Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[security-announce] SUSE-SU-2017:0437-1: important: Security update for the Linux Kernel

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

SUSE Security Update: Security update for the Linux Kernel

______________________________________________________________________________

 

Announcement ID: SUSE-SU-2017:0437-1

Rating: important

References: #1003813 #1005877 #1007615 #1008557 #1008645

#1008831 #1008833 #1008893 #1009875 #1010150

#1010175 #1010201 #1010467 #1010501 #1010507

#1010711 #1010713 #1010716 #1011685 #1011820

#1012183 #1012411 #1012422 #1012832 #1012851

#1012852 #1012917 #1013018 #1013038 #1013042

#1013070 #1013531 #1013542 #1014410 #1014454

#1014746 #1015561 #1015752 #1015760 #1015796

#1015803 #1015817 #1015828 #1015844 #1015848

#1015878 #1015932 #1016320 #1016505 #1016520

#1016668 #1016688 #1016824 #1016831 #1017686

#1017710 #1019079 #1019148 #1019165 #1019348

#1019783 #1020214 #1021258 #748806 #786036

#790588 #795297 #800999 #821612 #824171 #851603

#853052 #871728 #901809 #909350 #909491 #913387

#914939 #919382 #924708 #925065 #953233 #961589

#962846 #969340 #973691 #987333 #987576 #989152

#989680 #989896 #990245 #992991 #993739 #993832

#996541 #996557 #997401 #999101

Cross-References: CVE-2004-0230 CVE-2012-6704 CVE-2013-6368

CVE-2015-1350 CVE-2015-8962 CVE-2015-8964

CVE-2016-10088 CVE-2016-5696 CVE-2016-7910

CVE-2016-7911 CVE-2016-7916 CVE-2016-8399

CVE-2016-8632 CVE-2016-8633 CVE-2016-8646

CVE-2016-9555 CVE-2016-9685 CVE-2016-9756

CVE-2016-9793 CVE-2017-5551

Affected Products:

SUSE Linux Enterprise Software Development Kit 11-SP4

SUSE Linux Enterprise Server 11-SP4

SUSE Linux Enterprise Server 11-EXTRA

SUSE Linux Enterprise Debuginfo 11-SP4

______________________________________________________________________________

 

An update that solves 20 vulnerabilities and has 79 fixes

is now available.

 

Description:

 

 

 

The SUSE Linux Enterprise 11 SP4 kernel was updated to 3.0.101-94 to

receive various security and bugfixes.

 

 

The following security bugs were fixed:

 

- CVE-2017-5551: tmpfs: clear S_ISGID when setting posix ACLs

(bsc#1021258).

- CVE-2016-10088: The sg implementation in the Linux kernel did not

properly restrict write operations in situations where the KERNEL_DS

option is set, which allowed local users to read or write to arbitrary

kernel memory locations

or cause a denial of service (use-after-free) by leveraging access to a

/dev/sg device NOTE: this vulnerability existed because of an

incomplete fix for CVE-2016-9576 (bnc#1017710).

- CVE-2016-5696: TCP, when using a large Window Size, made it easier for

remote attackers to guess sequence numbers and cause a denial of service

(connection loss) to persistent TCP connections by repeatedly injecting

a TCP RST packet, especially in protocols that use long-lived

connections, such as BGP (bnc#989152).

- CVE-2015-1350: The VFS subsystem in the Linux kernel 3.x provided an

incomplete set of requirements for setattr

operations that underspecified removing extended privilege attributes,

which allowed local users to cause a denial

of service (capability stripping) via a failed invocation of a system

call, as demonstrated by using chown to remove a capability from the

ping or Wireshark dumpcap program (bnc#914939).

- CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the

Linux kernel did not validate the relationship between the minimum

fragment length and the maximum packet size, which allowed local users

to gain privileges or cause a denial of service (heap-based buffer

overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831).

- CVE-2016-8399: An elevation of privilege vulnerability in the kernel

networking subsystem could enable a local malicious application to

execute arbitrary code within the context of the kernel. This issue is

rated as Moderate because it first requires compromising a privileged

process and current compiler optimizations restrict access to the

vulnerable code. (bnc#1014746).

- CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the

Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf,

which allowed local users to cause a denial of service (memory

corruption and system crash)

or possibly have unspecified other impact by leveraging the

CAP_NET_ADMIN capability for a crafted setsockopt system call with the

(1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531).

- CVE-2012-6704: The sock_setsockopt function in net/core/sock.c in the

Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf,

which allowed local users to cause a denial of service (memory

corruption and system crash)

or possibly have unspecified other impact by leveraging the

CAP_NET_ADMIN capability for a crafted setsockopt system call with the

(1) SO_SNDBUF or (2) SO_RCVBUF option (bnc#1013542).

- CVE-2016-9756: arch/x86/kvm/emulate.c in the Linux kernel did not

properly initialize Code Segment (CS) in certain error cases, which

allowed local users to obtain sensitive information from kernel stack

memory via a crafted application (bnc#1013038).

- CVE-2016-9685: Multiple memory leaks in error paths in

fs/xfs/xfs_attr_list.c in the Linux kernel allowed local users to cause

a denial of service (memory consumption) via crafted XFS filesystem

operations (bnc#1012832).

- CVE-2015-8962: Double free vulnerability in the sg_common_write function

in drivers/scsi/sg.c in the Linux kernel allowed local users to gain

privileges or cause a denial of service (memory corruption and system

crash) by detaching a device during an SG_IO ioctl call (bnc#1010501).

- CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in

the Linux kernel lacked chunk-length checking for the first chunk, which

allowed remote attackers to cause a denial of service (out-of-bounds

slab access) or possibly have unspecified other impact via crafted SCTP

data (bnc#1011685).

- CVE-2016-7910: Use-after-free vulnerability in the disk_seqf_stop

function in block/genhd.c in the Linux kernel allowed local users to

gain privileges by leveraging the execution of a certain stop operation

even if the corresponding start operation had failed (bnc#1010716).

- CVE-2016-7911: Race condition in the get_task_ioprio function in

block/ioprio.c in the Linux kernel allowed local users to gain

privileges or cause a denial of service (use-after-free) via a crafted

ioprio_get system call (bnc#1010711).

- CVE-2013-6368: The KVM subsystem in the Linux kernel allowed local users

to gain privileges or cause a denial of service (system crash) via a

VAPIC synchronization operation involving a page-end address

(bnc#853052).

- CVE-2015-8964: The tty_set_termios_ldisc function in

drivers/tty/tty_ldisc.c in the Linux kernel allowed local users to

obtain sensitive information from kernel memory by reading a tty data

structure (bnc#1010507).

- CVE-2016-7916: Race condition in the environ_read function in

fs/proc/base.c in the Linux kernel allowed local users to obtain

sensitive information from kernel memory by reading a /proc/*/environ

file during a process-setup time interval in which environment-variable

copying is incomplete (bnc#1010467).

- CVE-2016-8646: The hash_accept function in crypto/algif_hash.c in the

Linux kernel allowed local users to cause a denial of service (OOPS) by

attempting to trigger use of in-kernel hash algorithms for a socket that

has received zero bytes of data (bnc#1010150).

- CVE-2016-8633: drivers/firewire/net.c in the Linux kernel, in certain

unusual hardware configurations, allowed remote attackers to execute

arbitrary code via crafted fragmented packets (bnc#1008833).

 

The following non-security bugs were fixed:

 

- 8250_pci: Fix potential use-after-free in error path (bsc#1013070).

- KABI fix (bsc#1014410).

- apparmor: fix IRQ stack overflow during free_profile (bsc#1009875).

- be2net: Do not leak iomapped memory on removal (bug#925065).

- block_dev: do not test bdev->bd_contains when it is not stable

(bsc#1008557).

- bna: Add synchronization for tx ring (bsc#993739).

- bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).

- crypto: add ghash-generic in the supported.conf(bsc#1016824)

- crypto: aesni - Add support for 192 & 256 bit keys to AESNI RFC4106

(bsc#913387).

- dm: do not call dm_sync_table() when creating new devices (bnc#901809).

- drm/mgag200: Added support for the new deviceID for G200eW3 (bnc#1019348)

- ext3: Avoid premature failure of ext3_has_free_blocks() (bsc#1016668).

- ext4: do not leave i_crtime.tv_sec uninitialized (bsc#1013018).

