SUSE-SU-2017:1946-1: important: Security update for Linux Kernel Live Patch 10 for SLE 12 SP1

The following information has been provided by the opensuse security announce mailing lIST

SUSE Security Update: Security update for Linux Kernel Live Patch 10 for SLE 12 SP1
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1946-1
Rating:             important
References:         #1013543 #1014271 #1021417 #1025013 #1025254
#1030575 #1031481 #1031660 #1039496
Cross-References:   CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has 8 fixes is
now available.

Description:

This update for the Linux Kernel 3.12.67-60_64_21 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12-SP1:

zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1212=1

– SUSE Linux Enterprise Server 12-SP1-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1212=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

kgraft-patch-3_12_67-60_64_21-default-7-3.1
kgraft-patch-3_12_67-60_64_21-xen-7-3.1

– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

kgraft-patch-3_12_67-60_64_21-default-7-3.1
kgraft-patch-3_12_67-60_64_21-xen-7-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1013543
https://bugzilla.suse.com/1014271
https://bugzilla.suse.com/1021417
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1025254
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1031660
https://bugzilla.suse.com/1039496

SUSE-SU-2017:1945-1: important: Security update for Linux Kernel Live Patch 20 for SLE 12

The following information has been provided by the opensuse security announce mailing lIST

SUSE Security Update: Security update for Linux Kernel Live Patch 20 for SLE 12
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1945-1
Rating:             important
References:         #1025013 #1031660 #1039496
Cross-References:   CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Server for SAP 12
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has two fixes
is now available.

Description:

This update for the Linux Kernel 3.12.61-52_69 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12:

zypper in -t patch SUSE-SLE-SAP-12-2017-1205=1

– SUSE Linux Enterprise Server 12-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-2017-1205=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12 (x86_64):

kgraft-patch-3_12_61-52_69-default-3-3.1
kgraft-patch-3_12_61-52_69-xen-3-3.1

– SUSE Linux Enterprise Server 12-LTSS (x86_64):

kgraft-patch-3_12_61-52_69-default-3-3.1
kgraft-patch-3_12_61-52_69-xen-3-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1031660
https://bugzilla.suse.com/1039496

SUSE-SU-2017:1944-1: important: Security update for Linux Kernel Live Patch 14 for SLE 12 SP1

The following information has been provided by the opensuse security announce mailing lIST

SUSE Security Update: Security update for Linux Kernel Live Patch 14 for SLE 12 SP1
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1944-1
Rating:             important
References:         #1031481 #1031660 #1039496
Cross-References:   CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has two fixes
is now available.

Description:

This update for the Linux Kernel 3.12.69-60_64_35 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12-SP1:

zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1210=1

– SUSE Linux Enterprise Server 12-SP1-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1210=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

kgraft-patch-3_12_69-60_64_35-default-3-3.1
kgraft-patch-3_12_69-60_64_35-xen-3-3.1

– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

kgraft-patch-3_12_69-60_64_35-default-3-3.1
kgraft-patch-3_12_69-60_64_35-xen-3-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1031660
https://bugzilla.suse.com/1039496

SUSE-SU-2017:1943-1: important: Security update for Linux Kernel Live Patch 15 for SLE 12 SP1

The following information has been provided by the opensuse security announce mailing lIST

SUSE Security Update: Security update for Linux Kernel Live Patch 15 for SLE 12 SP1
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1943-1
Rating:             important
References:         #1039496
Cross-References:   CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for the Linux Kernel 3.12.74-60_64_40 fixes one issue.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12-SP1:

zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1209=1

– SUSE Linux Enterprise Server 12-SP1-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1209=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

kgraft-patch-3_12_74-60_64_40-default-2-3.1
kgraft-patch-3_12_74-60_64_40-xen-2-3.1

– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

kgraft-patch-3_12_74-60_64_40-default-2-3.1
kgraft-patch-3_12_74-60_64_40-xen-2-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1039496

SUSE-SU-2017:1941-1: important: Security update for Linux Kernel Live Patch 13 for SLE 12 SP1

The following information has been provided by the opensuse security announce mailing lIST

SUSE Security Update: Security update for Linux Kernel Live Patch 13 for SLE 12 SP1
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1941-1
Rating:             important
References:         #1030575 #1031481 #1031660 #1039496
Cross-References:   CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has three fixes
is now available.

