CVE-2020-15436: Fixed a use after free vulnerability in fs/block_dev.c which could have allowed local users to gain privileges or cause a denial of service (bsc#1179141).
- CVE-2020-15437: Fixed a null pointer dereference which could have allowed local users to cause a denial of service(bsc#1179140).
- CVE-2020-25284: Fixed an incomplete permission checking for access to rbd devices, which could have been leveraged by local attackers to map or unmap rbd block devices (bsc#1176482).
- CVE-2020-25285: Fixed a race condition between hugetlb sysctl handlers in mm/hugetlb.c (bsc#1176485).
- CVE-2020-25643: Fixed a memory corruption and a read overflow which could have caused by improper input validation in the ppp_cp_parse_cr function (bsc#1177206).
- CVE-2020-25656: Fixed a concurrency use-after-free in vt_do_kdgkb_ioctl (bsc#1177766).
- CVE-2020-25668: Fixed a use-after-free in con_font_op() (bsc#1178123).
- CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit() (bsc#1178182).
- CVE-2020-27777: Restrict RTAS requests from userspace (bsc#1179107)
- CVE-2020-27786: Fixed a use after free in kernel midi subsystem snd_rawmidi_kernel_read1() (bsc#1179601).
- CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could have been used by local attackers to read kernel memory (bsc#1178886).
- CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon (bsc#1178589).
- CVE-2020-29660, CVE-2020-29661: Fixed a race condition and an improper session locking process in tty pgrp and session handling (bsc#1179745).
The following non-security bugs were fixed:
- CIFS: fix uninitialized memory access (bsc#1120326).
- fs/xfs: fix f_ffree value for statfs when project quota is set (bsc#1165985).
- net/x25: fix a race in x25_bind() (bsc#1178590).
- net/x25: prevent a couple of overflows (bsc#1178590).
- tty: fix memleak in alloc_pid (bsc#1179745).
ImportantSUSE bug 1070943SUSE bug 1120326SUSE bug 1121872SUSE bug 1152107SUSE bug 1159912SUSE bug 1162002SUSE bug 1165985SUSE bug 1168952SUSE bug 1171220SUSE bug 1172775SUSE bug 1172999SUSE bug 1173265SUSE bug 1174205SUSE bug 1174462SUSE bug 1174993SUSE bug 1176011SUSE bug 1176235SUSE bug 1176278SUSE bug 1176423SUSE bug 1176482SUSE bug 1176485SUSE bug 1176722SUSE bug 1177206SUSE bug 1177766SUSE bug 1178123SUSE bug 1178182SUSE bug 1178589SUSE bug 1178590SUSE bug 1178886SUSE bug 1179107SUSE bug 1179140SUSE bug 1179141SUSE bug 1179419SUSE bug 1179601SUSE bug 1179745CVE-2019-16746 at SUSECVE-2019-16746 at NVDCVE-2019-5108 at SUSECVE-2019-5108 at NVDCVE-2019-6133 at SUSECVE-2019-6133 at NVDCVE-2020-0305 at SUSECVE-2020-0305 at NVDCVE-2020-0404 at SUSECVE-2020-0404 at NVDCVE-2020-0431 at SUSECVE-2020-0431 at NVDCVE-2020-10732 at SUSECVE-2020-10732 at NVDCVE-2020-10769 at SUSECVE-2020-10769 at NVDCVE-2020-10773 at SUSECVE-2020-10773 at NVDCVE-2020-11668 at SUSECVE-2020-11668 at NVDCVE-2020-13974 at SUSECVE-2020-13974 at NVDCVE-2020-14331 at SUSECVE-2020-14331 at NVDCVE-2020-14353 at SUSECVE-2020-14353 at NVDCVE-2020-14381 at SUSECVE-2020-14381 at NVDCVE-2020-14390 at SUSECVE-2020-14390 at NVDCVE-2020-14416 at SUSECVE-2020-14416 at NVDCVE-2020-15436 at SUSECVE-2020-15436 at NVDCVE-2020-15437 at SUSECVE-2020-15437 at NVDCVE-2020-25284 at SUSECVE-2020-25284 at NVDCVE-2020-25285 at SUSECVE-2020-25285 at NVDCVE-2020-25643 at SUSECVE-2020-25643 at NVDCVE-2020-25656 at SUSECVE-2020-25656 at NVDCVE-2020-25668 at SUSECVE-2020-25668 at NVDCVE-2020-25669 at SUSECVE-2020-25669 at NVDCVE-2020-27777 at SUSECVE-2020-27777 at NVDCVE-2020-27786 at SUSECVE-2020-27786 at NVDCVE-2020-28915 at SUSECVE-2020-28915 at NVDCVE-2020-28974 at SUSECVE-2020-28974 at NVDCVE-2020-29660 at SUSECVE-2020-29660 at NVDCVE-2020-29661 at SUSECVE-2020-29661 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel (bnc#1181349).
- CVE-2020-25211: Fixed a flaw where a local attacker was able to inject conntrack netlink configuration that could cause a denial of service or trigger the use of incorrect protocol numbers in ctnetlink_parse_tuple_filter (bnc#1176395).
- CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could have led to local privilege escalation (bnc#1180029).
- CVE-2020-27068: Fixed an out-of-bounds read due to a missing bounds check in the nl80211_policy policy of nl80211.c (bnc#1180086).
The following non-security bugs were fixed:
- HID: Fix slab-out-of-bounds read in hid_field_extract (bsc#1180052).
ImportantSUSE bug 1176395SUSE bug 1180029SUSE bug 1180030SUSE bug 1180052SUSE bug 1180086SUSE bug 1181349SUSE bug 1181553CVE-2020-0465 at SUSECVE-2020-0465 at NVDCVE-2020-25211 at SUSECVE-2020-25211 at NVDCVE-2020-27068 at SUSECVE-2020-27068 at NVDCVE-2021-3347 at SUSECVE-2021-3347 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for kernel-source (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Kernel has been updated to receive the following fixes:
- CVE-2020-29660: A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through
5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID,
aka CID-c8bcd9c5be24.tty_lock: undo the old tty_lock use on the ctty (bsc#1179745)
ImportantSUSE bug 1179745CVE-2020-29660 at SUSECVE-2020-29660 at NVDCVE-2020-4788 at SUSECVE-2020-4788 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2014-7841: Fixed denial of service via a malformed SCTP INIT chunk when ASCONF is used (bnc#905100).
- CVE-2020-24586: Fixed arbitrary network packet injection via fragmented frames encrypted using WEP, CCMP, or GCMP (bnc#1185859).
- CVE-2020-24587: Fixed data leak when fragments of a frame are not encrypted with the same key and the WEP, CCMP, or GCMP encryption key is periodically renewed (bnc#1185859, bnc#1185862).
- CVE-2020-24588: Fixed arbitrary network packet injection via specially crafted non-SSP A-MSDU frames (bnc#1185861).
- CVE-2020-26139: Fixed denial of service in protected Wi-Fi newtwors via EAPOL frames forwarding (bnc#1186062).
- CVE-2020-35519: Fixed out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c (bnc#1183696).
- CVE-2020-36322: Fixed system crash in the FUSE filesystem implementation (bnc#1184211).
- CVE-2020-36385: Fixed user-after-free issue in drivers/infiniband/core/ucma.c (bnc#1187050).
- CVE-2020-36386: Fixed slab out-of-bounds read in hci_extended_inquiry_result_evt funcion in net/bluetooth/hci_event.c (bnc#1187038).
- CVE-2021-0512: Fixed local privilege escalation via a buffer overflow in __hidinput_change_resolution_multipliers of hid-input.c (bnc#1187595).
- CVE-2021-20261: Fixed race condition in the floppy disk drive controller driver software (bnc#1183400).
- CVE-2021-20265: Fixed denial of service by unprivileged local users via the the unix_stream_recvmsg function in the Linux kernel when a signal was pending (bnc#1183089).
- CVE-2021-27363: Fixed kernel pointer leak in iSCSI subsystem (bnc#1182716).
- CVE-2021-27364: Fixed iscsi_if_recv_msg() allows non-root users to connect and send commands (bnc#1182717).
- CVE-2021-27365: Fixed missing length checks in iSCSI data structures (bnc#1182715).
- CVE-2021-28950: Fixed stall on CPU in fs/fuse/fuse_i.h (bnc#1184194).
- CVE-2021-28972: Fixed buffer overflow in In drivers/pci/hotplug/rpadlpar_sysfs.c (bnc#1184198).
- CVE-2021-29154: Fixed arbitrary code execution within the kernel context due to BPF JIT compilers incorrect computation of branch displacements (bnc#1184391).
- CVE-2021-29650: Fixed denial of service in the netfilter subsystem upon the assignment of a new table value (bnc#1184208).
- CVE-2021-30002: Fixed memory leak for large arguments in video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c (bnc#1184120).
- CVE-2021-32399: Fixed race condition in net/bluetooth/hci_request.c (bnc#1184611).
- CVE-2021-33033: Fixed a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled (bsc#1186109).
- CVE-2021-34693: Fixed leak of sensitive information from kernel stack memory via partially uninitialized data structures in net/can/bcm.c (bnc#1187452).
- CVE-2021-3483: Fixed user-after-free in the Nosy driver in the Linux kernel (bnc#1184393).
- CVE-2021-3609: Fixed local privilege escalation via a race condition in net/can/bcm.c (bsc#1187215).
- CVE-2021-3640: Fixed Use-After-Free vulnerability in function sco_sock_sendmsg() (bsc#1188172).
- CVE-2021-3653: Fixed flaw in KVM's AMD code for supporting SVM nested virtualization that could lead to system crash, data leak or guest-to-host escape (bnc#1189399).
- CVE-2021-3655: Fixed a missing size validations on inbound SCTP packets, which may have allowed the kernel to read uninitialized memory (bsc#1188563).
- CVE-2021-3679: Fixed denial of service flaw in the Linux kernel tracing module functionality (bnc#1189057).
- CVE-2021-37159: Fixed use-after-free and a double free inside hso_free_net_device in drivers/net/usb/hso.c when unregister_netdev is called without checking for the NETREG_REGISTERED state (bnc#1188601).
- CVE-2021-3772: Fixed sctp vtag check in sctp_sf_ootb (bsc#1190351).
- CVE-2021-38160: Fixed data corruption or loss that could be triggered by untrusted device in drivers/char/virtio_console.c (bsc#1190117).
- CVE-2021-38198: Fixed shadow page memory access permission in arch/x86/kvm/mmu/paging_tmpl.h that could lead to a missing guest protection page fault (bnc#1189262).
- CVE-2021-42008: Fixed a slab out-of-bounds write in the decode_data function in drivers/net/hamradio/6pack.c. Input from a process that had the CAP_NET_ADMIN capability could have lead to root access (bsc#1191315).
- CVE-2021-42739: The firewire subsystem had a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandled bounds checking (bsc#1184673).
- CVE-2021-43389: Fixed array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c (bnc#1191958).
The following non-security bugs were fixed:
- sched: Fix possible divide by zero in avg_atom() calculation (bsc#1191884).
ImportantSUSE bug 1182715SUSE bug 1182716SUSE bug 1182717SUSE bug 1183089SUSE bug 1183400SUSE bug 1183696SUSE bug 1184120SUSE bug 1184194SUSE bug 1184198SUSE bug 1184208SUSE bug 1184211SUSE bug 1184391SUSE bug 1184393SUSE bug 1184611SUSE bug 1184673SUSE bug 1185859SUSE bug 1185861SUSE bug 1185862SUSE bug 1186062SUSE bug 1186109SUSE bug 1187038SUSE bug 1187050SUSE bug 1187215SUSE bug 1187452SUSE bug 1187595SUSE bug 1188172SUSE bug 1188563SUSE bug 1188601SUSE bug 1189057SUSE bug 1189262SUSE bug 1189399SUSE bug 1190117SUSE bug 1190351SUSE bug 1191315SUSE bug 1191884SUSE bug 1191958SUSE bug 905100CVE-2014-7841 at SUSECVE-2014-7841 at NVDCVE-2020-24586 at SUSECVE-2020-24586 at NVDCVE-2020-24587 at SUSECVE-2020-24587 at NVDCVE-2020-24588 at SUSECVE-2020-24588 at NVDCVE-2020-26139 at SUSECVE-2020-26139 at NVDCVE-2020-35519 at SUSECVE-2020-35519 at NVDCVE-2020-36322 at SUSECVE-2020-36322 at NVDCVE-2020-36385 at SUSECVE-2020-36385 at NVDCVE-2020-36386 at SUSECVE-2020-36386 at NVDCVE-2021-0512 at SUSECVE-2021-0512 at NVDCVE-2021-20261 at SUSECVE-2021-20261 at NVDCVE-2021-20265 at SUSECVE-2021-20265 at NVDCVE-2021-27363 at SUSECVE-2021-27363 at NVDCVE-2021-27364 at SUSECVE-2021-27364 at NVDCVE-2021-27365 at SUSECVE-2021-27365 at NVDCVE-2021-28950 at SUSECVE-2021-28950 at NVDCVE-2021-28972 at SUSECVE-2021-28972 at NVDCVE-2021-29154 at SUSECVE-2021-29154 at NVDCVE-2021-29650 at SUSECVE-2021-29650 at NVDCVE-2021-30002 at SUSECVE-2021-30002 at NVDCVE-2021-32399 at SUSECVE-2021-32399 at NVDCVE-2021-33033 at SUSECVE-2021-33033 at NVDCVE-2021-34693 at SUSECVE-2021-34693 at NVDCVE-2021-3483 at SUSECVE-2021-3483 at NVDCVE-2021-3609 at SUSECVE-2021-3609 at NVDCVE-2021-3640 at SUSECVE-2021-3640 at NVDCVE-2021-3653 at SUSECVE-2021-3653 at NVDCVE-2021-3655 at SUSECVE-2021-3655 at NVDCVE-2021-3679 at SUSECVE-2021-3679 at NVDCVE-2021-37159 at SUSECVE-2021-37159 at NVDCVE-2021-3772 at SUSECVE-2021-3772 at NVDCVE-2021-38160 at SUSECVE-2021-38160 at NVDCVE-2021-38198 at SUSECVE-2021-38198 at NVDCVE-2021-42008 at SUSECVE-2021-42008 at NVDCVE-2021-42739 at SUSECVE-2021-42739 at NVDCVE-2021-43389 at SUSECVE-2021-43389 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 kernel was updated.
The following security bugs were fixed:
- CVE-2021-4155: Fixed a data leak flaw that allows a local attacker to leak data on the XFS filesystem. (bsc#1194272)
- CVE-2020-27820: Fixed a vulnerability where a use-after-frees in nouveau's postclose() handler could happen if removing device. (bsc#1179599)
- CVE-2019-0136: Fixed an insufficient access control which allow an unauthenticated user to execute a denial of service. (bsc#1193157)
ImportantSUSE bug 1179599SUSE bug 1193157SUSE bug 1194272CVE-2019-0136 at SUSECVE-2019-0136 at NVDCVE-2020-27820 at SUSECVE-2020-27820 at NVDCVE-2021-4155 at SUSECVE-2021-4155 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 TD kernel to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-21499: Lock down kgdb to prohibit secure-boot bypass (bsc#1199426).
- CVE-2022-1652: Fixed a statically allocated error counter inside the floppy kernel module (bsc#1199063).
- CVE-2022-1353: Fixed access controll to kernel memory in the pfkey_register function in net/key/af_key.c (bnc#1198516).
- CVE-2022-1011: Fixed a use-after-free flaw inside the FUSE filesystem in the way a user triggers write(). This flaw allowed a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation (bnc#1197343).
- CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c which could lead to an use-after-free if there is a corrupted quota file (bnc#1197366).
- CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock (bsc#1197331).
- CVE-2022-0001: Fixed non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors to disable information disclosure via local access (bnc#1191580).
- CVE-2022-0002: Fixed non-transparent sharing of branch predictor within a context in some Intel(R) Processors to disable information disclosure via local access (bnc#1191580).
- CVE-2020-12770: Fixed an issue in sg_write that lacked an sg_remove_request call in a certain failure cases (bnc#1171420).
- CVE-2022-0617: Fixed a null pointer dereference in the UDF file system functionality (bnc#1196079).
- CVE-2022-0492: Fixed a flaw in the cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function (bnc#1195543).
- CVE-2021-45095: Fixed a refcount leak in pep_sock_accept in net/phonet/pep.c (bnc#1193867).
- CVE-2021-3753: Fixed a race problem in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c (bnc#1190025).
The following non-security bugs were fixed:
- kprobes: Limit max data_size of the kretprobe instances (bsc#1193669).
- netlink: Trim skb to alloc size to avoid MSG_TRUNC (bsc#1166098).
- highmem: fixed buffer corruption in include/linux/highmem.h:203 (bsc#1199859).
- direct-io: don't read inode->i_blkbits multiple times (bnc#919357).
- fs/buffer.c: make block-size be per-page and protected by the page lock (bnc#919357).
ImportantSUSE bug 1166098SUSE bug 1171420SUSE bug 1190025SUSE bug 1191580SUSE bug 1193669SUSE bug 1193867SUSE bug 1195543SUSE bug 1196079SUSE bug 1197331SUSE bug 1197343SUSE bug 1197366SUSE bug 1198516SUSE bug 1199063SUSE bug 1199426SUSE bug 1199859SUSE bug 919357CVE-2020-12770 at SUSECVE-2020-12770 at NVDCVE-2021-3753 at SUSECVE-2021-3753 at NVDCVE-2021-45095 at SUSECVE-2021-45095 at NVDCVE-2021-45868 at SUSECVE-2021-45868 at NVDCVE-2022-0001 at SUSECVE-2022-0001 at NVDCVE-2022-0002 at SUSECVE-2022-0002 at NVDCVE-2022-0492 at SUSECVE-2022-0492 at NVDCVE-2022-0617 at SUSECVE-2022-0617 at NVDCVE-2022-1011 at SUSECVE-2022-1011 at NVDCVE-2022-1048 at SUSECVE-2022-1048 at NVDCVE-2022-1353 at SUSECVE-2022-1353 at NVDCVE-2022-1652 at SUSECVE-2022-1652 at NVDCVE-2022-21499 at SUSECVE-2022-21499 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 TERADATA kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-3028: Fixed a race condition that was found in the IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously (bnc#1202898).
- CVE-2022-29901: Fixed retpoline mitigation bypass that leaked arbitrary data on Intel microprocessor generations 6 to 8 (bnc#1201469).
- CVE-2022-29900: Fixed mis-trained branch predictions for return instructions that may have allowed arbitrary speculative code execution under certain microarchitecture-dependent conditions (bnc#1199657, bnc#1201469).
- CVE-2022-28356: Fixed a refcount leak bug that was found in net/llc/af_llc.c (bnc#1197391).
- CVE-2022-2318: Fixed use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c (bnc#1201251).
- CVE-2022-21385: Fixed a flaw in net_rds_alloc_sgs() that allowed unprivileged local users to crash the machine (bnc#1202897).
- CVE-2022-20369: Fixed possible out of bounds write due to improper input validation in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347).
- CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg() (bsc#1202346).
- CVE-2022-20166: Fixed possible out of bounds write due to a heap buffer overflow in various methods of kernel base drivers (bnc#1200598).
- CVE-2022-20132: Fixed possible out of bounds read in lg_probe and related functions of hid-lg.c (bnc#1200619).
- CVE-2022-1679: Fixed a use-after-free flaw that was found inside the Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages (bnc#1199487).
- CVE-2022-1462: Fixed an out-of-bounds read flaw that was found in the TeleTYpe subsystem (bnc#1198829).
- CVE-2021-39713: Fixed use Qdisc rcu API instead of relying on rtnl lock (bsc#1196973).
- CVE-2021-34981: Fixed file refcount when cmtp_attach_device fails (bsc#1191961).
- CVE-2021-33656: Fixed out of bounds write when setting font with malicous data by ioctl cmd PIO_FONT (bnc#1201636).
- CVE-2021-33655: Fixed out of bounds write when sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO (bnc#1201635).
- CVE-2021-26341: Fixed potential data leakage on some AMD CPUs may transiently execute beyond unconditional direct branches (bnc#1196901, bnc#1201050).
- CVE-2020-36558: Fixed a race condition involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault (bnc#1200910).
- CVE-2020-36557: Fixed a race condition between the VT_DISALLOCATE ioctl and closing/opening of ttys that could have led to a use-after-free (bnc#1201429).
- CVE-2020-29568: Fixed an issue that was discovered in Xen through 4.14.x when processing watch events using a single thread (bnc#1179508).
- CVE-2020-15393: Fixed a memory leak in usbtest_disconnect in drivers/usb/misc/usbtest.c (bnc#1173514).
- CVE-2019-3900: Fixed an infinite loop issue that was found in the vhost_net kernel module (bnc#1133374).
- CVE-2018-7755: Fixed an issue that was discovered in the fd_locked_ioctl function in drivers/block/floppy.c (bnc#1084513).
- CVE-2017-13695: Fixed a KASLR protection mechanism bypass inside the acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c (bnc#1055710).
The following non-security bugs were fixed:
- fs/binfmt_misc.c: do not allow offset overflow (Git-fixes bsc#1109746, bsc#1200384).
- vmxnet3: fix building without CONFIG_PCI_MSI (bsc#1177882).
- vmxnet3: fix netpoll race condition (bsc#1177882).
ImportantSUSE bug 1055710SUSE bug 1084513SUSE bug 1109746SUSE bug 1133374SUSE bug 1173514SUSE bug 1177882SUSE bug 1179508SUSE bug 1191961SUSE bug 1196901SUSE bug 1196973SUSE bug 1197391SUSE bug 1198829SUSE bug 1199487SUSE bug 1199657SUSE bug 1200384SUSE bug 1200598SUSE bug 1200619SUSE bug 1200910SUSE bug 1201050SUSE bug 1201251SUSE bug 1201429SUSE bug 1201469SUSE bug 1201635SUSE bug 1201636SUSE bug 1202346SUSE bug 1202347SUSE bug 1202897SUSE bug 1202898CVE-2017-13695 at SUSECVE-2017-13695 at NVDCVE-2018-7755 at SUSECVE-2018-7755 at NVDCVE-2019-3900 at SUSECVE-2019-3900 at NVDCVE-2020-15393 at SUSECVE-2020-15393 at NVDCVE-2020-29568 at SUSECVE-2020-29568 at NVDCVE-2020-36557 at SUSECVE-2020-36557 at NVDCVE-2020-36558 at SUSECVE-2020-36558 at NVDCVE-2021-26341 at SUSECVE-2021-26341 at NVDCVE-2021-33655 at SUSECVE-2021-33655 at NVDCVE-2021-33656 at SUSECVE-2021-33656 at NVDCVE-2021-34981 at SUSECVE-2021-34981 at NVDCVE-2021-39713 at SUSECVE-2021-39713 at NVDCVE-2022-1462 at SUSECVE-2022-1462 at NVDCVE-2022-1679 at SUSECVE-2022-1679 at NVDCVE-2022-20132 at SUSECVE-2022-20132 at NVDCVE-2022-20166 at SUSECVE-2022-20166 at NVDCVE-2022-20368 at SUSECVE-2022-20368 at NVDCVE-2022-20369 at SUSECVE-2022-20369 at NVDCVE-2022-21385 at SUSECVE-2022-21385 at NVDCVE-2022-2318 at SUSECVE-2022-2318 at NVDCVE-2022-28356 at SUSECVE-2022-28356 at NVDCVE-2022-29900 at SUSECVE-2022-29900 at NVDCVE-2022-29901 at SUSECVE-2022-29901 at NVDCVE-2022-3028 at SUSECVE-2022-3028 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 TD kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-3635: Fixed a use-after-free in the tst_timer() of the file drivers/atm/idt77252.c (bsc#1204631).
- CVE-2022-3424: Fixed use-after-free in gru_set_context_option(), gru_fault() and gru_handle_user_call_os() that could lead to kernel panic (bsc#1204166).
- CVE-2022-41850: Fixed a race condition in roccat_report_event() in drivers/hid/hid-roccat.c (bsc#1203960).
- CVE-2022-45934: Fixed a integer wraparound via L2CAP_CONF_REQ packets in l2cap_config_req in net/bluetooth/l2cap_core.c (bsc#1205796).
- CVE-2022-41858: Fixed a denial of service in sl_tx_timeout() in drivers/net/slip (bsc#1205671).
- CVE-2022-4095: Fixed a use-after-free in rtl8712 driver (bsc#1205514).
- CVE-2022-3903: Fixed a denial of service with the Infrared Transceiver USB driver (bsc#1205220).
- CVE-2022-43750: Fixed vulnerability in usbmon that allowed a user-space client to corrupt the monitor's internal memory (bsc#1204653).
- CVE-2022-3646: Fixed memory leak in nilfs_attach_log_writer() in fs/nilfs2/segment.c (bsc#1204646).
- CVE-2022-3649: Fixed use-after-free in nilfs_new_inode() in fs/nilfs2/inode.c (bsc#1204647).
- CVE-2022-3621: Fixed null pointer dereference in nilfs_bmap_lookup_at_level() in fs/nilfs2/inode.c (bsc#1204574).
- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could allow a local unprivileged user to cause a denial of service (bsc#1204439).
- CVE-2022-3565: Fixed use-after-free in del_timer() in drivers/isdn/mISDN/l1oip_core.c (bsc#1204431).
- CVE-2022-3524: Fixed memory leak in ipv6_renew_options() in the IPv6 handler (bsc#1204354).
- CVE-2022-40768: Fixed information leak in the scsi driver which allowed local users to obtain sensitive information from kernel memory (bsc#1203514).
- CVE-2022-33981: Fixed use-after-free in floppy driver (bsc#1200692).
- CVE-2022-36946: Fixed a denial of service (panic) inside nfqnl_mangle in net/netfilter/nfnetlink_queue.c (bsc#1201940).
- CVE-2022-21166: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks (bsc#1199650).
- CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks (bsc#1199650).
- CVE-2022-21180: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks (bsc#1199650).
- CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice (bsc#1201948).
- CVE-2022-41848: Fixed a race condition in drivers/char/pcmcia/synclink_cs.c mgslpc_ioctl and mgslpc_detach (bsc#1203987).
- CVE-2022-3303: Fixed a race condition in the sound subsystem due to improper locking (bsc#1203769).
- CVE-2022-41218: Fixed an use-after-free caused by refcount races in drivers/media/dvb-core/dmxdev.c (bsc#1202960).
- CVE-2022-39188: Fixed a race condition where a device driver can free a page while it still has stale TLB entries (bsc#1203107).
- CVE-2022-2663: Fixed an issue which allowed a firewall to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured (bsc#1202097).
- CVE-2022-44033: Fixes a use-after-free with PCMCIA device related to a race condition between cm4040_open() and reader_detach() (bsc#1204922).
- CVE-2022-44032: Fixed a use-after-free with PCMCIA device related to a race condition between cmm_open() and cm4000_detach() (bsc#1204894).
- CVE-2020-16119: Fixed a use-after-free vulnerability exploitable by a local attacker due to reuse of a DCCP socket (bsc#1177471).
- CVE-2019-3837: Fixed a denial-of-service in the net_dma code in tcp_recvmsg() (bsc#1131430).
The following non-security bugs were fixed:
- ipc,sem: fix use after free on IPC_RMID after a task using same semaphore set exits (bsc#967914 bsc#1201441).
- ipc/sem.c: add cond_resched in exit_sme (bsc#1201441).
- net_sched: cls_route: disallow handle of 0 (bsc#1202393).
- x86/bugs: Reenable retbleed=off While for older kernels the return thunks are statically built in and cannot be dynamically patched out, retbleed=off should still be possible to do so that the mitigation can still be disabled on Intel who do not use the return thunks but IBRS.
ImportantSUSE bug 1131430SUSE bug 1177471SUSE bug 1177742SUSE bug 1199650SUSE bug 1200549SUSE bug 1200692SUSE bug 1201441SUSE bug 1201940SUSE bug 1201941SUSE bug 1201948SUSE bug 1202097SUSE bug 1202312SUSE bug 1202393SUSE bug 1202874SUSE bug 1202960SUSE bug 1203107SUSE bug 1203116SUSE bug 1203208SUSE bug 1203514SUSE bug 1203606SUSE bug 1203769SUSE bug 1203960SUSE bug 1203987SUSE bug 1204132SUSE bug 1204166SUSE bug 1204354SUSE bug 1204431SUSE bug 1204432SUSE bug 1204439SUSE bug 1204574SUSE bug 1204576SUSE bug 1204631SUSE bug 1204636SUSE bug 1204646SUSE bug 1204647SUSE bug 1204653SUSE bug 1204894SUSE bug 1204922SUSE bug 1205220SUSE bug 1205313SUSE bug 1205514SUSE bug 1205671SUSE bug 1205796SUSE bug 967914CVE-2019-3837 at SUSECVE-2019-3837 at NVDCVE-2020-16119 at SUSECVE-2020-16119 at NVDCVE-2022-21123 at SUSECVE-2022-21123 at NVDCVE-2022-21125 at SUSECVE-2022-21125 at NVDCVE-2022-21127 at SUSECVE-2022-21127 at NVDCVE-2022-21166 at SUSECVE-2022-21166 at NVDCVE-2022-21180 at SUSECVE-2022-21180 at NVDCVE-2022-2663 at SUSECVE-2022-2663 at NVDCVE-2022-3303 at SUSECVE-2022-3303 at NVDCVE-2022-33981 at SUSECVE-2022-33981 at NVDCVE-2022-3424 at SUSECVE-2022-3424 at NVDCVE-2022-3524 at SUSECVE-2022-3524 at NVDCVE-2022-3565 at SUSECVE-2022-3565 at NVDCVE-2022-3586 at SUSECVE-2022-3586 at NVDCVE-2022-3621 at SUSECVE-2022-3621 at NVDCVE-2022-3635 at SUSECVE-2022-3635 at NVDCVE-2022-3646 at SUSECVE-2022-3646 at NVDCVE-2022-3649 at SUSECVE-2022-3649 at NVDCVE-2022-36879 at SUSECVE-2022-36879 at NVDCVE-2022-36946 at SUSECVE-2022-36946 at NVDCVE-2022-3903 at SUSECVE-2022-3903 at NVDCVE-2022-39188 at SUSECVE-2022-39188 at NVDCVE-2022-40768 at SUSECVE-2022-40768 at NVDCVE-2022-4095 at SUSECVE-2022-4095 at NVDCVE-2022-41218 at SUSECVE-2022-41218 at NVDCVE-2022-41848 at SUSECVE-2022-41848 at NVDCVE-2022-41850 at SUSECVE-2022-41850 at NVDCVE-2022-41858 at SUSECVE-2022-41858 at NVDCVE-2022-43750 at SUSECVE-2022-43750 at NVDCVE-2022-44032 at SUSECVE-2022-44032 at NVDCVE-2022-44033 at SUSECVE-2022-44033 at NVDCVE-2022-45934 at SUSECVE-2022-45934 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 TD kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).
- CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291).
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2018-9517: Fixed possible memory corruption due to a use after free in pppol2tp_connect (bsc#1108488).
- CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in media/rc (bsc#1208837).
- CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051).
- CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036).
- CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in net/sched/sch_atm.c because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results) (bsc#1207125).
- CVE-2022-3566: Fixed race condition in the TCP Handler (bsc#1204405).
- CVE-2022-3567: Fixed a to race condition in inet6_stream_ops()/inet6_dgram_ops() (bsc#1204414).
The following non-security bugs were fixed:
- sctp: fail if no bound addresses can be used for a given scope (bsc#1206677).
ImportantSUSE bug 1108488SUSE bug 1204405SUSE bug 1204414SUSE bug 1206677SUSE bug 1207036SUSE bug 1207051SUSE bug 1207125SUSE bug 1207795SUSE bug 1208837SUSE bug 1209008SUSE bug 1209291SUSE bug 1209532CVE-2018-9517 at SUSECVE-2018-9517 at NVDCVE-2022-3566 at SUSECVE-2022-3566 at NVDCVE-2022-3567 at SUSECVE-2022-3567 at NVDCVE-2023-0590 at SUSECVE-2023-0590 at NVDCVE-2023-1118 at SUSECVE-2023-1118 at NVDCVE-2023-1513 at SUSECVE-2023-1513 at NVDCVE-2023-23454 at SUSECVE-2023-23454 at NVDCVE-2023-23455 at SUSECVE-2023-23455 at NVDCVE-2023-23559 at SUSECVE-2023-23559 at NVDCVE-2023-28328 at SUSECVE-2023-28328 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-1087: And an unprivileged KVM guest user could use this flaw to potentially escalate their privileges inside a guest. (bsc#1087088)
- CVE-2018-8897: An unprivileged system user could use incorrect set up interrupt stacks to crash the Linux kernel resulting in DoS issue. (bsc#1087088)
- CVE-2018-10124: The kill_something_info function in kernel/signal.c might allow local users to cause a denial of service via an INT_MIN argument (bnc#1089752).
- CVE-2018-10087: The kernel_wait4 function in kernel/exit.c might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value (bnc#1089608).
- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536 1087209).
- CVE-2018-7566: A Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user was fixed (bnc#1083483).
- CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem allowed attackers to gain privileges via unspecified vectors (bnc#1088260).
- CVE-2018-8822: Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c could be exploited by malicious NCPFS servers to crash the kernel or execute code (bnc#1086162).
- CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver. (bnc#1072865).
- CVE-2017-18203: The dm_get_from_kobject function in drivers/md/dm.c allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices (bnc#1083242).
- CVE-2017-16911: The vhci_hcd driver allowed allows local attackers to disclose kernel memory addresses. Successful exploitation requires that a USB device is attached over IP (bnc#1078674).
- CVE-2017-18208: The madvise_willneed function in mm/madvise.c allowed local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping (bnc#1083494).
- CVE-2017-16644: The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c allowed local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1067118).
- CVE-2018-6927: The futex_requeue function in kernel/futex.c might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value (bnc#1080757).
- CVE-2017-16914: The 'stub_send_ret_submit()' function (drivers/usb/usbip/stub_tx.c) allowed attackers to cause a denial of service (NULL pointer dereference) via a specially crafted USB over IP packet (bnc#1078669).
- CVE-2016-7915: The hid_input_field function in drivers/hid/hid-core.c allowed physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) by connecting a device, as demonstrated by a Logitech DJ receiver (bnc#1010470).
- CVE-2015-5156: The virtnet_probe function in drivers/net/virtio_net.c attempted to support a FRAGLIST feature without proper memory allocation, which allowed guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets (bnc#940776).
- CVE-2017-12190: The bio_map_user_iov and bio_unmap_user functions in block/bio.c did unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition (bnc#1062568).
- CVE-2017-16912: The 'get_pipe()' function (drivers/usb/usbip/stub_rx.c) allowed attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet (bnc#1078673).
- CVE-2017-16913: The 'stub_recv_cmd_submit()' function (drivers/usb/usbip/stub_rx.c) when handling CMD_SUBMIT packets allowed attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet (bnc#1078672).
The following non-security bugs were fixed:
- Integrate fixes resulting from bsc#1088147 More info in the respective commit messages.
- KABI: x86/kaiser: properly align trampoline stack.
- KEYS: do not let add_key() update an uninstantiated key (bnc#1063416).
- ipc/msg: introduce msgctl(MSG_STAT_ANY) (bsc#1072689).
- ipc/sem: introduce semctl(SEM_STAT_ANY) (bsc#1072689).
- ipc/shm: introduce shmctl(SHM_STAT_ANY) (bsc#1072689).
- kvm/x86: fix icebp instruction handling (bsc#1087088).
- leds: do not overflow sysfs buffer in led_trigger_show (bsc#1080464).
- mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack (bnc#1039348).
- x86-64: Move the 'user' vsyscall segment out of the data segment (bsc#1082424).
- x86/entry/64: Do not use IST entry for #BP stack (bsc#1087088).
- x86/kaiser: properly align trampoline stack (bsc#1087260).
- x86/retpoline: do not perform thunk calls in ring3 vsyscall code (bsc#1085331).
- xfs: check for buffer errors before waiting (bsc#1052943).
- xfs: fix allocbt cursor leak in xfs_alloc_ag_vextent_near (bsc#1087762).
- xfs: really fix the cursor leak in xfs_alloc_ag_vextent_near (bsc#1087762).
ImportantSUSE bug 1010470SUSE bug 1039348SUSE bug 1052943SUSE bug 1062568SUSE bug 1062840SUSE bug 1063416SUSE bug 1067118SUSE bug 1072689SUSE bug 1072865SUSE bug 1078669SUSE bug 1078672SUSE bug 1078673SUSE bug 1078674SUSE bug 1080464SUSE bug 1080757SUSE bug 1082424SUSE bug 1083242SUSE bug 1083483SUSE bug 1083494SUSE bug 1084536SUSE bug 1085331SUSE bug 1086162SUSE bug 1087088SUSE bug 1087209SUSE bug 1087260SUSE bug 1087762SUSE bug 1088147SUSE bug 1088260SUSE bug 1089608SUSE bug 1089752SUSE bug 940776CVE-2015-5156 at SUSECVE-2015-5156 at NVDCVE-2016-7915 at SUSECVE-2016-7915 at NVDCVE-2017-0861 at SUSECVE-2017-0861 at NVDCVE-2017-12190 at SUSECVE-2017-12190 at NVDCVE-2017-13166 at SUSECVE-2017-13166 at NVDCVE-2017-16644 at SUSECVE-2017-16644 at NVDCVE-2017-16911 at SUSECVE-2017-16911 at NVDCVE-2017-16912 at SUSECVE-2017-16912 at NVDCVE-2017-16913 at SUSECVE-2017-16913 at NVDCVE-2017-16914 at SUSECVE-2017-16914 at NVDCVE-2017-18203 at SUSECVE-2017-18203 at NVDCVE-2017-18208 at SUSECVE-2017-18208 at NVDCVE-2018-10087 at SUSECVE-2018-10087 at NVDCVE-2018-10124 at SUSECVE-2018-10124 at NVDCVE-2018-1087 at SUSECVE-2018-1087 at NVDCVE-2018-6927 at SUSECVE-2018-6927 at NVDCVE-2018-7566 at SUSECVE-2018-7566 at NVDCVE-2018-7757 at SUSECVE-2018-7757 at NVDCVE-2018-8822 at SUSECVE-2018-8822 at NVDCVE-2018-8897 at SUSECVE-2018-8897 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The SUSE Linux Enterprise 11 SP3 Teradata kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-14617: There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory (bnc#1102870).
- CVE-2018-16276: An issue was discovered in yurex_read in drivers/usb/misc/yurex.c where local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges (bnc#1106095).
- CVE-2018-12896: An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically made the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922).
The following non-security bugs were fixed:
- x86/fpu: Do not do __thread_fpu_end() if use_eager_fpu() (bnc#1109967).
- x86/fpu: fix signal handling with eager FPU switching (ia32) (bsc#1108227).
ImportantSUSE bug 1099922SUSE bug 1102870SUSE bug 1106095SUSE bug 1108227SUSE bug 1109967CVE-2018-12896 at SUSECVE-2018-12896 at NVDCVE-2018-14617 at SUSECVE-2018-14617 at NVDCVE-2018-16276 at SUSECVE-2018-16276 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for krb5SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This MIT krb5 update fixes a buffer overrun problem in kadmind:
* bnc#891082: buffer overrun in kadmind with LDAP back end
(MITKRB5-SA-2014-001) (CVE-2014-4345)
MIT krb5 Security Advisory 2014-001
* http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2014-001.txt
Security Issues:
* CVE-2014-4345
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345>
SUSE bug 825985SUSE bug 849240SUSE bug 886016SUSE bug 888697SUSE bug 891082CVE-2002-2443 at SUSECVE-2002-2443 at NVDCVE-2013-1418 at SUSECVE-2013-1418 at NVDCVE-2014-4341 at SUSECVE-2014-4341 at NVDCVE-2014-4342 at SUSECVE-2014-4342 at NVDCVE-2014-4343 at SUSECVE-2014-4343 at NVDCVE-2014-4344 at SUSECVE-2014-4344 at NVDCVE-2014-4345 at SUSECVE-2014-4345 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for krb5 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
krb5 was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-2695: Applications which call gss_inquire_context() on a partially-established SPNEGO context could have caused the GSS-API library to read from a pointer using the wrong type, generally causing a process crash (bsc#952188).
ImportantSUSE bug 952188CVE-2015-2695 at SUSECVE-2015-2695 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for krb5 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The krb5 package was updated to fix the following security and non security issues:
- CVE-2015-2695: Fixed missing functions that were still vulnerable (bsc#954270).
- Fixed a memory leak in the handling of error messages (bsc#954470).
ModerateSUSE bug 954270SUSE bug 954470CVE-2015-2695 at SUSECVE-2015-2695 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for krb5 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for krb5 fixes the following issues:
- CVE-2015-8629: Information leak authenticated attackers with permissions to modify the database (bsc#963968)
- CVE-2015-8631: An authenticated attacker could have caused a memory leak in auditd by supplying a null principal name in request (bsc#963975)
ModerateSUSE bug 963968SUSE bug 963975CVE-2015-8629 at SUSECVE-2015-8629 at NVDCVE-2015-8631 at SUSECVE-2015-8631 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for krb5 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for krb5 fixes the following security issue:
- CVE-2016-3119: An authenticated attacker with permission to modify a
principal entry could have caused kadmind to dereference a null pointer
by supplying an empty DB argument to the modify_principal command,
if kadmind is configured to use the LDAP KDB module. (bsc#971942)
ModerateSUSE bug 971942CVE-2016-3119 at SUSECVE-2016-3119 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for krb5 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for krb5 fixes the following issues:
- Incorrect string handling in build_principal_va can lead to DOS. (bsc#952190, CVE-2015-2697)
- Fix potential heap corruption and crash vulnerability described in MIT krb5 Security Advisory 2012-001.
(bsc#770172, CVE-2012-1015)
- Fix prep_reprocess_req NULL pointer deref. (bsc#816413, CVE-2013-1416)
- Fix Denial of service in krb5_read_message. (bsc#918595, CVE-2014-5355)
ModerateSUSE bug 770172SUSE bug 816413SUSE bug 918595SUSE bug 952190CVE-2012-1015 at SUSECVE-2012-1015 at NVDCVE-2013-1416 at SUSECVE-2013-1416 at NVDCVE-2014-5355 at SUSECVE-2014-5355 at NVDCVE-2015-2697 at SUSECVE-2015-2697 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for krb5 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for krb5 fixes the following issues:
Security issues fixed:
- CVE-2017-11368: Fix an unintended assertion failure in KDC (bsc#1049819)
Also the openssl1 LDAP library build is now used for the LDAP plugin components. (bsc#1025126).
ModerateSUSE bug 1025126SUSE bug 1049819CVE-2017-11368 at SUSECVE-2017-11368 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for krb5 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for krb5 fixes the following security issues:
- CVE-2017-15088: A buffer overflow in get_matching_data() was fixed that could under specific circumstances be used to execute code (bsc#1065274)
- CVE-2017-11462: Prevent automatic security context deletion to prevent double-free (bsc#1056995)
ImportantSUSE bug 1056995SUSE bug 1065274CVE-2017-11462 at SUSECVE-2017-11462 at NVDCVE-2017-15088 at SUSECVE-2017-15088 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for krb5 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for krb5 fixes the following issues:
Security issues fixed:
- CVE-2018-5729: Null pointer dereference in kadmind or DN container check bypass by supplying special crafted data (bsc#1083926).
- CVE-2018-5730: DN container check bypass by supplying special crafted data (bsc#1083927).
ModerateSUSE bug 1083926SUSE bug 1083927CVE-2018-5729 at SUSECVE-2018-5729 at NVDCVE-2018-5730 at SUSECVE-2018-5730 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for krb5 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for krb5 fixes the following issues:
- CVE-2022-42898: Fixed integer overflow in PAC parsing (bsc#1205126).
ImportantSUSE bug 1205126CVE-2022-42898 at SUSECVE-2022-42898 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for krb5SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for krb5 fixes the following issues:
* When randomizing the keys for a service principal, current keys could
be returned. (CVE-2014-5351)
* klist -s crashes when handling multiple referral entries.
(bnc#890623)
Security Issues:
* CVE-2014-5351
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5351>
SUSE bug 890623SUSE bug 897874CVE-2014-5351 at SUSECVE-2014-5351 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for krb5SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
krb5 has been updated to fix four security issues:
* CVE-2014-5352: gss_process_context_token() incorrectly frees context
(bsc#912002)
* CVE-2014-9421: kadmind doubly frees partial deserialization results
(bsc#912002)
* CVE-2014-9422: kadmind incorrectly validates server principal name
(bsc#912002)
* CVE-2014-9423: libgssrpc server applications leak uninitialized bytes
(bsc#912002)
Additionally, these non-security issues have been fixed:
* Winbind process hangs indefinitely without DC. (bsc#872912)
* Hanging winbind processes. (bsc#906557)
Security Issues:
* CVE-2014-5352
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5352>
* CVE-2014-9421
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9421>
* CVE-2014-9422
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9422>
* CVE-2014-9423
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9423>
SUSE bug 872912SUSE bug 906557SUSE bug 912002CVE-2014-5352 at SUSECVE-2014-5352 at NVDCVE-2014-9421 at SUSECVE-2014-9421 at NVDCVE-2014-9422 at SUSECVE-2014-9422 at NVDCVE-2014-9423 at SUSECVE-2014-9423 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for krb5 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
krb5 was updated to fix three security issues.
Remote authenticated users could cause denial of service.
These security issues were fixed:
- CVE-2014-5353: NULL pointer dereference when using a ticket policy name as password name (bsc#910457).
- CVE-2014-5354: NULL pointer dereference when using keyless entries (bsc#910458).
- CVE-2014-5355: Denial of service in krb5_read_message (bsc#918595).
ModerateSUSE bug 910457SUSE bug 910458SUSE bug 918595CVE-2014-5353 at SUSECVE-2014-5353 at NVDCVE-2014-5354 at SUSECVE-2014-5354 at NVDCVE-2014-5355 at SUSECVE-2014-5355 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for kvmSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
kvm has been updated to fix issues in the embedded qemu:
*
CVE-2014-0223: An integer overflow flaw was found in the QEMU block
driver for QCOW version 1 disk images. A user able to alter the QEMU
disk image files loaded by a guest could have used this flaw to
corrupt QEMU process memory on the host, which could potentially have
resulted in arbitrary code execution on the host with the privileges
of the QEMU process.
*
CVE-2014-3461: A user able to alter the savevm data (either on the
disk or over the wire during migration) could have used this flaw to
to corrupt QEMU process memory on the (destination) host, which could
have potentially resulted in arbitrary code execution on the host
with the privileges of the QEMU process.
*
CVE-2014-0222: An integer overflow flaw was found in the QEMU block
driver for QCOW version 1 disk images. A user able to alter the QEMU
disk image files loaded by a guest could have used this flaw to
corrupt QEMU process memory on the host, which could have potentially
resulted in arbitrary code execution on the host with the privileges
of the QEMU process.
Non-security bugs fixed:
* Fix exceeding IRQ routes that could have caused freezes of guests.
(bnc#876842)
* Fix CPUID emulation bugs that may have broken Windows guests with
newer -cpu types (bnc#886535)
Security Issues:
* CVE-2014-0222
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0222>
* CVE-2014-0223
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0223>
* CVE-2014-3461
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3461>
SUSE bug 812836SUSE bug 812983SUSE bug 817593SUSE bug 821819SUSE bug 824340SUSE bug 829800SUSE bug 841080SUSE bug 842006SUSE bug 842088SUSE bug 858858SUSE bug 864391SUSE bug 864649SUSE bug 864650SUSE bug 864653SUSE bug 864655SUSE bug 864665SUSE bug 864671SUSE bug 864673SUSE bug 864678SUSE bug 864682SUSE bug 864769SUSE bug 864796SUSE bug 864801SUSE bug 864802SUSE bug 864804SUSE bug 864805SUSE bug 864811SUSE bug 864812SUSE bug 864814SUSE bug 870439SUSE bug 873235SUSE bug 874749SUSE bug 874788SUSE bug 876842SUSE bug 877642SUSE bug 877645SUSE bug 878541SUSE bug 886535SUSE bug 920571SUSE bug 924018SUSE bug 929339SUSE bug 932267SUSE bug 932770CVE-2013-2016 at SUSECVE-2013-2016 at NVDCVE-2013-4344 at SUSECVE-2013-4344 at NVDCVE-2013-4541 at SUSECVE-2013-4541 at NVDCVE-2014-0142 at SUSECVE-2014-0142 at NVDCVE-2014-0143 at SUSECVE-2014-0143 at NVDCVE-2014-0144 at SUSECVE-2014-0144 at NVDCVE-2014-0145 at SUSECVE-2014-0145 at NVDCVE-2014-0146 at SUSECVE-2014-0146 at NVDCVE-2014-0147 at SUSECVE-2014-0147 at NVDCVE-2014-0150 at SUSECVE-2014-0150 at NVDCVE-2014-0222 at SUSECVE-2014-0222 at NVDCVE-2014-0223 at SUSECVE-2014-0223 at NVDCVE-2014-2894 at SUSECVE-2014-2894 at NVDCVE-2014-3461 at SUSECVE-2014-3461 at NVDCVE-2015-1779 at SUSECVE-2015-1779 at NVDCVE-2015-3209 at SUSECVE-2015-3209 at NVDCVE-2015-3456 at SUSECVE-2015-3456 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
kvm was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-5154: Host code execution via IDE subsystem CD-ROM (bsc#938344).
ImportantSUSE bug 938344CVE-2015-5154 at SUSECVE-2015-5154 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for kvm fixes the following issues:
Security issues fixed:
- CVE-2015-7512: The receive packet size is now checked in the emulated
pcnet driver, eliminating buffer overflow and potential security
issue by malicious guest systems. (bsc#957162)
- CVE-2015-8345: A infinite loop in processing command block list was fixed that could be
exploit by malicious guest systems (bsc#956829).
Bugs fixed:
- Fix cases of wrong clock values in kvmclock timekeeping
(bsc#947164 and bsc#953187)
- Enforce pxe rom sizes to ensure migration compatibility.
(bsc#950590)
ImportantSUSE bug 947164SUSE bug 950590SUSE bug 953187SUSE bug 956829SUSE bug 957162CVE-2015-7512 at SUSECVE-2015-7512 at NVDCVE-2015-8345 at SUSECVE-2015-8345 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
kvm was updated to fix 33 security issues.
These security issues were fixed:
- CVE-2016-4439: Avoid OOB access in 53C9X emulation (bsc#980711)
- CVE-2016-4441: Avoid OOB access in 53C9X emulation (bsc#980723)
- CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape (bsc#978158)
- CVE-2016-3712: Fixed VGa emulation based DOS and OOB read access exploit (bsc#978160)
- CVE-2016-4037: Fixed USB ehci based DOS (bsc#976109)
- CVE-2016-2538: Fixed potential OOB access in USB net device emulation (bsc#967969)
- CVE-2016-2841: Fixed OOB access / hang in ne2000 emulation (bsc#969350)
- CVE-2016-2858: Avoid potential DOS when using QEMU pseudo random number generator (bsc#970036)
- CVE-2016-2857: Fixed OOB access when processing IP checksums (bsc#970037)
- CVE-2016-4001: Fixed OOB access in Stellaris enet emulated nic (bsc#975128)
- CVE-2016-4002: Fixed OOB access in MIPSnet emulated controller (bsc#975136)
- CVE-2016-4020: Fixed possible host data leakage to guest from TPR access (bsc#975700)
- CVE-2015-3214: Fixed OOB read in i8254 PIC (bsc#934069)
- CVE-2014-9718: Fixed the handling of malformed or short ide PRDTs to avoid any opportunity for guest to cause DoS by abusing that interface (bsc#928393)
- CVE-2014-3689: Fixed insufficient parameter validation in rectangle functions (bsc#901508)
- CVE-2014-3615: The VGA emulator in QEMU allowed local guest users to read host memory by setting the display to a high resolution (bsc#895528).
- CVE-2015-5239: Integer overflow in vnc_client_read() and protocol_client_msg() (bsc#944463).
- CVE-2015-5278: Infinite loop in ne2000_receive() function (bsc#945989).
- CVE-2015-5279: Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU allowed guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets (bsc#945987).
- CVE-2015-5745: Buffer overflow in virtio-serial (bsc#940929).
- CVE-2015-6855: hw/ide/core.c in QEMU did not properly restrict the commands accepted by an ATAPI device, which allowed guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash (bsc#945404).
- CVE-2015-7295: hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allowed remote attackers to cause a denial of service (guest network consumption) via a flood of jumbo frames on the (1) tuntap or (2) macvtap interface (bsc#947159).
- CVE-2015-7549: PCI null pointer dereferences (bsc#958917).
- CVE-2015-8504: VNC floating point exception (bsc#958491).
- CVE-2015-8558: Infinite loop in ehci_advance_state resulting in DoS (bsc#959005).
- CVE-2015-8613: Wrong sized memset in megasas command handler (bsc#961358).
- CVE-2015-8619: Potential DoS for long HMP sendkey command argument (bsc#960334).
- CVE-2015-8743: OOB memory access in ne2000 ioport r/w functions (bsc#960725).
- CVE-2016-1568: AHCI use-after-free in aio port commands (bsc#961332).
- CVE-2016-1714: Potential OOB memory access in processing firmware configuration (bsc#961691).
- CVE-2016-1922: NULL pointer dereference when processing hmp i/o command (bsc#962320).
- CVE-2016-1981: Potential DoS (infinite loop) in e1000 device emulation by malicious privileged user within guest (bsc#963782).
- CVE-2016-2198: Malicious privileged guest user were able to cause DoS by writing to read-only EHCI capabilities registers (bsc#964413).
This non-security issue was fixed:
- Fix case of IDE interface needing busy status set before flush (bsc#936132)
ImportantSUSE bug 895528SUSE bug 901508SUSE bug 928393SUSE bug 934069SUSE bug 936132SUSE bug 940929SUSE bug 944463SUSE bug 945404SUSE bug 945987SUSE bug 945989SUSE bug 947159SUSE bug 958491SUSE bug 958917SUSE bug 959005SUSE bug 960334SUSE bug 960725SUSE bug 961332SUSE bug 961333SUSE bug 961358SUSE bug 961556SUSE bug 961691SUSE bug 962320SUSE bug 963782SUSE bug 964413SUSE bug 967969SUSE bug 969350SUSE bug 970036SUSE bug 970037SUSE bug 975128SUSE bug 975136SUSE bug 975700SUSE bug 976109SUSE bug 978158SUSE bug 978160SUSE bug 980711SUSE bug 980723CVE-2014-3615 at SUSECVE-2014-3615 at NVDCVE-2014-3689 at SUSECVE-2014-3689 at NVDCVE-2014-9718 at SUSECVE-2014-9718 at NVDCVE-2015-3214 at SUSECVE-2015-3214 at NVDCVE-2015-5239 at SUSECVE-2015-5239 at NVDCVE-2015-5278 at SUSECVE-2015-5278 at NVDCVE-2015-5279 at SUSECVE-2015-5279 at NVDCVE-2015-5745 at SUSECVE-2015-5745 at NVDCVE-2015-6855 at SUSECVE-2015-6855 at NVDCVE-2015-7295 at SUSECVE-2015-7295 at NVDCVE-2015-7549 at SUSECVE-2015-7549 at NVDCVE-2015-8504 at SUSECVE-2015-8504 at NVDCVE-2015-8558 at SUSECVE-2015-8558 at NVDCVE-2015-8613 at SUSECVE-2015-8613 at NVDCVE-2015-8619 at SUSECVE-2015-8619 at NVDCVE-2015-8743 at SUSECVE-2015-8743 at NVDCVE-2016-1568 at SUSECVE-2016-1568 at NVDCVE-2016-1714 at SUSECVE-2016-1714 at NVDCVE-2016-1922 at SUSECVE-2016-1922 at NVDCVE-2016-1981 at SUSECVE-2016-1981 at NVDCVE-2016-2198 at SUSECVE-2016-2198 at NVDCVE-2016-2538 at SUSECVE-2016-2538 at NVDCVE-2016-2841 at SUSECVE-2016-2841 at NVDCVE-2016-2857 at SUSECVE-2016-2857 at NVDCVE-2016-2858 at SUSECVE-2016-2858 at NVDCVE-2016-3710 at SUSECVE-2016-3710 at NVDCVE-2016-3712 at SUSECVE-2016-3712 at NVDCVE-2016-4001 at SUSECVE-2016-4001 at NVDCVE-2016-4002 at SUSECVE-2016-4002 at NVDCVE-2016-4020 at SUSECVE-2016-4020 at NVDCVE-2016-4037 at SUSECVE-2016-4037 at NVDCVE-2016-4439 at SUSECVE-2016-4439 at NVDCVE-2016-4441 at SUSECVE-2016-4441 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for kvm (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
kvm was updated to fix 16 security issues.
These security issues were fixed:
- CVE-2015-6815: e1000 NIC emulation support was vulnerable to an infinite loop issue. A privileged user inside guest could have used this flaw to crash the Qemu instance resulting in DoS. (bsc#944697).
- CVE-2016-2391: The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allowed local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers (bsc#967013).
- CVE-2016-2392: The is_rndis function in the USB Net device emulator (hw/usb/dev-network.c) in QEMU did not properly validate USB configuration descriptor objects, which allowed local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving a remote NDIS control message packet (bsc#967012).
- CVE-2016-4453: The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command (bsc#982223).
- CVE-2016-4454: The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allowed local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read (bsc#982222).
- CVE-2016-5105: The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, used an uninitialized variable, which allowed local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface (MFI) command (bsc#982017).
- CVE-2016-5106: The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allowed local guest administrators to cause a denial of service (out-of-bounds write access) via vectors involving a MegaRAID Firmware Interface (MFI) command (bsc#982018).
- CVE-2016-5107: The megasas_lookup_frame function in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allowed local guest OS administrators to cause a denial of service (out-of-bounds read and crash) via unspecified vectors (bsc#982019).
- CVE-2016-5126: Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allowed local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call (bsc#982285).
- CVE-2016-5238: The get_cmd function in hw/scsi/esp.c in QEMU allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode (bsc#982959).
- CVE-2016-5337: The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allowed local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information (bsc#983961).
- CVE-2016-5338: The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allowed local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information transfer buffer (bsc#983982).
- CVE-2016-5403: The virtqueue_pop function in hw/virtio/virtio.c in QEMU allowed local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion (bsc#991080).
- CVE-2016-6490: Infinite loop in the virtio framework. A privileged user inside the guest could have used this flaw to crash the Qemu instance on the host resulting in DoS (bsc#991466).
- CVE-2016-7116: Host directory sharing via Plan 9 File System(9pfs) was vulnerable to a directory/path traversal issue. A privileged user inside guest could have used this flaw to access undue files on the host (bsc#996441).
- CVE-2014-7815: The set_pixel_format function in ui/vnc.c in QEMU allowed remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value (bsc#902737).
ModerateSUSE bug 902737SUSE bug 944697SUSE bug 967012SUSE bug 967013SUSE bug 982017SUSE bug 982018SUSE bug 982019SUSE bug 982222SUSE bug 982223SUSE bug 982285SUSE bug 982959SUSE bug 983961SUSE bug 983982SUSE bug 991080SUSE bug 991466SUSE bug 996441CVE-2014-7815 at SUSECVE-2014-7815 at NVDCVE-2015-6815 at SUSECVE-2015-6815 at NVDCVE-2016-2391 at SUSECVE-2016-2391 at NVDCVE-2016-2392 at SUSECVE-2016-2392 at NVDCVE-2016-4453 at SUSECVE-2016-4453 at NVDCVE-2016-4454 at SUSECVE-2016-4454 at NVDCVE-2016-5105 at SUSECVE-2016-5105 at NVDCVE-2016-5106 at SUSECVE-2016-5106 at NVDCVE-2016-5107 at SUSECVE-2016-5107 at NVDCVE-2016-5126 at SUSECVE-2016-5126 at NVDCVE-2016-5238 at SUSECVE-2016-5238 at NVDCVE-2016-5337 at SUSECVE-2016-5337 at NVDCVE-2016-5338 at SUSECVE-2016-5338 at NVDCVE-2016-5403 at SUSECVE-2016-5403 at NVDCVE-2016-6490 at SUSECVE-2016-6490 at NVDCVE-2016-7116 at SUSECVE-2016-7116 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for kvm fixes the following issues:
- Address various security/stability issues
* Fix OOB access in xlnx.xpx-ethernetlite emulation (CVE-2016-7161 bsc#1001151)
* Fix OOB access in VMware SVGA emulation (CVE-2016-7170 bsc#998516)
* Fix DOS in ColdFire Fast Ethernet Controller emulation
(CVE-2016-7908 bsc#1002550)
* Fix DOS in USB xHCI emulation (CVE-2016-8576 bsc#1003878)
* Fix DOS in virtio-9pfs (CVE-2016-8578 bsc#1003894)
* Fix DOS in virtio-9pfs (CVE-2016-9105 bsc#1007494)
* Fix DOS in virtio-9pfs (CVE-2016-8577 bsc#1003893)
* Plug data leak in virtio-9pfs interface (CVE-2016-9103 bsc#1007454)
* Fix DOS in virtio-9pfs interface (CVE-2016-9102 bsc#1007450)
* Fix DOS in virtio-9pfs (CVE-2016-9106 bsc#1007495)
* Fix DOS in 16550A UART emulation (CVE-2016-8669 bsc#1004707)
* Fix DOS in PC-Net II emulation (CVE-2016-7909 bsc#1002557)
* Fix DOS in PRO100 emulation (CVE-2016-9101 bsc#1007391)
* Fix DOS in RTL8139 emulation (CVE-2016-8910 bsc#1006538)
* Fix DOS in Intel HDA controller emulation (CVE-2016-8909 bsc#1006536)
* Fix DOS in virtio-9pfs (CVE-2016-9104 bsc#1007493)
* Fix DOS in JAZZ RC4030 emulation (CVE-2016-8667 bsc#1004702)
- Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE11-SP3
ImportantSUSE bug 1001151SUSE bug 1002550SUSE bug 1002557SUSE bug 1003878SUSE bug 1003893SUSE bug 1003894SUSE bug 1004702SUSE bug 1004707SUSE bug 1006536SUSE bug 1006538SUSE bug 1007391SUSE bug 1007450SUSE bug 1007454SUSE bug 1007493SUSE bug 1007494SUSE bug 1007495SUSE bug 998516CVE-2016-7161 at SUSECVE-2016-7161 at NVDCVE-2016-7170 at SUSECVE-2016-7170 at NVDCVE-2016-7908 at SUSECVE-2016-7908 at NVDCVE-2016-7909 at SUSECVE-2016-7909 at NVDCVE-2016-8576 at SUSECVE-2016-8576 at NVDCVE-2016-8577 at SUSECVE-2016-8577 at NVDCVE-2016-8578 at SUSECVE-2016-8578 at NVDCVE-2016-8667 at SUSECVE-2016-8667 at NVDCVE-2016-8669 at SUSECVE-2016-8669 at NVDCVE-2016-8909 at SUSECVE-2016-8909 at NVDCVE-2016-8910 at SUSECVE-2016-8910 at NVDCVE-2016-9101 at SUSECVE-2016-9101 at NVDCVE-2016-9102 at SUSECVE-2016-9102 at NVDCVE-2016-9103 at SUSECVE-2016-9103 at NVDCVE-2016-9104 at SUSECVE-2016-9104 at NVDCVE-2016-9105 at SUSECVE-2016-9105 at NVDCVE-2016-9106 at SUSECVE-2016-9106 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for kvm fixes several issues.
These security issues were fixed:
- CVE-2017-2620: In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine cirrus_bitblt_cputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation (bsc#1024972)
- CVE-2017-2615: An error in the bitblt copy operation could have allowed a malicious guest administrator to cause an out of bounds memory access, possibly leading to information disclosure or privilege escalation (bsc#1023004)
- CVE-2016-9776: The ColdFire Fast Ethernet Controller emulator support was vulnerable to an infinite loop issue while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could have used this issue to crash the Qemu process on the host leading to DoS (bsc#1013285)
- CVE-2016-9911: The USB EHCI Emulation support was vulnerable to a memory leakage issue while processing packet data in 'ehci_init_transfer'. A guest user/process could have used this issue to leak host memory, resulting in DoS for the host (bsc#1014111)
- CVE-2016-9907: The USB redirector usb-guest support was vulnerable to a memory leakage flaw when destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could have used this issue to leak host memory, resulting in DoS for a host (bsc#1014109)
- CVE-2016-9921: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1014702)
- CVE-2016-9922: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1014702)
- CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow allowing a privileged user inside the guest to crash the Qemu process resulting in DoS (bnc#1023907)
- CVE-2016-10155: The virtual hardware watchdog 'wdt_i6300esb' was vulnerable to a memory leakage issue allowing a privileged user to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1021129)
- CVE-2017-5856: The MegaRAID SAS 8708EM2 Host Bus Adapter emulation support was vulnerable to a memory leakage issue allowing a privileged user to leak host memory resulting in DoS (bsc#1023053)
- CVE-2016-9602: The VirtFS host directory sharing via Plan 9 File System(9pfs) support was vulnerable to an improper link following issue which allowed a privileged user inside guest to access host file system beyond the shared folder and potentially escalating their privileges on a host (bsc#1020427)
- CVE-2016-9603: A privileged user within the guest VM could have caused a heap overflow in the device model process, potentially escalating their privileges to that of the device model process (bsc#1028656)
- CVE-2017-10664: qemu-nbd did not ignore SIGPIPE, which allowed remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt (bsc#1046636)
- CVE-2017-10806: Stack-based buffer overflow allowed local guest OS users to cause a denial of service (QEMU process crash) via vectors related to logging debug messages (bsc#1047674)
- CVE-2017-11334: The address_space_write_continue function allowed local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest ram block area (bsc#1048902)
- CVE-2017-11434: The dhcp_decode function in slirp/bootp.c allowed local guest OS users to cause a denial of service (out-of-bounds read) via a crafted DHCP options string (bsc#1049381)
- CVE-2017-13672: The VGA display emulator support allowed local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors involving display update (bsc#1056334)
- CVE-2017-14167: Integer overflow in the load_multiboot function allowed local guest OS users to execute arbitrary code on the host via crafted multiboot header address values, which trigger an out-of-bounds write (bsc#1057585)
- CVE-2017-15038: Race condition in the v9fs_xattrwalk function local guest OS users to obtain sensitive information from host heap memory via vectors related to reading extended attributes (bsc#1062069)
- CVE-2017-15289: The mode4and5 write functions allowed local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation (bsc#1063122)
- CVE-2017-5579: The 16550A UART serial device emulation support was vulnerable to a memory leakage issue allowing a privileged user to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1021741)
- CVE-2017-5973: A infinite loop while doing control transfer in xhci_kick_epctx allowed privileged user inside the guest to crash the host process resulting in DoS (bsc#1025109)
- CVE-2017-6505: The ohci_service_ed_list function allowed local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors (bsc#1028184)
- CVE-2017-7471: The VirtFS host directory sharing via Plan 9 File System(9pfs) support was vulnerable to an improper access control issue which allowed a privileged user inside guest to access host file system beyond the shared folder and potentially escalating their privileges on a host (bsc#1034866)
- CVE-2017-7493: The VirtFS, host directory sharing via Plan 9 File System(9pfs) support, was vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest user could have used this flaw to escalate their privileges inside guest (bsc#1039495)
- CVE-2017-7718: hw/display/cirrus_vga_rop.h allowed local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions (bsc#1034908)
- CVE-2017-7980: An out-of-bounds r/w access issues in the Cirrus CLGD 54xx VGA Emulator support allowed privileged user inside guest to use this flaw to crash the Qemu process resulting in DoS or potentially execute arbitrary code on a host with privileges of Qemu process on the host (bsc#1035406)
- CVE-2017-8086: A memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c allowed local guest OS privileged users to cause a denial of service (memory consumption) via vectors involving the orig_value variable (bsc#1035950)
- CVE-2017-8309: Memory leak in the audio/audio.c allowed remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture (bsc#1037242)
- CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value (bsc#1042159)
- CVE-2017-9373: The IDE AHCI Emulation support was vulnerable to a host memory leakage issue, which allowed a privileged user inside guest to leak host memory resulting in DoS (bsc#1042801)
- CVE-2017-9375: The USB xHCI controller emulator support was vulnerable to an infinite recursive call loop issue, which allowed a privileged user inside guest to crash the Qemu process resulting in DoS (bsc#1042800)
- CVE-2017-9503: The MegaRAID SAS 8708EM2 Host Bus Adapter emulation support was vulnerable to a null pointer dereference issue which allowed a privileged user inside guest to crash the Qemu process on the host resulting in DoS (bsc#1043296)
* Fix privilege escalation in TCG mode (bsc#1030624)
These non-security issues were fixed:
- bsc#1045035: Fixed regression introduced by previous virtfs security fixes
- bsc#1038396: Fixed 12 tempest tests
- bsc#1034044: Prevent KVM guests stuck when waiting for sg_io() completion
- bsc#1031051: Prevent I/O errors when using pvmove with disk device=lun
- bsc#1049785: Make virsh dump output readable by crash
- bsc#1015048: Fixed virtio interface failure
- bsc#1016779: Fixed graphical update errors introduced by previous security fix
- Fixed various inaccuracies in cirrus vga device emulation
ImportantSUSE bug 1013285SUSE bug 1014109SUSE bug 1014111SUSE bug 1014702SUSE bug 1015048SUSE bug 1016779SUSE bug 1020427SUSE bug 1021129SUSE bug 1021741SUSE bug 1023004SUSE bug 1023053SUSE bug 1023907SUSE bug 1024972SUSE bug 1025109SUSE bug 1028184SUSE bug 1028656SUSE bug 1030624SUSE bug 1031051SUSE bug 1034044SUSE bug 1034866SUSE bug 1034908SUSE bug 1035406SUSE bug 1035950SUSE bug 1037242SUSE bug 1038396SUSE bug 1039495SUSE bug 1042159SUSE bug 1042800SUSE bug 1042801SUSE bug 1043296SUSE bug 1045035SUSE bug 1046636SUSE bug 1047674SUSE bug 1048902SUSE bug 1049381SUSE bug 1049785SUSE bug 1056334SUSE bug 1057585SUSE bug 1062069SUSE bug 1063122CVE-2016-10155 at SUSECVE-2016-10155 at NVDCVE-2016-9602 at SUSECVE-2016-9602 at NVDCVE-2016-9603 at SUSECVE-2016-9603 at NVDCVE-2016-9776 at SUSECVE-2016-9776 at NVDCVE-2016-9907 at SUSECVE-2016-9907 at NVDCVE-2016-9911 at SUSECVE-2016-9911 at NVDCVE-2016-9921 at SUSECVE-2016-9921 at NVDCVE-2016-9922 at SUSECVE-2016-9922 at NVDCVE-2017-10664 at SUSECVE-2017-10664 at NVDCVE-2017-10806 at SUSECVE-2017-10806 at NVDCVE-2017-11334 at SUSECVE-2017-11334 at NVDCVE-2017-11434 at SUSECVE-2017-11434 at NVDCVE-2017-13672 at SUSECVE-2017-13672 at NVDCVE-2017-14167 at SUSECVE-2017-14167 at NVDCVE-2017-15038 at SUSECVE-2017-15038 at NVDCVE-2017-15289 at SUSECVE-2017-15289 at NVDCVE-2017-2615 at SUSECVE-2017-2615 at NVDCVE-2017-2620 at SUSECVE-2017-2620 at NVDCVE-2017-5579 at SUSECVE-2017-5579 at NVDCVE-2017-5856 at SUSECVE-2017-5856 at NVDCVE-2017-5898 at SUSECVE-2017-5898 at NVDCVE-2017-5973 at SUSECVE-2017-5973 at NVDCVE-2017-6505 at SUSECVE-2017-6505 at NVDCVE-2017-7471 at SUSECVE-2017-7471 at NVDCVE-2017-7493 at SUSECVE-2017-7493 at NVDCVE-2017-7718 at SUSECVE-2017-7718 at NVDCVE-2017-7980 at SUSECVE-2017-7980 at NVDCVE-2017-8086 at SUSECVE-2017-8086 at NVDCVE-2017-8309 at SUSECVE-2017-8309 at NVDCVE-2017-9330 at SUSECVE-2017-9330 at NVDCVE-2017-9373 at SUSECVE-2017-9373 at NVDCVE-2017-9375 at SUSECVE-2017-9375 at NVDCVE-2017-9503 at SUSECVE-2017-9503 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for kvm fixes the following issues:
A security flaw mitigation has been applied:
- CVE-2017-5715: QEMU was updated to allow passing through new MSR and CPUID flags from
the host VM to the CPU, to allow enabling/disabling branch prediction features in the
Intel CPU. (bsc#1068032)
Also a security fix has been applied:
- CVE-2017-2633: Fix various out of bounds access issues in the QEMU vnc infrastructure (bsc#1026612)
ImportantSUSE bug 1026612SUSE bug 1068032CVE-2017-2633 at SUSECVE-2017-2633 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for kvm fixes the following issues:
This update has the next round of Spectre v2 related patches,
which now integrates with corresponding changes in libvirt. A
January 2018 release of qemu initially addressed the Spectre v2
vulnerability for KVM guests by exposing the spec-ctrl feature
for all x86 vcpu types, which was the quick and dirty approach,
but not the proper solution. We remove that initial patch and now
rely on patches from upstream. This update defines spec_ctrl and
ibpb cpu feature flags as well as new cpu models which are clones
of existing models with either -IBRS or -IBPB added to the end of
the model name. These new vcpu models explicitly include the new
feature(s), whereas the feature flags can be added to the cpu
parameter as with other features. In short, for continued Spectre
v2 protection, ensure that either the appropriate cpu feature
flag is added to the QEMU command-line, or one of the new cpu
models is used. Although migration from older versions is
supported, the new cpu features won't be properly exposed to the
guest until it is restarted with the cpu features explicitly
added. A reboot is insufficient.
A warning patch is added which attempts to detect a migration
from a qemu version which had the quick and dirty fix (it only
detects certain cases, but hopefully is helpful.)
For additional information on Spectre v2 as it relates to QEMU,
see:
https://www.qemu.org/2018/02/14/qemu-2-11-1-and-spectre-update/
(CVE-2017-5715 bsc#1068032)
A patch is added to continue to detect Spectre v2 mitigation
features (as shown by cpuid), and if found provide that feature
to guests, even if running on older KVM (kernel) versions which
do not yet expose that feature to QEMU. (bsc#1082276)
Additional security fixes:
- CVE-2018-5683: An out-of-bounds read in vga_draw_text routine was fixed which could lead to crashes or information leakage. (bsc#1076114)
- CVE-2018-7550: multiboot OOB access while loading kernel image was fixed that could lead to crashes (bsc#1083291)
- CVE-2017-18030: An out-of-bounds access in cirrus_invalidate_region routine could lead to crashes or information leakage (bsc#1076179)
- Eliminate bogus use of CPUID_7_0_EDX_PRED_CMD which we've
carried since the initial Spectre v2 patch was added. EDX bit
27 of CPUID Leaf 07H, Sub-leaf 0 provides status on STIBP, and
not the PRED_CMD MSR. Exposing the STIBP CPUID feature bit to the
guest is wrong in general, since the VM doesn't directly control
the scheduling of physical hyperthreads. This is left strictly to
the L0 hypervisor.
ImportantSUSE bug 1068032SUSE bug 1076114SUSE bug 1076179SUSE bug 1082276SUSE bug 1083291CVE-2017-18030 at SUSECVE-2017-18030 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2018-5683 at SUSECVE-2018-5683 at NVDCVE-2018-7550 at SUSECVE-2018-7550 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for kvm fixes the following issues:
This security issue was fixed:
- CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests (bsc#1092885).
Systems with microprocessors utilizing speculative execution and speculative
execution of memory reads before the addresses of all prior memory writes are
known may allow unauthorized disclosure of information to an attacker with
local user access via a side-channel analysis.
This patch permits the new x86 cpu feature flag named 'ssbd' to be
presented to the guest, given that the host has this feature, and
KVM exposes it to the guest as well.
For this feature to be enabled please use the qemu commandline
-cpu $MODEL,+spec-ctrl,+ssbd
so the guest OS can take advantage of the feature.
spec-ctrl and ssbd support is also required in the host.
ImportantSUSE bug 1092885CVE-2018-3639 at SUSECVE-2018-3639 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for kvm (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for kvm fixes the following security issues:
- CVE-2018-12617: qmp_guest_file_read had an integer overflow that could have
been exploited by sending a crafted QMP command (including guest-file-read with
a large count value) to the agent via the listening socket causing DoS
(bsc#1098735)
- CVE-2018-11806: Prevent heap-based buffer overflow via incoming fragmented
datagrams (bsc#1096223)
With this release the mitigations for Spectre v4 are moved the the patches from
upstream (CVE-2018-3639, bsc#1092885).
ModerateSUSE bug 1092885SUSE bug 1096223SUSE bug 1098735CVE-2018-11806 at SUSECVE-2018-11806 at NVDCVE-2018-12617 at SUSECVE-2018-12617 at NVDCVE-2018-3639 at SUSECVE-2018-3639 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for kvm (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for kvm fixes the following issues:
Security issues fixed:
- CVE-2018-10839: Fixed NE2000 NIC emulation support that is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS (bsc#1110910).
- CVE-2018-15746: Fixed qemu-seccomp.c that might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread (bsc#1106222).
- CVE-2018-17958: Fixed a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used (bsc#1111006).
- CVE-2018-17962: Fixed a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used (bsc#1111010).
- CVE-2018-17963: Fixed qemu_deliver_packet_iov in net/net.c that accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. (bsc#1111013)
- CVE-2018-18849: Fixed an out of bounds memory access issue that was found in the LSI53C895A SCSI Host Bus Adapter emulation while writing a message in lsi_do_msgin. It could occur during migration if the 'msg_len' field has an invalid value. A user/process could use this flaw to crash the Qemu process resulting in DoS (bsc#1114422).
- CVE-2018-18438: Fixed integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value (bnc#1112185).
ModerateSUSE bug 1106222SUSE bug 1110910SUSE bug 1111006SUSE bug 1111010SUSE bug 1111013SUSE bug 1112185SUSE bug 1114422CVE-2018-10839 at SUSECVE-2018-10839 at NVDCVE-2018-15746 at SUSECVE-2018-15746 at NVDCVE-2018-17958 at SUSECVE-2018-17958 at NVDCVE-2018-17962 at SUSECVE-2018-17962 at NVDCVE-2018-17963 at SUSECVE-2018-17963 at NVDCVE-2018-18438 at SUSECVE-2018-18438 at NVDCVE-2018-18849 at SUSECVE-2018-18849 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for kvm fixes the following issues:
Security issues fixed:
- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).
- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).
- CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).
Non-security issue fixed:
- Fixed LAPIC TSC deadline timer save/restore (bsc#1109544)
ImportantSUSE bug 1109544SUSE bug 1116717SUSE bug 1117275SUSE bug 1123156CVE-2018-19364 at SUSECVE-2018-19364 at NVDCVE-2018-19489 at SUSECVE-2018-19489 at NVDCVE-2019-6778 at SUSECVE-2019-6778 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for kvm fixes the following issues:
- CVE-2019-9824: Fixed an information leak in slirp (bsc#1129622)
- CVE-2018-20815: Fix DOS possibility in device tree processing (bsc#1130675)
- CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature 'md-clear' (bsc#1111331)
ImportantSUSE bug 1111331SUSE bug 1129622SUSE bug 1130675CVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2018-20815 at SUSECVE-2018-20815 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDCVE-2019-9824 at SUSECVE-2019-9824 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for kvm fixes the following issues:
Security issues fixed:
- CVE-2019-14378: Security fix for heap overflow in ip_reass on big packet input (bsc#1143794).
- CVE-2019-12155: Security fix for null pointer dereference while releasing spice resources (bsc#1135902).
- CVE-2019-13164: Security fix for qemu-bridge-helper ACL can be bypassed when names are too long (bsc#1140402).
ImportantSUSE bug 1135902SUSE bug 1140402SUSE bug 1143794CVE-2019-12155 at SUSECVE-2019-12155 at NVDCVE-2019-13164 at SUSECVE-2019-13164 at NVDCVE-2019-14378 at SUSECVE-2019-14378 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for kvm fixes the following issues:
- Fix OOB read and write due to integer overflow in sm501_2d_operation() in hw/display/sm501.c (CVE-2020-12829, bsc#1172385)
- Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362 bsc#1172383)
- Fix use-after-free in usb xhci packet handling (CVE-2020-25723, bsc#1178934)
- Fix use-after-free in usb ehci packet handling (CVE-2020-25084, bsc#1176673)
- Fix OOB access in usb hcd-ohci emulation (CVE-2020-25624, bsc#1176682)
- Fix infinite loop (DoS) in usb hcd-ohci emulation (CVE-2020-25625, bsc#1176684)
- Fix OOB access in atapi emulation (CVE-2020-29443, bsc#1181108)
- Fix DoS in e1000 emulated device (CVE-2021-20257 bsc#1182577)
- Fix OOB access in SLIRP ARP packet processing (CVE-2020-29130, bsc#1179467)
- Fix OOB access while processing USB packets (CVE-2020-14364 bsc#1175441)
- Fix potential privilege escalation in virtfs (CVE-2021-20181 bsc#1182137)
- Fix package scripts to not use hard coded paths for temporary working directories and log files (bsc#1182425)
- Fix use-after-free in slirp (CVE-2019-15890 bsc#1149811)
- Fix for similar problems as for the original fix prompting this issue (CVE-2019-6778 bsc#1123156)
- Fix potential OOB accesses in slirp (CVE-2020-8608 bsc#1163018 CVE-2020-7039 bsc#1161066)
- Fix use after free in slirp (CVE-2020-1983 bsc#1170940)
- Fix potential DOS in lsi scsi controller emulation (CVE-2019-12068 bsc#1146873)
- Fix OOB access possibility in ES1370 audio device emulation (CVE-2020-13361 bsc#1172384)
- Fix OOB access in ROM loading (CVE-2020-13765 bsc#1172478)
ImportantSUSE bug 1123156SUSE bug 1146873SUSE bug 1149811SUSE bug 1161066SUSE bug 1163018SUSE bug 1170940SUSE bug 1172383SUSE bug 1172384SUSE bug 1172385SUSE bug 1172478SUSE bug 1175441SUSE bug 1176673SUSE bug 1176682SUSE bug 1176684SUSE bug 1178934SUSE bug 1179467SUSE bug 1181108SUSE bug 1182137SUSE bug 1182425SUSE bug 1182577CVE-2014-3689 at SUSECVE-2014-3689 at NVDCVE-2015-1779 at SUSECVE-2015-1779 at NVDCVE-2019-12068 at SUSECVE-2019-12068 at NVDCVE-2019-15890 at SUSECVE-2019-15890 at NVDCVE-2019-6778 at SUSECVE-2019-6778 at NVDCVE-2020-12829 at SUSECVE-2020-12829 at NVDCVE-2020-13361 at SUSECVE-2020-13361 at NVDCVE-2020-13362 at SUSECVE-2020-13362 at NVDCVE-2020-13765 at SUSECVE-2020-13765 at NVDCVE-2020-14364 at SUSECVE-2020-14364 at NVDCVE-2020-1983 at SUSECVE-2020-1983 at NVDCVE-2020-25084 at SUSECVE-2020-25084 at NVDCVE-2020-25624 at SUSECVE-2020-25624 at NVDCVE-2020-25625 at SUSECVE-2020-25625 at NVDCVE-2020-25723 at SUSECVE-2020-25723 at NVDCVE-2020-29130 at SUSECVE-2020-29130 at NVDCVE-2020-29443 at SUSECVE-2020-29443 at NVDCVE-2020-7039 at SUSECVE-2020-7039 at NVDCVE-2020-8608 at SUSECVE-2020-8608 at NVDCVE-2021-20181 at SUSECVE-2021-20181 at NVDCVE-2021-20257 at SUSECVE-2021-20257 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for kvm fixes the following issues:
- CVE-2021-3594: invalid pointer initialization may lead to information disclosure in slirp (udp) (bsc#1187367)
- CVE-2021-3592: invalid pointer initialization may lead to information disclosure (bootp). (bsc#1187364)
- CVE-2021-3416: infinite loop in loopback mode may lead to stack overflow. (bsc#1186473)
- CVE-2020-15469: MMIO ops null pointer dereference may lead to DoS. (bsc#1173612)
- CVE-2020-11947: iscsi_aio_ioctl_cb in block/iscsi.c has a heap-based buffer over-read. (bsc#1180523)
- CVE-2021-20221: out-of-bound heap buffer access via an interrupt ID field. (bsc#1181933)
- CVE-2020-25707: infinite loop in e1000e_write_packet_to_guest() in hw/net/e1000e_core.c. (bsc#1178683)
- CVE-2020-15863: stack-based overflow in xgmac_enet_send() in hw/net/xgmac.c. (bsc#1174386)
ImportantSUSE bug 1031692SUSE bug 1173612SUSE bug 1174386SUSE bug 1178683SUSE bug 1180523SUSE bug 1181933SUSE bug 1186473SUSE bug 1187364SUSE bug 1187367CVE-2020-11947 at SUSECVE-2020-11947 at NVDCVE-2020-15469 at SUSECVE-2020-15469 at NVDCVE-2020-15863 at SUSECVE-2020-15863 at NVDCVE-2020-25707 at SUSECVE-2020-25707 at NVDCVE-2021-20221 at SUSECVE-2021-20221 at NVDCVE-2021-3416 at SUSECVE-2021-3416 at NVDCVE-2021-3592 at SUSECVE-2021-3592 at NVDCVE-2021-3594 at SUSECVE-2021-3594 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for kvm (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for kvm fixes the following issues:
Security issues fixed:
- usbredir: free call on invalid pointer in bufp_alloc (bsc#1189145, CVE-2021-3682)
- eepro100: stack overflow via infinite recursion (bsc#1182651, CVE-2021-20255)
- usb: unbounded stack allocation in usbredir (bsc#1186012, CVE-2021-3527)
ModerateSUSE bug 1182651SUSE bug 1186012SUSE bug 1189145CVE-2021-20255 at SUSECVE-2021-20255 at NVDCVE-2021-3527 at SUSECVE-2021-3527 at NVDCVE-2021-3682 at SUSECVE-2021-3682 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for kvm and libvirtSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This collective update for KVM and libvirt provides fixes for security and
non-security issues.
kvm:
* Fix NULL pointer dereference because of uninitialized UDP socket.
(bsc#897654, CVE-2014-3640)
* Fix performance degradation after migration. (bsc#878350)
* Fix potential image corruption due to missing FIEMAP_FLAG_SYNC flag
in FS_IOC_FIEMAP ioctl. (bsc#908381)
* Add validate hex properties for qdev. (bsc#852397)
* Add boot option to do strict boot (bsc#900084)
* Add query-command-line-options QMP command. (bsc#899144)
* Fix incorrect return value of migrate_cancel. (bsc#843074)
* Fix insufficient parameter validation during ram load. (bsc#905097,
CVE-2014-7840)
* Fix insufficient blit region checks in qemu/cirrus. (bsc#907805,
CVE-2014-8106)
libvirt:
* Fix security hole with migratable flag in dumpxml. (bsc#904176,
CVE-2014-7823)
* Fix domain deadlock. (bsc#899484, CVE-2014-3657)
* Use correct definition when looking up disk in qemu blkiotune.
(bsc#897783, CVE-2014-3633)
* Fix undefined symbol when starting virtlockd. (bsc#910145)
* Add '-boot strict' to qemu's commandline whenever possible.
(bsc#900084)
* Add support for 'reboot-timeout' in qemu. (bsc#899144)
* Increase QEMU's monitor timeout to 30sec. (bsc#911742)
* Allow setting QEMU's migration max downtime any time. (bsc#879665)
Security Issues:
* CVE-2014-7823
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7823>
* CVE-2014-3657
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3657>
* CVE-2014-3633
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3633>
* CVE-2014-3640
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3640>
* CVE-2014-7840
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7840>
* CVE-2014-8106
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8106>
SUSE bug 843074SUSE bug 852397SUSE bug 878350SUSE bug 879665SUSE bug 897654SUSE bug 897783SUSE bug 899144SUSE bug 899484SUSE bug 900084SUSE bug 904176SUSE bug 905097SUSE bug 907805SUSE bug 908381SUSE bug 910145SUSE bug 911742CVE-2014-3633 at SUSECVE-2014-3633 at NVDCVE-2014-3640 at SUSECVE-2014-3640 at NVDCVE-2014-3657 at SUSECVE-2014-3657 at NVDCVE-2014-7823 at SUSECVE-2014-7823 at NVDCVE-2014-7840 at SUSECVE-2014-7840 at NVDCVE-2014-8106 at SUSECVE-2014-8106 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for lcmsSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The lcms userland utilities were updated to fix stack overflows.
* CVE-2013-4276: Multiple stack-based buffer overflows in LittleCMS
allowed remote attackers to cause a denial of service (crash) via a
crafted (1) ICC color profile to the icctrans utility or (2) TIFF
image to the tiffdiff utility.
Security Issues:
* CVE-2013-4276
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4276>
SUSE bug 843716CVE-2013-4276 at SUSECVE-2013-4276 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for less (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for less fixes the following issues:
Security issue fixed:
- CVE-2014-9488: Malformed UTF-8 data could have caused an out of bounds read in
the UTF-8 decoding routines, causing an invalid read access (bsc#921719).
ModerateSUSE bug 921719CVE-2014-9488 at SUSECVE-2014-9488 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for lha (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
lha was updated to fix one security issue.
This security issue was fixed:
- CVE-2016-1925: Buffer Overflow while parsing level0 and level1 headers (bsc#962528).
ModerateSUSE bug 962528CVE-2016-1925 at SUSECVE-2016-1925 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libQtSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The Qt library was updated to fix a XML entity expansion attack (XXE).
(CVE-2013-4549)
Security Issue reference:
* CVE-2013-4549
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4549>
SUSE bug 856832SUSE bug 859158CVE-2013-4549 at SUSECVE-2013-4549 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libapr-util1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libapr-util1 fixes the following issues:
Security issue fixed:
- CVE-2017-12618: DoS via crafted SDBM database files in apr_sdbm*() functions (bsc#1064990)
ModerateSUSE bug 1064990CVE-2017-12618 at SUSECVE-2017-12618 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libapr-util1 (Critical)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libapr-util1 fixes the following issues:
- CVE-2022-25147: Fixed a buffer overflow possible with specially crafted input during base64 encoding (bsc#1207866)
CriticalSUSE bug 1207866CVE-2022-25147 at SUSECVE-2022-25147 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libapr1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update fixes the following issues:
- CVE-2017-12613: DoS or information disclosure in pr_exp_time*() or apr_os_exp_time*() functions (bsc#1064982).
ModerateSUSE bug 1064982CVE-2017-12613 at SUSECVE-2017-12613 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for util-linuxSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for util-linux provides the following fixes:
* Make blkid(8) issue only one READ on faulty devices. (bnc#859062)
* Added option -r to fsck(8) to dump a few resource statistics after
each successful run. (bnc#761815)
* Prevent excessive clock drift calculations. (bnc#871698)
* Check /etc/adjtime drift factor. (bnc#871698)
* Prevent hang in exact hwclock adjustment. (bnc#871698)
* Suppress warning that's not relevant on Linux systems. (bnc#871698)
SUSE bug 761815SUSE bug 859062SUSE bug 871698SUSE bug 888678SUSE bug 900965SUSE bug 901549SUSE bug 907434SUSE bug 917164SUSE bug 918041CVE-2014-9114 at SUSECVE-2014-9114 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libcaca (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libcaca fixes the following issues:
- CVE-2021-30499: Fixed a memory corruption issue when exporting troff sources (bsc#1184751).
- CVE-2021-30498: Fixed a memory corruption issue when exporting TGA images (bsc#1184752).
ImportantSUSE bug 1184751SUSE bug 1184752CVE-2021-30498 at SUSECVE-2021-30498 at NVDCVE-2021-30499 at SUSECVE-2021-30499 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libcaca (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libcaca fixes the following issues:
- CVE-2022-0856: Fixed a divide by zero issue which could be exploited to cause
an application crash (bsc#1197028).
ModerateSUSE bug 1197028CVE-2022-0856 at SUSECVE-2022-0856 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libcap-ng (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
libcap-ng was updated to fix one security issue.
This security issue was fixed:
- CVE-2014-3215: seunshare in policycoreutils (which uses libcap-ng) is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which made it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges (bsc#876832).
ModerateSUSE bug 876832CVE-2014-3215 at SUSECVE-2014-3215 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libcares2 (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libcares2 fixes the following issues:
- Add patch to fix single byte out of buffer write
(CVE-2016-5180, bsc#1007728)
LowSUSE bug 1007728CVE-2016-5180 at SUSECVE-2016-5180 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libcares2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libcares2 fixes the following issues:
- CVE-2021-3672: Fixed input validation on hostnames (bsc#1188881).
ImportantSUSE bug 1188881CVE-2021-3672 at SUSECVE-2021-3672 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libcdio (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libcdio and libcdio-mini fixes the following issues:
Security issue fixed:
- CVE-2017-18199: Fixed a NULL Pointer Dereference in realloc_symlink which could allow remote attackers to cause Denial of Service (bsc#1082821).
LowSUSE bug 1082821CVE-2017-18199 at SUSECVE-2017-18199 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libcgroup1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libcgroup1 fixes the following issues:
Security issue fixed:
- CVE-2018-14348: Fix daemon that creates /var/log/cgred with mode 0666 (bsc#1100365).
Bug fixes:
- bsc#1030747: Unable to use freezer sub system via libcgroup API when both freezer and cpuset subsystems are used.
ModerateSUSE bug 1030747SUSE bug 1100365CVE-2018-14348 at SUSECVE-2018-14348 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libcroco (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libcroco fixes the following issues:
Security issues fixed:
- CVE-2017-7960: Fixed heap overflow (input: check end of input before reading a byte) (bsc#1034481).
- CVE-2017-7961: Fixed undefined behavior (tknzr: support only max long rgb values) (bsc#1034482).
- CVE-2017-8834: Fixed denial of service (memory allocation error) via a crafted CSS file (bsc#1043898).
- CVE-2017-8871: Fixed denial of service (infinite loop and CPU consumption) via a crafted CSS file (bsc#1043899).
ModerateSUSE bug 1034481SUSE bug 1034482SUSE bug 1043898SUSE bug 1043899CVE-2017-7960 at SUSECVE-2017-7960 at NVDCVE-2017-7961 at SUSECVE-2017-7961 at NVDCVE-2017-8834 at SUSECVE-2017-8834 at NVDCVE-2017-8871 at SUSECVE-2017-8871 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libcroco (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libcroco fixes the following issues:
- CVE-2020-12825: Fixed recursion issue in block and any productions (bsc#1171685).
ModerateSUSE bug 1171685CVE-2020-12825 at SUSECVE-2020-12825 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libdb-4_5 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libdb-4_5 fixes the following issues:
- A DB_CONFIG file in the current working directory allowed local
users to obtain sensitive information via a symlink attack
involving a setgid or setuid application using libdb-4_8. (bsc#1043886)
ModerateSUSE bug 1043886cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for PostgreSQL 9.1SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The PostgreSQL database server was updated to version 9.1.12 to fix various
security issues:
*
Granting a role without ADMIN OPTION is supposed to prevent the
grantee from adding or removing members from the granted role, but
this restriction was easily bypassed by doing SET ROLE first. The
security impact is mostly that a role member can revoke the access of
others, contrary to the wishes of his grantor. Unapproved role member
additions are a lesser concern, since an uncooperative role member
could provide most of his rights to others anyway by creating views
or SECURITY DEFINER functions. (CVE-2014-0060)
*
The primary role of PL validator functions is to be called implicitly
during CREATE FUNCTION, but they are also normal SQL functions that a
user can call explicitly. Calling a validator on a function actually
written in some other language was not checked for and could be
exploited for privilege-escalation purposes. The fix involves adding
a call to a privilege-checking function in each validator function.
Non-core procedural languages will also need to make this change to
their own validator functions, if any. (CVE-2014-0061)
*
If the name lookups come to different conclusions due to concurrent
activity, we might perform some parts of the DDL on a different table
than other parts. At least in the case of CREATE INDEX, this can be
used to cause the permissions checks to be performed against a
different table than the index creation, allowing for a privilege
escalation attack. (CVE-2014-0062)
*
The MAXDATELEN constant was too small for the longest possible value
of type interval, allowing a buffer overrun in interval_out().
Although the datetime input functions were more careful about
avoiding buffer overrun, the limit was short enough to cause them to
reject some valid inputs, such as input containing a very long
timezone name. The ecpg library contained these vulnerabilities along
with some of its own. (CVE-2014-0063)
*
Several functions, mostly type input functions, calculated an
allocation size without checking for overflow. If overflow did occur,
a too-small buffer would be allocated and then written past.
(CVE-2014-0064)
*
Use strlcpy() and related functions to provide a clear guarantee that
fixed-size buffers are not overrun. Unlike the preceding items, it is
unclear whether these cases really represent live issues, since in
most cases there appear to be previous constraints on the size of the
input string. Nonetheless it seems prudent to silence all Coverity
warnings of this type. (CVE-2014-0065)
*
There are relatively few scenarios in which crypt() could return
NULL, but contrib/chkpass would crash if it did. One practical case
in which this could be an issue is if libc is configured to refuse to
execute unapproved hashing algorithms (e.g., 'FIPS mode').
(CVE-2014-0066)
*
Since the temporary server started by make check uses 'trust'
authentication, another user on the same machine could connect to it
as database superuser, and then potentially exploit the privileges of
the operating-system user who started the tests. A future release
will probably incorporate changes in the testing procedure to prevent
this risk, but some public discussion is needed first. So for the
moment, just warn people against using make check when there are
untrusted users on the same machine. (CVE-2014-0067)
The complete list of bugs and more information can be found at:
http://www.postgresql.org/docs/9.1/static/release-9-1-12.html
<http://www.postgresql.org/docs/9.1/static/release-9-1-12.html>
Security Issues references:
* CVE-2014-0060
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060>
* CVE-2014-0061
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061>
* CVE-2014-0062
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062>
* CVE-2014-0063
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063>
* CVE-2014-0064
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064>
* CVE-2014-0065
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065>
* CVE-2014-0066
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066>
SUSE bug 864845SUSE bug 864846SUSE bug 864847SUSE bug 864850SUSE bug 864851SUSE bug 864852SUSE bug 864853CVE-2014-0060 at SUSECVE-2014-0060 at NVDCVE-2014-0061 at SUSECVE-2014-0061 at NVDCVE-2014-0062 at SUSECVE-2014-0062 at NVDCVE-2014-0063 at SUSECVE-2014-0063 at NVDCVE-2014-0064 at SUSECVE-2014-0064 at NVDCVE-2014-0065 at SUSECVE-2014-0065 at NVDCVE-2014-0066 at SUSECVE-2014-0066 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libesmtp (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libesmtp fixes the following issues:
- CVE-2019-19977: Fixed stack-based buffer over-read in ntlm/ntlmstruct.c (bsc#1160462).
ImportantSUSE bug 1160462SUSE bug 1189097CVE-2019-19977 at SUSECVE-2019-19977 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libeventSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes a buffer overflow in the buffered event handling in
libevent. (CVE-2014-6272)
Security Issues:
* CVE-2014-6272
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6272>
SUSE bug 897243CVE-2014-6272 at SUSECVE-2014-6272 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libevent (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libevent fixes the following issues:
- CVE-2016-10195: DNS remote stack overread vulnerability (bsc#1022917)
- CVE-2016-10196: stack/buffer overflow in evutil_parse_sockaddr_port() (bsc#1022918) (backport for 2.0.21)
- CVE-2016-10197: out-of-bounds read in search_make_new() (bsc#1022919)
ModerateSUSE bug 1022917SUSE bug 1022918SUSE bug 1022919CVE-2016-10195 at SUSECVE-2016-10195 at NVDCVE-2016-10196 at SUSECVE-2016-10196 at NVDCVE-2016-10197 at SUSECVE-2016-10197 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libexif (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libexif fixes the following security issue:
- CVE-2017-7544: Fixed out-of-bounds heap read vulnerability in
exif_data_save_data_entry function in libexif/exif-data.c caused by improper
length computation of the allocated data of an ExifMnote entry which can cause
denial-of-service or possibly information disclosure (bsc#1059893)
ModerateSUSE bug 1059893CVE-2017-7544 at SUSECVE-2017-7544 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libexif (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libexif fixes the following issues:
- CVE-2019-9278: Fixed an integer overflow (bsc#1160770).
- CVE-2018-20030: Fixed a denial of service by endless recursion (bsc#1120943).
ModerateSUSE bug 1120943SUSE bug 1160770CVE-2018-20030 at SUSECVE-2018-20030 at NVDCVE-2019-9278 at SUSECVE-2019-9278 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libexif (Critical)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libexif fixes the following issues:
- CVE-2020-0181: Fixed an integer overflow in exif-data.c (bsc#1172802).
- CVE-2020-0198: Fixed an unsigned integer overflow (bsc#1172768).
- CVE-2020-13112: Fixed multiple buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes (bsc#1172116).
- CVE-2020-12767: Fixed divide-by-zero error in exif_entry_get_value (bsc#1171475).
- CVE-2020-0452: Fixed a buffer overflow due to integer overflow check optimization (bsc#1178479).
CriticalSUSE bug 1171475SUSE bug 1172116SUSE bug 1172768SUSE bug 1172802SUSE bug 1178479CVE-2020-0181 at SUSECVE-2020-0181 at NVDCVE-2020-0198 at SUSECVE-2020-0198 at NVDCVE-2020-0452 at SUSECVE-2020-0452 at NVDCVE-2020-12767 at SUSECVE-2020-12767 at NVDCVE-2020-13112 at SUSECVE-2020-13112 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mozilla-nssSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Mozilla NSS was updated to version 3.16.5 to fix a RSA certificate forgery
issue.
MFSA 2014-73 / CVE-2014-1568: Antoine Delignat-Lavaud, security researcher
at Inria Paris in team Prosecco, reported an issue in Network Security
Services (NSS) libraries affecting all versions. He discovered that NSS is
vulnerable to a variant of a signature forgery attack previously published
by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values
involved in a signature and could lead to the forging of RSA certificates.
The Advanced Threat Research team at Intel Security also independently
discovered and reported this issue.
Security Issues:
* CVE-2014-1568
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568>
SUSE bug 897890CVE-2014-1568 at SUSECVE-2014-1568 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libgcryptSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update of libgcrypt mitigates the Yarom/Falkner flush+reload
side-channel attack on RSA secret keys (CVE-2013-4242).
Security Issue reference:
* CVE-2013-4242
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4242>
SUSE bug 831359CVE-2013-4242 at SUSECVE-2013-4242 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libgcrypt (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes the following issues:
* Use ciphertext blinding for Elgamal decryption [CVE-2014-3591].
See http://www.cs.tau.ac.il/~tromer/radioexp/ for details.
(bsc#920057)
* Fixed data-dependent timing variations in modular exponentiation
[related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
are Practical]
ModerateSUSE bug 920057CVE-2014-3591 at SUSECVE-2014-3591 at NVDCVE-2015-0837 at SUSECVE-2015-0837 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libgcrypt (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libgcrypt fixes the following issues:
- RNG prediction vulnerability (bsc#994157, CVE-2016-6313)
ModerateSUSE bug 994157CVE-2016-6313 at SUSECVE-2016-6313 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libgcrypt (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libgcrypt fixes the following issues:
- CVE-2017-7526: Hardening a against local side-channel attack in RSA key handling has been added (bsc#1046607)
ModerateSUSE bug 1046607CVE-2017-7526 at SUSECVE-2017-7526 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libgcrypt (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libgcrypt fixes the following issues:
Security issue fixed:
- CVE-2019-13627: Mitigated against an ECDSA timing attack. (bsc#1148987)
ModerateSUSE bug 1148987CVE-2019-13627 at SUSECVE-2019-13627 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libgcrypt (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libgcrypt fixes the following issues:
- CVE-2021-33560: Fixed a side-channel against ElGamal encryption, caused by missing exponent blinding (bsc#1187212).
ImportantSUSE bug 1187212CVE-2021-33560 at SUSECVE-2021-33560 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libgcryptSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This libgcrypt update fixes the following security issue:
* bnc#892464: Side-channel attack on Elgamal encryption subkeys.
(CVE-2014-5270)
Security Issues:
* CVE-2014-5270
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5270>
SUSE bug 892464CVE-2014-5270 at SUSECVE-2014-5270 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Recommended update for libical (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libical fixes the following issues:
Security issues fixed:
- CVE-2016-5823: The icalproperty_new_clone function in libical 0.47 and 1.0 allows remote
attackers to cause a denial of service (use-after-free) via a crafted ics file. (bnc#986632)
- CVE-2016-5824: libical 1.0 allows remote attackers to cause a denial of service (use-after-free)
via a crafted ics file. (bsc#986639)
- CVE-2016-5825: The icalparser_parse_string function in libical 0.47 and 1.0 allows remote
attackers to cause a denial of service (out-of-bounds heap read) via a crafted ics file.
(bsc#986642)
- CVE-2016-5826: The parser_get_next_char function in libical 0.47 and 1.0 allows remote attackers
to cause a denial of service (out-of-bounds heap read) by crafting a string to the
icalparser_parse_string function. (bsc#986658)
- CVE-2016-5827: The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers
to cause a denial of service (out-of-bounds heap read) via a crafted string to the
icalparser_parse_string function. (bsc#986631)
- CVE-2016-9584: libical allows remote attackers to cause a denial of service (use-after-free) and
possibly read heap memory via a crafted ics file. (bnc#1015964)
Bug fixes:
- libical crashes while parsing timezones (bsc#1044995)
ModerateSUSE bug 1015964SUSE bug 1044995SUSE bug 986631SUSE bug 986632SUSE bug 986639SUSE bug 986642SUSE bug 986658CVE-2016-5823 at SUSECVE-2016-5823 at NVDCVE-2016-5824 at SUSECVE-2016-5824 at NVDCVE-2016-5825 at SUSECVE-2016-5825 at NVDCVE-2016-5826 at SUSECVE-2016-5826 at NVDCVE-2016-5827 at SUSECVE-2016-5827 at NVDCVE-2016-9584 at SUSECVE-2016-9584 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libidn (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libidn fixes the following issues:
- CVE-2016-6262 and CVE-2015-8948: Out-of-bounds-read when reading one zero byte as input (bsc#990189)
- CVE-2016-6261: Out-of-bounds stack read in idna_to_ascii_4i (bsc#990190)
- CVE-2016-6263: stringprep_utf8_nfkc_normalize reject invalid UTF-8 (bsc#990191)
- CVE-2015-2059: out-of-bounds read with stringprep on invalid UTF-8 (bsc#923241)
ModerateSUSE bug 923241SUSE bug 990189SUSE bug 990190SUSE bug 990191CVE-2015-2059 at SUSECVE-2015-2059 at NVDCVE-2015-8948 at SUSECVE-2015-8948 at NVDCVE-2016-6261 at SUSECVE-2016-6261 at NVDCVE-2016-6262 at SUSECVE-2016-6262 at NVDCVE-2016-6263 at SUSECVE-2016-6263 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libidn (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libidn fixes one issues.
This security issue was fixed:
- CVE-2017-14062: Prevent integer overflow in the decode_digit function that
allowed remote attackers to cause a denial of service or possibly have
unspecified other impact (bsc#1056450).
ModerateSUSE bug 1056450CVE-2017-14062 at SUSECVE-2017-14062 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libjasperSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for libjasper fixes multiple off-by-one errors which could
allow remote attackers to execute arbitrary code via a heap-based buffer
overflow triggered by a crafted jp2 (JPEG 2000) file. (bsc#906364,
CVE-2014-9029)
Security Issues:
* CVE-2014-9029
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9029>
SUSE bug 906364CVE-2014-9029 at SUSECVE-2014-9029 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libksba
SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This libksba update fixes the following security issue:
* bnc#907074: buffer overflow in ksba_oid_to_str (CVE-2014-9087)
Security Issues:
* CVE-2014-9087
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9087>
SUSE bug 907074CVE-2014-9087 at SUSECVE-2014-9087 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libksba (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libksba fixes the following issues:
- CVE-2016-4579: Out-of-bounds read in _ksba_ber_parse_tl()
- CVE-2016-4574: two OOB read access bugs (remote DoS) (bsc#979261)
Also adding reliability fixes from v1.3.4.
ModerateSUSE bug 979261SUSE bug 979906CVE-2016-4574 at SUSECVE-2016-4574 at NVDCVE-2016-4579 at SUSECVE-2016-4579 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libksba (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The libksba package was updated to fix the following security issues:
- Fixed an integer overflow, an out of bounds read and a stack overflow issues (bsc#926826).
ModerateSUSE bug 926826cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libksba (Critical)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libksba fixes the following issues:
- CVE-2022-3515: Fixed a possible overflow in the TLV parser (bsc#1204357).
CriticalSUSE bug 1204357CVE-2022-3515 at SUSECVE-2022-3515 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libksba (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libksba fixes the following issues:
- CVE-2022-47629: Fixed an integer overflow vulnerability in the CRL
signature parser (bsc#1206579).
ModerateSUSE bug 1206579CVE-2022-47629 at SUSECVE-2022-47629 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for liblouis (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for liblouis fixes several issues.
These security issues were fixed:
- CVE-2017-13739: Prevent heap-based buffer overflow in the function resolveSubtable() that could have caused DoS or remote code execution (bsc#1056101)
- CVE-2017-13740: Prevent stack-based buffer overflow in the function parseChars() that could have caused DoS or possibly unspecified other impact (bsc#1056097) ()
- CVE-2017-13741: Prevent use-after-free in function compileBrailleIndicator() that allowed to cause remote DoS (bsc#1056095)
- CVE_2017-13742: Prevent stack-based buffer overflow in function includeFile that allowed to cause remote DoS (bsc#1056093).
- CVE-2017-13743: Prevent buffer overflow triggered in the function _lou_showString() that allowed to cause remote DoS (bsc#1056090)
ModerateSUSE bug 1056090SUSE bug 1056093SUSE bug 1056095SUSE bug 1056097SUSE bug 1056101CVE-2017-13739 at SUSECVE-2017-13739 at NVDCVE-2017-13740 at SUSECVE-2017-13740 at NVDCVE-2017-13741 at SUSECVE-2017-13741 at NVDCVE-2017-13743 at SUSECVE-2017-13743 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for liblouis (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for liblouis fixes the following issues:
Security issues fixed:
- CVE-2017-15101: Buffer overflow in findTable (bsc#1067336).
- CVE-2014-8184: stack-based buffer overflow in findTable() (bsc#1062458).
ModerateSUSE bug 1062458SUSE bug 1067336CVE-2014-8184 at SUSECVE-2014-8184 at NVDCVE-2017-15101 at SUSECVE-2017-15101 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for liblouis (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for liblouis, python-louis fixes the following issues:
Security issues fixed:
- CVE-2018-11684: Fixed stack-based buffer overflow in the function
includeFile() in compileTranslationTable.c (bsc#1095826)
- CVE-2018-11685: Fixed a stack-based buffer overflow in the function
compileHyphenation() in compileTranslationTable.c (bsc#1095825)
- CVE-2018-11683: Fix a stack-based buffer overflow in the function parseChars()
in compileTranslationTable.c (bsc#1095827)
ModerateSUSE bug 1095825SUSE bug 1095826SUSE bug 1095827CVE-2018-11683 at SUSECVE-2018-11683 at NVDCVE-2018-11684 at SUSECVE-2018-11684 at NVDCVE-2018-11685 at SUSECVE-2018-11685 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for liblouis (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for liblouis and python-louis fixes the following issue:
Security issue fixed:
- CVE-2018-17294: Fixed an out of bounds read in matchCurrentInput function
which could allow a remote attacker to cause Denail of Service (bsc#1109319).
LowSUSE bug 1109319CVE-2018-17294 at SUSECVE-2018-17294 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for liblouis (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for liblouis fixes the following issues:
- CVE-2018-12085: Fixed an off-by-one error resulting in a buffer overrun (bsc#1097103).
ModerateSUSE bug 1097103CVE-2018-12085 at SUSECVE-2018-12085 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for lzoSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
lzo was updated to fix a potential denial of service issue or possible
remote code execution by allowing an attacker, if the LZO decompression
algorithm is used in a threaded or kernel context, to corrupt memory
structures that control the flow of execution in other contexts.
(CVE-2014-4607)
Security Issue reference:
* CVE-2014-4607
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4607>
SUSE bug 883947CVE-2014-4607 at SUSECVE-2014-4607 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libmpfrSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for libmpfr fixes a buffer overflow in mpfr_strtofr.
(CVE-2014-9474)
Security Issues:
* CVE-2014-9474
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9474>
SUSE bug 911812CVE-2014-9474 at SUSECVE-2014-9474 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libmspackSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes the following security issue:
* CVE-2014-9556: An integer overflow in the function qtmd_decompress()
could have been exploited causing a denial of service (endless loop)
(bnc##912214)
Security Issues:
* CVE-2014-9556
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9556>
SUSE bug 912214CVE-2014-9556 at SUSECVE-2014-9556 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libmspack (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
libmspack was updated to fix several security vulnerabilities.
- Fix null pointer dereference on a crafted CAB. (bsc#934524, CVE-2014-9732)
- Fix denial of service while processing crafted CHM file. (bsc#934525, CVE-2015-4467)
- Fix denial of service while processing crafted CHM file. (bsc#934529, CVE-2015-4472)
- Fix pointer arithmetic overflow during CHM decompression. (bsc#934526, CVE-2015-4469)
- Fix off-by-one buffer over-read in mspack/mszipd.c. (bsc#934527, CVE-2015-4470)
- Fix off-by-one buffer under-read in mspack/lzxd.c. (bsc#934528, CVE-2015-4471)
ModerateSUSE bug 934524SUSE bug 934525SUSE bug 934526SUSE bug 934527SUSE bug 934528SUSE bug 934529CVE-2014-9732 at SUSECVE-2014-9732 at NVDCVE-2015-4467 at SUSECVE-2015-4467 at NVDCVE-2015-4469 at SUSECVE-2015-4469 at NVDCVE-2015-4470 at SUSECVE-2015-4470 at NVDCVE-2015-4471 at SUSECVE-2015-4471 at NVDCVE-2015-4472 at SUSECVE-2015-4472 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libmspack (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libmspack fixes the following issues:
Security issues fixed:
- CVE-2018-18584: The CAB block input buffer was one byte too small for the maximal Quantum block, leading to an out-of-bounds write. (bsc#1113038)
- CVE-2018-18585: chmd_read_headers accepted a filename that has '\0' as its first or second character (such as the '/\0' name). (bsc#1113039)
ModerateSUSE bug 1113038SUSE bug 1113039CVE-2018-18584 at SUSECVE-2018-18584 at NVDCVE-2018-18585 at SUSECVE-2018-18585 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libmspack (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libmspack fixes the following issues:
Security issue fixed:
- CVE-2019-1010305: Fixed a buffer overflow triggered by a crafted chm file
which could have led to information disclosure (bsc#1141680).
LowSUSE bug 1141680CVE-2019-1010305 at SUSECVE-2019-1010305 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for MySQLSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This MySQL update provides the following:
* upgrade to version 5.5.39, [bnc#887580]
* CVE's fixed: CVE-2014-2484, CVE-2014-4258, CVE-2014-4260,
CVE-2014-2494, CVE-2014-4238, CVE-2014-4207, CVE-2014-4233,
CVE-2014-4240, CVE-2014-4214, CVE-2014-4243
See also:
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
<http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html>
Security Issues:
* CVE-2014-2484
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2484>
* CVE-2014-4258
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4258>
* CVE-2014-4260
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4260>
* CVE-2014-2494
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2494>
* CVE-2014-4238
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4238>
* CVE-2014-4207
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4207>
* CVE-2014-4233
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4233>
* CVE-2014-4240
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4240>
* CVE-2014-4214
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4214>
* CVE-2014-4243
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4243>
SUSE bug 734436SUSE bug 768832SUSE bug 780019SUSE bug 789263SUSE bug 791863SUSE bug 792332SUSE bug 803040SUSE bug 830086SUSE bug 834028SUSE bug 834967SUSE bug 837801SUSE bug 857678SUSE bug 858823SUSE bug 861493SUSE bug 868673SUSE bug 873896SUSE bug 878779SUSE bug 887580SUSE bug 901237SUSE bug 914058SUSE bug 922043SUSE bug 927623SUSE bug 934789CVE-2012-5615 at SUSECVE-2012-5615 at NVDCVE-2013-1861 at SUSECVE-2013-1861 at NVDCVE-2013-3783 at SUSECVE-2013-3783 at NVDCVE-2013-3793 at SUSECVE-2013-3793 at NVDCVE-2013-3794 at SUSECVE-2013-3794 at NVDCVE-2013-3795 at SUSECVE-2013-3795 at NVDCVE-2013-3796 at SUSECVE-2013-3796 at NVDCVE-2013-3798 at SUSECVE-2013-3798 at NVDCVE-2013-3801 at SUSECVE-2013-3801 at NVDCVE-2013-3802 at SUSECVE-2013-3802 at NVDCVE-2013-3804 at SUSECVE-2013-3804 at NVDCVE-2013-3805 at SUSECVE-2013-3805 at NVDCVE-2013-3806 at SUSECVE-2013-3806 at NVDCVE-2013-3807 at SUSECVE-2013-3807 at NVDCVE-2013-3808 at SUSECVE-2013-3808 at NVDCVE-2013-3809 at SUSECVE-2013-3809 at NVDCVE-2013-3810 at SUSECVE-2013-3810 at NVDCVE-2013-3811 at SUSECVE-2013-3811 at NVDCVE-2013-3812 at SUSECVE-2013-3812 at NVDCVE-2013-4316 at SUSECVE-2013-4316 at NVDCVE-2013-5860 at SUSECVE-2013-5860 at NVDCVE-2013-5881 at SUSECVE-2013-5881 at NVDCVE-2013-5882 at SUSECVE-2013-5882 at NVDCVE-2013-5891 at SUSECVE-2013-5891 at NVDCVE-2013-5894 at SUSECVE-2013-5894 at NVDCVE-2013-5908 at SUSECVE-2013-5908 at NVDCVE-2014-0001 at SUSECVE-2014-0001 at NVDCVE-2014-0224 at SUSECVE-2014-0224 at NVDCVE-2014-0384 at SUSECVE-2014-0384 at NVDCVE-2014-0386 at SUSECVE-2014-0386 at NVDCVE-2014-0393 at SUSECVE-2014-0393 at NVDCVE-2014-0401 at SUSECVE-2014-0401 at NVDCVE-2014-0402 at SUSECVE-2014-0402 at NVDCVE-2014-0412 at SUSECVE-2014-0412 at NVDCVE-2014-0420 at SUSECVE-2014-0420 at NVDCVE-2014-0427 at SUSECVE-2014-0427 at NVDCVE-2014-0430 at SUSECVE-2014-0430 at NVDCVE-2014-0431 at SUSECVE-2014-0431 at NVDCVE-2014-0433 at SUSECVE-2014-0433 at NVDCVE-2014-0437 at SUSECVE-2014-0437 at NVDCVE-2014-2419 at SUSECVE-2014-2419 at NVDCVE-2014-2430 at SUSECVE-2014-2430 at NVDCVE-2014-2431 at SUSECVE-2014-2431 at NVDCVE-2014-2432 at SUSECVE-2014-2432 at NVDCVE-2014-2434 at SUSECVE-2014-2434 at NVDCVE-2014-2435 at SUSECVE-2014-2435 at NVDCVE-2014-2436 at SUSECVE-2014-2436 at NVDCVE-2014-2438 at SUSECVE-2014-2438 at NVDCVE-2014-2440 at SUSECVE-2014-2440 at NVDCVE-2014-2442 at SUSECVE-2014-2442 at NVDCVE-2014-2444 at SUSECVE-2014-2444 at NVDCVE-2014-2450 at SUSECVE-2014-2450 at NVDCVE-2014-2451 at SUSECVE-2014-2451 at NVDCVE-2014-2484 at SUSECVE-2014-2484 at NVDCVE-2014-2494 at SUSECVE-2014-2494 at NVDCVE-2014-3569 at SUSECVE-2014-3569 at NVDCVE-2014-3570 at SUSECVE-2014-3570 at NVDCVE-2014-3571 at SUSECVE-2014-3571 at NVDCVE-2014-3572 at SUSECVE-2014-3572 at NVDCVE-2014-4207 at SUSECVE-2014-4207 at NVDCVE-2014-4214 at SUSECVE-2014-4214 at NVDCVE-2014-4233 at SUSECVE-2014-4233 at NVDCVE-2014-4238 at SUSECVE-2014-4238 at NVDCVE-2014-4240 at SUSECVE-2014-4240 at NVDCVE-2014-4243 at SUSECVE-2014-4243 at NVDCVE-2014-4258 at SUSECVE-2014-4258 at NVDCVE-2014-4260 at SUSECVE-2014-4260 at NVDCVE-2014-4274 at SUSECVE-2014-4274 at NVDCVE-2014-4287 at SUSECVE-2014-4287 at NVDCVE-2014-6463 at SUSECVE-2014-6463 at NVDCVE-2014-6464 at SUSECVE-2014-6464 at NVDCVE-2014-6469 at SUSECVE-2014-6469 at NVDCVE-2014-6474 at SUSECVE-2014-6474 at NVDCVE-2014-6478 at SUSECVE-2014-6478 at NVDCVE-2014-6484 at SUSECVE-2014-6484 at NVDCVE-2014-6489 at SUSECVE-2014-6489 at NVDCVE-2014-6491 at SUSECVE-2014-6491 at NVDCVE-2014-6494 at SUSECVE-2014-6494 at NVDCVE-2014-6495 at SUSECVE-2014-6495 at NVDCVE-2014-6496 at SUSECVE-2014-6496 at NVDCVE-2014-6500 at SUSECVE-2014-6500 at NVDCVE-2014-6505 at SUSECVE-2014-6505 at NVDCVE-2014-6507 at SUSECVE-2014-6507 at NVDCVE-2014-6520 at SUSECVE-2014-6520 at NVDCVE-2014-6530 at SUSECVE-2014-6530 at NVDCVE-2014-6551 at SUSECVE-2014-6551 at NVDCVE-2014-6555 at SUSECVE-2014-6555 at NVDCVE-2014-6559 at SUSECVE-2014-6559 at NVDCVE-2014-6564 at SUSECVE-2014-6564 at NVDCVE-2014-6568 at SUSECVE-2014-6568 at NVDCVE-2014-8275 at SUSECVE-2014-8275 at NVDCVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0205 at SUSECVE-2015-0205 at NVDCVE-2015-0206 at SUSECVE-2015-0206 at NVDCVE-2015-0374 at SUSECVE-2015-0374 at NVDCVE-2015-0381 at SUSECVE-2015-0381 at NVDCVE-2015-0382 at SUSECVE-2015-0382 at NVDCVE-2015-0385 at SUSECVE-2015-0385 at NVDCVE-2015-0391 at SUSECVE-2015-0391 at NVDCVE-2015-0405 at SUSECVE-2015-0405 at NVDCVE-2015-0409 at SUSECVE-2015-0409 at NVDCVE-2015-0411 at SUSECVE-2015-0411 at NVDCVE-2015-0423 at SUSECVE-2015-0423 at NVDCVE-2015-0432 at SUSECVE-2015-0432 at NVDCVE-2015-0433 at SUSECVE-2015-0433 at NVDCVE-2015-0438 at SUSECVE-2015-0438 at NVDCVE-2015-0439 at SUSECVE-2015-0439 at NVDCVE-2015-0441 at SUSECVE-2015-0441 at NVDCVE-2015-0498 at SUSECVE-2015-0498 at NVDCVE-2015-0499 at SUSECVE-2015-0499 at NVDCVE-2015-0500 at SUSECVE-2015-0500 at NVDCVE-2015-0501 at SUSECVE-2015-0501 at NVDCVE-2015-0503 at SUSECVE-2015-0503 at NVDCVE-2015-0505 at SUSECVE-2015-0505 at NVDCVE-2015-0506 at SUSECVE-2015-0506 at NVDCVE-2015-0507 at SUSECVE-2015-0507 at NVDCVE-2015-0508 at SUSECVE-2015-0508 at NVDCVE-2015-0511 at SUSECVE-2015-0511 at NVDCVE-2015-2305 at SUSECVE-2015-2305 at NVDCVE-2015-2566 at SUSECVE-2015-2566 at NVDCVE-2015-2567 at SUSECVE-2015-2567 at NVDCVE-2015-2568 at SUSECVE-2015-2568 at NVDCVE-2015-2571 at SUSECVE-2015-2571 at NVDCVE-2015-2573 at SUSECVE-2015-2573 at NVDCVE-2015-2576 at SUSECVE-2015-2576 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libnl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libnl fixes the following issues:
Security issue fixed:
- CVE-2017-0386: Fixed a privilege escalation vulnerability which allowed a local user to execute code within a privileged process (bsc#1020123).
ModerateSUSE bug 1020123CVE-2017-0386 at SUSECVE-2017-0386 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for OpenSSLSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This OpenSSL update fixes the following issues:
* Session Ticket Memory Leak (CVE-2014-3567)
* Build option no-ssl3 is incomplete (CVE-2014-3568)
* Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE)
Security Issues:
* CVE-2014-3567
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567>
* CVE-2014-3566
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566>
* CVE-2014-3568
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568>
SUSE bug 859228SUSE bug 859924SUSE bug 860332SUSE bug 862181SUSE bug 869945SUSE bug 870192SUSE bug 879179SUSE bug 880891SUSE bug 890764SUSE bug 890767SUSE bug 890768SUSE bug 890769SUSE bug 890770SUSE bug 892403SUSE bug 901223SUSE bug 901277SUSE bug 912014SUSE bug 912015SUSE bug 912018SUSE bug 912293SUSE bug 912294SUSE bug 912296SUSE bug 915976SUSE bug 919648SUSE bug 920236SUSE bug 922488SUSE bug 922496SUSE bug 922499SUSE bug 922500SUSE bug 922501SUSE bug 929678SUSE bug 931698SUSE bug 933898SUSE bug 933911SUSE bug 934487SUSE bug 934489SUSE bug 934491SUSE bug 934493CVE-2009-5146 at SUSECVE-2009-5146 at NVDCVE-2014-0076 at SUSECVE-2014-0076 at NVDCVE-2014-0221 at SUSECVE-2014-0221 at NVDCVE-2014-0224 at SUSECVE-2014-0224 at NVDCVE-2014-3470 at SUSECVE-2014-3470 at NVDCVE-2014-3505 at SUSECVE-2014-3505 at NVDCVE-2014-3506 at SUSECVE-2014-3506 at NVDCVE-2014-3507 at SUSECVE-2014-3507 at NVDCVE-2014-3508 at SUSECVE-2014-3508 at NVDCVE-2014-3510 at SUSECVE-2014-3510 at NVDCVE-2014-3566 at SUSECVE-2014-3566 at NVDCVE-2014-3567 at SUSECVE-2014-3567 at NVDCVE-2014-3568 at SUSECVE-2014-3568 at NVDCVE-2014-3570 at SUSECVE-2014-3570 at NVDCVE-2014-3571 at SUSECVE-2014-3571 at NVDCVE-2014-3572 at SUSECVE-2014-3572 at NVDCVE-2014-8275 at SUSECVE-2014-8275 at NVDCVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0205 at SUSECVE-2015-0205 at NVDCVE-2015-0209 at SUSECVE-2015-0209 at NVDCVE-2015-0286 at SUSECVE-2015-0286 at NVDCVE-2015-0287 at SUSECVE-2015-0287 at NVDCVE-2015-0288 at SUSECVE-2015-0288 at NVDCVE-2015-0289 at SUSECVE-2015-0289 at NVDCVE-2015-0292 at SUSECVE-2015-0292 at NVDCVE-2015-0293 at SUSECVE-2015-0293 at NVDCVE-2015-1788 at SUSECVE-2015-1788 at NVDCVE-2015-1789 at SUSECVE-2015-1789 at NVDCVE-2015-1790 at SUSECVE-2015-1790 at NVDCVE-2015-1791 at SUSECVE-2015-1791 at NVDCVE-2015-1792 at SUSECVE-2015-1792 at NVDCVE-2015-3216 at SUSECVE-2015-3216 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libotr (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libotr fixes the following issues:
- Apply 'libotr-CVE-2016-2851.patch' to fix integer overflows that
used to occur on 64-bit architectures when receiving 4GB messages.
This flaw could potentially have been exploited by an attacker to
remotely execute arbitrary code on the user's machine.
(CVE-2016-2851, bsc#969785)
ModerateSUSE bug 969785CVE-2016-2851 at SUSECVE-2016-2851 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for pixmanSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes the following security issue with pixman:
* Integer underflow when handling trapezoids. (bnc#853824,
CVE-2013-6425)
Security Issues:
* CVE-2013-6425
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6425>
SUSE bug 815064SUSE bug 853824CVE-2013-1591 at SUSECVE-2013-1591 at NVDCVE-2013-6425 at SUSECVE-2013-6425 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libpngSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This libpng update fixes the following two overflow security issues.
* bnc#873123: Fixed integer overflow that could have lead to a
heap-based buffer overflow in png_set_sPLT() and png_set_text_2()
(CVE-2013-7354).
* bnc#873124: Fixed integer overflow that could have lead to a
heap-based buffer overflow in png_set_unknown_chunks()
(CVE-2013-7353).
Security Issue references:
* CVE-2013-7353
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7353>
* CVE-2013-7354
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7354>
SUSE bug 873123SUSE bug 873124CVE-2013-7353 at SUSECVE-2013-7353 at NVDCVE-2013-7354 at SUSECVE-2013-7354 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libpng12-0 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The libpng12-0 package was updated to fix the following security issues:
- CVE-2015-8126: Fixed a buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions (bsc#954980).
- CVE-2015-7981: Fixed an out-of-bound read (bsc#952051).
ModerateSUSE bug 952051SUSE bug 954980CVE-2015-7981 at SUSECVE-2015-7981 at NVDCVE-2015-8126 at SUSECVE-2015-8126 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libpng12-0 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
- security update:
This update fixes the following securit issue:
* CVE-2015-8126 Multiple buffer overflows in the png_set_PLTE and png_get_PLTE functions
allow remote attackers to cause a denial of service (application crash) or possibly have
unspecified other impact [bsc#954980]
ModerateSUSE bug 954980CVE-2015-8126 at SUSECVE-2015-8126 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libpng12-0 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libpng12-0 fixes the following issues:
Security issues fixed:
- CVE-2015-8540: read underflow in libpng (bsc#958791)
- CVE-2016-10087: NULL pointer dereference in png_set_text_2() (bsc#1017646)
ModerateSUSE bug 1017646SUSE bug 958791CVE-2015-8540 at SUSECVE-2015-8540 at NVDCVE-2016-10087 at SUSECVE-2016-10087 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libpng12-0 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libpng12-0 fixes the following issues:
Security issue fixed:
- CVE-2017-12652: Fixed an Input Validation Error related to the length of chunks (bsc#1141493).
ModerateSUSE bug 1141493CVE-2017-12652 at SUSECVE-2017-12652 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for popplerSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes problems in DCTStream error handling in poppler.
Security Issue reference:
* CVE-2010-5110
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5110>
SUSE bug 845765CVE-2010-5110 at SUSECVE-2010-5110 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for pulseaudioSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The following security issue is fixed in this update:
* CVE-2014-3970: Fixed a remote denial of service attack in
module-rtp-recv.
Security Issues:
* CVE-2014-3970
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3970>
SUSE bug 746879SUSE bug 754615SUSE bug 797080SUSE bug 881524CVE-2014-3970 at SUSECVE-2014-3970 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libqt4 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libqt4 fixes the following issues:
- CVE-2018-15518: Fixed a double free in QXmlStreamReader (bsc#1118595)
- CVE-2018-19873: Fixed a segmantation fault via a malformed
BMP file (bsc#1118596).
- CVE-2018-19869: Fixed an improper checking which might lead to
a crach via a malformed url reference (bsc#1118599).
ModerateSUSE bug 1118595SUSE bug 1118596SUSE bug 1118599CVE-2018-15518 at SUSECVE-2018-15518 at NVDCVE-2018-19869 at SUSECVE-2018-19869 at NVDCVE-2018-19873 at SUSECVE-2018-19873 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libqt4 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libqt4 fixes the following issues:
- CVE-2020-17507: Fixed buffer over-read in read_xbm_body (bsc#1176315)
ModerateSUSE bug 1176315CVE-2020-17507 at SUSECVE-2020-17507 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libqt4SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update of the QT4 QSSL interface makes it select a set of default
ciphers that is recommended for current usage. This update is needed for
Konqueror to restrict its cipher set when using https.
SUSE bug 865241cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libqt4SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The libqt4 library was updated to fix several security issues:
* CVE-2015-0295: Division by zero when processing malformed BMP files.
(bsc#921999)
* CVE-2015-1858: Segmentation fault in BMP Qt Image Format Handling.
(bsc#927806)
* CVE-2015-1859: Segmentation fault in ICO Qt Image Format Handling.
(bsc#927807)
* CVE-2015-1860: Segmentation fault in GIF Qt Image Format Handling.
(bsc#927808)
Security Issues:
* CVE-2015-1858
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1858>
* CVE-2015-1859
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1859>
* CVE-2015-1860
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1860>
* CVE-2015-0295
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0295>
SUSE bug 921999SUSE bug 927806SUSE bug 927807SUSE bug 927808CVE-2015-0295 at SUSECVE-2015-0295 at NVDCVE-2015-1858 at SUSECVE-2015-1858 at NVDCVE-2015-1859 at SUSECVE-2015-1859 at NVDCVE-2015-1860 at SUSECVE-2015-1860 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for librsvg (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
librsvg was updated to fix one security issue.
This security issue was fixed:
- CVE-2013-1881: GNOME libsvg allowed remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue (bsc#840753).
ImportantSUSE bug 840753CVE-2013-1881 at SUSECVE-2013-1881 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for librsvg (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for librsvg fixes the following issues:
- CVE-2019-20446: Fixed an issue where a crafted SVG file with nested
patterns can cause denial of service (bsc#1162501).
NOTE: Librsvg now has limits on the number of loaded XML elements,
and the number of referenced elements within an SVG document.
- CVE-2015-7558: librsvg allowed context-dependent attackers to cause a denial of service (infinite loop, stack consumption, and application crash) via cyclic references in an SVG document (bsc#977985).
- CVE-2016-6163: svg pattern linking to non-pattern fallback leads to invalid memory access, allowing to cause DoS (bsc#987877).
- CVE-2018-1000041: Fixed leaking credentials via SVG files that reference UNC paths (bsc#1083232)
- CVE-2016-4348: Fixed a denial of service parsing SVGs with circular definitions _rsvg_css_normalize_font_size() function (bsc#977986)
- Fixed a stack exhaustion with circular references in <use>
elements.
- Fixed a denial-of-service condition from exponential explosion
of rendered elements, through nested use of SVG 'use' elements in
malicious SVGs.
This updated also removes the the Mozilla plugin package. Firefox can render SVG on its own and
the plugin interface is obsolete.
This update for libcroco fixes the following issue:
- Fixed an issue where librsvg was throwing a segmentation fault (bsc#1094213).
ModerateSUSE bug 1083232SUSE bug 1094213SUSE bug 1162501SUSE bug 977985SUSE bug 977986SUSE bug 987877CVE-2015-7558 at SUSECVE-2015-7558 at NVDCVE-2016-4348 at SUSECVE-2016-4348 at NVDCVE-2016-6163 at SUSECVE-2016-6163 at NVDCVE-2018-1000041 at SUSECVE-2018-1000041 at NVDCVE-2019-20446 at SUSECVE-2019-20446 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libsamplerate (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libsamplerate fixes the following issues:
- CVE-2017-7697: Fixed a buffer overflow in calc_output_single. (bsc#1033564)
ModerateSUSE bug 1033564CVE-2017-7697 at SUSECVE-2017-7697 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libsndfileSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for libsndfile fixes two buffer read overflows in
sd2_parse_rsrc_fork(). (CVE-2014-9496, bsc#911796)
Security Issues:
* CVE-2014-9496
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9496>
SUSE bug 911796CVE-2014-9496 at SUSECVE-2014-9496 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libsndfile (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The libsndfile package was updated to fix the following security issue:
- CVE-2014-9756: Fixed a divide by zero problem that can lead to a Denial of Service (DoS) (bsc#953521).
- CVE-2015-7805: Fixed heap overflow issue (bsc#953516).
ModerateSUSE bug 953516SUSE bug 953521CVE-2014-9756 at SUSECVE-2014-9756 at NVDCVE-2015-7805 at SUSECVE-2015-7805 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libsndfile (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libsndfile fixes the following issues:
- CVE-2017-7585,CVE-2017-7741,CVE-2017-7742: Some stack-based buffer overflows via a specially crafted FLAC
file were fixed (error in the 'flac_buffer_copy()' function) (bsc#1033054, bsc#1033914, bsc#1033915).
ModerateSUSE bug 1033054SUSE bug 1033914SUSE bug 1033915CVE-2017-7585 at SUSECVE-2017-7585 at NVDCVE-2017-7741 at SUSECVE-2017-7741 at NVDCVE-2017-7742 at SUSECVE-2017-7742 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libsndfile (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libsndfile fixes the following issues:
- CVE-2017-8362: invalid memory read in flac_buffer_copy (flac.c) (bsc#1036943)
- CVE-2017-8365: global buffer overflow in i2les_array (pcm.c) (bsc#1036946)
- CVE-2017-8361: global buffer overflow in flac_buffer_copy (flac.c) (bsc#1036944)
- CVE-2017-8363: heap-based buffer overflow in flac_buffer_copy (flac.c) (bsc#1036945)
- CVE-2017-7585: stack-based buffer overflow via a specially crafted FLAC file (bsc#1033054)
ModerateSUSE bug 1033054SUSE bug 1033914SUSE bug 1033915SUSE bug 1036943SUSE bug 1036944SUSE bug 1036945SUSE bug 1036946CVE-2017-7585 at SUSECVE-2017-7585 at NVDCVE-2017-7741 at SUSECVE-2017-7741 at NVDCVE-2017-7742 at SUSECVE-2017-7742 at NVDCVE-2017-8361 at SUSECVE-2017-8361 at NVDCVE-2017-8362 at SUSECVE-2017-8362 at NVDCVE-2017-8363 at SUSECVE-2017-8363 at NVDCVE-2017-8365 at SUSECVE-2017-8365 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for libsndfile (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
- This update for libsndfile fixes a memory leak in an error path.(bsc#1038856)
- CVE-2017-16942: A divide-by-zero error exists in the function wav_w64_read_fmt_chunk() in wav_w64.c, which may lead to DoS when playing a crafted audio file. (bsc#1069874)
- CVE-2017-14634: In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file. (bsc#1059911)
- CVE-2017-14245: An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of
the NAN and INFINITY floating-point values. (bsc#1059912)
- CVE-2017-14246: An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of
the NAN and INFINITY floating-point values.(bsc#1059913)
ModerateSUSE bug 1038856SUSE bug 1059911SUSE bug 1059912SUSE bug 1059913SUSE bug 1069874CVE-2017-14245 at SUSECVE-2017-14245 at NVDCVE-2017-14246 at SUSECVE-2017-14246 at NVDCVE-2017-14634 at SUSECVE-2017-14634 at NVDCVE-2017-16942 at SUSECVE-2017-16942 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libsndfile (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libsndfile fixes the following issues:
Security issues fixed:
- CVE-2017-17456: Prevent segmentation fault in the function d2alaw_array() that may have lead to a remote DoS (bsc#1071777).
- CVE-2017-17457: Prevent segmentation fault in the function d2ulaw_array() that may have lead to a remote DoS, a different vulnerability than CVE-2017-14246 (bsc#1071767).
- CVE-2018-19758: Fixed a heap-based buffer over-read at wav.c in wav_write_header that could have been used for a denial of service attack (bsc#1117954).
ModerateSUSE bug 1071767SUSE bug 1071777SUSE bug 1117954CVE-2017-17456 at SUSECVE-2017-17456 at NVDCVE-2017-17457 at SUSECVE-2017-17457 at NVDCVE-2018-19758 at SUSECVE-2018-19758 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libsndfile (Critical)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libsndfile fixes the following issues:
- CVE-2021-3246: Fixed a heap buffer overflow vulnerability in msadpcm_decode_block. (bsc#1188540)
CriticalSUSE bug 1188540CVE-2021-3246 at SUSECVE-2021-3246 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libsndfile (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libsndfile fixes the following issues:
- CVE-2021-4156: Fixed heap buffer overflow in flac_buffer_copy that
could potentially lead to heap exploitation (bsc#1194006).
ImportantSUSE bug 1194006CVE-2021-4156 at SUSECVE-2021-4156 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for net-snmpSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for net-snmp fixes a remote denial of service problem inside
snmptrapd when it is started with the '-OQ' option. (CVE-2014-3565,
bnc#894361)
Additionally, a timeout issue during SNMP MIB walk on OID 1.3.6.1.2.1.4.24
when using newer (v5.5+) versions of snmpwalk has been fixed. (bnc#865222)
Security Issues:
* CVE-2014-3565
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565>
SUSE bug 822368SUSE bug 828081SUSE bug 833153SUSE bug 833191SUSE bug 865222SUSE bug 866942SUSE bug 867349SUSE bug 894361CVE-2014-2284 at SUSECVE-2014-2284 at NVDCVE-2014-2310 at SUSECVE-2014-2310 at NVDCVE-2014-3565 at SUSECVE-2014-3565 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libsoup (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libsoup fixes the following issues:
Security issue fixed:
- CVE-2018-12910: Fixed a denial of service which was caused handling empty hostnames in get_cookies() (bsc#1100097).
ModerateSUSE bug 1100097CVE-2018-12910 at SUSECVE-2018-12910 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libssh2_orgSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The ssh client library libssh2_org was updated to fix a security issue:
* CVE-2015-1782: A malicious server could send a crafted
SSH_MSG_KEXINIT packet, that could lead to a buffer overread and to a
crash of the application using libssh2_org.
Security Issues:
* CVE-2015-1782
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1782>
SUSE bug 921070CVE-2015-1782 at SUSECVE-2015-1782 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libssh2_org (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libssh2_org fixes the following issues:
- Add SHA256 support for DH group exchange (fate#320343, bsc#961964)
- fix CVE-2016-0787 (bsc#967026)
* Weakness in diffie-hellman secret key generation lead to much shorter DH groups
then needed, which could be used to retrieve server keys.
ModerateSUSE bug 961964SUSE bug 967026CVE-2016-0787 at SUSECVE-2016-0787 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libssh2_org (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libssh2_org fixes the following issues:
Security issues fixed:
- CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets (bsc#1128490).
- CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet (bsc#1128492).
- CVE-2019-3860: Fixed Out-of-bounds reads with specially crafted SFTP packets (bsc#1128481).
- CVE-2019-3863: Fixed an Integer overflow in user authenticate keyboard interactive which could allow out-of-bounds writes
with specially crafted keyboard responses (bsc#1128493).
- CVE-2019-3856: Fixed a potential Integer overflow in keyboard interactive handling which could allow out-of-bounds write
with specially crafted payload (bsc#1128472).
- CVE-2019-3859: Fixed Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require
and _libssh2_packet_requirev (bsc#1128480).
- CVE-2019-3855: Fixed a potential Integer overflow in transport read which could allow out-of-bounds write with specially
crafted payload (bsc#1128471).
- CVE-2019-3858: Fixed a potential zero-byte allocation which could lead to an out-of-bounds read with a specially crafted
SFTP packet (bsc#1128476).
- CVE-2019-3857: Fixed a potential Integer overflow which could lead to zero-byte allocation and out-of-bounds with specially
crafted message channel request SSH packet (bsc#1128474).
Other issue addressed:
- Fixed an issue where libssh2 stops parsing known_hosts (bsc#1091236).
ModerateSUSE bug 1091236SUSE bug 1128471SUSE bug 1128472SUSE bug 1128474SUSE bug 1128476SUSE bug 1128480SUSE bug 1128481SUSE bug 1128490SUSE bug 1128492SUSE bug 1128493CVE-2019-3855 at SUSECVE-2019-3855 at NVDCVE-2019-3856 at SUSECVE-2019-3856 at NVDCVE-2019-3857 at SUSECVE-2019-3857 at NVDCVE-2019-3858 at SUSECVE-2019-3858 at NVDCVE-2019-3859 at SUSECVE-2019-3859 at NVDCVE-2019-3860 at SUSECVE-2019-3860 at NVDCVE-2019-3861 at SUSECVE-2019-3861 at NVDCVE-2019-3862 at SUSECVE-2019-3862 at NVDCVE-2019-3863 at SUSECVE-2019-3863 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libssh2_org (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libssh2_org fixes the following issues:
- Incorrect upstream fix for CVE-2019-3859 broke public key authentication [bsc#1133528, bsc#1130103]
ImportantSUSE bug 1130103SUSE bug 1133528CVE-2019-3859 at SUSECVE-2019-3859 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libssh2_org (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libssh2_org fixes the following issues:
- Fix the previous fix for CVE-2019-3860 (bsc#1136570, bsc#1128481)
(Out-of-bounds reads with specially crafted SFTP packets)
ModerateSUSE bug 1128481SUSE bug 1136570CVE-2019-3860 at SUSECVE-2019-3860 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libssh2_org (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libssh2_org fixes the following issue:
- CVE-2019-17498: Fixed an integer overflow in a bounds check that might have led to the disclosure of sensitive information or a denial of service (bsc#1154862).
ModerateSUSE bug 1154862CVE-2019-17498 at SUSECVE-2019-17498 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libtasn1SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
libtasn1 has been updated to fix three security issues:
* asn1_get_bit_der() could have returned negative bit length
(CVE-2014-3468)
* Multiple boundary check issues could have allowed DoS (CVE-2014-3467)
* Possible DoS by NULL pointer dereference in asn1_read_value_type
(CVE-2014-3469)
Security Issues:
* CVE-2014-3468
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468>
* CVE-2014-3467
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467>
* CVE-2014-3469
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469>
SUSE bug 880735SUSE bug 880737SUSE bug 880738SUSE bug 924828CVE-2014-3467 at SUSECVE-2014-3467 at NVDCVE-2014-3468 at SUSECVE-2014-3468 at NVDCVE-2014-3469 at SUSECVE-2014-3469 at NVDCVE-2015-2806 at SUSECVE-2015-2806 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libtasn1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libtasn1 fixes the following issues:
Security issues fixed:
- CVE-2018-1000654: Fixed a denial of service in the asn1 parser (bsc#1105435).
- CVE-2017-6891: Fixed a stack overflow in asn1_find_node() (bsc#1040621).
ModerateSUSE bug 1040621SUSE bug 1105435CVE-2017-6891 at SUSECVE-2017-6891 at NVDCVE-2018-1000654 at SUSECVE-2018-1000654 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libtasn1 (Critical)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libtasn1 fixes the following issues:
- CVE-2021-46848: Fixed off-by-one array size check that affects asn1_encode_simple_der (bsc#1204690)
CriticalSUSE bug 1204690CVE-2021-46848 at SUSECVE-2021-46848 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libtcnative-1-0 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libtcnative-1-0 fixes the following issues:
- CVE-2015-4000: Disable 512-bit export-grade cryptography to prevent Logjam
vulnerability (bsc#938945)
ModerateSUSE bug 938945CVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libtcnative-1-0 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libtcnative-1-0 to version 1.1.34 fixes the following issues:
- CVE-2017-15698: Fixed an improper handling of fields with more than 127 bytes
which could allow invalid client certificates to be accepted (bsc#1078679).
- CVE-2018-8019: When using an OCSP responder did not correctly handle invalid
responses. This allowed for revoked client certificates to be incorrectly
identified. It was therefore possible for users to authenticate with revoked
certificates when using mutual TLS (bsc#1103348).
- CVE-2018-8020: Did not properly check OCSP pre-produced responses. Revoked
client certificates may have not been properly identified, allowing for users
to authenticate with revoked certificates to connections that require mutual
TLS (bsc#1103347).
For a complete list of changes please see
http://tomcat.apache.org/native-1.1-doc/miscellaneous/changelog.html
ImportantSUSE bug 1078679SUSE bug 1103347SUSE bug 1103348CVE-2017-15698 at SUSECVE-2017-15698 at NVDCVE-2018-8019 at SUSECVE-2018-8019 at NVDCVE-2018-8020 at SUSECVE-2018-8020 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libtiffSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This tiff update fixes several security issues.
* bnc#834477: CVE-2013-4232 CVE-2013-4231: tiff: buffer overflows/use
after free problem
* bnc#834779: CVE-2013-4243: libtiff (gif2tiff): heap-based buffer
overflow in readgifimage()
* bnc#834788: CVE-2013-4244: libtiff (gif2tiff): OOB Write in LZW
decompressor
Security Issue references:
* CVE-2013-4232
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4232>
* CVE-2013-4231
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4231>
* CVE-2013-4243
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4243>
* CVE-2013-4244
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4244>
SUSE bug 834477SUSE bug 834779SUSE bug 834788CVE-2013-4231 at SUSECVE-2013-4231 at NVDCVE-2013-4232 at SUSECVE-2013-4232 at NVDCVE-2013-4243 at SUSECVE-2013-4243 at NVDCVE-2013-4244 at SUSECVE-2013-4244 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libtirpc, rpcbind (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libtirpc and rpcbind fixes the following issues:
- CVE-2017-8779: A crafted UDP package could lead rpcbind to remote denial-of-service. (bsc#1037559)
ImportantSUSE bug 1037559CVE-2017-8779 at SUSECVE-2017-8779 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for libtirpc (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libtirpc fixes the following issues:
- Prevent remote crash of RPC services (bsc#968175)
ModerateSUSE bug 968175cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libtirpc (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libtirpc fixes the following issues:
Security issues fixed:
- CVE-2018-14621: libtirpc: Infinite loop in EMFILE case in svc_vc.c (bsc#1106519)
- CVE-2018-14622: libtirpc: Segmentation fault in makefd_xprt return value in svc_vc.c (bsc#1106517)
ModerateSUSE bug 1106517SUSE bug 1106519SUSE bug 968175CVE-2018-14621 at SUSECVE-2018-14621 at NVDCVE-2018-14622 at SUSECVE-2018-14622 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libunwind (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libunwind fixes the following issues:
- CVE-2015-3239: Fixed an off-by-one in dwarf_to_unw_regnum() (bsc#936786).
ModerateSUSE bug 936786CVE-2015-3239 at SUSECVE-2015-3239 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libvirtSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
libvirt has been patched to fix two security issues.
Further information is available at
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0179
<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0179> and
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6456
<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6456>
These security issues have been fixed:
* Unsafe parsing of XML documents allows arbitrary file read or denial
of service (CVE-2014-0179)
* Ability to delete or create arbitrary host devices (CVE-2013-6456)
Security Issue references:
* CVE-2014-0179
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0179>
* CVE-2013-6456
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6456>
SUSE bug 817407SUSE bug 819976SUSE bug 828502SUSE bug 828506SUSE bug 828508SUSE bug 829203SUSE bug 831709SUSE bug 836931SUSE bug 837329SUSE bug 837530SUSE bug 837999SUSE bug 838638SUSE bug 841720SUSE bug 842016SUSE bug 854486SUSE bug 857490SUSE bug 857492SUSE bug 858817SUSE bug 873705CVE-2013-4296 at SUSECVE-2013-4296 at NVDCVE-2013-5651 at SUSECVE-2013-5651 at NVDCVE-2013-6436 at SUSECVE-2013-6436 at NVDCVE-2013-6456 at SUSECVE-2013-6456 at NVDCVE-2013-6458 at SUSECVE-2013-6458 at NVDCVE-2014-0179 at SUSECVE-2014-0179 at NVDCVE-2014-1447 at SUSECVE-2014-1447 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libvirt (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libvirt fixes the following issues:
Security issues fixed:
- CVE-2017-5715: Spectre fixes for libvirt (bsc#1079869, bsc#1088147, bsc#1087887).
- CVE-2018-1064: Avoid denial of service reading from QEMU guest agent (bsc#1083625).
- CVE-2018-5748: Avoid denial of service reading from QEMU monitor (bsc#1076500).
Bug fixes:
- bsc#1025340: Use xend for nodeGetFreeMemory API.
- bsc#960742: Allow read access to script directories in libvirtd AppArmor profile.
- bsc#936233: Introduce qemuDomainDefCheckABIStability.
ImportantSUSE bug 1025340SUSE bug 1076500SUSE bug 1079869SUSE bug 1083625SUSE bug 1087887SUSE bug 1088147SUSE bug 936233SUSE bug 960742CVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2018-1064 at SUSECVE-2018-1064 at NVDCVE-2018-5748 at SUSECVE-2018-5748 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for libvirt (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libvirt fixes the following issues:
- CVE-2018-3639: cpu: add support for 'ssbd' and 'virt-ssbd' CPUID feature bits pass through.
ImportantSUSE bug 1092885CVE-2018-3639 at SUSECVE-2018-3639 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for libvirt (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libvirt fixes the following issues:
Security issue fixed:
- CVE-2019-3886: Fixed a information exposure which allowed to retrieve the guest
hostname under readonly mode (bsc#1131595).
ModerateSUSE bug 1131595CVE-2019-3886 at SUSECVE-2019-3886 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libvirt (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libvirt fixes the following issues:
Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)
- CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)
- CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)
- CVE-2018-12130: Microarchitectural Load Port Data Sampling (MLPDS)
- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
These updates contain the libvirt adjustments, that pass through the new 'md-clear' CPU flag (bsc#1135273).
For more information on this set of vulnerabilities, check out https://www.suse.com/support/kb/doc/?id=7023736
ImportantSUSE bug 1111331SUSE bug 1135273CVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libvirt (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libvirt fixes the following issues:
Security issue fixed:
- CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path
parameter pointing anywhere on the system and potentially leading to execution
of a malicious file with root privileges by libvirtd (bsc#1138301).
ImportantSUSE bug 1138301CVE-2019-10161 at SUSECVE-2019-10161 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libvirt (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libvirt fixes the following issues:
Security issue fixed:
- CVE-2016-5008: Fixed an issue where an empty VNC password would disables authentication (bsc#987527).
Non-security issue fixed:
- Fixed an issue where increasing the RAM or CPUs over a certain threshold would lead to soft lockups (bsc#952889).
ModerateSUSE bug 952889SUSE bug 987527CVE-2016-5008 at SUSECVE-2016-5008 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libvirt (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libvirt fixes the following issues:
- CVE-2022-0897: Fixed a crash in nwfilter when counting number of network filters (bsc#1197636).
ModerateSUSE bug 1197636CVE-2022-0897 at SUSECVE-2022-0897 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for LibVNCServer (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The libvncserver package was updated to fix the following security issues:
- bsc#897031: fix several security issues:
* CVE-2014-6051: Integer overflow in MallocFrameBuffer() on client side.
* CVE-2014-6052: Lack of malloc() return value checking on client side.
* CVE-2014-6053: Server crash on a very large ClientCutText message.
* CVE-2014-6054: Server crash when scaling factor is set to zero.
* CVE-2014-6055: Multiple stack overflows in File Transfer feature.
ModerateSUSE bug 897031CVE-2014-6051 at SUSECVE-2014-6051 at NVDCVE-2014-6052 at SUSECVE-2014-6052 at NVDCVE-2014-6053 at SUSECVE-2014-6053 at NVDCVE-2014-6054 at SUSECVE-2014-6054 at NVDCVE-2014-6055 at SUSECVE-2014-6055 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libvorbis (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libvorbis fixes the following issues:
- CVE-2017-14633: out-of-bounds array read vulnerability exists in
function mapping0_forward() could lead to remote denial of service (bsc#1059811)
- CVE-2017-14632: Remote Code Execution upon freeing uninitialized
memory in function vorbis_analysis_headerout(bsc#1059809)
ModerateSUSE bug 1059809SUSE bug 1059811CVE-2017-14632 at SUSECVE-2017-14632 at NVDCVE-2017-14633 at SUSECVE-2017-14633 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libvorbis (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libvorbis fixes the following issues:
- CVE-2018-5146: Fixed out of bounds memory write while processing Vorbis audio data (bsc#1085687).
ModerateSUSE bug 1085687CVE-2018-5146 at SUSECVE-2018-5146 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libvorbis (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libvorbis fixes the following issues:
Security issues fixed:
- CVE-2018-10393: Fixed stack-based buffer over-read in bark_noise_hybridm (bsc#1091072).
- CVE-2017-14160: Fixed out-of-bounds access inside bark_noise_hybridmp function (bsc#1059812).
ModerateSUSE bug 1059812SUSE bug 1091072CVE-2017-14160 at SUSECVE-2017-14160 at NVDCVE-2018-10393 at SUSECVE-2018-10393 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libvorbis (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libvorbis fixes the following issues:
The following security issue was fixed:
- Fixed the validation of channels in mapping0_forward(), which previously
allowed remote attackers to cause a denial of service via specially crafted
files (CVE-2018-10392, bsc#1091070)
ModerateSUSE bug 1091070CVE-2018-10392 at SUSECVE-2018-10392 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openwsmanSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update adds a configuration option to disable SSLv2 and SSLv3 in
openwsman. This is required to mitigate CVE-2014-3566.
To use the new option, edit /etc/openwsman/openwsman.conf and add the
following line to the [server] section:
ssl_disabled_protocols = SSLv2 SSLv3
Security Issues:
* CVE-2014-3566
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566>
SUSE bug 901882CVE-2014-3566 at SUSECVE-2014-3566 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libxml2SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes a denial of service via recursive entity expansion.
(CVE-2014-3660)
Security Issues:
* CVE-2014-3660
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660>
SUSE bug 829077SUSE bug 854869SUSE bug 901546CVE-2013-2877 at SUSECVE-2013-2877 at NVDCVE-2014-3660 at SUSECVE-2014-3660 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 fixes two security issues:
- libxml2 limits the number of recursions an XML document can contain so to protect against the 'Billion Laughs' denial-of-service attack. Unfortunately, the underlying counter was not incremented properly in all necessary locations. Therefore, specially crafted XML documents could exhaust all available stack space and crash the XML parser without running into the recursion limit. This vulnerability has been fixed. (bsc#975947)
- When running in recovery mode, certain invalid XML documents would trigger an infinite recursion in libxml2 that ran until all stack space was exhausted. This vulnerability could have been used to facilitate a denial-of-sevice attack. (CVE-2016-3627, bsc#972335)
ModerateSUSE bug 972335SUSE bug 975947CVE-2016-3627 at SUSECVE-2016-3627 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 fixes the following security issues:
- CVE-2016-2073, CVE-2015-8806, CVE-2016-1839: A Heap-buffer overread
was fixed in libxml2/dict.c [bsc#963963, bsc#965283, bsc#981114].
- CVE-2016-4483: Code was added to avoid an out of bound access when
serializing malformed strings [bsc#978395].
- CVE-2016-1762: Fixed a heap-based buffer overread in xmlNextChar [bsc#981040].
- CVE-2016-1834: Fixed a heap-buffer-overflow in xmlStrncat [bsc#981041].
- CVE-2016-1833: Fixed a heap-based buffer overread in htmlCurrentChar [bsc#981108].
- CVE-2016-1835: Fixed a heap use-after-free in xmlSAX2AttributeNs [bsc#981109].
- CVE-2016-1837: Fixed a heap use-after-free in htmlParsePubidLiteral
and htmlParseSystemiteral [bsc#981111].
- CVE-2016-1838: Fixed a heap-based buffer overread in
xmlParserPrintFileContextInternal [bsc#981112].
- CVE-2016-1840: Fixed a heap-buffer-overflow in xmlFAParsePosCharGroup [bsc#981115].
- CVE-2016-4447: Fixed a heap-based buffer-underreads due to xmlParseName [bsc#981548].
- CVE-2016-4448: Fixed some format string warnings with possible format
string vulnerability [bsc#981549],
- CVE-2016-4449: Fixed inappropriate fetch of entities content [bsc#981550].
- CVE-2016-3705: Fixed missing increment of recursion counter.
ImportantSUSE bug 963963SUSE bug 965283SUSE bug 978395SUSE bug 981040SUSE bug 981041SUSE bug 981108SUSE bug 981109SUSE bug 981111SUSE bug 981112SUSE bug 981114SUSE bug 981115SUSE bug 981548SUSE bug 981549SUSE bug 981550CVE-2015-8806 at SUSECVE-2015-8806 at NVDCVE-2016-1762 at SUSECVE-2016-1762 at NVDCVE-2016-1833 at SUSECVE-2016-1833 at NVDCVE-2016-1834 at SUSECVE-2016-1834 at NVDCVE-2016-1835 at SUSECVE-2016-1835 at NVDCVE-2016-1837 at SUSECVE-2016-1837 at NVDCVE-2016-1838 at SUSECVE-2016-1838 at NVDCVE-2016-1839 at SUSECVE-2016-1839 at NVDCVE-2016-1840 at SUSECVE-2016-1840 at NVDCVE-2016-2073 at SUSECVE-2016-2073 at NVDCVE-2016-3705 at SUSECVE-2016-3705 at NVDCVE-2016-4447 at SUSECVE-2016-4447 at NVDCVE-2016-4448 at SUSECVE-2016-4448 at NVDCVE-2016-4449 at SUSECVE-2016-4449 at NVDCVE-2016-4483 at SUSECVE-2016-4483 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Recommended update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 fixes an issue when processing external entities introduced
with the fix for CVE-2014-0191.
ModerateSUSE bug 996079CVE-2014-0191 at SUSECVE-2014-0191 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 fixes the following issues:
- CVE-2016-4658: Use after free via namespace node in XPointer ranges (bsc#1005544).
ModerateSUSE bug 1005544CVE-2016-4658 at SUSECVE-2016-4658 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 fixes the following issues:
* CVE-2016-9318: libxml2 did not offer a flag directly indicating that the current document may be read but other files may not be opened, which made it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document (bsc#1010675).
* Prevent NULL dereference in xpointer.c and xmlDumpElementContent, and infinite recursion in xmlParseConditionalSections when in recovery mode(bnc#1014873)
ModerateSUSE bug 1010675SUSE bug 1014873CVE-2016-9318 at SUSECVE-2016-9318 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 fixes the following issues:
Security issues fixed:
- CVE-2017-9050: heap-based buffer overflow (xmlDictAddString func) [bsc#1039069, bsc#1039661]
- CVE-2017-9049: heap-based buffer overflow (xmlDictComputeFastKey func) [bsc#1039066]
- CVE-2017-9048: stack overflow vulnerability (xmlSnprintfElementContent func) [bsc#1039063]
- CVE-2017-9047: stack overflow vulnerability (xmlSnprintfElementContent func) [bsc#1039064]
A clarification for the previously released update: For CVE-2016-9318 we decided
not to ship a fix since it can break existing setups. Please take appropriate
actions if you parse untrusted XML files and use the new -noxxe flag if
possible (bnc#1010675, bnc#1013930).
ModerateSUSE bug 1010675SUSE bug 1013930SUSE bug 1039063SUSE bug 1039064SUSE bug 1039066SUSE bug 1039069SUSE bug 1039661CVE-2016-9318 at SUSECVE-2016-9318 at NVDCVE-2017-9047 at SUSECVE-2017-9047 at NVDCVE-2017-9048 at SUSECVE-2017-9048 at NVDCVE-2017-9049 at SUSECVE-2017-9049 at NVDCVE-2017-9050 at SUSECVE-2017-9050 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 fixes the following issues:
Security issues fixed:
* CVE-2017-0663: Fixed a heap buffer overflow in xmlAddID (bsc#1044337)
* CVE-2017-5969: Fixed a NULL pointer deref in xmlDumpElementContent (bsc#1024989)
* CVE-2017-7375: Prevented an unwanted external entity reference (bsc#1044894)
* CVE-2017-7376: Increase buffer space for port in HTTP redirect support (bsc#1044887)
ModerateSUSE bug 1024989SUSE bug 1044337SUSE bug 1044887SUSE bug 1044894CVE-2017-0663 at SUSECVE-2017-0663 at NVDCVE-2017-5969 at SUSECVE-2017-5969 at NVDCVE-2017-7375 at SUSECVE-2017-7375 at NVDCVE-2017-7376 at SUSECVE-2017-7376 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 fixes the following issues:
- CVE-2017-8872: Out-of-bounds read could lead to application crash (bsc#1038444)
ModerateSUSE bug 1038444CVE-2017-8872 at SUSECVE-2017-8872 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 fixes several issues.
Theses security issues were fixed:
- CVE-2017-16932: Fixed infinite recursion could lead to an infinite loop or
memory exhaustion when expanding a parameter entity in a DTD (bsc#1069689).
- CVE-2017-15412: Prevent use after free when calling XPath extension functions
that allowed remote attackers to cause DoS or potentially RCE (bsc#1077993)
- CVE-2016-5131: Use-after-free vulnerability in libxml2 allowed
remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to the XPointer range-to
function. (bsc#1078813)
- CVE-2017-5130: Fixed a potential remote buffer overflow in function
xmlMemoryStrdup() (bsc#1078806)
ModerateSUSE bug 1069689SUSE bug 1077993SUSE bug 1078806SUSE bug 1078813CVE-2016-5131 at SUSECVE-2016-5131 at NVDCVE-2017-15412 at SUSECVE-2017-15412 at NVDCVE-2017-16932 at SUSECVE-2017-16932 at NVDCVE-2017-5130 at SUSECVE-2017-5130 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 fixes the following issues:
Security issue fixed:
- CVE-2018-14404: Prevent NULL pointer dereference in the xmlXPathCompOpEval()
function when parsing an invalid XPath expression in the XPATH_OP_AND or
XPATH_OP_OR case leading to a denial of service attack (bsc#1102046)
Other Issue fixed:
- Fixed a bug related to the fix for CVE-2016-9318 which allowed xsltproc to access
the internet even when --nonet was given and also was making docbook-xsl-stylesheets to have
incomplete xml catalog file (bsc#1010675, bsc#1126613 and bsc#1110146).
ModerateSUSE bug 1010675SUSE bug 1102046SUSE bug 1110146SUSE bug 1126613CVE-2016-9318 at SUSECVE-2016-9318 at NVDCVE-2018-14404 at SUSECVE-2018-14404 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 doesn't fix any additional security issues, but correct its rpm changelog to reflect
all CVEs that have been fixed over the past.
LowSUSE bug 1123919cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 fixes the following issues:
- CVE-2019-20388: Fixed a memory leak in xmlSchemaPreRun (bsc#1161521).
- CVE-2020-7595: Fixed an infinite loop in an EOF situation (bsc#1161517).
- CVE-2019-19956: Fixed a memory leak in xmlParseBalancedChunkMemoryRecover (bsc#1159928).
ModerateSUSE bug 1159928SUSE bug 1161517SUSE bug 1161521CVE-2019-19956 at SUSECVE-2019-19956 at NVDCVE-2019-20388 at SUSECVE-2019-20388 at NVDCVE-2020-7595 at SUSECVE-2020-7595 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 fixes the following issues:
- CVE-2020-24977: Fixed a global-buffer-overflow in xmlEncodeEntitiesInternal (bsc#1176179).
ModerateSUSE bug 1176179CVE-2020-24977 at SUSECVE-2020-24977 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 fixes the following issues:
- CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess (bsc#1185408).
- CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal (bsc#1185410).
- CVE-2021-3516: Fixed a use after free in xmlEncodeEntitiesInternal() in entities.c (bsc#1185409)
ModerateSUSE bug 1185408SUSE bug 1185409SUSE bug 1185410CVE-2014-0191 at SUSECVE-2014-0191 at NVDCVE-2021-3516 at SUSECVE-2021-3516 at NVDCVE-2021-3517 at SUSECVE-2021-3517 at NVDCVE-2021-3518 at SUSECVE-2021-3518 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 fixes the following issues:
Security issues fixed:
- CVE-2021-3537: NULL pointer dereference in valid.c:xmlValidBuildAContentModel (bsc#1185698)
- CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess (bsc#1185408).
- CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal (bsc#1185410).
- CVE-2021-3516: Fixed a use after free in xmlEncodeEntitiesInternal() in entities.c (bsc#1185409)
- CVE-2020-24977: Fixed a global-buffer-overflow in xmlEncodeEntitiesInternal (bsc#1176179).
- CVE-2019-20388: Fixed a memory leak in xmlSchemaPreRun (bsc#1161521).
- CVE-2020-7595: Fixed an infinite loop in an EOF situation (bsc#1161517).
- CVE-2019-19956: Fixed a memory leak in xmlParseBalancedChunkMemoryRecover (bsc#1159928).
ImportantSUSE bug 1159928SUSE bug 1161517SUSE bug 1161521SUSE bug 1176179SUSE bug 1185408SUSE bug 1185409SUSE bug 1185410SUSE bug 1185698CVE-2014-0191 at SUSECVE-2014-0191 at NVDCVE-2019-19956 at SUSECVE-2019-19956 at NVDCVE-2019-20388 at SUSECVE-2019-20388 at NVDCVE-2020-24977 at SUSECVE-2020-24977 at NVDCVE-2020-7595 at SUSECVE-2020-7595 at NVDCVE-2021-3516 at SUSECVE-2021-3516 at NVDCVE-2021-3517 at SUSECVE-2021-3517 at NVDCVE-2021-3518 at SUSECVE-2021-3518 at NVDCVE-2021-3537 at SUSECVE-2021-3537 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 fixes the following issues:
- CVE-2021-3541: Fixed exponential entity expansion attack that could bypass all existing protection mechanisms (bsc#1186015).
ModerateSUSE bug 1186015CVE-2021-3541 at SUSECVE-2021-3541 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 fixes the following issues:
- CVE-2022-23308: Fixed a use-after-free of ID and IDREF attributes (bsc#1196490).
ImportantSUSE bug 1196490CVE-2022-23308 at SUSECVE-2022-23308 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 fixes the following issues:
- CVE-2022-29824: Fixed integer overflow leading to out-of-bounds write in buf.c and tree.c (bsc#1199132).
ImportantSUSE bug 1199132CVE-2022-29824 at SUSECVE-2022-29824 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 fixes the following issues:
- CVE-2022-40304: Fixed dict corruption caused by entity reference cycles (bsc#1204367).
- CVE-2022-29824: Fixed integer overflow leading to out-of-bounds write in buf.c (bsc#1199132).
ImportantSUSE bug 1199132SUSE bug 1204367CVE-2022-29824 at SUSECVE-2022-29824 at NVDCVE-2022-40304 at SUSECVE-2022-40304 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxml2 fixes the following issues:
- CVE-2023-29469: Fixed inconsistent result when hashing empty strings (bsc#1210412).
- CVE-2023-28484: Fixed NULL pointer dereference in xmlSchemaFixupComplexType (bsc#1210411).
ModerateSUSE bug 1210411SUSE bug 1210412CVE-2023-28484 at SUSECVE-2023-28484 at NVDCVE-2023-29469 at SUSECVE-2023-29469 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes the following security issues:
* CVE-2015-1819 Enforce the reader to run in constant memory [bnc#928193]
* CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors [bnc#951734]
* CVE-2015-7942 Fix another variation of overflow in Conditional sections [bnc#951735]
* CVE-2015-8241 Avoid extra processing of MarkupDecl when EOF [bnc#956018]
* CVE-2015-8242 Buffer overead with HTML parser in push mode [bnc#956021]
* CVE-2015-8317 Return if the encoding declaration is broken or encoding conversion failed [bnc#956260]
* CVE-2015-5312 Fix another entity expansion issue [bnc#957105]
* CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey [bnc#957106]
* CVE-2015-7498 Processes entities after encoding conversion failures [bnc#957107]
* CVE-2015-7499 Add xmlHaltParser() to stop the parser / Detect incoherency on GROW [bnc#957109]
* CVE-2015-7500 Fix memory access error due to incorrect entities boundaries [bnc#957110]
ModerateSUSE bug 928193SUSE bug 951734SUSE bug 951735SUSE bug 956018SUSE bug 956021SUSE bug 956260SUSE bug 957105SUSE bug 957106SUSE bug 957107SUSE bug 957109SUSE bug 957110CVE-2015-1819 at SUSECVE-2015-1819 at NVDCVE-2015-5312 at SUSECVE-2015-5312 at NVDCVE-2015-7497 at SUSECVE-2015-7497 at NVDCVE-2015-7498 at SUSECVE-2015-7498 at NVDCVE-2015-7499 at SUSECVE-2015-7499 at NVDCVE-2015-7500 at SUSECVE-2015-7500 at NVDCVE-2015-7941 at SUSECVE-2015-7941 at NVDCVE-2015-7942 at SUSECVE-2015-7942 at NVDCVE-2015-8241 at SUSECVE-2015-8241 at NVDCVE-2015-8242 at SUSECVE-2015-8242 at NVDCVE-2015-8317 at SUSECVE-2015-8317 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for libxml2 fixes the following security issue:
- CVE-2015-8710: Parsing short unclosed HTML comment could cause uninitialized memory access, which allowed remote attackers to read contents from previous HTTP requests depending on the application (bsc#960674)
ModerateSUSE bug 960674CVE-2015-8710 at SUSECVE-2015-8710 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libxsltSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
libxslt received a security update to fix a security issue:
* CVE-2013-4520: The XSL implementation in libxslt allowed remote
attackers to cause a denial of service (crash) via an invalid DTD.
(addendum due to incomplete fix for CVE-2012-2825)
Security Issue references:
* CVE-2012-6139
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6139>
* CVE-2012-2825
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2825>
* CVE-2011-3970
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3970>
SUSE bug 849019CVE-2011-3970 at SUSECVE-2011-3970 at NVDCVE-2012-2825 at SUSECVE-2012-2825 at NVDCVE-2012-6139 at SUSECVE-2012-6139 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for libxslt (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxslt fixes the following issues:
- CVE-2017-5029: The xsltAddTextString function in transform.c lacked a check
for integer overflow during a size calculation, which allowed a remote attacker
to perform an out of bounds memory write via a crafted HTML page (bsc#1035905).
- CVE-2016-4738: Fix heap overread in xsltFormatNumberConversion: An empty decimal-separator
could cause a heap overread. This can be exploited to leak a couple of bytes after
the buffer that holds the pattern string (bsc#1005591).
- CVE-2015-9019: Properly initialize random generator (bsc#934119).
- CVE-2015-7995: Vulnerability in function xsltStylePreCompute' in preproc.c could cause a
type confusion leading to DoS. (bsc#952474)
ModerateSUSE bug 1005591SUSE bug 1035905SUSE bug 934119SUSE bug 952474CVE-2015-7995 at SUSECVE-2015-7995 at NVDCVE-2015-9019 at SUSECVE-2015-9019 at NVDCVE-2016-4738 at SUSECVE-2016-4738 at NVDCVE-2017-5029 at SUSECVE-2017-5029 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxslt (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxslt fixes the following issues:
Security issue fixed:
- CVE-2019-11068: Fixed a protection mechanism bypass where callers of
xsltCheckRead() and xsltCheckWrite() would permit access upon receiving an
error (bsc#1132160).
ModerateSUSE bug 1132160CVE-2019-11068 at SUSECVE-2019-11068 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxslt (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxslt fixes the following issues:
Security issues fixed:
- CVE-2019-13118: Fixed a read of uninitialized stack data (bsc#1140101).
- CVE-2019-13117: Fixed a uninitialized read which allowed to discern whether a byte on the stack contains certain special characters (bsc#1140095).
- CVE-2019-18197: Fixed a dangling pointer in xsltCopyText which may have led to information disclosure (bsc#1154609).
ModerateSUSE bug 1140095SUSE bug 1140101SUSE bug 1154609CVE-2019-11068 at SUSECVE-2019-11068 at NVDCVE-2019-13117 at SUSECVE-2019-13117 at NVDCVE-2019-13118 at SUSECVE-2019-13118 at NVDCVE-2019-18197 at SUSECVE-2019-18197 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libxslt (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libxslt fixes the following issues:
- CVE-2021-30560: Fixing a use after free vulnerability in Blink XSLT (bsc#1208574).
ImportantSUSE bug 1208574CVE-2021-30560 at SUSECVE-2021-30560 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libyajl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libyajl fixes the following issues:
- CVE-2022-24795: Fixed heap-based buffer overflow when handling large inputs (bsc#1198405).
ModerateSUSE bug 1198405CVE-2022-24795 at SUSECVE-2022-24795 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for libzyppSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
libzypp did not handle multiple gpg pubkeys in the repomd.xml.key and
content.key consistently and secure. Attackers could have exploited this to
add their own keys and pretend it's from SUSE.
Security Issue reference:
* CVE-2013-3704
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3704>
SUSE bug 825490SUSE bug 828672CVE-2013-3704 at SUSECVE-2013-3704 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2015-8970: crypto/algif_skcipher.c in the Linux kernel did not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted application that did not supply a key, related to the lrw_crypt function in crypto/lrw.c (bnc#1008374).
- CVE-2017-5551: Clear S_ISGID on tmpfs when setting posix ACLs (bsc#1021258).
- CVE-2016-7097: The filesystem implementation in the Linux kernel preserves the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions (bnc#995968).
- CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bnc#1017710).
- CVE-2004-0230: TCP, when using a large Window Size, made it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP (bnc#969340).
- CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831).
- CVE-2016-8399: An elevation of privilege vulnerability in the kernel networking subsystem could have enabled a local malicious application to execute arbitrary code within the context of the kernel bnc#1014746).
- CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531).
- CVE-2012-6704: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option (bnc#1013542).
- CVE-2016-9756: arch/x86/kvm/emulate.c in the Linux kernel did not properly initialize Code Segment (CS) in certain error cases, which allowed local users to obtain sensitive information from kernel stack memory via a crafted application (bnc#1013038).
- CVE-2016-3841: The IPv6 stack in the Linux kernel mishandled options data, which allowed local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call (bnc#992566).
- CVE-2016-9685: Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel allowed local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations (bnc#1012832).
- CVE-2015-1350: The VFS subsystem in the Linux kernel provided an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allowed local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program (bnc#914939).
- CVE-2015-8962: Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call (bnc#1010501).
- CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacked chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685).
- CVE-2016-7910: Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel allowed local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed (bnc#1010716).
- CVE-2016-7911: Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call (bnc#1010711).
- CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a tty data structure (bnc#1010507).
- CVE-2016-7916: Race condition in the environ_read function in fs/proc/base.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete (bnc#1010467).
- CVE-2016-8646: The hash_accept function in crypto/algif_hash.c in the Linux kernel allowed local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data (bnc#1010150).
- CVE-2016-8633: drivers/firewire/net.c in the Linux kernel in certain unusual hardware configurations allowed remote attackers to execute arbitrary code via crafted fragmented packets (bnc#1008833).
- CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in the Linux, when the GNU Compiler Collection (gcc) stack protector is enabled, used an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bnc#1004517).
- CVE-2015-8956: The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel allowed local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket (bnc#1003925).
- CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077).
- CVE-2016-0823: The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel allowed local users to obtain sensitive physical-address information by reading a pagemap file (bnc#994759).
- CVE-2016-7425: The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel did not restrict a certain length field, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code (bnc#999932).
- CVE-2016-6828: The tcp_check_send_head function in include/net/tcp.h in the Linux kernel did not properly maintain certain SACK state after a failed data copy, which allowed local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option (bnc#994296).
The following non-security bugs were fixed:
- Always include the git commit in KOTD builds. This allows us not to set it explicitly in builds submitted to the official distribution (bnc#821612, bnc#824171).
- KVM: x86: SYSENTER emulation is broken (bsc#994618).
- NFS: Do not disconnect open-owner on NFS4ERR_BAD_SEQID (bsc#989261).
- NFS: Refresh open-owner id when server says SEQID is bad (bsc#989261).
- NFSv4: Ensure that we do not drop a state owner more than once (bsc#979595).
- NFSv4: add flock_owner to open context (bnc#998689).
- NFSv4: change nfs4_do_setattr to take an open_context instead of a nfs4_state (bnc#998689).
- NFSv4: change nfs4_select_rw_stateid to take a lock_context inplace of lock_owner (bnc#998689).
- NFSv4: enhance nfs4_copy_lock_stateid to use a flock stateid if there is one (bnc#998689).
- NFSv4: fix broken patch relating to v4 read delegations (bsc#956514, bsc#989261, bsc#979595).
- SELinux: Fix possible NULL pointer dereference in selinux_inode_permission() (bsc#1012895).
- USB: fix typo in wMaxPacketSize validation (bsc#991665).
- USB: validate wMaxPacketValue entries in endpoint descriptors (bnc#991665).
- Update patches.xen/xen3-auto-arch-x86.diff (bsc#929141, among others).
- __ptrace_may_access() should not deny sub-threads (bsc#1012851).
- apparmor: fix IRQ stack overflow during free_profile (bsc#1009875).
- arch/powerpc: Remove duplicate/redundant Altivec entries (bsc#967716).
- cdc-acm: added sanity checking for probe() (bsc#993891).
- include/linux/math64.h: add div64_ul() (bsc#996329).
- kabi-fix for flock_owner addition (bsc#998689).
- kabi: get back scsi_device.current_cmnd (bsc#935436).
- kaweth: fix firmware download (bsc#993890).
- kaweth: fix oops upon failed memory allocation (bsc#993890).
- kexec: add a kexec_crash_loaded() function (bsc#973691).
- md linear: fix a race between linear_add() and linear_congested() (bsc#1018446).
- mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] (bsc#1011820).
- mpt3sas: Fix panic when aer correct error occurred (bsc#997708, bsc#999943).
- mremap: enforce rmap src/dst vma ordering in case of vma_merge() succeeding in copy_vma() (VM Functionality, bsc#1008645).
- nfs4: reset states to use open_stateid when returning delegation voluntarily (bsc#1007944).
- ocfs2: fix BUG_ON() in ocfs2_ci_checkpointed() (bnc#1019783).
- posix-timers: Remove remaining uses of tasklist_lock (bnc#997401).
- posix-timers: Use sighand lock instead of tasklist_lock for task clock sample (bnc#997401).
- posix-timers: Use sighand lock instead of tasklist_lock on timer deletion (bnc#997401).
- powerpc: Add ability to build little endian kernels (bsc#967716).
- powerpc: Avoid load of static chain register when calling nested functions through a pointer on 64bit (bsc#967716).
- powerpc: Do not build assembly files with ABIv2 (bsc#967716).
- powerpc: Do not use ELFv2 ABI to build the kernel (bsc#967716).
- powerpc: Fix 64 bit builds with binutils 2.24 (bsc#967716).
- powerpc: Fix error when cross building TAGS and cscope (bsc#967716).
- powerpc: Make the vdso32 also build big-endian (bsc#967716).
- powerpc: Remove altivec fix for gcc versions before 4.0 (bsc#967716).
- powerpc: Remove buggy 9-year-old test for binutils lower than 2.12.1 (bsc#967716).
- powerpc: Require gcc 4.0 on 64-bit (bsc#967716).
- powerpc: dtc is required to build dtb files (bsc#967716).
- printk/sched: Introduce special printk_sched() for those awkward (bsc#1013042, bsc#996541, bsc#1015878).
- qlcnic: Schedule napi directly in netpoll (bsc#966826).
- reiserfs: fix race in prealloc discard (bsc#987576).
- rpm/config.sh: Set a fitting release string (bsc#997059)
- rpm/kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)
- rpm/mkspec: Read a default release string from rpm/config.sh (bsc997059)
- s390/dasd: fix failfast for disconnected devices (bnc#961923, LTC#135138).
- sched/core: Fix a race between try_to_wake_up() and a woken up task (bnc#1002165).
- sched/core: Fix an SMP ordering race in try_to_wake_up() vs. schedule() (bnc#1001419).
- sched: Fix possible divide by zero in avg_atom() calculation (bsc#996329).
- scsi: lpfc: Set elsiocb contexts to NULL after freeing it (bsc#996557).
- scsi: remove current_cmnd field from struct scsi_device (bsc#935436).
- x86/MCE/intel: Cleanup CMCI storm logic (bsc#929141).
- xfs: remove the deprecated nodelaylog option (bsc#992906).
ImportantSUSE bug 1001419SUSE bug 1002165SUSE bug 1003077SUSE bug 1003253SUSE bug 1003925SUSE bug 1004517SUSE bug 1007944SUSE bug 1008374SUSE bug 1008645SUSE bug 1008831SUSE bug 1008833SUSE bug 1008850SUSE bug 1009875SUSE bug 1010150SUSE bug 1010467SUSE bug 1010501SUSE bug 1010507SUSE bug 1010711SUSE bug 1010713SUSE bug 1010716SUSE bug 1011685SUSE bug 1011820SUSE bug 1012183SUSE bug 1012422SUSE bug 1012832SUSE bug 1012851SUSE bug 1012852SUSE bug 1012895SUSE bug 1013038SUSE bug 1013042SUSE bug 1013531SUSE bug 1013542SUSE bug 1014454SUSE bug 1014746SUSE bug 1015878SUSE bug 1017710SUSE bug 1018446SUSE bug 1019079SUSE bug 1019783SUSE bug 1021258SUSE bug 821612SUSE bug 824171SUSE bug 914939SUSE bug 929141SUSE bug 935436SUSE bug 956514SUSE bug 961923SUSE bug 966826SUSE bug 967716SUSE bug 969340SUSE bug 973691SUSE bug 979595SUSE bug 987576SUSE bug 989152SUSE bug 989261SUSE bug 991665SUSE bug 992566SUSE bug 992569SUSE bug 992906SUSE bug 992991SUSE bug 993890SUSE bug 993891SUSE bug 994296SUSE bug 994618SUSE bug 994759SUSE bug 995968SUSE bug 996329SUSE bug 996541SUSE bug 996557SUSE bug 997059SUSE bug 997401SUSE bug 997708SUSE bug 998689SUSE bug 999932SUSE bug 999943CVE-2004-0230 at SUSECVE-2004-0230 at NVDCVE-2012-6704 at SUSECVE-2012-6704 at NVDCVE-2015-1350 at SUSECVE-2015-1350 at NVDCVE-2015-8956 at SUSECVE-2015-8956 at NVDCVE-2015-8962 at SUSECVE-2015-8962 at NVDCVE-2015-8964 at SUSECVE-2015-8964 at NVDCVE-2015-8970 at SUSECVE-2015-8970 at NVDCVE-2016-0823 at SUSECVE-2016-0823 at NVDCVE-2016-10088 at SUSECVE-2016-10088 at NVDCVE-2016-3841 at SUSECVE-2016-3841 at NVDCVE-2016-6828 at SUSECVE-2016-6828 at NVDCVE-2016-7042 at SUSECVE-2016-7042 at NVDCVE-2016-7097 at SUSECVE-2016-7097 at NVDCVE-2016-7117 at SUSECVE-2016-7117 at NVDCVE-2016-7425 at SUSECVE-2016-7425 at NVDCVE-2016-7910 at SUSECVE-2016-7910 at NVDCVE-2016-7911 at SUSECVE-2016-7911 at NVDCVE-2016-7916 at SUSECVE-2016-7916 at NVDCVE-2016-8399 at SUSECVE-2016-8399 at NVDCVE-2016-8632 at SUSECVE-2016-8632 at NVDCVE-2016-8633 at SUSECVE-2016-8633 at NVDCVE-2016-8646 at SUSECVE-2016-8646 at NVDCVE-2016-9555 at SUSECVE-2016-9555 at NVDCVE-2016-9685 at SUSECVE-2016-9685 at NVDCVE-2016-9756 at SUSECVE-2016-9756 at NVDCVE-2016-9793 at SUSECVE-2016-9793 at NVDCVE-2017-5551 at SUSECVE-2017-5551 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for lldpad (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for lldpad fixes the following issues:
- CVE-2018-10932: Fixed improper sanitization of shell-escape codes (bsc#1104624).
ModerateSUSE bug 1104624CVE-2018-10932 at SUSECVE-2018-10932 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for log4j (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for log4j fixes the following issues:
- CVE-2019-17571: Fixed a remote code execution by deserialization of untrusted data in SocketServer (bsc#1159646).
ImportantSUSE bug 1159646CVE-2019-17571 at SUSECVE-2019-17571 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for log4j (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for log4j fixes the following issues:
- CVE-2021-4104: Disable the JMSAppender class from log4j to protect against
the log4jshell vulnerability. [bsc#1193662]
ImportantSUSE bug 1193662CVE-2021-4104 at SUSECVE-2021-4104 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for log4j (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for log4j fixes the following issues:
- CVE-2022-23307: Fixed deserialization flaw in the chainsaw component of log4j leading to malicious code execution. (bsc#1194844)
- CVE-2022-23305: Fixed SQL injection when application is configured to use JDBCAppender. (bsc#1194843)
- CVE-2022-23302: Fixed remote code execution when application is configured to use JMSSink. (bsc#1194842)
ImportantSUSE bug 1194842SUSE bug 1194843SUSE bug 1194844CVE-2022-23302 at SUSECVE-2022-23302 at NVDCVE-2022-23305 at SUSECVE-2022-23305 at NVDCVE-2022-23307 at SUSECVE-2022-23307 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for log4net (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for log4net fixes the following issues:
- CVE-2018-1285: Fixed XXE in applications that accept arbitrary configuration files from users (bsc#1172193).
ModerateSUSE bug 1172193CVE-2018-1285 at SUSECVE-2018-1285 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for logrotate (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for logrotate fixes the following issues:
- Improved coredump handing for SUID binaries (bsc#1192449, bsc#1201712).
ImportantSUSE bug 1192449SUSE bug 1201712cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for lua (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for lua fixes the following issues:
- CVE-2020-15888: Fixed mishandled interaction between stack resizes and garbage collection (bsc#1174367).
ImportantSUSE bug 1174367CVE-2020-15888 at SUSECVE-2020-15888 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for lxcSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The container framework LXC has been updated to fix various bugs and a
security issue:
* CVE-2013-6441: The sshd template allowed privilege escalation on the
host.
* SLES container time not aligned with host time (bnc#839653)
* SLES container boot takes ages (bnc#839663)
* lxc mounts /dev/pts with wrong options (bnc#869663)
Security Issues:
* CVE-2013-6441
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6441>
SUSE bug 835585SUSE bug 839653SUSE bug 839663SUSE bug 855809SUSE bug 869663SUSE bug 924891SUSE bug 924892CVE-2013-6441 at SUSECVE-2013-6441 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for lxc (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
lxc was update to fix one security issue.
The following vulnerability was fixed:
* CVE-2015-1335: A directory traversal flaw while lxc-start is initially setting up the mounts for a container (bsc#946744)
ModerateSUSE bug 946744CVE-2015-1335 at SUSECVE-2015-1335 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for mailman (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mailman to version 2.1.15 fixes the following issues:
- CVE-2016-6893: Prevent cross-site request forgery (CSRF) vulnerability in the
user options page that allowed remote attackers to hijack the authentication of
arbitrary users for requests that modify an option (bsc#995352).
- Various other hardenings against CSFR attacks
For details please see https://launchpad.net/mailman/+milestone/2.1.15
ModerateSUSE bug 995352CVE-2016-6893 at SUSECVE-2016-6893 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mailman (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mailman fixes the following issues:
- Fixed a XSS vulnerability and information leak in user options CGI, which
could be used to execute arbitrary scripts in the user's browser via
specially encoded URLs (bsc#1077358 CVE-2018-5950)
- Fixed a directory traversal vulnerability in MTA transports when using the
recommended Mailman Transport for Exim (bsc#925502 CVE-2015-2775)
- Fixed a XSS vulnerability, which allowed malicious listowners to inject
scripts into the listinfo pages (bsc#1099510 CVE-2018-0618)
- Fixed arbitrary text injection vulnerability in several mailman CGIs
(CVE-2018-13796 bsc#1101288)
- Fixed a CSRF vulnerability on the user options page (CVE-2016-6893 bsc#995352)
ImportantSUSE bug 1077358SUSE bug 1099510SUSE bug 1101288SUSE bug 925502SUSE bug 995352CVE-2015-2775 at SUSECVE-2015-2775 at NVDCVE-2016-6893 at SUSECVE-2016-6893 at NVDCVE-2018-0618 at SUSECVE-2018-0618 at NVDCVE-2018-13796 at SUSECVE-2018-13796 at NVDCVE-2018-5950 at SUSECVE-2018-5950 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for mailman (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mailman fixes the following issues:
Security issue fixed:
- CVE-2016-6893: Fixed a Cross-site request forgery vulnerability in the admin web interface (bsc#997205).
Following bug was fixed:
- Allow CSRF check to pass in mailman web frontend if the list
name contains a '+' (bsc#1102416)
ImportantSUSE bug 1102416SUSE bug 997205CVE-2016-6893 at SUSECVE-2016-6893 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mailman (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mailman fixes the following issues:
- CVE-2019-3693: Fixed a local privilege escalation from wwwrun to root (bsc#1154328).
ImportantSUSE bug 1154328CVE-2019-3693 at SUSECVE-2019-3693 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mailman (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mailman fixes the following issues:
Security issue fixed:
- CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion (bsc#1170558).
Non-security issue fixed:
- Fixed rights and ownership on /var/lib/mailman/archives (bsc#1167068).
ImportantSUSE bug 1167068SUSE bug 1170558CVE-2020-12137 at SUSECVE-2020-12137 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mailman (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mailman fixes the following issues:
Security issue fixed:
- CVE-2020-12108: Fixed a content injection bug (bsc#1171363).
Non-security issue fixed:
- Don't default to invalid hosts for DEFAULT_EMAIL_HOST (bsc#682920).
ModerateSUSE bug 1171363SUSE bug 682920CVE-2020-12108 at SUSECVE-2020-12108 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mailman (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mailman fixes the following issues:
- CVE-2020-15011: Fixed a possible Arbitrary Content Injection via the private archive login page (bsc#1173369).
ImportantSUSE bug 1173369CVE-2020-15011 at SUSECVE-2020-15011 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mailman (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mailman fixes the following issues:
- CVE-2021-44227: Preventing list moderator or list member accessing the admin UI (bsc#1193316).
- CVE-2021-43332: Preventing list moderator from cracking the list admin password encrypted in a CSRF token (bsc#1192741).
- CVE-2021-43331: Fixed XSS in Cgi/options.py (bsc#1192735).
- CVE-2021-42096: Add protection against remote privilege escalation via csrf_token derived from admin password (bsc#1191959).
ImportantSUSE bug 1191959SUSE bug 1192735SUSE bug 1192741SUSE bug 1193316CVE-2021-42096 at SUSECVE-2021-42096 at NVDCVE-2021-43331 at SUSECVE-2021-43331 at NVDCVE-2021-43332 at SUSECVE-2021-43332 at NVDCVE-2021-44227 at SUSECVE-2021-44227 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for mailxSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for mailx enables IPv6 support and includes the following
fixes:
* Crop off the brackets of an ipv6 address if found. (bnc#853246)
* Enable mailx to parse IPv6 addresses including a port ([ipv6]:port).
(bnc#853246)
* Do not pseudo detect Latin nor UTF-8 in binary attachments.
(bnc#827010)
SUSE bug 827010SUSE bug 853246SUSE bug 909208SUSE bug 922543CVE-2004-2771 at SUSECVE-2004-2771 at NVDCVE-2014-7844 at SUSECVE-2014-7844 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for MozillaFirefox, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for MozillaFirefox, mozilla-nss fixes security issues and bugs.
The following vulnerabilities were fixed in Firefox ESR 45.5.1 (bsc#1009026 bsc#1012964):
- CVE-2016-9079: Use-after-free in SVG Animation (MFSA 2016-92 bsc#1012964)
- CVE-2016-5297: Incorrect argument length checking in Javascript (bsc#1010401)
- CVE-2016-9066: Integer overflow leading to a buffer overflow in nsScriptLoadHandler (bsc#1010404)
- CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1 (bsc#1010395)
- CVE-2016-9064: Addons update must verify IDs match between current and new versions (bsc#1010402)
- CVE-2016-5290: Memory safety bugs fixed in Firefox 50 and Firefox ESR 45.5 (bsc#1010427)
- CVE-2016-5291: Same-origin policy violation using local HTML file and saved shortcut file (bsc#1010410)
The following vulnerabilities were fixed in mozilla-nss 3.21.3:
- CVE-2016-9074: Insufficient timing side-channel resistance in divSpoiler (bsc#1010422)
- CVE-2016-5285: Missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime causes server crash (bsc#1010517)
The following bugs were fixed:
- Firefox would fail to go into fullscreen mode with some window managers (bsc#992549)
- font warning messages would flood console, now using fontconfig configuration from
firefox-fontconfig instead of the system one (bsc#1000751)
ImportantSUSE bug 1000751SUSE bug 1009026SUSE bug 1010395SUSE bug 1010401SUSE bug 1010402SUSE bug 1010404SUSE bug 1010410SUSE bug 1010422SUSE bug 1010427SUSE bug 1010517SUSE bug 1012964SUSE bug 992549CVE-2016-5285 at SUSECVE-2016-5285 at NVDCVE-2016-5290 at SUSECVE-2016-5290 at NVDCVE-2016-5291 at SUSECVE-2016-5291 at NVDCVE-2016-5296 at SUSECVE-2016-5296 at NVDCVE-2016-5297 at SUSECVE-2016-5297 at NVDCVE-2016-9064 at SUSECVE-2016-9064 at NVDCVE-2016-9066 at SUSECVE-2016-9066 at NVDCVE-2016-9074 at SUSECVE-2016-9074 at NVDCVE-2016-9079 at SUSECVE-2016-9079 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for mgetty (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mgetty fixes the following issues:
- CVE-2018-16741: The function do_activate() did not properly sanitize shell
metacharacters to prevent command injection (bsc#1108752)
- CVE-2018-16745: The mail_to parameter was not sanitized, leading to a buffer
overflow if long untrusted input reached it (bsc#1108756)
- CVE-2018-16744: The mail_to parameter was not sanitized, leading to command
injection if untrusted input reached reach it (bsc#1108757)
- CVE-2018-16742: Prevent stack-based buffer overflow that could have been
triggered via a command-line parameter (bsc#1108762)
- CVE-2018-16743: The command-line parameter username wsa passed unsanitized to
strcpy(), which could have caused a stack-based buffer overflow (bsc#1108761)
ImportantSUSE bug 1108752SUSE bug 1108756SUSE bug 1108757SUSE bug 1108761SUSE bug 1108762CVE-2018-16741 at SUSECVE-2018-16741 at NVDCVE-2018-16742 at SUSECVE-2018-16742 at NVDCVE-2018-16743 at SUSECVE-2018-16743 at NVDCVE-2018-16744 at SUSECVE-2018-16744 at NVDCVE-2018-16745 at SUSECVE-2018-16745 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mgetty (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mgetty fixes the following issues:
- CVE-2019-1010190: Fixed a denial of service which could be caused by a local attacker in putwhitespan() (bsc#1142770).
ModerateSUSE bug 1142770CVE-2019-1010190 at SUSECVE-2019-1010190 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
Update to Intel microcode version 20180108 (bsc#1075262 CVE-2017-5715)
- The pre-released microcode fixing some important security issues
is now officially published (and included in the added tarball).
Among other updates it contains:
- IVT C0 (06-3e-04:ed) 428->42a
- SKL-U/Y D0 (06-4e-03:c0) ba->c2
- BDW-U/Y E/F (06-3d-04:c0) 25->28
- HSW-ULT Cx/Dx (06-45-01:72) 20->21
- Crystalwell Cx (06-46-01:32) 17->18
- BDW-H E/G (06-47-01:22) 17->1b
- HSX-EX E0 (06-3f-04:80) 0f->10
- SKL-H/S R0 (06-5e-03:36) ba->c2
- HSW Cx/Dx (06-3c-03:32) 22->23
- HSX C0 (06-3f-02:6f) 3a->3b
- BDX-DE V0/V1 (06-56-02:10) 0f->14
- BDX-DE V2 (06-56-03:10) 700000d->7000011
- KBL-U/Y H0 (06-8e-09:c0) 62->80
- KBL Y0 / CFL D0 (06-8e-0a:c0) 70->80
- KBL-H/S B0 (06-9e-09:2a) 5e->80
- CFL U0 (06-9e-0a:22) 70->80
- CFL B0 (06-9e-0b:02) 72->80
- SKX H0 (06-55-04:b7) 2000035->200003c
- GLK B0 (06-7a-01:01) 1e->22
ImportantSUSE bug 1075262CVE-2017-5715 at SUSECVE-2017-5715 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ucode-intel fixes the following issues:
The Intel CPU microcode version was updated to version 20180312.
This update enables the IBPB+IBRS based mitigations of the Spectre v2 flaws (boo#1085207 CVE-2017-5715)
- New Platforms
- BDX-DE EGW A0 6-56-5:10 e000009
- SKX B1 6-55-3:97 1000140
- Updates
- SNB D2 6-2a-7:12 29->2d
- JKT C1 6-2d-6:6d 619->61c
- JKT C2 6-2d-7:6d 710->713
- IVB E2 6-3a-9:12 1c->1f
- IVT C0 6-3e-4:ed 428->42c
- IVT D1 6-3e-7:ed 70d->713
- HSW Cx/Dx 6-3c-3:32 22->24
- HSW-ULT Cx/Dx 6-45-1:72 20->23
- CRW Cx 6-46-1:32 17->19
- HSX C0 6-3f-2:6f 3a->3c
- HSX-EX E0 6-3f-4:80 0f->11
- BDW-U/Y E/F 6-3d-4:c0 25->2a
- BDW-H E/G 6-47-1:22 17->1d
- BDX-DE V0/V1 6-56-2:10 0f->15
- BDW-DE V2 6-56-3:10 700000d->7000012
- BDW-DE Y0 6-56-4:10 f00000a->f000011
- SKL-U/Y D0 6-4e-3:c0 ba->c2
- SKL R0 6-5e-3:36 ba->c2
- KBL-U/Y H0 6-8e-9:c0 62->84
- KBL B0 6-9e-9:2a 5e->84
- CFL D0 6-8e-a:c0 70->84
- CFL U0 6-9e-a:22 70->84
- CFL B0 6-9e-b:02 72->84
- SKX H0 6-55-4:b7 2000035->2000043
ImportantSUSE bug 1085207CVE-2017-5715 at SUSECVE-2017-5715 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for microcode_ctl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for microcode_ctl fixes the following security issue:
- CVE-2017-5715: Prevent unauthorized disclosure of information to an attacker
with local user access caused by speculative execution and indirect branch
prediction (bsc#1095735)
ModerateSUSE bug 1095735CVE-2017-5715 at SUSECVE-2017-5715 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for microcode_ctl fixes the following issues:
The Intel CPU Microcode bundle was updated to the 20180703 release
For the listed CPU chipsets this fixes CVE-2018-3640 (Spectre v3a) and
helps mitigating CVE-2018-3639 (Spectre v4) (bsc#1100147 bsc#1087082 bsc#1087083)
More details can be found on:
https://downloadcenter.intel.com/download/27945/Linux-Processor-Microcode-Data-File
Following chipsets are fixed in this round:
Model Stepping F-MO-S/PI Old->New
---- updated platforms ------------------------------------
SNB-EP C1 6-2d-6/6d 0000061c->0000061d Xeon E5
SNB-EP C2 6-2d-7/6d 00000713->00000714 Xeon E5
IVT C0 6-3e-4/ed 0000042c->0000042d Xeon E5 v2; Core i7-4960X/4930K/4820K
IVT D1 6-3e-7/ed 00000713->00000714 Xeon E5 v2
HSX-E/EP/4S C0 6-3f-2/6f 0000003c->0000003d Xeon E5 v3
HSX-EX E0 6-3f-4/80 00000011->00000012 Xeon E7 v3
SKX-SP/D/W/X H0 6-55-4/b7 02000043->0200004d Xeon Bronze 31xx, Silver 41xx, Gold 51xx/61xx Platinum 81xx, D/W-21xx; Core i9-7xxxX
BDX-DE A1 6-56-5/10 0e000009->0e00000a Xeon D-15x3N
BDX-ML B/M/R0 6-4f-1/ef 0b00002c->0b00002e Xeon E5/E7 v4; Core i7-69xx/68xx
ImportantSUSE bug 1087082SUSE bug 1087083SUSE bug 1100147CVE-2018-3639 at SUSECVE-2018-3639 at NVDCVE-2018-3640 at SUSECVE-2018-3640 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update to ucode-intel (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
ucode-intel was updated to the 20180807 release.
For the listed CPU chipsets this fixes CVE-2018-3640 (Spectre v3a), and is part of the
mitigations for CVE-2018-3639 (Spectre v4) and CVE-2018-3646 (L1 Terminal Fault).
(bsc#1104134 bsc#1087082 bsc#1087083 bsc#1089343)
Processor Identifier Version Products
Model Stepping F-MO-S/PI Old->New
---- new platforms ----------------------------------------
WSM-EP/WS U1 6-2c-2/03 0000001f Xeon E/L/X56xx, W36xx
NHM-EX D0 6-2e-6/04 0000000d Xeon E/L/X65xx/75xx
BXT C0 6-5c-2/01 00000014 Atom T5500/5700
APL E0 6-5c-a/03 0000000c Atom x5-E39xx
DVN B0 6-5f-1/01 00000024 Atom C3xxx
---- updated platforms ------------------------------------
NHM-EP/WS D0 6-1a-5/03 00000019->0000001d Xeon E/L/X/W55xx
NHM B1 6-1e-5/13 00000007->0000000a Core i7-8xx, i5-7xx; Xeon L3426, X24xx
WSM B1 6-25-2/12 0000000e->00000011 Core i7-6xx, i5-6xx/4xxM, i3-5xx/3xxM, Pentium G69xx, Celeon P45xx; Xeon L3406
WSM K0 6-25-5/92 00000004->00000007 Core i7-6xx, i5-6xx/5xx/4xx, i3-5xx/3xx, Pentium G69xx/P6xxx/U5xxx, Celeron P4xxx/U3xxx
SNB D2 6-2a-7/12 0000002d->0000002e Core Gen2; Xeon E3
WSM-EX A2 6-2f-2/05 00000037->0000003b Xeon E7
IVB E2 6-3a-9/12 0000001f->00000020 Core Gen3 Mobile
HSW-H/S/E3 Cx/Dx 6-3c-3/32 00000024->00000025 Core Gen4 Desktop; Xeon E3 v3
BDW-U/Y E/F 6-3d-4/c0 0000002a->0000002b Core Gen5 Mobile
HSW-ULT Cx/Dx 6-45-1/72 00000023->00000024 Core Gen4 Mobile and derived Pentium/Celeron
HSW-H Cx 6-46-1/32 00000019->0000001a Core Extreme i7-5xxxX
BDW-H/E3 E/G 6-47-1/22 0000001d->0000001e Core i5-5xxxR/C, i7-5xxxHQ/EQ; Xeon E3 v4
SKL-U/Y D0 6-4e-3/c0 000000c2->000000c6 Core Gen6 Mobile
BDX-DE V1 6-56-2/10 00000015->00000017 Xeon D-1520/40
BDX-DE V2/3 6-56-3/10 07000012->07000013 Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19
BDX-DE Y0 6-56-4/10 0f000011->0f000012 Xeon D-1557/59/67/71/77/81/87
APL D0 6-5c-9/03 0000002c->00000032 Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
SKL-H/S/E3 R0 6-5e-3/36 000000c2->000000c6 Core Gen6; Xeon E3 v5
ImportantSUSE bug 1087082SUSE bug 1087083SUSE bug 1089343SUSE bug 1104134CVE-2018-3639 at SUSECVE-2018-3639 at NVDCVE-2018-3640 at SUSECVE-2018-3640 at NVDCVE-2018-3646 at SUSECVE-2018-3646 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for microcode_ctl fixes the following issues:
This update contains the Intel QSR 2019.1 Microcode release (bsc#1111331)
Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)
- CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)
- CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)
- CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)
- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
These updates contain the CPU Microcode adjustments for the software mitigations.
For more information on this set of vulnerabilities, check out https://www.suse.com/support/kb/doc/?id=7023736
Release notes:
- Processor Identifier Version Products
- Model Stepping F-MO-S/PI Old->New
- ---- new platforms ----------------------------------------
- CLX-SP B1 6-55-7/bf 05000021 Xeon Scalable Gen2
- ---- updated platforms ------------------------------------
- SNB D2/G1/Q0 6-2a-7/12 0000002e->0000002f Core Gen2
- IVB E1/L1 6-3a-9/12 00000020->00000021 Core Gen3
- HSW C0 6-3c-3/32 00000025->00000027 Core Gen4
- BDW-U/Y E0/F0 6-3d-4/c0 0000002b->0000002d Core Gen5
- IVB-E/EP C1/M1/S1 6-3e-4/ed 0000042e->0000042f Core Gen3 X Series; Xeon E5 v2
- IVB-EX D1 6-3e-7/ed 00000714->00000715 Xeon E7 v2
- HSX-E/EP Cx/M1 6-3f-2/6f 00000041->00000043 Core Gen4 X series; Xeon E5 v3
- HSX-EX E0 6-3f-4/80 00000013->00000014 Xeon E7 v3
- HSW-U C0/D0 6-45-1/72 00000024->00000025 Core Gen4
- HSW-H C0 6-46-1/32 0000001a->0000001b Core Gen4
- BDW-H/E3 E0/G0 6-47-1/22 0000001e->00000020 Core Gen5
- SKL-U/Y D0/K1 6-4e-3/c0 000000c6->000000cc Core Gen6
- SKX-SP H0/M0/U0 6-55-4/b7 0200005a->0000005e Xeon Scalable
- SKX-D M1 6-55-4/b7 0200005a->0000005e Xeon D-21xx
- BDX-DE V1 6-56-2/10 00000019->0000001a Xeon D-1520/40
- BDX-DE V2/3 6-56-3/10 07000016->07000017 Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19
- BDX-DE Y0 6-56-4/10 0f000014->0f000015 Xeon D-1557/59/67/71/77/81/87
- BDX-NS A0 6-56-5/10 0e00000c->0e00000d Xeon D-1513N/23/33/43/53
- APL D0 6-5c-9/03 00000036->00000038 Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
- SKL-H/S R0/N0 6-5e-3/36 000000c6->000000cc Core Gen6; Xeon E3 v5
- DNV B0 6-5f-1/01 00000024->0000002e Atom Processor C Series
- GLK B0 6-7a-1/01 0000002c->0000002e Pentium Silver N/J5xxx, Celeron N/J4xxx
- AML-Y22 H0 6-8e-9/10 0000009e->000000b4 Core Gen8 Mobile
- KBL-U/Y H0 6-8e-9/c0 0000009a->000000b4 Core Gen7 Mobile
- CFL-U43e D0 6-8e-a/c0 0000009e->000000b4 Core Gen8 Mobile
- WHL-U W0 6-8e-b/d0 000000a4->000000b8 Core Gen8 Mobile
- WHL-U V0 6-8e-d/94 000000b2->000000b8 Core Gen8 Mobile
- KBL-G/H/S/E3 B0 6-9e-9/2a 0000009a->000000b4 Core Gen7; Xeon E3 v6
- CFL-H/S/E3 U0 6-9e-a/22 000000aa->000000b4 Core Gen8 Desktop, Mobile, Xeon E
- CFL-S B0 6-9e-b/02 000000aa->000000b4 Core Gen8
- CFL-H/S P0 6-9e-c/22 000000a2->000000ae Core Gen9
- CFL-H R0 6-9e-d/22 000000b0->000000b8 Core Gen9 Mobile
ImportantSUSE bug 1111331CVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for microcode_ctl fixes the following issues:
This update contains the Intel QSR 2019.1 Microcode release (bsc#1111331)
Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)
- CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)
- CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)
- CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)
- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
These updates contain the CPU Microcode adjustments for the software mitigations.
For more information on this set of vulnerabilities, check out https://www.suse.com/support/kb/doc/?id=7023736
Release notes:
---- updated platforms ------------------------------------
SNB-E/EN/EP C1/M0 6-2d-6/6d 0000061d->0000061f Xeon E3/E5, Core X
SNB-E/EN/EP C2/M1 6-2d-7/6d 00000714->00000718 Xeon E3/E5, Core X
---- new platforms ----------------------------------------
VLV C0 6-37-8/02 00000838 Atom Z series
VLV C0 6-37-8/0C 00000838 Celeron N2xxx, Pentium N35xx
VLV D0 6-37-9/0F 0000090c Atom E38xx
CHV C0 6-4c-3/01 00000368 Atom X series
CHV D0 6-4c-4/01 00000411 Atom X series
Readded what missing in last update:
BDX-ML B0/M0/R0 6-4f-1/ef 0b00002e->00000036 Xeon E5/E7 v4; Core i7-69xx/68xx
ImportantSUSE bug 1111331SUSE bug 1141977CVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for microcode_ctl fixes the following issues:
- Updated to 20191112 security release (bsc#1155988)
- Processor Identifier Version Products
- Model Stepping F-MO-S/PI Old->New
- ---- new platforms ----------------------------------------
- CML-U62 A0 6-a6-0/80 000000c6 Core Gen10 Mobile
- CNL-U D0 6-66-3/80 0000002a Core Gen8 Mobile
- SKX-SP B1 6-55-3/97 01000150 Xeon Scalable
- ICL U/Y D1 6-7e-5/80 00000046 Core Gen10 Mobile
- ---- updated platforms ------------------------------------
- SKL U/Y D0 6-4e-3/c0 000000cc->000000d4 Core Gen6 Mobile
- SKL H/S/E3 R0/N0 6-5e-3/36 000000cc->000000d4 Core Gen6
- AML-Y22 H0 6-8e-9/10 000000b4->000000c6 Core Gen8 Mobile
- KBL-U/Y H0 6-8e-9/c0 000000b4->000000c6 Core Gen7 Mobile
- CFL-U43e D0 6-8e-a/c0 000000b4->000000c6 Core Gen8 Mobile
- WHL-U W0 6-8e-b/d0 000000b8->000000c6 Core Gen8 Mobile
- AML-Y V0 6-8e-c/94 000000b8->000000c6 Core Gen10 Mobile
- CML-U42 V0 6-8e-c/94 000000b8->000000c6 Core Gen10 Mobile
- WHL-U V0 6-8e-c/94 000000b8->000000c6 Core Gen8 Mobile
- KBL-G/X H0 6-9e-9/2a 000000b4->000000c6 Core Gen7/Gen8
- KBL-H/S/E3 B0 6-9e-9/2a 000000b4->000000c6 Core Gen7; Xeon E3 v6
- CFL-H/S/E3 U0 6-9e-a/22 000000b4->000000c6 Core Gen8 Desktop, Mobile, Xeon E
- CFL-S B0 6-9e-b/02 000000b4->000000c6 Core Gen8
- CFL-H R0 6-9e-d/22 000000b8->000000c6 Core Gen9 Mobile
- Includes security fixes for:
- CVE-2019-11135: Added feature allowing to disable TSX RTM (bsc#1139073)
- CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues (bsc#1141035)
ImportantSUSE bug 1139073SUSE bug 1141035SUSE bug 1155988CVE-2019-11135 at SUSECVE-2019-11135 at NVDCVE-2019-11139 at SUSECVE-2019-11139 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for microcode_ctl fixes the following issues:
- Updated to 20191112 official security release (bsc#1155988)
- Includes security fixes for:
- CVE-2019-11135: Added feature allowing to disable TSX RTM (bsc#1139073)
- CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues (bsc#1141035)
ImportantSUSE bug 1139073SUSE bug 1141035SUSE bug 1155988CVE-2019-11135 at SUSECVE-2019-11135 at NVDCVE-2019-11139 at SUSECVE-2019-11139 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for microcode_ctl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for microcode_ctl fixes the following issues:
Updated Intel CPU Microcode to 20200602 (prerelease) (bsc#1172466)
This update contains security mitigations for:
- CVE-2020-0543: Fixed a side channel attack against special registers
which could have resulted in leaking of read values to cores other
than the one which called it. This attack is known as Special Register
Buffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824).
- CVE-2020-0548,CVE-2020-0549: Additional ucode updates were supplied to
mitigate the Vector Register and L1D Eviction Sampling aka 'CacheOutAttack'
attacks. (bsc#1156353)
Microcode Table:
Processor Identifier Version Products
Model Stepping F-MO-S/PI Old->New
---- new platforms ----------------------------------------
---- updated platforms ------------------------------------
HSW C0 6-3c-3/32 00000027->00000028 Core Gen4
BDW-U/Y E0/F0 6-3d-4/c0 0000002e->0000002f Core Gen5
HSW-U C0/D0 6-45-1/72 00000025->00000026 Core Gen4
HSW-H C0 6-46-1/32 0000001b->0000001c Core Gen4
BDW-H/E3 E0/G0 6-47-1/22 00000021->00000022 Core Gen5
SKL-U/Y D0 6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile
SKL-U23e K1 6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile
SKX-SP B1 6-55-3/97 01000151->01000157 Xeon Scalable
SKX-SP H0/M0/U0 6-55-4/b7 02000065->02006906 Xeon Scalable
SKX-D M1 6-55-4/b7 02000065->02006906 Xeon D-21xx
CLX-SP B0 6-55-6/bf 0400002c->04002f01 Xeon Scalable Gen2
CLX-SP B1 6-55-7/bf 0500002c->04002f01 Xeon Scalable Gen2
SKL-H/S R0/N0 6-5e-3/36 000000d6->000000dc Core Gen6; Xeon E3 v5
AML-Y22 H0 6-8e-9/10 000000ca->000000d6 Core Gen8 Mobile
KBL-U/Y H0 6-8e-9/c0 000000ca->000000d6 Core Gen7 Mobile
CFL-U43e D0 6-8e-a/c0 000000ca->000000d6 Core Gen8 Mobile
WHL-U W0 6-8e-b/d0 000000ca->000000d6 Core Gen8 Mobile
AML-Y42 V0 6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile
CML-Y42 V0 6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile
WHL-U V0 6-8e-c/94 000000ca->000000d6 Core Gen8 Mobile
KBL-G/H/S/E3 B0 6-9e-9/2a 000000ca->000000d6 Core Gen7; Xeon E3 v6
CFL-H/S/E3 U0 6-9e-a/22 000000ca->000000d6 Core Gen8 Desktop, Mobile, Xeon E
CFL-S B0 6-9e-b/02 000000ca->000000d6 Core Gen8
CFL-H/S P0 6-9e-c/22 000000ca->000000d6 Core Gen9
CFL-H R0 6-9e-d/22 000000ca->000000d6 Core Gen9 Mobile
Also contains the Intel CPU Microcode update to 20200520:
Processor Identifier Version Products
Model Stepping F-MO-S/PI Old->New
---- new platforms ----------------------------------------
---- updated platforms ------------------------------------
SNB-E/EN/EP C1/M0 6-2d-6/6d 0000061f->00000621 Xeon E3/E5, Core X
SNB-E/EN/EP C2/M1 6-2d-7/6d 00000718->0000071a Xeon E3/E5, Core X
ModerateSUSE bug 1154824SUSE bug 1156353SUSE bug 1172466CVE-2020-0543 at SUSECVE-2020-0543 at NVDCVE-2020-0548 at SUSECVE-2020-0548 at NVDCVE-2020-0549 at SUSECVE-2020-0549 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for microcode_ctl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for microcode_ctl fixes the following issue:
- Updated Intel CPU Microcode to 20201027 prerelease (bsc#1170446)
- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX)
- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)
# New Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile
| CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3
| CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile
| CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10
| CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile
# Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3
| SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable
| SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx
| CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2
| ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile
| AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile
| WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile
| AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8
| CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9
| CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile
| CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile
ModerateSUSE bug 1170446SUSE bug 1173594CVE-2020-8695 at SUSECVE-2020-8695 at NVDCVE-2020-8698 at SUSECVE-2020-8698 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for microcode_ctl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for microcode_ctl fixes the following issues:
- Updated Intel CPU Microcode to 20201110 official release.
- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) INTEL-SA-00389 (bsc#1170446)
- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)
- CVE-2020-8696: Vector Register Sampling Active INTEL-SA-00381 (bsc#1173592)
- Release notes:
- Security updates for [INTEL-SA-00381](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html).
- Security updates for [INTEL-SA-00389](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html).
- Update for functional issues. Refer to [Second Generation Intel? Xeon? Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.
- Update for functional issues. Refer to [Intel? Xeon? Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.
- Update for functional issues. Refer to [Intel? Xeon? Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.
- Update for functional issues. Refer to [10th Gen Intel? Core™ Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.
- Update for functional issues. Refer to [8th and 9th Gen Intel? Core™ Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.
- Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel? Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.
- Update for functional issues. Refer to [6th Gen Intel? Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.
- Update for functional issues. Refer to [Intel? Xeon? E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.
- Update for functional issues. Refer to [Intel? Xeon? E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.
### New Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3
| LKF | B2/B3 | 06-8a-01/10 | | 00000028 | Core w/Hybrid Technology
| TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile
| CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile
| CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10
| CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile
### Updated Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable
| SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx
| CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2
| APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5
| GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile
| AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile
| WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile
| AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8
| CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9
| CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile
| CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile
ModerateSUSE bug 1170446SUSE bug 1173592SUSE bug 1173594CVE-2020-8695 at SUSECVE-2020-8695 at NVDCVE-2020-8696 at SUSECVE-2020-8696 at NVDCVE-2020-8698 at SUSECVE-2020-8698 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for microcode_ctl fixes the following issues:
Updated to Intel CPU Microcode 20210525 release:
- CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (bsc#1179833)
- CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (bsc#1179836)
- CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837)
- CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (bsc#1179839)
ImportantSUSE bug 1179833SUSE bug 1179836SUSE bug 1179837SUSE bug 1179839CVE-2020-24489 at SUSECVE-2020-24489 at NVDCVE-2020-24511 at SUSECVE-2020-24511 at NVDCVE-2020-24512 at SUSECVE-2020-24512 at NVDCVE-2020-24513 at SUSECVE-2020-24513 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for microcode_ctl fixes the following issues:
Updated to Intel CPU Microcode 20220510 release. (bsc#1199423)
Updated to Intel CPU Microcode 20220419 release. (bsc#1198717)
Updated to Intel CPU Microcode 20220207 release.
- CVE-2022-21151: Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access (bsc#1199423).
- CVE-2021-0146: Fixed a potential security vulnerability in some Intel Processors may allow escalation of privilege (bsc#1192615)
- CVE-2021-0127: Intel Processor Breakpoint Control Flow (bsc#1195779)
- CVE-2021-0145: Fast store forward predictor - Cross Domain Training (bsc#1195780)
- CVE-2021-33120: Out of bounds read for some Intel Atom processors (bsc#1195781)
- Security updates for [INTEL-SA-00528](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html)
- Security updates for [INTEL-SA-00532](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00532.html)
ImportantSUSE bug 1192615SUSE bug 1195779SUSE bug 1195780SUSE bug 1195781SUSE bug 1198717SUSE bug 1199423CVE-2021-0127 at SUSECVE-2021-0127 at NVDCVE-2021-0145 at SUSECVE-2021-0145 at NVDCVE-2021-0146 at SUSECVE-2021-0146 at NVDCVE-2021-33120 at SUSECVE-2021-33120 at NVDCVE-2022-21151 at SUSECVE-2022-21151 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for microcode_ctl fixes the following issues:
Updated to Intel CPU Microcode 20230214 release.
Security issues fixed:
- CVE-2022-38090: Security updates for [INTEL-SA-00767](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00767.html) (bsc#1208275)
- CVE-2022-33196: Security updates for [INTEL-SA-00738](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00738.html) (bsc#1208276)
- CVE-2022-21216: Security updates for [INTEL-SA-00700](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00700.html) (bsc#1208277)
- New Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| SPR-SP | E2 | 06-8f-05/87 | | 2b000181 | Xeon Scalable Gen4
| SPR-SP | E3 | 06-8f-06/87 | | 2b000181 | Xeon Scalable Gen4
| SPR-SP | E4 | 06-8f-07/87 | | 2b000181 | Xeon Scalable Gen4
| SPR-SP | E5 | 06-8f-08/87 | | 2b000181 | Xeon Scalable Gen4
| SPR-HBM | B3 | 06-8f-08/10 | | 2c000170 | Xeon Max
| RPL-P 6+8 | J0 | 06-ba-02/07 | | 0000410e | Core Gen13
| RPL-H 6+8 | J0 | 06-ba-02/07 | | 0000410e | Core Gen13
| RPL-U 2+8 | Q0 | 06-ba-02/07 | | 0000410e | Core Gen13
- Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| ADL | C0 | 06-97-02/07 | 00000026 | 0000002c | Core Gen12
| ADL | C0 | 06-97-05/07 | 00000026 | 0000002c | Core Gen12
| ADL | C0 | 06-bf-02/07 | 00000026 | 0000002c | Core Gen12
| ADL | C0 | 06-bf-05/07 | 00000026 | 0000002c | Core Gen12
| ADL | L0 | 06-9a-03/80 | 00000424 | 00000429 | Core Gen12
| ADL | L0 | 06-9a-04/80 | 00000424 | 00000429 | Core Gen12
| CLX-SP | B0 | 06-55-06/bf | 04003302 | 04003303 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05003302 | 05003303 | Xeon Scalable Gen2
| CPX-SP | A1 | 06-55-0b/bf | 07002501 | 07002503 | Xeon Scalable Gen3
| GLK | B0 | 06-7a-01/01 | 0000003c | 0000003e | Pentium Silver N/J5xxx, Celeron N/J4xxx
| GLK-R | R0 | 06-7a-08/01 | 00000020 | 00000022 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| ICL-D | B0 | 06-6c-01/10 | 01000201 | 01000211 | Xeon D-17xx, D-27xx
| ICL-U/Y | D1 | 06-7e-05/80 | 000000b6 | 000000b8 | Core Gen10 Mobile
| ICX-SP | D0 | 06-6a-06/87 | 0d000375 | 0d000389 | Xeon Scalable Gen3
| JSL | A0/A1 | 06-9c-00/01 | 24000023 | 24000024 | Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105
| LKF | B2/B3 | 06-8a-01/10 | 00000031 | 00000032 | Core w/Hybrid Technology
| RKL-S | B0 | 06-a7-01/02 | 00000056 | 00000057 | Core Gen11
| RPL-S | S0 | 06-b7-01/32 | 0000010e | 00000112 | Core Gen13
| SKX-SP | B1 | 06-55-03/97 | 0100015e | 01000161 | Xeon Scalable
ImportantSUSE bug 1205602SUSE bug 1208275SUSE bug 1208276SUSE bug 1208277CVE-2022-21216 at SUSECVE-2022-21216 at NVDCVE-2022-33196 at SUSECVE-2022-33196 at NVDCVE-2022-38090 at SUSECVE-2022-38090 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for minicom (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for minicom fixes the following issues:
- CVE-2017-7467: Invalid cursor coordinates and scroll regions could lead to code
execution (bsc#1033783)
ModerateSUSE bug 1033783CVE-2017-7467 at SUSECVE-2017-7467 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mokutil (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mokutil fixes the following issues:
- Adds SBAT revocation support to mokutil. (bsc#1198458)
New options added (see manpage):
- mokutil --sbat
List all entries in SBAT.
- mokutil --set-sbat-policy (latest | previous | delete)
To set the SBAT acceptance policy.
- mokutil --list-sbat-revocations
To list the current SBAT revocations.
ModerateSUSE bug 1198458cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mono-core (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
mono-core was updated to fix the following vulnerabilities:
- CVE-2009-0689: Remote attackers could cause a denial of service and possibly arbitrary code execution through the string-to-double parser implementation (bsc#958097)
- CVE-2012-3543: Remote attackers could cause a denial of service through increased CPU consumption due to lack of protection against predictable hash collisions when processing form parameters (bsc#739119)
ModerateSUSE bug 739119SUSE bug 958097CVE-2009-0689 at SUSECVE-2009-0689 at NVDCVE-2012-3543 at SUSECVE-2012-3543 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for mono-core (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
mono-core was updated to fix the following vulnerabilities:
- CVE-2009-0689: Remote attackers could cause a denial of service and possibly arbitrary
code execution through the string-to-double parser implementation. (bsc#958097)
- CVE-2012-3543: Remote attackers could cause a denial of service through increased CPU
consumption due to lack of protection against predictable hash collisions when processing
form parameters. (bsc#739119)
ModerateSUSE bug 739119SUSE bug 958097CVE-2009-0689 at SUSECVE-2009-0689 at NVDCVE-2012-3543 at SUSECVE-2012-3543 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for MozillaFirefox, MozillaFirefox-branding-SLED, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss fixes the following issues: (bsc#963520)
Mozilla Firefox was updated to 38.6.0 ESR.
Mozilla NSS was updated to 3.20.2.
The following vulnerabilities were fixed:
- CVE-2016-1930: Memory safety bugs fixed in Firefox ESR 38.6 (bsc#963632)
- CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation (bsc#963635)
- CVE-2016-1938: Calculations with mp_div and mp_exptmod in Network Security Services (NSS) canproduce wrong results (bsc#963731)
The following improvements were added:
- bsc#954447: Mozilla NSS now supports a number of new DHE ciphersuites
- Tracking protection is now enabled by default
ImportantSUSE bug 954447SUSE bug 963520SUSE bug 963632SUSE bug 963635SUSE bug 963731CVE-2016-1930 at SUSECVE-2016-1930 at NVDCVE-2016-1935 at SUSECVE-2016-1935 at NVDCVE-2016-1938 at SUSECVE-2016-1938 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for mozilla-nspr (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
mozilla-nspr was update to version 4.10.8 ModerateSUSE bug 935979cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for mozilla-nspr, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mozilla-nspr, mozilla-nss fixes the following issues:
mozilla-nspr was updated to version 4.34:
* add an API that returns a preferred loopback IP on hosts that have two IP stacks available.
mozilla-nss was updated:
FIPS 140-3 enablement patches were integrated from the SUSE Linux Enterprise 15 variant.
- Add on-demand integrity tests through sftk_FIPSRepeatIntegrityCheck()
(bsc#1198980).
- Mark algorithms as approved/non-approved according to security policy
(bsc#1191546, bsc#1201298).
- Remove hard disabling of unapproved algorithms. This requirement is now
fulfilled by the service level indicator (bsc#1200325).
Version update to NSS 3.79:
- Use PK11_GetSlotInfo instead of raw C_GetSlotInfo calls.
- Use of uninitialized pointer in lg_init after alloc fail.
- selfserv and tstclnt should use PR_GetPrefLoopbackAddrInfo.
- Add SECMOD_LockedModuleHasRemovableSlots.
- Fix secasn1d parsing of indefinite SEQUENCE inside indefinite GROUP.
- Added RFC8422 compliant TLS <= 1.2 undefined/compressed ECPointFormat extension alerts.
- TLS 1.3 Server: Send protocol_version alert on unsupported ClientHello.legacy_version.
- Correct invalid record inner and outer content type alerts.
- NSS does not properly import or export pkcs12 files with large passwords and pkcs5v2 encoding.
- improve error handling after nssCKFWInstance_CreateObjectHandle.
- Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple.
- NSS 3.79 should depend on NSPR 4.34
Version update to NSS 3.78.1
- Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple
Version update to NSS 3.78:
- Added TLS 1.3 zero-length inner plaintext checks and tests, zero-length record/fragment handling tests.
- Reworked overlong record size checks and added TLS1.3 specific boundaries.
- Add ECH Grease Support to tstclnt
- Add a strict variant of moz::pkix::CheckCertHostname.
- Change SSL_REUSE_SERVER_ECDHE_KEY default to false.
- Make SEC_PKCS12EnableCipher succeed
Version update to NSS 3.77:
- resolve mpitests build failure on Windows.
- Fix link to TLS page on wireshark wiki
- Add two D-TRUST 2020 root certificates.
- Add Telia Root CA v2 root certificate.
- Remove expired explicitly distrusted certificates from certdata.txt.
- support specific RSA-PSS parameters in mozilla::pkix
- Remove obsolete stateEnd check in SEC_ASN1DecoderUpdate.
- Remove token member from NSSSlot struct.
- Provide secure variants of mpp_pprime and mpp_make_prime.
- Support UTF-8 library path in the module spec string.
- Update nssUTF8_Length to RFC 3629 and fix buffer overrun.
- Add a CI Target for gcc-11.
- Change to makefiles for gcc-4.8.
- Update googletest to 1.11.0
- Add SetTls13GreaseEchSize to experimental API.
- TLS 1.3 Illegal legacy_version handling/alerts.
- Fix calculation of ECH HRR Transcript.
- Allow ld path to be set as environment variable.
- Ensure we don't read uninitialized memory in ssl gtests.
- Fix DataBuffer Move Assignment.
- internal_error alert on Certificate Request with sha1+ecdsa in TLS 1.3
- rework signature verification in mozilla::pkix
Version update to NSS 3.76.1:
- Remove token member from NSSSlot struct.
Version update to NSS 3.76:
- Hold tokensLock through nssToken_GetSlot calls in nssTrustDomain_GetActiveSlots.
- Check return value of PK11Slot_GetNSSToken.
- Use Wycheproof JSON for RSASSA-PSS
- Add SHA256 fingerprint comments to old certdata.txt entries.
- Avoid truncating files in nss-release-helper.py.
- Throw illegal_parameter alert for illegal extensions in handshake message.
Version update to NSS 3.75:
- This patch adds gcc-9 and gcc-10 to the CI.
- Make DottedOIDToCode.py compatible with python3.
- Avoid undefined shift in SSL_CERT_IS while fuzzing.
- Remove redundant key type check.
- Update ABI expectations to match ECH changes.
- Enable CKM_CHACHA20.
- check return on NSS_NoDB_Init and NSS_Shutdown.
- real move assignment operator.
- Run ECDSA test vectors from bltest as part of the CI tests.
- Add ECDSA test vectors to the bltest command line tool.
- Allow to build using clang's integrated assembler.
- Allow to override python for the build.
- test HKDF output rather than input.
- Use ASSERT macros to end failed tests early.
- move assignment operator for DataBuffer.
- Add test cases for ECH compression and unexpected extensions in SH.
- Update tests for ECH-13.
- Tidy up error handling.
- Add tests for ECH HRR Changes.
- Server only sends GREASE HRR extension if enabled by preference.
- Update generation of the Associated Data for ECH-13.
- When ECH is accepted, reject extensions which were only advertised in the Outer Client Hello.
- Allow for compressed, non-contiguous, extensions.
- Scramble the PSK extension in CHOuter.
- Split custom extension handling for ECH.
- Add ECH-13 HRR Handling.
- Client side ECH padding.
- Stricter ClientHelloInner Decompression.
- Remove ECH_inner extension, use new enum format.
- Update the version number for ECH-13 and adjust the ECHConfig size.
Version update to NSS 3.74:
- mozilla::pkix: support SHA-2 hashes in CertIDs in OCSP responses
- Ensure clients offer consistent ciphersuites after HRR
- NSS does not properly restrict server keys based on policy
- Set nssckbi version number to 2.54
- Replace Google Trust Services LLC (GTS) R4 root certificate
- Replace Google Trust Services LLC (GTS) R3 root certificate
- Replace Google Trust Services LLC (GTS) R2 root certificate
- Replace Google Trust Services LLC (GTS) R1 root certificate
- Replace GlobalSign ECC Root CA R4
- Remove Expired Root Certificates - DST Root CA X3
- Remove Expiring Cybertrust Global Root and GlobalSign root certificates
- Add renewed Autoridad de Certificacion Firmaprofesional CIF A62634068 root certificate
- Add iTrusChina ECC root certificate
- Add iTrusChina RSA root certificate
- Add ISRG Root X2 root certificate
- Add Chunghwa Telecom's HiPKI Root CA - G1 root certificate
- Avoid a clang 13 unused variable warning in opt build
- Check for missing signedData field
- Ensure DER encoded signatures are within size limits
- enable key logging option (bsc#1195040)
Version update to NSS 3.73.1:
- Add SHA-2 support to mozilla::pkix's OSCP implementation
Version update to NSS 3.73:
- check for missing signedData field.
- Ensure DER encoded signatures are within size limits.
- NSS needs FiPS 140-3 version indicators.
- pkix_CacheCert_Lookup doesn't return cached certs
- sunset Coverity from NSS
- MFSA 2021-51 (bsc#1193170) * CVE-2021-43527 (bmo#1737470): Fixed Memory corruption via DER-encoded DSA and RSA-PSS signatures
Version update to NSS 3.72:
- Remove newline at the end of coreconf.dep
- Fix nsinstall parallel failure.
- Increase KDF cache size to mitigate perf regression in about:logins
Version update to NSS 3.71:
- Set nssckbi version number to 2.52.
- Respect server requirements of tlsfuzzer/test-tls13-signature-algorithms.py
- Import of PKCS#12 files with Camellia encryption is not supported
- Add HARICA Client ECC Root CA 2021.
- Add HARICA Client RSA Root CA 2021.
- Add HARICA TLS ECC Root CA 2021.
- Add HARICA TLS RSA Root CA 2021.
- Add TunTrust Root CA certificate to NSS.
Version update to NSS 3.70:
- Update test case to verify fix.
- Explicitly disable downgrade check in TlsConnectStreamTls13.EchOuterWith12Max
- Explicitly disable downgrade check in TlsConnectTest.DisableFalseStartOnFallback
- Avoid using a lookup table in nssb64d.
- Use HW accelerated SHA2 on AArch64 Big Endian.
- Change default value of enableHelloDowngradeCheck to true.
- Cache additional PBE entries.
- Read HPKE vectors from official JSON.
Version update to NSS 3.69.1:
- Disable DTLS 1.0 and 1.1 by default
- integrity checks in key4.db not happening on private components with AES_CBC
Version update to NSS 3.69:
- Disable DTLS 1.0 and 1.1 by default (backed out again)
- integrity checks in key4.db not happening on private components with AES_CBC (backed out again)
- SSL handling of signature algorithms ignores environmental invalid algorithms.
- sqlite 3.34 changed it's open semantics, causing nss failures.
- Gtest update changed the gtest reports, losing gtest details in all.sh reports.
- NSS incorrectly accepting 1536 bit DH primes in FIPS mode
- SQLite calls could timeout in starvation situations.
- Coverity/cpp scanner errors found in nss 3.67
- Import the NSS documentation from MDN in nss/doc.
- NSS using a tempdir to measure sql performance not active
Version update to NSS 3.68.4 (bsc#1200027)
- Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple. (bmo#1767590)
- FIPS: scan LD_LIBRARY_PATH for external libraries to be checksummed.
- Run test suite at build time, and make it pass (bsc#1198486).
- FIPS: skip algorithms that are hard disabled in FIPS mode.
- prevent expired PayPalEE cert from failing the tests.
- Enable FIPS during test certificate creation and disables the library checksum
validation during same.
- FIPS: allow checksumming to be disabled, but only if we entered FIPS mode
due to NSS_FIPS being set, not if it came from /proc.
- FIPS: Make the PBKDF known answer test compliant with NIST SP800-132. (bsc#1192079).
Mozilla NSS 3.68.3 (bsc#1197903)
- This release improves the stability of NSS when used in a multi-threaded
environment. In particular, it fixes memory safety violations that
can occur when PKCS#11 tokens are removed while in use (CVE-2022-1097).
We presume that with enough effort these memory safety violations are exploitable.
- Remove token member from NSSSlot struct (bmo#1756271).
- Hold tokensLock through nssToken_GetSlot calls in nssTrustDomain_GetActiveSlots (bmo#1755555).
- Check return value of PK11Slot_GetNSSToken (bmo#1370866).
- Update FIPS validation string to version-release format.
- FIPS: Remove XCBC MAC from list of FIPS approved algorithms.
- Enable NSS_ENABLE_FIPS_INDICATORS and set NSS_FIPS_MODULE_ID
for build.
- FIPS: Claim 3DES unapproved in FIPS mode (bsc#1192080).
- FIPS: allow testing of unapproved algorithms (bsc#1192228).
- This adds FIPS version indicators. (bmo#1729550, bsc#1192086).
- FIPS: Add FIPS 180-3 CSP clearing (bmo#1697303, bsc#1192087).
ImportantSUSE bug 1191546SUSE bug 1192079SUSE bug 1192080SUSE bug 1192086SUSE bug 1192087SUSE bug 1192228SUSE bug 1193170SUSE bug 1195040SUSE bug 1197903SUSE bug 1198486SUSE bug 1198980SUSE bug 1200027SUSE bug 1200325SUSE bug 1201298CVE-2021-43527 at SUSECVE-2021-43527 at NVDCVE-2022-1097 at SUSECVE-2022-1097 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mozilla-nss (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update contains mozilla-nss 3.19.2.2 and fixes the following security issue:
- CVE-2015-7575: MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature (bsc#959888)
ModerateSUSE bug 959888CVE-2015-7575 at SUSECVE-2015-7575 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mozilla-nss fixes the following issues:
Update to version 3.68.1:
- CVE-2021-43527: Fixed a Heap overflow in NSS when verifying DER-encoded DSA or RSA-PSS signatures (bsc#1193170).
ImportantSUSE bug 1193170CVE-2021-43527 at SUSECVE-2021-43527 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mozilla-nss fixes the following issues:
Mozilla NSS 3.68.3 (bsc#1197903):
- CVE-2022-1097: Fixed memory safety violations that could occur when PKCS#11
tokens are removed while in use.
ImportantSUSE bug 1197903CVE-2022-1097 at SUSECVE-2022-1097 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mozilla-nss fixes the following issues:
Mozilla NSS 3.68.4 (bsc#1200027)
* CVE-2022-31741: Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple. (bmo#1767590)
ImportantSUSE bug 1200027CVE-2022-31741 at SUSECVE-2022-31741 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mozilla-nss fixes the following issues:
- CVE-2022-3479: Fixed a potential crash that could be triggered when
a server requested a client authentication certificate, but the
client had no certificates stored (bsc#1204272).
- Updated to version 3.79.3 (bsc#1207038):
- CVE-2022-23491: Removed trust for 3 root certificates from TrustCor.
This update fixes the following MozillaFirefox issues:
- Updated to version 102.7.0 ESR (bsc#1207119):
- CVE-2022-46871: Updated an out of date library (libusrsctp) which
contained several vulnerabilities.
- CVE-2023-23598: Fixed an arbitrary file read from GTK drag and
drop on Linux.
- CVE-2023-23601: Fixed a potential spoofing attack when dragging a
URL from a cross-origin iframe into the same tab.
- CVE-2023-23602: Fixed a mishandled security check, which caused
the Content Security Policy header to be ignored for WebSockets
in WebWorkers.
- CVE-2022-46877: Fixed a fullscreen notification bypass which
could be leveraged in spoofing attacks.
- CVE-2023-23603: Fixed a Content Security Policy bypass via format
directives.
- CVE-2023-23605: Fixed several memory safety bugs.
ImportantSUSE bug 1204272SUSE bug 1207038SUSE bug 1207119CVE-2022-23491 at SUSECVE-2022-23491 at NVDCVE-2022-3479 at SUSECVE-2022-3479 at NVDCVE-2022-46871 at SUSECVE-2022-46871 at NVDCVE-2022-46877 at SUSECVE-2022-46877 at NVDCVE-2023-23598 at SUSECVE-2023-23598 at NVDCVE-2023-23601 at SUSECVE-2023-23601 at NVDCVE-2023-23602 at SUSECVE-2023-23602 at NVDCVE-2023-23603 at SUSECVE-2023-23603 at NVDCVE-2023-23605 at SUSECVE-2023-23605 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mozilla-nss fixes the following issues:
Updated NSS to version 3.79.4 (bsc#1208138):
- CVE-2023-0767: Fixed handling of unknown PKCS#12 safe bag types.
Updated to version 102.8.0 ESR (bsc#1208144):
- CVE-2023-25728: Fixed content security policy leak in violation reports using iframes.
- CVE-2023-25730: Fixed screen hijack via browser fullscreen mode.
- CVE-2023-25743: Fixed Fullscreen notification not being shown in Firefox Focus.
- CVE-2023-0767: Fixed arbitrary memory write via PKCS 12 in NSS.
- CVE-2023-25735: Fixed potential use-after-free from compartment mismatch in SpiderMonkey.
- CVE-2023-25737: Fixed invalid downcast in SVGUtils::SetupStrokeGeometry.
- CVE-2023-25738: Fixed printing on Windows which could potentially crash Firefox with some device drivers.
- CVE-2023-25739: Fixed use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext.
- CVE-2023-25729: Fixed extensions opening external schemes without user knowledge.
- CVE-2023-25732: Fixed out of bounds memory write from EncodeInputStream.
- CVE-2023-25734: Fixed opening local .url files that causes unexpected network loads.
- CVE-2023-25742: Fixed tab crash by Web Crypto ImportKey.
- CVE-2023-25744: Fixed Memory safety bugs.
- CVE-2023-25746: Fixed Memory safety bugs.
ImportantSUSE bug 1208138SUSE bug 1208144CVE-2023-0767 at SUSECVE-2023-0767 at NVDCVE-2023-25728 at SUSECVE-2023-25728 at NVDCVE-2023-25729 at SUSECVE-2023-25729 at NVDCVE-2023-25730 at SUSECVE-2023-25730 at NVDCVE-2023-25732 at SUSECVE-2023-25732 at NVDCVE-2023-25734 at SUSECVE-2023-25734 at NVDCVE-2023-25735 at SUSECVE-2023-25735 at NVDCVE-2023-25737 at SUSECVE-2023-25737 at NVDCVE-2023-25738 at SUSECVE-2023-25738 at NVDCVE-2023-25739 at SUSECVE-2023-25739 at NVDCVE-2023-25742 at SUSECVE-2023-25742 at NVDCVE-2023-25743 at SUSECVE-2023-25743 at NVDCVE-2023-25744 at SUSECVE-2023-25744 at NVDCVE-2023-25746 at SUSECVE-2023-25746 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for Mozilla NSSSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Mozilla NSS has been updated to 3.15.2 (bnc#847708) bringing various
features and bugfixes:
The main feature is TLS 1.2 support and its dependent algorithms.
* Support for AES-GCM ciphersuites that use the SHA-256 PRF
* MD2, MD4, and MD5 signatures are no longer accepted for OCSP or CRLs
* Add PK11_CipherFinal macro
* sizeof() used incorrectly
* nssutil_ReadSecmodDB() leaks memory
* Allow SSL_HandshakeNegotiatedExtension to be called before the
handshake is finished.
* Deprecate the SSL cipher policy code
* Avoid uninitialized data read in the event of a decryption failure.
(CVE-2013-1739)
Changes coming with version 3.15.1:
* TLS 1.2 (RFC 5246) is supported. HMAC-SHA256 cipher suites (RFC 5246
and RFC 5289) are supported, allowing TLS to be used without MD5 and
SHA-1.
Note the following limitations:
The hash function used in the signature for TLS 1.2 client
authentication must be the hash function of the TLS 1.2 PRF, which is
always SHA-256 in NSS 3.15.1. AES GCM cipher suites are not yet
supported.
o some bugfixes and improvements
Changes with version 3.15
* New Functionality
o Support for OCSP Stapling (RFC 6066, Certificate Status
Request) has been added for both client and server sockets. TLS
client applications may enable this via a call to
SSL_OptionSetDefault(SSL_ENABLE_OCSP_STAPLING, PR_TRUE);
o Added function SECITEM_ReallocItemV2. It replaces function
SECITEM_ReallocItem, which is now declared as obsolete.
o Support for single-operation (eg: not multi-part) symmetric key
encryption and decryption, via PK11_Encrypt and PK11_Decrypt.
o certutil has been updated to support creating name constraints
extensions.
Security Issue reference:
* CVE-2013-1739
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1739>
SUSE bug 847708CVE-2013-1739 at SUSECVE-2013-1739 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for mozilla-nspr, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mozilla-nspr, mozilla-nss fixes the following issues:
mozilla-nss was updated to version 3.53.1
- CVE-2019-11745: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate
- CVE-2020-12402: Fixed a potential side channel attack during RSA key generation (bsc#1173032).
- CVE-2020-12399: Fixed a timing attack on DSA signature generation (bsc#1171978).
- CVE-2019-17006: Added length checks for cryptographic primitives (bsc#1159819).
- CVE-2019-11727: A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages.
- Fixed various FIPS issues in libfreebl3 which were causing segfaults in the test suite of chrony (bsc#1168669).
- Fixed an issue where Firefox tab was crashing (bsc#1170908).
Release notes: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.53_release_notes
mozilla-nspr was updated to version 4.25.
ImportantSUSE bug 1141322SUSE bug 1158527SUSE bug 1159819SUSE bug 1168669SUSE bug 1169746SUSE bug 1170908SUSE bug 1171978SUSE bug 1173032CVE-2019-11727 at SUSECVE-2019-11727 at NVDCVE-2019-11745 at SUSECVE-2019-11745 at NVDCVE-2019-17006 at SUSECVE-2019-17006 at NVDCVE-2020-12399 at SUSECVE-2020-12399 at NVDCVE-2020-12402 at SUSECVE-2020-12402 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for mozilla-nspr, mozilla-nss (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mozilla-nspr fixes the following issues:
mozilla-nspr was updated to version 4.32:
* implement new socket option PR_SockOpt_DontFrag
* support larger DNS records by increasing the default buffer
size for DNS queries
* Lock access to PRCallOnceType members in PR_CallOnce* for
thread safety bmo#1686138
* PR_GetSystemInfo supports a new flag PR_SI_RELEASE_BUILD to get
information about the operating system build version.
Mozilla NSS was updated to version 3.68:
* bmo#1713562 - Fix test leak.
* bmo#1717452 - NSS 3.68 should depend on NSPR 4.32.
* bmo#1693206 - Implement PKCS8 export of ECDSA keys.
* bmo#1712883 - DTLS 1.3 draft-43.
* bmo#1655493 - Support SHA2 HW acceleration using Intel SHA Extension.
* bmo#1713562 - Validate ECH public names.
* bmo#1717610 - Add function to get seconds from epoch from pkix::Time.
update to NSS 3.67
* bmo#1683710 - Add a means to disable ALPN.
* bmo#1715720 - Fix nssckbi version number in NSS 3.67 (was supposed to be incremented in 3.66).
* bmo#1714719 - Set NSS_USE_64 on riscv64 target when using GYP/Ninja.
* bmo#1566124 - Fix counter increase in ppc-gcm-wrap.c.
* bmo#1566124 - Fix AES_GCM mode on ppc64le for messages of length more than 255-byte.
update to NSS 3.66
* bmo#1710716 - Remove Expired Sonera Class2 CA from NSS.
* bmo#1710716 - Remove Expired Root Certificates from NSS - QuoVadis Root Certification Authority.
* bmo#1708307 - Remove Trustis FPS Root CA from NSS.
* bmo#1707097 - Add Certum Trusted Root CA to NSS.
* bmo#1707097 - Add Certum EC-384 CA to NSS.
* bmo#1703942 - Add ANF Secure Server Root CA to NSS.
* bmo#1697071 - Add GLOBALTRUST 2020 root cert to NSS.
* bmo#1712184 - NSS tools manpages need to be updated to reflect that sqlite is the default database.
* bmo#1712230 - Don't build ppc-gcm.s with clang integrated assembler.
* bmo#1712211 - Strict prototype error when trying to compile nss code that includes blapi.h.
* bmo#1710773 - NSS needs FIPS 180-3 FIPS indicators.
* bmo#1709291 - Add VerifyCodeSigningCertificateChain.
update to NSS 3.65
* bmo#1709654 - Update for NetBSD configuration.
* bmo#1709750 - Disable HPKE test when fuzzing.
* bmo#1566124 - Optimize AES-GCM for ppc64le.
* bmo#1699021 - Add AES-256-GCM to HPKE.
* bmo#1698419 - ECH -10 updates.
* bmo#1692930 - Update HPKE to final version.
* bmo#1707130 - NSS should use modern algorithms in PKCS#12 files by default.
* bmo#1703936 - New coverity/cpp scanner errors.
* bmo#1697303 - NSS needs to update it's csp clearing to FIPS 180-3 standards.
* bmo#1702663 - Need to support RSA PSS with Hashing PKCS #11 Mechanisms.
* bmo#1705119 - Deadlock when using GCM and non-thread safe tokens.
update to NSS 3.64
* bmo#1705286 - Properly detect mips64.
* bmo#1687164 - Introduce NSS_DISABLE_CRYPTO_VSX and
disable_crypto_vsx.
* bmo#1698320 - replace __builtin_cpu_supports('vsx') with
ppc_crypto_support() for clang.
* bmo#1613235 - Add POWER ChaCha20 stream cipher vector
acceleration.
Fixed in 3.63
* bmo#1697380 - Make a clang-format run on top of helpful contributions.
* bmo#1683520 - ECCKiila P384, change syntax of nested structs
initialization to prevent build isses with GCC 4.8.
* bmo#1683520 - [lib/freebl/ecl] P-384: allow zero scalars in dual
scalar multiplication.
* bmo#1683520 - ECCKiila P521, change syntax of nested structs
initialization to prevent build isses with GCC 4.8.
* bmo#1683520 - [lib/freebl/ecl] P-521: allow zero scalars in dual
scalar multiplication.
* bmo#1696800 - HACL* update March 2021 - c95ab70fcb2bc21025d8845281bc4bc8987ca683.
* bmo#1694214 - tstclnt can't enable middlebox compat mode.
* bmo#1694392 - NSS does not work with PKCS #11 modules not supporting
profiles.
* bmo#1685880 - Minor fix to prevent unused variable on early return.
* bmo#1685880 - Fix for the gcc compiler version 7 to support setenv
with nss build.
* bmo#1693217 - Increase nssckbi.h version number for March 2021 batch
of root CA changes, CA list version 2.48.
* bmo#1692094 - Set email distrust after to 21-03-01 for Camerfirma's
'Chambers of Commerce' and 'Global Chambersign' roots.
* bmo#1618407 - Symantec root certs - Set CKA_NSS_EMAIL_DISTRUST_AFTER.
* bmo#1693173 - Add GlobalSign R45, E45, R46, and E46 root certs to NSS.
* bmo#1683738 - Add AC RAIZ FNMT-RCM SERVIDORES SEGUROS root cert to NSS.
* bmo#1686854 - Remove GeoTrust PCA-G2 and VeriSign Universal root certs
from NSS.
* bmo#1687822 - Turn off Websites trust bit for the “Staat der
Nederlanden Root CA - G3” root cert in NSS.
* bmo#1692094 - Turn off Websites Trust Bit for 'Chambers of Commerce
Root - 2008' and 'Global Chambersign Root - 2008’.
* bmo#1694291 - Tracing fixes for ECH.
update to NSS 3.62
* bmo#1688374 - Fix parallel build NSS-3.61 with make
* bmo#1682044 - pkix_Build_GatherCerts() + pkix_CacheCert_Add()
can corrupt 'cachedCertTable'
* bmo#1690583 - Fix CH padding extension size calculation
* bmo#1690421 - Adjust 3.62 ABI report formatting for new libabigail
* bmo#1690421 - Install packaged libabigail in docker-builds image
* bmo#1689228 - Minor ECH -09 fixes for interop testing, fuzzing
* bmo#1674819 - Fixup a51fae403328, enum type may be signed
* bmo#1681585 - Add ECH support to selfserv
* bmo#1681585 - Update ECH to Draft-09
* bmo#1678398 - Add Export/Import functions for HPKE context
* bmo#1678398 - Update HPKE to draft-07
update to NSS 3.61
* bmo#1682071 - Fix issue with IKE Quick mode deriving incorrect key
values under certain conditions.
* bmo#1684300 - Fix default PBE iteration count when NSS is compiled
with NSS_DISABLE_DBM.
* bmo#1651411 - Improve constant-timeness in RSA operations.
* bmo#1677207 - Upgrade Google Test version to latest release.
* bmo#1654332 - Add aarch64-make target to nss-try.
Update to NSS 3.60.1:
Notable changes in NSS 3.60:
* TLS 1.3 Encrypted Client Hello (draft-ietf-tls-esni-08) support
has been added, replacing the previous ESNI (draft-ietf-tls-esni-01)
implementation. See bmo#1654332 for more information.
* December 2020 batch of Root CA changes, builtins library updated
to version 2.46. See bmo#1678189, bmo#1678166, and bmo#1670769
for more information.
Update to NSS 3.59.1:
* bmo#1679290 - Fix potential deadlock with certain third-party
PKCS11 modules
Update to NSS 3.59:
Notable changes:
* Exported two existing functions from libnss:
CERT_AddCertToListHeadWithData and CERT_AddCertToListTailWithData
Bugfixes
* bmo#1607449 - Lock cert->nssCertificate to prevent a potential data race
* bmo#1672823 - Add Wycheproof test cases for HMAC, HKDF, and DSA
* bmo#1663661 - Guard against NULL token in nssSlot_IsTokenPresent
* bmo#1670835 - Support enabling and disabling signatures via Crypto Policy
* bmo#1672291 - Resolve libpkix OCSP failures on SHA1 self-signed
root certs when SHA1 signatures are disabled.
* bmo#1644209 - Fix broken SelectedCipherSuiteReplacer filter to
solve some test intermittents
* bmo#1672703 - Tolerate the first CCS in TLS 1.3 to fix a regression in
our CVE-2020-25648 fix that broke purple-discord
(boo#1179382)
* bmo#1666891 - Support key wrap/unwrap with RSA-OAEP
* bmo#1667989 - Fix gyp linking on Solaris
* bmo#1668123 - Export CERT_AddCertToListHeadWithData and
CERT_AddCertToListTailWithData from libnss
* bmo#1634584 - Set CKA_NSS_SERVER_DISTRUST_AFTER for Trustis FPS Root CA
* bmo#1663091 - Remove unnecessary assertions in the streaming
ASN.1 decoder that affected decoding certain PKCS8
private keys when using NSS debug builds
* bmo#670839 - Use ARM crypto extension for AES, SHA1 and SHA2 on MacOS.
update to NSS 3.58
Bugs fixed:
* bmo#1641480 (CVE-2020-25648)
Tighten CCS handling for middlebox compatibility mode.
* bmo#1631890 - Add support for Hybrid Public Key Encryption
(draft-irtf-cfrg-hpke) support for TLS Encrypted Client Hello
(draft-ietf-tls-esni).
* bmo#1657255 - Add CI tests that disable SHA1/SHA2 ARM crypto
extensions.
* bmo#1668328 - Handle spaces in the Python path name when using
gyp on Windows.
* bmo#1667153 - Add PK11_ImportDataKey for data object import.
* bmo#1665715 - Pass the embedded SCT list extension (if present)
to TrustDomain::CheckRevocation instead of the notBefore value.
update to NSS 3.57
* The following CA certificates were Added:
bmo#1663049 - CN=Trustwave Global Certification Authority
SHA-256 Fingerprint: 97552015F5DDFC3C8788C006944555408894450084F100867086BC1A2BB58DC8
bmo#1663049 - CN=Trustwave Global ECC P256 Certification Authority
SHA-256 Fingerprint: 945BBC825EA554F489D1FD51A73DDF2EA624AC7019A05205225C22A78CCFA8B4
bmo#1663049 - CN=Trustwave Global ECC P384 Certification Authority
SHA-256 Fingerprint: 55903859C8C0C3EBB8759ECE4E2557225FF5758BBD38EBD48276601E1BD58097
* The following CA certificates were Removed:
bmo#1651211 - CN=EE Certification Centre Root CA
SHA-256 Fingerprint: 3E84BA4342908516E77573C0992F0979CA084E4685681FF195CCBA8A229B8A76
bmo#1656077 - O=Government Root Certification Authority; C=TW
SHA-256 Fingerprint: 7600295EEFE85B9E1FD624DB76062AAAAE59818A54D2774CD4C0B2C01131E1B3
* Trust settings for the following CA certificates were Modified:
bmo#1653092 - CN=OISTE WISeKey Global Root GA CA
Websites (server authentication) trust bit removed.
* https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.57_release_notes
update to NSS 3.56
Notable changes
* bmo#1650702 - Support SHA-1 HW acceleration on ARMv8
* bmo#1656981 - Use MPI comba and mulq optimizations on x86-64 MacOS.
* bmo#1654142 - Add CPU feature detection for Intel SHA extension.
* bmo#1648822 - Add stricter validation of DH keys in FIPS mode.
* bmo#1656986 - Properly detect arm64 during GYP build architecture
detection.
* bmo#1652729 - Add build flag to disable RC2 and relocate to
lib/freebl/deprecated.
* bmo#1656429 - Correct RTT estimate used in 0-RTT anti-replay.
* bmo#1588941 - Send empty certificate message when scheme selection
fails.
* bmo#1652032 - Fix failure to build in Windows arm64 makefile
cross-compilation.
* bmo#1625791 - Fix deadlock issue in nssSlot_IsTokenPresent.
* bmo#1653975 - Fix 3.53 regression by setting 'all' as the default
makefile target.
* bmo#1659792 - Fix broken libpkix tests with unexpired PayPal cert.
* bmo#1659814 - Fix interop.sh failures with newer tls-interop
commit and dependencies.
* bmo#1656519 - NSPR dependency updated to 4.28
update to NSS 3.55
Notable changes
* P384 and P521 elliptic curve implementations are replaced with
verifiable implementations from Fiat-Crypto [0] and ECCKiila [1].
* PK11_FindCertInSlot is added. With this function, a given slot
can be queried with a DER-Encoded certificate, providing performance
and usability improvements over other mechanisms. (bmo#1649633)
* DTLS 1.3 implementation is updated to draft-38. (bmo#1647752)
Relevant Bugfixes
* bmo#1631583 (CVE-2020-6829, CVE-2020-12400) - Replace P384 and
P521 with new, verifiable implementations from Fiat-Crypto and ECCKiila.
* bmo#1649487 - Move overzealous assertion in VFY_EndWithSignature.
* bmo#1631573 (CVE-2020-12401) - Remove unnecessary scalar padding.
* bmo#1636771 (CVE-2020-12403) - Explicitly disable multi-part
ChaCha20 (which was not functioning correctly) and more strictly
enforce tag length.
* bmo#1649648 - Don't memcpy zero bytes (sanitizer fix).
* bmo#1649316 - Don't memcpy zero bytes (sanitizer fix).
* bmo#1649322 - Don't memcpy zero bytes (sanitizer fix).
* bmo#1653202 - Fix initialization bug in blapitest when compiled
with NSS_DISABLE_DEPRECATED_SEED.
* bmo#1646594 - Fix AVX2 detection in makefile builds.
* bmo#1649633 - Add PK11_FindCertInSlot to search a given slot
for a DER-encoded certificate.
* bmo#1651520 - Fix slotLock race in NSC_GetTokenInfo.
* bmo#1647752 - Update DTLS 1.3 implementation to draft-38.
* bmo#1649190 - Run cipher, sdr, and ocsp tests under standard test cycle in CI.
* bmo#1649226 - Add Wycheproof ECDSA tests.
* bmo#1637222 - Consistently enforce IV requirements for DES and 3DES.
* bmo#1067214 - Enforce minimum PKCS#1 v1.5 padding length in
RSA_CheckSignRecover.
* bmo#1646324 - Advertise PKCS#1 schemes for certificates in the
signature_algorithms extension.
update to NSS 3.54
Notable changes
* Support for TLS 1.3 external pre-shared keys (bmo#1603042).
* Use ARM Cryptography Extension for SHA256, when available
(bmo#1528113)
* The following CA certificates were Added:
bmo#1645186 - certSIGN Root CA G2.
bmo#1645174 - e-Szigno Root CA 2017.
bmo#1641716 - Microsoft ECC Root Certificate Authority 2017.
bmo#1641716 - Microsoft RSA Root Certificate Authority 2017.
* The following CA certificates were Removed:
bmo#1645199 - AddTrust Class 1 CA Root.
bmo#1645199 - AddTrust External CA Root.
bmo#1641718 - LuxTrust Global Root 2.
bmo#1639987 - Staat der Nederlanden Root CA - G2.
bmo#1618402 - Symantec Class 2 Public Primary Certification Authority - G4.
bmo#1618402 - Symantec Class 1 Public Primary Certification Authority - G4.
bmo#1618402 - VeriSign Class 3 Public Primary Certification Authority - G3.
* A number of certificates had their Email trust bit disabled.
See bmo#1618402 for a complete list.
Bugs fixed
* bmo#1528113 - Use ARM Cryptography Extension for SHA256.
* bmo#1603042 - Add TLS 1.3 external PSK support.
* bmo#1642802 - Add uint128 support for HACL* curve25519 on Windows.
* bmo#1645186 - Add 'certSIGN Root CA G2' root certificate.
* bmo#1645174 - Add Microsec's 'e-Szigno Root CA 2017' root certificate.
* bmo#1641716 - Add Microsoft's non-EV root certificates.
* bmo1621151 - Disable email trust bit for 'O=Government
Root Certification Authority; C=TW' root.
* bmo#1645199 - Remove AddTrust root certificates.
* bmo#1641718 - Remove 'LuxTrust Global Root 2' root certificate.
* bmo#1639987 - Remove 'Staat der Nederlanden Root CA - G2' root
certificate.
* bmo#1618402 - Remove Symantec root certificates and disable email trust
bit.
* bmo#1640516 - NSS 3.54 should depend on NSPR 4.26.
* bmo#1642146 - Fix undefined reference to `PORT_ZAlloc_stub' in seed.c.
* bmo#1642153 - Fix infinite recursion building NSS.
* bmo#1642638 - Fix fuzzing assertion crash.
* bmo#1642871 - Enable SSL_SendSessionTicket after resumption.
* bmo#1643123 - Support SSL_ExportEarlyKeyingMaterial with External PSKs.
* bmo#1643557 - Fix numerous compile warnings in NSS.
* bmo#1644774 - SSL gtests to use ClearServerCache when resetting
self-encrypt keys.
* bmo#1645479 - Don't use SECITEM_MakeItem in secutil.c.
* bmo#1646520 - Stricter enforcement of ASN.1 INTEGER encoding.
ModerateSUSE bug 1029961SUSE bug 1174697SUSE bug 1176206SUSE bug 1176934SUSE bug 1179382SUSE bug 1188891CVE-2020-12400 at SUSECVE-2020-12400 at NVDCVE-2020-12401 at SUSECVE-2020-12401 at NVDCVE-2020-12403 at SUSECVE-2020-12403 at NVDCVE-2020-25648 at SUSECVE-2020-25648 at NVDCVE-2020-6829 at SUSECVE-2020-6829 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for muttSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The mailreader mutt was updated to fix a security issue in displaying mail
headers, where a crafted e-mail could cause a heap overflow, which in turn
might be used by attackers to crash mutt or potentially even execute code.
Security Issues references:
* CVE-2014-0467
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467>
SUSE bug 868115SUSE bug 905481SUSE bug 907453CVE-2014-0467 at SUSECVE-2014-0467 at NVDCVE-2014-9116 at SUSECVE-2014-9116 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for mutt (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mutt fixes the following issues:
Security issues fixed:
- CVE-2018-14352: Fix imap_quote_string in imap/util.c that does not leave room for quote characters (bsc#1101582).
- CVE-2018-14353: Fix imap_quote_string in imap/util.c that has an integer underflow (bsc#1101581).
- CVE-2018-14362: Fix pop.c that does not forbid characters that may have unsafe interaction with message-cache pathnames (bsc#1101567).
- CVE-2018-14354: Fix arbitrary command execution from remote IMAP servers via backquote characters (bsc#1101578).
- CVE-2018-14356: Fix pop.c that mishandles a zero-length UID (bsc#1101576).
- CVE-2018-14355: Fix imap/util.c that mishandles '..' directory traversal in a mailbox name (bsc#1101577).
- CVE-2018-14349: Fix imap/command.c that mishandles a NO response without a message (bsc#1101589).
- CVE-2018-14350: Fix imap/message.c that has a stack-based buffer overflow for a FETCH response with along INTERNALDATE field (bsc#1101588).
- CVE-2018-14357: Fix that remote IMAP servers are allowed to execute arbitrary commands via backquote characters (bsc#1101573).
- CVE-2018-14359: Fix buffer overflow via base64 data (bsc#1101570).
- CVE-2018-14358: Fix imap/message.c that has a stack-based buffer overflow for a FETCH response with along RFC822.SIZE field (bsc#1101571).
Bug fixes:
- bsc#936807: On entering a 70 character subject line in mutt, a tab is added to the text after 67 characters.
ImportantSUSE bug 1101567SUSE bug 1101570SUSE bug 1101571SUSE bug 1101573SUSE bug 1101576SUSE bug 1101577SUSE bug 1101578SUSE bug 1101581SUSE bug 1101582SUSE bug 1101588SUSE bug 1101589SUSE bug 936807CVE-2018-14349 at SUSECVE-2018-14349 at NVDCVE-2018-14350 at SUSECVE-2018-14350 at NVDCVE-2018-14352 at SUSECVE-2018-14352 at NVDCVE-2018-14353 at SUSECVE-2018-14353 at NVDCVE-2018-14354 at SUSECVE-2018-14354 at NVDCVE-2018-14355 at SUSECVE-2018-14355 at NVDCVE-2018-14356 at SUSECVE-2018-14356 at NVDCVE-2018-14357 at SUSECVE-2018-14357 at NVDCVE-2018-14358 at SUSECVE-2018-14358 at NVDCVE-2018-14359 at SUSECVE-2018-14359 at NVDCVE-2018-14362 at SUSECVE-2018-14362 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for mutt (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mutt fixes the following issues:
- CVE-2020-14954: Fixed a response injection due to a STARTTLS buffering issue which was
affecting IMAP, SMTP, and POP3 (bsc#1173197).
- CVE-2020-14093: Fixed a potential IMAP Man-in-the-Middle attack via a PREAUTH response (bsc#1172906, bsc#1172935).
- CVE-2020-14154: Fixed an issue where Mutt was ignoring an expired certificate and was proceeding with a connection (bsc#1172906, bsc#1172935).
ImportantSUSE bug 1172906SUSE bug 1172935SUSE bug 1173197CVE-2020-14093 at SUSECVE-2020-14093 at NVDCVE-2020-14154 at SUSECVE-2020-14154 at NVDCVE-2020-14954 at SUSECVE-2020-14954 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mutt (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mutt fixes the following issues:
- CVE-2020-28896: incomplete connection termination could lead to sending credentials over unencrypted connections (bsc#1179035)
- Avoid that message with a million tiny parts can freeze MUA for several minutes (bsc#1179113)
ImportantSUSE bug 1179035SUSE bug 1179113CVE-2020-28896 at SUSECVE-2020-28896 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mutt (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mutt fixes the following issue:
- CVE-2021-3181: Fixed a memory leak in recipient parsing (bsc#1181221).
ModerateSUSE bug 1181221CVE-2021-3181 at SUSECVE-2021-3181 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mutt (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mutt fixes the following issues:
- CVE-2022-1328: Fixed an invalid memory access when reading untrusted uuencoded
data. This could result in including private memory in replies (bsc#1198518).
ModerateSUSE bug 1198518CVE-2022-1328 at SUSECVE-2022-1328 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mysql (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
MySQL was updated to version 5.5.45, fixing bugs and security issues.
A list of all changes can be found on:
- http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-45.html
- http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-44.html
To fix the 'BACKRONYM' security issue (CVE-2015-3152) the behaviour of
the SSL options was changed slightly to meet expectations:
Now using '--ssl-verify-server-cert' and '--ssl[-*]' implies that the ssl
connection is required. The mysql client will now print an error
if ssl is required, but the server can not handle a ssl
connection [bnc#924663], [bnc#928962], [CVE-2015-3152]
Additional bugs fixed:
- fix rc.mysql-multi script to start instances after restart
properly [bnc#934401].
ModerateSUSE bug 924663SUSE bug 928962SUSE bug 934401SUSE bug 938412CVE-2015-2582 at SUSECVE-2015-2582 at NVDCVE-2015-2611 at SUSECVE-2015-2611 at NVDCVE-2015-2617 at SUSECVE-2015-2617 at NVDCVE-2015-2620 at SUSECVE-2015-2620 at NVDCVE-2015-2639 at SUSECVE-2015-2639 at NVDCVE-2015-2641 at SUSECVE-2015-2641 at NVDCVE-2015-2643 at SUSECVE-2015-2643 at NVDCVE-2015-2648 at SUSECVE-2015-2648 at NVDCVE-2015-2661 at SUSECVE-2015-2661 at NVDCVE-2015-3152 at SUSECVE-2015-3152 at NVDCVE-2015-4737 at SUSECVE-2015-4737 at NVDCVE-2015-4752 at SUSECVE-2015-4752 at NVDCVE-2015-4756 at SUSECVE-2015-4756 at NVDCVE-2015-4757 at SUSECVE-2015-4757 at NVDCVE-2015-4761 at SUSECVE-2015-4761 at NVDCVE-2015-4767 at SUSECVE-2015-4767 at NVDCVE-2015-4769 at SUSECVE-2015-4769 at NVDCVE-2015-4771 at SUSECVE-2015-4771 at NVDCVE-2015-4772 at SUSECVE-2015-4772 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for mysql (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The mysql package was updated to version 5.5.46 to fixs several security and non security issues.
- bnc#951391: update to version 5.5.46
* changes:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-46.html
* fixed CVEs:
CVE-2015-1793, CVE-2015-0286, CVE-2015-0288, CVE-2015-1789,
CVE-2015-4730, CVE-2015-4766, CVE-2015-4792, CVE-2015-4800,
CVE-2015-4802, CVE-2015-4815, CVE-2015-4816, CVE-2015-4819,
CVE-2015-4826, CVE-2015-4830, CVE-2015-4833, CVE-2015-4836,
CVE-2015-4858, CVE-2015-4861, CVE-2015-4862, CVE-2015-4864,
CVE-2015-4866, CVE-2015-4870, CVE-2015-4879, CVE-2015-4890,
CVE-2015-4895, CVE-2015-4904, CVE-2015-4905, CVE-2015-4910,
CVE-2015-4913
- bnc#952196: Fixed a build error for ppc*, s390* and ia64 architectures.
ModerateSUSE bug 951391SUSE bug 952196CVE-2015-0286 at SUSECVE-2015-0286 at NVDCVE-2015-0288 at SUSECVE-2015-0288 at NVDCVE-2015-1789 at SUSECVE-2015-1789 at NVDCVE-2015-1793 at SUSECVE-2015-1793 at NVDCVE-2015-4730 at SUSECVE-2015-4730 at NVDCVE-2015-4766 at SUSECVE-2015-4766 at NVDCVE-2015-4792 at SUSECVE-2015-4792 at NVDCVE-2015-4800 at SUSECVE-2015-4800 at NVDCVE-2015-4802 at SUSECVE-2015-4802 at NVDCVE-2015-4815 at SUSECVE-2015-4815 at NVDCVE-2015-4816 at SUSECVE-2015-4816 at NVDCVE-2015-4819 at SUSECVE-2015-4819 at NVDCVE-2015-4826 at SUSECVE-2015-4826 at NVDCVE-2015-4830 at SUSECVE-2015-4830 at NVDCVE-2015-4833 at SUSECVE-2015-4833 at NVDCVE-2015-4836 at SUSECVE-2015-4836 at NVDCVE-2015-4858 at SUSECVE-2015-4858 at NVDCVE-2015-4861 at SUSECVE-2015-4861 at NVDCVE-2015-4862 at SUSECVE-2015-4862 at NVDCVE-2015-4864 at SUSECVE-2015-4864 at NVDCVE-2015-4866 at SUSECVE-2015-4866 at NVDCVE-2015-4870 at SUSECVE-2015-4870 at NVDCVE-2015-4879 at SUSECVE-2015-4879 at NVDCVE-2015-4890 at SUSECVE-2015-4890 at NVDCVE-2015-4895 at SUSECVE-2015-4895 at NVDCVE-2015-4904 at SUSECVE-2015-4904 at NVDCVE-2015-4905 at SUSECVE-2015-4905 at NVDCVE-2015-4910 at SUSECVE-2015-4910 at NVDCVE-2015-4913 at SUSECVE-2015-4913 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for mysql (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update to MySQL 5.5.47 fixes the following issues (bsc#962779):
- CVE-2015-7744: Lack of verification against faults associated with the Chinese Remainder Theorem (CRT) process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote attackers to obtain private RSA keys by capturing TLS handshakes, aka a Lenstra attack.
- CVE-2016-0502: Unspecified vulnerability in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
- CVE-2016-0505: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to Options.
- CVE-2016-0546: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client.
- CVE-2016-0596: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier allows remote authenticated users to affect availability via vectors related to DML.
- CVE-2016-0597: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
- CVE-2016-0598: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML.
- CVE-2016-0600: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
- CVE-2016-0606: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 allows remote authenticated users to affect integrity via unknown vectors related to encryption.
- CVE-2016-0608: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 allows remote authenticated users to affect availability via vectors related to UDF.
- CVE-2016-0609: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to privileges.
- CVE-2016-0616: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
- bsc#959724: Possible buffer overflow from incorrect use of strcpy() and sprintf()
The following bugs were fixed:
- bsc#960961: Incorrect use of plugin-load option in default_plugins.cnf
ModerateSUSE bug 959724SUSE bug 960961SUSE bug 962779CVE-2015-7744 at SUSECVE-2015-7744 at NVDCVE-2016-0502 at SUSECVE-2016-0502 at NVDCVE-2016-0505 at SUSECVE-2016-0505 at NVDCVE-2016-0546 at SUSECVE-2016-0546 at NVDCVE-2016-0596 at SUSECVE-2016-0596 at NVDCVE-2016-0597 at SUSECVE-2016-0597 at NVDCVE-2016-0598 at SUSECVE-2016-0598 at NVDCVE-2016-0600 at SUSECVE-2016-0600 at NVDCVE-2016-0606 at SUSECVE-2016-0606 at NVDCVE-2016-0608 at SUSECVE-2016-0608 at NVDCVE-2016-0609 at SUSECVE-2016-0609 at NVDCVE-2016-0616 at SUSECVE-2016-0616 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for mysql (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
mysql was updated to version 5.5.49 to fix 13 security issues.
These security issues were fixed:
- CVE-2016-0644: Unspecified vulnerability allowed local users to affect availability via vectors related to DDL (bsc#976341).
- CVE-2016-0646: Unspecified vulnerability allowed local users to affect availability via vectors related to DML (bsc#976341).
- CVE-2016-0647: Unspecified vulnerability allowed local users to affect availability via vectors related to FTS (bsc#976341).
- CVE-2016-0640: Unspecified vulnerability allowed local users to affect integrity and availability via vectors related to DML (bsc#976341).
- CVE-2016-0641: Unspecified vulnerability allowed local users to affect confidentiality and availability via vectors related to MyISAM (bsc#976341).
- CVE-2016-0642: Unspecified vulnerability allowed local users to affect integrity and availability via vectors related to Federated (bsc#976341).
- CVE-2016-0643: Unspecified vulnerability allowed local users to affect confidentiality via vectors related to DML (bsc#976341).
- CVE-2016-0666: Unspecified vulnerability allowed local users to affect availability via vectors related to Security: Privileges (bsc#976341).
- CVE-2016-0651: Unspecified vulnerability allowed local users to affect availability via vectors related to Optimizer (bsc#976341).
- CVE-2016-0650: Unspecified vulnerability allowed local users to affect availability via vectors related to Replication (bsc#976341).
- CVE-2016-0648: Unspecified vulnerability allowed local users to affect availability via vectors related to PS (bsc#976341).
- CVE-2016-0649: Unspecified vulnerability allowed local users to affect availability via vectors related to PS (bsc#976341).
- CVE-2016-2047: The ssl_verify_server_cert function in sql-common/client.c did not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allowed man-in-the-middle attackers to spoof SSL servers via a '/CN=' string in a field in a certificate, as demonstrated by '/OU=/CN=bar.com/CN=foo.com (bsc#963806).
More details are available at
- http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-49.html
- http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-48.html
ImportantSUSE bug 963806SUSE bug 976341CVE-2016-0640 at SUSECVE-2016-0640 at NVDCVE-2016-0641 at SUSECVE-2016-0641 at NVDCVE-2016-0642 at SUSECVE-2016-0642 at NVDCVE-2016-0643 at SUSECVE-2016-0643 at NVDCVE-2016-0644 at SUSECVE-2016-0644 at NVDCVE-2016-0646 at SUSECVE-2016-0646 at NVDCVE-2016-0647 at SUSECVE-2016-0647 at NVDCVE-2016-0648 at SUSECVE-2016-0648 at NVDCVE-2016-0649 at SUSECVE-2016-0649 at NVDCVE-2016-0650 at SUSECVE-2016-0650 at NVDCVE-2016-0651 at SUSECVE-2016-0651 at NVDCVE-2016-0666 at SUSECVE-2016-0666 at NVDCVE-2016-2047 at SUSECVE-2016-2047 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mysql (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mysql fixes the following issues:
- bsc#959724: fix incorrect usage of sprintf/strcpy that caused possible buffer overflow issues at various places
On SUSE Linux Enterprise 11 SP4 this fix was not yet shipped:
- Increase the key length (to 2048 bits) used in vio/viosslfactories.c for creating
Diffie-Hellman keys (Logjam Attack) [bnc#934789] [CVE-2015-4000]
ModerateSUSE bug 934789SUSE bug 959724CVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mysql (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This mysql update to verson 5.5.52 fixes the following issues:
Security issues fixed:
- CVE-2016-3477: Fixed unspecified vulnerability in subcomponent parser (bsc#989913).
- CVE-2016-3521: Fixed unspecified vulnerability in subcomponent types (bsc#989919).
- CVE-2016-3615: Fixed unspecified vulnerability in subcomponent dml (bsc#989922).
- CVE-2016-5440: Fixed unspecified vulnerability in subcomponent rbr (bsc#989926).
- CVE-2016-6662: A malicious user with SQL and filesystem access could create
a my.cnf in the datadir and , under certain circumstances, execute
arbitrary code as mysql (or even root) user. (bsc#998309)
More details can be found on:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-51.html
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-50.html
Bugs fixed:
- bsc#967374: properly restart mysql multi instances during upgrade
- bnc#937258: multi script to restart after crash
ImportantSUSE bug 937258SUSE bug 967374SUSE bug 989913SUSE bug 989919SUSE bug 989922SUSE bug 989926SUSE bug 998309CVE-2016-3477 at SUSECVE-2016-3477 at NVDCVE-2016-3521 at SUSECVE-2016-3521 at NVDCVE-2016-3615 at SUSECVE-2016-3615 at NVDCVE-2016-5440 at SUSECVE-2016-5440 at NVDCVE-2016-6662 at SUSECVE-2016-6662 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for mysql (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This mysql version update to 5.5.53 fixes the following issues:
- CVE-2016-6662: Unspecified vulnerability in subcomponent Logging (bsc#1005580)
- CVE-2016-7440: Unspecified vulnerability in subcomponent Encryption (bsc#1005581)
- CVE-2016-5584: Unspecified vulnerability in subcomponent Encryption (bsc#1005558)
Release Notes:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-53.html
ImportantSUSE bug 1005558SUSE bug 1005580SUSE bug 1005581CVE-2016-5584 at SUSECVE-2016-5584 at NVDCVE-2016-6662 at SUSECVE-2016-6662 at NVDCVE-2016-7440 at SUSECVE-2016-7440 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mysql (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This mysql version update to 5.5.54 fixes the following issues:
- CVE-2017-3318: Unspecified vulnerability affecting Error Handling (bsc#1020896)
- CVE-2017-3317: Unspecified vulnerability affecting Logging (bsc#1020894)
- CVE-2017-3313: Unspecified vulnerability affecting the MyISAM component (bsc#1020890)
- CVE-2017-3312: Insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 (bsc#1020873)
- CVE-2017-3291: Unrestricted mysqld_safe's ledir (bsc#1020884)
- CVE-2017-3265: Unsafe chmod/chown use in init script (bsc#1020885)
- CVE-2017-3258: Unspecified vulnerability in the DDL component (bsc#1020875)
- CVE-2017-3244: Unspecified vulnerability affecing the DML component (bsc#1020877)
- CVE-2017-3243: Unspecified vulnerability affecting the Charsets component (bsc#1020891)
- CVE-2017-3238: Unspecified vulnerability affecting the Optimizer component (bsc#1020882)
- Applications using the client library for MySQL (libmysqlclient.so) had a use-after-free issue that could cause the applications to crash (bsc#1022428)
Release Notes:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-54.html
ImportantSUSE bug 1020868SUSE bug 1020873SUSE bug 1020875SUSE bug 1020877SUSE bug 1020882SUSE bug 1020884SUSE bug 1020885SUSE bug 1020890SUSE bug 1020891SUSE bug 1020894SUSE bug 1020896SUSE bug 1022428CVE-2017-3238 at SUSECVE-2017-3238 at NVDCVE-2017-3243 at SUSECVE-2017-3243 at NVDCVE-2017-3244 at SUSECVE-2017-3244 at NVDCVE-2017-3258 at SUSECVE-2017-3258 at NVDCVE-2017-3265 at SUSECVE-2017-3265 at NVDCVE-2017-3291 at SUSECVE-2017-3291 at NVDCVE-2017-3312 at SUSECVE-2017-3312 at NVDCVE-2017-3313 at SUSECVE-2017-3313 at NVDCVE-2017-3317 at SUSECVE-2017-3317 at NVDCVE-2017-3318 at SUSECVE-2017-3318 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for mysql (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mysql to version 5.5.55 fixes the following issues:
These security issues were fixed:
- CVE-2017-3308: Unspecified vulnerability in Server: DML (bsc#1034850)
- CVE-2017-3309: Unspecified vulnerability in Server: Optimizer (bsc#1034850)
- CVE-2017-3329: Unspecified vulnerability in Server: Thread (bsc#1034850)
- CVE-2017-3600: Unspecified vulnerability in Client: mysqldump (bsc#1034850)
- CVE-2017-3453: Unspecified vulnerability in Server: Optimizer (bsc#1034850)
- CVE-2017-3456: Unspecified vulnerability in Server: DML (bsc#1034850)
- CVE-2017-3463: Unspecified vulnerability in Server: Security (bsc#1034850)
- CVE-2017-3462: Unspecified vulnerability in Server: Security (bsc#1034850)
- CVE-2017-3461: Unspecified vulnerability in Server: Security (bsc#1034850)
- CVE-2017-3464: Unspecified vulnerability in Server: DDL (bsc#1034850)
- CVE-2017-3305: MySQL client sent authentication request unencrypted even if SSL was required (aka Ridddle) (bsc#1029396).
- CVE-2016-5483: Mysqldump failed to properly quote certain identifiers in SQL statements written to the dump output, allowing for execution of arbitrary commands (bsc#1029014)
- '--ssl-mode=REQUIRED' can be specified to require a secure connection (it fails if a secure connection cannot be obtained)
This non-security issue was fixed:
- Set the default umask to 077 in rc.mysql-multi [bsc#1020976]
For additional changes please see
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-55.html
Note: The issue tracked in bsc#1022428 and fixed in the last update was
assigned CVE-2017-3302.
ImportantSUSE bug 1020976SUSE bug 1022428SUSE bug 1029014SUSE bug 1029396SUSE bug 1034850CVE-2017-3302 at SUSECVE-2017-3302 at NVDCVE-2017-3305 at SUSECVE-2017-3305 at NVDCVE-2017-3308 at SUSECVE-2017-3308 at NVDCVE-2017-3309 at SUSECVE-2017-3309 at NVDCVE-2017-3329 at SUSECVE-2017-3329 at NVDCVE-2017-3453 at SUSECVE-2017-3453 at NVDCVE-2017-3456 at SUSECVE-2017-3456 at NVDCVE-2017-3461 at SUSECVE-2017-3461 at NVDCVE-2017-3462 at SUSECVE-2017-3462 at NVDCVE-2017-3463 at SUSECVE-2017-3463 at NVDCVE-2017-3464 at SUSECVE-2017-3464 at NVDCVE-2017-3600 at SUSECVE-2017-3600 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mysql (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mysql fixes the following issues:
- CVE-2017-3635: C API unspecified vulnerability (bsc#1049398)
- CVE-2017-3636: Client programs unspecified vulnerability (bsc#1049399)
- CVE-2017-3641: DML unspecified vulnerability (bsc#1049404)
- CVE-2017-3648: Charsets unspecified vulnerability (bsc#1049411)
- CVE-2017-3651: Client mysqldump unspecified vulnerability (bsc#1049415)
- CVE-2017-3652: DDL unspecified vulnerability (bsc#1049416)
- CVE-2017-3653: DDL unspecified vulnerability (bsc#1049417)
ModerateSUSE bug 1049398SUSE bug 1049399SUSE bug 1049404SUSE bug 1049411SUSE bug 1049415SUSE bug 1049416SUSE bug 1049417SUSE bug 1049422CVE-2017-3635 at SUSECVE-2017-3635 at NVDCVE-2017-3636 at SUSECVE-2017-3636 at NVDCVE-2017-3641 at SUSECVE-2017-3641 at NVDCVE-2017-3648 at SUSECVE-2017-3648 at NVDCVE-2017-3651 at SUSECVE-2017-3651 at NVDCVE-2017-3652 at SUSECVE-2017-3652 at NVDCVE-2017-3653 at SUSECVE-2017-3653 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mysql (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mysql to version 5.5.58 fixes the following issues:
Fixed security issues:
- CVE-2017-10268: issue inside subcomponent Server Replication [bsc#1064101]
- CVE-2017-10378: issue inside subcomponent Server Optimizer [bsc#1064115]
- CVE-2017-10379: issue inside subcomponent Client programs [bsc#1064116]
- CVE-2017-10384: issue inside subcomponent Server DDL [bsc#1064117]
For a full list of changes check:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-58.html
ImportantSUSE bug 1064101SUSE bug 1064115SUSE bug 1064116SUSE bug 1064117SUSE bug 1064119CVE-2017-10268 at SUSECVE-2017-10268 at NVDCVE-2017-10378 at SUSECVE-2017-10378 at NVDCVE-2017-10379 at SUSECVE-2017-10379 at NVDCVE-2017-10384 at SUSECVE-2017-10384 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for mysql (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mysql to version 5.5.59 fixes several issues.
These security issues were fixed:
- CVE-2018-2622: Vulnerability in the subcomponent: Server: DDL. Easily
exploitable vulnerability allowed low privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server (bsc#1076369)
- CVE-2018-2562: Vulnerability in the subcomponent: Server : Partition. Easily
exploitable vulnerability allowed low privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server as well as unauthorized update,
insert or delete access to some of MySQL Server accessible data (bsc#1076369)
- CVE-2018-2640: Vulnerability in the subcomponent: Server: Optimizer. Easily
exploitable vulnerability allowed low privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server (bsc#1076369)
- CVE-2018-2665: Vulnerability in the subcomponent: Server: Optimizer. Easily
exploitable vulnerability allowed low privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server (bsc#1076369)
- CVE-2018-2668: Vulnerability in the subcomponent: Server: Optimizer. Easily
exploitable vulnerability allowed low privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server (bsc#1076369)
For additional changes please see http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-59.html
ModerateSUSE bug 1076369CVE-2018-2562 at SUSECVE-2018-2562 at NVDCVE-2018-2622 at SUSECVE-2018-2622 at NVDCVE-2018-2640 at SUSECVE-2018-2640 at NVDCVE-2018-2665 at SUSECVE-2018-2665 at NVDCVE-2018-2668 at SUSECVE-2018-2668 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3security update for mysql (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update fixes the following issues:
- Update to 5.5.60 in Oracle Apr2018 CPU (bsc#1089987).
- CVE-2018-2761: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
- CVE-2018-2755: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
- CVE-2018-2781: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
- CVE-2018-2819: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
- CVE-2018-2818: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
- CVE-2018-2817: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
- CVE-2018-2771: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
- CVE-2018-2813: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).
- CVE-2018-2773: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateSUSE bug 1089987CVE-2018-2755 at SUSECVE-2018-2755 at NVDCVE-2018-2761 at SUSECVE-2018-2761 at NVDCVE-2018-2771 at SUSECVE-2018-2771 at NVDCVE-2018-2773 at SUSECVE-2018-2773 at NVDCVE-2018-2781 at SUSECVE-2018-2781 at NVDCVE-2018-2813 at SUSECVE-2018-2813 at NVDCVE-2018-2817 at SUSECVE-2018-2817 at NVDCVE-2018-2818 at SUSECVE-2018-2818 at NVDCVE-2018-2819 at SUSECVE-2018-2819 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mysql (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for mysql to version 5.5.61 fixes the following issues:
The following security vulnerabilities were addressed:
- CVE-2018-3066: Fixed a difficult to exploit vulnerability that allowed high
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized update, insert or delete access to some of MySQL Server
accessible data as well as unauthorized read access to a subset of MySQL
Server accessible data. (bsc#1101678)
- CVE-2018-3070: Fixed an easily exploitable vulnerability that allowed low
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server. (bsc#1101679)
- CVE-2018-3081: Fixed a difficult to exploit vulnerability that allowed high
privileged attacker with network access via multiple protocols to compromise
MySQL Client. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Client as well as unauthorized update, insert or
delete access to some of MySQL Client accessible data. (bsc#1101680)
- CVE-2018-3058: Fixed an easily exploitable vulnerability that allowed low
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized update, insert or delete access to some of MySQL Server
accessible data. (bsc#1101676)
- CVE-2018-3063: Fixed an easily exploitable vulnerability allowed high
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server. (bsc#1101677)
You can find more detailed information about this update in the
[release notes](http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-61.html)
ModerateSUSE bug 1101676SUSE bug 1101677SUSE bug 1101678SUSE bug 1101679SUSE bug 1101680CVE-2018-3058 at SUSECVE-2018-3058 at NVDCVE-2018-3063 at SUSECVE-2018-3063 at NVDCVE-2018-3066 at SUSECVE-2018-3066 at NVDCVE-2018-3070 at SUSECVE-2018-3070 at NVDCVE-2018-3081 at SUSECVE-2018-3081 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mysql (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
MySQL server was updated to version 5.5.62, fixing bugs and security issues.
Changes:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-62.html
Following security issues were fixed:
- CVE-2016-9843: The crc32_big function in zlib might have allowed context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. (bsc#1013882)
Please note that SUSE uses the system zlib, not the embedded copy.
- CVE-2018-3133: Authenticated low privilege attackers could cause denial of service attacks (hangs or crashes) against the mysql server (bsc#1112369)
- CVE-2018-3174: Authenticated high privilege attackers could cause denial of service attacks (hangs or crashes) against the mysql server (bsc#1112368)
- CVE-2018-3282: Authenticated high privilege attackers could cause denial of service attacks (hangs or crashes) against the mysql server (bsc#1112432)
ImportantSUSE bug 1013882SUSE bug 1112368SUSE bug 1112369SUSE bug 1112432CVE-2016-9843 at SUSECVE-2016-9843 at NVDCVE-2018-3133 at SUSECVE-2018-3133 at NVDCVE-2018-3174 at SUSECVE-2018-3174 at NVDCVE-2018-3282 at SUSECVE-2018-3282 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for nagiosSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The monitoring service Nagios has been updated to fix potential buffer
overflows in its CGI scripts. (CVE-2014-1878)
Security Issue reference:
* CVE-2014-1878
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1878>
SUSE bug 856837SUSE bug 864843CVE-2013-7108 at SUSECVE-2013-7108 at NVDCVE-2014-1878 at SUSECVE-2014-1878 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for nagios (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for nagios fixes the following issues:
- CVE-2016-8641 / CVE-2016-10089: fixed possible symlink attacks for files/directories created by root (bsc#1011630 / bsc#1018047)
ModerateSUSE bug 1011630SUSE bug 1018047CVE-2016-10089 at SUSECVE-2016-10089 at NVDCVE-2016-8641 at SUSECVE-2016-8641 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for nagios (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for nagios fixes the following issues:
- CVE-2016-9566: Fixed a root privilege escalation (bsc#1014637).
- CVE-2019-3698: Fixed a symbolic link vulnerability inside the cronjob, that allowed local attacker to cause a denial of service or pentential privilege escalation (bsc#1156309).
- CVE-2017-12847: Fixed a privilege escalation via PID file manipulation (bsc#1054163).
- CVE-2018-18245: Fixed a XSS vulnerability inside the alert summary report (bsc#1119832).
- Prevent log rotation to be repeatedly scheduled to the same time on a DST change (bsc#1114767).
ImportantSUSE bug 1014637SUSE bug 1054163SUSE bug 1114767SUSE bug 1119832SUSE bug 1156309CVE-2016-9566 at SUSECVE-2016-9566 at NVDCVE-2017-12847 at SUSECVE-2017-12847 at NVDCVE-2018-18245 at SUSECVE-2018-18245 at NVDCVE-2019-3698 at SUSECVE-2019-3698 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for nagios-nrpe, nagios-nrpe-debuginfo, nagios-nrpe-debugsource, nagios-nrpe-doc, nagios-plugins-nrpeSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
nagios-nrpe has been updated to prevent possible remote command execution
when command arguments are enabled. This issue affects versions 2.15 and
older.
Further information is available at
http://seclists.org/fulldisclosure/2014/Apr/240
<http://seclists.org/fulldisclosure/2014/Apr/240>
These security issues have been fixed:
* Remote command execution (CVE-2014-2913)
Security Issue references:
* CVE-2014-2913
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2913>
SUSE bug 807241SUSE bug 874743CVE-2013-1362 at SUSECVE-2013-1362 at NVDCVE-2014-2913 at SUSECVE-2014-2913 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for nagios-nrpe (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for nagios-nrpe fixes one issue.
This security issue was fixed:
- CVE-2015-4000: Prevent Logjam. The TLS protocol 1.2 and earlier, when a
DHE_EXPORT ciphersuite is enabled on a server but not on a client, did not
properly convey a DHE_EXPORT choice, which allowed man-in-the-middle attackers
to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE
replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT
replaced by DHE (bsc#938906).
ModerateSUSE bug 938906CVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for nagios-pluginsSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This security update fixes the following issues:
* Removed the requirement for root access from
plugins-root/check_icmp.c and plugins-root/check_icmp.c. The
necessary capabilities(7) were added to the README file.
* Fixed array out of bounds issue in plugins-root/check_dhcp.c.
Security Issues:
* CVE-2014-4701
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4701>
* CVE-2014-4702
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4702>
SUSE bug 885205SUSE bug 885207CVE-2014-4701 at SUSECVE-2014-4701 at NVDCVE-2014-4702 at SUSECVE-2014-4702 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for nautilus (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for nautilus fixes the following security issue:
- CVE-2017-14604: Fixed a file type spoofing attack by adding a
metadata::trusted attribute to a file once the user acknowledges the file as
trusted, and also remove the 'trusted' content in the desktop file
(bsc#1060031).
LowSUSE bug 1060031CVE-2017-14604 at SUSECVE-2017-14604 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for ncurses (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ncurses fixes the following issues:
Security issues fixed:
- CVE-2017-10684: Possible RCE via stack-based buffer overflow in the fmt_entry function. (bsc#1046858)
- CVE-2017-10685: Possible RCE with format string vulnerability in the fmt_entry function. (bsc#1046853)
ImportantSUSE bug 1046853SUSE bug 1046858CVE-2017-10684 at SUSECVE-2017-10684 at NVDCVE-2017-10685 at SUSECVE-2017-10685 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ncurses (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ncurses fixes the following issues:
Security issues fixed:
- CVE-2017-11112: Illegal address access in append_acs. (bsc#1047964)
- CVE-2017-11113: Dereferencing NULL pointer in _nc_parse_entry. (bsc#1047965)
- CVE-2017-10684, CVE-2017-10685: Add modified upstream fix from ncurses 6.0 to avoid broken
termcap format (bsc#1046853, bsc#1046858, bsc#1049344)
ModerateSUSE bug 1046853SUSE bug 1046858SUSE bug 1047964SUSE bug 1047965SUSE bug 1049344CVE-2017-10684 at SUSECVE-2017-10684 at NVDCVE-2017-10685 at SUSECVE-2017-10685 at NVDCVE-2017-11112 at SUSECVE-2017-11112 at NVDCVE-2017-11113 at SUSECVE-2017-11113 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ncurses (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ncurses fixes the following issues:
Security issues fixed:
- CVE-2017-13728: Fix infinite loop in the next_char function in comp_scan.c (bsc#1056136).
- CVE-2017-13729: Fix illegal address access in the _nc_save_str (bsc#1056132).
- CVE-2017-13730: Fix illegal address access in the function _nc_read_entry_source() (bsc#1056131).
- CVE-2017-13731: Fix illegal address access in the function postprocess_termcap() (bsc#1056129).
- CVE-2017-13732: Fix illegal address access in the function dump_uses() (bsc#1056128).
- CVE-2017-13733: Fix illegal address access in the fmt_entry function (bsc#1056127).
- CVE-2017-16879: Fix stack-based buffer overflow in the _nc_write_entry() function (bsc#1069530).
ImportantSUSE bug 1056127SUSE bug 1056128SUSE bug 1056129SUSE bug 1056131SUSE bug 1056132SUSE bug 1056136SUSE bug 1069530CVE-2017-13728 at SUSECVE-2017-13728 at NVDCVE-2017-13729 at SUSECVE-2017-13729 at NVDCVE-2017-13730 at SUSECVE-2017-13730 at NVDCVE-2017-13731 at SUSECVE-2017-13731 at NVDCVE-2017-13732 at SUSECVE-2017-13732 at NVDCVE-2017-13733 at SUSECVE-2017-13733 at NVDCVE-2017-16879 at SUSECVE-2017-16879 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ncurses (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ncurses fixes the following issues:
Security issue fixed:
- CVE-2017-13733: Fix illegal address access in the fmt_entry function (bsc#1056127).
ModerateSUSE bug 1056127CVE-2017-13733 at SUSECVE-2017-13733 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ncurses (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ncurses fixes the following issues:
Security issues fixed:
- CVE-2017-13728: Fixed an infinite loop in the next_char function (bsc#1056136).
- CVE-2017-13729: Fixed an illegal address access in the _nc_save_str (bsc#1056132).
- CVE-2017-13730: Fixed an illegal address access in the function _nc_read_entry_source (bsc#1056131).
- CVE-2017-13731: Fixed an illegal address access in the function postprocess_termcap (bsc#1056129).
- CVE-2017-13732: Fixed an illegal address access in the function dump_uses (bsc#1056128).
- CVE-2017-13733: Fixed an illegal address access in the fmt_entry function (bsc#1056127).
- CVE-2017-13734: Fixed an illegal address access in the _nc_safe_strcat (bsc#1056126).
- CVE-2018-10754: Fixed a denial of service caused by a NULL Pointer Dereference in the _nc_parse_entry() (bsc#1131830).
- CVE-2019-17595: Fixed a heap-based buffer over-read in the fmt_entry function (bsc#1154037)
ModerateSUSE bug 1056126SUSE bug 1056127SUSE bug 1056128SUSE bug 1056129SUSE bug 1056131SUSE bug 1056132SUSE bug 1056136SUSE bug 1131830SUSE bug 1154037CVE-2017-13728 at SUSECVE-2017-13728 at NVDCVE-2017-13729 at SUSECVE-2017-13729 at NVDCVE-2017-13730 at SUSECVE-2017-13730 at NVDCVE-2017-13731 at SUSECVE-2017-13731 at NVDCVE-2017-13732 at SUSECVE-2017-13732 at NVDCVE-2017-13733 at SUSECVE-2017-13733 at NVDCVE-2017-13734 at SUSECVE-2017-13734 at NVDCVE-2018-10754 at SUSECVE-2018-10754 at NVDCVE-2019-17595 at SUSECVE-2019-17595 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ncurses (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ncurses fixes the following issues:
Security issue fixed:
- CVE-2018-19211: Fixed NULL pointer dereference at function _nc_parse_entry in parse_entry.c (bsc#1115929).
Bug fixes:
- Modify bsc#1115929 patch to fix change in form_driver() that breaks ncurses-5.9 and the variable move_after_insert of ncurses-6.1 (bsc#1121450).
ImportantSUSE bug 1115929SUSE bug 1121450CVE-2018-19211 at SUSECVE-2018-19211 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ncurses (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ncurses fixes the following issues:
- CVE-2021-39537: Fixed an heap-based buffer overflow in _nc_captoinfo. (bsc#1190793)
ModerateSUSE bug 1190793CVE-2021-39537 at SUSECVE-2021-39537 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ncurses (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ncurses fixes the following issues:
- CVE-2023-29491: Fixed memory corruption issues when processing malformed terminfo data (bsc#1210434).
ModerateSUSE bug 1210434CVE-2023-29491 at SUSECVE-2023-29491 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for net-snmp (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
net-snmp was updated to fix one security vulnerability and several bugs.
- fix a vulnerability within the snmp_pdu_parse() function of snmp_api.c. (bnc#940188, CVE-2015-5621)
- Add build requirement 'procps' to fix a net-snmp-config error. (bsc#935863)
- add support for /dev/shm in snmp hostmib (bnc#853382, FATE#316893).
- stop snmptrapd on package removal.
ModerateSUSE bug 853382SUSE bug 935863SUSE bug 940188CVE-2015-5621 at SUSECVE-2015-5621 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for net-snmp (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for net-snmp fixes the following issues:
- CVE-2020-15862: Fixed a privilege escalation issue (bsc#1174961).
ImportantSUSE bug 1174961CVE-2020-15862 at SUSECVE-2020-15862 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for netpbm (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for netpbm fixes the following security issues:
- CVE-2017-2581: An out-of-bounds write in writeRasterPbm() could lead to memory corruption and potential code execution. (bsc#1024287)
ModerateSUSE bug 1024287CVE-2017-2581 at SUSECVE-2017-2581 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for netpbm (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for netpbm fixes the following issues:
Security issues fixed:
- CVE-2017-2579: Fixed out-of-bounds read in expandCodeOntoStack() (bsc#1024288).
- CVE-2017-2580: Fixed out-of-bounds write of heap data in addPixelToRaster() function (bsc#1024291).
- created a netpbm-vulnerable subpackage and move pstopnm there, as it uses ghostscript for conversion (bsc#1136936)
ModerateSUSE bug 1024288SUSE bug 1024291SUSE bug 1136936CVE-2017-2579 at SUSECVE-2017-2579 at NVDCVE-2017-2580 at SUSECVE-2017-2580 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for nmap (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for nmap fixes the following issues:
Security issue fixed:
- CVE-2018-15173: Fixed a remote denial of service attack via a crafted TCP-based service (bsc#1104139).
ImportantSUSE bug 1104139SUSE bug 1135350CVE-2018-15173 at SUSECVE-2018-15173 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for mozilla-nspr, mozilla-nssSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Mozilla NSPR and NSS were updated to fix various security bugs that could
be used to crash the browser or potentially execute code.
Mozilla NSPR 4.10.2 has the following bug fixes:
* Bug 770534: Possible pointer overflow in PL_ArenaAllocate(). Fixed by
Pascal Cuoq and Kamil Dudka.
* Bug 888546: ptio.c:PR_ImportUDPSocket doesn't work. Fixed by Miloslav
Trmac.
* Bug 915522: VS2013 support for NSPR. Fixed by Makoto Kato.
* Bug 927687: Avoid unsigned integer wrapping in PL_ArenaAllocate.
(CVE-2013-5607)
Mozilla NSS 3.15.3 is a patch release for NSS 3.15 and includes the
following bug fixes:
* Bug 925100: Ensure a size is <= half of the maximum PRUint32 value.
(CVE-2013-1741)
* Bug 934016: Handle invalid handshake packets. (CVE-2013-5605)
* Bug 910438: Return the correct result in CERT_VerifyCert on failure,
if a verifyLog isn't used. (CVE-2013-5606)
Security Issue references:
* CVE-2013-1741
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1741>
* CVE-2013-5605
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5605>
* CVE-2013-5606
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5606>
* CVE-2013-5607
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5607>
SUSE bug 850148CVE-2013-1741 at SUSECVE-2013-1741 at NVDCVE-2013-5605 at SUSECVE-2013-5605 at NVDCVE-2013-5606 at SUSECVE-2013-5606 at NVDCVE-2013-5607 at SUSECVE-2013-5607 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Recommended update for ntpSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for ntp provides the following fixes:
* Respect NTPD_FORCE_SYNC_ON_STARTUP also for dynamic peers.
(bnc#887957)
* Fix orphan mode. (bnc#883859)
SUSE bug 838458SUSE bug 857195SUSE bug 883859SUSE bug 887957SUSE bug 910764SUSE bug 911792SUSE bug 924202SUSE bug 928321SUSE bug 935409CVE-2013-5211 at SUSECVE-2013-5211 at NVDCVE-2014-9293 at SUSECVE-2014-9293 at NVDCVE-2014-9294 at SUSECVE-2014-9294 at NVDCVE-2014-9295 at SUSECVE-2014-9295 at NVDCVE-2014-9297 at SUSECVE-2014-9297 at NVDCVE-2014-9298 at SUSECVE-2014-9298 at NVDCVE-2015-1799 at SUSECVE-2015-1799 at NVDCVE-2015-3405 at SUSECVE-2015-3405 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for ntp (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This network time protocol server ntp was updated to 4.2.8p6 to fix the following
issues:
Also yast2-ntp-client was updated to match some sntp syntax changes. (bsc#937837)
Major functional changes:
- The 'sntp' commandline tool changed its option handling in a major way.
- 'controlkey 1' is added during update to ntp.conf to allow sntp to work.
- The local clock is being disabled during update.
- ntpd is no longer running chrooted.
Other functional changes:
- ntp-signd is installed.
- 'enable mode7' can be added to the configuration to allow ntdpc to work as compatibility mode option.
- 'kod' was removed from the default restrictions.
- SHA1 keys are used by default instead of MD5 keys.
These security issues were fixed:
- CVE-2015-5219: An endless loop due to incorrect precision to double conversion (bsc#943216).
- CVE-2015-8158: Fixed potential infinite loop in ntpq (bsc#962966).
- CVE-2015-8138: Zero Origin Timestamp Bypass (bsc#963002).
- CVE-2015-7979: Off-path Denial of Service (DoS) attack on authenticated broadcast mode (bsc#962784).
