Bugzilla – Bug 857643
VUL-0: [CVE-2013-7263 - CVE-2013-7271]: kernel: kernel before 3.12.14 len field update before initialization
Last modified: 2019-05-01 16:12:52 UTC
Multiple places in kernel code update the len field of data structures before actually initializing them. Actual CVE's will follow: Name: CVE-2013-7263 The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data +structures have been initialized, which allows local users to obtain sensitive information from +kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to +net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c. Reference: CONFIRM: https://github.com/torvalds/linux/commit/bceaa90240b6019ed73b49965eac7d167610be69 Reference: CONFIRM: https://bugzilla.redhat.com/show_bug.cgi?id=1035875 Reference: MLIST: http://www.openwall.com/lists/oss-security/2013/11/28/13 Reference: CONFIRM: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4 Reference: CONFIRM: +http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bceaa90240b6019ed73b49965 +eac7d167610be69
Name: CVE-2013-7264 The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain +length value before ensuring that an associated data structure has been initialized, which allows +local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) +recvmmsg, or (3) recvmsg system call. Reference: CONFIRM: https://github.com/torvalds/linux/commit/bceaa90240b6019ed73b49965eac7d167610be69 Reference: CONFIRM: https://bugzilla.redhat.com/show_bug.cgi?id=1035875 Reference: MLIST: http://www.openwall.com/lists/oss-security/2013/11/28/13 Reference: CONFIRM: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4 Reference: CONFIRM: +http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bceaa90240b6019ed73b49965 +eac7d167610be69
Name: CVE-2013-7265 The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain +length value before ensuring that an associated data structure has been initialized, which allows +local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) +recvmmsg, or (3) recvmsg system call. Reference: CONFIRM: https://github.com/torvalds/linux/commit/bceaa90240b6019ed73b49965eac7d167610be69 Reference: CONFIRM: https://bugzilla.redhat.com/show_bug.cgi?id=1035875 Reference: MLIST: http://www.openwall.com/lists/oss-security/2013/11/28/13 Reference: CONFIRM: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4 Reference: CONFIRM: +http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bceaa90240b6019ed73b49965 +eac7d167610be69
Name: CVE-2013-7266 The mISDN_sock_recvmsg function in drivers/isdn/mISDN/socket.c in the Linux kernel before 3.12.4 does +not ensure that a certain length value is consistent with the size of an associated data structure, +which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) +recvmmsg, or (3) recvmsg system call. Reference: CONFIRM: https://github.com/torvalds/linux/commit/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c Reference: CONFIRM: https://bugzilla.redhat.com/show_bug.cgi?id=1039845 Reference: MLIST: http://www.openwall.com/lists/oss-security/2013/12/31/7 Reference: CONFIRM: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4 Reference: CONFIRM: +http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f3d3342602f8bcbf37d7c4664 +1cb9bca7618eb1c
Name: CVE-2013-7267 The atalk_recvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain +length value without ensuring that an associated data structure has been initialized, which allows +local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or +(3) recvmsg system call. Reference: CONFIRM: https://github.com/torvalds/linux/commit/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c Reference: CONFIRM: https://bugzilla.redhat.com/show_bug.cgi?id=1039845 Reference: MLIST: http://www.openwall.com/lists/oss-security/2013/12/31/7 Reference: CONFIRM: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4 Reference: CONFIRM: +http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f3d3342602f8bcbf37d7c4664 +1cb9bca7618eb1c
Name: CVE-2013-7268 The ipx_recvmsg function in net/ipx/af_ipx.c in the Linux kernel before 3.12.4 updates a certain +length value without ensuring that an associated data structure has been initialized, which allows +local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or +(3) recvmsg system call. Reference: CONFIRM: https://github.com/torvalds/linux/commit/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c Reference: CONFIRM: https://bugzilla.redhat.com/show_bug.cgi?id=1039845 Reference: MLIST: http://www.openwall.com/lists/oss-security/2013/12/31/7 Reference: CONFIRM: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4 Reference: CONFIRM: +http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f3d3342602f8bcbf37d7c4664 +1cb9bca7618eb1c
Name: CVE-2013-7269 The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.12.4 updates a certain +length value without ensuring that an associated data structure has been initialized, which allows +local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or +(3) recvmsg system call. Reference: CONFIRM: https://github.com/torvalds/linux/commit/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c Reference: CONFIRM: https://bugzilla.redhat.com/show_bug.cgi?id=1039845 Reference: MLIST: http://www.openwall.com/lists/oss-security/2013/12/31/7 Reference: CONFIRM: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4 Reference: CONFIRM: +http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f3d3342602f8bcbf37d7c4664 +1cb9bca7618eb1c
Name: CVE-2013-7270 The packet_recvmsg function in net/packet/af_packet.c in the Linux kernel before 3.12.4 updates a +certain length value before ensuring that an associated data structure has been initialized, which +allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) +recvmmsg, or (3) recvmsg system call. Reference: CONFIRM: https://github.com/torvalds/linux/commit/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c Reference: CONFIRM: https://bugzilla.redhat.com/show_bug.cgi?id=1039845 Reference: MLIST: http://www.openwall.com/lists/oss-security/2013/12/31/7 Reference: CONFIRM: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4 Reference: CONFIRM: +http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f3d3342602f8bcbf37d7c4664 +1cb9bca7618eb1c
Name: CVE-2013-7271 The x25_recvmsg function in net/x25/af_x25.c in the Linux kernel before 3.12.4 updates a certain +length value without ensuring that an associated data structure has been initialized, which allows +local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or +(3) recvmsg system call. Reference: CONFIRM: https://github.com/torvalds/linux/commit/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c Reference: CONFIRM: https://bugzilla.redhat.com/show_bug.cgi?id=1039845 Reference: MLIST: http://www.openwall.com/lists/oss-security/2013/12/31/7 Reference: CONFIRM: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4 Reference: CONFIRM: +http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f3d3342602f8bcbf37d7c4664 +1cb9bca7618eb1c
Adding networking people.
bugbot adjusting priority
The timing is rather unfortunate as a kernel update (which is the last regular one for SP2) is planned to be submitted today. Is this supposed to get in (which would most likely mean a delay)?
