846404 – (CVE-2013-4299) VUL-1: CVE-2013-4299: kernel: dm: dm-snapshot data leak

Bug 846404 (CVE-2013-4299) - VUL-1: CVE-2013-4299: kernel: dm: dm-snapshot data leak

Summary: VUL-1: CVE-2013-4299: kernel: dm: dm-snapshot data leak

Status:	RESOLVED FIXED

Alias:	CVE-2013-4299

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Normal
Target Milestone:	---
Deadline:	2014-07-29
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:	maint:released:sle11-sp1:57694 main...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2013-10-17 12:00 UTC by Victor Pereira
Modified:	2015-04-30 19:10 UTC (History)
CC List:	5 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
attempt to backport to 11sp1 (2.67 KB, patch) 2013-12-13 09:54 UTC, Michal Hocko	Details \| Diff
Patch backported to sle10 (1.94 KB, patch) 2014-06-03 07:00 UTC, Neil Brown	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Victor Pereira 2013-10-17 12:00:55 UTC

CVE-2013-4299

An attacker could construct a mapping to read data from disk blocks in 'free space' that is normally inaccessible.

References:
https://rhn.redhat.com/errata/RHSA-2013-1436.html
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4299
https://bugzilla.redhat.com/show_bug.cgi?id=1004233
https://bugzilla.redhat.com/attachment.cgi?id=812893&action=diff (proposed patch)

Comment 1 Swamp Workflow Management 2013-10-17 22:00:27 UTC

bugbot adjusting priority

Comment 2 Michal Hocko 2013-12-13 09:32:00 UTC

Upstream http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e9c6a182649f4259db704ae15a91ac820e63b0ca

Comment 3 Michal Hocko 2013-12-13 09:54:09 UTC

Created attachment 571684 [details]
attempt to backport to 11sp1

This is missing NUM_SNAPSHOT_HDR_CHUNKS which has been introduced by 4454a6216f75a introduced in 2.6.33 and we do not have it. The patch description is obscure enough for me to understand when was the issue introduced.

Comment 8 Takashi Iwai 2014-03-25 11:59:03 UTC

openSUSE 13.1 already contains the fix.  The upstream commit in 3.12-rc6, so SLE12 and later are OK.

Comment 9 Neil Brown 2014-06-03 06:56:03 UTC

Sorry that I kept missing this - NEEDINFO really helps, thanks  Jiri.

I've applied the upstream fix to 11-SP3 and 11-SP2.
Your backport to 11-SP1 is fine.  Shall I leave that to you?

SLE10 does have the bug, though it is in a different file.  I'll attach a patch.

I don't have a SLE9 tree anywhere, but snapshots arrived in 2.6.9 and SLE9 was 2.6.5, so unless we backported it, the bug isn't in SLE9.

Comment 10 Neil Brown 2014-06-03 07:00:53 UTC

Created attachment 593069 [details]
Patch backported to sle10

Should I add this to SLE10, or will you?

Comment 16 Swamp Workflow Management 2014-06-04 13:57:00 UTC

An update workflow for this issue was started.
This issue was rated as critical.
Please submit fixed packages until 2014-06-06.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/57692

Comment 17 Neil Brown 2014-06-10 02:48:13 UTC

I think the patches have been applied to all relevant kernels now, so closing the bug.

Comment 18 Swamp Workflow Management 2014-06-10 21:04:36 UTC

Update released for: kernel-debug, kernel-debug-base, kernel-debug-debuginfo, kernel-debug-debugsource, kernel-debug-devel, kernel-debug-devel-debuginfo, kernel-debug-extra, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-docs, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra
Products:
SLE-SERVER 11-SP1-TERADATA (x86_64)

Comment 19 Swamp Workflow Management 2014-07-09 10:24:12 UTC

An update workflow for this issue was started.
This issue was rated as important.
Please submit fixed packages until 2014-07-16.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/58208

Comment 20 Neil Brown 2014-07-10 04:54:56 UTC

I don't really know what (or who) comment #19 is asking for, as comment #17 states that the patches are already applied to relevant kernels.
So reassigning to security-team as requested...

