Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2017.2550
SUSE Security Update: Security update for SLES 12 Docker image
11 October 2017
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: SLES
Publisher: SUSE
Operating System: SUSE
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Root Compromise -- Existing Account
Increased Privileges -- Remote/Unauthenticated
Access Privileged Data -- Remote/Unauthenticated
Modify Arbitrary Files -- Remote/Unauthenticated
Denial of Service -- Remote/Unauthenticated
Provide Misleading Information -- Remote/Unauthenticated
Access Confidential Data -- Remote/Unauthenticated
Reduced Security -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2017-1000366 CVE-2017-1000101 CVE-2017-1000100
CVE-2017-11113 CVE-2017-11112 CVE-2017-10685
CVE-2017-10684 CVE-2017-9233 CVE-2017-9050
CVE-2017-9049 CVE-2017-9048 CVE-2017-9047
CVE-2017-7526 CVE-2017-7407 CVE-2017-6507
CVE-2017-2616 CVE-2016-9843 CVE-2016-9842
CVE-2016-9841 CVE-2016-9840 CVE-2016-9597
CVE-2016-9586 CVE-2016-9318 CVE-2016-9063
CVE-2016-8624 CVE-2016-8623 CVE-2016-8622
CVE-2016-8621 CVE-2016-8620 CVE-2016-8619
CVE-2016-8618 CVE-2016-8617 CVE-2016-8616
CVE-2016-8615 CVE-2016-7796 CVE-2016-7543
CVE-2016-7167 CVE-2016-7141 CVE-2016-6318
CVE-2016-6313 CVE-2016-6306 CVE-2016-6304
CVE-2016-6303 CVE-2016-6302 CVE-2016-6263
CVE-2016-6262 CVE-2016-6261 CVE-2016-6185
CVE-2016-5421 CVE-2016-5420 CVE-2016-5419
CVE-2016-5300 CVE-2016-5011 CVE-2016-4658
CVE-2016-4579 CVE-2016-4574 CVE-2016-4483
CVE-2016-4449 CVE-2016-4448 CVE-2016-4447
CVE-2016-4429 CVE-2016-4008 CVE-2016-3706
CVE-2016-3705 CVE-2016-3627 CVE-2016-3191
CVE-2016-3075 CVE-2016-2381 CVE-2016-2183
CVE-2016-2182 CVE-2016-2181 CVE-2016-2180
CVE-2016-2179 CVE-2016-2178 CVE-2016-2177
CVE-2016-2109 CVE-2016-2108 CVE-2016-2107
CVE-2016-2106 CVE-2016-2105 CVE-2016-2073
CVE-2016-2037 CVE-2016-1840 CVE-2016-1839
CVE-2016-1838 CVE-2016-1837 CVE-2016-1835
CVE-2016-1834 CVE-2016-1833 CVE-2016-1762
CVE-2016-1283 CVE-2016-1238 CVE-2016-1234
CVE-2016-0787 CVE-2016-0718 CVE-2016-0634
CVE-2015-8948 CVE-2015-8853 CVE-2015-8842
CVE-2015-8806 CVE-2015-8395 CVE-2015-8394
CVE-2015-8393 CVE-2015-8392 CVE-2015-8391
CVE-2015-8390 CVE-2015-8389 CVE-2015-8388
CVE-2015-8387 CVE-2015-8386 CVE-2015-8385
CVE-2015-8384 CVE-2015-8383 CVE-2015-8382
CVE-2015-8381 CVE-2015-8380 CVE-2015-7511
CVE-2015-5276 CVE-2015-5218 CVE-2015-5073
CVE-2015-3622 CVE-2015-3238 CVE-2015-3217
CVE-2015-3210 CVE-2015-2328 CVE-2015-2327
CVE-2015-2325 CVE-2015-2059 CVE-2015-1283
CVE-2015-0245 CVE-2014-9770 CVE-2014-8964
CVE-2014-7824 CVE-2014-7187 CVE-2014-7169
CVE-2014-6278 CVE-2014-6277 CVE-2014-6271
CVE-2014-0191 CVE-2012-6702
Reference: ASB-2017.0115
ASB-2017.0107
ESB-2017.2542
ESB-2017.2531
Comment: This bulletin contains three (3) SUSE security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for SLES 12 Docker image
______________________________________________________________________________
Announcement ID: SUSE-SU-2017:2699-1
Rating: important
References: #1056193 #975726
Cross-References: CVE-2012-6702 CVE-2014-0191 CVE-2014-6271
CVE-2014-6277 CVE-2014-6278 CVE-2014-7169
CVE-2014-7187 CVE-2014-7824 CVE-2014-8964
CVE-2014-9770 CVE-2015-0245 CVE-2015-1283
CVE-2015-2059 CVE-2015-2325 CVE-2015-2327
CVE-2015-2328 CVE-2015-3210 CVE-2015-3217
CVE-2015-3238 CVE-2015-3622 CVE-2015-5073
CVE-2015-5218 CVE-2015-5276 CVE-2015-7511
CVE-2015-8380 CVE-2015-8381 CVE-2015-8382
CVE-2015-8383 CVE-2015-8384 CVE-2015-8385
CVE-2015-8386 CVE-2015-8387 CVE-2015-8388
CVE-2015-8389 CVE-2015-8390 CVE-2015-8391
CVE-2015-8392 CVE-2015-8393 CVE-2015-8394
CVE-2015-8395 CVE-2015-8806 CVE-2015-8842
CVE-2015-8853 CVE-2015-8948 CVE-2016-0634
CVE-2016-0718 CVE-2016-0787 CVE-2016-1234
CVE-2016-1238 CVE-2016-1283 CVE-2016-1762
CVE-2016-1833 CVE-2016-1834 CVE-2016-1835
CVE-2016-1837 CVE-2016-1838 CVE-2016-1839
CVE-2016-1840 CVE-2016-2037 CVE-2016-2073
CVE-2016-2105 CVE-2016-2106 CVE-2016-2107
CVE-2016-2108 CVE-2016-2109 CVE-2016-2177
CVE-2016-2178 CVE-2016-2179 CVE-2016-2180
CVE-2016-2181 CVE-2016-2182 CVE-2016-2183
CVE-2016-2381 CVE-2016-3075 CVE-2016-3191
CVE-2016-3627 CVE-2016-3705 CVE-2016-3706
CVE-2016-4008 CVE-2016-4429 CVE-2016-4447
CVE-2016-4448 CVE-2016-4449 CVE-2016-4483
CVE-2016-4574 CVE-2016-4579 CVE-2016-4658
CVE-2016-5011 CVE-2016-5300 CVE-2016-5419
CVE-2016-5420 CVE-2016-5421 CVE-2016-6185
CVE-2016-6261 CVE-2016-6262 CVE-2016-6263
CVE-2016-6302 CVE-2016-6303 CVE-2016-6304
CVE-2016-6306 CVE-2016-6313 CVE-2016-6318
CVE-2016-7141 CVE-2016-7167 CVE-2016-7543
CVE-2016-7796 CVE-2016-8615 CVE-2016-8616
CVE-2016-8617 CVE-2016-8618 CVE-2016-8619
CVE-2016-8620 CVE-2016-8621 CVE-2016-8622
CVE-2016-8623 CVE-2016-8624 CVE-2016-9063