- CVE-2015-7978: Stack exhaustion in recursive traversal of restriction list (bsc#963000).
- CVE-2015-7977: reslist NULL pointer dereference (bsc#962970).
- CVE-2015-7976: ntpq saveconfig command allows dangerous characters in filenames (bsc#962802).
- CVE-2015-7975: nextvar() missing length check (bsc#962988).
- CVE-2015-7974: Skeleton Key: Missing key check allows impersonation between authenticated peers (bsc#962960).
- CVE-2015-7973: Replay attack on authenticated broadcast mode (bsc#962995).
- CVE-2015-8140: ntpq vulnerable to replay attacks (bsc#962994).
- CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin (bsc#962997).
- CVE-2015-5300: MITM attacker could have forced ntpd to make a step larger than the panic threshold (bsc#951629).
- CVE-2015-7871: NAK to the Future: Symmetric association authentication bypass via crypto-NAK (bsc#951608).
- CVE-2015-7855: decodenetnum() will ASSERT botch instead of returning FAIL on some bogus values (bsc#951608).
- CVE-2015-7854: Password Length Memory Corruption Vulnerability (bsc#951608).
- CVE-2015-7853: Invalid length data provided by a custom refclock driver could cause a buffer overflow (bsc#951608).
- CVE-2015-7852: ntpq atoascii() Memory Corruption Vulnerability (bsc#951608).
- CVE-2015-7851: saveconfig Directory Traversal Vulnerability (bsc#951608).
- CVE-2015-7850: remote config logfile-keyfile (bsc#951608).
- CVE-2015-7849: trusted key use-after-free (bsc#951608).
- CVE-2015-7848: mode 7 loop counter underrun (bsc#951608).
- CVE-2015-7701: Slow memory leak in CRYPTO_ASSOC (bsc#951608).
- CVE-2015-7703: configuration directives 'pidfile' and 'driftfile' should only be allowed locally (bsc#951608).
- CVE-2015-7704, CVE-2015-7705: Clients that receive a KoD should validate the origin timestamp field (bsc#951608).
- CVE-2015-7691, CVE-2015-7692, CVE-2015-7702: Incomplete autokey data packet length checks (bsc#951608).
These non-security issues were fixed:
- fate#320758 bsc#975981: Enable compile-time support for MS-SNTP (--enable-ntp-signd).
This replaces the w32 patches in 4.2.4 that added the authreg
directive.
- bsc#962318: Call /usr/sbin/sntp with full path to synchronize in start-ntpd.
When run as cron job, /usr/sbin/ is not in the path, which caused
the synchronization to fail.
- bsc#782060: Speedup ntpq.
- bsc#916617: Add /var/db/ntp-kod.
- bsc#956773: Add ntp-ENOBUFS.patch to limit a warning that might happen quite a lot on loaded systems.
- bsc#951559,bsc#975496: Fix the TZ offset output of sntp during DST.
- Add ntp-fork.patch and build with threads disabled to allow name resolution even when running chrooted.
- Add a controlkey line to /etc/ntp.conf if one does not already exist to allow runtime configuuration via ntpq.
- bsc#946386: Temporarily disable memlock to avoid problems due to high memory usage during name resolution.
- bsc#905885: Use SHA1 instead of MD5 for symmetric keys.
- Improve runtime configuration:
* Read keytype from ntp.conf
* Don't write ntp keys to syslog.
- Fix legacy action scripts to pass on command line arguments.
- bsc#944300: Remove 'kod' from the restrict line in ntp.conf.
- bsc#936327: Use ntpq instead of deprecated ntpdc in start-ntpd.
- Don't let 'keysdir' lines in ntp.conf trigger the 'keys' parser.
- Disable mode 7 (ntpdc) again, now that we don't use it anymore.
- Add 'addserver' as a new legacy action.
- bsc#910063: Fix the comment regarding addserver in ntp.conf.
- bsc#926510: Disable chroot by default.
- bsc#920238: Enable ntpdc for backwards compatibility.
- bsc#784760: Remove local clock from default configuration.
- bsc#942441/fate#319496: Require perl-Socket6.
- Improve runtime configuration:
* Read keytype from ntp.conf
* Don't write ntp keys to syslog.
- bsc#920183: Allow -4 and -6 address qualifiers in 'server' directives.
- Use upstream ntp-wait, because our version is incompatible with
the new ntpq command line syntax.
ImportantSUSE bug 782060SUSE bug 784760SUSE bug 905885SUSE bug 910063SUSE bug 916617SUSE bug 920183SUSE bug 920238SUSE bug 926510SUSE bug 936327SUSE bug 937837SUSE bug 942441SUSE bug 942587SUSE bug 943216SUSE bug 943218SUSE bug 944300SUSE bug 946386SUSE bug 951351SUSE bug 951559SUSE bug 951608SUSE bug 951629SUSE bug 954982SUSE bug 956773SUSE bug 962318SUSE bug 962784SUSE bug 962802SUSE bug 962960SUSE bug 962966SUSE bug 962970SUSE bug 962988SUSE bug 962994SUSE bug 962995SUSE bug 962997SUSE bug 963000SUSE bug 963002SUSE bug 975496SUSE bug 975981CVE-2015-5194 at SUSECVE-2015-5194 at NVDCVE-2015-5219 at SUSECVE-2015-5219 at NVDCVE-2015-5300 at SUSECVE-2015-5300 at NVDCVE-2015-7691 at SUSECVE-2015-7691 at NVDCVE-2015-7692 at SUSECVE-2015-7692 at NVDCVE-2015-7701 at SUSECVE-2015-7701 at NVDCVE-2015-7702 at SUSECVE-2015-7702 at NVDCVE-2015-7703 at SUSECVE-2015-7703 at NVDCVE-2015-7704 at SUSECVE-2015-7704 at NVDCVE-2015-7705 at SUSECVE-2015-7705 at NVDCVE-2015-7848 at SUSECVE-2015-7848 at NVDCVE-2015-7849 at SUSECVE-2015-7849 at NVDCVE-2015-7850 at SUSECVE-2015-7850 at NVDCVE-2015-7851 at SUSECVE-2015-7851 at NVDCVE-2015-7852 at SUSECVE-2015-7852 at NVDCVE-2015-7853 at SUSECVE-2015-7853 at NVDCVE-2015-7854 at SUSECVE-2015-7854 at NVDCVE-2015-7855 at SUSECVE-2015-7855 at NVDCVE-2015-7871 at SUSECVE-2015-7871 at NVDCVE-2015-7973 at SUSECVE-2015-7973 at NVDCVE-2015-7974 at SUSECVE-2015-7974 at NVDCVE-2015-7975 at SUSECVE-2015-7975 at NVDCVE-2015-7976 at SUSECVE-2015-7976 at NVDCVE-2015-7977 at SUSECVE-2015-7977 at NVDCVE-2015-7978 at SUSECVE-2015-7978 at NVDCVE-2015-7979 at SUSECVE-2015-7979 at NVDCVE-2015-8138 at SUSECVE-2015-8138 at NVDCVE-2015-8139 at SUSECVE-2015-8139 at NVDCVE-2015-8140 at SUSECVE-2015-8140 at NVDCVE-2015-8158 at SUSECVE-2015-8158 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for ntp (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ntp fixes the following issues:
- Separate the creation of ntp.keys and key #1 in it to avoid
problems when upgrading installations that have the file, but
no key #1, which is needed e.g. by 'rcntp addserver'.
- Update to 4.2.8p7 (bsc#977446):
* CVE-2016-1547, bsc#977459:
Validate crypto-NAKs, AKA: CRYPTO-NAK DoS.
* CVE-2016-1548, bsc#977461: Interleave-pivot
* CVE-2016-1549, bsc#977451:
Sybil vulnerability: ephemeral association attack.
* CVE-2016-1550, bsc#977464: Improve NTP security against buffer
comparison timing attacks.
* CVE-2016-1551, bsc#977450:
Refclock impersonation vulnerability
* CVE-2016-2516, bsc#977452: Duplicate IPs on unconfig
directives will cause an assertion botch in ntpd.
* CVE-2016-2517, bsc#977455: remote configuration trustedkey/
requestkey/controlkey values are not properly validated.
* CVE-2016-2518, bsc#977457: Crafted addpeer with hmode > 7
causes array wraparound with MATCH_ASSOC.
* CVE-2016-2519, bsc#977458: ctl_getitem() return value not
always checked.
* integrate ntp-fork.patch
* Improve the fixes for:
CVE-2015-7704, CVE-2015-7705, CVE-2015-7974
- Restrict the parser in the startup script to the first
occurrance of 'keys' and 'controlkey' in ntp.conf (bsc#957226).
ImportantSUSE bug 957226SUSE bug 977446SUSE bug 977450SUSE bug 977451SUSE bug 977452SUSE bug 977455SUSE bug 977457SUSE bug 977458SUSE bug 977459SUSE bug 977461SUSE bug 977464CVE-2015-7704 at SUSECVE-2015-7704 at NVDCVE-2015-7705 at SUSECVE-2015-7705 at NVDCVE-2015-7974 at SUSECVE-2015-7974 at NVDCVE-2016-1547 at SUSECVE-2016-1547 at NVDCVE-2016-1548 at SUSECVE-2016-1548 at NVDCVE-2016-1549 at SUSECVE-2016-1549 at NVDCVE-2016-1550 at SUSECVE-2016-1550 at NVDCVE-2016-1551 at SUSECVE-2016-1551 at NVDCVE-2016-2516 at SUSECVE-2016-2516 at NVDCVE-2016-2517 at SUSECVE-2016-2517 at NVDCVE-2016-2518 at SUSECVE-2016-2518 at NVDCVE-2016-2519 at SUSECVE-2016-2519 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for libtasn1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for libtasn1 fixes the following issues:
- Malformed asn1 definitions could have caused a segmentation fault in the asn1 definition parser (bsc#961491)
- CVE-2015-3622: Fixed invalid read in octet string decoding (bsc#929414)
- CVE-2016-4008: Fixed infinite loop while parsing DER certificates (bsc#982779)
ModerateSUSE bug 929414SUSE bug 961491SUSE bug 982779CVE-2015-3622 at SUSECVE-2015-3622 at NVDCVE-2016-4008 at SUSECVE-2016-4008 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ntp (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
ntp was updated to version 4.2.8p8 to fix five security issues.
These security issues were fixed:
- CVE-2016-4953: Bad authentication demobilizes ephemeral associations (bsc#982065).
- CVE-2016-4954: Processing spoofed server packets (bsc#982066).
- CVE-2016-4955: Autokey association reset (bsc#982067).
- CVE-2016-4956: Broadcast interleave (bsc#982068).
- CVE-2016-4957: CRYPTO_NAK crash (bsc#982064).
These non-security issues were fixed:
- Keep the parent process alive until the daemon has finished initialisation, to make sure that the PID file exists when the parent returns.
- bsc#979302: Change the process name of the forking DNS worker process to avoid the impression that ntpd is started twice.
- bsc#981422: Don't ignore SIGCHILD because it breaks wait().
ImportantSUSE bug 979302SUSE bug 981422SUSE bug 982056SUSE bug 982064SUSE bug 982065SUSE bug 982066SUSE bug 982067SUSE bug 982068CVE-2016-4953 at SUSECVE-2016-4953 at NVDCVE-2016-4954 at SUSECVE-2016-4954 at NVDCVE-2016-4955 at SUSECVE-2016-4955 at NVDCVE-2016-4956 at SUSECVE-2016-4956 at NVDCVE-2016-4957 at SUSECVE-2016-4957 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ntp fixes the following issues:
ntp was updated to 4.2.8p9.
Security issues fixed:
- CVE-2016-9311, CVE-2016-9310, bsc#1011377: Mode 6
unauthenticated trap information disclosure and DDoS vector.
- CVE-2016-7427, bsc#1011390:
Broadcast Mode Replay Prevention DoS.
- CVE-2016-7428, bsc#1011417:
Broadcast Mode Poll Interval Enforcement DoS.
- CVE-2016-7431, bsc#1011395:
Regression: 010-origin: Zero Origin Timestamp Bypass.
- CVE-2016-7434, bsc#1011398:
Null pointer dereference in _IO_str_init_static_internal().
- CVE-2016-7429, bsc#1011404: Interface selection attack.
- CVE-2016-7426, bsc#1011406:
Client rate limiting and server responses.
- CVE-2016-7433, bsc#1011411: Reboot sync calculation problem.
- CVE-2015-8140: ntpq vulnerable to replay attacks.
- CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin.
- CVE-2015-5219: An endless loop due to incorrect precision to
double conversion (bsc#943216).
Non-security issues fixed:
- Fix a spurious error message.
- Other bugfixes, see /usr/share/doc/packages/ntp/ChangeLog.
- Fix a regression in 'trap' (bsc#981252).
- Reduce the number of netlink groups to listen on for changes to
the local network setup (bsc#992606).
- Fix segfault in 'sntp -a' (bsc#1009434).
- Silence an OpenSSL version warning (bsc#992038).
- Make the resolver task change user and group IDs to the same
values as the main task. (bsc#988028)
- Simplify ntpd's search for its own executable to prevent AppArmor
warnings (bsc#956365).
ModerateSUSE bug 1009434SUSE bug 1011377SUSE bug 1011390SUSE bug 1011395SUSE bug 1011398SUSE bug 1011404SUSE bug 1011406SUSE bug 1011411SUSE bug 1011417SUSE bug 943216SUSE bug 956365SUSE bug 981252SUSE bug 988028SUSE bug 992038SUSE bug 992606CVE-2015-5219 at SUSECVE-2015-5219 at NVDCVE-2015-8139 at SUSECVE-2015-8139 at NVDCVE-2015-8140 at SUSECVE-2015-8140 at NVDCVE-2016-7426 at SUSECVE-2016-7426 at NVDCVE-2016-7427 at SUSECVE-2016-7427 at NVDCVE-2016-7428 at SUSECVE-2016-7428 at NVDCVE-2016-7429 at SUSECVE-2016-7429 at NVDCVE-2016-7431 at SUSECVE-2016-7431 at NVDCVE-2016-7433 at SUSECVE-2016-7433 at NVDCVE-2016-7434 at SUSECVE-2016-7434 at NVDCVE-2016-9310 at SUSECVE-2016-9310 at NVDCVE-2016-9311 at SUSECVE-2016-9311 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This ntp update to version 4.2.8p10 fixes the following issues:
Security issues fixed (bsc#1030050):
- CVE-2017-6464: Denial of Service via Malformed Config
- CVE-2017-6462: Buffer Overflow in DPTS Clock
- CVE-2017-6463: Authenticated DoS via Malicious Config Option
- CVE-2017-6458: Potential Overflows in ctl_put() functions
- CVE-2017-6451: Improper use of snprintf() in mx4200_send()
- CVE-2017-6460: Buffer Overflow in ntpq when fetching reslist
- CVE-2016-9042: 0rigin (zero origin) DoS.
- ntpq_stripquotes() returns incorrect Value
- ereallocarray()/eallocarray() underused
- Copious amounts of Unused Code
- Off-by-one in Oncore GPS Receiver
- Makefile does not enforce Security Flags
Bugfixes:
- Remove spurious log messages (bsc#1014172).
- Fixing ppc and ppc64 linker issue (bsc#1031085).
- clang scan-build findings
- Support for openssl-1.1.0 without compatibility modes
- Bugfix 3072 breaks multicastclient
- forking async worker: interrupted pipe I/O
- (...) time_pps_create: Exec format error
- Incorrect Logic for Peer Event Limiting
- Change the process name of forked DNS worker
- Trap Configuration Fail
- Nothing happens if minsane < maxclock < minclock
- allow -4/-6 on restrict line with mask
- out-of-bound pointers in ctl_putsys and decode_bitflags
- Move ntp-kod to /var/lib/ntp, because /var/db is not a standard directory and causes problems for
transactional updates.
ModerateSUSE bug 1014172SUSE bug 1030050SUSE bug 1031085CVE-2016-9042 at SUSECVE-2016-9042 at NVDCVE-2017-6451 at SUSECVE-2017-6451 at NVDCVE-2017-6458 at SUSECVE-2017-6458 at NVDCVE-2017-6460 at SUSECVE-2017-6460 at NVDCVE-2017-6462 at SUSECVE-2017-6462 at NVDCVE-2017-6463 at SUSECVE-2017-6463 at NVDCVE-2017-6464 at SUSECVE-2017-6464 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ntp fixes the following issues:
- Update to 4.2.8p11 (bsc#1082210):
* CVE-2016-1549: Sybil vulnerability: ephemeral association
attack. While fixed in ntp-4.2.8p7, there are significant
additional protections for this issue in 4.2.8p11.
* CVE-2018-7182: ctl_getitem(): buffer read overrun
leads to undefined behavior and information leak. (bsc#1083426)
* CVE-2018-7170: Multiple authenticated ephemeral
associations. (bsc#1083424)
* CVE-2018-7184: Interleaved symmetric mode cannot
recover from bad state. (bsc#1083422)
* CVE-2018-7185: Unauthenticated packet can reset
authenticated interleaved association. (bsc#1083420)
* CVE-2018-7183: ntpq:decodearr() can write beyond its
buffer limit.(bsc#1083417)
- Don't use libevent's cached time stamps in sntp.
ModerateSUSE bug 1077445SUSE bug 1082210SUSE bug 1083417SUSE bug 1083420SUSE bug 1083422SUSE bug 1083424SUSE bug 1083426CVE-2016-1549 at SUSECVE-2016-1549 at NVDCVE-2018-7170 at SUSECVE-2018-7170 at NVDCVE-2018-7182 at SUSECVE-2018-7182 at NVDCVE-2018-7183 at SUSECVE-2018-7183 at NVDCVE-2018-7184 at SUSECVE-2018-7184 at NVDCVE-2018-7185 at SUSECVE-2018-7185 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
NTP was updated to 4.2.8p12 (bsc#1111853):
- CVE-2018-12327: Fixed stack buffer overflow in the openhost() command-line call of NTPQ/NTPDC. (bsc#1098531)
- CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection (bsc#1083424)
Please also see https://www.nwtime.org/network-time-foundation-publishes-ntp-4-2-8p12/ for more information.
ModerateSUSE bug 1083424SUSE bug 1098531SUSE bug 1111853CVE-2018-12327 at SUSECVE-2018-12327 at NVDCVE-2018-7170 at SUSECVE-2018-7170 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ntp fixes the following issues:
Security issue fixed:
- CVE-2019-8936: Fixed a null pointer exception which could allow an authenticated attcker to cause
segmentation fault to ntpd (bsc#1128525).
Other issues addressed:
- Make sure that SLE12 version is higher than the one in SLE11 (bsc#1001182).
- Fixed several bugs in the BANCOMM reclock driver.
- Fixed ntp_loopfilter.c snprintf compilation warnings.
- Fixed spurious initgroups() error message.
- Fixed STA_NANO struct timex units.
- Fixed GPS week rollover in libparse.
- Fixed incorrect poll interval in packet.
- Added a missing check for ENABLE_CMAC.
ModerateSUSE bug 1001182SUSE bug 1128525CVE-2019-8936 at SUSECVE-2019-8936 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ntp fixes the following issues:
ntp was updated to 4.2.8p15
- CVE-2020-11868: Fixed an issue which a server mode packet with spoofed source address
frequently send to the client ntpd could have caused denial of service (bsc#1169740).
- CVE-2018-8956: Fixed an issue which could have allowed remote attackers to prevent
a broadcast client from synchronizing its clock with a broadcast NTP server via spoofed
mode 3 and mode 5 packets (bsc#1171355).
- CVE-2020-13817: Fixed an issue which an off-path attacker with the ability to query time
from victim's ntpd instance could have modified the victim's clock by a limited amount (bsc#1172651).
- CVE-2020-15025: Fixed an issue which remote attacker could have caused denial of service by consuming
the memory when a CMAC key was used andassociated with a CMAC algorithm in the ntp.keys (bsc#1173334).
ModerateSUSE bug 1169740SUSE bug 1171355SUSE bug 1172651SUSE bug 1173334CVE-2018-8956 at SUSECVE-2018-8956 at NVDCVE-2020-11868 at SUSECVE-2020-11868 at NVDCVE-2020-13817 at SUSECVE-2020-13817 at NVDCVE-2020-15025 at SUSECVE-2020-15025 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for open-iscsi (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for open-iscsi fixes the following issues:
- CVE-2020-13987: Fixed an out of bounds memory access when calculating
the checksums for IP packets (bsc#1179908).
- CVE-2017-17840: Fixed a buffer overflow that could be triggered via a
packets with an incorrect length field (bsc#1072312).
ImportantSUSE bug 1072312SUSE bug 1179908CVE-2017-17840 at SUSECVE-2017-17840 at NVDCVE-2020-13987 at SUSECVE-2020-13987 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for openldap2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
openldap2 was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-4000: The Logjam Attack / weakdh.org (bsc#937766).
This non-security issue was fixed:
- bsc#932773: ldapmodify failed with DOS format LDIF files containing '-' separator.
ModerateSUSE bug 924496SUSE bug 932773SUSE bug 937766CVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for openldap2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openldap2 fixes the following issues:
- CVE-2019-13565: Fixed an authentication bypass caused by incorrect authorization of another connection, granting excess connection rights (bsc#1143194).
- CVE-2019-13057: Fixed an issue with improper authorization with delegated database admin privileges (bsc#1143273).
ImportantSUSE bug 1143194SUSE bug 1143273CVE-2019-13057 at SUSECVE-2019-13057 at NVDCVE-2019-13565 at SUSECVE-2019-13565 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openldap2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openldap2 fixes the following issues:
- CVE-2020-12243: Fixed a denial of service related to recursive filters (bsc#1170771).
ImportantSUSE bug 1170771CVE-2020-12243 at SUSECVE-2020-12243 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openldap2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openldap2 fixes the following issues:
- CVE-2020-8023: Fixed a potential local privilege escalation from ldap to root when OPENLDAP_CONFIG_BACKEND='ldap' was used (bsc#1172698).
ImportantSUSE bug 1172698CVE-2020-8023 at SUSECVE-2020-8023 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openldap2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openldap2 fixes the following issues:
- CVE-2020-25692: Fixed an unauthenticated remote denial of service due to incorrect validation of modrdn equality rules (bsc#1178387).
ImportantSUSE bug 1178387CVE-2020-25692 at SUSECVE-2020-25692 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openldap2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openldap2 fixes the following issues:
- CVE-2020-25709: Fixed a crash caused by specially crafted network traffic (bsc#1178909).
- CVE-2020-25710: Fixed a crash caused by specially crafted network traffic (bsc#1178909).
ModerateSUSE bug 1178909CVE-2020-25709 at SUSECVE-2020-25709 at NVDCVE-2020-25710 at SUSECVE-2020-25710 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openldap2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openldap2 fixes the following issues:
- bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the
X.509 DN parsing in decode.c ber_next_element, resulting in denial
of service.
- bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN
parsing in ad_keystring, resulting in denial of service.
- bsc#1182412 CVE-2020-36228 - integer underflow leading to crash
in the Certificate List Exact Assertion processing, resulting in
denial of service.
- bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the
cancel_extop Cancel operation, resulting in denial of service.
- bsc#1182416 CVE-2020-36225 - double free and slapd crash in the
saslAuthzTo processing, resulting in denial of service.
- bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash
in the saslAuthzTo processing, resulting in denial of service.
- bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd
crash in the saslAuthzTo processing, resulting in denial of service.
- bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the
saslAuthzTo validation, resulting in denial of service.
- bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact
Assertion processing, resulting in denial of service (schema_init.c
serialNumberAndIssuerCheck).
- bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter
control handling, resulting in denial of service (double free and
out-of-bounds read).
- bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur
in the issuerAndThisUpdateCheck function via a crafted packet,
resulting in a denial of service (daemon exit) via a short timestamp.
This is related to schema_init.c and checkTime.
- resynchronise changelogs with subpackages (bsc#1184020).
ImportantSUSE bug 1182279SUSE bug 1182408SUSE bug 1182411SUSE bug 1182412SUSE bug 1182413SUSE bug 1182415SUSE bug 1182416SUSE bug 1182417SUSE bug 1182418SUSE bug 1182419SUSE bug 1182420SUSE bug 1184020CVE-2020-36221 at SUSECVE-2020-36221 at NVDCVE-2020-36222 at SUSECVE-2020-36222 at NVDCVE-2020-36223 at SUSECVE-2020-36223 at NVDCVE-2020-36224 at SUSECVE-2020-36224 at NVDCVE-2020-36225 at SUSECVE-2020-36225 at NVDCVE-2020-36226 at SUSECVE-2020-36226 at NVDCVE-2020-36227 at SUSECVE-2020-36227 at NVDCVE-2020-36228 at SUSECVE-2020-36228 at NVDCVE-2020-36229 at SUSECVE-2020-36229 at NVDCVE-2020-36230 at SUSECVE-2020-36230 at NVDCVE-2021-27212 at SUSECVE-2021-27212 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openldap2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openldap2 fixes the following issues:
- CVE-2022-29155: Fixed SQL injection in back-sql (bsc#1199240).
ImportantSUSE bug 1199240CVE-2022-29155 at SUSECVE-2022-29155 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openldap2SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
openldap2 was updated to fix three security issues and one non-security
bug.
The following vulnerabilities were fixed:
* A remote attacker could cause a denial of service (slapd crash) by
unbinding immediately after a search request. (bnc#846389,
CVE-2013-4449)
* A remote attacker could cause a denial of service through a NULL
pointer dereference and crash via an empty attribute list in a deref
control in a search request. (bnc#916897, CVE-2015-1545)
* A remote attacker could cause a denial of service (crash) via a
crafted search query with a matched values control. (bnc#916914,
CVE-2015-1546)
The following non-security bug was fixed:
* Prevent connection-0 (internal connection) from showing up in the
monitor back-end. (bnc#905959)
Security Issues:
* CVE-2015-1546
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1546>
* CVE-2015-1545
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1545>
* CVE-2013-4449
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4449>
SUSE bug 846389SUSE bug 905959SUSE bug 916897SUSE bug 916914CVE-2013-4449 at SUSECVE-2013-4449 at NVDCVE-2015-1545 at SUSECVE-2015-1545 at NVDCVE-2015-1546 at SUSECVE-2015-1546 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for openldap2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes the following security issue:
- CVE-2015-6908. Passing a crafted packet to the function ber_get_next(),
an attacker may cause a remote denial of service, crashing the OpenLDAP server (bsc#945582).
ModerateSUSE bug 945582CVE-2015-6908 at SUSECVE-2015-6908 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for opensc (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for opensc fixes the following issues:
- CVE-2018-16391: Fixed a denial of service when handling responses from a Muscle Card (bsc#1106998)
- CVE-2018-16392: Fixed a denial of service when handling responses from a TCOS Card (bsc#1106999)
- CVE-2018-16393: Fixed buffer overflows when handling responses from Gemsafe V1 Smartcards (bsc#1108318)
- CVE-2018-16418: Fixed buffer overflow when handling string concatenation in util_acl_to_str (bsc#1107039)
- CVE-2018-16419: Fixed several buffer overflows when handling responses from a Cryptoflex card (bsc#1107107)
- CVE-2018-16422: Fixed single byte buffer overflow when handling responses from an esteid Card (bsc#1107038)
- CVE-2018-16423: Fixed double free when handling responses from a smartcard (bsc#1107037)
- CVE-2018-16427: Fixed out of bounds reads when handling responses in OpenSC (bsc#1107033)
ModerateSUSE bug 1104812SUSE bug 1106998SUSE bug 1106999SUSE bug 1107033SUSE bug 1107037SUSE bug 1107038SUSE bug 1107039SUSE bug 1107107SUSE bug 1108318CVE-2018-16391 at SUSECVE-2018-16391 at NVDCVE-2018-16392 at SUSECVE-2018-16392 at NVDCVE-2018-16393 at SUSECVE-2018-16393 at NVDCVE-2018-16418 at SUSECVE-2018-16418 at NVDCVE-2018-16419 at SUSECVE-2018-16419 at NVDCVE-2018-16422 at SUSECVE-2018-16422 at NVDCVE-2018-16423 at SUSECVE-2018-16423 at NVDCVE-2018-16427 at SUSECVE-2018-16427 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for opensc (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for opensc fixes the following issues:
Security issue fixed:
- CVE-2019-6502: Fixed a memory leak in sc_context_create() (bsc#1122756).
LowSUSE bug 1122756CVE-2019-6502 at SUSECVE-2019-6502 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for opensc (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for opensc fixes the following issues:
- CVE-2020-26571: gemsafe GPK smart card software driver stack-based buffer overflow (bsc#1177380)
- CVE-2019-15946: out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry (bsc#1149747)
- CVE-2019-15945: out-of-bounds access of an ASN.1 Bitstring in decode_bit_string (bsc#1149746)
- CVE-2019-19479: incorrect read operation during parsing of a SETCOS file attribute (bsc#1158256)
- CVE-2020-26572: Prevent out of bounds write (bsc#1177378)
ModerateSUSE bug 1149746SUSE bug 1149747SUSE bug 1158256SUSE bug 1177378SUSE bug 1177380CVE-2019-15945 at SUSECVE-2019-15945 at NVDCVE-2019-15946 at SUSECVE-2019-15946 at NVDCVE-2019-19479 at SUSECVE-2019-19479 at NVDCVE-2020-26571 at SUSECVE-2020-26571 at NVDCVE-2020-26572 at SUSECVE-2020-26572 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for opensc (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for opensc fixes the following issues:
- CVE-2021-42780: Fixed use after return in insert_pin() (bsc#1192005).
- CVE-2021-42782: Stack buffer overflow issues in various places (bsc#1191957).
ImportantSUSE bug 1191957SUSE bug 1192005CVE-2021-42780 at SUSECVE-2021-42780 at NVDCVE-2021-42782 at SUSECVE-2021-42782 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for OpenSLPSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for OpenSLP fixes a bug in SLPIntersectStringList that could
lead to an out-of-bounds read (CVE-2012-4428). Additionally, the SLP daemon
now always use localtime(3) when writing to log files to avoid having
timestamps with different timezones.
Security Issues:
* CVE-2012-4428
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4428>
SUSE bug 778508SUSE bug 855385CVE-2012-4428 at SUSECVE-2012-4428 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for openslp (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openslp fixes the following issues:
- CVE-2017-17833: Prevent heap-related memory corruption issue which may have
manifested itself as a denial-of-service or a remote code-execution
vulnerability (bsc#1090638).
ImportantSUSE bug 1090638CVE-2017-17833 at SUSECVE-2017-17833 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for opensshSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for OpenSSH fixes the following issues:
* Exit sshd normally when port is already in use. (bnc#832628)
* Use hardware crypto engines where available. (bnc#826427)
* Use correct options for login when it is used. (bnc#833605)
* Move FIPS messages to higher debug level. (bnc#862875)
* Fix forwarding with IPv6 addresses in DISPLAY. (bnc#847710)
* Do not link OpenSSH binaries with LDAP libraries. (bnc#826906)
* Parse AcceptEnv properly. (bnc#869101, CVE-2014-2532)
* Check SSHFP DNS records even for server certificates. (bnc#870532,
CVE-2014-2653)
Security Issues references:
* CVE-2014-2532
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532>
* CVE-2014-2653
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653>
SUSE bug 826427SUSE bug 833605SUSE bug 847710SUSE bug 869101SUSE bug 870532CVE-2014-2532 at SUSECVE-2014-2532 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for openssh (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
openssh was updated to fix several security issues and bugs.
These security issues were fixed:
* CVE-2015-5352: The x11_open_helper function in channels.c in ssh
in OpenSSH when ForwardX11Trusted mode is not used, lacked a check of
the refusal deadline for X connections, which made it easier for remote
attackers to bypass intended access restrictions via a connection outside
of the permitted time window (bsc#936695).
* CVE-2015-5600: The kbdint_next_device function in auth2-chall.c
in sshd in OpenSSH did not properly restrict the processing of
keyboard-interactive devices within a single connection, which made it
easier for remote attackers to conduct brute-force attacks or cause a
denial of service (CPU consumption) via a long and duplicative list in
the ssh -oKbdInteractiveDevices option, as demonstrated by a modified
client that provides a different password for each pam element on this
list (bsc#938746).
* CVE-2015-4000: Removed and disabled weak DH groups to address LOGJAM (bsc#932483).
* Hardening patch to fix sftp RCE (bsc#903649).
* CVE-2015-6563: The monitor component in sshd in OpenSSH accepted
extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which
allowed local users to conduct impersonation attacks by leveraging any SSH
login access in conjunction with control of the sshd uid to send a crafted
MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.
* CVE-2015-6564: Use-after-free vulnerability in the
mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH might
have allowed local users to gain privileges by leveraging control of the
sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.
These non-security issues were fixed:
- bsc#914309: sshd inherits oom_adj -17 on SIGHUP causing DoS potential for oom_killer.
- bsc#673532: limits.conf fsize change in SLES10SP3 causing problems to WebSphere mqm user.
- bsc#916549: Fixed support for aesXXX-gcm@openssh.com.
ImportantSUSE bug 673532SUSE bug 903649SUSE bug 905118SUSE bug 914309SUSE bug 916549SUSE bug 932483SUSE bug 936695SUSE bug 938746SUSE bug 943006SUSE bug 943010SUSE bug 945493CVE-2015-4000 at SUSECVE-2015-4000 at NVDCVE-2015-5352 at SUSECVE-2015-5352 at NVDCVE-2015-5600 at SUSECVE-2015-5600 at NVDCVE-2015-6563 at SUSECVE-2015-6563 at NVDCVE-2015-6564 at SUSECVE-2015-6564 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for openssh (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for OpenSSH fixes the following issues:
- Prevent user enumeration through the timing of password processing.
(bsc#989363, CVE-2016-6210)
- Allow lowering the DH groups parameter limit in server as well as when GSSAPI
key exchange is used. (bsc#948902)
- Sanitize input for xauth(1). (bsc#970632, CVE-2016-3115)
- Prevent X11 SECURITY circumvention when forwarding X11 connections.
(bsc#962313, CVE-2016-1908)
- Disable DH parameters under 2048 bits by default and allow lowering the limit back
to the RFC 4419 specified minimum through an option. (bsc#932483, bsc#948902)
- Ignore PAM environment when using login. (bsc#975865, CVE-2015-8325)
- Limit the accepted password length (prevents a possible denial of service).
(bsc#992533, CVE-2016-6515)
- Relax version requires for the openssh-askpass sub-package. (bsc#962794)
- Avoid complaining about unset DISPLAY variable. (bsc#981654)
- Initialize message id to prevent connection breakups in some cases. (bsc#959096)
ModerateSUSE bug 932483SUSE bug 948902SUSE bug 959096SUSE bug 962313SUSE bug 962794SUSE bug 970632SUSE bug 975865SUSE bug 981654SUSE bug 989363SUSE bug 992533CVE-2015-8325 at SUSECVE-2015-8325 at NVDCVE-2016-1908 at SUSECVE-2016-1908 at NVDCVE-2016-3115 at SUSECVE-2016-3115 at NVDCVE-2016-6210 at SUSECVE-2016-6210 at NVDCVE-2016-6515 at SUSECVE-2016-6515 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for openssh (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssh fixes the following issues:
Security issues fixed:
- CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480)
- CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation (bsc#1016366)
- CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege process handling authentication (bsc#1016369)
Non security issues fixed:
- Properly verify CIDR masks in the AllowUsers and DenyUsers configuration lists (bsc#1005893)
ModerateSUSE bug 1005480SUSE bug 1005893SUSE bug 1016366SUSE bug 1016369CVE-2016-10009 at SUSECVE-2016-10009 at NVDCVE-2016-10011 at SUSECVE-2016-10011 at NVDCVE-2016-8858 at SUSECVE-2016-8858 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for openssh (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssh fixes the following issues:
Security issues fixed:
- CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to treat such a username enumeration (or 'oracle') as a vulnerability. (bsc#1106163)
- CVE-2017-15906: The process_open function in sftp-server.c in OpenSSH did not properly prevent write operations in readonly mode, which allowed attackers to create zero-length files. (bsc#1065000, bsc#1106726)
- CVE-2016-10708: sshd allowed remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c. (bsc#1076957)
- CVE-2018-15473: OpenSSH was prone to a user existance oracle vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. (bsc#1105010)
- CVE-2016-10012: Removed pre-auth compression support from the server to prevent possible cryptographic attacks. (bsc#1016370)
Bugs fixed:
- Fixed failing 'AuthorizedKeysCommand' within a 'Match User' block in sshd_config (bsc#1105180)
ImportantSUSE bug 1016370SUSE bug 1065000SUSE bug 1076957SUSE bug 1105010SUSE bug 1105180SUSE bug 1106163SUSE bug 1106726CVE-2016-10012 at SUSECVE-2016-10012 at NVDCVE-2016-10708 at SUSECVE-2016-10708 at NVDCVE-2017-15906 at SUSECVE-2017-15906 at NVDCVE-2018-15473 at SUSECVE-2018-15473 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for openssh (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssh to version 6.6p1 fixes the following issues:
Security issues fixed:
- CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions (bsc#1121571)
ImportantSUSE bug 1121571CVE-2018-20685 at SUSECVE-2018-20685 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssh (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssh fixes the following issues:
Security vulnerabilities addressed:
- CVE-2019-6109: Fixed an character encoding issue in the progress display of
the scp client that could be used to manipulate client output, allowing
for spoofing during file transfers (bsc#1121816).
- CVE-2019-6111: Properly validate object names received by the scp client to
prevent arbitrary file overwrites when interacting with a malicious SSH server
(bsc#1121821).
Other issues fixed:
- Fixed two race conditions in sshd relating to SIGHUP (bsc#1119183).
- Returned proper reason for port forwarding failures (bsc#1090671).
- Fixed SSHD termination of multichannel sessions with non-root users (bsc#1115550).
ModerateSUSE bug 1090671SUSE bug 1115550SUSE bug 1119183SUSE bug 1121816SUSE bug 1121821SUSE bug 1131709CVE-2019-6109 at SUSECVE-2019-6109 at NVDCVE-2019-6111 at SUSECVE-2019-6111 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssh (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssh fixes the following issues:
- CVE-2020-14145: Fixed an information leak during host key exchange that could have been exploited by a man-in-the-middle attacker (bsc#1173513).
- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).
The following non-security bug was fixed:
- Fixed segmentation faults in CVE-2020-14145 patch (bsc#1183076).
ImportantSUSE bug 1173513SUSE bug 1183076SUSE bug 1190975CVE-2020-14145 at SUSECVE-2020-14145 at NVDCVE-2021-41617 at SUSECVE-2021-41617 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssh (Critical)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for openssh fixes the following issues:
- CVE-2016-0777: A malicious or compromised server could cause the OpenSSH client to expose part or all of the client's private key through the roaming feature (bsc#961642)
- CVE-2016-0778: A malicious or compromised server could could trigger a buffer overflow in the OpenSSH client through the roaming feature (bsc#961645)
This update disables the undocumented feature supported by the OpenSSH client and a commercial SSH server.
CriticalSUSE bug 961642SUSE bug 961645CVE-2016-0777 at SUSECVE-2016-0777 at NVDCVE-2016-0778 at SUSECVE-2016-0778 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for openssh-openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssh-openssl1 fixes the following issues:
Security issues fixed:
- CVE-2016-6210: Prevent user enumeration through the timing of password
processing (bsc#989363)
- CVE-2016-6515: limit accepted password length (prevents possible DoS)
(bsc#992533)
- CVE-2016-3115: Sanitise input for xauth(1) (bsc#970632)
- CVE-2016-1908: prevent X11 SECURITY circumvention when forwarding X11
connections (bsc#962313)
- CVE-2015-8325: ignore PAM environment when using login (bsc#975865)
- Disable DH parameters under 2048 bits by default and allow
lowering the limit back to the RFC 4419 specified minimum
through an option (bsc#932483, bsc#948902)
- Allow lowering the DH groups parameter limit in server as well
as when GSSAPI key exchange is used (bsc#948902)
Bugs fixed:
- avoid complaining about unset DISPLAY variable (bsc#981654)
- Correctly parse GSSAPI KEX algorithms (bsc#961368)
- more verbose FIPS mode/CC related documentation in README.FIPS
(bsc#965576, bsc#960414)
- fix PRNG re-seeding (bsc#960414, bsc#729190)
- Allow empty Match blocks (bsc#961494)
ModerateSUSE bug 729190SUSE bug 932483SUSE bug 948902SUSE bug 960414SUSE bug 961368SUSE bug 961494SUSE bug 962313SUSE bug 965576SUSE bug 970632SUSE bug 975865SUSE bug 981654SUSE bug 989363SUSE bug 992533CVE-2015-8325 at SUSECVE-2015-8325 at NVDCVE-2016-1908 at SUSECVE-2016-1908 at NVDCVE-2016-3115 at SUSECVE-2016-3115 at NVDCVE-2016-6210 at SUSECVE-2016-6210 at NVDCVE-2016-6515 at SUSECVE-2016-6515 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssh-openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssh-openssl1 fixes the following issues:
- Properly verify CIDR masks in configuration (bsc#1005893)
- CVE-2016-10009: limit directories for loading PKCS11 modules (bsc#1016366)
- CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege
process handling authentication (bsc#1016369)
- CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480)
- fix suggested command for removing conflicting server keys from
the known_hosts file (bsc#1006221)
ModerateSUSE bug 1005480SUSE bug 1005893SUSE bug 1006221SUSE bug 1016366SUSE bug 1016369CVE-2016-10009 at SUSECVE-2016-10009 at NVDCVE-2016-10011 at SUSECVE-2016-10011 at NVDCVE-2016-8858 at SUSECVE-2016-8858 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssh-openssl1 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssh-openssl1 fixes the following issues:
These security issues were fixed:
- CVE-2016-10708: Prevent NULL pointer dereference via an out-of-sequence
NEWKEYS message allowed remote attackers to cause a denial of service
(bsc#1076957).
- CVE-2017-15906: The process_open function did not properly prevent write
operations in readonly mode, which allowed attackers to create zero-length
files (bsc#1065000).
- CVE-2016-10012: The shared memory manager (associated with pre-authentication
compression) did not ensure that a bounds check is enforced by all compilers,
which might have allowed local users to gain privileges by leveraging access to
a sandboxed privilege-separation process, related to the m_zback and m_zlib
data structures (bsc#1016370).
- CVE-2008-1483: Prevent local users from hijacking forwarded X connections by
causing ssh to set DISPLAY to :10, even when another process is listening on
the associated port. This problem was reontroduced by another patch and was
previously fixed by another update (bsc#1069509).
These non-security issues were fixed:
- Remove duplicate KEX method (bsc#1053972)
- New switch for printing diagnostic messages in sftp client's batch mode (bsc#1023275)
- Enable case-insensitive hostname matching (bsc#1017099)
ImportantSUSE bug 1016370SUSE bug 1017099SUSE bug 1023275SUSE bug 1053972SUSE bug 1065000SUSE bug 1069509SUSE bug 1076957CVE-2008-1483 at SUSECVE-2008-1483 at NVDCVE-2016-10012 at SUSECVE-2016-10012 at NVDCVE-2016-10708 at SUSECVE-2016-10708 at NVDCVE-2017-15906 at SUSECVE-2017-15906 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssh-openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssh-openssl1 fixes the following issues:
Security issues fixed:
- CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to treat such a username enumeration (or 'oracle') as a vulnerability. (bsc#1106163)
- CVE-2018-15473: OpenSSH was prone to a user existance oracle vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. (bsc#1105010)
Following non-security issues were fixed:
- Fix for sftp client because it returns wrong error code upon failure (bsc#1091396)
- Stop leaking File descriptors (bsc#964336)
ModerateSUSE bug 1091396SUSE bug 1105010SUSE bug 1106163SUSE bug 964336CVE-2018-15473 at SUSECVE-2018-15473 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update of openssl fixes a regression caused by the security fix for CVE-2015-0287,
after which DSA keys could occasionaly not loaded from disk. (bsc#937492)
ModerateSUSE bug 937492CVE-2015-0287 at SUSECVE-2015-0287 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for openssl fixes the following issues:
- CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure
OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS
routines so any application which reads PKCS#7 or CMS data from untrusted
sources is affected. SSL/TLS is not affected. (bsc#957812)
- Prevent segfault in s_client with invalid options (bsc#952099)
ModerateSUSE bug 952099SUSE bug 957812CVE-2015-3195 at SUSECVE-2015-3195 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes various security issues and bugs:
Security issues fixed:
- CVE-2016-0800 aka the 'DROWN' attack (bsc#968046):
OpenSSL was vulnerable to a cross-protocol attack that could lead to
decryption of TLS sessions by using a server supporting SSLv2 and
EXPORT cipher suites as a Bleichenbacher RSA padding oracle.
This update changes the openssl library to:
* Disable SSLv2 protocol support by default.
This can be overridden by setting the environment variable
'OPENSSL_ALLOW_SSL2' or by using SSL_CTX_clear_options using the
SSL_OP_NO_SSLv2 flag.
Note that various services and clients had already disabled SSL
protocol 2 by default previously.
* Disable all weak EXPORT ciphers by default. These can be reenabled
if required by old legacy software using the environment variable
'OPENSSL_ALLOW_EXPORT'.
- CVE-2016-0705 (bnc#968047):
A double free() bug in the DSA ASN1 parser code was fixed that could
be abused to facilitate a denial-of-service attack.
- CVE-2016-0797 (bnc#968048):
The BN_hex2bn() and BN_dec2bn() functions had a bug that could result
in an attempt to de-reference a NULL pointer leading to crashes.
This could have security consequences if these functions were ever
called by user applications with large untrusted hex/decimal data. Also,
internal usage of these functions in OpenSSL uses data from config files
or application command line arguments. If user developed applications
generated config file data based on untrusted data, then this could
have had security consequences as well.
- CVE-2016-0799 (bnc#968374)
On many 64 bit systems, the internal fmtstr() and doapr_outch()
functions could miscalculate the length of a string and attempt to
access out-of-bounds memory locations. These problems could have
enabled attacks where large amounts of untrusted data is passed to
the BIO_*printf functions. If applications use these functions in
this way then they could have been vulnerable. OpenSSL itself uses
these functions when printing out human-readable dumps of ASN.1
data. Therefore applications that print this data could have been
vulnerable if the data is from untrusted sources. OpenSSL command line
applications could also have been vulnerable when they print out ASN.1
data, or if untrusted data is passed as command line arguments. Libssl
is not considered directly vulnerable.
- CVE-2015-3197 (bsc#963415):
The SSLv2 protocol did not block disabled ciphers.
Note that the March 1st 2016 release also references following CVEs
that were fixed by us with CVE-2015-0293 in 2015:
- CVE-2016-0703 (bsc#968051): This issue only affected versions of
OpenSSL prior to March 19th 2015 at which time the code was refactored
to address vulnerability CVE-2015-0293. It would have made the above
'DROWN' attack much easier.
- CVE-2016-0704 (bsc#968053): 'Bleichenbacher oracle in SSLv2'
This issue only affected versions of OpenSSL prior to March 19th
2015 at which time the code was refactored to address vulnerability
CVE-2015-0293. It would have made the above 'DROWN' attack much easier.
Also fixes the following bug:
- Avoid running OPENSSL_config twice. This avoids breaking
engine loading and also fixes a memory leak in libssl. (bsc#952871 bsc#967787)
ImportantSUSE bug 952871SUSE bug 963415SUSE bug 967787SUSE bug 968046SUSE bug 968047SUSE bug 968048SUSE bug 968051SUSE bug 968053SUSE bug 968374CVE-2015-3197 at SUSECVE-2015-3197 at NVDCVE-2016-0702 at SUSECVE-2016-0702 at NVDCVE-2016-0703 at SUSECVE-2016-0703 at NVDCVE-2016-0705 at SUSECVE-2016-0705 at NVDCVE-2016-0797 at SUSECVE-2016-0797 at NVDCVE-2016-0799 at SUSECVE-2016-0799 at NVDCVE-2016-0800 at SUSECVE-2016-0800 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
Security issues fixed:
- CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)
- CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)
- CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)
- CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)
- CVE-2016-0702: Side channel attack on modular exponentiation 'CacheBleed' (bsc#968050)
Bugs fixed:
- fate#320304: build 32bit devel package
- bsc#976943: Fix buffer overrun in ASN1_parse
- bsc#973223: allow weak DH groups, vulnerable to the logjam attack,
when environment variable OPENSSL_ALLOW_LOGJAM_ATTACK is set
- bsc#889013: Rename README.SuSE to the new spelling
ImportantSUSE bug 889013SUSE bug 968050SUSE bug 976942SUSE bug 976943SUSE bug 977614SUSE bug 977615SUSE bug 977617CVE-2016-0702 at SUSECVE-2016-0702 at NVDCVE-2016-2105 at SUSECVE-2016-2105 at NVDCVE-2016-2106 at SUSECVE-2016-2106 at NVDCVE-2016-2108 at SUSECVE-2016-2108 at NVDCVE-2016-2109 at SUSECVE-2016-2109 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
OpenSSL Security Advisory [22 Sep 2016] (bsc#999665)
Severity: High
* OCSP Status Request extension unbounded memory growth (CVE-2016-6304) (bsc#999666)
Severity: Low
* Pointer arithmetic undefined behavior (CVE-2016-2177) (bsc#982575)
* Constant time flag not preserved in DSA signing (CVE-2016-2178) (bsc#983249)
* DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)
* DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)
* OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)
* Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183) (bsc#995359)
* Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)
* OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)
* Certificate message OOB reads (CVE-2016-6306) (bsc#999668)
More information can be found on: https://www.openssl.org/news/secadv/20160922.txt
Bugs fixed:
* Update expired S/MIME certs (bsc#979475)
* Fix crash in print_notice (bsc#998190)
* Resume reading from /dev/urandom when interrupted by a signal (bsc#995075)
ImportantSUSE bug 979475SUSE bug 982575SUSE bug 983249SUSE bug 993819SUSE bug 994749SUSE bug 994844SUSE bug 995075SUSE bug 995324SUSE bug 995359SUSE bug 995377SUSE bug 998190SUSE bug 999665SUSE bug 999666SUSE bug 999668CVE-2016-2177 at SUSECVE-2016-2177 at NVDCVE-2016-2178 at SUSECVE-2016-2178 at NVDCVE-2016-2179 at SUSECVE-2016-2179 at NVDCVE-2016-2181 at SUSECVE-2016-2181 at NVDCVE-2016-2182 at SUSECVE-2016-2182 at NVDCVE-2016-2183 at SUSECVE-2016-2183 at NVDCVE-2016-6302 at SUSECVE-2016-6302 at NVDCVE-2016-6303 at SUSECVE-2016-6303 at NVDCVE-2016-6304 at SUSECVE-2016-6304 at NVDCVE-2016-6306 at SUSECVE-2016-6306 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues contained in the
OpenSSL Security Advisory [26 Jan 2017] (bsc#1021641)
Security issues fixed:
- CVE-2016-7056: A local ECSDA P-256 timing attack that might have allowed key recovery was fixed (bsc#1019334)
- CVE-2016-8610: A remote denial of service in SSL alert handling was fixed (bsc#1005878)
- degrade 3DES to MEDIUM in SSL2 (bsc#1001912)
- CVE-2016-2108: Added a missing commit for CVE-2016-2108, fixing the negative zero handling in the ASN.1 decoder (bsc#1004499)
Bugs fixed:
- fix crash in openssl speed (bsc#1000677)
- don't attempt session resumption if no ticket is present and session
ID length is zero (bsc#984663)
ModerateSUSE bug 1000677SUSE bug 1001912SUSE bug 1004499SUSE bug 1005878SUSE bug 1019334SUSE bug 1021641SUSE bug 984663CVE-2016-2108 at SUSECVE-2016-2108 at NVDCVE-2016-7056 at SUSECVE-2016-7056 at NVDCVE-2016-8610 at SUSECVE-2016-8610 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
- CVE-2018-0739: Constructed ASN.1 types with a recursive definition could exceed
the stack. This could result in a Denial Of Service attack. (bsc#1087102)
ImportantSUSE bug 1087102CVE-2018-0739 at SUSECVE-2018-0739 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based
ciphersuite a malicious server could have sent a very large prime value to the
client. This caused the client to spend an unreasonably long period of time
generating a key for this prime resulting in a hang until the client has
finished. This could be exploited in a Denial Of Service attack (bsc#1097158).
- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)
ModerateSUSE bug 1097158SUSE bug 1097624SUSE bug 1098592CVE-2018-0732 at SUSECVE-2018-0732 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following security issue:
- CVE-2018-0737: The RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could have recovered the private key (bsc#1089039)
ModerateSUSE bug 1089039CVE-2018-0737 at SUSECVE-2018-0737 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
Security issues fixed:
- CVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652).
- CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses (bsc#1113534).
- CVE-2016-8610: Adjusted current fix and add missing error string (bsc#1110018).
- Fixed the 'One and Done' side-channel attack on RSA (bsc#1104789).
ModerateSUSE bug 1104789SUSE bug 1110018SUSE bug 1113534SUSE bug 1113652CVE-2016-8610 at SUSECVE-2016-8610 at NVDCVE-2018-0734 at SUSECVE-2018-0734 at NVDCVE-2018-5407 at SUSECVE-2018-5407 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
Security issues fixed:
- CVE-2019-1559: Fix 0-byte record padding oracle via SSL_shutdown (bsc#1127080)
- Reject invalid EC point coordinates (bsc#1131291)
- Mitigate the 'The 9 Lives of Bleichenbacher's CAT: Cache ATtacks on TLS Implementations' attack (bsc#1117951)
ModerateSUSE bug 1117951SUSE bug 1127080SUSE bug 1131291CVE-2019-1559 at SUSECVE-2019-1559 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
OpenSSL Security Advisory [10 September 2019]
- CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance (bsc#1150003).
- CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key (bsc#1150250).
ModerateSUSE bug 1150003SUSE bug 1150250CVE-2019-1547 at SUSECVE-2019-1547 at NVDCVE-2019-1563 at SUSECVE-2019-1563 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
- Included the missing cms and pk7 fixes of CVE-2019-1563 (bsc#1153785).
ImportantSUSE bug 1153785CVE-2019-1563 at SUSECVE-2019-1563 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
- Add missing commits for fixing the security issue called 'The 9 Lives of Bleichenbacher's CAT'. (bsc#1117951)
- Fix a memory leak problem in function 'BN_copy()'. (bsc#1160163)
ModerateSUSE bug 1117951SUSE bug 1160163cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
- CVE-2020-1968: Introduced hardening against the Raccoon attack by always generating fresh DH keys
and never reuse them across multiple TLS connections (bsc#1176331).
ImportantSUSE bug 1176331CVE-2020-1968 at SUSECVE-2020-1968 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
- CVE-2021-23840: Fixed an Integer overflow in CipherUpdate (bsc#1182333)
- CVE-2021-23841: Fixed a Null pointer dereference in X509_issuer_and_serial_hash() (bsc#1182331)
ModerateSUSE bug 1182331SUSE bug 1182333CVE-2021-23840 at SUSECVE-2021-23840 at NVDCVE-2021-23841 at SUSECVE-2021-23841 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following security issue:
- CVE-2021-3712: a bug in the code for printing certificate details could lead
to a buffer overrun that a malicious actor could exploit to crash the
application, causing a denial-of-service attack. [bsc#1189521]
ImportantSUSE bug 1189521CVE-2021-3712 at SUSECVE-2021-3712 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
- CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712.
Read buffer overruns processing ASN.1 strings (bsc#1189521).
LowSUSE bug 1189521CVE-2021-3712 at SUSECVE-2021-3712 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
- CVE-2022-0778: Infinite loop in BN_mod_sqrt() reachable when parsing certificates (bsc#1196877).
ImportantSUSE bug 1196877CVE-2022-0778 at SUSECVE-2022-0778 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
- CVE-2022-1292: Fixed command injection in c_rehash (bsc#1199166).
ImportantSUSE bug 1199166CVE-2022-1292 at SUSECVE-2022-1292 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
- CVE-2022-2068: Fixed more shell code injection issues in c_rehash. (bsc#1200550)
ModerateSUSE bug 1200550CVE-2022-2068 at SUSECVE-2022-2068 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
- CVE-2022-2068: Fixed more shell code injection issues in c_rehash. (bsc#1200550)
ModerateSUSE bug 1200550CVE-2022-2068 at SUSECVE-2022-2068 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
- Fixed regression caused by unknown option passed to 'openssl x509' from c_rehash
ImportantSUSE bug 1201283cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
- CVE-2022-4304: Fixed timing Oracle in RSA Decryption (bsc#1207534).
ModerateSUSE bug 1207534CVE-2022-4304 at SUSECVE-2022-4304 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
- CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints (bsc#1209624).
ModerateSUSE bug 1209624CVE-2023-0464 at SUSECVE-2023-0464 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl fixes the following issues:
- CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored (bsc#1209878).
ModerateSUSE bug 1209878CVE-2023-0465 at SUSECVE-2023-0465 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl-certsSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
openssl-certs has been updated to include four new and remove two
certificates:
* new: Atos_TrustedRoot_2011:2.8.92.51.203.98.44.95.179.50.crt
* new:
E-Tugra_Certification_Authority:2.8.106.104.62.156.81.155.203.83.crt
* new:
TeliaSonera_Root_CA_v1:2.17.0.149.190.22.160.247.46.70.241.123.57.130.114.250.139.205.150.crt
* new: T-TeleSec_GlobalRoot_Class_2:2.1.1.crt
* removed: Firmaprofesional_Root_CA:2.1.1.crt
* removed: TDC_OCES_Root_CA:2.4.62.72.189.196.crt
SUSE bug 796628SUSE bug 854367SUSE bug 860581SUSE bug 865080SUSE bug 875647SUSE bug 881241cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following issues:
Security issues fixed:
- CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)
- CVE-2016-2107: Padding oracle in AES-NI CBC MAC check (bsc#977616)
- CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)
- CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)
- CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)
Bugs fixed:
- bsc#971354: libopenssl1_0_0 now Recommends: openssl1 to get correct SSL Root
Certificate hashes
- bsc#889013: Rename README.SuSE to the new spelling README.SUSE
- bsc#976943: Fixed a buffer overrun in ASN1_parse.
- bsc#977621: Preserve negotiated digests for SNI (bsc#977621)
ImportantSUSE bug 889013SUSE bug 971354SUSE bug 976942SUSE bug 976943SUSE bug 977614SUSE bug 977615SUSE bug 977616SUSE bug 977617SUSE bug 977621CVE-2016-2105 at SUSECVE-2016-2105 at NVDCVE-2016-2106 at SUSECVE-2016-2106 at NVDCVE-2016-2107 at SUSECVE-2016-2107 at NVDCVE-2016-2108 at SUSECVE-2016-2108 at NVDCVE-2016-2109 at SUSECVE-2016-2109 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following issues:
penSSL Security Advisory [22 Sep 2016] (bsc#999665)
Severity: High
* OCSP Status Request extension unbounded memory growth (CVE-2016-6304) (bsc#999666)
Severity: Low
* Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575)
* Constant time flag not preserved in DSA signing (CVE-2016-2178) (bsc#983249)
* DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)
* OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (bsc#990419)
* DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)
* OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)
* Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183) (bsc#995359)
* Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)
* OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)
* Certificate message OOB reads (CVE-2016-6306) (bsc#999668)
More information can be found on: https://www.openssl.org/news/secadv/20160922.txt
Also following bugs were fixed:
* update expired S/MIME certs (bsc#979475)
* improve s390x performance (bsc#982745)
* fix crash in print_notice (bsc#998190)
* resume reading from /dev/urandom when interrupted by a signal (bsc#995075)
ImportantSUSE bug 979475SUSE bug 982575SUSE bug 982745SUSE bug 983249SUSE bug 990419SUSE bug 993819SUSE bug 994749SUSE bug 994844SUSE bug 995075SUSE bug 995324SUSE bug 995359SUSE bug 995377SUSE bug 998190SUSE bug 999665SUSE bug 999666SUSE bug 999668CVE-2016-2177 at SUSECVE-2016-2177 at NVDCVE-2016-2178 at SUSECVE-2016-2178 at NVDCVE-2016-2179 at SUSECVE-2016-2179 at NVDCVE-2016-2180 at SUSECVE-2016-2180 at NVDCVE-2016-2181 at SUSECVE-2016-2181 at NVDCVE-2016-2182 at SUSECVE-2016-2182 at NVDCVE-2016-2183 at SUSECVE-2016-2183 at NVDCVE-2016-6302 at SUSECVE-2016-6302 at NVDCVE-2016-6303 at SUSECVE-2016-6303 at NVDCVE-2016-6304 at SUSECVE-2016-6304 at NVDCVE-2016-6306 at SUSECVE-2016-6306 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following issues contained in the
OpenSSL Security Advisory [26 Jan 2017] (bsc#1021641)
Security issues fixed:
- CVE-2016-7056: A local ECSDA P-256 timing attack that might have allowed key recovery was fixed (bsc#1019334)
- CVE-2016-8610: A remote denial of service in SSL alert handling was fixed (bsc#1005878)
- CVE-2017-3731: Truncated packet could crash via OOB read (bsc#1022085)
- Degrade the 3DES cipher to MEDIUM in SSLv2 (bsc#1001912)
- CVE-2016-2108: Added a missing commit for CVE-2016-2108, fixing the negative zero handling in the ASN.1 decoder (bsc#1004499)
Bugs fixed:
- fix crash in openssl speed (bsc#1000677)
- call c_rehash in %post (bsc#1001707)
- ship static libraries in the devel package (bsc#1022644)
ModerateSUSE bug 1000677SUSE bug 1001707SUSE bug 1001912SUSE bug 1004499SUSE bug 1005878SUSE bug 1019334SUSE bug 1021641SUSE bug 1022085SUSE bug 1022644CVE-2016-2108 at SUSECVE-2016-2108 at NVDCVE-2016-7056 at SUSECVE-2016-7056 at NVDCVE-2016-8610 at SUSECVE-2016-8610 at NVDCVE-2017-3731 at SUSECVE-2017-3731 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following issues:
Security issues fixed:
- CVE-2017-3735: Malformed X.509 IPAdressFamily could cause OOB read (bsc#1056058)
- adjust DEFAULT_SUSE to meet 1.0.2 and current state (bsc#1027908)
- out of bounds read+crash in DES_fcrypt (bsc#1065363)
- DEFAULT_SUSE cipher list is missing ECDHE-ECDSA ciphers (bsc#1055825)
- Missing important ciphers in openssl 1.0.1i-47.1 (bsc#990592)
Bug fixes:
- support alternate root ca chains (bsc#1032261)
- Require openssl1, so c_rehash1 is available during %post to hash the certificates (bsc#1057660)
ImportantSUSE bug 1027908SUSE bug 1032261SUSE bug 1055825SUSE bug 1056058SUSE bug 1057660SUSE bug 1065363SUSE bug 990592CVE-2017-3735 at SUSECVE-2017-3735 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following issues:
- CVE-2018-0739: Constructed ASN.1 types with a recursive definition could exceed
the stack. This could result in a Denial Of Service attack. (bsc#1087102)
ImportantSUSE bug 1087102CVE-2018-0739 at SUSECVE-2018-0739 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following security issues:
- CVE-2018-0737: The RSA Key generation algorithm has been shown to be
vulnerable to a cache timing side channel attack. An attacker with sufficient
access to mount cache timing attacks during the RSA key generation process
could have recovered the private key (bsc#1089039)
- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based
ciphersuite a malicious server could have sent a very large prime value to the
client. This caused the client to spend an unreasonably long period of time
generating a key for this prime resulting in a hang until the client has
finished. This could be exploited in a Denial Of Service attack (bsc#1097158)
- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)
ModerateSUSE bug 1089039SUSE bug 1097158SUSE bug 1097624SUSE bug 1098592CVE-2018-0732 at SUSECVE-2018-0732 at NVDCVE-2018-0737 at SUSECVE-2018-0737 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following issues:
Security issues fixed:
- CVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652).
- CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses (bsc#1113534).
- CVE-2016-8610: Adjusted current fix and add missing error string (bsc#1110018).
- Fixed the 'One and Done' side-channel attack on RSA (bsc#1104789).
ModerateSUSE bug 1104789SUSE bug 1110018SUSE bug 1113534SUSE bug 1113652CVE-2016-8610 at SUSECVE-2016-8610 at NVDCVE-2018-0734 at SUSECVE-2018-0734 at NVDCVE-2018-5407 at SUSECVE-2018-5407 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following security issues:
- CVE-2019-1559: Fix 0-byte record padding oracle via SSL_shutdown (bsc#1127080)
- Reject invalid EC point coordinates (bsc#1131291)
- Fixed 'The 9 Lives of Bleichenbacher's CAT: Cache ATtacks on TLS Implementations' (bsc#1117951)
ModerateSUSE bug 1117951SUSE bug 1127080SUSE bug 1131291CVE-2019-1559 at SUSECVE-2019-1559 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following issues:
OpenSSL Security Advisory [10 September 2019]
* CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance. (bsc#1150003)
* CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key (bsc#1150250)
ModerateSUSE bug 1150003SUSE bug 1150250CVE-2019-1547 at SUSECVE-2019-1547 at NVDCVE-2019-1563 at SUSECVE-2019-1563 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following issues:
- Add missing commits fixing the security issue called 'The 9 Lives of Bleichenbacher's CAT'. (bsc#1117951)
- Fix a memory problem in 'BN_copy()'. (bsc#1160163)
ModerateSUSE bug 1117951SUSE bug 1160163cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following issues:
- CVE-2020-1968: Introduced hardening against the Raccoon attack by always generating fresh DH keys
and never reuse them across multiple TLS connections (bsc#1176331).
ImportantSUSE bug 1176331CVE-2020-1968 at SUSECVE-2020-1968 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following issues:
- CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME (bsc#1179491).
ImportantSUSE bug 1179491CVE-2020-1971 at SUSECVE-2020-1971 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following issues:
- CVE-2021-23840: Fixed an Integer overflow in CipherUpdate (bsc#1182333)
- CVE-2021-23841: Fixed a Null pointer dereference in X509_issuer_and_serial_hash() (bsc#1182331)
ModerateSUSE bug 1182331SUSE bug 1182333CVE-2021-23840 at SUSECVE-2021-23840 at NVDCVE-2021-23841 at SUSECVE-2021-23841 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following security issue:
- CVE-2021-3712: a bug in the code for printing certificate details could
lead to a buffer overrun that a malicious actor could exploit to crash
the application, causing a denial-of-service attack. [bsc#1189521]
ImportantSUSE bug 1189521CVE-2021-3712 at SUSECVE-2021-3712 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following issues:
- CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712.
Read buffer overruns processing ASN.1 strings (bsc#1189521).
LowSUSE bug 1189521CVE-2021-3712 at SUSECVE-2021-3712 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following issues:
- CVE-2022-0778: Fixed an infinite loop in BN_mod_sqrt() reachable when parsing certificates (bsc#1196877)
ImportantSUSE bug 1196877CVE-2022-0778 at SUSECVE-2022-0778 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following issues:
* CVE-2022-1292: properly sanitise shell metacharacters in c_rehash script. (bsc#1199166)
ImportantSUSE bug 1199166CVE-2022-1292 at SUSECVE-2022-1292 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following issues:
- fixed regression caused by unknown option passed to 'openssl x509' from c_rehash
ImportantSUSE bug 1201283cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following issues:
- CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address (bsc#1207533).
- CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF() (bsc#1207536).
- CVE-2022-4304: Fixed timing Oracle in RSA Decryption (bsc#1207534).
ImportantSUSE bug 1207533SUSE bug 1207534SUSE bug 1207536CVE-2022-4304 at SUSECVE-2022-4304 at NVDCVE-2023-0215 at SUSECVE-2023-0215 at NVDCVE-2023-0286 at SUSECVE-2023-0286 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following issues:
- CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints (bsc#1209624).
ModerateSUSE bug 1209624CVE-2023-0464 at SUSECVE-2023-0464 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openssl1 fixes the following issues:
- CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored (bsc#1209878).
- CVE-2023-0466: Certificate policy check were not enabled (bsc#1209873).
ModerateSUSE bug 1209873SUSE bug 1209878CVE-2023-0465 at SUSECVE-2023-0465 at NVDCVE-2023-0466 at SUSECVE-2023-0466 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openvpnSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
OpenVPN used a non-constant-time memcmp in HMAC comparison in
openvpn_decrypt that might have allowed remote attackers to gain knowledge
of plaintext data. (CVE-2013-2061)
Security Issues:
* CVE-2013-2061
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2061>
SUSE bug 843509SUSE bug 895882SUSE bug 907764CVE-2013-2061 at SUSECVE-2013-2061 at NVDCVE-2014-8104 at SUSECVE-2014-8104 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for openvpn (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openvpn fixes the following issues:
- It was possible to trigger an assertion by sending a malformed IPv6 packet.
That issue could have been abused to remotely shutdown an openvpn server or
client, if IPv6 and --mssfix were enabled and if the IPv6 networks used
inside the VPN were known. [bsc#1044947, CVE-2017-7508]
ImportantSUSE bug 1044947CVE-2017-7508 at SUSECVE-2017-7508 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for openvpn (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openvpn fixes the following security issues:
- CVE-2017-12166: OpenVPN was vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. (bsc#1060877).
- CVE-2016-6329: Now show which ciphers should no longer be used in openvpn --show-ciphers to avoid the SWEET32 attack (bsc#995374)
- CVE-2017-7478: OpenVPN was vulnerable to unauthenticated Denial of Service of server via received large control packet. (bsc#1038709)
- CVE-2017-7479: OpenVPN was vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker. (bsc#1038711)
- Some other hardening fixes have also been applied (bsc#1038713)
ImportantSUSE bug 1038709SUSE bug 1038711SUSE bug 1038713SUSE bug 1060877SUSE bug 995374CVE-2016-6329 at SUSECVE-2016-6329 at NVDCVE-2017-12166 at SUSECVE-2017-12166 at NVDCVE-2017-7478 at SUSECVE-2017-7478 at NVDCVE-2017-7479 at SUSECVE-2017-7479 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for openvpn (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openvpn fixes the following issues:
- CVE-2020-15078: Fixed authentication bypass with deferred authentication (bsc#1185279).
ModerateSUSE bug 1185279CVE-2020-15078 at SUSECVE-2020-15078 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openvpn-openssl1 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openvpn-openssl1 fixes the following issues:
- Some parts of the certificate-parsing code did not always clear all allocated
memory. This would have allowed clients to leak a few bytes of memory for
each connection attempt, thereby facilitating a (quite inefficient) DoS
attack on the server. [bsc#1044947, CVE-2017-7521]
- The ASN1 parsing code contained a bug that could have resulted in some
buffers being free()d twice, and this issue could have potentially been
triggered remotely by a VPN peer. [bsc#1044947, CVE-2017-7521]
- If clients used a HTTP proxy with NTLM authentication, a man-in-the-middle
attacker between client and proxy could cause the client to crash or disclose
at most 96 bytes of stack memory. The disclosed stack memory was likely to
contain the proxy password. If the proxy password had not been reused, this
was unlikely to compromise the security of the OpenVPN tunnel itself. Clients
who did not use the --http-proxy option with ntlm2 authentication were not
affected. [bsc#1044947, CVE-2017-7520]
- It was possible to trigger an assertion by sending a malformed IPv6 packet.
That issue could have been abused to remotely shutdown an openvpn server or
client, if IPv6 and --mssfix were enabled and if the IPv6 networks used
inside the VPN were known. [bsc#1044947, CVE-2017-7508]
- The installed sample configuration file was updated to comply to FIPS
requirements. [bsc#988522]
- Remedy large latencies on the openVPN server during authentication process.
[bsc#959511]
- Fix potential denial-of-service attacks found during independent audits.
[bsc#1038713, bsc#1038709, CVE-2017-7478, bsc#1038711, CVE-2017-7479]
ImportantSUSE bug 1038709SUSE bug 1038711SUSE bug 1038713SUSE bug 1044947SUSE bug 959511SUSE bug 988522CVE-2017-7478 at SUSECVE-2017-7478 at NVDCVE-2017-7479 at SUSECVE-2017-7479 at NVDCVE-2017-7508 at SUSECVE-2017-7508 at NVDCVE-2017-7520 at SUSECVE-2017-7520 at NVDCVE-2017-7521 at SUSECVE-2017-7521 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openvpn-openssl1 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openvpn-openssl1 fixes the following issues:
Security issue fixed:
- CVE-2017-12166: Fix remote buffer overflow (bsc#1060877).
ImportantSUSE bug 1060877CVE-2017-12166 at SUSECVE-2017-12166 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openvpn-openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openvpn-openssl1 fixes the following issues:
- Fixed Out of bounds read on getaddrinfo() result (bsc#959714).
ModerateSUSE bug 959714cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openvpn-openssl1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openvpn-openssl1 fixes the following issues:
- CVE-2020-15078: Fixed authentication bypass with deferred authentication (bsc#1185279).
- CVE-2018-7544: Fixed cross-protocol scripting issue that was discovered in the management interface (bsc#1085803).
ModerateSUSE bug 1085803SUSE bug 1185279CVE-2018-7544 at SUSECVE-2018-7544 at NVDCVE-2020-15078 at SUSECVE-2020-15078 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openvpn-openssl1 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openvpn-openssl1 fixes the following issues:
- CVE-2022-0547: Fixed possible authentication bypass in external authentication plug-in (bsc#1197341).
ImportantSUSE bug 1197341CVE-2022-0547 at SUSECVE-2022-0547 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for openwsman (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for openwsman fixes the following issues:
Security issues fixed:
- CVE-2019-3816: Fixed a vulnerability in openwsmand deamon which could lead to arbitary file disclosure (bsc#1122623).
- CVE-2019-3833: Fixed a vulnerability in process_connection() which could allow an attacker to trigger an infinite
loop which leads to Denial of Service (bsc#1122623).
ImportantSUSE bug 1122623CVE-2019-3816 at SUSECVE-2019-3816 at NVDCVE-2019-3833 at SUSECVE-2019-3833 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for orca (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This orca update fixes the following security issue.
- Don't try to import modules from current working directory (bsc#916835, CVE-2013-4245).
ModerateSUSE bug 916835CVE-2013-4245 at SUSECVE-2013-4245 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Recommended update for p7zip (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for p7zip fixes the following issue:
- Provide version 9.20.1 of 'p7zip' package. (jsc#ECO-3520)
ModerateSUSE bug 1077725SUSE bug 1077978SUSE bug 912878SUSE bug 979823SUSE bug 984650CVE-2015-1038 at SUSECVE-2015-1038 at NVDCVE-2016-1372 at SUSECVE-2016-1372 at NVDCVE-2016-2335 at SUSECVE-2016-2335 at NVDCVE-2017-17969 at SUSECVE-2017-17969 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for pamSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update changes the broken default behavior of pam_pwhistory to not
enforce checks when the root user requests password changes. In order to
enforce pwhistory checks on the root user, the 'enforce_for_root' parameter
needs to be set for the pam_pwhistory.so module.
This pam update fixes the following security and non-security issues:
* bnc#870433: Fixed pam_timestamp path injection problem
(CVE-2014-2583)
* bnc#848417: Fixed pam_pwhistory root password enforcement when
resetting non-root user's password
Security Issue references:
* CVE-2014-2583
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2583>
SUSE bug 848417SUSE bug 870433CVE-2014-2583 at SUSECVE-2014-2583 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for pam (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for pam fixes the following issues:
Security issues fixed:
- CVE-2015-3238: Fixed a denial of service and information leak which could be caused by very long passwords (bsc#934920).
- CVE-2013-7041: Fixed a potential authentication bypass where password hashes weren't compared case-sensitively (bsc#854480).
ModerateSUSE bug 854480SUSE bug 934920CVE-2013-7041 at SUSECVE-2013-7041 at NVDCVE-2015-3238 at SUSECVE-2015-3238 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for pam-modules (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for pam-modules fixes the following issue.
This security issue was fixed:
- CVE-2011-3172: Ensure that unix2_chkpwd calls pam_acct_mgmt to prevent usage
of locked accounts (bsc#707645, bsc#839386).
ModerateSUSE bug 707645SUSE bug 839386CVE-2011-3172 at SUSECVE-2011-3172 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for pam_pkcs11 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for pam_pkcs11 fixes the following security issues:
- It was possible to replay an authentication by using a specially prepared smartcard or token (bsc#1105012)
- Prevent buffer overflow if a user has a home directory with a length of more than 512 bytes (bsc#1105012)
- Memory not cleaned properly before free() (bsc#1105012)
ModerateSUSE bug 1105012cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for pam_radius (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for pam_radius fixes the following issues:
- CVE-2015-9542: Fixed buffer overflow in password field (bsc#1163933).
ModerateSUSE bug 1163933CVE-2015-9542 at SUSECVE-2015-9542 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for patch (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for patch fixes several issues.
These security issues were fixed:
- CVE-2018-1000156: patch: Malicious patch files cause ed to execute arbitrary commands (bsc#1088420).
- CVE-2014-9637: Prevent DoS by remote attackers (memory consumption and
segmentation fault) via a crafted diff file (bsc#914891).
- CVE-2016-10713: Prevent out-of-bounds access within pch_write_line() that
could have lead to DoS via a crafted input file (bsc#1080918).
- CVE-2010-4651: Fixed a directory traversal bug (bsc#662957):
ImportantSUSE bug 1059698SUSE bug 1080918SUSE bug 1088420SUSE bug 662957SUSE bug 914891CVE-2010-4651 at SUSECVE-2010-4651 at NVDCVE-2014-9637 at SUSECVE-2014-9637 at NVDCVE-2016-10713 at SUSECVE-2016-10713 at NVDCVE-2018-1000156 at SUSECVE-2018-1000156 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for perlSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes a memory leak and an infinite recursion in Data::Dumper.
(CVE-2014-4330)
Security Issues:
* CVE-2014-4330
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4330>
SUSE bug 838333SUSE bug 896715SUSE bug 900455CVE-2014-4330 at SUSECVE-2014-4330 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for perl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for perl fixes the following issues:
- CVE-2016-6185: xsloader looking at a '(eval)' directory [bsc#988311]
- CVE-2016-1238: searching current directory for optional modules [bsc#987887]
- CVE-2015-8853: regex engine hanging on bad utf8 [bnc976584]
- CVE-2016-2381: environment dup handling bug [bsc#967082]
- perl panic with utf8_mg_pos_cache_update [bsc#929027]
ModerateSUSE bug 929027SUSE bug 967082SUSE bug 987887SUSE bug 988311CVE-2015-8853 at SUSECVE-2015-8853 at NVDCVE-2016-1238 at SUSECVE-2016-1238 at NVDCVE-2016-2381 at SUSECVE-2016-2381 at NVDCVE-2016-6185 at SUSECVE-2016-6185 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for perl (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for perl fixes the following issues:
Security issue fixed:
- CVE-2017-6512: Race condition in the rmtree and remove_tree functions in the
File-Path module before 2.13 for Perl allows attackers to set the mode on
arbitrary files via vectors involving directory-permission loosening logic.
(bnc#1047178)
Bug fixes:
- reformat baselibs.conf as source validator workaround
LowSUSE bug 1047178CVE-2017-6512 at SUSECVE-2017-6512 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for perl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for perl fixes the following issues:
Security issue fixed:
- CVE-2018-6913: Fixed space calculation issues in pp_pack.c (bsc#1082216).
- CVE-2018-6798: Fixed heap buffer overflow in regexec.c (bsc#1082233).
ModerateSUSE bug 1082216SUSE bug 1082233CVE-2018-6798 at SUSECVE-2018-6798 at NVDCVE-2018-6913 at SUSECVE-2018-6913 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for perl (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for perl fixes the following issues:
- CVE-2018-12015: The Archive::Tar module allowed remote attackers to bypass a
directory-traversal protection mechanism and overwrite arbitrary files
(bsc#1096718).
ModerateSUSE bug 1096718CVE-2018-12015 at SUSECVE-2018-12015 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for perl (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for perl fixes the following issues:
- CVE-2020-10543: Fixed a buffer overflow triggered via an
attacker-controlled regular expression (bsc#1171863).
- CVE-2020-10878: Fixed an integer overflow that could lead to an
attacker injecting instructions into the regular expression
intermediate representation (bsc#1171864).
- CVE-2020-12723: Fixed an integer overflow that could lead to an
attacker injecting instructions into the regular expression
intermediate representation (bsc#1171866).
- CVE-2018-18311: Fixed an integer overflow that lead to a buffer
overflow (bsc#1114674).
Non-security fixes:
- Fixed issues with timelocal calls (bsc#1102840, bsc#1160039).
ImportantSUSE bug 1102840SUSE bug 1114674SUSE bug 1160039SUSE bug 1171863SUSE bug 1171864SUSE bug 1171866CVE-2018-18311 at SUSECVE-2018-18311 at NVDCVE-2020-10543 at SUSECVE-2020-10543 at NVDCVE-2020-10878 at SUSECVE-2020-10878 at NVDCVE-2020-12723 at SUSECVE-2020-12723 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for perl-Archive-Zip (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for perl-Archive-Zip fixes the following security issue:
- CVE-2018-10860: Prevent directory traversal caused by not properly sanitizing
paths while extracting zip files. An attacker able to provide a specially
crafted archive for processing could have used this flaw to write or overwrite
arbitrary files in the context of the perl interpreter (bsc#1099497).
ModerateSUSE bug 1099497CVE-2018-10860 at SUSECVE-2018-10860 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for perl-Convert-ASN1 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for perl-Convert-ASN1 fixes the following issue:
- CVE-2013-7488: Fixed an infinite loop via unexpected input (bsc#1168934).
ModerateSUSE bug 1168934CVE-2013-7488 at SUSECVE-2013-7488 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for perl-DBD-mysql (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for perl-DBD-mysql fixes the following issues:
- Add patch to fix CVE-2016-1251 (bsc#1012546) use-after-free for repeated
fetchrow_arrayref calls when mysql_server_prepare=1
ModerateSUSE bug 1012546CVE-2016-1251 at SUSECVE-2016-1251 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for perl-DBD-mysql (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for perl-DBD-mysql fixes the following issues:
- CVE-2016-1246: Buffer overflow allowed context-dependent attackers to cause a denial of service (crash) via vectors related to an error message (bsc#1002626).
- CVE-2016-1249: Out-of-bounds read when using server-side prepared statement support (bsc#1010457).
ModerateSUSE bug 1002626SUSE bug 1010457CVE-2016-1246 at SUSECVE-2016-1246 at NVDCVE-2016-1249 at SUSECVE-2016-1249 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for perl-DBD-mysql (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for perl-DBD-mysql fixes the following issues:
- CVE-2017-10789: The DBD::mysql module when with mysql_ssl=1 setting enabled, means that SSL is optional
(even though this setting's documentation has a \'your communication with the server will be encrypted\' statement),
which could lead man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack,
a related issue to CVE-2015-3152. (bsc#1047059)
- CVE-2017-10788: The DBD::mysql module through 4.043 for Perl allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by triggering (1) certain error responses from a MySQL server or (2) a loss of a network connection to a MySQL server. The use-after-free defect was introduced by relying on incorrect Oracle mysql_stmt_close documentation and code examples. (bsc#1047095)
ModerateSUSE bug 1047059SUSE bug 1047095CVE-2017-10788 at SUSECVE-2017-10788 at NVDCVE-2017-10789 at SUSECVE-2017-10789 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for perl-DBI (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for perl-DBI fixes the following issues:
Security issues fixed:
- CVE-2020-14392: Memory corruption in XS functions when Perl stack is reallocated (bsc#1176412).
- CVE-2020-14393: Fixed a buffer overflow on an overlong DBD class name (bsc#1176409).
ImportantSUSE bug 1176409SUSE bug 1176412CVE-2020-14392 at SUSECVE-2020-14392 at NVDCVE-2020-14393 at SUSECVE-2020-14393 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for perl-DBI (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for perl-DBI fixes the following issues:
- CVE-2019-20919: Fixed a NULL profile dereference in dbi_profile (bsc#1176764).
- CVE-2013-7490: Fixed memory corruption when using many arguments
to methods for CallbacksUsing (bsc#1176496).
- CVE-2013-7491: Fixed a stack corruption when a user-defined function required a
non-trivial amount of memory (bsc#1176493).
ImportantSUSE bug 1176493SUSE bug 1176496SUSE bug 1176764CVE-2013-7490 at SUSECVE-2013-7490 at NVDCVE-2013-7491 at SUSECVE-2013-7491 at NVDCVE-2019-20919 at SUSECVE-2019-20919 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for perl-PlRPC (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for perl-PlRPC fixes the following issues:
- Security notice: [bsc#858243, CVE-2013-7284]
* Document security vulnerability on Storable and reply attack
- Add perl-PlRPC-CVE-2013-7284.patch
ModerateSUSE bug 858243CVE-2013-7284 at SUSECVE-2013-7284 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for perl-XML-LibXML (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for perl-XML-LibXML fixes the following issues:
- CVE-2017-10672: A use-after-free allowed remote attackers to potentially
execute arbitrary code by controlling the arguments to a replaceChild call
(bsc#1046848)
ImportantSUSE bug 1046848CVE-2017-10672 at SUSECVE-2017-10672 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for permissions (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for permissions fixes the following issues:
- CVE-2019-3690: Fixed a privilege escalation through untrusted symlinks (bsc#1150734).
ModerateSUSE bug 1150734SUSE bug 1157198CVE-2019-3690 at SUSECVE-2019-3690 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for permissions (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for permissions fixes the following issues:
Security issues fixed:
- CVE-2020-8013: Fixed a missing symlink check. Do not follow symlinks that are the final path element (bsc#1163922).
- Fixed a regression where chkstat broke when /proc was not available (bsc#1160764, bsc#1160594).
ModerateSUSE bug 1160594SUSE bug 1160764SUSE bug 1163922CVE-2020-8013 at SUSECVE-2020-8013 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for permissions (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for permissions fixes the following issues:
- CVE-2022-31252: Fixed chkstat group controlled paths (bsc#1203018).
ModerateSUSE bug 1203018CVE-2022-31252 at SUSECVE-2022-31252 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
PHP was updated to fix two security issues.
The following vulnerabilities were fixed:
* CVE-2015-5589: PHP could be crashed when processing an invalid file with the 'phar' extension with a segfault in Phar::convertToData, leading to Denial of Service (DOS) (bsc#938721)
* CVE-2015-5590: PHP could be crashed or have unspecified other impact due to a buffer overlow in phar_fix_filepath (bsc#938719)
ModerateSUSE bug 938719SUSE bug 938721CVE-2015-5589 at SUSECVE-2015-5589 at NVDCVE-2015-5590 at SUSECVE-2015-5590 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update of PHP5 brings several security fixes.
Security fixes:
* CVE-2015-6831: A use after free vulnerability in unserialize() has been fixed which could be used to crash php or potentially execute code. [bnc#942291] [bnc#942294] [bnc#942295]
* CVE-2015-6836: A SOAP serialize_function_call() type confusion leading to remote code execution problem was fixed. [bnc#945428]
* CVE-2015-6837 CVE-2015-6838: Two NULL pointer dereferences in the XSLTProcessor class were fixed. [bnc#945412]
It also includes a bugfix for the odbc module:
* compare with SQL_NULL_DATA correctly [bnc#935074]
ImportantSUSE bug 935074SUSE bug 942291SUSE bug 942294SUSE bug 942295SUSE bug 942296SUSE bug 945412SUSE bug 945428CVE-2015-6831 at SUSECVE-2015-6831 at NVDCVE-2015-6833 at SUSECVE-2015-6833 at NVDCVE-2015-6836 at SUSECVE-2015-6836 at NVDCVE-2015-6837 at SUSECVE-2015-6837 at NVDCVE-2015-6838 at SUSECVE-2015-6838 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
- CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM (bnc#973792).
- CVE-2015-8835: SoapClient s_call method suffered from a type confusion issue that could have lead to crashes [bsc#973351]
- CVE-2016-2554: A NULL pointer dereference in phar_get_fp_offset could lead to crashes. [bsc#968284]
Note: we do not ship the phar extension currently, so we are not affected.
- CVE-2015-7803: A Stack overflow vulnerability when decompressing tar phar archives could potentially lead to code execution. [bsc#949961]
Note: we do not ship the phar extension currently, so we are not affected.
- CVE-2016-3141: A use-after-free / double-free in the WDDX
deserialization could lead to crashes or potential code
execution. [bsc#969821]
- CVE-2016-3142: An Out-of-bounds read in phar_parse_zipfile() could lead to crashes. [bsc#971912]
Note: we do not ship the phar extension currently, so we are not affected.
- CVE-2014-9767: A directory traversal when extracting zip files was fixed that could lead to
overwritten files. [bsc#971612]
- CVE-2016-3185: A type confusion vulnerability in
make_http_soap_request() could lead to crashes or potentially code
execution. [bsc#971611]
ImportantSUSE bug 949961SUSE bug 968284SUSE bug 969821SUSE bug 971611SUSE bug 971612SUSE bug 971912SUSE bug 973351SUSE bug 973792CVE-2014-9767 at SUSECVE-2014-9767 at NVDCVE-2015-7803 at SUSECVE-2015-7803 at NVDCVE-2015-8835 at SUSECVE-2015-8835 at NVDCVE-2015-8838 at SUSECVE-2015-8838 at NVDCVE-2016-2554 at SUSECVE-2016-2554 at NVDCVE-2016-3141 at SUSECVE-2016-3141 at NVDCVE-2016-3142 at SUSECVE-2016-3142 at NVDCVE-2016-3185 at SUSECVE-2016-3185 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following security issues:
- CVE-2016-4073: A remote attacker could have caused denial of service, or possibly execute arbitrary code, due to incorrect handling of string length calculations in mb_strcut() (bsc#977003)
- CVE-2015-8867: The PHP function openssl_random_pseudo_bytes() did not return cryptographically secure random bytes (bsc#977005)
- CVE-2016-4070: The libxml_disable_entity_loader() setting was shared between threads, which could have resulted in XML external entity injection and entity expansion issues (bsc#976997)
- CVE-2015-8866: A remote attacker could have caused denial of service due to incorrect handling of large strings in php_raw_url_encode() (bsc#976996)
ModerateSUSE bug 976996SUSE bug 976997SUSE bug 977003SUSE bug 977005CVE-2015-8866 at SUSECVE-2015-8866 at NVDCVE-2015-8867 at SUSECVE-2015-8867 at NVDCVE-2016-4070 at SUSECVE-2016-4070 at NVDCVE-2016-4073 at SUSECVE-2016-4073 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
- CVE-2016-5093: A get_icu_value_internal out-of-bounds read could crash the php interpreter (bsc#982010)
- CVE-2016-5094,CVE-2016-5095: Don't allow creating strings with lengths outside int range, avoids overflows (bsc#982011,bsc#982012)
- CVE-2016-5096: A int/size_t confusion in fread could corrupt memory (bsc#982013)
- CVE-2016-5114: A fpm_log.c memory leak and buffer overflow could leak information out of the php process or overwrite a buffer by 1 byte (bsc#982162)
- CVE-2016-4346: A heap overflow was fixed in ext/standard/string.c (bsc#977994)
- CVE-2016-4342: A heap corruption was fixed in tar/zip/phar parser (bsc#977991)
- CVE-2016-4537, CVE-2016-4538: bcpowmod accepted negative scale causing heap buffer overflow corrupting _one_ definition (bsc#978827)
- CVE-2016-4539: Malformed input causes segmentation fault in xml_parse_into_struct() function (bsc#978828)
- CVE-2016-4540, CVE-2016-4541: Out-of-bounds memory read in zif_grapheme_stripos when given negative offset (bsc#978829)
- CVE-2016-4542, CVE-2016-4543, CVE-2016-4544: Out-of-bounds heap memory
read in exif_read_data() caused by malformed input (bsc#978830)
- CVE-2015-4116: Use-after-free vulnerability in the spl_ptr_heap_insert
function (bsc#980366)
- CVE-2015-8873: Stack consumption vulnerability in Zend/zend_exceptions.c (bsc#980373)
- CVE-2015-8874: Stack consumption vulnerability in GD (bsc#980375)
- CVE-2015-8879: odbc_bindcols function in ext/odbc/php_odbc.c mishandles
driver behavior for SQL_WVARCHAR (bsc#981050)
Also fixed previously on SUSE Linux Enterprise 11 SP4, but not yet shipped to SUSE Linux Enterprise Server 11 SP3 LTSS:
- CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM (bnc#973792).
- CVE-2015-8835: SoapClient s_call method suffered from a type confusion
issue that could have lead to crashes [bsc#973351]
- CVE-2016-2554: A NULL pointer dereference in phar_get_fp_offset could
lead to crashes. [bsc#968284]
- CVE-2015-7803: A Stack overflow vulnerability when decompressing tar
phar archives could potentially lead to code execution. [bsc#949961]
- CVE-2016-3141: A use-after-free / double-free in the WDDX
deserialization could lead to crashes or potential code
execution. [bsc#969821]
- CVE-2016-3142: An Out-of-bounds read in phar_parse_zipfile() could lead to crashes. [bsc#971912]
- CVE-2014-9767: A directory traversal when extracting zip files was
fixed that could lead to overwritten files. [bsc#971612]
- CVE-2016-3185: A type confusion vulnerability in
make_http_soap_request() could lead to crashes or potentially code
execution. [bsc#971611]
- CVE-2016-4073: A remote attacker could have caused denial of service,
or possibly execute arbitrary code, due to incorrect handling of string
length calculations in mb_strcut() (bsc#977003)
- CVE-2015-8867: The PHP function openssl_random_pseudo_bytes() did not
return cryptographically secure random bytes (bsc#977005)
- CVE-2016-4070: The libxml_disable_entity_loader() setting was shared
between threads, which could have resulted in XML external entity
injection and entity expansion issues (bsc#976997)
- CVE-2015-8866: A remote attacker could have caused denial of service
due to incorrect handling of large strings in php_raw_url_encode()
(bsc#976996)
ImportantSUSE bug 949961SUSE bug 968284SUSE bug 969821SUSE bug 971611SUSE bug 971612SUSE bug 971912SUSE bug 973351SUSE bug 973792SUSE bug 976996SUSE bug 976997SUSE bug 977003SUSE bug 977005SUSE bug 977991SUSE bug 977994SUSE bug 978827SUSE bug 978828SUSE bug 978829SUSE bug 978830SUSE bug 980366SUSE bug 980373SUSE bug 980375SUSE bug 981050SUSE bug 982010SUSE bug 982011SUSE bug 982012SUSE bug 982013SUSE bug 982162CVE-2014-9767 at SUSECVE-2014-9767 at NVDCVE-2015-4116 at SUSECVE-2015-4116 at NVDCVE-2015-7803 at SUSECVE-2015-7803 at NVDCVE-2015-8835 at SUSECVE-2015-8835 at NVDCVE-2015-8838 at SUSECVE-2015-8838 at NVDCVE-2015-8866 at SUSECVE-2015-8866 at NVDCVE-2015-8867 at SUSECVE-2015-8867 at NVDCVE-2015-8873 at SUSECVE-2015-8873 at NVDCVE-2015-8874 at SUSECVE-2015-8874 at NVDCVE-2015-8879 at SUSECVE-2015-8879 at NVDCVE-2016-2554 at SUSECVE-2016-2554 at NVDCVE-2016-3141 at SUSECVE-2016-3141 at NVDCVE-2016-3142 at SUSECVE-2016-3142 at NVDCVE-2016-3185 at SUSECVE-2016-3185 at NVDCVE-2016-4070 at SUSECVE-2016-4070 at NVDCVE-2016-4073 at SUSECVE-2016-4073 at NVDCVE-2016-4342 at SUSECVE-2016-4342 at NVDCVE-2016-4346 at SUSECVE-2016-4346 at NVDCVE-2016-4537 at SUSECVE-2016-4537 at NVDCVE-2016-4538 at SUSECVE-2016-4538 at NVDCVE-2016-4539 at SUSECVE-2016-4539 at NVDCVE-2016-4540 at SUSECVE-2016-4540 at NVDCVE-2016-4541 at SUSECVE-2016-4541 at NVDCVE-2016-4542 at SUSECVE-2016-4542 at NVDCVE-2016-4543 at SUSECVE-2016-4543 at NVDCVE-2016-4544 at SUSECVE-2016-4544 at NVDCVE-2016-5093 at SUSECVE-2016-5093 at NVDCVE-2016-5094 at SUSECVE-2016-5094 at NVDCVE-2016-5095 at SUSECVE-2016-5095 at NVDCVE-2016-5096 at SUSECVE-2016-5096 at NVDCVE-2016-5114 at SUSECVE-2016-5114 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
php53 was updated to fix five security issues.
These security issues were fixed:
- CVE-2016-5769: mcrypt: Heap Overflow due to integer overflows (bsc#986388).
- CVE-2015-8935: XSS in header() with Internet Explorer (bsc#986004).
- CVE-2016-5772: Double Free Courruption in wddx_deserialize (bsc#986244).
- CVE-2016-5766: Integer Overflow in _gd2GetHeader() resulting in heap overflow (bsc#986386).
- CVE-2016-5767: Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow (bsc#986393).
ImportantSUSE bug 986004SUSE bug 986244SUSE bug 986386SUSE bug 986388SUSE bug 986393CVE-2015-8935 at SUSECVE-2015-8935 at NVDCVE-2016-5766 at SUSECVE-2016-5766 at NVDCVE-2016-5767 at SUSECVE-2016-5767 at NVDCVE-2016-5769 at SUSECVE-2016-5769 at NVDCVE-2016-5772 at SUSECVE-2016-5772 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
- security update:
* CVE-2014-3587: Integer overflow in the cdf_read_property_info affecting SLES11 SP3 [bsc#987530]
* CVE-2016-6297: Stack-based buffer overflow vulnerability in php_stream_zip_opener [bsc#991426]
* CVE-2016-6291: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE [bsc#991427]
* CVE-2016-6289: Integer overflow leads to buffer overflow in virtual_file_ex [bsc#991428]
* CVE-2016-6290: Use after free in unserialize() with Unexpected Session Deserialization [bsc#991429]
* CVE-2016-5399: Improper error handling in bzread() [bsc#991430]
* CVE-2016-6288: Buffer over-read in php_url_parse_ex [bsc#991433]
* CVE-2016-6296: Heap buffer overflow vulnerability in simplestring_addn in simplestring.c [bsc#991437]
ModerateSUSE bug 987530SUSE bug 991426SUSE bug 991427SUSE bug 991428SUSE bug 991429SUSE bug 991430SUSE bug 991433SUSE bug 991437CVE-2014-3587 at SUSECVE-2014-3587 at NVDCVE-2016-5399 at SUSECVE-2016-5399 at NVDCVE-2016-6288 at SUSECVE-2016-6288 at NVDCVE-2016-6289 at SUSECVE-2016-6289 at NVDCVE-2016-6290 at SUSECVE-2016-6290 at NVDCVE-2016-6291 at SUSECVE-2016-6291 at NVDCVE-2016-6296 at SUSECVE-2016-6296 at NVDCVE-2016-6297 at SUSECVE-2016-6297 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following security issues:
* CVE-2016-7124: Create an Unexpected Object and Don't Invoke __wakeup() in Deserialization
* CVE-2016-7125: PHP Session Data Injection Vulnerability
* CVE-2016-7126: select_colors write out-of-bounds
* CVE-2016-7127: imagegammacorrect allowed arbitrary write access
* CVE-2016-7128: Memory Leakage In exif_process_IFD_in_TIFF
* CVE-2016-7129: wddx_deserialize allows illegal memory access
* CVE-2016-7130: wddx_deserialize null dereference
* CVE-2016-7131: wddx_deserialize null dereference with invalid xml
* CVE-2016-7132: wddx_deserialize null dereference in php_wddx_pop_element
* CVE-2016-7411: php5: Memory corruption when destructing deserialized object
* CVE-2016-7412: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG in BIT field
* CVE-2016-7413: Use after free in wddx_deserialize
* CVE-2016-7414: Out of bounds heap read when verifying signature of zip phar in phar_parse_zipfile
* CVE-2016-7416: Stack based buffer overflow in msgfmt_format_message
* CVE-2016-7417: Missing type check when unserializing SplArray
* CVE-2016-7418: Null pointer dereference in php_wddx_push_element
ImportantSUSE bug 997206SUSE bug 997207SUSE bug 997208SUSE bug 997210SUSE bug 997211SUSE bug 997220SUSE bug 997225SUSE bug 997230SUSE bug 997257SUSE bug 999679SUSE bug 999680SUSE bug 999682SUSE bug 999684SUSE bug 999685SUSE bug 999819SUSE bug 999820CVE-2016-7124 at SUSECVE-2016-7124 at NVDCVE-2016-7125 at SUSECVE-2016-7125 at NVDCVE-2016-7126 at SUSECVE-2016-7126 at NVDCVE-2016-7127 at SUSECVE-2016-7127 at NVDCVE-2016-7128 at SUSECVE-2016-7128 at NVDCVE-2016-7129 at SUSECVE-2016-7129 at NVDCVE-2016-7130 at SUSECVE-2016-7130 at NVDCVE-2016-7131 at SUSECVE-2016-7131 at NVDCVE-2016-7132 at SUSECVE-2016-7132 at NVDCVE-2016-7411 at SUSECVE-2016-7411 at NVDCVE-2016-7412 at SUSECVE-2016-7412 at NVDCVE-2016-7413 at SUSECVE-2016-7413 at NVDCVE-2016-7414 at SUSECVE-2016-7414 at NVDCVE-2016-7416 at SUSECVE-2016-7416 at NVDCVE-2016-7417 at SUSECVE-2016-7417 at NVDCVE-2016-7418 at SUSECVE-2016-7418 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
- CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf (bsc#1004924)
- CVE-2016-6911: Check for out-of-bound read in dynamicGetbuf() (bsc#1005274)
ModerateSUSE bug 1004924SUSE bug 1005274CVE-2016-6911 at SUSECVE-2016-6911 at NVDCVE-2016-8670 at SUSECVE-2016-8670 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
* CVE-2014-9912: Stack-based buffer overflow in uloc_getDisplayName() [bsc#1012232]
* CVE-2016-9933: Possible stack overflow on truecolor images handling [bsc#1015187]
* CVE-2016-9934: Dereference from NULL pointer could lead to crash [bsc#1015188]
* CVE-2016-9935: Invalid read could lead to crash [bsc#1015189]
* Buffer overflow in libmagic, allowing attackers to crash the PHP interpreter [bsc#974305]
ModerateSUSE bug 1012232SUSE bug 1015187SUSE bug 1015188SUSE bug 1015189SUSE bug 974305CVE-2014-9912 at SUSECVE-2014-9912 at NVDCVE-2016-9933 at SUSECVE-2016-9933 at NVDCVE-2016-9934 at SUSECVE-2016-9934 at NVDCVE-2016-9935 at SUSECVE-2016-9935 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following security issues:
- CVE-2016-7478: When unserializing untrusted input data, PHP could end up in an infinite
loop, causing denial of service (bsc#1019550)
- CVE-2016-10158: The exif_convert_any_to_int function in ext/exif/exif.c
in PHP allowed remote attackers to cause a denial of service (application
crash) via crafted EXIF data that triggers an attempt to divide the
minimum representable negative integer by -1. (bsc#1022219)
- CVE-2016-10159: Integer overflow in the phar_parse_pharfile function
in ext/phar/phar.c in PHP allowed remote attackers to cause a denial
of service (memory consumption or application crash) via a truncated
manifest entry in a PHAR archive. (bsc#1022255)
- CVE-2016-10160: Off-by-one error in the phar_parse_pharfile function
in ext/phar/phar.c in PHP allowed remote attackers to cause a denial
of service (memory corruption) or possibly execute arbitrary code via
a crafted PHAR archive with an alias mismatch. (bsc#1022257)
- CVE-2016-10161: The object_common1 function in
ext/standard/var_unserializer.c in PHP allowed remote attackers to
cause a denial of service (buffer over-read and application crash) via
crafted serialized data that is mishandled in a finish_nested_data call.
(bsc#1022260)
- CVE-2016-10166: A potential unsigned underflow in gd interpolation
functions could lead to memory corruption in the PHP gd module
(bsc#1022263)
- CVE-2016-10167: A denial of service problem in gdImageCreateFromGd2Ctx()
could lead to php out of memory even on small files. (bsc#1022264)
- CVE-2016-10168: A signed integer overflow in the gd module could lead
to memory corruption (bsc#1022265)
ImportantSUSE bug 1019550SUSE bug 1022219SUSE bug 1022255SUSE bug 1022257SUSE bug 1022260SUSE bug 1022263SUSE bug 1022264SUSE bug 1022265CVE-2016-10158 at SUSECVE-2016-10158 at NVDCVE-2016-10159 at SUSECVE-2016-10159 at NVDCVE-2016-10160 at SUSECVE-2016-10160 at NVDCVE-2016-10161 at SUSECVE-2016-10161 at NVDCVE-2016-10166 at SUSECVE-2016-10166 at NVDCVE-2016-10167 at SUSECVE-2016-10167 at NVDCVE-2016-10168 at SUSECVE-2016-10168 at NVDCVE-2016-7478 at SUSECVE-2016-7478 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
This security issue was fixed:
- CVE-2017-7272: PHP enabled potential SSRF in applications that accept an fsockopen hostname argument with an expectation that the port number is constrained. Because a :port syntax was recognized, fsockopen used the port number that is specified in the hostname argument, instead of the port number in the second argument of the function (bsc#1031246)
- CVE-2016-6294: The locale_accept_from_http function in ext/intl/locale/locale_methods.c did not properly restrict calls to the ICU uloc_acceptLanguageFromHTTP function, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long argument (bsc#1035111).
- CVE-2017-9227: An issue was discovered in Oniguruma 6.2.0, as used in mbstring in PHP. A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching. Invalid handling of reg->dmin in forward_search_range() could result in an invalid pointer dereference, as an out-of-bounds read from a stack buffer. (bsc#1040883)
- CVE-2017-9226: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in mbstring in PHP. A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetch_token() and fetch_token_in_cc(). A malformed regular expression containing an octal number in the form of '\700' would produce an invalid code point value larger than 0xff in next_state_val(), resulting in an out-of-bounds write memory corruption. (bsc#1040889)
- CVE-2017-9224: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in mbstring in PHP. A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error involving order of validation and access in match_at() could result in an out-of-bounds read from a stack buffer. (bsc#1040891)
ModerateSUSE bug 1031246SUSE bug 1035111SUSE bug 1040883SUSE bug 1040889SUSE bug 1040891CVE-2016-6294 at SUSECVE-2016-6294 at NVDCVE-2017-7272 at SUSECVE-2017-7272 at NVDCVE-2017-9224 at SUSECVE-2017-9224 at NVDCVE-2017-9226 at SUSECVE-2017-9226 at NVDCVE-2017-9227 at SUSECVE-2017-9227 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
- The fix for CVE-2017-7272 was reverted, as it caused regressions in the mysql server connect module. [bsc#1044976]
The security fix tried to avoid a server side request forgery, and will be submitted when a better fix becomes available.
ImportantSUSE bug 1031246SUSE bug 1044976CVE-2017-7272 at SUSECVE-2017-7272 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the several issues.
These security issues were fixed:
- CVE-2017-12933: The finish_nested_data function in ext/standard/var_unserializer.re was prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue could have had an unspecified impact on the integrity of PHP (bsc#1054430).
- CVE-2017-11628: Stack-based buffer overflow in the zend_ini_do_op() function in Zend/zend_ini_parser.c could have caused a denial of service or potentially allowed executing code (bsc#1050726).
- CVE-2017-7890: The GIF decoding function gdImageCreateFromGifCtx in the GD Graphics Library did not zero colorMap arrays use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information (bsc#1050241).
- CVE-2016-5766: Integer overflow in the _gd2GetHeader in the GD Graphics Library (aka libgd) allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image (bsc#986386).
- CVE-2017-11145: An error in the date extension's timelib_meridian parsing code could have been used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function (bsc#1048112).
- CVE-2017-11146: Lack of bounds checks in timelib_meridian parse code could have lead to information leak [bsc#1048111]
- CVE-2016-10397: Incorrect handling of various URI components in the URL parser could have been used by attackers to bypass hostname-specific URL checks (bsc#1047454).
- CVE-2017-11147: The PHAR archive handler could have been used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function (bsc#1048094).
- CVE-2017-11144: The openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could have lead to a crash of the PHP interpreter (bsc#1048096).
ModerateSUSE bug 1047454SUSE bug 1048094SUSE bug 1048096SUSE bug 1048111SUSE bug 1048112SUSE bug 1050241SUSE bug 1050726SUSE bug 1054430SUSE bug 986386CVE-2016-10168 at SUSECVE-2016-10168 at NVDCVE-2016-10397 at SUSECVE-2016-10397 at NVDCVE-2016-5766 at SUSECVE-2016-5766 at NVDCVE-2017-11144 at SUSECVE-2017-11144 at NVDCVE-2017-11145 at SUSECVE-2017-11145 at NVDCVE-2017-11146 at SUSECVE-2017-11146 at NVDCVE-2017-11147 at SUSECVE-2017-11147 at NVDCVE-2017-11628 at SUSECVE-2017-11628 at NVDCVE-2017-12933 at SUSECVE-2017-12933 at NVDCVE-2017-7890 at SUSECVE-2017-7890 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
Security issues fixed:
- CVE-2017-16642: Fix timelib_meridian error that could be used to leak information from the interpreter (bsc#1067441).
- CVE-2017-9228: Fix heap out-of-bounds write that occurs in bitset_set_range() during regex compilation (bsc#1069606).
- CVE-2017-9229: Fix invalid pointer dereference in left_adjust_char_head() (bsc#1069631).
ModerateSUSE bug 1067441SUSE bug 1069606SUSE bug 1069631CVE-2017-16642 at SUSECVE-2017-16642 at NVDCVE-2017-9228 at SUSECVE-2017-9228 at NVDCVE-2017-9229 at SUSECVE-2017-9229 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes several issues.
These security issues were fixed:
- CVE-2016-10712: In PHP all of the return values of stream_get_meta_data
could be controlled if the input can be controlled (e.g., during file
uploads). (bsc#1080234)
- CVE-2018-5712: Prevent reflected XSS on the PHAR 404 error page via the
URI of a request for a .phar file that allowed for information disclosure
(bsc#1076220)
- CVE-2018-5711: Prevent integer signedness error that could have lead
to an infinite loop via a crafted GIF file allowing for DoS (bsc#1076391)
- CVE-2016-5773: php_zip.c in the zip extension in PHP improperly
interacted with the unserialize implementation and garbage collection,
which allowed remote attackers to execute arbitrary code or cause a
denial of service (use-after-free and application crash) via crafted
serialized data containing a ZipArchive object. (bsc#986247)
- CVE-2016-5771: spl_array.c in the SPL extension in PHP improperly
interacted with the unserialize implementation and garbage collection,
which allowed remote attackers to execute arbitrary code or cause a
denial of service (use-after-free and application crash) via crafted
serialized data. (bsc#986391)
- CVE-2018-7584: Fixed stack-based buffer under-read while parsing an
HTTPresponse in the php_stream_url_wrap_http_ex. (bsc#1083639)
ImportantSUSE bug 1076220SUSE bug 1076391SUSE bug 1080234SUSE bug 1083639SUSE bug 986247SUSE bug 986391CVE-2016-10712 at SUSECVE-2016-10712 at NVDCVE-2016-5771 at SUSECVE-2016-5771 at NVDCVE-2016-5773 at SUSECVE-2016-5773 at NVDCVE-2018-5711 at SUSECVE-2018-5711 at NVDCVE-2018-5712 at SUSECVE-2018-5712 at NVDCVE-2018-7584 at SUSECVE-2018-7584 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
Security issues fixed:
- CVE-2018-10545: Fix access controls in FPM child processes (bsc#1091367).
- CVE-2018-10547: Fix Reflected XSS on the PHAR 403 and 404 error pages (bsc#1091362).
- CVE-2018-10546: Fix an infinite loop exists in ext/iconv/iconv.c (bsc#1091363).
- CVE-2018-10548: Fix remote denial of service in ext/ldap/ldap.c (bsc#1091355).
ImportantSUSE bug 1091355SUSE bug 1091362SUSE bug 1091363SUSE bug 1091367CVE-2018-10545 at SUSECVE-2018-10545 at NVDCVE-2018-10546 at SUSECVE-2018-10546 at NVDCVE-2018-10547 at SUSECVE-2018-10547 at NVDCVE-2018-10548 at SUSECVE-2018-10548 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
The following security issue was fixed:
- An out-of-bounds read in the do_core_note function in readelf.c in libmagic.a
allowed remote attackers to cause a denial of service via a crafted ELF file
(CVE-2018-10360, bsc#1096984)
- CVE-2018-12882: exif_read_from_impl allowed attackers to trigger a
use-after-free (in exif_read_from_file) because it closed a stream that it is
not responsible for closing (bsc#1099098)
ModerateSUSE bug 1096984SUSE bug 1099098CVE-2018-10360 at SUSECVE-2018-10360 at NVDCVE-2018-12882 at SUSECVE-2018-12882 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
The following security issues were fixed:
- CVE-2018-14851: Fixed an out-of-bound read in exif_process_IFD_in_MAKERNOTE,
which could be exploited by an attacker via crafted JPG files, and could
result in an application crash. (bsc#1103659)
- CVE-2018-14883: Fixed an integer overflow leading to a heap based buffer
over-read in exif_thumbnail_extract of exif.c. (bsc#1103836)
- CVE-2017-9118: Fixed an out of bounds access in php_pcre_replace_impl via a
crafted preg_replace call (bsc#1105466)
ModerateSUSE bug 1103659SUSE bug 1103836SUSE bug 1105466CVE-2017-9118 at SUSECVE-2017-9118 at NVDCVE-2018-14851 at SUSECVE-2018-14851 at NVDCVE-2018-14883 at SUSECVE-2018-14883 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issue:
- CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a
'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled
in the php_handler function (bsc#1108753)
ModerateSUSE bug 1108753CVE-2018-17082 at SUSECVE-2018-17082 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
Security issue fixed:
- CVE-2018-19518: Fixed imap_open script injection flaw (bsc#1117107).
ModerateSUSE bug 1117107CVE-2018-19518 at SUSECVE-2018-19518 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
Security issues fixed:
- CVE-2019-6977: Fixed a heap-based buffer overflow the GD Graphics Library used in the imagecolormatch function (bsc#1123354).
- CVE-2019-6978: Fixed a double free in the gdImage*Ptr() functions (bsc#1123522).
ModerateSUSE bug 1123354SUSE bug 1123522CVE-2019-6977 at SUSECVE-2019-6977 at NVDCVE-2019-6978 at SUSECVE-2019-6978 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
Security issues fixed:
- CVE-2019-9637: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128892).
- CVE-2019-9675: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128886).
- CVE-2019-9638: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension ((bsc#1128889).
- CVE-2019-9639: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128887).
- CVE-2019-9640: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128883).
- CVE-2019-9024: Fixed a vulnerability in xmlrpc_decode function which could allow to a hostile XMLRPC server
to cause memory read outside the allocated areas (bsc#1126821).
- CVE-2019-9020: Fixed a heap out of bounds in xmlrpc_decode function (bsc#1126711).
- CVE-2018-20783: Fixed a buffer over-read in PHAR reading functions which could allow an attacker to read
allocated and unallocated memory when parsing a phar file (bsc#1127122).
- CVE-2019-9021: Fixed a heap buffer-based buffer over-read in PHAR reading functions which could allow an
attacker to read allocated and unallocated memory when parsing a phar file (bsc#1126713).
- CVE-2019-9023: Fixed multiple heap-based buffer over-read instances in mbstring regular expression functions (bsc#1126823).
- CVE-2019-9641: Fixed multiple invalid memory access in EXIF extension and improved insecure implementation
of rename function (bsc#1128722).
ModerateSUSE bug 1126711SUSE bug 1126713SUSE bug 1126821SUSE bug 1126823SUSE bug 1127122SUSE bug 1128722SUSE bug 1128883SUSE bug 1128886SUSE bug 1128887SUSE bug 1128889SUSE bug 1128892CVE-2018-20783 at SUSECVE-2018-20783 at NVDCVE-2019-9020 at SUSECVE-2019-9020 at NVDCVE-2019-9021 at SUSECVE-2019-9021 at NVDCVE-2019-9023 at SUSECVE-2019-9023 at NVDCVE-2019-9024 at SUSECVE-2019-9024 at NVDCVE-2019-9637 at SUSECVE-2019-9637 at NVDCVE-2019-9638 at SUSECVE-2019-9638 at NVDCVE-2019-9639 at SUSECVE-2019-9639 at NVDCVE-2019-9640 at SUSECVE-2019-9640 at NVDCVE-2019-9641 at SUSECVE-2019-9641 at NVDCVE-2019-9675 at SUSECVE-2019-9675 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
Security issues fixed:
- CVE-2019-11034: Fixed a heap-buffer overflow in php_ifd_get32si() (bsc#1132838).
- CVE-2019-11035: Fixed a heap-buffer overflow in exif_iif_add_value() (bsc#1132837).
- CVE-2019-11036: Fixed buffer over-read in exif_process_IFD_TAG function leading to information disclosure (bsc#1134322).
ModerateSUSE bug 1132837SUSE bug 1132838SUSE bug 1134322CVE-2019-11034 at SUSECVE-2019-11034 at NVDCVE-2019-11035 at SUSECVE-2019-11035 at NVDCVE-2019-11036 at SUSECVE-2019-11036 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
Security issues fixed:
- CVE-2019-11039: Fixed a heap-buffer-overflow on php_jpg_get16 (bsc#1138173).
- CVE-2019-11040: Fixed an out-of-bounds read due to an integer overflow in
iconv.c:_php_iconv_mime_decode() (bsc#1138172).
ModerateSUSE bug 1138172SUSE bug 1138173CVE-2019-11039 at SUSECVE-2019-11039 at NVDCVE-2019-11040 at SUSECVE-2019-11040 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
Security issues fixed:
- CVE-2019-11038: Fixed a information disclosure in gdImageCreateFromXbm() (bsc#1140118).
- CVE-2019-11041: Fixed heap buffer over-read in exif_scan_thumbnail() (bsc#1146360).
- CVE-2019-11042: Fixed heap buffer over-read in exif_process_user_comment() (bsc#1145095).
ImportantSUSE bug 1140118SUSE bug 1145095SUSE bug 1146360CVE-2019-11038 at SUSECVE-2019-11038 at NVDCVE-2019-11041 at SUSECVE-2019-11041 at NVDCVE-2019-11042 at SUSECVE-2019-11042 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
Security issue fixed:
- CVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999).
ImportantSUSE bug 1154999CVE-2019-11043 at SUSECVE-2019-11043 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
Security issues fixed:
- CVE-2020-7059: Fixed an out-of-bounds read in php_strip_tags_ex (bsc#1162629).
- CVE-2019-11045: Fixed an issue with the PHP DirectoryIterator class that accepts filenames with embedded \0 bytes (bsc#1159923).
- CVE-2019-11046: Fixed an out-of-bounds read in bc_shift_addsub (bsc#1159924).
- CVE-2019-11047: Fixed an information disclosure in exif_read_data (bsc#1159922).
- CVE-2019-11050: Fixed a buffer over-read in the EXIF extension (bsc#1159927).
- CVE-2019-20433: Fixed a buffer over-read when processing strings ending with a single '\0' byte with ucs-2 and ucs-4 encoding (bsc#1161982).
ModerateSUSE bug 1159922SUSE bug 1159923SUSE bug 1159924SUSE bug 1159927SUSE bug 1161982SUSE bug 1162629CVE-2019-11045 at SUSECVE-2019-11045 at NVDCVE-2019-11046 at SUSECVE-2019-11046 at NVDCVE-2019-11047 at SUSECVE-2019-11047 at NVDCVE-2019-11050 at SUSECVE-2019-11050 at NVDCVE-2019-20433 at SUSECVE-2019-20433 at NVDCVE-2020-7059 at SUSECVE-2020-7059 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
- CVE-2020-7063: Fixed an issue where adding files change the permissions to default (bsc#1165289).
ModerateSUSE bug 1165289CVE-2020-7063 at SUSECVE-2020-7063 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
- CVE-2020-7064: Fixed a one byte read of uninitialized memory in exif_read_data() (bsc#1168326).
- CVE-2020-7066: Fixed URL truncation in get_headers() if the URL contains zero (\0) character (bsc#1168352).
- CVE-2019-11048: Improved the handling of overly long filenames or field names in HTTP file uploads (bsc#1171999).
ModerateSUSE bug 1168326SUSE bug 1168352SUSE bug 1171999CVE-2019-11048 at SUSECVE-2019-11048 at NVDCVE-2020-7064 at SUSECVE-2020-7064 at NVDCVE-2020-7066 at SUSECVE-2020-7066 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
- CVE-2020-7068: Use of freed hash key in the phar_parse_zipfile function (bsc#1175223).
ModerateSUSE bug 1175223CVE-2020-7068 at SUSECVE-2020-7068 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
- CVE-2020-7070: Fixed an issue where percent-encoded cookies could have been used to overwrite existing prefixed cookie names (bsc#1177352).
ImportantSUSE bug 1177352CVE-2020-7070 at SUSECVE-2020-7070 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issue:
- CVE-2020-7071: Fixed an insufficient filter in parse_url() that accepted URLs with invalid userinfo (bsc#1180706).
ModerateSUSE bug 1180706CVE-2020-7071 at SUSECVE-2020-7071 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
- CVE-2021-21702 [bsc#1182049]: NULL pointer dereference in SoapClient
ImportantSUSE bug 1182049CVE-2021-21702 at SUSECVE-2021-21702 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
- CVE-2021-21705 [bsc#1188037]: SSRF bypass in FILTER_VALIDATE_URL
ModerateSUSE bug 1188037CVE-2021-21705 at SUSECVE-2021-21705 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
- CVE-2020-36193: Fixed Archive_Tar directory traversal due to inadequate checking of symbolic links (bsc#1189591).
ImportantSUSE bug 1189591CVE-2020-36193 at SUSECVE-2020-36193 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
- CVE-2021-21707: Fixed special character breaks path in xml parsing (bsc#1193041).
ModerateSUSE bug 1193041CVE-2021-21707 at SUSECVE-2021-21707 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
- CVE-2015-9253: Fixed endless loop when the master process restarts a child process using program execution functions (bsc#1081790).
ModerateSUSE bug 1081790CVE-2015-9253 at SUSECVE-2015-9253 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
- CVE-2016-4072: Fixed invalid memory write in phar on filename containing \0 inside name (bsc#1200082).
ModerateSUSE bug 1200082CVE-2016-4072 at SUSECVE-2016-4072 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
- CVE-2022-31625: Fixed uninitialized pointers free in Postgres extension. (bsc#1200645)
ImportantSUSE bug 1200645CVE-2022-31625 at SUSECVE-2022-31625 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
- CVE-2022-31628: Fixed an uncontrolled recursion in the phar uncompressor while decompressing 'quines' gzip files. (bsc#1203867)
- CVE-2022-31629: Fixed a bug which could lead an attacker to set an insecure cookie that will treated as secure in the victim's browser. (bsc#1203870)
ModerateSUSE bug 1203867SUSE bug 1203870CVE-2022-31628 at SUSECVE-2022-31628 at NVDCVE-2022-31629 at SUSECVE-2022-31629 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
- CVE-2022-31631: Fixed an issue where PDO::quote would return an
unquoted string (bsc#1206958).
ImportantSUSE bug 1206958CVE-2022-31631 at SUSECVE-2022-31631 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for php53 fixes the following issues:
- CVE-2023-0568: Fixed NULL byte off-by-one in php_check_specific_open_basedir (bnc#1208366).
- CVE-2023-0662: Fixed DoS vulnerability when parsing multipart request body (bnc#1208367).
- CVE-2023-0567: Fixed vulnerability where BCrypt hashes erroneously validate if the salt is cut short by `$` (bsc#1208388).
ImportantSUSE bug 1208366SUSE bug 1208367SUSE bug 1208388CVE-2023-0567 at SUSECVE-2023-0567 at NVDCVE-2023-0568 at SUSECVE-2023-0568 at NVDCVE-2023-0662 at SUSECVE-2023-0662 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for pixman (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for pixman fixes the following issues:
Security issue fixed:
- CVE-2014-9766: Fixed an integer overflow in create_bits() (bsc#968090).
ModerateSUSE bug 968090CVE-2014-9766 at SUSECVE-2014-9766 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for pixman (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for pixman fixes the following issues:
- CVE-2022-44638: Fixed an integer overflow in pixman_sample_floor_y leading to heap out-of-bounds write (bsc#1205033).
ImportantSUSE bug 1205033CVE-2022-44638 at SUSECVE-2022-44638 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for policycoreutils (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for policycoreutils fixes the following issues:
* CVE-2016-7545: nonpriv session can escape to parent [bsc#1000998]
LowSUSE bug 1000998CVE-2016-7545 at SUSECVE-2016-7545 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for policycoreutils (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for policycoreutils fixes the following issues:
- CVE-2018-1063: Prevent chcon from following symlinks in /tmp, /var/tmp,
/var/run and /var/lib/debug (bsc#1083624).
ModerateSUSE bug 1083624CVE-2018-1063 at SUSECVE-2018-1063 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for poppler (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for poppler fixes the following issues:
Security issues fixed:
- CVE-2015-8868: Corrupted PDF file can corrupt heap, causing DoS (bsc#976844)
ModerateSUSE bug 976844CVE-2015-8868 at SUSECVE-2015-8868 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for poppler (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for poppler fixes the following issues:
- CVE-2017-14977: Fixed a NULL pointer dereference vulnerability in the
FoFiTrueType::getCFFBlock() function in FoFiTrueType.cc that occurred due to
lack of validation of a table pointer, which allows an attacker to launch a
denial of service attack. (bsc#1061265)
- CVE-2017-1000456: Validate boundaries in TextPool::addWord to prevent
overflows in subsequent calculations (bsc#1074453)
- CVE-2017-15565: Prevent NULL Pointer dereference in the
GfxImageColorMap::getGrayLine() function via a crafted PDF document
(bsc#1064593)
ModerateSUSE bug 1061265SUSE bug 1064593SUSE bug 1074453CVE-2017-1000456 at SUSECVE-2017-1000456 at NVDCVE-2017-14977 at SUSECVE-2017-14977 at NVDCVE-2017-15565 at SUSECVE-2017-15565 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for poppler (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for poppler fixes the following issues:
- CVE-2020-27778: Fixed a buffer overflow in pdftohtml (bsc#1179163).
- CVE-2019-9959: Fixed an integer overflow in pdftocairo (bsc#1142465).
- CVE-2019-10872: Fixed an invalid memory access in pdftoppm (bsc#1131722).
- CVE-2017-9776: Prevent integer overflow that lead to a heap buffer overflow
that allowed remote attackers to cause a denial of service (application crash)
or possibly have unspecified other impact via a crafted PDF document
(bsc#1045721).
ModerateSUSE bug 1045721SUSE bug 1131722SUSE bug 1142465SUSE bug 1179163CVE-2017-9776 at SUSECVE-2017-9776 at NVDCVE-2019-10872 at SUSECVE-2019-10872 at NVDCVE-2019-9959 at SUSECVE-2019-9959 at NVDCVE-2020-27778 at SUSECVE-2020-27778 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for poppler (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for poppler fixes the following issues:
- CVE-2019-13282: Fixed heap-based buffer over-read in SampledFunction:transform in Function.cc (bsc#1140870).
ModerateSUSE bug 1140870CVE-2019-13282 at SUSECVE-2019-13282 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for poptSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This rpm update fixes the following security and non security issues.
* bnc#908128: check for bad invalid name sizes (CVE-2014-8118)
* bnc#906803: create files with mode 0 (CVE-2013-6435)
* bnc#892431: honor --noglob in install mode
Security Issues:
* CVE-2014-8118
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8118>
* CVE-2013-6435
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6435>
SUSE bug 892431SUSE bug 906803SUSE bug 908128CVE-2013-6435 at SUSECVE-2013-6435 at NVDCVE-2014-8118 at SUSECVE-2014-8118 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for postgresql94 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update of postgresql94 to 9.4.5 fixes the following issues:
* CVE-2015-5289: json or jsonb input values constructed from arbitrary user input could have crashed the PostgreSQL server and caused a denial of service (bsc#949670)
* CVE-2015-5288: crypt() (pgCrypto extension) couldi potentially be exploited to read a few additional bytes of memory (bsc#949669)
Also contains all changes and bugfixes in the upstream 9.4.5 release:
http://www.postgresql.org/docs/current/static/release-9-4-5.html
ModerateSUSE bug 949669SUSE bug 949670CVE-2015-5288 at SUSECVE-2015-5288 at NVDCVE-2015-5289 at SUSECVE-2015-5289 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for postgresql-init (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql-init fixes the following issues:
- CVE-2017-14798: A race condition in the init script could be used by attackers able to access the postgresql account to escalate their privileges to root (bsc#1062722)
ModerateSUSE bug 1062722CVE-2017-14798 at SUSECVE-2017-14798 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql-jdbc (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql-jdbc fixes the following issues:
- CVE-2020-13692: Fixed an XML external entity injection (XXE) (bsc#1172746).
ModerateSUSE bug 1172746CVE-2020-13692 at SUSECVE-2020-13692 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql-jdbc (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql-jdbc fixes the following issues:
- CVE-2022-31197: Fixed SQL injection vulnerability (bsc#1202170).
ImportantSUSE bug 1202170CVE-2022-31197 at SUSECVE-2022-31197 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql10 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql10 brings version 10.6 to SUSE Linux Enterprise 11.
This release marks the change of the versioning scheme for PostgreSQL
to a 'x.y' format. This means the next minor releases of PostgreSQL
will be 10.1, 10.2, ... and the next major release will be 11.
* Logical Replication
Logical replication extends the current replication features of
PostgreSQL with the ability to send modifications on a per-database
and per-table level to different PostgreSQL databases. Users can now
fine-tune the data replicated to various database clusters and will
have the ability to perform zero-downtime upgrades to future major
PostgreSQL versions.
* Declarative Table Partitioning
Table partitioning has existed for years in PostgreSQL but required a
user to maintain a nontrivial set of rules and triggers for the
partitioning to work. PostgreSQL 10 introduces a table partitioning
syntax that lets users easily create and maintain range and list
partitioned tables.
* Improved Query Parallelism
PostgreSQL 10 provides better support for parallelized queries by
allowing more parts of the query execution process to be
parallelized. Improvements include additional types of data scans that
are parallelized as well as optimizations when the data is recombined,
such as pre-sorting. These enhancements allow results to be returned
more quickly.
* Quorum Commit for Synchronous Replication
PostgreSQL 10 introduces quorum commit for synchronous replication,
which allows for flexibility in how a primary database receives
acknowledgement that changes were successfully written to remote
replicas.
ModerateSUSE bug 1108308cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql10 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql10 fixes the following issues:
Security issue fixed:
- CVE-2019-10130: Prevent row-level security policies from being bypassed via selectivity estimators (bsc#1134689).
Bug fixes:
- For a complete list of fixes check the release notes.
* https://www.postgresql.org/docs/10/release-10-8.html
* https://www.postgresql.org/docs/10/release-10-7.html
ModerateSUSE bug 1134689CVE-2019-10130 at SUSECVE-2019-10130 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql10 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql10 to version 10.9 fixes the following issues:
Security issue fixed:
- CVE-2019-10164: Fixed buffer-overflow vulnerabilities in SCRAM verifier parsing (bsc#1138034).
More information at https://www.postgresql.org/docs/10/release-10-9.html
ImportantSUSE bug 1138034CVE-2019-10164 at SUSECVE-2019-10164 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql10 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql10 fixes the following issues:
Security issue fixed:
- CVE-2019-10208: Fixed arbitrary SQL execution via suitable SECURITY DEFINER function under the identity of the function owner (bsc#1145092).
ImportantSUSE bug 1145092CVE-2019-10208 at SUSECVE-2019-10208 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql10 (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql10 fixes the following issues:
PostgreSQL was updated to version 10.12.
Security issue fixed:
- CVE-2020-1720: Fixed a missing authorization check in the ALTER ... DEPENDS ON extension (bsc#1163985).
LowSUSE bug 1163985CVE-2020-1720 at SUSECVE-2020-1720 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql10 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql10 fixes the following issues:
- update to 10.14:
* CVE-2020-14349, bsc#1175193: Set a secure search_path in
logical replication walsenders and apply workers
* CVE-2020-14350, bsc#1175194: Make contrib modules' installation
scripts more secure.
* https://www.postgresql.org/docs/10/release-10-14.html
- update to 10.13 (bsc#1171924).
https://www.postgresql.org/about/news/2038/
https://www.postgresql.org/docs/10/release-10-13.html
ImportantSUSE bug 1171924SUSE bug 1175193SUSE bug 1175194CVE-2020-14349 at SUSECVE-2020-14349 at NVDCVE-2020-14350 at SUSECVE-2020-14350 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql10 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql10 fixes the following issues:
- Upgrade to version 10.15:
* CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD
and firing of deferred triggers within index expressions and
materialized view queries.
* CVE-2020-25694, bsc#1178667:
a) Fix usage of complex connection-string parameters in pg_dump,
pg_restore, clusterdb, reindexdb, and vacuumdb.
b) When psql's \connect command re-uses connection parameters,
ensure that all non-overridden parameters from a previous
connection string are re-used.
* CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from
modifying specially-treated variables.
* https://www.postgresql.org/about/news/2111/
* https://www.postgresql.org/docs/10/release-10-15.html
- Upgrade to version 10.15:
* CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD
and firing of deferred triggers within index expressions and
materialized view queries.
* CVE-2020-25694, bsc#1178667:
a) Fix usage of complex connection-string parameters in pg_dump,
pg_restore, clusterdb, reindexdb, and vacuumdb.
b) When psql's \connect command re-uses connection parameters,
ensure that all non-overridden parameters from a previous
connection string are re-used.
* CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from
modifying specially-treated variables.
* https://www.postgresql.org/about/news/2111/
* https://www.postgresql.org/docs/10/release-10-15.html
ImportantSUSE bug 1178666SUSE bug 1178667SUSE bug 1178668CVE-2020-25694 at SUSECVE-2020-25694 at NVDCVE-2020-25695 at SUSECVE-2020-25695 at NVDCVE-2020-25696 at SUSECVE-2020-25696 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql10 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql10 fixes the following issues:
- Upgrade to version 10.17:
- CVE-2021-32027: Fixed integer overflows in array subscripting calculations (bsc#1185924).
- CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists (bsc#1185925).
ModerateSUSE bug 1185924SUSE bug 1185925CVE-2021-32027 at SUSECVE-2021-32027 at NVDCVE-2021-32028 at SUSECVE-2021-32028 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql10 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql10 fixes the following issues:
- CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake (bsc#1192516).
- CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake (bsc#1192516).
ImportantSUSE bug 1192516CVE-2021-23214 at SUSECVE-2021-23214 at NVDCVE-2021-23222 at SUSECVE-2021-23222 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql10 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql10 fixes the following issues:
- CVE-2022-1552: Confine additional operations within 'security restricted operation' sandboxes (bsc#1199475).
ImportantSUSE bug 1199475CVE-2022-1552 at SUSECVE-2022-1552 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql10 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql10 fixes the following issues:
- Upgrade to 10.22:
- CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension (bsc#1202368).
ImportantSUSE bug 1202368CVE-2022-2625 at SUSECVE-2022-2625 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql91SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The PostgreSQL database server was updated to 9.1.15, fixing bugs and
security issues:
* Fix buffer overruns in to_char() (CVE-2015-0241).
* Fix buffer overrun in replacement *printf() functions
(CVE-2015-0242).
* Fix buffer overruns in contrib/pgcrypto (CVE-2015-0243).
* Fix possible loss of frontend/backend protocol synchronization after
an error (CVE-2015-0244).
* Fix information leak via constraint-violation error messages
(CVE-2014-8161).
For a comprehensive list of fixes, please refer to the following release
notes:
* http://www.postgresql.org/docs/9.1/static/release-9-1-15.html
<http://www.postgresql.org/docs/9.1/static/release-9-1-15.html>
* http://www.postgresql.org/docs/9.1/static/release-9-1-14.html
<http://www.postgresql.org/docs/9.1/static/release-9-1-14.html>
* http://www.postgresql.org/docs/9.1/static/release-9-1-13.html
<http://www.postgresql.org/docs/9.1/static/release-9-1-13.html>
Security Issues:
* CVE-2015-0241
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0241>
* CVE-2015-0243
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0243>
* CVE-2015-0244
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0244>
* CVE-2014-8161
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8161>
SUSE bug 916953CVE-2014-8161 at SUSECVE-2014-8161 at NVDCVE-2015-0241 at SUSECVE-2015-0241 at NVDCVE-2015-0243 at SUSECVE-2015-0243 at NVDCVE-2015-0244 at SUSECVE-2015-0244 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for postgresql91SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update provides PostgreSQL 9.1.18, which brings fixes for security
issues and other enhancements.
The following vulnerabilities have been fixed:
* CVE-2015-3165: Avoid possible crash when client disconnects.
(bsc#931972)
* CVE-2015-3166: Consistently check for failure of the *printf().
(bsc#931973)
* CVE-2015-3167: In contrib/pgcrypto, uniformly report decryption
failures. (bsc#931974)
For a comprehensive list of changes, please refer to
http://www.postgresql.org/docs/9.1/static/release-9-1-18.html
<http://www.postgresql.org/docs/9.1/static/release-9-1-18.html> .
This update also includes changes in PostgreSQL's packaging to prepare for
the migration to the new major version 9.4. (FATE#316970, bsc#907651)
Security Issues:
* CVE-2015-3165
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3165>
* CVE-2015-3166
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3166>
* CVE-2015-3167
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3167>
SUSE bug 907651SUSE bug 931972SUSE bug 931973SUSE bug 931974SUSE bug 932040CVE-2015-3165 at SUSECVE-2015-3165 at NVDCVE-2015-3166 at SUSECVE-2015-3166 at NVDCVE-2015-3167 at SUSECVE-2015-3167 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for postgresql91 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update of postgresql91 to 9.1.19 fixes the following issues:
* CVE-2015-5288: crypt() (pgCrypto extension) couldi potentially be exploited to read a few additional bytes of memory (bsc#949669)
Also contains all changes and bugfixes in the upstream 9.1.19 release:
http://www.postgresql.org/docs/9.1/static/release-9-1-19.html
ModerateSUSE bug 949669CVE-2015-5288 at SUSECVE-2015-5288 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for postgresql94 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql94 fixes the following issues:
- Security and bugfix release 9.4.6:
* *** IMPORTANT ***
Users of version 9.4 will need to reindex any jsonb_path_ops
indexes they have created, in order to fix a persistent issue
with missing index entries.
* Fix infinite loops and buffer-overrun problems in regular
expressions (CVE-2016-0773, bsc#966436).
* Fix regular-expression compiler to handle loops of constraint
arcs (CVE-2007-4772).
* Prevent certain PL/Java parameters from being set by
non-superusers (CVE-2016-0766, bsc#966435).
* Fix many issues in pg_dump with specific object types
* Prevent over-eager pushdown of HAVING clauses for
GROUPING SETS
* Fix deparsing error with ON CONFLICT ... WHERE clauses
* Fix tableoid errors for postgres_fdw
* Prevent floating-point exceptions in pgbench
* Make \det search Foreign Table names consistently
* Fix quoting of domain constraint names in pg_dump
* Prevent putting expanded objects into Const nodes
* Allow compile of PL/Java on Windows
* Fix 'unresolved symbol' errors in PL/Python execution
* Allow Python2 and Python3 to be used in the same database
* Add support for Python 3.5 in PL/Python
* Fix issue with subdirectory creation during initdb
* Make pg_ctl report status correctly on Windows
* Suppress confusing error when using pg_receivexlog with older
servers
* Multiple documentation corrections and additions
* Fix erroneous hash calculations in gin_extract_jsonb_path()
- For the full release notse, see:
http://www.postgresql.org/docs/9.4/static/release-9-4-6.html
- Security and bugfix release 9.4.5:
* CVE-2015-5289, bsc#949670: json or jsonb input values
constructed from arbitrary user input can crash the PostgreSQL
server and cause a denial of service.
* CVE-2015-5288, bsc#949669: The crypt() function included with
the optional pgCrypto extension could be exploited to read a
few additional bytes of memory. No working exploit for this
issue has been developed.
- For the full release notse, see:
http://www.postgresql.org/docs/current/static/release-9-4-5.html
- Relax dependency on libpq to major version.
ImportantSUSE bug 949669SUSE bug 949670SUSE bug 966435SUSE bug 966436CVE-2007-4772 at SUSECVE-2007-4772 at NVDCVE-2015-5288 at SUSECVE-2015-5288 at NVDCVE-2015-5289 at SUSECVE-2015-5289 at NVDCVE-2016-0766 at SUSECVE-2016-0766 at NVDCVE-2016-0773 at SUSECVE-2016-0773 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql94 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql94 to version 9.4.9 fixes the several issues.
These security issues were fixed:
- CVE-2016-5423: CASE/WHEN with inlining can cause untrusted pointer dereference (bsc#993454).
- CVE-2016-5424: Fix client programs' handling of special characters in database and role names (bsc#993453).
For the non-security issues please refer to
- http://www.postgresql.org/docs/9.4/static/release-9-4-9.html
- http://www.postgresql.org/docs/9.4/static/release-9-4-8.html
- http://www.postgresql.org/docs/9.4/static/release-9-4-7.html
ImportantSUSE bug 993453SUSE bug 993454CVE-2016-5423 at SUSECVE-2016-5423 at NVDCVE-2016-5424 at SUSECVE-2016-5424 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql94 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql93 fixes the following issues:
- bsc#1029547: Fix tests with timezone 2017a
- CVE-2017-7486: Restrict visibility of
pg_user_mappings.umoptions, to protect passwords stored as
user mapping options. (bsc#1037624)
- CVE-2017-7485: Recognize PGREQUIRESSL variable again. (bsc#1038293)
- CVE-2017-7484: Prevent exposure of statistical information via leaky operators. (bsc#1037603)
ModerateSUSE bug 1029547SUSE bug 1037603SUSE bug 1037624SUSE bug 1038293CVE-2017-7484 at SUSECVE-2017-7484 at NVDCVE-2017-7485 at SUSECVE-2017-7485 at NVDCVE-2017-7486 at SUSECVE-2017-7486 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql94 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
Postgresql94 was updated to 9.4.13 to fix the following issues:
* CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685)
* CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684)
* CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259)
The changelog for this release is here:
https://www.postgresql.org/docs/9.4/static/release-9-4-13.html
ImportantSUSE bug 1051684SUSE bug 1051685SUSE bug 1053259CVE-2017-7546 at SUSECVE-2017-7546 at NVDCVE-2017-7547 at SUSECVE-2017-7547 at NVDCVE-2017-7548 at SUSECVE-2017-7548 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for postgresql94 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql94 fixes the following issues:
Security issues fixed:
- CVE-2017-15098: Fix crash due to rowtype mismatch in json{b}_populate_recordset() (bsc#1067844).
- CVE-2017-12172: Start scripts permit database administrator to modify root-owned files. This issue did not affect SUSE (bsc#1062538).
Bug fixes:
- Update to version 9.4.15
* https://www.postgresql.org/docs/9.4/static/release-9-4-15.html
* https://www.postgresql.org/docs/9.4/static/release-9-4-14.html
ModerateSUSE bug 1062538SUSE bug 1067844CVE-2017-12172 at SUSECVE-2017-12172 at NVDCVE-2017-15098 at SUSECVE-2017-15098 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql94 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql94 fixes the following issues:
PostgreSQL was updated to version 9.4.16, full release notes:
https://www.postgresql.org/docs/9.4/static/release-9-4-16.html
Security issues fixed:
- CVE-2018-1053: Ensure that all temporary files made by pg_upgrade are non-world-readable. (bsc#1077983)
ModerateSUSE bug 1077983CVE-2018-1053 at SUSECVE-2018-1053 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql94 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql94 fixes the following issues:
Security issues fixed:
- CVE-2018-1058: Fixed uncontrolled search path element in pg_dump and other client applications (bsc#1081925).
Bug fixes:
- See release notes for details:
* https://www.postgresql.org/docs/9.4/static/release-9-4-17.html
* https://www.postgresql.org/docs/9.4/static/release-9-4-16.html
ModerateSUSE bug 1081925CVE-2018-1058 at SUSECVE-2018-1058 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql94 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql94 fixes the following issues:
postgresql was updated to 9.4.19:
https://www.postgresql.org/docs/current/static/release-9-4-19.html
* CVE-2018-10915, bsc#1104199: Fix failure to reset libpq's state
fully between connection attempts.
postgresql was updated to 9.4.18:
- https://www.postgresql.org/about/news/1851/
- https://www.postgresql.org/docs/current/static/release-9-4-18.html
A dump/restore is not required for those running 9.4.X.
However, if the function marking mistakes mentioned in the first
changelog entry below affect you, you will want to take steps to
correct your database catalogs.
ImportantSUSE bug 1104199CVE-2018-10915 at SUSECVE-2018-10915 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for postgresql94 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for postgresql94 fixes the following issues:
Security issue fixed:
- CVE-2019-10208: Fixed arbitrary SQL execution via suitable SECURITY DEFINER function under the identity of the function owner (bsc#1145092).
ImportantSUSE bug 1145092CVE-2019-10208 at SUSECVE-2019-10208 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for powerpc-utilsSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server for SAP Applications 11 SP3
The 'snap' system information collection tool of the PowerPC Utils package
collected fstab and yaboot.conf files which might contain passwords.
(CVE-2014-4040)
As these files are of interest, we now print a warning that the user of the
'snap' tool should check if private passwords are in those files.
Security Issues:
* CVE-2014-4040
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4040>
SUSE bug 879310SUSE bug 879839SUSE bug 883174SUSE bug 901216CVE-2014-4040 at SUSECVE-2014-4040 at NVDcpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for ppc64-diagSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server for SAP Applications 11 SP3
ppc64-diag has been updated to prevent the usage of predictable filenames
in /tmp in various scripts and daemons (CVE-2014-4038) Also the snapshot
tarball was previously generated world readable, which could have leaked
sensible information, which is only visible to root, to all users. It is
now readable for root only (CVE-2014-4039).
Security Issues:
* CVE-2014-4038
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4038>
* CVE-2014-4039
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4039>
SUSE bug 882667CVE-2014-4038 at SUSECVE-2014-4038 at NVDCVE-2014-4039 at SUSECVE-2014-4039 at NVDcpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for pppSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This ppp update fixes a potential security issue that an unprivileged
attacker could access privileged options:
* integer overflow in option parsing (CVE-2014-3158, bnc#891489)
Security Issues:
* CVE-2014-3158
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3158>
SUSE bug 891489CVE-2014-3158 at SUSECVE-2014-3158 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for ppp (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The ppp package was updated to fix the following security issue:
- CVE-2015-3310: Fixed a buffer overflow in radius plug-in's rc_mksid() (bsc#927841).
ModerateSUSE bug 927841CVE-2015-3310 at SUSECVE-2015-3310 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ppp (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ppp fixes the following security issue:
- CVE-2020-8597: Fixed a buffer overflow in the eap_request and eap_response functions (bsc#1162610).
ImportantSUSE bug 1162610CVE-2020-8597 at SUSECVE-2020-8597 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for procmailSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
procmail was updated to fix a security issue in its formail helper.
* When formail processed specially crafted e-mail headers a heap
corruption could be triggered, which would lead to a crash of
formail. (CVE-2014-3618)
Security Issues:
* CVE-2014-3618
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3618>
SUSE bug 894999CVE-2014-3618 at SUSECVE-2014-3618 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for procmail (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for procmail fixes the following issues:
Security issue fixed:
- CVE-2017-16844: Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than CVE-2014-3618. (bnc#1068648)
ModerateSUSE bug 1068648CVE-2017-16844 at SUSECVE-2017-16844 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for procps (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for procps fixes the following security issues:
- CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top
with HOME unset in an attacker-controlled directory, the attacker could have
achieved privilege escalation by exploiting one of several vulnerabilities in
the config_file() function (bsc#1092100).
- CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow.
Inbuilt protection in ps maped a guard page at the end of the overflowed
buffer, ensuring that the impact of this flaw is limited to a crash (temporary
denial of service) (bsc#1092100).
- CVE-2018-1124: Prevent multiple integer overflows leading to a heap
corruption in file2strvec function. This allowed a privilege escalation for a
local attacker who can create entries in procfs by starting processes, which
could result in crashes or arbitrary code execution in proc utilities run by
other users (bsc#1092100).
- CVE-2018-1125: Prevent stack buffer overflow in pgrep. This vulnerability was
mitigated by FORTIFY limiting the impact to a crash (bsc#1092100).
- CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent
truncation/integer overflow issues (bsc#1092100).
ModerateSUSE bug 1092100CVE-2018-1122 at SUSECVE-2018-1122 at NVDCVE-2018-1123 at SUSECVE-2018-1123 at NVDCVE-2018-1124 at SUSECVE-2018-1124 at NVDCVE-2018-1125 at SUSECVE-2018-1125 at NVDCVE-2018-1126 at SUSECVE-2018-1126 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for puppetSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Puppet was updated to fix the following security issues:
* Unsafe use of temporary files. (CVE-2013-4969)
* Arbitrary code execution with required social engineering.
(CVE-2014-3248, CVE-2014-3250)
Security Issues references:
* CVE-2014-3248
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3248>
* CVE-2013-4969
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4969>
* CVE-2014-3250
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3250>
SUSE bug 825878SUSE bug 835122SUSE bug 835848SUSE bug 835891SUSE bug 853982SUSE bug 856843SUSE bug 864082SUSE bug 879913SUSE bug 913078CVE-2013-3567 at SUSECVE-2013-3567 at NVDCVE-2013-4761 at SUSECVE-2013-4761 at NVDCVE-2013-4969 at SUSECVE-2013-4969 at NVDCVE-2014-3248 at SUSECVE-2014-3248 at NVDCVE-2014-3250 at SUSECVE-2014-3250 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for puppet (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for puppet fixes the following issues:
- CVE-2017-2295: Fixed a security vulnerability where an attacker could
force YAML deserialization in an unsafe manner, which would lead to
remote code execution.
In default, this update would break a backwards compatibility
with Puppet agents older than 3.2.2 as the SLE11 master doesn't
support other fact formats than pson in default anymore.
In order to allow users to continue using their SLE11 agents
a patch was added that enables sending PSON from agents.
For non-SUSE clients older that 3.2.2 a new puppet master boolean option
'dangerous_fact_formats' was added. When it's set to true it
enables using dangerous fact formats (e.g. YAML). When it's set
to false, only PSON fact format is accepted. (bsc#1040151),
(bsc#1077767)
ModerateSUSE bug 1040151SUSE bug 1077767CVE-2017-2295 at SUSECVE-2017-2295 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for puppet (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for puppet fixes the following issues:
Security issue fixed:
- CVE-2020-7942: Added a warning for a vulnerable configuration option, which could allow
for information disclosure in certain setups. Disabling it my break some setups. (bsc#1167645)
Non-security issue fixed:
- Fixed deletion of puppet master file /etc/puppet/manifests/site.pp during updates (bsc#935899).
ModerateSUSE bug 1167645SUSE bug 935899CVE-2020-7942 at SUSECVE-2020-7942 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for pure-ftpdSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for pure-ftpd provides fixes for the following issues:
* LIST command processed incorrectly when pathname argument contains a
space character. (bnc#899136)
* LIST FILENAME handled incorrectly when using ftp-tls if file name
doesn't exist. (bnc#856424)
* Re-enable disable_ascii option. (bnc#828469)
SUSE bug 828469SUSE bug 856424SUSE bug 899136SUSE bug 902229CVE-2014-3566 at SUSECVE-2014-3566 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for pure-ftpd (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for pure-ftpd fixes the following issues:
- CVE-2019-20176: Fixed a potential server crash when remotely listing
directories (bsc#1160111).
ImportantSUSE bug 1160111CVE-2019-20176 at SUSECVE-2019-20176 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for pure-ftpd (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for pure-ftpd fixes the following issues:
- CVE-2021-40524: Fixed DoS caused by an incorrect check in the max_filesize quota mechanism which allowed attackers to upload files of unbounded size (bsc#1190205).
ImportantSUSE bug 1190205CVE-2021-40524 at SUSECVE-2021-40524 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python fixes the following issues:
- CVE-2016-0772: smtplib vulnerability opens startTLS stripping attack (bsc#984751)
- CVE-2016-5699: incorrect validation of HTTP headers allow header injection (bsc#985348)
- CVE-2016-1000110: HTTPoxy vulnerability in urllib, fixed by disregarding HTTP_PROXY
when REQUEST_METHOD is also set (bsc#989523)
ModerateSUSE bug 984751SUSE bug 985348SUSE bug 989523CVE-2016-0772 at SUSECVE-2016-0772 at NVDCVE-2016-1000110 at SUSECVE-2016-1000110 at NVDCVE-2016-5699 at SUSECVE-2016-5699 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python fixes the following issues:
- CVE-2017-1000158: Fixed integer overflow in thePyString_DecodeEscape function (bsc#1068664).
ModerateSUSE bug 1068664CVE-2017-1000158 at SUSECVE-2017-1000158 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python fixes the following issues:
The following security vulnerabilities were addressed:
- Add a check to Lib/wave.py that verifies that at least one channel is
provided. Prior to this, attackers could cause a denial of service via a
crafted wav format audio file. [bsc#1083507, CVE-2017-18207]
ModerateSUSE bug 1083507CVE-2017-18207 at SUSECVE-2017-18207 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python-base fixes the following issues:
Security issues fixed:
- CVE-2018-1061: Fixed DoS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib (bsc#1088004).
- CVE-2018-1060: Fixed DoS via regular expression catastrophic backtracking in apop() method in pop3lib (bsc#1088009).
- CVE-2016-5636: Fixed heap overflow in zipimporter module (bsc#985177)
Bug fixes:
- bsc#1086001: python tarfile uses random order.
ImportantSUSE bug 1086001SUSE bug 1088004SUSE bug 1088009SUSE bug 985177CVE-2016-5636 at SUSECVE-2016-5636 at NVDCVE-2018-1060 at SUSECVE-2018-1060 at NVDCVE-2018-1061 at SUSECVE-2018-1061 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python fixes the following issue:
- CVE-2018-14647: Python's elementtree C accelerator failed to initialise
Expat's hash salt during initialization. This could make it easy to conduct
denial of service attacks against Expat by constructing an XML document that
would cause pathological hash collisions in Expat's internal data structures,
consuming large amounts CPU and RAM (bsc#1109847)
ModerateSUSE bug 1109847CVE-2018-14647 at SUSECVE-2018-14647 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python fixes the following issues:
Security issues fixed:
- CVE-2019-9948: Fixed a 'file:' blacklist bypass in URIs by using the 'local-file:' scheme instead (bsc#1130847).
- CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization (bsc#1129346).
ImportantSUSE bug 1129346SUSE bug 1130847CVE-2019-9636 at SUSECVE-2019-9636 at NVDCVE-2019-9948 at SUSECVE-2019-9948 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python fixes the following issues:
- CVE-2019-10160: Fixed a regression in urlparse() and urlsplit() introduced by the fix for CVE-2019-9636 (bsc#1138459).
- CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain validation (bsc#1141853).
ImportantSUSE bug 1138459SUSE bug 1141853CVE-2018-20852 at SUSECVE-2018-20852 at NVDCVE-2019-10160 at SUSECVE-2019-10160 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python fixes the following issues:
Security issue fixed:
- CVE-2019-16056: Fixed a parser issue in the email module. (bsc#1149955)
ModerateSUSE bug 1149955CVE-2019-16056 at SUSECVE-2019-16056 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python fixes the following security issue:
- CVE-2020-8492: Fixed a regular expression in urllib that was prone to denial of service via HTTP (bsc#1162367).
ModerateSUSE bug 1162367CVE-2020-8492 at SUSECVE-2020-8492 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python fixes the following issues:
Security issues fixed:
- CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen().
Now an InvalidURL exception is raised (bsc#1155094).
- CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs (bsc#1162825).
ModerateSUSE bug 1155094SUSE bug 1162825CVE-2019-18348 at SUSECVE-2019-18348 at NVDCVE-2019-9674 at SUSECVE-2019-9674 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python fixes the following issues:
- CVE-2019-20907: Avoid a possible infinite loop caused by specifically crafted tarballs (bsc#1174091).
ModerateSUSE bug 1174091CVE-2019-20907 at SUSECVE-2019-20907 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python fixes the following issues:
- bsc#1177211 (CVE-2020-26116) no longer allowing special characters in the method parameter
of HTTPConnection.putrequest in httplib, stopping injection of headers.
ImportantSUSE bug 1177211CVE-2020-26116 at SUSECVE-2020-26116 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python fixes the following issues:
- CVE-2021-23336: which forbids use of semicolon as a query string separator (bpo#42967, bsc#1182379, CVE-2021-23336).
- Switch off -O0 non-optimization.
- CVE-2021-3177: fixing bsc#1181126 (CVE-2021-3177) buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution.
ModerateSUSE bug 1181126SUSE bug 1182379CVE-2021-23336 at SUSECVE-2021-23336 at NVDCVE-2021-3177 at SUSECVE-2021-3177 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python fixes the following issues:
- CVE-2021-3737: Fixed http client infinite line reading (DoS) after a http 100. (bsc#1189241)
- CVE-2021-3733: Fixed ReDoS in urllib.request. (bsc#1189287)
- CVE-2019-9947: Fixed a CRLF injection that can occur if the attacker controls a url parameter. (bsc#1130840)
ModerateSUSE bug 1130840SUSE bug 1189241SUSE bug 1189287CVE-2019-9947 at SUSECVE-2019-9947 at NVDCVE-2021-3733 at SUSECVE-2021-3733 at NVDCVE-2021-3737 at SUSECVE-2021-3737 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python fixes the following issues:
- CVE-2022-0391: Fixed incorrect sanitizing of URLs containing ASCII newline and tabs in urlparse (bsc#1195396).
- CVE-2015-20107: avoid command injection in the mailcap module (bsc#1198511).
ImportantSUSE bug 1195396SUSE bug 1198511CVE-2015-20107 at SUSECVE-2015-20107 at NVDCVE-2022-0391 at SUSECVE-2022-0391 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python fixes the following issues:
- CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when an URI path starts with // (bsc#1202624).
ModerateSUSE bug 1202624CVE-2021-28861 at SUSECVE-2021-28861 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python fixes the following issues:
- CVE-2022-45061: Fixed quadratic IDNA decoding time (bsc#1205244).
ImportantSUSE bug 1205244CVE-2022-45061 at SUSECVE-2022-45061 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python fixes the following issues:
- CVE-2022-40899: Fixed an issue that could allow attackers to cause
an excessive CPU usage via a crafted Set-Cookie header (bsc#1206673).
ModerateSUSE bug 1206673CVE-2022-40899 at SUSECVE-2022-40899 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python fixes the following issues:
- CVE-2023-24329: Fixed blocklist bypass via the urllib.parse component when supplying a URL that starts with blank characters (bsc#1208471).
ImportantSUSE bug 1208471CVE-2023-24329 at SUSECVE-2023-24329 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for PythonSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This python update fixes a certificate hostname issue.
* bnc#834601: CVE-2013-4238: python: SSL module does not handle
certificates that contain hostnames with NULL bytes
Security Issue reference:
* CVE-2013-4238
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238>
SUSE bug 834601CVE-2013-4238 at SUSECVE-2013-4238 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for PythonSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Python was updated to fix one security issue:
* Potential wraparound/overflow in buffer() (CVE-2014-7185)
As an additional hardening measure SSLv2 has been disabled (bnc#901715).
Security Issues:
* CVE-2014-7185
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7185>
SUSE bug 898572SUSE bug 901715CVE-2014-7185 at SUSECVE-2014-7185 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for pythonSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for Python fixes the following security issues:
* bnc#834601: SSL module does not handle certificates that contain
hostnames with NULL bytes. (CVE-2013-4238)
* bnc#856836: Various stdlib read flaws. (CVE-2013-1752)
Additionally, the following non-security issues have been fixed:
* bnc#859068: Turn off OpenSSL's aggressive optimizations that conflict
with Python's GC.
* bnc#847135: Setting fips=1 at boot time causes problems with Python
due to MD5 usage.
Security Issue references:
* CVE-2013-4073
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4073>
* CVE-2013-4238
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238>
SUSE bug 834601SUSE bug 847135SUSE bug 856836SUSE bug 859068CVE-2013-4073 at SUSECVE-2013-4073 at NVDCVE-2013-4238 at SUSECVE-2013-4238 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for PythonSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Python was updated to fix a security issue in the socket.recvfrom_into
function, where data could be written over the end of the buffer.
(CVE-2014-1912)
Security Issue reference:
* CVE-2014-1912
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912>
SUSE bug 863741CVE-2014-1912 at SUSECVE-2014-1912 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for PythonSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for Python provides fixes for the following issues:
* CGIHTTPServer file disclosure and directory traversal through
URL-encoded characters. (CVE-2014-4650)
* The 'urlparse' module has been updated to correctly parse IPv6
addresses. (bnc#872848)
* Correctly enable IPv6 support.
Security Issues:
* CVE-2014-4650
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4650>
SUSE bug 872848SUSE bug 885882CVE-2014-4650 at SUSECVE-2014-4650 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for python-Jinja2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python-Jinja2 fixes the following issues:
- CVE-2020-28493: Improve the speed of the 'urlize' filter by reducing regex
backtracking. Email matching requires a word character at the start of the
domain part, and only word characters in the TLD. (bsc#1181944)
ImportantSUSE bug 1181944CVE-2020-28493 at SUSECVE-2020-28493 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python-PyYAML (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python-PyYAML fixes the following issues:
- CVE-2020-14343: Fixed an incomplete solution for a previous code
execution issue when the default loader was used (bsc#1174514).
- CVE-2017-18342: Made the standard loader safe by default (bsc#1099308).
ImportantSUSE bug 1099308SUSE bug 1174514CVE-2017-18342 at SUSECVE-2017-18342 at NVDCVE-2020-14343 at SUSECVE-2020-14343 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python-httplib2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python-httplib2 fixes the following issues:
- Update to version 0.19.0 (bsc#1182053).
- CVE-2021-21240: Fixed regular expression denial of service via malicious header (bsc#1182053).
- CVE-2020-11078: Fixed unescaped part of uri where an attacker could change request headers and body (bsc#1182053).
ModerateSUSE bug 1171998SUSE bug 1182053CVE-2020-11078 at SUSECVE-2020-11078 at NVDCVE-2021-21240 at SUSECVE-2021-21240 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python-imagingSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This python-imaging update fixes the following two security issues:
* bnc#863541: Fixed insecure temporary file creation and handling
(CVE-2014-1932, CVE-2014-1933)
Security Issue references:
* CVE-2014-1932
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1932>
* CVE-2014-1933
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1933>
SUSE bug 863541CVE-2014-1932 at SUSECVE-2014-1932 at NVDCVE-2014-1933 at SUSECVE-2014-1933 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for python-lxmlSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This security update for python-lxml fixes a input sanitization flaw in
clean_html. (CVE-2014-3146)
Security Issues:
* CVE-2014-3146
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3146>
SUSE bug 657698SUSE bug 877258CVE-2014-3146 at SUSECVE-2014-3146 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for python-lxml (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python-lxml fixes the following issues:
- CVE-2020-27783: Fixed XSS due to the use of improper parser (bsc#1179534).
ModerateSUSE bug 1179534CVE-2020-27783 at SUSECVE-2020-27783 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python-lxml (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python-lxml fixes the following issues:
- CVE-2021-43818: Remove SVG image data URLs since they can embed script content. (bsc#1193752)
- CVE-2018-19787: The lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks. (bsc#1118088)
- CVE-2021-28957: Fixed XSS due to missing input sanitization for HTML5 attributes. (bsc#1184177)
ModerateSUSE bug 1118088SUSE bug 1184177SUSE bug 1193752CVE-2018-19787 at SUSECVE-2018-19787 at NVDCVE-2021-28957 at SUSECVE-2021-28957 at NVDCVE-2021-43818 at SUSECVE-2021-43818 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python-numpy (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python-numpy fixes the following issues:
Security issue fixed:
- CVE-2019-6446: Set allow_pickle to false by default to restrict loading untrusted content (bsc#1122208).
With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by
misusing numpy.load(). A warning during runtime will show-up when the allow_pickle is not explicitly set.
NOTE: By applying this update the behavior of python-numpy changes, which might break your application.
In order to get the old behaviour back, you have to explicitly set `allow_pickle` to True. Be aware
that this should only be done for trusted input, as loading untrusted input might lead to arbitrary code
execution.
ImportantSUSE bug 1122208CVE-2019-6446 at SUSECVE-2019-6446 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python-paramiko (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python-paramiko fixes the following issues:
- CVE-2018-7750: transport.py in the SSH server implementation of Paramiko did
not properly check whether authentication is completed processing other
requests. A customized SSH client could have skipped the authentication step
(bsc#1085276)
ImportantSUSE bug 1085276CVE-2018-7750 at SUSECVE-2018-7750 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python-paramiko (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python-paramiko fixes the following issues:
- CVE-2018-1000805: Fixed an authentication bypass in auth_handler.py (bsc#1111151).
ModerateSUSE bug 1111151CVE-2018-1000805 at SUSECVE-2018-1000805 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python-pip (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python-pip fixes the following issues:
- CVE-2021-3572: Fixed incorrect handling of unicode separators in git references (bsc#1186819).
ModerateSUSE bug 1186819CVE-2021-3572 at SUSECVE-2021-3572 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python-pycrypto (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python-pycrypto fixes the following issues:
- CVE-2013-7459: Fixed a potential heap buffer overflow in ALGnew (bsc#1017420).
ImportantSUSE bug 1017420CVE-2013-7459 at SUSECVE-2013-7459 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for python-pywbemSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for python-pywbem fixes the following issue:
* Do not remove 'pwd' library from the import list. (bnc#876783)
SUSE bug 856108SUSE bug 856323SUSE bug 876783CVE-2013-6418 at SUSECVE-2013-6418 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for python-setuptools (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python-setuptools fixes the following issues:
- CVE-2022-40897: Fixed an excessive CPU usage that could be triggered
by fetching a malicious HTML document (bsc#1206667).
ModerateSUSE bug 1206667CVE-2022-40897 at SUSECVE-2022-40897 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27 fixes the following issues:
Security issues fixed:
- CVE-2017-1000158: Fixed integer overflows in PyString_DecodeEscape that could have resulted in
heap-based buffer overflow attacks and possible arbitrary code execution (bsc#1068664).
- CVE-2018-1000030: Fixed crash inside the Python interpreter when multiple threads used the same
I/O stream concurrently (bsc#1079300).
ModerateSUSE bug 1068664SUSE bug 1079300CVE-2017-1000158 at SUSECVE-2017-1000158 at NVDCVE-2018-1000030 at SUSECVE-2018-1000030 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27 fixes the following issues:
The following security vulnerabilities were addressed:
- Add a check to Lib/wave.py that verifies that at least one channel is
provided. Prior to this, attackers could cause a denial of service via a
crafted wav format audio file. [bsc#1083507, CVE-2017-18207]
ModerateSUSE bug 1083507CVE-2017-18207 at SUSECVE-2017-18207 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27 fixes the following issue:
- CVE-2018-1000802: Prevent command injection in shutil module (make_archive
function) via passage of unfiltered user input (bsc#1109663)
- CVE-2018-14647: Python's elementtree C accelerator failed to initialise
Expat's hash salt during initialization. This could make it easy to conduct
denial of service attacks against Expat by constructing an XML document that
would cause pathological hash collisions in Expat's internal data structures,
consuming large amounts CPU and RAM (bsc#1109847).
ModerateSUSE bug 1109663SUSE bug 1109847CVE-2018-1000802 at SUSECVE-2018-1000802 at NVDCVE-2018-14647 at SUSECVE-2018-14647 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27 fixes the following issues:
Security issue fixed:
- CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser (bsc#1122191)
ModerateSUSE bug 1122191CVE-2019-5010 at SUSECVE-2019-5010 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27 fixes the following issues:
Security issues fixed:
- CVE-2019-9948: Fixed a 'file:' blacklist bypass in URIs by using the 'local-file:' scheme instead (bsc#1130847).
- CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization (bsc#1129346).
ImportantSUSE bug 1129346SUSE bug 1130847CVE-2019-9636 at SUSECVE-2019-9636 at NVDCVE-2019-9948 at SUSECVE-2019-9948 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27 fixes the following issues:
Security issue fixed:
- CVE-2019-16056: Fixed a parser issue in the email module. (bsc#1149955)
- CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py (bsc#1153238).
ModerateSUSE bug 1149955SUSE bug 1153238CVE-2019-16056 at SUSECVE-2019-16056 at NVDCVE-2019-16935 at SUSECVE-2019-16935 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27 fixes the following issues:
python27 was updated to version 2.7.17.
- CVE-2019-18348: Fixed a CRLF injection via the host part
of the url passed to urlopen(). Now an InvalidURL exception
is raised (bsc#1155094).
- CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs (bsc#1162825).
- CVE-2020-8492: Fixed a regular expression in urllib that was prone to denial of service via HTTP (bsc#1162367).
- Unified packages among openSUSE:Factory and SLE versions (bsc#1159035).
- Added idle.desktop and idle.appdata.xml to provide IDLE in menus (bsc#1153830).
- Changed name of idle27 icons to idle27.png (bsc#1165894).
ImportantSUSE bug 1155094SUSE bug 1162367SUSE bug 1162825SUSE bug 1165894CVE-2019-18348 at SUSECVE-2019-18348 at NVDCVE-2019-9674 at SUSECVE-2019-9674 at NVDCVE-2020-8492 at SUSECVE-2020-8492 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27 fixes the following issues:
- CVE-2019-20907, bsc#1174091: avoiding possible infinite loop in specifically crafted tarball.
ModerateSUSE bug 1174091CVE-2019-20907 at SUSECVE-2019-20907 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27 fixes the following issues:
- Fixed a directory traversal in _download_http_url() (bsc#1176262 CVE-2019-20916)
ImportantSUSE bug 1176262CVE-2019-20916 at SUSECVE-2019-20916 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27 fixes the following issues:
- buffer overflow in PyCArg_repr in _ctypes/callproc.c,
which may lead to remote code execution (bsc#1181126, CVE-2021-3177).
- Provide the newest setuptools wheel (bsc#1176262,
CVE-2019-20916) in their correct form (bsc#1180686).
ImportantSUSE bug 1176262SUSE bug 1180686SUSE bug 1181126CVE-2019-20916 at SUSECVE-2019-20916 at NVDCVE-2021-3177 at SUSECVE-2021-3177 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27 fixes the following issues:
- python27 was upgraded to 2.7.18
- CVE-2021-23336: Fixed a potential web cache poisoning by using a
semicolon in query parameters use of semicolon as a query string
separator (bsc#1182379).
ModerateSUSE bug 1182379CVE-2021-23336 at SUSECVE-2021-23336 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27 fixes the following issues:
- CVE-2021-3737: Fixed http client infinite line reading (DoS) after a http 100. (bsc#1189241)
- CVE-2021-3733: Fixed ReDoS in urllib.request. (bsc#1189287)
- CVE-2020-26116: Fixed a CRLF injection via HTTP request method in httplib/http.client. (bsc#1177211)
ModerateSUSE bug 1177211SUSE bug 1187668SUSE bug 1189241SUSE bug 1189287CVE-2020-26116 at SUSECVE-2020-26116 at NVDCVE-2021-3733 at SUSECVE-2021-3733 at NVDCVE-2021-3737 at SUSECVE-2021-3737 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27 fixes the following issues:
- CVE-2022-0391: Fixed newline and tabs sanitation in urllib.parse (bsc#1195396).
- CVE-2021-4189: Fixed incorrect trust of PASV response (bsc#1194146).
ModerateSUSE bug 1194146SUSE bug 1195396CVE-2021-4189 at SUSECVE-2021-4189 at NVDCVE-2022-0391 at SUSECVE-2022-0391 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27 fixes the following issues:
- CVE-2021-3572: Fixed an improper handling of unicode characters in pip (bsc#1186819).
ModerateSUSE bug 1186819CVE-2021-3572 at SUSECVE-2021-3572 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27 fixes the following issues:
- CVE-2015-20107: avoid command injection in the mailcap module (bsc#1198511).
ImportantSUSE bug 1198511CVE-2015-20107 at SUSECVE-2015-20107 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27 fixes the following issues:
- CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when an URI path starts with // (bsc#1202624).
ModerateSUSE bug 1202624CVE-2021-28861 at SUSECVE-2021-28861 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27 fixes the following issues:
- CVE-2023-24329: Fixed blocklist bypass via the urllib.parse component when supplying a URL that starts with blank characters (bsc#1208471).
- CVE-2022-45061: Fixed DoS when IDNA decodes extremely long domain names (bsc#1205244).
ImportantSUSE bug 1205244SUSE bug 1208471CVE-2022-45061 at SUSECVE-2022-45061 at NVDCVE-2023-24329 at SUSECVE-2023-24329 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27-Jinja2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27-Jinja2 fixes the following issues:
- CVE-2020-28493: Improve the speed of the 'urlize' filter by reducing regex
backtracking. Email matching requires a word character at the start of the
domain part, and only word characters in the TLD. (bsc#1181944)
ImportantSUSE bug 1181944CVE-2020-28493 at SUSECVE-2020-28493 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27-ecdsa (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27-ecdsa to version 0.13.3 fixes the following issues:
Security issues fixed:
- CVE-2019-14853: Fixed unexpected exceptions during signature decoding (bsc#1153165).
- CVE-2019-14859: Fixed a signature malleability caused by insufficient checks of DER encoding (bsc#1154217).
ModerateSUSE bug 1153165SUSE bug 1154217CVE-2019-14853 at SUSECVE-2019-14853 at NVDCVE-2019-14859 at SUSECVE-2019-14859 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27-urllib3, python27-boto3, python27-botocore, python27-s3transfer (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update fixes the following issues:
python27-urllib3 was updated to version 1.24 (bsc#1149466).
python27-botocore was updated to version 1.12.213 (bsc#1149466).
python27-s3transfer was updated to version 0.2.1 (bsc#1149466).
python27-boto3 was updated to version 1.9.213 (bsc#1149466)
Security issues fixed in python27-urllib3:
- CVE-2019-9740: Fixed a CRLF injection (bsc#1129071).
- CVE-2019-11236: Fixed a CRLF injection (bsc#1132663).
- CVE-2019-11324: Fixed an improper validation of CA certificates (bsc#1132900).
ModerateSUSE bug 1074247SUSE bug 1129071SUSE bug 1132663SUSE bug 1132900SUSE bug 1149466SUSE bug 1150895CVE-2016-9015 at SUSECVE-2016-9015 at NVDCVE-2019-11236 at SUSECVE-2019-11236 at NVDCVE-2019-11324 at SUSECVE-2019-11324 at NVDCVE-2019-9740 at SUSECVE-2019-9740 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for python27-setuptools (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for python27-setuptools fixes the following issues:
- CVE-2022-40897: Fixed a Regular Expression Denial of Service (ReDoS) in package_index.py (bsc#1206667).
ModerateSUSE bug 1206667CVE-2022-40897 at SUSECVE-2022-40897 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for python 2.7 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update provides various modules for Python 2.7.
It also updates python 2.7 to the 2.7.16 release, fixing security issues and bugs.
The following packages are included in the update:
- cloud-init
- growpart
- python27-argparse
- python27-blinker
- python27-boto3
- python27-botocore
- python27-cffi
- python27-Cheetah
- python27-configobj
- python27-cryptography
- python27-dateutil
- python27-docutils
- python27-ecdsa
- python27-enum34
- python27-futures
- python27-httplib2
- python27-idna
- python27-ipaddress
- python27-Jinja2
- python27-jmespath
- python27-jsonpatch
- python27-jsonpointer
- python27-jsonschema
- python27-lockfile
- python27-MarkupSafe
- python27-oauthlib
- python27-oauth
- python27-paramiko
- python27-ply
- python27-PrettyTable
- python27-pyasn1-modules
- python27-pyasn1
- python27-pycparser
- python27-pycrypto
- python27-PyJWT
- python27-pyserial
- python27-pytest
- python27-python-daemon
- python27-PyYAML
- python27-requests
- python27-s3transfer
- python27-setuptools
- python27-simplejson
- python27-six
ModerateSUSE bug 1007084SUSE bug 1014478SUSE bug 1015776SUSE bug 1054106SUSE bug 1054413SUSE bug 1064755SUSE bug 1073879SUSE bug 1075263SUSE bug 1082318SUSE bug 1097455SUSE bug 1098681SUSE bug 905354SUSE bug 962170SUSE bug 974705SUSE bug 974993SUSE bug 975949SUSE bug 998103SUSE bug 998378CVE-2017-12880 at SUSECVE-2017-12880 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for quaggaSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update of quagga fixes two security issues:
* CVE-2013-0149: specially-crafted OSPF packets could have caused the
routing table to be erased (bnc#822572)
* CVE-2013-2236: local network stack overflow (bnc#828117)
Security Issue references:
* CVE-2013-2236
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2236>
* CVE-2013-0149
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0149>
SUSE bug 822572SUSE bug 828117CVE-2013-0149 at SUSECVE-2013-0149 at NVDCVE-2013-2236 at SUSECVE-2013-2236 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for quagga (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for quagga fixes the following security issue:
- CVE-2016-2342: Quagga was extended the prefixlen check to ensure it is
within the bound of the NLRI packet data and the on-stack prefix structure
and the maximum size for the address family (bsc#970952).
ModerateSUSE bug 970952CVE-2016-2342 at SUSECVE-2016-2342 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for quagga (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for quagga fixes one security issue:
- bsc#770619: Disallow unprivileged users to enter config directory /etc/quagga
(group: quagga, mode: 750) and read configuration files installed
there (group: quagga, mode: 640).
LowSUSE bug 770619cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for quagga (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for quagga fixes the following issue:
Security issue fixed:
- CVE-2016-4049: Fix for a buffer overflow error in bgp_dump_routes_func. (bsc#977012)
ModerateSUSE bug 977012CVE-2016-4049 at SUSECVE-2016-4049 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for quagga (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for quagga fixes the following issues:
- CVE-2016-1245: Fix for a zebra stack overrun in IPv6 RA receive code (bsc#1005258).
ImportantSUSE bug 1005258CVE-2016-1245 at SUSECVE-2016-1245 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for quagga (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for quagga fixes the following issues:
- The Quagga BGP daemon contained a bug in the AS_PATH size calculation that
could have been exploited to facilitate a remote denial-of-service attack via
specially crafted BGP UPDATE messages. [CVE-2017-16227, bsc#1065641]
- The Quagga BGP daemon did not check whether data sent to peers via NOTIFY had
an invalid attribute length. It was possible to exploit this issue and cause
the bgpd process to leak sensitive information over the network to a
configured peer. [CVE-2018-5378, bsc#1079798]
- The Quagga BGP daemon used to double-free memory when processing certain
forms of UPDATE messages. This issue could be exploited by sending an
optional/transitive UPDATE attribute that all conforming eBGP speakers should
pass along. Consequently, a single UPDATE message could have affected many
bgpd processes across a wide area of a network. Through this vulnerability,
attackers could potentially have taken over control of affected bgpd
processes remotely. [CVE-2018-5379, bsc#1079799]
- It was possible to overrun internal BGP code-to-string conversion tables in
the Quagga BGP daemon. Configured peers could have exploited this issue and
cause bgpd to emit debug and warning messages into the logs that would
contained arbitrary bytes. [CVE-2018-5380, bsc#1079800]
- The Quagga BGP daemon could have entered an infinite loop if sent an invalid
OPEN message by a configured peer. If this issue was exploited, then bgpd
would cease to respond to any other events. BGP sessions would have been
dropped and not be reestablished. The CLI interface would have been
unresponsive. The bgpd daemon would have stayed in this state until
restarted. [CVE-2018-5381, bsc#1079801]
- The Quagga daemon's telnet 'vty' CLI contains an unbounded memory allocation
bug that could be exploited for a denial-of-service attack on the daemon.
This issue has been fixed. [CVE-2017-5495, bsc#1021669]
- The telnet 'vty' CLI of the Quagga daemon is no longer enabled by default,
because the passwords in the default 'zebra.conf' config file are now
disabled. The vty interface is available via 'vtysh' utility using pam
authentication to permit management access for root without password.
[bsc#1021669]
ImportantSUSE bug 1021669SUSE bug 1065641SUSE bug 1079798SUSE bug 1079799SUSE bug 1079800SUSE bug 1079801CVE-2017-16227 at SUSECVE-2017-16227 at NVDCVE-2017-5495 at SUSECVE-2017-5495 at NVDCVE-2018-5378 at SUSECVE-2018-5378 at NVDCVE-2018-5379 at SUSECVE-2018-5379 at NVDCVE-2018-5380 at SUSECVE-2018-5380 at NVDCVE-2018-5381 at SUSECVE-2018-5381 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for raptor (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for raptor fixes the following issues:
- CVE-2020-25713: Fixed an out of bounds access triggered via a
malformed input file (bsc#1178903).
ModerateSUSE bug 1178903CVE-2020-25713 at SUSECVE-2020-25713 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for sendmailSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
sendmail has been updated to fix the following security issue:
* Not properly closing file descriptors before executing programs
(CVE-2014-3956).
Security Issues:
* CVE-2014-3956
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956>
SUSE bug 881284CVE-2014-3956 at SUSECVE-2014-3956 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for rpcbind (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
A use-after-free security bug in rpcbind was fixed which could lead to a remote denial of service.
ModerateSUSE bug 940191SUSE bug 946204CVE-2015-7236 at SUSECVE-2015-7236 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for rpm (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for rpm fixes the following issues:
- Fixed PGP parsing bugs (bsc#1185299).
- Fixed various format handling bugs (bsc#996280).
- CVE-2021-3421: Fixed vulnerability where unsigned headers could be injected into the rpm database (bsc#1183543).
- CVE-2021-20271: Fixed vulnerability where a corrupted rpm could corrupt the rpm database (bsc#1183545).
- CVE-2021-20266: Fixed missing bounds check in hdrblobInit (bsc#1183632).
Bugfixes:
- Fixed deadlock when multiple rpm processes tried to acquire the database lock (bsc#1183659).
ModerateSUSE bug 1183543SUSE bug 1183545SUSE bug 1183632SUSE bug 1183659SUSE bug 1185299SUSE bug 996280CVE-2021-20266 at SUSECVE-2021-20266 at NVDCVE-2021-20271 at SUSECVE-2021-20271 at NVDCVE-2021-3421 at SUSECVE-2021-3421 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for rsync (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for rsync fixes two security issues:
- CVE-2014-8242: Checksum collisions leading to a denial of service (bsc#900914)
- CVE-2014-9512: Malicious servers could send files outside of the transferred directory (bsc#915410)
ModerateSUSE bug 900914SUSE bug 915410CVE-2014-8242 at SUSECVE-2014-8242 at NVDCVE-2014-9512 at SUSECVE-2014-9512 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for rsync (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
rsync was updated to fix one security issue.
- CVE-2014-9512: rsync allowed remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path (bsc#915410).
ModerateSUSE bug 915410CVE-2014-9512 at SUSECVE-2014-9512 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for rsync (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for rsync fixes the following issues:
Security issues fixed:
- CVE-2017-17434: The daemon in rsync did not check for fnamecmp filenames in
the daemon_filter_list data structure (in the recv_files function in
receiver.c) and also did not apply the sanitize_paths protection mechanism to
pathnames found in 'xname follows' strings (in the read_ndx_and_attrs function
in rsync.c), which allowed remote attackers to bypass intended access
restrictions' (bsc#1071460).
- CVE-2017-17433: The recv_files function in receiver.c in the daemon in rsync,
proceeded with certain file metadata updates before checking for a filename in
the daemon_filter_list data structure, which allowed remote attackers to bypass
intended access restrictions (bsc#1071459).
- CVE-2017-16548: The receive_xattr function in xattrs.c in rsync did not check
for a trailing '\\0' character in an xattr name, which allowed remote attackers
to cause a denial of service (heap-based buffer over-read and application
crash) or possibly have unspecified other impact by sending crafted data to the
daemon (bsc#1066644).
ModerateSUSE bug 1066644SUSE bug 1071459SUSE bug 1071460CVE-2017-16548 at SUSECVE-2017-16548 at NVDCVE-2017-17433 at SUSECVE-2017-17433 at NVDCVE-2017-17434 at SUSECVE-2017-17434 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for rsync (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for rsync fixes one issues.
This security issue was fixed:
- CVE-2018-5764: The parse_arguments function in options.c did not prevent
multiple --protect-args uses, which allowed remote attackers to bypass an
argument-sanitization protection mechanism (bsc#1076503)
ModerateSUSE bug 1076503CVE-2018-5764 at SUSECVE-2018-5764 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for rsyslogSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
rsyslog has been updated to fix a remote denial of service issue:
* Under certain configurations, a local or remote attacker able to send
syslog messages to the server could have crashed the log server due
to an array overread. (CVE-2014-3634, CVE-2014-3683)
Security Issues:
* CVE-2014-3634
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3634>
* CVE-2014-3683
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3683>
SUSE bug 890228SUSE bug 897262SUSE bug 899756CVE-2014-3634 at SUSECVE-2014-3634 at NVDCVE-2014-3683 at SUSECVE-2014-3683 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for rsyslog (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for rsyslog fixes the following issues:
- CVE-2019-17041: Fixed a heap overflow in the parser for AIX log messages (bsc#1153451).
- CVE-2019-17042: Fixed a heap overflow in the parser for Cisco log messages (bsc#1153459).
ModerateSUSE bug 1153451SUSE bug 1153459CVE-2019-17041 at SUSECVE-2019-17041 at NVDCVE-2019-17042 at SUSECVE-2019-17042 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for RubySUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This Ruby update fixes the following security issue:
* bnc#808137: Fixed entity expansion DoS vulnerability in REXML
(CVE-2013-1821).
Security Issue reference:
* CVE-2013-1821
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1821>
SUSE bug 808137SUSE bug 827265SUSE bug 851803SUSE bug 902851SUSE bug 905326CVE-2009-0689 at SUSECVE-2009-0689 at NVDCVE-2013-1821 at SUSECVE-2013-1821 at NVDCVE-2013-4073 at SUSECVE-2013-4073 at NVDCVE-2013-4164 at SUSECVE-2013-4164 at NVDCVE-2014-8080 at SUSECVE-2014-8080 at NVDCVE-2014-8090 at SUSECVE-2014-8090 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for ruby (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ruby fixes the following issues:
Secuirty issues fixed:
- CVE-2015-1855: Ruby OpenSSL Hostname Verification (bsc#926974)
- CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL (bsc#959495)
Bugfixes:
- fix small mistake in the backport for (bsc#986630)
ModerateSUSE bug 926974SUSE bug 959495SUSE bug 986630CVE-2015-1855 at SUSECVE-2015-1855 at NVDCVE-2015-7551 at SUSECVE-2015-7551 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ruby (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for ruby fixes the following issues:
- CVE-2018-16395: Fixed an issue where two x509 certificates could be
considered to be equal when this was not the case (bsc#1112530).
- CVE-2021-32066: Fixed an issue where the IMAP client API would not
report a failure when StartTLS failed, leading to potential man in
the middle attacks (bsc#1188160).
- CVE-2021-31810: Fixed an issue where the FTP client API would trust
certain responses from a malicious server, tricking the client into
connecting to addresses not (bsc#1188161).
ImportantSUSE bug 1112530SUSE bug 1188160SUSE bug 1188161CVE-2018-16395 at SUSECVE-2018-16395 at NVDCVE-2021-31810 at SUSECVE-2021-31810 at NVDCVE-2021-32066 at SUSECVE-2021-32066 at NVDCVE-2021-81810 at SUSECVE-2021-81810 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for rzsz (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for rzsz fixes the following issues:
- L3: sz of rzsz segfaults in zsdata() (bsc#1086416)
- VUL-0: CVE-2018-10195: rzsz: sz can leak data to receiving side (bsc#1090051)
- rzsz-0.12.20-976.7: illegal use of freed variable (bsc#529899)
- /usr/bin/lsb segfaults [rzsz] (bsc#1076576)
ModerateSUSE bug 1076576SUSE bug 1086416SUSE bug 1090051SUSE bug 529899CVE-2018-10195 at SUSECVE-2018-10195 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for samba (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for samba fixes the following issues:
Security issue fixed:
- CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link
target; (bso#11648); (bsc#968222).
Bug fixed:
- Fix leaking memory in libsmbclient: Add missing talloc
stackframe; (bso#11177); (bsc#967017).
ImportantSUSE bug 967017SUSE bug 968222CVE-2015-7560 at SUSECVE-2015-7560 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for samba (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
samba was updated to fix seven security issues.
These security issues were fixed:
- CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks (bsc#936862).
- CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication (bsc#973031).
- CVE-2016-2111: Domain controller netlogon member computer could have been spoofed (bsc#973032).
- CVE-2016-2112: LDAP conenctions were vulnerable to downgrade and MITM attack (bsc#973033).
- CVE-2016-2113: TLS certificate validation were missing (bsc#973034).
- CVE-2016-2115: Named pipe IPC were vulnerable to MITM attacks (bsc#973036).
- CVE-2016-2118: 'Badlock' DCERPC impersonation of authenticated account were possible (bsc#971965).
These non-security issues were fixed:
- bsc#967017: Fix leaking memory in libsmbclient in cli_set_mntpoint function
- Getting and setting Windows ACLs on symlinks can change permissions on link
ImportantSUSE bug 936862SUSE bug 967017SUSE bug 971965SUSE bug 973031SUSE bug 973032SUSE bug 973033SUSE bug 973034SUSE bug 973036CVE-2015-5370 at SUSECVE-2015-5370 at NVDCVE-2016-2110 at SUSECVE-2016-2110 at NVDCVE-2016-2111 at SUSECVE-2016-2111 at NVDCVE-2016-2112 at SUSECVE-2016-2112 at NVDCVE-2016-2113 at SUSECVE-2016-2113 at NVDCVE-2016-2115 at SUSECVE-2016-2115 at NVDCVE-2016-2118 at SUSECVE-2016-2118 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for samba provides the following fixes:
Security issues fixed:
- CVE-2016-2125: Don't send delegated credentials to all servers. (bsc#1014441)
- CVE-2016-2126: Prevent denial of service due to a client triggered crash in the winbindd
parent process. (bsc#1014442)
Non security issues fixed:
- Allow SESSION KEY setup without signing. (bsc#1009711)
- Fix crash bug in tevent_queue_immediate_trigger(). (bsc#1003731)
- Don't fail when using default domain with user@domain.com format. (bsc#997833)
- Prevent core, make sure response->extra_data.data is always cleared out. (bsc#993692)
ModerateSUSE bug 1003731SUSE bug 1009711SUSE bug 1014441SUSE bug 1014442SUSE bug 993692SUSE bug 997833CVE-2016-2125 at SUSECVE-2016-2125 at NVDCVE-2016-2126 at SUSECVE-2016-2126 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for samba (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for samba fixes the following issues:
Security issue fixed:
- CVE-2017-2619: symlink race permits opening files outside share directory (bsc#1027147).
ImportantSUSE bug 1027147CVE-2017-2619 at SUSECVE-2017-2619 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for samba (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for samba fixes the following issues:
Security issue fixed:
- CVE-2017-2619: symlink race permits opening files outside share directory (bsc#1027147).
For SUSE Linux Enterprise 11 SP4 this is a re-issue of the update, a regression
in the fix has been addressed (bsc#1036283, bso#12721).
ImportantSUSE bug 1027147SUSE bug 1036283CVE-2017-2619 at SUSECVE-2017-2619 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for samba (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for samba fixes the following issue:
- An unprivileged user with access to the samba server could cause smbd to load
a specially crafted shared library, which then had the ability to execute
arbitrary code on the server as 'root'. [CVE-2017-7494, bso#12780, bsc#1038231]
ImportantSUSE bug 1038231CVE-2017-7494 at SUSECVE-2017-7494 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for samba fixes several issues.
These security issues were fixed:
- CVE-2017-12163: Prevent client short SMB1 write from writing server memory to
file, leaking information from the server to the client (bsc#1058624)
- CVE-2017-12150: Always enforce smb signing when it is configured (bsc#1058622)
This non-security issue was fixed:
- Fix error where short name length was read as 2 bytes, should be 1 (bsc#1042419).
ModerateSUSE bug 1042419SUSE bug 1058622SUSE bug 1058624CVE-2017-12150 at SUSECVE-2017-12150 at NVDCVE-2017-12163 at SUSECVE-2017-12163 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for samba fixes the following issues:
- CVE-2017-15275: s3: smbd: Chain code can return uninitialized
memory when talloc buffer is grown; (bsc#1063008); (bso#13077);
- s3/libads: fix seal/signed ldap connections so they are reused;
(bsc#1016531). ModerateSUSE bug 1016531SUSE bug 1063008CVE-2017-15275 at SUSECVE-2017-15275 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for samba fixes the following issues:
- CVE-2018-1050: DOS vulnerability when SPOOLSS is run externally (bsc#1081741)
ModerateSUSE bug 1081741CVE-2018-1050 at SUSECVE-2018-1050 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for samba (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for samba fixes the following issues:
The following security issues were fixed:
- CVE-2018-10858: Insufficient input validation on client directory listing in libsmbclient (bsc#1103411).
The following other bugs were fixed:
- s3:winbindd: allow a fallback to NTLMSSP for LDAP connections (bsc#1079449) ImportantSUSE bug 1079449SUSE bug 1103411CVE-2018-10858 at SUSECVE-2018-10858 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for samba fixes the following issues:
Security issue fixed:
- CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share (bsc#1131060).
Non-security issue fixed:
- Make init scripts create log directories before running daemons (bsc#1101499)
ModerateSUSE bug 1101499SUSE bug 1131060CVE-2019-3880 at SUSECVE-2019-3880 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for samba (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for samba fixes the following issue:
- CVE-2019-10218: Fixed a path injection caused by filenames containing path separators (bso#14071) (bsc#1144902).
ImportantSUSE bug 1144902CVE-2019-10218 at SUSECVE-2019-10218 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for samba fixes the following issues:
- CVE-2020-10745: Fixed an issue which parsing and packing of NBT and DNS packets
containing dots could potentially have consumed excessive CPU (bsc#1173160).
ModerateSUSE bug 1173160CVE-2020-10745 at SUSECVE-2020-10745 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for samba (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for samba fixes the following issues:
- CVE-2020-14323: Unprivileged user can crash winbind (bsc#1173994).
- CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify (bsc#1173902).
ImportantSUSE bug 1173902SUSE bug 1173994CVE-2020-14318 at SUSECVE-2020-14318 at NVDCVE-2020-14323 at SUSECVE-2020-14323 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for samba (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for samba fixes the following issues:
- CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids() (bsc#1184677).
- Adjust smbcacls '--propagate-inheritance' feature to align with upstream (bsc#1178469).
ImportantSUSE bug 1178469SUSE bug 1184677CVE-2021-20254 at SUSECVE-2021-20254 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for samba (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for samba fixes the following issues:
- CVE-2016-2124: Fixed not to fallback to non spnego authentication if we require kerberos (bsc#1014440).
- CVE-2020-25717: Fixed privilege escalation inside an AD Domain where a user could become root on domain members (bsc#1192284).
ImportantSUSE bug 1014440SUSE bug 1192284CVE-2016-2124 at SUSECVE-2016-2124 at NVDCVE-2020-25717 at SUSECVE-2020-25717 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for samba fixes the following issues:
- CVE-2022-32742: Fixed incorrect length check in SMB1write, SMB1write_and_close, SMB1write_and_unlock (bsc#1201496).
The following non-security changes were done:
- Add missing smb.conf.5 man page updates; (bso#11749);
(bsc#973032); (bso#11644); (bsc#973033); (bso#11756);
(bsc#973036); (bso#11804); (bsc#971965); (bso#14556);
(bsc#1192284); (bso#9688); (bsc#886193); (bso#9688).
ModerateSUSE bug 1192284SUSE bug 1201496SUSE bug 886193SUSE bug 971965SUSE bug 973032SUSE bug 973033SUSE bug 973036CVE-2022-32742 at SUSECVE-2022-32742 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for samba (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for samba fixes the following issues:
- CVE-2021-20251: Fixed bad password count not incremented atomically (bsc#1206546).
ImportantSUSE bug 1206546CVE-2021-20251 at SUSECVE-2021-20251 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for SambaSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Samba has been updated to fix one security issue:
* CVE-2015-0240: Don't call talloc_free on an uninitialized pointer
(bnc#917376).
Additionally, these non-security issues have been fixed:
* Realign the winbind request structure following require_membership_of
field expansion (bnc#913001).
* Reuse connections derived from DFS referrals (bso#10123,
fate#316512).
* Set domain/workgroup based on authentication callback value
(bso#11059).
* Fix spoolss error response marshalling (bso#10984).
* Fix spoolss EnumJobs and GetJob responses (bso#10905, bnc#898031).
* Fix handling of bad EnumJobs levels (bso#10898).
* Fix small memory-leak in the background print process; (bnc#899558).
* Prune idle or hung connections older than 'winbind request timeout'
(bso#3204, bnc#872912).
Security Issues:
* CVE-2015-0240
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0240>
SUSE bug 872912SUSE bug 898031SUSE bug 899558SUSE bug 913001SUSE bug 917376CVE-2015-0240 at SUSECVE-2015-0240 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for samba (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for Samba fixes the following security issues:
- CVE-2015-5330: Remote read memory exploit in LDB (bnc#958586)
- CVE-2015-5252: Insufficient symlink verification (file access outside the share) (bnc#958582)
- CVE-2015-5296: No man in the middle protection when forcing smb encryption on the client side (bnc#958584)
- CVE-2015-5299: Currently the snapshot browsing is not secure thru windows previous version (shadow_copy2) (bnc#958583)
Non-security issues fixed:
- Prevent null pointer access in samlogon fallback when security credentials are null (bnc#949022)
- Ensure samlogon fall-back requests are rerouted after kerberos failure (bnc#953382)
- Ensure 'Your account is disabled' message is displayed when attempting to ssh into locked account (bnc#953382)
- Address unrecoverable winbind failure: 'key length too large' (bnc#934299)
- Take resource group sids into account when caching netsamlogon data (bnc#912457)
- Fix lookup of groups with 'Local Domain' scope from Active Directory (bnc#948244)
- dependency issue with samba-winbind (bnc#936909)
ImportantSUSE bug 295284SUSE bug 912457SUSE bug 934299SUSE bug 936909SUSE bug 948244SUSE bug 949022SUSE bug 953382SUSE bug 958582SUSE bug 958583SUSE bug 958584SUSE bug 958586CVE-2015-5252 at SUSECVE-2015-5252 at NVDCVE-2015-5296 at SUSECVE-2015-5296 at NVDCVE-2015-5299 at SUSECVE-2015-5299 at NVDCVE-2015-5330 at SUSECVE-2015-5330 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for sane-backends (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for sane-backends fixes the following issues:
- saned could have leaked uninitialized memory back to its requesters for some
opcodes, allowing for information disclosure of saned memory
(CVE-2017-6318, bsc#1027197).
ModerateSUSE bug 1027197CVE-2017-6318 at SUSECVE-2017-6318 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for sblim-sfcb (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update of sblim-sfcb fixes a potential NULL pointer crash in lookupProviders() (CVE-2015-5185).
ModerateSUSE bug 942628CVE-2015-5185 at SUSECVE-2015-5185 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for sblim-sfcb (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for sblim-sfcb fixes the following issues:
Feature enhancements:
- A seperate sblim-sfcb-openssl1 package was added to the SECURITY Module.
(fate#322032/bsc#1012814)
This package can be installed additionaly, and the SysV Init script will
pick the openssl1 variant on the next start, offering TLS 1.2 support
on the WBEM SSL socket.
Bugfixes:
- Add sslNoSSLv3 and sslNoTLSv1 configuration options (bsc#923349, bsc#1008130)
ModerateSUSE bug 1008130SUSE bug 1012814SUSE bug 923349cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for screen (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for screen fixes the following issues:
Security issue fixed:
- CVE-2015-6806: Fixed a stack overflow due to deep recursion (bsc#944458).
LowSUSE bug 944458CVE-2015-6806 at SUSECVE-2015-6806 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for shim (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for shim fixes the following issues:
Update to the unified shim binary from SUSE Linux Enterprise 15-SP1 (bsc#1168994)
This update addresses the 'BootHole' security issue (master CVE CVE-2020-10713), by
disallowing binaries signed by the previous SUSE UEFI signing key from booting.
This update should only be installed after updates of grub2, the Linux kernel and (if used)
Xen from or after July / August 2020 are applied.
Also fixed:
+ shim-install: install MokManager to \EFI\boot to process the pending MOK request (bsc#1175626, bsc#1175656)
ModerateSUSE bug 1168994SUSE bug 1175626SUSE bug 1175656CVE-2020-10713 at SUSECVE-2020-10713 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for shim (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for shim fixes the following issues:
- Update to the unified shim binary for SBAT support (bsc#1182057)
ImportantSUSE bug 1182057cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for shim (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for shim fixes the following issues:
- Updated shim signature after shim 15.7 be signed back:
signature-sles.x86_64.asc, signature-sles.aarch64.asc (bsc#1198458)
- Add POST_PROCESS_PE_FLAGS=-N to the build command in shim.spec to
disable the NX compatibility flag when using post-process-pe because
grub2 is not ready. (bsc#1205588)
- Enable the NX compatibility flag by default. (jsc#PED-127)
Update to 15.7 (bsc#1198458) (jsc#PED-127):
- Make SBAT variable payload introspectable
- Reference MokListRT instead of MokList
- Add a link to the test plan in the readme.
- [V3] Enable TDX measurement to RTMR register
- Discard load-options that start with a NUL
- Fixed load_cert_file bugs
- Add -malign-double to IA32 compiler flags
- pe: Fix image section entry-point validation
- make-archive: Build reproducible tarball
- mok: remove MokListTrusted from PCR 7
Other fixes:
- Support enhance shim measurement to TD RTMR. (jsc#PED-1273)
- shim-install: ensure grub.cfg created is not overwritten after installing grub related files
- Add logic to shim.spec to only set sbat policy when efivarfs is writeable. (bsc#1201066)
- Add logic to shim.spec for detecting --set-sbat-policy option before using mokutil to set sbat policy. (bsc#1202120)
- Change the URL in SBAT section to mail:security@suse.de. (bsc#1193282)
Update to 15.6 (bsc#1198458):
- MokManager: removed Locate graphic output protocol fail error message
- shim: implement SBAT verification for the shim_lock protocol
- post-process-pe: Fix a missing return code check
- Update github actions matrix to be more useful
- post-process-pe: Fix format string warnings on 32-bit platforms
- Allow MokListTrusted to be enabled by default
- Re-add ARM AArch64 support
- Use ASCII as fallback if Unicode Box Drawing characters fail
- make: don't treat cert.S specially
- shim: use SHIM_DEVEL_VERBOSE when built in devel mode
- Break out of the inner sbat loop if we find the entry.
- Support loading additional certificates
- Add support for NX (W^X) mitigations.
- Fix preserve_sbat_uefi_variable() logic
- SBAT Policy latest should be a one-shot
- pe: Fix a buffer overflow when SizeOfRawData > VirtualSize
- pe: Perform image verification earlier when loading grub
- Update advertised sbat generation number for shim
- Update SBAT generation requirements for 05/24/22
- Also avoid CVE-2022-28737 in verify_image() by @vathpela
Update to 15.5 (bsc#1198458):
- Broken ia32 relocs and an unimportant submodule change.
- mok: allocate MOK config table as BootServicesData
- Don't call QueryVariableInfo() on EFI 1.10 machines (bsc#1187260)
- Relax the check for import_mok_state() (bsc#1185261)
- SBAT.md: trivial changes
- shim: another attempt to fix load options handling
- Add tests for our load options parsing.
- arm/aa64: fix the size of .rela* sections
- mok: fix potential buffer overrun in import_mok_state
- mok: relax the maximum variable size check
- Don't unhook ExitBootServices when EBS protection is disabled
- fallback: find_boot_option() needs to return the index for the boot entry in optnum
- httpboot: Ignore case when checking HTTP headers
- Fallback allocation errors
- shim: avoid BOOTx64.EFI in message on other architectures
- str: remove duplicate parameter check
- fallback: add compile option FALLBACK_NONINTERACTIVE
- Test mok mirror
- Modify sbat.md to help with readability.
- csv: detect end of csv file correctly
- Specify that the .sbat section is ASCII not UTF-8
- tests: add 'include-fixed' GCC directory to include directories
- pe: simplify generate_hash()
- Don't make shim abort when TPM log event fails (RHBZ #2002265)
- Fallback to default loader if parsed one does not exist
- fallback: Fix for BootOrder crash when index returned
- Better console checks
- docs: update SBAT UEFI variable name
- Don't parse load options if invoked from removable media path
- fallback: fix fallback not passing arguments of the first boot option
- shim: Don't stop forever at 'Secure Boot not enabled' notification
- Allocate mokvar table in runtime memory.
- Remove post-process-pe on 'make clean'
- pe: missing perror argument
- CVE-2022-28737: Fixed a buffer overflow when SizeOfRawData > VirtualSize (bsc#1198458)
- Add mokutil command to post script for setting sbat policy to latest mode
when the SbatPolicy-605dab50-e046-4300-abb6-3dd810dd8b23 is not created.
(bsc#1198458)
- Updated vendor dbx binary and script (bsc#1198458)
- Updated dbx-cert.tar.xz and vendor-dbx-sles.bin for adding
SLES-UEFI-SIGN-Certificate-2021-05.crt to vendor dbx list.
- Updated dbx-cert.tar.xz and vendor-dbx-opensuse.bin for adding
openSUSE-UEFI-SIGN-Certificate-2021-05.crt to vendor dbx list.
- Updated vendor-dbx.bin for adding SLES-UEFI-SIGN-Certificate-2021-05.crt
and openSUSE-UEFI-SIGN-Certificate-2021-05.crt for testing environment.
- Updated generate-vendor-dbx.sh script for generating a vendor-dbx.bin
file which includes all .der for testing environment.
- avoid buffer overflow when copying data to the MOK config table (bsc#1185232)
- Disable exporting vendor-dbx to MokListXRT since writing a large RT variable could crash some machines (bsc#1185261)
- ignore the odd LoadOptions length (bsc#1185232)
- shim-install: reset def_shim_efi to 'shim.efi' if the given file doesn't exist
- relax the maximum variable size check for u-boot (bsc#1185621)
- handle ignore_db and user_insecure_mode correctly (bsc#1185441, bsc#1187071)
- Split the keys in vendor-dbx.bin to vendor-dbx-sles and
vendor-dbx-opensuse for shim-sles and shim-opensuse to reduce
the size of MokListXRT (bsc#1185261)
+ Also update generate-vendor-dbx.sh in dbx-cert.tar.xz
ImportantSUSE bug 1185232SUSE bug 1185261SUSE bug 1185441SUSE bug 1185621SUSE bug 1187071SUSE bug 1187260SUSE bug 1193282SUSE bug 1198458SUSE bug 1201066SUSE bug 1202120SUSE bug 1205588CVE-2022-28737 at SUSECVE-2022-28737 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for shim (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for shim fixes the following issues:
- This update just adds the missing CVE reference for the shim fix (bsc#1198458, CVE-2022-28737)
ImportantSUSE bug 1198458CVE-2022-28737 at SUSECVE-2022-28737 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for shimSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
shim has been updated to fix three security issues:
* OOB read access when parsing DHCPv6 packets (remote DoS)
(CVE-2014-3675).
* Heap overflow when parsing IPv6 addresses provided by tftp:// DHCPv6
boot option (RCE) (CVE-2014-3676).
* Memory corruption when processing user provided MOK lists
(CVE-2014-3677).
Security Issues:
* CVE-2014-3675
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3675>
* CVE-2014-3676
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3676>
* CVE-2014-3677
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3677>
SUSE bug 813448SUSE bug 863205SUSE bug 866690SUSE bug 875385SUSE bug 889332SUSE bug 889765CVE-2014-3675 at SUSECVE-2014-3675 at NVDCVE-2014-3676 at SUSECVE-2014-3676 at NVDCVE-2014-3677 at SUSECVE-2014-3677 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for socat (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for socat fixes the following issues:
- CVE-2013-3571: Fix a file descriptor leak that could have been misused for a denial of service attack against socat running in server mode (bsc#821985)
- CVE-2014-0019: PROXY-CONNECT address was vulnerable to a stack buffer overflow (bsc#860991)
- Fix a stack overflow in the parser that could have been leveraged to execute arbitrary code (bsc#964844)
ModerateSUSE bug 821985SUSE bug 860991SUSE bug 964844CVE-2013-3571 at SUSECVE-2013-3571 at NVDCVE-2014-0019 at SUSECVE-2014-0019 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for spamassassin (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for spamassassin fixes the following issues:
- CVE-2016-1238: Fixed reliance on '.' when loading modules from current directory (bsc#1108749).
- CVE-2017-15705: Fixed denial of service vulnerability where certain unclosed tags in crafted emails allowed for scan
timeouts (bsc#1108745).
- CVE-2018-11781: Fixed local user code injection in the meta rule syntax (bsc#1108748).
- CVE-2020-1931: Fixed vulnerability where nefarious rule configuration (.cf) files could be configured to run system
commands with warnings (bsc#1162200).
- CVE-2020-1930: Fixed vulnerability where nefarious rule configuration (.cf) files could be configured to run system
commands (bsc#1162197).
ImportantSUSE bug 1108745SUSE bug 1108748SUSE bug 1108749SUSE bug 1162197SUSE bug 1162200CVE-2016-1238 at SUSECVE-2016-1238 at NVDCVE-2017-15705 at SUSECVE-2017-15705 at NVDCVE-2018-11781 at SUSECVE-2018-11781 at NVDCVE-2020-1930 at SUSECVE-2020-1930 at NVDCVE-2020-1931 at SUSECVE-2020-1931 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for speex (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for speex fixes the following issues:
- CVE-2020-23903: Fixed zero division error in read_samples (bsc#1192580).
ModerateSUSE bug 1192580CVE-2020-23903 at SUSECVE-2020-23903 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for sqlite3 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for sqlite3 fixes the following issues:
The following security issue was fixed:
- CVE-2016-6153: Fixed a tempdir selection vulnerability (bsc#987394)
ModerateSUSE bug 987394CVE-2016-6153 at SUSECVE-2016-6153 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for sqlite3 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for sqlite3 fixes the following issue:
Security issue fixed:
- CVE-2018-20346: Fixed a remote code execution vulnerability in FTS3 (Magellan) (bsc#1119687).
ModerateSUSE bug 1119687CVE-2018-20346 at SUSECVE-2018-20346 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for sqlite3 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for sqlite3 fixes the following issues:
Security issue fixed:
- CVE-2018-8740: Fixed a NULL pointer dereference related to corrupted databases schemas (bsc#1085790).
- CVE-2017-10989: Fixed a heap-based buffer over-read in getNodeSize() (bsc#1132045).
ModerateSUSE bug 1085790SUSE bug 1132045CVE-2017-10989 at SUSECVE-2017-10989 at NVDCVE-2018-8740 at SUSECVE-2018-8740 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for sqlite3 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for sqlite3 fixes the following issue:
Security issue fixed:
- CVE-2019-8457: Fixed a Heap out-of-bound read in rtreenode() when handling invalid rtree tables (bsc#1136976).
ImportantSUSE bug 1136976CVE-2019-8457 at SUSECVE-2019-8457 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for sqlite3 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for sqlite3 fixes the following issues:
- CVE-2017-2518: Fixed a use-after-free vulnerability which could have
led to buffer overflow via a crafted SQL statement (bsc#1155787).
ImportantSUSE bug 1155787CVE-2017-2518 at SUSECVE-2017-2518 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for sqlite3 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for sqlite3 fixes the following issues:
- CVE-2019-20218: Fixed a stack unwinding flaw in the selectExpander after a parsing error. (bsc#1160439)
ImportantSUSE bug 1160439CVE-2019-20218 at SUSECVE-2019-20218 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for squidSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This squid update fixes a buffer overflow issue when squid attempts to
resolve an overly long hostname. This can be triggered with specially
crafted http requests. (bnc#829084, CVE-2013-4115)
This update also includes a correction to the last change for logrotate.
(bnc#677335)
Security Issue reference:
* CVE-2013-4115
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4115>
SUSE bug 677335SUSE bug 829084CVE-2013-4115 at SUSECVE-2013-4115 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for squid (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
squid was updated to fix two security issues.
These security issues were fixed:
- CVE-2014-6270: Fixed an off by one in snmp subsystem (bsc#895773).
- CVE-2014-9749: Fixed a nonce replay vulnerability in Digest authentication (bsc#949942).
ModerateSUSE bug 895773SUSE bug 949942CVE-2014-6270 at SUSECVE-2014-6270 at NVDCVE-2014-9749 at SUSECVE-2014-9749 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for squid (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for squid fixes the following issues:
- CVE-2016-4051: backport fix buffer overflow in cachemgr.cgi (bsc#976553)
- CVE-2016-4554: backport fix for header smuggling issue in HTTP Request processing (bsc#979010)
ModerateSUSE bug 976553SUSE bug 979010CVE-2016-4051 at SUSECVE-2016-4051 at NVDCVE-2016-4554 at SUSECVE-2016-4554 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for squid (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for squid fixes the following issues:
Security issue fixed:
- CVE-2019-13345: Fixed a cross site scripting vulnerability via user_name or auth parameter in cachemgr.cgi (bsc#1140738).
ModerateSUSE bug 1140738CVE-2019-13345 at SUSECVE-2019-13345 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for squid (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for squid fixes the following issues:
- CVE-2020-15810: Fixed a HTTP Request Smuggling that could have resulted in cache poisoning (bsc#1175664).
- CVE-2019-12523: Disabled urn parsing and parsing of unknown schemes (bsc#1156329).
- CVE-2019-18676: Disabled urn parsing and parsing of unknown schemes (bsc#1156329).
ImportantSUSE bug 1156329SUSE bug 1175664CVE-2019-12523 at SUSECVE-2019-12523 at NVDCVE-2019-18676 at SUSECVE-2019-18676 at NVDCVE-2020-15810 at SUSECVE-2020-15810 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for squid (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for squid fixes the following issues:
This update ships Squid 4.17. (jsc#SLE-24797, jsc#SLE-24799)
Importantcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for squid3SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Squid3 was updated to fix a denial of service in Range Header processing,
which would have allowed proxy users to crash the squid proxy process.
(CVE-2014-3609)
Security Issues:
* CVE-2014-3609
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3609>
SUSE bug 677335SUSE bug 867533SUSE bug 893649CVE-2014-0128 at SUSECVE-2014-0128 at NVDCVE-2014-3609 at SUSECVE-2014-3609 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for squid3 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for squid3 fixes the following issues:
- Multiple issues in pinger ICMP processing. (CVE-2014-7141, CVE-2014-7142)
- CVE-2016-3947: Buffer overrun issue in pinger
ICMPv6 processing. (bsc#973782)
- CVE-2016-4554: fix header smuggling issue in HTTP Request processing (bsc#979010)
- Fix multiple Denial of Service issues in HTTP Response processing.
(CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572,
bsc#968392, bsc#968393, bsc#968394, bsc#968395)
- Regression caused by the DoS fixes above (bsc#993299)
- CVE-2016-3948: Fix denial of service in HTTP Response processing (bsc#973783)
- CVE-2016-4051: fixes buffer overflow in cachemgr.cgi (bsc#976553)
- CVE-2016-4052, CVE-2016-4053, CVE-2016-4054:
* fixes multiple issues in ESI processing (bsc#976556)
- CVE-2016-4556: fixes double free vulnerability in Esi.cc (bsc#979008)
- CVE-2015-5400: Improper Protection of Alternate Path (bsc#938715)
- CVE-2014-6270: fix off-by-one in snmp subsystem (bsc#895773)
- Memory leak in squid3 when using external_acl (bsc#976708)
ImportantSUSE bug 895773SUSE bug 902197SUSE bug 938715SUSE bug 963539SUSE bug 967011SUSE bug 968392SUSE bug 968393SUSE bug 968394SUSE bug 968395SUSE bug 973782SUSE bug 973783SUSE bug 976553SUSE bug 976556SUSE bug 976708SUSE bug 979008SUSE bug 979009SUSE bug 979010SUSE bug 979011SUSE bug 993299CVE-2011-3205 at SUSECVE-2011-3205 at NVDCVE-2011-4096 at SUSECVE-2011-4096 at NVDCVE-2012-5643 at SUSECVE-2012-5643 at NVDCVE-2013-0188 at SUSECVE-2013-0188 at NVDCVE-2013-4115 at SUSECVE-2013-4115 at NVDCVE-2014-0128 at SUSECVE-2014-0128 at NVDCVE-2014-6270 at SUSECVE-2014-6270 at NVDCVE-2014-7141 at SUSECVE-2014-7141 at NVDCVE-2014-7142 at SUSECVE-2014-7142 at NVDCVE-2015-5400 at SUSECVE-2015-5400 at NVDCVE-2016-2390 at SUSECVE-2016-2390 at NVDCVE-2016-2569 at SUSECVE-2016-2569 at NVDCVE-2016-2570 at SUSECVE-2016-2570 at NVDCVE-2016-2571 at SUSECVE-2016-2571 at NVDCVE-2016-2572 at SUSECVE-2016-2572 at NVDCVE-2016-3947 at SUSECVE-2016-3947 at NVDCVE-2016-3948 at SUSECVE-2016-3948 at NVDCVE-2016-4051 at SUSECVE-2016-4051 at NVDCVE-2016-4052 at SUSECVE-2016-4052 at NVDCVE-2016-4053 at SUSECVE-2016-4053 at NVDCVE-2016-4054 at SUSECVE-2016-4054 at NVDCVE-2016-4553 at SUSECVE-2016-4553 at NVDCVE-2016-4554 at SUSECVE-2016-4554 at NVDCVE-2016-4555 at SUSECVE-2016-4555 at NVDCVE-2016-4556 at SUSECVE-2016-4556 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for squid3 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for squid3 fixes the following issues:
- CVE-2016-10002: Fixed incorrect processing of responses to If-None-Modified HTTP conditional requests. This allowed responses containing private data to clients it should not have reached (bsc#1016168)
- CVE-2014-9749: Prevent nonce replay in Digest authentication, preventing the reuse of stale auth tokens (bsc#949942)
ModerateSUSE bug 1016168SUSE bug 949942CVE-2014-9749 at SUSECVE-2014-9749 at NVDCVE-2016-10002 at SUSECVE-2016-10002 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for squid3 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for squid3 fixes the following issues:
Security issues fixed:
- CVE-2018-1000024: DoS fix caused by incorrect pointer handling when processing ESI
responses. This affects the default custom esi_parser (bsc#1077003).
- CVE-2018-1000027: DoS fix caused by incorrect pointer handing whien processing ESI
responses or downloading intermediate CA certificates (bsc#1077006).
ModerateSUSE bug 1077003SUSE bug 1077006CVE-2018-1000024 at SUSECVE-2018-1000024 at NVDCVE-2018-1000027 at SUSECVE-2018-1000027 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for squid3 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for squid3 fixes the following issues:
- CVE-2018-1172: Fixed a DoS caused by incorrect handling of ESI responses. (bsc#1090089, SQUID-2018:3)
ImportantSUSE bug 1090089CVE-2018-1172 at SUSECVE-2018-1172 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for squid3 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for squid3 fixes the following issues:
Security issue fixed:
- CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling (bsc#1113668).
ImportantSUSE bug 1113668CVE-2018-19131 at SUSECVE-2018-19131 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for squid3 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for squid3 fixes the following issues:
- Fixed a Cache Poisoning and Request Smuggling
attack (CVE-2020-15049, bsc#1173455)
- Fixed incorrect buffer handling that can
result in cache poisoning, remote execution, and
denial of service attacks when processing ESI responses
(CVE-2019-12519, CVE-2019-12521, bsc#1169659)
- Fixed handling of hostname in
cachemgr.cgi (CVE-2019-18860, bsc#1167373)
- Fixed a potential remote execution vulnerability
when using HTTP Digest Authentication (CVE-2020-11945, bsc#1170313)
- Fixed a potential ACL bypass, cache-bypass
and cross-site scripting attack when processing invalid HTTP
Request messages (CVE-2019-12520, CVE-2019-12524, bsc#1170423)
- Fixed a potential denial of service when
processing TLS certificates during HTTPS connections
(CVE-2020-14059, bsc#1173304)
- Fixed a potential denial of service associated
with incorrect buffer management of HTTP Basic Authentication
credentials (bsc#1141329, CVE-2019-12529)
- Fixed an incorrect buffer management resulting
in vulnerability to a denial of service during processing of
HTTP Digest Authentication credentials (bsc#1141332, CVE-2019-12525)
- Fix XSS via user_name or auth parameter
in cachemgr.cgi (bsc#1140738, CVE-2019-13345)
- Fixed a potential code execution vulnerability
(CVE-2019-12526, bsc#1156326)
- Fixed HTTP Request Splitting in HTTP
message processing and information disclosure in
HTTP Digest Authentication
(CVE-2019-18678, CVE-2019-18679, bsc#1156323, bsc#1156324)
- Fixed a security issue allowing a remote
client ability to cause use a buffer overflow when squid is
acting as reverse-proxy.
(CVE-2020-8449, CVE-2020-8450, bsc#1162687)
- Fixed a security issue allowing for information
disclosure in FTP gateway (CVE-2019-12528, bsc#1162689)
- Fixed a security issue in ext_lm_group_acl
when processing NTLM Authentication credentials.
(CVE-2020-8517, bsc#1162691)
- Fixed Cross-Site Request Forgery in
HTTP Request processing (CVE-2019-18677, bsc#1156328)
- Disable urn parsing and parsing of
unknown schemes (bsc#1156329, CVE-2019-12523, CVE-2019-18676)
ImportantSUSE bug 1140738SUSE bug 1141329SUSE bug 1141332SUSE bug 1156323SUSE bug 1156324SUSE bug 1156326SUSE bug 1156328SUSE bug 1156329SUSE bug 1162687SUSE bug 1162689SUSE bug 1162691SUSE bug 1167373SUSE bug 1169659SUSE bug 1170313SUSE bug 1170423SUSE bug 1173304SUSE bug 1173455CVE-2019-12519 at SUSECVE-2019-12519 at NVDCVE-2019-12520 at SUSECVE-2019-12520 at NVDCVE-2019-12521 at SUSECVE-2019-12521 at NVDCVE-2019-12523 at SUSECVE-2019-12523 at NVDCVE-2019-12524 at SUSECVE-2019-12524 at NVDCVE-2019-12525 at SUSECVE-2019-12525 at NVDCVE-2019-12526 at SUSECVE-2019-12526 at NVDCVE-2019-12528 at SUSECVE-2019-12528 at NVDCVE-2019-12529 at SUSECVE-2019-12529 at NVDCVE-2019-13345 at SUSECVE-2019-13345 at NVDCVE-2019-18676 at SUSECVE-2019-18676 at NVDCVE-2019-18677 at SUSECVE-2019-18677 at NVDCVE-2019-18678 at SUSECVE-2019-18678 at NVDCVE-2019-18679 at SUSECVE-2019-18679 at NVDCVE-2019-18860 at SUSECVE-2019-18860 at NVDCVE-2020-11945 at SUSECVE-2020-11945 at NVDCVE-2020-14059 at SUSECVE-2020-14059 at NVDCVE-2020-15049 at SUSECVE-2020-15049 at NVDCVE-2020-8449 at SUSECVE-2020-8449 at NVDCVE-2020-8450 at SUSECVE-2020-8450 at NVDCVE-2020-8517 at SUSECVE-2020-8517 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for squid3 (Critical)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for squid3 fixes the following issues:
- CVE-2020-15811: Fixed an HTTP request splitting vulnerability (bsc#1175665).
- CVE-2020-24606: Fixed a DoS vulnerability when processing Cache Digest Responses (bsc#1175671).
- CVE-2020-15810: Fixed an HTTP request smuggling vulnerability (bsc#1175664).
CriticalSUSE bug 1175664SUSE bug 1175665SUSE bug 1175671CVE-2020-15810 at SUSECVE-2020-15810 at NVDCVE-2020-15811 at SUSECVE-2020-15811 at NVDCVE-2020-24606 at SUSECVE-2020-24606 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for squid3 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for squid3 fixes the following issues:
- CVE-2021-28651: Fixed a denial of service issue when processing URN
resource identifiers (bsc#1185921).
- CVE-2020-25097: Fixed an HTTP request smuggling issue (bsc#1183436).
ImportantSUSE bug 1183436SUSE bug 1185921CVE-2020-25097 at SUSECVE-2020-25097 at NVDCVE-2021-28651 at SUSECVE-2021-28651 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for squidGuard (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
squidGuard was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-8936: Reflected cross site scripting vulnerability because of insufficient escaping (bsc#985612).
ModerateSUSE bug 985612CVE-2015-8936 at SUSECVE-2015-8936 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for strongswanSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes a NULL ptr dereference (DoS) via ID_DER_ASN1_DN ID
payloads.
Security Issue reference:
* CVE-2014-2891
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2891>
SUSE bug 815236SUSE bug 833278SUSE bug 840826SUSE bug 847506SUSE bug 870572SUSE bug 876449SUSE bug 933591CVE-2013-2944 at SUSECVE-2013-2944 at NVDCVE-2013-5018 at SUSECVE-2013-5018 at NVDCVE-2014-2338 at SUSECVE-2014-2338 at NVDCVE-2014-2891 at SUSECVE-2014-2891 at NVDCVE-2015-4171 at SUSECVE-2015-4171 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for strongswan (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The strongswan package was updated to fix the following security issue:
- CVE-2015-8023: Fixed an authentication bypass vulnerability in the eap-mschapv2 plugin (bsc#953817).
ModerateSUSE bug 953817CVE-2015-8023 at SUSECVE-2015-8023 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for strongswan (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for strongswan fixes the following issues:
- CVE-2017-9022: Insufficient Input Validation in gmp Plugin leads to Denial of service (bsc#1039514)
- CVE-2017-9023: Incorrect x509 ASN.1 parser error handling could lead to Denial of service (bsc#1039515)
ImportantSUSE bug 1039514SUSE bug 1039515CVE-2017-9022 at SUSECVE-2017-9022 at NVDCVE-2017-9023 at SUSECVE-2017-9023 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for strongswan (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for strongswan fixes the following issues:
- CVE-2017-11185: Specific RSA signatures passed to the gmp plugin for verification can
cause a null-pointer dereference and it may lead to a denial of service (bsc#1051222)
ModerateSUSE bug 1051222CVE-2017-11185 at SUSECVE-2017-11185 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for strongswan (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for strongswan fixes the following issues:
- CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker
with local user credentials to resource exhaustion and denial of service while
reading from the socket (bsc#1094462).
ModerateSUSE bug 1094462CVE-2018-5388 at SUSECVE-2018-5388 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for strongswan (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for strongswan fixes the following issues:
- CVE-2021-41991: Fixed an integer overflow when replacing certificates in cache. (bsc#1191435)
ImportantSUSE bug 1191435CVE-2021-41991 at SUSECVE-2021-41991 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for strongswan (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for strongswan fixes the following issues:
- CVE-2018-16151: Fixed flaws in gmp plugin that could lead to authorization bypass. (bsc#1107874)
- CVE-2018-16152: Fixed flaws in gmp plugin that could lead to authorization bypass. (bsc#1107874)
- CVE-2018-17540: Fixed insufficient input validation in gmp plugin. (bsc#1109845)
- CVE-2021-45079: Fixed authentication bypass in EAP authentication. (bsc#1194471)
ImportantSUSE bug 1107874SUSE bug 1109845SUSE bug 1194471CVE-2018-16151 at SUSECVE-2018-16151 at NVDCVE-2018-16152 at SUSECVE-2018-16152 at NVDCVE-2018-17540 at SUSECVE-2018-17540 at NVDCVE-2021-45079 at SUSECVE-2021-45079 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for sudoSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This collective update for sudo provides fixes for the following issues:
* Security policy bypass when env_reset is disabled. (CVE-2014-0106,
bnc#866503)
* Regression in the previous update that causes a segmentation fault
when running 'sudo -s'. (bnc#868444)
* Command 'who -m' prints no output when using log_input/log_output
sudo options. (bnc#863025)
Security Issues references:
* CVE-2014-0106
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0106>
SUSE bug 823292SUSE bug 823796SUSE bug 863025SUSE bug 866503SUSE bug 868444SUSE bug 880764SUSE bug 901145SUSE bug 904694SUSE bug 917806CVE-2014-0106 at SUSECVE-2014-0106 at NVDCVE-2014-9680 at SUSECVE-2014-9680 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for sudo (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for sudo fixes the following issues:
- Fix two security vulnerabilities that allowed users to bypass
sudo's NOEXEC functionality:
* noexec bypass via system() and popen() [CVE-2016-7032, bsc#1007766]
* noexec bypass via wordexp() [CVE-2016-7076, bsc#1007501]
- The SSSD plugin would occasionally crash sudo with an 'internal error'.
This issue has been fixed. [bsc#948973]
- The SSSD plugin would occasionally apply @netgroups rules from LDAP to all
users rather than the @netgroup. This issue is now fixed. [bsc#966755]
- When the SSSD plugin was used and a local user ran sudo, an e-mail used to be
sent to administrator because SSSD did not support sudo rules for local
users. This message did not signify an error, however, it was only noise.
[bsc#1008043]
ModerateSUSE bug 1007501SUSE bug 1007766SUSE bug 1008043SUSE bug 948973SUSE bug 966755CVE-2016-7032 at SUSECVE-2016-7032 at NVDCVE-2016-7076 at SUSECVE-2016-7076 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for sudo (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for sudo fixes the following issues:
- CVE-2019-14287: Fixed an issue where a user with sudo privileges that allowed them to run commands with an arbitrary uid, could run commands as root, despite being forbidden to do so in sudoers (bsc#1153674).
ImportantSUSE bug 1153674CVE-2019-14287 at SUSECVE-2019-14287 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for supportutils (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
supportutils was updated to fix one security issue.
This security issue was fixed:
- CVE-2016-1602: Code injection and privilege escalation via unescaped filenames (bsc#980670).
ModerateSUSE bug 980670CVE-2016-1602 at SUSECVE-2016-1602 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for supportutils (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for supportutils fixes the following issues:
Security vulnerabilities fixed:
- CVE-2018-19636: Local root exploit via inclusion of attacker controlled shell script (bsc#1117751)
- CVE-2018-19640: Users can kill arbitrary processes (bsc#1118463)
- CVE-2018-19638: User can overwrite arbitrary log files in support tar (bsc#1118460)
- CVE-2018-19639: Code execution if run with -v (bsc#1118462)
ModerateSUSE bug 1117751SUSE bug 1118460SUSE bug 1118462SUSE bug 1118463CVE-2018-19636 at SUSECVE-2018-19636 at NVDCVE-2018-19638 at SUSECVE-2018-19638 at NVDCVE-2018-19639 at SUSECVE-2018-19639 at NVDCVE-2018-19640 at SUSECVE-2018-19640 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for supportutils (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for supportutils fixes the following issue:
Security issues fixed:
- Passwords correctly removed from email.txt, updates.txt and fs-iscsi.txt (bsc#1203818)
ModerateSUSE bug 1203818cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for suseRegisterSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for suseRegister adds a new command line parameter to
clientSetup4SMT.sh, allowing the user to accept a CA certificate in a
non-interactive way by providing the fingerprint. (bnc#821853)
SUSE bug 821853SUSE bug 834801SUSE bug 901757CVE-2014-3566 at SUSECVE-2014-3566 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for syslog-ng (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for syslog-ng fixes the following issues:
- CVE-2020-8019: Fixed a local privilege escalation during package update (bsc#1169385).
ModerateSUSE bug 1169385CVE-2020-8019 at SUSECVE-2020-8019 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tar (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tar fixes the following issues:
- Fix the POINTYFEATHER vulnerability - GNU tar archiver can be tricked
into extracting files and directories in the given destination, regardless
of the path name(s) specified on the command line [bsc#1007188]
[CVE-2016-6321]
ModerateSUSE bug 1007188CVE-2016-6321 at SUSECVE-2016-6321 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tar (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tar to version 1.27.1 fixes the following issues:
tar 1.27.1 brings following changes (jsc#ECO-339)
* Sparse files with large data
* No backticks in quoting
* --owner and --group names and numbers
* Support for POSIX ACLs, extended attributes and SELinux context.
* Passing command line arguments to external commands.
* New configure option --enable-gcc-warnings, intended for debugging.
* New warning control option --warning=[no-]record-size
* New command line option --keep-directory-symlink
* Fix unquoting of file names obtained via the -T option.
* Fix GNU long link header timestamp (backward compatibility).
Security issues fixed:
- CVE-2019-9923: Fixed a denial of service while parsing certain archives with malformed extended headers in pax_decode_header() (bsc#1130496).
- CVE-2018-20482: Fixed a denial of service when the '--sparse' option mishandles file shrinkage during read access (bsc#1120610).
ModerateSUSE bug 1120610SUSE bug 1130496SUSE bug 1152736CVE-2018-20482 at SUSECVE-2018-20482 at NVDCVE-2019-9923 at SUSECVE-2019-9923 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tar (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tar fixes the following issues:
CVE-2021-20193: Memory leak in read_header() in list.c (bsc#1181131)
LowSUSE bug 1181131CVE-2021-20193 at SUSECVE-2021-20193 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tar (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tar fixes the following issues:
- CVE-2022-48303: Fixed a one-byte out-of-bounds read that resulted in use of uninitialized memory for a conditional jump (bsc#1207753).
ModerateSUSE bug 1207753CVE-2022-48303 at SUSECVE-2022-48303 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for tboot (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tboot provides the following fix:
Security issue fixed:
- CVE-2014-5118: tboot: bypass of measured boot (bsc#889339)
Bug fixes:
- Fixed failed trusted boot on some systems like Intel Xeon 'Purley 8s' processors. The
following error message showed: 'TBOOT: wait-for-sipi loop timed-out'. Booting continued
but 'TXT measured launch' was wrongly reported as FALSE. (bsc#1057555)
ModerateSUSE bug 1057555SUSE bug 889339CVE-2014-5118 at SUSECVE-2014-5118 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tcpdumpSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
When running tcpdump, a remote unauthenticated user could have crashed the
application or, potentially, execute arbitrary code by injecting crafted
packages into the network.
The following vulnerabilities in protocol printers have been fixed:
* IPv6 mobility printer remote DoS (CVE-2015-0261, bnc#922220)
* Ethernet printer remote DoS (CVE-2015-2154, bnc#922222)
* PPP printer remote DoS (CVE-2014-9140, bnc#923142)
Security Issues:
* CVE-2015-0261
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0261>
* CVE-2015-2154
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2154>
* CVE-2014-9140
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9140>
SUSE bug 905870SUSE bug 905872SUSE bug 912943SUSE bug 922220SUSE bug 922222SUSE bug 923142CVE-2014-8767 at SUSECVE-2014-8767 at NVDCVE-2014-8769 at SUSECVE-2014-8769 at NVDCVE-2014-9140 at SUSECVE-2014-9140 at NVDCVE-2015-0261 at SUSECVE-2015-0261 at NVDCVE-2015-2154 at SUSECVE-2015-2154 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for tcpdump (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tcpdump fixes the following issues:
Security issues fixed (bsc#1020940):
- CVE-2016-7922: Corrected buffer overflow in AH parser print-ah.c:ah_print().
- CVE-2016-7923: Corrected buffer overflow in ARP parser print-arp.c:arp_print().
- CVE-2016-7925: Corrected buffer overflow in compressed SLIP parser print-sl.c:sl_if_print().
- CVE-2016-7926: Corrected buffer overflow in the Ethernet parser print-ether.c:ethertype_print().
- CVE-2016-7927: Corrected buffer overflow in the IEEE 802.11 parser print-802_11.c:ieee802_11_radio_print().
- CVE-2016-7928: Corrected buffer overflow in the IPComp parser print-ipcomp.c:ipcomp_print().
- CVE-2016-7931: Corrected buffer overflow in the MPLS parser print-mpls.c:mpls_print().
- CVE-2016-7936: Corrected buffer overflow in the UDP parser print-udp.c:udp_print().
- CVE-2016-7934,CVE-2016-7935,CVE-2016-7937: Corrected segmentation faults in function udp_print().
- CVE-2016-7939: Corrected buffer overflows in GRE parser print-gre.c:(multiple functions).
- CVE-2016-7940: Corrected buffer overflows in STP parser print-stp.c:(multiple functions).
- CVE-2016-7973: Corrected buffer overflow in AppleTalk parser print-atalk.c.
- CVE-2016-7974: Corrected buffer overflow in IP parser print-ip.c:(multiple functions).
- CVE-2016-7975: Corrected buffer overflow in TCP parser print-tcp.c:tcp_print().
- CVE-2016-7983,CVE-2016-7984: Corrected buffer overflow in TFTP parser print-tftp.c:tftp_print().
- CVE-2016-7992: Corrected buffer overflow in Classical IP over ATM parser print-cip.c.
- CVE-2016-7993: Corrected buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, etc.).
- CVE-2016-8574: Corrected buffer overflow in FRF.15 parser print-fr.c:frf15_print().
- CVE-2017-5202: Corrected buffer overflow in ISO CLNS parser print-isoclns.c:clnp_print().
- CVE-2017-5203: Corrected buffer overflow in BOOTP parser print-bootp.c:bootp_print().
- CVE-2017-5204: Corrected buffer overflow in IPv6 parser print-ip6.c:ip6_print().
- CVE-2017-5483: Corrected buffer overflow in SNMP parser print-snmp.c:asn1_parse().
- CVE-2017-5484: Corrected buffer overflow in ATM parser print-atm.c:sig_print().
- CVE-2017-5485: Corrected buffer overflow in ISO CLNS parser addrtoname.c:lookup_nsap().
- CVE-2017-5486: Corrected buffer overflow in ISO CLNS parser print-isoclns.c:clnp_print().
ModerateSUSE bug 1020940CVE-2016-7922 at SUSECVE-2016-7922 at NVDCVE-2016-7923 at SUSECVE-2016-7923 at NVDCVE-2016-7925 at SUSECVE-2016-7925 at NVDCVE-2016-7926 at SUSECVE-2016-7926 at NVDCVE-2016-7927 at SUSECVE-2016-7927 at NVDCVE-2016-7928 at SUSECVE-2016-7928 at NVDCVE-2016-7931 at SUSECVE-2016-7931 at NVDCVE-2016-7934 at SUSECVE-2016-7934 at NVDCVE-2016-7935 at SUSECVE-2016-7935 at NVDCVE-2016-7936 at SUSECVE-2016-7936 at NVDCVE-2016-7937 at SUSECVE-2016-7937 at NVDCVE-2016-7939 at SUSECVE-2016-7939 at NVDCVE-2016-7940 at SUSECVE-2016-7940 at NVDCVE-2016-7973 at SUSECVE-2016-7973 at NVDCVE-2016-7974 at SUSECVE-2016-7974 at NVDCVE-2016-7975 at SUSECVE-2016-7975 at NVDCVE-2016-7983 at SUSECVE-2016-7983 at NVDCVE-2016-7984 at SUSECVE-2016-7984 at NVDCVE-2016-7992 at SUSECVE-2016-7992 at NVDCVE-2016-7993 at SUSECVE-2016-7993 at NVDCVE-2016-8574 at SUSECVE-2016-8574 at NVDCVE-2017-5202 at SUSECVE-2017-5202 at NVDCVE-2017-5203 at SUSECVE-2017-5203 at NVDCVE-2017-5204 at SUSECVE-2017-5204 at NVDCVE-2017-5483 at SUSECVE-2017-5483 at NVDCVE-2017-5484 at SUSECVE-2017-5484 at NVDCVE-2017-5485 at SUSECVE-2017-5485 at NVDCVE-2017-5486 at SUSECVE-2017-5486 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tcpdump (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tcpdump fixes the following issues:
Security issues fixed:
- CVE-2017-11108: Crafted input allowed remote DoS (bsc#1047873)
- CVE-2017-11541: Prevent a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c (bsc#1057247).
- CVE-2017-11542: Prevent a heap-based buffer over-read in the pimv1_print function in print-pim.c (bsc#1057247).
- CVE-2017-11543: Prevent a buffer overflow in the sliplink_print function in print-sl.c (bsc#1057247).
- CVE-2017-13011: Several protocol parsers in tcpdump could have caused a buffer overflow in util-print.c:bittok2str_internal() (bsc#1057247).
ModerateSUSE bug 1047873SUSE bug 1057247CVE-2017-11108 at SUSECVE-2017-11108 at NVDCVE-2017-11541 at SUSECVE-2017-11541 at NVDCVE-2017-11542 at SUSECVE-2017-11542 at NVDCVE-2017-11543 at SUSECVE-2017-11543 at NVDCVE-2017-13011 at SUSECVE-2017-13011 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for tcpdump (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tcpdump provides the following fix:
- The original fix for CVE-2016-7975 was using a variable before declaring it. Fix this
by moving the declaration before any usage. (bsc#1094241, CVE-2016-7975)
ModerateSUSE bug 1094241CVE-2016-7975 at SUSECVE-2016-7975 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tcpdump (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tcpdump fixes the following issues:
Security issues fixed:
- CVE-2017-12995: Fixed an infinite loop in the DNS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12893: Fixed a buffer over-read in the SMB/CIFS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12894: Fixed a buffer over-read in several protocol parsers that allowed remote DoS (bsc#1057247).
- CVE-2017-12896: Fixed a buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12897: Fixed a buffer over-read in the ISO CLNS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12898: Fixed a buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12899: Fixed a buffer over-read in the DECnet parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12900: Fixed a buffer over-read in the in several protocol parsers that allowed remote DoS (bsc#1057247).
- CVE-2017-12901: Fixed a buffer over-read in the EIGRP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12902: Fixed a buffer over-read in the Zephyr parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12985: Fixed a buffer over-read in the IPv6 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12986: Fixed a buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12987: Fixed a buffer over-read in the 802.11 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12988: Fixed a buffer over-read in the telnet parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12991: Fixed a buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12992: Fixed a buffer over-read in the RIPng parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12993: Fixed a buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12996: Fixed a buffer over-read in the PIMv2 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12998: Fixed a buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12999: Fixed a buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13001: Fixed a buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13002: Fixed a buffer over-read in the AODV parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13003: Fixed a buffer over-read in the LMP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13004: Fixed a buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13005: Fixed a buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13006: Fixed a buffer over-read in the L2TP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13008: Fixed a buffer over-read in the IEEE 802.11 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13009: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13010: Fixed a buffer over-read in the BEEP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13012: Fixed a buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13013: Fixed a buffer over-read in the ARP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13014: Fixed a buffer over-read in the White Board protocol parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13016: Fixed a buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13017: Fixed a buffer over-read in the DHCPv6 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13018: Fixed a buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13019: Fixed a buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13021: Fixed a buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13022: Fixed a buffer over-read in the IP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13023: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13024: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13025: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13027: Fixed a buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13028: Fixed a buffer over-read in the BOOTP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13029: Fixed a buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13030: Fixed a buffer over-read in the PIM parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13031: Fixed a buffer over-read in the IPv6 fragmentation header parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13032: Fixed a buffer over-read in the RADIUS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13034: Fixed a buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13035: Fixed a buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13036: Fixed a buffer over-read in the OSPFv3 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13037: Fixed a buffer over-read in the IP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13038: Fixed a buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13041: Fixed a buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13047: Fixed a buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13048: Fixed a buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13049: Fixed a buffer over-read in the Rx protocol parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13051: Fixed a buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13053: Fixed a buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13055: Fixed a buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13687: Fixed a buffer over-read in the Cisco HDLC parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13688: Fixed a buffer over-read in the OLSR parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13689: Fixed a buffer over-read in the IKEv1 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13725: Fixed a buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247).
- CVE-2018-10103: Fixed a mishandling of the printing of SMB data (bsc#1153098).
- CVE-2018-10105: Fixed a mishandling of the printing of SMB data (bsc#1153098).
- CVE-2018-14461: Fixed a buffer over-read in print-ldp.c:ldp_tlv_print (bsc#1153098).
- CVE-2018-14462: Fixed a buffer over-read in print-icmp.c:icmp_print (bsc#1153098).
- CVE-2018-14463: Fixed a buffer over-read in print-vrrp.c:vrrp_print (bsc#1153098).
- CVE-2018-14464: Fixed a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).
- CVE-2018-14465: Fixed a buffer over-read in print-rsvp.c:rsvp_obj_print (bsc#1153098).
- CVE-2018-14466: Fixed a buffer over-read in print-rx.c:rx_cache_find (bsc#1153098).
- CVE-2018-14467: Fixed a buffer over-read in print-bgp.c:bgp_capabilities_print (bsc#1153098).
- CVE-2018-14468: Fixed a buffer over-read in print-fr.c:mfr_print (bsc#1153098).
- CVE-2018-14469: Fixed a buffer over-read in print-isakmp.c:ikev1_n_print (bsc#1153098).
- CVE-2018-14881: Fixed a buffer over-read in the BGP parser (bsc#1153098).
- CVE-2018-14882: Fixed a buffer over-read in the ICMPv6 parser (bsc#1153098).
- CVE-2018-16229: Fixed a buffer over-read in the DCCP parser (bsc#1153098).
- CVE-2018-16230: Fixed a buffer over-read in the BGP parser in print-bgp.c:bgp_attr_print (bsc#1153098).
- CVE-2018-16300: Fixed an unlimited recursion in the BGP parser that allowed denial-of-service by stack consumption (bsc#1153098).
- CVE-2018-16301: Fixed a buffer overflow (bsc#1153332 bsc#1153098).
- CVE-2018-16451: Fixed several buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN (bsc#1153098).
- CVE-2018-16452: Fixed a stack exhaustion in smbutil.c:smb_fdata (bsc#1153098).
- CVE-2019-15166: Fixed a bounds check in lmp_print_data_link_subobjs (bsc#1153098).
ImportantSUSE bug 1057247SUSE bug 1153098SUSE bug 1153332CVE-2017-12893 at SUSECVE-2017-12893 at NVDCVE-2017-12894 at SUSECVE-2017-12894 at NVDCVE-2017-12896 at SUSECVE-2017-12896 at NVDCVE-2017-12897 at SUSECVE-2017-12897 at NVDCVE-2017-12898 at SUSECVE-2017-12898 at NVDCVE-2017-12899 at SUSECVE-2017-12899 at NVDCVE-2017-12900 at SUSECVE-2017-12900 at NVDCVE-2017-12901 at SUSECVE-2017-12901 at NVDCVE-2017-12902 at SUSECVE-2017-12902 at NVDCVE-2017-12985 at SUSECVE-2017-12985 at NVDCVE-2017-12986 at SUSECVE-2017-12986 at NVDCVE-2017-12987 at SUSECVE-2017-12987 at NVDCVE-2017-12988 at SUSECVE-2017-12988 at NVDCVE-2017-12991 at SUSECVE-2017-12991 at NVDCVE-2017-12992 at SUSECVE-2017-12992 at NVDCVE-2017-12993 at SUSECVE-2017-12993 at NVDCVE-2017-12995 at SUSECVE-2017-12995 at NVDCVE-2017-12996 at SUSECVE-2017-12996 at NVDCVE-2017-12998 at SUSECVE-2017-12998 at NVDCVE-2017-12999 at SUSECVE-2017-12999 at NVDCVE-2017-13001 at SUSECVE-2017-13001 at NVDCVE-2017-13002 at SUSECVE-2017-13002 at NVDCVE-2017-13003 at SUSECVE-2017-13003 at NVDCVE-2017-13004 at SUSECVE-2017-13004 at NVDCVE-2017-13005 at SUSECVE-2017-13005 at NVDCVE-2017-13006 at SUSECVE-2017-13006 at NVDCVE-2017-13008 at SUSECVE-2017-13008 at NVDCVE-2017-13009 at SUSECVE-2017-13009 at NVDCVE-2017-13010 at SUSECVE-2017-13010 at NVDCVE-2017-13012 at SUSECVE-2017-13012 at NVDCVE-2017-13013 at SUSECVE-2017-13013 at NVDCVE-2017-13014 at SUSECVE-2017-13014 at NVDCVE-2017-13016 at SUSECVE-2017-13016 at NVDCVE-2017-13017 at SUSECVE-2017-13017 at NVDCVE-2017-13018 at SUSECVE-2017-13018 at NVDCVE-2017-13019 at SUSECVE-2017-13019 at NVDCVE-2017-13021 at SUSECVE-2017-13021 at NVDCVE-2017-13022 at SUSECVE-2017-13022 at NVDCVE-2017-13023 at SUSECVE-2017-13023 at NVDCVE-2017-13024 at SUSECVE-2017-13024 at NVDCVE-2017-13025 at SUSECVE-2017-13025 at NVDCVE-2017-13027 at SUSECVE-2017-13027 at NVDCVE-2017-13028 at SUSECVE-2017-13028 at NVDCVE-2017-13029 at SUSECVE-2017-13029 at NVDCVE-2017-13030 at SUSECVE-2017-13030 at NVDCVE-2017-13031 at SUSECVE-2017-13031 at NVDCVE-2017-13032 at SUSECVE-2017-13032 at NVDCVE-2017-13034 at SUSECVE-2017-13034 at NVDCVE-2017-13035 at SUSECVE-2017-13035 at NVDCVE-2017-13036 at SUSECVE-2017-13036 at NVDCVE-2017-13037 at SUSECVE-2017-13037 at NVDCVE-2017-13038 at SUSECVE-2017-13038 at NVDCVE-2017-13041 at SUSECVE-2017-13041 at NVDCVE-2017-13047 at SUSECVE-2017-13047 at NVDCVE-2017-13048 at SUSECVE-2017-13048 at NVDCVE-2017-13049 at SUSECVE-2017-13049 at NVDCVE-2017-13051 at SUSECVE-2017-13051 at NVDCVE-2017-13053 at SUSECVE-2017-13053 at NVDCVE-2017-13055 at SUSECVE-2017-13055 at NVDCVE-2017-13687 at SUSECVE-2017-13687 at NVDCVE-2017-13688 at SUSECVE-2017-13688 at NVDCVE-2017-13689 at SUSECVE-2017-13689 at NVDCVE-2017-13725 at SUSECVE-2017-13725 at NVDCVE-2018-10103 at SUSECVE-2018-10103 at NVDCVE-2018-10105 at SUSECVE-2018-10105 at NVDCVE-2018-14461 at SUSECVE-2018-14461 at NVDCVE-2018-14462 at SUSECVE-2018-14462 at NVDCVE-2018-14463 at SUSECVE-2018-14463 at NVDCVE-2018-14464 at SUSECVE-2018-14464 at NVDCVE-2018-14465 at SUSECVE-2018-14465 at NVDCVE-2018-14466 at SUSECVE-2018-14466 at NVDCVE-2018-14467 at SUSECVE-2018-14467 at NVDCVE-2018-14468 at SUSECVE-2018-14468 at NVDCVE-2018-14469 at SUSECVE-2018-14469 at NVDCVE-2018-14881 at SUSECVE-2018-14881 at NVDCVE-2018-14882 at SUSECVE-2018-14882 at NVDCVE-2018-16229 at SUSECVE-2018-16229 at NVDCVE-2018-16230 at SUSECVE-2018-16230 at NVDCVE-2018-16300 at SUSECVE-2018-16300 at NVDCVE-2018-16301 at SUSECVE-2018-16301 at NVDCVE-2018-16451 at SUSECVE-2018-16451 at NVDCVE-2018-16452 at SUSECVE-2018-16452 at NVDCVE-2019-15166 at SUSECVE-2019-15166 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tcpdump (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tcpdump fixes the following issues:
- CVE-2020-8037: Fixed an issue where PPP decapsulator did not allocate the right buffer size (bsc#1178466).
ModerateSUSE bug 1178466CVE-2020-8037 at SUSECVE-2020-8037 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tcpdump (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tcpdump fixes the following issues:
- CVE-2018-16301: Fixed segfault when handling large files (bsc#1195825).
ModerateSUSE bug 1195825CVE-2018-16301 at SUSECVE-2018-16301 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for telnet (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for telnet fixes the following issues:
- CVE-2022-39028: Fixed NULL pointer dereference in telnetd (bsc#1203759).
ImportantSUSE bug 1203759CVE-2022-39028 at SUSECVE-2022-39028 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
tiff was updated to fix six security issues found by fuzzing initiatives.
These security issues were fixed:
- CVE-2014-8127: Out-of-bounds write (bnc#914890).
- CVE-2014-8128: Out-of-bounds write (bnc#914890).
- CVE-2014-8129: Out-of-bounds write (bnc#914890).
- CVE-2014-8130: Out-of-bounds write (bnc#914890).
- CVE-2014-9655: Access of uninitialized memory (bnc#916927).
ModerateSUSE bug 914890SUSE bug 916927CVE-2014-8127 at SUSECVE-2014-8127 at NVDCVE-2014-8128 at SUSECVE-2014-8128 at NVDCVE-2014-8129 at SUSECVE-2014-8129 at NVDCVE-2014-8130 at SUSECVE-2014-8130 at NVDCVE-2014-9655 at SUSECVE-2014-9655 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tiff fixes the following issues:
- CVE-2015-8781, CVE-2015-8782, CVE-2015-8783: Out-of-bounds writes for invalid images (bsc#964225)
- CVE-2015-7554: Out-of-bounds Write in the thumbnail and tiffcmp tools (bsc#960341)
ModerateSUSE bug 960341SUSE bug 964225CVE-2015-7554 at SUSECVE-2015-7554 at NVDCVE-2015-8781 at SUSECVE-2015-8781 at NVDCVE-2015-8782 at SUSECVE-2015-8782 at NVDCVE-2015-8783 at SUSECVE-2015-8783 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tiff fixes the following issues:
- CVE-2016-3622: Specially crafted TIFF images could trigger a crash in tiff2rgba (bsc#974449)
- Various out-of-bound write vulnerabilities with unspecified impact (MSVR 35093, MSVR 35094, MSVR 35095, MSVR 35096, MSVR 35097, MSVR 35098)
- CVE-2016-5314: Specially crafted TIFF images could trigger a crash that could result in DoS (bsc#984831)
- CVE-2016-5316: Specially crafted TIFF images could trigger a crash in the rgb2ycbcr tool, leading to Doa (bsc#984837)
- CVE-2016-5317: Specially crafted TIFF images could trigger a crash through an out of bound write (bsc#984842)
- CVE-2016-5320: Specially crafted TIFF images could trigger a crash or potentially allow remote code execution when using the rgb2ycbcr command (bsc#984808)
- CVE-2016-5875: Specially crafted TIFF images could trigger could allow arbitrary code execution (bsc#987351)
- CVE-2016-3623: Specially crafted TIFF images could trigger a crash in rgb2ycbcr (bsc#974618)
- CVE-2016-3945: Specially crafted TIFF images could trigger a crash or allow for arbitrary command execution via tiff2rgba (bsc#974614)
- CVE-2016-3990: Specially crafted TIFF images could trigger a crash or allow for arbitrary command execution (bsc#975069)
- CVE-2016-3186: Specially crafted TIFF imaged could trigger a crash in the gif2tiff command via a buffer overflow (bsc#973340)
ModerateSUSE bug 973340SUSE bug 974449SUSE bug 974614SUSE bug 974618SUSE bug 975069SUSE bug 984808SUSE bug 984831SUSE bug 984837SUSE bug 984842SUSE bug 987351CVE-2016-3186 at SUSECVE-2016-3186 at NVDCVE-2016-3622 at SUSECVE-2016-3622 at NVDCVE-2016-3623 at SUSECVE-2016-3623 at NVDCVE-2016-3945 at SUSECVE-2016-3945 at NVDCVE-2016-3990 at SUSECVE-2016-3990 at NVDCVE-2016-5314 at SUSECVE-2016-5314 at NVDCVE-2016-5316 at SUSECVE-2016-5316 at NVDCVE-2016-5317 at SUSECVE-2016-5317 at NVDCVE-2016-5320 at SUSECVE-2016-5320 at NVDCVE-2016-5875 at SUSECVE-2016-5875 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tiff fixes the following issues:
- CVE-2016-9453: The t2p_readwrite_pdf_image_tile function allowed remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one (bsc#1011107).
- CVE-2016-5652: An exploitable heap-based buffer overflow existed in the handling of TIFF images in the TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means (bsc#1007280).
- CVE-2017-11335: There is a heap based buffer overflow in tools/tiff2pdf.c via a PlanarConfig=Contig image, which caused a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). A crafted input may lead to a remote denial of service attack or an arbitrary code execution attack (bsc#1048937).
- CVE-2016-9536: tools/tiff2pdf.c had an out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). Reported as MSVR 35098, aka 't2p_process_jpeg_strip heap-buffer-overflow.' (bsc#1011845)
- CVE-2017-9935: In LibTIFF, there was a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_free, memory corruption in t2p_readwrite_pdf_image, or a double free in t2p_free. Given these possibilities, it probably could cause arbitrary code execution (bsc#1046077).
- CVE-2017-17973: There is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. (bsc#1074318)
- CVE-2015-7554: The _TIFFVGetField function in tif_dir.c allowed attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image (bsc#960341).
- CVE-2016-5318: Stack-based buffer overflow in the _TIFFVGetField function allowed remote attackers to crash the application via a crafted tiff (bsc#983436).
- CVE-2016-10095: Stack-based buffer overflow in the _TIFFVGetField function in tif_dir.c allowed remote attackers to cause a denial of service (crash) via a crafted TIFF file (bsc#1017690,).
- CVE-2016-10268: tools/tiffcp.c allowed remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to 'READ of size 78490' and libtiff/tif_unix.c:115:23 (bsc#1031255)
- An overlapping of memcpy parameters was fixed which could lead to content corruption (bsc#1017691).
- Fixed an invalid memory read which could lead to a crash (bsc#1017692).
- Fixed a NULL pointer dereference in TIFFReadRawData (tiffinfo.c) that could crash the decoder (bsc#1017688).
ModerateSUSE bug 1007280SUSE bug 1011107SUSE bug 1011845SUSE bug 1017688SUSE bug 1017690SUSE bug 1017691SUSE bug 1017692SUSE bug 1031255SUSE bug 1046077SUSE bug 1048937SUSE bug 1074318SUSE bug 960341SUSE bug 983436CVE-2015-7554 at SUSECVE-2015-7554 at NVDCVE-2016-10095 at SUSECVE-2016-10095 at NVDCVE-2016-10268 at SUSECVE-2016-10268 at NVDCVE-2016-3945 at SUSECVE-2016-3945 at NVDCVE-2016-5318 at SUSECVE-2016-5318 at NVDCVE-2016-5652 at SUSECVE-2016-5652 at NVDCVE-2016-9453 at SUSECVE-2016-9453 at NVDCVE-2016-9536 at SUSECVE-2016-9536 at NVDCVE-2017-11335 at SUSECVE-2017-11335 at NVDCVE-2017-17973 at SUSECVE-2017-17973 at NVDCVE-2017-9935 at SUSECVE-2017-9935 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tiff fixes the following issues:
Security issues fixed:
- CVE-2016-5315: The setByteArray function in tif_dir.c allowed remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. (bsc#984809)
- CVE-2016-10267: LibTIFF allowed remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8. (bsc#1017694)
- CVE-2016-10269: LibTIFF allowed remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to 'READ of size 512' and libtiff/tif_unix.c:340:2. (bsc#1031254)
- CVE-2016-10270: LibTIFF allowed remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to 'READ of size 8' and libtiff/tif_read.c:523:22. (bsc#1031250)
- CVE-2017-18013: In LibTIFF, there was a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. (bsc#1074317)
- CVE-2017-7593: tif_read.c did not ensure that tif_rawdata is properly initialized, which might have allowed remote attackers to obtain sensitive information from process memory via a crafted image. (bsc#1033129)
- CVE-2017-7595: The JPEGSetupEncode function in tiff_jpeg.c allowed remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. (bsc#1033127)
- CVE-2017-7596: LibTIFF had an 'outside the range of representable values of type float' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033126)
- CVE-2017-7597: tif_dirread.c had an 'outside the range of representable values of type float' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033120)
- CVE-2017-7599: LibTIFF had an 'outside the range of representable values of type short' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033113)
- CVE-2017-7600: LibTIFF had an 'outside the range of representable values of type unsigned char' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033112)
- CVE-2017-7601: LibTIFF had a 'shift exponent too large for 64-bit type long' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033111)
- CVE-2017-7602: LibTIFF had a signed integer overflow, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033109)
- Multiple divide by zero issues
- CVE-2016-5314: Buffer overflow in the PixarLogDecode function in tif_pixarlog.c allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr. (bsc#987351 bsc#984808 bsc#984831)
ModerateSUSE bug 1017694SUSE bug 1031250SUSE bug 1031254SUSE bug 1033109SUSE bug 1033111SUSE bug 1033112SUSE bug 1033113SUSE bug 1033120SUSE bug 1033126SUSE bug 1033127SUSE bug 1033129SUSE bug 1074317SUSE bug 984808SUSE bug 984809SUSE bug 984831SUSE bug 987351CVE-2016-10267 at SUSECVE-2016-10267 at NVDCVE-2016-10269 at SUSECVE-2016-10269 at NVDCVE-2016-10270 at SUSECVE-2016-10270 at NVDCVE-2016-5314 at SUSECVE-2016-5314 at NVDCVE-2016-5315 at SUSECVE-2016-5315 at NVDCVE-2017-18013 at SUSECVE-2017-18013 at NVDCVE-2017-7593 at SUSECVE-2017-7593 at NVDCVE-2017-7595 at SUSECVE-2017-7595 at NVDCVE-2017-7596 at SUSECVE-2017-7596 at NVDCVE-2017-7597 at SUSECVE-2017-7597 at NVDCVE-2017-7599 at SUSECVE-2017-7599 at NVDCVE-2017-7600 at SUSECVE-2017-7600 at NVDCVE-2017-7601 at SUSECVE-2017-7601 at NVDCVE-2017-7602 at SUSECVE-2017-7602 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tiff fixes the following security issues:
- CVE-2017-5225: Prevent heap buffer overflow in the tools/tiffcp that could
have caused DoS or code execution via a crafted BitsPerSample value
(bsc#1019611)
- CVE-2018-7456: Prevent a NULL Pointer dereference in the function
TIFFPrintDirectory when using the tiffinfo tool to print crafted TIFF
information, a different vulnerability than CVE-2017-18013 (bsc#1082825)
- CVE-2017-11613: Prevent denial of service in the TIFFOpen function. During
the TIFFOpen process, td_imagelength is not checked. The value of
td_imagelength can be directly controlled by an input file. In the
ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called
based on td_imagelength. If the value of td_imagelength is set close to the
amount of system memory, it will hang the system or trigger the OOM killer
(bsc#1082332)
- CVE-2016-10266: Prevent remote attackers to cause a denial of service
(divide-by-zero error and application crash) via a crafted TIFF image, related
to libtiff/tif_read.c:351:22 (bsc#1031263)
- CVE-2018-8905: Prevent heap-based buffer overflow in the function
LZWDecodeCompat via a crafted TIFF file (bsc#1086408)
- CVE-2016-9540: Prevent out-of-bounds write on tiled images with odd tile
width versus image width (bsc#1011839).
- CVE-2016-9535: tif_predict.h and tif_predict.c had assertions that could have
lead to assertion failures in debug mode, or buffer overflows in release mode,
when dealing with unusual tile size like YCbCr with subsampling (bsc#1011846).
- CVE-2016-9535: tif_predict.h and tif_predict.c had assertions that could have
lead to assertion failures in debug mode, or buffer overflows in release mode,
when dealing with unusual tile size like YCbCr with subsampling (bsc#1011846).
- Removed assert in readSeparateTilesIntoBuffer() function (bsc#1017689).
- CVE-2016-10095: Prevent stack-based buffer overflow in the _TIFFVGetField
function that allowed remote attackers to cause a denial of service (crash) via
a crafted TIFF file (bsc#1017690).
- CVE-2016-8331: Prevent remote code execution because of incorrect handling of
TIFF images. A crafted TIFF document could have lead to a type confusion
vulnerability resulting in remote code execution. This vulnerability could have
been be triggered via a TIFF file delivered to the application using LibTIFF's
tag extension functionality (bsc#1007276).
- CVE-2016-3632: The _TIFFVGetField function allowed remote attackers to cause
a denial of service (out-of-bounds write) or execute arbitrary code via a
crafted TIFF image (bsc#974621).
ModerateSUSE bug 1007276SUSE bug 1011839SUSE bug 1011846SUSE bug 1017689SUSE bug 1017690SUSE bug 1019611SUSE bug 1031263SUSE bug 1082332SUSE bug 1082825SUSE bug 1086408SUSE bug 974621CVE-2014-8128 at SUSECVE-2014-8128 at NVDCVE-2015-7554 at SUSECVE-2015-7554 at NVDCVE-2016-10095 at SUSECVE-2016-10095 at NVDCVE-2016-10266 at SUSECVE-2016-10266 at NVDCVE-2016-3632 at SUSECVE-2016-3632 at NVDCVE-2016-5318 at SUSECVE-2016-5318 at NVDCVE-2016-8331 at SUSECVE-2016-8331 at NVDCVE-2016-9535 at SUSECVE-2016-9535 at NVDCVE-2016-9540 at SUSECVE-2016-9540 at NVDCVE-2017-11613 at SUSECVE-2017-11613 at NVDCVE-2017-5225 at SUSECVE-2017-5225 at NVDCVE-2018-7456 at SUSECVE-2018-7456 at NVDCVE-2018-8905 at SUSECVE-2018-8905 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tiff fixes the following issues:
The following security vulnerabilities were addressed:
- CVE-2015-8668: Fixed a heap-based buffer overflow in the PackBitsPreEncode
function in tif_packbits.c in bmp2tiff, which allowed remote attackers to
execute arbitrary code or cause a denial of service via a large width field
in a specially crafted BMP image. (bsc#960589)
- CVE-2018-10779: Fixed a heap-based buffer over-read in TIFFWriteScanline() in
tif_write.c (bsc#1092480)
- CVE-2017-17942: Fixed a heap-based buffer overflow in the function
PackBitsEncode in tif_packbits.c. (bsc#1074186)
- CVE-2016-5319: Fixed a beap-based buffer overflow in bmp2tiff (bsc#983440)
ModerateSUSE bug 1074186SUSE bug 1092480SUSE bug 960589SUSE bug 983440CVE-2015-8668 at SUSECVE-2015-8668 at NVDCVE-2016-5319 at SUSECVE-2016-5319 at NVDCVE-2017-17942 at SUSECVE-2017-17942 at NVDCVE-2018-10779 at SUSECVE-2018-10779 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tiff fixes the following issues:
- CVE-2018-17100: There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file. (bsc#1108637)
- CVE-2018-17101: There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. (bsc#1108627)
- CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935. (bsc#1110358)
- CVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209. (bsc#1106853)
ModerateSUSE bug 1106853SUSE bug 1108627SUSE bug 1108637SUSE bug 1110358CVE-2017-11613 at SUSECVE-2017-11613 at NVDCVE-2017-9935 at SUSECVE-2017-9935 at NVDCVE-2018-16335 at SUSECVE-2018-16335 at NVDCVE-2018-17100 at SUSECVE-2018-17100 at NVDCVE-2018-17101 at SUSECVE-2018-17101 at NVDCVE-2018-17795 at SUSECVE-2018-17795 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tiff fixes the following issues:
Security issues fixed:
- CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tif_lzw.c (bsc#1113672).
- CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf (bsc#1099257).
- CVE-2017-9147: Fixed invalid read in the _TIFFVGetField function in tif_dir.c, that allowed remote attackers to cause a DoS via acrafted TIFF file (bsc#1040322).
- CVE-2017-9117: Fixed BMP images processing that was verified without biWidth and biHeight values (bsc#1040080).
- CVE-2017-17942: Fixed issue in the function PackBitsEncode that could have led to a heap overflow and caused a DoS (bsc#1074186).
- CVE-2016-9273: Fixed heap-based buffer overflow issue (bsc#1010163).
- CVE-2016-5319: Fixed heap-based buffer overflow in PackBitsEncode (bsc#983440).
- CVE-2016-3621: Fixed out-of-bounds read in the bmp2tiff tool (lzw packing) (bsc#974448).
- CVE-2016-3620: Fixed out-of-bounds read in the bmp2tiff tool (zip packing) (bsc#974447)
- CVE-2016-3619: Fixed out-of-bounds read in the bmp2tiff tool (none packing) (bsc#974446)
- CVE-2015-8870: Fixed integer overflow in tools/bmp2tiff.c that allowed remote attackers to causea DOS (bsc#1014461).
Non-security issues fixed:
- asan_build: build ASAN included
- debug_build: build more suitable for debugging
ModerateSUSE bug 1010163SUSE bug 1014461SUSE bug 1040080SUSE bug 1040322SUSE bug 1074186SUSE bug 1099257SUSE bug 1113672SUSE bug 974446SUSE bug 974447SUSE bug 974448SUSE bug 983440CVE-2015-8870 at SUSECVE-2015-8870 at NVDCVE-2016-3619 at SUSECVE-2016-3619 at NVDCVE-2016-3620 at SUSECVE-2016-3620 at NVDCVE-2016-3621 at SUSECVE-2016-3621 at NVDCVE-2016-5319 at SUSECVE-2016-5319 at NVDCVE-2016-9273 at SUSECVE-2016-9273 at NVDCVE-2017-17942 at SUSECVE-2017-17942 at NVDCVE-2017-9117 at SUSECVE-2017-9117 at NVDCVE-2017-9147 at SUSECVE-2017-9147 at NVDCVE-2018-12900 at SUSECVE-2018-12900 at NVDCVE-2018-18661 at SUSECVE-2018-18661 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tiff fixes the following issues:
Security issues fixed:
- CVE-2016-10094: Fixed heap-based buffer overflow in the _tiffWriteProc function (bsc#1017693).
- CVE-2016-10093: Fixed heap-based buffer overflow in the _TIFFmemcpy function (bsc#1017693).
- CVE-2016-10092: Fixed heap-based buffer overflow in the TIFFReverseBits function (bsc#1017693).
ModerateSUSE bug 1017693CVE-2016-10092 at SUSECVE-2016-10092 at NVDCVE-2016-10093 at SUSECVE-2016-10093 at NVDCVE-2016-10094 at SUSECVE-2016-10094 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tiff (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tiff fixes the following issue:
Security vulnerabilities fixed:
- CVE-2016-5102: Fixed a buffer overflow in readgifimage() (bsc#983268)
- CVE-2019-6128: Fixed a memory leak in the TIFFFdOpen function in tif_unix.c (bsc#1121626)
LowSUSE bug 1121626SUSE bug 983268CVE-2016-5102 at SUSECVE-2016-5102 at NVDCVE-2019-6128 at SUSECVE-2019-6128 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tiff (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tiff fixes the following issues:
- CVE-2015-8683: Fixed out-of-bounds when reading CIE Lab image format files (bsc#1156754).
- CVE-2015-8665: Fixed out-of-bounds read in tif_getimage.c (bsc#1156749).
- CVE-2020-35521: Fixed memory allocation failure in tif_read.c (bsc#1182808).
- CVE-2020-35522: Fixed memory allocation failure in tif_pixarlog.c (bsc#1182809).
- CVE-2020-35523: Fixed integer overflow in tif_getimage.c (bsc#1182811).
- CVE-2020-35524: Fixed heap-based buffer overflow in TIFF2PDF tool (bsc#1182812).
ImportantSUSE bug 1156749SUSE bug 1156754SUSE bug 1182808SUSE bug 1182809SUSE bug 1182811SUSE bug 1182812CVE-2015-8665 at SUSECVE-2015-8665 at NVDCVE-2015-8683 at SUSECVE-2015-8683 at NVDCVE-2020-35521 at SUSECVE-2020-35521 at NVDCVE-2020-35522 at SUSECVE-2020-35522 at NVDCVE-2020-35523 at SUSECVE-2020-35523 at NVDCVE-2020-35524 at SUSECVE-2020-35524 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tiff fixes the following issues:
- CVE-2022-0924: Fixed out-of-bounds read error in tiffcp that could have led to a denial-of-service via a crafted tiff file (bsc#1197073).
- CVE-2019-17546: Fixed integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image (bsc#1154365).
ModerateSUSE bug 1154365SUSE bug 1197073CVE-2019-17546 at SUSECVE-2019-17546 at NVDCVE-2022-0924 at SUSECVE-2022-0924 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tiff (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tiff fixes the following issues:
- CVE-2022-34526: Fixed a stack overflow (bsc#1202026).
- CVE-2019-17546: Use shipped tiffconf.h instead of unshipped tif_config.h (bsc#1153866)
ImportantSUSE bug 1153866SUSE bug 1202026CVE-2019-17546 at SUSECVE-2019-17546 at NVDCVE-2022-34526 at SUSECVE-2022-34526 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tiff (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tiff fixes the following issues:
- CVE-2022-3970: Fixed unsigned integer overflow in TIFFReadRGBATileExt() (bsc#1205392).
ImportantSUSE bug 1205392CVE-2022-3970 at SUSECVE-2022-3970 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tightvnc (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tightvnc fixes the following issues:
- CVE-2019-15679: Fixed a heap buffer overflow in InitialiseRFBConnection
which might lead to code execution (bsc#1155476).
- CVE-2019-8287: Fixed a global buffer overflow in HandleCoRREBBPmay which
might lead to code execution (bsc#1155472).
- CVE-2019-15680: Fixed a null pointer dereference in HandleZlibBPP which
could have led to denial of service (bsc#1155452).
- CVE-2019-15678: Fixed a heap buffer overflow in rfbServerCutText handler
(bsc#1155442).
ImportantSUSE bug 1155442SUSE bug 1155452SUSE bug 1155472SUSE bug 1155476CVE-2019-15678 at SUSECVE-2019-15678 at NVDCVE-2019-15679 at SUSECVE-2019-15679 at NVDCVE-2019-15680 at SUSECVE-2019-15680 at NVDCVE-2019-8287 at SUSECVE-2019-8287 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tomcat6 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tomcat6 fixes the following issue:
- CVE-2016-5388 Setting HTTP_PROXY environment variable via Proxy header (bsc#988489)
ModerateSUSE bug 988489CVE-2016-5388 at SUSECVE-2016-5388 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tomcat6SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update of tomcat6 fixes:
* apache-tomcat-CVE-2012-3544.patch (bnc#831119)
* use chown --no-dereference to prevent symlink attacks on log
(bnc#822177#c7/prevents CVE-2013-1976)
* Fix tomcat init scripts generating malformed classpath (
http://youtrack.jetbrains.com/issue/JT-18545
<http://youtrack.jetbrains.com/issue/JT-18545> ) bnc#804992 (patch
from m407)
* fix a typo in initscript (bnc#768772 )
* copy all shell scripts (bnc#818948)
Security Issue references:
* CVE-2012-3544
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544>
* CVE-2013-1976
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1976>
* CVE-2012-0022
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022>
SUSE bug 768772SUSE bug 804992SUSE bug 818948SUSE bug 822177SUSE bug 831119SUSE bug 906152SUSE bug 917127SUSE bug 918195SUSE bug 926762SUSE bug 931442SUSE bug 932698CVE-2012-0022 at SUSECVE-2012-0022 at NVDCVE-2012-3544 at SUSECVE-2012-3544 at NVDCVE-2013-1976 at SUSECVE-2013-1976 at NVDCVE-2014-0227 at SUSECVE-2014-0227 at NVDCVE-2014-0230 at SUSECVE-2014-0230 at NVDCVE-2014-7810 at SUSECVE-2014-7810 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for tomcat6 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tomcat6 fixes the following issues:
The version was updated from 6.0.41 to 6.0.45.
Security issues fixed:
* CVE-2015-5174: Directory traversal vulnerability in RequestUtil.java
in Apache Tomcat allowed remote authenticated users to bypass intended
SecurityManager restrictions and list a parent directory via a /.. (slash
dot dot) in a pathname used by a web application in a getResource,
getResourceAsStream, or getResourcePaths call, as demonstrated by the
$CATALINA_BASE/webapps directory. (bsc#967967)
* CVE-2015-5345: The Mapper component in Apache Tomcat processes redirects
before considering security constraints and Filters, which allowed remote
attackers to determine the existence of a directory via a URL that lacks
a trailing / (slash) character. (bsc#967965)
* CVE-2016-0706: Apache Tomcat did not place
org.apache.catalina.manager.StatusManagerServlet on the
org/apache/catalina/core/RestrictedServlets.properties list, which
allowed remote authenticated users to bypass intended SecurityManager
restrictions and read arbitrary HTTP requests, and consequently discover
session ID values, via a crafted web application. (bsc#967815)
* CVE-2016-0714: The session-persistence implementation in Apache Tomcat
mishandled session attributes, which allowed remote authenticated users
to bypass intended SecurityManager restrictions and execute arbitrary
code in a privileged context via a web application that places a crafted
object in a session. (bsc#967964)
ImportantSUSE bug 934219SUSE bug 967815SUSE bug 967964SUSE bug 967965SUSE bug 967967CVE-2015-5174 at SUSECVE-2015-5174 at NVDCVE-2015-5345 at SUSECVE-2015-5345 at NVDCVE-2016-0706 at SUSECVE-2016-0706 at NVDCVE-2016-0714 at SUSECVE-2016-0714 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tomcat6 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tomcat6 fixes the following issues:
Tomcat was updated to version 6.0.53:
The full changelog is:
http://tomcat.apache.org/tomcat-6.0-doc/changelog.html
Security issues fixed:
- CVE-2017-5647: A bug in the handling of pipelined requests could lead to information disclosure (bsc#1036642)
- CVE-2016-8745: Regression in the error handling methods could lead to information disclosure (bsc#1015119)
- CVE-2016-8735: Remote code execution vulnerability in JmxRemoteLifecycleListener (bsc#1011805)
- CVE-2016-6816: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests (bsc#1011812)
- CVE-2016-6797: Unrestricted Access to Global Resources (bsc#1007853)
- CVE-2016-6796: Manager Bypass (bsc#1007858)
- CVE-2016-6794: System Property Disclosure (bsc#1007857)
- CVE-2016-5018: Security Manager Bypass (bsc#1007855)
- CVE-2016-0762: Realm Timing Attack (bsc#1007854)
- CVE-2016-5388: an arbitrary HTTP_PROXY environment variable might allow remote attackers to redirect outbound HTTP traffic (bsc#988489)
ImportantSUSE bug 1007853SUSE bug 1007854SUSE bug 1007855SUSE bug 1007857SUSE bug 1007858SUSE bug 1011805SUSE bug 1011812SUSE bug 1015119SUSE bug 1033448SUSE bug 1036642SUSE bug 988489CVE-2016-0762 at SUSECVE-2016-0762 at NVDCVE-2016-5018 at SUSECVE-2016-5018 at NVDCVE-2016-5388 at SUSECVE-2016-5388 at NVDCVE-2016-6794 at SUSECVE-2016-6794 at NVDCVE-2016-6796 at SUSECVE-2016-6796 at NVDCVE-2016-6797 at SUSECVE-2016-6797 at NVDCVE-2016-6816 at SUSECVE-2016-6816 at NVDCVE-2016-8735 at SUSECVE-2016-8735 at NVDCVE-2016-8745 at SUSECVE-2016-8745 at NVDCVE-2017-5647 at SUSECVE-2017-5647 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for tomcat6 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tomcat6 fixes the following security issues:
- : The error page mechanism of the Java Servlet Specification
requires that, when an error occurs and an error page is configured for the
error that occurred, the original request and response are forwarded to the
error page. This means that the request is presented to the error page with the
original HTTP method. If the error page is a static file, expected behaviour is
to serve content of the file as if processing a GET request, regardless of the
actual HTTP method. The Default Servlet in Tomcat did not do this. Depending on
the original request this could lead to unexpected and undesirable results for
static error pages including, if the DefaultServlet is configured to permit
writes, the replacement or removal of the custom error page (bsc#1042910).
- : The URL pattern of '' was not correctly handled when used as
part of a security constraint definition. This caused the constraint to be
ignored. It was possible for unauthorised users to gain access to web
application resources that should have been protected. Only security
constraints with a URL pattern of the empty string were affected (bsc#1082480).
ModerateSUSE bug 1042910SUSE bug 1082480CVE-2017-5664 at SUSECVE-2017-5664 at NVDCVE-2018-1304 at SUSECVE-2018-1304 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tomcat6 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tomcat6 fixes the following issue:
Security issue fixed:
- CVE-2018-11784: Fixed problem with specially crafted URLs that could be used to cause a redirect to any URI of an attackers choise (bsc#1110850).
ModerateSUSE bug 1110850CVE-2018-11784 at SUSECVE-2018-11784 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tomcat6 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tomcat6 fixes the following issues:
- CVE-2020-1938: Fixed a file contents disclosure vulnerability (bsc#1164692).
ImportantSUSE bug 1164692CVE-2020-1938 at SUSECVE-2020-1938 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tomcat6 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tomcat6 fixes the following issues:
CVE-2020-9484 (bsc#1171928)
Apache Tomcat Remote Code Execution via session persistence
If an attacker was able to control the contents and name of a file on a
server configured to use the PersistenceManager, then the attacker could
have triggered a remote code execution via deserialization of the file under
their control.
CVE-2019-12418 (bsc#1159723)
Local privilege escalation by manipulating the RMI registry and performing a man-in-the-middle attack
When Tomcat is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files was able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface.
The attacker could then use these credentials to access the JMX interface and gain complete control over the Tomcat instance.
CVE-2019-0221 (bsc#1136085)
The SSI printenv command echoed user provided data without escaping, which
made it vulnerable to XSS.
ImportantSUSE bug 1136085SUSE bug 1159723SUSE bug 1171928CVE-2019-0221 at SUSECVE-2019-0221 at NVDCVE-2019-12418 at SUSECVE-2019-12418 at NVDCVE-2020-9484 at SUSECVE-2020-9484 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tomcat6 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tomcat6 fixes the following issues:
- CVE-2021-25329: Fixed completely CVE-2020-9484 (bsc#1182909).
- CVE-2021-24122: Fixed an information disclosure (bsc#1180947).
- CVE-2017-12617: Fixed a file inclusion vulnerability through a crafted request (bsc#1059554).
ImportantSUSE bug 1059554SUSE bug 1180947SUSE bug 1182909CVE-2017-12617 at SUSECVE-2017-12617 at NVDCVE-2021-24122 at SUSECVE-2021-24122 at NVDCVE-2021-25329 at SUSECVE-2021-25329 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tomcat6 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for tomcat6 fixes the following issues:
- CVE-2022-42252: Fixed a request smuggling (bsc#1204918).
ImportantSUSE bug 1204918CVE-2022-42252 at SUSECVE-2022-42252 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for tomcat6SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Tomcat has been updated to version 6.0.41, which brings security and bug
fixes.
The following security fixes have been fixed:
* CVE-2014-0096: A XXE vulnerability via user supplied XSLTs.
* CVE-2014-0099: Request smuggling via malicious content length header.
* CVE-2014-0119: A XML parser hijack by malicious web application.
Bugs fixed:
* Socket bind fails on tomcat startup when using apr (IPV6)
(bnc#881700)
* classpath for org/apache/juli/logging/LogFactory (bnc#844689)
Security Issues:
* CVE-2013-4322
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322>
* CVE-2012-3544
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544>
* CVE-2014-0099
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099>
* CVE-2014-0096
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096>
* CVE-2014-0119
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0119>
SUSE bug 844689SUSE bug 865746SUSE bug 880346SUSE bug 880347SUSE bug 880348SUSE bug 881700CVE-2012-3544 at SUSECVE-2012-3544 at NVDCVE-2013-4322 at SUSECVE-2013-4322 at NVDCVE-2014-0096 at SUSECVE-2014-0096 at NVDCVE-2014-0099 at SUSECVE-2014-0099 at NVDCVE-2014-0119 at SUSECVE-2014-0119 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for transfig (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for transfig fixes the following issues:
Security issue fixed:
- CVE-2017-16899: Fix array index error in the fig2dev program (bsc#1069257).
ModerateSUSE bug 1069257CVE-2017-16899 at SUSECVE-2017-16899 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for transfig (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for transfig fixes the following issues:
Security issue fixed:
- CVE-2018-16140: Fixed a buffer underwrite vulnerability in get_line() in
read.c, which allowed an attacker to write prior to the beginning of the
buffer via specially crafted .fig file (bsc#1106531)
LowSUSE bug 1106531CVE-2018-16140 at SUSECVE-2018-16140 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for transfig (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for transfig fixes the following issues:
- CVE-2021-3561: Fixed global buffer overflow in fig2dev/read.c in function read_colordef() (bsc#1186329).
- CVE-2019-19797: Fixed out-of-bounds write in read_colordef in read.c (bsc#1159293).
- CVE-2019-19746: Fixed segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type (bsc#1159130).
- CVE-2019-19555: Fixed stack-based buffer overflow because of an incorrect sscanf (bsc#1161698).
- CVE-2019-14275: Fixed stack-based buffer overflow in the calc_arrow function in bound.c (bsc#1143650).
- CVE-2020-21680: Fixed a stack-based buffer overflow in the put_arrow() component in genpict2e.c (bsc#1189343).
- CVE-2020-21681: Fixed a global buffer overflow in the set_color component in genge.c (bsc#1189345).
- CVE-2020-21682: Fixed a global buffer overflow in the set_fill component in genge.c (bsc#1189346).
- CVE-2020-21683: Fixed a global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c (bsc#1189325).
- Do hardening via compile and linker flags
- Fixed last added upstream commit (boo#1136882)
ImportantSUSE bug 1136882SUSE bug 1143650SUSE bug 1159130SUSE bug 1159293SUSE bug 1161698SUSE bug 1186329SUSE bug 1189325SUSE bug 1189343SUSE bug 1189345SUSE bug 1189346CVE-2019-14275 at SUSECVE-2019-14275 at NVDCVE-2019-19555 at SUSECVE-2019-19555 at NVDCVE-2019-19746 at SUSECVE-2019-19746 at NVDCVE-2019-19797 at SUSECVE-2019-19797 at NVDCVE-2020-21680 at SUSECVE-2020-21680 at NVDCVE-2020-21681 at SUSECVE-2020-21681 at NVDCVE-2020-21682 at SUSECVE-2020-21682 at NVDCVE-2020-21683 at SUSECVE-2020-21683 at NVDCVE-2021-3561 at SUSECVE-2021-3561 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for transfig (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for transfig fixes the following issues:
Update to fig2dev version 3.2.8 Patchlevel 8b (Aug 2021)
- bsc#1190618, CVE-2020-21529: stack buffer overflow in the bezier_spline function in genepic.c.
- bsc#1190615, CVE-2020-21530: segmentation fault in the read_objects function in read.c.
- bsc#1190617, CVE-2020-21531: global buffer overflow in the conv_pattern_index function in gencgm.c.
- bsc#1190616, CVE-2020-21532: global buffer overflow in the setfigfont function in genepic.c.
- bsc#1190612, CVE-2020-21533: stack buffer overflow in the read_textobject function in read.c.
- bsc#1190611, CVE-2020-21534: global buffer overflow in the get_line function in read.c.
- bsc#1190607, CVE-2020-21535: segmentation fault in the gencgm_start function in gencgm.c.
- bsc#1192019, CVE-2021-32280: NULL pointer dereference in compute_closed_spline() in trans_spline.c
ImportantSUSE bug 1190607SUSE bug 1190611SUSE bug 1190612SUSE bug 1190615SUSE bug 1190616SUSE bug 1190617SUSE bug 1190618SUSE bug 1192019CVE-2020-21529 at SUSECVE-2020-21529 at NVDCVE-2020-21530 at SUSECVE-2020-21530 at NVDCVE-2020-21531 at SUSECVE-2020-21531 at NVDCVE-2020-21532 at SUSECVE-2020-21532 at NVDCVE-2020-21533 at SUSECVE-2020-21533 at NVDCVE-2020-21534 at SUSECVE-2020-21534 at NVDCVE-2020-21535 at SUSECVE-2020-21535 at NVDCVE-2021-32280 at SUSECVE-2021-32280 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for trousers (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for trousers fixes the following issues:
- CVE-2020-24330: Fixed a potential tss user to root privilege
escalation issue (bsc#1164472).
ImportantSUSE bug 1164472CVE-2020-24330 at SUSECVE-2020-24330 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for unrar (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for unrar fixes the following issues:
- CVE-2012-6706: decoding malicious RAR files could have lead to memory corruption or code execution. (bsc#1045315).
ImportantSUSE bug 1045315CVE-2012-6706 at SUSECVE-2012-6706 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for unrar (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for unrar to version 5.6.1 fixes several issues.
These security issues were fixed:
- CVE-2017-12938: Prevent remote attackers to bypass a directory-traversal
protection mechanism via vectors involving a symlink to the . directory, a
symlink to the .. directory, and a regular file (bsc#1054038).
- CVE-2017-12940: Prevent out-of-bounds read in the EncodeFileName::Decode call
within the Archive::ReadHeader15 function (bsc#1054038).
- CVE-2017-12941: Prevent an out-of-bounds read in the Unpack::Unpack20
function (bsc#1054038).
- CVE-2017-12942: Prevent a buffer overflow in the Unpack::LongLZ function
(bsc#1054038).
These non-security issues were fixed:
- Added extraction support for .LZ archives created by Lzip compressor
- Enable unpacking of files in ZIP archives compressed with XZ algorithm and
encrypted with AES
- Added support for PAX extended headers inside of TAR archive
- If RAR recovery volumes (.rev files) are present in the same folder as usual
RAR volumes, archive test command verifies .rev contents after completing
testing .rar files
- By default unrar skips symbolic links with absolute paths in link target when
extracting unless -ola command line switch is specified
- Added support for AES-NI CPU instructions
- Support for a new RAR 5.0 archiving format
- Wildcard exclusion mask for folders
- Added libunrar* and libunrar*-devel subpackages (bsc#513804)
- Prevent conditional jumps depending on uninitialised values (bsc#1046882)
ModerateSUSE bug 1046882SUSE bug 1054038SUSE bug 513804SUSE bug 693890CVE-2012-6706 at SUSECVE-2012-6706 at NVDCVE-2017-12938 at SUSECVE-2017-12938 at NVDCVE-2017-12940 at SUSECVE-2017-12940 at NVDCVE-2017-12941 at SUSECVE-2017-12941 at NVDCVE-2017-12942 at SUSECVE-2017-12942 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for unrar (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for unrar fixes the following issues:
- CVE-2022-30333: Fixed directory traversal issue that allowed writing to non-designated paths (bsc#1199349).
ModerateSUSE bug 1199349CVE-2022-30333 at SUSECVE-2022-30333 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for unzipSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes the following security issues:
* CVE-2014-8139: input sanitization errors (bnc#909214)
* CVE-2014-9636: out-of-bounds read/write in test_compr_eb()
(bnc#914442)
Security Issues:
* CVE-2014-9636
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9636>
* CVE-2014-8139
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139>
SUSE bug 909214SUSE bug 914442CVE-2014-8139 at SUSECVE-2014-8139 at NVDCVE-2014-8140 at SUSECVE-2014-8140 at NVDCVE-2014-8141 at SUSECVE-2014-8141 at NVDCVE-2014-9636 at SUSECVE-2014-9636 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for unzip (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for unzip fixes the following issues:
- CVE-2014-9913: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption (bsc#1013993)
- CVE-2015-7696: Specially crafted zip files with password protection could trigger a crash and lead to denial of service (bsc#950110)
- CVE-2015-7697: Specially crafted zip files could trigger an endless loop and lead to denial of service (bsc#950111)
- CVE-2016-9844: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption (bsc#1013992)
ModerateSUSE bug 1013992SUSE bug 1013993SUSE bug 950110SUSE bug 950111CVE-2014-9913 at SUSECVE-2014-9913 at NVDCVE-2015-7696 at SUSECVE-2015-7696 at NVDCVE-2015-7697 at SUSECVE-2015-7697 at NVDCVE-2016-9844 at SUSECVE-2016-9844 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for unzip (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for unzip fixes the following issues:
- CVE-2018-1000035: Fixed a heap-based buffer overflow in password protected ZIP archives (bsc#1080074)
ModerateSUSE bug 1080074CVE-2018-1000035 at SUSECVE-2018-1000035 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for unzip (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for unzip fixes the following issues:
- CVE-2018-18384: Fixed a buffer overflow when listing archives (bsc#1110194)
ModerateSUSE bug 1110194CVE-2018-18384 at SUSECVE-2018-18384 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for unzip (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for unzip fixes the following issues:
- CVE-2021-4217: Fixed null pointer dereference in Unicode strings code (bsc#1196175).
ModerateSUSE bug 1196175CVE-2021-4217 at SUSECVE-2021-4217 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for unzip (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for unzip fixes the following issues:
- CVE-2022-0530: Fixed SIGSEGV during the conversion of an utf-8 string to a local string (bsc#1196177).
- CVE-2022-0529: Fixed Heap out-of-bound writes and reads during conversion of wide string to local string (bsc#1196180).
ModerateSUSE bug 1196177SUSE bug 1196180CVE-2022-0529 at SUSECVE-2022-0529 at NVDCVE-2022-0530 at SUSECVE-2022-0530 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for util-linux (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for util-linux fixes the following issues:
- CVE-2015-5218: Prevent colcrt buffer overflow. (bsc#949754)
These non-security issues were fixed:
- Mount crashes when trying to mount `shmfs` while `SELinux` is active. (bsc#1040414)
- Fix `lsblk -f` on `CCISS` and other devices with nodes in `/dev` subdirectory. (bsc#924994)
- Fix `script(1)` hang caused by mis-interpreted EOF on big-endian platforms. (bsc#930236)
- Do not segfault when TERM is not defined or wrong. (bsc#903440)
- Update and fix mount XFS documentation. (bsc#925705)
- Fix recognition of `/dev/dm-N` partitions names. (bsc#931607)
- Follow SUSE Linux Enterprise 11 device mapper partition names configuration. (bsc#931607)
- Fix recognition of device mapper partitions. (bsc#923904)
- Fix `fsck -C {fd}` parsing. (bsc#923777, bsc#903738)
ImportantSUSE bug 1040414SUSE bug 903440SUSE bug 903738SUSE bug 923777SUSE bug 923904SUSE bug 924994SUSE bug 925705SUSE bug 930236SUSE bug 931607SUSE bug 949754CVE-2015-5218 at SUSECVE-2015-5218 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for vim (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for vim fixes the following security issues:
- Fixed CVE-2016-1248, an arbitrary command execution vulnerability
(bsc#1010685)
ImportantSUSE bug 1010685CVE-2016-1248 at SUSECVE-2016-1248 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for vim (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for vim fixes the following issues:
- CVE-2017-5953: Fixed a possible overflow with corrupted spell file (bsc#1024724)
ModerateSUSE bug 1024724CVE-2017-5953 at SUSECVE-2017-5953 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for vim (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for vim fixes the following issues:
Security issue fixed:
- CVE-2019-12735: Fixed a potential arbitrary code execution vulnerability in getchar.c (bsc#1137443).
ImportantSUSE bug 1137443CVE-2019-12735 at SUSECVE-2019-12735 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for vim (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for vim fixes the following issues:
- CVE-2019-20807: Fixed an issue where escaping from the restrictive mode of vim
was possible using interfaces (bsc#1172225).
ModerateSUSE bug 1172225CVE-2019-20807 at SUSECVE-2019-20807 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for vinoSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
vino has been updated to fix a remote denial of service problem where
remote attackers could have caused a infinite loop in vino (CPU
consumption). (CVE-2013-5745)
Security Issue reference:
* CVE-2013-5745
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5745>
SUSE bug 843174CVE-2013-5745 at SUSECVE-2013-5745 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for vino (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for vino fixes the following issues:
- CVE-2019-15681: Fixed a memory leak which could have allowed to a
remote attacker to read stack memory (bsc#1155419).
ModerateSUSE bug 1155419CVE-2019-15681 at SUSECVE-2019-15681 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for vsftpdSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes regressions with using wildcards that had been introduced
by the previous update (bnc#922538, bnc#927612). Additionally, stat(2)
could be sometimes called on the wrong path, resulting incorrectly in
ENOENT (bnc#925963).
SUSE bug 900326SUSE bug 915522SUSE bug 922538SUSE bug 925963SUSE bug 927612CVE-2015-1419 at SUSECVE-2015-1419 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for w3m (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for w3m fixes the following issues:
- update to debian git version (bsc#1011293)
addressed security issues:
CVE-2016-9621: w3m: global-buffer-overflow write (bsc#1012020)
CVE-2016-9622: w3m: null deref (bsc#1012021)
CVE-2016-9623: w3m: null deref (bsc#1012022)
CVE-2016-9624: w3m: near-null deref (bsc#1012023)
CVE-2016-9625: w3m: stack overflow (bsc#1012024)
CVE-2016-9626: w3m: stack overflow (bsc#1012025)
CVE-2016-9627: w3m: heap overflow read + deref (bsc#1012026)
CVE-2016-9628: w3m: null deref (bsc#1012027)
CVE-2016-9629: w3m: null deref (bsc#1012028)
CVE-2016-9630: w3m: global-buffer-overflow read (bsc#1012029)
CVE-2016-9631: w3m: null deref (bsc#1012030)
CVE-2016-9632: w3m: global-buffer-overflow read (bsc#1012031)
CVE-2016-9633: w3m: OOM (bsc#1012032)
CVE-2016-9434: w3m: null deref (bsc#1011283)
CVE-2016-9435: w3m: use uninit value (bsc#1011284)
CVE-2016-9436: w3m: use uninit value (bsc#1011285)
CVE-2016-9437: w3m: write to rodata (bsc#1011286)
CVE-2016-9438: w3m: null deref (bsc#1011287)
CVE-2016-9439: w3m: stack overflow (bsc#1011288)
CVE-2016-9440: w3m: near-null deref (bsc#1011289)
CVE-2016-9441: w3m: near-null deref (bsc#1011290)
CVE-2016-9442: w3m: potential heap buffer corruption (bsc#1011291)
CVE-2016-9443: w3m: null deref (bsc#1011292)
ModerateSUSE bug 1011269SUSE bug 1011270SUSE bug 1011271SUSE bug 1011272SUSE bug 1011283SUSE bug 1011284SUSE bug 1011285SUSE bug 1011286SUSE bug 1011287SUSE bug 1011288SUSE bug 1011289SUSE bug 1011290SUSE bug 1011291SUSE bug 1011292SUSE bug 1011293SUSE bug 1012020SUSE bug 1012021SUSE bug 1012022SUSE bug 1012023SUSE bug 1012024SUSE bug 1012025SUSE bug 1012026SUSE bug 1012027SUSE bug 1012028SUSE bug 1012029SUSE bug 1012030SUSE bug 1012031SUSE bug 1012032CVE-2010-2074 at SUSECVE-2010-2074 at NVDCVE-2016-9422 at SUSECVE-2016-9422 at NVDCVE-2016-9423 at SUSECVE-2016-9423 at NVDCVE-2016-9424 at SUSECVE-2016-9424 at NVDCVE-2016-9425 at SUSECVE-2016-9425 at NVDCVE-2016-9434 at SUSECVE-2016-9434 at NVDCVE-2016-9435 at SUSECVE-2016-9435 at NVDCVE-2016-9436 at SUSECVE-2016-9436 at NVDCVE-2016-9437 at SUSECVE-2016-9437 at NVDCVE-2016-9438 at SUSECVE-2016-9438 at NVDCVE-2016-9439 at SUSECVE-2016-9439 at NVDCVE-2016-9440 at SUSECVE-2016-9440 at NVDCVE-2016-9441 at SUSECVE-2016-9441 at NVDCVE-2016-9442 at SUSECVE-2016-9442 at NVDCVE-2016-9443 at SUSECVE-2016-9443 at NVDCVE-2016-9621 at SUSECVE-2016-9621 at NVDCVE-2016-9622 at SUSECVE-2016-9622 at NVDCVE-2016-9623 at SUSECVE-2016-9623 at NVDCVE-2016-9624 at SUSECVE-2016-9624 at NVDCVE-2016-9625 at SUSECVE-2016-9625 at NVDCVE-2016-9626 at SUSECVE-2016-9626 at NVDCVE-2016-9627 at SUSECVE-2016-9627 at NVDCVE-2016-9628 at SUSECVE-2016-9628 at NVDCVE-2016-9629 at SUSECVE-2016-9629 at NVDCVE-2016-9630 at SUSECVE-2016-9630 at NVDCVE-2016-9631 at SUSECVE-2016-9631 at NVDCVE-2016-9632 at SUSECVE-2016-9632 at NVDCVE-2016-9633 at SUSECVE-2016-9633 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for w3m (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for w3m fixes several issues.
These security issues were fixed:
- CVE-2018-6196: Prevent infinite recursion in HTMLlineproc0 caused by the feed_table_block_tag function which did not prevent a negative indent value (bsc#1077559)
- CVE-2018-6197: Prevent NULL pointer dereference in formUpdateBuffer (bsc#1077568)
- CVE-2018-6198: w3m did not properly handle temporary files when the ~/.w3m directory is unwritable, which allowed a local attacker to craft a symlink attack to overwrite arbitrary files (bsc#1077572)
ModerateSUSE bug 1077559SUSE bug 1077568SUSE bug 1077572CVE-2018-6196 at SUSECVE-2018-6196 at NVDCVE-2018-6197 at SUSECVE-2018-6197 at NVDCVE-2018-6198 at SUSECVE-2018-6198 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for w3m (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for w3m fixes the following issues:
- CVE-2022-38223: Fixed a memory safety issue when dumping crafted
input to standard out (bsc#1202684).
ModerateSUSE bug 1202684CVE-2022-38223 at SUSECVE-2022-38223 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for wavpack (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for wavpack fixes the following issues:
- CVE-2016-10169 CVE-2016-10170 CVE-2016-10171 CVE-2016-10172: Make sure upper and lower boundaries make sense, to avoid out of bounds memory reads that could lead to crashes or disclosing memory. (bsc#1021483)
ModerateSUSE bug 1021483CVE-2016-10169 at SUSECVE-2016-10169 at NVDCVE-2016-10170 at SUSECVE-2016-10170 at NVDCVE-2016-10171 at SUSECVE-2016-10171 at NVDCVE-2016-10172 at SUSECVE-2016-10172 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for wavpack (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for wavpack fixes the following issues:
Security issues fixed:
- CVE-2018-19840: Fixed a denial-of-service in the WavpackPackInit function from pack_utils.c (bsc#1120930)
ModerateSUSE bug 1120930CVE-2018-19840 at SUSECVE-2018-19840 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for wavpack (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for wavpack fixes the following issues:
- CVE-2020-35738: Fixed an out-of-bounds write in WavpackPackSamples (bsc#1180414).
ImportantSUSE bug 1180414CVE-2020-35738 at SUSECVE-2020-35738 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for wavpack (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for wavpack fixes the following issues:
- CVE-2022-2476: Fixed a null pointer dereference in wvunpack (bsc#1201716).
LowSUSE bug 1201716CVE-2022-2476 at SUSECVE-2022-2476 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for wgetSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
wget has been updated to fix one security issue and two non-security
issues.
This security issue has been fixed:
* FTP symlink arbitrary filesystem access (CVE-2014-4877).
These non-security issues have been fixed:
* Fix displaying of download time (bnc#901276).
* Fix 0 size FTP downloads after failure (bnc#885069).
Security Issues:
* CVE-2014-4877
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877>
SUSE bug 870983SUSE bug 885069SUSE bug 901276SUSE bug 902709CVE-2014-4877 at SUSECVE-2014-4877 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for wget (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for wget fixes the following issues:
- CVE-2016-4971: A HTTP to FTP redirection file name confusion vulnerability was fixed.
(bsc#984060).
- CVE-2016-7098: A potential race condition was fixed by creating files with .tmp ext
and making them accessible to the current user only. (bsc#995964)
Bug fixed:
- Wget failed with basicauth: Failed writing HTTP request: Bad file descriptor
(bsc#958342)
ModerateSUSE bug 958342SUSE bug 984060SUSE bug 995964CVE-2016-4971 at SUSECVE-2016-4971 at NVDCVE-2016-7098 at SUSECVE-2016-7098 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for wget (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for wget fixes the following issues:
Security issue fixed:
- CVE-2017-6508: (url_parse): Reject control characters in host part of URL (bsc#1028301).
ModerateSUSE bug 1028301CVE-2017-6508 at SUSECVE-2017-6508 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for wget (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for wget fixes the following issues:
- CVE-2018-0494: Fixed Cookie injection vulnerability by checking for
and joining continuation lines. (bsc#1092061)
ModerateSUSE bug 1092061CVE-2018-0494 at SUSECVE-2018-0494 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for wiresharkSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
wireshark has been updated to version 1.10.11 to fix five security issues.
These security issues have been fixed:
* SigComp UDVM buffer overflow (CVE-2014-8710).
* AMQP dissector crash (CVE-2014-8711).
* NCP dissector crashes (CVE-2014-8712, CVE-2014-8713).
* TN5250 infinite loops (CVE-2014-8714).
This non-security issue has been fixed:
* enable zlib (bnc#899303).
Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html
<https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html>
Security Issues:
* CVE-2014-8711
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8711>
* CVE-2014-8710
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8710>
* CVE-2014-8714
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8714>
* CVE-2014-8712
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8712>
* CVE-2014-8713
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8713>
SUSE bug 813217SUSE bug 816517SUSE bug 816887SUSE bug 820973SUSE bug 824900SUSE bug 831718SUSE bug 839607SUSE bug 848738SUSE bug 855980SUSE bug 856495SUSE bug 856496SUSE bug 856498SUSE bug 867485SUSE bug 889854SUSE bug 889899SUSE bug 889900SUSE bug 889901SUSE bug 889906SUSE bug 897055SUSE bug 899303SUSE bug 905245SUSE bug 905246SUSE bug 905247SUSE bug 905248SUSE bug 912365SUSE bug 912368SUSE bug 912369SUSE bug 912370SUSE bug 912372SUSE bug 920696SUSE bug 920697SUSE bug 920699SUSE bug 930691CVE-2013-2486 at SUSECVE-2013-2486 at NVDCVE-2013-2487 at SUSECVE-2013-2487 at NVDCVE-2013-3555 at SUSECVE-2013-3555 at NVDCVE-2013-3556 at SUSECVE-2013-3556 at NVDCVE-2013-3557 at SUSECVE-2013-3557 at NVDCVE-2013-3558 at SUSECVE-2013-3558 at NVDCVE-2013-3559 at SUSECVE-2013-3559 at NVDCVE-2013-3560 at SUSECVE-2013-3560 at NVDCVE-2013-3561 at SUSECVE-2013-3561 at NVDCVE-2013-3562 at SUSECVE-2013-3562 at NVDCVE-2013-4074 at SUSECVE-2013-4074 at NVDCVE-2013-4075 at SUSECVE-2013-4075 at NVDCVE-2013-4076 at SUSECVE-2013-4076 at NVDCVE-2013-4077 at SUSECVE-2013-4077 at NVDCVE-2013-4078 at SUSECVE-2013-4078 at NVDCVE-2013-4079 at SUSECVE-2013-4079 at NVDCVE-2013-4080 at SUSECVE-2013-4080 at NVDCVE-2013-4081 at SUSECVE-2013-4081 at NVDCVE-2013-4082 at SUSECVE-2013-4082 at NVDCVE-2013-4083 at SUSECVE-2013-4083 at NVDCVE-2013-4929 at SUSECVE-2013-4929 at NVDCVE-2013-4930 at SUSECVE-2013-4930 at NVDCVE-2013-4931 at SUSECVE-2013-4931 at NVDCVE-2013-4932 at SUSECVE-2013-4932 at NVDCVE-2013-4933 at SUSECVE-2013-4933 at NVDCVE-2013-4934 at SUSECVE-2013-4934 at NVDCVE-2013-4935 at SUSECVE-2013-4935 at NVDCVE-2013-6336 at SUSECVE-2013-6336 at NVDCVE-2013-6337 at SUSECVE-2013-6337 at NVDCVE-2013-6338 at SUSECVE-2013-6338 at NVDCVE-2013-6339 at SUSECVE-2013-6339 at NVDCVE-2013-6340 at SUSECVE-2013-6340 at NVDCVE-2013-7112 at SUSECVE-2013-7112 at NVDCVE-2013-7113 at SUSECVE-2013-7113 at NVDCVE-2013-7114 at SUSECVE-2013-7114 at NVDCVE-2014-2281 at SUSECVE-2014-2281 at NVDCVE-2014-2282 at SUSECVE-2014-2282 at NVDCVE-2014-2283 at SUSECVE-2014-2283 at NVDCVE-2014-2299 at SUSECVE-2014-2299 at NVDCVE-2014-6421 at SUSECVE-2014-6421 at NVDCVE-2014-6422 at SUSECVE-2014-6422 at NVDCVE-2014-6423 at SUSECVE-2014-6423 at NVDCVE-2014-6424 at SUSECVE-2014-6424 at NVDCVE-2014-6427 at SUSECVE-2014-6427 at NVDCVE-2014-6428 at SUSECVE-2014-6428 at NVDCVE-2014-6429 at SUSECVE-2014-6429 at NVDCVE-2014-6430 at SUSECVE-2014-6430 at NVDCVE-2014-6431 at SUSECVE-2014-6431 at NVDCVE-2014-6432 at SUSECVE-2014-6432 at NVDCVE-2014-8710 at SUSECVE-2014-8710 at NVDCVE-2014-8711 at SUSECVE-2014-8711 at NVDCVE-2014-8712 at SUSECVE-2014-8712 at NVDCVE-2014-8713 at SUSECVE-2014-8713 at NVDCVE-2014-8714 at SUSECVE-2014-8714 at NVDCVE-2015-0559 at SUSECVE-2015-0559 at NVDCVE-2015-0560 at SUSECVE-2015-0560 at NVDCVE-2015-0561 at SUSECVE-2015-0561 at NVDCVE-2015-0562 at SUSECVE-2015-0562 at NVDCVE-2015-0563 at SUSECVE-2015-0563 at NVDCVE-2015-0564 at SUSECVE-2015-0564 at NVDCVE-2015-2188 at SUSECVE-2015-2188 at NVDCVE-2015-2189 at SUSECVE-2015-2189 at NVDCVE-2015-2191 at SUSECVE-2015-2191 at NVDCVE-2015-3811 at SUSECVE-2015-3811 at NVDCVE-2015-3812 at SUSECVE-2015-3812 at NVDCVE-2015-3814 at SUSECVE-2015-3814 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Wireshark has been updated to 1.12.7. (FATE#319388)
The following vulnerabilities have been fixed:
* Wireshark could crash when adding an item to the protocol tree. wnpa-sec-2015-21 CVE-2015-6241
* Wireshark could attempt to free invalid memory. wnpa-sec-2015-22 CVE-2015-6242
* Wireshark could crash when searching for a protocol dissector. wnpa-sec-2015-23 CVE-2015-6243
* The ZigBee dissector could crash. wnpa-sec-2015-24 CVE-2015-6244
* The GSM RLC/MAC dissector could go into an infinite loop. wnpa-sec-2015-25 CVE-2015-6245
* The WaveAgent dissector could crash. wnpa-sec-2015-26 CVE-2015-6246
* The OpenFlow dissector could go into an infinite loop. wnpa-sec-2015-27 CVE-2015-6247
* Wireshark could crash due to invalid ptvcursor length checking. wnpa-sec-2015-28 CVE-2015-6248
* The WCCP dissector could crash. wnpa-sec-2015-29 CVE-2015-6249
* Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.12.7.html
Also a fix from 1.12.6 in GSM DTAP was backported. (bnc#935158 CVE-2015-4652)
ModerateSUSE bug 935158SUSE bug 941500CVE-2015-3813 at SUSECVE-2015-3813 at NVDCVE-2015-4652 at SUSECVE-2015-4652 at NVDCVE-2015-6241 at SUSECVE-2015-6241 at NVDCVE-2015-6242 at SUSECVE-2015-6242 at NVDCVE-2015-6243 at SUSECVE-2015-6243 at NVDCVE-2015-6244 at SUSECVE-2015-6244 at NVDCVE-2015-6245 at SUSECVE-2015-6245 at NVDCVE-2015-6246 at SUSECVE-2015-6246 at NVDCVE-2015-6247 at SUSECVE-2015-6247 at NVDCVE-2015-6248 at SUSECVE-2015-6248 at NVDCVE-2015-6249 at SUSECVE-2015-6249 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for wireshark (Low)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update contains Wireshark 1.12.9 and fixes the following issues:
* CVE-2015-7830: pcapng file parser could crash while copying an interface filter (bsc#950437)
* CVE-2015-8711: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
* CVE-2015-8712: The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8713: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
* CVE-2015-8714: The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8715: epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
* CVE-2015-8716: The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8717: The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8718: Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the 'Match MSG/RES packets for async NLM' option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8719: The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8720: The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8721: Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression.