I think the severity of these issues is not so high that we should delay the update. Its probably enough to stuff it into the next regular update round.
Same category: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7281 Published on Jan. 8, 2014, 5:55 p.m.. The dgram_recvmsg function in net/ieee802154/dgram.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.
After go through these CVE reports, I think there are two security incidents of this bug. One is: - CVE-2013-7263 (net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c) - CVE-2013-7264 (net/l2tp/l2tp_ip.c) - CVE-2013-7265 (net/phonet/datagram.c) - CVE-2013-7281 (net/ieee802154/dgram.c) Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=bceaa90240b6019ed73b49965eac7d167610be69 https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=85fbaa75037d0b6b786ff18658ddf0b4014ce2a4 I would update the result and make patch later. And the other one is: - CVE-2013-7266 (drivers/isdn/mISDN/socket.c) - CVE-2013-7267 (net/appletalk/ddp.c) - CVE-2013-7268 (net/ipx/af_ipx.c) - CVE-2013-7269 (net/netrom/af_netrom.c) - CVE-2013-7270 (net/packet/af_packet.c) - CVE-2013-7271 (net/x25/af_x25.c) Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3d3342602f8bcbf37d7c46641cb9bca7618eb1c I have not checked this yet.
Unaffected: SLE12 SLE12-RT since it has fix via 3.12.4 - CVE-2013-7263 (net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c) Affected: SLE11-SP3 SLE11-SP3-RT SLE11-SP2 SLE11-SP2-RT SLE11-SP2-LTSS SLE11-SP1 SLE10-SP4 openSUSE-13.1 openSUSE-12.3 - CVE-2013-7264 (net/l2tp/l2tp_ip.c) Affected: SLE11-SP3 SLE11-SP3-RT SLE11-SP2 SLE11-SP2-RT SLE11-SP2-LTSS openSUSE-13.1 openSUSE-12.3 - CVE-2013-7265 (net/phonet/datagram.c) Affected: SLE11-SP3 SLE11-SP3-RT SLE11-SP2 SLE11-SP2-RT SLE11-SP2-LTSS SLE11-SP1 openSUSE-13.1 openSUSE-12.3 - CVE-2013-7281 (net/ieee802154/dgram.c) - Introduced-by: 6364e6ee ieee802154/dgram: Pass source address in dgram_recvmsg (v3.10-rc1) Affected: only openSUSE-13.1
Created attachment 581328 [details] Patches for SLE11-SP3
(In reply to comment #18) > Created an attachment (id=581328) [details] > Patches for SLE11-SP3 Looks good to me.
The SWAMPID for this issue is 56633. This issue was rated as important. Please submit fixed packages until 2014-03-18. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
Update released for: kernel-debug, kernel-debug-debuginfo, kernel-default, kernel-default-debuginfo, kernel-dummy, kernel-kdump, kernel-kdump-debuginfo, kernel-smp, kernel-smp-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-xen, kernel-xen-debuginfo Products: SLE-SERVER 10-SP3-TERADATA (x86_64)
The SWAMPID for this issue is 56678. This issue was rated as important. Please submit fixed packages until 2014-03-24. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
Update released for: kernel-default, kernel-default-debug, kernel-dummy, kernel-smp, kernel-smp-debug, kernel-source, kernel-syms, um-host-kernel, kernel-update.ycp, install-kernel-non-interactive.sh Products: SUSE-CORE 9-SP3-TERADATA (x86_64)
Update released for: cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-devel, kernel-pae-devel-debuginfo, kernel-pae-extra, kernel-pae-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-pae, xen-kmp-trace Products: SLE-DEBUGINFO 11-SP3 (i386) SLE-DESKTOP 11-SP3 (i386) SLE-HAE 11-SP3 (i386) SLE-SERVER 11-SP3 (i386) SLES4VMWARE 11-SP3 (i386)
Update released for: cluster-network-kmp-default, cluster-network-kmp-ppc64, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-ppc64, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-extra, kernel-default-hmac, kernel-ppc64, kernel-ppc64-base, kernel-ppc64-debuginfo, kernel-ppc64-debugsource, kernel-ppc64-devel, kernel-ppc64-extra, kernel-ppc64-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-ppc64, ocfs2-kmp-trace Products: SLE-DEBUGINFO 11-SP3 (ppc64) SLE-HAE 11-SP3 (ppc64) SLE-SERVER 11-SP3 (ppc64)
Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace Products: SLE-DEBUGINFO 11-SP3 (s390x) SLE-HAE 11-SP3 (s390x) SLE-SERVER 11-SP3 (s390x)
Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-trace Products: SLE-DEBUGINFO 11-SP3 (x86_64) SLE-DESKTOP 11-SP3 (x86_64) SLE-HAE 11-SP3 (x86_64) SLE-SERVER 11-SP3 (x86_64) SLES4VMWARE 11-SP3 (x86_64)
Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-trace Products: SLE-DEBUGINFO 11-SP3 (ia64) SLE-HAE 11-SP3 (ia64) SLE-SERVER 11-SP3 (ia64)