CVE-2016-9318 CVE-2016-9586 CVE-2016-9597
CVE-2016-9840 CVE-2016-9841 CVE-2016-9842
CVE-2016-9843 CVE-2017-1000100 CVE-2017-1000101
CVE-2017-1000366 CVE-2017-10684 CVE-2017-10685
CVE-2017-11112 CVE-2017-11113 CVE-2017-2616
CVE-2017-6507 CVE-2017-7407 CVE-2017-7526
CVE-2017-9047 CVE-2017-9048 CVE-2017-9049
CVE-2017-9050 CVE-2017-9233
Affected Products:
SUSE Linux Enterprise Module for Containers 12
______________________________________________________________________________
An update that fixes 140 vulnerabilities is now available.
Description:
The SUSE Linux Enterprise Server 12 container image has been updated to
include security and stability fixes.
The following issues related to building of the container images have been
fixed:
- Included krb5 package to avoid the inclusion of krb5-mini which gets
selected as a dependency by the Build Service solver. (bsc#1056193)
- Do not install recommended packages when building container images.
(bsc#975726)
A number of security issues that have been already fixed by updates
released for SUSE Linux Enterprise Server 12 are now included in the base
image. A package/CVE cross-reference is available below.
pam:
- CVE-2015-3238
libtasn1:
- CVE-2015-3622
- CVE-2016-4008
libidn:
- CVE-2015-2059
- CVE-2015-8948
- CVE-2016-6261
- CVE-2016-6262
- CVE-2016-6263
zlib:
- CVE-2016-9840
- CVE-2016-9841
- CVE-2016-9842
- CVE-2016-9843
curl:
- CVE-2016-5419
- CVE-2016-5420
- CVE-2016-5421
- CVE-2016-7141
- CVE-2016-7167
- CVE-2016-8615
- CVE-2016-8616
- CVE-2016-8617
- CVE-2016-8618
- CVE-2016-8619
- CVE-2016-8620
- CVE-2016-8621
- CVE-2016-8622
- CVE-2016-8623
- CVE-2016-8624
- CVE-2016-9586
- CVE-2017-1000100
- CVE-2017-1000101
- CVE-2017-7407
openssl:
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2177
- CVE-2016-2178
- CVE-2016-2179
- CVE-2016-2180
- CVE-2016-2181
- CVE-2016-2182
- CVE-2016-2183
- CVE-2016-6302
- CVE-2016-6303
- CVE-2016-6304
- CVE-2016-6306
libxml2:
- CVE-2014-0191
- CVE-2015-8806
- CVE-2016-1762
- CVE-2016-1833
- CVE-2016-1834
- CVE-2016-1835
- CVE-2016-1837
- CVE-2016-1838
- CVE-2016-1839
- CVE-2016-1840
- CVE-2016-2073
- CVE-2016-3627
- CVE-2016-3705
- CVE-2016-4447
- CVE-2016-4448
- CVE-2016-4449
- CVE-2016-4483
- CVE-2016-4658
- CVE-2016-9318
- CVE-2016-9597
- CVE-2017-9047
- CVE-2017-9048
- CVE-2017-9049
- CVE-2017-9050
util-linux:
- CVE-2015-5218
- CVE-2016-5011
- CVE-2017-2616
cracklib:
- CVE-2016-6318
systemd:
- CVE-2014-9770
- CVE-2015-8842
- CVE-2016-7796
pcre:
- CVE-2014-8964
- CVE-2015-2325
- CVE-2015-2327
- CVE-2015-2328
- CVE-2015-3210
- CVE-2015-3217
- CVE-2015-5073
- CVE-2015-8380
- CVE-2015-8381
- CVE-2015-8382
- CVE-2015-8383
- CVE-2015-8384
- CVE-2015-8385
- CVE-2015-8386
- CVE-2015-8387
- CVE-2015-8388
- CVE-2015-8389
- CVE-2015-8390
- CVE-2015-8391
- CVE-2015-8392
- CVE-2015-8393
- CVE-2015-8394
- CVE-2015-8395
- CVE-2016-1283
- CVE-2016-3191
appamor:
- CVE-2017-6507
bash:
- CVE-2014-6277
- CVE-2014-6278
- CVE-2016-0634
- CVE-2016-7543
cpio:
- CVE-2016-2037
glibc:
- CVE-2016-1234
- CVE-2016-3075
- CVE-2016-3706
- CVE-2016-4429
- CVE-2017-1000366
perl:
- CVE-2015-8853
- CVE-2016-1238
- CVE-2016-2381
- CVE-2016-6185
libssh2_org:
- CVE-2016-0787
expat:
- CVE-2012-6702
- CVE-2015-1283
- CVE-2016-0718
- CVE-2016-5300
- CVE-2016-9063
- CVE-2017-9233
ncurses:
- CVE-2017-10684
- CVE-2017-10685
- CVE-2017-11112
- CVE-2017-11113
libksba:
- CVE-2016-4574
- CVE-2016-4579
libgcrypt:
- CVE-2015-7511
- CVE-2016-6313
- CVE-2017-7526
dbus-1:
- CVE-2014-7824
- CVE-2015-0245
Finally, the following packages received non-security fixes:
- augeas
- bzip2
- ca-certificates-mozilla
- coreutils
- cryptsetup
- cyrus-sasl
- dirmngr
- e2fsprogs
- findutils
- gpg2
- insserv-compat
- kmod
- libcap
- libsolv
- libzypp
- openldap2
- p11-kit
- permissions
- procps
- rpm
- sed
- shadow
- zypper
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Module for Containers 12:
zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1672=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64):
sles12-docker-image-1.1.4-20171002
References:
https://www.suse.com/security/cve/CVE-2012-6702.html
https://www.suse.com/security/cve/CVE-2014-0191.html
https://www.suse.com/security/cve/CVE-2014-6271.html
https://www.suse.com/security/cve/CVE-2014-6277.html
https://www.suse.com/security/cve/CVE-2014-6278.html
https://www.suse.com/security/cve/CVE-2014-7169.html
https://www.suse.com/security/cve/CVE-2014-7187.html
https://www.suse.com/security/cve/CVE-2014-7824.html
https://www.suse.com/security/cve/CVE-2014-8964.html
https://www.suse.com/security/cve/CVE-2014-9770.html
https://www.suse.com/security/cve/CVE-2015-0245.html
https://www.suse.com/security/cve/CVE-2015-1283.html
