SUSE-SU-2017:2548-1: important: Security update for the Linux Kernel

SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2548-1
Rating: important
References: #1057389
Cross-References: CVE-2017-1000251
Affected Products:
SUSE Linux Enterprise Software Development Kit 11-SP4
SUSE Linux Enterprise Server 11-SP4
SUSE Linux Enterprise Server 11-EXTRA
SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive the
following security fixes:

– CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel was
vulnerable to a stack overflow while processing L2CAP configuration
responses, resulting in a potential remote code execution vulnerability.
[bnc#1057389]

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Software Development Kit 11-SP4:

zypper in -t patch sdksp4-kernel-source-13286=1

– SUSE Linux Enterprise Server 11-SP4:

zypper in -t patch slessp4-kernel-source-13286=1

– SUSE Linux Enterprise Server 11-EXTRA:

zypper in -t patch slexsp3-kernel-source-13286=1

– SUSE Linux Enterprise Debuginfo 11-SP4:

zypper in -t patch dbgsp4-kernel-source-13286=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch):

kernel-docs-3.0.101-108.10.2

– SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):

kernel-default-3.0.101-108.10.1
kernel-default-base-3.0.101-108.10.1
kernel-default-devel-3.0.101-108.10.1
kernel-source-3.0.101-108.10.1
kernel-syms-3.0.101-108.10.1
kernel-trace-3.0.101-108.10.1
kernel-trace-base-3.0.101-108.10.1
kernel-trace-devel-3.0.101-108.10.1

– SUSE Linux Enterprise Server 11-SP4 (i586 x86_64):

kernel-ec2-3.0.101-108.10.1
kernel-ec2-base-3.0.101-108.10.1
kernel-ec2-devel-3.0.101-108.10.1
kernel-xen-3.0.101-108.10.1
kernel-xen-base-3.0.101-108.10.1
kernel-xen-devel-3.0.101-108.10.1

– SUSE Linux Enterprise Server 11-SP4 (ppc64):

kernel-bigmem-3.0.101-108.10.1
kernel-bigmem-base-3.0.101-108.10.1
kernel-bigmem-devel-3.0.101-108.10.1
kernel-ppc64-3.0.101-108.10.1
kernel-ppc64-base-3.0.101-108.10.1
kernel-ppc64-devel-3.0.101-108.10.1

– SUSE Linux Enterprise Server 11-SP4 (s390x):

kernel-default-man-3.0.101-108.10.1

– SUSE Linux Enterprise Server 11-SP4 (i586):

kernel-pae-3.0.101-108.10.1
kernel-pae-base-3.0.101-108.10.1
kernel-pae-devel-3.0.101-108.10.1

– SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64):

kernel-default-extra-3.0.101-108.10.1

– SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64):

kernel-xen-extra-3.0.101-108.10.1

– SUSE Linux Enterprise Server 11-EXTRA (x86_64):

kernel-trace-extra-3.0.101-108.10.1

– SUSE Linux Enterprise Server 11-EXTRA (ppc64):

kernel-ppc64-extra-3.0.101-108.10.1

– SUSE Linux Enterprise Server 11-EXTRA (i586):

kernel-pae-extra-3.0.101-108.10.1

– SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):

kernel-default-debuginfo-3.0.101-108.10.1
kernel-default-debugsource-3.0.101-108.10.1
kernel-trace-debuginfo-3.0.101-108.10.1
kernel-trace-debugsource-3.0.101-108.10.1

– SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 s390x x86_64):

kernel-default-devel-debuginfo-3.0.101-108.10.1
kernel-trace-devel-debuginfo-3.0.101-108.10.1

– SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64):

kernel-ec2-debuginfo-3.0.101-108.10.1
kernel-ec2-debugsource-3.0.101-108.10.1
kernel-xen-debuginfo-3.0.101-108.10.1
kernel-xen-debugsource-3.0.101-108.10.1
kernel-xen-devel-debuginfo-3.0.101-108.10.1

– SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64):

kernel-bigmem-debuginfo-3.0.101-108.10.1
kernel-bigmem-debugsource-3.0.101-108.10.1
kernel-ppc64-debuginfo-3.0.101-108.10.1
kernel-ppc64-debugsource-3.0.101-108.10.1

– SUSE Linux Enterprise Debuginfo 11-SP4 (i586):

kernel-pae-debuginfo-3.0.101-108.10.1
kernel-pae-debugsource-3.0.101-108.10.1
kernel-pae-devel-debuginfo-3.0.101-108.10.1

References:

https://www.suse.com/security/cve/CVE-2017-1000251.html
https://bugzilla.suse.com/1057389


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

CESA-2017:2788 Important CentOS 7 augeas Security Update

CentOS Errata and Security Advisory 2017:2788 Important

Upstream details at : https://access.redhat.com/errata/RHSA-2017:2788

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

x86_64:
1c8dd8681d9e50e46c9d92a0ac04434e524d82aee002f6930bf6a52c2f06b2fa augeas-1.4.0-2.el7_4.1.x86_64.rpm
2bc4b590eb8017d192784ff29e1d4e367824130ef4f4fc2c842bbc15f0f7d229 augeas-devel-1.4.0-2.el7_4.1.i686.rpm
352ce5c564d41e466564b77f45bd41e2e6041b2e5bc7d532498e5474c73cbd64 augeas-devel-1.4.0-2.el7_4.1.x86_64.rpm
11b173f9efe24886b450d91cc7c32f6708fa7aca0ccfae6a24e420eb753a9e9d augeas-libs-1.4.0-2.el7_4.1.i686.rpm
7db0f60d45ae77f05c0a8019d4695892718e957c59d400dc269726301f7885c6 augeas-libs-1.4.0-2.el7_4.1.x86_64.rpm

Source:
4351d831197d01d98d950e0989f6e9012f6890f3711e001d9a23471c8d5ec779 augeas-1.4.0-2.el7_4.1.src.rpm


Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] New CentOS Atomic Host with OverlayFS Storage

The CentOS Atomic SIG has released an updated version
(https://wiki.centos.org/SpecialInterestGroup/Atomic/Download) of
CentOS Atomic Host (7.1708), a lean operating system designed to run
Docker containers, built from standard CentOS 7 RPMs, and tracking the
component versions included in Red Hat Enterprise Linux Atomic Host.

This release, which is based on the RHEL 7.4 source code
(https://seven.centos.org/2017/08/centos-linux-7-1708-based-on-rhel-7-4-source-code/),
includes an updated kernel that supports overlayfs container storage,
among other enhancements.

CentOS Atomic Host includes these core component versions:

* atomic-1.18.1-3.1.git0705b1b.el7.x86_64
* cloud-init-0.7.9-9.el7.centos.2.x86_64
* docker-1.12.6-48.git0fdc778.el7.centos.x86_64
* etcd-3.1.9-2.el7.x86_64
* flannel-0.7.1-2.el7.x86_64
* kernel-3.10.0-693.2.2.el7.x86_64
* kubernetes-node-1.5.2-0.7.git269f928.el7.x86_64
* ostree-2017.7-1.el7.x86_64
* rpm-ostree-client-2017.6-6.atomic.el7.x86_64

## OverlayFS Storage

In previous releases of CentOS Atomic Host, SELinux had to be in
permissive or disabled mode for OverlayFS storage to work. Now you can
run the OverlayFS file system with SELinux in enforcing mode. CentOS
Atomic Host still defaults to devicemapper storage, but you can switch
to OverlayFS using the following commands:

$ systemctl stop docker
$ atomic storage reset
# Reallocate space to the root VG – tweak how much to your liking
$ lvm lvextend -r -l +50%FREE atomicos/root
$ atomic storage modify –driver overlay2
$ systemctl start docker

For more information on storage management options, see the upstream
RHEL documentation
(https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_atomic_host/7/html-single/managing_containers/#overlay_graph_driver).

## Containerized Master

CentOS Atomic Host ships without the kubernetes-master package built
into the image. For information on how to run these kubernetes
components as system containers, consult the CentOS wiki
(https://wiki.centos.org/SpecialInterestGroup/Atomic/Download).

If you prefer to run Kubernetes from installed rpms, you can layer the
master components onto your Atomic Host image using rpm-ostree package
layering with the command: atomic host install kubernetes-master -r.

## Download CentOS Atomic Host

CentOS Atomic Host is available as a VirtualBox or libvirt-formatted
Vagrant box, or as an installable ISO, qcow2 or Amazon Machine image.
For links to media, see the CentOS wiki
(https://wiki.centos.org/SpecialInterestGroup/Atomic/Download).

## Upgrading

If you’re running a previous version of CentOS Atomic Host, you can
upgrade to the current image by running the following command:

$ sudo atomic host upgrade

## Release Cycle

The CentOS Atomic Host image follows the upstream Red Hat Enterprise
Linux Atomic Host cadence. After sources are released, they’re rebuilt
and included in new images. After the images are tested by the SIG and
deemed ready, we announce them.

## Getting Involved

CentOS Atomic Host is produced by the CentOS Atomic SIG
(http://wiki.centos.org/SpecialInterestGroup/Atomic), based on
upstream work from Project Atomic (http://www.projectatomic.io/). If
you’d like to work on testing images, help with packaging,
documentation — join us!

The SIG meets every two weeks on Tuesday at 04:00 UTC in
#centos-devel, and on the alternating weeks, meets as part of the
Project Atomic community meeting at 16:00 UTC on Monday in the #atomic
channel. You’ll often find us in #atomic and/or #centos-devel if you
have questions. You can also join the atomic-devel
(https://lists.projectatomic.io/mailman/listinfo/atomic-devel) mailing
list if you’d like to discuss the direction of Project Atomic, its
components, or have other questions.

## Getting Help

If you run into any problems with the images or components, feel free
to ask on the centos-devel
(http://lists.centos.org/mailman/listinfo/centos-devel) mailing list.