Description:

This update for the Linux Kernel 3.12.69-60_64_32 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12-SP1:

zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1208=1

– SUSE Linux Enterprise Server 12-SP1-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1208=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

kgraft-patch-3_12_69-60_64_32-default-4-3.1
kgraft-patch-3_12_69-60_64_32-xen-4-3.1

– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

kgraft-patch-3_12_69-60_64_32-default-4-3.1
kgraft-patch-3_12_69-60_64_32-xen-4-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1031660
https://bugzilla.suse.com/1039496

SUSE-SU-2017:1939-1: important: Security update for Linux Kernel Live Patch 21 for SLE 12

The following information has been provided by the opensuse security announce mailing lIST

SUSE Security Update: Security update for Linux Kernel Live Patch 21 for SLE 12
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1939-1
Rating:             important
References:         #1039496
Cross-References:   CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Server for SAP 12
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for the Linux Kernel 3.12.61-52_72 fixes one issue.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12:

zypper in -t patch SUSE-SLE-SAP-12-2017-1206=1

– SUSE Linux Enterprise Server 12-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-2017-1206=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12 (x86_64):

kgraft-patch-3_12_61-52_72-default-2-3.1
kgraft-patch-3_12_61-52_72-xen-2-3.1

– SUSE Linux Enterprise Server 12-LTSS (x86_64):

kgraft-patch-3_12_61-52_72-default-2-3.1
kgraft-patch-3_12_61-52_72-xen-2-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1039496

SUSE-SU-2017:1937-1: important: Security update for Linux Kernel Live Patch 12 for SLE 12 SP1

The following information has been provided by the opensuse security announce mailing lIST

SUSE Security Update: Security update for Linux Kernel Live Patch 12 for SLE 12 SP1
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1937-1
Rating:             important
References:         #1025013 #1025254 #1030575 #1031481 #1031660
#1039496
Cross-References:   CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has 5 fixes is
now available.

Description:

This update for the Linux Kernel 3.12.69-60_64_29 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12-SP1:

zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1207=1

– SUSE Linux Enterprise Server 12-SP1-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1207=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

kgraft-patch-3_12_69-60_64_29-default-5-3.1
kgraft-patch-3_12_69-60_64_29-xen-5-3.1

– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

kgraft-patch-3_12_69-60_64_29-default-5-3.1
kgraft-patch-3_12_69-60_64_29-xen-5-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1025254
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1031660
https://bugzilla.suse.com/1039496

openSUSE-SU-2017:1933-1: important: Security update for evince

The following information has been provided by the opensuse security announce mailing lIST

openSUSE Security Update: Security update for evince
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2017:1933-1
Rating:             important
References:         #1046856
Cross-References:   CVE-2017-1000083
Affected Products:
openSUSE Leap 42.2
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for evince fixes the following issues:

– CVE-2017-1000083: Remote attackers could have used the comicbook mode of
evince to inject shell code. (bsc#1046856, bgo#784630)

This update was imported from the SUSE:SLE-12-SP2:Update update project.

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– openSUSE Leap 42.2:

zypper in -t patch openSUSE-2017-834=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– openSUSE Leap 42.2 (x86_64):

evince-3.20.1-2.3.1
evince-browser-plugin-3.20.1-2.3.1
evince-browser-plugin-debuginfo-3.20.1-2.3.1
evince-debuginfo-3.20.1-2.3.1
evince-debugsource-3.20.1-2.3.1
evince-devel-3.20.1-2.3.1
evince-plugin-comicsdocument-3.20.1-2.3.1
evince-plugin-comicsdocument-debuginfo-3.20.1-2.3.1
evince-plugin-djvudocument-3.20.1-2.3.1
evince-plugin-djvudocument-debuginfo-3.20.1-2.3.1
evince-plugin-dvidocument-3.20.1-2.3.1
evince-plugin-dvidocument-debuginfo-3.20.1-2.3.1
evince-plugin-pdfdocument-3.20.1-2.3.1
evince-plugin-pdfdocument-debuginfo-3.20.1-2.3.1
evince-plugin-psdocument-3.20.1-2.3.1
evince-plugin-psdocument-debuginfo-3.20.1-2.3.1
evince-plugin-tiffdocument-3.20.1-2.3.1
evince-plugin-tiffdocument-debuginfo-3.20.1-2.3.1
evince-plugin-xpsdocument-3.20.1-2.3.1
evince-plugin-xpsdocument-debuginfo-3.20.1-2.3.1
libevdocument3-4-3.20.1-2.3.1
libevdocument3-4-debuginfo-3.20.1-2.3.1
libevview3-3-3.20.1-2.3.1
libevview3-3-debuginfo-3.20.1-2.3.1
nautilus-evince-3.20.1-2.3.1
nautilus-evince-debuginfo-3.20.1-2.3.1
typelib-1_0-EvinceDocument-3_0-3.20.1-2.3.1
typelib-1_0-EvinceView-3_0-3.20.1-2.3.1