https://www.suse.com/security/cve/CVE-2015-2059.html
https://www.suse.com/security/cve/CVE-2015-2325.html
https://www.suse.com/security/cve/CVE-2015-2327.html
https://www.suse.com/security/cve/CVE-2015-2328.html
https://www.suse.com/security/cve/CVE-2015-3210.html
https://www.suse.com/security/cve/CVE-2015-3217.html
https://www.suse.com/security/cve/CVE-2015-3238.html
https://www.suse.com/security/cve/CVE-2015-3622.html
https://www.suse.com/security/cve/CVE-2015-5073.html
https://www.suse.com/security/cve/CVE-2015-5218.html
https://www.suse.com/security/cve/CVE-2015-5276.html
https://www.suse.com/security/cve/CVE-2015-7511.html
https://www.suse.com/security/cve/CVE-2015-8380.html
https://www.suse.com/security/cve/CVE-2015-8381.html
https://www.suse.com/security/cve/CVE-2015-8382.html
https://www.suse.com/security/cve/CVE-2015-8383.html
https://www.suse.com/security/cve/CVE-2015-8384.html
https://www.suse.com/security/cve/CVE-2015-8385.html
https://www.suse.com/security/cve/CVE-2015-8386.html
https://www.suse.com/security/cve/CVE-2015-8387.html
https://www.suse.com/security/cve/CVE-2015-8388.html
https://www.suse.com/security/cve/CVE-2015-8389.html
https://www.suse.com/security/cve/CVE-2015-8390.html
https://www.suse.com/security/cve/CVE-2015-8391.html
https://www.suse.com/security/cve/CVE-2015-8392.html
https://www.suse.com/security/cve/CVE-2015-8393.html
https://www.suse.com/security/cve/CVE-2015-8394.html
https://www.suse.com/security/cve/CVE-2015-8395.html
https://www.suse.com/security/cve/CVE-2015-8806.html
https://www.suse.com/security/cve/CVE-2015-8842.html
https://www.suse.com/security/cve/CVE-2015-8853.html
https://www.suse.com/security/cve/CVE-2015-8948.html
https://www.suse.com/security/cve/CVE-2016-0634.html
https://www.suse.com/security/cve/CVE-2016-0718.html
https://www.suse.com/security/cve/CVE-2016-0787.html
https://www.suse.com/security/cve/CVE-2016-1234.html
https://www.suse.com/security/cve/CVE-2016-1238.html
https://www.suse.com/security/cve/CVE-2016-1283.html
https://www.suse.com/security/cve/CVE-2016-1762.html
https://www.suse.com/security/cve/CVE-2016-1833.html
https://www.suse.com/security/cve/CVE-2016-1834.html
https://www.suse.com/security/cve/CVE-2016-1835.html
https://www.suse.com/security/cve/CVE-2016-1837.html
https://www.suse.com/security/cve/CVE-2016-1838.html
https://www.suse.com/security/cve/CVE-2016-1839.html
https://www.suse.com/security/cve/CVE-2016-1840.html
https://www.suse.com/security/cve/CVE-2016-2037.html
https://www.suse.com/security/cve/CVE-2016-2073.html
https://www.suse.com/security/cve/CVE-2016-2105.html
https://www.suse.com/security/cve/CVE-2016-2106.html
https://www.suse.com/security/cve/CVE-2016-2107.html
https://www.suse.com/security/cve/CVE-2016-2108.html
https://www.suse.com/security/cve/CVE-2016-2109.html
https://www.suse.com/security/cve/CVE-2016-2177.html
https://www.suse.com/security/cve/CVE-2016-2178.html
https://www.suse.com/security/cve/CVE-2016-2179.html
https://www.suse.com/security/cve/CVE-2016-2180.html
https://www.suse.com/security/cve/CVE-2016-2181.html
https://www.suse.com/security/cve/CVE-2016-2182.html
https://www.suse.com/security/cve/CVE-2016-2183.html
https://www.suse.com/security/cve/CVE-2016-2381.html
https://www.suse.com/security/cve/CVE-2016-3075.html
https://www.suse.com/security/cve/CVE-2016-3191.html
https://www.suse.com/security/cve/CVE-2016-3627.html
https://www.suse.com/security/cve/CVE-2016-3705.html
https://www.suse.com/security/cve/CVE-2016-3706.html
https://www.suse.com/security/cve/CVE-2016-4008.html
https://www.suse.com/security/cve/CVE-2016-4429.html
https://www.suse.com/security/cve/CVE-2016-4447.html
https://www.suse.com/security/cve/CVE-2016-4448.html
https://www.suse.com/security/cve/CVE-2016-4449.html
https://www.suse.com/security/cve/CVE-2016-4483.html
https://www.suse.com/security/cve/CVE-2016-4574.html
https://www.suse.com/security/cve/CVE-2016-4579.html
https://www.suse.com/security/cve/CVE-2016-4658.html
https://www.suse.com/security/cve/CVE-2016-5011.html
https://www.suse.com/security/cve/CVE-2016-5300.html
https://www.suse.com/security/cve/CVE-2016-5419.html
https://www.suse.com/security/cve/CVE-2016-5420.html
https://www.suse.com/security/cve/CVE-2016-5421.html
https://www.suse.com/security/cve/CVE-2016-6185.html
https://www.suse.com/security/cve/CVE-2016-6261.html
https://www.suse.com/security/cve/CVE-2016-6262.html
https://www.suse.com/security/cve/CVE-2016-6263.html
https://www.suse.com/security/cve/CVE-2016-6302.html
https://www.suse.com/security/cve/CVE-2016-6303.html
https://www.suse.com/security/cve/CVE-2016-6304.html
https://www.suse.com/security/cve/CVE-2016-6306.html
https://www.suse.com/security/cve/CVE-2016-6313.html