Comment 21 Swamp Workflow Management 2014-07-11 10:04:41 UTC

Update released for: kernel-debug, kernel-debug-debuginfo, kernel-default, kernel-default-debuginfo, kernel-dummy, kernel-kdump, kernel-kdump-debuginfo, kernel-smp, kernel-smp-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-xen, kernel-xen-debuginfo
Products:
SLE-SERVER 10-SP3-TERADATA (x86_64)

Comment 23 Swamp Workflow Management 2014-07-15 11:54:54 UTC

An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2014-07-29.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/58308

Comment 24 Swamp Workflow Management 2014-07-16 17:57:23 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-ppc64, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-ppc64, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-extra, kernel-default-hmac, kernel-ppc64, kernel-ppc64-base, kernel-ppc64-debuginfo, kernel-ppc64-debugsource, kernel-ppc64-devel, kernel-ppc64-extra, kernel-ppc64-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-ppc64, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (ppc64)
SLE-HAE 11-SP3 (ppc64)
SLE-SERVER 11-SP3 (ppc64)

Comment 25 Swamp Workflow Management 2014-07-16 18:58:37 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-devel, kernel-pae-devel-debuginfo, kernel-pae-extra, kernel-pae-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-pae, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (i386)
SLE-DESKTOP 11-SP3 (i386)
SLE-HAE 11-SP3 (i386)
SLE-SERVER 11-SP3 (i386)
SLES4VMWARE 11-SP3 (i386)

Comment 26 Swamp Workflow Management 2014-07-16 19:07:20 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (s390x)
SLE-HAE 11-SP3 (s390x)
SLE-SERVER 11-SP3 (s390x)

Comment 27 Swamp Workflow Management 2014-07-16 19:35:02 UTC

Update released for: cluster-network-kmp-rt, cluster-network-kmp-rt_trace, drbd-kmp-rt, drbd-kmp-rt_trace, iscsitarget-kmp-rt, iscsitarget-kmp-rt_trace, kernel-rt, kernel-rt-base, kernel-rt-debuginfo, kernel-rt-debugsource, kernel-rt-devel, kernel-rt-devel-debuginfo, kernel-rt-extra, kernel-rt-hmac, kernel-rt_trace, kernel-rt_trace-base, kernel-rt_trace-debuginfo, kernel-rt_trace-debugsource, kernel-rt_trace-devel, kernel-rt_trace-devel-debuginfo, kernel-rt_trace-extra, kernel-rt_trace-hmac, kernel-source-rt, kernel-syms-rt, lttng-modules-kmp-rt, lttng-modules-kmp-rt_trace, ocfs2-kmp-rt, ocfs2-kmp-rt_trace, ofed-kmp-rt, ofed-kmp-rt_trace
Products:
SLE-DEBUGINFO 11-SP3 (x86_64)
SLE-RT 11-SP3 (x86_64)

Comment 28 Swamp Workflow Management 2014-07-16 20:49:33 UTC

Update released for: cluster-network-kmp-bigsmp, drbd-kmp-bigsmp, gfs2-kmp-bigsmp, iscsitarget-kmp-bigsmp, kernel-bigsmp, kernel-bigsmp-base, kernel-bigsmp-debuginfo, kernel-bigsmp-debugsource, kernel-bigsmp-devel, kernel-bigsmp-devel-debuginfo, kernel-bigsmp-extra, kernel-bigsmp-hmac, ocfs2-kmp-bigsmp, ofed-kmp-bigsmp, oracleasm-kmp-bigsmp
Products:
SLE-DEBUGINFO 11-SP3 (x86_64)
SLE-DESKTOP 11-SP3 (x86_64)
SLE-HAE 11-SP3 (x86_64)
SLE-SERVER 11-SP3 (x86_64)
SLES4VMWARE 11-SP3 (x86_64)

Comment 29 Swamp Workflow Management 2014-07-16 21:09:12 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (x86_64)
SLE-DESKTOP 11-SP3 (x86_64)
SLE-HAE 11-SP3 (x86_64)
SLE-SERVER 11-SP3 (x86_64)
SLES4VMWARE 11-SP3 (x86_64)

Comment 30 Swamp Workflow Management 2014-07-16 21:21:40 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (ia64)
SLE-HAE 11-SP3 (ia64)
SLE-SERVER 11-SP3 (ia64)

Comment 31 Swamp Workflow Management 2014-07-17 01:11:53 UTC

SUSE-OU-2014:0907-1: An update that solves 28 vulnerabilities and has 76 fixes is now available.