* CVE-2015-8722: epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
* CVE-2015-8723: The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted
* CVE-2015-8724: The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
* CVE-2015-8725: The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
* CVE-2015-8726: wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
* CVE-2015-8727: The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.
* CVE-2015-8728: The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet.
* CVE-2015-8729: The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
* CVE-2015-8730: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet.
* CVE-2015-8731: The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
* CVE-2015-8732: The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
* CVE-2015-8733: The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
LowSUSE bug 950437SUSE bug 960382CVE-2015-7830 at SUSECVE-2015-7830 at NVDCVE-2015-8711 at SUSECVE-2015-8711 at NVDCVE-2015-8712 at SUSECVE-2015-8712 at NVDCVE-2015-8713 at SUSECVE-2015-8713 at NVDCVE-2015-8714 at SUSECVE-2015-8714 at NVDCVE-2015-8715 at SUSECVE-2015-8715 at NVDCVE-2015-8716 at SUSECVE-2015-8716 at NVDCVE-2015-8717 at SUSECVE-2015-8717 at NVDCVE-2015-8718 at SUSECVE-2015-8718 at NVDCVE-2015-8719 at SUSECVE-2015-8719 at NVDCVE-2015-8720 at SUSECVE-2015-8720 at NVDCVE-2015-8721 at SUSECVE-2015-8721 at NVDCVE-2015-8722 at SUSECVE-2015-8722 at NVDCVE-2015-8723 at SUSECVE-2015-8723 at NVDCVE-2015-8724 at SUSECVE-2015-8724 at NVDCVE-2015-8725 at SUSECVE-2015-8725 at NVDCVE-2015-8726 at SUSECVE-2015-8726 at NVDCVE-2015-8727 at SUSECVE-2015-8727 at NVDCVE-2015-8728 at SUSECVE-2015-8728 at NVDCVE-2015-8729 at SUSECVE-2015-8729 at NVDCVE-2015-8730 at SUSECVE-2015-8730 at NVDCVE-2015-8731 at SUSECVE-2015-8731 at NVDCVE-2015-8732 at SUSECVE-2015-8732 at NVDCVE-2015-8733 at SUSECVE-2015-8733 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update to Wireshark 1 12.11 fixes a number issues in protocol dissectors that could have allowed a remote attacker to crash Wireshark or cause excessive CPU usage through specially crafted packages inserted into the network or a capture file.
- The PKTC dissector could crash (wnpa-sec-2016-22)
- The PKTC dissector could crash (wnpa-sec-2016-23)
- The IAX2 dissector could go into an infinite loop (wnpa-sec-2016-24)
- Wireshark and TShark could exhaust the stack (wnpa-sec-2016-25)
- The GSM CBCH dissector could crash (wnpa-sec-2016-26)
- The NCP dissector could crash (wnpa-sec-2016-28)
- CVE-2016-2523: DNP dissector infinite loop (wnpa-sec-2016-03)
- CVE-2016-2530: RSL dissector crash (wnpa-sec-2016-10)
- CVE-2016-2531: RSL dissector crash (wnpa-sec-2016-10)
- CVE-2016-2532: LLRP dissector crash (wnpa-sec-2016-11)
- GSM A-bis OML dissector crash (wnpa-sec-2016-14)
- ASN.1 BER dissector crash (wnpa-sec-2016-15)
- ASN.1 BER dissector crash (wnpa-sec-2016-18)
Also containsfurther bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.12.11.html
https://www.wireshark.org/docs/relnotes/wireshark-1.12.10.html
ModerateSUSE bug 968565SUSE bug 976944CVE-2016-2523 at SUSECVE-2016-2523 at NVDCVE-2016-2530 at SUSECVE-2016-2530 at NVDCVE-2016-2531 at SUSECVE-2016-2531 at NVDCVE-2016-2532 at SUSECVE-2016-2532 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update to wireshark 1.12.13 fixes the following issues:
- CVE-2016-6504: wireshark: NDS dissector crash (bsc#991012)
- CVE-2016-6505: wireshark: PacketBB dissector could divide by zero (bsc#991013)
- CVE-2016-6506: wireshark: WSP infinite loop (bsc#991015)
- CVE-2016-6507: wireshark: MMSE infinite loop (bsc#991016)
- CVE-2016-6508: wireshark: RLC long loop (bsc#991017)
- CVE-2016-6509: wireshark: LDSS dissector crash (bsc#991018)
- CVE-2016-6510: wireshark: RLC dissector crash (bsc#991019)
- CVE-2016-6511: wireshark: OpenFlow long loop (bnc991020)
- CVE-2016-5350: SPOOLS infinite loop (bsc#983671)
- CVE-2016-5351: IEEE 802.11 dissector crash (bsc#983671)
- CVE-2016-5352: IEEE 802.11 dissector crash, different from wpna-sec-2016-30 (bsc#983671)
- CVE-2016-5353: UMTS FP crash (bsc#983671)
- CVE-2016-5354: USB dissector crash (bsc#983671)
- CVE-2016-5355: Toshiba file parser crash (bsc#983671)
- CVE-2016-5356: CoSine file parser crash (bsc#983671)
- CVE-2016-5357: NetScreen file parser crash (bsc#983671)
- CVE-2016-5358: Ethernet dissector crash (bsc#983671)
- CVE-2016-5359: WBXML infinite loop (bsc#983671)
For more details please see:
https://www.wireshark.org/docs/relnotes/wireshark-1.12.12.html
https://www.wireshark.org/docs/relnotes/wireshark-1.12.13.html
ModerateSUSE bug 983671SUSE bug 991012SUSE bug 991013SUSE bug 991015SUSE bug 991016SUSE bug 991017SUSE bug 991018SUSE bug 991019SUSE bug 991020CVE-2016-5350 at SUSECVE-2016-5350 at NVDCVE-2016-5351 at SUSECVE-2016-5351 at NVDCVE-2016-5352 at SUSECVE-2016-5352 at NVDCVE-2016-5353 at SUSECVE-2016-5353 at NVDCVE-2016-5354 at SUSECVE-2016-5354 at NVDCVE-2016-5355 at SUSECVE-2016-5355 at NVDCVE-2016-5356 at SUSECVE-2016-5356 at NVDCVE-2016-5357 at SUSECVE-2016-5357 at NVDCVE-2016-5358 at SUSECVE-2016-5358 at NVDCVE-2016-5359 at SUSECVE-2016-5359 at NVDCVE-2016-6504 at SUSECVE-2016-6504 at NVDCVE-2016-6505 at SUSECVE-2016-6505 at NVDCVE-2016-6506 at SUSECVE-2016-6506 at NVDCVE-2016-6507 at SUSECVE-2016-6507 at NVDCVE-2016-6508 at SUSECVE-2016-6508 at NVDCVE-2016-6509 at SUSECVE-2016-6509 at NVDCVE-2016-6510 at SUSECVE-2016-6510 at NVDCVE-2016-6511 at SUSECVE-2016-6511 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
Wireshark was updated to version 2.0.12, which brings several new features, enhancements
and bug fixes.
These security issues were fixed:
- CVE-2017-7700: In Wireshark the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size (bsc#1033936).
- CVE-2017-7701: In Wireshark the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type (bsc#1033937).
- CVE-2017-7702: In Wireshark the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation (bsc#1033938).
- CVE-2017-7703: In Wireshark the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly (bsc#1033939).
- CVE-2017-7704: In Wireshark the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value (bsc#1033940).
- CVE-2017-7705: In Wireshark the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset (bsc#1033941).
- CVE-2017-7745: In Wireshark the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check (bsc#1033942).
- CVE-2017-7746: In Wireshark the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length (bsc#1033943).
- CVE-2017-7747: In Wireshark the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-packetbb.c by restricting additions to the protocol tree (bsc#1033944).
- CVE-2017-7748: In Wireshark the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check (bsc#1033945).
- CVE-2016-7179: Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark allowed remote attackers to cause a denial of service (application crash) via a crafted packet (bsc#998963).
- CVE-2016-9376: In Wireshark the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large (bsc#1010735).
- CVE-2016-9375: In Wireshark the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful (bsc#1010740).
- CVE-2016-9374: In Wireshark the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable (bsc#1010752).
- CVE-2016-9373: In Wireshark the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private strings (bsc#1010754).
- CVE-2016-7175: epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark mishandled MAC address data, which allowed remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet (bsc#998761).
- CVE-2016-7176: epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark called snprintf with one of its input buffers as the output buffer, which allowed remote attackers to cause a denial of service (copy overlap and application crash) via a crafted packet (bsc#998762).
- CVE-2016-7177: epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark did not restrict the number of channels, which allowed remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet (bsc#998763).
- CVE-2016-7180: epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark did not properly consider whether a string is constant, which allowed remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet (bsc#998800).
- CVE-2016-7178: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark did not ensure that memory is allocated for certain data structures, which allowed remote attackers to cause a denial of service (invalid write access and application crash) via a crafted packet (bsc#998964).
- CVE-2017-6014: In Wireshark a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory (bsc#1025913).
- CVE-2017-5596: In Wireshark the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow (bsc#1021739).
- CVE-2017-5597: In Wireshark the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow (bsc#1021739).
ModerateSUSE bug 1002981SUSE bug 1010735SUSE bug 1010740SUSE bug 1010752SUSE bug 1010754SUSE bug 1010911SUSE bug 1021739SUSE bug 1025913SUSE bug 1027998SUSE bug 1033936SUSE bug 1033937SUSE bug 1033938SUSE bug 1033939SUSE bug 1033940SUSE bug 1033941SUSE bug 1033942SUSE bug 1033943SUSE bug 1033944SUSE bug 1033945SUSE bug 998761SUSE bug 998762SUSE bug 998763SUSE bug 998800SUSE bug 998963SUSE bug 998964CVE-2016-7175 at SUSECVE-2016-7175 at NVDCVE-2016-7176 at SUSECVE-2016-7176 at NVDCVE-2016-7177 at SUSECVE-2016-7177 at NVDCVE-2016-7178 at SUSECVE-2016-7178 at NVDCVE-2016-7179 at SUSECVE-2016-7179 at NVDCVE-2016-7180 at SUSECVE-2016-7180 at NVDCVE-2016-9373 at SUSECVE-2016-9373 at NVDCVE-2016-9374 at SUSECVE-2016-9374 at NVDCVE-2016-9375 at SUSECVE-2016-9375 at NVDCVE-2016-9376 at SUSECVE-2016-9376 at NVDCVE-2017-5596 at SUSECVE-2017-5596 at NVDCVE-2017-5597 at SUSECVE-2017-5597 at NVDCVE-2017-6014 at SUSECVE-2017-6014 at NVDCVE-2017-7700 at SUSECVE-2017-7700 at NVDCVE-2017-7701 at SUSECVE-2017-7701 at NVDCVE-2017-7702 at SUSECVE-2017-7702 at NVDCVE-2017-7703 at SUSECVE-2017-7703 at NVDCVE-2017-7704 at SUSECVE-2017-7704 at NVDCVE-2017-7705 at SUSECVE-2017-7705 at NVDCVE-2017-7745 at SUSECVE-2017-7745 at NVDCVE-2017-7746 at SUSECVE-2017-7746 at NVDCVE-2017-7747 at SUSECVE-2017-7747 at NVDCVE-2017-7748 at SUSECVE-2017-7748 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
The network analysis tool wireshark was updated to version 2.0.13 to fix the following issues:
* CVE-2017-9352: Bazaar dissector infinite loop (wnpa-sec-2017-22) (bsc#1042304)
* CVE-2017-9348: DOF dissector read overflow (wnpa-sec-2017-23) (bsc#1042303)
* CVE-2017-9351: DHCP dissector read overflow (wnpa-sec-2017-24) (bsc#1042302)
* CVE-2017-9346: SoulSeek dissector infinite loop (wnpa-sec-2017-25) (bsc#1042301)
* CVE-2017-9345: DNS dissector infinite loop (wnpa-sec-2017-26) (bsc#1042300)
* CVE-2017-9349: DICOM dissector infinite loop (wnpa-sec-2017-27) (bsc#1042305)
* CVE-2017-9350: openSAFETY dissector memory exh.. (wnpa-sec-2017-28) (bsc#1042299)
* CVE-2017-9344: BT L2CAP dissector divide by zero (wnpa-sec-2017-29) (bsc#1042298)
* CVE-2017-9343: MSNIP dissector crash (wnpa-sec-2017-30) (bsc#1042309)
* CVE-2017-9347: ROS dissector crash (wnpa-sec-2017-31) (bsc#1042308)
* CVE-2017-9354: RGMP dissector crash (wnpa-sec-2017-32) (bsc#1042307)
* CVE-2017-9353: wireshark: IPv6 dissector crash (wnpa-sec-2017-33) (bsc#1042306)
ModerateSUSE bug 1042298SUSE bug 1042299SUSE bug 1042300SUSE bug 1042301SUSE bug 1042302SUSE bug 1042303SUSE bug 1042304SUSE bug 1042305SUSE bug 1042306SUSE bug 1042307SUSE bug 1042308SUSE bug 1042309CVE-2017-9343 at SUSECVE-2017-9343 at NVDCVE-2017-9344 at SUSECVE-2017-9344 at NVDCVE-2017-9345 at SUSECVE-2017-9345 at NVDCVE-2017-9346 at SUSECVE-2017-9346 at NVDCVE-2017-9347 at SUSECVE-2017-9347 at NVDCVE-2017-9348 at SUSECVE-2017-9348 at NVDCVE-2017-9349 at SUSECVE-2017-9349 at NVDCVE-2017-9350 at SUSECVE-2017-9350 at NVDCVE-2017-9351 at SUSECVE-2017-9351 at NVDCVE-2017-9352 at SUSECVE-2017-9352 at NVDCVE-2017-9353 at SUSECVE-2017-9353 at NVDCVE-2017-9354 at SUSECVE-2017-9354 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This wireshark update to version 2.2.8 fixes the following issues:
Security issues fixed:
- CVE-2017-11411: The openSAFETY dissectorcould crash or exhaust system memory because of missing
length validation. (bsc#1049621)
- CVE-2017-11410: The WBXML dissector could go into an infinite loop. (bsc#1049255)
- CVE-2017-11408: The AMQP dissector could crash. (bsc#1049255)
- CVE-2017-11407: The MQ dissector could crash. (bsc#1049255)
- CVE-2017-11406: The DOCSIS dissector could go into an infinite loop. (bsc#1049255)
ModerateSUSE bug 1049255SUSE bug 1049621CVE-2017-11406 at SUSECVE-2017-11406 at NVDCVE-2017-11407 at SUSECVE-2017-11407 at NVDCVE-2017-11408 at SUSECVE-2017-11408 at NVDCVE-2017-11410 at SUSECVE-2017-11410 at NVDCVE-2017-11411 at SUSECVE-2017-11411 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for wireshark to version 2.2.11 fixes several issues.
These security issues were fixed:
- CVE-2017-13767: The MSDP dissector could have gone into an infinite loop.
This was addressed by adding length validation (bsc#1056248)
- CVE-2017-13766: The Profinet I/O dissector could have crash with an
out-of-bounds write. This was addressed by adding string validation
(bsc#1056249)
- CVE-2017-13765: The IrCOMM dissector had a buffer over-read and application
crash. This was addressed by adding length validation (bsc#1056251)
- CVE-2017-9766: PROFINET IO data with a high recursion depth allowed remote
attackers to cause a denial of service (stack exhaustion) in the
dissect_IODWriteReq function (bsc#1045341)
- CVE-2017-9617: Deeply nested DAAP data may have cause stack exhaustion
(uncontrolled recursion) in the dissect_daap_one_tag function in the DAAP
dissector (bsc#1044417)
- CVE-2017-15192: The BT ATT dissector could crash. This was addressed
in epan/dissectors/packet-btatt.c by considering a case where not all
of the BTATT packets have the same encapsulation level. (bsc#1062645)
- CVE-2017-15193: The MBIM dissector could crash or exhaust system
memory. This was addressed in epan/dissectors/packet-mbim.c by changing
the memory-allocation approach. (bsc#1062645)
- CVE-2017-15191: The DMP dissector could crash. This was addressed in
epan/dissectors/packet-dmp.c by validating a string length. (bsc#1062645)
- CVE-2017-17083: NetBIOS dissector could crash. This was addressed in
epan/dissectors/packet-netbios.c by ensuring that write operations are
bounded by the beginning of a buffer. (bsc#1070727)
- CVE-2017-17084: IWARP_MPA dissector could crash. This was addressed
in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU
length. (bsc#1070727)
- CVE-2017-17085: the CIP Safety dissector could crash. This was
addressed in epan/dissectors/packet-cipsafety.c by validating the packet
length. (bsc#1070727)
ModerateSUSE bug 1044417SUSE bug 1045341SUSE bug 1056248SUSE bug 1056249SUSE bug 1056251SUSE bug 1062645SUSE bug 1070727CVE-2017-13765 at SUSECVE-2017-13765 at NVDCVE-2017-13766 at SUSECVE-2017-13766 at NVDCVE-2017-13767 at SUSECVE-2017-13767 at NVDCVE-2017-15191 at SUSECVE-2017-15191 at NVDCVE-2017-15192 at SUSECVE-2017-15192 at NVDCVE-2017-15193 at SUSECVE-2017-15193 at NVDCVE-2017-17083 at SUSECVE-2017-17083 at NVDCVE-2017-17084 at SUSECVE-2017-17084 at NVDCVE-2017-17085 at SUSECVE-2017-17085 at NVDCVE-2017-9617 at SUSECVE-2017-9617 at NVDCVE-2017-9766 at SUSECVE-2017-9766 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for wireshark to version 2.2.12 fixes the following issues:
- CVE-2018-5334: IxVeriWave file could crash (bsc#1075737)
- CVE-2018-5335: WCP dissector could crash (bsc#1075738)
- CVE-2018-5336: Multiple dissector crashes (bsc#1075739)
- CVE-2017-17935: Incorrect handling of '\n' in file_read_line function could
have lead to denial of service (bsc#1074171)
This release no longer enables the Linux kernel BPF JIT compiler via the
net.core.bpf_jit_enable sysctl, as this would make systems more vulnerable
to Spectre variant 1 CVE-2017-5753 - (bsc#1075748)
Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.12.html
ModerateSUSE bug 1074171SUSE bug 1075737SUSE bug 1075738SUSE bug 1075739SUSE bug 1075748CVE-2017-17935 at SUSECVE-2017-17935 at NVDCVE-2018-5334 at SUSECVE-2018-5334 at NVDCVE-2018-5335 at SUSECVE-2018-5335 at NVDCVE-2018-5336 at SUSECVE-2018-5336 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for wireshark fixes the following issues:
Security issue fixed (bsc#1082692):
- CVE-2018-7335: The IEEE 802.11 dissector could crash (wnpa-sec-2018-05)
- CVE-2018-7321: thrift long dissector loop (dissect_thrift_map)
- CVE-2018-7322: DICOM: inifinite loop (dissect_dcm_tag)
- CVE-2018-7323: WCCP: very long loop (dissect_wccp2_alternate_mask_value_set_element)
- CVE-2018-7324: SCCP: infinite loop (dissect_sccp_optional_parameters)
- CVE-2018-7325: RPKI-Router Protocol: infinite loop (dissect_rpkirtr_pdu)
- CVE-2018-7326: LLTD: infinite loop (dissect_lltd_tlv)
- CVE-2018-7327: openflow_v6: infinite loop (dissect_openflow_bundle_control_v6)
- CVE-2018-7328: USB-DARWIN: long loop (dissect_darwin_usb_iso_transfer)
- CVE-2018-7329: S7COMM: infinite loop (s7comm_decode_ud_cpu_alarm_main)
- CVE-2018-7330: thread_meshcop: infinite loop (get_chancount)
- CVE-2018-7331: GTP: infinite loop (dissect_gprscdr_GGSNPDPRecord, dissect_ber_set)
- CVE-2018-7332: RELOAD: infinite loop (dissect_statans)
- CVE-2018-7333: RPCoRDMA: infinite loop in get_write_list_chunk_count
- CVE-2018-7421: Multiple dissectors could go into large infinite loops (wnpa-sec-2018-06)
- CVE-2018-7334: The UMTS MAC dissector could crash (wnpa-sec-2018-07)
- CVE-2018-7337: The DOCSIS dissector could crash (wnpa-sec-2018-08)
- CVE-2018-7336: The FCP dissector could crash (wnpa-sec-2018-09)
- CVE-2018-7320: The SIGCOMP dissector could crash (wnpa-sec-2018-10)
- CVE-2018-7420: The pcapng file parser could crash (wnpa-sec-2018-11)
- CVE-2018-7417: The IPMI dissector could crash (wnpa-sec-2018-12)
- CVE-2018-7418: The SIGCOMP dissector could crash (wnpa-sec-2018-13)
- CVE-2018-7419: The NBAP disssector could crash (wnpa-sec-2018-14)
- CVE-2017-17997: Misuse of NULL pointer in MRDISC dissector (bsc#1077080).
ModerateSUSE bug 1077080SUSE bug 1082692CVE-2017-17997 at SUSECVE-2017-17997 at NVDCVE-2018-7320 at SUSECVE-2018-7320 at NVDCVE-2018-7321 at SUSECVE-2018-7321 at NVDCVE-2018-7322 at SUSECVE-2018-7322 at NVDCVE-2018-7323 at SUSECVE-2018-7323 at NVDCVE-2018-7324 at SUSECVE-2018-7324 at NVDCVE-2018-7325 at SUSECVE-2018-7325 at NVDCVE-2018-7326 at SUSECVE-2018-7326 at NVDCVE-2018-7327 at SUSECVE-2018-7327 at NVDCVE-2018-7328 at SUSECVE-2018-7328 at NVDCVE-2018-7329 at SUSECVE-2018-7329 at NVDCVE-2018-7330 at SUSECVE-2018-7330 at NVDCVE-2018-7331 at SUSECVE-2018-7331 at NVDCVE-2018-7332 at SUSECVE-2018-7332 at NVDCVE-2018-7333 at SUSECVE-2018-7333 at NVDCVE-2018-7334 at SUSECVE-2018-7334 at NVDCVE-2018-7335 at SUSECVE-2018-7335 at NVDCVE-2018-7336 at SUSECVE-2018-7336 at NVDCVE-2018-7337 at SUSECVE-2018-7337 at NVDCVE-2018-7417 at SUSECVE-2018-7417 at NVDCVE-2018-7418 at SUSECVE-2018-7418 at NVDCVE-2018-7419 at SUSECVE-2018-7419 at NVDCVE-2018-7420 at SUSECVE-2018-7420 at NVDCVE-2018-7421 at SUSECVE-2018-7421 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for wireshark fixes the following issues:
- Update to wireshark 2.2.14, fix such issues:
* bsc#1088200 VUL-0: wireshark: multiple vulnerabilities
fixed in 2.2.14, 2.4.6
* CVE-2018-9256: LWAPP dissector crash
* CVE-2018-9260: IEEE 802.15.4 dissector crash
* CVE-2018-9261: NBAP dissector crash
* CVE-2018-9262: VLAN dissector crash
* CVE-2018-9263: Kerberos dissector crash
* CVE-2018-9264: ADB dissector crash
* CVE-2018-9265: tn3270 dissector has a memory leak
* CVE-2018-9266: ISUP dissector memory leak
* CVE-2018-9267: LAPD dissector memory leak
* CVE-2018-9268: SMB2 dissector memory leak
* CVE-2018-9269: GIOP dissector memory leak
* CVE-2018-9270: OIDS dissector memory leak
* CVE-2018-9271: multipart dissector memory leak
* CVE-2018-9272: h223 dissector memory leak
* CVE-2018-9273: pcp dissector memory leak
* CVE-2018-9274: failure message memory leak
* CVE-2018-9259: MP4 dissector crash
ModerateSUSE bug 1088200CVE-2018-9256 at SUSECVE-2018-9256 at NVDCVE-2018-9259 at SUSECVE-2018-9259 at NVDCVE-2018-9260 at SUSECVE-2018-9260 at NVDCVE-2018-9261 at SUSECVE-2018-9261 at NVDCVE-2018-9262 at SUSECVE-2018-9262 at NVDCVE-2018-9263 at SUSECVE-2018-9263 at NVDCVE-2018-9264 at SUSECVE-2018-9264 at NVDCVE-2018-9265 at SUSECVE-2018-9265 at NVDCVE-2018-9266 at SUSECVE-2018-9266 at NVDCVE-2018-9267 at SUSECVE-2018-9267 at NVDCVE-2018-9268 at SUSECVE-2018-9268 at NVDCVE-2018-9269 at SUSECVE-2018-9269 at NVDCVE-2018-9270 at SUSECVE-2018-9270 at NVDCVE-2018-9271 at SUSECVE-2018-9271 at NVDCVE-2018-9272 at SUSECVE-2018-9272 at NVDCVE-2018-9273 at SUSECVE-2018-9273 at NVDCVE-2018-9274 at SUSECVE-2018-9274 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for wireshark fixes the following issues:
Security issues fixed:
- bsc#1094301: Wireshark security update to 2.6.1, 2.4.7, 2.2.15
- CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, bsc#1101810)
- CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, bsc#1101776)
- CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, bsc#1101786)
- CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, bsc#1101788)
- CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, bsc#1101804)
- CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, bsc#1101777)
- CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, bsc#1101802)
- CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, bsc#1101800)
- CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, bsc#1101791)
- CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, bsc#1101794)
- CVE-2018-11355: Fix RTCP dissector crash (bsc#1094301).
- CVE-2018-11362: Fix LDSS dissector crash (bsc#1094301).
- CVE-2018-11361: Fix IEEE 802.11 dissector crash (bsc#1094301).
- CVE-2018-11360: Fix GSM A DTAP dissector crash (bsc#1094301).
- CVE-2018-11358: Fix Q.931 dissector crash (bsc#1094301).
- CVE-2018-11359: Fix multiple dissectors crashs (bsc#1094301).
- CVE-2018-11356: Fix DNS dissector crash (bsc#1094301).
- CVE-2018-11357: Fix multiple dissectors that could consume excessive memory (bsc#1094301).
- CVE-2018-11354: Fix IEEE 1905.1a dissector crash (bsc#1094301).
ModerateSUSE bug 1094301SUSE bug 1101776SUSE bug 1101777SUSE bug 1101786SUSE bug 1101788SUSE bug 1101791SUSE bug 1101794SUSE bug 1101800SUSE bug 1101802SUSE bug 1101804SUSE bug 1101810CVE-2018-11354 at SUSECVE-2018-11354 at NVDCVE-2018-11355 at SUSECVE-2018-11355 at NVDCVE-2018-11356 at SUSECVE-2018-11356 at NVDCVE-2018-11357 at SUSECVE-2018-11357 at NVDCVE-2018-11358 at SUSECVE-2018-11358 at NVDCVE-2018-11359 at SUSECVE-2018-11359 at NVDCVE-2018-11360 at SUSECVE-2018-11360 at NVDCVE-2018-11361 at SUSECVE-2018-11361 at NVDCVE-2018-11362 at SUSECVE-2018-11362 at NVDCVE-2018-14339 at SUSECVE-2018-14339 at NVDCVE-2018-14340 at SUSECVE-2018-14340 at NVDCVE-2018-14341 at SUSECVE-2018-14341 at NVDCVE-2018-14342 at SUSECVE-2018-14342 at NVDCVE-2018-14343 at SUSECVE-2018-14343 at NVDCVE-2018-14344 at SUSECVE-2018-14344 at NVDCVE-2018-14367 at SUSECVE-2018-14367 at NVDCVE-2018-14368 at SUSECVE-2018-14368 at NVDCVE-2018-14369 at SUSECVE-2018-14369 at NVDCVE-2018-14370 at SUSECVE-2018-14370 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for wireshark fixes the following issues:
Update wireshark to version 2.2.17 (bsc#1106514):
Security issues fixed:
- CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44)
- CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45)
- CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46)
Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.17.html
ModerateSUSE bug 1106514CVE-2018-16056 at SUSECVE-2018-16056 at NVDCVE-2018-16057 at SUSECVE-2018-16057 at NVDCVE-2018-16058 at SUSECVE-2018-16058 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for wpa_supplicantSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes a remote code execution vulnerability in wpa_supplicant's
wpa_cli and hostapd_cli tools. CVE-2014-3686 has been assigned to this
issue.
Additionally, password based authentication with PKCS#5v2 has been enabled.
Security Issues:
* CVE-2014-3686
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686>
SUSE bug 868937SUSE bug 900611CVE-2014-3686 at SUSECVE-2014-3686 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for wpa_supplicant (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
wpa_supplicant was updated to fix two security issues.
These security issues were fixed:
- CVE-2015-4142: Integer underflow in the WMM Action frame parser in hostapd and wpa_supplicant, when used for AP mode MLME/SME functionality, allowed remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read (bsc#930078).
- CVE-2015-4141: The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), allowed remote attackers to cause a denial of service (crash) via a negative chunk length, which triggered an out-of-bounds read or heap-based buffer overflow (bsc#930077).
ModerateSUSE bug 930077SUSE bug 930078CVE-2015-4141 at SUSECVE-2015-4141 at NVDCVE-2015-4142 at SUSECVE-2015-4142 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for wpa_supplicant (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for wpa_supplicant fixes the following issues:
- Several vulnerabilities in standard conforming implementations of the WPA2
protocol have been discovered and published under the code name KRACK. This
update remedies those issues in a backwards compatible manner, i.e. the
updated wpa_supplicant can interface properly with both vulnerable and
patched implementations of WPA2, but an attacker won't be able to exploit the
KRACK weaknesses in those connections anymore even if the other party is
still vulnerable. [bsc#1056061, CVE-2017-13078, CVE-2017-13079,
CVE-2017-13080, CVE-2017-13081, CVE-2017-13087, CVE-2017-13088]
ImportantSUSE bug 1056061CVE-2017-13078 at SUSECVE-2017-13078 at NVDCVE-2017-13079 at SUSECVE-2017-13079 at NVDCVE-2017-13080 at SUSECVE-2017-13080 at NVDCVE-2017-13081 at SUSECVE-2017-13081 at NVDCVE-2017-13087 at SUSECVE-2017-13087 at NVDCVE-2017-13088 at SUSECVE-2017-13088 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for wpa_supplicant (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for wpa_supplicant fixes the following issues:
Security issue fixed:
- CVE-2015-0210: Fix broken certificate subject check (bsc#915323.)
ModerateSUSE bug 915323CVE-2015-0210 at SUSECVE-2015-0210 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for wpa_supplicant (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for wpa_supplicant fixes the following issues:
- CVE-2019-16275: AP mode PMF disconnection protection bypass (bsc#1150934)
ModerateSUSE bug 1150934CVE-2019-16275 at SUSECVE-2019-16275 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xalan-j2SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
xalan-j2 has been updated to ensure that secure processing can't be
circumvented (CVE-2014-0107).
Security Issues:
* CVE-2014-0107
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0107>
SUSE bug 870082CVE-2014-0107 at SUSECVE-2014-0107 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for XenSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Xen was updated to fix two security issues and a bug:
* CVE-2015-3456: A buffer overflow in the floppy drive emulation, which
could be used to carry out denial of service attacks or potential
code execution against the host. This vulnerability is also known as
VENOM.
* CVE-2015-3340: Xen did not initialize certain fields, which allowed
certain remote service domains to obtain sensitive information from
memory via a (1) XEN_DOMCTL_gettscinfo or (2)
XEN_SYSCTL_getdomaininfolist request.
* An exception in setCPUAffinity when restoring guests. (bsc#910441)
Security Issues:
* CVE-2015-3456
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3456>
* CVE-2015-3340
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3340>
SUSE bug 910441SUSE bug 927967SUSE bug 929339CVE-2015-3456 at SUSECVE-2015-3456 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for XenSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Xen has been updated to version 4.2.5 with additional patches to fix six
security issues:
* Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling
(CVE-2014-9030).
* Insufficient bounding of 'REP MOVS' to MMIO emulated inside the
hypervisor (CVE-2014-8867).
* Excessive checking in compatibility mode hypercall argument
translation (CVE-2014-8866).
* Guest user mode triggerable VM exits not handled by hypervisor
(bnc#903850).
* Missing privilege level checks in x86 emulation of far branches
(CVE-2014-8595).
* Insufficient restrictions on certain MMU update hypercalls
(CVE-2014-8594).
These non-security issues have been fixed:
* Xen save/restore of HVM guests cuts off disk and networking
(bnc#866902).
* Windows 2012 R2 fails to boot up with greater than 60 vcpus
(bnc#882089).
* Increase limit domUloader to 32MB (bnc#901317).
* Adjust xentop column layout (bnc#896023).
Security Issues:
* CVE-2014-9030
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9030>
* CVE-2014-8867
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8867>
* CVE-2014-8866
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8866>
* CVE-2014-8595
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8595>
* CVE-2014-8594
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8594>
SUSE bug 866902SUSE bug 882089SUSE bug 896023SUSE bug 901317SUSE bug 903850SUSE bug 903967SUSE bug 903970SUSE bug 905465SUSE bug 905467SUSE bug 906439CVE-2014-8594 at SUSECVE-2014-8594 at NVDCVE-2014-8595 at SUSECVE-2014-8595 at NVDCVE-2014-8866 at SUSECVE-2014-8866 at NVDCVE-2014-8867 at SUSECVE-2014-8867 at NVDCVE-2014-9030 at SUSECVE-2014-9030 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
xen was updated to fix the following security issues:
* CVE-2015-5165: QEMU leak of uninitialized heap memory in rtl8139 device model (bsc#939712, XSA-140)
* CVE-2015-5166: Use after free in QEMU/Xen block unplug protocol (bsc#939709, XSA-139)
* CVE-2015-2751: Certain domctl operations could have be used to lock up the host (bsc#922709, XSA-127)
* CVE-2015-3259: xl command line config handling stack overflow (bsc#935634, XSA-137)
* CVE-2015-4164: DoS through iret hypercall handler (bsc#932996, XSA-136)
* CVE-2015-5154: Host code execution via IDE subsystem CD-ROM (bsc#938344)
ImportantSUSE bug 922709SUSE bug 932996SUSE bug 935634SUSE bug 938344SUSE bug 939709SUSE bug 939712CVE-2015-2751 at SUSECVE-2015-2751 at NVDCVE-2015-3259 at SUSECVE-2015-3259 at NVDCVE-2015-4164 at SUSECVE-2015-4164 at NVDCVE-2015-5154 at SUSECVE-2015-5154 at NVDCVE-2015-5165 at SUSECVE-2015-5165 at NVDCVE-2015-5166 at SUSECVE-2015-5166 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
xen was updated to fix nine security issues.
These security issues were fixed:
- CVE-2015-4037: The slirp_smb function in net/slirp.c created temporary files with predictable names, which allowed local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program (bsc#932267).
- CVE-2014-0222: Integer overflow in the qcow_open function allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642).
- CVE-2015-7835: Uncontrolled creation of large page mappings by PV guests (bsc#950367).
- CVE-2015-7311: libxl in Xen did not properly handle the readonly flag on disks when using the qemu-xen device model, which allowed local guest users to write to a read-only disk image (bsc#947165).
- CVE-2015-5239: Integer overflow in vnc_client_read() and protocol_client_msg() (bsc#944463).
- CVE-2015-6815: With e1000 NIC emulation support it was possible to enter an infinite loop (bsc#944697).
- CVE-2015-7969: Leak of main per-domain vcpu pointer array leading to denial of service (bsc#950703).
- CVE-2015-7969: Leak of per-domain profiling- related vcpu pointer array leading to denial of service (bsc#950705).
- CVE-2015-7971: Some pmu and profiling hypercalls log without rate limiting (bsc#950706).
These non-security issues were fixed:
- bsc#907514: Bus fatal error: SLES 12 sudden reboot has been observed
- bsc#910258: SLES12 Xen host crashes with FATAL NMI after shutdown of guest with VT-d NIC
- bsc#918984: Bus fatal error: SLES11-SP4 sudden reboot has been observed
- bsc#923967: Partner-L3: Bus fatal error: SLES11-SP3 sudden reboot has been observed
- bsc#941074: Device 51728 could not be connected. Hotplug scripts not working
ImportantSUSE bug 877642SUSE bug 907514SUSE bug 910258SUSE bug 918984SUSE bug 923967SUSE bug 932267SUSE bug 941074SUSE bug 944463SUSE bug 944697SUSE bug 947165SUSE bug 950367SUSE bug 950703SUSE bug 950705SUSE bug 950706CVE-2014-0222 at SUSECVE-2014-0222 at NVDCVE-2015-4037 at SUSECVE-2015-4037 at NVDCVE-2015-5239 at SUSECVE-2015-5239 at NVDCVE-2015-6815 at SUSECVE-2015-6815 at NVDCVE-2015-7311 at SUSECVE-2015-7311 at NVDCVE-2015-7835 at SUSECVE-2015-7835 at NVDCVE-2015-7969 at SUSECVE-2015-7969 at NVDCVE-2015-7971 at SUSECVE-2015-7971 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
xen was updated to fix 36 security issues.
These security issues were fixed:
- CVE-2013-4527: Buffer overflow in hw/timer/hpet.c might have allowed remote attackers to execute arbitrary code via vectors related to the number of timers (bnc#864673).
- CVE-2013-4529: Buffer overflow in hw/pci/pcie_aer.c allowed remote attackers to cause a denial of service and possibly execute arbitrary code via a large log_num value in a savevm image (bnc#864678).
- CVE-2013-4530: Buffer overflow in hw/ssi/pl022.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via crafted tx_fifo_head and rx_fifo_head values in a savevm image (bnc#864682).
- CVE-2013-4533: Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm image (bsc#864655).
- CVE-2013-4534: Buffer overflow in hw/intc/openpic.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via vectors related to IRQDest elements (bsc#864811).
- CVE-2013-4537: The ssi_sd_transfer function in hw/sd/ssi-sd.c allowed remote attackers to execute arbitrary code via a crafted arglen value in a savevm image (bsc#864391).
- CVE-2013-4538: Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c allowed remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image (bsc#864769).
- CVE-2013-4539: Multiple buffer overflows in the tsc210x_load function in hw/input/tsc210x.c might have allowed remote attackers to execute arbitrary code via a crafted (1) precision, (2) nextprecision, (3) function, or (4) nextfunction value in a savevm image (bsc#864805).
- CVE-2014-0222: Integer overflow in the qcow_open function in block/qcow.c allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642).
- CVE-2014-3640: The sosendto function in slirp/udp.c allowed local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket (bsc#897654).
- CVE-2014-3689: The vmware-vga driver (hw/display/vmware_vga.c) allowed local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling (bsc#901508).
- CVE-2014-7815: The set_pixel_format function in ui/vnc.c allowed remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value (bsc#902737).
- CVE-2014-9718: The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality had multiple interpretations of a function's return value, which allowed guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions (bsc#928393).
- CVE-2015-5278: Infinite loop in ne2000_receive() function (bsc#945989).
- CVE-2015-6855: hw/ide/core.c did not properly restrict the commands accepted by an ATAPI device, which allowed guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash (bsc#945404).
- CVE-2015-7512: Buffer overflow in the pcnet_receive function in hw/net/pcnet.c, when a guest NIC has a larger MTU, allowed remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet (bsc#957162).
- CVE-2015-8345: eepro100: infinite loop in processing command block list (bsc#956829).
- CVE-2015-8504: VNC: floating point exception (bsc#958491).
- CVE-2015-8550: Paravirtualized drivers were incautious about shared memory contents (XSA-155) (bsc#957988).
- CVE-2015-8554: qemu-dm buffer overrun in MSI-X handling (XSA-164) (bsc#958007).
- CVE-2015-8555: Information leak in legacy x86 FPU/XMM initialization (XSA-165) (bsc#958009).
- CVE-2015-8558: Infinite loop in ehci_advance_state resulted in DoS (bsc#959005).
- CVE-2015-8743: ne2000: OOB memory access in ioport r/w functions (bsc#960725).
- CVE-2015-8745: Reading IMR registers lead to a crash via assert(2) call (bsc#960707).
- CVE-2016-1568: AHCI use-after-free vulnerability in aio port commands (bsc#961332).
- CVE-2016-1570: The PV superpage functionality in arch/x86/mm.c allowed local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1) MMUEXT_MARK_SUPER or (2) MMUEXT_UNMARK_SUPER sub-op in the HYPERVISOR_mmuext_op hypercall or (3) unknown vectors related to page table updates (bsc#960861).
- CVE-2016-1571: VMX: intercept issue with INVLPG on non-canonical address (XSA-168) (bsc#960862).
- CVE-2016-1714: nvram: OOB r/w access in processing firmware configurations (bsc#961691).
- CVE-2016-1981: e1000 infinite loop in start_xmit and e1000_receive_iov routines (bsc#963782).
- CVE-2016-2270: Xen allowed local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings (bsc#965315).
- CVE-2016-2271: VMX when using an Intel or Cyrix CPU, allowed local HVM guest users to cause a denial of service (guest crash) via vectors related to a non-canonical RIP (bsc#965317).
- CVE-2016-2391: usb: multiple eof_timers in ohci module lead to NULL pointer dereference (bsc#967013).
- CVE-2016-2392: NULL pointer dereference in remote NDIS control message handling (bsc#967012).
- CVE-2016-2538: Integer overflow in remote NDIS control message handling (bsc#967969).
- CVE-2016-2841: ne2000: Infinite loop in ne2000_receive (bsc#969350).
- XSA-166: ioreq handling possibly susceptible to multiple read issue (bsc#958523).
These non-security issues were fixed:
- bsc#954872: script block-dmmd not working as expected
- bsc#959695: Missing docs for xen
- bsc#967630: Discrepancy in reported memory size with correction XSA-153 for xend
- bsc#959928: When DomU is in state running xm domstate returned nothing
ImportantSUSE bug 864391SUSE bug 864655SUSE bug 864673SUSE bug 864678SUSE bug 864682SUSE bug 864769SUSE bug 864805SUSE bug 864811SUSE bug 877642SUSE bug 897654SUSE bug 901508SUSE bug 902737SUSE bug 928393SUSE bug 945404SUSE bug 945989SUSE bug 954872SUSE bug 956829SUSE bug 957162SUSE bug 957988SUSE bug 958007SUSE bug 958009SUSE bug 958491SUSE bug 958523SUSE bug 959005SUSE bug 959695SUSE bug 959928SUSE bug 960707SUSE bug 960725SUSE bug 960861SUSE bug 960862SUSE bug 961332SUSE bug 961691SUSE bug 963782SUSE bug 965315SUSE bug 965317SUSE bug 967012SUSE bug 967013SUSE bug 967630SUSE bug 967969SUSE bug 969350CVE-2013-4527 at SUSECVE-2013-4527 at NVDCVE-2013-4529 at SUSECVE-2013-4529 at NVDCVE-2013-4530 at SUSECVE-2013-4530 at NVDCVE-2013-4533 at SUSECVE-2013-4533 at NVDCVE-2013-4534 at SUSECVE-2013-4534 at NVDCVE-2013-4537 at SUSECVE-2013-4537 at NVDCVE-2013-4538 at SUSECVE-2013-4538 at NVDCVE-2013-4539 at SUSECVE-2013-4539 at NVDCVE-2014-0222 at SUSECVE-2014-0222 at NVDCVE-2014-3640 at SUSECVE-2014-3640 at NVDCVE-2014-3689 at SUSECVE-2014-3689 at NVDCVE-2014-7815 at SUSECVE-2014-7815 at NVDCVE-2014-9718 at SUSECVE-2014-9718 at NVDCVE-2015-5278 at SUSECVE-2015-5278 at NVDCVE-2015-6855 at SUSECVE-2015-6855 at NVDCVE-2015-7512 at SUSECVE-2015-7512 at NVDCVE-2015-8345 at SUSECVE-2015-8345 at NVDCVE-2015-8504 at SUSECVE-2015-8504 at NVDCVE-2015-8550 at SUSECVE-2015-8550 at NVDCVE-2015-8554 at SUSECVE-2015-8554 at NVDCVE-2015-8555 at SUSECVE-2015-8555 at NVDCVE-2015-8558 at SUSECVE-2015-8558 at NVDCVE-2015-8743 at SUSECVE-2015-8743 at NVDCVE-2015-8745 at SUSECVE-2015-8745 at NVDCVE-2016-1568 at SUSECVE-2016-1568 at NVDCVE-2016-1570 at SUSECVE-2016-1570 at NVDCVE-2016-1571 at SUSECVE-2016-1571 at NVDCVE-2016-1714 at SUSECVE-2016-1714 at NVDCVE-2016-1981 at SUSECVE-2016-1981 at NVDCVE-2016-2270 at SUSECVE-2016-2270 at NVDCVE-2016-2271 at SUSECVE-2016-2271 at NVDCVE-2016-2391 at SUSECVE-2016-2391 at NVDCVE-2016-2392 at SUSECVE-2016-2392 at NVDCVE-2016-2538 at SUSECVE-2016-2538 at NVDCVE-2016-2841 at SUSECVE-2016-2841 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2016-7094: Buffer overflow in Xen allowed local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update (bsc#995792)
- CVE-2016-7092: The get_page_from_l3e function in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables (bsc#995785)
- CVE-2016-5403: Unbounded memory allocation allowed a guest administrator to cause a denial of service of the host (bsc#990923)
- CVE-2016-6351: The esp_do_dma function in hw/scsi/esp.c, when built with ESP/NCR53C9x controller emulation support, allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or execute arbitrary code on the host via vectors involving DMA read into ESP command buffer (bsc#990843)
- CVE-2016-6258: The PV pagetable code in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries (bsc#988675)
- CVE-2016-5338: The (1) esp_reg_read and (2) esp_reg_write functions allowed local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the host via vectors related to the information transfer buffer (bsc#983984)
- CVE-2016-5238: The get_cmd function in hw/scsi/esp.c might have allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode (bsc#982960)
- CVE-2016-4453: The vmsvga_fifo_run function allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command (bsc#982225)
- CVE-2016-4454: The vmsvga_fifo_read_raw function allowed local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggered an out-of-bounds read (bsc#982224)
- CVE-2014-3672: The qemu implementation in libvirt Xen allowed local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr (bsc#981264)
- CVE-2016-4441: The get_cmd function in the 53C9X Fast SCSI Controller (FSC) support did not properly check DMA length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command (bsc#980724)
- CVE-2016-4439: The esp_reg_write function in the 53C9X Fast SCSI Controller (FSC) support did not properly check command buffer length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the host via unspecified vectors (bsc#980716)
- CVE-2016-3710: The VGA module improperly performed bounds checking on banked access to video memory, which allowed local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the 'Dark Portal' issue (bsc#978164)
- CVE-2016-4480: The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen did not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might have allowed local guest OS users to gain privileges via a crafted mapping of memory (bsc#978295)
- CVE-2016-3960: Integer overflow in the x86 shadow pagetable code allowed local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping (bsc#974038)
- CVE-2016-3158: The xrstor function did not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allowed local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits (bsc#973188)
- CVE-2016-4001: Buffer overflow in the stellaris_enet_receive function, when the Stellaris ethernet controller is configured to accept large packets, allowed remote attackers to cause a denial of service (QEMU crash) via a large packet (bsc#975130)
- CVE-2016-4002: Buffer overflow in the mipsnet_receive function, when the guest NIC is configured to accept large packets, allowed remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes (bsc#975138)
These non-security issues were fixed:
- bsc#985503: vif-route broken
- bsc#978413: PV guest upgrade from sles11sp4 to sles12sp2 alpha3 failed on sles11sp4 xen host.
- bsc#954872: Script block-dmmd not working as expected - libxl: error: libxl_dm.c (another modification)
- bsc#961600: Poor performance when Xen HVM domU configured with max memory > current memory
- bsc#963161: Windows VM getting stuck during load while a VF is assigned to it after upgrading to latest maintenance updates
- bsc#976470: Xend fails to start
- bsc#973631: AWS EC2 kdump issue
ImportantSUSE bug 954872SUSE bug 961600SUSE bug 963161SUSE bug 973188SUSE bug 973631SUSE bug 974038SUSE bug 975130SUSE bug 975138SUSE bug 976470SUSE bug 978164SUSE bug 978295SUSE bug 978413SUSE bug 980716SUSE bug 980724SUSE bug 981264SUSE bug 982224SUSE bug 982225SUSE bug 982960SUSE bug 983984SUSE bug 985503SUSE bug 988675SUSE bug 990843SUSE bug 990923SUSE bug 995785SUSE bug 995792CVE-2014-3615 at SUSECVE-2014-3615 at NVDCVE-2014-3672 at SUSECVE-2014-3672 at NVDCVE-2016-3158 at SUSECVE-2016-3158 at NVDCVE-2016-3159 at SUSECVE-2016-3159 at NVDCVE-2016-3710 at SUSECVE-2016-3710 at NVDCVE-2016-3712 at SUSECVE-2016-3712 at NVDCVE-2016-3960 at SUSECVE-2016-3960 at NVDCVE-2016-4001 at SUSECVE-2016-4001 at NVDCVE-2016-4002 at SUSECVE-2016-4002 at NVDCVE-2016-4439 at SUSECVE-2016-4439 at NVDCVE-2016-4441 at SUSECVE-2016-4441 at NVDCVE-2016-4453 at SUSECVE-2016-4453 at NVDCVE-2016-4454 at SUSECVE-2016-4454 at NVDCVE-2016-4480 at SUSECVE-2016-4480 at NVDCVE-2016-5238 at SUSECVE-2016-5238 at NVDCVE-2016-5338 at SUSECVE-2016-5338 at NVDCVE-2016-5403 at SUSECVE-2016-5403 at NVDCVE-2016-6258 at SUSECVE-2016-6258 at NVDCVE-2016-6351 at SUSECVE-2016-6351 at NVDCVE-2016-7092 at SUSECVE-2016-7092 at NVDCVE-2016-7094 at SUSECVE-2016-7094 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host (bsc#1011652)
- CVE-2016-9386: x86 null segments were not always treated as unusable allowing an unprivileged guest user program to elevate its privilege to that of the guest operating system. Exploit of this vulnerability is easy on Intel and more complicated on AMD (bsc#1009100)
- CVE-2016-9382: x86 task switch to VM86 mode was mis-handled, allowing a unprivileged guest process to escalate its privilege to that of the guest operating system on AMD hardware. On Intel hardware a malicious unprivileged guest process can crash the guest (bsc#1009103)
- CVE-2016-9383: The x86 64-bit bit test instruction emulation was broken, allowing a guest to modify arbitrary memory leading to arbitray code execution (bsc#1009107)
- CVE-2016-9381: Improper processing of shared rings allowing guest administrators take over the qemu process, elevating their privilege to that of the qemu process (bsc#1009109)
- CVE-2016-9380: Delimiter injection vulnerabilities in pygrub allowed guest administrators to obtain the contents of sensitive host files or delete the files (bsc#1009111)
- CVE-2016-9379: Delimiter injection vulnerabilities in pygrub allowed guest administrators to obtain the contents of sensitive host files or delete the files (bsc#1009111)
- CVE-2016-7777: Xen did not properly honor CR0.TS and CR0.EM, which allowed local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emulate it (bsc#1000106)
- CVE-2016-8910: The rtl8139_cplus_transmit function in hw/net/rtl8139.c allowed local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count (bsc#1007157)
- CVE-2016-8909: The intel_hda_xfer function in hw/audio/intel-hda.c allowed local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position (bsc#1007160)
- CVE-2016-8667: The rc4030_write function in hw/dma/rc4030.c in allowed local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large interval timer reload value (bsc#1005004)
- CVE-2016-8669: The serial_update_parameters function in hw/char/serial.c allowed local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base (bsc#1005005)
- CVE-2016-7908: The mcf_fec_do_tx function in hw/net/mcf_fec.c did not properly limit the buffer descriptor count when transmitting packets, which allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags (bsc#1003030)
- CVE-2016-7909: The pcnet_rdra_addr function in hw/net/pcnet.c allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to 0 (bsc#1003032)
This non-security issue was fixed:
- bsc#1000893: virsh setmem didn't allow to set current guest memory to max limit
ImportantSUSE bug 1000106SUSE bug 1000893SUSE bug 1003030SUSE bug 1003032SUSE bug 1005004SUSE bug 1005005SUSE bug 1007157SUSE bug 1007160SUSE bug 1009100SUSE bug 1009103SUSE bug 1009107SUSE bug 1009109SUSE bug 1009111SUSE bug 1011652CVE-2016-7777 at SUSECVE-2016-7777 at NVDCVE-2016-7908 at SUSECVE-2016-7908 at NVDCVE-2016-7909 at SUSECVE-2016-7909 at NVDCVE-2016-8667 at SUSECVE-2016-8667 at NVDCVE-2016-8669 at SUSECVE-2016-8669 at NVDCVE-2016-8909 at SUSECVE-2016-8909 at NVDCVE-2016-8910 at SUSECVE-2016-8910 at NVDCVE-2016-9379 at SUSECVE-2016-9379 at NVDCVE-2016-9380 at SUSECVE-2016-9380 at NVDCVE-2016-9381 at SUSECVE-2016-9381 at NVDCVE-2016-9382 at SUSECVE-2016-9382 at NVDCVE-2016-9383 at SUSECVE-2016-9383 at NVDCVE-2016-9386 at SUSECVE-2016-9386 at NVDCVE-2016-9637 at SUSECVE-2016-9637 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2014-3615: The VGA emulator in QEMU allowed local guest users to read host memory by setting the display to a high resolution (bsc#895528).
- CVE-2016-3712: Integer overflow in the VGA module allowed local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode (bsc#978160).
- CVE-2016-7777: Xen did not properly honor CR0.TS and CR0.EM, which allowed local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emulate it (bsc#1000106)
- CVE-2016-7908: The mcf_fec_do_tx function in hw/net/mcf_fec.c did not properly limit the buffer descriptor count when transmitting packets, which allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags (bsc#1003030)
- CVE-2016-7909: The pcnet_rdra_addr function in hw/net/pcnet.c allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to 0 (bsc#1003032)
- CVE-2016-8667: The rc4030_write function in hw/dma/rc4030.c in allowed local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large interval timer reload value (bsc#1005004)
- CVE-2016-8669: The serial_update_parameters function in hw/char/serial.c allowed local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base (bsc#1005005)
- CVE-2016-8909: The intel_hda_xfer function in hw/audio/intel-hda.c allowed local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position (bsc#1007160)
- CVE-2016-8910: The rtl8139_cplus_transmit function in hw/net/rtl8139.c allowed local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count (bsc#1007157)
- CVE-2016-9379: Delimiter injection vulnerabilities in pygrub allowed guest administrators to obtain the contents of sensitive host files or delete the files (bsc#1009111)
- CVE-2016-9380: Delimiter injection vulnerabilities in pygrub allowed guest administrators to obtain the contents of sensitive host files or delete the files (bsc#1009111)
- CVE-2016-9381: Improper processing of shared rings allowing guest administrators take over the qemu process, elevating their privilege to that of the qemu process (bsc#1009109)
- CVE-2016-9382: x86 task switch to VM86 mode was mis-handled, allowing a unprivileged guest process to escalate its privilege to that of the guest operating system on AMD hardware. On Intel hardware a malicious unprivileged guest process can crash the guest (bsc#1009103)
- CVE-2016-9383: The x86 64-bit bit test instruction emulation was broken, allowing a guest to modify arbitrary memory leading to arbitray code execution (bsc#1009107)
- CVE-2016-9386: x86 null segments were not always treated as unusable allowing an unprivileged guest user program to elevate its privilege to that of the guest operating system. Exploit of this vulnerability is easy on Intel and more complicated on AMD (bsc#1009100)
- CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host (bsc#1011652)
- CVE-2016-4480: The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen did not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might have allowed local guest OS users to gain privileges via a crafted mapping of memory (bsc#978295)
- CVE-2016-6258: The PV pagetable code in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries (bsc#988675)
- CVE-2016-7094: Buffer overflow in Xen allowed local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update (bsc#995792)
- CVE-2016-7092: The get_page_from_l3e function in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables (bsc#995785)
- CVE-2016-5403: The virtqueue_pop function in hw/virtio/virtio.c in QEMU allowed local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion (boo#990923)
- CVE-2016-6351: The esp_do_dma function in hw/scsi/esp.c, when built with ESP/NCR53C9x controller emulation support, allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or execute arbitrary code on the host via vectors involving DMA read into ESP command buffer (bsc#990843)
- CVE-2016-5338: The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allowed local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information transfer buffer (bsc#983984)
- CVE-2016-5238: The get_cmd function in hw/scsi/esp.c in QEMU allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode (bsc#982960)
- CVE-2016-4453: The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command (bsc#982225)
- CVE-2016-4454: The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allowed local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read (bsc#982224)
- CVE-2014-3672: The qemu implementation in libvirt Xen allowed local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr (bsc#981264)
- CVE-2016-4441: The get_cmd function in the 53C9X Fast SCSI Controller (FSC) support did not properly check DMA length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command (bsc#980724)
- CVE-2016-4439: The esp_reg_write function in the 53C9X Fast SCSI Controller (FSC) support did not properly check command buffer length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the host via unspecified vectors (bsc#980716)
- CVE-2016-3710: The VGA module improperly performed bounds checking on banked access to video memory, which allowed local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the 'Dark Portal' issue (bsc#978164)
- CVE-2016-3960: Integer overflow in the x86 shadow pagetable code allowed local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping (bsc#974038)
- CVE-2016-3159: The fpu_fxrstor function in arch/x86/i387.c did not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allowed local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits (bsc#973188)
- CVE-2016-3158: The xrstor function did not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allowed local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits (bsc#973188)
- CVE-2016-4001: Buffer overflow in the stellaris_enet_receive function, when the Stellaris ethernet controller is configured to accept large packets, allowed remote attackers to cause a denial of service (QEMU crash) via a large packet (bsc#975130)
- CVE-2016-4002: Buffer overflow in the mipsnet_receive function, when the guest NIC is configured to accept large packets, allowed remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes (bsc#975138)
- CVE-2016-2841: The ne2000_receive function in the NE2000 NIC emulation support (hw/net/ne2000.c) allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via crafted values for the PSTART and PSTOP registers, involving ring buffer control (bsc#969351)
- CVE-2016-2538: Multiple integer overflows in the USB Net device emulator (hw/usb/dev-network.c) allowed local guest OS administrators to cause a denial of service (QEMU process crash) or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the (1) rndis_query_response, (2) rndis_set_response, or (3) usb_net_handle_dataout function (bsc#968004).
- CVE-2016-2391: The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allowed local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers (bsc#967101)
- CVE-2016-2392: The is_rndis function in the USB Net device emulator (hw/usb/dev-network.c) in QEMU did not properly validate USB configuration descriptor objects, which allowed local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving a remote NDIS control message packet (bsc#967090)
- CVE-2016-2270: Xen allowed local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings (bsc#965315)
- CVE-2016-2271: VMX in Xen, when using an Intel or Cyrix CPU, allowed local HVM guest users to cause a denial of service (guest crash) via vectors related to a non-canonical RIP (bsc#965317)
- CVE-2015-6855: hw/ide/core.c did not properly restrict the commands accepted by an ATAPI device, which allowed guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash (bsc#965156).
- CVE-2014-3640: The sosendto function in slirp/udp.c allowed local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket (bsc#965112)
- CVE-2013-4529: Buffer overflow in hw/pci/pcie_aer.c allowed remote attackers to cause a denial of service and possibly execute arbitrary code via a large log_num value in a savevm image (bsc#964929).
- CVE-2015-5278: Infinite loop in ne2000_receive() function allowed a privileged user inside the guest to crash the Qemu instance resulting in DoS (bsc#964947)
- CVE-2013-4530: Buffer overflow in hw/ssi/pl022.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via crafted tx_fifo_head and rx_fifo_head values in a savevm image (bsc#964950).
- CVE-2015-8345: The i8255x (PRO100) emulation support was vulnerable to an infinite loop issue that allowed a privileged (CAP_SYS_RAWIO) user inside guest to crash the Qemu instance resulting in DoS (bsc#956832)
- CVE-2013-4533: Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm image (bsc#964644)
- CVE-2013-4527: Buffer overflow in hw/timer/hpet.c might have allowed remote attackers to execute arbitrary code via vectors related to the number of timers (bsc#964746).
- CVE-2014-0222: Integer overflow in the qcow_open function in block/qcow.c allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#964925)
- CVE-2014-9718: The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality had multiple interpretations of a function's return value, which allowed guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions (bsc#964431).
- CVE-2013-4534: Buffer overflow in hw/intc/openpic.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via vectors related to IRQDest elements (bsc#964452)
- CVE-2016-1981: A:infinite loop in start_xmit and e1000_receive_iov routines allowed a privileged user inside the guest to crash the Qemu instance resulting in DoS (bsc#963783)
- CVE-2013-4539: Multiple buffer overflows in the tsc210x_load function in hw/input/tsc210x.c might have allowed remote attackers to execute arbitrary code via a crafted (1) precision, (2) nextprecision, (3) function, or (4) nextfunction value in a savevm image (bsc#962758)
- CVE-2013-4537: The ssi_sd_transfer function in hw/sd/ssi-sd.c allowed remote attackers to execute arbitrary code via a crafted arglen value in a savevm image (bsc#962642)
- CVE-2014-7815: The set_pixel_format function in ui/vnc.c allowed remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value (bsc#962627)
- CVE-2014-3689: The vmware-vga driver (hw/display/vmware_vga.c) allowed local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling (bsc#962611)
- CVE-2013-4538: Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c allowed remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image (bsc#962335)
- CVE-2015-7512: Buffer overflow in the pcnet_receive function in hw/net/pcnet.c, when a guest NIC has a larger MTU, allowed remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet (bsc#962360)
- CVE-2016-1714: The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c when built with the Firmware Configuration device emulation support, allowed guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service (out-of-bounds read or write access and process crash) or possibly execute arbitrary code via an invalid current entry value in a firmware configuration (bsc#961692)
- CVE-2016-1568: Use-after-free vulnerability in hw/ide/ahci.c, when built with IDE AHCI Emulation support, allowed guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via an invalid AHCI Native Command Queuing (NCQ) AIO command (bsc#961332).
- CVE-2016-1571: The paging_invlpg function in include/asm-x86/paging.h in Xen when using shadow mode paging or nested virtualization is enabled, allowed local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a hypervisor bug check (bsc#960862)
- CVE-2016-1570: The PV superpage functionality in arch/x86/mm.c allowed local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1) MMUEXT_MARK_SUPER or (2) MMUEXT_UNMARK_SUPER sub-op in the HYPERVISOR_mmuext_op hypercall or (3) unknown vectors related to page table updates (bsc#960861).
- CVE-2015-8743: A OOB memory access in ioport r/w functions allowed a privileged (CAP_SYS_RAWIO) user/process to use this flaw to leak or corrupt Qemu memory bytes (bsc#960726)
- CVE-2015-8550: Xen, when used on a system providing PV backends, allowed local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability (bsc#957988)
- CVE-2015-8558: The ehci_process_itd function in hw/usb/hcd-ehci.c allowed local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer descriptor (iTD) list (bsc#959006).
- CVE-2015-8504: The VNC display driver support was vulnerable to an arithmetic exception flaw that allowed a privileged remote client to crash the guest resulting in DoS (bsc#958493)
- CVE-2015-8554: Buffer overflow in hw/pt-msi.c in Xen, when using the qemu-xen-traditional (aka qemu-dm) device model, allowed local x86 HVM guest administrators to gain privileges by leveraging a system with access to a passed-through MSI-X capable physical PCI device and MSI-X table entries, related to a 'write path.' (bsc#958007)
- CVE-2015-8555: Xen did not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allowed local guest domains to obtain sensitive information from other domains via unspecified vectors (bsc#958009)
- CVE-2016-9932: CMPXCHG8B emulation failed to ignore operand size override which could have lead to information disclosure.
- CVE-2016-10013: A Mishandling of SYSCALL singlestep during emulation which could have lead to privilege escalation.
- bsc#958523: ioreq handling possibly susceptible to multiple read issue leading to DoS or worse, depending on the configuration
- CVE-2016-10024: bsc#1014298: PV guests may have been able to mask interrupts causing a Denial of Service.
These non-security issues were fixed:
- bsc#1000893: virsh setmem didn't allow to set current guest memory to max limit
- bsc#954872: script block-dmmd not working as expected
- bsc#959928: xm domstate - when DomU is in state running xm domstate returned nothing
- bsc#959695: Added missing docs for xen
- bsc#967630: Fixed discrepancy in reported memory size with correction XSA-153 for xend
- bsc#963161: Windows VM was getting stuck during load while a VF was assigned to it
- bsc#976470: Xend failed to start
- bsc#961600: Fixed poor performance when Xen HVM domU configured with max memory greater than current memory
- bsc#978413: PV guest upgrade from SLES11SP4 to SLES12SP2 alpha3 failed on SLES11SP4 xen host.
- bsc#985503: vif-route broken
ImportantSUSE bug 1000106SUSE bug 1000893SUSE bug 1003030SUSE bug 1003032SUSE bug 1005004SUSE bug 1005005SUSE bug 1007157SUSE bug 1007160SUSE bug 1009100SUSE bug 1009103SUSE bug 1009107SUSE bug 1009109SUSE bug 1009111SUSE bug 1011652SUSE bug 1012651SUSE bug 1014298SUSE bug 1016340SUSE bug 895528SUSE bug 954872SUSE bug 956832SUSE bug 957988SUSE bug 958007SUSE bug 958009SUSE bug 958493SUSE bug 958523SUSE bug 959006SUSE bug 959695SUSE bug 959928SUSE bug 960726SUSE bug 960861SUSE bug 960862SUSE bug 961332SUSE bug 961600SUSE bug 961692SUSE bug 962335SUSE bug 962360SUSE bug 962611SUSE bug 962627SUSE bug 962642SUSE bug 962758SUSE bug 963161SUSE bug 963783SUSE bug 964431SUSE bug 964452SUSE bug 964644SUSE bug 964746SUSE bug 964925SUSE bug 964929SUSE bug 964947SUSE bug 964950SUSE bug 965112SUSE bug 965156SUSE bug 965315SUSE bug 965317SUSE bug 967090SUSE bug 967101SUSE bug 967630SUSE bug 968004SUSE bug 969351SUSE bug 973188SUSE bug 973631SUSE bug 974038SUSE bug 975130SUSE bug 975138SUSE bug 976470SUSE bug 978160SUSE bug 978164SUSE bug 978295SUSE bug 978413SUSE bug 980716SUSE bug 980724SUSE bug 981264SUSE bug 982224SUSE bug 982225SUSE bug 982960SUSE bug 983984SUSE bug 985503SUSE bug 988675SUSE bug 990843SUSE bug 990923SUSE bug 995785SUSE bug 995792CVE-2013-4527 at SUSECVE-2013-4527 at NVDCVE-2013-4529 at SUSECVE-2013-4529 at NVDCVE-2013-4530 at SUSECVE-2013-4530 at NVDCVE-2013-4533 at SUSECVE-2013-4533 at NVDCVE-2013-4534 at SUSECVE-2013-4534 at NVDCVE-2013-4537 at SUSECVE-2013-4537 at NVDCVE-2013-4538 at SUSECVE-2013-4538 at NVDCVE-2013-4539 at SUSECVE-2013-4539 at NVDCVE-2014-0222 at SUSECVE-2014-0222 at NVDCVE-2014-3615 at SUSECVE-2014-3615 at NVDCVE-2014-3640 at SUSECVE-2014-3640 at NVDCVE-2014-3672 at SUSECVE-2014-3672 at NVDCVE-2014-3689 at SUSECVE-2014-3689 at NVDCVE-2014-7815 at SUSECVE-2014-7815 at NVDCVE-2014-9718 at SUSECVE-2014-9718 at NVDCVE-2015-5278 at SUSECVE-2015-5278 at NVDCVE-2015-6855 at SUSECVE-2015-6855 at NVDCVE-2015-7512 at SUSECVE-2015-7512 at NVDCVE-2015-8345 at SUSECVE-2015-8345 at NVDCVE-2015-8504 at SUSECVE-2015-8504 at NVDCVE-2015-8550 at SUSECVE-2015-8550 at NVDCVE-2015-8554 at SUSECVE-2015-8554 at NVDCVE-2015-8555 at SUSECVE-2015-8555 at NVDCVE-2015-8558 at SUSECVE-2015-8558 at NVDCVE-2015-8743 at SUSECVE-2015-8743 at NVDCVE-2016-10013 at SUSECVE-2016-10013 at NVDCVE-2016-10024 at SUSECVE-2016-10024 at NVDCVE-2016-1568 at SUSECVE-2016-1568 at NVDCVE-2016-1570 at SUSECVE-2016-1570 at NVDCVE-2016-1571 at SUSECVE-2016-1571 at NVDCVE-2016-1714 at SUSECVE-2016-1714 at NVDCVE-2016-1981 at SUSECVE-2016-1981 at NVDCVE-2016-2270 at SUSECVE-2016-2270 at NVDCVE-2016-2271 at SUSECVE-2016-2271 at NVDCVE-2016-2391 at SUSECVE-2016-2391 at NVDCVE-2016-2392 at SUSECVE-2016-2392 at NVDCVE-2016-2538 at SUSECVE-2016-2538 at NVDCVE-2016-2841 at SUSECVE-2016-2841 at NVDCVE-2016-3158 at SUSECVE-2016-3158 at NVDCVE-2016-3159 at SUSECVE-2016-3159 at NVDCVE-2016-3710 at SUSECVE-2016-3710 at NVDCVE-2016-3712 at SUSECVE-2016-3712 at NVDCVE-2016-3960 at SUSECVE-2016-3960 at NVDCVE-2016-4001 at SUSECVE-2016-4001 at NVDCVE-2016-4002 at SUSECVE-2016-4002 at NVDCVE-2016-4439 at SUSECVE-2016-4439 at NVDCVE-2016-4441 at SUSECVE-2016-4441 at NVDCVE-2016-4453 at SUSECVE-2016-4453 at NVDCVE-2016-4454 at SUSECVE-2016-4454 at NVDCVE-2016-4480 at SUSECVE-2016-4480 at NVDCVE-2016-5238 at SUSECVE-2016-5238 at NVDCVE-2016-5338 at SUSECVE-2016-5338 at NVDCVE-2016-5403 at SUSECVE-2016-5403 at NVDCVE-2016-6258 at SUSECVE-2016-6258 at NVDCVE-2016-6351 at SUSECVE-2016-6351 at NVDCVE-2016-7092 at SUSECVE-2016-7092 at NVDCVE-2016-7094 at SUSECVE-2016-7094 at NVDCVE-2016-7777 at SUSECVE-2016-7777 at NVDCVE-2016-7908 at SUSECVE-2016-7908 at NVDCVE-2016-7909 at SUSECVE-2016-7909 at NVDCVE-2016-8667 at SUSECVE-2016-8667 at NVDCVE-2016-8669 at SUSECVE-2016-8669 at NVDCVE-2016-8909 at SUSECVE-2016-8909 at NVDCVE-2016-8910 at SUSECVE-2016-8910 at NVDCVE-2016-9379 at SUSECVE-2016-9379 at NVDCVE-2016-9380 at SUSECVE-2016-9380 at NVDCVE-2016-9381 at SUSECVE-2016-9381 at NVDCVE-2016-9382 at SUSECVE-2016-9382 at NVDCVE-2016-9383 at SUSECVE-2016-9383 at NVDCVE-2016-9386 at SUSECVE-2016-9386 at NVDCVE-2016-9637 at SUSECVE-2016-9637 at NVDCVE-2016-9932 at SUSECVE-2016-9932 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2016-10155: The virtual hardware watchdog 'wdt_i6300esb' was vulnerable to a memory leakage issue allowing a privileged user to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1024183)
- CVE-2017-2620: In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine cirrus_bitblt_cputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation (bsc#1024834)
- CVE-2017-2615: An error in the bitblt copy operation could have allowed a malicious guest administrator to cause an out of bounds memory access, possibly leading to information disclosure or privilege escalation (bsc#1023004)
- CVE-2014-8106: A heap-based buffer overflow in the Cirrus VGA emulator allowed local guest users to execute arbitrary code via vectors related to blit regions (bsc#907805)
- CVE-2016-9911: The USB EHCI Emulation support was vulnerable to a memory leakage issue while processing packet data in 'ehci_init_transfer'. A guest user/process could have used this issue to leak host memory, resulting in DoS for the host (bsc#1014507)
- CVE-2016-9921: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1015169)
- CVE-2016-9922: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1015169)
- CVE-2016-10013: Xen allowed local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation (bsc#1016340).
- CVE-2016-9932: CMPXCHG8B emulation on x86 systems allowed local HVM guest OS users to obtain sensitive information from host stack memory via a 'supposedly-ignored' operand size prefix (bsc#1012651).
- CVE-2016-9101: A memory leak in hw/net/eepro100.c allowed local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device (bsc#1013668)
- CVE-2016-9776: The ColdFire Fast Ethernet Controller emulator support was vulnerable to an infinite loop issue while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could have used this issue to crash the Qemu process on the host leading to DoS (bsc#1013657)
- A malicious guest could have, by frequently rebooting over extended periods of time, run the host system out of memory, resulting in a Denial of Service (DoS) (bsc#1022871)
- CVE-2016-10024: Xen allowed local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations (bsc#1014298)
This non-security issue was fixed:
- bsc#1002496: Added support for reloading clvm in block-dmmd block-dmmd
ImportantSUSE bug 1002496SUSE bug 1012651SUSE bug 1013657SUSE bug 1013668SUSE bug 1014298SUSE bug 1014507SUSE bug 1015169SUSE bug 1016340SUSE bug 1022871SUSE bug 1023004SUSE bug 1024183SUSE bug 1024834SUSE bug 907805CVE-2014-8106 at SUSECVE-2014-8106 at NVDCVE-2016-10013 at SUSECVE-2016-10013 at NVDCVE-2016-10024 at SUSECVE-2016-10024 at NVDCVE-2016-10155 at SUSECVE-2016-10155 at NVDCVE-2016-9101 at SUSECVE-2016-9101 at NVDCVE-2016-9776 at SUSECVE-2016-9776 at NVDCVE-2016-9911 at SUSECVE-2016-9911 at NVDCVE-2016-9921 at SUSECVE-2016-9921 at NVDCVE-2016-9922 at SUSECVE-2016-9922 at NVDCVE-2016-9932 at SUSECVE-2016-9932 at NVDCVE-2017-2615 at SUSECVE-2017-2615 at NVDCVE-2017-2620 at SUSECVE-2017-2620 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2016-10155: The virtual hardware watchdog 'wdt_i6300esb' was vulnerable to a memory leakage issue allowing a privileged user to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1024183)
- CVE-2017-2620: In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine cirrus_bitblt_cputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation (bsc#1024834)
- CVE-2017-2615: An error in the bitblt copy operation could have allowed a malicious guest administrator to cause an out of bounds memory access, possibly leading to information disclosure or privilege escalation (bsc#1023004)
- CVE-2014-8106: A heap-based buffer overflow in the Cirrus VGA emulator allowed local guest users to execute arbitrary code via vectors related to blit regions (bsc#907805)
- A malicious guest could have, by frequently rebooting over extended periods of time, run the host system out of memory, resulting in a Denial of Service (DoS) (bsc#1022871)
- CVE-2016-9911: The USB EHCI Emulation support was vulnerable to a memory leakage issue while processing packet data in 'ehci_init_transfer'. A guest user/process could have used this issue to leak host memory, resulting in DoS for the host (bsc#1014507)
- CVE-2016-9921: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1015169)
- CVE-2016-9922: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1015169)
- CVE-2016-9101: A memory leak in hw/net/eepro100.c allowed local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device (bsc#1013668)
- CVE-2016-9776: The ColdFire Fast Ethernet Controller emulator support was vulnerable to an infinite loop issue while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could have used this issue to crash the Qemu process on the host leading to DoS (bsc#1013657)
This non-security issue was fixed:
- bsc#1002496: Added support for reloading clvm in block-dmmd block-dmmd
ImportantSUSE bug 1002496SUSE bug 1013657SUSE bug 1013668SUSE bug 1014507SUSE bug 1015169SUSE bug 1022871SUSE bug 1023004SUSE bug 1024183SUSE bug 1024834SUSE bug 907805CVE-2014-8106 at SUSECVE-2014-8106 at NVDCVE-2016-10155 at SUSECVE-2016-10155 at NVDCVE-2016-9101 at SUSECVE-2016-9101 at NVDCVE-2016-9776 at SUSECVE-2016-9776 at NVDCVE-2016-9911 at SUSECVE-2016-9911 at NVDCVE-2016-9921 at SUSECVE-2016-9921 at NVDCVE-2016-9922 at SUSECVE-2016-9922 at NVDCVE-2017-2615 at SUSECVE-2017-2615 at NVDCVE-2017-2620 at SUSECVE-2017-2620 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
This update for xen fixes the following security issues:
- CVE-2017-7228: Broken check in memory_exchange() permited PV guest breakout (bsc#1030442).
- CVE-2017-6414: Memory leak in the vcard_apdu_new function in card_7816.c in libcacard allowed local guest OS users to cause a denial of service (host memory consumption) via vectors related to allocating a new APDU object (bsc#1027570).
- CVE-2017-6505: The ohci_service_ed_list function in hw/usb/hcd-ohci.c allowed local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors (bsc#1028235).
ImportantSUSE bug 1027570SUSE bug 1028235SUSE bug 1030442CVE-2017-6414 at SUSECVE-2017-6414 at NVDCVE-2017-6505 at SUSECVE-2017-6505 at NVDCVE-2017-7228 at SUSECVE-2017-7228 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes the following security issues:
- CVE-2017-7228: Broken check in memory_exchange() permited PV guest breakout (bsc#1030442).
- CVE-2017-6414: Memory leak in the vcard_apdu_new function in card_7816.c in libcacard allowed local guest OS users to cause a denial of service (host memory consumption) via vectors related to allocating a new APDU object (bsc#1027570).
- CVE-2017-6505: The ohci_service_ed_list function in hw/usb/hcd-ohci.c allowed local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors (bsc#1028235).
ImportantSUSE bug 1027570SUSE bug 1028235SUSE bug 1030442CVE-2017-6414 at SUSECVE-2017-6414 at NVDCVE-2017-6505 at SUSECVE-2017-6505 at NVDCVE-2017-7228 at SUSECVE-2017-7228 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes the following security issues:
- CVE-2017-7980: An out-of-bounds r/w access issues in the Cirrus CLGD 54xx VGA Emulator support allowed privileged user inside guest to use this flaw to crash the Qemu process resulting in DoS or potentially execute arbitrary code on a host with privileges of Qemu process on the host (bsc#1035483).
- A malicious 64-bit PV guest may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks by placing a IRET hypercall in the middle of a multicall batch (XSA-213, bsc#1034843)
- A malicious pair of guests may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks because of a missing check when transfering pages via GNTTABOP_transfer (XSA-214, bsc#1034844).
- Incorrect checks when handling exceptions allowed a malicious or buggy 64-bit PV guest to modify part of a physical memory page not belonging to it, potentially allowing for all of privilege escalation, host or other guest crashes, and information leaks (XSA-215, bsc#1034845)
- CVE-2017-7718: hw/display/cirrus_vga_rop.h allowed local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions (bsc#1034994).
- CVE-2017-7995: Incorrect address range validation potentially allowing PV guests to access MMIO memory with read side effects (bsc#1033948).
- CVE-2016-9603: A privileged user within the guest VM could have caused a heap overflow in the device model process, potentially escalating their privileges to that of the device model process (bsc#1028655)
ImportantSUSE bug 1028655SUSE bug 1033948SUSE bug 1034843SUSE bug 1034844SUSE bug 1034845SUSE bug 1034994SUSE bug 1035483CVE-2016-9603 at SUSECVE-2016-9603 at NVDCVE-2017-7718 at SUSECVE-2017-7718 at NVDCVE-2017-7980 at SUSECVE-2017-7980 at NVDCVE-2017-7995 at SUSECVE-2017-7995 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
This update for xen fixes several security issues:
- A malicious 64-bit PV guest may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks by placing a IRET hypercall in the middle of a multicall batch (XSA-213, bsc#1034843)
- A malicious pair of guests may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks because of a missing check when transfering pages via GNTTABOP_transfer (XSA-214, bsc#1034844).
- CVE-2017-7718: hw/display/cirrus_vga_rop.h allowed local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions (bsc#1034994).
- CVE-2016-9603: A privileged user within the guest VM could have caused a heap overflow in the device model process, potentially escalating their privileges to that of the device model process (bsc#1028655)
ImportantSUSE bug 1028655SUSE bug 1033948SUSE bug 1034843SUSE bug 1034844SUSE bug 1034845SUSE bug 1034994SUSE bug 1035483CVE-2016-9603 at SUSECVE-2016-9603 at NVDCVE-2017-7718 at SUSECVE-2017-7718 at NVDCVE-2017-7980 at SUSECVE-2017-7980 at NVDCVE-2017-7995 at SUSECVE-2017-7995 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
This update for xen fixes the following security issues:
- blkif responses leaked backend stack data, which allowed unprivileged guest to obtain sensitive information from the host or other guests (XSA-216, bsc#1042863)
- Page transfer might have allowed PV guest to elevate privilege (XSA-217, bsc#1042882)
- Races in the grant table unmap code allowed for informations leaks and potentially privilege escalation (XSA-218, bsc#1042893)
- Insufficient reference counts during shadow emulation allowed a malicious pair of guest to elevate their privileges to the privileges that XEN runs under (XSA-219, bsc#1042915)
- Stale P2M mappings due to insufficient error checking allowed malicious guest to leak information or elevate privileges (XSA-222, bsc#1042931)
- Grant table operations mishandled reference counts allowing malicious guests to escape (XSA-224, bsc#1042938)
- CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value (bsc#1042160)
- CVE-2017-8309: Memory leak in the audio/audio.c allowed remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture (bsc#1037243)
- CVE-2017-8905: Xen a failsafe callback, which might have allowed PV guest OS users to execute arbitrary code on the host OS (XSA-215, bsc#1034845).
ImportantSUSE bug 1034845SUSE bug 1037243SUSE bug 1042160SUSE bug 1042863SUSE bug 1042882SUSE bug 1042893SUSE bug 1042915SUSE bug 1042931SUSE bug 1042938CVE-2017-8309 at SUSECVE-2017-8309 at NVDCVE-2017-8905 at SUSECVE-2017-8905 at NVDCVE-2017-9330 at SUSECVE-2017-9330 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes the following security issues:
- blkif responses leaked backend stack data, which allowed unprivileged guest to obtain sensitive information from the host or other guests (XSA-216, bsc#1042863)
- Page transfer might have allowed PV guest to elevate privilege (XSA-217, bsc#1042882)
- Races in the grant table unmap code allowed for informations leaks and potentially privilege escalation (XSA-218, bsc#1042893)
- Insufficient reference counts during shadow emulation allowed a malicious pair of guest to elevate their privileges to the privileges that XEN runs under (XSA-219, bsc#1042915)
- Stale P2M mappings due to insufficient error checking allowed malicious guest to leak information or elevate privileges (XSA-222, bsc#1042931)
- Grant table operations mishandled reference counts allowing malicious guests to escape (XSA-224, bsc#1042938)
- CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value (bsc#1042160)
- CVE-2017-8309: Memory leak in the audio/audio.c allowed remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture (bsc#1037243)
ImportantSUSE bug 1037243SUSE bug 1042160SUSE bug 1042863SUSE bug 1042882SUSE bug 1042893SUSE bug 1042915SUSE bug 1042931SUSE bug 1042938CVE-2017-8309 at SUSECVE-2017-8309 at NVDCVE-2017-9330 at SUSECVE-2017-9330 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious
guest to crash the host or potentially escalate privileges/leak information
(XSA-226, bsc#1051787).
- CVE-2017-12137: Incorrectly-aligned updates to pagetables allowed for
privilege escalation (XSA-227, bsc#1051788).
- CVE-2017-11334: The address_space_write_continue function in exec.c allowed
local guest OS privileged users to cause a denial of service (out-of-bounds
access and guest instance crash) by leveraging use of qemu_map_ram_ptr to
access guest ram block area (bsc#1048920).
- CVE-2017-11434: The dhcp_decode function in slirp/bootp.c allowed local guest
OS users to cause a denial of service (out-of-bounds read) via a crafted DHCP
options string (bsc#1049578).
- CVE-2017-10664: qemu-nbd did not ignore SIGPIPE, which allowed remote
attackers to cause a denial of service (daemon crash) by disconnecting during
a server-to-client reply attempt (bsc#1046637).
- CVE-2017-8905: Fixed a memory corruption via a failsafe callback, which might
have allowed PV guest OS users to execute arbitrary code on the host OS
(XSA-215, bsc#1034845).
- CVE-2017-12855: Premature clearing of GTF_writing / GTF_reading lead to
potentially leaking sensitive information (XSA-230, bsc#1052686).
ImportantSUSE bug 1034845SUSE bug 1046637SUSE bug 1048920SUSE bug 1049578SUSE bug 1051787SUSE bug 1051788SUSE bug 1052686CVE-2017-10664 at SUSECVE-2017-10664 at NVDCVE-2017-11334 at SUSECVE-2017-11334 at NVDCVE-2017-11434 at SUSECVE-2017-11434 at NVDCVE-2017-12135 at SUSECVE-2017-12135 at NVDCVE-2017-12137 at SUSECVE-2017-12137 at NVDCVE-2017-12855 at SUSECVE-2017-12855 at NVDCVE-2017-8905 at SUSECVE-2017-8905 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
This update for xen fixes the following issues:
- CVE-2017-12855: Premature clearing of GTF_writing / GTF_reading lead to
potentially leaking sensitive information (XSA-230, bsc#1052686).
- CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious
guest to crash the host or potentially escalate privileges/leak information
(XSA-226, bsc#1051787).
- CVE-2017-12137: Incorrectly-aligned updates to pagetables allowed for
privilege escalation (XSA-227, bsc#1051788).
- CVE-2017-11334: The address_space_write_continue function in exec.c allowed
local guest OS privileged users to cause a denial of service (out-of-bounds
access and guest instance crash) by leveraging use of qemu_map_ram_ptr to
access guest ram block area (bsc#1048920).
- CVE-2017-11434: The dhcp_decode function in slirp/bootp.c allowed local guest
OS users to cause a denial of service (out-of-bounds read) via a crafted DHCP
options string (bsc#1049578).
- CVE-2017-10664: qemu-nbd did not ignore SIGPIPE, which allowed remote
attackers to cause a denial of service (daemon crash) by disconnecting during
a server-to-client reply attempt (bsc#1046637).
ImportantSUSE bug 1046637SUSE bug 1048920SUSE bug 1049578SUSE bug 1051787SUSE bug 1051788SUSE bug 1052686CVE-2017-10664 at SUSECVE-2017-10664 at NVDCVE-2017-11334 at SUSECVE-2017-11334 at NVDCVE-2017-11434 at SUSECVE-2017-11434 at NVDCVE-2017-12135 at SUSECVE-2017-12135 at NVDCVE-2017-12137 at SUSECVE-2017-12137 at NVDCVE-2017-12855 at SUSECVE-2017-12855 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2017-14316: Missing bound check in function `alloc_heap_pages` for an
internal array allowed attackers using crafted hypercalls to execute
arbitrary code within Xen (XSA-231, bsc#1056278)
- CVE-2017-14317: A race in cxenstored may have cause a double-free allowind for
DoS of the xenstored daemon (XSA-233, bsc#1056281).
- CVE-2017-14319: An error while handling grant mappings allowed malicious or
buggy x86 PV guest to escalate its privileges or crash the hypervisor (XSA-234,
bsc#1056282).
ImportantSUSE bug 1056278SUSE bug 1056281SUSE bug 1056282CVE-2017-14316 at SUSECVE-2017-14316 at NVDCVE-2017-14317 at SUSECVE-2017-14317 at NVDCVE-2017-14319 at SUSECVE-2017-14319 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2017-14316: Missing bound check in function `alloc_heap_pages` for an
internal array allowed attackers using crafted hypercalls to execute
arbitrary code within Xen (XSA-231, bsc#1056278)
- CVE-2017-14317: A race in cxenstored may have cause a double-free allowind for
DoS of the xenstored daemon (XSA-233, bsc#1056281).
- CVE-2017-14319: An error while handling grant mappings allowed malicious or
buggy x86 PV guest to escalate its privileges or crash the hypervisor (XSA-234,
bsc#1056282).
ImportantSUSE bug 1056278SUSE bug 1056281SUSE bug 1056282CVE-2017-14316 at SUSECVE-2017-14316 at NVDCVE-2017-14317 at SUSECVE-2017-14317 at NVDCVE-2017-14319 at SUSECVE-2017-14319 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
This update for xen fixes several issues:
These security issues were fixed:
- CVE-2017-5526: The ES1370 audio device emulation support was vulnerable to a
memory leakage issue allowing a privileged user inside the guest to cause a DoS
and/or potentially crash the Qemu process on the host (bsc#1059777)
- CVE-2017-15593: Missing cleanup in the page type system allowed a malicious or
buggy PV guest to cause DoS (XSA-242 bsc#1061084)
- CVE-2017-15592: A problem in the shadow pagetable code allowed a malicious or
buggy HVM guest to cause DoS or cause hypervisor memory corruption potentially
allowing the guest to escalate its privilege (XSA-243 bsc#1061086)
- CVE-2017-15594: Problematic handling of the selector fields in the Interrupt
Descriptor Table (IDT) allowed a malicious or buggy x86 PV guest to escalate
its privileges or cause DoS (XSA-244 bsc#1061087)
- CVE-2017-15589: Intercepted I/O write operations with less than a full machine
word's worth of data were not properly handled, which allowed a malicious
unprivileged x86 HVM guest to obtain sensitive information from the host or
other guests (XSA-239 bsc#1061080)
- CVE-2017-15595: In certain configurations of linear page tables a stack overflow
might have occured that allowed a malicious or buggy PV guest to cause DoS and
potentially privilege escalation and information leaks (XSA-240 bsc#1061081)
- CVE-2017-15588: Under certain conditions x86 PV guests could have caused the
hypervisor to miss a necessary TLB flush for a page. This allowed a malicious
x86 PV guest to access all of system memory, allowing for privilege escalation,
DoS, and information leaks (XSA-241 bsc#1061082)
- CVE-2017-15590: Multiple issues existed with the setup of PCI MSI interrupts
that allowed a malicious or buggy guest to cause DoS and potentially privilege
escalation and information leaks (XSA-237 bsc#1061076)
ImportantSUSE bug 1059777SUSE bug 1061076SUSE bug 1061080SUSE bug 1061081SUSE bug 1061082SUSE bug 1061084SUSE bug 1061086SUSE bug 1061087CVE-2017-15588 at SUSECVE-2017-15588 at NVDCVE-2017-15589 at SUSECVE-2017-15589 at NVDCVE-2017-15590 at SUSECVE-2017-15590 at NVDCVE-2017-15592 at SUSECVE-2017-15592 at NVDCVE-2017-15593 at SUSECVE-2017-15593 at NVDCVE-2017-15594 at SUSECVE-2017-15594 at NVDCVE-2017-15595 at SUSECVE-2017-15595 at NVDCVE-2017-5526 at SUSECVE-2017-5526 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes several issues:
These security issues were fixed:
- CVE-2017-5526: The ES1370 audio device emulation support was vulnerable to a
memory leakage issue allowing a privileged user inside the guest to cause a DoS
and/or potentially crash the Qemu process on the host (bsc#1059777)
- CVE-2017-15593: Missing cleanup in the page type system allowed a malicious or
buggy PV guest to cause DoS (XSA-242 bsc#1061084)
- CVE-2017-15592: A problem in the shadow pagetable code allowed a malicious or
buggy HVM guest to cause DoS or cause hypervisor memory corruption potentially
allowing the guest to escalate its privilege (XSA-243 bsc#1061086)
- CVE-2017-15594: Problematic handling of the selector fields in the Interrupt
Descriptor Table (IDT) allowed a malicious or buggy x86 PV guest to escalate
its privileges or cause DoS (XSA-244 bsc#1061087)
- CVE-2017-15589: Intercepted I/O write operations with less than a full machine
word's worth of data were not properly handled, which allowed a malicious
unprivileged x86 HVM guest to obtain sensitive information from the host or
other guests (XSA-239 bsc#1061080)
- CVE-2017-15595: In certain configurations of linear page tables a stack overflow
might have occured that allowed a malicious or buggy PV guest to cause DoS and
potentially privilege escalation and information leaks (XSA-240 bsc#1061081)
- CVE-2017-15588: Under certain conditions x86 PV guests could have caused the
hypervisor to miss a necessary TLB flush for a page. This allowed a malicious
x86 PV guest to access all of system memory, allowing for privilege escalation,
DoS, and information leaks (XSA-241 bsc#1061082)
- CVE-2017-15590: Multiple issues existed with the setup of PCI MSI interrupts
that allowed a malicious or buggy guest to cause DoS and potentially privilege
escalation and information leaks (XSA-237 bsc#1061076)
ImportantSUSE bug 1059777SUSE bug 1061076SUSE bug 1061080SUSE bug 1061081SUSE bug 1061082SUSE bug 1061084SUSE bug 1061086SUSE bug 1061087CVE-2017-15588 at SUSECVE-2017-15588 at NVDCVE-2017-15589 at SUSECVE-2017-15589 at NVDCVE-2017-15590 at SUSECVE-2017-15590 at NVDCVE-2017-15592 at SUSECVE-2017-15592 at NVDCVE-2017-15593 at SUSECVE-2017-15593 at NVDCVE-2017-15594 at SUSECVE-2017-15594 at NVDCVE-2017-15595 at SUSECVE-2017-15595 at NVDCVE-2017-5526 at SUSECVE-2017-5526 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
This update for xen fixes several issues.
These security issues were fixed:
- bsc#1068187: Failure to recognize errors in the Populate on Demand (PoD) code
allowed for DoS (XSA-246)
- bsc#1068191: Missing p2m error checking in PoD code allowed unprivileged guests
to retain a writable mapping of freed memory leading to information leaks,
privilege escalation or DoS (XSA-247).
- CVE-2017-15289: The mode4and5 write functions allowed local OS guest privileged
users to cause a denial of service (out-of-bounds write access and Qemu process
crash) via vectors related to dst calculation (bsc#1063123)
- CVE-2017-15597: A grant copy operation being done on a grant of a dying domain
allowed a malicious guest administrator to corrupt hypervisor memory, allowing
for DoS or potentially privilege escalation and information leaks (bsc#1061075).
- CVE-2017-15595: x86 PV guest OS users were able to cause a DoS (unbounded
recursion, stack consumption, and hypervisor crash) or possibly gain privileges
via crafted page-table stacking (bsc#1061081).
- CVE-2017-15592: x86 HVM guest OS users were able to cause a DoS (hypervisor
crash) or possibly gain privileges because self-linear shadow mappings were
mishandled for translated guests (bsc#1061086).
ImportantSUSE bug 1061075SUSE bug 1061081SUSE bug 1061086SUSE bug 1063123SUSE bug 1068187SUSE bug 1068191CVE-2017-15289 at SUSECVE-2017-15289 at NVDCVE-2017-15592 at SUSECVE-2017-15592 at NVDCVE-2017-15595 at SUSECVE-2017-15595 at NVDCVE-2017-15597 at SUSECVE-2017-15597 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes several issues.
These security issues were fixed:
- bsc#1068187: Failure to recognize errors in the Populate on Demand (PoD) code
allowed for DoS (XSA-246)
- bsc#1068191: Missing p2m error checking in PoD code allowed unprivileged guests
to retain a writable mapping of freed memory leading to information leaks,
privilege escalation or DoS (XSA-247).
- CVE-2017-15289: The mode4and5 write functions allowed local OS guest privileged
users to cause a denial of service (out-of-bounds write access and Qemu process
crash) via vectors related to dst calculation (bsc#1063123)
- CVE-2017-15597: A grant copy operation being done on a grant of a dying domain
allowed a malicious guest administrator to corrupt hypervisor memory, allowing
for DoS or potentially privilege escalation and information leaks (bsc#1061075).
- CVE-2017-15595: x86 PV guest OS users were able to cause a DoS (unbounded
recursion, stack consumption, and hypervisor crash) or possibly gain privileges
via crafted page-table stacking (bsc#1061081).
- CVE-2017-15592: x86 HVM guest OS users were able to cause a DoS (hypervisor
crash) or possibly gain privileges because self-linear shadow mappings were
mishandled for translated guests (bsc#1061086).
ImportantSUSE bug 1061075SUSE bug 1061081SUSE bug 1061086SUSE bug 1063123SUSE bug 1068187SUSE bug 1068191CVE-2017-15289 at SUSECVE-2017-15289 at NVDCVE-2017-15592 at SUSECVE-2017-15592 at NVDCVE-2017-15595 at SUSECVE-2017-15595 at NVDCVE-2017-15597 at SUSECVE-2017-15597 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via
side effects of speculative execution, aka 'Spectre' and 'Meltdown' attacks
(bsc#1074562, bsc#1068032)
- CVE-2018-5683: The vga_draw_text function allowed local OS guest privileged
users to cause a denial of service (out-of-bounds read and QEMU process crash)
by leveraging improper memory address validation (bsc#1076116).
- CVE-2017-18030: The cirrus_invalidate_region function allowed local OS guest
privileged users to cause a denial of service (out-of-bounds array access and
QEMU process crash) via vectors related to negative pitch (bsc#1076180).
- CVE-2017-15595: x86 PV guest OS users were able to cause a DoS (unbounded
recursion, stack consumption, and hypervisor crash) or possibly gain privileges
via crafted page-table stacking (bsc#1061081)
- CVE-2017-17566: Prevent PV guest OS users to cause a denial of service (host
OS crash) or gain host OS privileges in shadow mode by mapping a certain
auxiliary page (bsc#1070158).
- CVE-2017-17563: Prevent guest OS users to cause a denial of service (host OS
crash) or gain host OS privileges by leveraging an incorrect mask for
reference-count overflow checking in shadow mode (bsc#1070159).
- CVE-2017-17564: Prevent guest OS users to cause a denial of service (host OS
crash) or gain host OS privileges by leveraging incorrect error handling for
reference counting in shadow mode (bsc#1070160).
- CVE-2017-17565: Prevent PV guest OS users to cause a denial of service (host
OS crash) if shadow mode and log-dirty mode are in place, because of an
incorrect assertion related to M2P (bsc#1070163).
- Added missing intermediate preemption checks for guest requesting removal of
memory. This allowed malicious guest administrator to cause denial of service
due to the high cost of this operation (bsc#1080635).
- Because of XEN not returning the proper error messages when transitioning
grant tables from v2 to v1 a malicious guest was able to cause DoS or
potentially allowed for privilege escalation as well as information leaks
(bsc#1080662).
- CVE-2017-5898: The CCID Card device emulator support was vulnerable to an
integer overflow flaw allowing a privileged user to crash the Qemu process on
the host resulting in DoS (bsc#1024307)
- Unprivileged domains could have issued well-timed writes to xenstore which
conflict with transactions to stall progress of the control domain or driver
domain, possibly leading to DoS (bsc#1030144, XSA-206).
ImportantSUSE bug 1024307SUSE bug 1030144SUSE bug 1061081SUSE bug 1068032SUSE bug 1070158SUSE bug 1070159SUSE bug 1070160SUSE bug 1070163SUSE bug 1074562SUSE bug 1076116SUSE bug 1076180SUSE bug 1080635SUSE bug 1080662CVE-2017-15595 at SUSECVE-2017-15595 at NVDCVE-2017-17563 at SUSECVE-2017-17563 at NVDCVE-2017-17564 at SUSECVE-2017-17564 at NVDCVE-2017-17565 at SUSECVE-2017-17565 at NVDCVE-2017-17566 at SUSECVE-2017-17566 at NVDCVE-2017-18030 at SUSECVE-2017-18030 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5753 at SUSECVE-2017-5753 at NVDCVE-2017-5754 at SUSECVE-2017-5754 at NVDCVE-2017-5898 at SUSECVE-2017-5898 at NVDCVE-2018-5683 at SUSECVE-2018-5683 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via
side effects of speculative execution, aka 'Spectre' and 'Meltdown' attacks
(bsc#1074562, bsc#1068032)
- CVE-2018-5683: The vga_draw_text function allowed local OS guest privileged
users to cause a denial of service (out-of-bounds read and QEMU process crash)
by leveraging improper memory address validation (bsc#1076116).
- CVE-2017-18030: The cirrus_invalidate_region function allowed local OS guest
privileged users to cause a denial of service (out-of-bounds array access and
QEMU process crash) via vectors related to negative pitch (bsc#1076180).
- CVE-2017-15595: x86 PV guest OS users were able to cause a DoS (unbounded
recursion, stack consumption, and hypervisor crash) or possibly gain privileges
via crafted page-table stacking (bsc#1061081)
- CVE-2017-17566: Prevent PV guest OS users to cause a denial of service (host
OS crash) or gain host OS privileges in shadow mode by mapping a certain
auxiliary page (bsc#1070158).
- CVE-2017-17563: Prevent guest OS users to cause a denial of service (host OS
crash) or gain host OS privileges by leveraging an incorrect mask for
reference-count overflow checking in shadow mode (bsc#1070159).
- CVE-2017-17564: Prevent guest OS users to cause a denial of service (host OS
crash) or gain host OS privileges by leveraging incorrect error handling for
reference counting in shadow mode (bsc#1070160).
- CVE-2017-17565: Prevent PV guest OS users to cause a denial of service (host
OS crash) if shadow mode and log-dirty mode are in place, because of an
incorrect assertion related to M2P (bsc#1070163).
- Added missing intermediate preemption checks for guest requesting removal of
memory. This allowed malicious guest administrator to cause denial of service
due to the high cost of this operation (bsc#1080635).
- Because of XEN not returning the proper error messages when transitioning
grant tables from v2 to v1 a malicious guest was able to cause DoS or
potentially allowed for privilege escalation as well as information leaks
(bsc#1080662).
- CVE-2017-5898: The CCID Card device emulator support was vulnerable to an
integer overflow flaw allowing a privileged user to crash the Qemu process on
the host resulting in DoS (bsc#1024307)
- Unprivileged domains could have issued well-timed writes to xenstore which
conflict with transactions to stall progress of the control domain or driver
domain, possibly leading to DoS (bsc#1030144, XSA-206).
ImportantSUSE bug 1024307SUSE bug 1030144SUSE bug 1061081SUSE bug 1068032SUSE bug 1070158SUSE bug 1070159SUSE bug 1070160SUSE bug 1070163SUSE bug 1074562SUSE bug 1076116SUSE bug 1076180SUSE bug 1080635SUSE bug 1080662CVE-2017-11334 at SUSECVE-2017-11334 at NVDCVE-2017-15595 at SUSECVE-2017-15595 at NVDCVE-2017-17563 at SUSECVE-2017-17563 at NVDCVE-2017-17564 at SUSECVE-2017-17564 at NVDCVE-2017-17565 at SUSECVE-2017-17565 at NVDCVE-2017-17566 at SUSECVE-2017-17566 at NVDCVE-2017-18030 at SUSECVE-2017-18030 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5753 at SUSECVE-2017-5753 at NVDCVE-2017-5754 at SUSECVE-2017-5754 at NVDCVE-2017-5898 at SUSECVE-2017-5898 at NVDCVE-2018-5683 at SUSECVE-2018-5683 at NVDCVE-2018-7540 at SUSECVE-2018-7540 at NVDCVE-2018-7541 at SUSECVE-2018-7541 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2018-8897: Prevent mishandling of debug exceptions on x86 (XSA-260, bsc#1090820)
- Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy
HVM guests from causing a hypervisor crash or potentially privilege
escalation/information leaks (XSA-261, bsc#1090822)
- Prevent unbounded loop, induced by qemu allowing an attacker to permanently
keep a physical CPU core busy (XSA-262, bsc#1090823)
- CVE-2018-10472: x86 HVM guest OS users (in certain configurations) were able
to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction
with specifying the target file as the backing file of a snapshot
(bsc#1089152).
- CVE-2018-10471: x86 PV guest OS users were able to cause a denial of service
(out-of-bounds zero write and hypervisor crash) via unexpected INT 80
processing, because of an incorrect fix for CVE-2017-5754 (bsc#1089635).
- CVE-2018-7550: The load_multiboot function allowed local guest OS users to
execute arbitrary code on the host via a mh_load_end_addr value greater than
mh_bss_end_addr, which triggers an out-of-bounds read or write memory access
(bsc#1083292).
ImportantSUSE bug 1083292SUSE bug 1089152SUSE bug 1089635SUSE bug 1090820SUSE bug 1090822SUSE bug 1090823CVE-2018-10471 at SUSECVE-2018-10471 at NVDCVE-2018-10472 at SUSECVE-2018-10472 at NVDCVE-2018-7550 at SUSECVE-2018-7550 at NVDCVE-2018-8897 at SUSECVE-2018-8897 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2018-8897: Prevent mishandling of debug exceptions on x86 (XSA-260, bsc#1090820)
- Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy
HVM guests from causing a hypervisor crash or potentially privilege
escalation/information leaks (XSA-261, bsc#1090822)
- Prevent unbounded loop, induced by qemu allowing an attacker to permanently
keep a physical CPU core busy (XSA-262, bsc#1090823)
- CVE-2018-10472: x86 HVM guest OS users (in certain configurations) were able
to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction
with specifying the target file as the backing file of a snapshot
(bsc#1089152).
- CVE-2018-10471: x86 PV guest OS users were able to cause a denial of service
(out-of-bounds zero write and hypervisor crash) via unexpected INT 80
processing, because of an incorrect fix for CVE-2017-5754 (bsc#1089635).
- CVE-2018-7550: The load_multiboot function allowed local guest OS users to
execute arbitrary code on the host via a mh_load_end_addr value greater than
mh_bss_end_addr, which triggers an out-of-bounds read or write memory access
(bsc#1083292).
ImportantSUSE bug 1083292SUSE bug 1089152SUSE bug 1089635SUSE bug 1090820SUSE bug 1090822SUSE bug 1090823CVE-2018-10471 at SUSECVE-2018-10471 at NVDCVE-2018-10472 at SUSECVE-2018-10472 at NVDCVE-2018-7550 at SUSECVE-2018-7550 at NVDCVE-2018-8897 at SUSECVE-2018-8897 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes the following issues:
These security issue were fixed:
- CVE-2018-3646: Systems with microprocessors utilizing speculative execution
and address translations may have allowed unauthorized disclosure of
information residing in the L1 data cache to an attacker with local user access
with guest OS privilege via a terminal page fault and a side-channel analysis
(bsc#1091107, bsc#1027519).
- CVE-2018-12617: An integer overflow that could cause a segmentation
fault in qmp_guest_file_read() with g_malloc() in qemu-guest-agent was
fixed (bsc#1098744)
- CVE-2018-3665: System software utilizing Lazy FP state restore technique
on systems using Intel Core-based microprocessors may potentially allow
a local process to infer data from another process through a speculative
execution side channel. (bsc#1095242)
- CVE-2018-3639: Systems with microprocessors utilizing speculative
execution and speculative execution of memory reads before the addresses
of all prior memory writes are known may allow unauthorized disclosure
of information to an attacker with local user access via a side-channel
analysis, aka Speculative Store Bypass (SSB), Variant 4. (bsc#1092631)
- CVE-2017-5715: Systems with microprocessors utilizing speculative
execution and indirect branch prediction may allow unauthorized disclosure
of information to an attacker with local user access via a side-channel
analysis. (bsc#1074562)
- CVE-2017-5753: Systems with microprocessors utilizing speculative
execution and branch prediction may allow unauthorized disclosure of
information to an attacker with local user access via a side-channel
analysis. (bsc#1074562)
- CVE-2017-5754: Systems with microprocessors utilizing speculative
execution and indirect branch prediction may allow unauthorized disclosure
of information to an attacker with local user access via a side-channel
analysis of the data cache. (bsc#1074562)
- CVE-2018-12891: Certain PV MMU operations may take a long time to
process. For that reason Xen explicitly checks for the need to preempt
the current vCPU at certain points. A few rarely taken code paths did
bypass such checks. By suitably enforcing the conditions through its own
page table contents, a malicious guest may cause such bypasses to be used
for an unbounded number of iterations. A malicious or buggy PV guest may
cause a Denial of Service (DoS) affecting the entire host. Specifically,
it may prevent use of a physical CPU for an indeterminate period of
time. (bsc#1097521)
- CVE-2018-12893: One of the fixes in XSA-260 added some safety checks
to help prevent Xen livelocking with debug exceptions. Unfortunately,
due to an oversight, at least one of these safety checks can be
triggered by a guest. A malicious PV guest can crash Xen, leading to
a Denial of Service. Only x86 PV guests can exploit the vulnerability. x86
HVM and PVH guests cannot exploit the vulnerability. An attacker
needs to be able to control hardware debugging facilities to exploit
the vulnerability, but such permissions are typically available to
unprivileged users. (bsc#1097522)
- CVE-2018-11806: m_cat in slirp/mbuf.c in Qemu has a heap-based buffer
overflow via incoming fragmented datagrams. (bsc#1096224)
- CVE-2018-10982: An issue was discovered in Xen allowed x86 HVM guest
OS users to cause a denial of service (unexpectedly high interrupt
number, array overrun, and hypervisor crash) or possibly gain hypervisor
privileges by setting up an HPET timer to deliver interrupts in IO-APIC
mode, aka vHPET interrupt injection. (bsc#1090822)
- CVE-2018-10981: An issue was discovered in Xen that allowed x86 HVM
guest OS users to cause a denial of service (host OS infinite loop) in
situations where a QEMU device model attempts to make invalid transitions
between states of a request. (bsc#1090823)
Following bugs were fixed:
- After updating to kernel 3.0.101-0.47.106.32-xen system crashes in check_bugs() (bsc#1097206)
- bsc#1079730 - in xen-kmp, unplug emulated devices after migration
This is required since xen-4.10 and/or qemu-2.10 because the state
of unplug is not propagated from one dom0 to another. Without
this unplug qemu's block-backend will be unable to open qcow2
disks on the receiving dom0
ImportantSUSE bug 1027519SUSE bug 1074562SUSE bug 1079730SUSE bug 1090822SUSE bug 1090823SUSE bug 1091107SUSE bug 1092631SUSE bug 1095242SUSE bug 1096224SUSE bug 1097206SUSE bug 1097521SUSE bug 1097522SUSE bug 1098744CVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5753 at SUSECVE-2017-5753 at NVDCVE-2017-5754 at SUSECVE-2017-5754 at NVDCVE-2018-10981 at SUSECVE-2018-10981 at NVDCVE-2018-10982 at SUSECVE-2018-10982 at NVDCVE-2018-11806 at SUSECVE-2018-11806 at NVDCVE-2018-12617 at SUSECVE-2018-12617 at NVDCVE-2018-12891 at SUSECVE-2018-12891 at NVDCVE-2018-12893 at SUSECVE-2018-12893 at NVDCVE-2018-3639 at SUSECVE-2018-3639 at NVDCVE-2018-3646 at SUSECVE-2018-3646 at NVDCVE-2018-3665 at SUSECVE-2018-3665 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSS
This update for xen fixes the following issues:
These security issue were fixed:
- CVE-2018-3646: Systems with microprocessors utilizing speculative execution
and address translations may have allowed unauthorized disclosure of
information residing in the L1 data cache to an attacker with local user access
with guest OS privilege via a terminal page fault and a side-channel analysis
(bsc#1091107, bsc#1027519).
- CVE-2018-12617: An integer overflow that could cause a segmentation
fault in qmp_guest_file_read() with g_malloc() in qemu-guest-agent was
fixed (bsc#1098744)
- CVE-2018-3665: System software utilizing Lazy FP state restore technique
on systems using Intel Core-based microprocessors may potentially allow
a local process to infer data from another process through a speculative
execution side channel. (bsc#1095242)
- CVE-2018-3639: Systems with microprocessors utilizing speculative
execution and speculative execution of memory reads before the addresses
of all prior memory writes are known may allow unauthorized disclosure
of information to an attacker with local user access via a side-channel
analysis, aka Speculative Store Bypass (SSB), Variant 4. (bsc#1092631)
- CVE-2017-5715: Systems with microprocessors utilizing speculative
execution and indirect branch prediction may allow unauthorized disclosure
of information to an attacker with local user access via a side-channel
analysis. (bsc#1074562)
- CVE-2017-5753: Systems with microprocessors utilizing speculative
execution and branch prediction may allow unauthorized disclosure of
information to an attacker with local user access via a side-channel
analysis. (bsc#1074562)
- CVE-2017-5754: Systems with microprocessors utilizing speculative
execution and indirect branch prediction may allow unauthorized disclosure
of information to an attacker with local user access via a side-channel
analysis of the data cache. (bsc#1074562)
- CVE-2018-12891: Certain PV MMU operations may take a long time to
process. For that reason Xen explicitly checks for the need to preempt
the current vCPU at certain points. A few rarely taken code paths did
bypass such checks. By suitably enforcing the conditions through its own
page table contents, a malicious guest may cause such bypasses to be used
for an unbounded number of iterations. A malicious or buggy PV guest may
cause a Denial of Service (DoS) affecting the entire host. Specifically,
it may prevent use of a physical CPU for an indeterminate period of
time. (bsc#1097521)
- CVE-2018-12893: One of the fixes in XSA-260 added some safety checks
to help prevent Xen livelocking with debug exceptions. Unfortunately,
due to an oversight, at least one of these safety checks can be
triggered by a guest. A malicious PV guest can crash Xen, leading to
a Denial of Service. Only x86 PV guests can exploit the vulnerability. x86
HVM and PVH guests cannot exploit the vulnerability. An attacker
needs to be able to control hardware debugging facilities to exploit
the vulnerability, but such permissions are typically available to
unprivileged users. (bsc#1097522)
- CVE-2018-11806: m_cat in slirp/mbuf.c in Qemu has a heap-based buffer
overflow via incoming fragmented datagrams. (bsc#1096224)
- CVE-2018-10982: An issue was discovered in Xen allowed x86 HVM guest
OS users to cause a denial of service (unexpectedly high interrupt
number, array overrun, and hypervisor crash) or possibly gain hypervisor
privileges by setting up an HPET timer to deliver interrupts in IO-APIC
mode, aka vHPET interrupt injection. (bsc#1090822)
- CVE-2018-10981: An issue was discovered in Xen that allowed x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request. (bsc#1090823)
Following bugs were fixed:
- After updating to kernel 3.0.101-0.47.106.32-xen system crashes in check_bugs() (bsc#1097206)
- bsc#1079730 - in xen-kmp, unplug emulated devices after migration
This is required since xen-4.10 and/or qemu-2.10 because the state
of unplug is not propagated from one dom0 to another. Without
this unplug qemu's block-backend will be unable to open qcow2
disks on the receiving dom0
ImportantSUSE bug 1027519SUSE bug 1074562SUSE bug 1079730SUSE bug 1090822SUSE bug 1090823SUSE bug 1091107SUSE bug 1092631SUSE bug 1095242SUSE bug 1096224SUSE bug 1097206SUSE bug 1097521SUSE bug 1097522SUSE bug 1098744CVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5753 at SUSECVE-2017-5753 at NVDCVE-2017-5754 at SUSECVE-2017-5754 at NVDCVE-2018-10981 at SUSECVE-2018-10981 at NVDCVE-2018-10982 at SUSECVE-2018-10982 at NVDCVE-2018-11806 at SUSECVE-2018-11806 at NVDCVE-2018-12617 at SUSECVE-2018-12617 at NVDCVE-2018-12891 at SUSECVE-2018-12891 at NVDCVE-2018-12893 at SUSECVE-2018-12893 at NVDCVE-2018-3639 at SUSECVE-2018-3639 at NVDCVE-2018-3646 at SUSECVE-2018-3646 at NVDCVE-2018-3665 at SUSECVE-2018-3665 at NVDcpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes the following issues:
Security issues fixed:
- CVE-2018-19965: Fixed an issue related to the INVPCID instruction in case
non-canonical addresses are accessed, which may allow a guest to cause Xen to
crash, resulting in a Denial of Service (DoS) affecting the entire host.
(XSA-279) (bsc#1115045)
- CVE-2018-18849: Fixed an out of bounds memory access issue was found in the
LSI53C895A SCSI Host Bus Adapter emulation while writing a message in lsi_do_msgin (bsc#1114423).
- CVE-2018-19665: Fixed an integer overflow resulting in memory corruption in
various Bluetooth functions, allowing this to crash qemu process resulting in
Denial of Service (DoS). (bsc#1117756).
- CVE-2018-18438: Fixed an integer overflow in ccid_card_vscard_read function which could allow memory corruption (bsc#1112188).
- CVE-2018-17962: Fixed an integer overflow leading to a buffer overflow in the
pcnet component (bsc#1111011).
- CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB
flushing with AMD IOMMUs, which potentially allowed a guest to escalate its
privileges, may cause a Denial of Service (DoS) affecting the entire host, or
may be able to access data it is not supposed to access. (XSA-275)
(bsc#1115040).
- CVE-2018-17963: Fixed an integer overflow in relation to large packet sizes,
leading to a denial of service (DoS) (bsc#1111014).
- Fixed an issue which could allow a malicious or buggy x86 PV guest kernels can mount a Denial of Service
attack affecting the whole system (bsc#1126196).
- CVE-2018-17958: Fixed an integer overflow which could lead to buffer overflow (bsc#1111007).
- CVE-2018-10839: Fixed an integer overflow leading to a buffer overflow in
the ne2000 component (bsc#1110924).
- CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() found in slirp (bsc#1123157).
- CVE-2018-19966: Fixed issue introduced by XSA-240 that could have caused conflicts with shadow paging (XSA-280)(bsc#1115047).
- CVE-2018-19967: Fixed HLE constructs that allowed guests to lock up the host,
resulting in a Denial of Service (DoS). (XSA-282) (bsc#1114988).
- Fixed multiple access violations introduced by XENMEM_exchange hypercall which could allow
a single PV guest to leak arbitrary amounts of memory, leading to a denial of service (bsc#1126192).
- Fixed an issue which could allow malicious or buggy guests with passed through PCI devices to be able to
escalate their privileges, crash the host, or access data belonging to other guests. Additionally memory
leaks were also possible (bsc#1126140).
- Fixed a race condition issue which could allow malicious PV guests to escalate their privilege to that
of the hypervisor (bsc#1126141).
- CVE-2019-9824: Fixed an information leak in SLiRP networking implementation which could allow a user/process
to read uninitialised stack memory contents (bsc#1129623).
ImportantSUSE bug 1110924SUSE bug 1111007SUSE bug 1111011SUSE bug 1111014SUSE bug 1112188SUSE bug 1114423SUSE bug 1114988SUSE bug 1115040SUSE bug 1115045SUSE bug 1115047SUSE bug 1117756SUSE bug 1123157SUSE bug 1126140SUSE bug 1126141SUSE bug 1126192SUSE bug 1126195SUSE bug 1126196SUSE bug 1129623CVE-2018-10839 at SUSECVE-2018-10839 at NVDCVE-2018-17958 at SUSECVE-2018-17958 at NVDCVE-2018-17962 at SUSECVE-2018-17962 at NVDCVE-2018-17963 at SUSECVE-2018-17963 at NVDCVE-2018-18438 at SUSECVE-2018-18438 at NVDCVE-2018-18849 at SUSECVE-2018-18849 at NVDCVE-2018-19665 at SUSECVE-2018-19665 at NVDCVE-2018-19961 at SUSECVE-2018-19961 at NVDCVE-2018-19962 at SUSECVE-2018-19962 at NVDCVE-2018-19965 at SUSECVE-2018-19965 at NVDCVE-2018-19966 at SUSECVE-2018-19966 at NVDCVE-2018-19967 at SUSECVE-2018-19967 at NVDCVE-2019-6778 at SUSECVE-2019-6778 at NVDCVE-2019-9824 at SUSECVE-2019-9824 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes the following issues:
- CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator
which could have led to Denial of Service (bsc#1149813).
- CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite loop and denial of
service (bsc#1146874).
- CVE-2019-14378: Fixed a heap buffer overflow in SLiRp networking implementation of QEMU
emulator which could have led to execution of arbitrary code with privileges of the
QEMU process (bsc#1143797).
- CVE-2019-12067: Fixed a null pointer dereference which could have led to denial of service (bsc#1145652).
- CVE-2019-12155: Fixed a null pointer dereference in QXL VGA card emulator of QEMU which
could have led to denial of service (bsc#1135905).
- CVE-2018-20815: Fixed a heap buffer overflow while loading device tree blob (bsc#1130680).
- CVE-2017-10806: Fixed a stack buffer overflow in debug logging (bsc#1047675).
ImportantSUSE bug 1047675SUSE bug 1126140SUSE bug 1126141SUSE bug 1126192SUSE bug 1126195SUSE bug 1126196SUSE bug 1130680SUSE bug 1135905SUSE bug 1143797SUSE bug 1145652SUSE bug 1146874SUSE bug 1149813CVE-2017-10806 at SUSECVE-2017-10806 at NVDCVE-2018-20815 at SUSECVE-2018-20815 at NVDCVE-2019-12067 at SUSECVE-2019-12067 at NVDCVE-2019-12068 at SUSECVE-2019-12068 at NVDCVE-2019-12155 at SUSECVE-2019-12155 at NVDCVE-2019-14378 at SUSECVE-2019-14378 at NVDCVE-2019-15890 at SUSECVE-2019-15890 at NVDCVE-2019-17340 at SUSECVE-2019-17340 at NVDCVE-2019-17341 at SUSECVE-2019-17341 at NVDCVE-2019-17342 at SUSECVE-2019-17342 at NVDCVE-2019-17343 at SUSECVE-2019-17343 at NVDCVE-2019-17344 at SUSECVE-2019-17344 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes the following issues:
- bsc#1174543 - secure boot related fixes
- bsc#1163019 - CVE-2020-8608: potential OOB access due to unsafe snprintf() usages
- bsc#1169392 - CVE-2020-11742: Bad continuation handling in GNTTABOP_copy
- bsc#1168140 - CVE-2020-11740, CVE-2020-11741: multiple xenoprof issues
- bsc#1161181 - CVE-2020-7211: potential directory traversal using relative paths via tftp server on Windows host
- bsc#1154456 - CVE-2019-18425: missing descriptor table limit checking in x86 PV emulation
- bsc#1154458 - CVE-2019-18421: Issues with restartable PV type change operations
ImportantSUSE bug 1154456SUSE bug 1154458SUSE bug 1161181SUSE bug 1163019SUSE bug 1168140SUSE bug 1169392SUSE bug 1174543CVE-2019-18421 at SUSECVE-2019-18421 at NVDCVE-2019-18425 at SUSECVE-2019-18425 at NVDCVE-2020-11740 at SUSECVE-2020-11740 at NVDCVE-2020-11741 at SUSECVE-2020-11741 at NVDCVE-2020-11742 at SUSECVE-2020-11742 at NVDCVE-2020-7211 at SUSECVE-2020-7211 at NVDCVE-2020-8608 at SUSECVE-2020-8608 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes the following issues:
- bsc#1178935 - CVE-2020-25723: xen: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c
- bsc#1177409 - CVE-2020-27674: xen: x86 PV guest INVLPG-like flushes may leave stale TLB entries (XSA-286)
- bsc#1111331 - CPU issues Q2 2019 aka 'Group 4' CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
- bsc#1154461 - CVE-2019-18424: passed through PCI devices may corrupt host memory after deassignment
- bsc#1155945 - CVE-2018-12207: Machine Check Error Avoidance on Page Size Change (aka IFU issue)
- bsc#1157888 - CVE-2019-19579: Device quarantine for alternate pci assignment methods
- bsc#1158004 - CVE-2019-19583: VMX: VMentry failure with debug exceptions and blocked states
- bsc#1158005 - CVE-2019-19578: Linear pagetable use / entry miscounts
- bsc#1158006 - CVE-2019-19580: Further issues with restartable PV type change operations
- bsc#1158007 - CVE-2019-19577: dynamic height for the IOMMU pagetables
- bsc#1172205 - CVE-2020-0543: Special Register Buffer Data Sampling (SRBDS) aka 'CrossTalk' (XSA-320)
- bsc#1173378 - CVE-2020-15565: insufficient cache write- back under VT-d
- bsc#1173380 - CVE-2020-15567: non-atomic modification of live EPT PTE
- bsc#1176343 - CVE-2020-25604: race when migrating timers between x86 HVM vCPU-s (XSA-336)
- bsc#1176344 - CVE-2020-25595: PCI passthrough code reading back hardware registers (XSA-337)
- bsc#1176345 - CVE-2020-25596: x86 pv guest kernel DoS via SYSENTER (XSA-339)
- bsc#1177412 - CVE-2020-27672: Race condition in Xen mapping code (XSA-345)
- bsc#1177413 - CVE-2020-27671: undue deferral of IOMMU TLB flushes (XSA-346)
- bsc#1177414 - CVE-2020-27670: unsafe AMD IOMMU page table updates (XSA-347)
- bsc#1178591 - CVE-2020-28368: Intel RAPL sidechannel
- bsc#1175534 - CVE-2020-14364: usb: out-of-bounds r/w access issue while processing usb packets
ImportantSUSE bug 1111331SUSE bug 1154458SUSE bug 1154461SUSE bug 1155945SUSE bug 1157888SUSE bug 1158004SUSE bug 1158005SUSE bug 1158006SUSE bug 1158007SUSE bug 1168140SUSE bug 1172205SUSE bug 1173378SUSE bug 1173380SUSE bug 1175534SUSE bug 1176343SUSE bug 1176344SUSE bug 1176345SUSE bug 1177409SUSE bug 1177412SUSE bug 1177413SUSE bug 1177414SUSE bug 1178591SUSE bug 1178935CVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2018-12207 at SUSECVE-2018-12207 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDCVE-2019-18424 at SUSECVE-2019-18424 at NVDCVE-2019-19577 at SUSECVE-2019-19577 at NVDCVE-2019-19578 at SUSECVE-2019-19578 at NVDCVE-2019-19579 at SUSECVE-2019-19579 at NVDCVE-2019-19580 at SUSECVE-2019-19580 at NVDCVE-2019-19583 at SUSECVE-2019-19583 at NVDCVE-2020-0543 at SUSECVE-2020-0543 at NVDCVE-2020-11740 at SUSECVE-2020-11740 at NVDCVE-2020-11741 at SUSECVE-2020-11741 at NVDCVE-2020-14364 at SUSECVE-2020-14364 at NVDCVE-2020-15565 at SUSECVE-2020-15565 at NVDCVE-2020-15567 at SUSECVE-2020-15567 at NVDCVE-2020-25595 at SUSECVE-2020-25595 at NVDCVE-2020-25596 at SUSECVE-2020-25596 at NVDCVE-2020-25604 at SUSECVE-2020-25604 at NVDCVE-2020-25723 at SUSECVE-2020-25723 at NVDCVE-2020-27670 at SUSECVE-2020-27670 at NVDCVE-2020-27671 at SUSECVE-2020-27671 at NVDCVE-2020-27672 at SUSECVE-2020-27672 at NVDCVE-2020-27674 at SUSECVE-2020-27674 at NVDCVE-2020-28368 at SUSECVE-2020-28368 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes the following issues:
Security issues fixed:
- CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests (bsc#1179496 XSA-115).
- CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions (bsc#1179498 XSA-322).
- CVE-2020-29484: Fixed an issue where guests could crash xenstored via watchs (bsc#1179501 XSA-324).
- CVE-2020-29483: Fixed an issue where guests could disturb domain cleanup (bsc#1179502 XSA-325).
- CVE-2020-29566: Fixed an undue recursion in x86 HVM context switch code (bsc#1179506 XSA-348).
- CVE-2020-29570: Fixed an issue where FIFO event channels control block related ordering (bsc#1179514 XSA-358).
- CVE-2020-29571: Fixed an issue where FIFO event channels control structure ordering (bsc#1179516 XSA-359).
- CVE-2020-29130: Fixed an out-of-bounds access while processing ARP packets (bsc#1179477).
Non-security issues fixed:
- bsc#1022555 - L3: Timeout in 'execution of /etc/xen/scripts/block add'
- bsc#1029827 - Forward port xenstored
ImportantSUSE bug 1022555SUSE bug 1029827SUSE bug 1091107SUSE bug 1179477SUSE bug 1179496SUSE bug 1179498SUSE bug 1179501SUSE bug 1179502SUSE bug 1179506SUSE bug 1179514SUSE bug 1179516CVE-2020-29130 at SUSECVE-2020-29130 at NVDCVE-2020-29480 at SUSECVE-2020-29480 at NVDCVE-2020-29481 at SUSECVE-2020-29481 at NVDCVE-2020-29483 at SUSECVE-2020-29483 at NVDCVE-2020-29484 at SUSECVE-2020-29484 at NVDCVE-2020-29566 at SUSECVE-2020-29566 at NVDCVE-2020-29570 at SUSECVE-2020-29570 at NVDCVE-2020-29571 at SUSECVE-2020-29571 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes the following issues:
- CVE-2021-0089: Fixed speculative code store bypass (XSA-375) (bsc#1186433).
- CVE-2021-3594: Fixed an invalid pointer initialization may lead to information disclosure (udp) (bsc#1187378).
- CVE-2021-28692: Fixed an inappropriate x86 IOMMU timeout detection / handling (XSA-373) (bsc#1186429).
- CVE-2021-3419: Fixed a stack overflow induced by infinite recursion issue in rtl8139 (bsc#1182975).
- CVE-2021-3592: Fixed an invalid pointer initialization may lead to information disclosure in slirp (bootp) (bsc#1187369).
- CVE-2021-3595: Fixed invalid pointer initialization may lead to information disclosure in slirp (tftp) (bsc#1187376).
- CVE-2021-20257: Fixed an infinite loop issue in the e1000 NIC emulator (bsc#1182846).
- CVE-2021-20255: Fixed stack overflow via infinite recursion in eepro100 (bsc#1182654).
Bugfixes:
- bsc#1182155 - L3: xenstored crashing with segfault after applying
ImportantSUSE bug 1182155SUSE bug 1182654SUSE bug 1182846SUSE bug 1182975SUSE bug 1186429SUSE bug 1186433SUSE bug 1187369SUSE bug 1187376SUSE bug 1187378CVE-2021-0089 at SUSECVE-2021-0089 at NVDCVE-2021-20255 at SUSECVE-2021-20255 at NVDCVE-2021-20257 at SUSECVE-2021-20257 at NVDCVE-2021-28692 at SUSECVE-2021-28692 at NVDCVE-2021-3419 at SUSECVE-2021-3419 at NVDCVE-2021-3592 at SUSECVE-2021-3592 at NVDCVE-2021-3594 at SUSECVE-2021-3594 at NVDCVE-2021-3595 at SUSECVE-2021-3595 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes the following issues:
- CVE-2021-28697: Fixed a race condition that could cause grant table
v2 status pages to remain accessible after deallocation. Only x86
HVM and PVH guests permitted to use grant table v2 interfaces can
leverage this vulnerability (XSA-379, bsc#1189376).
- CVE-2021-28698: Fixed grant mapping tracking logic to avoid long
running loops that could lead to denial of service (XSA-380, bsc#1189378).
- CVE-2021-28701: Fixed a race condition that could cause grant table
v2 status pages to remain accessible after deallocation. Only x86
HVM and PVH guests permitted to use grant table v2 interfaces can
leverage this vulnerability (XSA-384, bsc#1189632).
- CVE-2021-28706: Fixed an integer overflow that could cause certain
guests to exceed their designated memory limit. Only hosts with more
than 16 TiB of memory are affected (XSA-385, bsc#1192554).
- CVE-2021-28694,CVE-2021-28695,CVE-2021-28696: Fixed several issues
with direct mapping via ACPI tables. Only x86 systems with IOMMUs
and firmware specifying memory regions to be identity mapped are
affected (XSA-378, bsc#1189373).
- CVE-2021-28705,CVE-2021-28709: Fixed an incorrect handling of
partially successful states in P2M hypercalls. Only x86 HVM and PVH
guests started in populate-on-demand mode were able to leverage the
vulnerability (XSA-389, bsc#1192559).
- CVE-2022-23034: Fixed a reference count underflow in grant mappings
that would lead to denial of service. Only x86 PV guests could
leverage the vulnerability (XSA-394, bsc#1194581).
- CVE-2022-26356: Fixed a race condition in log dirty tracking which
could lead to denial of service via memory leakage (XSA-397, bsc#1197423).
- CVE-2022-26362: Fixed a type reference acquisition race condition
which could lead to x86 PV guest administrators taking over the whole
system (XSA-401, bsc#1199965).
- CVE-2022-26363,CVE-2022-26364: Fixed a logic flaw that could allow
x86 PV guest administrators to take over the whole system due to
CPU-induced cache non-coherency (XSA-402, bsc#1199966).
- CVE-2022-21123,CVE-2022-21125,CVE-2022-21166: Fixed an MMIO stale
data issue that could cause an attacker to leak sensitive information
from the hypervisor or other guests. This issue affects only Intel
based x86 processors (XSA-404, bsc#1200549).
- CVE-2022-33745: Fixed a logic flaw introduced in the fix for XSA-401
which would omit necessary TLB flushes, leading to memory exhaustion.
Only x86 PV guests running in shadow mode can trigger this vulnerability
(XSA-408, bsc#1201394).
- CVE-2020-29040: Fixed a memory corruption issue introduced in the
fix for XSA-346, which could lead to denial of service. Only x86 HVM
and PVH guests can leverage the vulnerability.(XSA-355, bsc#1178963).
ImportantSUSE bug 1178963SUSE bug 1189373SUSE bug 1189376SUSE bug 1189378SUSE bug 1189632SUSE bug 1192554SUSE bug 1192559SUSE bug 1194581SUSE bug 1197423SUSE bug 1199965SUSE bug 1199966SUSE bug 1200549SUSE bug 1201394CVE-2020-29040 at SUSECVE-2020-29040 at NVDCVE-2021-28694 at SUSECVE-2021-28694 at NVDCVE-2021-28695 at SUSECVE-2021-28695 at NVDCVE-2021-28696 at SUSECVE-2021-28696 at NVDCVE-2021-28697 at SUSECVE-2021-28697 at NVDCVE-2021-28698 at SUSECVE-2021-28698 at NVDCVE-2021-28701 at SUSECVE-2021-28701 at NVDCVE-2021-28705 at SUSECVE-2021-28705 at NVDCVE-2021-28706 at SUSECVE-2021-28706 at NVDCVE-2021-28709 at SUSECVE-2021-28709 at NVDCVE-2022-21123 at SUSECVE-2022-21123 at NVDCVE-2022-21125 at SUSECVE-2022-21125 at NVDCVE-2022-21166 at SUSECVE-2022-21166 at NVDCVE-2022-23034 at SUSECVE-2022-23034 at NVDCVE-2022-26356 at SUSECVE-2022-26356 at NVDCVE-2022-26362 at SUSECVE-2022-26362 at NVDCVE-2022-26363 at SUSECVE-2022-26363 at NVDCVE-2022-26364 at SUSECVE-2022-26364 at NVDCVE-2022-33745 at SUSECVE-2022-33745 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes the following issues:
- Fixed retbleed arbitrary speculative code execution with return instructions (XSA-407) (bsc#1201469):
- CVE-2022-23816 (bnc#1201456)
- CVE-2022-23825 (bnc#1201457)
- CVE-2022-29900 (bnc#1199657)
- CVE-2021-28689: Fixed Speculative vulnerabilities with bare (non-shim) 32-bit PV guests (XSA-370) (bsc#1185104).
Bugfixes:
- Optimized existing fix for XSA-325 (bsc#1179502).
ImportantSUSE bug 1185104SUSE bug 1199657SUSE bug 1201456SUSE bug 1201457SUSE bug 1201469CVE-2021-28689 at SUSECVE-2021-28689 at NVDCVE-2022-23816 at SUSECVE-2022-23816 at NVDCVE-2022-23825 at SUSECVE-2022-23825 at NVDCVE-2022-29900 at SUSECVE-2022-29900 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes the following issues:
- CVE-2022-33746: Fixed Denial of Service due to locking issues in the P2M pool (bsc#1203806).
- CVE-2022-33748: Fixed Denial of Service due to lock order inversion in transitive grant copy handling (bsc#1203807).
ModerateSUSE bug 1203806SUSE bug 1203807CVE-2022-33746 at SUSECVE-2022-33746 at NVDCVE-2022-33748 at SUSECVE-2022-33748 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes the following issues:
- CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318: xen: Xenstore: Guests can let xenstored run out of memory (bsc#1204482)
- CVE-2022-42309: xen: Xenstore: Guests can crash xenstored (bsc#1204485)
- CVE-2022-42310: xen: Xenstore: Guests can create orphaned Xenstore nodes (bsc#1204487)
- CVE-2022-42320: xen: Xenstore: Guests can get access to Xenstore nodes of deleted domains (bsc#1204489)
- CVE-2022-42321: xen: Xenstore: Guests can crash xenstored via exhausting the stack (bsc#1204490)
- CVE-2022-42322,CVE-2022-42323: xen: Xenstore: cooperating guests can create arbitrary numbers of nodes (bsc#1204494)
ImportantSUSE bug 1204482SUSE bug 1204485SUSE bug 1204487SUSE bug 1204489SUSE bug 1204490SUSE bug 1204494CVE-2022-42309 at SUSECVE-2022-42309 at NVDCVE-2022-42310 at SUSECVE-2022-42310 at NVDCVE-2022-42311 at SUSECVE-2022-42311 at NVDCVE-2022-42312 at SUSECVE-2022-42312 at NVDCVE-2022-42313 at SUSECVE-2022-42313 at NVDCVE-2022-42314 at SUSECVE-2022-42314 at NVDCVE-2022-42315 at SUSECVE-2022-42315 at NVDCVE-2022-42316 at SUSECVE-2022-42316 at NVDCVE-2022-42317 at SUSECVE-2022-42317 at NVDCVE-2022-42318 at SUSECVE-2022-42318 at NVDCVE-2022-42320 at SUSECVE-2022-42320 at NVDCVE-2022-42321 at SUSECVE-2022-42321 at NVDCVE-2022-42322 at SUSECVE-2022-42322 at NVDCVE-2022-42323 at SUSECVE-2022-42323 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xen (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xen fixes the following issues:
- CVE-2022-42332: Fixed use-after-free in x86 shadow plus log-dirty mode (bsc#1209017).
- CVE-2022-23824: Fixed multiple speculative security issues (bsc#1205209).
The following non-security bug was fixed:
- Upstream bug fixes (bsc#1027519).
ImportantSUSE bug 1027519SUSE bug 1205209SUSE bug 1209017SUSE bug 1209188CVE-2022-23824 at SUSECVE-2022-23824 at NVDCVE-2022-42332 at SUSECVE-2022-42332 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for XenSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The Xen hypervisor and toolset has been updated to 4.2.2_06 to fix various
bugs and security issues:
The following security issues have been addressed:
* CVE-2013-2194: Various integer overflows in the ELF loader were
fixed. (XSA-55)
* CVE-2013-2195: Various pointer dereferences issues in the ELF loader
were fixed. (XSA-55)
* CVE-2013-2196: Various other problems in the ELF loader were fixed.
(XSA-55)
* CVE-2013-2078: A Hypervisor crash due to missing exception recovery
on XSETBV was fixed. (XSA-54)
* CVE-2013-2077: A Hypervisor crash due to missing exception recovery
on XRSTOR was fixed. (XSA-53)
* CVE-2013-2211: libxl allowed guest write access to sensitive console
related xenstore keys. (XSA-57)
* CVE-2013-2076: An information leak on XSAVE/XRSTOR capable AMD CPUs
(XSA-52) was fixed, where parts of this state could leak to other
VMs.
Also the following bugs have been fixed:
* performance issues in mirror lvm (bnc#801663)
* aacraid driver panics mapping INT A when booting kernel-xen
(bnc#808085)
* Fully Virtualized Windows VM install failed on Ivy Bridge platforms
with Xen kernel (bnc#808269)
* Did not boot with i915 graphics controller with VT-d enabled
(bnc#817210)
Security Issue references:
* CVE-2013-2194
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2194>
* CVE-2013-2195
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2195>
* CVE-2013-2196
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2196>
SUSE bug 801663SUSE bug 808085SUSE bug 808269SUSE bug 817210SUSE bug 820917SUSE bug 820919SUSE bug 820920SUSE bug 823011SUSE bug 823608CVE-2013-2194 at SUSECVE-2013-2194 at NVDCVE-2013-2195 at SUSECVE-2013-2195 at NVDCVE-2013-2196 at SUSECVE-2013-2196 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for XenSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
XEN has been updated to version 4.2.3 c/s 26170, fixing various bugs and
security issues.
* CVE-2013-4416: XSA-72: Fixed ocaml xenstored that mishandled
oversized message replies
* CVE-2013-4355: XSA-63: Fixed information leaks through I/O
instruction emulation
* CVE-2013-4361: XSA-66: Fixed information leak through fbld
instruction emulation
* CVE-2013-4368: XSA-67: Fixed information leak through outs
instruction emulation
* CVE-2013-4369: XSA-68: Fixed possible null dereference when parsing
vif ratelimiting info
* CVE-2013-4370: XSA-69: Fixed misplaced free in ocaml
xc_vcpu_getaffinity stub
* CVE-2013-4371: XSA-70: Fixed use-after-free in libxl_list_cpupool
under memory pressure
* CVE-2013-4375: XSA-71: xen: qemu disk backend (qdisk) resource leak
* CVE-2013-1442: XSA-62: Fixed information leak on AVX and/or LWP
capable CPUs
* CVE-2013-1432: XSA-58: Page reference counting error due to
XSA-45/CVE-2013-1918 fixes.
Various bugs have also been fixed:
* Boot failure with xen kernel in UEFI mode with error 'No memory for
trampoline' (bnc#833483)
* Improvements to block-dmmd script (bnc#828623)
* MTU size on Dom0 gets reset when booting DomU with e1000 device
(bnc#840196)
* In HP's UEFI x86_64 platform and with xen environment, in booting
stage, xen hypervisor will panic. (bnc#833251)
* Xen: migration broken from xsave-capable to xsave-incapable host
(bnc#833796)
* In xen, 'shutdown -y 0 -h' cannot power off system (bnc#834751)
* In HP's UEFI x86_64 platform with xen environment, xen hypervisor
will panic on multiple blades nPar. (bnc#839600)
* vcpus not started after upgrading Dom0 from SLES 11 SP2 to SP3
(bnc#835896)
* SLES 11 SP3 Xen security patch does not automatically update UEFI
boot binary (bnc#836239)
* Failed to setup devices for vm instance when start multiple vms
simultaneously (bnc#824676)
* SLES 9 SP4 guest fails to start after upgrading to SLES 11 SP3
(bnc#817799)
* Various upstream fixes have been included.
Security Issues:
* CVE-2013-1432
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1432>
* CVE-2013-1442
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1442>
* CVE-2013-1918
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1918>
* CVE-2013-4355
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4355>
* CVE-2013-4361
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4361>
* CVE-2013-4368
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4368>
* CVE-2013-4369
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4369>
* CVE-2013-4370
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4370>
* CVE-2013-4371
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4371>
* CVE-2013-4375
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4375>
* CVE-2013-4416
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4416>
SUSE bug 817799SUSE bug 824676SUSE bug 826882SUSE bug 828623SUSE bug 833251SUSE bug 833483SUSE bug 833796SUSE bug 834751SUSE bug 835896SUSE bug 836239SUSE bug 839596SUSE bug 839600SUSE bug 840196SUSE bug 840592SUSE bug 841766SUSE bug 842511SUSE bug 842512SUSE bug 842513SUSE bug 842514SUSE bug 842515SUSE bug 845520CVE-2013-1432 at SUSECVE-2013-1432 at NVDCVE-2013-1442 at SUSECVE-2013-1442 at NVDCVE-2013-1918 at SUSECVE-2013-1918 at NVDCVE-2013-4355 at SUSECVE-2013-4355 at NVDCVE-2013-4361 at SUSECVE-2013-4361 at NVDCVE-2013-4368 at SUSECVE-2013-4368 at NVDCVE-2013-4369 at SUSECVE-2013-4369 at NVDCVE-2013-4370 at SUSECVE-2013-4370 at NVDCVE-2013-4371 at SUSECVE-2013-4371 at NVDCVE-2013-4375 at SUSECVE-2013-4375 at NVDCVE-2013-4416 at SUSECVE-2013-4416 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for XenSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The Xen hypervisor and tool-suite have been updated to fix security issues
and bugs:
* CVE-2013-4494: XSA-73: A lock order reversal between page allocation
and grant table locks could lead to host crashes or even host code
execution.
* CVE-2013-4553: XSA-74: A lock order reversal between page_alloc_lock
and mm_rwlock could lead to deadlocks.
* CVE-2013-4554: XSA-76: Hypercalls exposed to privilege rings 1 and 2
of HVM guests which might lead to Hypervisor escalation under
specific circumstances.
* CVE-2013-6375: XSA-78: Insufficient TLB flushing in VT-d (iommu) code
could lead to access of memory that was revoked.
* CVE-2013-4551: XSA-75: A host crash due to guest VMX instruction
execution was fixed.
Non-security bugs have also been fixed:
* bnc#840997: It is possible to start a VM twice on the same node.
* bnc#842417: In HP's UEFI x86_64 platform and SLES 11-SP3, dom0 will
could lock-up on multiple blades nPar.
* bnc#848014: Xen Hypervisor panics on 8-blades nPar with 46-bit memory
addressing.
* bnc#846849: Soft lock-up with PCI pass-through and many VCPUs.
* bnc#833483: Boot Failure with Xen kernel in UEFI mode with error 'No
memory for trampoline'.
* Increase the maximum supported CPUs in the Hypervisor to 512.
Security Issues:
* CVE-2013-1922
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1922>
* CVE-2013-2007
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2007>
* CVE-2013-4375
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4375>
* CVE-2013-4416
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4416>
* CVE-2013-4494
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4494>
* CVE-2013-4551
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4551>
* CVE-2013-4553
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4553>
* CVE-2013-4554
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4554>
SUSE bug 833483SUSE bug 840997SUSE bug 842417SUSE bug 846849SUSE bug 848014SUSE bug 848657SUSE bug 849665SUSE bug 849667SUSE bug 849668SUSE bug 851386CVE-2013-1922 at SUSECVE-2013-1922 at NVDCVE-2013-2007 at SUSECVE-2013-2007 at NVDCVE-2013-4375 at SUSECVE-2013-4375 at NVDCVE-2013-4416 at SUSECVE-2013-4416 at NVDCVE-2013-4494 at SUSECVE-2013-4494 at NVDCVE-2013-4551 at SUSECVE-2013-4551 at NVDCVE-2013-4553 at SUSECVE-2013-4553 at NVDCVE-2013-4554 at SUSECVE-2013-4554 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for XenSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The SUSE Linux Enterprise Server 11 Service Pack 3 Xen hypervisor and
toolset has been updated to 4.2.4 to fix various bugs and security issues:
The following security issues have been addressed:
*
XSA-60: CVE-2013-2212: The vmx_set_uc_mode function in Xen 3.3
through 4.3, when disabling chaches, allows local HVM guests with
access to memory mapped I/O regions to cause a denial of service (CPU
consumption and possibly hypervisor or guest kernel panic) via a
crafted GFN range. (bnc#831120)
*
XSA-80: CVE-2013-6400: Xen 4.2.x and 4.3.x, when using Intel VT-d and
a PCI device has been assigned, does not clear the flag that
suppresses IOMMU TLB flushes when unspecified errors occur, which
causes the TLB entries to not be flushed and allows local guest
administrators to cause a denial of service (host crash) or gain
privileges via unspecified vectors. (bnc#853048)
*
XSA-82: CVE-2013-6885: The microcode on AMD 16h 00h through 0Fh
processors does not properly handle the interaction between locked
instructions and write-combined memory types, which allows local
users to cause a denial of service (system hang) via a crafted
application, aka the errata 793 issue. (bnc#853049)
*
XSA-83: CVE-2014-1642: The IRQ setup in Xen 4.2.x and 4.3.x, when
using device passthrough and configured to support a large number of
CPUs, frees certain memory that may still be intended for use, which
allows local guest administrators to cause a denial of service
(memory corruption and hypervisor crash) and possibly execute
arbitrary code via vectors related to an out-of-memory error that
triggers a (1) use-after-free or (2) double free. (bnc#860092)
*
XSA-84: CVE-2014-1891: The FLASK_{GET,SET}BOOL, FLASK_USER and
FLASK_CONTEXT_TO_SID suboperations of the flask hypercall are
vulnerable to an integer overflow on the input size. The hypercalls
attempt to allocate a buffer which is 1 larger than this size and is
therefore vulnerable to integer overflow and an attempt to allocate
then access a zero byte buffer. (bnc#860163)
*
XSA-84: CVE-2014-1892 CVE-2014-1893: Xen 3.3 through 4.1, while not
affected by the above overflow, have a different overflow issue on
FLASK_{GET,SET}BOOL and expose unreasonably large memory allocation
to aribitrary guests. (bnc#860163)
*
XSA-84: CVE-2014-1894: Xen 3.2 (and presumably earlier) exhibit both
problems with the overflow issue being present for more than just the
suboperations listed above. (bnc#860163)
*
XSA-85: CVE-2014-1895: The FLASK_AVC_CACHESTAT hypercall, which
provides access to per-cpu statistics on the Flask security policy,
incorrectly validates the CPU for which statistics are being
requested. (bnc#860165)
*
XSA-86: CVE-2014-1896: libvchan (a library for inter-domain
communication) does not correctly handle unusual or malicious
contents in the xenstore ring. A malicious guest can exploit this to
cause a libvchan-using facility to read or write past the end of the
ring. (bnc#860300)
*
XSA-87: CVE-2014-1666: The do_physdev_op function in Xen 4.1.5,
4.1.6.1, 4.2.2 through 4.2.3, and 4.3.x does not properly restrict
access to the (1) PHYSDEVOP_prepare_msix and (2)
PHYSDEVOP_release_msix operations, which allows local PV guests to
cause a denial of service (host or guest malfunction) or possibly
gain privileges via unspecified vectors. (bnc#860302)
*
XSA-88: CVE-2014-1950: Use-after-free vulnerability in the
xc_cpupool_getinfo function in Xen 4.1.x through 4.3.x, when using a
multithreaded toolstack, does not properly handle a failure by the
xc_cpumap_alloc function, which allows local users with access to
management functions to cause a denial of service (heap corruption)
and possibly gain privileges via unspecified vectors. (bnc#861256)
Also the following non-security bugs have been fixed:
* Fixed boot problems with Xen kernel. '(XEN) setup 0000:00:18.0 for d0
failed (-19)' (bnc#858311)
* Fixed Xen hypervisor panic on 8-blades nPar with 46-bit memory
addressing. (bnc#848014)
* Fixed Xen hypervisor panic in HP's UEFI x86_64 platform and with xen
environment, in booting stage. (bnc#833251)
* xend/pvscsi: recognize also SCSI CDROM devices (bnc#863297)
* pygrub: Support (/dev/xvda) style disk specifications
Security Issue references:
* CVE-2013-2212
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2212>
* CVE-2013-6400
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6400>
* CVE-2013-6885
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885>
* CVE-2014-1642
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1642>
* CVE-2014-1666
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1666>
* CVE-2014-1891
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1891>
* CVE-2014-1892
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1892>
* CVE-2014-1893
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1893>
* CVE-2014-1894
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1894>
* CVE-2014-1895
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1895>
* CVE-2014-1896
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1896>
* CVE-2014-1950
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1950>
SUSE bug 831120SUSE bug 833251SUSE bug 848014SUSE bug 853048SUSE bug 853049SUSE bug 858311SUSE bug 860092SUSE bug 860163SUSE bug 860165SUSE bug 860300SUSE bug 860302SUSE bug 861256SUSE bug 863297CVE-2013-2212 at SUSECVE-2013-2212 at NVDCVE-2013-6400 at SUSECVE-2013-6400 at NVDCVE-2013-6885 at SUSECVE-2013-6885 at NVDCVE-2014-1642 at SUSECVE-2014-1642 at NVDCVE-2014-1666 at SUSECVE-2014-1666 at NVDCVE-2014-1891 at SUSECVE-2014-1891 at NVDCVE-2014-1892 at SUSECVE-2014-1892 at NVDCVE-2014-1893 at SUSECVE-2014-1893 at NVDCVE-2014-1894 at SUSECVE-2014-1894 at NVDCVE-2014-1895 at SUSECVE-2014-1895 at NVDCVE-2014-1896 at SUSECVE-2014-1896 at NVDCVE-2014-1950 at SUSECVE-2014-1950 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for XenSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The SUSE Linux Enterprise 11 Service Pack 3 Xen package was updated to fix
various bugs and security issues.
The following security issues have been fixed:
* XSA-108: CVE-2014-7188: Improper MSR range used for x2APIC emulation
(bnc#897657)
* XSA-106: CVE-2014-7156: Missing privilege level checks in x86
emulation of software interrupts (bnc#895802)
* XSA-105: CVE-2014-7155: Missing privilege level checks in x86 HLT,
LGDT, LIDT, and LMSW emulation (bnc#895799)
* XSA-104: CVE-2014-7154: Race condition in HVMOP_track_dirty_vram
(bnc#895798)
* XSA-100: CVE-2014-4021: Hypervisor heap contents leaked to guests
(bnc#880751)
* XSA-96: CVE-2014-3967, CVE-2014-3968: Vulnerabilities in HVM MSI
injection (bnc#878841)
* XSA-89: CVE-2014-2599: HVMOP_set_mem_access is not preemptible
(bnc#867910)
* XSA-65: CVE-2013-4344: qemu SCSI REPORT LUNS buffer overflow
(bnc#842006)
* CVE-2013-4540: qemu: zaurus: buffer overrun on invalid state load
(bnc#864801)
The following non-security issues have been fixed:
* xend: Fix netif convertToDeviceNumber for running domains
(bnc#891539)
* Installing SLES12 as a VM on SLES11 SP3 fails because of btrfs in the
VM (bnc#882092)
* XEN kernel panic do_device_not_available() (bnc#881900)
* Boot Failure with xen kernel in UEFI mode with error 'No memory for
trampoline' (bnc#833483)
* SLES 11 SP3 vm-install should get RHEL 7 support when released
(bnc#862608)
* SLES 11 SP3 XEN kiso version cause softlockup on 8 blades npar(480
cpu) (bnc#858178)
* Local attach support for PHY backends using scripts
local_attach_support_for_phy.patch (bnc#865682)
* Improve multipath support for npiv devices block-npiv (bnc#798770)
Security Issues:
* CVE-2013-4344
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4344>
* CVE-2013-4540
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4540>
* CVE-2014-2599
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2599>
* CVE-2014-3967
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3967>
* CVE-2014-3968
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3968>
* CVE-2014-4021
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4021>
* CVE-2014-7154
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7154>
* CVE-2014-7155
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7155>
* CVE-2014-7156
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7156>
* CVE-2014-7188
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7188>
SUSE bug 798770SUSE bug 833483SUSE bug 842006SUSE bug 858178SUSE bug 862608SUSE bug 864801SUSE bug 865682SUSE bug 867910SUSE bug 878841SUSE bug 880751SUSE bug 881900SUSE bug 882092SUSE bug 891539SUSE bug 895798SUSE bug 895799SUSE bug 895802SUSE bug 897657CVE-2013-4344 at SUSECVE-2013-4344 at NVDCVE-2013-4540 at SUSECVE-2013-4540 at NVDCVE-2014-2599 at SUSECVE-2014-2599 at NVDCVE-2014-3967 at SUSECVE-2014-3967 at NVDCVE-2014-3968 at SUSECVE-2014-3968 at NVDCVE-2014-4021 at SUSECVE-2014-4021 at NVDCVE-2014-7154 at SUSECVE-2014-7154 at NVDCVE-2014-7155 at SUSECVE-2014-7155 at NVDCVE-2014-7156 at SUSECVE-2014-7156 at NVDCVE-2014-7188 at SUSECVE-2014-7188 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for XenSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The Virtualization service XEN was updated to fix various bugs and security
issues.
The following security issues have been fixed:
*
CVE-2015-2756: XSA-126: Unmediated PCI command register access in
qemu could have lead to denial of service attacks against the host,
if PCI cards are passed through to guests.
*
XSA-125: Long latency MMIO mapping operations were not preemptible.
*
CVE-2015-2151: XSA-123: Instructions with register operands ignored
eventual segment overrides encoded for them. Due to an insufficiently
conditional assignment such a bogus segment override could have,
however, corrupted a pointer used subsequently to store the result of
the instruction.
*
CVE-2015-2045: XSA-122: The code handling certain sub-operations of
the HYPERVISOR_xen_version hypercall failed to fully initialize all
fields of structures subsequently copied back to guest memory. Due to
this hypervisor stack contents were copied into the destination of
the operation, thus becoming visible to the guest.
*
CVE-2015-2044: XSA-121: Emulation routines in the hypervisor dealing
with certain system devices checked whether the access size by the
guest is a supported one. When the access size is unsupported these
routines failed to set the data to be returned to the guest for read
accesses, so that hypervisor stack contents were copied into the
destination of the operation, thus becoming visible to the guest.
Also fixed:
* Fully virtualized guest install from network source failed with
'cannot find guest domain' in XEN. (bsc#919341)
Security Issues:
* CVE-2015-2044
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2044>
* CVE-2015-2045
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2045>
* CVE-2015-2151
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2151>
* CVE-2015-2756
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2756>
SUSE bug 918995SUSE bug 918998SUSE bug 919341SUSE bug 919464SUSE bug 922705SUSE bug 922706CVE-2015-2044 at SUSECVE-2015-2044 at NVDCVE-2015-2045 at SUSECVE-2015-2045 at NVDCVE-2015-2151 at SUSECVE-2015-2151 at NVDCVE-2015-2756 at SUSECVE-2015-2756 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for XenSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
Xen was updated to fix seven security vulnerabilities:
* CVE-2015-4103: Potential unintended writes to host MSI message data
field via qemu. (XSA-128, bnc#931625)
* CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests.
(XSA-129, bnc#931626)
* CVE-2015-4105: Guest triggerable qemu MSI-X pass-through error
messages. (XSA-130, bnc#931627)
* CVE-2015-4106: Unmediated PCI register access in qemu. (XSA-131,
bnc#931628)
* CVE-2015-4163: GNTTABOP_swap_grant_ref operation misbehavior.
(XSA-134, bnc#932790)
* CVE-2015-3209: Heap overflow in qemu pcnet controller allowing guest
to host escape. (XSA-135, bnc#932770)
* CVE-2015-4164: DoS through iret hypercall handler. (XSA-136,
bnc#932996)
Security Issues:
* CVE-2015-4103
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4103>
* CVE-2015-4104
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4104>
* CVE-2015-4105
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4105>
* CVE-2015-4106
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4106>
* CVE-2015-4163
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4163>
* CVE-2015-4164
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4164>
* CVE-2015-3209
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3209>
SUSE bug 931625SUSE bug 931626SUSE bug 931627SUSE bug 931628SUSE bug 932770SUSE bug 932790SUSE bug 932996CVE-2015-3209 at SUSECVE-2015-3209 at NVDCVE-2015-4103 at SUSECVE-2015-4103 at NVDCVE-2015-4104 at SUSECVE-2015-4104 at NVDCVE-2015-4105 at SUSECVE-2015-4105 at NVDCVE-2015-4106 at SUSECVE-2015-4106 at NVDCVE-2015-4163 at SUSECVE-2015-4163 at NVDCVE-2015-4164 at SUSECVE-2015-4164 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for xen (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update fixes the following security issues:
- bsc#956832 - CVE-2015-8345: xen: qemu: net: eepro100:
infinite loop in processing command block list
- bsc#956592 - xen: virtual PMU is unsupported (XSA-163)
- bsc#956408 - CVE-2015-8339, CVE-2015-8340: xen:
XENMEM_exchange error handling issues (XSA-159)
- bsc#956409 - CVE-2015-8341: xen: libxl leak of pv kernel
and initrd on error (XSA-160)
- bsc#956411 - CVE-2015-7504: xen: heap buffer overflow
vulnerability in pcnet emulator (XSA-162)
- bsc#947165 - CVE-2015-7311: xen: libxl fails to honour
readonly flag on disks with qemu-xen (xsa-142)
- bsc#954405 - CVE-2015-8104: Xen: guest to host DoS by
triggering an infinite loop in microcode via #DB exception
- bsc#954018 - CVE-2015-5307: xen: x86: CPU lockup during
fault delivery (XSA-156)
- bsc#950704 - CVE-2015-7970: xen: x86: Long latency
populate-on-demand operation is not preemptible (XSA-150)
- bsc#951845 - CVE-2015-7972: xen: x86: populate-on-demand
balloon size inaccuracy can crash guests (XSA-153)
- bsc#950703 - CVE-2015-7969: xen: leak of main per-domain
vcpu pointer array (DoS) (XSA-149)
- bsc#950705 - CVE-2015-7969: xen: x86: leak of per-domain
profiling-related vcpu pointer array (DoS) (XSA-151)
- bsc#950706 - CVE-2015-7971: xen: x86: some pmu and
profiling hypercalls log without rate limiting (XSA-152) ModerateSUSE bug 947165SUSE bug 950703SUSE bug 950704SUSE bug 950705SUSE bug 950706SUSE bug 951845SUSE bug 954018SUSE bug 954405SUSE bug 956408SUSE bug 956409SUSE bug 956411SUSE bug 956592SUSE bug 956832CVE-2015-5307 at SUSECVE-2015-5307 at NVDCVE-2015-7311 at SUSECVE-2015-7311 at NVDCVE-2015-7504 at SUSECVE-2015-7504 at NVDCVE-2015-7969 at SUSECVE-2015-7969 at NVDCVE-2015-7970 at SUSECVE-2015-7970 at NVDCVE-2015-7971 at SUSECVE-2015-7971 at NVDCVE-2015-7972 at SUSECVE-2015-7972 at NVDCVE-2015-8104 at SUSECVE-2015-8104 at NVDCVE-2015-8339 at SUSECVE-2015-8339 at NVDCVE-2015-8340 at SUSECVE-2015-8340 at NVDCVE-2015-8341 at SUSECVE-2015-8341 at NVDCVE-2015-8345 at SUSECVE-2015-8345 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for xerces-j2 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
xerces-j2 was updated to fix several issues.
This security issue was fixed:
- bsc#814241: Prevent possible DoS through very long attribute names
This non-security issue was fixed:
- Prevent StackOverflowError when applying a pattern restriction on long strings
while trying to validate an XML file against a schema (bsc#1047536, bsc#879138)
ModerateSUSE bug 1047536SUSE bug 814241SUSE bug 879138cpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xerces-j2 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xerces-j2 fixes the following issues:
- CVE-2022-23437: Fixed infinite loop within Apache XercesJ xml parser (bsc#1195108).
ImportantSUSE bug 1195108CVE-2022-23437 at SUSECVE-2022-23437 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xfsprogs (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
xfsprogs was updated to fix one security vulnerability and several bugs.
- Handle unwanted data disclosure in xfs_metadump (bsc#939367, CVE-2012-2150)
- Fix segfault during xfs_repair run (bsc#911866)
- Fix definition of leaf attribute block to avoid gcc optimization xfsprogs-fix-leaf-block-definition
ModerateSUSE bug 911866SUSE bug 939367CVE-2012-2150 at SUSECVE-2012-2150 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for xinetdSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The multiplexing system xinetd was updated to fix security issues and a
bug.
Security issues fixed:
* CVE-2013-4342: xinetd ignores user and group directives for tcpmux
services.
* CVE-2012-0862: xinetd enables all services when tcp multiplexing is
used.
Bug fixed:
* Services started by xinetd were limited to 1024 open file
descriptors. (bnc#855685)
Security Issues references:
* CVE-2012-0862
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0862>
* CVE-2013-4342
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4342>
SUSE bug 762294SUSE bug 844230SUSE bug 855685CVE-2012-0862 at SUSECVE-2012-0862 at NVDCVE-2013-4342 at SUSECVE-2013-4342 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Recommended update for xorg-x11-serverSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This collective update for xorg-x11-server provides the following fixes:
* Fix a segmentation fault that can occur when X11 packets are
forwarded between a client and a server with different endianess.
(bnc#874903)
* Free software cursor backing pixmap when transition between screens.
This fixes a crash in multi screen support when an assert gets hit.
(bnc#880835)
* Ignore numlock in Xvnc. Following keys from VNC client will be
already modulated by numlock on client side. (bnc#878446)
* Fix crash when Xinerama gets disabled after RanR12 is initialized.
(bnc#878433)
* Prevent crash at the end of 2nd server generation when number of
privates differ between 1st and 2nd. (bnc#883598)
* Move Xinerama disable when only one screen is present to main loop.
(bnc#883598)
* Improve Xinerama command line option handling. (bnc#883598)
* Work around a possible crash when object belongs to a client that no
longer exists. (bnc#883516)
* Try to make keyboard bell ring on all devices attached to master
keyboard. (bnc#879019)
* Implement DeleteInputDeviceRequest in Xvnc to avoid server crash when
the Xserver restarts after a server reset. (bnc#880745).
SUSE bug 816813SUSE bug 843652SUSE bug 853846SUSE bug 864911SUSE bug 874903SUSE bug 878433SUSE bug 878446SUSE bug 879019SUSE bug 880745SUSE bug 880835SUSE bug 883051SUSE bug 883516SUSE bug 883598SUSE bug 886213SUSE bug 907268SUSE bug 907633SUSE bug 915810SUSE bug 928520CVE-2013-4396 at SUSECVE-2013-4396 at NVDCVE-2013-6424 at SUSECVE-2013-6424 at NVDCVE-2014-8091 at SUSECVE-2014-8091 at NVDCVE-2014-8092 at SUSECVE-2014-8092 at NVDCVE-2014-8093 at SUSECVE-2014-8093 at NVDCVE-2014-8094 at SUSECVE-2014-8094 at NVDCVE-2014-8095 at SUSECVE-2014-8095 at NVDCVE-2014-8096 at SUSECVE-2014-8096 at NVDCVE-2014-8097 at SUSECVE-2014-8097 at NVDCVE-2014-8098 at SUSECVE-2014-8098 at NVDCVE-2014-8099 at SUSECVE-2014-8099 at NVDCVE-2014-8100 at SUSECVE-2014-8100 at NVDCVE-2014-8101 at SUSECVE-2014-8101 at NVDCVE-2014-8102 at SUSECVE-2014-8102 at NVDCVE-2015-0255 at SUSECVE-2015-0255 at NVDCVE-2015-3418 at SUSECVE-2015-3418 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libsSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
xorg-x11-libs was patched to fix the following security issues:
* Integer overflow of allocations in font metadata file parsing.
(CVE-2014-0209)
* libxfont not validating length fields when parsing xfs protocol
replies. (CVE-2014-0210)
* Integer overflows causing miscalculating memory needs for xfs
replies. (CVE-2014-0211)
Further information is available at
http://lists.x.org/archives/xorg-announce/2014-May/002431.html
<http://lists.x.org/archives/xorg-announce/2014-May/002431.html> .
Security Issues references:
* CVE-2014-0209
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0209>
* CVE-2014-0210
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0210>
* CVE-2014-0211
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0211>
SUSE bug 815451SUSE bug 821663SUSE bug 854915SUSE bug 857544SUSE bug 921978CVE-2013-1984 at SUSECVE-2013-1984 at NVDCVE-2013-1985 at SUSECVE-2013-1985 at NVDCVE-2013-1986 at SUSECVE-2013-1986 at NVDCVE-2013-1988 at SUSECVE-2013-1988 at NVDCVE-2013-1990 at SUSECVE-2013-1990 at NVDCVE-2013-1991 at SUSECVE-2013-1991 at NVDCVE-2013-1992 at SUSECVE-2013-1992 at NVDCVE-2013-1995 at SUSECVE-2013-1995 at NVDCVE-2013-1996 at SUSECVE-2013-1996 at NVDCVE-2013-1998 at SUSECVE-2013-1998 at NVDCVE-2013-1999 at SUSECVE-2013-1999 at NVDCVE-2013-2000 at SUSECVE-2013-2000 at NVDCVE-2013-2001 at SUSECVE-2013-2001 at NVDCVE-2013-2003 at SUSECVE-2013-2003 at NVDCVE-2013-2063 at SUSECVE-2013-2063 at NVDCVE-2013-6462 at SUSECVE-2013-6462 at NVDCVE-2014-0209 at SUSECVE-2014-0209 at NVDCVE-2014-0210 at SUSECVE-2014-0210 at NVDCVE-2014-0211 at SUSECVE-2014-0211 at NVDCVE-2015-1802 at SUSECVE-2015-1802 at NVDCVE-2015-1803 at SUSECVE-2015-1803 at NVDCVE-2015-1804 at SUSECVE-2015-1804 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libICE (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libICE fixes the following issues:
- CVE-2017-2626: Creation of the ICE auth session cookies used insufficient randomness, making these cookies
predictable. A more random generation method has been implemented. (boo#1025068)
ModerateSUSE bug 1025068CVE-2017-2626 at SUSECVE-2017-2626 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libX11SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update of xorg-x11-libX11 fixes several security issues.
Bug 815451/821664
CVE-2013-1981 CVE-2013-1997 CVE-2013-2004
Security Issues:
* CVE-2013-1981
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1981>
* CVE-2013-1997
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1997>
* CVE-2013-2004
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2004>
SUSE bug 815451SUSE bug 821664CVE-2013-1981 at SUSECVE-2013-1981 at NVDCVE-2013-1997 at SUSECVE-2013-1997 at NVDCVE-2013-2004 at SUSECVE-2013-2004 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libX11 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
xorg-x11-libX11 was updated to fix one security issue.
This security issue was fixed:
- CVE-2013-7439: Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allowed remote attackers to have unspecified impact via a crafted request, which triggered a buffer overflow (bsc#927220).
ModerateSUSE bug 927220CVE-2013-7439 at SUSECVE-2013-7439 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libX11 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libX11 fixes the following issues:
- plug a memory leak (bsc#1002991, CVE-2016-7942)
- insufficient validation of data from the X server can cause
out of boundary memory read (XGetImage()) or write (XListFonts())
(bsc#1002991, CVE-2016-7942)
ModerateSUSE bug 1002991CVE-2016-7942 at SUSECVE-2016-7942 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libX11 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libX11 fixes the following issues:
- a regression introduced by the security fix for CVE-2013-1997
(bnc#824294). Keyboard mappings for special characters on Non-English
keyboards might have been broken. (bnc#1019642)
ModerateSUSE bug 1019642CVE-2013-1997 at SUSECVE-2013-1997 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libX11 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libX11 fixes the following issues:
- CVE-2018-14599: The function XListExtensions was vulnerable to an off-by-one
error caused by malicious server responses, leading to DoS or possibly
unspecified other impact (bsc#1102062)
- CVE-2018-14600: The function XListExtensions interpreted a variable as signed
instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes),
leading to DoS or remote code execution (bsc#1102068)
- CVE-2018-14598: A malicious server could have sent a reply in which the first
string overflows, causing a variable to be set to NULL that will be freed later
on, leading to DoS (segmentation fault) (bsc#1102073)
ModerateSUSE bug 1102062SUSE bug 1102068SUSE bug 1102073CVE-2018-14598 at SUSECVE-2018-14598 at NVDCVE-2018-14599 at SUSECVE-2018-14599 at NVDCVE-2018-14600 at SUSECVE-2018-14600 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for xorg-x11-libX11 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libX11 fixes the following issues:
- Fixed XIM client heap overflows (CVE-2020-14344, bsc#1174628)
ImportantSUSE bug 1174628CVE-2020-14344 at SUSECVE-2020-14344 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libX11 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libX11 fixes the following issues:
- Fixed XIM client heap overflows (CVE-2020-14344, bsc#1174628).
ImportantSUSE bug 1174628CVE-2020-14344 at SUSECVE-2020-14344 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libX11 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libX11 fixes the following issues:
- CVE-2020-14363: Fix an integer overflow in init_om() (bsc#1175239).
ModerateSUSE bug 1175239CVE-2020-14363 at SUSECVE-2020-14363 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libX11 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libX11 fixes the following issues:
- CVE-2021-31535: Fixed missing request length checks in libX11 (bsc#1182506).
ModerateSUSE bug 1182506CVE-2021-31535 at SUSECVE-2021-31535 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libX11 (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libX11 fixes the following issues:
- Regression in the fix for CVE-2021-31535, causing segfaults for xforms applications like fdesign (bsc#1186643).
ImportantSUSE bug 1186643CVE-2021-31535 at SUSECVE-2021-31535 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libX11 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libX11 fixes the following issues:
- CVE-2022-3554: Fixed memory leak in XRegisterIMInstantiateCallback() (bsc#1204422).
- CVE-2022-3555: Fixed memory leak in _XFreeX11XCBStructure() (bsc#1204425).
ModerateSUSE bug 1204422SUSE bug 1204425CVE-2022-3554 at SUSECVE-2022-3554 at NVDCVE-2022-3555 at SUSECVE-2022-3555 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libX11 (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libX11 fixes the following issues:
- Fixes regression introduced with security update for CVE-2022-3555 (bsc#1204425, bsc#1208881)
ModerateSUSE bug 1204425SUSE bug 1208881CVE-2022-3555 at SUSECVE-2022-3555 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libXdmcp (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libXdmcp fixes the following issues:
- CVE-2017-2625: The generation of session key in XDM using libXdmcp might have used weak entropy, making
the session keys predictable (bsc#1025046)
ModerateSUSE bug 1025046CVE-2017-2625 at SUSECVE-2017-2625 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libXextSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update of xorg-x11-libXext fixes several integer overflow issues.
Bug 815451/821665 CVE-2013-1982
Security Issues:
* CVE-2013-1982
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1982>
SUSE bug 815451SUSE bug 821665CVE-2013-1982 at SUSECVE-2013-1982 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libXfixesSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update of xorg-x11-libXfixes fixed a integer overflow issue.
Bug 815451/821667 CVE-2013-1983
Security Issues:
* CVE-2013-1983
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1983>
SUSE bug 815451SUSE bug 821667CVE-2013-1983 at SUSECVE-2013-1983 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libXfixes (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libXfixes fixes the following issues:
- insufficient validation of data from the X server can cause an
integer overflow on 32 bit architectures (bsc#1002995, CVE-2016-7944)
ModerateSUSE bug 1002995CVE-2016-7944 at SUSECVE-2016-7944 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libXpSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update of xorg-x11-libXp fixes several integer overflow issues.
Bug 815451/821668 CVE-2013-2062
Security Issues:
* CVE-2013-2062
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2062>
SUSE bug 815451SUSE bug 821668CVE-2013-2062 at SUSECVE-2013-2062 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libXpm (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libXpm fixes the following security issue:
- A heap overflow in XPM handling could be used by attackers supplying
XPM files to crash or potentially execute code. (bsc#1021315)
ModerateSUSE bug 1021315CVE-2016-10164 at SUSECVE-2016-10164 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libXpm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libXpm fixes the following issues:
- CVE-2022-46285: Fixed an infinite loop that could be triggered
when reading a XPM image with a C-style comment that is never
closed (bsc#1207029).
- CVE-2022-44617: Fixed an excessive resource consumption that could
be triggered when reading small crafted XPM image (bsc#1207030).
- CVE-2022-4883: Fixed an issue that made decompression commands
susceptible to PATH environment variable manipulation attacks
(bsc#1207031).
ImportantSUSE bug 1207029SUSE bug 1207030SUSE bug 1207031CVE-2022-44617 at SUSECVE-2022-44617 at NVDCVE-2022-46285 at SUSECVE-2022-46285 at NVDCVE-2022-4883 at SUSECVE-2022-4883 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libXrenderSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update of xorg-x11-libXrender fixes several integer overflow issues.
Bug 815451/821669 CVE-2013-1987
Security Issues:
* CVE-2013-1987
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1987>
SUSE bug 815451SUSE bug 821669CVE-2013-1987 at SUSECVE-2013-1987 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libXrender (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libXrender fixes the following issues:
- insufficient validation of data from the X server can cause out
of boundary memory writes (bsc#1003002, CVE-2016-7949, CVE-2016-7950)
ModerateSUSE bug 1003002CVE-2016-7949 at SUSECVE-2016-7949 at NVDCVE-2016-7950 at SUSECVE-2016-7950 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libXtSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update of xorg-x11-libXt fixes several integer and buffer overflow
issues.
Bug 815451/821670 CVE-2013-2002/CVE-2013-2005
Security Issues:
* CVE-2013-2002
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2002>
* CVE-2013-2005
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2005>
SUSE bug 815451SUSE bug 821670CVE-2013-2002 at SUSECVE-2013-2002 at NVDCVE-2013-2005 at SUSECVE-2013-2005 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libXvSUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update of xorg-x11-libXv fixes several integer and buffer overflow
issues.
Bug 815451/821671 CVE-2013-1989/CVE-2013-2066
Security Issues:
* CVE-2013-1989
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1989>
* CVE-2013-2066
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2066>
SUSE bug 815451SUSE bug 821671CVE-2013-1989 at SUSECVE-2013-1989 at NVDCVE-2013-2066 at SUSECVE-2013-2066 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libXv (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libXv fixes the following issues:
- insufficient validation of data from the X server can cause
memory corruption (bsc#1003017, CVE-2016-5407)
ModerateSUSE bug 1003017CVE-2016-5407 at SUSECVE-2016-5407 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Recommended update for xorg-x11-libs (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
This update for xorg-x11-libs fixes the following issues:
- The original fix for CVE-2015-1804 prevented DWIDTH to be negative. However, the
spec states that 'DWIDTH [...] is a vector indicating the position of the next
glyph's origin relative to the origin of this glyph'. Consequently, negative
DWIDTH values should be allowed. (bsc#958383)
ModerateSUSE bug 958383CVE-2015-1804 at SUSECVE-2015-1804 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libs (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libs fixes the following issues:
- insufficient validation of data from the X server can cause a
one byte buffer read underrun (bsc#1003023, CVE-2016-7953)
- insufficient validation of data from the X server can cause out
of boundary memory access or endless loops (Denial of Service)
(bsc#1003012, CVE-2016-7951, CVE-2016-7952)
- insufficient validation of data from the X server can cause out
of boundary memory writes (bsc#1003000, CVE-2016-7947, CVE-2016-7948)
- insufficient validation of data from the X server can cause out
of boundary memory access or endless loops (Denial of Service).
(bsc#1002998, CVE-2016-7945, CVE-2016-7946)
ModerateSUSE bug 1002998SUSE bug 1003000SUSE bug 1003012SUSE bug 1003023CVE-2016-7945 at SUSECVE-2016-7945 at NVDCVE-2016-7946 at SUSECVE-2016-7946 at NVDCVE-2016-7947 at SUSECVE-2016-7947 at NVDCVE-2016-7948 at SUSECVE-2016-7948 at NVDCVE-2016-7951 at SUSECVE-2016-7951 at NVDCVE-2016-7952 at SUSECVE-2016-7952 at NVDCVE-2016-7953 at SUSECVE-2016-7953 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libs (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libs fixes several issues.
These security issues were fixed:
- CVE-2017-16612: Heap overflows due to an integer overflow while parsing images and a signedness issue while parsing comments (bsc#1065386).
- CVE-2017-13720: Improper check for end of string in PatterMatch caused invalid reads (bsc#1054285)
- CVE-2017-13722: Malformed PCF file could have caused DoS or leak information (bsc#1049692)
- Prevent the X server from accessing arbitrary files as root. It is not possible to leak information, but special files can be touched allowing for causing side effects (bsc#1050459)
ModerateSUSE bug 1049692SUSE bug 1050459SUSE bug 1054285SUSE bug 1065386CVE-2017-13720 at SUSECVE-2017-13720 at NVDCVE-2017-13722 at SUSECVE-2017-13722 at NVDCVE-2017-16612 at SUSECVE-2017-16612 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-libs (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-libs fixes the following security issue:
- CVE-2015-9262: _XcursorThemeInherits allowed remote attackers to cause denial
of service or potentially code execution via a one-byte heap overflow
(bsc#1103511)
ModerateSUSE bug 1103511CVE-2015-9262 at SUSECVE-2015-9262 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-server (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-server fixes the following issues:
Security issues:
- CVE-2017-2624: Prevent timing attack against MIT cookie. (bsc#1025029, CVE-2017-2624)
Non security issues:
- Use arc4random to generate cookies. (bsc#1025084)
- XDrawArc performance improvement (bsc#1019649)
- Fix byte swapping for gradeint stops (bsc#981044).
- Remove unused function with use-after-free issue. (bsc#1025035)
ModerateSUSE bug 1019649SUSE bug 1025029SUSE bug 1025035SUSE bug 1025084SUSE bug 981044CVE-2017-2624 at SUSECVE-2017-2624 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-server fixes the following issues:
- CVE-2017-10971: Fix endianess handling of GenericEvent to prevent a stack overflow by clients. (bnc#1035283)
- Make sure the type of all events to be sent by ProcXSendExtensionEvent are in the
allowed range.
- CVE-2017-10972: Initialize the xEvent eventT with zeros to avoid information leakage.
ImportantSUSE bug 1035283CVE-2017-10971 at SUSECVE-2017-10971 at NVDCVE-2017-10972 at SUSECVE-2017-10972 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for xorg-x11-server (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-server provides several fixes.
These security issues were fixed:
- CVE-2017-13723: Prevent local DoS via unusual characters in XkbAtomText and
XkbStringText (bsc#1051150).
- Improve the entropy when generating random data used in X.org server authorization
cookies generation by using getentropy() and getrandom() when available (bsc#1025084)
- CVE-2017-12184,CVE-2017-12185,CVE-2017-12186,CVE-2017-12187: Fixed
unvalidated lengths in multiple extensions (bsc#1063034)
- CVE-2017-12183: Fixed some unvalidated lengths in the XFIXES
extension. (bsc#1063035)
- CVE-2017-12180,CVE-2017-12181,CVE-2017-12182: Fixed various unvalidated
lengths in the XFree86-VidMode/XFree86-DGA/XFree86-DRI extensions
(bsc#1063037)
- CVE-2017-12179: Fixed an integer overflow and unvalidated length in
(S)ProcXIBarrierReleasePointer in Xi (bsc#1063038)
- CVE-2017-12178: Fixed a wrong extra length check in
ProcXIChangeHierarchy in Xi (bsc#1063039)
- CVE-2017-12177: Fixed an unvalidated variable-length request in
ProcDbeGetVisualInfo (bsc#1063040)
- CVE-2017-12176: Fixed an unvalidated extra length in
ProcEstablishConnection (bsc#1063041)
ModerateSUSE bug 1025084SUSE bug 1051150SUSE bug 1063034SUSE bug 1063035SUSE bug 1063037SUSE bug 1063038SUSE bug 1063039SUSE bug 1063040SUSE bug 1063041CVE-2017-12176 at SUSECVE-2017-12176 at NVDCVE-2017-12177 at SUSECVE-2017-12177 at NVDCVE-2017-12178 at SUSECVE-2017-12178 at NVDCVE-2017-12179 at SUSECVE-2017-12179 at NVDCVE-2017-12180 at SUSECVE-2017-12180 at NVDCVE-2017-12181 at SUSECVE-2017-12181 at NVDCVE-2017-12182 at SUSECVE-2017-12182 at NVDCVE-2017-12183 at SUSECVE-2017-12183 at NVDCVE-2017-12184 at SUSECVE-2017-12184 at NVDCVE-2017-12185 at SUSECVE-2017-12185 at NVDCVE-2017-12186 at SUSECVE-2017-12186 at NVDCVE-2017-12187 at SUSECVE-2017-12187 at NVDCVE-2017-13723 at SUSECVE-2017-13723 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-LTSSSUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-server provides the following fix:
Security issue fixed:
- CVE-2018-14665: Local attackers could overwrite system files in any directory using the -logfile option and gain privileges (bsc#1111697)
Non security issues fixed:
- Do not write past the allocated buffer. (bsc#1078383)
ImportantSUSE bug 1078383SUSE bug 1111697CVE-2018-14665 at SUSECVE-2018-14665 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3cpe:/o:suse:suse_sles_ltss:11:sp3Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-server fixes the following issues:
- CVE-2020-14347: Leak of uninitialized heap memory from the X server to clients on pixmap allocation (bsc#1174633, ZDI-CAN-11426).
- CVE-2020-14345: XKB out-of-bounds access privilege escalation vulnerability (bsc#1174635, ZDI-CAN-11428).
ImportantSUSE bug 1174633SUSE bug 1174635CVE-2020-14345 at SUSECVE-2020-14345 at NVDCVE-2020-14347 at SUSECVE-2020-14347 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-server fixes the following issues:
- CVE-2020-14361: Fix XkbSelectEvents() integer underflow (bsc#1174910 ZDI-CAN-11573).
- CVE-2020-14362: Fix XRecordRegisterClients() Integer underflow (bsc#1174913 ZDI-CAN-11574).
ImportantSUSE bug 1174910SUSE bug 1174913CVE-2020-14361 at SUSECVE-2020-14361 at NVDCVE-2020-14362 at SUSECVE-2020-14362 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-server fixes the following issues:
- CVE-2020-25712: Fixed a heap-based buffer overflow which could have led to privilege escalation (bsc#1177596).
- CVE-2020-14360: Fixed an out of bounds memory accesses on too short request which could lead to denial of service (bsc#1174908).
ImportantSUSE bug 1174908SUSE bug 1177596CVE-2020-14360 at SUSECVE-2020-14360 at NVDCVE-2020-25712 at SUSECVE-2020-25712 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-server fixes the following issues:
- CVE-2021-3472: XChangeFeedbackControl Integer Underflow Privilege Escalation (bsc#1180128)
ImportantSUSE bug 1180128CVE-2021-3472 at SUSECVE-2021-3472 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-server fixes the following issues:
- CVE-2021-4008: Fixed Privilege Escalation Vulnerability via Out-Of-Bounds Access in SProcRenderCompositeGlyphs (bsc#1193030).
ImportantSUSE bug 1193030CVE-2021-4008 at SUSECVE-2021-4008 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-server fixes the following issues:
- CVE-2021-4011: The handlers for the RecordCreateContext and RecordRegisterClients
requests of the Record extension do not properly validate the request
length leading to out of bounds memory write. (bsc#1190489)
ImportantSUSE bug 1190489CVE-2021-4011 at SUSECVE-2021-4011 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-server fixes the following issues:
- CVE-2022-2319: Fixed out-of-bounds access in _CheckSetSections() (ZDI-CAN-16062) (bsc#1194179).
- CVE-2022-2320: Fixed out-of-bounds access in CheckSetDeviceIndicators() (ZDI-CAN-16070) (bsc#1194181).
ImportantSUSE bug 1194179SUSE bug 1194181CVE-2022-2319 at SUSECVE-2022-2319 at NVDCVE-2022-2320 at SUSECVE-2022-2320 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-server fixes the following issues:
- CVE-2022-3550: Fixed out of bounds read/write in _GetCountedString() (bsc#1204412).
- CVE-2022-3551: Fixed various leaks of the return value of GetComponentSpec() (bsc#1204416).
ImportantSUSE bug 1204412SUSE bug 1204416CVE-2022-3550 at SUSECVE-2022-3550 at NVDCVE-2022-3551 at SUSECVE-2022-3551 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-server fixes the following issues:
- CVE-2022-46340: Server XTestSwapFakeInput stack overflow (bsc#1205874)
- CVE-2022-46342: Server XvdiSelectVideoNotify use-after-free (bsc#1205879)
- CVE-2022-46343: Server ScreenSaverSetAttributes use-after-free (bsc#1205878)
- CVE-2022-46344: Server XIChangeProperty out-of-bounds access (bsc#1205876)
- CVE-2022-4283: Reset the radio_groups pointer to NULL after freeing it (bsc#1206017)
ImportantSUSE bug 1205874SUSE bug 1205876SUSE bug 1205878SUSE bug 1205879SUSE bug 1206017CVE-2022-4283 at SUSECVE-2022-4283 at NVDCVE-2022-46340 at SUSECVE-2022-46340 at NVDCVE-2022-46342 at SUSECVE-2022-46342 at NVDCVE-2022-46343 at SUSECVE-2022-46343 at NVDCVE-2022-46344 at SUSECVE-2022-46344 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-server fixes the following issues:
- CVE-2023-0494: Fixed a use-after-free in DeepCopyPointerClasses (bsc#1207783).
ImportantSUSE bug 1207783CVE-2023-0494 at SUSECVE-2023-0494 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-server fixes the following issues:
- Fixed a regression introduced with security update for CVE-2022-46340 (bsc#1205874).
ImportantSUSE bug 1205874CVE-2022-46340 at SUSECVE-2022-46340 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xorg-x11-server fixes the following issues:
- CVE-2023-1393: Fixed use-after-free overlay window (ZDI-CAN-19866) (bsc#1209543).
ImportantSUSE bug 1209543CVE-2023-1393 at SUSECVE-2023-1393 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xrdp (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xrdp fixes the following issues:
- CVE-2017-6967: Fixed incorrect location of pam function call auth_start_session (bsc#1029912).
Bugfixes:
- Fixed xrdp not reusing existing connections (bsc#921420).
ModerateSUSE bug 1029912SUSE bug 921420CVE-2017-6967 at SUSECVE-2017-6967 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xrdp (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xrdp fixes the following issues:
- CVE-2013-1430: Fixed xrdp creating cleartext session password of user (bsc#1015567).
- CVE-2020-4044: Fixed vulnerability where xrdp-sesman can be crashed remotely over port 3350 (bsc#1173580).
Bugfixes:
- Fixed xrdp not reusing sessions (bsc#921420).
ImportantSUSE bug 1015567SUSE bug 1173580SUSE bug 921420CVE-2013-1430 at SUSECVE-2013-1430 at NVDCVE-2020-4044 at SUSECVE-2020-4044 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xscreensaver (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server for SAP Applications 11 SP3
The xscreensaver package was updated to fix the following security and non security issues:
- CVE-2015-8025: Fixed a crash when hot-swapping monitors while locked (bsc#952062).
- Added xscreensaver-in_signal_handler_p.patch needed for fix of signal handling.
- Refresh xscreensaver-stars.patch.
ModerateSUSE bug 952062CVE-2015-8025 at SUSECVE-2015-8025 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:sles_sap:11:sp3cpe:/o:suse:suse_sles:11:sp3Security update for xscreensaver (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xscreensaver fixes the following issues:
- CVE-2021-34557: Fixed potential crash and unlock while disconnecting video output with more than 10 monitors (bsc#1186918)
ModerateSUSE bug 1186918CVE-2021-34557 at SUSECVE-2021-34557 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xterm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xterm fixes the following issues:
- CVE-2021-27135: Fixed buffer-overflow when clicking on selected utf8 text. (bsc#1182091)
ImportantSUSE bug 1182091CVE-2021-27135 at SUSECVE-2021-27135 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xterm (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xterm fixes the following issues:
- CVE-2022-45063: Fixed command injection in ESC 50 fontoperation by disabling the change font functionality (bsc#1205305).
ImportantSUSE bug 1205305CVE-2022-45063 at SUSECVE-2022-45063 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for xz (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for xz fixes the following issues:
- CVE-2022-1271: Fixed an incorrect escaping of malicious filenames (ZDI-CAN-16587). (bsc#1198062)
ImportantSUSE bug 1198062CVE-2022-1271 at SUSECVE-2022-1271 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for yast2-storage (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for yast2-storage to version 2.17.147.1 fixes the following issues:
- Use stdin, not tmp files for passwords (bsc#986971, CVE-2016-5746)
- fixed setting disk label on multipath devices (bsc#898525)
- fixed used-by information for multipath with LVM (bsc#888838)
ModerateSUSE bug 888838SUSE bug 898525SUSE bug 986971CVE-2016-5746 at SUSECVE-2016-5746 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for zlib (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for zlib fixes the following issues:
* Incompatible declarations for external linkage function deflate (bnc#1003577)
* CVE-2016-9842: Undefined Left Shift of Negative Number (bnc#1003580)
* CVE-2016-9840 CVE-2016-9841: Out-of-bounds pointer arithmetic in inftrees.c (bnc#1003579)
* CVE-2016-9843: Big-endian out-of-bounds pointer
ModerateSUSE bug 1003577SUSE bug 1003579SUSE bug 1003580SUSE bug 1013882CVE-2016-9840 at SUSECVE-2016-9840 at NVDCVE-2016-9841 at SUSECVE-2016-9841 at NVDCVE-2016-9842 at SUSECVE-2016-9842 at NVDCVE-2016-9843 at SUSECVE-2016-9843 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for zlib (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for zlib fixes the following issues:
- CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459).
ImportantSUSE bug 1197459CVE-2018-25032 at SUSECVE-2018-25032 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for zlib (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for zlib fixes the following issues:
- CVE-2022-37434: Fixed heap-based buffer over-read or buffer overflow via large gzip header extra field (bsc#1202175).
ImportantSUSE bug 1202175CVE-2022-37434 at SUSECVE-2022-37434 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for zsh (Moderate)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for zsh fixes the following issues:
- CVE-2018-1100: Fixed a buffer overflow in
utils.c:checkmailpath() that could lead to local arbitrary code
execution ( bsc#1089030)
ModerateSUSE bug 1089030CVE-2018-1100 at SUSECVE-2018-1100 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for zsh (Important)SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATA
This update for zsh fixes the following issues:
- CVE-2019-20044: Fixed an insecure dropping of privileges when unsetting
the PRIVILEGED option (bsc#1163882).
- CVE-2018-13259: Fixed an unexpected truncation of long shebang lines (bsc#1107294).
- CVE-2018-7549: Fixed a crash when an empty hash table (bsc#1082991).
- CVE-2018-1083: Fixed a stack-based buffer overflow when using tab completion
on directories with long names (bsc#1087026).
- CVE-2018-1071: Fixed a stack-based buffer overflow when executing certain
commands (bsc#1084656).
- CVE-2018-0502: Fixed a mishandling of shebang lines (bsc#1107296).
- CVE-2017-18206: Fixed a buffer overflow related to symlink processing (bsc#1083002).
- CVE-2017-18205: Fixed an application crash when using cd with no
arguments (bsc#1082998).
- CVE-2016-10714: Fixed a potential application crash when handling maximum
length paths (bsc#1083250).
- CVE-2014-10072: Fixed a buffer overflow when scanning very long directory
paths for symbolic links (bsc#1082975).
- CVE-2014-10071: Fixed a buffer overflow when redirecting output to a long
file descriptor (bsc#1082977).
- CVE-2014-10070: Fixed a privilege escalation vulnerability via environment
variables (bsc#1082885).
ImportantSUSE bug 1082885SUSE bug 1082975SUSE bug 1082977SUSE bug 1082991SUSE bug 1082998SUSE bug 1083002SUSE bug 1083250SUSE bug 1084656SUSE bug 1087026SUSE bug 1107294SUSE bug 1107296SUSE bug 1163882CVE-2014-10070 at SUSECVE-2014-10070 at NVDCVE-2014-10071 at SUSECVE-2014-10071 at NVDCVE-2014-10072 at SUSECVE-2014-10072 at NVDCVE-2016-10714 at SUSECVE-2016-10714 at NVDCVE-2017-18205 at SUSECVE-2017-18205 at NVDCVE-2017-18206 at SUSECVE-2017-18206 at NVDCVE-2018-0502 at SUSECVE-2018-0502 at NVDCVE-2018-1071 at SUSECVE-2018-1071 at NVDCVE-2018-1083 at SUSECVE-2018-1083 at NVDCVE-2018-13259 at SUSECVE-2018-13259 at NVDCVE-2018-7549 at SUSECVE-2018-7549 at NVDCVE-2019-20044 at SUSECVE-2019-20044 at NVDcpe:/o:suse:sles:11:sp3:teradatacpe:/o:suse:suse_sles:11:sp3Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes the following issues:
Security issues fixed:
- Several coders were vulnerable to remote code execution attacks,
these coders have now been disabled. They can be re-enabled by
exporting the following environment variable
MAGICK_CODER_MODULE_PATH=/usr/lib64/ImageMagick-6.4.3/modules-Q16/coders/vulnerable/
(bsc#978061)
- CVE-2016-3714: Insufficient shell characters filtering leads to
(potentially remote) code execution
- CVE-2016-3715: Possible file deletion by using ImageMagick's
'ephemeral' pseudo protocol which deletes files after reading.
- CVE-2016-3716: Possible file moving by using ImageMagick's 'msl'
pseudo protocol with any extension in any folder.
- CVE-2016-3717: Possible local file read by using ImageMagick's
'label' pseudo protocol to get content of the files from the server.
- CVE-2016-3718: Possible Server Side Request Forgery (SSRF) to make
HTTP GET or FTP request.
Bugs fixed:
- Use external svg loader (rsvg) ImportantSUSE bug 978061CVE-2016-3714 at SUSECVE-2016-3714 at NVDCVE-2016-3715 at SUSECVE-2016-3715 at NVDCVE-2016-3716 at SUSECVE-2016-3716 at NVDCVE-2016-3717 at SUSECVE-2016-3717 at NVDCVE-2016-3718 at SUSECVE-2016-3718 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes the following issues:
- bsc#978061: A vulnerability in ImageMagick's 'https' module allowed users to
execute arbitrary shell commands on the host performing the image conversion.
The issue had the potential for remote command injection. This update mitigates
the vulnerability by disabling all access to the 'https' module in the
'delegates.xml' config file. (CVE-2016-3714)
ImportantSUSE bug 978061CVE-2016-3714 at SUSECVE-2016-3714 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes the following issues:
- CVE-2016-5118: popen() shell vulnerability via filenames (bsc#982178)
ImportantSUSE bug 982178CVE-2016-5118 at SUSECVE-2016-5118 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
ImageMagick was updated to fix 55 security issues.
These security issues were fixed:
- CVE-2014-9810: SEGV in dpx file handler (bsc#983803).
- CVE-2014-9811: Crash in xwd file handler (bsc#984032).
- CVE-2014-9812: NULL pointer dereference in ps file handling (bsc#984137).
- CVE-2014-9813: Crash on corrupted viff file (bsc#984035).
- CVE-2014-9814: NULL pointer dereference in wpg file handling (bsc#984193).
- CVE-2014-9815: Crash on corrupted wpg file (bsc#984372).
- CVE-2014-9816: Out of bound access in viff image (bsc#984398).
- CVE-2014-9817: Heap buffer overflow in pdb file handling (bsc#984400).
- CVE-2014-9818: Out of bound access on malformed sun file (bsc#984181).
- CVE-2014-9819: Heap overflow in palm files (bsc#984142).
- CVE-2014-9830: Handling of corrupted sun file (bsc#984135).
- CVE-2014-9831: Handling of corrupted wpg file (bsc#984375).
- CVE-2014-9836: Crash in xpm file handling (bsc#984023).
- CVE-2014-9851: Crash when parsing resource block (bsc#984160).
- CVE-2016-5689: NULL ptr dereference in dcm coder (bsc#985460).
- CVE-2014-9853: Memory leak in rle file handling (bsc#984408).
- CVE-2015-8902: PDB file DoS (CPU consumption) (bsc#983253).
- CVE-2015-8903: Denial of service (cpu) in vicar (bsc#983259).
- CVE-2015-8901: MIFF file DoS (endless loop) (bsc#983234).
- CVE-2014-9834: Heap overflow in pict file (bsc#984436).
- CVE-2014-9806: Prevent file descriptr leak due to corrupted file (bsc#983774).
- CVE-2014-9838: Out of memory crash in magick/cache.c (bsc#984370).
- CVE-2014-9854: Filling memory during identification of TIFF image (bsc#984184).
- CVE-2015-8898: Prevent null pointer access in magick/constitute.c (bsc#983746).
- CVE-2015-8894: Double free in coders/tga.c:221 (bsc#983523).
- CVE-2015-8896: Double free / integer truncation issue in coders/pict.c:2000 (bsc#983533).
- CVE-2015-8897: Out of bounds error in SpliceImage (bsc#983739).
- CVE-2016-5690: Bad foor loop in DCM coder (bsc#985451).
- CVE-2016-5691: Checks for pixel.red/green/blue in dcm coder (bsc#985456).
- CVE-2014-9805: SEGV due to a corrupted pnm file. (bsc#983752).
- CVE-2014-9808: SEGV due to corrupted dpc images. (bsc#983796).
- CVE-2014-9820: heap overflow in xpm files (bsc#984150).
- CVE-2014-9823: heap overflow in palm file (bsc#984401).
- CVE-2014-9822: heap overflow in quantum file (bsc#984187).
- CVE-2014-9839: Theoretical out of bound access in magick/colormap-private.h (bsc#984379).
- CVE-2014-9824: Heap overflow in psd file (bsc#984185).
- CVE-2014-9809: Fix a SEGV due to corrupted xwd images. (bsc#983799).
- CVE-2014-9826: Incorrect error handling in sun files (bsc#984186).
- CVE-2014-9842: Memory leak in psd handling (bsc#984374).
- CVE-2016-5687: Out of bounds read in DDS coder (bsc#985448).
- CVE-2014-9840: Out of bound access in palm file (bsc#984433).
- CVE-2014-9847: Incorrect handling of 'previous' image in the JNG decoder (bsc#984144).
- CVE-2014-9846: Added checks to prevent overflow in rle file. (bsc#983521).
- CVE-2014-9845: Crash due to corrupted dib file (bsc#984394).
- CVE-2014-9844: Out of bound issue in rle file (bsc#984373).
- CVE-2014-9849: Crash in png coder (bsc#984018).
- CVE-2016-5688: Various invalid memory reads in ImageMagick WPG (bsc#985442).
- CVE-2014-9807: Fix a double free in pdb coder. (bsc#983794).
- CVE-2014-9829: Out of bound access in sun file (bsc#984409).
- CVE-2016-4564: The DrawImage function in MagickCore/draw.c in ImageMagick made an incorrect function call in attempting to locate the next token, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983308).
- CVE-2016-4563: The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick mishandled the relationship between the BezierQuantum value and certain strokes data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983305).
- CVE-2016-4562: The DrawDashPolygon function in MagickCore/draw.c in ImageMagick mishandled calculations of certain vertices integer data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983292).
- CVE-2014-9837: Additional PNM sanity checks (bsc#984166).
- CVE-2014-9835: Heap overflow in wpf file (bsc#984145).
- CVE-2014-9828: Corrupted (too many colors) psd file (bsc#984028).
- CVE-2016-5841: Integer overflow could have read to RCE (bnc#986609).
- CVE-2016-5842: Out-of-bounds read in MagickCore/property.c:1396 could have lead to memory leak (bnc#986608).
ImportantSUSE bug 983234SUSE bug 983253SUSE bug 983259SUSE bug 983292SUSE bug 983305SUSE bug 983308SUSE bug 983521SUSE bug 983523SUSE bug 983533SUSE bug 983739SUSE bug 983746SUSE bug 983752SUSE bug 983774SUSE bug 983794SUSE bug 983796SUSE bug 983799SUSE bug 983803SUSE bug 984018SUSE bug 984023SUSE bug 984028SUSE bug 984032SUSE bug 984035SUSE bug 984135SUSE bug 984137SUSE bug 984142SUSE bug 984144SUSE bug 984145SUSE bug 984150SUSE bug 984160SUSE bug 984166SUSE bug 984181SUSE bug 984184SUSE bug 984185SUSE bug 984186SUSE bug 984187SUSE bug 984193SUSE bug 984370SUSE bug 984372SUSE bug 984373SUSE bug 984374SUSE bug 984375SUSE bug 984379SUSE bug 984394SUSE bug 984398SUSE bug 984400SUSE bug 984401SUSE bug 984408SUSE bug 984409SUSE bug 984433SUSE bug 984436SUSE bug 985442SUSE bug 985448SUSE bug 985451SUSE bug 985456SUSE bug 985460SUSE bug 986608SUSE bug 986609CVE-2014-9805 at SUSECVE-2014-9805 at NVDCVE-2014-9806 at SUSECVE-2014-9806 at NVDCVE-2014-9807 at SUSECVE-2014-9807 at NVDCVE-2014-9808 at SUSECVE-2014-9808 at NVDCVE-2014-9809 at SUSECVE-2014-9809 at NVDCVE-2014-9810 at SUSECVE-2014-9810 at NVDCVE-2014-9811 at SUSECVE-2014-9811 at NVDCVE-2014-9812 at SUSECVE-2014-9812 at NVDCVE-2014-9813 at SUSECVE-2014-9813 at NVDCVE-2014-9814 at SUSECVE-2014-9814 at NVDCVE-2014-9815 at SUSECVE-2014-9815 at NVDCVE-2014-9816 at SUSECVE-2014-9816 at NVDCVE-2014-9817 at SUSECVE-2014-9817 at NVDCVE-2014-9818 at SUSECVE-2014-9818 at NVDCVE-2014-9819 at SUSECVE-2014-9819 at NVDCVE-2014-9820 at SUSECVE-2014-9820 at NVDCVE-2014-9822 at SUSECVE-2014-9822 at NVDCVE-2014-9823 at SUSECVE-2014-9823 at NVDCVE-2014-9824 at SUSECVE-2014-9824 at NVDCVE-2014-9826 at SUSECVE-2014-9826 at NVDCVE-2014-9828 at SUSECVE-2014-9828 at NVDCVE-2014-9829 at SUSECVE-2014-9829 at NVDCVE-2014-9830 at SUSECVE-2014-9830 at NVDCVE-2014-9831 at SUSECVE-2014-9831 at NVDCVE-2014-9834 at SUSECVE-2014-9834 at NVDCVE-2014-9835 at SUSECVE-2014-9835 at NVDCVE-2014-9836 at SUSECVE-2014-9836 at NVDCVE-2014-9837 at SUSECVE-2014-9837 at NVDCVE-2014-9838 at SUSECVE-2014-9838 at NVDCVE-2014-9839 at SUSECVE-2014-9839 at NVDCVE-2014-9840 at SUSECVE-2014-9840 at NVDCVE-2014-9842 at SUSECVE-2014-9842 at NVDCVE-2014-9844 at SUSECVE-2014-9844 at NVDCVE-2014-9845 at SUSECVE-2014-9845 at NVDCVE-2014-9846 at SUSECVE-2014-9846 at NVDCVE-2014-9847 at SUSECVE-2014-9847 at NVDCVE-2014-9849 at SUSECVE-2014-9849 at NVDCVE-2014-9851 at SUSECVE-2014-9851 at NVDCVE-2014-9853 at SUSECVE-2014-9853 at NVDCVE-2014-9854 at SUSECVE-2014-9854 at NVDCVE-2015-8894 at SUSECVE-2015-8894 at NVDCVE-2015-8896 at SUSECVE-2015-8896 at NVDCVE-2015-8897 at SUSECVE-2015-8897 at NVDCVE-2015-8898 at SUSECVE-2015-8898 at NVDCVE-2015-8901 at SUSECVE-2015-8901 at NVDCVE-2015-8902 at SUSECVE-2015-8902 at NVDCVE-2015-8903 at SUSECVE-2015-8903 at NVDCVE-2016-4562 at SUSECVE-2016-4562 at NVDCVE-2016-4563 at SUSECVE-2016-4563 at NVDCVE-2016-4564 at SUSECVE-2016-4564 at NVDCVE-2016-5687 at SUSECVE-2016-5687 at NVDCVE-2016-5688 at SUSECVE-2016-5688 at NVDCVE-2016-5689 at SUSECVE-2016-5689 at NVDCVE-2016-5690 at SUSECVE-2016-5690 at NVDCVE-2016-5691 at SUSECVE-2016-5691 at NVDCVE-2016-5841 at SUSECVE-2016-5841 at NVDCVE-2016-5842 at SUSECVE-2016-5842 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes the following issues:
- security update:
* CVE-2016-6520: buffer overflow [bsc#991872]
* CVE-2016-6491: Out-of-bounds read in CopyMagickMemory [bsc#991445]
ModerateSUSE bug 991445SUSE bug 991872CVE-2016-6491 at SUSECVE-2016-6491 at NVDCVE-2016-6520 at SUSECVE-2016-6520 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes the following issues:
These vulnerabilities could be triggered by processing specially crafted image files,
which could lead to a process crash or resource consumtion, or potentially have
unspecified futher impact.
- CVE-2016-8862: Memory allocation failure in AcquireMagickMemory (bsc#1007245)
- CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714)
- CVE-2015-8959: DOS due to corrupted DDS files (bsc#1000713)
- CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711)
- CVE-2016-6823: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066)
- CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688)
- CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689)
- CVE-2016-7529: out of bound in quantum handling (bsc#1000399)
- CVE-2016-7101: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221)
- CVE-2016-7527: out of bound access in wpg file coder: (bsc#1000436)
- CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629)
- CVE-2016-7528: out of bound access in xcf file coder (bsc#1000434)
- CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127)
- CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125)
- CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123)
- Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209)
- CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701)
- CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700)
- CVE-2016-7530: Out of bound in quantum handling (bsc#1000703)
- CVE-2016-7531: Pbd file out of bound access (bsc#1000704)
- CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707)
- CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709)
- CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698)
- CVE-2016-7517: out-of-bounds read in coders/pict.c (bsc#1000693)
- CVE-2016-7516: Out of bounds problem in rle, pict, viff and sun files (bsc#1000692)
- CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691)
- CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690)
- CVE-2016-7519: out-of-bounds read in coders/rle.c (bsc#1000695)
- CVE-2016-7518: out-of-bounds read in coders/sun.c (bsc#1000694)
- CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422)
- CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699)
- CVE-2016-7799: mogrify global buffer overflow (bsc#1002421)
ImportantSUSE bug 1000399SUSE bug 1000434SUSE bug 1000436SUSE bug 1000688SUSE bug 1000689SUSE bug 1000690SUSE bug 1000691SUSE bug 1000692SUSE bug 1000693SUSE bug 1000694SUSE bug 1000695SUSE bug 1000698SUSE bug 1000699SUSE bug 1000700SUSE bug 1000701SUSE bug 1000703SUSE bug 1000704SUSE bug 1000707SUSE bug 1000709SUSE bug 1000711SUSE bug 1000713SUSE bug 1000714SUSE bug 1001066SUSE bug 1001221SUSE bug 1002209SUSE bug 1002421SUSE bug 1002422SUSE bug 1003629SUSE bug 1005123SUSE bug 1005125SUSE bug 1005127SUSE bug 1007245CVE-2014-9907 at SUSECVE-2014-9907 at NVDCVE-2015-8957 at SUSECVE-2015-8957 at NVDCVE-2015-8958 at SUSECVE-2015-8958 at NVDCVE-2015-8959 at SUSECVE-2015-8959 at NVDCVE-2016-5687 at SUSECVE-2016-5687 at NVDCVE-2016-6823 at SUSECVE-2016-6823 at NVDCVE-2016-7101 at SUSECVE-2016-7101 at NVDCVE-2016-7514 at SUSECVE-2016-7514 at NVDCVE-2016-7515 at SUSECVE-2016-7515 at NVDCVE-2016-7516 at SUSECVE-2016-7516 at NVDCVE-2016-7517 at SUSECVE-2016-7517 at NVDCVE-2016-7518 at SUSECVE-2016-7518 at NVDCVE-2016-7519 at SUSECVE-2016-7519 at NVDCVE-2016-7522 at SUSECVE-2016-7522 at NVDCVE-2016-7523 at SUSECVE-2016-7523 at NVDCVE-2016-7524 at SUSECVE-2016-7524 at NVDCVE-2016-7525 at SUSECVE-2016-7525 at NVDCVE-2016-7526 at SUSECVE-2016-7526 at NVDCVE-2016-7527 at SUSECVE-2016-7527 at NVDCVE-2016-7528 at SUSECVE-2016-7528 at NVDCVE-2016-7529 at SUSECVE-2016-7529 at NVDCVE-2016-7530 at SUSECVE-2016-7530 at NVDCVE-2016-7531 at SUSECVE-2016-7531 at NVDCVE-2016-7533 at SUSECVE-2016-7533 at NVDCVE-2016-7535 at SUSECVE-2016-7535 at NVDCVE-2016-7537 at SUSECVE-2016-7537 at NVDCVE-2016-7799 at SUSECVE-2016-7799 at NVDCVE-2016-7800 at SUSECVE-2016-7800 at NVDCVE-2016-7996 at SUSECVE-2016-7996 at NVDCVE-2016-7997 at SUSECVE-2016-7997 at NVDCVE-2016-8682 at SUSECVE-2016-8682 at NVDCVE-2016-8683 at SUSECVE-2016-8683 at NVDCVE-2016-8684 at SUSECVE-2016-8684 at NVDCVE-2016-8862 at SUSECVE-2016-8862 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes the following issues:
* CVE-2016-9556: Possible Heap-overflow found by fuzzing [bsc#1011130]
* CVE-2016-9559: Possible Null pointer access found by fuzzing [bsc#1011136]
* CVE-2016-8707: Possible code execution in the tiff deflate convert code [bsc#1014159]
* CVE-2016-9773: Possible Heap overflow in IsPixelGray [bsc#1013376]
* CVE-2016-8866: Possible memory allocation failure in AcquireMagickMemory [bsc#1009318]
ModerateSUSE bug 1009318SUSE bug 1011130SUSE bug 1011136SUSE bug 1013376SUSE bug 1014159CVE-2016-7530 at SUSECVE-2016-7530 at NVDCVE-2016-8707 at SUSECVE-2016-8707 at NVDCVE-2016-8866 at SUSECVE-2016-8866 at NVDCVE-2016-9556 at SUSECVE-2016-9556 at NVDCVE-2016-9559 at SUSECVE-2016-9559 at NVDCVE-2016-9773 at SUSECVE-2016-9773 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes the following issues:
- CVE-2016-10046: Prevent buffer overflow in draw.c caused by an incorrect length calculation (bsc#1017308)
- CVE-2016-10048: Arbitrary module could have been load because relative path were not escaped (bsc#1017310)
- CVE-2016-10049: Corrupt RLE files could have overflowed a buffer due to a incorrect length calculation (bsc#1017311)
- CVE-2016-10050: Corrupt RLE files could have overflowed a heap buffer due to a missing offset check (bsc#1017312)
- CVE-2016-10051: Fixed use after free when reading PWP files (bsc#1017313)
- CVE-2016-10052: Added bound check to exif parsing of JPEG files (bsc#1017314).
- CVE-2016-10059: Unchecked calculation when reading TIFF files could have lead to a buffer overflow (bsc#1017318)
- CVE-2016-10060: Improved error handling when writing files to not mask errors (bsc#1017319).
- CVE-2016-10063: Check validity of extend during TIFF file reading (bsc#1017320).
- CVE-2016-10064: Improved checks for buffer overflow when reading TIFF files (bsc#1017321)
- CVE-2016-10065: Unchecked calculations when reading VIFF files could have lead to out of bound reads (bsc#1017322)
- CVE-2016-10068: Prevent NULL pointer access when using the MSL interpreter (bsc#1017324)
- CVE-2016-10070: Prevent allocating the wrong amount of memory when reading mat files (bsc#1017326)
- CVE-2016-10071: Prevent allocating the wrong amount of memory when reading mat files (bsc#1017326).
- CVE-2016-10144: Added a check after allocating memory when parsing IPL files (bsc#1020433).
- CVE-2016-10145: Fixed of-by-one in string copy operation when parsing WPG files (bsc#1020435).
- CVE-2016-10146: Captions and labels were handled incorrectly, causing a memory leak that could have lead to DoS (bsc#1020443)
- CVE-2017-5506: Missing offset check leading to a double-free (bsc#1020436).
- CVE-2017-5507: Fixed a memory leak when reading MPC files allowing for DoS (bsc#1020439).
- CVE-2017-5508: Increase the amount of memory allocated for TIFF pixels to prevent a heap buffer-overflow (bsc#1020441).
- CVE-2017-5511: A missing cast when reading PSD files could have caused memory corruption by a heap overflow (bsc#1020448)
This update removes the fix for CVE-2016-9773. ImageMagick-6 was not affected by CVE-2016-9773 and it caused a regression (at least in GraphicsMagick) (bsc#1017421).
ModerateSUSE bug 1017308SUSE bug 1017310SUSE bug 1017311SUSE bug 1017312SUSE bug 1017313SUSE bug 1017314SUSE bug 1017318SUSE bug 1017319SUSE bug 1017320SUSE bug 1017321SUSE bug 1017322SUSE bug 1017324SUSE bug 1017326SUSE bug 1017421SUSE bug 1020433SUSE bug 1020435SUSE bug 1020436SUSE bug 1020439SUSE bug 1020441SUSE bug 1020443SUSE bug 1020448CVE-2016-10046 at SUSECVE-2016-10046 at NVDCVE-2016-10048 at SUSECVE-2016-10048 at NVDCVE-2016-10049 at SUSECVE-2016-10049 at NVDCVE-2016-10050 at SUSECVE-2016-10050 at NVDCVE-2016-10051 at SUSECVE-2016-10051 at NVDCVE-2016-10052 at SUSECVE-2016-10052 at NVDCVE-2016-10059 at SUSECVE-2016-10059 at NVDCVE-2016-10060 at SUSECVE-2016-10060 at NVDCVE-2016-10063 at SUSECVE-2016-10063 at NVDCVE-2016-10064 at SUSECVE-2016-10064 at NVDCVE-2016-10065 at SUSECVE-2016-10065 at NVDCVE-2016-10068 at SUSECVE-2016-10068 at NVDCVE-2016-10070 at SUSECVE-2016-10070 at NVDCVE-2016-10071 at SUSECVE-2016-10071 at NVDCVE-2016-10144 at SUSECVE-2016-10144 at NVDCVE-2016-10145 at SUSECVE-2016-10145 at NVDCVE-2016-10146 at SUSECVE-2016-10146 at NVDCVE-2017-5506 at SUSECVE-2017-5506 at NVDCVE-2017-5507 at SUSECVE-2017-5507 at NVDCVE-2017-5508 at SUSECVE-2017-5508 at NVDCVE-2017-5511 at SUSECVE-2017-5511 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Recommended update for ImageMagick (Low)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick provides the following fixes:
- Fix segmentation fault when wrong parameter supplied to conjure command (bsc#1027480).
- Improve CVE-2016-7518 patch to fix sun coder (bsc#1028079 comment 5).
LowSUSE bug 1027480SUSE bug 1028079CVE-2016-7518 at SUSECVE-2016-7518 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes the following issues:
This security issue was fixed:
- CVE-2017-7941: The ReadSGIImage function in sgi.c allowed remote attackers to consume an
amount of available memory via a crafted file (bsc#1034876).
- CVE-2017-8351: ImageMagick, GraphicsMagick: denial of service (memory leak) via a crafted
file (ReadPCDImage func in pcd.c) (bsc#1036986).
- CVE-2017-8352: denial of service (memory leak) via a crafted file (ReadXWDImage func in
xwd.c) (bsc#1036987)
- CVE-2017-8349: denial of service (memory leak) via a crafted file (ReadSFWImage func in
sfw.c) (bsc#1036984)
- CVE-2017-8350: denial of service (memory leak) via a crafted file (ReadJNGImage function in
png.c) (bsc#1036985)
- CVE-2017-8345: denial of service (memory leak) via a crafted file (ReadMNGImage func in
png.c) (bsc#1036980)
- CVE-2017-8346: denial of service (memory leak) via a crafted file (ReadDCMImage func in
dcm.c) (bsc#1036981)
- CVE-2017-8353: denial of service (memory leak) via a crafted file (ReadPICTImage func in
pict.c) (bsc#1036988)
- CVE-2017-8830: denial of service (memory leak) via a crafted file (ReadBMPImage func in
bmp.c:1379) (bsc#1038000)
- CVE-2017-7606: denial of service (application crash) or possibly have unspecified other
impact via a crafted image (bsc#1033091)
- CVE-2017-8765: memory leak vulnerability via a crafted ICON file (ReadICONImage in
coders\icon.c) (bsc#1037527)
- CVE-2017-8355: denial of service (memory leak) via a crafted file (ReadMTVImage func in
mtv.c) (bsc#1036990)
- CVE-2017-8344: denial of service (memory leak) via a crafted file (ReadPCXImage func in
pcx.c) (bsc#1036978)
- CVE-2017-9098: uninitialized memory usage in the ReadRLEImage RLE decoder
function coders/rle.c (bsc#1040025)
- CVE-2017-9141: Missing checks in the ReadDDSImage function in
coders/dds.c could lead to a denial of service (assertion) (bsc#1040303)
- CVE-2017-9142: Missing checks in theReadOneJNGImage function in
coders/png.c could lead to denial of service (assertion) (bsc#1040304)
- CVE-2017-9143: A possible denial of service attack via crafted .art
file in ReadARTImage function in coders/art.c (bsc#1040306)
- CVE-2017-9144: A crafted RLE image can trigger a crash in coders/rle.c
could lead to a denial of service (crash) (bsc#1040332)
ModerateSUSE bug 1033091SUSE bug 1034870SUSE bug 1034872SUSE bug 1034876SUSE bug 1036976SUSE bug 1036978SUSE bug 1036980SUSE bug 1036981SUSE bug 1036983SUSE bug 1036984SUSE bug 1036985SUSE bug 1036986SUSE bug 1036987SUSE bug 1036988SUSE bug 1036989SUSE bug 1036990SUSE bug 1037527SUSE bug 1038000SUSE bug 1040025SUSE bug 1040303SUSE bug 1040304SUSE bug 1040306SUSE bug 1040332CVE-2014-9846 at SUSECVE-2014-9846 at NVDCVE-2016-10050 at SUSECVE-2016-10050 at NVDCVE-2017-7606 at SUSECVE-2017-7606 at NVDCVE-2017-7941 at SUSECVE-2017-7941 at NVDCVE-2017-7942 at SUSECVE-2017-7942 at NVDCVE-2017-7943 at SUSECVE-2017-7943 at NVDCVE-2017-8344 at SUSECVE-2017-8344 at NVDCVE-2017-8345 at SUSECVE-2017-8345 at NVDCVE-2017-8346 at SUSECVE-2017-8346 at NVDCVE-2017-8348 at SUSECVE-2017-8348 at NVDCVE-2017-8349 at SUSECVE-2017-8349 at NVDCVE-2017-8350 at SUSECVE-2017-8350 at NVDCVE-2017-8351 at SUSECVE-2017-8351 at NVDCVE-2017-8352 at SUSECVE-2017-8352 at NVDCVE-2017-8353 at SUSECVE-2017-8353 at NVDCVE-2017-8354 at SUSECVE-2017-8354 at NVDCVE-2017-8355 at SUSECVE-2017-8355 at NVDCVE-2017-8357 at SUSECVE-2017-8357 at NVDCVE-2017-8765 at SUSECVE-2017-8765 at NVDCVE-2017-8830 at SUSECVE-2017-8830 at NVDCVE-2017-9098 at SUSECVE-2017-9098 at NVDCVE-2017-9141 at SUSECVE-2017-9141 at NVDCVE-2017-9142 at SUSECVE-2017-9142 at NVDCVE-2017-9143 at SUSECVE-2017-9143 at NVDCVE-2017-9144 at SUSECVE-2017-9144 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2017-9439: A memory leak was found in the function ReadPDBImage incoders/pdb.c (bsc#1042826)
- CVE-2017-9501: An assertion failure could cause a denial of service via a crafted file (bsc#1043289)
- CVE-2017-11403: ReadMNGImage function in coders/png.c has an out-of-order CloseBlob call, resulting
in a use-after-free via acrafted file (bsc#1049072)
ImportantSUSE bug 1042826SUSE bug 1043289SUSE bug 1049072CVE-2017-11403 at SUSECVE-2017-11403 at NVDCVE-2017-9439 at SUSECVE-2017-9439 at NVDCVE-2017-9501 at SUSECVE-2017-9501 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes several issues.
These security issues were fixed:
- CVE-2017-11534: Processing a crafted file in convert could have lead to a
Memory Leak in the lite_font_map() function in coders/wmf.c (bsc#1050135).
- CVE-2017-13133: The load_level function in coders/xcf.c lacked offset
validation, which allowed attackers to cause a denial of service (load_tile
memory exhaustion) via a crafted file (bsc#1055219).
- CVE-2017-13139: The ReadOneMNGImage function in coders/png.c had an
out-of-bounds read with the MNG CLIP chunk (bsc#1055430).
- CVE-2017-15033: Fixed a memory leak in ReadYUVImage in coders/yuv.c
(bsc#1061873).
ModerateSUSE bug 1050135SUSE bug 1055219SUSE bug 1055430SUSE bug 1061873CVE-2017-11534 at SUSECVE-2017-11534 at NVDCVE-2017-13133 at SUSECVE-2017-13133 at NVDCVE-2017-13139 at SUSECVE-2017-13139 at NVDCVE-2017-15033 at SUSECVE-2017-15033 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes the following issues:
* CVE-2017-14607: out of bounds read flaw related to ReadTIFFImagehas
could possibly disclose potentially sensitive memory [bsc#1059778]
* CVE-2017-11640: NULL pointer deref in WritePTIFImage() in coders/tiff.c [bsc#1050632]
* CVE-2017-14342: a memory exhaustion vulnerability in ReadWPGImage
in coders/wpg.c could lead to denial of service [bsc#1058485]
* CVE-2017-14341: Infinite loop in the ReadWPGImage function [bsc#1058637]
* CVE-2017-16546: problem in the function ReadWPGImage in coders/wpg.c
could lead to denial of service [bsc#1067181]
* CVE-2017-16545: The ReadWPGImage function in coders/wpg.c in
validation problems could lead to denial of service [bsc#1067184]
* CVE-2017-14175: Lack of End of File check could lead to denial of service [bsc#1057719]
* CVE-2017-13769: denial of service issue in function WriteTHUMBNAILImage in coders/thumbnail.c [bsc#1056432]
* CVE-2017-13134: a heap-based buffer over-read was found in thefunction SFWScan
in coders/sfw.c, which allows attackers to cause adenial of service via a crafted file. [bsc#1055214]
* CVE-2017-11478: ReadOneDJVUImage in coders/djvu.c in ImageMagick allows remote attackers to cause a DoS [bsc#1049796]
* CVE-2017-15930: Null Pointer dereference while transfering JPEG scanlines could lead to denial of service [bsc#1066003]
* CVE-2017-12983: Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c
allows remote attackers to cause a denial of service [bsc#1054757]
* CVE-2017-14531: memory exhaustion issue in ReadSUNImage incoders/sun.c. [bsc#1059666]
* CVE-2017-12435: Memory exhaustion in ReadSUNImage in coders/sun.c,
which allows attackers to cause denial of service [bsc#1052553]
* CVE-2017-12587: User controlable large loop in the ReadPWPImage in coders\pwp.c could lead to denial of service [bsc#1052450]
* CVE-2017-14173: unction ReadTXTImage is vulnerable to a integer overflow that could lead to denial of service [bsc#1057729]
* CVE-2017-11188: ImageMagick: The ReadDPXImage function in codersdpx.c in ImageMagick 7.0.6-0 has a largeloop vulnerability that can cause CPU exhaustion via a crafted DPX file, relatedto lack of an EOF check. [bnc#1048457]
* CVE-2017-11527: ImageMagick: ReadDPXImage in coders/dpx.c allows remote attackers to cause DoS [bnc#1050116]
* CVE-2017-11535: GraphicsMagick, ImageMagick: Heap-based buffer over-read in WritePSImage() in coders/ps.c [bnc#1050139]
* CVE-2017-11752: ImageMagick: ReadMAGICKImage in coders/magick.c allows to cause DoS [bnc#1051441]
* CVE-2017-12140: ImageMagick: ReadDCMImage in codersdcm.c has a ninteger signedness error leading to excessive memory consumption [bnc#1051847]
* CVE-2017-12669: ImageMagick: Memory leak in WriteCALSImage in coders/cals.c [bnc#1052689]
* CVE-2017-12662: GraphicsMagick, ImageMagick: Memory leak in WritePDFImage in coders/pdf.c [bnc#1052758]
* CVE-2017-12644: ImageMagick: Memory leak in ReadDCMImage in codersdcm.c [bnc#1052764]
* CVE-2017-14172: ImageMagick: Lack of end of file check in ReadPSImage() could lead to a denial of service [bnc#1057730]
* CVE-2017-14733: GraphicsMagick: Heap overflow on ReadRLEImage in coders/rle.c could lead to denial of service [bnc#1060577]
ImportantSUSE bug 1048457SUSE bug 1049796SUSE bug 1050116SUSE bug 1050139SUSE bug 1050632SUSE bug 1051441SUSE bug 1051847SUSE bug 1052450SUSE bug 1052553SUSE bug 1052689SUSE bug 1052758SUSE bug 1052764SUSE bug 1054757SUSE bug 1055214SUSE bug 1056432SUSE bug 1057719SUSE bug 1057729SUSE bug 1057730SUSE bug 1058485SUSE bug 1058637SUSE bug 1059666SUSE bug 1059778SUSE bug 1060577SUSE bug 1066003SUSE bug 1067181SUSE bug 1067184CVE-2017-11188 at SUSECVE-2017-11188 at NVDCVE-2017-11478 at SUSECVE-2017-11478 at NVDCVE-2017-11527 at SUSECVE-2017-11527 at NVDCVE-2017-11535 at SUSECVE-2017-11535 at NVDCVE-2017-11640 at SUSECVE-2017-11640 at NVDCVE-2017-11752 at SUSECVE-2017-11752 at NVDCVE-2017-12140 at SUSECVE-2017-12140 at NVDCVE-2017-12435 at SUSECVE-2017-12435 at NVDCVE-2017-12587 at SUSECVE-2017-12587 at NVDCVE-2017-12644 at SUSECVE-2017-12644 at NVDCVE-2017-12662 at SUSECVE-2017-12662 at NVDCVE-2017-12669 at SUSECVE-2017-12669 at NVDCVE-2017-12983 at SUSECVE-2017-12983 at NVDCVE-2017-13134 at SUSECVE-2017-13134 at NVDCVE-2017-13769 at SUSECVE-2017-13769 at NVDCVE-2017-14172 at SUSECVE-2017-14172 at NVDCVE-2017-14173 at SUSECVE-2017-14173 at NVDCVE-2017-14175 at SUSECVE-2017-14175 at NVDCVE-2017-14341 at SUSECVE-2017-14341 at NVDCVE-2017-14342 at SUSECVE-2017-14342 at NVDCVE-2017-14531 at SUSECVE-2017-14531 at NVDCVE-2017-14607 at SUSECVE-2017-14607 at NVDCVE-2017-14733 at SUSECVE-2017-14733 at NVDCVE-2017-15930 at SUSECVE-2017-15930 at NVDCVE-2017-16545 at SUSECVE-2017-16545 at NVDCVE-2017-16546 at SUSECVE-2017-16546 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes several issues.
These security issues were fixed:
- CVE-2017-14343: Fixed a memory leak vulnerability in ReadXCFImage in
coders/xcf.c via a crafted xcf image file (bsc#1058422).
- CVE-2017-12691: The ReadOneLayer function in coders/xcf.c allowed remote
attackers to cause a denial of service (memory consumption) via a crafted file
(bsc#1058422).
- CVE-2017-14042: Prevent memory allocation failure in the ReadPNMImage
function in coders/pnm.c. The vulnerability caused a big memory allocation,
which may have lead to remote denial of service in the MagickRealloc function
in magick/memory.c (bsc#1056550).
- CVE-2017-15281: ReadPSDImage in coders/psd.c allowed remote attackers to
cause a denial of service (application crash) or possibly have unspecified
other impact via a crafted file (bsc#1063049).
- CVE-2017-13061: A length-validation vulnerability in the function
ReadPSDLayersInternal in coders/psd.c allowed attackers to cause a denial of
service (ReadPSDImage memory exhaustion) via a crafted file (bsc#1055063).
- CVE-2017-12563: A memory exhaustion vulnerability in the function
ReadPSDImage in coders/psd.c allowed attackers to cause a denial of service
(bsc#1052460).
- CVE-2017-14174: coders/psd.c allowed for DoS in ReadPSDLayersInternal() due
to lack of an EOF (End of File) check might have caused huge CPU consumption.
When a crafted PSD file, which claims a large 'length' field in the header but
did not contain sufficient backing data, is provided, the loop over 'length'
would consume huge CPU resources, since there is no EOF check inside the loop
(bsc#1057723).
- CVE-2017-13062: A memory leak vulnerability in the function formatIPTC in
coders/meta.c allowed attackers to cause a denial of service (WriteMETAImage
memory consumption) via a crafted file (bsc#1055053).
- CVE-2017-15277: ReadGIFImage in coders/gif.c left the palette uninitialized
when processing a GIF file that has neither a global nor local palette. If this
functionality was used as a library loaded into a process that operates on
interesting data, this data sometimes could have been leaked via the
uninitialized palette (bsc#1063050).
ModerateSUSE bug 1052460SUSE bug 1055053SUSE bug 1055063SUSE bug 1056550SUSE bug 1057723SUSE bug 1058422SUSE bug 1063049SUSE bug 1063050CVE-2017-12563 at SUSECVE-2017-12563 at NVDCVE-2017-12691 at SUSECVE-2017-12691 at NVDCVE-2017-13061 at SUSECVE-2017-13061 at NVDCVE-2017-13062 at SUSECVE-2017-13062 at NVDCVE-2017-14042 at SUSECVE-2017-14042 at NVDCVE-2017-14174 at SUSECVE-2017-14174 at NVDCVE-2017-14343 at SUSECVE-2017-14343 at NVDCVE-2017-15277 at SUSECVE-2017-15277 at NVDCVE-2017-15281 at SUSECVE-2017-15281 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes several issues.
These security issues were fixed:
- CVE-2017-12672: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of
service (bsc#1052720).
- CVE-2017-13060: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of
service via a crafted file (bsc#1055065).
- CVE-2017-11724: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c involving the quantum_info and clone_info data
structures (bsc#1051446).
- CVE-2017-12670: Added validation in coders/mat.c to prevent an assertion
failure in the function DestroyImage in MagickCore/image.c, which allowed
attackers to cause a denial of service (bsc#1052731).
- CVE-2017-12667: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c (bsc#1052732).
- CVE-2017-13146: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c (bsc#1055323).
- CVE-2017-10800: Processing MATLAB images in coders/mat.c could have lead to a
denial of service (OOM) in ReadMATImage() if the size specified for a MAT
Object was larger than the actual amount of data (bsc#1047044)
- CVE-2017-13648: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c (bsc#1055434).
- CVE-2017-11141: Fixed a memory leak vulnerability in the function
ReadMATImage in coders\mat.c that could have caused memory exhaustion via a
crafted MAT file, related to incorrect ordering of a SetImageExtent call
(bsc#1047898).
- CVE-2017-11529: The ReadMATImage function in coders/mat.c allowed remote
attackers to cause a denial of service (memory leak) via a crafted file
(bsc#1050120).
- CVE-2017-12564: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of
service (bsc#1052468).
- CVE-2017-12434: Added a missing NULL check in the function ReadMATImage in
coders/mat.c, which allowed attackers to cause a denial of service (assertion
failure) in DestroyImageInfo in image.c (bsc#1052550).
- CVE-2017-12675: Added a missing check for multidimensional data coders/mat.c,
that could have lead to a memory leak in the function ReadImage in
MagickCore/constitute.c, which allowed attackers to cause a denial of service
(bsc#1052710).
- CVE-2017-14326: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of
service via a crafted file (bsc#1058640).
- CVE-2017-11644: Processesing a crafted file in convert could have lead to a
memory leak in the ReadMATImage() function in coders/mat.c (bsc#1050606).
- CVE-2017-13658: Added a missing NULL check in the ReadMATImage function in
coders/mat.c, which could have lead to a denial of service (assertion failure
and application exit) in the DestroyImageInfo function in MagickCore/image.c
(bsc#1055855).
- CVE-2017-14533: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c (bsc#1059751).
- CVE-2017-17881: Fixed a memory leak vulnerability in the function
ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of
service via a crafted MAT image file (bsc#1074123).
- CVE-2017-1000476: Prevent CPU exhaustion in the function ReadDDSInfo in
coders/dds.c, which allowed attackers to cause a denial of service
(bsc#1074610).
- CVE-2017-9409: Fixed a memory leak vulnerability in the function ReadMPCImage
in mpc.c, which allowed attackers to cause a denial of service via a crafted
file (bsc#1042948).
- CVE-2017-11449: coders/mpc did not enable seekable streams and thus could not
validate blob sizes, which allowed remote attackers to cause a denial of service
(application crash) or possibly have unspecified other impact via an image
received from stdin (bsc#1049373)
- CVE-2017-12430: A memory exhaustion in the function ReadMPCImage in
coders/mpc.c allowed attackers to cause DoS (bsc#1052252)
- CVE-2017-12642: Prevent a memory leak vulnerability in ReadMPCImage in
coders\mpc.c via crafted file allowing for DoS (bsc#1052771)
- CVE-2017-14249: A mishandled EOF check in ReadMPCImage in coders/mpc.c that
lead to a division by zero in GetPixelCacheTileSize in MagickCore/cache.c
allowed remote attackers to cause a denial of service via a crafted file
(bsc#1058082)
- CVE-2017-1000445: Added a NUL pointer check in the MagickCore component that
might have lead to denial of service (bsc#1074425).
- CVE-2017-11751: Fixed a memory leak vulnerability in the function
WritePICONImage in coders/xpm.c that allowed remote attackers to cause a denial
of service via a crafted file (bsc#1051412).
- CVE-2017-17680: Fixed a memory leak vulnerability in the function
ReadXPMImage in coders/xpm.c, which allowed attackers to cause a denial of
service via a crafted xpm image file (bsc#1072902).
- CVE-2017-17882: Fixed a memory leak vulnerability in the function
ReadXPMImage in coders/xpm.c, which allowed attackers to cause a denial of
service via a crafted XPM image file (bsc#1074122).
- CVE-2018-5246: Fixed memory leak vulnerability in ReadPATTERNImage in
coders/pattern.c (bsc#1074973).
- CVE-2017-18022: Fixed memory leak vulnerability in MontageImageCommand in
MagickWand/montage.c (bsc#1074975)
- CVE-2018-5247: Fixed memory leak vulnerability in ReadRLAImage in
coders/rla.c (bsc#1074969)
ModerateSUSE bug 1042948SUSE bug 1047044SUSE bug 1047898SUSE bug 1049373SUSE bug 1050120SUSE bug 1050606SUSE bug 1051412SUSE bug 1051446SUSE bug 1052252SUSE bug 1052468SUSE bug 1052550SUSE bug 1052710SUSE bug 1052720SUSE bug 1052731SUSE bug 1052732SUSE bug 1052771SUSE bug 1055065SUSE bug 1055323SUSE bug 1055434SUSE bug 1055855SUSE bug 1058082SUSE bug 1058640SUSE bug 1059751SUSE bug 1072902SUSE bug 1074122SUSE bug 1074123SUSE bug 1074425SUSE bug 1074610SUSE bug 1074969SUSE bug 1074973SUSE bug 1074975CVE-2017-1000445 at SUSECVE-2017-1000445 at NVDCVE-2017-1000476 at SUSECVE-2017-1000476 at NVDCVE-2017-10800 at SUSECVE-2017-10800 at NVDCVE-2017-11141 at SUSECVE-2017-11141 at NVDCVE-2017-11449 at SUSECVE-2017-11449 at NVDCVE-2017-11529 at SUSECVE-2017-11529 at NVDCVE-2017-11644 at SUSECVE-2017-11644 at NVDCVE-2017-11724 at SUSECVE-2017-11724 at NVDCVE-2017-11751 at SUSECVE-2017-11751 at NVDCVE-2017-12430 at SUSECVE-2017-12430 at NVDCVE-2017-12434 at SUSECVE-2017-12434 at NVDCVE-2017-12564 at SUSECVE-2017-12564 at NVDCVE-2017-12642 at SUSECVE-2017-12642 at NVDCVE-2017-12667 at SUSECVE-2017-12667 at NVDCVE-2017-12670 at SUSECVE-2017-12670 at NVDCVE-2017-12672 at SUSECVE-2017-12672 at NVDCVE-2017-12675 at SUSECVE-2017-12675 at NVDCVE-2017-13060 at SUSECVE-2017-13060 at NVDCVE-2017-13146 at SUSECVE-2017-13146 at NVDCVE-2017-13648 at SUSECVE-2017-13648 at NVDCVE-2017-13658 at SUSECVE-2017-13658 at NVDCVE-2017-14249 at SUSECVE-2017-14249 at NVDCVE-2017-14326 at SUSECVE-2017-14326 at NVDCVE-2017-14533 at SUSECVE-2017-14533 at NVDCVE-2017-17680 at SUSECVE-2017-17680 at NVDCVE-2017-17881 at SUSECVE-2017-17881 at NVDCVE-2017-17882 at SUSECVE-2017-17882 at NVDCVE-2017-18022 at SUSECVE-2017-18022 at NVDCVE-2017-9409 at SUSECVE-2017-9409 at NVDCVE-2018-5246 at SUSECVE-2018-5246 at NVDCVE-2018-5247 at SUSECVE-2018-5247 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes several issues.
These security issues were fixed:
- CVE-2018-5685: Prevent infinite loop and application hang in the ReadBMPImage
function. Remote attackers could leverage this vulnerability to cause a denial
of service via an image file with a crafted bit-field mask value (bsc#1075939)
- CVE-2017-11639: Prevent heap-based buffer over-read in the WriteCIPImage()
function, related to the GetPixelLuma function in MagickCore/pixel-accessor.h
(bsc#1050635).
- CVE-2017-11525: Prevent memory consumption in the ReadCINImage function that
allowed remote attackers to cause a denial of service (bsc#1050098).
- CVE-2017-9262: The ReadJNGImage function in coders/png.c allowed attackers to
cause a denial of service (memory leak) via a crafted file (bsc#1043353)
- CVE-2017-9261: The ReadMNGImage function in coders/png.c allowed
attackers to cause a denial of service (memory leak) via a crafted file (bsc#1043354)
- CVE-2017-10995: The mng_get_long function in coders/png.c allowed remote
attackers to cause a denial of service (heap-based buffer over-read and
application crash) via a crafted MNG image (bsc#1047908)
- CVE-2017-11539: Prevent memory leak in the ReadOnePNGImage() function in
coders/png.c (bsc#1050037)
- CVE-2017-11505: The ReadOneJNGImage function in coders/png.c allowed remote
attackers to cause a denial of service (large loop and CPU consumption) via
a crafted file (bsc#1050072)
- CVE-2017-11526: The ReadOneMNGImage function in coders/png.c allowed remote
attackers to cause a denial of service (large loop and CPU consumption) via a
crafted file (bsc#1050100)
- CVE-2017-11750: The ReadOneJNGImage function in coders/png.c allowed remote
attackers to cause a denial of service (NULL pointer dereference) via a crafted
file (bsc#1051442)
- CVE-2017-12565: Prevent memory leak in the function ReadOneJNGImage in
coders/png.c, which allowed attackers to cause a denial of service (bsc#1052470)
- CVE-2017-12676: Prevent memory leak in the function ReadOneJNGImage in
coders/png.c, which allowed attackers to cause a denial of service (bsc#1052708)
- CVE-2017-12673: Prevent memory leak in the function ReadOneMNGImage in
coders/png.c, which allowed attackers to cause a denial of service (bsc#1052717)
- CVE-2017-12671: Added NULL assignment in coders/png.c to prevent an invalid
free in the function RelinquishMagickMemory in MagickCore/memory.c, which
allowed attackers to cause a denial of service (bsc#1052721)
- CVE-2017-12643: Prevent a memory exhaustion vulnerability in ReadOneJNGImage
in coders\png.c (bsc#1052768)
- CVE-2017-12641: Prevent a memory leak vulnerability in ReadOneJNGImage in
coders\png.c (bsc#1052777)
- CVE-2017-12640: Prevent an out-of-bounds read vulnerability in
ReadOneMNGImage in coders/png.c (bsc#1052781)
- CVE-2017-12935: The ReadMNGImage function in coders/png.c mishandled large
MNG images, leading to an invalid memory read in the SetImageColorCallBack
function in magick/image.c (bsc#1054600)
- CVE-2017-13147: Prevent allocation failure in the function ReadMNGImage in
coders/png.c when a small MNG file has a MEND chunk with a large length value
(bsc#1055374)
- CVE-2017-13142: Added additional checks for short files to prevent a crafted
PNG file from triggering a crash (bsc#1055455)
- CVE-2017-13141: Prevent memory leak in ReadOnePNGImage in coders/png.c
(bsc#1055456)
- CVE-2017-14103: The ReadJNGImage and ReadOneJNGImage functions in
coders/png.c did not properly manage image pointers after certain error
conditions, which allowed remote attackers to conduct use-after-free attacks
via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call
(bsc#1057000)
- CVE-2017-14649: ReadOneJNGImage in coders/png.c did not properly validate JNG
data, leading to a denial of service (assertion failure in
magick/pixel_cache.c, and application crash) (bsc#1060162)
- CVE-2017-15218: Prevent memory leak in ReadOneJNGImage in coders/png.c
(bsc#1062752)
- CVE-2017-17504: Prevent heap-based buffer over-read via a crafted file in
Magick_png_read_raw_profile, related to ReadOneMNGImage (bsc#1072362)
- CVE-2017-17879: Prevent heap-based buffer over-read in ReadOneMNGImage in
coders/png.c, related to length calculation and caused by an off-by-one error
(bsc#1074125)
- CVE-2017-17914: Prevent crafted files to cause a large loop in
ReadOneMNGImage (bsc#1074185)
- CVE-2017-17884: Prevent memory leak in the function WriteOnePNGImage in
coders/png.c, which allowed attackers to cause a denial of service via a
crafted PNG image file (bsc#1074120)
- Prevent memory leak in svg.c, which allowed attackers to cause a denial of
service via a crafted SVG image file (bsc#1074120)
- Prevent small memory leak when processing PWP image files (bsc#1074309)
- CVE-2017-18029: Prevent memory leak in the function ReadMATImage which allowed
remote attackers to cause a denial of service via a crafted file (bsc#1076021)
- CVE-2017-18027: Prevent memory leak vulnerability in the function
ReadMATImage which allowed remote attackers to cause a denial of service via a
crafted file (bsc#1076051)
ModerateSUSE bug 1043353SUSE bug 1043354SUSE bug 1047908SUSE bug 1050037SUSE bug 1050072SUSE bug 1050098SUSE bug 1050100SUSE bug 1050635SUSE bug 1051442SUSE bug 1052470SUSE bug 1052708SUSE bug 1052717SUSE bug 1052721SUSE bug 1052768SUSE bug 1052777SUSE bug 1052781SUSE bug 1054600SUSE bug 1055374SUSE bug 1055455SUSE bug 1055456SUSE bug 1057000SUSE bug 1060162SUSE bug 1062752SUSE bug 1072362SUSE bug 1074120SUSE bug 1074125SUSE bug 1074185SUSE bug 1074309SUSE bug 1075939SUSE bug 1076021SUSE bug 1076051CVE-2017-10995 at SUSECVE-2017-10995 at NVDCVE-2017-11505 at SUSECVE-2017-11505 at NVDCVE-2017-11525 at SUSECVE-2017-11525 at NVDCVE-2017-11526 at SUSECVE-2017-11526 at NVDCVE-2017-11539 at SUSECVE-2017-11539 at NVDCVE-2017-11639 at SUSECVE-2017-11639 at NVDCVE-2017-11750 at SUSECVE-2017-11750 at NVDCVE-2017-12565 at SUSECVE-2017-12565 at NVDCVE-2017-12640 at SUSECVE-2017-12640 at NVDCVE-2017-12641 at SUSECVE-2017-12641 at NVDCVE-2017-12643 at SUSECVE-2017-12643 at NVDCVE-2017-12671 at SUSECVE-2017-12671 at NVDCVE-2017-12673 at SUSECVE-2017-12673 at NVDCVE-2017-12676 at SUSECVE-2017-12676 at NVDCVE-2017-12935 at SUSECVE-2017-12935 at NVDCVE-2017-13141 at SUSECVE-2017-13141 at NVDCVE-2017-13142 at SUSECVE-2017-13142 at NVDCVE-2017-13147 at SUSECVE-2017-13147 at NVDCVE-2017-14103 at SUSECVE-2017-14103 at NVDCVE-2017-14649 at SUSECVE-2017-14649 at NVDCVE-2017-15218 at SUSECVE-2017-15218 at NVDCVE-2017-17504 at SUSECVE-2017-17504 at NVDCVE-2017-17879 at SUSECVE-2017-17879 at NVDCVE-2017-17884 at SUSECVE-2017-17884 at NVDCVE-2017-17914 at SUSECVE-2017-17914 at NVDCVE-2017-18027 at SUSECVE-2017-18027 at NVDCVE-2017-18029 at SUSECVE-2017-18029 at NVDCVE-2017-9261 at SUSECVE-2017-9261 at NVDCVE-2017-9262 at SUSECVE-2017-9262 at NVDCVE-2018-5685 at SUSECVE-2018-5685 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes the following issues:
- CVE-2017-9407: In ImageMagick, the ReadPALMImage function in palm.c allowed attackers to cause a denial of service (memory leak) via a crafted file. (bsc#1042824)
- CVE-2017-11448: The ReadJPEGImage function in coders/jpeg.c in ImageMagick allowed remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file. (bsc#1049375)
- CVE-2017-11450: A remote denial of service in coders/jpeg.c was fixed (bsc#1049374)
- CVE-2017-11537: When ImageMagick processed a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in coders/palm.c, related to an incorrect bits-per-pixel calculation. (bsc#1050048)
- CVE-2017-12418: ImageMagick had memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c. (bsc#1052207)
- CVE-2017-12432: In ImageMagick, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allowed attackers to cause a denial of service. (bsc#1052254)
- CVE-2017-12654: The ReadPICTImage function in coders/pict.c in ImageMagick allowed attackers to cause a denial of service (memory leak) via a crafted file. (bsc#1052761)
- CVE-2017-12664: ImageMagick had a memory leak vulnerability in WritePALMImage in coders/palm.c. (bsc#1052750)
- CVE-2017-12665: ImageMagick had a memory leak vulnerability in WritePICTImage in coders/pict.c. (bsc#1052747)
- CVE-2017-12668: ImageMagick had a memory leak vulnerability in WritePCXImage in coders/pcx.c. (bsc#1052688)
- CVE-2017-13058: In ImageMagick, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allowed attackers to cause a denial of service via a crafted file. (bsc#1055069)
- CVE-2017-14224: A heap-based buffer overflow in WritePCXImage in coders/pcx.c could lead to denial of service or code execution. (bsc#1058009)
- CVE-2017-17885: In ImageMagick, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allowed attackers to cause a denial of service via a crafted PICT image file. (bsc#1074119)
- CVE-2017-18028: A memory exhaustion in the function ReadTIFFImage in coders/tiff.c was fixed. (bsc#1076182)
- CVE-2018-6405: In the ReadDCMImage function in coders/dcm.c in ImageMagick, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allowed remote attackers to cause a denial of service. (bsc#1078433)
- CVE-2017-12427: ProcessMSLScript coders/msl.c allowed remote attackers to cause a DoS (bsc#1052248)
- CVE-2017-12566: A memory leak in ReadMVGImage in coders/mvg.c, could have allowed attackers to cause DoS (bsc#1052472)
- CVE-2017-11638, CVE-2017-11642: A NULL pointer dereference in theWriteMAPImage() in coders/map.c was fixed which could lead to a crash (bsc#1050617)
- CVE-2017-13131: A memory leak vulnerability was found in thefunction ReadMIFFImage in coders/miff.c, which allowed attackers tocause a denial of service (memory consumption in NewL (bsc#1055229)
- CVE-2017-11166: In ReadXWDImage in coders\xwd.c a memoryleak could have caused memory exhaustion via a crafted length (bsc#1048110)
- CVE-2017-12674: A CPU exhaustion in ReadPDBImage in coders/pdb.c was fixed, which allowed attackers to cause DoS (bsc#1052711)
- CVE-2017-12429: A memory exhaustion flaw in ReadMIFFImage in coders/miff.c was fixed, which allowed attackers to cause DoS (bsc#1052251)
- CVE-2017-11637: A NULL pointer dereference in WritePCLImage() in coders/pcl.c was fixed which could lead to a crash (bsc#1050669)
ModerateSUSE bug 1042824SUSE bug 1048110SUSE bug 1049374SUSE bug 1049375SUSE bug 1050048SUSE bug 1050617SUSE bug 1050669SUSE bug 1052207SUSE bug 1052248SUSE bug 1052251SUSE bug 1052254SUSE bug 1052472SUSE bug 1052688SUSE bug 1052711SUSE bug 1052747SUSE bug 1052750SUSE bug 1052761SUSE bug 1055069SUSE bug 1055229SUSE bug 1058009SUSE bug 1074119SUSE bug 1076182SUSE bug 1078433CVE-2017-11166 at SUSECVE-2017-11166 at NVDCVE-2017-11448 at SUSECVE-2017-11448 at NVDCVE-2017-11450 at SUSECVE-2017-11450 at NVDCVE-2017-11537 at SUSECVE-2017-11537 at NVDCVE-2017-11637 at SUSECVE-2017-11637 at NVDCVE-2017-11638 at SUSECVE-2017-11638 at NVDCVE-2017-11642 at SUSECVE-2017-11642 at NVDCVE-2017-12418 at SUSECVE-2017-12418 at NVDCVE-2017-12427 at SUSECVE-2017-12427 at NVDCVE-2017-12429 at SUSECVE-2017-12429 at NVDCVE-2017-12432 at SUSECVE-2017-12432 at NVDCVE-2017-12566 at SUSECVE-2017-12566 at NVDCVE-2017-12654 at SUSECVE-2017-12654 at NVDCVE-2017-12664 at SUSECVE-2017-12664 at NVDCVE-2017-12665 at SUSECVE-2017-12665 at NVDCVE-2017-12668 at SUSECVE-2017-12668 at NVDCVE-2017-12674 at SUSECVE-2017-12674 at NVDCVE-2017-13058 at SUSECVE-2017-13058 at NVDCVE-2017-13131 at SUSECVE-2017-13131 at NVDCVE-2017-14224 at SUSECVE-2017-14224 at NVDCVE-2017-17885 at SUSECVE-2017-17885 at NVDCVE-2017-18028 at SUSECVE-2017-18028 at NVDCVE-2017-9407 at SUSECVE-2017-9407 at NVDCVE-2018-6405 at SUSECVE-2018-6405 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2017-9405: A memory leak in the ReadICONImage function was fixed that could lead to DoS via memory exhaustion (bsc#1042911)
- CVE-2017-11528: ReadDIBImage in coders/dib.c allows remote attackers to cause DoS via memory exhaustion (bsc#1050119)
- CVE-2017-11530: ReadEPTImage in coders/ept.c allows remote attackers to cause DoS via memory exhaustion (bsc#1050122)
- CVE-2017-11533: A information leak by 1 byte due to heap-based buffer over-read in the WriteUILImage() in coders/uil.c was fixed (bsc#1050132)
- CVE-2017-12663: A memory leak in WriteMAPImage in coders/map.c was fixed that could lead to a DoS via memory exhaustion (bsc#1052754)
- CVE-2017-17682: A large loop vulnerability was fixed in ExtractPostscript in coders/wpg.c, which allowed attackers to cause a denial of service (CPU exhaustion) (bsc#1072898)
ModerateSUSE bug 1042911SUSE bug 1050119SUSE bug 1050122SUSE bug 1050132SUSE bug 1052754SUSE bug 1072898CVE-2017-11528 at SUSECVE-2017-11528 at NVDCVE-2017-11530 at SUSECVE-2017-11530 at NVDCVE-2017-11533 at SUSECVE-2017-11533 at NVDCVE-2017-12663 at SUSECVE-2017-12663 at NVDCVE-2017-17682 at SUSECVE-2017-17682 at NVDCVE-2017-9405 at SUSECVE-2017-9405 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes several issues.
These security issues were fixed:
- CVE-2018-8804: The WriteEPTImage function allowed remote attackers to cause a
denial of service (double free and application crash) or possibly have
unspecified other impact via a crafted file (bsc#1086011)
- CVE-2017-11524: The WriteBlob function allowed remote attackers to cause a
denial of service (assertion failure and application exit) via a crafted file
(bsc#1050087)
- CVE-2017-18219: Prevent allocation failure in the function ReadOnePNGImage,
which allowed attackers to cause a denial of service via a crafted file that
triggers an attempt at a large png_pixels array allocation (bsc#1084060).
- CVE-2017-9500: Prevent assertion failure in the function
ResetImageProfileIterator, which allowed attackers to cause a denial of service
via a crafted file (bsc#1043290)
- CVE-2017-16353: Prevent memory information disclosure in the DescribeImage
function caused by a heap-based buffer over-read. The portion of the code
containing the vulnerability is responsible for printing the IPTC Profile
information contained in the image. This vulnerability can be triggered with a
specially crafted MIFF file. There is an out-of-bounds buffer dereference
because certain increments were never checked (bsc#1066170)
- CVE-2017-16352: Prevent a heap-based buffer overflow in the 'Display visual
image directory' feature of the DescribeImage() function. One possible way to
trigger the vulnerability is to run the identify command on a specially crafted
MIFF format file with the verbose flag (bsc#1066168)
- CVE-2017-14314: Prevent off-by-one error in the DrawImage function that
allowed remote attackers to cause a denial of service (DrawDashPolygon
heap-based buffer over-read and application crash) via a crafted file
(bsc#1058630)
- CVE-2017-13768: Prevent NULL pointer dereference in the IdentifyImage
function that allowed an attacker to perform denial of service by sending a
crafted image file (bsc#1056434)
- CVE-2017-14505: Fixed handling of NULL arrays, which allowed attackers to
perform Denial of Service (NULL pointer dereference and application crash in
AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image
File as input (bsc#1059735)
- CVE-2018-7443: The ReadTIFFImage function did not properly validate the
amount of image data in a file, which allowed remote attackers to cause a
denial of service (memory allocation failure in the AcquireMagickMemory
function in MagickCore/memory.c) (bsc#1082792)
- CVE-2017-15016: Prevent NULL pointer dereference vulnerability in
ReadEnhMetaFile allowing for denial of service (bsc#1082291)
- CVE-2017-15017: Prevent NULL pointer dereference vulnerability in
ReadOneMNGImage allowing for denial of service (bsc#1082283)
- CVE-2017-12692: The ReadVIFFImage function allowed remote attackers to cause
a denial of service (memory consumption) via a crafted VIFF file (bsc#1082362)
- CVE-2017-12693: The ReadBMPImage function allowed remote attackers to cause a
denial of service (memory consumption) via a crafted BMP file (bsc#1082348)
ModerateSUSE bug 1043290SUSE bug 1050087SUSE bug 1056434SUSE bug 1058630SUSE bug 1059735SUSE bug 1066168SUSE bug 1066170SUSE bug 1082283SUSE bug 1082291SUSE bug 1082348SUSE bug 1082362SUSE bug 1082792SUSE bug 1084060SUSE bug 1086011CVE-2017-11524 at SUSECVE-2017-11524 at NVDCVE-2017-12691 at SUSECVE-2017-12691 at NVDCVE-2017-12692 at SUSECVE-2017-12692 at NVDCVE-2017-12693 at SUSECVE-2017-12693 at NVDCVE-2017-13768 at SUSECVE-2017-13768 at NVDCVE-2017-14314 at SUSECVE-2017-14314 at NVDCVE-2017-14343 at SUSECVE-2017-14343 at NVDCVE-2017-14505 at SUSECVE-2017-14505 at NVDCVE-2017-15016 at SUSECVE-2017-15016 at NVDCVE-2017-15017 at SUSECVE-2017-15017 at NVDCVE-2017-16352 at SUSECVE-2017-16352 at NVDCVE-2017-16353 at SUSECVE-2017-16353 at NVDCVE-2017-18219 at SUSECVE-2017-18219 at NVDCVE-2017-9500 at SUSECVE-2017-9500 at NVDCVE-2018-7443 at SUSECVE-2018-7443 at NVDCVE-2018-8804 at SUSECVE-2018-8804 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes the following issues:
- security update (png.c)
* CVE-2018-9018: divide-by-zero in the ReadMNGImage function of coders/png.c.
Attackers could leverage this vulnerability to cause a crash and denial of service
via a crafted mng file. [bsc#1086773]
* CVE-2018-10177: there is an infinite loop in the ReadOneMNGImagefunction of the coders/png.c file. Remote attackers could leverage thisvulnerability to cause a denial of service (bsc#1089781)
- security update (wand)
* CVE-2017-18252: The MogrifyImageList function in MagickWand/mogrify.c could allow
attackers to cause a denial of service via a crafted file. [bsc#1087033]
- security update (gif.c)
* CVE-2017-18254: A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c,
which could lead to denial of service via a crafted file. [bsc#1087027]
- security update (core)
* CVE-2017-10928: a heap-based buffer over-read in the GetNextToken function in token.c
could allow attackers to obtain sensitive information from process memory or possibly have
unspecified other impact via a crafted SVG document that is mishandled in the
GetUserSpaceCoordinateValue function in coders/svg.c. [bsc#1047356]
- security update (pcd.c)
* CVE-2017-18251: A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c,
which could lead to a denial of service via a crafted file. [bsc#1087037]
- security update (gif.c)
* CVE-2017-18254: A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which could lead to denial of service via a crafted file. [bsc#1087027]
- security update (tiff.c)
* CVE-2018-8960: The ReadTIFFImage function in coders/tiff.c in ImageMagick memory allocation issue could lead to denial of service (bsc#1086782)
ModerateSUSE bug 1047356SUSE bug 1086773SUSE bug 1086782SUSE bug 1087027SUSE bug 1087033SUSE bug 1087037SUSE bug 1089781CVE-2017-1000476 at SUSECVE-2017-1000476 at NVDCVE-2017-10928 at SUSECVE-2017-10928 at NVDCVE-2017-18251 at SUSECVE-2017-18251 at NVDCVE-2017-18252 at SUSECVE-2017-18252 at NVDCVE-2017-18254 at SUSECVE-2017-18254 at NVDCVE-2018-10177 at SUSECVE-2018-10177 at NVDCVE-2018-8960 at SUSECVE-2018-8960 at NVDCVE-2018-9018 at SUSECVE-2018-9018 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2018-11251: Heap-based buffer over-read in ReadSUNImage in coders/sun.c,
which allows attackers to cause denial of service (bsc#1094237)
- CVE-2017-18271: Infinite loop in the function ReadMIFFImage in coders/miff.c,
which allows attackers to cause a denial of service (bsc#1094204)
- CVE-2017-13758: Heap-based buffer overflow in the TracePoint() in
MagickCore/draw.c, which allows attackers to cause a denial of
service(bsc#1056277)
- CVE-2018-10805: Fixed several memory leaks in rgb.c, cmyk.c, gray.c, and
ycbcr.c (bsc#1095812)
- CVE-2018-12600: The ReadDIBImage and WriteDIBImage functions allowed
attackers to cause an out of bounds write via a crafted file (bsc#1098545)
- CVE-2018-12599: The ReadBMPImage and WriteBMPImage fucntions allowed
attackers to cause an out of bounds write via a crafted file (bsc#1098546)
- CVE-2018-14434: Fixed a memory leak for a colormap in WriteMPCImage in coders/mpc.c (bsc#1102003)
- CVE-2018-14435: Fixed a memory leak in DecodeImage in coders/pcd.c (bsc#1102007)
- CVE-2018-14436: Fixed a memory leak in ReadMIFFImage in coders/miff.c (bsc#1102005)
- CVE-2018-14437: Fixed a memory leak in parse8BIM in coders/meta.c (bsc#1102004)
ModerateSUSE bug 1056277SUSE bug 1094204SUSE bug 1094237SUSE bug 1095812SUSE bug 1098545SUSE bug 1098546SUSE bug 1102003SUSE bug 1102004SUSE bug 1102005SUSE bug 1102007CVE-2017-13758 at SUSECVE-2017-13758 at NVDCVE-2017-18271 at SUSECVE-2017-18271 at NVDCVE-2018-10805 at SUSECVE-2018-10805 at NVDCVE-2018-11251 at SUSECVE-2018-11251 at NVDCVE-2018-12599 at SUSECVE-2018-12599 at NVDCVE-2018-12600 at SUSECVE-2018-12600 at NVDCVE-2018-14434 at SUSECVE-2018-14434 at NVDCVE-2018-14435 at SUSECVE-2018-14435 at NVDCVE-2018-14436 at SUSECVE-2018-14436 at NVDCVE-2018-14437 at SUSECVE-2018-14437 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes the following issues:
Security issue fixed:
- Hide PS, XPS and PDF coders into */vulnerable (bsc#1105592)
ImportantSUSE bug 1105592cpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes the following security issue:
- CVE-2017-17934: Prevent memory leaks, related to MSLPopImage and
ProcessMSLScript, and associated with mishandling of MSLPushImage calls
(bsc#1074170).
- CVE-2018-16750: Prevent memory leak in the formatIPTCfromBuffer function
(bsc#1108283)
- CVE-2018-16749: Added missing NULL check in ReadOneJNGImage that allowed an
attacker to cause a denial of service (WriteBlob assertion failure and
application exit) via a crafted file (bsc#1108282)
- CVE-2018-16413: Prevent heap-based buffer over-read in the PushShortPixel
function leading to DoS (bsc#1106989).
- CVE-2018-16323: ReadXBMImage left data uninitialized when processing an XBM
file that has a negative pixel value. If the affected code was used as a
library loaded into a process that includes sensitive information, that
information sometimes can be leaked via the image data (bsc#1106855)
- CVE-2018-16642: The function InsertRow allowed remote attackers to cause a
denial of service via a crafted image file due to an out-of-bounds write
(bsc#1107616)
- CVE-2018-16643: The functions ReadDCMImage, ReadPWPImage, ReadCALSImage, and
ReadPICTImage did check the return value of the fputc function, which allowed
remote attackers to cause a denial of service via a crafted image file
(bsc#1107612)
- CVE-2018-16644: Added missing check for length in the functions ReadDCMImage
and ReadPICTImage, which allowed remote attackers to cause a denial of service
via a crafted image (bsc#1107609)
- CVE-2018-16645: Prevent excessive memory allocation issue in the functions
ReadBMPImage and ReadDIBImage, which allowed remote attackers to cause a denial
of service via a crafted image file (bsc#1107604)
- CVE-2018-18024: Fixed an infinite loop in the ReadBMPImage function of
the coders/bmp.c file. Remote attackers could leverage this vulnerability
to cause a denial of service via a crafted bmp file (bsc#1111069)
- CVE-2018-18016: Fixed a memory leak in WritePCXImage (bsc#1111072)
- CVE-2018-17965: Fixed a memory leak in WriteSGIImage (bsc#1110747)
- CVE-2018-17966: Fixed a memory leak in WritePDBImage (bsc#1110746)
ModerateSUSE bug 1074170SUSE bug 1106855SUSE bug 1106989SUSE bug 1107604SUSE bug 1107609SUSE bug 1107612SUSE bug 1107616SUSE bug 1108282SUSE bug 1108283SUSE bug 1110746SUSE bug 1110747SUSE bug 1111069SUSE bug 1111072CVE-2017-17934 at SUSECVE-2017-17934 at NVDCVE-2018-16323 at SUSECVE-2018-16323 at NVDCVE-2018-16413 at SUSECVE-2018-16413 at NVDCVE-2018-16642 at SUSECVE-2018-16642 at NVDCVE-2018-16643 at SUSECVE-2018-16643 at NVDCVE-2018-16644 at SUSECVE-2018-16644 at NVDCVE-2018-16645 at SUSECVE-2018-16645 at NVDCVE-2018-16749 at SUSECVE-2018-16749 at NVDCVE-2018-16750 at SUSECVE-2018-16750 at NVDCVE-2018-17965 at SUSECVE-2018-17965 at NVDCVE-2018-17966 at SUSECVE-2018-17966 at NVDCVE-2018-18016 at SUSECVE-2018-18016 at NVDCVE-2018-18024 at SUSECVE-2018-18024 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes the following issues:
- CVE-2017-14997: ImageMagick allowed remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c. (bsc#1112399)
- CVE-2018-16644: A regression in the security fix for the pict coder was fixed (bsc#1107609)
- CVE-2017-11532: When ImageMagick processed a crafted file in convert, it could lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c. (bsc#1050129)
- CVE-2017-11639: A regression in the security fix in the cip coder was fixed (bsc#1050635)
ModerateSUSE bug 1050129SUSE bug 1050635SUSE bug 1107609SUSE bug 1112399CVE-2017-11532 at SUSECVE-2017-11532 at NVDCVE-2017-11639 at SUSECVE-2017-11639 at NVDCVE-2017-14997 at SUSECVE-2017-14997 at NVDCVE-2018-16644 at SUSECVE-2018-16644 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2019-7175: Fixed multiple memory leaks in DecodeImage function (bsc#1128649).
- CVE-2018-18544: Fixed memory leak in the function WriteMSLImage (bsc#1113064).
- CVE-2018-20467: Fixed infinite loop in coders/bmp.c (bsc#1120381).
- CVE-2019-7397: Fixed a memory leak in the function WritePDFImage (bsc#1124366).
- CVE-2018-16413: Prevent heap-based buffer over-read in the PushShortPixel
function leading to DoS (bsc#1106989).
- CVE-2018-16412: Prevent heap-based buffer over-read in the ParseImageResourceBlocks
function leading to DOS (bsc#1106996).
- CVE-2019-7398: Fixed a memory leak in the function WriteDIBImage (bsc#1124365).
ModerateSUSE bug 1106989SUSE bug 1106996SUSE bug 1113064SUSE bug 1120381SUSE bug 1124365SUSE bug 1124366SUSE bug 1128649CVE-2018-16412 at SUSECVE-2018-16412 at NVDCVE-2018-16413 at SUSECVE-2018-16413 at NVDCVE-2018-18544 at SUSECVE-2018-18544 at NVDCVE-2018-20467 at SUSECVE-2018-20467 at NVDCVE-2019-7175 at SUSECVE-2019-7175 at NVDCVE-2019-7397 at SUSECVE-2019-7397 at NVDCVE-2019-7398 at SUSECVE-2019-7398 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ImageMagick (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for ImageMagick fixes the following issues:
- CVE-2020-19667: Fixed a stack buffer overflow in XPM coder could result in a crash (bsc#1179103).
- CVE-2020-25664: Fixed a heap-based buffer overflow in PopShortPixel (bsc#1179202).
- CVE-2020-25666: Fixed an outside the range of representable values of type 'int' and signed integer overflow (bsc#1179212).
- CVE-2020-27751: Fixed an integer overflow in MagickCore/quantum-export.c (bsc#1179269).
- CVE-2020-27752: Fixed a heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h (bsc#1179346).
- CVE-2020-27753: Fixed memory leaks in AcquireMagickMemory function (bsc#1179397).
- CVE-2020-27754: Fixed an outside the range of representable values of type 'long' and signed integer overflow at MagickCore/quantize.c (bsc#1179336).
- CVE-2020-27755: Fixed memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c (bsc#1179345).
- CVE-2020-27757: Fixed an outside the range of representable values of type 'unsigned long long' at MagickCore/quantum-private.h (bsc#1179268).
- CVE-2020-27759: Fixed an outside the range of representable values of type 'int' at MagickCore/quantize.c (bsc#1179313).
- CVE-2020-27760: Fixed a division by zero at MagickCore/enhance.c (bsc#1179281).
- CVE-2020-27761: Fixed an outside the range of representable values of type 'unsigned long' at coders/palm.c (bsc#1179315).
- CVE-2020-27763: Fixed a division by zero at MagickCore/resize.c (bsc#1179312).
- CVE-2020-27765: Fixed a division by zero at MagickCore/segment.c (bsc#1179311).
- CVE-2020-27767: Fixed an outside the range of representable values of type 'float' at MagickCore/quantum.h (bsc#1179322).
- CVE-2020-27768: Fixed an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h (bsc#1179339).
- CVE-2020-27769: Fixed an outside the range of representable values of type 'float' at MagickCore/quantize.c (bsc#1179321).
- CVE-2020-27771: Fixed an outside the range of representable values of type 'unsigned char' at coders/pdf.c (bsc#1179327).
- CVE-2020-27772: Fixed an outside the range of representable values of type 'unsigned int' at coders/bmp.c (bsc#1179347).
- CVE-2020-27775: Fixed an outside the range of representable values of type 'unsigned char' at MagickCore/quantum.h (bsc#1179338).
ModerateSUSE bug 1179103SUSE bug 1179202SUSE bug 1179212SUSE bug 1179269SUSE bug 1179281SUSE bug 1179311SUSE bug 1179312SUSE bug 1179313SUSE bug 1179315SUSE bug 1179321SUSE bug 1179322SUSE bug 1179327SUSE bug 1179336SUSE bug 1179338SUSE bug 1179339SUSE bug 1179345SUSE bug 1179346SUSE bug 1179347SUSE bug 1179397CVE-2020-19667 at SUSECVE-2020-19667 at NVDCVE-2020-25664 at SUSECVE-2020-25664 at NVDCVE-2020-25666 at SUSECVE-2020-25666 at NVDCVE-2020-27751 at SUSECVE-2020-27751 at NVDCVE-2020-27752 at SUSECVE-2020-27752 at NVDCVE-2020-27753 at SUSECVE-2020-27753 at NVDCVE-2020-27754 at SUSECVE-2020-27754 at NVDCVE-2020-27755 at SUSECVE-2020-27755 at NVDCVE-2020-27759 at SUSECVE-2020-27759 at NVDCVE-2020-27760 at SUSECVE-2020-27760 at NVDCVE-2020-27761 at SUSECVE-2020-27761 at NVDCVE-2020-27763 at SUSECVE-2020-27763 at NVDCVE-2020-27765 at SUSECVE-2020-27765 at NVDCVE-2020-27767 at SUSECVE-2020-27767 at NVDCVE-2020-27768 at SUSECVE-2020-27768 at NVDCVE-2020-27769 at SUSECVE-2020-27769 at NVDCVE-2020-27771 at SUSECVE-2020-27771 at NVDCVE-2020-27772 at SUSECVE-2020-27772 at NVDCVE-2020-27775 at SUSECVE-2020-27775 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for LibVNCServer (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
LibVNCServer was updated to fix two security issues.
These security issues were fixed:
- CVE-2016-9941: Heap-based buffer overflow in rfbproto.c allowed remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area (bsc#1017711)
- CVE-2016-9942: Heap-based buffer overflow in ultra.c allowed remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions (bsc#1017712)
ImportantSUSE bug 1017711SUSE bug 1017712CVE-2016-9941 at SUSECVE-2016-9941 at NVDCVE-2016-9942 at SUSECVE-2016-9942 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for LibVNCServer (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for LibVNCServer fixes the following issues:
- CVE-2018-7225: Missing input sanitization inside rfbserver.c rfbProcessClientNormalMessage() (bsc#1081493).
ModerateSUSE bug 1081493CVE-2018-7225 at SUSECVE-2018-7225 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for LibVNCServer (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for LibVNCServer fixes the following issues:
Security issues fixed:
- CVE-2018-15126: Fixed use-after-free in file transfer extension (bsc#1120114)
- CVE-2018-6307: Fixed use-after-free in file transfer extension server code (bsc#1120115)
- CVE-2018-20020: Fixed heap out-of-bound write inside structure in VNC client code (bsc#1120116)
- CVE-2018-15127: Fixed heap out-of-bounds write in rfbserver.c (bsc#1120117)
- CVE-2018-20019: Fixed multiple heap out-of-bound writes in VNC client code (bsc#1120118)
- CVE-2018-20022: Fixed information disclosure through improper initialization in VNC client code (bsc#1120120)
- CVE-2018-20024: Fixed NULL pointer dereference in VNC client code (bsc#1120121)
- CVE-2018-20021: Fixed infinite loop in VNC client code (bsc#1120122)
ImportantSUSE bug 1120114SUSE bug 1120115SUSE bug 1120116SUSE bug 1120117SUSE bug 1120118SUSE bug 1120120SUSE bug 1120121SUSE bug 1120122CVE-2018-15126 at SUSECVE-2018-15126 at NVDCVE-2018-15127 at SUSECVE-2018-15127 at NVDCVE-2018-20019 at SUSECVE-2018-20019 at NVDCVE-2018-20020 at SUSECVE-2018-20020 at NVDCVE-2018-20021 at SUSECVE-2018-20021 at NVDCVE-2018-20022 at SUSECVE-2018-20022 at NVDCVE-2018-20024 at SUSECVE-2018-20024 at NVDCVE-2018-6307 at SUSECVE-2018-6307 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for LibVNCServer (Critical)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for LibVNCServer fixes the following issues:
Security issues fixed:
- CVE-2018-20749: Fixed a heap out of bounds write vulnerability in rfbserver.c (bsc#1123828)
- CVE-2018-20750: Fixed a heap out of bounds write vulnerability in rfbserver.c (bsc#1123832)
- CVE-2018-20748: Fixed multiple heap out-of-bound writes in VNC client code (bsc#1123823)
CriticalSUSE bug 1123823SUSE bug 1123828SUSE bug 1123832CVE-2018-20748 at SUSECVE-2018-20748 at NVDCVE-2018-20749 at SUSECVE-2018-20749 at NVDCVE-2018-20750 at SUSECVE-2018-20750 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for LibVNCServer (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for LibVNCServer fixes the following issues:
- CVE-2019-15690: Fixed a heap buffer overflow (bsc#1160471).
- CVE-2019-15681: Fixed a memory leak which could have allowed to a remote attacker to read stack memory (bsc#1155419).
- CVE-2019-20788: Fixed a integer overflow and heap-based buffer overflow via a large height or width value (bsc#1170441).
ImportantSUSE bug 1155419SUSE bug 1160471SUSE bug 1170441CVE-2019-15681 at SUSECVE-2019-15681 at NVDCVE-2019-15690 at SUSECVE-2019-15690 at NVDCVE-2019-20788 at SUSECVE-2019-20788 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for LibVNCServer (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for LibVNCServer fixes the following issues:
- security update
- added patches
fix CVE-2020-14398 [bsc#1173880], improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c
+ LibVNCServer-CVE-2020-14398.patch
fix CVE-2020-14397 [bsc#1173700], NULL pointer dereference in libvncserver/rfbregion.c
+ LibVNCServer-CVE-2020-14397.patch
fix CVE-2020-14399 [bsc#1173743], Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c.
+ LibVNCServer-CVE-2020-14399.patch
fix CVE-2020-14400 [bsc#1173691], Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c.
+ LibVNCServer-CVE-2020-14400.patch
fix CVE-2020-14401 [bsc#1173694], potential integer overflows in libvncserver/scale.c
+ LibVNCServer-CVE-2020-14401.patch
fix CVE-2020-14402 [bsc#1173701], out-of-bounds access via encodings.
+ LibVNCServer-CVE-2020-14402,14403,14404.patch
ImportantSUSE bug 1173691SUSE bug 1173694SUSE bug 1173700SUSE bug 1173701SUSE bug 1173743SUSE bug 1173880CVE-2020-14397 at SUSECVE-2020-14397 at NVDCVE-2020-14398 at SUSECVE-2020-14398 at NVDCVE-2020-14399 at SUSECVE-2020-14399 at NVDCVE-2020-14400 at SUSECVE-2020-14400 at NVDCVE-2020-14401 at SUSECVE-2020-14401 at NVDCVE-2020-14402 at SUSECVE-2020-14402 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for LibVNCServer (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for LibVNCServer fixes the following issues:
- CVE-2020-25708 [bsc#1178682], libvncserver/rfbserver.c has a divide by zero which could result in DoS
ImportantSUSE bug 1178682CVE-2020-25708 at SUSECVE-2020-25708 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Critical)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This security update (bsc#940918) fixes the following issues:
* MFSA 2015-78 (CVE-2015-4495, bmo#1178058): Same origin violation
* Remove PlayPreview registration from PDF Viewer (bmo#1179262)
CriticalSUSE bug 940918CVE-2015-4495 at SUSECVE-2015-4495 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
MozillaFirefox was updated to version 38.5.0 esr to fix the following issues:
Following security issues were fixed:
* MFSA 2015-134/CVE-2015-7201/CVE-2015-7202
Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)
* MFSA 2015-138/CVE-2015-7210
Use-after-free in WebRTC when datachannel is used after being
destroyed
* MFSA 2015-139/CVE-2015-7212
Integer overflow allocating extremely large textures
* MFSA 2015-145/CVE-2015-7205
Underflow through code inspection
* MFSA 2015-146/CVE-2015-7213
Integer overflow in MP4 playback in 64-bit versions
* MFSA 2015-147/CVE-2015-7222
Integer underflow and buffer overflow processing MP4 metadata
in libstagefright
* MFSA 2015-149/CVE-2015-7214
Cross-site reading attack through data and view-source URIs
ImportantSUSE bug 959277CVE-2015-7201 at SUSECVE-2015-7201 at NVDCVE-2015-7202 at SUSECVE-2015-7202 at NVDCVE-2015-7205 at SUSECVE-2015-7205 at NVDCVE-2015-7210 at SUSECVE-2015-7210 at NVDCVE-2015-7212 at SUSECVE-2015-7212 at NVDCVE-2015-7213 at SUSECVE-2015-7213 at NVDCVE-2015-7214 at SUSECVE-2015-7214 at NVDCVE-2015-7222 at SUSECVE-2015-7222 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for MozillaFirefox fixes the following issues:
- update to Firefox 38.6.1 ESR (bsc#967087)
* MFSA 2016-14/CVE-2016-1523
(bmo#1246093)
Vulnerabilities in Graphite 2
ImportantSUSE bug 967087CVE-2016-1523 at SUSECVE-2016-1523 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update to MozillaFirefox 38.8.0 ESR fixes the following security issues (bsc#977333):
- CVE-2016-2805: Miscellaneous memory safety hazards - MFSA 2016-39 (bsc#977374)
- CVE-2016-2807: Miscellaneous memory safety hazards - MFSA 2016-39 (bsc#977376)
- CVE-2016-2808: Write to invalid HashMap entry through JavaScript.watch() - MFSA 2016-47 (bsc#977386)
- CVE-2016-2814: Buffer overflow in libstagefright with CENC offsets - MFSA 2016-44 (bsc#977381)
ImportantSUSE bug 977333SUSE bug 977374SUSE bug 977376SUSE bug 977381SUSE bug 977386CVE-2016-2805 at SUSECVE-2016-2805 at NVDCVE-2016-2807 at SUSECVE-2016-2807 at NVDCVE-2016-2808 at SUSECVE-2016-2808 at NVDCVE-2016-2814 at SUSECVE-2016-2814 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox, MozillaFirefox-branding-SLE and mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
MozillaFirefox, MozillaFirefox-branding-SLE and mozilla-nss were updated to fix nine security issues.
MozillaFirefox was updated to version 45.2.0 ESR. mozilla-nss was updated to version 3.21.1.
These security issues were fixed:
- CVE-2016-2834: Memory safety bugs in NSS (MFSA 2016-61) (bsc#983639).
- CVE-2016-2824: Out-of-bounds write with WebGL shader (MFSA 2016-53) (bsc#983651).
- CVE-2016-2822: Addressbar spoofing though the SELECT element (MFSA 2016-52) (bsc#983652).
- CVE-2016-2821: Use-after-free deleting tables from a contenteditable document (MFSA 2016-51) (bsc#983653).
- CVE-2016-2819: Buffer overflow parsing HTML5 fragments (MFSA 2016-50) (bsc#983655).
- CVE-2016-2828: Use-after-free when textures are used in WebGL operations after recycle pool destruction (MFSA 2016-56) (bsc#983646).
- CVE-2016-2831: Entering fullscreen and persistent pointerlock without user permission (MFSA 2016-58) (bsc#983643).
- CVE-2016-2815, CVE-2016-2818: Miscellaneous memory safety hazards (MFSA 2016-49) (bsc#983638)
These non-security issues were fixed:
- Fix crashes on aarch64
* Determine page size at runtime (bsc#984006)
* Allow aarch64 to work in safe mode (bsc#985659)
- Fix crashes on mainframes
All extensions must now be signed by addons.mozilla.org. Please read README.SUSE for more details.
ImportantSUSE bug 983549SUSE bug 983638SUSE bug 983639SUSE bug 983643SUSE bug 983646SUSE bug 983651SUSE bug 983652SUSE bug 983653SUSE bug 983655SUSE bug 984006SUSE bug 985659CVE-2016-2815 at SUSECVE-2016-2815 at NVDCVE-2016-2818 at SUSECVE-2016-2818 at NVDCVE-2016-2819 at SUSECVE-2016-2819 at NVDCVE-2016-2821 at SUSECVE-2016-2821 at NVDCVE-2016-2822 at SUSECVE-2016-2822 at NVDCVE-2016-2824 at SUSECVE-2016-2824 at NVDCVE-2016-2828 at SUSECVE-2016-2828 at NVDCVE-2016-2831 at SUSECVE-2016-2831 at NVDCVE-2016-2834 at SUSECVE-2016-2834 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
MozillaFirefox was updated to 45.3.0 ESR to fix the following issues
(bsc#991809):
* MFSA 2016-62/CVE-2016-2835/CVE-2016-2836
Miscellaneous memory safety hazards (rv:48.0 / rv:45.3)
* MFSA 2016-63/CVE-2016-2830
Favicon network connection can persist when page is closed
* MFSA 2016-64/CVE-2016-2838
Buffer overflow rendering SVG with bidirectional content
* MFSA 2016-65/CVE-2016-2839
Cairo rendering crash due to memory allocation issue with
FFmpeg 0.10
* MFSA 2016-67/CVE-2016-5252
Stack underflow during 2D graphics rendering
* MFSA 2016-70/CVE-2016-5254
Use-after-free when using alt key and toplevel menus
* MFSA 2016-72/CVE-2016-5258
Use-after-free in DTLS during WebRTC session shutdown
* MFSA 2016-73/CVE-2016-5259
Use-after-free in service workers with nested sync events
* MFSA 2016-76/CVE-2016-5262
Scripts on marquee tag can execute in sandboxed iframes
* MFSA 2016-77/CVE-2016-2837
Buffer overflow in ClearKey Content Decryption Module (CDM)
during video playback
* MFSA 2016-78/CVE-2016-5263
Type confusion in display transformation
* MFSA 2016-79/CVE-2016-5264
Use-after-free when applying SVG effects
* MFSA 2016-80/CVE-2016-5265
Same-origin policy violation using local HTML file and saved
shortcut file
* CVE-2016-6354: Fix for possible buffer overrun (bsc#990856)
Also a temporary workaround was added:
- Temporarily bind Firefox to the first CPU as a hotfix
for an apparent race condition (bsc#989196, bsc#990628)
ImportantSUSE bug 989196SUSE bug 990628SUSE bug 990856SUSE bug 991809CVE-2016-2830 at SUSECVE-2016-2830 at NVDCVE-2016-2835 at SUSECVE-2016-2835 at NVDCVE-2016-2836 at SUSECVE-2016-2836 at NVDCVE-2016-2837 at SUSECVE-2016-2837 at NVDCVE-2016-2838 at SUSECVE-2016-2838 at NVDCVE-2016-2839 at SUSECVE-2016-2839 at NVDCVE-2016-5252 at SUSECVE-2016-5252 at NVDCVE-2016-5254 at SUSECVE-2016-5254 at NVDCVE-2016-5258 at SUSECVE-2016-5258 at NVDCVE-2016-5259 at SUSECVE-2016-5259 at NVDCVE-2016-5262 at SUSECVE-2016-5262 at NVDCVE-2016-5263 at SUSECVE-2016-5263 at NVDCVE-2016-5264 at SUSECVE-2016-5264 at NVDCVE-2016-5265 at SUSECVE-2016-5265 at NVDCVE-2016-6354 at SUSECVE-2016-6354 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
MozillaFirefox was updated to 45.4.0 ESR to fix the following issues (bsc#999701):
The following security issue were fixed:
* MFSA 2016-86/CVE-2016-5270: Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString
* MFSA 2016-86/CVE-2016-5272: Bad cast in nsImageGeometryMixin
* MFSA 2016-86/CVE-2016-5276: Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList
* MFSA 2016-86/CVE-2016-5274: use-after-free in nsFrameManager::CaptureFrameState
* MFSA 2016-86/CVE-2016-5277: Heap-use-after-free in nsRefreshDriver::Tick
* MFSA 2016-86/CVE-2016-5278: Heap-buffer-overflow in nsBMPEncoder::AddImageFrame
* MFSA 2016-86/CVE-2016-5280: Use-after-free in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap
* MFSA 2016-86/CVE-2016-5281: use-after-free in DOMSVGLength
* MFSA 2016-86/CVE-2016-5284: Add-on update site certificate pin expiration
* MFSA 2016-86/CVE-2016-5250: Resource Timing API is storing resources sent by the previous page
* MFSA 2016-86/CVE-2016-5261: Integer overflow and memory corruption in WebSocketChannel
* MFSA 2016-86/CVE-2016-5257: Various memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4
ImportantSUSE bug 999701CVE-2016-5250 at SUSECVE-2016-5250 at NVDCVE-2016-5257 at SUSECVE-2016-5257 at NVDCVE-2016-5261 at SUSECVE-2016-5261 at NVDCVE-2016-5270 at SUSECVE-2016-5270 at NVDCVE-2016-5272 at SUSECVE-2016-5272 at NVDCVE-2016-5274 at SUSECVE-2016-5274 at NVDCVE-2016-5276 at SUSECVE-2016-5276 at NVDCVE-2016-5277 at SUSECVE-2016-5277 at NVDCVE-2016-5278 at SUSECVE-2016-5278 at NVDCVE-2016-5280 at SUSECVE-2016-5280 at NVDCVE-2016-5281 at SUSECVE-2016-5281 at NVDCVE-2016-5284 at SUSECVE-2016-5284 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
MozillaFirefox 45 ESR was updated to 45.6 to fix the following issues:
* MFSA 2016-95/CVE-2016-9897: Memory corruption in libGLES
* MFSA 2016-95/CVE-2016-9901: Data from Pocket server improperly sanitized before execution
* MFSA 2016-95/CVE-2016-9898: Use-after-free in Editor while manipulating DOM subtrees
* MFSA 2016-95/CVE-2016-9899: Use-after-free while manipulating DOM events and audio elements
* MFSA 2016-95/CVE-2016-9904: Cross-origin information leak in shared atoms
* MFSA 2016-95/CVE-2016-9905: Crash in EnumerateSubDocuments
* MFSA 2016-95/CVE-2016-9895: CSP bypass using marquee tag
* MFSA 2016-95/CVE-2016-9900: Restricted external resources can be loaded by SVG images through data URLs
* MFSA 2016-95/CVE-2016-9893: Memory safety bugs fixed in Firefox 50.1 and Firefox ESR 45.6
* MFSA 2016-95/CVE-2016-9902: Pocket extension does not validate the origin of events
Please see https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/
for more information.
Also the following bug was fixed:
- Fix fontconfig issue (bsc#1000751) on 32bit systems as well.
ImportantSUSE bug 1000751SUSE bug 1015422CVE-2016-9893 at SUSECVE-2016-9893 at NVDCVE-2016-9895 at SUSECVE-2016-9895 at NVDCVE-2016-9897 at SUSECVE-2016-9897 at NVDCVE-2016-9898 at SUSECVE-2016-9898 at NVDCVE-2016-9899 at SUSECVE-2016-9899 at NVDCVE-2016-9900 at SUSECVE-2016-9900 at NVDCVE-2016-9901 at SUSECVE-2016-9901 at NVDCVE-2016-9902 at SUSECVE-2016-9902 at NVDCVE-2016-9904 at SUSECVE-2016-9904 at NVDCVE-2016-9905 at SUSECVE-2016-9905 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
MozillaFirefox 45 ESR was updated to 45.7 to fix the following issues (bsc#1021991):
* MFSA 2017-02/CVE-2017-5378: Pointer and frame data leakage of Javascript objects (bsc#1021818)
* MFSA 2017-02/CVE-2017-5396: Use-after-free with Media Decoder (bsc#1021821)
* MFSA 2017-02/CVE-2017-5386: WebExtensions can use data: protocol to affect other extensions (bsc#1021823)
* MFSA 2017-02/CVE-2017-5380: Potential use-after-free during DOM manipulations (bsc#1021819)
* MFSA 2017-02/CVE-2017-5390: Insecure communication methods in Developer Tools JSON viewer (bsc#1021820)
* MFSA 2017-02/CVE-2017-5373: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7 (bsc#1021824)
* MFSA 2017-02/CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP (bsc#1021814)
* MFSA 2017-02/CVE-2017-5376: Use-after-free in XSL (bsc#1021817)
* MFSA 2017-02/CVE-2017-5383: Location bar spoofing with unicode characters (bsc#1021822)
Please see https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/
for more information.
ImportantSUSE bug 1021814SUSE bug 1021817SUSE bug 1021818SUSE bug 1021819SUSE bug 1021820SUSE bug 1021821SUSE bug 1021822SUSE bug 1021823SUSE bug 1021824SUSE bug 1021991CVE-2017-5373 at SUSECVE-2017-5373 at NVDCVE-2017-5375 at SUSECVE-2017-5375 at NVDCVE-2017-5376 at SUSECVE-2017-5376 at NVDCVE-2017-5378 at SUSECVE-2017-5378 at NVDCVE-2017-5380 at SUSECVE-2017-5380 at NVDCVE-2017-5383 at SUSECVE-2017-5383 at NVDCVE-2017-5386 at SUSECVE-2017-5386 at NVDCVE-2017-5390 at SUSECVE-2017-5390 at NVDCVE-2017-5396 at SUSECVE-2017-5396 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for MozillaFirefox to ESR 45.8 fixes the following issues:
Security issues fixed (bsc#1028391):
- CVE-2017-5402: Use-after-free working with events in FontFace objects
- CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping
- CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
- CVE-2017-5401: Memory Corruption when handling ErrorResult
- CVE-2017-5407: Pixel and history stealing via floating-point timing side channel with SVG filters
- CVE-2017-5404: Use-after-free working with ranges in selections
- CVE-2017-5405: FTP response codes can cause use of uninitialized values for ports
- CVE-2017-5408: Cross-origin reading of video captions in violation of CORS
- CVE-2017-5409: File deletion via callback parameter in Mozilla Windows Updater and Maintenance Service
- CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8
Bugfixes:
- fix crashes on Itanium (bsc#1027527)
ImportantSUSE bug 1027527SUSE bug 1028391CVE-2017-5398 at SUSECVE-2017-5398 at NVDCVE-2017-5400 at SUSECVE-2017-5400 at NVDCVE-2017-5401 at SUSECVE-2017-5401 at NVDCVE-2017-5402 at SUSECVE-2017-5402 at NVDCVE-2017-5404 at SUSECVE-2017-5404 at NVDCVE-2017-5405 at SUSECVE-2017-5405 at NVDCVE-2017-5407 at SUSECVE-2017-5407 at NVDCVE-2017-5408 at SUSECVE-2017-5408 at NVDCVE-2017-5409 at SUSECVE-2017-5409 at NVDCVE-2017-5410 at SUSECVE-2017-5410 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox, mozilla-nss, mozilla-nspr (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
Mozilla Firefox was updated to the Firefox ESR release 45.9.
Mozilla NSS was updated to support TLS 1.3 (close to release draft) and various new
ciphers, PRFs, Diffie Hellman key agreement and support for more hashes.
Security issues fixed in Firefox (bsc#1035082)
- MFSA 2017-11/CVE-2017-5469: Potential Buffer overflow in flex-generated code
- MFSA 2017-11/CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1
- MFSA 2017-11/CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing
- MFSA 2017-11/CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing
- MFSA 2017-11/CVE-2017-5437: Vulnerabilities in Libevent library
- MFSA 2017-11/CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2
- MFSA 2017-11/CVE-2017-5435: Use-after-free during transaction processing in the editor
- MFSA 2017-11/CVE-2017-5434: Use-after-free during focus handling
- MFSA 2017-11/CVE-2017-5433: Use-after-free in SMIL animation functions
- MFSA 2017-11/CVE-2017-5432: Use-after-free in text input selection
- MFSA 2017-11/CVE-2017-5464: Memory corruption with accessibility and DOM manipulation
- MFSA 2017-11/CVE-2017-5465: Out-of-bounds read in ConvolvePixel
- MFSA 2017-11/CVE-2017-5460: Use-after-free in frame selection
- MFSA 2017-11/CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor
- MFSA 2017-11/CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data
- MFSA 2017-11/CVE-2017-5447: Out-of-bounds read during glyph processing
- MFSA 2017-11/CVE-2017-5444: Buffer overflow while parsing application/http-index-format content
- MFSA 2017-11/CVE-2017-5445: Uninitialized values used while parsing application/http-index-format content
- MFSA 2017-11/CVE-2017-5442: Use-after-free during style changes
- MFSA 2017-11/CVE-2017-5443: Out-of-bounds write during BinHex decoding
- MFSA 2017-11/CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT processing
- MFSA 2017-11/CVE-2017-5441: Use-after-free with selection during scroll events
- MFSA 2017-11/CVE-2017-5459: Buffer overflow in WebGL
Mozilla NSS was updated to 3.29.5, bringing new features and fixing bugs:
- Update to NSS 3.29.5:
* MFSA 2017-11/CVE-2017-5461: Rare crashes in the base 64 decoder and encoder were fixed.
* MFSA 2017-11/CVE-2017-5462: A carry over bug in the RNG was fixed.
* CVE-2016-9574: Remote DoS during session handshake when using SessionTicket extention and ECDHE-ECDSA (bsc#1015499).
* requires NSPR >= 4.13.1
- Update to NSS 3.29.3
* enables TLS 1.3 by default
- Fixed a bug in hash computation (and build with
GCC 7 which complains about shifts of boolean values).
(bsc#1030071, bmo#1348767)
- Update to NSS 3.28.3
This is a patch release to fix binary compatibility issues.
- Update to NSS 3.28.1
This is a patch release to update the list of root CA certificates.
* The following CA certificates were Removed
CN = Buypass Class 2 CA 1
CN = Root CA Generalitat Valenciana
OU = RSA Security 2048 V3
* The following CA certificates were Added
OU = AC RAIZ FNMT-RCM
CN = Amazon Root CA 1
CN = Amazon Root CA 2
CN = Amazon Root CA 3
CN = Amazon Root CA 4
CN = LuxTrust Global Root 2
CN = Symantec Class 1 Public Primary Certification Authority - G4
CN = Symantec Class 1 Public Primary Certification Authority - G6
CN = Symantec Class 2 Public Primary Certification Authority - G4
CN = Symantec Class 2 Public Primary Certification Authority - G6
* The version number of the updated root CA list has been set to 2.11
- Update to NSS 3.28
New functionality:
* NSS includes support for TLS 1.3 draft -18. This includes a number
of improvements to TLS 1.3:
- The signed certificate timestamp, used in certificate
transparency, is supported in TLS 1.3.
- Key exporters for TLS 1.3 are supported. This includes the early
key exporter, which can be used if 0-RTT is enabled. Note that
there is a difference between TLS 1.3 and key exporters in older
versions of TLS. TLS 1.3 does not distinguish between an empty
context and no context.
- The TLS 1.3 (draft) protocol can be enabled, by defining
NSS_ENABLE_TLS_1_3=1 when building NSS.
- NSS includes support for the X25519 key exchange algorithm,
which is supported and enabled by default in all versions of TLS.
Notable Changes:
* NSS can no longer be compiled with support for additional elliptic curves.
This was previously possible by replacing certain NSS source files.
* NSS will now detect the presence of tokens that support additional
elliptic curves and enable those curves for use in TLS.
Note that this detection has a one-off performance cost, which can be
avoided by using the SSL_NamedGroupConfig function to limit supported
groups to those that NSS provides.
* PKCS#11 bypass for TLS is no longer supported and has been removed.
* Support for 'export' grade SSL/TLS cipher suites has been removed.
* NSS now uses the signature schemes definition in TLS 1.3.
This also affects TLS 1.2. NSS will now only generate signatures with the
combinations of hash and signature scheme that are defined in TLS 1.3,
even when negotiating TLS 1.2.
- This means that SHA-256 will only be used with P-256 ECDSA certificates,
SHA-384 with P-384 certificates, and SHA-512 with P-521 certificates.
SHA-1 is permitted (in TLS 1.2 only) with any certificate for backward
compatibility reasons.
- NSS will now no longer assume that default signature schemes are
supported by a peer if there was no commonly supported signature scheme.
* NSS will now check if RSA-PSS signing is supported by the token that holds
the private key prior to using it for TLS.
* The certificate validation code contains checks to no longer trust
certificates that are issued by old WoSign and StartCom CAs after
October 21, 2016. This is equivalent to the behavior that Mozilla will
release with Firefox 51.
- Update to NSS 3.27.2
* Fixed SSL_SetTrustAnchors leaks (bmo#1318561)
- raised the minimum softokn/freebl version to 3.28 as reported in (boo#1021636)
- Update to NSS 3.26.2
New Functionality:
* the selfserv test utility has been enhanced to support ALPN
(HTTP/1.1) and 0-RTT
* added support for the System-wide crypto policy available on
Fedora Linux see http://fedoraproject.org/wiki/Changes/CryptoPolicy
* introduced build flag NSS_DISABLE_LIBPKIX that allows compilation
of NSS without the libpkix library
Notable Changes:
* The following CA certificate was Added
CN = ISRG Root X1
* NPN is disabled and ALPN is enabled by default
* the NSS test suite now completes with the experimental TLS 1.3
code enabled
* several test improvements and additions, including a NIST known answer test
Changes in 3.26.2
* MD5 signature algorithms sent by the server in CertificateRequest
messages are now properly ignored. Previously, with rare server
configurations, an MD5 signature algorithm might have been selected
for client authentication and caused the client to abort the
connection soon after.
- Update to NSS 3.25
New functionality:
* Implemented DHE key agreement for TLS 1.3
* Added support for ChaCha with TLS 1.3
* Added support for TLS 1.2 ciphersuites that use SHA384 as the PRF
* In previous versions, when using client authentication with TLS 1.2,
NSS only supported certificate_verify messages that used the same
signature hash algorithm as used by the PRF. This limitation has
been removed.
Notable changes:
* An SSL socket can no longer be configured to allow both TLS 1.3 and SSLv3
* Regression fix: NSS no longer reports a failure if an application
attempts to disable the SSLv2 protocol.
* The list of trusted CA certificates has been updated to version 2.8
* The following CA certificate was Removed
Sonera Class1 CA
* The following CA certificates were Added
Hellenic Academic and Research Institutions RootCA 2015
Hellenic Academic and Research Institutions ECC RootCA 2015
Certplus Root CA G1
Certplus Root CA G2
OpenTrust Root CA G1
OpenTrust Root CA G2
OpenTrust Root CA G3
- Update to NSS 3.24
New functionality:
* NSS softoken has been updated with the latest National Institute
of Standards and Technology (NIST) guidance (as of 2015):
- Software integrity checks and POST functions are executed on
shared library load. These checks have been disabled by default,
as they can cause a performance regression. To enable these
checks, you must define symbol NSS_FORCE_FIPS when building NSS.
- Counter mode and Galois/Counter Mode (GCM) have checks to
prevent counter overflow.
- Additional CSPs are zeroed in the code.
- NSS softoken uses new guidance for how many Rabin-Miller tests
are needed to verify a prime based on prime size.
* NSS softoken has also been updated to allow NSS to run in FIPS
Level 1 (no password). This mode is triggered by setting the
database password to the empty string. In FIPS mode, you may move
from Level 1 to Level 2 (by setting an appropriate password),
but not the reverse.
* A SSL_ConfigServerCert function has been added for configuring
SSL/TLS server sockets with a certificate and private key. Use
this new function in place of SSL_ConfigSecureServer,
SSL_ConfigSecureServerWithCertChain, SSL_SetStapledOCSPResponses,
and SSL_SetSignedCertTimestamps. SSL_ConfigServerCert automatically
determines the certificate type from the certificate and private key.
The caller is no longer required to use SSLKEAType explicitly to
select a 'slot' into which the certificate is configured (which
incorrectly identifies a key agreement type rather than a certificate).
Separate functions for configuring Online Certificate Status Protocol
(OCSP) responses or Signed Certificate Timestamps are not needed,
since these can be added to the optional SSLExtraServerCertData struct
provided to SSL_ConfigServerCert. Also, partial support for RSA
Probabilistic Signature Scheme (RSA-PSS) certificates has been added.
Although these certificates can be configured, they will not be
used by NSS in this version.
* Deprecate the member attribute authAlgorithm of type SSLCipherSuiteInfo.
Instead, applications should use the newly added attribute authType.
* Add a shared library (libfreeblpriv3) on Linux platforms that
define FREEBL_LOWHASH.
* Remove most code related to SSL v2, including the ability to actively
send a SSLv2-compatible client hello. However, the server-side
implementation of the SSL/TLS protocol still supports processing
of received v2-compatible client hello messages.
* Disable (by default) NSS support in optimized builds for logging SSL/TLS
key material to a logfile if the SSLKEYLOGFILE environment variable
is set. To enable the functionality in optimized builds, you must define
the symbol NSS_ALLOW_SSLKEYLOGFILE when building NSS.
* Update NSS to protect it against the Cachebleed attack.
* Disable support for DTLS compression.
* Improve support for TLS 1.3. This includes support for DTLS 1.3.
Note that TLS 1.3 support is experimental and not suitable for
production use.
- Update to NSS 3.23
New functionality:
* ChaCha20/Poly1305 cipher and TLS cipher suites now supported
* Experimental-only support TLS 1.3 1-RTT mode (draft-11).
This code is not ready for production use.
Notable changes:
* The list of TLS extensions sent in the TLS handshake has been
reordered to increase compatibility of the Extended Master Secret
with with servers
* The build time environment variable NSS_ENABLE_ZLIB has been
renamed to NSS_SSL_ENABLE_ZLIB
* The build time environment variable NSS_DISABLE_CHACHAPOLY was
added, which can be used to prevent compilation of the
ChaCha20/Poly1305 code.
* The following CA certificates were Removed
- Staat der Nederlanden Root CA
- NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado
- NetLock Kozjegyzoi (Class A) Tanusitvanykiado
- NetLock Uzleti (Class B) Tanusitvanykiado
- NetLock Expressz (Class C) Tanusitvanykiado
- VeriSign Class 1 Public PCA - G2
- VeriSign Class 3 Public PCA
- VeriSign Class 3 Public PCA - G2
- CA Disig
* The following CA certificates were Added
+ SZAFIR ROOT CA2
+ Certum Trusted Network CA 2
* The following CA certificate had the Email trust bit turned on
+ Actalis Authentication Root CA
Security fixes:
* CVE-2016-2834: Memory safety bugs (boo#983639)
MFSA-2016-61 bmo#1206283 bmo#1221620 bmo#1241034 bmo#1241037
- Update to NSS 3.22.3
* Increase compatibility of TLS extended master secret,
don't send an empty TLS extension last in the handshake
(bmo#1243641)
* Fixed a heap-based buffer overflow related to the parsing of
certain ASN.1 structures. An attacker could create a specially-crafted
certificate which, when parsed by NSS, would cause a crash or
execution of arbitrary code with the permissions of the user.