– openSUSE Leap 42.2 (noarch):

evince-lang-3.20.1-2.3.1

SUSE-SU-2017:1925-1: important: Security update for Linux Kernel Live Patch 6 for SLE 12 SP2

The following information has been provided by the opensuse security announce mailing list

SUSE Security Update: Security update for Linux Kernel Live Patch 6 for SLE 12 SP2
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1925-1
Rating:             important
References:         #1031481 #1031660 #1039496
Cross-References:   CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________

An update that solves one vulnerability and has two fixes
is now available.

Description:

This update for the Linux Kernel 4.4.49-92_14 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Live Patching 12:

zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1196=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Live Patching 12 (x86_64):

kgraft-patch-4_4_49-92_14-default-3-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1031660
https://bugzilla.suse.com/1039496

SUSE-SU-2017:1924-1: important: Security update for Linux Kernel Live Patch 19 for SLE 12

The following information has been provided by the opensuse security announce mailing list

SUSE Security Update: Security update for Linux Kernel Live Patch 19 for SLE 12
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1924-1
Rating:             important
References:         #1025013 #1030575 #1031660 #1039496
Cross-References:   CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Server for SAP 12
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has three fixes
is now available.

Description:

This update for the Linux Kernel 3.12.61-52_66 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12:

zypper in -t patch SUSE-SLE-SAP-12-2017-1195=1

– SUSE Linux Enterprise Server 12-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-2017-1195=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12 (x86_64):

kgraft-patch-3_12_61-52_66-default-5-3.1
kgraft-patch-3_12_61-52_66-xen-5-3.1

– SUSE Linux Enterprise Server 12-LTSS (x86_64):

kgraft-patch-3_12_61-52_66-default-5-3.1
kgraft-patch-3_12_61-52_66-xen-5-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031660
https://bugzilla.suse.com/1039496

SUSE-SU-2017:1923-1: important: Security update for Linux Kernel Live Patch 4 for SLE 12 SP2

The following information has been provided by the opensuse security announce mailing list

SUSE Security Update: Security update for Linux Kernel Live Patch 4 for SLE 12 SP2
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1923-1
Rating:             important
References:         #1019079 #1025013 #1025254 #1030575 #1031481
#1031660 #1039496
Cross-References:   CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________

An update that solves one vulnerability and has 6 fixes is
now available.

Description:

This update for the Linux Kernel 4.4.38-93 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Live Patching 12:

zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1197=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Live Patching 12 (x86_64):

kgraft-patch-4_4_38-93-default-6-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1019079
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1025254
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1031660
https://bugzilla.suse.com/1039496

SUSE-SU-2017:1922-1: important: Security update for Linux Kernel Live Patch 18 for SLE 12

The following information has been provided by the opensuse security announce mailing list

SUSE Security Update: Security update for Linux Kernel Live Patch 18 for SLE 12
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1922-1
Rating:             important
References:         #1017589 #1025013 #1030575 #1031660 #1039496

Cross-References:   CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Server for SAP 12
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has four fixes
is now available.

Description:

This update for the Linux Kernel 3.12.60-52_63 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12:

zypper in -t patch SUSE-SLE-SAP-12-2017-1194=1

– SUSE Linux Enterprise Server 12-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-2017-1194=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12 (x86_64):

kgraft-patch-3_12_60-52_63-default-6-3.1
kgraft-patch-3_12_60-52_63-xen-6-3.1

– SUSE Linux Enterprise Server 12-LTSS (x86_64):

kgraft-patch-3_12_60-52_63-default-6-3.1
kgraft-patch-3_12_60-52_63-xen-6-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1017589
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031660
https://bugzilla.suse.com/1039496

SUSE-SU-2017:1914-1: important: Security update for Linux Kernel Live Patch 3 for SLE 12 SP2

The following information has been provided by the opensuse security announce mailing lisT

SUSE Security Update: Security update for Linux Kernel Live Patch 3 for SLE 12 SP2
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1914-1
Rating:             important
References:         #1019079 #1025013 #1025254 #1030575 #1031481
#1031660 #1039496
Cross-References:   CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________

An update that solves one vulnerability and has 6 fixes is
now available.