Category: optional (important)
Bug References: 767610,786450,792271,821619,832710,837563,840524,846404,846690,847652,850915,851426,851603,852553,855126,857926,858869,858870,858872,859840,861636,861980,862429,862934,863300,863335,863410,863873,864404,864464,865310,865330,865882,866081,866102,866615,866800,866864,867362,867517,867531,867723,867953,868488,868528,868653,868748,869033,869414,869563,869934,870173,870335,870450,870496,870498,870576,870591,870618,870877,870958,871561,871634,871676,871728,871854,871861,871899,872188,872540,872634,873061,873374,873463,874108,874145,874440,874577,875386,876102,876114,876176,876463,877013,877257,877497,877775,878115,878123,878274,878407,878509,879921,879957,880007,880357,880437,880484,881571,881761,881939,882324,883380,883795
CVE References: CVE-2012-2372,CVE-2013-2929,CVE-2013-4299,CVE-2013-4579,CVE-2013-6382,CVE-2013-7339,CVE-2014-0055,CVE-2014-0077,CVE-2014-0101,CVE-2014-0131,CVE-2014-0155,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1874,CVE-2014-2309,CVE-2014-2523,CVE-2014-2678,CVE-2014-2851,CVE-2014-3122,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656
Sources used:
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    kernel-bigsmp-3.0.101-0.35.1
SUSE Linux Enterprise Server 11 SP3 (src):    iscsitarget-1.4.20-0.38.63, kernel-bigsmp-3.0.101-0.35.1, ofed-1.5.4.1-0.13.69, oracleasm-2.0.5-7.39.71
SUSE Linux Enterprise High Availability Extension 11 SP3 (src):    cluster-network-1.4-2.27.78, drbd-kmp-8.4.4-0.22.44, gfs2-2-0.16.84, ocfs2-1.6-0.20.78
SUSE Linux Enterprise Desktop 11 SP3 (src):    kernel-bigsmp-3.0.101-0.35.1
SLE 11 SERVER Unsupported Extras (src):    kernel-bigsmp-3.0.101-0.35.1

Comment 32 Swamp Workflow Management 2014-07-17 02:13:42 UTC

SUSE-SU-2014:0908-1: An update that solves 30 vulnerabilities and has 76 fixes is now available.

Category: security (important)
Bug References: 767610,786450,792271,821619,832710,837563,840524,846404,846690,847652,850915,851426,851603,852553,855126,857926,858869,858870,858872,859840,861636,861980,862429,862934,863300,863335,863410,863873,864404,864464,865310,865330,865882,866081,866102,866615,866800,866864,867362,867517,867531,867723,867953,868488,868528,868653,868748,869033,869414,869563,869934,870173,870335,870450,870496,870498,870576,870591,870618,870877,870958,871561,871634,871676,871728,871854,871861,871899,872188,872540,872634,873061,873374,873463,874108,874145,874440,874577,875386,876102,876114,876176,876463,877013,877257,877497,877775,878115,878123,878274,878407,878509,879921,879957,880007,880357,880437,880484,881571,881761,881939,882324,883380,883724,883795,885725
CVE References: CVE-2012-2372,CVE-2013-2929,CVE-2013-4299,CVE-2013-4579,CVE-2013-6382,CVE-2013-7339,CVE-2014-0055,CVE-2014-0077,CVE-2014-0101,CVE-2014-0131,CVE-2014-0155,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1874,CVE-2014-2309,CVE-2014-2523,CVE-2014-2678,CVE-2014-2851,CVE-2014-3122,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4508,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4699
Sources used:
SUSE Linux Enterprise Real Time Extension 11 SP3 (src):    cluster-network-1.4-2.27.79, drbd-kmp-8.4.4-0.22.45, iscsitarget-1.4.20-0.38.64, kernel-rt-3.0.101.rt130-0.24.1, kernel-rt_trace-3.0.101.rt130-0.24.1, kernel-source-rt-3.0.101.rt130-0.24.1, kernel-syms-rt-3.0.101.rt130-0.24.1, lttng-modules-2.1.1-0.11.57, ocfs2-1.6-0.20.79, ofed-1.5.4.1-0.13.70

Comment 33 Swamp Workflow Management 2014-07-17 02:42:49 UTC

SUSE-SU-2014:0909-1: An update that solves 30 vulnerabilities and has 76 fixes is now available.

