Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2016.1971
SUSE Security Update: Security update for the Linux Kernel
16 August 2016
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Linux kernel
Publisher: SUSE
Operating System: SUSE
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Root Compromise -- Existing Account
Denial of Service -- Remote/Unauthenticated
Access Confidential Data -- Existing Account
Reduced Security -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2016-4486 CVE-2016-3156 CVE-2016-3140
CVE-2016-3139 CVE-2016-3138 CVE-2016-3137
CVE-2016-3134 CVE-2016-2847 CVE-2016-2782
CVE-2016-2549 CVE-2016-2548 CVE-2016-2547
CVE-2016-2546 CVE-2016-2545 CVE-2016-2544
CVE-2016-2543 CVE-2016-2384 CVE-2016-2188
CVE-2016-2186 CVE-2016-2185 CVE-2016-2184
CVE-2016-2143 CVE-2016-2069 CVE-2016-0723
CVE-2015-8816 CVE-2015-8812 CVE-2015-8785
CVE-2015-8767 CVE-2015-8575 CVE-2015-8569
CVE-2015-8543 CVE-2015-8539 CVE-2015-8215
CVE-2015-8104 CVE-2015-7990 CVE-2015-7872
CVE-2015-7799 CVE-2015-7566 CVE-2015-7550
CVE-2015-7515 CVE-2015-7509 CVE-2015-6937
CVE-2015-6252 CVE-2015-5307 CVE-2015-3339
CVE-2015-0272 CVE-2013-7446 CVE-2013-2015
Reference: ASB-2016.0074
ASB-2016.0004
ESB-2016.0137
ESB-2015.1137
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2016:2074-1
Rating: important
References: #816446 #861093 #928130 #935757 #939826 #942367
#945825 #946117 #946309 #948562 #949744 #949936
#951440 #952384 #953527 #954404 #955354 #955654
#956708 #956709 #958463 #958886 #958951 #959190
#959399 #961500 #961509 #961512 #963765 #963767
#964201 #966437 #966460 #966662 #966693 #967972
#967973 #967974 #967975 #968010 #968011 #968012
#968013 #968670 #970504 #970892 #970909 #970911
#970948 #970956 #970958 #970970 #971124 #971125
#971126 #971360 #972510 #973570 #975945 #977847
#978822
Cross-References: CVE-2013-2015 CVE-2013-7446 CVE-2015-0272
CVE-2015-3339 CVE-2015-5307 CVE-2015-6252
CVE-2015-6937 CVE-2015-7509 CVE-2015-7515
CVE-2015-7550 CVE-2015-7566 CVE-2015-7799
CVE-2015-7872 CVE-2015-7990 CVE-2015-8104
CVE-2015-8215 CVE-2015-8539 CVE-2015-8543
CVE-2015-8569 CVE-2015-8575 CVE-2015-8767
CVE-2015-8785 CVE-2015-8812 CVE-2015-8816
CVE-2016-0723 CVE-2016-2069 CVE-2016-2143
CVE-2016-2184 CVE-2016-2185 CVE-2016-2186
CVE-2016-2188 CVE-2016-2384 CVE-2016-2543
CVE-2016-2544 CVE-2016-2545 CVE-2016-2546
CVE-2016-2547 CVE-2016-2548 CVE-2016-2549
CVE-2016-2782 CVE-2016-2847 CVE-2016-3134
CVE-2016-3137 CVE-2016-3138 CVE-2016-3139
CVE-2016-3140 CVE-2016-3156 CVE-2016-4486
Affected Products:
SUSE Linux Enterprise Server 11-SP2-LTSS
SUSE Linux Enterprise Debuginfo 11-SP2
______________________________________________________________________________
An update that solves 48 vulnerabilities and has 13 fixes
is now available.
Description:
The SUSE Linux Enterprise 11 SP2 kernel was updated to receive various
security and bug fixes.
The following security bugs were fixed:
- CVE-2016-4486: Fixed 4 byte information leak in net/core/rtnetlink.c
(bsc#978822).
- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not
validate certain offset fields, which allowed local users to gain
privileges or cause a denial of service (heap memory corruption) via an
IPT_SO_SET_REPLACE setsockopt call (bnc#971126).
- CVE-2016-2847: fs/pipe.c in the Linux kernel did not limit the amount of
unread data in pipes, which allowed local users to cause a denial of
service (memory consumption) by creating many pipes with non-default
sizes (bnc#970948).