Have questions about using Atomic? See the atomic
(https://lists.projectatomic.io/mailman/listinfo/atomic) mailing list
or find us in the #atomic channel on Freenode.
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

CESA-2017:2789 Moderate CentOS 6 samba Security Update

CentOS Errata and Security Advisory 2017:2789 Moderate

Upstream details at : https://access.redhat.com/errata/RHSA-2017:2789

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
b1c1343b5b8297260221db50803e504a8bf7bf51c0e86b03630a3261a5fd77f4 libsmbclient-3.6.23-45.el6_9.i686.rpm
f0db2b231f8eb9e55d939ec1dfd122c372789931f1fa23f8880e3cefcff6efd9 libsmbclient-devel-3.6.23-45.el6_9.i686.rpm
c33e7edaa1a360cabf8da6e7022f4fff6cbfa2d34c4534e479ac70bc3b4dac73 samba-3.6.23-45.el6_9.i686.rpm
10db2c2ba235934314ea41c2f3849790dd3f728473347cba91eac0359b799fc8 samba-client-3.6.23-45.el6_9.i686.rpm
4ea30d194fbeceb9f26430c5cd0bf3beba02138832cd57577e94bdf920c28f58 samba-common-3.6.23-45.el6_9.i686.rpm
2419782105b3a2b95ffa637ca55439af4d3a1a38b4fa1e9a91dac6ac59edcd2f samba-doc-3.6.23-45.el6_9.i686.rpm
bd9d7786488e59bc8840d60e474d0fd31c71bcbd92250f9e4054527cac949bbc samba-domainjoin-gui-3.6.23-45.el6_9.i686.rpm
783b87887f2175e0a79883977fa6a9f298a3462a43c7b6e2a756a7c5d62a86d2 samba-swat-3.6.23-45.el6_9.i686.rpm
95a93bcdeab8c2ffbf827572b87542134da2ebec271298535e6cac9db6c03d3c samba-winbind-3.6.23-45.el6_9.i686.rpm
a838d461c4cefef8a7fd3dd9263d8b2aecd7caeb04101938f071241458d4e29d samba-winbind-clients-3.6.23-45.el6_9.i686.rpm
c406187e133ecbe7c9c2facc7007e252ce75a77e4e7899c0ffa3a652a40792a3 samba-winbind-devel-3.6.23-45.el6_9.i686.rpm
8418a6eb861cc6c83113096f194025283d6439df840f3cf97f6304abd2891152 samba-winbind-krb5-locator-3.6.23-45.el6_9.i686.rpm

x86_64:
b1c1343b5b8297260221db50803e504a8bf7bf51c0e86b03630a3261a5fd77f4 libsmbclient-3.6.23-45.el6_9.i686.rpm
fd61775d89552e96fd0a4b0b1db0fb13c3dd141d6c3cf27c07af91f08a54d21b libsmbclient-3.6.23-45.el6_9.x86_64.rpm
f0db2b231f8eb9e55d939ec1dfd122c372789931f1fa23f8880e3cefcff6efd9 libsmbclient-devel-3.6.23-45.el6_9.i686.rpm
d12e1e4b3508e9576a841ca2f14304aeb582f573443899933f0f6c1c3d38bfb8 libsmbclient-devel-3.6.23-45.el6_9.x86_64.rpm
f16bfd04dc7790ab1da4525766c986a10cc3bd78494942f967c476778de43509 samba-3.6.23-45.el6_9.x86_64.rpm
3c4ef5f4e1cec473e34715d0755c0a9e890a318c41c1e9ad79151c423f7749ef samba-client-3.6.23-45.el6_9.x86_64.rpm
4ea30d194fbeceb9f26430c5cd0bf3beba02138832cd57577e94bdf920c28f58 samba-common-3.6.23-45.el6_9.i686.rpm
b42b1c404939437668ccf4047696fa49cd9acbf1433286a8d1e0b32b0a37daae samba-common-3.6.23-45.el6_9.x86_64.rpm
8472bdcff49c0967677fc0afed657e85a641107bd9f75412a8a9878c3a8c2dbb samba-doc-3.6.23-45.el6_9.x86_64.rpm
ded2271e9b1fc9d8434eee31749c8743230133842e4c5c2eacc8e9f5b4f5b224 samba-domainjoin-gui-3.6.23-45.el6_9.x86_64.rpm
e74f99a660c8522f77b6ca267cdd9561c69d78f026d1e3c1acaf6adff012a511 samba-glusterfs-3.6.23-45.el6_9.x86_64.rpm
3904b58c0ec38f3a94277b4da0c44898a889e7c1b630fea9e1f14c159d1e55bd samba-swat-3.6.23-45.el6_9.x86_64.rpm
e6dc02606ee66e216b43fdcdd90ee2e42bb98e9355d9c3e25124c9e2c98dd456 samba-winbind-3.6.23-45.el6_9.x86_64.rpm
a838d461c4cefef8a7fd3dd9263d8b2aecd7caeb04101938f071241458d4e29d samba-winbind-clients-3.6.23-45.el6_9.i686.rpm
a463d9a6c636a16d20e36a3e0ab6cb356bf06e3e4efe0534fda012381155c525 samba-winbind-clients-3.6.23-45.el6_9.x86_64.rpm
c406187e133ecbe7c9c2facc7007e252ce75a77e4e7899c0ffa3a652a40792a3 samba-winbind-devel-3.6.23-45.el6_9.i686.rpm
dc4cc9785f841e8bdf6367b9f9076716176c7c87ca21bee04145444ea048f784 samba-winbind-devel-3.6.23-45.el6_9.x86_64.rpm
cf7b7b7b956a39bc4cb81eacd072386e07be62f9792e3bfdb26c5026af29b546 samba-winbind-krb5-locator-3.6.23-45.el6_9.x86_64.rpm

Source:
166b1d59c045f75c083b14bd5ba0c3d64d63eee9b1902bfaafb1dca6f78ae06b samba-3.6.23-45.el6_9.src.rpm


Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

openSUSE-SU-2017:2540-1: important: Security update for xen

openSUSE Security Update: Security update for xen
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:2540-1
Rating: important
References: #1027519 #1055695 #1056278 #1056280 #1056281
#1056282
Cross-References: CVE-2017-14316 CVE-2017-14317 CVE-2017-14318
CVE-2017-14319
Affected Products:
openSUSE Leap 42.2
______________________________________________________________________________

An update that solves four vulnerabilities and has two
fixes is now available.

Description:

This update for xen fixes several issues.

These security issues were fixed:

– CVE-2017-14316: Missing bound check in function `alloc_heap_pages` for
an internal array allowed attackers using crafted hypercalls to execute
arbitrary code within Xen (XSA-231, bsc#1056278)
– CVE-2017-14318: The function __gnttab_cache_flush missed a check for
grant tables, allowing a malicious guest to crash the host or for x86 PV
guests to potentially escalate privileges (XSA-232, bsc#1056280)
– CVE-2017-14317: A race in cxenstored may have cause a double-free
allowind for DoS of the xenstored daemon (XSA-233, bsc#1056281).
– CVE-2017-14319: An error while handling grant mappings allowed malicious
or buggy x86 PV guest to escalate its privileges or crash the hypervisor
(XSA-234, bsc#1056282).

These non-security issues were fixed:

– bsc#1055695: Fixed restoring updates for HVM guests for ballooned domUs

This update was imported from the SUSE:SLE-12-SP2:Update update project.

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– openSUSE Leap 42.2:

zypper in -t patch openSUSE-2017-1080=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– openSUSE Leap 42.2 (i586 x86_64):

xen-debugsource-4.7.3_04-11.15.1
xen-devel-4.7.3_04-11.15.1
xen-libs-4.7.3_04-11.15.1
xen-libs-debuginfo-4.7.3_04-11.15.1
xen-tools-domU-4.7.3_04-11.15.1
xen-tools-domU-debuginfo-4.7.3_04-11.15.1

– openSUSE Leap 42.2 (x86_64):

xen-4.7.3_04-11.15.1
xen-doc-html-4.7.3_04-11.15.1
xen-libs-32bit-4.7.3_04-11.15.1
xen-libs-debuginfo-32bit-4.7.3_04-11.15.1
xen-tools-4.7.3_04-11.15.1
xen-tools-debuginfo-4.7.3_04-11.15.1

References:

https://www.suse.com/security/cve/CVE-2017-14316.html
https://www.suse.com/security/cve/CVE-2017-14317.html
https://www.suse.com/security/cve/CVE-2017-14318.html
https://www.suse.com/security/cve/CVE-2017-14319.html
https://bugzilla.suse.com/1027519
https://bugzilla.suse.com/1055695
https://bugzilla.suse.com/1056278
https://bugzilla.suse.com/1056280
https://bugzilla.suse.com/1056281
https://bugzilla.suse.com/1056282


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

openSUSE-SU-2017:2535-1: important: Security update for emacs

openSUSE Security Update: Security update for emacs
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:2535-1
Rating: important
References: #1058425
Cross-References: CVE-2017-14482
Affected Products:
openSUSE Leap 42.3
openSUSE Leap 42.2
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for emacs fixes one issues.

This security issue was fixed:

– CVE-2017-14482: Remote code execution via mails with “Content-Type:
text/enriched” (bsc#1058425)

This update was imported from the SUSE:SLE-12:Update update project.

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– openSUSE Leap 42.3:

zypper in -t patch openSUSE-2017-1078=1

– openSUSE Leap 42.2:

zypper in -t patch openSUSE-2017-1078=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– openSUSE Leap 42.3 (i586 x86_64):

emacs-24.3-28.1
emacs-debuginfo-24.3-28.1
emacs-debugsource-24.3-28.1
emacs-nox-24.3-28.1
emacs-nox-debuginfo-24.3-28.1
emacs-x11-24.3-28.1
emacs-x11-debuginfo-24.3-28.1
etags-24.3-28.1
etags-debuginfo-24.3-28.1

– openSUSE Leap 42.3 (noarch):

emacs-el-24.3-28.1
emacs-info-24.3-28.1

– openSUSE Leap 42.2 (i586 x86_64):

emacs-24.3-24.6.1
emacs-debuginfo-24.3-24.6.1
emacs-debugsource-24.3-24.6.1
emacs-nox-24.3-24.6.1
emacs-nox-debuginfo-24.3-24.6.1
emacs-x11-24.3-24.6.1
emacs-x11-debuginfo-24.3-24.6.1
etags-24.3-24.6.1
etags-debuginfo-24.3-24.6.1

– openSUSE Leap 42.2 (noarch):

emacs-el-24.3-24.6.1
emacs-info-24.3-24.6.1

References:

https://www.suse.com/security/cve/CVE-2017-14482.html
https://bugzilla.suse.com/1058425


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE-SU-2017:2534-1: important: Security update for the Linux Kernel

SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2534-1
Rating: important
References: #1057389
Cross-References: CVE-2017-1000251
Affected Products:
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Module for Public Cloud 12
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

The SUSE Linux Enterprise 12 GA kernel was updated to receive the
following security fixes:

– CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel was
vulnerable to a stack overflow while processing L2CAP configuration
responses, resulting in a potential remote denial-of-service
vulnerability but no remote code execution due to use of
CONFIG_CC_STACKPROTECTOR. [bnc#1057389]

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server 12-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-2017-1569=1

– SUSE Linux Enterprise Module for Public Cloud 12:

zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2017-1569=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64):

kernel-default-3.12.61-52.92.1
kernel-default-base-3.12.61-52.92.1
kernel-default-base-debuginfo-3.12.61-52.92.1
kernel-default-debuginfo-3.12.61-52.92.1
kernel-default-debugsource-3.12.61-52.92.1
kernel-default-devel-3.12.61-52.92.1
kernel-syms-3.12.61-52.92.1

– SUSE Linux Enterprise Server 12-LTSS (x86_64):

kernel-xen-3.12.61-52.92.1
kernel-xen-base-3.12.61-52.92.1
kernel-xen-base-debuginfo-3.12.61-52.92.1
kernel-xen-debuginfo-3.12.61-52.92.1
kernel-xen-debugsource-3.12.61-52.92.1
kernel-xen-devel-3.12.61-52.92.1
kgraft-patch-3_12_61-52_92-default-1-2.1
kgraft-patch-3_12_61-52_92-xen-1-2.1

– SUSE Linux Enterprise Server 12-LTSS (noarch):

kernel-devel-3.12.61-52.92.1
kernel-macros-3.12.61-52.92.1
kernel-source-3.12.61-52.92.1

– SUSE Linux Enterprise Server 12-LTSS (s390x):

kernel-default-man-3.12.61-52.92.1

– SUSE Linux Enterprise Module for Public Cloud 12 (x86_64):

kernel-ec2-3.12.61-52.92.1
kernel-ec2-debuginfo-3.12.61-52.92.1
kernel-ec2-debugsource-3.12.61-52.92.1
kernel-ec2-devel-3.12.61-52.92.1
kernel-ec2-extra-3.12.61-52.92.1
kernel-ec2-extra-debuginfo-3.12.61-52.92.1

References:

https://www.suse.com/security/cve/CVE-2017-1000251.html
https://bugzilla.suse.com/1057389


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE-SU-2017:2532-1: important: Security update for emacs

SUSE Security Update: Security update for emacs
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2532-1
Rating: important
References: #1058425
Cross-References: CVE-2017-14482
Affected Products:
SUSE Linux Enterprise Software Development Kit 11-SP4
SUSE Linux Enterprise Server 11-SP4
SUSE Linux Enterprise Server 11-SP3-LTSS
SUSE Linux Enterprise Point of Sale 11-SP3
SUSE Linux Enterprise Debuginfo 11-SP4
SUSE Linux Enterprise Debuginfo 11-SP3
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for emacs fixes one issues.

This security issue was fixed:

– CVE-2017-14482: Remote code execution via mails with “Content-Type:
text/enriched” (bsc#1058425)

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Software Development Kit 11-SP4:

zypper in -t patch sdksp4-emacs-13285=1

– SUSE Linux Enterprise Server 11-SP4:

zypper in -t patch slessp4-emacs-13285=1

– SUSE Linux Enterprise Server 11-SP3-LTSS:

zypper in -t patch slessp3-emacs-13285=1

– SUSE Linux Enterprise Point of Sale 11-SP3:

zypper in -t patch sleposp3-emacs-13285=1

– SUSE Linux Enterprise Debuginfo 11-SP4:

zypper in -t patch dbgsp4-emacs-13285=1

– SUSE Linux Enterprise Debuginfo 11-SP3:

zypper in -t patch dbgsp3-emacs-13285=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64):

emacs-nox-22.3-42.3.1

– SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):

emacs-22.3-42.3.1
emacs-el-22.3-42.3.1
emacs-info-22.3-42.3.1
emacs-nox-22.3-42.3.1
emacs-x11-22.3-42.3.1

– SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64):

emacs-22.3-42.3.1
emacs-el-22.3-42.3.1
emacs-info-22.3-42.3.1
emacs-nox-22.3-42.3.1
emacs-x11-22.3-42.3.1

– SUSE Linux Enterprise Point of Sale 11-SP3 (i586):

emacs-22.3-42.3.1
emacs-el-22.3-42.3.1
emacs-info-22.3-42.3.1
emacs-nox-22.3-42.3.1
emacs-x11-22.3-42.3.1

– SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):

emacs-debuginfo-22.3-42.3.1
emacs-debugsource-22.3-42.3.1

– SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64):

emacs-debuginfo-22.3-42.3.1
emacs-debugsource-22.3-42.3.1

References:

https://www.suse.com/security/cve/CVE-2017-14482.html
https://bugzilla.suse.com/1058425


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

Zabbix 3.4.2rc2 released

Greetings!

Zabbix Team is pleased to announce the availability of Zabbix 3.4.2rc2, second release candidate of Zabbix 3.4.2.

Complete Release Notes: https://www.zabbix.com/rn3.4.2rc2

Download: https://www.zabbix.com/download

Kind regards,
Alexei Vladishev,
Zabbix Product Manager, CEO
——————————————————————————
Check out the vibrant tech community on one of the world’s most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Zabbix-announce mailing list
Zabbix-announce@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/zabbix-announce

SUSE-SU-2017:2529-1: important: Security update for emacs

SUSE Security Update: Security update for emacs
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2529-1
Rating: important
References: #1058425
Cross-References: CVE-2017-14482
Affected Products:
SUSE OpenStack Cloud 6
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
SUSE Linux Enterprise Server 12-SP3
SUSE Linux Enterprise Server 12-SP2
SUSE Linux Enterprise Server 12-SP1-LTSS
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Desktop 12-SP3
SUSE Linux Enterprise Desktop 12-SP2
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for emacs fixes one issues.

This security issue was fixed:

– CVE-2017-14482: Remote code execution via mails with “Content-Type:
text/enriched” (bsc#1058425)

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE OpenStack Cloud 6:

zypper in -t patch SUSE-OpenStack-Cloud-6-2017-1565=1

– SUSE Linux Enterprise Server for SAP 12-SP1:

zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1565=1

– SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:

zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1565=1

– SUSE Linux Enterprise Server 12-SP3:

zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1565=1

– SUSE Linux Enterprise Server 12-SP2:

zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1565=1

– SUSE Linux Enterprise Server 12-SP1-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1565=1

– SUSE Linux Enterprise Server 12-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-2017-1565=1

– SUSE Linux Enterprise Desktop 12-SP3:

zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1565=1

– SUSE Linux Enterprise Desktop 12-SP2:

zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1565=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE OpenStack Cloud 6 (x86_64):

emacs-24.3-25.3.1
emacs-debuginfo-24.3-25.3.1
emacs-debugsource-24.3-25.3.1
emacs-nox-24.3-25.3.1
emacs-nox-debuginfo-24.3-25.3.1
emacs-x11-24.3-25.3.1
emacs-x11-debuginfo-24.3-25.3.1
etags-24.3-25.3.1
etags-debuginfo-24.3-25.3.1

– SUSE OpenStack Cloud 6 (noarch):

emacs-el-24.3-25.3.1
emacs-info-24.3-25.3.1

– SUSE Linux Enterprise Server for SAP 12-SP1 (ppc64le x86_64):

emacs-24.3-25.3.1
emacs-debuginfo-24.3-25.3.1
emacs-debugsource-24.3-25.3.1
emacs-nox-24.3-25.3.1
emacs-nox-debuginfo-24.3-25.3.1
emacs-x11-24.3-25.3.1
emacs-x11-debuginfo-24.3-25.3.1
etags-24.3-25.3.1
etags-debuginfo-24.3-25.3.1

– SUSE Linux Enterprise Server for SAP 12-SP1 (noarch):

emacs-el-24.3-25.3.1
emacs-info-24.3-25.3.1

– SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64):

emacs-24.3-25.3.1
emacs-debuginfo-24.3-25.3.1
emacs-debugsource-24.3-25.3.1
emacs-nox-24.3-25.3.1
emacs-nox-debuginfo-24.3-25.3.1
emacs-x11-24.3-25.3.1
emacs-x11-debuginfo-24.3-25.3.1
etags-24.3-25.3.1
etags-debuginfo-24.3-25.3.1

– SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch):

emacs-el-24.3-25.3.1
emacs-info-24.3-25.3.1

– SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64):

emacs-24.3-25.3.1
emacs-debuginfo-24.3-25.3.1
emacs-debugsource-24.3-25.3.1
emacs-nox-24.3-25.3.1
emacs-nox-debuginfo-24.3-25.3.1
emacs-x11-24.3-25.3.1
emacs-x11-debuginfo-24.3-25.3.1
etags-24.3-25.3.1
etags-debuginfo-24.3-25.3.1

– SUSE Linux Enterprise Server 12-SP3 (noarch):

emacs-el-24.3-25.3.1
emacs-info-24.3-25.3.1

– SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le s390x x86_64):

emacs-24.3-25.3.1
emacs-debuginfo-24.3-25.3.1
emacs-debugsource-24.3-25.3.1
emacs-nox-24.3-25.3.1
emacs-nox-debuginfo-24.3-25.3.1
emacs-x11-24.3-25.3.1
emacs-x11-debuginfo-24.3-25.3.1
etags-24.3-25.3.1
etags-debuginfo-24.3-25.3.1

– SUSE Linux Enterprise Server 12-SP2 (noarch):

emacs-el-24.3-25.3.1
emacs-info-24.3-25.3.1

– SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64):

emacs-24.3-25.3.1
emacs-debuginfo-24.3-25.3.1
emacs-debugsource-24.3-25.3.1
emacs-nox-24.3-25.3.1
emacs-nox-debuginfo-24.3-25.3.1
emacs-x11-24.3-25.3.1
emacs-x11-debuginfo-24.3-25.3.1
etags-24.3-25.3.1
etags-debuginfo-24.3-25.3.1