- ext4: fix reference counting bug on block allocation error (bsc#1013018).

- futex: Acknowledge a new waiter in counter before plist (bsc#851603).

- futex: Drop refcount if requeue_pi() acquired the rtmutex (bsc#851603).

- hpilo: Add support for iLO5 (bsc#999101).

- ibmveth: calculate gso_segs for large packets (bsc#1019165).

- ibmveth: set correct gso_size and gso_type (bsc#1019165).

- igb: Enable SR-IOV configuration via PCI sysfs interface (bsc#909491

FATE#317388).

- igb: Fix NULL assignment to incorrect variable in igb_reset_q_vector

(bsc#795297 FATE#313656).

- igb: Fix oops caused by missing queue pairing (bsc#909491 FATE#317388).

- igb: Fix oops on changing number of rings (bsc#909491 FATE#317388).

- igb: Remove unnecessary flag setting in igb_set_flag_queue_pairs()

(bsc#909491 FATE#317388).

- igb: Unpair the queues when changing the number of queues (bsc#909491

FATE#317388).

- kexec: add a kexec_crash_loaded() function (bsc#973691).

- kvm: APIC: avoid instruction emulation for EOI writes (bsc#989680).

- kvm: Distangle eventfd code from irqchip (bsc#989680).

- kvm: Iterate over only vcpus that are preempted (bsc#989680).

- kvm: Record the preemption status of vcpus using preempt notifiers

(bsc#989680).

- kvm: VMX: Pass vcpu to __vmx_complete_interrupts (bsc#989680).

- kvm: fold kvm_pit_timer into kvm_kpit_state (bsc#989680).

- kvm: make processes waiting on vcpu mutex killable (bsc#989680).

- kvm: nVMX: Add preemption timer support (bsc#989680).

- kvm: remove a wrong hack of delivery PIT intr to vcpu0 (bsc#989680).

- kvm: use symbolic constant for nr interrupts (bsc#989680).

- kvm: x86: Remove support for reporting coalesced APIC IRQs (bsc#989680).

- kvm: x86: Run PIT work in own kthread (bsc#989680).

- kvm: x86: limit difference between kvmclock updates (bsc#989680).

- libata: introduce ata_host->n_tags to avoid oops on SAS controllers

(bsc#871728).

- libata: remove n_tags to avoid kABI breakage (bsc#871728).

- libfc: Do not take rdata->rp_mutex when processing a -FC_EX_CLOSED ELS

response (bsc#962846).

- libfc: Fixup disc_mutex handling (bsc#962846).

- libfc: Issue PRLI after a PRLO has been received (bsc#962846).

- libfc: Revisit kref handling (bnc#990245).

- libfc: Update rport reference counting (bsc#953233).

- libfc: do not send ABTS when resetting exchanges (bsc#962846).

- libfc: fixup locking of ptp_setup() (bsc#962846).

- libfc: reset exchange manager during LOGO handling (bsc#962846).

- libfc: send LOGO for PLOGI failure (bsc#962846).

- locking/mutex: Explicitly mark task as running after wakeup

(bsc#1012411).

- memstick: mspro_block: add missing curly braces (bsc#1016688).

- mlx4: Fix error flow when sending mads under SRIOV (bsc#786036

FATE#314304).

- mlx4: Fix incorrect MC join state bit-masking on SR-IOV (bsc#786036

FATE#314304).

- mlx4: Fix memory leak if QP creation failed (bsc#786036 FATE#314304).

- mlx4: Fix potential deadlock when sending mad to wire (bsc#786036

FATE#314304).

- mlx4: Forbid using sysfs to change RoCE pkeys (bsc#786036 FATE#314304).

- mlx4: Use correct subnet-prefix in QP1 mads under SR-IOV (bsc#786036

FATE#314304).

- mlx4: add missing braces in verify_qp_parameters (bsc#786036

FATE#314304).

- mm/memory_hotplug.c: check for missing sections in

test_pages_in_a_zone() (bnc#961589).

- mm: fix crashes from mbind() merging vmas (bnc#1005877).

- mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] (bsc#1011820).

- mremap: enforce rmap src/dst vma ordering in case of vma_merge()

succeeding in copy_vma() (bsc#1008645).