Description:

This update for the Linux Kernel 4.4.21-90 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Live Patching 12:

zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1185=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Live Patching 12 (x86_64):

kgraft-patch-4_4_21-90-default-6-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1019079
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1025254
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1031660
https://bugzilla.suse.com/1039496

SUSE-SU-2017:1915-1: important: Security update for Linux Kernel Live Patch 16 for SLE 12 SP1

The following information has been provided by the opensuse security announce mailing lisT

SUSE Security Update: Security update for Linux Kernel Live Patch 16 for SLE 12 SP1
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1915-1
Rating:             important
References:         #1039348 #1039496 #1045340 #1045406
Cross-References:   CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has three fixes
is now available.

Description:

This update for the Linux Kernel 3.12.74-60_64_45 fixes several issues.

The following bugs were fixed:

– CVE-2017-1000364: The previous fix for the stack gap increase tracked by
CVE-2017-1000364 had a regression, which is fixed by this follow up
patch. (bsc#1039496)

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12-SP1:

zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1187=1

– SUSE Linux Enterprise Server 12-SP1-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1187=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

kgraft-patch-3_12_74-60_64_45-default-2-2.1
kgraft-patch-3_12_74-60_64_45-xen-2-2.1

– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

kgraft-patch-3_12_74-60_64_45-default-2-2.1
kgraft-patch-3_12_74-60_64_45-xen-2-2.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1039348
https://bugzilla.suse.com/1039496
https://bugzilla.suse.com/1045340
https://bugzilla.suse.com/1045406

SUSE-SU-2017:1913-1: important: Security update for Linux Kernel Live Patch 2 for SLE 12 SP2

The following information has been provided by the opensuse security announce mailing lisT

SUSE Security Update: Security update for Linux Kernel Live Patch 2 for SLE 12 SP2
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1913-1
Rating:             important
References:         #1013543 #1014271 #1019079 #1025013 #1025254
#1030575 #1031481 #1031660 #1039496
Cross-References:   CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________

An update that solves one vulnerability and has 8 fixes is
now available.

Description:

This update for the Linux Kernel 4.4.21-84 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Live Patching 12:

zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1184=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Live Patching 12 (x86_64):

kgraft-patch-4_4_21-84-default-6-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1013543
https://bugzilla.suse.com/1014271
https://bugzilla.suse.com/1019079
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1025254
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1031660
https://bugzilla.suse.com/1039496

SUSE-SU-2017:1912-1: important: Security update for Linux Kernel Live Patch 22 for SLE 12

The following information has been provided by the opensuse security announce mailing lisT

SUSE Security Update: Security update for Linux Kernel Live Patch 22 for SLE 12
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1912-1
Rating:             important
References:         #1039348 #1039496 #1045340 #1045406
Cross-References:   CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Server for SAP 12
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has three fixes
is now available.

Description:

This update for the Linux Kernel 3.12.61-52_77 fixes several issues.

The following bugs were fixed:

– CVE-2017-1000364: The previous fix for the stack gap increase tracked by
CVE-2017-1000364 had a regression, which is fixed by this follow up
patch. (bsc#1039496)

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12:

zypper in -t patch SUSE-SLE-SAP-12-2017-1188=1

– SUSE Linux Enterprise Server 12-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-2017-1188=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12 (x86_64):

kgraft-patch-3_12_61-52_77-default-2-2.1
kgraft-patch-3_12_61-52_77-xen-2-2.1

– SUSE Linux Enterprise Server 12-LTSS (x86_64):

kgraft-patch-3_12_61-52_77-default-2-2.1
kgraft-patch-3_12_61-52_77-xen-2-2.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1039348
https://bugzilla.suse.com/1039496
https://bugzilla.suse.com/1045340
https://bugzilla.suse.com/1045406

SUSE-SU-2017:1910-1: important: Security update for Linux Kernel Live Patch 8 for SLE 12 SP1

The following information has been provided by the opensuse security announce mailing lisT

SUSE Security Update: Security update for Linux Kernel Live Patch 8 for SLE 12 SP1
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1910-1
Rating:             important
References:         #1001487 #1012183 #1012759 #1012852 #1013543
#1014271 #1021417 #1025013 #1030575 #1031481
#1039496 #991667
Cross-References:   CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has 11 fixes is
now available.