https://www.suse.com/security/cve/CVE-2016-6318.html
https://www.suse.com/security/cve/CVE-2016-7141.html
https://www.suse.com/security/cve/CVE-2016-7167.html
https://www.suse.com/security/cve/CVE-2016-7543.html
https://www.suse.com/security/cve/CVE-2016-7796.html
https://www.suse.com/security/cve/CVE-2016-8615.html
https://www.suse.com/security/cve/CVE-2016-8616.html
https://www.suse.com/security/cve/CVE-2016-8617.html
https://www.suse.com/security/cve/CVE-2016-8618.html
https://www.suse.com/security/cve/CVE-2016-8619.html
https://www.suse.com/security/cve/CVE-2016-8620.html
https://www.suse.com/security/cve/CVE-2016-8621.html
https://www.suse.com/security/cve/CVE-2016-8622.html
https://www.suse.com/security/cve/CVE-2016-8623.html
https://www.suse.com/security/cve/CVE-2016-8624.html
https://www.suse.com/security/cve/CVE-2016-9063.html
https://www.suse.com/security/cve/CVE-2016-9318.html
https://www.suse.com/security/cve/CVE-2016-9586.html
https://www.suse.com/security/cve/CVE-2016-9597.html
https://www.suse.com/security/cve/CVE-2016-9840.html
https://www.suse.com/security/cve/CVE-2016-9841.html
https://www.suse.com/security/cve/CVE-2016-9842.html
https://www.suse.com/security/cve/CVE-2016-9843.html
https://www.suse.com/security/cve/CVE-2017-1000100.html
https://www.suse.com/security/cve/CVE-2017-1000101.html
https://www.suse.com/security/cve/CVE-2017-1000366.html
https://www.suse.com/security/cve/CVE-2017-10684.html
https://www.suse.com/security/cve/CVE-2017-10685.html
https://www.suse.com/security/cve/CVE-2017-11112.html
https://www.suse.com/security/cve/CVE-2017-11113.html
https://www.suse.com/security/cve/CVE-2017-2616.html
https://www.suse.com/security/cve/CVE-2017-6507.html
https://www.suse.com/security/cve/CVE-2017-7407.html
https://www.suse.com/security/cve/CVE-2017-7526.html
https://www.suse.com/security/cve/CVE-2017-9047.html
https://www.suse.com/security/cve/CVE-2017-9048.html
https://www.suse.com/security/cve/CVE-2017-9049.html
https://www.suse.com/security/cve/CVE-2017-9050.html
https://www.suse.com/security/cve/CVE-2017-9233.html
https://bugzilla.suse.com/1056193
https://bugzilla.suse.com/975726
================================================
SUSE Security Update: Security update for SLES 12-SP1 Docker image
______________________________________________________________________________
Announcement ID: SUSE-SU-2017:2700-1
Rating: important
References: #1056193 #975726
Cross-References: CVE-2012-6702 CVE-2014-0191 CVE-2014-6271
CVE-2014-6277 CVE-2014-6278 CVE-2014-7169
CVE-2014-7187 CVE-2014-7824 CVE-2014-8964
CVE-2014-9770 CVE-2015-0245 CVE-2015-0860
CVE-2015-1283 CVE-2015-2059 CVE-2015-2325
CVE-2015-2327 CVE-2015-2328 CVE-2015-3210
CVE-2015-3217 CVE-2015-3238 CVE-2015-3622
CVE-2015-5073 CVE-2015-5276 CVE-2015-7511
CVE-2015-8380 CVE-2015-8381 CVE-2015-8382
CVE-2015-8383 CVE-2015-8384 CVE-2015-8385
CVE-2015-8386 CVE-2015-8387 CVE-2015-8388
CVE-2015-8389 CVE-2015-8390 CVE-2015-8391
CVE-2015-8392 CVE-2015-8393 CVE-2015-8394
CVE-2015-8395 CVE-2015-8806 CVE-2015-8842
CVE-2015-8853 CVE-2015-8948 CVE-2016-0634
CVE-2016-0718 CVE-2016-0787 CVE-2016-1234
CVE-2016-1238 CVE-2016-1283 CVE-2016-1762
CVE-2016-1833 CVE-2016-1834 CVE-2016-1835
CVE-2016-1837 CVE-2016-1838 CVE-2016-1839
CVE-2016-1840 CVE-2016-2037 CVE-2016-2073
CVE-2016-2105 CVE-2016-2106 CVE-2016-2107
CVE-2016-2108 CVE-2016-2109 CVE-2016-2177
CVE-2016-2178 CVE-2016-2179 CVE-2016-2180
CVE-2016-2181 CVE-2016-2182 CVE-2016-2183
CVE-2016-2381 CVE-2016-3075 CVE-2016-3191
CVE-2016-3627 CVE-2016-3705 CVE-2016-3706
CVE-2016-4008 CVE-2016-4429 CVE-2016-4447
CVE-2016-4448 CVE-2016-4449 CVE-2016-4483
CVE-2016-4574 CVE-2016-4579 CVE-2016-4658
CVE-2016-5011 CVE-2016-5300 CVE-2016-5419
CVE-2016-5420 CVE-2016-5421 CVE-2016-6185
CVE-2016-6261 CVE-2016-6262 CVE-2016-6263
CVE-2016-6302 CVE-2016-6303 CVE-2016-6304
CVE-2016-6306 CVE-2016-6313 CVE-2016-6318
CVE-2016-7056 CVE-2016-7141 CVE-2016-7167
CVE-2016-7543 CVE-2016-7796 CVE-2016-8610
CVE-2016-8615 CVE-2016-8616 CVE-2016-8617
CVE-2016-8618 CVE-2016-8619 CVE-2016-8620
CVE-2016-8621 CVE-2016-8622 CVE-2016-8623
CVE-2016-8624 CVE-2016-9063 CVE-2016-9318
CVE-2016-9586 CVE-2016-9597 CVE-2016-9840
CVE-2016-9841 CVE-2016-9842 CVE-2016-9843
CVE-2017-1000100 CVE-2017-1000101 CVE-2017-1000366
CVE-2017-10684 CVE-2017-10685 CVE-2017-11112
CVE-2017-11113 CVE-2017-2616 CVE-2017-3731
CVE-2017-6507 CVE-2017-7407 CVE-2017-7526
CVE-2017-9047 CVE-2017-9048 CVE-2017-9049
CVE-2017-9050 CVE-2017-9233
Affected Products:
SUSE Linux Enterprise Module for Containers 12
______________________________________________________________________________
An update that fixes 143 vulnerabilities is now available.