Category: security (important)
Bug References: 767610,786450,792271,821619,832710,837563,840524,846404,846690,847652,850915,851426,851603,852553,855126,857926,858869,858870,858872,859840,861636,861980,862429,862934,863300,863335,863410,863873,864404,864464,865310,865330,865882,866081,866102,866615,866800,866864,867362,867517,867531,867723,867953,868488,868528,868653,868748,869033,869414,869563,869934,870173,870335,870450,870496,870498,870576,870591,870618,870877,870958,871561,871634,871676,871728,871854,871861,871899,872188,872540,872634,873061,873374,873463,874108,874145,874440,874577,875386,876102,876114,876176,876463,877013,877257,877497,877775,878115,878123,878274,878407,878509,879921,879957,880007,880357,880437,880484,881571,881761,881939,882324,883380,883724,883795,885725
CVE References: CVE-2012-2372,CVE-2013-2929,CVE-2013-4299,CVE-2013-4579,CVE-2013-6382,CVE-2013-7339,CVE-2014-0055,CVE-2014-0077,CVE-2014-0101,CVE-2014-0131,CVE-2014-0155,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1874,CVE-2014-2309,CVE-2014-2523,CVE-2014-2678,CVE-2014-2851,CVE-2014-3122,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4508,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4699
Sources used:
SUSE Linux Enterprise Real Time Extension 11 SP3 (src):    cluster-network-1.4-2.27.79, drbd-kmp-8.4.4-0.22.45, iscsitarget-1.4.20-0.38.64, kernel-rt-3.0.101.rt130-0.24.1, kernel-rt_trace-3.0.101.rt130-0.24.1, kernel-source-rt-3.0.101.rt130-0.24.1, kernel-syms-rt-3.0.101.rt130-0.24.1, lttng-modules-2.1.1-0.11.57, ocfs2-1.6-0.20.79, ofed-1.5.4.1-0.13.70

Comment 34 Swamp Workflow Management 2014-07-17 03:16:01 UTC

SUSE-SU-2014:0910-1: An update that solves 29 vulnerabilities and has 76 fixes is now available.

Category: security (important)
Bug References: 767610,786450,792271,821619,832710,837563,840524,846404,846690,847652,850915,851426,851603,852553,855126,857926,858869,858870,858872,859840,861636,861980,862429,862934,863300,863335,863410,863873,864404,864464,865310,865330,865882,866081,866102,866615,866800,866864,867362,867517,867531,867723,867953,868488,868528,868653,868748,869033,869414,869563,869934,870173,870335,870450,870496,870498,870576,870591,870618,870877,870958,871561,871634,871676,871728,871854,871861,871899,872188,872540,872634,873061,873374,873463,874108,874145,874440,874577,875386,876102,876114,876176,876463,877013,877257,877497,877775,878115,878123,878274,878407,878509,879921,879957,880007,880357,880437,880484,881571,881761,881939,882324,883380,883795,885725
CVE References: CVE-2012-2372,CVE-2013-2929,CVE-2013-4299,CVE-2013-4579,CVE-2013-6382,CVE-2013-7339,CVE-2014-0055,CVE-2014-0077,CVE-2014-0101,CVE-2014-0131,CVE-2014-0155,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1874,CVE-2014-2309,CVE-2014-2523,CVE-2014-2678,CVE-2014-2851,CVE-2014-3122,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4699
Sources used:
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    kernel-default-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-source-3.0.101-0.35.1, kernel-syms-3.0.101-0.35.1, kernel-trace-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1
SUSE Linux Enterprise Server 11 SP3 (src):    kernel-default-3.0.101-0.35.1, kernel-ec2-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-ppc64-3.0.101-0.35.1, kernel-source-3.0.101-0.35.1, kernel-syms-3.0.101-0.35.1, kernel-trace-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1, xen-4.2.4_02-0.7.45
SUSE Linux Enterprise High Availability Extension 11 SP3 (src):    cluster-network-1.4-2.27.78, gfs2-2-0.16.84, ocfs2-1.6-0.20.78
SUSE Linux Enterprise Desktop 11 SP3 (src):    kernel-default-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-source-3.0.101-0.35.1, kernel-syms-3.0.101-0.35.1, kernel-trace-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1, xen-4.2.4_02-0.7.45
SLE 11 SERVER Unsupported Extras (src):    kernel-default-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-ppc64-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1