SUSE-SU-2014:0459-1: An update that solves 6 vulnerabilities and has 28 fixes is now available. Category: security (important) Bug References: 599263,827670,833968,844513,846790,847672,852488,852967,853162,853166,853455,854025,854445,855825,855885,856848,857358,857643,858604,859225,859342,861093,862796,862957,863178,863526,864025,864058,864833,864880,865342,865783,866253,866428 CVE References: CVE-2013-4470,CVE-2013-6885,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2014-0069 Sources used: SUSE Linux Enterprise Server 11 SP3 for VMware (src): kernel-default-3.0.101-0.18.1, kernel-pae-3.0.101-0.18.1, kernel-source-3.0.101-0.18.1, kernel-syms-3.0.101-0.18.1, kernel-trace-3.0.101-0.18.1, kernel-xen-3.0.101-0.18.1 SUSE Linux Enterprise Server 11 SP3 (src): kernel-default-3.0.101-0.18.1, kernel-ec2-3.0.101-0.18.1, kernel-pae-3.0.101-0.18.1, kernel-ppc64-3.0.101-0.18.1, kernel-source-3.0.101-0.18.1, kernel-syms-3.0.101-0.18.1, kernel-trace-3.0.101-0.18.1, kernel-xen-3.0.101-0.18.1, xen-4.2.4_02-0.7.5 SUSE Linux Enterprise High Availability Extension 11 SP3 (src): cluster-network-1.4-2.27.49, gfs2-2-0.16.55, ocfs2-1.6-0.20.49 SUSE Linux Enterprise Desktop 11 SP3 (src): kernel-default-3.0.101-0.18.1, kernel-pae-3.0.101-0.18.1, kernel-source-3.0.101-0.18.1, kernel-syms-3.0.101-0.18.1, kernel-trace-3.0.101-0.18.1, kernel-xen-3.0.101-0.18.1, xen-4.2.4_02-0.7.5 SLE 11 SERVER Unsupported Extras (src): kernel-default-3.0.101-0.18.1, kernel-pae-3.0.101-0.18.1, kernel-ppc64-3.0.101-0.18.1, kernel-xen-3.0.101-0.18.1
Update released for: kernel-default-extra, kernel-ppc64-extra Products: SLE-SERVER 11-EXTRA (ppc64)
Update released for: kernel-default-extra Products: SLE-SERVER 11-EXTRA (ia64)
Update released for: kernel-default-extra, kernel-xen-extra Products: SLE-SERVER 11-EXTRA (x86_64)
Update released for: kernel-default-extra, kernel-pae-extra, kernel-xen-extra Products: SLE-SERVER 11-EXTRA (i386)
Update released for: kernel-default-extra Products: SLE-SERVER 11-EXTRA (s390x)
SLE11-SP3: applied SLE11-SP2(LTSS): applied openSUSE-13.1: applied The rest CVE reports, original is CVE-2013-6463: - CVE-2013-7266 (drivers/isdn/mISDN/socket.c) - CVE-2013-7267 (net/appletalk/ddp.c) - CVE-2013-7268 (net/ipx/af_ipx.c) - CVE-2013-7269 (net/netrom/af_netrom.c) - CVE-2013-7270 (net/packet/af_packet.c) - CVE-2013-7271 (net/x25/af_x25.c) Please see bnc#854722. It looks like the fix had been merged into SLE11-SP2, openSUSE12.2 and openSUSE12.3. I am checking the others branches.
SUSE-SU-2014:0531-1: An update that solves 6 vulnerabilities and has 28 fixes is now available. Category: security (important) Bug References: 599263,827670,833968,844513,846790,847672,852488,852967,853162,853166,853455,854025,854445,855825,856848,857358,857643,858604,859225,859342,861093,862796,862957,863178,863526,864025,864058,864833,864880,865342,865783,866253,866428,870801 CVE References: CVE-2013-4470,CVE-2013-6885,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2014-0069 Sources used: SUSE Linux Enterprise Server 11 SP3 for VMware (src): kernel-default-3.0.101-0.21.1, kernel-pae-3.0.101-0.21.1, kernel-source-3.0.101-0.21.1, kernel-syms-3.0.101-0.21.1, kernel-trace-3.0.101-0.21.1, kernel-xen-3.0.101-0.21.1 SUSE Linux Enterprise Server 11 SP3 (src): kernel-default-3.0.101-0.21.1, kernel-ec2-3.0.101-0.21.1, kernel-pae-3.0.101-0.21.1, kernel-ppc64-3.0.101-0.21.1, kernel-source-3.0.101-0.21.1, kernel-syms-3.0.101-0.21.1, kernel-trace-3.0.101-0.21.1, kernel-xen-3.0.101-0.21.1, xen-4.2.4_02-0.7.12 SUSE Linux Enterprise High Availability Extension 11 SP3 (src): cluster-network-1.4-2.27.54, gfs2-2-0.16.60, ocfs2-1.6-0.20.54 SUSE Linux Enterprise Desktop 11 SP3 (src): kernel-default-3.0.101-0.21.1, kernel-pae-3.0.101-0.21.1, kernel-source-3.0.101-0.21.1, kernel-syms-3.0.101-0.21.1, kernel-trace-3.0.101-0.21.1, kernel-xen-3.0.101-0.21.1, xen-4.2.4_02-0.7.12 SLE 11 SERVER Unsupported Extras (src): kernel-default-3.0.101-0.21.1, kernel-pae-3.0.101-0.21.1, kernel-ppc64-3.0.101-0.21.1, kernel-xen-3.0.101-0.21.1
(In reply to comment #52) > The rest CVE reports, original is CVE-2013-6463: > - CVE-2013-7266 (drivers/isdn/mISDN/socket.c) > - CVE-2013-7267 (net/appletalk/ddp.c) > - CVE-2013-7268 (net/ipx/af_ipx.c) > - CVE-2013-7269 (net/netrom/af_netrom.c) > - CVE-2013-7270 (net/packet/af_packet.c) > - CVE-2013-7271 (net/x25/af_x25.c) > > Please see bnc#854722. > > It looks like the fix had been merged into SLE11-SP2, openSUSE12.2 and > openSUSE12.3. > I am checking the others branches. SLE12, SLE11SP3 and openSUSE13.1 had the fix. Patch for SLE11 is under review. (bnc#854722)