Description:
The SUSE Linux Enterprise Server 12 SP1 container image has been updated
to include security and stability fixes.
The following issues related to building of the container images have been
fixed:
- Included krb5 package to avoid the inclusion of krb5-mini which gets
selected as a dependency by the Build Service solver. (bsc#1056193)
- Do not install recommended packages when building container images.
(bsc#975726)
A number of security issues that have been already fixed by updates
released for SUSE Linux Enterprise Server 12 SP1 are now included in the
base image. A package/CVE cross-reference is available below.
pam:
- CVE-2015-3238
libtasn1:
- CVE-2015-3622
- CVE-2016-4008
expat:
expat:
- CVE-2012-6702
- CVE-2015-1283
- CVE-2016-0718
- CVE-2016-5300
- CVE-2016-9063
- CVE-2017-9233
libidn:
- CVE-2015-2059
- CVE-2015-8948
- CVE-2016-6261
- CVE-2016-6262
- CVE-2016-6263
zlib:
- CVE-2016-9840
- CVE-2016-9841
- CVE-2016-9842
- CVE-2016-9843
curl:
- CVE-2016-5419
- CVE-2016-5420
- CVE-2016-5421
- CVE-2016-7141
- CVE-2016-7167
- CVE-2016-8615
- CVE-2016-8616
- CVE-2016-8617
- CVE-2016-8618
- CVE-2016-8619
- CVE-2016-8620
- CVE-2016-8621
- CVE-2016-8622
- CVE-2016-8623
- CVE-2016-8624
- CVE-2016-9586
- CVE-2017-1000100
- CVE-2017-1000101
- CVE-2017-7407
openssl:
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2177
- CVE-2016-2178
- CVE-2016-2179
- CVE-2016-2180
- CVE-2016-2181
- CVE-2016-2182
- CVE-2016-2183
- CVE-2016-6302
- CVE-2016-6303
- CVE-2016-6304
- CVE-2016-6306
- CVE-2016-7056
- CVE-2016-8610
- CVE-2017-3731
cracklib:
- CVE-2016-6318
pcre:
- CVE-2014-8964
- CVE-2015-2325
- CVE-2015-2327
- CVE-2015-2328
- CVE-2015-3210
- CVE-2015-3217
- CVE-2015-5073
- CVE-2015-8380
- CVE-2015-8381
- CVE-2015-8382
- CVE-2015-8383
- CVE-2015-8384
- CVE-2015-8385
- CVE-2015-8386
- CVE-2015-8387
- CVE-2015-8388
- CVE-2015-8389
- CVE-2015-8390
- CVE-2015-8391
- CVE-2015-8392
- CVE-2015-8393
- CVE-2015-8394
- CVE-2015-8395
- CVE-2016-1283
- CVE-2016-3191
appamor:
- CVE-2017-6507
bash:
- CVE-2014-6277
- CVE-2014-6278
- CVE-2016-0634
- CVE-2016-7543
cpio:
- CVE-2016-2037
glibc:
- CVE-2016-1234
- CVE-2016-3075
- CVE-2016-3706
- CVE-2016-4429
- CVE-2017-1000366
perl:
- CVE-2015-8853
- CVE-2016-1238
- CVE-2016-2381
- CVE-2016-6185
libssh2_org:
- CVE-2016-0787
util-linux:
- CVE-2016-5011
- CVE-2017-2616
ncurses:
- CVE-2017-10684
- CVE-2017-10685
- CVE-2017-11112
- CVE-2017-11113
libksba:
- CVE-2016-4574
- CVE-2016-4579
libxml2:
- CVE-2014-0191
- CVE-2015-8806
- CVE-2016-1762
- CVE-2016-1833
- CVE-2016-1834
- CVE-2016-1835
- CVE-2016-1837
- CVE-2016-1838
- CVE-2016-1839
- CVE-2016-1840
- CVE-2016-2073
- CVE-2016-3627
- CVE-2016-3705
- CVE-2016-4447
- CVE-2016-4448
- CVE-2016-4449
- CVE-2016-4483
- CVE-2016-4658
- CVE-2016-9318
- CVE-2016-9597
- CVE-2017-9047
- CVE-2017-9048
- CVE-2017-9049
- CVE-2017-9050
libgcrypt:
- CVE-2015-7511
- CVE-2016-6313
- CVE-2017-7526
update-alternatives:
- CVE-2015-0860
systemd:
- CVE-2014-9770
- CVE-2015-8842
- CVE-2016-7796
dbus-1:
- CVE-2014-7824
- CVE-2015-0245
Finally, the following packages received non-security fixes:
- augeas
- bzip2
- ca-certificates-mozilla
- coreutils
- cryptsetup
- cyrus-sasl
- dirmngr
- e2fsprogs
- findutils
- gpg2
- insserv-compat
- kmod
- libcap
- libsolv
- libzypp
- lua51
- lvm2
- netcfg
- p11-kit
- permissions
- procps
- rpm
- sed
- sg3_utils
- shadow
- zypper
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Module for Containers 12:
zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1673=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64):
sles12sp1-docker-image-1.0.7-20171002
References:
https://www.suse.com/security/cve/CVE-2012-6702.html
https://www.suse.com/security/cve/CVE-2014-0191.html
https://www.suse.com/security/cve/CVE-2014-6271.html
https://www.suse.com/security/cve/CVE-2014-6277.html
https://www.suse.com/security/cve/CVE-2014-6278.html
https://www.suse.com/security/cve/CVE-2014-7169.html
https://www.suse.com/security/cve/CVE-2014-7187.html
https://www.suse.com/security/cve/CVE-2014-7824.html
https://www.suse.com/security/cve/CVE-2014-8964.html
https://www.suse.com/security/cve/CVE-2014-9770.html
https://www.suse.com/security/cve/CVE-2015-0245.html
https://www.suse.com/security/cve/CVE-2015-0860.html
https://www.suse.com/security/cve/CVE-2015-1283.html