Comment 35 Swamp Workflow Management 2014-07-17 03:55:43 UTC

SUSE-SU-2014:0911-1: An update that solves 29 vulnerabilities and has 76 fixes is now available.

Category: security (important)
Bug References: 767610,786450,792271,821619,832710,837563,840524,846404,846690,847652,850915,851426,851603,852553,855126,857926,858869,858870,858872,859840,861636,861980,862429,862934,863300,863335,863410,863873,864404,864464,865310,865330,865882,866081,866102,866615,866800,866864,867362,867517,867531,867723,867953,868488,868528,868653,868748,869033,869414,869563,869934,870173,870335,870450,870496,870498,870576,870591,870618,870877,870958,871561,871634,871676,871728,871854,871861,871899,872188,872540,872634,873061,873374,873463,874108,874145,874440,874577,875386,876102,876114,876176,876463,877013,877257,877497,877775,878115,878123,878274,878407,878509,879921,879957,880007,880357,880437,880484,881571,881761,881939,882324,883380,883795,885725
CVE References: CVE-2012-2372,CVE-2013-2929,CVE-2013-4299,CVE-2013-4579,CVE-2013-6382,CVE-2013-7339,CVE-2014-0055,CVE-2014-0077,CVE-2014-0101,CVE-2014-0131,CVE-2014-0155,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1874,CVE-2014-2309,CVE-2014-2523,CVE-2014-2678,CVE-2014-2851,CVE-2014-3122,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4699
Sources used:
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    kernel-default-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-source-3.0.101-0.35.1, kernel-syms-3.0.101-0.35.1, kernel-trace-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1
SUSE Linux Enterprise Server 11 SP3 (src):    kernel-default-3.0.101-0.35.1, kernel-ec2-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-ppc64-3.0.101-0.35.1, kernel-source-3.0.101-0.35.1, kernel-syms-3.0.101-0.35.1, kernel-trace-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1, xen-4.2.4_02-0.7.45
SUSE Linux Enterprise High Availability Extension 11 SP3 (src):    cluster-network-1.4-2.27.78, gfs2-2-0.16.84, ocfs2-1.6-0.20.78
SUSE Linux Enterprise Desktop 11 SP3 (src):    kernel-default-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-source-3.0.101-0.35.1, kernel-syms-3.0.101-0.35.1, kernel-trace-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1, xen-4.2.4_02-0.7.45
SLE 11 SERVER Unsupported Extras (src):    kernel-default-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-ppc64-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1

Comment 36 Swamp Workflow Management 2014-07-17 04:13:28 UTC

Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (ia64)

Comment 37 Swamp Workflow Management 2014-07-17 04:41:58 UTC

SUSE-SU-2014:0912-1: An update that solves 29 vulnerabilities and has 76 fixes is now available.