- CVE-2016-2188: The iowarrior_probe function in
drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970956).
- CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c in
the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) via a USB
device without both a control and a data endpoint descriptor
(bnc#970911).
- CVE-2016-3137: drivers/usb/serial/cypress_m8.c in the Linux kernel
allowed physically proximate attackers to cause a denial of service
(NULL pointer dereference and system crash) via a USB device without
both an interrupt-in and an interrupt-out endpoint descriptor, related
to the cypress_generic_port_probe and cypress_open functions
(bnc#970970).
- CVE-2016-3140: The digi_port_init function in
drivers/usb/serial/digi_acceleport.c in the Linux kernel allowed
physically proximate attackers to cause a denial of service (NULL
pointer dereference and system crash) via a crafted endpoints value in a
USB device descriptor (bnc#970892).
- CVE-2016-2186: The powermate_probe function in
drivers/input/misc/powermate.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970958).
- CVE-2016-2185: The ati_remote2_probe function in
drivers/input/misc/ati_remote2.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#971124).
- CVE-2016-3156: The IPv4 implementation in the Linux kernel mishandles
destruction of device objects, which allowed guest OS users to cause a
denial of service (host OS networking outage) by arranging for a large
number of IP addresses (bnc#971360).
- CVE-2016-2184: The create_fixed_stream_quirk function in
sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel
allowed physically proximate attackers to cause a denial of service
(NULL pointer dereference or double free, and system crash) via a
crafted endpoints value in a USB device descriptor (bnc#971125).
- CVE-2016-3139: The wacom_probe function in
drivers/input/tablet/wacom_sys.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted endpoints value in a USB
device descriptor (bnc#970909).
- CVE-2016-2143: The fork implementation in the Linux kernel on s390
platforms mishandled the case of four page-table levels, which allowed
local users to cause a denial of service (system crash) or possibly have
unspecified other impact via a crafted application, related to
arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h
(bnc#970504).
- CVE-2016-2782: The treo_attach function in drivers/usb/serial/visor.c in
the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) or
possibly have unspecified other impact by inserting a USB device that
lacks a (1) bulk-in or (2) interrupt-in endpoint (bnc#968670).
- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in
the Linux kernel did not properly maintain a hub-interface data
structure, which allowed physically proximate attackers to cause a
denial of service (invalid memory access and system crash) or possibly
have unspecified other impact by unplugging a USB hub device
(bnc#968010).
- CVE-2015-7566: The clie_5_attach function in drivers/usb/serial/visor.c
in the Linux kernel allowed physically proximate attackers to cause a
denial of service (NULL pointer dereference and system crash) or
possibly have unspecified other impact by inserting a USB device that
lacks a bulk-out endpoint (bnc#961512).
- CVE-2016-2549: sound/core/hrtimer.c in the Linux kernel did not prevent
recursive callback access, which allowed local users to cause a denial
of service (deadlock) via a crafted ioctl call (bnc#968013).
- CVE-2016-2547: sound/core/timer.c in the Linux kernel employed a locking
approach that did not consider slave timer instances, which allowed
local users to cause a denial of service (race condition,
use-after-free, and system crash) via a crafted ioctl call (bnc#968011).
- CVE-2016-2548: sound/core/timer.c in the Linux kernel retained certain
linked lists after a close or stop action, which allowed local users to
cause a denial of service (system crash) via a crafted ioctl call,
related to the (1) snd_timer_close and (2) _snd_timer_stop functions
(bnc#968012).
- CVE-2016-2546: sound/core/timer.c in the Linux kernel used an incorrect
type of mutex, which allowed local users to cause a denial of service
(race condition, use-after-free, and system crash) via a crafted ioctl
call (bnc#967975).
- CVE-2016-2545: The snd_timer_interrupt function in sound/core/timer.c in
the Linux kernel did not properly maintain a certain linked list, which
allowed local users to cause a denial of service (race condition and
system crash) via a crafted ioctl call (bnc#967974).
- CVE-2016-2544: Race condition in the queue_delete function in
sound/core/seq/seq_queue.c in the Linux kernel allowed local users to
cause a denial of service (use-after-free and system crash) by making an
ioctl call at a certain time (bnc#967973).