(CVE-2016-1950, bmo#1245528)
- Update to NSS 3.22.2
New functionality:
* RSA-PSS signatures are now supported (bmo#1215295)
* Pseudorandom functions based on hashes other than SHA-1 are now supported
* Enforce an External Policy on NSS from a config file (bmo#1009429)
- CVE-2016-8635: Fix for DH small subgroup confinement attack (bsc#1015547)
Mozilla NSPR was updated to version 4.13.1:
The previously released version 4.13 had changed pipes to be
nonblocking by default, and as a consequence, PollEvent was
changed to not block on clear.
The NSPR development team received reports that these changes
caused regressions in some applications that use NSPR, and it
has been decided to revert the changes made in NSPR 4.13.
NSPR 4.13.1 restores the traditional behavior of pipes and
PollEvent.
Mozilla NSPR update to version 4.13 had these changes:
- PL_strcmp (and others) were fixed to return consistent results
when one of the arguments is NULL.
- PollEvent was fixed to not block on clear.
- Pipes are always nonblocking.
- PR_GetNameForIdentity: added thread safety lock and bound checks.
- Removed the PLArena freelist.
- Avoid some integer overflows.
- fixed several comments.
ImportantSUSE bug 1015499SUSE bug 1015547SUSE bug 1021636SUSE bug 1030071SUSE bug 1035082SUSE bug 983639CVE-2016-1950 at SUSECVE-2016-1950 at NVDCVE-2016-2834 at SUSECVE-2016-2834 at NVDCVE-2016-8635 at SUSECVE-2016-8635 at NVDCVE-2016-9574 at SUSECVE-2016-9574 at NVDCVE-2017-5429 at SUSECVE-2017-5429 at NVDCVE-2017-5432 at SUSECVE-2017-5432 at NVDCVE-2017-5433 at SUSECVE-2017-5433 at NVDCVE-2017-5434 at SUSECVE-2017-5434 at NVDCVE-2017-5435 at SUSECVE-2017-5435 at NVDCVE-2017-5436 at SUSECVE-2017-5436 at NVDCVE-2017-5437 at SUSECVE-2017-5437 at NVDCVE-2017-5438 at SUSECVE-2017-5438 at NVDCVE-2017-5439 at SUSECVE-2017-5439 at NVDCVE-2017-5440 at SUSECVE-2017-5440 at NVDCVE-2017-5441 at SUSECVE-2017-5441 at NVDCVE-2017-5442 at SUSECVE-2017-5442 at NVDCVE-2017-5443 at SUSECVE-2017-5443 at NVDCVE-2017-5444 at SUSECVE-2017-5444 at NVDCVE-2017-5445 at SUSECVE-2017-5445 at NVDCVE-2017-5446 at SUSECVE-2017-5446 at NVDCVE-2017-5447 at SUSECVE-2017-5447 at NVDCVE-2017-5448 at SUSECVE-2017-5448 at NVDCVE-2017-5459 at SUSECVE-2017-5459 at NVDCVE-2017-5460 at SUSECVE-2017-5460 at NVDCVE-2017-5461 at SUSECVE-2017-5461 at NVDCVE-2017-5462 at SUSECVE-2017-5462 at NVDCVE-2017-5464 at SUSECVE-2017-5464 at NVDCVE-2017-5465 at SUSECVE-2017-5465 at NVDCVE-2017-5469 at SUSECVE-2017-5469 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox, MozillaFirefox-branding-SLED, firefox-gcc5, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for MozillaFirefox and mozilla-nss fixes the following issues:
Security issues fixed:
- Fixes in Firefox ESR 52.2 (bsc#1043960,MFSA 2017-16)
- CVE-2017-7758: Out-of-bounds read in Opus encoder
- CVE-2017-7749: Use-after-free during docshell reloading
- CVE-2017-7751: Use-after-free with content viewer listeners
- CVE-2017-5472: Use-after-free using destroyed node when regenerating trees
- CVE-2017-5470: Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2
- CVE-2017-7752: Use-after-free with IME input
- CVE-2017-7750: Use-after-free with track elements
- CVE-2017-7768: 32 byte arbitrary file read through Mozilla Maintenance Service
- CVE-2017-7778: Vulnerabilities in the Graphite 2 library
- CVE-2017-7754: Out-of-bounds read in WebGL with ImageInfo object
- CVE-2017-7755: Privilege escalation through Firefox Installer with same directory DLL files
- CVE-2017-7756: Use-after-free and use-after-scope logging XHR header errors
- CVE-2017-7757: Use-after-free in IndexedDB
- CVE-2017-7761: File deletion and privilege escalation through Mozilla Maintenance Service helper.exe application
- CVE-2017-7763: Mac fonts render some unicode characters as spaces
- CVE-2017-7765: Mark of the Web bypass when saving executable files
- CVE-2017-7764: Domain spoofing with combination of Canadian Syllabics and other unicode blocks
- update to Firefox ESR 52.1 (bsc#1035082,MFSA 2017-12)
- CVE-2016-10196: Vulnerabilities in Libevent library
- CVE-2017-5443: Out-of-bounds write during BinHex decoding
- CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1
- CVE-2017-5464: Memory corruption with accessibility and DOM manipulation
- CVE-2017-5465: Out-of-bounds read in ConvolvePixel
- CVE-2017-5466: Origin confusion when reloading isolated data:text/html URL
- CVE-2017-5467: Memory corruption when drawing Skia content
- CVE-2017-5460: Use-after-free in frame selection
- CVE-2017-5461: Out-of-bounds write in Base64 encoding in NSS
- CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor
- CVE-2017-5449: Crash during bidirectional unicode manipulation with animation
- CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data
- CVE-2017-5447: Out-of-bounds read during glyph processing
- CVE-2017-5444: Buffer overflow while parsing application/http-index-format content
- CVE-2017-5445: Uninitialized values used while parsing application/http- index-format content
- CVE-2017-5442: Use-after-free during style changes
- CVE-2017-5469: Potential Buffer overflow in flex-generated code
- CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT processing
- CVE-2017-5441: Use-after-free with selection during scroll events
- CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing
- CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing
- CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2
- CVE-2017-5435: Use-after-free during transaction processing in the editor
- CVE-2017-5434: Use-after-free during focus handling
- CVE-2017-5433: Use-after-free in SMIL animation functions
- CVE-2017-5432: Use-after-free in text input selection
- CVE-2017-5430: Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1
- CVE-2017-5459: Buffer overflow in WebGL
- CVE-2017-5462: DRBG flaw in NSS
- CVE-2017-5455: Sandbox escape through internal feed reader APIs
- CVE-2017-5454: Sandbox escape allowing file system read access through file picker
- CVE-2017-5456: Sandbox escape allowing local file system access
- CVE-2017-5451: Addressbar spoofing with onblur event
- General
- CVE-2015-5276: Fix for C++11 std::random_device short reads (bsc#945842)
Bugfixes:
- workaround for Firefox hangs (bsc#1031485, bsc#1025108)
- Update to gcc-5-branch head.
* Includes fixes for (bsc#966220), (bsc#962765), (bsc#964468), (bsc#939460),
(bsc#930496), (bsc#930392) and (bsc#955382).
- Add fix to revert accidential libffi ABI breakage on AARCH64. (bsc#968771)
- Build s390[x] with --with-tune=z9-109 --with-arch=z900 on SLE11 again. (bsc#954002)
- Fix libffi include install. (bsc#935510)
ImportantSUSE bug 1025108SUSE bug 1031485SUSE bug 1035082SUSE bug 1043960SUSE bug 930392SUSE bug 930496SUSE bug 935510SUSE bug 939460SUSE bug 945842SUSE bug 953831SUSE bug 954002SUSE bug 955382SUSE bug 962765SUSE bug 964468SUSE bug 966220SUSE bug 968771CVE-2015-5276 at SUSECVE-2015-5276 at NVDCVE-2016-10196 at SUSECVE-2016-10196 at NVDCVE-2017-5429 at SUSECVE-2017-5429 at NVDCVE-2017-5430 at SUSECVE-2017-5430 at NVDCVE-2017-5432 at SUSECVE-2017-5432 at NVDCVE-2017-5433 at SUSECVE-2017-5433 at NVDCVE-2017-5434 at SUSECVE-2017-5434 at NVDCVE-2017-5435 at SUSECVE-2017-5435 at NVDCVE-2017-5436 at SUSECVE-2017-5436 at NVDCVE-2017-5438 at SUSECVE-2017-5438 at NVDCVE-2017-5439 at SUSECVE-2017-5439 at NVDCVE-2017-5440 at SUSECVE-2017-5440 at NVDCVE-2017-5441 at SUSECVE-2017-5441 at NVDCVE-2017-5442 at SUSECVE-2017-5442 at NVDCVE-2017-5443 at SUSECVE-2017-5443 at NVDCVE-2017-5444 at SUSECVE-2017-5444 at NVDCVE-2017-5445 at SUSECVE-2017-5445 at NVDCVE-2017-5446 at SUSECVE-2017-5446 at NVDCVE-2017-5447 at SUSECVE-2017-5447 at NVDCVE-2017-5448 at SUSECVE-2017-5448 at NVDCVE-2017-5449 at SUSECVE-2017-5449 at NVDCVE-2017-5451 at SUSECVE-2017-5451 at NVDCVE-2017-5454 at SUSECVE-2017-5454 at NVDCVE-2017-5455 at SUSECVE-2017-5455 at NVDCVE-2017-5456 at SUSECVE-2017-5456 at NVDCVE-2017-5459 at SUSECVE-2017-5459 at NVDCVE-2017-5460 at SUSECVE-2017-5460 at NVDCVE-2017-5461 at SUSECVE-2017-5461 at NVDCVE-2017-5462 at SUSECVE-2017-5462 at NVDCVE-2017-5464 at SUSECVE-2017-5464 at NVDCVE-2017-5465 at SUSECVE-2017-5465 at NVDCVE-2017-5466 at SUSECVE-2017-5466 at NVDCVE-2017-5467 at SUSECVE-2017-5467 at NVDCVE-2017-5469 at SUSECVE-2017-5469 at NVDCVE-2017-5470 at SUSECVE-2017-5470 at NVDCVE-2017-5472 at SUSECVE-2017-5472 at NVDCVE-2017-7749 at SUSECVE-2017-7749 at NVDCVE-2017-7750 at SUSECVE-2017-7750 at NVDCVE-2017-7751 at SUSECVE-2017-7751 at NVDCVE-2017-7752 at SUSECVE-2017-7752 at NVDCVE-2017-7754 at SUSECVE-2017-7754 at NVDCVE-2017-7755 at SUSECVE-2017-7755 at NVDCVE-2017-7756 at SUSECVE-2017-7756 at NVDCVE-2017-7757 at SUSECVE-2017-7757 at NVDCVE-2017-7758 at SUSECVE-2017-7758 at NVDCVE-2017-7761 at SUSECVE-2017-7761 at NVDCVE-2017-7763 at SUSECVE-2017-7763 at NVDCVE-2017-7764 at SUSECVE-2017-7764 at NVDCVE-2017-7765 at SUSECVE-2017-7765 at NVDCVE-2017-7768 at SUSECVE-2017-7768 at NVDCVE-2017-7778 at SUSECVE-2017-7778 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
Mozilla Firefox was updated to the ESR 52.3 release (bsc#1052829)
Following security issues were fixed:
* MFSA 2017-19/CVE-2017-7807: Domain hijacking through AppCache fallback
* MFSA 2017-19/CVE-2017-7791: Spoofing following page navigation with data: protocol and modal alerts
* MFSA 2017-19/CVE-2017-7792: Buffer overflow viewing certificates with an extremely long OID
* MFSA 2017-19/CVE-2017-7782: WindowsDllDetourPatcher allocates memory without DEP protections
* MFSA 2017-19/CVE-2017-7787: Same-origin policy bypass with iframes through page reloads
* MFSA 2017-19/CVE-2017-7786: Buffer overflow while painting non-displayable SVG
* MFSA 2017-19/CVE-2017-7785: Buffer overflow manipulating ARIA attributes in DOM
* MFSA 2017-19/CVE-2017-7784: Use-after-free with image observers
* MFSA 2017-19/CVE-2017-7753: Out-of-bounds read with cached style data and pseudo-elements
* MFSA 2017-19/CVE-2017-7798: XUL injection in the style editor in devtools
* MFSA 2017-19/CVE-2017-7804: Memory protection bypass through WindowsDllDetourPatcher
* MFSA 2017-19/CVE-2017-7779: Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3
* MFSA 2017-19/CVE-2017-7800: Use-after-free in WebSockets during disconnection
* MFSA 2017-19/CVE-2017-7801: Use-after-free with marquee during window resizing
* MFSA 2017-19/CVE-2017-7802: Use-after-free resizing image elements
* MFSA 2017-19/CVE-2017-7803: CSP containing 'sandbox' improperly applied
This update also fixes:
- fixed firefox hangs after a while in FUTEX_WAIT_PRIVATE if
cgroups enabled and running on cpu >=1 (bsc#1031485)
- The Itanium ia64 build was fixed.
ImportantSUSE bug 1031485SUSE bug 1052829CVE-2017-7753 at SUSECVE-2017-7753 at NVDCVE-2017-7779 at SUSECVE-2017-7779 at NVDCVE-2017-7782 at SUSECVE-2017-7782 at NVDCVE-2017-7784 at SUSECVE-2017-7784 at NVDCVE-2017-7785 at SUSECVE-2017-7785 at NVDCVE-2017-7786 at SUSECVE-2017-7786 at NVDCVE-2017-7787 at SUSECVE-2017-7787 at NVDCVE-2017-7791 at SUSECVE-2017-7791 at NVDCVE-2017-7792 at SUSECVE-2017-7792 at NVDCVE-2017-7798 at SUSECVE-2017-7798 at NVDCVE-2017-7800 at SUSECVE-2017-7800 at NVDCVE-2017-7801 at SUSECVE-2017-7801 at NVDCVE-2017-7802 at SUSECVE-2017-7802 at NVDCVE-2017-7803 at SUSECVE-2017-7803 at NVDCVE-2017-7804 at SUSECVE-2017-7804 at NVDCVE-2017-7807 at SUSECVE-2017-7807 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for MozillaFirefox ESR 52.5 fixes the following issues:
Security issues fixed:
- CVE-2017-7826: Memory safety bugs fixed (bsc#1068101).
- CVE-2017-7828: Use-after-free of PressShell while restyling layout (bsc#1068101).
- CVE-2017-7830: Cross-origin URL information leak through Resource Timing API (bsc#1068101).
Mozilla Foundation Security Advisory (MFSA 2017-25):
- https://www.mozilla.org/en-US/security/advisories/mfsa2017-25/
ImportantSUSE bug 1068101CVE-2017-7826 at SUSECVE-2017-7826 at NVDCVE-2017-7828 at SUSECVE-2017-7828 at NVDCVE-2017-7830 at SUSECVE-2017-7830 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for MozillaFirefox to version ESR 52.6 fixes several issues.
These security issues were fixed:
- CVE-2018-5091: Use-after-free with DTMF timers (bsc#1077291).
- CVE-2018-5095: Integer overflow in Skia library during edge builder allocation (bsc#1077291).
- CVE-2018-5096: Use-after-free while editing form elements (bsc#1077291).
- CVE-2018-5097: Use-after-free when source document is manipulated during XSLT (bsc#1077291).
- CVE-2018-5098: Use-after-free while manipulating form input elements (bsc#1077291).
- CVE-2018-5099: Use-after-free with widget listener (bsc#1077291).
- CVE-2018-5102: Use-after-free in HTML media elements (bsc#1077291).
- CVE-2018-5103: Use-after-free during mouse event handling (bsc#1077291).
- CVE-2018-5104: Use-after-free during font face manipulation (bsc#1077291).
- CVE-2018-5117: URL spoofing with right-to-left text aligned left-to-right (bsc#1077291).
- CVE-2018-5089: Various memory safety bugs (bsc#1077291).
ImportantSUSE bug 1077291CVE-2018-5089 at SUSECVE-2018-5089 at NVDCVE-2018-5091 at SUSECVE-2018-5091 at NVDCVE-2018-5095 at SUSECVE-2018-5095 at NVDCVE-2018-5096 at SUSECVE-2018-5096 at NVDCVE-2018-5097 at SUSECVE-2018-5097 at NVDCVE-2018-5098 at SUSECVE-2018-5098 at NVDCVE-2018-5099 at SUSECVE-2018-5099 at NVDCVE-2018-5102 at SUSECVE-2018-5102 at NVDCVE-2018-5103 at SUSECVE-2018-5103 at NVDCVE-2018-5104 at SUSECVE-2018-5104 at NVDCVE-2018-5117 at SUSECVE-2018-5117 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for MozillaFirefox fixes the following issues:
Security issues fixed in Firefox ESR 52.7.3 (bsc#1085130):
- CVE-2018-5125: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7
- CVE-2018-5127: Buffer overflow manipulating SVG animatedPathSegList
- CVE-2018-5129: Out-of-bounds write with malformed IPC messages
- CVE-2018-5130: Mismatched RTP payload type can trigger memory corruption
- CVE-2018-5131: Fetch API improperly returns cached copies of no-store/no-cache resources
- CVE-2018-5144: Integer overflow during Unicode conversion
- CVE-2018-5145: Memory safety bugs fixed in Firefox ESR 52.7
- CVE-2018-5146: Out of bounds memory write in libvorbis (bsc#1085671)
- CVE-2018-5147: Out of bounds memory write in libtremor (bsc#1085671)
- CVE-2018-5148: Use-after-free in compositor (MFSA 2018-10) (bsc#1087059)
ModerateSUSE bug 1085130SUSE bug 1085671SUSE bug 1087059CVE-2018-5125 at SUSECVE-2018-5125 at NVDCVE-2018-5127 at SUSECVE-2018-5127 at NVDCVE-2018-5129 at SUSECVE-2018-5129 at NVDCVE-2018-5130 at SUSECVE-2018-5130 at NVDCVE-2018-5131 at SUSECVE-2018-5131 at NVDCVE-2018-5144 at SUSECVE-2018-5144 at NVDCVE-2018-5145 at SUSECVE-2018-5145 at NVDCVE-2018-5146 at SUSECVE-2018-5146 at NVDCVE-2018-5147 at SUSECVE-2018-5147 at NVDCVE-2018-5148 at SUSECVE-2018-5148 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for MozillaFirefox to ESR 52.8 release fixes the following issues:
Update to Firefox ESR 52.8 (bsc#1092548)
Security issues fixed:
- MFSA 2018-12/CVE-2018-5159: Integer overflow and out-of-bounds write in Skia
- MFSA 2018-12/CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer
- MFSA 2018-12/CVE-2018-5168: Lightweight themes can be installed without user interaction
- MFSA 2018-12/CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8
- MFSA 2018-12/CVE-2018-5155: Use-after-free with SVG animations and text paths
- MFSA 2018-12/CVE-2018-5183: Backport critical security fixes in Skia
- MFSA 2018-12/CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files
- MFSA 2018-12/CVE-2018-5154: Use-after-free with SVG animations and clip paths
- MFSA 2018-12/CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension
ImportantSUSE bug 1092548CVE-2018-5150 at SUSECVE-2018-5150 at NVDCVE-2018-5154 at SUSECVE-2018-5154 at NVDCVE-2018-5155 at SUSECVE-2018-5155 at NVDCVE-2018-5157 at SUSECVE-2018-5157 at NVDCVE-2018-5158 at SUSECVE-2018-5158 at NVDCVE-2018-5159 at SUSECVE-2018-5159 at NVDCVE-2018-5168 at SUSECVE-2018-5168 at NVDCVE-2018-5174 at SUSECVE-2018-5174 at NVDCVE-2018-5178 at SUSECVE-2018-5178 at NVDCVE-2018-5183 at SUSECVE-2018-5183 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for MozillaFirefox fixes the following security issue:
- CVE-2018-6126: Prevent heap buffer overflow in rasterizing paths in SVG with Skia (bsc#1096449).
ImportantSUSE bug 1096449CVE-2018-6126 at SUSECVE-2018-6126 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for MozillaFirefox to version ESR 52.9 fixes the following issues:
- CVE-2018-5188: Various memory safety bugs (bsc#1098998)
- CVE-2018-12368: No warning when opening executable SettingContent-ms files
- CVE-2018-12366: Invalid data handling during QCMS transformations
- CVE-2018-12365: Compromised IPC child process can list local filenames
- CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins
- CVE-2018-12363: Use-after-free when appending DOM nodes
- CVE-2018-12362: Integer overflow in SSSE3 scaler
- CVE-2018-12360: Use-after-free when using focus()
- CVE-2018-5156: Media recorder segmentation fault when track type is changed during capture
- CVE-2018-12359: Buffer overflow using computed size of canvas element
ImportantSUSE bug 1098998CVE-2018-12359 at SUSECVE-2018-12359 at NVDCVE-2018-12360 at SUSECVE-2018-12360 at NVDCVE-2018-12362 at SUSECVE-2018-12362 at NVDCVE-2018-12363 at SUSECVE-2018-12363 at NVDCVE-2018-12364 at SUSECVE-2018-12364 at NVDCVE-2018-12365 at SUSECVE-2018-12365 at NVDCVE-2018-12366 at SUSECVE-2018-12366 at NVDCVE-2018-12368 at SUSECVE-2018-12368 at NVDCVE-2018-5156 at SUSECVE-2018-5156 at NVDCVE-2018-5188 at SUSECVE-2018-5188 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox to version ESR 60.8 fixes the following issues:
Security issues fixed:
- CVE-2019-9811: Sandbox escape via installation of malicious language pack (bsc#1140868).
- CVE-2019-11711: Script injection within domain through inner window reuse (bsc#1140868).
- CVE-2019-11712: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects (bsc#1140868).
- CVE-2019-11713: Use-after-free with HTTP/2 cached stream (bsc#1140868).
- CVE-2019-11729: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (bsc#1140868).
- CVE-2019-11715: HTML parsing error can contribute to content XSS (bsc#1140868).
- CVE-2019-11717: Caret character improperly escaped in origins (bsc#1140868).
- CVE-2019-11719: Out-of-bounds read when importing curve25519 private key (bsc#1140868).
- CVE-2019-11730: Same-origin policy treats all files in a directory as having the same-origin (bsc#1140868).
- CVE-2019-11709: Multiple Memory safety bugs fixed (bsc#1140868).
- CVE-2019-11708: Fix sandbox escape using Prompt:Open (bsc#1138872).
- CVE-2019-11707: Fixed a type confusion vulnerability in Arrary.pop (bsc#1138614)
Non-security issues fixed:
- Fix broken language plugins (bsc#1137792)
ImportantSUSE bug 1137792SUSE bug 1138614SUSE bug 1138872SUSE bug 1140868CVE-2019-11707 at SUSECVE-2019-11707 at NVDCVE-2019-11708 at SUSECVE-2019-11708 at NVDCVE-2019-11709 at SUSECVE-2019-11709 at NVDCVE-2019-11711 at SUSECVE-2019-11711 at NVDCVE-2019-11712 at SUSECVE-2019-11712 at NVDCVE-2019-11713 at SUSECVE-2019-11713 at NVDCVE-2019-11715 at SUSECVE-2019-11715 at NVDCVE-2019-11717 at SUSECVE-2019-11717 at NVDCVE-2019-11719 at SUSECVE-2019-11719 at NVDCVE-2019-11729 at SUSECVE-2019-11729 at NVDCVE-2019-11730 at SUSECVE-2019-11730 at NVDCVE-2019-9811 at SUSECVE-2019-9811 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues:
Update Firefox Extended Support Release to 68.3.0 ESR (MFSA 2019-37 / bsc#1158328)
Security issues fixed:
- CVE-2019-17008: Use-after-free in worker destruction (bmo#1546331).
- CVE-2019-13722: Stack corruption due to incorrect number of arguments in WebRTC code (bmo#1580156).
- CVE-2019-11745: Out of bounds write in NSS when encrypting with a block cipher (bmo#1586176).
- CVE-2019-17009: Updater temporary files accessible to unprivileged processes (bmo#1510494).
- CVE-2019-17010: Use-after-free when performing device orientation checks (bmo#1581084).
- CVE-2019-17005: Buffer overflow in plain text serializer (bmo#1584170).
- CVE-2019-17011: Use-after-free when retrieving a document in antitracking (bmo#1591334).
- CVE-2019-17012: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209, bmo#1580288, bmo#1585760, bmo#1592502).
Update mozilla-nss to version 3.47.1 (bsc#1158527):
Security issues fixed:
- CVE-2019-11745: EncryptUpdate should use maxout, not block size.
Bug fixes:
- Fix a crash that could be caused by client certificates during startup (bmo#1590495, bsc#1158527)
- Fix compile-time warnings from uninitialized variables in a perl script (bmo#1589810)
- Support AES HW acceleration on ARMv8 (bmo#1152625)
- Allow per-socket run-time ordering of the cipher suites presented in ClientHello (bmo#1267894)
- Add CMAC to FreeBL and PKCS #11 libraries (bmo#1570501)
- Remove arbitrary HKDF output limit by allocating space as needed (bmo#1577953)
Update mozilla-nspr to version 4.23:
Bug fixes:
- fixed a build failure that was introduced in 4.22
- correctness fix for Win64 socket polling
- whitespace in C files was cleaned up and no longer uses tab characters for indenting
- added support for the ARC architecture
- removed support for the following platforms: OSF1/Tru64, DGUX, IRIX, Symbian, BeOS
- correctness and build fixes
ImportantSUSE bug 1158328SUSE bug 1158527CVE-2019-11745 at SUSECVE-2019-11745 at NVDCVE-2019-13722 at SUSECVE-2019-13722 at NVDCVE-2019-17005 at SUSECVE-2019-17005 at NVDCVE-2019-17008 at SUSECVE-2019-17008 at NVDCVE-2019-17009 at SUSECVE-2019-17009 at NVDCVE-2019-17010 at SUSECVE-2019-17010 at NVDCVE-2019-17011 at SUSECVE-2019-17011 at NVDCVE-2019-17012 at SUSECVE-2019-17012 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 68.4.1 ESR
* Fixed: Security fix
MFSA 2020-03 (bsc#1160498)
* CVE-2019-17026 (bmo#1607443)
IonMonkey type confusion with StoreElementHole and
FallibleStoreElement
- Firefox Extended Support Release 68.4.0 ESR
* Fixed: Various security fixes
MFSA 2020-02 (bsc#1160305)
* CVE-2019-17015 (bmo#1599005)
Memory corruption in parent process during new content
process initialization on Windows
* CVE-2019-17016 (bmo#1599181)
Bypass of @namespace CSS sanitization during pasting
* CVE-2019-17017 (bmo#1603055)
Type Confusion in XPCVariant.cpp
* CVE-2019-17021 (bmo#1599008)
Heap address disclosure in parent process during content
process initialization on Windows
* CVE-2019-17022 (bmo#1602843)
CSS sanitization does not escape HTML tags
* CVE-2019-17024 (bmo#1507180, bmo#1595470, bmo#1598605,
bmo#1601826)
Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
ImportantSUSE bug 1160305SUSE bug 1160498CVE-2019-17015 at SUSECVE-2019-17015 at NVDCVE-2019-17016 at SUSECVE-2019-17016 at NVDCVE-2019-17017 at SUSECVE-2019-17017 at NVDCVE-2019-17021 at SUSECVE-2019-17021 at NVDCVE-2019-17022 at SUSECVE-2019-17022 at NVDCVE-2019-17024 at SUSECVE-2019-17024 at NVDCVE-2019-17026 at SUSECVE-2019-17026 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
Firefox was updated to version 68.5.0 ESR (bsc#1163368).
Security issues fixed:
- CVE-2020-6796: Fixed a missing bounds check on shared memory in the parent process (bsc#1163368).
- CVE-2020-6798: Fixed a JavaScript code injection issue caused by the incorrect parsing of template tags (bsc#1163368).
- CVE-2020-6799: Fixed a local arbitrary code execution issue when handling PDF links from other applications (bsc#1163368).
- CVE-2020-6800: Fixed several memory safety bugs (bsc#1163368).
Non-security issues fixed:
- Fixed various issues opening files with spaces in their path (bmo#1601905, bmo#1602726).
ImportantSUSE bug 1161799SUSE bug 1163368CVE-2020-6796 at SUSECVE-2020-6796 at NVDCVE-2020-6797 at SUSECVE-2020-6797 at NVDCVE-2020-6798 at SUSECVE-2020-6798 at NVDCVE-2020-6799 at SUSECVE-2020-6799 at NVDCVE-2020-6800 at SUSECVE-2020-6800 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
MozillaFirefox was updated to 68.6.0 ESR (MFSA 2020-09 bsc#1132665)
- CVE-2020-6805: Fixed a use-after-free when removing data about origins
- CVE-2020-6806: Fixed improper protections against state confusion
- CVE-2020-6807: Fixed a use-after-free in cubeb during stream destruction
- CVE-2020-6811: Fixed an issue where copy as cURL' feature did not fully
escape website-controlled data potentially leading to command injection
- CVE-2019-20503: Fixed out of bounds reads in sctp_load_addresses_from_init
- CVE-2020-6812: Fixed an issue where the names of AirPods with personally
identifiable information were exposed to websites with camera or microphone
permission
- CVE-2020-6814: Fixed multiple memory safety bugs
- Fixed an issue with minimizing a window (bsc#1132665).
ImportantSUSE bug 1132665CVE-2019-20503 at SUSECVE-2019-20503 at NVDCVE-2020-6805 at SUSECVE-2020-6805 at NVDCVE-2020-6806 at SUSECVE-2020-6806 at NVDCVE-2020-6807 at SUSECVE-2020-6807 at NVDCVE-2020-6811 at SUSECVE-2020-6811 at NVDCVE-2020-6812 at SUSECVE-2020-6812 at NVDCVE-2020-6814 at SUSECVE-2020-6814 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 68.6.1 ESR
MFSA 2020-11 (bsc#1168630)
* CVE-2020-6819 (bmo#1620818)
Use-after-free while running the nsDocShell destructor
* CVE-2020-6820 (bmo#1626728)
Use-after-free when handling a ReadableStream
ImportantSUSE bug 1168630CVE-2020-6819 at SUSECVE-2020-6819 at NVDCVE-2020-6820 at SUSECVE-2020-6820 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox to version 68.7.0 ESR fixes the following issues:
- CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage method (bsc#1168874).
- CVE-2020-6822: Fixed out of bounds write in GMPDecodeData when processing large images (bsc#1168874).
- CVE-2020-6825: Fixed Memory safety bugs (bsc#1168874).
- CVE-2020-6827: Custom Tabs could have the URI spoofed (bsc#1168874).
- CVE-2020-6828: Preference overwrite via crafted Intent (bsc#1168874).
ImportantSUSE bug 1168874CVE-2020-6821 at SUSECVE-2020-6821 at NVDCVE-2020-6822 at SUSECVE-2020-6822 at NVDCVE-2020-6825 at SUSECVE-2020-6825 at NVDCVE-2020-6827 at SUSECVE-2020-6827 at NVDCVE-2020-6828 at SUSECVE-2020-6828 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 68.8.0 ESR
MFSA 2020-17 (bsc#1171186)
* CVE-2020-12387 (bmo#1545345)
Use-after-free during worker shutdown
* CVE-2020-12388 (bmo#1618911)
Sandbox escape with improperly guarded Access Tokens
* CVE-2020-12389 (bmo#1554110)
Sandbox escape with improperly separated process types
* CVE-2020-6831 (bmo#1632241)
Buffer overflow in SCTP chunk input validation
* CVE-2020-12392 (bmo#1614468)
Arbitrary local file access with 'Copy as cURL'
* CVE-2020-12393 (bmo#1615471)
Devtools' 'Copy as cURL' feature did not fully escape
website-controlled data, potentially leading to command
injection
* CVE-2020-12395 (bmo#1595886, bmo#1611482, bmo#1614704,
bmo#1624098, bmo#1625749, bmo#1626382, bmo#1628076,
bmo#1631508)
Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8
- Since firefox-gcc8 now has disabled autoreqprov for firefox-libstdc++6
and firefox-libgcc_s1, those packages don't provide some capabilities,
we have to disable AutoReqProv in MozillaFirefox too so they're not added as
automatic requirements. (bsc#1162828)
ImportantSUSE bug 1162828SUSE bug 1171186CVE-2020-12387 at SUSECVE-2020-12387 at NVDCVE-2020-12388 at SUSECVE-2020-12388 at NVDCVE-2020-12389 at SUSECVE-2020-12389 at NVDCVE-2020-12392 at SUSECVE-2020-12392 at NVDCVE-2020-12393 at SUSECVE-2020-12393 at NVDCVE-2020-12395 at SUSECVE-2020-12395 at NVDCVE-2020-6831 at SUSECVE-2020-6831 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
- MozillaFirefox was updated to version 68.9.0 Extended Support Release (bsc#1172402).
- CVE-2020-12405: Fixed a use-after-free in SharedWorkerService.
- CVE-2020-12406: Fixed a JavaScript Type confusion with NativeTypes.
- CVE-2020-12410: Fixed multiple memory safety bugs.
ImportantSUSE bug 1172402CVE-2020-12405 at SUSECVE-2020-12405 at NVDCVE-2020-12406 at SUSECVE-2020-12406 at NVDCVE-2020-12410 at SUSECVE-2020-12410 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox to version 78.0.1 ESR fixes the following issues:
Security issues fixed:
- CVE-2020-12415: AppCache manifest poisoning due to url encoded character processing (bsc#1173576).
- CVE-2020-12416: Use-after-free in WebRTC VideoBroadcaster (bsc#1173576).
- CVE-2020-12417: Memory corruption due to missing sign-extension for ValueTags on ARM64 (bsc#1173576).
- CVE-2020-12418: Information disclosure due to manipulated URL object (bsc#1173576).
- CVE-2020-12419: Use-after-free in nsGlobalWindowInner (bsc#1173576).
- CVE-2020-12420: Use-After-Free when trying to connect to a STUN server (bsc#1173576).
- CVE-2020-12402: RSA Key Generation vulnerable to side-channel attack (bsc#1173576).
- CVE-2020-12421: Add-On updates did not respect the same certificate trust rules as software updates (bsc#1173576).
- CVE-2020-12422: Integer overflow in nsJPEGEncoder::emptyOutputBuffer (bsc#1173576).
- CVE-2020-12423: DLL Hijacking due to searching %PATH% for a library (bsc#1173576).
- CVE-2020-12424: WebRTC permission prompt could have been bypassed by a compromised content process (bsc#1173576).
- CVE-2020-12425: Out of bound read in Date.parse() (bsc#1173576).
- CVE-2020-12426: Memory safety bugs fixed in Firefox 78 (bsc#1173576).
- FIPS: MozillaFirefox: allow /proc/sys/crypto/fips_enabled (bsc#1167231).
Non-security issues fixed:
- Fixed interaction with freetype6 (bsc#1173613).
ImportantSUSE bug 1166238SUSE bug 1167231SUSE bug 1173576CVE-2020-12402 at SUSECVE-2020-12402 at NVDCVE-2020-12415 at SUSECVE-2020-12415 at NVDCVE-2020-12416 at SUSECVE-2020-12416 at NVDCVE-2020-12417 at SUSECVE-2020-12417 at NVDCVE-2020-12418 at SUSECVE-2020-12418 at NVDCVE-2020-12419 at SUSECVE-2020-12419 at NVDCVE-2020-12420 at SUSECVE-2020-12420 at NVDCVE-2020-12421 at SUSECVE-2020-12421 at NVDCVE-2020-12422 at SUSECVE-2020-12422 at NVDCVE-2020-12423 at SUSECVE-2020-12423 at NVDCVE-2020-12424 at SUSECVE-2020-12424 at NVDCVE-2020-12425 at SUSECVE-2020-12425 at NVDCVE-2020-12426 at SUSECVE-2020-12426 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
- Fix broken translation-loading (boo#1173991)
* allow addon sideloading
* mark signatures for langpacks non-mandatory
* do not autodisable user profile scopes
- Google API key is not usable for geolocation service any more
- Mozilla Firefox 78.1 ESR
* Fixed: Various stability, functionality, and security fixe
(MFSA 2020-32) (bsc#1174538).
* CVE-2020-15652 (bmo#1634872)
Potential leak of redirect targets when loading scripts in a
worker
* CVE-2020-6514 (bmo#1642792)
WebRTC data channel leaks internal address to peer
* CVE-2020-15655 (bmo#1645204)
Extension APIs could be used to bypass Same-Origin Policy
* CVE-2020-15653 (bmo#1521542)
Bypassing iframe sandbox when allowing popups
* CVE-2020-6463 (bmo#1635293)
Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture
* CVE-2020-15656 (bmo#1647293)
Type confusion for special arguments in IonMonkey
* CVE-2020-15658 (bmo#1637745)
Overriding file type when saving to disk
* CVE-2020-15657 (bmo#1644954)
DLL hijacking due to incorrect loading path
* CVE-2020-15654 (bmo#1648333)
Custom cursor can overlay user interface
* CVE-2020-15659 (bmo#1550133, bmo#1633880, bmo#1643613,
bmo#1644839, bmo#1645835, bmo#1646006, bmo#1646787,
bmo#1649347, bmo#1650811, bmo#1651678)
Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1
- Add sle11-icu-generation-python3.patch to fix icu-generation
on big endian platforms
- Mozilla Firefox 78.0.2 ESR
* MFSA 2020-28 (bsc#1173948)
* MFSA-2020-0003 (bmo#1644076)
X-Frame-Options bypass using object or embed tags
* Fixed: Fixed an accessibility regression in reader mode
(bmo#1650922)
* Fixed: Made the address bar more resilient to data corruption
in the user profile (bmo#1649981)
* Fixed: Fixed a regression opening certain external
applications (bmo#1650162)
ModerateSUSE bug 1173948SUSE bug 1173991SUSE bug 1174538CVE-2020-15652 at SUSECVE-2020-15652 at NVDCVE-2020-15653 at SUSECVE-2020-15653 at NVDCVE-2020-15654 at SUSECVE-2020-15654 at NVDCVE-2020-15655 at SUSECVE-2020-15655 at NVDCVE-2020-15656 at SUSECVE-2020-15656 at NVDCVE-2020-15657 at SUSECVE-2020-15657 at NVDCVE-2020-15658 at SUSECVE-2020-15658 at NVDCVE-2020-15659 at SUSECVE-2020-15659 at NVDCVE-2020-6463 at SUSECVE-2020-6463 at NVDCVE-2020-6514 at SUSECVE-2020-6514 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.2.0 ESR
* Fixed: Various stability, functionality, and security fixes
- Mozilla Firefox ESR 78.2
MFSA 2020-38 (bsc#1175686)
* CVE-2020-15663 (bmo#1643199)
Downgrade attack on the Mozilla Maintenance Service could
have resulted in escalation of privilege
* CVE-2020-15664 (bmo#1658214)
Attacker-induced prompt for extension installation
* CVE-2020-15670 (bmo#1651001, bmo#1651449, bmo#1653626,
bmo#1656957)
Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2
- Fixed Firefox tab crash in FIPS mode (bsc#1174284).
ModerateSUSE bug 1174284SUSE bug 1175686CVE-2020-15663 at SUSECVE-2020-15663 at NVDCVE-2020-15664 at SUSECVE-2020-15664 at NVDCVE-2020-15670 at SUSECVE-2020-15670 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
- Firefox was updated to 78.3.0 ESR (bsc#1176756, MFSA 2020-43)
- CVE-2020-15677: Download origin spoofing via redirect
- CVE-2020-15676: Fixed an XSS when pasting attacker-controlled data into a
contenteditable element
- CVE-2020-15678: When recursing through layers while scrolling, an iterator
may have become invalid, resulting in a potential use-after-free scenario
- CVE-2020-15673: Fixed memory safety bugs
- Attempt to fix langpack-parallelization by introducing separate
obj-dirs for each lang (bsc#1173986, bsc#1167976)
- Fixed problems with compiler builtins on SLE-11 (bsc#1175046)
ImportantSUSE bug 1167976SUSE bug 1173986SUSE bug 1175046SUSE bug 1176756CVE-2020-15673 at SUSECVE-2020-15673 at NVDCVE-2020-15676 at SUSECVE-2020-15676 at NVDCVE-2020-15677 at SUSECVE-2020-15677 at NVDCVE-2020-15678 at SUSECVE-2020-15678 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.4.0 ESR
* Fixed: Various stability, functionality, and security fixes MFSA 2020-46 (bsc#1177872)
* CVE-2020-15969 Use-after-free in usersctp
* CVE-2020-15683 Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4
* Fixed: Fixed legacy preferences not being properly applied when set via GPO
ImportantSUSE bug 1177872CVE-2020-15683 at SUSECVE-2020-15683 at NVDCVE-2020-15969 at SUSECVE-2020-15969 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.4.1 ESR
* Fixed: Security fix
MFSA 2020-49 (bsc#1178588)
* CVE-2020-26950 (bmo#1675905)
Write side effects in MCallGetProperty opcode not accounted
for
ImportantSUSE bug 1178588CVE-2020-26950 at SUSECVE-2020-26950 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.5.0 ESR (bsc#1178824)
* CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code
* CVE-2020-16012: Variable time processing of cross-origin images during drawImage calls
* CVE-2020-26953: Fullscreen could be enabled without displaying the security UI
* CVE-2020-26956: XSS through paste (manual and clipboard API)
* CVE-2020-26958: Requests intercepted through ServiceWorkers lacked MIME type restrictions
* CVE-2020-26959: Use-after-free in WebRequestService
* CVE-2020-26960: Potential use-after-free in uses of nsTArray
* CVE-2020-15999: Heap buffer overflow in freetype
* CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses
* CVE-2020-26965: Software keyboards may have remembered typed passwords
* CVE-2020-26966: Single-word search queries were also broadcast to local network
* CVE-2020-26968: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5
ImportantSUSE bug 1178824CVE-2020-15999 at SUSECVE-2020-15999 at NVDCVE-2020-16012 at SUSECVE-2020-16012 at NVDCVE-2020-26951 at SUSECVE-2020-26951 at NVDCVE-2020-26953 at SUSECVE-2020-26953 at NVDCVE-2020-26956 at SUSECVE-2020-26956 at NVDCVE-2020-26958 at SUSECVE-2020-26958 at NVDCVE-2020-26959 at SUSECVE-2020-26959 at NVDCVE-2020-26960 at SUSECVE-2020-26960 at NVDCVE-2020-26961 at SUSECVE-2020-26961 at NVDCVE-2020-26965 at SUSECVE-2020-26965 at NVDCVE-2020-26966 at SUSECVE-2020-26966 at NVDCVE-2020-26968 at SUSECVE-2020-26968 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Critical)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.6.0 ESR
* Fixed: Various stability, functionality, and security fixes
MFSA 2020-55 (bsc#1180039)
* CVE-2020-16042 (bmo#1679003)
Operations on a BigInt could have caused uninitialized memory
to be exposed
* CVE-2020-26971 (bmo#1663466)
Heap buffer overflow in WebGL
* CVE-2020-26973 (bmo#1680084)
CSS Sanitizer performed incorrect sanitization
* CVE-2020-26974 (bmo#1681022)
Incorrect cast of StyleGenericFlexBasis resulted in a heap
use-after-free
* CVE-2020-26978 (bmo#1677047)
Internal network hosts could have been probed by a malicious
webpage
* CVE-2020-35111 (bmo#1657916)
The proxy.onRequest API did not catch view-source URLs
* CVE-2020-35112 (bmo#1661365)
Opening an extension-less download may have inadvertently
launched an executable instead
* CVE-2020-35113 (bmo#1664831, bmo#1673589)
Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6
CriticalSUSE bug 1180039CVE-2020-16042 at SUSECVE-2020-16042 at NVDCVE-2020-26971 at SUSECVE-2020-26971 at NVDCVE-2020-26973 at SUSECVE-2020-26973 at NVDCVE-2020-26974 at SUSECVE-2020-26974 at NVDCVE-2020-26978 at SUSECVE-2020-26978 at NVDCVE-2020-35111 at SUSECVE-2020-35111 at NVDCVE-2020-35112 at SUSECVE-2020-35112 at NVDCVE-2020-35113 at SUSECVE-2020-35113 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.6.1 ESR
* Fixed: Critical security issue MFSA 2021-01 (bsc#1180623)
* CVE-2020-16044
Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
ImportantSUSE bug 1180623CVE-2020-16044 at SUSECVE-2020-16044 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.7.0 ESR (MFSA 2021-04, bsc#1181414)
* CVE-2021-23953: Fixed a Cross-origin information leakage via redirected PDF requests
* CVE-2021-23954: Fixed a type confusion when using logical assignment operators in JavaScript switch statements
* CVE-2020-26976: Fixed an issue where HTTPS pages could have been intercepted by a registered service worker when they should not have been
* CVE-2021-23960: Fixed a use-after-poison for incorrectly redeclared JavaScript variables during GC
* CVE-2021-23964: Fixed Memory safety bugs
ImportantSUSE bug 1181414CVE-2020-26976 at SUSECVE-2020-26976 at NVDCVE-2021-23953 at SUSECVE-2021-23953 at NVDCVE-2021-23954 at SUSECVE-2021-23954 at NVDCVE-2021-23960 at SUSECVE-2021-23960 at NVDCVE-2021-23964 at SUSECVE-2021-23964 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.8.0 ESR
* Fixed: Various stability, functionality, and security fixes
MFSA 2021-08 (bsc#1182614)
* CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect
* CVE-2021-23968: Content Security Policy violation report could have contained the destination of a redirect
* CVE-2021-23973: MediaError message property could have leaked information about cross-origin resources
* CVE-2021-23978: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8
ImportantSUSE bug 1182357SUSE bug 1182614CVE-2021-23968 at SUSECVE-2021-23968 at NVDCVE-2021-23969 at SUSECVE-2021-23969 at NVDCVE-2021-23973 at SUSECVE-2021-23973 at NVDCVE-2021-23978 at SUSECVE-2021-23978 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
- Firefox was updated to 78.9.0 ESR (MFSA 2021-11, bsc#1183942)
* CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an out-of-bound read
* CVE-2021-23982: Internal network hosts could have been probed by a malicious webpage
* CVE-2021-23984: Malicious extensions could have spoofed popup information
* CVE-2021-23987: Memory safety bugs
ImportantSUSE bug 1183942CVE-2021-23981 at SUSECVE-2021-23981 at NVDCVE-2021-23982 at SUSECVE-2021-23982 at NVDCVE-2021-23984 at SUSECVE-2021-23984 at NVDCVE-2021-23987 at SUSECVE-2021-23987 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
- Firefox was updated to 78.10.0 ESR (bsc#1184960)
* CVE-2021-23994: Out of bound write due to lazy initialization
* CVE-2021-23995: Use-after-free in Responsive Design Mode
* CVE-2021-23998: Secure Lock icon could have been spoofed
* CVE-2021-23961: More internal network hosts could have been probed by a malicious webpage
* CVE-2021-23999: Blob URLs may have been granted additional privileges
* CVE-2021-24002: Arbitrary FTP command execution on FTP servers using an encoded URL
* CVE-2021-29945: Incorrect size computation in WebAssembly JIT could lead to null-reads
* CVE-2021-29946: Port blocking could be bypassed
ImportantSUSE bug 1184960CVE-2021-23961 at SUSECVE-2021-23961 at NVDCVE-2021-23994 at SUSECVE-2021-23994 at NVDCVE-2021-23995 at SUSECVE-2021-23995 at NVDCVE-2021-23998 at SUSECVE-2021-23998 at NVDCVE-2021-23999 at SUSECVE-2021-23999 at NVDCVE-2021-24002 at SUSECVE-2021-24002 at NVDCVE-2021-29945 at SUSECVE-2021-29945 at NVDCVE-2021-29946 at SUSECVE-2021-29946 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 78.11.0 ESR (bsc#1186696)
* CVE-2021-29964: Out of bounds-read when parsing a `WM_COPYDATA` message
* CVE-2021-29967: Memory safety bugs fixed in Firefox
ModerateSUSE bug 1185633SUSE bug 1186696CVE-2021-29951 at SUSECVE-2021-29951 at NVDCVE-2021-29964 at SUSECVE-2021-29964 at NVDCVE-2021-29967 at SUSECVE-2021-29967 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 78.12.0 ESR
* Fixed: Various stability, functionality, and security fixes
MFSA 2021-29 (bsc#1188275)
* CVE-2021-29970: Use-after-free in accessibility features of a document
* CVE-2021-30547: Out of bounds write in ANGLE
* CVE-2021-29976: Memory safety bugs fixed in Firefox 90 and Firefox ESR 78.12
ImportantSUSE bug 1188275CVE-2021-29970 at SUSECVE-2021-29970 at NVDCVE-2021-29976 at SUSECVE-2021-29976 at NVDCVE-2021-30547 at SUSECVE-2021-30547 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 78.13.0 ESR (MFSA 2021-34, bsc#1188891):
- CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption
- CVE-2021-29988: Memory corruption as a result of incorrect style treatment
- CVE-2021-29984: Incorrect instruction reordering during JIT optimization
- CVE-2021-29980: Uninitialized memory in a canvas object could have led to memory corruption
- CVE-2021-29985: Use-after-free media channels
- CVE-2021-29989: Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13
ImportantSUSE bug 1188891CVE-2021-29980 at SUSECVE-2021-29980 at NVDCVE-2021-29984 at SUSECVE-2021-29984 at NVDCVE-2021-29985 at SUSECVE-2021-29985 at NVDCVE-2021-29986 at SUSECVE-2021-29986 at NVDCVE-2021-29988 at SUSECVE-2021-29988 at NVDCVE-2021-29989 at SUSECVE-2021-29989 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
This update contains the Firefox Extended Support Release 91.1.0 ESR.
* Fixed: Various stability, functionality, and security fixes
MFSA 2021-40 (bsc#1190269, bsc#1190274):
* CVE-2021-38492: Navigating to `mk:` URL scheme could load Internet Explorer
* CVE-2021-38495: Memory safety bugs fixed in Firefox 92 and Firefox ESR 91.1
Firefox 91.0.1esr ESR
* Fixed: Fixed an issue causing buttons on the tab bar to be
resized when loading certain websites (bug 1704404)
* Fixed: Fixed an issue which caused tabs from private windows
to be visible in non-private windows when viewing switch-to-
tab results in the address bar panel (bug 1720369)
* Fixed: Various stability fixes
* Fixed: Security fix MFSA 2021-37 (bsc#1189547)
* CVE-2021-29991 (bmo#1724896)
Header Splitting possible with HTTP/3 Responses
Firefox Extended Support Release 91.0 ESR
* New: Some of the highlights of the new Extended Support Release are:
- A number of user interface changes. For more information,
see the Firefox 89 release notes.
- Firefox now supports logging into Microsoft, work, and
school accounts using Windows single sign-on. Learn more
- On Windows, updates can now be applied in the background
while Firefox is not running.
- Firefox for Windows now offers a new page about:third-party
to help identify compatibility issues caused by third-party
applications
- Version 2 of Firefox's SmartBlock feature further improves
private browsing. Third party Facebook scripts are blocked to
prevent you from being tracked, but are now automatically
loaded 'just in time' if you decide to 'Log in with Facebook'
on any website.
- Enhanced the privacy of the Firefox Browser's Private
Browsing mode with Total Cookie Protection, which confines
cookies to the site where they were created, preventing
companis from using cookies to track your browsing across
sites. This feature was originally launched in Firefox's ETP
Strict mode.
- PDF forms now support JavaScript embedded in PDF files.
Some PDF forms use JavaScript for validation and other
interactive features.
- You'll encounter less website breakage in Private Browsing
and Strict Enhanced Tracking Protection with SmartBlock,
which provides stand-in scripts so that websites load
properly.
- Improved Print functionality with a cleaner design and
better integration with your computer's printer settings.
- Firefox now protects you from supercookies, a type of
tracker that can stay hidden in your browser and track you
online, even after you clear cookies. By isolating
supercookies, Firefox prevents them from tracking your web
browsing from one site to the next.
- Firefox now remembers your preferred location for saved
bookmarks, displays the bookmarks toolbar by default on new
tabs, and gives you easy access to all of your bookmarks via
a toolbar folder.
- Native support for macOS devices built with Apple Silicon
CPUs brings dramatic performance improvements over the non-
native build that was shipped in Firefox 83: Firefox launches
over 2.5 times faster and web apps are now twice as
responsive (per the SpeedoMeter 2.0 test). If you are on a
new Apple device, follow these steps to upgrade to the latest
Firefox.
- Pinch zooming will now be supported for our users with
Windows touchscreen devices and touchpads on Mac devices.
Firefox users may now use pinch to zoom on touch-capable
devices to zoom in and out of webpages.
- We’ve improved functionality and design for a number of
Firefox search features:
* Selecting a search engine at the bottom of the search
panel now enters search mode for that engine, allowing you to
see suggestions (if available) for your search terms. The old
behavior (immediately performing a search) is available with
a shift-click.
* When Firefox autocompletes the URL of one of your search
engines, you can now search with that engine directly in the
address bar by selecting the shortcut in the address bar
results.
* We’ve added buttons at the bottom of the search panel to
allow you to search your bookmarks, open tabs, and history.
- Firefox supports AcroForm, which will allow you to fill in,
print, and save supported PDF forms and the PDF viewer also
has a new fresh look.
- For our users in the US and Canada, Firefox can now save,
manage, and auto-fill credit card information for you, making
shopping on Firefox ever more convenient.
- In addition to our default, dark and light themes, with
this release, Firefox introduces the Alpenglow theme: a
colorful appearance for buttons, menus, and windows. You can
update your Firefox themes under settings or preferences.
* Changed: Firefox no longer supports Adobe Flash. There is no
setting available to re-enable Flash support.
* Enterprise: Various bug fixes and new policies have been
implemented in the latest version of Firefox. See more
details in the Firefox for Enterprise 91 Release Notes.
MFSA 2021-33 (bsc#1188891):
* CVE-2021-29986: Race condition when resolving DNS names could have led to
memory corruption
* CVE-2021-29981: Live range splitting could have led to conflicting
assignments in the JIT
* CVE-2021-29988: Memory corruption as a result of incorrect style treatment
* CVE-2021-29983: Firefox for Android could get stuck in fullscreen mode
* CVE-2021-29984: Incorrect instruction reordering during JIT optimization
* CVE-2021-29980: Uninitialized memory in a canvas object could have led to
memory corruption
* CVE-2021-29987: Users could have been tricked into accepting unwanted
permissions on Linux
* CVE-2021-29985: Use-after-free media channels
* CVE-2021-29982: Single bit data leak due to incorrect JIT optimization and
type confusion
* CVE-2021-29989: Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13
* CVE-2021-29990: Memory safety bugs fixed in Firefox 91
ImportantSUSE bug 1188891SUSE bug 1189547SUSE bug 1190269SUSE bug 1190274CVE-2021-29980 at SUSECVE-2021-29980 at NVDCVE-2021-29981 at SUSECVE-2021-29981 at NVDCVE-2021-29982 at SUSECVE-2021-29982 at NVDCVE-2021-29983 at SUSECVE-2021-29983 at NVDCVE-2021-29984 at SUSECVE-2021-29984 at NVDCVE-2021-29985 at SUSECVE-2021-29985 at NVDCVE-2021-29986 at SUSECVE-2021-29986 at NVDCVE-2021-29987 at SUSECVE-2021-29987 at NVDCVE-2021-29988 at SUSECVE-2021-29988 at NVDCVE-2021-29989 at SUSECVE-2021-29989 at NVDCVE-2021-29990 at SUSECVE-2021-29990 at NVDCVE-2021-29991 at SUSECVE-2021-29991 at NVDCVE-2021-38492 at SUSECVE-2021-38492 at NVDCVE-2021-38495 at SUSECVE-2021-38495 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
Update to Extended Support Release 91.4.0 (bsc#1193485):
- CVE-2021-43536: URL leakage when navigating while executing asynchronous function
- CVE-2021-43537: Heap buffer overflow when using structured clone
- CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both
- CVE-2021-43539: GC rooting failure when calling wasm instance methods
- CVE-2021-43541: External protocol handler parameters were unescaped
- CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler
- CVE-2021-43543: Bypass of CSP sandbox directive when embedding
- CVE-2021-43545: Denial of Service when using the Location API in a loop
- CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed
- Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4
- Removed x-scheme-handler/ftp from MozillaFirefox.desktop (bsc#1193321)
ImportantSUSE bug 1193321SUSE bug 1193485CVE-2021-43536 at SUSECVE-2021-43536 at NVDCVE-2021-43537 at SUSECVE-2021-43537 at NVDCVE-2021-43538 at SUSECVE-2021-43538 at NVDCVE-2021-43539 at SUSECVE-2021-43539 at NVDCVE-2021-43541 at SUSECVE-2021-43541 at NVDCVE-2021-43542 at SUSECVE-2021-43542 at NVDCVE-2021-43543 at SUSECVE-2021-43543 at NVDCVE-2021-43545 at SUSECVE-2021-43545 at NVDCVE-2021-43546 at SUSECVE-2021-43546 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
- CVE-2021-4140: Fixed iframe sandbox bypass with XSLT (bsc#1194547).
- CVE-2022-22737: Fixed race condition when playing audio files (bsc#1194547).
- CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur (bsc#1194547).
- CVE-2022-22739: Fixed missing throttling on external protocol launch dialog (bsc#1194547).
- CVE-2022-22740: Fixed use-after-free of ChannelEventQueue::mOwner (bsc#1194547).
- CVE-2022-22741: Fixed browser window spoof using fullscreen mode (bsc#1194547).
- CVE-2022-22742: Fixed out-of-bounds memory access when inserting text in edit mode (bsc#1194547).
- CVE-2022-22743: Fixed browser window spoof using fullscreen mode (bsc#1194547).
- CVE-2022-22744: Fixed possible command injection via the 'Copy as curl' feature in DevTools (bsc#1194547).
- CVE-2022-22745: Fixed leaking cross-origin URLs through securitypolicyviolation event (bsc#1194547).
- CVE-2022-22746: Fixed calling into reportValidity could have lead to fullscreen window spoof (bsc#1194547).
- CVE-2022-22747: Fixed crash when handling empty pkcs7 sequence(bsc#1194547).
- CVE-2022-22748: Fixed spoofed origin on external protocol launch dialog (bsc#1194547).
- CVE-2022-22751: Fixed memory safety bugs (bsc#1194547).
ImportantSUSE bug 1194547CVE-2021-4140 at SUSECVE-2021-4140 at NVDCVE-2022-22737 at SUSECVE-2022-22737 at NVDCVE-2022-22738 at SUSECVE-2022-22738 at NVDCVE-2022-22739 at SUSECVE-2022-22739 at NVDCVE-2022-22740 at SUSECVE-2022-22740 at NVDCVE-2022-22741 at SUSECVE-2022-22741 at NVDCVE-2022-22742 at SUSECVE-2022-22742 at NVDCVE-2022-22743 at SUSECVE-2022-22743 at NVDCVE-2022-22744 at SUSECVE-2022-22744 at NVDCVE-2022-22745 at SUSECVE-2022-22745 at NVDCVE-2022-22746 at SUSECVE-2022-22746 at NVDCVE-2022-22747 at SUSECVE-2022-22747 at NVDCVE-2022-22748 at SUSECVE-2022-22748 at NVDCVE-2022-22751 at SUSECVE-2022-22751 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.6.0 ESR / MFSA 2022-05 (bsc#1195682)
- CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance Service
- CVE-2022-22754: Extensions could have bypassed permission confirmation during update
- CVE-2022-22756: Drag and dropping an image could have resulted in the dropped object being an executable
- CVE-2022-22759: Sandboxed iframes could have executed script if the parent appended elements
- CVE-2022-22760: Cross-Origin responses could be distinguished between script and non-script content-types
- CVE-2022-22761: frame-ancestors Content Security Policy directive was not enforced for framed extension pages
- CVE-2022-22763: Script Execution during invalid object state
- CVE-2022-22764: Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6
Firefox Extended Support Release 91.5.1 ESR (bsc#1195230)
- Fixed an issue that allowed unexpected data to be submitted in some of our search telemetry
ImportantSUSE bug 1195230SUSE bug 1195682CVE-2022-22753 at SUSECVE-2022-22753 at NVDCVE-2022-22754 at SUSECVE-2022-22754 at NVDCVE-2022-22756 at SUSECVE-2022-22756 at NVDCVE-2022-22759 at SUSECVE-2022-22759 at NVDCVE-2022-22760 at SUSECVE-2022-22760 at NVDCVE-2022-22761 at SUSECVE-2022-22761 at NVDCVE-2022-22763 at SUSECVE-2022-22763 at NVDCVE-2022-22764 at SUSECVE-2022-22764 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.7.0 ESR (bsc#1196900):
- CVE-2022-26383: Browser window spoof using fullscreen mode
- CVE-2022-26384: iframe allow-scripts sandbox bypass
- CVE-2022-26387: Time-of-check time-of-use bug when verifying add-on signatures
- CVE-2022-26381: Use-after-free in text reflows
- CVE-2022-26386: Temporary files downloaded to /tmp and accessible by other local users
Firefox Extended Support Release 91.6.1 ESR (bsc#1196809):
- CVE-2022-26485: Use-after-free in XSLT parameter processing
- CVE-2022-26486: Use-after-free in WebGPU IPC Framework
ImportantSUSE bug 1196809SUSE bug 1196900CVE-2022-26381 at SUSECVE-2022-26381 at NVDCVE-2022-26383 at SUSECVE-2022-26383 at NVDCVE-2022-26384 at SUSECVE-2022-26384 at NVDCVE-2022-26386 at SUSECVE-2022-26386 at NVDCVE-2022-26387 at SUSECVE-2022-26387 at NVDCVE-2022-26485 at SUSECVE-2022-26485 at NVDCVE-2022-26486 at SUSECVE-2022-26486 at NVDcpe:/o:suse:suse_sles:11:sp4Recommended update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.8.0 ESR (bsc#1197903):
MFSA 2022-14 (bsc#1197903)
* CVE-2022-1097: Fixed memory safety violations that could occur when PKCS#11 tokens are removed while in use
* CVE-2022-28281: Fixed an out of bounds write due to unexpected WebAuthN Extensions
* CVE-2022-1196: Fixed a use-after-free after VR Process destruction
* CVE-2022-28282: Fixed a use-after-free in DocumentL10n::TranslateDocument
* CVE-2022-28285: Fixed incorrect AliasSet used in JIT Codegen
* CVE-2022-28286: Fixed that iframe contents could be rendered outside the border
* CVE-2022-24713: Fixed a denial of service via complex regular expressions
* CVE-2022-28289: Memory safety bugs fixed in Firefox 99 and Firefox ESR 91.8
ImportantSUSE bug 1197903CVE-2022-1097 at SUSECVE-2022-1097 at NVDCVE-2022-1196 at SUSECVE-2022-1196 at NVDCVE-2022-24713 at SUSECVE-2022-24713 at NVDCVE-2022-28281 at SUSECVE-2022-28281 at NVDCVE-2022-28282 at SUSECVE-2022-28282 at NVDCVE-2022-28285 at SUSECVE-2022-28285 at NVDCVE-2022-28286 at SUSECVE-2022-28286 at NVDCVE-2022-28289 at SUSECVE-2022-28289 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
MozillaFirefox, mozilla-nspr and mozilla-nss were updated to fix 17 security issues.
For more details please check the changelogs.
These security issues were fixed:
- CVE-2015-2724/CVE-2015-2725/CVE-2015-2726: Miscellaneous memory safety hazards (bsc#935979).
- CVE-2015-2728: Type confusion in Indexed Database Manager (bsc#935979).
- CVE-2015-2730: ECDSA signature validation fails to handle some signatures correctly (bsc#935979).
- CVE-2015-2722/CVE-2015-2733: Use-after-free in workers while using XMLHttpRequest (bsc#935979).
- CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737/CVE-2015-2738/CVE-2015-2739/CVE-2015-2740: Vulnerabilities found through code inspection (bsc#935979).
- CVE-2015-2743: Privilege escalation in PDF.js (bsc#935979).
- CVE-2015-4000: NSS accepts export-length DHE keys with regular DHE cipher suites (bsc#935033).
- CVE-2015-2721: NSS incorrectly permits skipping of ServerKeyExchange (bsc#935979).
This non-security issue was fixed:
- bsc#908275: Firefox did not print in landscape orientation.
ImportantSUSE bug 908275SUSE bug 935033SUSE bug 935979CVE-2015-2721 at SUSECVE-2015-2721 at NVDCVE-2015-2722 at SUSECVE-2015-2722 at NVDCVE-2015-2724 at SUSECVE-2015-2724 at NVDCVE-2015-2725 at SUSECVE-2015-2725 at NVDCVE-2015-2726 at SUSECVE-2015-2726 at NVDCVE-2015-2728 at SUSECVE-2015-2728 at NVDCVE-2015-2730 at SUSECVE-2015-2730 at NVDCVE-2015-2733 at SUSECVE-2015-2733 at NVDCVE-2015-2734 at SUSECVE-2015-2734 at NVDCVE-2015-2735 at SUSECVE-2015-2735 at NVDCVE-2015-2736 at SUSECVE-2015-2736 at NVDCVE-2015-2737 at SUSECVE-2015-2737 at NVDCVE-2015-2738 at SUSECVE-2015-2738 at NVDCVE-2015-2739 at SUSECVE-2015-2739 at NVDCVE-2015-2740 at SUSECVE-2015-2740 at NVDCVE-2015-2743 at SUSECVE-2015-2743 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues:
Mozilla Firefox was updated to 38.7.0 ESR (bsc#969894)
* MFSA 2016-16/CVE-2016-1952/CVE-2016-1953
Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)
* MFSA 2016-17/CVE-2016-1954
Local file overwriting and potential privilege escalation
through CSP reports
* MFSA 2016-20/CVE-2016-1957
A memory leak in libstagefright when deleting an array during
MP4 processing was fixed.
* MFSA 2016-21/CVE-2016-1958
The displayed page address can be overridden
* MFSA 2016-23/CVE-2016-1960
A use-after-free in HTML5 string parser was fixed.
* MFSA 2016-24/CVE-2016-1961
A use-after-free in SetBody was fixed.
* MFSA 2016-25/CVE-2016-1962
A use-after-free when using multiple WebRTC data channels was fixed.
* MFSA 2016-27/CVE-2016-1964
A use-after-free during XML transformations was fixed.
* MFSA 2016-28/CVE-2016-1965
Addressbar spoofing though history navigation and Location
protocol property was fixed.
* MFSA 2016-31/CVE-2016-1966
Memory corruption with malicious NPAPI plugin was fixed.
* MFSA 2016-34/CVE-2016-1974
A out-of-bounds read in the HTML parser following a failed
allocation was fixed.
* MFSA 2016-35/CVE-2016-1950
A buffer overflow during ASN.1 decoding in NSS was fixed.
* MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/
CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/
CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/
CVE-2016-2800/CVE-2016-2801/CVE-2016-2802
Various font vulnerabilities were fixed in the embedded Graphite 2 library
Mozilla NSS was updated to fix:
* MFSA 2016-15/CVE-2016-1978
Use-after-free in NSS during SSL connections in low memory
* MFSA 2016-35/CVE-2016-1950
Buffer overflow during ASN.1 decoding in NSS
* MFSA 2016-36/CVE-2016-1979
Use-after-free during processing of DER encoded keys in NSS
Mozilla NSPR was updated to version 4.12 (bsc#969894)
* added a PR_GetEnvSecure function, which attempts to detect if
the program is being executed with elevated privileges, and
returns NULL if detected. It is recommended to use this function
in general purpose library code.
* fixed a memory allocation bug related to the PR_*printf functions
* exported API PR_DuplicateEnvironment, which had already been
added in NSPR 4.10.9
* added support for FreeBSD aarch64
* several minor correctness and compatibility fixes
* Enable atomic instructions on mips (bmo#1129878)
* Fix mips assertion failure when creating thread with custom
stack size (bmo#1129968)
ImportantSUSE bug 969894CVE-2016-1950 at SUSECVE-2016-1950 at NVDCVE-2016-1952 at SUSECVE-2016-1952 at NVDCVE-2016-1953 at SUSECVE-2016-1953 at NVDCVE-2016-1954 at SUSECVE-2016-1954 at NVDCVE-2016-1957 at SUSECVE-2016-1957 at NVDCVE-2016-1958 at SUSECVE-2016-1958 at NVDCVE-2016-1960 at SUSECVE-2016-1960 at NVDCVE-2016-1961 at SUSECVE-2016-1961 at NVDCVE-2016-1962 at SUSECVE-2016-1962 at NVDCVE-2016-1964 at SUSECVE-2016-1964 at NVDCVE-2016-1965 at SUSECVE-2016-1965 at NVDCVE-2016-1966 at SUSECVE-2016-1966 at NVDCVE-2016-1974 at SUSECVE-2016-1974 at NVDCVE-2016-1977 at SUSECVE-2016-1977 at NVDCVE-2016-1978 at SUSECVE-2016-1978 at NVDCVE-2016-1979 at SUSECVE-2016-1979 at NVDCVE-2016-2790 at SUSECVE-2016-2790 at NVDCVE-2016-2791 at SUSECVE-2016-2791 at NVDCVE-2016-2792 at SUSECVE-2016-2792 at NVDCVE-2016-2793 at SUSECVE-2016-2793 at NVDCVE-2016-2794 at SUSECVE-2016-2794 at NVDCVE-2016-2795 at SUSECVE-2016-2795 at NVDCVE-2016-2796 at SUSECVE-2016-2796 at NVDCVE-2016-2797 at SUSECVE-2016-2797 at NVDCVE-2016-2798 at SUSECVE-2016-2798 at NVDCVE-2016-2799 at SUSECVE-2016-2799 at NVDCVE-2016-2800 at SUSECVE-2016-2800 at NVDCVE-2016-2801 at SUSECVE-2016-2801 at NVDCVE-2016-2802 at SUSECVE-2016-2802 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox, rust-cbindgen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox, rust-cbindgen fixes the following issues:
MozillaFirefox was updated to Extended Support Release 91.2.0 ESR
* Fixed: Various stability, functionality, and security fixes
MFSA 2021-45 (bsc#1191332)
* CVE-2021-38496: Use-after-free in MessageTask
* CVE-2021-38497: Validation message could have been overlaid on another origin
* CVE-2021-38498: Use-after-free of nsLanguageAtomService object
* CVE-2021-32810: Data race in crossbeam-deque
* CVE-2021-38500: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2
* CVE-2021-38501: Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2
- Fixed crash in FIPS mode (bsc#1190710)
Firefox Extended Support Release 91.1.0 ESR
* Fixed: Various stability, functionality, and security fixes
MFSA 2021-40 (bsc#1190269, bsc#1190274)
* CVE-2021-38492: Navigating to `mk:` URL scheme could load Internet Explorer
* CVE-2021-38495: Memory safety bugs fixed in Firefox 92 and Firefox ESR 91.1
Firefox 91.0.1esr ESR
* Fixed: Fixed an issue causing buttons on the tab bar to be
resized when loading certain websites (bug 1704404)
(bmo#1704404)
* Fixed: Fixed an issue which caused tabs from private windows
to be visible in non-private windows when viewing switch-to-
tab results in the address bar panel (bug 1720369)
(bmo#1720369)
* Fixed: Various stability fixes
* Fixed: Security fix
MFSA 2021-37 (bsc#1189547)
* CVE-2021-29991 (bmo#1724896)
Header Splitting possible with HTTP/3 Responses
Firefox Extended Support Release 91.0 ESR
* New: Some of the highlights of the new Extended Support
Release are:
- A number of user interface changes. For more information,
see the Firefox 89 release notes.
- Firefox now supports logging into Microsoft, work, and
school accounts using Windows single sign-on. Learn more
- On Windows, updates can now be applied in the background
while Firefox is not running.
- Firefox for Windows now offers a new page about:third-party
to help identify compatibility issues caused by third-party
applications
- Version 2 of Firefox's SmartBlock feature further improves
private browsing. Third party Facebook scripts are blocked to
prevent you from being tracked, but are now automatically
loaded 'just in time' if you decide to 'Log in with Facebook'
on any website.
- Enhanced the privacy of the Firefox Browser's Private
Browsing mode with Total Cookie Protection, which confines
cookies to the site where they were created, preventing
companis from using cookies to track your browsing across
sites. This feature was originally launched in Firefox's ETP
Strict mode.
- PDF forms now support JavaScript embedded in PDF files.
Some PDF forms use JavaScript for validation and other
interactive features.
- You'll encounter less website breakage in Private Browsing
and Strict Enhanced Tracking Protection with SmartBlock,
which provides stand-in scripts so that websites load
properly.
- Improved Print functionality with a cleaner design and
better integration with your computer's printer settings.
- Firefox now protects you from supercookies, a type of
tracker that can stay hidden in your browser and track you
online, even after you clear cookies. By isolating
supercookies, Firefox prevents them from tracking your web
browsing from one site to the next.
- Firefox now remembers your preferred location for saved
bookmarks, displays the bookmarks toolbar by default on new
tabs, and gives you easy access to all of your bookmarks via
a toolbar folder.
- Native support for macOS devices built with Apple Silicon
CPUs brings dramatic performance improvements over the non-
native build that was shipped in Firefox 83: Firefox launches
over 2.5 times faster and web apps are now twice as
responsive (per the SpeedoMeter 2.0 test). If you are on a
new Apple device, follow these steps to upgrade to the latest
Firefox.
- Pinch zooming will now be supported for our users with
Windows touchscreen devices and touchpads on Mac devices.
Firefox users may now use pinch to zoom on touch-capable
devices to zoom in and out of webpages.
- We’ve improved functionality and design for a number of
Firefox search features:
* Selecting a search engine at the bottom of the search
panel now enters search mode for that engine, allowing you to
see suggestions (if available) for your search terms. The old
behavior (immediately performing a search) is available with
a shift-click.
* When Firefox autocompletes the URL of one of your search
engines, you can now search with that engine directly in the
address bar by selecting the shortcut in the address bar
results.
* We’ve added buttons at the bottom of the search panel to
allow you to search your bookmarks, open tabs, and history.
- Firefox supports AcroForm, which will allow you to fill in,
print, and save supported PDF forms and the PDF viewer also
has a new fresh look.
- For our users in the US and Canada, Firefox can now save,
manage, and auto-fill credit card information for you, making
shopping on Firefox ever more convenient.
- In addition to our default, dark and light themes, with
this release, Firefox introduces the Alpenglow theme: a
colorful appearance for buttons, menus, and windows. You can
update your Firefox themes under settings or preferences.
* Changed: Firefox no longer supports Adobe Flash. There is no
setting available to re-enable Flash support.
* Enterprise: Various bug fixes and new policies have been
implemented in the latest version of Firefox. See more
details in the Firefox for Enterprise 91 Release Notes.
MFSA 2021-33 (bsc#1188891)
* CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption
* CVE-2021-29981: Live range splitting could have led to conflicting assignments in the JIT
* CVE-2021-29988: Memory corruption as a result of incorrect style treatment
* CVE-2021-29983: Firefox for Android could get stuck in fullscreen mode
* CVE-2021-29984: Incorrect instruction reordering during JIT optimization
* CVE-2021-29980: Uninitialized memory in a canvas object could have led to memory corruption
* CVE-2021-29987: Users could have been tricked into accepting unwanted permissions on Linux
* CVE-2021-29985: Use-after-free media channels
* CVE-2021-29982: Single bit data leak due to incorrect JIT optimization and type confusion
* CVE-2021-29989: Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13
* CVE-2021-29990: Memory safety bugs fixed in Firefox 91
rust-cbindgen was updated to 0.19.0.
ImportantSUSE bug 1188891SUSE bug 1189547SUSE bug 1190269SUSE bug 1190274SUSE bug 1190710SUSE bug 1191332CVE-2021-29980 at SUSECVE-2021-29980 at NVDCVE-2021-29981 at SUSECVE-2021-29981 at NVDCVE-2021-29982 at SUSECVE-2021-29982 at NVDCVE-2021-29983 at SUSECVE-2021-29983 at NVDCVE-2021-29984 at SUSECVE-2021-29984 at NVDCVE-2021-29985 at SUSECVE-2021-29985 at NVDCVE-2021-29986 at SUSECVE-2021-29986 at NVDCVE-2021-29987 at SUSECVE-2021-29987 at NVDCVE-2021-29988 at SUSECVE-2021-29988 at NVDCVE-2021-29989 at SUSECVE-2021-29989 at NVDCVE-2021-29990 at SUSECVE-2021-29990 at NVDCVE-2021-29991 at SUSECVE-2021-29991 at NVDCVE-2021-32810 at SUSECVE-2021-32810 at NVDCVE-2021-38492 at SUSECVE-2021-38492 at NVDCVE-2021-38495 at SUSECVE-2021-38495 at NVDCVE-2021-38496 at SUSECVE-2021-38496 at NVDCVE-2021-38497 at SUSECVE-2021-38497 at NVDCVE-2021-38498 at SUSECVE-2021-38498 at NVDCVE-2021-38500 at SUSECVE-2021-38500 at NVDCVE-2021-38501 at SUSECVE-2021-38501 at NVDcpe:/o:suse:suse_sles:11:sp4Recommended update for NetworkManager-kde4 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This NetworkManager-kde4 update fixes the following security and non security issues:
- Fixed a long standing security issue. This makes knetworkmanager probe the RADIUS server for a CA certificate subject and hash if no CA certificate is specified. knetworkmanager then stores this data and send it to NetworkManager for it to do a network validation in the absence of a real certificate (bsc#726349)
- Disabled the loading by default of the NetworkManager plasma applet since it doesn't work.
- Fixed a crash due to the use of an uninitialized variable in the plasma applet in case someone runs it manually (bsc#663413)
ModerateSUSE bug 663413SUSE bug 726349cpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for OpenEXR (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for OpenEXR fixes the following issues:
* CVE-2017-9110: In OpenEXR, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash. (bsc#1040107)
* CVE-2017-9114: In OpenEXR, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash. (bsc#1040114)
* CVE-2017-12596: In OpenEXR, a crafted image causes a heap-based buffer over-read in the hufDecode function in IlmImf/ImfHuf.cpp during exrmaketiled execution; it could have resulted in denial of service or possibly unspecified other impact. (bsc#1052522)
ModerateSUSE bug 1040107SUSE bug 1040114SUSE bug 1052522CVE-2017-12596 at SUSECVE-2017-12596 at NVDCVE-2017-9110 at SUSECVE-2017-9110 at NVDCVE-2017-9114 at SUSECVE-2017-9114 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for OpenEXR (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for OpenEXR fixes the following issues:
- Fixed CVE-2021-3479 [bsc#1184354]: Out-of-memory caused by allocation of a very large buffer
- Fixed CVE-2021-3605 [bsc#1187395]: Heap buffer overflow in the rleUncompress function
ImportantSUSE bug 1184354SUSE bug 1187395CVE-2021-3479 at SUSECVE-2021-3479 at NVDCVE-2021-3605 at SUSECVE-2021-3605 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for OpenEXR (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for OpenEXR fixes the following issues:
- CVE-2021-20298: Fixed out-of-memory in B44Compressor (bsc#1188460).
- CVE-2021-20300: Fixed integer-overflow in Imf_2_5:hufUncompress (bsc#1188458).
- CVE-2021-20303: Fixed heap-buffer-overflow in Imf_2_5::copyIntoFrameBuffe (bsc#1188457).
- CVE-2021-20304: Fixed undefined-shift in Imf_2_5:hufDecode (bsc#1188461).
- CVE-2021-3941: Fixed divide-by-zero in Imf_3_1:RGBtoXYZ (bsc#1192556).
ModerateSUSE bug 1188457SUSE bug 1188458SUSE bug 1188460SUSE bug 1188461SUSE bug 1192556CVE-2021-20298 at SUSECVE-2021-20298 at NVDCVE-2021-20300 at SUSECVE-2021-20300 at NVDCVE-2021-20303 at SUSECVE-2021-20303 at NVDCVE-2021-20304 at SUSECVE-2021-20304 at NVDCVE-2021-3941 at SUSECVE-2021-3941 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for SDL (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for SDL fixes the following issues:
Security issues fixed:
- CVE-2019-7572: Fixed a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.(bsc#1124806).
- CVE-2019-7578: Fixed a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c (bsc#1125099).
- CVE-2019-7576: Fixed heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124799).
- CVE-2019-7573: Fixed a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124805).
- CVE-2019-7635: Fixed a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c. (bsc#1124827).
- CVE-2019-7636: Fixed a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c (bsc#1124826).
- CVE-2019-7638: Fixed a heap-based buffer over-read in Map1toN in video/SDL_pixels.c (bsc#1124824).
- CVE-2019-7574: Fixed a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c (bsc#1124803).
- CVE-2019-7575: Fixed a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c (bsc#1124802).
- CVE-2019-7637: Fixed a heap-based buffer overflow in SDL_FillRect function in SDL_surface.c (bsc#1124825).
- CVE-2019-7577: Fixed a buffer over read in SDL_LoadWAV_RW in audio/SDL_wave.c (bsc#1124800).
ModerateSUSE bug 1124799SUSE bug 1124800SUSE bug 1124802SUSE bug 1124803SUSE bug 1124805SUSE bug 1124806SUSE bug 1124824SUSE bug 1124825SUSE bug 1124826SUSE bug 1124827SUSE bug 1125099CVE-2019-7572 at SUSECVE-2019-7572 at NVDCVE-2019-7573 at SUSECVE-2019-7573 at NVDCVE-2019-7574 at SUSECVE-2019-7574 at NVDCVE-2019-7575 at SUSECVE-2019-7575 at NVDCVE-2019-7576 at SUSECVE-2019-7576 at NVDCVE-2019-7577 at SUSECVE-2019-7577 at NVDCVE-2019-7578 at SUSECVE-2019-7578 at NVDCVE-2019-7635 at SUSECVE-2019-7635 at NVDCVE-2019-7636 at SUSECVE-2019-7636 at NVDCVE-2019-7637 at SUSECVE-2019-7637 at NVDCVE-2019-7638 at SUSECVE-2019-7638 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for SDL (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for SDL fixes the following issues:
- CVE-2020-14410: Fixed a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c (bsc#1181201).
- CVE-2019-7637: Fixed a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c (bsc#1124825).
- CVE-2021-33657: Fix a buffer overflow when parsing a crafted BMP image (bsc#1198001).
- CVE-2020-14409: Fixed an integer overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c (bsc#1181202).
ImportantSUSE bug 1124825SUSE bug 1181201SUSE bug 1181202SUSE bug 1198001CVE-2019-7637 at SUSECVE-2019-7637 at NVDCVE-2020-14409 at SUSECVE-2020-14409 at NVDCVE-2020-14410 at SUSECVE-2020-14410 at NVDCVE-2021-33657 at SUSECVE-2021-33657 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for SuSEfirewall2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for SuSEfirewall2 fixes the following issues:
- CVE-2017-15638: Fixed a security issue with too open implicit portmapper rules
(bsc#1064127): A source net restriction for _rpc_ services
was not taken into account for the implicitly added rules for port 111,
making the portmap service accessible to everyone in the affected zone.
ModerateSUSE bug 1064127CVE-2017-15638 at SUSECVE-2017-15638 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4security update for xen (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This security update of Xen fixes the following issues:
* bsc#939712 (XSA-140): QEMU leak of uninitialized heap
memory in rtl8139 device model (CVE-2015-5165)
* bsc#939709 (XSA-139): Use after free in QEMU/Xen
block unplug protocol (CVE-2015-5166)
ModerateSUSE bug 939709SUSE bug 939712CVE-2015-5165 at SUSECVE-2015-5165 at NVDCVE-2015-5166 at SUSECVE-2015-5166 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for adns (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for adns fixes the following issues:
- CVE-2017-9103,CVE-2017-9104,CVE-2017-9105,CVE-2017-9109: Fixed an issue in local recursive resolver
which could have led to remote code execution (bsc#1172265).
- CVE-2017-9106: Fixed an issue with upstream DNS data sources which could have led to denial of
service (bsc#1172265).
- CVE-2017-9107: Fixed an issue when quering domain names which could have led to denial of service (bsc#1172265).
- CVE-2017-9108: Fixed an issue which could have led to denial of service (bsc#1172265).
ImportantSUSE bug 1172265CVE-2017-9103 at SUSECVE-2017-9103 at NVDCVE-2017-9104 at SUSECVE-2017-9104 at NVDCVE-2017-9105 at SUSECVE-2017-9105 at NVDCVE-2017-9106 at SUSECVE-2017-9106 at NVDCVE-2017-9107 at SUSECVE-2017-9107 at NVDCVE-2017-9108 at SUSECVE-2017-9108 at NVDCVE-2017-9109 at SUSECVE-2017-9109 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for aide (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for aide fixes the following issues:
- CVE-2021-45417: Fix a bufferoverflow in base64 functions (bsc#1194735)
ImportantSUSE bug 1194735CVE-2021-45417 at SUSECVE-2021-45417 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for amanda (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for amanda fixes the following issues:
Security issue fixed:
- CVE-2016-10729: Fixed a local privilege escalation from amanda to root via unsafe tar command options (bsc#1112916).
ModerateSUSE bug 1112916CVE-2016-10729 at SUSECVE-2016-10729 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ant (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ant fixes the following issues:
Security issue fixed:
- CVE-2018-10886: Fixed a path traversal vulnerability in malformed zip file
paths, which allowed arbitrary file writes and could potentially lead to
code execution (bsc#1100053)
Other changes made:
- Removed support for javadoc
- Default value for stripAbsolutePathSpec changed to 'true'
ModerateSUSE bug 1100053CVE-2018-10886 at SUSECVE-2018-10886 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
Apache was updated to fix one security vulnerability and two bugs.
Following security issue was fixed.
- Fix the chunked transfer coding implementation in the Apache (bsc#938728, CVE-2015-3183)
Bugs fixed:
- add SSLSessionTickets directive (bsc#941676)
- hardcode modules %files (bsc#444878)
- only enable the port 443 for TCP protocol, not UDP. (bsc#931002)
ModerateSUSE bug 444878SUSE bug 931002SUSE bug 938728SUSE bug 941676CVE-2015-3183 at SUSECVE-2015-3183 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for apache2 fixes the following issues:
* It used to be possible to set an arbitrary $HTTP_PROXY environment variable
for request handlers -- like CGI scripts -- by including a specially crafted
HTTP header in the request (CVE-2016-5387). As a result, these server
components would potentially direct all their outgoing HTTP traffic through a
malicious proxy server. This patch fixes the issue: the updated Apache server
ignores such HTTP headers and never sets $HTTP_PROXY for sub-processes
(unless a value has been explicitly configured by the administrator in the
configuration file). (bsc#988488)
ModerateSUSE bug 988488CVE-2016-5387 at SUSECVE-2016-5387 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for apache2 fixes the following issues:
Security issues fixed:
- CVE-2016-2161: Malicious input to mod_auth_digest could have caused the server to crash,
resulting in DoS (bsc#1016714).
- CVE-2016-8743: Added new directive 'HttpProtocolOptions Strict' to avoid proxy chain
misinterpretation (bsc#1016715).
ModerateSUSE bug 1016714SUSE bug 1016715CVE-2016-2161 at SUSECVE-2016-2161 at NVDCVE-2016-8743 at SUSECVE-2016-8743 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update provides apache2 2.2.34, which brings many fixes and enhancements:
Security issues fixed:
- CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest. (bsc#1048576)
Bug fixes:
- Remove /usr/bin/http2 link only during package uninstall, not upgrade. (bsc#1041830)
- Don't put the backend in error state (by default) when 500/503 error code is overridden. (bsc#951692)
- Allow single-char field names inadvertently disallowed in 2.2.32.
ModerateSUSE bug 1041830SUSE bug 1048576SUSE bug 951692CVE-2017-9788 at SUSECVE-2017-9788 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for apache2 fixes the following issues:
- Allow disabling SNI on proxy connections using 'SetEnv proxy-disable-sni 1' in the configuration files. (bsc#1052830)
- Allow ECDH again in mod_ssl, it had been incorrectly disabled with the 2.2.34 update. (bsc#1064561)
Following security issue has been fixed:
- CVE-2017-9798: A use-after-free in the OPTIONS command could be used by attackers to disclose memory of the apache server process, when htaccess uses incorrect Limit statement. (bsc#1058058)
Additionally, references to the following security issues, fixed by the previous version-update of apache2
to Apache HTTPD 2.2.34 have been added:
- CVE-2017-7668: The HTTP strict parsing introduced a bug in token list parsing, which allowed ap_find_token() to
search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may
have be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value. (bsc#1045061)
- CVE-2017-3169: mod_ssl may have de-referenced a NULL pointer when third-party modules call
ap_hook_process_connection() during an HTTP request to an HTTPS port allowing for DoS. (bsc#1045062)
- CVE-2017-3167: Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may have
lead to authentication requirements being bypassed. (bsc#1045065)
- CVE-2017-7679: mod_mime could have read one byte past the end of a buffer when sending a malicious Content-Type
response header. (bsc#1045060)
ModerateSUSE bug 1045060SUSE bug 1045061SUSE bug 1045062SUSE bug 1045065SUSE bug 1052830SUSE bug 1058058SUSE bug 1064561CVE-2009-2699 at SUSECVE-2009-2699 at NVDCVE-2010-0425 at SUSECVE-2010-0425 at NVDCVE-2012-0021 at SUSECVE-2012-0021 at NVDCVE-2014-0118 at SUSECVE-2014-0118 at NVDCVE-2017-3167 at SUSECVE-2017-3167 at NVDCVE-2017-3169 at SUSECVE-2017-3169 at NVDCVE-2017-7668 at SUSECVE-2017-7668 at NVDCVE-2017-7679 at SUSECVE-2017-7679 at NVDCVE-2017-9798 at SUSECVE-2017-9798 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for apache2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for apache2 fixes the following issues:
- security update:
* CVE-2018-1301: Specially crafted requests, in debug mode, could lead to denial of service. [bsc#1086817]
* CVE-2017-15710: failure in the language fallback handling could lead to denial of service. [bsc#1086776]
* CVE-2018-1312: Seed wrongly generated could lead to replay attack in cluster environments. [bsc#1086775]
ModerateSUSE bug 1086775SUSE bug 1086776SUSE bug 1086817CVE-2017-15710 at SUSECVE-2017-15710 at NVDCVE-2018-1301 at SUSECVE-2018-1301 at NVDCVE-2018-1312 at SUSECVE-2018-1312 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for apache2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for apache2 fixes the following issues:
* CVE-2019-0220: The Apache HTTP server did not use a consistent strategy for
URL normalization throughout all of its components. In particular,
consecutive slashes were not always collapsed. Attackers could potentially
abuse these inconsistencies to by-pass access control mechanisms and thus
gain unauthorized access to protected parts of the service. [bsc#1131241]
* CVE-2019-0217: A race condition in Apache's 'mod_auth_digest' when running in
a threaded server could have allowed users with valid credentials to
authenticate using another username, bypassing configured access control
restrictions. [bsc#1131239]
ImportantSUSE bug 1131239SUSE bug 1131241CVE-2019-0217 at SUSECVE-2019-0217 at NVDCVE-2019-0220 at SUSECVE-2019-0220 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for apache2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for apache2 fixes the following issues:
- CVE-2020-1934: mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server (bsc#1168404).
- CVE-2020-1938: mod_proxy_ajp: Add 'secret' parameter to proxy workers to implement legacy AJP13 authentication (bsc#1169066).
ImportantSUSE bug 1168404SUSE bug 1169066CVE-2020-1934 at SUSECVE-2020-1934 at NVDCVE-2020-1938 at SUSECVE-2020-1938 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for apache2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for apache2 fixes the following issues:
- fixed CVE-2021-30641 [bsc#1187174]: MergeSlashes regression
- fixed CVE-2020-35452 [bsc#1186922]: Single zero byte stack overflow in mod_auth_digest
ImportantSUSE bug 1186922SUSE bug 1187174CVE-2020-35452 at SUSECVE-2020-35452 at NVDCVE-2021-30641 at SUSECVE-2021-30641 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for apache2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for apache2 fixes the following issues:
- CVE-2021-39275: Fixed an out-of-bounds write in ap_escape_quotes() via malicious input. (bsc#1190666)
ImportantSUSE bug 1190666CVE-2021-39275 at SUSECVE-2021-39275 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for apache2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for apache2 fixes the following issues:
- CVE-2022-22720: HTTP request smuggling due to incorrect error handling (bsc#1197095).
- CVE-2022-22721: possible buffer overflow with very large or unlimited LimitXMLRequestBody (bsc#1197096).
ImportantSUSE bug 1197095SUSE bug 1197096CVE-2022-22720 at SUSECVE-2022-22720 at NVDCVE-2022-22721 at SUSECVE-2022-22721 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for apache2-mod_jk (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for apache2-mod_jk fixes the following issues:
Security issues fixed:
- CVE-2018-11759: Fixed connector path traversal due to mishandled HTTP requests in httpd (bsc#1114612).
- CVE-2014-8111: Apache Tomcat Connectors (mod_jk) ignored JkUnmount rules for subtrees of previous JkMount rules, which allowed remote attackers to access otherwise restricted artifacts via unspecified vectors (bsc#927845).
ModerateSUSE bug 1114612SUSE bug 927845CVE-2014-8111 at SUSECVE-2014-8111 at NVDCVE-2018-11759 at SUSECVE-2018-11759 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for apache2-mod_nss (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update provides apache2-mod_nss 1.0.14, which brings several fixes and
enhancements:
- SHA256 cipher names change spelling from *_sha256 to *_sha_256.
- Drop mod_nss_migrate.pl and use upstream migrate script instead.
- Check for Apache user owner/group read permissions of NSS database at startup.
- Update default ciphers to something more modern and secure.
- Check for host and netstat commands in gencert before trying to use them.
- Don't ignore NSSProtocol when NSSFIPS is enabled.
- Use proper shell syntax to avoid creating /0 in gencert.
- Add server support for DHE ciphers.
- Extract SAN from server/client certificates into env.
- Fix memory leaks and other coding issues caught by clang analyzer.
- Add support for Server Name Indication (SNI)
- Add support for SNI for reverse proxy connections.
- Add RenegBufferSize? option.
- Add support for TLS Session Tickets (RFC 5077).
- Implement a slew more OpenSSL cipher macros.
- Fix a number of illegal memory accesses and memory leaks.
- Support for SHA384 ciphers if they are available in the version of NSS mod_nss is built against.
- Add the SECURE_RENEG environment variable.
- Add some hints when NSS database cannot be initialized.
- Code cleanup including trailing whitespace and compiler warnings.
- Modernize autotools configuration slightly, add config.h.
- Add small test suite for SNI.
- Add compatibility for mod_ssl-style cipher definitions.
- Add Camelia ciphers.
- Remove Fortezza ciphers.
- Add TLSv1.2-specific ciphers.
- Initialize cipher list when re-negotiating handshake.
- Completely remove support for SSLv2.
- Add support for sqlite NSS databases.
- Compare subject CN and VS hostname during server start up.
- Add support for enabling TLS v1.2.
- Don't enable SSL 3 by default. (CVE-2014-3566)
- Improve protocol testing.
- Add nss_pcache man page.
- Fix argument handling in nss_pcache.
- Support httpd 2.4+.
- Allow users to configure a helper to ask for certificate passphrases via
NSSPassPhraseDialog. (bsc#975394)
ModerateSUSE bug 975394SUSE bug 979688CVE-2013-4566 at SUSECVE-2013-4566 at NVDCVE-2014-3566 at SUSECVE-2014-3566 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for apache2-mod_perl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for apache2-mod_perl fixes the following issues:
- CVE-2011-2767: Fixed a vulnerability which could have allowed
perl code execution in the context of user account (bsc#1156944).
ModerateSUSE bug 1156944CVE-2011-2767 at SUSECVE-2011-2767 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for apport (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for apport fixes the following issues:
Security issue fixed:
- CVE-2015-1338: Insecurely created crash dumps could lead to a DoS or privilege escalation through
malicious symlinks. (bsc#947731)
ModerateSUSE bug 947731CVE-2015-1338 at SUSECVE-2015-1338 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for arpwatch (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for arpwatch fixes the following issues:
- CVE-2021-25321: Fixed local privilege escalation from runtime user to root (bsc#1186240).
ImportantSUSE bug 1186240CVE-2021-25321 at SUSECVE-2021-25321 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for aspell (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for aspell fixes the following issues:
- CVE-2019-25051: Fixed heap-buffer-overflow in acommon:ObjStack:dup_top (bsc#1188576).
ImportantSUSE bug 1188576CVE-2019-25051 at SUSECVE-2019-25051 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for atftp (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for atftp fixes the following issues:
Security issues fixed:
- CVE-2019-11366: Fixed a denial of service caused by a NULL pointer dereference because thread_list_mutex was not locked (bsc#1133145).
- CVE-2019-11365: Fixed a buffer overflow which could lead to remote code execution caused by an insecure use of strncpy() (bsc#1133114).
ImportantSUSE bug 1133114SUSE bug 1133145CVE-2019-11365 at SUSECVE-2019-11365 at NVDCVE-2019-11366 at SUSECVE-2019-11366 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for audiofile (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for audiofile fixes the following issues:
Security issues fixed:
- CVE-2017-6827: heap-based buffer overflow in MSADPCM::initializeCoefficients (MSADPCM.cpp) (bsc#1026979)
- CVE-2017-6828: heap-based buffer overflow in readValue (FileHandle.cpp) (bsc#1026980)
- CVE-2017-6829: global buffer overflow in decodeSample (IMA.cpp) (bsc#1026981)
- CVE-2017-6830: heap-based buffer overflow in alaw2linear_buf (G711.cpp) (bsc#1026982)
- CVE-2017-6831: heap-based buffer overflow in IMA::decodeBlockWAVE (IMA.cpp) (bsc#1026983)
- CVE-2017-6832: heap-based buffer overflow in MSADPCM::decodeBlock (MSADPCM.cpp) (bsc#1026984)
- CVE-2017-6833: divide-by-zero in BlockCodec::runPull (BlockCodec.cpp) (bsc#1026985)
- CVE-2017-6834: heap-based buffer overflow in ulaw2linear_buf (G711.cpp) (bsc#1026986)
- CVE-2017-6835: divide-by-zero in BlockCodec::reset1 (BlockCodec.cpp) (bsc#1026988)
- CVE-2017-6836: heap-based buffer overflow in Expand3To4Module::run (SimpleModule.h) (bsc#1026987)
- CVE-2017-6837, CVE-2017-6838, CVE-2017-6839: multiple ubsan crashes (bsc#1026978)
ModerateSUSE bug 1026978SUSE bug 1026979SUSE bug 1026980SUSE bug 1026981SUSE bug 1026982SUSE bug 1026983SUSE bug 1026984SUSE bug 1026985SUSE bug 1026986SUSE bug 1026987SUSE bug 1026988CVE-2017-6827 at SUSECVE-2017-6827 at NVDCVE-2017-6828 at SUSECVE-2017-6828 at NVDCVE-2017-6829 at SUSECVE-2017-6829 at NVDCVE-2017-6830 at SUSECVE-2017-6830 at NVDCVE-2017-6831 at SUSECVE-2017-6831 at NVDCVE-2017-6832 at SUSECVE-2017-6832 at NVDCVE-2017-6833 at SUSECVE-2017-6833 at NVDCVE-2017-6834 at SUSECVE-2017-6834 at NVDCVE-2017-6835 at SUSECVE-2017-6835 at NVDCVE-2017-6836 at SUSECVE-2017-6836 at NVDCVE-2017-6837 at SUSECVE-2017-6837 at NVDCVE-2017-6838 at SUSECVE-2017-6838 at NVDCVE-2017-6839 at SUSECVE-2017-6839 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for augeas (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update fixes an untrusted argument escaping problem (CVE-2014-8119):
* new API - aug_escape_name() - which can be used to escape
untrusted inputs before using them as part of path expressions
* aug_match() is changed to return properly escaped output
ModerateSUSE bug 925225CVE-2014-8119 at SUSECVE-2014-8119 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for augeas (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for augeas fixes the following issues:
Security issues fixed:
- CVE-2017-7555: Fix a memory corruption bug could have lead to arbitrary code execution
by passing crafted strings that would be mis-handled by parse_name() (bsc#1054171).
- CVE-2014-8119: Fix improper handling of escaped strings leading to memory corruption (bsc#925225).
ModerateSUSE bug 1054171SUSE bug 925225CVE-2014-8119 at SUSECVE-2014-8119 at NVDCVE-2017-7555 at SUSECVE-2017-7555 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for avahi (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for avahi fixes the following issues:
Security issue fixed:
- CVE-2018-1000845: Fixed DNS amplification and reflection to spoofed addresses (DOS) (bsc#1120281)
ModerateSUSE bug 1120281CVE-2018-1000845 at SUSECVE-2018-1000845 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for axis (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for axis fixes the following security issue:
- CVE-2018-8032: Prevent cross-site scripting (XSS) attack in the default
servlet/services (bsc#1103658).
ModerateSUSE bug 1103658CVE-2018-8032 at SUSECVE-2018-8032 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for bash (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for bash fixes the following issues:
- CVE-2016-7543: Local attackers could have executed arbitrary commands via specially
crafted SHELLOPTS+PS4 variables. (bsc#1001299)
- CVE-2016-0634: Malicious hostnames could have allowed arbitrary command execution when
$HOSTNAME was expanded in the prompt. (bsc#1000396)
The following bugs were fixed:
- bsc#971410: Scripts could terminate unexpectedly due to mishandled recursive traps.
- bsc#959755: Clarify that the files /etc/profile as well as /etc/bash.bashrc may source
other files as well even if the bash does not.
ModerateSUSE bug 1000396SUSE bug 1001299SUSE bug 959755SUSE bug 971410CVE-2016-0634 at SUSECVE-2016-0634 at NVDCVE-2016-7543 at SUSECVE-2016-7543 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for bash (Low)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for bash fixed several issues
This security issue was fixed:
- CVE-2016-9401: popd in bash might allowed local users to bypass the restricted shell and cause a use-after-free via a crafted address (bsc#1010845).
This non-security issue was fixed:
- Fix when HISTSIZE=0 and chattr +a .bash_history (bsc#1031729)
LowSUSE bug 1010845SUSE bug 1031729SUSE bug 976776CVE-2016-9401 at SUSECVE-2016-9401 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for bind (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
bind was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-5477: Remote DoS via TKEY queries (bsc#939567)
Exposure to this issue can not be prevented by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet handling.
ImportantSUSE bug 939567CVE-2015-5477 at SUSECVE-2015-5477 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for bind (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The nameserver bind was updated to fix a remote denial of service (crash) attack against
bind nameservers doing validation on DNSSEC signed records. (CVE-2015-5722, bsc#944066).
ImportantSUSE bug 944066CVE-2015-5722 at SUSECVE-2015-5722 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for bind (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update fixes the following security issue:
- CVE-2015-8000: Fix remote denial of service by misparsing incoming responses (bsc#958861).
It also fixes a bug:
- Fix a regression in caching entries with a TTL of 0 (bsc#923281).
ImportantSUSE bug 923281SUSE bug 958861CVE-2015-8000 at SUSECVE-2015-8000 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for bind (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for bind fixes the following issues:
- CVE-2015-8704: Specific APL data allowed remote attacker to trigger a crash in certain configurations (bsc#962189)
ImportantSUSE bug 962189CVE-2015-8704 at SUSECVE-2015-8704 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for bind (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for bind fixes the following issues:
Fix two assertion failures that can lead to a remote denial of service attack:
* CVE-2016-1285: An error when parsing signature records for DNAME can lead to named exiting due to an assertion failure. (bsc#970072)
* CVE-2016-1286: An error when parsing signature records for DNAME records having specific properties can lead to named exiting due to an assertion failure in resolver.c or db.c. (bsc#970073)
ImportantSUSE bug 970072SUSE bug 970073CVE-2016-1285 at SUSECVE-2016-1285 at NVDCVE-2016-1286 at SUSECVE-2016-1286 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for bind (Critical)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The nameserver bind was updated to fix a remote denial of service
vulnerability, where a crafted packet could cause the nameserver to abort. (CVE-2016-2776, bsc#1000362)
CriticalSUSE bug 1000362CVE-2016-2776 at SUSECVE-2016-2776 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for bind (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for bind fixes the following issues:
- A defect in BIND's handling of responses containing a DNAME answer had
the potential to trigger assertion errors in the server remotely,
thereby facilitating a denial-of-service attack. (CVE-2016-8864, bsc#1007829).
- Fix BIND to return a valid hostname in response to ldapdump queries.
(bsc#965748)
ImportantSUSE bug 1007829SUSE bug 965748CVE-2016-8864 at SUSECVE-2016-8864 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for bind (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for bind fixes the following issues:
- Fix a potential assertion failure that could have been triggered by a
malformed response to an ANY query, thereby facilitating a denial-of-service
attack. [CVE-2016-9131, bsc#1018700, bsc#1018699]
- Fix a potential assertion failure that could have been triggered by
responding to a query with inconsistent DNSSEC information, thereby
facilitating a denial-of-service attack. [CVE-2016-9147, bsc#1018701,
bsc#1018699]
- Fix potential assertion failure that could have been triggered by DNS
responses that contain unusually-formed DS resource records, facilitating a
denial-of-service attack. [CVE-2016-9444, bsc#1018702, bsc#1018699]
ImportantSUSE bug 1018699SUSE bug 1018700SUSE bug 1018701SUSE bug 1018702CVE-2016-9131 at SUSECVE-2016-9131 at NVDCVE-2016-9147 at SUSECVE-2016-9147 at NVDCVE-2016-9444 at SUSECVE-2016-9444 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for bind (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for bind fixes the following issues:
- Fixed a possible denial of service vulnerability (affected only
configurations using both DNS64 and RPZ, CVE-2017-3135, bsc#1024130)
ModerateSUSE bug 1024130CVE-2017-3135 at SUSECVE-2017-3135 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for bind (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for bind fixes the following security issues:
CVE-2017-3137 (bsc#1033467):
Mistaken assumptions about the ordering of records in the answer
section of a response containing CNAME or DNAME resource records
could have been exploited to cause a denial of service of a bind
server performing recursion.
CVE-2017-3136 (bsc#1033466):
An attacker could have constructed a query that would cause a denial
of service of servers configured to use DNS64.
CVE-2017-3138 (bsc#1033468):
An attacker with access to the BIND control channel could have caused
the server to stop by triggering an assertion failure.
CVE-2016-6170 (bsc#987866):
Primary DNS servers could have caused a denial of service of secondary DNS servers via a large AXFR response.
IXFR servers could have caused a denial of service of IXFR clients via a large IXFR response.
Remote authenticated users could have caused a denial of service of primary DNS servers via a large UPDATE message.
CVE-2016-2775 (bsc#989528):
When lwresd or the named lwres option were enabled, bind allowed remote attackers to cause a denial of service
(daemon crash) via a long request that uses the lightweight resolver protocol.
ImportantSUSE bug 1033466SUSE bug 1033467SUSE bug 1033468SUSE bug 987866SUSE bug 989528CVE-2016-2775 at SUSECVE-2016-2775 at NVDCVE-2016-6170 at SUSECVE-2016-6170 at NVDCVE-2017-3136 at SUSECVE-2017-3136 at NVDCVE-2017-3137 at SUSECVE-2017-3137 at NVDCVE-2017-3138 at SUSECVE-2017-3138 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for bind (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for bind fixes the following issues:
- A regression in the fix for CVE-2017-3137 caused an assert in name.c (bsc#1034162)
ImportantSUSE bug 1034162CVE-2017-3137 at SUSECVE-2017-3137 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for bind (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for bind fixes the following issues:
- An attacker with the ability to send and receive messages to an authoritative
DNS server was able to circumvent TSIG authentication of AXFR requests. A
server that relied solely on TSIG keys for protection could be manipulated
into (1) providing an AXFR of a zone to an unauthorized recipient and (2)
accepting bogus Notify packets. [bsc#1046554, CVE-2017-3142]
- An attacker who with the ability to send and receive messages to an
authoritative DNS server and who had knowledge of a valid TSIG key name for
the zone and service being targeted was able to manipulate BIND into
accepting an unauthorized dynamic update. [bsc#1046555, CVE-2017-3143]
ImportantSUSE bug 1046554SUSE bug 1046555CVE-2017-3142 at SUSECVE-2017-3142 at NVDCVE-2017-3143 at SUSECVE-2017-3143 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for bind (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for bind fixes several issues.
This security issue was fixed:
- CVE-2017-3145: Improper sequencing during cleanup could have lead to a
use-after-free error that triggered an assertion failure and crash in named
(bsc#1076118).
These non-security issues were fixed:
- Updated named.root file (bsc#1040039)
- Update bind.keys for DNSSEC root KSK rollover (bsc#1047184)
ImportantSUSE bug 1040039SUSE bug 1047184SUSE bug 1076118CVE-2017-3145 at SUSECVE-2017-3145 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for bind (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for bind fixes the following issues:
Security issues fixed:
- CVE-2018-5740: Fixed a denial of service vulnerability in the 'deny-answer-aliases' feature (bsc#1104129).
- CVE-2018-5743: Limiting simultaneous TCP clients is ineffective. (bsc#1133185)
- CVE-2018-5745: An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keys. (bsc#1126068)
- CVE-2019-6465: Fixed an issue where controls for zone transfers may not be properly applied to Dynamically Loadable Zones (bsc#1126069).
ImportantSUSE bug 1104129SUSE bug 1126068SUSE bug 1126069SUSE bug 1133185CVE-2018-5740 at SUSECVE-2018-5740 at NVDCVE-2018-5743 at SUSECVE-2018-5743 at NVDCVE-2018-5745 at SUSECVE-2018-5745 at NVDCVE-2019-6465 at SUSECVE-2019-6465 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for bind (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for bind fixes the following issues:
- CVE-2020-8616: Fixed the insufficient limit on the number of fetches performed when processing referrals (bsc#1171740).
- CVE-2020-8617: Fixed a logic error in code which checks TSIG validity (bsc#1171740).
- CVE-2018-5741: Fixed the documentation (bsc#1109160).
- Removed rndc.key generation from bind.spec file (bsc#1092283, bsc#1033843)
bind should create the key on first boot or if it went missing.
ImportantSUSE bug 1033843SUSE bug 1092283SUSE bug 1109160SUSE bug 1171740SUSE bug 1172220SUSE bug 1172680CVE-2018-5741 at SUSECVE-2018-5741 at NVDCVE-2020-8616 at SUSECVE-2020-8616 at NVDCVE-2020-8617 at SUSECVE-2020-8617 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for bind (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for bind fixes the following issues:
- CVE-2020-8625: A vulnerability in BIND's GSSAPI security policy
negotiation can be targeted by a buffer overflow attack [bsc#1182246, CVE-2020-8625]
ImportantSUSE bug 1182246CVE-2020-8625 at SUSECVE-2020-8625 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for bind (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for bind fixes the following issues:
- CVE-2021-25214: Fixed a broken inbound incremental zone update (IXFR) which could have caused named to terminate unexpectedly (bsc#1185345).
- CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records that required the DNAME to be processed to resolve itself (bsc#1185345).
- CVE-2021-25216: Fixed an issue where policy negotiation can be targeted by a buffer overflow attack (bsc#1185345).
ImportantSUSE bug 1185345CVE-2021-25214 at SUSECVE-2021-25214 at NVDCVE-2021-25215 at SUSECVE-2021-25215 at NVDCVE-2021-25216 at SUSECVE-2021-25216 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for bsdtar (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
bsdtar was updated to fix seven security issues.
These security issues were fixed:
- CVE-2015-8929: Memory leak in tar parser (bsc#985669).
- CVE-2016-4809: Memory allocate error with symbolic links in cpio archives (bsc#984990).
- CVE-2015-8920: Stack out of bounds read in ar parser (bsc#985675).
- CVE-2015-8921: Global out of bounds read in mtree parser (bsc#985682).
- CVE-2015-8924: Heap buffer read overflow in tar (bsc#985609).
- CVE-2015-8918: Overlapping memcpy in CAB parser (bsc#985698).
- CVE-2015-2304: Reject absolute paths in input mode of bsdcpio exactly when '..' is rejected (bsc#920870).
ImportantSUSE bug 920870SUSE bug 984990SUSE bug 985609SUSE bug 985669SUSE bug 985675SUSE bug 985682SUSE bug 985698CVE-2015-2304 at SUSECVE-2015-2304 at NVDCVE-2015-8918 at SUSECVE-2015-8918 at NVDCVE-2015-8920 at SUSECVE-2015-8920 at NVDCVE-2015-8921 at SUSECVE-2015-8921 at NVDCVE-2015-8924 at SUSECVE-2015-8924 at NVDCVE-2015-8929 at SUSECVE-2015-8929 at NVDCVE-2016-4809 at SUSECVE-2016-4809 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for bzip2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for bzip2 fixes the following issues:
Security issue fixed:
- CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors (bsc#1139083).
- CVE-2016-3189: Fixed a use-after-free in bzip2recover (bsc#985657).
ImportantSUSE bug 1139083SUSE bug 985657CVE-2016-3189 at SUSECVE-2016-3189 at NVDCVE-2019-12900 at SUSECVE-2019-12900 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for bzip2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for bzip2 fixes the following issues:
- Fixed a regression with the fix for CVE-2019-12900, which caused incompatibilities
with files that used many selectors (bsc#1139083).
ImportantSUSE bug 1139083CVE-2019-12900 at SUSECVE-2019-12900 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for cairo (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for cairo fixes the following issues:
- CVE-2016-9082: Fixed a segfault when using >4GB images since int values were used
for pointer operations (bsc#1007255).
- CVE-2017-9814: Replace malloc with _cairo_malloc and check cmap size before
allocating to prevent DoS (bsc#1049092).
- CVE-2017-7475: Fix a segfault in get_bitmap_surface due to malformed font (bsc#1036789).
ModerateSUSE bug 1007255SUSE bug 1036789SUSE bug 1049092CVE-2016-9082 at SUSECVE-2016-9082 at NVDCVE-2017-7475 at SUSECVE-2017-7475 at NVDCVE-2017-9814 at SUSECVE-2017-9814 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for cifs-utils (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for cifs-utils fixes the following issues:
- CVE-2022-27239: Fixed a buffer overflow in the command line ip option (bsc#1197216).
ImportantSUSE bug 1197216CVE-2022-27239 at SUSECVE-2022-27239 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for clamav fixes the following issues:
Security issue fixed:
- CVE-2012-6706: Fixed an arbitrary memory write in VMSF_DELTA filter in libclamunrar (bsc#1045490)
Non security issue fixed:
- Fix permissions of /var/spool/amavis. (bsc#815106)
ImportantSUSE bug 1045490SUSE bug 815106CVE-2012-6706 at SUSECVE-2012-6706 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for clamav fixes the following issues:
- Update to security release 0.99.3 (bsc#1077732)
* CVE-2017-12376 (ClamAV Buffer Overflow in handle_pdfname Vulnerability)
* CVE-2017-12377 (ClamAV Mew Packet Heap Overflow Vulnerability)
* CVE-2017-12379 (ClamAV Buffer Overflow in messageAddArgument Vulnerability)
- these vulnerabilities could have allowed an unauthenticated,
remote attacker to cause a denial of service (DoS) condition
or potentially execute arbitrary code on an affected device.
* CVE-2017-12374 (ClamAV use-after-free Vulnerabilities)
* CVE-2017-12375 (ClamAV Buffer Overflow Vulnerability)
* CVE-2017-12378 (ClamAV Buffer Over Read Vulnerability)
* CVE-2017-12380 (ClamAV Null Dereference Vulnerability)
- these vulnerabilities could have allowed an unauthenticated,
remote attacker to cause a denial of service (DoS) condition on an affected device.
* CVE-2017-6420 (bsc#1052448)
- this vulnerability could have allowed remote attackers to cause a denial of service
(use-after-free) via a crafted PE file with WWPack compression.
* CVE-2017-6419 (bsc#1052449)
- ClamAV could have allowed remote attackers to cause a denial of service
(heap-based buffer overflow and application crash) or possibly
have unspecified other impact via a crafted CHM file.
* CVE-2017-11423 (bsc#1049423)
- ClamAV could have allowed remote attackers to cause a denial of service
(stack-based buffer over-read and application crash) via a crafted CAB file.
* CVE-2017-6418 (bsc#1052466)
- ClamAV could have allowed remote attackers to cause a denial
of service (out-of-bounds read) via a crafted e-mail message.
ImportantSUSE bug 1049423SUSE bug 1052448SUSE bug 1052449SUSE bug 1052466SUSE bug 1077732CVE-2017-11423 at SUSECVE-2017-11423 at NVDCVE-2017-12374 at SUSECVE-2017-12374 at NVDCVE-2017-12375 at SUSECVE-2017-12375 at NVDCVE-2017-12376 at SUSECVE-2017-12376 at NVDCVE-2017-12377 at SUSECVE-2017-12377 at NVDCVE-2017-12378 at SUSECVE-2017-12378 at NVDCVE-2017-12379 at SUSECVE-2017-12379 at NVDCVE-2017-12380 at SUSECVE-2017-12380 at NVDCVE-2017-6418 at SUSECVE-2017-6418 at NVDCVE-2017-6419 at SUSECVE-2017-6419 at NVDCVE-2017-6420 at SUSECVE-2017-6420 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for clamav fixes the following issues:
Security issues fixed:
- CVE-2012-6706: VMSF_DELTA filter inside the unrar implementation allows an arbitrary memory write (bsc#1045315).
- CVE-2017-6419: A heap-based buffer overflow that can lead to a denial of service in libmspack via a crafted CHM file (bsc#1052449).
- CVE-2017-11423: A stack-based buffer over-read that can lead to a denial of service in mspack via a crafted CAB file (bsc#1049423).
- CVE-2018-1000085: An out-of-bounds heap read vulnerability was found in XAR parser that can lead to a denial of service (bsc#1082858).
- CVE-2018-0202: Fixed two vulnerabilities in the PDF parsing code (bsc#1083915).
ImportantSUSE bug 1045315SUSE bug 1049423SUSE bug 1052449SUSE bug 1082858SUSE bug 1083915CVE-2012-6706 at SUSECVE-2012-6706 at NVDCVE-2017-11423 at SUSECVE-2017-11423 at NVDCVE-2017-6419 at SUSECVE-2017-6419 at NVDCVE-2018-0202 at SUSECVE-2018-0202 at NVDCVE-2018-1000085 at SUSECVE-2018-1000085 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for clamav (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for clamav to version 0.100.1 fixes the following issues:
The following security vulnerabilities were addressed:
- CVE-2018-0360: HWP integer overflow, infinite loop vulnerability
(bsc#1101410)
- CVE-2018-0361: PDF object length check, unreasonably long time to parse
relatively small file (bsc#1101412)
- Buffer over-read in unRAR code due to missing max value checks in table
initialization
- Libmspack heap buffer over-read in CHM parser (bsc#1103040)
- PDF parser bugs
The following other changes were made:
- Disable YARA support for licensing reasons (bsc#1101654).
- Add HTTPS support for clamsubmit
- Fix for DNS resolution for users on IPv4-only machines where IPv6 is not
available or is link-local only
ModerateSUSE bug 1101410SUSE bug 1101412SUSE bug 1101654SUSE bug 1103040CVE-2018-0360 at SUSECVE-2018-0360 at NVDCVE-2018-0361 at SUSECVE-2018-0361 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for clamav (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for clamav fixes the following issues:
Clamav was updated to version 0.100.2:
- CVE-2018-15378: Vulnerability in ClamAV's MEW
unpacking feature that could allow an unauthenticated, remote
attacker to cause a denial of service (DoS) condition on an
affected device. (bsc#1110723)
- CVE-2018-14680, CVE-2018-14681, CVE-2018-14682:
more fixes for embedded libmspack. (bsc#1103040)
* Make freshclam more robust against lagging signature mirrors.
* On-Access 'Extra Scanning', an opt-in minor feature of
OnAccess scanning on Linux systems, has been disabled due to a
known issue with resource cleanup OnAccessExtraScanning will
be re-enabled in a future release when the issue is
resolved. In the mean-time, users who enabled the feature in
clamd.conf will see a warning informing them that the feature
is not active. For details, see:
https://bugzilla.clamav.net/show_bug.cgi?id=12048
- Restore exit code compatibility of freshclam with versions before
0.100.0 when the virus database is already up to date
(bsc#1104457).
ModerateSUSE bug 1103040SUSE bug 1104457SUSE bug 1110723CVE-2018-14680 at SUSECVE-2018-14680 at NVDCVE-2018-14681 at SUSECVE-2018-14681 at NVDCVE-2018-14682 at SUSECVE-2018-14682 at NVDCVE-2018-15378 at SUSECVE-2018-15378 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for clamav to version 0.100.3 fixes the following issues:
Security issues fixed (bsc#1130721):
- CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur
when scanning PDF documents.
- CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur
when scanning PE files (i.e. Windows EXE and DLL files).
- CVE-2019-1788: Fixed an out-of-bounds heap write condition which may occur
when scanning OLE2 files such as Microsoft Office 97-2003 documents.
ImportantSUSE bug 1130721CVE-2019-1787 at SUSECVE-2019-1787 at NVDCVE-2019-1788 at SUSECVE-2019-1788 at NVDCVE-2019-1789 at SUSECVE-2019-1789 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for clamav (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for clamav fixes the following issues:
Security issues fixed:
- CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files (bsc#1144504).
- CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors (bsc#1149458).
Non-security issue fixed:
- Added the --max-scantime clamscan option and MaxScanTime clamd configuration option.
ModerateSUSE bug 1144504SUSE bug 1149458CVE-2019-12625 at SUSECVE-2019-12625 at NVDCVE-2019-12900 at SUSECVE-2019-12900 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for clamav fixes the following issues:
- CVE-2019-15961: Fixed a denial of service which might occur when
scanning a specially crafted email file as (bsc#1157763).
ImportantSUSE bug 1157763CVE-2019-15961 at SUSECVE-2019-15961 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for clamav (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for clamav fixes the following issues:
- Update to 0.103.0 to implement jsc#ECO-3010 and bsc#1118459
- This update incorporates incompatible changes that were introduced
in version 0.101.0.
- Accumulated security fixes:
* CVE-2020-3350: Fix a vulnerability wherein a malicious user could
replace a scan target's directory with a symlink to another path
to trick clamscan, clamdscan, or clamonacc into removing or moving
a different file (eg. a critical system file). The issue would
affect users that use the --move or --remove options for clamscan,
clamdscan, and clamonacc. (bsc#1174255)
* CVE-2020-3327: Fix a vulnerability in the ARJ archive parsing
module in ClamAV 0.102.3 that could cause a Denial-of-Service
(DoS) condition. Improper bounds checking results in an
out-of-bounds read which could cause a crash. The previous fix for
this CVE in 0.102.3 was incomplete. This fix correctly resolves
the issue.
* CVE-2020-3481: Fix a vulnerability in the EGG archive module in
ClamAV 0.102.0 - 0.102.3 could cause a Denial-of-Service (DoS)
condition. Improper error handling may result in a crash due to a
NULL pointer dereference. This vulnerability is mitigated for
those using the official ClamAV signature databases because the
file type signatures in daily.cvd will not enable the EGG archive
parser in versions affected by the vulnerability. (bsc#1174250)
* CVE-2020-3341: Fix a vulnerability in the PDF parsing module in
ClamAV 0.101 - 0.102.2 that could cause a Denial-of-Service (DoS)
condition. Improper size checking of a buffer used to initialize AES
decryption routines results in an out-of-bounds read which may cause
a crash. (bsc#1171981)
* CVE-2020-3123: A denial-of-service (DoS) condition may occur when
using the optional credit card data-loss-prevention (DLP) feature.
Improper bounds checking of an unsigned variable resulted in an
out-of-bounds read, which causes a crash.
ModerateSUSE bug 1118459SUSE bug 1171981SUSE bug 1174250SUSE bug 1174255CVE-2020-3123 at SUSECVE-2020-3123 at NVDCVE-2020-3327 at SUSECVE-2020-3327 at NVDCVE-2020-3341 at SUSECVE-2020-3341 at NVDCVE-2020-3350 at SUSECVE-2020-3350 at NVDCVE-2020-3481 at SUSECVE-2020-3481 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for clamav fixes the following issues:
- CVE-2021-1252: Fix for Excel XLM parser infinite loop. (bsc#1184532)
- CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. (bsc#1184533)
- CVE-2021-1405: Fix for mail parser NULL-dereference crash. (bsc#1184534)
- Fix errors when scanning files > 4G (bsc#1181256)
- Update clamav.keyring
- Update to 0.103.2
ImportantSUSE bug 1181256SUSE bug 1184532SUSE bug 1184533SUSE bug 1184534CVE-2021-1252 at SUSECVE-2021-1252 at NVDCVE-2021-1404 at SUSECVE-2021-1404 at NVDCVE-2021-1405 at SUSECVE-2021-1405 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for clamav (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for clamav fixes the following issues:
- CVE-2018-14679: Fixed off-by-one issue in embedded libmspack that could lead to denial of service (bsc#1103032).
- Update to 0.103.4 (bsc#1192346).
- Add documentation about max file size purpose and side effect in the 'clamscan' and 'clamdscan' manpages (bsc#1187509).
- Update to 0.103.3 (bsc#1188284).
ModerateSUSE bug 1103032SUSE bug 1187509SUSE bug 1188284SUSE bug 1192346CVE-2018-14679 at SUSECVE-2018-14679 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for clamav (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for clamav fixes the following issues:
- CVE-2022-20698: Fixed invalid pointer read allowing denial of service crash. (bsc#1194731)
ImportantSUSE bug 1194731CVE-2022-20698 at SUSECVE-2022-20698 at NVDcpe:/o:suse:suse_sles:11:sp4Recommended udpate for SUSE Manager Client Tools (Low)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for SUSE Manager Client Tools provides the following fixes and enhancements:
rhnlib:
- Use TLSv1_METHOD in SSL Context (bsc#970989)
suseRegisterInfo:
- Fix file permissions (bsc#970550)
LowSUSE bug 970550SUSE bug 970989cpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for coreutils (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for coreutils fixes one issue.
This security issue was fixed:
- CVE-2017-2616: In su with PAM support it was possible for local users to send
SIGKILL to selected other processes with root privileges (bsc#1023041)
ImportantSUSE bug 1023041CVE-2017-2616 at SUSECVE-2017-2616 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for cpio (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for cpio fixes the following issues:
It was possible to trigger Remote code execution due to a integer overflow (CVE-2021-38185, bsc#1189206)
ImportantSUSE bug 1189206CVE-2021-38185 at SUSECVE-2021-38185 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for cpio (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for cpio fixes the following issues:
- A patch previously applied to remedy CVE-2021-38185 introduced a regression
that had the potential to cause a segmentation fault in cpio. [bsc#1189465]
ImportantSUSE bug 1189465CVE-2021-38185 at SUSECVE-2021-38185 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for cracklib (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for cracklib fixes a security issue and a bug:
Security issue fixed:
- Add patch to fix a stack buffer overflow in GECOS parser (bsc#992966 CVE-2016-6318)
The following non security issue was fixed:
- Call textdomain in cracklib-check main function so that program
output is translated accordingly. (bsc#928923)
ModerateSUSE bug 928923SUSE bug 992966CVE-2016-6318 at SUSECVE-2016-6318 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for crash (Low)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for crash provides the following fix:
- Update crash to support -bigmem kernel dumps for PPC64, including the ones that have
extended process virtual address space support to 128TB (bsc#1075785, bsc#1032471).
LowSUSE bug 1032471SUSE bug 1075785cpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for cups (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for cups fixes the following issues:
Security issues fixed:
- CVE-2018-4180: Fix local privilege escalation to root in dnssd backend (bsc#1096405).
- CVE-2018-4181: Limited local file reads as root via cupsd.conf include directive (bsc#1096406).
- CVE-2018-4182: Fix cups-exec sandbox bypass due to insecure error handling (bsc#1096407).
- CVE-2018-4183: Fix cups-exec sandbox bypass due to profile misconfiguration (bsc#1096408).
ModerateSUSE bug 1096405SUSE bug 1096406SUSE bug 1096407SUSE bug 1096408CVE-2018-4180 at SUSECVE-2018-4180 at NVDCVE-2018-4181 at SUSECVE-2018-4181 at NVDCVE-2018-4182 at SUSECVE-2018-4182 at NVDCVE-2018-4183 at SUSECVE-2018-4183 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for cups (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for cups fixes the following issues:
- CVE-2019-8675: Fixed a stack buffer overflow in libcups's asn1_get_type function(bsc#1146358).
- CVE-2019-8696: Fixed a stack buffer overflow in libcups's asn1_get_packed function (bsc#1146359).
- Fixed a double free which was triggered by Java application (bsc#959478).
ImportantSUSE bug 1146358SUSE bug 1146359SUSE bug 959478CVE-2019-8675 at SUSECVE-2019-8675 at NVDCVE-2019-8696 at SUSECVE-2019-8696 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for cups (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for cups fixes the following issues:
- CVE-2020-3898: Fixed heap buffer overflow in libcups ppdFindOption() function (bsc#1168422).
ImportantSUSE bug 1168422CVE-2020-3898 at SUSECVE-2020-3898 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for cups (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for cups fixes the following issues:
- CVE-2021-25317: ownership of /var/log/cups could allow privilege escalation from lp user to root via symlink attacks (bsc#1184161)
ImportantSUSE bug 1184161CVE-2021-25317 at SUSECVE-2021-25317 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for curl fixes the following issues:
- CVE-2016-0755: libcurl would reuse NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer (bsc#962983)
The following non-security bugs were fixed:
- bsc#926511: Check for errors on the control connection during FTP transfers
The following tracked bugs only affect the test suite:
- bsc#962996: Expired cookie in test 46 caused test failures
ModerateSUSE bug 926511SUSE bug 962983SUSE bug 962996CVE-2016-0755 at SUSECVE-2016-0755 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for curl fixes the following issues:
- CVE-2016-5419: TLS session resumption client cert bypass (bsc#991389)
- CVE-2016-5420: Re-using connections with wrong client cert (bsc#991390)
- CVE-2016-7141: Fixed incorrect reuse of client certificates (bsc#997420).
ModerateSUSE bug 991389SUSE bug 991390SUSE bug 997420CVE-2016-5419 at SUSECVE-2016-5419 at NVDCVE-2016-5420 at SUSECVE-2016-5420 at NVDCVE-2016-7141 at SUSECVE-2016-7141 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for curl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for curl fixes the following security issues:
- CVE-2016-8624: invalid URL parsing with '#' (bsc#1005646)
- CVE-2016-8623: Use-after-free via shared cookies (bsc#1005645)
- CVE-2016-8621: curl_getdate read out of bounds (bsc#1005642)
- CVE-2016-8619: double-free in krb5 code (bsc#1005638)
- CVE-2016-8618: double-free in curl_maprintf (bsc#1005637)
- CVE-2016-8617: OOB write via unchecked multiplication (bsc#1005635)
- CVE-2016-8616: case insensitive password comparison (bsc#1005634)
- CVE-2016-8615: cookie injection for other servers (bsc#1005633)
- CVE-2016-7167: escape and unescape integer overflows (bsc#998760)
ImportantSUSE bug 1005633SUSE bug 1005634SUSE bug 1005635SUSE bug 1005637SUSE bug 1005638SUSE bug 1005642SUSE bug 1005645SUSE bug 1005646SUSE bug 998760CVE-2016-7167 at SUSECVE-2016-7167 at NVDCVE-2016-8615 at SUSECVE-2016-8615 at NVDCVE-2016-8616 at SUSECVE-2016-8616 at NVDCVE-2016-8617 at SUSECVE-2016-8617 at NVDCVE-2016-8618 at SUSECVE-2016-8618 at NVDCVE-2016-8619 at SUSECVE-2016-8619 at NVDCVE-2016-8620 at SUSECVE-2016-8620 at NVDCVE-2016-8621 at SUSECVE-2016-8621 at NVDCVE-2016-8622 at SUSECVE-2016-8622 at NVDCVE-2016-8623 at SUSECVE-2016-8623 at NVDCVE-2016-8624 at SUSECVE-2016-8624 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for curl fixes the following issues:
These security issues were fixed:
- CVE-2016-9586: libcurl printf floating point buffer overflow (bsc#1015332)
- CVE-2017-7407: The ourWriteOut function in tool_writeout.c in curl might have allowed physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which lead to a heap-based buffer over-read (bsc#1032309).
ModerateSUSE bug 1015332SUSE bug 1032309CVE-2016-9586 at SUSECVE-2016-9586 at NVDCVE-2017-7407 at SUSECVE-2017-7407 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for curl fixes the following issues:
- CVE-2017-1000100: TFP sends more than buffer size and it could lead to a denial of service (bsc#1051644)
- CVE-2017-7407: ourWriteOut function problem could lead to a heap buffer over-read (bsc#1032309)
- CVE-2016-9586: libcurl printf issue could lead to buffer overflow (bsc#1015332)
ModerateSUSE bug 1015332SUSE bug 1032309SUSE bug 1051644CVE-2016-9586 at SUSECVE-2016-9586 at NVDCVE-2017-1000100 at SUSECVE-2017-1000100 at NVDCVE-2017-7407 at SUSECVE-2017-7407 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for curl fixes the following security issues:
- CVE-2017-1000254: FTP PWD response parser out of bounds read (bsc#1061876)
ModerateSUSE bug 1061876CVE-2017-1000254 at SUSECVE-2017-1000254 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for curl several issues.
This security issue was fixed:
- CVE-2018-1000007: Prevent leaking authentication data to third parties when following redirects (bsc#1077001)
This non-security issue was fixed:
- Set DEFAULT_SUSE as the default cipher list (bsc#1027712]
ModerateSUSE bug 1027712SUSE bug 1077001CVE-2016-7141 at SUSECVE-2016-7141 at NVDCVE-2018-1000007 at SUSECVE-2018-1000007 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for curl fixes the following issues:
curl was updated to version 7.37.0 (fate#325339 bsc#1084137)
This update syncs the curl version to the one in SUSE Linux Enterprise 12
and is full binary compatible to the previous version.
This update is done to allow other third party software like 'R' to
be able to be used on the SUSE Linux Enterprise 11 codebase.
Following security issues were fixed:
- CVE-2018-1000120: A buffer overflow exists in the FTP URL handling that allowed an attacker to cause a denial of service or possible code execution (bsc#1084521).
- CVE-2018-1000121: A NULL pointer dereference exists in the LDAP code that allowed an attacker to cause a denial of service (bsc#1084524).
- CVE-2018-1000122: A buffer over-read exists in the RTSP+RTP handling code that allowed an attacker to cause a denial of service or information leakage (bsc#1084532).
The package also requires a libopenssl that implements the DEFAULT_SUSE cipher list
(bsc#1081056, bsc#1083463,bsc#1086825)
ModerateSUSE bug 1081056SUSE bug 1083463SUSE bug 1084137SUSE bug 1084521SUSE bug 1084524SUSE bug 1084532SUSE bug 1085124SUSE bug 1086825SUSE bug 1087922SUSE bug 1090194CVE-2018-1000120 at SUSECVE-2018-1000120 at NVDCVE-2018-1000121 at SUSECVE-2018-1000121 at NVDCVE-2018-1000122 at SUSECVE-2018-1000122 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for curl fixes the following issues:
- CVE-2018-1000301: Fixed a buffer over-read caused by bad RTSP headers (bsc#1092098)
ModerateSUSE bug 1092098CVE-2018-1000301 at SUSECVE-2018-1000301 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for curl fixes the following issues:
- CVE-2018-14618: Prevent integer overflow in the NTLM authentication code
(bsc#1106019).
ModerateSUSE bug 1106019CVE-2018-14618 at SUSECVE-2018-14618 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for curl fixes the following issues:
- CVE-2018-16840: A use-after-free in SASL handle close was fixed (bsc#1112758)
- CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660)
ModerateSUSE bug 1112758SUSE bug 1113660CVE-2018-16840 at SUSECVE-2018-16840 at NVDCVE-2018-16842 at SUSECVE-2018-16842 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for curl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for curl fixes the following issues:
Security issue fixed:
- CVE-2019-5436: Fixed a heap buffer overflow exists in tftp_receive_packet that receives data from a TFTP server (bsc#1135170).
ImportantSUSE bug 1135170CVE-2019-5436 at SUSECVE-2019-5436 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for curl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for curl fixes the following issues:
Security issue fixed:
- CVE-2019-5482: Fixed a TFTP small blocksize heap buffer overflow (bsc#1149496).
ImportantSUSE bug 1149496CVE-2019-5482 at SUSECVE-2019-5482 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for curl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for curl fixes the following issues:
- CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious
server to overwrite a local file when using the -J option (bsc#1173027).
ImportantSUSE bug 1173027CVE-2020-8177 at SUSECVE-2020-8177 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for curl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for curl fixes the following issues:
- CVE-2021-22898: Fixed curl TELNET stack contents disclosure (bsc#1186114).
ModerateSUSE bug 1186114CVE-2021-22898 at SUSECVE-2021-22898 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for cvs (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for cvs fixes the following issues:
- CVE-2017-12836: A leading dash in the argument of the '-d' option could lead to argument injection (bsc#1053364)
ModerateSUSE bug 1053364CVE-2017-12836 at SUSECVE-2017-12836 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for cyrus-imapd (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for cyrus-imapd fixes the following issues:
- Previous versions of cyrus-imapd would not allow its users to disable old SSL
variants that are vulnerable to attacks like BEAST and POODLE. This patch
adds the configuration option 'tls_versions' to remedy that issue. Note that
users who upgrade an existing installation will *not* have their imapd.conf
file overwritten, i.e. their IMAP server will continue to support SSLv2 and
SSLv3 like before. To disable support for those protocols, edit imapd.conf
manually to include 'tls_versions: tls1_0 tls1_1 tls1_2'. New installations,
however, will have an imapd.conf file that contains these settings already,
i.e. newly installed IMAP servers do *not* support unsafe versions of SSL
unless that support is explicitly enabled by the user. (bsc#901748)
- An integer overflow vulnerability in cyrus-imapd's urlfetch range checking
code was fixed. (CVE-2015-8076, CVE-2015-8077, CVE-2015-8078, bsc#981670,
bsc#954200, bsc#954201)
- Support for Elliptic Curve Diffie–Hellman (ECDH) has been added to
cyrus-imapd. (bsc#860611)
ImportantSUSE bug 860611SUSE bug 901748SUSE bug 954200SUSE bug 954201SUSE bug 981670CVE-2014-3566 at SUSECVE-2014-3566 at NVDCVE-2015-8076 at SUSECVE-2015-8076 at NVDCVE-2015-8077 at SUSECVE-2015-8077 at NVDCVE-2015-8078 at SUSECVE-2015-8078 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for cyrus-sasl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for cyrus-sasl fixes the following issues:
- CVE-2019-19906: Fixed an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet (bsc#1159635).
ImportantSUSE bug 1159635CVE-2019-19906 at SUSECVE-2019-19906 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for cyrus-sasl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for cyrus-sasl fixes the following issues:
- CVE-2022-24407: Fixed SQL injection in sql_auxprop_store in plugins/sql.c (bsc#1196036).
ImportantSUSE bug 1196036CVE-2022-24407 at SUSECVE-2022-24407 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for dbus-1 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for dbus-1 fixes the following issues:
Security issue fixed:
- CVE-2019-12749: Fixed an implementation flaw in DBUS_COOKIE_SHA1 which
could have allowed local attackers to bypass authentication (bsc#1137832).
ImportantSUSE bug 1137832CVE-2019-12749 at SUSECVE-2019-12749 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for dhcp (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for dhcp fixes the following issues:
- CVE-2015-8605: A remote attacker could have used badly formed packets with an invalid IPv4 UDP length field to cause a DHCP server, client, or relay program to terminate abnormally (bsc#961305)
The following bugs were fixed:
- bsc#936923: Improper lease duration checking
- bsc#880984: Integer overflows in the date and time handling code
- bsc#947780: DHCP server could abort with 'Unable to set up timer: out of range' on very long or infinite timer intervals / lease lifetimes
- bsc#926159: DHCP preferrend and valid lifetime would be logged incorrectly
- bsc#928390: dhclient dit not expose next-server DHCPv4 option to script
- bsc#926159: DHCP preferrend and valid lifetime would be logged incorrectly
ModerateSUSE bug 880984SUSE bug 919959SUSE bug 926159SUSE bug 928390SUSE bug 936923SUSE bug 947780SUSE bug 961305CVE-2015-8605 at SUSECVE-2015-8605 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for dhcp (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for dhcp fixes the following issues:
- CVE-2016-2774: Fixed a denial of service attack against the DHCP server over the OMAPI TCP socket, which could be used
by network adjacent attackers to make the DHCP server non-functional (bsc#969820).
ModerateSUSE bug 969820CVE-2016-2774 at SUSECVE-2016-2774 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for dhcp (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for dhcp fixes several issues.
This security issue was fixed:
- CVE-2017-3144: OMAPI code didn't free socket descriptors when empty message
is received allowing DoS (bsc#1076119)
This non-security issue was fixed:
- Enhance dhclient-script to handle static route updates. (bsc#1023415)
ModerateSUSE bug 1023415SUSE bug 1076119CVE-2017-3144 at SUSECVE-2017-3144 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for dhcp (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for dhcp fixes the following issues:
Security issues fixed:
- CVE-2018-5733: reference count overflow in dhcpd (bsc#1083303).
- CVE-2018-5732: buffer overflow in dhclient (bsc#1083302).
ModerateSUSE bug 1083302SUSE bug 1083303CVE-2018-5732 at SUSECVE-2018-5732 at NVDCVE-2018-5733 at SUSECVE-2018-5733 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for dhcp (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for dhcp fixes the following issues:
- CVE-2021-25217: A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient (bsc#1186382)
ImportantSUSE bug 1186382CVE-2021-25217 at SUSECVE-2021-25217 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for dhcpcd (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
dhcpcd was updated to fix three security issues.
These security issues were fixed:
- CVE-2012-6698: A potential out of bounds write was fixed, which could lead to memory corruption, triggerable by network local attackers.
- CVE-2012-6699: A loop error was fixed that could lead out of bound reads, triggerable by network local attackers.
- CVE-2012-6700: An incorrect free could lead to crashes, triggerable by network local attackers.
ImportantSUSE bug 955762CVE-2012-6698 at SUSECVE-2012-6698 at NVDCVE-2012-6699 at SUSECVE-2012-6699 at NVDCVE-2012-6700 at SUSECVE-2012-6700 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for djvulibre (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for djvulibre fixes the following issues:
Security issues fixed:
- CVE-2021-32491 [bsc#1185900]: Integer overflow in function render() in tools/ddjvu via crafted djvu file
- CVE-2021-32492 [bsc#1185904]: Out of bounds read in function DJVU:DataPool:has_data() via crafted djvu file
- CVE-2021-32493 [bsc#1185905]: Heap buffer overflow in function DJVU:GBitmap:decode() via crafted djvu file
ImportantSUSE bug 1185900SUSE bug 1185904SUSE bug 1185905CVE-2021-32491 at SUSECVE-2021-32491 at NVDCVE-2021-32492 at SUSECVE-2021-32492 at NVDCVE-2021-32493 at SUSECVE-2021-32493 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for djvulibre (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for djvulibre fixes the following issues:
- CVE-2021-3500: Stack overflow in function DJVU:DjVuDocument:get_djvu_file() via crafted djvu file (bsc#1186253)
ImportantSUSE bug 1186253CVE-2021-3500 at SUSECVE-2021-3500 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for djvulibre (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for djvulibre fixes the following issues:
- CVE-2021-3630: out-of-bounds write in DJVU:DjVuTXT:decode() in DjVuText.cpp (bsc#1187869)
ImportantSUSE bug 1187869CVE-2021-3630 at SUSECVE-2021-3630 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for djvulibre (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for djvulibre fixes the following issues:
- Extend CVE-2021-3630 fix (bsc#1187869).
ImportantSUSE bug 1187869CVE-2021-3630 at SUSECVE-2021-3630 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for dnsmasq (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for dnsmasq fixes the following issues:
- CVE-2015-8899: Denial of service between local and remote dns entries (bsc#983273)
ImportantSUSE bug 983273CVE-2015-8899 at SUSECVE-2015-8899 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for dnsmasq (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for dnsmasq fixes the following security issues:
- CVE-2017-14491: 2 byte heap based overflow. [bsc#1060354]
- CVE-2017-14492: heap based overflow. [bsc#1060355]
- CVE-2017-14493: stack based overflow. [bsc#1060360]
- CVE-2017-14494: DHCP - info leak. [bsc#1060361]
- CVE-2017-14495: DNS - OOM DoS. [bsc#1060362]
- CVE-2017-14496: DNS - DoS Integer underflow. [bsc#1060364]
This update brings a (small) potential incompatibility in the handling of
'basename' in --pxe-service. Please read the CHANGELOG and the documentation if
you are using this option.
ImportantSUSE bug 1060354SUSE bug 1060355SUSE bug 1060360SUSE bug 1060361SUSE bug 1060362SUSE bug 1060364CVE-2015-3294 at SUSECVE-2015-3294 at NVDCVE-2015-8899 at SUSECVE-2015-8899 at NVDCVE-2017-14491 at SUSECVE-2017-14491 at NVDCVE-2017-14492 at SUSECVE-2017-14492 at NVDCVE-2017-14493 at SUSECVE-2017-14493 at NVDCVE-2017-14494 at SUSECVE-2017-14494 at NVDCVE-2017-14495 at SUSECVE-2017-14495 at NVDCVE-2017-14496 at SUSECVE-2017-14496 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for dnsmasq (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for dnsmasq fixes the following issues:
Security issue fixed:
- CVE-2017-15107: Fixed a vulnerability in DNSSEC implementation. Processing of
wildcard synthesized NSEC records may result improper validation for non-existance. (bsc#1076958)
Non-security issue fixed:
- Removed cache size limit. (bsc#1138743)
ModerateSUSE bug 1076958SUSE bug 1138743CVE-2017-15107 at SUSECVE-2017-15107 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for dnsmasq (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for dnsmasq fixes the following issues:
- CVE-2019-14834: Fixed a memory leak which could have allowed to remote attackers
to cause denial of service via DHCP response creation (bsc#1154849)
- bsc#1177077: Fixed DNSpooq vulnerabilities
- CVE-2020-25684, CVE-2020-25685, CVE-2020-25686:
Fixed multiple Cache poisoning attacks.
- CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687:
Fixed multiple potential Heap-based overflows when DNSSEC is
enabled.
- Retry query to other servers on receipt of SERVFAIL rcode
(bsc#1176076)
ImportantSUSE bug 1154849SUSE bug 1176076SUSE bug 1177077CVE-2019-14834 at SUSECVE-2019-14834 at NVDCVE-2020-25681 at SUSECVE-2020-25681 at NVDCVE-2020-25682 at SUSECVE-2020-25682 at NVDCVE-2020-25683 at SUSECVE-2020-25683 at NVDCVE-2020-25684 at SUSECVE-2020-25684 at NVDCVE-2020-25685 at SUSECVE-2020-25685 at NVDCVE-2020-25686 at SUSECVE-2020-25686 at NVDCVE-2020-25687 at SUSECVE-2020-25687 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for dnsmasq (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for dnsmasq fixes the following issues:
- CVE-2021-3448: Fixed a potential DNS cache poisoning issue due to a constant
outgoing port being used when for certain use cases of the --server option
(bsc#1183709).
- CVE-2022-0934: Fixed an invalid memory access that could lead to remote denial
of service via crafted packet (bsc#1197872).
ImportantSUSE bug 1183709SUSE bug 1197872CVE-2021-3448 at SUSECVE-2021-3448 at NVDCVE-2022-0934 at SUSECVE-2022-0934 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for dosfstools (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
dosfstools was updated to fix two security issues.
These security issues were fixed:
- CVE-2015-8872: The set_fat function in fat.c in dosfstools might have allowed attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an 'off-by-two error (bsc#980364).
- CVE-2016-4804: The read_boot function in boot.c in dosfstools allowed attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat function (bsc#980377).
ModerateSUSE bug 980364SUSE bug 980377CVE-2015-8872 at SUSECVE-2015-8872 at NVDCVE-2016-4804 at SUSECVE-2016-4804 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ecryptfs-utils (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ecryptfs-utils fixes the following issues:
- CVE-2016-1572: A local user could have escalated privileges by mounting over special filesystems (bsc#962052)
- CVE-2014-9687: A default salt value reduced complexity of offline precomputation attacks (bsc#920160)
ModerateSUSE bug 920160SUSE bug 962052CVE-2014-9687 at SUSECVE-2014-9687 at NVDCVE-2016-1572 at SUSECVE-2016-1572 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ed (Low)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ed fixes the following security issues:
- CVE-2017-5357: An invalid free in the regular expression handling
of the 'ed' command processing could allow local users to crash ed. (bsc#1019807)
LowSUSE bug 1019807CVE-2017-5357 at SUSECVE-2017-5357 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for emacs (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for emacs fixes one issues.
This security issue was fixed:
- CVE-2017-14482: Remote code execution via mails with 'Content-Type: text/enriched' (bsc#1058425)
ImportantSUSE bug 1058425CVE-2017-14482 at SUSECVE-2017-14482 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for evince (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for evince provides the following fix:
- CVE-2017-1000159: Prevent command line injections via filenames when printing to a file. (bsc#1070046)
ModerateSUSE bug 1070046CVE-2017-1000159 at SUSECVE-2017-1000159 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for evince (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for evince fixes the following issues:
Security issues fixed:
- CVE-2019-11459: Fixed an improper error handling in which could have led to use of uninitialized use of memory (bsc#1133037).
- CVE-2019-1010006: Fixed a buffer overflow in backend/tiff/tiff-document.c (bsc#1141619).
ImportantSUSE bug 1133037SUSE bug 1141619CVE-2019-1010006 at SUSECVE-2019-1010006 at NVDCVE-2019-11459 at SUSECVE-2019-11459 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for exempi (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for exempi fixes the following issues:
Security issue fixed:
- CVE-2018-7730: Fix heap-based buffer overflow in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp (bsc#1085295).
- CVE-2017-18234: Fix use-after-free issue that allows remote attackers to cause a denial of service via a .pdf file (bsc#1085585).
ModerateSUSE bug 1085295SUSE bug 1085585CVE-2017-18234 at SUSECVE-2017-18234 at NVDCVE-2018-7730 at SUSECVE-2018-7730 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for expat (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for expat fixes the following issues:
Security issue fixed:
- CVE-2016-0718: Fix Expat XML parser that mishandles certain kinds of malformed input documents. (bsc#979441)
- CVE-2015-1283: Fix multiple integer overflows. (bnc#980391)
ImportantSUSE bug 979441SUSE bug 980391CVE-2015-1283 at SUSECVE-2015-1283 at NVDCVE-2016-0718 at SUSECVE-2016-0718 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for expat (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for expat fixes the following security issues:
- CVE-2012-6702: Expat, when used in a parser that has not
called XML_SetHashSalt or passed it a seed of 0, made it easier for
context-dependent attackers to defeat cryptographic protection mechanisms
via vectors involving use of the srand function. (bsc#983215)
- CVE-2016-5300: The XML parser in Expat did not use sufficient entropy
for hash initialization, which allowed context-dependent attackers to
cause a denial of service (CPU consumption) via crafted identifiers in
an XML document. NOTE: this vulnerability exists because of an incomplete
fix for CVE-2012-0876. (bsc#983216)
ModerateSUSE bug 1022037SUSE bug 983215SUSE bug 983216CVE-2012-6702 at SUSECVE-2012-6702 at NVDCVE-2016-5300 at SUSECVE-2016-5300 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for expat (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for expat fixes the following issues:
- CVE-2016-9063: Possible integer overflow to fix inside XML_Parse leading to unexpected behaviour (bsc#1047240)
- CVE-2017-9233: External Entity Vulnerability could lead to denial of service (bsc#1047236)
ModerateSUSE bug 1047236SUSE bug 1047240CVE-2016-9063 at SUSECVE-2016-9063 at NVDCVE-2017-9233 at SUSECVE-2017-9233 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for expat (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for expat fixes the following issues:
- CVE-2021-45960: Fixed left shift in the storeAtts function in xmlparse.c that can lead to realloc misbehavior (bsc#1194251).
- CVE-2021-46143: Fixed integer overflow in m_groupSize in doProlog (bsc#1194362).
- CVE-2022-22822: Fixed integer overflow in addBinding in xmlparse.c (bsc#1194474).
- CVE-2022-22823: Fixed integer overflow in build_model in xmlparse.c (bsc#1194476).
- CVE-2022-22824: Fixed integer overflow in defineAttribute in xmlparse.c (bsc#1194477).
- CVE-2022-22825: Fixed integer overflow in lookup in xmlparse.c (bsc#1194478).
- CVE-2022-22826: Fixed integer overflow in nextScaffoldPart in xmlparse.c (bsc#1194479).
- CVE-2022-22827: Fixed integer overflow in storeAtts in xmlparse.c (bsc#1194480).
ImportantSUSE bug 1194251SUSE bug 1194362SUSE bug 1194474SUSE bug 1194476SUSE bug 1194477SUSE bug 1194478SUSE bug 1194479SUSE bug 1194480CVE-2021-45960 at SUSECVE-2021-45960 at NVDCVE-2021-46143 at SUSECVE-2021-46143 at NVDCVE-2022-22822 at SUSECVE-2022-22822 at NVDCVE-2022-22823 at SUSECVE-2022-22823 at NVDCVE-2022-22824 at SUSECVE-2022-22824 at NVDCVE-2022-22825 at SUSECVE-2022-22825 at NVDCVE-2022-22826 at SUSECVE-2022-22826 at NVDCVE-2022-22827 at SUSECVE-2022-22827 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for expat (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for expat fixes the following issues:
- CVE-2022-23852: Fixed signed integer overflow in XML_GetBuffer (bsc#1195054).
- CVE-2022-23990: Fixed integer overflow in the doProlog function (bsc#1195217).
ImportantSUSE bug 1195054SUSE bug 1195217CVE-2022-23852 at SUSECVE-2022-23852 at NVDCVE-2022-23990 at SUSECVE-2022-23990 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for expat (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for expat fixes the following issues:
- CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs (bsc#1196025).
- CVE-2022-25235: Fixed UTF-8 character validation in a certain context (bsc#1196026).
- CVE-2022-25313: Fixed stack exhaustion in build_model() via uncontrolled recursion (bsc#1196168).
- CVE-2022-25314: Fixed integer overflow in copyString (bsc#1196169).
- CVE-2022-25315: Fixed integer overflow in storeRawNames (bsc#1196171).
ImportantSUSE bug 1196025SUSE bug 1196026SUSE bug 1196168SUSE bug 1196169SUSE bug 1196171CVE-2022-25235 at SUSECVE-2022-25235 at NVDCVE-2022-25236 at SUSECVE-2022-25236 at NVDCVE-2022-25313 at SUSECVE-2022-25313 at NVDCVE-2022-25314 at SUSECVE-2022-25314 at NVDCVE-2022-25315 at SUSECVE-2022-25315 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for expat (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for expat fixes the following issues:
- Fixed a regression caused by the patch for CVE-2022-25236 (bsc#1196784).
ImportantSUSE bug 1196025SUSE bug 1196784CVE-2022-25236 at SUSECVE-2022-25236 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for fetchmail (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for fetchmail fixes the following issues:
- CVE-2012-3482: A denial of service vulnerability in the base64 decoder during processing server NTLM protocol exchange was fixed (bsc#775988).
ModerateSUSE bug 775988CVE-2012-3482 at SUSECVE-2012-3482 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox, mozilla-nspr (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
Mozilla Firefox was updated to version 38.3.0 ESR (bsc#947003),
fixing bugs and security issues.
* MFSA 2015-96/CVE-2015-4500/CVE-2015-4501
Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)
* MFSA 2015-101/CVE-2015-4506
Buffer overflow in libvpx while parsing vp9 format video
* MFSA 2015-105/CVE-2015-4511
Buffer overflow while decoding WebM video
* MFSA 2015-106/CVE-2015-4509
Use-after-free while manipulating HTML media content
* MFSA 2015-110/CVE-2015-4519
Dragging and dropping images exposes final URL after
redirects
* MFSA 2015-111/CVE-2015-4520
Errors in the handling of CORS preflight request headers
* MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522
CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177
CVE-2015-7180
Vulnerabilities found through code inspection
More details can be found on
https://www.mozilla.org/en-US/security/advisories/
The Mozilla NSPR library was updated to version 4.10.9, fixing various bugs.
ImportantSUSE bug 947003CVE-2015-4500 at SUSECVE-2015-4500 at NVDCVE-2015-4501 at SUSECVE-2015-4501 at NVDCVE-2015-4506 at SUSECVE-2015-4506 at NVDCVE-2015-4509 at SUSECVE-2015-4509 at NVDCVE-2015-4511 at SUSECVE-2015-4511 at NVDCVE-2015-4517 at SUSECVE-2015-4517 at NVDCVE-2015-4519 at SUSECVE-2015-4519 at NVDCVE-2015-4520 at SUSECVE-2015-4520 at NVDCVE-2015-4521 at SUSECVE-2015-4521 at NVDCVE-2015-4522 at SUSECVE-2015-4522 at NVDCVE-2015-7174 at SUSECVE-2015-7174 at NVDCVE-2015-7175 at SUSECVE-2015-7175 at NVDCVE-2015-7176 at SUSECVE-2015-7176 at NVDCVE-2015-7177 at SUSECVE-2015-7177 at NVDCVE-2015-7180 at SUSECVE-2015-7180 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
Mozilla Firefox was updated to version 38.3.0 ESR (bsc#947003),
fixing bugs and security issues.
* MFSA 2015-96/CVE-2015-4500/CVE-2015-4501
Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)
* MFSA 2015-101/CVE-2015-4506
Buffer overflow in libvpx while parsing vp9 format video
* MFSA 2015-105/CVE-2015-4511
Buffer overflow while decoding WebM video
* MFSA 2015-106/CVE-2015-4509
Use-after-free while manipulating HTML media content
* MFSA 2015-110/CVE-2015-4519
Dragging and dropping images exposes final URL after
redirects
* MFSA 2015-111/CVE-2015-4520
Errors in the handling of CORS preflight request headers
* MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522
CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177
CVE-2015-7180
Vulnerabilities found through code inspection
More details can be found on
https://www.mozilla.org/en-US/security/advisories/
ImportantSUSE bug 947003CVE-2015-4500 at SUSECVE-2015-4500 at NVDCVE-2015-4501 at SUSECVE-2015-4501 at NVDCVE-2015-4506 at SUSECVE-2015-4506 at NVDCVE-2015-4509 at SUSECVE-2015-4509 at NVDCVE-2015-4511 at SUSECVE-2015-4511 at NVDCVE-2015-4517 at SUSECVE-2015-4517 at NVDCVE-2015-4519 at SUSECVE-2015-4519 at NVDCVE-2015-4520 at SUSECVE-2015-4520 at NVDCVE-2015-4521 at SUSECVE-2015-4521 at NVDCVE-2015-4522 at SUSECVE-2015-4522 at NVDCVE-2015-7174 at SUSECVE-2015-7174 at NVDCVE-2015-7175 at SUSECVE-2015-7175 at NVDCVE-2015-7176 at SUSECVE-2015-7176 at NVDCVE-2015-7177 at SUSECVE-2015-7177 at NVDCVE-2015-7180 at SUSECVE-2015-7180 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This Mozilla Firefox, NSS and NSPR update fixes the following security
and non security issues.
- mozilla-nspr was updated to version 4.10.10 (bsc#952810)
* MFSA 2015-133/CVE-2015-7183
(bmo#1205157)
NSPR memory corruption issues
- mozilla-nss was updated to 3.19.2.1 (bsc#952810)
* MFSA 2015-133/CVE-2015-7181/CVE-2015-7182
(bmo#1192028, bmo#1202868)
NSS and NSPR memory corruption issues
- MozillaFirefox was updated to 38.4.0 ESR (bsc#952810)
* MFSA 2015-116/CVE-2015-4513
(bmo#1107011, bmo#1191942, bmo#1193038, bmo#1204580,
bmo#1204669, bmo#1204700, bmo#1205707, bmo#1206564,
bmo#1208665, bmo#1209471, bmo#1213979)
Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)
* MFSA 2015-122/CVE-2015-7188
(bmo#1199430)
Trailing whitespace in IP address hostnames can bypass
same-origin policy
* MFSA 2015-123/CVE-2015-7189
(bmo#1205900)
Buffer overflow during image interactions in canvas
* MFSA 2015-127/CVE-2015-7193
(bmo#1210302)
CORS preflight is bypassed when non-standard Content-Type
headers are received
* MFSA 2015-128/CVE-2015-7194
(bmo#1211262)
Memory corruption in libjar through zip files
* MFSA 2015-130/CVE-2015-7196
(bmo#1140616)
JavaScript garbage collection crash with Java applet
* MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
(bmo#1204061, bmo#1188010, bmo#1204155)
Vulnerabilities found through code inspection
* MFSA 2015-132/CVE-2015-7197
(bmo#1204269)
Mixed content WebSocket policy bypass through workers
* MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183
(bmo#1202868, bmo#1192028, bmo#1205157)
NSS and NSPR memory corruption issues
- fix printing on landscape media (bsc#908275)
ImportantSUSE bug 908275SUSE bug 952810CVE-2015-4513 at SUSECVE-2015-4513 at NVDCVE-2015-7181 at SUSECVE-2015-7181 at NVDCVE-2015-7182 at SUSECVE-2015-7182 at NVDCVE-2015-7183 at SUSECVE-2015-7183 at NVDCVE-2015-7188 at SUSECVE-2015-7188 at NVDCVE-2015-7189 at SUSECVE-2015-7189 at NVDCVE-2015-7193 at SUSECVE-2015-7193 at NVDCVE-2015-7194 at SUSECVE-2015-7194 at NVDCVE-2015-7196 at SUSECVE-2015-7196 at NVDCVE-2015-7197 at SUSECVE-2015-7197 at NVDCVE-2015-7198 at SUSECVE-2015-7198 at NVDCVE-2015-7199 at SUSECVE-2015-7199 at NVDCVE-2015-7200 at SUSECVE-2015-7200 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for MozillaFirefox and mozilla-nss fixes the following issues:
Mozilla Firefox was updated to ESR 52.4 (bsc#1060445)
* MFSA 2017-22/CVE-2017-7825: OS X fonts render some Tibetan and Arabic unicode characters as spaces
* MFSA 2017-22/CVE-2017-7805: Use-after-free in TLS 1.2 generating handshake hashes
* MFSA 2017-22/CVE-2017-7819: Use-after-free while resizing images in design mode
* MFSA 2017-22/CVE-2017-7818: Use-after-free during ARIA array manipulation
* MFSA 2017-22/CVE-2017-7793: Use-after-free with Fetch API
* MFSA 2017-22/CVE-2017-7824: Buffer overflow when drawing and validating elements with ANGLE
* MFSA 2017-22/CVE-2017-7810: Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4
* MFSA 2017-22/CVE-2017-7823: CSP sandbox directive did not create a unique origin
* MFSA 2017-22/CVE-2017-7814: Blob and data URLs bypass phishing and malware protection warnings
Mozilla Network Security Services (Mozilla NSS) received a security fix:
* MFSA 2017-22/CVE-2017-7805: Use-after-free in TLS 1.2 generating handshake hashes (bsc#1061005, bsc#1060445)
ImportantSUSE bug 1060445SUSE bug 1061005CVE-2017-7793 at SUSECVE-2017-7793 at NVDCVE-2017-7805 at SUSECVE-2017-7805 at NVDCVE-2017-7810 at SUSECVE-2017-7810 at NVDCVE-2017-7814 at SUSECVE-2017-7814 at NVDCVE-2017-7818 at SUSECVE-2017-7818 at NVDCVE-2017-7819 at SUSECVE-2017-7819 at NVDCVE-2017-7823 at SUSECVE-2017-7823 at NVDCVE-2017-7824 at SUSECVE-2017-7824 at NVDCVE-2017-7825 at SUSECVE-2017-7825 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox, firefox-glib2, firefox-gtk3 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for MozillaFirefox, firefox-glib2, firefox-gtk3 fixes the following issues:
Mozilla Firefox was updated to the 60.9.0esr release:
Security Advisory MFSA 2019-27:
* Use-after-free while manipulating video
CVE-2019-11746 (bmo#1564449, bsc#1149297)
* XSS by breaking out of title and textarea elements using innerHTML
CVE-2019-11744 (bmo#1562033, bsc#1149297)
* Same-origin policy violation with SVG filters and canvas to steal
cross-origin images
CVE-2019-11742 (bmo#1559715, bsc#1149303)
* Privilege escalation with Mozilla Maintenance Service in custom
Firefox installation location
CVE-2019-11753 (bmo#1574980, bsc#1149295)
* Use-after-free while extracting a key value in IndexedDB
CVE-2019-11752 (bmo#1501152, bsc#1149296)
* Sandbox escape through Firefox Sync
CVE-2019-9812 (bmo#1538008, bmo#1538015, bsc#1149294)
* Cross-origin access to unload event attributes
CVE-2019-11743 (bmo#1560495, bsc#1149298)
Navigation-Timing Level 2 specification
* Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9
CVE-2019-11740 (bmo#1563133, bmo#1573160, bsc#1149299)
- Rebuild glib2 schemas on SLE-11 (bsc#1145550)
Changes in firefox-glib2:
- Fix the rpm macros %glib2_gsettings_schema_* which were replaced with
%nil in Factory because they're no longer needed, but we still need
them in SLE11 (bsc#1145550)
Changes in firefox-gtk3:
- Rebuild so %glib2_gsettings_schema_post gets called with fixed
rpm macros %glib2_gsettings_schema_* in firefox-glib2 package
which were replaced with %nil in Factory because they're no
longer needed, but we still need them in SLE11 (bsc#1145550)
ImportantSUSE bug 1145550SUSE bug 1149294SUSE bug 1149295SUSE bug 1149296SUSE bug 1149297SUSE bug 1149298SUSE bug 1149299SUSE bug 1149303CVE-2019-11740 at SUSECVE-2019-11740 at NVDCVE-2019-11742 at SUSECVE-2019-11742 at NVDCVE-2019-11743 at SUSECVE-2019-11743 at NVDCVE-2019-11744 at SUSECVE-2019-11744 at NVDCVE-2019-11746 at SUSECVE-2019-11746 at NVDCVE-2019-11752 at SUSECVE-2019-11752 at NVDCVE-2019-11753 at SUSECVE-2019-11753 at NVDCVE-2019-9812 at SUSECVE-2019-9812 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for Mozilla Firefox (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update contains the Mozilla Firefox ESR 68.2 release.
Mozilla Firefox was updated to ESR 68.2 release:
* Enterprise: New administrative policies were added. More
information and templates are available at the Policy
Templates page.
* Various security fixes:
MFSA 2019-33 (bsc#1154738)
* CVE-2019-15903: Heap overflow in expat library in XML_GetCurrentLineNumber
* CVE-2019-11757: Use-after-free when creating index updates in IndexedDB
* CVE-2019-11758: Potentially exploitable crash due to 360 Total Security
* CVE-2019-11759: Stack buffer overflow in HKDF output
* CVE-2019-11760: Stack buffer overflow in WebRTC networking
* CVE-2019-11761: Unintended access to a privileged JSONView object
* CVE-2019-11762: document.domain-based origin isolation has same-origin- property violation
* CVE-2019-11763: Incorrect HTML parsing results in XSS bypass technique
* CVE-2019-11764: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2
Other Issues resolved:
* [bsc#1104841] Newer versions of firefox have a dependency on
GLIBCXX_3.4.20
* [bsc#1074235] MozillaFirefox: background tab crash reports sent
inadvertently without user opt-in
* [bsc#1043008] Firefox hangs randomly when browsing and
scrolling
* [bsc#1025108] Firefox stops loading page until mouse is moved
* [bsc#905528] Firefox malfunctions due to broken omni.ja
archives
ImportantSUSE bug 1000036SUSE bug 1001652SUSE bug 1025108SUSE bug 1029377SUSE bug 1029902SUSE bug 1040164SUSE bug 104105SUSE bug 1042670SUSE bug 1043008SUSE bug 1044946SUSE bug 1047925SUSE bug 1047936SUSE bug 1048299SUSE bug 1049186SUSE bug 1050653SUSE bug 1056058SUSE bug 1058013SUSE bug 1066242SUSE bug 1066953SUSE bug 1070738SUSE bug 1070853SUSE bug 1072320SUSE bug 1072322SUSE bug 1073796SUSE bug 1073798SUSE bug 1073799SUSE bug 1073803SUSE bug 1073808SUSE bug 1073818SUSE bug 1073823SUSE bug 1073829SUSE bug 1073830SUSE bug 1073832SUSE bug 1073846SUSE bug 1074235SUSE bug 1077230SUSE bug 1079761SUSE bug 1081750SUSE bug 1082318SUSE bug 1087453SUSE bug 1087459SUSE bug 1087463SUSE bug 1088573SUSE bug 1091764SUSE bug 1094814SUSE bug 1097158SUSE bug 1097375SUSE bug 1097401SUSE bug 1097404SUSE bug 1097748SUSE bug 1104841SUSE bug 1105019SUSE bug 1107030SUSE bug 1109465SUSE bug 1117473SUSE bug 1117626SUSE bug 1117627SUSE bug 1117629SUSE bug 1117630SUSE bug 1120644SUSE bug 1122191SUSE bug 1123482SUSE bug 1124525SUSE bug 1127532SUSE bug 1129346SUSE bug 1130694SUSE bug 1130840SUSE bug 1133452SUSE bug 1133810SUSE bug 1134209SUSE bug 1138459SUSE bug 1140290SUSE bug 1140868SUSE bug 1141853SUSE bug 1144919SUSE bug 1145665SUSE bug 1146090SUSE bug 1146091SUSE bug 1146093SUSE bug 1146094SUSE bug 1146095SUSE bug 1146097SUSE bug 1146099SUSE bug 1146100SUSE bug 1149323SUSE bug 1153423SUSE bug 1154738SUSE bug 1447070SUSE bug 1447409SUSE bug 744625SUSE bug 744629SUSE bug 845955SUSE bug 865853SUSE bug 905528SUSE bug 917607SUSE bug 935856SUSE bug 937414SUSE bug 947747SUSE bug 948045SUSE bug 948602SUSE bug 955142SUSE bug 957814SUSE bug 957815SUSE bug 961254SUSE bug 962297SUSE bug 966076SUSE bug 966077SUSE bug 985201SUSE bug 986541SUSE bug 991344SUSE bug 998743CVE-2013-2882 at SUSECVE-2013-2882 at NVDCVE-2013-6639 at SUSECVE-2013-6639 at NVDCVE-2013-6640 at SUSECVE-2013-6640 at NVDCVE-2013-6668 at SUSECVE-2013-6668 at NVDCVE-2014-0224 at SUSECVE-2014-0224 at NVDCVE-2015-3193 at SUSECVE-2015-3193 at NVDCVE-2015-3194 at SUSECVE-2015-3194 at NVDCVE-2015-5380 at SUSECVE-2015-5380 at NVDCVE-2015-7384 at SUSECVE-2015-7384 at NVDCVE-2016-2086 at SUSECVE-2016-2086 at NVDCVE-2016-2178 at SUSECVE-2016-2178 at NVDCVE-2016-2183 at SUSECVE-2016-2183 at NVDCVE-2016-2216 at SUSECVE-2016-2216 at NVDCVE-2016-5172 at SUSECVE-2016-5172 at NVDCVE-2016-5325 at SUSECVE-2016-5325 at NVDCVE-2016-6304 at SUSECVE-2016-6304 at NVDCVE-2016-6306 at SUSECVE-2016-6306 at NVDCVE-2016-7052 at SUSECVE-2016-7052 at NVDCVE-2016-7099 at SUSECVE-2016-7099 at NVDCVE-2017-1000381 at SUSECVE-2017-1000381 at NVDCVE-2017-10686 at SUSECVE-2017-10686 at NVDCVE-2017-11111 at SUSECVE-2017-11111 at NVDCVE-2017-11499 at SUSECVE-2017-11499 at NVDCVE-2017-14228 at SUSECVE-2017-14228 at NVDCVE-2017-14849 at SUSECVE-2017-14849 at NVDCVE-2017-14919 at SUSECVE-2017-14919 at NVDCVE-2017-15896 at SUSECVE-2017-15896 at NVDCVE-2017-15897 at SUSECVE-2017-15897 at NVDCVE-2017-17810 at SUSECVE-2017-17810 at NVDCVE-2017-17811 at SUSECVE-2017-17811 at NVDCVE-2017-17812 at SUSECVE-2017-17812 at NVDCVE-2017-17813 at SUSECVE-2017-17813 at NVDCVE-2017-17814 at SUSECVE-2017-17814 at NVDCVE-2017-17815 at SUSECVE-2017-17815 at NVDCVE-2017-17816 at SUSECVE-2017-17816 at NVDCVE-2017-17817 at SUSECVE-2017-17817 at NVDCVE-2017-17818 at SUSECVE-2017-17818 at NVDCVE-2017-17819 at SUSECVE-2017-17819 at NVDCVE-2017-17820 at SUSECVE-2017-17820 at NVDCVE-2017-18207 at SUSECVE-2017-18207 at NVDCVE-2017-3735 at SUSECVE-2017-3735 at NVDCVE-2017-3736 at SUSECVE-2017-3736 at NVDCVE-2017-3738 at SUSECVE-2017-3738 at NVDCVE-2018-0732 at SUSECVE-2018-0732 at NVDCVE-2018-1000168 at SUSECVE-2018-1000168 at NVDCVE-2018-12115 at SUSECVE-2018-12115 at NVDCVE-2018-12116 at SUSECVE-2018-12116 at NVDCVE-2018-12121 at SUSECVE-2018-12121 at NVDCVE-2018-12122 at SUSECVE-2018-12122 at NVDCVE-2018-12123 at SUSECVE-2018-12123 at NVDCVE-2018-20406 at SUSECVE-2018-20406 at NVDCVE-2018-20852 at SUSECVE-2018-20852 at NVDCVE-2018-7158 at SUSECVE-2018-7158 at NVDCVE-2018-7159 at SUSECVE-2018-7159 at NVDCVE-2018-7160 at SUSECVE-2018-7160 at NVDCVE-2018-7161 at SUSECVE-2018-7161 at NVDCVE-2018-7167 at SUSECVE-2018-7167 at NVDCVE-2019-10160 at SUSECVE-2019-10160 at NVDCVE-2019-11709 at SUSECVE-2019-11709 at NVDCVE-2019-11710 at SUSECVE-2019-11710 at NVDCVE-2019-11711 at SUSECVE-2019-11711 at NVDCVE-2019-11712 at SUSECVE-2019-11712 at NVDCVE-2019-11713 at SUSECVE-2019-11713 at NVDCVE-2019-11714 at SUSECVE-2019-11714 at NVDCVE-2019-11715 at SUSECVE-2019-11715 at NVDCVE-2019-11716 at SUSECVE-2019-11716 at NVDCVE-2019-11717 at SUSECVE-2019-11717 at NVDCVE-2019-11718 at SUSECVE-2019-11718 at NVDCVE-2019-11719 at SUSECVE-2019-11719 at NVDCVE-2019-11720 at SUSECVE-2019-11720 at NVDCVE-2019-11721 at SUSECVE-2019-11721 at NVDCVE-2019-11723 at SUSECVE-2019-11723 at NVDCVE-2019-11724 at SUSECVE-2019-11724 at NVDCVE-2019-11725 at SUSECVE-2019-11725 at NVDCVE-2019-11727 at SUSECVE-2019-11727 at NVDCVE-2019-11728 at SUSECVE-2019-11728 at NVDCVE-2019-11729 at SUSECVE-2019-11729 at NVDCVE-2019-11730 at SUSECVE-2019-11730 at NVDCVE-2019-11733 at SUSECVE-2019-11733 at NVDCVE-2019-11735 at SUSECVE-2019-11735 at NVDCVE-2019-11736 at SUSECVE-2019-11736 at NVDCVE-2019-11738 at SUSECVE-2019-11738 at NVDCVE-2019-11740 at SUSECVE-2019-11740 at NVDCVE-2019-11742 at SUSECVE-2019-11742 at NVDCVE-2019-11743 at SUSECVE-2019-11743 at NVDCVE-2019-11744 at SUSECVE-2019-11744 at NVDCVE-2019-11746 at SUSECVE-2019-11746 at NVDCVE-2019-11747 at SUSECVE-2019-11747 at NVDCVE-2019-11748 at SUSECVE-2019-11748 at NVDCVE-2019-11749 at SUSECVE-2019-11749 at NVDCVE-2019-11750 at SUSECVE-2019-11750 at NVDCVE-2019-11751 at SUSECVE-2019-11751 at NVDCVE-2019-11752 at SUSECVE-2019-11752 at NVDCVE-2019-11753 at SUSECVE-2019-11753 at NVDCVE-2019-11757 at SUSECVE-2019-11757 at NVDCVE-2019-11758 at SUSECVE-2019-11758 at NVDCVE-2019-11759 at SUSECVE-2019-11759 at NVDCVE-2019-11760 at SUSECVE-2019-11760 at NVDCVE-2019-11761 at SUSECVE-2019-11761 at NVDCVE-2019-11762 at SUSECVE-2019-11762 at NVDCVE-2019-11763 at SUSECVE-2019-11763 at NVDCVE-2019-11764 at SUSECVE-2019-11764 at NVDCVE-2019-13173 at SUSECVE-2019-13173 at NVDCVE-2019-15903 at SUSECVE-2019-15903 at NVDCVE-2019-5010 at SUSECVE-2019-5010 at NVDCVE-2019-5737 at SUSECVE-2019-5737 at NVDCVE-2019-9511 at SUSECVE-2019-9511 at NVDCVE-2019-9512 at SUSECVE-2019-9512 at NVDCVE-2019-9513 at SUSECVE-2019-9513 at NVDCVE-2019-9514 at SUSECVE-2019-9514 at NVDCVE-2019-9515 at SUSECVE-2019-9515 at NVDCVE-2019-9516 at SUSECVE-2019-9516 at NVDCVE-2019-9517 at SUSECVE-2019-9517 at NVDCVE-2019-9518 at SUSECVE-2019-9518 at NVDCVE-2019-9636 at SUSECVE-2019-9636 at NVDCVE-2019-9811 at SUSECVE-2019-9811 at NVDCVE-2019-9812 at SUSECVE-2019-9812 at NVDCVE-2019-9947 at SUSECVE-2019-9947 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox, mozilla-nss, mozilla-nspr (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update contains Mozilla Firefox 60.7ESR.
It brings lots of security fixes and other improvements.
It also includes new additional helper libraries to allow Firefox to run on SUSE Linux Enterprise 11.
ModerateSUSE bug 1137338cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
Mozilla Firefox is being updated to the current Firefox 38ESR branch (specifically the 38.2.0ESR release).
Security issues fixed:
- MFSA 2015-78 / CVE-2015-4495: Same origin violation and local file stealing via PDF reader
- MFSA 2015-79 / CVE-2015-4473/CVE-2015-4474: Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)
- MFSA 2015-80 / CVE-2015-4475: Out-of-bounds read with malformed MP3 file
- MFSA 2015-82 / CVE-2015-4478: Redefinition of non-configurable JavaScript object properties
- MFSA 2015-83 / CVE-2015-4479: Overflow issues in libstagefright
- MFSA 2015-87 / CVE-2015-4484: Crash when using shared memory in JavaScript
- MFSA 2015-88 / CVE-2015-4491: Heap overflow in gdk-pixbuf when scaling bitmap images
- MFSA 2015-89 / CVE-2015-4485/CVE-2015-4486: Buffer overflows on Libvpx when decoding WebM video
- MFSA 2015-90 / CVE-2015-4487/CVE-2015-4488/CVE-2015-4489: Vulnerabilities found through code inspection
- MFSA 2015-92 / CVE-2015-4492: Use-after-free in XMLHttpRequest with shared workers
This update also contains a lot of feature improvements and bug fixes from 31ESR to 38ESR.
Also the Mozilla NSS library switched its CKBI API from 1.98 to 2.4, which is what Firefox 38ESR uses.
ImportantSUSE bug 940806CVE-2015-4473 at SUSECVE-2015-4473 at NVDCVE-2015-4474 at SUSECVE-2015-4474 at NVDCVE-2015-4475 at SUSECVE-2015-4475 at NVDCVE-2015-4478 at SUSECVE-2015-4478 at NVDCVE-2015-4479 at SUSECVE-2015-4479 at NVDCVE-2015-4484 at SUSECVE-2015-4484 at NVDCVE-2015-4485 at SUSECVE-2015-4485 at NVDCVE-2015-4486 at SUSECVE-2015-4486 at NVDCVE-2015-4487 at SUSECVE-2015-4487 at NVDCVE-2015-4488 at SUSECVE-2015-4488 at NVDCVE-2015-4489 at SUSECVE-2015-4489 at NVDCVE-2015-4491 at SUSECVE-2015-4491 at NVDCVE-2015-4492 at SUSECVE-2015-4492 at NVDCVE-2015-4495 at SUSECVE-2015-4495 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for fontconfig (Low)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for fontconfig fixes the following issues:
- security update:
* CVE-2016-5384: Possible double free due to insufficiently validated cache files [bsc#992534]
LowSUSE bug 992534CVE-2016-5384 at SUSECVE-2016-5384 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for foomatic-filters (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update fixes the following security issues:
CVE-2015-8327: adds backtick and semicolon to the list of illegal shell escape characters (bsc#957531).
CVE-2015-8560: fixed code execution via improper escaping of ; (bsc#957531).
ModerateSUSE bug 957531CVE-2015-8327 at SUSECVE-2015-8327 at NVDCVE-2015-8560 at SUSECVE-2015-8560 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for freeradius-server (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for freeradius-server fixes the following issues:
- CVE-2017-9148: Disable OpenSSL's internal session cache to mitigate
authentication bypass. (bnc#1041445)
- CVE-2015-4680: Add a configuration option to allow checking of all
intermediate certificates for revocations. (bnc#935573)
The following non security issue was fixed:
- Cannot create table radpostauth because of deprecated TIMESTAMP(14) syntax. (bsc#912873)
ModerateSUSE bug 1041445SUSE bug 912873SUSE bug 935573CVE-2015-4680 at SUSECVE-2015-4680 at NVDCVE-2017-9148 at SUSECVE-2017-9148 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for freeradius-server (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for freeradius-server fixes the following issues:
Security issues fixed:
- CVE-2017-10981: DHCP - Fix memory leak in fr_dhcp_decode(). (bnc#1049086)
- CVE-2017-10982: Fix buffer over-read in fr_dhcp_decode_options(). (bsc#1049086)
- CVE-2017-10983: Fix read overflow when decoding option 63. (bnc#1049086)
- CVE-2017-10978: Fix read / write overflow in make_secret(). (bnc#1049086)
- CVE-2017-10979: Fix write overflow in rad_coalesce(). (bsc#1049086)
ModerateSUSE bug 1049086CVE-2017-10978 at SUSECVE-2017-10978 at NVDCVE-2017-10979 at SUSECVE-2017-10979 at NVDCVE-2017-10981 at SUSECVE-2017-10981 at NVDCVE-2017-10982 at SUSECVE-2017-10982 at NVDCVE-2017-10983 at SUSECVE-2017-10983 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for freetype2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update of the freetype2 library fixes two security issues:
- An infinite loop in parse_encoding in t1load.c (CVE-2014-9745, bsc#945849)
- Use of uninitialized memory in ps_parser_load_field, t42_parse_font_matrix and t1_parse_font_matrix (CVE-2014-9747, bsc#947966)
ModerateSUSE bug 945849SUSE bug 947966CVE-2014-9745 at SUSECVE-2014-9745 at NVDCVE-2014-9747 at SUSECVE-2014-9747 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for freetype2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for freetype2 fixes the following issues:
Security issue fixed:
- CVE-2016-10244: The parse_charstrings function in type1/t1load.c did not
ensure that a font contains a glyph name, which allowed remote attackers
to cause a denial of service (heap-based buffer over-read) or possibly
have unspecified other impact via a crafted file (bsc#1028103).
- CVE-2017-8105: Fixed an out-of-bounds write caused by a heap-based
buffer overflow related to the t1_decoder_parse_charstrings function in
psaux/t1decode.ca (bsc#1035807)
- CVE-2017-8287: an out-of-bounds write caused by a heap-based buffer
overflow related to the t1_builder_close_contour function in psaux/psobjs.c
(bsc#1036457)
ModerateSUSE bug 1028103SUSE bug 1035807SUSE bug 1036457CVE-2016-10244 at SUSECVE-2016-10244 at NVDCVE-2017-8105 at SUSECVE-2017-8105 at NVDCVE-2017-8287 at SUSECVE-2017-8287 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for freetype2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for freetype2 fixes the following issues:
Security issue fixed:
- CVE-2016-10328: Fixed heap-based buffer overflow in cff_parser_run function in cff/cffparse.c (bsc#1034191).
ModerateSUSE bug 1034191CVE-2016-10328 at SUSECVE-2016-10328 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for fuse (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for fuse fixes the following issues:
Security issue fixed:
- CVE-2018-10906: Fix a bypass of the user_allow_other restriction (bsc#1101797)
ModerateSUSE bug 1101797CVE-2018-10906 at SUSECVE-2018-10906 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gcc43 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for gcc43 fixes the following issues:
Security issue fixed:
- CVE-2017-1000376: Don't request excutable stack from libffi. [bnc#1045091]
New features:
- Add support for retpolines to mitigate the Spectre Variant 2 attack. [bnc#1074621]
- Add support for zero-sized VLAs and allocas with -fstack-clash-protection. [bnc#1059075]
- Add support for -fstack-clash-protection to mitigate the Stack Clash attack. [bnc#1039513]
Non security bugs fixed:
- Fixed build of 32bit libgcov.a with LFS support. [bsc#1044016]
- Fixed issue with libstdc++ functional when an exception is thrown during construction. [bsc#999596]
- Fixed issue with using gcov and #pragma pack. [bsc#977654]
- Fixed ICE compiling AFS modules for the s390x kernel. [bsc#938159]
- Backport large file support from GCC 4.6.
ModerateSUSE bug 1039513SUSE bug 1044016SUSE bug 1045091SUSE bug 1059075SUSE bug 1074621SUSE bug 938159SUSE bug 977654SUSE bug 999596CVE-2017-1000376 at SUSECVE-2017-1000376 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gcc43 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for gcc43 fixes the following issues:
This update adds support for 'expolines' on s390x, allowing fixing CVE-2017-5715 in a more lightweight fashion. (bsc#1086069)
The option flags are the same as for the x86 retpolines.
A compiler crash when building userland packages with x86 retpolines was fixed. (bsc#1092807)
ModerateSUSE bug 1086069SUSE bug 1092807CVE-2017-5715 at SUSECVE-2017-5715 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gcc5 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The GNU Compiler Collection was updated to version 5.3.1, which brings several fixes
and enhancements.
The following security issue has been fixed:
- Fix C++11 std::random_device short read issue that could lead to predictable
randomness. (CVE-2015-5276, bsc#945842)
The following non-security issues have been fixed:
- Enable frame pointer for TARGET_64BIT_MS_ABI when stack is misaligned. Fixes internal
compiler error when building Wine. (bsc#966220)
- Fix a PowerPC specific issue in gcc-go that broke compilation of newer versions of
Docker. (bsc#964468)
- Fix HTM built-ins on PowerPC. (bsc#955382)
- Fix libgo certificate lookup. (bsc#953831)
- Suppress deprecated-declarations warnings for inline definitions of deprecated virtual
methods. (bsc#939460)
- Revert accidental libffi ABI breakage on aarch64. (bsc#968771)
- On x86_64, set default 32bit code generation to -march=x86-64 rather than -march=i586.
- Add experimental File System TS library.
ModerateSUSE bug 939460SUSE bug 945842SUSE bug 953831SUSE bug 955382SUSE bug 962765SUSE bug 964468SUSE bug 966220SUSE bug 968771CVE-2015-5276 at SUSECVE-2015-5276 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Optional update for gcc5, binutils and gdb (Low)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The core toolchain components were updated to newer version to bring
various features, improved performance and usability, and also bugfixes.
This GNU Compiler Collection feature update is provided for the
Intel/AMD x86_64, IBM zSeries and IBM PowerPC 64bit architectures.
The GNU Compiler Collection 5.2 is provided new with this update.
Changes to previously released GCC 4.8 series are documented on:
https://gcc.gnu.org/gcc-4.9/changes.html
and
https://gcc.gnu.org/gcc-5/changes.html
Major features:
* AddressSanitzer, UndefinedBehaviour and PointerBoundsChecker checking
frameworks were added.
* Lots of Register Allocation, Link Time, Interprocedural and Feedback Directed
optimization improvements were done.
* Architecture support for IBM zSeries z13.
* The new libstdc++ CXX11 ABI is available, (The old ABI is still used by default.)
The binutils suite was updated to version 2.25.0, bringing new platform
support, features and and bugfixes, including:
* IBM zSeries z13 hardware support (fate#318036, bnc#936050).
* various IBM Power8 improvements (fate#318238, bnc#926412).
* AVX512 support on the Intel EM64T platform (fate#318520).
* CVE-2012-3509: Fixed a integer overflow in libiberty.
The GNU Debugger gdb was updated to version 7.9.1, bringing new platform
support, features and bugfixes. The gdb update also includes IBM zSeries z13
support.
LowSUSE bug 776968SUSE bug 877566SUSE bug 891040SUSE bug 896586SUSE bug 936050SUSE bug 943792SUSE bug 945634CVE-2012-3509 at SUSECVE-2012-3509 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gd (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for gd fixes the following issues:
- security update:
* CVE-2016-6161: global out of bounds read when encoding gif from malformed input withgd2togif [bsc#988032]
ModerateSUSE bug 988032CVE-2016-6161 at SUSECVE-2016-6161 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gd (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for gd fixes the following issues:
- CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf (bsc#1004924)
- CVE-2016-6911: Check for out-of-bound read in dynamicGetbuf() (bsc#1005274)
ModerateSUSE bug 1004924SUSE bug 1005274CVE-2016-6911 at SUSECVE-2016-6911 at NVDCVE-2016-8670 at SUSECVE-2016-8670 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gd (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for gd fixes the following issues:
* CVE-2016-9933 possible stackoverflow on malicious truecolor images [bsc#1015187]
ModerateSUSE bug 1015187CVE-2016-9933 at SUSECVE-2016-9933 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gd (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for gd fixes the following security issues:
- CVE-2016-9317: The gdImageCreate function in the GD Graphics Library
(aka libgd) allowed remote attackers to cause a denial of service
(system hang) via an oversized image. (bsc#1022283)
- CVE-2016-10167: A denial of service problem in gdImageCreateFromGd2Ctx()
could lead to libgd running out of memory even on small files. (bsc#1022264)
- CVE-2016-10168: A signed integer overflow in the GD Graphics Library (aka libgd) could lead
to memory corruption (bsc#1022265)
ModerateSUSE bug 1022264SUSE bug 1022265SUSE bug 1022283CVE-2016-10167 at SUSECVE-2016-10167 at NVDCVE-2016-10168 at SUSECVE-2016-10168 at NVDCVE-2016-9317 at SUSECVE-2016-9317 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gd (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for gd fixes several issues.
This security issue was fixed:
- CVE-2018-5711: Prevent integer signedness error that could have lead to an
infinite loop via a crafted GIF file allowing for DoS (bsc#1076391)
This non-security issue was fixed:
- Fixed gd2togif error message (bsc#1025223)
ModerateSUSE bug 1025223SUSE bug 1076391CVE-2018-5711 at SUSECVE-2018-5711 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ghostscript-library (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ghostscript fixes the following issues:
- CVE-2016-8602: Insufficient parameter check in .sethalftone5 (bsc#1004237)
ModerateSUSE bug 1004237CVE-2016-8602 at SUSECVE-2016-8602 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ghostscript-library (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ghostscript-library fixes the following issues:
- Multiple security vulnerabilities have been discovered where ghostscript's
'-dsafer' flag did not provide sufficient protection against unintended
access to the file system. Thus, a machine that would process a specially
crafted Postscript file would potentially leak sensitive information to an
attacker. (CVE-2013-5653, CVE-2016-7977, bsc#1001951)
- Insufficient validation of the type of input in .initialize_dsc_parser used
to allow remote code execution. (CVE-2016-7979, bsc#1001951)
- An integer overflow in the gs_heap_alloc_bytes function used to allow remote
attackers to cause a denial of service (crash) via specially crafted
Postscript files. (CVE-2015-3228, boo#939342)
ImportantSUSE bug 1001951SUSE bug 939342CVE-2013-5653 at SUSECVE-2013-5653 at NVDCVE-2015-3228 at SUSECVE-2015-3228 at NVDCVE-2016-7977 at SUSECVE-2016-7977 at NVDCVE-2016-7979 at SUSECVE-2016-7979 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ghostscript-library (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ghostscript fixes the following security vulnerability:
CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were
exploited in the wild. (bsc#1036453)
ImportantSUSE bug 1036453CVE-2017-8291 at SUSECVE-2017-8291 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ghostscript-library (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ghostscript fixes the following security vulnerability:
CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were
exploited in the wild. (bsc#1036453)
This update is a reissue including the SUSE Linux Enterprise 11 SP3 product.
ImportantSUSE bug 1036453CVE-2017-8291 at SUSECVE-2017-8291 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ghostscript-library (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ghostscript-library fixes several issues.
These security issues were fixed:
- CVE-2017-7207: The mem_get_bits_rectangle function allowed remote attackers
to cause a denial of service (NULL pointer dereference) via a crafted
PostScript document (bsc#1030263).
- CVE-2016-9601: Prevent heap-buffer overflow by checking for an integer
overflow in jbig2_image_new function (bsc#1018128).
- CVE-2017-9612: The Ins_IP function in base/ttinterp.c allowed remote
attackers to cause a denial of service (use-after-free and application crash)
or possibly have unspecified other impact via a crafted document (bsc#1050891)
- CVE-2017-9726: The Ins_MDRP function in base/ttinterp.c allowed remote
attackers to cause a denial of service (heap-based buffer over-read and
application crash) or possibly have unspecified other impact via a crafted
document (bsc#1050889)
- CVE-2017-9727: The gx_ttfReader__Read function in base/gxttfb.c allowed
remote attackers to cause a denial of service (heap-based buffer over-read and
application crash) or possibly have unspecified other impact via a crafted
document (bsc#1050888)
- CVE-2017-9739: The Ins_JMPR function in base/ttinterp.c allowed remote
attackers to cause a denial of service (heap-based buffer over-read and
application crash) or possibly have unspecified other impact via a crafted
document (bsc#1050887)
- CVE-2017-11714: psi/ztoken.c mishandled references to the scanner state
structure, which allowed remote attackers to cause a denial of service
(application crash) or possibly have unspecified other impact via a crafted
PostScript document, related to an out-of-bounds read in the
igc_reloc_struct_ptr function in psi/igc.c (bsc#1051184)
- CVE-2017-9835: The gs_alloc_ref_array function allowed remote attackers to
cause a denial of service (heap-based buffer overflow and application crash) or
possibly have unspecified other impact via a crafted PostScript document
(bsc#1050879)
- CVE-2016-10219: The intersect function in base/gxfill.c allowed remote
attackers to cause a denial of service (divide-by-zero error and application
crash) via a crafted file (bsc#1032138)
- CVE-2017-9216: Prevent NULL pointer dereference in the jbig2_huffman_get
function in jbig2_huffman.c which allowed for DoS (bsc#1040643)
ModerateSUSE bug 1018128SUSE bug 1030263SUSE bug 1032138SUSE bug 1032230SUSE bug 1040643SUSE bug 1050879SUSE bug 1050887SUSE bug 1050888SUSE bug 1050889SUSE bug 1050891SUSE bug 1051184CVE-2016-10219 at SUSECVE-2016-10219 at NVDCVE-2016-9601 at SUSECVE-2016-9601 at NVDCVE-2017-11714 at SUSECVE-2017-11714 at NVDCVE-2017-7207 at SUSECVE-2017-7207 at NVDCVE-2017-9216 at SUSECVE-2017-9216 at NVDCVE-2017-9612 at SUSECVE-2017-9612 at NVDCVE-2017-9726 at SUSECVE-2017-9726 at NVDCVE-2017-9727 at SUSECVE-2017-9727 at NVDCVE-2017-9739 at SUSECVE-2017-9739 at NVDCVE-2017-9835 at SUSECVE-2017-9835 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ghostscript-library (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ghostscript-library fixes the following issues:
- CVE-2018-10194: Fixed a stack-based buffer overflow in gdevpdts.c (bsc#1090099)
- Fixed a crash in the fix for CVE-2016-9601.
ModerateSUSE bug 1090099CVE-2016-9601 at SUSECVE-2016-9601 at NVDCVE-2018-10194 at SUSECVE-2018-10194 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ghostscript-library (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ghostscript-library fixes the following issues:
- CVE-2018-16511: A type confusion in 'ztype' could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. (bsc#1107426)
- CVE-2018-16540: Attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact. (bsc#1107420)
- CVE-2018-16541: Attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter. (bsc#1107421)
- CVE-2018-16542: Attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter. (bsc#1107413)
- CVE-2018-16509: Incorrect 'restoration of privilege' checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the 'pipe' instruction. (bsc#1107410
- CVE-2018-16513: Attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact. (bsc#1107412)
- CVE-2018-15910: Attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code. (bsc#1106173)
- CVE-2017-9611: The Ins_MIRP function allowed remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. (bsc#1050893)
ImportantSUSE bug 1050893SUSE bug 1106173SUSE bug 1107410SUSE bug 1107412SUSE bug 1107413SUSE bug 1107420SUSE bug 1107421SUSE bug 1107426CVE-2017-9611 at SUSECVE-2017-9611 at NVDCVE-2018-15910 at SUSECVE-2018-15910 at NVDCVE-2018-16509 at SUSECVE-2018-16509 at NVDCVE-2018-16511 at SUSECVE-2018-16511 at NVDCVE-2018-16513 at SUSECVE-2018-16513 at NVDCVE-2018-16540 at SUSECVE-2018-16540 at NVDCVE-2018-16541 at SUSECVE-2018-16541 at NVDCVE-2018-16542 at SUSECVE-2018-16542 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Recommended update for ghostscript-library (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for ghostscript-library fixes the following issues:
Security issue fixed:
- CVE-2019-3838: Fixed various bugs which allows to reenable and misuse system Postscript operators to read files from within Postscript files and send them with the help of e.g. the %pipe% to the attacker (bsc#1129186).
ImportantSUSE bug 1129186CVE-2019-3838 at SUSECVE-2019-3838 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for giflib (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for giflib fixes the following issues:
- CVE-2015-7555: Heap overflow in giffix (bsc#960319)
ModerateSUSE bug 960319CVE-2015-7555 at SUSECVE-2015-7555 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for giflib (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
giflib was updated to fix one security issue.
This security issue was fixed:
- CVE-2016-3977: Heap buffer overflow in gif2rgb (bsc#974847).
ModerateSUSE bug 974847CVE-2016-3977 at SUSECVE-2016-3977 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for glib2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for glib2 fixes the following issues:
Security issues fixed:
- CVE-2018-16429: Fixed out-of-bounds read vulnerability ing_markup_parse_context_parse() (bsc#1107116).
- Fixing potentially exploitable bugs in UTF-8 validation in Variant and DBUS message parsing (bsc#1111499).
ModerateSUSE bug 1107116SUSE bug 1111499CVE-2018-16429 at SUSECVE-2018-16429 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for glib2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for glib2 fixes the following issues:
Security issue fixed:
- CVE-2019-12450: Fixed an improper file permission when copy operation
takes place (bsc#1137001).
ImportantSUSE bug 1137001CVE-2019-12450 at SUSECVE-2019-12450 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for glibc provides fixes for security and non-security issues.
These security issues have been fixed:
- CVE-2015-1781: Buffer length after padding in resolv/nss_dns/dns-host.c. (bsc#927080)
- CVE-2013-2207: pt_chown did not properly check permissions for tty files, which allowed
local users to change the permission on the files and obtain access to arbitrary
pseudo-terminals by leveraging a FUSE file system. (bsc#830257)
- CVE-2014-8121: DB_LOOKUP in the Name Service Switch (NSS) did not properly check if a
file is open, which allowed remote attackers to cause a denial of service (infinite loop)
by performing a look-up while the database is iterated over the database, which triggers
the file pointer to be reset. (bsc#918187)
- Fix read past end of pattern in fnmatch. (bsc#920338)
These non-security issues have been fixed:
- Fix locking in _IO_flush_all_lockp() to prevent deadlocks in applications. (bsc#851280)
- Record TTL also for DNS PTR queries. (bsc#928723)
- Fix invalid free in ld.so. (bsc#932059)
- Make PowerPC64 default to non-executable stack. (bsc#933770)
- Fix floating point exceptions in some circumstances with exp() and friends. (bsc#933903)
- Fix bad TEXTREL in glibc.i686. (bsc#935286)
ImportantSUSE bug 830257SUSE bug 851280SUSE bug 918187SUSE bug 920338SUSE bug 927080SUSE bug 928723SUSE bug 932059SUSE bug 933770SUSE bug 933903SUSE bug 935286CVE-2013-2207 at SUSECVE-2013-2207 at NVDCVE-2014-8121 at SUSECVE-2014-8121 at NVDCVE-2015-1781 at SUSECVE-2015-1781 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for glibc fixes the following issues:
- CVE-2015-7547: A stack-based buffer overflow in getaddrinfo allowed remote attackers to cause a crash or execute arbitrary code via crafted and timed DNS responses (bsc#961721)
- CVE-2015-8777: Insufficient checking of LD_POINTER_GUARD environment variable allowed local attackers to bypass the pointer guarding protection of the dynamic loader on set-user-ID and set-group-ID programs (bsc#950944)
- CVE-2015-8776: Out-of-range time values passed to the strftime function may cause it to crash, leading to a denial of service, or potentially disclosure information (bsc#962736)
- CVE-2015-8778: Integer overflow in hcreate and hcreate_r could have caused an out-of-bound memory access. leading to application crashes or, potentially, arbitrary code execution (bsc#962737)
- CVE-2014-9761: A stack overflow (unbounded alloca) could have caused applications which process long strings with the nan function to crash or, potentially, execute arbitrary code. (bsc#962738)
- CVE-2015-8779: A stack overflow (unbounded alloca) in the catopen function could have caused applications which pass long strings to the catopen function to crash or, potentially execute arbitrary code. (bsc#962739)
The following non-security bugs were fixed:
- bsc#930721: Accept leading and trailing spaces in getdate input string
- bsc#942317: Recognize power8 platform
- bsc#950944: Always enable pointer guard
- bsc#956988: Fix deadlock in __dl_iterate_phdr
ImportantSUSE bug 930721SUSE bug 942317SUSE bug 950944SUSE bug 956988SUSE bug 961721SUSE bug 962736SUSE bug 962737SUSE bug 962738SUSE bug 962739CVE-2014-9761 at SUSECVE-2014-9761 at NVDCVE-2015-7547 at SUSECVE-2015-7547 at NVDCVE-2015-8776 at SUSECVE-2015-8776 at NVDCVE-2015-8777 at SUSECVE-2015-8777 at NVDCVE-2015-8778 at SUSECVE-2015-8778 at NVDCVE-2015-8779 at SUSECVE-2015-8779 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for glibc (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for glibc fixes the following issues:
- Drop old fix that could break services that start before IPv6 is up. (bsc#931399)
- Do not copy d_name field of struct dirent. (CVE-2016-1234, bsc#969727)
- Fix memory leak in _nss_dns_gethostbyname4_r. (bsc#973010)
- Relocate DSOs in dependency order, fixing a potential crash during symbol
relocation phase. (bsc#986302)
- Fix nscd assertion failure in gc. (bsc#965699)
- Fix stack overflow in _nss_dns_getnetbyname_r. (CVE-2016-3075, bsc#973164)
- Fix getaddrinfo stack overflow in hostent conversion. (CVE-2016-3706, bsc#980483)
- Do not use alloca in clntudp_call. (CVE-2016-4429, bsc#980854)
ModerateSUSE bug 931399SUSE bug 965699SUSE bug 969727SUSE bug 973010SUSE bug 973164SUSE bug 973179SUSE bug 980483SUSE bug 980854SUSE bug 986302CVE-2016-1234 at SUSECVE-2016-1234 at NVDCVE-2016-3075 at SUSECVE-2016-3075 at NVDCVE-2016-3706 at SUSECVE-2016-3706 at NVDCVE-2016-4429 at SUSECVE-2016-4429 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for glibc fixes the following issues:
- CVE-2017-1000366: Fix a potential privilege escalation vulnerability that
allowed unprivileged system users to manipulate the stack of setuid binaries
to gain special privileges. [bsc#1039357]
ImportantSUSE bug 1039357CVE-2017-1000366 at SUSECVE-2017-1000366 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for glibc fixes the following issues:
- A privilege escalation bug in the realpath() function has been fixed.
[CVE-2018-1000001, bsc#1074293]
ImportantSUSE bug 1074293CVE-2018-1000001 at SUSECVE-2018-1000001 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for glibc fixes the following issues:
Security issues:
- CVE-2017-8804: Fix memory leak after deserialization failure in xdr_bytes, xdr_string (bsc#1037930)
- CVE-2017-12132: Reduce EDNS payload size to 1200 bytes (bsc#1051791)
- CVE-2018-6485,CVE-2018-6551: Fix integer overflows in internal memalign and malloc functions (bsc#1079036)
- CVE-2018-1000001: Avoid underflow of malloced area in realpath (bsc#1074293)
Also a non security issue was fixed:
- Do not fail if one of the two responses to AF_UNSPEC fails (bsc#978209)
ImportantSUSE bug 1037930SUSE bug 1051791SUSE bug 1074293SUSE bug 1079036SUSE bug 978209CVE-2017-12132 at SUSECVE-2017-12132 at NVDCVE-2017-8804 at SUSECVE-2017-8804 at NVDCVE-2018-1000001 at SUSECVE-2018-1000001 at NVDCVE-2018-6485 at SUSECVE-2018-6485 at NVDCVE-2018-6551 at SUSECVE-2018-6551 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for glibc (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for glibc fixes the following issues:
Security issues fixed:
- CVE-2017-12133: Avoid use-after-free read access in clntudp_call (bsc#1081556)
Non security issue fixed:
- Fix incorrect getaddrinfo assertion trigger (bsc#1076871)
ModerateSUSE bug 1076871SUSE bug 1081556CVE-2017-12133 at SUSECVE-2017-12133 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for glibc fixes the following issues:
Security issue fixed:
- CVE-2018-11236: Fix 32bit arch integer overflow in stdlib/canonicalize.c when processing very long pathname arguments (bsc#1094161).
Bug fixes:
- bsc#1086690: Fix crash in resolver on memory allocation failure.
- bsc#1077763: Fix allocation in in6ailist_add.
- bsc#1079625: Fix allocation in nss_compat for large number of memberships to a group.
ImportantSUSE bug 1077763SUSE bug 1079625SUSE bug 1086690SUSE bug 1094161CVE-2018-11236 at SUSECVE-2018-11236 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for glibc fixes the following security issues:
- CVE-2017-15670: Prevent off-by-one error that lead to a heap-based buffer
overflow in the glob function, related to the processing of home directories
using the ~ operator followed by a long string (bsc#1064583)
- CVE-2017-15804: The glob function contained a buffer overflow during
unescaping of user names with the ~ operator (bsc#1064580)
- CVE-2015-5180: res_query in libresolv allowed remote attackers to cause a
denial of service (NULL pointer dereference and process crash) (bsc#941234).
This non-security issue was fixed:
- Fix inaccuracies in casin, cacos, casinh, cacosh (bsc#1058774)
ImportantSUSE bug 1058774SUSE bug 1064580SUSE bug 1064583SUSE bug 941234CVE-2015-5180 at SUSECVE-2015-5180 at NVDCVE-2017-15670 at SUSECVE-2017-15670 at NVDCVE-2017-15804 at SUSECVE-2017-15804 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Recommended update for glibc (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for glibc fixes the following issues:
Security issue fixed:
- CVE-2017-15671: Fixed memory leak in glob with GLOB_TILDE (bsc#1064569, BZ #22325).
Non-security issue fixed:
- Avoid access beyond memory bounds in pthread_attr_getaffinity_np (bsc#1110170, BZ #15618).
- Remove improper assert in dlclose (bsc#1110174, BZ #11941).
ModerateSUSE bug 1064569SUSE bug 1110170SUSE bug 1110174CVE-2017-15671 at SUSECVE-2017-15671 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for glibc fixes the following issues:
Security issue fixed:
- CVE-2019-9169: Fixed heap-based buffer over-read via an attempted case-insensitive regular-expression match (bsc#1127308).
ImportantSUSE bug 1127308CVE-2019-9169 at SUSECVE-2019-9169 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for glibc (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for glibc fixes the following issues:
- CVE-2021-33574: Use __pthread_attr_copy in mq_notify (bsc#1186489)
- CVE-2021-35942: wordexp: handle overflow in positional parameter number (bsc#1187911)
ModerateSUSE bug 1186489SUSE bug 1187911CVE-2021-33574 at SUSECVE-2021-33574 at NVDCVE-2021-35942 at SUSECVE-2021-35942 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for glibc (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for glibc fixes the following issues:
- CVE-2022-23219: Fixed buffer overflow in sunrpc clnt_create for 'unix' (bsc#1194768, BZ #22542)
- CVE-2022-23218: Fixed buffer overflow in sunrpc svcunix_create (bsc#1194770, BZ #28768)
- CVE-2021-3999: Fixed in getcwd to set errno to ERANGE for size == 1 (bsc#1194640, BZ #28769)
- CVE-2015-8983: Fixed _IO_wstr_overflow integer overflow (bsc#1193615, BZ #17269)
- CVE-2015-8982: Fixed memory handling in strxfrm_l (bsc#1193616, BZ #16009)
ImportantSUSE bug 1193615SUSE bug 1193616SUSE bug 1194640SUSE bug 1194768SUSE bug 1194770CVE-2015-8982 at SUSECVE-2015-8982 at NVDCVE-2015-8983 at SUSECVE-2015-8983 at NVDCVE-2021-3999 at SUSECVE-2021-3999 at NVDCVE-2022-23218 at SUSECVE-2022-23218 at NVDCVE-2022-23219 at SUSECVE-2022-23219 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for gnome-session (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for gnome-session fixes the following issues:
- CVE-2017-11171: Fix a denial of service condition. an unauthenticated local user
can create ICE connections, causing a file descriptor leak in
gnome-session (bsc#1048274).
ModerateSUSE bug 1048274CVE-2017-11171 at SUSECVE-2017-11171 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gnutls (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This security update of gnutls fixes the following issues:
- use minimal padding for CBC, the default random length padding
causes problems with some servers (bsc#925499)
* added gnutls-use_minimal_cbc_padding.patch
- use the default DH minimum for gnutls-cli instead of hardcoding 512
* CVE-2015-4000 (Logjam) (bsc#932026)
* added gnutls-CVE-2015-4000-logjam-use_the_default_DH_min_for_cli.patch
ModerateSUSE bug 925499SUSE bug 932026CVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gnutls (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for gnutls fixes the following security issues:
- CVE-2015-8313: First byte of the padding in CBC mode is not checked (bsc#957568)
- CVE-2015-2806: Two-byte stack overflow in asn1_der_decoding (bsc#924828)
ModerateSUSE bug 924828SUSE bug 947271SUSE bug 957568CVE-2015-2806 at SUSECVE-2015-2806 at NVDCVE-2015-8313 at SUSECVE-2015-8313 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gnutls (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for gnutls fixes the following issues:
- Malformed asn1 definitions could cause a segmentation fault in the asn1 definition parser (bsc#961491).
- CVE-2016-8610: Remote denial of service in SSL alert handling (bsc#1005879).
- CVE-2017-5335: Decoding a specially crafted OpenPGP certificate could have lead to heap and stack overflows (bsc#1018832).
- CVE-2017-5336: Decoding a specially crafted OpenPGP certificate could have lead to heap and stack overflows (bsc#1018832).
- CVE-2017-5337: Decoding a specially crafted OpenPGP certificate could have lead to heap and stack overflows (bsc#1018832).
ImportantSUSE bug 1005879SUSE bug 1018832SUSE bug 961491CVE-2016-8610 at SUSECVE-2016-8610 at NVDCVE-2017-5335 at SUSECVE-2017-5335 at NVDCVE-2017-5336 at SUSECVE-2017-5336 at NVDCVE-2017-5337 at SUSECVE-2017-5337 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gnutls (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for gnutls fixes the following issues:
- GNUTLS-SA-2017-3 / CVE-2017-7869: An out-of-bounds write in OpenPGP certificate decoding was fixed (bsc#1034173)
- CVE-2017-6891: A potential stack buffer overflow in the bundled libtasn1 was fixed (bsc#1040621)
- An address read of 4 bytes past the end of buffer in OpenPGP certificate parsing was fixed (bsc#1038337)
ModerateSUSE bug 1034173SUSE bug 1038337SUSE bug 1040621CVE-2017-6891 at SUSECVE-2017-6891 at NVDCVE-2017-7869 at SUSECVE-2017-7869 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gpg2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for gpg2 fixes the following issues:
- Fix cve-2015-1606 (bsc#918089)
* Invalid memory read using a garbled keyring
* 0001-Gpg-prevent-an-invalid-memory-read-using-a-garbled-k.patch
- Fix cve-2015-1607 (bsc#918090)
* Memcpy with overlapping ranges
* 0001-Use-inline-functions-to-convert-buffer-data-to-scala.patch
ModerateSUSE bug 918089SUSE bug 918090CVE-2015-1606 at SUSECVE-2015-1606 at NVDCVE-2015-1607 at SUSECVE-2015-1607 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gpg2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for gpg2 fixes the following issues:
- CVE-2018-12020: GnuPG mishandled the original filename during decryption and
verification actions, which allowed remote attackers to spoof the output that
GnuPG sends on file descriptor 2 to other programs that use the '--status-fd 2'
option (bsc#1096745)
ImportantSUSE bug 1096745CVE-2018-12020 at SUSECVE-2018-12020 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for grub2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for grub2 provides the following fixes:
A security issues with a bufferoverflow when reading username and password was fixed (bsc#956631, CVE-2015-8370)
Also following bugs were fixed:
- Fix buffer overflows when reading username and password. (bsc#956631, CVE-2015-8370)
- Expand list of grub.cfg search path in PV Xen guests for systems installed
on btrfs snapshots. (bsc#946148, bsc#952539)
- Add grub.xen config searching path on boot partition. (bsc#884828)
- Add linux16 and initrd16 to grub.xen. (bsc#884830)
ImportantSUSE bug 884828SUSE bug 884830SUSE bug 946148SUSE bug 952539SUSE bug 954592SUSE bug 956631CVE-2015-8370 at SUSECVE-2015-8370 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for grub2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for grub2 fixes the following issues:
Security issue fixed:
- CVE-2017-9763: Fixed a memory leak in grub_ext2_read_block (bsc#1045063)
Other issues addressed:
- Added support for tftp block counter roll-over and backported support for efinetSNP open (bsc#1124662).
ModerateSUSE bug 1045063SUSE bug 1124662CVE-2017-9763 at SUSECVE-2017-9763 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for grub2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for grub2 fixes the following issues:
- Fix for CVE-2020-10713 (bsc#1168994)
- Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311
(bsc#1173812)
- Fix for CVE-2020-15706 (bsc#1174463)
- Fix for CVE-2020-15707 (bsc#1174570)
- Fix packed-not-aligned error on GCC 8 (bsc#1084632)
ImportantSUSE bug 1084632SUSE bug 1168994SUSE bug 1173812SUSE bug 1174463SUSE bug 1174570CVE-2020-10713 at SUSECVE-2020-10713 at NVDCVE-2020-14308 at SUSECVE-2020-14308 at NVDCVE-2020-14309 at SUSECVE-2020-14309 at NVDCVE-2020-14310 at SUSECVE-2020-14310 at NVDCVE-2020-14311 at SUSECVE-2020-14311 at NVDCVE-2020-15706 at SUSECVE-2020-15706 at NVDCVE-2020-15707 at SUSECVE-2020-15707 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for grub2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for grub2 fixes the following issues:
- CVE-2020-15705: Fail kernel validation without shim protocol (bsc#1174421).
ImportantSUSE bug 1174421CVE-2020-15705 at SUSECVE-2020-15705 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for grub2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for grub2 fixes the following issues:
grub2 now implements the new 'SBAT' method for SHIM based secure boot revocation. (bsc#1182057)
grub2 was updated to the 2.02 version (same as SUSE Linux Enterprise 12 SP3).
Following security issues are fixed that can violate secure boot constraints:
- CVE-2020-25632: Fixed a use-after-free in rmmod command (bsc#1176711)
- CVE-2020-25647: Fixed an out-of-bound write in grub_usb_device_initialize() (bsc#1177883)
- CVE-2020-27749: Fixed a stack buffer overflow in grub_parser_split_cmdline (bsc#1179264)
- CVE-2020-27779, CVE-2020-14372: Disallow cutmem and acpi commands in secure boot mode (bsc#1179265 bsc#1175970)
- CVE-2021-20225: Fixed a heap out-of-bounds write in short form option parser (bsc#1182262)
- CVE-2021-20233: Fixed a heap out-of-bound write due to mis-calculation of space required for quoting (bsc#1182263)
ImportantSUSE bug 1175970SUSE bug 1176711SUSE bug 1177883SUSE bug 1179264SUSE bug 1179265SUSE bug 1182057SUSE bug 1182262SUSE bug 1182263CVE-2017-9763 at SUSECVE-2017-9763 at NVDCVE-2020-14372 at SUSECVE-2020-14372 at NVDCVE-2020-25632 at SUSECVE-2020-25632 at NVDCVE-2020-25647 at SUSECVE-2020-25647 at NVDCVE-2020-27749 at SUSECVE-2020-27749 at NVDCVE-2020-27779 at SUSECVE-2020-27779 at NVDCVE-2021-20225 at SUSECVE-2021-20225 at NVDCVE-2021-20233 at SUSECVE-2021-20233 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for gstreamer-0_10-plugins-base (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for gstreamer-0_10-plugins-base fixes the following issue:
- CVE-2016-9811: Out of bounds memory read in windows_icon_typefind (bsc#1013669).
ModerateSUSE bug 1013669CVE-2016-9811 at SUSECVE-2016-9811 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gstreamer-0_10-plugins-base (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for gstreamer-0_10-plugins-base fixes the following issues:
Security issues fixed:
- CVE-2017-5837: Fixed a floating point exception in gst_riff_create_audio_caps (bsc#1024076).
- CVE-2017-5844: Fixed a floating point exception in gst_riff_create_audio_caps (bsc#1024079).
- CVE-2019-9928: Fixed a heap-based overflow in the rtsp connection parser (bsc#1133375).
ImportantSUSE bug 1024076SUSE bug 1024079SUSE bug 1133375CVE-2017-5837 at SUSECVE-2017-5837 at NVDCVE-2017-5844 at SUSECVE-2017-5844 at NVDCVE-2019-9928 at SUSECVE-2019-9928 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for gstreamer-0_10-plugins-good (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
gstreamer-0_10-plugins-good was updated to fix six security issues.
These security issues were fixed:
- CVE-2016-9634: Invalid FLIC files could have caused and an out-of-bounds write (bsc#1012102)
- CVE-2016-9635: Invalid FLIC files could have caused and an out-of-bounds write (bsc#1012103)
- CVE-2016-9636: Prevent maliciously crafted flic files from causing invalid memory writes (bsc#1012104).
- CVE-2016-9807: Prevent the reading of invalid memory in flx_decode_chunks, leading to DoS (bsc#1013655)
- CVE-2016-9808: Prevent maliciously crafted flic files from causing invalid memory accesses (bsc#1013653)
- CVE-2016-9810: Invalid files can be used to extraneous unreferences, leading to invalid memory access and DoS (bsc#1013663)
ImportantSUSE bug 1012102SUSE bug 1012103SUSE bug 1012104SUSE bug 1013653SUSE bug 1013655SUSE bug 1013663CVE-2016-9634 at SUSECVE-2016-9634 at NVDCVE-2016-9635 at SUSECVE-2016-9635 at NVDCVE-2016-9636 at SUSECVE-2016-9636 at NVDCVE-2016-9807 at SUSECVE-2016-9807 at NVDCVE-2016-9808 at SUSECVE-2016-9808 at NVDCVE-2016-9810 at SUSECVE-2016-9810 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gtk2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
gtk2 was updated to fix two security issues.
These security issues were fixed:
- CVE-2015-4491: Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, allowed remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that were mishandled during scaling (bsc#942801).
- CVE-2015-7674: Fix overflow when scaling GIF files (bsc#948791).
This non-security issue was fixed:
- Add the script which generates gdk-pixbuf64.loaders to the spec file (bsc#922741).
ModerateSUSE bug 922741SUSE bug 942801SUSE bug 948791CVE-2015-4491 at SUSECVE-2015-4491 at NVDCVE-2015-7674 at SUSECVE-2015-7674 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gdk2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for gdk2 fixes the following security issues:
- CVE-2015-7552: various overflows, including heap overflow in flipping bmp files (bsc#958963)
The following non-security issues were fixed:
- bsc#960155: fix a possible divide by zero ModerateSUSE bug 958963SUSE bug 960155CVE-2015-7552 at SUSECVE-2015-7552 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gtk2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for gtk2 fixes the following security issues:
- CVE-2016-6352: Some crashes were fixed, including a out of bounds
write in the OneLine32() function that could be used by attackers to
crash GTK/GDK programs.
- CVE-2013-7447: Avoid overflow when allocating a cairo pixbuf (bsc#966682).
ModerateSUSE bug 966682SUSE bug 988745SUSE bug 991450CVE-2013-7447 at SUSECVE-2013-7447 at NVDCVE-2016-6352 at SUSECVE-2016-6352 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gtk2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for gtk2 fixes the following issues:
This security issue was fixed:
- Add checks for multiplications at several locations to avoid mishandling
memory. This allowed attackers to cause DoS or potentially RCE (bsc#1053417).
ModerateSUSE bug 1053417cpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for gtk2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for gtk2 provides the following fixes:
These security issues were fixed:
- CVE-2017-6312: Prevent integer overflow that allowed context-dependent
attackers to cause a denial of service (segmentation fault and application
crash) via a crafted image entry offset in an ICO file (bsc#1027026).
- CVE-2017-6314: The make_available_at_least function allowed context-dependent
attackers to cause a denial of service (infinite loop) via a large TIFF file
(bsc#1027025).
- CVE-2017-6313: Prevent integer underflow in the load_resources function that
allowed context-dependent attackers to cause a denial of service (out-of-bounds
read and program crash) via a crafted image entry size in an ICO file
(bsc#1027024).
- CVE-2017-2862: Prevent heap overflow in the
gdk_pixbuf__jpeg_image_load_increment function. A specially crafted jpeg file
could have caused a heap overflow resulting in remote code execution
(bsc#1048289)
- CVE-2017-2870: Prevent integer overflow in the tiff_image_parse
functionality. A specially crafted tiff file could have caused a heap-overflow
resulting in remote code execution (bsc#1048544).
This non-security issue was fixed:
- Prevent an infinite loop when a window is destroyed while traversed (bsc#1039465).
ModerateSUSE bug 1027024SUSE bug 1027025SUSE bug 1027026SUSE bug 1039465SUSE bug 1048289SUSE bug 1048544CVE-2017-2862 at SUSECVE-2017-2862 at NVDCVE-2017-2870 at SUSECVE-2017-2870 at NVDCVE-2017-6312 at SUSECVE-2017-6312 at NVDCVE-2017-6313 at SUSECVE-2017-6313 at NVDCVE-2017-6314 at SUSECVE-2017-6314 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for guile (Low)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for guile fixes the following issues:
- CVE-2016-8605: Fixed thread-unsafe umask modification (bsc#1004221).
LowSUSE bug 1004221CVE-2016-8605 at SUSECVE-2016-8605 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for icu (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
icu was updated to fix one security issue.
This security issue was fixed:
- CVE-2014-9654: Insufficient size limit checks in regular expression compiler (bsc#917129).
ModerateSUSE bug 917129CVE-2014-9654 at SUSECVE-2014-9654 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for icu (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for icu fixes the following issue:
The previous patch for CVE-2014-9654 was incorrect and lead
to non-working regular expressions. This update fixes this
problem (bsc#952260)
ModerateSUSE bug 952260CVE-2014-9654 at SUSECVE-2014-9654 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for icu (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for icu fixes the following security issues:
- Passing a locale string longer than 255 characters to uloc_getDisplayName()
could have caused a buffer overflow resulting in denial of service or
possible code execution (bsc#1012224, CVE-2014-9911).
ModerateSUSE bug 1012224CVE-2014-9911 at SUSECVE-2014-9911 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for icu (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for icu fixes the following issues:
- CVE-2014-9911: The fix was updated to not crash (NULL ptr deref) when resPath is NULL (bsc#1023033).
ModerateSUSE bug 1023033CVE-2014-9911 at SUSECVE-2014-9911 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Recommended update for icu (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for icu fixes the following issue:
- Fix international date/time format output (a regression caused by the fix for CVE-2014-9911) (bsc#1037416).
ModerateSUSE bug 1037416CVE-2014-9911 at SUSECVE-2014-9911 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for icu (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for icu fixes the following issues:
- CVE-2016-6293: The uloc_acceptLanguageFromHTTP function in common/uloc.cpp did not ensure that there is a '\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument. (bsc#990636)
- CVE-2017-7868: ICU had an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function. (bsc#1034674)
- CVE-2017-7867: ICU had an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function. (bsc#1034678)
- CVE-2017-14952: Double free in i18n/zonemeta.cpp allowed remote attackers to execute arbitrary code via a crafted string, aka a 'redundant UVector entry clean up function call' issue. (bsc#1067203)
- CVE-2017-17484:The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp mishandled ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted string, as demonstrated by ZNC. (bsc#1072193)
- CVE-2017-15422: An integer overflow in persian calendar calculation was fixed, which could show wrong years. (bsc#1077999)
ImportantSUSE bug 1034674SUSE bug 1034678SUSE bug 1067203SUSE bug 1072193SUSE bug 1077999SUSE bug 990636CVE-2016-6293 at SUSECVE-2016-6293 at NVDCVE-2017-14952 at SUSECVE-2017-14952 at NVDCVE-2017-15422 at SUSECVE-2017-15422 at NVDCVE-2017-17484 at SUSECVE-2017-17484 at NVDCVE-2017-7867 at SUSECVE-2017-7867 at NVDCVE-2017-7868 at SUSECVE-2017-7868 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for inn (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for inn fixes the following issues:
- CVE-2021-31998: Fixed locale privialge escalation during the update of inn (bsc#1182321).
ImportantSUSE bug 1182321CVE-2021-31998 at SUSECVE-2021-31998 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for intel-SINIT (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for intel-SINIT fixes the following issues:
Security issue fixed:
- CVE-2011-5174: Fixed security issue in old SINIT files which allowed local users to bypass the TXT protection mechanism (bsc#1069754).
ImportantSUSE bug 1069754CVE-2011-5174 at SUSECVE-2011-5174 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ipmitool (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for ipmitool fixes the following issues:
- CVE-2020-5208: Fixed several buffer overflows (bsc#1163026).
- Added a missing patch for DDR4 support (bsc#1038508).
ImportantSUSE bug 1038508SUSE bug 1163026CVE-2020-5208 at SUSECVE-2020-5208 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for ipsec-tools (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
ipsec-tools was updated to fix one security issue and a bug.
This security issue was fixed:
- CVE-2015-4047: racoon/gssapi.c in ipsec-tools allowed remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests (bsc#931989).
Due to a packaging error, the racoonf.conf config file was symlinked to /usr/share/doc/packages/ipsec-tools/examples/racoon/samples/racoon.conf
on some processor platforms, edits might have happened only in this example file.
Before upgrading, please check if /etc/racoon/racoon.conf is a symlink to this example file and backup the content. (bsc#939810)
ModerateSUSE bug 931989SUSE bug 939810CVE-2015-4047 at SUSECVE-2015-4047 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ipsec-tools (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ipsec-tools fixes one issue.
This security issue was fixed:
- CVE-2016-10396: The racoon daemon contained a remotely exploitable
computational-complexity attack when parsing and storing ISAKMP fragments that
allowed a remote attacker to exhaust computational resources on the remote
endpoint by repeatedly sending ISAKMP fragment packets in a particular order
(bsc#1047443).
ModerateSUSE bug 1047443CVE-2016-10396 at SUSECVE-2016-10396 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for jakarta-commons-collections (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update to jakarta-commons-collections 3.2.2 fixes the following security issues:
* bsc#954102 code-execution by unserialization
ModerateSUSE bug 954102cpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for jakarta-commons-fileupload (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for jakarta-commons-fileupload fixes the following issue:
Security issue fixed:
- CVE-2016-1000031: Fixed remote execution (bsc#1128963, bsc#1128829).
ImportantSUSE bug 1128829SUSE bug 1128963CVE-2016-1000031 at SUSECVE-2016-1000031 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for jakarta-taglibs-standard (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for jakarta-taglibs-standard fixes the following issues:
- CVE-2015-0254: Apache Standard Taglibs allowed remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) x:parse or (2) x:transform JSTL XML tag. (bsc#920813)
ImportantSUSE bug 920813CVE-2015-0254 at SUSECVE-2015-0254 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for jasper (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for jasper fixes the following issues:
Security fixes:
- CVE-2016-8887: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (bsc#1006836)
- CVE-2016-8886: memory allocation failure in jas_malloc (jas_malloc.c) (bsc#1006599)
- CVE-2016-8884,CVE-2016-8885: two null pointer dereferences in bmp_getdata (incomplete fix for CVE-2016-8690) (bsc#1007009)
- CVE-2016-8883: assert in jpc_dec_tiledecode() (bsc#1006598)
- CVE-2016-8882: segfault / null pointer access in jpc_pi_destroy (bsc#1006597)
- CVE-2016-8881: Heap overflow in jpc_getuint16() (bsc#1006593)
- CVE-2016-8880: Heap overflow in jpc_dec_cp_setfromcox() (bsc#1006591)
- CVE-2016-8693: Double free vulnerability in mem_close (bsc#1005242)
- CVE-2016-8691, CVE-2016-8692: Divide by zero in jpc_dec_process_siz (bsc#1005090)
- CVE-2016-8690: Null pointer dereference in bmp_getdata triggered by crafted BMP image (bsc#1005084)
- CVE-2016-2089: invalid read in the JasPer's jas_matrix_clip() function (bsc#963983)
- CVE-2016-1867: Out-of-bounds Read in the JasPer's jpc_pi_nextcprl() function (bsc#961886)
- CVE-2016-1577, CVE-2016-2116: double free vulnerability in the jas_iccattrval_destroy function (bsc#968373)
- CVE-2015-5221: Use-after-free (and double-free) in Jasper JPEG-200 (bsc#942553)
- CVE-2015-5203: Double free corruption in JasPer JPEG-2000 implementation (bsc#941919)
- CVE-2008-3522: multiple integer overflows (bsc#392410)
- bsc#1006839: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (incomplete fix for CVE-2016-8887)
ModerateSUSE bug 1005084SUSE bug 1005090SUSE bug 1005242SUSE bug 1006591SUSE bug 1006593SUSE bug 1006597SUSE bug 1006598SUSE bug 1006599SUSE bug 1006836SUSE bug 1006839SUSE bug 1007009SUSE bug 392410SUSE bug 941919SUSE bug 942553SUSE bug 961886SUSE bug 963983SUSE bug 968373CVE-2008-3522 at SUSECVE-2008-3522 at NVDCVE-2015-5203 at SUSECVE-2015-5203 at NVDCVE-2015-5221 at SUSECVE-2015-5221 at NVDCVE-2016-1577 at SUSECVE-2016-1577 at NVDCVE-2016-1867 at SUSECVE-2016-1867 at NVDCVE-2016-2089 at SUSECVE-2016-2089 at NVDCVE-2016-2116 at SUSECVE-2016-2116 at NVDCVE-2016-8690 at SUSECVE-2016-8690 at NVDCVE-2016-8691 at SUSECVE-2016-8691 at NVDCVE-2016-8692 at SUSECVE-2016-8692 at NVDCVE-2016-8693 at SUSECVE-2016-8693 at NVDCVE-2016-8880 at SUSECVE-2016-8880 at NVDCVE-2016-8881 at SUSECVE-2016-8881 at NVDCVE-2016-8882 at SUSECVE-2016-8882 at NVDCVE-2016-8883 at SUSECVE-2016-8883 at NVDCVE-2016-8884 at SUSECVE-2016-8884 at NVDCVE-2016-8885 at SUSECVE-2016-8885 at NVDCVE-2016-8886 at SUSECVE-2016-8886 at NVDCVE-2016-8887 at SUSECVE-2016-8887 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for jasper (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for jasper fixes the following issues:
Security issues fixed:
- CVE-2016-8654: Heap-based buffer overflow in QMFB code in JPC codec (bsc#1012530)
- CVE-2016-9395: Missing sanity checks on the data in a SIZ marker segment (bsc#1010977).
- CVE-2016-9398: jpc_math.c:94: int jpc_floorlog2(int): Assertion 'x > 0' failed. (bsc#1010979)
- CVE-2016-9560: stack-based buffer overflow in jpc_tsfb_getbands2 (jpc_tsfb.c) (bsc#1011830)
- CVE-2016-9583: Out of bounds heap read in jpc_pi_nextpcrl() (bsc#1015400)
- CVE-2016-9591: Use-after-free on heap in jas_matrix_destroy (bsc#1015993)
- CVE-2016-9600: Null Pointer Dereference due to missing check for UNKNOWN color space in JP2 encoder (bsc#1018088)
- CVE-2016-10251: Use of uninitialized value in jpc_pi_nextcprl (jpc_t2cod.c) (bsc#1029497)
- CVE-2017-5498: left-shift undefined behaviour (bsc#1020353)
- CVE-2017-6850: NULL pointer dereference in jp2_cdef_destroy (jp2_cod.c) (bsc#1021868)
ImportantSUSE bug 1010977SUSE bug 1010979SUSE bug 1011830SUSE bug 1012530SUSE bug 1015400SUSE bug 1015993SUSE bug 1018088SUSE bug 1020353SUSE bug 1021868SUSE bug 1029497CVE-2016-10251 at SUSECVE-2016-10251 at NVDCVE-2016-8654 at SUSECVE-2016-8654 at NVDCVE-2016-9395 at SUSECVE-2016-9395 at NVDCVE-2016-9398 at SUSECVE-2016-9398 at NVDCVE-2016-9560 at SUSECVE-2016-9560 at NVDCVE-2016-9583 at SUSECVE-2016-9583 at NVDCVE-2016-9591 at SUSECVE-2016-9591 at NVDCVE-2016-9600 at SUSECVE-2016-9600 at NVDCVE-2017-5498 at SUSECVE-2017-5498 at NVDCVE-2017-6850 at SUSECVE-2017-6850 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for jasper (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for jasper fixes the following issues:
Security issues fixed:
- CVE-2016-9262: Multiple integer overflows in the jas_realloc function in base/jas_malloc.c and
mem_resize function in base/jas_stream.c allow remote attackers to cause a denial of service via
a crafted image, which triggers use after free vulnerabilities. (bsc#1009994)
- CVE-2016-9388: The ras_getcmap function in ras_dec.c allows remote attackers to cause a denial
of service (assertion failure) via a crafted image file. (bsc#1010975)
- CVE-2016-9389: The jpc_irct and jpc_iict functions in jpc_mct.c allow remote attackers to cause a
denial of service (assertion failure). (bsc#1010968)
- CVE-2016-9390: The jas_seq2d_create function in jas_seq.c allows remote attackers to cause a
denial of service (assertion failure) via a crafted image file. (bsc#1010774)
- CVE-2016-9391: The jpc_bitstream_getbits function in jpc_bs.c allows remote attackers to cause a
denial of service (assertion failure) via a very large integer. (bsc#1010782)
- CVE-2017-1000050: The jp2_encode function in jp2_enc.c allows remote attackers to cause a denial
of service. (bsc#1047958)
CVEs already fixed with previous update:
- CVE-2016-9392: The calcstepsizes function in jpc_dec.c allows remote attackers to cause a denial
of service (assertion failure) via a crafted file. (bsc#1010757)
- CVE-2016-9393: The jpc_pi_nextrpcl function in jpc_t2cod.c allows remote attackers to cause a
denial of service (assertion failure) via a crafted file. (bsc#1010766)
- CVE-2016-9394: The jas_seq2d_create function in jas_seq.c allows remote attackers to cause a
denial of service (assertion failure) via a crafted file. (bsc#1010756)
ModerateSUSE bug 1009994SUSE bug 1010756SUSE bug 1010757SUSE bug 1010766SUSE bug 1010774SUSE bug 1010782SUSE bug 1010968SUSE bug 1010975SUSE bug 1047958CVE-2016-9262 at SUSECVE-2016-9262 at NVDCVE-2016-9388 at SUSECVE-2016-9388 at NVDCVE-2016-9389 at SUSECVE-2016-9389 at NVDCVE-2016-9390 at SUSECVE-2016-9390 at NVDCVE-2016-9391 at SUSECVE-2016-9391 at NVDCVE-2016-9392 at SUSECVE-2016-9392 at NVDCVE-2016-9393 at SUSECVE-2016-9393 at NVDCVE-2016-9394 at SUSECVE-2016-9394 at NVDCVE-2017-1000050 at SUSECVE-2017-1000050 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for jasper (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for jasper fixes the following issues:
- bsc#1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls
- bsc#1181483 CVE-2021-3272: Fix buffer over-read in jp2_decode
ImportantSUSE bug 1179748SUSE bug 1181483CVE-2020-27828 at SUSECVE-2020-27828 at NVDCVE-2021-3272 at SUSECVE-2021-3272 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
IBM Java was updated to 7.1-3.10 to fix several security issues.
The following vulnerabilities were fixed:
* CVE-2015-1931: IBM Java Security Components store plain text data in memory dumps, which could allow a local attacker to obtain information to aid in further attacks against the system.
* CVE-2015-2590: Easily exploitable vulnerability in the Libraries component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-2601: Easily exploitable vulnerability in the JCE component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2613: Easily exploitable vulnerability in the JCE component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data.
* CVE-2015-2619: Easily exploitable vulnerability in the 2D component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2621: Easily exploitable vulnerability in the JMX component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2625: Very difficult to exploit vulnerability in the JSSE component allowed successful unauthenticated network attacks via SSL/TLS. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2632: Easily exploitable vulnerability in the 2D component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2637: Easily exploitable vulnerability in the 2D component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized read access to a subset of Java accessible data.
* CVE-2015-2638: Easily exploitable vulnerability in the 2D component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-2664: Difficult to exploit vulnerability in the Deployment component requiring logon to Operating System. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-2808: Very difficult to exploit vulnerability in the JSSE component allowed successful unauthenticated network attacks via SSL/TLS. Successful attack of this vulnerability could have resulted in unauthorized update, insert or delete access to some Java accessible data as well as read access to a subset of Java accessible data.
* CVE-2015-4000: Very difficult to exploit vulnerability in the JSSE component allowed successful unauthenticated network attacks via SSL/TLS. Successful attack of this vulnerability could have resulted in unauthorized update, insert or delete access to some Java accessible data as well as read access to a subset of Java Embedded accessible data.
* CVE-2015-4729: Very difficult to exploit vulnerability in the Deployment component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data.
* CVE-2015-4731: Easily exploitable vulnerability in the JMX component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-4732: Easily exploitable vulnerability in the Libraries component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-4733: Easily exploitable vulnerability in the RMI component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-4748: Very difficult to exploit vulnerability in the Security component allowed successful unauthenticated network attacks via OCSP. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
* CVE-2015-4749: Difficult to exploit vulnerability in the JNDI component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized ability to cause a partial denial of service (partial DOS).
* CVE-2015-4760: Easily exploitable vulnerability in the 2D component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability could have resulted in unauthorized Operating System takeover including arbitrary code execution.
ImportantSUSE bug 935540SUSE bug 938895CVE-2015-1931 at SUSECVE-2015-1931 at NVDCVE-2015-2590 at SUSECVE-2015-2590 at NVDCVE-2015-2601 at SUSECVE-2015-2601 at NVDCVE-2015-2613 at SUSECVE-2015-2613 at NVDCVE-2015-2619 at SUSECVE-2015-2619 at NVDCVE-2015-2621 at SUSECVE-2015-2621 at NVDCVE-2015-2625 at SUSECVE-2015-2625 at NVDCVE-2015-2632 at SUSECVE-2015-2632 at NVDCVE-2015-2637 at SUSECVE-2015-2637 at NVDCVE-2015-2638 at SUSECVE-2015-2638 at NVDCVE-2015-2664 at SUSECVE-2015-2664 at NVDCVE-2015-2808 at SUSECVE-2015-2808 at NVDCVE-2015-4000 at SUSECVE-2015-4000 at NVDCVE-2015-4729 at SUSECVE-2015-4729 at NVDCVE-2015-4731 at SUSECVE-2015-4731 at NVDCVE-2015-4732 at SUSECVE-2015-4732 at NVDCVE-2015-4733 at SUSECVE-2015-4733 at NVDCVE-2015-4748 at SUSECVE-2015-4748 at NVDCVE-2015-4749 at SUSECVE-2015-4749 at NVDCVE-2015-4760 at SUSECVE-2015-4760 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The java-1_7_1-ibm package was updated to version 7.1-3.20 to fix several security and non security issues:
- bnc#955131: Version update to 7.1-3.20:
CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810
CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844
CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883
CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006
- Add backcompat symlinks for sdkdir
- bnc#941939: Fix to provide %{name} instead of %{sdklnk} only in _jvmprivdir
ImportantSUSE bug 941939SUSE bug 955131CVE-2015-0204 at SUSECVE-2015-0204 at NVDCVE-2015-0458 at SUSECVE-2015-0458 at NVDCVE-2015-0459 at SUSECVE-2015-0459 at NVDCVE-2015-0469 at SUSECVE-2015-0469 at NVDCVE-2015-0477 at SUSECVE-2015-0477 at NVDCVE-2015-0478 at SUSECVE-2015-0478 at NVDCVE-2015-0480 at SUSECVE-2015-0480 at NVDCVE-2015-0488 at SUSECVE-2015-0488 at NVDCVE-2015-0491 at SUSECVE-2015-0491 at NVDCVE-2015-4734 at SUSECVE-2015-4734 at NVDCVE-2015-4803 at SUSECVE-2015-4803 at NVDCVE-2015-4805 at SUSECVE-2015-4805 at NVDCVE-2015-4806 at SUSECVE-2015-4806 at NVDCVE-2015-4810 at SUSECVE-2015-4810 at NVDCVE-2015-4835 at SUSECVE-2015-4835 at NVDCVE-2015-4840 at SUSECVE-2015-4840 at NVDCVE-2015-4842 at SUSECVE-2015-4842 at NVDCVE-2015-4843 at SUSECVE-2015-4843 at NVDCVE-2015-4844 at SUSECVE-2015-4844 at NVDCVE-2015-4860 at SUSECVE-2015-4860 at NVDCVE-2015-4871 at SUSECVE-2015-4871 at NVDCVE-2015-4872 at SUSECVE-2015-4872 at NVDCVE-2015-4882 at SUSECVE-2015-4882 at NVDCVE-2015-4883 at SUSECVE-2015-4883 at NVDCVE-2015-4893 at SUSECVE-2015-4893 at NVDCVE-2015-4902 at SUSECVE-2015-4902 at NVDCVE-2015-4903 at SUSECVE-2015-4903 at NVDCVE-2015-4911 at SUSECVE-2015-4911 at NVDCVE-2015-5006 at SUSECVE-2015-5006 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for java-1_7_1-ibm fixes the following issues by updating to 7.1-3.30 (bsc#963937):
- CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances
- CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials
- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information
- CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
- CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact
- CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information
- CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service
- CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact
- CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact
The following bugs were fixed:
- bsc#960402: resolve package conflicts in devel package
ImportantSUSE bug 960402SUSE bug 963937CVE-2015-5041 at SUSECVE-2015-5041 at NVDCVE-2015-7575 at SUSECVE-2015-7575 at NVDCVE-2015-7981 at SUSECVE-2015-7981 at NVDCVE-2015-8126 at SUSECVE-2015-8126 at NVDCVE-2015-8472 at SUSECVE-2015-8472 at NVDCVE-2015-8540 at SUSECVE-2015-8540 at NVDCVE-2016-0402 at SUSECVE-2016-0402 at NVDCVE-2016-0448 at SUSECVE-2016-0448 at NVDCVE-2016-0466 at SUSECVE-2016-0466 at NVDCVE-2016-0483 at SUSECVE-2016-0483 at NVDCVE-2016-0494 at SUSECVE-2016-0494 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This IBM Java 1.7.1 SR3 FP40 relese fixes the following issues:
Security issues fixed:
- CVE-2016-0264: buffer overflow vulnerability in the IBM JVM (bsc#977648)
- CVE-2016-0363: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix (bsc#977650)
- CVE-2016-0376: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix (bsc#977646)
- The following CVEs got also fixed during this update. (bsc#979252)
CVE-2016-3443, CVE-2016-0687, CVE-2016-0686, CVE-2016-3427, CVE-2016-3449, CVE-2016-3422, CVE-2016-3426
ImportantSUSE bug 977646SUSE bug 977648SUSE bug 977650SUSE bug 979252CVE-2016-0264 at SUSECVE-2016-0264 at NVDCVE-2016-0363 at SUSECVE-2016-0363 at NVDCVE-2016-0376 at SUSECVE-2016-0376 at NVDCVE-2016-0686 at SUSECVE-2016-0686 at NVDCVE-2016-0687 at SUSECVE-2016-0687 at NVDCVE-2016-3422 at SUSECVE-2016-3422 at NVDCVE-2016-3426 at SUSECVE-2016-3426 at NVDCVE-2016-3427 at SUSECVE-2016-3427 at NVDCVE-2016-3443 at SUSECVE-2016-3443 at NVDCVE-2016-3449 at SUSECVE-2016-3449 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for java-1_7_1-ibm fixes the following issues:
- Version update to 7.1-3.60 (bsc#1009280) fixing the following CVE's:
CVE-2016-5568, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597, CVE-2016-5554,
CVE-2016-5542
ImportantSUSE bug 1009280CVE-2016-5542 at SUSECVE-2016-5542 at NVDCVE-2016-5554 at SUSECVE-2016-5554 at NVDCVE-2016-5556 at SUSECVE-2016-5556 at NVDCVE-2016-5568 at SUSECVE-2016-5568 at NVDCVE-2016-5573 at SUSECVE-2016-5573 at NVDCVE-2016-5597 at SUSECVE-2016-5597 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for java-1_7_1-ibm fixes the following issues:
Security issue fixed:
- CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and
other protocols and products, have a birthday bound of approximately four billion blocks, which
makes it easier for remote attackers to obtain cleartext data via a birthday attack against a
long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode,
aka a 'Sweet32' attack. (bsc#1027038)
ModerateSUSE bug 1027038CVE-2016-2183 at SUSECVE-2016-2183 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for java-1_7_1-ibm fixes the following issues:
Version update to 7.1-4.5 bsc#1038505
- CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c
- CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c
- CVE-2016-9842: zlib: Undefined left shift of negative number
- CVE-2016-9843: zlib: Big-endian out-of-bounds pointer
- CVE-2017-1289: IBM JDK: XML External Entity Injection (XXE) error when processing XML data
- CVE-2017-3509: OpenJDK: improper re-use of NTLM authenticated connections
- CVE-2017-3511: OpenJDK: untrusted extension directories search path in Launcher
- CVE-2017-3539: OpenJDK: MD5 allowed for jar verification
- CVE-2017-3533: OpenJDK: newline injection in the FTP client
- CVE-2017-3544: OpenJDK: newline injection in the SMTP client
ImportantSUSE bug 1038505CVE-2016-9840 at SUSECVE-2016-9840 at NVDCVE-2016-9841 at SUSECVE-2016-9841 at NVDCVE-2016-9842 at SUSECVE-2016-9842 at NVDCVE-2016-9843 at SUSECVE-2016-9843 at NVDCVE-2017-1289 at SUSECVE-2017-1289 at NVDCVE-2017-3509 at SUSECVE-2017-3509 at NVDCVE-2017-3511 at SUSECVE-2017-3511 at NVDCVE-2017-3533 at SUSECVE-2017-3533 at NVDCVE-2017-3539 at SUSECVE-2017-3539 at NVDCVE-2017-3544 at SUSECVE-2017-3544 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for java-1_7_1-ibm fixes the following issues:
- Version update to 7.1-4.10 [bsc#1053431]
* CVE-2017-10111 CVE-2017-10110 CVE-2017-10107 CVE-2017-10101
CVE-2017-10096 CVE-2017-10090 CVE-2017-10089 CVE-2017-10087
CVE-2017-10102 CVE-2017-10116 CVE-2017-10074 CVE-2017-10115
CVE-2017-10067 CVE-2017-10125 CVE-2017-10243 CVE-2017-10109
CVE-2017-10108 CVE-2017-10053 CVE-2017-10105 CVE-2017-10081: Multiple unspecified vulnerabilities
in multiple Java components could lead to code execution or sandbox escape
More information can be found here: https://developer.ibm.com/javasdk/support/security-vulnerabilities/#Oracle_July_18_2017_CPU
ImportantSUSE bug 1053431CVE-2017-10053 at SUSECVE-2017-10053 at NVDCVE-2017-10067 at SUSECVE-2017-10067 at NVDCVE-2017-10074 at SUSECVE-2017-10074 at NVDCVE-2017-10081 at SUSECVE-2017-10081 at NVDCVE-2017-10087 at SUSECVE-2017-10087 at NVDCVE-2017-10089 at SUSECVE-2017-10089 at NVDCVE-2017-10090 at SUSECVE-2017-10090 at NVDCVE-2017-10096 at SUSECVE-2017-10096 at NVDCVE-2017-10101 at SUSECVE-2017-10101 at NVDCVE-2017-10102 at SUSECVE-2017-10102 at NVDCVE-2017-10105 at SUSECVE-2017-10105 at NVDCVE-2017-10107 at SUSECVE-2017-10107 at NVDCVE-2017-10108 at SUSECVE-2017-10108 at NVDCVE-2017-10109 at SUSECVE-2017-10109 at NVDCVE-2017-10110 at SUSECVE-2017-10110 at NVDCVE-2017-10111 at SUSECVE-2017-10111 at NVDCVE-2017-10115 at SUSECVE-2017-10115 at NVDCVE-2017-10116 at SUSECVE-2017-10116 at NVDCVE-2017-10125 at SUSECVE-2017-10125 at NVDCVE-2017-10243 at SUSECVE-2017-10243 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for java-1_7_1-ibm fixes the following issues:
* CVE-2017-10349: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).'
* CVE-2017-10348: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).'
* CVE-2017-10388: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).'
* CVE-2016-9841: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).'
* CVE-2017-10293: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).'
* CVE-2017-10345: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).'
* CVE-2017-10350: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).'
* CVE-2017-10356: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).'
* CVE-2017-10357: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).'
* CVE-2017-10347: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).'
* CVE-2017-10355: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).'
* CVE-2017-10285: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).'
* CVE-2017-10281: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).'
* CVE-2017-10295: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).'
* CVE-2017-10346: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).'
* CVE-2016-10165: 'Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).'
ImportantSUSE bug 1070162CVE-2016-10165 at SUSECVE-2016-10165 at NVDCVE-2016-9841 at SUSECVE-2016-9841 at NVDCVE-2017-10281 at SUSECVE-2017-10281 at NVDCVE-2017-10285 at SUSECVE-2017-10285 at NVDCVE-2017-10293 at SUSECVE-2017-10293 at NVDCVE-2017-10295 at SUSECVE-2017-10295 at NVDCVE-2017-10345 at SUSECVE-2017-10345 at NVDCVE-2017-10346 at SUSECVE-2017-10346 at NVDCVE-2017-10347 at SUSECVE-2017-10347 at NVDCVE-2017-10348 at SUSECVE-2017-10348 at NVDCVE-2017-10349 at SUSECVE-2017-10349 at NVDCVE-2017-10350 at SUSECVE-2017-10350 at NVDCVE-2017-10355 at SUSECVE-2017-10355 at NVDCVE-2017-10356 at SUSECVE-2017-10356 at NVDCVE-2017-10357 at SUSECVE-2017-10357 at NVDCVE-2017-10388 at SUSECVE-2017-10388 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for java-1_7_1-ibm provides the following fix:
The version was updated to 7.1.4.20 [bsc#1082810]
* Security fixes:
- CVE-2018-2633 CVE-2018-2637 CVE-2018-2634 CVE-2018-2582
CVE-2018-2641 CVE-2018-2618 CVE-2018-2657 CVE-2018-2603
CVE-2018-2599 CVE-2018-2602 CVE-2018-2678 CVE-2018-2677
CVE-2018-2663 CVE-2018-2588 CVE-2018-2579
* Defect fixes:
- IJ04281 Class Libraries: Startup time increase after applying
apar IV96905
- IJ03822 Class Libraries: Update timezone information to tzdata2017c
- IJ03605 Java Virtual Machine: Legacy security for com.ibm.jvm.dump,
trace, log was not enabled by default
- IJ03607 JIT Compiler: Result String contains a redundant dot when
converted from BigDecimal with 0 on all platforms
- IX90185 ORB: Upgrade ibmcfw.jar to version O1800.01
- IJ04282 Security: Change in location and default of jurisdiction
policy files
- IJ03853 Security: IBMCAC provider does not support SHA224
- IJ02679 Security: IBMPKCS11Impl – Bad sessions are being allocated
internally
- IJ02706 Security: IBMPKCS11Impl – Bad sessions are being allocated
internally
- IJ03552 Security: IBMPKCS11Impl - Config file problem with the slot
specification attribute
- IJ01901 Security: IBMPKCS11Impl – SecureRandom.setSeed() exception
- IJ03801 Security: Issue with same DN certs, iKeyman GUI error with
stash, JKS Chain issue and JVM argument parse issue with iKeyman
- IJ03256 Security: javax.security.auth.Subject.toString() throws NPE
- IJ02284 JIT Compiler: Division by zero in JIT compiler
- Make it possible to run Java jnlp files from Firefox. (bsc#1057460)
ImportantSUSE bug 1057460SUSE bug 1076390SUSE bug 1082810SUSE bug 929900SUSE bug 966304CVE-2018-2579 at SUSECVE-2018-2579 at NVDCVE-2018-2582 at SUSECVE-2018-2582 at NVDCVE-2018-2588 at SUSECVE-2018-2588 at NVDCVE-2018-2599 at SUSECVE-2018-2599 at NVDCVE-2018-2602 at SUSECVE-2018-2602 at NVDCVE-2018-2603 at SUSECVE-2018-2603 at NVDCVE-2018-2618 at SUSECVE-2018-2618 at NVDCVE-2018-2633 at SUSECVE-2018-2633 at NVDCVE-2018-2634 at SUSECVE-2018-2634 at NVDCVE-2018-2637 at SUSECVE-2018-2637 at NVDCVE-2018-2641 at SUSECVE-2018-2641 at NVDCVE-2018-2657 at SUSECVE-2018-2657 at NVDCVE-2018-2663 at SUSECVE-2018-2663 at NVDCVE-2018-2677 at SUSECVE-2018-2677 at NVDCVE-2018-2678 at SUSECVE-2018-2678 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
IBM Java was updated to 7.1.4.25 [bsc#1093311, bsc#1085449]
Security fixes:
- CVE-2018-2814 CVE-2018-2794 CVE-2018-2783 CVE-2018-2799
CVE-2018-2798 CVE-2018-2797 CVE-2018-2796 CVE-2018-2795
CVE-2018-2800 CVE-2018-2790 CVE-2018-1417
ImportantSUSE bug 1085449SUSE bug 1093311CVE-2018-1417 at SUSECVE-2018-1417 at NVDCVE-2018-2783 at SUSECVE-2018-2783 at NVDCVE-2018-2790 at SUSECVE-2018-2790 at NVDCVE-2018-2794 at SUSECVE-2018-2794 at NVDCVE-2018-2795 at SUSECVE-2018-2795 at NVDCVE-2018-2796 at SUSECVE-2018-2796 at NVDCVE-2018-2797 at SUSECVE-2018-2797 at NVDCVE-2018-2798 at SUSECVE-2018-2798 at NVDCVE-2018-2799 at SUSECVE-2018-2799 at NVDCVE-2018-2800 at SUSECVE-2018-2800 at NVDCVE-2018-2814 at SUSECVE-2018-2814 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for java-1_7_1-ibm to version 7.1.4.30 fixes the following issues:
Security issues fixed:
- CVE-2018-1517: Fixed a flaw in the java.math component in IBM SDK, which may
allow an attacker to inflict a denial-of-service attack with specially
crafted String data.
- CVE-2018-1656: Protect against path traversal attacks when extracting
compressed dump files.
- CVE-2018-2940: Fixed an easily exploitable vulnerability in the libraries
subcomponent, which allowed unauthenticated attackers with network access
via multiple protocols to compromise the Java SE, leading to
unauthorized read access.
- CVE-2018-2952: Fixed an easily exploitable vulnerability in the concurrency
subcomponent, which allowed unauthenticated attackers with network access
via multiple protocols to compromise the Java SE, leading to denial of
service.
- CVE-2018-2973: Fixed a difficult to exploit vulnerability in the JSSE
subcomponent, which allowed unauthenticated attackers with network access
via SSL/TLS to compromise the Java SE, leading to unauthorized creation,
deletion or modification access to critical data.
- CVE-2018-12539: Fixed a vulnerability in which users other than the process
owner may be able to use Java Attach API to connect to the IBM JVM on the
same machine and use Attach API operations, including the ability to execute
untrusted arbitrary code.
Other changes made:
- Various JIT/JVM crash fixes
- Version update to 7.1.4.30 (bsc#1104668)
You can find detailed information about this update [here](https://developer.ibm.com/javasdk/support/security-vulnerabilities/#IBM_Security_Update_August_2018).
ImportantSUSE bug 1104668CVE-2018-12539 at SUSECVE-2018-12539 at NVDCVE-2018-1517 at SUSECVE-2018-1517 at NVDCVE-2018-1656 at SUSECVE-2018-1656 at NVDCVE-2018-2940 at SUSECVE-2018-2940 at NVDCVE-2018-2952 at SUSECVE-2018-2952 at NVDCVE-2018-2973 at SUSECVE-2018-2973 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
java-1_7_1-ibm was updated to Java 7.1 Service Refresh 4 Fix Pack 35 (bsc#1116574):
* Consumability
- IJ10515 AIX JAVA 7.1.3.10 GENERAL PROTECTION FAULT WHEN ATTEMPTING TO USE HEALTH CENTER API
* Class Libraries
- IJ10934 CVE-2018-13785
- IJ10935 CVE-2018-3136
- IJ10895 CVE-2018-3139
- IJ10932 CVE-2018-3149
- IJ10894 CVE-2018-3180
- IJ10933 CVE-2018-3214
- IJ09315 FLOATING POINT EXCEPTION FROM JAVA.TEXT.DECIMALFORMAT. FORMAT
- IJ09088 INTRODUCING A NEW PROPERTY FOR TURKEY TIMEZONE FOR PRODUCTS NOT IDENTIFYING TRT
- IJ08569 JAVA.IO.IOEXCEPTION OCCURS WHEN A FILECHANNEL IS BIGGER THAN 2GB ON AIX PLATFORM
- IJ10800 REMOVE EXPIRING ROOT CERTIFICATES IN IBM JDK’S CACERTS.
* Java Virtual Machine
- IJ10931 CVE-2018-3169
- IV91132 SOME CORE PATTERN SPECIFIERS ARE NOT HANDLED BY THE JVM ON LINUX
* JIT Compiler
- IJ08205 CRASH WHILE COMPILING
- IJ07886 INCORRECT CALUCATIONS WHEN USING NUMBERFORMAT.FORMAT() AND BIGDECIMAL.{FLOAT/DOUBLE }VALUE()
* ORB
- IX90187 CLIENTREQUESTIMPL.REINVO KE FAILS WITH JAVA.LANG.INDEXOUTOFBOUN DSEXCEPTION
* Security
- IJ10492 'EC KEYSIZE < 384' IS NOT HONORED USING THE 'JDK.TLS.DISABLEDALGORIT HMS' SECURITY PROPERTY
- IJ10491 AES/GCM CIPHER – AAD NOT RESET TO UN-INIT STATE AFTER DOFINAL( ) AND INIT( )
- IJ08442 HTTP PUBLIC KEY PINNING FINGERPRINT,PROBLEM WITH CONVERTING TO JKS KEYSTORE
- IJ09107 IBMPKCS11IMPL CRYPTO PROVIDER – INTERMITTENT ERROR WITH SECP521R1 SIGNATURE ON Z/OS
- IJ10136 IBMPKCS11IMPL – INTERMITTENT ERROR WITH SECP521R1 SIG ON Z/OS AND Z/LINUX
- IJ08530 IBMPKCS11IMPL PROVIDER USES THE WRONG RSA CIPHER MECHANISM FOR THE RSA/ECB/PKCS1PADDING CIPHER
- IJ08723 JAAS THROWS A ‘ARRAY INDEX OUT OF RANGE’ EXCEPTION
- IJ08704 THE SECURITY PROPERTY ‘JDK.CERTPATH.DISABLEDAL GORITHMS’ IS MISTAKENLY BEING USED TO FILTER JAR SIGNING ALGORITHMS
* z/OS Extentions
- PH01244 OUTPUT BUFFER TOO SHORT FOR GCM MODE ENCRYPTION USING IBMJCEHYBRID
ImportantSUSE bug 1116574CVE-2018-13785 at SUSECVE-2018-13785 at NVDCVE-2018-3136 at SUSECVE-2018-3136 at NVDCVE-2018-3139 at SUSECVE-2018-3139 at NVDCVE-2018-3149 at SUSECVE-2018-3149 at NVDCVE-2018-3169 at SUSECVE-2018-3169 at NVDCVE-2018-3180 at SUSECVE-2018-3180 at NVDCVE-2018-3214 at SUSECVE-2018-3214 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for java-1_7_1-ibm to version 7.1.4.40 fixes the following issues:
Security issues fixed:
- CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl (bsc#1122293).
- CVE-2018-11212: Fixed an issue in alloc_sarray function in jmemmgr.c (bsc#1122299).
More information: https://developer.ibm.com/javasdk/support/security-vulnerabilities/#IBM_Security_Update_February_2019
ImportantSUSE bug 1122293SUSE bug 1122299CVE-2018-11212 at SUSECVE-2018-11212 at NVDCVE-2019-2422 at SUSECVE-2019-2422 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for java-1_7_1-ibm fixes the following issues:
Update to Java 7.1 Service Refresh 4 Fix Pack 45.
Security issues fixed:
- CVE-2019-10245: Fixed Java bytecode verifier issue causing crashes (bsc#1134718).
- CVE-2019-2698: Fixed out of bounds access flaw in the 2D component (bsc#1132729).
- CVE-2019-2697: Fixed flaw inside the 2D component (bsc#1132734).
- CVE-2019-2602: Fixed flaw inside BigDecimal implementation (Component: Libraries) (bsc#1132728).
- CVE-2019-2684: Fixed flaw was found in the RMI registry implementation (bsc#1132732).
ImportantSUSE bug 1132728SUSE bug 1132729SUSE bug 1132732SUSE bug 1132734SUSE bug 1134718CVE-2019-10245 at SUSECVE-2019-10245 at NVDCVE-2019-2602 at SUSECVE-2019-2602 at NVDCVE-2019-2684 at SUSECVE-2019-2684 at NVDCVE-2019-2697 at SUSECVE-2019-2697 at NVDCVE-2019-2698 at SUSECVE-2019-2698 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for java-1_7_1-ibm fixes the following issues:
Update to Java 7.1 Service Refresh 4 Fix Pack 50.
Security issues fixed:
- CVE-2019-11771: IBM Security Update July 2019 (bsc#1147021)
- CVE-2019-11775: IBM Security Update July 2019 (bsc#1147021)
- CVE-2019-4473: IBM Security Update July 2019 (bsc#1147021)
- CVE-2019-7317: Fixed issue inside Component AWT (libpng)(bsc#1141780).
- CVE-2019-2769: Fixed issue inside Component Utilities (bsc#1141783).
- CVE-2019-2762: Fixed issue inside Component Utilities (bsc#1141782).
- CVE-2019-2816: Fixed issue inside Component Networking (bsc#1141785).
- CVE-2019-2766: Fixed issue inside Component Networking (bsc#1141789).
ImportantSUSE bug 1141780SUSE bug 1141782SUSE bug 1141783SUSE bug 1141785SUSE bug 1141789SUSE bug 1147021CVE-2019-11771 at SUSECVE-2019-11771 at NVDCVE-2019-11775 at SUSECVE-2019-11775 at NVDCVE-2019-2762 at SUSECVE-2019-2762 at NVDCVE-2019-2766 at SUSECVE-2019-2766 at NVDCVE-2019-2769 at SUSECVE-2019-2769 at NVDCVE-2019-2816 at SUSECVE-2019-2816 at NVDCVE-2019-4473 at SUSECVE-2019-4473 at NVDCVE-2019-7317 at SUSECVE-2019-7317 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for java-1_7_1-ibm fixes the following issues:
- Update to 7.1 Service Refresh 4 Fix Pack 55 [bsc#1158442, bsc#1154212]
* Security fixes:
CVE-2019-2933 CVE-2019-2945 CVE-2019-2962 CVE-2019-2964
CVE-2019-2978 CVE-2019-2983 CVE-2019-2989 CVE-2019-2992
CVE-2019-2999 CVE-2019-2973 CVE-2019-2981
ModerateSUSE bug 1154212SUSE bug 1158442CVE-2019-2933 at SUSECVE-2019-2933 at NVDCVE-2019-2945 at SUSECVE-2019-2945 at NVDCVE-2019-2962 at SUSECVE-2019-2962 at NVDCVE-2019-2964 at SUSECVE-2019-2964 at NVDCVE-2019-2973 at SUSECVE-2019-2973 at NVDCVE-2019-2978 at SUSECVE-2019-2978 at NVDCVE-2019-2981 at SUSECVE-2019-2981 at NVDCVE-2019-2983 at SUSECVE-2019-2983 at NVDCVE-2019-2989 at SUSECVE-2019-2989 at NVDCVE-2019-2992 at SUSECVE-2019-2992 at NVDCVE-2019-2999 at SUSECVE-2019-2999 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for java-1_7_1-ibm fixes the following issues:
Java was updated to 7.1 Service Refresh 4 Fix Pack 60 [bsc#1162972, bsc#1160968].
Security issues fixed:
- CVE-2020-2583: Fixed a serialization vulnerability in BeanContextSupport (bsc#1162972).
- CVE-2020-2593: Fixed an incorrect check in isBuiltinStreamHandler, causing URL normalization issues (bsc#1162972).
- CVE-2020-2604: Fixed a serialization issue in jdk.serialFilter (bsc#1162972).
- CVE-2020-2659: Fixed the incomplete enforcement of the maxDatagramSockets limit in DatagramChannelImpl (bsc#1162972).
ImportantSUSE bug 1160968SUSE bug 1162972CVE-2020-2583 at SUSECVE-2020-2583 at NVDCVE-2020-2593 at SUSECVE-2020-2593 at NVDCVE-2020-2604 at SUSECVE-2020-2604 at NVDCVE-2020-2659 at SUSECVE-2020-2659 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for java-1_7_1-ibm fixes the following issues:
java-1_7_1-ibm was updated to Java 7.1 Service Refresh 4 Fix Pack 65 (bsc#1172277 and bsc#1169511)
- CVE-2020-2654: Fixed an issue which could have resulted in unauthorized ability to cause a partial denial of service
- CVE-2020-2756: Improved mapping of serial ENUMs
- CVE-2020-2757: Less Blocking Array Queues
- CVE-2020-2781: Improved TLS session handling
- CVE-2020-2800: Improved Headings for HTTP Servers
- CVE-2020-2803: Enhanced buffering of byte buffers
- CVE-2020-2805: Enhanced typing of methods
- CVE-2020-2830: Improved Scanner conversions
ImportantSUSE bug 1169511SUSE bug 1172277CVE-2020-2654 at SUSECVE-2020-2654 at NVDCVE-2020-2756 at SUSECVE-2020-2756 at NVDCVE-2020-2757 at SUSECVE-2020-2757 at NVDCVE-2020-2781 at SUSECVE-2020-2781 at NVDCVE-2020-2800 at SUSECVE-2020-2800 at NVDCVE-2020-2803 at SUSECVE-2020-2803 at NVDCVE-2020-2805 at SUSECVE-2020-2805 at NVDCVE-2020-2830 at SUSECVE-2020-2830 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for java-1_7_1-ibm fixes the following issues:
- Update to Java 7.1 Service Refresh 4 Fix Pack 70 [bsc#1175259, bsc#1174157]
CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14621
CVE-2020-14593 CVE-2020-14583 CVE-2019-17639
* Class Libraries:
- UPDATE TIMEZONE INFORMATION TO TZDATA2020A
* Security:
- CERTIFICATEEXCEPTION OCCURS WHEN FILE.ENCODING PROPERTY SET TO
NON DEFAULT VALUE
ModerateSUSE bug 1174157SUSE bug 1175259CVE-2019-17639 at SUSECVE-2019-17639 at NVDCVE-2020-14577 at SUSECVE-2020-14577 at NVDCVE-2020-14578 at SUSECVE-2020-14578 at NVDCVE-2020-14579 at SUSECVE-2020-14579 at NVDCVE-2020-14583 at SUSECVE-2020-14583 at NVDCVE-2020-14593 at SUSECVE-2020-14593 at NVDCVE-2020-14621 at SUSECVE-2020-14621 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for java-1_7_1-ibm fixes the following issues:
- Update to Java 7.1 Service Refresh 4 Fix Pack 75 [bsc#1180063, bsc#1177943]
CVE-2020-14792 CVE-2020-14797 CVE-2020-14782 CVE-2020-14781
CVE-2020-14779 CVE-2020-14798 CVE-2020-14796 CVE-2020-14803
* Class Libraries:
- Z/OS specific C function send_file is changing the file pointer position
* Security:
- Add the new oracle signer certificate
- Certificate parsing error
- JVM memory growth can be caused by the IBMPKCS11IMPL crypto provider
- Remove check for websphere signed jars
- sessionid.hashcode generates too many collisions
- The Java 8 IBM certpath provider does not honor the user
specified system property for CLR connect timeout
ModerateSUSE bug 1177943SUSE bug 1180063CVE-2020-14779 at SUSECVE-2020-14779 at NVDCVE-2020-14781 at SUSECVE-2020-14781 at NVDCVE-2020-14782 at SUSECVE-2020-14782 at NVDCVE-2020-14792 at SUSECVE-2020-14792 at NVDCVE-2020-14796 at SUSECVE-2020-14796 at NVDCVE-2020-14797 at SUSECVE-2020-14797 at NVDCVE-2020-14798 at SUSECVE-2020-14798 at NVDCVE-2020-14803 at SUSECVE-2020-14803 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for java-1_7_1-ibm fixes the following issues:
- Update to Java 7.1 Service Refresh 4 Fix Pack 80
[bsc#1182186, bsc#1181239, CVE-2020-27221, CVE-2020-14803]
* CVE-2020-27221: Potential for a stack-based buffer overflow
when the virtual machine or JNI natives are converting from
UTF-8 characters to platform encoding.
* CVE-2020-14803: Unauthenticated attacker with network access
via multiple protocols allows to compromise Java SE.
ImportantSUSE bug 1181239SUSE bug 1182186CVE-2020-14803 at SUSECVE-2020-14803 at NVDCVE-2020-27221 at SUSECVE-2020-27221 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for java-1_7_1-ibm fixes the following issues:
- Update to Java 7.1 Service Refresh 5 Fix Pack 0
- CVE-2021-41035: before version 0.29.0, the openj9 JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. (bsc#1194198, bsc#1192052)
- CVE-2021-35586: Excessive memory allocation in BMPImageReader. (bsc#1191914)
- CVE-2021-35564: Certificates with end dates too far in the future can corrupt keystore. (bsc#1191913)
- CVE-2021-35559: Excessive memory allocation in RTFReader. (bsc#1191911)
- CVE-2021-35556: Excessive memory allocation in RTFParser. (bsc#1191910)
- CVE-2021-35565: Loop in HttpsServer triggered during TLS session close. (bsc#1191909)
- CVE-2021-35588: Incomplete validation of inner class references in ClassFileParser. (bsc#1191905)
- CVE-2021-2341: Fixed a flaw inside the FtpClient. (bsc#1188564)
- CVE-2021-2369: JAR file handling problem containing multiple MANIFEST.MF files. (bsc#1188565)
- CVE-2021-2432: Fixed a vulnerability in the omponent JNDI. (bsc#1188568)
- CVE-2021-2163: Incomplete enforcement of JAR signing disabled algorithms. (bsc#1185055)
ModerateSUSE bug 1185055SUSE bug 1188564SUSE bug 1188565SUSE bug 1188568SUSE bug 1191905SUSE bug 1191909SUSE bug 1191910SUSE bug 1191911SUSE bug 1191913SUSE bug 1191914SUSE bug 1192052SUSE bug 1194198SUSE bug 1194232CVE-2021-2163 at SUSECVE-2021-2163 at NVDCVE-2021-2341 at SUSECVE-2021-2341 at NVDCVE-2021-2369 at SUSECVE-2021-2369 at NVDCVE-2021-2432 at SUSECVE-2021-2432 at NVDCVE-2021-35556 at SUSECVE-2021-35556 at NVDCVE-2021-35559 at SUSECVE-2021-35559 at NVDCVE-2021-35564 at SUSECVE-2021-35564 at NVDCVE-2021-35565 at SUSECVE-2021-35565 at NVDCVE-2021-35586 at SUSECVE-2021-35586 at NVDCVE-2021-35588 at SUSECVE-2021-35588 at NVDCVE-2021-41035 at SUSECVE-2021-41035 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for java-1_7_1-ibm fixes the following issues:
Update Java 7.1 to Service Refresh 7 Fix Pack 5 (bsc#1197126).
Including fixes for the following vulnerabilities:
CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349,
CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,
CVE-2022-21299, CVE-2022-21296, CVE-2022-21282, CVE-2022-21294,
CVE-2022-21293, CVE-2022-21291, CVE-2022-21283, CVE-2022-21248,
CVE-2022-21271.
ImportantSUSE bug 1194925SUSE bug 1194926SUSE bug 1194927SUSE bug 1194928SUSE bug 1194929SUSE bug 1194930SUSE bug 1194931SUSE bug 1194932SUSE bug 1194933SUSE bug 1194934SUSE bug 1194935SUSE bug 1194937SUSE bug 1194939SUSE bug 1194940SUSE bug 1194941SUSE bug 1196500SUSE bug 1197126CVE-2022-21248 at SUSECVE-2022-21248 at NVDCVE-2022-21271 at SUSECVE-2022-21271 at NVDCVE-2022-21277 at SUSECVE-2022-21277 at NVDCVE-2022-21282 at SUSECVE-2022-21282 at NVDCVE-2022-21283 at SUSECVE-2022-21283 at NVDCVE-2022-21291 at SUSECVE-2022-21291 at NVDCVE-2022-21293 at SUSECVE-2022-21293 at NVDCVE-2022-21294 at SUSECVE-2022-21294 at NVDCVE-2022-21296 at SUSECVE-2022-21296 at NVDCVE-2022-21299 at SUSECVE-2022-21299 at NVDCVE-2022-21305 at SUSECVE-2022-21305 at NVDCVE-2022-21340 at SUSECVE-2022-21340 at NVDCVE-2022-21341 at SUSECVE-2022-21341 at NVDCVE-2022-21349 at SUSECVE-2022-21349 at NVDCVE-2022-21360 at SUSECVE-2022-21360 at NVDCVE-2022-21365 at SUSECVE-2022-21365 at NVDCVE-2022-21366 at SUSECVE-2022-21366 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for java-1_7_1-ibm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
IBM Java 7.1 was updated to version 7.1-3.50 to fix the following security issues:
CVE-2016-3485 CVE-2016-3511 CVE-2016-3598
Please see https://www.ibm.com/developerworks/java/jdk/alerts/ for more information.
ImportantSUSE bug 992537CVE-2016-3485 at SUSECVE-2016-3485 at NVDCVE-2016-3511 at SUSECVE-2016-3511 at NVDCVE-2016-3598 at SUSECVE-2016-3598 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for jpeg (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for jpeg fixes the following issues:
* CVE-2017-15232: NULL pointer dereferences in jdpostct.c and jquant1.c could
lead to denial of service (crash) when processing images [bsc#1062937]
* CVE-2018-11813: Fixed the end-of-file mishandling in read_pixel in rdtarga.c,
which allowed remote attackers to cause a denial-of-service via crafted JPG
files due to a large loop [bsc#1096209]
* CVE-2018-1152: Fixed a denial of service in start_input_bmp() rdbmp.c caused
by a divide by zero when processing a crafted BMP image [bsc#1098155]
ModerateSUSE bug 1062937SUSE bug 1096209SUSE bug 1098155CVE-2017-15232 at SUSECVE-2017-15232 at NVDCVE-2018-1152 at SUSECVE-2018-1152 at NVDCVE-2018-11813 at SUSECVE-2018-11813 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for kdebase4-workspace (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for kdebase4-workspace fixes the following issues:
- CVE-2014-8651: Privilege escalation via KDE Clock KCM helper when non-default polkit settings are used (bsc#904625)
The following non-security bugs were fixed:
- bsc#929718: Make kdm recognize an IPv6 localhost address as localhost
ModerateSUSE bug 904625SUSE bug 929718CVE-2014-8651 at SUSECVE-2014-8651 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for kdelibs3 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for kdelibs3 fixes the following issues:
- CVE-2015-7543: Insecure creation of temporary directories allowed local users
to hijack the IPC by pre-creating the temporary directory (bsc#958347).
ModerateSUSE bug 958347CVE-2015-7543 at SUSECVE-2015-7543 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2016-5829: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call (bnc#986572).
- CVE-2016-4997: The compat IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362).
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bnc#984755).
The following non-security bugs were fixed:
- RDMA/cxgb4: Configure 0B MRs to match HW implementation (bsc#909589).
- RDMA/cxgb4: Do not hang threads forever waiting on WR replies (bsc#909589).
- RDMA/cxgb4: Fix locking issue in process_mpa_request (bsc#909589).
- RDMA/cxgb4: Handle NET_XMIT return codes (bsc#909589).
- RDMA/cxgb4: Increase epd buff size for debug interface (bsc#909589).
- RDMA/cxgb4: Limit MRs to less than 8GB for T4/T5 devices (bsc#909589).
- RDMA/cxgb4: Serialize CQ event upcalls with CQ destruction (bsc#909589).
- RDMA/cxgb4: Wake up waiters after flushing the qp (bsc#909589).
- bridge: superfluous skb->nfct check in br_nf_dev_queue_xmit (bsc#982544).
- iucv: call skb_linearize() when needed (bnc#979915, LTC#141240).
- kabi: prevent spurious modversion changes after bsc#982544 fix (bsc#982544).
- mm/swap.c: flush lru pvecs on compound page arrival (bnc#983721).
- mm: Fix DIF failures on ext3 filesystems (bsc#971030).
- net/qlge: Avoids recursive EEH error (bsc#954847).
- netfilter: bridge: Use __in6_dev_get rather than in6_dev_get in br_validate_ipv6 (bsc#982544).
- netfilter: bridge: do not leak skb in error paths (bsc#982544).
- netfilter: bridge: forward IPv6 fragmented packets (bsc#982544).
- qeth: delete napi struct when removing a qeth device (bnc#979915, LTC#143590).
- s390/mm: fix asce_bits handling with dynamic pagetable levels (bnc#979915, LTC#141456).
- s390/pci: fix use after free in dma_init (bnc#979915, LTC#141626).
- s390: fix test_fp_ctl inline assembly contraints (bnc#979915, LTC#143138).
- sched/cputime: Fix clock_nanosleep()/clock_gettime() inconsistency (bnc#988498).
- sched/cputime: Fix cpu_timer_sample_group() double accounting (bnc#988498).
- sched: Provide update_curr callbacks for stop/idle scheduling classes (bnc#988498).
- x86/mm/pat, /dev/mem: Remove superfluous error message (bsc#974620).
ImportantSUSE bug 909589SUSE bug 954847SUSE bug 971030SUSE bug 974620SUSE bug 979915SUSE bug 982544SUSE bug 983721SUSE bug 984755SUSE bug 986362SUSE bug 986572SUSE bug 988498CVE-2016-4470 at SUSECVE-2016-4470 at NVDCVE-2016-4997 at SUSECVE-2016-4997 at NVDCVE-2016-5829 at SUSECVE-2016-5829 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
For the PowerPC64 a new 'bigmem' flavor has been added to support big Power machines. (FATE#319026)
The following security bugs were fixed:
- CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in the Linux kernel, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bnc#1004517).
- CVE-2016-7097: The filesystem implementation in the Linux kernel preserves the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions (bnc#995968).
- CVE-2015-8956: The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel allowed local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket (bnc#1003925).
- CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077).
- CVE-2016-0823: The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel allowed local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721 (bnc#994759).
- CVE-2016-7425: The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel did not restrict a certain length field, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code (bnc#999932).
- CVE-2016-3841: The IPv6 stack in the Linux kernel mishandled options data, which allowed local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call (bnc#992566).
- CVE-2016-6828: The tcp_check_send_head function in include/net/tcp.h in the Linux kernel did not properly maintain certain SACK state after a failed data copy, which allowed local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option (bnc#994296).
- CVE-2016-5696: net/ipv4/tcp_input.c in the Linux kernel did not properly determine the rate of challenge ACK segments, which made it easier for remote attackers to hijack TCP sessions via a blind in-window attack (bnc#989152).
- CVE-2016-6480: Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a 'double fetch' vulnerability (bnc#991608).
- CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary (bnc#986365).
- CVE-2015-7513: arch/x86/kvm/x86.c in the Linux kernel did not reset the PIT counter values during state restoration, which allowed guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions (bnc#960689).
- CVE-2013-4312: The Linux kernel allowed local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c (bnc#839104 bsc#922947 bsc#968014).
The following non-security bugs were fixed:
- ahci: Order SATA device IDs for codename Lewisburg (fate#319286).
- ahci: Remove obsolete Intel Lewisburg SATA RAID device IDs (fate#319286).
- alsa: hda - Add Intel Lewisburg device IDs Audio (fate#319286).
- arch/powerpc: Remove duplicate/redundant Altivec entries (bsc#967716).
- avoid dentry crash triggered by NFS (bsc#984194).
- bigmem: Add switch to configure bigmem patches (bsc#928138,fate#319026).
- blktap2: eliminate deadlock potential from shutdown path (bsc#909994).
- blktap2: eliminate race from deferred work queue handling (bsc#911687).
- bnx2x: fix lockdep splat (bsc#908684 FATE#317539).
- bonding: always set recv_probe to bond_arp_rcv in arp monitor (bsc#977687).
- bonding: fix bond_arp_rcv setting and arp validate desync state (bsc#977687).
- btrfs: account for non-CoW'd blocks in btrfs_abort_transaction (bsc#983619).
- btrfs: ensure that file descriptor used with subvol ioctls is a dir (bsc#999600).
- cdc-acm: added sanity checking for probe() (bsc#993891).
- config.conf: add bigmem flavour on ppc64
- cpumask, nodemask: implement cpumask/nodemask_pr_args() (bnc1003866).
- cxgb4: Set VPD size so we can read both VPD structures (bsc#976867).
- dm space map metadata: fix sm_bootstrap_get_nr_blocks() (FATE#313903).
- dm thin: fix race condition when destroying thin pool workqueue (FATE#313903).
- drivers: hv: vmbus: avoid scheduling in interrupt context in vmbus_initiate_unload() (bnc#986337).
- drivers: hv: vmbus: avoid wait_for_completion() on crash (bnc#986337).
- drivers: hv: vmbus: do not loose HVMSG_TIMER_EXPIRED messages (bnc#986337).
- drivers: hv: vmbus: do not send CHANNELMSG_UNLOAD on pre-Win2012R2 hosts (bnc#986337).
- drivers: hv: vmbus: handle various crash scenarios (bnc#986337).
- drivers: hv: vmbus: remove code duplication in message handling (bnc#986337).
- drivers: hv: vss: run only on supported host versions (bnc#986337).
- fs/cifs: cifs_get_root shouldn't use path with tree name (bsc#963655, bsc#979681).
- fs/cifs: Compare prepaths when comparing superblocks (bsc#799133).
- fs/cifs: Fix memory leaks in cifs_do_mount() (bsc#799133).
- fs/cifs: Fix regression which breaks DFS mounting (bsc#799133).
- fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681)
- fs/cifs: make share unaccessible at root level mountable (bsc#799133).
- fs/cifs: Move check for prefix path to within cifs_get_root() (bsc#799133).
- fs/select: add vmalloc fallback for select(2) (bsc#1000189).
- hv: do not lose pending heartbeat vmbus packets (bnc#1006919).
- i2c: i801: add Intel Lewisburg device IDs (fate#319286).
- i40e: fix an uninitialized variable bug (bsc#909484 FATE#317397).
- include/linux/mmdebug.h: should include linux/bug.h (bnc#971975 VM performance -- git fixes).
- increase CONFIG_NR_IRQS 512 -> 2048 reportedly irq error with multiple nvme and tg3 in the same machine is resolved by increasing CONFIG_NR_IRQS (bsc#998399)
- introduce SIZE_MAX (bsc#1000189).
- ipv6: replacing a rt6_info needs to purge possible propagated rt6_infos too (bsc#865783).
- kabi: Import kabi files from 3.0.101-80
- kabi-fix for flock_owner addition (bsc#998689).
- kabi, unix: properly account for FDs passed over unix sockets (bnc#839104).
- kaweth: fix firmware download (bsc#993890).
- kaweth: fix oops upon failed memory allocation (bsc#993890).
- kvm: x86: only channel 0 of the i8254 is linked to the HPET (bsc#960689).
- kvm: x86: SYSENTER emulation is broken (bsc#994618).
- libata: support the ata host which implements a queue depth less than 32 (bsc#871728)
- libfc: sanity check cpu number extracted from xid (bsc#988440).
- lib/vsprintf: implement bitmap printing through '%*pb[l]' (bnc#1003866).
- lpfc: call lpfc_sli_validate_fcp_iocb() with the hbalock held (bsc#951392).
- bigmem: make bigmem patches configurable (bsc#928138,fate#319026).
- md: check command validity early in md_ioctl() (bsc#1004520).
- md: Drop sending a change uevent when stopping (bsc#1003568).
- md: fix problem when adding device to read-only array with bitmap (bnc#771065).
- md: lockless I/O submission for RAID1 (bsc#982783).
- md/raid10: always set reshape_safe when initializing reshape_position (fate#311379).
- md/raid10: Fix memory leak when raid10 reshape completes (fate#311379).
- mm: fix sleeping function warning from __put_anon_vma (bnc#1005857).
- mm/memory.c: actually remap enough memory (bnc#1005903).
- mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED (VM Functionality, bnc#986445).
- mm, vmscan: Do not wait for page writeback for GFP_NOFS allocations (bnc#763198).
- Move patches that create ppc64-bigmem to the powerpc section. Add comments that outline the procedure and warn the unsuspecting.
- move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (bsc#984194).
- mpt2sas, mpt3sas: Fix panic when aer correct error occurred (bsc#997708).
- mshyperv: fix recognition of Hyper-V guest crash MSR's (bnc#986337).
- net: add pfmemalloc check in sk_add_backlog() (bnc#920016).
- netback: fix flipping mode (bsc#996664).
- netfilter: ipv4: defrag: set local_df flag on defragmented skb (bsc#907611).
- netvsc: fix incorrect receive checksum offloading (bnc#1006917).
- nfs4: reset states to use open_stateid when returning delegation voluntarily (bsc#1007944).
- nfs: Do not disconnect open-owner on NFS4ERR_BAD_SEQID (bsc#989261).
- nfs: Do not drop directory dentry which is in use (bsc#993127).
- nfs: Do not write enable new pages while an invalidation is proceeding (bsc#999584).
- nfs: Fix an LOCK/OPEN race when unlinking an open file (bsc#956514).
- nfs: Fix a regression in the read() syscall (bsc#999584).
- nfs: Fix races in nfs_revalidate_mapping (bsc#999584).
- nfs: fix the handling of NFS_INO_INVALID_DATA flag in nfs_revalidate_mapping (bsc#999584).
- nfs: Fix writeback performance issue on cache invalidation (bsc#999584).
- nfs: Refresh open-owner id when server says SEQID is bad (bsc#989261).
- nfsv4.1: Fix an NFSv4.1 state renewal regression (bnc#863873).
- nfsv4: add flock_owner to open context (bnc#998689).
- nfsv4: change nfs4_do_setattr to take an open_context instead of a nfs4_state (bnc#998689).
- nfsv4: change nfs4_select_rw_stateid to take a lock_context inplace of lock_owner (bnc#998689).
- nfsv4: do not check MAY_WRITE access bit in OPEN (bsc#985206).
- nfsv4: enhance nfs4_copy_lock_stateid to use a flock stateid if there is one (bnc#998689).
- nfsv4: fix broken patch relating to v4 read delegations (bsc#956514, bsc#989261, bsc#979595).
- nfsv4: Fix range checking in __nfs4_get_acl_uncached and __nfs4_proc_set_acl (bsc#982218).
- oom: print nodemask in the oom report (bnc#1003866).
- pci: Add pci_set_vpd_size() to set VPD size (bsc#976867).
- pciback: fix conf_space read/write overlap check.
- pciback: return proper values during BAR sizing.
- pci_ids: Add PCI device ID functions 3 and 4 for newer F15h models (fate#321400).
- pm / hibernate: Fix rtree_next_node() to avoid walking off list ends (bnc#860441).
- powerpc/64: Fix incorrect return value from __copy_tofrom_user (bsc#1005896).
- powerpc: Add ability to build little endian kernels (bsc#967716).
- powerpc: add kernel parameter iommu_alloc_quiet (bsc#994926).
- powerpc: Avoid load of static chain register when calling nested functions through a pointer on 64bit (bsc#967716).
- powerpc: blacklist fixes for unsupported subarchitectures ppc32 only: 6e0fdf9af216 powerpc: fix typo 'CONFIG_PMAC' obscure hardware: f7e9e3583625 powerpc: Fix missing L2 cache size in /sys/devices/system/cpu
- powerpc: Build fix for powerpc KVM (bsc#928138,fate#319026).
- powerpc: Do not build assembly files with ABIv2 (bsc#967716).
- powerpc: Do not use ELFv2 ABI to build the kernel (bsc#967716).
- powerpc: dtc is required to build dtb files (bsc#967716).
- powerpc: Fix 64 bit builds with binutils 2.24 (bsc#967716).
- powerpc: Fix error when cross building TAGS & cscope (bsc#967716).
- powerpc: Make the vdso32 also build big-endian (bsc#967716).
- powerpc: Make VSID_BITS* dependency explicit (bsc#928138,fate#319026).
- powerpc/mm: Add 64TB support (bsc#928138,fate#319026).
- powerpc/mm: Change the swap encoding in pte (bsc#973203).
- powerpc/mm: Convert virtual address to vpn (bsc#928138,fate#319026).
- powerpc/mm: Fix hash computation function (bsc#928138,fate#319026).
- powerpc/mm: Increase the slice range to 64TB (bsc#928138,fate#319026).
- powerpc/mm: Make KERN_VIRT_SIZE not dependend on PGTABLE_RANGE (bsc#928138,fate#319026).
- powerpc/mm: Make some of the PGTABLE_RANGE dependency explicit (bsc#928138,fate#319026).
- powerpc/mm: Replace open coded CONTEXT_BITS value (bsc#928138,fate#319026).
- powerpc/mm: Simplify hpte_decode (bsc#928138,fate#319026).
- powerpc/mm: Update VSID allocation documentation (bsc#928138,fate#319026).
- powerpc/mm: Use 32bit array for slb cache (bsc#928138,fate#319026).
- powerpc/mm: Use hpt_va to compute virtual address (bsc#928138,fate#319026).
- powerpc/mm: Use the required number of VSID bits in slbmte (bsc#928138,fate#319026).
- powerpc: Move kdump default base address to half RMO size on 64bit (bsc#1003344).
- powerpc: Remove altivec fix for gcc versions before 4.0 (bsc#967716).
- powerpc: Remove buggy 9-year-old test for binutils < 2.12.1 (bsc#967716).
- powerpc: Rename USER_ESID_BITS* to ESID_BITS* (bsc#928138,fate#319026).
- powerpc: Require gcc 4.0 on 64-bit (bsc#967716).
- powerpc: Update kernel VSID range (bsc#928138,fate#319026).
- ppp: defer netns reference release for ppp channel (bsc#980371).
- qlcnic: fix a timeout loop (bsc#909350 FATE#317546)
- random32: add prandom_u32_max (bsc#989152).
- remove problematic preprocessor constructs (bsc#928138,fate#319026).
- REVERT fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681)
- rpm/constraints.in: Bump x86 disk space requirement to 20GB Clamav tends to run out of space nowadays.
- rpm/package-descriptions: add -bigmem description
- s390/cio: fix accidental interrupt enabling during resume (bnc#1003677, LTC#147606).
- s390/dasd: fix hanging device after clear subchannel (bnc#994436, LTC#144640).
- s390/time: LPAR offset handling (bnc#1003677, LTC#146920).
- s390/time: move PTFF definitions (bnc#1003677, LTC#146920).
- sata: Adding Intel Lewisburg device IDs for SATA (fate#319286).
- sched/core: Fix an SMP ordering race in try_to_wake_up() vs. schedule() (bnc#1001419).
- sched/core: Fix a race between try_to_wake_up() and a woken up task (bnc#1002165).
- sched: Fix possible divide by zero in avg_atom() calculation (bsc#996329).
- scripts/bigmem-generate-ifdef-guard: auto-regen patches.suse/ppc64-bigmem-introduce-CONFIG_BIGMEM
- scripts/bigmem-generate-ifdef-guard: Include this script to regenerate patches.suse/ppc64-bigmem-introduce-CONFIG_BIGMEM
- scripts/bigmem-generate-ifdef-guard: make executable
- scsi_dh_rdac: retry inquiry for UNIT ATTENTION (bsc#934760).
- scsi: do not print 'reservation conflict' for TEST UNIT READY (bsc#984102).
- scsi: ibmvfc: add FC Class 3 Error Recovery support (bsc#984992).
- scsi: ibmvfc: Fix I/O hang when port is not mapped (bsc#971989)
- scsi: ibmvfc: Set READ FCP_XFER_READY DISABLED bit in PRLI (bsc#984992).
- scsi_scan: Send TEST UNIT READY to LUN0 before LUN scanning (bnc#843236,bsc#989779).
- scsi: zfcp: spin_lock_irqsave() is not nestable (bsc#1003677,LTC#147374).
- Set CONFIG_DEBUG_INFO=y and CONFIG_DEBUG_INFO_REDUCED=n on all platforms The specfile adjusts the config if necessary, but a new version of run_oldconfig.sh requires the settings to be present in the repository.
- sfc: on MC reset, clear PIO buffer linkage in TXQs (bsc#909618 FATE#317521).
- sort hyperv patches properly in series.conf
- sunrpc/cache: drop reference when sunrpc_cache_pipe_upcall() detects a race (bnc#803320).
- tg3: Avoid NULL pointer dereference in tg3_io_error_detected() (bsc#908458 FATE#317507).
- tmpfs: change final i_blocks BUG to WARNING (bsc#991923).
- tty: Signal SIGHUP before hanging up ldisc (bnc#989764).
- Update patches.xen/xen3-auto-arch-x86.diff (bsc#929141, a.o.).
- usb: fix typo in wMaxPacketSize validation (bsc#991665).
- usb: hub: Fix auto-remount of safely removed or ejected USB-3 devices (bsc#922634).
- usb: hub: Fix unbalanced reference count/memory leak/deadlocks (bsc#968010).
- usb: validate wMaxPacketValue entries in endpoint descriptors (bnc#991665).
- vlan: do not deliver frames for unknown vlans to protocols (bsc#979514).
- vlan: mask vlan prio bits (bsc#979514).
- vmxnet3: Wake queue from reset work (bsc#999907).
- x86, amd_nb: Clarify F15h, model 30h GART and L3 support (fate#321400).
- x86/asm/traps: Disable tracing and kprobes in fixup_bad_iret and sync_regs (bsc#909077).
- x86/cpu/amd: Set X86_FEATURE_EXTD_APICID for future processors (fate#321400).
- x86/gart: Check for GART support before accessing GART registers (fate#321400).
- x86/MCE/intel: Cleanup CMCI storm logic (bsc#929141).
- xenbus: inspect the correct type in xenbus_dev_request_and_reply().
- xen: x86/mm/pat, /dev/mem: Remove superfluous error message (bsc#974620).
- xfs: Avoid grabbing ilock when file size is not changed (bsc#983535).
- xfs: Silence warnings in xfs_vm_releasepage() (bnc#915183 bsc#987565).
- zfcp: close window with unblocked rport during rport gone (bnc#1003677, LTC#144310).
- zfcp: fix D_ID field with actual value on tracing SAN responses (bnc#1003677, LTC#144312).
- zfcp: fix ELS/GS request&response length for hardware data router (bnc#1003677, LTC#144308).
- zfcp: fix payload trace length for SAN request&response (bnc#1003677, LTC#144312).
- zfcp: restore: Dont use 0 to indicate invalid LUN in rec trace (bnc#1003677, LTC#144312).
- zfcp: restore tracing of handle for port and LUN with HBA records (bnc#1003677, LTC#144312).
- zfcp: retain trace level for SCSI and HBA FSF response records (bnc#1003677, LTC#144312).
- zfcp: trace full payload of all SAN records (req,resp,iels) (bnc#1003677, LTC#144312).
- zfcp: trace on request for open and close of WKA port (bnc#1003677, LTC#144312).
ImportantSUSE bug 1000189SUSE bug 1001419SUSE bug 1002165SUSE bug 1003077SUSE bug 1003344SUSE bug 1003568SUSE bug 1003677SUSE bug 1003866SUSE bug 1003925SUSE bug 1004517SUSE bug 1004520SUSE bug 1005857SUSE bug 1005896SUSE bug 1005903SUSE bug 1006917SUSE bug 1006919SUSE bug 1007944SUSE bug 763198SUSE bug 771065SUSE bug 799133SUSE bug 803320SUSE bug 839104SUSE bug 843236SUSE bug 860441SUSE bug 863873SUSE bug 865783SUSE bug 871728SUSE bug 907611SUSE bug 908458SUSE bug 908684SUSE bug 909077SUSE bug 909350SUSE bug 909484SUSE bug 909618SUSE bug 909994SUSE bug 911687SUSE bug 915183SUSE bug 920016SUSE bug 922634SUSE bug 922947SUSE bug 928138SUSE bug 929141SUSE bug 934760SUSE bug 951392SUSE bug 956514SUSE bug 960689SUSE bug 963655SUSE bug 967716SUSE bug 968010SUSE bug 968014SUSE bug 971975SUSE bug 971989SUSE bug 973203SUSE bug 974620SUSE bug 976867SUSE bug 977687SUSE bug 979514SUSE bug 979595SUSE bug 979681SUSE bug 980371SUSE bug 982218SUSE bug 982783SUSE bug 983535SUSE bug 983619SUSE bug 984102SUSE bug 984194SUSE bug 984992SUSE bug 985206SUSE bug 986337SUSE bug 986362SUSE bug 986365SUSE bug 986445SUSE bug 987565SUSE bug 988440SUSE bug 989152SUSE bug 989261SUSE bug 989764SUSE bug 989779SUSE bug 991608SUSE bug 991665SUSE bug 991923SUSE bug 992566SUSE bug 993127SUSE bug 993890SUSE bug 993891SUSE bug 994296SUSE bug 994436SUSE bug 994618SUSE bug 994759SUSE bug 994926SUSE bug 995968SUSE bug 996329SUSE bug 996664SUSE bug 997708SUSE bug 998399SUSE bug 998689SUSE bug 999584SUSE bug 999600SUSE bug 999907SUSE bug 999932CVE-2013-4312 at SUSECVE-2013-4312 at NVDCVE-2015-7513 at SUSECVE-2015-7513 at NVDCVE-2015-8956 at SUSECVE-2015-8956 at NVDCVE-2016-0823 at SUSECVE-2016-0823 at NVDCVE-2016-3841 at SUSECVE-2016-3841 at NVDCVE-2016-4997 at SUSECVE-2016-4997 at NVDCVE-2016-5696 at SUSECVE-2016-5696 at NVDCVE-2016-6480 at SUSECVE-2016-6480 at NVDCVE-2016-6828 at SUSECVE-2016-6828 at NVDCVE-2016-7042 at SUSECVE-2016-7042 at NVDCVE-2016-7097 at SUSECVE-2016-7097 at NVDCVE-2016-7117 at SUSECVE-2016-7117 at NVDCVE-2016-7425 at SUSECVE-2016-7425 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to 3.0.101-94 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-5551: tmpfs: clear S_ISGID when setting posix ACLs (bsc#1021258).
- CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations
where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations
or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device
NOTE: this vulnerability existed because of an incomplete fix for CVE-2016-9576 (bnc#1017710).
- CVE-2016-5696: TCP, when using a large Window Size, made it easier for remote attackers to guess sequence numbers
and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST
packet, especially in protocols that use long-lived connections, such as BGP (bnc#989152).
- CVE-2015-1350: The VFS subsystem in the Linux kernel 3.x provided an incomplete set of requirements for setattr
operations that underspecified removing extended privilege attributes, which allowed local users to cause a denial
of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove
a capability from the ping or Wireshark dumpcap program (bnc#914939).
- CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship
between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or
cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability
(bnc#1008831).
- CVE-2016-8399: An elevation of privilege vulnerability in the kernel networking subsystem could enable a local
malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate
because it first requires compromising a privileged process and current compiler optimizations restrict access to the
vulnerable code. (bnc#1014746).
- CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of
sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash)
or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system
call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531).
- CVE-2012-6704: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of
sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash)
or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system
call with the (1) SO_SNDBUF or (2) SO_RCVBUF option (bnc#1013542).
- CVE-2016-9756: arch/x86/kvm/emulate.c in the Linux kernel did not properly initialize Code Segment (CS) in certain
error cases, which allowed local users to obtain sensitive information from kernel stack memory via a crafted
application (bnc#1013038).
- CVE-2016-9685: Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel allowed local users
to cause a denial of service (memory consumption) via crafted XFS filesystem operations (bnc#1012832).
- CVE-2015-8962: Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel
allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching
a device during an SG_IO ioctl call (bnc#1010501).
- CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacked chunk-length checking
for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or
possibly have unspecified other impact via crafted SCTP data (bnc#1011685).
- CVE-2016-7910: Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel
allowed local users to gain privileges by leveraging the execution of a certain stop operation even if the
corresponding start operation had failed (bnc#1010716).
- CVE-2016-7911: Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel allowed local
users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call
(bnc#1010711).
- CVE-2013-6368: The KVM subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of
service (system crash) via a VAPIC synchronization operation involving a page-end address (bnc#853052).
- CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel allowed local users
to obtain sensitive information from kernel memory by reading a tty data structure (bnc#1010507).
- CVE-2016-7916: Race condition in the environ_read function in fs/proc/base.c in the Linux kernel allowed local users
to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time
interval in which environment-variable copying is incomplete (bnc#1010467).
- CVE-2016-8646: The hash_accept function in crypto/algif_hash.c in the Linux kernel allowed local users to cause a
denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero
bytes of data (bnc#1010150).
- CVE-2016-8633: drivers/firewire/net.c in the Linux kernel, in certain unusual hardware configurations, allowed remote
attackers to execute arbitrary code via crafted fragmented packets (bnc#1008833).
The following non-security bugs were fixed:
- 8250_pci: Fix potential use-after-free in error path (bsc#1013070).
- KABI fix (bsc#1014410).
- apparmor: fix IRQ stack overflow during free_profile (bsc#1009875).
- be2net: Do not leak iomapped memory on removal (bug#925065).
- block_dev: do not test bdev->bd_contains when it is not stable (bsc#1008557).
- bna: Add synchronization for tx ring (bsc#993739).
- bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).
- crypto: add ghash-generic in the supported.conf(bsc#1016824)
- crypto: aesni - Add support for 192 & 256 bit keys to AESNI RFC4106 (bsc#913387).
- dm: do not call dm_sync_table() when creating new devices (bnc#901809).
- drm/mgag200: Added support for the new deviceID for G200eW3 (bnc#1019348)
- ext3: Avoid premature failure of ext3_has_free_blocks() (bsc#1016668).
- ext4: do not leave i_crtime.tv_sec uninitialized (bsc#1013018).
- ext4: fix reference counting bug on block allocation error (bsc#1013018).
- futex: Acknowledge a new waiter in counter before plist (bsc#851603).
- futex: Drop refcount if requeue_pi() acquired the rtmutex (bsc#851603).
- hpilo: Add support for iLO5 (bsc#999101).
- ibmveth: calculate gso_segs for large packets (bsc#1019165).
- ibmveth: set correct gso_size and gso_type (bsc#1019165).
- igb: Enable SR-IOV configuration via PCI sysfs interface (bsc#909491 FATE#317388).
- igb: Fix NULL assignment to incorrect variable in igb_reset_q_vector (bsc#795297 FATE#313656).
- igb: Fix oops caused by missing queue pairing (bsc#909491 FATE#317388).
- igb: Fix oops on changing number of rings (bsc#909491 FATE#317388).
- igb: Remove unnecessary flag setting in igb_set_flag_queue_pairs() (bsc#909491 FATE#317388).
- igb: Unpair the queues when changing the number of queues (bsc#909491 FATE#317388).
- kexec: add a kexec_crash_loaded() function (bsc#973691).
- kvm: APIC: avoid instruction emulation for EOI writes (bsc#989680).
- kvm: Distangle eventfd code from irqchip (bsc#989680).
- kvm: Iterate over only vcpus that are preempted (bsc#989680).
- kvm: Record the preemption status of vcpus using preempt notifiers (bsc#989680).
- kvm: VMX: Pass vcpu to __vmx_complete_interrupts (bsc#989680).
- kvm: fold kvm_pit_timer into kvm_kpit_state (bsc#989680).
- kvm: make processes waiting on vcpu mutex killable (bsc#989680).
- kvm: nVMX: Add preemption timer support (bsc#989680).
- kvm: remove a wrong hack of delivery PIT intr to vcpu0 (bsc#989680).
- kvm: use symbolic constant for nr interrupts (bsc#989680).
- kvm: x86: Remove support for reporting coalesced APIC IRQs (bsc#989680).
- kvm: x86: Run PIT work in own kthread (bsc#989680).
- kvm: x86: limit difference between kvmclock updates (bsc#989680).
- libata: introduce ata_host->n_tags to avoid oops on SAS controllers (bsc#871728).
- libata: remove n_tags to avoid kABI breakage (bsc#871728).
- libfc: Do not take rdata->rp_mutex when processing a -FC_EX_CLOSED ELS response (bsc#962846).
- libfc: Fixup disc_mutex handling (bsc#962846).
- libfc: Issue PRLI after a PRLO has been received (bsc#962846).
- libfc: Revisit kref handling (bnc#990245).
- libfc: Update rport reference counting (bsc#953233).
- libfc: do not send ABTS when resetting exchanges (bsc#962846).
- libfc: fixup locking of ptp_setup() (bsc#962846).
- libfc: reset exchange manager during LOGO handling (bsc#962846).
- libfc: send LOGO for PLOGI failure (bsc#962846).
- locking/mutex: Explicitly mark task as running after wakeup (bsc#1012411).
- memstick: mspro_block: add missing curly braces (bsc#1016688).
- mlx4: Fix error flow when sending mads under SRIOV (bsc#786036 FATE#314304).
- mlx4: Fix incorrect MC join state bit-masking on SR-IOV (bsc#786036 FATE#314304).
- mlx4: Fix memory leak if QP creation failed (bsc#786036 FATE#314304).
- mlx4: Fix potential deadlock when sending mad to wire (bsc#786036 FATE#314304).
- mlx4: Forbid using sysfs to change RoCE pkeys (bsc#786036 FATE#314304).
- mlx4: Use correct subnet-prefix in QP1 mads under SR-IOV (bsc#786036 FATE#314304).
- mlx4: add missing braces in verify_qp_parameters (bsc#786036 FATE#314304).
- mm/memory_hotplug.c: check for missing sections in test_pages_in_a_zone() (bnc#961589).
- mm: fix crashes from mbind() merging vmas (bnc#1005877).
- mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] (bsc#1011820).
- mremap: enforce rmap src/dst vma ordering in case of vma_merge() succeeding in copy_vma() (bsc#1008645).
- net/mlx4: Copy/set only sizeof struct mlx4_eqe bytes (bsc#786036 FATE#314304).
- net/mlx4_core: Allow resetting VF admin mac to zero (bsc#919382 FATE#317529).
- net/mlx4_core: Avoid returning success in case of an error flow (bsc#786036 FATE#314304).
- net/mlx4_core: Do not BUG_ON during reset when PCI is offline (bsc#924708).
- net/mlx4_core: Do not access comm channel if it has not yet been initialized (bsc#924708).