Update released for: cluster-network-kmp-rt, cluster-network-kmp-rt_trace, drbd-kmp-rt, drbd-kmp-rt_trace, iscsitarget-kmp-rt, iscsitarget-kmp-rt_trace, kernel-rt, kernel-rt-base, kernel-rt-debuginfo, kernel-rt-debugsource, kernel-rt-devel, kernel-rt-devel-debuginfo, kernel-rt-extra, kernel-rt-hmac, kernel-rt_trace, kernel-rt_trace-base, kernel-rt_trace-debuginfo, kernel-rt_trace-debugsource, kernel-rt_trace-devel, kernel-rt_trace-devel-debuginfo, kernel-rt_trace-extra, kernel-rt_trace-hmac, kernel-source-rt, kernel-syms-rt, lttng-modules-kmp-rt, lttng-modules-kmp-rt_trace, ocfs2-kmp-rt, ocfs2-kmp-rt_trace, ofed-kmp-rt, ofed-kmp-rt_trace Products: SLE-DEBUGINFO 11-SP3 (x86_64) SLE-RT 11-SP3 (x86_64)
SUSE-SU-2014:0537-1: An update that solves 7 vulnerabilities and has 50 fixes is now available. Category: security (important) Bug References: 599263,769035,769644,793727,798050,805114,805740,820434,823618,827670,833968,844513,845378,845621,846654,846790,846984,847672,848055,849364,849855,851603,852153,852488,852967,853052,853162,853166,853455,854025,854445,854516,855825,855885,856848,857358,857643,857919,858534,858604,858831,859225,859342,861093,862796,862957,863178,863526,864025,864058,864833,864880,865342,865783,866253,866428,870801 CVE References: CVE-2013-4470,CVE-2013-6368,CVE-2013-6885,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2014-0069 Sources used: SUSE Linux Enterprise Real Time Extension 11 SP3 (src): cluster-network-1.4-2.27.55, drbd-kmp-8.4.4-0.22.21, iscsitarget-1.4.20-0.38.40, kernel-rt-3.0.101.rt130-0.14.1, kernel-rt_trace-3.0.101.rt130-0.14.1, kernel-source-rt-3.0.101.rt130-0.14.1, kernel-syms-rt-3.0.101.rt130-0.14.1, lttng-modules-2.1.1-0.11.36, ocfs2-1.6-0.20.55, ofed-1.5.4.1-0.13.46
The SWAMPID for this issue is 57234. This issue was rated as important. Please submit fixed packages until 2014-05-14. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
Those fixes were all pushed into kernel branches accordingly, except the patch of (CVE-2013-7266 ~ CVE-2013-7271) for SLE11,SLE10 and SLE9, I would suggest that we can track it in the original bug (bnc#854722).
Update released for: kernel-debug, kernel-debug-base, kernel-debug-debuginfo, kernel-debug-debugsource, kernel-debug-devel, kernel-debug-devel-debuginfo, kernel-debug-extra, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-docs, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra Products: SLE-SERVER 11-SP1-TERADATA (x86_64)
openSUSE-SU-2014:0678-1: An update that solves 17 vulnerabilities and has 23 fixes is now available. Category: security (important) Bug References: 639379,812592,81660,821619,833968,842553,849334,851244,851426,852656,852967,853350,856760,857643,858638,858872,859342,860502,860835,861750,862746,863235,863335,864025,864867,865075,866075,866102,867718,868653,869414,871148,871160,871252,871325,875440,875690,875798,876531,876699 CVE References: CVE-2013-4579,CVE-2013-6885,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2013-7281,CVE-2014-0069,CVE-2014-0101,CVE-2014-0196,CVE-2014-1438,CVE-2014-1446,CVE-2014-1690,CVE-2014-1737,CVE-2014-1738,CVE-2014-1874,CVE-2014-2523,CVE-2014-2672 Sources used: openSUSE 13.1 (src): cloop-2.639-11.7.1, crash-7.0.2-2.7.1, hdjmod-1.28-16.7.1, ipset-6.19-2.7.1, iscsitarget-1.4.20.3-13.7.1, kernel-docs-3.11.10-11.3, kernel-source-3.11.10-11.1, kernel-syms-3.11.10-11.1, ndiswrapper-1.58-7.1, openvswitch-1.11.0-0.25.1, pcfclock-0.44-258.7.1, virtualbox-4.2.18-2.12.1, xen-4.3.2_01-15.1, xtables-addons-2.3-2.7.1
Update released for: btrfs-kmp-default, btrfs-kmp-pae, btrfs-kmp-trace, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-pae, ext4dev-kmp-trace, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, hyper-v-kmp-default, hyper-v-kmp-pae, hyper-v-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-devel, kernel-pae-devel-debuginfo, kernel-pae-extra, kernel-pae-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen Products: SLE-DEBUGINFO 11-SP2 (i386) SLE-SERVER 11-SP2-LTSS (i386)
Update released for: btrfs-kmp-default, btrfs-kmp-trace, cluster-network-kmp-default, cluster-network-kmp-trace, ext4dev-kmp-default, ext4dev-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace Products: SLE-DEBUGINFO 11-SP2 (s390x) SLE-SERVER 11-SP2-LTSS (s390x)