- net/mlx4: Copy/set only sizeof struct mlx4_eqe bytes (bsc#786036

FATE#314304).

- net/mlx4_core: Allow resetting VF admin mac to zero (bsc#919382

FATE#317529).

- net/mlx4_core: Avoid returning success in case of an error flow

(bsc#786036 FATE#314304).

- net/mlx4_core: Do not BUG_ON during reset when PCI is offline

(bsc#924708).

- net/mlx4_core: Do not access comm channel if it has not yet been

initialized (bsc#924708).

- net/mlx4_core: Fix error message deprecation for ConnectX-2 cards

(bsc#919382 FATE#317529).

- net/mlx4_core: Fix the resource-type enum in res tracker to conform to

FW spec (bsc#786036 FATE#314304).

- net/mlx4_core: Implement pci_resume callback (bsc#924708).

- net/mlx4_core: Update the HCA core clock frequency after INIT_PORT

(bug#919382 FATE#317529).

- net/mlx4_en: Choose time-stamping shift value according to HW frequency

(bsc#919382 FATE#317529).

- net/mlx4_en: Fix HW timestamp init issue upon system startup (bsc#919382

FATE#317529).

- net/mlx4_en: Fix potential deadlock in port statistics flow (bsc#786036

FATE#314304).

- net/mlx4_en: Move filters cleanup to a proper location (bsc#786036

FATE#314304).

- net/mlx4_en: Remove dependency between timestamping capability and

service_task (bsc#919382 FATE#317529).

- net/mlx4_en: fix spurious timestamping callbacks (bsc#919382

FATE#317529).

- netfront: do not truncate grant references.

- nfsv4: Cap the transport reconnection timer at 1/2 lease period

(bsc#1014410).

- nfsv4: Cleanup the setting of the nfs4 lease period (bsc#1014410).

- nfsv4: Handle timeouts correctly when probing for lease validity

(bsc#1014410).

- nvme: Automatic namespace rescan (bsc#1017686).

- nvme: Metadata format support (bsc#1017686).

- ocfs2: fix BUG_ON() in ocfs2_ci_checkpointed() (bnc#1019783).

- posix-timers: Remove remaining uses of tasklist_lock (bnc#997401).

- posix-timers: Use sighand lock instead of tasklist_lock for task clock

sample (bnc#997401).

- posix-timers: Use sighand lock instead of tasklist_lock on timer

deletion (bnc#997401).

- powerpc/MSI: Fix race condition in tearing down MSI interrupts

(bsc#1010201).

- powerpc/mm/hash64: Fix subpage protection with 4K HPTE config

(bsc#1010201).

- powerpc/numa: Fix multiple bugs in memory_hotplug_max() (bsc#1010201).

- powerpc/pseries: Use H_CLEAR_HPT to clear MMU hash table during kexec

(bsc#1003813).

- powerpc: fix typo 'CONFIG_PPC_CPU' (bsc#1010201).

- powerpc: scan_features() updates incorrect bits for REAL_LE

(bsc#1010201).

- printk/sched: Introduce special printk_sched() for those awkward

(bsc#996541).

- ptrace: __ptrace_may_access() should not deny sub-threads (bsc#1012851).

- qlcnic: fix a loop exit condition better (bsc#909350 FATE#317546).

- qlcnic: use the correct ring in qlcnic_83xx_process_rcv_ring_diag()

(bnc#800999 FATE#313899).

- reiserfs: fix race in prealloc discard (bsc#987576).

- rpm/constraints.in: Bump ppc64 disk requirements to fix OBS builds again

- rpm/kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)

- rt2x00: fix rfkill regression on rt2500pci (bnc#748806).

- s390/zcrypt: kernel: Fix invalid domain response handling (bsc#1016320).

- scsi: Fix erratic device offline during EH (bsc#993832).

- scsi: lpfc: Set elsiocb contexts to NULL after freeing it (bsc#996557).

- scsi: lpfc: avoid double free of resource identifiers (bsc#989896).

- scsi_error: count medium access timeout only once per EH run

(bsc#993832).

- scsi_error: fixup crash in scsi_eh_reset (bsc#993832)

- serial: 8250_pci: Detach low-level driver during PCI error recovery

(bsc#1013070).

- sunrpc: Enforce an upper limit on the number of cached credentials

(bsc#1012917).