- net/mlx4_core: Fix error message deprecation for ConnectX-2 cards (bsc#919382 FATE#317529).
- net/mlx4_core: Fix the resource-type enum in res tracker to conform to FW spec (bsc#786036 FATE#314304).
- net/mlx4_core: Implement pci_resume callback (bsc#924708).
- net/mlx4_core: Update the HCA core clock frequency after INIT_PORT (bug#919382 FATE#317529).
- net/mlx4_en: Choose time-stamping shift value according to HW frequency (bsc#919382 FATE#317529).
- net/mlx4_en: Fix HW timestamp init issue upon system startup (bsc#919382 FATE#317529).
- net/mlx4_en: Fix potential deadlock in port statistics flow (bsc#786036 FATE#314304).
- net/mlx4_en: Move filters cleanup to a proper location (bsc#786036 FATE#314304).
- net/mlx4_en: Remove dependency between timestamping capability and service_task (bsc#919382 FATE#317529).
- net/mlx4_en: fix spurious timestamping callbacks (bsc#919382 FATE#317529).
- netfront: do not truncate grant references.
- nfsv4: Cap the transport reconnection timer at 1/2 lease period (bsc#1014410).
- nfsv4: Cleanup the setting of the nfs4 lease period (bsc#1014410).
- nfsv4: Handle timeouts correctly when probing for lease validity (bsc#1014410).
- nvme: Automatic namespace rescan (bsc#1017686).
- nvme: Metadata format support (bsc#1017686).
- ocfs2: fix BUG_ON() in ocfs2_ci_checkpointed() (bnc#1019783).
- posix-timers: Remove remaining uses of tasklist_lock (bnc#997401).
- posix-timers: Use sighand lock instead of tasklist_lock for task clock sample (bnc#997401).
- posix-timers: Use sighand lock instead of tasklist_lock on timer deletion (bnc#997401).
- powerpc/MSI: Fix race condition in tearing down MSI interrupts (bsc#1010201).
- powerpc/mm/hash64: Fix subpage protection with 4K HPTE config (bsc#1010201).
- powerpc/numa: Fix multiple bugs in memory_hotplug_max() (bsc#1010201).
- powerpc/pseries: Use H_CLEAR_HPT to clear MMU hash table during kexec (bsc#1003813).
- powerpc: fix typo 'CONFIG_PPC_CPU' (bsc#1010201).
- powerpc: scan_features() updates incorrect bits for REAL_LE (bsc#1010201).
- printk/sched: Introduce special printk_sched() for those awkward (bsc#996541).
- ptrace: __ptrace_may_access() should not deny sub-threads (bsc#1012851).
- qlcnic: fix a loop exit condition better (bsc#909350 FATE#317546).
- qlcnic: use the correct ring in qlcnic_83xx_process_rcv_ring_diag() (bnc#800999 FATE#313899).
- reiserfs: fix race in prealloc discard (bsc#987576).
- rpm/constraints.in: Bump ppc64 disk requirements to fix OBS builds again
- rpm/kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)
- rt2x00: fix rfkill regression on rt2500pci (bnc#748806).
- s390/zcrypt: kernel: Fix invalid domain response handling (bsc#1016320).
- scsi: Fix erratic device offline during EH (bsc#993832).
- scsi: lpfc: Set elsiocb contexts to NULL after freeing it (bsc#996557).
- scsi: lpfc: avoid double free of resource identifiers (bsc#989896).
- scsi_error: count medium access timeout only once per EH run (bsc#993832).
- scsi_error: fixup crash in scsi_eh_reset (bsc#993832)
- serial: 8250_pci: Detach low-level driver during PCI error recovery (bsc#1013070).
- sunrpc: Enforce an upper limit on the number of cached credentials (bsc#1012917).
- sunrpc: Fix reconnection timeouts (bsc#1014410).
- sunrpc: Fix two issues with drop_caches and the sunrpc auth cache (bsc#1012917).
- sunrpc: Limit the reconnect backoff timer to the max RPC message timeout (bsc#1014410).
- tcp: fix inet6_csk_route_req() for link-local addresses (bsc#1010175).
- tcp: pass fl6 to inet6_csk_route_req() (bsc#1010175).
- tcp: plug dst leak in tcp_v6_conn_request() (bsc#1010175).
- tcp: use inet6_csk_route_req() in tcp_v6_send_synack() (bsc#1010175).
- tg3: Fix temperature reporting (bnc#790588 FATE#313912).
- usb: console: fix potential use after free (bsc#1015817).
- usb: console: fix uninitialised ldisc semaphore (bsc#1015817).
- usb: cp210x: Corrected USB request type definitions (bsc#1015932).
- usb: cp210x: relocate private data from USB interface to port (bsc#1015932).
- usb: cp210x: work around cp2108 GET_LINE_CTL bug (bsc#1015932).
- usb: ftdi_sio: fix null deref at port probe (bsc#1015796).
- usb: ipaq.c: fix a timeout loop (bsc#1015848).
- usb: opticon: fix non-atomic allocation in write path (bsc#1015803).
- usb: option: fix runtime PM handling (bsc#1015752).
- usb: serial: cp210x: add 16-bit register access functions (bsc#1015932).
- usb: serial: cp210x: add 8-bit and 32-bit register access functions (bsc#1015932).
- usb: serial: cp210x: add new access functions for large registers (bsc#1015932).
- usb: serial: cp210x: fix hardware flow-control disable (bsc#1015932).
- usb: serial: fix potential use-after-free after failed probe (bsc#1015828).
- usb: serial: io_edgeport: fix memory leaks in attach error path (bsc#1016505).
- usb: serial: io_edgeport: fix memory leaks in probe error path (bsc#1016505).
- usb: serial: keyspan: fix use-after-free in probe error path (bsc#1016520).
- usb: sierra: fix AA deadlock in open error path (bsc#1015561).
- usb: sierra: fix remote wakeup (bsc#1015561).
- usb: sierra: fix urb and memory leak in resume error path (bsc#1015561).
- usb: sierra: fix urb and memory leak on disconnect (bsc#1015561).
- usb: sierra: fix use after free at suspend/resume (bsc#1015561).
- usb: usb_wwan: fix potential blocked I/O after resume (bsc#1015760).
- usb: usb_wwan: fix race between write and resume (bsc#1015760).
- usb: usb_wwan: fix urb leak at shutdown (bsc#1015760).
- usb: usb_wwan: fix urb leak in write error path (bsc#1015760).
- usb: usb_wwan: fix write and suspend race (bsc#1015760).
- usbhid: add ATEN CS962 to list of quirky devices (bsc#1007615).
- usblp: do not set TASK_INTERRUPTIBLE before lock (bsc#1015844).
- xenbus: do not invoke is_ready() for most device states (bsc#987333).
ImportantSUSE bug 1003813SUSE bug 1005877SUSE bug 1007615SUSE bug 1008557SUSE bug 1008645SUSE bug 1008831SUSE bug 1008833SUSE bug 1008893SUSE bug 1009875SUSE bug 1010150SUSE bug 1010175SUSE bug 1010201SUSE bug 1010467SUSE bug 1010501SUSE bug 1010507SUSE bug 1010711SUSE bug 1010713SUSE bug 1010716SUSE bug 1011685SUSE bug 1011820SUSE bug 1012183SUSE bug 1012411SUSE bug 1012422SUSE bug 1012832SUSE bug 1012851SUSE bug 1012852SUSE bug 1012917SUSE bug 1013018SUSE bug 1013038SUSE bug 1013042SUSE bug 1013070SUSE bug 1013531SUSE bug 1013542SUSE bug 1014410SUSE bug 1014454SUSE bug 1014746SUSE bug 1015561SUSE bug 1015752SUSE bug 1015760SUSE bug 1015796SUSE bug 1015803SUSE bug 1015817SUSE bug 1015828SUSE bug 1015844SUSE bug 1015848SUSE bug 1015878SUSE bug 1015932SUSE bug 1016320SUSE bug 1016505SUSE bug 1016520SUSE bug 1016668SUSE bug 1016688SUSE bug 1016824SUSE bug 1016831SUSE bug 1017686SUSE bug 1017710SUSE bug 1019079SUSE bug 1019148SUSE bug 1019165SUSE bug 1019348SUSE bug 1019783SUSE bug 1020214SUSE bug 1021258SUSE bug 748806SUSE bug 786036SUSE bug 790588SUSE bug 795297SUSE bug 800999SUSE bug 821612SUSE bug 824171SUSE bug 851603SUSE bug 853052SUSE bug 871728SUSE bug 901809SUSE bug 909350SUSE bug 909491SUSE bug 913387SUSE bug 914939SUSE bug 919382SUSE bug 924708SUSE bug 925065SUSE bug 953233SUSE bug 961589SUSE bug 962846SUSE bug 969340SUSE bug 973691SUSE bug 987333SUSE bug 987576SUSE bug 989152SUSE bug 989680SUSE bug 989896SUSE bug 990245SUSE bug 992991SUSE bug 993739SUSE bug 993832SUSE bug 996541SUSE bug 996557SUSE bug 997401SUSE bug 999101CVE-2004-0230 at SUSECVE-2004-0230 at NVDCVE-2012-6704 at SUSECVE-2012-6704 at NVDCVE-2013-6368 at SUSECVE-2013-6368 at NVDCVE-2015-1350 at SUSECVE-2015-1350 at NVDCVE-2015-8962 at SUSECVE-2015-8962 at NVDCVE-2015-8964 at SUSECVE-2015-8964 at NVDCVE-2016-10088 at SUSECVE-2016-10088 at NVDCVE-2016-5696 at SUSECVE-2016-5696 at NVDCVE-2016-7910 at SUSECVE-2016-7910 at NVDCVE-2016-7911 at SUSECVE-2016-7911 at NVDCVE-2016-7916 at SUSECVE-2016-7916 at NVDCVE-2016-8399 at SUSECVE-2016-8399 at NVDCVE-2016-8632 at SUSECVE-2016-8632 at NVDCVE-2016-8633 at SUSECVE-2016-8633 at NVDCVE-2016-8646 at SUSECVE-2016-8646 at NVDCVE-2016-9555 at SUSECVE-2016-9555 at NVDCVE-2016-9685 at SUSECVE-2016-9685 at NVDCVE-2016-9756 at SUSECVE-2016-9756 at NVDCVE-2016-9793 at SUSECVE-2016-9793 at NVDCVE-2017-5551 at SUSECVE-2017-5551 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to fix the following security bug:
CVE-2017-2636: A race condition in the n_hdlc tty Linux kernel driver (drivers/tty/n_hdlc.c)
could have been exploited to gain a local privilege escalation (bnc#1027565)
ImportantSUSE bug 1027565CVE-2017-2636 at SUSECVE-2017-2636 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Critical)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-1000364: The default stack guard page was too small and could be
'jumped over' by userland programs using more than one page of stack in
functions and so lead to memory corruption. This update extends the stack
guard page to 1 MB (for 4k pages) and 16 MB (for 64k pages) to reduce this
attack vector. This is not a kernel bugfix, but a hardening measure against
this kind of userland attack.(bsc#1039348)
The following non-security bugs were fixed:
- fnic now returns 'DID_IMM_RETRY' if rport is not ready (bsc#1035920).
- fnic is now using rport->dd_data to check if rport is online instead of rport_lookup (bsc#1035920).
- The rport check location in fnic_queuecommand_lck was corrected (bsc#1035920).
- xfs: remove patches that caused regression (bsc#1043234).
- mm: enlarge stack guard gap (bnc#1039348, CVE-2017-1000364, bnc#1042921).
- PCI: Allow access to VPD attributes with size 0 (bsc#1018074).
CriticalSUSE bug 1018074SUSE bug 1035920SUSE bug 1039348SUSE bug 1042921SUSE bug 1043234CVE-2017-1000364 at SUSECVE-2017-1000364 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-7482: Several missing length checks ticket decode allowing for information leak or potentially code execution (bsc#1046107).
- CVE-2016-10277: Potential privilege escalation due to a missing bounds check in the lp driver. A kernel command-line adversary can overflow the parport_nr array to execute code (bsc#1039456).
- CVE-2017-7542: The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel allowed local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket (bsc#1049882).
- CVE-2017-7533: Bug in inotify code allowing privilege escalation (bsc#1049483).
- CVE-2017-11176: The mq_notify function in the Linux kernel did not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allowed attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact (bsc#1048275).
- CVE-2017-11473: Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel allowed local users to gain privileges via a crafted ACPI table (bnc#1049603).
- CVE-2017-1000365: The Linux Kernel imposed a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation. (bnc#1039354)
- CVE-2014-9922: The eCryptfs subsystem in the Linux kernel allowed local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c (bnc#1032340)
- CVE-2017-8924: The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow (bnc#1038982).
- CVE-2017-8925: The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel allowed local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling (bnc#1038981).
- CVE-2017-1000380: sound/core/timer.c was vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents could have bene disclosed when a read and an ioctl happen at the same time (bnc#1044125)
- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c was too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bnc#1041431)
- CVE-2017-1000363: A buffer overflow in kernel commandline handling of the 'lp' parameter could be used by local console attackers to bypass certain secure boot settings. (bnc#1039456)
- CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885)
- CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1040069)
- CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039883)
- CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel did not consider that the nexthdr field may be associated with an invalid option, which allowed local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls (bnc#1039882)
- CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel mishandled reference counts, which allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface (bnc#1038879)
- CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bnc#1038544)
- CVE-2017-2647: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c (bnc#1030593)
- CVE-2017-6951: The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the 'dead' type (bnc#1029850)
The following non-security bugs were fixed:
- 8250: use callbacks to access UART_DLL/UART_DLM.
- ALSA: ctxfi: Fallback DMA mask to 32bit (bsc#1045538).
- ALSA: hda - Fix regression of HD-audio controller fallback modes (bsc#1045538).
- ALSA: hda - using uninitialized data (bsc#1045538).
- ALSA: hda/realtek - Correction of fixup codes for PB V7900 laptop (bsc#1045538).
- ALSA: hda/realtek - Fix COEF widget NID for ALC260 replacer fixup (bsc#1045538).
- ALSA: off by one bug in snd_riptide_joystick_probe() (bsc#1045538).
- ALSA: seq: Fix snd_seq_call_port_info_ioctl in compat mode (bsc#1045538).
- Add CVE tag to references
- CIFS: backport prepath matching fix (bsc#799133).
- Drop CONFIG_PPC_CELL from bigmem (bsc#1049128).
- EDAC, amd64_edac: Shift wrapping issue in f1x_get_norm_dct_addr().
- Fix scripts/bigmem-generate-ifdef-guard to work on all branches
- Fix soft lockup in svc_rdma_send (bsc#1044854).
- IB/mlx4: Demote mcg message from warning to debug (bsc#919382).
- IB/mlx4: Fix ib device initialization error flow (bsc#919382).
- IB/mlx4: Fix port query for 56Gb Ethernet links (bsc#919382).
- IB/mlx4: Handle well-known-gid in mad_demux processing (bsc#919382).
- IB/mlx4: Reduce SRIOV multicast cleanup warning message to debug level (bsc#919382).
- IB/mlx4: Set traffic class in AH (bsc#919382).
- Implement an ioctl to support the USMTMC-USB488 READ_STATUS_BYTE operation (bsc#1036288).
- Input: cm109 - validate number of endpoints before using them (bsc#1037193).
- Input: hanwang - validate number of endpoints before using them (bsc#1037232).
- Input: yealink - validate number of endpoints before using them (bsc#1037227).
- KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings (bnc#1035576).
- NFS: Avoid getting confused by confused server (bsc#1045416).
- NFS: Fix another OPEN_DOWNGRADE bug (git-next).
- NFS: Fix size of NFSACL SETACL operations (git-fixes).
- NFS: Make nfs_readdir revalidate less often (bsc#1048232).
- NFS: tidy up nfs_show_mountd_netid (git-fixes).
- NFSD: Do not use state id of 0 - it is reserved (bsc#1049688 bsc#1051770).
- NFSv4: Do not call put_rpccred() under the rcu_read_lock() (git-fixes).
- NFSv4: Fix another bug in the close/open_downgrade code (git-fixes).
- NFSv4: Fix problems with close in the presence of a delegation (git-fixes).
- NFSv4: Fix the underestimation of delegation XDR space reservation (git-fixes).
- NFSv4: fix getacl head length estimation (git-fixes).
- PCI: Fix devfn for VPD access through function 0 (bnc#943786 git-fixes).
- Remove superfluous make flags (bsc#1012422)
- Return short read or 0 at end of a raw device, not EIO (bsc#1039594).
- Revert 'math64: New div64_u64_rem helper' (bnc#938352).
- SUNRPC: Fix a memory leak in the backchannel code (git-fixes).
- Staging: vt6655-6: potential NULL dereference in hostap_disable_hostapd() (bsc#1045479).
- USB: class: usbtmc.c: Cleaning up uninitialized variables (bsc#1036288).
- USB: class: usbtmc: do not print error when allocating urb fails (bsc#1036288).
- USB: class: usbtmc: do not print on ENOMEM (bsc#1036288).
- USB: iowarrior: fix NULL-deref in write (bsc#1037359).
- USB: iowarrior: fix info ioctl on big-endian hosts (bsc#1037441).
- USB: r8a66597-hcd: select a different endpoint on timeout (bsc#1047053).
- USB: serial: ark3116: fix register-accessor error handling (git-fixes).
- USB: serial: ch341: fix open error handling (bsc#1037441).
- USB: serial: cp210x: fix tiocmget error handling (bsc#1037441).
- USB: serial: ftdi_sio: fix line-status over-reporting (bsc#1037441).
- USB: serial: io_edgeport: fix epic-descriptor handling (bsc#1037441).
- USB: serial: io_ti: fix information leak in completion handler (git-fixes).
- USB: serial: mos7840: fix another NULL-deref at open (bsc#1034026).
- USB: serial: oti6858: fix NULL-deref at open (bsc#1037441).
- USB: serial: sierra: fix bogus alternate-setting assumption (bsc#1037441).
- USB: serial: spcp8x5: fix NULL-deref at open (bsc#1037441).
- USB: usbip: fix nonconforming hub descriptor (bsc#1047487).
- USB: usbtmc: Add flag rigol_quirk to usbtmc_device_data (bsc#1036288).
- USB: usbtmc: Change magic number to constant (bsc#1036288).
- USB: usbtmc: Set rigol_quirk if device is listed (bsc#1036288).
- USB: usbtmc: TMC request code segregated from usbtmc_read (bsc#1036288).
- USB: usbtmc: add device quirk for Rigol DS6104 (bsc#1036288).
- USB: usbtmc: add missing endpoint sanity check (bsc#1036288).
- USB: usbtmc: fix DMA on stack (bsc#1036288).
- USB: usbtmc: fix big-endian probe of Rigol devices (bsc#1036288).
- USB: usbtmc: fix probe error path (bsc#1036288).
- USB: usbtmc: usbtmc_read sends multiple TMC header based on rigol_quirk (bsc#1036288).
- USB: wusbcore: fix NULL-deref at probe (bsc#1045487).
- Update patches.fixes/nfs-svc-rdma.fix (bsc#1044854).
- Use make --output-sync feature when available (bsc#1012422).
- Xen/PCI-MSI: fix sysfs teardown in DomU (bsc#986924).
- __bitmap_parselist: fix bug in empty string handling (bnc#1042633).
- acpi: Disable APEI error injection if securelevel is set (bsc#972891, bsc#1023051).
- af_key: Add lock to key dump (bsc#1047653).
- af_key: Fix slab-out-of-bounds in pfkey_compile_policy (bsc#1047354).
- ath9k: fix buffer overrun for ar9287 (bsc#1045538).
- blacklist b50a6c584bb4 powerpc/perf: Clear MMCR2 when enabling PMU (bsc#1035721).
- blacklist.conf: Add a few inapplicable items (bsc#1045538).
- blacklist.conf: Blacklist 847fa1a6d3d0 ('ftrace/x86_32: Set ftrace_stub to weak to prevent gcc from using short jumps to it') The released kernels are not build with a gas new enough to optimize the jmps so that this patch would be required. (bsc#1051478)
- blkback/blktap: do not leak stack data via response ring (bsc#1042863 XSA-216).
- block: do not allow updates through sysfs until registration completes (bsc#1047027).
- block: fix ext_dev_lock lockdep report (bsc#1050154).
- btrfs: Do not clear SGID when inheriting ACLs (bsc#1030552).
- cifs: Timeout on SMBNegotiate request (bsc#1044913).
- cifs: do not compare uniqueids in cifs_prime_dcache unless server inode numbers are in use (bsc#1041975). backporting upstream commit 2f2591a34db6c9361faa316c91a6e320cb4e6aee
- cifs: small underflow in cnvrtDosUnixTm() (bsc#1043935).
- cputime: Avoid multiplication overflow on utime scaling (bnc#938352).
- crypto: nx - off by one bug in nx_of_update_msc() (bnc#792863).
- decompress_bunzip2: off by one in get_next_block() (git-fixes).
- dentry name snapshots (bsc#1049483).
- devres: fix a for loop bounds check (git-fixes).
- dm: fix ioctl retry termination with signal (bsc#1050154).
- drm/mgag200: Add support for G200eH3 (bnc#1044216)
- drm/mgag200: Fix to always set HiPri for G200e4 (bsc#1015452, bsc#995542).
- ext2: Do not clear SGID when inheriting ACLs (bsc#1030552).
- ext3: Do not clear SGID when inheriting ACLs (bsc#1030552).
- ext4: Do not clear SGID when inheriting ACLs (bsc#1030552).
- ext4: fix fdatasync(2) after extent manipulation operations (bsc#1013018).
- ext4: keep existing extra fields when inode expands (bsc#1013018).
- fbdev/efifb: Fix 16 color palette entry calculation (bsc#1041762).
- firmware: fix directory creation rule matching with make 3.80 (bsc#1012422).
- firmware: fix directory creation rule matching with make 3.82 (bsc#1012422).
- fixed invalid assignment of 64bit mask to host dma_boundary for scatter gather segment boundary limit (bsc#1042045).
- fnic: Return 'DID_IMM_RETRY' if rport is not ready (bsc#1035920).
- fnic: Using rport->dd_data to check rport online instead of rport_lookup (bsc#1035920).
- fs/block_dev: always invalidate cleancache in invalidate_bdev() (git-fixes).
- fs/xattr.c: zero out memory copied to userspace in getxattr (bsc#1013018).
- fs: fix data invalidation in the cleancache during direct IO (git-fixes).
- fuse: add missing FR_FORCE (bsc#1013018).
- genirq: Prevent proc race against freeing of irq descriptors (bnc#1044230).
- hrtimer: Allow concurrent hrtimer_start() for self restarting timers (bnc#1013018).
- initial cr0 bits (bnc#1036056, LTC#153612).
- ipmr, ip6mr: fix scheduling while atomic and a deadlock with ipmr_get_route (git-fixes).
- irq: Fix race condition (bsc#1042615).
- isdn/gigaset: fix NULL-deref at probe (bsc#1037356).
- isofs: Do not return EACCES for unknown filesystems (bsc#1013018).
- jsm: add support for additional Neo cards (bsc#1045615).
- kernel-binary.spec: Propagate MAKE_ARGS to %build (bsc#1012422)
- libata: fix sff host state machine locking while polling (bsc#1045525).
- libceph: NULL deref on crush_decode() error path (bsc#1044015).
- libceph: potential NULL dereference in ceph_msg_data_create() (bsc#1051515).
- libfc: fixup locking in fc_disc_stop() (bsc#1029140).
- libfc: move 'pending' and 'requested' setting (bsc#1029140).
- libfc: only restart discovery after timeout if not already running (bsc#1029140).
- locking/rtmutex: Prevent dequeue vs. unlock race (bnc#1013018).
- math64: New div64_u64_rem helper (bnc#938352).
- md/raid0: apply base queue limits *before* disk_stack_limits (git-fixes).
- md/raid1: extend spinlock to protect raid1_end_read_request against inconsistencies (git-fixes).
- md/raid1: fix test for 'was read error from last working device' (git-fixes).
- md/raid5: Fix CPU hotplug callback registration (git-fixes).
- md/raid5: do not record new size if resize_stripes fails (git-fixes).
- md: ensure md devices are freed before module is unloaded (git-fixes).
- md: fix a null dereference (bsc#1040351).
- md: flush ->event_work before stopping array (git-fixes).
- md: make sure GET_ARRAY_INFO ioctl reports correct 'clean' status (git-fixes).
- md: use separate bio_pool for metadata writes (bsc#1040351).
- megaraid_sas: add missing curly braces in ioctl handler (bsc#1050154).
- mlx4: reduce OOM risk on arches with large pages (bsc#919382).
- mm/huge_memory: replace VM_NO_THP VM_BUG_ON with actual VMA check (VM Functionality, bsc#1042832).
- mm/memory-failure.c: use compound_head() flags for huge pages (bnc#971975 VM -- git fixes).
- mm: hugetlb: call huge_pte_alloc() only if ptep is null (VM Functionality, bsc#1042832).
- mmc: core: add missing pm event in mmc_pm_notify to fix hib restore (bsc#1045547).
- mmc: ushc: fix NULL-deref at probe (bsc#1037191).
- module: fix memory leak on early load_module() failures (bsc#1043014).
- mwifiex: printk() overflow with 32-byte SSIDs (bsc#1048185).
- net/mlx4: Fix the check in attaching steering rules (bsc#919382).
- net/mlx4: Fix uninitialized fields in rule when adding promiscuous mode to device managed flow steering (bsc#919382).
- net/mlx4_core: Eliminate warning messages for SRQ_LIMIT under SRIOV (bsc#919382).
- net/mlx4_core: Enhance the MAD_IFC wrapper to convert VF port to physical (bsc#919382).
- net/mlx4_core: Fix VF overwrite of module param which disables DMFS on new probed PFs (bsc#919382).
- net/mlx4_core: Fix when to save some qp context flags for dynamic VST to VGT transitions (bsc#919382).
- net/mlx4_core: Get num_tc using netdev_get_num_tc (bsc#919382).
- net/mlx4_core: Prevent VF from changing port configuration (bsc#919382).
- net/mlx4_core: Use cq quota in SRIOV when creating completion EQs (bsc#919382).
- net/mlx4_core: Use-after-free causes a resource leak in flow-steering detach (bsc#919382).
- net/mlx4_en: Avoid adding steering rules with invalid ring (bsc#919382).
- net/mlx4_en: Change the error print to debug print (bsc#919382).
- net/mlx4_en: Fix type mismatch for 32-bit systems (bsc#919382).
- net/mlx4_en: Resolve dividing by zero in 32-bit system (bsc#919382).
- net/mlx4_en: Wake TX queues only when there's enough room (bsc#1039258).
- net/mlx4_en: fix overflow in mlx4_en_init_timestamp() (bsc#919382).
- net: avoid reference counter overflows on fib_rules in multicast forwarding (git-fixes).
- net: ip6mr: fix static mfc/dev leaks on table destruction (git-fixes).
- net: ipmr: fix static mfc/dev leaks on table destruction (git-fixes).
- net: wimax/i2400m: fix NULL-deref at probe (bsc#1037358).
- netxen_nic: set rcode to the return status from the call to netxen_issue_cmd (bnc#784815).
- nfs: fix nfs_size_to_loff_t (git-fixes).
- nfsd4: minor NFSv2/v3 write decoding cleanup (bsc#1034670).
- nfsd: check for oversized NFSv2/v3 arguments (bsc#1034670).
- nfsd: stricter decoding of write-like NFSv2/v3 ops (bsc#1034670).
- ocfs2: Do not clear SGID when inheriting ACLs (bsc#1030552).
- ocfs2: NFS hangs in __ocfs2_cluster_lock due to race with ocfs2_unblock_lock (bsc#962257).
- perf/core: Correct event creation with PERF_FORMAT_GROUP (bnc#1013018).
- perf/core: Fix event inheritance on fork() (bnc#1013018).
- powerpc/ibmebus: Fix device reference leaks in sysfs interface (bsc#1035777 [2017-04-24] Pending Base Kernel Fixes).
- powerpc/ibmebus: Fix further device reference leaks (bsc#1035777 [2017-04-24] Pending Base Kernel Fixes).
- powerpc/mm/hash: Check for non-kernel address in get_kernel_vsid() (bsc#1032471).
- powerpc/mm/hash: Convert mask to unsigned long (bsc#1032471).
- powerpc/mm/hash: Increase VA range to 128TB (bsc#1032471).
- powerpc/mm/hash: Properly mask the ESID bits when building proto VSID (bsc#1032471).
- powerpc/mm/hash: Support 68 bit VA (bsc#1032471).
- powerpc/mm/hash: Use context ids 1-4 for the kernel (bsc#1032471).
- powerpc/mm/slice: Convert slice_mask high slice to a bitmap (bsc#1032471).
- powerpc/mm/slice: Fix off-by-1 error when computing slice mask (bsc#1032471).
- powerpc/mm/slice: Move slice_mask struct definition to slice.c (bsc#1032471).
- powerpc/mm/slice: Update slice mask printing to use bitmap printing (bsc#1032471).
- powerpc/mm/slice: Update the function prototype (bsc#1032471).
- powerpc/mm: Do not alias user region to other regions below PAGE_OFFSET (bsc#928138).
- powerpc/mm: Remove checks that TASK_SIZE_USER64 is too small (bsc#1032471).
- powerpc/mm: use macro PGTABLE_EADDR_SIZE instead of digital (bsc#1032471).
- powerpc/pci/rpadlpar: Fix device reference leaks (bsc#1035777 [2017-04-24] Pending Base Kernel Fixes).
- powerpc/pseries: Release DRC when configure_connector fails (bsc#1035777, Pending Base Kernel Fixes).
- powerpc: Drop support for pre-POWER4 cpus (bsc#1032471).
- powerpc: Remove STAB code (bsc#1032471).
- random32: fix off-by-one in seeding requirement (git-fixes).
- reiserfs: Do not clear SGID when inheriting ACLs (bsc#1030552).
- reiserfs: do not preallocate blocks for extended attributes (bsc#990682).
- rfkill: fix rfkill_fop_read wait_event usage (bsc#1046192).
- s390/qdio: clear DSCI prior to scanning multiple input queues (bnc#1046715, LTC#156234).
- s390/qeth: no ETH header for outbound AF_IUCV (bnc#1046715, LTC#156276).
- s390/qeth: size calculation outbound buffers (bnc#1046715, LTC#156276).
- sched/core: Remove false-positive warning from wake_up_process() (bnc#1044882).
- sched/cputime: Do not scale when utime == 0 (bnc#938352).
- sched/debug: Print the scheduler topology group mask (bnc#1013018).
- sched/fair, cpumask: Export for_each_cpu_wrap() (bnc#1013018).
- sched/fair: Fix min_vruntime tracking (bnc#1013018).
- sched/rt: Fix PI handling vs. sched_setscheduler() (bnc#1013018). Prep for b60205c7c558 sched/fair: Fix min_vruntime tracking
- sched/topology: Fix building of overlapping sched-groups (bnc#1013018).
- sched/topology: Fix overlapping sched_group_capacity (bnc#1013018).
- sched/topology: Fix overlapping sched_group_mask (bnc#1013018).
- sched/topology: Move comment about asymmetric node setups (bnc#1013018).
- sched/topology: Optimize build_group_mask() (bnc#1013018).
- sched/topology: Refactor function build_overlap_sched_groups() (bnc#1013018).
- sched/topology: Remove FORCE_SD_OVERLAP (bnc#1013018).
- sched/topology: Simplify build_overlap_sched_groups() (bnc#1013018).
- sched/topology: Verify the first group matches the child domain (bnc#1013018).
- sched: Always initialize cpu-power (bnc#1013018).
- sched: Avoid cputime scaling overflow (bnc#938352).
- sched: Avoid prev->stime underflow (bnc#938352).
- sched: Do not account bogus utime (bnc#938352).
- sched: Fix SD_OVERLAP (bnc#1013018).
- sched: Fix domain iteration (bnc#1013018).
- sched: Lower chances of cputime scaling overflow (bnc#938352).
- sched: Move nr_cpus_allowed out of 'struct sched_rt_entity' (bnc#1013018). Prep for b60205c7c558 sched/fair: Fix min_vruntime tracking
- sched: Rename a misleading variable in build_overlap_sched_groups() (bnc#1013018).
- sched: Use swap() macro in scale_stime() (bnc#938352).
- scsi: bnx2i: missing error code in bnx2i_ep_connect() (bsc#1048221).
- scsi: fix race between simultaneous decrements of ->host_failed (bsc#1050154).
- scsi: fnic: Correcting rport check location in fnic_queuecommand_lck (bsc#1035920).
- scsi: mvsas: fix command_active typo (bsc#1050154).
- scsi: qla2xxx: Fix scsi scan hang triggered if adapter fails during init (bsc#1050154).
- sfc: do not device_attach if a reset is pending (bsc#909618).
- smsc75xx: use skb_cow_head() to deal with cloned skbs (bsc#1045154).
- splice: Stub splice_write_to_file (bsc#1043234).
- svcrdma: Fix send_reply() scatter/gather set-up (git-fixes).
- target/iscsi: Fix double free in lio_target_tiqn_addtpg() (bsc#1050154).
- tracing/kprobes: Enforce kprobes teardown after testing (bnc#1013018).
- tracing: Fix syscall_*regfunc() vs copy_process() race (bnc#1042687).
- udf: Fix deadlock between writeback and udf_setsize() (bsc#1013018).
- udf: Fix races with i_size changes during readpage (bsc#1013018).
- usbtmc: remove redundant braces (bsc#1036288).
- usbtmc: remove trailing spaces (bsc#1036288).
- usbvision: fix NULL-deref at probe (bsc#1050431).
- uwb: hwa-rc: fix NULL-deref at probe (bsc#1037233).
- uwb: i1480-dfu: fix NULL-deref at probe (bsc#1036629).
- vb2: Fix an off by one error in 'vb2_plane_vaddr' (bsc#1050431).
- vmxnet3: avoid calling pskb_may_pull with interrupts disabled (bsc#1045356).
- vmxnet3: fix checks for dma mapping errors (bsc#1045356).
- vmxnet3: fix lock imbalance in vmxnet3_tq_xmit() (bsc#1045356).
- x86, mm, paravirt: Fix vmalloc_fault oops during lazy MMU updates (bsc#948562).
- x86/pci-calgary: Fix iommu_free() comparison of unsigned expression greater than 0 (bsc#1051478).
- xen: avoid deadlock in xenbus (bnc#1047523).
- xfrm: NULL dereference on allocation failure (bsc#1047343).
- xfrm: Oops on error in pfkey_msg2xfrm_state() (bsc#1047653).
- xfrm: dst_entries_init() per-net dst_ops (bsc#1030814).
- xfs: Synchronize xfs_buf disposal routines (bsc#1041160).
- xfs: use ->b_state to fix buffer I/O accounting release race (bsc#1041160).
- xprtrdma: Free the pd if ib_query_qp() fails (git-fixes).
ImportantSUSE bug 1000365SUSE bug 1000380SUSE bug 1012422SUSE bug 1013018SUSE bug 1015452SUSE bug 1023051SUSE bug 1029140SUSE bug 1029850SUSE bug 1030552SUSE bug 1030593SUSE bug 1030814SUSE bug 1032340SUSE bug 1032471SUSE bug 1034026SUSE bug 1034670SUSE bug 1035576SUSE bug 1035721SUSE bug 1035777SUSE bug 1035920SUSE bug 1036056SUSE bug 1036288SUSE bug 1036629SUSE bug 1037191SUSE bug 1037193SUSE bug 1037227SUSE bug 1037232SUSE bug 1037233SUSE bug 1037356SUSE bug 1037358SUSE bug 1037359SUSE bug 1037441SUSE bug 1038544SUSE bug 1038879SUSE bug 1038981SUSE bug 1038982SUSE bug 1039258SUSE bug 1039354SUSE bug 1039456SUSE bug 1039594SUSE bug 1039882SUSE bug 1039883SUSE bug 1039885SUSE bug 1040069SUSE bug 1040351SUSE bug 1041160SUSE bug 1041431SUSE bug 1041762SUSE bug 1041975SUSE bug 1042045SUSE bug 1042615SUSE bug 1042633SUSE bug 1042687SUSE bug 1042832SUSE bug 1042863SUSE bug 1043014SUSE bug 1043234SUSE bug 1043935SUSE bug 1044015SUSE bug 1044125SUSE bug 1044216SUSE bug 1044230SUSE bug 1044854SUSE bug 1044882SUSE bug 1044913SUSE bug 1045154SUSE bug 1045356SUSE bug 1045416SUSE bug 1045479SUSE bug 1045487SUSE bug 1045525SUSE bug 1045538SUSE bug 1045547SUSE bug 1045615SUSE bug 1046107SUSE bug 1046192SUSE bug 1046715SUSE bug 1047027SUSE bug 1047053SUSE bug 1047343SUSE bug 1047354SUSE bug 1047487SUSE bug 1047523SUSE bug 1047653SUSE bug 1048185SUSE bug 1048221SUSE bug 1048232SUSE bug 1048275SUSE bug 1049128SUSE bug 1049483SUSE bug 1049603SUSE bug 1049688SUSE bug 1049882SUSE bug 1050154SUSE bug 1050431SUSE bug 1051478SUSE bug 1051515SUSE bug 1051770SUSE bug 1055680SUSE bug 784815SUSE bug 792863SUSE bug 799133SUSE bug 909618SUSE bug 919382SUSE bug 928138SUSE bug 938352SUSE bug 943786SUSE bug 948562SUSE bug 962257SUSE bug 971975SUSE bug 972891SUSE bug 986924SUSE bug 990682SUSE bug 995542CVE-2014-9922 at SUSECVE-2014-9922 at NVDCVE-2016-10277 at SUSECVE-2016-10277 at NVDCVE-2017-1000363 at SUSECVE-2017-1000363 at NVDCVE-2017-1000365 at SUSECVE-2017-1000365 at NVDCVE-2017-1000380 at SUSECVE-2017-1000380 at NVDCVE-2017-11176 at SUSECVE-2017-11176 at NVDCVE-2017-11473 at SUSECVE-2017-11473 at NVDCVE-2017-2647 at SUSECVE-2017-2647 at NVDCVE-2017-6951 at SUSECVE-2017-6951 at NVDCVE-2017-7482 at SUSECVE-2017-7482 at NVDCVE-2017-7487 at SUSECVE-2017-7487 at NVDCVE-2017-7533 at SUSECVE-2017-7533 at NVDCVE-2017-7542 at SUSECVE-2017-7542 at NVDCVE-2017-8890 at SUSECVE-2017-8890 at NVDCVE-2017-8924 at SUSECVE-2017-8924 at NVDCVE-2017-8925 at SUSECVE-2017-8925 at NVDCVE-2017-9074 at SUSECVE-2017-9074 at NVDCVE-2017-9075 at SUSECVE-2017-9075 at NVDCVE-2017-9076 at SUSECVE-2017-9076 at NVDCVE-2017-9077 at SUSECVE-2017-9077 at NVDCVE-2017-9242 at SUSECVE-2017-9242 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to fix the following issues:
- Stack corruption could have lead to local privilege escalation
(bsc#1059525, CVE-2017-1000253).
ImportantSUSE bug 1059525CVE-2017-1000253 at SUSECVE-2017-1000253 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-14617: Prevent NULL pointer dereference and panic in
hfsplus_lookup() when opening a file (that is purportedly a hard link) in an
hfs+ filesystem that has malformed catalog data, and is mounted read-only
without a metadata directory (bsc#1102870).
- CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in
yurex_read allowed local attackers to use user access read/writes to crash the
kernel or potentially escalate privileges (bsc#1106095).
- CVE-2018-15594: Ensure correct handling of indirect calls, to prevent
attackers for conducting Spectre-v2 attacks against paravirtual guests
(bsc#1105348).
- CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a
local attacker to exploit this vulnerability via a SUID-root binary and obtain
full root privileges (bsc#1108912)
- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was
caused by the way the overrun accounting works. Depending on interval and
expiry time values, the overrun can be larger than INT_MAX, but the accounting
is int based. This basically made the accounting values, which are visible to
user space via timer_getoverrun(2) and siginfo::si_overrun, random. This
allowed a local user to cause a denial of service (signed integer overflow) via
crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)
- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local
attackers to use a incorrect bounds check in the CDROM driver
CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)
- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that
could have been used by local attackers to read kernel memory (bnc#1107689)
- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a
denial of service (ias_object use-after-free and system crash) or possibly have
unspecified other impact via an AF_IRDA socket (bnc#1106511)
- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed
local users to cause a denial of service (memory consumption) by repeatedly
binding an AF_IRDA socket (bnc#1106509)
- CVE-2018-15572: The spectre_v2_select_mitigation function did not always fill
RSB upon a context switch, which made it easier for attackers to conduct
userspace-userspace spectreRSB attacks (bnc#1102517)
- CVE-2018-10902: Protect against concurrent access to prevent double realloc
(double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A
malicious local attacker could have used this for privilege escalation
(bnc#1105322)
- CVE-2018-14734: ucma_leave_multicast accessed a certain data structure after
a cleanup step in ucma_process_join, which allowed attackers to cause a denial
of service (use-after-free) (bsc#1103119)
The following non-security bugs were fixed:
- ACPI: APEI / ERST: Fix missing error handling in erst_reader() (bsc#1045538).
- ALSA: fm801: propagate TUNER_ONLY bit when autodetected (bsc#1045538).
- ALSA: pcm: Fix snd_pcm_hw_params struct copy in compat mode (bsc#1045538).
- ALSA: pcm: Use dma_bytes as size parameter in dma_mmap_coherent() (bsc#1045538).
- ALSA: pcm: fix fifo_size frame calculation (bsc#1045538).
- ALSA: snd-aoa: add of_node_put() in error path (bsc#1045538).
- ALSA: usb-audio: Add sanity checks in v2 clock parsers (bsc#1045538).
- ALSA: usb-audio: Add sanity checks to FE parser (bsc#1045538).
- ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute (bsc#1045538).
- ALSA: usb-audio: Fix bogus error return in snd_usb_create_stream() (bsc#1045538).
- ALSA: usb-audio: Fix parameter block size for UAC2 control requests (bsc#1045538).
- ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit (bsc#1045538).
- ALSA: usb-audio: Fix potential out-of-bound access at parsing SU (bsc#1045538).
- ALSA: usb-audio: Set correct type for some UAC2 mixer controls (bsc#1045538).
- ASoC: blackfin: Fix missing break (bsc#1045538).
- Enforce module signatures if the kernel is locked down (bsc#1093666).
- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).
- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).
- PCI: Fix TI816X class code quirk (bsc#1050431).
- Refresh patches.xen/xen3-x86-l1tf-04-protect-PROT_NONE-ptes.patch (bsc#1105100).
- TPM: Zero buffer whole after copying to userspace (bsc#1050381).
- USB: add USB_DEVICE_INTERFACE_CLASS macro (bsc#1047487).
- USB: hub: fix non-SS hub-descriptor handling (bsc#1047487).
- USB: serial: ftdi_sio: fix latency-timer error handling (bsc#1037441).
- USB: serial: io_edgeport: fix possible sleep-in-atomic (bsc#1037441).
- USB: serial: io_ti: fix NULL-deref in interrupt callback (bsc#1106609).
- USB: serial: sierra: fix potential deadlock at close (bsc#1100132).
- USB: visor: Match I330 phone more precisely (bsc#1047487).
- applicom: dereferencing NULL on error path (git-fixes).
- ath5k: Change led pin configuration for compaq c700 laptop (bsc#1048185).
- base: make module_create_drivers_dir race-free (git-fixes).
- block: fix an error code in add_partition() (bsc#1106209).
- btrfs: scrub: Do not use inode page cache in scrub_handle_errored_block() (bsc#1108096).
- btrfs: scrub: Do not use inode pages for device replace (bsc#1107949).
- dasd: Add IFCC notice message (bnc#1104481, LTC#170484).
- drm/i915: Remove bogus __init annotation from DMI callbacks (bsc#1106886).
- drm/i915: fix use-after-free in page_flip_completed() (bsc#1103909).
- drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply() (bsc#1106886).
- drm/vmwgfx: Handle vmalloc() failure in vmw_local_fifo_reserve() (bsc#1106886).
- drm: crtc: integer overflow in drm_property_create_blob() (bsc#1106886).
- drm: re-enable error handling (bsc#1103884)
- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1106886).
- iommu/amd: Finish TLB flush in amd_iommu_unmap() (bsc#1106105).
- iommu/amd: Fix the left value check of cmd buffer (bsc#1106105).
- iommu/amd: Free domain id when free a domain of struct dma_ops_domain (bsc#1106105).
- iommu/amd: Update Alias-DTE in update_device_table() (bsc#1106105).
- iommu/vt-d: Do not over-free page table directories (bsc#1106105).
- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).
- ipv6: Regenerate host route according to node pointer upon loopback up (bsc#1100705).
- ipv6: correctly add local routes when lo goes up (bsc#1100705).
- ipv6: introduce ip6_rt_put() (bsc#1100705).
- ipv6: reallocate addrconf router for ipv6 address when lo device up (bsc#1100705).
- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- kthread, tracing: Do not expose half-written comm when creating kthreads (Git-fixes).
- mm/hugetlb: add migration/hwpoisoned entry check in hugetlb_change_protection (bnc#1107071).
- mm/mempolicy.c: avoid use uninitialized preferred_node (bnc#1107064).
- modsign: log module name in the event of an error (bsc#1093666).
- modsign: print module name along with error message (bsc#1093666).
- module: make it clear when we're handling the module copy in info->hdr (bsc#1093666).
- module: setup load info before module_sig_check() (bsc#1093666).
- nbd: ratelimit error msgs after socket close (bsc#1106206).
- ncpfs: return proper error from NCP_IOC_SETROOT ioctl (bsc#1106199).
- nvme: add device id's with intel stripe quirk (bsc#1097562).
- perf/core: Fix group scheduling with mixed hw and sw events (Git-fixes).
- perf/x86/intel: Add cpu_(prepare|starting|dying) for core_pmu (bsc#1104901).
- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032, git-fixes).
- powerpc/fadump: Do not use hugepages when fadump is active (bsc#1092772, bsc#1107650).
- powerpc/fadump: exclude memory holes while reserving memory in second kernel (bsc#1092772, bsc#1107650).
- powerpc/fadump: re-register firmware-assisted dump if already registered (bsc#1108170, bsc#1108823).
- powerpc/lib: Fix off-by-one in alternate feature patching (bsc#1064861).
- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1064861).
- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157, git-fixes).
- powerpc: Avoid code patching freed init sections (bnc#1107735).
- powerpc: make feature-fixup tests fortify-safe (bsc#1064861).
- ptrace: fix PTRACE_LISTEN race corrupting task->state (bnc#1107001).
- qlge: Fix netdev features configuration (bsc#1098822).
- resource: fix integer overflow at reallocation (bsc#1045538).
- rpm/kernel-docs.spec.in: Expand kernel tree directly from sources (bsc#1057199)
- s390/ftrace: use expoline for indirect branches (bnc#1106930, LTC#171029).
- s390/kernel: use expoline for indirect branches (bnc#1106930, LTC#171029).
- s390/qeth: do not clobber buffer on async TX completion (bnc#1060245, LTC#170349).
- s390: Correct register corruption in critical section cleanup (bnc#1106930, LTC#171029).
- s390: add assembler macros for CPU alternatives (bnc#1106930, LTC#171029).
- s390: detect etoken facility (bnc#1106930, LTC#171029).
- s390: move expoline assembler macros to a header (bnc#1106930, LTC#171029).
- s390: move spectre sysfs attribute code (bnc#1106930, LTC#171029).
- s390: remove indirect branch from do_softirq_own_stack (bnc#1106930, LTC#171029).
- smsc75xx: Add workaround for gigabit link up hardware errata (bsc#1100132).
- sys: do not hold uts_sem while accessing userspace memory (bnc#1106995).
- tpm: fix race condition in tpm_common_write() (bsc#1050381).
- tracing/blktrace: Fix to allow setting same value (bsc#1106212).
- tty: vt, fix bogus division in csi_J (git-fixes).
- tty: vt, return error when con_startup fails (git-fixes).
- uml: fix hostfs mknod() (bsc#1106202).
- usb: audio-v2: Correct the comment for struct uac_clock_selector_descriptor (bsc#1045538).
- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).
- x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818).
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081).
- x86/init: fix build with CONFIG_SWAP=n (bsc#1105723).
- x86/mm: Prevent kernel Oops in PTDUMP code with HIGHPTE=y (bsc#1106105).
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).
- x86/vdso: Fix vDSO build if a retpoline is emitted (git-fixes).
- xen x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- xen x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- xen, x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818).
- xen: x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081).
ImportantSUSE bug 1037441SUSE bug 1045538SUSE bug 1047487SUSE bug 1048185SUSE bug 1050381SUSE bug 1050431SUSE bug 1057199SUSE bug 1060245SUSE bug 1064861SUSE bug 1068032SUSE bug 1080157SUSE bug 1087081SUSE bug 1092772SUSE bug 1092903SUSE bug 1093666SUSE bug 1096547SUSE bug 1097562SUSE bug 1098822SUSE bug 1099922SUSE bug 1100132SUSE bug 1100705SUSE bug 1102517SUSE bug 1102870SUSE bug 1103119SUSE bug 1103884SUSE bug 1103909SUSE bug 1104481SUSE bug 1104684SUSE bug 1104818SUSE bug 1104901SUSE bug 1105100SUSE bug 1105322SUSE bug 1105348SUSE bug 1105536SUSE bug 1105723SUSE bug 1106095SUSE bug 1106105SUSE bug 1106199SUSE bug 1106202SUSE bug 1106206SUSE bug 1106209SUSE bug 1106212SUSE bug 1106369SUSE bug 1106509SUSE bug 1106511SUSE bug 1106609SUSE bug 1106886SUSE bug 1106930SUSE bug 1106995SUSE bug 1107001SUSE bug 1107064SUSE bug 1107071SUSE bug 1107650SUSE bug 1107689SUSE bug 1107735SUSE bug 1107949SUSE bug 1108096SUSE bug 1108170SUSE bug 1108823SUSE bug 1108912CVE-2018-10902 at SUSECVE-2018-10902 at NVDCVE-2018-10940 at SUSECVE-2018-10940 at NVDCVE-2018-12896 at SUSECVE-2018-12896 at NVDCVE-2018-14617 at SUSECVE-2018-14617 at NVDCVE-2018-14634 at SUSECVE-2018-14634 at NVDCVE-2018-14734 at SUSECVE-2018-14734 at NVDCVE-2018-15572 at SUSECVE-2018-15572 at NVDCVE-2018-15594 at SUSECVE-2018-15594 at NVDCVE-2018-16276 at SUSECVE-2018-16276 at NVDCVE-2018-16658 at SUSECVE-2018-16658 at NVDCVE-2018-6554 at SUSECVE-2018-6554 at NVDCVE-2018-6555 at SUSECVE-2018-6555 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
The SUSE Linux Enterprise 11 SP4 LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-37159: hso_free_net_device in drivers/net/usb/hso.c called unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free (bnc#1188601).
- CVE-2021-3772: Fixed sctp vtag check in sctp_sf_ootb (bsc#1190351).
- CVE-2021-3655: Missing size validations on inbound SCTP packets may have allowed the kernel to read uninitialized memory (bnc#1188563 bnc#1192267).
- CVE-2014-7841: The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation, when ASCONF is used, allowed remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk (bnc#904899 bnc#905100).
- CVE-2021-20265: A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function when a signal was pending. This flaw allowed an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system availability (bnc#1183089).
- CVE-2021-42739: The firewire subsystem had a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandled bounds checking (bnc#1184673 bnc#1192036).
- CVE-2021-33033: The Linux kernel has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value (bnc#1186109 bnc#1188876).
- CVE-2021-43389: There was an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c (bnc#1191958).
- CVE-2021-42008: The decode_data function in drivers/net/hamradio/6pack.c had a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access (bnc#1191315).
- CVE-2021-38160: Data corruption or loss could be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size in drivers/char/virtio_console.c (bsc#1190117)
- CVE-2021-3640: Fixed a Use-After-Free vulnerability in function sco_sock_sendmsg() in the bluetooth stack (bsc#1188172).
- CVE-2021-38198: arch/x86/kvm/mmu/paging_tmpl.h incorrectly computed the access permissions of a shadow page, leading to a missing guest protection page fault (bnc#1189262).
- CVE-2021-3653: A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the 'int_ctl' field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. (bnc#1189399).
- CVE-2021-3679: A lack of CPU resource in the Linux kernel tracing module functionality was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service (bnc#1189057).
- CVE-2021-3609: A potential local privilege escalation in the CAN BCM networking protocol was fixed (bsc#1187215).
- CVE-2020-36385: drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c (bnc#1187050).
The following non-security bugs were fixed:
- sctp: check asoc peer.asconf_capable before processing asconf (bsc#1190351).
- sctp: fully initialize v4 addr in some functions (bsc#1188563).
- sctp: simplify addr copy (bsc#1188563).
ImportantSUSE bug 1183089SUSE bug 1184673SUSE bug 1186109SUSE bug 1187050SUSE bug 1187215SUSE bug 1188172SUSE bug 1188563SUSE bug 1188601SUSE bug 1188876SUSE bug 1189057SUSE bug 1189262SUSE bug 1189399SUSE bug 1190117SUSE bug 1190351SUSE bug 1191315SUSE bug 1191660SUSE bug 1191958SUSE bug 1192036SUSE bug 1192267SUSE bug 904899SUSE bug 905100CVE-2014-7841 at SUSECVE-2014-7841 at NVDCVE-2020-36385 at SUSECVE-2020-36385 at NVDCVE-2021-20265 at SUSECVE-2021-20265 at NVDCVE-2021-33033 at SUSECVE-2021-33033 at NVDCVE-2021-3542 at SUSECVE-2021-3542 at NVDCVE-2021-3609 at SUSECVE-2021-3609 at NVDCVE-2021-3640 at SUSECVE-2021-3640 at NVDCVE-2021-3653 at SUSECVE-2021-3653 at NVDCVE-2021-3655 at SUSECVE-2021-3655 at NVDCVE-2021-3679 at SUSECVE-2021-3679 at NVDCVE-2021-37159 at SUSECVE-2021-37159 at NVDCVE-2021-3772 at SUSECVE-2021-3772 at NVDCVE-2021-38160 at SUSECVE-2021-38160 at NVDCVE-2021-38198 at SUSECVE-2021-38198 at NVDCVE-2021-42008 at SUSECVE-2021-42008 at NVDCVE-2021-42739 at SUSECVE-2021-42739 at NVDCVE-2021-43389 at SUSECVE-2021-43389 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
Transient execution side-channel attacks attacking the Branch History Buffer (BHB),
named 'Branch Target Injection' and 'Intra-Mode Branch History Injection' are now mitigated.
The following security bugs were fixed:
- CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580).
- CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580).
- CVE-2020-12770: Fixed sg_remove_request call in a certain failure cases (bsc#1171420).
- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)
- CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543).
- CVE-2021-45095: Fixed refcount leak in pep_sock_accept in net/phonet/pep.c (bsc#1193867).
- CVE-2021-4155: Fixed a data leak flaw that allows a local attacker to leak data on the XFS filesystem (bsc#1194272).
- CVE-2020-27820: Fixed a vulnerability where a use-after-frees in nouveau's postclose() handler could happen if removing device (bsc#1179599).
- CVE-2019-0136: Fixed an insufficient access control which allow an unauthenticated user to execute a denial of service (bsc#1193157).
- CVE-2021-3753: Fixed race out-of-bounds in virtual terminal handling (bsc#1190025).
The following non-security bugs were fixed:
- kprobes: Limit max data_size of the kretprobe instances (bsc#1193669).
- md: check the return of mddev_find() (bsc#1195109).
ImportantSUSE bug 1171420SUSE bug 1179599SUSE bug 1190025SUSE bug 1191580SUSE bug 1193157SUSE bug 1193669SUSE bug 1193867SUSE bug 1194272SUSE bug 1195109SUSE bug 1195543SUSE bug 1195908SUSE bug 1196079SUSE bug 1196612CVE-2019-0136 at SUSECVE-2019-0136 at NVDCVE-2020-12770 at SUSECVE-2020-12770 at NVDCVE-2020-27820 at SUSECVE-2020-27820 at NVDCVE-2021-3753 at SUSECVE-2021-3753 at NVDCVE-2021-4155 at SUSECVE-2021-4155 at NVDCVE-2021-45095 at SUSECVE-2021-45095 at NVDCVE-2022-0001 at SUSECVE-2022-0001 at NVDCVE-2022-0002 at SUSECVE-2022-0002 at NVDCVE-2022-0492 at SUSECVE-2022-0492 at NVDCVE-2022-0617 at SUSECVE-2022-0617 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for kernel-source (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various
security and bugfixes.
Following security bugs were fixed:
* CVE-2015-6252: Possible file descriptor leak for each
VHOST_SET_LOG_FDcommand issued, this could eventually wasting available
system resources and creating a denial of service (bsc#942367).
* CVE-2015-5707: Possible integer overflow in the calculation of total
number of pages in bio_map_user_iov() (bsc#940338).
* CVE-2015-5364: The (1) udp_recvmsg and (2) udpv6_recvmsg functions in
the Linux kernel before 4.0.6 do not properly consider yielding a
processor, which allowed remote attackers to cause a denial of service
(system hang) via incorrect checksums within a UDP packet flood
(bsc#936831).
* CVE-2015-5366: The (1) udp_recvmsg and (2) udpv6_recvmsg functions in
the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return
values, which allowed remote attackers to cause a denial of service
(EPOLLET epoll application read outage) via an incorrect checksum in a
UDP packet, a different vulnerability than CVE-2015-5364 (bsc#936831).
* CVE-2015-1420: Race condition in the handle_to_path function in
fs/fhandle.c in the Linux kernel through 3.19.1 allowed local users to
bypass intended size restrictions and trigger read operations on
additional memory locations by changing the handle_bytes value of a
file handle during the execution of this function (bsc#915517).
* CVE-2015-1805: The (1) pipe_read and (2) pipe_write implementations in
fs/pipe.c in the Linux kernel before 3.16 do not properly consider the
side effects of failed __copy_to_user_inatomic and
__copy_from_user_inatomic calls, which allows local users to cause a
denial of service (system crash) or possibly gain privileges via a
crafted application, aka an 'I/O' vector array overrun. (bsc#933429)
* CVE-2015-2150: Xen 3.3.x through 4.5.x and the Linux kernel through
3.19.1 do not properly restrict access to PCI command registers, which
might allow local guest users to cause a denial of service
(non-maskable interrupt and host crash) by disabling the (1) memory or
(2) I/O decoding for a PCI Express device and then accessing the
device, which triggers an Unsupported Request (UR) response.
(bsc#919463)
* CVE-2015-2830: arch/x86/kernel/entry_64.S in the Linux kernel before
3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode
task, which might allow local users to bypass the seccomp or audit
protection mechanism via a crafted application that uses the (1) fork
or (2) close system call, as demonstrated by an attack against seccomp
before 3.16. (bsc#926240)
* CVE-2015-4700: The bpf_int_jit_compile function in
arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allowed
local users to cause a denial of service (system crash) by creating a
packet filter and then loading crafted BPF instructions that trigger
late convergence by the JIT compiler (bsc#935705).
* CVE-2015-4167: The udf_read_inode function in fs/udf/inode.c in the
Linux kernel before 3.19.1 did not validate certain length values,
which allowed local users to cause a denial of service (incorrect data
representation or integer overflow, and OOPS) via a crafted UDF
filesystem (bsc#933907).
* CVE-2015-0777: drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0
(aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as
used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions,
allows guest OS users to obtain sensitive information from
uninitialized locations in host OS kernel memory via unspecified
vectors. (bsc#917830)
* CVE-2014-9728: The UDF filesystem implementation in the Linux kernel
before 3.18.2 did not validate certain lengths, which allowed local
users to cause a denial of service (buffer over-read and system crash)
via a crafted filesystem image, related to fs/udf/inode.c and
fs/udf/symlink.c (bsc#933904).
* CVE-2014-9730: The udf_pc_to_char function in fs/udf/symlink.c in the
Linux kernel before 3.18.2 relies on component lengths that are unused,
which allowed local users to cause a denial of service (system crash)
via a crafted UDF filesystem image (bsc#933904).
* CVE-2014-9729: The udf_read_inode function in fs/udf/inode.c in the
Linux kernel before 3.18.2 did not ensure a certain data-structure size
consistency, which allowed local users to cause a denial of service
(system crash) via a crafted UDF filesystem image (bsc#933904).
* CVE-2014-9731: The UDF filesystem implementation in the Linux kernel
before 3.18.2 did not ensure that space is available for storing a
symlink target's name along with a trailing \0 character, which allowed
local users to obtain sensitive information via a crafted filesystem
image, related to fs/udf/symlink.c and fs/udf/unicode.c (bsc#933896).
The following non-security bugs were fixed:
- Btrfs: be aware of btree inode write errors to avoid fs corruption
(bnc#942350).
- Btrfs: be aware of btree inode write errors to avoid fs corruption
(bnc#942404).
- Btrfs: check if previous transaction aborted to avoid fs corruption (bnc#942350).
- Btrfs: check if previous transaction aborted to avoid fs corruption (bnc#942404).
- Btrfs: deal with convert_extent_bit errors to avoid fs corruption (bnc#942350).
- Btrfs: deal with convert_extent_bit errors to avoid fs corruption (bnc#942404).
- Btrfs: fix hang when failing to submit bio of directIO (bnc#942688).
- Btrfs: fix memory corruption on failure to submit bio for direct IO (bnc#942688).
- Btrfs: fix put dio bio twice when we submit dio bio fail (bnc#942688).
- DRM/I915: Add enum hpd_pin to intel_encoder (bsc#942938).
- DRM/i915: Convert HPD interrupts to make use of HPD pin assignment in encoders (v2) (bsc#942938).
- DRM/i915: Get rid of the 'hotplug_supported_mask' in struct drm_i915_private (bsc#942938).
- DRM/i915: Remove i965_hpd_irq_setup (bsc#942938).
- DRM/i915: Remove valleyview_hpd_irq_setup (bsc#942938).
- Ext4: handle SEEK_HOLE/SEEK_DATA generically (bsc#934944).
- IB/core: Fix mismatch between locked and pinned pages (bnc#937855).
- IB/iser: Add Discovery support (bsc#923002).
- IB/iser: Move informational messages from error to info level (bsc#923002).
- NFS: never queue requests with rq_cong set on the sending queue (bsc#932458).
- NFSD: Fix nfsv4 opcode decoding error (bsc#935906).
- NFSv4: Minor cleanups for nfs4_handle_exception and nfs4_async_handle_error (bsc#939910).
- PCI: Disable Bus Master only on kexec reboot (bsc#920110).
- PCI: Disable Bus Master unconditionally in pci_device_shutdown() (bsc#920110).
- PCI: Do not try to disable Bus Master on disconnected PCI devices (bsc#920110).
- PCI: Lock down register access when trusted_kernel is true (fate#314486, bnc#884333)(bsc#923431).
- PCI: disable Bus Master on PCI device shutdown (bsc#920110).
- USB: xhci: Reset a halted endpoint immediately when we encounter a stall (bnc#933721).
- USB: xhci: do not start a halted endpoint before its new dequeue is set (bnc#933721).
- Apparmor: fix file_permission if profile is updated (bsc#917968).
- block: Discard bios do not have data (bsc#928988).
- cifs: Fix missing crypto allocation (bnc#937402).
- drm/cirrus: do not attempt to acquire a reservation while in an interrupt handler (bsc#935572).
- drm/i915: (re)init HPD interrupt storm statistics (bsc#942938).
- drm/i915: Add HPD IRQ storm detection (v5) (bsc#942938).
- drm/i915: Add Reenable Timer to turn Hotplug Detection back on (v4) (bsc#942938).
- drm/i915: Add bit field to record which pins have received HPD events (v3) (bsc#942938).
- drm/i915: Add messages useful for HPD storm detection debugging (v2) (bsc#942938).
- drm/i915: Avoid race of intel_crt_detect_hotplug() with HPD interrupt (bsc#942938).
- drm/i915: Disable HPD interrupt on pin when irq storm is detected (v3) (bsc#942938).
- drm/i915: Do not WARN nor handle unexpected hpd interrupts on gmch platforms (bsc#942938).
- drm/i915: Enable hotplug interrupts after querying hw capabilities (bsc#942938).
- drm/i915: Fix hotplug interrupt enabling for SDVOC (bsc#942938).
- drm/i915: Fix up sdvo hpd pins for i965g/gm (bsc#942938).
- drm/i915: Make hpd arrays big enough to avoid out of bounds access (bsc#942938).
- drm/i915: Mask out the HPD irq bits before setting them individually (bsc#942938).
- drm/i915: Only print hotplug event message when hotplug bit is set (bsc#942938).
- drm/i915: Only reprobe display on encoder which has received an HPD event (v2) (bsc#942938).
- drm/i915: Queue reenable timer also when enable_hotplug_processing is false (bsc#942938).
- drm/i915: Remove pch_rq_mask from struct drm_i915_private (bsc#942938).
- drm/i915: Use an interrupt save spinlock in intel_hpd_irq_handler() (bsc#942938).
- drm/i915: WARN_ONCE() about unexpected interrupts for all chipsets (bsc#942938).
- drm/i915: assert_spin_locked for pipestat interrupt enable/disable (bsc#942938).
- drm/i915: clear crt hotplug compare voltage field before setting (bsc#942938).
- drm/i915: close tiny race in the ilk pcu even interrupt setup (bsc#942938).
- drm/i915: fix hotplug event bit tracking (bsc#942938).
- drm/i915: fix hpd interrupt register locking (bsc#942938).
- drm/i915: fix hpd work vs. flush_work in the pageflip code deadlock (bsc#942938).
- drm/i915: fix locking around ironlake_enable|disable_display_irq (bsc#942938).
- drm/i915: fold the hpd_irq_setup call into intel_hpd_irq_handler (bsc#942938).
- drm/i915: fold the no-irq check into intel_hpd_irq_handler (bsc#942938).
- drm/i915: fold the queue_work into intel_hpd_irq_handler (bsc#942938).
- drm/i915: implement ibx_hpd_irq_setup (bsc#942938).
- drm/i915: s/hotplug_irq_storm_detect/intel_hpd_irq_handler/ (bsc#942938).
- drm/mgag200: Do not do full cleanup if mgag200_device_init fails (FATE#317582).
- drm/mgag200: do not attempt to acquire a reservation while in an interrupt handler (FATE#317582).
- drm: ast,cirrus,mgag200: use drm_can_sleep (FATE#317582, bnc#883380, bsc#935572).
- ehci-pci: enable interrupt on BayTrail (bnc926007).
- exec: kill the unnecessary mm->def_flags setting in load_elf_binary() (fate#317831,bnc#891116)).
- ext3: Fix data corruption in inodes with journalled data (bsc#936637).
- fanotify: Fix deadlock with permission events (bsc#935053).
- fork: reset mm->pinned_vm (bnc#937855).
- hrtimer: prevent timer interrupt DoS (bnc#886785).
- hugetlb, kabi: do not account hugetlb pages as NR_FILE_PAGES (bnc#930092).
- hugetlb: do not account hugetlb pages as NR_FILE_PAGES (bnc#930092).
- hv_storvsc: use small sg_tablesize on x86 (bnc#937256).
- ibmveth: Add GRO support (bsc#935055).
- ibmveth: Add support for Large Receive Offload (bsc#935055).
- ibmveth: Add support for TSO (bsc#935055).
- ibmveth: add support for TSO6.
- ibmveth: change rx buffer default allocation for CMO (bsc#935055).
- igb: do not reuse pages with pfmemalloc flag fix (bnc#920016).
- inotify: Fix nested sleeps in inotify_read() (bsc#940925).
- iommu/amd: Fix memory leak in free_pagetable (bsc#935866).
- iommu/amd: Handle large pages correctly in free_pagetable (bsc#935866).
- ipv6: probe routes asynchronous in rt6_probe (bsc#936118).
- ixgbe: Use pci_vfs_assigned instead of ixgbe_vfs_are_assigned (bsc#927355).
- kabi: wrapper include file with __GENKSYMS__ check to avoid kabi change (bsc920110).
- kdump: fix crash_kexec()/smp_send_stop() race in panic() (bnc#937444).
- kernel: add panic_on_warn.
- kernel: do full redraw of the 3270 screen on reconnect (bnc#943477, LTC#129509).
- kvm: irqchip: Break up high order allocations of kvm_irq_routing_table (bnc#926953).
- libata: prevent HSM state change race between ISR and PIO (bsc#923245).
- libiscsi: Exporting new attrs for iscsi session and connection in sysfs (bsc#923002).
- md: use kzalloc() when bitmap is disabled (bsc#939994).
- megaraid_sas: Use correct reset sequence in adp_reset() (bsc#894936).
- megaraid_sas: Use correct reset sequence in adp_reset() (bsc#938485).
- mlx4: Check for assigned VFs before disabling SR-IOV (bsc#927355).
- mm, THP: do not hold mmap_sem in khugepaged when allocating THP (VM Performance).
- mm, mempolicy: remove duplicate code (VM Functionality, bnc#931620).
- mm, thp: fix collapsing of hugepages on madvise (VM Functionality).
- mm, thp: only collapse hugepages to nodes with affinity for zone_reclaim_mode (VM Functionality, bnc#931620).
- mm, thp: really limit transparent hugepage allocation to local node (VM Performance, bnc#931620).
- mm, thp: respect MPOL_PREFERRED policy with non-local node (VM Performance, bnc#931620).
- mm/hugetlb: check for pte NULL pointer in __page_check_address() (bnc#929143).
- mm/mempolicy.c: merge alloc_hugepage_vma to alloc_pages_vma (VM Performance, bnc#931620).
- mm/thp: allocate transparent hugepages on local node (VM Performance, bnc#931620).
- mm: make page pfmemalloc check more robust (bnc#920016).
- mm: restrict access to slab files under procfs and sysfs (bnc#936077).
- mm: thp: khugepaged: add policy for finding target node (VM Functionality, bnc#931620).
- net/mlx4_core: Do not disable SRIOV if there are active VFs (bsc#927355).
- net: Fix 'ip rule delete table 256' (bsc#873385).
- net: fib6: fib6_commit_metrics: fix potential NULL pointer dereference (bsc#867362).
- net: ipv6: fib: do not sleep inside atomic lock (bsc#867362).
- netfilter: nf_conntrack_proto_sctp: minimal multihoming support (bsc#932350).
- nfsd: support disabling 64bit dir cookies (bnc#937503).
- pagecache limit: Do not skip over small zones that easily (bnc#925881).
- pagecache limit: add tracepoints (bnc#924701).
- pagecache limit: export debugging counters via /proc/vmstat (bnc#924701).
- pagecache limit: fix wrong nr_reclaimed count (FATE#309111, bnc#924701).
- pagecache limit: reduce starvation due to reclaim retries (bnc#925903).
- pci: Add SRIOV helper function to determine if VFs are assigned to guest (bsc#927355).
- pci: Add flag indicating device has been assigned by KVM (bnc#777565 FATE#313819).
- pci: Add flag indicating device has been assigned by KVM (bnc#777565 FATE#313819).
- perf, nmi: Fix unknown NMI warning (bsc#929142).
- perf/x86/intel: Move NMI clearing to end of PMI handler (bsc#929142).
- qlcnic: Fix NULL pointer dereference in qlcnic_hwmon_show_temp() (bsc#936095).
- r8169: remember WOL preferences on driver load (bsc#942305).
- s390/dasd: fix kernel panic when alias is set offline (bnc#940966, LTC#128595).
- sched: fix __sched_setscheduler() vs load balancing race (bnc#921430)
- scsi: Correctly set the scsi host/msg/status bytes (bnc#933936).
- scsi: fix scsi_error_handler vs. scsi_host_dev_release race (bnc#942204).
- scsi: Moved iscsi kabi patch to patches.kabi (bsc#923002)
- scsi: Set hostbyte status in scsi_check_sense() (bsc#920733).
- scsi: kabi: allow iscsi disocvery session support (bsc#923002).
- scsi: vmw_pvscsi: Fix pvscsi_abort() function (bnc#940398 bsc#930934).
- scsi_error: add missing case statements in scsi_decide_disposition() (bsc#920733).
- scsi_transport_iscsi: Exporting new attrs for iscsi session and connection in sysfs (bsc#923002).
- sg_start_req(): make sure that there's not too many elements in iovec (bsc#940338).
- st: null pointer dereference panic caused by use after kref_put by st_open (bsc#936875).
- supported.conf: enable sch_mqprio (bsc#932882)
- udf: Remove repeated loads blocksize (bsc#933907).
- usb: core: Fix USB 3.0 devices lost in NOTATTACHED state after a hub port reset (bnc#937641).
- usb: xhci: Prefer endpoint context dequeue pointer over stopped_trb (bnc#933721).
- usb: xhci: handle Config Error Change (CEC) in xhci driver (bnc#933721).
- vmxnet3: Bump up driver version number (bsc#936423).
- vmxnet3: Changes for vmxnet3 adapter version 2 (fwd) (bug#936423).
- vmxnet3: Fix memory leaks in rx path (fwd) (bug#936423).
- vmxnet3: Register shutdown handler for device (fwd) (bug#936423).
- x86, tls, ldt: Stop checking lm in LDT_empty (bsc#920250).
- x86, tls: Interpret an all-zero struct user_desc as 'no segment' (bsc#920250).
- x86-64: Do not apply destructive erratum workaround on unaffected CPUs (bsc#929076).
- x86/mm: Improve AMD Bulldozer ASLR workaround (bsc#937032).
- x86/tsc: Change Fast TSC calibration failed from error to info (bnc#942605).
- xenbus: add proper handling of XS_ERROR from Xenbus for transactions.
- xfs: fix problem when using md+XFS under high load (bnc#925705).
- xhci: Allocate correct amount of scratchpad buffers (bnc#933721).
- xhci: Do not enable/disable RWE on bus suspend/resume (bnc#933721).
- xhci: Solve full event ring by increasing TRBS_PER_SEGMENT to 256 (bnc#933721).
- xhci: Treat not finding the event_seg on COMP_STOP the same as COMP_STOP_INVAL (bnc#933721).
- xhci: Workaround for PME stuck issues in Intel xhci (bnc#933721).
- xhci: do not report PLC when link is in internal resume state (bnc#933721).
- xhci: fix reporting of 0-sized URBs in control endpoint (bnc#933721).
- xhci: report U3 when link is in resume state (bnc#933721).
- xhci: rework cycle bit checking for new dequeue pointers (bnc#933721).
- zcrypt: Fixed reset and interrupt handling of AP queues (bnc#936921, bnc#936925, LTC#126491). ModerateSUSE bug 777565SUSE bug 867362SUSE bug 873385SUSE bug 883380SUSE bug 884333SUSE bug 886785SUSE bug 891116SUSE bug 894936SUSE bug 915517SUSE bug 917830SUSE bug 917968SUSE bug 919463SUSE bug 920016SUSE bug 920110SUSE bug 920250SUSE bug 920733SUSE bug 921430SUSE bug 923002SUSE bug 923245SUSE bug 923431SUSE bug 924701SUSE bug 925705SUSE bug 925881SUSE bug 925903SUSE bug 926240SUSE bug 926953SUSE bug 927355SUSE bug 928988SUSE bug 929076SUSE bug 929142SUSE bug 929143SUSE bug 930092SUSE bug 930934SUSE bug 931620SUSE bug 932350SUSE bug 932458SUSE bug 932882SUSE bug 933429SUSE bug 933721SUSE bug 933896SUSE bug 933904SUSE bug 933907SUSE bug 933936SUSE bug 934944SUSE bug 935053SUSE bug 935055SUSE bug 935572SUSE bug 935705SUSE bug 935866SUSE bug 935906SUSE bug 936077SUSE bug 936095SUSE bug 936118SUSE bug 936423SUSE bug 936637SUSE bug 936831SUSE bug 936875SUSE bug 936921SUSE bug 936925SUSE bug 937032SUSE bug 937256SUSE bug 937402SUSE bug 937444SUSE bug 937503SUSE bug 937641SUSE bug 937855SUSE bug 938485SUSE bug 939910SUSE bug 939994SUSE bug 940338SUSE bug 940398SUSE bug 940925SUSE bug 940966SUSE bug 942204SUSE bug 942305SUSE bug 942350SUSE bug 942367SUSE bug 942404SUSE bug 942605SUSE bug 942688SUSE bug 942938SUSE bug 943477CVE-2014-9728 at SUSECVE-2014-9728 at NVDCVE-2014-9729 at SUSECVE-2014-9729 at NVDCVE-2014-9730 at SUSECVE-2014-9730 at NVDCVE-2014-9731 at SUSECVE-2014-9731 at NVDCVE-2015-0777 at SUSECVE-2015-0777 at NVDCVE-2015-1420 at SUSECVE-2015-1420 at NVDCVE-2015-1805 at SUSECVE-2015-1805 at NVDCVE-2015-2150 at SUSECVE-2015-2150 at NVDCVE-2015-2830 at SUSECVE-2015-2830 at NVDCVE-2015-4167 at SUSECVE-2015-4167 at NVDCVE-2015-4700 at SUSECVE-2015-4700 at NVDCVE-2015-5364 at SUSECVE-2015-5364 at NVDCVE-2015-5366 at SUSECVE-2015-5366 at NVDCVE-2015-5707 at SUSECVE-2015-5707 at NVDCVE-2015-6252 at SUSECVE-2015-6252 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
Following feature was added to kernel-xen:
- A improved XEN blkfront module was added, which allows more I/O bandwidth. (FATE#320200)
It is called xen-blkfront in PV, and xen-vbd-upstream in HVM mode.
The following security bugs were fixed:
- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in
the Linux kernel allowed local users to bypass intended AF_UNIX socket
permissions or cause a denial of service (panic) via crafted epoll_ctl
calls (bnc#955654).
- CVE-2015-7515: An out of bounds memory access in the aiptek USB
driver could be used by physical local attackers to crash the kernel
(bnc#956708).
- CVE-2015-7550: The keyctl_read_key function in security/keys/keyctl.c
in the Linux kernel did not properly use a semaphore, which allowed
local users to cause a denial of service (NULL pointer dereference and
system crash) or possibly have unspecified other impact via a crafted
application that leverages a race condition between keyctl_revoke and
keyctl_read calls (bnc#958951).
- CVE-2015-8539: The KEYS subsystem in the Linux kernel allowed
local users to gain privileges or cause a denial of service (BUG)
via crafted keyctl commands that negatively instantiate a key, related
to security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c,
and security/keys/user_defined.c (bnc#958463).
- CVE-2015-8543: The networking implementation in the Linux kernel
did not validate protocol identifiers for certain protocol families,
which allowed local users to cause a denial of service (NULL function
pointer dereference and system crash) or possibly gain privileges by
leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application
(bnc#958886).
- CVE-2015-8550: Compiler optimizations in the XEN PV backend drivers
could have lead to double fetch vulnerabilities, causing denial of service
or arbitrary code execution (depending on the configuration) (bsc#957988).
- CVE-2015-8551, CVE-2015-8552: xen/pciback: For
XEN_PCI_OP_disable_msi[|x] only disable if device has MSI(X) enabled
(bsc#957990).
- CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in
drivers/net/ppp/pptp.c in the Linux kernel did not verify an address
length, which allowed local users to obtain sensitive information from
kernel memory and bypass the KASLR protection mechanism via a crafted
application (bnc#959190).
- CVE-2015-8575: The sco_sock_bind function in net/bluetooth/sco.c in the
Linux kernel did not verify an address length, which allowed local users
to obtain sensitive information from kernel memory and bypass the KASLR
protection mechanism via a crafted application (bnc#959190 bnc#959399).
- CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux kernel did not
properly manage the relationship between a lock and a socket, which
allowed local users to cause a denial of service (deadlock) via a crafted
sctp_accept call (bnc#961509).
- CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c
in the Linux kernel allowed local users to cause a denial of service
(infinite loop) via a writev system call that triggers a zero length
for the first segment of an iov (bnc#963765).
- CVE-2015-8812: A use-after-free flaw was found in the CXGB3 kernel
driver when the network was considered to be congested. This could be
used by local attackers to cause machine crashes or potentially code
execution (bsc#966437).
- CVE-2016-0723: Race condition in the tty_ioctl function in
drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain
sensitive information from kernel memory or cause a denial of service
(use-after-free and system crash) by making a TIOCGETD ioctl call during
processing of a TIOCSETD ioctl call (bnc#961500).
- CVE-2016-2069: Race conditions in TLB syncing was fixed which could
leak to information leaks (bnc#963767).
- CVE-2016-2384: Removed a double free in the ALSA usb-audio driver in
the umidi object which could lead to crashes (bsc#966693).
- CVE-2016-2543: Added a missing NULL check at remove_events ioctl in
ALSA that could lead to crashes. (bsc#967972).
- CVE-2016-2544, CVE-2016-2545, CVE-2016-2546, CVE-2016-2547,
CVE-2016-2548, CVE-2016-2549: Various race conditions in ALSAs timer
handling were fixed. (bsc#967975, bsc#967974, bsc#967973, bsc#968011,
bsc#968012, bsc#968013).
The following non-security bugs were fixed:
- alsa: hda - Add one more node in the EAPD supporting candidate list (bsc#963561).
- alsa: hda - Apply clock gate workaround to Skylake, too (bsc#966137).
- alsa: hda - Fix playback noise with 24/32 bit sample size on BXT (bsc#966137).
- alsa: hda - disable dynamic clock gating on Broxton before reset (bsc#966137).
- Add /etc/modprobe.d/50-xen.conf selecting Xen frontend driver implementation (bsc#957986, bsc#956084, bsc#961658).
- Fix handling of re-write-before-commit for mmapped NFS pages (bsc#964201).
- nfsv4: Recovery of recalled read delegations is broken (bsc#956514).
- nvme: default to 4k device page size (bsc#967042).
- pci: leave MEM and IO decoding disabled during 64-bit BAR sizing, too (bsc#951815).
- Refresh patches.xen/xen3-08-x86-ldt-make-modify_ldt-synchronous.patch (bsc#959705).
- Refresh patches.xen/xen-vscsi-large-requests (refine fix and also address bsc#966094).
- sunrpc: restore fair scheduling to priority queues (bsc#955308).
- usb: ftdi_sio: fix race condition in TIOCMIWAIT, and abort of TIOCMIWAIT when the device is removed (bnc#956375).
- usb: ftdi_sio: fix status line change handling for TIOCMIWAIT and TIOCGICOUNT (bnc#956375).
- usb: ftdi_sio: fix tiocmget and tiocmset return values (bnc#956375).
- usb: ftdi_sio: fix tiocmget indentation (bnc#956375).
- usb: ftdi_sio: optimise chars_in_buffer (bnc#956375).
- usb: ftdi_sio: refactor modem-control status retrieval (bnc#956375).
- usb: ftdi_sio: remove unnecessary memset (bnc#956375).
- usb: ftdi_sio: use ftdi_get_modem_status in chars_in_buffer (bnc#956375).
- usb: ftdi_sio: use generic chars_in_buffer (bnc#956375).
- usb: pl2303: clean up line-status handling (bnc#959649).
- usb: pl2303: only wake up MSR queue on changes (bnc#959649).
- usb: pl2303: remove bogus delta_msr_wait wake up (bnc#959649).
- usb: serial: export usb_serial_generic_chars_in_buffer (bnc#956375).
- Update patches.fixes/mm-exclude-reserved-pages-from-dirtyable-memory-fix.patch (bnc#940017, bnc#949298, bnc#947128).
- xen: Update Xen config files (enable upstream block frontend).
- ec2: Update kabi files and start tracking ec2
- xen: consolidate and simplify struct xenbus_driver instantiation (bsc#961658 fate#320200).
- blktap: also call blkif_disconnect() when frontend switched to closed (bsc#952976).
- blktap: refine mm tracking (bsc#952976).
- block: Always check queue limits for cloned requests (bsc#933782).
- block: xen-blkfront: Fix possible NULL ptr dereference (bsc#961658 fate#320200).
- bnx2x: Add new device ids under the Qlogic vendor (bsc#964818).
- bnx2x: Alloc 4k fragment for each rx ring buffer element (bsc#953369).
- bnx2x: fix DMA API usage (bsc#953369).
- driver core: Add BUS_NOTIFY_REMOVED_DEVICE event (bnc#962965).
- driver: xen-blkfront: move talk_to_blkback to a more suitable place (bsc#961658 fate#320200).
- drivers: xen-blkfront: only talk_to_blkback() when in XenbusStateInitialising (bsc#961658 fate#320200).
- drm/i915: Change semantics of hw_contexts_disabled (bsc#963276).
- drm/i915: Evict CS TLBs between batches (bsc#758040).
- drm/i915: Fix SRC_COPY width on 830/845g (bsc#758040).
- e1000e: Do not read ICR in Other interrupt (bsc#924919).
- e1000e: Do not write lsc to ics in msi-x mode (bsc#924919).
- e1000e: Fix msi-x interrupt automask (bsc#924919).
- e1000e: Remove unreachable code (bsc#924919).
- ext3: NULL dereference in ext3_evict_inode() (bsc#942082).
- ext3: fix data=journal fast mount/umount hang (bsc#942082).
- firmware: Create directories for external firmware (bsc#959312).
- firmware: Simplify directory creation (bsc#959312).
- ftdi_sio: private backport of TIOCMIWAIT (bnc#956375).
- iommu/vt-d: Do not change dma domain on dma-mask change (bsc#955925).
- jbd: Fix unreclaimed pages after truncate in data=journal mode (bsc#961516).
- kabi/severities: Add exception for bnx2x_schedule_sp_rtnl() There is no external, 3rd party modules use the symbol and the bnx2x_schedule_sp_rtnl symbol is only used in the bnx2x driver. (bsc#953369)
- kbuild: create directory for dir/file.o (bsc#959312).
- llist/xen-blkfront: implement safe version of llist_for_each_entry (bsc#961658 fate#320200).
- lpfc: Fix null ndlp dereference in target_reset_handler (bsc#951392).
- mm-memcg-print-statistics-from-live-counters-fix (bnc#969307).
- nvme: Clear BIO_SEG_VALID flag in nvme_bio_split() (bsc#954992).
- pci: Update VPD size with correct length (bsc#958906).
- pl2303: fix TIOCMIWAIT (bnc#959649).
- pl2303: introduce private disconnect method (bnc#959649).
- qeth: initialize net_device with carrier off (bnc#958000, LTC#136514).
- s390/cio: collect format 1 channel-path description data (bnc#958000, LTC#136434).
- s390/cio: ensure consistent measurement state (bnc#958000, LTC#136434).
- s390/cio: fix measurement characteristics memleak (bnc#958000, LTC#136434).
- s390/cio: update measurement characteristics (bnc#958000, LTC#136434).
- s390/dasd: fix failfast for disconnected devices (bnc#958000, LTC#135138).
- s390/sclp: Determine HSA size dynamically for zfcpdump (bnc#958000, LTC#136143).
- s390/sclp: Move declarations for sclp_sdias into separate header file (bnc#958000, LTC#136143).
- scsi_dh_rdac: always retry MODE SELECT on command lock violation (bsc#956949).
- supported.conf: Add xen-blkfront.
- tg3: 5715 does not link up when autoneg off (bsc#904035).
- usb: serial: ftdi_sio: Add missing chars_in_buffer function (bnc#956375).
- vmxnet3: fix building without CONFIG_PCI_MSI (bsc#958912).
- vmxnet3: fix netpoll race condition (bsc#958912).
- xen, blkfront: factor out flush-related checks from do_blkif_request() (bsc#961658 fate#320200).
- xen-blkfront: Handle discard requests (bsc#961658 fate#320200).
- xen-blkfront: If no barrier or flush is supported, use invalid operation (bsc#961658 fate#320200).
- xen-blkfront: Introduce a 'max' module parameter to alter the amount of indirect segments (bsc#961658 fate#320200).
- xen-blkfront: Silence pfn maybe-uninitialized warning (bsc#961658 fate#320200).
- xen-blkfront: allow building in our Xen environment (bsc#961658 fate#320200).
- xen-blkfront: check for null drvdata in blkback_changed (XenbusStateClosing) (bsc#961658 fate#320200).
- xen-blkfront: do not add indirect pages to list when !feature_persistent (bsc#961658 fate#320200).
- xen-blkfront: drop the use of llist_for_each_entry_safe (bsc#961658 fate#320200).
- xen-blkfront: fix a deadlock while handling discard response (bsc#961658 fate#320200).
- xen-blkfront: fix accounting of reqs when migrating (bsc#961658 fate#320200).
- xen-blkfront: free allocated page (bsc#961658 fate#320200).
- xen-blkfront: handle backend CLOSED without CLOSING (bsc#961658 fate#320200).
- xen-blkfront: handle bvecs with partial data (bsc#961658 fate#320200).
- xen-blkfront: improve aproximation of required grants per request (bsc#961658 fate#320200).
- xen-blkfront: make blkif_io_lock spinlock per-device (bsc#961658 fate#320200).
- xen-blkfront: plug device number leak in xlblk_init() error path (bsc#961658 fate#320200).
- xen-blkfront: pre-allocate pages for requests (bsc#961658 fate#320200).
- xen-blkfront: remove frame list from blk_shadow (bsc#961658 fate#320200).
- xen-blkfront: remove type check from blkfront_setup_discard (bsc#961658 fate#320200).
- xen-blkfront: restore the non-persistent data path (bsc#961658 fate#320200).
- xen-blkfront: revoke foreign access for grants not mapped by the backend (bsc#961658 fate#320200).
- xen-blkfront: set blk_queue_max_hw_sectors correctly (bsc#961658 fate#320200).
- xen-blkfront: switch from llist to list (bsc#961658 fate#320200).
- xen-blkfront: use a different scatterlist for each request (bsc#961658 fate#320200).
- xen-block: implement indirect descriptors (bsc#961658 fate#320200).
- xen/blk[front|back]: Enhance discard support with secure erasing support (bsc#961658 fate#320200).
- xen/blk[front|back]: Squash blkif_request_rw and blkif_request_discard together (bsc#961658 fate#320200).
- xen/blkback: Persistent grant maps for xen blk drivers (bsc#961658 fate#320200).
- xen/blkback: persistent-grants fixes (bsc#961658 fate#320200).
- xen/blkfront: Fix crash if backend does not follow the right states (bsc#961658 fate#320200).
- xen/blkfront: do not put bdev right after getting it (bsc#961658 fate#320200).
- xen/blkfront: improve protection against issuing unsupported REQ_FUA (bsc#961658 fate#320200).
- xen/blkfront: remove redundant flush_op (bsc#961658 fate#320200).
- xen/panic/x86: Allow cpus to save registers even if they (bnc#940946).
- xen/panic/x86: Fix re-entrance problem due to panic on (bnc#937444).
- xen/pvhvm: If xen_platform_pci=0 is set do not blow up (v4) (bsc#961658 fate#320200).
- xen/x86/mm: Add barriers and document switch_mm()-vs-flush synchronization (bnc#963767).
- xen: x86: mm: drop TLB flush from ptep_set_access_flags (bsc#948330).
- xen: x86: mm: only do a local tlb flush in ptep_set_access_flags() (bsc#948330).
- xfs: Skip dirty pages in ->releasepage (bnc#912738, bnc#915183).
- zfcp: fix fc_host port_type with NPIV (bnc#958000, LTC#132479).
ImportantSUSE bug 758040SUSE bug 904035SUSE bug 912738SUSE bug 915183SUSE bug 924919SUSE bug 933782SUSE bug 937444SUSE bug 940017SUSE bug 940946SUSE bug 942082SUSE bug 947128SUSE bug 948330SUSE bug 949298SUSE bug 951392SUSE bug 951815SUSE bug 952976SUSE bug 953369SUSE bug 954992SUSE bug 955308SUSE bug 955654SUSE bug 955837SUSE bug 955925SUSE bug 956084SUSE bug 956375SUSE bug 956514SUSE bug 956708SUSE bug 956949SUSE bug 957986SUSE bug 957988SUSE bug 957990SUSE bug 958000SUSE bug 958463SUSE bug 958886SUSE bug 958906SUSE bug 958912SUSE bug 958951SUSE bug 959190SUSE bug 959312SUSE bug 959399SUSE bug 959649SUSE bug 959705SUSE bug 961500SUSE bug 961509SUSE bug 961516SUSE bug 961658SUSE bug 962965SUSE bug 963276SUSE bug 963561SUSE bug 963765SUSE bug 963767SUSE bug 964201SUSE bug 964818SUSE bug 966094SUSE bug 966137SUSE bug 966437SUSE bug 966693SUSE bug 967042SUSE bug 967972SUSE bug 967973SUSE bug 967974SUSE bug 967975SUSE bug 968011SUSE bug 968012SUSE bug 968013SUSE bug 969307CVE-2013-7446 at SUSECVE-2013-7446 at NVDCVE-2015-7515 at SUSECVE-2015-7515 at NVDCVE-2015-7550 at SUSECVE-2015-7550 at NVDCVE-2015-8539 at SUSECVE-2015-8539 at NVDCVE-2015-8543 at SUSECVE-2015-8543 at NVDCVE-2015-8550 at SUSECVE-2015-8550 at NVDCVE-2015-8551 at SUSECVE-2015-8551 at NVDCVE-2015-8552 at SUSECVE-2015-8552 at NVDCVE-2015-8569 at SUSECVE-2015-8569 at NVDCVE-2015-8575 at SUSECVE-2015-8575 at NVDCVE-2015-8767 at SUSECVE-2015-8767 at NVDCVE-2015-8785 at SUSECVE-2015-8785 at NVDCVE-2015-8812 at SUSECVE-2015-8812 at NVDCVE-2016-0723 at SUSECVE-2016-0723 at NVDCVE-2016-2069 at SUSECVE-2016-2069 at NVDCVE-2016-2384 at SUSECVE-2016-2384 at NVDCVE-2016-2543 at SUSECVE-2016-2543 at NVDCVE-2016-2544 at SUSECVE-2016-2544 at NVDCVE-2016-2545 at SUSECVE-2016-2545 at NVDCVE-2016-2546 at SUSECVE-2016-2546 at NVDCVE-2016-2547 at SUSECVE-2016-2547 at NVDCVE-2016-2548 at SUSECVE-2016-2548 at NVDCVE-2016-2549 at SUSECVE-2016-2549 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-16649: The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel allowed local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1067085).
- CVE-2017-16535: The usb_get_bos_descriptor function in drivers/usb/core/config.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066700).
- CVE-2017-15102: The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel allowed local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and a NULL pointer dereference (bnc#1066705).
- CVE-2017-16531: drivers/usb/core/config.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device, related to the USB_DT_INTERFACE_ASSOCIATION descriptor (bnc#1066671).
- CVE-2017-16529: The snd_usb_create_streams function in sound/usb/card.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066650).
- CVE-2017-16525: The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel allowed local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup (bnc#1066618).
- CVE-2017-16537: The imon_probe function in drivers/media/rc/imon.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066573).
- CVE-2017-16536: The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066606).
- CVE-2017-16527: sound/usb/mixer.c in the Linux kernel allowed local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066625).
- CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bnc#1063667).
- CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192 (bnc#1045327).
- CVE-2017-15265: Race condition in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c (bnc#1062520).
- CVE-2017-14489: The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel allowed local users to cause a denial of service (panic) by leveraging incorrect length validation (bnc#1059051).
- CVE-2017-14340: The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel did not verify that a filesystem has a realtime device, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory (bnc#1058524).
- CVE-2017-14140: The move_pages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR (bnc#1057179).
- CVE-2017-14051: An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash) by leveraging root access (bnc#1056588).
- CVE-2017-10661: Race condition in fs/timerfd.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing (bnc#1053152).
- CVE-2017-12762: In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. (bnc#1053148).
- CVE-2017-8831: The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a 'double fetch' vulnerability (bnc#1037994).
- CVE-2017-1000112: An exploitable memory corruption due to UFO to non-UFO path switch was fixed. (bnc#1052311 bnc#1052365).
The following non-security bugs were fixed:
- alsa: core: Fix unexpected error at replacing user TLV (bsc#1045538).
- alsa: hda - fix Lewisburg audio issue (fate#319286).
- alsa: hda/ca0132 - Fix memory leak at error path (bsc#1045538).
- alsa: timer: Add missing mutex lock for compat ioctls (bsc#1045538).
- audit: Fix use after free in audit_remove_watch_rule() (bsc#1045205).
- hid: usbhid: Add HID_QUIRK_NOGET for Aten CS-1758 KVM switch (bnc#1022967).
- kvm: SVM: Add a missing 'break' statement (bsc#1061017).
- kvm: async_pf: Fix #DF due to inject 'Page not Present' and 'Page Ready' exceptions simultaneously (bsc#1061017).
- nfs: Cache aggressively when file is open for writing (bsc#1053933).
- nfs: Do drop directory dentry when error clearly requires it (bsc#1051932).
- nfs: Do not flush caches for a getattr that races with writeback (bsc#1053933). # Conflicts: # series.conf
- nfs: Optimize fallocate by refreshing mapping when needed (bsc#1053933).
- nfs: Remove asserts from the NFS XDR code (bsc#1063544).
- nfs: invalidate file size when taking a lock (bsc#1053933).
- pci: fix hotplug related issues (bnc#1054247, LTC#157731).
- Update config files. (bsc#1057796) The CONFIG_MODULE_SIG_UEFI should be enabled on x86_64/xen architecture because xen can work with shim on x86_64. Enabling the following kernel config to load certificate from db/mok: +CONFIG_MODULE_SIG_BLACKLIST=y +CONFIG_MODULE_SIG_UEFI=y
- af_key: do not use GFP_KERNEL in atomic contexts (bsc#1054093).
- autofs: do not fail mount for transient error (bsc#1065180).
- xen: avoid deadlock in xenbus (bnc#1047523).
- blacklist.conf: Add PCI ASPM fix to blacklist (bsc#1045538)
- blkback/blktap: do not leak stack data via response ring (bsc#1042863 XSA-216).
- bnx2x: prevent crash when accessing PTP with interface down (bsc#1060665).
- cx231xx-audio: fix NULL-deref at probe (bsc#1050431).
- cx82310_eth: use skb_cow_head() to deal with cloned skbs (bsc#1045154).
- dm bufio: fix integer overflow when limiting maximum cache size (git-fixes).
- drm/mgag200: Fixes for G200eH3. (bnc#1062842)
- fnic: Use the local variable instead of I/O flag to acquire io_req_lock in fnic_queuecommand() to avoid deadloack (bsc#1067816).
- fuse: do not use iocb after it may have been freed (bsc#1054706).
- fuse: fix fuse_write_end() if zero bytes were copied (bsc#1054706).
- fuse: fsync() did not return IO errors (bsc#1054076).
- fuse: fuse_flush must check mapping->flags for errors (bsc#1054706).
- getcwd: Close race with d_move called by lustre (bsc#1052593).
- gspca: konica: add missing endpoint sanity check (bsc#1050431).
- i40e: Initialize 64-bit statistics TX ring seqcount (bsc#909484).
- kabi fix for new hash_cred function (bsc#1012917).
- kabi/severities: Ignore zpci symbol changes (bsc#1054247)
- lib/mpi: mpi_read_raw_data(): fix nbits calculation (fate#314508).
- lpfc: check for valid scsi cmnd in lpfc_scsi_cmd_iocb_cmpl() (bsc#1051133).
- mac80211: do not compare TKIP TX MIC key in reinstall prevention (bsc#1066472).
- md/bitmap: disable bitmap_resize for file-backed bitmaps (bsc#1061180).
- media: platform: davinci: return -EINVAL for VPFE_CMD_S_CCDC_RAW_PARAMS ioctl (bsc#1050431).
- net: Fix RCU splat in af_key (bsc#1054093).
- netback: coalesce (guest) RX SKBs as needed (bsc#1056504).
- nfs: Fix ugly referral attributes (git-fixes).
- nfs: improve shinking of access cache (bsc#1012917).
- powerpc/fadump: add reschedule point while releasing memory (bsc#1040609 bsc#1024450).
- powerpc/fadump: avoid duplicates in crash memory ranges (bsc#1037669 bsc#1037667).
- powerpc/fadump: provide a helpful error message (bsc#1037669 bsc#1037667).
- powerpc/mm: Fix check of multiple 16G pages from device tree (bsc#1064861, git-fixes).
- powerpc/prom: Increase minimum RMA size to 512MB (bsc#984530, bsc#1052370).
- powerpc/pseries/vio: Dispose of virq mapping on vdevice unregister (bsc#1067888, git-fixes f2ab6219969f).
- powerpc/slb: Force a full SLB flush when we insert for a bad EA (bsc#1054070).
- powerpc/xics: Harden xics hypervisor backend (bnc#1056230).
- powerpc: Correct instruction code for xxlor instruction (bsc#1064861, git-fixes).
- powerpc: Fix emulation of mfocrf in emulate_step() (bsc#1064861, git-fixes).
- powerpc: Fix the corrupt r3 error during MCE handling (bnc#1056230).
- powerpc: Make sure IPI handlers see data written by IPI senders (bnc#1056230).
- reiserfs: fix race in readdir (bsc#1039803).
- s390/cpcmd,vmcp: avoid GFP_DMA allocations (bnc#1060245, LTC#159112).
- s390/pci: do not cleanup in arch_setup_msi_irqs (bnc#1054247, LTC#157731).
- s390/pci: fix handling of PEC 306 (bnc#1054247, LTC#157731).
- s390/pci: improve error handling during fmb (de)registration (bnc#1054247, LTC#157731).
- s390/pci: improve error handling during interrupt deregistration (bnc#1054247, LTC#157731).
- s390/pci: improve pci hotplug (bnc#1054247, LTC#157731).
- s390/pci: improve unreg_ioat error handling (bnc#1054247, LTC#157731).
- s390/pci: introduce clp_get_state (bnc#1054247, LTC#157731).
- s390/pci: provide more debug information (bnc#1054247, LTC#157731).
- s390/qdio: avoid reschedule of outbound tasklet once killed (bnc#1063301, LTC#159885).
- s390/topology: alternative topology for topology-less machines (bnc#1060245, LTC#159177).
- s390/topology: enable / disable topology dynamically (bnc#1060245, LTC#159177).
- scsi: avoid system stall due to host_busy race (bsc#1031358).
- scsi: close race when updating blocked counters (bsc#1031358).
- scsi: qla2xxx: Get mutex lock before checking optrom_state (bsc#1053317).
- scsi: reset wait for IO completion (bsc#996376).
- scsi: zfcp: fix capping of unsuccessful GPN_FT SAN response trace records (bnc#1060245, LTC#158494).
- scsi: zfcp: fix missing trace records for early returns in TMF eh handlers (bnc#1060245, LTC#158494).
- scsi: zfcp: fix passing fsf_req to SCSI trace on TMF to correlate with HBA (bnc#1060245, LTC#158494).
- scsi: zfcp: fix payload with full FCP_RSP IU in SCSI trace records (bnc#1060245, LTC#158494).
- scsi: zfcp: fix queuecommand for scsi_eh commands when DIX enabled (bnc#1060245, LTC#158493).
- scsi: zfcp: trace HBA FSF response by default on dismiss or timedout late response (bnc#1060245, LTC#158494).
- ser_gigaset: return -ENOMEM on error instead of success (bsc#1037441).
- sunrpc: add RPCSEC_GSS hash_cred() function (bsc#1012917).
- sunrpc: add auth_unix hash_cred() function (bsc#1012917).
- sunrpc: add generic_auth hash_cred() function (bsc#1012917).
- sunrpc: add hash_cred() function to rpc_authops struct (bsc#1012917).
- sunrpc: replace generic auth_cred hash with auth-specific function (bsc#1012917).
- sunrpc: use supplimental groups in auth hash (bsc#1012917).
- supported.conf: clear mistaken external support flag for cifs.ko (bsc#1053802).
- tpm: fix a kernel memory leak in tpm-sysfs.c (bsc#1050381).
- usb-serial: check for NULL private data in pl2303_suse_disconnect (bsc#1064803).
- uwb: fix device quirk on big-endian hosts (bsc#1036629).
- virtio_scsi: do not call virtqueue_add_sgs(... GFP_NOIO) holding spinlock (bsc#1036286).
- x86/microcode/intel: Disable late loading on model 79 (bsc#1054305).
- xfs: fix inobt inode allocation search optimization (bsc#1013018).
ImportantSUSE bug 1012917SUSE bug 1013018SUSE bug 1022967SUSE bug 1024450SUSE bug 1031358SUSE bug 1036286SUSE bug 1036629SUSE bug 1037441SUSE bug 1037667SUSE bug 1037669SUSE bug 1037994SUSE bug 1039803SUSE bug 1040609SUSE bug 1042863SUSE bug 1045154SUSE bug 1045205SUSE bug 1045327SUSE bug 1045538SUSE bug 1047523SUSE bug 1050381SUSE bug 1050431SUSE bug 1051133SUSE bug 1051932SUSE bug 1052311SUSE bug 1052365SUSE bug 1052370SUSE bug 1052593SUSE bug 1053148SUSE bug 1053152SUSE bug 1053317SUSE bug 1053802SUSE bug 1053933SUSE bug 1054070SUSE bug 1054076SUSE bug 1054093SUSE bug 1054247SUSE bug 1054305SUSE bug 1054706SUSE bug 1056230SUSE bug 1056504SUSE bug 1056588SUSE bug 1057179SUSE bug 1057796SUSE bug 1058524SUSE bug 1059051SUSE bug 1060245SUSE bug 1060665SUSE bug 1061017SUSE bug 1061180SUSE bug 1062520SUSE bug 1062842SUSE bug 1063301SUSE bug 1063544SUSE bug 1063667SUSE bug 1064803SUSE bug 1064861SUSE bug 1065180SUSE bug 1066471SUSE bug 1066472SUSE bug 1066573SUSE bug 1066606SUSE bug 1066618SUSE bug 1066625SUSE bug 1066650SUSE bug 1066671SUSE bug 1066700SUSE bug 1066705SUSE bug 1067085SUSE bug 1067816SUSE bug 1067888SUSE bug 909484SUSE bug 984530SUSE bug 996376CVE-2017-1000112 at SUSECVE-2017-1000112 at NVDCVE-2017-10661 at SUSECVE-2017-10661 at NVDCVE-2017-12762 at SUSECVE-2017-12762 at NVDCVE-2017-13080 at SUSECVE-2017-13080 at NVDCVE-2017-14051 at SUSECVE-2017-14051 at NVDCVE-2017-14140 at SUSECVE-2017-14140 at NVDCVE-2017-14340 at SUSECVE-2017-14340 at NVDCVE-2017-14489 at SUSECVE-2017-14489 at NVDCVE-2017-15102 at SUSECVE-2017-15102 at NVDCVE-2017-15265 at SUSECVE-2017-15265 at NVDCVE-2017-15274 at SUSECVE-2017-15274 at NVDCVE-2017-16525 at SUSECVE-2017-16525 at NVDCVE-2017-16527 at SUSECVE-2017-16527 at NVDCVE-2017-16529 at SUSECVE-2017-16529 at NVDCVE-2017-16531 at SUSECVE-2017-16531 at NVDCVE-2017-16535 at SUSECVE-2017-16535 at NVDCVE-2017-16536 at SUSECVE-2017-16536 at NVDCVE-2017-16537 at SUSECVE-2017-16537 at NVDCVE-2017-16649 at SUSECVE-2017-16649 at NVDCVE-2017-8831 at SUSECVE-2017-8831 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
This update adds mitigations for various side channel attacks against
modern CPUs that could disclose content of otherwise unreadable memory
(bnc#1068032).
- CVE-2017-5753: Local attackers on systems with modern CPUs featuring
deep instruction pipelining could use attacker controllable speculative
execution over code patterns in the Linux Kernel to leak content from
otherwise not readable memory in the same address space, allowing
retrieval of passwords, cryptographic keys and other secrets.
This problem is mitigated by adding speculative fencing on affected
code paths throughout the Linux kernel.
This issue is addressed for the x86_64, the IBM Power and IBM zSeries
architecture.
- CVE-2017-5715: Local attackers on systems with modern CPUs featuring
branch prediction could use mispredicted branches to speculatively execute
code patterns that in turn could be made to leak other non-readable
content in the same address space, an attack similar to CVE-2017-5753.
This problem is mitigated by disabling predictive branches, depending
on CPU architecture either by firmware updates and/or fixes in the
user-kernel privilege boundaries.
This is done with help of Linux Kernel fixes on the Intel/AMD x86_64 and
IBM zSeries architectures. On x86_64, this requires also updates of the
CPU microcode packages, delivered in seperate updates.
For IBM Power and zSeries the required firmware updates are supplied
over regular channels by IBM.
As this feature can have a performance impact, it can be disabled using
the 'nospec' kernel commandline option.
- CVE-2017-5754: Local attackers on systems with modern CPUs featuring
deep instruction pipelining could use code patterns in userspace to
speculative executive code that would read otherwise read protected
memory, an attack similar to CVE-2017-5753.
This problem is mitigated by unmapping the Linux Kernel from the user
address space during user code execution, following a approach called
'KAISER'. The terms used here are 'KAISER' / 'Kernel Address Isolation'
and 'PTI' / 'Page Table Isolation'.
This update does this on the Intel x86_64 and IBM Power
architecture. Updates are also necessary for the ARM architecture,
but will be delivered in the next round of updates.
This feature can be enabled / disabled by the 'pti=[on|off|auto]' or
'nopti' commandline options.
The following security bugs were fixed:
- CVE-2017-17806: The HMAC implementation (crypto/hmac.c) in the Linux kernel did not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization (bnc#1073874).
- CVE-2017-17805: The Salsa20 encryption algorithm in the Linux kernel did not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable (bnc#1073792).
- CVE-2017-15868: The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel did not ensure that an l2cap socket is available, which allowed local users to gain privileges via a crafted application (bnc#1071470).
- CVE-2017-13167: An elevation of privilege vulnerability in the kernel sound timer. (bnc#1072876).
- CVE-2017-16538: drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel allowed local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start check and incorrect attach timing (dm04_lme2510_frontend_attach versus dm04_lme2510_tuner) (bnc#1066569).
- CVE-2017-17558: The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel did not consider the maximum number of configurations and interfaces before attempting to release resources, which allowed local users to cause a denial of service (out-of-bounds write access) or possibly have unspecified other impact via a crafted USB device (bnc#1072561).
- CVE-2017-17450: net/netfilter/xt_osf.c in the Linux kernel did not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allowed local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces (bnc#1071695).
- CVE-2017-8824: The dccp_disconnect function in net/dccp/proto.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state (bnc#1070771).
- CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages (bnc#1069702).
- CVE-2017-15115: The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel did not check whether the intended netns is used in a peel-off action, which allowed local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls (bnc#1068671).
- CVE-2017-14106: The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel allowed local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path (bnc#1056982).
- CVE-2017-11600: net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, did not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allowed local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message (bnc#1050231).
- CVE-2017-7472: The KEYS subsystem in the Linux kernel allowed local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls (bnc#1034862).
- CVE-2017-16534: The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066693).
The following non-security bugs were fixed:
- adm80211: return an error if adm8211_alloc_rings() fails (bsc#1048185).
- autofs: fix careless error in recent commit (bsc#1065180).
- bpf: prevent speculative execution in eBPF interpreter (bnc#1068032).
- carl9170: prevent speculative execution (bnc#1068032).
- ecryptfs: fix dereference of NULL user_key_payload (bsc#1013018).
- eCryptfs: use after free in ecryptfs_release_messaging() (bsc#1013018).
- fs/9p: Compare qid.path in v9fs_test_inode (bsc#1013018).
- fs: prevent speculative execution (bnc#1068032).
- isa: Prevent NULL dereference in isa_bus driver callbacks (bsc#1045538).
- kabi: silence spurious kabi error in net/sctp/socket.c (bsc#1068671).
- kaiser: add 'nokaiser' boot option, using ALTERNATIVE.
- kaiser: fix ldt freeing.
- kaiser: Kernel Address Isolation.
- kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush.
- kaiser: work around kABI.
- kvm: SVM: Do not intercept new speculative control MSRs (bsc#1068032).
- kvm: x86: Add speculative control CPUID support for guests (bsc#1068032).
- locking/barriers: introduce new memory barrier gmb() (bnc#1068032).
- media: cx231xx-cards: fix NULL-deref at probe (bsc#1050431).
- mm/madvise.c: fix madvise() infinite loop under special circumstances (bnc#1070964).
- mm/mmu_context, sched/core: Fix mmu_context.h assumption.
- p54: prevent speculative execution (bnc#1068032).
- powerpc/barrier: add gmb.
- powerpc: Secure memory rfi flush (bsc#1068032).
- ptrace: Add a new thread access check (bsc#1068032).
- qeth: check not more than 16 SBALEs on the completion queue (bnc#1072457, LTC#148203).
- s390: add ppa to system call and program check path (bsc#1068032).
- s390/disassembler: correct disassembly lines alignment (bnc#1066973, LTC#161577).
- s390/disassembler: increase show_code buffer size (bnc#1066973, LTC#161577).
- s390: fix transactional execution control register handling (bnc#1072457, LTC#162116).
- s390: introduce CPU alternatives.
- s390: introduce CPU alternatives (bsc#1068032).
- s390/spinlock: add gmb memory barrier.
- s390/spinlock: add gmb memory barrier (bsc#1068032).
- s390/spinlock: add ppa to system call path.
- sched/core: Add switch_mm_irqs_off() and use it in the scheduler.
- sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off().
- scsi_scan: Exit loop if TUR to LUN0 fails with 0x05/0x25 (bsc#1063043). This is specific to FUJITSU ETERNUS_DX* targets. They can return 'Illegal Request - Logical unit not supported' and processing should leave the timeout loop in this case.
- scsi: zfcp: fix erp_action use-before-initialize in REC action trace (bnc#1066973, LTC#160081).
- temporary fix (bsc#1068032).
- udf: prevent speculative execution (bnc#1068032).
- usb: host: fix incorrect updating of offset (bsc#1047487).
- usb: uas: fix bug in handling of alternate settings (bsc#1071074).
- uvcvideo: prevent speculative execution (bnc#1068032).
- video: udlfb: Fix read EDID timeout (bsc#1045538).
- watchdog: hpwdt: add support for iLO5 (bsc#1024612).
- watchdog/hpwdt: Check source of NMI (bsc#1024612).
- x86-64: Give vvars their own page.
- x86-64: Map the HPET NX.
- x86/acpi: Handle SCI interrupts above legacy space gracefully (bsc#1068984).
- x86/acpi: Reduce code duplication in mp_override_legacy_irq() (bsc#1068984).
- x86/alternatives: Add instruction padding.
- x86/alternatives: Cleanup DPRINTK macro.
- x86/alternatives: Make JMPs more robust.
- x86/alternatives: Use optimized NOPs for padding.
- x86/boot: Add early cmdline parsing for options with arguments.
- x86, boot: Carve out early cmdline parsing function.
- x86/CPU/AMD: Add speculative control support for AMD (bsc#1068032).
- x86/CPU/AMD: Make the LFENCE instruction serialized (bsc#1068032).
- x86/CPU/AMD: Remove now unused definition of MFENCE_RDTSC feature (bsc#1068032).
- x86/CPU: Check speculation control CPUID bit (bsc#1068032).
- x86/cpu: Fix bootup crashes by sanitizing the argument of the 'clearcpuid=' command-line option (bsc#1065600).
- x86/enter: Add macros to set/clear IBRS and set IBPB (bsc#1068032).
- x86/entry: Add a function to overwrite the RSB (bsc#1068032).
- x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (bsc#1068032).
- x86/entry: Use IBRS on entry to kernel space (bsc#1068032).
- x86/feature: Enable the x86 feature to control Speculation (bsc#1068032).
- x86/idle: Disable IBRS when offlining a CPU and re-enable on wakeup (bsc#1068032).
- x86/idle: Toggle IBRS when going idle (bsc#1068032).
- x86/kaiser: Check boottime cmdline params.
- x86/kaiser: disable vmstat accounting.
- x86/kaiser: Move feature detection up (bsc#1068032).
- x86/kaiser: propagate info to /proc/cpuinfo.
- x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling.
- x86/kvm: Add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm (bsc#1068032).
- x86/kvm: Flush IBP when switching VMs (bsc#1068032).
- x86/kvm: Pad RSB on VM transition (bsc#1068032).
- x86/kvm: Toggle IBRS on VM entry and exit (bsc#1068032).
- x86: Make alternative instruction pointers relative.
- x86/microcode/AMD: Add support for fam17h microcode loading (bsc#1068032).
- x86/mm/64: Fix reboot interaction with CR4.PCIDE.
- x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID.
- x86/mm: Add INVPCID helpers.
- x86/mm: Add the 'nopcid' boot option to turn off PCID.
- x86/mm: Build arch/x86/mm/tlb.c even on !SMP.
- x86/mm: Disable PCID on 32-bit kernels.
- x86/mm: Enable CR4.PCIDE on supported systems.
- x86/mm: fix bad backport to disable PCID on Xen.
- x86/mm: Fix INVPCID asm constraint.
- x86/mm: If INVPCID is available, use it to flush global mappings.
- x86/mm/kaiser: re-enable vsyscalls.
- x86/mm: Only set IBPB when the new thread cannot ptrace current thread (bsc#1068032).
- x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code.
- x86/mm, sched/core: Turn off IRQs in switch_mm().
- x86/mm, sched/core: Uninline switch_mm().
- x86/mm: Set IBPB upon context switch (bsc#1068032).
- x86/MSR: Move native_*msr(.. u64) to msr.h (bsc#1068032).
- x86/spec: Add IBRS control functions (bsc#1068032).
- x86/spec: Add 'nospec' chicken bit (bsc#1068032).
- x86/spec: Check CPUID direclty post microcode reload to support IBPB feature (bsc#1068032).
- x86/spec_ctrl: Add an Indirect Branch Predictor barrier (bsc#1068032).
- x86/spec_ctrl: Check whether IBPB is enabled before using it (bsc#1068032).
- x86/spec_ctrl: Check whether IBRS is enabled before using it (bsc#1068032).
- x86/svm: Add code to clear registers on VM exit (bsc#1068032).
- x86/svm: Clobber the RSB on VM exit (bsc#1068032).
- x86/svm: Set IBPB when running a different VCPU (bsc#1068032).
- x86/svm: Set IBRS value on VM entry and exit (bsc#1068032).
- xen/kaiser: add 'nokaiser' boot option, using ALTERNATIVE.
- xen/KAISER: Kernel Address Isolation.
- xen/kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush.
- xen/kaiser: work around kABI.
- xen/x86-64: Give vvars their own page.
- xen/x86-64: Map the HPET NX.
- xen/x86/alternatives: Add instruction padding.
- xen/x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling.
- xen/x86/mm: Enable CR4.PCIDE on supported systems.
- xen/x86/mm/kaiser: re-enable vsyscalls.
- xen/x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code.
- xen: x86/mm, sched/core: Turn off IRQs in switch_mm().
- xen: x86/mm, sched/core: Uninline switch_mm().
- zd1211rw: fix NULL-deref at probe (bsc#1045479).
ImportantSUSE bug 1013018SUSE bug 1024612SUSE bug 1034862SUSE bug 1045479SUSE bug 1045538SUSE bug 1047487SUSE bug 1048185SUSE bug 1050231SUSE bug 1050431SUSE bug 1056982SUSE bug 1063043SUSE bug 1065180SUSE bug 1065600SUSE bug 1066569SUSE bug 1066693SUSE bug 1066973SUSE bug 1068032SUSE bug 1068671SUSE bug 1068984SUSE bug 1069702SUSE bug 1070771SUSE bug 1070964SUSE bug 1071074SUSE bug 1071470SUSE bug 1071695SUSE bug 1072457SUSE bug 1072561SUSE bug 1072876SUSE bug 1073792SUSE bug 1073874CVE-2017-11600 at SUSECVE-2017-11600 at NVDCVE-2017-13167 at SUSECVE-2017-13167 at NVDCVE-2017-14106 at SUSECVE-2017-14106 at NVDCVE-2017-15115 at SUSECVE-2017-15115 at NVDCVE-2017-15868 at SUSECVE-2017-15868 at NVDCVE-2017-16534 at SUSECVE-2017-16534 at NVDCVE-2017-16538 at SUSECVE-2017-16538 at NVDCVE-2017-16939 at SUSECVE-2017-16939 at NVDCVE-2017-17450 at SUSECVE-2017-17450 at NVDCVE-2017-17558 at SUSECVE-2017-17558 at NVDCVE-2017-17805 at SUSECVE-2017-17805 at NVDCVE-2017-17806 at SUSECVE-2017-17806 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5753 at SUSECVE-2017-5753 at NVDCVE-2017-5754 at SUSECVE-2017-5754 at NVDCVE-2017-7472 at SUSECVE-2017-7472 at NVDCVE-2017-8824 at SUSECVE-2017-8824 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
This update is only provided as a fix update for IBM Z platform.
- CVE-2017-5753 / 'Spectre Attack': IBM Z fixes were included but not enabled in the previous update. This update enables those fixes.
- CVE-2017-5715 / 'Spectre Attack': IBM Z fixes were already included in the previous update. A bugfix for the patches has been applied on top.
- CVE-2017-5754: The IBM Z architecture is not affected by the 'Meltdown' attack.
ImportantSUSE bug 1068032CVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5753 at SUSECVE-2017-5753 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-5715: Systems with microprocessors utilizing speculative
execution and indirect branch prediction may allow unauthorized disclosure
of information to an attacker with local user access via a side-channel
analysis (bnc#1068032).
The previous fix using CPU Microcode has been complemented by building
the Linux Kernel with return trampolines aka 'retpolines'.
- CVE-2018-5332: In the Linux kernel the rds_message_alloc_sgs() function
did not validate a value that is used during DMA page allocation, leading
to a heap-based out-of-bounds write (related to the rds_rdma_extra_size
function in net/rds/rdma.c) (bnc#1075621).
- CVE-2018-5333: In the Linux kernel the rds_cmsg_atomic function in
net/rds/rdma.c mishandled cases where page pinning fails or an invalid
address is supplied, leading to an rds_atomic_free_op NULL pointer
dereference (bnc#1075617).
- CVE-2017-18017: The tcpmss_mangle_packet function in
net/netfilter/xt_TCPMSS.c in the Linux kernel allowed remote attackers
to cause a denial of service (use-after-free and memory corruption)
or possibly have unspecified other impact by leveraging the presence of
xt_TCPMSS in an iptables action (bnc#1074488).
- CVE-2017-18079: drivers/input/serio/i8042.c in the Linux kernel allowed
attackers to cause a denial of service (NULL pointer dereference and
system crash) or possibly have unspecified other impact because the
port->exists value can change after it is validated (bnc#1077922).
- CVE-2015-1142857: On multiple SR-IOV cars it is possible for VF's
assigned to guests to send ethernet flow control pause frames via the
PF. (bnc#1077355).
- CVE-2017-17741: The KVM implementation in the Linux kernel allowed
attackers to obtain potentially sensitive information from kernel
memory, aka a write_mmio stack-based out-of-bounds read, related to
arch/x86/kvm/x86.c and include/trace/events/kvm.h (bnc#1073311).
- CVE-2017-13215: A elevation of privilege vulnerability in the Upstream
kernel skcipher. (bnc#1075908).
- CVE-2018-1000004: In the Linux kernel a race condition vulnerability
existed in the sound system, this can lead to a deadlock and denial of
service condition (bnc#1076017).
The following non-security bugs were fixed:
- alsa: aloop: Fix inconsistent format due to incomplete rule (bsc#1045538).
- alsa: aloop: Fix racy hw constraints adjustment (bsc#1045538).
- alsa: aloop: Release cable upon open error path (bsc#1045538).
- alsa: pcm: Abort properly at pending signal in OSS read/write loops (bsc#1045538).
- alsa: pcm: Add missing error checks in OSS emulation plugin builder (bsc#1045538).
- alsa: pcm: Allow aborting mutex lock at OSS read/write loops (bsc#1045538).
- alsa: pcm: Remove incorrect snd_BUG_ON() usages (bsc#1045538).
- alsa: pcm: Remove yet superfluous WARN_ON() (bsc#1045538).
- btrfs: cleanup unnecessary assignment when cleaning up all the residual transaction (FATE#325056).
- btrfs: copy fsid to super_block s_uuid (bsc#1080774).
- btrfs: do not wait for all the writers circularly during the transaction commit (FATE#325056).
- btrfs: do not WARN() in btrfs_transaction_abort() for IO errors (bsc#1080363).
- btrfs: fix two use-after-free bugs with transaction cleanup (FATE#325056).
- btrfs: make the state of the transaction more readable (FATE#325056).
- btrfs: qgroup: exit the rescan worker during umount (bsc#1080685).
- btrfs: qgroup: Fix dead judgement on qgroup_rescan_leaf() return value (bsc#1080685).
- btrfs: reset intwrite on transaction abort (FATE#325056).
- btrfs: set qgroup_ulist to be null after calling ulist_free() (bsc#1080359).
- btrfs: stop waiting on current trans if we aborted (FATE#325056).
- cdc-acm: apply quirk for card reader (bsc#1060279).
- cdrom: factor out common open_for_* code (bsc#1048585).
- cdrom: wait for tray to close (bsc#1048585).
- delay: add poll_event_interruptible (bsc#1048585).
- dm flakey: add corrupt_bio_byte feature (bsc#1080372).
- dm flakey: add drop_writes (bsc#1080372).
- dm flakey: error READ bios during the down_interval (bsc#1080372).
- dm flakey: fix crash on read when corrupt_bio_byte not set (bsc#1080372).
- dm flakey: fix reads to be issued if drop_writes configured (bsc#1080372).
- dm flakey: introduce 'error_writes' feature (bsc#1080372).
- dm flakey: support feature args (bsc#1080372).
- dm flakey: use dm_target_offset and support discards (bsc#1080372).
- ext2: free memory allocated and forget buffer head when io error happens (bnc#1069508).
- ext2: use unlikely to improve the efficiency of the kernel (bnc#1069508).
- ext3: add necessary check in case IO error happens (bnc#1069508).
- ext3: use unlikely to improve the efficiency of the kernel (bnc#1069508).
- fork: clear thread stack upon allocation (bsc#1077560).
- kaiser: Add proper NX handling for !NX-capable systems also to kaiser_add_user_map(). (bsc#1076278).
- kaiser: do not clobber ZF by calling ENABLE_IBRS after test and before jz
- kaiser: fix ia32 compat sysexit (bsc#1080579) sysexit_from_sys_call cannot make assumption of accessible stack after CR3 switch, and therefore should use the SWITCH_USER_CR3_NO_STACK method to flip the pagetable hierarchy.
- kaiser: Fix trampoline stack loading issue on XEN PV
- kaiser: handle non-accessible stack in sysretl_from_sys_call properly (bsc#bsc#1080579)
- kaiser: make sure not to touch stack after CR3 switch in compat syscall return
- kaiser: really do switch away from trampoline stack to kernel stack in ia32_syscall entry (bsc#1080579)
- kbuild: modversions for EXPORT_SYMBOL() for asm (bsc#1074621 bsc#1068032).
- keys: trusted: fix writing past end of buffer in trusted_read() (bsc#1074880).
- media: omap_vout: Fix a possible null pointer dereference in omap_vout_open() (bsc#1050431).
- mISDN: fix a loop count (bsc#1077191).
- nfsd: do not share group_info among threads (bsc@1070623).
- ocfs2: avoid blocking in ocfs2_mark_lockres_freeing() in downconvert thread (bsc#1076437).
- ocfs2: do not set OCFS2_LOCK_UPCONVERT_FINISHING if nonblocking lock can not be granted at once (bsc#1076437).
- ocfs2: NFS hangs in __ocfs2_cluster_lock due to race with ocfs2_unblock_lock (bsc#962257).
- powerpc/64: Add macros for annotating the destination of rfid/hrfid (bsc#1068032, bsc#1075088).
- powerpc/64: Convert fast_exception_return to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075088).
- powerpc/64: Convert the syscall exit path to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075088).
- powerpc/64s: Add EX_SIZE definition for paca exception save areas (bsc#1068032, bsc#1075088).
- powerpc/64s: Add support for RFI flush of L1-D cache (bsc#1068032, bsc#1075088).
- powerpc/64s: Allow control of RFI flush via debugfs (bsc#1068032, bsc#1075088).
- powerpc/64s: Convert slb_miss_common to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075088).
- powerpc/64s: Simple RFI macro conversions (bsc#1068032, bsc#1075088).
- powerpc/64s: Support disabling RFI flush with no_rfi_flush and nopti (bsc#1068032, bsc#1075088).
- powerpc/64s: Wire up cpu_show_meltdown() (bsc#1068032).
- powerpc/asm: Allow including ppc_asm.h in asm files (bsc#1068032, bsc#1075088).
- powerpc: Fix register clobbering when accumulating stolen time (bsc#1059174).
- powerpc: Fix up the kdump base cap to 128M (bsc#1079917, bsc#1077487).
- powerpc: Mark CONFIG_PPC_DEBUG_RFI as BROKEN (bsc#1075088).
- powerpc/perf: Dereference BHRB entries safely (bsc#1064861, FATE#317619, git-fixes).
- powerpc/perf: Fix book3s kernel to userspace backtraces (bsc#1080133).
- powerpc/pseries: Add H_GET_CPU_CHARACTERISTICS flags & wrapper (bsc#1068032, bsc#1075088).
- powerpc/pseries: include linux/types.h in asm/hvcall.h (bsc#1068032, bsc#1075088).
- powerpc/pseries: Introduce H_GET_CPU_CHARACTERISTICS (bsc#1068032, bsc#1075088).
- powerpc/pseries: Kill all prefetch streams on context switch (bsc#1068032, bsc#1075088).
- powerpc/pseries: Query hypervisor for RFI flush settings (bsc#1068032, bsc#1075088).
- powerpc/pseries: rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1075088).
- powerpc/pseries/rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1075088).
- powerpc/pseries/rfi-flush: Drop PVR-based selection (bsc#1075088).
- powerpc/rfi-flush: Add DEBUG_RFI config option (bsc#1068032, bsc#1075088).
- powerpc/rfi-flush: Factor out init_fallback_flush() (bsc#1075088).
- powerpc/rfi-flush: Make setup_rfi_flush() not __init (bsc#1075088).
- powerpc/rfi-flush: Move RFI flush fields out of the paca (unbreak kABI) (bsc#1068032, bsc#1075088).
- powerpc/rfi-flush: Move the logic to avoid a redo into the sysfs code (bsc#1068032, bsc#1075088).
- powerpc/rfi-flush: Move the logic to avoid a redo into the sysfs code (bsc#1075088).
- powerpc/vdso64: Use double word compare on pointers (bsc#1070781).
- rfi-flush: Make DEBUG_RFI a CONFIG option (bsc#1068032, bsc#1075088).
- rfi-flush: Move rfi_flush_fallback_area to end of paca (bsc#1075088).
- rfi-flush: Move RFI flush fields out of the paca (unbreak kABI) (bsc#1075088).
- rfi-flush: Switch to new linear fallback flush (bsc#1068032,bsc#1075088).
- s390: add ppa to the idle loop (bnc#1077406, LTC#163910).
- s390/cpuinfo: show facilities as reported by stfle (bnc#1076849, LTC#163741).
- scsi: libiscsi: fix shifting of DID_REQUEUE host byte (bsc#1078875).
- scsi: sr: wait for the medium to become ready (bsc#1048585).
- scsi: virtio_scsi: let host do exception handling (bsc#936530,bsc#1060682).
- storvsc: do not assume SG list is continuous when doing bounce buffers (bsc#1075410).
- sysfs/cpu: Add vulnerability folder (bnc#1012382).
- sysfs/cpu: Fix typos in vulnerability documentation (bnc#1012382).
- sysfs: spectre_v2, handle spec_ctrl (bsc#1075994 bsc#1075091).
- x86/acpi: Handle SCI interrupts above legacy space gracefully (bsc#1068984).
- x86/acpi: Reduce code duplication in mp_override_legacy_irq() (bsc#1068984).
- x86, asm: Extend definitions of _ASM_* with a raw format (bsc#1068032 CVE-2017-5754).
- x86/boot: Fix early command-line parsing when matching at end (bsc#1068032).
- x86/cpu: Factor out application of forced CPU caps (bsc#1075994 bsc#1075091).
- x86/cpu: Implement CPU vulnerabilites sysfs functions (bnc#1012382).
- x86/CPU: Sync CPU feature flags late (bsc#1075994 bsc#1075091).
- x86/kaiser: Populate shadow PGD with NX bit only if supported by platform (bsc#1076154 bsc#1076278).
- x86/kaiser: use trampoline stack for kernel entry.
- x86/microcode/intel: Extend BDW late-loading further with LLC size check (bsc#1054305).
- x86/microcode/intel: Extend BDW late-loading with a revision check (bsc#1054305).
- x86/microcode: Rescan feature flags upon late loading (bsc#1075994 bsc#1075091).
- x86/retpolines/spec_ctrl: disable IBRS on !SKL if retpolines are active (bsc#1068032).
- x86/spec_ctrl: handle late setting of X86_FEATURE_SPEC_CTRL properly (bsc#1075994 bsc#1075091).
- x86/spectre_v2: fix ordering in IBRS initialization (bsc#1075994 bsc#1075091).
- x86/spectre_v2: nospectre_v2 means nospec too (bsc#1075994 bsc#1075091).
- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL (bsc#1068032 CVE-2017-5715).
- mm: pin address_space before dereferencing it while isolating an LRU page (bnc#1081500).
ImportantSUSE bug 1012382SUSE bug 1045538SUSE bug 1048585SUSE bug 1050431SUSE bug 1054305SUSE bug 1059174SUSE bug 1060279SUSE bug 1060682SUSE bug 1063544SUSE bug 1064861SUSE bug 1068032SUSE bug 1068984SUSE bug 1069508SUSE bug 1070623SUSE bug 1070781SUSE bug 1073311SUSE bug 1074488SUSE bug 1074621SUSE bug 1074880SUSE bug 1075088SUSE bug 1075091SUSE bug 1075410SUSE bug 1075617SUSE bug 1075621SUSE bug 1075908SUSE bug 1075994SUSE bug 1076017SUSE bug 1076154SUSE bug 1076278SUSE bug 1076437SUSE bug 1076849SUSE bug 1077191SUSE bug 1077355SUSE bug 1077406SUSE bug 1077487SUSE bug 1077560SUSE bug 1077922SUSE bug 1078875SUSE bug 1079917SUSE bug 1080133SUSE bug 1080359SUSE bug 1080363SUSE bug 1080372SUSE bug 1080579SUSE bug 1080685SUSE bug 1080774SUSE bug 1081500SUSE bug 936530SUSE bug 962257CVE-2015-1142857 at SUSECVE-2015-1142857 at NVDCVE-2017-13215 at SUSECVE-2017-13215 at NVDCVE-2017-17741 at SUSECVE-2017-17741 at NVDCVE-2017-18017 at SUSECVE-2017-18017 at NVDCVE-2017-18079 at SUSECVE-2017-18079 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2018-1000004 at SUSECVE-2018-1000004 at NVDCVE-2018-5332 at SUSECVE-2018-5332 at NVDCVE-2018-5333 at SUSECVE-2018-5333 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-3639: Information leaks using 'Memory Disambiguation' feature
in modern CPUs were mitigated, aka 'Spectre Variant 4' (bnc#1087082).
A new boot commandline option was introduced,
'spec_store_bypass_disable', which can have following values:
- auto: Kernel detects whether your CPU model contains an implementation
of Speculative Store Bypass and picks the most appropriate mitigation.
- on: disable Speculative Store Bypass
- off: enable Speculative Store Bypass
- prctl: Control Speculative Store Bypass per thread via
prctl. Speculative Store Bypass is enabled for a process by default. The
state of the control is inherited on fork.
- seccomp: Same as 'prctl' above, but all seccomp threads will disable
SSB unless they explicitly opt out.
The default is 'seccomp', meaning programs need explicit opt-in into the mitigation.
Status can be queried via the /sys/devices/system/cpu/vulnerabilities/spec_store_bypass file, containing:
- 'Vulnerable'
- 'Mitigation: Speculative Store Bypass disabled'
- 'Mitigation: Speculative Store Bypass disabled via prctl'
- 'Mitigation: Speculative Store Bypass disabled via prctl and seccomp'
- CVE-2018-1000199: An address corruption flaw was discovered while
modifying a h/w breakpoint via 'modify_user_hw_breakpoint' routine, an
unprivileged user/process could use this flaw to crash the system kernel
resulting in DoS OR to potentially escalate privileges on a the system. (bsc#1089895)
- CVE-2018-10675: The do_get_mempolicy function in mm/mempolicy.c allowed
local users to cause a denial of service (use-after-free) or possibly
have unspecified other impact via crafted system calls (bnc#1091755).
- CVE-2017-5715: The retpoline mitigation for Spectre v2 has been enabled also for 32bit x86.
- CVE-2017-5753: Spectre v1 mitigations have been improved by the versions
merged from the upstream kernel.
The following non-security bugs were fixed:
- Avoid quadratic search when freeing delegations (bsc#1084760).
- cifs: fix crash due to race in hmac(md5) handling (bsc#1091671).
- hid: roccat: prevent an out of bounds read in kovaplus_profile_activated() (bsc#1087092).
- mmc: jz4740: Fix race condition in IRQ mask update (bsc#1090888).
- powerpc/64: Disable gmb() on powerpc
- powerpc/64s: Add barrier_nospec (bsc#1068032, bsc#1080157).
- powerpc/64s: Add support for ori barrier_nospec patching (bsc#1068032, bsc#1080157).
- powerpc/64s: Enable barrier_nospec based on firmware settings (bsc#1068032, bsc#1080157).
- powerpc/64s: Enhance the information in cpu_show_meltdown() (bsc#1068032, bsc#1075088, bsc#1091815).
- powerpc/64s: Enhance the information in cpu_show_spectre_v1() (bsc#1068032).
- powerpc/64s: Fix section mismatch warnings from setup_rfi_flush() (bsc#1068032, bsc#1075087, bsc#1091041).
- powerpc/64s: Improve RFI L1-D cache flush fallback (bsc#1068032, bsc#1075088, bsc#1091815).
- powerpc/64s: Move cpu_show_meltdown() (bsc#1068032, bsc#1075088, bsc#1091815).
- powerpc/64s: Patch barrier_nospec in modules (bsc#1068032, bsc#1080157).
- powerpc/64s: Wire up cpu_show_spectre_v1() (bsc#1068032, bsc#1075088, bsc#1091815).
- powerpc/64s: Wire up cpu_show_spectre_v2() (bsc#1068032, bsc#1075088, bsc#1091815).
- powerpc/64: Use barrier_nospec in syscall entry (bsc#1068032, bsc#1080157).
- powerpc: Add security feature flags for Spectre/Meltdown (bsc#1068032, bsc#1075088, bsc#1091815).
- powerpc: Move default security feature flags (bsc#1068032, bsc#1075088, bsc#1091815).
- powerpc: Move local setup.h declarations to arch includes (bsc#1068032, bsc#1075088, bsc#1091815).
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags (bsc#1068032, bsc#1075088, bsc#1091815).
- powerpc/pseries: Fix clearing of security feature flags (bsc#1068032, bsc#1075088, bsc#1091815).
- powerpc/pseries: Restore default security feature flags on setup (bsc#1068032, bsc#1075088, bsc#1091815).
- powerpc/pseries: Set or clear security feature flags (bsc#1068032, bsc#1075088, bsc#1091815).
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() (bsc#1068032, bsc#1075088, bsc#1091815).
- powerpc/rfi-flush: Always enable fallback flush on pseries (bsc#1068032, bsc#1075088, bsc#1091815).
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1075088, bsc#1091815).
- powerpc/rfi-flush: Differentiate enabled and patched flush types (bsc#1068032, bsc#1075088, bsc#1091815).
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again (bsc#1068032, bsc#1075088, bsc#1091815).
- powerpc: Use barrier_nospec in copy_from_user() (bsc#1068032, bsc#1080157).
- series.conf: fix the header It was corrupted back in 2015.
- tracing: Create seq_buf layer in trace_seq (bsc#1091815).
- Update config files. Enable retpolines for i386 build.
- usb: Accept bulk endpoints with 1024-byte maxpacket (bsc#1090888).
- usb: hub: fix SS hub-descriptor handling (bsc#1092372).
- x86/bugs: correctly force-disable IBRS on !SKL systems (bsc#1092497).
- x86/kaiser: export symbol kaiser_set_shadow_pgd() (bsc#1090630)
- x86/xen: disable IBRS around CPU stopper function invocation
- xen-netfront: fix req_prod check to avoid RX hang when index wraps (bsc#1046610).
- xfs: fix buffer use after free on IO error (bsc#1052943).
- xfs: prevent recursion in xfs_buf_iorequest (bsc#1052943).
ImportantSUSE bug 1046610SUSE bug 1052943SUSE bug 1068032SUSE bug 1075087SUSE bug 1075088SUSE bug 1080157SUSE bug 1084760SUSE bug 1087082SUSE bug 1087092SUSE bug 1089895SUSE bug 1090630SUSE bug 1090888SUSE bug 1091041SUSE bug 1091671SUSE bug 1091755SUSE bug 1091815SUSE bug 1092372SUSE bug 1092497SUSE bug 1094019CVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5753 at SUSECVE-2017-5753 at NVDCVE-2018-1000199 at SUSECVE-2018-1000199 at NVDCVE-2018-10675 at SUSECVE-2018-10675 at NVDCVE-2018-3639 at SUSECVE-2018-3639 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
This update main focus is a regression fix in SystemV IPC handling. (bsc#1093600)
The following non-security bugs were fixed:
- Drop cBPF SSBD as classic BPF does not really have a proper concept of pointers, and without eBPF maps the out-of-bounds access in speculative execution branch can't be mounted. Moreoever, seccomp BPF uses only such a subset of BPF that can only do absolute indexing, and therefore seccomp data buffer boundarier can't be crossed. Information condensed from Alexei and Kees.
- ibrs used instead of retpoline on Haswell processor with spectre_v2=retpoline (bsc#1092497)
- ib/mlx4: Convert slave port before building address-handle (bug#919382 FATE#317529).
- KABI protect struct _lowcore (bsc#1089386).
- Update config files, add Spectre mitigation for s390x (bnc#1089386, LTC#166572).
- Update s390 config files (bsc#1089386).
- fanotify: fix logic of events on child (bsc#1013018).
- ipc/msg: Fix faulty parsing of msgctl args (bsc#1093600,bsc#1072689).
- ocfs2/dlm: Fix up kABI in dlm_ctxt (bsc#1070404).
- ocfs2/dlm: wait for dlm recovery done when migrating all lock resources (bsc#1013018).
- powerpc, KVM: Split HVMODE_206 cpu feature bit into separate HV and architecture bits (bsc#1087082).
- powerpc: Fix /proc/cpuinfo revision for POWER9 DD2 (FATE#325713, bsc#1093710).
- s390/cio: update chpid descriptor after resource accessibility event (bnc#1091659, LTC#167429).
- s390/dasd: fix IO error for newly defined devices (bnc#1091659, LTC#167398).
- s390/qdio: fix access to uninitialized qdio_q fields (bnc#1091659, LTC#168037).
- s390/qeth: on channel error, reject further cmd requests (bnc#1088343, LTC#165985).
- s390: add automatic detection of the spectre defense (bnc#1089386, LTC#166572).
- s390: add optimized array_index_mask_nospec (bnc#1089386, LTC#166572).
- s390: add sysfs attributes for spectre (bnc#1089386, LTC#166572).
- s390: correct module section names for expoline code revert (bsc#1089386).
- s390: correct nospec auto detection init order (bnc#1089386, LTC#166572).
- s390: do not bypass BPENTER for interrupt system calls (bnc#1089386, LTC#166572).
- s390: fix retpoline build on 31bit (bsc#1089386).
- s390: improve cpu alternative handling for gmb and nobp (bnc#1089386, LTC#166572).
- s390: introduce execute-trampolines for branches (bnc#1089386, LTC#166572).
- s390: move nobp parameter functions to nospec-branch.c (bnc#1089386, LTC#166572).
- s390: report spectre mitigation via syslog (bnc#1089386, LTC#166572).
- s390: run user space and KVM guests with modified branch prediction (bnc#1089386, LTC#166572).
- s390: scrub registers on kernel entry and KVM exit (bnc#1089386, LTC#166572).
- x86, mce: Fix mce_start_timer semantics (bsc#1090607).
- x86/kaiser: symbol kaiser_set_shadow_pgd() exported with non GPL
ImportantSUSE bug 1013018SUSE bug 1070404SUSE bug 1072689SUSE bug 1087082SUSE bug 1088343SUSE bug 1089386SUSE bug 1090607SUSE bug 1091659SUSE bug 1092497SUSE bug 1093600SUSE bug 1093710SUSE bug 919382cpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-3620: Local attackers on baremetal systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other hyperthreads on the same CPU core, potentially leaking sensitive data. (bnc#1087081).
- CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other hyperthreads on the same CPU core, potentially leaking sensitive data, even from other virtual machines or the host system. (bnc#1089343).
- CVE-2018-1000204: A malformed SG_IO ioctl issued for a SCSI device could lead to a local kernel information leak manifesting in up to approximately 1000 memory pages copied to the userspace. The problem has limited scope as non-privileged users usually have no permissions to access SCSI device files. (bnc#1096728).
- CVE-2018-13053: The alarm_timer_nsleep function in kernel/time/alarmtimer.c had an integer overflow via a large relative timeout because ktime_add_safe is not used (bnc#1099924).
- CVE-2018-13406: An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used (bnc#1098016 bnc#1100418).
- CVE-2016-8405: An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. (bnc#1099942).
- CVE-2018-5814: Multiple race condition errors when handling probe, disconnect, and rebind operations could be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets (bnc#1096480).
- CVE-2018-12233: In the ea_get function in fs/jfs/xattr.c a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. (bnc#1097234).
- CVE-2017-13305: A information disclosure vulnerability in the Upstream kernel encrypted-keys. (bnc#1094353).
- CVE-2018-1130: A null pointer dereference in dccp_write_xmit() function in net/dccp/output.c allowed a local user to cause a denial of service by a number of certain crafted system calls (bnc#1092904).
- CVE-2018-1068: A flaw was found in the implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory (bnc#1085107).
- CVE-2018-5803: An error in the '_sctp_make_chunk()' function (net/sctp/sm_make_chunk.c) when handling SCTP packets length could be exploited to cause a kernel crash (bnc#1083900).
- CVE-2018-7492: A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function allowed local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST (bnc#1082962).
The following non-security bugs were fixed:
- cpu/hotplug: Add sysfs state interface (bsc#1089343).
- cpu/hotplug: Provide knobs to control SMT (bsc#1089343).
- cpu/hotplug: Split do_cpu_down() (bsc#1089343).
- disable-prot_none_mitigation.patch: disable prot_none native mitigation (bnc#1104684)
- fix pgd underflow (bnc#1104475) custom walk_page_range rework was incorrect and could underflow pgd if the given range was below a first vma.
- slab: introduce kmalloc_array() (bsc#909361).
- x86/apic: Ignore secondary threads if nosmt=force (bsc#1089343).
- x86/cpu/AMD: Do not check CPUID max ext level before parsing SMP info (bsc#1089343).
- x86/cpu/AMD: Evaluate smp_num_siblings early (bsc#1089343).
- x86/cpu/AMD: Move TOPOEXT reenablement before reading smp_num_siblings (bsc#1089343).
- x86/cpu/AMD: Remove the pointless detect_ht() call (bsc#1089343).
- x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
- x86/cpu/intel: Evaluate smp_num_siblings early (bsc#1089343).
- x86/cpu: Remove the pointless CPU printout (bsc#1089343).
- x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).
- x86/smpboot: Do not use smp_num_siblings in __max_logical_packages calculation (bsc#1089343).
- x86/smp: Provide topology_is_primary_thread() (bsc#1089343).
- x86/topology: Add topology_max_smt_threads() (bsc#1089343).
- x86/topology: Provide topology_smt_supported() (bsc#1089343).
- xen/x86/cpu/common: Provide detect_ht_early() (bsc#1089343).
- xen/x86/cpu: Remove the pointless CPU printout (bsc#1089343).
- xen/x86/cpu/topology: Provide detect_extended_topology_early() (bsc#1089343).
- x86/mm: Simplify p[g4um]d_page() macros (bnc#1087081, bnc#1104684).
ImportantSUSE bug 1082962SUSE bug 1083900SUSE bug 1085107SUSE bug 1087081SUSE bug 1089343SUSE bug 1092904SUSE bug 1094353SUSE bug 1096480SUSE bug 1096728SUSE bug 1097234SUSE bug 1098016SUSE bug 1099924SUSE bug 1099942SUSE bug 1100418SUSE bug 1104475SUSE bug 1104684SUSE bug 909361CVE-2016-8405 at SUSECVE-2016-8405 at NVDCVE-2017-13305 at SUSECVE-2017-13305 at NVDCVE-2018-1000204 at SUSECVE-2018-1000204 at NVDCVE-2018-1068 at SUSECVE-2018-1068 at NVDCVE-2018-1130 at SUSECVE-2018-1130 at NVDCVE-2018-12233 at SUSECVE-2018-12233 at NVDCVE-2018-13053 at SUSECVE-2018-13053 at NVDCVE-2018-13406 at SUSECVE-2018-13406 at NVDCVE-2018-3620 at SUSECVE-2018-3620 at NVDCVE-2018-3646 at SUSECVE-2018-3646 at NVDCVE-2018-5803 at SUSECVE-2018-5803 at NVDCVE-2018-5814 at SUSECVE-2018-5814 at NVDCVE-2018-7492 at SUSECVE-2018-7492 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-17182: An issue was discovered in the Linux kernel The vmacache_flush_all function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations (bnc#1108399).
The following non-security bugs were fixed:
- x86/fpu: Do not do __thread_fpu_end() if use_eager_fpu() (bnc#1109967).
ImportantSUSE bug 1108399SUSE bug 1109967CVE-2018-17182 at SUSECVE-2018-17182 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2016-10741: fs/xfs/xfs_aops.c allowed local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure (bnc#1114920 bnc#1124010).
- CVE-2017-18360: In change_port_settings in drivers/usb/serial/io_ti.c local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates (bnc#1123706).
- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).
- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).
- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).
- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).
- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).
- CVE-2019-7222: A information leak in exception handling in KVM could be used to expose host memory to guests. (bnc#1124735).
The following non-security bugs were fixed:
- aacraid: Fix memory leak in aac_fib_map_free (bsc#1115827).
- arcmsr: upper 32 of dma address lost (bsc#1115828).
- block/swim3: Fix -EBUSY error when re-opening device after unmount (bsc#1121997).
- block/swim: Fix array bounds check (Git-fix).
- btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667).
- btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667).
- cpusets, isolcpus: exclude isolcpus from load balancing in cpusets (bsc#1119255).
- dasd: fix deadlock in dasd_times_out (bnc#1117943, LTC#174111).
- drivers: hv: vmbus: check the creation_status in vmbus_establish_gpadl() (bsc#1104098).
- drm/ast: Remove existing framebuffers before loading driver (boo#1112963)
- drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock (bsc#1106886)
- ext4: add missing brelse() update_backups()'s error path (bsc#1117796).
- ext4: avoid buffer leak in ext4_orphan_add() after prior errors (bsc#1117802).
- ext4: avoid possible double brelse() in add_new_gdb() on error path (bsc#1118760).
- ext4: fix buffer leak in ext4_xattr_move_to_block() on error path (bsc#1117806).
- ext4: release bs.bh before re-using in ext4_xattr_block_find() (bsc#1117805).
- fbdev: fbcon: Fix unregister crash when more than one framebuffer (bsc#1106886)
- fbdev: fbmem: behave better with small rotated displays and many CPUs (bsc#1106886)
- Fix kabi break cased by NFS: Cache state owners after files are closed (bsc#1031572).
- fork: record start_time late (bsc#1121872).
- fscache: Fix dead object requeue (bsc#1107371).
- fscache: Fix race in fscache_op_complete() due to split atomic_sub & read (git-fixes).
- fs-cache: Move fscache_report_unexpected_submission() to make it more available (bsc#1107371).
- fs-cache: When submitting an op, cancel it if the target object is dying (bsc#1107371).
- fuse: Add missed unlock_page() to fuse_readpages_fill() (git-fixes).
- fuse: fix blocked_waitq wakeup (git-fixes).
- fuse: fix leaked notify reply (git-fixes).
- fuse: Fix oops at process_init_reply() (git-fixes).
- fuse: fix possibly missed wake-up after abort (git-fixes).
- fuse: umount should wait for all requests (git-fixes).
- igb: do not unmap NULL hw_addr (bsc#969471 bsc#969473 ) (bsc#1123702).
- igb: re-assign hw address pointer on reset after PCI error (bnc#1012382) (bsc#1123702).
- iommu/amd: Fix IOMMU page flush when detach device from a domain (bsc#1106105).
- kvm: x86: Fix the duplicated failure path handling in vmx_init (bsc#1104367).
- lib: add 'on'/'off' support to strtobool (bsc#1125931).
- megaraid_sas: Fix probing cards without io port (bsc#1115829).
- net/af_iucv: drop inbound packets with invalid flags (bnc#1114440, LTC#172679).
- net/af_iucv: fix skb handling on HiperTransport xmit error (bnc#1114440, LTC#172679).
- nfs: Cache state owners after files are closed (bsc#1031572).
- nfs: Do not drop CB requests with invalid principals (git-fixes).
- nfsv4.1: Fix a kfree() of uninitialised pointers in decode_cb_sequence_args (git-fixes).
- nfsv4: Do not exit the state manager without clearing NFS4CLNT_MANAGER_RUNNING (git-fixes).
- nfsv4: Keep dropped state owners on the LRU list for a while (bsc#1031572).
- nlm: Ensure callback code also checks that the files match (git-fixes).
- ocfs2: fix three small problems in the patch (bsc#1086695)
- omap2fb: Fix stack memory disclosure (bsc#1106886)
- pci/ASPM: Fix link_state teardown on device removal (bsc#1109806).
- powerpc/fadump: handle crash memory ranges array index overflow (git-fixes).
- powerpc/fadump: Return error when fadump registration fails (git-fixes).
- powerpc/fadump: Unregister fadump on kexec down path (git-fixes).
- powerpc/traps: restore recoverability of machine_check interrupts (bsc#1094244).
- Revert 'NFS: Make close(2) asynchronous when closing NFS O_DIRECT files' (git-fixes).
- ring-buffer: Always reset iterator to reader page (bsc#1120107).
- ring-buffer: Fix first commit on sub-buffer having non-zero delta (bsc#1120077).
- ring-buffer: Fix infinite spin in reading buffer (bsc#1120107).
- ring-buffer: Have ring_buffer_iter_empty() return true when empty (bsc#1120107).
- ring-buffer: Mask out the info bits when returning buffer page length (bsc#1120094).
- ring-buffer: Up rb_iter_peek() loop count to 3 (bsc#1120105).
- rpm/modprobe-xen.conf: Add --ignore-install.
- s390: always save and restore all registers on context switch (git-fixes).
- s390/dasd: fix using offset into zero size array error (git-fixes).
- s390/decompressor: fix initrd corruption caused by bss clear (git-fixes).
- s390/qdio: do not release memory in qdio_setup_irq() (git-fixes).
- s390/qdio: reset old sbal_state flags (bnc#1114440, LTC#171525).
- s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function (bnc#1114440, LTC#172682).
- s390/qeth: fix length check in SNMP processing (bnc#1117943, LTC#173657).
- s390: qeth: Fix potential array overrun in cmd/rc lookup (bnc#1114440, LTC#172682).
- s390/qeth: invoke softirqs after napi_schedule() (git-fixes).
- s390/qeth: remove outdated portname debug msg (bnc#1117943, LTC#172960).
- s390/qeth: sanitize strings in debug messages (bnc#1117943, LTC#172960).
- sched, isolcpu: make cpu_isolated_map visible outside scheduler (bsc#1119255).
- scsi: aacraid: Fix typo in blink status (bsc#1115830).
- scsi: aacraid: Reorder Adapter status check (bsc#1115830).
- scsi: aic94xx: fix an error code in aic94xx_init() (bsc#1115831).
- scsi: bfa: integer overflow in debugfs (bsc#1115832).
- scsi: esp_scsi: Track residual for PIO transfers (bsc#1115833).
- scsi: fas216: fix sense buffer initialization (bsc#1115834).
- scsi: libfc: Revert ' libfc: use offload EM instance again instead jumping to next EM' (bsc#1115835).
- scsi: libsas: fix ata xfer length (bsc#1115836).
- scsi: libsas: fix error when getting phy events (bsc#1115837).
- scsi: lpfc: Do not return internal MBXERR_ERROR code from probe function (bsc#1115838).
- scsi: megaraid_sas: Fix data integrity failure for JBOD (passthrough) devices (bsc#1115839).
- scsi: megaraid_sas: fix macro MEGASAS_IS_LOGICAL to avoid regression (bsc#1115839).
- scsi: qla2xxx: Fix ISP recovery on unload (bsc#1115840).
- scsi: qla2xxx: shutdown chip if reset fail (bsc#1115841).
- scsi: qlogicpti: Fix an error handling path in 'qpti_sbus_probe()' (bsc#1115842).
- scsi: scsi_dh_emc: return success in clariion_std_inquiry() (bsc#1115843).
- scsi: zfcp: add handling for FCP_RESID_OVER to the fcp ingress path (git-fixes).
- scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown (bsc#1123505, LTC#174581).
- sg: fix dxferp in from_to case (bsc#1115844).
- sunrpc: Fix a potential race in xprt_connect() (git-fixes).
- svc: Avoid garbage replies when pc_func() returns rpc_drop_reply (git-fixes).
- svcrpc: do not leak contexts on PROC_DESTROY (git-fixes).
- tracepoints: Do not trace when cpu is offline (bsc#1120109).
- tracing: Add #undef to fix compile error (bsc#1120226).
- tracing: Allow events to have NULL strings (bsc#1120056).
- tracing: Do not add event files for modules that fail tracepoints (bsc#1120086).
- tracing: Fix check for cpu online when event is disabled (bsc#1120109).
- tracing: Fix regex_match_front() to not over compare the test string (bsc#1120223).
- tracing/kprobes: Allow to create probe with a module name starting with a digit (bsc#1120336).
- tracing: Move mutex to protect against resetting of seq data (bsc#1120217).
- tracing: probeevent: Fix to support minus offset from symbol (bsc#1120347).
- usb: keyspan: fix overrun-error reporting (bsc#1114672).
- usb: keyspan: fix tty line-status reporting (bsc#1114672).
- usb: option: fix Cinterion AHxx enumeration (bsc#1114672).
- usb: serial: ark3116: fix open error handling (bsc#1114672).
- usb: serial: ch341: fix control-message error handling (bsc#1114672).
- usb: serial: ch341: fix initial modem-control state (bsc#1114672).
- usb: serial: ch341: fix modem-status handling (bsc#1114672).
- usb: serial: ch341: fix open and resume after B0 (bsc#1114672).
- usb: serial: ch341: fix resume after reset (bsc#1114672).
- usb: serial: ch341: fix type promotion bug in ch341_control_in() (bsc#1114672).
- usb: serial: cyberjack: fix NULL-deref at open (bsc#1114672).
- usb: serial: fix tty-device error handling at probe (bsc#1114672).
- usb: serial: ftdi_sio: fix modem-status error handling (bsc#1114672).
- usb: serial: io_ti: fix another NULL-deref at open (bsc#1114672).
- usb: serial: io_ti: fix NULL-deref at open (bsc#1114672).
- usb: serial: keyspan_pda: verify endpoints at probe (bsc#1114672).
- usb: serial: kl5kusb105: abort on open exception path (bsc#1114672).
- usb: serial: kl5kusb105: fix open error path (bsc#1114672).
- usb: serial: kobil_sct: fix NULL-deref in write (bsc#1114672).
- usb: serial: mct_u232: fix modem-status error handling (bsc#1114672).
- usb: serial: omninet: fix NULL-derefs at open and disconnect.
- usb: serial: pl2303: fix NULL-deref at open (bsc#1114672).
- usb: serial: ti_usb_3410_5052: fix NULL-deref at open (bsc#1114672).
- vmcore: Remove 'weak' from function declarations (git-fixes).
- x86, kvm: Remove incorrect redundant assembly constraint (bnc#931850).
- x86/mm: Simplify p[g4um]xen: d_page() macros (bnc#1087081, bnc#1104684).
- xen: kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- xen: x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818).
- xen/x86/mm: Prevent kernel Oops in PTDUMP code with HIGHPTE=y (bsc#1106105).
- xen/x86/mm: Set IBPB upon context switch (bsc#1068032).
- xen/x86/process: Re-export start_thread() (bsc#1110006).
- xen/x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- xen/x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081).
- xen/x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- xen/x86/traps: add missing kernel CR3 switch in bad_iret path (bsc#1098658).
- xfrm: use complete IPv6 addresses for hash (bsc#1109330).
- xfs: do not BUG() on mixed direct and mapped I/O (bsc#1114920).
- xfs: fix the logspace waiting algorithm (bsc#1122874).
- xfs: stop searching for free slots in an inode chunk when there are none (bsc#1115007).
- xfs: validate sb_logsunit is a multiple of the fs blocksize (bsc#1115038).
ImportantSUSE bug 1012382SUSE bug 1031572SUSE bug 1068032SUSE bug 1086695SUSE bug 1087081SUSE bug 1094244SUSE bug 1098658SUSE bug 1104098SUSE bug 1104367SUSE bug 1104684SUSE bug 1104818SUSE bug 1105536SUSE bug 1106105SUSE bug 1106886SUSE bug 1107371SUSE bug 1109330SUSE bug 1109806SUSE bug 1110006SUSE bug 1112963SUSE bug 1113667SUSE bug 1114440SUSE bug 1114672SUSE bug 1114920SUSE bug 1115007SUSE bug 1115038SUSE bug 1115827SUSE bug 1115828SUSE bug 1115829SUSE bug 1115830SUSE bug 1115831SUSE bug 1115832SUSE bug 1115833SUSE bug 1115834SUSE bug 1115835SUSE bug 1115836SUSE bug 1115837SUSE bug 1115838SUSE bug 1115839SUSE bug 1115840SUSE bug 1115841SUSE bug 1115842SUSE bug 1115843SUSE bug 1115844SUSE bug 1116841SUSE bug 1117796SUSE bug 1117802SUSE bug 1117805SUSE bug 1117806SUSE bug 1117943SUSE bug 1118152SUSE bug 1118319SUSE bug 1118760SUSE bug 1119255SUSE bug 1119714SUSE bug 1120056SUSE bug 1120077SUSE bug 1120086SUSE bug 1120093SUSE bug 1120094SUSE bug 1120105SUSE bug 1120107SUSE bug 1120109SUSE bug 1120217SUSE bug 1120223SUSE bug 1120226SUSE bug 1120336SUSE bug 1120347SUSE bug 1120743SUSE bug 1120950SUSE bug 1121872SUSE bug 1121997SUSE bug 1122874SUSE bug 1123505SUSE bug 1123702SUSE bug 1123706SUSE bug 1124010SUSE bug 1124735SUSE bug 1125931SUSE bug 931850SUSE bug 969471SUSE bug 969473CVE-2016-10741 at SUSECVE-2016-10741 at NVDCVE-2017-18360 at SUSECVE-2017-18360 at NVDCVE-2018-19407 at SUSECVE-2018-19407 at NVDCVE-2018-19824 at SUSECVE-2018-19824 at NVDCVE-2018-19985 at SUSECVE-2018-19985 at NVDCVE-2018-20169 at SUSECVE-2018-20169 at NVDCVE-2018-9568 at SUSECVE-2018-9568 at NVDCVE-2019-7222 at SUSECVE-2019-7222 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)
- CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)
- CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)
- CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)
- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
This kernel update contains software mitigations for these issues, which also utilize CPU microcode updates shipped in parallel.
For more information on this set of information leaks, check out https://www.suse.com/support/kb/doc/?id=7023736
The following security bugs were fixed:
- CVE-2019-9213: The expand_downwards function in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bnc#1128166).
- CVE-2013-0216: The Xen netback functionality allowed guest OS users to cause a denial of service (loop) by triggering ring pointer corruption (bnc#800280).
- CVE-2013-0231: The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen allowed guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. (bnc#801178).
- CVE-2012-3430: The rds_recvmsg function in net/rds/recv.c did not initialize a certain structure member, which allowed local users to obtain potentially sensitive information from kernel stack memory via a recvfrom or recvmsg system call on an RDS socket (bnc#773383).
- CVE-2012-3412: The sfc (aka Solarflare Solarstorm) driver allowed remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value (bnc#774523).
- CVE-2013-0160: The kernel allowed local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device (bnc#797175).
- CVE-2013-1979: The scm_set_cred function in include/net/scm.h uses incorrect uid and gid values during credentials passing, which allowed local users to gain privileges via a crafted application (bnc#816708).
The following non-security bugs were fixed:
- Add opcodes from net: filter: BPF 'JIT' compiler for PPC64 (bsc#1131107).
- EHCI: improved logic for isochronous scheduling (bsc#1117515).
- KVM: x86: Use jmp to invoke kvm_spurious_fault() from .fixup (bsc#1129439).
- USB: Add new USB LPM helpers (bsc#1129770).
- USB: Consolidate LPM checks to avoid enabling LPM twice (bsc#1129770).
- USB: EHCI: add new root-hub state: STOPPING (bsc#1117515).
- USB: EHCI: add pointer to end of async-unlink list (bsc#1117515).
- USB: EHCI: add symbolic constants for QHs (bsc#1117515).
- USB: EHCI: always scan each interrupt QH (bsc#1117515).
- USB: EHCI: do not lose events during a scan (bsc#1117515).
- USB: EHCI: do not refcount QHs (bsc#1117515).
- USB: EHCI: do not refcount iso_stream structures (bsc#1117515).
- USB: EHCI: fix initialization bug in iso_stream_schedule() (bsc#1117515).
- USB: EHCI: fix up locking (bsc#1117515).
- USB: EHCI: initialize data before resetting hardware (bsc#1117515).
- USB: EHCI: introduce high-res timer (bsc#1117515).
- USB: EHCI: remove PS3 status polling (bsc#1117515).
- USB: EHCI: remove unneeded suspend/resume code (bsc#1117515).
- USB: EHCI: rename 'reclaim' (bsc#1117515).
- USB: EHCI: resolve some unlikely races (bsc#1117515).
- USB: EHCI: return void instead of 0 (bsc#1117515).
- USB: EHCI: simplify isochronous scanning (bsc#1117515).
- USB: EHCI: unlink multiple async QHs together (bsc#1117515).
- USB: EHCI: use hrtimer for (s)iTD deallocation (bsc#1117515).
- USB: EHCI: use hrtimer for async schedule (bsc#1117515).
- USB: EHCI: use hrtimer for controller death (bsc#1117515).
- USB: EHCI: use hrtimer for interrupt QH unlink (bsc#1117515).
- USB: EHCI: use hrtimer for the I/O watchdog (bsc#1117515).
- USB: EHCI: use hrtimer for the IAA watchdog (bsc#1117515).
- USB: EHCI: use hrtimer for the periodic schedule (bsc#1117515).
- USB: EHCI: use hrtimer for unlinking empty async QHs (bsc#1117515).
- copy_mount_string: Limit string length to PATH_MAX (bsc#1082943).
- cpu/speculation: Add 'mitigations=' cmdline option (bsc#1112178).
- drm: Fix error handling in drm_legacy_addctx (bsc#1106886)
- ext3: Set bitmap tails when growing filesystem (bsc#1128383).
- fbdev: chipsfb: remove set but not used variable 'size' (bsc#1106886)
- iommu/vt-d: Check capability before disabling protected memory (bsc#1130353).
- iommu/vt-d: Check identity map for hot-added devices (bsc#1129248).
- kernel/watchdog.c: control hard lockup detection default (bsc#1110436).
- kvm: ensure hard lockup detection is disabled by default (bsc#1110436).
- kvm: vmx: Set IA32_TSC_AUX for legacy mode guests (bsc#1129437).
- kvm: x86: Add AMD's EX_CFG to the list of ignored MSRs (bsc#1127082).
- mm, oom: fix use-after-free in oom_kill_process (git fixes (mm/mmap)).
- mpt2sas: Fix IO error occurs on pulling out a drive from RAID1 volume created on two SATA drive (bsc#1130384).
- nfsd: fix memory corruption caused by readdir (bsc#1127445).
- powerpc/64: Call setup_barrier_nospec() from setup_arch() (bsc#1131107).
- powerpc/64: Disable the speculation barrier from the command line (bsc#1131107).
- powerpc/64: Make stf barrier PPC_BOOK3S_64 specific (bsc#1131107).
- powerpc/64s: Add new security feature flags for count cache flush (bsc#1131107).
- powerpc/64s: Add support for software count cache flush (bsc#1131107).
- powerpc/asm: Add a patch_site macro & helpers for patching instructions (bsc#1131107).
- powerpc/fsl: Fix spectre_v2 mitigations reporting (bsc#1131107).
- powerpc/pseries/mce: Fix misleading print for TLB mutlihit (bsc#1094244, git-fixes).
- powerpc/pseries: Query hypervisor for count cache flush settings (bsc#1131107).
- powerpc/security: Fix spectre_v2 reporting (bsc#1131107).
- powerpc/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
- powerpc/vdso32: fix CLOCK_MONOTONIC on PPC64 (bsc#1131587).
- powerpc/vdso64: Fix CLOCK_MONOTONIC inconsistencies across Y2038 (bsc#1131587).
- s390/dasd: fix panic for failed online processing (bsc#1132589).
- s390/qeth: cancel close_dev work before removing a card (LTC#175048, bsc#1127376).
- s390/qeth: fix use-after-free in error path (LTC#175048, bsc#1127376, bsc#1127534).
- s390/qeth: handle failure on workqueue creation (LTC#175048, bsc#1127376).
- s390/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
- sched/core: Optimize SCHED_SMT (bsc#1111331).
- sched/smt: Expose sched_smt_present static key (bsc#1111331).
- sched/smt: Make sched_smt_present track topology (bsc#1111331).
- sched/smt: Update sched_smt_present at runtime (bsc#1111331).
- scsi: ibmvscsi: Fix empty event pool access during host removal (bsc#1119019).
- scsi: qla2xxx: do not disable a not previously enabled PCI device (bsc#1127738).
- x86/cpu: Sanitize FAM6_ATOM naming (bsc#1111331).
- x86/kvm/vmx: Add MDS protection when L1D Flush is not active (bsc#1111331).
- x86/speculation/mds: Add 'mitigations=' support for MDS (bsc#1111331).
- x86/speculation/mds: Add BUG_MSBDS_ONLY (bsc#1111331).
- x86/speculation/mds: Add SMT warning message (bsc#1111331).
- x86/speculation/mds: Add basic bug infrastructure for MDS (bsc#1111331).
- x86/speculation/mds: Add mds=full,nosmt cmdline option (bsc#1111331).
- x86/speculation/mds: Add mds_clear_cpu_buffers() (bsc#1111331).
- x86/speculation/mds: Add mitigation control for MDS (bsc#1111331).
- x86/speculation/mds: Add mitigation mode VMWERV (bsc#1111331).
- x86/speculation/mds: Add sysfs reporting for MDS (bsc#1111331).
- x86/speculation/mds: Clear CPU buffers on exit to user (bsc#1111331).
- x86/speculation/mds: Conditionally clear CPU buffers on idle entry (bsc#1111331).
- x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (bsc#1111331).
- x86/speculation: Consolidate CPU whitelists (bsc#1111331).
- x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1111331).
- x86/speculation: Move arch_smt_update() call to after mitigation decisions (bsc#1111331).
- x86/speculation: Rework SMT state change (bsc#1111331).
- x86/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
ImportantSUSE bug 1082943SUSE bug 1094244SUSE bug 1103186SUSE bug 1106886SUSE bug 1110436SUSE bug 1111331SUSE bug 1112178SUSE bug 1117515SUSE bug 1119019SUSE bug 1127082SUSE bug 1127376SUSE bug 1127445SUSE bug 1127534SUSE bug 1127738SUSE bug 1128166SUSE bug 1128383SUSE bug 1129248SUSE bug 1129437SUSE bug 1129439SUSE bug 1129770SUSE bug 1130353SUSE bug 1130384SUSE bug 1131107SUSE bug 1131587SUSE bug 1132589SUSE bug 773383SUSE bug 774523SUSE bug 797175SUSE bug 800280SUSE bug 801178SUSE bug 816708CVE-2012-3412 at SUSECVE-2012-3412 at NVDCVE-2012-3430 at SUSECVE-2012-3430 at NVDCVE-2013-0160 at SUSECVE-2013-0160 at NVDCVE-2013-0216 at SUSECVE-2013-0216 at NVDCVE-2013-0231 at SUSECVE-2013-0231 at NVDCVE-2013-1979 at SUSECVE-2013-1979 at NVDCVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDCVE-2019-9213 at SUSECVE-2019-9213 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for kernel-firmware (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for kernel-firmware fixes the following issues:
- CVE-2015-1142857: Add 7.13.1.0 bnx2x firmware files for ethernet flow control vulnerability in SRIOV devices (bsc#1077355)
ModerateSUSE bug 1077355CVE-2015-1142857 at SUSECVE-2015-1142857 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
Following security bugs were fixed:
- CVE-2015-7509: Mounting ext4 filesystems in no-journal mode could hav lead to a system crash (bsc#956709).
- CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel did not ensure that certain slot numbers are valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936).
- CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c (bnc#954404).
- CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c (bnc#953527).
- CVE-2015-7990: RDS: There was no verification that an underlying transport exists when creating a connection, causing usage of a NULL pointer (bsc#952384).
- CVE-2015-5157: arch/x86/entry/entry_64.S in the Linux kernel on the x86_64 platform mishandled IRET faults in processing NMIs that occurred during userspace execution, which might have allowed local users to gain privileges by triggering an NMI (bnc#938706).
- CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (OOPS) via crafted keyctl commands (bnc#951440).
- CVE-2015-0272: Missing checks allowed remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215 (bnc#944296).
- CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (bnc#945825).
The following non-security bugs were fixed:
- ALSA: hda - Disable 64bit address for Creative HDA controllers (bnc#814440).
- Driver: Vmxnet3: Fix ethtool -S to return correct rx queue stats (bsc#950750).
- Drivers: hv: do not do hypercalls when hypercall_page is NULL.
- Drivers: hv: kvp: move poll_channel() to hyperv_vmbus.h.
- Drivers: hv: util: move kvp/vss function declarations to hyperv_vmbus.h.
- Drivers: hv: vmbus: Get rid of some unused definitions.
- Drivers: hv: vmbus: Implement the protocol for tearing down vmbus state.
- Drivers: hv: vmbus: add special crash handler (bnc#930770).
- Drivers: hv: vmbus: add special kexec handler.
- Drivers: hv: vmbus: kill tasklets on module unload.
- Drivers: hv: vmbus: prefer '^A' notification chain to 'panic'.
- Drivers: hv: vmbus: remove hv_synic_free_cpu() call from hv_synic_cleanup().
- Drivers: hv: vmbus: unregister panic notifier on module unload.
- IB/srp: Avoid skipping srp_reset_host() after a transport error (bsc#904965).
- IB/srp: Fix a sporadic crash triggered by cable pulling (bsc#904965).
- KEYS: Fix race between key destruction and finding a keyring by name (bsc#951440).
- Make sure XPRT_CONNECTING gets cleared when needed (bsc#946309).
- NFSv4: Fix two infinite loops in the mount code (bsc#954628).
- PCI: Add VPD function 0 quirk for Intel Ethernet devices (bnc#943786).
- PCI: Add dev_flags bit to access VPD through function 0 (bnc#943786).
- PCI: Clear NumVFs when disabling SR-IOV in sriov_init() (bnc#952084).
- PCI: Refresh First VF Offset and VF Stride when updating NumVFs (bnc#952084).
- PCI: Update NumVFs register when disabling SR-IOV (bnc#952084).
- PCI: delay configuration of SRIOV capability (bnc#952084).
- PCI: set pci sriov page size before reading SRIOV BAR (bnc#952084).
- SCSI: hosts: update to use ida_simple for host_no (bsc#939926)
- SUNRPC refactor rpcauth_checkverf error returns (bsc#955673).
- af_iucv: avoid path quiesce of severed path in shutdown() (bnc#946214).
- ahci: Add Device ID for Intel Sunrise Point PCH (bsc#953799).
- blktap: also call blkif_disconnect() when frontend switched to closed (bsc#952976).
- blktap: refine mm tracking (bsc#952976).
- cachefiles: Avoid deadlocks with fs freezing (bsc#935123).
- dm sysfs: introduce ability to add writable attributes (bsc#904348).
- dm-snap: avoid deadock on s->lock when a read is split (bsc#939826).
- dm: do not start current request if it would've merged with the previous (bsc#904348).
- dm: impose configurable deadline for dm_request_fn's merge heuristic (bsc#904348).
- drm/i915: Avoid race of intel_crt_detect_hotplug() with HPD interrupt, v2 (bsc#942938).
- drm/i915: Fix DDC probe for passive adapters (bsc#900610, fdo#85924).
- drm/i915: add hotplug activation period to hotplug update mask (bsc#953980).
- fix lpfc_send_rscn_event allocation size claims bnc#935757
- fs: Avoid deadlocks of fsync_bdev() and fs freezing (bsc#935123).
- fs: Fix deadlocks between sync and fs freezing (bsc#935123).
- hugetlb: simplify migrate_huge_page() (bnc#947957).
- hwpoison, hugetlb: lock_page/unlock_page does not match for handling a free hugepage (bnc#947957,).
- ipr: Fix incorrect trace indexing (bsc#940913).
- ipr: Fix invalid array indexing for HRRQ (bsc#940913).
- ipv6: fix tunnel error handling (bsc#952579).
- ipvs: Fix reuse connection if real server is dead (bnc#945827).
- ipvs: drop first packet to dead server (bsc#946078).
- kernel: correct uc_sigmask of the compat signal frame (bnc#946214).
- kernel: fix incorrect use of DIAG44 in continue_trylock_relax() (bnc#946214).
- kexec: Fix race between panic() and crash_kexec() called directly (bnc#937444).
- ktime: add ktime_after and ktime_before helpe (bsc#904348).
- lib/string.c: introduce memchr_inv() (bnc#930788).
- lpfc: Fix cq_id masking problem (bsc#944677).
- macvlan: Support bonding events bsc#948521
- memory-failure: do code refactor of soft_offline_page() (bnc#947957).
- memory-failure: fix an error of mce_bad_pages statistics (bnc#947957).
- memory-failure: use num_poisoned_pages instead of mce_bad_pages (bnc#947957).
- memory-hotplug: update mce_bad_pages when removing the memory (bnc#947957).
- mm/memory-failure.c: fix wrong num_poisoned_pages in handling memory error on thp (bnc#947957).
- mm/memory-failure.c: recheck PageHuge() after hugetlb page migrate successfully (bnc#947957).
- mm/migrate.c: pair unlock_page() and lock_page() when migrating huge pages (bnc#947957).
- mm: exclude reserved pages from dirtyable memory 32b fix (bnc#940017, bnc#949298).
- mm: fix GFP_THISNODE callers and clarify (bsc#954950).
- mm: remove GFP_THISNODE (bsc#954950).
- mm: sl[au]b: add knowledge of PFMEMALLOC reserve pages (Swap over NFS).
- net/core: Add VF link state control policy (bsc#950298).
- netfilter: xt_recent: fix namespace destroy path (bsc#879378).
- panic/x86: Allow cpus to save registers even if they (bnc#940946).
- panic/x86: Fix re-entrance problem due to panic on (bnc#937444).
- pktgen: clean up ktime_t helpers (bsc#904348).
- qla2xxx: Do not reset adapter if SRB handle is in range (bsc#944993).
- qla2xxx: Remove decrement of sp reference count in abort handler (bsc#944993).
- qla2xxx: Remove unavailable firmware files (bsc#921081).
- qla2xxx: do not clear slot in outstanding cmd array (bsc#944993).
- qlge: Fix qlge_update_hw_vlan_features to handle if interface is down (bsc#930835).
- quota: Fix deadlock with suspend and quotas (bsc#935123).
- rcu: Eliminate deadlock between CPU hotplug and expedited grace periods (bsc#949706).
- rtc: cmos: Cancel alarm timer if alarm time is equal to now+1 seconds (bsc#930145).
- rtnetlink: Fix VF IFLA policy (bsc#950298).
- rtnetlink: fix VF info size (bsc#950298).
- s390/dasd: fix disconnected device with valid path mask (bnc#946214).
- s390/dasd: fix invalid PAV assignment after suspend/resume (bnc#946214).
- s390/dasd: fix list_del corruption after lcu changes (bnc#954984).
- s390/pci: handle events for unused functions (bnc#946214).
- s390/pci: improve handling of hotplug event 0x301 (bnc#946214).
- s390/pci: improve state check when processing hotplug events (bnc#946214).
- sched/core: Fix task and run queue sched_info::run_delay inconsistencies (bnc#949100).
- sg: fix read() error reporting (bsc#926774).
- usb: xhci: apply XHCI_AVOID_BEI quirk to all Intel xHCI controllers (bnc#944989).
- usbback: correct copy length for partial transfers (bsc#941202).
- usbvision fix overflow of interfaces array (bnc#950998).
- veth: extend device features (bsc#879381).
- vfs: Provide function to get superblock and wait for it to thaw (bsc#935123).
- vmxnet3: adjust ring sizes when interface is down (bsc#950750).
- vmxnet3: fix ethtool ring buffer size setting (bsc#950750).
- writeback: Skip writeback for frozen filesystem (bsc#935123).
- x86, pageattr: Prevent overflow in slow_virt_to_phys() for X86_PAE (bnc#937256).
- x86/evtchn: make use of PHYSDEVOP_map_pirq.
- x86: mm: drop TLB flush from ptep_set_access_flags (bsc#948330).
- x86: mm: only do a local tlb flush in ptep_set_access_flags() (bsc#948330).
- xen: x86, pageattr: Prevent overflow in slow_virt_to_phys() for X86_PAE (bnc#937256).
- xfs: Fix lost direct IO write in the last block (bsc#949744).
- xfs: Fix softlockup in xfs_inode_ag_walk() (bsc#948347).
- xfs: add EOFBLOCKS inode tagging/untagging (bnc#930788).
- xfs: add XFS_IOC_FREE_EOFBLOCKS ioctl (bnc#930788).
- xfs: add background scanning to clear eofblocks inodes (bnc#930788).
- xfs: add inode id filtering to eofblocks scan (bnc#930788).
- xfs: add minimum file size filtering to eofblocks scan (bnc#930788).
- xfs: create function to scan and clear EOFBLOCKS inodes (bnc#930788).
- xfs: create helper to check whether to free eofblocks on inode (bnc#930788).
- xfs: introduce a common helper xfs_icluster_size_fsb (bsc#932805).
- xfs: make xfs_free_eofblocks() non-static, return EAGAIN on trylock failure (bnc#930788).
- xfs: support a tag-based inode_ag_iterator (bnc#930788).
- xfs: support multiple inode id filtering in eofblocks scan (bnc#930788).
- xfs: use xfs_icluster_size_fsb in xfs_bulkstat (bsc#932805).
- xfs: use xfs_icluster_size_fsb in xfs_ialloc_inode_init (bsc#932805).
- xfs: use xfs_icluster_size_fsb in xfs_ifree_cluster (bsc#932805).
- xfs: use xfs_icluster_size_fsb in xfs_imap (bsc#932805).
- xhci: Add spurious wakeup quirk for LynxPoint-LP controllers (bnc#949981).
- xhci: Calculate old endpoints correctly on device reset (bnc#944831).
- xhci: For streams the css flag most be read from the stream-ctx on ep stop (bnc#945691).
- xhci: change xhci 1.0 only restrictions to support xhci 1.1 (bnc#949502).
- xhci: fix isoc endpoint dequeue from advancing too far on transaction error (bnc#944837).
- xhci: silence TD warning (bnc#939955).
- xhci: use uninterruptible sleep for waiting for internal operations (bnc#939955).
ImportantSUSE bug 814440SUSE bug 879378SUSE bug 879381SUSE bug 900610SUSE bug 904348SUSE bug 904965SUSE bug 921081SUSE bug 926774SUSE bug 930145SUSE bug 930770SUSE bug 930788SUSE bug 930835SUSE bug 932805SUSE bug 935123SUSE bug 935757SUSE bug 937256SUSE bug 937444SUSE bug 938706SUSE bug 939826SUSE bug 939926SUSE bug 939955SUSE bug 940017SUSE bug 940913SUSE bug 940946SUSE bug 941202SUSE bug 942938SUSE bug 943786SUSE bug 944296SUSE bug 944677SUSE bug 944831SUSE bug 944837SUSE bug 944989SUSE bug 944993SUSE bug 945691SUSE bug 945825SUSE bug 945827SUSE bug 946078SUSE bug 946214SUSE bug 946309SUSE bug 947957SUSE bug 948330SUSE bug 948347SUSE bug 948521SUSE bug 949100SUSE bug 949298SUSE bug 949502SUSE bug 949706SUSE bug 949744SUSE bug 949936SUSE bug 949981SUSE bug 950298SUSE bug 950750SUSE bug 950998SUSE bug 951440SUSE bug 952084SUSE bug 952384SUSE bug 952579SUSE bug 952976SUSE bug 953527SUSE bug 953799SUSE bug 953980SUSE bug 954404SUSE bug 954628SUSE bug 954950SUSE bug 954984SUSE bug 955673SUSE bug 956709CVE-2015-0272 at SUSECVE-2015-0272 at NVDCVE-2015-5157 at SUSECVE-2015-5157 at NVDCVE-2015-5307 at SUSECVE-2015-5307 at NVDCVE-2015-6937 at SUSECVE-2015-6937 at NVDCVE-2015-7509 at SUSECVE-2015-7509 at NVDCVE-2015-7799 at SUSECVE-2015-7799 at NVDCVE-2015-7872 at SUSECVE-2015-7872 at NVDCVE-2015-7990 at SUSECVE-2015-7990 at NVDCVE-2015-8104 at SUSECVE-2015-8104 at NVDCVE-2015-8215 at SUSECVE-2015-8215 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
Notable changes in this kernel:
- It is now possible to mount a NFS export on the exporting host directly.
The following security bugs were fixed:
- CVE-2016-5244: A kernel information leak in rds_inc_info_copy was fixed that could leak kernel stack memory to userspace (bsc#983213).
- CVE-2016-1583: Prevent the usage of mmap when the lower file system does not allow it. This could have lead to local privilege escalation when ecryptfs-utils was installed and /sbin/mount.ecryptfs_private was setuid (bsc#983143).
- CVE-2016-4913: The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel mishandles NM (aka alternate name) entries containing \0 characters, which allowed local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem (bnc#980725).
- CVE-2016-4580: The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel did not properly initialize a certain data structure, which allowed attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request (bnc#981267).
- CVE-2016-4805: Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions (bnc#980371).
- CVE-2016-0758: Tags with indefinite length could have corrupted pointers in asn1_find_indefinite_length (bsc#979867).
- CVE-2016-2187: The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971944).
- CVE-2016-4482: The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call (bnc#978401).
- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bnc#963762).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bnc#979548).
- CVE-2016-4485: The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel did not initialize a certain data structure, which allowed attackers to obtain sensitive information from kernel stack memory by reading a message (bnc#978821).
- CVE-2016-4578: sound/core/timer.c in the Linux kernel did not initialize certain r1 data structures, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions (bnc#979879).
- CVE-2016-4569: The snd_timer_user_params function in sound/core/timer.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface (bnc#979213).
- CVE-2016-4486: The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#978822).
- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bnc#971126).
- CVE-2016-2847: fs/pipe.c in the Linux kernel did not limit the amount of unread data in pipes, which allowed local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes (bnc#970948).
- CVE-2016-2188: The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970956).
- CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor (bnc#970911).
- CVE-2016-3137: drivers/usb/serial/cypress_m8.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions (bnc#970970).
- CVE-2016-3140: The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970892).
- CVE-2016-2186: The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970958).
- CVE-2016-2185: The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971124).
- CVE-2016-3156: The IPv4 implementation in the Linux kernel mishandles destruction of device objects, which allowed guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses (bnc#971360).
- CVE-2016-2184: The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971125).
- CVE-2016-3139: The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970909).
- CVE-2016-2143: The fork implementation in the Linux kernel on s390 platforms mishandles the case of four page-table levels, which allowed local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h (bnc#970504).
- CVE-2016-2782: The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint (bnc#968670).
- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bnc#968010).
- CVE-2015-7566: The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacked a bulk-out endpoint (bnc#961512).
The following non-security bugs were fixed:
- acpi / PCI: Account for ARI in _PRT lookups (bsc#968566).
- af_unix: Guard against other == sk in unix_dgram_sendmsg (bsc#973570).
- alsa: hrtimer: Handle start/stop more properly (bsc#973378).
- alsa: oxygen: add Xonar DGX support (bsc#982691).
- alsa: pcm: Fix potential deadlock in OSS emulation (bsc#968018).
- alsa: rawmidi: Fix race at copying and updating the position (bsc#968018).
- alsa: rawmidi: Make snd_rawmidi_transmit() race-free (bsc#968018).
- alsa: seq: Fix double port list deletion (bsc#968018).
- alsa: seq: Fix incorrect sanity check at snd_seq_oss_synth_cleanup() (bsc#968018).
- alsa: seq: Fix leak of pool buffer at concurrent writes (bsc#968018).
- alsa: seq: Fix lockdep warnings due to double mutex locks (bsc#968018).
- alsa: seq: Fix race at closing in virmidi driver (bsc#968018).
- alsa: seq: Fix yet another races among ALSA timer accesses (bsc#968018).
- alsa: timer: Call notifier in the same spinlock (bsc#973378).
- alsa: timer: Code cleanup (bsc#968018).
- alsa: timer: Fix leftover link at closing (bsc#968018).
- alsa: timer: Fix link corruption due to double start or stop (bsc#968018).
- alsa: timer: Fix race between stop and interrupt (bsc#968018).
- alsa: timer: Fix wrong instance passed to slave callbacks (bsc#968018).
- alsa: timer: Protect the whole snd_timer_close() with open race (bsc#973378).
- alsa: timer: Sync timer deletion at closing the system timer (bsc#973378).
- alsa: timer: Use mod_timer() for rearming the system timer (bsc#973378).
- cgroups: do not attach task to subsystem if migration failed (bnc#979274).
- cgroups: more safe tasklist locking in cgroup_attach_proc (bnc#979274).
- cpuset: Fix potential deadlock w/ set_mems_allowed (bsc#960857, bsc#974646).
- dasd: fix hanging system after LCU changes (bnc#968500, LTC#136671).
- dcache: use IS_ROOT to decide where dentry is hashed (bsc#949752).
- Delete patches.drivers/nvme-0165-Split-header-file-into-user-visible-and-kernel-.patch. SLE11-SP4 does not have uapi headers so move everything back to the original header (bnc#981231)
- Driver: Vmxnet3: set CHECKSUM_UNNECESSARY for IPv6 packets (bsc#976739).
- enic: set netdev->vlan_features (bsc#966245).
- fcoe: fix reset of fip selection time (bsc#974787).
- Fix cifs_uniqueid_to_ino_t() function for s390x (bsc#944309)
- fs, seqfile: always allow oom killer (bnc#968687).
- fs/seq_file: fallback to vmalloc allocation (bnc#968687).
- fs, seq_file: fallback to vmalloc instead of oom kill processes (bnc#968687).
- hid-elo: kill not flush the work (bnc#982532).
- hpsa: fix issues with multilun devices (bsc#959381).
- hv: Assign correct ->can_queue value in hv_storvsc (bnc#969391)
- ibmvscsi: Remove unsupported host config MAD (bsc#973556).
- Import kabi files from kernel 3.0.101-71
- iommu/vt-d: Improve fault handler error messages (bsc#975772).
- iommu/vt-d: Ratelimit fault handler (bsc#975772).
- ipc,sem: fix use after free on IPC_RMID after a task using same semaphore set exits (bsc#967914).
- ipv4/fib: do not warn when primary address is missing if in_dev is dead (bsc#971360).
- ipv4: fix ineffective source address selection (bsc#980788).
- ipv6: make fib6 serial number per namespace (bsc#965319).
- ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs (bsc#956852).
- ipv6: per netns fib6 walkers (bsc#965319).
- ipv6: per netns FIB garbage collection (bsc#965319).
- ipv6: replace global gc_args with local variable (bsc#965319).
- ipvs: count pre-established TCP states as active (bsc#970114).
- isofs: Revert 'get_rock_ridge_filename(): handle malformed NM entries' This reverts commit cb6ce3ec7a964e56da9ba9cd3c9f0e708b5c3b2c. It should have never landed in the tree (we already have the patch via c63531c60ff that came through CVE branch), but I messed up the merge.
- kabi, fs/seq_file: fallback to vmalloc allocation (bnc#968687).
- kabi: protect struct netns_ipv6 after FIB6 GC series (bsc#965319).
- KVM: x86: fix maintenance of guest/host xcr0 state (bsc#961518).
- llist: Add llist_next().
- make vfree() safe to call from interrupt contexts .
- memcg: do not hang on OOM when killed by userspace OOM access to memory reserves (bnc#969571).
- mld, igmp: Fix reserved tailroom calculation (bsc#956852).
- mm/hugetlb.c: correct missing private flag clearing (VM Functionality, bnc#971446).
- mm/hugetlb: fix backport of upstream commit 07443a85ad (VM Functionality, bnc#971446).
- MM: increase safety margin provided by PF_LESS_THROTTLE (bsc#956491).
- mm/vmscan.c: avoid throttling reclaim for loop-back nfsd threads (bsc#956491).
- net/core: dev_mc_sync_multiple calls wrong helper (bsc#971433).
- net/core: __hw_addr_create_ex does not initialize sync_cnt (bsc#971433).
- net/core: __hw_addr_sync_one / _multiple broken (bsc#971433).
- net/core: __hw_addr_unsync_one 'from' address not marked synced (bsc#971433).
- NFS4: treat lock owners as opaque values (bnc#968141).
- NFS: avoid deadlocks with loop-back mounted NFS filesystems (bsc#956491).
- NFS: avoid waiting at all in nfs_release_page when congested (bsc#956491).
- NFSd4: return nfserr_symlink on v4 OPEN of non-regular file (bsc#973237).
- NFSd: do not fail unchecked creates of non-special files (bsc#973237).
- NFS: Do not attempt to decode missing directory entries (bsc#980931).
- nfs: fix memory corruption rooted in get_ih_name pointer math (bsc#984107).
- NFS: reduce access cache shrinker locking (bnc#866130).
- NFS: use smaller allocations for 'struct idmap' (bsc#965923).
- NFSv4: Ensure that we do not drop a state owner more than once (bsc#979595).
- nfsv4: OPEN must handle the NFS4ERR_IO return code correctly (bsc#979595).
- nvme: fix max_segments integer truncation (bsc#676471).
- NVMe: Unify controller probe and resume (bsc#979347).
- ocfs2: do not set fs read-only if rec[0] is empty while committing truncate (bnc#971947).
- ocfs2: extend enough credits for freeing one truncate record while replaying truncate records (bnc#971947).
- ocfs2: extend transaction for ocfs2_remove_rightmost_path() and ocfs2_update_edge_lengths() before to avoid inconsistency between inode and et (bnc#971947).
- pciback: check PF instead of VF for PCI_COMMAND_MEMORY (bsc#957990).
- pciback: Save the number of MSI-X entries to be copied later (bsc#957988).
- PCI: Move pci_ari_enabled() to global header (bsc#968566).
- RDMA/ucma: Fix AB-BA deadlock (bsc#963998).
- Restore kabi after lock-owner change (bnc#968141).
- rpm/modprobe-xen.conf: Revert comment change to allow parallel install (bsc#957986). This reverts commit 855c7ce885fd412ce2a25ccc12a46e565c83f235.
- s390/dasd: prevent incorrect length error under z/VM after PAV changes (bnc#968500, LTC#136670).
- s390/pageattr: Do a single TLB flush for change_page_attr (bsc#940413).
- s390/pci: add extra padding to function measurement block (bnc#968500, LTC#139445).
- s390/pci_dma: fix DMA table corruption with > 4 TB main memory (bnc#968500, LTC#139401).
- s390/pci_dma: handle dma table failures (bnc#968500, LTC#139442).
- s390/pci_dma: improve debugging of errors during dma map (bnc#968500, LTC#139442).
- s390/pci_dma: unify label of invalid translation table entries (bnc#968500, LTC#139442).
- s390/pci: enforce fmb page boundary rule (bnc#968500, LTC#139445).
- s390/pci: extract software counters from fmb (bnc#968500, LTC#139445).
- s390/pci: remove pdev pointer from arch data (bnc#968500, LTC#139444).
- s390/spinlock: avoid yield to non existent cpu (bnc#968500, LTC#141106).
- scsi_dh_alua: Do not block request queue if workqueue is active (bsc#960458).
- SCSI: Increase REPORT_LUNS timeout (bsc#971989).
- SCSI mpt2sas: Rearrange the the code so that the completion queues are initialized prior to sending the request to controller firmware (bsc#967863).
- skb: Add inline helper for getting the skb end offset from head (bsc#956852).
- tcp: avoid order-1 allocations on wifi and tx path (bsc#956852).
- tcp: fix skb_availroom() (bsc#956852).
- Tidy series.conf, p5 Only one last patch which can be moved easily. There are some more x86-related things left at the end but moving them won't be that trivial.
- Update patches.drivers/nvme-0265-fix-max_segments-integer-truncation.patch (bsc#979419). Fix reference.
- Update patches.fixes/bnx2x-Alloc-4k-fragment-for-each-rx-ring-buffer-elem.patch (bsc#953369 bsc#975358).
- Update PCI VPD size patch to upstream: - PCI: Determine actual VPD size on first access (bsc#971729). - PCI: Update VPD definitions (bsc#971729).
- USB: usbip: fix potential out-of-bounds write (bnc#975945).
- veth: do not modify ip_summed (bsc#969149).
- vgaarb: Add more context to error messages (bsc#976868).
- virtio_scsi: Implement eh_timed_out callback (bsc#936530).
- vmxnet3: set carrier state properly on probe (bsc#972363).
- vmxnet3: set netdev parant device before calling netdev_info (bsc#972363).
- x86, kvm: fix kvm's usage of kernel_fpu_begin/end() (bsc#961518).
- x86, kvm: use kernel_fpu_begin/end() in kvm_load/put_guest_fpu() (bsc#961518).
- xfrm: do not segment UFO packets (bsc#946122).
- xfs: fix sgid inheritance for subdirectories inheriting default acls [V3] (bsc#965860).
- xhci: Workaround to get Intel xHCI reset working more reliably (bnc#898592).
ImportantSUSE bug 676471SUSE bug 866130SUSE bug 898592SUSE bug 936530SUSE bug 940413SUSE bug 944309SUSE bug 946122SUSE bug 949752SUSE bug 953369SUSE bug 956491SUSE bug 956852SUSE bug 957986SUSE bug 957988SUSE bug 957990SUSE bug 959381SUSE bug 960458SUSE bug 960857SUSE bug 961512SUSE bug 961518SUSE bug 963762SUSE bug 963998SUSE bug 965319SUSE bug 965860SUSE bug 965923SUSE bug 966245SUSE bug 967863SUSE bug 967914SUSE bug 968010SUSE bug 968018SUSE bug 968141SUSE bug 968500SUSE bug 968566SUSE bug 968670SUSE bug 968687SUSE bug 969149SUSE bug 969391SUSE bug 969571SUSE bug 970114SUSE bug 970504SUSE bug 970892SUSE bug 970909SUSE bug 970911SUSE bug 970948SUSE bug 970956SUSE bug 970958SUSE bug 970970SUSE bug 971124SUSE bug 971125SUSE bug 971126SUSE bug 971360SUSE bug 971433SUSE bug 971446SUSE bug 971729SUSE bug 971944SUSE bug 971947SUSE bug 971989SUSE bug 972363SUSE bug 973237SUSE bug 973378SUSE bug 973556SUSE bug 973570SUSE bug 974646SUSE bug 974787SUSE bug 975358SUSE bug 975772SUSE bug 975945SUSE bug 976739SUSE bug 976868SUSE bug 978401SUSE bug 978821SUSE bug 978822SUSE bug 979213SUSE bug 979274SUSE bug 979347SUSE bug 979419SUSE bug 979548SUSE bug 979595SUSE bug 979867SUSE bug 979879SUSE bug 980371SUSE bug 980725SUSE bug 980788SUSE bug 980931SUSE bug 981231SUSE bug 981267SUSE bug 982532SUSE bug 982691SUSE bug 983143SUSE bug 983213SUSE bug 984107CVE-2015-7566 at SUSECVE-2015-7566 at NVDCVE-2015-8816 at SUSECVE-2015-8816 at NVDCVE-2016-0758 at SUSECVE-2016-0758 at NVDCVE-2016-1583 at SUSECVE-2016-1583 at NVDCVE-2016-2053 at SUSECVE-2016-2053 at NVDCVE-2016-2143 at SUSECVE-2016-2143 at NVDCVE-2016-2184 at SUSECVE-2016-2184 at NVDCVE-2016-2185 at SUSECVE-2016-2185 at NVDCVE-2016-2186 at SUSECVE-2016-2186 at NVDCVE-2016-2187 at SUSECVE-2016-2187 at NVDCVE-2016-2188 at SUSECVE-2016-2188 at NVDCVE-2016-2782 at SUSECVE-2016-2782 at NVDCVE-2016-2847 at SUSECVE-2016-2847 at NVDCVE-2016-3134 at SUSECVE-2016-3134 at NVDCVE-2016-3137 at SUSECVE-2016-3137 at NVDCVE-2016-3138 at SUSECVE-2016-3138 at NVDCVE-2016-3139 at SUSECVE-2016-3139 at NVDCVE-2016-3140 at SUSECVE-2016-3140 at NVDCVE-2016-3156 at SUSECVE-2016-3156 at NVDCVE-2016-4482 at SUSECVE-2016-4482 at NVDCVE-2016-4485 at SUSECVE-2016-4485 at NVDCVE-2016-4486 at SUSECVE-2016-4486 at NVDCVE-2016-4565 at SUSECVE-2016-4565 at NVDCVE-2016-4569 at SUSECVE-2016-4569 at NVDCVE-2016-4578 at SUSECVE-2016-4578 at NVDCVE-2016-4580 at SUSECVE-2016-4580 at NVDCVE-2016-4805 at SUSECVE-2016-4805 at NVDCVE-2016-4913 at SUSECVE-2016-4913 at NVDCVE-2016-5244 at SUSECVE-2016-5244 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to fix one security issue.
This security bug was fixed:
- CVE-2016-5195: Local privilege escalation using MAP_PRIVATE. It is reportedly exploited in the wild (bsc#1004418).
ImportantSUSE bug 1004418CVE-2016-5195 at SUSECVE-2016-5195 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for kernel-source (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This Linux kernel update for SUSE Linux Enterprise 11 SP4 fixes the following issues:
- A previous security update to address CVE-2017-1000364 caused unintended
side-effects in several other tools, most notably Java. These issues have
been remedied. [bsc#1045340, bsc#1045406]
ImportantSUSE bug 1045340SUSE bug 1045406CVE-2017-1000364 at SUSECVE-2017-1000364 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive the following security fixes:
- CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel was
vulnerable to a stack overflow while processing L2CAP configuration
responses, resulting in a potential remote code execution vulnerability.
[bnc#1057389]
ImportantSUSE bug 1057389CVE-2017-1000251 at SUSECVE-2017-1000251 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
This new feature was added:
- Btrfs: Remove empty block groups in the background
The following security bugs were fixed:
- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX
registers) between processes. These registers might contain encryption keys
when doing SSE accelerated AES enc/decryption (bsc#1087086)
The following non-security bugs were fixed:
- ALSA: timer: Fix pause event notification (bsc#973378).
- Btrfs: Avoid trucating page or punching hole in a already existed hole (bsc#1088998).
- Btrfs: Avoid truncate tailing page if fallocate range does not exceed inode size (bsc#1094424).
- Btrfs: Fix lost-data-profile caused by auto removing bg.
- Btrfs: Fix misuse of chunk mutex
- Btrfs: Fix out-of-space bug (bsc#1089231).
- Btrfs: Set relative data on clear btrfs_block_group_cache->pinned.
- Btrfs: Use ref_cnt for set_block_group_ro() (bsc#1089239).
- Btrfs: add alloc_fs_devices and switch to it (bsc#1089205).
- Btrfs: add btrfs_alloc_device and switch to it (bsc#1089204).
- Btrfs: add missing discards when unpinning extents with -o discard.
- Btrfs: add missing inode update when punching hole (bsc#1089006).
- Btrfs: add support for asserts (bsc#1089207).
- Btrfs: avoid syncing log in the fast fsync path when not necessary (bsc#1089010).
- Btrfs: btrfs_issue_discard ensure offset/length are aligned to sector boundaries.
- Btrfs: check pending chunks when shrinking fs to avoid corruption (bsc#1089235).
- Btrfs: cleanup backref search commit root flag stuff (bsc#1089200).
- Btrfs: delete chunk allocation attemp when setting block group ro.
- Btrfs: do not leak transaction in btrfs_sync_file() (bsc#1089210).
- Btrfs: do not mix the ordered extents of all files together during logging the inodes (bsc#1089214).
- Btrfs: do not remove extents and xattrs when logging new names (bsc#1089005).
- Btrfs: eliminate races in worker stopping code (bsc#1089211).
- Btrfs: ensure deletion from pinned_chunks list is protected.
- Btrfs: explictly delete unused block groups in close_ctree and ro-remount.
- Btrfs: fix -ENOSPC on block group removal.
- Btrfs: fix -ENOSPC when finishing block group creation.
- Btrfs: fix BUG_ON in btrfs_orphan_add() when delete unused block group.
- Btrfs: fix NULL pointer crash when running balance and scrub concurrently (bsc#1089220).
- Btrfs: fix chunk allocation regression leading to transaction abort (bsc#1089236).
- Btrfs: fix crash caused by block group removal.
- Btrfs: fix data loss in the fast fsync path (bsc#1089007).
- Btrfs: fix deadlock caused by fsync when logging directory entries (bsc#1093194).
- Btrfs: fix directory inconsistency after fsync log replay (bsc#1089001).
- Btrfs: fix directory recovery from fsync log (bsc#1088999).
- Btrfs: fix empty symlink after creating symlink and fsync parent dir (bsc#1093195).
- Btrfs: fix file loss on log replay after renaming a file and fsync (bsc#1093196).
- Btrfs: fix file/data loss caused by fsync after rename and new inode (bsc#1089241).
- Btrfs: fix find_free_dev_extent() malfunction in case device tree has hole (bsc#1089232).
- Btrfs: fix fitrim discarding device area reserved for boot loader's use.
- Btrfs: fix freeing used extent after removing empty block group.
- Btrfs: fix freeing used extents after removing empty block group.
- Btrfs: fix fs mapping extent map leak (bsc#1089229).
- Btrfs: fix fsync data loss after a ranged fsync (bsc#1089221).
- Btrfs: fix fsync data loss after adding hard link to inode (bsc#1089004).
- Btrfs: fix fsync data loss after append write (bsc#1089238).
- Btrfs: fix fsync log replay for inodes with a mix of regular refs and extrefs (bsc#1089003).
- Btrfs: fix fsync race leading to invalid data after log replay (bsc#1089000).
- Btrfs: fix fsync when extend references are added to an inode (bsc#1089002).
- Btrfs: fix fsync xattr loss in the fast fsync path (bsc#1094423).
- Btrfs: fix invalid extent maps due to hole punching (bsc#1094425).
- Btrfs: fix kernel oops while reading compressed data (bsc#1089192).
- Btrfs: fix log replay failure after linking special file and fsync (bsc#1089016).
- Btrfs: fix memory leak after block remove + trimming.
- Btrfs: fix metadata inconsistencies after directory fsync (bsc#1093197).
- Btrfs: fix race between balance and unused block group deletion (bsc#1089237).
- Btrfs: fix race between fs trimming and block group remove/allocation.
- Btrfs: fix race between scrub and block group deletion.
- Btrfs: fix race between transaction commit and empty block group removal.
- Btrfs: fix race conditions in BTRFS_IOC_FS_INFO ioctl (bsc#1089206).
- Btrfs: fix racy system chunk allocation when setting block group ro (bsc#1089233).
- Btrfs: fix regression in raid level conversion (bsc#1089234).
- Btrfs: fix skipped error handle when log sync failed (bsc#1089217).
- Btrfs: fix stale dir entries after removing a link and fsync (bsc#1089011).
- Btrfs: fix the number of transaction units needed to remove a block group.
- Btrfs: fix the skipped transaction commit during the file sync (bsc#1089216).
- Btrfs: fix unprotected alloc list insertion during the finishing procedure of replace (bsc#1089215).
- Btrfs: fix unprotected assignment of the target device (bsc#1089222).
- Btrfs: fix unprotected deletion from pending_chunks list.
- Btrfs: fix unprotected device list access when getting the fs information (bsc#1089228).
- Btrfs: fix unprotected device's variants on 32bits machine (bsc#1089227).
- Btrfs: fix unprotected device->bytes_used update (bsc#1089225).
- Btrfs: fix unreplayable log after snapshot delete + parent dir fsync (bsc#1089240).
- Btrfs: fix up read_tree_block to return proper error (bsc#1080837).
- Btrfs: fix wrong device bytes_used in the super block (bsc#1089224).
- Btrfs: fix wrong disk size when writing super blocks (bsc#1089223).
- Btrfs: fix xattr loss after power failure (bsc#1094436).
- Btrfs: handle non-fatal errors in btrfs_qgroup_inherit() (bsc#1089013).
- Btrfs: initialize the seq counter in struct btrfs_device (bsc#1094437).
- Btrfs: iterate over unused chunk space in FITRIM.
- Btrfs: make btrfs_issue_discard return bytes discarded.
- Btrfs: make btrfs_search_forward return with nodes unlocked (bsc#1094422).
- Btrfs: make sure to copy everything if we rename (bsc#1088997).
- Btrfs: make the chunk allocator completely tree lockless (bsc#1089202).
- Btrfs: move btrfs_truncate_page to btrfs_cont_expand instead of btrfs_truncate (bsc#1089201).
- Btrfs: nuke write_super from comments (bsc#1089199).
- Btrfs: only drop modified extents if we logged the whole inode (bsc#1089213).
- Btrfs: only update disk_i_size as we remove extents (bsc#1089209).
- Btrfs: qgroup: return EINVAL if level of parent is not higher than child's (bsc#1089012).
- Btrfs: remove deleted xattrs on fsync log replay (bsc#1089008).
- Btrfs: remove empty block groups automatically.
- Btrfs: remove non-sense btrfs_error_discard_extent() function (bsc#1089230).
- Btrfs: remove parameter blocksize from read_tree_block (bsc#1080837).
- Btrfs: remove transaction from send (bsc#1089218).
- Btrfs: remove unnecessary locking of cleaner_mutex to avoid deadlock.
- Btrfs: remove unused max_key arg from btrfs_search_forward (bsc#1094421).
- Btrfs: return an error from btrfs_wait_ordered_range (bsc#1089212).
- Btrfs: set inode's logged_trans/last_log_commit after ranged fsync (bsc#1093198).
- Btrfs: skip superblocks during discard.
- Btrfs: stop refusing the relocation of chunk 0 (bsc#1089208).
- Btrfs: update free_chunk_space during allocting a new chunk (bsc#1089226).
- Btrfs: use global reserve when deleting unused block group after ENOSPC.
- Btrfs: use nodesize everywhere, kill leafsize (bsc#1080837).
- Btrfs: wait ordered range before doing direct io (bsc#1089203).
- KVM: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure (bsc#1096242, bsc#1096281).
- Xen counterparts of eager FPU implementation.
- balloon: do not BUG() when balloon is empty (bsc#1083347).
- fs: btrfs: volumes.c: Fix for possible null pointer dereference (bsc#1089219).
- kernel: Fix memory leak on EP11 target list processing (bnc#1096746).
- kvm/powerpc: Add new ioctl to retreive server MMU infos (bsc#1094244).
- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset (bsc#1079152, VM Functionality).
- module: Fix locking in symbol_put_addr() (bsc#1097445).
- netfront: make req_prod check properly deal with index wraps (bsc#1046610).
- powerpc/64s: Fix compiler store ordering to SLB shadow area (bsc#1094244).
- powerpc/mm/hash: Add missing isync prior to kernel stack SLB switch (bsc#1094244).
- powerpc/pseries: Define MCE error event section (bsc#1094244).
- powerpc/pseries: Display machine check error details (bsc#1094244).
- powerpc/pseries: Dump and flush SLB contents on SLB MCE errors (bsc#1094244).
- powerpc/pseries: convert rtas_log_buf to linear allocation (bsc#1094244).
- qla2xxx: Mask off Scope bits in retry delay (bsc#1068054).
- s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero (bnc#1096746).
- s390/dasd: fix failing path verification (bnc#1096746).
- trace: module: Maintain a valid user count (bsc#1097443).
- x86/boot: Fix early command-line parsing when partial word matches (bsc#1096140).
- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being disabled (bsc#1096140).
- x86: Fix /proc/mtrr with base/size more than 44bits (bsc#1052351).
- xen/x86/entry/64: Do not use IST entry for #BP stack (bsc#1087088).
- xfs: avoid xfs_buf hang in lookup node directory corruption (bsc#989401).
- xfs: only update the last_sync_lsn when a transaction completes (bsc#989401).
ImportantSUSE bug 1046610SUSE bug 1052351SUSE bug 1068054SUSE bug 1079152SUSE bug 1080837SUSE bug 1083347SUSE bug 1087086SUSE bug 1087088SUSE bug 1088997SUSE bug 1088998SUSE bug 1088999SUSE bug 1089000SUSE bug 1089001SUSE bug 1089002SUSE bug 1089003SUSE bug 1089004SUSE bug 1089005SUSE bug 1089006SUSE bug 1089007SUSE bug 1089008SUSE bug 1089010SUSE bug 1089011SUSE bug 1089012SUSE bug 1089013SUSE bug 1089016SUSE bug 1089192SUSE bug 1089199SUSE bug 1089200SUSE bug 1089201SUSE bug 1089202SUSE bug 1089203SUSE bug 1089204SUSE bug 1089205SUSE bug 1089206SUSE bug 1089207SUSE bug 1089208SUSE bug 1089209SUSE bug 1089210SUSE bug 1089211SUSE bug 1089212SUSE bug 1089213SUSE bug 1089214SUSE bug 1089215SUSE bug 1089216SUSE bug 1089217SUSE bug 1089218SUSE bug 1089219SUSE bug 1089220SUSE bug 1089221SUSE bug 1089222SUSE bug 1089223SUSE bug 1089224SUSE bug 1089225SUSE bug 1089226SUSE bug 1089227SUSE bug 1089228SUSE bug 1089229SUSE bug 1089230SUSE bug 1089231SUSE bug 1089232SUSE bug 1089233SUSE bug 1089234SUSE bug 1089235SUSE bug 1089236SUSE bug 1089237SUSE bug 1089238SUSE bug 1089239SUSE bug 1089240SUSE bug 1089241SUSE bug 1093194SUSE bug 1093195SUSE bug 1093196SUSE bug 1093197SUSE bug 1093198SUSE bug 1094244SUSE bug 1094421SUSE bug 1094422SUSE bug 1094423SUSE bug 1094424SUSE bug 1094425SUSE bug 1094436SUSE bug 1094437SUSE bug 1095241SUSE bug 1096140SUSE bug 1096242SUSE bug 1096281SUSE bug 1096746SUSE bug 1097443SUSE bug 1097445SUSE bug 1097948SUSE bug 973378SUSE bug 989401CVE-2018-3665 at SUSECVE-2018-3665 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2014-3688: The SCTP implementation allowed remote attackers to cause a
denial of service (memory consumption) by triggering a large number of chunks
in an association's output queue (bsc#902351).
The following non-security bugs were fixed:
- ALSA: hda/ca0132: fix build failure when a local macro is defined (bsc#1045538).
- ALSA: seq: Do not allow resizing pool in use (bsc#1045538).
- Delete patches.fixes/0001-ipc-shm-Fix-shmat-mmap-nil-page-protection.patch (bsc# 1090078)
- IB/mlx4: fix sprintf format warning (bnc#786036).
- RDMA/mlx4: Discard unknown SQP work requests (bnc#786036).
- USB: uss720: fix NULL-deref at probe (bnc#1047487).
- bna: integer overflow bug in debugfs (bnc#780242).
- e1000e: Ignore TSYNCRXCTL when getting I219 clock attributes (bug#923242).
- e1000e: Undo e1000e_pm_freeze if __e1000_shutdown fails (bug#909495).
- fix a leak in /proc/schedstats (bsc#1094876).
- ixgbe: Initialize 64-bit stats seqcounts (bnc#795301).
- mm: fix the NULL mapping case in __isolate_lru_page() (git-fixes).
- module/retpoline: Warn about missing retpoline in module (bnc#1099177).
- net/mlx4_core: Fix error handling in mlx4_init_port_info (bnc#786036).
- net/mlx4_en: Change default QoS settings (bnc#786036 ).
- net/mlx4_en: Use __force to fix a sparse warning in TX datapath (bug#925105).
- netxen: fix incorrect loop counter decrement (bnc#784815).
- powerpc: Machine check interrupt is a non-maskable interrupt (bsc#1094244).
- s390/qdio: do not merge ERROR output buffers (bnc#1099709).
- s390/qeth: do not dump control cmd twice (bnc#1099709).
- s390/qeth: fix SETIP command handling (bnc#1099709).
- s390/qeth: free netdevice when removing a card (bnc#1099709).
- s390/qeth: lock read device while queueing next buffer (bnc#1099709).
- s390/qeth: when thread completes, wake up all waiters (bnc#1099709).
- sched/sysctl: Check user input value of sysctl_sched_time_avg (bsc#1100089).
- scsi: sg: mitigate read/write abuse (bsc#1101296).
- tg3: do not clear stats while tg3_close (bnc#790588).
- video/stifb: Return -ENOMEM after a failed kzalloc() in stifb_init_fb() (bnc#1099966).
- vmxnet3: use correct flag to indicate LRO feature (bsc#936423).
- x86-32/kaiser: Add CPL check for CR3 switch before iret (bsc#1098408).
- x86-non-upstream-eager-fpu 32bit fix (bnc#1087086, bnc#1100091, bnc#1099598).
- x86/cpu/bugs: Make retpoline module warning conditional (bnc#1099177).
ImportantSUSE bug 1045538SUSE bug 1047487SUSE bug 1087086SUSE bug 1090078SUSE bug 1094244SUSE bug 1094876SUSE bug 1098408SUSE bug 1099177SUSE bug 1099598SUSE bug 1099709SUSE bug 1099966SUSE bug 1100089SUSE bug 1100091SUSE bug 1101296SUSE bug 780242SUSE bug 784815SUSE bug 786036SUSE bug 790588SUSE bug 795301SUSE bug 902351SUSE bug 909495SUSE bug 923242SUSE bug 925105SUSE bug 936423CVE-2014-3688 at SUSECVE-2014-3688 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to 3.0.101-108.81 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-18281: An issue was discovered in the Linux kernel, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused (bnc#1113769).
- CVE-2018-18710: An issue was discovered in the Linux kernel, an information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).
- CVE-2018-18386: drivers/tty/n_tty.c in the Linux kernel allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).
- CVE-2017-7273: The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 4.x allowed physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report (bnc#1031240).
- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).
- CVE-2017-1000407: An denial of service issue was discovered in the Linux kernel, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic (bnc#1071021).
- CVE-2018-9516: An issue was discovered in the Linux kernel, the copy_to_user() inside the HID code does not correctly check the length before executing (bsc#1108498).
- CVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely (bnc#1107829).
The following non-security bugs were fixed:
- Btrfs: fix deadlock when finalizing block group creation (bsc#1107849).
- Btrfs: fix quick exhaustion of the system array in the superblock (bsc#1107849).
- FS-Cache: Synchronise object death state change vs operation submission (bsc#1107371).
- KABI: move the new handler to end of machdep_calls and hide it from genksyms (bsc#1094244).
- KVM: Disable irq while unregistering user notifier (bsc#1106240).
- KVM: SVM: obey guest PAT (bsc#1106240).
- KVM: VMX: remove I/O port 0x80 bypass on Intel hosts (bsc#1106240).
- KVM: emulate: fix CMPXCHG8B on 32-bit hosts (bsc#1106240).
- KVM: x86: emulator: Return to user-mode on L1 CPL=0 emulation failure (bsc#1106240).
- KVM: x86: fix use of uninitialized memory as segment descriptor in emulator (bsc#1106240).
- KVM: x86: zero base3 of unusable segments (bsc#1106240).
- NFS - do not hang if xdr decoded username is bad (bsc#1105799).
- NFSv4.1 - Do not leak IO size from one mount to another (bsc#1103145).
- PCI/AER: Report non-fatal errors only to the affected endpoint (bsc#1109806).
- PCI: Supply CPU physical address (not bus address) to iomem_is_exclusive() (bsc#1109806).
- PCI: shpchp: Check bridge's secondary (not primary) bus speed (bsc#1109806).
- PCI: shpchp: Fix AMD POGO identification (bsc#1109806).
- add kernel parameter to disable failfast on block devices (bsc#1081680).
- block: add flag QUEUE_FLAG_REGISTERED (bsc#1047027).
- block: allow gendisk's request_queue registration to be deferred (bsc#1047027).
- crypto: ghash-clmulni-intel - use C implementation for setkey() (bsc#1110006).
- dm: fix incomplete request_queue initialization (bsc#1047027).
- dm: only initialize the request_queue once (bsc#1047027).
- firmware/ihex2fw.c: restore missing default in switch statement (bsc#1114460).
- kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE (git-fixes).
- locks: fix unlock when fcntl_setlk races with a close (git-fixes).
- media: Fix invalid free in the fix for mceusb (bsc#1050431).
- media: cx25821: prevent out-of-bounds read on array card (bsc#1050431).
- media: ite-cir: initialize use_demodulator before using it (bsc#1050431).
- media: mceusb: fix NULL-deref at probe (bsc#1050431).
- media: mceusb: fix memory leaks in error path.
- percpu: make pcpu_alloc_chunk() use pcpu_mem_free() instead of kfree() (git fixes).
- powerpc, KVM: Rework KVM checks in first-level interrupt handlers (bsc#1094244).
- powerpc/64: Do load of PACAKBASE in LOAD_HANDLER (bsc#1094244).
- powerpc/64: Fix smp_wmb barrier definition use use lwsync consistently (bsc#1064861).
- powerpc/64: Initialise thread_info for emergency stacks (bsc#1094244).
- powerpc/64s: Exception macro for stack frame and initial register save (bsc#1094244).
- powerpc/64s: move machine check SLB flushing to mm/slb.c (bsc#1094244).
- powerpc/asm: Mark cr0 as clobbered in mftb() (bsc#1049128).
- powerpc/book3s: Introduce a early machine check hook in cpu_spec (bsc#1094244).
- powerpc/book3s: Introduce exclusive emergency stack for machine check exception (bsc#1094244).
- powerpc/book3s: Split the common exception prolog logic into two section (bsc#1094244).
- powerpc/book3s: handle machine check in Linux host (bsc#1094244).
- powerpc/mce: Fix SLB rebolting during MCE recovery path (bsc#1094244).
- powerpc/pseries: Avoid using the size greater than (bsc#1094244).
- powerpc/pseries: Defer the logging of rtas error to irq work queue (bsc#1094244).
- powerpc/pseries: Dump the SLB contents on SLB MCE errors (bsc#1094244).
- powerpc/pseries: Flush SLB contents on SLB MCE errors (bsc#1094244).
- powerpc: Add a symbol for hypervisor trampolines (bsc#1094244).
- powerpc: Fix smp_mb__before_spinlock() (bsc#1110247).
- powerpc: Make load_hander handle upto 64k offset (bsc#1094244).
- powerpc: Rework runlatch code (bsc#1094244).
- powerpc: Save CFAR before branching in interrupt entry paths (bsc#1094244).
- powerpc: cputable: KABI - hide new cpu_spec member from genksyms (bsc#1094244).
- powerpc: move MCE handler out-of-line and consolidate with machine_check_fwnmi (bsc#1094244).
- powerpc: move stab code into #ifndef CONFIG_POWER4_ONLY (bsc#1094244).
- powerpc: replace open-coded EXCEPTION_PROLOG_1 with the macro in slb miss handlers (bsc#1094244).
- reiserfs: add check to detect corrupted directory entry (bsc#1109818).
- reiserfs: do not panic on bad directory entries (bsc#1109818).
- retpoline: Introduce start/end markers of indirect thunk (bsc#1113337).
- s390/facilites: use stfle_fac_list array size for MAX_FACILITY_BIT (bnc#1108314, LTC#171326).
- s390/sclp: Change SCLP console default buffer-full behavior (bnc#1108314, LTC#171049).
- scsi: libfc: Do not drop down to FLOGI for fc_rport_login() (bsc#1106139).
- scsi: libfc: Do not login if the port is already started (bsc#1106139).
- scsi: libfc: do not advance state machine for incoming FLOGI (bsc#1106139).
- scsi: storvsc: fix memory leak on ring buffer busy (bnc#923775).
- signals: avoid unnecessary taking of sighand->siglock (bsc#1110247).
- x86/kexec: Avoid double free_page() upon do_kexec_load() failure (bsc#1110006).
- x86/mm/32: Set the '__vmalloc_start_set' flag in initmem_init() (bsc#1110006).
- x86/paravirt: Fix some warning messages (bnc#1065600).
- x86/percpu: Fix this_cpu_read() (bsc#1110006).
- x86/process: Re-export start_thread() (bsc#1110006).
- x86/vdso: Fix asm constraints on vDSO syscall fallbacks (bsc#1110006).
ImportantSUSE bug 1031240SUSE bug 1047027SUSE bug 1049128SUSE bug 1050431SUSE bug 1064861SUSE bug 1065600SUSE bug 1066674SUSE bug 1071021SUSE bug 1081680SUSE bug 1094244SUSE bug 1094825SUSE bug 1103145SUSE bug 1105799SUSE bug 1106139SUSE bug 1106240SUSE bug 1107371SUSE bug 1107829SUSE bug 1107849SUSE bug 1108314SUSE bug 1108498SUSE bug 1109806SUSE bug 1109818SUSE bug 1110006SUSE bug 1110247SUSE bug 1113337SUSE bug 1113751SUSE bug 1113769SUSE bug 1114460SUSE bug 923775CVE-2017-1000407 at SUSECVE-2017-1000407 at NVDCVE-2017-16533 at SUSECVE-2017-16533 at NVDCVE-2017-7273 at SUSECVE-2017-7273 at NVDCVE-2018-14633 at SUSECVE-2018-14633 at NVDCVE-2018-18281 at SUSECVE-2018-18281 at NVDCVE-2018-18386 at SUSECVE-2018-18386 at NVDCVE-2018-18710 at SUSECVE-2018-18710 at NVDCVE-2018-9516 at SUSECVE-2018-9516 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
The SUSE Linux Enterprise 11 SP4 kernel version 3.0.101 was updated to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-11477: A sequence of SACKs may have been crafted such that one can
trigger an integer overflow, leading to a kernel panic. (bsc#1137586)
- CVE-2019-11478: It was possible to send a crafted sequence of SACKs which
will fragment the TCP retransmission queue. An attacker may have been able to
further exploit the fragmented queue to cause an expensive linked-list walk
for subsequent SACKs received for that same TCP connection.
- CVE-2019-11479: It was possible to send a crafted sequence of SACKs which
will fragment the RACK send map. A remote attacker may be able to further
exploit the fragmented send map to cause an expensive linked-list walk for
subsequent SACKs received for that same TCP connection. This would have
resulted in excess resource consumption due to low mss values.
- CVE-2014-9710: The Btrfs implementation in the Linux kernel did not ensure
that the visible xattr state is consistent with a requested replacement,
which allowed local users to bypass intended ACL settings and gain privileges
via standard filesystem operations (1) during an xattr-replacement time
window, related to a race condition, or (2) after an xattr-replacement
attempt that fails because the data did not fit (bnc#923908).
- CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux
kernel allowed local attackers to observe page cache access patterns of other
processes on the same system, potentially allowing sniffing of secret
information. (Fixing this affects the output of the fincore program.) Limited
remote exploitation may be possible, as demonstrated by latency differences
in accessing public files from an Apache HTTP Server (bnc#1120843).
- CVE-2019-11190: The Linux kernel allowed local users to bypass ASLR on setuid
programs (such as /bin/su) because install_exec_creds() is called too late in
load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check
has a race condition when reading /proc/pid/stat (bnc#1131543).
- CVE-2018-17972: An issue was discovered in the proc_pid_stack function in
fs/proc/base.c in the Linux kernel It did not ensure that only root may
inspect the kernel stack of an arbitrary task, allowing a local attacker to
exploit racy stack unwinding and leak kernel task stack contents
(bnc#1110785).
- CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c
in the Linux kernel allowed a local user to obtain potentially sensitive
information from kernel stack memory via a HIDPCONNADD command, because a
name field may not end with a '\0' character (bnc#1134848).
- CVE-2019-11486: The Siemens R3964 line discipline driver in
drivers/tty/n_r3964.c in the Linux kernel had multiple race conditions
(bnc#1133188).
The following non-security bugs were fixed:
- cifs: fix uninitialized memory access (bsc#1120326).
- kabi: drop LINUX_MIB_TCPWQUEUETOOBIG snmp counter (bsc#1137586).
- kernel: Add CEX7 toleration support (bsc#1131295).
- net: ipsec: fix a kernel oops caused by reentrant workqueue (bsc#1119314).
- tcp: add tcp_min_snd_mss sysctl (bsc#1137586).
- tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).
- tcp: limit payload size of sacked skbs (bsc#1137586).
- tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).
- x86/MCE: Handle 'nosmt' offlining properly (bsc#1134729).
- xfs: do not cache inodes read through bulkstat (bsc#1134102).
ImportantSUSE bug 1110785SUSE bug 1113769SUSE bug 1119314SUSE bug 1120326SUSE bug 1120843SUSE bug 1120885SUSE bug 1131295SUSE bug 1131543SUSE bug 1132374SUSE bug 1132472SUSE bug 1132580SUSE bug 1133188SUSE bug 1134102SUSE bug 1134729SUSE bug 1134848SUSE bug 1137586SUSE bug 923908SUSE bug 939260CVE-2014-9710 at SUSECVE-2014-9710 at NVDCVE-2018-17972 at SUSECVE-2018-17972 at NVDCVE-2019-11190 at SUSECVE-2019-11190 at NVDCVE-2019-11477 at SUSECVE-2019-11477 at NVDCVE-2019-11478 at SUSECVE-2019-11478 at NVDCVE-2019-11479 at SUSECVE-2019-11479 at NVDCVE-2019-11486 at SUSECVE-2019-11486 at NVDCVE-2019-11884 at SUSECVE-2019-11884 at NVDCVE-2019-5489 at SUSECVE-2019-5489 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-3459: A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel(bnc#1120758).
- CVE-2019-3460: A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before (bnc#1120758).
- CVE-2019-3896: A double-free could happen in idr_remove_all() in lib/idr.c in the Linux kernel. An unprivileged local attacker could use this flaw for a privilege escalation or for a system crash and a denial of service (DoS) (bnc#1138943).
- CVE-2018-5390: The Linux kernel could be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which could lead to a denial of service (bnc#1102340).
- CVE-2018-20836: An issue was discovered in the Linux kernel There was a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free (bnc#1134395).
- CVE-2019-12614: An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel There was an unchecked kstrdup of prop-name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash) (bnc#1137194).
- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bnc#1136424 1136446).
The following non-security bugs were fixed:
- KEYS: do not let add_key() update an uninstantiated key (bnc#1063416).
- fnic: Fix to cleanup aborted IO to avoid device being offlined by mid-layer (bsc#1134835).
- signal: give SEND_SIG_FORCED more power to beat SIGNAL_UNKILLABLE (bsc#1135650).
- signal: oom_kill_task: use SEND_SIG_FORCED instead of force_sig() (bsc#1135650).
- tcp: a regression in the previous fix for the TCP SACK issue was fixed (bnc#1139751)
ImportantSUSE bug 1063416SUSE bug 1090078SUSE bug 1102340SUSE bug 1120758SUSE bug 1134395SUSE bug 1134835SUSE bug 1135650SUSE bug 1136424SUSE bug 1137194SUSE bug 1138943SUSE bug 1139751CVE-2018-20836 at SUSECVE-2018-20836 at NVDCVE-2018-5390 at SUSECVE-2018-5390 at NVDCVE-2019-12614 at SUSECVE-2019-12614 at NVDCVE-2019-3459 at SUSECVE-2019-3459 at NVDCVE-2019-3460 at SUSECVE-2019-3460 at NVDCVE-2019-3846 at SUSECVE-2019-3846 at NVDCVE-2019-3896 at SUSECVE-2019-3896 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-14284: The drivers/block/floppy.c allowed a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default (bsc#1143189).
- CVE-2019-14283: The function set_geometry in drivers/block/floppy.c did not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device by default (bsc#1143191).
- CVE-2019-13631: In parse_hid_report_descriptor in drivers/input/tablet/gtco.c, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages (bsc#1142023).
- CVE-2019-11810: A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free (bsc#1134399).
- CVE-2019-1125: Enable Spectre v1 swapgs mitigations (bsc#1139358).
- CVE-2018-20855: An issue was discovered in create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace (bsc#1143045).
- CVE-2015-9289: A buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allowed larger values such as 23 (bsc#1143179).
The following non-security bugs were fixed:
- fix detection of race between fcntl-setlk and close (bsc#1140965).
- ocfs2: add first lock wait time in locking_state (bsc#1134390).
- ocfs2: add last unlock times in locking_state (bsc#1134390).
- ocfs2: add locking filter debugfs file (bsc#1134390).
- powerpc/watchpoint: Restore NV GPRs while returning from exception (bsc#1140945,bsc#1141401,bsc#1141402,bsc#1141452,bsc#1141453,bsc#1141454).
- xen-netfront: use napi_complete() correctly to prevent Rx stalling (bsc#1138744).
ImportantSUSE bug 1134390SUSE bug 1134399SUSE bug 1138744SUSE bug 1139358SUSE bug 1140945SUSE bug 1140965SUSE bug 1141401SUSE bug 1141402SUSE bug 1141452SUSE bug 1141453SUSE bug 1141454SUSE bug 1142023SUSE bug 1143045SUSE bug 1143179SUSE bug 1143189SUSE bug 1143191CVE-2015-9289 at SUSECVE-2015-9289 at NVDCVE-2018-20855 at SUSECVE-2018-20855 at NVDCVE-2019-1125 at SUSECVE-2019-1125 at NVDCVE-2019-11810 at SUSECVE-2019-11810 at NVDCVE-2019-13631 at SUSECVE-2019-13631 at NVDCVE-2019-14283 at SUSECVE-2019-14283 at NVDCVE-2019-14284 at SUSECVE-2019-14284 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
The SUSE Linux Enterprise 11-SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with
Transactional Memory support could be used to facilitate sidechannel
information leaks out of microarchitectural buffers, similar to the
previously described 'Microarchitectural Data Sampling' attack.
The Linux kernel was supplemented with the option to disable TSX operation
altogether (requiring CPU Microcode updates on older systems) and better
flushing of microarchitectural buffers (VERW).
The set of options available is described in our TID at https://www.suse.com/support/kb/doc/?id=7023735
- CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race
condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine
Exception during Page Size Change, causing the CPU core to be non-functional.
The Linux Kernel kvm hypervisor was adjusted to avoid page size changes in
executable pages by splitting / merging huge pages into small pages as
needed. More information can be found on https://www.suse.com/support/kb/doc/?id=7024251
- CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the
alloc_workqueue return value, leading to a NULL pointer dereference.
(bsc#1150457).
- CVE-2019-10220: Added sanity checks on the pathnames passed to the user
space. (bsc#1144903).
- CVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue return
value, leading to a NULL pointer dereference. (bsc#1150452).
- CVE-2019-16232: Fix a potential NULL pointer dereference in the Marwell
libertas driver (bsc#1150465).
- CVE-2019-17052: ax25_create in the AF_AX25 network module in the Linux kernel
did not enforce CAP_NET_RAW, which meant that unprivileged users could create
a raw socket, aka CID-0614e2b73768. (bnc#1152779)
- CVE-2019-17055: base_sock_create in the AF_ISDN network module in the Linux kernel
did not enforce CAP_NET_RAW, which means that unprivileged users can create
a raw socket, aka CID-b91ee4aa2a21. (bnc#1152782)
- CVE-2019-17054: atalk_create in the AF_APPLETALK network module in the Linux kernel
did not enforce CAP_NET_RAW, which means that unprivileged users can create
a raw socket, aka CID-6cc03e8aa36c. (bnc#1152786)
- CVE-2019-17133: cfg80211 wireless extension did not reject a long SSID IE,
leading to a Buffer Overflow (bsc#1153158).
- CVE-2019-17053: ieee802154_create in the AF_IEEE802154 network module in the Linux kernel
did not enforce CAP_NET_RAW, which means that unprivileged users could create
a raw socket, aka CID-e69dbd4619e7. (bnc#1152789)
- CVE-2019-16413: The 9p filesystem did not protect i_size_write() properly, which caused an
i_size_read() infinite loop and denial of service on SMP systems. (bnc#1151347)
- CVE-2019-15291: There was a NULL pointer dereference caused by a malicious USB device in the
flexcop_usb_probe function. (bnc#1146540)
- CVE-2019-15807: There was a memory leak in the SAS expander driver when SAS expander discovery
fails. This could cause a denial of service. (bnc#1148938)
- CVE-2019-14821: An out-of-bounds access issue was found in the way Linux the kernel's KVM hypervisor
implemented the Coalesced MMIO write operation. It operated on an MMIO ring buffer
'struct kvm_coalesced_mmio' object, wherein write indices value could be supplied by a
host user-space process. An unprivileged host user or process with access to '/dev/kvm'
device could use this flaw to crash the host kernel, resulting in a denial of service
or potentially escalating privileges on the system. (bnc#1151350)
- CVE-2019-15505: The Linux kernel had an out-of-bounds read via crafted USB device traffic
(which may have been remote via usbip or usbredir). (bnc#1147122)
- CVE-2019-14835: A buffer overflow flaw was found in the way Linux kernel's vhost functionality
that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A
privileged guest user able to pass descriptors with invalid length to the host when migration
is underway, could have used this flaw to increase their privileges on the host. (bnc#1150112)
- CVE-2019-15216: There was a NULL pointer dereference caused by a malicious USB device in the
drivers/usb/misc/yurex.c driver. (bnc#1146361)
- CVE-2019-9456: In the Android kernel in Pixel C USB monitor driver there was a possible
OOB write due to a missing bounds check. This could lead to local escalation of privilege
with System execution privileges needed. User interaction was not needed for exploitation. (bnc#1150025)
- CVE-2019-15927: An out-of-bounds access existed in the function build_audio_procunit in the
file sound/usb/mixer.c. (bnc#1149522)
- CVE-2019-15902: Misuse of the upstream 'x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()'
commit reintroduced the Spectre vulnerability that it aimed to eliminate. This occurred because the
backport process depends on cherry picking specific commits, and because two (correctly ordered)\
code lines were swapped. (bnc#1149376)
- CVE-2019-15219: There was a NULL pointer dereference caused by a malicious USB device in the
drivers/usb/misc/sisusbvga/sisusb.c driver. (bnc#1146524)
- CVE-2017-18509: An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel By setting a specific
socket option, an attacker could control a pointer in kernel land and cause an inet_csk_listen_stop
general protection fault, or potentially execute arbitrary code under certain circumstances. The issue
could be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability)
or after namespace unsharing. This occurred because sk_type and protocol were not checked in the
appropriate part of the ip6_mroute_* functions. (bnc#1145477)
- CVE-2019-15212: There was a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver. (bnc#1146391)
- CVE-2019-15292: There was a use-after-free in atalk_proc_exit. (bnc#1146678)
- CVE-2019-15217: There was a NULL pointer dereference caused by a malicious USB device in the
drivers/media/usb/zr364xx/zr364xx.c driver. (bnc#1146547)
- CVE-2018-20976: A use after free was discovered in fs/xfs/xfs_super.c, related to xfs_fs_fill_super
failure. (bnc#1146285)
- CVE-2017-18551: There was an out of bounds write in the function i2c_smbus_xfer_emulated. (bnc#1146163)
- CVE-2019-15118: check_input_term in sound/usb/mixer.c mishandled recursion, leading to kernel stack
exhaustion. (bnc#1145922)
The following non-security bugs were fixed:
- add a missing lfence in kernel error entry and remove a superfluous lfence in userspace interrupt exit paths
- Documentation: Add ITLB_MULTIHIT documentation (bnc#1117665).
- array_index_nospec: Sanitize speculative array (bsc#1155671)
- cpu/speculation: Uninline and export CPU mitigations helpers (bnc#1117665).
- IB/core: Add mitigation for Spectre V1 (bsc#1155671)
- inet_diag: fix oops for IPv4 AF_INET6 TCP SYN-RECV state (bsc#1101061).
- kABI Fix for IFU Patches (bsc#1117665).
- kthread: Implement park/unpark facility (bsc#1117665).
- kvm: Convert kvm_lock to a mutex (bsc#1117665).
- kvm: MMU: drop read-only large sptes when creating lower level sptes (bsc#1117665).
- kvm: MMU: fast invalidate all pages (bsc1117665).
- kvm: VMX: export PFEC.P bit on ept (bsc#1117665).
- kvm: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (bsc#1117665).
- kvm: x86: make FNAME(fetch) and __direct_map more similar (bsc#1117665).
- kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT (bnc#1117665).
- mm/readahead.c: fix readahead failure for memoryless NUMA nodes and limit readahead pages (bsc#1143327).
- mm: use only per-device readahead limit (bsc#1143327).
- powerpc/64s: support nospectre_v2 cmdline option (bsc#1131107).
- powerpc/fsl: Add nospectre_v2 command line argument (bsc#1131107).
- powerpc/fsl: Update Spectre v2 reporting (bsc#1131107).
- powerpc/security: Show powerpc_security_features in debugfs (bsc#1131107).
- xfs: xfs_remove deadlocks due to inverted AGF vs AGI lock ordering (bsc#1150599).
ImportantSUSE bug 1101061SUSE bug 1113201SUSE bug 1117665SUSE bug 1131107SUSE bug 1143327SUSE bug 1144903SUSE bug 1145477SUSE bug 1145922SUSE bug 1146163SUSE bug 1146285SUSE bug 1146361SUSE bug 1146391SUSE bug 1146524SUSE bug 1146540SUSE bug 1146547SUSE bug 1146678SUSE bug 1147122SUSE bug 1148938SUSE bug 1149376SUSE bug 1149522SUSE bug 1150025SUSE bug 1150112SUSE bug 1150452SUSE bug 1150457SUSE bug 1150465SUSE bug 1150599SUSE bug 1151347SUSE bug 1151350SUSE bug 1152779SUSE bug 1152782SUSE bug 1152786SUSE bug 1152789SUSE bug 1153158SUSE bug 1155671SUSE bug 802154SUSE bug 936875CVE-2017-18509 at SUSECVE-2017-18509 at NVDCVE-2017-18551 at SUSECVE-2017-18551 at NVDCVE-2018-12207 at SUSECVE-2018-12207 at NVDCVE-2018-20976 at SUSECVE-2018-20976 at NVDCVE-2019-10220 at SUSECVE-2019-10220 at NVDCVE-2019-11135 at SUSECVE-2019-11135 at NVDCVE-2019-14821 at SUSECVE-2019-14821 at NVDCVE-2019-14835 at SUSECVE-2019-14835 at NVDCVE-2019-15118 at SUSECVE-2019-15118 at NVDCVE-2019-15212 at SUSECVE-2019-15212 at NVDCVE-2019-15216 at SUSECVE-2019-15216 at NVDCVE-2019-15217 at SUSECVE-2019-15217 at NVDCVE-2019-15219 at SUSECVE-2019-15219 at NVDCVE-2019-15291 at SUSECVE-2019-15291 at NVDCVE-2019-15292 at SUSECVE-2019-15292 at NVDCVE-2019-15505 at SUSECVE-2019-15505 at NVDCVE-2019-15807 at SUSECVE-2019-15807 at NVDCVE-2019-15902 at SUSECVE-2019-15902 at NVDCVE-2019-15927 at SUSECVE-2019-15927 at NVDCVE-2019-16232 at SUSECVE-2019-16232 at NVDCVE-2019-16233 at SUSECVE-2019-16233 at NVDCVE-2019-16234 at SUSECVE-2019-16234 at NVDCVE-2019-16413 at SUSECVE-2019-16413 at NVDCVE-2019-17052 at SUSECVE-2019-17052 at NVDCVE-2019-17053 at SUSECVE-2019-17053 at NVDCVE-2019-17054 at SUSECVE-2019-17054 at NVDCVE-2019-17055 at SUSECVE-2019-17055 at NVDCVE-2019-17133 at SUSECVE-2019-17133 at NVDCVE-2019-9456 at SUSECVE-2019-9456 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls (bsc#1167629).
- CVE-2020-8647: There was a use-after-free vulnerability in the vc_do_resize function in drivers/tty/vt/vt.c (bsc#1162929).
- CVE-2020-8649: There was a use-after-free vulnerability in the vgacon_invert_region function in drivers/video/console/vgacon.c (bsc#1162931).
- CVE-2020-9383: An issue was discovered set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it (bsc#1165111).
- CVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function in kernel/trace/blktrace.c (bsc#1159285).
- CVE-2020-11608: Fixed a NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints (bsc#1168829).
- CVE-2020-8648: There was a use-after-free vulnerability in the n_tty_receive_buf_common function in drivers/tty/n_tty.c (bsc#1162928).
- CVE-2019-14896: A heap-based buffer overflow vulnerability was found in Marvell WiFi chip driver. A remote attacker could cause a denial of service or possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP (bsc#1157157).
- CVE-2019-14897: A stack-based buffer overflow was found in the Marvell WiFi chip driver. An attacker is able to cause a denial of service or possibly execute arbitrary code, when a STA works in IBSS mode and connects to another STA (bsc#1157155).
- CVE-2019-18675: Fixed an Integer Overflow in cpia2_remap_buffer in drivers/media/usb/cpia2/cpia2_core.c because cpia2 has its own mmap implementation. This allowed local users to obtain read and write permissions on kernel physical pages, which can possibly result in a privilege escalation (bsc#1157804).
- CVE-2019-19965: Fixed a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition (bsc#1159911).
- CVE-2019-19066: A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c allowed attackers to cause a denial of service by triggering bfa_port_get_stats() failures (bsc#1157303).
- CVE-2019-20096: Fixed a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service (bsc#1159908).
- CVE-2019-19966: Fixed a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service (bsc#1159841).
- CVE-2019-19532: Fixed multiple out-of-bounds write bugs that can be caused by a malicious USB device (bsc#1158824).
- CVE-2019-19523: Fixed a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver (bsc#115882).
- CVE-2019-19537: Fixed a race condition that can be caused by a malicious USB device in the USB character device driver layer (bsc#1158904).
- CVE-2019-19527, CVE-2019-19530, CVE-2019-19524: Fixed multiple use-after-free bug that could be caused by a malicious USB device (bsc#1158381, bsc#1158834, bsc#1158900).
- CVE-2019-15213: Fixed a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver (bsc#1146544).
- CVE-2019-19531: Fixed a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver (bsc#1158445).
- CVE-2019-18660: The Linux kernel on powerpc allowed Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs (bsc#1157038).
- CVE-2019-19227: Fixed a potential NULL pointer dereference in the AppleTalk subsystem (bsc#1157678).
- CVE-2019-19074: Fixed a memory leak in the ath9k_wmi_cmd(), which allowed attackers to cause a denial of service (bsc#1157143).
- CVE-2019-19073: Fixed multiple memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c, which allowed attackers to cause a denial of service (bsc#1157070).
- CVE-2019-15916: Fixed a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which could cause denial of service (bsc#1149448).
- CVE-2019-12456: Fixed a denial of service in _ctl_ioctl_main, which could be triggered by a local user (bsc#1136922).
The following non-security bugs were fixed:
- Input: add safety guards to input_set_keycode() (bsc#1168075).
- blk: Fix kabi due to blk_trace_mutex addition (bsc#1159285).
- blktrace: fix dereference after null check (bsc#1159285).
- blktrace: fix trace mutex deadlock (bsc#1159285).
- block: Fix oops scsi_disk_get() (bsc#1105327).
- fs/xfs: fix f_ffree value for statfs when project quota is set (bsc#1165985).
- kaiser: Fix for 32bit KAISER implementations (bsc#1157344).
- klist: fix starting point removed bug in klist iterators (bsc#1156652).
- kobject: Export kobject_get_unless_zero() (bsc#1105327).
- kobject: fix kset_find_obj() race with concurrent last kobject_put() (bsc#1105327).
- kref: minor cleanup (bsc#1105327).
- media: ov519: add missing endpoint sanity checks (bsc#1168829).
- media: stv06xx: add missing descriptor sanity checks (bsc#1168854).
- netfilter: nf_nat: do not bug when mapping already exists (bsc#1146612).
- powerpc/64: Make meltdown reporting Book3S 64 specific (bsc#1091041).
- powerpc/pseries/mobility: notify network peers after migration (bsc#1152631 ltc#181798).
- powerpc/security/book3s64: Report L1TF status in sysfs (bsc#1091041).
- powerpc/security: Fix wrong message when RFI Flush is disable (bsc#1131107).
- rpm/kernel-binary.spec.in: Replace Novell with SUSE
- sched: Fix race between task_group and sched_task_group (bsc#1136471).
- sched: Remove lockdep check in sched_move_task() (bsc#1136471).
- scsi: lpfc: Fix driver crash in target reset handler (bsc#1148871).
- writeback: fix race that cause writeback hung (bsc#1161358).
- x86: fix speculation bug reporting (bsc#1012382).
ImportantSUSE bug 1012382SUSE bug 1091041SUSE bug 1105327SUSE bug 1131107SUSE bug 1136471SUSE bug 1136922SUSE bug 1146519SUSE bug 1146544SUSE bug 1146612SUSE bug 1148871SUSE bug 1149448SUSE bug 1152631SUSE bug 1156652SUSE bug 1157038SUSE bug 1157070SUSE bug 1157143SUSE bug 1157155SUSE bug 1157157SUSE bug 1157303SUSE bug 1157344SUSE bug 1157678SUSE bug 1157804SUSE bug 1157923SUSE bug 1158381SUSE bug 1158410SUSE bug 1158413SUSE bug 1158427SUSE bug 1158445SUSE bug 1158823SUSE bug 1158824SUSE bug 1158834SUSE bug 1158900SUSE bug 1158904SUSE bug 1159285SUSE bug 1159841SUSE bug 1159908SUSE bug 1159911SUSE bug 1161358SUSE bug 1162928SUSE bug 1162929SUSE bug 1162931SUSE bug 1164078SUSE bug 1165111SUSE bug 1165985SUSE bug 1167629SUSE bug 1168075SUSE bug 1168829SUSE bug 1168854CVE-2019-12456 at SUSECVE-2019-12456 at NVDCVE-2019-14896 at SUSECVE-2019-14896 at NVDCVE-2019-14897 at SUSECVE-2019-14897 at NVDCVE-2019-15213 at SUSECVE-2019-15213 at NVDCVE-2019-15916 at SUSECVE-2019-15916 at NVDCVE-2019-18660 at SUSECVE-2019-18660 at NVDCVE-2019-18675 at SUSECVE-2019-18675 at NVDCVE-2019-19066 at SUSECVE-2019-19066 at NVDCVE-2019-19073 at SUSECVE-2019-19073 at NVDCVE-2019-19074 at SUSECVE-2019-19074 at NVDCVE-2019-19227 at SUSECVE-2019-19227 at NVDCVE-2019-19523 at SUSECVE-2019-19523 at NVDCVE-2019-19524 at SUSECVE-2019-19524 at NVDCVE-2019-19527 at SUSECVE-2019-19527 at NVDCVE-2019-19530 at SUSECVE-2019-19530 at NVDCVE-2019-19531 at SUSECVE-2019-19531 at NVDCVE-2019-19532 at SUSECVE-2019-19532 at NVDCVE-2019-19537 at SUSECVE-2019-19537 at NVDCVE-2019-19768 at SUSECVE-2019-19768 at NVDCVE-2019-19965 at SUSECVE-2019-19965 at NVDCVE-2019-19966 at SUSECVE-2019-19966 at NVDCVE-2019-20096 at SUSECVE-2019-20096 at NVDCVE-2020-10942 at SUSECVE-2020-10942 at NVDCVE-2020-11608 at SUSECVE-2020-11608 at NVDCVE-2020-8647 at SUSECVE-2020-8647 at NVDCVE-2020-8648 at SUSECVE-2020-8648 at NVDCVE-2020-8649 at SUSECVE-2020-8649 at NVDCVE-2020-9383 at SUSECVE-2020-9383 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it.
This attack is known as Special Register Buffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824).
- CVE-2020-12652: Fixed an issue which could have allowed local users to hold an incorrect lock during the ioctl operation and trigger a race condition (bsc#1171218).
- CVE-2020-12653: Fixed an issue in the wifi driver which could have allowed local users to gain privileges or cause a denial of service (bsc#1171195).
- CVE-2020-12654: Fixed an issue in he wifi driver which could have allowed a remote AP to trigger a heap-based buffer overflow (bsc#1171202).
- CVE-2020-10690: Fixed the race between the release of ptp_clock and cdev (bsc#1170056).
The following non-security bugs were fixed:
- nfsd4: clean up open owners on OPEN failure (bsc#1154290).
- random: always use batched entropy for get_random_u{32,64} (bsc#1164871).
ImportantSUSE bug 1154290SUSE bug 1154824SUSE bug 1164871SUSE bug 1170056SUSE bug 1171195SUSE bug 1171202SUSE bug 1171218CVE-2020-0543 at SUSECVE-2020-0543 at NVDCVE-2020-10690 at SUSECVE-2020-10690 at NVDCVE-2020-12652 at SUSECVE-2020-12652 at NVDCVE-2020-12653 at SUSECVE-2020-12653 at NVDCVE-2020-12654 at SUSECVE-2020-12654 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-10773: Fixed a memory leak on s390/s390x, in the cmm_timeout_hander in file arch/s390/mm/cmm.c (bnc#1172999).
- CVE-2020-14416: Fixed a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c (bnc#1162002).
- CVE-2020-13974: Fixed a integer overflow in drivers/tty/vt/keyboard.c, if k_ascii is called several times in a row (bnc#1172775).
- CVE-2020-10732: A flaw was found in the implementation of Userspace core dumps. This flaw allowed an attacker with a local account to crash a trivial program and exfiltrate private kernel data (bnc#1171220).
- CVE-2020-12656: Fixed a memory leak in gss_mech_free in the rpcsec_gss_krb5 implementation, caused by a lack of certain domain_release calls (bnc#1171219).
- CVE-2020-0305: Fixed a possible use-after-free due to a race condition incdev_get of char_dev.c. This could lead to local escalation of privilege. User interaction is not needed for exploitation (bnc#1174462).
- CVE-2020-10769: A buffer over-read flaw was found in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. This flaw allowed a local attacker with user privileges to cause a denial of service (bnc#1173265).
- CVE-2020-12652: The __mptctl_ioctl function in drivers/message/fusion/mptctl.c allowed local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a 'double fetch' vulnerability (bnc#1171218).
- CVE-2019-5108: Fixed a denial-of-service vulnerability in the wifi stack. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed (bnc#1159912).
The following non-security bugs were fixed:
- Fix gcc-discovered error in zeroing a struct (bnc#680814)
ImportantSUSE bug 1159912SUSE bug 1159913SUSE bug 1162002SUSE bug 1171218SUSE bug 1171219SUSE bug 1171220SUSE bug 1172775SUSE bug 1172999SUSE bug 1173265SUSE bug 1174462SUSE bug 1174543CVE-2019-5108 at SUSECVE-2019-5108 at NVDCVE-2020-0305 at SUSECVE-2020-0305 at NVDCVE-2020-10732 at SUSECVE-2020-10732 at NVDCVE-2020-10769 at SUSECVE-2020-10769 at NVDCVE-2020-10773 at SUSECVE-2020-10773 at NVDCVE-2020-12652 at SUSECVE-2020-12652 at NVDCVE-2020-12656 at SUSECVE-2020-12656 at NVDCVE-2020-13974 at SUSECVE-2020-13974 at NVDCVE-2020-14416 at SUSECVE-2020-14416 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel (bnc#1181349).
- CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could have led to local privilege escalation (bnc#1180029).
- CVE-2020-25211: Fixed a flaw where a local attacker was able to inject conntrack netlink configuration that could cause a denial of service or trigger the use of incorrect protocol numbers in ctnetlink_parse_tuple_filter (bnc#1176395).
- CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory corruption or a denial of service when changing screen size (bnc#1176235).
- CVE-2020-25284: Fixed an incomplete permission checking for access to rbd devices, which could have been leveraged by local attackers to map or unmap rbd block devices (bsc#1176482).
- CVE-2020-15436: Fixed a use after free vulnerability in fs/block_dev.c which could have allowed local users to gain privileges or cause a denial of service (bsc#1179141).
- CVE-2020-14331: Fixed a missing check in vgacon scrollback handling (bsc#1174205).
- CVE-2020-14353: Fixed an issue where keys - for keyctl prevent creating a different user's keyrings (bsc#1174993).
- CVE-2020-14381: Fixed requeue paths such that filp was valid when dropping the references (bsc#1176011).
- CVE-2020-27068: Fixed an out-of-bounds read due to a missing bounds check in the nl80211_policy policy of nl80211.c (bnc#1180086).
- CVE-2020-27777: Fixed a privilege escalation in the Run-Time Abstraction Services (RTAS) interface, affecting guests running on top of PowerVM or KVM hypervisors (bnc#1179107).
- CVE-2020-27786: Fixed an out-of-bounds write in the MIDI implementation (bnc#1179601).
- CVE-2020-29660: Fixed a locking inconsistency in the tty subsystem that may have allowed a read-after-free attack against TIOCGSID (bnc#1179745).
- CVE-2020-29661: Fixed a locking issue in the tty subsystem that allowed a use-after-free attack against TIOCSPGRP (bsc#1179745).
- CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon which could have been used by local attackers to read privileged information or potentially crash the kernel (bsc#1178589).
- CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could have been used by local attackers to read kernel memory (bsc#1178886).
- CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit() (bsc#1178182).
- CVE-2020-25285: A race condition between hugetlb sysctl handlers in mm/hugetlb.c could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact (bnc#1176485 ).
- CVE-2020-15437: Fixed a null pointer dereference which could have allowed local users to cause a denial of service (bsc#1179140).
- CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver (bsc#1180559).
- CVE-2020-11668: Fixed the mishandling of invalid descriptors in the Xirlink camera USB driver (bnc#1168952).
- CVE-2020-25668: Fixed a use-after-free in con_font_op() (bsc#1178123).
- CVE-2020-4788: Fixed an issue with IBM Power9 processors could have allowed a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances (bsc#1177666).
- CVE-2020-0431: Fixed an out of bounds write due to a missing bounds check (bsc#1176722).
- CVE-2020-0404: Fixed a linked list corruption due to an unusual root cause (bsc#1176423).
- CVE-2019-20934: Fixed a use-after-free in show_numa_stats() because NUMA fault statistics were inappropriately freed (bsc#1179663).
- CVE-2020-25656: Fixed a concurrency use-after-free in vt_do_kdgkb_ioctl (bnc#1177766).
- CVE-2020-25643: Fixed a memory corruption and a read overflow which could have caused by improper input validation in the ppp_cp_parse_cr function (bsc#1177206).
- CVE-2019-16746: Fixed a buffer overflow in net/wireless/nl80211.c (bsc#1173659).
The following non-security bugs were fixed:
- HID: Fix slab-out-of-bounds read in hid_field_extract (bsc#1180052).
- cifs: bugfix for unreclaimed writeback pages in cifs_writev_requeue() (bsc#1177906).
- mm, vmstat: reduce zone->lock holding time by /proc/pagetypeinfo (bsc#1175691).
- net/x25: fix a race in x25_bind() (bsc#1178590).
- net/x25: prevent a couple of overflows (bsc#1178590).
- tty: fix memleak in alloc_pid (bsc#1179745).
- xfs: mark all internal workqueues as freezable (bsc#1181166).
ImportantSUSE bug 1152107SUSE bug 1168952SUSE bug 1173659SUSE bug 1173942SUSE bug 1174205SUSE bug 1174247SUSE bug 1174993SUSE bug 1175691SUSE bug 1176011SUSE bug 1176012SUSE bug 1176235SUSE bug 1176253SUSE bug 1176278SUSE bug 1176395SUSE bug 1176423SUSE bug 1176482SUSE bug 1176485SUSE bug 1176722SUSE bug 1176896SUSE bug 1177206SUSE bug 1177226SUSE bug 1177666SUSE bug 1177766SUSE bug 1177906SUSE bug 1178123SUSE bug 1178182SUSE bug 1178589SUSE bug 1178590SUSE bug 1178622SUSE bug 1178886SUSE bug 1179107SUSE bug 1179140SUSE bug 1179141SUSE bug 1179419SUSE bug 1179601SUSE bug 1179616SUSE bug 1179745SUSE bug 1179877SUSE bug 1180029SUSE bug 1180030SUSE bug 1180052SUSE bug 1180086SUSE bug 1180559SUSE bug 1180562SUSE bug 1181158SUSE bug 1181166SUSE bug 1181349SUSE bug 1181553CVE-2019-16746 at SUSECVE-2019-16746 at NVDCVE-2020-0404 at SUSECVE-2020-0404 at NVDCVE-2020-0431 at SUSECVE-2020-0431 at NVDCVE-2020-0465 at SUSECVE-2020-0465 at NVDCVE-2020-11668 at SUSECVE-2020-11668 at NVDCVE-2020-14331 at SUSECVE-2020-14331 at NVDCVE-2020-14353 at SUSECVE-2020-14353 at NVDCVE-2020-14381 at SUSECVE-2020-14381 at NVDCVE-2020-14390 at SUSECVE-2020-14390 at NVDCVE-2020-15436 at SUSECVE-2020-15436 at NVDCVE-2020-15437 at SUSECVE-2020-15437 at NVDCVE-2020-25211 at SUSECVE-2020-25211 at NVDCVE-2020-25284 at SUSECVE-2020-25284 at NVDCVE-2020-25285 at SUSECVE-2020-25285 at NVDCVE-2020-25643 at SUSECVE-2020-25643 at NVDCVE-2020-25656 at SUSECVE-2020-25656 at NVDCVE-2020-25668 at SUSECVE-2020-25668 at NVDCVE-2020-25669 at SUSECVE-2020-25669 at NVDCVE-2020-27068 at SUSECVE-2020-27068 at NVDCVE-2020-27777 at SUSECVE-2020-27777 at NVDCVE-2020-27786 at SUSECVE-2020-27786 at NVDCVE-2020-28915 at SUSECVE-2020-28915 at NVDCVE-2020-28974 at SUSECVE-2020-28974 at NVDCVE-2020-29660 at SUSECVE-2020-29660 at NVDCVE-2020-29661 at SUSECVE-2020-29661 at NVDCVE-2020-36158 at SUSECVE-2020-36158 at NVDCVE-2020-4788 at SUSECVE-2020-4788 at NVDCVE-2021-3347 at SUSECVE-2021-3347 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following non-security bug was fixed:
- Fixed a regression where KVM VM hangs caused by the fix CVE-2020-29660 and CVE-2020-29661 (bsc#1182505).
ImportantSUSE bug 1179745SUSE bug 1182505CVE-2020-29660 at SUSECVE-2020-29660 at NVDCVE-2020-29661 at SUSECVE-2020-29661 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-3483: Fixed a use-after-free in nosy.c (bsc#1184393).
- CVE-2021-30002: Fixed a memory leak for large arguments in video_usercopy (bsc#1184120).
- CVE-2021-29650: Fixed an issue where the netfilter subsystem allowed attackers to cause a denial of service (bsc#1184208).
- CVE-2021-28972: Fixed a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly (bsc#1184198).
- CVE-2021-28950: Fixed an infinite loop because a retry loop continually finds the same bad inode (bsc#1184194).
- CVE-2021-27365: Fixed an issue where an unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message (bsc#1182715).
- CVE-2021-27364: Fixed an issue where an attacker could craft Netlink messages (bsc#1182717).
- CVE-2021-27363: Fixed a kernel pointer leak which could have been used to determine the address of the iscsi_transport structure (bsc#1182716).
- CVE-2021-20261: Fixed a race condition in the implementation of the floppy disk drive controller driver software (bsc#1183400).
- CVE-2020-36322: Fixed an issue in the FUSE filesystem implementation which could have caused a system crash (bsc#1184211).
- CVE-2020-35519: Fixed an out-of-bounds memory access was found in x25_bind (bsc#1183696).
The following non-security bugs were fixed:
- md: md.c: Return -ENODEV when mddev is NULL in rdev_attr_show (bsc#1056134, bsc#1180963).
ImportantSUSE bug 1056134SUSE bug 1180963SUSE bug 1182715SUSE bug 1182716SUSE bug 1182717SUSE bug 1183400SUSE bug 1183696SUSE bug 1184120SUSE bug 1184194SUSE bug 1184198SUSE bug 1184208SUSE bug 1184211SUSE bug 1184393CVE-2020-35519 at SUSECVE-2020-35519 at NVDCVE-2020-36322 at SUSECVE-2020-36322 at NVDCVE-2021-20261 at SUSECVE-2021-20261 at NVDCVE-2021-27363 at SUSECVE-2021-27363 at NVDCVE-2021-27364 at SUSECVE-2021-27364 at NVDCVE-2021-27365 at SUSECVE-2021-27365 at NVDCVE-2021-28950 at SUSECVE-2021-28950 at NVDCVE-2021-28972 at SUSECVE-2021-28972 at NVDCVE-2021-29650 at SUSECVE-2021-29650 at NVDCVE-2021-30002 at SUSECVE-2021-30002 at NVDCVE-2021-3483 at SUSECVE-2021-3483 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-0512: Fixed a possible out of bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bsc#1187595)
- CVE-2021-34693: Fixed a bug in net/can/bcm.c which could allow local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. (bsc#1187452)
- CVE-2020-36386: Fixed an out-of-bounds read in hci_extended_inquiry_result_evt. (bsc#1187038)
- CVE-2020-24588: Fixed a bug that could allow an adversary to abuse devices that support receiving non-SSP A-MSDU frames to inject arbitrary network packets. (bsc#1185861 bsc#1185863)
- CVE-2021-29154: Fixed an incorrect computation of branch displacements in the BPF JIT compilers, which could allow to execute arbitrary code within the kernel context. (bsc#1184391)
- CVE-2021-32399: Fixed a race condition in net/bluetooth/hci_request.c for removal of the HCI controller. (bsc#1184611)
- CVE-2020-24586: Fixed a bug that, under the right circumstances, allows to inject arbitrary network packets and/or exfiltrate user data when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP. (bsc#1185859 bsc#1185863)
- CVE-2020-26139: Fixed a bug that allows an Access Point (AP) to forward EAPOL frames to other clients even though the sender has not yet successfully authenticated. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and made it easier to exploit other vulnerabilities in connected clients. (bsc#1185863 bsc#1186062)
- CVE-2020-24587: Fixed a bug that allows an adversary to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed. (bsc#1185862 bsc#1185863)
The following non-security bugs were fixed:
- md: do not flush workqueue unconditionally in md_open (bsc#1184081).
- md: factor out a mddev_find_locked helper from mddev_find (bsc#1184081).
- md: md_open returns -EBUSY when entering racing area (bsc#1184081).
- md: split mddev_find (bsc#1184081).
ImportantSUSE bug 1184081SUSE bug 1184391SUSE bug 1184611SUSE bug 1185859SUSE bug 1185861SUSE bug 1185862SUSE bug 1185863SUSE bug 1186062SUSE bug 1187038SUSE bug 1187452SUSE bug 1187595CVE-2020-24586 at SUSECVE-2020-24586 at NVDCVE-2020-24587 at SUSECVE-2020-24587 at NVDCVE-2020-24588 at SUSECVE-2020-24588 at NVDCVE-2020-26139 at SUSECVE-2020-26139 at NVDCVE-2020-36386 at SUSECVE-2020-36386 at NVDCVE-2021-0512 at SUSECVE-2021-0512 at NVDCVE-2021-29154 at SUSECVE-2021-29154 at NVDCVE-2021-32399 at SUSECVE-2021-32399 at NVDCVE-2021-34693 at SUSECVE-2021-34693 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (bnc#1068032).
Enhancements and bugfixes over the previous fixes have been added to this kernel.
- CVE-2018-10087: The kernel_wait4 function in kernel/exit.c might have allowed local users to cause a denial of service by triggering an attempted use of the -INT_MIN value (bnc#1089608).
- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536).
- CVE-2018-7566: There was a buffer overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user (bnc#1083483).
- CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem allowed attackers to gain privileges via unspecified vectors (bnc#1088260).
- CVE-2018-8822: Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c could be exploited by malicious NCPFS servers to crash the kernel or execute code (bnc#1086162).
- CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver. (bnc#1072865).
- CVE-2017-18203: The dm_get_from_kobject function in drivers/md/dm.c allowed local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices (bnc#1083242).
- CVE-2017-16911: The vhci_hcd driver allowed allows local attackers to disclose kernel memory addresses. Successful exploitation requires that a USB device is attached over IP (bnc#1078674).
- CVE-2017-18208: The madvise_willneed function in mm/madvise.c local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping (bnc#1083494).
- CVE-2017-16644: The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c allowed local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1067118).
- CVE-2018-6927: The futex_requeue function in kernel/futex.c in the Linux kernel might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value (bnc#1080757).
- CVE-2017-16914: The 'stub_send_ret_submit()' function (drivers/usb/usbip/stub_tx.c) allowed attackers to cause a denial of service (NULL pointer dereference) via a specially crafted USB over IP packet (bnc#1078669).
- CVE-2016-7915: The hid_input_field function in drivers/hid/hid-core.c allowed physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) by connecting a device, as demonstrated by a Logitech DJ receiver (bnc#1010470).
- CVE-2015-5156: The virtnet_probe function in drivers/net/virtio_net.c attempted to support a FRAGLIST feature without proper memory allocation, which allowed guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets (bnc#940776).
- CVE-2017-12190: The bio_map_user_iov and bio_unmap_user functions in block/bio.c did unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition (bnc#1062568).
- CVE-2017-16912: The 'get_pipe()' function (drivers/usb/usbip/stub_rx.c) allowed attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet (bnc#1078673).
- CVE-2017-16913: The 'stub_recv_cmd_submit()' function (drivers/usb/usbip/stub_rx.c) when handling CMD_SUBMIT packets allowed attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet (bnc#1078672).
The following non-security bugs were fixed:
- af_iucv: enable control sends in case of SEND_SHUTDOWN (bnc#1085513, LTC#165135).
- cifs: fix buffer overflow in cifs_build_path_to_root() (bsc#1085113).
- drm/mgag200: fix a test in mga_vga_mode_valid() (bsc#1087092).
- hrtimer: Ensure POSIX compliance (relative CLOCK_REALTIME hrtimers) (bnc#1013018).
- hrtimer: Reset hrtimer cpu base proper on CPU hotplug (bnc#1013018).
- ide-cd: workaround VMware ESXi cdrom emulation bug (bsc#1080813).
- ipc/msg: introduce msgctl(MSG_STAT_ANY) (bsc#1072689).
- ipc/sem: introduce semctl(SEM_STAT_ANY) (bsc#1072689).
- ipc/shm: introduce shmctl(SHM_STAT_ANY) (bsc#1072689).
- jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path (git-fixes).
- kabi: x86/kaiser: properly align trampoline stack.
- keys: do not let add_key() update an uninstantiated key (bnc#1063416).
- keys: prevent creating a different user's keyrings (bnc#1065999).
- leds: do not overflow sysfs buffer in led_trigger_show (bsc#1080464).
- mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack (bnc#1039348).
- nfsv4: fix getacl head length estimation (git-fixes).
- pci: Use function 0 VPD for identical functions, regular VPD for others (bnc#943786 git-fixes).
- pipe: actually allow root to exceed the pipe buffer limits (git-fixes).
- posix-timers: Protect posix clock array access against speculation (bnc#1081358).
- powerpc/pseries: Support firmware disable of RFI flush (bsc#1068032, bsc#1075088).
- qeth: repair SBAL elements calculation (bnc#1085513, LTC#165484).
- Revert 'USB: cdc-acm: fix broken runtime suspend' (bsc#1067912)
- s390/qeth: fix underestimated count of buffer elements (bnc#1082091, LTC#164529).
- scsi: sr: workaround VMware ESXi cdrom emulation bug (bsc#1080813).
- usbnet: Fix a race between usbnet_stop() and the BH (bsc#1083275).
- x86-64: Move the 'user' vsyscall segment out of the data segment (bsc#1082424).
- x86/espfix: Fix return stack in do_double_fault() (bsc#1085279).
- x86/kaiser: properly align trampoline stack (bsc#1087260).
- x86/retpoline: do not perform thunk calls in ring3 vsyscall code (bsc#1085331).
- xen/x86/asm/traps: Disable tracing and kprobes in fixup_bad_iret and sync_regs (bsc#909077).
- xen/x86/cpu: Check speculation control CPUID bit (bsc#1068032).
- xen/x86/cpu: Factor out application of forced CPU caps (bsc#1075994 bsc#1075091).
- xen/x86/cpu: Fix bootup crashes by sanitizing the argument of the 'clearcpuid=' command-line option (bsc#1065600).
- xen/x86/cpu: Sync CPU feature flags late (bsc#1075994 bsc#1075091).
- xen/x86/entry: Use IBRS on entry to kernel space (bsc#1068032).
- xen/x86/idle: Toggle IBRS when going idle (bsc#1068032).
- xen/x86/kaiser: Move feature detection up (bsc#1068032).
- xfs: check for buffer errors before waiting (bsc#1052943).
- xfs: fix allocbt cursor leak in xfs_alloc_ag_vextent_near (bsc#1087762).
- xfs: really fix the cursor leak in xfs_alloc_ag_vextent_near (bsc#1087762).
ImportantSUSE bug 1010470SUSE bug 1013018SUSE bug 1039348SUSE bug 1052943SUSE bug 1062568SUSE bug 1062840SUSE bug 1063416SUSE bug 1063516SUSE bug 1065600SUSE bug 1065999SUSE bug 1067118SUSE bug 1067912SUSE bug 1068032SUSE bug 1072689SUSE bug 1072865SUSE bug 1075088SUSE bug 1075091SUSE bug 1075994SUSE bug 1078669SUSE bug 1078672SUSE bug 1078673SUSE bug 1078674SUSE bug 1080464SUSE bug 1080757SUSE bug 1080813SUSE bug 1081358SUSE bug 1082091SUSE bug 1082424SUSE bug 1083242SUSE bug 1083275SUSE bug 1083483SUSE bug 1083494SUSE bug 1084536SUSE bug 1085113SUSE bug 1085279SUSE bug 1085331SUSE bug 1085513SUSE bug 1086162SUSE bug 1087092SUSE bug 1087260SUSE bug 1087762SUSE bug 1088147SUSE bug 1088260SUSE bug 1089608SUSE bug 909077SUSE bug 940776SUSE bug 943786CVE-2015-5156 at SUSECVE-2015-5156 at NVDCVE-2016-7915 at SUSECVE-2016-7915 at NVDCVE-2017-0861 at SUSECVE-2017-0861 at NVDCVE-2017-12190 at SUSECVE-2017-12190 at NVDCVE-2017-13166 at SUSECVE-2017-13166 at NVDCVE-2017-16644 at SUSECVE-2017-16644 at NVDCVE-2017-16911 at SUSECVE-2017-16911 at NVDCVE-2017-16912 at SUSECVE-2017-16912 at NVDCVE-2017-16913 at SUSECVE-2017-16913 at NVDCVE-2017-16914 at SUSECVE-2017-16914 at NVDCVE-2017-18203 at SUSECVE-2017-18203 at NVDCVE-2017-18208 at SUSECVE-2017-18208 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2018-10087 at SUSECVE-2018-10087 at NVDCVE-2018-6927 at SUSECVE-2018-6927 at NVDCVE-2018-7566 at SUSECVE-2018-7566 at NVDCVE-2018-7757 at SUSECVE-2018-7757 at NVDCVE-2018-8822 at SUSECVE-2018-8822 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-1087: And an unprivileged KVM guest user could use this flaw to potentially escalate their privileges inside a guest. (bsc#1087088)
- CVE-2018-8897: An unprivileged system user could use incorrect set up interrupt stacks to crash the Linux kernel resulting in DoS issue. (bsc#1087088)
- CVE-2018-10124: The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument (bnc#1089752).
The following non-security bugs were fixed:
- kvm/x86: fix icebp instruction handling (bsc#1087088).
- media: cpia2: Fix a couple off by one bugs (bsc#1050431).
- nfs: add nostatflush mount option (bsc#1065726).
- nfs: allow flush-on-stat to be disabled (bsc#1065726).
- powerpc/fadump: Add a warning when 'fadump_reserve_mem=' is used (bnc#1032084, FATE#323225).
- powerpc/fadump: reuse crashkernel parameter for fadump memory reservation (bnc#1032084, FATE#323225).
- powerpc/fadump: update documentation about crashkernel parameter reuse (bnc#1032084, FATE#323225).
- powerpc/fadump: use 'fadump_reserve_mem=' when specified (bnc#1032084, FATE#323225).
- x86/entry/64: Do not use IST entry for #BP stack (bsc#1087088).
ImportantSUSE bug 1032084SUSE bug 1050431SUSE bug 1065726SUSE bug 1087088SUSE bug 1089665SUSE bug 1089668SUSE bug 1089752CVE-2018-10124 at SUSECVE-2018-10124 at NVDCVE-2018-1087 at SUSECVE-2018-1087 at NVDCVE-2018-8897 at SUSECVE-2018-8897 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for kernel modules packages (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The following kernel modules were rebuild with 'retpoline' enablement
to allow full mitigation of the Spectre Variant 2 (CVE-2017-5715, bsc#1068032)
OFED was adjusted to add an entry to control the loading/unloading of cxgb4 to
/etc/sysconf/infiniband (bsc#926856).
ModerateSUSE bug 1068032SUSE bug 926856CVE-2017-5715 at SUSECVE-2017-5715 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for various KMPs (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update rebuilds missing kernel modules (KMP) to use 'retpolines'
mitigations for Spectre Variant 2 (CVE-2017-5715).
Rebuilt KMP packages:
- cluster-network
- drbd
- gfs2
- iscsitarget
- ocfs2
- ofed
- oracleasm
ModerateSUSE bug 1095824CVE-2017-5715 at SUSECVE-2017-5715 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for krb5 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
krb5 was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-2695: Applications which call gss_inquire_context() on a partially-established SPNEGO context could have caused the GSS-API library to read from a pointer using the wrong type, generally causing a process crash (bsc#952188).
ImportantSUSE bug 952188CVE-2015-2695 at SUSECVE-2015-2695 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for krb5 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The krb5 package was updated to fix the following security and non security issues:
- CVE-2015-2695: Fixed missing functions that were still vulnerable (bsc#954270).
- Fixed a memory leak in the handling of error messages (bsc#954470).
ModerateSUSE bug 954270SUSE bug 954470CVE-2015-2695 at SUSECVE-2015-2695 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for krb5 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for krb5 fixes the following issues:
- CVE-2015-8629: Information leak authenticated attackers with permissions to modify the database (bsc#963968)
- CVE-2015-8631: An authenticated attacker could have caused a memory leak in auditd by supplying a null principal name in request (bsc#963975)
ModerateSUSE bug 963968SUSE bug 963975CVE-2015-8629 at SUSECVE-2015-8629 at NVDCVE-2015-8631 at SUSECVE-2015-8631 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for krb5 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for krb5 fixes the following security issue:
- CVE-2016-3119: An authenticated attacker with permission to modify a
principal entry could have caused kadmind to dereference a null pointer
by supplying an empty DB argument to the modify_principal command,
if kadmind is configured to use the LDAP KDB module. (bsc#971942)
ModerateSUSE bug 971942CVE-2016-3119 at SUSECVE-2016-3119 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for krb5 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for krb5 fixes several issues.
This security issue was fixed:
- CVE-2017-11462: Prevent automatic security context deletion to prevent double-free (bsc#1056995).
- CVE-2018-5729: Null pointer dereference in kadmind or DN container check bypass by supplying special crafted data (bsc#1083926).
- CVE-2018-5730: DN container check bypass by supplying special crafted data (bsc#1083927).
This non-security issue was fixed:
- Avoid indefinite polling in KDC communication. (bsc#970696)
ModerateSUSE bug 1056995SUSE bug 1083926SUSE bug 1083927SUSE bug 970696CVE-2017-11462 at SUSECVE-2017-11462 at NVDCVE-2018-5729 at SUSECVE-2018-5729 at NVDCVE-2018-5730 at SUSECVE-2018-5730 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for krb5 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
krb5 was updated to fix three security issues.
Remote authenticated users could cause denial of service.
These security issues were fixed:
- CVE-2014-5353: NULL pointer dereference when using a ticket policy name as password name (bsc#910457).
- CVE-2014-5354: NULL pointer dereference when using keyless entries (bsc#910458).
- CVE-2014-5355: Denial of service in krb5_read_message (bsc#918595).
ModerateSUSE bug 910457SUSE bug 910458SUSE bug 918595CVE-2014-5353 at SUSECVE-2014-5353 at NVDCVE-2014-5354 at SUSECVE-2014-5354 at NVDCVE-2014-5355 at SUSECVE-2014-5355 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
kvm was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-5154: Host code execution via IDE subsystem CD-ROM (bsc#938344).
ImportantSUSE bug 938344CVE-2015-5154 at SUSECVE-2015-5154 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for kvm fixes the following issues:
Security issues fixed:
- CVE-2015-7512: The receive packet size is now checked in the emulated
pcnet driver, eliminating buffer overflow and potential security
issue by malicious guest systems. (bsc#957162)
- CVE-2015-8345: A infinite loop in processing command block list was fixed that could be
exploit by malicious guest systems (bsc#956829).
Other bugs fixed:
- To assist users past the migration incompatibility discussed in
bsc#950590 (restore migration compatibility with SLE11 SP3 and
SLE12, at the unfortunate expense to prior SLE11 SP4 kvm release
compatability when a virtio-net device is used), print a message
which references the support document TID 7017048.
See https://www.suse.com/support/kb/doc.php?id=7017048
- Fix cases of wrong clock values in kvmclock timekeeping
(bsc#947164 and bsc#953187)
- Enforce pxe rom sizes to ensure migration compatibility.
(bsc#950590)
- Fix kvm live migration fails between sles11 sp3 and sp4 (bsc#950590)
ImportantSUSE bug 947164SUSE bug 950590SUSE bug 953187SUSE bug 956829SUSE bug 957162CVE-2015-7512 at SUSECVE-2015-7512 at NVDCVE-2015-8345 at SUSECVE-2015-8345 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
kvm was updated to fix 33 security issues.
These security issues were fixed:
- CVE-2016-4439: Avoid OOB access in 53C9X emulation (bsc#980711)
- CVE-2016-4441: Avoid OOB access in 53C9X emulation (bsc#980723)
- CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape (bsc#978158)
- CVE-2016-3712: Fixed VGa emulation based DOS and OOB read access exploit (bsc#978160)
- CVE-2016-4037: Fixed USB ehci based DOS (bsc#976109)
- CVE-2016-2538: Fixed potential OOB access in USB net device emulation (bsc#967969)
- CVE-2016-2841: Fixed OOB access / hang in ne2000 emulation (bsc#969350)
- CVE-2016-2858: Avoid potential DOS when using QEMU pseudo random number generator (bsc#970036)
- CVE-2016-2857: Fixed OOB access when processing IP checksums (bsc#970037)
- CVE-2016-4001: Fixed OOB access in Stellaris enet emulated nic (bsc#975128)
- CVE-2016-4002: Fixed OOB access in MIPSnet emulated controller (bsc#975136)
- CVE-2016-4020: Fixed possible host data leakage to guest from TPR access (bsc#975700)
- CVE-2015-3214: Fixed OOB read in i8254 PIC (bsc#934069)
- CVE-2014-9718: Fixed the handling of malformed or short ide PRDTs to avoid any opportunity for guest to cause DoS by abusing that interface (bsc#928393)
- CVE-2014-3689: Fixed insufficient parameter validation in rectangle functions (bsc#901508)
- CVE-2014-3615: The VGA emulator in QEMU allowed local guest users to read host memory by setting the display to a high resolution (bsc#895528).
- CVE-2015-5239: Integer overflow in vnc_client_read() and protocol_client_msg() (bsc#944463).
- CVE-2015-5278: Infinite loop in ne2000_receive() function (bsc#945989).
- CVE-2015-5279: Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU allowed guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets (bsc#945987).
- CVE-2015-5745: Buffer overflow in virtio-serial (bsc#940929).
- CVE-2015-6855: hw/ide/core.c in QEMU did not properly restrict the commands accepted by an ATAPI device, which allowed guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash (bsc#945404).
- CVE-2015-7295: hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allowed remote attackers to cause a denial of service (guest network consumption) via a flood of jumbo frames on the (1) tuntap or (2) macvtap interface (bsc#947159).
- CVE-2015-7549: PCI null pointer dereferences (bsc#958917).
- CVE-2015-8504: VNC floating point exception (bsc#958491).
- CVE-2015-8558: Infinite loop in ehci_advance_state resulting in DoS (bsc#959005).
- CVE-2015-8613: Wrong sized memset in megasas command handler (bsc#961358).
- CVE-2015-8619: Potential DoS for long HMP sendkey command argument (bsc#960334).
- CVE-2015-8743: OOB memory access in ne2000 ioport r/w functions (bsc#960725).
- CVE-2016-1568: AHCI use-after-free in aio port commands (bsc#961332).
- CVE-2016-1714: Potential OOB memory access in processing firmware configuration (bsc#961691).
- CVE-2016-1922: NULL pointer dereference when processing hmp i/o command (bsc#962320).
- CVE-2016-1981: Potential DoS (infinite loop) in e1000 device emulation by malicious privileged user within guest (bsc#963782).
- CVE-2016-2198: Malicious privileged guest user were able to cause DoS by writing to read-only EHCI capabilities registers (bsc#964413).
This non-security issue was fixed:
- Fix case of IDE interface needing busy status set before flush (bsc#936132)
ImportantSUSE bug 895528SUSE bug 901508SUSE bug 928393SUSE bug 934069SUSE bug 936132SUSE bug 940929SUSE bug 944463SUSE bug 945404SUSE bug 945987SUSE bug 945989SUSE bug 947159SUSE bug 958491SUSE bug 958917SUSE bug 959005SUSE bug 960334SUSE bug 960725SUSE bug 961332SUSE bug 961333SUSE bug 961358SUSE bug 961556SUSE bug 961691SUSE bug 962320SUSE bug 963782SUSE bug 964413SUSE bug 967969SUSE bug 969350SUSE bug 970036SUSE bug 970037SUSE bug 975128SUSE bug 975136SUSE bug 975700SUSE bug 976109SUSE bug 978158SUSE bug 978160SUSE bug 980711SUSE bug 980723CVE-2014-3615 at SUSECVE-2014-3615 at NVDCVE-2014-3689 at SUSECVE-2014-3689 at NVDCVE-2014-9718 at SUSECVE-2014-9718 at NVDCVE-2015-3214 at SUSECVE-2015-3214 at NVDCVE-2015-5239 at SUSECVE-2015-5239 at NVDCVE-2015-5278 at SUSECVE-2015-5278 at NVDCVE-2015-5279 at SUSECVE-2015-5279 at NVDCVE-2015-5745 at SUSECVE-2015-5745 at NVDCVE-2015-6855 at SUSECVE-2015-6855 at NVDCVE-2015-7295 at SUSECVE-2015-7295 at NVDCVE-2015-7549 at SUSECVE-2015-7549 at NVDCVE-2015-8504 at SUSECVE-2015-8504 at NVDCVE-2015-8558 at SUSECVE-2015-8558 at NVDCVE-2015-8613 at SUSECVE-2015-8613 at NVDCVE-2015-8619 at SUSECVE-2015-8619 at NVDCVE-2015-8743 at SUSECVE-2015-8743 at NVDCVE-2016-1568 at SUSECVE-2016-1568 at NVDCVE-2016-1714 at SUSECVE-2016-1714 at NVDCVE-2016-1922 at SUSECVE-2016-1922 at NVDCVE-2016-1981 at SUSECVE-2016-1981 at NVDCVE-2016-2198 at SUSECVE-2016-2198 at NVDCVE-2016-2538 at SUSECVE-2016-2538 at NVDCVE-2016-2841 at SUSECVE-2016-2841 at NVDCVE-2016-2857 at SUSECVE-2016-2857 at NVDCVE-2016-2858 at SUSECVE-2016-2858 at NVDCVE-2016-3710 at SUSECVE-2016-3710 at NVDCVE-2016-3712 at SUSECVE-2016-3712 at NVDCVE-2016-4001 at SUSECVE-2016-4001 at NVDCVE-2016-4002 at SUSECVE-2016-4002 at NVDCVE-2016-4020 at SUSECVE-2016-4020 at NVDCVE-2016-4037 at SUSECVE-2016-4037 at NVDCVE-2016-4439 at SUSECVE-2016-4439 at NVDCVE-2016-4441 at SUSECVE-2016-4441 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for kvm (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
kvm was updated to fix 16 security issues.
These security issues were fixed:
- CVE-2015-6815: e1000 NIC emulation support was vulnerable to an infinite loop issue. A privileged user inside guest could have used this flaw to crash the Qemu instance resulting in DoS. (bsc#944697).
- CVE-2016-2391: The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allowed local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers (bsc#967013).
- CVE-2016-2392: The is_rndis function in the USB Net device emulator (hw/usb/dev-network.c) in QEMU did not properly validate USB configuration descriptor objects, which allowed local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving a remote NDIS control message packet (bsc#967012).
- CVE-2016-4453: The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command (bsc#982223).
- CVE-2016-4454: The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allowed local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read (bsc#982222).
- CVE-2016-5105: The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, used an uninitialized variable, which allowed local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface (MFI) command (bsc#982017).
- CVE-2016-5106: The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allowed local guest administrators to cause a denial of service (out-of-bounds write access) via vectors involving a MegaRAID Firmware Interface (MFI) command (bsc#982018).
- CVE-2016-5107: The megasas_lookup_frame function in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allowed local guest OS administrators to cause a denial of service (out-of-bounds read and crash) via unspecified vectors (bsc#982019).
- CVE-2016-5126: Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allowed local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call (bsc#982285).
- CVE-2016-5238: The get_cmd function in hw/scsi/esp.c in QEMU allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode (bsc#982959).
- CVE-2016-5337: The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allowed local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information (bsc#983961).
- CVE-2016-5338: The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allowed local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information transfer buffer (bsc#983982).
- CVE-2016-5403: The virtqueue_pop function in hw/virtio/virtio.c in QEMU allowed local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion (bsc#991080).
- CVE-2016-6490: Infinite loop in the virtio framework. A privileged user inside the guest could have used this flaw to crash the Qemu instance on the host resulting in DoS (bsc#991466).
- CVE-2016-7116: Host directory sharing via Plan 9 File System(9pfs) was vulnerable to a directory/path traversal issue. A privileged user inside guest could have used this flaw to access undue files on the host (bsc#996441).
- CVE-2014-7815: The set_pixel_format function in ui/vnc.c in QEMU allowed remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value (bsc#902737).
ModerateSUSE bug 902737SUSE bug 944697SUSE bug 967012SUSE bug 967013SUSE bug 982017SUSE bug 982018SUSE bug 982019SUSE bug 982222SUSE bug 982223SUSE bug 982285SUSE bug 982959SUSE bug 983961SUSE bug 983982SUSE bug 991080SUSE bug 991466SUSE bug 996441CVE-2014-7815 at SUSECVE-2014-7815 at NVDCVE-2015-6815 at SUSECVE-2015-6815 at NVDCVE-2016-2391 at SUSECVE-2016-2391 at NVDCVE-2016-2392 at SUSECVE-2016-2392 at NVDCVE-2016-4453 at SUSECVE-2016-4453 at NVDCVE-2016-4454 at SUSECVE-2016-4454 at NVDCVE-2016-5105 at SUSECVE-2016-5105 at NVDCVE-2016-5106 at SUSECVE-2016-5106 at NVDCVE-2016-5107 at SUSECVE-2016-5107 at NVDCVE-2016-5126 at SUSECVE-2016-5126 at NVDCVE-2016-5238 at SUSECVE-2016-5238 at NVDCVE-2016-5337 at SUSECVE-2016-5337 at NVDCVE-2016-5338 at SUSECVE-2016-5338 at NVDCVE-2016-5403 at SUSECVE-2016-5403 at NVDCVE-2016-6490 at SUSECVE-2016-6490 at NVDCVE-2016-7116 at SUSECVE-2016-7116 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for kvm fixes the following issues:
- Address various security/stability issues
* Fix OOB access in xlnx.xpx-ethernetlite emulation (CVE-2016-7161 bsc#1001151)
* Fix OOB access in VMware SVGA emulation (CVE-2016-7170 bsc#998516)
* Fix DOS in ColdFire Fast Ethernet Controller emulation
(CVE-2016-7908 bsc#1002550)
* Fix DOS in USB xHCI emulation (CVE-2016-8576 bsc#1003878)
* Fix DOS in virtio-9pfs (CVE-2016-8578 bsc#1003894)
* Fix DOS in virtio-9pfs (CVE-2016-9105 bsc#1007494)
* Fix DOS in virtio-9pfs (CVE-2016-8577 bsc#1003893)
* Plug data leak in virtio-9pfs interface (CVE-2016-9103 bsc#1007454)
* Fix DOS in virtio-9pfs interface (CVE-2016-9102 bsc#1007450)
* Fix DOS in virtio-9pfs (CVE-2016-9106 bsc#1007495)
* Fix DOS in 16550A UART emulation (CVE-2016-8669 bsc#1004707)
* Fix DOS in PC-Net II emulation (CVE-2016-7909 bsc#1002557)
* Fix DOS in PRO100 emulation (CVE-2016-9101 bsc#1007391)
* Fix DOS in RTL8139 emulation (CVE-2016-8910 bsc#1006538)
* Fix DOS in Intel HDA controller emulation (CVE-2016-8909 bsc#1006536)
* Fix DOS in virtio-9pfs (CVE-2016-9104 bsc#1007493)
* Fix DOS in JAZZ RC4030 emulation (CVE-2016-8667 bsc#1004702)
- Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE11-SP4
- Remove semi-contradictory and now determined erroneous statement
in kvm-supported.txt regarding not running ntp in kvm guest when
kvm-clock is used. It is now recommended to use ntp in guest in
this case.
ImportantSUSE bug 1001151SUSE bug 1002550SUSE bug 1002557SUSE bug 1003878SUSE bug 1003893SUSE bug 1003894SUSE bug 1004702SUSE bug 1004707SUSE bug 1006536SUSE bug 1006538SUSE bug 1007391SUSE bug 1007450SUSE bug 1007454SUSE bug 1007493SUSE bug 1007494SUSE bug 1007495SUSE bug 998516CVE-2016-7161 at SUSECVE-2016-7161 at NVDCVE-2016-7170 at SUSECVE-2016-7170 at NVDCVE-2016-7908 at SUSECVE-2016-7908 at NVDCVE-2016-7909 at SUSECVE-2016-7909 at NVDCVE-2016-8576 at SUSECVE-2016-8576 at NVDCVE-2016-8577 at SUSECVE-2016-8577 at NVDCVE-2016-8578 at SUSECVE-2016-8578 at NVDCVE-2016-8667 at SUSECVE-2016-8667 at NVDCVE-2016-8669 at SUSECVE-2016-8669 at NVDCVE-2016-8909 at SUSECVE-2016-8909 at NVDCVE-2016-8910 at SUSECVE-2016-8910 at NVDCVE-2016-9101 at SUSECVE-2016-9101 at NVDCVE-2016-9102 at SUSECVE-2016-9102 at NVDCVE-2016-9103 at SUSECVE-2016-9103 at NVDCVE-2016-9104 at SUSECVE-2016-9104 at NVDCVE-2016-9105 at SUSECVE-2016-9105 at NVDCVE-2016-9106 at SUSECVE-2016-9106 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for kvm fixes several issues.
These security issues were fixed:
- CVE-2017-2620: In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine cirrus_bitblt_cputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation (bsc#1024972)
- CVE-2017-2615: An error in the bitblt copy operation could have allowed a malicious guest administrator to cause an out of bounds memory access, possibly leading to information disclosure or privilege escalation (bsc#1023004)
- CVE-2016-9776: The ColdFire Fast Ethernet Controller emulator support was vulnerable to an infinite loop issue while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could have used this issue to crash the Qemu process on the host leading to DoS (bsc#1013285)
- CVE-2016-9911: The USB EHCI Emulation support was vulnerable to a memory leakage issue while processing packet data in 'ehci_init_transfer'. A guest user/process could have used this issue to leak host memory, resulting in DoS for the host (bsc#1014111)
- CVE-2016-9907: The USB redirector usb-guest support was vulnerable to a memory leakage flaw when destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could have used this issue to leak host memory, resulting in DoS for a host (bsc#1014109)
- CVE-2016-9921: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1014702)
- CVE-2016-9922: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1014702)
- CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow allowing a privileged user inside the guest to crash the Qemu process resulting in DoS (bnc#1023907)
- CVE-2016-10155: The virtual hardware watchdog 'wdt_i6300esb' was vulnerable to a memory leakage issue allowing a privileged user to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1021129)
- CVE-2017-5856: The MegaRAID SAS 8708EM2 Host Bus Adapter emulation support was vulnerable to a memory leakage issue allowing a privileged user to leak host memory resulting in DoS (bsc#1023053)
These non-security issues were fixed:
- Fixed various inaccuracies in cirrus vga device emulation
- Fixed virtio interface failure (bsc#1015048)
- Fixed graphical update errors introduced by previous security fix (bsc#1016779)
ImportantSUSE bug 1013285SUSE bug 1014109SUSE bug 1014111SUSE bug 1014702SUSE bug 1015048SUSE bug 1015169SUSE bug 1016779SUSE bug 1021129SUSE bug 1023004SUSE bug 1023053SUSE bug 1023907SUSE bug 1024972CVE-2016-10155 at SUSECVE-2016-10155 at NVDCVE-2016-9776 at SUSECVE-2016-9776 at NVDCVE-2016-9907 at SUSECVE-2016-9907 at NVDCVE-2016-9911 at SUSECVE-2016-9911 at NVDCVE-2016-9921 at SUSECVE-2016-9921 at NVDCVE-2016-9922 at SUSECVE-2016-9922 at NVDCVE-2017-2615 at SUSECVE-2017-2615 at NVDCVE-2017-2620 at SUSECVE-2017-2620 at NVDCVE-2017-5856 at SUSECVE-2017-5856 at NVDCVE-2017-5898 at SUSECVE-2017-5898 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for kvm fixes several issues.
These security issues were fixed:
- CVE-2016-9602: The VirtFS host directory sharing via Plan 9 File System(9pfs) support was vulnerable to an improper link following issue which allowed a privileged user inside guest to access host file system beyond the shared folder and potentially escalating their privileges on a host (bsc#1020427)
- CVE-2016-9603: A privileged user within the guest VM could have caused a heap overflow in the device model process, potentially escalating their privileges to that of the device model process (bsc#1028656)
- CVE-2017-10664: qemu-nbd did not ignore SIGPIPE, which allowed remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt (bsc#1046636)
- CVE-2017-10806: Stack-based buffer overflow allowed local guest OS users to cause a denial of service (QEMU process crash) via vectors related to logging debug messages (bsc#1047674).
- CVE-2017-11334: The address_space_write_continue function allowed local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest ram block area (bsc#1048902).
- CVE-2017-11434: The dhcp_decode function in slirp/bootp.c allowed local guest OS users to cause a denial of service (out-of-bounds read) via a crafted DHCP options string (bsc#1049381)
- CVE-2017-13672: The VGA display emulator support allowed local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors involving display update (bsc#1056334).
- CVE-2017-14167: Integer overflow in the load_multiboot function allowed local guest OS users to execute arbitrary code on the host via crafted multiboot header address values, which trigger an out-of-bounds write (bsc#1057585).
- CVE-2017-15038: Race condition in the v9fs_xattrwalk function local guest OS users to obtain sensitive information from host heap memory via vectors related to reading extended attributes (bsc#1062069).
- CVE-2017-15289: The mode4and5 write functions allowed local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation (bsc#1063122).
- CVE-2017-5579: The 16550A UART serial device emulation support was vulnerable to a memory leakage issue allowing a privileged user to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1021741)
- CVE-2017-5973: A infinite loop while doing control transfer in xhci_kick_epctx allowed privileged user inside the guest to crash the host process resulting in DoS (bsc#1025109)
- CVE-2017-6505: The ohci_service_ed_list function allowed local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors (bsc#1028184)
- CVE-2017-7471: The VirtFS host directory sharing via Plan 9 File System(9pfs) support was vulnerable to an improper access control issue which allowed a privileged user inside guest to access host file system beyond the shared folder and potentially escalating their privileges on a host (bsc#1034866)
- CVE-2017-7493: The VirtFS, host directory sharing via Plan 9 File System(9pfs) support, was vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest user could have used this flaw to escalate their privileges inside guest (bsc#1039495)
- CVE-2017-7718: hw/display/cirrus_vga_rop.h allowed local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions (bsc#1034908)
- CVE-2017-7980: An out-of-bounds r/w access issues in the Cirrus CLGD 54xx VGA Emulator support allowed privileged user inside guest to use this flaw to crash the Qemu process resulting in DoS or potentially execute arbitrary code on a host with privileges of Qemu process on the host (bsc#1035406)
- CVE-2017-8086: A memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c allowed local guest OS privileged users to cause a denial of service (memory consumption) via vectors involving the orig_value variable (bsc#1035950)
- CVE-2017-8309: Memory leak in the audio/audio.c allowed remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture (bsc#1037242)
- CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value (bsc#1042159)
- CVE-2017-9373: The IDE AHCI Emulation support was vulnerable to a host memory leakage issue, which allowed a privileged user inside guest to leak host memory resulting in DoS (bsc#1042801)
- CVE-2017-9375: The USB xHCI controller emulator support was vulnerable to an infinite recursive call loop issue, which allowed a privileged user inside guest to crash the Qemu process resulting in DoS (bsc#1042800)
- CVE-2017-9503: The MegaRAID SAS 8708EM2 Host Bus Adapter emulation support was vulnerable to a null pointer dereference issue which allowed a privileged user inside guest to crash the Qemu process on the host resulting in DoS (bsc#1043296)
- Privilege escalation in TCG mode (bsc#1030624)
These non-security issues were fixed:
- bsc#1038396: Fixed 12 tempest tests
- bsc#1045035: Fixed regression introduced by previous virtfs security fixes
- bsc#1034044: Prevent KVM guests stuck when waiting for sg_io() completion
- bsc#1031051: Prevent I/O errors when using pvmove with disk device=lun
- bsc#1049785: Make virsh dump output readable by crash
ImportantSUSE bug 1020427SUSE bug 1021741SUSE bug 1025109SUSE bug 1028184SUSE bug 1028656SUSE bug 1030624SUSE bug 1031051SUSE bug 1034044SUSE bug 1034866SUSE bug 1034908SUSE bug 1035406SUSE bug 1035950SUSE bug 1037242SUSE bug 1038396SUSE bug 1039495SUSE bug 1042159SUSE bug 1042800SUSE bug 1042801SUSE bug 1043296SUSE bug 1045035SUSE bug 1046636SUSE bug 1047674SUSE bug 1048902SUSE bug 1049381SUSE bug 1049785SUSE bug 1056334SUSE bug 1057585SUSE bug 1062069SUSE bug 1063122CVE-2016-9602 at SUSECVE-2016-9602 at NVDCVE-2016-9603 at SUSECVE-2016-9603 at NVDCVE-2017-10664 at SUSECVE-2017-10664 at NVDCVE-2017-10806 at SUSECVE-2017-10806 at NVDCVE-2017-11334 at SUSECVE-2017-11334 at NVDCVE-2017-11434 at SUSECVE-2017-11434 at NVDCVE-2017-13672 at SUSECVE-2017-13672 at NVDCVE-2017-14167 at SUSECVE-2017-14167 at NVDCVE-2017-15038 at SUSECVE-2017-15038 at NVDCVE-2017-15289 at SUSECVE-2017-15289 at NVDCVE-2017-5579 at SUSECVE-2017-5579 at NVDCVE-2017-5973 at SUSECVE-2017-5973 at NVDCVE-2017-6505 at SUSECVE-2017-6505 at NVDCVE-2017-7471 at SUSECVE-2017-7471 at NVDCVE-2017-7493 at SUSECVE-2017-7493 at NVDCVE-2017-7718 at SUSECVE-2017-7718 at NVDCVE-2017-7980 at SUSECVE-2017-7980 at NVDCVE-2017-8086 at SUSECVE-2017-8086 at NVDCVE-2017-8309 at SUSECVE-2017-8309 at NVDCVE-2017-9330 at SUSECVE-2017-9330 at NVDCVE-2017-9373 at SUSECVE-2017-9373 at NVDCVE-2017-9375 at SUSECVE-2017-9375 at NVDCVE-2017-9503 at SUSECVE-2017-9503 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for kvm fixes the following issues:
Also a mitigation for a security flaw has been applied:
- CVE-2017-5715: QEMU was updated to allow passing through new MSR and CPUID flags from
the host VM to the CPU, to allow enabling/disabling branch prediction features in the
Intel CPU. (bsc#1068032)
Security fixes have been applied:
- CVE-2017-2633: Fix various out of bounds access issues in the QEMU vnc infrastructure (bsc#1026612)
ImportantSUSE bug 1026612SUSE bug 1068032CVE-2017-2633 at SUSECVE-2017-2633 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for kvm fixes the following issues:
- This update has the next round of Spectre v2 related patches,
which now integrates with corresponding changes in libvirt. A
January 2018 release of qemu initially addressed the Spectre v2
vulnerability for KVM guests by exposing the spec-ctrl feature
for all x86 vcpu types, which was the quick and dirty approach,
but not the proper solution. We remove that initial patch and now
rely on patches from upstream. This update defines spec_ctrl and
ibpb cpu feature flags as well as new cpu models which are clones
of existing models with either -IBRS or -IBPB added to the end of
the model name. These new vcpu models explicitly include the new
feature(s), whereas the feature flags can be added to the cpu
parameter as with other features. In short, for continued Spectre
v2 protection, ensure that either the appropriate cpu feature
flag is added to the QEMU command-line, or one of the new cpu
models is used. Although migration from older versions is
supported, the new cpu features won't be properly exposed to the
guest until it is restarted with the cpu features explicitly
added. A reboot is insufficient.
- A warning patch is added which attempts to detect a migration
from a qemu version which had the quick and dirty fix (it only
detects certain cases, but hopefully is helpful.)
For additional information on Spectre v2 as it relates to QEMU,
see: https://www.qemu.org/2018/02/14/qemu-2-11-1-and-spectre-update/
(CVE-2017-5715 bsc#1068032)
- A patch is added to continue to detect Spectre v2 mitigation
features (as shown by cpuid), and if found provide that feature
to guests, even if running on older KVM (kernel) versions which
do not yet expose that feature to QEMU. (bsc#1082276)
These two patches will be removed when we can reasonably assume
everyone is running with the appropriate updates.
- Security fixes for the following CVE issues:
(bsc#1076114 CVE-2018-5683)
(bsc#1083291 CVE-2018-7550)
- This patch is already included, add here for CVE track
(bsc#1076179 CVE-2017-18030)
- Toolchain changes have cause the built size of pxe-virtio.rom to
exceed 64K. Tweak rarely used strings in code to reduce size of
the binary so it fits again.
- Eliminate bogus use of CPUID_7_0_EDX_PRED_CMD which we've
carried since the initial Spectre v2 patch was added. EDX bit
27 of CPUID Leaf 07H, Sub-leaf 0 provides status on STIBP, and
not the PRED_CMD MSR. Exposing the STIBP CPUID feature bit to the
guest is wrong in general, since the VM doesn't directly control
the scheduling of physical hyperthreads. This is left strictly to
the L0 hypervisor.
ImportantSUSE bug 1068032SUSE bug 1076114SUSE bug 1076179SUSE bug 1082276SUSE bug 1083291CVE-2017-18030 at SUSECVE-2017-18030 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2018-5683 at SUSECVE-2018-5683 at NVDCVE-2018-7550 at SUSECVE-2018-7550 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for kvm fixes one security issues.
This security issue was fixed:
- CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests (bsc#1092885).
Systems with microprocessors utilizing speculative execution and speculative
execution of memory reads before the addresses of all prior memory writes are
known may allow unauthorized disclosure of information to an attacker with
local user access via a side-channel analysis.
This patch permits the new x86 cpu feature flag named 'ssbd' to be
presented to the guest, given that the host has this feature, and
KVM exposes it to the guest as well.
For this feature to be enabled please use the qemu commandline
-cpu $MODEL,+spec-ctrl,+ssbd
so the guest OS can take advantage of the feature.
spec-ctrl and ssbd support is also required in the host.