Update released for: btrfs-kmp-default, btrfs-kmp-trace, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-trace, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, hyper-v-kmp-default, hyper-v-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen Products: SLE-DEBUGINFO 11-SP2 (x86_64) SLE-SERVER 11-SP2-LTSS (x86_64)
SUSE-SU-2014:0696-1: An update that solves 21 vulnerabilities and has 32 fixes is now available. Category: security (important) Bug References: 708296,736697,746500,814788,819351,831029,836347,843185,844513,847672,849364,851426,852488,852553,852967,853455,854025,855347,855885,856083,857499,857643,858280,858534,858604,858869,858870,858872,862429,863300,863335,864025,864833,865307,865310,865330,865342,865783,866102,867953,868528,868653,869033,869563,870801,871325,871561,871861,873061,874108,875690,875798,876102 CVE References: CVE-2013-4470,CVE-2013-4579,CVE-2013-6382,CVE-2013-6885,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2013-7339,CVE-2014-0069,CVE-2014-0101,CVE-2014-0196,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1737,CVE-2014-1738,CVE-2014-1874,CVE-2014-2039,CVE-2014-2523,CVE-2014-2678,CVE-2014-3122 Sources used: SUSE Linux Enterprise Server 11 SP2 LTSS (src): kernel-default-3.0.101-0.7.19.1, kernel-ec2-3.0.101-0.7.19.1, kernel-pae-3.0.101-0.7.19.1, kernel-source-3.0.101-0.7.19.1, kernel-syms-3.0.101-0.7.19.1, kernel-trace-3.0.101-0.7.19.1, kernel-xen-3.0.101-0.7.19.1 SLE 11 SERVER Unsupported Extras (src): kernel-default-3.0.101-0.7.19.1, kernel-pae-3.0.101-0.7.19.1, kernel-xen-3.0.101-0.7.19.1
openSUSE-SU-2014:0766-1: An update that solves 30 vulnerabilities and has 37 fixes is now available. Category: security (moderate) Bug References: 708296,736697,746500,758813,813733,814788,817377,819351,823260,831029,836347,840226,841402,843185,844513,847672,849021,849364,850263,851426,852488,852553,852558,852967,853455,854025,855347,855885,856083,857499,857643,858280,858534,858604,858869,858870,858872,862023,862429,863300,863335,864025,864833,865307,865310,865330,865342,865783,866102,867139,867255,867953,868049,868528,868653,869033,869563,870801,871252,871325,871561,871861,873061,874108,875690,875798,876102 CVE References: CVE-2012-2313,CVE-2013-0343,CVE-2013-1929,CVE-2013-2015,CVE-2013-2147,CVE-2013-4345,CVE-2013-4470,CVE-2013-4511,CVE-2013-4579,CVE-2013-6382,CVE-2013-6383,CVE-2013-6763,CVE-2013-6885,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2013-7339,CVE-2014-00691,CVE-2014-0101,CVE-2014-0196,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1737,CVE-2014-1738,CVE-2014-1874,CVE-2014-2039,CVE-2014-2523,CVE-2014-2678,CVE-2014-3122 Sources used: openSUSE 11.4 (src): kernel-docs-3.0.101-83.3, kernel-source-3.0.101-83.1, kernel-syms-3.0.101-83.1, preload-1.2-6.61.1
Update released for: kernel-bigsmp, kernel-bigsmp-debuginfo, kernel-debug, kernel-debug-debuginfo, kernel-default, kernel-default-debuginfo, kernel-kdump, kernel-kdump-debuginfo, kernel-kdumppae, kernel-kdumppae-debuginfo, kernel-smp, kernel-smp-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-syms-debuginfo, kernel-vmi, kernel-vmi-debuginfo, kernel-vmipae, kernel-vmipae-debuginfo, kernel-xen, kernel-xen-debuginfo, kernel-xenpae, kernel-xenpae-debuginfo Products: SLE-DEBUGINFO 10-SP4 (i386) SLE-SERVER 10-SP4-LTSS (i386)
Update released for: kernel-default, kernel-default-debuginfo, kernel-source, kernel-syms Products: SLE-DEBUGINFO 10-SP4 (s390x) SLE-SERVER 10-SP4-LTSS (s390x)
Update released for: kernel-debug, kernel-debug-debuginfo, kernel-default, kernel-default-debuginfo, kernel-kdump, kernel-kdump-debuginfo, kernel-smp, kernel-smp-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-xen, kernel-xen-debuginfo Products: SLE-DEBUGINFO 10-SP4 (x86_64) SLE-SERVER 10-SP4-LTSS (x86_64)
SUSE-SU-2014:0772-1: An update that contains security fixes can now be installed. Category: security (low) Bug References: 797175,833968,852553,857643,874108,875798 CVE References: Sources used: SUSE Linux Enterprise Server 10 SP4 LTSS (src): kernel-bigsmp-2.6.16.60-0.107.1, kernel-debug-2.6.16.60-0.107.1, kernel-default-2.6.16.60-0.107.1, kernel-kdump-2.6.16.60-0.107.1, kernel-kdumppae-2.6.16.60-0.107.1, kernel-smp-2.6.16.60-0.107.1, kernel-source-2.6.16.60-0.107.1, kernel-syms-2.6.16.60-0.107.1, kernel-vmi-2.6.16.60-0.107.1, kernel-vmipae-2.6.16.60-0.107.1, kernel-xen-2.6.16.60-0.107.1, kernel-xenpae-2.6.16.60-0.107.1