Category: security (important)
Bug References: 767610,786450,792271,821619,832710,837563,840524,846404,846690,847652,850915,851426,851603,852553,855126,857926,858869,858870,858872,859840,861636,861980,862429,862934,863300,863335,863410,863873,864404,864464,865310,865330,865882,866081,866102,866615,866800,866864,867362,867517,867531,867723,867953,868488,868528,868653,868748,869033,869414,869563,869934,870173,870335,870450,870496,870498,870576,870591,870618,870877,870958,871561,871634,871676,871728,871854,871861,871899,872188,872540,872634,873061,873374,873463,874108,874145,874440,874577,875386,876102,876114,876176,876463,877013,877257,877497,877775,878115,878123,878274,878407,878509,879921,879957,880007,880357,880437,880484,881571,881761,881939,882324,883380,883795,885725
CVE References: CVE-2012-2372,CVE-2013-2929,CVE-2013-4299,CVE-2013-4579,CVE-2013-6382,CVE-2013-7339,CVE-2014-0055,CVE-2014-0077,CVE-2014-0101,CVE-2014-0131,CVE-2014-0155,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1874,CVE-2014-2309,CVE-2014-2523,CVE-2014-2678,CVE-2014-2851,CVE-2014-3122,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4699
Sources used:
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    kernel-default-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-source-3.0.101-0.35.1, kernel-syms-3.0.101-0.35.1, kernel-trace-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1
SUSE Linux Enterprise Server 11 SP3 (src):    kernel-default-3.0.101-0.35.1, kernel-ec2-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-ppc64-3.0.101-0.35.1, kernel-source-3.0.101-0.35.1, kernel-syms-3.0.101-0.35.1, kernel-trace-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1, xen-4.2.4_02-0.7.45
SUSE Linux Enterprise High Availability Extension 11 SP3 (src):    cluster-network-1.4-2.27.78, gfs2-2-0.16.84, ocfs2-1.6-0.20.78
SUSE Linux Enterprise Desktop 11 SP3 (src):    kernel-default-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-source-3.0.101-0.35.1, kernel-syms-3.0.101-0.35.1, kernel-trace-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1, xen-4.2.4_02-0.7.45
SLE 11 SERVER Unsupported Extras (src):    kernel-default-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-ppc64-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1

Comment 38 Swamp Workflow Management 2014-07-17 05:15:34 UTC

Update released for: kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)

Comment 39 Swamp Workflow Management 2014-07-17 06:04:39 UTC

Update released for: kernel-bigsmp-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)

Comment 40 Swamp Workflow Management 2014-07-17 06:45:33 UTC

Update released for: kernel-default-extra, kernel-ppc64-extra
Products:
SLE-SERVER 11-EXTRA (ppc64)

Comment 41 Swamp Workflow Management 2014-07-17 07:15:06 UTC

Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)

Comment 42 Swamp Workflow Management 2014-07-17 08:17:52 UTC

Update released for: kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)

Comment 43 Swamp Workflow Management 2014-09-09 23:07:11 UTC

SUSE-SU-2014:1105-1: An update that solves 18 vulnerabilities and has 8 fixes is now available.

Category: security (moderate)
Bug References: 846404,864464,866911,870173,870576,871676,871797,871854,872634,873374,876590,877257,877775,878115,878509,879921,880484,881051,882804,883724,883795,885422,885725,886474,889173,889324
CVE References: CVE-2013-4299,CVE-2014-0055,CVE-2014-0077,CVE-2014-1739,CVE-2014-2706,CVE-2014-2851,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4508,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4667,CVE-2014-4699,CVE-2014-5077
Sources used:
SUSE Linux Enterprise Server 11 SP2 LTSS (src):    kernel-default-3.0.101-0.7.23.1, kernel-ec2-3.0.101-0.7.23.1, kernel-pae-3.0.101-0.7.23.1, kernel-source-3.0.101-0.7.23.1, kernel-syms-3.0.101-0.7.23.1, kernel-trace-3.0.101-0.7.23.1, kernel-xen-3.0.101-0.7.23.1, xen-4.1.6_06-0.5.30
SLE 11 SERVER Unsupported Extras (src):    kernel-default-3.0.101-0.7.23.1, kernel-pae-3.0.101-0.7.23.1, kernel-xen-3.0.101-0.7.23.1

Comment 44 Swamp Workflow Management 2014-09-28 16:05:11 UTC

openSUSE-SU-2014:1246-1: An update that solves 18 vulnerabilities and has 8 fixes is now available.