https://www.suse.com/security/cve/CVE-2015-2059.html
https://www.suse.com/security/cve/CVE-2015-2325.html
https://www.suse.com/security/cve/CVE-2015-2327.html
https://www.suse.com/security/cve/CVE-2015-2328.html
https://www.suse.com/security/cve/CVE-2015-3210.html
https://www.suse.com/security/cve/CVE-2015-3217.html
https://www.suse.com/security/cve/CVE-2015-3238.html
https://www.suse.com/security/cve/CVE-2015-3622.html
https://www.suse.com/security/cve/CVE-2015-5073.html
https://www.suse.com/security/cve/CVE-2015-5276.html
https://www.suse.com/security/cve/CVE-2015-7511.html
https://www.suse.com/security/cve/CVE-2015-8380.html
https://www.suse.com/security/cve/CVE-2015-8381.html
https://www.suse.com/security/cve/CVE-2015-8382.html
https://www.suse.com/security/cve/CVE-2015-8383.html
https://www.suse.com/security/cve/CVE-2015-8384.html
https://www.suse.com/security/cve/CVE-2015-8385.html
https://www.suse.com/security/cve/CVE-2015-8386.html
https://www.suse.com/security/cve/CVE-2015-8387.html
https://www.suse.com/security/cve/CVE-2015-8388.html
https://www.suse.com/security/cve/CVE-2015-8389.html
https://www.suse.com/security/cve/CVE-2015-8390.html
https://www.suse.com/security/cve/CVE-2015-8391.html
https://www.suse.com/security/cve/CVE-2015-8392.html
https://www.suse.com/security/cve/CVE-2015-8393.html
https://www.suse.com/security/cve/CVE-2015-8394.html
https://www.suse.com/security/cve/CVE-2015-8395.html
https://www.suse.com/security/cve/CVE-2015-8806.html
https://www.suse.com/security/cve/CVE-2015-8842.html
https://www.suse.com/security/cve/CVE-2015-8853.html
https://www.suse.com/security/cve/CVE-2015-8948.html
https://www.suse.com/security/cve/CVE-2016-0634.html
https://www.suse.com/security/cve/CVE-2016-0718.html
https://www.suse.com/security/cve/CVE-2016-0787.html
https://www.suse.com/security/cve/CVE-2016-1234.html
https://www.suse.com/security/cve/CVE-2016-1238.html
https://www.suse.com/security/cve/CVE-2016-1283.html
https://www.suse.com/security/cve/CVE-2016-1762.html
https://www.suse.com/security/cve/CVE-2016-1833.html
https://www.suse.com/security/cve/CVE-2016-1834.html
https://www.suse.com/security/cve/CVE-2016-1835.html
https://www.suse.com/security/cve/CVE-2016-1837.html
https://www.suse.com/security/cve/CVE-2016-1838.html
https://www.suse.com/security/cve/CVE-2016-1839.html
https://www.suse.com/security/cve/CVE-2016-1840.html
https://www.suse.com/security/cve/CVE-2016-2037.html
https://www.suse.com/security/cve/CVE-2016-2073.html
https://www.suse.com/security/cve/CVE-2016-2105.html
https://www.suse.com/security/cve/CVE-2016-2106.html
https://www.suse.com/security/cve/CVE-2016-2107.html
https://www.suse.com/security/cve/CVE-2016-2108.html
https://www.suse.com/security/cve/CVE-2016-2109.html
https://www.suse.com/security/cve/CVE-2016-2177.html
https://www.suse.com/security/cve/CVE-2016-2178.html
https://www.suse.com/security/cve/CVE-2016-2179.html
https://www.suse.com/security/cve/CVE-2016-2180.html
https://www.suse.com/security/cve/CVE-2016-2181.html
https://www.suse.com/security/cve/CVE-2016-2182.html
https://www.suse.com/security/cve/CVE-2016-2183.html
https://www.suse.com/security/cve/CVE-2016-2381.html
https://www.suse.com/security/cve/CVE-2016-3075.html
https://www.suse.com/security/cve/CVE-2016-3191.html
https://www.suse.com/security/cve/CVE-2016-3627.html
https://www.suse.com/security/cve/CVE-2016-3705.html
https://www.suse.com/security/cve/CVE-2016-3706.html
https://www.suse.com/security/cve/CVE-2016-4008.html
https://www.suse.com/security/cve/CVE-2016-4429.html
https://www.suse.com/security/cve/CVE-2016-4447.html
https://www.suse.com/security/cve/CVE-2016-4448.html
https://www.suse.com/security/cve/CVE-2016-4449.html
https://www.suse.com/security/cve/CVE-2016-4483.html
https://www.suse.com/security/cve/CVE-2016-4574.html
https://www.suse.com/security/cve/CVE-2016-4579.html
https://www.suse.com/security/cve/CVE-2016-4658.html
https://www.suse.com/security/cve/CVE-2016-5011.html
https://www.suse.com/security/cve/CVE-2016-5300.html
https://www.suse.com/security/cve/CVE-2016-5419.html
https://www.suse.com/security/cve/CVE-2016-5420.html
https://www.suse.com/security/cve/CVE-2016-5421.html
https://www.suse.com/security/cve/CVE-2016-6185.html
https://www.suse.com/security/cve/CVE-2016-6261.html
https://www.suse.com/security/cve/CVE-2016-6262.html