- CVE-2016-2543: The snd_seq_ioctl_remove_events function in
sound/core/seq/seq_clientmgr.c in the Linux kernel did not verify FIFO
assignment before proceeding with FIFO clearing, which allowed local
users to cause a denial of service (NULL pointer dereference and OOPS)
via a crafted ioctl call (bnc#967972).
- CVE-2016-2384: Double free vulnerability in the snd_usbmidi_create
function in sound/usb/midi.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (panic) or possibly
have unspecified other impact via vectors involving an invalid USB
descriptor (bnc#966693).
- CVE-2015-8812: drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel
did not properly identify error conditions, which allowed remote
attackers to execute arbitrary code or cause a denial of service
(use-after-free) via crafted packets (bnc#966437).
- CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c in
the Linux kernel allowed local users to cause a denial of service
(infinite loop) via a writev system call that triggers a zero length for
the first segment of an iov (bnc#963765).
- CVE-2016-2069: Race condition in arch/x86/mm/tlb.c in the Linux kernel
.4.1 allowed local users to gain privileges by triggering access to a
paging structure by a different CPU (bnc#963767).
- CVE-2016-0723: Race condition in the tty_ioctl function in
drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain
sensitive information from kernel memory or cause a denial of service
(use-after-free and system crash) by making a TIOCGETD ioctl call during
processing of a TIOCSETD ioctl call (bnc#961500).
- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the
Linux kernel allowed local users to bypass intended AF_UNIX socket
permissions or cause a denial of service (panic) via crafted epoll_ctl
calls (bnc#955654).
- CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux kernel did not
properly manage the relationship between a lock and a socket, which
allowed local users to cause a denial of service (deadlock) via a
crafted sctp_accept call (bnc#961509).
- CVE-2015-7515: The aiptek_probe function in
drivers/input/tablet/aiptek.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (NULL pointer
dereference and system crash) via a crafted USB device that lacks
endpoints (bnc#956708).
- CVE-2015-8215: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel
did not validate attempted changes to the MTU value, which allowed
context-dependent attackers to cause a denial of service (packet loss)
via a value that is (1) smaller than the minimum compliant value or (2)
larger than the MTU of an interface, as demonstrated by a Router
Advertisement (RA) message that is not validated by a daemon, a
different vulnerability than CVE-2015-0272 (bnc#955354).
- CVE-2015-7550: The keyctl_read_key function in security/keys/keyctl.c in
the Linux kernel did not properly use a semaphore, which allowed local
users to cause a denial of service (NULL pointer dereference and system
crash) or possibly have unspecified other impact via a crafted
application that leverages a race condition between keyctl_revoke and
keyctl_read calls (bnc#958951).
- CVE-2015-8569: The (1) pptp_bind and (2) pptp_connect functions in
drivers/net/ppp/pptp.c in the Linux kernel did not verify an address
length, which allowed local users to obtain sensitive information from
kernel memory and bypass the KASLR protection mechanism via a crafted
application (bnc#959190).
- CVE-2015-8575: The sco_sock_bind function in net/bluetooth/sco.c in the
Linux kernel did not verify an address length, which allowed local users
to obtain sensitive information from kernel memory and bypass the KASLR
protection mechanism via a crafted application (bnc#959399).
- CVE-2015-8543: The networking implementation in the Linux kernel did not
validate protocol identifiers for certain protocol families, which
allowed local users to cause a denial of service (NULL function pointer
dereference and system crash) or possibly gain privileges by leveraging
CLONE_NEWUSER support to execute a crafted SOCK_RAW application
(bnc#958886).
- CVE-2015-8539: The KEYS subsystem in the Linux kernel allowed local
users to gain privileges or cause a denial of service (BUG) via crafted
keyctl commands that negatively instantiate a key, related to
security/keys/encrypted-keys/encrypted.c, security/keys/trusted.c, and
security/keys/user_defined.c (bnc#958463).
- CVE-2015-7509: fs/ext4/namei.c in the Linux kernel allowed physically
proximate attackers to cause a denial of service (system crash) via a
crafted no-journal filesystem, a related issue to CVE-2013-2015
(bnc#956709).
- CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the
Linux kernel did not ensure that certain slot numbers are valid, which
allowed local users to cause a denial of service (NULL pointer
dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call
(bnc#949936).
- CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS
users to cause a denial of service (host OS panic or hang) by triggering
many #DB (aka Debug) exceptions, related to svm.c (bnc#954404).
- CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS
users to cause a denial of service (host OS panic or hang) by triggering
many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c
(bnc#953527).
- CVE-2015-7990: Race condition in the rds_sendmsg function in
net/rds/sendmsg.c in the Linux kernel allowed local users to cause a
denial of service (NULL pointer dereference and system crash) or
possibly have unspecified other impact by using a socket that was not
properly bound (bnc#952384).
- CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in
the Linux kernel allowed local users to cause a denial of service (OOPS)
via crafted keyctl commands (bnc#951440).
- CVE-2015-6937: The __rds_conn_create function in net/rds/connection.c in
the Linux kernel allowed local users to cause a denial of service (NULL
pointer dereference and system crash) or possibly have unspecified other
impact by using a socket that was not properly bound (bnc#945825).
- CVE-2015-6252: The vhost_dev_ioctl function in drivers/vhost/vhost.c in
the Linux kernel allowed local users to cause a denial of service
(memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers
permanent file-descriptor allocation (bnc#942367).
- CVE-2015-3339: Race condition in the prepare_binprm function in
fs/exec.c in the Linux kernel allowed local users to gain privileges by
executing a setuid program at a time instant when a chown to root is in
progress, and the ownership is changed but the setuid bit is not yet
stripped (bnc#928130).
The following non-security bugs were fixed:
- Fix handling of re-write-before-commit for mmapped NFS pages
(bsc#964201).
- Fix lpfc_send_rscn_event allocation size claims bnc#935757
- Fix ntpd clock synchronization in Xen PV domains (bnc#816446).
- Fix vmalloc_fault oops during lazy MMU updates (bsc#948562).
- Make sure XPRT_CONNECTING gets cleared when needed (bsc#946309).
- SCSI: bfa: Fix to handle firmware tskim abort request response
(bsc#972510).
- USB: usbip: fix potential out-of-bounds write (bnc#975945).
- af_unix: Guard against other == sk in unix_dgram_sendmsg (bsc#973570).
- dm-snap: avoid deadock on s->lock when a read is split (bsc#939826).
- mm/hugetlb: check for pte NULL pointer in __page_check_address()
(bsc#977847).
- nf_conntrack: fix bsc#758540 kabi fix (bsc#946117).
- privcmd: allow preempting long running user-mode originating hypercalls
(bnc#861093).
- s390/cio: collect format 1 channel-path description data (bsc#966460,
bsc#966662).
- s390/cio: ensure consistent measurement state (bsc#966460, bsc#966662).
- s390/cio: fix measurement characteristics memleak (bsc#966460,
bsc#966662).
- s390/cio: update measurement characteristics (bsc#966460, bsc#966662).
- xfs: Fix lost direct IO write in the last block (bsc#949744).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11-SP2-LTSS:
zypper in -t patch slessp2-kernel-source-12693=1
- SUSE Linux Enterprise Debuginfo 11-SP2:
zypper in -t patch dbgsp2-kernel-source-12693=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11-SP2-LTSS (i586 s390x x86_64):
kernel-default-3.0.101-0.7.40.1
kernel-default-base-3.0.101-0.7.40.1
kernel-default-devel-3.0.101-0.7.40.1