SUSE-SU-2014:0773-1: An update that fixes 6 vulnerabilities is now available. Category: security (low) Bug References: 797175,833968,852553,857643,874108,875798 CVE References: CVE-2013-6382,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2014-1737,CVE-2014-1738 Sources used: SUSE Linux Enterprise Server 10 SP4 LTSS (src): kernel-debug-2.6.16.60-0.107.1, kernel-default-2.6.16.60-0.107.1, kernel-kdump-2.6.16.60-0.107.1, kernel-smp-2.6.16.60-0.107.1, kernel-source-2.6.16.60-0.107.1, kernel-syms-2.6.16.60-0.107.1, kernel-xen-2.6.16.60-0.107.1
Update released for: btrfs-kmp-default, btrfs-kmp-pae, btrfs-kmp-trace, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-pae, ext4dev-kmp-trace, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, hyper-v-kmp-default, hyper-v-kmp-pae, hyper-v-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-devel, kernel-pae-devel-debuginfo, kernel-pae-extra, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen Products: SLE-DEBUGINFO 11-SP1 (i386) SLE-SERVER 11-SP1-LTSS (i386)
Update released for: btrfs-kmp-default, btrfs-kmp-trace, cluster-network-kmp-default, cluster-network-kmp-trace, ext4dev-kmp-default, ext4dev-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace Products: SLE-DEBUGINFO 11-SP1 (s390x) SLE-SERVER 11-SP1-LTSS (s390x)
Update released for: btrfs-kmp-default, btrfs-kmp-trace, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-trace, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, hyper-v-kmp-default, hyper-v-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen Products: SLE-DEBUGINFO 11-SP1 (x86_64) SLE-SERVER 11-SP1-LTSS (x86_64)
SUSE-SU-2014:0807-1: An update that solves 17 vulnerabilities and has 9 fixes is now available. Category: security (important) Bug References: 630970,661605,663516,761774,792407,852553,852967,854634,854743,856756,857643,863335,865310,866102,868049,868488,868653,869563,871561,873070,874108,875690,875798,876102,878289,880892 CVE References: CVE-2012-6647,CVE-2013-6382,CVE-2013-6885,CVE-2013-7027,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2013-7339,CVE-2014-0101,CVE-2014-0196,CVE-2014-1737,CVE-2014-1738,CVE-2014-1874,CVE-2014-2523,CVE-2014-2678,CVE-2014-3122,CVE-2014-3153 Sources used: SUSE Linux Enterprise Server 11 SP1 LTSS (src): btrfs-0-0.3.163, ext4dev-0-7.9.130, hyper-v-0-0.18.39, kernel-default-2.6.32.59-0.13.1, kernel-ec2-2.6.32.59-0.13.1, kernel-pae-2.6.32.59-0.13.1, kernel-source-2.6.32.59-0.13.1, kernel-syms-2.6.32.59-0.13.1, kernel-trace-2.6.32.59-0.13.1, kernel-xen-2.6.32.59-0.13.1 SLE 11 SERVER Unsupported Extras (src): kernel-default-2.6.32.59-0.13.1, kernel-pae-2.6.32.59-0.13.1, kernel-xen-2.6.32.59-0.13.1
Update released for: kernel-bigsmp, kernel-bigsmp-debuginfo, kernel-debug, kernel-debug-debuginfo, kernel-default, kernel-default-debuginfo, kernel-kdump, kernel-kdump-debuginfo, kernel-kdumppae, kernel-kdumppae-debuginfo, kernel-smp, kernel-smp-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-syms-debuginfo, kernel-vmi, kernel-vmi-debuginfo, kernel-vmipae, kernel-vmipae-debuginfo, kernel-xen, kernel-xen-debuginfo, kernel-xenpae, kernel-xenpae-debuginfo Products: SLE-DEBUGINFO 10-SP3 (i386) SLE-SERVER 10-SP3-LTSS (i386)
Update released for: kernel-default, kernel-default-debuginfo, kernel-source, kernel-syms Products: SLE-DEBUGINFO 10-SP3 (s390x) SLE-SERVER 10-SP3-LTSS (s390x)
Update released for: kernel-debug, kernel-debug-debuginfo, kernel-default, kernel-default-debuginfo, kernel-kdump, kernel-kdump-debuginfo, kernel-smp, kernel-smp-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-xen, kernel-xen-debuginfo Products: SLE-DEBUGINFO 10-SP3 (x86_64) SLE-SERVER 10-SP3-LTSS (x86_64)
SUSE-SU-2014:0832-1: An update that solves 17 vulnerabilities and has two fixes is now available. Category: security (moderate) Bug References: 758813,805226,820338,830344,833968,835839,847672,848321,851095,852553,852558,853501,857643,858869,858870,858872,860304,874108,875798 CVE References: CVE-2013-0343,CVE-2013-2888,CVE-2013-2893,CVE-2013-2897,CVE-2013-4470,CVE-2013-4483,CVE-2013-4588,CVE-2013-6382,CVE-2013-6383,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1737,CVE-2014-1738 Sources used: SUSE Linux Enterprise Server 10 SP3 LTSS (src): kernel-bigsmp-2.6.16.60-0.123.1, kernel-debug-2.6.16.60-0.123.1, kernel-default-2.6.16.60-0.123.1, kernel-kdump-2.6.16.60-0.123.1, kernel-kdumppae-2.6.16.60-0.123.1, kernel-smp-2.6.16.60-0.123.1, kernel-source-2.6.16.60-0.123.1, kernel-syms-2.6.16.60-0.123.1, kernel-vmi-2.6.16.60-0.123.1, kernel-vmipae-2.6.16.60-0.123.1, kernel-xen-2.6.16.60-0.123.1, kernel-xenpae-2.6.16.60-0.123.1
i think we are done here.