– SUSE Linux Enterprise Server 12-SP1-LTSS (noarch):

emacs-el-24.3-25.3.1
emacs-info-24.3-25.3.1

– SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64):

emacs-24.3-25.3.1
emacs-debuginfo-24.3-25.3.1
emacs-debugsource-24.3-25.3.1
emacs-nox-24.3-25.3.1
emacs-nox-debuginfo-24.3-25.3.1
emacs-x11-24.3-25.3.1
emacs-x11-debuginfo-24.3-25.3.1
etags-24.3-25.3.1
etags-debuginfo-24.3-25.3.1

– SUSE Linux Enterprise Server 12-LTSS (noarch):

emacs-el-24.3-25.3.1
emacs-info-24.3-25.3.1

– SUSE Linux Enterprise Desktop 12-SP3 (x86_64):

emacs-24.3-25.3.1
emacs-debuginfo-24.3-25.3.1
emacs-debugsource-24.3-25.3.1
emacs-x11-24.3-25.3.1
emacs-x11-debuginfo-24.3-25.3.1
etags-24.3-25.3.1
etags-debuginfo-24.3-25.3.1

– SUSE Linux Enterprise Desktop 12-SP3 (noarch):

emacs-info-24.3-25.3.1

– SUSE Linux Enterprise Desktop 12-SP2 (x86_64):

emacs-24.3-25.3.1
emacs-debuginfo-24.3-25.3.1
emacs-debugsource-24.3-25.3.1
emacs-x11-24.3-25.3.1
emacs-x11-debuginfo-24.3-25.3.1
etags-24.3-25.3.1
etags-debuginfo-24.3-25.3.1

– SUSE Linux Enterprise Desktop 12-SP2 (noarch):

emacs-info-24.3-25.3.1

References:

https://www.suse.com/security/cve/CVE-2017-14482.html
https://bugzilla.suse.com/1058425


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

CESA-2017:2771 Important CentOS 7 emacs Security Update

CentOS Errata and Security Advisory 2017:2771 Important

Upstream details at : https://access.redhat.com/errata/RHSA-2017:2771

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

x86_64:
47619da497682c1d399f3e839774d98a579db4c15f1f0295cfd6cdcae070e408 emacs-24.3-20.el7_4.x86_64.rpm
31638172ec33046d69beebdbde23d7e5f5521c6fe3df1ca063a4f11900d38b65 emacs-common-24.3-20.el7_4.x86_64.rpm
a494e7928ca31b88142e2762f88a934c94e8c8bc526d3a78bc58ab706f650c08 emacs-el-24.3-20.el7_4.noarch.rpm
2184386790f816e052c59b814ba9c5acb898161ad3cf12b5d3523536dc021bd0 emacs-filesystem-24.3-20.el7_4.noarch.rpm
1c43a83bfa035a29d4c04958292253931172a07d910972fcdf07fcec9b59b658 emacs-nox-24.3-20.el7_4.x86_64.rpm
2a974431e4ae960ddd2c31f9183a22b926ebcbefbb31e51f250687e8545a01ed emacs-terminal-24.3-20.el7_4.noarch.rpm

Source:
6d52969eb35bae9d613ab2297b900c6241a96f4e8fd3a67225e6d94c69cb8b3c emacs-24.3-20.el7_4.src.rpm


Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

OPNsense 17.7.3 released

SGkgdGhlcmUsCgpXZSBoYXZlIHRoZSB0aW5pZXN0IHVwZGF0ZSB0b2RheSBqdXN0IHRvIGtlZXAg
dGhpbmdzIGZyZXNoIGFuZCBtb3ZpbmcKZm9yd2FyZC4gIDopCgpIZXJlIGFyZSB0aGUgZnVsbCBw
YXRjaCBub3RlczoKCm8gaW50ZXJmYWNlczogSVB2NiB0cmFja2luZyBub3cgY29uZmlndXJlcyBE
TlMgdG8gZXhjbHVzaXZlbHkgdXNlIGxvY2FsCiAgc2VydmljZSBvciBnbG9iYWwgc2V0dGluZ3MK
byBpbnRlcmZhY2VzOiBmaXggcHJvdmlkZXIgc2VsZWN0aW9uIGZvciBQUFAKbyBpbnRydXNpb24g
ZGV0ZWN0aW9uOiBmaXggY2hhbmdpbmcgdGhlIGFjdGlvbiBvZiBydWxlcyBwcmVmaXhlZCB3aXRo
ICIjYWxlcnQiCm8gaXBzZWM6IGZpeCBhY2Nlc3MgdG8gdGhlIHNoYXJlZCBrZXkgZWRpdCBwYWdl
Cm8gd2ViIHByb3h5OiBhZGp1c3QgZGVmYXVsdCBVUkxzIGZvciBJQ0FQIChjb250cmlidXRlZCBi
eSBGYWJpYW4gRnJhbnopCm8gcGx1Z2luczogb3MtZHluZG5zIDEuMyBmaXhlcyBOYW1lY2hlYXAg
dXBkYXRlcwpvIHBsdWdpbnM6IG9zLXF1YWdnYSAxLjQuMSBhZGRzIGxvZ2dpbmcgKGNvbnRyaWJ1
dGVkIGJ5IEZhYmlhbiBGcmFueikKbyBwb3J0czogc3VkbyAxLjguMjFwMlsxXQoKClN0YXkgc2Fm
ZSwKWW91ciBPUE5zZW5zZSB0ZWFtCgotLQpbMV0gaHR0cHM6Ly93d3cuc3Vkby53cy9zdGFibGUu
aHRtbCMxLjguMjFwMgpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fXwphbm5vdW5jZSBtYWlsaW5nIGxpc3QKYW5ub3VuY2VAbGlzdHMub3Buc2Vuc2Uub3JnCmh0
dHA6Ly9saXN0cy5vcG5zZW5zZS5vcmcvbGlzdGluZm8vYW5ub3VuY2UK

SUSE-SU-2017:2525-1: important: Security update for the Linux Kernel

SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2525-1
Rating: important
References: #1006919 #1012422 #1013862 #1017143 #1020229
#1021256 #1023051 #1024938 #1025013 #1025235
#1026024 #1026722 #1026914 #1027066 #1027101
#1027178 #1027179 #1027406 #1028415 #1028880
#1029212 #1029850 #1030213 #1030573 #1030575
#1030593 #1031003 #1031052 #1031440 #1031481
#1031579 #1031660 #1033287 #1033336 #1034670
#1034838 #1035576 #1037182 #1037183 #1037994
#1038544 #1038564 #1038879 #1038883 #1038981
#1038982 #1039349 #1039354 #1039456 #1039594
#1039882 #1039883 #1039885 #1040069 #1041431
#1042364 #1042863 #1042892 #1044125 #1045416
#1045487 #1046107 #1048232 #1048275 #1049483
#1049603 #1049882 #1050677 #1052311 #1053148
#1053152 #1053760 #1056588 #870618 #948562
#957988 #957990 #963655 #972891 #979681 #983212
#986924 #989896 #999245
Cross-References: CVE-2016-10200 CVE-2016-5243 CVE-2017-1000112
CVE-2017-1000363 CVE-2017-1000365 CVE-2017-1000380
CVE-2017-10661 CVE-2017-11176 CVE-2017-11473
CVE-2017-12762 CVE-2017-14051 CVE-2017-2647
CVE-2017-2671 CVE-2017-5669 CVE-2017-5970
CVE-2017-5986 CVE-2017-6074 CVE-2017-6214
CVE-2017-6348 CVE-2017-6353 CVE-2017-6951
CVE-2017-7184 CVE-2017-7187 CVE-2017-7261
CVE-2017-7294 CVE-2017-7308 CVE-2017-7482
CVE-2017-7487 CVE-2017-7533 CVE-2017-7542
CVE-2017-7616 CVE-2017-8831 CVE-2017-8890
CVE-2017-8924 CVE-2017-8925 CVE-2017-9074
CVE-2017-9075 CVE-2017-9076 CVE-2017-9077
CVE-2017-9242
Affected Products:
SUSE Linux Enterprise Server 11-SP3-LTSS
SUSE Linux Enterprise Server 11-EXTRA
SUSE Linux Enterprise Point of Sale 11-SP3
SUSE Linux Enterprise Debuginfo 11-SP3
______________________________________________________________________________

An update that solves 40 vulnerabilities and has 44 fixes
is now available.

Description:

The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated receive various
security and bugfixes.

The following security bugs were fixed:

– CVE-2016-5243: The tipc_nl_compat_link_dump function in
net/tipc/netlink_compat.c in the Linux kernel did not properly copy a
certain string, which allowed local users to obtain sensitive
information from kernel stack memory by reading a Netlink message
(bnc#983212)
– CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in
the Linux kernel allowed local users to gain privileges or cause a
denial of service (use-after-free) by making multiple bind system calls
without properly ascertaining whether a socket has the SOCK_ZAPPED
status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c
(bnc#1028415)
– CVE-2017-2647: The KEYS subsystem in the Linux kernel allowed local
users to gain privileges or cause a denial of service (NULL pointer
dereference and system crash) via vectors involving a NULL value for a
certain match field, related to the keyring_search_iterator function in
keyring.c (bsc#1030593).
– CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux
kernel was too late in obtaining a certain lock and consequently could
not ensure that disconnect function calls are safe, which allowed local
users to cause a denial of service (panic) by leveraging access to the
protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003)
– CVE-2017-5669: The do_shmat function in ipc/shm.c in the Linux kernel
did not restrict the address calculated by a certain rounding operation,
which allowed local users to map page zero, and consequently bypass a
protection mechanism that exists for the mmap system call, by making
crafted shmget and shmat system calls in a privileged context
(bnc#1026914)
– CVE-2017-5970: The ipv4_pktinfo_prepare function in
net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a
denial of service (system crash) via (1) an application that made
crafted system calls or possibly (2) IPv4 traffic with invalid IP
options (bsc#1024938)
– CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in
net/sctp/socket.c in the Linux kernel allowed local users to cause a
denial of service (assertion failure and panic) via a multithreaded
application that peels off an association in a certain buffer-full state
(bsc#1025235)
– CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c
in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures
in the LISTEN state, which allowed local users to obtain root privileges
or cause a denial of service (double free) via an application that made
an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024)
– CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the
Linux kernel allowed remote attackers to cause a denial of service
(infinite loop and soft lockup) via vectors involving a TCP packet with
the URG flag (bnc#1026722)
– CVE-2017-6348: The hashbin_delete function in net/irda/irqueue.c in the
Linux kernel improperly managed lock dropping, which allowed local users
to cause a denial of service (deadlock) via crafted operations on IrDA
devices (bnc#1027178)
– CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly
restrict association peel-off operations during certain wait states,
which allowed local users to cause a denial of service (invalid unlock
and double free) via a multithreaded application. NOTE: this
vulnerability exists because of an incorrect fix for CVE-2017-5986
(bnc#1027066)
– CVE-2017-6951: The keyring_search_aux function in
security/keys/keyring.c in the Linux kernel allowed local users to cause
a denial of service (NULL pointer dereference and OOPS) via a
request_key system call for the “dead” type (bsc#1029850).
– CVE-2017-7184: The xfrm_replay_verify_len function in
net/xfrm/xfrm_user.c in the Linux kernel did not validate certain size
data after an XFRM_MSG_NEWAE update, which allowed local users to obtain
root privileges or cause a denial of service (heap-based out-of-bounds
access) by leveraging the CAP_NET_ADMIN capability (bsc#1030573)
– CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux
kernel allowed local users to cause a denial of service (stack-based
buffer overflow) or possibly have unspecified other impact via a large
command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds
write access in the sg_write function (bnc#1030213)
– CVE-2017-7261: The vmw_surface_define_ioctl function in
drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not
check for a zero value of certain levels data, which allowed local users
to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and
possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device
(bnc#1031052)
– CVE-2017-7294: The vmw_surface_define_ioctl function in
drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not
validate addition of certain levels data, which allowed local users to
trigger an integer overflow and out-of-bounds write, and cause a denial
of service (system hang or crash) or possibly gain privileges, via a
crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440)
– CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in
the Linux kernel did not properly validate certain block-size data,
which allowed local users to cause a denial of service (overflow) or
possibly have unspecified other impact via crafted system calls
(bnc#1031579)
– CVE-2017-7482: Several missing length checks ticket decode allowing for
information leak or potentially code execution (bsc#1046107).
– CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the
Linux kernel mishandled reference counts, which allowed local users to
cause a denial of service (use-after-free) or possibly have unspecified
other impact via a failed SIOCGIFADDR ioctl call for an IPX interface
(bsc#1038879).
– CVE-2017-7533: Race condition in the fsnotify implementation in the
Linux kernel allowed local users to gain privileges or cause a denial of
service (memory corruption) via a crafted application that leverages
simultaneous execution of the inotify_handle_event and vfs_rename
functions (bnc#1049483 1050677 ).
– CVE-2017-7542: The ip6_find_1stfragopt function in
net/ipv6/output_core.c in the Linux kernel allowed local users to cause
a denial of service (integer overflow and infinite loop) by leveraging
the ability to open a raw socket (bnc#1049882).
– CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind
compat syscalls in mm/mempolicy.c in the Linux kernel allowed local
users to obtain sensitive information from uninitialized stack data by
triggering failure of a certain bitmap operation (bsc#1033336)
– CVE-2017-8831: The saa7164_bus_get function in
drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed
local users to cause a denial of service (out-of-bounds array access) or
possibly have unspecified other impact by changing a certain
sequence-number value, aka a “double fetch” vulnerability. This requires
a malicious PCI Card. (bnc#1037994).
– CVE-2017-8890: The inet_csk_clone_lock function in
net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to
cause a denial of service (double free) or possibly have unspecified
other impact by leveraging use of the accept system call (bsc#1038544).
– CVE-2017-8924: The edge_bulk_in_callback function in
drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to
obtain sensitive information (in the dmesg ringbuffer and syslog) from
uninitialized kernel memory by using a crafted USB device (posing as an
io_ti USB serial device) to trigger an integer underflow (bnc#1037182).
– CVE-2017-8925: The omninet_open function in drivers/usb/serial/omninet.c
in the Linux kernel allowed local users to cause a denial of service
(tty exhaustion) by leveraging reference count mishandling (bnc#1038981).
– CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel
did not consider that the nexthdr field may be associated with an
invalid option, which allowed local users to cause a denial of service
(out-of-bounds read and BUG) or possibly have unspecified other impact
via crafted socket and send system calls (bnc#1039882).
– CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c
in the Linux kernel mishandled inheritance, which allowed local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890 (bsc#1039883).
– CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c
in the Linux kernel mishandled inheritance, which allowed local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885).
– CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c
in the Linux kernel mishandled inheritance, which allowed local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890 (bsc#1040069).
– CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c
in the Linux kernel was too late in checking whether an overwrite of an
skb data structure may occur, which allowed local users to cause a
denial of service (system crash) via crafted system calls (bnc#1041431).
– CVE-2017-10661: Race condition in fs/timerfd.c in the Linux kernel
allowed local users to gain privileges or cause a denial of service
(list corruption or use-after-free) via simultaneous file-descriptor
operations that leverage improper might_cancel queueing (bnc#1053152).
– CVE-2017-11176: The mq_notify function in the Linux kernel did not set
the sock pointer to NULL upon entry into the retry logic. During a
user-space close of a Netlink socket, it allowed attackers to cause a
denial of service (use-after-free) or possibly have unspecified other
impact (bnc#1048275).
– CVE-2017-11473: Buffer overflow in the mp_override_legacy_irq() function
in arch/x86/kernel/acpi/boot.c in the Linux kernel allowed local users
to gain privileges via a crafted ACPI table (bnc#1049603).
– CVE-2017-12762: In /drivers/isdn/i4l/isdn_net.c: A user-controlled
buffer is copied into a local buffer of constant size using strcpy
without a length check which can cause a buffer overflow. (bnc#1053148).
– CVE-2017-14051: An integer overflow in the
qla2x00_sysfs_write_optrom_ctl function in
drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel allowed local users
to cause a denial of service (memory corruption and system crash) by
leveraging root access (bnc#1056588).
– CVE-2017-1000112: Fixed a race condition in net-packet code that could
have been exploited by unprivileged users to gain root access.
(bsc#1052311).
– CVE-2017-1000363: Linux drivers/char/lp.c Out-of-Bounds Write. Due to a
missing bounds check, and the fact that parport_ptr integer is static, a
‘secure boot’ kernel command line adversary could have overflowed the
parport_nr array in the following code (bnc#1039456).
– CVE-2017-1000365: The Linux Kernel imposes a size restriction on the
arguments and environmental strings passed through
RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the
argument and environment pointers into account, which allowed attackers
to bypass this limitation (bnc#1039354).
– CVE-2017-1000380: sound/core/timer.c in the Linux kernel was vulnerable
to a data race in the ALSA /dev/snd/timer driver resulting in local
users being able to read information belonging to other users, i.e.,
uninitialized memory contents may be disclosed when a read and an ioctl
happen at the same time (bnc#1044125).

The following non-security bugs were fixed:

– acpi: Disable APEI error injection if securelevel is set (bsc#972891,
bsc#1023051).
– blkback/blktap: do not leak stack data via response ring (bsc#1042863
XSA-216).
– btrfs: cleanup code of btrfs_balance_delayed_items() (bsc#1034838).
– btrfs: do not run delayed nodes again after all nodes flush
(bsc#1034838).
– btrfs: remove btrfs_end_transaction_dmeta() (bsc#1034838).
– btrfs: remove residual code in delayed inode async helper (bsc#1034838).
– btrfs: use flags instead of the bool variants in delayed node
(bsc#1034838).
– cifs: cifs_get_root shouldn’t use path with tree name, alternate fix
(bsc#963655, bsc#979681, bsc#1027406).
– dentry name snapshots (bsc#1049483).
– firmware: fix directory creation rule matching with make 3.80
(bsc#1012422).
– firmware: fix directory creation rule matching with make 3.82
(bsc#1012422).
– Fix vmalloc_fault oops during lazy MMU updates (bsc#948562) (bsc#948562).
– hv: do not lose pending heartbeat vmbus packets (bnc#1006919,
bnc#1053760).
– jbd: do not wait (forever) for stale tid caused by wraparound
(bsc#1020229).
– jbd: Fix oops in journal_remove_journal_head() (bsc#1017143).
– kernel-binary.spec: Propagate MAKE_ARGS to %build (bsc#1012422)
– keys: Disallow keyrings beginning with ‘.’ to be joined as session
keyrings (bnc#1035576).
– nfs: Avoid getting confused by confused server (bsc#1045416).
– nfsd4: minor NFSv2/v3 write decoding cleanup (bsc#1034670).
– nfsd: check for oversized NFSv2/v3 arguments (bsc#1034670).
– nfsd: do not risk using duplicate owner/file/delegation ids
(bsc#1029212).
– nfsd: stricter decoding of write-like NFSv2/v3 ops (bsc#1034670).
– nfs: Make nfs_readdir revalidate less often (bsc#1048232).
– pciback: check PF instead of VF for PCI_COMMAND_MEMORY (bsc#957990).
– pciback: only check PF if actually dealing with a VF (bsc#999245).
– pciback: Save the number of MSI-X entries to be copied later
(bsc#957988).
– Remove superfluous make flags (bsc#1012422)
– Return short read or 0 at end of a raw device, not EIO (bsc#1039594).
– Revert “fs/cifs: fix wrongly prefixed path to root (bsc#963655,
bsc#979681)
– scsi: lpfc: avoid double free of resource identifiers (bsc#989896).
– scsi: virtio_scsi: fix memory leak on full queue condition (bsc#1028880).
– sunrpc: Clean up the slot table allocation (bsc#1013862).
– sunrpc: Initalise the struct xprt upon allocation (bsc#1013862).
– usb: serial: kl5kusb105: fix line-state error handling (bsc#1021256).
– usb: wusbcore: fix NULL-deref at probe (bsc#1045487).
– Use make –output-sync feature when available (bsc#1012422).
– Use PF_LESS_THROTTLE in loop device thread (bsc#1027101).
– xen/PCI-MSI: fix sysfs teardown in DomU (bsc#986924).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server 11-SP3-LTSS:

zypper in -t patch slessp3-kernel-source-13284=1

– SUSE Linux Enterprise Server 11-EXTRA:

zypper in -t patch slexsp3-kernel-source-13284=1

– SUSE Linux Enterprise Point of Sale 11-SP3:

zypper in -t patch sleposp3-kernel-source-13284=1

– SUSE Linux Enterprise Debuginfo 11-SP3:

zypper in -t patch dbgsp3-kernel-source-13284=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64):

kernel-default-3.0.101-0.47.106.5.1
kernel-default-base-3.0.101-0.47.106.5.1
kernel-default-devel-3.0.101-0.47.106.5.1
kernel-source-3.0.101-0.47.106.5.1
kernel-syms-3.0.101-0.47.106.5.1
kernel-trace-3.0.101-0.47.106.5.1
kernel-trace-base-3.0.101-0.47.106.5.1
kernel-trace-devel-3.0.101-0.47.106.5.1