kernel-source-3.0.101-0.7.40.1
kernel-syms-3.0.101-0.7.40.1
kernel-trace-3.0.101-0.7.40.1
kernel-trace-base-3.0.101-0.7.40.1
kernel-trace-devel-3.0.101-0.7.40.1
- SUSE Linux Enterprise Server 11-SP2-LTSS (i586 x86_64):
kernel-ec2-3.0.101-0.7.40.1
kernel-ec2-base-3.0.101-0.7.40.1
kernel-ec2-devel-3.0.101-0.7.40.1
kernel-xen-3.0.101-0.7.40.1
kernel-xen-base-3.0.101-0.7.40.1
kernel-xen-devel-3.0.101-0.7.40.1
- SUSE Linux Enterprise Server 11-SP2-LTSS (s390x):
kernel-default-man-3.0.101-0.7.40.1
- SUSE Linux Enterprise Server 11-SP2-LTSS (i586):
kernel-pae-3.0.101-0.7.40.1
kernel-pae-base-3.0.101-0.7.40.1
kernel-pae-devel-3.0.101-0.7.40.1
- SUSE Linux Enterprise Debuginfo 11-SP2 (i586 s390x x86_64):
kernel-default-debuginfo-3.0.101-0.7.40.1
kernel-default-debugsource-3.0.101-0.7.40.1
kernel-default-devel-debuginfo-3.0.101-0.7.40.1
kernel-trace-debuginfo-3.0.101-0.7.40.1
kernel-trace-debugsource-3.0.101-0.7.40.1
kernel-trace-devel-debuginfo-3.0.101-0.7.40.1
- SUSE Linux Enterprise Debuginfo 11-SP2 (i586 x86_64):
kernel-ec2-debuginfo-3.0.101-0.7.40.1
kernel-ec2-debugsource-3.0.101-0.7.40.1
kernel-xen-debuginfo-3.0.101-0.7.40.1
kernel-xen-debugsource-3.0.101-0.7.40.1
kernel-xen-devel-debuginfo-3.0.101-0.7.40.1
- SUSE Linux Enterprise Debuginfo 11-SP2 (i586):
kernel-pae-debuginfo-3.0.101-0.7.40.1
kernel-pae-debugsource-3.0.101-0.7.40.1
kernel-pae-devel-debuginfo-3.0.101-0.7.40.1
References:
https://www.suse.com/security/cve/CVE-2013-2015.html
https://www.suse.com/security/cve/CVE-2013-7446.html
https://www.suse.com/security/cve/CVE-2015-0272.html
https://www.suse.com/security/cve/CVE-2015-3339.html
https://www.suse.com/security/cve/CVE-2015-5307.html
https://www.suse.com/security/cve/CVE-2015-6252.html
https://www.suse.com/security/cve/CVE-2015-6937.html
https://www.suse.com/security/cve/CVE-2015-7509.html
https://www.suse.com/security/cve/CVE-2015-7515.html
https://www.suse.com/security/cve/CVE-2015-7550.html
https://www.suse.com/security/cve/CVE-2015-7566.html
https://www.suse.com/security/cve/CVE-2015-7799.html
https://www.suse.com/security/cve/CVE-2015-7872.html
https://www.suse.com/security/cve/CVE-2015-7990.html
https://www.suse.com/security/cve/CVE-2015-8104.html
https://www.suse.com/security/cve/CVE-2015-8215.html
https://www.suse.com/security/cve/CVE-2015-8539.html
https://www.suse.com/security/cve/CVE-2015-8543.html
https://www.suse.com/security/cve/CVE-2015-8569.html
https://www.suse.com/security/cve/CVE-2015-8575.html
https://www.suse.com/security/cve/CVE-2015-8767.html
https://www.suse.com/security/cve/CVE-2015-8785.html
https://www.suse.com/security/cve/CVE-2015-8812.html
https://www.suse.com/security/cve/CVE-2015-8816.html
https://www.suse.com/security/cve/CVE-2016-0723.html
https://www.suse.com/security/cve/CVE-2016-2069.html
https://www.suse.com/security/cve/CVE-2016-2143.html
https://www.suse.com/security/cve/CVE-2016-2184.html
https://www.suse.com/security/cve/CVE-2016-2185.html
https://www.suse.com/security/cve/CVE-2016-2186.html
https://www.suse.com/security/cve/CVE-2016-2188.html
https://www.suse.com/security/cve/CVE-2016-2384.html
https://www.suse.com/security/cve/CVE-2016-2543.html
https://www.suse.com/security/cve/CVE-2016-2544.html
https://www.suse.com/security/cve/CVE-2016-2545.html
https://www.suse.com/security/cve/CVE-2016-2546.html
https://www.suse.com/security/cve/CVE-2016-2547.html