- sunrpc: Fix reconnection timeouts (bsc#1014410).

- sunrpc: Fix two issues with drop_caches and the sunrpc auth cache

(bsc#1012917).

- sunrpc: Limit the reconnect backoff timer to the max RPC message timeout

(bsc#1014410).

- tcp: fix inet6_csk_route_req() for link-local addresses (bsc#1010175).

- tcp: pass fl6 to inet6_csk_route_req() (bsc#1010175).

- tcp: plug dst leak in tcp_v6_conn_request() (bsc#1010175).

- tcp: use inet6_csk_route_req() in tcp_v6_send_synack() (bsc#1010175).

- tg3: Fix temperature reporting (bnc#790588 FATE#313912).

- usb: console: fix potential use after free (bsc#1015817).

- usb: console: fix uninitialised ldisc semaphore (bsc#1015817).

- usb: cp210x: Corrected USB request type definitions (bsc#1015932).

- usb: cp210x: relocate private data from USB interface to port

(bsc#1015932).

- usb: cp210x: work around cp2108 GET_LINE_CTL bug (bsc#1015932).

- usb: ftdi_sio: fix null deref at port probe (bsc#1015796).

- usb: ipaq.c: fix a timeout loop (bsc#1015848).

- usb: opticon: fix non-atomic allocation in write path (bsc#1015803).

- usb: option: fix runtime PM handling (bsc#1015752).

- usb: serial: cp210x: add 16-bit register access functions (bsc#1015932).

- usb: serial: cp210x: add 8-bit and 32-bit register access functions

(bsc#1015932).

- usb: serial: cp210x: add new access functions for large registers

(bsc#1015932).

- usb: serial: cp210x: fix hardware flow-control disable (bsc#1015932).

- usb: serial: fix potential use-after-free after failed probe

(bsc#1015828).

- usb: serial: io_edgeport: fix memory leaks in attach error path

(bsc#1016505).

- usb: serial: io_edgeport: fix memory leaks in probe error path

(bsc#1016505).

- usb: serial: keyspan: fix use-after-free in probe error path

(bsc#1016520).

- usb: sierra: fix AA deadlock in open error path (bsc#1015561).

- usb: sierra: fix remote wakeup (bsc#1015561).

- usb: sierra: fix urb and memory leak in resume error path (bsc#1015561).

- usb: sierra: fix urb and memory leak on disconnect (bsc#1015561).

- usb: sierra: fix use after free at suspend/resume (bsc#1015561).

- usb: usb_wwan: fix potential blocked I/O after resume (bsc#1015760).

- usb: usb_wwan: fix race between write and resume (bsc#1015760).

- usb: usb_wwan: fix urb leak at shutdown (bsc#1015760).

- usb: usb_wwan: fix urb leak in write error path (bsc#1015760).

- usb: usb_wwan: fix write and suspend race (bsc#1015760).

- usbhid: add ATEN CS962 to list of quirky devices (bsc#1007615).

- usblp: do not set TASK_INTERRUPTIBLE before lock (bsc#1015844).

- xenbus: do not invoke is_ready() for most device states (bsc#987333).

 

 

Patch Instructions:

 

To install this SUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

 

- SUSE Linux Enterprise Software Development Kit 11-SP4:

 

zypper in -t patch sdksp4-kernel-12977=1

 

- SUSE Linux Enterprise Server 11-SP4:

 

zypper in -t patch slessp4-kernel-12977=1

 

- SUSE Linux Enterprise Server 11-EXTRA:

 

zypper in -t patch slexsp3-kernel-12977=1

 

- SUSE Linux Enterprise Debuginfo 11-SP4:

 

zypper in -t patch dbgsp4-kernel-12977=1

 

To bring your system up-to-date, use "zypper patch".