– SUSE Linux Enterprise Server 11-SP3-LTSS (i586 x86_64):

kernel-ec2-3.0.101-0.47.106.5.1
kernel-ec2-base-3.0.101-0.47.106.5.1
kernel-ec2-devel-3.0.101-0.47.106.5.1
kernel-xen-3.0.101-0.47.106.5.1
kernel-xen-base-3.0.101-0.47.106.5.1
kernel-xen-devel-3.0.101-0.47.106.5.1

– SUSE Linux Enterprise Server 11-SP3-LTSS (x86_64):

kernel-bigsmp-3.0.101-0.47.106.5.1
kernel-bigsmp-base-3.0.101-0.47.106.5.1
kernel-bigsmp-devel-3.0.101-0.47.106.5.1

– SUSE Linux Enterprise Server 11-SP3-LTSS (s390x):

kernel-default-man-3.0.101-0.47.106.5.1

– SUSE Linux Enterprise Server 11-SP3-LTSS (i586):

kernel-pae-3.0.101-0.47.106.5.1
kernel-pae-base-3.0.101-0.47.106.5.1
kernel-pae-devel-3.0.101-0.47.106.5.1

– SUSE Linux Enterprise Server 11-EXTRA (i586 s390x x86_64):

kernel-default-extra-3.0.101-0.47.106.5.1

– SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64):

kernel-xen-extra-3.0.101-0.47.106.5.1

– SUSE Linux Enterprise Server 11-EXTRA (x86_64):

kernel-bigsmp-extra-3.0.101-0.47.106.5.1
kernel-trace-extra-3.0.101-0.47.106.5.1

– SUSE Linux Enterprise Server 11-EXTRA (i586):

kernel-pae-extra-3.0.101-0.47.106.5.1

– SUSE Linux Enterprise Point of Sale 11-SP3 (i586):

kernel-default-3.0.101-0.47.106.5.1
kernel-default-base-3.0.101-0.47.106.5.1
kernel-default-devel-3.0.101-0.47.106.5.1
kernel-ec2-3.0.101-0.47.106.5.1
kernel-ec2-base-3.0.101-0.47.106.5.1
kernel-ec2-devel-3.0.101-0.47.106.5.1
kernel-pae-3.0.101-0.47.106.5.1
kernel-pae-base-3.0.101-0.47.106.5.1
kernel-pae-devel-3.0.101-0.47.106.5.1
kernel-source-3.0.101-0.47.106.5.1
kernel-syms-3.0.101-0.47.106.5.1
kernel-trace-3.0.101-0.47.106.5.1
kernel-trace-base-3.0.101-0.47.106.5.1
kernel-trace-devel-3.0.101-0.47.106.5.1
kernel-xen-3.0.101-0.47.106.5.1
kernel-xen-base-3.0.101-0.47.106.5.1
kernel-xen-devel-3.0.101-0.47.106.5.1

– SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64):

kernel-default-debuginfo-3.0.101-0.47.106.5.1
kernel-default-debugsource-3.0.101-0.47.106.5.1
kernel-trace-debuginfo-3.0.101-0.47.106.5.1
kernel-trace-debugsource-3.0.101-0.47.106.5.1

– SUSE Linux Enterprise Debuginfo 11-SP3 (i586 x86_64):

kernel-ec2-debuginfo-3.0.101-0.47.106.5.1
kernel-ec2-debugsource-3.0.101-0.47.106.5.1
kernel-xen-debuginfo-3.0.101-0.47.106.5.1
kernel-xen-debugsource-3.0.101-0.47.106.5.1

– SUSE Linux Enterprise Debuginfo 11-SP3 (x86_64):

kernel-bigsmp-debuginfo-3.0.101-0.47.106.5.1
kernel-bigsmp-debugsource-3.0.101-0.47.106.5.1

– SUSE Linux Enterprise Debuginfo 11-SP3 (i586):

kernel-pae-debuginfo-3.0.101-0.47.106.5.1
kernel-pae-debugsource-3.0.101-0.47.106.5.1

References:

https://www.suse.com/security/cve/CVE-2016-10200.html
https://www.suse.com/security/cve/CVE-2016-5243.html
https://www.suse.com/security/cve/CVE-2017-1000112.html
https://www.suse.com/security/cve/CVE-2017-1000363.html
https://www.suse.com/security/cve/CVE-2017-1000365.html
https://www.suse.com/security/cve/CVE-2017-1000380.html
https://www.suse.com/security/cve/CVE-2017-10661.html
https://www.suse.com/security/cve/CVE-2017-11176.html
https://www.suse.com/security/cve/CVE-2017-11473.html
https://www.suse.com/security/cve/CVE-2017-12762.html
https://www.suse.com/security/cve/CVE-2017-14051.html
https://www.suse.com/security/cve/CVE-2017-2647.html
https://www.suse.com/security/cve/CVE-2017-2671.html
https://www.suse.com/security/cve/CVE-2017-5669.html
https://www.suse.com/security/cve/CVE-2017-5970.html
https://www.suse.com/security/cve/CVE-2017-5986.html
https://www.suse.com/security/cve/CVE-2017-6074.html
https://www.suse.com/security/cve/CVE-2017-6214.html
https://www.suse.com/security/cve/CVE-2017-6348.html
https://www.suse.com/security/cve/CVE-2017-6353.html
https://www.suse.com/security/cve/CVE-2017-6951.html
https://www.suse.com/security/cve/CVE-2017-7184.html
https://www.suse.com/security/cve/CVE-2017-7187.html
https://www.suse.com/security/cve/CVE-2017-7261.html
https://www.suse.com/security/cve/CVE-2017-7294.html
https://www.suse.com/security/cve/CVE-2017-7308.html
https://www.suse.com/security/cve/CVE-2017-7482.html
https://www.suse.com/security/cve/CVE-2017-7487.html
https://www.suse.com/security/cve/CVE-2017-7533.html
https://www.suse.com/security/cve/CVE-2017-7542.html
https://www.suse.com/security/cve/CVE-2017-7616.html
https://www.suse.com/security/cve/CVE-2017-8831.html
https://www.suse.com/security/cve/CVE-2017-8890.html
https://www.suse.com/security/cve/CVE-2017-8924.html
https://www.suse.com/security/cve/CVE-2017-8925.html
https://www.suse.com/security/cve/CVE-2017-9074.html
https://www.suse.com/security/cve/CVE-2017-9075.html
https://www.suse.com/security/cve/CVE-2017-9076.html
https://www.suse.com/security/cve/CVE-2017-9077.html
https://www.suse.com/security/cve/CVE-2017-9242.html
https://bugzilla.suse.com/1006919
https://bugzilla.suse.com/1012422
https://bugzilla.suse.com/1013862
https://bugzilla.suse.com/1017143
https://bugzilla.suse.com/1020229
https://bugzilla.suse.com/1021256
https://bugzilla.suse.com/1023051
https://bugzilla.suse.com/1024938
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1025235
https://bugzilla.suse.com/1026024
https://bugzilla.suse.com/1026722
https://bugzilla.suse.com/1026914
https://bugzilla.suse.com/1027066
https://bugzilla.suse.com/1027101
https://bugzilla.suse.com/1027178
https://bugzilla.suse.com/1027179
https://bugzilla.suse.com/1027406
https://bugzilla.suse.com/1028415
https://bugzilla.suse.com/1028880
https://bugzilla.suse.com/1029212
https://bugzilla.suse.com/1029850
https://bugzilla.suse.com/1030213
https://bugzilla.suse.com/1030573
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1030593
https://bugzilla.suse.com/1031003
https://bugzilla.suse.com/1031052
https://bugzilla.suse.com/1031440
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1031579
https://bugzilla.suse.com/1031660
https://bugzilla.suse.com/1033287
https://bugzilla.suse.com/1033336
https://bugzilla.suse.com/1034670
https://bugzilla.suse.com/1034838
https://bugzilla.suse.com/1035576
https://bugzilla.suse.com/1037182
https://bugzilla.suse.com/1037183
https://bugzilla.suse.com/1037994
https://bugzilla.suse.com/1038544
https://bugzilla.suse.com/1038564
https://bugzilla.suse.com/1038879
https://bugzilla.suse.com/1038883
https://bugzilla.suse.com/1038981
https://bugzilla.suse.com/1038982
https://bugzilla.suse.com/1039349
https://bugzilla.suse.com/1039354
https://bugzilla.suse.com/1039456
https://bugzilla.suse.com/1039594
https://bugzilla.suse.com/1039882
https://bugzilla.suse.com/1039883
https://bugzilla.suse.com/1039885
https://bugzilla.suse.com/1040069
https://bugzilla.suse.com/1041431
https://bugzilla.suse.com/1042364
https://bugzilla.suse.com/1042863
https://bugzilla.suse.com/1042892
https://bugzilla.suse.com/1044125
https://bugzilla.suse.com/1045416
https://bugzilla.suse.com/1045487
https://bugzilla.suse.com/1046107
https://bugzilla.suse.com/1048232
https://bugzilla.suse.com/1048275
https://bugzilla.suse.com/1049483
https://bugzilla.suse.com/1049603
https://bugzilla.suse.com/1049882
https://bugzilla.suse.com/1050677
https://bugzilla.suse.com/1052311
https://bugzilla.suse.com/1053148
https://bugzilla.suse.com/1053152
https://bugzilla.suse.com/1053760
https://bugzilla.suse.com/1056588
https://bugzilla.suse.com/870618
https://bugzilla.suse.com/948562
https://bugzilla.suse.com/957988
https://bugzilla.suse.com/957990
https://bugzilla.suse.com/963655
https://bugzilla.suse.com/972891
https://bugzilla.suse.com/979681
https://bugzilla.suse.com/983212
https://bugzilla.suse.com/986924
https://bugzilla.suse.com/989896
https://bugzilla.suse.com/999245


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

[Security-announce] Updated VMSA-2017-0015.2 – VMware ESXi, vCenter Server, Fusion & Workstation updates resolve multiple security vulnerabilities

–===============1845581788974842030==
Content-Language: en-US
Content-Type: multipart/alternative;
boundary=”_000_DM2PR0501MB100219690EEC4C905368F849B9600DM2PR0501MB1002_”

–_000_DM2PR0501MB100219690EEC4C905368F849B9600DM2PR0501MB1002_
Content-Type: text/plain; charset=”iso-8859-1″
Content-Transfer-Encoding: quoted-printable

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

– ———————————————————————–

VMware Security Advisory

Advisory ID: VMSA-2017-0015.2
Severity: Critical
Synopsis: VMware ESXi, vCenter Server, Fusion & Workstation updates
resolve multiple security vulnerabilities
Issue date: 2017-09-14
Updated on: 2017-09-18
CVE number: CVE-2017-4924, CVE-2017-4925, CVE-2017-4926

1. Summary

VMware ESXi, vCenter Server, Fusion and Workstation updates resolve
multiple security vulnerabilities.