SUSE-SU-2014:1693-1: An update that solves 21 vulnerabilities and has 28 fixes is now available. Category: security (important) Bug References: 755743,779488,800255,835839,851603,853040,857643,860441,868049,873228,876633,883724,883948,885077,887418,888607,891211,891368,891790,892782,893758,894058,894895,895387,895468,896382,896390,896391,896392,896415,897502,897694,897708,898295,898375,898554,899192,899574,899843,901638,902346,902349,903331,903653,904013,904358,904700,905100,905522 CVE References: CVE-2012-4398,CVE-2013-2889,CVE-2013-2893,CVE-2013-2897,CVE-2013-2899,CVE-2013-7263,CVE-2014-3181,CVE-2014-3184,CVE-2014-3185,CVE-2014-3186,CVE-2014-3601,CVE-2014-3610,CVE-2014-3646,CVE-2014-3647,CVE-2014-3673,CVE-2014-4508,CVE-2014-4608,CVE-2014-7826,CVE-2014-7841,CVE-2014-8709,CVE-2014-8884 Sources used: SUSE Linux Enterprise Server 11 SP3 for VMware (src): kernel-default-3.0.101-0.42.1, kernel-pae-3.0.101-0.42.1, kernel-source-3.0.101-0.42.1, kernel-syms-3.0.101-0.42.1, kernel-trace-3.0.101-0.42.1, kernel-xen-3.0.101-0.42.1 SUSE Linux Enterprise Server 11 SP3 (src): kernel-default-3.0.101-0.42.1, kernel-ec2-3.0.101-0.42.1, kernel-pae-3.0.101-0.42.1, kernel-source-3.0.101-0.42.1, kernel-syms-3.0.101-0.42.1, kernel-trace-3.0.101-0.42.1, kernel-xen-3.0.101-0.42.1, xen-4.2.5_02-0.7.2 SUSE Linux Enterprise High Availability Extension 11 SP3 (src): cluster-network-1.4-2.27.115, gfs2-2-0.16.121, ocfs2-1.6-0.20.115 SUSE Linux Enterprise Desktop 11 SP3 (src): kernel-default-3.0.101-0.42.1, kernel-pae-3.0.101-0.42.1, kernel-source-3.0.101-0.42.1, kernel-syms-3.0.101-0.42.1, kernel-trace-3.0.101-0.42.1, kernel-xen-3.0.101-0.42.1, xen-4.2.5_02-0.7.2 SLE 11 SERVER Unsupported Extras (src): kernel-default-3.0.101-0.42.1, kernel-pae-3.0.101-0.42.1, kernel-ppc64-3.0.101-0.42.1, kernel-xen-3.0.101-0.42.1
SUSE-SU-2014:1695-1: An update that solves 24 vulnerabilities and has 28 fixes is now available. Category: security (important) Bug References: 755743,779488,800255,835839,851603,853040,857643,860441,868049,873228,876633,883724,883948,885077,887418,888607,891211,891368,891790,892782,893758,894058,894895,895387,895468,896382,896390,896391,896392,896415,897502,897694,897708,898295,898375,898554,899192,899574,899843,901638,902346,902349,903331,903653,904013,904358,904700,905100,905522,907818,909077,910251 CVE References: CVE-2012-4398,CVE-2013-2889,CVE-2013-2893,CVE-2013-2897,CVE-2013-2899,CVE-2013-7263,CVE-2014-3181,CVE-2014-3184,CVE-2014-3185,CVE-2014-3186,CVE-2014-3601,CVE-2014-3610,CVE-2014-3646,CVE-2014-3647,CVE-2014-3673,CVE-2014-4508,CVE-2014-4608,CVE-2014-7826,CVE-2014-7841,CVE-2014-8133,CVE-2014-8709,CVE-2014-8884,CVE-2014-9090,CVE-2014-9322 Sources used: SUSE Linux Enterprise Server 11 SP3 for VMware (src): kernel-bigsmp-3.0.101-0.46.1, kernel-default-3.0.101-0.46.1, kernel-source-3.0.101-0.46.1, kernel-syms-3.0.101-0.46.1, kernel-trace-3.0.101-0.46.1, kernel-xen-3.0.101-0.46.1 SUSE Linux Enterprise Server 11 SP3 (src): kernel-bigsmp-3.0.101-0.46.1, kernel-default-3.0.101-0.46.1, kernel-ec2-3.0.101-0.46.1, kernel-source-3.0.101-0.46.1, kernel-syms-3.0.101-0.46.1, kernel-trace-3.0.101-0.46.1, kernel-xen-3.0.101-0.46.1, xen-4.2.5_02-0.7.9 SUSE Linux Enterprise High Availability Extension 11 SP3 (src): cluster-network-1.4-2.27.120, gfs2-2-0.16.126, ocfs2-1.6-0.20.120 SUSE Linux Enterprise Desktop 11 SP3 (src): kernel-bigsmp-3.0.101-0.46.1, kernel-default-3.0.101-0.46.1, kernel-source-3.0.101-0.46.1, kernel-syms-3.0.101-0.46.1, kernel-trace-3.0.101-0.46.1, kernel-xen-3.0.101-0.46.1, xen-4.2.5_02-0.7.9 SLE 11 SERVER Unsupported Extras (src): kernel-bigsmp-3.0.101-0.46.1, kernel-default-3.0.101-0.46.1, kernel-xen-3.0.101-0.46.1