 

 

Package List:

 

- SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch):

 

kernel-docs-3.0.101-94.2

 

- SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):

 

kernel-default-3.0.101-94.1

kernel-default-base-3.0.101-94.1

kernel-default-devel-3.0.101-94.1

kernel-source-3.0.101-94.1

kernel-syms-3.0.101-94.1

kernel-trace-3.0.101-94.1

kernel-trace-base-3.0.101-94.1

kernel-trace-devel-3.0.101-94.1

 

- SUSE Linux Enterprise Server 11-SP4 (i586 x86_64):

 

kernel-ec2-3.0.101-94.1

kernel-ec2-base-3.0.101-94.1

kernel-ec2-devel-3.0.101-94.1

kernel-xen-3.0.101-94.1

kernel-xen-base-3.0.101-94.1

kernel-xen-devel-3.0.101-94.1

 

- SUSE Linux Enterprise Server 11-SP4 (s390x):

 

kernel-default-man-3.0.101-94.1

 

- SUSE Linux Enterprise Server 11-SP4 (ppc64):

 

kernel-bigmem-3.0.101-94.1

kernel-bigmem-base-3.0.101-94.1

kernel-bigmem-devel-3.0.101-94.1

kernel-ppc64-3.0.101-94.1

kernel-ppc64-base-3.0.101-94.1

kernel-ppc64-devel-3.0.101-94.1

 

- SUSE Linux Enterprise Server 11-SP4 (i586):

 

kernel-pae-3.0.101-94.1

kernel-pae-base-3.0.101-94.1

kernel-pae-devel-3.0.101-94.1

 

- SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64):

 

kernel-default-extra-3.0.101-94.1

 

- SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64):

 

kernel-xen-extra-3.0.101-94.1

 

- SUSE Linux Enterprise Server 11-EXTRA (x86_64):

 

kernel-trace-extra-3.0.101-94.1

 

- SUSE Linux Enterprise Server 11-EXTRA (ppc64):

 

kernel-ppc64-extra-3.0.101-94.1

 

- SUSE Linux Enterprise Server 11-EXTRA (i586):

 

kernel-pae-extra-3.0.101-94.1

 

- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):

 

kernel-default-debuginfo-3.0.101-94.1

kernel-default-debugsource-3.0.101-94.1

kernel-trace-debuginfo-3.0.101-94.1

kernel-trace-debugsource-3.0.101-94.1

 

- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 s390x x86_64):

 

kernel-default-devel-debuginfo-3.0.101-94.1

kernel-trace-devel-debuginfo-3.0.101-94.1

 

- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64):

 

kernel-ec2-debuginfo-3.0.101-94.1

kernel-ec2-debugsource-3.0.101-94.1

kernel-xen-debuginfo-3.0.101-94.1

kernel-xen-debugsource-3.0.101-94.1

kernel-xen-devel-debuginfo-3.0.101-94.1

 

- SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64):

 

kernel-bigmem-debuginfo-3.0.101-94.1

kernel-bigmem-debugsource-3.0.101-94.1

kernel-ppc64-debuginfo-3.0.101-94.1

kernel-ppc64-debugsource-3.0.101-94.1

 

- SUSE Linux Enterprise Debuginfo 11-SP4 (i586):

 

kernel-pae-debuginfo-3.0.101-94.1

kernel-pae-debugsource-3.0.101-94.1

kernel-pae-devel-debuginfo-3.0.101-94.1

 

 

References:

 