Category: security (moderate)
Bug References: 846404,854722,864464,866911,870173,870576,871676,871797,871854,872634,873374,876590,877257,878115,878509,879921,880484,881051,882804,883724,883795,885422,885725,886474,889173,889324
CVE References: CVE-2013-6463,CVE-2014-0055,CVE-2014-0077,CVE-2014-1739,CVE-2014-2706,CVE-2014-2851,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4508,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4667,CVE-2014-4699,CVE-2014-5077
Sources used:
openSUSE Evergreen 11.4 (src):    kernel-docs-3.0.101-91.2, kernel-source-3.0.101-91.1, kernel-syms-3.0.101-91.1, preload-1.2-6.69.2

Comment 45 Swamp Workflow Management 2015-04-02 00:07:19 UTC

SUSE-SU-2015:0652-1: An update that solves 17 vulnerabilities and has 10 fixes is now available.

Category: security (important)
Bug References: 771619,833820,846404,857643,875051,885077,891211,892235,896390,896391,896779,899338,902346,902349,902351,904700,905100,905312,907822,908870,911325,912654,912705,912916,913059,915335,915826
CVE References: CVE-2010-5313,CVE-2012-6657,CVE-2013-4299,CVE-2013-7263,CVE-2014-0181,CVE-2014-3184,CVE-2014-3185,CVE-2014-3673,CVE-2014-3687,CVE-2014-3688,CVE-2014-7841,CVE-2014-7842,CVE-2014-8160,CVE-2014-8709,CVE-2014-9420,CVE-2014-9584,CVE-2014-9585
Sources used:
SUSE Linux Enterprise Server 11 SP1 LTSS (src):    kernel-default-2.6.32.59-0.19.1, kernel-ec2-2.6.32.59-0.19.1, kernel-pae-2.6.32.59-0.19.1, kernel-source-2.6.32.59-0.19.1, kernel-syms-2.6.32.59-0.19.1, kernel-trace-2.6.32.59-0.19.1, kernel-xen-2.6.32.59-0.19.1, xen-4.0.3_21548_18-0.9.17
SLE 11 SERVER Unsupported Extras (src):    kernel-default-2.6.32.59-0.19.1, kernel-pae-2.6.32.59-0.19.1, kernel-xen-2.6.32.59-0.19.1

Comment 46 Swamp Workflow Management 2015-04-30 19:10:30 UTC

SUSE-SU-2015:0812-1: An update that fixes 39 vulnerabilities is now available.

Category: security (important)
Bug References: 677286,679812,681175,681999,683282,685402,687812,730118,730200,738400,758813,760902,769784,823260,846404,853040,854722,863335,874307,875051,880484,883223,883795,885422,891844,892490,896390,896391,896779,902346,907818,908382,910251,911325
CVE References: CVE-2011-1090,CVE-2011-1163,CVE-2011-1476,CVE-2011-1477,CVE-2011-1493,CVE-2011-1494,CVE-2011-1495,CVE-2011-1585,CVE-2011-4127,CVE-2011-4132,CVE-2011-4913,CVE-2011-4914,CVE-2012-2313,CVE-2012-2319,CVE-2012-3400,CVE-2012-6657,CVE-2013-2147,CVE-2013-4299,CVE-2013-6405,CVE-2013-6463,CVE-2014-0181,CVE-2014-1874,CVE-2014-3184,CVE-2014-3185,CVE-2014-3673,CVE-2014-3917,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4667,CVE-2014-5471,CVE-2014-5472,CVE-2014-9090,CVE-2014-9322,CVE-2014-9420,CVE-2014-9584,CVE-2015-2041
Sources used:
SUSE Linux Enterprise Server 10 SP4 LTSS (src):    kernel-bigsmp-2.6.16.60-0.132.1, kernel-debug-2.6.16.60-0.132.1, kernel-default-2.6.16.60-0.132.1, kernel-kdump-2.6.16.60-0.132.1, kernel-kdumppae-2.6.16.60-0.132.1, kernel-smp-2.6.16.60-0.132.1, kernel-source-2.6.16.60-0.132.1, kernel-syms-2.6.16.60-0.132.1, kernel-vmi-2.6.16.60-0.132.1, kernel-vmipae-2.6.16.60-0.132.1, kernel-xen-2.6.16.60-0.132.1, kernel-xenpae-2.6.16.60-0.132.1