ImportantSUSE bug 1092885CVE-2018-3639 at SUSECVE-2018-3639 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for kvm (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for kvm fixes the following security issues:
- CVE-2018-12617: qmp_guest_file_read had an integer overflow that could have
been exploited by sending a crafted QMP command (including guest-file-read with
a large count value) to the agent via the listening socket causing DoS
(bsc#1098735)
- CVE-2018-11806: Prevent heap-based buffer overflow via incoming fragmented
datagrams (bsc#1096223)
With this release the mitigations for Spectre v4 are moved the the patches from
upstream (CVE-2018-3639, bsc#1092885).
ModerateSUSE bug 1092885SUSE bug 1096223SUSE bug 1098735CVE-2018-11806 at SUSECVE-2018-11806 at NVDCVE-2018-12617 at SUSECVE-2018-12617 at NVDCVE-2018-3639 at SUSECVE-2018-3639 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for kvm (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for kvm fixes the following issues:
Security issues fixed:
- CVE-2018-10839: Fixed NE2000 NIC emulation support that is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS (bsc#1110910).
- CVE-2018-15746: Fixed qemu-seccomp.c that might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread (bsc#1106222).
- CVE-2018-17958: Fixed a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used (bsc#1111006).
- CVE-2018-17962: Fixed a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used (bsc#1111010).
- CVE-2018-17963: Fixed qemu_deliver_packet_iov in net/net.c that accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. (bsc#1111013)
- CVE-2018-18849: Fixed an out of bounds memory access issue that was found in the LSI53C895A SCSI Host Bus Adapter emulation while writing a message in lsi_do_msgin. It could occur during migration if the 'msg_len' field has an invalid value. A user/process could use this flaw to crash the Qemu process resulting in DoS (bsc#1114422).
- CVE-2018-18438: Fixed integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value (bnc#1112185).
ModerateSUSE bug 1106222SUSE bug 1110910SUSE bug 1111006SUSE bug 1111010SUSE bug 1111013SUSE bug 1112185SUSE bug 1114422CVE-2018-10839 at SUSECVE-2018-10839 at NVDCVE-2018-15746 at SUSECVE-2018-15746 at NVDCVE-2018-17958 at SUSECVE-2018-17958 at NVDCVE-2018-17962 at SUSECVE-2018-17962 at NVDCVE-2018-17963 at SUSECVE-2018-17963 at NVDCVE-2018-18438 at SUSECVE-2018-18438 at NVDCVE-2018-18849 at SUSECVE-2018-18849 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for kvm fixes the following issues:
Security issues fixed:
- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156).
- CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275).
- CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717).
Non-security issue fixed:
- Fixed LAPIC TSC deadline timer save/restore (bsc#1109544)
ImportantSUSE bug 1109544SUSE bug 1116717SUSE bug 1117275SUSE bug 1123156CVE-2018-19364 at SUSECVE-2018-19364 at NVDCVE-2018-19489 at SUSECVE-2018-19489 at NVDCVE-2019-6778 at SUSECVE-2019-6778 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for kvm fixes the following issues:
- CVE-2019-9824: Fixed an information leak in slirp (bsc#1129622)
- CVE-2018-20815: Fix DOS possibility in device tree processing (bsc#1130675)
- CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature 'md-clear' (bsc#1111331)
ImportantSUSE bug 1111331SUSE bug 1129622SUSE bug 1130675CVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2018-20815 at SUSECVE-2018-20815 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDCVE-2019-9824 at SUSECVE-2019-9824 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for kvm fixes the following issues:
Security issues fixed:
- CVE-2019-14378: Security fix for heap overflow in ip_reass on big packet input (bsc#1143794).
- CVE-2019-12155: Security fix for null pointer dereference while releasing spice resources (bsc#1135902).
- CVE-2019-13164: Security fix for qemu-bridge-helper ACL can be bypassed when names are too long (bsc#1140402).
ImportantSUSE bug 1135902SUSE bug 1140402SUSE bug 1143794CVE-2019-12155 at SUSECVE-2019-12155 at NVDCVE-2019-13164 at SUSECVE-2019-13164 at NVDCVE-2019-14378 at SUSECVE-2019-14378 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for kvm (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for kvm fixes the following issues:
Security issues fixed:
- CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation (bsc#1146873).
- CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp (bsc#1170940).
- CVE-2020-8608: Fixed a potential OOB access in slirp (bsc#1163018).
- CVE-2020-7039: Fixed a potential OOB access in slirp (bsc#1161066).
- CVE-2019-15890: Fixed a use-after-free during packet reassembly in slirp (bsc#1149811).
- Fixed multiple potential DoS issues in SLIRP, similar to CVE-2019-6778 (bsc#1123156).
ModerateSUSE bug 1123156SUSE bug 1146873SUSE bug 1149811SUSE bug 1161066SUSE bug 1163018SUSE bug 1170940CVE-2019-12068 at SUSECVE-2019-12068 at NVDCVE-2019-15890 at SUSECVE-2019-15890 at NVDCVE-2019-6778 at SUSECVE-2019-6778 at NVDCVE-2020-1983 at SUSECVE-2020-1983 at NVDCVE-2020-7039 at SUSECVE-2020-7039 at NVDCVE-2020-8608 at SUSECVE-2020-8608 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for kvm fixes the following issues:
- Fix OOB read and write due to integer overflow in sm501_2d_operation() in hw/display/sm501.c (CVE-2020-12829, bsc#1172385)
- Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362 bsc#1172383)
- Fix use-after-free in usb xhci packet handling (CVE-2020-25723, bsc#1178934)
- Fix use-after-free in usb ehci packet handling (CVE-2020-25084, bsc#1176673)
- Fix OOB access in usb hcd-ohci emulation (CVE-2020-25624, bsc#1176682)
- Fix infinite loop (DoS) in usb hcd-ohci emulation (CVE-2020-25625, bsc#1176684)
- Fix OOB access in atapi emulation (CVE-2020-29443, bsc#1181108)
- Fix DoS in e1000 emulated device (CVE-2021-20257 bsc#1182577)
- Fix OOB access in SLIRP ARP packet processing (CVE-2020-29130, bsc#1179467)
- Fix OOB access while processing USB packets (CVE-2020-14364 bsc#1175441)
- Fix potential privilege escalation in virtfs (CVE-2021-20181 bsc#1182137)
- Fix package scripts to not use hard coded paths for temporary working directories and log files (bsc#1182425)
- Fix OOB access possibility in ES1370 audio device emulation (CVE-2020-13361 bsc#1172384)
- Fix OOB access in ROM loading (CVE-2020-13765 bsc#1172478)
ImportantSUSE bug 1172383SUSE bug 1172384SUSE bug 1172385SUSE bug 1172478SUSE bug 1175441SUSE bug 1176673SUSE bug 1176682SUSE bug 1176684SUSE bug 1178934SUSE bug 1179467SUSE bug 1181108SUSE bug 1182137SUSE bug 1182425SUSE bug 1182577CVE-2014-3689 at SUSECVE-2014-3689 at NVDCVE-2015-1779 at SUSECVE-2015-1779 at NVDCVE-2020-12829 at SUSECVE-2020-12829 at NVDCVE-2020-13361 at SUSECVE-2020-13361 at NVDCVE-2020-13362 at SUSECVE-2020-13362 at NVDCVE-2020-13765 at SUSECVE-2020-13765 at NVDCVE-2020-14364 at SUSECVE-2020-14364 at NVDCVE-2020-25084 at SUSECVE-2020-25084 at NVDCVE-2020-25624 at SUSECVE-2020-25624 at NVDCVE-2020-25625 at SUSECVE-2020-25625 at NVDCVE-2020-25723 at SUSECVE-2020-25723 at NVDCVE-2020-29130 at SUSECVE-2020-29130 at NVDCVE-2020-29443 at SUSECVE-2020-29443 at NVDCVE-2021-20181 at SUSECVE-2021-20181 at NVDCVE-2021-20257 at SUSECVE-2021-20257 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for kvm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for kvm fixes the following issues:
- CVE-2021-3594: invalid pointer initialization may lead to information disclosure in slirp (udp) (bsc#1187367)
- CVE-2021-3592: invalid pointer initialization may lead to information disclosure (bootp). (bsc#1187364)
- CVE-2021-3416: infinite loop in loopback mode may lead to stack overflow. (bsc#1186473)
- CVE-2020-15469: MMIO ops null pointer dereference may lead to DoS. (bsc#1173612)
- CVE-2020-11947: iscsi_aio_ioctl_cb in block/iscsi.c has a heap-based buffer over-read. (bsc#1180523)
- CVE-2021-20221: out-of-bound heap buffer access via an interrupt ID field. (bsc#1181933)
- CVE-2020-25707: infinite loop in e1000e_write_packet_to_guest() in hw/net/e1000e_core.c. (bsc#1178683)
- CVE-2020-15863: stack-based overflow in xgmac_enet_send() in hw/net/xgmac.c. (bsc#1174386)
ImportantSUSE bug 1173612SUSE bug 1174386SUSE bug 1178683SUSE bug 1180523SUSE bug 1181933SUSE bug 1186473SUSE bug 1187364SUSE bug 1187367CVE-2020-11947 at SUSECVE-2020-11947 at NVDCVE-2020-15469 at SUSECVE-2020-15469 at NVDCVE-2020-15863 at SUSECVE-2020-15863 at NVDCVE-2020-25707 at SUSECVE-2020-25707 at NVDCVE-2021-20221 at SUSECVE-2021-20221 at NVDCVE-2021-3416 at SUSECVE-2021-3416 at NVDCVE-2021-3592 at SUSECVE-2021-3592 at NVDCVE-2021-3594 at SUSECVE-2021-3594 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for lha (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
lha was updated to fix one security issue.
This security issue was fixed:
- CVE-2016-1925: Buffer Overflow while parsing level0 and level1 headers (bsc#962528).
ModerateSUSE bug 962528CVE-2016-1925 at SUSECVE-2016-1925 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libapr-util1 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libapr-util1 fixes the following issues:
Security issue fixed:
- CVE-2017-12618: DoS via crafted SDBM database files in apr_sdbm*() functions (bsc#1064990)
ModerateSUSE bug 1064990CVE-2017-12618 at SUSECVE-2017-12618 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libapr1 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update fixes the following issues:
- CVE-2017-12613: DoS or information disclosure in pr_exp_time*() or apr_os_exp_time*() functions (bsc#1064982).
ModerateSUSE bug 1064982CVE-2017-12613 at SUSECVE-2017-12613 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libcaca (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for libcaca fixes the following issues:
- CVE-2021-30499: Fixed a memory corruption issue when exporting troff sources (bsc#1184751).
- CVE-2021-30498: Fixed a memory corruption issue when exporting TGA images (bsc#1184752).
ImportantSUSE bug 1184751SUSE bug 1184752CVE-2021-30498 at SUSECVE-2021-30498 at NVDCVE-2021-30499 at SUSECVE-2021-30499 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for libcap-ng (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
libcap-ng was updated to fix one security issue.
This security issue was fixed:
- CVE-2014-3215: seunshare in policycoreutils (which uses libcap-ng) is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which made it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges (bsc#876832).
ModerateSUSE bug 876832CVE-2014-3215 at SUSECVE-2014-3215 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libcares2 (Low)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libcares2 fixes the following issues:
- Add patch to fix single byte out of buffer write
(CVE-2016-5180, bsc#1007728)
LowSUSE bug 1007728CVE-2016-5180 at SUSECVE-2016-5180 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libcares2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for libcares2 fixes the following issues:
- CVE-2021-3672: Fixed input validation on hostnames (bsc#1188881).
ImportantSUSE bug 1188881CVE-2021-3672 at SUSECVE-2021-3672 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for libcgroup1 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libcgroup1 fixes the following issues:
Security issue fixed:
- CVE-2018-14348: Fix daemon that creates /var/log/cgred with mode 0666 (bsc#1100365).
ModerateSUSE bug 1100365CVE-2018-14348 at SUSECVE-2018-14348 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libcroco (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for libcroco fixes the following issues:
- CVE-2020-12825: Fixed recursion issue in block and any productions (bsc#1171685).
ModerateSUSE bug 1171685CVE-2020-12825 at SUSECVE-2020-12825 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for libdb-4_5 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libdb-4_5 fixes the following issues:
- A DB_CONFIG file in the current working directory allowed local
users to obtain sensitive information via a symlink attack
involving a setgid or setuid application using libdb-4_8. (bsc#1043886)
ModerateSUSE bug 1043886cpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libesmtp (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for libesmtp fixes the following issues:
- CVE-2019-19977: Fixed stack-based buffer over-read in ntlm/ntlmstruct.c (bsc#1160462).
ImportantSUSE bug 1160462SUSE bug 1189097CVE-2019-19977 at SUSECVE-2019-19977 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for libevent (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libevent fixes the following issues:
- CVE-2016-10195: DNS remote stack overread vulnerability (bsc#1022917)
- CVE-2016-10196: stack/buffer overflow in evutil_parse_sockaddr_port() (bsc#1022918) (backport for 2.0.21)
- CVE-2016-10197: out-of-bounds read in search_make_new() (bsc#1022919)
ModerateSUSE bug 1022917SUSE bug 1022918SUSE bug 1022919CVE-2016-10195 at SUSECVE-2016-10195 at NVDCVE-2016-10196 at SUSECVE-2016-10196 at NVDCVE-2016-10197 at SUSECVE-2016-10197 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libexif (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libexif fixes the following security issue:
- CVE-2017-7544: Fixed out-of-bounds heap read vulnerability in
exif_data_save_data_entry function in libexif/exif-data.c caused by improper
length computation of the allocated data of an ExifMnote entry which can cause
denial-of-service or possibly information disclosure (bsc#1059893)
ModerateSUSE bug 1059893CVE-2017-7544 at SUSECVE-2017-7544 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libexif (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for libexif fixes the following issues:
- CVE-2019-9278: Fixed an integer overflow (bsc#1160770).
- CVE-2018-20030: Fixed a denial of service by endless recursion (bsc#1120943).
ModerateSUSE bug 1120943SUSE bug 1160770CVE-2018-20030 at SUSECVE-2018-20030 at NVDCVE-2019-9278 at SUSECVE-2019-9278 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for libgcrypt (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update fixes the following issues:
* Use ciphertext blinding for Elgamal decryption [CVE-2014-3591].
See http://www.cs.tau.ac.il/~tromer/radioexp/ for details.
(bsc#920057)
* Fixed data-dependent timing variations in modular exponentiation
[related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
are Practical]
ModerateSUSE bug 920057CVE-2014-3591 at SUSECVE-2014-3591 at NVDCVE-2015-0837 at SUSECVE-2015-0837 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libgcrypt (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libgcrypt fixes the following issues:
- RNG prediction vulnerability (bsc#994157, CVE-2016-6313)
ModerateSUSE bug 994157CVE-2016-6313 at SUSECVE-2016-6313 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libgcrypt (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libgcrypt fixes the following issues:
- CVE-2017-7526: Hardening a against local side-channel attack in RSA key handling has been added (bsc#1046607)
ModerateSUSE bug 1046607CVE-2017-7526 at SUSECVE-2017-7526 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libgcrypt (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for libgcrypt fixes the following issues:
- CVE-2021-33560: Fixed a side-channel against ElGamal encryption, caused by missing exponent blinding (bsc#1187212).
ImportantSUSE bug 1187212CVE-2021-33560 at SUSECVE-2021-33560 at NVDcpe:/o:suse:suse_sles:11:sp4Recommended update for libical (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libical fixes the following issues:
Security issues fixed:
- CVE-2016-5823: The icalproperty_new_clone function in libical 0.47 and 1.0 allows remote
attackers to cause a denial of service (use-after-free) via a crafted ics file. (bnc#986632)
- CVE-2016-5824: libical 1.0 allows remote attackers to cause a denial of service (use-after-free)
via a crafted ics file. (bsc#986639)
- CVE-2016-5825: The icalparser_parse_string function in libical 0.47 and 1.0 allows remote
attackers to cause a denial of service (out-of-bounds heap read) via a crafted ics file.
(bsc#986642)
- CVE-2016-5826: The parser_get_next_char function in libical 0.47 and 1.0 allows remote attackers
to cause a denial of service (out-of-bounds heap read) by crafting a string to the
icalparser_parse_string function. (bsc#986658)
- CVE-2016-5827: The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers
to cause a denial of service (out-of-bounds heap read) via a crafted string to the
icalparser_parse_string function. (bsc#986631)
- CVE-2016-9584: libical allows remote attackers to cause a denial of service (use-after-free) and
possibly read heap memory via a crafted ics file. (bnc#1015964)
Bug fixes:
- libical crashes while parsing timezones (bsc#1044995)
ModerateSUSE bug 1015964SUSE bug 1044995SUSE bug 986631SUSE bug 986632SUSE bug 986639SUSE bug 986642SUSE bug 986658CVE-2016-5823 at SUSECVE-2016-5823 at NVDCVE-2016-5824 at SUSECVE-2016-5824 at NVDCVE-2016-5825 at SUSECVE-2016-5825 at NVDCVE-2016-5826 at SUSECVE-2016-5826 at NVDCVE-2016-5827 at SUSECVE-2016-5827 at NVDCVE-2016-9584 at SUSECVE-2016-9584 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libidn (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libidn fixes the following issues:
- CVE-2016-6262 and CVE-2015-8948: Out-of-bounds-read when reading one zero byte as input (bsc#990189)
- CVE-2016-6261: Out-of-bounds stack read in idna_to_ascii_4i (bsc#990190)
- CVE-2016-6263: stringprep_utf8_nfkc_normalize reject invalid UTF-8 (bsc#990191)
- CVE-2015-2059: out-of-bounds read with stringprep on invalid UTF-8 (bsc#923241)
ModerateSUSE bug 923241SUSE bug 990189SUSE bug 990190SUSE bug 990191CVE-2015-2059 at SUSECVE-2015-2059 at NVDCVE-2015-8948 at SUSECVE-2015-8948 at NVDCVE-2016-6261 at SUSECVE-2016-6261 at NVDCVE-2016-6262 at SUSECVE-2016-6262 at NVDCVE-2016-6263 at SUSECVE-2016-6263 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libidn (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libidn fixes one issues.
This security issue was fixed:
- CVE-2017-14062: Prevent integer overflow in the decode_digit function that
allowed remote attackers to cause a denial of service or possibly have
unspecified other impact (bsc#1056450).
ModerateSUSE bug 1056450CVE-2017-14062 at SUSECVE-2017-14062 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libksba (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libksba fixes the following issues:
- CVE-2016-4579: Out-of-bounds read in _ksba_ber_parse_tl()
- CVE-2016-4574: two OOB read access bugs (remote DoS) (bsc#979261)
Also adding reliability fixes from v1.3.4.
ModerateSUSE bug 979261SUSE bug 979906CVE-2016-4574 at SUSECVE-2016-4574 at NVDCVE-2016-4579 at SUSECVE-2016-4579 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libksba (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The libksba package was updated to fix the following security issues:
- Fixed an integer overflow, an out of bounds read and a stack overflow issues (bsc#926826).
ModerateSUSE bug 926826cpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for liblouis (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for liblouis fixes several issues.
These security issues were fixed:
- CVE-2017-13739: Prevent heap-based buffer overflow in the function resolveSubtable() that could have caused DoS or remote code execution (bsc#1056101)
- CVE-2017-13740: Prevent stack-based buffer overflow in the function parseChars() that could have caused DoS or possibly unspecified other impact (bsc#1056097) ()
- CVE-2017-13741: Prevent use-after-free in function compileBrailleIndicator() that allowed to cause remote DoS (bsc#1056095)
- CVE_2017-13742: Prevent stack-based buffer overflow in function includeFile that allowed to cause remote DoS (bsc#1056093).
- CVE-2017-13743: Prevent buffer overflow triggered in the function _lou_showString() that allowed to cause remote DoS (bsc#1056090)
ModerateSUSE bug 1056090SUSE bug 1056093SUSE bug 1056095SUSE bug 1056097SUSE bug 1056101CVE-2017-13739 at SUSECVE-2017-13739 at NVDCVE-2017-13740 at SUSECVE-2017-13740 at NVDCVE-2017-13741 at SUSECVE-2017-13741 at NVDCVE-2017-13743 at SUSECVE-2017-13743 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for liblouis (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for liblouis fixes the following issues:
Security issues fixed:
- CVE-2017-15101: Buffer overflow in findTable (bsc#1067336).
- CVE-2014-8184: stack-based buffer overflow in findTable() (bsc#1062458).
ModerateSUSE bug 1062458SUSE bug 1067336CVE-2014-8184 at SUSECVE-2014-8184 at NVDCVE-2017-15101 at SUSECVE-2017-15101 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for liblouis (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for liblouis, python-louis fixes the following issues:
Security issues fixed:
- CVE-2018-11684: Fixed stack-based buffer overflow in the function
includeFile() in compileTranslationTable.c (bsc#1095826)
- CVE-2018-11685: Fixed a stack-based buffer overflow in the function
compileHyphenation() in compileTranslationTable.c (bsc#1095825)
- CVE-2018-11683: Fix a stack-based buffer overflow in the function parseChars()
in compileTranslationTable.c (bsc#1095827)
ModerateSUSE bug 1095825SUSE bug 1095826SUSE bug 1095827CVE-2018-11683 at SUSECVE-2018-11683 at NVDCVE-2018-11684 at SUSECVE-2018-11684 at NVDCVE-2018-11685 at SUSECVE-2018-11685 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for liblouis (Low)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for liblouis and python-louis fixes the following issue:
Security issue fixed:
- CVE-2018-17294: Fixed an out of bounds read in matchCurrentInput function
which could allow a remote attacker to cause Denail of Service (bsc#1109319).
LowSUSE bug 1109319CVE-2018-17294 at SUSECVE-2018-17294 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libmspack (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
libmspack was updated to fix several security vulnerabilities.
- Fix null pointer dereference on a crafted CAB. (bsc#934524, CVE-2014-9732)
- Fix denial of service while processing crafted CHM file. (bsc#934525, CVE-2015-4467)
- Fix denial of service while processing crafted CHM file. (bsc#934529, CVE-2015-4472)
- Fix pointer arithmetic overflow during CHM decompression. (bsc#934526, CVE-2015-4469)
- Fix off-by-one buffer over-read in mspack/mszipd.c. (bsc#934527, CVE-2015-4470)
- Fix off-by-one buffer under-read in mspack/lzxd.c. (bsc#934528, CVE-2015-4471)
ModerateSUSE bug 934524SUSE bug 934525SUSE bug 934526SUSE bug 934527SUSE bug 934528SUSE bug 934529CVE-2014-9732 at SUSECVE-2014-9732 at NVDCVE-2015-4467 at SUSECVE-2015-4467 at NVDCVE-2015-4469 at SUSECVE-2015-4469 at NVDCVE-2015-4470 at SUSECVE-2015-4470 at NVDCVE-2015-4471 at SUSECVE-2015-4471 at NVDCVE-2015-4472 at SUSECVE-2015-4472 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libmspack (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libmspack fixes the following issues:
Security issues fixed:
- CVE-2018-18584: The CAB block input buffer was one byte too small for the maximal Quantum block, leading to an out-of-bounds write. (bsc#1113038)
- CVE-2018-18585: chmd_read_headers accepted a filename that has '\0' as its first or second character (such as the '/\0' name). (bsc#1113039)
ModerateSUSE bug 1113038SUSE bug 1113039CVE-2018-18584 at SUSECVE-2018-18584 at NVDCVE-2018-18585 at SUSECVE-2018-18585 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libotr (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libotr fixes the following issues:
- Apply 'libotr-CVE-2016-2851.patch' to fix integer overflows that
used to occur on 64-bit architectures when receiving 4GB messages.
This flaw could potentially have been exploited by an attacker to
remotely execute arbitrary code on the user's machine.
(CVE-2016-2851, bsc#969785)
ModerateSUSE bug 969785CVE-2016-2851 at SUSECVE-2016-2851 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libpng12-0 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The libpng12-0 package was updated to fix the following security issues:
- CVE-2015-8126: Fixed a buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions (bsc#954980).
- CVE-2015-7981: Fixed an out-of-bound read (bsc#952051).
ModerateSUSE bug 952051SUSE bug 954980CVE-2015-7981 at SUSECVE-2015-7981 at NVDCVE-2015-8126 at SUSECVE-2015-8126 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libpng12-0 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
- security update:
This update fixes the following securit issue:
* CVE-2015-8126 Multiple buffer overflows in the png_set_PLTE and png_get_PLTE functions
allow remote attackers to cause a denial of service (application crash) or possibly have
unspecified other impact [bsc#954980]
ModerateSUSE bug 954980CVE-2015-8126 at SUSECVE-2015-8126 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libpng12-0 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libpng12-0 fixes the following issues:
Security issues fixed:
- CVE-2015-8540: read underflow in libpng (bsc#958791)
- CVE-2016-10087: NULL pointer dereference in png_set_text_2() (bsc#1017646)
ModerateSUSE bug 1017646SUSE bug 958791CVE-2015-8540 at SUSECVE-2015-8540 at NVDCVE-2016-10087 at SUSECVE-2016-10087 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for librsvg (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
librsvg was updated to fix one security issue.
This security issue was fixed:
- CVE-2013-1881: GNOME libsvg allowed remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue (bsc#840753).
ImportantSUSE bug 840753CVE-2013-1881 at SUSECVE-2013-1881 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libsamplerate (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libsamplerate fixes the following issues:
- CVE-2017-7697: Fixed a buffer overflow in calc_output_single. (bsc#1033564)
ModerateSUSE bug 1033564CVE-2017-7697 at SUSECVE-2017-7697 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libsndfile (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The libsndfile package was updated to fix the following security issue:
- CVE-2014-9756: Fixed a divide by zero problem that can lead to a Denial of Service (DoS) (bsc#953521).
- CVE-2015-7805: Fixed heap overflow issue (bsc#953516).
ModerateSUSE bug 953516SUSE bug 953521CVE-2014-9756 at SUSECVE-2014-9756 at NVDCVE-2015-7805 at SUSECVE-2015-7805 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libsndfile (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libsndfile fixes the following issues:
- CVE-2017-7585,CVE-2017-7741,CVE-2017-7742: Some stack-based buffer overflows via a specially crafted FLAC
file were fixed (error in the 'flac_buffer_copy()' function) (bsc#1033054, bsc#1033914, bsc#1033915).
ModerateSUSE bug 1033054SUSE bug 1033914SUSE bug 1033915CVE-2017-7585 at SUSECVE-2017-7585 at NVDCVE-2017-7741 at SUSECVE-2017-7741 at NVDCVE-2017-7742 at SUSECVE-2017-7742 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libsndfile (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libsndfile fixes the following issues:
- CVE-2017-8362: invalid memory read in flac_buffer_copy (flac.c) (bsc#1036943)
- CVE-2017-8365: global buffer overflow in i2les_array (pcm.c) (bsc#1036946)
- CVE-2017-8361: global buffer overflow in flac_buffer_copy (flac.c) (bsc#1036944)
- CVE-2017-8363: heap-based buffer overflow in flac_buffer_copy (flac.c) (bsc#1036945)
- CVE-2017-7585: stack-based buffer overflow via a specially crafted FLAC file (bsc#1033054)
ModerateSUSE bug 1033054SUSE bug 1033914SUSE bug 1033915SUSE bug 1036943SUSE bug 1036944SUSE bug 1036945SUSE bug 1036946CVE-2017-7585 at SUSECVE-2017-7585 at NVDCVE-2017-7741 at SUSECVE-2017-7741 at NVDCVE-2017-7742 at SUSECVE-2017-7742 at NVDCVE-2017-8361 at SUSECVE-2017-8361 at NVDCVE-2017-8362 at SUSECVE-2017-8362 at NVDCVE-2017-8363 at SUSECVE-2017-8363 at NVDCVE-2017-8365 at SUSECVE-2017-8365 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Recommended update for libsndfile (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
- This update for libsndfile fixes a memory leak in an error path.(bsc#1038856)
- CVE-2017-16942: A divide-by-zero error exists in the function wav_w64_read_fmt_chunk() in wav_w64.c, which may lead to DoS when playing a crafted audio file. (bsc#1069874)
- CVE-2017-14634: In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file. (bsc#1059911)
- CVE-2017-14245: An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of
the NAN and INFINITY floating-point values. (bsc#1059912)
- CVE-2017-14246: An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of
the NAN and INFINITY floating-point values.(bsc#1059913)
ModerateSUSE bug 1038856SUSE bug 1059911SUSE bug 1059912SUSE bug 1059913SUSE bug 1069874CVE-2017-14245 at SUSECVE-2017-14245 at NVDCVE-2017-14246 at SUSECVE-2017-14246 at NVDCVE-2017-14634 at SUSECVE-2017-14634 at NVDCVE-2017-16942 at SUSECVE-2017-16942 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libsndfile (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libsndfile fixes the following issues:
Security issues fixed:
- CVE-2017-17456: Prevent segmentation fault in the function d2alaw_array() that may have lead to a remote DoS (bsc#1071777).
- CVE-2017-17457: Prevent segmentation fault in the function d2ulaw_array() that may have lead to a remote DoS, a different vulnerability than CVE-2017-14246 (bsc#1071767).
- CVE-2018-19758: Fixed a heap-based buffer over-read at wav.c in wav_write_header that could have been used for a denial of service attack (bsc#1117954).
ModerateSUSE bug 1071767SUSE bug 1071777SUSE bug 1117954CVE-2017-17456 at SUSECVE-2017-17456 at NVDCVE-2017-17457 at SUSECVE-2017-17457 at NVDCVE-2018-19758 at SUSECVE-2018-19758 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libsndfile (Critical)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for libsndfile fixes the following issues:
- CVE-2021-3246: Fixed a heap buffer overflow vulnerability in msadpcm_decode_block. (bsc#1188540)
CriticalSUSE bug 1188540CVE-2021-3246 at SUSECVE-2021-3246 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for libsndfile (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for libsndfile fixes the following issues:
- CVE-2021-4156: Fixed heap buffer overflow in flac_buffer_copy that
could potentially lead to heap exploitation (bsc#1194006).
ImportantSUSE bug 1194006CVE-2021-4156 at SUSECVE-2021-4156 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for libssh2_org (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libssh2_org fixes the following issues:
- Add SHA256 support for DH group exchange (fate#320343, bsc#961964)
- fix CVE-2016-0787 (bsc#967026)
* Weakness in diffie-hellman secret key generation lead to much shorter DH groups
then needed, which could be used to retrieve server keys.
ModerateSUSE bug 961964SUSE bug 967026CVE-2016-0787 at SUSECVE-2016-0787 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libssh2_org (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libssh2_org fixes the following issues:
Security issues fixed:
- CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets (bsc#1128490).
- CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet (bsc#1128492).
- CVE-2019-3860: Fixed Out-of-bounds reads with specially crafted SFTP packets (bsc#1128481).
- CVE-2019-3863: Fixed an Integer overflow in user authenicate keyboard interactive which could allow out-of-bounds writes
with specially crafted keyboard responses (bsc#1128493).
- CVE-2019-3856: Fixed a potential Integer overflow in keyboard interactive handling which could allow out-of-bounds write
with specially crafted payload (bsc#1128472).
- CVE-2019-3859: Fixed Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require
and _libssh2_packet_requirev (bsc#1128480).
- CVE-2019-3855: Fixed a potential Integer overflow in transport read which could allow out-of-bounds write with specially
crafted payload (bsc#1128471).
- CVE-2019-3858: Fixed a potential zero-byte allocation which could lead to an out-of-bounds read with a specially crafted
SFTP packet (bsc#1128476).
- CVE-2019-3857: Fixed a potential Integer overflow which could lead to zero-byte allocation and out-of-bounds with specially
crafted message channel request SSH packet (bsc#1128474).
ModerateSUSE bug 1128471SUSE bug 1128472SUSE bug 1128474SUSE bug 1128476SUSE bug 1128480SUSE bug 1128481SUSE bug 1128490SUSE bug 1128492SUSE bug 1128493CVE-2019-3855 at SUSECVE-2019-3855 at NVDCVE-2019-3856 at SUSECVE-2019-3856 at NVDCVE-2019-3857 at SUSECVE-2019-3857 at NVDCVE-2019-3858 at SUSECVE-2019-3858 at NVDCVE-2019-3859 at SUSECVE-2019-3859 at NVDCVE-2019-3860 at SUSECVE-2019-3860 at NVDCVE-2019-3861 at SUSECVE-2019-3861 at NVDCVE-2019-3862 at SUSECVE-2019-3862 at NVDCVE-2019-3863 at SUSECVE-2019-3863 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libssh2_org (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for libssh2_org fixes the following issues:
- Incorrect upstream fix for CVE-2019-3859 broke public key authentication [bsc#1133528, bsc#1130103]
- Store but don't use keys of unsupported types in the known_hosts file [bsc#1091236]
ImportantSUSE bug 1091236SUSE bug 1130103SUSE bug 1133528CVE-2019-3859 at SUSECVE-2019-3859 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for libssh2_org (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for libssh2_org fixes the following issues:
- Fix the previous fix for CVE-2019-3860 (bsc#1136570, bsc#1128481)
(Out-of-bounds reads with specially crafted SFTP packets)
ModerateSUSE bug 1128481SUSE bug 1136570CVE-2019-3860 at SUSECVE-2019-3860 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for libssh2_org (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for libssh2_org fixes the following issue:
- CVE-2019-17498: Fixed an integer overflow in a bounds check that might have led to the disclosure of sensitive information or a denial of service (bsc#1154862).
ModerateSUSE bug 1154862CVE-2019-17498 at SUSECVE-2019-17498 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for libtcnative-1-0 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libtcnative-1-0 fixes the following issues:
- CVE-2015-4000: Disable 512-bit export-grade cryptography to prevent Logjam
vulnerability (bsc#938945)
ModerateSUSE bug 938945CVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libtcnative-1-0 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for libtcnative-1-0 to version 1.1.34 fixes the following issues:
- CVE-2017-15698: Fixed an improper handling of fields with more than 127 bytes
which could allow invalid client certificates to be accepted (bsc#1078679).
- CVE-2018-8019: When using an OCSP responder did not correctly handle invalid
responses. This allowed for revoked client certificates to be incorrectly
identified. It was therefore possible for users to authenticate with revoked
certificates when using mutual TLS (bsc#1103348).
- CVE-2018-8020: Did not properly check OCSP pre-produced responses. Revoked
client certificates may have not been properly identified, allowing for users
to authenticate with revoked certificates to connections that require mutual
TLS (bsc#1103347).
For a complete list of changes please see
http://tomcat.apache.org/native-1.1-doc/miscellaneous/changelog.html
ImportantSUSE bug 1078679SUSE bug 1103347SUSE bug 1103348CVE-2017-15698 at SUSECVE-2017-15698 at NVDCVE-2018-8019 at SUSECVE-2018-8019 at NVDCVE-2018-8020 at SUSECVE-2018-8020 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for libtirpc, rpcbind (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libtirpc and rpcbind fixes the following issues:
- CVE-2017-8779: A crafted UDP package could lead rpcbind to remote denial-of-service. (bsc#1037559)
ImportantSUSE bug 1037559CVE-2017-8779 at SUSECVE-2017-8779 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libtirpc (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libtirpc fixes the following issues:
- Prevent remote crash of RPC services (bsc#968175)
ModerateSUSE bug 968175cpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libtirpc (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libtirpc fixes the following issues:
Security issues fixed:
- CVE-2018-14621: libtirpc: Infinite loop in EMFILE case in svc_vc.c (bsc#1106519)
- CVE-2018-14622: libtirpc: Segmentation fault in makefd_xprt return value in svc_vc.c (bsc#1106517)
ModerateSUSE bug 1106517SUSE bug 1106519SUSE bug 968175CVE-2018-14621 at SUSECVE-2018-14621 at NVDCVE-2018-14622 at SUSECVE-2018-14622 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libvirt (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libvirt fixes the following issues:
Security issue:
- CVE-2015-5313: directory directory traversal privilege
escalation vulnerability. (bsc#953110)
Bugs fixed:
- bsc#960305: xenxs: support parsing and formatting vif bandwidth
- bsc#961173: xen: use correct domctl version in domaininfolist union
- bsc#959094: xen: Disable building xen-inotify subdriver. It is unmaintained
and contains bugs that can cause client connection failures.
- bsc#948686: qemu: Use PAUSED state for domains that are starting up
- bsc#948516: Fix profile_status to distringuish between errors and unconfined
domains.
ModerateSUSE bug 948516SUSE bug 948686SUSE bug 953110SUSE bug 959094SUSE bug 960305SUSE bug 961173CVE-2015-5313 at SUSECVE-2015-5313 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libvirt (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libvirt fixes the following issues:
Security issues fixed:
- CVE-2016-5008: empty VNC password disables authentication (bsc#987527)
Bugs fixed:
- bsc#970906: Fixed a race condition in xenstore event handling.
- bsc#952889: Change hap setting to align with Xen behavior.
- Fixed 'make check' failures.
ModerateSUSE bug 952889SUSE bug 970906SUSE bug 987527CVE-2016-5008 at SUSECVE-2016-5008 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libvirt (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libvirt fixes several issues.
This security issue was fixed:
- bsc#1053600: Escape ssh commed line to prevent interpreting malicious
hostname as arguments, allowing for command execution
These non-security issues were fixed:
- bsc#1025340: Use xend for nodeGetFreeMemory API
- bsc#1026236: Add support for tsc timers on xen
ModerateSUSE bug 1025340SUSE bug 1026236SUSE bug 1053600cpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libvirt (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libvirt fixes the following issues:
Security issues fixed:
- CVE-2017-5715: Fixes for speculative side channel attacks aka 'SpectreAttack' (var2) (bsc#1079869).
- CVE-2018-1064: Fixed denial of service when reading from guest agent (bsc#1083625).
- CVE-2018-5748: Fixed possible denial of service when reading from QEMU monitor (bsc#1076500).
Non-security issues fixed:
- bsc#1083061: Fixed 'dumpxml --migratable' exports domain id in output on SLES11 SP4.
- bsc#1055365: Improve performance when listing hundreds of interfaces.
ImportantSUSE bug 1055365SUSE bug 1076500SUSE bug 1079869SUSE bug 1083061SUSE bug 1083625CVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2018-1064 at SUSECVE-2018-1064 at NVDCVE-2018-5748 at SUSECVE-2018-5748 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libvirt (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libvirt fixes the following issues:
- CVE-2018-3639: cpu: Added support for 'ssbd' and 'virt-ssbd' CPUID feature bits pass through.
ImportantSUSE bug 1092885CVE-2018-3639 at SUSECVE-2018-3639 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libvirt (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for libvirt fixes the following issues:
Security issues fixed:
- CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path
parameter pointing anywhere on the system and potentially leading to execution
of a malicious file with root privileges by libvirtd (bsc#1138301).
- CVE-2019-3886: Fixed a information exposure which allowed to retrieve the guest
hostname under readonly mode (bsc#1131595).
ImportantSUSE bug 1131595SUSE bug 1138301CVE-2019-10161 at SUSECVE-2019-10161 at NVDCVE-2019-3886 at SUSECVE-2019-3886 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for libvirt and libvirt-python (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for libvirt and libvirt-python fixes the following issues:
libvirt:
- CVE-2016-10746: Fixed an authentication bypass where a guest agent with a read only connection could call virDomainGetTime API calls (bsc#1133150).
- rpc: increase the size of REMOTE_MIGRATE_COOKIE_MAX (bsc#1134783).
libvirt-python:
- Fixes a memory leak in libvirt-python (bsc#1140252)
ModerateSUSE bug 1133150SUSE bug 1134783SUSE bug 1140252CVE-2016-10746 at SUSECVE-2016-10746 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for LibVNCServer (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The libvncserver package was updated to fix the following security issues:
- bsc#897031: fix several security issues:
* CVE-2014-6051: Integer overflow in MallocFrameBuffer() on client side.
* CVE-2014-6052: Lack of malloc() return value checking on client side.
* CVE-2014-6053: Server crash on a very large ClientCutText message.
* CVE-2014-6054: Server crash when scaling factor is set to zero.
* CVE-2014-6055: Multiple stack overflows in File Transfer feature.
ModerateSUSE bug 897031CVE-2014-6051 at SUSECVE-2014-6051 at NVDCVE-2014-6052 at SUSECVE-2014-6052 at NVDCVE-2014-6053 at SUSECVE-2014-6053 at NVDCVE-2014-6054 at SUSECVE-2014-6054 at NVDCVE-2014-6055 at SUSECVE-2014-6055 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libvorbis (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libvorbis fixes the following issues:
- CVE-2017-14633: out-of-bounds array read vulnerability exists in
function mapping0_forward() could lead to remote denial of service (bsc#1059811)
- CVE-2017-14632: Remote Code Execution upon freeing uninitialized
memory in function vorbis_analysis_headerout(bsc#1059809)
ModerateSUSE bug 1059809SUSE bug 1059811CVE-2017-14632 at SUSECVE-2017-14632 at NVDCVE-2017-14633 at SUSECVE-2017-14633 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libvorbis (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libvorbis fixes the following issues:
- CVE-2018-5146: Fixed out of bounds memory write while processing Vorbis audio data (bsc#1085687).
ModerateSUSE bug 1085687CVE-2018-5146 at SUSECVE-2018-5146 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libvorbis (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libvorbis fixes the following issues:
Security issues fixed:
- CVE-2018-10393: Fixed stack-based buffer over-read in bark_noise_hybridm (bsc#1091072).
- CVE-2017-14160: Fixed out-of-bounds access inside bark_noise_hybridmp function (bsc#1059812).
ModerateSUSE bug 1059812SUSE bug 1091072CVE-2017-14160 at SUSECVE-2017-14160 at NVDCVE-2018-10393 at SUSECVE-2018-10393 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libvorbis (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libvorbis fixes the following issues:
The following security issue was fixed:
- Fixed the validation of channels in mapping0_forward(), which previously
allowed remote attackers to cause a denial of service via specially crafted
files (CVE-2018-10392, bsc#1091070)
ModerateSUSE bug 1091070CVE-2018-10392 at SUSECVE-2018-10392 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libxml2 fixes two security issues:
- libxml2 limits the number of recursions an XML document can contain so to protect against the 'Billion Laughs' denial-of-service attack. Unfortunately, the underlying counter was not incremented properly in all necessary locations. Therefore, specially crafted XML documents could exhaust all available stack space and crash the XML parser without running into the recursion limit. This vulnerability has been fixed. (bsc#975947)
- When running in recovery mode, certain invalid XML documents would trigger an infinite recursion in libxml2 that ran until all stack space was exhausted. This vulnerability could have been used to facilitate a denial-of-sevice attack. (CVE-2016-3627, bsc#972335)
ModerateSUSE bug 972335SUSE bug 975947CVE-2016-3627 at SUSECVE-2016-3627 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libxml2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libxml2 fixes the following security issues:
- CVE-2016-2073, CVE-2015-8806, CVE-2016-1839: A Heap-buffer overread
was fixed in libxml2/dict.c [bsc#963963, bsc#965283, bsc#981114].
- CVE-2016-4483: Code was added to avoid an out of bound access when
serializing malformed strings [bsc#978395].
- CVE-2016-1762: Fixed a heap-based buffer overread in xmlNextChar [bsc#981040].
- CVE-2016-1834: Fixed a heap-buffer-overflow in xmlStrncat [bsc#981041].
- CVE-2016-1833: Fixed a heap-based buffer overread in htmlCurrentChar [bsc#981108].
- CVE-2016-1835: Fixed a heap use-after-free in xmlSAX2AttributeNs [bsc#981109].
- CVE-2016-1837: Fixed a heap use-after-free in htmlParsePubidLiteral
and htmlParseSystemiteral [bsc#981111].
- CVE-2016-1838: Fixed a heap-based buffer overread in
xmlParserPrintFileContextInternal [bsc#981112].
- CVE-2016-1840: Fixed a heap-buffer-overflow in xmlFAParsePosCharGroup [bsc#981115].
- CVE-2016-4447: Fixed a heap-based buffer-underreads due to xmlParseName [bsc#981548].
- CVE-2016-4448: Fixed some format string warnings with possible format
string vulnerability [bsc#981549],
- CVE-2016-4449: Fixed inappropriate fetch of entities content [bsc#981550].
- CVE-2016-3705: Fixed missing increment of recursion counter.
ImportantSUSE bug 963963SUSE bug 965283SUSE bug 978395SUSE bug 981040SUSE bug 981041SUSE bug 981108SUSE bug 981109SUSE bug 981111SUSE bug 981112SUSE bug 981114SUSE bug 981115SUSE bug 981548SUSE bug 981549SUSE bug 981550CVE-2015-8806 at SUSECVE-2015-8806 at NVDCVE-2016-1762 at SUSECVE-2016-1762 at NVDCVE-2016-1833 at SUSECVE-2016-1833 at NVDCVE-2016-1834 at SUSECVE-2016-1834 at NVDCVE-2016-1835 at SUSECVE-2016-1835 at NVDCVE-2016-1837 at SUSECVE-2016-1837 at NVDCVE-2016-1838 at SUSECVE-2016-1838 at NVDCVE-2016-1839 at SUSECVE-2016-1839 at NVDCVE-2016-1840 at SUSECVE-2016-1840 at NVDCVE-2016-2073 at SUSECVE-2016-2073 at NVDCVE-2016-3705 at SUSECVE-2016-3705 at NVDCVE-2016-4447 at SUSECVE-2016-4447 at NVDCVE-2016-4448 at SUSECVE-2016-4448 at NVDCVE-2016-4449 at SUSECVE-2016-4449 at NVDCVE-2016-4483 at SUSECVE-2016-4483 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Recommended update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libxml2 fixes an issue when processing external entities introduced
with the fix for CVE-2014-0191.
ModerateSUSE bug 996079CVE-2014-0191 at SUSECVE-2014-0191 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libxml2 fixes the following issues:
- CVE-2016-4658: Use after free via namespace node in XPointer ranges (bsc#1005544).
ModerateSUSE bug 1005544CVE-2016-4658 at SUSECVE-2016-4658 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libxml2 fixes the following issues:
* CVE-2016-9318: libxml2 did not offer a flag directly indicating that the current document may be read but other files may not be opened, which made it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document (bsc#1010675).
* Prevent NULL dereference in xpointer.c and xmlDumpElementContent, and infinite recursion in xmlParseConditionalSections when in recovery mode(bnc#1014873)
ModerateSUSE bug 1010675SUSE bug 1014873CVE-2016-9318 at SUSECVE-2016-9318 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libxml2 fixes the following issues:
Security issues fixed:
- CVE-2017-9050: heap-based buffer overflow (xmlDictAddString func) [bsc#1039069, bsc#1039661]
- CVE-2017-9049: heap-based buffer overflow (xmlDictComputeFastKey func) [bsc#1039066]
- CVE-2017-9048: stack overflow vulnerability (xmlSnprintfElementContent func) [bsc#1039063]
- CVE-2017-9047: stack overflow vulnerability (xmlSnprintfElementContent func) [bsc#1039064]
A clarification for the previously released update: For CVE-2016-9318 we decided
not to ship a fix since it can break existing setups. Please take appropriate
actions if you parse untrusted XML files and use the new -noxxe flag if
possible (bnc#1010675, bnc#1013930).
ModerateSUSE bug 1010675SUSE bug 1013930SUSE bug 1039063SUSE bug 1039064SUSE bug 1039066SUSE bug 1039069SUSE bug 1039661CVE-2016-9318 at SUSECVE-2016-9318 at NVDCVE-2017-9047 at SUSECVE-2017-9047 at NVDCVE-2017-9048 at SUSECVE-2017-9048 at NVDCVE-2017-9049 at SUSECVE-2017-9049 at NVDCVE-2017-9050 at SUSECVE-2017-9050 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libxml2 fixes the following issues:
Security issues fixed:
* CVE-2017-0663: Fixed a heap buffer overflow in xmlAddID (bsc#1044337)
* CVE-2017-5969: Fixed a NULL pointer deref in xmlDumpElementContent (bsc#1024989)
* CVE-2017-7375: Prevented an unwanted external entity reference (bsc#1044894)
* CVE-2017-7376: Increase buffer space for port in HTTP redirect support (bsc#1044887)
ModerateSUSE bug 1024989SUSE bug 1044337SUSE bug 1044887SUSE bug 1044894CVE-2017-0663 at SUSECVE-2017-0663 at NVDCVE-2017-5969 at SUSECVE-2017-5969 at NVDCVE-2017-7375 at SUSECVE-2017-7375 at NVDCVE-2017-7376 at SUSECVE-2017-7376 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libxml2 fixes the following issues:
- CVE-2017-8872: Out-of-bounds read could lead to application crash (bsc#1038444)
ModerateSUSE bug 1038444CVE-2017-8872 at SUSECVE-2017-8872 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libxml2 fixes several issues.
Theses security issues were fixed:
- CVE-2017-16932: Fixed infinite recursion could lead to an infinite loop or
memory exhaustion when expanding a parameter entity in a DTD (bsc#1069689).
- CVE-2017-15412: Prevent use after free when calling XPath extension functions
that allowed remote attackers to cause DoS or potentially RCE (bsc#1077993)
- CVE-2016-5131: Use-after-free vulnerability in libxml2 allowed
remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to the XPointer range-to
function. (bsc#1078813)
- CVE-2017-5130: Fixed a potential remote buffer overflow in function
xmlMemoryStrdup() (bsc#1078806)
ModerateSUSE bug 1069689SUSE bug 1077993SUSE bug 1078806SUSE bug 1078813CVE-2016-5131 at SUSECVE-2016-5131 at NVDCVE-2017-15412 at SUSECVE-2017-15412 at NVDCVE-2017-16932 at SUSECVE-2017-16932 at NVDCVE-2017-5130 at SUSECVE-2017-5130 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libxml2 fixes the following issues:
Security issue fixed:
- CVE-2018-14404: Prevent NULL pointer dereference in the xmlXPathCompOpEval()
function when parsing an invalid XPath expression in the XPATH_OP_AND or
XPATH_OP_OR case leading to a denial of service attack (bsc#1102046)
Other Issue fixed:
- Fixed a bug related to the fix for CVE-2016-9318 which allowed xsltproc to access
the internet even when --nonet was given and also was making docbook-xsl-stylesheets to have
incomplete xml catalog file (bsc#1010675, bsc#1126613 and bsc#1110146).
ModerateSUSE bug 1010675SUSE bug 1102046SUSE bug 1110146SUSE bug 1126613CVE-2016-9318 at SUSECVE-2016-9318 at NVDCVE-2018-14404 at SUSECVE-2018-14404 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libxml2 (Low)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for libxml2 doesn't fix any additional security issues, but correct its rpm changelog to reflect
all CVEs that have been fixed over the past.
LowSUSE bug 1123919cpe:/o:suse:suse_sles:11:sp4Security update for libxml2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for libxml2 fixes the following issues:
Security issues fixed:
- CVE-2021-3537: NULL pointer dereference in valid.c:xmlValidBuildAContentModel (bsc#1185698)
- CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess (bsc#1185408).
- CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal (bsc#1185410).
- CVE-2021-3516: Fixed a use after free in xmlEncodeEntitiesInternal() in entities.c (bsc#1185409)
- CVE-2020-24977: Fixed a global-buffer-overflow in xmlEncodeEntitiesInternal (bsc#1176179).
- CVE-2019-20388: Fixed a memory leak in xmlSchemaPreRun (bsc#1161521).
- CVE-2020-7595: Fixed an infinite loop in an EOF situation (bsc#1161517).
- CVE-2019-19956: Fixed a memory leak in xmlParseBalancedChunkMemoryRecover (bsc#1159928).
ImportantSUSE bug 1159928SUSE bug 1161517SUSE bug 1161521SUSE bug 1176179SUSE bug 1185408SUSE bug 1185409SUSE bug 1185410SUSE bug 1185698CVE-2014-0191 at SUSECVE-2014-0191 at NVDCVE-2019-19956 at SUSECVE-2019-19956 at NVDCVE-2019-20388 at SUSECVE-2019-20388 at NVDCVE-2020-24977 at SUSECVE-2020-24977 at NVDCVE-2020-7595 at SUSECVE-2020-7595 at NVDCVE-2021-3516 at SUSECVE-2021-3516 at NVDCVE-2021-3517 at SUSECVE-2021-3517 at NVDCVE-2021-3518 at SUSECVE-2021-3518 at NVDCVE-2021-3537 at SUSECVE-2021-3537 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for libxml2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for libxml2 fixes the following issues:
- CVE-2022-23308: Fixed a use-after-free of ID and IDREF attributes (bsc#1196490).
ImportantSUSE bug 1196490CVE-2022-23308 at SUSECVE-2022-23308 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update fixes the following security issues:
* CVE-2015-1819 Enforce the reader to run in constant memory [bnc#928193]
* CVE-2015-7941 Fix out of bound read with crafted xml input by stopping parsing on entities boundaries errors [bnc#951734]
* CVE-2015-7942 Fix another variation of overflow in Conditional sections [bnc#951735]
* CVE-2015-8241 Avoid extra processing of MarkupDecl when EOF [bnc#956018]
* CVE-2015-8242 Buffer overead with HTML parser in push mode [bnc#956021]
* CVE-2015-8317 Return if the encoding declaration is broken or encoding conversion failed [bnc#956260]
* CVE-2015-5312 Fix another entity expansion issue [bnc#957105]
* CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey [bnc#957106]
* CVE-2015-7498 Processes entities after encoding conversion failures [bnc#957107]
* CVE-2015-7499 Add xmlHaltParser() to stop the parser / Detect incoherency on GROW [bnc#957109]
* CVE-2015-7500 Fix memory access error due to incorrect entities boundaries [bnc#957110]
ModerateSUSE bug 928193SUSE bug 951734SUSE bug 951735SUSE bug 956018SUSE bug 956021SUSE bug 956260SUSE bug 957105SUSE bug 957106SUSE bug 957107SUSE bug 957109SUSE bug 957110CVE-2015-1819 at SUSECVE-2015-1819 at NVDCVE-2015-5312 at SUSECVE-2015-5312 at NVDCVE-2015-7497 at SUSECVE-2015-7497 at NVDCVE-2015-7498 at SUSECVE-2015-7498 at NVDCVE-2015-7499 at SUSECVE-2015-7499 at NVDCVE-2015-7500 at SUSECVE-2015-7500 at NVDCVE-2015-7941 at SUSECVE-2015-7941 at NVDCVE-2015-7942 at SUSECVE-2015-7942 at NVDCVE-2015-8241 at SUSECVE-2015-8241 at NVDCVE-2015-8242 at SUSECVE-2015-8242 at NVDCVE-2015-8317 at SUSECVE-2015-8317 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libxml2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libxml2 fixes the following security issue:
- CVE-2015-8710: Parsing short unclosed HTML comment could cause uninitialized memory access, which allowed remote attackers to read contents from previous HTTP requests depending on the application (bsc#960674)
ModerateSUSE bug 960674CVE-2015-8710 at SUSECVE-2015-8710 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libxslt (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libxslt fixes the following issues:
- CVE-2017-5029: The xsltAddTextString function in transform.c lacked a check
for integer overflow during a size calculation, which allowed a remote attacker
to perform an out of bounds memory write via a crafted HTML page (bsc#1035905).
- CVE-2016-4738: Fix heap overread in xsltFormatNumberConversion: An empty decimal-separator
could cause a heap overread. This can be exploited to leak a couple of bytes after
the buffer that holds the pattern string (bsc#1005591).
- CVE-2015-9019: Properly initialize random generator (bsc#934119).
- CVE-2015-7995: Vulnerability in function xsltStylePreCompute' in preproc.c could cause a
type confusion leading to DoS. (bsc#952474)
ModerateSUSE bug 1005591SUSE bug 1035905SUSE bug 934119SUSE bug 952474CVE-2015-7995 at SUSECVE-2015-7995 at NVDCVE-2015-9019 at SUSECVE-2015-9019 at NVDCVE-2016-4738 at SUSECVE-2016-4738 at NVDCVE-2017-5029 at SUSECVE-2017-5029 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to fix two security issues.
The following security bugs were fixed:
- CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg* or /dev/bsg* to elevate their privileges (bsc#1013604).
- CVE-2016-9794: A use-after-free vulnerability in the ALSA pcm layer allowed local users to cause a denial of service, memory corruption or possibly even to elevate their privileges (bsc#1013533).
ImportantSUSE bug 1013533SUSE bug 1013604CVE-2016-9576 at SUSECVE-2016-9576 at NVDCVE-2016-9794 at SUSECVE-2016-9794 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for the Linux Kernel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
Notable new features:
- Toleration of newer crypto hardware for z Systems
- USB 2.0 Link power management for Haswell-ULT
The following security bugs were fixed:
- CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bnc#1031579)
- CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel was too late in obtaining a certain lock and consequently could not ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003)
- CVE-2017-7184: The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel did not validate certain size data after an XFRM_MSG_NEWAE update, which allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability (bsc#1030573).
- CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1024938).
- CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation (bsc#1033336).
- CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440)
- CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052)
- CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213)
- CVE-2017-6348: The hashbin_delete function in net/irda/irqueue.c in the Linux kernel improperly managed lock dropping, which allowed local users to cause a denial of service (deadlock) via crafted operations on IrDA devices (bnc#1027178)
- CVE-2017-5669: The do_shmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context (bnc#1026914)
- CVE-2015-3288: mm/memory.c in the Linux kernel mishandled anonymous pages, which allowed local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero (bsc#979021).
- CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415)
- CVE-2016-5243: The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel did not properly copy a certain string, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#983212)
- CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application (bnc#1027066)
- CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722)
- CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024)
- CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bsc#1025235)
- CVE-2015-8970: crypto/algif_skcipher.c in the Linux kernel did not verify that a setkey operation has been performed on an AF_ALG socket an accept system call is processed, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted application that does not supply a key, related to the lrw_crypt function in crypto/lrw.c (bsc#1008374).
The following non-security bugs were fixed:
- NFSD: do not risk using duplicate owner/file/delegation ids (bsc#1029212).
- RAID1: avoid unnecessary spin locks in I/O barrier code (bsc#982783, bsc#1026260).
- SUNRPC: Clean up the slot table allocation (bsc#1013862).
- SUNRPC: Initalise the struct xprt upon allocation (bsc#1013862).
- USB: cdc-acm: fix broken runtime suspend (bsc#1033771).
- USB: cdc-acm: fix open and suspend race (bsc#1033771).
- USB: cdc-acm: fix potential urb leak and PM imbalance in write (bsc#1033771).
- USB: cdc-acm: fix runtime PM for control messages (bsc#1033771).
- USB: cdc-acm: fix runtime PM imbalance at shutdown (bsc#1033771).
- USB: cdc-acm: fix shutdown and suspend race (bsc#1033771).
- USB: cdc-acm: fix write and resume race (bsc#1033771).
- USB: cdc-acm: fix write and suspend race (bsc#1033771).
- USB: hub: Fix crash after failure to read BOS descriptor
- USB: serial: iuu_phoenix: fix NULL-deref at open (bsc#1033794).
- USB: serial: kl5kusb105: fix line-state error handling (bsc#1021256).
- USB: serial: mos7720: fix NULL-deref at open (bsc#1033816).
- USB: serial: mos7720: fix parallel probe (bsc#1033816).
- USB: serial: mos7720: fix parport use-after-free on probe errors (bsc#1033816).
- USB: serial: mos7720: fix use-after-free on probe errors (bsc#1033816).
- USB: serial: mos7840: fix NULL-deref at open (bsc#1034026).
- USB: xhci-mem: use passed in GFP flags instead of GFP_KERNEL (bsc#1023014).
- Update metadata for serial fixes (bsc#1013070)
- Use PF_LESS_THROTTLE in loop device thread (bsc#1027101).
- clocksource: Remove 'weak' from clocksource_default_clock() declaration (bnc#1013018).
- dlm: backport 'fix lvb invalidation conditions' (bsc#1005651).
- drm/mgag200: Add support for G200e rev 4 (bnc#995542, comment #81)
- enic: set skb->hash type properly (bsc#911105).
- ext4: fix mballoc breakage with 64k block size (bsc#1013018).
- ext4: fix stack memory corruption with 64k block size (bsc#1013018).
- ext4: reject inodes with negative size (bsc#1013018).
- fuse: initialize fc->release before calling it (bsc#1013018).
- i40e/i40evf: Break up xmit_descriptor_count from maybe_stop_tx (bsc#985561).
- i40e/i40evf: Fix mixed size frags and linearization (bsc#985561).
- i40e/i40evf: Limit TSO to 7 descriptors for payload instead of 8 per packet (bsc#985561).
- i40e/i40evf: Rewrite logic for 8 descriptor per packet check (bsc#985561).
- i40e: Fix TSO with more than 8 frags per segment issue (bsc#985561).
- i40e: Impose a lower limit on gso size (bsc#985561).
- i40e: Limit TX descriptor count in cases where frag size is greater than 16K (bsc#985561).
- i40e: avoid null pointer dereference (bsc#909486).
- jbd: Fix oops in journal_remove_journal_head() (bsc#1017143).
- jbd: do not wait (forever) for stale tid caused by wraparound (bsc#1020229).
- kABI: mask struct xfs_icdinode change (bsc#1024788).
- kabi: Protect xfs_mount and xfs_buftarg (bsc#1024508).
- kabi: fix (bsc#1008893).
- lockd: use init_utsname for id encoding (bsc#1033804).
- lockd: use rpc client's cl_nodename for id encoding (bsc#1033804).
- md linear: fix a race between linear_add() and linear_congested() (bsc#1018446).
- md/linear: shutup lockdep warnning (bsc#1018446).
- mm/mempolicy.c: do not put mempolicy before using its nodemask (bnc#931620).
- ocfs2: do not write error flag to user structure we cannot copy from/to (bsc#1013018).
- ocfs2: fix crash caused by stale lvb with fsdlm plugin (bsc#1013800).
- ocfs2: fix error return code in ocfs2_info_handle_freefrag() (bsc#1013018).
- ocfs2: null deref on allocation error (bsc#1013018).
- pciback: only check PF if actually dealing with a VF (bsc#999245).
- pciback: use pci_physfn() (bsc#999245).
- posix-timers: Fix stack info leak in timer_create() (bnc#1013018).
- powerpc,cpuidle: Dont toggle CPUIDLE_FLAG_IGNORE while setting smt_snooze_delay (bsc#1023163).
- powerpc/fadump: Fix the race in crash_fadump() (bsc#1022971).
- powerpc/fadump: Reserve memory at an offset closer to bottom of RAM (bsc#1032141).
- powerpc/fadump: Update fadump documentation (bsc#1032141).
- powerpc/nvram: Fix an incorrect partition merge (bsc#1016489).
- powerpc/vdso64: Use double word compare on pointers (bsc#1016489).
- rcu: Call out dangers of expedited RCU primitives (bsc#1008893).
- rcu: Direct algorithmic SRCU implementation (bsc#1008893).
- rcu: Flip ->completed only once per SRCU grace period (bsc#1008893).
- rcu: Implement a variant of Peter's SRCU algorithm (bsc#1008893).
- rcu: Increment upper bit only for srcu_read_lock() (bsc#1008893).
- rcu: Remove fast check path from __synchronize_srcu() (bsc#1008893).
- s390/kmsg: add missing kmsg descriptions (bnc#1025702).
- s390/vmlogrdr: fix IUCV buffer allocation (bnc#1025702).
- s390/zcrypt: Introduce CEX6 toleration
- sched/core: Fix TASK_DEAD race in finish_task_switch() (bnc#1013018).
- sched/loadavg: Fix loadavg artifacts on fully idle and on fully loaded systems (bnc#1013018).
- scsi: zfcp: do not trace pure benign residual HBA responses at default level (bnc#1025702).
- scsi: zfcp: fix rport unblock race with LUN recovery (bnc#1025702).
- scsi: zfcp: fix use-after-'free' in FC ingress path after TMF (bnc#1025702).
- scsi: zfcp: fix use-after-free by not tracing WKA port open/close on failed send (bnc#1025702).
- sfc: reduce severity of PIO buffer alloc failures (bsc#1019168).
- tcp: abort orphan sockets stalling on zero window probes (bsc#1021913).
- vfs: split generic splice code from i_mutex locking (bsc#1024788).
- virtio_scsi: fix memory leak on full queue condition (bsc#1028880).
- vmxnet3: segCnt can be 1 for LRO packets (bsc#988065, bsc#1029770).
- xen-blkfront: correct maximum segment accounting (bsc#1018263).
- xen-blkfront: do not call talk_to_blkback when already connected to blkback.
- xen-blkfront: free resources if xlvbd_alloc_gendisk fails.
- xfs: Fix lock ordering in splice write (bsc#1024788).
- xfs: Make xfs_icdinode->di_dmstate atomic_t (bsc#1024788).
- xfs: do not assert fail on non-async buffers on ioacct decrement (bsc#1024508).
- xfs: exclude never-released buffers from buftarg I/O accounting (bsc#1024508).
- xfs: fix buffer overflow dm_get_dirattrs/dm_get_dirattrs2 (bsc#989056).
- xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888).
- xfs: kill xfs_itruncate_start (bsc#1024788).
- xfs: remove the i_new_size field in struct xfs_inode (bsc#1024788).
- xfs: remove the i_size field in struct xfs_inode (bsc#1024788).
- xfs: remove xfs_itruncate_data (bsc#1024788).
- xfs: replace global xfslogd wq with per-mount wq (bsc#1024508).
- xfs: split xfs_itruncate_finish (bsc#1024788).
- xfs: split xfs_setattr (bsc#1024788).
- xfs: track and serialize in-flight async buffers against unmount (bsc#1024508).
- xfs_dmapi: fix the debug compilation of xfs_dmapi (bsc#989056).
ImportantSUSE bug 1005651SUSE bug 1008374SUSE bug 1008893SUSE bug 1013018SUSE bug 1013070SUSE bug 1013800SUSE bug 1013862SUSE bug 1016489SUSE bug 1017143SUSE bug 1018263SUSE bug 1018446SUSE bug 1019168SUSE bug 1020229SUSE bug 1021256SUSE bug 1021913SUSE bug 1022971SUSE bug 1023014SUSE bug 1023163SUSE bug 1023888SUSE bug 1024508SUSE bug 1024788SUSE bug 1024938SUSE bug 1025235SUSE bug 1025702SUSE bug 1026024SUSE bug 1026260SUSE bug 1026722SUSE bug 1026914SUSE bug 1027066SUSE bug 1027101SUSE bug 1027178SUSE bug 1028415SUSE bug 1028880SUSE bug 1029212SUSE bug 1029770SUSE bug 1030213SUSE bug 1030573SUSE bug 1031003SUSE bug 1031052SUSE bug 1031440SUSE bug 1031579SUSE bug 1032141SUSE bug 1033336SUSE bug 1033771SUSE bug 1033794SUSE bug 1033804SUSE bug 1033816SUSE bug 1034026SUSE bug 909486SUSE bug 911105SUSE bug 931620SUSE bug 979021SUSE bug 982783SUSE bug 983212SUSE bug 985561SUSE bug 988065SUSE bug 989056SUSE bug 995542SUSE bug 999245CVE-2015-3288 at SUSECVE-2015-3288 at NVDCVE-2015-8970 at SUSECVE-2015-8970 at NVDCVE-2016-10200 at SUSECVE-2016-10200 at NVDCVE-2016-5243 at SUSECVE-2016-5243 at NVDCVE-2017-2671 at SUSECVE-2017-2671 at NVDCVE-2017-5669 at SUSECVE-2017-5669 at NVDCVE-2017-5970 at SUSECVE-2017-5970 at NVDCVE-2017-5986 at SUSECVE-2017-5986 at NVDCVE-2017-6074 at SUSECVE-2017-6074 at NVDCVE-2017-6214 at SUSECVE-2017-6214 at NVDCVE-2017-6348 at SUSECVE-2017-6348 at NVDCVE-2017-6353 at SUSECVE-2017-6353 at NVDCVE-2017-7184 at SUSECVE-2017-7184 at NVDCVE-2017-7187 at SUSECVE-2017-7187 at NVDCVE-2017-7261 at SUSECVE-2017-7261 at NVDCVE-2017-7294 at SUSECVE-2017-7294 at NVDCVE-2017-7308 at SUSECVE-2017-7308 at NVDCVE-2017-7616 at SUSECVE-2017-7616 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for log4j (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for log4j fixes the following issues:
- CVE-2019-17571: Fixed a remote code execution by deserialization of untrusted data in SocketServer (bsc#1159646).
ImportantSUSE bug 1159646CVE-2019-17571 at SUSECVE-2019-17571 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for log4j (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for log4j fixes the following issues:
- CVE-2021-4104: Disable the JMSAppender class from log4j to protect against
the log4jshell vulnerability. [bsc#1193662]
ImportantSUSE bug 1193662CVE-2021-4104 at SUSECVE-2021-4104 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for log4j (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for log4j fixes the following issues:
- CVE-2022-23307: Fixed deserialization flaw in the chainsaw component of log4j leading to malicious code execution. (bsc#1194844)
- CVE-2022-23305: Fixed SQL injection when application is configured to use JDBCAppender. (bsc#1194843)
- CVE-2022-23302: Fixed remote code execution when application is configured to use JMSSink. (bsc#1194842)
ImportantSUSE bug 1194842SUSE bug 1194843SUSE bug 1194844CVE-2022-23302 at SUSECVE-2022-23302 at NVDCVE-2022-23305 at SUSECVE-2022-23305 at NVDCVE-2022-23307 at SUSECVE-2022-23307 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for lxc (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
lxc was update to fix one security issue.
The following vulnerability was fixed:
* CVE-2015-1335: A directory traversal flaw while lxc-start is initially setting up the mounts for a container (bsc#946744)
ModerateSUSE bug 946744CVE-2015-1335 at SUSECVE-2015-1335 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mailman (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for mailman to version 2.1.15 fixes the following issues:
- CVE-2016-6893: Prevent cross-site request forgery (CSRF) vulnerability in the
user options page that allowed remote attackers to hijack the authentication of
arbitrary users for requests that modify an option (bsc#995352).
- Various other hardenings against CSFR attacks
For details please see https://launchpad.net/mailman/+milestone/2.1.15
ModerateSUSE bug 995352CVE-2016-6893 at SUSECVE-2016-6893 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mailman (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for mailman fixes the following issues:
- Fixed a XSS vulnerability and information leak in user options CGI, which
could be used to execute arbitrary scripts in the user's browser via
specially encoded URLs (bsc#1077358 CVE-2018-5950)
- Fixed a directory traversal vulnerability in MTA transports when using the
recommended Mailman Transport for Exim (bsc#925502 CVE-2015-2775)
- Fixed a XSS vulnerability, which allowed malicious listowners to inject
scripts into the listinfo pages (bsc#1099510 CVE-2018-0618)
- Fixed arbitrary text injection vulnerability in several mailman CGIs
(CVE-2018-13796 bsc#1101288)
- Fixed a CSRF vulnerability on the user options page (CVE-2016-6893 bsc#995352)
ImportantSUSE bug 1077358SUSE bug 1099510SUSE bug 1101288SUSE bug 925502SUSE bug 995352CVE-2015-2775 at SUSECVE-2015-2775 at NVDCVE-2016-6893 at SUSECVE-2016-6893 at NVDCVE-2018-0618 at SUSECVE-2018-0618 at NVDCVE-2018-13796 at SUSECVE-2018-13796 at NVDCVE-2018-5950 at SUSECVE-2018-5950 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mailman (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for mailman fixes the following issues:
Security issue fixed:
- CVE-2016-6893: Fixed a Cross-site request forgery vulnerability in the admin web interface (bsc#997205).
Following bug was fixed:
- Allow CSRF check to pass in mailman web frontend if the list
name contains a '+' (bsc#1102416)
ImportantSUSE bug 1102416SUSE bug 997205CVE-2016-6893 at SUSECVE-2016-6893 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for mailman (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for mailman fixes the following issues:
- CVE-2019-3693: Fixed a local privilege escalation from wwwrun to root (bsc#1154328).
ImportantSUSE bug 1154328CVE-2019-3693 at SUSECVE-2019-3693 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for mailman (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for mailman fixes the following issues:
Security issue fixed:
- CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion (bsc#1170558).
Non-security issue fixed:
- Fixed rights and ownership on /var/lib/mailman/archives (bsc#1167068).
ImportantSUSE bug 1167068SUSE bug 1170558CVE-2020-12137 at SUSECVE-2020-12137 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for mailman (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for mailman fixes the following issues:
- CVE-2020-15011: Fixed a possible Arbitrary Content Injection via the private archive login page (bsc#1173369).
ImportantSUSE bug 1173369CVE-2020-15011 at SUSECVE-2020-15011 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for MozillaFirefox, mozilla-nss fixes security issues and bugs.
The following vulnerabilities were fixed in Firefox ESR 45.5.1 (bsc#1009026 bsc#1012964):
- CVE-2016-9079: Use-after-free in SVG Animation (MFSA 2016-92 bsc#1012964)
- CVE-2016-5297: Incorrect argument length checking in Javascript (bsc#1010401)
- CVE-2016-9066: Integer overflow leading to a buffer overflow in nsScriptLoadHandler (bsc#1010404)
- CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1 (bsc#1010395)
- CVE-2016-9064: Addons update must verify IDs match between current and new versions (bsc#1010402)
- CVE-2016-5290: Memory safety bugs fixed in Firefox 50 and Firefox ESR 45.5 (bsc#1010427)
- CVE-2016-5291: Same-origin policy violation using local HTML file and saved shortcut file (bsc#1010410)
The following vulnerabilities were fixed in mozilla-nss 3.21.3:
- CVE-2016-9074: Insufficient timing side-channel resistance in divSpoiler (bsc#1010422)
- CVE-2016-5285: Missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime causes server crash (bsc#1010517)
The following bugs were fixed:
- Firefox would fail to go into fullscreen mode with some window managers (bsc#992549)
- font warning messages would flood console, now using fontconfig configuration from
firefox-fontconfig instead of the system one (bsc#1000751)
ImportantSUSE bug 1000751SUSE bug 1009026SUSE bug 1010395SUSE bug 1010401SUSE bug 1010402SUSE bug 1010404SUSE bug 1010410SUSE bug 1010422SUSE bug 1010427SUSE bug 1010517SUSE bug 1012964SUSE bug 992549CVE-2016-5285 at SUSECVE-2016-5285 at NVDCVE-2016-5290 at SUSECVE-2016-5290 at NVDCVE-2016-5291 at SUSECVE-2016-5291 at NVDCVE-2016-5296 at SUSECVE-2016-5296 at NVDCVE-2016-5297 at SUSECVE-2016-5297 at NVDCVE-2016-9064 at SUSECVE-2016-9064 at NVDCVE-2016-9066 at SUSECVE-2016-9066 at NVDCVE-2016-9074 at SUSECVE-2016-9074 at NVDCVE-2016-9079 at SUSECVE-2016-9079 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mgetty (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for mgetty fixes the following issues:
- CVE-2018-16741: The function do_activate() did not properly sanitize shell
metacharacters to prevent command injection (bsc#1108752)
- CVE-2018-16745: The mail_to parameter was not sanitized, leading to a buffer
overflow if long untrusted input reached it (bsc#1108756)
- CVE-2018-16744: The mail_to parameter was not sanitized, leading to command
injection if untrusted input reached reach it (bsc#1108757)
- CVE-2018-16742: Prevent stack-based buffer overflow that could have been
triggered via a command-line parameter (bsc#1108762)
- CVE-2018-16743: The command-line parameter username wsa passed unsanitized to
strcpy(), which could have caused a stack-based buffer overflow (bsc#1108761)
ImportantSUSE bug 1108752SUSE bug 1108756SUSE bug 1108757SUSE bug 1108761SUSE bug 1108762CVE-2018-16741 at SUSECVE-2018-16741 at NVDCVE-2018-16742 at SUSECVE-2018-16742 at NVDCVE-2018-16743 at SUSECVE-2018-16743 at NVDCVE-2018-16744 at SUSECVE-2018-16744 at NVDCVE-2018-16745 at SUSECVE-2018-16745 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
Update to Intel microcode version 20180108 (bsc#1075262 CVE-2017-5715)
- The pre-released microcode fixing some important security issues
is now officially published (and included in the added tarball).
Among other updates it contains:
- IVT C0 (06-3e-04:ed) 428->42a
- SKL-U/Y D0 (06-4e-03:c0) ba->c2
- BDW-U/Y E/F (06-3d-04:c0) 25->28
- HSW-ULT Cx/Dx (06-45-01:72) 20->21
- Crystalwell Cx (06-46-01:32) 17->18
- BDW-H E/G (06-47-01:22) 17->1b
- HSX-EX E0 (06-3f-04:80) 0f->10
- SKL-H/S R0 (06-5e-03:36) ba->c2
- HSW Cx/Dx (06-3c-03:32) 22->23
- HSX C0 (06-3f-02:6f) 3a->3b
- BDX-DE V0/V1 (06-56-02:10) 0f->14
- BDX-DE V2 (06-56-03:10) 700000d->7000011
- KBL-U/Y H0 (06-8e-09:c0) 62->80
- KBL Y0 / CFL D0 (06-8e-0a:c0) 70->80
- KBL-H/S B0 (06-9e-09:2a) 5e->80
- CFL U0 (06-9e-0a:22) 70->80
- CFL B0 (06-9e-0b:02) 72->80
- SKX H0 (06-55-04:b7) 2000035->200003c
- GLK B0 (06-7a-01:01) 1e->22
ImportantSUSE bug 1075262CVE-2017-5715 at SUSECVE-2017-5715 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ucode-intel fixes the following issues:
The Intel CPU microcode version was updated to version 20180312.
This update enables the IBPB+IBRS based mitigations of the Spectre v2 flaws (boo#1085207 CVE-2017-5715)
- New Platforms
- BDX-DE EGW A0 6-56-5:10 e000009
- SKX B1 6-55-3:97 1000140
- Updates
- SNB D2 6-2a-7:12 29->2d
- JKT C1 6-2d-6:6d 619->61c
- JKT C2 6-2d-7:6d 710->713
- IVB E2 6-3a-9:12 1c->1f
- IVT C0 6-3e-4:ed 428->42c
- IVT D1 6-3e-7:ed 70d->713
- HSW Cx/Dx 6-3c-3:32 22->24
- HSW-ULT Cx/Dx 6-45-1:72 20->23
- CRW Cx 6-46-1:32 17->19
- HSX C0 6-3f-2:6f 3a->3c
- HSX-EX E0 6-3f-4:80 0f->11
- BDW-U/Y E/F 6-3d-4:c0 25->2a
- BDW-H E/G 6-47-1:22 17->1d
- BDX-DE V0/V1 6-56-2:10 0f->15
- BDW-DE V2 6-56-3:10 700000d->7000012
- BDW-DE Y0 6-56-4:10 f00000a->f000011
- SKL-U/Y D0 6-4e-3:c0 ba->c2
- SKL R0 6-5e-3:36 ba->c2
- KBL-U/Y H0 6-8e-9:c0 62->84
- KBL B0 6-9e-9:2a 5e->84
- CFL D0 6-8e-a:c0 70->84
- CFL U0 6-9e-a:22 70->84
- CFL B0 6-9e-b:02 72->84
- SKX H0 6-55-4:b7 2000035->2000043
ImportantSUSE bug 1085207CVE-2017-5715 at SUSECVE-2017-5715 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for microcode_ctl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for microcode_ctl fixes the following security issue:
- CVE-2017-5715: Prevent unauthorized disclosure of information to an attacker
with local user access caused by speculative execution and indirect branch
prediction (bsc#1095735)
ModerateSUSE bug 1095735CVE-2017-5715 at SUSECVE-2017-5715 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for microcode_ctl fixes the following issues:
The Intel CPU Microcode bundle was updated to the 20180703 release
For the listed CPU chipsets this fixes CVE-2018-3640 (Spectre v3a) and
helps mitigating CVE-2018-3639 (Spectre v4) (bsc#1100147 bsc#1087082 bsc#1087083)
More details can be found on:
https://downloadcenter.intel.com/download/27945/Linux-Processor-Microcode-Data-File
Following chipsets are fixed in this round:
Model Stepping F-MO-S/PI Old->New
---- updated platforms ------------------------------------
SNB-EP C1 6-2d-6/6d 0000061c->0000061d Xeon E5
SNB-EP C2 6-2d-7/6d 00000713->00000714 Xeon E5
IVT C0 6-3e-4/ed 0000042c->0000042d Xeon E5 v2; Core i7-4960X/4930K/4820K
IVT D1 6-3e-7/ed 00000713->00000714 Xeon E5 v2
HSX-E/EP/4S C0 6-3f-2/6f 0000003c->0000003d Xeon E5 v3
HSX-EX E0 6-3f-4/80 00000011->00000012 Xeon E7 v3
SKX-SP/D/W/X H0 6-55-4/b7 02000043->0200004d Xeon Bronze 31xx, Silver 41xx, Gold 51xx/61xx Platinum 81xx, D/W-21xx; Core i9-7xxxX
BDX-DE A1 6-56-5/10 0e000009->0e00000a Xeon D-15x3N
BDX-ML B/M/R0 6-4f-1/ef 0b00002c->0b00002e Xeon E5/E7 v4; Core i7-69xx/68xx
ImportantSUSE bug 1087082SUSE bug 1087083SUSE bug 1100147CVE-2018-3639 at SUSECVE-2018-3639 at NVDCVE-2018-3640 at SUSECVE-2018-3640 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update to ucode-intel (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
ucode-intel was updated to the 20180807 release.
For the listed CPU chipsets this fixes CVE-2018-3640 (Spectre v3a), and is part of the
mitigations for CVE-2018-3639 (Spectre v4) and CVE-2018-3646 (L1 Terminal Fault).
(bsc#1104134 bsc#1087082 bsc#1087083 bsc#1089343)
Processor Identifier Version Products
Model Stepping F-MO-S/PI Old->New
---- new platforms ----------------------------------------
WSM-EP/WS U1 6-2c-2/03 0000001f Xeon E/L/X56xx, W36xx
NHM-EX D0 6-2e-6/04 0000000d Xeon E/L/X65xx/75xx
BXT C0 6-5c-2/01 00000014 Atom T5500/5700
APL E0 6-5c-a/03 0000000c Atom x5-E39xx
DVN B0 6-5f-1/01 00000024 Atom C3xxx
---- updated platforms ------------------------------------
NHM-EP/WS D0 6-1a-5/03 00000019->0000001d Xeon E/L/X/W55xx
NHM B1 6-1e-5/13 00000007->0000000a Core i7-8xx, i5-7xx; Xeon L3426, X24xx
WSM B1 6-25-2/12 0000000e->00000011 Core i7-6xx, i5-6xx/4xxM, i3-5xx/3xxM, Pentium G69xx, Celeon P45xx; Xeon L3406
WSM K0 6-25-5/92 00000004->00000007 Core i7-6xx, i5-6xx/5xx/4xx, i3-5xx/3xx, Pentium G69xx/P6xxx/U5xxx, Celeron P4xxx/U3xxx
SNB D2 6-2a-7/12 0000002d->0000002e Core Gen2; Xeon E3
WSM-EX A2 6-2f-2/05 00000037->0000003b Xeon E7
IVB E2 6-3a-9/12 0000001f->00000020 Core Gen3 Mobile
HSW-H/S/E3 Cx/Dx 6-3c-3/32 00000024->00000025 Core Gen4 Desktop; Xeon E3 v3
BDW-U/Y E/F 6-3d-4/c0 0000002a->0000002b Core Gen5 Mobile
HSW-ULT Cx/Dx 6-45-1/72 00000023->00000024 Core Gen4 Mobile and derived Pentium/Celeron
HSW-H Cx 6-46-1/32 00000019->0000001a Core Extreme i7-5xxxX
BDW-H/E3 E/G 6-47-1/22 0000001d->0000001e Core i5-5xxxR/C, i7-5xxxHQ/EQ; Xeon E3 v4
SKL-U/Y D0 6-4e-3/c0 000000c2->000000c6 Core Gen6 Mobile
BDX-DE V1 6-56-2/10 00000015->00000017 Xeon D-1520/40
BDX-DE V2/3 6-56-3/10 07000012->07000013 Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19
BDX-DE Y0 6-56-4/10 0f000011->0f000012 Xeon D-1557/59/67/71/77/81/87
APL D0 6-5c-9/03 0000002c->00000032 Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
SKL-H/S/E3 R0 6-5e-3/36 000000c2->000000c6 Core Gen6; Xeon E3 v5
ImportantSUSE bug 1087082SUSE bug 1087083SUSE bug 1089343SUSE bug 1104134CVE-2018-3639 at SUSECVE-2018-3639 at NVDCVE-2018-3640 at SUSECVE-2018-3640 at NVDCVE-2018-3646 at SUSECVE-2018-3646 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for microcode_ctl fixes the following issues:
This update contains the Intel QSR 2019.1 Microcode release (bsc#1111331)
Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)
- CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)
- CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)
- CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)
- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
These updates contain the CPU Microcode adjustments for the software mitigations.
For more information on this set of vulnerabilities, check out https://www.suse.com/support/kb/doc/?id=7023736
Release notes:
- Processor Identifier Version Products
- Model Stepping F-MO-S/PI Old->New
- ---- new platforms ----------------------------------------
- CLX-SP B1 6-55-7/bf 05000021 Xeon Scalable Gen2
- ---- updated platforms ------------------------------------
- SNB D2/G1/Q0 6-2a-7/12 0000002e->0000002f Core Gen2
- IVB E1/L1 6-3a-9/12 00000020->00000021 Core Gen3
- HSW C0 6-3c-3/32 00000025->00000027 Core Gen4
- BDW-U/Y E0/F0 6-3d-4/c0 0000002b->0000002d Core Gen5
- IVB-E/EP C1/M1/S1 6-3e-4/ed 0000042e->0000042f Core Gen3 X Series; Xeon E5 v2
- IVB-EX D1 6-3e-7/ed 00000714->00000715 Xeon E7 v2
- HSX-E/EP Cx/M1 6-3f-2/6f 00000041->00000043 Core Gen4 X series; Xeon E5 v3
- HSX-EX E0 6-3f-4/80 00000013->00000014 Xeon E7 v3
- HSW-U C0/D0 6-45-1/72 00000024->00000025 Core Gen4
- HSW-H C0 6-46-1/32 0000001a->0000001b Core Gen4
- BDW-H/E3 E0/G0 6-47-1/22 0000001e->00000020 Core Gen5
- SKL-U/Y D0/K1 6-4e-3/c0 000000c6->000000cc Core Gen6
- SKX-SP H0/M0/U0 6-55-4/b7 0200005a->0000005e Xeon Scalable
- SKX-D M1 6-55-4/b7 0200005a->0000005e Xeon D-21xx
- BDX-DE V1 6-56-2/10 00000019->0000001a Xeon D-1520/40
- BDX-DE V2/3 6-56-3/10 07000016->07000017 Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19
- BDX-DE Y0 6-56-4/10 0f000014->0f000015 Xeon D-1557/59/67/71/77/81/87
- BDX-NS A0 6-56-5/10 0e00000c->0e00000d Xeon D-1513N/23/33/43/53
- APL D0 6-5c-9/03 00000036->00000038 Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
- SKL-H/S R0/N0 6-5e-3/36 000000c6->000000cc Core Gen6; Xeon E3 v5
- DNV B0 6-5f-1/01 00000024->0000002e Atom Processor C Series
- GLK B0 6-7a-1/01 0000002c->0000002e Pentium Silver N/J5xxx, Celeron N/J4xxx
- AML-Y22 H0 6-8e-9/10 0000009e->000000b4 Core Gen8 Mobile
- KBL-U/Y H0 6-8e-9/c0 0000009a->000000b4 Core Gen7 Mobile
- CFL-U43e D0 6-8e-a/c0 0000009e->000000b4 Core Gen8 Mobile
- WHL-U W0 6-8e-b/d0 000000a4->000000b8 Core Gen8 Mobile
- WHL-U V0 6-8e-d/94 000000b2->000000b8 Core Gen8 Mobile
- KBL-G/H/S/E3 B0 6-9e-9/2a 0000009a->000000b4 Core Gen7; Xeon E3 v6
- CFL-H/S/E3 U0 6-9e-a/22 000000aa->000000b4 Core Gen8 Desktop, Mobile, Xeon E
- CFL-S B0 6-9e-b/02 000000aa->000000b4 Core Gen8
- CFL-H/S P0 6-9e-c/22 000000a2->000000ae Core Gen9
- CFL-H R0 6-9e-d/22 000000b0->000000b8 Core Gen9 Mobile
ImportantSUSE bug 1111331CVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for microcode_ctl fixes the following issues:
This update contains the Intel QSR 2019.1 Microcode release (bsc#1111331)
Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)
- CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)
- CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)
- CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)
- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
These updates contain the CPU Microcode adjustments for the software mitigations.
For more information on this set of vulnerabilities, check out https://www.suse.com/support/kb/doc/?id=7023736
Release notes:
---- updated platforms ------------------------------------
SNB-E/EN/EP C1/M0 6-2d-6/6d 0000061d->0000061f Xeon E3/E5, Core X
SNB-E/EN/EP C2/M1 6-2d-7/6d 00000714->00000718 Xeon E3/E5, Core X
---- new platforms ----------------------------------------
VLV C0 6-37-8/02 00000838 Atom Z series
VLV C0 6-37-8/0C 00000838 Celeron N2xxx, Pentium N35xx
VLV D0 6-37-9/0F 0000090c Atom E38xx
CHV C0 6-4c-3/01 00000368 Atom X series
CHV D0 6-4c-4/01 00000411 Atom X series
Readded what missing in last update:
BDX-ML B0/M0/R0 6-4f-1/ef 0b00002e->00000036 Xeon E5/E7 v4; Core i7-69xx/68xx
ImportantSUSE bug 1111331SUSE bug 1141977CVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for microcode_ctl fixes the following issues:
- Updated to 20191112 security release (bsc#1155988)
- Processor Identifier Version Products
- Model Stepping F-MO-S/PI Old->New
- ---- new platforms ----------------------------------------
- CML-U62 A0 6-a6-0/80 000000c6 Core Gen10 Mobile
- CNL-U D0 6-66-3/80 0000002a Core Gen8 Mobile
- SKX-SP B1 6-55-3/97 01000150 Xeon Scalable
- ICL U/Y D1 6-7e-5/80 00000046 Core Gen10 Mobile
- ---- updated platforms ------------------------------------
- SKL U/Y D0 6-4e-3/c0 000000cc->000000d4 Core Gen6 Mobile
- SKL H/S/E3 R0/N0 6-5e-3/36 000000cc->000000d4 Core Gen6
- AML-Y22 H0 6-8e-9/10 000000b4->000000c6 Core Gen8 Mobile
- KBL-U/Y H0 6-8e-9/c0 000000b4->000000c6 Core Gen7 Mobile
- CFL-U43e D0 6-8e-a/c0 000000b4->000000c6 Core Gen8 Mobile
- WHL-U W0 6-8e-b/d0 000000b8->000000c6 Core Gen8 Mobile
- AML-Y V0 6-8e-c/94 000000b8->000000c6 Core Gen10 Mobile
- CML-U42 V0 6-8e-c/94 000000b8->000000c6 Core Gen10 Mobile
- WHL-U V0 6-8e-c/94 000000b8->000000c6 Core Gen8 Mobile
- KBL-G/X H0 6-9e-9/2a 000000b4->000000c6 Core Gen7/Gen8
- KBL-H/S/E3 B0 6-9e-9/2a 000000b4->000000c6 Core Gen7; Xeon E3 v6
- CFL-H/S/E3 U0 6-9e-a/22 000000b4->000000c6 Core Gen8 Desktop, Mobile, Xeon E
- CFL-S B0 6-9e-b/02 000000b4->000000c6 Core Gen8
- CFL-H R0 6-9e-d/22 000000b8->000000c6 Core Gen9 Mobile
- Includes security fixes for:
- CVE-2019-11135: Added feature allowing to disable TSX RTM (bsc#1139073)
- CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues (bsc#1141035)
ImportantSUSE bug 1139073SUSE bug 1141035SUSE bug 1155988CVE-2019-11135 at SUSECVE-2019-11135 at NVDCVE-2019-11139 at SUSECVE-2019-11139 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for microcode_ctl fixes the following issues:
- Updated to 20191112 official security release (bsc#1155988)
- Includes security fixes for:
- CVE-2019-11135: Added feature allowing to disable TSX RTM (bsc#1139073)
- CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues (bsc#1141035)
ImportantSUSE bug 1139073SUSE bug 1141035SUSE bug 1155988CVE-2019-11135 at SUSECVE-2019-11135 at NVDCVE-2019-11139 at SUSECVE-2019-11139 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for microcode_ctl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for microcode_ctl fixes the following issues:
Updated Intel CPU Microcode to 20200602 (prerelease) (bsc#1172466)
This update contains security mitigations for:
- CVE-2020-0543: Fixed a side channel attack against special registers
which could have resulted in leaking of read values to cores other
than the one which called it. This attack is known as Special Register
Buffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824).
- CVE-2020-0548,CVE-2020-0549: Additional ucode updates were supplied to
mitigate the Vector Register and L1D Eviction Sampling aka 'CacheOutAttack'
attacks. (bsc#1156353)
Microcode Table:
Processor Identifier Version Products
Model Stepping F-MO-S/PI Old->New
---- new platforms ----------------------------------------
---- updated platforms ------------------------------------
HSW C0 6-3c-3/32 00000027->00000028 Core Gen4
BDW-U/Y E0/F0 6-3d-4/c0 0000002e->0000002f Core Gen5
HSW-U C0/D0 6-45-1/72 00000025->00000026 Core Gen4
HSW-H C0 6-46-1/32 0000001b->0000001c Core Gen4
BDW-H/E3 E0/G0 6-47-1/22 00000021->00000022 Core Gen5
SKL-U/Y D0 6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile
SKL-U23e K1 6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile
SKX-SP B1 6-55-3/97 01000151->01000157 Xeon Scalable
SKX-SP H0/M0/U0 6-55-4/b7 02000065->02006906 Xeon Scalable
SKX-D M1 6-55-4/b7 02000065->02006906 Xeon D-21xx
CLX-SP B0 6-55-6/bf 0400002c->04002f01 Xeon Scalable Gen2
CLX-SP B1 6-55-7/bf 0500002c->04002f01 Xeon Scalable Gen2
SKL-H/S R0/N0 6-5e-3/36 000000d6->000000dc Core Gen6; Xeon E3 v5
AML-Y22 H0 6-8e-9/10 000000ca->000000d6 Core Gen8 Mobile
KBL-U/Y H0 6-8e-9/c0 000000ca->000000d6 Core Gen7 Mobile
CFL-U43e D0 6-8e-a/c0 000000ca->000000d6 Core Gen8 Mobile
WHL-U W0 6-8e-b/d0 000000ca->000000d6 Core Gen8 Mobile
AML-Y42 V0 6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile
CML-Y42 V0 6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile
WHL-U V0 6-8e-c/94 000000ca->000000d6 Core Gen8 Mobile
KBL-G/H/S/E3 B0 6-9e-9/2a 000000ca->000000d6 Core Gen7; Xeon E3 v6
CFL-H/S/E3 U0 6-9e-a/22 000000ca->000000d6 Core Gen8 Desktop, Mobile, Xeon E
CFL-S B0 6-9e-b/02 000000ca->000000d6 Core Gen8
CFL-H/S P0 6-9e-c/22 000000ca->000000d6 Core Gen9
CFL-H R0 6-9e-d/22 000000ca->000000d6 Core Gen9 Mobile
Also contains the Intel CPU Microcode update to 20200520:
Processor Identifier Version Products
Model Stepping F-MO-S/PI Old->New
---- new platforms ----------------------------------------
---- updated platforms ------------------------------------
SNB-E/EN/EP C1/M0 6-2d-6/6d 0000061f->00000621 Xeon E3/E5, Core X
SNB-E/EN/EP C2/M1 6-2d-7/6d 00000718->0000071a Xeon E3/E5, Core X
ModerateSUSE bug 1154824SUSE bug 1156353SUSE bug 1172466CVE-2020-0543 at SUSECVE-2020-0543 at NVDCVE-2020-0548 at SUSECVE-2020-0548 at NVDCVE-2020-0549 at SUSECVE-2020-0549 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for microcode_ctl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for microcode_ctl fixes the following issue:
- Updated Intel CPU Microcode to 20201027 prerelease (bsc#1170446)
- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX)
- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)
# New Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile
| CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3
| CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile
| CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10
| CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile
# Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3
| SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable
| SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx
| CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2
| ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile
| AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile
| WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile
| AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8
| CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9
| CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile
| CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile
ModerateSUSE bug 1170446SUSE bug 1173594CVE-2020-8695 at SUSECVE-2020-8695 at NVDCVE-2020-8698 at SUSECVE-2020-8698 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for microcode_ctl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for microcode_ctl fixes the following issues:
- Updated Intel CPU Microcode to 20201110 official release.
- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) INTEL-SA-00389 (bsc#1170446)
- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)
- CVE-2020-8696: Vector Register Sampling Active INTEL-SA-00381 (bsc#1173592)
- Release notes:
- Security updates for [INTEL-SA-00381](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html).
- Security updates for [INTEL-SA-00389](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html).
- Update for functional issues. Refer to [Second Generation Intel? Xeon? Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.
- Update for functional issues. Refer to [Intel? Xeon? Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.
- Update for functional issues. Refer to [Intel? Xeon? Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.
- Update for functional issues. Refer to [10th Gen Intel? Core™ Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.
- Update for functional issues. Refer to [8th and 9th Gen Intel? Core™ Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.
- Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel? Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.
- Update for functional issues. Refer to [6th Gen Intel? Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.
- Update for functional issues. Refer to [Intel? Xeon? E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.
- Update for functional issues. Refer to [Intel? Xeon? E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.
### New Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3
| LKF | B2/B3 | 06-8a-01/10 | | 00000028 | Core w/Hybrid Technology
| TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile
| CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile
| CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10
| CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile
### Updated Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable
| SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx
| CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2
| APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5
| GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile
| AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile
| WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile
| AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8
| CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9
| CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile
| CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile
ModerateSUSE bug 1170446SUSE bug 1173592SUSE bug 1173594CVE-2020-8695 at SUSECVE-2020-8695 at NVDCVE-2020-8696 at SUSECVE-2020-8696 at NVDCVE-2020-8698 at SUSECVE-2020-8698 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for microcode_ctl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for microcode_ctl fixes the following issues:
Updated to Intel CPU Microcode 20210525 release:
- CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (bsc#1179833)
- CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (bsc#1179836)
- CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837)
- CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (bsc#1179839)
ImportantSUSE bug 1179833SUSE bug 1179836SUSE bug 1179837SUSE bug 1179839CVE-2020-24489 at SUSECVE-2020-24489 at NVDCVE-2020-24511 at SUSECVE-2020-24511 at NVDCVE-2020-24512 at SUSECVE-2020-24512 at NVDCVE-2020-24513 at SUSECVE-2020-24513 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for minicom (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for minicom fixes the following issues:
- CVE-2017-7467: Invalid cursor coordinates and scroll regions could lead to code
execution (bsc#1033783)
ModerateSUSE bug 1033783CVE-2017-7467 at SUSECVE-2017-7467 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mono-core (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
mono-core was updated to fix the following vulnerabilities:
- CVE-2009-0689: Remote attackers could cause a denial of service and possibly arbitrary code execution through the string-to-double parser implementation (bsc#958097)
- CVE-2012-3543: Remote attackers could cause a denial of service through increased CPU consumption due to lack of protection against predictable hash collisions when processing form parameters (bsc#739119)
ModerateSUSE bug 739119SUSE bug 958097CVE-2009-0689 at SUSECVE-2009-0689 at NVDCVE-2012-3543 at SUSECVE-2012-3543 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mono-core (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
mono-core was updated to fix the following vulnerabilities:
- CVE-2009-0689: Remote attackers could cause a denial of service and possibly arbitrary
code execution through the string-to-double parser implementation. (bsc#958097)
- CVE-2012-3543: Remote attackers could cause a denial of service through increased CPU
consumption due to lack of protection against predictable hash collisions when processing
form parameters. (bsc#739119)
ModerateSUSE bug 739119SUSE bug 958097CVE-2009-0689 at SUSECVE-2009-0689 at NVDCVE-2012-3543 at SUSECVE-2012-3543 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for MozillaFirefox, MozillaFirefox-branding-SLED, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss fixes the following issues: (bsc#963520)
Mozilla Firefox was updated to 38.6.0 ESR.
Mozilla NSS was updated to 3.20.2.
The following vulnerabilities were fixed:
- CVE-2016-1930: Memory safety bugs fixed in Firefox ESR 38.6 (bsc#963632)
- CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation (bsc#963635)
- CVE-2016-1938: Calculations with mp_div and mp_exptmod in Network Security Services (NSS) canproduce wrong results (bsc#963731)
The following improvements were added:
- bsc#954447: Mozilla NSS now supports a number of new DHE ciphersuites
- Tracking protection is now enabled by default
ImportantSUSE bug 954447SUSE bug 963520SUSE bug 963632SUSE bug 963635SUSE bug 963731CVE-2016-1930 at SUSECVE-2016-1930 at NVDCVE-2016-1935 at SUSECVE-2016-1935 at NVDCVE-2016-1938 at SUSECVE-2016-1938 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mozilla-nspr (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
mozilla-nspr was update to version 4.10.8 ModerateSUSE bug 935979cpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mozilla-nss (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update contains mozilla-nss 3.19.2.2 and fixes the following security issue:
- CVE-2015-7575: MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature (bsc#959888)
ModerateSUSE bug 959888CVE-2015-7575 at SUSECVE-2015-7575 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for mozilla-nss fixes the following issues:
Update to version 3.68.1:
- CVE-2021-43527: Fixed a Heap overflow in NSS when verifying DER-encoded DSA or RSA-PSS signatures (bsc#1193170).
ImportantSUSE bug 1193170CVE-2021-43527 at SUSECVE-2021-43527 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for mozilla-nss fixes the following issues:
Mozilla NSS 3.68.3 (bsc#1197903):
- CVE-2022-1097: Fixed memory safety violations that could occur when PKCS#11
tokens are removed while in use.
ImportantSUSE bug 1197903CVE-2022-1097 at SUSECVE-2022-1097 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for mozilla-nspr, mozilla-nss (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for mozilla-nspr, mozilla-nss fixes the following issues:
mozilla-nss was updated to version 3.53.1
- CVE-2019-11745: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate
- CVE-2020-12402: Fixed a potential side channel attack during RSA key generation (bsc#1173032).
- CVE-2020-12399: Fixed a timing attack on DSA signature generation (bsc#1171978).
- CVE-2019-17006: Added length checks for cryptographic primitives (bsc#1159819).
- CVE-2019-11727: A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages.
- Fixed various FIPS issues in libfreebl3 which were causing segfaults in the test suite of chrony (bsc#1168669).
- Fixed an issue where Firefox tab was crashing (bsc#1170908).
Release notes: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.53_release_notes
mozilla-nspr was updated to version 4.25.
ImportantSUSE bug 1141322SUSE bug 1158527SUSE bug 1159819SUSE bug 1168669SUSE bug 1169746SUSE bug 1170908SUSE bug 1171978SUSE bug 1173032CVE-2019-11727 at SUSECVE-2019-11727 at NVDCVE-2019-11745 at SUSECVE-2019-11745 at NVDCVE-2019-17006 at SUSECVE-2019-17006 at NVDCVE-2020-12399 at SUSECVE-2020-12399 at NVDCVE-2020-12402 at SUSECVE-2020-12402 at NVDcpe:/o:suse:suse_sles:11:sp4Recommended update for mozilla-nspr, mozilla-nss (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for mozilla-nspr fixes the following issues:
mozilla-nspr was updated to version 4.32:
* implement new socket option PR_SockOpt_DontFrag
* support larger DNS records by increasing the default buffer
size for DNS queries
* Lock access to PRCallOnceType members in PR_CallOnce* for
thread safety bmo#1686138
* PR_GetSystemInfo supports a new flag PR_SI_RELEASE_BUILD to get
information about the operating system build version.
Mozilla NSS was updated to version 3.68:
* bmo#1713562 - Fix test leak.
* bmo#1717452 - NSS 3.68 should depend on NSPR 4.32.
* bmo#1693206 - Implement PKCS8 export of ECDSA keys.
* bmo#1712883 - DTLS 1.3 draft-43.
* bmo#1655493 - Support SHA2 HW acceleration using Intel SHA Extension.
* bmo#1713562 - Validate ECH public names.
* bmo#1717610 - Add function to get seconds from epoch from pkix::Time.
update to NSS 3.67
* bmo#1683710 - Add a means to disable ALPN.
* bmo#1715720 - Fix nssckbi version number in NSS 3.67 (was supposed to be incremented in 3.66).
* bmo#1714719 - Set NSS_USE_64 on riscv64 target when using GYP/Ninja.
* bmo#1566124 - Fix counter increase in ppc-gcm-wrap.c.
* bmo#1566124 - Fix AES_GCM mode on ppc64le for messages of length more than 255-byte.
update to NSS 3.66
* bmo#1710716 - Remove Expired Sonera Class2 CA from NSS.
* bmo#1710716 - Remove Expired Root Certificates from NSS - QuoVadis Root Certification Authority.
* bmo#1708307 - Remove Trustis FPS Root CA from NSS.
* bmo#1707097 - Add Certum Trusted Root CA to NSS.
* bmo#1707097 - Add Certum EC-384 CA to NSS.
* bmo#1703942 - Add ANF Secure Server Root CA to NSS.
* bmo#1697071 - Add GLOBALTRUST 2020 root cert to NSS.
* bmo#1712184 - NSS tools manpages need to be updated to reflect that sqlite is the default database.
* bmo#1712230 - Don't build ppc-gcm.s with clang integrated assembler.
* bmo#1712211 - Strict prototype error when trying to compile nss code that includes blapi.h.
* bmo#1710773 - NSS needs FIPS 180-3 FIPS indicators.
* bmo#1709291 - Add VerifyCodeSigningCertificateChain.
update to NSS 3.65
* bmo#1709654 - Update for NetBSD configuration.
* bmo#1709750 - Disable HPKE test when fuzzing.
* bmo#1566124 - Optimize AES-GCM for ppc64le.
* bmo#1699021 - Add AES-256-GCM to HPKE.
* bmo#1698419 - ECH -10 updates.
* bmo#1692930 - Update HPKE to final version.
* bmo#1707130 - NSS should use modern algorithms in PKCS#12 files by default.
* bmo#1703936 - New coverity/cpp scanner errors.
* bmo#1697303 - NSS needs to update it's csp clearing to FIPS 180-3 standards.
* bmo#1702663 - Need to support RSA PSS with Hashing PKCS #11 Mechanisms.
* bmo#1705119 - Deadlock when using GCM and non-thread safe tokens.
update to NSS 3.64
* bmo#1705286 - Properly detect mips64.
* bmo#1687164 - Introduce NSS_DISABLE_CRYPTO_VSX and
disable_crypto_vsx.
* bmo#1698320 - replace __builtin_cpu_supports('vsx') with
ppc_crypto_support() for clang.
* bmo#1613235 - Add POWER ChaCha20 stream cipher vector
acceleration.
Fixed in 3.63
* bmo#1697380 - Make a clang-format run on top of helpful contributions.
* bmo#1683520 - ECCKiila P384, change syntax of nested structs
initialization to prevent build isses with GCC 4.8.
* bmo#1683520 - [lib/freebl/ecl] P-384: allow zero scalars in dual
scalar multiplication.
* bmo#1683520 - ECCKiila P521, change syntax of nested structs
initialization to prevent build isses with GCC 4.8.
* bmo#1683520 - [lib/freebl/ecl] P-521: allow zero scalars in dual
scalar multiplication.
* bmo#1696800 - HACL* update March 2021 - c95ab70fcb2bc21025d8845281bc4bc8987ca683.
* bmo#1694214 - tstclnt can't enable middlebox compat mode.
* bmo#1694392 - NSS does not work with PKCS #11 modules not supporting
profiles.
* bmo#1685880 - Minor fix to prevent unused variable on early return.
* bmo#1685880 - Fix for the gcc compiler version 7 to support setenv
with nss build.
* bmo#1693217 - Increase nssckbi.h version number for March 2021 batch
of root CA changes, CA list version 2.48.
* bmo#1692094 - Set email distrust after to 21-03-01 for Camerfirma's
'Chambers of Commerce' and 'Global Chambersign' roots.
* bmo#1618407 - Symantec root certs - Set CKA_NSS_EMAIL_DISTRUST_AFTER.
* bmo#1693173 - Add GlobalSign R45, E45, R46, and E46 root certs to NSS.
* bmo#1683738 - Add AC RAIZ FNMT-RCM SERVIDORES SEGUROS root cert to NSS.
* bmo#1686854 - Remove GeoTrust PCA-G2 and VeriSign Universal root certs
from NSS.
* bmo#1687822 - Turn off Websites trust bit for the “Staat der
Nederlanden Root CA - G3” root cert in NSS.
* bmo#1692094 - Turn off Websites Trust Bit for 'Chambers of Commerce
Root - 2008' and 'Global Chambersign Root - 2008’.
* bmo#1694291 - Tracing fixes for ECH.
update to NSS 3.62
* bmo#1688374 - Fix parallel build NSS-3.61 with make
* bmo#1682044 - pkix_Build_GatherCerts() + pkix_CacheCert_Add()
can corrupt 'cachedCertTable'
* bmo#1690583 - Fix CH padding extension size calculation
* bmo#1690421 - Adjust 3.62 ABI report formatting for new libabigail
* bmo#1690421 - Install packaged libabigail in docker-builds image
* bmo#1689228 - Minor ECH -09 fixes for interop testing, fuzzing
* bmo#1674819 - Fixup a51fae403328, enum type may be signed
* bmo#1681585 - Add ECH support to selfserv
* bmo#1681585 - Update ECH to Draft-09
* bmo#1678398 - Add Export/Import functions for HPKE context
* bmo#1678398 - Update HPKE to draft-07
update to NSS 3.61
* bmo#1682071 - Fix issue with IKE Quick mode deriving incorrect key
values under certain conditions.
* bmo#1684300 - Fix default PBE iteration count when NSS is compiled
with NSS_DISABLE_DBM.
* bmo#1651411 - Improve constant-timeness in RSA operations.
* bmo#1677207 - Upgrade Google Test version to latest release.
* bmo#1654332 - Add aarch64-make target to nss-try.
Update to NSS 3.60.1:
Notable changes in NSS 3.60:
* TLS 1.3 Encrypted Client Hello (draft-ietf-tls-esni-08) support
has been added, replacing the previous ESNI (draft-ietf-tls-esni-01)
implementation. See bmo#1654332 for more information.
* December 2020 batch of Root CA changes, builtins library updated
to version 2.46. See bmo#1678189, bmo#1678166, and bmo#1670769
for more information.
Update to NSS 3.59.1:
* bmo#1679290 - Fix potential deadlock with certain third-party
PKCS11 modules
Update to NSS 3.59:
Notable changes:
* Exported two existing functions from libnss:
CERT_AddCertToListHeadWithData and CERT_AddCertToListTailWithData
Bugfixes
* bmo#1607449 - Lock cert->nssCertificate to prevent a potential data race
* bmo#1672823 - Add Wycheproof test cases for HMAC, HKDF, and DSA
* bmo#1663661 - Guard against NULL token in nssSlot_IsTokenPresent
* bmo#1670835 - Support enabling and disabling signatures via Crypto Policy
* bmo#1672291 - Resolve libpkix OCSP failures on SHA1 self-signed
root certs when SHA1 signatures are disabled.
* bmo#1644209 - Fix broken SelectedCipherSuiteReplacer filter to
solve some test intermittents
* bmo#1672703 - Tolerate the first CCS in TLS 1.3 to fix a regression in
our CVE-2020-25648 fix that broke purple-discord
(boo#1179382)
* bmo#1666891 - Support key wrap/unwrap with RSA-OAEP
* bmo#1667989 - Fix gyp linking on Solaris
* bmo#1668123 - Export CERT_AddCertToListHeadWithData and
CERT_AddCertToListTailWithData from libnss
* bmo#1634584 - Set CKA_NSS_SERVER_DISTRUST_AFTER for Trustis FPS Root CA
* bmo#1663091 - Remove unnecessary assertions in the streaming
ASN.1 decoder that affected decoding certain PKCS8
private keys when using NSS debug builds
* bmo#670839 - Use ARM crypto extension for AES, SHA1 and SHA2 on MacOS.
update to NSS 3.58
Bugs fixed:
* bmo#1641480 (CVE-2020-25648)
Tighten CCS handling for middlebox compatibility mode.
* bmo#1631890 - Add support for Hybrid Public Key Encryption
(draft-irtf-cfrg-hpke) support for TLS Encrypted Client Hello
(draft-ietf-tls-esni).
* bmo#1657255 - Add CI tests that disable SHA1/SHA2 ARM crypto
extensions.
* bmo#1668328 - Handle spaces in the Python path name when using
gyp on Windows.
* bmo#1667153 - Add PK11_ImportDataKey for data object import.
* bmo#1665715 - Pass the embedded SCT list extension (if present)
to TrustDomain::CheckRevocation instead of the notBefore value.
update to NSS 3.57
* The following CA certificates were Added:
bmo#1663049 - CN=Trustwave Global Certification Authority
SHA-256 Fingerprint: 97552015F5DDFC3C8788C006944555408894450084F100867086BC1A2BB58DC8
bmo#1663049 - CN=Trustwave Global ECC P256 Certification Authority
SHA-256 Fingerprint: 945BBC825EA554F489D1FD51A73DDF2EA624AC7019A05205225C22A78CCFA8B4
bmo#1663049 - CN=Trustwave Global ECC P384 Certification Authority
SHA-256 Fingerprint: 55903859C8C0C3EBB8759ECE4E2557225FF5758BBD38EBD48276601E1BD58097
* The following CA certificates were Removed:
bmo#1651211 - CN=EE Certification Centre Root CA
SHA-256 Fingerprint: 3E84BA4342908516E77573C0992F0979CA084E4685681FF195CCBA8A229B8A76
bmo#1656077 - O=Government Root Certification Authority; C=TW
SHA-256 Fingerprint: 7600295EEFE85B9E1FD624DB76062AAAAE59818A54D2774CD4C0B2C01131E1B3
* Trust settings for the following CA certificates were Modified:
bmo#1653092 - CN=OISTE WISeKey Global Root GA CA
Websites (server authentication) trust bit removed.
* https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.57_release_notes
update to NSS 3.56
Notable changes
* bmo#1650702 - Support SHA-1 HW acceleration on ARMv8
* bmo#1656981 - Use MPI comba and mulq optimizations on x86-64 MacOS.
* bmo#1654142 - Add CPU feature detection for Intel SHA extension.
* bmo#1648822 - Add stricter validation of DH keys in FIPS mode.
* bmo#1656986 - Properly detect arm64 during GYP build architecture
detection.
* bmo#1652729 - Add build flag to disable RC2 and relocate to
lib/freebl/deprecated.
* bmo#1656429 - Correct RTT estimate used in 0-RTT anti-replay.
* bmo#1588941 - Send empty certificate message when scheme selection
fails.
* bmo#1652032 - Fix failure to build in Windows arm64 makefile
cross-compilation.
* bmo#1625791 - Fix deadlock issue in nssSlot_IsTokenPresent.
* bmo#1653975 - Fix 3.53 regression by setting 'all' as the default
makefile target.
* bmo#1659792 - Fix broken libpkix tests with unexpired PayPal cert.
* bmo#1659814 - Fix interop.sh failures with newer tls-interop
commit and dependencies.
* bmo#1656519 - NSPR dependency updated to 4.28
update to NSS 3.55
Notable changes
* P384 and P521 elliptic curve implementations are replaced with
verifiable implementations from Fiat-Crypto [0] and ECCKiila [1].
* PK11_FindCertInSlot is added. With this function, a given slot
can be queried with a DER-Encoded certificate, providing performance
and usability improvements over other mechanisms. (bmo#1649633)
* DTLS 1.3 implementation is updated to draft-38. (bmo#1647752)
Relevant Bugfixes
* bmo#1631583 (CVE-2020-6829, CVE-2020-12400) - Replace P384 and
P521 with new, verifiable implementations from Fiat-Crypto and ECCKiila.
* bmo#1649487 - Move overzealous assertion in VFY_EndWithSignature.
* bmo#1631573 (CVE-2020-12401) - Remove unnecessary scalar padding.
* bmo#1636771 (CVE-2020-12403) - Explicitly disable multi-part
ChaCha20 (which was not functioning correctly) and more strictly
enforce tag length.
* bmo#1649648 - Don't memcpy zero bytes (sanitizer fix).
* bmo#1649316 - Don't memcpy zero bytes (sanitizer fix).
* bmo#1649322 - Don't memcpy zero bytes (sanitizer fix).
* bmo#1653202 - Fix initialization bug in blapitest when compiled
with NSS_DISABLE_DEPRECATED_SEED.
* bmo#1646594 - Fix AVX2 detection in makefile builds.
* bmo#1649633 - Add PK11_FindCertInSlot to search a given slot
for a DER-encoded certificate.
* bmo#1651520 - Fix slotLock race in NSC_GetTokenInfo.
* bmo#1647752 - Update DTLS 1.3 implementation to draft-38.
* bmo#1649190 - Run cipher, sdr, and ocsp tests under standard test cycle in CI.
* bmo#1649226 - Add Wycheproof ECDSA tests.
* bmo#1637222 - Consistently enforce IV requirements for DES and 3DES.
* bmo#1067214 - Enforce minimum PKCS#1 v1.5 padding length in
RSA_CheckSignRecover.
* bmo#1646324 - Advertise PKCS#1 schemes for certificates in the
signature_algorithms extension.
update to NSS 3.54
Notable changes
* Support for TLS 1.3 external pre-shared keys (bmo#1603042).
* Use ARM Cryptography Extension for SHA256, when available
(bmo#1528113)
* The following CA certificates were Added:
bmo#1645186 - certSIGN Root CA G2.
bmo#1645174 - e-Szigno Root CA 2017.
bmo#1641716 - Microsoft ECC Root Certificate Authority 2017.
bmo#1641716 - Microsoft RSA Root Certificate Authority 2017.
* The following CA certificates were Removed:
bmo#1645199 - AddTrust Class 1 CA Root.
bmo#1645199 - AddTrust External CA Root.
bmo#1641718 - LuxTrust Global Root 2.
bmo#1639987 - Staat der Nederlanden Root CA - G2.
bmo#1618402 - Symantec Class 2 Public Primary Certification Authority - G4.
bmo#1618402 - Symantec Class 1 Public Primary Certification Authority - G4.
bmo#1618402 - VeriSign Class 3 Public Primary Certification Authority - G3.
* A number of certificates had their Email trust bit disabled.
See bmo#1618402 for a complete list.
Bugs fixed
* bmo#1528113 - Use ARM Cryptography Extension for SHA256.
* bmo#1603042 - Add TLS 1.3 external PSK support.
* bmo#1642802 - Add uint128 support for HACL* curve25519 on Windows.
* bmo#1645186 - Add 'certSIGN Root CA G2' root certificate.
* bmo#1645174 - Add Microsec's 'e-Szigno Root CA 2017' root certificate.
* bmo#1641716 - Add Microsoft's non-EV root certificates.
* bmo1621151 - Disable email trust bit for 'O=Government
Root Certification Authority; C=TW' root.
* bmo#1645199 - Remove AddTrust root certificates.
* bmo#1641718 - Remove 'LuxTrust Global Root 2' root certificate.
* bmo#1639987 - Remove 'Staat der Nederlanden Root CA - G2' root
certificate.
* bmo#1618402 - Remove Symantec root certificates and disable email trust
bit.
* bmo#1640516 - NSS 3.54 should depend on NSPR 4.26.
* bmo#1642146 - Fix undefined reference to `PORT_ZAlloc_stub' in seed.c.
* bmo#1642153 - Fix infinite recursion building NSS.
* bmo#1642638 - Fix fuzzing assertion crash.
* bmo#1642871 - Enable SSL_SendSessionTicket after resumption.
* bmo#1643123 - Support SSL_ExportEarlyKeyingMaterial with External PSKs.
* bmo#1643557 - Fix numerous compile warnings in NSS.
* bmo#1644774 - SSL gtests to use ClearServerCache when resetting
self-encrypt keys.
* bmo#1645479 - Don't use SECITEM_MakeItem in secutil.c.
* bmo#1646520 - Stricter enforcement of ASN.1 INTEGER encoding.
ModerateSUSE bug 1029961SUSE bug 1174697SUSE bug 1176206SUSE bug 1176934SUSE bug 1179382SUSE bug 1188891CVE-2020-12400 at SUSECVE-2020-12400 at NVDCVE-2020-12401 at SUSECVE-2020-12401 at NVDCVE-2020-12403 at SUSECVE-2020-12403 at NVDCVE-2020-25648 at SUSECVE-2020-25648 at NVDCVE-2020-6829 at SUSECVE-2020-6829 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for mutt (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for mutt fixes the following issues:
Security issues fixed:
- CVE-2018-14352: Fix imap_quote_string in imap/util.c that does not leave room for quote characters (bsc#1101582).
- CVE-2018-14353: Fix imap_quote_string in imap/util.c that has an integer underflow (bsc#1101581).
- CVE-2018-14362: Fix pop.c that does not forbid characters that may have unsafe interaction with message-cache pathnames (bsc#1101567).
- CVE-2018-14354: Fix arbitrary command execution from remote IMAP servers via backquote characters (bsc#1101578).
- CVE-2018-14356: Fix pop.c that mishandles a zero-length UID (bsc#1101576).
- CVE-2018-14355: Fix imap/util.c that mishandles '..' directory traversal in a mailbox name (bsc#1101577).
- CVE-2018-14349: Fix imap/command.c that mishandles a NO response without a message (bsc#1101589).
- CVE-2018-14350: Fix imap/message.c that has a stack-based buffer overflow for a FETCH response with along INTERNALDATE field (bsc#1101588).
- CVE-2018-14357: Fix that remote IMAP servers are allowed to execute arbitrary commands via backquote characters (bsc#1101573).
- CVE-2018-14359: Fix buffer overflow via base64 data (bsc#1101570).
- CVE-2018-14358: Fix imap/message.c that has a stack-based buffer overflow for a FETCH response with along RFC822.SIZE field (bsc#1101571).
Bug fixes:
- bsc#936807: On entering a 70 character subject line in mutt, a tab is added to the text after 67 characters.
ImportantSUSE bug 1101567SUSE bug 1101570SUSE bug 1101571SUSE bug 1101573SUSE bug 1101576SUSE bug 1101577SUSE bug 1101578SUSE bug 1101581SUSE bug 1101582SUSE bug 1101588SUSE bug 1101589SUSE bug 936807CVE-2018-14349 at SUSECVE-2018-14349 at NVDCVE-2018-14350 at SUSECVE-2018-14350 at NVDCVE-2018-14352 at SUSECVE-2018-14352 at NVDCVE-2018-14353 at SUSECVE-2018-14353 at NVDCVE-2018-14354 at SUSECVE-2018-14354 at NVDCVE-2018-14355 at SUSECVE-2018-14355 at NVDCVE-2018-14356 at SUSECVE-2018-14356 at NVDCVE-2018-14357 at SUSECVE-2018-14357 at NVDCVE-2018-14358 at SUSECVE-2018-14358 at NVDCVE-2018-14359 at SUSECVE-2018-14359 at NVDCVE-2018-14362 at SUSECVE-2018-14362 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mutt (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for mutt fixes the following issues:
- CVE-2020-14954: Fixed a response injection due to a STARTTLS buffering issue which was
affecting IMAP, SMTP, and POP3 (bsc#1173197).
- CVE-2020-14093: Fixed a potential IMAP Man-in-the-Middle attack via a PREAUTH response (bsc#1172906, bsc#1172935).
- CVE-2020-14154: Fixed an issue where Mutt was ignoring an expired certificate and was proceeding with a connection (bsc#1172906, bsc#1172935).
ImportantSUSE bug 1172906SUSE bug 1172935SUSE bug 1173197CVE-2020-14093 at SUSECVE-2020-14093 at NVDCVE-2020-14154 at SUSECVE-2020-14154 at NVDCVE-2020-14954 at SUSECVE-2020-14954 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for mutt (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for mutt fixes the following issues:
- CVE-2020-28896: incomplete connection termination could lead to sending credentials over unencrypted connections (bsc#1179035)
- Avoid that message with a million tiny parts can freeze MUA for several minutes (bsc#1179113)
ImportantSUSE bug 1179035SUSE bug 1179113CVE-2020-28896 at SUSECVE-2020-28896 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for mysql (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
MySQL was updated to version 5.5.45, fixing bugs and security issues.
A list of all changes can be found on:
- http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-45.html
- http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-44.html
To fix the 'BACKRONYM' security issue (CVE-2015-3152) the behaviour of
the SSL options was changed slightly to meet expectations:
Now using '--ssl-verify-server-cert' and '--ssl[-*]' implies that the ssl
connection is required. The mysql client will now print an error
if ssl is required, but the server can not handle a ssl
connection [bnc#924663], [bnc#928962], [CVE-2015-3152]
Additional bugs fixed:
- fix rc.mysql-multi script to start instances after restart
properly [bnc#934401].
ModerateSUSE bug 924663SUSE bug 928962SUSE bug 934401SUSE bug 938412CVE-2015-2582 at SUSECVE-2015-2582 at NVDCVE-2015-2611 at SUSECVE-2015-2611 at NVDCVE-2015-2617 at SUSECVE-2015-2617 at NVDCVE-2015-2620 at SUSECVE-2015-2620 at NVDCVE-2015-2639 at SUSECVE-2015-2639 at NVDCVE-2015-2641 at SUSECVE-2015-2641 at NVDCVE-2015-2643 at SUSECVE-2015-2643 at NVDCVE-2015-2648 at SUSECVE-2015-2648 at NVDCVE-2015-2661 at SUSECVE-2015-2661 at NVDCVE-2015-3152 at SUSECVE-2015-3152 at NVDCVE-2015-4737 at SUSECVE-2015-4737 at NVDCVE-2015-4752 at SUSECVE-2015-4752 at NVDCVE-2015-4756 at SUSECVE-2015-4756 at NVDCVE-2015-4757 at SUSECVE-2015-4757 at NVDCVE-2015-4761 at SUSECVE-2015-4761 at NVDCVE-2015-4767 at SUSECVE-2015-4767 at NVDCVE-2015-4769 at SUSECVE-2015-4769 at NVDCVE-2015-4771 at SUSECVE-2015-4771 at NVDCVE-2015-4772 at SUSECVE-2015-4772 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mysql (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The mysql package was updated to version 5.5.46 to fixs several security and non security issues.
- bnc#951391: update to version 5.5.46
* changes:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-46.html
* fixed CVEs:
CVE-2015-1793, CVE-2015-0286, CVE-2015-0288, CVE-2015-1789,
CVE-2015-4730, CVE-2015-4766, CVE-2015-4792, CVE-2015-4800,
CVE-2015-4802, CVE-2015-4815, CVE-2015-4816, CVE-2015-4819,
CVE-2015-4826, CVE-2015-4830, CVE-2015-4833, CVE-2015-4836,
CVE-2015-4858, CVE-2015-4861, CVE-2015-4862, CVE-2015-4864,
CVE-2015-4866, CVE-2015-4870, CVE-2015-4879, CVE-2015-4890,
CVE-2015-4895, CVE-2015-4904, CVE-2015-4905, CVE-2015-4910,
CVE-2015-4913
- bnc#952196: Fixed a build error for ppc*, s390* and ia64 architectures.
ModerateSUSE bug 951391SUSE bug 952196CVE-2015-0286 at SUSECVE-2015-0286 at NVDCVE-2015-0288 at SUSECVE-2015-0288 at NVDCVE-2015-1789 at SUSECVE-2015-1789 at NVDCVE-2015-1793 at SUSECVE-2015-1793 at NVDCVE-2015-4730 at SUSECVE-2015-4730 at NVDCVE-2015-4766 at SUSECVE-2015-4766 at NVDCVE-2015-4792 at SUSECVE-2015-4792 at NVDCVE-2015-4800 at SUSECVE-2015-4800 at NVDCVE-2015-4802 at SUSECVE-2015-4802 at NVDCVE-2015-4815 at SUSECVE-2015-4815 at NVDCVE-2015-4816 at SUSECVE-2015-4816 at NVDCVE-2015-4819 at SUSECVE-2015-4819 at NVDCVE-2015-4826 at SUSECVE-2015-4826 at NVDCVE-2015-4830 at SUSECVE-2015-4830 at NVDCVE-2015-4833 at SUSECVE-2015-4833 at NVDCVE-2015-4836 at SUSECVE-2015-4836 at NVDCVE-2015-4858 at SUSECVE-2015-4858 at NVDCVE-2015-4861 at SUSECVE-2015-4861 at NVDCVE-2015-4862 at SUSECVE-2015-4862 at NVDCVE-2015-4864 at SUSECVE-2015-4864 at NVDCVE-2015-4866 at SUSECVE-2015-4866 at NVDCVE-2015-4870 at SUSECVE-2015-4870 at NVDCVE-2015-4879 at SUSECVE-2015-4879 at NVDCVE-2015-4890 at SUSECVE-2015-4890 at NVDCVE-2015-4895 at SUSECVE-2015-4895 at NVDCVE-2015-4904 at SUSECVE-2015-4904 at NVDCVE-2015-4905 at SUSECVE-2015-4905 at NVDCVE-2015-4910 at SUSECVE-2015-4910 at NVDCVE-2015-4913 at SUSECVE-2015-4913 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mysql (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update to MySQL 5.5.47 fixes the following issues (bsc#962779):
- CVE-2015-7744: Lack of verification against faults associated with the Chinese Remainder Theorem (CRT) process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote attackers to obtain private RSA keys by capturing TLS handshakes, aka a Lenstra attack.
- CVE-2016-0502: Unspecified vulnerability in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
- CVE-2016-0505: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to Options.
- CVE-2016-0546: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client.
- CVE-2016-0596: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier allows remote authenticated users to affect availability via vectors related to DML.
- CVE-2016-0597: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
- CVE-2016-0598: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML.
- CVE-2016-0600: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
- CVE-2016-0606: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 allows remote authenticated users to affect integrity via unknown vectors related to encryption.
- CVE-2016-0608: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 allows remote authenticated users to affect availability via vectors related to UDF.
- CVE-2016-0609: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to privileges.
- CVE-2016-0616: Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
- bsc#959724: Possible buffer overflow from incorrect use of strcpy() and sprintf()
The following bugs were fixed:
- bsc#960961: Incorrect use of plugin-load option in default_plugins.cnf
ModerateSUSE bug 959724SUSE bug 960961SUSE bug 962779CVE-2015-7744 at SUSECVE-2015-7744 at NVDCVE-2016-0502 at SUSECVE-2016-0502 at NVDCVE-2016-0505 at SUSECVE-2016-0505 at NVDCVE-2016-0546 at SUSECVE-2016-0546 at NVDCVE-2016-0596 at SUSECVE-2016-0596 at NVDCVE-2016-0597 at SUSECVE-2016-0597 at NVDCVE-2016-0598 at SUSECVE-2016-0598 at NVDCVE-2016-0600 at SUSECVE-2016-0600 at NVDCVE-2016-0606 at SUSECVE-2016-0606 at NVDCVE-2016-0608 at SUSECVE-2016-0608 at NVDCVE-2016-0609 at SUSECVE-2016-0609 at NVDCVE-2016-0616 at SUSECVE-2016-0616 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mysql (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
mysql was updated to version 5.5.49 to fix 13 security issues.
These security issues were fixed:
- CVE-2016-0644: Unspecified vulnerability allowed local users to affect availability via vectors related to DDL (bsc#976341).
- CVE-2016-0646: Unspecified vulnerability allowed local users to affect availability via vectors related to DML (bsc#976341).
- CVE-2016-0647: Unspecified vulnerability allowed local users to affect availability via vectors related to FTS (bsc#976341).
- CVE-2016-0640: Unspecified vulnerability allowed local users to affect integrity and availability via vectors related to DML (bsc#976341).
- CVE-2016-0641: Unspecified vulnerability allowed local users to affect confidentiality and availability via vectors related to MyISAM (bsc#976341).
- CVE-2016-0642: Unspecified vulnerability allowed local users to affect integrity and availability via vectors related to Federated (bsc#976341).
- CVE-2016-0643: Unspecified vulnerability allowed local users to affect confidentiality via vectors related to DML (bsc#976341).
- CVE-2016-0666: Unspecified vulnerability allowed local users to affect availability via vectors related to Security: Privileges (bsc#976341).
- CVE-2016-0651: Unspecified vulnerability allowed local users to affect availability via vectors related to Optimizer (bsc#976341).
- CVE-2016-0650: Unspecified vulnerability allowed local users to affect availability via vectors related to Replication (bsc#976341).
- CVE-2016-0648: Unspecified vulnerability allowed local users to affect availability via vectors related to PS (bsc#976341).
- CVE-2016-0649: Unspecified vulnerability allowed local users to affect availability via vectors related to PS (bsc#976341).
- CVE-2016-2047: The ssl_verify_server_cert function in sql-common/client.c did not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allowed man-in-the-middle attackers to spoof SSL servers via a '/CN=' string in a field in a certificate, as demonstrated by '/OU=/CN=bar.com/CN=foo.com (bsc#963806).
More details are available at
- http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-49.html
- http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-48.html
ImportantSUSE bug 963806SUSE bug 976341CVE-2016-0640 at SUSECVE-2016-0640 at NVDCVE-2016-0641 at SUSECVE-2016-0641 at NVDCVE-2016-0642 at SUSECVE-2016-0642 at NVDCVE-2016-0643 at SUSECVE-2016-0643 at NVDCVE-2016-0644 at SUSECVE-2016-0644 at NVDCVE-2016-0646 at SUSECVE-2016-0646 at NVDCVE-2016-0647 at SUSECVE-2016-0647 at NVDCVE-2016-0648 at SUSECVE-2016-0648 at NVDCVE-2016-0649 at SUSECVE-2016-0649 at NVDCVE-2016-0650 at SUSECVE-2016-0650 at NVDCVE-2016-0651 at SUSECVE-2016-0651 at NVDCVE-2016-0666 at SUSECVE-2016-0666 at NVDCVE-2016-2047 at SUSECVE-2016-2047 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mysql (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for mysql fixes the following issues:
- bsc#959724: fix incorrect usage of sprintf/strcpy that caused possible buffer overflow issues at various places
On SUSE Linux Enterprise 11 SP4 this fix was not yet shipped:
- Increase the key length (to 2048 bits) used in vio/viosslfactories.c for creating
Diffie-Hellman keys (Logjam Attack) [bnc#934789] [CVE-2015-4000]
ModerateSUSE bug 934789SUSE bug 959724CVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mysql (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This mysql update to verson 5.5.52 fixes the following issues:
Security issues fixed:
- CVE-2016-3477: Fixed unspecified vulnerability in subcomponent parser (bsc#989913).
- CVE-2016-3521: Fixed unspecified vulnerability in subcomponent types (bsc#989919).
- CVE-2016-3615: Fixed unspecified vulnerability in subcomponent dml (bsc#989922).
- CVE-2016-5440: Fixed unspecified vulnerability in subcomponent rbr (bsc#989926).
- CVE-2016-6662: A malicious user with SQL and filesystem access could create
a my.cnf in the datadir and , under certain circumstances, execute
arbitrary code as mysql (or even root) user. (bsc#998309)
More details can be found on:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-51.html
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-50.html
Bugs fixed:
- bsc#967374: properly restart mysql multi instances during upgrade
- bnc#937258: multi script to restart after crash
ImportantSUSE bug 937258SUSE bug 967374SUSE bug 989913SUSE bug 989919SUSE bug 989922SUSE bug 989926SUSE bug 998309CVE-2016-3477 at SUSECVE-2016-3477 at NVDCVE-2016-3521 at SUSECVE-2016-3521 at NVDCVE-2016-3615 at SUSECVE-2016-3615 at NVDCVE-2016-5440 at SUSECVE-2016-5440 at NVDCVE-2016-6662 at SUSECVE-2016-6662 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mysql (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This mysql version update to 5.5.53 fixes the following issues:
- CVE-2016-6662: Unspecified vulnerability in subcomponent Logging (bsc#1005580)
- CVE-2016-7440: Unspecified vulnerability in subcomponent Encryption (bsc#1005581)
- CVE-2016-5584: Unspecified vulnerability in subcomponent Encryption (bsc#1005558)
Release Notes:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-53.html
ImportantSUSE bug 1005558SUSE bug 1005580SUSE bug 1005581CVE-2016-5584 at SUSECVE-2016-5584 at NVDCVE-2016-6662 at SUSECVE-2016-6662 at NVDCVE-2016-7440 at SUSECVE-2016-7440 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mysql (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This mysql version update to 5.5.54 fixes the following issues:
- CVE-2017-3318: Unspecified vulnerability affecting Error Handling (bsc#1020896)
- CVE-2017-3317: Unspecified vulnerability affecting Logging (bsc#1020894)
- CVE-2017-3313: Unspecified vulnerability affecting the MyISAM component (bsc#1020890)
- CVE-2017-3312: Insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 (bsc#1020873)
- CVE-2017-3291: Unrestricted mysqld_safe's ledir (bsc#1020884)
- CVE-2017-3265: Unsafe chmod/chown use in init script (bsc#1020885)
- CVE-2017-3258: Unspecified vulnerability in the DDL component (bsc#1020875)
- CVE-2017-3244: Unspecified vulnerability affecing the DML component (bsc#1020877)
- CVE-2017-3243: Unspecified vulnerability affecting the Charsets component (bsc#1020891)
- CVE-2017-3238: Unspecified vulnerability affecting the Optimizer component (bsc#1020882)
- Applications using the client library for MySQL (libmysqlclient.so) had a use-after-free issue that could cause the applications to crash (bsc#1022428)
Release Notes:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-54.html
ImportantSUSE bug 1020868SUSE bug 1020873SUSE bug 1020875SUSE bug 1020877SUSE bug 1020882SUSE bug 1020884SUSE bug 1020885SUSE bug 1020890SUSE bug 1020891SUSE bug 1020894SUSE bug 1020896SUSE bug 1022428CVE-2017-3238 at SUSECVE-2017-3238 at NVDCVE-2017-3243 at SUSECVE-2017-3243 at NVDCVE-2017-3244 at SUSECVE-2017-3244 at NVDCVE-2017-3258 at SUSECVE-2017-3258 at NVDCVE-2017-3265 at SUSECVE-2017-3265 at NVDCVE-2017-3291 at SUSECVE-2017-3291 at NVDCVE-2017-3312 at SUSECVE-2017-3312 at NVDCVE-2017-3313 at SUSECVE-2017-3313 at NVDCVE-2017-3317 at SUSECVE-2017-3317 at NVDCVE-2017-3318 at SUSECVE-2017-3318 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mysql (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for mysql to version 5.5.55 fixes the following issues:
These security issues were fixed:
- CVE-2017-3308: Unspecified vulnerability in Server: DML (bsc#1034850)
- CVE-2017-3309: Unspecified vulnerability in Server: Optimizer (bsc#1034850)
- CVE-2017-3329: Unspecified vulnerability in Server: Thread (bsc#1034850)
- CVE-2017-3600: Unspecified vulnerability in Client: mysqldump (bsc#1034850)
- CVE-2017-3453: Unspecified vulnerability in Server: Optimizer (bsc#1034850)
- CVE-2017-3456: Unspecified vulnerability in Server: DML (bsc#1034850)
- CVE-2017-3463: Unspecified vulnerability in Server: Security (bsc#1034850)
- CVE-2017-3462: Unspecified vulnerability in Server: Security (bsc#1034850)
- CVE-2017-3461: Unspecified vulnerability in Server: Security (bsc#1034850)
- CVE-2017-3464: Unspecified vulnerability in Server: DDL (bsc#1034850)
- CVE-2017-3305: MySQL client sent authentication request unencrypted even if SSL was required (aka Ridddle) (bsc#1029396).
- CVE-2016-5483: Mysqldump failed to properly quote certain identifiers in SQL statements written to the dump output, allowing for execution of arbitrary commands (bsc#1029014)
- '--ssl-mode=REQUIRED' can be specified to require a secure connection (it fails if a secure connection cannot be obtained)
This non-security issue was fixed:
- Set the default umask to 077 in rc.mysql-multi [bsc#1020976]
For additional changes please see
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-55.html
Note: The issue tracked in bsc#1022428 and fixed in the last update was
assigned CVE-2017-3302.
ImportantSUSE bug 1020976SUSE bug 1022428SUSE bug 1029014SUSE bug 1029396SUSE bug 1034850CVE-2017-3302 at SUSECVE-2017-3302 at NVDCVE-2017-3305 at SUSECVE-2017-3305 at NVDCVE-2017-3308 at SUSECVE-2017-3308 at NVDCVE-2017-3309 at SUSECVE-2017-3309 at NVDCVE-2017-3329 at SUSECVE-2017-3329 at NVDCVE-2017-3453 at SUSECVE-2017-3453 at NVDCVE-2017-3456 at SUSECVE-2017-3456 at NVDCVE-2017-3461 at SUSECVE-2017-3461 at NVDCVE-2017-3462 at SUSECVE-2017-3462 at NVDCVE-2017-3463 at SUSECVE-2017-3463 at NVDCVE-2017-3464 at SUSECVE-2017-3464 at NVDCVE-2017-3600 at SUSECVE-2017-3600 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mysql (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for mysql fixes the following issues:
- CVE-2017-3635: C API unspecified vulnerability (bsc#1049398)
- CVE-2017-3636: Client programs unspecified vulnerability (bsc#1049399)
- CVE-2017-3641: DML unspecified vulnerability (bsc#1049404)
- CVE-2017-3648: Charsets unspecified vulnerability (bsc#1049411)
- CVE-2017-3651: Client mysqldump unspecified vulnerability (bsc#1049415)
- CVE-2017-3652: DDL unspecified vulnerability (bsc#1049416)
- CVE-2017-3653: DDL unspecified vulnerability (bsc#1049417)
ModerateSUSE bug 1049398SUSE bug 1049399SUSE bug 1049404SUSE bug 1049411SUSE bug 1049415SUSE bug 1049416SUSE bug 1049417SUSE bug 1049422CVE-2017-3635 at SUSECVE-2017-3635 at NVDCVE-2017-3636 at SUSECVE-2017-3636 at NVDCVE-2017-3641 at SUSECVE-2017-3641 at NVDCVE-2017-3648 at SUSECVE-2017-3648 at NVDCVE-2017-3651 at SUSECVE-2017-3651 at NVDCVE-2017-3652 at SUSECVE-2017-3652 at NVDCVE-2017-3653 at SUSECVE-2017-3653 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mysql (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for mysql to version 5.5.58 fixes the following issues:
Fixed security issues:
- CVE-2017-10268: issue inside subcomponent Server Replication [bsc#1064101]
- CVE-2017-10378: issue inside subcomponent Server Optimizer [bsc#1064115]
- CVE-2017-10379: issue inside subcomponent Client programs [bsc#1064116]
- CVE-2017-10384: issue inside subcomponent Server DDL [bsc#1064117]
For a full list of changes check:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-58.html
ImportantSUSE bug 1064101SUSE bug 1064115SUSE bug 1064116SUSE bug 1064117SUSE bug 1064119CVE-2017-10268 at SUSECVE-2017-10268 at NVDCVE-2017-10378 at SUSECVE-2017-10378 at NVDCVE-2017-10379 at SUSECVE-2017-10379 at NVDCVE-2017-10384 at SUSECVE-2017-10384 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mysql (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for mysql to version 5.5.59 fixes several issues.
These security issues were fixed:
- CVE-2018-2622: Vulnerability in the subcomponent: Server: DDL. Easily
exploitable vulnerability allowed low privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server (bsc#1076369)
- CVE-2018-2562: Vulnerability in the subcomponent: Server : Partition. Easily
exploitable vulnerability allowed low privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server as well as unauthorized update,
insert or delete access to some of MySQL Server accessible data (bsc#1076369)
- CVE-2018-2640: Vulnerability in the subcomponent: Server: Optimizer. Easily
exploitable vulnerability allowed low privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server (bsc#1076369)
- CVE-2018-2665: Vulnerability in the subcomponent: Server: Optimizer. Easily
exploitable vulnerability allowed low privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server (bsc#1076369)
- CVE-2018-2668: Vulnerability in the subcomponent: Server: Optimizer. Easily
exploitable vulnerability allowed low privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or frequently
repeatable crash (complete DOS) of MySQL Server (bsc#1076369)
For additional changes please see http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-59.html
ModerateSUSE bug 1076369CVE-2018-2562 at SUSECVE-2018-2562 at NVDCVE-2018-2622 at SUSECVE-2018-2622 at NVDCVE-2018-2640 at SUSECVE-2018-2640 at NVDCVE-2018-2665 at SUSECVE-2018-2665 at NVDCVE-2018-2668 at SUSECVE-2018-2668 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4security update for mysql (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update fixes the following issues:
- Update to 5.5.60 in Oracle Apr2018 CPU (bsc#1089987).
- CVE-2018-2761: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
- CVE-2018-2755: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
- CVE-2018-2781: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
- CVE-2018-2819: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
- CVE-2018-2818: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
- CVE-2018-2817: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
- CVE-2018-2771: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
- CVE-2018-2813: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).
- CVE-2018-2773: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
ModerateSUSE bug 1089987CVE-2018-2755 at SUSECVE-2018-2755 at NVDCVE-2018-2761 at SUSECVE-2018-2761 at NVDCVE-2018-2771 at SUSECVE-2018-2771 at NVDCVE-2018-2773 at SUSECVE-2018-2773 at NVDCVE-2018-2781 at SUSECVE-2018-2781 at NVDCVE-2018-2813 at SUSECVE-2018-2813 at NVDCVE-2018-2817 at SUSECVE-2018-2817 at NVDCVE-2018-2818 at SUSECVE-2018-2818 at NVDCVE-2018-2819 at SUSECVE-2018-2819 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mysql (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for mysql to version 5.5.61 fixes the following issues:
The following security vulnerabilities were addressed:
- CVE-2018-3066: Fixed a difficult to exploit vulnerability that allowed high
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized update, insert or delete access to some of MySQL Server
accessible data as well as unauthorized read access to a subset of MySQL
Server accessible data. (bsc#1101678)
- CVE-2018-3070: Fixed an easily exploitable vulnerability that allowed low
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server. (bsc#1101679)
- CVE-2018-3081: Fixed a difficult to exploit vulnerability that allowed high
privileged attacker with network access via multiple protocols to compromise
MySQL Client. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Client as well as unauthorized update, insert or
delete access to some of MySQL Client accessible data. (bsc#1101680)
- CVE-2018-3058: Fixed an easily exploitable vulnerability that allowed low
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized update, insert or delete access to some of MySQL Server
accessible data. (bsc#1101676)
- CVE-2018-3063: Fixed an easily exploitable vulnerability allowed high
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server. (bsc#1101677)
You can find more detailed information about this update in the
[release notes](http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-61.html)
ModerateSUSE bug 1101676SUSE bug 1101677SUSE bug 1101678SUSE bug 1101679SUSE bug 1101680CVE-2018-3058 at SUSECVE-2018-3058 at NVDCVE-2018-3063 at SUSECVE-2018-3063 at NVDCVE-2018-3066 at SUSECVE-2018-3066 at NVDCVE-2018-3070 at SUSECVE-2018-3070 at NVDCVE-2018-3081 at SUSECVE-2018-3081 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for mysql (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
MySQL server was updated to version 5.5.62, fixing bugs and security issues.
Changes:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-62.html
Following security issues were fixed:
- CVE-2016-9843: The crc32_big function in zlib might have allowed context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. (bsc#1013882)
Please note that SUSE uses the system zlib, not the embedded copy.
- CVE-2018-3133: Authenticated low privilege attackers could cause denial of service attacks (hangs or crashes) against the mysql server (bsc#1112369)
- CVE-2018-3174: Authenticated high privilege attackers could cause denial of service attacks (hangs or crashes) against the mysql server (bsc#1112368)
- CVE-2018-3282: Authenticated high privilege attackers could cause denial of service attacks (hangs or crashes) against the mysql server (bsc#1112432)
ImportantSUSE bug 1013882SUSE bug 1112368SUSE bug 1112369SUSE bug 1112432CVE-2016-9843 at SUSECVE-2016-9843 at NVDCVE-2018-3133 at SUSECVE-2018-3133 at NVDCVE-2018-3174 at SUSECVE-2018-3174 at NVDCVE-2018-3282 at SUSECVE-2018-3282 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for nagios (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for nagios fixes the following issues:
- CVE-2016-8641 / CVE-2016-10089: fixed possible symlink attacks for files/directories created by root (bsc#1011630 / bsc#1018047)
ModerateSUSE bug 1011630SUSE bug 1018047CVE-2016-10089 at SUSECVE-2016-10089 at NVDCVE-2016-8641 at SUSECVE-2016-8641 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for nagios-nrpe (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for nagios-nrpe fixes one issue.
This security issue was fixed:
- CVE-2015-4000: Prevent Logjam. The TLS protocol 1.2 and earlier, when a
DHE_EXPORT ciphersuite is enabled on a server but not on a client, did not
properly convey a DHE_EXPORT choice, which allowed man-in-the-middle attackers
to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE
replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT
replaced by DHE (bsc#938906).
ModerateSUSE bug 938906CVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for nautilus (Low)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for nautilus fixes the following security issue:
- CVE-2017-14604: Fixed a file type spoofing attack by adding a
metadata::trusted attribute to a file once the user acknowledges the file as
trusted, and also remove the 'trusted' content in the desktop file
(bsc#1060031).
LowSUSE bug 1060031CVE-2017-14604 at SUSECVE-2017-14604 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Recommended update for ncurses (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ncurses fixes the following issues:
Security issues fixed:
- CVE-2017-10684: Possible RCE via stack-based buffer overflow in the fmt_entry function. (bsc#1046858)
- CVE-2017-10685: Possible RCE with format string vulnerability in the fmt_entry function. (bsc#1046853)
ImportantSUSE bug 1046853SUSE bug 1046858CVE-2017-10684 at SUSECVE-2017-10684 at NVDCVE-2017-10685 at SUSECVE-2017-10685 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ncurses (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ncurses fixes the following issues:
Security issues fixed:
- CVE-2017-11112: Illegal address access in append_acs. (bsc#1047964)
- CVE-2017-11113: Dereferencing NULL pointer in _nc_parse_entry. (bsc#1047965)
- CVE-2017-10684, CVE-2017-10685: Add modified upstream fix from ncurses 6.0 to avoid broken
termcap format (bsc#1046853, bsc#1046858, bsc#1049344)
ModerateSUSE bug 1046853SUSE bug 1046858SUSE bug 1047964SUSE bug 1047965SUSE bug 1049344CVE-2017-10684 at SUSECVE-2017-10684 at NVDCVE-2017-10685 at SUSECVE-2017-10685 at NVDCVE-2017-11112 at SUSECVE-2017-11112 at NVDCVE-2017-11113 at SUSECVE-2017-11113 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ncurses (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ncurses fixes the following issues:
Security issues fixed:
- CVE-2017-13728: Fix infinite loop in the next_char function in comp_scan.c (bsc#1056136).
- CVE-2017-13729: Fix illegal address access in the _nc_save_str (bsc#1056132).
- CVE-2017-13730: Fix illegal address access in the function _nc_read_entry_source() (bsc#1056131).
- CVE-2017-13731: Fix illegal address access in the function postprocess_termcap() (bsc#1056129).
- CVE-2017-13732: Fix illegal address access in the function dump_uses() (bsc#1056128).
- CVE-2017-13733: Fix illegal address access in the fmt_entry function (bsc#1056127).
- CVE-2017-16879: Fix stack-based buffer overflow in the _nc_write_entry() function (bsc#1069530).
ImportantSUSE bug 1056127SUSE bug 1056128SUSE bug 1056129SUSE bug 1056131SUSE bug 1056132SUSE bug 1056136SUSE bug 1069530CVE-2017-13728 at SUSECVE-2017-13728 at NVDCVE-2017-13729 at SUSECVE-2017-13729 at NVDCVE-2017-13730 at SUSECVE-2017-13730 at NVDCVE-2017-13731 at SUSECVE-2017-13731 at NVDCVE-2017-13732 at SUSECVE-2017-13732 at NVDCVE-2017-13733 at SUSECVE-2017-13733 at NVDCVE-2017-16879 at SUSECVE-2017-16879 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ncurses (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ncurses fixes the following issues:
Security issue fixed:
- CVE-2017-13733: Fix illegal address access in the fmt_entry function (bsc#1056127).
ModerateSUSE bug 1056127CVE-2017-13733 at SUSECVE-2017-13733 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for net-snmp (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
net-snmp was updated to fix one security vulnerability and several bugs.
- fix a vulnerability within the snmp_pdu_parse() function of snmp_api.c. (bnc#940188, CVE-2015-5621)
- Add build requirement 'procps' to fix a net-snmp-config error. (bsc#935863)
- add support for /dev/shm in snmp hostmib (bnc#853382, FATE#316893).
- stop snmptrapd on package removal.
ModerateSUSE bug 853382SUSE bug 935863SUSE bug 940188CVE-2015-5621 at SUSECVE-2015-5621 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for netpbm (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for netpbm fixes the following security issues:
- CVE-2017-2581: An out-of-bounds write in writeRasterPbm() could lead to memory corruption and potential code execution. (bsc#1024287)
ModerateSUSE bug 1024287CVE-2017-2581 at SUSECVE-2017-2581 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for netpbm (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for netpbm fixes the following issues:
Security issues fixed:
- CVE-2017-2579: Fixed out-of-bounds read in expandCodeOntoStack() (bsc#1024288).
- CVE-2017-2580: Fixed out-of-bounds write of heap data in addPixelToRaster() function (bsc#1024291).
- created a netpbm-vulnerable subpackage and move pstopnm there, as it uses ghostscript for conversion (bsc#1136936)
ModerateSUSE bug 1024288SUSE bug 1024291SUSE bug 1136936CVE-2017-2579 at SUSECVE-2017-2579 at NVDCVE-2017-2580 at SUSECVE-2017-2580 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This ntp update provides the following security and non security fixes:
- Update to 4.2.8p4 to fix several security issues (bsc#951608):
* CVE-2015-7871: NAK to the Future: Symmetric association
authentication bypass via crypto-NAK
* CVE-2015-7855: decodenetnum() will ASSERT botch instead of
returning FAIL on some bogus values
* CVE-2015-7854: Password Length Memory Corruption Vulnerability
* CVE-2015-7853: Invalid length data provided by a custom
refclock driver could cause a buffer overflow
* CVE-2015-7852 ntpq atoascii() Memory Corruption Vulnerability
* CVE-2015-7851 saveconfig Directory Traversal Vulnerability
* CVE-2015-7850 remote config logfile-keyfile
* CVE-2015-7849 trusted key use-after-free
* CVE-2015-7848 mode 7 loop counter underrun
* CVE-2015-7701 Slow memory leak in CRYPTO_ASSOC
* CVE-2015-7703 configuration directives 'pidfile' and
'driftfile' should only be allowed locally
* CVE-2015-7704, CVE-2015-7705 Clients that receive a KoD should
validate the origin timestamp field
* CVE-2015-7691, CVE-2015-7692, CVE-2015-7702 Incomplete autokey
data packet length checks
- Use ntpq instead of deprecated ntpdc in start-ntpd (bnc#936327).
- Add a controlkey to ntp.conf to make the above work.
- Improve runtime configuration:
* Read keytype from ntp.conf
* Don't write ntp keys to syslog.
- Don't let 'keysdir' lines in ntp.conf trigger the 'keys' parser.
- Fix the comment regarding addserver in ntp.conf (bnc#910063).
- Remove ntp.1.gz, it wasn't installed anymore.
- Remove ntp-4.2.7-rh-manpages.tar.gz and only keep ntptime.8.gz.
The rest is partially irrelevant, partially redundant and
potentially outdated (bsc#942587).
- Remove 'kod' from the restrict line in ntp.conf (bsc#944300).
- Use SHA1 instead of MD5 for symmetric keys (bsc#905885).
- Require perl-Socket6 (bsc#942441).
- Fix incomplete backporting of 'rcntp ntptimemset'.
ModerateSUSE bug 905885SUSE bug 910063SUSE bug 936327SUSE bug 942441SUSE bug 942587SUSE bug 944300SUSE bug 951608CVE-2015-7691 at SUSECVE-2015-7691 at NVDCVE-2015-7692 at SUSECVE-2015-7692 at NVDCVE-2015-7701 at SUSECVE-2015-7701 at NVDCVE-2015-7702 at SUSECVE-2015-7702 at NVDCVE-2015-7703 at SUSECVE-2015-7703 at NVDCVE-2015-7704 at SUSECVE-2015-7704 at NVDCVE-2015-7705 at SUSECVE-2015-7705 at NVDCVE-2015-7848 at SUSECVE-2015-7848 at NVDCVE-2015-7849 at SUSECVE-2015-7849 at NVDCVE-2015-7850 at SUSECVE-2015-7850 at NVDCVE-2015-7851 at SUSECVE-2015-7851 at NVDCVE-2015-7852 at SUSECVE-2015-7852 at NVDCVE-2015-7853 at SUSECVE-2015-7853 at NVDCVE-2015-7854 at SUSECVE-2015-7854 at NVDCVE-2015-7855 at SUSECVE-2015-7855 at NVDCVE-2015-7871 at SUSECVE-2015-7871 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ntp (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
ntp was updated to version 4.2.8p6 to fix 12 security issues.
These security issues were fixed:
- CVE-2015-8158: Fixed potential infinite loop in ntpq (bsc#962966).
- CVE-2015-8138: Zero Origin Timestamp Bypass (bsc#963002).
- CVE-2015-7979: Off-path Denial of Service (DoS) attack on authenticated broadcast mode (bsc#962784).
- CVE-2015-7978: Stack exhaustion in recursive traversal of restriction list (bsc#963000).
- CVE-2015-7977: reslist NULL pointer dereference (bsc#962970).
- CVE-2015-7976: ntpq saveconfig command allows dangerous characters in filenames (bsc#962802).
- CVE-2015-7975: nextvar() missing length check (bsc#962988).
- CVE-2015-7974: Skeleton Key: Missing key check allows impersonation between authenticated peers (bsc#962960).
- CVE-2015-7973: Replay attack on authenticated broadcast mode (bsc#962995).
- CVE-2015-8140: ntpq vulnerable to replay attacks (bsc#962994).
- CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin (bsc#962997).
- CVE-2015-5300: MITM attacker could have forced ntpd to make a step larger than the panic threshold (bsc#951629).
These non-security issues were fixed:
- fate#320758 bsc#975981: Enable compile-time support for MS-SNTP
(--enable-ntp-signd). This replaces the w32 patches in 4.2.4 that added
the authreg directive.
- bsc#962318: Call /usr/sbin/sntp with full path to synchronize in start-ntpd.
When run as cron job, /usr/sbin/ is not in the path, which caused
the synchronization to fail.
- bsc#782060: Speedup ntpq.
- bsc#916617: Add /var/db/ntp-kod.
- bsc#956773: Add ntp-ENOBUFS.patch to limit a warning that might happen quite a lot on loaded systems.
- bsc#951559,bsc#975496: Fix the TZ offset output of sntp during DST.
- Add ntp-fork.patch and build with threads disabled to allow name resolution even when running chrooted.
- bsc#784760: Remove local clock from default configuration
ImportantSUSE bug 782060SUSE bug 784760SUSE bug 916617SUSE bug 951559SUSE bug 951629SUSE bug 956773SUSE bug 962318SUSE bug 962784SUSE bug 962802SUSE bug 962960SUSE bug 962966SUSE bug 962970SUSE bug 962988SUSE bug 962994SUSE bug 962995SUSE bug 962997SUSE bug 963000SUSE bug 963002SUSE bug 975496SUSE bug 975981CVE-2015-5300 at SUSECVE-2015-5300 at NVDCVE-2015-7973 at SUSECVE-2015-7973 at NVDCVE-2015-7974 at SUSECVE-2015-7974 at NVDCVE-2015-7975 at SUSECVE-2015-7975 at NVDCVE-2015-7976 at SUSECVE-2015-7976 at NVDCVE-2015-7977 at SUSECVE-2015-7977 at NVDCVE-2015-7978 at SUSECVE-2015-7978 at NVDCVE-2015-7979 at SUSECVE-2015-7979 at NVDCVE-2015-8138 at SUSECVE-2015-8138 at NVDCVE-2015-8139 at SUSECVE-2015-8139 at NVDCVE-2015-8140 at SUSECVE-2015-8140 at NVDCVE-2015-8158 at SUSECVE-2015-8158 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ntp (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ntp to 4.2.8p7 fixes the following issues:
* CVE-2016-1547, bsc#977459:
Validate crypto-NAKs, AKA: CRYPTO-NAK DoS.
* CVE-2016-1548, bsc#977461: Interleave-pivot
* CVE-2016-1549, bsc#977451:
Sybil vulnerability: ephemeral association attack.
* CVE-2016-1550, bsc#977464: Improve NTP security against buffer
comparison timing attacks.
* CVE-2016-1551, bsc#977450:
Refclock impersonation vulnerability
* CVE-2016-2516, bsc#977452: Duplicate IPs on unconfig
directives will cause an assertion botch in ntpd.
* CVE-2016-2517, bsc#977455: remote configuration trustedkey/
requestkey/controlkey values are not properly validated.
* CVE-2016-2518, bsc#977457: Crafted addpeer with hmode > 7
causes array wraparound with MATCH_ASSOC.
* CVE-2016-2519, bsc#977458: ctl_getitem() return value not
always checked.
* This update also improves the fixes for:
CVE-2015-7704, CVE-2015-7705, CVE-2015-7974
Bugs fixed:
- Restrict the parser in the startup script to the first
occurrance of 'keys' and 'controlkey' in ntp.conf (bsc#957226).
ImportantSUSE bug 957226SUSE bug 977446SUSE bug 977450SUSE bug 977451SUSE bug 977452SUSE bug 977455SUSE bug 977457SUSE bug 977458SUSE bug 977459SUSE bug 977461SUSE bug 977464CVE-2015-7704 at SUSECVE-2015-7704 at NVDCVE-2015-7705 at SUSECVE-2015-7705 at NVDCVE-2015-7974 at SUSECVE-2015-7974 at NVDCVE-2016-1547 at SUSECVE-2016-1547 at NVDCVE-2016-1548 at SUSECVE-2016-1548 at NVDCVE-2016-1549 at SUSECVE-2016-1549 at NVDCVE-2016-1550 at SUSECVE-2016-1550 at NVDCVE-2016-1551 at SUSECVE-2016-1551 at NVDCVE-2016-2516 at SUSECVE-2016-2516 at NVDCVE-2016-2517 at SUSECVE-2016-2517 at NVDCVE-2016-2518 at SUSECVE-2016-2518 at NVDCVE-2016-2519 at SUSECVE-2016-2519 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ntp (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
ntp was updated to version 4.2.8p8 to fix five security issues.
These security issues were fixed:
- CVE-2016-4953: Bad authentication demobilizes ephemeral associations (bsc#982065).
- CVE-2016-4954: Processing spoofed server packets (bsc#982066).
- CVE-2016-4955: Autokey association reset (bsc#982067).
- CVE-2016-4956: Broadcast interleave (bsc#982068).
- CVE-2016-4957: CRYPTO_NAK crash (bsc#982064).
These non-security issues were fixed:
- Keep the parent process alive until the daemon has finished initialisation, to make sure that the PID file exists when the parent returns.
- bsc#979302: Change the process name of the forking DNS worker process to avoid the impression that ntpd is started twice.
- bsc#981422: Don't ignore SIGCHILD because it breaks wait().
- Separate the creation of ntp.keys and key #1 in it to avoid problems when upgrading installations that have the file, but no key #1, which is needed e.g. by 'rcntp addserver'.
ImportantSUSE bug 979302SUSE bug 981422SUSE bug 982056SUSE bug 982064SUSE bug 982065SUSE bug 982066SUSE bug 982067SUSE bug 982068CVE-2016-4953 at SUSECVE-2016-4953 at NVDCVE-2016-4954 at SUSECVE-2016-4954 at NVDCVE-2016-4955 at SUSECVE-2016-4955 at NVDCVE-2016-4956 at SUSECVE-2016-4956 at NVDCVE-2016-4957 at SUSECVE-2016-4957 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for libtasn1 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for libtasn1 fixes the following issues:
- Malformed asn1 definitions could have caused a segmentation fault in the asn1 definition parser (bsc#961491)
- CVE-2015-3622: Fixed invalid read in octet string decoding (bsc#929414)
- CVE-2016-4008: Fixed infinite loop while parsing DER certificates (bsc#982779)
ModerateSUSE bug 929414SUSE bug 961491SUSE bug 982779CVE-2015-3622 at SUSECVE-2015-3622 at NVDCVE-2016-4008 at SUSECVE-2016-4008 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ntp fixes the following issues:
- Simplify ntpd's search for its own executable to prevent AppArmor
warnings (bsc#956365).
Security issues fixed (update to 4.2.8p9):
- CVE-2016-9311, CVE-2016-9310, bsc#1011377: Mode 6
unauthenticated trap information disclosure and DDoS vector.
- CVE-2016-7427, bsc#1011390:
Broadcast Mode Replay Prevention DoS.
- CVE-2016-7428, bsc#1011417:
Broadcast Mode Poll Interval Enforcement DoS.
- CVE-2016-7431, bsc#1011395:
Regression: 010-origin: Zero Origin Timestamp Bypass.
- CVE-2016-7434, bsc#1011398:
Null pointer dereference in _IO_str_init_static_internal().
- CVE-2016-7429, bsc#1011404: Interface selection attack.
- CVE-2016-7426, bsc#1011406:
Client rate limiting and server responses.
- CVE-2016-7433, bsc#1011411: Reboot sync calculation problem.
- CVE-2015-5219: An endless loop due to incorrect precision to
double conversion (bsc#943216).
- CVE-2015-8140: ntpq vulnerable to replay attacks.
- CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin.
- CVE-2015-5219: An endless loop due to incorrect precision to
double conversion (bsc#943216).
Non-security issues fixed:
- Fix a spurious error message.
- Other bugfixes, see /usr/share/doc/packages/ntp/ChangeLog.
- Fix a regression in 'trap' (bsc#981252).
- Reduce the number of netlink groups to listen on for changes to
the local network setup (bsc#992606).
- Fix segfault in 'sntp -a' (bsc#1009434).
- Silence an OpenSSL version warning (bsc#992038).
- Make the resolver task change user and group IDs to the same
values as the main task. (bsc#988028)
ModerateSUSE bug 1009434SUSE bug 1011377SUSE bug 1011390SUSE bug 1011395SUSE bug 1011398SUSE bug 1011404SUSE bug 1011406SUSE bug 1011411SUSE bug 1011417SUSE bug 943216SUSE bug 956365SUSE bug 981252SUSE bug 988028SUSE bug 992038SUSE bug 992606CVE-2015-5219 at SUSECVE-2015-5219 at NVDCVE-2015-8139 at SUSECVE-2015-8139 at NVDCVE-2015-8140 at SUSECVE-2015-8140 at NVDCVE-2016-7426 at SUSECVE-2016-7426 at NVDCVE-2016-7427 at SUSECVE-2016-7427 at NVDCVE-2016-7428 at SUSECVE-2016-7428 at NVDCVE-2016-7429 at SUSECVE-2016-7429 at NVDCVE-2016-7431 at SUSECVE-2016-7431 at NVDCVE-2016-7433 at SUSECVE-2016-7433 at NVDCVE-2016-7434 at SUSECVE-2016-7434 at NVDCVE-2016-9310 at SUSECVE-2016-9310 at NVDCVE-2016-9311 at SUSECVE-2016-9311 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This ntp update to version 4.2.8p10 fixes the following issues:
Security issues fixed (bsc#1030050):
- CVE-2017-6464: Denial of Service via Malformed Config
- CVE-2017-6462: Buffer Overflow in DPTS Clock
- CVE-2017-6463: Authenticated DoS via Malicious Config Option
- CVE-2017-6458: Potential Overflows in ctl_put() functions
- CVE-2017-6451: Improper use of snprintf() in mx4200_send()
- CVE-2017-6460: Buffer Overflow in ntpq when fetching reslist
- CVE-2016-9042: 0rigin (zero origin) DoS.
- ntpq_stripquotes() returns incorrect Value
- ereallocarray()/eallocarray() underused
- Copious amounts of Unused Code
- Off-by-one in Oncore GPS Receiver
- Makefile does not enforce Security Flags
Bugfixes:
- Remove spurious log messages (bsc#1014172).
- Fixing ppc and ppc64 linker issue (bsc#1031085).
- clang scan-build findings
- Support for openssl-1.1.0 without compatibility modes
- Bugfix 3072 breaks multicastclient
- forking async worker: interrupted pipe I/O
- (...) time_pps_create: Exec format error
- Incorrect Logic for Peer Event Limiting
- Change the process name of forked DNS worker
- Trap Configuration Fail
- Nothing happens if minsane < maxclock < minclock
- allow -4/-6 on restrict line with mask
- out-of-bound pointers in ctl_putsys and decode_bitflags
- Move ntp-kod to /var/lib/ntp, because /var/db is not a standard directory and causes problems for
transactional updates.
ModerateSUSE bug 1014172SUSE bug 1030050SUSE bug 1031085CVE-2016-9042 at SUSECVE-2016-9042 at NVDCVE-2017-6451 at SUSECVE-2017-6451 at NVDCVE-2017-6458 at SUSECVE-2017-6458 at NVDCVE-2017-6460 at SUSECVE-2017-6460 at NVDCVE-2017-6462 at SUSECVE-2017-6462 at NVDCVE-2017-6463 at SUSECVE-2017-6463 at NVDCVE-2017-6464 at SUSECVE-2017-6464 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ntp fixes the following issues:
Security issues fixed:
- CVE-2016-1549: Significant additional protections against CVE-2016-1549 that was fixed in ntp-4.2.8p7 (bsc#1082210).
- CVE-2018-7170: Ephemeral association time spoofing additional protection (bsc#1083424).
- CVE-2018-7182: Buffer read overrun leads information leak in ctl_getitem() (bsc#1083426).
- CVE-2018-7183: decodearr() can write beyond its buffer limit (bsc#1083417).
- CVE-2018-7184: Interleaved symmetric mode cannot recover from bad state (bsc#1083422).
- CVE-2018-7185: Unauthenticated packet can reset authenticated interleaved association (bsc#1083420).
Bug fixes:
- bsc#1077445: Don't use libevent's cached time stamps in sntp.
- Disable CMAC in ntp when building against a version of OpenSSL that doesn't support it.
ModerateSUSE bug 1077445SUSE bug 1082210SUSE bug 1083417SUSE bug 1083420SUSE bug 1083422SUSE bug 1083424SUSE bug 1083426CVE-2016-1549 at SUSECVE-2016-1549 at NVDCVE-2018-7170 at SUSECVE-2018-7170 at NVDCVE-2018-7182 at SUSECVE-2018-7182 at NVDCVE-2018-7183 at SUSECVE-2018-7183 at NVDCVE-2018-7184 at SUSECVE-2018-7184 at NVDCVE-2018-7185 at SUSECVE-2018-7185 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
NTP was updated to 4.2.8p12 (bsc#1111853):
- CVE-2018-12327: Fixed stack buffer overflow in the openhost() command-line call of NTPQ/NTPDC. (bsc#1098531)
- CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection (bsc#1083424)
Please also see https://www.nwtime.org/network-time-foundation-publishes-ntp-4-2-8p12/ for more information.
ModerateSUSE bug 1083424SUSE bug 1098531SUSE bug 1111853CVE-2018-12327 at SUSECVE-2018-12327 at NVDCVE-2018-7170 at SUSECVE-2018-7170 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ntp fixes the following issues:
Security issue fixed:
- CVE-2019-8936: Fixed a null pointer exception which could allow an authenticated attcker to cause
segmentation fault to ntpd (bsc#1128525).
Other issues addressed:
- Make sure that SLE12 version is higher than the one in SLE11 (bsc#1001182).
- Fixed several bugs in the BANCOMM reclock driver.
- Fixed ntp_loopfilter.c snprintf compilation warnings.
- Fixed spurious initgroups() error message.
- Fixed STA_NANO struct timex units.
- Fixed GPS week rollover in libparse.
- Fixed incorrect poll interval in packet.
- Added a missing check for ENABLE_CMAC.
ModerateSUSE bug 1001182SUSE bug 1128525CVE-2019-8936 at SUSECVE-2019-8936 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ntp (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for ntp fixes the following issues:
ntp was updated to 4.2.8p15
- CVE-2020-11868: Fixed an issue which a server mode packet with spoofed source address
frequently send to the client ntpd could have caused denial of service (bsc#1169740).
- CVE-2018-8956: Fixed an issue which could have allowed remote attackers to prevent
a broadcast client from synchronizing its clock with a broadcast NTP server via spoofed
mode 3 and mode 5 packets (bsc#1171355).
- CVE-2020-13817: Fixed an issue which an off-path attacker with the ability to query time
from victim's ntpd instance could have modified the victim's clock by a limited amount (bsc#1172651).
- CVE-2020-15025: Fixed an issue which remote attacker could have caused denial of service by consuming
the memory when a CMAC key was used andassociated with a CMAC algorithm in the ntp.keys (bsc#1173334).
ModerateSUSE bug 1169740SUSE bug 1171355SUSE bug 1172651SUSE bug 1173334CVE-2018-8956 at SUSECVE-2018-8956 at NVDCVE-2020-11868 at SUSECVE-2020-11868 at NVDCVE-2020-13817 at SUSECVE-2020-13817 at NVDCVE-2020-15025 at SUSECVE-2020-15025 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for open-vm-tools (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for open-vm-tools to 10.1.0 stable brings features, fixes bugs
and security issues:
- New vmware-namespace-cmd command line utility
- GTK3 support
- Common Agent Framework (CAF)
- Guest authentication with xmlsec1
- Sub-command to push updated network information to the host on demand
- Fix for quiesced snapshot failure leaving guest file system quiesced (bsc#1006796)
- Fix for CVE-2015-5191 (bsc#1007600)
- Report SLES for SAP 12 guest OS as SLES 12 (bsc#1013496)
- Add udev rule to increase VMware virtual disk timeout values (bsc#994598)
- Fix vmtoolsd init script to run vmtoolsd in background (bsc#971031)
- Fix copy-n-paste and drag-n-drop regressions (bsc#978424)
- Add new vmblock-fuse.service
- Fix a suspend with systemd issue (bsc#913727)
- ESXi Serviceability
- GuestInfo Enhancements
- Compatibility with all supported versions of VMware vSphere, VMware Workstation 12.0
and VMware Fusion 8.0.
ModerateSUSE bug 1006796SUSE bug 1007600SUSE bug 1011057SUSE bug 1013496SUSE bug 1024202SUSE bug 913727SUSE bug 938593SUSE bug 941384SUSE bug 944615SUSE bug 952645SUSE bug 971031SUSE bug 978424SUSE bug 985110SUSE bug 994598CVE-2015-5191 at SUSECVE-2015-5191 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Recommended update for openldap2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
openldap2 was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-4000: The Logjam Attack / weakdh.org (bsc#937766).
This non-security issue was fixed:
- bsc#932773: ldapmodify failed with DOS format LDIF files containing '-' separator.
ModerateSUSE bug 924496SUSE bug 932773SUSE bug 937766CVE-2015-4000 at SUSECVE-2015-4000 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openldap2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for openldap2 fixes the following issues:
- CVE-2020-12243: Fixed a denial of service related to recursive filters (bsc#1170771).
ImportantSUSE bug 1170771CVE-2020-12243 at SUSECVE-2020-12243 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for openldap2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for openldap2 fixes the following issues:
- CVE-2020-8023: Fixed a potential local privilege escalation from ldap to root when OPENLDAP_CONFIG_BACKEND='ldap' was used (bsc#1172698).
ImportantSUSE bug 1172698CVE-2020-8023 at SUSECVE-2020-8023 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for openldap2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for openldap2 fixes the following issues:
- CVE-2020-25692: Fixed an unauthenticated remote denial of service due to incorrect validation of modrdn equality rules (bsc#1178387).
ImportantSUSE bug 1178387CVE-2020-25692 at SUSECVE-2020-25692 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for openldap2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for openldap2 fixes the following issues:
- bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the
X.509 DN parsing in decode.c ber_next_element, resulting in denial
of service.
- bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN
parsing in ad_keystring, resulting in denial of service.
- bsc#1182412 CVE-2020-36228 - integer underflow leading to crash
in the Certificate List Exact Assertion processing, resulting in
denial of service.
- bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the
cancel_extop Cancel operation, resulting in denial of service.
- bsc#1182416 CVE-2020-36225 - double free and slapd crash in the
saslAuthzTo processing, resulting in denial of service.
- bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash
in the saslAuthzTo processing, resulting in denial of service.
- bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd
crash in the saslAuthzTo processing, resulting in denial of service.
- bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the
saslAuthzTo validation, resulting in denial of service.
- bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact
Assertion processing, resulting in denial of service (schema_init.c
serialNumberAndIssuerCheck).
- bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter
control handling, resulting in denial of service (double free and
out-of-bounds read).
- bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur
in the issuerAndThisUpdateCheck function via a crafted packet,
resulting in a denial of service (daemon exit) via a short timestamp.
This is related to schema_init.c and checkTime.
- resynchronise changelogs with subpackages (bsc#1184020).
ImportantSUSE bug 1182279SUSE bug 1182408SUSE bug 1182411SUSE bug 1182412SUSE bug 1182413SUSE bug 1182415SUSE bug 1182416SUSE bug 1182417SUSE bug 1182418SUSE bug 1182419SUSE bug 1182420SUSE bug 1184020CVE-2020-36221 at SUSECVE-2020-36221 at NVDCVE-2020-36222 at SUSECVE-2020-36222 at NVDCVE-2020-36223 at SUSECVE-2020-36223 at NVDCVE-2020-36224 at SUSECVE-2020-36224 at NVDCVE-2020-36225 at SUSECVE-2020-36225 at NVDCVE-2020-36226 at SUSECVE-2020-36226 at NVDCVE-2020-36227 at SUSECVE-2020-36227 at NVDCVE-2020-36228 at SUSECVE-2020-36228 at NVDCVE-2020-36229 at SUSECVE-2020-36229 at NVDCVE-2020-36230 at SUSECVE-2020-36230 at NVDCVE-2021-27212 at SUSECVE-2021-27212 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for openldap2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update fixes the following security issue:
- CVE-2015-6908. Passing a crafted packet to the function ber_get_next(),
an attacker may cause a remote denial of service, crashing the OpenLDAP server (bsc#945582).
ModerateSUSE bug 945582CVE-2015-6908 at SUSECVE-2015-6908 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for opensc (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for opensc fixes the following issues:
- CVE-2018-16391: Fixed a denial of service when handling responses from a Muscle Card (bsc#1106998)
- CVE-2018-16392: Fixed a denial of service when handling responses from a TCOS Card (bsc#1106999)
- CVE-2018-16393: Fixed buffer overflows when handling responses from Gemsafe V1 Smartcards (bsc#1108318)
- CVE-2018-16418: Fixed buffer overflow when handling string concatenation in util_acl_to_str (bsc#1107039)
- CVE-2018-16419: Fixed several buffer overflows when handling responses from a Cryptoflex card (bsc#1107107)
- CVE-2018-16422: Fixed single byte buffer overflow when handling responses from an esteid Card (bsc#1107038)
- CVE-2018-16423: Fixed double free when handling responses from a smartcard (bsc#1107037)
- CVE-2018-16427: Fixed out of bounds reads when handling responses in OpenSC (bsc#1107033)
ModerateSUSE bug 1104812SUSE bug 1106998SUSE bug 1106999SUSE bug 1107033SUSE bug 1107037SUSE bug 1107038SUSE bug 1107039SUSE bug 1107107SUSE bug 1108318CVE-2018-16391 at SUSECVE-2018-16391 at NVDCVE-2018-16392 at SUSECVE-2018-16392 at NVDCVE-2018-16393 at SUSECVE-2018-16393 at NVDCVE-2018-16418 at SUSECVE-2018-16418 at NVDCVE-2018-16419 at SUSECVE-2018-16419 at NVDCVE-2018-16422 at SUSECVE-2018-16422 at NVDCVE-2018-16423 at SUSECVE-2018-16423 at NVDCVE-2018-16427 at SUSECVE-2018-16427 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for opensc (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for opensc fixes the following issues:
- CVE-2021-42780: Fixed use after return in insert_pin() (bsc#1192005).
- CVE-2021-42782: Stack buffer overflow issues in various places (bsc#1191957).
ImportantSUSE bug 1191957SUSE bug 1192005CVE-2021-42780 at SUSECVE-2021-42780 at NVDCVE-2021-42782 at SUSECVE-2021-42782 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for openslp (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for openslp fixes the following issues:
- CVE-2017-17833: Prevent heap-related memory corruption issue which may have
manifested itself as a denial-of-service or a remote code-execution
vulnerability (bsc#1090638).
ImportantSUSE bug 1090638CVE-2017-17833 at SUSECVE-2017-17833 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openssh (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
OpenSSH was updated to fix several security issues and bugs.
Please note that due to a bug in the previous shipped openssh version, sshd might
not correctly restart. Please verify that the ssh daemon is running after installing
this update.
These security issues were fixed:
* CVE-2015-5352: The x11_open_helper function, when ForwardX11Trusted mode
is not used, lacked a check of the refusal deadline for X connections,
which made it easier for remote attackers to bypass intended access
restrictions via a connection outside of the permitted time window.
(bsc#936695)
* CVE-2015-5600: The kbdint_next_device function in auth2-chall.c
in sshd did not properly restrict the processing of keyboard-interactive
devices within a single connection, which made it easier for remote
attackers to conduct brute-force attacks or cause a denial of service
(CPU consumption) via a long and duplicative list in the ssh
-oKbdInteractiveDevices option, as demonstrated by a modified client
that provides a different password for each pam element on this list.
(bsc#938746)
* CVE-2015-4000: Removed and disabled weak DH groups to address LOGJAM.
(bsc#932483)
* Hardening patch to fix sftp RCE. (bsc#903649)
* CVE-2015-6563: The monitor component in sshd accepted extraneous username
data in MONITOR_REQ_PAM_INIT_CTX requests, which allowed local users to
conduct impersonation attacks by leveraging any SSH login access in
conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM
request, related to monitor.c and monitor_wrap.c.
* CVE-2015-6564: Use-after-free vulnerability in the mm_answer_pam_free_ctx
function in monitor.c in sshd might have allowed local users to gain
privileges by leveraging control of the sshd uid to send an unexpectedly
early MONITOR_REQ_PAM_FREE_CTX request.
Additional a bug was fixed that could lead to openssh not working in
chroot (bsc#947458).
ModerateSUSE bug 903649SUSE bug 932483SUSE bug 936695SUSE bug 938746SUSE bug 939932SUSE bug 943006SUSE bug 943010SUSE bug 945484SUSE bug 945493SUSE bug 947458CVE-2015-4000 at SUSECVE-2015-4000 at NVDCVE-2015-5352 at SUSECVE-2015-5352 at NVDCVE-2015-5600 at SUSECVE-2015-5600 at NVDCVE-2015-6563 at SUSECVE-2015-6563 at NVDCVE-2015-6564 at SUSECVE-2015-6564 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openssh (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
openssh was updated to fix three security issues.
These security issues were fixed:
- CVE-2016-3115: Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH allowed remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions (bsc#970632).
- CVE-2016-1908: Possible fallback from untrusted to trusted X11 forwarding (bsc#962313).
- CVE-2015-8325: Ignore PAM environment vars when UseLogin=yes (bsc#975865).
These non-security issues were fixed:
- Correctly parse GSSAPI KEX algorithms (bsc#961368)
- More verbose FIPS mode/CC related documentation in README.FIPS (bsc#965576, bsc#960414)
- Fix PRNG re-seeding (bsc#960414, bsc#729190)
- Disable DH parameters under 2048 bits by default and allow lowering the limit back to the RFC 4419 specified minimum through an option (bsc#932483, bsc#948902)
- Allow empty Match blocks (bsc#961494)
ModerateSUSE bug 729190SUSE bug 932483SUSE bug 948902SUSE bug 960414SUSE bug 961368SUSE bug 961494SUSE bug 962313SUSE bug 965576SUSE bug 970632SUSE bug 975865CVE-2015-8325 at SUSECVE-2015-8325 at NVDCVE-2016-1908 at SUSECVE-2016-1908 at NVDCVE-2016-3115 at SUSECVE-2016-3115 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openssh (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for openssh fixes the following issues:
- CVE-2016-6210: Prevent user enumeration through the timing of password
processing (bsc#989363)
[-prevent_timing_user_enumeration]
- Allow lowering the DH groups parameter limit in server as well
as when GSSAPI key exchange is used (bsc#948902)
- CVE-2016-6515: Limiting the accepted password length to prevent possible DoS
(bsc#992533)
Bug fixes:
- avoid complaining about unset DISPLAY variable (bsc#981654)
ModerateSUSE bug 948902SUSE bug 981654SUSE bug 989363SUSE bug 992533CVE-2016-6210 at SUSECVE-2016-6210 at NVDCVE-2016-6515 at SUSECVE-2016-6515 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openssh (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for openssh fixes the following issues:
Security issues fixed:
- CVE-2016-8858: prevent resource depletion during key exchange (bsc#1005480)
- CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation (bsc#1016366)
- CVE-2016-10011: Prevent possible leaks of host private keys to low-privilege process handling authentication (bsc#1016369)
Non security issues fixed:
- Properly verify CIDR masks in the AllowUsers and DenyUsers configuration lists (bsc#1005893)
- fix suggested command for removing conflicting server keys from the known_hosts file (bsc#1006221)
ModerateSUSE bug 1005480SUSE bug 1005893SUSE bug 1006221SUSE bug 1016366SUSE bug 1016369CVE-2016-10009 at SUSECVE-2016-10009 at NVDCVE-2016-10011 at SUSECVE-2016-10011 at NVDCVE-2016-8858 at SUSECVE-2016-8858 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openssh (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for openssh fixes the following issues:
Security issues fixed:
- CVE-2016-10012: Fix pre-auth compression checks that could be optimized away (bsc#1016370).
- CVE-2016-10708: Fix remote denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYSmessage (bsc#1076957).
- CVE-2017-15906: Fix r/o sftp-server zero byte file creation (bsc#1065000).
- CVE-2008-1483: Fix accidental re-introduction of CVE-2008-1483 (bsc#1069509).
Bug fixes:
- bsc#1017099: Match conditions with uppercase hostnames fail (bsc#1017099)
- bsc#1053972: supportedKeyExchanges diffie-hellman-group1-sha1 is duplicated (bsc#1053972)
- bsc#1023275: Messages suppressed after upgrade from SLES 11 SP3 to SP4 (bsc#1023275)
ModerateSUSE bug 1016370SUSE bug 1017099SUSE bug 1023275SUSE bug 1053972SUSE bug 1065000SUSE bug 1069509SUSE bug 1076957CVE-2008-1483 at SUSECVE-2008-1483 at NVDCVE-2016-10012 at SUSECVE-2016-10012 at NVDCVE-2016-10708 at SUSECVE-2016-10708 at NVDCVE-2017-15906 at SUSECVE-2017-15906 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openssh (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for openssh fixes the following issues:
Following security issues have been fixed:
- CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to treat such a username enumeration (or 'oracle') as a vulnerability. (bsc#1106163)
- CVE-2018-15473: OpenSSH was prone to a user existance oracle vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. (bsc#1105010)
Also the following security related hardening change was done:
- Removed arcfour,blowfish,cast from list of default ciphers as they are long discontinued and should no longer be used. (bsc#982273)
And the following non-security issues were fixed:
- Stop leaking File descriptors (bsc#964336)
- sftp-client.c returns wrong error code upon failure (bsc#1091396)
ModerateSUSE bug 1091396SUSE bug 1105010SUSE bug 1106163SUSE bug 964336SUSE bug 982273CVE-2018-15473 at SUSECVE-2018-15473 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openssh (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for openssh fixes the following issues:
Security issue fixed:
- CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions (bsc#1121571)
- CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to manipulate terminal output via the object name, e.g. by inserting ANSI escape sequences (bsc#1121816)
- CVE-2019-6110: Fixed an issue where the scp client would allow malicious remote SSH servers to manipulate stderr output, e.g. by inserting ANSI escape sequences (bsc#1121818)
- CVE-2019-6111: Fixed an issue where the scp client would allow malicious remote SSH servers to execute directory traversal attacks and overwrite files (bsc#1121821)
ImportantSUSE bug 1121571SUSE bug 1121816SUSE bug 1121818SUSE bug 1121821CVE-2018-20685 at SUSECVE-2018-20685 at NVDCVE-2019-6109 at SUSECVE-2019-6109 at NVDCVE-2019-6110 at SUSECVE-2019-6110 at NVDCVE-2019-6111 at SUSECVE-2019-6111 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openssh (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for openssh fixes the following issues:
Security vulnerabilities addressed:
- CVE-2019-6109: Fixed an character encoding issue in the progress display of
the scp client that could be used to manipulate client output, allowing
for spoofing during file transfers (bsc#1121816).
- CVE-2019-6111: Properly validate object names received by the scp client to
prevent arbitrary file overwrites when interacting with a malicious SSH server
(bsc#1121821).
Other issues fixed:
- Fixed two race conditions in sshd relating to SIGHUP (bsc#1119183).
- Returned proper reason for port forwarding failures (bsc#1090671).
- Fixed SSHD termination of multichannel sessions with non-root users (bsc#1115550).
ModerateSUSE bug 1090671SUSE bug 1115550SUSE bug 1119183SUSE bug 1121816SUSE bug 1121821SUSE bug 1131709CVE-2019-6109 at SUSECVE-2019-6109 at NVDCVE-2019-6111 at SUSECVE-2019-6111 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for openssh (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for openssh fixes the following issues:
- CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured (bsc#1190975).
ImportantSUSE bug 1190975CVE-2021-41617 at SUSECVE-2021-41617 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for openssh (Critical)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for openssh fixes the following issues:
- CVE-2016-0777: A malicious or compromised server could cause the OpenSSH client to expose part or all of the client's private key through the roaming feature (bsc#961642)
- CVE-2016-0778: A malicious or compromised server could could trigger a buffer overflow in the OpenSSH client through the roaming feature (bsc#961645)
This update disables the undocumented feature supported by the OpenSSH client and a commercial SSH server.
CriticalSUSE bug 961642SUSE bug 961645CVE-2016-0777 at SUSECVE-2016-0777 at NVDCVE-2016-0778 at SUSECVE-2016-0778 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Recommended update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update of openssl fixes a regression caused by the security fix for CVE-2015-0287,
after which DSA keys could occasionaly not loaded from disk. (bsc#937492)
ModerateSUSE bug 937492CVE-2015-0287 at SUSECVE-2015-0287 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for openssl fixes the following issues:
- CVE-2015-3195: When presented with a malformed X509_ATTRIBUTE structure
OpenSSL would leak memory. This structure is used by the PKCS#7 and CMS
routines so any application which reads PKCS#7 or CMS data from untrusted
sources is affected. SSL/TLS is not affected. (bsc#957812)
- Prevent segfault in s_client with invalid options (bsc#952099)
ModerateSUSE bug 952099SUSE bug 957812CVE-2015-3195 at SUSECVE-2015-3195 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for openssl fixes various security issues and bugs:
Security issues fixed:
- CVE-2016-0800 aka the 'DROWN' attack (bsc#968046):
OpenSSL was vulnerable to a cross-protocol attack that could lead to
decryption of TLS sessions by using a server supporting SSLv2 and
EXPORT cipher suites as a Bleichenbacher RSA padding oracle.
This update changes the openssl library to:
* Disable SSLv2 protocol support by default.
This can be overridden by setting the environment variable
'OPENSSL_ALLOW_SSL2' or by using SSL_CTX_clear_options using the
SSL_OP_NO_SSLv2 flag.
Note that various services and clients had already disabled SSL
protocol 2 by default previously.
* Disable all weak EXPORT ciphers by default. These can be reenabled
if required by old legacy software using the environment variable
'OPENSSL_ALLOW_EXPORT'.
- CVE-2016-0705 (bnc#968047):
A double free() bug in the DSA ASN1 parser code was fixed that could
be abused to facilitate a denial-of-service attack.
- CVE-2016-0797 (bnc#968048):
The BN_hex2bn() and BN_dec2bn() functions had a bug that could result
in an attempt to de-reference a NULL pointer leading to crashes.
This could have security consequences if these functions were ever
called by user applications with large untrusted hex/decimal data. Also,
internal usage of these functions in OpenSSL uses data from config files
or application command line arguments. If user developed applications
generated config file data based on untrusted data, then this could
have had security consequences as well.
- CVE-2016-0799 (bnc#968374)
On many 64 bit systems, the internal fmtstr() and doapr_outch()
functions could miscalculate the length of a string and attempt to
access out-of-bounds memory locations. These problems could have
enabled attacks where large amounts of untrusted data is passed to
the BIO_*printf functions. If applications use these functions in
this way then they could have been vulnerable. OpenSSL itself uses
these functions when printing out human-readable dumps of ASN.1
data. Therefore applications that print this data could have been
vulnerable if the data is from untrusted sources. OpenSSL command line
applications could also have been vulnerable when they print out ASN.1
data, or if untrusted data is passed as command line arguments. Libssl
is not considered directly vulnerable.
- CVE-2015-3197 (bsc#963415):
The SSLv2 protocol did not block disabled ciphers.
Note that the March 1st 2016 release also references following CVEs
that were fixed by us with CVE-2015-0293 in 2015:
- CVE-2016-0703 (bsc#968051): This issue only affected versions of
OpenSSL prior to March 19th 2015 at which time the code was refactored
to address vulnerability CVE-2015-0293. It would have made the above
'DROWN' attack much easier.
- CVE-2016-0704 (bsc#968053): 'Bleichenbacher oracle in SSLv2'
This issue only affected versions of OpenSSL prior to March 19th
2015 at which time the code was refactored to address vulnerability
CVE-2015-0293. It would have made the above 'DROWN' attack much easier.
Also fixes the following bug:
- Avoid running OPENSSL_config twice. This avoids breaking
engine loading and also fixes a memory leak in libssl. (bsc#952871 bsc#967787)
ImportantSUSE bug 952871SUSE bug 963415SUSE bug 967787SUSE bug 968046SUSE bug 968047SUSE bug 968048SUSE bug 968051SUSE bug 968053SUSE bug 968374CVE-2015-3197 at SUSECVE-2015-3197 at NVDCVE-2016-0702 at SUSECVE-2016-0702 at NVDCVE-2016-0703 at SUSECVE-2016-0703 at NVDCVE-2016-0705 at SUSECVE-2016-0705 at NVDCVE-2016-0797 at SUSECVE-2016-0797 at NVDCVE-2016-0799 at SUSECVE-2016-0799 at NVDCVE-2016-0800 at SUSECVE-2016-0800 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for openssl fixes the following issues:
Security issues fixed:
- CVE-2016-2108: Memory corruption in the ASN.1 encoder (bsc#977617)
- CVE-2016-2105: EVP_EncodeUpdate overflow (bsc#977614)
- CVE-2016-2106: EVP_EncryptUpdate overflow (bsc#977615)
- CVE-2016-2109: ASN.1 BIO excessive memory allocation (bsc#976942)
- CVE-2016-0702: Side channel attack on modular exponentiation 'CacheBleed' (bsc#968050)
Bugs fixed:
- fate#320304: build 32bit devel package
- bsc#976943: Fix buffer overrun in ASN1_parse
- bsc#973223: allow weak DH groups, vulnerable to the logjam attack,
when environment variable OPENSSL_ALLOW_LOGJAM_ATTACK is set
- bsc#889013: Rename README.SuSE to the new spelling
ImportantSUSE bug 889013SUSE bug 968050SUSE bug 976942SUSE bug 976943SUSE bug 977614SUSE bug 977615SUSE bug 977617CVE-2016-0702 at SUSECVE-2016-0702 at NVDCVE-2016-2105 at SUSECVE-2016-2105 at NVDCVE-2016-2106 at SUSECVE-2016-2106 at NVDCVE-2016-2108 at SUSECVE-2016-2108 at NVDCVE-2016-2109 at SUSECVE-2016-2109 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for openssl fixes the following issues:
OpenSSL Security Advisory [22 Sep 2016] (bsc#999665)
Severity: High
* OCSP Status Request extension unbounded memory growth (CVE-2016-6304) (bsc#999666)
Severity: Low
* Pointer arithmetic undefined behavior (CVE-2016-2177) (bsc#982575)
* Constant time flag not preserved in DSA signing (CVE-2016-2178) (bsc#983249)
* DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)
* DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)
* OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)
* Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183) (bsc#995359)
* Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)
* OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)
* Certificate message OOB reads (CVE-2016-6306) (bsc#999668)
More information can be found on: https://www.openssl.org/news/secadv/20160922.txt
Bugs fixed:
* Update expired S/MIME certs (bsc#979475)
* Fix crash in print_notice (bsc#998190)
* Resume reading from /dev/urandom when interrupted by a signal (bsc#995075)
ImportantSUSE bug 979475SUSE bug 982575SUSE bug 983249SUSE bug 993819SUSE bug 994749SUSE bug 994844SUSE bug 995075SUSE bug 995324SUSE bug 995359SUSE bug 995377SUSE bug 998190SUSE bug 999665SUSE bug 999666SUSE bug 999668CVE-2016-2177 at SUSECVE-2016-2177 at NVDCVE-2016-2178 at SUSECVE-2016-2178 at NVDCVE-2016-2179 at SUSECVE-2016-2179 at NVDCVE-2016-2181 at SUSECVE-2016-2181 at NVDCVE-2016-2182 at SUSECVE-2016-2182 at NVDCVE-2016-2183 at SUSECVE-2016-2183 at NVDCVE-2016-6302 at SUSECVE-2016-6302 at NVDCVE-2016-6303 at SUSECVE-2016-6303 at NVDCVE-2016-6304 at SUSECVE-2016-6304 at NVDCVE-2016-6306 at SUSECVE-2016-6306 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for openssl fixes the following issues contained in the
OpenSSL Security Advisory [26 Jan 2017] (bsc#1021641)
Security issues fixed:
- CVE-2016-7056: A local ECSDA P-256 timing attack that might have allowed key recovery was fixed (bsc#1019334)
- CVE-2016-8610: A remote denial of service in SSL alert handling was fixed (bsc#1005878)
- degrade 3DES to MEDIUM in SSL2 (bsc#1001912)
- CVE-2016-2108: Added a missing commit for CVE-2016-2108, fixing the negative zero handling in the ASN.1 decoder (bsc#1004499)
Bugs fixed:
- fix crash in openssl speed (bsc#1000677)
- don't attempt session resumption if no ticket is present and session
ID length is zero (bsc#984663)
ModerateSUSE bug 1000677SUSE bug 1001912SUSE bug 1004499SUSE bug 1005878SUSE bug 1019334SUSE bug 1021641SUSE bug 984663CVE-2016-2108 at SUSECVE-2016-2108 at NVDCVE-2016-7056 at SUSECVE-2016-7056 at NVDCVE-2016-8610 at SUSECVE-2016-8610 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for openssl fixes the following issues:
- CVE-2018-0739: Constructed ASN.1 types with a recursive definition could exceed
the stack. This could result in a Denial Of Service attack. (bsc#1087102)
ImportantSUSE bug 1087102CVE-2018-0739 at SUSECVE-2018-0739 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for openssl fixes the following issues:
- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based
ciphersuite a malicious server could have sent a very large prime value to the
client. This caused the client to spend an unreasonably long period of time
generating a key for this prime resulting in a hang until the client has
finished. This could be exploited in a Denial Of Service attack (bsc#1097158).
- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)
ModerateSUSE bug 1097158SUSE bug 1097624SUSE bug 1098592CVE-2018-0732 at SUSECVE-2018-0732 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for openssl fixes the following security issue:
- CVE-2018-0737: The RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could have recovered the private key (bsc#1089039)
ModerateSUSE bug 1089039CVE-2018-0737 at SUSECVE-2018-0737 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for openssl fixes the following issues:
Security issues fixed:
- CVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652).
- CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses (bsc#1113534).
- CVE-2016-8610: Adjusted current fix and add missing error string (bsc#1110018).
- Fixed the 'One and Done' side-channel attack on RSA (bsc#1104789).
ModerateSUSE bug 1104789SUSE bug 1110018SUSE bug 1113534SUSE bug 1113652CVE-2016-8610 at SUSECVE-2016-8610 at NVDCVE-2018-0734 at SUSECVE-2018-0734 at NVDCVE-2018-5407 at SUSECVE-2018-5407 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for openssl fixes the following issues:
Security issues fixed:
- CVE-2019-1559: Fix 0-byte record padding oracle via SSL_shutdown (bsc#1127080)
- Reject invalid EC point coordinates (bsc#1131291)
- Mitigate the 'The 9 Lives of Bleichenbacher's CAT: Cache ATtacks on TLS Implementations' attack (bsc#1117951)
ModerateSUSE bug 1117951SUSE bug 1127080SUSE bug 1131291CVE-2019-1559 at SUSECVE-2019-1559 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for openssl fixes the following issues:
OpenSSL Security Advisory [10 September 2019]
- CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance (bsc#1150003).
- CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key (bsc#1150250).
ModerateSUSE bug 1150003SUSE bug 1150250CVE-2019-1547 at SUSECVE-2019-1547 at NVDCVE-2019-1563 at SUSECVE-2019-1563 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for openssl fixes the following issues:
- Included the missing cms and pk7 fixes of CVE-2019-1563 (bsc#1153785).
ImportantSUSE bug 1153785CVE-2019-1563 at SUSECVE-2019-1563 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for openssl fixes the following issues:
- Add missing commits for fixing the security issue called 'The 9 Lives of Bleichenbacher's CAT'. (bsc#1117951)
- Fix a memory leak problem in function 'BN_copy()'. (bsc#1160163)
ModerateSUSE bug 1117951SUSE bug 1160163cpe:/o:suse:suse_sles:11:sp4Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for openssl fixes the following issues:
- CVE-2020-1968: Introduced hardening against the Raccoon attack by always generating fresh DH keys
and never reuse them across multiple TLS connections (bsc#1176331).
ImportantSUSE bug 1176331CVE-2020-1968 at SUSECVE-2020-1968 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for openssl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for openssl fixes the following issues:
- CVE-2021-23840: Fixed an Integer overflow in CipherUpdate (bsc#1182333)
- CVE-2021-23841: Fixed a Null pointer dereference in X509_issuer_and_serial_hash() (bsc#1182331)
ModerateSUSE bug 1182331SUSE bug 1182333CVE-2021-23840 at SUSECVE-2021-23840 at NVDCVE-2021-23841 at SUSECVE-2021-23841 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for openssl fixes the following security issue:
- CVE-2021-3712: a bug in the code for printing certificate details could lead
to a buffer overrun that a malicious actor could exploit to crash the
application, causing a denial-of-service attack. [bsc#1189521]
ImportantSUSE bug 1189521CVE-2021-3712 at SUSECVE-2021-3712 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for openssl (Low)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for openssl fixes the following issues:
- CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712.
Read buffer overruns processing ASN.1 strings (bsc#1189521).
LowSUSE bug 1189521CVE-2021-3712 at SUSECVE-2021-3712 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for openssl (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for openssl fixes the following issues:
- CVE-2022-0778: Infinite loop in BN_mod_sqrt() reachable when parsing certificates (bsc#1196877).
ImportantSUSE bug 1196877CVE-2022-0778 at SUSECVE-2022-0778 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for openvpn (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for openvpn fixes the following issues:
- It was possible to trigger an assertion by sending a malformed IPv6 packet.
That issue could have been abused to remotely shutdown an openvpn server or
client, if IPv6 and --mssfix were enabled and if the IPv6 networks used
inside the VPN were known. [bsc#1044947, CVE-2017-7508]
ImportantSUSE bug 1044947CVE-2017-7508 at SUSECVE-2017-7508 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openvpn (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for openvpn fixes the following security issues:
- CVE-2017-12166: OpenVPN was vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. (bsc#1060877).
- CVE-2016-6329: Now show which ciphers should no longer be used in openvpn --show-ciphers to avoid the SWEET32 attack (bsc#995374)
- CVE-2017-7478: OpenVPN was vulnerable to unauthenticated Denial of Service of server via received large control packet. (bsc#1038709)
- CVE-2017-7479: OpenVPN was vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker. (bsc#1038711)
- Some other hardening fixes have also been applied (bsc#1038713)
ImportantSUSE bug 1038709SUSE bug 1038711SUSE bug 1038713SUSE bug 1060877SUSE bug 995374CVE-2016-6329 at SUSECVE-2016-6329 at NVDCVE-2017-12166 at SUSECVE-2017-12166 at NVDCVE-2017-7478 at SUSECVE-2017-7478 at NVDCVE-2017-7479 at SUSECVE-2017-7479 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for openwsman (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for openwsman fixes the following issues:
Security issues fixed:
- CVE-2019-3816: Fixed a vulnerability in openwsmand deamon which could lead to arbitary file disclosure (bsc#1122623).
- CVE-2019-3833: Fixed a vulnerability in process_connection() which could allow an attacker to trigger an infinite
loop which leads to Denial of Service (bsc#1122623).
ImportantSUSE bug 1122623CVE-2019-3816 at SUSECVE-2019-3816 at NVDCVE-2019-3833 at SUSECVE-2019-3833 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for orca (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This orca update fixes the following security issue.
- Don't try to import modules from current working directory (bsc#916835, CVE-2013-4245).
ModerateSUSE bug 916835CVE-2013-4245 at SUSECVE-2013-4245 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for pam (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for pam fixes two security issues.
These security issues were fixed:
- CVE-2015-3238: pam_unix in conjunction with SELinux allowed for DoS attacks (bsc#934920).
- CVE-2013-7041: Compare password hashes case-sensitively (bsc#854480).
This non-security issue was fixed:
- bsc#962220: Don't fail when /var/log/btmp is corrupted
ModerateSUSE bug 854480SUSE bug 934920SUSE bug 962220CVE-2013-7041 at SUSECVE-2013-7041 at NVDCVE-2015-3238 at SUSECVE-2015-3238 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for pam-modules (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for pam-modules fixes the following security issue:
- CVE-2011-3172: Ensure that unix2_chkpwd calls pam_acct_mgmt to prevent usage
of locked accounts (bsc#707645).
ModerateSUSE bug 707645CVE-2011-3172 at SUSECVE-2011-3172 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for pam_pkcs11 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for pam_pkcs11 fixes the following security issues:
- It was possible to replay an authentication by using a specially prepared smartcard or token (bsc#1105012)
- Prevent buffer overflow if a user has a home directory with a length of more than 512 bytes (bsc#1105012)
- Memory not cleaned properly before free() (bsc#1105012)
ModerateSUSE bug 1105012cpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for patch (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for patch fixes several issues.
These security issues were fixed:
- CVE-2018-1000156: patch: Malicious patch files cause ed to execute arbitrary commands (bsc#1088420).
- CVE-2014-9637: Prevent DoS by remote attackers (memory consumption and
segmentation fault) via a crafted diff file (bsc#914891).
- CVE-2016-10713: Prevent out-of-bounds access within pch_write_line() that
could have lead to DoS via a crafted input file (bsc#1080918).
- CVE-2010-4651: Fixed a directory traversal bug (bsc#662957):
ImportantSUSE bug 1059698SUSE bug 1080918SUSE bug 1088420SUSE bug 662957SUSE bug 914891CVE-2010-4651 at SUSECVE-2010-4651 at NVDCVE-2014-9637 at SUSECVE-2014-9637 at NVDCVE-2016-10713 at SUSECVE-2016-10713 at NVDCVE-2018-1000156 at SUSECVE-2018-1000156 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for perl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for perl fixes the following issues:
- CVE-2016-6185: xsloader looking at a '(eval)' directory [bsc#988311]
- CVE-2016-1238: searching current directory for optional modules [bsc#987887]
- CVE-2015-8853: regex engine hanging on bad utf8 [bnc976584]
- CVE-2016-2381: environment dup handling bug [bsc#967082]
- perl panic with utf8_mg_pos_cache_update [bsc#929027]
ModerateSUSE bug 929027SUSE bug 967082SUSE bug 987887SUSE bug 988311CVE-2015-8853 at SUSECVE-2015-8853 at NVDCVE-2016-1238 at SUSECVE-2016-1238 at NVDCVE-2016-2381 at SUSECVE-2016-2381 at NVDCVE-2016-6185 at SUSECVE-2016-6185 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for perl (Low)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for perl fixes the following issues:
Security issue fixed:
- CVE-2017-6512: Race condition in the rmtree and remove_tree functions in the
File-Path module before 2.13 for Perl allows attackers to set the mode on
arbitrary files via vectors involving directory-permission loosening logic.
(bnc#1047178)
Bug fixes:
- reformat baselibs.conf as source validator workaround
LowSUSE bug 1047178CVE-2017-6512 at SUSECVE-2017-6512 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for perl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for perl fixes the following issues:
Security issue fixed:
- CVE-2018-6913: Fixed space calculation issues in pp_pack.c (bsc#1082216).
- CVE-2018-6798: Fixed heap buffer overflow in regexec.c (bsc#1082233).
ModerateSUSE bug 1082216SUSE bug 1082233CVE-2018-6798 at SUSECVE-2018-6798 at NVDCVE-2018-6913 at SUSECVE-2018-6913 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for perl (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for perl fixes the following issues:
- CVE-2018-12015: The Archive::Tar module allowed remote attackers to bypass a
directory-traversal protection mechanism and overwrite arbitrary files
(bsc#1096718).
ModerateSUSE bug 1096718CVE-2018-12015 at SUSECVE-2018-12015 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for perl-Archive-Zip (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for perl-Archive-Zip fixes the following security issue:
- CVE-2018-10860: Prevent directory traversal caused by not properly sanitizing
paths while extracting zip files. An attacker able to provide a specially
crafted archive for processing could have used this flaw to write or overwrite
arbitrary files in the context of the perl interpreter (bsc#1099497).
ModerateSUSE bug 1099497CVE-2018-10860 at SUSECVE-2018-10860 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for perl-DBD-mysql (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for perl-DBD-mysql fixes the following issues:
- Add patch to fix CVE-2016-1251 (bsc#1012546) use-after-free for repeated
fetchrow_arrayref calls when mysql_server_prepare=1
ModerateSUSE bug 1012546CVE-2016-1251 at SUSECVE-2016-1251 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for perl-DBD-mysql (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for perl-DBD-mysql fixes the following issues:
- CVE-2016-1246: Buffer overflow allowed context-dependent attackers to cause a denial of service (crash) via vectors related to an error message (bsc#1002626).
- CVE-2016-1249: Out-of-bounds read when using server-side prepared statement support (bsc#1010457).
ModerateSUSE bug 1002626SUSE bug 1010457CVE-2016-1246 at SUSECVE-2016-1246 at NVDCVE-2016-1249 at SUSECVE-2016-1249 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for perl-DBD-mysql (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for perl-DBD-mysql fixes the following issues:
- CVE-2017-10789: The DBD::mysql module when with mysql_ssl=1 setting enabled, means that SSL is optional
(even though this setting's documentation has a \'your communication with the server will be encrypted\' statement),
which could lead man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack,
a related issue to CVE-2015-3152. (bsc#1047059)
- CVE-2017-10788: The DBD::mysql module through 4.043 for Perl allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by triggering (1) certain error responses from a MySQL server or (2) a loss of a network connection to a MySQL server. The use-after-free defect was introduced by relying on incorrect Oracle mysql_stmt_close documentation and code examples. (bsc#1047095)
ModerateSUSE bug 1047059SUSE bug 1047095CVE-2017-10788 at SUSECVE-2017-10788 at NVDCVE-2017-10789 at SUSECVE-2017-10789 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for perl-DBI (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for perl-DBI fixes the following issues:
Security issues fixed:
- CVE-2020-14392: Memory corruption in XS functions when Perl stack is reallocated (bsc#1176412).
- CVE-2020-14393: Fixed a buffer overflow on an overlong DBD class name (bsc#1176409).
ImportantSUSE bug 1176409SUSE bug 1176412CVE-2020-14392 at SUSECVE-2020-14392 at NVDCVE-2020-14393 at SUSECVE-2020-14393 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for perl-DBI (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for perl-DBI fixes the following issues:
- CVE-2019-20919: Fixed a NULL profile dereference in dbi_profile (bsc#1176764).
- CVE-2013-7490: Fixed memory corruption when using many arguments
to methods for CallbacksUsing (bsc#1176496).
- CVE-2013-7491: Fixed a stack corruption when a user-defined function required a
non-trivial amount of memory (bsc#1176493).
ImportantSUSE bug 1176493SUSE bug 1176496SUSE bug 1176764CVE-2013-7490 at SUSECVE-2013-7490 at NVDCVE-2013-7491 at SUSECVE-2013-7491 at NVDCVE-2019-20919 at SUSECVE-2019-20919 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for perl-XML-LibXML (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for perl-XML-LibXML fixes the following issues:
- CVE-2017-10672: A use-after-free allowed remote attackers to potentially
execute arbitrary code by controlling the arguments to a replaceChild call
(bsc#1046848)
ImportantSUSE bug 1046848CVE-2017-10672 at SUSECVE-2017-10672 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for permissions (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for permissions fixes the following issues:
- CVE-2019-3690: Fixed a privilege escalation through untrusted symlinks (bsc#1150734).
ModerateSUSE bug 1150734SUSE bug 1157198CVE-2019-3690 at SUSECVE-2019-3690 at NVDcpe:/o:suse:suse_sles:11:sp4Recommended update for permissions (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for permissions fixes the following issues:
Security issues fixed:
- CVE-2020-8013: Fixed a missing symlink check. Do not follow symlinks that are the final path element (bsc#1163922).
- Fixed a regression where chkstat broke when /proc was not available (bsc#1160764, bsc#1160594).
ModerateSUSE bug 1160594SUSE bug 1160764SUSE bug 1163922CVE-2020-8013 at SUSECVE-2020-8013 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
PHP was updated to fix two security issues.
The following vulnerabilities were fixed:
* CVE-2015-5589: PHP could be crashed when processing an invalid file with the 'phar' extension with a segfault in Phar::convertToData, leading to Denial of Service (DOS) (bsc#938721)
* CVE-2015-5590: PHP could be crashed or have unspecified other impact due to a buffer overlow in phar_fix_filepath (bsc#938719)
ModerateSUSE bug 938719SUSE bug 938721CVE-2015-5589 at SUSECVE-2015-5589 at NVDCVE-2015-5590 at SUSECVE-2015-5590 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update of PHP5 brings several security fixes.
Security fixes:
* CVE-2015-6831: A use after free vulnerability in unserialize() has been fixed which could be used to crash php or potentially execute code. [bnc#942291] [bnc#942294] [bnc#942295]
* CVE-2015-6836: A SOAP serialize_function_call() type confusion leading to remote code execution problem was fixed. [bnc#945428]
* CVE-2015-6837 CVE-2015-6838: Two NULL pointer dereferences in the XSLTProcessor class were fixed. [bnc#945412]
It also includes a bugfix for the odbc module:
* compare with SQL_NULL_DATA correctly [bnc#935074]
ImportantSUSE bug 935074SUSE bug 942291SUSE bug 942294SUSE bug 942295SUSE bug 942296SUSE bug 945412SUSE bug 945428CVE-2015-6831 at SUSECVE-2015-6831 at NVDCVE-2015-6833 at SUSECVE-2015-6833 at NVDCVE-2015-6836 at SUSECVE-2015-6836 at NVDCVE-2015-6837 at SUSECVE-2015-6837 at NVDCVE-2015-6838 at SUSECVE-2015-6838 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes the following issues:
- CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM (bnc#973792).
- CVE-2015-8835: SoapClient s_call method suffered from a type confusion issue that could have lead to crashes [bsc#973351]
- CVE-2016-2554: A NULL pointer dereference in phar_get_fp_offset could lead to crashes. [bsc#968284]
Note: we do not ship the phar extension currently, so we are not affected.
- CVE-2015-7803: A Stack overflow vulnerability when decompressing tar phar archives could potentially lead to code execution. [bsc#949961]
Note: we do not ship the phar extension currently, so we are not affected.
- CVE-2016-3141: A use-after-free / double-free in the WDDX
deserialization could lead to crashes or potential code
execution. [bsc#969821]
- CVE-2016-3142: An Out-of-bounds read in phar_parse_zipfile() could lead to crashes. [bsc#971912]
Note: we do not ship the phar extension currently, so we are not affected.
- CVE-2014-9767: A directory traversal when extracting zip files was fixed that could lead to
overwritten files. [bsc#971612]
- CVE-2016-3185: A type confusion vulnerability in
make_http_soap_request() could lead to crashes or potentially code
execution. [bsc#971611]
ImportantSUSE bug 949961SUSE bug 968284SUSE bug 969821SUSE bug 971611SUSE bug 971612SUSE bug 971912SUSE bug 973351SUSE bug 973792CVE-2014-9767 at SUSECVE-2014-9767 at NVDCVE-2015-7803 at SUSECVE-2015-7803 at NVDCVE-2015-8835 at SUSECVE-2015-8835 at NVDCVE-2015-8838 at SUSECVE-2015-8838 at NVDCVE-2016-2554 at SUSECVE-2016-2554 at NVDCVE-2016-3141 at SUSECVE-2016-3141 at NVDCVE-2016-3142 at SUSECVE-2016-3142 at NVDCVE-2016-3185 at SUSECVE-2016-3185 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes the following security issues:
- CVE-2016-4073: A remote attacker could have caused denial of service, or possibly execute arbitrary code, due to incorrect handling of string length calculations in mb_strcut() (bsc#977003)
- CVE-2015-8867: The PHP function openssl_random_pseudo_bytes() did not return cryptographically secure random bytes (bsc#977005)
- CVE-2016-4070: The libxml_disable_entity_loader() setting was shared between threads, which could have resulted in XML external entity injection and entity expansion issues (bsc#976997)
- CVE-2015-8866: A remote attacker could have caused denial of service due to incorrect handling of large strings in php_raw_url_encode() (bsc#976996)
ModerateSUSE bug 976996SUSE bug 976997SUSE bug 977003SUSE bug 977005CVE-2015-8866 at SUSECVE-2015-8866 at NVDCVE-2015-8867 at SUSECVE-2015-8867 at NVDCVE-2016-4070 at SUSECVE-2016-4070 at NVDCVE-2016-4073 at SUSECVE-2016-4073 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes the following issues:
- CVE-2016-5093: A get_icu_value_internal out-of-bounds read could crash the php interpreter (bsc#982010)
- CVE-2016-5094,CVE-2016-5095: Don't allow creating strings with lengths outside int range, avoids overflows (bsc#982011,bsc#982012)
- CVE-2016-5096: A int/size_t confusion in fread could corrupt memory (bsc#982013)
- CVE-2016-5114: A fpm_log.c memory leak and buffer overflow could leak information out of the php process or overwrite a buffer by 1 byte (bsc#982162)
- CVE-2016-4346: A heap overflow was fixed in ext/standard/string.c (bsc#977994)
- CVE-2016-4342: A heap corruption was fixed in tar/zip/phar parser (bsc#977991)
- CVE-2016-4537, CVE-2016-4538: bcpowmod accepted negative scale causing heap buffer overflow corrupting _one_ definition (bsc#978827)
- CVE-2016-4539: Malformed input causes segmentation fault in xml_parse_into_struct() function (bsc#978828)
- CVE-2016-4540, CVE-2016-4541: Out-of-bounds memory read in zif_grapheme_stripos when given negative offset (bsc#978829)
- CVE-2016-4542, CVE-2016-4543, CVE-2016-4544: Out-of-bounds heap memory
read in exif_read_data() caused by malformed input (bsc#978830)
- CVE-2015-4116: Use-after-free vulnerability in the spl_ptr_heap_insert
function (bsc#980366)
- CVE-2015-8873: Stack consumption vulnerability in Zend/zend_exceptions.c (bsc#980373)
- CVE-2015-8874: Stack consumption vulnerability in GD (bsc#980375)
- CVE-2015-8879: odbc_bindcols function in ext/odbc/php_odbc.c mishandles
driver behavior for SQL_WVARCHAR (bsc#981050)
Also fixed previously on SUSE Linux Enterprise 11 SP4, but not yet shipped to SUSE Linux Enterprise Server 11 SP3 LTSS:
- CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM (bnc#973792).
- CVE-2015-8835: SoapClient s_call method suffered from a type confusion
issue that could have lead to crashes [bsc#973351]
- CVE-2016-2554: A NULL pointer dereference in phar_get_fp_offset could
lead to crashes. [bsc#968284]
- CVE-2015-7803: A Stack overflow vulnerability when decompressing tar
phar archives could potentially lead to code execution. [bsc#949961]
- CVE-2016-3141: A use-after-free / double-free in the WDDX
deserialization could lead to crashes or potential code
execution. [bsc#969821]
- CVE-2016-3142: An Out-of-bounds read in phar_parse_zipfile() could lead to crashes. [bsc#971912]
- CVE-2014-9767: A directory traversal when extracting zip files was
fixed that could lead to overwritten files. [bsc#971612]
- CVE-2016-3185: A type confusion vulnerability in
make_http_soap_request() could lead to crashes or potentially code
execution. [bsc#971611]
- CVE-2016-4073: A remote attacker could have caused denial of service,
or possibly execute arbitrary code, due to incorrect handling of string
length calculations in mb_strcut() (bsc#977003)
- CVE-2015-8867: The PHP function openssl_random_pseudo_bytes() did not
return cryptographically secure random bytes (bsc#977005)
- CVE-2016-4070: The libxml_disable_entity_loader() setting was shared
between threads, which could have resulted in XML external entity
injection and entity expansion issues (bsc#976997)
- CVE-2015-8866: A remote attacker could have caused denial of service
due to incorrect handling of large strings in php_raw_url_encode()
(bsc#976996)
ImportantSUSE bug 949961SUSE bug 968284SUSE bug 969821SUSE bug 971611SUSE bug 971612SUSE bug 971912SUSE bug 973351SUSE bug 973792SUSE bug 976996SUSE bug 976997SUSE bug 977003SUSE bug 977005SUSE bug 977991SUSE bug 977994SUSE bug 978827SUSE bug 978828SUSE bug 978829SUSE bug 978830SUSE bug 980366SUSE bug 980373SUSE bug 980375SUSE bug 981050SUSE bug 982010SUSE bug 982011SUSE bug 982012SUSE bug 982013SUSE bug 982162CVE-2014-9767 at SUSECVE-2014-9767 at NVDCVE-2015-4116 at SUSECVE-2015-4116 at NVDCVE-2015-7803 at SUSECVE-2015-7803 at NVDCVE-2015-8835 at SUSECVE-2015-8835 at NVDCVE-2015-8838 at SUSECVE-2015-8838 at NVDCVE-2015-8866 at SUSECVE-2015-8866 at NVDCVE-2015-8867 at SUSECVE-2015-8867 at NVDCVE-2015-8873 at SUSECVE-2015-8873 at NVDCVE-2015-8874 at SUSECVE-2015-8874 at NVDCVE-2015-8879 at SUSECVE-2015-8879 at NVDCVE-2016-2554 at SUSECVE-2016-2554 at NVDCVE-2016-3141 at SUSECVE-2016-3141 at NVDCVE-2016-3142 at SUSECVE-2016-3142 at NVDCVE-2016-3185 at SUSECVE-2016-3185 at NVDCVE-2016-4070 at SUSECVE-2016-4070 at NVDCVE-2016-4073 at SUSECVE-2016-4073 at NVDCVE-2016-4342 at SUSECVE-2016-4342 at NVDCVE-2016-4346 at SUSECVE-2016-4346 at NVDCVE-2016-4537 at SUSECVE-2016-4537 at NVDCVE-2016-4538 at SUSECVE-2016-4538 at NVDCVE-2016-4539 at SUSECVE-2016-4539 at NVDCVE-2016-4540 at SUSECVE-2016-4540 at NVDCVE-2016-4541 at SUSECVE-2016-4541 at NVDCVE-2016-4542 at SUSECVE-2016-4542 at NVDCVE-2016-4543 at SUSECVE-2016-4543 at NVDCVE-2016-4544 at SUSECVE-2016-4544 at NVDCVE-2016-5093 at SUSECVE-2016-5093 at NVDCVE-2016-5094 at SUSECVE-2016-5094 at NVDCVE-2016-5095 at SUSECVE-2016-5095 at NVDCVE-2016-5096 at SUSECVE-2016-5096 at NVDCVE-2016-5114 at SUSECVE-2016-5114 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
php53 was updated to fix five security issues.
These security issues were fixed:
- CVE-2016-5769: mcrypt: Heap Overflow due to integer overflows (bsc#986388).
- CVE-2015-8935: XSS in header() with Internet Explorer (bsc#986004).
- CVE-2016-5772: Double Free Courruption in wddx_deserialize (bsc#986244).
- CVE-2016-5766: Integer Overflow in _gd2GetHeader() resulting in heap overflow (bsc#986386).
- CVE-2016-5767: Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow (bsc#986393).
ImportantSUSE bug 986004SUSE bug 986244SUSE bug 986386SUSE bug 986388SUSE bug 986393CVE-2015-8935 at SUSECVE-2015-8935 at NVDCVE-2016-5766 at SUSECVE-2016-5766 at NVDCVE-2016-5767 at SUSECVE-2016-5767 at NVDCVE-2016-5769 at SUSECVE-2016-5769 at NVDCVE-2016-5772 at SUSECVE-2016-5772 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes the following issues:
- security update:
* CVE-2014-3587: Integer overflow in the cdf_read_property_info affecting SLES11 SP3 [bsc#987530]
* CVE-2016-6297: Stack-based buffer overflow vulnerability in php_stream_zip_opener [bsc#991426]
* CVE-2016-6291: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE [bsc#991427]
* CVE-2016-6289: Integer overflow leads to buffer overflow in virtual_file_ex [bsc#991428]
* CVE-2016-6290: Use after free in unserialize() with Unexpected Session Deserialization [bsc#991429]
* CVE-2016-5399: Improper error handling in bzread() [bsc#991430]
* CVE-2016-6288: Buffer over-read in php_url_parse_ex [bsc#991433]
* CVE-2016-6296: Heap buffer overflow vulnerability in simplestring_addn in simplestring.c [bsc#991437]
ModerateSUSE bug 987530SUSE bug 991426SUSE bug 991427SUSE bug 991428SUSE bug 991429SUSE bug 991430SUSE bug 991433SUSE bug 991437CVE-2014-3587 at SUSECVE-2014-3587 at NVDCVE-2016-5399 at SUSECVE-2016-5399 at NVDCVE-2016-6288 at SUSECVE-2016-6288 at NVDCVE-2016-6289 at SUSECVE-2016-6289 at NVDCVE-2016-6290 at SUSECVE-2016-6290 at NVDCVE-2016-6291 at SUSECVE-2016-6291 at NVDCVE-2016-6296 at SUSECVE-2016-6296 at NVDCVE-2016-6297 at SUSECVE-2016-6297 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes the following security issues:
* CVE-2016-7124: Create an Unexpected Object and Don't Invoke __wakeup() in Deserialization
* CVE-2016-7125: PHP Session Data Injection Vulnerability
* CVE-2016-7126: select_colors write out-of-bounds
* CVE-2016-7127: imagegammacorrect allowed arbitrary write access
* CVE-2016-7128: Memory Leakage In exif_process_IFD_in_TIFF
* CVE-2016-7129: wddx_deserialize allows illegal memory access
* CVE-2016-7130: wddx_deserialize null dereference
* CVE-2016-7131: wddx_deserialize null dereference with invalid xml
* CVE-2016-7132: wddx_deserialize null dereference in php_wddx_pop_element
* CVE-2016-7411: php5: Memory corruption when destructing deserialized object
* CVE-2016-7412: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG in BIT field
* CVE-2016-7413: Use after free in wddx_deserialize
* CVE-2016-7414: Out of bounds heap read when verifying signature of zip phar in phar_parse_zipfile
* CVE-2016-7416: Stack based buffer overflow in msgfmt_format_message
* CVE-2016-7417: Missing type check when unserializing SplArray
* CVE-2016-7418: Null pointer dereference in php_wddx_push_element
ImportantSUSE bug 997206SUSE bug 997207SUSE bug 997208SUSE bug 997210SUSE bug 997211SUSE bug 997220SUSE bug 997225SUSE bug 997230SUSE bug 997257SUSE bug 999679SUSE bug 999680SUSE bug 999682SUSE bug 999684SUSE bug 999685SUSE bug 999819SUSE bug 999820CVE-2016-7124 at SUSECVE-2016-7124 at NVDCVE-2016-7125 at SUSECVE-2016-7125 at NVDCVE-2016-7126 at SUSECVE-2016-7126 at NVDCVE-2016-7127 at SUSECVE-2016-7127 at NVDCVE-2016-7128 at SUSECVE-2016-7128 at NVDCVE-2016-7129 at SUSECVE-2016-7129 at NVDCVE-2016-7130 at SUSECVE-2016-7130 at NVDCVE-2016-7131 at SUSECVE-2016-7131 at NVDCVE-2016-7132 at SUSECVE-2016-7132 at NVDCVE-2016-7411 at SUSECVE-2016-7411 at NVDCVE-2016-7412 at SUSECVE-2016-7412 at NVDCVE-2016-7413 at SUSECVE-2016-7413 at NVDCVE-2016-7414 at SUSECVE-2016-7414 at NVDCVE-2016-7416 at SUSECVE-2016-7416 at NVDCVE-2016-7417 at SUSECVE-2016-7417 at NVDCVE-2016-7418 at SUSECVE-2016-7418 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes the following issues:
- CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf (bsc#1004924)
- CVE-2016-6911: Check for out-of-bound read in dynamicGetbuf() (bsc#1005274)
ModerateSUSE bug 1004924SUSE bug 1005274CVE-2016-6911 at SUSECVE-2016-6911 at NVDCVE-2016-8670 at SUSECVE-2016-8670 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes the following issues:
* CVE-2014-9912: Stack-based buffer overflow in uloc_getDisplayName() [bsc#1012232]
* CVE-2016-9933: Possible stack overflow on truecolor images handling [bsc#1015187]
* CVE-2016-9934: Dereference from NULL pointer could lead to crash [bsc#1015188]
* CVE-2016-9935: Invalid read could lead to crash [bsc#1015189]
* Buffer overflow in libmagic, allowing attackers to crash the PHP interpreter [bsc#974305]
ModerateSUSE bug 1012232SUSE bug 1015187SUSE bug 1015188SUSE bug 1015189SUSE bug 974305CVE-2014-9912 at SUSECVE-2014-9912 at NVDCVE-2016-9933 at SUSECVE-2016-9933 at NVDCVE-2016-9934 at SUSECVE-2016-9934 at NVDCVE-2016-9935 at SUSECVE-2016-9935 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes the following security issues:
- CVE-2016-7478: When unserializing untrusted input data, PHP could end up in an infinite
loop, causing denial of service (bsc#1019550)
- CVE-2016-10158: The exif_convert_any_to_int function in ext/exif/exif.c
in PHP allowed remote attackers to cause a denial of service (application
crash) via crafted EXIF data that triggers an attempt to divide the
minimum representable negative integer by -1. (bsc#1022219)
- CVE-2016-10159: Integer overflow in the phar_parse_pharfile function
in ext/phar/phar.c in PHP allowed remote attackers to cause a denial
of service (memory consumption or application crash) via a truncated
manifest entry in a PHAR archive. (bsc#1022255)
- CVE-2016-10160: Off-by-one error in the phar_parse_pharfile function
in ext/phar/phar.c in PHP allowed remote attackers to cause a denial
of service (memory corruption) or possibly execute arbitrary code via
a crafted PHAR archive with an alias mismatch. (bsc#1022257)
- CVE-2016-10161: The object_common1 function in
ext/standard/var_unserializer.c in PHP allowed remote attackers to
cause a denial of service (buffer over-read and application crash) via
crafted serialized data that is mishandled in a finish_nested_data call.
(bsc#1022260)
- CVE-2016-10166: A potential unsigned underflow in gd interpolation
functions could lead to memory corruption in the PHP gd module
(bsc#1022263)
- CVE-2016-10167: A denial of service problem in gdImageCreateFromGd2Ctx()
could lead to php out of memory even on small files. (bsc#1022264)
- CVE-2016-10168: A signed integer overflow in the gd module could lead
to memory corruption (bsc#1022265)
ImportantSUSE bug 1019550SUSE bug 1022219SUSE bug 1022255SUSE bug 1022257SUSE bug 1022260SUSE bug 1022263SUSE bug 1022264SUSE bug 1022265CVE-2016-10158 at SUSECVE-2016-10158 at NVDCVE-2016-10159 at SUSECVE-2016-10159 at NVDCVE-2016-10160 at SUSECVE-2016-10160 at NVDCVE-2016-10161 at SUSECVE-2016-10161 at NVDCVE-2016-10166 at SUSECVE-2016-10166 at NVDCVE-2016-10167 at SUSECVE-2016-10167 at NVDCVE-2016-10168 at SUSECVE-2016-10168 at NVDCVE-2016-7478 at SUSECVE-2016-7478 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes the following issues:
This security issue was fixed:
- CVE-2017-7272: PHP enabled potential SSRF in applications that accept an fsockopen hostname argument with an expectation that the port number is constrained. Because a :port syntax was recognized, fsockopen used the port number that is specified in the hostname argument, instead of the port number in the second argument of the function (bsc#1031246)
- CVE-2016-6294: The locale_accept_from_http function in ext/intl/locale/locale_methods.c did not properly restrict calls to the ICU uloc_acceptLanguageFromHTTP function, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long argument (bsc#1035111).
- CVE-2017-9227: An issue was discovered in Oniguruma 6.2.0, as used in mbstring in PHP. A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching. Invalid handling of reg->dmin in forward_search_range() could result in an invalid pointer dereference, as an out-of-bounds read from a stack buffer. (bsc#1040883)
- CVE-2017-9226: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in mbstring in PHP. A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetch_token() and fetch_token_in_cc(). A malformed regular expression containing an octal number in the form of '\700' would produce an invalid code point value larger than 0xff in next_state_val(), resulting in an out-of-bounds write memory corruption. (bsc#1040889)
- CVE-2017-9224: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in mbstring in PHP. A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error involving order of validation and access in match_at() could result in an out-of-bounds read from a stack buffer. (bsc#1040891)
ModerateSUSE bug 1031246SUSE bug 1035111SUSE bug 1040883SUSE bug 1040889SUSE bug 1040891CVE-2016-6294 at SUSECVE-2016-6294 at NVDCVE-2017-7272 at SUSECVE-2017-7272 at NVDCVE-2017-9224 at SUSECVE-2017-9224 at NVDCVE-2017-9226 at SUSECVE-2017-9226 at NVDCVE-2017-9227 at SUSECVE-2017-9227 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes the following issues:
- The fix for CVE-2017-7272 was reverted, as it caused regressions in the mysql server connect module. [bsc#1044976]
The security fix tried to avoid a server side request forgery, and will be submitted when a better fix becomes available.
ImportantSUSE bug 1031246SUSE bug 1044976CVE-2017-7272 at SUSECVE-2017-7272 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes the several issues.
These security issues were fixed:
- CVE-2017-12933: The finish_nested_data function in ext/standard/var_unserializer.re was prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue could have had an unspecified impact on the integrity of PHP (bsc#1054430).
- CVE-2017-11628: Stack-based buffer overflow in the zend_ini_do_op() function in Zend/zend_ini_parser.c could have caused a denial of service or potentially allowed executing code (bsc#1050726).
- CVE-2017-7890: The GIF decoding function gdImageCreateFromGifCtx in the GD Graphics Library did not zero colorMap arrays use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information (bsc#1050241).
- CVE-2016-5766: Integer overflow in the _gd2GetHeader in the GD Graphics Library (aka libgd) allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image (bsc#986386).
- CVE-2017-11145: An error in the date extension's timelib_meridian parsing code could have been used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function (bsc#1048112).
- CVE-2017-11146: Lack of bounds checks in timelib_meridian parse code could have lead to information leak [bsc#1048111]
- CVE-2016-10397: Incorrect handling of various URI components in the URL parser could have been used by attackers to bypass hostname-specific URL checks (bsc#1047454).
- CVE-2017-11147: The PHAR archive handler could have been used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function (bsc#1048094).
- CVE-2017-11144: The openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could have lead to a crash of the PHP interpreter (bsc#1048096).
ModerateSUSE bug 1047454SUSE bug 1048094SUSE bug 1048096SUSE bug 1048111SUSE bug 1048112SUSE bug 1050241SUSE bug 1050726SUSE bug 1054430SUSE bug 986386CVE-2016-10168 at SUSECVE-2016-10168 at NVDCVE-2016-10397 at SUSECVE-2016-10397 at NVDCVE-2016-5766 at SUSECVE-2016-5766 at NVDCVE-2017-11144 at SUSECVE-2017-11144 at NVDCVE-2017-11145 at SUSECVE-2017-11145 at NVDCVE-2017-11146 at SUSECVE-2017-11146 at NVDCVE-2017-11147 at SUSECVE-2017-11147 at NVDCVE-2017-11628 at SUSECVE-2017-11628 at NVDCVE-2017-12933 at SUSECVE-2017-12933 at NVDCVE-2017-7890 at SUSECVE-2017-7890 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes the following issues:
Security issues fixed:
- CVE-2017-16642: Fix timelib_meridian error that could be used to leak information from the interpreter (bsc#1067441).
- CVE-2017-9228: Fix heap out-of-bounds write that occurs in bitset_set_range() during regex compilation (bsc#1069606).
- CVE-2017-9229: Fix invalid pointer dereference in left_adjust_char_head() (bsc#1069631).
ModerateSUSE bug 1067441SUSE bug 1069606SUSE bug 1069631CVE-2017-16642 at SUSECVE-2017-16642 at NVDCVE-2017-9228 at SUSECVE-2017-9228 at NVDCVE-2017-9229 at SUSECVE-2017-9229 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes several issues.
These security issues were fixed:
- CVE-2016-10712: In PHP all of the return values of stream_get_meta_data
could be controlled if the input can be controlled (e.g., during file
uploads). (bsc#1080234)
- CVE-2018-5712: Prevent reflected XSS on the PHAR 404 error page via the
URI of a request for a .phar file that allowed for information disclosure
(bsc#1076220)
- CVE-2018-5711: Prevent integer signedness error that could have lead
to an infinite loop via a crafted GIF file allowing for DoS (bsc#1076391)
- CVE-2016-5773: php_zip.c in the zip extension in PHP improperly
interacted with the unserialize implementation and garbage collection,
which allowed remote attackers to execute arbitrary code or cause a
denial of service (use-after-free and application crash) via crafted
serialized data containing a ZipArchive object. (bsc#986247)
- CVE-2016-5771: spl_array.c in the SPL extension in PHP improperly
interacted with the unserialize implementation and garbage collection,
which allowed remote attackers to execute arbitrary code or cause a
denial of service (use-after-free and application crash) via crafted
serialized data. (bsc#986391)
- CVE-2018-7584: Fixed stack-based buffer under-read while parsing an
HTTPresponse in the php_stream_url_wrap_http_ex. (bsc#1083639)
ImportantSUSE bug 1076220SUSE bug 1076391SUSE bug 1080234SUSE bug 1083639SUSE bug 986247SUSE bug 986391CVE-2016-10712 at SUSECVE-2016-10712 at NVDCVE-2016-5771 at SUSECVE-2016-5771 at NVDCVE-2016-5773 at SUSECVE-2016-5773 at NVDCVE-2018-5711 at SUSECVE-2018-5711 at NVDCVE-2018-5712 at SUSECVE-2018-5712 at NVDCVE-2018-7584 at SUSECVE-2018-7584 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes the following issues:
Security issues fixed:
- CVE-2018-10545: Fix access controls in FPM child processes (bsc#1091367).
- CVE-2018-10547: Fix Reflected XSS on the PHAR 403 and 404 error pages (bsc#1091362).
- CVE-2018-10546: Fix an infinite loop exists in ext/iconv/iconv.c (bsc#1091363).
- CVE-2018-10548: Fix remote denial of service in ext/ldap/ldap.c (bsc#1091355).
ImportantSUSE bug 1091355SUSE bug 1091362SUSE bug 1091363SUSE bug 1091367CVE-2018-10545 at SUSECVE-2018-10545 at NVDCVE-2018-10546 at SUSECVE-2018-10546 at NVDCVE-2018-10547 at SUSECVE-2018-10547 at NVDCVE-2018-10548 at SUSECVE-2018-10548 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes the following issues:
The following security issue was fixed:
- An out-of-bounds read in the do_core_note function in readelf.c in libmagic.a
allowed remote attackers to cause a denial of service via a crafted ELF file
(CVE-2018-10360, bsc#1096984)
- CVE-2018-12882: exif_read_from_impl allowed attackers to trigger a
use-after-free (in exif_read_from_file) because it closed a stream that it is
not responsible for closing (bsc#1099098)
ModerateSUSE bug 1096984SUSE bug 1099098CVE-2018-10360 at SUSECVE-2018-10360 at NVDCVE-2018-12882 at SUSECVE-2018-12882 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes the following issues:
The following security issues were fixed:
- CVE-2018-14851: Fixed an out-of-bound read in exif_process_IFD_in_MAKERNOTE,
which could be exploited by an attacker via crafted JPG files, and could
result in an application crash. (bsc#1103659)
- CVE-2018-14883: Fixed an integer overflow leading to a heap based buffer
over-read in exif_thumbnail_extract of exif.c. (bsc#1103836)
- CVE-2017-9118: Fixed an out of bounds access in php_pcre_replace_impl via a
crafted preg_replace call (bsc#1105466)
ModerateSUSE bug 1103659SUSE bug 1103836SUSE bug 1105466CVE-2017-9118 at SUSECVE-2017-9118 at NVDCVE-2018-14851 at SUSECVE-2018-14851 at NVDCVE-2018-14883 at SUSECVE-2018-14883 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes the following issue:
- CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a
'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled
in the php_handler function (bsc#1108753)
ModerateSUSE bug 1108753CVE-2018-17082 at SUSECVE-2018-17082 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Recommended update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes the following issues:
Security issue fixed:
- CVE-2018-19518: Fixed imap_open script injection flaw (bsc#1117107).
ModerateSUSE bug 1117107CVE-2018-19518 at SUSECVE-2018-19518 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes the following issues:
Security issues fixed:
- CVE-2019-6977: Fixed a heap-based buffer overflow the GD Graphics Library used in the imagecolormatch function (bsc#1123354).
- CVE-2019-6978: Fixed a double free in the gdImage*Ptr() functions (bsc#1123522).
ModerateSUSE bug 1123354SUSE bug 1123522CVE-2019-6977 at SUSECVE-2019-6977 at NVDCVE-2019-6978 at SUSECVE-2019-6978 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for php53 fixes the following issues:
Security issues fixed:
- CVE-2019-9637: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128892).
- CVE-2019-9675: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128886).
- CVE-2019-9638: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension ((bsc#1128889).
- CVE-2019-9639: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128887).
- CVE-2019-9640: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128883).
- CVE-2019-9024: Fixed a vulnerability in xmlrpc_decode function which could allow to a hostile XMLRPC server
to cause memory read outside the allocated areas (bsc#1126821).
- CVE-2019-9020: Fixed a heap out of bounds in xmlrpc_decode function (bsc#1126711).
- CVE-2018-20783: Fixed a buffer over-read in PHAR reading functions which could allow an attacker to read
allocated and unallocated memory when parsing a phar file (bsc#1127122).
- CVE-2019-9021: Fixed a heap buffer-based buffer over-read in PHAR reading functions which could allow an
attacker to read allocated and unallocated memory when parsing a phar file (bsc#1126713).
- CVE-2019-9023: Fixed multiple heap-based buffer over-read instances in mbstring regular expression functions (bsc#1126823).
- CVE-2019-9641: Fixed multiple invalid memory access in EXIF extension and improved insecure implementation
of rename function (bsc#1128722).
ModerateSUSE bug 1126711SUSE bug 1126713SUSE bug 1126821SUSE bug 1126823SUSE bug 1127122SUSE bug 1128722SUSE bug 1128883SUSE bug 1128886SUSE bug 1128887SUSE bug 1128889SUSE bug 1128892CVE-2018-20783 at SUSECVE-2018-20783 at NVDCVE-2019-9020 at SUSECVE-2019-9020 at NVDCVE-2019-9021 at SUSECVE-2019-9021 at NVDCVE-2019-9023 at SUSECVE-2019-9023 at NVDCVE-2019-9024 at SUSECVE-2019-9024 at NVDCVE-2019-9637 at SUSECVE-2019-9637 at NVDCVE-2019-9638 at SUSECVE-2019-9638 at NVDCVE-2019-9639 at SUSECVE-2019-9639 at NVDCVE-2019-9640 at SUSECVE-2019-9640 at NVDCVE-2019-9641 at SUSECVE-2019-9641 at NVDCVE-2019-9675 at SUSECVE-2019-9675 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for php53 fixes the following issues:
Security issues fixed:
- CVE-2019-11038: Fixed a information disclosure in gdImageCreateFromXbm() (bsc#1140118).
- CVE-2019-11041: Fixed heap buffer over-read in exif_scan_thumbnail() (bsc#1146360).
- CVE-2019-11042: Fixed heap buffer over-read in exif_process_user_comment() (bsc#1145095).
ImportantSUSE bug 1140118SUSE bug 1145095SUSE bug 1146360CVE-2019-11038 at SUSECVE-2019-11038 at NVDCVE-2019-11041 at SUSECVE-2019-11041 at NVDCVE-2019-11042 at SUSECVE-2019-11042 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for php53 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for php53 fixes the following issues:
Security issues fixed:
- CVE-2020-7059: Fixed an out-of-bounds read in php_strip_tags_ex (bsc#1162629).
- CVE-2019-11045: Fixed an issue with the PHP DirectoryIterator class that accepts filenames with embedded \0 bytes (bsc#1159923).
- CVE-2019-11046: Fixed an out-of-bounds read in bc_shift_addsub (bsc#1159924).
- CVE-2019-11047: Fixed an information disclosure in exif_read_data (bsc#1159922).
- CVE-2019-11050: Fixed a buffer over-read in the EXIF extension (bsc#1159927).
- CVE-2019-20433: Fixed a buffer over-read when processing strings ending with a single '\0' byte with ucs-2 and ucs-4 encoding (bsc#1161982).
ModerateSUSE bug 1159922SUSE bug 1159923SUSE bug 1159924SUSE bug 1159927SUSE bug 1161982SUSE bug 1162629CVE-2019-11045 at SUSECVE-2019-11045 at NVDCVE-2019-11046 at SUSECVE-2019-11046 at NVDCVE-2019-11047 at SUSECVE-2019-11047 at NVDCVE-2019-11050 at SUSECVE-2019-11050 at NVDCVE-2019-20433 at SUSECVE-2019-20433 at NVDCVE-2020-7059 at SUSECVE-2020-7059 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for php53 fixes the following issues:
- CVE-2020-7070: Fixed an issue where percent-encoded cookies could have been used to overwrite existing prefixed cookie names (bsc#1177352).
ImportantSUSE bug 1177352CVE-2020-7070 at SUSECVE-2020-7070 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for php53 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for php53 fixes the following issues:
- CVE-2021-21702 [bsc#1182049]: NULL pointer dereference in SoapClient
ImportantSUSE bug 1182049CVE-2021-21702 at SUSECVE-2021-21702 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for policycoreutils (Low)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for policycoreutils fixes the following issues:
* CVE-2016-7545: nonpriv session can escape to parent [bsc#1000998]
LowSUSE bug 1000998CVE-2016-7545 at SUSECVE-2016-7545 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for policycoreutils (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for policycoreutils fixes the following issues:
- CVE-2018-1063: Prevent chcon from following symlinks in /tmp, /var/tmp,
/var/run and /var/lib/debug (bsc#1083624).
ModerateSUSE bug 1083624CVE-2018-1063 at SUSECVE-2018-1063 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for poppler (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for poppler fixes the following issues:
Security issues fixed:
- CVE-2015-8868: Corrupted PDF file can corrupt heap, causing DoS (bsc#976844)
ModerateSUSE bug 976844CVE-2015-8868 at SUSECVE-2015-8868 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for poppler (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for poppler fixes the following issues:
- CVE-2017-14977: Fixed a NULL pointer dereference vulnerability in the
FoFiTrueType::getCFFBlock() function in FoFiTrueType.cc that occurred due to
lack of validation of a table pointer, which allows an attacker to launch a
denial of service attack. (bsc#1061265)
- CVE-2017-1000456: Validate boundaries in TextPool::addWord to prevent
overflows in subsequent calculations (bsc#1074453)
- CVE-2017-15565: Prevent NULL Pointer dereference in the
GfxImageColorMap::getGrayLine() function via a crafted PDF document
(bsc#1064593)
ModerateSUSE bug 1061265SUSE bug 1064593SUSE bug 1074453CVE-2017-1000456 at SUSECVE-2017-1000456 at NVDCVE-2017-14977 at SUSECVE-2017-14977 at NVDCVE-2017-15565 at SUSECVE-2017-15565 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for postgresql94 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update of postgresql94 to 9.4.5 fixes the following issues:
* CVE-2015-5289: json or jsonb input values constructed from arbitrary user input could have crashed the PostgreSQL server and caused a denial of service (bsc#949670)
* CVE-2015-5288: crypt() (pgCrypto extension) couldi potentially be exploited to read a few additional bytes of memory (bsc#949669)
Also contains all changes and bugfixes in the upstream 9.4.5 release:
http://www.postgresql.org/docs/current/static/release-9-4-5.html
ModerateSUSE bug 949669SUSE bug 949670CVE-2015-5288 at SUSECVE-2015-5288 at NVDCVE-2015-5289 at SUSECVE-2015-5289 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for postgresql-init (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for postgresql-init fixes the following issues:
- CVE-2017-14798: A race condition in the init script could be used by attackers able to access the postgresql account to escalate their privileges to root (bsc#1062722)
ModerateSUSE bug 1062722CVE-2017-14798 at SUSECVE-2017-14798 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for postgresql94 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for postgresql94 fixes the following issues:
- Security and bugfix release 9.4.6:
* *** IMPORTANT ***
Users of version 9.4 will need to reindex any jsonb_path_ops
indexes they have created, in order to fix a persistent issue
with missing index entries.
* Fix infinite loops and buffer-overrun problems in regular
expressions (CVE-2016-0773, bsc#966436).
* Fix regular-expression compiler to handle loops of constraint
arcs (CVE-2007-4772).
* Prevent certain PL/Java parameters from being set by
non-superusers (CVE-2016-0766, bsc#966435).
* Fix many issues in pg_dump with specific object types
* Prevent over-eager pushdown of HAVING clauses for
GROUPING SETS
* Fix deparsing error with ON CONFLICT ... WHERE clauses
* Fix tableoid errors for postgres_fdw
* Prevent floating-point exceptions in pgbench
* Make \det search Foreign Table names consistently
* Fix quoting of domain constraint names in pg_dump
* Prevent putting expanded objects into Const nodes
* Allow compile of PL/Java on Windows
* Fix 'unresolved symbol' errors in PL/Python execution
* Allow Python2 and Python3 to be used in the same database
* Add support for Python 3.5 in PL/Python
* Fix issue with subdirectory creation during initdb
* Make pg_ctl report status correctly on Windows
* Suppress confusing error when using pg_receivexlog with older
servers
* Multiple documentation corrections and additions
* Fix erroneous hash calculations in gin_extract_jsonb_path()
- For the full release notse, see:
http://www.postgresql.org/docs/9.4/static/release-9-4-6.html
- Security and bugfix release 9.4.5:
* CVE-2015-5289, bsc#949670: json or jsonb input values
constructed from arbitrary user input can crash the PostgreSQL
server and cause a denial of service.
* CVE-2015-5288, bsc#949669: The crypt() function included with
the optional pgCrypto extension could be exploited to read a
few additional bytes of memory. No working exploit for this
issue has been developed.
- For the full release notse, see:
http://www.postgresql.org/docs/current/static/release-9-4-5.html
- Relax dependency on libpq to major version.
ImportantSUSE bug 949669SUSE bug 949670SUSE bug 966435SUSE bug 966436CVE-2007-4772 at SUSECVE-2007-4772 at NVDCVE-2015-5288 at SUSECVE-2015-5288 at NVDCVE-2015-5289 at SUSECVE-2015-5289 at NVDCVE-2016-0766 at SUSECVE-2016-0766 at NVDCVE-2016-0773 at SUSECVE-2016-0773 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for postgresql94 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for postgresql94 to version 9.4.9 fixes the several issues.
These security issues were fixed:
- CVE-2016-5423: CASE/WHEN with inlining can cause untrusted pointer dereference (bsc#993454).
- CVE-2016-5424: Fix client programs' handling of special characters in database and role names (bsc#993453).
For the non-security issues please refer to
- http://www.postgresql.org/docs/9.4/static/release-9-4-9.html
- http://www.postgresql.org/docs/9.4/static/release-9-4-8.html
- http://www.postgresql.org/docs/9.4/static/release-9-4-7.html
ImportantSUSE bug 993453SUSE bug 993454CVE-2016-5423 at SUSECVE-2016-5423 at NVDCVE-2016-5424 at SUSECVE-2016-5424 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for postgresql94 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for postgresql93 fixes the following issues:
- bsc#1029547: Fix tests with timezone 2017a
- CVE-2017-7486: Restrict visibility of
pg_user_mappings.umoptions, to protect passwords stored as
user mapping options. (bsc#1037624)
- CVE-2017-7485: Recognize PGREQUIRESSL variable again. (bsc#1038293)
- CVE-2017-7484: Prevent exposure of statistical information via leaky operators. (bsc#1037603)
ModerateSUSE bug 1029547SUSE bug 1037603SUSE bug 1037624SUSE bug 1038293CVE-2017-7484 at SUSECVE-2017-7484 at NVDCVE-2017-7485 at SUSECVE-2017-7485 at NVDCVE-2017-7486 at SUSECVE-2017-7486 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for postgresql94 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
Postgresql94 was updated to 9.4.13 to fix the following issues:
* CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685)
* CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684)
* CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259)
The changelog for this release is here:
https://www.postgresql.org/docs/9.4/static/release-9-4-13.html
ImportantSUSE bug 1051684SUSE bug 1051685SUSE bug 1053259CVE-2017-7546 at SUSECVE-2017-7546 at NVDCVE-2017-7547 at SUSECVE-2017-7547 at NVDCVE-2017-7548 at SUSECVE-2017-7548 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for postgresql94 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for postgresql94 fixes the following issues:
Security issues fixed:
- CVE-2017-15098: Fix crash due to rowtype mismatch in json{b}_populate_recordset() (bsc#1067844).
- CVE-2017-12172: Start scripts permit database administrator to modify root-owned files. This issue did not affect SUSE (bsc#1062538).
Bug fixes:
- Update to version 9.4.15
* https://www.postgresql.org/docs/9.4/static/release-9-4-15.html
* https://www.postgresql.org/docs/9.4/static/release-9-4-14.html
ModerateSUSE bug 1062538SUSE bug 1067844CVE-2017-12172 at SUSECVE-2017-12172 at NVDCVE-2017-15098 at SUSECVE-2017-15098 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for postgresql94 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for postgresql94 fixes the following issues:
PostgreSQL was updated to version 9.4.16, full release notes:
https://www.postgresql.org/docs/9.4/static/release-9-4-16.html
Security issues fixed:
- CVE-2018-1053: Ensure that all temporary files made by pg_upgrade are non-world-readable. (bsc#1077983)
ModerateSUSE bug 1077983CVE-2018-1053 at SUSECVE-2018-1053 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for postgresql94 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for postgresql94 fixes the following issues:
Security issues fixed:
- CVE-2018-1058: Fixed uncontrolled search path element in pg_dump and other client applications (bsc#1081925).
Bug fixes:
- See release notes for details:
* https://www.postgresql.org/docs/9.4/static/release-9-4-17.html
* https://www.postgresql.org/docs/9.4/static/release-9-4-16.html
ModerateSUSE bug 1081925CVE-2018-1058 at SUSECVE-2018-1058 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for postgresql94 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for postgresql94 fixes the following issues:
postgresql was updated to 9.4.19:
https://www.postgresql.org/docs/current/static/release-9-4-19.html
* CVE-2018-10915, bsc#1104199: Fix failure to reset libpq's state
fully between connection attempts.
postgresql was updated to 9.4.18:
- https://www.postgresql.org/about/news/1851/
- https://www.postgresql.org/docs/current/static/release-9-4-18.html
A dump/restore is not required for those running 9.4.X.
However, if the function marking mistakes mentioned in the first
changelog entry below affect you, you will want to take steps to
correct your database catalogs.
ImportantSUSE bug 1104199CVE-2018-10915 at SUSECVE-2018-10915 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ppp (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The ppp package was updated to fix the following security issue:
- CVE-2015-3310: Fixed a buffer overflow in radius plug-in's rc_mksid() (bsc#927841).
ModerateSUSE bug 927841CVE-2015-3310 at SUSECVE-2015-3310 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ppp (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for ppp fixes the following security issue:
- CVE-2020-8597: Fixed a buffer overflow in the eap_request and eap_response functions (bsc#1162610).
ImportantSUSE bug 1162610CVE-2020-8597 at SUSECVE-2020-8597 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for procmail (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for procmail fixes the following issues:
Security issue fixed:
- CVE-2017-16844: Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than CVE-2014-3618. (bnc#1068648)
ModerateSUSE bug 1068648CVE-2017-16844 at SUSECVE-2017-16844 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for procps (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for procps fixes the following security issues:
- CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top
with HOME unset in an attacker-controlled directory, the attacker could have
achieved privilege escalation by exploiting one of several vulnerabilities in
the config_file() function (bsc#1092100).
- CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow.
Inbuilt protection in ps maped a guard page at the end of the overflowed
buffer, ensuring that the impact of this flaw is limited to a crash (temporary
denial of service) (bsc#1092100).
- CVE-2018-1124: Prevent multiple integer overflows leading to a heap
corruption in file2strvec function. This allowed a privilege escalation for a
local attacker who can create entries in procfs by starting processes, which
could result in crashes or arbitrary code execution in proc utilities run by
other users (bsc#1092100).
- CVE-2018-1125: Prevent stack buffer overflow in pgrep. This vulnerability was
mitigated by FORTIFY limiting the impact to a crash (bsc#1092100).
- CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent
truncation/integer overflow issues (bsc#1092100).
ModerateSUSE bug 1092100CVE-2018-1122 at SUSECVE-2018-1122 at NVDCVE-2018-1123 at SUSECVE-2018-1123 at NVDCVE-2018-1124 at SUSECVE-2018-1124 at NVDCVE-2018-1125 at SUSECVE-2018-1125 at NVDCVE-2018-1126 at SUSECVE-2018-1126 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for puppet (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for puppet fixes the following issues:
- CVE-2017-2295: Fixed a security vulnerability where an attacker could
force YAML deserialization in an unsafe manner, which would lead to
remote code execution.
In default, this update would break a backwards compatibility
with Puppet agents older than 3.2.2 as the SLE11 master doesn't
support other fact formats than pson in default anymore.
In order to allow users to continue using their SLE11 agents
a patch was added that enables sending PSON from agents.
For non-SUSE clients older that 3.2.2 a new puppet master boolean option
'dangerous_fact_formats' was added. When it's set to true it
enables using dangerous fact formats (e.g. YAML). When it's set
to false, only PSON fact format is accepted. (bsc#1040151),
(bsc#1077767)
ModerateSUSE bug 1040151SUSE bug 1077767CVE-2017-2295 at SUSECVE-2017-2295 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for python fixes the following issues:
- CVE-2016-0772: smtplib vulnerability opens startTLS stripping attack (bsc#984751)
- CVE-2016-5699: incorrect validation of HTTP headers allow header injection (bsc#985348)
- CVE-2016-1000110: HTTPoxy vulnerability in urllib, fixed by disregarding HTTP_PROXY
when REQUEST_METHOD is also set (bsc#989523)
ModerateSUSE bug 984751SUSE bug 985348SUSE bug 989523CVE-2016-0772 at SUSECVE-2016-0772 at NVDCVE-2016-1000110 at SUSECVE-2016-1000110 at NVDCVE-2016-5699 at SUSECVE-2016-5699 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for python fixes the following issues:
- CVE-2017-1000158: Fixed integer overflow in thePyString_DecodeEscape function (bsc#1068664).
ModerateSUSE bug 1068664CVE-2017-1000158 at SUSECVE-2017-1000158 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for python fixes the following issues:
The following security vulnerabilities were addressed:
- Add a check to Lib/wave.py that verifies that at least one channel is
provided. Prior to this, attackers could cause a denial of service via a
crafted wav format audio file. [bsc#1083507, CVE-2017-18207]
ModerateSUSE bug 1083507CVE-2017-18207 at SUSECVE-2017-18207 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for python (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for python-base fixes the following issues:
Security issues fixed:
- CVE-2018-1061: Fixed DoS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib (bsc#1088004).
- CVE-2018-1060: Fixed DoS via regular expression catastrophic backtracking in apop() method in pop3lib (bsc#1088009).
- CVE-2016-5636: Fixed heap overflow in zipimporter module (bsc#985177)
Bug fixes:
- bsc#1086001: python tarfile uses random order.
ImportantSUSE bug 1086001SUSE bug 1088004SUSE bug 1088009SUSE bug 985177CVE-2016-5636 at SUSECVE-2016-5636 at NVDCVE-2018-1060 at SUSECVE-2018-1060 at NVDCVE-2018-1061 at SUSECVE-2018-1061 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for python fixes the following issue:
- CVE-2018-14647: Python's elementtree C accelerator failed to initialise
Expat's hash salt during initialization. This could make it easy to conduct
denial of service attacks against Expat by constructing an XML document that
would cause pathological hash collisions in Expat's internal data structures,
consuming large amounts CPU and RAM (bsc#1109847)
ModerateSUSE bug 1109847CVE-2018-14647 at SUSECVE-2018-14647 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for python (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for python fixes the following issues:
Security issues fixed:
- CVE-2019-9948: Fixed a 'file:' blacklist bypass in URIs by using the 'local-file:' scheme instead (bsc#1130847).
- CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization (bsc#1129346).
ImportantSUSE bug 1129346SUSE bug 1130847CVE-2019-9636 at SUSECVE-2019-9636 at NVDCVE-2019-9948 at SUSECVE-2019-9948 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for python (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for python fixes the following issues:
- CVE-2019-10160: Fixed a regression in urlparse() and urlsplit() introduced by the fix for CVE-2019-9636 (bsc#1138459).
- CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain validation (bsc#1141853).
ImportantSUSE bug 1138459SUSE bug 1141853CVE-2018-20852 at SUSECVE-2018-20852 at NVDCVE-2019-10160 at SUSECVE-2019-10160 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for python fixes the following issues:
Security issue fixed:
- CVE-2019-16056: Fixed a parser issue in the email module. (bsc#1149955)
ModerateSUSE bug 1149955CVE-2019-16056 at SUSECVE-2019-16056 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for python (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for python fixes the following security issue:
- CVE-2020-8492: Fixed a regular expression in urllib that was prone to denial of service via HTTP (bsc#1162367).
ModerateSUSE bug 1162367CVE-2020-8492 at SUSECVE-2020-8492 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for python (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for python fixes the following issues:
- bsc#1177211 (CVE-2020-26116) no longer allowing special characters in the method parameter
of HTTPConnection.putrequest in httplib, stopping injection of headers.
ImportantSUSE bug 1177211CVE-2020-26116 at SUSECVE-2020-26116 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for python-numpy (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for python-numpy fixes the following issues:
Security issue fixed:
- CVE-2019-6446: Set allow_pickle to false by default to restrict loading untrusted content (bsc#1122208).
With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by
misusing numpy.load(). A warning during runtime will show-up when the allow_pickle is not explicitly set.
NOTE: By applying this update the behavior of python-numpy changes, which might break your application.
In order to get the old behaviour back, you have to explicitly set `allow_pickle` to True. Be aware
that this should only be done for trusted input, as loading untrusted input might lead to arbitrary code
execution.
ImportantSUSE bug 1122208CVE-2019-6446 at SUSECVE-2019-6446 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for quagga (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for quagga fixes the following security issue:
- CVE-2016-2342: Quagga was extended the prefixlen check to ensure it is
within the bound of the NLRI packet data and the on-stack prefix structure
and the maximum size for the address family (bsc#970952).
ModerateSUSE bug 970952CVE-2016-2342 at SUSECVE-2016-2342 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for quagga (Low)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for quagga fixes one security issue:
- bsc#770619: Disallow unprivileged users to enter config directory /etc/quagga
(group: quagga, mode: 750) and read configuration files installed
there (group: quagga, mode: 640).
LowSUSE bug 770619cpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for quagga (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for quagga fixes the following issue:
Security issue fixed:
- CVE-2016-4049: Fix for a buffer overflow error in bgp_dump_routes_func. (bsc#977012)
ModerateSUSE bug 977012CVE-2016-4049 at SUSECVE-2016-4049 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for quagga (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for quagga fixes the following issues:
- CVE-2016-1245: Fix for a zebra stack overrun in IPv6 RA receive code (bsc#1005258).
ImportantSUSE bug 1005258CVE-2016-1245 at SUSECVE-2016-1245 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for quagga (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for quagga fixes the following issues:
- The Quagga BGP daemon contained a bug in the AS_PATH size calculation that
could have been exploited to facilitate a remote denial-of-service attack via
specially crafted BGP UPDATE messages. [CVE-2017-16227, bsc#1065641]
- The Quagga BGP daemon did not check whether data sent to peers via NOTIFY had
an invalid attribute length. It was possible to exploit this issue and cause
the bgpd process to leak sensitive information over the network to a
configured peer. [CVE-2018-5378, bsc#1079798]
- The Quagga BGP daemon used to double-free memory when processing certain
forms of UPDATE messages. This issue could be exploited by sending an
optional/transitive UPDATE attribute that all conforming eBGP speakers should
pass along. Consequently, a single UPDATE message could have affected many
bgpd processes across a wide area of a network. Through this vulnerability,
attackers could potentially have taken over control of affected bgpd
processes remotely. [CVE-2018-5379, bsc#1079799]
- It was possible to overrun internal BGP code-to-string conversion tables in
the Quagga BGP daemon. Configured peers could have exploited this issue and
cause bgpd to emit debug and warning messages into the logs that would
contained arbitrary bytes. [CVE-2018-5380, bsc#1079800]
- The Quagga BGP daemon could have entered an infinite loop if sent an invalid
OPEN message by a configured peer. If this issue was exploited, then bgpd
would cease to respond to any other events. BGP sessions would have been
dropped and not be reestablished. The CLI interface would have been
unresponsive. The bgpd daemon would have stayed in this state until
restarted. [CVE-2018-5381, bsc#1079801]
- The Quagga daemon's telnet 'vty' CLI contains an unbounded memory allocation
bug that could be exploited for a denial-of-service attack on the daemon.
This issue has been fixed. [CVE-2017-5495, bsc#1021669]
- The telnet 'vty' CLI of the Quagga daemon is no longer enabled by default,
because the passwords in the default 'zebra.conf' config file are now
disabled. The vty interface is available via 'vtysh' utility using pam
authentication to permit management access for root without password.
[bsc#1021669]
ImportantSUSE bug 1021669SUSE bug 1065641SUSE bug 1079798SUSE bug 1079799SUSE bug 1079800SUSE bug 1079801CVE-2017-16227 at SUSECVE-2017-16227 at NVDCVE-2017-5495 at SUSECVE-2017-5495 at NVDCVE-2018-5378 at SUSECVE-2018-5378 at NVDCVE-2018-5379 at SUSECVE-2018-5379 at NVDCVE-2018-5380 at SUSECVE-2018-5380 at NVDCVE-2018-5381 at SUSECVE-2018-5381 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for rpcbind (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
A use-after-free security bug in rpcbind was fixed which could lead to a remote denial of service.
ModerateSUSE bug 940191SUSE bug 946204CVE-2015-7236 at SUSECVE-2015-7236 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for rsync (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for rsync fixes two security issues:
- CVE-2014-8242: Checksum collisions leading to a denial of service (bsc#900914)
- CVE-2014-9512: Malicious servers could send files outside of the transferred directory (bsc#915410)
ModerateSUSE bug 900914SUSE bug 915410CVE-2014-8242 at SUSECVE-2014-8242 at NVDCVE-2014-9512 at SUSECVE-2014-9512 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for rsync (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
rsync was updated to fix one security issue.
- CVE-2014-9512: rsync allowed remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path (bsc#915410).
ModerateSUSE bug 915410CVE-2014-9512 at SUSECVE-2014-9512 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for rsync (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for rsync fixes the following issues:
Security issues fixed:
- CVE-2017-17434: The daemon in rsync did not check for fnamecmp filenames in
the daemon_filter_list data structure (in the recv_files function in
receiver.c) and also did not apply the sanitize_paths protection mechanism to
pathnames found in 'xname follows' strings (in the read_ndx_and_attrs function
in rsync.c), which allowed remote attackers to bypass intended access
restrictions' (bsc#1071460).
- CVE-2017-17433: The recv_files function in receiver.c in the daemon in rsync,
proceeded with certain file metadata updates before checking for a filename in
the daemon_filter_list data structure, which allowed remote attackers to bypass
intended access restrictions (bsc#1071459).
- CVE-2017-16548: The receive_xattr function in xattrs.c in rsync did not check
for a trailing '\\0' character in an xattr name, which allowed remote attackers
to cause a denial of service (heap-based buffer over-read and application
crash) or possibly have unspecified other impact by sending crafted data to the
daemon (bsc#1066644).
ModerateSUSE bug 1066644SUSE bug 1071459SUSE bug 1071460CVE-2017-16548 at SUSECVE-2017-16548 at NVDCVE-2017-17433 at SUSECVE-2017-17433 at NVDCVE-2017-17434 at SUSECVE-2017-17434 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for rsync (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for rsync fixes one issues.
This security issue was fixed:
- CVE-2018-5764: The parse_arguments function in options.c did not prevent
multiple --protect-args uses, which allowed remote attackers to bypass an
argument-sanitization protection mechanism (bsc#1076503)
ModerateSUSE bug 1076503CVE-2018-5764 at SUSECVE-2018-5764 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for ruby (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for ruby fixes the following issues:
Secuirty issues fixed:
- CVE-2015-1855: Ruby OpenSSL Hostname Verification (bsc#926974)
- CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL (bsc#959495)
Bugfixes:
- fix small mistake in the backport for (bsc#986630)
ModerateSUSE bug 926974SUSE bug 959495SUSE bug 986630CVE-2015-1855 at SUSECVE-2015-1855 at NVDCVE-2015-7551 at SUSECVE-2015-7551 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for rzsz (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for rzsz fixes the following issues:
- L3: sz of rzsz segfaults in zsdata() (bsc#1086416)
- VUL-0: CVE-2018-10195: rzsz: sz can leak data to receiving side (bsc#1090051)
- rzsz-0.12.20-976.7: illegal use of freed variable (bsc#529899)
- /usr/bin/lsb segfaults [rzsz] (bsc#1076576)
ModerateSUSE bug 1076576SUSE bug 1086416SUSE bug 1090051SUSE bug 529899CVE-2018-10195 at SUSECVE-2018-10195 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for samba (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for samba fixes the following issues:
Security issue fixed:
- CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link
target; (bso#11648); (bsc#968222).
Bug fixed:
- Fix leaking memory in libsmbclient: Add missing talloc
stackframe; (bso#11177); (bsc#967017).
ImportantSUSE bug 967017SUSE bug 968222CVE-2015-7560 at SUSECVE-2015-7560 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for samba (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
samba was updated to fix seven security issues.
These security issues were fixed:
- CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks (bsc#936862).
- CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication (bsc#973031).
- CVE-2016-2111: Domain controller netlogon member computer could have been spoofed (bsc#973032).
- CVE-2016-2112: LDAP conenctions were vulnerable to downgrade and MITM attack (bsc#973033).
- CVE-2016-2113: TLS certificate validation were missing (bsc#973034).
- CVE-2016-2115: Named pipe IPC were vulnerable to MITM attacks (bsc#973036).
- CVE-2016-2118: 'Badlock' DCERPC impersonation of authenticated account were possible (bsc#971965).
These non-security issues were fixed:
- bsc#967017: Fix leaking memory in libsmbclient in cli_set_mntpoint function
- Getting and setting Windows ACLs on symlinks can change permissions on link
ImportantSUSE bug 936862SUSE bug 967017SUSE bug 971965SUSE bug 973031SUSE bug 973032SUSE bug 973033SUSE bug 973034SUSE bug 973036CVE-2015-5370 at SUSECVE-2015-5370 at NVDCVE-2016-2110 at SUSECVE-2016-2110 at NVDCVE-2016-2111 at SUSECVE-2016-2111 at NVDCVE-2016-2112 at SUSECVE-2016-2112 at NVDCVE-2016-2113 at SUSECVE-2016-2113 at NVDCVE-2016-2115 at SUSECVE-2016-2115 at NVDCVE-2016-2118 at SUSECVE-2016-2118 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for samba provides the following fixes:
Security issues fixed:
- CVE-2016-2125: Don't send delegated credentials to all servers. (bsc#1014441)
- CVE-2016-2126: Prevent denial of service due to a client triggered crash in the winbindd
parent process. (bsc#1014442)
Non security issues fixed:
- Allow SESSION KEY setup without signing. (bsc#1009711)
- Fix crash bug in tevent_queue_immediate_trigger(). (bsc#1003731)
- Don't fail when using default domain with user@domain.com format. (bsc#997833)
- Prevent core, make sure response->extra_data.data is always cleared out. (bsc#993692)
ModerateSUSE bug 1003731SUSE bug 1009711SUSE bug 1014441SUSE bug 1014442SUSE bug 993692SUSE bug 997833CVE-2016-2125 at SUSECVE-2016-2125 at NVDCVE-2016-2126 at SUSECVE-2016-2126 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for samba (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for samba fixes the following issues:
Security issue fixed:
- CVE-2017-2619: symlink race permits opening files outside share directory (bsc#1027147).
ImportantSUSE bug 1027147CVE-2017-2619 at SUSECVE-2017-2619 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for samba (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for samba fixes the following issues:
Security issue fixed:
- CVE-2017-2619: symlink race permits opening files outside share directory (bsc#1027147).
For SUSE Linux Enterprise 11 SP4 this is a re-issue of the update, a regression
in the fix has been addressed (bsc#1036283, bso#12721).
ImportantSUSE bug 1027147SUSE bug 1036283CVE-2017-2619 at SUSECVE-2017-2619 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for samba (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for samba fixes the following issue:
- An unprivileged user with access to the samba server could cause smbd to load
a specially crafted shared library, which then had the ability to execute
arbitrary code on the server as 'root'. [CVE-2017-7494, bso#12780, bsc#1038231]
ImportantSUSE bug 1038231CVE-2017-7494 at SUSECVE-2017-7494 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for samba fixes several issues.
These security issues were fixed:
- CVE-2017-12163: Prevent client short SMB1 write from writing server memory to
file, leaking information from the server to the client (bsc#1058624)
- CVE-2017-12150: Always enforce smb signing when it is configured (bsc#1058622)
This non-security issue was fixed:
- Fix error where short name length was read as 2 bytes, should be 1 (bsc#1042419).
ModerateSUSE bug 1042419SUSE bug 1058622SUSE bug 1058624CVE-2017-12150 at SUSECVE-2017-12150 at NVDCVE-2017-12163 at SUSECVE-2017-12163 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for samba fixes the following issues:
- CVE-2017-15275: s3: smbd: Chain code can return uninitialized
memory when talloc buffer is grown; (bsc#1063008); (bso#13077);
- s3/libads: fix seal/signed ldap connections so they are reused;
(bsc#1016531). ModerateSUSE bug 1016531SUSE bug 1063008CVE-2017-15275 at SUSECVE-2017-15275 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for samba fixes the following issues:
- CVE-2018-1050: DOS vulnerability when SPOOLSS is run externally (bsc#1081741)
ModerateSUSE bug 1081741CVE-2018-1050 at SUSECVE-2018-1050 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for samba (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for samba fixes the following issues:
The following security issues were fixed:
- CVE-2018-10858: Insufficient input validation on client directory listing in libsmbclient (bsc#1103411).
The following other bugs were fixed:
- s3:winbindd: allow a fallback to NTLMSSP for LDAP connections (bsc#1079449) ImportantSUSE bug 1079449SUSE bug 1103411CVE-2018-10858 at SUSECVE-2018-10858 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for samba fixes the following issues:
Security issue fixed:
- CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share (bsc#1131060).
Non-security issue fixed:
- Make init scripts create log directories before running daemons (bsc#1101499)
ModerateSUSE bug 1101499SUSE bug 1131060CVE-2019-3880 at SUSECVE-2019-3880 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for samba (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for samba fixes the following issue:
- CVE-2019-10218: Fixed a path injection caused by filenames containing path separators (bso#14071) (bsc#1144902).
ImportantSUSE bug 1144902CVE-2019-10218 at SUSECVE-2019-10218 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for samba (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for samba fixes the following issues:
- CVE-2020-10745: Fixed an issue which parsing and packing of NBT and DNS packets
containing dots could potentially have consumed excessive CPU (bsc#1173160).
ModerateSUSE bug 1173160CVE-2020-10745 at SUSECVE-2020-10745 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for samba (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for samba fixes the following issues:
- CVE-2020-14323: Unprivileged user can crash winbind (bsc#1173994).
- CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify (bsc#1173902).
ImportantSUSE bug 1173902SUSE bug 1173994CVE-2020-14318 at SUSECVE-2020-14318 at NVDCVE-2020-14323 at SUSECVE-2020-14323 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for samba (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for samba fixes the following issues:
- CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids() (bsc#1184677).
- Adjust smbcacls '--propagate-inheritance' feature to align with upstream (bsc#1178469).
ImportantSUSE bug 1178469SUSE bug 1184677CVE-2021-20254 at SUSECVE-2021-20254 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for samba (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for Samba fixes the following security issues:
- CVE-2015-5330: Remote read memory exploit in LDB (bnc#958586)
- CVE-2015-5252: Insufficient symlink verification (file access outside the share) (bnc#958582)
- CVE-2015-5296: No man in the middle protection when forcing smb encryption on the client side (bnc#958584)
- CVE-2015-5299: Currently the snapshot browsing is not secure thru windows previous version (shadow_copy2) (bnc#958583)
Non-security issues fixed:
- Prevent null pointer access in samlogon fallback when security credentials are null (bnc#949022)
- Ensure samlogon fall-back requests are rerouted after kerberos failure (bnc#953382)
- Ensure 'Your account is disabled' message is displayed when attempting to ssh into locked account (bnc#953382)
- Address unrecoverable winbind failure: 'key length too large' (bnc#934299)
- Take resource group sids into account when caching netsamlogon data (bnc#912457)
- Fix lookup of groups with 'Local Domain' scope from Active Directory (bnc#948244)
- dependency issue with samba-winbind (bnc#936909)
ImportantSUSE bug 295284SUSE bug 912457SUSE bug 934299SUSE bug 936909SUSE bug 948244SUSE bug 949022SUSE bug 953382SUSE bug 958582SUSE bug 958583SUSE bug 958584SUSE bug 958586CVE-2015-5252 at SUSECVE-2015-5252 at NVDCVE-2015-5296 at SUSECVE-2015-5296 at NVDCVE-2015-5299 at SUSECVE-2015-5299 at NVDCVE-2015-5330 at SUSECVE-2015-5330 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for sane-backends (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for sane-backends fixes the following issues:
- saned could have leaked uninitialized memory back to its requesters for some
opcodes, allowing for information disclosure of saned memory
(CVE-2017-6318, bsc#1027197).
ModerateSUSE bug 1027197CVE-2017-6318 at SUSECVE-2017-6318 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for sblim-sfcb (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update of sblim-sfcb fixes a potential NULL pointer crash in lookupProviders() (CVE-2015-5185).
ModerateSUSE bug 942628CVE-2015-5185 at SUSECVE-2015-5185 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for sblim-sfcb (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for sblim-sfcb fixes the following issues:
Feature enhancements:
- A seperate sblim-sfcb-openssl1 package was added to the SECURITY Module.
(fate#322032/bsc#1012814)
This package can be installed additionaly, and the SysV Init script will
pick the openssl1 variant on the next start, offering TLS 1.2 support
on the WBEM SSL socket.
Bugfixes:
- Add sslNoSSLv3 and sslNoTLSv1 configuration options (bsc#923349, bsc#1008130)
ModerateSUSE bug 1008130SUSE bug 1012814SUSE bug 923349cpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for shim (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for shim fixes the following issues:
Update to the unified shim binary from SUSE Linux Enterprise 15-SP1 (bsc#1168994)
This update addresses the 'BootHole' security issue (master CVE CVE-2020-10713), by
disallowing binaries signed by the previous SUSE UEFI signing key from booting.
This update should only be installed after updates of grub2, the Linux kernel and (if used)
Xen from or after July / August 2020 are applied.
Also fixed:
+ shim-install: install MokManager to \EFI\boot to process the pending MOK request (bsc#1175626, bsc#1175656)
ModerateSUSE bug 1168994SUSE bug 1175626SUSE bug 1175656CVE-2020-10713 at SUSECVE-2020-10713 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for socat (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for socat fixes the following issues:
- CVE-2013-3571: Fix a file descriptor leak that could have been misused for a denial of service attack against socat running in server mode (bsc#821985)
- CVE-2014-0019: PROXY-CONNECT address was vulnerable to a stack buffer overflow (bsc#860991)
- Fix a stack overflow in the parser that could have been leveraged to execute arbitrary code (bsc#964844)
ModerateSUSE bug 821985SUSE bug 860991SUSE bug 964844CVE-2013-3571 at SUSECVE-2013-3571 at NVDCVE-2014-0019 at SUSECVE-2014-0019 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for spice (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
Spice was updated to fix three security issues.
The following vulnerabilities were fixed:
* CVE-2015-3247: heap corruption in the spice server (bsc#944460)
* CVE-2015-5261: Guest could have accessed host memory using crafted images (bsc#948976)
* CVE-2015-5260: Insufficient validation of surface_id parameter could have caused a crash (bsc#944787)
ModerateSUSE bug 944460SUSE bug 944787SUSE bug 948976CVE-2015-3247 at SUSECVE-2015-3247 at NVDCVE-2015-5260 at SUSECVE-2015-5260 at NVDCVE-2015-5261 at SUSECVE-2015-5261 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for spice (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This security update for spice fixes the following issues:
CVE-2016-9577: A buffer overflow in the spice server could have potentially been used
by unauthenticated attackers to execute arbitrary code. (bsc#1023078)
CVE-2016-9578: Unauthenticated attackers could have caused a denial of service via a crafted message. (bsc#1023079)
ImportantSUSE bug 1023078SUSE bug 1023079CVE-2016-9577 at SUSECVE-2016-9577 at NVDCVE-2016-9578 at SUSECVE-2016-9578 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for spice (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for spice fixes the following issues:
- CVE-2017-7506: A possible buffer overflow via invalid monitor configurations (bsc#1046779)
ImportantSUSE bug 1046779CVE-2017-7506 at SUSECVE-2017-7506 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for spice (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for spice fixes the following issues:
Security issues fixed:
- CVE-2018-10873: Fix potential heap corruption when demarshalling (bsc#1104448)
- CVE-2018-10893: Avoid buffer overflow on image lz checks (bsc#1101295)
ImportantSUSE bug 1101295SUSE bug 1104448CVE-2018-10873 at SUSECVE-2018-10873 at NVDCVE-2018-10893 at SUSECVE-2018-10893 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for spice (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for spice fixes the following issues:
Security issue fixed:
- CVE-2019-3813: Fixed an out-of-bounds read in the memslot_get_virt function
that could lead to denial-of-service or code-execution (bsc#1122706).
ImportantSUSE bug 1122706CVE-2019-3813 at SUSECVE-2019-3813 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for spice (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for spice fixes the following issues:
- CVE-2021-20201: client initiated renegotiation causing denial of service (bsc#1181686)
- CVE-2020-14355: Fixed multiple buffer overflow vulnerabilities in QUIC decoding code (bsc#1177158)
- CVE-2016-2150: Fixed a guest escape using crafted primary surface parameters (bsc#982386)
ImportantSUSE bug 1177158SUSE bug 1181686SUSE bug 982386CVE-2016-2150 at SUSECVE-2016-2150 at NVDCVE-2020-14355 at SUSECVE-2020-14355 at NVDCVE-2021-20201 at SUSECVE-2021-20201 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for sqlite3 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for sqlite3 fixes the following issues:
The following security issue was fixed:
- CVE-2016-6153: Fixed a tempdir selection vulnerability (bsc#987394)
ModerateSUSE bug 987394CVE-2016-6153 at SUSECVE-2016-6153 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for sqlite3 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for sqlite3 fixes the following issue:
Security issue fixed:
- CVE-2018-20346: Fixed a remote code execution vulnerability in FTS3 (Magellan) (bsc#1119687).
ModerateSUSE bug 1119687CVE-2018-20346 at SUSECVE-2018-20346 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for sqlite3 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for sqlite3 fixes the following issue:
Security issue fixed:
- CVE-2019-8457: Fixed a Heap out-of-bound read in rtreenode() when handling invalid rtree tables (bsc#1136976).
ImportantSUSE bug 1136976CVE-2019-8457 at SUSECVE-2019-8457 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for sqlite3 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for sqlite3 fixes the following issues:
- CVE-2017-2518: Fixed a use-after-free vulnerability which could have
led to buffer overflow via a crafted SQL statement (bsc#1155787).
ImportantSUSE bug 1155787CVE-2017-2518 at SUSECVE-2017-2518 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for sqlite3 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for sqlite3 fixes the following issues:
- CVE-2019-20218: Fixed a stack unwinding flaw in the selectExpander after a parsing error. (bsc#1160439)
ImportantSUSE bug 1160439CVE-2019-20218 at SUSECVE-2019-20218 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for squid (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
squid was updated to fix two security issues.
These security issues were fixed:
- CVE-2014-6270: Fixed an off by one in snmp subsystem (bsc#895773).
- CVE-2014-9749: Fixed a nonce replay vulnerability in Digest authentication (bsc#949942).
ModerateSUSE bug 895773SUSE bug 949942CVE-2014-6270 at SUSECVE-2014-6270 at NVDCVE-2014-9749 at SUSECVE-2014-9749 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for squid (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for squid fixes the following issues:
- CVE-2016-4051: backport fix buffer overflow in cachemgr.cgi (bsc#976553)
- CVE-2016-4554: backport fix for header smuggling issue in HTTP Request processing (bsc#979010)
ModerateSUSE bug 976553SUSE bug 979010CVE-2016-4051 at SUSECVE-2016-4051 at NVDCVE-2016-4554 at SUSECVE-2016-4554 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for squid (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for squid fixes the following issues:
- CVE-2020-15810: Fixed a HTTP Request Smuggling that could have resulted in cache poisoning (bsc#1175664).
- CVE-2019-12523: Disabled urn parsing and parsing of unknown schemes (bsc#1156329).
- CVE-2019-18676: Disabled urn parsing and parsing of unknown schemes (bsc#1156329).
ImportantSUSE bug 1156329SUSE bug 1175664CVE-2019-12523 at SUSECVE-2019-12523 at NVDCVE-2019-18676 at SUSECVE-2019-18676 at NVDCVE-2020-15810 at SUSECVE-2020-15810 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for squid3 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for squid3 fixes the following issues:
- Multiple issues in pinger ICMP processing. (CVE-2014-7141, CVE-2014-7142)
- CVE-2016-3947: Buffer overrun issue in pinger
ICMPv6 processing. (bsc#973782)
- CVE-2016-4554: fix header smuggling issue in HTTP Request processing (bsc#979010)
- Fix multiple Denial of Service issues in HTTP Response processing.
(CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572,
bsc#968392, bsc#968393, bsc#968394, bsc#968395)
- Regression caused by the DoS fixes above (bsc#993299)
- CVE-2016-3948: Fix denial of service in HTTP Response processing (bsc#973783)
- CVE-2016-4051: fixes buffer overflow in cachemgr.cgi (bsc#976553)
- CVE-2016-4052, CVE-2016-4053, CVE-2016-4054:
* fixes multiple issues in ESI processing (bsc#976556)
- CVE-2016-4556: fixes double free vulnerability in Esi.cc (bsc#979008)
- CVE-2015-5400: Improper Protection of Alternate Path (bsc#938715)
- CVE-2014-6270: fix off-by-one in snmp subsystem (bsc#895773)
- Memory leak in squid3 when using external_acl (bsc#976708)
ImportantSUSE bug 895773SUSE bug 902197SUSE bug 938715SUSE bug 963539SUSE bug 967011SUSE bug 968392SUSE bug 968393SUSE bug 968394SUSE bug 968395SUSE bug 973782SUSE bug 973783SUSE bug 976553SUSE bug 976556SUSE bug 976708SUSE bug 979008SUSE bug 979009SUSE bug 979010SUSE bug 979011SUSE bug 993299CVE-2011-3205 at SUSECVE-2011-3205 at NVDCVE-2011-4096 at SUSECVE-2011-4096 at NVDCVE-2012-5643 at SUSECVE-2012-5643 at NVDCVE-2013-0188 at SUSECVE-2013-0188 at NVDCVE-2013-4115 at SUSECVE-2013-4115 at NVDCVE-2014-0128 at SUSECVE-2014-0128 at NVDCVE-2014-6270 at SUSECVE-2014-6270 at NVDCVE-2014-7141 at SUSECVE-2014-7141 at NVDCVE-2014-7142 at SUSECVE-2014-7142 at NVDCVE-2015-5400 at SUSECVE-2015-5400 at NVDCVE-2016-2390 at SUSECVE-2016-2390 at NVDCVE-2016-2569 at SUSECVE-2016-2569 at NVDCVE-2016-2570 at SUSECVE-2016-2570 at NVDCVE-2016-2571 at SUSECVE-2016-2571 at NVDCVE-2016-2572 at SUSECVE-2016-2572 at NVDCVE-2016-3947 at SUSECVE-2016-3947 at NVDCVE-2016-3948 at SUSECVE-2016-3948 at NVDCVE-2016-4051 at SUSECVE-2016-4051 at NVDCVE-2016-4052 at SUSECVE-2016-4052 at NVDCVE-2016-4053 at SUSECVE-2016-4053 at NVDCVE-2016-4054 at SUSECVE-2016-4054 at NVDCVE-2016-4553 at SUSECVE-2016-4553 at NVDCVE-2016-4554 at SUSECVE-2016-4554 at NVDCVE-2016-4555 at SUSECVE-2016-4555 at NVDCVE-2016-4556 at SUSECVE-2016-4556 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for squid3 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for squid3 fixes the following issues:
- CVE-2016-10002: Fixed incorrect processing of responses to If-None-Modified HTTP conditional requests. This allowed responses containing private data to clients it should not have reached (bsc#1016168)
- CVE-2014-9749: Prevent nonce replay in Digest authentication, preventing the reuse of stale auth tokens (bsc#949942)
ModerateSUSE bug 1016168SUSE bug 949942CVE-2014-9749 at SUSECVE-2014-9749 at NVDCVE-2016-10002 at SUSECVE-2016-10002 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for squid3 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for squid3 fixes the following issues:
Security issues fixed:
- CVE-2018-1000024: DoS fix caused by incorrect pointer handling when processing ESI
responses. This affects the default custom esi_parser (bsc#1077003).
- CVE-2018-1000027: DoS fix caused by incorrect pointer handing whien processing ESI
responses or downloading intermediate CA certificates (bsc#1077006).
ModerateSUSE bug 1077003SUSE bug 1077006CVE-2018-1000024 at SUSECVE-2018-1000024 at NVDCVE-2018-1000027 at SUSECVE-2018-1000027 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for squid3 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for squid3 fixes the following issues:
- CVE-2018-1172: Fixed a DoS caused by incorrect handling of ESI responses. (bsc#1090089, SQUID-2018:3)
ImportantSUSE bug 1090089CVE-2018-1172 at SUSECVE-2018-1172 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for squid3 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for squid3 fixes the following issues:
Security issue fixed:
- CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling (bsc#1113668).
ImportantSUSE bug 1113668CVE-2018-19131 at SUSECVE-2018-19131 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for squid3 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for squid3 fixes the following issues:
- Fixed a Cache Poisoning and Request Smuggling
attack (CVE-2020-15049, bsc#1173455)
- Fixed incorrect buffer handling that can
result in cache poisoning, remote execution, and
denial of service attacks when processing ESI responses
(CVE-2019-12519, CVE-2019-12521, bsc#1169659)
- Fixed handling of hostname in
cachemgr.cgi (CVE-2019-18860, bsc#1167373)
- Fixed a potential remote execution vulnerability
when using HTTP Digest Authentication (CVE-2020-11945, bsc#1170313)
- Fixed a potential ACL bypass, cache-bypass
and cross-site scripting attack when processing invalid HTTP
Request messages (CVE-2019-12520, CVE-2019-12524, bsc#1170423)
- Fixed a potential denial of service when
processing TLS certificates during HTTPS connections
(CVE-2020-14059, bsc#1173304)
- Fixed a potential denial of service associated
with incorrect buffer management of HTTP Basic Authentication
credentials (bsc#1141329, CVE-2019-12529)
- Fixed an incorrect buffer management resulting
in vulnerability to a denial of service during processing of
HTTP Digest Authentication credentials (bsc#1141332, CVE-2019-12525)
- Fix XSS via user_name or auth parameter
in cachemgr.cgi (bsc#1140738, CVE-2019-13345)
- Fixed a potential code execution vulnerability
(CVE-2019-12526, bsc#1156326)
- Fixed HTTP Request Splitting in HTTP
message processing and information disclosure in
HTTP Digest Authentication
(CVE-2019-18678, CVE-2019-18679, bsc#1156323, bsc#1156324)
- Fixed a security issue allowing a remote
client ability to cause use a buffer overflow when squid is
acting as reverse-proxy.
(CVE-2020-8449, CVE-2020-8450, bsc#1162687)
- Fixed a security issue allowing for information
disclosure in FTP gateway (CVE-2019-12528, bsc#1162689)
- Fixed a security issue in ext_lm_group_acl
when processing NTLM Authentication credentials.
(CVE-2020-8517, bsc#1162691)
- Fixed Cross-Site Request Forgery in
HTTP Request processing (CVE-2019-18677, bsc#1156328)
- Disable urn parsing and parsing of
unknown schemes (bsc#1156329, CVE-2019-12523, CVE-2019-18676)
ImportantSUSE bug 1140738SUSE bug 1141329SUSE bug 1141332SUSE bug 1156323SUSE bug 1156324SUSE bug 1156326SUSE bug 1156328SUSE bug 1156329SUSE bug 1162687SUSE bug 1162689SUSE bug 1162691SUSE bug 1167373SUSE bug 1169659SUSE bug 1170313SUSE bug 1170423SUSE bug 1173304SUSE bug 1173455CVE-2019-12519 at SUSECVE-2019-12519 at NVDCVE-2019-12520 at SUSECVE-2019-12520 at NVDCVE-2019-12521 at SUSECVE-2019-12521 at NVDCVE-2019-12523 at SUSECVE-2019-12523 at NVDCVE-2019-12524 at SUSECVE-2019-12524 at NVDCVE-2019-12525 at SUSECVE-2019-12525 at NVDCVE-2019-12526 at SUSECVE-2019-12526 at NVDCVE-2019-12528 at SUSECVE-2019-12528 at NVDCVE-2019-12529 at SUSECVE-2019-12529 at NVDCVE-2019-13345 at SUSECVE-2019-13345 at NVDCVE-2019-18676 at SUSECVE-2019-18676 at NVDCVE-2019-18677 at SUSECVE-2019-18677 at NVDCVE-2019-18678 at SUSECVE-2019-18678 at NVDCVE-2019-18679 at SUSECVE-2019-18679 at NVDCVE-2019-18860 at SUSECVE-2019-18860 at NVDCVE-2020-11945 at SUSECVE-2020-11945 at NVDCVE-2020-14059 at SUSECVE-2020-14059 at NVDCVE-2020-15049 at SUSECVE-2020-15049 at NVDCVE-2020-8449 at SUSECVE-2020-8449 at NVDCVE-2020-8450 at SUSECVE-2020-8450 at NVDCVE-2020-8517 at SUSECVE-2020-8517 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for squid3 (Critical)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for squid3 fixes the following issues:
- CVE-2020-15811: Fixed an HTTP request splitting vulnerability (bsc#1175665).
- CVE-2020-24606: Fixed a DoS vulnerability when processing Cache Digest Responses (bsc#1175671).
- CVE-2020-15810: Fixed an HTTP request smuggling vulnerability (bsc#1175664).
CriticalSUSE bug 1175664SUSE bug 1175665SUSE bug 1175671CVE-2020-15810 at SUSECVE-2020-15810 at NVDCVE-2020-15811 at SUSECVE-2020-15811 at NVDCVE-2020-24606 at SUSECVE-2020-24606 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for squid3 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for squid3 fixes the following issues:
- CVE-2021-28651: Fixed a denial of service issue when processing URN
resource identifiers (bsc#1185921).
- CVE-2020-25097: Fixed an HTTP request smuggling issue (bsc#1183436).
ImportantSUSE bug 1183436SUSE bug 1185921CVE-2020-25097 at SUSECVE-2020-25097 at NVDCVE-2021-28651 at SUSECVE-2021-28651 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for squidGuard (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
squidGuard was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-8936: Reflected cross site scripting vulnerability because of insufficient escaping (bsc#985612).
ModerateSUSE bug 985612CVE-2015-8936 at SUSECVE-2015-8936 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for strongswan (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
strongswan was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-4171: A problem that could enable rogue servers to gain user credentials from a client in certain IKEv2 setups. (bsc#933591)
ModerateSUSE bug 933591CVE-2015-4171 at SUSECVE-2015-4171 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for strongswan (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The strongswan package was updated to fix the following security issue:
- CVE-2015-8023: Fixed an authentication bypass vulnerability in the eap-mschapv2 plugin (bsc#953817).
ModerateSUSE bug 953817CVE-2015-8023 at SUSECVE-2015-8023 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for strongswan (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for strongswan fixes the following issues:
- CVE-2017-9022: Insufficient Input Validation in gmp Plugin leads to Denial of service (bsc#1039514)
- CVE-2017-9023: Incorrect x509 ASN.1 parser error handling could lead to Denial of service (bsc#1039515)
ImportantSUSE bug 1039514SUSE bug 1039515CVE-2017-9022 at SUSECVE-2017-9022 at NVDCVE-2017-9023 at SUSECVE-2017-9023 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for strongswan (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for strongswan fixes the following issues:
- CVE-2017-11185: Specific RSA signatures passed to the gmp plugin for verification can
cause a null-pointer dereference and it may lead to a denial of service (bsc#1051222)
ModerateSUSE bug 1051222CVE-2017-11185 at SUSECVE-2017-11185 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for strongswan (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for strongswan fixes the following issues:
- CVE-2021-41991: Fixed an integer overflow when replacing certificates in cache. (bsc#1191435)
ImportantSUSE bug 1191435CVE-2021-41991 at SUSECVE-2021-41991 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for strongswan (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for strongswan fixes the following issues:
- CVE-2018-16151: Fixed flaws in gmp plugin that could lead to authorization bypass. (bsc#1107874)
- CVE-2018-16152: Fixed flaws in gmp plugin that could lead to authorization bypass. (bsc#1107874)
- CVE-2018-17540: Fixed insufficient input validation in gmp plugin. (bsc#1109845)
- CVE-2021-45079: Fixed authentication bypass in EAP authentication. (bsc#1194471)
ImportantSUSE bug 1107874SUSE bug 1109845SUSE bug 1194471CVE-2018-16151 at SUSECVE-2018-16151 at NVDCVE-2018-16152 at SUSECVE-2018-16152 at NVDCVE-2018-17540 at SUSECVE-2018-17540 at NVDCVE-2021-45079 at SUSECVE-2021-45079 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for sudo (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for sudo fixes the following issues:
- Fix two security vulnerabilities that allowed users to bypass
sudo's NOEXEC functionality:
* noexec bypass via system() and popen() [CVE-2016-7032, bsc#1007766]
* noexec bypass via wordexp() [CVE-2016-7076, bsc#1007501]
- The SSSD plugin would occasionally crash sudo with an 'internal error'.
This issue has been fixed. [bsc#948973]
- The SSSD plugin would occasionally apply @netgroups rules from LDAP to all
users rather than the @netgroup. This issue is now fixed. [bsc#966755]
- When the SSSD plugin was used and a local user ran sudo, an e-mail used to be
sent to administrator because SSSD did not support sudo rules for local
users. This message did not signify an error, however, it was only noise.
[bsc#1008043]
ModerateSUSE bug 1007501SUSE bug 1007766SUSE bug 1008043SUSE bug 948973SUSE bug 966755CVE-2016-7032 at SUSECVE-2016-7032 at NVDCVE-2016-7076 at SUSECVE-2016-7076 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for sudo (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for sudo fixes the following issues:
- CVE-2019-14287: Fixed an issue where a user with sudo privileges that allowed them to run commands with an arbitrary uid, could run commands as root, despite being forbidden to do so in sudoers (bsc#1153674).
ImportantSUSE bug 1153674CVE-2019-14287 at SUSECVE-2019-14287 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for supportutils (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
supportutils was updated to fix one security issue.
This security issue was fixed:
- CVE-2016-1602: Code injection and privilege escalation via unescaped filenames (bsc#980670).
ModerateSUSE bug 980670CVE-2016-1602 at SUSECVE-2016-1602 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for supportutils (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for supportutils fixes the following issues:
Security vulnerabilities fixed:
- CVE-2018-19636: Local root exploit via inclusion of attacker controlled shell script (bsc#1117751)
- CVE-2018-19640: Users can kill arbitrary processes (bsc#1118463)
- CVE-2018-19638: User can overwrite arbitrary log files in support tar (bsc#1118460)
- CVE-2018-19639: Code execution if run with -v (bsc#1118462)
ModerateSUSE bug 1117751SUSE bug 1118460SUSE bug 1118462SUSE bug 1118463CVE-2018-19636 at SUSECVE-2018-19636 at NVDCVE-2018-19638 at SUSECVE-2018-19638 at NVDCVE-2018-19639 at SUSECVE-2018-19639 at NVDCVE-2018-19640 at SUSECVE-2018-19640 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for syslog-ng (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for syslog-ng fixes the following issues:
- CVE-2020-8019: Fixed a local privilege escalation during package update (bsc#1169385).
ModerateSUSE bug 1169385CVE-2020-8019 at SUSECVE-2020-8019 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for tar (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tar fixes the following issues:
- Fix the POINTYFEATHER vulnerability - GNU tar archiver can be tricked
into extracting files and directories in the given destination, regardless
of the path name(s) specified on the command line [bsc#1007188]
[CVE-2016-6321]
ModerateSUSE bug 1007188CVE-2016-6321 at SUSECVE-2016-6321 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tar (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for tar to version 1.27.1 fixes the following issues:
tar 1.27.1 brings following changes (jsc#ECO-339)
* Sparse files with large data
* No backticks in quoting
* --owner and --group names and numbers
* Support for POSIX ACLs, extended attributes and SELinux context.
* Passing command line arguments to external commands.
* New configure option --enable-gcc-warnings, intended for debugging.
* New warning control option --warning=[no-]record-size
* New command line option --keep-directory-symlink
* Fix unquoting of file names obtained via the -T option.
* Fix GNU long link header timestamp (backward compatibility).
Security issues fixed:
- CVE-2019-9923: Fixed a denial of service while parsing certain archives with malformed extended headers in pax_decode_header() (bsc#1130496).
- CVE-2018-20482: Fixed a denial of service when the '--sparse' option mishandles file shrinkage during read access (bsc#1120610).
ModerateSUSE bug 1120610SUSE bug 1130496SUSE bug 1152736CVE-2018-20482 at SUSECVE-2018-20482 at NVDCVE-2019-9923 at SUSECVE-2019-9923 at NVDcpe:/o:suse:suse_sles:11:sp4Recommended update for tboot (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tboot provides the following fix:
Security issue fixed:
- CVE-2014-5118: tboot: bypass of measured boot (bsc#889339)
Bug fixes:
- Fixed failed trusted boot on some systems like Intel Xeon 'Purley 8s' processors. The
following error message showed: 'TBOOT: wait-for-sipi loop timed-out'. Booting continued
but 'TXT measured launch' was wrongly reported as FALSE. (bsc#1057555)
ModerateSUSE bug 1057555SUSE bug 889339CVE-2014-5118 at SUSECVE-2014-5118 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tcpdump (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tcpdump fixes the following issues:
Security issues fixed (bsc#1020940):
- CVE-2016-7922: Corrected buffer overflow in AH parser print-ah.c:ah_print().
- CVE-2016-7923: Corrected buffer overflow in ARP parser print-arp.c:arp_print().
- CVE-2016-7925: Corrected buffer overflow in compressed SLIP parser print-sl.c:sl_if_print().
- CVE-2016-7926: Corrected buffer overflow in the Ethernet parser print-ether.c:ethertype_print().
- CVE-2016-7927: Corrected buffer overflow in the IEEE 802.11 parser print-802_11.c:ieee802_11_radio_print().
- CVE-2016-7928: Corrected buffer overflow in the IPComp parser print-ipcomp.c:ipcomp_print().
- CVE-2016-7931: Corrected buffer overflow in the MPLS parser print-mpls.c:mpls_print().
- CVE-2016-7936: Corrected buffer overflow in the UDP parser print-udp.c:udp_print().
- CVE-2016-7934,CVE-2016-7935,CVE-2016-7937: Corrected segmentation faults in function udp_print().
- CVE-2016-7939: Corrected buffer overflows in GRE parser print-gre.c:(multiple functions).
- CVE-2016-7940: Corrected buffer overflows in STP parser print-stp.c:(multiple functions).
- CVE-2016-7973: Corrected buffer overflow in AppleTalk parser print-atalk.c.
- CVE-2016-7974: Corrected buffer overflow in IP parser print-ip.c:(multiple functions).
- CVE-2016-7975: Corrected buffer overflow in TCP parser print-tcp.c:tcp_print().
- CVE-2016-7983,CVE-2016-7984: Corrected buffer overflow in TFTP parser print-tftp.c:tftp_print().
- CVE-2016-7992: Corrected buffer overflow in Classical IP over ATM parser print-cip.c.
- CVE-2016-7993: Corrected buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, etc.).
- CVE-2016-8574: Corrected buffer overflow in FRF.15 parser print-fr.c:frf15_print().
- CVE-2017-5202: Corrected buffer overflow in ISO CLNS parser print-isoclns.c:clnp_print().
- CVE-2017-5203: Corrected buffer overflow in BOOTP parser print-bootp.c:bootp_print().
- CVE-2017-5204: Corrected buffer overflow in IPv6 parser print-ip6.c:ip6_print().
- CVE-2017-5483: Corrected buffer overflow in SNMP parser print-snmp.c:asn1_parse().
- CVE-2017-5484: Corrected buffer overflow in ATM parser print-atm.c:sig_print().
- CVE-2017-5485: Corrected buffer overflow in ISO CLNS parser addrtoname.c:lookup_nsap().
- CVE-2017-5486: Corrected buffer overflow in ISO CLNS parser print-isoclns.c:clnp_print().
ModerateSUSE bug 1020940CVE-2016-7922 at SUSECVE-2016-7922 at NVDCVE-2016-7923 at SUSECVE-2016-7923 at NVDCVE-2016-7925 at SUSECVE-2016-7925 at NVDCVE-2016-7926 at SUSECVE-2016-7926 at NVDCVE-2016-7927 at SUSECVE-2016-7927 at NVDCVE-2016-7928 at SUSECVE-2016-7928 at NVDCVE-2016-7931 at SUSECVE-2016-7931 at NVDCVE-2016-7934 at SUSECVE-2016-7934 at NVDCVE-2016-7935 at SUSECVE-2016-7935 at NVDCVE-2016-7936 at SUSECVE-2016-7936 at NVDCVE-2016-7937 at SUSECVE-2016-7937 at NVDCVE-2016-7939 at SUSECVE-2016-7939 at NVDCVE-2016-7940 at SUSECVE-2016-7940 at NVDCVE-2016-7973 at SUSECVE-2016-7973 at NVDCVE-2016-7974 at SUSECVE-2016-7974 at NVDCVE-2016-7975 at SUSECVE-2016-7975 at NVDCVE-2016-7983 at SUSECVE-2016-7983 at NVDCVE-2016-7984 at SUSECVE-2016-7984 at NVDCVE-2016-7992 at SUSECVE-2016-7992 at NVDCVE-2016-7993 at SUSECVE-2016-7993 at NVDCVE-2016-8574 at SUSECVE-2016-8574 at NVDCVE-2017-5202 at SUSECVE-2017-5202 at NVDCVE-2017-5203 at SUSECVE-2017-5203 at NVDCVE-2017-5204 at SUSECVE-2017-5204 at NVDCVE-2017-5483 at SUSECVE-2017-5483 at NVDCVE-2017-5484 at SUSECVE-2017-5484 at NVDCVE-2017-5485 at SUSECVE-2017-5485 at NVDCVE-2017-5486 at SUSECVE-2017-5486 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tcpdump (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tcpdump fixes the following issues:
Security issues fixed:
- CVE-2017-11108: Crafted input allowed remote DoS (bsc#1047873)
- CVE-2017-11541: Prevent a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c (bsc#1057247).
- CVE-2017-11542: Prevent a heap-based buffer over-read in the pimv1_print function in print-pim.c (bsc#1057247).