SUSE-SU-2014:1693-2: An update that solves 21 vulnerabilities and has 28 fixes is now available. Category: security (important) Bug References: 755743,779488,800255,835839,851603,853040,857643,860441,868049,873228,876633,883724,883948,885077,887418,888607,891211,891368,891790,892782,893758,894058,894895,895387,895468,896382,896390,896391,896392,896415,897502,897694,897708,898295,898375,898554,899192,899574,899843,901638,902346,902349,903331,903653,904013,904358,904700,905100,905522 CVE References: CVE-2012-4398,CVE-2013-2889,CVE-2013-2893,CVE-2013-2897,CVE-2013-2899,CVE-2013-7263,CVE-2014-3181,CVE-2014-3184,CVE-2014-3185,CVE-2014-3186,CVE-2014-3601,CVE-2014-3610,CVE-2014-3646,CVE-2014-3647,CVE-2014-3673,CVE-2014-4508,CVE-2014-4608,CVE-2014-7826,CVE-2014-7841,CVE-2014-8709,CVE-2014-8884 Sources used: SUSE Linux Enterprise Server 11 SP3 (src): kernel-default-3.0.101-0.42.1, kernel-ppc64-3.0.101-0.42.1, kernel-source-3.0.101-0.42.1, kernel-syms-3.0.101-0.42.1, kernel-trace-3.0.101-0.42.1 SUSE Linux Enterprise High Availability Extension 11 SP3 (src): cluster-network-1.4-2.27.115, gfs2-2-0.16.121, ocfs2-1.6-0.20.115
SUSE-SU-2014:1695-2: An update that solves 24 vulnerabilities and has 28 fixes is now available. Category: security (important) Bug References: 755743,779488,800255,835839,851603,853040,857643,860441,868049,873228,876633,883724,883948,885077,887418,888607,891211,891368,891790,892782,893758,894058,894895,895387,895468,896382,896390,896391,896392,896415,897502,897694,897708,898295,898375,898554,899192,899574,899843,901638,902346,902349,903331,903653,904013,904358,904700,905100,905522,907818,909077,910251 CVE References: CVE-2012-4398,CVE-2013-2889,CVE-2013-2893,CVE-2013-2897,CVE-2013-2899,CVE-2013-7263,CVE-2014-3181,CVE-2014-3184,CVE-2014-3185,CVE-2014-3186,CVE-2014-3601,CVE-2014-3610,CVE-2014-3646,CVE-2014-3647,CVE-2014-3673,CVE-2014-4508,CVE-2014-4608,CVE-2014-7826,CVE-2014-7841,CVE-2014-8133,CVE-2014-8709,CVE-2014-8884,CVE-2014-9090,CVE-2014-9322 Sources used: SUSE Linux Enterprise Real Time Extension 11 SP3 (src): cluster-network-1.4-2.27.121, drbd-kmp-8.4.4-0.22.87, iscsitarget-1.4.20-0.38.106, kernel-rt-3.0.101.rt130-0.32.1, kernel-rt_trace-3.0.101.rt130-0.32.1, kernel-source-rt-3.0.101.rt130-0.32.1, kernel-syms-rt-3.0.101.rt130-0.32.1, lttng-modules-2.1.1-0.11.96, ocfs2-1.6-0.20.121, ofed-1.5.4.1-0.13.112
SUSE-SU-2015:0481-1: An update that solves 34 vulnerabilities and has 13 fixes is now available. Category: security (important) Bug References: 771619,779488,833588,835839,847652,857643,864049,865442,867531,867723,870161,875051,876633,880892,883096,883948,887082,892490,892782,895680,896382,896390,896391,896392,897995,898693,899192,901885,902232,902346,902349,902351,902675,903640,904013,904700,905100,905312,905799,906586,907189,907338,907396,909078,912654,912705,915335 CVE References: CVE-2012-4398,CVE-2013-2893,CVE-2013-2897,CVE-2013-2899,CVE-2013-2929,CVE-2013-7263,CVE-2014-0131,CVE-2014-0181,CVE-2014-2309,CVE-2014-3181,CVE-2014-3184,CVE-2014-3185,CVE-2014-3186,CVE-2014-3601,CVE-2014-3610,CVE-2014-3646,CVE-2014-3647,CVE-2014-3673,CVE-2014-3687,CVE-2014-3688,CVE-2014-3690,CVE-2014-4608,CVE-2014-4943,CVE-2014-5471,CVE-2014-5472,CVE-2014-7826,CVE-2014-7841,CVE-2014-7842,CVE-2014-8134,CVE-2014-8369,CVE-2014-8559,CVE-2014-8709,CVE-2014-9584,CVE-2014-9585 Sources used: SUSE Linux Enterprise Server 11 SP2 LTSS (src): kernel-default-3.0.101-0.7.29.1, kernel-ec2-3.0.101-0.7.29.1, kernel-pae-3.0.101-0.7.29.1, kernel-source-3.0.101-0.7.29.1, kernel-syms-3.0.101-0.7.29.1, kernel-trace-3.0.101-0.7.29.1, kernel-xen-3.0.101-0.7.29.1, xen-4.1.6_08-0.5.19 SLE 11 SERVER Unsupported Extras (src): ext4-writeable-0-0.14.142, kernel-default-3.0.101-0.7.29.1, kernel-pae-3.0.101-0.7.29.1, kernel-xen-3.0.101-0.7.29.1
SUSE-SU-2015:0652-1: An update that solves 17 vulnerabilities and has 10 fixes is now available. Category: security (important) Bug References: 771619,833820,846404,857643,875051,885077,891211,892235,896390,896391,896779,899338,902346,902349,902351,904700,905100,905312,907822,908870,911325,912654,912705,912916,913059,915335,915826 CVE References: CVE-2010-5313,CVE-2012-6657,CVE-2013-4299,CVE-2013-7263,CVE-2014-0181,CVE-2014-3184,CVE-2014-3185,CVE-2014-3673,CVE-2014-3687,CVE-2014-3688,CVE-2014-7841,CVE-2014-7842,CVE-2014-8160,CVE-2014-8709,CVE-2014-9420,CVE-2014-9584,CVE-2014-9585 Sources used: SUSE Linux Enterprise Server 11 SP1 LTSS (src): kernel-default-2.6.32.59-0.19.1, kernel-ec2-2.6.32.59-0.19.1, kernel-pae-2.6.32.59-0.19.1, kernel-source-2.6.32.59-0.19.1, kernel-syms-2.6.32.59-0.19.1, kernel-trace-2.6.32.59-0.19.1, kernel-xen-2.6.32.59-0.19.1, xen-4.0.3_21548_18-0.9.17 SLE 11 SERVER Unsupported Extras (src): kernel-default-2.6.32.59-0.19.1, kernel-pae-2.6.32.59-0.19.1, kernel-xen-2.6.32.59-0.19.1