https://www.suse.com/security/cve/CVE-2016-6263.html
https://www.suse.com/security/cve/CVE-2016-6302.html
https://www.suse.com/security/cve/CVE-2016-6303.html
https://www.suse.com/security/cve/CVE-2016-6304.html
https://www.suse.com/security/cve/CVE-2016-6306.html
https://www.suse.com/security/cve/CVE-2016-6313.html
https://www.suse.com/security/cve/CVE-2016-6318.html
https://www.suse.com/security/cve/CVE-2016-7056.html
https://www.suse.com/security/cve/CVE-2016-7141.html
https://www.suse.com/security/cve/CVE-2016-7167.html
https://www.suse.com/security/cve/CVE-2016-7543.html
https://www.suse.com/security/cve/CVE-2016-7796.html
https://www.suse.com/security/cve/CVE-2016-8610.html
https://www.suse.com/security/cve/CVE-2016-8615.html
https://www.suse.com/security/cve/CVE-2016-8616.html
https://www.suse.com/security/cve/CVE-2016-8617.html
https://www.suse.com/security/cve/CVE-2016-8618.html
https://www.suse.com/security/cve/CVE-2016-8619.html
https://www.suse.com/security/cve/CVE-2016-8620.html
https://www.suse.com/security/cve/CVE-2016-8621.html
https://www.suse.com/security/cve/CVE-2016-8622.html
https://www.suse.com/security/cve/CVE-2016-8623.html
https://www.suse.com/security/cve/CVE-2016-8624.html
https://www.suse.com/security/cve/CVE-2016-9063.html
https://www.suse.com/security/cve/CVE-2016-9318.html
https://www.suse.com/security/cve/CVE-2016-9586.html
https://www.suse.com/security/cve/CVE-2016-9597.html
https://www.suse.com/security/cve/CVE-2016-9840.html
https://www.suse.com/security/cve/CVE-2016-9841.html
https://www.suse.com/security/cve/CVE-2016-9842.html
https://www.suse.com/security/cve/CVE-2016-9843.html
https://www.suse.com/security/cve/CVE-2017-1000100.html
https://www.suse.com/security/cve/CVE-2017-1000101.html
https://www.suse.com/security/cve/CVE-2017-1000366.html
https://www.suse.com/security/cve/CVE-2017-10684.html
https://www.suse.com/security/cve/CVE-2017-10685.html
https://www.suse.com/security/cve/CVE-2017-11112.html
https://www.suse.com/security/cve/CVE-2017-11113.html
https://www.suse.com/security/cve/CVE-2017-2616.html
https://www.suse.com/security/cve/CVE-2017-3731.html
https://www.suse.com/security/cve/CVE-2017-6507.html
https://www.suse.com/security/cve/CVE-2017-7407.html
https://www.suse.com/security/cve/CVE-2017-7526.html
https://www.suse.com/security/cve/CVE-2017-9047.html
https://www.suse.com/security/cve/CVE-2017-9048.html
https://www.suse.com/security/cve/CVE-2017-9049.html
https://www.suse.com/security/cve/CVE-2017-9050.html
https://www.suse.com/security/cve/CVE-2017-9233.html
https://bugzilla.suse.com/1056193
https://bugzilla.suse.com/975726
================================================
SUSE Security Update: Security update for SLES 12-SP2 Docker image
______________________________________________________________________________
Announcement ID: SUSE-SU-2017:2701-1
Rating: important
References: #1056193
Cross-References: CVE-2012-6702 CVE-2015-3238 CVE-2016-10156
CVE-2016-1839 CVE-2016-2037 CVE-2016-4658
CVE-2016-5011 CVE-2016-5300 CVE-2016-7055
CVE-2016-9063 CVE-2016-9318 CVE-2016-9401
CVE-2016-9586 CVE-2016-9597 CVE-2016-9840
CVE-2016-9841 CVE-2016-9842 CVE-2016-9843
CVE-2017-0663 CVE-2017-1000100 CVE-2017-1000101
CVE-2017-1000366 CVE-2017-10684 CVE-2017-10685
CVE-2017-11112 CVE-2017-11113 CVE-2017-2616
CVE-2017-3731 CVE-2017-3732 CVE-2017-5969
CVE-2017-6507 CVE-2017-7375 CVE-2017-7376
CVE-2017-7407 CVE-2017-7435 CVE-2017-7436
CVE-2017-7526 CVE-2017-8872 CVE-2017-9047
CVE-2017-9048 CVE-2017-9049 CVE-2017-9050
CVE-2017-9217 CVE-2017-9233 CVE-2017-9269
CVE-2017-9287 CVE-2017-9445
Affected Products:
SUSE Linux Enterprise Module for Containers 12
______________________________________________________________________________
An update that fixes 47 vulnerabilities is now available.
Description:
The SUSE Linux Enterprise Server 12 SP2 container image has been updated
to include security and stability fixes.
The following issues related to building of the container images have been
fixed:
- Included krb5 package to avoid the inclusion of krb5-mini which gets
selected as a dependency by the Build Service solver. (bsc#1056193)
A number of security issues that have been already fixed by updates
released for SUSE Linux Enterprise Server 12 are now included in the base
image. A package/CVE cross-reference is available below.