Description:

This update for the Linux Kernel 3.12.62-60_64_8 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12-SP1:

zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1189=1

– SUSE Linux Enterprise Server 12-SP1-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1189=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

kgraft-patch-3_12_62-60_64_8-default-9-3.1
kgraft-patch-3_12_62-60_64_8-xen-9-3.1

– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

kgraft-patch-3_12_62-60_64_8-default-9-3.1
kgraft-patch-3_12_62-60_64_8-xen-9-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1001487
https://bugzilla.suse.com/1012183
https://bugzilla.suse.com/1012759
https://bugzilla.suse.com/1012852
https://bugzilla.suse.com/1013543
https://bugzilla.suse.com/1014271
https://bugzilla.suse.com/1021417
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1039496
https://bugzilla.suse.com/991667

SUSE-SU-2017:1909-1: important: Security update for Linux Kernel Live Patch 9 for SLE 12 SP1

The following information has been provided by the opensuse security announce mailing lisT

SUSE Security Update: Security update for Linux Kernel Live Patch 9 for SLE 12 SP1
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1909-1
Rating:             important
References:         #1012183 #1012759 #1012852 #1013543 #1014271
#1021417 #1025013 #1025254 #1030575 #1031481
#1039496
Cross-References:   CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has 10 fixes is
now available.

Description:

This update for the Linux Kernel 3.12.67-60_64_18 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12-SP1:

zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1190=1

– SUSE Linux Enterprise Server 12-SP1-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1190=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

kgraft-patch-3_12_67-60_64_18-default-8-3.1
kgraft-patch-3_12_67-60_64_18-xen-8-3.1

– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

kgraft-patch-3_12_67-60_64_18-default-8-3.1
kgraft-patch-3_12_67-60_64_18-xen-8-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1012183
https://bugzilla.suse.com/1012759
https://bugzilla.suse.com/1012852
https://bugzilla.suse.com/1013543
https://bugzilla.suse.com/1014271
https://bugzilla.suse.com/1021417
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1025254
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1039496

SUSE-SU-2017:1908-1: important: Security update for Linux Kernel Live Patch 0 for SLE 12 SP2

The following information has been provided by the opensuse security announce mailing lisT

SUSE Security Update: Security update for Linux Kernel Live Patch 0 for SLE 12 SP2
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1908-1
Rating:             important
References:         #1008284 #1012183 #1012759 #1012852 #1013543
#1014271 #1019079 #1025013 #1025254 #1030575
#1031481 #1039496
Cross-References:   CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________

An update that solves one vulnerability and has 11 fixes is
now available.

Description:

This update for the Linux Kernel 4.4.21-69 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Live Patching 12:

zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1182=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Live Patching 12 (x86_64):

kgraft-patch-4_4_21-69-default-7-21.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1008284
https://bugzilla.suse.com/1012183
https://bugzilla.suse.com/1012759
https://bugzilla.suse.com/1012852
https://bugzilla.suse.com/1013543
https://bugzilla.suse.com/1014271
https://bugzilla.suse.com/1019079
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1025254
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1039496

SUSE-SU-2017:1907-1: important: Security update for Linux Kernel Live Patch 1 for SLE 12 SP2

The following information has been provided by the opensuse security announce mailing lisT

SUSE Security Update: Security update for Linux Kernel Live Patch 1 for SLE 12 SP2
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1907-1
Rating:             important
References:         #1012183 #1012759 #1012852 #1013543 #1014271
#1019079 #1025013 #1025254 #1030575 #1031481
#1039496
Cross-References:   CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________

An update that solves one vulnerability and has 10 fixes is
now available.

Description:

This update for the Linux Kernel 4.4.21-81 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Live Patching 12:

zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1183=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Live Patching 12 (x86_64):

kgraft-patch-4_4_21-81-default-7-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1012183
https://bugzilla.suse.com/1012759
https://bugzilla.suse.com/1012852
https://bugzilla.suse.com/1013543
https://bugzilla.suse.com/1014271
https://bugzilla.suse.com/1019079
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1025254
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1039496