https://www.suse.com/security/cve/CVE-2016-2548.html
https://www.suse.com/security/cve/CVE-2016-2549.html
https://www.suse.com/security/cve/CVE-2016-2782.html
https://www.suse.com/security/cve/CVE-2016-2847.html
https://www.suse.com/security/cve/CVE-2016-3134.html
https://www.suse.com/security/cve/CVE-2016-3137.html
https://www.suse.com/security/cve/CVE-2016-3138.html
https://www.suse.com/security/cve/CVE-2016-3139.html
https://www.suse.com/security/cve/CVE-2016-3140.html
https://www.suse.com/security/cve/CVE-2016-3156.html
https://www.suse.com/security/cve/CVE-2016-4486.html
https://bugzilla.suse.com/816446
https://bugzilla.suse.com/861093
https://bugzilla.suse.com/928130
https://bugzilla.suse.com/935757
https://bugzilla.suse.com/939826
https://bugzilla.suse.com/942367
https://bugzilla.suse.com/945825
https://bugzilla.suse.com/946117
https://bugzilla.suse.com/946309
https://bugzilla.suse.com/948562
https://bugzilla.suse.com/949744
https://bugzilla.suse.com/949936
https://bugzilla.suse.com/951440
https://bugzilla.suse.com/952384
https://bugzilla.suse.com/953527
https://bugzilla.suse.com/954404
https://bugzilla.suse.com/955354
https://bugzilla.suse.com/955654
https://bugzilla.suse.com/956708
https://bugzilla.suse.com/956709
https://bugzilla.suse.com/958463
https://bugzilla.suse.com/958886
https://bugzilla.suse.com/958951
https://bugzilla.suse.com/959190
https://bugzilla.suse.com/959399
https://bugzilla.suse.com/961500
https://bugzilla.suse.com/961509
https://bugzilla.suse.com/961512
https://bugzilla.suse.com/963765
https://bugzilla.suse.com/963767
https://bugzilla.suse.com/964201
https://bugzilla.suse.com/966437
https://bugzilla.suse.com/966460
https://bugzilla.suse.com/966662
https://bugzilla.suse.com/966693
https://bugzilla.suse.com/967972
https://bugzilla.suse.com/967973
https://bugzilla.suse.com/967974
https://bugzilla.suse.com/967975
https://bugzilla.suse.com/968010
https://bugzilla.suse.com/968011
https://bugzilla.suse.com/968012
https://bugzilla.suse.com/968013
https://bugzilla.suse.com/968670
https://bugzilla.suse.com/970504
https://bugzilla.suse.com/970892
https://bugzilla.suse.com/970909
https://bugzilla.suse.com/970911
https://bugzilla.suse.com/970948
https://bugzilla.suse.com/970956
https://bugzilla.suse.com/970958
https://bugzilla.suse.com/970970
https://bugzilla.suse.com/971124
https://bugzilla.suse.com/971125
https://bugzilla.suse.com/971126
https://bugzilla.suse.com/971360
https://bugzilla.suse.com/972510
https://bugzilla.suse.com/973570
https://bugzilla.suse.com/975945
https://bugzilla.suse.com/977847
https://bugzilla.suse.com/978822
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBV7J0Sox+lLeg9Ub1AQiiFRAAlsAfo74HSsVZCHgNiPcUUPx3KMFVJyOf
Vak7zLOLU/77fjmBBA2gLYe9QRMNSz0hJy+FApNCIb8qZmfF120YHP93+k36Zdf5
7hT54gs69k8lecwbFCNg6+0R5J3ysbNF5goGBWukLmAUCIdskF5vuhidZJrFb81+
OFofogKibxHGwpl+icfZR8C7rXQ0fWfU86dtwAWBkQxnEulfljQBgz/lITGVlhYS
VSB5z2QIPDbFiOxxGh2RDmbPWKIFmoghtWDFeECjzsKvt3meYmuf0LQfl6fmDvzR
88jhEPsT7d8MGn94pP72gxdvo83dYrCvAkF5mzVimOtJOYmWKgIwEHFx4vkZb1pV
FnJdZGiSrkdFI3GT6nEHHuSpCnq1F3ri2e7xT4FPUE46eQpXlqJGkKexQznnXMsK
2YQDH3eRUew00aG7OBRQVUkVue1G44sGlcNR7i1F4uVIsu30dWQjmyk2oAHfQYv2
8js71el5LlqXHO5NQe2JBXx/UDPfawskcoMJJ3DS+Rgpn4GFhZ/KMFJ7uYUZU972
hnTZAPy7cG/yn/MYBX15MWCsEOjxKDmpDCkdLq41z7+/6zcTDicINPqDnIJPs8Km
Sg66JSpd14PSmVdSCjwiHHXA1swKlzF+DXB4awNdGqj6jKn+56DhmnoMk/LQ7wTI
VpAoBOg63dQ=
=5i8V
-----END PGP SIGNATURE-----