bash:
- CVE-2016-9401
expat:
- CVE-2012-6702
- CVE-2016-5300
- CVE-2016-9063
- CVE-2017-9233
curl:
- CVE-2016-9586
- CVE-2017-1000100
- CVE-2017-1000101
- CVE-2017-7407
glibc:
- CVE-2017-1000366
openssl:
- CVE-2017-3731
- CVE-2017-3732
- CVE-2016-7055
pam:
- CVE-2015-3238
apparmor:
- CVE-2017-6507
ncurses:
- CVE-2017-10684
- CVE-2017-10685
- CVE-2017-11112
- CVE-2017-11113
libgcrypt:
- CVE-2017-7526
libxml2:
- CVE-2016-1839
- CVE-2016-4658
- CVE-2016-9318
- CVE-2016-9597
- CVE-2017-0663
- CVE-2017-5969
- CVE-2017-7375
- CVE-2017-7376
- CVE-2017-8872
- CVE-2017-9047
- CVE-2017-9048
- CVE-2017-9049
- CVE-2017-9050
libzypp:
- CVE-2017-9269
- CVE-2017-7435
- CVE-2017-7436
openldap2:
- CVE-2017-9287
systemd:
- CVE-2016-10156
- CVE-2017-9217
- CVE-2017-9445
util-linux:
- CVE-2016-5011
- CVE-2017-2616
zlib:
- CVE-2016-9840
- CVE-2016-9841
- CVE-2016-9842
- CVE-2016-9843
zypper:
- CVE-2017-7436
Finally, the following packages received non-security fixes:
- binutils
- cpio
- cryptsetup
- cyrus-sasl
- dbus-1
- dirmngr
- e2fsprogs
- gpg2
- insserv-compat
- kmod
- libsolv
- libsemanage
- lvm2
- lua51
- netcfg
- procps
- sed
- sg3_utils
- shadow
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Module for Containers 12:
zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1674=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64):
sles12sp2-docker-image-1.0.2-20171006
References:
https://www.suse.com/security/cve/CVE-2012-6702.html
https://www.suse.com/security/cve/CVE-2015-3238.html
https://www.suse.com/security/cve/CVE-2016-10156.html
https://www.suse.com/security/cve/CVE-2016-1839.html
https://www.suse.com/security/cve/CVE-2016-2037.html
https://www.suse.com/security/cve/CVE-2016-4658.html
https://www.suse.com/security/cve/CVE-2016-5011.html
https://www.suse.com/security/cve/CVE-2016-5300.html
https://www.suse.com/security/cve/CVE-2016-7055.html
https://www.suse.com/security/cve/CVE-2016-9063.html
https://www.suse.com/security/cve/CVE-2016-9318.html
https://www.suse.com/security/cve/CVE-2016-9401.html
https://www.suse.com/security/cve/CVE-2016-9586.html
https://www.suse.com/security/cve/CVE-2016-9597.html
https://www.suse.com/security/cve/CVE-2016-9840.html
https://www.suse.com/security/cve/CVE-2016-9841.html
https://www.suse.com/security/cve/CVE-2016-9842.html
https://www.suse.com/security/cve/CVE-2016-9843.html
https://www.suse.com/security/cve/CVE-2017-0663.html
https://www.suse.com/security/cve/CVE-2017-1000100.html
https://www.suse.com/security/cve/CVE-2017-1000101.html
https://www.suse.com/security/cve/CVE-2017-1000366.html
https://www.suse.com/security/cve/CVE-2017-10684.html
https://www.suse.com/security/cve/CVE-2017-10685.html
https://www.suse.com/security/cve/CVE-2017-11112.html
https://www.suse.com/security/cve/CVE-2017-11113.html
https://www.suse.com/security/cve/CVE-2017-2616.html
https://www.suse.com/security/cve/CVE-2017-3731.html
https://www.suse.com/security/cve/CVE-2017-3732.html
https://www.suse.com/security/cve/CVE-2017-5969.html
https://www.suse.com/security/cve/CVE-2017-6507.html
https://www.suse.com/security/cve/CVE-2017-7375.html
https://www.suse.com/security/cve/CVE-2017-7376.html
https://www.suse.com/security/cve/CVE-2017-7407.html
https://www.suse.com/security/cve/CVE-2017-7435.html
https://www.suse.com/security/cve/CVE-2017-7436.html
https://www.suse.com/security/cve/CVE-2017-7526.html
https://www.suse.com/security/cve/CVE-2017-8872.html
https://www.suse.com/security/cve/CVE-2017-9047.html
https://www.suse.com/security/cve/CVE-2017-9048.html
https://www.suse.com/security/cve/CVE-2017-9049.html
https://www.suse.com/security/cve/CVE-2017-9050.html
https://www.suse.com/security/cve/CVE-2017-9217.html
https://www.suse.com/security/cve/CVE-2017-9233.html
https://www.suse.com/security/cve/CVE-2017-9269.html
https://www.suse.com/security/cve/CVE-2017-9287.html
https://www.suse.com/security/cve/CVE-2017-9445.html
https://bugzilla.suse.com/1056193
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBWd2t6Ix+lLeg9Ub1AQijMw/7BkZdDRSghqR0RnlYhoV8CK3HLnUOoSZW
qIlhy8h5R7o7K62B+QH+OEAoahVc7aVKtoXyNZq1XqFSqkYn2CMfVVze1jFEy/oz
X38bY6E89c2pB8PLqJapYW0lc4x1OJxJM2l6yI+thDkD3bzGRzhrxLkUvVMNmo6t
7kseU/w0Gtf9mUEfjuLMLYGtAEb/Fxm9ji5y8xE2SoZEj5vma2Jami/pRLIPNd8O
jjApnF1uIY4XhmZF6sr8TXT+niqNxAASVHUEBdkgxzZXHxxxFgd7HgG8ayhPuVl5
wM9XcK5SA77Q8KAtCi2DR6nmnaEDnhe1B/4cz42OBZHgGTCY+qeFfntHj3pJYwvO
8onaN8RPm2XP6f/eAcOnrBGO37dwO4CZXWQh0As8m2D1fgcQcW7/gKziguAsQA8v
gME15DiQ8WacV3ZYJe/80D70IdKHm+r/BtTy0ojTFCYNCI50i8zeQ7Jyu5ufsaIH
aQqGFoKkqRPAJYq/WtM6htPGue8U68Y3OCtY1aXcjLOX8yXrJ9jyO//OMKsIwzSm
VUgkrmGcOaCxXsS8R/n0gGsETA3aOkgD4shVngKl7ib4io6I7J8Abh4axUJvaGJD
8niJJ5yzfibpgj0FKJPqDwih2k985QLe6fQw1nFRMhvNZ3Mbvd/YUzYlqw+WaknK
iROWE8L61o4=
=0DYC
-----END PGP SIGNATURE-----