https://www.suse.com/security/cve/CVE-2004-0230.html

https://www.suse.com/security/cve/CVE-2012-6704.html

https://www.suse.com/security/cve/CVE-2013-6368.html

https://www.suse.com/security/cve/CVE-2015-1350.html

https://www.suse.com/security/cve/CVE-2015-8962.html

https://www.suse.com/security/cve/CVE-2015-8964.html

https://www.suse.com/security/cve/CVE-2016-10088.html

https://www.suse.com/security/cve/CVE-2016-5696.html

https://www.suse.com/security/cve/CVE-2016-7910.html

https://www.suse.com/security/cve/CVE-2016-7911.html

https://www.suse.com/security/cve/CVE-2016-7916.html

https://www.suse.com/security/cve/CVE-2016-8399.html

https://www.suse.com/security/cve/CVE-2016-8632.html

https://www.suse.com/security/cve/CVE-2016-8633.html

https://www.suse.com/security/cve/CVE-2016-8646.html

https://www.suse.com/security/cve/CVE-2016-9555.html

https://www.suse.com/security/cve/CVE-2016-9685.html

https://www.suse.com/security/cve/CVE-2016-9756.html

https://www.suse.com/security/cve/CVE-2016-9793.html

https://www.suse.com/security/cve/CVE-2017-5551.html

https://bugzilla.suse.com/1003813

https://bugzilla.suse.com/1005877

https://bugzilla.suse.com/1007615

https://bugzilla.suse.com/1008557

https://bugzilla.suse.com/1008645

https://bugzilla.suse.com/1008831

https://bugzilla.suse.com/1008833

https://bugzilla.suse.com/1008893

https://bugzilla.suse.com/1009875

https://bugzilla.suse.com/1010150

https://bugzilla.suse.com/1010175

https://bugzilla.suse.com/1010201

https://bugzilla.suse.com/1010467

https://bugzilla.suse.com/1010501

https://bugzilla.suse.com/1010507

https://bugzilla.suse.com/1010711

https://bugzilla.suse.com/1010713

https://bugzilla.suse.com/1010716

https://bugzilla.suse.com/1011685

https://bugzilla.suse.com/1011820

https://bugzilla.suse.com/1012183

https://bugzilla.suse.com/1012411

https://bugzilla.suse.com/1012422

https://bugzilla.suse.com/1012832

https://bugzilla.suse.com/1012851

https://bugzilla.suse.com/1012852

https://bugzilla.suse.com/1012917

https://bugzilla.suse.com/1013018

https://bugzilla.suse.com/1013038

https://bugzilla.suse.com/1013042

https://bugzilla.suse.com/1013070

https://bugzilla.suse.com/1013531

https://bugzilla.suse.com/1013542

https://bugzilla.suse.com/1014410

https://bugzilla.suse.com/1014454

https://bugzilla.suse.com/1014746

https://bugzilla.suse.com/1015561

https://bugzilla.suse.com/1015752

https://bugzilla.suse.com/1015760

https://bugzilla.suse.com/1015796

https://bugzilla.suse.com/1015803

https://bugzilla.suse.com/1015817

https://bugzilla.suse.com/1015828

https://bugzilla.suse.com/1015844

https://bugzilla.suse.com/1015848

https://bugzilla.suse.com/1015878

https://bugzilla.suse.com/1015932

https://bugzilla.suse.com/1016320

https://bugzilla.suse.com/1016505

https://bugzilla.suse.com/1016520

https://bugzilla.suse.com/1016668

https://bugzilla.suse.com/1016688

https://bugzilla.suse.com/1016824

https://bugzilla.suse.com/1016831

https://bugzilla.suse.com/1017686

https://bugzilla.suse.com/1017710

https://bugzilla.suse.com/1019079

https://bugzilla.suse.com/1019148

https://bugzilla.suse.com/1019165

https://bugzilla.suse.com/1019348

https://bugzilla.suse.com/1019783

https://bugzilla.suse.com/1020214

https://bugzilla.suse.com/1021258

https://bugzilla.suse.com/748806

https://bugzilla.suse.com/786036

https://bugzilla.suse.com/790588

https://bugzilla.suse.com/795297

https://bugzilla.suse.com/800999

https://bugzilla.suse.com/821612

https://bugzilla.suse.com/824171

https://bugzilla.suse.com/851603

https://bugzilla.suse.com/853052

https://bugzilla.suse.com/871728

https://bugzilla.suse.com/901809

https://bugzilla.suse.com/909350

https://bugzilla.suse.com/909491

https://bugzilla.suse.com/913387

https://bugzilla.suse.com/914939

https://bugzilla.suse.com/919382

https://bugzilla.suse.com/924708

https://bugzilla.suse.com/925065

https://bugzilla.suse.com/953233

https://bugzilla.suse.com/961589

https://bugzilla.suse.com/962846

https://bugzilla.suse.com/969340

https://bugzilla.suse.com/973691

https://bugzilla.suse.com/987333

https://bugzilla.suse.com/987576

https://bugzilla.suse.com/989152

https://bugzilla.suse.com/989680

https://bugzilla.suse.com/989896

https://bugzilla.suse.com/990245

https://bugzilla.suse.com/992991

https://bugzilla.suse.com/993739

https://bugzilla.suse.com/993832

https://bugzilla.suse.com/996541

https://bugzilla.suse.com/996557

https://bugzilla.suse.com/997401

https://bugzilla.suse.com/999101

 

--

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org

For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

 

 

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×