- CVE-2017-11543: Prevent a buffer overflow in the sliplink_print function in print-sl.c (bsc#1057247).
- CVE-2017-13011: Several protocol parsers in tcpdump could have caused a buffer overflow in util-print.c:bittok2str_internal() (bsc#1057247).
ModerateSUSE bug 1047873SUSE bug 1057247CVE-2017-11108 at SUSECVE-2017-11108 at NVDCVE-2017-11541 at SUSECVE-2017-11541 at NVDCVE-2017-11542 at SUSECVE-2017-11542 at NVDCVE-2017-11543 at SUSECVE-2017-11543 at NVDCVE-2017-13011 at SUSECVE-2017-13011 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Recommended update for tcpdump (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tcpdump provides the following fix:
- The original fix for CVE-2016-7975 was using a variable before declaring it. Fix this
by moving the declaration before any usage. (bsc#1094241, CVE-2016-7975)
ModerateSUSE bug 1094241CVE-2016-7975 at SUSECVE-2016-7975 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tcpdump (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for tcpdump fixes the following issues:
Security issues fixed:
- CVE-2017-12995: Fixed an infinite loop in the DNS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12893: Fixed a buffer over-read in the SMB/CIFS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12894: Fixed a buffer over-read in several protocol parsers that allowed remote DoS (bsc#1057247).
- CVE-2017-12896: Fixed a buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12897: Fixed a buffer over-read in the ISO CLNS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12898: Fixed a buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12899: Fixed a buffer over-read in the DECnet parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12900: Fixed a buffer over-read in the in several protocol parsers that allowed remote DoS (bsc#1057247).
- CVE-2017-12901: Fixed a buffer over-read in the EIGRP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12902: Fixed a buffer over-read in the Zephyr parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12985: Fixed a buffer over-read in the IPv6 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12986: Fixed a buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12987: Fixed a buffer over-read in the 802.11 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12988: Fixed a buffer over-read in the telnet parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12991: Fixed a buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12992: Fixed a buffer over-read in the RIPng parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12993: Fixed a buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12996: Fixed a buffer over-read in the PIMv2 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12998: Fixed a buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12999: Fixed a buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13001: Fixed a buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13002: Fixed a buffer over-read in the AODV parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13003: Fixed a buffer over-read in the LMP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13004: Fixed a buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13005: Fixed a buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13006: Fixed a buffer over-read in the L2TP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13008: Fixed a buffer over-read in the IEEE 802.11 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13009: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13010: Fixed a buffer over-read in the BEEP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13012: Fixed a buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13013: Fixed a buffer over-read in the ARP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13014: Fixed a buffer over-read in the White Board protocol parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13016: Fixed a buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13017: Fixed a buffer over-read in the DHCPv6 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13018: Fixed a buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13019: Fixed a buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13021: Fixed a buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13022: Fixed a buffer over-read in the IP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13023: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13024: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13025: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13027: Fixed a buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13028: Fixed a buffer over-read in the BOOTP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13029: Fixed a buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13030: Fixed a buffer over-read in the PIM parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13031: Fixed a buffer over-read in the IPv6 fragmentation header parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13032: Fixed a buffer over-read in the RADIUS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13034: Fixed a buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13035: Fixed a buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13036: Fixed a buffer over-read in the OSPFv3 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13037: Fixed a buffer over-read in the IP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13038: Fixed a buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13041: Fixed a buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13047: Fixed a buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13048: Fixed a buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13049: Fixed a buffer over-read in the Rx protocol parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13051: Fixed a buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13053: Fixed a buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13055: Fixed a buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13687: Fixed a buffer over-read in the Cisco HDLC parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13688: Fixed a buffer over-read in the OLSR parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13689: Fixed a buffer over-read in the IKEv1 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13725: Fixed a buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247).
- CVE-2018-10103: Fixed a mishandling of the printing of SMB data (bsc#1153098).
- CVE-2018-10105: Fixed a mishandling of the printing of SMB data (bsc#1153098).
- CVE-2018-14461: Fixed a buffer over-read in print-ldp.c:ldp_tlv_print (bsc#1153098).
- CVE-2018-14462: Fixed a buffer over-read in print-icmp.c:icmp_print (bsc#1153098).
- CVE-2018-14463: Fixed a buffer over-read in print-vrrp.c:vrrp_print (bsc#1153098).
- CVE-2018-14464: Fixed a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).
- CVE-2018-14465: Fixed a buffer over-read in print-rsvp.c:rsvp_obj_print (bsc#1153098).
- CVE-2018-14466: Fixed a buffer over-read in print-rx.c:rx_cache_find (bsc#1153098).
- CVE-2018-14467: Fixed a buffer over-read in print-bgp.c:bgp_capabilities_print (bsc#1153098).
- CVE-2018-14468: Fixed a buffer over-read in print-fr.c:mfr_print (bsc#1153098).
- CVE-2018-14469: Fixed a buffer over-read in print-isakmp.c:ikev1_n_print (bsc#1153098).
- CVE-2018-14881: Fixed a buffer over-read in the BGP parser (bsc#1153098).
- CVE-2018-14882: Fixed a buffer over-read in the ICMPv6 parser (bsc#1153098).
- CVE-2018-16229: Fixed a buffer over-read in the DCCP parser (bsc#1153098).
- CVE-2018-16230: Fixed a buffer over-read in the BGP parser in print-bgp.c:bgp_attr_print (bsc#1153098).
- CVE-2018-16300: Fixed an unlimited recursion in the BGP parser that allowed denial-of-service by stack consumption (bsc#1153098).
- CVE-2018-16301: Fixed a buffer overflow (bsc#1153332 bsc#1153098).
- CVE-2018-16451: Fixed several buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN (bsc#1153098).
- CVE-2018-16452: Fixed a stack exhaustion in smbutil.c:smb_fdata (bsc#1153098).
- CVE-2019-15166: Fixed a bounds check in lmp_print_data_link_subobjs (bsc#1153098).
ImportantSUSE bug 1057247SUSE bug 1153098SUSE bug 1153332CVE-2017-12893 at SUSECVE-2017-12893 at NVDCVE-2017-12894 at SUSECVE-2017-12894 at NVDCVE-2017-12896 at SUSECVE-2017-12896 at NVDCVE-2017-12897 at SUSECVE-2017-12897 at NVDCVE-2017-12898 at SUSECVE-2017-12898 at NVDCVE-2017-12899 at SUSECVE-2017-12899 at NVDCVE-2017-12900 at SUSECVE-2017-12900 at NVDCVE-2017-12901 at SUSECVE-2017-12901 at NVDCVE-2017-12902 at SUSECVE-2017-12902 at NVDCVE-2017-12985 at SUSECVE-2017-12985 at NVDCVE-2017-12986 at SUSECVE-2017-12986 at NVDCVE-2017-12987 at SUSECVE-2017-12987 at NVDCVE-2017-12988 at SUSECVE-2017-12988 at NVDCVE-2017-12991 at SUSECVE-2017-12991 at NVDCVE-2017-12992 at SUSECVE-2017-12992 at NVDCVE-2017-12993 at SUSECVE-2017-12993 at NVDCVE-2017-12995 at SUSECVE-2017-12995 at NVDCVE-2017-12996 at SUSECVE-2017-12996 at NVDCVE-2017-12998 at SUSECVE-2017-12998 at NVDCVE-2017-12999 at SUSECVE-2017-12999 at NVDCVE-2017-13001 at SUSECVE-2017-13001 at NVDCVE-2017-13002 at SUSECVE-2017-13002 at NVDCVE-2017-13003 at SUSECVE-2017-13003 at NVDCVE-2017-13004 at SUSECVE-2017-13004 at NVDCVE-2017-13005 at SUSECVE-2017-13005 at NVDCVE-2017-13006 at SUSECVE-2017-13006 at NVDCVE-2017-13008 at SUSECVE-2017-13008 at NVDCVE-2017-13009 at SUSECVE-2017-13009 at NVDCVE-2017-13010 at SUSECVE-2017-13010 at NVDCVE-2017-13012 at SUSECVE-2017-13012 at NVDCVE-2017-13013 at SUSECVE-2017-13013 at NVDCVE-2017-13014 at SUSECVE-2017-13014 at NVDCVE-2017-13016 at SUSECVE-2017-13016 at NVDCVE-2017-13017 at SUSECVE-2017-13017 at NVDCVE-2017-13018 at SUSECVE-2017-13018 at NVDCVE-2017-13019 at SUSECVE-2017-13019 at NVDCVE-2017-13021 at SUSECVE-2017-13021 at NVDCVE-2017-13022 at SUSECVE-2017-13022 at NVDCVE-2017-13023 at SUSECVE-2017-13023 at NVDCVE-2017-13024 at SUSECVE-2017-13024 at NVDCVE-2017-13025 at SUSECVE-2017-13025 at NVDCVE-2017-13027 at SUSECVE-2017-13027 at NVDCVE-2017-13028 at SUSECVE-2017-13028 at NVDCVE-2017-13029 at SUSECVE-2017-13029 at NVDCVE-2017-13030 at SUSECVE-2017-13030 at NVDCVE-2017-13031 at SUSECVE-2017-13031 at NVDCVE-2017-13032 at SUSECVE-2017-13032 at NVDCVE-2017-13034 at SUSECVE-2017-13034 at NVDCVE-2017-13035 at SUSECVE-2017-13035 at NVDCVE-2017-13036 at SUSECVE-2017-13036 at NVDCVE-2017-13037 at SUSECVE-2017-13037 at NVDCVE-2017-13038 at SUSECVE-2017-13038 at NVDCVE-2017-13041 at SUSECVE-2017-13041 at NVDCVE-2017-13047 at SUSECVE-2017-13047 at NVDCVE-2017-13048 at SUSECVE-2017-13048 at NVDCVE-2017-13049 at SUSECVE-2017-13049 at NVDCVE-2017-13051 at SUSECVE-2017-13051 at NVDCVE-2017-13053 at SUSECVE-2017-13053 at NVDCVE-2017-13055 at SUSECVE-2017-13055 at NVDCVE-2017-13687 at SUSECVE-2017-13687 at NVDCVE-2017-13688 at SUSECVE-2017-13688 at NVDCVE-2017-13689 at SUSECVE-2017-13689 at NVDCVE-2017-13725 at SUSECVE-2017-13725 at NVDCVE-2018-10103 at SUSECVE-2018-10103 at NVDCVE-2018-10105 at SUSECVE-2018-10105 at NVDCVE-2018-14461 at SUSECVE-2018-14461 at NVDCVE-2018-14462 at SUSECVE-2018-14462 at NVDCVE-2018-14463 at SUSECVE-2018-14463 at NVDCVE-2018-14464 at SUSECVE-2018-14464 at NVDCVE-2018-14465 at SUSECVE-2018-14465 at NVDCVE-2018-14466 at SUSECVE-2018-14466 at NVDCVE-2018-14467 at SUSECVE-2018-14467 at NVDCVE-2018-14468 at SUSECVE-2018-14468 at NVDCVE-2018-14469 at SUSECVE-2018-14469 at NVDCVE-2018-14881 at SUSECVE-2018-14881 at NVDCVE-2018-14882 at SUSECVE-2018-14882 at NVDCVE-2018-16229 at SUSECVE-2018-16229 at NVDCVE-2018-16230 at SUSECVE-2018-16230 at NVDCVE-2018-16300 at SUSECVE-2018-16300 at NVDCVE-2018-16301 at SUSECVE-2018-16301 at NVDCVE-2018-16451 at SUSECVE-2018-16451 at NVDCVE-2018-16452 at SUSECVE-2018-16452 at NVDCVE-2019-15166 at SUSECVE-2019-15166 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for tcpdump (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for tcpdump fixes the following issues:
- CVE-2018-16301: Fixed segfault when handling large files (bsc#1195825).
ModerateSUSE bug 1195825CVE-2018-16301 at SUSECVE-2018-16301 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
tiff was updated to fix six security issues found by fuzzing initiatives.
These security issues were fixed:
- CVE-2014-8127: Out-of-bounds write (bnc#914890).
- CVE-2014-8128: Out-of-bounds write (bnc#914890).
- CVE-2014-8129: Out-of-bounds write (bnc#914890).
- CVE-2014-8130: Out-of-bounds write (bnc#914890).
- CVE-2014-9655: Access of uninitialized memory (bnc#916927).
ModerateSUSE bug 914890SUSE bug 916927CVE-2014-8127 at SUSECVE-2014-8127 at NVDCVE-2014-8128 at SUSECVE-2014-8128 at NVDCVE-2014-8129 at SUSECVE-2014-8129 at NVDCVE-2014-8130 at SUSECVE-2014-8130 at NVDCVE-2014-9655 at SUSECVE-2014-9655 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tiff fixes the following issues:
- CVE-2015-8781, CVE-2015-8782, CVE-2015-8783: Out-of-bounds writes for invalid images (bsc#964225)
- CVE-2015-7554: Out-of-bounds Write in the thumbnail and tiffcmp tools (bsc#960341)
ModerateSUSE bug 960341SUSE bug 964225CVE-2015-7554 at SUSECVE-2015-7554 at NVDCVE-2015-8781 at SUSECVE-2015-8781 at NVDCVE-2015-8782 at SUSECVE-2015-8782 at NVDCVE-2015-8783 at SUSECVE-2015-8783 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tiff fixes the following issues:
- CVE-2016-3622: Specially crafted TIFF images could trigger a crash in tiff2rgba (bsc#974449)
- Various out-of-bound write vulnerabilities with unspecified impact (MSVR 35093, MSVR 35094, MSVR 35095, MSVR 35096, MSVR 35097, MSVR 35098)
- CVE-2016-5314: Specially crafted TIFF images could trigger a crash that could result in DoS (bsc#984831)
- CVE-2016-5316: Specially crafted TIFF images could trigger a crash in the rgb2ycbcr tool, leading to Doa (bsc#984837)
- CVE-2016-5317: Specially crafted TIFF images could trigger a crash through an out of bound write (bsc#984842)
- CVE-2016-5320: Specially crafted TIFF images could trigger a crash or potentially allow remote code execution when using the rgb2ycbcr command (bsc#984808)
- CVE-2016-5875: Specially crafted TIFF images could trigger could allow arbitrary code execution (bsc#987351)
- CVE-2016-3623: Specially crafted TIFF images could trigger a crash in rgb2ycbcr (bsc#974618)
- CVE-2016-3945: Specially crafted TIFF images could trigger a crash or allow for arbitrary command execution via tiff2rgba (bsc#974614)
- CVE-2016-3990: Specially crafted TIFF images could trigger a crash or allow for arbitrary command execution (bsc#975069)
- CVE-2016-3186: Specially crafted TIFF imaged could trigger a crash in the gif2tiff command via a buffer overflow (bsc#973340)
ModerateSUSE bug 973340SUSE bug 974449SUSE bug 974614SUSE bug 974618SUSE bug 975069SUSE bug 984808SUSE bug 984831SUSE bug 984837SUSE bug 984842SUSE bug 987351CVE-2016-3186 at SUSECVE-2016-3186 at NVDCVE-2016-3622 at SUSECVE-2016-3622 at NVDCVE-2016-3623 at SUSECVE-2016-3623 at NVDCVE-2016-3945 at SUSECVE-2016-3945 at NVDCVE-2016-3990 at SUSECVE-2016-3990 at NVDCVE-2016-5314 at SUSECVE-2016-5314 at NVDCVE-2016-5316 at SUSECVE-2016-5316 at NVDCVE-2016-5317 at SUSECVE-2016-5317 at NVDCVE-2016-5320 at SUSECVE-2016-5320 at NVDCVE-2016-5875 at SUSECVE-2016-5875 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tiff fixes the following issues:
- CVE-2016-9453: The t2p_readwrite_pdf_image_tile function allowed remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one (bsc#1011107).
- CVE-2016-5652: An exploitable heap-based buffer overflow existed in the handling of TIFF images in the TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means (bsc#1007280).
- CVE-2017-11335: There is a heap based buffer overflow in tools/tiff2pdf.c via a PlanarConfig=Contig image, which caused a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). A crafted input may lead to a remote denial of service attack or an arbitrary code execution attack (bsc#1048937).
- CVE-2016-9536: tools/tiff2pdf.c had an out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). Reported as MSVR 35098, aka 't2p_process_jpeg_strip heap-buffer-overflow.' (bsc#1011845)
- CVE-2017-9935: In LibTIFF, there was a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_free, memory corruption in t2p_readwrite_pdf_image, or a double free in t2p_free. Given these possibilities, it probably could cause arbitrary code execution (bsc#1046077).
- CVE-2017-17973: There is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. (bsc#1074318)
- CVE-2015-7554: The _TIFFVGetField function in tif_dir.c allowed attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image (bsc#960341).
- CVE-2016-5318: Stack-based buffer overflow in the _TIFFVGetField function allowed remote attackers to crash the application via a crafted tiff (bsc#983436).
- CVE-2016-10095: Stack-based buffer overflow in the _TIFFVGetField function in tif_dir.c allowed remote attackers to cause a denial of service (crash) via a crafted TIFF file (bsc#1017690,).
- CVE-2016-10268: tools/tiffcp.c allowed remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to 'READ of size 78490' and libtiff/tif_unix.c:115:23 (bsc#1031255)
- An overlapping of memcpy parameters was fixed which could lead to content corruption (bsc#1017691).
- Fixed an invalid memory read which could lead to a crash (bsc#1017692).
- Fixed a NULL pointer dereference in TIFFReadRawData (tiffinfo.c) that could crash the decoder (bsc#1017688).
ModerateSUSE bug 1007280SUSE bug 1011107SUSE bug 1011845SUSE bug 1017688SUSE bug 1017690SUSE bug 1017691SUSE bug 1017692SUSE bug 1031255SUSE bug 1046077SUSE bug 1048937SUSE bug 1074318SUSE bug 960341SUSE bug 983436CVE-2015-7554 at SUSECVE-2015-7554 at NVDCVE-2016-10095 at SUSECVE-2016-10095 at NVDCVE-2016-10268 at SUSECVE-2016-10268 at NVDCVE-2016-3945 at SUSECVE-2016-3945 at NVDCVE-2016-5318 at SUSECVE-2016-5318 at NVDCVE-2016-5652 at SUSECVE-2016-5652 at NVDCVE-2016-9453 at SUSECVE-2016-9453 at NVDCVE-2016-9536 at SUSECVE-2016-9536 at NVDCVE-2017-11335 at SUSECVE-2017-11335 at NVDCVE-2017-17973 at SUSECVE-2017-17973 at NVDCVE-2017-9935 at SUSECVE-2017-9935 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tiff fixes the following issues:
Security issues fixed:
- CVE-2016-5315: The setByteArray function in tif_dir.c allowed remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. (bsc#984809)
- CVE-2016-10267: LibTIFF allowed remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8. (bsc#1017694)
- CVE-2016-10269: LibTIFF allowed remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to 'READ of size 512' and libtiff/tif_unix.c:340:2. (bsc#1031254)
- CVE-2016-10270: LibTIFF allowed remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to 'READ of size 8' and libtiff/tif_read.c:523:22. (bsc#1031250)
- CVE-2017-18013: In LibTIFF, there was a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. (bsc#1074317)
- CVE-2017-7593: tif_read.c did not ensure that tif_rawdata is properly initialized, which might have allowed remote attackers to obtain sensitive information from process memory via a crafted image. (bsc#1033129)
- CVE-2017-7595: The JPEGSetupEncode function in tiff_jpeg.c allowed remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. (bsc#1033127)
- CVE-2017-7596: LibTIFF had an 'outside the range of representable values of type float' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033126)
- CVE-2017-7597: tif_dirread.c had an 'outside the range of representable values of type float' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033120)
- CVE-2017-7599: LibTIFF had an 'outside the range of representable values of type short' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033113)
- CVE-2017-7600: LibTIFF had an 'outside the range of representable values of type unsigned char' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033112)
- CVE-2017-7601: LibTIFF had a 'shift exponent too large for 64-bit type long' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033111)
- CVE-2017-7602: LibTIFF had a signed integer overflow, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033109)
- Multiple divide by zero issues
- CVE-2016-5314: Buffer overflow in the PixarLogDecode function in tif_pixarlog.c allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr. (bsc#987351 bsc#984808 bsc#984831)
ModerateSUSE bug 1017694SUSE bug 1031250SUSE bug 1031254SUSE bug 1033109SUSE bug 1033111SUSE bug 1033112SUSE bug 1033113SUSE bug 1033120SUSE bug 1033126SUSE bug 1033127SUSE bug 1033129SUSE bug 1074317SUSE bug 984808SUSE bug 984809SUSE bug 984831SUSE bug 987351CVE-2016-10267 at SUSECVE-2016-10267 at NVDCVE-2016-10269 at SUSECVE-2016-10269 at NVDCVE-2016-10270 at SUSECVE-2016-10270 at NVDCVE-2016-5314 at SUSECVE-2016-5314 at NVDCVE-2016-5315 at SUSECVE-2016-5315 at NVDCVE-2017-18013 at SUSECVE-2017-18013 at NVDCVE-2017-7593 at SUSECVE-2017-7593 at NVDCVE-2017-7595 at SUSECVE-2017-7595 at NVDCVE-2017-7596 at SUSECVE-2017-7596 at NVDCVE-2017-7597 at SUSECVE-2017-7597 at NVDCVE-2017-7599 at SUSECVE-2017-7599 at NVDCVE-2017-7600 at SUSECVE-2017-7600 at NVDCVE-2017-7601 at SUSECVE-2017-7601 at NVDCVE-2017-7602 at SUSECVE-2017-7602 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tiff fixes the following security issues:
- CVE-2017-5225: Prevent heap buffer overflow in the tools/tiffcp that could
have caused DoS or code execution via a crafted BitsPerSample value
(bsc#1019611)
- CVE-2018-7456: Prevent a NULL Pointer dereference in the function
TIFFPrintDirectory when using the tiffinfo tool to print crafted TIFF
information, a different vulnerability than CVE-2017-18013 (bsc#1082825)
- CVE-2017-11613: Prevent denial of service in the TIFFOpen function. During
the TIFFOpen process, td_imagelength is not checked. The value of
td_imagelength can be directly controlled by an input file. In the
ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called
based on td_imagelength. If the value of td_imagelength is set close to the
amount of system memory, it will hang the system or trigger the OOM killer
(bsc#1082332)
- CVE-2016-10266: Prevent remote attackers to cause a denial of service
(divide-by-zero error and application crash) via a crafted TIFF image, related
to libtiff/tif_read.c:351:22 (bsc#1031263)
- CVE-2018-8905: Prevent heap-based buffer overflow in the function
LZWDecodeCompat via a crafted TIFF file (bsc#1086408)
- CVE-2016-9540: Prevent out-of-bounds write on tiled images with odd tile
width versus image width (bsc#1011839).
- CVE-2016-9535: tif_predict.h and tif_predict.c had assertions that could have
lead to assertion failures in debug mode, or buffer overflows in release mode,
when dealing with unusual tile size like YCbCr with subsampling (bsc#1011846).
- CVE-2016-9535: tif_predict.h and tif_predict.c had assertions that could have
lead to assertion failures in debug mode, or buffer overflows in release mode,
when dealing with unusual tile size like YCbCr with subsampling (bsc#1011846).
- Removed assert in readSeparateTilesIntoBuffer() function (bsc#1017689).
- CVE-2016-10095: Prevent stack-based buffer overflow in the _TIFFVGetField
function that allowed remote attackers to cause a denial of service (crash) via
a crafted TIFF file (bsc#1017690).
- CVE-2016-8331: Prevent remote code execution because of incorrect handling of
TIFF images. A crafted TIFF document could have lead to a type confusion
vulnerability resulting in remote code execution. This vulnerability could have
been be triggered via a TIFF file delivered to the application using LibTIFF's
tag extension functionality (bsc#1007276).
- CVE-2016-3632: The _TIFFVGetField function allowed remote attackers to cause
a denial of service (out-of-bounds write) or execute arbitrary code via a
crafted TIFF image (bsc#974621).
ModerateSUSE bug 1007276SUSE bug 1011839SUSE bug 1011846SUSE bug 1017689SUSE bug 1017690SUSE bug 1019611SUSE bug 1031263SUSE bug 1082332SUSE bug 1082825SUSE bug 1086408SUSE bug 974621CVE-2014-8128 at SUSECVE-2014-8128 at NVDCVE-2015-7554 at SUSECVE-2015-7554 at NVDCVE-2016-10095 at SUSECVE-2016-10095 at NVDCVE-2016-10266 at SUSECVE-2016-10266 at NVDCVE-2016-3632 at SUSECVE-2016-3632 at NVDCVE-2016-5318 at SUSECVE-2016-5318 at NVDCVE-2016-8331 at SUSECVE-2016-8331 at NVDCVE-2016-9535 at SUSECVE-2016-9535 at NVDCVE-2016-9540 at SUSECVE-2016-9540 at NVDCVE-2017-11613 at SUSECVE-2017-11613 at NVDCVE-2017-5225 at SUSECVE-2017-5225 at NVDCVE-2018-7456 at SUSECVE-2018-7456 at NVDCVE-2018-8905 at SUSECVE-2018-8905 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tiff fixes the following issues:
The following security vulnerabilities were addressed:
- CVE-2015-8668: Fixed a heap-based buffer overflow in the PackBitsPreEncode
function in tif_packbits.c in bmp2tiff, which allowed remote attackers to
execute arbitrary code or cause a denial of service via a large width field
in a specially crafted BMP image. (bsc#960589)
- CVE-2018-10779: Fixed a heap-based buffer over-read in TIFFWriteScanline() in
tif_write.c (bsc#1092480)
- CVE-2017-17942: Fixed a heap-based buffer overflow in the function
PackBitsEncode in tif_packbits.c. (bsc#1074186)
- CVE-2016-5319: Fixed a beap-based buffer overflow in bmp2tiff (bsc#983440)
ModerateSUSE bug 1074186SUSE bug 1092480SUSE bug 960589SUSE bug 983440CVE-2015-8668 at SUSECVE-2015-8668 at NVDCVE-2016-5319 at SUSECVE-2016-5319 at NVDCVE-2017-17942 at SUSECVE-2017-17942 at NVDCVE-2018-10779 at SUSECVE-2018-10779 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tiff fixes the following issues:
- CVE-2018-17100: There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file. (bsc#1108637)
- CVE-2018-17101: There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. (bsc#1108627)
- CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935. (bsc#1110358)
- CVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209. (bsc#1106853)
ModerateSUSE bug 1106853SUSE bug 1108627SUSE bug 1108637SUSE bug 1110358CVE-2017-11613 at SUSECVE-2017-11613 at NVDCVE-2017-9935 at SUSECVE-2017-9935 at NVDCVE-2018-16335 at SUSECVE-2018-16335 at NVDCVE-2018-17100 at SUSECVE-2018-17100 at NVDCVE-2018-17101 at SUSECVE-2018-17101 at NVDCVE-2018-17795 at SUSECVE-2018-17795 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tiff fixes the following issues:
Security issues fixed:
- CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tif_lzw.c (bsc#1113672).
- CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf (bsc#1099257).
- CVE-2017-9147: Fixed invalid read in the _TIFFVGetField function in tif_dir.c, that allowed remote attackers to cause a DoS via acrafted TIFF file (bsc#1040322).
- CVE-2017-9117: Fixed BMP images processing that was verified without biWidth and biHeight values (bsc#1040080).
- CVE-2017-17942: Fixed issue in the function PackBitsEncode that could have led to a heap overflow and caused a DoS (bsc#1074186).
- CVE-2016-9273: Fixed heap-based buffer overflow issue (bsc#1010163).
- CVE-2016-5319: Fixed heap-based buffer overflow in PackBitsEncode (bsc#983440).
- CVE-2016-3621: Fixed out-of-bounds read in the bmp2tiff tool (lzw packing) (bsc#974448).
- CVE-2016-3620: Fixed out-of-bounds read in the bmp2tiff tool (zip packing) (bsc#974447)
- CVE-2016-3619: Fixed out-of-bounds read in the bmp2tiff tool (none packing) (bsc#974446)
- CVE-2015-8870: Fixed integer overflow in tools/bmp2tiff.c that allowed remote attackers to causea DOS (bsc#1014461).
Non-security issues fixed:
- asan_build: build ASAN included
- debug_build: build more suitable for debugging
ModerateSUSE bug 1010163SUSE bug 1014461SUSE bug 1040080SUSE bug 1040322SUSE bug 1074186SUSE bug 1099257SUSE bug 1113672SUSE bug 974446SUSE bug 974447SUSE bug 974448SUSE bug 983440CVE-2015-8870 at SUSECVE-2015-8870 at NVDCVE-2016-3619 at SUSECVE-2016-3619 at NVDCVE-2016-3620 at SUSECVE-2016-3620 at NVDCVE-2016-3621 at SUSECVE-2016-3621 at NVDCVE-2016-5319 at SUSECVE-2016-5319 at NVDCVE-2016-9273 at SUSECVE-2016-9273 at NVDCVE-2017-17942 at SUSECVE-2017-17942 at NVDCVE-2017-9117 at SUSECVE-2017-9117 at NVDCVE-2017-9147 at SUSECVE-2017-9147 at NVDCVE-2018-12900 at SUSECVE-2018-12900 at NVDCVE-2018-18661 at SUSECVE-2018-18661 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tiff (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tiff fixes the following issues:
Security issues fixed:
- CVE-2016-10094: Fixed heap-based buffer overflow in the _tiffWriteProc function (bsc#1017693).
- CVE-2016-10093: Fixed heap-based buffer overflow in the _TIFFmemcpy function (bsc#1017693).
- CVE-2016-10092: Fixed heap-based buffer overflow in the TIFFReverseBits function (bsc#1017693).
ModerateSUSE bug 1017693CVE-2016-10092 at SUSECVE-2016-10092 at NVDCVE-2016-10093 at SUSECVE-2016-10093 at NVDCVE-2016-10094 at SUSECVE-2016-10094 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tiff (Low)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tiff fixes the following issue:
Security vulnerabilities fixed:
- CVE-2016-5102: Fixed a buffer overflow in readgifimage() (bsc#983268)
- CVE-2019-6128: Fixed a memory leak in the TIFFFdOpen function in tif_unix.c (bsc#1121626)
LowSUSE bug 1121626SUSE bug 983268CVE-2016-5102 at SUSECVE-2016-5102 at NVDCVE-2019-6128 at SUSECVE-2019-6128 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tiff (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for tiff fixes the following issues:
- CVE-2015-8683: Fixed out-of-bounds when reading CIE Lab image format files (bsc#1156754).
- CVE-2015-8665: Fixed out-of-bounds read in tif_getimage.c (bsc#1156749).
- CVE-2020-35521: Fixed memory allocation failure in tif_read.c (bsc#1182808).
- CVE-2020-35522: Fixed memory allocation failure in tif_pixarlog.c (bsc#1182809).
- CVE-2020-35523: Fixed integer overflow in tif_getimage.c (bsc#1182811).
- CVE-2020-35524: Fixed heap-based buffer overflow in TIFF2PDF tool (bsc#1182812).
ImportantSUSE bug 1156749SUSE bug 1156754SUSE bug 1182808SUSE bug 1182809SUSE bug 1182811SUSE bug 1182812CVE-2015-8665 at SUSECVE-2015-8665 at NVDCVE-2015-8683 at SUSECVE-2015-8683 at NVDCVE-2020-35521 at SUSECVE-2020-35521 at NVDCVE-2020-35522 at SUSECVE-2020-35522 at NVDCVE-2020-35523 at SUSECVE-2020-35523 at NVDCVE-2020-35524 at SUSECVE-2020-35524 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for tightvnc (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for tightvnc fixes the following issues:
- CVE-2019-15679: Fixed a heap buffer overflow in InitialiseRFBConnection
which might lead to code execution (bsc#1155476).
- CVE-2019-8287: Fixed a global buffer overflow in HandleCoRREBBPmay which
might lead to code execution (bsc#1155472).
- CVE-2019-15680: Fixed a null pointer dereference in HandleZlibBPP which
could have led to denial of service (bsc#1155452).
- CVE-2019-15678: Fixed a heap buffer overflow in rfbServerCutText handler
(bsc#1155442).
ImportantSUSE bug 1155442SUSE bug 1155452SUSE bug 1155472SUSE bug 1155476CVE-2019-15678 at SUSECVE-2019-15678 at NVDCVE-2019-15679 at SUSECVE-2019-15679 at NVDCVE-2019-15680 at SUSECVE-2019-15680 at NVDCVE-2019-8287 at SUSECVE-2019-8287 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for tomcat6 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tomcat6 fixes the following issue:
- CVE-2016-5388 Setting HTTP_PROXY environment variable via Proxy header (bsc#988489)
ModerateSUSE bug 988489CVE-2016-5388 at SUSECVE-2016-5388 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tomcat6 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for Tomcat fixes the following security issues:
- CVE-2014-7810: Security manager bypass via EL expressions. (bsc#931442)
It was found that the expression language resolver evaluated expressions within a
privileged code section. A malicious web application could have used this flaw to
bypass security manager protections.
- CVE-2014-0227: Limited DoS in chunked transfer encoding input filter. (bsc#917127)
It was discovered that the ChunkedInputFilter implementation did not fail subsequent
attempts to read input early enough. A remote attacker could have used this flaw to
perform a denial of service attack, by streaming an unlimited quantity of data,
leading to consumption of server resources.
- CVE-2014-0230: Non-persistent DoS attack by feeding data by aborting an upload
It was possible for a remote attacker to trigger a non-persistent DoS attack by
feeding data by aborting an upload. (bsc#926762)
Additionally, the following non-security issues have been fixed:
- Fix rights of all files within /usr/share/tomcat6/bin. (bsc#906152)
- Don't overwrite /var/run/tomcat6.pid when Tomcat is already running. (bsc#934219)
- Miscellaneous fixes and improvements to Tomcat's init script. (bsc#932698)
ModerateSUSE bug 906152SUSE bug 917127SUSE bug 926762SUSE bug 931442SUSE bug 932698SUSE bug 934219CVE-2014-0227 at SUSECVE-2014-0227 at NVDCVE-2014-0230 at SUSECVE-2014-0230 at NVDCVE-2014-7810 at SUSECVE-2014-7810 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tomcat6 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tomcat6 fixes the following issues:
The version was updated from 6.0.41 to 6.0.45.
Security issues fixed:
* CVE-2015-5174: Directory traversal vulnerability in RequestUtil.java
in Apache Tomcat allowed remote authenticated users to bypass intended
SecurityManager restrictions and list a parent directory via a /.. (slash
dot dot) in a pathname used by a web application in a getResource,
getResourceAsStream, or getResourcePaths call, as demonstrated by the
$CATALINA_BASE/webapps directory. (bsc#967967)
* CVE-2015-5345: The Mapper component in Apache Tomcat processes redirects
before considering security constraints and Filters, which allowed remote
attackers to determine the existence of a directory via a URL that lacks
a trailing / (slash) character. (bsc#967965)
* CVE-2016-0706: Apache Tomcat did not place
org.apache.catalina.manager.StatusManagerServlet on the
org/apache/catalina/core/RestrictedServlets.properties list, which
allowed remote authenticated users to bypass intended SecurityManager
restrictions and read arbitrary HTTP requests, and consequently discover
session ID values, via a crafted web application. (bsc#967815)
* CVE-2016-0714: The session-persistence implementation in Apache Tomcat
mishandled session attributes, which allowed remote authenticated users
to bypass intended SecurityManager restrictions and execute arbitrary
code in a privileged context via a web application that places a crafted
object in a session. (bsc#967964)
ImportantSUSE bug 934219SUSE bug 967815SUSE bug 967964SUSE bug 967965SUSE bug 967967CVE-2015-5174 at SUSECVE-2015-5174 at NVDCVE-2015-5345 at SUSECVE-2015-5345 at NVDCVE-2016-0706 at SUSECVE-2016-0706 at NVDCVE-2016-0714 at SUSECVE-2016-0714 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tomcat6 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tomcat6 fixes the following issues:
Tomcat was updated to version 6.0.53:
The full changelog is:
http://tomcat.apache.org/tomcat-6.0-doc/changelog.html
Security issues fixed:
- CVE-2017-5647: A bug in the handling of pipelined requests could lead to information disclosure (bsc#1036642)
- CVE-2016-8745: Regression in the error handling methods could lead to information disclosure (bsc#1015119)
- CVE-2016-8735: Remote code execution vulnerability in JmxRemoteLifecycleListener (bsc#1011805)
- CVE-2016-6816: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests (bsc#1011812)
- CVE-2016-6797: Unrestricted Access to Global Resources (bsc#1007853)
- CVE-2016-6796: Manager Bypass (bsc#1007858)
- CVE-2016-6794: System Property Disclosure (bsc#1007857)
- CVE-2016-5018: Security Manager Bypass (bsc#1007855)
- CVE-2016-0762: Realm Timing Attack (bsc#1007854)
- CVE-2016-5388: an arbitrary HTTP_PROXY environment variable might allow remote attackers to redirect outbound HTTP traffic (bsc#988489)
ImportantSUSE bug 1007853SUSE bug 1007854SUSE bug 1007855SUSE bug 1007857SUSE bug 1007858SUSE bug 1011805SUSE bug 1011812SUSE bug 1015119SUSE bug 1033448SUSE bug 1036642SUSE bug 988489CVE-2016-0762 at SUSECVE-2016-0762 at NVDCVE-2016-5018 at SUSECVE-2016-5018 at NVDCVE-2016-5388 at SUSECVE-2016-5388 at NVDCVE-2016-6794 at SUSECVE-2016-6794 at NVDCVE-2016-6796 at SUSECVE-2016-6796 at NVDCVE-2016-6797 at SUSECVE-2016-6797 at NVDCVE-2016-6816 at SUSECVE-2016-6816 at NVDCVE-2016-8735 at SUSECVE-2016-8735 at NVDCVE-2016-8745 at SUSECVE-2016-8745 at NVDCVE-2017-5647 at SUSECVE-2017-5647 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tomcat6 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tomcat6 fixes the following security issues:
- : The error page mechanism of the Java Servlet Specification
requires that, when an error occurs and an error page is configured for the
error that occurred, the original request and response are forwarded to the
error page. This means that the request is presented to the error page with the
original HTTP method. If the error page is a static file, expected behaviour is
to serve content of the file as if processing a GET request, regardless of the
actual HTTP method. The Default Servlet in Tomcat did not do this. Depending on
the original request this could lead to unexpected and undesirable results for
static error pages including, if the DefaultServlet is configured to permit
writes, the replacement or removal of the custom error page (bsc#1042910).
- : The URL pattern of '' was not correctly handled when used as
part of a security constraint definition. This caused the constraint to be
ignored. It was possible for unauthorised users to gain access to web
application resources that should have been protected. Only security
constraints with a URL pattern of the empty string were affected (bsc#1082480).
ModerateSUSE bug 1042910SUSE bug 1082480CVE-2017-5664 at SUSECVE-2017-5664 at NVDCVE-2018-1304 at SUSECVE-2018-1304 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tomcat6 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for tomcat6 fixes the following issue:
Security issue fixed:
- CVE-2018-11784: Fixed problem with specially crafted URLs that could be used to cause a redirect to any URI of an attackers choise (bsc#1110850).
ModerateSUSE bug 1110850CVE-2018-11784 at SUSECVE-2018-11784 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for tomcat6 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for tomcat6 fixes the following issues:
- CVE-2020-1938: Fixed a file contents disclosure vulnerability (bsc#1164692).
ImportantSUSE bug 1164692CVE-2020-1938 at SUSECVE-2020-1938 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for tomcat6 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for tomcat6 fixes the following issues:
CVE-2020-9484 (bsc#1171928)
Apache Tomcat Remote Code Execution via session persistence
If an attacker was able to control the contents and name of a file on a
server configured to use the PersistenceManager, then the attacker could
have triggered a remote code execution via deserialization of the file under
their control.
CVE-2019-12418 (bsc#1159723)
Local privilege escalation by manipulating the RMI registry and performing a man-in-the-middle attack
When Tomcat is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files was able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface.
The attacker could then use these credentials to access the JMX interface and gain complete control over the Tomcat instance.
CVE-2019-0221 (bsc#1136085)
The SSI printenv command echoed user provided data without escaping, which
made it vulnerable to XSS.
ImportantSUSE bug 1136085SUSE bug 1159723SUSE bug 1171928CVE-2019-0221 at SUSECVE-2019-0221 at NVDCVE-2019-12418 at SUSECVE-2019-12418 at NVDCVE-2020-9484 at SUSECVE-2020-9484 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for tomcat6 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for tomcat6 fixes the following issues:
- CVE-2021-25329: Fixed completely CVE-2020-9484 (bsc#1182909).
- CVE-2021-24122: Fixed an information disclosure (bsc#1180947).
- CVE-2017-12617: Fixed a file inclusion vulnerability through a crafted request (bsc#1059554).
ImportantSUSE bug 1059554SUSE bug 1180947SUSE bug 1182909CVE-2017-12617 at SUSECVE-2017-12617 at NVDCVE-2021-24122 at SUSECVE-2021-24122 at NVDCVE-2021-25329 at SUSECVE-2021-25329 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for transfig (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for transfig fixes the following issues:
Security issue fixed:
- CVE-2017-16899: Fix array index error in the fig2dev program (bsc#1069257).
ModerateSUSE bug 1069257CVE-2017-16899 at SUSECVE-2017-16899 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for transfig (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for transfig fixes the following issues:
- CVE-2021-3561: Fixed global buffer overflow in fig2dev/read.c in function read_colordef() (bsc#1186329).
- CVE-2019-19797: Fixed out-of-bounds write in read_colordef in read.c (bsc#1159293).
- CVE-2019-19746: Fixed segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type (bsc#1159130).
- CVE-2019-19555: Fixed stack-based buffer overflow because of an incorrect sscanf (bsc#1161698).
- CVE-2019-14275: Fixed stack-based buffer overflow in the calc_arrow function in bound.c (bsc#1143650).
- CVE-2020-21680: Fixed a stack-based buffer overflow in the put_arrow() component in genpict2e.c (bsc#1189343).
- CVE-2020-21681: Fixed a global buffer overflow in the set_color component in genge.c (bsc#1189345).
- CVE-2020-21682: Fixed a global buffer overflow in the set_fill component in genge.c (bsc#1189346).
- CVE-2020-21683: Fixed a global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c (bsc#1189325).
- Do hardening via compile and linker flags
- Fixed last added upstream commit (boo#1136882)
ImportantSUSE bug 1136882SUSE bug 1143650SUSE bug 1159130SUSE bug 1159293SUSE bug 1161698SUSE bug 1186329SUSE bug 1189325SUSE bug 1189343SUSE bug 1189345SUSE bug 1189346CVE-2019-14275 at SUSECVE-2019-14275 at NVDCVE-2019-19555 at SUSECVE-2019-19555 at NVDCVE-2019-19746 at SUSECVE-2019-19746 at NVDCVE-2019-19797 at SUSECVE-2019-19797 at NVDCVE-2020-21680 at SUSECVE-2020-21680 at NVDCVE-2020-21681 at SUSECVE-2020-21681 at NVDCVE-2020-21682 at SUSECVE-2020-21682 at NVDCVE-2020-21683 at SUSECVE-2020-21683 at NVDCVE-2021-3561 at SUSECVE-2021-3561 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for transfig (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for transfig fixes the following issues:
Update to fig2dev version 3.2.8 Patchlevel 8b (Aug 2021)
- bsc#1190618, CVE-2020-21529: stack buffer overflow in the bezier_spline function in genepic.c.
- bsc#1190615, CVE-2020-21530: segmentation fault in the read_objects function in read.c.
- bsc#1190617, CVE-2020-21531: global buffer overflow in the conv_pattern_index function in gencgm.c.
- bsc#1190616, CVE-2020-21532: global buffer overflow in the setfigfont function in genepic.c.
- bsc#1190612, CVE-2020-21533: stack buffer overflow in the read_textobject function in read.c.
- bsc#1190611, CVE-2020-21534: global buffer overflow in the get_line function in read.c.
- bsc#1190607, CVE-2020-21535: segmentation fault in the gencgm_start function in gencgm.c.
- bsc#1192019, CVE-2021-32280: NULL pointer dereference in compute_closed_spline() in trans_spline.c
ImportantSUSE bug 1190607SUSE bug 1190611SUSE bug 1190612SUSE bug 1190615SUSE bug 1190616SUSE bug 1190617SUSE bug 1190618SUSE bug 1192019CVE-2020-21529 at SUSECVE-2020-21529 at NVDCVE-2020-21530 at SUSECVE-2020-21530 at NVDCVE-2020-21531 at SUSECVE-2020-21531 at NVDCVE-2020-21532 at SUSECVE-2020-21532 at NVDCVE-2020-21533 at SUSECVE-2020-21533 at NVDCVE-2020-21534 at SUSECVE-2020-21534 at NVDCVE-2020-21535 at SUSECVE-2020-21535 at NVDCVE-2021-32280 at SUSECVE-2021-32280 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for unrar (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for unrar fixes the following issues:
- CVE-2012-6706: decoding malicious RAR files could have lead to memory corruption or code execution. (bsc#1045315).
ImportantSUSE bug 1045315CVE-2012-6706 at SUSECVE-2012-6706 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for unrar (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for unrar to version 5.6.1 fixes several issues.
These security issues were fixed:
- CVE-2017-12938: Prevent remote attackers to bypass a directory-traversal
protection mechanism via vectors involving a symlink to the . directory, a
symlink to the .. directory, and a regular file (bsc#1054038).
- CVE-2017-12940: Prevent out-of-bounds read in the EncodeFileName::Decode call
within the Archive::ReadHeader15 function (bsc#1054038).
- CVE-2017-12941: Prevent an out-of-bounds read in the Unpack::Unpack20
function (bsc#1054038).
- CVE-2017-12942: Prevent a buffer overflow in the Unpack::LongLZ function
(bsc#1054038).
These non-security issues were fixed:
- Added extraction support for .LZ archives created by Lzip compressor
- Enable unpacking of files in ZIP archives compressed with XZ algorithm and
encrypted with AES
- Added support for PAX extended headers inside of TAR archive
- If RAR recovery volumes (.rev files) are present in the same folder as usual
RAR volumes, archive test command verifies .rev contents after completing
testing .rar files
- By default unrar skips symbolic links with absolute paths in link target when
extracting unless -ola command line switch is specified
- Added support for AES-NI CPU instructions
- Support for a new RAR 5.0 archiving format
- Wildcard exclusion mask for folders
- Added libunrar* and libunrar*-devel subpackages (bsc#513804)
- Prevent conditional jumps depending on uninitialised values (bsc#1046882)
ModerateSUSE bug 1046882SUSE bug 1054038SUSE bug 513804SUSE bug 693890CVE-2012-6706 at SUSECVE-2012-6706 at NVDCVE-2017-12938 at SUSECVE-2017-12938 at NVDCVE-2017-12940 at SUSECVE-2017-12940 at NVDCVE-2017-12941 at SUSECVE-2017-12941 at NVDCVE-2017-12942 at SUSECVE-2017-12942 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for unzip (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for unzip fixes the following issues:
- CVE-2014-9913: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption (bsc#1013993)
- CVE-2015-7696: Specially crafted zip files with password protection could trigger a crash and lead to denial of service (bsc#950110)
- CVE-2015-7697: Specially crafted zip files could trigger an endless loop and lead to denial of service (bsc#950111)
- CVE-2016-9844: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption (bsc#1013992)
ModerateSUSE bug 1013992SUSE bug 1013993SUSE bug 950110SUSE bug 950111CVE-2014-9913 at SUSECVE-2014-9913 at NVDCVE-2015-7696 at SUSECVE-2015-7696 at NVDCVE-2015-7697 at SUSECVE-2015-7697 at NVDCVE-2016-9844 at SUSECVE-2016-9844 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for unzip (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for unzip fixes the following issues:
- CVE-2018-1000035: Fixed a heap-based buffer overflow in password protected ZIP archives (bsc#1080074)
ModerateSUSE bug 1080074CVE-2018-1000035 at SUSECVE-2018-1000035 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for unzip (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for unzip fixes the following issues:
- CVE-2018-18384: Fixed a buffer overflow when listing archives (bsc#1110194)
ModerateSUSE bug 1110194CVE-2018-18384 at SUSECVE-2018-18384 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for vim (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for vim fixes the following security issues:
- Fixed CVE-2016-1248, an arbitrary command execution vulnerability
(bsc#1010685)
ImportantSUSE bug 1010685CVE-2016-1248 at SUSECVE-2016-1248 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for vim (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for vim fixes the following issues:
- CVE-2017-5953: Fixed a possible overflow with corrupted spell file (bsc#1024724)
ModerateSUSE bug 1024724CVE-2017-5953 at SUSECVE-2017-5953 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for vim (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for vim fixes the following issues:
Security issue fixed:
- CVE-2019-12735: Fixed a potential arbitrary code execution vulnerability in getchar.c (bsc#1137443).
ImportantSUSE bug 1137443CVE-2019-12735 at SUSECVE-2019-12735 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for vim (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for vim fixes the following issues:
- CVE-2019-20807: Fixed an issue where escaping from the restrictive mode of vim
was possible using interfaces (bsc#1172225).
ModerateSUSE bug 1172225CVE-2019-20807 at SUSECVE-2019-20807 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for w3m (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for w3m fixes the following issues:
- update to debian git version (bsc#1011293)
addressed security issues:
CVE-2016-9621: w3m: global-buffer-overflow write (bsc#1012020)
CVE-2016-9622: w3m: null deref (bsc#1012021)
CVE-2016-9623: w3m: null deref (bsc#1012022)
CVE-2016-9624: w3m: near-null deref (bsc#1012023)
CVE-2016-9625: w3m: stack overflow (bsc#1012024)
CVE-2016-9626: w3m: stack overflow (bsc#1012025)
CVE-2016-9627: w3m: heap overflow read + deref (bsc#1012026)
CVE-2016-9628: w3m: null deref (bsc#1012027)
CVE-2016-9629: w3m: null deref (bsc#1012028)
CVE-2016-9630: w3m: global-buffer-overflow read (bsc#1012029)
CVE-2016-9631: w3m: null deref (bsc#1012030)
CVE-2016-9632: w3m: global-buffer-overflow read (bsc#1012031)
CVE-2016-9633: w3m: OOM (bsc#1012032)
CVE-2016-9434: w3m: null deref (bsc#1011283)
CVE-2016-9435: w3m: use uninit value (bsc#1011284)
CVE-2016-9436: w3m: use uninit value (bsc#1011285)
CVE-2016-9437: w3m: write to rodata (bsc#1011286)
CVE-2016-9438: w3m: null deref (bsc#1011287)
CVE-2016-9439: w3m: stack overflow (bsc#1011288)
CVE-2016-9440: w3m: near-null deref (bsc#1011289)
CVE-2016-9441: w3m: near-null deref (bsc#1011290)
CVE-2016-9442: w3m: potential heap buffer corruption (bsc#1011291)
CVE-2016-9443: w3m: null deref (bsc#1011292)
ModerateSUSE bug 1011269SUSE bug 1011270SUSE bug 1011271SUSE bug 1011272SUSE bug 1011283SUSE bug 1011284SUSE bug 1011285SUSE bug 1011286SUSE bug 1011287SUSE bug 1011288SUSE bug 1011289SUSE bug 1011290SUSE bug 1011291SUSE bug 1011292SUSE bug 1011293SUSE bug 1012020SUSE bug 1012021SUSE bug 1012022SUSE bug 1012023SUSE bug 1012024SUSE bug 1012025SUSE bug 1012026SUSE bug 1012027SUSE bug 1012028SUSE bug 1012029SUSE bug 1012030SUSE bug 1012031SUSE bug 1012032CVE-2010-2074 at SUSECVE-2010-2074 at NVDCVE-2016-9422 at SUSECVE-2016-9422 at NVDCVE-2016-9423 at SUSECVE-2016-9423 at NVDCVE-2016-9424 at SUSECVE-2016-9424 at NVDCVE-2016-9425 at SUSECVE-2016-9425 at NVDCVE-2016-9434 at SUSECVE-2016-9434 at NVDCVE-2016-9435 at SUSECVE-2016-9435 at NVDCVE-2016-9436 at SUSECVE-2016-9436 at NVDCVE-2016-9437 at SUSECVE-2016-9437 at NVDCVE-2016-9438 at SUSECVE-2016-9438 at NVDCVE-2016-9439 at SUSECVE-2016-9439 at NVDCVE-2016-9440 at SUSECVE-2016-9440 at NVDCVE-2016-9441 at SUSECVE-2016-9441 at NVDCVE-2016-9442 at SUSECVE-2016-9442 at NVDCVE-2016-9443 at SUSECVE-2016-9443 at NVDCVE-2016-9621 at SUSECVE-2016-9621 at NVDCVE-2016-9622 at SUSECVE-2016-9622 at NVDCVE-2016-9623 at SUSECVE-2016-9623 at NVDCVE-2016-9624 at SUSECVE-2016-9624 at NVDCVE-2016-9625 at SUSECVE-2016-9625 at NVDCVE-2016-9626 at SUSECVE-2016-9626 at NVDCVE-2016-9627 at SUSECVE-2016-9627 at NVDCVE-2016-9628 at SUSECVE-2016-9628 at NVDCVE-2016-9629 at SUSECVE-2016-9629 at NVDCVE-2016-9630 at SUSECVE-2016-9630 at NVDCVE-2016-9631 at SUSECVE-2016-9631 at NVDCVE-2016-9632 at SUSECVE-2016-9632 at NVDCVE-2016-9633 at SUSECVE-2016-9633 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wavpack (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for wavpack fixes the following issues:
- CVE-2016-10169 CVE-2016-10170 CVE-2016-10171 CVE-2016-10172: Make sure upper and lower boundaries make sense, to avoid out of bounds memory reads that could lead to crashes or disclosing memory. (bsc#1021483)
ModerateSUSE bug 1021483CVE-2016-10169 at SUSECVE-2016-10169 at NVDCVE-2016-10170 at SUSECVE-2016-10170 at NVDCVE-2016-10171 at SUSECVE-2016-10171 at NVDCVE-2016-10172 at SUSECVE-2016-10172 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wavpack (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for wavpack fixes the following issues:
Security issues fixed:
- CVE-2018-19840: Fixed a denial-of-service in the WavpackPackInit function from pack_utils.c (bsc#1120930)
ModerateSUSE bug 1120930CVE-2018-19840 at SUSECVE-2018-19840 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wavpack (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for wavpack fixes the following issues:
- CVE-2020-35738: Fixed an out-of-bounds write in WavpackPackSamples (bsc#1180414).
ImportantSUSE bug 1180414CVE-2020-35738 at SUSECVE-2020-35738 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for wget (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for wget fixes the following issues:
- CVE-2016-4971: A HTTP to FTP redirection file name confusion vulnerability was fixed.
(bsc#984060).
- CVE-2016-7098: A potential race condition was fixed by creating files with .tmp ext
and making them accessible to the current user only. (bsc#995964)
Bug fixed:
- Wget failed with basicauth: Failed writing HTTP request: Bad file descriptor
(bsc#958342)
ModerateSUSE bug 958342SUSE bug 984060SUSE bug 995964CVE-2016-4971 at SUSECVE-2016-4971 at NVDCVE-2016-7098 at SUSECVE-2016-7098 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wget (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for wget fixes the following issues:
Security issue fixed:
- CVE-2017-6508: (url_parse): Reject control characters in host part of URL (bsc#1028301).
ModerateSUSE bug 1028301CVE-2017-6508 at SUSECVE-2017-6508 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wget (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for wget fixes the following issues:
- CVE-2018-0494: Fixed Cookie injection vulnerability by checking for
and joining continuation lines. (bsc#1092061)
ModerateSUSE bug 1092061CVE-2018-0494 at SUSECVE-2018-0494 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
Wireshark has been updated to 1.12.7. (FATE#319388)
The following vulnerabilities have been fixed:
* Wireshark could crash when adding an item to the protocol tree. wnpa-sec-2015-21 CVE-2015-6241
* Wireshark could attempt to free invalid memory. wnpa-sec-2015-22 CVE-2015-6242
* Wireshark could crash when searching for a protocol dissector. wnpa-sec-2015-23 CVE-2015-6243
* The ZigBee dissector could crash. wnpa-sec-2015-24 CVE-2015-6244
* The GSM RLC/MAC dissector could go into an infinite loop. wnpa-sec-2015-25 CVE-2015-6245
* The WaveAgent dissector could crash. wnpa-sec-2015-26 CVE-2015-6246
* The OpenFlow dissector could go into an infinite loop. wnpa-sec-2015-27 CVE-2015-6247
* Wireshark could crash due to invalid ptvcursor length checking. wnpa-sec-2015-28 CVE-2015-6248
* The WCCP dissector could crash. wnpa-sec-2015-29 CVE-2015-6249
* Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.12.7.html
Also a fix from 1.12.6 in GSM DTAP was backported. (bnc#935158 CVE-2015-4652)
ModerateSUSE bug 935158SUSE bug 941500CVE-2015-3813 at SUSECVE-2015-3813 at NVDCVE-2015-4652 at SUSECVE-2015-4652 at NVDCVE-2015-6241 at SUSECVE-2015-6241 at NVDCVE-2015-6242 at SUSECVE-2015-6242 at NVDCVE-2015-6243 at SUSECVE-2015-6243 at NVDCVE-2015-6244 at SUSECVE-2015-6244 at NVDCVE-2015-6245 at SUSECVE-2015-6245 at NVDCVE-2015-6246 at SUSECVE-2015-6246 at NVDCVE-2015-6247 at SUSECVE-2015-6247 at NVDCVE-2015-6248 at SUSECVE-2015-6248 at NVDCVE-2015-6249 at SUSECVE-2015-6249 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wireshark (Low)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update contains Wireshark 1.12.9 and fixes the following issues:
* CVE-2015-7830: pcapng file parser could crash while copying an interface filter (bsc#950437)
* CVE-2015-8711: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
* CVE-2015-8712: The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8713: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
* CVE-2015-8714: The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8715: epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
* CVE-2015-8716: The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8717: The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8718: Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the 'Match MSG/RES packets for async NLM' option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8719: The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8720: The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
* CVE-2015-8721: Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression.
* CVE-2015-8722: epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
* CVE-2015-8723: The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted
* CVE-2015-8724: The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
* CVE-2015-8725: The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
* CVE-2015-8726: wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
* CVE-2015-8727: The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.
* CVE-2015-8728: The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet.
* CVE-2015-8729: The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
* CVE-2015-8730: epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet.
* CVE-2015-8731: The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
* CVE-2015-8732: The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
* CVE-2015-8733: The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
LowSUSE bug 950437SUSE bug 960382CVE-2015-7830 at SUSECVE-2015-7830 at NVDCVE-2015-8711 at SUSECVE-2015-8711 at NVDCVE-2015-8712 at SUSECVE-2015-8712 at NVDCVE-2015-8713 at SUSECVE-2015-8713 at NVDCVE-2015-8714 at SUSECVE-2015-8714 at NVDCVE-2015-8715 at SUSECVE-2015-8715 at NVDCVE-2015-8716 at SUSECVE-2015-8716 at NVDCVE-2015-8717 at SUSECVE-2015-8717 at NVDCVE-2015-8718 at SUSECVE-2015-8718 at NVDCVE-2015-8719 at SUSECVE-2015-8719 at NVDCVE-2015-8720 at SUSECVE-2015-8720 at NVDCVE-2015-8721 at SUSECVE-2015-8721 at NVDCVE-2015-8722 at SUSECVE-2015-8722 at NVDCVE-2015-8723 at SUSECVE-2015-8723 at NVDCVE-2015-8724 at SUSECVE-2015-8724 at NVDCVE-2015-8725 at SUSECVE-2015-8725 at NVDCVE-2015-8726 at SUSECVE-2015-8726 at NVDCVE-2015-8727 at SUSECVE-2015-8727 at NVDCVE-2015-8728 at SUSECVE-2015-8728 at NVDCVE-2015-8729 at SUSECVE-2015-8729 at NVDCVE-2015-8730 at SUSECVE-2015-8730 at NVDCVE-2015-8731 at SUSECVE-2015-8731 at NVDCVE-2015-8732 at SUSECVE-2015-8732 at NVDCVE-2015-8733 at SUSECVE-2015-8733 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update to Wireshark 1 12.11 fixes a number issues in protocol dissectors that could have allowed a remote attacker to crash Wireshark or cause excessive CPU usage through specially crafted packages inserted into the network or a capture file.
- The PKTC dissector could crash (wnpa-sec-2016-22)
- The PKTC dissector could crash (wnpa-sec-2016-23)
- The IAX2 dissector could go into an infinite loop (wnpa-sec-2016-24)
- Wireshark and TShark could exhaust the stack (wnpa-sec-2016-25)
- The GSM CBCH dissector could crash (wnpa-sec-2016-26)
- The NCP dissector could crash (wnpa-sec-2016-28)
- CVE-2016-2523: DNP dissector infinite loop (wnpa-sec-2016-03)
- CVE-2016-2530: RSL dissector crash (wnpa-sec-2016-10)
- CVE-2016-2531: RSL dissector crash (wnpa-sec-2016-10)
- CVE-2016-2532: LLRP dissector crash (wnpa-sec-2016-11)
- GSM A-bis OML dissector crash (wnpa-sec-2016-14)
- ASN.1 BER dissector crash (wnpa-sec-2016-15)
- ASN.1 BER dissector crash (wnpa-sec-2016-18)
Also containsfurther bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.12.11.html
https://www.wireshark.org/docs/relnotes/wireshark-1.12.10.html
ModerateSUSE bug 968565SUSE bug 976944CVE-2016-2523 at SUSECVE-2016-2523 at NVDCVE-2016-2530 at SUSECVE-2016-2530 at NVDCVE-2016-2531 at SUSECVE-2016-2531 at NVDCVE-2016-2532 at SUSECVE-2016-2532 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update to wireshark 1.12.13 fixes the following issues:
- CVE-2016-6504: wireshark: NDS dissector crash (bsc#991012)
- CVE-2016-6505: wireshark: PacketBB dissector could divide by zero (bsc#991013)
- CVE-2016-6506: wireshark: WSP infinite loop (bsc#991015)
- CVE-2016-6507: wireshark: MMSE infinite loop (bsc#991016)
- CVE-2016-6508: wireshark: RLC long loop (bsc#991017)
- CVE-2016-6509: wireshark: LDSS dissector crash (bsc#991018)
- CVE-2016-6510: wireshark: RLC dissector crash (bsc#991019)
- CVE-2016-6511: wireshark: OpenFlow long loop (bnc991020)
- CVE-2016-5350: SPOOLS infinite loop (bsc#983671)
- CVE-2016-5351: IEEE 802.11 dissector crash (bsc#983671)
- CVE-2016-5352: IEEE 802.11 dissector crash, different from wpna-sec-2016-30 (bsc#983671)
- CVE-2016-5353: UMTS FP crash (bsc#983671)
- CVE-2016-5354: USB dissector crash (bsc#983671)
- CVE-2016-5355: Toshiba file parser crash (bsc#983671)
- CVE-2016-5356: CoSine file parser crash (bsc#983671)
- CVE-2016-5357: NetScreen file parser crash (bsc#983671)
- CVE-2016-5358: Ethernet dissector crash (bsc#983671)
- CVE-2016-5359: WBXML infinite loop (bsc#983671)
For more details please see:
https://www.wireshark.org/docs/relnotes/wireshark-1.12.12.html
https://www.wireshark.org/docs/relnotes/wireshark-1.12.13.html
ModerateSUSE bug 983671SUSE bug 991012SUSE bug 991013SUSE bug 991015SUSE bug 991016SUSE bug 991017SUSE bug 991018SUSE bug 991019SUSE bug 991020CVE-2016-5350 at SUSECVE-2016-5350 at NVDCVE-2016-5351 at SUSECVE-2016-5351 at NVDCVE-2016-5352 at SUSECVE-2016-5352 at NVDCVE-2016-5353 at SUSECVE-2016-5353 at NVDCVE-2016-5354 at SUSECVE-2016-5354 at NVDCVE-2016-5355 at SUSECVE-2016-5355 at NVDCVE-2016-5356 at SUSECVE-2016-5356 at NVDCVE-2016-5357 at SUSECVE-2016-5357 at NVDCVE-2016-5358 at SUSECVE-2016-5358 at NVDCVE-2016-5359 at SUSECVE-2016-5359 at NVDCVE-2016-6504 at SUSECVE-2016-6504 at NVDCVE-2016-6505 at SUSECVE-2016-6505 at NVDCVE-2016-6506 at SUSECVE-2016-6506 at NVDCVE-2016-6507 at SUSECVE-2016-6507 at NVDCVE-2016-6508 at SUSECVE-2016-6508 at NVDCVE-2016-6509 at SUSECVE-2016-6509 at NVDCVE-2016-6510 at SUSECVE-2016-6510 at NVDCVE-2016-6511 at SUSECVE-2016-6511 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
Wireshark was updated to version 2.0.12, which brings several new features, enhancements
and bug fixes.
These security issues were fixed:
- CVE-2017-7700: In Wireshark the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size (bsc#1033936).
- CVE-2017-7701: In Wireshark the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type (bsc#1033937).
- CVE-2017-7702: In Wireshark the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation (bsc#1033938).
- CVE-2017-7703: In Wireshark the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly (bsc#1033939).
- CVE-2017-7704: In Wireshark the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value (bsc#1033940).
- CVE-2017-7705: In Wireshark the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset (bsc#1033941).
- CVE-2017-7745: In Wireshark the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check (bsc#1033942).
- CVE-2017-7746: In Wireshark the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length (bsc#1033943).
- CVE-2017-7747: In Wireshark the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-packetbb.c by restricting additions to the protocol tree (bsc#1033944).
- CVE-2017-7748: In Wireshark the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check (bsc#1033945).
- CVE-2016-7179: Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark allowed remote attackers to cause a denial of service (application crash) via a crafted packet (bsc#998963).
- CVE-2016-9376: In Wireshark the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large (bsc#1010735).
- CVE-2016-9375: In Wireshark the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful (bsc#1010740).
- CVE-2016-9374: In Wireshark the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable (bsc#1010752).
- CVE-2016-9373: In Wireshark the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private strings (bsc#1010754).
- CVE-2016-7175: epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark mishandled MAC address data, which allowed remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet (bsc#998761).
- CVE-2016-7176: epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark called snprintf with one of its input buffers as the output buffer, which allowed remote attackers to cause a denial of service (copy overlap and application crash) via a crafted packet (bsc#998762).
- CVE-2016-7177: epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark did not restrict the number of channels, which allowed remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet (bsc#998763).
- CVE-2016-7180: epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark did not properly consider whether a string is constant, which allowed remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet (bsc#998800).
- CVE-2016-7178: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark did not ensure that memory is allocated for certain data structures, which allowed remote attackers to cause a denial of service (invalid write access and application crash) via a crafted packet (bsc#998964).
- CVE-2017-6014: In Wireshark a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory (bsc#1025913).
- CVE-2017-5596: In Wireshark the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow (bsc#1021739).
- CVE-2017-5597: In Wireshark the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow (bsc#1021739).
ModerateSUSE bug 1002981SUSE bug 1010735SUSE bug 1010740SUSE bug 1010752SUSE bug 1010754SUSE bug 1010911SUSE bug 1021739SUSE bug 1025913SUSE bug 1027998SUSE bug 1033936SUSE bug 1033937SUSE bug 1033938SUSE bug 1033939SUSE bug 1033940SUSE bug 1033941SUSE bug 1033942SUSE bug 1033943SUSE bug 1033944SUSE bug 1033945SUSE bug 998761SUSE bug 998762SUSE bug 998763SUSE bug 998800SUSE bug 998963SUSE bug 998964CVE-2016-7175 at SUSECVE-2016-7175 at NVDCVE-2016-7176 at SUSECVE-2016-7176 at NVDCVE-2016-7177 at SUSECVE-2016-7177 at NVDCVE-2016-7178 at SUSECVE-2016-7178 at NVDCVE-2016-7179 at SUSECVE-2016-7179 at NVDCVE-2016-7180 at SUSECVE-2016-7180 at NVDCVE-2016-9373 at SUSECVE-2016-9373 at NVDCVE-2016-9374 at SUSECVE-2016-9374 at NVDCVE-2016-9375 at SUSECVE-2016-9375 at NVDCVE-2016-9376 at SUSECVE-2016-9376 at NVDCVE-2017-5596 at SUSECVE-2017-5596 at NVDCVE-2017-5597 at SUSECVE-2017-5597 at NVDCVE-2017-6014 at SUSECVE-2017-6014 at NVDCVE-2017-7700 at SUSECVE-2017-7700 at NVDCVE-2017-7701 at SUSECVE-2017-7701 at NVDCVE-2017-7702 at SUSECVE-2017-7702 at NVDCVE-2017-7703 at SUSECVE-2017-7703 at NVDCVE-2017-7704 at SUSECVE-2017-7704 at NVDCVE-2017-7705 at SUSECVE-2017-7705 at NVDCVE-2017-7745 at SUSECVE-2017-7745 at NVDCVE-2017-7746 at SUSECVE-2017-7746 at NVDCVE-2017-7747 at SUSECVE-2017-7747 at NVDCVE-2017-7748 at SUSECVE-2017-7748 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The network analysis tool wireshark was updated to version 2.0.13 to fix the following issues:
* CVE-2017-9352: Bazaar dissector infinite loop (wnpa-sec-2017-22) (bsc#1042304)
* CVE-2017-9348: DOF dissector read overflow (wnpa-sec-2017-23) (bsc#1042303)
* CVE-2017-9351: DHCP dissector read overflow (wnpa-sec-2017-24) (bsc#1042302)
* CVE-2017-9346: SoulSeek dissector infinite loop (wnpa-sec-2017-25) (bsc#1042301)
* CVE-2017-9345: DNS dissector infinite loop (wnpa-sec-2017-26) (bsc#1042300)
* CVE-2017-9349: DICOM dissector infinite loop (wnpa-sec-2017-27) (bsc#1042305)
* CVE-2017-9350: openSAFETY dissector memory exh.. (wnpa-sec-2017-28) (bsc#1042299)
* CVE-2017-9344: BT L2CAP dissector divide by zero (wnpa-sec-2017-29) (bsc#1042298)
* CVE-2017-9343: MSNIP dissector crash (wnpa-sec-2017-30) (bsc#1042309)
* CVE-2017-9347: ROS dissector crash (wnpa-sec-2017-31) (bsc#1042308)
* CVE-2017-9354: RGMP dissector crash (wnpa-sec-2017-32) (bsc#1042307)
* CVE-2017-9353: wireshark: IPv6 dissector crash (wnpa-sec-2017-33) (bsc#1042306)
ModerateSUSE bug 1042298SUSE bug 1042299SUSE bug 1042300SUSE bug 1042301SUSE bug 1042302SUSE bug 1042303SUSE bug 1042304SUSE bug 1042305SUSE bug 1042306SUSE bug 1042307SUSE bug 1042308SUSE bug 1042309CVE-2017-9343 at SUSECVE-2017-9343 at NVDCVE-2017-9344 at SUSECVE-2017-9344 at NVDCVE-2017-9345 at SUSECVE-2017-9345 at NVDCVE-2017-9346 at SUSECVE-2017-9346 at NVDCVE-2017-9347 at SUSECVE-2017-9347 at NVDCVE-2017-9348 at SUSECVE-2017-9348 at NVDCVE-2017-9349 at SUSECVE-2017-9349 at NVDCVE-2017-9350 at SUSECVE-2017-9350 at NVDCVE-2017-9351 at SUSECVE-2017-9351 at NVDCVE-2017-9352 at SUSECVE-2017-9352 at NVDCVE-2017-9353 at SUSECVE-2017-9353 at NVDCVE-2017-9354 at SUSECVE-2017-9354 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This wireshark update to version 2.2.8 fixes the following issues:
Security issues fixed:
- CVE-2017-11411: The openSAFETY dissectorcould crash or exhaust system memory because of missing
length validation. (bsc#1049621)
- CVE-2017-11410: The WBXML dissector could go into an infinite loop. (bsc#1049255)
- CVE-2017-11408: The AMQP dissector could crash. (bsc#1049255)
- CVE-2017-11407: The MQ dissector could crash. (bsc#1049255)
- CVE-2017-11406: The DOCSIS dissector could go into an infinite loop. (bsc#1049255)
ModerateSUSE bug 1049255SUSE bug 1049621CVE-2017-11406 at SUSECVE-2017-11406 at NVDCVE-2017-11407 at SUSECVE-2017-11407 at NVDCVE-2017-11408 at SUSECVE-2017-11408 at NVDCVE-2017-11410 at SUSECVE-2017-11410 at NVDCVE-2017-11411 at SUSECVE-2017-11411 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for wireshark to version 2.2.11 fixes several issues.
These security issues were fixed:
- CVE-2017-13767: The MSDP dissector could have gone into an infinite loop.
This was addressed by adding length validation (bsc#1056248)
- CVE-2017-13766: The Profinet I/O dissector could have crash with an
out-of-bounds write. This was addressed by adding string validation
(bsc#1056249)
- CVE-2017-13765: The IrCOMM dissector had a buffer over-read and application
crash. This was addressed by adding length validation (bsc#1056251)
- CVE-2017-9766: PROFINET IO data with a high recursion depth allowed remote
attackers to cause a denial of service (stack exhaustion) in the
dissect_IODWriteReq function (bsc#1045341)
- CVE-2017-9617: Deeply nested DAAP data may have cause stack exhaustion
(uncontrolled recursion) in the dissect_daap_one_tag function in the DAAP
dissector (bsc#1044417)
- CVE-2017-15192: The BT ATT dissector could crash. This was addressed
in epan/dissectors/packet-btatt.c by considering a case where not all
of the BTATT packets have the same encapsulation level. (bsc#1062645)
- CVE-2017-15193: The MBIM dissector could crash or exhaust system
memory. This was addressed in epan/dissectors/packet-mbim.c by changing
the memory-allocation approach. (bsc#1062645)
- CVE-2017-15191: The DMP dissector could crash. This was addressed in
epan/dissectors/packet-dmp.c by validating a string length. (bsc#1062645)
- CVE-2017-17083: NetBIOS dissector could crash. This was addressed in
epan/dissectors/packet-netbios.c by ensuring that write operations are
bounded by the beginning of a buffer. (bsc#1070727)
- CVE-2017-17084: IWARP_MPA dissector could crash. This was addressed
in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU
length. (bsc#1070727)
- CVE-2017-17085: the CIP Safety dissector could crash. This was
addressed in epan/dissectors/packet-cipsafety.c by validating the packet
length. (bsc#1070727)
ModerateSUSE bug 1044417SUSE bug 1045341SUSE bug 1056248SUSE bug 1056249SUSE bug 1056251SUSE bug 1062645SUSE bug 1070727CVE-2017-13765 at SUSECVE-2017-13765 at NVDCVE-2017-13766 at SUSECVE-2017-13766 at NVDCVE-2017-13767 at SUSECVE-2017-13767 at NVDCVE-2017-15191 at SUSECVE-2017-15191 at NVDCVE-2017-15192 at SUSECVE-2017-15192 at NVDCVE-2017-15193 at SUSECVE-2017-15193 at NVDCVE-2017-17083 at SUSECVE-2017-17083 at NVDCVE-2017-17084 at SUSECVE-2017-17084 at NVDCVE-2017-17085 at SUSECVE-2017-17085 at NVDCVE-2017-9617 at SUSECVE-2017-9617 at NVDCVE-2017-9766 at SUSECVE-2017-9766 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for wireshark to version 2.2.12 fixes the following issues:
- CVE-2018-5334: IxVeriWave file could crash (bsc#1075737)
- CVE-2018-5335: WCP dissector could crash (bsc#1075738)
- CVE-2018-5336: Multiple dissector crashes (bsc#1075739)
- CVE-2017-17935: Incorrect handling of '\n' in file_read_line function could
have lead to denial of service (bsc#1074171)
This release no longer enables the Linux kernel BPF JIT compiler via the
net.core.bpf_jit_enable sysctl, as this would make systems more vulnerable
to Spectre variant 1 CVE-2017-5753 - (bsc#1075748)
Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.12.html
ModerateSUSE bug 1074171SUSE bug 1075737SUSE bug 1075738SUSE bug 1075739SUSE bug 1075748CVE-2017-17935 at SUSECVE-2017-17935 at NVDCVE-2018-5334 at SUSECVE-2018-5334 at NVDCVE-2018-5335 at SUSECVE-2018-5335 at NVDCVE-2018-5336 at SUSECVE-2018-5336 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for wireshark fixes the following issues:
Security issue fixed (bsc#1082692):
- CVE-2018-7335: The IEEE 802.11 dissector could crash (wnpa-sec-2018-05)
- CVE-2018-7321: thrift long dissector loop (dissect_thrift_map)
- CVE-2018-7322: DICOM: inifinite loop (dissect_dcm_tag)
- CVE-2018-7323: WCCP: very long loop (dissect_wccp2_alternate_mask_value_set_element)
- CVE-2018-7324: SCCP: infinite loop (dissect_sccp_optional_parameters)
- CVE-2018-7325: RPKI-Router Protocol: infinite loop (dissect_rpkirtr_pdu)
- CVE-2018-7326: LLTD: infinite loop (dissect_lltd_tlv)
- CVE-2018-7327: openflow_v6: infinite loop (dissect_openflow_bundle_control_v6)
- CVE-2018-7328: USB-DARWIN: long loop (dissect_darwin_usb_iso_transfer)
- CVE-2018-7329: S7COMM: infinite loop (s7comm_decode_ud_cpu_alarm_main)
- CVE-2018-7330: thread_meshcop: infinite loop (get_chancount)
- CVE-2018-7331: GTP: infinite loop (dissect_gprscdr_GGSNPDPRecord, dissect_ber_set)
- CVE-2018-7332: RELOAD: infinite loop (dissect_statans)
- CVE-2018-7333: RPCoRDMA: infinite loop in get_write_list_chunk_count
- CVE-2018-7421: Multiple dissectors could go into large infinite loops (wnpa-sec-2018-06)
- CVE-2018-7334: The UMTS MAC dissector could crash (wnpa-sec-2018-07)
- CVE-2018-7337: The DOCSIS dissector could crash (wnpa-sec-2018-08)
- CVE-2018-7336: The FCP dissector could crash (wnpa-sec-2018-09)
- CVE-2018-7320: The SIGCOMP dissector could crash (wnpa-sec-2018-10)
- CVE-2018-7420: The pcapng file parser could crash (wnpa-sec-2018-11)
- CVE-2018-7417: The IPMI dissector could crash (wnpa-sec-2018-12)
- CVE-2018-7418: The SIGCOMP dissector could crash (wnpa-sec-2018-13)
- CVE-2018-7419: The NBAP disssector could crash (wnpa-sec-2018-14)
- CVE-2017-17997: Misuse of NULL pointer in MRDISC dissector (bsc#1077080).
ModerateSUSE bug 1077080SUSE bug 1082692CVE-2017-17997 at SUSECVE-2017-17997 at NVDCVE-2018-7320 at SUSECVE-2018-7320 at NVDCVE-2018-7321 at SUSECVE-2018-7321 at NVDCVE-2018-7322 at SUSECVE-2018-7322 at NVDCVE-2018-7323 at SUSECVE-2018-7323 at NVDCVE-2018-7324 at SUSECVE-2018-7324 at NVDCVE-2018-7325 at SUSECVE-2018-7325 at NVDCVE-2018-7326 at SUSECVE-2018-7326 at NVDCVE-2018-7327 at SUSECVE-2018-7327 at NVDCVE-2018-7328 at SUSECVE-2018-7328 at NVDCVE-2018-7329 at SUSECVE-2018-7329 at NVDCVE-2018-7330 at SUSECVE-2018-7330 at NVDCVE-2018-7331 at SUSECVE-2018-7331 at NVDCVE-2018-7332 at SUSECVE-2018-7332 at NVDCVE-2018-7333 at SUSECVE-2018-7333 at NVDCVE-2018-7334 at SUSECVE-2018-7334 at NVDCVE-2018-7335 at SUSECVE-2018-7335 at NVDCVE-2018-7336 at SUSECVE-2018-7336 at NVDCVE-2018-7337 at SUSECVE-2018-7337 at NVDCVE-2018-7417 at SUSECVE-2018-7417 at NVDCVE-2018-7418 at SUSECVE-2018-7418 at NVDCVE-2018-7419 at SUSECVE-2018-7419 at NVDCVE-2018-7420 at SUSECVE-2018-7420 at NVDCVE-2018-7421 at SUSECVE-2018-7421 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for wireshark fixes the following issues:
- Update to wireshark 2.2.14, fix such issues:
* bsc#1088200 VUL-0: wireshark: multiple vulnerabilities
fixed in 2.2.14, 2.4.6
* CVE-2018-9256: LWAPP dissector crash
* CVE-2018-9260: IEEE 802.15.4 dissector crash
* CVE-2018-9261: NBAP dissector crash
* CVE-2018-9262: VLAN dissector crash
* CVE-2018-9263: Kerberos dissector crash
* CVE-2018-9264: ADB dissector crash
* CVE-2018-9265: tn3270 dissector has a memory leak
* CVE-2018-9266: ISUP dissector memory leak
* CVE-2018-9267: LAPD dissector memory leak
* CVE-2018-9268: SMB2 dissector memory leak
* CVE-2018-9269: GIOP dissector memory leak
* CVE-2018-9270: OIDS dissector memory leak
* CVE-2018-9271: multipart dissector memory leak
* CVE-2018-9272: h223 dissector memory leak
* CVE-2018-9273: pcp dissector memory leak
* CVE-2018-9274: failure message memory leak
* CVE-2018-9259: MP4 dissector crash
ModerateSUSE bug 1088200CVE-2018-9256 at SUSECVE-2018-9256 at NVDCVE-2018-9259 at SUSECVE-2018-9259 at NVDCVE-2018-9260 at SUSECVE-2018-9260 at NVDCVE-2018-9261 at SUSECVE-2018-9261 at NVDCVE-2018-9262 at SUSECVE-2018-9262 at NVDCVE-2018-9263 at SUSECVE-2018-9263 at NVDCVE-2018-9264 at SUSECVE-2018-9264 at NVDCVE-2018-9265 at SUSECVE-2018-9265 at NVDCVE-2018-9266 at SUSECVE-2018-9266 at NVDCVE-2018-9267 at SUSECVE-2018-9267 at NVDCVE-2018-9268 at SUSECVE-2018-9268 at NVDCVE-2018-9269 at SUSECVE-2018-9269 at NVDCVE-2018-9270 at SUSECVE-2018-9270 at NVDCVE-2018-9271 at SUSECVE-2018-9271 at NVDCVE-2018-9272 at SUSECVE-2018-9272 at NVDCVE-2018-9273 at SUSECVE-2018-9273 at NVDCVE-2018-9274 at SUSECVE-2018-9274 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for wireshark fixes the following issues:
Security issues fixed:
- bsc#1094301: Wireshark security update to 2.6.1, 2.4.7, 2.2.15
- CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, bsc#1101810)
- CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, bsc#1101776)
- CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, bsc#1101786)
- CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, bsc#1101788)
- CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, bsc#1101804)
- CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, bsc#1101777)
- CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, bsc#1101802)
- CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, bsc#1101800)
- CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, bsc#1101791)
- CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, bsc#1101794)
- CVE-2018-11355: Fix RTCP dissector crash (bsc#1094301).
- CVE-2018-11362: Fix LDSS dissector crash (bsc#1094301).
- CVE-2018-11361: Fix IEEE 802.11 dissector crash (bsc#1094301).
- CVE-2018-11360: Fix GSM A DTAP dissector crash (bsc#1094301).
- CVE-2018-11358: Fix Q.931 dissector crash (bsc#1094301).
- CVE-2018-11359: Fix multiple dissectors crashs (bsc#1094301).
- CVE-2018-11356: Fix DNS dissector crash (bsc#1094301).
- CVE-2018-11357: Fix multiple dissectors that could consume excessive memory (bsc#1094301).
- CVE-2018-11354: Fix IEEE 1905.1a dissector crash (bsc#1094301).
ModerateSUSE bug 1094301SUSE bug 1101776SUSE bug 1101777SUSE bug 1101786SUSE bug 1101788SUSE bug 1101791SUSE bug 1101794SUSE bug 1101800SUSE bug 1101802SUSE bug 1101804SUSE bug 1101810CVE-2018-11354 at SUSECVE-2018-11354 at NVDCVE-2018-11355 at SUSECVE-2018-11355 at NVDCVE-2018-11356 at SUSECVE-2018-11356 at NVDCVE-2018-11357 at SUSECVE-2018-11357 at NVDCVE-2018-11358 at SUSECVE-2018-11358 at NVDCVE-2018-11359 at SUSECVE-2018-11359 at NVDCVE-2018-11360 at SUSECVE-2018-11360 at NVDCVE-2018-11361 at SUSECVE-2018-11361 at NVDCVE-2018-11362 at SUSECVE-2018-11362 at NVDCVE-2018-14339 at SUSECVE-2018-14339 at NVDCVE-2018-14340 at SUSECVE-2018-14340 at NVDCVE-2018-14341 at SUSECVE-2018-14341 at NVDCVE-2018-14342 at SUSECVE-2018-14342 at NVDCVE-2018-14343 at SUSECVE-2018-14343 at NVDCVE-2018-14344 at SUSECVE-2018-14344 at NVDCVE-2018-14367 at SUSECVE-2018-14367 at NVDCVE-2018-14368 at SUSECVE-2018-14368 at NVDCVE-2018-14369 at SUSECVE-2018-14369 at NVDCVE-2018-14370 at SUSECVE-2018-14370 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wireshark (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for wireshark fixes the following issues:
Update wireshark to version 2.2.17 (bsc#1106514):
Security issues fixed:
- CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44)
- CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45)
- CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46)
Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.17.html
ModerateSUSE bug 1106514CVE-2018-16056 at SUSECVE-2018-16056 at NVDCVE-2018-16057 at SUSECVE-2018-16057 at NVDCVE-2018-16058 at SUSECVE-2018-16058 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wpa_supplicant (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
wpa_supplicant was updated to fix two security issues.
These security issues were fixed:
- CVE-2015-4142: Integer underflow in the WMM Action frame parser in hostapd and wpa_supplicant, when used for AP mode MLME/SME functionality, allowed remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read (bsc#930078).
- CVE-2015-4141: The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), allowed remote attackers to cause a denial of service (crash) via a negative chunk length, which triggered an out-of-bounds read or heap-based buffer overflow (bsc#930077).
ModerateSUSE bug 930077SUSE bug 930078CVE-2015-4141 at SUSECVE-2015-4141 at NVDCVE-2015-4142 at SUSECVE-2015-4142 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wpa_supplicant (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for wpa_supplicant fixes the following issues:
- Several vulnerabilities in standard conforming implementations of the WPA2
protocol have been discovered and published under the code name KRACK. This
update remedies those issues in a backwards compatible manner, i.e. the
updated wpa_supplicant can interface properly with both vulnerable and
patched implementations of WPA2, but an attacker won't be able to exploit the
KRACK weaknesses in those connections anymore even if the other party is
still vulnerable. [bsc#1056061, CVE-2017-13078, CVE-2017-13079,
CVE-2017-13080, CVE-2017-13081, CVE-2017-13087, CVE-2017-13088]
ImportantSUSE bug 1056061CVE-2017-13078 at SUSECVE-2017-13078 at NVDCVE-2017-13079 at SUSECVE-2017-13079 at NVDCVE-2017-13080 at SUSECVE-2017-13080 at NVDCVE-2017-13081 at SUSECVE-2017-13081 at NVDCVE-2017-13087 at SUSECVE-2017-13087 at NVDCVE-2017-13088 at SUSECVE-2017-13088 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for wpa_supplicant (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for wpa_supplicant fixes the following issues:
Security issue fixed:
- CVE-2015-0210: Fix broken certificate subject check (bsc#915323.)
ModerateSUSE bug 915323CVE-2015-0210 at SUSECVE-2015-0210 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
xen was updated to fix two security issues.
These security issues were fixed:
- CVE-2015-3259: xl command line config handling stack overflow (bsc#935634, XSA-137).
- CVE-2015-5154: Host code execution via IDE subsystem CD-ROM (bsc#938344).
This non-security issue was fixed:
- Kdump did not work in a XEN environment (bsc#925466).
ImportantSUSE bug 925466SUSE bug 935634SUSE bug 938344CVE-2015-3259 at SUSECVE-2015-3259 at NVDCVE-2015-5154 at SUSECVE-2015-5154 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
xen was updated to version 4.4.3 to fix nine security issues.
These security issues were fixed:
- CVE-2015-4037: The slirp_smb function in net/slirp.c created temporary files with predictable names, which allowed local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program (bsc#932267).
- CVE-2014-0222: Integer overflow in the qcow_open function allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642).
- CVE-2015-7835: Uncontrolled creation of large page mappings by PV guests (bsc#950367).
- CVE-2015-7311: libxl in Xen did not properly handle the readonly flag on disks when using the qemu-xen device model, which allowed local guest users to write to a read-only disk image (bsc#947165).
- CVE-2015-5239: Integer overflow in vnc_client_read() and protocol_client_msg() (bsc#944463).
- CVE-2015-6815: With e1000 NIC emulation support it was possible to enter an infinite loop (bsc#944697).
- CVE-2015-7969: Leak of main per-domain vcpu pointer array leading to denial of service (bsc#950703).
- CVE-2015-7969: Leak of per-domain profiling- related vcpu pointer array leading to denial of service (bsc#950705).
- CVE-2015-7971: Some pmu and profiling hypercalls log without rate limiting (bsc#950706).
These non-security issues were fixed:
- bsc#907514: Bus fatal error: SLES 12 sudden reboot has been observed
- bsc#910258: SLES12 Xen host crashes with FATAL NMI after shutdown of guest with VT-d NIC
- bsc#918984: Bus fatal error: SLES11-SP4 sudden reboot has been observed
- bsc#923967: Partner-L3: Bus fatal error: SLES11-SP3 sudden reboot has been observed
- bnc#901488: Intel ixgbe driver assigns rx/tx queues per core resulting in irq problems on servers with a large amount of CPU cores
- bsc#945167: Running command: xl pci-assignable-add 03:10.1 secondly show errors
- bsc#949138: Setting vcpu affinity under Xen causes libvirtd abort
- bsc#949549: xm create hangs when maxmen value is enclosed in quotes
ImportantSUSE bug 877642SUSE bug 901488SUSE bug 907514SUSE bug 910258SUSE bug 918984SUSE bug 923967SUSE bug 932267SUSE bug 944463SUSE bug 944697SUSE bug 945167SUSE bug 947165SUSE bug 949138SUSE bug 949549SUSE bug 950367SUSE bug 950703SUSE bug 950705SUSE bug 950706CVE-2014-0222 at SUSECVE-2014-0222 at NVDCVE-2015-4037 at SUSECVE-2015-4037 at NVDCVE-2015-5239 at SUSECVE-2015-5239 at NVDCVE-2015-6815 at SUSECVE-2015-6815 at NVDCVE-2015-7311 at SUSECVE-2015-7311 at NVDCVE-2015-7835 at SUSECVE-2015-7835 at NVDCVE-2015-7969 at SUSECVE-2015-7969 at NVDCVE-2015-7971 at SUSECVE-2015-7971 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
xen was updated to fix 47 security issues.
These security issues were fixed:
- CVE-2013-4527: Buffer overflow in hw/timer/hpet.c might have allowed remote attackers to execute arbitrary code via vectors related to the number of timers (bnc#864673).
- CVE-2013-4529: Buffer overflow in hw/pci/pcie_aer.c allowed remote attackers to cause a denial of service and possibly execute arbitrary code via a large log_num value in a savevm image (bnc#864678).
- CVE-2013-4530: Buffer overflow in hw/ssi/pl022.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via crafted tx_fifo_head and rx_fifo_head values in a savevm image (bnc#864682).
- CVE-2013-4533: Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm image (bsc#864655).
- CVE-2013-4534: Buffer overflow in hw/intc/openpic.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via vectors related to IRQDest elements (bsc#864811).
- CVE-2013-4537: The ssi_sd_transfer function in hw/sd/ssi-sd.c allowed remote attackers to execute arbitrary code via a crafted arglen value in a savevm image (bsc#864391).
- CVE-2013-4538: Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c allowed remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image (bsc#864769).
- CVE-2013-4539: Multiple buffer overflows in the tsc210x_load function in hw/input/tsc210x.c might have allowed remote attackers to execute arbitrary code via a crafted (1) precision, (2) nextprecision, (3) function, or (4) nextfunction value in a savevm image (bsc#864805).
- CVE-2014-0222: Integer overflow in the qcow_open function in block/qcow.c allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642).
- CVE-2014-3640: The sosendto function in slirp/udp.c allowed local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket (bsc#897654).
- CVE-2014-3689: The vmware-vga driver (hw/display/vmware_vga.c) allowed local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling (bsc#901508).
- CVE-2014-7815: The set_pixel_format function in ui/vnc.c allowed remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value (bsc#902737).
- CVE-2014-9718: The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality had multiple interpretations of a function's return value, which allowed guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions (bsc#928393).
- CVE-2015-1779: The VNC websocket frame decoder allowed remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section (bsc#924018).
- CVE-2015-5278: Infinite loop in ne2000_receive() function (bsc#945989).
- CVE-2015-6855: hw/ide/core.c did not properly restrict the commands accepted by an ATAPI device, which allowed guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash (bsc#945404).
- CVE-2015-7512: Buffer overflow in the pcnet_receive function in hw/net/pcnet.c, when a guest NIC has a larger MTU, allowed remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet (bsc#957162).
- CVE-2015-7549: pci: NULL pointer dereference issue (bsc#958917).
- CVE-2015-8345: eepro100: infinite loop in processing command block list (bsc#956829).
- CVE-2015-8504: VNC: floating point exception (bsc#958491).
- CVE-2015-8550: Paravirtualized drivers were incautious about shared memory contents (XSA-155) (bsc#957988).
- CVE-2015-8554: qemu-dm buffer overrun in MSI-X handling (XSA-164) (bsc#958007).
- CVE-2015-8555: Information leak in legacy x86 FPU/XMM initialization (XSA-165) (bsc#958009).
- CVE-2015-8558: Infinite loop in ehci_advance_state resulted in DoS (bsc#959005).
- CVE-2015-8567: vmxnet3: host memory leakage (bsc#959387).
- CVE-2015-8568: vmxnet3: host memory leakage (bsc#959387).
- CVE-2015-8613: SCSI: stack based buffer overflow in megasas_ctrl_get_info (bsc#961358).
- CVE-2015-8619: Stack based OOB write in hmp_sendkey routine (bsc#960334).
- CVE-2015-8743: ne2000: OOB memory access in ioport r/w functions (bsc#960725).
- CVE-2015-8744: vmxnet3: Incorrect l2 header validation lead to a crash via assert(2) call (bsc#960835).
- CVE-2015-8745: Reading IMR registers lead to a crash via assert(2) call (bsc#960707).
- CVE-2015-8817: OOB access in address_space_rw lead to segmentation fault (I) (bsc#969121).
- CVE-2015-8818: OOB access in address_space_rw lead to segmentation fault (II) (bsc#969122).
- CVE-2016-1568: AHCI use-after-free vulnerability in aio port commands (bsc#961332).
- CVE-2016-1570: The PV superpage functionality in arch/x86/mm.c allowed local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1) MMUEXT_MARK_SUPER or (2) MMUEXT_UNMARK_SUPER sub-op in the HYPERVISOR_mmuext_op hypercall or (3) unknown vectors related to page table updates (bsc#960861).
- CVE-2016-1571: VMX: intercept issue with INVLPG on non-canonical address (XSA-168) (bsc#960862).
- CVE-2016-1714: nvram: OOB r/w access in processing firmware configurations (bsc#961691).
- CVE-2016-1922: NULL pointer dereference in vapic_write() (bsc#962320).
- CVE-2016-1981: e1000 infinite loop in start_xmit and e1000_receive_iov routines (bsc#963782).
- CVE-2016-2198: EHCI NULL pointer dereference in ehci_caps_write (bsc#964413).
- CVE-2016-2270: Xen allowed local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings (bsc#965315).
- CVE-2016-2271: VMX when using an Intel or Cyrix CPU, allowed local HVM guest users to cause a denial of service (guest crash) via vectors related to a non-canonical RIP (bsc#965317).
- CVE-2016-2391: usb: multiple eof_timers in ohci module lead to NULL pointer dereference (bsc#967013).
- CVE-2016-2392: NULL pointer dereference in remote NDIS control message handling (bsc#967012).
- CVE-2016-2538: Integer overflow in remote NDIS control message handling (bsc#967969).
- CVE-2016-2841: ne2000: Infinite loop in ne2000_receive (bsc#969350).
- XSA-166: ioreq handling possibly susceptible to multiple read issue (bsc#958523).
These non-security issues were fixed:
- bsc#954872: script block-dmmd not working as expected
- bsc#963923: domain weights not honored when sched-credit tslice is reduced
- bsc#959695: Missing docs for xen
- bsc#967630: Discrepancy in reported memory size with correction XSA-153 for xend
- bsc#959928: When DomU is in state running xm domstate returned nothing
ImportantSUSE bug 864391SUSE bug 864655SUSE bug 864673SUSE bug 864678SUSE bug 864682SUSE bug 864769SUSE bug 864805SUSE bug 864811SUSE bug 877642SUSE bug 897654SUSE bug 901508SUSE bug 902737SUSE bug 924018SUSE bug 928393SUSE bug 945404SUSE bug 945989SUSE bug 954872SUSE bug 956829SUSE bug 957162SUSE bug 957988SUSE bug 958007SUSE bug 958009SUSE bug 958491SUSE bug 958523SUSE bug 958917SUSE bug 959005SUSE bug 959387SUSE bug 959695SUSE bug 959928SUSE bug 960334SUSE bug 960707SUSE bug 960725SUSE bug 960835SUSE bug 960861SUSE bug 960862SUSE bug 961332SUSE bug 961358SUSE bug 961691SUSE bug 962320SUSE bug 963782SUSE bug 963923SUSE bug 964413SUSE bug 965315SUSE bug 965317SUSE bug 967012SUSE bug 967013SUSE bug 967630SUSE bug 967969SUSE bug 969121SUSE bug 969122SUSE bug 969350CVE-2013-4527 at SUSECVE-2013-4527 at NVDCVE-2013-4529 at SUSECVE-2013-4529 at NVDCVE-2013-4530 at SUSECVE-2013-4530 at NVDCVE-2013-4533 at SUSECVE-2013-4533 at NVDCVE-2013-4534 at SUSECVE-2013-4534 at NVDCVE-2013-4537 at SUSECVE-2013-4537 at NVDCVE-2013-4538 at SUSECVE-2013-4538 at NVDCVE-2013-4539 at SUSECVE-2013-4539 at NVDCVE-2014-0222 at SUSECVE-2014-0222 at NVDCVE-2014-3640 at SUSECVE-2014-3640 at NVDCVE-2014-3689 at SUSECVE-2014-3689 at NVDCVE-2014-7815 at SUSECVE-2014-7815 at NVDCVE-2014-9718 at SUSECVE-2014-9718 at NVDCVE-2015-1779 at SUSECVE-2015-1779 at NVDCVE-2015-5278 at SUSECVE-2015-5278 at NVDCVE-2015-6855 at SUSECVE-2015-6855 at NVDCVE-2015-7512 at SUSECVE-2015-7512 at NVDCVE-2015-7549 at SUSECVE-2015-7549 at NVDCVE-2015-8345 at SUSECVE-2015-8345 at NVDCVE-2015-8504 at SUSECVE-2015-8504 at NVDCVE-2015-8550 at SUSECVE-2015-8550 at NVDCVE-2015-8554 at SUSECVE-2015-8554 at NVDCVE-2015-8555 at SUSECVE-2015-8555 at NVDCVE-2015-8558 at SUSECVE-2015-8558 at NVDCVE-2015-8567 at SUSECVE-2015-8567 at NVDCVE-2015-8568 at SUSECVE-2015-8568 at NVDCVE-2015-8613 at SUSECVE-2015-8613 at NVDCVE-2015-8619 at SUSECVE-2015-8619 at NVDCVE-2015-8743 at SUSECVE-2015-8743 at NVDCVE-2015-8744 at SUSECVE-2015-8744 at NVDCVE-2015-8745 at SUSECVE-2015-8745 at NVDCVE-2015-8817 at SUSECVE-2015-8817 at NVDCVE-2015-8818 at SUSECVE-2015-8818 at NVDCVE-2016-1568 at SUSECVE-2016-1568 at NVDCVE-2016-1570 at SUSECVE-2016-1570 at NVDCVE-2016-1571 at SUSECVE-2016-1571 at NVDCVE-2016-1714 at SUSECVE-2016-1714 at NVDCVE-2016-1922 at SUSECVE-2016-1922 at NVDCVE-2016-1981 at SUSECVE-2016-1981 at NVDCVE-2016-2198 at SUSECVE-2016-2198 at NVDCVE-2016-2270 at SUSECVE-2016-2270 at NVDCVE-2016-2271 at SUSECVE-2016-2271 at NVDCVE-2016-2391 at SUSECVE-2016-2391 at NVDCVE-2016-2392 at SUSECVE-2016-2392 at NVDCVE-2016-2538 at SUSECVE-2016-2538 at NVDCVE-2016-2841 at SUSECVE-2016-2841 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xen fixes the several issues.
These security issues were fixed:
- CVE-2014-3672: The qemu implementation in libvirt Xen allowed local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr (bsc#981264).
- CVE-2016-3158: The xrstor function did not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allowed local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits (bsc#973188).
- CVE-2016-3159: The fpu_fxrstor function in arch/x86/i387.c did not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allowed local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits (bsc#973188).
- CVE-2016-3710: The VGA module improperly performed bounds checking on banked access to video memory, which allowed local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the 'Dark Portal' issue (bsc#978164).
- CVE-2016-3960: Integer overflow in the x86 shadow pagetable code allowed local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping (bsc#974038).
- CVE-2016-4001: Buffer overflow in the stellaris_enet_receive function, when the Stellaris ethernet controller is configured to accept large packets, allowed remote attackers to cause a denial of service (QEMU crash) via a large packet (bsc#975130).
- CVE-2016-4002: Buffer overflow in the mipsnet_receive function, when the guest NIC is configured to accept large packets, allowed remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes (bsc#975138).
- CVE-2016-4020: The patch_instruction function did not initialize the imm32 variable, which allowed local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR) (bsc#975907).
- CVE-2016-4037: The ehci_advance_state function in hw/usb/hcd-ehci.c allowed local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list (bsc#976111).
- CVE-2016-4439: The esp_reg_write function in the 53C9X Fast SCSI Controller (FSC) support did not properly check command buffer length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the host via unspecified vectors (bsc#980716).
- CVE-2016-4441: The get_cmd function in the 53C9X Fast SCSI Controller (FSC) support did not properly check DMA length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command (bsc#980724).
- CVE-2016-4453: The vmsvga_fifo_run function allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command (bsc#982225).
- CVE-2016-4454: The vmsvga_fifo_read_raw function allowed local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggered an out-of-bounds read (bsc#982224).
- CVE-2016-4952: Out-of-bounds access issue in pvsci_ring_init_msg/data routines (bsc#981276).
- CVE-2016-4962: The libxl device-handling allowed local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore (bsc#979620).
- CVE-2016-4963: The libxl device-handling allowed local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore (bsc#979670).
- CVE-2016-5105: Stack information leakage while reading configuration (bsc#982024).
- CVE-2016-5106: Out-of-bounds write while setting controller properties (bsc#982025).
- CVE-2016-5107: Out-of-bounds read in megasas_lookup_frame() function (bsc#982026).
- CVE-2016-5126: Heap-based buffer overflow in the iscsi_aio_ioctl function allowed local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call (bsc#982286).
- CVE-2016-5238: The get_cmd function in hw/scsi/esp.c might have allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode (bsc#982960).
- CVE-2016-5337: The megasas_ctrl_get_info function allowed local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information (bsc#983973).
- CVE-2016-5338: The (1) esp_reg_read and (2) esp_reg_write functions allowed local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the host via vectors related to the information transfer buffer (bsc#983984).
- CVE-2016-6258: Potential privilege escalation in PV guests (XSA-182) (bsc#988675).
- bsc#978295: x86 software guest page walk PS bit handling flaw (XSA-176)
- CVE-2016-5403: virtio: unbounded memory allocation on host via guest leading to DoS (XSA-184) (bsc#990923)
- CVE-2016-6351: scsi: esp: OOB write access in esp_do_dma (bsc#990843)
These non-security issues were fixed:
- bsc#954872: Script block-dmmd not working as expected - libxl: error: libxl_dm.c
- bsc#957986: Indirect descriptors are not compatible with Amazon block backend
- bsc#958848: HVM guest crash at /usr/src/packages/BUILD/xen-4.4.2-testing/obj/default/balloon/balloon.c:407
- bsc#961600: Poor performance when Xen HVM domU configured with max memory greater than current memory
- bsc#963161: Windows VM getting stuck during load while a VF is assigned to it after upgrading to latest maintenance updates
- bsc#964427: Discarding device blocks: failed - Input/output error
- bsc#976058: Xen error running simple HVM guest (Post Alpha 2 xen+qemu)
- bsc#982695: qemu fails to boot HVM guest from xvda
- bsc#986586: Out of memory (oom) during boot on 'modprobe xenblk' (non xen kernel)
- bsc#967630: Discrepancy in reported memory size with correction XSA-153 for xend. Additional memory adjustment made.
- bsc#974912: Persistent performance drop after live-migration using xend tool stack
- bsc#979035: Restore xm migrate fixes for bsc#955399/ bsc#955399
- bsc#989235: xen dom0 xm create command only searched /etc/xen instead of /etc/xen/vm
- Live Migration SLES 11 SP3 to SP4 on AMD: 'xc: error: Couldn't set extended vcpu0 info'
- bsc#985503: Fixed vif-route
- bsc#978413: PV guest upgrade from SLES11 SP4 to SLES 12 SP2 alpha3 failed
ImportantSUSE bug 954872SUSE bug 955399SUSE bug 957986SUSE bug 958848SUSE bug 961600SUSE bug 963161SUSE bug 964427SUSE bug 967630SUSE bug 973188SUSE bug 974038SUSE bug 974912SUSE bug 975130SUSE bug 975138SUSE bug 975907SUSE bug 976058SUSE bug 976111SUSE bug 978164SUSE bug 978295SUSE bug 978413SUSE bug 979035SUSE bug 979620SUSE bug 979670SUSE bug 980716SUSE bug 980724SUSE bug 981264SUSE bug 981276SUSE bug 982024SUSE bug 982025SUSE bug 982026SUSE bug 982224SUSE bug 982225SUSE bug 982286SUSE bug 982695SUSE bug 982960SUSE bug 983973SUSE bug 983984SUSE bug 985503SUSE bug 986586SUSE bug 988675SUSE bug 989235SUSE bug 990843SUSE bug 990923CVE-2014-3672 at SUSECVE-2014-3672 at NVDCVE-2016-3158 at SUSECVE-2016-3158 at NVDCVE-2016-3159 at SUSECVE-2016-3159 at NVDCVE-2016-3710 at SUSECVE-2016-3710 at NVDCVE-2016-3960 at SUSECVE-2016-3960 at NVDCVE-2016-4001 at SUSECVE-2016-4001 at NVDCVE-2016-4002 at SUSECVE-2016-4002 at NVDCVE-2016-4020 at SUSECVE-2016-4020 at NVDCVE-2016-4037 at SUSECVE-2016-4037 at NVDCVE-2016-4439 at SUSECVE-2016-4439 at NVDCVE-2016-4441 at SUSECVE-2016-4441 at NVDCVE-2016-4453 at SUSECVE-2016-4453 at NVDCVE-2016-4454 at SUSECVE-2016-4454 at NVDCVE-2016-4952 at SUSECVE-2016-4952 at NVDCVE-2016-4962 at SUSECVE-2016-4962 at NVDCVE-2016-4963 at SUSECVE-2016-4963 at NVDCVE-2016-5105 at SUSECVE-2016-5105 at NVDCVE-2016-5106 at SUSECVE-2016-5106 at NVDCVE-2016-5107 at SUSECVE-2016-5107 at NVDCVE-2016-5126 at SUSECVE-2016-5126 at NVDCVE-2016-5238 at SUSECVE-2016-5238 at NVDCVE-2016-5337 at SUSECVE-2016-5337 at NVDCVE-2016-5338 at SUSECVE-2016-5338 at NVDCVE-2016-5403 at SUSECVE-2016-5403 at NVDCVE-2016-6258 at SUSECVE-2016-6258 at NVDCVE-2016-6351 at SUSECVE-2016-6351 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2016-7092: The get_page_from_l3e function in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables (bsc#995785)
- CVE-2016-7093: Xen allowed local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation (bsc#995789)
- CVE-2016-7094: Buffer overflow in Xen allowed local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update (bsc#995792)
- CVE-2016-7154: Use-after-free vulnerability in the FIFO event channel code in Xen allowed local guest OS administrators to cause a denial of service (host crash) and possibly execute arbitrary code or obtain sensitive information via an invalid guest frame number (bsc#997731)
- CVE-2016-6836: VMWARE VMXNET3 NIC device allowed privileged user inside the guest to leak information. It occured while processing transmit(tx) queue, when it reaches the end of packet (bsc#994761)
- CVE-2016-6888: A integer overflow int the VMWARE VMXNET3 NIC device support, during the initialisation of new packets in the device, could have allowed a privileged user inside guest to crash the Qemu instance resulting in DoS (bsc#994772)
- CVE-2016-6833: A use-after-free issue in the VMWARE VMXNET3 NIC device support allowed privileged user inside guest to crash the Qemu instance resulting in DoS (bsc#994775)
- CVE-2016-6835: Buffer overflow in the VMWARE VMXNET3 NIC device support, causing an OOB read access (bsc#994625)
- CVE-2016-6834: A infinite loop during packet fragmentation in the VMWARE VMXNET3 NIC device support allowed privileged user inside guest to crash the Qemu instance resulting in DoS (bsc#994421)
- CVE-2016-6258: The PV pagetable code in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries (bsc#988675)
These non-security issues were fixed:
- bsc#993507: virsh detach-disk failing to detach disk
- bsc#991934: Xen hypervisor crash in csched_acct
- bsc#992224: During boot of Xen Hypervisor, Failed to get contiguous memory for DMA
- bsc#970135: New virtualization project clock test randomly fails on Xen
- bsc#994136: Unplug also SCSI disks in qemu-xen-traditional for upstream unplug protocol
- bsc#994136: xen_platform: unplug also SCSI disks in qemu-xen
- bsc#971949: xl: Support (by ignoring) xl migrate --live. xl migrations are always live
- bsc#990970: Add PMU support for Intel E7-8867 v4 (fam=6, model=79)
- bsc#966467: Live Migration SLES 11 SP3 to SP4 on AMD
ImportantSUSE bug 966467SUSE bug 970135SUSE bug 971949SUSE bug 988675SUSE bug 990970SUSE bug 991934SUSE bug 992224SUSE bug 993507SUSE bug 994136SUSE bug 994421SUSE bug 994625SUSE bug 994761SUSE bug 994772SUSE bug 994775SUSE bug 995785SUSE bug 995789SUSE bug 995792SUSE bug 997731CVE-2016-6258 at SUSECVE-2016-6258 at NVDCVE-2016-6833 at SUSECVE-2016-6833 at NVDCVE-2016-6834 at SUSECVE-2016-6834 at NVDCVE-2016-6835 at SUSECVE-2016-6835 at NVDCVE-2016-6836 at SUSECVE-2016-6836 at NVDCVE-2016-6888 at SUSECVE-2016-6888 at NVDCVE-2016-7092 at SUSECVE-2016-7092 at NVDCVE-2016-7093 at SUSECVE-2016-7093 at NVDCVE-2016-7094 at SUSECVE-2016-7094 at NVDCVE-2016-7154 at SUSECVE-2016-7154 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host (bsc#1011652)
- CVE-2016-9386: x86 null segments were not always treated as unusable allowing an unprivileged guest user program to elevate its privilege to that of the guest operating system. Exploit of this vulnerability is easy on Intel and more complicated on AMD (bsc#1009100)
- CVE-2016-9382: x86 task switch to VM86 mode was mis-handled, allowing a unprivileged guest process to escalate its privilege to that of the guest operating system on AMD hardware. On Intel hardware a malicious unprivileged guest process can crash the guest (bsc#1009103)
- CVE-2016-9385: x86 segment base write emulation lacked canonical address checks, allowing a malicious guest administrator to crash the host (bsc#1009104)
- CVE-2016-9383: The x86 64-bit bit test instruction emulation was broken, allowing a guest to modify arbitrary memory leading to arbitray code execution (bsc#1009107)
- CVE-2016-9381: Improper processing of shared rings allowing guest administrators take over the qemu process, elevating their privilege to that of the qemu process (bsc#1009109)
- CVE-2016-9380: Delimiter injection vulnerabilities in pygrub allowed guest administrators to obtain the contents of sensitive host files or delete the files (bsc#1009111)
- CVE-2016-9379: Delimiter injection vulnerabilities in pygrub allowed guest administrators to obtain the contents of sensitive host files or delete the files (bsc#1009111)
- CVE-2016-7777: Xen did not properly honor CR0.TS and CR0.EM, which allowed local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emulate it (bsc#1000106)
- CVE-2016-8910: The rtl8139_cplus_transmit function in hw/net/rtl8139.c allowed local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count (bsc#1007157)
- CVE-2016-8909: The intel_hda_xfer function in hw/audio/intel-hda.c allowed local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position (bsc#1007160)
- CVE-2016-8667: The rc4030_write function in hw/dma/rc4030.c in allowed local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large interval timer reload value (bsc#1005004)
- CVE-2016-8669: The serial_update_parameters function in hw/char/serial.c allowed local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base (bsc#1005005)
- CVE-2016-8576: The xhci_ring_fetch function in hw/usb/hcd-xhci.c allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request Blocks (TRB) to process (bsc#1004016)
- CVE-2016-7908: The mcf_fec_do_tx function in hw/net/mcf_fec.c did not properly limit the buffer descriptor count when transmitting packets, which allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags (bsc#1003030)
- CVE-2016-7909: The pcnet_rdra_addr function in hw/net/pcnet.c allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to 0 (bsc#1003032)
This non-security issue wasfixed:
- bsc#1000893: virsh setmem didn't allow to set current guest memory to max limit
This update also delivers man-pages-supplement since some of the man-pages in there
are now contained in the xen package itself.
ImportantSUSE bug 1000106SUSE bug 1000893SUSE bug 1003030SUSE bug 1003032SUSE bug 1004016SUSE bug 1005004SUSE bug 1005005SUSE bug 1007157SUSE bug 1007160SUSE bug 1009100SUSE bug 1009103SUSE bug 1009104SUSE bug 1009107SUSE bug 1009109SUSE bug 1009111SUSE bug 1011652CVE-2016-7777 at SUSECVE-2016-7777 at NVDCVE-2016-7908 at SUSECVE-2016-7908 at NVDCVE-2016-7909 at SUSECVE-2016-7909 at NVDCVE-2016-8576 at SUSECVE-2016-8576 at NVDCVE-2016-8667 at SUSECVE-2016-8667 at NVDCVE-2016-8669 at SUSECVE-2016-8669 at NVDCVE-2016-8909 at SUSECVE-2016-8909 at NVDCVE-2016-8910 at SUSECVE-2016-8910 at NVDCVE-2016-9379 at SUSECVE-2016-9379 at NVDCVE-2016-9380 at SUSECVE-2016-9380 at NVDCVE-2016-9381 at SUSECVE-2016-9381 at NVDCVE-2016-9382 at SUSECVE-2016-9382 at NVDCVE-2016-9383 at SUSECVE-2016-9383 at NVDCVE-2016-9385 at SUSECVE-2016-9385 at NVDCVE-2016-9386 at SUSECVE-2016-9386 at NVDCVE-2016-9637 at SUSECVE-2016-9637 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xen fixes the following issues:
- A Mishandling of SYSCALL singlestep during emulation which could
have lead to privilege escalation. (XSA-204, bsc#1016340, CVE-2016-10013)
- CMPXCHG8B emulation failed to ignore operand size override which could have
lead to information disclosure. (XSA-200, bsc#1012651, CVE-2016-9932)
- PV guests may have been able to mask interrupts causing a Denial of Service.
(XSA-202, bsc#1014298, CVE-2016-10024)
ImportantSUSE bug 1012651SUSE bug 1014298SUSE bug 1016340CVE-2016-10013 at SUSECVE-2016-10013 at NVDCVE-2016-10024 at SUSECVE-2016-10024 at NVDCVE-2016-9932 at SUSECVE-2016-9932 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2017-5973: A infinite loop while doing control transfer in xhci_kick_epctx allowed privileged user inside the guest to crash the host process resulting in DoS (bsc#1025188)
- CVE-2016-10155: The virtual hardware watchdog 'wdt_i6300esb' was vulnerable to a memory leakage issue allowing a privileged user to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1024183)
- CVE-2017-2620: In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine cirrus_bitblt_cputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation (bsc#1024834)
- CVE-2017-5856: The MegaRAID SAS 8708EM2 Host Bus Adapter emulation support was vulnerable to a memory leakage issue allowing a privileged user to leak host memory resulting in DoS (bsc#1024186)
- CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow flaw allowing a privileged user to crash the Qemu process on the host resulting in DoS (bsc#1024307)
- CVE-2017-2615: An error in the bitblt copy operation could have allowed a malicious guest administrator to cause an out of bounds memory access, possibly leading to information disclosure or privilege escalation (bsc#1023004)
- CVE-2014-8106: A heap-based buffer overflow in the Cirrus VGA emulator allowed local guest users to execute arbitrary code via vectors related to blit regions (bsc#907805)
- CVE-2017-5579: The 16550A UART serial device emulation support was vulnerable to a memory leakage issue allowing a privileged user to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1022627)
- CVE-2016-9907: The USB redirector usb-guest support was vulnerable to a memory leakage flaw when destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could have used this issue to leak host memory, resulting in DoS for a host (bsc#1014490)
- CVE-2016-9911: The USB EHCI Emulation support was vulnerable to a memory leakage issue while processing packet data in 'ehci_init_transfer'. A guest user/process could have used this issue to leak host memory, resulting in DoS for the host (bsc#1014507)
- CVE-2016-9921: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1015169)
- CVE-2016-9922: The Cirrus CLGD 54xx VGA Emulator support was vulnerable to a divide by zero issue while copying VGA data. A privileged user inside guest could have used this flaw to crash the process instance on the host, resulting in DoS (bsc#1015169)
- CVE-2016-9101: A memory leak in hw/net/eepro100.c allowed local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device (bsc#1013668)
- CVE-2016-9776: The ColdFire Fast Ethernet Controller emulator support was vulnerable to an infinite loop issue while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could have used this issue to crash the Qemu process on the host leading to DoS (bsc#1013657)
- A malicious guest could have, by frequently rebooting over extended periods of time, run the host system out of memory, resulting in a Denial of Service (DoS) (bsc#1022871)
These non-security issues were fixed:
- bsc#1000195: Prevent panic on CPU0 while booting on SLES 11 SP3
- bsc#1002496: Added support for reloading clvm in block-dmmd block-dmmd
- bsc#987002: Prevent crash of domU' after they were migrated from SP3 HV to SP4
ImportantSUSE bug 1000195SUSE bug 1002496SUSE bug 1013657SUSE bug 1013668SUSE bug 1014490SUSE bug 1014507SUSE bug 1015169SUSE bug 1016340SUSE bug 1022627SUSE bug 1022871SUSE bug 1023004SUSE bug 1024183SUSE bug 1024186SUSE bug 1024307SUSE bug 1024834SUSE bug 1025188SUSE bug 907805SUSE bug 987002CVE-2014-8106 at SUSECVE-2014-8106 at NVDCVE-2016-10155 at SUSECVE-2016-10155 at NVDCVE-2016-9101 at SUSECVE-2016-9101 at NVDCVE-2016-9776 at SUSECVE-2016-9776 at NVDCVE-2016-9907 at SUSECVE-2016-9907 at NVDCVE-2016-9911 at SUSECVE-2016-9911 at NVDCVE-2016-9921 at SUSECVE-2016-9921 at NVDCVE-2016-9922 at SUSECVE-2016-9922 at NVDCVE-2017-2615 at SUSECVE-2017-2615 at NVDCVE-2017-2620 at SUSECVE-2017-2620 at NVDCVE-2017-5579 at SUSECVE-2017-5579 at NVDCVE-2017-5856 at SUSECVE-2017-5856 at NVDCVE-2017-5898 at SUSECVE-2017-5898 at NVDCVE-2017-5973 at SUSECVE-2017-5973 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xen fixes the following issues:
These security issues were fixed:
- CVE-2017-7228: Broken check in memory_exchange() permited PV guest breakout (bsc#1030442).
- XSA-206: Unprivileged guests issuing writes to xenstore were able to stall progress of the control domain or driver domain, possibly leading to a Denial of Service (DoS) of the entire host (bsc#1030144).
- CVE-2016-9603: A privileged user within the guest VM can cause a heap overflow in the device model process, potentially escalating their privileges to that of the device model process (bsc#1028655).
- CVE-2017-6414: Memory leak in the vcard_apdu_new function in card_7816.c in libcacard allowed local guest OS users to cause a denial of service (host memory consumption) via vectors related to allocating a new APDU object (bsc#1027570).
- CVE-2017-6505: The ohci_service_ed_list function in hw/usb/hcd-ohci.c allowed local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors (bsc#1028235).
- CVE-2017-2633: The VNC display driver support was vulnerable to an out-of-bounds memory access issue. A user/process inside guest could use this flaw to cause DoS (bsc#1026636).
These non-security issues were fixed:
- bsc#1022555: Timeout in 'execution of /etc/xen/scripts/block add'
- bsc#1029827: Forward port xenstored
ImportantSUSE bug 1022555SUSE bug 1026636SUSE bug 1027519SUSE bug 1027570SUSE bug 1028235SUSE bug 1028655SUSE bug 1029827SUSE bug 1030144SUSE bug 1030442CVE-2016-9603 at SUSECVE-2016-9603 at NVDCVE-2017-2633 at SUSECVE-2017-2633 at NVDCVE-2017-6414 at SUSECVE-2017-6414 at NVDCVE-2017-6505 at SUSECVE-2017-6505 at NVDCVE-2017-7228 at SUSECVE-2017-7228 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xen fixes several issues.
These security issues were fixed:
- A malicious 64-bit PV guest may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks by placing a IRET hypercall in the middle of a multicall batch (XSA-213, bsc#1034843)
- A malicious pair of guests may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks because of a missing check when transfering pages via GNTTABOP_transfer (XSA-214, bsc#1034844).
- CVE-2017-7718: hw/display/cirrus_vga_rop.h allowed local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions (bsc#1034994).
- CVE-2016-9603: A privileged user within the guest VM could have caused a heap overflow in the device model process, potentially escalating their privileges to that of the device model process (bsc#1028655)
These non-security issues were fixed:
- bsc#1029827: Additional xenstore patch
ImportantSUSE bug 1028655SUSE bug 1029827SUSE bug 1030144SUSE bug 1034843SUSE bug 1034844SUSE bug 1034845SUSE bug 1034994SUSE bug 1035483CVE-2016-9603 at SUSECVE-2016-9603 at NVDCVE-2017-7718 at SUSECVE-2017-7718 at NVDCVE-2017-7980 at SUSECVE-2017-7980 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xen fixes several issues.
These security issues were fixed:
- blkif responses leaked backend stack data, which allowed unprivileged guest to obtain sensitive information from the host or other guests (XSA-216, bsc#1042863)
- Page transfer might have allowed PV guest to elevate privilege (XSA-217, bsc#1042882)
- Races in the grant table unmap code allowed for informations leaks and potentially privilege escalation (XSA-218, bsc#1042893)
- Insufficient reference counts during shadow emulation allowed a malicious pair of guest to elevate their privileges to the privileges that XEN runs under (XSA-219, bsc#1042915)
- Stale P2M mappings due to insufficient error checking allowed malicious guest to leak information or elevate privileges (XSA-222, bsc#1042931)
- Grant table operations mishandled reference counts allowing malicious guests to escape (XSA-224, bsc#1042938)
- CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value (bsc#1042160)
- CVE-2017-8309: Memory leak in the audio/audio.c allowed remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture (bsc#1037243)
- CVE-2017-8905: Xen a failsafe callback, which might have allowed PV guest OS users to execute arbitrary code on the host OS (XSA-215, bsc#1034845).
- CVE-2017-9503: The MegaRAID SAS 8708EM2 Host Bus Adapter emulation support was vulnerable to a null pointer dereference issue which allowed a privileged user inside guest to crash the Qemu process on the host resulting in DoS (bsc#1043297)
- CVE-2017-9374: Missing free of 's->ipacket', causes a host memory leak, allowing for DoS (bsc#1043074)
- CVE-2017-8112: hw/scsi/vmw_pvscsi.c allowed local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count (bsc#1036470)
- Missing NULL pointer check in event channel poll allows guests to DoS the host (XSA-221, bsc#1042924)
These non-security issues were fixed:
- bsc#1032148: Ensure that time doesn't goes backwards during live migration of HVM domU
- bsc#1031460: Fixed DomU Live Migration
- bsc#1014136: Fixed kdump SLES12-SP2
- bsc#1026236: Equalized paravirtualized vs. fully virtualized migration speed
ImportantSUSE bug 1014136SUSE bug 1026236SUSE bug 1027519SUSE bug 1031460SUSE bug 1032148SUSE bug 1034845SUSE bug 1036470SUSE bug 1037243SUSE bug 1042160SUSE bug 1042863SUSE bug 1042882SUSE bug 1042893SUSE bug 1042915SUSE bug 1042924SUSE bug 1042931SUSE bug 1042938SUSE bug 1043074SUSE bug 1043297CVE-2017-8112 at SUSECVE-2017-8112 at NVDCVE-2017-8309 at SUSECVE-2017-8309 at NVDCVE-2017-8905 at SUSECVE-2017-8905 at NVDCVE-2017-9330 at SUSECVE-2017-9330 at NVDCVE-2017-9374 at SUSECVE-2017-9374 at NVDCVE-2017-9503 at SUSECVE-2017-9503 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious
guest to crash the host or potentially escalate privileges/leak information
(XSA-226, bsc#1051787).
- CVE-2017-12137: Incorrectly-aligned updates to pagetables allowed for
privilege escalation (XSA-227, bsc#1051788).
- CVE-2017-11334: The address_space_write_continue function in exec.c allowed
local guest OS privileged users to cause a denial of service (out-of-bounds
access and guest instance crash) by leveraging use of qemu_map_ram_ptr to
access guest ram block area (bsc#1048920).
- CVE-2017-11434: The dhcp_decode function in slirp/bootp.c allowed local guest
OS users to cause a denial of service (out-of-bounds read) via a crafted DHCP
options string (bsc#1049578).
- CVE-2017-10806: Stack-based buffer overflow in hw/usb/redirect.c allowed
local guest OS users to cause a denial of service via vectors related to
logging debug messages (bsc#1047675).
- CVE-2017-10664: qemu-nbd did not ignore SIGPIPE, which allowed remote
attackers to cause a denial of service (daemon crash) by disconnecting during
a server-to-client reply attempt (bsc#1046637).
- CVE-2017-12855: Premature clearing of GTF_writing / GTF_reading lead to
potentially leaking sensitive information (XSA-230, bsc#1052686).
- CVE-2017-14316: Missing bound check in function `alloc_heap_pages` for an
internal array allowed attackers using crafted hypercalls to execute
arbitrary code within Xen (XSA-231, bsc#1056278)
- CVE-2017-14317: A race in cxenstored may have cause a double-free allowind for
DoS of the xenstored daemon (XSA-233, bsc#1056281).
- CVE-2017-14319: An error while handling grant mappings allowed malicious or
buggy x86 PV guest to escalate its privileges or crash the hypervisor (XSA-234,
bsc#1056282).
This non-security issue was fixed:
- bsc#1032598: Prevent removal of NVME devices
- bsc#1037413: Support for newer intel cpu's, mwait-idle driver and skylake
ImportantSUSE bug 1027519SUSE bug 1032598SUSE bug 1037413SUSE bug 1046637SUSE bug 1047675SUSE bug 1048920SUSE bug 1049578SUSE bug 1051787SUSE bug 1051788SUSE bug 1052686SUSE bug 1056278SUSE bug 1056281SUSE bug 1056282CVE-2017-10664 at SUSECVE-2017-10664 at NVDCVE-2017-10806 at SUSECVE-2017-10806 at NVDCVE-2017-11334 at SUSECVE-2017-11334 at NVDCVE-2017-11434 at SUSECVE-2017-11434 at NVDCVE-2017-12135 at SUSECVE-2017-12135 at NVDCVE-2017-12137 at SUSECVE-2017-12137 at NVDCVE-2017-12855 at SUSECVE-2017-12855 at NVDCVE-2017-14316 at SUSECVE-2017-14316 at NVDCVE-2017-14317 at SUSECVE-2017-14317 at NVDCVE-2017-14319 at SUSECVE-2017-14319 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xen fixes several issues:
These security issues were fixed:
- CVE-2017-5526: The ES1370 audio device emulation support was vulnerable to a
memory leakage issue allowing a privileged user inside the guest to cause a DoS
and/or potentially crash the Qemu process on the host (bsc#1059777)
- CVE-2017-15593: Missing cleanup in the page type system allowed a malicious or
buggy PV guest to cause DoS (XSA-242 bsc#1061084)
- CVE-2017-15592: A problem in the shadow pagetable code allowed a malicious or
buggy HVM guest to cause DoS or cause hypervisor memory corruption potentially
allowing the guest to escalate its privilege (XSA-243 bsc#1061086)
- CVE-2017-15594: Problematic handling of the selector fields in the Interrupt
Descriptor Table (IDT) allowed a malicious or buggy x86 PV guest to escalate
its privileges or cause DoS (XSA-244 bsc#1061087)
- CVE-2017-15589: Intercepted I/O write operations with less than a full machine
word's worth of data were not properly handled, which allowed a malicious
unprivileged x86 HVM guest to obtain sensitive information from the host or
other guests (XSA-239 bsc#1061080)
- CVE-2017-15595: In certain configurations of linear page tables a stack overflow
might have occured that allowed a malicious or buggy PV guest to cause DoS and
potentially privilege escalation and information leaks (XSA-240 bsc#1061081)
- CVE-2017-15588: Under certain conditions x86 PV guests could have caused the
hypervisor to miss a necessary TLB flush for a page. This allowed a malicious
x86 PV guest to access all of system memory, allowing for privilege escalation,
DoS, and information leaks (XSA-241 bsc#1061082)
- CVE-2017-15590: Multiple issues existed with the setup of PCI MSI interrupts
that allowed a malicious or buggy guest to cause DoS and potentially privilege
escalation and information leaks (XSA-237 bsc#1061076)
ImportantSUSE bug 1027519SUSE bug 1059777SUSE bug 1061076SUSE bug 1061080SUSE bug 1061081SUSE bug 1061082SUSE bug 1061084SUSE bug 1061086SUSE bug 1061087CVE-2017-15588 at SUSECVE-2017-15588 at NVDCVE-2017-15589 at SUSECVE-2017-15589 at NVDCVE-2017-15590 at SUSECVE-2017-15590 at NVDCVE-2017-15592 at SUSECVE-2017-15592 at NVDCVE-2017-15593 at SUSECVE-2017-15593 at NVDCVE-2017-15594 at SUSECVE-2017-15594 at NVDCVE-2017-15595 at SUSECVE-2017-15595 at NVDCVE-2017-5526 at SUSECVE-2017-5526 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xen fixes several issues.
These security issues were fixed:
- bsc#1068187: Failure to recognize errors in the Populate on Demand (PoD) code
allowed for DoS (XSA-246)
- bsc#1068191: Missing p2m error checking in PoD code allowed unprivileged guests
to retain a writable mapping of freed memory leading to information leaks,
privilege escalation or DoS (XSA-247).
- CVE-2017-15289: The mode4and5 write functions allowed local OS guest privileged
users to cause a denial of service (out-of-bounds write access and Qemu process
crash) via vectors related to dst calculation (bsc#1063123)
- CVE-2017-15597: A grant copy operation being done on a grant of a dying domain
allowed a malicious guest administrator to corrupt hypervisor memory, allowing
for DoS or potentially privilege escalation and information leaks (bsc#1061075).
- CVE-2017-15595: x86 PV guest OS users were able to cause a DoS (unbounded
recursion, stack consumption, and hypervisor crash) or possibly gain privileges
via crafted page-table stacking (bsc#1061081).
- CVE-2017-15592: x86 HVM guest OS users were able to cause a DoS (hypervisor
crash) or possibly gain privileges because self-linear shadow mappings were
mishandled for translated guests (bsc#1061086).
- CVE-2017-13672: The VGA display emulator support allowed local guest OS
privileged users to cause a denial of service (out-of-bounds read and QEMU
process crash) via vectors involving display update (bsc#1056336)
This non-security issue was fixed:
- bsc#1055047: Fixed --initrd-inject option in virt-install
ImportantSUSE bug 1055047SUSE bug 1056336SUSE bug 1061075SUSE bug 1061081SUSE bug 1061086SUSE bug 1063123SUSE bug 1068187SUSE bug 1068191CVE-2017-13672 at SUSECVE-2017-13672 at NVDCVE-2017-15289 at SUSECVE-2017-15289 at NVDCVE-2017-15592 at SUSECVE-2017-15592 at NVDCVE-2017-15595 at SUSECVE-2017-15595 at NVDCVE-2017-15597 at SUSECVE-2017-15597 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xen fixes several issues.
This new feature was included:
- add script and sysv service to watch for vcpu online/offline events in a HVM domU
These security issues were fixed:
- CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via
side effects of speculative execution, aka 'Spectre' and 'Meltdown' attacks
(bsc#1074562, bsc#1068032)
- CVE-2018-5683: The vga_draw_text function allowed local OS guest privileged
users to cause a denial of service (out-of-bounds read and QEMU process crash)
by leveraging improper memory address validation (bsc#1076116).
- CVE-2017-18030: The cirrus_invalidate_region function allowed local OS guest
privileged users to cause a denial of service (out-of-bounds array access and
QEMU process crash) via vectors related to negative pitch (bsc#1076180).
- CVE-2017-15595: x86 PV guest OS users were able to cause a DoS (unbounded
recursion, stack consumption, and hypervisor crash) or possibly gain privileges
via crafted page-table stacking (bsc#1061081)
- CVE-2017-17566: Prevent PV guest OS users to cause a denial of service (host
OS crash) or gain host OS privileges in shadow mode by mapping a certain
auxiliary page (bsc#1070158).
- CVE-2017-17563: Prevent guest OS users to cause a denial of service (host OS
crash) or gain host OS privileges by leveraging an incorrect mask for
reference-count overflow checking in shadow mode (bsc#1070159).
- CVE-2017-17564: Prevent guest OS users to cause a denial of service (host OS
crash) or gain host OS privileges by leveraging incorrect error handling for
reference counting in shadow mode (bsc#1070160).
- CVE-2017-17565: Prevent PV guest OS users to cause a denial of service (host
OS crash) if shadow mode and log-dirty mode are in place, because of an
incorrect assertion related to M2P (bsc#1070163).
- Added missing intermediate preemption checks for guest requesting removal of
memory. This allowed malicious guest administrator to cause denial of service
due to the high cost of this operation (bsc#1080635).
- Because of XEN not returning the proper error messages when transitioning
grant tables from v2 to v1 a malicious guest was able to cause DoS or
potentially allowed for privilege escalation as well as information leaks
(bsc#1080662).
These non-security issues were fixed:
- bsc#1035442: Increased the value of LIBXL_DESTROY_TIMEOUT from 10 to 100
seconds. If many domUs shutdown in parallel the backends couldn't keep up
- bsc#1031382: Prevent VMs from crashing when migrating between dom0 hosts in
case read() returns zero on the receiver side.
ImportantSUSE bug 1027519SUSE bug 1031382SUSE bug 1035442SUSE bug 1061081SUSE bug 1068032SUSE bug 1070158SUSE bug 1070159SUSE bug 1070160SUSE bug 1070163SUSE bug 1074562SUSE bug 1076116SUSE bug 1076180SUSE bug 1080635SUSE bug 1080662CVE-2017-15595 at SUSECVE-2017-15595 at NVDCVE-2017-17563 at SUSECVE-2017-17563 at NVDCVE-2017-17564 at SUSECVE-2017-17564 at NVDCVE-2017-17565 at SUSECVE-2017-17565 at NVDCVE-2017-17566 at SUSECVE-2017-17566 at NVDCVE-2017-18030 at SUSECVE-2017-18030 at NVDCVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5753 at SUSECVE-2017-5753 at NVDCVE-2017-5754 at SUSECVE-2017-5754 at NVDCVE-2018-5683 at SUSECVE-2018-5683 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2018-8897: Prevent mishandling of debug exceptions on x86 (XSA-260, bsc#1090820)
- Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy
HVM guests from causing a hypervisor crash or potentially privilege
escalation/information leaks (XSA-261, bsc#1090822)
- Prevent unbounded loop, induced by qemu allowing an attacker to permanently
keep a physical CPU core busy (XSA-262, bsc#1090823)
- CVE-2018-10472: x86 HVM guest OS users (in certain configurations) were able
to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction
with specifying the target file as the backing file of a snapshot
(bsc#1089152).
- CVE-2018-10471: x86 PV guest OS users were able to cause a denial of service
(out-of-bounds zero write and hypervisor crash) via unexpected INT 80
processing, because of an incorrect fix for CVE-2017-5754 (bsc#1089635).
- CVE-2018-7550: The load_multiboot function allowed local guest OS users to
execute arbitrary code on the host via a mh_load_end_addr value greater than
mh_bss_end_addr, which triggers an out-of-bounds read or write memory access
(bsc#1083292).
These non-security issues were fixed:
- bsc#1072834: Prevent unchecked MSR access error
- bsc#1035442: Increase the value of LIBXL_DESTROY_TIMEOUT from 10 to 100
seconds, allowing for more domUs to be shutdown in parallel
- bsc#1057493: Prevent DomU crash
ImportantSUSE bug 1027519SUSE bug 1035442SUSE bug 1057493SUSE bug 1072834SUSE bug 1083292SUSE bug 1086107SUSE bug 1089152SUSE bug 1089635SUSE bug 1090820SUSE bug 1090822SUSE bug 1090823CVE-2018-10471 at SUSECVE-2018-10471 at NVDCVE-2018-10472 at SUSECVE-2018-10472 at NVDCVE-2018-7550 at SUSECVE-2018-7550 at NVDCVE-2018-8897 at SUSECVE-2018-8897 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xen fixes several issues.
These security issues were fixed:
- CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4 (bsc#1092631).
- CVE-2017-5753,CVE-2017-5715,CVE-2017-5754: Improved Spectre v2 mitigations (bsc#1074562).
bsc#1027519
ImportantSUSE bug 1027519SUSE bug 1074562SUSE bug 1092631CVE-2017-5715 at SUSECVE-2017-5715 at NVDCVE-2017-5753 at SUSECVE-2017-5753 at NVDCVE-2017-5754 at SUSECVE-2017-5754 at NVDCVE-2018-3639 at SUSECVE-2018-3639 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xen fixes the following issues:
Security issues fixed:
- CVE-2018-12617: Fix integer overflow that causes segmentation fault in qmp_guest_file_read() with g_malloc() (bsc#1098744).
- CVE-2018-3665: Fix Lazy FP Save/Restore issue (XSA-267) (bsc#1095242).
- CVE-2018-11806: Fix heap buffer overflow while reassembling fragmented datagrams (bsc#1096224).
- CVE-2018-12891: Fix possible Denial of Service (DoS) via certain PV MMU operations that affect the entire host (XSA-264) (bsc#1097521).
- CVE-2018-12893: Fix crash/Denial of Service (DoS) via safety check (XSA-265) (bsc#1097522).
Bug fixes:
- bsc#1079730: Fix failed 'write' lock.
- bsc#1027519: Add upstream patches from January.
ModerateSUSE bug 1027519SUSE bug 1079730SUSE bug 1095242SUSE bug 1096224SUSE bug 1097521SUSE bug 1097522SUSE bug 1098744CVE-2018-11806 at SUSECVE-2018-11806 at NVDCVE-2018-12617 at SUSECVE-2018-12617 at NVDCVE-2018-12891 at SUSECVE-2018-12891 at NVDCVE-2018-12893 at SUSECVE-2018-12893 at NVDCVE-2018-3665 at SUSECVE-2018-3665 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xen fixes the following issues:
This security issue was fixed:
- CVE-2018-3646: Systems with microprocessors utilizing speculative execution
and address translations may have allowed unauthorized disclosure of
information residing in the L1 data cache to an attacker with local user access
with guest OS privilege via a terminal page fault and a side-channel analysis
(bsc#1091107, bsc#1027519).
These non-security issues were fixed:
- bsc#1102116: SSBD is not virtualized for guests
- bsc#1092631: Preserve the xl dmesg output after boot for determining what speculative mitigations have been detected by the hypervisor.
- bsc#1101684: Make xen able to disable the visibility of the new CPU flags.
ImportantSUSE bug 1027519SUSE bug 1091107SUSE bug 1092631SUSE bug 1101684SUSE bug 1102116CVE-2018-3646 at SUSECVE-2018-3646 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xen fixes the following issues:
Security vulnerabilities fixed:
- CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB
flushing with AMD IOMMUs, which potentially allowed a guest to escalate its
privileges, may cause a Denial of Service (DoS) affecting the entire host, or
may be able to access data it is not supposed to access. (XSA-275)
(bsc#1115040)
- CVE-2018-19965: Fixed an issue related to the INVPCID instruction in case
non-canonical addresses are accessed, which may allow a guest to cause Xen to
crash, resulting in a Denial of Service (DoS) affecting the entire host.
(XSA-279) (bsc#1115045)
- CVE-2018-19966: Fixed an issue related to a previous fix for XSA-240, which
conflicted with shadow paging and allowed a guest to cause Xen to crash,
resulting in a Denial of Service (DoS) (XSA-280) (bsc#1115047)
- CVE-2018-19967: Fixed HLE constructs that allowed guests to lock up the host,
resulting in a Denial of Service (DoS). (XSA-282) (bsc#1114988)
- CVE-2018-19665: Fixed an integer overflow resulting in memory corruption in
various Bluetooth functions, allowing this to crash qemu process resulting in
Denial of Service (DoS). (bsc#1117756).
- CVE-2018-18849: Fixed an out of bounds memory access in the LSI53C895A SCSI
host bus adapter emulation, which allowed a user and/or process to crash the
qemu process resulting in a Denial of Service (DoS). (bsc#1114423)
- Fixed an integer overflow in ccid_card_vscard_read(), which allowed for
memory corruption. (bsc#1112188)
- CVE-2017-13672: Fixed an out of bounds read access during display update
(bsc#1056336)
- CVE-2018-17958: Fixed an integer overflow leading to a buffer overflow in the
rtl8139 component (bsc#1111007)
- CVE-2018-17962: Fixed an integer overflow leading to a buffer overflow in the
pcnet component (bsc#1111011)
- CVE-2018-17963: Fixed an integer overflow in relation to large packet sizes,
leading to a denial of service (DoS). (bsc#1111014)
- CVE-2018-10839: Fixed an integer overflow leading to a buffer overflow in
the ne2000 component (bsc#1110924)
Other bugs fixed:
- Fixed an issue related to a domU hang on SLE12-SP3 HV (bsc#1108940)
- Upstream bug fixes (bsc#1027519)
- Fixed crashing VMs when migrating between dom0 hosts (bsc#1031382)
- Fixed an issue with xpti=no-dom0 not working as expected (bsc#1105528)
ImportantSUSE bug 1027519SUSE bug 1031382SUSE bug 1056336SUSE bug 1105528SUSE bug 1108940SUSE bug 1110924SUSE bug 1111007SUSE bug 1111011SUSE bug 1111014SUSE bug 1112188SUSE bug 1114423SUSE bug 1114988SUSE bug 1115040SUSE bug 1115045SUSE bug 1115047SUSE bug 1117756CVE-2017-13672 at SUSECVE-2017-13672 at NVDCVE-2018-10839 at SUSECVE-2018-10839 at NVDCVE-2018-17958 at SUSECVE-2018-17958 at NVDCVE-2018-17962 at SUSECVE-2018-17962 at NVDCVE-2018-17963 at SUSECVE-2018-17963 at NVDCVE-2018-18438 at SUSECVE-2018-18438 at NVDCVE-2018-18849 at SUSECVE-2018-18849 at NVDCVE-2018-19665 at SUSECVE-2018-19665 at NVDCVE-2018-19961 at SUSECVE-2018-19961 at NVDCVE-2018-19962 at SUSECVE-2018-19962 at NVDCVE-2018-19965 at SUSECVE-2018-19965 at NVDCVE-2018-19966 at SUSECVE-2018-19966 at NVDCVE-2018-19967 at SUSECVE-2018-19967 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xen fixes the following issues:
Security issues fixed:
- Fixed multiple access violations introduced by XENMEM_exchange hypercall which could allow
a single PV guest to leak arbitrary amounts of memory, leading to a denial of service (bsc#1126192).
- Fixed an issue which could allow a malicious unprivileged guest userspace process to escalate its privilege
to that of other userspace processes in the same guest and potentially thereby to that
of the guest operating system (bsc#1126201).
- Fixed an issue which could allow an untrusted PV domain with access to a physical device to DMA into its own
pagetables leading to privilege escalation (bsc#1126195).
- Fixed an issue which could allow a malicious or buggy x86 PV guest kernels can mount a Denial of Service
attack affecting the whole system (bsc#1126196).
- CVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() found in slirp (bsc#1123157).
- Fixed an issue which could allow malicious PV guests may cause a host crash or
gain access to data pertaining to other guests.Additionally, vulnerable configurations
are likely to be unstable even in the absence of an attack (bsc#1126198).
- Fixed an issue which could allow malicious 64bit PV guests to cause a host crash (bsc#1127400).
- Fixed an issue which could allow malicious or buggy guests with passed through PCI devices to be able to
escalate their privileges, crash the host, or access data belonging to other guests. Additionally memory
leaks were also possible (bsc#1126140).
- Fixed a race condition issue which could allow malicious PV guests to escalate their privilege to that
of the hypervisor (bsc#1126141).
- CVE-2019-9824: Fixed an information leak in SLiRP networking implementation which could allow a user/process
to read uninitialised stack memory contents (bsc#1129623).
Other issues fixed:
- Fixed an issue where VMs crashing when migrating between dom0 hosts (bsc#1031382).
- Upstream bug fixes (bsc#1027519)
ImportantSUSE bug 1027519SUSE bug 1031382SUSE bug 1123157SUSE bug 1126140SUSE bug 1126141SUSE bug 1126192SUSE bug 1126195SUSE bug 1126196SUSE bug 1126198SUSE bug 1126201SUSE bug 1127400SUSE bug 1129623CVE-2019-6778 at SUSECVE-2019-6778 at NVDCVE-2019-9824 at SUSECVE-2019-9824 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xen fixes the following issues:
Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)
- CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)
- CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)
- CVE-2018-12130: Microarchitectural Load Port Data Sampling (MLPDS)
- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
These updates contain the XEN Hypervisor adjustments, that additionally also use CPU Microcode updates.
The mitigation can be controlled via the 'mds' commandline option, see the documentation.
For more information on this set of vulnerabilities, check out https://www.suse.com/support/kb/doc/?id=7023736
Other fixes:
- CVE-2018-20815: Fixed a heap buffer overflow while loading device tree blob (bsc#1130680).
- Added upstream bug fix (bsc#1027519).
ImportantSUSE bug 1027519SUSE bug 1111331SUSE bug 1130680CVE-2018-12126 at SUSECVE-2018-12126 at NVDCVE-2018-12127 at SUSECVE-2018-12127 at NVDCVE-2018-12130 at SUSECVE-2018-12130 at NVDCVE-2018-20815 at SUSECVE-2018-20815 at NVDCVE-2019-11091 at SUSECVE-2019-11091 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xen fixes the following issues:
- CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator
which could have led to Denial of Service (bsc#1149813).
- CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite loop and denial of
service (bsc#1146874).
- CVE-2019-14378: Fixed a heap buffer overflow in SLiRp networking implementation of QEMU
emulator which could have led to execution of arbitrary code with privileges of the
QEMU process (bsc#1143797).
- CVE-2019-12067: Fixed a null pointer dereference which could have led to denial of service (bsc#1145652).
- CVE-2019-12155: Fixed a null pointer dereference in QXL VGA card emulator of QEMU which
could have led to denial of service (bsc#1135905).
ImportantSUSE bug 1126140SUSE bug 1126141SUSE bug 1126192SUSE bug 1126195SUSE bug 1126196SUSE bug 1126198SUSE bug 1126201SUSE bug 1127400SUSE bug 1135905SUSE bug 1143797SUSE bug 1145652SUSE bug 1146874SUSE bug 1149813CVE-2019-12067 at SUSECVE-2019-12067 at NVDCVE-2019-12068 at SUSECVE-2019-12068 at NVDCVE-2019-12155 at SUSECVE-2019-12155 at NVDCVE-2019-14378 at SUSECVE-2019-14378 at NVDCVE-2019-15890 at SUSECVE-2019-15890 at NVDCVE-2019-17340 at SUSECVE-2019-17340 at NVDCVE-2019-17341 at SUSECVE-2019-17341 at NVDCVE-2019-17342 at SUSECVE-2019-17342 at NVDCVE-2019-17343 at SUSECVE-2019-17343 at NVDCVE-2019-17344 at SUSECVE-2019-17344 at NVDCVE-2019-17346 at SUSECVE-2019-17346 at NVDCVE-2019-17347 at SUSECVE-2019-17347 at NVDCVE-2019-17348 at SUSECVE-2019-17348 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xen fixes the following issues:
- bsc#1174543 - secure boot related fixes
- bsc#1163019 - CVE-2020-8608: potential OOB access due to unsafe snprintf() usages
- bsc#1169392 - CVE-2020-11742: Bad continuation handling in GNTTABOP_copy
- bsc#1168140 - CVE-2020-11740, CVE-2020-11741: multiple xenoprof issues
- bsc#1161181 - CVE-2020-7211: potential directory traversal using relative paths via tftp server on Windows host
- bsc#1157888 - CVE-2019-19579: Device quarantine for alternate pci assignment methods
- bsc#1158004 - CVE-2019-19583: VMX: VMentry failure with debug exceptions and blocked states
- bsc#1158005 - CVE-2019-19578: Linear pagetable use / entry miscounts
- bsc#1158006 - CVE-2019-19580: Further issues with restartable PV type change operations
- bsc#1158007 - CVE-2019-19577: dynamic height for the IOMMU pagetables
- bsc#1154448 - CVE-2019-18420: VCPUOP_initialise DoS
- bsc#1154456 - CVE-2019-18425: missing descriptor table limit checking in x86 PV emulation
- bsc#1154458 - CVE-2019-18421: Issues with restartable PV type change operations
- bsc#1154461 - CVE-2019-18424: passed through PCI devices may corrupt host memory after deassignment
- bsc#1155945 - CVE-2018-12207: Machine Check Error Avoidance on Page Size Change (aka IFU issue)
- bsc#1152497 - CVE-2019-11135: TSX Asynchronous Abort (TAA) issue
ImportantSUSE bug 1152497SUSE bug 1154448SUSE bug 1154456SUSE bug 1154458SUSE bug 1154461SUSE bug 1155945SUSE bug 1157888SUSE bug 1158004SUSE bug 1158005SUSE bug 1158006SUSE bug 1158007SUSE bug 1161181SUSE bug 1163019SUSE bug 1168140SUSE bug 1169392SUSE bug 1174543CVE-2018-12207 at SUSECVE-2018-12207 at NVDCVE-2019-11135 at SUSECVE-2019-11135 at NVDCVE-2019-18420 at SUSECVE-2019-18420 at NVDCVE-2019-18421 at SUSECVE-2019-18421 at NVDCVE-2019-18424 at SUSECVE-2019-18424 at NVDCVE-2019-18425 at SUSECVE-2019-18425 at NVDCVE-2019-19577 at SUSECVE-2019-19577 at NVDCVE-2019-19578 at SUSECVE-2019-19578 at NVDCVE-2019-19579 at SUSECVE-2019-19579 at NVDCVE-2019-19580 at SUSECVE-2019-19580 at NVDCVE-2019-19583 at SUSECVE-2019-19583 at NVDCVE-2020-11740 at SUSECVE-2020-11740 at NVDCVE-2020-11741 at SUSECVE-2020-11741 at NVDCVE-2020-11742 at SUSECVE-2020-11742 at NVDCVE-2020-7211 at SUSECVE-2020-7211 at NVDCVE-2020-8608 at SUSECVE-2020-8608 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xen fixes the following issues:
- CVE-2020-0543: Fixed a leak of Special Register Buffer Data Sampling (SRBDS) aka 'CrossTalk' (bsc#1172205,XSA-320)
- CVE-2020-14364: Fixed an out-of-bounds read/write access while processing usb packets (bsc#1175534).
- CVE-2020-15565: Fixed an issue cache write (bsc#1173378,XSA-321).
- CVE-2020-15567: Fixed an issue with non-atomic modification of live EPT PTE (bsc#1173380,XSA-328)
- CVE-2020-25595: Fixed an issue where PCI passthrough code was reading back hardware registers (bsc#1176344,XSA-337)
- CVE-2020-25596: Fixed a potential denial of service in x86 pv guest kernel via SYSENTER (bsc#1176345,XSA-339)
- CVE-2020-25597: Fixed an issue where a valid event channels may not turn invalid (bsc#1176346,XSA-338)
- CVE-2020-25600: Fixed out of bounds event channels available to 32-bit x86 domains (bsc#1176348,XSA-342)
- CVE-2020-25601: Fixed an issue due to lack of preemption in evtchn_reset() / evtchn_destroy() (bsc#1176350,XSA-344)
- CVE-2020-25603: Fixed an issue due to missing barriers when accessing/allocating an event channel (bsc#1176347,XSA-340)
- CVE-2020-25604: Fixed a race condition when migrating timers between x86
HVM vCPU-s (bsc#1176343,XSA-336)
ImportantSUSE bug 1172205SUSE bug 1173378SUSE bug 1173380SUSE bug 1175534SUSE bug 1176343SUSE bug 1176344SUSE bug 1176345SUSE bug 1176346SUSE bug 1176347SUSE bug 1176348SUSE bug 1176350CVE-2020-0543 at SUSECVE-2020-0543 at NVDCVE-2020-14364 at SUSECVE-2020-14364 at NVDCVE-2020-15565 at SUSECVE-2020-15565 at NVDCVE-2020-15567 at SUSECVE-2020-15567 at NVDCVE-2020-25595 at SUSECVE-2020-25595 at NVDCVE-2020-25596 at SUSECVE-2020-25596 at NVDCVE-2020-25597 at SUSECVE-2020-25597 at NVDCVE-2020-25600 at SUSECVE-2020-25600 at NVDCVE-2020-25601 at SUSECVE-2020-25601 at NVDCVE-2020-25603 at SUSECVE-2020-25603 at NVDCVE-2020-25604 at SUSECVE-2020-25604 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xen fixes the following issues:
- bsc#1178963 - stack corruption from XSA-346 change (XSA-355)
- bsc#1178935 - CVE-2020-25723: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c
- bsc#1177409 - CVE-2020-27674: x86 PV guest INVLPG-like flushes may leave stale TLB entries (XSA-286)
- bsc#1177412 - CVE-2020-27672: Race condition in Xen mapping code (XSA-345)
- bsc#1177413 - CVE-2020-27671: undue deferral of IOMMU TLB flushes (XSA-346)
- bsc#1177414 - CVE-2020-27670: unsafe AMD IOMMU page table updates (XSA-347)
- bsc#1178591 - CVE-2020-28368: Intel RAPL sidechannel attack aka PLATYPUS attack aka XSA-351
ImportantSUSE bug 1177409SUSE bug 1177412SUSE bug 1177413SUSE bug 1177414SUSE bug 1178591SUSE bug 1178935SUSE bug 1178963CVE-2020-25723 at SUSECVE-2020-25723 at NVDCVE-2020-27670 at SUSECVE-2020-27670 at NVDCVE-2020-27671 at SUSECVE-2020-27671 at NVDCVE-2020-27672 at SUSECVE-2020-27672 at NVDCVE-2020-27674 at SUSECVE-2020-27674 at NVDCVE-2020-28368 at SUSECVE-2020-28368 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xen (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xen fixes the following issues:
- CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests (bsc#117949 XSA-115).
- CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions (bsc#1179498 XSA-322).
- CVE-2020-29483: Fixed an issue where guests could disturb domain cleanup (bsc#1179502 XSA-325).
- CVE-2020-29484: Fixed an issue where guests could crash xenstored via watchs (bsc#1179501 XSA-324).
- CVE-2020-29566: Fixed an undue recursion in x86 HVM context switch code (bsc#1179506 XSA-348).
- CVE-2020-29570: Fixed an issue where FIFO event channels control block related ordering (bsc#1179514 XSA-358).
- CVE-2020-29571: Fixed an issue where FIFO event channels control structure ordering (bsc#1179516 XSA-359).
- CVE-2020-29130: Fixed an out-of-bounds access while processing ARP packets (bsc#1179477).
ModerateSUSE bug 1179477SUSE bug 1179496SUSE bug 1179498SUSE bug 1179501SUSE bug 1179502SUSE bug 1179506SUSE bug 1179514SUSE bug 1179516CVE-2020-29130 at SUSECVE-2020-29130 at NVDCVE-2020-29480 at SUSECVE-2020-29480 at NVDCVE-2020-29481 at SUSECVE-2020-29481 at NVDCVE-2020-29483 at SUSECVE-2020-29483 at NVDCVE-2020-29484 at SUSECVE-2020-29484 at NVDCVE-2020-29566 at SUSECVE-2020-29566 at NVDCVE-2020-29570 at SUSECVE-2020-29570 at NVDCVE-2020-29571 at SUSECVE-2020-29571 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xen fixes the following issues:
- CVE-2021-3419: Fixed a stack overflow induced by infinite recursion issue (bsc#1182975).
- CVE-2021-20257: Fixed an infinite loop in the e1000 NIC emulator (bsc#1182846)
- xenstored crashing with segfault (bsc#1182155).
ImportantSUSE bug 1182155SUSE bug 1182846SUSE bug 1182975CVE-2021-20257 at SUSECVE-2021-20257 at NVDCVE-2021-3419 at SUSECVE-2021-3419 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xen (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xen fixes the following issues:
- CVE-2021-0089: Fixed Speculative Code Store Bypass (XSA-375) (bsc#1186433).
- CVE-2021-20255: Fixed stack overflow via infinite recursion in eepro100 (bsc#1182654).
- CVE-2021-28690: Fixed x86 TSX Async Abort protections not restored after S3 (XSA-377) (bsc#1186434).
- CVE-2021-28692: Fixed inappropriate x86 IOMMU timeout detection / handling (XSA-373) (bsc#1186429).
- CVE-2021-28697: Fixed grant table v2 status pages may remain accessible after de-allocation (XSA-379) (bsc#1189376).
- CVE-2021-28698: Fixed long running loops in grant table handling. (XSA-380) (bsc#1189378).
- CVE-2021-28701: Fixed race condition in XENMAPSPACE_grant_table handling (XSA-384) (bsc#1189632).
- CVE-2021-28703: Fixed grant table v2 status pages may remain accessible after de-allocation (take two) (XSA-387) (bsc#1192555).
- CVE-2021-28705, CVE-2021-28709: Fixed issues with partially successful P2M updates on x86 (XSA-389) (bsc#1192559).
- CVE-2021-28706: Fixed guests may exceed their designated memory limit (XSA-385) (bsc#1192554).
- CVE-2021-3527: Fixed unbounded stack allocation in usbredir (bsc#1186013).
- CVE-2021-3592: Fixed invalid pointer initialization may lead to information disclosure in slirp (bootp) (bsc#1187369).
- CVE-2021-3594: Fixed invalid pointer initialization may lead to information disclosure in slirp (udp) (bsc#1187378).
- CVE-2021-3595: Fixed invalid pointer initialization may lead to information disclosure in slirp (tftp) (bsc#1187376).
- CVE-2021-3682: Fixed free call on invalid pointer in usbredir bufp_alloc (bsc#1189150).
- CVE-2021-3930: Fixed off-by-one error in mode_sense_page() in hw/scsi/scsi-disk.c (bsc#1192526).
ModerateSUSE bug 1182654SUSE bug 1186013SUSE bug 1186429SUSE bug 1186433SUSE bug 1186434SUSE bug 1187369SUSE bug 1187376SUSE bug 1187378SUSE bug 1189150SUSE bug 1189376SUSE bug 1189378SUSE bug 1189632SUSE bug 1192526SUSE bug 1192554SUSE bug 1192555SUSE bug 1192559CVE-2021-0089 at SUSECVE-2021-0089 at NVDCVE-2021-20255 at SUSECVE-2021-20255 at NVDCVE-2021-28690 at SUSECVE-2021-28690 at NVDCVE-2021-28692 at SUSECVE-2021-28692 at NVDCVE-2021-28697 at SUSECVE-2021-28697 at NVDCVE-2021-28698 at SUSECVE-2021-28698 at NVDCVE-2021-28701 at SUSECVE-2021-28701 at NVDCVE-2021-28703 at SUSECVE-2021-28703 at NVDCVE-2021-28705 at SUSECVE-2021-28705 at NVDCVE-2021-28706 at SUSECVE-2021-28706 at NVDCVE-2021-28709 at SUSECVE-2021-28709 at NVDCVE-2021-3527 at SUSECVE-2021-3527 at NVDCVE-2021-3592 at SUSECVE-2021-3592 at NVDCVE-2021-3594 at SUSECVE-2021-3594 at NVDCVE-2021-3595 at SUSECVE-2021-3595 at NVDCVE-2021-3682 at SUSECVE-2021-3682 at NVDCVE-2021-3930 at SUSECVE-2021-3930 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xen (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xen fixes the following issues:
- CVE-2022-23034: Fixed possible DoS by a PV guest Xen while unmapping a grant. (XSA-394) (bsc#1194581)
- CVE-2022-23035: Fixed insufficient cleanup of passed-through device IRQs. (XSA-395) (bsc#1194588)
ImportantSUSE bug 1194581SUSE bug 1194588CVE-2022-23034 at SUSECVE-2022-23034 at NVDCVE-2022-23035 at SUSECVE-2022-23035 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xen (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update fixes the following security issues:
- bsc#955399 - Fix xm migrate --log_progress.
Due to logic error progress was not logged when requested.
- bsc#956832 - CVE-2015-8345: xen: qemu: net: eepro100:
infinite loop in processing command block list
- bsc#956592 - xen: virtual PMU is unsupported (XSA-163)
- bsc#956408 - CVE-2015-8339, CVE-2015-8340: xen:
XENMEM_exchange error handling issues (XSA-159)
- bsc#956409 - CVE-2015-8341: xen: libxl leak of pv kernel
and initrd on error (XSA-160)
- bsc#956411 - CVE-2015-7504: xen: heap buffer overflow
vulnerability in pcnet emulator (XSA-162)
- bsc#947165 - CVE-2015-7311: xen: libxl fails to honour
readonly flag on disks with qemu-xen (xsa-142)
- bsc#955399 - Fix xm migrate --live. The options were not passed
due to a merge error. As a result the migration was not live,
instead the suspended guest was migrated.
- bsc#954405 - CVE-2015-8104: Xen: guest to host DoS by
triggering an infinite loop in microcode via #DB exception
- bsc#954018 - CVE-2015-5307: xen: x86: CPU lockup during
fault delivery (XSA-156)
- bsc#950704 - CVE-2015-7970: xen: x86: Long latency
populate-on-demand operation is not preemptible (XSA-150)
- bsc#951845 - CVE-2015-7972: xen: x86: populate-on-demand
balloon size inaccuracy can crash guests (XSA-153)
- Drop 5604f239-x86-PV-properly-populate-descriptor-tables.patch
- bsc#950703 - CVE-2015-7969: xen: leak of main per-domain
vcpu pointer array (DoS) (XSA-149)
- bsc#950705 - CVE-2015-7969: xen: x86: leak of per-domain
profiling-related vcpu pointer array (DoS) (XSA-151)
- bsc#950706 - CVE-2015-7971: xen: x86: some pmu and
profiling hypercalls log without rate limiting (XSA-152) ModerateSUSE bug 947165SUSE bug 950703SUSE bug 950704SUSE bug 950705SUSE bug 950706SUSE bug 951845SUSE bug 954018SUSE bug 954405SUSE bug 955399SUSE bug 956408SUSE bug 956409SUSE bug 956411SUSE bug 956592SUSE bug 956832CVE-2015-5307 at SUSECVE-2015-5307 at NVDCVE-2015-7311 at SUSECVE-2015-7311 at NVDCVE-2015-7504 at SUSECVE-2015-7504 at NVDCVE-2015-7835 at SUSECVE-2015-7835 at NVDCVE-2015-7969 at SUSECVE-2015-7969 at NVDCVE-2015-7970 at SUSECVE-2015-7970 at NVDCVE-2015-7971 at SUSECVE-2015-7971 at NVDCVE-2015-7972 at SUSECVE-2015-7972 at NVDCVE-2015-8104 at SUSECVE-2015-8104 at NVDCVE-2015-8339 at SUSECVE-2015-8339 at NVDCVE-2015-8340 at SUSECVE-2015-8340 at NVDCVE-2015-8341 at SUSECVE-2015-8341 at NVDCVE-2015-8345 at SUSECVE-2015-8345 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xerces-j2 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
xerces-j2 was updated to fix several issues.
This security issue was fixed:
- bsc#814241: Prevent possible DoS through very long attribute names
This non-security issue was fixed:
- Prevent StackOverflowError when applying a pattern restriction on long strings
while trying to validate an XML file against a schema (bsc#1047536, bsc#879138)
ModerateSUSE bug 1047536SUSE bug 814241SUSE bug 879138cpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xerces-j2 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xerces-j2 fixes the following issues:
- CVE-2022-23437: Fixed infinite loop within Apache XercesJ xml parser (bsc#1195108).
ImportantSUSE bug 1195108CVE-2022-23437 at SUSECVE-2022-23437 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xfsprogs (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
xfsprogs was updated to fix one security vulnerability and several bugs.
- Handle unwanted data disclosure in xfs_metadump (bsc#939367, CVE-2012-2150)
- Fix segfault during xfs_repair run (bsc#911866)
- Fix definition of leaf attribute block to avoid gcc optimization xfsprogs-fix-leaf-block-definition
ModerateSUSE bug 911866SUSE bug 939367CVE-2012-2150 at SUSECVE-2012-2150 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-libICE (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xorg-x11-libICE fixes the following issues:
- CVE-2017-2626: Creation of the ICE auth session cookies used insufficient randomness, making these cookies
predictable. A more random generation method has been implemented. (boo#1025068)
ModerateSUSE bug 1025068CVE-2017-2626 at SUSECVE-2017-2626 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-libX11 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
xorg-x11-libX11 was updated to fix one security issue.
This security issue was fixed:
- CVE-2013-7439: Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allowed remote attackers to have unspecified impact via a crafted request, which triggered a buffer overflow (bsc#927220).
ModerateSUSE bug 927220CVE-2013-7439 at SUSECVE-2013-7439 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-libX11 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xorg-x11-libX11 fixes the following issues:
- plug a memory leak (bsc#1002991, CVE-2016-7942)
- insufficient validation of data from the X server can cause
out of boundary memory read (XGetImage()) or write (XListFonts())
(bsc#1002991, CVE-2016-7942)
ModerateSUSE bug 1002991CVE-2016-7942 at SUSECVE-2016-7942 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-libX11 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xorg-x11-libX11 fixes the following issues:
- a regression introduced by the security fix for CVE-2013-1997
(bnc#824294). Keyboard mappings for special characters on Non-English
keyboards might have been broken. (bnc#1019642)
ModerateSUSE bug 1019642CVE-2013-1997 at SUSECVE-2013-1997 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-libX11 (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xorg-x11-libX11 fixes the following issues:
- CVE-2018-14599: The function XListExtensions was vulnerable to an off-by-one
error caused by malicious server responses, leading to DoS or possibly
unspecified other impact (bsc#1102062)
- CVE-2018-14600: The function XListExtensions interpreted a variable as signed
instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes),
leading to DoS or remote code execution (bsc#1102068)
- CVE-2018-14598: A malicious server could have sent a reply in which the first
string overflows, causing a variable to be set to NULL that will be freed later
on, leading to DoS (segmentation fault) (bsc#1102073)
ModerateSUSE bug 1102062SUSE bug 1102068SUSE bug 1102073CVE-2018-14598 at SUSECVE-2018-14598 at NVDCVE-2018-14599 at SUSECVE-2018-14599 at NVDCVE-2018-14600 at SUSECVE-2018-14600 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-libX11 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xorg-x11-libX11 fixes the following issues:
- Fixed XIM client heap overflows (CVE-2020-14344, bsc#1174628)
ImportantSUSE bug 1174628CVE-2020-14344 at SUSECVE-2020-14344 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-libX11 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xorg-x11-libX11 fixes the following issues:
- Fixed XIM client heap overflows (CVE-2020-14344, bsc#1174628).
ImportantSUSE bug 1174628CVE-2020-14344 at SUSECVE-2020-14344 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-libX11 (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xorg-x11-libX11 fixes the following issues:
- Regression in the fix for CVE-2021-31535, causing segfaults for xforms applications like fdesign (bsc#1186643).
ImportantSUSE bug 1186643CVE-2021-31535 at SUSECVE-2021-31535 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-libXdmcp (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xorg-x11-libXdmcp fixes the following issues:
- CVE-2017-2625: The generation of session key in XDM using libXdmcp might have used weak entropy, making
the session keys predictable (bsc#1025046)
ModerateSUSE bug 1025046CVE-2017-2625 at SUSECVE-2017-2625 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-libXfixes (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xorg-x11-libXfixes fixes the following issues:
- insufficient validation of data from the X server can cause an
integer overflow on 32 bit architectures (bsc#1002995, CVE-2016-7944)
ModerateSUSE bug 1002995CVE-2016-7944 at SUSECVE-2016-7944 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-libXpm (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xorg-x11-libXpm fixes the following security issue:
- A heap overflow in XPM handling could be used by attackers supplying
XPM files to crash or potentially execute code. (bsc#1021315)
ModerateSUSE bug 1021315CVE-2016-10164 at SUSECVE-2016-10164 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-libXrender (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xorg-x11-libXrender fixes the following issues:
- insufficient validation of data from the X server can cause out
of boundary memory writes (bsc#1003002, CVE-2016-7949, CVE-2016-7950)
ModerateSUSE bug 1003002CVE-2016-7949 at SUSECVE-2016-7949 at NVDCVE-2016-7950 at SUSECVE-2016-7950 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-libXv (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xorg-x11-libXv fixes the following issues:
- insufficient validation of data from the X server can cause
memory corruption (bsc#1003017, CVE-2016-5407)
ModerateSUSE bug 1003017CVE-2016-5407 at SUSECVE-2016-5407 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Recommended update for xorg-x11-libs (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xorg-x11-libs fixes the following issues:
- The original fix for CVE-2015-1804 prevented DWIDTH to be negative. However, the
spec states that 'DWIDTH [...] is a vector indicating the position of the next
glyph's origin relative to the origin of this glyph'. Consequently, negative
DWIDTH values should be allowed. (bsc#958383)
ModerateSUSE bug 958383CVE-2015-1804 at SUSECVE-2015-1804 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-libs (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xorg-x11-libs fixes the following issues:
- insufficient validation of data from the X server can cause a
one byte buffer read underrun (bsc#1003023, CVE-2016-7953)
- insufficient validation of data from the X server can cause out
of boundary memory access or endless loops (Denial of Service)
(bsc#1003012, CVE-2016-7951, CVE-2016-7952)
- insufficient validation of data from the X server can cause out
of boundary memory writes (bsc#1003000, CVE-2016-7947, CVE-2016-7948)
- insufficient validation of data from the X server can cause out
of boundary memory access or endless loops (Denial of Service).
(bsc#1002998, CVE-2016-7945, CVE-2016-7946)
ModerateSUSE bug 1002998SUSE bug 1003000SUSE bug 1003012SUSE bug 1003023CVE-2016-7945 at SUSECVE-2016-7945 at NVDCVE-2016-7946 at SUSECVE-2016-7946 at NVDCVE-2016-7947 at SUSECVE-2016-7947 at NVDCVE-2016-7948 at SUSECVE-2016-7948 at NVDCVE-2016-7951 at SUSECVE-2016-7951 at NVDCVE-2016-7952 at SUSECVE-2016-7952 at NVDCVE-2016-7953 at SUSECVE-2016-7953 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-libs (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xorg-x11-libs fixes several issues.
These security issues were fixed:
- CVE-2017-16612: Heap overflows due to an integer overflow while parsing images and a signedness issue while parsing comments (bsc#1065386).
- CVE-2017-13720: Improper check for end of string in PatterMatch caused invalid reads (bsc#1054285)
- CVE-2017-13722: Malformed PCF file could have caused DoS or leak information (bsc#1049692)
- Prevent the X server from accessing arbitrary files as root. It is not possible to leak information, but special files can be touched allowing for causing side effects (bsc#1050459)
ModerateSUSE bug 1049692SUSE bug 1050459SUSE bug 1054285SUSE bug 1065386CVE-2017-13720 at SUSECVE-2017-13720 at NVDCVE-2017-13722 at SUSECVE-2017-13722 at NVDCVE-2017-16612 at SUSECVE-2017-16612 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-libs (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xorg-x11-libs fixes the following security issue:
- CVE-2015-9262: _XcursorThemeInherits allowed remote attackers to cause denial
of service or potentially code execution via a one-byte heap overflow
(bsc#1103511)
ModerateSUSE bug 1103511CVE-2015-9262 at SUSECVE-2015-9262 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-server (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xorg-x11-server fixes the following issues:
Security issues:
- CVE-2017-2624: Prevent timing attack against MIT cookie. (bsc#1025029, CVE-2017-2624)
Non security issues:
- Use arc4random to generate cookies. (bsc#1025084)
- XDrawArc performance improvement (bsc#1019649)
- Fix byte swapping for gradeint stops (bsc#981044).
- Remove unused function with use-after-free issue. (bsc#1025035)
ModerateSUSE bug 1019649SUSE bug 1025029SUSE bug 1025035SUSE bug 1025084SUSE bug 981044CVE-2017-2624 at SUSECVE-2017-2624 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xorg-x11-server fixes the following issues:
- CVE-2017-10971: Fix endianess handling of GenericEvent to prevent a stack overflow by clients. (bnc#1035283)
- Make sure the type of all events to be sent by ProcXSendExtensionEvent are in the
allowed range.
- CVE-2017-10972: Initialize the xEvent eventT with zeros to avoid information leakage.
ImportantSUSE bug 1035283CVE-2017-10971 at SUSECVE-2017-10971 at NVDCVE-2017-10972 at SUSECVE-2017-10972 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-server (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xorg-x11-server provides several fixes.
These security issues were fixed:
- CVE-2017-13723: Prevent local DoS via unusual characters in XkbAtomText and
XkbStringText (bsc#1051150).
- Improve the entropy when generating random data used in X.org server authorization
cookies generation by using getentropy() and getrandom() when available (bsc#1025084)
- CVE-2017-12184,CVE-2017-12185,CVE-2017-12186,CVE-2017-12187: Fixed
unvalidated lengths in multiple extensions (bsc#1063034)
- CVE-2017-12183: Fixed some unvalidated lengths in the XFIXES
extension. (bsc#1063035)
- CVE-2017-12180,CVE-2017-12181,CVE-2017-12182: Fixed various unvalidated
lengths in the XFree86-VidMode/XFree86-DGA/XFree86-DRI extensions
(bsc#1063037)
- CVE-2017-12179: Fixed an integer overflow and unvalidated length in
(S)ProcXIBarrierReleasePointer in Xi (bsc#1063038)
- CVE-2017-12178: Fixed a wrong extra length check in
ProcXIChangeHierarchy in Xi (bsc#1063039)
- CVE-2017-12177: Fixed an unvalidated variable-length request in
ProcDbeGetVisualInfo (bsc#1063040)
- CVE-2017-12176: Fixed an unvalidated extra length in
ProcEstablishConnection (bsc#1063041)
ModerateSUSE bug 1025084SUSE bug 1051150SUSE bug 1063034SUSE bug 1063035SUSE bug 1063037SUSE bug 1063038SUSE bug 1063039SUSE bug 1063040SUSE bug 1063041CVE-2017-12176 at SUSECVE-2017-12176 at NVDCVE-2017-12177 at SUSECVE-2017-12177 at NVDCVE-2017-12178 at SUSECVE-2017-12178 at NVDCVE-2017-12179 at SUSECVE-2017-12179 at NVDCVE-2017-12180 at SUSECVE-2017-12180 at NVDCVE-2017-12181 at SUSECVE-2017-12181 at NVDCVE-2017-12182 at SUSECVE-2017-12182 at NVDCVE-2017-12183 at SUSECVE-2017-12183 at NVDCVE-2017-12184 at SUSECVE-2017-12184 at NVDCVE-2017-12185 at SUSECVE-2017-12185 at NVDCVE-2017-12186 at SUSECVE-2017-12186 at NVDCVE-2017-12187 at SUSECVE-2017-12187 at NVDCVE-2017-13723 at SUSECVE-2017-13723 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for xorg-x11-server provides the following fix:
Security issue fixed:
- CVE-2018-14665: Local attackers could overwrite system files in any directory using the -logfile option and gain privileges (bsc#1111697)
Non security issues fixed:
- Do not write past the allocated buffer. (bsc#1078383)
ImportantSUSE bug 1078383SUSE bug 1111697CVE-2018-14665 at SUSECVE-2018-14665 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xorg-x11-server fixes the following issues:
- CVE-2020-14347: Leak of uninitialized heap memory from the X server to clients on pixmap allocation (bsc#1174633, ZDI-CAN-11426).
- CVE-2020-14345: XKB out-of-bounds access privilege escalation vulnerability (bsc#1174635, ZDI-CAN-11428).
ImportantSUSE bug 1174633SUSE bug 1174635CVE-2020-14345 at SUSECVE-2020-14345 at NVDCVE-2020-14347 at SUSECVE-2020-14347 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xorg-x11-server fixes the following issues:
- CVE-2020-14361: Fix XkbSelectEvents() integer underflow (bsc#1174910 ZDI-CAN-11573).
- CVE-2020-14362: Fix XRecordRegisterClients() Integer underflow (bsc#1174913 ZDI-CAN-11574).
ImportantSUSE bug 1174910SUSE bug 1174913CVE-2020-14361 at SUSECVE-2020-14361 at NVDCVE-2020-14362 at SUSECVE-2020-14362 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xorg-x11-server fixes the following issues:
- CVE-2020-25712: Fixed a heap-based buffer overflow which could have led to privilege escalation (bsc#1177596).
- CVE-2020-14360: Fixed an out of bounds memory accesses on too short request which could lead to denial of service (bsc#1174908).
ImportantSUSE bug 1174908SUSE bug 1177596CVE-2020-14360 at SUSECVE-2020-14360 at NVDCVE-2020-25712 at SUSECVE-2020-25712 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xorg-x11-server fixes the following issues:
- CVE-2021-3472: XChangeFeedbackControl Integer Underflow Privilege Escalation (bsc#1180128)
ImportantSUSE bug 1180128CVE-2021-3472 at SUSECVE-2021-3472 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xorg-x11-server fixes the following issues:
- CVE-2021-4008: Fixed Privilege Escalation Vulnerability via Out-Of-Bounds Access in SProcRenderCompositeGlyphs (bsc#1193030).
ImportantSUSE bug 1193030CVE-2021-4008 at SUSECVE-2021-4008 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xorg-x11-server (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xorg-x11-server fixes the following issues:
- CVE-2021-4011: The handlers for the RecordCreateContext and RecordRegisterClients
requests of the Record extension do not properly validate the request
length leading to out of bounds memory write. (bsc#1190489)
ImportantSUSE bug 1190489CVE-2021-4011 at SUSECVE-2021-4011 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xscreensaver (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
The xscreensaver package was updated to fix the following security and non security issues:
- CVE-2015-8025: Fixed a crash when hot-swapping monitors while locked (bsc#952062).
- Added xscreensaver-in_signal_handler_p.patch needed for fix of signal handling.
- Refresh xscreensaver-stars.patch.
ModerateSUSE bug 952062CVE-2015-8025 at SUSECVE-2015-8025 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for xterm (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xterm fixes the following issues:
- CVE-2021-27135: Fixed buffer-overflow when clicking on selected utf8 text. (bsc#1182091)
ImportantSUSE bug 1182091CVE-2021-27135 at SUSECVE-2021-27135 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for xz (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for xz fixes the following issues:
- CVE-2022-1271: Fixed an incorrect escaping of malicious filenames (ZDI-CAN-16587). (bsc#1198062)
ImportantSUSE bug 1198062CVE-2022-1271 at SUSECVE-2022-1271 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for yast2-storage (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for yast2-storage provides the following fixes:
Security issues fixed:
- Use standard IPC, and not temporary files, to pass passwords between processes.
(bsc#986971, CVE-2016-5746)
Non security bugs fixed:
- Fix usage of complete multipath disk as LVM physical volume. (bsc#984245)
- Load the correct multipath module (dm-multipath). (bsc#937942)
- Improve message for creating volumes with a filesystem but without a mount point.
(bsc#996208)
ModerateSUSE bug 937942SUSE bug 984245SUSE bug 986971SUSE bug 996208CVE-2016-5746 at SUSECVE-2016-5746 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for zlib (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for zlib fixes the following issues:
* Incompatible declarations for external linkage function deflate (bnc#1003577)
* CVE-2016-9842: Undefined Left Shift of Negative Number (bnc#1003580)
* CVE-2016-9840 CVE-2016-9841: Out-of-bounds pointer arithmetic in inftrees.c (bnc#1003579)
* CVE-2016-9843: Big-endian out-of-bounds pointer
ModerateSUSE bug 1003577SUSE bug 1003579SUSE bug 1003580SUSE bug 1013882CVE-2016-9840 at SUSECVE-2016-9840 at NVDCVE-2016-9841 at SUSECVE-2016-9841 at NVDCVE-2016-9842 at SUSECVE-2016-9842 at NVDCVE-2016-9843 at SUSECVE-2016-9843 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for zlib (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for zlib fixes the following issues:
- CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459).
ImportantSUSE bug 1197459CVE-2018-25032 at SUSECVE-2018-25032 at NVDcpe:/o:suse:suse_sles:11:sp4Security update for zsh (Moderate)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP4
This update for zsh fixes the following issues:
- CVE-2018-1100: Fixed a buffer overflow in
utils.c:checkmailpath() that could lead to local arbitrary code
execution ( bsc#1089030)
ModerateSUSE bug 1089030CVE-2018-1100 at SUSECVE-2018-1100 at NVDcpe:/o:suse:sles_sap:11:sp4cpe:/o:suse:suse_sles:11:sp4Security update for zsh (Important)SUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server 11 SP4-LTSS
This update for zsh fixes the following issues:
- CVE-2019-20044: Fixed an insecure dropping of privileges when unsetting
the PRIVILEGED option (bsc#1163882).
- CVE-2018-13259: Fixed an unexpected truncation of long shebang lines (bsc#1107294).
- CVE-2018-7549: Fixed a crash when an empty hash table (bsc#1082991).
- CVE-2018-1083: Fixed a stack-based buffer overflow when using tab completion
on directories with long names (bsc#1087026).
- CVE-2018-1071: Fixed a stack-based buffer overflow when executing certain
commands (bsc#1084656).
- CVE-2018-0502: Fixed a mishandling of shebang lines (bsc#1107296).
- CVE-2017-18206: Fixed a buffer overflow related to symlink processing (bsc#1083002).
- CVE-2017-18205: Fixed an application crash when using cd with no
arguments (bsc#1082998).
- CVE-2016-10714: Fixed a potential application crash when handling maximum
length paths (bsc#1083250).
- CVE-2014-10072: Fixed a buffer overflow when scanning very long directory
paths for symbolic links (bsc#1082975).
- CVE-2014-10071: Fixed a buffer overflow when redirecting output to a long
file descriptor (bsc#1082977).
- CVE-2014-10070: Fixed a privilege escalation vulnerability via environment
variables (bsc#1082885).
ImportantSUSE bug 1082885SUSE bug 1082975SUSE bug 1082977SUSE bug 1082991SUSE bug 1082998SUSE bug 1083002SUSE bug 1083250SUSE bug 1084656SUSE bug 1087026SUSE bug 1107294SUSE bug 1107296SUSE bug 1163882CVE-2014-10070 at SUSECVE-2014-10070 at NVDCVE-2014-10071 at SUSECVE-2014-10071 at NVDCVE-2014-10072 at SUSECVE-2014-10072 at NVDCVE-2016-10714 at SUSECVE-2016-10714 at NVDCVE-2017-18205 at SUSECVE-2017-18205 at NVDCVE-2017-18206 at SUSECVE-2017-18206 at NVDCVE-2018-0502 at SUSECVE-2018-0502 at NVDCVE-2018-1071 at SUSECVE-2018-1071 at NVDCVE-2018-1083 at SUSECVE-2018-1083 at NVDCVE-2018-13259 at SUSECVE-2018-13259 at NVDCVE-2018-7549 at SUSECVE-2018-7549 at NVDCVE-2019-20044 at SUSECVE-2019-20044 at NVDcpe:/o:suse:suse_sles:11:sp4LibVNCServersles-releaseMozillaFirefoxMozillaFirefox-translationsNetworkManagerNetworkManager-glibNetworkManager-gnomeOpenEXROpenEXR-32bitOpenEXR-x86PackageKitPackageKit-langhalhal-32bithal-dochal-x86libpackagekit-glib10yast2-corePolicyKitPolicyKit-32bitPolicyKit-docPolicyKit-x86amavisd-newapache2apache2-docapache2-example-pagesapache2-preforkapache2-utilsapache2-workerapache2-mod_perlapache2-mod_php5php5php5-bcmathphp5-bz2php5-calendarphp5-ctypephp5-curlphp5-dbaphp5-dbasephp5-domphp5-exifphp5-fastcgiphp5-ftpphp5-gdphp5-gettextphp5-gmpphp5-hashphp5-iconvphp5-jsonphp5-ldapphp5-mbstringphp5-mcryptphp5-mysqlphp5-odbcphp5-opensslphp5-pcntlphp5-pdophp5-pearphp5-pgsqlphp5-pspellphp5-shmopphp5-snmpphp5-soapphp5-suhosinphp5-sysvmsgphp5-sysvsemphp5-sysvshmphp5-tokenizerphp5-wddxphp5-xmlreaderphp5-xmlrpcphp5-xmlwriterphp5-xslphp5-zipphp5-zlibavahiavahi-langavahi-utilslibavahi-client3libavahi-client3-32bitlibavahi-client3-x86libavahi-common3libavahi-common3-32bitlibavahi-common3-x86libavahi-core5libdns_sdlibdns_sd-32bitlibdns_sd-x86bindbind-chrootenvbind-docbind-libsbind-libs-32bitbind-libs-x86bind-utilsboost-licenselibboost_program_options1_36_0libboost_regex1_36_0libboost_signals1_36_0bzip2bzip2-doclibbz2-1libbz2-1-32bitlibbz2-1-x86cifs-mountldapsmblibsmbclient0libsmbclient0-32bitlibsmbclient0-x86libtalloc1libtalloc1-32bitlibtalloc1-x86libtdb1libtdb1-32bitlibtdb1-x86libwbclient0libwbclient0-32bitlibwbclient0-x86sambasamba-32bitsamba-clientsamba-client-32bitsamba-client-x86samba-krb-printingsamba-winbindsamba-winbind-32bitsamba-winbind-x86samba-x86clamavcoolkeycroncupscups-clientcups-libscups-libs-32bitcups-libs-x86curllibcurl4libcurl4-32bitlibcurl4-x86cyrus-imapdperl-Cyrus-IMAPperl-Cyrus-SIEVE-managesievedbus-1dbus-1-32bitdbus-1-x11dbus-1-x86dhcpdhcp-clientdhcp-relaydhcp-servere2fsprogslibcom_err2libcom_err2-32bitlibcom_err2-x86libext2fs2emacsemacs-elemacs-infoemacs-noxemacs-x11enscriptevinceevince-docevince-langevolution-data-serverevolution-data-server-32bitevolution-data-server-langevolution-data-server-x86expatlibexpat1libexpat1-32bitlibexpat1-x86fetchmailfetchmailconffilefile-32bitfile-x86findutilsfindutils-locatefreeradius-serverfreeradius-server-dialupadminfreeradius-server-docfreeradius-server-libsfreeradius-server-utilsfreetype2freetype2-32bitfreetype2-x86ft2demosfuselibfuse2fvwm2g3utilsmgettygdghostscript-fonts-otherghostscript-fonts-rusghostscript-fonts-stdghostscript-libraryghostscript-omnighostscript-x11libgimpprintglib2glib2-docglib2-langlibgio-2_0-0libgio-2_0-0-32bitlibgio-2_0-0-x86libglib-2_0-0libglib-2_0-0-32bitlibglib-2_0-0-x86libgmodule-2_0-0libgmodule-2_0-0-32bitlibgmodule-2_0-0-x86libgobject-2_0-0libgobject-2_0-0-32bitlibgobject-2_0-0-x86libgthread-2_0-0libgthread-2_0-0-32bitlibgthread-2_0-0-x86gmimegmime-2_4gmime-doclibgmime-2_0-3libgmime-2_4-2gnome-screensavergnome-screensaver-langgnutlslibgnutls26libgnutls26-32bitlibgnutls26-x86gpg2gpg2-langgstreamer-0_10-plugins-basegstreamer-0_10-plugins-base-32bitgstreamer-0_10-plugins-base-docgstreamer-0_10-plugins-base-langgstreamer-0_10-plugins-base-x86libgstapp-0_10-0libgstapp-0_10-0-32bitlibgstapp-0_10-0-x86libgstinterfaces-0_10-0libgstinterfaces-0_10-0-32bitlibgstinterfaces-0_10-0-x86gstreamer-0_10-plugins-goodgstreamer-0_10-plugins-good-docgstreamer-0_10-plugins-good-langgtk2gtk2-32bitgtk2-docgtk2-langgtk2-x86gvimvimvim-basevim-datagziphpliphplip-hpijsipsec-toolsjava-1_4_2-ibmjava-1_4_2-ibm-jdbcjava-1_4_2-ibm-pluginjava-1_6_0-ibmjava-1_6_0-ibm-alsajava-1_6_0-ibm-fontsjava-1_6_0-ibm-jdbcjava-1_6_0-ibm-pluginkde4-kgreeter-pluginskdebase4-wallpaperskdebase4-workspacekdebase4-workspace-ksysguarddkdmkwinkdebase3-runtimekdebase3-runtime-32bitkdebase3-runtime-x86kdelibs3kdelibs3-32bitkdelibs3-default-stylekdelibs3-default-style-32bitkdelibs3-default-style-x86kdelibs3-x86kdelibs4kdelibs4-corekdelibs4-doclibkde4libkde4-32bitlibkde4-x86libkdecore4libkdecore4-32bitlibkdecore4-x86kernel-defaultkernel-default-basekernel-default-mankernel-paekernel-pae-basekernel-ppc64kernel-ppc64-basekernel-sourcekernel-symskernel-tracekernel-trace-basekernel-xenkernel-xen-basekrb5krb5-32bitkrb5-apps-clientskrb5-apps-serverskrb5-clientkrb5-serverkrb5-x86krb5-dockrb5-plugin-kdb-ldapkrb5-plugin-preauth-pkinitkvmlcmsliblcms1liblcms1-32bitliblcms1-x86libMagickCore1libMagickCore1-32bitlibQtWebKit4libQtWebKit4-32bitlibQtWebKit4-x86libqt4libqt4-32bitlibqt4-qt3supportlibqt4-qt3support-32bitlibqt4-qt3support-x86libqt4-sqllibqt4-sql-32bitlibqt4-sql-mysqllibqt4-sql-sqlitelibqt4-sql-x86libqt4-x11libqt4-x11-32bitlibqt4-x11-x86libqt4-x86qt4-x11-toolslibadns1libapr-util1libapr-util1-32bitlibapr1libapr1-32bitlibarchive2libdrmlibdrm-32bitlibdrm-x86libexiflibexif-32bitlibexif-x86libexiv2-4libgtoplibgtop-2_0-7libgtop-doclibgtop-langlibiculibicu-32bitlibicu-doclibicu-x86libltdl7libltdl7-32bitlibltdl7-x86libtoollibtool-32bitlibtool-x86libmusicbrainz4libmysqlclient15libmysqlclient15-32bitlibmysqlclient15-x86libmysqlclient_r15mysqlmysql-Maxmysql-clientlibneon27libneon27-32bitlibneon27-x86neonlibnetpbm10libnetpbm10-32bitlibnetpbm10-x86netpbmlibopensc2libopensc2-32bitlibopensc2-x86openscopensc-32bitopensc-x86libopenssl0_9_8libopenssl0_9_8-32bitlibopenssl0_9_8-x86opensslopenssl-doclibpng12-0libpng12-0-32bitlibpng12-0-x86libpoppler-glib4libpoppler-qt4-3libpoppler5poppler-toolslibpulse-browse0libpulse-mainloop-glib0libpulse0libpulse0-32bitlibpulse0-x86pulseaudiopulseaudio-esound-compatpulseaudio-gdm-hookspulseaudio-langpulseaudio-module-x11pulseaudio-module-zeroconfpulseaudio-utilslibpython2_6-1_0libpython2_6-1_0-32bitlibpython2_6-1_0-x86python-basepython-base-32bitpython-base-x86python-xmlpyxmllibrpcsecgsslibtirpc1libsampleratelibsamplerate-32bitlibsamplerate-x86libsndfilelibsndfile-32bitlibsndfile-x86libsnmp15libsnmp15-32bitlibsnmp15-x86net-snmpperl-SNMPsnmp-mibslibsoup-2_4-1libsoup-2_4-1-32bitlibsoup-2_4-1-x86libtiff3libtiff3-32bitlibtiff3-x86tifflibvirtlibvirt-doclibvirt-pythonlibvorbislibvorbis-32bitlibvorbis-doclibvorbis-x86libxml2libxml2-32bitlibxml2-doclibxml2-x86libxsltlibxslt-32bitlibxslt-x86log4netmailmanmanmono-coremono-datamono-data-postgresqlmono-data-sqlitemono-locale-extrasmono-nunitmono-webmono-winformsmozilla-xulrunner190mozilla-xulrunner190-32bitmozilla-xulrunner190-gnomevfsmozilla-xulrunner190-translationsmozilla-xulrunner190-x86mozilla-xulrunner191mozilla-xulrunner191-32bitmozilla-xulrunner191-gnomevfsmozilla-xulrunner191-translationsmozilla-xulrunner191-x86muttnagiosnagios-wwwnagios-pluginsnagios-plugins-extrasntpntp-docopensshopenssh-askpassopenswanopenswan-docopenvpnopenvpn-auth-pam-pluginpampam-32bitpam-docpam-x86pam_krb5pam_krb5-32bitpam_krb5-x86pam_ldappam_ldap-32bitpam_ldap-x86pam_mountpam_mount-32bitpam_mount-x86perlperl-32bitperl-baseperl-docperl-x86perl-HTML-Parserperl-Tkperl-spamassassinspamassassinpostgresqlpostgresql-contribpostgresql-docspostgresql-libspostgresql-libs-32bitpostgresql-libs-x86postgresql-serverpuppetpuppet-serverpythonpython-32bitpython-cursespython-demopython-gdbmpython-idlepython-tkpython-x86qt3qt3-32bitqt3-x86quaggarsyncrubyruby-doc-htmlruby-tksquidstarsudosyslog-ngsysstatsysstat-isagsystemtapsystemtap-clientsystemtap-servertarunrarunzipw3mwgetwiresharkxdg-utilsxenxen-doc-htmlxen-doc-pdfxen-kmp-defaultxen-kmp-paexen-libsxen-toolsxen-tools-domUxorg-x11xorg-x11-xauthxorg-x11-Xvncxorg-x11-serverxorg-x11-server-extraxpdf-toolsxtermzooaaa_baseacpidapache2-mod_jkapache2-mod_php53php53php53-bcmathphp53-bz2php53-calendarphp53-ctypephp53-curlphp53-dbaphp53-domphp53-exifphp53-fastcgiphp53-fileinfophp53-ftpphp53-gdphp53-gettextphp53-gmpphp53-iconvphp53-intlphp53-jsonphp53-ldapphp53-mbstringphp53-mcryptphp53-mysqlphp53-odbcphp53-opensslphp53-pcntlphp53-pdophp53-pearphp53-pgsqlphp53-pspellphp53-shmopphp53-snmpphp53-soapphp53-suhosinphp53-sysvmsgphp53-sysvsemphp53-sysvshmphp53-tokenizerphp53-wddxphp53-xmlreaderphp53-xmlrpcphp53-xmlwriterphp53-xslphp53-zipphp53-zlibcifs-utilsdbus-1-glibdbus-1-glib-32bitdbus-1-glib-x86dhcpcddhcpv6ecryptfs-utilsecryptfs-utils-32bitecryptfs-utils-x86edfoomatic-filtersglibcglibc-32bitglibc-develglibc-devel-32bitglibc-htmlglibc-i18ndataglibc-infoglibc-localeglibc-locale-32bitglibc-locale-x86glibc-profileglibc-profile-32bitglibc-profile-x86glibc-x86nscdkbdkdenetwork4-filesharingkgetkopetekrdckrfblibldb1libtalloc2libtalloc2-32bitlibtalloc2-x86libtevent0libcap-progslibcap2libcap2-32bitlibcap2-x86libcgroup1libfreebl3libfreebl3-32bitlibfreebl3-x86mozilla-nssmozilla-nss-32bitmozilla-nss-toolsmozilla-nss-x86libgdiplus0libgnomesulibgnomesu-langlibgnomesu0mysql-toolslibnewt0_52newtpython-newtlibrsvglibrsvg-32bitlibrsvg-x86rsvg-viewlibvirt-clientlibvirt-client-32bitlibxcryptlibxcrypt-32bitlibxcrypt-x86pam-modulespam-modules-32bitpam-modules-x86pwdutilspwdutils-plugin-auditlibzip1logrotatelogwatchlvm2mipv6dmozilla-xulrunner192mozilla-xulrunner192-32bitmozilla-xulrunner192-gnomemozilla-xulrunner192-translationsmozilla-xulrunner192-x86ofedofed-docofed-kmp-defaultofed-kmp-paeofed-kmp-ppc64ofed-kmp-traceopenslpopenslp-32bitopenslp-serveropenslp-x86opieopie-32bitopie-x86pangopango-32bitpango-docpango-x86pcsc-ccidpcsc-litepcsc-lite-32bitpcsc-lite-x86perl-libwww-perlpure-ftpdpython-sssd-configsssdsssd-32bitsssd-toolsradvdrsyslogrsyslog-diag-toolsrsyslog-docrsyslog-module-gssapirsyslog-module-gtlsrsyslog-module-mysqlrsyslog-module-pgsqlrsyslog-module-relprsyslog-module-snmprsyslog-module-udpspoofsquid3squidGuardsquidGuard-docsysconfigsystem-config-printersystem-config-printer-langt1libtftptgttomcat6tomcat6-admin-webappstomcat6-docs-webapptomcat6-javadoctomcat6-jsp-2_1-apitomcat6-libtomcat6-servlet-2_5-apitomcat6-webappsvtevte-docvte-langxen-libs-32bitxorg-x11-libsxorg-x11-libs-32bitxorg-x11-libs-x86yast2MesaMesa-32bitMesa-x86antant-traxapache2-mod_security2arkkcalckcharselectkdesshkdfkfloppykgpgktimerkwalletmanagerkwikdiskoktetalibboost_thread1_36_0compat-libldap-2_3-0libldap-2_4-2libldap-2_4-2-32bitlibldap-2_4-2-x86openldap2openldap2-back-metaopenldap2-clientcvscvs-doclibgnutls-extra26guestfs-dataguestfs-toolsguestfsdlibguestfs0hyper-vibutilsibutils-32bitjakarta-commons-httpclient3java-1_7_0-ibmjava-1_7_0-ibm-alsajava-1_7_0-ibm-jdbcjava-1_7_0-ibm-pluginjpeglibjpeglibjpeg-32bitlibjpeg-x86libecpg6libpq5libpq5-32bitpostgresql91postgresql91-contribpostgresql91-docspostgresql91-serverlibsoftokn3libsoftokn3-32bitlibsoftokn3-x86libopenssl0_9_8-hmaclibopenssl0_9_8-hmac-32bitlibotr2libproxy0libproxy0-32bitlibproxy0-config-gnomelibproxy0-config-kde4libproxy0-networkmanagerlibproxy0-x86libsss_idmap0libtspi1libtspi1-32bitlibtspi1-x86trouserslibupsclient1nutnut-classicnut-drivers-netlibvirt-lock-sanlocknfs-clientopenCryptokiopenCryptoki-32bitopenCryptoki-64bitperl-Module-Buildperl-Test-Simplepython-pamsblim-sfcbsocatstunneltaglibtaglib-32bittaglib-x86unixODBC_23virt-utilsx3270xorg-x11-libxcbxorg-x11-libxcb-32bitxorg-x11-libxcb-x86xorg-x11-server-dmxxorg-x11-server-rdpa2psapache2-mod_nssaugeasaugeas-lenseslibaugeas0automakebashbash-docbash-x86libreadline5libreadline5-32bitlibreadline5-x86readline-docbinutilsboost-license1_49_0libboost_system1_49_0libboost_thread1_49_0coreutilscoreutils-langcoreutils-x86cpiocpio-langdavfs2dnsmasqelfutilslibasm1libasm1-32bitlibdw1libdw1-32bitlibdw1-x86libebl1libebl1-32bitlibebl1-x86libelf1libelf1-32bitlibelf1-x86fastjargpgmelibgpgme11jakarta-commons-fileuploadjakarta-commons-fileupload-javadocjava-1_7_1-ibmjava-1_7_1-ibm-alsajava-1_7_1-ibm-jdbcjava-1_7_1-ibm-pluginkdebase4-runtimekdirstatlibtevent0-32bitlibFLAC++6libFLAC8libFLAC8-32bitlibFLAC8-x86libapr-util1-dbd-sqlite3libblkid1libblkid1-32bitlibblkid1-x86libuuid1libuuid1-32bitlibuuid1-x86util-linuxutil-linux-languuid-runtimepostgresql94postgresql94-contribpostgresql94-docspostgresql94-serverlibevent-1_4-2libgcc_s1libgcc_s1-32bitlibgcc_s1-x86libgfortran3libgomp1libgomp1-32bitlibquadmath0libstdc++6libstdc++6-32bitlibstdc++6-x86libgcrypt11libgcrypt11-32bitlibgcrypt11-x86libjasperlibjasper-32bitlibjasper-x86libksbaliblzo2-2liblzo2-2-32bitliblzo2-2-x86libmpfr1libmpfr1-32bitlibmpfr1-x86libmspack0libmysql55client18libmysql55client18-32bitlibmysql55client18-x86libmysql55client_r18libmysql55client_r18-32bitlibmysql55client_r18-x86libpixman-1-0libpixman-1-0-32bitlibpixman-1-0-x86libpulse-mainloop-glib0-32bitlibpulse-mainloop-glib0-x86libssh2-1libtasn1libtasn1-3libtasn1-3-32bitlibtasn1-3-x86libtevent0-x86libwsman1openwsman-clientopenwsman-serversuseRegisterlxcmailxmozilla-nsprmozilla-nspr-32bitmozilla-nspr-x86nagios-nrpenagios-nrpe-docnagios-plugins-nrpenfs-docnfs-kernel-serveropenssh-fipspoptpopt-32bitpopt-x86rpmrpm-32bitrpm-x86powerpc-utilsppc64-diagpppprocmailpython-imagingpython-lxmlpython-pywbemsendmailshimstrongswanstrongswan-doctcpdumpvinovino-langvsftpdwpa_supplicantxalan-j2xinetdxorg-x11-libX11xorg-x11-libX11-32bitxorg-x11-libX11-x86xorg-x11-libXextxorg-x11-libXext-32bitxorg-x11-libXext-x86xorg-x11-libXfixesxorg-x11-libXfixes-32bitxorg-x11-libXfixes-x86xorg-x11-libXpxorg-x11-libXp-32bitxorg-x11-libXp-x86xorg-x11-libXrenderxorg-x11-libXrender-32bitxorg-x11-libXrender-x86xorg-x11-libXtxorg-x11-libXt-32bitxorg-x11-libXt-x86xorg-x11-libXvxorg-x11-libXv-32bitxorg-x11-libXv-x86curl-openssl1libcurl4-openssl1libcurl4-openssl1-32bitlibldap-openssl1-2_4-2libldap-openssl1-2_4-2-32bitlibopenssl1-devellibopenssl1_0_0libopenssl1_0_0-32bitopenssl1openssl1-doclibslp1-openssl1libsnmp15-openssl1libsnmp15-openssl1-32bitmailx-openssl1openssh-openssl1openssh-openssl1-helpersopenvpn-openssl1openvpn-openssl1-down-root-pluginsblim-sfcb-openssl1stunnel-openssl1vsftpd-openssl1wget-openssl1kernel-ec2kernel-ec2-basemicrocode_ctlkernel-docspython-Jinja2python-azure-agentclamav-openssl1cyrus-sasl-openssl1cyrus-sasl-openssl1-32bitcyrus-sasl-openssl1-crammd5cyrus-sasl-openssl1-digestmd5cyrus-sasl-openssl1-gssapicyrus-sasl-openssl1-ntlmcyrus-sasl-openssl1-otpcyrus-sasl-openssl1-plaincyrus-sasl-openssl1-x86libcurl4-openssl1-x86libldap-openssl1-2_4-2-x86cyrus-sasl-openssl1-crammd5-32bitcyrus-sasl-openssl1-crammd5-x86cyrus-sasl-openssl1-digestmd5-32bitcyrus-sasl-openssl1-digestmd5-x86cyrus-sasl-openssl1-gssapi-32bitcyrus-sasl-openssl1-gssapi-x86cyrus-sasl-openssl1-otp-32bitcyrus-sasl-openssl1-otp-x86cyrus-sasl-openssl1-plain-32bitcyrus-sasl-openssl1-plain-x86libopenssl1_0_0-x86openldap2-client-openssl1openldap2-openssl1compat-openssl097gcompat-openssl097g-32bitSLES_SAP-releasejava-1_4_2-ibm-sapjava-1_4_2-ibm-sap-develsap_suse_cluster_connectorclamsaplighttpd-mod_cmllighttpd-mod_magnetlighttpd-mod_mysql_vhostlighttpd-mod_rrdtoollighttpd-mod_trigger_b4_dllighttpd-mod_webdavrhn-virtualization-commonrhn-virtualization-hostrhncfgrhncfg-actionsrhncfg-clientrhncfg-managementkoanlibzypprhnmdspacewalk-backend-libsspacewalk-certs-toolsosa-commonosadsaltsalt-docsalt-minionsupportutils-plugin-susemanager-clientrhnlibspacecmdspacewalk-checkspacewalk-client-setupspacewalk-client-toolsmgr-cfgmgr-cfg-actionsmgr-cfg-clientmgr-cfg-managementmgr-daemonmgr-osadmgr-virtualization-hostpython2-mgr-cfgpython2-mgr-cfg-actionspython2-mgr-cfg-clientpython2-mgr-cfg-managementpython2-mgr-osa-commonpython2-mgr-osadpython2-mgr-virtualization-commonpython2-mgr-virtualization-hostpython2-rhnlibspacewalk-remote-utilspython2-spacewalk-checkpython2-spacewalk-client-setuppython2-spacewalk-client-toolsgolang-github-wrouesnel-postgres_exportermgr-custom-infomgr-pushpython2-mgr-pushpython2-spacewalk-koanpython2-spacewalk-oscappython2-suseRegisterInfopython2-uyuni-common-libsspacewalk-koanspacewalk-oscapsuseRegisterInfopython-pycryptolibzmq3SUSE_SLES_SAP-releaseMozillaFirefox-branding-SLEDgconf2gconf2-32bitgconf2-x86libidllibidl-32bitlibidl-x86orbit2orbit2-32bitorbit2-x86procpsacllibacllibacl-32bitlibacl-x86libgcc43libgcc43-32bitlibgcc43-x86libstdc++43libstdc++43-32bitlibstdc++43-x86keyutils-libskeyutils-libs-32bitkeyutils-libs-x86libidnlibidn-32bitlibidn-x86cyrus-saslcyrus-sasl-32bitcyrus-sasl-crammd5cyrus-sasl-crammd5-32bitcyrus-sasl-crammd5-x86cyrus-sasl-digestmd5cyrus-sasl-gssapicyrus-sasl-gssapi-32bitcyrus-sasl-gssapi-x86cyrus-sasl-otpcyrus-sasl-otp-32bitcyrus-sasl-otp-x86cyrus-sasl-plaincyrus-sasl-plain-32bitcyrus-sasl-plain-x86cyrus-sasl-x86gtkhtml2gtkhtml2-langcdparanoiacdparanoia-32bitcdparanoia-x86desktop-file-utilsfamfam-32bitfam-x86gnome-vfs2gnome-vfs2-32bitgnome-vfs2-x86gstreamer-0_10libogg0libogg0-32bitlibogg0-x86liboilliboil-32bitliboil-x86gdmgdm-branding-upstreamgdm-langlibgpg-error0libgpg-error0-32bitlibgpg-error0-x86iscsitargetiscsitarget-kmp-defaultiscsitarget-kmp-paeiscsitarget-kmp-ppc64iscsitarget-kmp-vmiiscsitarget-kmp-xenjava-1_5_0-beajava-1_5_0-bea-consolejava-1_5_0-bea-fontsjava-1_5_0-bea-jdbcjava-1_6_0-ibm-alsa-x86java-1_6_0-ibm-x86kde4-akonadikde4-akregatorkde4-kaddressbookkde4-kalarmkde4-kjotskde4-kmailkde4-knodekde4-knoteskde4-kontactkde4-korganizerkde4-ktimetrackerkde4-ktnefkdepim4kdepim4-wizardskdepimlibs4libakonadi4libkdepim4libkdepimlibs4kde4-gwenviewkde4-kcolorchooserkde4-krulerkde4-ksnapshotkde4-okularlibkipi5kde4-kdmkde4-kwinkde4-kgetkde4-knewstickerkde4-kopetekde4-krdckde4-krfbutempterutempter-32bitutempter-x86ext4dev-kmp-defaultext4dev-kmp-paeext4dev-kmp-ppc64ext4dev-kmp-vmiext4dev-kmp-xenkernel-kdumpkernel-vmikernel-vmi-baseoracleasm-kmp-defaultkvm-kmp-defaultkvm-kmp-paelibHX13libHX13-32bitlibHX13-x86libesmtpzlibzlib-32bitzlib-x86libpoppler4libtheora0libtheora0-32bitlibtheora0-x86libvolume_id1udevopen-iscsiperl-IO-Socket-SSLwebsphere-as_celibcmpiutillibvirt-cimvirt-managervirt-viewervm-installxerces-j2xerces-j2-xml-apisxerces-j2-xml-resolveryast2-ldap-serverConsoleKitConsoleKit-32bitConsoleKit-x11firefox-fontconfigfirefox-libffi4firefox-libgcc_s1firefox-libstdc++6MozillaFirefox-translations-commonMozillaFirefox-translations-othermozilla-nss-certsmozilla-nss-certs-32bitNetworkManager-kde4NetworkManager-kde4-langNetworkManager-kde4-libsNetworkManager-openvpn-kde4NetworkManager-pptp-kde4plasmoid-networkmanagementSDLSDL-32bitSuSEfirewall2aideamandaapache2-mod_pythonapportapport-crashdb-sleapport-gtkarpwatchaspellaspell-32bitaspell-ispellatftpaudiofileaudiofile-32bitaxisbind-develbluezlibbluetooth3cairocairo-32bitcairo-docsamba-doccracklibcracklib-32bitctagslibdjvulibre21libexempi3facterfile-rollerfile-roller-langmozilla-kde4-integrationfirefox-gio-branding-upstreamfirefox-glib2-langfirefox-glib2-toolsfirefox-gtk3-branding-upstreamfirefox-gtk3-datafirefox-gtk3-immodule-amharicfirefox-gtk3-immodule-inuktitutfirefox-gtk3-immodule-multipressfirefox-gtk3-immodule-thaifirefox-gtk3-immodule-vietnamesefirefox-gtk3-immodule-ximfirefox-gtk3-immodules-tigrignafirefox-gtk3-langfirefox-gtk3-toolsfirefox-libgtk-3-0libfirefox-gio-2_0-0libfirefox-glib-2_0-0libfirefox-gmodule-2_0-0libfirefox-gobject-2_0-0libfirefox-gthread-2_0-0firefox-atk-langfirefox-gdk-pixbuf-langfirefox-gdk-pixbuf-query-loadersfirefox-gdk-pixbuf-thumbnailerfirefox-libatk-1_0-0firefox-libcairo-gobject2firefox-libcairo2firefox-libffi7firefox-libgdk_pixbuf-2_0-0firefox-libharfbuzz0firefox-libpango-1_0-0firefox-at-spi2-corefirefox-at-spi2-core-langfirefox-dbus-1-glibfirefox-libatk-bridge-2_0-0firefox-libatspi0firefox-libfreetype6firefox-libpixman-1-0cpp43gcc43gcc43-32bitgcc43-c++gcc43-fortrangcc43-fortran-32bitgcc43-infogcc43-localelibstdc++43-devellibstdc++43-devel-32bitlibstdc++43-doccpp48gcc48gcc48-32bitgcc48-c++gcc48-fortrangcc48-fortran-32bitgcc48-infogcc48-localelibasan0libasan0-32bitlibatomic1libatomic1-32bitlibgfortran3-32bitlibitm1libitm1-32bitlibmpfr4libquadmath0-32bitlibstdc++48-devellibstdc++48-devel-32bitlibtsan0giflibgiflib-32bitgiflib-progsgmpgmp-32bitgnome-sessiongnome-session-langgnuplotgraphvizgraphviz-gdgraphviz-gnomeguilegwenviewkcolorchooserkrulerksnapshotlibkexiv2-7libkipi6okularhunspellhunspell-32bithunspell-toolsinninst-source-utilsiscsitarget-kmp-tracejakarta-commons-collectionsjakarta-commons-collections-javadocjakarta-commons-collections-tomcat5jakarta-taglibs-standardjakarta-taglibs-standard-javadockde4-l10n-arkde4-l10n-bgkde4-l10n-cakde4-l10n-cskde4-l10n-csbkde4-l10n-dakde4-l10n-dekde4-l10n-elkde4-l10n-en_GBkde4-l10n-eskde4-l10n-etkde4-l10n-eukde4-l10n-fikde4-l10n-frkde4-l10n-gakde4-l10n-glkde4-l10n-hikde4-l10n-hukde4-l10n-iskde4-l10n-itkde4-l10n-jakde4-l10n-kkkde4-l10n-kmkde4-l10n-kokde4-l10n-kukde4-l10n-ltkde4-l10n-lvkde4-l10n-mkkde4-l10n-mlkde4-l10n-nbkde4-l10n-ndskde4-l10n-nlkde4-l10n-nnkde4-l10n-pakde4-l10n-plkde4-l10n-ptkde4-l10n-pt_BRkde4-l10n-rokde4-l10n-rukde4-l10n-slkde4-l10n-svkde4-l10n-thkde4-l10n-trkde4-l10n-ukkde4-l10n-wakde4-l10n-zh_CNkde4-l10n-zh_TWkdumpbtrfs-kmp-defaultbtrfs-kmp-paebtrfs-kmp-xenext4dev-kmp-tracehyper-v-kmp-defaulthyper-v-kmp-paehyper-v-kmp-tracexen-kmp-tracekrb5-develkrb5-devel-32bitlesslhalibcacalibcares2libcdio7libcdio7-32bitlibcdio_cdda0libcdio_paranoia0libcroco-0_6-3libcroco-0_6-3-32bitdb-docdb-utilsdb-utils-doclibdb-4_5libdb-4_5-32bitlibgssglue1libical0libical0-32bitliblouisliblouis0python-louislibnllibnl-32bitlibopenssl-devellibpciaccess0libpciaccess0-32bitlibraptor1libtcnative-1-0rpcbindlibunwindlibunwind-devellibxml2-pythonlog4jman-pagesminicommozilla-nss-develmozilla-nspr-develnautilusnautilus-32bitnautilus-langlibncurses5libncurses5-32bitlibncurses6libncurses6-32bitncurses-develncurses-devel-32bitncurses-utilstackterminfoterminfo-basenmapyast2-ntp-clientcxgb3-firmwarelibslp1-openssl1-32bitopenssh-askpass-gnomeopenssl-certslibopenssl1-devel-32bitpermissionsorcaorca-langpam_pkcs11pam_pkcs11-32bitpatchperfperl-Archive-Zipperl-Config-Generalperl-Convert-ASN1perl-DBD-mysqlperl-DBIperl-PlRPCperl-XML-LibXMLpolicycoreutilsrpm-pythonpostfixpostfix-docpostfix-mysqlpostgresql-initpostgresql10postgresql10-contribpostgresql10-docspostgresql10-serverpostgresql10-develpostgresql94-develpython-docpython-doc-pdfpython-develpython-numpylibpython2_7-1_0libpython2_7-1_0-32bitpython27python27-32bitpython27-basepython27-base-32bitpython27-cursespython27-demopython27-develpython27-docpython27-doc-pdfpython27-gdbmpython27-idlepython27-tkpython27-xmlpython-rpm-macrospython27-setuptoolsquotaquota-nfsrzszsane-backendsscreenperl-satsolverpython-satsolversatsolver-toolsyast2-packageryast2-pkg-bindingsyast2-wagonzypperlibspeexlibspeex-32bitlibsqlite3-0libsqlite3-0-32bitsqlite3supportutilstightvnctransfiglibwavpack1wireshark-gtklibjack0libsmilibwireshark8libwiretap6libwscodecs1libwsutil7portaudioxorg-x11-libICExorg-x11-libICE-32bitxorg-x11-libXdmcpxorg-x11-libXdmcp-32bitxorg-x11-libXpmxorg-x11-libXpm-32bitxscreensaverliblzma5liblzma5-32bitxzxz-langyast2-storageyast2-storage-libzlib-develzlib-devel-32bitzshxen-develjava-1_6_0-ibm-develjava-1_7_0-ibm-devellibpq5-x86libopenssl0_9_8-hmac-x86yast2-vmyast2-networkzypper-logansiblelibyaml-0-2python-PyYAMLpython-ecdsapython-paramikopython-coveragepython-passlibapache2-devellibavahi-glib1libavahi-glib1-32bitbcellibbz2-develcloud-initcloud-init-config-susecloud-init-doclibcurl-develcyrus-sasl-digestmd5-32bitcyrus-sasl-saslauthdcyrus-sasl-sqlauxpropcyrus-sasl-sqlauxprop-32bitdosfstoolsfontconfigfontconfig-32bitfribidifribidi-32bitgdbgiflib-x86grepgrub2-x86_64-efigrub2-x86_64-xenintel-SINITkernel-bigsmpkernel-bigsmp-baseiscsitarget-kmp-bigsmpofed-kmp-bigsmporacleasm-kmp-bigsmplibcap-ng-utilslibcap-ng0libcap-ng0-32bitlibyajl1libyajl1-32bitlldpadliblua5_1mokutilp7zippam_radiuspam_radius-32bitpostgresql-jdbcpython-httplib2python-pippython-setuptoolspython27-Jinja2python27-ecdsapython27-boto3python27-botocorepython27-s3transferpython27-urllib3growpartpython27-Cheetahpython27-MarkupSafepython27-PrettyTablepython27-PyJWTpython27-PyYAMLpython27-argparsepython27-blinkerpython27-cffipython27-configobjpython27-cryptographypython27-dateutilpython27-docutilspython27-enum34python27-futurespython27-httplib2python27-idnapython27-ipaddresspython27-jmespathpython27-jsonpatchpython27-jsonpointerpython27-jsonschemapython27-lockfilepython27-oauthpython27-oauthlibpython27-paramikopython27-plypython27-pyasn1python27-pyasn1-modulespython27-pycparserpython27-pycryptopython27-pyserialpython27-pytestpython27-python-daemonpython27-requestspython27-simplejsonpython27-sixgnu-efitboottelnettelnet-serverxfsprogsxrdpSDL-x86audiofile-x86libavahi-glib1-x86cairo-x86cracklib-x86crashcrash-eppicfontconfig-x86libffi4libffi4-32bitlibstdc++6-localegdb-x86ipmitooljava-1_7_1-ibm-develkernel-bigmemkernel-bigmem-basekernel-firmwareiscsitarget-kmp-bigmemofed-kmp-bigmemoracleasmoracleasm-kmp-bigmemoracleasm-kmp-paeoracleasm-kmp-ppc64oracleasm-kmp-traceoracleasm-kmp-xenlibdb-4_5-x86perl-Sys-Virtnautilus-x86libncurses5-x86libncurses6-x86libvmtools0open-vm-toolsopen-vm-tools-desktopopenssh-helperspam_pkcs11-x86libspice-server1libsqlite3-0-x86xorg-x11-libICE-x86xorg-x11-libXdmcp-x86xorg-x11-libXpm-x86(aarch64|ppc64le|s390x|x86_64)0:0.9.1-154.2411.1(aarch64|ppc64le|s390x|x86_64)0:3.5.9-0.1.1(aarch64|ppc64le|s390x|x86_64)0:0.7.0.r4359-15.22.49(aarch64|ppc64le|s390x|x86_64)0:0.7.0.r1053-11.16.61(aarch64|ppc64le|s390x|x86_64)0:1.6.1-83.17.1(aarch64|ppc64le|s390x|x86_64)0:0.3.14-2.12.105(aarch64|ppc64le|s390x|x86_64)0:0.5.12-23.40.5(aarch64|ppc64le|s390x|x86_64)0:0.5.12-23.40.6(aarch64|ppc64le|s390x|x86_64)0:2.17.35-0.2.17(aarch64|ppc64le|s390x|x86_64)0:0.9-14.34.9(aarch64|ppc64le|s390x|x86_64)0:0.9-14.34.11(aarch64|ppc64le|s390x|x86_64)0:2.6.2-1.14(aarch64|ppc64le|s390x|x86_64)0:2.2.10-2.24.5(aarch64|ppc64le|s390x|x86_64)0:2.0.4-40.19(aarch64|ppc64le|s390x|x86_64)0:5.2.6-50.24.1(aarch64|ppc64le|s390x|x86_64)0:0.6.23-11.19.22(aarch64|ppc64le|s390x|x86_64)0:9.5.0P2-20.7.1(aarch64|ppc64le|s390x|x86_64)0:1.36.0-11.17(aarch64|ppc64le|s390x|x86_64)0:1.0.5-34.246(aarch64|ppc64le|s390x|x86_64)0:3.4.3-1.17.2(aarch64|ppc64le|s390x|x86_64)0:1.34b-11.17.2(aarch64|ppc64le|s390x|x86_64)0:0.96-0.12.1(aarch64|ppc64le|s390x|x86_64)0:1.1.0-22.24(aarch64|ppc64le|s390x|x86_64)0:4.1-194.24.4(aarch64|ppc64le|s390x|x86_64)0:1.3.9-8.30.1(aarch64|ppc64le|s390x|x86_64)0:7.19.0-11.24.25(aarch64|ppc64le|s390x|x86_64)0:2.3.11-60.21.1(aarch64|ppc64le|s390x|x86_64)0:1.2.10-3.11.29(aarch64|ppc64le|s390x|x86_64)0:1.2.10-3.11.33(aarch64|ppc64le|s390x|x86_64)0:3.1.3.ESV-0.3.38(aarch64|ppc64le|s390x|x86_64)0:1.41.9-2.1.51(aarch64|ppc64le|s390x|x86_64)0:22.3-4.32.4(aarch64|ppc64le|s390x|x86_64)0:1.6.4-152.17.55(aarch64|ppc64le|s390x|x86_64)0:2.28.2-0.2.68(aarch64|ppc64le|s390x|x86_64)0:2.28.2-0.10.9(aarch64|ppc64le|s390x|x86_64)0:2.0.1-88.26.1(aarch64|ppc64le|s390x|x86_64)0:6.3.8.90-13.16.1(aarch64|ppc64le|s390x|x86_64)0:4.24-43.17(aarch64|ppc64le|s390x|x86_64)0:4.4.0-38.24.11(aarch64|ppc64le|s390x|x86_64)0:2.1.1-7.7.19.77(aarch64|ppc64le|s390x|x86_64)0:2.3.7-25.10.1(aarch64|ppc64le|s390x|x86_64)0:2.3.7-25.9(aarch64|ppc64le|s390x|x86_64)0:2.7.2-61.18.1(aarch64|ppc64le|s390x|x86_64)0:2.5.26-1.25(aarch64|ppc64le|s390x|x86_64)0:1.1.36-26.31(aarch64|ppc64le|s390x|x86_64)0:2.0.36.RC1-52.18(aarch64|ppc64le|s390x|x86_64)0:8.62-32.27.31(aarch64|ppc64le|s390x|x86_64)0:4.2.7-32.27.31(aarch64|ppc64le|s390x|x86_64)0:2.22.5-0.2.23(aarch64|ppc64le|s390x|x86_64)0:2.2.23-1.41.1(aarch64|ppc64le|s390x|x86_64)0:2.4.8-1.2.55(aarch64|ppc64le|s390x|x86_64)0:2.28.3-0.4.30(aarch64|ppc64le|s390x|x86_64)0:2.4.1-24.19.1(aarch64|ppc64le|s390x|x86_64)0:2.0.9-25.25.1(aarch64|ppc64le|s390x|x86_64)0:0.10.25-1.1.133(aarch64|ppc64le|s390x|x86_64)0:0.10.17-1.1.126(aarch64|ppc64le|s390x|x86_64)0:2.18.9-0.4.1(aarch64|ppc64le|s390x|x86_64)0:7.2-8.8(aarch64|ppc64le|s390x|x86_64)0:1.3.12-69.19.1(aarch64|ppc64le|s390x|x86_64)0:3.9.8-3.4.30(aarch64|ppc64le|s390x|x86_64)0:0.7.3-1.1.93(aarch64|ppc64le|s390x|x86_64)0:1.4.2_sr13.3-1.1.1(aarch64|ppc64le|s390x|x86_64)0:1.6.0_sr7.0-1.6.21(aarch64|ppc64le|s390x|x86_64)0:4.3.5-0.8.35(aarch64|ppc64le|s390x|x86_64)0:4.3.5-0.8.40(aarch64|ppc64le|s390x|x86_64)0:3.5.10-20.31(aarch64|ppc64le|s390x|x86_64)0:3.5.10-23.27.1(aarch64|ppc64le|s390x|x86_64)0:4.3.5-0.2.46(aarch64|ppc64le|s390x|x86_64)0:2.6.32.12-0.7.1(aarch64|ppc64le|s390x|x86_64)0:1.6.3-133.27.1(aarch64|ppc64le|s390x|x86_64)0:1.6.3-133.21(aarch64|ppc64le|s390x|x86_64)0:1.6.3-133.12(aarch64|ppc64le|s390x|x86_64)0:0.12.3-0.11.1(aarch64|ppc64le|s390x|x86_64)0:1.17-77.14.19(aarch64|ppc64le|s390x|x86_64)0:6.4.3.6-7.20.1(aarch64|ppc64le|s390x|x86_64)0:4.6.2-1.6.9(aarch64|ppc64le|s390x|x86_64)0:4.6.2-1.6.11(aarch64|ppc64le|s390x|x86_64)0:4.6.2-1.6.10(aarch64|ppc64le|s390x|x86_64)0:1.4-73.21(aarch64|ppc64le|s390x|x86_64)0:1.3.4-12.20.2(aarch64|ppc64le|s390x|x86_64)0:1.3.3-11.16.1(aarch64|ppc64le|s390x|x86_64)0:2.5.5-5.19(aarch64|ppc64le|s390x|x86_64)0:2.4.17-0.3.12(aarch64|ppc64le|s390x|x86_64)0:0.6.17-2.12(aarch64|ppc64le|s390x|x86_64)0:0.17.1-31.20(aarch64|ppc64le|s390x|x86_64)0:2.28.0-1.2.20(aarch64|ppc64le|s390x|x86_64)0:4.0-7.24.11(aarch64|ppc64le|s390x|x86_64)0:2.2.6-2.131.1(aarch64|ppc64le|s390x|x86_64)0:2.1.5-5.18(aarch64|ppc64le|s390x|x86_64)0:5.0.67-13.20.1(aarch64|ppc64le|s390x|x86_64)0:0.28.3-2.12.1(aarch64|ppc64le|s390x|x86_64)0:10.26.44-101.9.1(aarch64|ppc64le|s390x|x86_64)0:0.11.6-5.25.1(aarch64|ppc64le|s390x|x86_64)0:0.9.8h-30.27.11(aarch64|ppc64le|s390x|x86_64)0:1.2.31-5.12.1(aarch64|ppc64le|s390x|x86_64)0:0.12.3-1.2.44(aarch64|ppc64le|s390x|x86_64)0:0.9.21-1.5.26(aarch64|ppc64le|s390x|x86_64)0:2.6.0-8.9.20(aarch64|ppc64le|s390x|x86_64)0:0.8.4-194.23.38(aarch64|ppc64le|s390x|x86_64)0:0.18-1.15(aarch64|ppc64le|s390x|x86_64)0:0.2.1-1.2.16(aarch64|ppc64le|s390x|x86_64)0:0.1.4-1.15(aarch64|ppc64le|s390x|x86_64)0:1.0.20-2.1.46(aarch64|ppc64le|s390x|x86_64)0:5.4.2.1-8.2.1(aarch64|ppc64le|s390x|x86_64)0:2.28.2-0.1.151(aarch64|ppc64le|s390x|x86_64)0:3.8.2-141.8.1(aarch64|ppc64le|s390x|x86_64)0:0.7.6-1.9.8(aarch64|ppc64le|s390x|x86_64)0:1.2.0-79.12(aarch64|ppc64le|s390x|x86_64)0:2.7.6-0.1.37(aarch64|ppc64le|s390x|x86_64)0:1.1.24-19.15(aarch64|ppc64le|s390x|x86_64)0:1.2.10-1.36(aarch64|ppc64le|s390x|x86_64)0:2.1.12-0.1.1(aarch64|ppc64le|s390x|x86_64)0:2.5.2-17.16(aarch64|ppc64le|s390x|x86_64)0:2.0.1-1.19.1(aarch64|ppc64le|s390x|x86_64)0:1.9.0.19-0.1.1(aarch64|ppc64le|s390x|x86_64)0:1.9.1.9-1.12.1(aarch64|ppc64le|s390x|x86_64)0:1.5.17-42.33.1(aarch64|ppc64le|s390x|x86_64)0:3.0.6-1.21.1(aarch64|ppc64le|s390x|x86_64)0:1.4.13-1.35(aarch64|ppc64le|s390x|x86_64)0:4.2.4p8-1.3.28(aarch64|ppc64le|s390x|x86_64)0:5.1p1-41.31.36(aarch64|ppc64le|s390x|x86_64)0:2.6.16-1.34.3(aarch64|ppc64le|s390x|x86_64)0:2.0.9-143.31(aarch64|ppc64le|s390x|x86_64)0:1.0.4-0.5.12(aarch64|ppc64le|s390x|x86_64)0:2.3.1-47.10.15(aarch64|ppc64le|s390x|x86_64)0:184-147.20(aarch64|ppc64le|s390x|x86_64)0:0.47-13.13.65(aarch64|ppc64le|s390x|x86_64)0:5.10.0-64.47.8(aarch64|ppc64le|s390x|x86_64)0:3.56-1.18.1(aarch64|ppc64le|s390x|x86_64)0:804.028-50.24(aarch64|ppc64le|s390x|x86_64)0:3.2.5-26.22.18(aarch64|ppc64le|s390x|x86_64)0:8.3.9-0.1.1(aarch64|ppc64le|s390x|x86_64)0:0.24.8-1.3.5(aarch64|ppc64le|s390x|x86_64)0:2.6.0-8.9.28(aarch64|ppc64le|s390x|x86_64)0:3.3.8b-88.21(aarch64|ppc64le|s390x|x86_64)0:0.99.15-0.1.55(aarch64|ppc64le|s390x|x86_64)0:3.0.4-2.33.82(aarch64|ppc64le|s390x|x86_64)0:1.8.7.p72-5.24.2(aarch64|ppc64le|s390x|x86_64)0:2.7.STABLE5-2.4.1(aarch64|ppc64le|s390x|x86_64)0:1.5final-28.19(aarch64|ppc64le|s390x|x86_64)0:1.6.9p17-21.3.1(aarch64|ppc64le|s390x|x86_64)0:2.0.9-27.27.19(aarch64|ppc64le|s390x|x86_64)0:8.1.5-7.9.56(aarch64|ppc64le|s390x|x86_64)0:1.0-0.15.16(aarch64|ppc64le|s390x|x86_64)0:1.20-23.23.1(aarch64|ppc64le|s390x|x86_64)0:3.80.2-2.8(aarch64|ppc64le|s390x|x86_64)0:5.52-142.23.43(aarch64|ppc64le|s390x|x86_64)0:0.5.2-132.1.37(aarch64|ppc64le|s390x|x86_64)0:1.11.4-1.15.1(aarch64|ppc64le|s390x|x86_64)0:1.0.5-1.34.1(aarch64|ppc64le|s390x|x86_64)0:1.0.2-36.18(aarch64|ppc64le|s390x|x86_64)0:4.0.0_21091_04-0.2.6(aarch64|ppc64le|s390x|x86_64)0:4.0.0_21091_04_2.6.32.12_0.7-0.2.6(aarch64|ppc64le|s390x|x86_64)0:7.4-9.24.15(aarch64|ppc64le|s390x|x86_64)0:7.4-27.19.19(aarch64|ppc64le|s390x|x86_64)0:3.02-138.26.1(aarch64|ppc64le|s390x|x86_64)0:238-1.16(aarch64|ppc64le|s390x|x86_64)0:2.10-911.2211.2(aarch64|ppc64le|s390x|x86_64)0:10.0-0.3.2(aarch64|ppc64le|s390x|x86_64)0:0.7.1_git20090811-3.20.5(aarch64|ppc64le|s390x|x86_64)0:0.7.1-5.22.28(aarch64|ppc64le|s390x|x86_64)0:0.3.14-2.23.126(aarch64|ppc64le|s390x|x86_64)0:0.5.12-23.58.22(aarch64|ppc64le|s390x|x86_64)0:0.5.12-23.58.21(aarch64|ppc64le|s390x|x86_64)0:0.9-14.39.1(aarch64|ppc64le|s390x|x86_64)0:0.9-14.39.2(aarch64|ppc64le|s390x|x86_64)0:11-6.65.1(aarch64|ppc64le|s390x|x86_64)0:1.0.6-91.16.1(aarch64|ppc64le|s390x|x86_64)0:2.7.0-18.7.1(aarch64|ppc64le|s390x|x86_64)0:2.2.12-1.28.1(aarch64|ppc64le|s390x|x86_64)0:1.2.26-1.30.110(aarch64|ppc64le|s390x|x86_64)0:5.2.14-0.7.24.1(aarch64|ppc64le|s390x|x86_64)0:5.3.8-0.19.6(aarch64|ppc64le|s390x|x86_64)0:9.6ESVR5P1-0.8.1(aarch64|ppc64le|s390x|x86_64)0:1.0.5-34.253.1(aarch64|ppc64le|s390x|x86_64)0:5.1-0.4.9(aarch64|ppc64le|s390x|x86_64)0:0.97.3-0.2.1(aarch64|ppc64le|s390x|x86_64)0:4.1-194.199.1(aarch64|ppc64le|s390x|x86_64)0:1.3.9-8.44.1(aarch64|ppc64le|s390x|x86_64)0:7.19.7-1.18.1(aarch64|ppc64le|s390x|x86_64)0:2.3.11-60.65.64.1(aarch64|ppc64le|s390x|x86_64)0:1.2.10-3.23.1(aarch64|ppc64le|s390x|x86_64)0:0.76-34.22.1(aarch64|ppc64le|s390x|x86_64)0:4.2.3.P2-0.7.2(aarch64|ppc64le|s390x|x86_64)0:3.2.3-44.28.1(aarch64|ppc64le|s390x|x86_64)0:1.0.22-3.21.2(aarch64|ppc64le|s390x|x86_64)0:1.41.9-2.7.1(aarch64|ppc64le|s390x|x86_64)0:61-1.29.1(aarch64|ppc64le|s390x|x86_64)0:0.2-1001.30.1(aarch64|ppc64le|s390x|x86_64)0:22.3-4.40.1(aarch64|ppc64le|s390x|x86_64)0:1.6.4-152.22.1(aarch64|ppc64le|s390x|x86_64)0:2.28.2-0.7.2(aarch64|ppc64le|s390x|x86_64)0:2.28.2-0.26.33.14(aarch64|ppc64le|s390x|x86_64)0:6.3.8.90-13.20.19.1(aarch64|ppc64le|s390x|x86_64)0:4.24-43.19.1(aarch64|ppc64le|s390x|x86_64)0:4.4.0-38.26.1(aarch64|ppc64le|s390x|x86_64)0:3.0.2-269.35.1(aarch64|ppc64le|s390x|x86_64)0:2.1.1-7.10.1(aarch64|ppc64le|s390x|x86_64)0:2.3.7-25.28.1(aarch64|ppc64le|s390x|x86_64)0:2.7.2-61.23.1(aarch64|ppc64le|s390x|x86_64)0:8.62-32.28.1(aarch64|ppc64le|s390x|x86_64)0:4.2.7-32.28.1(aarch64|ppc64le|s390x|x86_64)0:2.11.3-17.31.1(aarch64|ppc64le|s390x|x86_64)0:2.2.23-1.50.1(aarch64|ppc64le|s390x|x86_64)0:2.28.3-0.28.1(aarch64|ppc64le|s390x|x86_64)0:2.4.1-24.39.33.1(aarch64|ppc64le|s390x|x86_64)0:2.0.9-25.33.27.1(aarch64|ppc64le|s390x|x86_64)0:0.10.35-5.15.8(aarch64|ppc64le|s390x|x86_64)0:0.10.30-5.8.11(aarch64|ppc64le|s390x|x86_64)0:2.18.9-0.21.4(aarch64|ppc64le|s390x|x86_64)0:7.2-8.15.2(aarch64|ppc64le|s390x|x86_64)0:3.11.10-0.6.7.1(aarch64|ppc64le|s390x|x86_64)0:1.4.2_sr13.10-0.4.1(aarch64|ppc64le|s390x|x86_64)0:1.6.0_sr9.3-0.4.1(aarch64|ppc64le|s390x|x86_64)0:1.14.1-16.31.1(aarch64|ppc64le|s390x|x86_64)0:4.3.5-0.10.2(aarch64|ppc64le|s390x|x86_64)0:4.3.5-0.6.1(aarch64|ppc64le|s390x|x86_64)0:4.3.5-0.4.1(aarch64|ppc64le|s390x|x86_64)0:3.0.13-0.27.1(aarch64|ppc64le|s390x|x86_64)0:1.6.3-133.48.48.1(aarch64|ppc64le|s390x|x86_64)0:0.15.1-0.17.3(aarch64|ppc64le|s390x|x86_64)0:1.34b-12.18.3(aarch64|ppc64le|s390x|x86_64)0:3.6.3-0.18.3(aarch64|ppc64le|s390x|x86_64)0:6.4.3.6-7.22.1(aarch64|ppc64le|s390x|x86_64)0:4.6.3-5.12.1(aarch64|ppc64le|s390x|x86_64)0:1.3.4-12.22.21.2(aarch64|ppc64le|s390x|x86_64)0:1.3.4-12.22.21.1(aarch64|ppc64le|s390x|x86_64)0:1.3.3-11.18.17.1(aarch64|ppc64le|s390x|x86_64)0:2.11-2.17.1(aarch64|ppc64le|s390x|x86_64)0:0.34-2.5.1(aarch64|ppc64le|s390x|x86_64)0:2.4.27-0.6.6(aarch64|ppc64le|s390x|x86_64)0:3.13.1-0.2.1(aarch64|ppc64le|s390x|x86_64)0:2.6.7-0.5.76(aarch64|ppc64le|s390x|x86_64)0:1.0.0-307.10.1(aarch64|ppc64le|s390x|x86_64)0:4.0-7.26.1(aarch64|ppc64le|s390x|x86_64)0:5.0.94-0.2.4.1(aarch64|ppc64le|s390x|x86_64)0:0.29.6-6.7.1(aarch64|ppc64le|s390x|x86_64)0:0.52.10-1.35.7(aarch64|ppc64le|s390x|x86_64)0:0.11.6-5.27.1(aarch64|ppc64le|s390x|x86_64)0:0.9.8j-0.26.1(aarch64|ppc64le|s390x|x86_64)0:1.2.31-5.25.1(aarch64|ppc64le|s390x|x86_64)0:0.12.3-1.3.1(aarch64|ppc64le|s390x|x86_64)0:0.9.23-0.7.128(aarch64|ppc64le|s390x|x86_64)0:2.6.0-8.12.2(aarch64|ppc64le|s390x|x86_64)0:4.6.3-5.10.1(aarch64|ppc64le|s390x|x86_64)0:0.2.1-1.5.1(aarch64|ppc64le|s390x|x86_64)0:2.26.0-2.3.1(aarch64|ppc64le|s390x|x86_64)0:1.0.20-2.4.1(aarch64|ppc64le|s390x|x86_64)0:5.4.2.1-8.12.6.1(aarch64|ppc64le|s390x|x86_64)0:2.32.2-4.7.1(aarch64|ppc64le|s390x|x86_64)0:3.8.2-141.142.1(aarch64|ppc64le|s390x|x86_64)0:0.9.6-0.13.42(aarch64|ppc64le|s390x|x86_64)0:1.2.0-79.13.1(aarch64|ppc64le|s390x|x86_64)0:3.0.3-0.6.1(aarch64|ppc64le|s390x|x86_64)0:11-1.22.1(aarch64|ppc64le|s390x|x86_64)0:3.2.15-0.13.1(aarch64|ppc64le|s390x|x86_64)0:2.7.6-0.13.1(aarch64|ppc64le|s390x|x86_64)0:0.9-1.24.1(aarch64|ppc64le|s390x|x86_64)0:3.7.7-10.24.1(aarch64|ppc64le|s390x|x86_64)0:7.3.6-65.72.1(aarch64|ppc64le|s390x|x86_64)0:2.02.84-3.25.5(aarch64|ppc64le|s390x|x86_64)0:2.1.14-9.2.1(aarch64|ppc64le|s390x|x86_64)0:2.0.2.umip.0.4-8.7.1(aarch64|ppc64le|s390x|x86_64)0:2.6.7-0.7.19(aarch64|ppc64le|s390x|x86_64)0:1.9.2.24-0.3.1(aarch64|ppc64le|s390x|x86_64)0:1.9.2.24-0.3.2(aarch64|ppc64le|s390x|x86_64)0:3.0.6-1.25.24.1(aarch64|ppc64le|s390x|x86_64)0:4.2.4p8-1.16.1(aarch64|ppc64le|s390x|x86_64)0:1.5.2-0.22.23(aarch64|ppc64le|s390x|x86_64)0:1.5.2_3.0.13_0.27-0.22.23(aarch64|ppc64le|s390x|x86_64)0:1.2.0-172.22.1(aarch64|ppc64le|s390x|x86_64)0:5.1p1-41.51.1(aarch64|ppc64le|s390x|x86_64)0:2.6.16-1.36.1(aarch64|ppc64le|s390x|x86_64)0:2.4-662.18.1(aarch64|ppc64le|s390x|x86_64)0:1.1.5-0.10.17(aarch64|ppc64le|s390x|x86_64)0:1.26.2-1.3.1(aarch64|ppc64le|s390x|x86_64)0:1.3.8-3.15.1(aarch64|ppc64le|s390x|x86_64)0:1.4.102-1.37.3(aarch64|ppc64le|s390x|x86_64)0:5.10.0-64.55.1(aarch64|ppc64le|s390x|x86_64)0:5.816-2.23.1(aarch64|ppc64le|s390x|x86_64)0:3.3.1-10.8.3(aarch64|ppc64le|s390x|x86_64)0:8.3.14-0.2.1(aarch64|ppc64le|s390x|x86_64)0:2.6.12-0.10.1(aarch64|ppc64le|s390x|x86_64)0:1.0.22-3.15.1(aarch64|ppc64le|s390x|x86_64)0:1.5.11-0.9.96(aarch64|ppc64le|s390x|x86_64)0:0.99.15-0.6.2(aarch64|ppc64le|s390x|x86_64)0:1.1-1.24.4.1(aarch64|ppc64le|s390x|x86_64)0:3.0.4-2.38.1(aarch64|ppc64le|s390x|x86_64)0:5.8.7-0.5.5(aarch64|ppc64le|s390x|x86_64)0:1.8.7.p357-0.7.1(aarch64|ppc64le|s390x|x86_64)0:2.7.STABLE5-2.10.1(aarch64|ppc64le|s390x|x86_64)0:3.1.12-8.10.1(aarch64|ppc64le|s390x|x86_64)0:1.4-13.6.1(aarch64|ppc64le|s390x|x86_64)0:1.5final-28.21.1(aarch64|ppc64le|s390x|x86_64)0:1.7.6p2-0.2.4.1(aarch64|ppc64le|s390x|x86_64)0:0.71.47-0.7.1(aarch64|ppc64le|s390x|x86_64)0:2.0.9-27.32.1(aarch64|ppc64le|s390x|x86_64)0:8.1.5-7.32.1(aarch64|ppc64le|s390x|x86_64)0:1.0.8-9.16.1(aarch64|ppc64le|s390x|x86_64)0:1.5-0.7.54(aarch64|ppc64le|s390x|x86_64)0:5.1.1-100.19.1(aarch64|ppc64le|s390x|x86_64)0:1.26-1.2.4.1(aarch64|ppc64le|s390x|x86_64)0:0.48-101.20.1(aarch64|ppc64le|s390x|x86_64)0:0.9.10-0.15.1(aarch64|ppc64le|s390x|x86_64)0:6.0.18-20.35.36.1(aarch64|ppc64le|s390x|x86_64)0:6.00-11.7.1(aarch64|ppc64le|s390x|x86_64)0:0.22.5-0.2.1(aarch64|ppc64le|s390x|x86_64)0:0.5.2-132.2.1(aarch64|ppc64le|s390x|x86_64)0:1.4.10-0.2.1(aarch64|ppc64le|s390x|x86_64)0:4.1.2_14-0.5.5(aarch64|ppc64le|s390x|x86_64)0:4.1.2_14_3.0.13_0.27-0.5.5(aarch64|ppc64le|s390x|x86_64)0:7.4-9.47.1(aarch64|ppc64le|s390x|x86_64)0:7.4-27.60.5(aarch64|ppc64le|s390x|x86_64)0:7.4-8.26.32.1(aarch64|ppc64le|s390x|x86_64)0:2.17.119-0.5.25(aarch64|ppc64le|s390x|x86_64)0:2.17.44-0.5.311.3(aarch64|ppc64le|s390x|x86_64)0:9.0.3-0.17.1(aarch64|ppc64le|s390x|x86_64)0:17.0.4esr-0.10.42(aarch64|ppc64le|s390x|x86_64)0:0.7.1_git20090811-3.28.2(aarch64|ppc64le|s390x|x86_64)0:0.3.14-2.28.46(aarch64|ppc64le|s390x|x86_64)0:0.5.12-23.68.1(aarch64|ppc64le|s390x|x86_64)0:0.9-14.41.1(aarch64|ppc64le|s390x|x86_64)0:11-6.90.1(aarch64|ppc64le|s390x|x86_64)0:1.0.6-91.25.20(aarch64|ppc64le|s390x|x86_64)0:1.7.1-20.9.53(aarch64|ppc64le|s390x|x86_64)0:1.7.1-16.9.65(aarch64|ppc64le|s390x|x86_64)0:2.2.12-1.38.2(aarch64|ppc64le|s390x|x86_64)0:5.3.17-0.13.7(aarch64|ppc64le|s390x|x86_64)0:2.7.1-0.2.12.1(aarch64|ppc64le|s390x|x86_64)0:4.3.5-0.3.3(aarch64|ppc64le|s390x|x86_64)0:0.6.23-11.30.4(aarch64|ppc64le|s390x|x86_64)0:9.6ESVR7P4-0.10.1(aarch64|ppc64le|s390x|x86_64)0:1.36.0-12.3.1(aarch64|ppc64le|s390x|x86_64)0:5.1-0.11.1(aarch64|ppc64le|s390x|x86_64)0:0.97.7-0.3.1(aarch64|ppc64le|s390x|x86_64)0:2.3.37-2.24.36(aarch64|ppc64le|s390x|x86_64)0:2.4.26-0.24.36(aarch64|ppc64le|s390x|x86_64)0:4.1-194.207.1(aarch64|ppc64le|s390x|x86_64)0:1.3.9-8.46.46.1(aarch64|ppc64le|s390x|x86_64)0:7.19.7-1.26.8(aarch64|ppc64le|s390x|x86_64)0:1.12.12-144.23.5.1(aarch64|ppc64le|s390x|x86_64)0:1.2.10-3.27.1(aarch64|ppc64le|s390x|x86_64)0:4.2.4.P2-0.16.15(aarch64|ppc64le|s390x|x86_64)0:3.2.3-44.30.1(aarch64|ppc64le|s390x|x86_64)0:1.41.9-2.9.1(aarch64|ppc64le|s390x|x86_64)0:61-1.33.1(aarch64|ppc64le|s390x|x86_64)0:2.28.2-0.29.24(aarch64|ppc64le|s390x|x86_64)0:2.0.1-88.34.1(aarch64|ppc64le|s390x|x86_64)0:4.24-43.23.1(aarch64|ppc64le|s390x|x86_64)0:2.1.1-7.16.7(aarch64|ppc64le|s390x|x86_64)0:2.3.7-25.32.1(aarch64|ppc64le|s390x|x86_64)0:2.8.7-0.9.12(aarch64|ppc64le|s390x|x86_64)0:8.62-32.34.1(aarch64|ppc64le|s390x|x86_64)0:4.2.7-32.34.1(aarch64|ppc64le|s390x|x86_64)0:2.22.5-0.8.8.1(aarch64|ppc64le|s390x|x86_64)0:2.11.3-17.54.1(aarch64|ppc64le|s390x|x86_64)0:2.28.3-0.32.1(aarch64|ppc64le|s390x|x86_64)0:2.4.1-24.39.45.1(aarch64|ppc64le|s390x|x86_64)0:2.0.9-25.33.31.1(aarch64|ppc64le|s390x|x86_64)0:2.18.9-0.23.1(aarch64|ppc64le|s390x|x86_64)0:1.20.4-0.14.9(aarch64|ppc64le|s390x|x86_64)0:1.3.12-69.23.1(aarch64|ppc64le|s390x|x86_64)0:5-0.7.10(aarch64|ppc64le|s390x|x86_64)0:1.5.7-0.7.31(aarch64|ppc64le|s390x|x86_64)0:3.0.1-253.36.1(aarch64|ppc64le|s390x|x86_64)0:1.6.0_sr13.1-0.9.1(aarch64|ppc64le|s390x|x86_64)0:1.7.0_sr4.1-0.5.1(aarch64|ppc64le|s390x|x86_64)0:6b-879.12.1(aarch64|ppc64le|s390x|x86_64)0:6.2.0-879.12.1(aarch64|ppc64le|s390x|x86_64)0:4.3.5-0.12.12.1(aarch64|ppc64le|s390x|x86_64)0:4.3.5-0.10.1(aarch64|ppc64le|s390x|x86_64)0:3.0.76-0.11.1(aarch64|ppc64le|s390x|x86_64)0:1.6.3-133.49.54.1(aarch64|ppc64le|s390x|x86_64)0:1.4.1-0.11.1(aarch64|ppc64le|s390x|x86_64)0:1.34b-12.39.1(aarch64|ppc64le|s390x|x86_64)0:3.6.3-0.39.1(aarch64|ppc64le|s390x|x86_64)0:6.4.3.6-7.26.1(aarch64|ppc64le|s390x|x86_64)0:4.6.3-5.25.5(aarch64|ppc64le|s390x|x86_64)0:4.6.3-5.25.4(aarch64|ppc64le|s390x|x86_64)0:1.3.3-11.18.19.1(aarch64|ppc64le|s390x|x86_64)0:0.37.1-5.16.1(aarch64|ppc64le|s390x|x86_64)0:2.4.41-0.8.46(aarch64|ppc64le|s390x|x86_64)0:9.1.9-0.3.1(aarch64|ppc64le|s390x|x86_64)0:0.6.17-2.14.1(aarch64|ppc64le|s390x|x86_64)0:3.14.3-0.11.11(aarch64|ppc64le|s390x|x86_64)0:2.28.0-1.9.24(aarch64|ppc64le|s390x|x86_64)0:4.0-7.26.15(aarch64|ppc64le|s390x|x86_64)0:5.0.96-0.6.1(aarch64|ppc64le|s390x|x86_64)0:5.5.31-0.7.10(aarch64|ppc64le|s390x|x86_64)0:0.52.10-1.35.113(aarch64|ppc64le|s390x|x86_64)0:0.9.8j-0.50.1(aarch64|ppc64le|s390x|x86_64)0:3.2.0-10.3.1(aarch64|ppc64le|s390x|x86_64)0:1.2.31-5.31.1(aarch64|ppc64le|s390x|x86_64)0:0.12.3-1.8.1(aarch64|ppc64le|s390x|x86_64)0:0.3.1-2.6.1(aarch64|ppc64le|s390x|x86_64)0:0.3.1-2.6.3(aarch64|ppc64le|s390x|x86_64)0:2.6.8-0.15.1(aarch64|ppc64le|s390x|x86_64)0:5.4.2.1-8.12.16.1(aarch64|ppc64le|s390x|x86_64)0:2.32.2-4.13.1(aarch64|ppc64le|s390x|x86_64)0:1.9.4-0.12.24(aarch64|ppc64le|s390x|x86_64)0:3.8.2-141.152.1(aarch64|ppc64le|s390x|x86_64)0:0.3.10-0.9.50(aarch64|ppc64le|s390x|x86_64)0:2.6.2-0.2.4.1(aarch64|ppc64le|s390x|x86_64)0:1.0.5.1-0.7.10(aarch64|ppc64le|s390x|x86_64)0:1.2.0-79.20.1(aarch64|ppc64le|s390x|x86_64)0:2.7.6-0.23.1(aarch64|ppc64le|s390x|x86_64)0:1.1.24-19.21.1(aarch64|ppc64le|s390x|x86_64)0:3.7.7-10.26.1(aarch64|ppc64le|s390x|x86_64)0:2.02.98-0.25.3(aarch64|ppc64le|s390x|x86_64)0:2.1.14-9.6.1(aarch64|ppc64le|s390x|x86_64)0:2.6.7-0.9.1(aarch64|ppc64le|s390x|x86_64)0:1.9.2.27-0.2.1(aarch64|ppc64le|s390x|x86_64)0:3.0.6-1.25.28.1(aarch64|ppc64le|s390x|x86_64)0:1.4.16-0.11.35(aarch64|ppc64le|s390x|x86_64)0:1.2.3-18.31.1(aarch64|ppc64le|s390x|x86_64)0:4.2.4p8-1.22.1(aarch64|ppc64le|s390x|x86_64)0:1.5.4.1-0.11.5(aarch64|ppc64le|s390x|x86_64)0:1.5.4.1_3.0.76_0.11-0.11.5(aarch64|ppc64le|s390x|x86_64)0:2.4.2-0.9.12(aarch64|ppc64le|s390x|x86_64)0:6.2p2-0.9.1(aarch64|ppc64le|s390x|x86_64)0:2.0.9-143.38.22(aarch64|ppc64le|s390x|x86_64)0:2.3.1-47.12.1(aarch64|ppc64le|s390x|x86_64)0:0.47-13.16.1(aarch64|ppc64le|s390x|x86_64)0:5.10.0-64.67.52(aarch64|ppc64le|s390x|x86_64)0:0.2808.01-0.67.52(aarch64|ppc64le|s390x|x86_64)0:0.72-0.67.52(aarch64|ppc64le|s390x|x86_64)0:8.3.23-0.4.1(aarch64|ppc64le|s390x|x86_64)0:2.6.18-0.4.2(aarch64|ppc64le|s390x|x86_64)0:1.0.22-3.19.1(aarch64|ppc64le|s390x|x86_64)0:0.5.0-3.20.1(aarch64|ppc64le|s390x|x86_64)0:0.99.15-0.12.1(aarch64|ppc64le|s390x|x86_64)0:3.0.4-2.47.28(aarch64|ppc64le|s390x|x86_64)0:5.10.1-0.7.49(aarch64|ppc64le|s390x|x86_64)0:1.8.7.p357-0.9.9.1(aarch64|ppc64le|s390x|x86_64)0:1.3.11-0.19.1(aarch64|ppc64le|s390x|x86_64)0:1.7.0.0-1.16.1(aarch64|ppc64le|s390x|x86_64)0:2.7.STABLE5-2.12.12.1(aarch64|ppc64le|s390x|x86_64)0:3.1.12-8.12.1(aarch64|ppc64le|s390x|x86_64)0:1.5final-28.23.23.1(aarch64|ppc64le|s390x|x86_64)0:4.54-0.9.24(aarch64|ppc64le|s390x|x86_64)0:1.7.6p2-0.17.5(aarch64|ppc64le|s390x|x86_64)0:0.71.61-0.11.12(aarch64|ppc64le|s390x|x86_64)0:2.0.9-27.34.36.1(aarch64|ppc64le|s390x|x86_64)0:8.1.5-7.45.24(aarch64|ppc64le|s390x|x86_64)0:1.0.8-9.23.44(aarch64|ppc64le|s390x|x86_64)0:1.5-0.9.1(aarch64|ppc64le|s390x|x86_64)0:5.1.1-100.21.1(aarch64|ppc64le|s390x|x86_64)0:1.5-19.23.4(aarch64|ppc64le|s390x|x86_64)0:0.48-101.31.27(aarch64|ppc64le|s390x|x86_64)0:0.9.10-0.17.1(aarch64|ppc64le|s390x|x86_64)0:6.0.18-20.35.40.1(aarch64|ppc64le|s390x|x86_64)0:2.3.1-0.9.40(aarch64|ppc64le|s390x|x86_64)0:1.2.1-0.7.19(aarch64|ppc64le|s390x|x86_64)0:1.8.6-0.2.1(aarch64|ppc64le|s390x|x86_64)0:3.3.12-517.12.34(aarch64|ppc64le|s390x|x86_64)0:4.2.2_04-0.7.5(aarch64|ppc64le|s390x|x86_64)0:4.2.2_04_3.0.76_0.11-0.7.5(aarch64|ppc64le|s390x|x86_64)0:7.4-9.62.46(aarch64|ppc64le|s390x|x86_64)0:7.4-27.81.7(aarch64|ppc64le|s390x|x86_64)0:7.4-1.29.1(aarch64|ppc64le|s390x|x86_64)0:7.3.99-17.11.1(aarch64|ppc64le|s390x|x86_64)0:7.3.99-3.20.1(aarch64|ppc64le|s390x|x86_64)0:2.17.129-0.7.2(aarch64|ppc64le|s390x|x86_64)0:2.17.45-0.5.111.4(aarch64|ppc64le|s390x|x86_64)0:9.0.3-0.28.29.2(aarch64|ppc64le|s390x|x86_64)0:31.7.0esr-0.8.1(aarch64|ppc64le|s390x|x86_64)0:0.3.14-2.30.11(aarch64|ppc64le|s390x|x86_64)0:0.5.12-23.76.1(aarch64|ppc64le|s390x|x86_64)0:0.9-14.43.1(aarch64|ppc64le|s390x|x86_64)0:4.13-1326.37.1(aarch64|ppc64le|s390x|x86_64)0:11-6.105.1(aarch64|ppc64le|s390x|x86_64)0:1.7.1-20.11.1(aarch64|ppc64le|s390x|x86_64)0:1.7.1-16.11.1(aarch64|ppc64le|s390x|x86_64)0:2.2.12-1.51.52.1(aarch64|ppc64le|s390x|x86_64)0:1.2.40-0.2.1(aarch64|ppc64le|s390x|x86_64)0:1.0.8-0.4.13.1(aarch64|ppc64le|s390x|x86_64)0:2.0.4-40.24.1(aarch64|ppc64le|s390x|x86_64)0:5.3.17-0.41.1(aarch64|ppc64le|s390x|x86_64)0:2.7.1-0.2.18.1(aarch64|ppc64le|s390x|x86_64)0:0.9.0-3.15.1(aarch64|ppc64le|s390x|x86_64)0:1.10.1-4.131.9.1(aarch64|ppc64le|s390x|x86_64)0:0.6.23-11.32.1(aarch64|ppc64le|s390x|x86_64)0:3.2-147.27.35(aarch64|ppc64le|s390x|x86_64)0:5.2-147.27.35(aarch64|ppc64le|s390x|x86_64)0:9.9.6P1-0.5.5(aarch64|ppc64le|s390x|x86_64)0:9.9.6P1-0.5.1(aarch64|ppc64le|s390x|x86_64)0:2.24-3.62(aarch64|ppc64le|s390x|x86_64)0:1.36.0-12.6.49(aarch64|ppc64le|s390x|x86_64)0:1.49.0-0.13.3(aarch64|ppc64le|s390x|x86_64)0:5.1-0.14.46(aarch64|ppc64le|s390x|x86_64)0:0.98.7-0.3.1(aarch64|ppc64le|s390x|x86_64)0:2.3.37-2.30.1(aarch64|ppc64le|s390x|x86_64)0:2.4.26-0.30.1(aarch64|ppc64le|s390x|x86_64)0:8.12-6.25.32.33.1(aarch64|ppc64le|s390x|x86_64)0:2.9-75.78.1(aarch64|ppc64le|s390x|x86_64)0:4.1-194.211.213.1(aarch64|ppc64le|s390x|x86_64)0:1.3.9-8.46.56.1(aarch64|ppc64le|s390x|x86_64)0:7.19.7-1.42.1(aarch64|ppc64le|s390x|x86_64)0:1.5.2-1.36(aarch64|ppc64le|s390x|x86_64)0:1.2.10-3.31.1(aarch64|ppc64le|s390x|x86_64)0:4.2.4.P2-0.22.1(aarch64|ppc64le|s390x|x86_64)0:2.71-0.14.9(aarch64|ppc64le|s390x|x86_64)0:1.41.9-2.14.3(aarch64|ppc64le|s390x|x86_64)0:0.152-4.9.17(aarch64|ppc64le|s390x|x86_64)0:22.3-4.42.1(aarch64|ppc64le|s390x|x86_64)0:2.28.2-0.32.1(aarch64|ppc64le|s390x|x86_64)0:0.95-1.24.1(aarch64|ppc64le|s390x|x86_64)0:4.24-43.27.1(aarch64|ppc64le|s390x|x86_64)0:2.1.1-7.18.1(aarch64|ppc64le|s390x|x86_64)0:2.3.7-25.35.36.1(aarch64|ppc64le|s390x|x86_64)0:2.8.7-0.11.1(aarch64|ppc64le|s390x|x86_64)0:2.0.36.RC1-52.20.1(aarch64|ppc64le|s390x|x86_64)0:2.22.5-0.8.14.1(aarch64|ppc64le|s390x|x86_64)0:2.11.3-17.84.1(aarch64|ppc64le|s390x|x86_64)0:2.28.3-0.39.17(aarch64|ppc64le|s390x|x86_64)0:2.4.1-24.39.55.1(aarch64|ppc64le|s390x|x86_64)0:2.0.9-25.33.39.1(aarch64|ppc64le|s390x|x86_64)0:1.1.6-25.32.1(aarch64|ppc64le|s390x|x86_64)0:0.10.30-5.12.15(aarch64|ppc64le|s390x|x86_64)0:1.20.12-0.18.70(aarch64|ppc64le|s390x|x86_64)0:3.11.10-0.6.11.1(aarch64|ppc64le|s390x|x86_64)0:6-3.5(aarch64|ppc64le|s390x|x86_64)0:1.5.7-0.15.22(aarch64|ppc64le|s390x|x86_64)0:0.7.3-1.4.1(aarch64|ppc64le|s390x|x86_64)0:1.1.1-1.37.1(aarch64|ppc64le|s390x|x86_64)0:1.7.1_sr3.0-1.1(aarch64|ppc64le|s390x|x86_64)0:1.14.1-16.33.1(aarch64|ppc64le|s390x|x86_64)0:4.3.5-0.12.18.1(aarch64|ppc64le|s390x|x86_64)0:4.3.5-0.11.18.1(aarch64|ppc64le|s390x|x86_64)0:4.3.5-0.3.1(aarch64|ppc64le|s390x|x86_64)0:4.3.5-0.14.1(aarch64|ppc64le|s390x|x86_64)0:2.4.4-255.28.1(aarch64|ppc64le|s390x|x86_64)0:3.0.101-63.1(aarch64|ppc64le|s390x|x86_64)0:1.6.3-133.49.66.1(aarch64|ppc64le|s390x|x86_64)0:1.4.2-30.5(aarch64|ppc64le|s390x|x86_64)0:1.17-77.16.1(aarch64|ppc64le|s390x|x86_64)0:1.34b-12.58.1(aarch64|ppc64le|s390x|x86_64)0:3.6.3-0.58.1(aarch64|ppc64le|s390x|x86_64)0:1.2.1-68.17.1(aarch64|ppc64le|s390x|x86_64)0:6.4.3.6-7.30.1(aarch64|ppc64le|s390x|x86_64)0:4.6.3-5.34.2(aarch64|ppc64le|s390x|x86_64)0:1.3.4-12.22.23.1(aarch64|ppc64le|s390x|x86_64)0:1.3.3-11.18.19.8(aarch64|ppc64le|s390x|x86_64)0:2.19.1-6.72.1(aarch64|ppc64le|s390x|x86_64)0:0.41.rc1-2.34(aarch64|ppc64le|s390x|x86_64)0:2.4.52-0.7.1(aarch64|ppc64le|s390x|x86_64)0:9.4.4-0.6.2(aarch64|ppc64le|s390x|x86_64)0:1.4.5-24.24.1(aarch64|ppc64le|s390x|x86_64)0:3.17.3-0.8.11(aarch64|ppc64le|s390x|x86_64)0:4.8.3+r212056-2.17(aarch64|ppc64le|s390x|x86_64)0:1.5.0-0.17.1(aarch64|ppc64le|s390x|x86_64)0:2.28.0-1.13.1(aarch64|ppc64le|s390x|x86_64)0:1.900.1-134.17.1(aarch64|ppc64le|s390x|x86_64)0:1.0.4-1.18.1(aarch64|ppc64le|s390x|x86_64)0:2.03-12.3.1(aarch64|ppc64le|s390x|x86_64)0:2.3.2-3.118.2(aarch64|ppc64le|s390x|x86_64)0:2.3.2-3.118.1(aarch64|ppc64le|s390x|x86_64)0:0.0.20060920alpha-74.5.1(aarch64|ppc64le|s390x|x86_64)0:5.5.43-0.7.3(aarch64|ppc64le|s390x|x86_64)0:5.0.96-0.6.20(aarch64|ppc64le|s390x|x86_64)0:0.9.8j-0.70.1(aarch64|ppc64le|s390x|x86_64)0:0.24.4-0.15.1(aarch64|ppc64le|s390x|x86_64)0:1.2.31-5.33.1(aarch64|ppc64le|s390x|x86_64)0:0.12.3-1.10.1(aarch64|ppc64le|s390x|x86_64)0:0.9.23-0.17.1(aarch64|ppc64le|s390x|x86_64)0:2.6.9-0.35.1(aarch64|ppc64le|s390x|x86_64)0:0.2.1-1.7.1(aarch64|ppc64le|s390x|x86_64)0:1.0.20-2.6.5(aarch64|ppc64le|s390x|x86_64)0:5.4.2.1-8.12.22.1(aarch64|ppc64le|s390x|x86_64)0:1.2.9-4.2.4.1(aarch64|ppc64le|s390x|x86_64)0:1.9.4-0.16.1(aarch64|ppc64le|s390x|x86_64)0:1.5-1.30.1(aarch64|ppc64le|s390x|x86_64)0:3.8.2-141.154.1(aarch64|ppc64le|s390x|x86_64)0:0.3.10-0.11.1(aarch64|ppc64le|s390x|x86_64)0:1.2.5-3.76(aarch64|ppc64le|s390x|x86_64)0:2.2.3-0.8.1(aarch64|ppc64le|s390x|x86_64)0:1.4-1.38.24(aarch64|ppc64le|s390x|x86_64)0:11-1.25.26(aarch64|ppc64le|s390x|x86_64)0:3.2.15-0.17.28(aarch64|ppc64le|s390x|x86_64)0:2.7.6-0.31.1(aarch64|ppc64le|s390x|x86_64)0:1.1.24-19.23.1(aarch64|ppc64le|s390x|x86_64)0:3.7.7-10.30.1(aarch64|ppc64le|s390x|x86_64)0:7.3.6-65.74.1(aarch64|ppc64le|s390x|x86_64)0:2.02.98-0.33.1(aarch64|ppc64le|s390x|x86_64)0:0.8.0-0.23.2(aarch64|ppc64le|s390x|x86_64)0:12.5-1.9.1(aarch64|ppc64le|s390x|x86_64)0:2.6.7-0.13.1(aarch64|ppc64le|s390x|x86_64)0:4.10.7-0.3.3(aarch64|ppc64le|s390x|x86_64)0:1.5.17-42.39.1(aarch64|ppc64le|s390x|x86_64)0:3.0.6-1.25.36.1(aarch64|ppc64le|s390x|x86_64)0:2.12-24.4.10.1(aarch64|ppc64le|s390x|x86_64)0:1.4.16-0.13.1(aarch64|ppc64le|s390x|x86_64)0:1.2.3-18.38.43.1(aarch64|ppc64le|s390x|x86_64)0:4.2.8p2-2.18(aarch64|ppc64le|s390x|x86_64)0:1.5.4.1-20.26(aarch64|ppc64le|s390x|x86_64)0:1.5.4.1_3.0.101_63-20.26(aarch64|ppc64le|s390x|x86_64)0:3.2-0.11.26(aarch64|ppc64le|s390x|x86_64)0:1.2.0-172.24.1(aarch64|ppc64le|s390x|x86_64)0:6.6p1-4.7(aarch64|ppc64le|s390x|x86_64)0:2.0.9-143.44.1(aarch64|ppc64le|s390x|x86_64)0:1.1.5-0.15.9(aarch64|ppc64le|s390x|x86_64)0:5.10.0-64.72.1(aarch64|ppc64le|s390x|x86_64)0:0.2808.01-0.72.1(aarch64|ppc64le|s390x|x86_64)0:0.72-0.72.1(aarch64|ppc64le|s390x|x86_64)0:1.7-37.63.64.1(aarch64|ppc64le|s390x|x86_64)0:4.4.2.3-37.63.64.1(aarch64|ppc64le|s390x|x86_64)0:1.2.22-2.1(aarch64|ppc64le|s390x|x86_64)0:2.6.7-1.31(aarch64|ppc64le|s390x|x86_64)0:2.4.5.git-2.29.1(aarch64|ppc64le|s390x|x86_64)0:3.22-240.8.1(aarch64|ppc64le|s390x|x86_64)0:2.7.26-0.5.1(aarch64|ppc64le|s390x|x86_64)0:1.0.22-3.25.1(aarch64|ppc64le|s390x|x86_64)0:1.1.6-168.34.1(aarch64|ppc64le|s390x|x86_64)0:2.3.6-0.13.1(aarch64|ppc64le|s390x|x86_64)0:0.7-6.22.1(aarch64|ppc64le|s390x|x86_64)0:0.99.15-0.14.11(aarch64|ppc64le|s390x|x86_64)0:1.1-1.24.8.19(aarch64|ppc64le|s390x|x86_64)0:5.10.1-0.11.1(aarch64|ppc64le|s390x|x86_64)0:1.8.7.p357-0.9.17.1(aarch64|ppc64le|s390x|x86_64)0:1.3.11-0.23.2(aarch64|ppc64le|s390x|x86_64)0:8.14.3-50.24.1(aarch64|ppc64le|s390x|x86_64)0:0.7.318.81ee561d-0.9.2(aarch64|ppc64le|s390x|x86_64)0:2.7.STABLE5-2.12.16.1(aarch64|ppc64le|s390x|x86_64)0:3.1.12-8.16.20.1(aarch64|ppc64le|s390x|x86_64)0:1.5final-28.23.25.1(aarch64|ppc64le|s390x|x86_64)0:4.4.0-6.25.1(aarch64|ppc64le|s390x|x86_64)0:1.7.6p2-0.23.1(aarch64|ppc64le|s390x|x86_64)0:0.71.61-0.13.1(aarch64|ppc64le|s390x|x86_64)0:8.1.5-7.50.25(aarch64|ppc64le|s390x|x86_64)0:1.26-1.2.6.1(aarch64|ppc64le|s390x|x86_64)0:3.9.8-1.27.1(aarch64|ppc64le|s390x|x86_64)0:6.0.41-0.43.1(aarch64|ppc64le|s390x|x86_64)0:6.00-11.13.1(aarch64|ppc64le|s390x|x86_64)0:2.28.1-2.5.1(aarch64|ppc64le|s390x|x86_64)0:1.2.1-10.41(aarch64|ppc64le|s390x|x86_64)0:2.0.7-4.35.1(aarch64|ppc64le|s390x|x86_64)0:1.11.4-1.19.1(aarch64|ppc64le|s390x|x86_64)0:1.10.13-0.2.1(aarch64|ppc64le|s390x|x86_64)0:0.7.1-6.15.1(aarch64|ppc64le|s390x|x86_64)0:2.7.0-217.26.1(aarch64|ppc64le|s390x|x86_64)0:4.4.2_08-1.7(aarch64|ppc64le|s390x|x86_64)0:4.4.2_08_3.0.101_63-1.7(aarch64|ppc64le|s390x|x86_64)0:2.3.14-130.133.1(aarch64|ppc64le|s390x|x86_64)0:7.4-9.65.46(aarch64|ppc64le|s390x|x86_64)0:7.4-27.105.1(aarch64|ppc64le|s390x|x86_64)0:7.4-5.11.11.7(aarch64|ppc64le|s390x|x86_64)0:7.4-5.11.11.1(aarch64|ppc64le|s390x|x86_64)0:7.4-1.18.2(aarch64|ppc64le|s390x|x86_64)0:7.4-1.16.8(aarch64|ppc64le|s390x|x86_64)0:7.4-1.16.2(aarch64|ppc64le|s390x|x86_64)0:7.4-1.18.7(aarch64|ppc64le|s390x|x86_64)0:7.4-1.18.1(aarch64|ppc64le|s390x|x86_64)0:7.4-1.19.8(aarch64|ppc64le|s390x|x86_64)0:7.4-1.19.2(aarch64|ppc64le|s390x|x86_64)0:7.4-8.26.44.1(aarch64|ppc64le|s390x|x86_64)0:7.3.99-3.22.1(aarch64|ppc64le|s390x|x86_64)0:2.17.140-1.1(aarch64|ppc64le|s390x|x86_64)0:2.17.46-0.5.1(aarch64|ppc64le|s390x|x86_64)0:7.19.7-1.55.10:11.3-0(aarch64|ppc64le|s390x|x86_64)0:7.19.7-0.38.1(aarch64|ppc64le|s390x|x86_64)0:2.4.26-0.28.8(aarch64|ppc64le|s390x|x86_64)0:1.0.1g-0.12.1(aarch64|ppc64le|s390x|x86_64)0:1.2.0-172.26.1(aarch64|ppc64le|s390x|x86_64)0:5.4.2.1-8.12.31.1(aarch64|ppc64le|s390x|x86_64)0:12.5-1.11.2(aarch64|ppc64le|s390x|x86_64)0:6.6p1-10.1(aarch64|ppc64le|s390x|x86_64)0:2.3.2-0.10.3.1(aarch64|ppc64le|s390x|x86_64)0:1.3.11-0.28.1(aarch64|ppc64le|s390x|x86_64)0:4.54-0.11.1(aarch64|ppc64le|s390x|x86_64)0:2.0.7-4.43.1(aarch64|ppc64le|s390x|x86_64)0:1.11.4-1.26.1(x86_64)0:1.0.1g-0.58.59.1(x86_64)0:0.9.8j-0.106.63.1(x86_64)0:1.0.1g-0.58.62.1(x86_64)0:0.9.8j-0.106.66.1(x86_64)0:0.9.8j-0.106.71.1(x86_64)0:1.0.1g-0.58.67.1(x86_64)0:3.0.101-108.141.1(x86_64)0:1.0.1g-0.58.70.1(x86_64)0:0.9.8j-0.106.74.1(x86_64)0:1.0.1g-0.58.73.1(x86_64)0:0.9.8j-0.106.77.1(x86_64)0:1.0.1g-0.58.56.1(x86_64)0:3.0.101-108.144.1(x86_64)0:3.0.101-108.147.1(x86_64)0:3.0.101-108.138.1(x86_64)0:1.0.1g-0.58.76.1(x86_64)0:0.9.8j-0.106.80.1(x86_64)0:0.9.8j-0.106.60.1(x86_64)0:3.0.101-108.150.1(x86_64)0:3.0.101-108.153.1(x86_64)0:2.11.3-17.110.52.1(x86_64)0:3.0.101-108.156.1(x86_64)0:3.0.101-108.159.1(x86_64)0:1.0.1g-0.58.82.1(x86_64)0:3.0.101-108.162.1(x86_64)0:3.0.101-108.165.1(x86_64)0:3.0.101-108.168.1(x86_64)0:3.0.101-108.171.1(x86_64)0:2.11.3-17.110.43.1(x86_64)0:1.0.1g-0.58.79.1(x86_64)0:0.9.8j-0.106.83.1(x86_64)0:1.17-102.83.81.1(x86_64)0:3.0.101-108.174.1(x86_64)0:1.17-102.83.84.1(x86_64)0:3.0.101-108.183.1(x86_64)0:3.0.101-108.186.1(x86_64)0:3.0.101-108.189.1(noarch)0:3.0.101-108.189.1(x86_64)0:1.17-102.83.87.1(x86_64)0:1.0.1g-0.58.85.1(x86_64)0:3.0.101-108.192.1(noarch)0:3.0.101-108.192.1(x86_64)0:3.0.101-108.195.1(noarch)0:3.0.101-108.195.1(x86_64)0:3.0.101-108.177.1(x86_64)0:3.0.101-108.204.1(noarch)0:3.0.101-108.204.1(x86_64)0:3.0.101-108.198.1(noarch)0:3.0.101-108.198.1(x86_64)0:3.0.101-108.180.1(noarch)0:3.0.101-108.180.1(x86_64)0:1.0.1g-58.90.2(x86_64)0:1.17-102.83.90.1(x86_64)0:3.0.101-108.201.1(noarch)0:3.0.101-108.201.1(i586|ia64|ppc64|s390x|x86_64)0:2.6-2.19.5.1(x86_64)0:2.2.45-28.8.1(i586|ia64|ppc64|s390x|x86_64)0:0.103.4-0.20.41.1(i586|ia64|ppc64|s390x|x86_64)0:0.103.5-0.20.44.1(i586|ia64|ppc64|s390x|x86_64)0:2.1.22-0.27.6(ppc64|s390x|x86_64)0:2.1.22-0.27.6(ia64)0:2.1.22-0.27.6(i586|ia64|ppc64|s390x|x86_64)0:7.19.7-0.38.1(ppc64|s390x|x86_64)0:7.19.7-0.38.1(ia64)0:7.19.7-0.38.