2. Relevant Products

VMware ESXi (ESXi)
VMware vCenter Server
VMware Fusion Pro / Fusion (Fusion)
VMware Workstation Pro / Player (Workstation)

3. Problem Description

a. Out-of-bounds write vulnerability in SVGA

VMware ESXi, Workstation & Fusion contain an out-of-bounds write
vulnerability in SVGA device. This issue may allow a guest to
execute code on the host.

VMware would like to thank Nico Golde and Ralf-Philipp Weinmann of
Comsecuris UG (haftungsbeschraenkt) working with ZDI for reporting
this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the identifier CVE-2017-4924 to this issue.

Column 5 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.

VMware Product Running Replace with/ Mitigation
Product Version on Severity Apply patch Workaround
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=
=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
ESXi 6.5 ESXi Critical ESXi650-201707101-SG None
ESXi 6.0 ESXi N/A Not affected N/A
ESXi 5.5 ESXi N/A Not affected N/A
Workstation 12.x Any Critical 12.5.7 None
Fusion 8.x OS X Critical 8.5.8 None

b. Guest RPC NULL pointer dereference vulnerability

VMware ESXi, Workstation & Fusion contain a NULL pointer dereference
vulnerability. This issue occurs when handling guest RPC requests.
Successful exploitation of this issue may allow attackers with
normal user privileges to crash their VMs.

VMware would like to thank Zhang Haitao for reporting this issue
to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the identifier CVE-2017-4925 to this issue.

Column 5 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.

VMware Product Running Replace with/ Mitigation
Product Version on Severity Apply patch Workaround
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=
=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
ESXi 6.5 ESXi Moderate ESXi650-201707101-SG None
ESXi 6.0 ESXi Moderate ESXi600-201706101-SG None
ESXi 5.5 ESXi Moderate ESXi550-201709101-SG None
Workstation 12.x Any Moderate 12.5.3 None
Fusion 8.x OS X Moderate 8.5.4 None

c. Stored XSS in H5 Client

vCenter Server H5 Client contains a vulnerability that may allow for
stored cross-site scripting (XSS). An attacker with VC user
privileges can inject malicious java-scripts which will get executed
when other VC users access the page.

VMware would like to thank Thomas Ornetzeder for reporting this
issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the identifier CVE-2017-4926 to this issue.

Column 5 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.

VMware Product Running Replace with/ Mitigation
Product Version on Severity Apply patch Workaround
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D =3D=3D=
=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
vCenter Server 6.5 Any Moderate 6.5 U1 None
vCenter Server 6.0 Any N/A Not affected N/A
vCenter Server 5.5 Any N/A Not affected N/A

4. Solution

Please review the patch/release notes for your product and
version and verify the checksum of your downloaded file.

ESXi 6.5
————-
Downloads:
https://www.vmware.com/patchmgr/findPatch.portal
Documentation:
http://kb.vmware.com/kb/2149933

ESXi 6.0
————-
Downloads:
https://www.vmware.com/patchmgr/findPatch.portal
Documentation:
http://kb.vmware.com/kb/2149960

ESXi 5.5
————
Downloads:
https://www.vmware.com/patchmgr/findPatch.portal
Documentation:
http://kb.vmware.com/kb/2150876

VMware vCenter Server 6.5 U1
Downloads:
https://my.vmware.com/web/vmware/details?downloadGroup=3DVC65U1
&productId=3D614&rPId=3D17343
Documentation:
https://docs.vmware.com/en/VMware-vSphere/index.html

VMware Workstation Pro 12.5.7
Downloads and Documentation:
https://www.vmware.com/go/downloadworkstation
https://www.vmware.com/support/pubs/ws_pubs.html

VMware Workstation Player 12.5.7
Downloads and Documentation:
https://www.vmware.com/go/downloadplayer
https://www.vmware.com/support/pubs/player_pubs.html

VMware Workstation Pro 12.5.3
Downloads and Documentation:
https://www.vmware.com/go/downloadworkstation
https://www.vmware.com/support/pubs/ws_pubs.html

VMware Workstation Player 12.5.3
Downloads and Documentation:
https://www.vmware.com/go/downloadplayer
https://www.vmware.com/support/pubs/player_pubs.html

VMware Fusion Pro / Fusion 8.5.8
Downloads and Documentation
https://www.vmware.com/go/downloadfusion
https://www.vmware.com/support/pubs/fusion_pubs.html

VMware Fusion Pro / Fusion 8.5.4
Downloads and Documentation
https://www.vmware.com/go/downloadfusion
https://www.vmware.com/support/pubs/fusion_pubs.html

5. References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-4924
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-4925
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-4926

– ————————————————————————

6. Change log

2017-09-14 VMSA-2017-0015
Initial security advisory in conjunction with the release of VMware
ESXi 5.5 patches on 2017-09-14

2017-09-15 VMSA-2017-0015.1 Corrected the underlying component
affected from SVGA driver to device.

2017-09-18 VMSA-2017-0015.2 Updated the security advisory to reflect
the correct platform for the XSS issue 3(c).

– ————————————————————————
7. Contact

E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:

security-announce@lists.vmware.com
bugtraq@securityfocus.com
fulldisclosure@seclists.org

E-mail: security@vmware.com
PGP key at: https://kb.vmware.com/kb/1055

VMware Security Advisories
http://www.vmware.com/security/advisories

VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html

VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html

VMware Security & Compliance Blog
https://blogs.vmware.com/security

Twitter

Copyright 2017 VMware Inc. All rights reserved.

—–BEGIN PGP SIGNATURE—–
Version: Encryption Desktop 10.4.1 (Build 490)
Charset: utf-8

wj8DBQFZwKbaDEcm8Vbi9kMRArZ4AJ4x3UZXWhnMjiM6bWm3+AbVOWL1/gCeME1g
Zm6b0n/dE8r06O+chFE3E9k=3D
=3DNJvM
—–END PGP SIGNATURE—–

–_000_DM2PR0501MB100219690EEC4C905368F849B9600DM2PR0501MB1002_
Content-Type: text/html; charset=”iso-8859-1″
Content-Transfer-Encoding: quoted-printable

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

– ———————————————————————–

            &nb=
sp;            =
      VMware Security Advisory

Advisory ID: VMSA-2017-0015.2
Severity:    Critical
Synopsis:    VMware ESXi, vCenter Server, Fusion & Works=
tation updates
             re=
solve multiple security vulnerabilities
Issue date:  2017-09-14
Updated on:  2017-09-18
CVE number:  CVE-2017-4924, CVE-2017-4925, CVE-2017-4926

1. Summary

   VMware ESXi, vCenter Server, Fusion and Workstation updates re=
solve
   multiple security vulnerabilities.
   
2. Relevant Products
    
   VMware ESXi (ESXi)      
   VMware vCenter Server
   VMware Fusion Pro / Fusion (Fusion)   
   VMware Workstation Pro / Player (Workstation)

3. Problem Description

   a. Out-of-bounds write vulnerability in SVGA
   
   VMware ESXi, Workstation & Fusion contain an out-of-bounds=
write
   vulnerability in SVGA device. This issue may allow a guest to =

   execute code on the host.
   
   VMware would like to thank Nico Golde and Ralf-Philipp Weinman=
n of
   Comsecuris UG (haftungsbeschraenkt) working with ZDI for repor=
ting
   this issue to us.
   
   The Common Vulnerabilities and Exposures project (cve.mitre.or=
g) has
   assigned the identifier CVE-2017-4924 to this issue.

   Column 5 of the following table lists the action required to
   remediate the vulnerability in each release, if a solution is
   available.

   VMware      Product Running &nbs=
p;         Replace with/ &nbsp=
;     Mitigation
   Product     Version on   &n=
bsp;  Severity  Apply patch      &n=
bsp;  Workaround
   =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D =3D=3D=
=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D  =3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D       =3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D
      ESXi      6.5 =
    ESXi   Critical ESXi650-201707101-SG &nbs=
p; None
      ESXi      6.0 =
    ESXi    N/A     =
  Not affected          N=
/A
      ESXi      5.5 =
    ESXi    N/A     =
  Not affected          N=
/A
   Workstation  12.x    Any   =
Critical    12.5.7      &nbsp=
;       None
     Fusion     8.x  &nbs=
p;  OS X   Critical    8.5.8  &nbsp=
;            None &n=
bsp;

   b. Guest RPC NULL pointer dereference vulnerability  
   
   VMware ESXi, Workstation & Fusion contain a NULL pointer d=
ereference
   vulnerability. This issue occurs when handling guest RPC reque=
sts.
   Successful exploitation of this issue may allow attackers with=

   normal user privileges to crash their VMs.
   
   VMware would like to thank Zhang Haitao for reporting this iss=
ue
   to us.
   
   The Common Vulnerabilities and Exposures project (cve.mitre.or=
g) has
   assigned the identifier CVE-2017-4925 to this issue.

   Column 5 of the following table lists the action required to
   remediate the vulnerability in each release, if a solution is
   available.