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.26-0.28.8(ppc64|s390x|x86_64)0:2.4.26-0.28.8(ia64)0:2.4.26-0.28.8(i586|ia64|ppc64|s390x|x86_64)0:7.19.7-1.61.1(ppc64|s390x|x86_64)0:7.19.7-1.61.1(ia64)0:7.19.7-1.61.1(i586|ia64|ppc64|s390x|x86_64)0:7.19.7-1.64.1(ppc64|s390x|x86_64)0:7.19.7-1.64.1(ia64)0:7.19.7-1.64.1(i586|ia64|ppc64|s390x|x86_64)0:7.19.7-1.69.1(ppc64|s390x|x86_64)0:7.19.7-1.69.1(ia64)0:7.19.7-1.69.1(i586|ia64|ppc64|s390x|x86_64)0:7.19.7-1.70.3.1(ppc64|s390x|x86_64)0:7.19.7-1.70.3.1(ia64)0:7.19.7-1.70.3.1(i586|ia64|ppc64|s390x|x86_64)0:7.19.7-1.70.8.1(ppc64|s390x|x86_64)0:7.19.7-1.70.8.1(ia64)0:7.19.7-1.70.8.1(i586|ia64|ppc64|s390x|x86_64)0:7.19.7-1.70.13.1(ppc64|s390x|x86_64)0:7.19.7-1.70.13.1(i586|ia64|ppc64|s390x|x86_64)0:7.37.0-70.27.1(ppc64|s390x|x86_64)0:7.37.0-70.27.1(ia64)0:7.37.0-70.27.1(i586|ia64|ppc64|s390x|x86_64)0:7.37.0-70.30.1(ppc64|s390x|x86_64)0:7.37.0-70.30.1(ia64)0:7.37.0-70.30.1(i586|ia64|ppc64|s390x|x86_64)0:7.37.0-70.33.1(ppc64|s390x|x86_64)0:7.37.0-70.33.1(ia64)0:7.37.0-70.33.1(i586|ia64|ppc64|s390x|x86_64)0:7.37.0-70.38.1(ppc64|s390x|x86_64)0:7.37.0-70.38.1(ia64)0:7.37.0-70.38.1(i586|ia64|ppc64|s390x|x86_64)0:7.37.0-70.41.2(ppc64|s390x|x86_64)0:7.37.0-70.41.2(ia64)0:7.37.0-70.41.2(i586|ia64|ppc64|s390x|x86_64)0:7.37.0-70.44.1(ppc64|s390x|x86_64)0:7.37.0-70.44.1(ia64)0:7.37.0-70.44.1(i586|ia64|ppc64|s390x|x86_64)0:7.37.0-70.47.1(ppc64|s390x|x86_64)0:7.37.0-70.47.1(ia64)0:7.37.0-70.47.1(i586|ia64|ppc64|s390x|x86_64)0:7.37.0-70.52.2(ppc64|s390x|x86_64)0:7.37.0-70.52.2(ia64)0:7.37.0-70.52.2(i586|ia64|ppc64|s390x|x86_64)0:7.37.0-70.57.1(ppc64|s390x|x86_64)0:7.37.0-70.57.1(ia64)0:7.37.0-70.57.1(i586|ia64|ppc64|s390x|x86_64)0:7.37.0-70.60.1(ppc64|s390x|x86_64)0:7.37.0-70.60.1(ia64)0:7.37.0-70.60.1(i586|ia64|ppc64|s390x|x86_64)0:7.37.0-70.63.1(ppc64|s390x|x86_64)0:7.37.0-70.63.1(ia64)0:7.37.0-70.63.1(i586|ia64|ppc64|s390x|x86_64)0:7.37.0-70.66.1(ppc64|s390x|x86_64)0:7.37.0-70.66.1(ia64)0:7.37.0-70.66.1(i586|ia64|ppc64|s390x|x86_64)0:7.37.0-70.71.1(ppc64|s390x|x86_64)0:7.37.0-70.71.1(ia64)0:7.37.0-70.71.1(i586|ia64|ppc64|s390x|x86_64)0:7.37.0-70.74.1(ppc64|s390x|x86_64)0:7.37.0-70.74.1(ia64)0:7.37.0-70.74.1(i586|ia64|ppc64|s390x|x86_64)0:7.19.7-0.40.1(ppc64|s390x|x86_64)0:7.19.7-0.40.1(ia64)0:7.19.7-0.40.1(i586|ia64|ppc64|s390x|x86_64)0:2.1.22-182.26.4.1(ppc64|s390x|x86_64)0:2.1.22-182.26.4.1(ia64)0:2.1.22-182.26.4.1(i586|ia64|ppc64|s390x|x86_64)0:2.1.22-182.26.7.1(ppc64|s390x|x86_64)0:2.1.22-182.26.7.1(ia64)0:2.1.22-182.26.7.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.22.1(ppc64|s390x|x86_64)0:1.0.1g-0.22.1(ia64)0:1.0.1g-0.22.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.26-0.35.1(ppc64|s390x|x86_64)0:2.4.26-0.35.1(ia64)0:2.4.26-0.35.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.26-0.74.6.1(ppc64|s390x|x86_64)0:2.4.26-0.74.6.1(ia64)0:2.4.26-0.74.6.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.26-0.74.9.1(ppc64|s390x|x86_64)0:2.4.26-0.74.9.1(ia64)0:2.4.26-0.74.9.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.26-0.74.13.1(ppc64|s390x|x86_64)0:2.4.26-0.74.13.1(ia64)0:2.4.26-0.74.13.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.26-0.74.16.1(ppc64|s390x|x86_64)0:2.4.26-0.74.16.1(ia64)0:2.4.26-0.74.16.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.26-0.74.19.1(ppc64|s390x|x86_64)0:2.4.26-0.74.19.1(ia64)0:2.4.26-0.74.19.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.26-0.74.26.1(ppc64|s390x|x86_64)0:2.4.26-0.74.26.1(ia64)0:2.4.26-0.74.26.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.26-0.30.2(ppc64|s390x|x86_64)0:2.4.26-0.30.2(ia64)0:2.4.26-0.30.2(i586|ia64|ppc64|s390x|x86_64)0:2.4.26-0.62.3(ppc64|s390x|x86_64)0:2.4.26-0.62.3(ia64)0:2.4.26-0.62.3(i586|ia64|ppc64|s390x|x86_64)0:1.2.0-172.27.3.1(i586|ia64|ppc64|s390x|x86_64)0:6.6p1-10.1(i586|ia64|ppc64|s390x|x86_64)0:6.6p1-15.1(i586|ia64|ppc64|s390x|x86_64)0:6.6p1-18.1(i586|ia64|ppc64|s390x|x86_64)0:6.6p1-19.3.1(i586|ia64|ppc64|s390x|x86_64)0:6.6p1-19.6.1(i586|ia64|ppc64|s390x|x86_64)0:6.6p1-19.12.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.32.1(ppc64|s390x|x86_64)0:1.0.1g-0.32.1(ia64)0:1.0.1g-0.32.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.35.1(ppc64|s390x|x86_64)0:1.0.1g-0.35.1(ia64)0:1.0.1g-0.35.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.40.1(ppc64|s390x|x86_64)0:1.0.1g-0.40.1(ia64)0:1.0.1g-0.40.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.47.1(ppc64|s390x|x86_64)0:1.0.1g-0.47.1(ia64)0:1.0.1g-0.47.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.52.1(ppc64|s390x|x86_64)0:1.0.1g-0.52.1(ia64)0:1.0.1g-0.52.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.57.1(ppc64|s390x|x86_64)0:1.0.1g-0.57.1(ia64)0:1.0.1g-0.57.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.58.3.1(ppc64|s390x|x86_64)0:1.0.1g-0.58.3.1(ia64)0:1.0.1g-0.58.3.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.58.9.1(ppc64|s390x|x86_64)0:1.0.1g-0.58.9.1(ia64)0:1.0.1g-0.58.9.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.58.12.1(ppc64|s390x|x86_64)0:1.0.1g-0.58.12.1(ia64)0:1.0.1g-0.58.12.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.58.15.1(ppc64|s390x|x86_64)0:1.0.1g-0.58.15.1(ia64)0:1.0.1g-0.58.15.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.58.18.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.58.21.1(ppc64|s390x|x86_64)0:1.0.1g-0.58.21.1(ia64)0:1.0.1g-0.58.21.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.58.24.1(ppc64|s390x|x86_64)0:1.0.1g-0.58.24.1(ia64)0:1.0.1g-0.58.24.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.58.27.2(ppc64|s390x|x86_64)0:1.0.1g-0.58.27.2(ia64)0:1.0.1g-0.58.27.2(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.58.30.1(ppc64|s390x|x86_64)0:1.0.1g-0.58.30.1(ia64)0:1.0.1g-0.58.30.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.58.33.1(ppc64|s390x|x86_64)0:1.0.1g-0.58.33.1(ia64)0:1.0.1g-0.58.33.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.58.36.2(ppc64|s390x|x86_64)0:1.0.1g-0.58.36.2(ia64)0:1.0.1g-0.58.36.2(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.58.39.1(ppc64|s390x|x86_64)0:1.0.1g-0.58.39.1(ia64)0:1.0.1g-0.58.39.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.1g-0.58.42.1(ppc64|s390x|x86_64)0:1.0.1g-0.58.42.1(ia64)0:1.0.1g-0.58.42.1(i586|ia64|ppc64|s390x|x86_64)0:2.3.2-0.9.1(i586|ia64|ppc64|s390x|x86_64)0:2.3.2-0.10.3.1(i586|ia64|ppc64|s390x|x86_64)0:2.3.2-0.10.6.1(i586|ia64|ppc64|s390x|x86_64)0:2.3.2-0.10.9.1(i586|ia64|ppc64|s390x|x86_64)0:2.3.2-0.10.12.1(i586|ia64|ppc64|s390x|x86_64)0:1.3.11-0.28.1(i586|ia64|ppc64|s390x|x86_64)0:1.11.4-1.32.1(i586|ia64|ppc64|s390x|x86_64)0:1.11.4-1.40.1(i586|ia64|ppc64|s390x|x86_64)0:1.11.4-1.41.3.1(x86_64)0:0.9.7g-146.22.1(x86_64)0:1.4.2_sr13.13-0.3.1(x86_64)0:0.9.7g-146.22.36.1(noarch)0:1.0.0-0.8.1(x86_64)0:0.9.7g-146.22.31.1(x86_64)0:0.9.7g-146.22.33.1(x86_64)0:0.9.7g-146.22.44.1(x86_64)0:0.9.7g-146.22.47.1(ppc64|x86_64)0:0.98.9-0.7.1(ppc64|x86_64)0:0.9.7g-146.22.33.1(ppc64|x86_64)0:0.9.7g-146.22.36.1(ppc64|x86_64)0:0.9.7g-146.22.41.1(ppc64|x86_64)0:0.9.7g-146.22.44.1(ppc64|x86_64)0:0.9.7g-146.22.47.1(ppc64|x86_64)0:0.9.7g-146.22.50.1(ppc64|x86_64)0:0.9.7g-146.22.51.5.1(ppc64|x86_64)0:0.9.7g-146.22.51.8.1(ppc64|x86_64)0:1.4.20-2.58.1(noarch)0:5.4.15-0.15.2(noarch)0:5.9.33-0.20.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.10-0.38.1(i586|ia64|ppc64|s390x|x86_64)0:6.39.0-0.3.1(noarch)0:5.3.7-0.9.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.74-0.20.1(noarch)0:1.2.2-0.16.1(x86_64)0:1.2.74-0.22.2(noarch)0:5.11.64.3-5.1(i586|ia64|ppc64|s390x|x86_64)0:2015.8.12-27.1(i586|ia64|ppc64|s390x|x86_64)0:2.5.24.7-16.1(noarch)0:3.0.5-5.1(i586|ia64|ppc64|s390x|x86_64)0:2.5.84.4-8.1(i586|ia64|ppc64|s390x|x86_64)0:2.5.5.5-14.1(i586|ia64|ppc64|s390x|x86_64)0:2.5.24.9-24.1(noarch)0:2.5.13.8-23.1(i586|ia64|ppc64|s390x|x86_64)0:4.0.9-5.6.3(i586|ia64|ppc64|s390x|x86_64)0:4.0.7-5.8.2(i586|ia64|ppc64|s390x|x86_64)0:4.0.9-5.6.2(i586|ia64|ppc64|s390x|x86_64)0:4.0.8-5.8.3(i586|ia64|ppc64|s390x|x86_64)0:4.0.11-12.16.1(i586|ia64|ppc64|s390x|x86_64)0:4.0.14-18.51.1(i586|ia64|ppc64|s390x|x86_64)0:4.0.25-28.42.1(noarch)0:4.0.5-6.12.2(i586|ia64|ppc64|s390x|x86_64)0:2.2.2-0.68.12.1(i586|ia64|ppc64|s390x|x86_64)0:4.1.3-5.20.1(i586|ia64|ppc64|s390x|x86_64)0:4.1.7-27.38.1(i586|ia64|ppc64|s390x|x86_64)0:2016.11.10-43.63.1(i586|ia64|ppc64|s390x|x86_64)0:4.1.8-18.72.1(i586|x86_64)0:0.4.7-5.12.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.2-5.15.2(i586|ia64|ppc64|s390x|x86_64)0:4.2.1-5.9.2(i586|ia64|ppc64|s390x|x86_64)0:4.2.7-5.26.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.5-5.27.2(i586|ia64|ppc64|s390x|x86_64)0:4.2.2-5.9.2(i586|ia64|ppc64|s390x|x86_64)0:4.2.1-5.17.3(i586|ia64|ppc64|s390x|x86_64)0:4.2.3-12.31.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.10-27.50.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.3-9.21.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.1-6.15.3(i586|ia64|ppc64|s390x|x86_64)0:4.2.3-6.15.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.3-5.12.1(i586|ia64|ppc64|s390x|x86_64)0:2016.11.10-43.75.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.8-18.84.1(noarch)0:4.2.1-6.18.2(noarch)0:4.2.2-9.21.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.14-27.59.1(i586|ia64|ppc64|s390x|x86_64)0:2016.11.10-43.84.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.13-18.93.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.2-0.68.3.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.2-0.68.6.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.2-0.68.15.1(i586|ia64|ppc64|s390x|x86_64)0:2.6.1-5.1(i586|ia64|ppc64|s390x|x86_64)0:2016.11.4-43.7.1(i586|ia64|ppc64|s390x|x86_64)0:2016.11.4-43.10.2(i586|ia64|ppc64|s390x|x86_64)0:2016.11.10-43.38.1(i586|ia64|ppc64|s390x|x86_64)0:2016.11.10-43.69.1(i586|ia64|ppc64|s390x|x86_64)0:2016.11.4-42.2(i586|ia64|ppc64|s390x|x86_64)0:4.0.4-3.3.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.19.1(ppc64|s390x|x86_64)0:6.4.3.6-7.19.111(i586|ia64|ppc64|s390x|x86_64)0:3.0.10-1.1.1(i586|ia64|ppc64|s390x|x86_64)0:3.5-1.1.5(i586|ia64|ppc64|s390x|x86_64)0:2.24.0-7.5(ppc64|s390x|x86_64)0:2.24.0-7.5(ia64)0:2.24.0-7.5(i586|ia64|ppc64|s390x|x86_64)0:3.12.3.1-1.2.1(ppc64|s390x|x86_64)0:3.12.3.1-1.2.1(ia64)0:3.12.3.1-1.2.1(i586|ia64|ppc64|s390x|x86_64)0:0.8.11-2.14(ppc64|s390x|x86_64)0:0.8.11-2.14(ia64)0:0.8.11-2.14(i586|ia64|ppc64|s390x|x86_64)0:4.8-1.3.1(ppc64|s390x|x86_64)0:4.8-1.3.1(ia64)0:4.8-1.3.1(i586|ia64|ppc64|s390x|x86_64)0:1.9.0.10-1.1.1(ppc64|s390x|x86_64)0:1.9.0.10-1.1.1(ia64)0:1.9.0.10-1.1.1(i586|ia64|ppc64|s390x|x86_64)0:1.9.1.11-0.1.1(ppc64|s390x|x86_64)0:1.9.1.11-0.1.1(ia64)0:1.9.1.11-0.1.1(i586|ia64|ppc64|s390x|x86_64)0:1.9.2.12-0.6.1(ppc64|s390x|x86_64)0:1.9.2.12-0.6.1(ia64)0:1.9.2.12-0.6.1(i586|ia64|ppc64|s390x|x86_64)0:2.14.16-2.16(ppc64|s390x|x86_64)0:2.14.16-2.16(ia64)0:2.14.16-2.16(i586|ia64|ppc64|s390x|x86_64)0:0.7.0.r4359-15.9.2(i586|ia64|ppc64|s390x|x86_64)0:0.7.0.r1053-11.11.1(i586|ia64|ppc64|s390x|x86_64)0:1.6.1-83.17.1(ppc64|s390x|x86_64)0:1.6.1-83.17.1(ia64)0:1.6.1-83.17.1(i586|x86_64)0:3.2.7-151.3(i586|ia64|ppc64|s390x|x86_64)0:2.2.47-30.5.1(ppc64|s390x|x86_64)0:2.2.47-30.5.1(ia64)0:2.2.47-30.5.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.10-2.23.22.1(i586|ia64|ppc64|s390x|x86_64)0:5.2.6-50.18.3(i586|ia64|ppc64|s390x|x86_64)0:0.6.23-11.14.1(ppc64|s390x|x86_64)0:0.6.23-11.14.1(ia64)0:0.6.23-11.14.1(i586|ia64|ppc64|s390x|x86_64)0:9.5.0P2-20.2.1(ppc64|s390x|x86_64)0:9.5.0P2-20.2.1(ia64)0:9.5.0P2-20.2.1(i586|ia64|ppc|s390x|x86_64)0:2.0.1-1.18.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.5-34.253.1(ppc64|s390x|x86_64)0:1.0.5-34.253.1(ia64)0:1.0.5-34.253.1(i586|ia64|ppc64|s390x|x86_64)0:3.2.7-11.21.1(i586|ia64|ppc64|s390x|x86_64)0:1.34b-11.21.1(ppc64|s390x|x86_64)0:3.2.7-11.21.1(ia64)0:3.2.7-11.21.1(i586|ia64|ppc64|s390x|x86_64)0:0.95.1-0.1.1(i586|ia64|ppc64|s390x|x86_64)0:4.3.3_20081022-11.18(ppc64|s390x|x86_64)0:4.3.3_20081022-11.18(ia64)0:4.3.3_20081022-11.18(i586|ia64|ppc64|s390x|x86_64)0:2.9-75.27.24.1(i586|ia64|ppc64|s390x|x86_64)0:4.1-194.19.1(i586|ia64|ppc64|s390x|x86_64)0:1.3.9-8.15.1(ppc64|s390x|x86_64)0:1.3.9-8.15.1(ia64)0:1.3.9-8.15.1(i586|ia64|ppc64|s390x|x86_64)0:7.19.0-11.21.1(i586|ia64|ppc64|s390x|x86_64)0:1.2-107.22(ppc64|s390x|x86_64)0:1.2-107.22(ia64)0:1.2-107.22(ppc64|s390x|x86_64)0:7.19.0-11.21.1(ia64)0:7.19.0-11.21.1(i586|ia64|ppc64|s390x|x86_64)0:1.10-3.18(ppc64|s390x|x86_64)0:1.10-3.18(ia64)0:1.10-3.18(i586|ia64|ppc64|s390x|x86_64)0:2.3.11-60.21.1(i586|ia64|ppc64|s390x|x86_64)0:2.1.22-182.20.1(ppc64|s390x|x86_64)0:2.1.22-182.20.1(ia64)0:2.1.22-182.20.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.10-3.9.1(ppc64|s390x|x86_64)0:1.2.10-3.9.1(ia64)0:1.2.10-3.9.1(i586|ia64|ppc64|s390x|x86_64)0:0.76-34.10.1(ppc64|s390x|x86_64)0:0.76-34.10.1(ia64)0:0.76-34.10.1(i586|ia64|ppc64|s390x|x86_64)0:3.1.1-7.13.1(i586|ia64|ppc64|s390x|x86_64)0:2.45-12.23.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.5-1.27.1(i586|ia64|ppc64|s390x|x86_64)0:2.24.1.1-11.8.1(ppc64|s390x|x86_64)0:2.24.1.1-11.8.1(ia64)0:2.24.1.1-11.8.1(i586|ia64|ppc64|s390x|x86_64)0:3.24.1.1-3.23.2(i586|ia64|ppc64|s390x|x86_64)0:2.24.1.1-11.12.1(ppc64|s390x|x86_64)0:2.24.1.1-11.12.1(ia64)0:2.24.1.1-11.12.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.1-88.26.1(ppc64|s390x|x86_64)0:2.0.1-88.26.1(ia64)0:2.0.1-88.26.1(i586|ia64|ppc64|s390x|x86_64)0:6.3.8.90-13.16.1(i586|ia64|ppc64|s390x|x86_64)0:IIIalpha9.8-691.22(ppc64|s390x|x86_64)0:IIIalpha9.8-691.22(ia64)0:IIIalpha9.8-691.22(i586|ia64|ppc64|s390x|x86_64)0:0.15-1.29(i586|ia64|ppc64|s390x|x86_64)0:2.7.0-130.21(ppc64|s390x|x86_64)0:2.7.0-130.21(ia64)0:2.7.0-130.21(i586|ia64|ppc64|s390x|x86_64)0:2.24.0-7.4(ppc64|s390x|x86_64)0:2.24.0-7.4(ia64)0:2.24.0-7.4(i586|ia64|ppc64|s390x|x86_64)0:0.10.21-3.20(i586|ia64|ppc64|s390x|x86_64)0:1.1.3-87.12(ppc64|s390x|x86_64)0:1.1.3-87.12(ia64)0:1.1.3-87.12(i586|ia64|ppc64|s390x|x86_64)0:0.3.15-3.10(ppc64|s390x|x86_64)0:0.3.15-3.10(ia64)0:0.3.15-3.10(i586|ia64|ppc64|s390x|x86_64)0:2.3.7-25.9.1(ppc64|s390x|x86_64)0:2.3.7-25.9.1(ia64)0:2.3.7-25.9.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.2-61.18.1(i586|ia64|ppc64|s390x|x86_64)0:2.24.0-24.5.1(i586|ia64|ppc64|s390x|x86_64)0:8.62-32.25.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.7-32.25.1(i586|ia64|ppc64|s390x|x86_64)0:2.18.2-7.7.1(ppc64|s390x|x86_64)0:2.18.2-7.7.1(ia64)0:2.18.2-7.7.1(i586|i686|ia64|ppc64|s390x|x86_64)0:2.9-13.11.1(ppc64|s390x|x86_64)0:2.9-13.11.1(i586|ia64|ppc64|s390x|x86_64)0:2.9-13.11.1(ia64)0:2.9-13.11.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.23-1.41.1(i586|ia64|ppc64|s390x|x86_64)0:2.24.0-14.27.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.1-24.16.1(ppc64|s390x|x86_64)0:2.4.1-24.16.1(ia64)0:2.4.1-24.16.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.9-25.25.1(i586|ia64|ppc64|s390x|x86_64)0:1.4.1-6.7(ppc64|s390x|x86_64)0:1.4.1-6.7(ia64)0:1.4.1-6.7(i586|ia64|ppc64|s390x|x86_64)0:1.6-8.6(ppc64|s390x|x86_64)0:1.6-8.6(ia64)0:1.6-8.6(i586|ia64|ppc64|s390x|x86_64)0:1.0.4-1.16(i586|ia64|ppc64|s390x|x86_64)0:0.10.21-2.36.1(ppc64|s390x|x86_64)0:0.10.21-2.36.1(ia64)0:0.10.21-2.36.1(i586|ia64|ppc64|s390x|x86_64)0:0.10.10-4.9.1(i586|ia64|ppc64|s390x|x86_64)0:1.3.12-69.19.1(i586|x86_64)0:4.0-7.22.1(x86_64)0:4.0-7.22.1(i586|ia64|ppc64|s390x|x86_64)0:0.7.1-10.31.1(i586|ia64|ppc64|s390x|x86_64)0:0.4.15-94.14.1(i586|ia64|ppc64|s390x|x86_64)0:0.4.15_2.6.27.48_0.6-94.14.1(i586)0:0.4.15_2.6.27.48_0.6-94.14.1(ppc64)0:0.4.15_2.6.27.48_0.6-94.14.1(i586|x86_64)0:0.4.15_2.6.27.48_0.6-94.14.1(i586|ia64|ppc64|s390x|x86_64)0:1.4.2_sr13-0.1.1(i586)0:1.4.2_sr13-0.1.1(ia64)0:1.5.0.13.1.2-0.1.1(i586|ppc64|s390x|x86_64)0:1.6.0-124.6.1(i586)0:1.6.0-124.6.1(ia64)0:1.6.0-124.7.1(i586|ia64|ppc64|s390x|x86_64)0:4.1.3-9.14.6(i586|ia64|ppc64|s390x|x86_64)0:4.1.3-9.28.3(i586|ia64|ppc64|s390x|x86_64)0:4.1.3-7.17.1(i586|ia64|ppc64|s390x|x86_64)0:4.1.3-18.8.1(i586|ia64|ppc64|s390x|x86_64)0:4.1.3-7.9.1(i586|ia64|ppc64|s390x|x86_64)0:3.5.10-23.30.1(ppc64|s390x|x86_64)0:3.5.10-23.30.1(ia64)0:3.5.10-23.30.1(i586|ia64|ppc64|s390x|x86_64)0:4.1.3-8.21.1(ppc64|s390x|x86_64)0:4.1.3-8.21.1(ia64)0:4.1.3-8.21.1(i586|ia64|ppc64|s390x|x86_64)0:4.1.3-8.18.1(ppc64|s390x|x86_64)0:4.1.3-8.18.1(ia64)0:4.1.3-8.18.1(i586|ia64|ppc64|s390x|x86_64)0:0.5.5-106.18(ppc64|s390x|x86_64)0:0.5.5-106.18(ia64)0:0.5.5-106.18(i586|ia64|ppc64|s390x|x86_64)0:0_2.6.27.23_0.1-7.1.7(i586)0:0_2.6.27.23_0.1-7.1.7(ppc64)0:0_2.6.27.23_0.1-7.1.7(i586|x86_64)0:0_2.6.27.23_0.1-7.1.7(s390x)0:0.4.15_2.6.27.54_0.2-94.14.8(i586|ia64|ppc64|s390x|x86_64)0:2.6.27.23-0.1.1(s390x)0:2.6.27.23-0.1.1(ppc64)0:2.6.27.23-0.1.1(i586)0:2.6.27.23-0.1.1(i586|x86_64)0:2.6.27.23-0.1.1(s390x)0:2.0.5_2.6.27.54_0.2-7.9.1(i586|ia64|ppc64|s390x|x86_64)0:1.6.3-133.25.1(ppc64|s390x|x86_64)0:1.6.3-133.25.1(ia64)0:1.6.3-133.25.1(i586|ia64|x86_64)0:78.0.10.6-0.3.1(i586|ia64|x86_64)0:78.2.6.30.1_2.6.27.37_0.1-0.7.1(i586)0:78.2.6.30.1_2.6.27.37_0.1-0.7.1(i586|ia64|ppc64|s390x|x86_64)0:1.17-77.12.1(ppc64|s390x|x86_64)0:1.17-77.12.1(ia64)0:1.17-77.12.1(i586|ia64|ppc64|s390x|x86_64)0:1.23-4.1.1(ppc64|s390x|x86_64)0:1.23-4.1.1(ia64)0:1.23-4.1.1(i586|ia64|ppc64|s390x|x86_64)0:1.3.4-12.19.1(ppc64)0:1.3.4-12.19.1(i586|ia64|ppc64|s390x|x86_64)0:1.3.3-11.16.1(ppc64)0:1.3.3-11.16.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.4-157.15.1(i586|ia64|ppc64|s390x|x86_64)0:3.12.8-1.2.1(ppc64|s390x|x86_64)0:3.12.8-1.2.1(ia64)0:3.12.8-1.2.1(i586|ia64|ppc64|s390x|x86_64)0:4.8.6-1.2.1(ppc64|s390x|x86_64)0:4.8.6-1.2.1(ia64)0:4.8.6-1.2.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.3-106.34(ppc64|s390x|x86_64)0:1.2.3-106.34(ia64)0:1.2.3-106.34(i586|ia64|ppc64|s390x|x86_64)0:2.0-11.20.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.12-7.19.1(ppc64|s390x|x86_64)0:2.4.12-7.19.1(ia64)0:2.4.12-7.19.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.6-2.131.1(ppc64|s390x|x86_64)0:2.2.6-2.131.1(ia64)0:2.2.6-2.131.1(i586|ia64|ppc64|s390x|x86_64)0:5.0.67-13.26.1(ppc64|s390x|x86_64)0:5.0.67-13.26.1(ia64)0:5.0.67-13.26.1(i586|ia64|ppc64|s390x|x86_64)0:0.28.3-2.12.1(ppc64|s390x|x86_64)0:0.28.3-2.12.1(ia64)0:0.28.3-2.12.1(i586|ia64|ppc64|s390x|x86_64)0:10.26.44-101.9.1(ppc64|s390x|x86_64)0:10.26.44-101.9.1(ia64)0:10.26.44-101.9.1(i586|ia64|ppc64|s390x|x86_64)0:0.11.6-5.25.1(ppc64|s390x|x86_64)0:0.11.6-5.25.1(ia64)0:0.11.6-5.25.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.8h-30.13.1(ppc64|s390x|x86_64)0:0.9.8h-30.13.1(ia64)0:0.9.8h-30.13.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.31-5.11.1(ppc64|s390x|x86_64)0:1.2.31-5.11.1(ia64)0:1.2.31-5.11.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.31-5.18.1(ppc64|s390x|x86_64)0:1.2.31-5.18.1(ia64)0:1.2.31-5.18.1(i586|ia64|ppc64|s390x|x86_64)0:0.10.1-1.37.1(i586|ia64|ppc64|s390x|x86_64)0:0.10.1-1.30.5(i586|ia64|ppc64|s390x|x86_64)0:2.6.0-8.8.6.1(ppc64|s390x|x86_64)0:2.6.0-8.8.6.1(ia64)0:2.6.0-8.8.6.1(i586|ia64|ppc64|s390x|x86_64)0:2.6.0-8.9.6.2(ppc64|s390x|x86_64)0:2.6.0-8.9.6.2(ia64)0:2.6.0-8.9.6.2(i586|ia64|ppc64|s390x|x86_64)0:4.4.3-12.14.1(ppc64|s390x|x86_64)0:4.4.3-12.14.1(ia64)0:4.4.3-12.14.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.17-172.14.1(ppc64|s390x|x86_64)0:1.0.17-172.14.1(ia64)0:1.0.17-172.14.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.beta2-6.1.1(ppc64|s390x|x86_64)0:1.0.beta2-6.1.1(ia64)0:1.0.beta2-6.1.1(i586|ia64|ppc64|s390x|x86_64)0:3.8.2-141.8.1(ppc64|s390x|x86_64)0:3.8.2-141.8.1(ia64)0:3.8.2-141.8.1(i586|ia64|ppc64|s390x|x86_64)0:3.8.2-141.7.1(ppc64|s390x|x86_64)0:3.8.2-141.7.1(ia64)0:3.8.2-141.7.1(i586|ia64|ppc64|s390x|x86_64)0:128-13.2.1(i586|ia64|ppc64|s390x|x86_64)0:0.4.6-14.63.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.0-79.13.1(ppc64|s390x|x86_64)0:1.2.0-79.13.1(ia64)0:1.2.0-79.13.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.1-10.11.1(ppc64|s390x|x86_64)0:2.7.1-10.11.1(ia64)0:2.7.1-10.11.1(i586|ia64|ppc64|s390x|x86_64)0:2.02.39-18.26.3(i586|ia64|ppc64|s390x|x86_64)0:2.0.2-2.15.1(i586|ia64|ppc64|s390x|x86_64)0:4.8.2-1.1.1(ppc64|s390x|x86_64)0:4.8.2-1.1.1(ia64)0:4.8.2-1.1.1(i586|ia64|ppc64|s390x|x86_64)0:1.9.0.9-0.1.1(ppc64|s390x|x86_64)0:1.9.0.9-0.1.1(ia64)0:1.9.0.9-0.1.1(i586|ia64|ppc64|s390x|x86_64)0:1.9.1.15-0.5.1(ppc64|s390x|x86_64)0:1.9.1.15-0.5.1(ia64)0:1.9.1.15-0.5.1(i586|ia64|ppc64|s390x|x86_64)0:1.5.17-42.33.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.6-1.21.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.4p6-1.17.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.870-26.6.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.0-172.10.7.1(ppc64|s390x|x86_64)0:1.2.0-172.10.7.1(ia64)0:1.2.0-172.10.7.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.8h-30.14.1(ppc64|s390x|x86_64)0:0.9.8h-30.14.1(ia64)0:0.9.8h-30.14.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.8h-30.18.1(ppc64|s390x|x86_64)0:0.9.8h-30.18.1(ia64)0:0.9.8h-30.18.1(i586|ia64|ppc64|s390x|x86_64)0:2.6.16-1.32.1(i586|ia64|ppc64|s390x|x86_64)0:1.22.1-3.17.3(ppc64|s390x|x86_64)0:1.22.1-3.17.3(ia64)0:1.22.1-3.17.3(i586|ia64|ppc64|s390x|x86_64)0:1.4.102-1.31.1(ppc64|s390x|x86_64)0:1.4.102-1.31.1(ia64)0:1.4.102-1.31.1(i586|ia64|ppc64|s390x|x86_64)0:5.10.0-64.43.1(ppc64|s390x|x86_64)0:5.10.0-64.43.1(ia64)0:5.10.0-64.43.1(i586|ia64|ppc64|s390x|x86_64)0:3.56-1.18.1(i586|ia64|ppc64|s390x|x86_64)0:1.16-3.2.1(i586|ia64|ppc64|s390x|x86_64)0:1.7-37.10.1(ppc64|s390x|x86_64)0:1.7-37.10.1(ia64)0:1.7-37.10.1(i586|ia64|ppc64|s390x|x86_64)0:4.4.2.3-37.10.1(ppc64|s390x|x86_64)0:4.4.2.3-37.10.1(ia64)0:4.4.2.3-37.10.1(i586|ia64|ppc64|s390x|x86_64)0:8.3.7-0.1.1(ppc64|s390x|x86_64)0:8.3.7-0.1.1(ia64)0:8.3.7-0.1.1(i586|ia64|ppc64|s390x|x86_64)0:0.24.8-1.3.7.1(i586|ia64|ppc64|s390x|x86_64)0:3.2.2-2.19(i586|ia64|ppc64|s390x|x86_64)0:0.8.4-194.19.1(i586|ia64|ppc64|s390x|x86_64)0:0.99.10-17.17.1(i586|ia64|ppc64|s390x|x86_64)0:8.14.3-50.20.1(i586|ia64|ppc64|s390x|x86_64)0:1.8.7.p72-5.22.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.STABLE5-2.4.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.8-1.23.1(i586|ia64|ppc64|s390x|x86_64)0:1.6.9p17-21.3.1(i586|ia64|ppc64|s390x|x86_64)0:0.7.1-42.5.1(i586|ia64|ppc64|s390x|x86_64)0:1.20-23.23.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.0-1.27.1(i586|ia64|ppc64|s390x|x86_64)0:0.5.2-128.18.1(noarch)0:2.1.1.2-2.2(i586|ia64|ppc64|s390x|x86_64)0:1.11.4-1.15.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.5-1.26.1(i586|x86_64)0:0.5-15.16.1(i586|x86_64)0:0.4.6-14.60.16(i586|x86_64)0:0.5.2-8.47.85(i586|x86_64)0:0.5.3-66.42.13(i586|x86_64)0:0.0.3-3.57.13(i586|x86_64)0:0.3.27-0.1.15(i586|x86_64)0:3.3.1_18546_24-0.3.7(i586|x86_64)0:3.3.1_18546_24_2.6.27.45_0.3-0.3.7(i586)0:3.3.1_18546_24_2.6.27.45_0.3-0.3.7(noarch)0:2.8.1-238.27.1(i586|ia64|ppc64|s390x|x86_64)0:3.02-138.26.1(i586|ia64|ppc64|s390x|x86_64)0:2.17.21-0.1.1(x86_64)0:0.2.10-64.65.1(i586|s390x|x86_64)0:24.6.0esr-0.3.1(i586|s390x|x86_64)0:24-0.4.10.24(i586|s390x|x86_64)0:3.16.1-0.3.1(s390x|x86_64)0:3.16.1-0.3.1(i586|s390x|x86_64)0:4.10.6-0.3.1(s390x|x86_64)0:4.10.6-0.3.1(x86_64)0:6.4.3.6-7.24.1(x86_64)0:6.4.3.6-7.34.1(x86_64)0:6.4.3.6-7.37.1(x86_64)0:6.4.3.6-7.40.1(x86_64)0:6.4.3.6-7.45.1(x86_64)0:6.4.3.6-7.48.1(x86_64)0:6.4.3.6-7.54.1(x86_64)0:6.4.3.6-7.60.1(x86_64)0:6.4.3.6-7.65.1(x86_64)0:6.4.3.6-7.70.1(x86_64)0:6.4.3.6-7.77.1(x86_64)0:6.4.3.6-7.78.5.2(x86_64)0:6.4.3.6-7.78.8.1(x86_64)0:6.4.3.6-7.78.14.1(x86_64)0:6.4.3.6-7.78.17.1(x86_64)0:6.4.3.6-7.78.22.1(x86_64)0:6.4.3.6-7.78.29.2(x86_64)0:6.4.3.6-7.78.34.1(x86_64)0:6.4.3.6-7.78.37.1(x86_64)0:6.4.3.6-78.40.1(x86_64)0:6.4.3.6-78.45.1(x86_64)0:6.4.3.6-78.56.1(x86_64)0:6.4.3.6-78.59.1(x86_64)0:6.4.3.6-78.74.1(x86_64)0:6.4.3.6-78.79.1(x86_64)0:6.4.3.6-78.92.1(x86_64)0:6.4.3.6-78.97.1(x86_64)0:6.4.3.6-78.106.1(x86_64)0:6.4.3.6-78.109.1(x86_64)0:6.4.3.6-78.112.1(x86_64)0:6.4.3.6-78.117.1(x86_64)0:6.4.3.6-78.122.1(x86_64)0:6.4.3.6-78.125.6(x86_64)0:6.4.3.6-78.128.1(x86_64)0:6.4.3.6-78.135.1(x86_64)0:6.4.3.6-78.140.1(x86_64)0:6.4.3.6-78.143.1(x86_64)0:6.4.3.6-78.146.1(x86_64)0:0.9.1-159.1(x86_64)0:0.9.1-160.3.1(x86_64)0:0.9.1-160.6.1(x86_64)0:0.9.1-160.9.1(x86_64)0:0.9.1-160.14.1(x86_64)0:0.9.1-160.19.1(x86_64)0:0.9.1-160.22.1(i586|s390x|x86_64)0:7.7-5.12.2(s390x|x86_64)0:7.7-5.12.2(x86_64)0:7.7-5.14.3.1(i586|s390x|x86_64)0:17.0.9esr-0.3.1(x86_64)0:3.13.5-0.4.2(x86_64)0:4.9.1-0.5.1(x86_64)0:1.9.1.11-0.1.1(x86_64)0:1.9.2.24-0.3.1(x86_64)0:38.5.0esr-28.2(x86_64)0:38.8.0esr-40.1(x86_64)0:45.3.0esr-48.1(x86_64)0:45.0-20.38(x86_64)0:2.11.0-4.2(x86_64)0:3.21.1-26.2(x86_64)0:4.12-25.2(x86_64)0:45.4.0esr-52.1(x86_64)0:45.6.0esr-66.1(x86_64)0:45.7.0esr-69.2(x86_64)0:45.8.0esr-74.1(x86_64)0:45.9.0esr-77.3(x86_64)0:3.29.5-37.1(x86_64)0:4.13.1-28.1(x86_64)0:52.3.0esr-78.4.5(x86_64)0:52-21.3.28(x86_64)0:5.3.1+r233831-2.1(x86_64)0:5.3.1+r233831-5.1(x86_64)0:52.5.0esr-78.10.1(x86_64)0:52.6.0esr-78.13.3(x86_64)0:52.7.3esr-78.20.2(x86_64)0:52.8.0esr-78.25.1(x86_64)0:52.8.1esr-78.29.3(x86_64)0:52.9.0esr-78.32.6(x86_64)0:60.8.0esr-78.43.2(x86_64)0:68.3.0-78.54.1(x86_64)0:3.47.1-38.12.1(x86_64)0:4.23-29.9.1(x86_64)0:68.4.1-78.57.1(x86_64)0:68.5.0-78.61.2(x86_64)0:68.6.0-78.64.1(x86_64)0:68.6.1-78.67.1(x86_64)0:68.7.0-78.70.1(x86_64)0:68.8.0-78.73.1(x86_64)0:68.9.0-78.77.1(x86_64)0:78.0.1-78.80.2(x86_64)0:78-21.12.1(x86_64)0:78.1.0-78.87.1(x86_64)0:78.2.0-78.90.2(x86_64)0:78.3.0-78.93.1(x86_64)0:78.4.0-78.99.1(x86_64)0:78.4.1-78.102.1(x86_64)0:78.5.0-78.105.1(x86_64)0:78.6.0-78.108.1(x86_64)0:78.6.1-78.111.1(x86_64)0:78.7.0-78.114.1(x86_64)0:78.7.1-78.117.1(x86_64)0:78.8.0-78.120.1(x86_64)0:78.9.0-78.123.1(x86_64)0:78.10.0-78.126.1(x86_64)0:78.11.0-78.131.1(x86_64)0:78.12.0-78.134.1(x86_64)0:78.13.0-78.137.1(x86_64)0:78.14.0-78.140.4(x86_64)0:91.3.0-78.151.2(x86_64)0:91.4.0-78.154.1(x86_64)0:91.5.0-78.159.1(x86_64)0:3.68.2-38.43.1(x86_64)0:91.6.0-78.162.2(x86_64)0:91.7.0-78.167.1(x86_64)0:91.8.0-78.170.1(i586|s390x|x86_64)0:24.5.0esr-0.3.1(i586|s390x|x86_64)0:24-0.4.10.14(i586|s390x|x86_64)0:3.16-0.3.1(s390x|x86_64)0:3.16-0.3.1(i586|s390x|x86_64)0:4.10.4-0.3.1(s390x|x86_64)0:4.10.4-0.3.1(x86_64)0:31.6.0esr-0.3.1(x86_64)0:4.10.8-0.5.1(x86_64)0:91.2.0-78.143.1(x86_64)0:91-21.18.1(x86_64)0:0.7.1_git20090811-3.9.9.5(x86_64)0:0.7.1-5.15.7.5(x86_64)0:0.6.9-4.5.4(x86_64)0:0.7.1-5.15.11.1(x86_64)0:0.9.svn1043876-1.3.15(x86_64)0:1.6.1-83.17.3.1(x86_64)0:1.6.1-83.17.8.2(x86_64)0:1.6.1-83.17.11.1(x86_64)0:1.6.1-83.17.14.1(x86_64)0:1.6.1-83.17.17.1(x86_64)0:1.6.1-83.17.20.1(x86_64)0:1.6.1-83.17.25.1(x86_64)0:1.6.1-83.17.30.1(x86_64)0:2.6.0-8.9.20(x86_64)0:1.2.13-106.11.1(x86_64)0:1.2.13-106.14.12(x86_64)0:1.2.13-106.21.1(noarch)0:3.6_SVNr208-2.18.3.1(x86_64)0:4.13-1326.37.1(x86_64)0:11-6.46.46.2(x86_64)0:1.4-75.3.1(x86_64)0:0.13.1-40.16.6.1(x86_64)0:2.5.2.1-188.5.1(noarch)0:1.7.0-200.26.5.1(i586|s390x|x86_64)0:2.2.12-1.46.1(x86_64)0:2.2.12-59.1(x86_64)0:2.2.12-64.1(x86_64)0:2.2.12-69.1(x86_64)0:2.2.34-70.5.1(x86_64)0:2.2.34-70.12.1(x86_64)0:2.2.34-70.15.1(x86_64)0:2.2.34-70.18.1(x86_64)0:2.2.34-70.21.1(x86_64)0:2.2.34-70.27.1(x86_64)0:2.2.34-70.30.1(x86_64)0:2.2.34-70.35.1(x86_64)0:2.2.34-70.38.1(x86_64)0:2.2.34-70.41.1(x86_64)0:2.2.12-1.30.1(x86_64)0:1.3.3-11.18.19.1(x86_64)0:1.2.40-0.2.5.1(x86_64)0:1.0.8-0.4.9.1(x86_64)0:1.0.14-0.4.25.1(x86_64)0:2.0.4-40.63.3.3(i586|s390x|x86_64)0:5.2.14-0.7.30.62.1(x86_64)0:3.3.1-147.24.1(x86_64)0:0.114-12.8.3.1(x86_64)0:0.114-0.8.3.1(x86_64)0:0.114-12.8.6.1(x86_64)0:0.114-0.8.6.1(x86_64)0:0.114-12.8.11.1(x86_64)0:0.114-0.8.11.1(x86_64)0:4.3.5-0.3.3(x86_64)0:2.1a15-131.23.2.1(x86_64)0:2.1a15-131.23.2.6.1(x86_64)0:0.60.6-26.30.1(x86_64)0:0.60.6-26.33.1(x86_64)0:0.60.6-26.36.1(x86_64)0:0.7.0-135.16.16.3.1(x86_64)0:0.7.0-135.16.16.6.1(x86_64)0:0.7.0-135.16.16.9.1(x86_64)0:0.2.6-142.17.1(x86_64)0:0.8.1-7.20.1(x86_64)0:0.8.1-7.22.2(x86_64)0:0.8.1-7.23.3.1(x86_64)0:1.10.1-4.131.9.1(x86_64)0:0.6.23-11.25.25.3.1(x86_64)0:0.6.23-11.25.25.6.14(x86_64)0:0.6.23-11.25.25.9.1(noarch)0:1.4-236.38.3.1(noarch)0:1.4-236.38.6.1(i586|s390x|x86_64)0:3.2-147.14.22.1(i586|s390x|x86_64)0:5.2-147.14.22.1(s390x|x86_64)0:5.2-147.14.22.1(x86_64)0:3.2-148.5.1(x86_64)0:5.2-148.5.1(i586|s390x|x86_64)0:9.6ESVR10P2-0.6.1(s390x|x86_64)0:9.6ESVR10P2-0.6.1(i586|s390x|x86_64)0:9.6ESVR11W1-0.6.1(s390x|x86_64)0:9.6ESVR11W1-0.6.1(i586|s390x|x86_64)0:9.6ESVR11W1-0.9.1(s390x|x86_64)0:9.6ESVR11W1-0.9.1(x86_64)0:9.6ESVR11W1-0.12.1(x86_64)0:9.6ESVR11W1-0.15.1(x86_64)0:9.6ESVR11W1-0.18.1(x86_64)0:9.6ESVR11W1-0.21.1(x86_64)0:9.6ESVR11W1-0.24.1(x86_64)0:9.6ESVR11W1-0.27.1(x86_64)0:9.6ESVR11W1-0.30.1(x86_64)0:9.6ESVR11W1-0.31.7.1(x86_64)0:9.6ESVR11W1-0.31.12.1(x86_64)0:9.6ESVR11W1-0.31.15.1(x86_64)0:9.6ESVR11W1-0.31.18.1(x86_64)0:9.6ESVR11W1-0.31.21.1(x86_64)0:9.6ESVR11W1-0.31.24.1(x86_64)0:2.24-0.3.4(x86_64)0:4.51-1.5.3.1(x86_64)0:1.36.0-12.3.1(x86_64)0:2.5.5-9.1(x86_64)0:2.5.5-10.8.1(x86_64)0:2.0.1-1.34.1(x86_64)0:1.0.5-34.253.1(x86_64)0:1.0.5-34.256.5.1(x86_64)0:1.0.5-34.256.8.1(x86_64)0:1.8.8-2.3.7.1(x86_64)0:1.8.8-2.3.10.1(i586|s390x|x86_64)0:3.4.3-1.54.1(i586|s390x|x86_64)0:1.34b-11.28.54.1(s390x|x86_64)0:3.4.3-1.54.1(noarch)0:3.4.3-1.54.1(i586|s390x|x86_64)0:0.98.3-0.11.1(x86_64)0:0.99.2-0.19.1(x86_64)0:0.99.3-0.20.3.2(x86_64)0:0.99.4-0.20.7.2(x86_64)0:0.100.1-0.20.15.1(x86_64)0:0.100.2-0.20.18.1(x86_64)0:0.100.3-0.20.21.1(x86_64)0:0.100.3-0.20.26.1(x86_64)0:0.100.3-0.20.29.1(x86_64)0:0.103.0-0.20.32.1(x86_64)0:0.103.2-0.20.35.1(x86_64)0:0.103.4-0.20.41.1(x86_64)0:0.103.5-0.20.44.1(x86_64)0:2.3.37-2.14.1(x86_64)0:2.4.26-0.14.1(x86_64)0:6.12-32.41.1(x86_64)0:6.12-32.41.5.1(x86_64)0:2.9-75.76.1(x86_64)0:2.9-75.81.5.1(x86_64)0:2.9-75.81.8.1(x86_64)0:2.9-75.81.14.1(x86_64)0:2.8.12-56.13.1(x86_64)0:4.1-194.211.213.3.8(x86_64)0:2013.10.2-0.3.3.1(i586|s390x|x86_64)0:1.3.9-8.46.52.2(s390x|x86_64)0:1.3.9-8.46.52.2(x86_64)0:1.3.9-8.46.56.3.1(x86_64)0:1.3.9-8.46.56.8.1(x86_64)0:1.3.9-8.46.56.11.1(x86_64)0:1.3.9-8.46.56.15.1(x86_64)0:1.3.9-8.46.56.18.1(i586|s390x|x86_64)0:7.19.7-1.20.33.1(s390x|x86_64)0:7.19.7-1.20.33.1(x86_64)0:7.19.7-1.20.39.2(x86_64)0:7.19.7-1.20.42.1(x86_64)0:7.19.7-1.61.1(x86_64)0:7.19.7-1.64.1(x86_64)0:7.19.7-1.69.1(x86_64)0:7.19.7-1.70.3.1(x86_64)0:7.19.7-1.70.8.1(x86_64)0:7.19.7-1.70.13.1(x86_64)0:7.37.0-70.27.1(x86_64)0:7.37.0-70.30.1(x86_64)0:7.37.0-70.33.1(x86_64)0:7.37.0-70.38.1(x86_64)0:7.37.0-70.41.2(x86_64)0:7.37.0-70.44.1(x86_64)0:7.37.0-70.47.1(x86_64)0:7.37.0-70.52.2(x86_64)0:7.37.0-70.57.1(x86_64)0:7.37.0-70.60.1(x86_64)0:7.37.0-70.63.1(x86_64)0:7.37.0-70.66.1(x86_64)0:7.37.0-70.71.1(x86_64)0:7.37.0-70.74.1(x86_64)0:1.12.12-144.23.5.1(x86_64)0:1.12.12-144.23.5.3.1(x86_64)0:2.3.11-60.65.64.1(x86_64)0:2.3.11-60.65.67.1(x86_64)0:2.3.11-60.65.71.3.5(x86_64)0:2.3.11-60.65.71.6.1(x86_64)0:2.1.22-182.26.4.1(x86_64)0:2.1.22-182.20.3.1(x86_64)0:2.1.22-182.20.6.1(x86_64)0:2.1.22-182.26.7.1(i586|s390x|x86_64)0:1.2.10-3.31.1(s390x|x86_64)0:1.2.10-3.31.1(x86_64)0:1.2.10-3.34.8.1(x86_64)0:0.76-34.22.1(x86_64)0:3.1.3.ESV-0.17.1(x86_64)0:3.1.3.ESV-0.19.1(x86_64)0:3.1.3.ESV-0.22.1(x86_64)0:3.1.3.ESV-0.23.5.1(x86_64)0:3.2.3-44.30.1(x86_64)0:3.2.3-45.5.3(x86_64)0:1.0.22-3.21.2(x86_64)0:3.5.21-3.3.1(x86_64)0:3.5.21-3.6.10(x86_64)0:3.5.21-3.9.1(x86_64)0:3.5.21-3.12.1(x86_64)0:3.5.21-3.15.1(x86_64)0:3.5.21-3.18.1(x86_64)0:2.45-12.27.1(x86_64)0:2.45-12.27.3.1(x86_64)0:1.41.9-2.6.3.1(x86_64)0:2.16-6.21.3(x86_64)0:1.41.9-2.6.4.3.1(x86_64)0:61-1.33.1(x86_64)0:61-1.35.1(x86_64)0:0.2-1001.30.1(x86_64)0:0.2-1001.30.3.4(x86_64)0:0.137-8.24.3(x86_64)0:0.137-8.24.3.1(x86_64)0:22.3-4.36.1(x86_64)0:22.3-42.3.1(x86_64)0:2.28.2-0.7.2(x86_64)0:2.28.2-0.7.3.1(x86_64)0:2.28.2-0.7.8.1(x86_64)0:2.0.2-4.5.1(x86_64)0:2.0.1-88.34.1(x86_64)0:2.0.1-88.38.1(x86_64)0:2.0.1-88.41.1(x86_64)0:2.0.1-88.42.3.2(x86_64)0:2.0.1-88.42.6.1(x86_64)0:2.0.1-88.42.9.1(x86_64)0:2.0.1-88.42.12.1(x86_64)0:2.0.1-88.42.15.1(x86_64)0:2.0.1-88.42.18.1(x86_64)0:2.0.1-88.42.22.1(x86_64)0:1.6.18-0.3.3.1(x86_64)0:0.95-1.24.1(x86_64)0:6.3.8.90-13.20.19.1(x86_64)0:6.3.8.90-13.20.21.1(x86_64)0:6.3.8.90-13.20.22.3.1(x86_64)0:4.24-43.27.1(x86_64)0:2.28.2-0.3.3.16(x86_64)0:10.0-0.3.2(x86_64)0:7-0.6.7.7(x86_64)0:0.6.3-5.6.5(x86_64)0:10.0.4-0.3.3(x86_64)0:3.13.4-0.2.1(x86_64)0:10.0.6-0.4.1(x86_64)0:7-0.6.7.70(x86_64)0:10.0.7-0.3.1(x86_64)0:7-0.6.7.79(x86_64)0:3.13.6-0.5.1(x86_64)0:4.9.2-0.6.1(x86_64)0:10.0.9-0.3.1(x86_64)0:10.0.10-0.3.1(x86_64)0:4.9.3-0.2.1(x86_64)0:10.0.11-0.3.1(x86_64)0:3.14-0.3.1(x86_64)0:10.0.12-0.4.1(x86_64)0:3.14.1-0.3.1(x86_64)0:4.9.4-0.3.1(i586|s390x|x86_64)0:17.0.3esr-0.4.2.1(i586|s390x|x86_64)0:7-0.6.9.1(i586|s390x|x86_64)0:3.14.1-0.3.1(s390x|x86_64)0:3.14.1-0.3.1(i586|s390x|x86_64)0:4.9.5-0.3.1(s390x|x86_64)0:4.9.5-0.3.1(i586|s390x|x86_64)0:3.14.2-0.4.3.1(s390x|x86_64)0:3.14.2-0.4.3.1(x86_64)0:17.0.4esr-0.5.1(x86_64)0:17.0.5esr-0.4.1(x86_64)0:7-0.6.9.17(x86_64)0:3.14.3-0.4.3.1(x86_64)0:4.9.6-0.3.1(i586|s390x|x86_64)0:17.0.6esr-0.4.1(i586|s390x|x86_64)0:7-0.6.9.20(i586|s390x|x86_64)0:3.14.3-0.4.3.1(s390x|x86_64)0:3.14.3-0.4.3.1(i586|s390x|x86_64)0:4.9.6-0.3.1(s390x|x86_64)0:4.9.6-0.3.1(i586|s390x|x86_64)0:17.0.7esr-0.3.1(i586|s390x|x86_64)0:7-0.6.9.31(i586|s390x|x86_64)0:17.0.10esr-0.4.2.1(i586|s390x|x86_64)0:7-0.6.9.60(i586|s390x|x86_64)0:24.3.0esr-0.4.2.1(i586|s390x|x86_64)0:24-0.4.10.3(i586|s390x|x86_64)0:4.7.2_20130108-0.16.1(i586|s390x|x86_64)0:3.15.4-0.4.2.1(s390x|x86_64)0:3.15.4-0.4.2.1(i586|s390x|x86_64)0:4.10.2-0.3.2(s390x|x86_64)0:4.10.2-0.3.2(x86_64)0:24.4.0esr-0.5.5.1(x86_64)0:24-0.4.10.9(x86_64)0:4.10.4-0.3.1(i586|s390x|x86_64)0:24.7.0esr-0.3.1(i586|s390x|x86_64)0:3.16.2-0.3.1(s390x|x86_64)0:3.16.2-0.3.1(i586|s390x|x86_64)0:24.8.0esr-0.3.1(i586|s390x|x86_64)0:3.16.4-0.3.1(s390x|x86_64)0:3.16.4-0.3.1(i586|s390x|x86_64)0:4.10.7-0.3.1(s390x|x86_64)0:4.10.7-0.3.1(i586|s390x|x86_64)0:31.3.0esr-0.3.1(i586|s390x|x86_64)0:31.4.0esr-0.3.1(i586|s390x|x86_64)0:3.17.3-0.3.1(s390x|x86_64)0:3.17.3-0.3.1(i586|s390x|x86_64)0:31.5.3esr-0.3.1(x86_64)0:31.7.0esr-0.3.1(i586|s390x|x86_64)0:38.2.1esr-17.1(x86_64)0:38.3.0esr-20.1(x86_64)0:4.10.9-11.1(x86_64)0:38.4.0esr-25.3(x86_64)0:38-12.19(x86_64)0:3.19.2.1-12.1(x86_64)0:4.10.10-16.1(x86_64)0:38.7.0esr-36.3(x86_64)0:3.20.2-20.1(x86_64)0:4.12-19.1(x86_64)0:52.4.0esr-78.7.2(x86_64)0:3.29.5-38.3.1(x86_64)0:60.9.0esr-78.46.2(x86_64)0:2.54.3-2.11.1(x86_64)0:3.10.9-2.12.2(x86_64)0:68.2.0-78.51.4(x86_64)0:68-21.9.8(x86_64)0:2.26.1-2.8.4(x86_64)0:2.36.11-2.8.4(x86_64)0:2.54.3-2.14.7(x86_64)0:3.10.9-2.15.3(x86_64)0:1.15.10-2.13.4(x86_64)0:5.3.1+r233831-14.1(x86_64)0:3.2.1.git259-2.3.3(x86_64)0:1.7.5-2.7.4(x86_64)0:1.40.14-2.7.4(x86_64)0:3.45-38.9.3(x86_64)0:4.21-29.6.1(x86_64)0:60.7.0esr-78.40.2(x86_64)0:60-21.6.8(x86_64)0:2.10.2-2.6.5(x86_64)0:2.26.1-2.5.5(x86_64)0:0.76-34.2.4.5(x86_64)0:2.36.11-2.5.4(x86_64)0:2.54.3-2.4.3(x86_64)0:3.10.9-2.8.3(x86_64)0:1.15.10-2.8.7(x86_64)0:2.9-2.4.1(x86_64)0:1.7.5-2.4.5(x86_64)0:1.40.14-2.4.5(x86_64)0:0.34.0-2.5.1(x86_64)0:3.41.1-38.6.1(x86_64)0:4.20-29.3.1(i586|s390x|x86_64)0:31.2.0esr-0.11.11.1(i586|s390x|x86_64)0:31.0-0.5.5.1(i586|s390x|x86_64)0:3.17.2-0.3.1(s390x|x86_64)0:3.17.2-0.3.1(i586|s390x|x86_64)0:4.10.7-0.3.3(s390x|x86_64)0:4.10.7-0.3.3(x86_64)0:1.2.1-68.17.1(x86_64)0:1.2.1-68.17.3.1(x86_64)0:3.0.2-269.35.1(x86_64)0:3.0.2-269.39.1(x86_64)0:2.1.1-7.18.1(x86_64)0:2.1.1-7.24.1(x86_64)0:2.1.1-7.25.3.1(x86_64)0:2.1.1-7.25.6.1(x86_64)0:2.3.7-25.32.1(x86_64)0:2.3.7-25.41.4(x86_64)0:2.3.7-25.45.5.1(x86_64)0:2.3.7-25.45.8.1(x86_64)0:2.3.7-25.34.1(x86_64)0:2.3.7-25.35.36.1(x86_64)0:2.7.2-61.25.1(x86_64)0:2.7.2-61.27.3.1(x86_64)0:4.3.4_20091019-7.3.1(x86_64)0:4.3.4_20091019-7.9.1(x86_64)0:4.8.5-5.3.3(x86_64)0:3.1.2-3.3.3(x86_64)0:4.8.5-5.9.1(x86_64)0:2.0.36.RC1-52.20.1(x86_64)0:2.0.36.RC1-52.22.1(x86_64)0:2.0.36.RC1-52.25.1(x86_64)0:2.0.36.RC1-52.29.1(x86_64)0:2.0.36.RC1-52.32.1(x86_64)0:2.0.36.RC1-52.33.5.1(x86_64)0:2.0.36.RC1-52.33.12.1(x86_64)0:2.24.0-24.85.1(x86_64)0:8.62-32.41.1(x86_64)0:4.2.7-32.41.1(x86_64)0:8.62-32.34.1(x86_64)0:4.2.7-32.34.1(x86_64)0:8.62-32.38.1(x86_64)0:4.2.7-32.38.1(x86_64)0:8.62-32.44.1(x86_64)0:4.2.7-32.44.1(x86_64)0:8.62-32.46.1(x86_64)0:4.2.7-32.46.1(x86_64)0:8.62-32.47.7.1(x86_64)0:4.2.7-32.47.7.1(x86_64)0:8.62-32.47.10.1(x86_64)0:4.2.7-32.47.10.1(x86_64)0:8.62-32.47.13.1(x86_64)0:4.2.7-32.47.13.1(x86_64)0:8.62-47.16.1(x86_64)0:4.2.7-47.16.1(x86_64)0:4.1.6-13.1(x86_64)0:4.1.6-21.1(x86_64)0:2.22.5-0.8.36.1(x86_64)0:2.22.5-0.8.39.1(x86_64)0:2.22.5-0.8.44.1(i586|i686|s390x|x86_64)0:2.11.1-0.58.1(s390x|x86_64)0:2.11.1-0.58.1(i586|s390x|x86_64)0:2.11.1-0.58.1(x86_64)0:3.0.3-0.4.1(x86_64)0:11-1.18.1(x86_64)0:3.2.8-0.4.1(x86_64)0:2.11.1-0.68.1(x86_64)0:2.11.1-0.72.1(x86_64)0:2.11.1-0.79.1(x86_64)0:2.11.1-0.80.3.1(x86_64)0:2.11.1-0.80.6.2(x86_64)0:2.11.1-0.80.9.2(x86_64)0:2.11.1-0.80.12.846(x86_64)0:2.11.1-0.80.17.2(x86_64)0:2.11.1-0.80.23.2(x86_64)0:2.11.1-0.80.26.1(x86_64)0:4.2.3-12.3.1(x86_64)0:2.28.0-3.11.12.2(x86_64)0:4.2.3-7.3.22(i586|s390x|x86_64)0:2.4.1-24.39.51.1(i586|s390x|x86_64)0:2.4.1-24.39.53.1(s390x|x86_64)0:2.4.1-24.39.51.1(x86_64)0:2.4.1-24.39.57.1(x86_64)0:2.4.1-24.39.60.1(x86_64)0:2.4.1-24.39.67.1(x86_64)0:2.4.1-24.39.70.1(x86_64)0:2.4.1-24.39.76.1(i586|s390x|x86_64)0:2.0.9-25.33.39.1(x86_64)0:2.0.9-25.33.41.2(x86_64)0:2.0.9-25.33.42.3.1(x86_64)0:2.0.9-25.33.42.8.1(x86_64)0:1.1.6-25.32.1(x86_64)0:2.20.2-8.3.4(x86_64)0:2.20.2-8.3.6(x86_64)0:0.10.25-1.3.5.1(x86_64)0:2.18.9-0.20.18.1(x86_64)0:2.18.9-0.20.21.2(x86_64)0:2.18.9-0.20.26.1(x86_64)0:2.18.9-0.20.27.5.2(x86_64)0:2.18.9-0.20.27.8.1(x86_64)0:1.8.5-24.1(x86_64)0:4.3.5-0.2.1(x86_64)0:3.11.10-0.6.11.1(x86_64)0:1.2.7-20.1(x86_64)0:1.5.4-0.7.9.1(x86_64)0:4.0-7.26.1(x86_64)0:4.0-43.1(x86_64)0:4.0-46.1(x86_64)0:4.0-47.3.2(x86_64)0:4.0-47.6.1(x86_64)0:2.4.2-170.21.3.1(x86_64)0:2.4.2-170.21.3.3.1(x86_64)0:2.4.2-170.21.3.6.1(noarch)0:2012.10.4-0.3.1(x86_64)0:0.7.3-1.13.1(x86_64)0:0.7.3-1.38.3.1(x86_64)0:1.4.19-0.9.11.6(x86_64)0:1.4.19_2.6.32.54_0.3-0.9.11.6(noarch)0:3.2.2-88.36.1(noarch)0:1.1.1-1.35.1(noarch)0:1.1.1-1.37.3.1(noarch)0:3.0.1-253.36.1(noarch)0:1.1.1-234.31.1(x86_64)0:1.900.1-134.11.1(x86_64)0:1.900.14-134.25.1(x86_64)0:1.900.14-134.32.1(x86_64)0:1.900.14-134.33.3.1(x86_64)0:1.900.14-134.33.10.1(x86_64)0:1.900.14-134.33.17.1(x86_64)0:1.900.14-134.33.20.1(x86_64)0:1.900.14-134.33.23.1(i586|s390x|x86_64)0:1.4.2_sr13.18-0.4.1(i586)0:1.4.2_sr13.18-0.4.1(i586|s390x|x86_64)0:1.6.0_sr16.2-0.3.1(i586)0:1.6.0_sr16.0-0.3.1(i586|x86_64)0:1.6.0_sr16.2-0.3.1(i586|s390x|x86_64)0:1.6.0_sr16.7-10.1(i586)0:1.6.0_sr16.7-10.1(i586|x86_64)0:1.6.0_sr16.7-10.1(x86_64)0:1.6.0_sr16.20-49.1(x86_64)0:1.6.0_sr16.25-69.1(x86_64)0:1.6.0_sr16.30-75.1(x86_64)0:1.6.0_sr16.35-78.2(x86_64)0:1.6.0_sr16.41-81.1(x86_64)0:1.6.0_sr16.45-84.1(x86_64)0:1.6.0_sr16.50-85.5.1(x86_64)0:1.6.0_sr16.15-46.1(x86_64)0:6b-879.12.1(x86_64)0:6.2.0-879.12.1(x86_64)0:6b-879.12.7.1(x86_64)0:6.2.0-879.12.7.1(x86_64)0:6b-879.12.12.1(x86_64)0:6.2.0-879.12.12.1(x86_64)0:6b-879.12.17.1(x86_64)0:6.2.0-879.12.17.1(x86_64)0:1.14.1-16.31.1(x86_64)0:4.3.5-0.12.18.1(noarch)0:4.3.5-0.11.18.1(x86_64)0:4.3.5-0.4.1(noarch)0:4.3.5-0.3.1(x86_64)0:4.3.5-0.3.1(x86_64)0:4.3.5-0.12.20.1(noarch)0:4.3.5-0.11.20.1(x86_64)0:3.5.10-23.30.5.1(x86_64)0:4.3.5-0.12.1(x86_64)0:2.4.4-255.28.1(x86_64)0:0.7.8-1.33.35.47.1(i586|s390x|x86_64)0:0_2.6.32.54_0.3-0.3.73(i586)0:0_2.6.32.59_0.13-0.3.163(i586|x86_64)0:0_2.6.32.54_0.3-0.3.73(i586|s390x|x86_64)0:0_2.6.32.54_0.3-7.9.40(i586)0:0_2.6.32.59_0.13-7.9.130(i586|x86_64)0:0_2.6.32.54_0.3-7.9.40(i586|x86_64)0:0_2.6.32.54_0.3-0.18.3(i586)0:0_2.6.32.59_0.13-0.18.39(i586|s390x|x86_64)0:2.6.32.54-0.7.TDC.1(s390x)0:2.6.32.59-0.15.2(i586|x86_64)0:2.6.32.54-0.5.1(i586)0:2.6.32.59-0.15.2(i586|x86_64)0:2.6.32.54-0.7.TDC.1(i586|x86_64)0:4.0.3_21548_16_2.6.32.59_0.15-0.5.26(i586)0:4.0.3_21548_16_2.6.32.59_0.15-0.5.26(x86_64)0:2.6.32.54-0.55.TDC.1(x86_64)0:2.6.32.54-0.65.TDC.1(x86_64)0:2.6.32.54-0.9.TDC.1(x86_64)0:2.6.32.54-0.11.TDC.1(x86_64)0:4.0.3_21548_10_2.6.32.54_0.11.TDC-0.7.1(x86_64)0:2.6.32.54-0.13.TDC.1(x86_64)0:4.0.3_21548_12_2.6.32.54_0.13.TDC-0.3.3(x86_64)0:2.6.32.54-0.21.TDC.1(x86_64)0:4.0.3_21548_12_2.6.32.54_0.21.TDC-0.3.11(x86_64)0:2.6.32.54-0.23.TDC.1(x86_64)0:4.0.3_21548_12_2.6.32.54_0.23.TDC-0.3.13(x86_64)0:2.6.32.54-0.25.TDC.1(x86_64)0:4.0.3_21548_12_2.6.32.54_0.25.TDC-0.5.5(x86_64)0:2.6.32.54-0.29.TDC.1(x86_64)0:4.0.3_21548_12_2.6.32.54_0.29.TDC-0.5.11(x86_64)0:2.6.32.54-0.31.TDC.1(x86_64)0:2.6.32.54-0.33.TDC.1(x86_64)0:2.6.32.54-0.35.TDC.1(x86_64)0:2.6.32.54-0.37.TDC.1(x86_64)0:2.6.32.54-0.39.TDC.1(x86_64)0:2.6.32.54-0.41.TDC.1(x86_64)0:2.6.32.54-0.43.TDC.1(x86_64)0:2.6.32.54-0.45.TDC.1(x86_64)0:2.6.32.54-0.47.TDC.1(x86_64)0:2.6.32.54-0.49.TDC.1(x86_64)0:2.6.32.54-0.53.TDC.1(x86_64)0:2.6.32.54-0.59.TDC.1(x86_64)0:2.6.32.54-0.68.TDC.1(x86_64)0:2.6.32.54-0.73.TDC.1(x86_64)0:2.6.32.54-0.76.TDC.1(x86_64)0:2.6.32.54-0.79.TDC.1(x86_64)0:2.6.32.54-0.82.TDC.1(x86_64)0:2.6.32.54-0.85.TDC.1(x86_64)0:2.6.32.54-0.88.TDC.1(x86_64)0:2.6.32.54-0.94.TDC.1(x86_64)0:2.6.32.54-0.100.TDC.1(x86_64)0:2.6.32.54-0.103.TDC.1(x86_64)0:2.6.32.54-0.106.TDC.1(x86_64)0:2.6.32.54-0.109.TDC.1(x86_64)0:2.6.32.54-0.112.TDC.1(x86_64)0:2.6.32.54-0.116.TDC.1(x86_64)0:2.6.32.54-0.119.TDC.1(x86_64)0:2.6.32.54-0.122.TDC.1(x86_64)0:2.6.32.54-0.130.TDC.1(x86_64)0:4.0.3_21548_18-53.16.2(x86_64)0:4.0.3_21548_18_2.6.32.54_0.130.TDC-53.16.2(x86_64)0:2.6.32.54-0.133.TDC.1(x86_64)0:2.6.32.54-0.136.TDC.1(x86_64)0:2.6.32.54-0.139.TDC.1(x86_64)0:2.6.32.54-0.145.TDC.1(x86_64)0:2.6.32.24-0.2.2(x86_64)0:2.6.32.54-0.91.TDC.1(x86_64)0:2.6.32.54-0.97.TDC.1(x86_64)0:2.6.32.54-0.155.TDC.1(x86_64)0:2.6.32.54-0.158.TDC.1(x86_64)0:2.6.32.54-0.161.TDC.1(x86_64)0:2.6.32.54-0.164.TDC.1(x86_64)0:2.6.32.54-0.169.TDC.1(x86_64)0:2.6.32.54-0.172.TDC.1(x86_64)0:2.6.32.54-0.175.TDC.1(x86_64)0:2.6.32.54-0.178.TDC.1(x86_64)0:2.6.32.54-0.181.TDC.1(x86_64)0:2.6.32.54-0.142.TDC.1(x86_64)0:1.6.3-133.49.62.1(noarch)0:1.6.3-133.49.62.1(x86_64)0:1.6.3-133.49.97.1(noarch)0:1.6.3-133.49.97.3(x86_64)0:1.6.3-133.49.97.3(x86_64)0:1.6.3-133.49.103.1(x86_64)0:1.6.3-133.49.106.1(x86_64)0:1.6.3-133.49.109.1(x86_64)0:1.8.6-133.49.121.2(noarch)0:1.8.6-133.49.121.7(x86_64)0:1.8.6-133.49.125.11.1(noarch)0:1.8.6-133.49.125.11.3(x86_64)0:1.8.6-133.49.125.16.1(noarch)0:1.8.6-133.49.125.16.4(x86_64)0:1.8.6-133.49.125.19.2(noarch)0:1.8.6-133.49.125.19.2(x86_64)0:1.6.3-133.49.64.1(noarch)0:1.6.3-133.49.64.1(x86_64)0:1.6.3-133.49.66.1(noarch)0:1.6.3-133.49.66.1(x86_64)0:1.6.3-133.49.68.1(noarch)0:1.6.3-133.49.68.2(i586|x86_64)0:0.12.5-1.24.1(i586|x86_64)0:0.12.5-1.30.2(x86_64)0:0.12.5-1.31.3.1(x86_64)0:0.12.5-1.31.6.1(x86_64)0:1.17-77.16.1(x86_64)0:424b-10.24.3.5(x86_64)0:1.14.0.894-3.1(x86_64)0:1.23-4.1.1(x86_64)0:4.6.3-5.20.27.2(x86_64)0:1.3.4-12.22.21.2(x86_64)0:1.3.3-11.18.17.1(x86_64)0:1.3.4-12.22.23.3.2(x86_64)0:1.3.3-11.18.19.13.2(x86_64)0:2.16-6.17.1(x86_64)0:0.99.beta13b-49.3.1(x86_64)0:0.99.beta13b-49.7.1(x86_64)0:2.11-2.17.1(x86_64)0:1.7.4-7.4.3.1(x86_64)0:0.80-8.3.5(x86_64)0:0.37.1-5.14.3(x86_64)0:0.37.1-5.19.3.1(x86_64)0:0.6.1-122.3.1(x86_64)0:0.6.1-122.9.1(x86_64)0:4.5.20-97.5(i586|s390x|x86_64)0:9.1.12-0.3.1(s390x|x86_64)0:9.1.12-0.3.1(x86_64)0:1.0.4-157.18.3.1(x86_64)0:1.4.5-24.24.1(x86_64)0:1.4.5-24.24.3.1(x86_64)0:0.6.17-2.14.1(x86_64)0:0.6.17-2.14.3.1(x86_64)0:0.6.17-2.14.7.2(i586|s390x|x86_64)0:3.16.5-0.4.2.1(s390x|x86_64)0:3.16.5-0.4.2.1(x86_64)0:4.8.6-1.2.1(i586|s390x|x86_64)0:1.4.1-6.10.1(s390x|x86_64)0:1.4.1-6.10.1(x86_64)0:1.4.1-6.14.1(x86_64)0:1.4.1-6.17.1(x86_64)0:1.4.1-6.20.1(x86_64)0:1.4.1-6.24.1(x86_64)0:1.4.1-6.27.1(x86_64)0:1.4.1-6.12.1(x86_64)0:2.0-11.20.1(x86_64)0:1.0.0-307.10.1(x86_64)0:0.1-20.2.1(x86_64)0:0.43-1.2.5.3(x86_64)0:1.10-6.1(x86_64)0:1.10-7.3.1(x86_64)0:1.900.1-134.13.1(x86_64)0:1.0.4-1.18.1(x86_64)0:1.0.4-1.25.1(x86_64)0:1.0.4-1.20.1(x86_64)0:2.4.20-0.5.1(x86_64)0:1.7.0-1.3.3.1(x86_64)0:1.7.0-1.3.6.1(x86_64)0:1.7.0-1.3.13.1(x86_64)0:1.7.0-1.3.16.1(x86_64)0:1.7.0-1.3.19.1(x86_64)0:1.7.0-1.3.19.4(i586|s390x|x86_64)0:2.03-12.3.1(s390x|x86_64)0:2.03-12.3.1(x86_64)0:2.3.2-3.118.1(x86_64)0:0.0.20060920alpha-74.5.1(x86_64)0:0.0.20060920alpha-74.10.1(x86_64)0:0.0.20060920alpha-74.11.6.1(x86_64)0:0.0.20060920alpha-74.11.9.3(i586|s390x|x86_64)0:5.0.96-0.6.1(s390x|x86_64)0:5.0.96-0.6.1(x86_64)0:1.1-49.22.6.3.6(x86_64)0:0.11.6-5.27.1(i586|s390x|x86_64)0:0.9.8j-0.66.1(s390x|x86_64)0:0.9.8j-0.66.1(x86_64)0:3.2.0-10.3.1(x86_64)0:3.2.0-10.5.1(x86_64)0:7.4-8.26.3.1(x86_64)0:0.16.0-1.4.1(x86_64)0:1.2.31-5.33.1(x86_64)0:1.2.31-5.13.1(x86_64)0:1.2.31-5.35.1(x86_64)0:1.2.31-5.38.1(x86_64)0:1.2.31-5.43.1(x86_64)0:1.2.31-5.44.3.4(x86_64)0:0.12.3-1.10.1(x86_64)0:0.3.1-2.6.1(x86_64)0:0.3.1-2.6.3(x86_64)0:0.9.21-1.16.2(x86_64)0:2.6.8-0.15.1(x86_64)0:4.6.3-5.20.27.3.1(x86_64)0:1.4.18-28.23.2(x86_64)0:0.29.6-6.5.1(x86_64)0:2.26.0-2.3.1(x86_64)0:2.26.0-2.5.1(x86_64)0:0.6.1-122.6.1(x86_64)0:2.26.0-2.6.8.3(x86_64)0:0.1.4-3.1(x86_64)0:1.0.20-2.4.1(x86_64)0:1.0.20-2.10.2(x86_64)0:1.0.20-2.13.1(x86_64)0:1.0.20-2.18.1(x86_64)0:1.0.20-2.19.7.3(x86_64)0:1.0.20-2.19.12.1(x86_64)0:1.0.20-2.19.15.1(x86_64)0:1.0.20-2.19.18.1(x86_64)0:5.4.2.1-8.12.22.1(x86_64)0:2.28.2-0.3.1(x86_64)0:2.28.2-0.3.3.39(x86_64)0:1.2.9-4.2.2.1(x86_64)0:1.2.9-4.2.6.1(x86_64)0:1.2.9-4.2.12.5.1(x86_64)0:1.2.9-4.2.12.8.1(x86_64)0:1.2.9-4.2.12.11.1(x86_64)0:1.2.9-4.2.12.18.1(x86_64)0:1.5-1.28.1(x86_64)0:1.5-1.35.5.1(x86_64)0:1.3.3-12.2.1(noarch)0:6.0.41-0.43.1(x86_64)0:1.3.3-12.4.1(x86_64)0:1.3.4-12.5.5.2(x86_64)0:3.8.2-141.154.1(x86_64)0:0.2.1-1.12.3(x86_64)0:0.1.6+git20080930-8.2(x86_64)0:0.2.1-1.13.3.3(x86_64)0:0.2.1-1.13.6.1(x86_64)0:0.98.6-28.3.1(x86_64)0:2.6.2-0.2.4.1(x86_64)0:0.7.6-1.31.7(x86_64)0:0.9.1-156.1(x86_64)0:1.2.0-79.20.1(x86_64)0:1.2.0-79.20.3.1(x86_64)0:1.2.0-79.20.6.1(x86_64)0:1.2.0-79.20.11.1(x86_64)0:1.2.0-79.20.14.1(x86_64)0:2.2.3-0.8.1(x86_64)0:3.0.3-0.6.1(i586|s390x|x86_64)0:2.7.6-0.31.1(s390x|x86_64)0:2.7.6-0.31.1(x86_64)0:2.7.6-0.40.1(x86_64)0:2.7.6-0.40.3(x86_64)0:2.7.6-0.44.1(x86_64)0:2.7.6-0.44.4(x86_64)0:2.7.6-0.47.1(x86_64)0:2.7.6-0.47.3(x86_64)0:2.7.6-0.50.1(x86_64)0:2.7.6-0.50.4(x86_64)0:2.7.6-0.64.1(x86_64)0:2.7.6-0.64.4(x86_64)0:2.7.6-0.69.1(x86_64)0:2.7.6-0.69.3(x86_64)0:2.7.6-0.76.1(x86_64)0:2.7.6-0.76.4(x86_64)0:2.7.6-0.77.3.2(x86_64)0:2.7.6-0.77.3.5(x86_64)0:2.7.6-0.77.10.1(x86_64)0:2.7.6-0.77.15.1(x86_64)0:2.7.6-0.77.18.1(x86_64)0:2.7.6-0.77.27.2(x86_64)0:2.7.6-0.77.27.3(x86_64)0:2.7.6-0.77.30.1(x86_64)0:2.7.6-0.77.33.1(x86_64)0:2.7.6-0.77.36.1(x86_64)0:2.7.6-0.77.39.1(x86_64)0:2.7.6-0.77.43.1(x86_64)0:2.7.6-0.34.1(x86_64)0:2.7.6-0.34.4(x86_64)0:2.7.6-0.37.1(x86_64)0:2.7.6-0.37.4(x86_64)0:1.1.24-19.23.1(x86_64)0:1.1.24-19.33.1(x86_64)0:1.1.24-19.34.3.1(x86_64)0:1.1.24-19.34.8.3(x86_64)0:0.9-1.24.1(x86_64)0:6.39.0-0.3.1(noarch)0:1.2.15-26.32.14.1(noarch)0:1.2.15-26.32.17.1(noarch)0:1.2.15-26.32.20.1(x86_64)0:3.7.7-10.26.1(noarch)0:7.3.6-65.72.1(x86_64)0:2.02.39-18.31.2(x86_64)0:2.1.14-9.6.1(x86_64)0:2.1.15-9.6.3.1(x86_64)0:2.1.15-9.6.6.1(x86_64)0:2.1.15-9.6.12.1(x86_64)0:2.1.15-9.6.15.1(x86_64)0:2.1.15-9.6.20.1(x86_64)0:2.1.15-9.6.23.1(x86_64)0:2.1.15-9.6.26.1(x86_64)0:12.5-1.3.1(noarch)0:3.15-2.20.16.1(x86_64)0:45.5.1esr-63.1(x86_64)0:3.21.3-30.1(x86_64)0:1.1.36-28.3.1(x86_64)0:1.1.36-28.6.7(x86_64)0:1.17-102.57.64.3.1(x86_64)0:1.17-102.57.64.6.1(x86_64)0:1.17-102.57.64.12.1(x86_64)0:1.17-102.57.64.15.1(x86_64)0:1.17-102.57.64.18.1(x86_64)0:1.17-102.57.64.21.1(x86_64)0:2.3-27.24.6.2(x86_64)0:2.0.2-2.15.1(x86_64)0:2.0.1-1.38.1(x86_64)0:38.6.1esr-33.1(x86_64)0:38-15.58(x86_64)0:3.20.2-17.5(i586|s390x|x86_64)0:38.2.0esr-10.1(i586|s390x|x86_64)0:31.0-0.5.7.11(i586|s390x|x86_64)0:4.7.2_20130108-0.37.2(i586|s390x|x86_64)0:3.19.2.0-0.7.1(s390x|x86_64)0:3.19.2.0-0.7.1(i586|s390x|x86_64)0:4.10.8-0.8.1(s390x|x86_64)0:4.10.8-0.8.1(x86_64)0:3.68.1-38.40.1(i586|s390x|x86_64)0:3.15.2-0.3.1(s390x|x86_64)0:3.15.2-0.3.1(i586|s390x|x86_64)0:4.10.1-0.3.1(s390x|x86_64)0:4.10.1-0.3.1(x86_64)0:3.53.1-38.23.1(x86_64)0:4.25-29.12.2(x86_64)0:3.68-38.37.1(x86_64)0:4.32-29.15.1(x86_64)0:1.9.1.19-0.2.1(x86_64)0:1.9.2.27-0.2.1(x86_64)0:1.5.17-42.37.1(x86_64)0:1.5.17-42.43.1(x86_64)0:1.5.17-42.51.1(x86_64)0:1.5.17-42.56.1(x86_64)0:1.5.17-42.62.1(x86_64)0:1.5.17-42.65.1(x86_64)0:5.0.96-0.8.10.3(x86_64)0:3.0.6-1.25.36.1(x86_64)0:3.0.6-1.25.36.3.1(x86_64)0:2.12-24.4.10.1(x86_64)0:2.12-24.4.10.3.3(x86_64)0:2.28.4-1.16.21.3.1(x86_64)0:5.6-92.1(x86_64)0:5.6-93.6.1(x86_64)0:5.6-93.12.1(x86_64)0:5.6-93.15.1(x86_64)0:5.6-93.20.1(x86_64)0:5.6-93.23.1(x86_64)0:5.6-93.26.1(x86_64)0:5.4.2.1-8.12.24.1(x86_64)0:10.26.44-101.14.1(x86_64)0:10.26.44-101.15.5.2(x86_64)0:1.2.1-2.26.1(x86_64)0:1.2.1-2.24.1(x86_64)0:4.75-1.30.5.2(i586|s390x|x86_64)0:3.15.3-0.3.1(s390x|x86_64)0:3.15.3-0.3.1(i586|s390x|x86_64)0:4.10.2-0.3.1(s390x|x86_64)0:4.10.2-0.3.1(x86_64)0:3.15.3.1-0.4.2.1(x86_64)0:3.12.11-3.2.2.1(x86_64)0:4.8.9-1.2.2.1(i586|s390x|x86_64)0:4.2.4p8-1.24.1(x86_64)0:4.2.8p6-41.1(noarch)0:2.17.14.1-1.12.1(x86_64)0:4.2.8p7-44.1(x86_64)0:1.5-1.34.1(x86_64)0:4.2.8p8-47.3(x86_64)0:4.2.8p9-48.9.1(x86_64)0:4.2.8p10-48.15.1(x86_64)0:4.2.8p11-48.18.1(x86_64)0:4.2.8p12-48.21.1(x86_64)0:4.2.8p13-48.27.1(x86_64)0:4.2.8p15-48.30.1(x86_64)0:1.5.2-0.9.13.1(x86_64)0:1.5.2_2.6.32.46_0.3-0.9.13.1(x86_64)0:2.3.37-2.17.31.5.1(x86_64)0:2.4.26-0.17.31.5.1(x86_64)0:2.3.37-2.17.31.9.1(x86_64)0:2.4.26-0.17.31.9.1(x86_64)0:2.3.37-2.17.31.12.1(x86_64)0:2.4.26-0.17.31.12.1(x86_64)0:2.3.37-2.17.31.15.1(x86_64)0:2.4.26-0.17.31.15.1(x86_64)0:2.3.37-2.17.31.18.1(x86_64)0:2.4.26-0.17.31.18.1(x86_64)0:2.3.37-2.17.18.1(x86_64)0:2.4.26-0.17.18.1(x86_64)0:2.3.37-2.17.23.1(x86_64)0:2.4.26-0.17.23.1(x86_64)0:0.11.6-5.27.3.1(x86_64)0:0.11.6-5.27.6.10(x86_64)0:0.11.6-5.27.9.1(x86_64)0:0.11.6-5.27.14.1(x86_64)0:1.2.0-172.22.1(x86_64)0:1.2.0-172.27.3.1(x86_64)0:5.1p1-41.57.1(x86_64)0:5.1p1-41.51.1(x86_64)0:5.1p1-41.69.1(x86_64)0:5.1p1-41.69.4(x86_64)0:5.1p1-41.74.1(x86_64)0:5.1p1-41.74.3(x86_64)0:5.1p1-41.79.2(x86_64)0:5.1p1-41.79.6(x86_64)0:5.1p1-41.80.3.3(x86_64)0:1.2.4.1-3.3.3(x86_64)0:6.6p1-3.3.2(x86_64)0:6.6p1-80.10.1(x86_64)0:6.6p1-80.15.1(x86_64)0:5.1p1-41.61.1(x86_64)0:6.6p1-3.8.1(i586|s390x|x86_64)0:0.9.8j-0.74.1(s390x|x86_64)0:0.9.8j-0.74.1(x86_64)0:0.9.8j-0.80.1(x86_64)0:0.9.8j-0.89.1(x86_64)0:0.9.8j-0.97.1(x86_64)0:0.9.8j-0.102.2(x86_64)0:0.9.8j-0.105.1(x86_64)0:0.9.8j-0.106.9.1(x86_64)0:0.9.8j-0.106.12.1(x86_64)0:0.9.8j-0.106.15.1(x86_64)0:0.9.8j-0.106.18.1(x86_64)0:0.9.8j-0.106.21.1(x86_64)0:0.9.8j-0.106.25.1(x86_64)0:0.9.8j-0.106.28.1(x86_64)0:0.9.8j-0.106.31.1(x86_64)0:0.9.8j-0.106.34.1(x86_64)0:0.9.8j-0.106.37.1(x86_64)0:0.9.8j-0.106.40.1(x86_64)0:0.9.8j-0.106.43.1(x86_64)0:0.9.8j-0.106.46.1(noarch)0:1.97-0.3.1(x86_64)0:1.0.1g-0.47.1(x86_64)0:1.0.1g-0.52.1(x86_64)0:1.0.1g-0.57.1(x86_64)0:1.0.1g-0.58.3.1(x86_64)0:1.0.1g-0.58.9.1(x86_64)0:1.0.1g-0.58.12.1(x86_64)0:1.0.1g-0.58.15.1(x86_64)0:1.0.1g-0.58.18.1(x86_64)0:1.0.1g-0.58.21.1(x86_64)0:1.0.1g-0.58.24.1(x86_64)0:1.0.1g-0.58.27.2(x86_64)0:1.0.1g-0.58.30.1(x86_64)0:1.0.1g-0.58.33.1(x86_64)0:1.0.1g-0.58.36.2(x86_64)0:1.0.1g-0.58.39.1(x86_64)0:1.0.1g-0.58.42.1(x86_64)0:2.6.16-1.44.1(x86_64)0:2.0.9-143.33.3.1(x86_64)0:2.0.9-143.35.5.1(x86_64)0:2.0.9-143.35.8.1(x86_64)0:2.0.9-143.35.9.3.1(x86_64)0:2.0.9-143.35.9.6.1(x86_64)0:2.2.3-0.16.8.1(x86_64)0:2.4-662.18.1(x86_64)0:2011.6.28-0.3.1(x86_64)0:2.28.3-0.5.10(x86_64)0:1.0.4-0.9.1(x86_64)0:1.0.4-0.9.3.1(x86_64)0:11-1.22.4.1(x86_64)0:0.6.0-141.3.1(x86_64)0:1.26.2-1.3.1(x86_64)0:2.5.9-252.22.7.1(x86_64)0:1.3.8-3.15.1(x86_64)0:1.4.102-1.37.3(x86_64)0:1.4.102-1.31.2(x86_64)0:2.6.32.46-2.5.3.1(x86_64)0:5.10.0-64.61.63.1(x86_64)0:5.10.0-64.61.63.3.1(x86_64)0:1.24-4.3.1(x86_64)0:2.33-2.8(x86_64)0:0.22-3.3.1(x86_64)0:4.008-6.1(x86_64)0:4.008-9.1(x86_64)0:4.008-10.5.1(x86_64)0:1.607-3.3.1(x86_64)0:1.607-3.6.1(x86_64)0:0.2019-32.3.1(x86_64)0:1.66-3.3.1(x86_64)0:5.816-2.19.1(x86_64)0:5.2.14-0.7.30.72.1(x86_64)0:5.2.14-0.7.30.79.1(x86_64)0:5.2.14-0.7.30.84.1(x86_64)0:5.2.14-0.7.30.89.1(x86_64)0:5.2.14-0.7.30.94.1(x86_64)0:5.2.14-0.7.30.97.1(x86_64)0:5.2.14-0.7.30.100.1(x86_64)0:5.2.14-0.7.30.103.1(x86_64)0:5.2.14-0.7.30.110.1(x86_64)0:5.2.14-0.7.30.111.5.1(x86_64)0:5.2.14-0.7.30.111.8.2(x86_64)0:5.2.14-0.7.30.111.11.1(x86_64)0:5.2.14-0.7.30.111.16.1(x86_64)0:5.2.14-0.7.30.111.20.1(x86_64)0:5.2.14-0.7.30.111.23.1(x86_64)0:5.2.14-0.7.30.111.26.1(x86_64)0:5.2.14-0.7.30.111.35.1(x86_64)0:5.2.14-0.7.30.111.38.1(x86_64)0:5.2.14-0.7.30.111.41.1(x86_64)0:5.2.14-111.46.1(x86_64)0:5.2.14-111.51.2(x86_64)0:5.2.14-111.54.1(x86_64)0:5.2.14-111.59.1(x86_64)0:5.2.14-111.62.1(x86_64)0:5.2.14-111.69.1(x86_64)0:5.2.14-111.72.1(x86_64)0:5.2.14-111.77.1(x86_64)0:5.2.14-111.80.1(x86_64)0:0.16.0-2.7.3.1(x86_64)0:2.0.79-4.8.1(x86_64)0:2.0.79-4.9.3.3(x86_64)0:0.12.3-1.12.1(x86_64)0:0.12.3-1.13.3.2(x86_64)0:1.7-37.29.33.1(x86_64)0:4.4.2.3-37.29.33.1(x86_64)0:4.4.2.3-37.29.35.1(x86_64)0:2.5.6-5.10.1(x86_64)0:9.4.5-0.8.3(x86_64)0:8.3.23-0.4.1(noarch)0:9.1-0.6.10.1(x86_64)0:8.3.18-0.3.1(noarch)0:9.4-0.5.3.1(x86_64)0:10.6-0.2.5.1(noarch)0:10-0.8.3.1(x86_64)0:10.8-0.2.8.1(x86_64)0:10.9-0.2.11.1(x86_64)0:10.10-0.2.14.1(x86_64)0:10.12-0.2.18.2(x86_64)0:10.14-0.2.21.1(x86_64)0:10.15-0.2.24.1(x86_64)0:10.17-0.2.30.2(x86_64)0:10.19-0.2.36.1(x86_64)0:9.1.15-0.3.1(x86_64)0:9.1.18-0.3.1(x86_64)0:9.1.19-0.5.1(x86_64)0:9.4.6-0.14.3(x86_64)0:9.4.9-0.19.1(x86_64)0:9.4.12-0.22.3(x86_64)0:9.4.13-0.23.5.1(x86_64)0:9.4.15-0.23.10.1(x86_64)0:9.4.16-0.23.13.2(x86_64)0:9.4.17-0.23.16.1(x86_64)0:9.4.19-0.23.19.1(x86_64)0:9.4.24-0.23.22.1(x86_64)0:2.4.5.git-2.29.1(x86_64)0:2.4.5.git-2.31.7(x86_64)0:2.4.5.git-2.32.3.1(x86_64)0:3.22-240.8.1(x86_64)0:3.22-240.8.3.1(x86_64)0:2.6.18-0.16.1(x86_64)0:3.2.8-0.2.35(x86_64)0:2.7.26-0.5.3.1(x86_64)0:2.7.26-0.5.6.1(x86_64)0:1.0.22-3.15.1(x86_64)0:2.6.9-39.1(noarch)0:2.6-8.39.1(x86_64)0:2.6.9-40.3.1(noarch)0:2.6-8.40.3.1(x86_64)0:2.6.9-40.6.2(noarch)0:2.6-8.40.6.2(x86_64)0:2.6.9-40.15.1(noarch)0:2.6-8.40.15.1(x86_64)0:2.6.9-40.21.1(x86_64)0:2.6.9-40.21.2(noarch)0:2.6-8.40.21.1(x86_64)0:2.6.9-40.24.1(noarch)0:2.6-8.40.24.1(x86_64)0:2.6.9-40.29.1(noarch)0:2.6-8.40.29.1(x86_64)0:2.6.9-40.32.1(x86_64)0:2.6.9-40.32.2(noarch)0:2.6-8.40.32.1(x86_64)0:2.6.9-40.35.1(x86_64)0:2.6.9-40.35.2(noarch)0:2.6-8.40.35.1(x86_64)0:2.6.9-40.40.1(noarch)0:2.6-8.40.40.1(x86_64)0:2.6.9-40.43.1(noarch)0:2.6-8.40.43.1(x86_64)0:2.6.9-40.48.1(noarch)0:2.6-8.40.48.1(x86_64)0:2.6.9-40.53.1(x86_64)0:2.6.9-40.53.2(noarch)0:2.6-8.40.53.1(x86_64)0:2.6.9-40.58.1(noarch)0:2.6-8.40.58.1(x86_64)0:2.6.8-0.23.1(x86_64)0:2.6.9-0.33.1(noarch)0:2.6-8.33.1(x86_64)0:2.6.9-0.25.1(noarch)0:2.6-8.25.1(x86_64)0:2.6.9-0.27.1(noarch)0:2.6-8.27.1(i586|s390x|x86_64)0:2.6.9-0.31.1(s390x|x86_64)0:2.6.9-0.31.1(noarch)0:2.6-8.31.1(x86_64)0:1.1.6-168.34.1(x86_64)0:2.1.2-1.24.1(x86_64)0:1.3.0-1.3.3.1(x86_64)0:0.5.0-3.20.1(x86_64)0:0.7-6.22.1(x86_64)0:2.6.8-0.13.1(noarch)0:2.6-8.13.2(x86_64)0:2.7.9-6.6.1(x86_64)0:2.7.9-6.6.3(noarch)0:2.7.9-6.6.1(x86_64)0:2.7.9-6.9.2(noarch)0:2.7.9-6.9.2(x86_64)0:2.7.9-6.14.1(x86_64)0:2.7.9-6.14.2(noarch)0:2.7.9-6.14.1(x86_64)0:2.7.9-6.17.1(x86_64)0:2.7.9-6.17.3(noarch)0:2.7.9-6.17.1(x86_64)0:2.7.9-6.20.1(noarch)0:2.7.9-6.20.1(x86_64)0:2.7.16-6.34.1(noarch)0:2.7.16-6.34.1(x86_64)0:2.7.17-6.44.1(noarch)0:20190408.32abece-2.5.1(noarch)0:2.7.17-6.44.1(x86_64)0:2.7.17-6.55.1(noarch)0:2.7.17-6.55.1(x86_64)0:2.7.17-6.58.1(noarch)0:2.7.17-6.58.1(x86_64)0:2.7.17-6.63.1(noarch)0:2.7.17-6.63.1(x86_64)0:2.7.18-6.66.1(noarch)0:2.7.18-6.66.1(x86_64)0:2.7.18-6.71.1(noarch)0:2.7.18-6.71.1(x86_64)0:2.7.18-6.74.1(noarch)0:2.7.18-6.74.1(x86_64)0:2.7.18-6.77.1(noarch)0:2.7.18-6.77.1(x86_64)0:2.7.16-6.29.2(noarch)0:2.7.16-6.29.2(noarch)0:18.0.1-4.2.9(i586|s390x|x86_64)0:0.99.15-0.14.1(x86_64)0:0.99.15-0.16.1(x86_64)0:0.99.15-0.21.1(x86_64)0:0.99.15-0.24.2(x86_64)0:0.99.15-0.29.1(x86_64)0:0.99.15-0.30.3.1(x86_64)0:3.16-50.36.36.1(x86_64)0:1.1-1.24.4.1(x86_64)0:8.14.3-50.24.1(x86_64)0:3.0.4-2.40.1(x86_64)0:3.0.4-2.42.1(x86_64)0:3.0.4-2.47.1(x86_64)0:3.0.4-2.48.4.1(x86_64)0:3.0.4-2.48.8.1(x86_64)0:3.18.3-7.26.1(i586|s390x|x86_64)0:1.8.7.p357-0.9.15.1(x86_64)0:1.8.7.p357-0.9.19.1(x86_64)0:1.8.7.p357-0.7.1(i586|x86_64)0:0.12.21~rc-936.3.1(x86_64)0:3.4.3-1.34.1(x86_64)0:1.34b-11.28.34.1(noarch)0:3.4.3-1.34.1(x86_64)0:3.4.3-56.2(x86_64)0:1.34b-56.2(x86_64)0:3.4.3-59.1(x86_64)0:1.34b-59.1(x86_64)0:3.4.3-63.1(x86_64)0:1.34b-63.1(x86_64)0:3.4.3-66.2(x86_64)0:1.34b-66.2(x86_64)0:3.4.3-69.1(x86_64)0:1.34b-69.1(x86_64)0:3.4.3-70.3.1(x86_64)0:1.34b-70.3.1(x86_64)0:3.4.3-70.6.1(x86_64)0:1.34b-70.6.1(x86_64)0:3.4.3-70.9.1(x86_64)0:1.34b-70.9.1(x86_64)0:3.4.3-70.12.2(x86_64)0:1.34b-70.12.2(x86_64)0:3.4.3-70.15.1(x86_64)0:1.34b-70.15.1(x86_64)0:3.4.3-70.18.1(x86_64)0:1.34b-70.18.1(x86_64)0:3.4.3-70.21.1(x86_64)0:1.34b-70.21.1(x86_64)0:1.0.20-7.8.1(x86_64)0:1.3.7-0.19.1(x86_64)0:1.3.7-0.21.4(x86_64)0:4.0.2-162.19.2.3.1(x86_64)0:1.7.0.0-1.16.1(x86_64)0:1.7.0.0-1.18.2(x86_64)0:7.19.7-1.18.1(x86_64)0:6.37.5-0.5.6(x86_64)0:0.14.19-0.3.8(x86_64)0:2.17.78.3-0.3.11(x86_64)0:2.17.45.5-0.3.1(noarch)0:2.17.17.8-0.3.1(x86_64)0:1.3.16-0.3.7(x86_64)0:1.1.99.91-16.3.1(x86_64)0:3.6.4-4.3.2(x86_64)0:3.6.4-4.8.1(x86_64)0:2.7.STABLE5-2.12.16.1(x86_64)0:2.7.STABLE5-2.12.24.2(x86_64)0:2.7.STABLE5-2.12.29.1(x86_64)0:2.7.STABLE5-2.12.30.3.2(x86_64)0:2.7.STABLE5-2.12.30.6.1(x86_64)0:3.1.12-8.16.20.1(x86_64)0:3.1.23-8.16.30.1(x86_64)0:3.1.23-8.16.36.1(x86_64)0:3.1.23-8.16.37.3.1(x86_64)0:3.1.23-8.16.37.6.1(x86_64)0:3.1.23-8.16.37.9.1(x86_64)0:3.1.23-8.16.37.12.1(x86_64)0:3.1.23-8.16.37.15.1(x86_64)0:3.1.23-8.16.37.18.1(x86_64)0:1.4-13.10.1(i586|s390x|x86_64)0:4.4.0-6.25.1(x86_64)0:4.4.0-6.32.1(x86_64)0:4.4.0-6.35.1(x86_64)0:4.4.0-6.36.3.1(x86_64)0:4.4.0-6.36.6.1(x86_64)0:4.4.0-6.36.9.1(x86_64)0:4.4.0-6.36.12.1(x86_64)0:4.36-0.12.1(i586|s390x|x86_64)0:1.7.6p2-0.2.14.1(x86_64)0:1.7.6p2-0.2.20.1(x86_64)0:1.7.6p2-0.2.21.6.1(noarch)0:1.20-0.28.61.1(x86_64)0:0.71.31-0.9.8(x86_64)0:2.0.9-27.34.40.5.1(x86_64)0:1.0.8-9.18.1(x86_64)0:1.0.8-9.18.3.1(x86_64)0:5.1.1-100.21.1(x86_64)0:1.5-19.23.4(x86_64)0:1.26-1.2.10.1(x86_64)0:1.27.1-14.8.1(x86_64)0:1.27.1-14.14.1(x86_64)0:3.9.8-1.27.1(x86_64)0:3.9.8-1.29.1(x86_64)0:3.9.8-1.30.5.1(x86_64)0:3.9.8-1.30.8.1(x86_64)0:3.9.8-1.30.13.1(x86_64)0:3.9.8-1.30.16.1(x86_64)0:3.9.8-1.30.19.1(x86_64)0:0.48-101.20.1(x86_64)0:0.9.10-0.8.1(x86_64)0:3.8.2-141.160.1(x86_64)0:3.8.2-141.163.1(x86_64)0:3.8.2-141.168.1(x86_64)0:3.8.2-141.169.3.1(x86_64)0:3.8.2-141.169.6.1(x86_64)0:3.8.2-141.169.9.1(x86_64)0:3.8.2-141.169.16.1(x86_64)0:3.8.2-141.169.19.1(x86_64)0:3.8.2-141.169.22.1(x86_64)0:3.8.2-141.169.26.1(x86_64)0:3.8.2-141.169.31.1(x86_64)0:3.8.2-141.169.34.1(x86_64)0:1.3.9-81.15.3.1(noarch)0:6.0.45-0.53.2(noarch)0:6.0.18-20.35.42.1(noarch)0:6.0.45-0.50.1(noarch)0:6.0.53-0.56.1(noarch)0:6.0.53-0.57.7.1(noarch)0:6.0.53-0.57.10.1(noarch)0:6.0.53-0.57.13.1(noarch)0:6.0.53-0.57.16.1(noarch)0:6.0.53-0.57.19.1(x86_64)0:3.2.5-160.3.2(x86_64)0:3.2.5-160.6.20(x86_64)0:3.2.8a-1.160.13.1(x86_64)0:3.2.8b-160.16.2(x86_64)0:3.80.2-4.1(x86_64)0:5.6.1-5.3.1(x86_64)0:5.52-142.29.1(x86_64)0:5.52-142.33.1(x86_64)0:5.52-142.34.3.1(x86_64)0:5.52-142.34.8.7(x86_64)0:5.52-142.34.11.1(x86_64)0:2.7.2-61.23.1(x86_64)0:2.16-6.11.1(x86_64)0:7.2-10.1(x86_64)0:7.2-13.7(x86_64)0:7.2-18.1(x86_64)0:7.2-21.1(x86_64)0:2.28.1-2.5.1(x86_64)0:2.28.1-2.5.3.16(x86_64)0:2.0.7-4.25.1(x86_64)0:0.22.5-0.2.1(x86_64)0:0.5.2-132.2.1(x86_64)0:0.5.3.git20161120-4.1(x86_64)0:0.5.3.git20161120-5.3.37(x86_64)0:4.50.1-1.27.1(x86_64)0:4.50.1-1.30.1(x86_64)0:4.50.1-1.33.1(i586|s390x|x86_64)0:1.11.4-1.19.1(x86_64)0:1.11.4-1.32.1(x86_64)0:1.11.4-1.40.1(x86_64)0:1.11.4-1.41.3.1(x86_64)0:1.10.11-0.2.1(x86_64)0:1.12.7-0.5.3(x86_64)0:1.12.9-0.12.1(x86_64)0:1.12.11-0.18.1(x86_64)0:1.12.13-0.23.1(x86_64)0:1.7.4-7.3.2(x86_64)0:2.0.12-36.1(x86_64)0:2.0.13-39.1(x86_64)0:2.0.14-40.7.1(x86_64)0:0.109.2-67.2.1(x86_64)0:0.4.5-2.7.2.1(x86_64)0:2.2.11-40.14.5(x86_64)0:19-234.18.1(x86_64)0:2.2.12-40.17.1(x86_64)0:2.2.13-40.22.1(x86_64)0:2.2.14-40.25.1(x86_64)0:2.2.16-40.28.1(x86_64)0:2.2.17-40.31.1(x86_64)0:0.6.9-4.9.1(noarch)0:2.7.0-217.26.1(i586|x86_64)0:4.0.3_21548_12-0.3.1(i586|x86_64)0:4.0.3_21548_12_2.6.32.54_0.11.TDC-0.3.1(i586)0:4.0.3_21548_18_2.6.32.59_0.19-0.21.1(i586|x86_64)0:4.0.3_21548_18-29.1(i586|x86_64)0:4.0.3_21548_18_2.6.32.59_0.19-29.1(i586)0:4.0.3_21548_18_2.6.32.59_0.19-29.1(x86_64)0:4.0.3_21548_18-27.6(x86_64)0:4.0.3_21548_18_2.6.32.54_0.68.TDC-27.6(x86_64)0:4.0.3_21548_18-30.1(x86_64)0:4.0.3_21548_18_2.6.32.54_0.68.TDC-30.1(x86_64)0:4.0.3_21548_18-36.4(x86_64)0:4.0.3_21548_18_2.6.32.54_0.85.TDC-36.4(x86_64)0:4.0.3_21548_18-41.4(x86_64)0:4.0.3_21548_18_2.6.32.54_0.94.TDC-41.4(x86_64)0:4.0.3_21548_18-44.1(x86_64)0:4.0.3_21548_18_2.6.32.54_0.97.TDC-44.1(x86_64)0:4.0.3_21548_18-49.1(x86_64)0:4.0.3_21548_18_2.6.32.54_0.103.TDC-49.1(x86_64)0:4.0.3_21548_18-52.1(x86_64)0:4.0.3_21548_18_2.6.32.54_0.103.TDC-52.1(x86_64)0:4.0.3_21548_18-53.5.1(x86_64)0:4.0.3_21548_18_2.6.32.54_0.112.TDC-53.5.1(x86_64)0:4.0.3_21548_18-53.8.1(x86_64)0:4.0.3_21548_18_2.6.32.54_0.112.TDC-53.8.1(x86_64)0:4.0.3_21548_18-53.11.1(x86_64)0:4.0.3_21548_18_2.6.32.54_0.116.TDC-53.11.1(x86_64)0:4.0.3_21548_18-53.14.4(x86_64)0:4.0.3_21548_18_2.6.32.54_0.122.TDC-53.14.4(x86_64)0:4.0.3_21548_18-53.19.1(x86_64)0:4.0.3_21548_18_2.6.32.54_0.133.TDC-53.19.1(x86_64)0:4.0.3_21548_20-53.24.1(x86_64)0:4.0.3_21548_20_2.6.32.54_0.172.TDC-53.24.1(x86_64)0:4.0.3_21548_20-53.27.1(x86_64)0:4.0.3_21548_20_2.6.32.54_0.178.TDC-53.27.1(x86_64)0:0.7.6-1.21.1(x86_64)0:0.4.30-0.3.2(x86_64)0:4.0.1_21326_08-0.5.1(x86_64)0:4.0.1_21326_08_2.6.32.36_0.5-0.5.1(x86_64)0:0.4.31-0.3.5(x86_64)0:4.0.2_21511_02-0.7.1(x86_64)0:4.0.2_21511_02_2.6.32.43_0.4-0.7.1(x86_64)0:0.7.6-1.27.5(x86_64)0:0.4.32-0.3.6(x86_64)0:4.0.2_21511_04-0.5.1(x86_64)0:4.0.2_21511_04_2.6.32.46_0.3-0.5.1(x86_64)0:0.7.6-1.29.2(x86_64)0:1.1.3-1.5.1(x86_64)0:4.0.3_21548_02-0.5.2(x86_64)0:4.0.3_21548_02_2.6.32.54_0.3-0.5.2(x86_64)0:4.0.3_21548_04-0.9.1(x86_64)0:4.0.3_21548_04_2.6.32.59_0.5-0.9.1(x86_64)0:0.4.34-0.3.1(x86_64)0:4.0.3_21548_08-0.7.1(x86_64)0:4.0.3_21548_08_2.6.32.59_0.7-0.7.1(i586|x86_64)0:4.0.3_21548_10-0.5.1(i586|x86_64)0:4.0.3_21548_10_2.6.32.59_0.7-0.5.1(i586)0:4.0.3_21548_10_2.6.32.59_0.7-0.5.1(x86_64)0:4.0.3_21548_11-0.3.1(x86_64)0:4.0.3_21548_11_2.6.32.54_0.11.TDC-0.3.1(x86_64)0:4.0.3_21548_14-0.5.1(x86_64)0:4.0.3_21548_14_2.6.32.54_0.31.TDC-0.5.1(i586|x86_64)0:4.0.3_21548_16-0.7.1(i586|x86_64)0:4.0.3_21548_16_2.6.32.54_0.33.TDC-0.7.1(i586)0:4.0.3_21548_16_2.6.32.59_0.9-0.5.1(x86_64)0:4.0.3_21548_18-0.5.1(x86_64)0:4.0.3_21548_18_2.6.32.54_0.45.TDC-0.5.1(i586|x86_64)0:4.0.3_21548_18-0.17.1(i586|x86_64)0:4.0.3_21548_18_2.6.32.54_0.55.TDC-0.17.1(i586)0:4.0.3_21548_18_2.6.32.59_0.19-0.15.1(i586|x86_64)0:4.0.3_21548_18-0.23.1(i586|x86_64)0:4.0.3_21548_18_2.6.32.54_0.59.TDC-0.23.1(i586)0:4.0.3_21548_18_2.6.32.59_0.19-0.25.1(x86_64)0:4.0.3_21548_18-33.1(x86_64)0:4.0.3_21548_18_2.6.32.54_0.73.TDC-33.1(noarch)0:2.8.1-238.29.5.2(noarch)0:2.8.1-238.29.8.1(i586|s390x|x86_64)0:2.3.14-130.133.1(x86_64)0:7.4-9.47.1(i586|s390x|x86_64)0:7.4-27.40.68.1(i586|s390x|x86_64)0:7.4-8.26.42.1(s390x|x86_64)0:7.4-8.26.42.1(x86_64)0:7.4-3.1(i586|s390x|x86_64)0:7.4-5.11.11.1(s390x|x86_64)0:7.4-5.11.11.1(i586|s390x|x86_64)0:7.4-5.11.15.1(s390x|x86_64)0:7.4-5.11.15.1(x86_64)0:7.4-5.11.65.1(x86_64)0:7.4-5.11.68.1(x86_64)0:7.4-5.11.72.9.1(x86_64)0:7.4-5.11.72.15.1(x86_64)0:7.4-5.11.72.18.1(x86_64)0:7.4-5.11.72.21.1(x86_64)0:7.4-5.11.72.24.1(x86_64)0:7.4-5.11.72.27.1(i586|s390x|x86_64)0:7.4-1.18.1(s390x|x86_64)0:7.4-1.18.1(i586|s390x|x86_64)0:7.4-1.16.1(s390x|x86_64)0:7.4-1.16.1(x86_64)0:7.4-1.20.1(i586|s390x|x86_64)0:7.4-1.19.1(s390x|x86_64)0:7.4-1.19.1(x86_64)0:7.4-8.26.46.1(x86_64)0:7.4-8.26.49.1(x86_64)0:7.4-8.26.50.5.3(x86_64)0:7.4-8.26.50.8.1(i586|s390x|x86_64)0:7.4-1.22.5.1(s390x|x86_64)0:7.4-1.22.5.1(x86_64)0:7.4-27.40.78.1(x86_64)0:7.4-27.40.79.5.1(x86_64)0:7.4-27.40.79.8.1(x86_64)0:7.4-27.40.79.13.1(x86_64)0:7.4-27.40.79.16.1(x86_64)0:7.4-27.40.79.24.1(x86_64)0:7.4-27.40.79.27.1(x86_64)0:7.4-27.40.79.30.1(x86_64)0:7.4-27.40.79.33.1(x86_64)0:7.3.99-17.11.1(x86_64)0:7.4_0.11.0-0.4.6.1(x86_64)0:7.4-27.40.50.1(x86_64)0:7.4-8.26.32.1(x86_64)0:3.02-138.29.2(x86_64)0:3.02-138.36.1(x86_64)0:5.07-6.36.1(x86_64)0:238-3.3.1(x86_64)0:5.0.3-0.12.7.1(x86_64)0:2.17.35.4-0.3.1(x86_64)0:2.17.99.5-5.1(x86_64)0:1.2.7-0.8.1(x86_64)0:1.2.7-0.9.3.1(x86_64)0:4.3.6-67.9.3.1(x86_64)0:4.3.6-67.9.8.1(x86_64)0:1.3.21-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.26.1(ppc64|s390x|x86_64)0:6.4.3.6-7.26.1(i586|s390x|x86_64)0:6.4.3.6-7.34.1(s390x|x86_64)0:6.4.3.6-7.34.1(i586|s390x|x86_64)0:6.4.3.6-7.37.1(s390x|x86_64)0:6.4.3.6-7.37.1(i586|s390x|x86_64)0:6.4.3.6-7.40.1(s390x|x86_64)0:6.4.3.6-7.40.1(i586|ia64|ppc64|s390x|x86_64)0:7.11.2-0.9.1(ppc64|s390x|x86_64)0:7.11.2-0.9.1(ia64)0:7.11.2-0.9.1(i586|ia64|ppc64|s390x|x86_64)0:17.0.9esr-0.3.1(i586|s390x|x86_64)0:38.5.0esr-28.2(i586|s390x|x86_64)0:38.8.0esr-40.1(i586|s390x|x86_64)0:45.3.0esr-48.1(i586|s390x|x86_64)0:45.0-20.38(i586|s390x|x86_64)0:2.11.0-4.2(i586|s390x|x86_64)0:3.21.1-26.2(s390x|x86_64)0:3.21.1-26.2(i586|s390x|x86_64)0:4.12-25.2(s390x|x86_64)0:4.12-25.2(i586|s390x|x86_64)0:45.4.0esr-52.1(i586|s390x|x86_64)0:45.6.0esr-66.1(x86_64)0:4.1.6_08-17.1(i586|x86_64)0:4.1.6_08-17.1(i586|x86_64)0:4.1.6_08_3.0.101_0.7.29-17.1(i586)0:4.1.6_08_3.0.101_0.7.29-17.1(noarch)0:1.7.0-200.26.1(noarch)0:1.7.0-200.26.2(i586|ia64|ppc64|s390x|x86_64)0:2.2.12-1.42.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.8-0.4.7.1(i586|s390x|x86_64)0:1.0.14-0.4.25.1(i586|ia64|ppc64|s390x|x86_64)0:5.2.14-0.7.30.50.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.8-0.43.1(i586|ia64|ppc64|s390x|x86_64)0:1.10.1-4.131.9.1(i586|ia64|ppc64|s390x|x86_64)0:3.2-147.14.18.1(ia64)0:3.2-147.14.18.1(i586|ia64|ppc64|s390x|x86_64)0:5.2-147.14.18.1(ppc64|s390x|x86_64)0:5.2-147.14.18.1(ia64)0:5.2-147.14.18.1(i586|ia64|ppc64|s390x|x86_64)0:9.9.4P2-0.6.1(i586|s390x|x86_64)0:9.9.6P1-0.5.5(ppc64|s390x|x86_64)0:9.9.4P2-0.6.1(ia64)0:9.9.4P2-0.6.1(i586|s390x|x86_64)0:9.9.6P1-0.12.1(s390x|x86_64)0:9.9.6P1-0.12.1(i586|s390x|x86_64)0:9.9.6P1-0.15.1(s390x|x86_64)0:9.9.6P1-0.15.1(i586|s390x|x86_64)0:9.9.6P1-0.19.1(s390x|x86_64)0:9.9.6P1-0.19.1(i586|s390x|x86_64)0:9.9.6P1-0.22.1(s390x|x86_64)0:9.9.6P1-0.22.1(i586|s390x|x86_64)0:9.9.6P1-0.25.1(s390x|x86_64)0:9.9.6P1-0.25.1(i586|s390x|x86_64)0:9.9.6P1-0.30.1(s390x|x86_64)0:9.9.6P1-0.30.1(i586|s390x|x86_64)0:9.9.6P1-0.33.1(s390x|x86_64)0:9.9.6P1-0.33.1(i586|s390x|x86_64)0:9.9.6P1-0.36.1(s390x|x86_64)0:9.9.6P1-0.36.1(i586|s390x|x86_64)0:2.5.5-9.1(i586|ia64|ppc64|s390x|x86_64)0:2.6.7-0.9.1(i586|ia64|ppc64|s390x|x86_64)0:1.34b-12.33.39.1(i586|ia64|ppc64|s390x|x86_64)0:3.6.3-0.33.39.1(ppc64|s390x|x86_64)0:3.6.3-0.33.39.1(ia64)0:3.6.3-0.33.39.1(i586|ia64|ppc64|s390x|x86_64)0:3.4.3-1.50.1(ppc64|s390x|x86_64)0:3.4.3-1.50.1(ia64)0:3.4.3-1.50.1(noarch)0:3.6.3-0.33.39.1(i586|ia64|ppc64|s390x|x86_64)0:5.1-0.11.1(i586|ia64|ppc64|s390x|x86_64)0:0.97.8-0.2.1(i586|ia64|ppc64|s390x|x86_64)0:8.12-6.25.29.1(ia64)0:8.12-6.25.29.1(i586|ia64|ppc64|s390x|x86_64)0:1.3.9-8.46.48.1(ppc64|s390x|x86_64)0:1.3.9-8.46.48.1(ia64)0:1.3.9-8.46.48.1(i586|ia64|ppc64|s390x|x86_64)0:7.19.7-1.20.31.1(ppc64|s390x|x86_64)0:7.19.7-1.20.31.1(ia64)0:7.19.7-1.20.31.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.10-3.27.1(ppc64|s390x|x86_64)0:1.2.10-3.27.1(ia64)0:1.2.10-3.27.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.4.P2-0.11.13.1(i586|s390x|x86_64)0:4.2.4.P2-0.11.15.1(i586|s390x|x86_64)0:3.2.3-45.5.3(i586|ia64|ppc64|s390x|x86_64)0:2.28.2-0.29.24(ppc64|s390x|x86_64)0:2.28.2-0.29.24(ia64)0:2.28.2-0.29.24(i586|ia64|ppc64|s390x|x86_64)0:0.95-1.24.1(i586|ia64|ppc64|s390x|x86_64)0:10.0.7-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:7-0.6.7.80(i586|ia64|ppc64|s390x|x86_64)0:3.13.6-0.5.1(ppc64|s390x|x86_64)0:3.13.6-0.5.1(ia64)0:3.13.6-0.5.1(i586|ia64|ppc64|s390x|x86_64)0:4.9.2-0.6.1(ppc64|s390x|x86_64)0:4.9.2-0.6.1(ia64)0:4.9.2-0.6.1(i586|ia64|ppc64|s390x|x86_64)0:10.0.9-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:7-0.6.7.85(i586|ia64|ppc64|s390x|x86_64)0:10.0.10-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:4.9.3-0.2.1(ppc64|s390x|x86_64)0:4.9.3-0.2.1(ia64)0:4.9.3-0.2.1(i586|ia64|ppc64|s390x|x86_64)0:10.0.11-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:3.14-0.3.1(ppc64|s390x|x86_64)0:3.14-0.3.1(ia64)0:3.14-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:10.0.12-0.4.1(i586|ia64|ppc64|s390x|x86_64)0:3.14.1-0.3.1(ppc64|s390x|x86_64)0:3.14.1-0.3.1(ia64)0:3.14.1-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:4.9.4-0.3.1(ppc64|s390x|x86_64)0:4.9.4-0.3.1(ia64)0:4.9.4-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:17.0.4esr-0.5.1(i586|ia64|ppc64|s390x|x86_64)0:7-0.6.9.5(i586|ia64|ppc64|s390x|x86_64)0:3.14.2-0.4.3.2(ppc64|s390x|x86_64)0:3.14.2-0.4.3.2(ia64)0:3.14.2-0.4.3.2(i586|ia64|ppc64|s390x|x86_64)0:4.9.5-0.3.2(ppc64|s390x|x86_64)0:4.9.5-0.3.2(ia64)0:4.9.5-0.3.2(i586|ia64|ppc64|s390x|x86_64)0:17.0.5esr-0.4.1(i586|ia64|ppc64|s390x|x86_64)0:7-0.6.9.17(i586|ia64|ppc64|s390x|x86_64)0:3.14.3-0.4.3.1(ppc64|s390x|x86_64)0:3.14.3-0.4.3.1(ia64)0:3.14.3-0.4.3.1(i586|ia64|ppc64|s390x|x86_64)0:4.9.6-0.3.1(ppc64|s390x|x86_64)0:4.9.6-0.3.1(ia64)0:4.9.6-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:17.0.6esr-0.4.1(i586|ia64|ppc64|s390x|x86_64)0:17.0.7esr-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:7-0.6.9.31(i586|ia64|ppc64|s390x|x86_64)0:17.0.10esr-0.4.2.4(i586|ia64|ppc64|s390x|x86_64)0:7-0.6.9.62(i586|s390x|x86_64)0:24.3.0esr-0.4.2.2(i586|s390x|x86_64)0:24-0.4.10.4(i586|s390x|x86_64)0:38.3.0esr-20.1(i586|s390x|x86_64)0:4.10.9-11.1(s390x|x86_64)0:4.10.9-11.1(i586|s390x|x86_64)0:38.4.0esr-25.3(i586|s390x|x86_64)0:38-12.19(i586|s390x|x86_64)0:3.19.2.1-12.1(s390x|x86_64)0:3.19.2.1-12.1(i586|s390x|x86_64)0:4.10.10-16.1(s390x|x86_64)0:4.10.10-16.1(i586|s390x|x86_64)0:38.7.0esr-36.3(i586|s390x|x86_64)0:3.20.2-20.1(s390x|x86_64)0:3.20.2-20.1(i586|s390x|x86_64)0:4.12-19.1(s390x|x86_64)0:4.12-19.1(i586|ia64|ppc64|s390x|x86_64)0:2.1.1-7.16.1(i586|ia64|ppc64|s390x|x86_64)0:2.3.7-25.32.1(ppc64|s390x|x86_64)0:2.3.7-25.32.1(ia64)0:2.3.7-25.32.1(i586|ia64|ppc64|s390x|x86_64)0:8.62-32.34.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.7-32.34.1(i586|s390x|x86_64)0:8.62-32.38.1(i586|s390x|x86_64)0:4.2.7-32.38.1(i586|i686|ia64|ppc64|s390x|x86_64)0:2.11.3-17.45.49.1(ppc64|s390x|x86_64)0:2.11.3-17.45.49.1(i586|ia64|ppc64|s390x|x86_64)0:2.11.3-17.45.49.1(ia64)0:2.11.3-17.45.49.1(i586|i686|s390x|x86_64)0:2.11.3-17.45.66.1(s390x|x86_64)0:2.11.3-17.45.66.1(i586|s390x|x86_64)0:2.11.3-17.45.66.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.1-24.39.47.1(ppc64|s390x|x86_64)0:2.4.1-24.39.47.1(ia64)0:2.4.1-24.39.47.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.9-25.33.37.1(i586|ia64|ppc64|s390x|x86_64)0:2.18.9-0.23.1(ppc64|s390x|x86_64)0:2.18.9-0.23.1(ia64)0:2.18.9-0.23.1(i586|ia64|ppc64|s390x|x86_64)0:3.11.10-0.6.11.1(i586|x86_64)0:4-0.13.2(i586|ia64|ppc64|x86_64)0:1.5.4-0.7.9.1(ppc64|x86_64)0:1.5.4-0.7.9.1(i586|ia64|ppc64|s390x|x86_64)0:4.0-7.26.15(ppc64|s390x|x86_64)0:4.0-7.26.15(ia64)0:4.0-7.26.15(i586|ia64|ppc64|s390x|x86_64)0:2.4.2-170.21.3.1(noarch)0:2012.12.12-0.5.1(i586|ia64|ppc64|s390x|x86_64)0:1.4.2_sr13.18-0.4.1(i586|ppc64|s390x|x86_64)0:1.6.0_sr15.0-0.5.1(i586)0:1.6.0_sr15.0-0.5.1(i586|s390x|x86_64)0:1.6.0_sr16.0-0.3.1(i586|x86_64)0:1.6.0_sr15.0-0.5.1(i586|s390x|x86_64)0:1.6.0_sr16.20-49.1(i586)0:1.6.0_sr16.20-49.1(i586|x86_64)0:1.6.0_sr16.20-49.1(i586|s390x|x86_64)0:1.6.0_sr16.25-69.1(i586)0:1.6.0_sr16.25-69.1(i586|x86_64)0:1.6.0_sr16.25-69.1(i586|s390x|x86_64)0:1.6.0_sr16.30-75.1(i586)0:1.6.0_sr16.30-75.1(i586|x86_64)0:1.6.0_sr16.30-75.1(i586|s390x|x86_64)0:1.6.0_sr16.35-78.2(i586)0:1.6.0_sr16.35-78.2(i586|x86_64)0:1.6.0_sr16.35-78.2(i586|s390x|x86_64)0:1.6.0_sr16.15-46.1(i586)0:1.6.0_sr16.15-46.1(i586|x86_64)0:1.6.0_sr16.15-46.1(i586|ppc64|s390x|x86_64)0:1.7.0_sr6.0-0.7.1(i586|x86_64)0:1.7.0_sr6.0-0.7.1(i586|s390x|x86_64)0:1.7.0_sr7.0-0.5.1(i586|s390x|x86_64)0:1.7.0_sr9.10-9.1(i586|x86_64)0:1.7.0_sr9.10-9.1(i586|s390x|x86_64)0:1.7.0_sr9.20-42.1(i586|x86_64)0:1.7.0_sr9.20-42.1(i586|s390x|x86_64)0:1.7.0_sr9.30-45.1(i586|x86_64)0:1.7.0_sr9.30-45.1(i586|s390x|x86_64)0:1.7.0_sr9.40-52.1(i586|x86_64)0:1.7.0_sr9.40-52.1(i586|s390x|x86_64)0:1.7.0_sr9.50-55.1(i586|x86_64)0:1.7.0_sr9.50-55.1(i586|s390x|x86_64)0:1.7.0_sr9.60-58.2(i586|x86_64)0:1.7.0_sr9.60-58.2(i586|ia64|ppc64|s390x|x86_64)0:4.3.5-0.12.1(ppc64|s390x|x86_64)0:4.3.5-0.12.1(ia64)0:4.3.5-0.12.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-0.7.17.1(s390x)0:3.0.101-0.7.17.1(i586|x86_64)0:3.0.101-0.7.17.1(i586)0:3.0.101-0.7.17.1(ppc64)0:3.0.101-0.7.17.1(i586|x86_64)0:4.1.6_04_3.0.101_0.7.17-0.5.16(i586)0:4.1.6_04_3.0.101_0.7.17-0.5.16(i586|s390x|x86_64)0:3.0.101-0.7.47.1(s390x)0:3.0.101-0.7.47.1(i586|x86_64)0:3.0.101-0.7.47.1(i586)0:3.0.101-0.7.47.1(i586|s390x|x86_64)0:3.0.101-0.7.53.1(s390x)0:3.0.101-0.7.53.1(i586|x86_64)0:3.0.101-0.7.53.1(i586)0:3.0.101-0.7.53.1(i586|s390x|x86_64)0:3.0.101-0.7.37.1(s390x)0:3.0.101-0.7.37.1(i586|x86_64)0:3.0.101-0.7.37.1(i586)0:3.0.101-0.7.37.1(i586|s390x|x86_64)0:3.0.101-0.7.40.1(s390x)0:3.0.101-0.7.40.1(i586|x86_64)0:3.0.101-0.7.40.1(i586)0:3.0.101-0.7.40.1(i586|s390x|x86_64)0:3.0.101-0.7.44.1(s390x)0:3.0.101-0.7.44.1(i586|x86_64)0:3.0.101-0.7.44.1(i586)0:3.0.101-0.7.44.1(i586|ia64|ppc64|s390x|x86_64)0:1.6.3-133.49.58.1(ppc64|s390x|x86_64)0:1.6.3-133.49.58.1(noarch)0:1.6.3-133.49.58.1(ia64)0:1.6.3-133.49.58.1(i586|x86_64)0:0.15.1-0.27.1(i586|x86_64)0:0.15.1-0.32.2(i586|ia64|ppc64|s390x|x86_64)0:1.17-77.16.1(ppc64|s390x|x86_64)0:1.17-77.16.1(ia64)0:1.17-77.16.1(i586|ia64|ppc64|s390x|x86_64)0:1.34b-12.24.4(i586|ia64|ppc64|s390x|x86_64)0:3.6.3-0.24.4(ppc64|s390x|x86_64)0:3.6.3-0.24.4(ia64)0:3.6.3-0.24.4(noarch)0:3.6.3-0.24.4(i586|ia64|ppc64|s390x|x86_64)0:4.6.3-5.20.23.1(ppc64|s390x|x86_64)0:4.6.3-5.20.23.1(ia64)0:4.6.3-5.20.23.1(i586|ia64|ppc64|s390x|x86_64)0:9.1.9-0.3.1(ppc64|s390x|x86_64)0:9.1.9-0.3.1(ia64)0:9.1.9-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:1.5.0-0.15.2(ppc64|s390x|x86_64)0:1.5.0-0.15.2(ia64)0:1.5.0-0.15.2(i586|ia64|ppc64|s390x|x86_64)0:5.0.96-0.6.1(ppc64|s390x|x86_64)0:5.0.96-0.6.1(ia64)0:5.0.96-0.6.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.8j-0.50.1(ppc64|s390x|x86_64)0:0.9.8j-0.50.1(ia64)0:0.9.8j-0.50.1(i586|ia64|ppc64|s390x|x86_64)0:3.2.0-10.3.1(i586|ia64|ppc64|s390x|x86_64)0:2013.1.7-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:0.16.0-1.4.1(ppc64|s390x|x86_64)0:0.16.0-1.4.1(ia64)0:0.16.0-1.4.1(i586|ia64|ppc64|s390x|x86_64)0:0.12.3-1.8.1(i586|ia64|ppc64|s390x|x86_64)0:0.3.1-2.6.1(ppc64|s390x|x86_64)0:0.3.1-2.6.1(i586|ia64|ppc64|s390x|x86_64)0:0.3.1-2.6.3(ia64)0:0.3.1-2.6.1(i586|ia64|ppc64|s390x|x86_64)0:2.32.2-4.13.1(ppc64|s390x|x86_64)0:2.32.2-4.13.1(ia64)0:2.32.2-4.13.1(i586|ia64|ppc64|s390x|x86_64)0:3.8.2-141.154.1(ppc64|s390x|x86_64)0:3.8.2-141.154.1(ia64)0:3.8.2-141.154.1(i586|ia64|ppc64|s390x|x86_64)0:0.3.7-3.9.1(ppc64|s390x|x86_64)0:0.3.7-3.9.1(ia64)0:0.3.7-3.9.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.6-0.29.1(ppc64|s390x|x86_64)0:0.9.6-0.29.1(i586|x86_64)0:0.9.6-0.23.1(x86_64)0:0.9.6-0.23.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.25.1(ppc64|s390x|x86_64)0:2.7.6-0.25.1(ia64)0:2.7.6-0.25.1(i586|s390x|x86_64)0:2.7.6-0.44.1(s390x|x86_64)0:2.7.6-0.44.1(i586|s390x|x86_64)0:2.7.6-0.44.4(i586|ia64|ppc64|s390x|x86_64)0:1.1.24-19.23.1(ppc64|s390x|x86_64)0:1.1.24-19.23.1(ia64)0:1.1.24-19.23.1(i586|ia64|ppc64|s390x|x86_64)0:9.16.1-0.5.1(i586|s390x|x86_64)0:45.5.1esr-63.1(i586|s390x|x86_64)0:3.21.3-30.1(s390x|x86_64)0:3.21.3-30.1(i586|s390x|x86_64)0:38.6.1esr-33.1(i586|s390x|x86_64)0:38-15.58(i586|s390x|x86_64)0:3.20.2-17.5(s390x|x86_64)0:3.20.2-17.5(i586|ia64|ppc64|s390x|x86_64)0:3.15.2-0.3.1(ppc64|s390x|x86_64)0:3.15.2-0.3.1(ia64)0:3.15.2-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:4.10.1-0.3.1(ppc64|s390x|x86_64)0:4.10.1-0.3.1(ia64)0:4.10.1-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.6-1.25.34.1(i586|ia64|ppc64|s390x|x86_64)0:2.12-24.4.8.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.3-18.33.1(i586|ia64|ppc64|s390x|x86_64)0:3.15.3-0.3.1(ppc64|s390x|x86_64)0:3.15.3-0.3.1(ia64)0:3.15.3-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:4.10.2-0.3.1(ppc64|s390x|x86_64)0:4.10.2-0.3.1(ia64)0:4.10.2-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:3.15.3.1-0.4.2.1(ppc64|s390x|x86_64)0:3.15.3.1-0.4.2.1(ia64)0:3.15.3.1-0.4.2.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.4p8-1.20.1(i586|s390x|x86_64)0:4.2.8p6-41.1(i586|s390x|x86_64)0:4.2.8p7-44.1(i586|s390x|x86_64)0:4.2.8p8-47.3(i586|s390x|x86_64)0:4.2.8p9-48.9.1(i586|ppc64|s390x|x86_64)0:2.4-0.13.1(i586|ppc|s390)0:2.4-0.13.1(ppc64|s390x|x86_64)0:2.4-0.13.1(i586|ia64|ppc64|s390x|x86_64)0:5.1p1-41.57.1(i586|s390x|x86_64)0:5.1p1-41.69.1(i586|s390x|x86_64)0:5.1p1-41.69.4(i586|s390x|x86_64)0:0.9.8j-0.80.1(s390x|x86_64)0:0.9.8j-0.80.1(i586|s390x|x86_64)0:0.9.8j-0.89.1(s390x|x86_64)0:0.9.8j-0.89.1(i586|s390x|x86_64)0:0.9.8j-0.97.1(s390x|x86_64)0:0.9.8j-0.97.1(i586|s390x|x86_64)0:0.9.8j-0.102.2(s390x|x86_64)0:0.9.8j-0.102.2(noarch)0:1.95-0.4.1(i586|ia64|ppc64|s390x|x86_64)0:2.6.16-1.40.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.9-143.33.3.1(i586|ia64|ppc64|s390x|x86_64)0:5.10.0-64.61.61.1(ppc64|s390x|x86_64)0:5.10.0-64.61.61.1(ia64)0:5.10.0-64.61.61.1(i586|s390x|x86_64)0:5.2.14-0.7.30.72.1(i586|s390x|x86_64)0:5.2.14-0.7.30.89.1(i586|s390x|x86_64)0:5.3.17-47.1(i586|s390x|x86_64)0:5.3.17-55.1(i586|s390x|x86_64)0:5.3.17-58.1(i586|ia64|ppc64|s390x|x86_64)0:1.7-37.56.1(ppc64|s390x|x86_64)0:1.7-37.56.1(ia64)0:1.7-37.56.1(i586|ia64|ppc64|s390x|x86_64)0:4.4.2.3-37.56.1(ppc64|s390x|x86_64)0:4.4.2.3-37.56.1(ia64)0:4.4.2.3-37.56.1(i586|ia64|ppc64|s390x|x86_64)0:8.3.23-0.4.1(i586|ia64|ppc64|s390x|x86_64)0:2.6.18-0.12.1(i586|ia64|ppc64|s390x|x86_64)0:2.6.8-0.23.1(ppc64|s390x|x86_64)0:2.6.8-0.23.1(ia64)0:2.6.8-0.23.1(i586|ia64|ppc64|s390x|x86_64)0:0.99.15-0.14.1(i586|ia64|ppc64|s390x|x86_64)0:3.16-50.41.1(i586|ia64|ppc64|s390x|x86_64)0:1.8.7.p357-0.9.13.1(i586|s390x|x86_64)0:1.34b-45.2(i586|s390x|x86_64)0:3.6.3-45.2(s390x|x86_64)0:3.6.3-45.2(noarch)0:3.6.3-45.2(i586|s390x|x86_64)0:1.34b-48.2(i586|s390x|x86_64)0:3.6.3-48.2(s390x|x86_64)0:3.6.3-48.2(noarch)0:3.6.3-48.2(i586|s390x|x86_64)0:1.34b-52.1(i586|s390x|x86_64)0:3.6.3-52.1(s390x|x86_64)0:3.6.3-52.1(noarch)0:3.6.3-52.1(i586|s390x|x86_64)0:1.34b-56.1(i586|s390x|x86_64)0:3.6.3-56.1(s390x|x86_64)0:3.6.3-56.1(noarch)0:3.6.3-56.1(i586|ia64|ppc64|s390x|x86_64)0:1.3.11-0.23.2(i586|ia64|ppc64|s390x|x86_64)0:2.7.STABLE5-2.12.16.1(i586|ia64|ppc64|s390x|x86_64)0:3.1.12-8.12.1(i586|ia64|ppc64|s390x|x86_64)0:4.4.0-6.21.1(i586|ia64|ppc64|s390x|x86_64)0:4.36-0.12.1(i586|ia64|ppc64|s390x|x86_64)0:1.7.6p2-0.2.12.1(i586|ia64|ppc64|s390x|x86_64)0:1.5-0.9.1(i586|ia64|ppc64|s390x|x86_64)0:2.28.1-2.5.1(i586|x86_64)0:0.5.14-0.5.7(i586|ia64|ppc64|s390x|x86_64)0:1.8.12-0.2.1(x86_64)0:4.1.4_02-0.5.1(i586|x86_64)0:4.1.6_08-0.11.1(i586|x86_64)0:4.1.4_02_3.0.58_0.6.6-0.5.1(i586)0:4.1.4_02_3.0.58_0.6.6-0.5.1(i586|x86_64)0:4.1.4_02-0.5.1(x86_64)0:4.1.6_08-0.5.1(i586|x86_64)0:4.1.6_08-0.5.1(i586|x86_64)0:4.1.6_08_3.0.101_0.7.23-0.5.1(i586)0:4.1.6_08_3.0.101_0.7.23-0.5.1(x86_64)0:4.1.6_08-20.1(i586|x86_64)0:4.1.6_08-20.1(i586|x86_64)0:4.1.6_08_3.0.101_0.7.37-20.1(i586)0:4.1.6_08_3.0.101_0.7.37-20.1(x86_64)0:4.1.6_08-26.1(i586|x86_64)0:4.1.6_08-26.1(i586|x86_64)0:4.1.6_08_3.0.101_0.7.37-26.1(i586)0:4.1.6_08_3.0.101_0.7.37-26.1(x86_64)0:4.1.6_08-29.1(i586|x86_64)0:4.1.6_08-29.1(i586|x86_64)0:4.1.6_08_3.0.101_0.7.40-29.1(i586)0:4.1.6_08_3.0.101_0.7.40-29.1(x86_64)0:4.1.6_08-32.1(i586|x86_64)0:4.1.6_08-32.1(i586|x86_64)0:4.1.6_08_3.0.101_0.7.44-32.1(i586)0:4.1.6_08_3.0.101_0.7.44-32.1(i586|x86_64)0:0.9.6-0.15.71(x86_64)0:0.9.6-0.15.71(i586|x86_64)0:0.9.0-3.17.26(i586|x86_64)0:1.1.7-0.11.15(i586|x86_64)0:0.5.9-0.7.13(x86_64)0:4.1.2_18-0.9.1(i586|x86_64)0:4.1.2_18_3.0.31_0.9-0.9.1(i586)0:4.1.2_18_3.0.31_0.9-0.9.1(i586|x86_64)0:4.1.2_18-0.9.1(i586|x86_64)0:2.17.10-0.5.42(x86_64)0:0.9.6-0.21.3(x86_64)0:0.9.0-3.19.1(x86_64)0:0.5.10-0.5.1(x86_64)0:4.1.2_20-0.5.2(x86_64)0:4.1.2_20_3.0.38_0.5-0.5.2(i586|x86_64)0:0.5.12-0.5.1(x86_64)0:4.1.3_02-0.5.1(i586|x86_64)0:4.1.3_02_3.0.38_0.5-0.5.1(i586|x86_64)0:4.1.3_02-0.5.1(x86_64)0:4.1.3_04-0.5.1(i586|x86_64)0:4.1.3_04_3.0.42_0.7-0.5.1(i586)0:4.1.3_04_3.0.42_0.7-0.5.1(i586|x86_64)0:4.1.3_04-0.5.1(x86_64)0:4.1.5_02-0.5.1(i586|x86_64)0:4.1.5_02_3.0.74_0.6.10-0.5.1(i586)0:4.1.5_02_3.0.74_0.6.10-0.5.1(i586|x86_64)0:4.1.5_02-0.5.1(x86_64)0:4.1.6_02-0.5.1(i586|x86_64)0:4.1.6_02_3.0.93_0.5-0.5.1(i586)0:4.1.6_02_3.0.93_0.5-0.5.1(i586|x86_64)0:4.1.6_02-0.5.1(x86_64)0:4.1.6_04-0.5.1(i586|x86_64)0:4.1.6_04_3.0.101_0.5-0.5.1(i586)0:4.1.6_04_3.0.101_0.5-0.5.1(i586|x86_64)0:4.1.6_04-0.5.1(x86_64)0:4.1.6_06-0.5.1(i586|x86_64)0:4.1.6_06-0.5.1(i586|x86_64)0:4.1.6_06_3.0.101_0.7.17-0.5.1(i586)0:4.1.6_06_3.0.101_0.7.17-0.5.1(x86_64)0:4.1.6_08-0.9.1(i586|x86_64)0:4.1.6_08-0.9.1(i586|x86_64)0:4.1.6_08_3.0.101_0.7.29-0.9.1(i586)0:4.1.6_08_3.0.101_0.7.29-0.9.1(x86_64)0:4.1.6_08-0.13.1(i586|x86_64)0:4.1.6_08-0.13.1(i586|x86_64)0:4.1.6_08_3.0.101_0.7.29-0.13.1(i586)0:4.1.6_08_3.0.101_0.7.29-0.13.1(x86_64)0:4.1.6_08-23.1(i586|x86_64)0:4.1.6_08-23.1(i586|x86_64)0:4.1.6_08_3.0.101_0.7.37-23.1(i586)0:4.1.6_08_3.0.101_0.7.37-23.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-27.70.76.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-8.26.40.1(ppc64|s390x|x86_64)0:7.4-8.26.40.1(ia64)0:7.4-8.26.40.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-5.11.11.1(ppc64|s390x|x86_64)0:7.4-5.11.11.1(ia64)0:7.4-5.11.11.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-1.18.1(ppc64|s390x|x86_64)0:7.4-1.18.1(ia64)0:7.4-1.18.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-1.16.1(ppc64|s390x|x86_64)0:7.4-1.16.1(ia64)0:7.4-1.16.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-1.19.1(ppc64|s390x|x86_64)0:7.4-1.19.1(ia64)0:7.4-1.19.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-1.22.5.1(ppc64|s390x|x86_64)0:7.4-1.22.5.1(ia64)0:7.4-1.22.5.1(i586|x86_64)0:7.3.99-3.20.1(i586|ia64|ppc64|s390x|x86_64)0:2.17.182.12-0.5.11(i586|ia64|ppc64|s390x|x86_64)0:1.6.166-0.5.1(x86_64)0:102.10.0-72.69.1(i586|ia64|ppc64|s390x|x86_64)0:24.6.0esr-0.8.1(i586|ia64|ppc64|s390x|x86_64)0:24-0.7.48(i586|ia64|ppc64|s390x|x86_64)0:3.16.1-0.8.1(ppc64|s390x|x86_64)0:3.16.1-0.8.1(ia64)0:3.16.1-0.8.1(i586|ia64|ppc64|s390x|x86_64)0:4.10.6-0.3.1(ppc64|s390x|x86_64)0:4.10.6-0.3.1(ia64)0:4.10.6-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.30.1(ppc64|s390x|x86_64)0:6.4.3.6-7.30.1(x86_64)0:6.4.3.6-78.149.2(x86_64)0:6.4.3.6-78.154.2(x86_64)0:6.4.3.6-78.157.1(i586|s390x|x86_64)0:0.9.1-160.6.1(x86_64)0:0.9.1-160.25.1(i586|ia64|ppc64|s390x|x86_64)0:9.0.3-0.27.2(ppc64|s390x|x86_64)0:9.0.3-0.27.2(ia64)0:9.0.3-0.27.2(x86_64)0:9.0.3-0.29.5.3(i586|ia64|ppc64|s390x|x86_64)0:17.0.9esr-0.7.1(i586|ia64|ppc64|s390x|x86_64)0:31.8.0esr-0.13.2(i586|ia64|ppc64|s390x|x86_64)0:38.5.0esr-28.2(x86_64)0:38.6.1esr-34.1(i586|s390x|x86_64)0:38.8.0esr-40.5(i586|s390x|x86_64)0:3.20.2-30.1(s390x|x86_64)0:3.20.2-30.1(i586|s390x|x86_64)0:4.12-26.1(s390x|x86_64)0:4.12-26.1(i586|s390x|x86_64)0:45.2.0esr-45.2(i586|s390x|x86_64)0:45.0-23.10(i586|s390x|x86_64)0:2.11.0-2.1(i586|s390x|x86_64)0:3.21.1-35.1(s390x|x86_64)0:3.21.1-35.1(i586|s390x|x86_64)0:4.12-29.1(s390x|x86_64)0:4.12-29.1(i586|s390x|x86_64)0:45.3.0esr-50.1(i586|s390x|x86_64)0:45.4.0esr-53.1(i586|s390x|x86_64)0:45.6.0esr-62.1(i586|s390x|x86_64)0:45.7.0esr-65.2(i586|s390x|x86_64)0:45.8.0esr-68.1(i586|s390x|x86_64)0:45.9.0esr-71.2(i586|s390x|x86_64)0:3.29.5-46.1(s390x|x86_64)0:3.29.5-46.1(i586|s390x|x86_64)0:4.13.1-32.1(s390x|x86_64)0:4.13.1-32.1(i586|s390x|x86_64)0:52.2.0esr-72.5.2(i586|s390x|x86_64)0:52-24.3.44(i586|s390x|x86_64)0:5.3.1+r233831-7.1(i586|s390x|x86_64)0:3.29.5-47.3.2(s390x|x86_64)0:3.29.5-47.3.2(i586|s390x|x86_64)0:52.3.0esr-72.9.1(i586|s390x|x86_64)0:52-24.5.1(i586|s390x|x86_64)0:52.5.0esr-72.17.1(i586|s390x|x86_64)0:52.6.0esr-72.20.2(i586|s390x|x86_64)0:52.7.3esr-72.27.2(i586|s390x|x86_64)0:52.8.0esr-72.32.1(i586|s390x|x86_64)0:52.8.1esr-72.35.1(i586|s390x|x86_64)0:52.9.0esr-72.38.6(x86_64)0:91.9.0-78.175.1(x86_64)0:91.9.0-78.179.2(x86_64)0:91.9.1-78.182.1(x86_64)0:91.10.0-78.185.1(x86_64)0:91.11.0-78.190.1(x86_64)0:91.12.0-78.195.1(x86_64)0:91.13.0-78.198.1(x86_64)0:102.2.0-72.41.1(x86_64)0:102-24.8.1(x86_64)0:102.3.0-72.44.1(x86_64)0:102.4.0-72.47.1(x86_64)0:102.5.0-72.52.2(x86_64)0:3.14.9-2.26.3(x86_64)0:102.6.0-72.55.1(x86_64)0:102.9.0-72.66.1(x86_64)0:102.11.0-72.72.1(i586|ia64|ppc64|s390x|x86_64)0:24.5.0esr-0.8.1(i586|ia64|ppc64|s390x|x86_64)0:24-0.7.36(i586|ia64|ppc64|s390x|x86_64)0:3.16-0.8.1(ppc64|s390x|x86_64)0:3.16-0.8.1(ia64)0:3.16-0.8.1(i586|ia64|ppc64|s390x|x86_64)0:4.10.4-0.3.1(ppc64|s390x|x86_64)0:4.10.4-0.3.1(ia64)0:4.10.4-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:31.6.0esr-0.8.1(i586|ia64|ppc64|s390x|x86_64)0:31.8.0esr-0.10.1(i586|ia64|ppc64|s390x|x86_64)0:3.19.2_CKBI_1.98-0.10.1(ppc64|s390x|x86_64)0:3.19.2_CKBI_1.98-0.10.1(ia64)0:3.19.2_CKBI_1.98-0.10.1(i586|ia64|ppc64|s390x|x86_64)0:4.10.8-0.5.1(ppc64|s390x|x86_64)0:4.10.8-0.5.1(ia64)0:4.10.8-0.5.1(i586|s390x|x86_64)0:38.7.0esr-37.3(i586|s390x|x86_64)0:3.20.2-28.1(s390x|x86_64)0:3.20.2-28.1(i586|s390x|x86_64)0:4.12-24.1(s390x|x86_64)0:4.12-24.1(x86_64)0:1.2.13-106.24.1(i586|ia64|ppc64|s390x|x86_64)0:4.13-1326.37.1(x86_64)0:2.5.2.1-188.11.1(x86_64)0:2.5.2.1-188.14.1(x86_64)0:2.2.0.0-7.1(x86_64)0:2.2.0.0-10.1(x86_64)0:2.3.2.0-11.5.7(x86_64)0:0.1.3-0.10.22.2.1(x86_64)0:2.6-2.19.2.1(x86_64)0:3.10-0.15.2.1(x86_64)0:0.10-0.3.2.1(x86_64)0:1.13.1-0.3.2.3(x86_64)0:2.6-0.3.2.1(x86_64)0:2.9.9-11.8.1(x86_64)0:3.6-0.11.2.1(x86_64)0:1.6.1-0.3.2.1(x86_64)0:2.9.9-11.11.1(x86_64)0:2.9.14-11.14.1(x86_64)0:2.9.22-11.17.1(x86_64)0:2.9.27-11.20.1(noarch)0:1.7.1-20.11.5.1(noarch)0:1.7.1-16.11.5.1(noarch)0:1.7.1-20.11.9.1(noarch)0:1.7.1-16.11.9.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.12-1.50.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.12-59.1(i586|s390x|x86_64)0:2.2.34-70.12.1(x86_64)0:2.2.34-70.44.1(x86_64)0:2.2.34-70.47.1(x86_64)0:2.2.34-70.50.1(x86_64)0:2.2.34-70.53.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.8-0.4.9.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-0.31.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.1-0.2.18.1(x86_64)0:2.7.1-0.2.18.3.1(x86_64)0:0.7.0-135.23.3.1(x86_64)0:0.7.0-135.23.6.1(x86_64)0:0.7.0-135.23.9.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.0-3.15.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.0-3.17.2(x86_64)0:0.9.0-3.21.3.1(x86_64)0:0.6.23-35.6.2(x86_64)0:0.6.23-35.6.1(x86_64)0:0.6.23-35.9.2(x86_64)0:0.6.23-35.12.1(x86_64)0:0.6.23-35.15.1(x86_64)0:0.6.23-35.18.1(noarch)0:1.4-236.236.44.9.1(noarch)0:1.4-236.236.44.12.1(i586|ia64|ppc64|s390x|x86_64)0:3.2-147.22.1(ia64)0:3.2-147.22.1(i586|ia64|ppc64|s390x|x86_64)0:5.2-147.22.1(ppc64|s390x|x86_64)0:5.2-147.22.1(ia64)0:5.2-147.22.1(x86_64)0:3.2-147.28.1(x86_64)0:5.2-147.28.1(x86_64)0:3.2-147.35.1(x86_64)0:5.2-147.35.1(noarch)0:5.1-276.26.3.1(i586|ia64|ppc64|s390x|x86_64)0:9.9.6P1-0.12.1(ppc64|s390x|x86_64)0:9.9.6P1-0.12.1(ia64)0:9.9.6P1-0.12.1(i586|ia64|ppc64|s390x|x86_64)0:9.9.6P1-0.15.1(ppc64|s390x|x86_64)0:9.9.6P1-0.15.1(ia64)0:9.9.6P1-0.15.1(i586|ia64|ppc64|s390x|x86_64)0:9.9.6P1-0.19.1(ppc64|s390x|x86_64)0:9.9.6P1-0.19.1(ia64)0:9.9.6P1-0.19.1(i586|ia64|ppc64|s390x|x86_64)0:9.9.6P1-0.22.1(ppc64|s390x|x86_64)0:9.9.6P1-0.22.1(ia64)0:9.9.6P1-0.22.1(i586|s390x|x86_64)0:9.9.6P1-0.39.1(s390x|x86_64)0:9.9.6P1-0.39.1(i586|s390x|x86_64)0:9.9.6P1-0.44.1(s390x|x86_64)0:9.9.6P1-0.44.1(i586|s390x|x86_64)0:9.9.6P1-0.47.1(s390x|x86_64)0:9.9.6P1-0.47.1(i586|s390x|x86_64)0:9.9.6P1-0.50.1(s390x|x86_64)0:9.9.6P1-0.50.1(i586|s390x|x86_64)0:9.9.6P1-0.51.7.1(s390x|x86_64)0:9.9.6P1-0.51.7.1(x86_64)0:9.9.6P1-0.51.15.4(x86_64)0:9.9.6P1-0.51.20.1(x86_64)0:9.9.6P1-0.51.23.1(x86_64)0:9.9.6P1-0.51.26.1(x86_64)0:9.9.6P1-0.51.29.1(x86_64)0:9.9.6P1-0.51.32.1(x86_64)0:9.9.6P1-0.51.35.1(i586|ia64|ppc64|s390x|x86_64)0:2.23.1-0.23.15(x86_64)0:4.99-0.9.3.1(x86_64)0:4.99-0.9.6.1(x86_64)0:4.99-0.9.9.1(x86_64)0:4.99-0.9.14.1(x86_64)0:4.99-0.9.17.1(i586|ia64|ppc|ppc64|s390x|x86_64)0:2.6.7-0.11.2(x86_64)0:1.0.6-257.8.1(x86_64)0:1.0.6-257.11.1(i586|ia64|ppc64|s390x|x86_64)0:1.34b-12.54.2(i586|ia64|ppc64|s390x|x86_64)0:3.6.3-0.54.2(ppc64|s390x|x86_64)0:3.6.3-0.54.2(ia64)0:3.6.3-0.54.2(noarch)0:3.6.3-0.54.2(x86_64)0:5.1-0.13.1(x86_64)0:5.1-0.14.3.1(x86_64)0:5.1-0.14.6.1(i586|ia64|ppc64|s390x|x86_64)0:0.98.3-0.11.1(i586|s390x|x86_64)0:0.99.2-0.19.1(i586|s390x|x86_64)0:0.99.3-0.20.3.2(i586|s390x|x86_64)0:0.99.4-0.20.7.2(i586|s390x|x86_64)0:0.100.1-0.20.15.1(i586|s390x|x86_64)0:0.100.2-0.20.18.1(x86_64)0:0.103.6-0.20.47.1(x86_64)0:0.103.7-0.20.50.1(x86_64)0:0.103.8-0.20.53.1(x86_64)0:2.5.69.8-11.2(x86_64)0:2.1.12-14.2(x86_64)0:19.4-3.8.2(x86_64)0:19.4-3.12.1(i586|ia64|ppc64|s390x|x86_64)0:2.3.37-2.28.5(i586|ia64|ppc64|s390x|x86_64)0:2.4.26-0.28.5(ppc64|s390x|x86_64)0:2.4.26-0.28.5(ia64)0:2.4.26-0.28.5(i586|ia64|ppc64|s390x|x86_64)0:8.12-6.25.31.1(ia64)0:8.12-6.25.31.1(x86_64)0:8.12-6.25.33.3.1(x86_64)0:8.12-6.25.33.6.1(i586|ia64|ppc64|s390x|x86_64)0:2.9-75.78.1(x86_64)0:2013.10.2-0.3.6.1(i586|ia64|ppc64|s390x|x86_64)0:1.3.9-8.46.52.2(ppc64|s390x|x86_64)0:1.3.9-8.46.52.2(ia64)0:1.3.9-8.46.52.2(i586|ia64|ppc64|s390x|x86_64)0:7.19.7-1.38.1(ppc64|s390x|x86_64)0:7.19.7-1.38.1(ia64)0:7.19.7-1.38.1(i586|ia64|ppc64|s390x|x86_64)0:7.19.7-1.46.1(ppc64|s390x|x86_64)0:7.19.7-1.46.1(ia64)0:7.19.7-1.46.1(i586|s390x|x86_64)0:7.19.7-1.61.1(s390x|x86_64)0:7.19.7-1.61.1(i586|s390x|x86_64)0:7.37.0-70.27.1(s390x|x86_64)0:7.37.0-70.27.1(x86_64)0:7.37.0-70.77.1(x86_64)0:7.37.0-70.80.1(x86_64)0:7.37.0-70.83.1(x86_64)0:7.37.0-70.86.1(x86_64)0:7.37.0-70.89.1(x86_64)0:7.37.0-70.92.1(x86_64)0:7.37.0-70.97.1(x86_64)0:7.37.0-70.102.1(i586|ia64|ppc64|s390x|x86_64)0:7.19.7-1.40.1(ppc64|s390x|x86_64)0:7.19.7-1.40.1(ia64)0:7.19.7-1.40.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.10-3.31.1(ppc64|s390x|x86_64)0:1.2.10-3.31.1(ia64)0:1.2.10-3.31.1(x86_64)0:1.2.10-3.34.11.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.4.P2-0.24.1(i586|s390x|x86_64)0:4.2.4.P2-0.27.1(x86_64)0:4.2.4.P2-0.28.5.3(i586|s390x|x86_64)0:4.2.4.P2-0.28.8.1(x86_64)0:4.2.4.P2-0.28.12.1(x86_64)0:4.2.4.P2-0.28.15.1(i586|ia64|ppc64|s390x|x86_64)0:3.2.3-45.5.3(i586|ia64|ppc64|s390x|x86_64)0:2.71-0.11.1(x86_64)0:2.71-0.15.3(i586|s390x|x86_64)0:2.78-0.16.5.1(x86_64)0:2.78-0.16.8.1(x86_64)0:2.78-0.16.11.8(x86_64)0:2.78-0.16.14.1(x86_64)0:2.78-0.16.17.1(x86_64)0:2.78-0.16.20.1(x86_64)0:2.11-121.31.4.1(i586|ia64|ppc64|s390x|x86_64)0:1.41.9-2.10.11.1(i586|ia64|ppc64|s390x|x86_64)0:2.19.1-6.62.7(ppc64|s390x|x86_64)0:2.19.1-6.62.7(ia64)0:2.19.1-6.62.7(ppc64|s390x|x86_64)0:1.41.9-2.10.11.1(ia64)0:1.41.9-2.10.11.1(x86_64)0:1.41.9-2.11.5.1(i586|ia64|ppc64|s390x|x86_64)0:61-1.35.1(ppc64|s390x|x86_64)0:61-1.35.1(ia64)0:61-1.35.1(i586|ia64|ppc64|s390x|x86_64)0:0.152-4.9.17(ppc64|s390x|x86_64)0:0.152-4.9.17(ia64)0:0.152-4.9.17(x86_64)0:0.152-4.25.1(i586|ia64|ppc64|s390x|x86_64)0:22.3-4.42.1(i586|s390x|x86_64)0:22.3-42.3.1(x86_64)0:22.3-42.9.1(x86_64)0:22.3-42.12.1(i586|ia64|ppc64|s390x|x86_64)0:2.28.2-0.32.1(ppc64|s390x|x86_64)0:2.28.2-0.32.1(ia64)0:2.28.2-0.32.1(x86_64)0:2.28.2-0.32.3.109(x86_64)0:0.17.1-33.3.1(x86_64)0:0.17.1-33.6.1(x86_64)0:0.17.1-33.11.1(x86_64)0:2.0.1-88.42.25.1(x86_64)0:2.0.1-88.42.28.1(i586|ia64|ppc64|s390x|x86_64)0:4.24-43.27.1(ppc64|s390x|x86_64)0:4.24-43.27.1(ia64)0:4.24-43.27.1(x86_64)0:2.28.2-0.10.3.11(i586|ia64|ppc64|s390x|x86_64)0:17.0.7esr-0.8.1(i586|ia64|ppc64|s390x|x86_64)0:7-0.12.1(i586|ia64|ppc64|s390x|x86_64)0:17.0.10esr-0.7.4(i586|ia64|ppc64|s390x|x86_64)0:7-0.12.41(i586|ia64|ppc64|s390x|x86_64)0:24.3.0esr-0.8.1(i586|ia64|ppc64|s390x|x86_64)0:24-0.7.14(i586|ia64|ppc64|s390x|x86_64)0:3.15.4-0.7.1(ppc64|s390x|x86_64)0:3.15.4-0.7.1(ia64)0:3.15.4-0.7.1(i586|ia64|ppc64|s390x|x86_64)0:24.4.0esr-0.8.1(i586|ia64|ppc64|s390x|x86_64)0:24-0.7.23(i586|ia64|ppc64|s390x|x86_64)0:24.7.0esr-0.8.2(i586|ia64|ppc64|s390x|x86_64)0:3.16.2-0.8.1(ppc64|s390x|x86_64)0:3.16.2-0.8.1(ia64)0:3.16.2-0.8.1(i586|ia64|ppc64|s390x|x86_64)0:24.8.0esr-0.8.1(i586|ia64|ppc64|s390x|x86_64)0:3.16.4-0.8.1(ppc64|s390x|x86_64)0:3.16.4-0.8.1(ia64)0:3.16.4-0.8.1(i586|ia64|ppc64|s390x|x86_64)0:4.10.7-0.3.1(ppc64|s390x|x86_64)0:4.10.7-0.3.1(ia64)0:4.10.7-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:31.3.0esr-0.8.1(i586|ia64|ppc64|s390x|x86_64)0:31.4.0esr-0.8.7(i586|ia64|ppc64|s390x|x86_64)0:3.17.3-0.8.11(ppc64|s390x|x86_64)0:3.17.3-0.8.11(ia64)0:3.17.3-0.8.11(i586|ia64|ppc64|s390x|x86_64)0:31.5.3esr-0.8.1(i586|ia64|ppc64|s390x|x86_64)0:31.7.0esr-0.8.1(i586|ia64|ppc64|s390x|x86_64)0:4.10.9-11.1(ppc64|s390x|x86_64)0:4.10.9-11.1(ia64)0:4.10.9-11.1(i586|ia64|ppc64|s390x|x86_64)0:38.3.0esr-22.1(i586|ia64|ppc64|s390x|x86_64)0:38.4.0esr-25.6(i586|ia64|ppc64|s390x|x86_64)0:38-15.31(i586|ia64|ppc64|s390x|x86_64)0:3.19.2.1-19.3(ppc64|s390x|x86_64)0:3.19.2.1-19.3(ia64)0:3.19.2.1-19.3(i586|ia64|ppc64|s390x|x86_64)0:4.10.10-16.1(ppc64|s390x|x86_64)0:4.10.10-16.1(ia64)0:4.10.10-16.1(i586|s390x|x86_64)0:52.4.0esr-72.13.2(i586|s390x|x86_64)0:3.29.5-47.6.1(s390x|x86_64)0:3.29.5-47.6.1(x86_64)0:1.7.5-2.15.1(i586|ia64|ppc64|s390x|x86_64)0:24.2.0esr-0.7.1(i586|ia64|ppc64|s390x|x86_64)0:24-0.7.4(i586|ia64|ppc64|s390x|x86_64)0:3.15.3.1-0.7.1(ppc64|s390x|x86_64)0:3.15.3.1-0.7.1(ia64)0:3.15.3.1-0.7.1(i586|ia64|ppc64|s390x|x86_64)0:31.2.0esr-0.16.1(i586|ia64|ppc64|s390x|x86_64)0:31.0-0.10.1(i586|ia64|ppc64|s390x|x86_64)0:3.17.2-0.8.1(ppc64|s390x|x86_64)0:3.17.2-0.8.1(ia64)0:3.17.2-0.8.1(i586|ia64|ppc64|s390x|x86_64)0:4.10.7-0.3.3(ppc64|s390x|x86_64)0:4.10.7-0.3.3(ia64)0:4.10.7-0.3.3(i586|ia64|ppc64|s390x|x86_64)0:38.2.1esr-19.3(i586|ia64|ppc64|s390x|x86_64)0:31.0-0.12.51(i586|ia64|ppc64|s390x|x86_64)0:3.19.2.0-0.16.1(ppc64|s390x|x86_64)0:3.19.2.0-0.16.1(ia64)0:3.19.2.0-0.16.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.1-68.17.1(ppc64|s390x|x86_64)0:1.2.1-68.17.1(ia64)0:1.2.1-68.17.1(x86_64)0:2.6.0-10.19.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.2-269.39.1(i586|ia64|ppc64|s390x|x86_64)0:2.1.1-7.18.1(x86_64)0:2.1.1-7.25.9.1(x86_64)0:2.3.7-25.45.11.1(i586|ia64|ppc64|s390x|x86_64)0:2.3.7-25.34.1(ppc64|s390x|x86_64)0:2.3.7-25.34.1(ia64)0:2.3.7-25.34.1(i586|ia64|ppc64|s390x|x86_64)0:2.3.7-25.35.36.1(ppc64|s390x|x86_64)0:2.3.7-25.35.36.1(ia64)0:2.3.7-25.35.36.1(x86_64)0:0.10.9-59.3.1(i586|ia64|ppc64|s390x|x86_64)0:2.8.7-0.11.1(x86_64)0:2.8.7-0.11.3.1(i586|s390x|x86_64)0:4.3.4_20091019-37.3.1(s390x|x86_64)0:4.3.4_20091019-37.3.1(x86_64)0:4.3.4_20091019-37.3.1(i586|s390x|x86_64)0:4.3.4_20091019-37.9.1(s390x|x86_64)0:4.3.4_20091019-37.9.1(x86_64)0:4.3.4_20091019-37.9.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.36.RC1-52.20.1(x86_64)0:7.5.1-0.9.3.1(x86_64)0:7.5.1-0.9.6.1(i586|s390x|x86_64)0:8.62-32.46.1(i586|s390x|x86_64)0:4.2.7-32.46.1(i586|s390x|x86_64)0:8.62-32.47.13.1(i586|s390x|x86_64)0:4.2.7-32.47.13.1(x86_64)0:8.62-47.26.2(x86_64)0:4.2.7-47.26.2(x86_64)0:8.62-47.29.1(x86_64)0:4.2.7-47.29.1(i586|ia64|ppc64|s390x|x86_64)0:4.1.6-13.1(ppc64|s390x|x86_64)0:4.1.6-13.1(ia64)0:4.1.6-13.1(i586|i686|ia64|ppc64|s390x|x86_64)0:2.11.3-17.72.14(ppc64|s390x|x86_64)0:2.11.3-17.72.14(i586|ia64|ppc64|s390x|x86_64)0:2.11.3-17.72.14(ia64)0:2.11.3-17.72.14(i586|i686|ia64|ppc64|s390x|x86_64)0:2.11.3-17.87.3(ppc64|s390x|x86_64)0:2.11.3-17.87.3(i586|ia64|ppc64|s390x|x86_64)0:2.11.3-17.87.3(ia64)0:2.11.3-17.87.3(i586|i686|ia64|ppc64|s390x|x86_64)0:2.11.3-17.95.2(ppc64|s390x|x86_64)0:2.11.3-17.95.2(i586|ia64|ppc64|s390x|x86_64)0:2.11.3-17.95.2(ia64)0:2.11.3-17.95.2(x86_64)0:2.11.3-17.102.1(i586|i686|s390x|x86_64)0:2.11.3-17.109.1(s390x|x86_64)0:2.11.3-17.109.1(i586|s390x|x86_64)0:2.11.3-17.109.1(i586|i686|s390x|x86_64)0:2.11.3-17.110.3.1(s390x|x86_64)0:2.11.3-17.110.3.1(i586|s390x|x86_64)0:2.11.3-17.110.3.1(i586|i686|s390x|x86_64)0:2.11.3-17.110.6.2(s390x|x86_64)0:2.11.3-17.110.6.2(i586|s390x|x86_64)0:2.11.3-17.110.6.2(x86_64)0:2.11.3-17.110.9.2(i586|i686|s390x|x86_64)0:2.11.3-17.110.14.1(s390x|x86_64)0:2.11.3-17.110.14.1(i586|s390x|x86_64)0:2.11.3-17.110.14.1(i586|i686|s390x|x86_64)0:2.11.3-17.110.19.2(s390x|x86_64)0:2.11.3-17.110.19.2(i586|s390x|x86_64)0:2.11.3-17.110.19.2(i586|i686|s390x|x86_64)0:2.11.3-17.110.24.2(s390x|x86_64)0:2.11.3-17.110.24.2(i586|s390x|x86_64)0:2.11.3-17.110.24.2(x86_64)0:2.11.3-17.110.30.2(x86_64)0:2.11.3-17.110.33.1(x86_64)0:2.11.3-17.110.37.1(x86_64)0:2.11.3-17.110.40.1(x86_64)0:2.11.3-17.110.46.1(x86_64)0:2.11.3-17.110.49.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.1-24.39.51.1(ppc64|s390x|x86_64)0:2.4.1-24.39.51.1(ia64)0:2.4.1-24.39.51.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.1-24.39.57.1(ppc64|s390x|x86_64)0:2.4.1-24.39.57.1(ia64)0:2.4.1-24.39.57.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.1-24.39.60.1(ppc64|s390x|x86_64)0:2.4.1-24.39.60.1(ia64)0:2.4.1-24.39.60.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.9-25.33.39.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.9-25.33.41.2(i586|s390x|x86_64)0:2.0.9-25.33.42.3.1(x86_64)0:2.0.9-25.33.42.11.1(i586|ia64|ppc64|s390x|x86_64)0:1.1.6-25.32.1(x86_64)0:2.7-5.7.3.1(x86_64)0:2.00-0.49.2(x86_64)0:2.00-0.53.4.1(x86_64)0:2.00-0.53.7.1(x86_64)0:2.02-0.53.10.1(x86_64)0:2.02-0.53.15.3(x86_64)0:2.02-0.53.20.1(x86_64)0:2.02-0.53.22.1(x86_64)0:0.10.35-5.17.1(x86_64)0:0.10.35-5.18.5.1(x86_64)0:0.10.30-5.14.1(x86_64)0:0.10.30-5.15.3.1(i586|ia64|ppc64|s390x|x86_64)0:2.18.9-0.35.1(ppc64|s390x|x86_64)0:2.18.9-0.35.1(ia64)0:2.18.9-0.35.1(i586|ia64|ppc64|s390x|x86_64)0:2.18.9-0.39.1(ppc64|s390x|x86_64)0:2.18.9-0.39.1(ia64)0:2.18.9-0.39.1(x86_64)0:2.18.9-0.44.1(x86_64)0:2.18.9-0.45.3.1(x86_64)0:2.18.9-0.45.8.1(i586|x86_64)0:1.20.4-0.18.1(x86_64)0:1.3.12-69.23.3.1(i586|ia64|ppc64|x86_64)0:1.5.7-0.11.1(ppc64|x86_64)0:1.5.7-0.11.1(i586|ia64|ppc64|s390x|x86_64)0:4.0-7.28.1(ppc64|s390x|x86_64)0:4.0-7.28.1(ia64)0:4.0-7.28.1(x86_64)0:4.0-38.1(x86_64)0:4.0-47.9.1(noarch)0:1-0.81.3.2(i586|ia64|ppc64|s390x|x86_64)0:0.7.3-1.13.1(noarch)0:1.1.1-1.37.1(noarch)0:1.1.1-1.37.8.1(i586|ia64|ppc64|s390x|x86_64)0:1.900.1-134.17.1(ppc64|s390x|x86_64)0:1.900.1-134.17.1(ia64)0:1.900.1-134.17.1(x86_64)0:1.900.14-134.33.26.1(x86_64)0:1.900.14-134.33.29.1(i586|ppc64|s390x|x86_64)0:1.6.0_sr16.2-0.3.1(i586)0:1.6.0_sr16.2-0.3.1(i586|ppc64|s390x|x86_64)0:1.6.0_sr16.7-10.1(i586|s390x|x86_64)0:1.6.0_sr16.20-51.1(i586)0:1.6.0_sr16.20-51.1(i586|x86_64)0:1.6.0_sr16.20-51.1(i586|s390x|x86_64)0:1.6.0_sr16.45-84.1(i586)0:1.6.0_sr16.45-84.1(i586|x86_64)0:1.6.0_sr16.45-84.1(i586|s390x|x86_64)0:1.6.0_sr16.50-85.5.1(i586)0:1.6.0_sr16.50-85.5.1(i586|x86_64)0:1.6.0_sr16.50-85.5.1(i586|ppc64|s390x|x86_64)0:1.6.0_sr16.15-46.1(i586|ppc64|s390x|x86_64)0:1.7.0_sr8.0-0.5.1(i586|x86_64)0:1.7.0_sr8.0-0.5.1(i586|ppc64|s390x|x86_64)0:1.7.0_sr9.10-9.1(i586|ppc64|s390x|x86_64)0:1.7.0_sr9.20-42.1(x86_64)0:1.7.0_sr9.30-45.1(i586|s390x|x86_64)0:1.7.0_sr9.30-47.1(i586|x86_64)0:1.7.0_sr9.30-47.1(i586|s390x|x86_64)0:1.7.0_sr10.1-61.1(i586|x86_64)0:1.7.0_sr10.1-61.1(i586|s390x|x86_64)0:1.7.0_sr10.5-64.1(i586|x86_64)0:1.7.0_sr10.5-64.1(x86_64)0:1.7.0_sr10.10-65.5.1(i586|s390x|x86_64)0:1.7.0_sr10.15-65.8.1(i586|x86_64)0:1.7.0_sr10.15-65.8.1(i586|s390x|x86_64)0:1.7.0_sr10.20-65.13.1(i586|x86_64)0:1.7.0_sr10.20-65.13.1(i586|s390x|x86_64)0:1.7.0_sr10.25-65.25.1(i586|x86_64)0:1.7.0_sr10.25-65.25.1(i586|s390x|x86_64)0:1.7.0_sr10.30-65.28.1(i586|x86_64)0:1.7.0_sr10.30-65.28.1(i586|s390x|x86_64)0:1.7.0_sr10.35-65.31.1(i586|x86_64)0:1.7.0_sr10.35-65.31.1(x86_64)0:1.7.0_sr10.40-65.35.1(x86_64)0:1.7.0_sr10.45-65.39.1(x86_64)0:1.7.0_sr10.50-65.42.1(x86_64)0:1.7.0_sr10.55-65.45.1(x86_64)0:1.7.0_sr10.60-65.48.1(x86_64)0:1.7.0_sr10.65-65.51.1(x86_64)0:1.7.0_sr10.70-65.54.1(x86_64)0:1.7.0_sr10.75-65.57.1(x86_64)0:1.7.0_sr10.80-65.60.1(x86_64)0:1.7.0_sr11.5-65.66.1(x86_64)0:1.7.0_sr11.10-65.69.1(x86_64)0:1.7.0_sr11.15-65.72.1(x86_64)0:1.7.0_sr11.15-65.75.1(x86_64)0:1.7.0_sr11.0-65.63.1(i586|ia64|ppc64|s390x|x86_64)0:4.3.5-0.12.18.1(i586|ia64|ppc64|s390x|x86_64)0:4.3.5-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:4.3.5-0.12.20.1(i586|ia64|ppc64|s390x|x86_64)0:4.3.5-0.14.1(ppc64|s390x|x86_64)0:4.3.5-0.14.1(ia64)0:4.3.5-0.14.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.4-255.28.1(x86_64)0:3.0.101-0.47.55.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-0.40.1(s390x)0:3.0.101-0.40.1(i586|x86_64)0:3.0.101-0.40.1(i586)0:3.0.101-0.40.1(ppc64)0:3.0.101-0.40.1(i586|x86_64)0:4.2.4_04_3.0.101_0.40-0.7.3(i586)0:4.2.4_04_3.0.101_0.40-0.7.3(x86_64)0:3.0.101-0.47.86.1(i586|s390x|x86_64)0:3.0.101-0.47.86.1(s390x)0:3.0.101-0.47.86.1(i586|x86_64)0:3.0.101-0.47.86.1(i586)0:3.0.101-0.47.86.1(x86_64)0:3.0.101-0.47.93.1(i586|s390x|x86_64)0:3.0.101-0.47.93.1(s390x)0:3.0.101-0.47.93.1(i586|x86_64)0:3.0.101-0.47.93.1(i586)0:3.0.101-0.47.93.1(x86_64)0:3.0.101-0.47.99.1(i586|s390x|x86_64)0:3.0.101-0.47.99.1(s390x)0:3.0.101-0.47.99.1(i586|x86_64)0:3.0.101-0.47.99.1(i586)0:3.0.101-0.47.99.1(x86_64)0:3.0.101-0.47.102.1(i586|s390x|x86_64)0:3.0.101-0.47.102.1(s390x)0:3.0.101-0.47.102.1(i586|x86_64)0:3.0.101-0.47.102.1(i586)0:3.0.101-0.47.102.1(x86_64)0:3.0.101-0.47.105.1(i586|s390x|x86_64)0:3.0.101-0.47.105.1(s390x)0:3.0.101-0.47.105.1(i586|x86_64)0:3.0.101-0.47.105.1(i586)0:3.0.101-0.47.105.1(x86_64)0:3.0.101-0.47.106.8.1(i586|s390x|x86_64)0:3.0.101-0.47.106.8.1(s390x)0:3.0.101-0.47.106.8.1(i586|x86_64)0:3.0.101-0.47.106.8.1(i586)0:3.0.101-0.47.106.8.1(x86_64)0:3.0.101-0.47.106.50.1(i586|s390x|x86_64)0:3.0.101-0.47.106.50.1(s390x)0:3.0.101-0.47.106.50.1(i586|x86_64)0:3.0.101-0.47.106.50.1(i586)0:3.0.101-0.47.106.50.1(x86_64)0:3.0.101-0.53.TDC.1(x86_64)0:3.0.101-0.63.TDC.1(x86_64)0:3.0.101-0.47.67.2(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-0.47.67.2(s390x)0:3.0.101-0.47.67.2(i586|x86_64)0:3.0.101-0.47.67.2(i586)0:3.0.101-0.47.67.2(ppc64)0:3.0.101-0.47.67.2(x86_64)0:3.0.101-0.66.TDC.1(x86_64)0:3.0.101-0.69.TDC.1(x86_64)0:3.0.101-0.72.TDC.1(x86_64)0:3.0.101-0.77.TDC.1(x86_64)0:3.0.101-0.80.TDC.1(x86_64)0:3.0.101-0.47.79.1(i586|s390x|x86_64)0:3.0.101-0.47.79.1(s390x)0:3.0.101-0.47.79.1(i586|x86_64)0:3.0.101-0.47.79.1(i586)0:3.0.101-0.47.79.1(x86_64)0:3.0.101-0.83.TDC.1(x86_64)0:3.0.101-0.93.TDC.1(x86_64)0:3.0.101-0.96.TDC.1(x86_64)0:3.0.101-0.101.TDC.1(x86_64)0:3.0.101-0.104.TDC.1(x86_64)0:3.0.101-0.107.TDC.1(x86_64)0:3.0.101-0.113.TDC.1(x86_64)0:3.0.101-0.47.106.11.1(i586|s390x|x86_64)0:3.0.101-0.47.106.11.1(s390x)0:3.0.101-0.47.106.11.1(i586|x86_64)0:3.0.101-0.47.106.11.1(i586)0:3.0.101-0.47.106.11.1(x86_64)0:3.0.101-0.116.TDC.1(x86_64)0:3.0.101-0.119.TDC.1(x86_64)0:3.0.101-0.122.TDC.1(x86_64)0:3.0.101-0.125.TDC.1(x86_64)0:3.0.101-0.126.5.TDC.1(x86_64)0:3.0.101-0.132.TDC.1(x86_64)0:3.0.101-0.139.TDC.1(x86_64)0:3.0.101-0.142.TDC.1(x86_64)0:3.0.101-0.145.TDC.1(x86_64)0:3.0.101-0.150.TDC.1(s390x)0:3.0.101-0.47.106.14.1(x86_64)0:3.0.101-0.47.106.19.1(i586|s390x|x86_64)0:3.0.101-0.47.106.19.1(s390x)0:3.0.101-0.47.106.19.1(i586|x86_64)0:3.0.101-0.47.106.19.1(i586)0:3.0.101-0.47.106.19.1(x86_64)0:3.0.101-0.153.TDC.1(x86_64)0:3.0.101-0.156.TDC.1(x86_64)0:3.0.101-0.163.TDC.1(x86_64)0:3.0.101-0.166.TDC.1(x86_64)0:3.0.101-0.47.106.29.1(i586|s390x|x86_64)0:3.0.101-0.47.106.29.1(s390x)0:3.0.101-0.47.106.29.1(i586|x86_64)0:3.0.101-0.47.106.29.1(i586)0:3.0.101-0.47.106.29.1(x86_64)0:3.0.101-0.169.TDC.1(x86_64)0:3.0.101-0.174.TDC.1(x86_64)0:3.0.101-0.181.TDC.1(x86_64)0:3.0.101-0.47.106.43.1(i586|s390x|x86_64)0:3.0.101-0.47.106.43.1(s390x)0:3.0.101-0.47.106.43.1(i586|x86_64)0:3.0.101-0.47.106.43.1(i586)0:3.0.101-0.47.106.43.1(x86_64)0:3.0.101-0.184.TDC.1(x86_64)0:3.0.101-0.190.TDC.1(x86_64)0:3.0.101-0.47.106.59.1(i586|s390x|x86_64)0:3.0.101-0.47.106.59.1(s390x)0:3.0.101-0.47.106.59.1(i586|x86_64)0:3.0.101-0.47.106.59.1(i586)0:3.0.101-0.47.106.59.1(x86_64)0:3.0.101-0.195.TDC.1(x86_64)0:1.4.20_3.0.101_0.35-0.38.63(x86_64)0:3.0.101-0.35.1(x86_64)0:1.5.4.1_3.0.101_0.35-0.13.69(x86_64)0:2.0.5_3.0.101_0.35-7.39.71(x86_64)0:1.4.20_3.0.101_0.40-0.38.83(x86_64)0:3.0.101-0.40.1(x86_64)0:1.5.4.1_3.0.101_0.40-0.13.89(x86_64)0:2.0.5_3.0.101_0.40-7.39.89(x86_64)0:3.0.101-0.47.106.35.1(i586|s390x|x86_64)0:3.0.101-0.47.106.35.1(s390x)0:3.0.101-0.47.106.35.1(i586|x86_64)0:3.0.101-0.47.106.35.1(i586)0:3.0.101-0.47.106.35.1(x86_64)0:3.0.101-0.47.71.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-0.47.71.1(s390x)0:3.0.101-0.47.71.1(i586|x86_64)0:3.0.101-0.47.71.1(i586)0:3.0.101-0.47.71.1(ppc64)0:3.0.101-0.47.71.1(x86_64)0:3.0.101-0.47.90.1(i586|s390x|x86_64)0:3.0.101-0.47.90.1(s390x)0:3.0.101-0.47.90.1(i586|x86_64)0:3.0.101-0.47.90.1(i586)0:3.0.101-0.47.90.1(x86_64)0:3.0.101-0.47.106.5.1(i586|s390x|x86_64)0:3.0.101-0.47.106.5.1(s390x)0:3.0.101-0.47.106.5.1(i586|x86_64)0:3.0.101-0.47.106.5.1(i586)0:3.0.101-0.47.106.5.1(x86_64)0:3.0.101-0.47.106.56.1(i586|s390x|x86_64)0:3.0.101-0.47.106.56.1(s390x)0:3.0.101-0.47.106.56.1(i586|x86_64)0:3.0.101-0.47.106.56.1(i586)0:3.0.101-0.47.106.56.1(x86_64)0:3.0.101-0.200.TDC.1(x86_64)0:4.2.5_21-47.34.1(x86_64)0:4.2.5_21_3.0.101_0.200.TDC-47.34.1(x86_64)0:3.0.101-0.207.TDC.1(x86_64)0:3.0.101-0.210.TDC.1(x86_64)0:3.0.101-0.213.TDC.1(x86_64)0:3.0.101-0.216.TDC.1(x86_64)0:3.0.101-0.219.TDC.1(x86_64)0:3.0.101-0.222.TDC.1(x86_64)0:3.0.101-0.230.TDC.1(x86_64)0:3.0.101-0.235.TDC.1(x86_64)0:3.0.101-0.238.TDC.1(x86_64)0:3.0.101-0.241.TDC.1(x86_64)0:3.0.101-0.244.TDC.1(x86_64)0:3.0.101-0.247.TDC.1(x86_64)0:1.4.20-0.40.2.1(x86_64)0:1.4.20_3.0.101_0.250.TDC-0.40.2.1(x86_64)0:3.0.101-0.250.TDC.3(x86_64)0:3.0.101-0.253.TDC.1(x86_64)0:3.0.101-0.258.TDC.1(x86_64)0:3.0.101-0.261.TDC.1(x86_64)0:3.0.101-0.266.TDC.1(x86_64)0:3.0.101-0.269.TDC.1(x86_64)0:3.0.101-0.47.106.22.1(i586|s390x|x86_64)0:3.0.101-0.47.106.22.1(s390x)0:3.0.101-0.47.106.22.1(i586|x86_64)0:3.0.101-0.47.106.22.1(i586)0:3.0.101-0.47.106.22.1(x86_64)0:3.0.101-0.187.TDC.1(i586|ia64|ppc64|s390x|x86_64)0:1.6.3-133.49.62.1(ppc64|s390x|x86_64)0:1.6.3-133.49.62.1(ia64)0:1.6.3-133.49.62.1(i586|ia64|ppc64|s390x|x86_64)0:1.6.3-133.49.97.1(ppc64|s390x|x86_64)0:1.6.3-133.49.97.1(i586|ia64|ppc64|s390x|x86_64)0:1.6.3-133.49.97.3(ia64)0:1.6.3-133.49.97.1(i586|ia64|ppc64|s390x|x86_64)0:1.6.3-133.49.103.1(ppc64|s390x|x86_64)0:1.6.3-133.49.103.1(ia64)0:1.6.3-133.49.103.1(x86_64)0:1.8.6-133.49.125.22.1(noarch)0:1.8.6-133.49.125.22.1(i586|ia64|ppc64|s390x|x86_64)0:1.6.3-133.49.64.1(ppc64|s390x|x86_64)0:1.6.3-133.49.64.1(ia64)0:1.6.3-133.49.64.1(i586|ia64|ppc64|s390x|x86_64)0:1.6.3-133.49.66.1(ppc64|s390x|x86_64)0:1.6.3-133.49.66.1(ia64)0:1.6.3-133.49.66.1(i586|ia64|ppc64|s390x|x86_64)0:1.6.3-133.49.68.1(ppc64|s390x|x86_64)0:1.6.3-133.49.68.1(ia64)0:1.6.3-133.49.68.1(i586|s390x|x86_64)0:1.4.2-0.17.1(i586|s390x|x86_64)0:1.4.2-0.22.34.3(i586|s390x|x86_64)0:1.4.2-37.1(i586|s390x|x86_64)0:1.4.2-46.1(x86_64)0:1.4.2-49.1(x86_64)0:1.4.2-52.1(i586|s390x|x86_64)0:1.4.2-53.11.1(i586|s390x|x86_64)0:1.4.2-53.14.1(i586|s390x|x86_64)0:1.4.2-53.17.1(i586|s390x|x86_64)0:1.4.2-53.20.1(i586|s390x|x86_64)0:1.4.2-53.23.2(i586|s390x|x86_64)0:1.4.2-53.26.2(x86_64)0:1.4.2-53.29.1(x86_64)0:1.4.2-53.32.1(x86_64)0:1.4.2-53.35.1(x86_64)0:1.4.2-53.38.1(x86_64)0:1.4.2-53.41.1(x86_64)0:1.4.2-53.44.1(i586|s390x|x86_64)0:1.4.2-0.21.4(i586|ia64|ppc64|s390x|x86_64)0:1.0.5.9-0.19.3(ppc64|s390x|x86_64)0:1.0.5.9-0.19.3(i586|ia64|ppc64|s390x|x86_64)0:4.6.3-5.29.2(ppc64|s390x|x86_64)0:4.6.3-5.29.2(ia64)0:4.6.3-5.29.2(x86_64)0:1.3.4-12.22.23.6.1(i586|ia64|ppc64|s390x|x86_64)0:2.19.1-6.54.1(ppc64|s390x|x86_64)0:2.19.1-6.54.1(ia64)0:2.19.1-6.54.1(x86_64)0:0.6.3-1.9.6(x86_64)0:1.7.4-7.9.1(x86_64)0:1.7.4-7.10.3.1(i586|ia64|ppc64|s390x|x86_64)0:9.1.12-0.3.1(ppc64|s390x|x86_64)0:9.1.12-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:1.4.5-24.24.1(x86_64)0:0.6.17-2.14.10.1(i586|ia64|ppc64|s390x|x86_64)0:3.16.5-0.7.1(ppc64|s390x|x86_64)0:3.16.5-0.7.1(ia64)0:3.16.5-0.7.1(i586|ia64|ppc64|s390x|x86_64)0:1.5.0-0.19.1(ppc64|s390x|x86_64)0:1.5.0-0.19.1(ia64)0:1.5.0-0.19.1(x86_64)0:1.5.0-0.22.1(x86_64)0:1.5.0-0.25.1(x86_64)0:1.5.0-0.26.3.1(x86_64)0:1.5.0-0.26.6.1(i586|ia64|ppc64|s390x|x86_64)0:1.5.0-0.17.1(ppc64|s390x|x86_64)0:1.5.0-0.17.1(ia64)0:1.5.0-0.17.1(x86_64)0:0.43-1.10.6.1(i586|ia64|ppc64|s390x|x86_64)0:1.900.1-134.13.1(ppc64|s390x|x86_64)0:1.900.1-134.13.1(ia64)0:1.900.1-134.13.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.4-1.18.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.4-1.20.1(x86_64)0:1.0.4-1.26.3.1(x86_64)0:1.0.4-1.26.6.1(i586|ia64|ppc64|s390x|x86_64)0:2.03-12.3.1(ppc64|s390x|x86_64)0:2.03-12.3.1(ia64)0:2.03-12.3.1(i586|ia64|ppc64|s390x|x86_64)0:2.3.2-3.118.1(ppc64|s390x|x86_64)0:2.3.2-3.118.1(ia64)0:2.3.2-3.118.1(i586|ia64|ppc64|s390x|x86_64)0:0.0.20060920alpha-74.5.1(i586|ia64|ppc64|s390x|x86_64)0:0.0.20060920alpha-74.10.1(i586|ia64|ppc64|s390x|x86_64)0:5.5.39-0.7.1(ppc64|s390x|x86_64)0:5.5.39-0.7.1(ia64)0:5.5.39-0.7.1(i586|ia64|ppc64|s390x|x86_64)0:5.0.96-0.6.13(ppc64|s390x|x86_64)0:5.0.96-0.6.13(ia64)0:5.0.96-0.6.13(i586|ia64|ppc64|s390x|x86_64)0:0.9.8j-0.66.1(ppc64|s390x|x86_64)0:0.9.8j-0.66.1(ia64)0:0.9.8j-0.66.1(i586|ia64|ppc64|s390x|x86_64)0:0.24.4-0.15.1(ppc64|s390x|x86_64)0:0.24.4-0.15.1(ia64)0:0.24.4-0.15.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.31-5.33.1(ppc64|s390x|x86_64)0:1.2.31-5.33.1(ia64)0:1.2.31-5.33.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.31-5.35.1(ppc64|s390x|x86_64)0:1.2.31-5.35.1(ia64)0:1.2.31-5.35.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.31-5.38.1(ppc64|s390x|x86_64)0:1.2.31-5.38.1(ia64)0:1.2.31-5.38.1(i586|ia64|ppc64|s390x|x86_64)0:0.12.3-1.10.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.23-0.15.1(ppc64|s390x|x86_64)0:0.9.23-0.15.1(ia64)0:0.9.23-0.15.1(x86_64)0:4.6.3-5.42.3.1(x86_64)0:4.6.3-5.42.6.2(i586|ia64|ppc64|s390x|x86_64)0:4.6.3-5.32.1(ppc64|s390x|x86_64)0:4.6.3-5.32.1(ia64)0:4.6.3-5.32.1(i586|ia64|ppc64|s390x|x86_64)0:4.6.3-5.34.2(ppc64|s390x|x86_64)0:4.6.3-5.34.2(ia64)0:4.6.3-5.34.2(i586|ia64|ppc64|s390x|x86_64)0:2.26.0-2.5.1(ppc64|s390x|x86_64)0:2.26.0-2.5.1(ia64)0:2.26.0-2.5.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.20-2.6.5(ppc64|s390x|x86_64)0:1.0.20-2.6.5(ia64)0:1.0.20-2.6.5(i586|ia64|ppc64|s390x|x86_64)0:1.0.20-2.10.2(ppc64|s390x|x86_64)0:1.0.20-2.10.2(ia64)0:1.0.20-2.10.2(i586|ia64|ppc64|s390x|x86_64)0:5.4.2.1-8.12.22.1(ppc64|s390x|x86_64)0:5.4.2.1-8.12.22.1(ia64)0:5.4.2.1-8.12.22.1(x86_64)0:2.32.2-4.16.3.37(i586|ia64|ppc64|s390x|x86_64)0:1.2.9-4.2.4.1(i586|ia64|ppc64|s390x|x86_64)0:1.5-1.28.1(ppc64|s390x|x86_64)0:1.5-1.28.1(ia64)0:1.5-1.28.1(x86_64)0:1.5-1.35.8.1(i586|s390x|x86_64)0:0.2.1-1.12.3(i586|s390x|x86_64)0:0.1.6+git20080930-6.27.2(i586|ia64|ppc64|s390x|x86_64)0:1.0.5.9-0.9.1(ppc64|s390x|x86_64)0:1.0.5.9-0.9.1(i586|s390x|x86_64)0:1.0.5.9-21.5.1(s390x|x86_64)0:1.0.5.9-21.5.1(i586|s390x|x86_64)0:1.0.5.9-21.9.1(s390x|x86_64)0:1.0.5.9-21.9.1(x86_64)0:1.0.5.9-21.12.2(x86_64)0:1.0.5.9-21.15.1(x86_64)0:1.0.5.9-21.20.1(x86_64)0:1.0.5.9-21.23.1(x86_64)0:1.0.5.9-21.26.2(i586|ia64|ppc64|s390x|x86_64)0:0.9.1-156.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.3-0.8.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.31.1(ppc64|s390x|x86_64)0:2.7.6-0.31.1(ia64)0:2.7.6-0.31.1(i586|s390x|x86_64)0:2.7.6-0.69.1(s390x|x86_64)0:2.7.6-0.69.1(i586|s390x|x86_64)0:2.7.6-0.69.3(x86_64)0:2.7.6-0.77.46.1(x86_64)0:2.7.6-0.77.49.1(x86_64)0:2.7.6-0.77.52.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.34.1(ppc64|s390x|x86_64)0:2.7.6-0.34.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.34.4(ia64)0:2.7.6-0.34.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.37.1(ppc64|s390x|x86_64)0:2.7.6-0.37.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.37.4(ia64)0:2.7.6-0.37.1(x86_64)0:1.1.24-19.34.11.1(x86_64)0:1.0.11-6.7.3.1(i586|ia64|ppc64|s390x|x86_64)0:9.37.1-0.7.1(x86_64)0:3.0.101-0.47.96.1(i586|s390x|x86_64)0:3.0.101-0.47.96.1(s390x)0:3.0.101-0.47.96.1(i586|x86_64)0:3.0.101-0.47.96.1(i586)0:3.0.101-0.47.96.1(x86_64)0:0.9.45-0.13.3.1(noarch)0:1.2.10-3.3.1(x86_64)0:3.7.7-10.30.13.1(x86_64)0:5.1.4-3.3.1(i586|ia64|ppc64|s390x|x86_64)0:0.8.0-0.21.6(i586|ia64|ppc64|s390x|x86_64)0:0.8.0-0.25.1(i586|s390x|x86_64)0:2.1.15-9.6.6.1(x86_64)0:2.1.15-9.6.29.1(i586|ia64|ppc64|s390x|x86_64)0:12.5-1.5.1(i586|s390x|x86_64)0:45.5.1esr-59.1(i586|s390x|x86_64)0:3.21.3-39.1(s390x|x86_64)0:3.21.3-39.1(i586|x86_64)0:1.17-102.83.9.1(i586|x86_64)0:1.17-102.83.15.1(x86_64)0:1.17-102.83.21.1(i586|x86_64)0:1.17-102.83.24.1(i586|x86_64)0:1.17-102.83.27.1(x86_64)0:1.17-102.83.36.1(x86_64)0:1.17-102.83.41.1(x86_64)0:1.17-102.83.47.1(x86_64)0:1.17-102.83.50.1(x86_64)0:1.17-102.83.53.1(x86_64)0:1.17-102.83.59.1(x86_64)0:1.17-102.83.62.1(x86_64)0:1.17-102.83.71.1(x86_64)0:1.17-102.83.75.2(x86_64)0:1.17-102.83.78.1(x86_64)0:0.1.0-0.23.3.1(ia64|ppc64|s390x|x86_64)0:2.6.7-0.16.1(i586|s390x|x86_64)0:2.6.7-0.18.1(i586|ia64|ppc64|s390x|x86_64)0:38.6.0esr-31.3(i586|ia64|ppc64|s390x|x86_64)0:38-18.24(i586|ia64|ppc64|s390x|x86_64)0:3.20.2-25.2(s390x|x86_64)0:3.20.2-25.2(ia64)0:3.20.2-25.2(i586|ia64|ppc64|s390x|x86_64)0:4.10.8-0.8.1(ppc64|s390x|x86_64)0:4.10.8-0.8.1(ia64)0:4.10.8-0.8.1(x86_64)0:3.79-47.31.1(x86_64)0:4.34-33.9.1(i586|ia64|ppc64|s390x|x86_64)0:3.19.2.2-22.1(ppc64|s390x|x86_64)0:3.19.2.2-22.1(ia64)0:3.19.2.2-22.1(x86_64)0:3.68.1-47.19.1(x86_64)0:3.68.3-47.25.1(x86_64)0:3.68.4-47.28.1(x86_64)0:102.7.0-72.58.1(x86_64)0:3.79.3-47.45.2(x86_64)0:102.8.0-72.63.1(x86_64)0:3.79.4-47.48.1(i586|ia64|ppc64|s390x|x86_64)0:3.15.2-0.8.1(ppc64|s390x|x86_64)0:3.15.2-0.8.1(ia64)0:3.15.2-0.8.1(x86_64)0:3.68-47.16.1(x86_64)0:4.32-33.6.1(i586|ia64|ppc64|s390x|x86_64)0:1.5.17-42.37.1(i586|s390x|x86_64)0:1.5.17-42.43.1(i586|ia64|ppc64|s390x|x86_64)0:5.5.45-0.11.1(ppc64|s390x|x86_64)0:5.5.45-0.11.1(ia64)0:5.5.45-0.11.1(i586|ia64|ppc64|s390x|x86_64)0:5.5.46-0.14.1(ppc64|s390x|x86_64)0:5.5.46-0.14.1(ia64)0:5.5.46-0.14.1(i586|ia64|ppc64|s390x|x86_64)0:5.5.47-0.17.1(ppc64|s390x|x86_64)0:5.5.47-0.17.1(ia64)0:5.5.47-0.17.1(x86_64)0:5.5.49-0.20.1(i586|s390x|x86_64)0:5.5.52-0.27.1(s390x|x86_64)0:5.5.52-0.27.1(x86_64)0:5.5.53-0.30.1(i586|s390x|x86_64)0:5.5.54-0.35.1(s390x|x86_64)0:5.5.54-0.35.1(x86_64)0:5.5.55-0.38.1(x86_64)0:5.5.57-0.39.3.1(i586|s390x|x86_64)0:5.5.58-0.39.6.1(s390x|x86_64)0:5.5.58-0.39.6.1(x86_64)0:5.5.59-0.39.9.8(x86_64)0:5.5.60-0.39.12.1(x86_64)0:5.5.61-0.39.15.1(i586|s390x|x86_64)0:5.5.62-0.39.18.1(s390x|x86_64)0:5.5.62-0.39.18.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.6-1.25.36.1(x86_64)0:3.0.6-1.25.36.6.2(i586|ia64|ppc64|s390x|x86_64)0:2.12-24.4.10.1(i586|ia64|ppc64|s390x|x86_64)0:1.4.16-0.13.1(x86_64)0:5.6-93.29.1(i586|ia64|ppc64|s390x|x86_64)0:5.4.2.1-8.12.24.1(ppc64|s390x|x86_64)0:5.4.2.1-8.12.24.1(ia64)0:5.4.2.1-8.12.24.1(x86_64)0:5.4.2.1-8.12.32.8.1(i586|ia64|ppc64|s390x|x86_64)0:3.15.3-0.8.1(ppc64|s390x|x86_64)0:3.15.3-0.8.1(ia64)0:3.15.3-0.8.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.4p8-1.26.1(i586|s390x|x86_64)0:4.2.8p12-48.21.1(x86_64)0:2.0.873-0.41.4.1(i586|ia64|ppc64|s390x|x86_64)0:2.3.37-2.35.1(x86_64)0:2.3.37-2.74.6.1(x86_64)0:2.4.26-0.74.6.1(x86_64)0:2.3.37-2.74.9.1(x86_64)0:2.4.26-0.74.9.1(x86_64)0:2.3.37-2.74.13.1(x86_64)0:2.4.26-0.74.13.1(x86_64)0:2.3.37-2.74.16.1(x86_64)0:2.4.26-0.74.16.1(x86_64)0:2.3.37-2.74.19.1(x86_64)0:2.4.26-0.74.19.1(x86_64)0:2.3.37-2.74.26.1(x86_64)0:2.4.26-0.74.26.1(x86_64)0:2.3.37-2.74.29.1(x86_64)0:2.4.26-0.74.29.1(i586|ia64|ppc64|s390x|x86_64)0:2.3.37-2.30.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.26-0.30.1(ppc64|s390x|x86_64)0:2.4.26-0.30.1(ia64)0:2.4.26-0.30.1(i586|ia64|ppc64|s390x|x86_64)0:2.3.37-2.62.2(i586|ia64|ppc64|s390x|x86_64)0:2.4.26-0.62.2(ppc64|s390x|x86_64)0:2.4.26-0.62.2(ia64)0:2.4.26-0.62.2(i586|ia64|ppc64|s390x|x86_64)0:1.2.0-172.24.1(ppc64|s390x|x86_64)0:1.2.0-172.24.1(ia64)0:1.2.0-172.24.1(i586|s390x|x86_64)0:1.2.0-172.27.3.1(s390x|x86_64)0:1.2.0-172.27.3.1(i586|ia64|ppc64|s390x|x86_64)0:6.2p2-0.13.1(i586|ia64|ppc64|s390x|x86_64)0:6.2p2-0.21.1(i586|ia64|ppc64|s390x|x86_64)0:6.2p2-0.21.3(i586|s390x|x86_64)0:6.2p2-0.33.2(i586|s390x|x86_64)0:6.2p2-0.33.5(i586|s390x|x86_64)0:6.2p2-0.40.1(i586|s390x|x86_64)0:6.2p2-0.40.3(i586|s390x|x86_64)0:6.2p2-0.41.5.1(x86_64)0:6.6p1-41.13.1(x86_64)0:6.6p1-41.18.1(x86_64)0:6.6p1-41.28.1(i586|ia64|ppc64|s390x|x86_64)0:6.2p2-0.24.1(i586|ia64|ppc64|s390x|x86_64)0:6.2p2-0.24.3(x86_64)0:6.6p1-15.1(x86_64)0:6.6p1-18.1(x86_64)0:6.6p1-19.3.1(x86_64)0:6.6p1-19.6.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.8j-0.74.1(ppc64|s390x|x86_64)0:0.9.8j-0.74.1(ia64)0:0.9.8j-0.74.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.8j-0.80.1(ppc64|s390x|x86_64)0:0.9.8j-0.80.1(ia64)0:0.9.8j-0.80.1(i586|s390x|x86_64)0:0.9.8j-0.105.1(s390x|x86_64)0:0.9.8j-0.105.1(i586|s390x|x86_64)0:0.9.8j-0.106.12.1(s390x|x86_64)0:0.9.8j-0.106.12.1(i586|s390x|x86_64)0:0.9.8j-0.106.18.1(s390x|x86_64)0:0.9.8j-0.106.18.1(x86_64)0:0.9.8j-0.106.51.1(x86_64)0:0.9.8j-0.106.54.1(x86_64)0:1.0.1g-0.58.50.1(x86_64)0:0.9.8j-0.106.57.1(x86_64)0:1.0.1g-0.58.47.1(x86_64)0:1.0.1g-0.58.53.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.9-143.40.5(i586|s390x|x86_64)0:2.0.9-143.46.1(i586|s390x|x86_64)0:2.0.9-143.47.3.1(x86_64)0:2.0.9-143.47.6.1(x86_64)0:2.3.2-0.9.1(x86_64)0:2.3.2-0.10.3.1(x86_64)0:2.3.2-0.10.6.1(x86_64)0:2.3.2-0.10.9.1(x86_64)0:2.3.2-0.10.12.1(i586|ia64|ppc64|s390x|x86_64)0:2.28.3-0.5.10(i586|x86_64)0:9.20.1-4.4.1(i586|ia64|ppc64|s390x|x86_64)0:1.1.5-0.12.1(ppc64|s390x|x86_64)0:1.1.5-0.12.1(ia64)0:1.1.5-0.12.1(x86_64)0:1.1.5-0.12.3.1(x86_64)0:1.3.16-180.3.1(i586|s390x|x86_64)0:2.5.9-252.22.7.1(i586|ia64|ppc64|s390x|x86_64)0:5.10.0-64.70.1(ppc64|s390x|x86_64)0:5.10.0-64.70.1(i586|ia64|ppc64|s390x|x86_64)0:0.2808.01-0.70.1(i586|ia64|ppc64|s390x|x86_64)0:0.72-0.70.1(ia64)0:5.10.0-64.70.1(x86_64)0:5.10.0-64.80.1(x86_64)0:0.2808.01-0.80.1(x86_64)0:0.72-0.80.1(x86_64)0:5.10.0-64.81.3.1(x86_64)0:0.2808.01-0.81.3.1(x86_64)0:0.72-0.81.3.1(x86_64)0:5.10.0-64.81.10.1(x86_64)0:0.2808.01-0.81.10.1(x86_64)0:0.72-0.81.10.1(i586|s390x|x86_64)0:5.10.0-64.81.13.1(s390x|x86_64)0:5.10.0-64.81.13.1(i586|s390x|x86_64)0:0.2808.01-0.81.13.1(i586|s390x|x86_64)0:0.72-0.81.13.1(x86_64)0:5.10.0-64.81.16.1(x86_64)0:0.2808.01-0.81.16.1(x86_64)0:0.72-0.81.16.1(i586|s390x|x86_64)0:1.66-3.3.1(x86_64)0:2013.1.7-0.6.5.1(x86_64)0:2013.1.7-0.6.12.1(x86_64)0:2013.1.7-0.6.15.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-45.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-48.1(x86_64)0:5.3.17-59.1(x86_64)0:5.3.17-62.1(i586|s390x|x86_64)0:5.3.17-71.1(x86_64)0:5.3.17-74.1(x86_64)0:5.3.17-79.2(i586|s390x|x86_64)0:5.3.17-84.1(x86_64)0:5.3.17-87.1(x86_64)0:5.3.17-94.1(i586|s390x|x86_64)0:5.3.17-101.1(x86_64)0:5.3.17-108.1(x86_64)0:5.3.17-111.2(x86_64)0:5.3.17-112.5.1(x86_64)0:5.3.17-112.10.1(i586|s390x|x86_64)0:5.3.17-112.20.1(i586|s390x|x86_64)0:5.3.17-112.23.1(x86_64)0:5.3.17-112.28.1(x86_64)0:5.3.17-112.38.1(x86_64)0:5.3.17-112.41.1(x86_64)0:5.3.17-112.45.1(x86_64)0:5.3.17-112.53.1(x86_64)0:5.3.17-112.58.1(x86_64)0:5.3.17-112.63.3(x86_64)0:5.3.17-112.66.2(x86_64)0:5.3.17-112.71.1(x86_64)0:5.3.17-112.74.1(x86_64)0:5.3.17-112.79.1(x86_64)0:5.3.17-112.82.1(x86_64)0:5.3.17-112.87.1(x86_64)0:5.3.17-112.90.1(x86_64)0:5.3.17-112.93.1(x86_64)0:5.3.17-112.96.1(x86_64)0:5.3.17-112.99.2(x86_64)0:5.3.17-112.102.2(x86_64)0:5.3.17-112.105.1(x86_64)0:5.3.17-112.108.1(x86_64)0:5.3.17-112.111.1(x86_64)0:5.3.17-112.114.1(x86_64)0:5.3.17-112.117.1(x86_64)0:5.3.17-112.120.1(x86_64)0:5.3.17-112.123.1(x86_64)0:5.3.17-112.126.1(x86_64)0:0.24.4-0.15.3.8(x86_64)0:0.24.4-0.15.6.1(x86_64)0:0.12.3-1.13.10.1(x86_64)0:0.12.3-1.13.13.1(i586|ia64|ppc64|s390x|x86_64)0:1.7-37.60.2(ppc64|s390x|x86_64)0:1.7-37.60.2(ia64)0:1.7-37.60.2(i586|ia64|ppc64|s390x|x86_64)0:4.4.2.3-37.60.2(ppc64|s390x|x86_64)0:4.4.2.3-37.60.2(ia64)0:4.4.2.3-37.60.2(i586|ia64|ppc64|s390x|x86_64)0:9.4.5-0.8.3(ppc64|s390x|x86_64)0:9.4.5-0.8.3(noarch)0:9.1-0.2.16.1(noarch)0:9.1-0.2.19.2(x86_64)0:10.21-0.2.42.2(x86_64)0:10.22-0.2.46.2(i586|ia64|ppc64|s390x|x86_64)0:9.1.15-0.3.1(ppc64|s390x|x86_64)0:9.1.15-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:9.1.18-0.3.1(i586|ia64|ppc64|s390x|x86_64)0:9.1.19-0.5.1(i586|s390x|x86_64)0:9.4.13-0.23.5.1(s390x|x86_64)0:9.4.13-0.23.5.1(ppc64)0:1.2.16-0.13.1(ppc64)0:2.6.1-0.14.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.5.git-2.29.1(i586|ia64|ppc64|s390x|x86_64)0:3.22-240.8.1(x86_64)0:3.2.7-152.31.1(i586|ia64|ppc64|s390x|x86_64)0:2.6.18-0.16.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.22-3.21.1(x86_64)0:1.0.43-30.8.1(x86_64)0:1.0.43-30.11.1(i586|s390x|x86_64)0:2.6.9-40.15.1(s390x|x86_64)0:2.6.9-40.15.1(x86_64)0:2.6.9-40.65.1(noarch)0:2.6-8.40.65.1(x86_64)0:2.6.9-40.68.1(noarch)0:2.6-8.40.68.1(x86_64)0:2.6.9-40.71.1(noarch)0:2.6-8.40.71.1(x86_64)0:2.6.9-40.74.1(noarch)0:2.6-8.40.74.1(x86_64)0:2.6.9-40.77.1(noarch)0:2.6-8.40.77.1(i586|ia64|ppc64|s390x|x86_64)0:2.6.9-0.33.1(ppc64|s390x|x86_64)0:2.6.9-0.33.1(ia64)0:2.6.9-0.33.1(i586|ia64|ppc64|s390x|x86_64)0:2.6.9-0.25.1(ppc64|s390x|x86_64)0:2.6.9-0.25.1(ia64)0:2.6.9-0.25.1(i586|ia64|ppc64|s390x|x86_64)0:2.6.9-0.27.1(ppc64|s390x|x86_64)0:2.6.9-0.27.1(ia64)0:2.6.9-0.27.1(i586|ia64|ppc64|s390x|x86_64)0:2.6.9-0.31.1(ppc64|s390x|x86_64)0:2.6.9-0.31.1(ia64)0:2.6.9-0.31.1(x86_64)0:2.6-2.19.5.1(x86_64)0:3.10-0.15.5.1(x86_64)0:0.19.0-14.3.1(i586|ia64|ppc64|s390x|x86_64)0:1.1.6-168.34.1(i586|ia64|ppc64|s390x|x86_64)0:2.3.6-0.13.1(x86_64)0:2.3.6-0.13.3.1(x86_64)0:2.3.6-0.13.8.1(x86_64)0:1.13.1-0.3.5.1(x86_64)0:1.13.1-0.3.8.1(x86_64)0:1.4.1-0.10.3.1(x86_64)0:2.6-0.3.6.1(i586|ia64|ppc64|s390x|x86_64)0:0.7-6.22.1(x86_64)0:0.6c11-11.3.1(x86_64)0:2.7.18-6.80.1(noarch)0:2.7.18-6.80.1(x86_64)0:2.7.18-6.83.1(noarch)0:2.7.18-6.83.1(x86_64)0:2.7.18-6.88.1(noarch)0:2.7.18-6.88.1(x86_64)0:2.7.2-2.3.6.1(x86_64)0:0.13.3-0.3.6.1(x86_64)0:1.9.213-3.6.1(noarch)0:1.12.213-3.6.5(x86_64)0:0.2.1-3.6.5(x86_64)0:1.24-0.3.3.5(noarch)0:18.0.1-4.5.1(x86_64)0:18.5-3.3.1(noarch)0:0.30-3.3.4(x86_64)0:2.4.4-0.3.3.9(x86_64)0:2.7.2-2.3.3.11(x86_64)0:0.18-3.3.11(x86_64)0:0.7.2-0.3.3.10(x86_64)0:1.4.2-3.3.13(x86_64)0:3.10-0.3.3.10(x86_64)0:1.2.1-2.3.3.11(noarch)0:1.4-3.3.10(x86_64)0:1.7.42-3.3.11(noarch)0:1.10.57-3.3.11(x86_64)0:1.5.2-3.3.11(x86_64)0:5.0.6-1.3.3.10(x86_64)0:1.3.1-3.5.11(x86_64)0:2.1-3.3.11(x86_64)0:0.11-0.3.3.10(x86_64)0:0.10-0.3.3.9(x86_64)0:1.1.3-3.3.11(x86_64)0:3.0.2-3.3.10(x86_64)0:0.9.2-3.3.10(x86_64)0:2.0-3.3.11(x86_64)0:1.0.18-3.3.11(noarch)0:0.9.2-3.3.11(x86_64)0:1.1-0.3.3.10(x86_64)0:1.0-0.3.3.10(x86_64)0:2.4.0-3.3.11(x86_64)0:0.9.1-2.3.3.10(x86_64)0:1.0.1-3.3.11(noarch)0:0.7.2-3.3.13(x86_64)0:1.13.1-0.3.3.10(noarch)0:3.4-3.3.10(x86_64)0:0.1.9-3.3.11(x86_64)0:0.0.5-3.3.11(noarch)0:2.10-3.3.10(x86_64)0:2.6-0.3.3.9(x86_64)0:2.7-3.3.10(noarch)0:2.5.1-0.3.4.9(x86_64)0:1.5.5-3.3.11(x86_64)0:2.0.1-0.3.3.11(x86_64)0:0.1.13-3.3.11(x86_64)0:3.8.2-3.3.11(x86_64)0:1.7.2-0.3.3.11(i586|s390x|x86_64)0:0.99.15-0.30.3.1(x86_64)0:1.4.18-28.23.3.1(i586|ia64|ppc64|s390x|x86_64)0:8.14.3-50.24.1(i586|ia64|ppc64|s390x|x86_64)0:0.1.6+git20080930-6.24.1(x86_64)0:1.7-37.64.3.1(x86_64)0:4.4.2.3-37.64.3.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.4-2.49.1(x86_64)0:3.0.4-2.52.1(x86_64)0:3.0.4-2.53.3.1(x86_64)0:3.0.4-2.53.6.1(i586|ia64|ppc64|s390x|x86_64)0:5.10.1-0.11.1(x86_64)0:5.10.1-0.14.3.1(i586|ia64|ppc64|s390x|x86_64)0:1.8.7.p357-0.9.15.1(x86_64)0:1.8.7.p357-0.9.20.3.1(x86_64)0:1.34b-67.2(x86_64)0:3.6.3-67.2(noarch)0:3.6.3-67.2(i586|s390x|x86_64)0:1.34b-76.1(i586|s390x|x86_64)0:3.6.3-76.1(s390x|x86_64)0:3.6.3-76.1(noarch)0:3.6.3-76.2(i586|s390x|x86_64)0:1.34b-84.1(i586|s390x|x86_64)0:3.6.3-84.1(s390x|x86_64)0:3.6.3-84.1(noarch)0:3.6.3-84.1(x86_64)0:1.34b-87.1(x86_64)0:3.6.3-87.1(noarch)0:3.6.3-87.1(i586|s390x|x86_64)0:1.34b-90.1(i586|s390x|x86_64)0:3.6.3-90.1(s390x|x86_64)0:3.6.3-90.1(noarch)0:3.6.3-90.1(i586|s390x|x86_64)0:1.34b-93.1(i586|s390x|x86_64)0:3.6.3-93.1(s390x|x86_64)0:3.6.3-93.1(noarch)0:3.6.3-93.1(i586|s390x|x86_64)0:1.34b-94.5.1(i586|s390x|x86_64)0:3.6.3-94.5.1(s390x|x86_64)0:3.6.3-94.5.1(noarch)0:3.6.3-94.5.1(i586|s390x|x86_64)0:1.34b-94.8.1(i586|s390x|x86_64)0:3.6.3-94.8.1(s390x|x86_64)0:3.6.3-94.8.1(noarch)0:3.6.3-94.8.1(x86_64)0:1.34b-94.11.1(x86_64)0:3.6.3-94.11.1(noarch)0:3.6.3-94.11.1(i586|s390x|x86_64)0:1.34b-94.14.2(i586|s390x|x86_64)0:3.6.3-94.14.2(s390x|x86_64)0:3.6.3-94.14.2(noarch)0:3.6.3-94.14.2(x86_64)0:1.34b-94.19.2(x86_64)0:3.6.3-94.19.2(noarch)0:3.6.3-94.19.2(x86_64)0:1.34b-94.23.1(x86_64)0:3.6.3-94.23.1(noarch)0:3.6.3-94.23.1(x86_64)0:1.34b-94.26.1(x86_64)0:3.6.3-94.26.1(noarch)0:3.6.3-94.26.1(x86_64)0:1.34b-94.31.1(x86_64)0:3.6.3-94.31.1(noarch)0:3.6.3-94.31.1(x86_64)0:1.34b-94.34.1(x86_64)0:3.6.3-94.34.1(noarch)0:3.6.3-94.34.1(x86_64)0:1.34b-94.37.1(x86_64)0:3.6.3-94.37.1(noarch)0:3.6.3-94.37.1(x86_64)0:1.34b-94.40.1(x86_64)0:3.6.3-94.40.1(noarch)0:3.6.3-94.40.1(x86_64)0:1.34b-94.43.1(x86_64)0:3.6.3-94.43.1(noarch)0:3.6.3-94.43.1(i586|ia64|ppc64|s390x|x86_64)0:1.34b-12.56.1(i586|ia64|ppc64|s390x|x86_64)0:3.6.3-0.56.1(ppc64|s390x|x86_64)0:3.6.3-0.56.1(ia64)0:3.6.3-0.56.1(noarch)0:3.6.3-0.56.1(i586|ia64|ppc64|s390x|x86_64)0:1.34b-64.1(i586|ia64|ppc64|s390x|x86_64)0:3.6.3-64.1(ppc64|s390x|x86_64)0:3.6.3-64.1(ia64)0:3.6.3-64.1(noarch)0:3.6.3-64.1(i586|ia64|ppc64|s390x|x86_64)0:1.3.11-0.25.4(x86_64)0:1.3.11-0.28.1(x86_64)0:15+git47-12.5.1(x86_64)0:15.4-12.8.1(x86_64)0:15.7-12.14.1(x86_64)0:15.7-12.17.1(x86_64)0:3.0u-0.7.2(x86_64)0:0.7.318.81ee561d-0.9.2(x86_64)0:3.3.1-10.8.3.1(x86_64)0:3.7.6.3-1.4.6.1(x86_64)0:3.7.6.3-1.4.7.3.1(x86_64)0:3.7.6.3-1.4.7.6.1(x86_64)0:3.7.6.3-1.4.7.9.1(x86_64)0:3.7.6.3-1.4.7.12.1(x86_64)0:3.7.6.3-1.4.7.15.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.STABLE5-2.12.24.2(x86_64)0:4.17-33.3.1(i586|ia64|ppc64|s390x|x86_64)0:3.1.12-8.16.20.1(i586|ia64|ppc64|s390x|x86_64)0:4.4.0-6.25.1(i586|ia64|ppc64|s390x|x86_64)0:4.4.0-6.32.1(i586|ia64|ppc64|s390x|x86_64)0:1.7.6p2-0.21.1(x86_64)0:1.7.6p2-0.29.1(x86_64)0:1.7.6p2-0.30.5.1(noarch)0:1.20-121.1(noarch)0:1.20-122.9.1(noarch)0:1.21-122.15.1(noarch)0:1.4-1.33.1(x86_64)0:1.27.1-14.17.1(x86_64)0:20120115_1.7.0-0.5.5.1(i586|ia64|ppc64|s390x|x86_64)0:3.9.8-1.27.1(x86_64)0:1.2-134.24.3.1(i586|ia64|ppc64|s390x|x86_64)0:3.8.2-141.160.1(ppc64|s390x|x86_64)0:3.8.2-141.160.1(ia64)0:3.8.2-141.160.1(x86_64)0:3.8.2-141.169.37.1(x86_64)0:3.8.2-141.169.42.1(x86_64)0:3.8.2-141.169.45.1(noarch)0:6.0.53-0.57.25.1(i586|ia64|ppc64|s390x|x86_64)0:1.3.3-12.2.1(x86_64)0:0.3.10-0.11.3.1(i586|s390x|x86_64)0:3.80.2-4.1(x86_64)0:5.6.1-5.6.1(i586|ia64|ppc64|s390x|x86_64)0:6.00-11.13.1(x86_64)0:6.00-11.17.1(x86_64)0:6.00-11.18.3.1(x86_64)0:6.00-11.18.8.1(x86_64)0:6.00-11.18.11.1(x86_64)0:6.00-11.18.14.1(x86_64)0:2.19.1-6.62.7.1(x86_64)0:7.2-8.17.1(x86_64)0:7.2-8.20.8(x86_64)0:7.2-8.21.3.1(x86_64)0:7.2-8.21.6.2(i586|ia64|ppc64|s390x|x86_64)0:2.0.7-4.35.1(x86_64)0:0.5.3.git20161120-5.6.1(x86_64)0:4.50.1-1.36.1(i586|ia64|ppc64|s390x|x86_64)0:1.11.4-1.19.1(i586|s390x|x86_64)0:1.11.4-1.32.1(i586|ia64|ppc64|s390x|x86_64)0:1.10.11-0.2.1(i586|ia64|ppc64|s390x|x86_64)0:1.12.7-0.5.3(i586|ia64|ppc64|s390x|x86_64)0:1.12.9-0.12.1(i586|ia64|ppc64|s390x|x86_64)0:0.7.1-6.15.1(i586|ia64|ppc64|s390x|x86_64)0:0.7.1-6.17.4(i586|s390x|x86_64)0:0.7.1-6.18.3.1(x86_64)0:0.7.1-6.18.6.1(x86_64)0:0.7.1-6.18.9.1(x86_64)0:4.2.5_06-0.7.1(i586|x86_64)0:4.2.5_06_3.0.101_0.47.52-0.7.1(i586)0:4.2.5_06_3.0.101_0.47.52-0.7.1(i586|x86_64)0:4.2.5_06-0.7.1(x86_64)0:4.2.5_02-0.7.1(x86_64)0:4.2.5_02_3.0.101_0.40-0.7.1(x86_64)0:4.2.5_12-15.1(i586|x86_64)0:4.2.5_12_3.0.101_0.47.55-15.1(i586)0:4.2.5_12_3.0.101_0.47.55-15.1(i586|x86_64)0:4.2.5_12-15.1(x86_64)0:4.2.5_14-18.2(i586|x86_64)0:4.2.5_14_3.0.101_0.47.67-18.2(i586)0:4.2.5_14_3.0.101_0.47.67-18.2(i586|x86_64)0:4.2.5_14-18.2(x86_64)0:4.2.5_20-24.9(i586|x86_64)0:4.2.5_20_3.0.101_0.47.79-24.9(i586)0:4.2.5_20_3.0.101_0.47.79-24.9(i586|x86_64)0:4.2.5_20-24.9(x86_64)0:4.2.5_21-27.1(i586|x86_64)0:4.2.5_21_3.0.101_0.47.86-27.1(i586)0:4.2.5_21_3.0.101_0.47.86-27.1(i586|x86_64)0:4.2.5_21-27.1(x86_64)0:4.2.5_21-30.1(i586|x86_64)0:4.2.5_21_3.0.101_0.47.90-30.1(i586)0:4.2.5_21_3.0.101_0.47.90-30.1(i586|x86_64)0:4.2.5_21-30.1(x86_64)0:4.2.5_21-31.1(x86_64)0:4.2.5_21_3.0.101_0.113.TDC-31.1(x86_64)0:4.2.5_21-35.1(i586|x86_64)0:4.2.5_21_3.0.101_0.47.96-35.1(i586)0:4.2.5_21_3.0.101_0.47.96-35.1(i586|x86_64)0:4.2.5_21-35.1(x86_64)0:4.2.5_21-37.1(x86_64)0:4.2.5_21_3.0.101_0.116.TDC-37.1(x86_64)0:4.2.5_21-38.1(i586|x86_64)0:4.2.5_21_3.0.101_0.47.99-38.1(i586)0:4.2.5_21_3.0.101_0.47.99-38.1(i586|x86_64)0:4.2.5_21-38.1(x86_64)0:4.2.5_21-40.1(x86_64)0:4.2.5_21_3.0.101_0.119.TDC-40.1(x86_64)0:4.2.5_21-43.1(x86_64)0:4.2.5_21_3.0.101_0.119.TDC-43.1(x86_64)0:4.2.5_21-41.1(i586|x86_64)0:4.2.5_21_3.0.101_0.47.99-41.1(i586)0:4.2.5_21_3.0.101_0.47.99-41.1(i586|x86_64)0:4.2.5_21-41.1(x86_64)0:4.2.5_21-44.1(i586|x86_64)0:4.2.5_21_3.0.101_0.47.102-44.1(i586)0:4.2.5_21_3.0.101_0.47.102-44.1(i586|x86_64)0:4.2.5_21-44.1(x86_64)0:4.2.5_21-46.1(x86_64)0:4.2.5_21_3.0.101_0.122.TDC-46.1(x86_64)0:4.2.5_21-47.7.1(x86_64)0:4.2.5_21_3.0.101_0.125.TDC-47.7.1(x86_64)0:4.2.5_21-45.5.1(i586|x86_64)0:4.2.5_21_3.0.101_0.47.105-45.5.1(i586)0:4.2.5_21_3.0.101_0.47.105-45.5.1(i586|x86_64)0:4.2.5_21-45.5.1(x86_64)0:4.2.5_21-47.10.1(x86_64)0:4.2.5_21_3.0.101_0.126.5.TDC-47.10.1(x86_64)0:4.2.5_21-45.8.1(i586|x86_64)0:4.2.5_21_3.0.101_0.47.105-45.8.1(i586)0:4.2.5_21_3.0.101_0.47.105-45.8.1(i586|x86_64)0:4.2.5_21-45.8.1(x86_64)0:4.2.5_21-45.11.1(i586|x86_64)0:4.2.5_21_3.0.101_0.47.106.5-45.11.1(i586)0:4.2.5_21_3.0.101_0.47.106.5-45.11.1(i586|x86_64)0:4.2.5_21-45.11.1(x86_64)0:4.2.5_21-47.13.1(x86_64)0:4.2.5_21_3.0.101_0.132.TDC-47.13.1(x86_64)0:4.2.5_21-45.16.1(i586|x86_64)0:4.2.5_21_3.0.101_0.47.106.8-45.16.1(i586)0:4.2.5_21_3.0.101_0.47.106.8-45.16.1(i586|x86_64)0:4.2.5_21-45.16.1(x86_64)0:4.2.5_21-47.16.1(x86_64)0:4.2.5_21_3.0.101_0.139.TDC-47.16.1(x86_64)0:4.2.5_21-47.21.1(x86_64)0:4.2.5_21_3.0.101_0.150.TDC-47.21.1(x86_64)0:4.2.5_21-45.19.1(i586|x86_64)0:4.2.5_21_3.0.101_0.47.106.14-45.19.1(i586)0:4.2.5_21_3.0.101_0.47.106.14-45.19.1(i586|x86_64)0:4.2.5_21-45.19.1(x86_64)0:4.2.5_21-45.22.1(i586|x86_64)0:4.2.5_21_3.0.101_0.47.106.19-45.22.1(i586)0:4.2.5_21_3.0.101_0.47.106.19-45.22.1(i586|x86_64)0:4.2.5_21-45.22.1(x86_64)0:4.2.5_21-47.24.1(x86_64)0:4.2.5_21_3.0.101_0.156.TDC-47.24.1(x86_64)0:4.2.5_21-47.27.1(x86_64)0:4.2.5_21_3.0.101_0.181.TDC-47.27.1(x86_64)0:4.2.5_21-45.25.1(i586|x86_64)0:4.2.5_21_3.0.101_0.47.106.43-45.25.1(i586)0:4.2.5_21_3.0.101_0.47.106.43-45.25.1(i586|x86_64)0:4.2.5_21-45.25.1(x86_64)0:4.2.5_21-47.32.1(x86_64)0:4.2.5_21_3.0.101_0.190.TDC-47.32.1(x86_64)0:4.2.5_21-47.37.1(x86_64)0:4.2.5_21_3.0.101_0.219.TDC-47.37.1(x86_64)0:4.2.5_22-47.40.1(x86_64)0:4.2.5_22_3.0.101_0.238.TDC-47.40.1(x86_64)0:4.2.5_24-47.43.1(x86_64)0:4.2.5_24_3.0.101_0.238.TDC-47.43.1(x86_64)0:4.2.5_26-47.46.1(x86_64)0:4.2.5_26_3.0.101_0.241.TDC-47.46.1(x86_64)0:4.2.5_28-47.49.1(x86_64)0:4.2.5_28_3.0.101_0.253.TDC-47.49.1(x86_64)0:4.2.5_30-47.52.3(x86_64)0:4.2.5_30_3.0.101_0.258.TDC-47.52.3(x86_64)0:4.2.5_32-47.55.1(x86_64)0:4.2.5_32_3.0.101_0.258.TDC-47.55.1(x86_64)0:4.2.5_34-47.58.1(x86_64)0:4.2.5_34_3.0.101_0.261.TDC-47.58.1(x86_64)0:4.2.5_36-47.63.1(x86_64)0:4.2.5_36_3.0.101_0.261.TDC-47.63.1(x86_64)0:4.2.5_38-47.66.1(x86_64)0:4.2.5_38_3.0.101_0.266.TDC-47.66.1(x86_64)0:4.2.2_06-0.7.1(i586|x86_64)0:4.2.2_06_3.0.82_0.7-0.7.1(i586)0:4.2.2_06_3.0.82_0.7-0.7.1(i586|x86_64)0:4.2.2_06-0.7.1(x86_64)0:4.2.3_02-0.7.1(i586|x86_64)0:4.2.3_02_3.0.93_0.8-0.7.1(i586)0:4.2.3_02_3.0.93_0.8-0.7.1(i586|x86_64)0:4.2.3_02-0.7.1(x86_64)0:4.2.3_08-0.7.1(i586|x86_64)0:4.2.3_08_3.0.101_0.8-0.7.1(i586)0:4.2.3_08_3.0.101_0.8-0.7.1(i586|x86_64)0:4.2.3_08-0.7.1(x86_64)0:4.2.4_02-0.7.1(i586|x86_64)0:4.2.4_02_3.0.101_0.15-0.7.1(i586)0:4.2.4_02_3.0.101_0.15-0.7.1(i586|x86_64)0:4.2.4_02-0.7.1(x86_64)0:4.2.4_04-0.9.1(i586|x86_64)0:4.2.4_04_3.0.101_0.40-0.9.1(i586)0:4.2.4_04_3.0.101_0.40-0.9.1(i586|x86_64)0:4.2.4_04-0.9.1(x86_64)0:4.2.5_04-0.9.1(i586|x86_64)0:4.2.5_04_3.0.101_0.47.52-0.9.1(i586)0:4.2.5_04_3.0.101_0.47.52-0.9.1(i586|x86_64)0:4.2.5_04-0.9.1(x86_64)0:4.2.5_08-0.9.1(i586|x86_64)0:4.2.5_08_3.0.101_0.47.55-0.9.1(i586)0:4.2.5_08_3.0.101_0.47.55-0.9.1(i586|x86_64)0:4.2.5_08-0.9.1(x86_64)0:4.2.5_18-21.1(i586|x86_64)0:4.2.5_18_3.0.101_0.47.71-21.1(i586)0:4.2.5_18_3.0.101_0.47.71-21.1(i586|x86_64)0:4.2.5_18-21.1(i586|ia64|ppc64|s390x|x86_64)0:3.1.8-0.7.1(i586|ia64|ppc64|s390x|x86_64)0:2.3.14-130.133.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-27.97.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-8.26.42.1(ppc64|s390x|x86_64)0:7.4-8.26.42.1(ia64)0:7.4-8.26.42.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-5.11.15.1(ppc64|s390x|x86_64)0:7.4-5.11.15.1(ia64)0:7.4-5.11.15.1(i586|s390x|x86_64)0:7.4-5.11.72.9.1(s390x|x86_64)0:7.4-5.11.72.9.1(x86_64)0:7.4-5.11.72.30.1(x86_64)0:7.4-5.11.72.33.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-1.18.2(ppc64|s390x|x86_64)0:7.4-1.18.2(ia64)0:7.4-1.18.2(i586|ia64|ppc64|s390x|x86_64)0:7.4-1.16.2(ppc64|s390x|x86_64)0:7.4-1.16.2(ia64)0:7.4-1.16.2(x86_64)0:7.4-4.7.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-1.19.2(ppc64|s390x|x86_64)0:7.4-1.19.2(ia64)0:7.4-1.19.2(i586|ia64|ppc64|s390x|x86_64)0:7.4-8.26.46.1(ppc64|s390x|x86_64)0:7.4-8.26.46.1(ia64)0:7.4-8.26.46.1(x86_64)0:7.4-27.118.1(i586|s390x|x86_64)0:7.4-27.121.2(x86_64)0:7.4-27.122.16.1(i586|s390x|x86_64)0:7.4-27.122.21.1(x86_64)0:7.4-27.122.26.1(x86_64)0:7.4-27.122.29.1(x86_64)0:7.4-27.122.37.1(x86_64)0:7.4-27.122.40.1(x86_64)0:7.4-27.122.43.1(x86_64)0:7.4-27.122.46.1(x86_64)0:7.4-27.122.49.1(x86_64)0:7.4-27.122.52.1(x86_64)0:7.4-27.122.57.1(x86_64)0:7.4-27.122.60.1(x86_64)0:7.4-27.122.63.1(x86_64)0:7.4-27.122.66.1(x86_64)0:0.4.1-28.26.4.1(x86_64)0:0.4.1-28.26.7.1(i586|ia64|ppc64|s390x|x86_64)0:5.07-6.36.1(x86_64)0:5.07-6.37.3.1(x86_64)0:238-3.6.1(x86_64)0:2.17.147.1-9.1(x86_64)0:1.2.7-0.14.1(x86_64)0:1.2.7-0.17.3.1(x86_64)0:1.2.7-0.17.6.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.34.1(ppc64|s390x|x86_64)0:6.4.3.6-7.34.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.37.1(ppc64|s390x|x86_64)0:6.4.3.6-7.37.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.40.1(ppc64|s390x|x86_64)0:6.4.3.6-7.40.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.45.1(ppc64|s390x|x86_64)0:6.4.3.6-7.45.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.48.1(ppc64|s390x|x86_64)0:6.4.3.6-7.48.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.54.1(ppc64|s390x|x86_64)0:6.4.3.6-7.54.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.60.1(ppc64|s390x|x86_64)0:6.4.3.6-7.60.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.65.1(ppc64|s390x|x86_64)0:6.4.3.6-7.65.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.70.1(ppc64|s390x|x86_64)0:6.4.3.6-7.70.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.77.1(ppc64|s390x|x86_64)0:6.4.3.6-7.77.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.78.5.2(ppc64|s390x|x86_64)0:6.4.3.6-7.78.5.2(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.78.8.1(ppc64|s390x|x86_64)0:6.4.3.6-7.78.8.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.78.14.1(ppc64|s390x|x86_64)0:6.4.3.6-7.78.14.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.78.17.1(ppc64|s390x|x86_64)0:6.4.3.6-7.78.17.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.78.22.1(ppc64|s390x|x86_64)0:6.4.3.6-7.78.22.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.78.29.2(ppc64|s390x|x86_64)0:6.4.3.6-7.78.29.2(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.78.34.1(ppc64|s390x|x86_64)0:6.4.3.6-7.78.34.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-7.78.37.1(ppc64|s390x|x86_64)0:6.4.3.6-7.78.37.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-78.40.1(ppc64|s390x|x86_64)0:6.4.3.6-78.40.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-78.45.1(ppc64|s390x|x86_64)0:6.4.3.6-78.45.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-78.56.1(ppc64|s390x|x86_64)0:6.4.3.6-78.56.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-78.59.1(ppc64|s390x|x86_64)0:6.4.3.6-78.59.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-78.74.1(ppc64|s390x|x86_64)0:6.4.3.6-78.74.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-78.79.1(ppc64|s390x|x86_64)0:6.4.3.6-78.79.1(i586|ia64|ppc64|s390x|x86_64)0:6.4.3.6-78.92.1(ppc64|s390x|x86_64)0:6.4.3.6-78.92.1(i586|ppc64|s390x|x86_64)0:6.4.3.6-78.135.1(ppc64|s390x|x86_64)0:6.4.3.6-78.135.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.1-159.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.1-160.3.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.1-160.6.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.1-160.9.1(i586|ppc64|s390x|x86_64)0:0.9.1-160.14.1(i586|ppc64|s390x|x86_64)0:0.9.1-160.19.1(i586|ppc64|s390x|x86_64)0:0.9.1-160.22.1(i586|ia64|ppc64|s390x|x86_64)0:38.6.1esr-34.1(i586|ia64|ppc64|s390x|x86_64)0:38.8.0esr-40.5(i586|ia64|ppc64|s390x|x86_64)0:3.20.2-30.1(ppc64|s390x|x86_64)0:3.20.2-30.1(ia64)0:3.20.2-30.1(i586|ia64|ppc64|s390x|x86_64)0:4.12-26.1(ppc64|s390x|x86_64)0:4.12-26.1(ia64)0:4.12-26.1(i586|ia64|ppc64|s390x|x86_64)0:45.2.0esr-45.2(i586|ia64|ppc64|s390x|x86_64)0:45.0-23.10(i586|ia64|ppc64|s390x|x86_64)0:2.11.0-2.1(i586|ia64|ppc64|s390x|x86_64)0:3.21.1-35.1(ppc64|s390x|x86_64)0:3.21.1-35.1(ia64)0:3.21.1-35.1(i586|ia64|ppc64|s390x|x86_64)0:4.12-29.1(ppc64|s390x|x86_64)0:4.12-29.1(ia64)0:4.12-29.1(i586|ia64|ppc64|s390x|x86_64)0:45.3.0esr-50.1(i586|ia64|ppc64|s390x|x86_64)0:45.4.0esr-53.1(i586|ia64|ppc64|s390x|x86_64)0:45.6.0esr-62.1(i586|ia64|ppc64|s390x|x86_64)0:45.7.0esr-65.2(i586|ia64|ppc64|s390x|x86_64)0:45.8.0esr-68.1(i586|ia64|ppc64|s390x|x86_64)0:45.9.0esr-71.2(i586|ia64|ppc64|s390x|x86_64)0:3.29.5-46.1(ppc64|s390x|x86_64)0:3.29.5-46.1(ia64)0:3.29.5-46.1(i586|ia64|ppc64|s390x|x86_64)0:4.13.1-32.1(ppc64|s390x|x86_64)0:4.13.1-32.1(ia64)0:4.13.1-32.1(i586|ppc64|s390x|x86_64)0:52.2.0esr-72.5.2(i586|ppc64|s390x|x86_64)0:52-24.3.44(i586|ia64|ppc64|s390x|x86_64)0:5.3.1+r233831-7.1(i586|ia64|ppc64|s390x|x86_64)0:3.29.5-47.3.2(ppc64|s390x|x86_64)0:3.29.5-47.3.2(ia64)0:3.29.5-47.3.2(i586|ia64|ppc64|s390x|x86_64)0:52.3.0esr-72.9.1(i586|ia64|ppc64|s390x|x86_64)0:52-24.5.1(i586|ia64|ppc64|s390x|x86_64)0:52.5.0esr-72.17.1(i586|ia64|ppc64|s390x|x86_64)0:52.6.0esr-72.20.2(i586|ia64|ppc64|s390x|x86_64)0:52.7.3esr-72.27.2(i586|ia64|ppc64|s390x|x86_64)0:52.8.0esr-72.32.1(i586|ia64|ppc64|s390x|x86_64)0:52.8.1esr-72.35.1(i586|ia64|ppc64|s390x|x86_64)0:52.9.0esr-72.38.6(i586|ia64|ppc64|s390x|x86_64)0:38.7.0esr-37.3(i586|ia64|ppc64|s390x|x86_64)0:3.20.2-28.1(ppc64|s390x|x86_64)0:3.20.2-28.1(ia64)0:3.20.2-28.1(i586|ia64|ppc64|s390x|x86_64)0:4.12-24.1(ppc64|s390x|x86_64)0:4.12-24.1(ia64)0:4.12-24.1(i586|ia64|ppc64|x86_64)0:0.9.svn1043876-1.3.15(i586|ia64|ppc64|s390x|x86_64)0:1.6.1-83.17.3.1(ppc64|s390x|x86_64)0:1.6.1-83.17.3.1(ia64)0:1.6.1-83.17.3.1(i586|ppc64|s390x|x86_64)0:1.6.1-83.17.25.1(ppc64|s390x|x86_64)0:1.6.1-83.17.25.1(i586|ppc64|s390x|x86_64)0:1.6.1-83.17.30.1(ppc64|s390x|x86_64)0:1.6.1-83.17.30.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.13-106.11.1(ppc64|s390x|x86_64)0:1.2.13-106.11.1(ia64)0:1.2.13-106.11.1(i586|ppc64|s390x|x86_64)0:1.2.13-106.21.1(ppc64|s390x|x86_64)0:1.2.13-106.21.1(x86_64)0:4.4.2_12-23.1(i586|x86_64)0:4.4.2_12_3.0.101_63-23.1(i586)0:4.4.2_12_3.0.101_63-23.1(i586|x86_64)0:4.4.2_12-23.1(i586|ppc64|s390x|x86_64)0:1.4-75.3.1(i586|ppc64|s390x|x86_64)0:0.13.1-40.16.6.1(i586|ia64|ppc64|s390x|x86_64)0:2.5.2.1-188.5.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.12-64.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.12-69.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.34-70.5.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.34-70.12.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.34-70.15.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.34-70.18.1(i586|ppc64|s390x|x86_64)0:2.2.34-70.27.1(i586|ppc64|s390x|x86_64)0:2.2.34-70.35.1(i586|ppc64|s390x|x86_64)0:2.2.34-70.38.1(i586|ppc64|s390x|x86_64)0:2.2.34-70.41.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.40-0.2.5.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.14-0.4.25.1(i586|ppc64|s390x|x86_64)0:2.0.4-40.63.3.3(i586|ia64|ppc64|s390x|x86_64)0:0.114-12.8.3.1(i586|ia64|ppc64|s390x|x86_64)0:0.114-0.8.3.1(i586|ppc64|s390x|x86_64)0:2.1a15-131.23.2.6.1(i586|ppc64|s390x|x86_64)0:0.60.6-26.36.1(ppc64|s390x|x86_64)0:0.60.6-26.36.1(i586|ppc64|s390x|x86_64)0:0.7.0-135.23.3.1(i586|ia64|ppc64|s390x|x86_64)0:0.2.6-142.17.1(ppc64|s390x|x86_64)0:0.2.6-142.17.1(ia64)0:0.2.6-142.17.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.0-3.21.3.1(i586|ia64|ppc64|s390x|x86_64)0:0.6.23-35.6.2(ppc64|s390x|x86_64)0:0.6.23-35.6.2(ia64)0:0.6.23-35.6.2(i586|ia64|ppc64|s390x|x86_64)0:0.6.23-35.6.1(ppc64|s390x|x86_64)0:0.6.23-35.6.1(ia64)0:0.6.23-35.6.1(i586|ia64|ppc64|s390x|x86_64)0:3.2-147.29.1(ia64)0:3.2-147.29.1(i586|ia64|ppc64|s390x|x86_64)0:5.2-147.29.1(ppc64|s390x|x86_64)0:5.2-147.29.1(ia64)0:5.2-147.29.1(i586|ia64|ppc64|s390x|x86_64)0:3.2-147.35.1(ia64)0:3.2-147.35.1(i586|ia64|ppc64|s390x|x86_64)0:5.2-147.35.1(ppc64|s390x|x86_64)0:5.2-147.35.1(ia64)0:5.2-147.35.1(i586|ia64|ppc64|s390x|x86_64)0:9.9.6P1-0.25.1(ppc64|s390x|x86_64)0:9.9.6P1-0.25.1(ia64)0:9.9.6P1-0.25.1(i586|ia64|ppc64|s390x|x86_64)0:9.9.6P1-0.30.1(ppc64|s390x|x86_64)0:9.9.6P1-0.30.1(ia64)0:9.9.6P1-0.30.1(i586|ia64|ppc64|s390x|x86_64)0:9.9.6P1-0.33.1(ppc64|s390x|x86_64)0:9.9.6P1-0.33.1(ia64)0:9.9.6P1-0.33.1(i586|ia64|ppc64|s390x|x86_64)0:9.9.6P1-0.36.1(ppc64|s390x|x86_64)0:9.9.6P1-0.36.1(ia64)0:9.9.6P1-0.36.1(i586|ia64|ppc64|s390x|x86_64)0:9.9.6P1-0.39.1(ppc64|s390x|x86_64)0:9.9.6P1-0.39.1(ia64)0:9.9.6P1-0.39.1(i586|ia64|ppc64|s390x|x86_64)0:9.9.6P1-0.44.1(ppc64|s390x|x86_64)0:9.9.6P1-0.44.1(ia64)0:9.9.6P1-0.44.1(i586|ia64|ppc64|s390x|x86_64)0:9.9.6P1-0.47.1(ppc64|s390x|x86_64)0:9.9.6P1-0.47.1(ia64)0:9.9.6P1-0.47.1(i586|ia64|ppc64|s390x|x86_64)0:9.9.6P1-0.50.1(ppc64|s390x|x86_64)0:9.9.6P1-0.50.1(ia64)0:9.9.6P1-0.50.1(i586|ia64|ppc64|s390x|x86_64)0:9.9.6P1-0.51.7.1(ppc64|s390x|x86_64)0:9.9.6P1-0.51.7.1(i586|ppc64|s390x|x86_64)0:9.9.6P1-0.51.15.4(ppc64|s390x|x86_64)0:9.9.6P1-0.51.15.4(i586|ppc64|s390x|x86_64)0:9.9.6P1-0.51.20.1(ppc64|s390x|x86_64)0:9.9.6P1-0.51.20.1(i586|ppc64|s390x|x86_64)0:9.9.6P1-0.51.23.1(ppc64|s390x|x86_64)0:9.9.6P1-0.51.23.1(i586|ppc64|s390x|x86_64)0:9.9.6P1-0.51.26.1(ppc64|s390x|x86_64)0:9.9.6P1-0.51.26.1(i586|ia64|ppc64|s390x|x86_64)0:2.5.5-9.1(i586|ppc64|s390x|x86_64)0:1.0.5-34.256.5.1(ppc64|s390x|x86_64)0:1.0.5-34.256.5.1(i586|ppc64|s390x|x86_64)0:1.0.5-34.256.8.1(ppc64|s390x|x86_64)0:1.0.5-34.256.8.1(i586|ia64|ppc64|s390x|x86_64)0:1.8.8-2.3.7.1(ppc64|s390x|x86_64)0:1.8.8-2.3.7.1(ia64)0:1.8.8-2.3.7.1(i586|ppc64|s390x|x86_64)0:5.1-0.16.3.1(i586|ia64|ppc64|s390x|x86_64)0:0.99.2-0.19.1(i586|ia64|ppc64|s390x|x86_64)0:0.99.3-0.20.3.2(i586|ia64|ppc64|s390x|x86_64)0:0.99.4-0.20.7.2(i586|ia64|ppc64|s390x|x86_64)0:0.100.1-0.20.15.1(i586|ia64|ppc64|s390x|x86_64)0:0.100.2-0.20.18.1(i586|ppc64|s390x|x86_64)0:0.100.3-0.20.21.1(i586|ppc64|s390x|x86_64)0:0.100.3-0.20.26.1(i586|ppc64|s390x|x86_64)0:0.100.3-0.20.29.1(i586|ppc64|s390x|x86_64)0:0.103.0-0.20.32.1(i586|ppc64|s390x|x86_64)0:0.103.2-0.20.35.1(i586|ppc64|s390x|x86_64)0:0.103.4-0.20.41.1(i586|ppc64|s390x|x86_64)0:0.103.5-0.20.44.1(i586|ia64|ppc64|s390x|x86_64)0:2.5.69.8-11.2(i586|ia64|ppc64|s390x|x86_64)0:2.1.12-14.2(i586|ia64|ppc64|s390x|x86_64)0:8.12-6.25.33.3.1(ia64)0:8.12-6.25.33.3.1(i586|ppc64|s390x|x86_64)0:2.9-75.81.8.1(i586|ppc64|s390x|x86_64)0:2.9-75.81.14.1(i586|ia64|ppc64|s390x|x86_64)0:2.8.12-56.13.1(ppc64|s390x|x86_64)0:2.8.12-56.13.1(ia64)0:2.8.12-56.13.1(i586|ia64|ppc64|s390x|x86_64)0:7.0.9-30.3.28(i586|ia64|ppc64|s390x|x86_64)0:1.3.9-8.46.56.3.1(ppc64|s390x|x86_64)0:1.3.9-8.46.56.3.1(ia64)0:1.3.9-8.46.56.3.1(i586|ppc64|s390x|x86_64)0:1.3.9-8.46.56.8.1(ppc64|s390x|x86_64)0:1.3.9-8.46.56.8.1(i586|ppc64|s390x|x86_64)0:1.3.9-8.46.56.11.1(ppc64|s390x|x86_64)0:1.3.9-8.46.56.11.1(i586|ppc64|s390x|x86_64)0:1.3.9-8.46.56.18.1(ppc64|s390x|x86_64)0:1.3.9-8.46.56.18.1(s390x|x86_64)0:7.19.7-1.70.3.1(i586|ppc64|s390x|x86_64)0:7.37.0-70.41.2(i586|ppc64|s390x|x86_64)0:7.37.0-70.44.1(i586|ppc64|s390x|x86_64)0:7.37.0-70.47.1(i586|ppc64|s390x|x86_64)0:7.37.0-70.66.1(i586|ia64|ppc64|s390x|x86_64)0:1.12.12-144.23.5.3.1(i586|ia64|ppc64|s390x|x86_64)0:2.3.11-60.65.67.1(i586|ppc64|s390x|x86_64)0:2.1.22-182.26.4.1(i586|ppc64|s390x|x86_64)0:2.1.22-182.26.7.1(i586|ppc64|s390x|x86_64)0:1.2.10-3.34.8.1(ppc64|s390x|x86_64)0:1.2.10-3.34.8.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.4.P2-0.27.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.4.P2-0.28.5.3(i586|ia64|ppc64|s390x|x86_64)0:4.2.4.P2-0.28.8.1(i586|ppc64|s390x|x86_64)0:4.2.4.P2-0.28.12.1(i586|ppc64|s390x|x86_64)0:3.5.21-3.9.1(i586|ppc64|s390x|x86_64)0:3.5.21-3.12.1(i586|ppc64|s390x|x86_64)0:3.5.21-3.15.1(i586|ppc64|s390x|x86_64)0:3.5.21-3.18.1(i586|ia64|ppc64|s390x|x86_64)0:2.71-0.16.3(i586|ia64|ppc64|s390x|x86_64)0:2.78-0.17.5.1(i586|ppc64|s390x|x86_64)0:2.78-0.17.10.1(i586|ppc64|s390x|x86_64)0:2.78-0.17.15.1(i586|ppc64|s390x|x86_64)0:2.78-0.17.18.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.26-3.1(i586|ia64|ppc64|s390x|x86_64)0:0.2-1001.30.3.4(i586|ia64|ppc64|s390x|x86_64)0:22.3-42.3.1(i586|ia64|ppc64|s390x|x86_64)0:2.28.2-0.7.3.1(i586|ppc64|s390x|x86_64)0:2.28.2-0.7.8.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.2-4.5.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.1-88.38.1(ppc64|s390x|x86_64)0:2.0.1-88.38.1(ia64)0:2.0.1-88.38.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.1-88.41.1(ppc64|s390x|x86_64)0:2.0.1-88.41.1(ia64)0:2.0.1-88.41.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.1-88.42.3.2(ppc64|s390x|x86_64)0:2.0.1-88.42.3.2(ia64)0:2.0.1-88.42.3.2(i586|ppc64|s390x|x86_64)0:2.0.1-88.42.12.1(ppc64|s390x|x86_64)0:2.0.1-88.42.12.1(i586|ppc64|s390x|x86_64)0:2.0.1-88.42.15.1(ppc64|s390x|x86_64)0:2.0.1-88.42.15.1(i586|ppc64|s390x|x86_64)0:2.0.1-88.42.18.1(ppc64|s390x|x86_64)0:2.0.1-88.42.18.1(i586|ppc64|s390x|x86_64)0:2.0.1-88.42.22.1(ppc64|s390x|x86_64)0:2.0.1-88.42.22.1(i586|ia64|ppc64|s390x|x86_64)0:6.3.8.90-13.20.21.1(i586|ia64|ppc64|s390x|x86_64)0:52.4.0esr-72.13.2(i586|ia64|ppc64|s390x|x86_64)0:3.29.5-47.6.1(ppc64|s390x|x86_64)0:3.29.5-47.6.1(ia64)0:3.29.5-47.6.1(i586|ppc64|s390x|x86_64)0:2.54.3-2.11.1(i586|ppc64|s390x|x86_64)0:3.10.9-2.12.2(i586|ppc64|s390x|x86_64)0:2.10.2-2.6.5(i586|ppc64|s390x|x86_64)0:2.26.1-2.5.5(i586|ppc64|s390x|x86_64)0:0.76-34.2.4.5(i586|ppc64|s390x|x86_64)0:2.36.11-2.5.4(i586|ppc64|s390x|x86_64)0:2.54.3-2.4.3(i586|ppc64|s390x|x86_64)0:3.10.9-2.8.3(i586|ppc64|s390x|x86_64)0:1.15.10-2.8.7(i586|ppc64|s390x|x86_64)0:2.9-2.4.1(i586|ppc64|s390x)0:5.3.1+r233831-10.1(i586|ppc64|s390x|x86_64)0:1.7.5-2.4.5(i586|ppc64|s390x|x86_64)0:1.40.14-2.4.5(i586|ppc64|s390x|x86_64)0:0.34.0-2.5.1(i586|s390x|x86_64)0:3.41.1-38.6.1(s390x|x86_64)0:3.41.1-38.6.1(i586|ppc64|s390x|x86_64)0:4.20-29.3.1(ppc64|s390x|x86_64)0:4.20-29.3.1(i586|ia64|ppc64|s390x|x86_64)0:2.6.0-10.19.1(ppc64|s390x|x86_64)0:2.6.0-10.19.1(ia64)0:2.6.0-10.19.1(i586|ia64|ppc64|s390x|x86_64)0:2.1.1-7.24.1(i586|ia64|ppc64|s390x|x86_64)0:2.1.1-7.25.3.1(i586|ia64|ppc64|s390x|x86_64)0:2.3.7-25.41.4(ppc64|s390x|x86_64)0:2.3.7-25.41.4(ia64)0:2.3.7-25.41.4(i586|ia64|ppc64|s390x|x86_64)0:2.3.7-25.45.5.1(ppc64|s390x|x86_64)0:2.3.7-25.45.5.1(ia64)0:2.3.7-25.45.5.1(i586|ia64|ppc64|s390x|x86_64)0:2.3.7-25.45.8.1(ppc64|s390x|x86_64)0:2.3.7-25.45.8.1(ia64)0:2.3.7-25.45.8.1(i586|ia64|ppc64|s390x|x86_64)0:2.8.7-0.11.3.1(i586|ia64|ppc64|s390x|x86_64)0:4.3.4_20091019-37.3.1(ppc64|s390x|x86_64)0:4.3.4_20091019-37.3.1(i586|ia64|ppc64|s390x|x86_64)0:4.3.4_20091019-37.9.1(ppc64|s390x|x86_64)0:4.3.4_20091019-37.9.1(ppc64|s390x|x86_64)0:5.3.1+r233831-10.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.1+r233831-10.1(i586|ia64|x86_64)0:5.3.1+r233831-10.1(x86_64)0:5.3.1+r233831-10.1(i586|ia64|ppc64|s390x|x86_64)0:2.25.0-5.5(i586|ia64|ppc64|s390x|x86_64)0:7.9.1-3.2(ia64)0:7.9.1-3.2(ppc64|s390x|x86_64)0:5.2.1+r226025-2.4(ppc64|x86_64)0:5.2.1+r226025-2.1(i586|ia64|ppc64|s390x|x86_64)0:5.2.1+r226025-2.4(i586|ia64|x86_64)0:5.2.1+r226025-2.4(x86_64)0:5.2.1+r226025-2.4(i586|ia64|ppc64|s390x|x86_64)0:2.0.36.RC1-52.22.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.36.RC1-52.25.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.36.RC1-52.29.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.36.RC1-52.32.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.36.RC1-52.33.5.1(i586|ia64|ppc64|s390x|x86_64)0:8.62-32.41.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.7-32.41.1(i586|ia64|ppc64|s390x|x86_64)0:8.62-32.38.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.7-32.38.1(i586|ia64|ppc64|s390x|x86_64)0:8.62-32.44.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.7-32.44.1(i586|ia64|ppc64|s390x|x86_64)0:8.62-32.46.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.7-32.46.1(i586|ia64|ppc64|s390x|x86_64)0:8.62-32.47.7.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.7-32.47.7.1(i586|ia64|ppc64|s390x|x86_64)0:8.62-32.47.10.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.7-32.47.10.1(i586|ia64|ppc64|s390x|x86_64)0:8.62-32.47.13.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.7-32.47.13.1(i586|ppc64|s390x|x86_64)0:8.62-47.16.1(i586|ppc64|s390x|x86_64)0:4.2.7-47.16.1(i586|ia64|ppc64|s390x|x86_64)0:4.1.6-21.1(ppc64|s390x|x86_64)0:4.1.6-21.1(ia64)0:4.1.6-21.1(i586|ia64|ppc64|s390x|x86_64)0:2.22.5-0.8.36.1(ppc64|s390x|x86_64)0:2.22.5-0.8.36.1(ia64)0:2.22.5-0.8.36.1(i586|ppc64|s390x|x86_64)0:2.22.5-0.8.39.1(ppc64|s390x|x86_64)0:2.22.5-0.8.39.1(i586|i686|ia64|ppc64|s390x|x86_64)0:2.11.3-17.102.1(ppc64|s390x|x86_64)0:2.11.3-17.102.1(i586|ia64|ppc64|s390x|x86_64)0:2.11.3-17.102.1(ia64)0:2.11.3-17.102.1(i586|i686|ia64|ppc64|s390x|x86_64)0:2.11.3-17.109.1(ppc64|s390x|x86_64)0:2.11.3-17.109.1(i586|ia64|ppc64|s390x|x86_64)0:2.11.3-17.109.1(ia64)0:2.11.3-17.109.1(i586|i686|ia64|ppc64|s390x|x86_64)0:2.11.3-17.110.3.1(ppc64|s390x|x86_64)0:2.11.3-17.110.3.1(i586|ia64|ppc64|s390x|x86_64)0:2.11.3-17.110.3.1(ia64)0:2.11.3-17.110.3.1(i586|i686|ia64|ppc64|s390x|x86_64)0:2.11.3-17.110.6.2(ppc64|s390x|x86_64)0:2.11.3-17.110.6.2(i586|ia64|ppc64|s390x|x86_64)0:2.11.3-17.110.6.2(ia64)0:2.11.3-17.110.6.2(i586|i686|ia64|ppc64|s390x|x86_64)0:2.11.3-17.110.9.2(ppc64|s390x|x86_64)0:2.11.3-17.110.9.2(i586|ia64|ppc64|s390x|x86_64)0:2.11.3-17.110.9.2(ia64)0:2.11.3-17.110.9.2(i586|i686|ia64|ppc64|s390x|x86_64)0:2.11.3-17.110.14.1(ppc64|s390x|x86_64)0:2.11.3-17.110.14.1(i586|ia64|ppc64|s390x|x86_64)0:2.11.3-17.110.14.1(ia64)0:2.11.3-17.110.14.1(i586|i686|ia64|ppc64|s390x|x86_64)0:2.11.3-17.110.19.2(ppc64|s390x|x86_64)0:2.11.3-17.110.19.2(i586|ia64|ppc64|s390x|x86_64)0:2.11.3-17.110.19.2(ia64)0:2.11.3-17.110.19.2(i586|i686|ia64|ppc64|s390x|x86_64)0:2.11.3-17.110.24.2(ppc64|s390x|x86_64)0:2.11.3-17.110.24.2(i586|ia64|ppc64|s390x|x86_64)0:2.11.3-17.110.24.2(ia64)0:2.11.3-17.110.24.2(i586|i686|ppc64|s390x|x86_64)0:2.11.3-17.110.33.1(ppc64|s390x|x86_64)0:2.11.3-17.110.33.1(i586|ppc64|s390x|x86_64)0:2.11.3-17.110.33.1(i586|i686|ppc64|s390x|x86_64)0:2.11.3-17.110.37.1(ppc64|s390x|x86_64)0:2.11.3-17.110.37.1(i586|ppc64|s390x|x86_64)0:2.11.3-17.110.37.1(i586|i686|ppc64|s390x|x86_64)0:2.11.3-17.110.40.1(ppc64|s390x|x86_64)0:2.11.3-17.110.40.1(i586|ppc64|s390x|x86_64)0:2.11.3-17.110.40.1(i586|ia64|ppc64|s390x|x86_64)0:2.28.0-3.11.12.2(i586|ia64|ppc64|s390x|x86_64)0:2.4.1-24.39.67.1(ppc64|s390x|x86_64)0:2.4.1-24.39.67.1(ia64)0:2.4.1-24.39.67.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.1-24.39.70.1(ppc64|s390x|x86_64)0:2.4.1-24.39.70.1(ia64)0:2.4.1-24.39.70.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.9-25.33.42.3.1(x86_64)0:2.00-0.54.2(x86_64)0:2.00-0.66.8.1(x86_64)0:2.00-0.66.15.1(x86_64)0:2.00-0.66.21.1(x86_64)0:2.02-0.66.26.1(i586|ia64|ppc64|s390x|x86_64)0:0.10.35-5.17.1(ppc64|s390x|x86_64)0:0.10.35-5.17.1(ia64)0:0.10.35-5.17.1(i586|ppc64|s390x|x86_64)0:0.10.35-5.18.5.1(ppc64|s390x|x86_64)0:0.10.35-5.18.5.1(i586|ia64|ppc64|s390x|x86_64)0:0.10.30-5.14.1(i586|ia64|ppc64|s390x|x86_64)0:2.18.9-0.44.1(ppc64|s390x|x86_64)0:2.18.9-0.44.1(ia64)0:2.18.9-0.44.1(i586|ia64|ppc64|s390x|x86_64)0:2.18.9-0.45.3.1(ppc64|s390x|x86_64)0:2.18.9-0.45.3.1(ia64)0:2.18.9-0.45.3.1(i586|ia64|ppc64|s390x|x86_64)0:2.18.9-0.45.8.1(ppc64|s390x|x86_64)0:2.18.9-0.45.8.1(ia64)0:2.18.9-0.45.8.1(i586|ia64|ppc64|s390x|x86_64)0:1.8.5-24.1(i586|ia64|ppc64|s390x|x86_64)0:4.0-7.30.2(ppc64|s390x|x86_64)0:4.0-7.30.2(ia64)0:4.0-7.30.2(i586|ia64|ppc64|s390x|x86_64)0:4.0-38.1(ppc64|s390x|x86_64)0:4.0-38.1(ia64)0:4.0-38.1(i586|ia64|ppc64|s390x|x86_64)0:4.0-43.1(ppc64|s390x|x86_64)0:4.0-43.1(ia64)0:4.0-43.1(i586|ia64|ppc64|s390x|x86_64)0:4.0-46.1(ppc64|s390x|x86_64)0:4.0-46.1(ia64)0:4.0-46.1(i586|ia64|ppc64|s390x|x86_64)0:4.0-47.3.2(ppc64|s390x|x86_64)0:4.0-47.3.2(ia64)0:4.0-47.3.2(i586|ia64|ppc64|s390x|x86_64)0:4.0-47.6.1(ppc64|s390x|x86_64)0:4.0-47.6.1(ia64)0:4.0-47.6.1(i586|ppc64|s390x|x86_64)0:2.4.2-170.21.3.6.1(i586|x86_64)0:1.8.15-0.30.3.1(i586|ia64|ppc64|s390x|x86_64)0:0.7.3-1.38.3.1(i586|ia64|ppc64|s390x|x86_64)0:1.900.14-134.25.1(ppc64|s390x|x86_64)0:1.900.14-134.25.1(ia64)0:1.900.14-134.25.1(i586|ia64|ppc64|s390x|x86_64)0:1.900.14-134.32.1(ppc64|s390x|x86_64)0:1.900.14-134.32.1(ia64)0:1.900.14-134.32.1(i586|ia64|ppc64|s390x|x86_64)0:1.900.14-134.33.3.1(ppc64|s390x|x86_64)0:1.900.14-134.33.3.1(ia64)0:1.900.14-134.33.3.1(i586|ppc64|s390x|x86_64)0:1.900.14-134.33.20.1(ppc64|s390x|x86_64)0:1.900.14-134.33.20.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr3.10-3.1(i586|x86_64)0:1.7.1_sr3.10-3.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr3.20-6.1(i586|x86_64)0:1.7.1_sr3.20-6.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr3.30-9.1(i586|x86_64)0:1.7.1_sr3.30-9.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr3.40-13.1(i586|x86_64)0:1.7.1_sr3.40-13.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr3.60-19.2(i586|x86_64)0:1.7.1_sr3.60-19.2(i586|ppc64|s390x|x86_64)0:1.7.1_sr4.1-22.1(i586|x86_64)0:1.7.1_sr4.1-22.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr4.5-25.1(i586|x86_64)0:1.7.1_sr4.5-25.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr4.10-26.5.1(i586|x86_64)0:1.7.1_sr4.10-26.5.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr4.15-26.8.1(i586|x86_64)0:1.7.1_sr4.15-26.8.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr4.20-26.13.1(i586|x86_64)0:1.7.1_sr4.20-26.13.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr4.25-26.26.1(i586|x86_64)0:1.7.1_sr4.25-26.26.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr4.30-26.29.1(i586|x86_64)0:1.7.1_sr4.30-26.29.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr4.35-26.32.1(i586|x86_64)0:1.7.1_sr4.35-26.32.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr4.40-26.36.1(i586|x86_64)0:1.7.1_sr4.40-26.36.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr4.45-26.40.1(i586|x86_64)0:1.7.1_sr4.45-26.40.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr4.50-26.44.1(i586|x86_64)0:1.7.1_sr4.50-26.44.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr4.55-26.47.1(i586|x86_64)0:1.7.1_sr4.55-26.47.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr4.60-26.50.1(i586|x86_64)0:1.7.1_sr4.60-26.50.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr4.65-26.55.1(i586|x86_64)0:1.7.1_sr4.65-26.55.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr4.70-26.58.1(i586|x86_64)0:1.7.1_sr4.70-26.58.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr4.75-26.62.1(i586|x86_64)0:1.7.1_sr4.75-26.62.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr4.80-26.65.1(i586|x86_64)0:1.7.1_sr4.80-26.65.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr5.0-26.68.1(i586|x86_64)0:1.7.1_sr5.0-26.68.1(i586|ppc64|s390x|x86_64)0:1.7.1_sr5.5-26.71.2(i586|x86_64)0:1.7.1_sr5.5-26.71.2(i586|ppc64|s390x|x86_64)0:1.7.1_sr3.50-16.1(i586|x86_64)0:1.7.1_sr3.50-16.1(i586|ia64|ppc64|s390x|x86_64)0:6b-879.12.7.1(i586|ia64|ppc64|s390x|x86_64)0:6.2.0-879.12.7.1(ppc64|s390x|x86_64)0:6.2.0-879.12.7.1(ia64)0:6.2.0-879.12.7.1(i586|ia64|ppc64|s390x|x86_64)0:3.5.10-23.30.5.1(ppc64|s390x|x86_64)0:3.5.10-23.30.5.1(ia64)0:3.5.10-23.30.5.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-80.1(s390x)0:3.0.101-80.1(i586|x86_64)0:3.0.101-80.1(i586)0:3.0.101-80.1(ppc64)0:3.0.101-80.1(ppc64)0:3.0.101-88.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-88.1(s390x)0:3.0.101-88.1(i586|x86_64)0:3.0.101-88.1(i586)0:3.0.101-88.1(ppc64)0:3.0.101-94.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-94.1(s390x)0:3.0.101-94.1(i586|x86_64)0:3.0.101-94.1(i586)0:3.0.101-94.1(ppc64)0:3.0.101-97.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-97.1(s390x)0:3.0.101-97.1(i586|x86_64)0:3.0.101-97.1(i586)0:3.0.101-97.1(ppc64)0:3.0.101-104.2(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-104.2(s390x)0:3.0.101-104.2(i586|x86_64)0:3.0.101-104.2(i586)0:3.0.101-104.2(ppc64)0:3.0.101-108.7.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-108.7.1(s390x)0:3.0.101-108.7.1(i586|x86_64)0:3.0.101-108.7.1(i586)0:3.0.101-108.7.1(ppc64)0:3.0.101-108.13.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-108.13.1(s390x)0:3.0.101-108.13.1(i586|x86_64)0:3.0.101-108.13.1(i586)0:3.0.101-108.13.1(ppc64)0:3.0.101-108.71.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-108.71.1(s390x)0:3.0.101-108.71.1(i586|x86_64)0:3.0.101-108.71.1(i586)0:3.0.101-108.71.1(ppc64)0:3.0.101-108.132.1(i586|ppc64|s390x|x86_64)0:3.0.101-108.132.1(s390x)0:3.0.101-108.132.1(i586|x86_64)0:3.0.101-108.132.1(i586)0:3.0.101-108.132.1(ppc64)0:3.0.101-108.135.1(i586|ppc64|s390x|x86_64)0:3.0.101-108.135.1(s390x)0:3.0.101-108.135.1(i586|x86_64)0:3.0.101-108.135.1(i586)0:3.0.101-108.135.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-65.1(s390x)0:3.0.101-65.1(i586|x86_64)0:3.0.101-65.1(i586)0:3.0.101-65.1(ppc64)0:3.0.101-65.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-71.1(s390x)0:3.0.101-71.1(i586|x86_64)0:3.0.101-71.1(i586)0:3.0.101-71.1(ppc64)0:3.0.101-71.1(ppc64)0:3.0.101-108.18.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-108.18.1(s390x)0:3.0.101-108.18.1(i586|x86_64)0:3.0.101-108.18.1(i586)0:3.0.101-108.18.1(ppc64)0:3.0.101-108.21.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-108.21.1(s390x)0:3.0.101-108.21.1(i586|x86_64)0:3.0.101-108.21.1(i586)0:3.0.101-108.21.1(s390x)0:3.0.101-108.24.1(ppc64)0:3.0.101-108.35.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-108.35.1(s390x)0:3.0.101-108.35.1(i586|x86_64)0:3.0.101-108.35.1(i586)0:3.0.101-108.35.1(ppc64)0:3.0.101-108.48.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-108.48.1(s390x)0:3.0.101-108.48.1(i586|x86_64)0:3.0.101-108.48.1(i586)0:3.0.101-108.48.1(ppc64)0:3.0.101-108.52.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-108.52.1(s390x)0:3.0.101-108.52.1(i586|x86_64)0:3.0.101-108.52.1(i586)0:3.0.101-108.52.1(ppc64)0:3.0.101-108.68.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-108.68.1(s390x)0:3.0.101-108.68.1(i586|x86_64)0:3.0.101-108.68.1(i586)0:3.0.101-108.68.1(ppc64)0:3.0.101-108.77.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-108.77.1(s390x)0:3.0.101-108.77.1(i586|x86_64)0:3.0.101-108.77.1(i586)0:3.0.101-108.77.1(ppc64)0:3.0.101-108.87.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-108.87.1(s390x)0:3.0.101-108.87.1(i586|x86_64)0:3.0.101-108.87.1(i586)0:3.0.101-108.87.1(ppc64)0:3.0.101-108.90.1(i586|ppc64|s390x|x86_64)0:3.0.101-108.90.1(s390x)0:3.0.101-108.90.1(i586|x86_64)0:3.0.101-108.90.1(i586)0:3.0.101-108.90.1(noarch)0:20110923-0.59.3.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-68.1(s390x)0:3.0.101-68.1(i586|x86_64)0:3.0.101-68.1(i586)0:3.0.101-68.1(ppc64)0:3.0.101-68.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-77.1(s390x)0:3.0.101-77.1(i586|x86_64)0:3.0.101-77.1(i586)0:3.0.101-77.1(ppc64)0:3.0.101-77.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-84.1(s390x)0:3.0.101-84.1(i586|x86_64)0:3.0.101-84.1(i586)0:3.0.101-84.1(ppc64)0:3.0.101-84.1(ppc64)0:3.0.101-107.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-107.1(s390x)0:3.0.101-107.1(i586|x86_64)0:3.0.101-107.1(i586)0:3.0.101-107.1(ppc64)0:3.0.101-108.10.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-108.10.1(s390x)0:3.0.101-108.10.1(i586|x86_64)0:3.0.101-108.10.1(i586)0:3.0.101-108.10.1(ppc64)0:3.0.101-108.57.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-108.57.1(s390x)0:3.0.101-108.57.1(i586|x86_64)0:3.0.101-108.57.1(i586)0:3.0.101-108.57.1(ppc64)0:3.0.101-108.60.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-108.60.1(s390x)0:3.0.101-108.60.1(i586|x86_64)0:3.0.101-108.60.1(i586)0:3.0.101-108.60.1(ppc64)0:3.0.101-108.81.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-108.81.1(s390x)0:3.0.101-108.81.1(i586|x86_64)0:3.0.101-108.81.1(i586)0:3.0.101-108.81.1(ppc64)0:3.0.101-108.95.2(i586|ppc64|s390x|x86_64)0:3.0.101-108.95.2(s390x)0:3.0.101-108.95.2(i586|x86_64)0:3.0.101-108.95.2(i586)0:3.0.101-108.95.2(i586|ppc64|s390x|x86_64)0:3.0.101-108.95.1(ppc64)0:3.0.101-108.98.1(i586|ppc64|s390x|x86_64)0:3.0.101-108.98.1(s390x)0:3.0.101-108.98.1(i586|x86_64)0:3.0.101-108.98.1(i586)0:3.0.101-108.98.1(ppc64)0:3.0.101-108.101.1(i586|ppc64|s390x|x86_64)0:3.0.101-108.101.1(s390x)0:3.0.101-108.101.1(i586|x86_64)0:3.0.101-108.101.1(i586)0:3.0.101-108.101.1(ppc64)0:3.0.101-108.108.1(i586|ppc64|s390x|x86_64)0:3.0.101-108.108.1(s390x)0:3.0.101-108.108.1(i586|x86_64)0:3.0.101-108.108.1(i586)0:3.0.101-108.108.1(ppc64)0:3.0.101-108.111.1(i586|ppc64|s390x|x86_64)0:3.0.101-108.111.1(s390x)0:3.0.101-108.111.1(i586|x86_64)0:3.0.101-108.111.1(i586)0:3.0.101-108.111.1(ppc64)0:3.0.101-108.114.1(i586|ppc64|s390x|x86_64)0:3.0.101-108.114.1(s390x)0:3.0.101-108.114.1(i586|x86_64)0:3.0.101-108.114.1(i586)0:3.0.101-108.114.1(ppc64)0:3.0.101-108.117.1(i586|ppc64|s390x|x86_64)0:3.0.101-108.117.1(s390x)0:3.0.101-108.117.1(i586|x86_64)0:3.0.101-108.117.1(i586)0:3.0.101-108.117.1(ppc64)0:3.0.101-108.120.1(i586|ppc64|s390x|x86_64)0:3.0.101-108.120.1(s390x)0:3.0.101-108.120.1(i586|x86_64)0:3.0.101-108.120.1(i586)0:3.0.101-108.120.1(ppc64)0:3.0.101-108.123.1(i586|ppc64|s390x|x86_64)0:3.0.101-108.123.1(s390x)0:3.0.101-108.123.1(i586|x86_64)0:3.0.101-108.123.1(i586)0:3.0.101-108.123.1(ppc64)0:3.0.101-108.126.1(i586|ppc64|s390x|x86_64)0:3.0.101-108.126.1(s390x)0:3.0.101-108.126.1(i586|x86_64)0:3.0.101-108.126.1(i586)0:3.0.101-108.126.1(ppc64)0:3.0.101-108.129.1(i586|ppc64|s390x|x86_64)0:3.0.101-108.129.1(s390x)0:3.0.101-108.129.1(i586|x86_64)0:3.0.101-108.129.1(i586)0:3.0.101-108.129.1(ppc64)0:3.0.101-108.38.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-108.38.1(s390x)0:3.0.101-108.38.1(i586|x86_64)0:3.0.101-108.38.1(i586)0:3.0.101-108.38.1(ppc64)0:3.0.101-108.41.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-108.41.1(s390x)0:3.0.101-108.41.1(i586|x86_64)0:3.0.101-108.41.1(i586)0:3.0.101-108.41.1(i586|ia64|ppc64|s390x|x86_64)0:1.4.20-0.43.2.1(ppc64)0:1.4.20_3.0.101_108.52-0.43.2.1(i586|ia64|ppc64|s390x|x86_64)0:1.4.20_3.0.101_108.52-0.43.2.1(i586)0:1.4.20_3.0.101_108.52-0.43.2.1(i586|x86_64)0:1.4.20_3.0.101_108.52-0.43.2.1(i586|ia64|ppc64|s390x|x86_64)0:1.5.4.1-22.3.1(ppc64)0:1.5.4.1_3.0.101_108.52-22.3.1(i586|ia64|ppc64|x86_64)0:1.5.4.1_3.0.101_108.52-22.3.1(i586)0:1.5.4.1_3.0.101_108.52-22.3.1(i586|ia64|ppc64|s390x|x86_64)0:1.4.20-0.43.7.1(ppc64)0:1.4.20_3.0.101_108.87-0.43.7.1(i586|ia64|ppc64|s390x|x86_64)0:1.4.20_3.0.101_108.87-0.43.7.1(i586)0:1.4.20_3.0.101_108.87-0.43.7.1(i586|x86_64)0:1.4.20_3.0.101_108.87-0.43.7.1(i586|ia64|ppc64|s390x|x86_64)0:1.5.4.1-22.6.1(ppc64)0:1.5.4.1_3.0.101_108.87-22.6.1(i586|ia64|ppc64|x86_64)0:1.5.4.1_3.0.101_108.87-22.6.1(i586)0:1.5.4.1_3.0.101_108.87-22.6.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.5-7.44.2.1(ppc64)0:2.0.5_3.0.101_108.87-7.44.2.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.5_3.0.101_108.87-7.44.2.1(i586)0:2.0.5_3.0.101_108.87-7.44.2.1(i586|x86_64)0:2.0.5_3.0.101_108.87-7.44.2.1(i586|ia64|ppc64|s390x|x86_64)0:1.6.3-133.49.106.1(ppc64|s390x|x86_64)0:1.6.3-133.49.106.1(ia64)0:1.6.3-133.49.106.1(i586|ia64|ppc64|s390x|x86_64)0:1.6.3-133.49.109.1(ppc64|s390x|x86_64)0:1.6.3-133.49.109.1(ia64)0:1.6.3-133.49.109.1(i586|ia64|ppc64|s390x|x86_64)0:1.6.3-133.49.113.7.1(ppc64|s390x|x86_64)0:1.6.3-133.49.113.7.1(ia64)0:1.6.3-133.49.113.7.1(i586|s390x|x86_64)0:1.4.2-32.1(i586|s390x|x86_64)0:1.4.2-35.1(i586|s390x|x86_64)0:1.4.2-44.1(i586|s390x|x86_64)0:1.4.2-47.1(i586|s390x|x86_64)0:1.4.2-50.1(i586|s390x|x86_64)0:1.4.2-59.1(i586|s390x|x86_64)0:1.4.2-60.3.1(i586|s390x|x86_64)0:1.4.2-60.6.1(i586|s390x|x86_64)0:1.4.2-60.9.1(i586|s390x|x86_64)0:1.4.2-60.12.1(i586|s390x|x86_64)0:1.4.2-60.15.2(i586|s390x|x86_64)0:1.4.2-60.18.2(i586|s390x|x86_64)0:1.4.2-60.21.1(i586|s390x|x86_64)0:1.4.2-60.24.1(i586|s390x|x86_64)0:1.4.2-60.27.1(i586|s390x|x86_64)0:1.4.2-60.31.1(i586|s390x|x86_64)0:1.4.2-60.34.1(i586|s390x|x86_64)0:1.4.2-60.37.1(i586|ia64|ppc64|s390x|x86_64)0:1.14.0.894-3.1(i586|ia64|ppc64|s390x|x86_64)0:1.3.4-12.22.23.3.2(ppc64)0:1.3.4-12.22.23.3.2(i586|ia64|ppc64|s390x|x86_64)0:1.3.3-11.18.19.13.2(ppc64)0:1.3.3-11.18.19.13.2(i586|ppc64|s390x|x86_64)0:0.99.beta13b-49.3.1(i586|ia64|ppc64|s390x|x86_64)0:0.6.3-1.9.6(ppc64|s390x|x86_64)0:0.6.3-1.9.6(i586|ia64|ppc64|s390x|x86_64)0:1.7.4-7.9.1(i586|ppc64|s390x|x86_64)0:1.7.4-7.10.3.1(i586|ia64|ppc64|s390x|x86_64)0:0.41.rc1-7.1(i586|ppc64|s390x|x86_64)0:0.6.1-122.9.1(ppc64|s390x|x86_64)0:0.6.1-122.9.1(i586|ia64|ppc64|s390x|x86_64)0:4.5.20-97.5(ppc64|s390x|x86_64)0:4.5.20-97.5(ia64)0:4.5.20-97.5(i586|ppc64|s390x|x86_64)0:1.0.4-157.18.3.1(i586|ia64|ppc64|s390x|x86_64)0:1.4.5-24.24.3.1(i586|ia64|ppc64|s390x|x86_64)0:0.6.17-2.14.3.1(ppc64|s390x|x86_64)0:0.6.17-2.14.3.1(ia64)0:0.6.17-2.14.3.1(i586|ppc64|s390x|x86_64)0:0.6.17-2.14.7.2(ppc64|s390x|x86_64)0:0.6.17-2.14.7.2(i586|ia64|ppc64|s390x|x86_64)0:1.5.0-0.22.1(ppc64|s390x|x86_64)0:1.5.0-0.22.1(ia64)0:1.5.0-0.22.1(i586|ia64|ppc64|s390x|x86_64)0:1.5.0-0.25.1(ppc64|s390x|x86_64)0:1.5.0-0.25.1(ia64)0:1.5.0-0.25.1(i586|ppc64|s390x|x86_64)0:1.5.0-0.26.6.1(ppc64|s390x|x86_64)0:1.5.0-0.26.6.1(i586|ia64|ppc64|s390x|x86_64)0:0.43-1.10.6.1(ppc64|s390x|x86_64)0:0.43-1.10.6.1(i586|ia64|ppc64|s390x|x86_64)0:1.10-6.1(ppc64|s390x|x86_64)0:1.10-6.1(ia64)0:1.10-6.1(i586|ia64|ppc64|s390x|x86_64)0:1.10-7.3.1(ppc64|s390x|x86_64)0:1.10-7.3.1(ia64)0:1.10-7.3.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.4-1.25.1(i586|ia64|ppc64|s390x|x86_64)0:1.7.0-1.3.3.1(i586|ia64|ppc64|s390x|x86_64)0:1.7.0-1.3.6.1(i586|ia64|ppc64|s390x|x86_64)0:1.7.0-1.3.13.1(i586|ia64|ppc64|s390x|x86_64)0:1.7.0-1.3.16.1(i586|ia64|ppc64|s390x|x86_64)0:0.0.20060920alpha-74.11.6.1(i586|ia64|ppc64|s390x|x86_64)0:3.2.0-10.5.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.31-5.43.1(ppc64|s390x|x86_64)0:1.2.31-5.43.1(ia64)0:1.2.31-5.43.1(i586|ia64|ppc64|s390x|x86_64)0:0.1.4-3.1(ppc64|s390x|x86_64)0:0.1.4-3.1(ia64)0:0.1.4-3.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.20-2.13.1(ppc64|s390x|x86_64)0:1.0.20-2.13.1(ia64)0:1.0.20-2.13.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.20-2.18.1(ppc64|s390x|x86_64)0:1.0.20-2.18.1(ia64)0:1.0.20-2.18.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.20-2.19.7.3(ppc64|s390x|x86_64)0:1.0.20-2.19.7.3(ia64)0:1.0.20-2.19.7.3(i586|ia64|ppc64|s390x|x86_64)0:1.0.20-2.19.12.1(ppc64|s390x|x86_64)0:1.0.20-2.19.12.1(ia64)0:1.0.20-2.19.12.1(i586|ppc64|s390x|x86_64)0:1.0.20-2.19.15.1(ppc64|s390x|x86_64)0:1.0.20-2.19.15.1(i586|ppc64|s390x|x86_64)0:1.0.20-2.19.18.1(ppc64|s390x|x86_64)0:1.0.20-2.19.18.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.9-4.2.6.1(i586|ia64|ppc64|s390x|x86_64)0:1.4.3-17.3.1(i586|ppc64|s390x|x86_64)0:1.4.3-17.6.1(i586|ppc64|s390x|x86_64)0:1.4.3-17.9.1(i586|ppc64|s390x|x86_64)0:1.4.3-17.12.1(i586|ia64|ppc64|s390x|x86_64)0:1.3.3-12.4.1(i586|ppc64|s390x|x86_64)0:1.3.4-12.5.5.2(i586|ia64|ppc64|s390x|x86_64)0:0.2.1-1.12.3(i586|ia64|ppc64|s390x|x86_64)0:0.1.6+git20080930-6.27.2(i586|ia64|ppc64|s390x|x86_64)0:0.2.1-1.13.3.3(i586|ia64|ppc64|s390x|x86_64)0:0.2.1-1.13.6.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.5-12.3(ppc64|s390x|x86_64)0:1.2.5-12.3(i586|ia64|ppc64|s390x|x86_64)0:1.2.5-15.3(ppc64|s390x|x86_64)0:1.2.5-15.3(i586|ia64|ppc64|s390x|x86_64)0:1.2.5-4.2(i586|ia64|ppc64|s390x|x86_64)0:1.2.5-23.3.1(ppc64|s390x|x86_64)0:1.2.5-23.3.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.5-23.6.1(ppc64|s390x|x86_64)0:1.2.5-23.6.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.5-23.15.1(ppc64|s390x|x86_64)0:1.2.5-23.15.1(i586|ppc64|s390x|x86_64)0:1.2.5-23.20.1(ppc64|s390x|x86_64)0:1.2.5-23.20.1(i586|ppc64|s390x|x86_64)0:1.2.5-23.24.1(ppc64|s390x|x86_64)0:1.2.5-23.24.1(i586|ppc64|s390x|x86_64)0:1.2.5-3.3.2(i586|ia64|ppc64|s390x|x86_64)0:1.2.0-79.20.3.1(ppc64|s390x|x86_64)0:1.2.0-79.20.3.1(ia64)0:1.2.0-79.20.3.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.0-79.20.6.1(ppc64|s390x|x86_64)0:1.2.0-79.20.6.1(ia64)0:1.2.0-79.20.6.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.0-79.20.11.1(ppc64|s390x|x86_64)0:1.2.0-79.20.11.1(ia64)0:1.2.0-79.20.11.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.0-79.20.14.1(ppc64|s390x|x86_64)0:1.2.0-79.20.14.1(ia64)0:1.2.0-79.20.14.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.40.1(ppc64|s390x|x86_64)0:2.7.6-0.40.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.40.3(ia64)0:2.7.6-0.40.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.44.1(ppc64|s390x|x86_64)0:2.7.6-0.44.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.44.4(ia64)0:2.7.6-0.44.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.47.1(ppc64|s390x|x86_64)0:2.7.6-0.47.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.47.3(ia64)0:2.7.6-0.47.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.50.1(ppc64|s390x|x86_64)0:2.7.6-0.50.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.50.4(ia64)0:2.7.6-0.50.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.64.1(ppc64|s390x|x86_64)0:2.7.6-0.64.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.64.4(ia64)0:2.7.6-0.64.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.69.1(ppc64|s390x|x86_64)0:2.7.6-0.69.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.69.3(ia64)0:2.7.6-0.69.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.76.1(ppc64|s390x|x86_64)0:2.7.6-0.76.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.76.4(ia64)0:2.7.6-0.76.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.77.3.2(ppc64|s390x|x86_64)0:2.7.6-0.77.3.2(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.77.3.5(ia64)0:2.7.6-0.77.3.2(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.77.10.1(ppc64|s390x|x86_64)0:2.7.6-0.77.10.1(ia64)0:2.7.6-0.77.10.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.6-0.77.15.1(ppc64|s390x|x86_64)0:2.7.6-0.77.15.1(ia64)0:2.7.6-0.77.15.1(i586|ppc64|s390x|x86_64)0:2.7.6-0.77.18.1(ppc64|s390x|x86_64)0:2.7.6-0.77.18.1(i586|ppc64|s390x|x86_64)0:2.7.6-0.77.36.1(ppc64|s390x|x86_64)0:2.7.6-0.77.36.1(i586|ppc64|s390x|x86_64)0:2.7.6-0.77.43.1(ppc64|s390x|x86_64)0:2.7.6-0.77.43.1(i586|ia64|ppc64|s390x|x86_64)0:1.1.24-19.33.1(ppc64|s390x|x86_64)0:1.1.24-19.33.1(ia64)0:1.1.24-19.33.1(ppc64)0:3.0.101-91.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-91.1(s390x)0:3.0.101-91.1(i586|x86_64)0:3.0.101-91.1(i586)0:3.0.101-91.1(ppc64)0:3.0.101-100.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.101-100.1(s390x)0:3.0.101-100.1(i586|x86_64)0:3.0.101-100.1(i586)0:3.0.101-100.1(i586|ia64|ppc64|s390x|x86_64)0:2.1.15-9.6.3.1(i586|ia64|ppc64|s390x|x86_64)0:2.1.15-9.6.6.1(i586|ppc64|s390x|x86_64)0:2.1.15-9.6.12.1(i586|ppc64|s390x|x86_64)0:2.1.15-9.6.15.1(i586|ppc64|s390x|x86_64)0:2.1.15-9.6.20.1(i586|ppc64|s390x|x86_64)0:2.1.15-9.6.26.1(i586|ia64|ppc64|s390x|x86_64)0:45.5.1esr-59.1(i586|ia64|ppc64|s390x|x86_64)0:3.21.3-39.1(ppc64|s390x|x86_64)0:3.21.3-39.1(ia64)0:3.21.3-39.1(i586|ia64|ppc64|s390x|x86_64)0:1.1.36-28.3.1(i586|x86_64)0:1.17-102.83.21.1(i586|x86_64)0:1.17-102.83.36.1(i586|x86_64)0:1.17-102.83.41.1(i586|x86_64)0:1.17-102.83.47.1(i586|x86_64)0:1.17-102.83.50.1(i586|x86_64)0:1.17-102.83.53.1(i586|x86_64)0:1.17-102.83.59.1(i586|x86_64)0:1.17-102.83.62.1(i586|x86_64)0:1.17-102.83.71.1(i586|ia64|ppc64|s390x|x86_64)0:2.3-27.24.6.2(i586|ia64|ppc64|s390x|x86_64)0:2.6.7-0.16.1(i586|ia64|ppc64|s390x|x86_64)0:2.6.7-0.18.1(i586|ppc64|s390x|x86_64)0:3.68.1-47.19.1(ppc64|s390x|x86_64)0:3.68.1-47.19.1(i586|ppc64|s390x|x86_64)0:3.68.3-47.25.1(ppc64|s390x|x86_64)0:3.68.3-47.25.1(i586|x86_64)0:3.53.1-38.23.1(i586|ppc64|s390x|x86_64)0:4.25-29.12.2(ppc64|s390x|x86_64)0:4.25-29.12.2(i586|ppc64|s390x|x86_64)0:3.68-47.16.1(ppc64|s390x|x86_64)0:3.68-47.16.1(i586|ppc64|s390x|x86_64)0:4.32-33.6.1(ppc64|s390x|x86_64)0:4.32-33.6.1(i586|ia64|ppc64|s390x|x86_64)0:1.5.17-42.43.1(i586|ppc64|s390x|x86_64)0:1.5.17-42.51.1(i586|ppc64|s390x|x86_64)0:1.5.17-42.56.1(i586|ia64|ppc64|s390x|x86_64)0:5.5.49-0.20.1(ppc64|s390x|x86_64)0:5.5.49-0.20.1(ia64)0:5.5.49-0.20.1(i586|ia64|ppc64|s390x|x86_64)0:5.0.96-0.8.10.3(ppc64|s390x|x86_64)0:5.0.96-0.8.10.3(ia64)0:5.0.96-0.8.10.3(i586|ia64|ppc64|s390x|x86_64)0:5.5.52-0.27.1(ppc64|s390x|x86_64)0:5.5.52-0.27.1(ia64)0:5.5.52-0.27.1(i586|ia64|ppc64|s390x|x86_64)0:5.5.53-0.30.1(ppc64|s390x|x86_64)0:5.5.53-0.30.1(ia64)0:5.5.53-0.30.1(i586|ia64|ppc64|s390x|x86_64)0:5.5.54-0.35.1(ppc64|s390x|x86_64)0:5.5.54-0.35.1(ia64)0:5.5.54-0.35.1(i586|ia64|ppc64|s390x|x86_64)0:5.5.55-0.38.1(ppc64|s390x|x86_64)0:5.5.55-0.38.1(ia64)0:5.5.55-0.38.1(i586|ia64|ppc64|s390x|x86_64)0:5.5.57-0.39.3.1(ppc64|s390x|x86_64)0:5.5.57-0.39.3.1(ia64)0:5.5.57-0.39.3.1(i586|ia64|ppc64|s390x|x86_64)0:5.5.58-0.39.6.1(ppc64|s390x|x86_64)0:5.5.58-0.39.6.1(ia64)0:5.5.58-0.39.6.1(i586|ia64|ppc64|s390x|x86_64)0:5.5.59-0.39.9.8(ppc64|s390x|x86_64)0:5.5.59-0.39.9.8(ia64)0:5.5.59-0.39.9.8(i586|ia64|ppc64|s390x|x86_64)0:5.5.60-0.39.12.1(ppc64|s390x|x86_64)0:5.5.60-0.39.12.1(ia64)0:5.5.60-0.39.12.1(i586|ia64|ppc64|s390x|x86_64)0:5.5.61-0.39.15.1(ppc64|s390x|x86_64)0:5.5.61-0.39.15.1(ia64)0:5.5.61-0.39.15.1(i586|ia64|ppc64|s390x|x86_64)0:5.5.62-0.39.18.1(ppc64|s390x|x86_64)0:5.5.62-0.39.18.1(ia64)0:5.5.62-0.39.18.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.6-1.25.36.3.1(i586|ia64|ppc64|s390x|x86_64)0:2.12-24.4.10.3.3(i586|ia64|ppc64|s390x|x86_64)0:2.28.4-1.16.21.3.1(ppc64|s390x|x86_64)0:2.28.4-1.16.21.3.1(ia64)0:2.28.4-1.16.21.3.1(i586|ia64|ppc64|s390x|x86_64)0:5.6-92.1(ppc64|s390x|x86_64)0:5.6-92.1(ia64)0:5.6-92.1(i586|ia64|ppc64|s390x|x86_64)0:5.6-93.6.1(ppc64|s390x|x86_64)0:5.6-93.6.1(ia64)0:5.6-93.6.1(i586|ia64|ppc64|s390x|x86_64)0:5.6-93.12.1(ppc64|s390x|x86_64)0:5.6-93.12.1(ia64)0:5.6-93.12.1(i586|ia64|ppc64|s390x|x86_64)0:5.6-93.15.1(ppc64|s390x|x86_64)0:5.6-93.15.1(ia64)0:5.6-93.15.1(i586|ia64|ppc64|s390x|x86_64)0:10.26.44-101.14.1(ppc64|s390x|x86_64)0:10.26.44-101.14.1(ia64)0:10.26.44-101.14.1(i586|ppc64|s390x|x86_64)0:10.26.44-101.15.5.2(ppc64|s390x|x86_64)0:10.26.44-101.15.5.2(i586|ia64|ppc64|s390x|x86_64)0:4.2.8p4-5.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.8p6-8.2(i586|ia64|ppc64|s390x|x86_64)0:4.2.8p7-11.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.8p8-14.1(i586|ia64|ppc64|s390x|x86_64)0:1.5-1.34.1(ppc64|s390x|x86_64)0:1.5-1.34.1(ia64)0:1.5-1.34.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.8p9-57.2(i586|ia64|ppc64|s390x|x86_64)0:4.2.8p10-63.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.8p11-64.4.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.8p12-64.7.1(i586|ia64|ppc64|s390x|x86_64)0:4.2.8p13-64.13.1(i586|ppc64|s390x|x86_64)0:4.2.8p15-64.16.1(i586|x86_64)0:10.1.0-7.1(i586|ppc64|s390x|x86_64)0:2.3.37-2.74.9.1(i586|ppc64|s390x|x86_64)0:2.4.26-0.74.9.1(i586|ppc64|s390x|x86_64)0:2.3.37-2.74.13.1(i586|ppc64|s390x|x86_64)0:2.4.26-0.74.13.1(i586|ppc64|s390x|x86_64)0:2.3.37-2.74.16.1(i586|ppc64|s390x|x86_64)0:2.4.26-0.74.16.1(i586|ppc64|s390x|x86_64)0:2.3.37-2.74.26.1(i586|ppc64|s390x|x86_64)0:2.4.26-0.74.26.1(i586|ia64|ppc64|s390x|x86_64)0:0.11.6-5.27.3.1(ppc64|s390x|x86_64)0:0.11.6-5.27.3.1(ia64)0:0.11.6-5.27.3.1(i586|ppc64|s390x|x86_64)0:0.11.6-5.27.14.1(ppc64|s390x|x86_64)0:0.11.6-5.27.14.1(ppc64|s390x|x86_64)0:1.2.0-172.27.3.1(ia64)0:1.2.0-172.27.3.1(i586|ia64|ppc64|s390x|x86_64)0:6.6p1-13.1(i586|ia64|ppc64|s390x|x86_64)0:6.6p1-13.3(i586|ia64|ppc64|s390x|x86_64)0:6.6p1-21.1(i586|ia64|ppc64|s390x|x86_64)0:6.6p1-21.3(i586|ia64|ppc64|s390x|x86_64)0:6.6p1-28.1(i586|ia64|ppc64|s390x|x86_64)0:6.6p1-28.2(i586|ia64|ppc64|s390x|x86_64)0:6.6p1-35.1(i586|ia64|ppc64|s390x|x86_64)0:6.6p1-35.4(i586|ia64|ppc64|s390x|x86_64)0:6.6p1-36.3.1(i586|ia64|ppc64|s390x|x86_64)0:6.6p1-36.6.1(i586|ia64|ppc64|s390x|x86_64)0:6.6p1-36.12.1(i586|ppc64|s390x|x86_64)0:6.6p1-36.20.1(i586|ppc64|s390x|x86_64)0:6.6p1-36.26.1(i586|ia64|ppc64|s390x|x86_64)0:6.6p1-16.1(i586|ia64|ppc64|s390x|x86_64)0:6.6p1-16.4(i586|ia64|ppc64|s390x|x86_64)0:0.9.8j-0.89.1(ppc64|s390x|x86_64)0:0.9.8j-0.89.1(ia64)0:0.9.8j-0.89.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.8j-0.97.1(ppc64|s390x|x86_64)0:0.9.8j-0.97.1(ia64)0:0.9.8j-0.97.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.8j-0.102.2(ppc64|s390x|x86_64)0:0.9.8j-0.102.2(ia64)0:0.9.8j-0.102.2(i586|ia64|ppc64|s390x|x86_64)0:0.9.8j-0.105.1(ppc64|s390x|x86_64)0:0.9.8j-0.105.1(ia64)0:0.9.8j-0.105.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.8j-0.106.9.1(ppc64|s390x|x86_64)0:0.9.8j-0.106.9.1(ia64)0:0.9.8j-0.106.9.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.8j-0.106.12.1(ppc64|s390x|x86_64)0:0.9.8j-0.106.12.1(ia64)0:0.9.8j-0.106.12.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.8j-0.106.15.1(ppc64|s390x|x86_64)0:0.9.8j-0.106.15.1(ia64)0:0.9.8j-0.106.15.1(i586|ia64|ppc64|s390x|x86_64)0:0.9.8j-0.106.18.1(ppc64|s390x|x86_64)0:0.9.8j-0.106.18.1(ia64)0:0.9.8j-0.106.18.1(i586|ppc64|s390x|x86_64)0:0.9.8j-0.106.21.1(ppc64|s390x|x86_64)0:0.9.8j-0.106.21.1(i586|ppc64|s390x|x86_64)0:0.9.8j-0.106.25.1(ppc64|s390x|x86_64)0:0.9.8j-0.106.25.1(i586|ppc64|s390x|x86_64)0:0.9.8j-0.106.28.1(ppc64|s390x|x86_64)0:0.9.8j-0.106.28.1(i586|ppc64|s390x|x86_64)0:0.9.8j-0.106.31.1(ppc64|s390x|x86_64)0:0.9.8j-0.106.31.1(i586|ppc64|s390x|x86_64)0:0.9.8j-0.106.34.1(ppc64|s390x|x86_64)0:0.9.8j-0.106.34.1(i586|ppc64|s390x|x86_64)0:0.9.8j-0.106.37.1(ppc64|s390x|x86_64)0:0.9.8j-0.106.37.1(i586|ppc64|s390x|x86_64)0:0.9.8j-0.106.40.1(ppc64|s390x|x86_64)0:0.9.8j-0.106.40.1(i586|ppc64|s390x|x86_64)0:0.9.8j-0.106.43.1(ppc64|s390x|x86_64)0:0.9.8j-0.106.43.1(i586|ppc64|s390x|x86_64)0:0.9.8j-0.106.46.1(ppc64|s390x|x86_64)0:0.9.8j-0.106.46.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.9-143.46.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.9-143.47.3.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.3-0.16.8.1(i586|ia64|ppc64|s390x|x86_64)0:1.1.5-0.17.2(ppc64|s390x|x86_64)0:1.1.5-0.17.2(ia64)0:1.1.5-0.17.2(i586|ia64|ppc64|s390x|x86_64)0:11-1.27.3.1(ppc64|s390x|x86_64)0:11-1.27.3.1(ia64)0:11-1.27.3.1(i586|ia64|ppc64|s390x|x86_64)0:0.6.0-141.3.1(ppc64|s390x|x86_64)0:0.6.0-141.3.1(ia64)0:0.6.0-141.3.1(i586|ia64|ppc64|s390x|x86_64)0:2.5.9-252.22.7.1(i586|ia64|ppc64|s390x|x86_64)0:5.10.0-64.80.1(ppc64|s390x|x86_64)0:5.10.0-64.80.1(i586|ia64|ppc64|s390x|x86_64)0:0.2808.01-0.80.1(i586|ia64|ppc64|s390x|x86_64)0:0.72-0.80.1(ia64)0:5.10.0-64.80.1(i586|ia64|ppc64|s390x|x86_64)0:5.10.0-64.81.3.1(ppc64|s390x|x86_64)0:5.10.0-64.81.3.1(i586|ia64|ppc64|s390x|x86_64)0:0.2808.01-0.81.3.1(i586|ia64|ppc64|s390x|x86_64)0:0.72-0.81.3.1(ia64)0:5.10.0-64.81.3.1(i586|ia64|ppc64|s390x|x86_64)0:5.10.0-64.81.10.1(ppc64|s390x|x86_64)0:5.10.0-64.81.10.1(i586|ia64|ppc64|s390x|x86_64)0:0.2808.01-0.81.10.1(i586|ia64|ppc64|s390x|x86_64)0:0.72-0.81.10.1(ia64)0:5.10.0-64.81.10.1(i586|ia64|ppc64|s390x|x86_64)0:5.10.0-64.81.13.1(ppc64|s390x|x86_64)0:5.10.0-64.81.13.1(i586|ia64|ppc64|s390x|x86_64)0:0.2808.01-0.81.13.1(i586|ia64|ppc64|s390x|x86_64)0:0.72-0.81.13.1(ia64)0:5.10.0-64.81.13.1(i586|ia64|ppc64|s390x|x86_64)0:1.24-4.3.1(i586|ia64|ppc64|s390x|x86_64)0:4.008-6.1(i586|ia64|ppc64|s390x|x86_64)0:4.008-9.1(i586|ia64|ppc64|s390x|x86_64)0:4.008-10.5.1(i586|ppc64|s390x|x86_64)0:1.607-3.3.1(i586|ppc64|s390x|x86_64)0:1.607-3.6.1(i586|ia64|ppc64|s390x|x86_64)0:1.66-3.3.1(i586|ppc64|s390x|x86_64)0:2013.1.7-0.6.5.1(i586|ppc64|s390x|x86_64)0:2013.1.7-0.6.12.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-59.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-62.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-71.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-74.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-79.2(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-84.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-87.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-94.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-101.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-108.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-111.2(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-112.5.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-112.10.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-112.20.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-112.23.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-112.28.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-112.38.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-112.41.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-112.45.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-112.53.1(i586|ia64|ppc64|s390x|x86_64)0:5.3.17-112.58.1(i586|ppc64|s390x|x86_64)0:5.3.17-112.71.1(i586|ppc64|s390x|x86_64)0:5.3.17-112.79.1(i586|ppc64|s390x|x86_64)0:5.3.17-112.93.1(i586|ppc64|s390x|x86_64)0:5.3.17-112.99.2(i586|ia64|ppc64|s390x|x86_64)0:2.0.79-4.8.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.79-4.9.3.3(i586|ia64|ppc64|s390x|x86_64)0:0.12.3-1.12.1(i586|ia64|ppc64|s390x|x86_64)0:0.12.3-1.13.3.2(i586|ia64|ppc64|s390x|x86_64)0:9.4.6-0.14.3(ppc64|s390x|x86_64)0:9.4.6-0.14.3(i586|ia64|ppc64|s390x|x86_64)0:9.4.9-0.19.1(ppc64|s390x|x86_64)0:9.4.9-0.19.1(i586|ia64|ppc64|s390x|x86_64)0:9.4.12-0.22.3(ppc64|s390x|x86_64)0:9.4.12-0.22.3(i586|ia64|ppc64|s390x|x86_64)0:9.4.13-0.23.5.1(ppc64|s390x|x86_64)0:9.4.13-0.23.5.1(i586|ia64|ppc64|s390x|x86_64)0:9.4.15-0.23.10.1(ppc64|s390x|x86_64)0:9.4.15-0.23.10.1(i586|ia64|ppc64|s390x|x86_64)0:9.4.16-0.23.13.2(ppc64|s390x|x86_64)0:9.4.16-0.23.13.2(i586|ia64|ppc64|s390x|x86_64)0:9.4.17-0.23.16.1(ppc64|s390x|x86_64)0:9.4.17-0.23.16.1(i586|ia64|ppc64|s390x|x86_64)0:9.4.19-0.23.19.1(ppc64|s390x|x86_64)0:9.4.19-0.23.19.1(i586|ia64|ppc64|s390x|x86_64)0:2.4.5.git-2.31.7(i586|ppc64|s390x|x86_64)0:2.4.5.git-2.32.3.1(i586|ia64|ppc64|s390x|x86_64)0:3.22-240.8.3.1(i586|ia64|ppc64|s390x|x86_64)0:3.2.7-152.31.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.26-0.5.3.1(i586|ia64|ppc64|s390x|x86_64)0:2.6.9-39.1(ppc64|s390x|x86_64)0:2.6.9-39.1(ia64)0:2.6.9-39.1(i586|ia64|ppc64|s390x|x86_64)0:2.6.9-40.3.1(ppc64|s390x|x86_64)0:2.6.9-40.3.1(ia64)0:2.6.9-40.3.1(i586|ia64|ppc64|s390x|x86_64)0:2.6.9-40.6.2(ppc64|s390x|x86_64)0:2.6.9-40.6.2(ia64)0:2.6.9-40.6.2(i586|ia64|ppc64|s390x|x86_64)0:2.6.9-40.15.1(ppc64|s390x|x86_64)0:2.6.9-40.15.1(ia64)0:2.6.9-40.15.1(i586|ia64|ppc64|s390x|x86_64)0:2.6.9-40.21.1(ppc64|s390x|x86_64)0:2.6.9-40.21.1(ia64)0:2.6.9-40.21.1(i586|ia64|ppc64|s390x|x86_64)0:2.6.9-40.21.2(ppc64|s390x|x86_64)0:2.6.9-40.21.2(ia64)0:2.6.9-40.21.2(i586|ppc64|s390x|x86_64)0:2.6.9-40.24.1(ppc64|s390x|x86_64)0:2.6.9-40.24.1(i586|ppc64|s390x|x86_64)0:2.6.9-40.29.1(ppc64|s390x|x86_64)0:2.6.9-40.29.1(i586|ppc64|s390x|x86_64)0:2.6.9-40.32.1(ppc64|s390x|x86_64)0:2.6.9-40.32.1(i586|ppc64|s390x|x86_64)0:2.6.9-40.32.2(ppc64|s390x|x86_64)0:2.6.9-40.32.2(i586|ppc64|s390x|x86_64)0:2.6.9-40.35.1(ppc64|s390x|x86_64)0:2.6.9-40.35.1(i586|ppc64|s390x|x86_64)0:2.6.9-40.35.2(ppc64|s390x|x86_64)0:2.6.9-40.35.2(i586|ppc64|s390x|x86_64)0:2.6.9-40.48.1(ppc64|s390x|x86_64)0:2.6.9-40.48.1(i586|ia64|ppc64|s390x|x86_64)0:1.8.0-6.4.1(i586|ia64|ppc64|s390x|x86_64)0:0.99.15-0.16.1(i586|ia64|ppc64|s390x|x86_64)0:0.99.15-0.21.1(i586|ia64|ppc64|s390x|x86_64)0:0.99.15-0.24.2(i586|ia64|ppc64|s390x|x86_64)0:0.99.15-0.29.1(i586|ia64|ppc64|s390x|x86_64)0:0.99.15-0.30.3.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.4-2.52.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.4-2.53.3.1(i586|ia64|ppc64|s390x|x86_64)0:3.0.4-2.53.6.1(i586|ia64|ppc64|s390x|x86_64)0:1.8.7.p357-0.9.19.1(i586|ia64|ppc64|s390|s390x|x86_64)0:0.12.21~rc-936.3.1(i586|ia64|ppc64|s390x|x86_64)0:1.34b-67.2(i586|ia64|ppc64|s390x|x86_64)0:3.6.3-67.2(ppc64|s390x|x86_64)0:3.6.3-67.2(ia64)0:3.6.3-67.2(i586|ia64|ppc64|s390x|x86_64)0:1.34b-76.1(i586|ia64|ppc64|s390x|x86_64)0:3.6.3-76.1(ppc64|s390x|x86_64)0:3.6.3-76.1(ia64)0:3.6.3-76.1(i586|ia64|ppc64|s390x|x86_64)0:1.34b-84.1(i586|ia64|ppc64|s390x|x86_64)0:3.6.3-84.1(ppc64|s390x|x86_64)0:3.6.3-84.1(ia64)0:3.6.3-84.1(i586|ia64|ppc64|s390x|x86_64)0:1.34b-87.1(i586|ia64|ppc64|s390x|x86_64)0:3.6.3-87.1(ppc64|s390x|x86_64)0:3.6.3-87.1(ia64)0:3.6.3-87.1(i586|ia64|ppc64|s390x|x86_64)0:1.34b-90.1(i586|ia64|ppc64|s390x|x86_64)0:3.6.3-90.1(ppc64|s390x|x86_64)0:3.6.3-90.1(ia64)0:3.6.3-90.1(i586|ia64|ppc64|s390x|x86_64)0:1.34b-93.1(i586|ia64|ppc64|s390x|x86_64)0:3.6.3-93.1(ppc64|s390x|x86_64)0:3.6.3-93.1(ia64)0:3.6.3-93.1(i586|ia64|ppc64|s390x|x86_64)0:1.34b-94.5.1(i586|ia64|ppc64|s390x|x86_64)0:3.6.3-94.5.1(ppc64|s390x|x86_64)0:3.6.3-94.5.1(ia64)0:3.6.3-94.5.1(i586|ia64|ppc64|s390x|x86_64)0:1.34b-94.8.1(i586|ia64|ppc64|s390x|x86_64)0:3.6.3-94.8.1(ppc64|s390x|x86_64)0:3.6.3-94.8.1(ia64)0:3.6.3-94.8.1(i586|ia64|ppc64|s390x|x86_64)0:1.34b-94.11.1(i586|ia64|ppc64|s390x|x86_64)0:3.6.3-94.11.1(ppc64|s390x|x86_64)0:3.6.3-94.11.1(ia64)0:3.6.3-94.11.1(i586|ia64|ppc64|s390x|x86_64)0:1.34b-94.14.2(i586|ia64|ppc64|s390x|x86_64)0:3.6.3-94.14.2(ppc64|s390x|x86_64)0:3.6.3-94.14.2(ia64)0:3.6.3-94.14.2(i586|ppc64|s390x|x86_64)0:1.34b-94.19.2(i586|ppc64|s390x|x86_64)0:3.6.3-94.19.2(ppc64|s390x|x86_64)0:3.6.3-94.19.2(i586|ppc64|s390x|x86_64)0:1.34b-94.23.1(i586|ppc64|s390x|x86_64)0:3.6.3-94.23.1(ppc64|s390x|x86_64)0:3.6.3-94.23.1(i586|ppc64|s390x|x86_64)0:1.34b-94.26.1(i586|ppc64|s390x|x86_64)0:3.6.3-94.26.1(ppc64|s390x|x86_64)0:3.6.3-94.26.1(i586|ppc64|s390x|x86_64)0:1.34b-94.31.1(i586|ppc64|s390x|x86_64)0:3.6.3-94.31.1(ppc64|s390x|x86_64)0:3.6.3-94.31.1(i586|ppc64|s390x|x86_64)0:1.34b-94.34.1(i586|ppc64|s390x|x86_64)0:3.6.3-94.34.1(ppc64|s390x|x86_64)0:3.6.3-94.34.1(i586|ia64|ppc64|s390x|x86_64)0:1.0.20-7.8.1(i586|ia64|ppc64|s390x|x86_64)0:1.7.0.0-1.18.2(i586|x86_64)0:0.12.4-5.1(i586|x86_64)0:0.12.4-8.1(i586|x86_64)0:0.12.4-11.1(i586|x86_64)0:0.12.4-15.1(i586|x86_64)0:0.12.4-18.1(i586|x86_64)0:0.12.4-21.1(i586|ia64|ppc64|s390x|x86_64)0:3.7.6.3-1.4.6.1(ppc64|s390x|x86_64)0:3.7.6.3-1.4.6.1(ia64)0:3.7.6.3-1.4.6.1(i586|ia64|ppc64|s390x|x86_64)0:3.7.6.3-1.4.7.3.1(ppc64|s390x|x86_64)0:3.7.6.3-1.4.7.3.1(ia64)0:3.7.6.3-1.4.7.3.1(i586|ppc64|s390x|x86_64)0:3.7.6.3-1.4.7.9.1(ppc64|s390x|x86_64)0:3.7.6.3-1.4.7.9.1(i586|ppc64|s390x|x86_64)0:3.7.6.3-1.4.7.12.1(ppc64|s390x|x86_64)0:3.7.6.3-1.4.7.12.1(i586|ppc64|s390x|x86_64)0:3.7.6.3-1.4.7.15.1(ppc64|s390x|x86_64)0:3.7.6.3-1.4.7.15.1(i586|ia64|ppc64|s390x|x86_64)0:2.7.STABLE5-2.12.29.1(i586|ppc64|s390x|x86_64)0:2.7.STABLE5-2.12.30.6.1(i586|ia64|ppc64|s390x|x86_64)0:3.1.23-8.16.30.1(i586|ia64|ppc64|s390x|x86_64)0:3.1.23-8.16.36.1(i586|ia64|ppc64|s390x|x86_64)0:3.1.23-8.16.37.3.1(i586|ia64|ppc64|s390x|x86_64)0:3.1.23-8.16.37.6.1(i586|ia64|ppc64|s390x|x86_64)0:3.1.23-8.16.37.9.1(i586|ppc64|s390x|x86_64)0:3.1.23-8.16.37.12.1(i586|ppc64|s390x|x86_64)0:3.1.23-8.16.37.15.1(i586|ppc64|s390x|x86_64)0:3.1.23-8.16.37.18.1(i586|ia64|ppc64|s390x|x86_64)0:1.4-13.10.1(i586|ia64|ppc64|s390x|x86_64)0:4.4.0-6.29.2(i586|ia64|ppc64|s390x|x86_64)0:4.4.0-6.35.1(i586|ia64|ppc64|s390x|x86_64)0:4.4.0-6.36.3.1(i586|ppc64|s390x|x86_64)0:4.4.0-6.36.9.1(i586|ppc64|s390x|x86_64)0:4.4.0-6.36.12.1(i586|ia64|ppc64|s390x|x86_64)0:1.7.6p2-0.29.1(i586|ppc64|s390x|x86_64)0:1.7.6p2-0.30.5.1(i586|ppc64|s390x|x86_64)0:2.0.9-27.34.40.5.1(i586|ia64|ppc64|s390x|x86_64)0:1.26-1.2.10.1(i586|ppc64|s390x|x86_64)0:1.27.1-14.8.1(i586|x86_64)0:20120115_1.7.0-0.5.5.1(i586|ia64|ppc64|s390x|x86_64)0:3.9.8-1.29.1(i586|ia64|ppc64|s390x|x86_64)0:3.9.8-1.30.5.1(i586|ia64|ppc64|s390x|x86_64)0:3.9.8-1.30.8.1(i586|ppc64|s390x|x86_64)0:3.9.8-1.30.13.1(i586|ppc64|s390x|x86_64)0:3.9.8-1.30.19.1(i586|ia64|ppc64|s390x|x86_64)0:3.8.2-141.163.1(ppc64|s390x|x86_64)0:3.8.2-141.163.1(ia64)0:3.8.2-141.163.1(i586|ia64|ppc64|s390x|x86_64)0:3.8.2-141.168.1(ppc64|s390x|x86_64)0:3.8.2-141.168.1(ia64)0:3.8.2-141.168.1(i586|ia64|ppc64|s390x|x86_64)0:3.8.2-141.169.3.1(ppc64|s390x|x86_64)0:3.8.2-141.169.3.1(ia64)0:3.8.2-141.169.3.1(i586|ia64|ppc64|s390x|x86_64)0:3.8.2-141.169.6.1(ppc64|s390x|x86_64)0:3.8.2-141.169.6.1(ia64)0:3.8.2-141.169.6.1(i586|ia64|ppc64|s390x|x86_64)0:3.8.2-141.169.9.1(ppc64|s390x|x86_64)0:3.8.2-141.169.9.1(ia64)0:3.8.2-141.169.9.1(i586|ia64|ppc64|s390x|x86_64)0:3.8.2-141.169.16.1(ppc64|s390x|x86_64)0:3.8.2-141.169.16.1(ia64)0:3.8.2-141.169.16.1(i586|ia64|ppc64|s390x|x86_64)0:3.8.2-141.169.19.1(ppc64|s390x|x86_64)0:3.8.2-141.169.19.1(ia64)0:3.8.2-141.169.19.1(i586|ia64|ppc64|s390x|x86_64)0:3.8.2-141.169.22.1(ppc64|s390x|x86_64)0:3.8.2-141.169.22.1(ia64)0:3.8.2-141.169.22.1(i586|ia64|ppc64|s390x|x86_64)0:3.8.2-141.169.26.1(ppc64|s390x|x86_64)0:3.8.2-141.169.26.1(ia64)0:3.8.2-141.169.26.1(i586|ia64|ppc64|s390x|x86_64)0:3.8.2-141.169.31.1(ppc64|s390x|x86_64)0:3.8.2-141.169.31.1(ia64)0:3.8.2-141.169.31.1(i586|ppc64|s390x|x86_64)0:3.8.2-141.169.34.1(ppc64|s390x|x86_64)0:3.8.2-141.169.34.1(i586|ppc64|s390x|x86_64)0:1.3.9-81.15.3.1(noarch)0:6.0.41-0.47.1(i586|ia64|ppc64|s390x|x86_64)0:3.2.5-160.3.2(i586|ppc64|s390x|x86_64)0:3.2.8a-1.160.13.1(i586|ppc64|s390x|x86_64)0:3.2.8b-160.16.2(i586|ia64|ppc64|s390x|x86_64)0:3.80.2-4.1(i586|ia64|ppc64|s390x|x86_64)0:5.6.1-5.3.1(i586|ia64|ppc64|s390x|x86_64)0:6.00-11.17.1(i586|ia64|ppc64|s390x|x86_64)0:6.00-11.18.3.1(i586|ia64|ppc64|s390x|x86_64)0:6.00-11.18.8.1(i586|ia64|ppc64|s390x|x86_64)0:7.2-8.17.1(i586|ia64|ppc64|s390x|x86_64)0:7.2-8.20.8(i586|ppc64|s390x|x86_64)0:7.2-8.21.3.1(i586|ppc64|s390x|x86_64)0:7.2-8.21.6.2(i586|ia64|ppc64|s390x|x86_64)0:0.5.3.git20161120-4.1(i586|ia64|ppc64|s390x|x86_64)0:4.50.1-1.27.1(i586|ia64|ppc64|s390x|x86_64)0:4.50.1-1.30.1(i586|ppc64|s390x|x86_64)0:4.50.1-1.33.1(i586|ia64|ppc64|s390x|x86_64)0:1.12.11-0.18.1(i586|ia64|ppc64|s390x|x86_64)0:1.12.13-0.23.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.12-36.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.13-39.1(i586|ia64|ppc64|s390x|x86_64)0:2.0.14-40.7.1(i586|ia64|ppc64|s390x|x86_64)0:0.4.5-2.7.2.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.11-40.14.5(i586|ia64|ppc64|s390x|x86_64)0:19-234.18.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.12-40.17.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.13-40.22.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.14-40.25.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.16-40.28.1(i586|ia64|ppc64|s390x|x86_64)0:2.2.17-40.31.1(i586|ia64|ppc64|s390x|x86_64)0:0.7.1-6.18.3.1(i586|ia64|ppc64|s390x|x86_64)0:0.7.1-6.18.6.1(x86_64)0:4.4.2_10-5.1(i586|x86_64)0:4.4.2_10_3.0.101_63-5.1(i586)0:4.4.2_10_3.0.101_63-5.1(i586|x86_64)0:4.4.2_10-5.1(x86_64)0:4.4.3_02-26.2(i586|x86_64)0:4.4.3_02_3.0.101_65-26.2(i586)0:4.4.3_02_3.0.101_65-26.2(i586|x86_64)0:4.4.3_02-26.2(x86_64)0:4.4.4_02-32.1(i586|x86_64)0:4.4.4_02_3.0.101_68-32.1(i586)0:4.4.4_02_3.0.101_68-32.1(i586|x86_64)0:4.4.4_02-32.1(x86_64)0:4.4.4_07-37.1(i586|x86_64)0:4.4.4_07_3.0.101_77-37.1(i586)0:4.4.4_07_3.0.101_77-37.1(i586|x86_64)0:4.4.4_07-37.1(x86_64)0:4.4.4_08-40.2(i586|x86_64)0:4.4.4_08_3.0.101_80-40.2(i586)0:4.4.4_08_3.0.101_80-40.2(i586|x86_64)0:4.4.4_08-40.2(x86_64)0:4.4.4_10-43.5(i586|x86_64)0:4.4.4_10_3.0.101_88-43.5(i586)0:4.4.4_10_3.0.101_88-43.5(i586|x86_64)0:4.4.4_10-43.5(x86_64)0:4.4.4_12-46.1(i586|x86_64)0:4.4.4_12_3.0.101_91-46.1(i586)0:4.4.4_12_3.0.101_91-46.1(i586|x86_64)0:4.4.4_12-46.1(x86_64)0:4.4.4_14-51.1(i586|x86_64)0:4.4.4_14_3.0.101_94-51.1(i586)0:4.4.4_14_3.0.101_94-51.1(i586|x86_64)0:4.4.4_14-51.1(x86_64)0:4.4.4_16-54.1(i586|x86_64)0:4.4.4_16_3.0.101_97-54.1(i586)0:4.4.4_16_3.0.101_97-54.1(i586|x86_64)0:4.4.4_16-54.1(x86_64)0:4.4.4_18-57.1(i586|x86_64)0:4.4.4_18_3.0.101_97-57.1(i586)0:4.4.4_18_3.0.101_97-57.1(i586|x86_64)0:4.4.4_18-57.1(x86_64)0:4.4.4_20-60.3(i586|x86_64)0:4.4.4_20_3.0.101_104-60.3(i586)0:4.4.4_20_3.0.101_104-60.3(i586|x86_64)0:4.4.4_20-60.3(x86_64)0:4.4.4_22-61.9.2(i586|x86_64)0:4.4.4_22_3.0.101_108.7-61.9.2(i586)0:4.4.4_22_3.0.101_108.7-61.9.2(i586|x86_64)0:4.4.4_22-61.9.2(x86_64)0:4.4.4_24-61.12.1(i586|x86_64)0:4.4.4_24_3.0.101_108.10-61.12.1(i586)0:4.4.4_24_3.0.101_108.10-61.12.1(i586|x86_64)0:4.4.4_24-61.12.1(x86_64)0:4.4.4_26-61.17.1(i586|x86_64)0:4.4.4_26_3.0.101_108.13-61.17.1(i586)0:4.4.4_26_3.0.101_108.13-61.17.1(i586|x86_64)0:4.4.4_26-61.17.1(x86_64)0:4.4.4_28-61.23.2(i586|x86_64)0:4.4.4_28_3.0.101_108.35-61.23.2(i586)0:4.4.4_28_3.0.101_108.35-61.23.2(i586|x86_64)0:4.4.4_28-61.23.2(x86_64)0:4.4.4_30-61.26.1(i586|x86_64)0:4.4.4_30_3.0.101_108.38-61.26.1(i586)0:4.4.4_30_3.0.101_108.38-61.26.1(i586|x86_64)0:4.4.4_30-61.26.1(x86_64)0:4.4.4_32-61.29.2(i586|x86_64)0:4.4.4_32_3.0.101_108.52-61.29.2(i586)0:4.4.4_32_3.0.101_108.52-61.29.2(i586|x86_64)0:4.4.4_32-61.29.2(x86_64)0:4.4.4_34-61.32.1(i586|x86_64)0:4.4.4_34_3.0.101_108.57-61.32.1(i586)0:4.4.4_34_3.0.101_108.57-61.32.1(i586|x86_64)0:4.4.4_34-61.32.1(x86_64)0:4.4.4_36-61.37.2(i586|x86_64)0:4.4.4_36_3.0.101_108.68-61.37.2(i586)0:4.4.4_36_3.0.101_108.68-61.37.2(i586|x86_64)0:4.4.4_36-61.37.2(x86_64)0:4.4.4_38-61.40.1(i586|x86_64)0:4.4.4_38_3.0.101_108.84-61.40.1(i586)0:4.4.4_38_3.0.101_108.84-61.40.1(i586|x86_64)0:4.4.4_38-61.40.1(x86_64)0:4.4.4_40-61.43.2(i586|x86_64)0:4.4.4_40_3.0.101_108.87-61.43.2(i586)0:4.4.4_40_3.0.101_108.87-61.43.2(i586|x86_64)0:4.4.4_40-61.43.2(x86_64)0:4.4.4_40-61.46.2(i586|x86_64)0:4.4.4_40_3.0.101_108.90-61.46.2(i586)0:4.4.4_40_3.0.101_108.90-61.46.2(i586|x86_64)0:4.4.4_40-61.46.2(x86_64)0:4.4.4_40-61.49.1(i586|x86_64)0:4.4.4_40_3.0.101_108.101-61.49.1(i586)0:4.4.4_40_3.0.101_108.101-61.49.1(i586|x86_64)0:4.4.4_40-61.49.1(x86_64)0:4.4.4_42-61.52.1(i586|x86_64)0:4.4.4_42_3.0.101_108.114-61.52.1(i586)0:4.4.4_42_3.0.101_108.114-61.52.1(i586|x86_64)0:4.4.4_42-61.52.1(x86_64)0:4.4.4_44-61.55.1(i586|x86_64)0:4.4.4_44_3.0.101_108.117-61.55.1(i586)0:4.4.4_44_3.0.101_108.117-61.55.1(i586|x86_64)0:4.4.4_44-61.55.1(x86_64)0:4.4.4_46-61.58.1(i586|x86_64)0:4.4.4_46_3.0.101_108.117-61.58.1(i586)0:4.4.4_46_3.0.101_108.117-61.58.1(i586|x86_64)0:4.4.4_46-61.58.1(x86_64)0:4.4.4_48-61.61.1(i586|x86_64)0:4.4.4_48_3.0.101_108.117-61.61.1(i586)0:4.4.4_48_3.0.101_108.117-61.61.1(i586|x86_64)0:4.4.4_48-61.61.1(x86_64)0:4.4.4_48-61.64.1(i586|x86_64)0:4.4.4_48_3.0.101_108.123-61.64.1(i586)0:4.4.4_48_3.0.101_108.123-61.64.1(i586|x86_64)0:4.4.4_48-61.64.1(x86_64)0:4.4.4_50-61.67.1(i586|x86_64)0:4.4.4_50_3.0.101_108.129-61.67.1(i586)0:4.4.4_50_3.0.101_108.129-61.67.1(i586|x86_64)0:4.4.4_50-61.67.1(x86_64)0:4.4.4_52-61.70.1(i586|x86_64)0:4.4.4_52_3.0.101_108.132-61.70.1(i586)0:4.4.4_52_3.0.101_108.132-61.70.1(i586|x86_64)0:4.4.4_52-61.70.1(x86_64)0:4.4.3_06-29.1(i586|x86_64)0:4.4.3_06_3.0.101_65-29.1(i586)0:4.4.3_06_3.0.101_65-29.1(i586|x86_64)0:4.4.3_06-29.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-3.1(ppc64|s390x|x86_64)0:7.4-3.1(ia64)0:7.4-3.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-5.11.65.1(ppc64|s390x|x86_64)0:7.4-5.11.65.1(ia64)0:7.4-5.11.65.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-5.11.68.1(ppc64|s390x|x86_64)0:7.4-5.11.68.1(ia64)0:7.4-5.11.68.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-5.11.72.9.1(ppc64|s390x|x86_64)0:7.4-5.11.72.9.1(ia64)0:7.4-5.11.72.9.1(i586|ppc64|s390x|x86_64)0:7.4-5.11.72.15.1(ppc64|s390x|x86_64)0:7.4-5.11.72.15.1(i586|ppc64|s390x|x86_64)0:7.4-5.11.72.18.1(ppc64|s390x|x86_64)0:7.4-5.11.72.18.1(i586|ppc64|s390x|x86_64)0:7.4-5.11.72.27.1(ppc64|s390x|x86_64)0:7.4-5.11.72.27.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-1.20.1(ppc64|s390x|x86_64)0:7.4-1.20.1(ia64)0:7.4-1.20.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-8.26.49.1(ppc64|s390x|x86_64)0:7.4-8.26.49.1(ia64)0:7.4-8.26.49.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-8.26.50.5.3(ppc64|s390x|x86_64)0:7.4-8.26.50.5.3(ia64)0:7.4-8.26.50.5.3(i586|ia64|ppc64|s390x|x86_64)0:7.4-8.26.50.8.1(ppc64|s390x|x86_64)0:7.4-8.26.50.8.1(ia64)0:7.4-8.26.50.8.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-27.118.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-27.121.2(i586|ia64|ppc64|s390x|x86_64)0:7.4-27.122.16.1(i586|ia64|ppc64|s390x|x86_64)0:7.4-27.122.21.1(i586|ppc64|s390x|x86_64)0:7.4-27.122.26.1(i586|ppc64|s390x|x86_64)0:7.4-27.122.29.1(i586|ppc64|s390x|x86_64)0:7.4-27.122.37.1(i586|ppc64|s390x|x86_64)0:7.4-27.122.40.1(i586|ppc64|s390x|x86_64)0:7.4-27.122.43.1(i586|ppc64|s390x|x86_64)0:7.4-27.122.46.1(i586|ppc64|s390x|x86_64)0:238-3.3.1(i586|ppc64|s390x|x86_64)0:5.0.3-0.12.7.1(ppc64|s390x|x86_64)0:5.0.3-0.12.7.1(i586|ia64|ppc64|s390x|x86_64)0:2.17.161-5.1(i586|ia64|ppc64|s390x|x86_64)0:1.2.7-0.14.1(ppc64|s390x|x86_64)0:1.2.7-0.14.1(ia64)0:1.2.7-0.14.1(i586|ppc64|s390x|x86_64)0:1.2.7-0.17.3.1(ppc64|s390x|x86_64)0:1.2.7-0.17.3.1(i586|ia64|ppc64|s390x|x86_64)0:4.3.6-67.9.3.1(i586|ppc64|s390x|x86_64)0:4.3.6-67.9.8.1