   VMware      Product Running &nbs=
p;        Replace with/  &nbsp=
;     Mitigation
   Product     Version on   &n=
bsp;  Severity Apply patch       &n=
bsp;  Workaround
   =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D =3D=3D=
=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D        =3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D
      ESXi      6.5 =
    ESXi   Moderate ESXi650-201707101-SG &nbs=
p; None
      ESXi      6.0 =
    ESXi   Moderate ESXi600-201706101-SG &nbs=
p; None
      ESXi      5.5 =
    ESXi   Moderate ESXi550-201709101-SG &nbs=
p; None
   Workstation  12.x    Any   =
Moderate    12.5.3      &nbsp=
;       None
     Fusion     8.x  &nbs=
p;  OS X   Moderate     8.5.4 &nbsp=
;            None
   
   c. Stored XSS in H5 Client
   
   vCenter Server H5 Client contains a vulnerability that may all=
ow for
   stored cross-site scripting (XSS). An attacker with VC user
   privileges can inject malicious java-scripts which will get ex=
ecuted
   when other VC users access the page.
   
   VMware would like to thank Thomas Ornetzeder for reporting thi=
s
   issue to us.
   
   The Common Vulnerabilities and Exposures project (cve.mitre.or=
g) has
   assigned the identifier CVE-2017-4926 to this issue.

   Column 5 of the following table lists the action required to
   remediate the vulnerability in each release, if a solution is
   available.
   
   VMware          P=
roduct Running           =
Replace with/   Mitigation
   Product         Versio=
n on      Severity  Apply patch  &n=
bsp;  Workaround
   =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D  =3D=3D=3D=3D=
=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D  =3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D   =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
   vCenter Server   6.5     Any&nbs=
p;   Moderate     6.5 U1   &nb=
sp;     None
   vCenter Server   6.0     Any&nbs=
p;    N/A      Not affected &n=
bsp;    N/A
   vCenter Server   5.5     Any&nbs=
p;    N/A      Not affected &n=
bsp;    N/A
   
4. Solution

   Please review the patch/release notes for your product and
   version and verify the checksum of your downloaded file.
   
   ESXi 6.5  
   ————-
   Downloads:  
   https://www.vmware.com/patchmgr/findPatch.portal  &n=
bsp;  
   Documentation:  
   http://kb.vmware.com/kb/2149933
   
   ESXi 6.0  
   ————-
   Downloads:  
   https://www.vmware.com/patchmgr/findPatch.portal  &n=
bsp;  
   Documentation:  
   http://kb.vmware.com/kb/2149960  
   
   ESXi 5.5
   ————
   Downloads:  
   https://www.vmware.com/patchmgr/findPatch.portal  &n=
bsp;  
   Documentation:  
   http://kb.vmware.com/kb/2150876
   
   VMware vCenter Server 6.5 U1
   Downloads:
   https://my.vmware.com/web/vmware/details?downloadGroup=3DVC65U=
1
   &productId=3D614&rPId=3D17343
   Documentation:
   https://docs.vmware.com/en/VMware-vSphere/index.html
   
   VMware Workstation Pro 12.5.7
   Downloads and Documentation:  
   https://www.vmware.com/go/downloadworkstation  
   https://www.vmware.com/support/pubs/ws_pubs.html  
    
   VMware Workstation Player 12.5.7  
   Downloads and Documentation:  
   https://www.vmware.com/go/downloadplayer  
   https://www.vmware.com/support/pubs/player_pubs.html
   
   VMware Workstation Pro 12.5.3  
   Downloads and Documentation:
   https://www.vmware.com/go/downloadworkstation
   https://www.vmware.com/support/pubs/ws_pubs.html   
 
   VMware Workstation Player 12.5.3    
   Downloads and Documentation:  
   https://www.vmware.com/go/downloadplayer
   https://www.vmware.com/support/pubs/player_pubs.html
   
   VMware Fusion Pro / Fusion 8.5.8
   Downloads and Documentation
   https://www.vmware.com/go/downloadfusion
   https://www.vmware.com/support/pubs/fusion_pubs.html
   
   VMware Fusion Pro / Fusion 8.5.4
   Downloads and Documentation
   https://www.vmware.com/go/downloadfusion
   https://www.vmware.com/support/pubs/fusion_pubs.html
   
   
5. References

   http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-4924
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-4925
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-4926
      
– ————————————————————————

6. Change log

   2017-09-14 VMSA-2017-0015
   Initial security advisory in conjunction with the release of V=
Mware
   ESXi 5.5 patches on 2017-09-14
   
   2017-09-15 VMSA-2017-0015.1 Corrected the underlying component=

   affected from SVGA driver to device.
   
   2017-09-18 VMSA-2017-0015.2 Updated the security advisory to r=
eflect
   the correct platform for the XSS issue 3(c).

– ————————————————————————
7. Contact

   E-mail list for product security notifications and announcemen=
ts:
   http://lists.vmware.com/cgi-bin/mailman/listinfo/security-anno=
unce

   This Security Advisory is posted to the following lists:
   
     security-announce@lists.vmware.com
     bugtraq@securityfocus.com
     fulldisclosure@seclists.org

   E-mail: security@vmware.com
   PGP key at: https://kb.vmware.com/kb/1055

   VMware Security Advisories
   http://www.vmware.com/security/advisories

   VMware Security Response Policy
   https://www.vmware.com/support/policies/security_response.html=

   VMware Lifecycle Support Phases
   https://www.vmware.com/support/policies/lifecycle.html
   
   VMware Security & Compliance Blog
   https://blogs.vmware.com/security

   Twitter
   https://twitter.com/VMwareSRC

   Copyright 2017 VMware Inc.  All rights reserved.

—–BEGIN PGP SIGNATURE—–
Version: Encryption Desktop 10.4.1 (Build 490)
Charset: utf-8

wj8DBQFZwKbaDEcm8Vbi9kMRArZ4AJ4x3UZXWhnMjiM6bWm3+AbVOWL1/gCeME1g
Zm6b0n/dE8r06O+chFE3E9k=3D
=3DNJvM
—–END PGP SIGNATURE—–

–_000_DM2PR0501MB100219690EEC4C905368F849B9600DM2PR0501MB1002_–

–===============1845581788974842030==
Content-Type: text/plain; charset=”us-ascii”
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Security-announce mailing list
Security-announce@lists.vmware.com
https://lists.vmware.com/mailman/listinfo/security-announce

–===============1845581788974842030==–

SUSE-SU-2017:2523-1: important: Security update for the Linux Kernel

SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2523-1
Rating: important
References: #1057389
Cross-References: CVE-2017-1000251
Affected Products:
SUSE Linux Enterprise Workstation Extension 12-SP3
SUSE Linux Enterprise Software Development Kit 12-SP3
SUSE Linux Enterprise Server 12-SP3
SUSE Linux Enterprise Live Patching 12-SP3
SUSE Linux Enterprise High Availability 12-SP3
SUSE Linux Enterprise Desktop 12-SP3
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

The SUSE Linux Enterprise 12 SP3 kernel was updated to receive the
following security fixes:

– CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel was
vulnerable to a stack overflow while processing L2CAP configuration
responses, resulting in a potential remote denial-of-service
vulnerability but no remote code execution due to use of
CONFIG_CC_STACKPROTECTOR. [bnc#1057389]

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Workstation Extension 12-SP3:

zypper in -t patch SUSE-SLE-WE-12-SP3-2017-1562=1

– SUSE Linux Enterprise Software Development Kit 12-SP3:

zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1562=1

– SUSE Linux Enterprise Server 12-SP3:

zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1562=1

– SUSE Linux Enterprise Live Patching 12-SP3:

zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2017-1562=1

– SUSE Linux Enterprise High Availability 12-SP3:

zypper in -t patch SUSE-SLE-HA-12-SP3-2017-1562=1

– SUSE Linux Enterprise Desktop 12-SP3:

zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1562=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Workstation Extension 12-SP3 (x86_64):

kernel-default-debuginfo-4.4.82-6.6.1
kernel-default-debugsource-4.4.82-6.6.1
kernel-default-extra-4.4.82-6.6.1
kernel-default-extra-debuginfo-4.4.82-6.6.1

– SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64):

kernel-obs-build-4.4.82-6.6.1
kernel-obs-build-debugsource-4.4.82-6.6.1

– SUSE Linux Enterprise Software Development Kit 12-SP3 (noarch):

kernel-docs-4.4.82-6.6.3

– SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64):

kernel-default-4.4.82-6.6.1
kernel-default-base-4.4.82-6.6.1
kernel-default-base-debuginfo-4.4.82-6.6.1
kernel-default-debuginfo-4.4.82-6.6.1
kernel-default-debugsource-4.4.82-6.6.1
kernel-default-devel-4.4.82-6.6.1
kernel-syms-4.4.82-6.6.1

– SUSE Linux Enterprise Server 12-SP3 (noarch):

kernel-devel-4.4.82-6.6.1
kernel-macros-4.4.82-6.6.1
kernel-source-4.4.82-6.6.1

– SUSE Linux Enterprise Server 12-SP3 (s390x):

kernel-default-man-4.4.82-6.6.1

– SUSE Linux Enterprise Live Patching 12-SP3 (x86_64):

kgraft-patch-4_4_82-6_6-default-1-2.1
kgraft-patch-4_4_82-6_6-default-debuginfo-1-2.1

– SUSE Linux Enterprise High Availability 12-SP3 (ppc64le s390x x86_64):

cluster-md-kmp-default-4.4.82-6.6.1
cluster-md-kmp-default-debuginfo-4.4.82-6.6.1
dlm-kmp-default-4.4.82-6.6.1
dlm-kmp-default-debuginfo-4.4.82-6.6.1
gfs2-kmp-default-4.4.82-6.6.1
gfs2-kmp-default-debuginfo-4.4.82-6.6.1
kernel-default-debuginfo-4.4.82-6.6.1
kernel-default-debugsource-4.4.82-6.6.1
ocfs2-kmp-default-4.4.82-6.6.1
ocfs2-kmp-default-debuginfo-4.4.82-6.6.1

– SUSE Linux Enterprise Desktop 12-SP3 (noarch):

kernel-devel-4.4.82-6.6.1
kernel-macros-4.4.82-6.6.1
kernel-source-4.4.82-6.6.1

– SUSE Linux Enterprise Desktop 12-SP3 (x86_64):

kernel-default-4.4.82-6.6.1
kernel-default-debuginfo-4.4.82-6.6.1
kernel-default-debugsource-4.4.82-6.6.1
kernel-default-devel-4.4.82-6.6.1
kernel-default-extra-4.4.82-6.6.1
kernel-default-extra-debuginfo-4.4.82-6.6.1
kernel-syms-4.4.82-6.6.1

References:

https://www.suse.com/security/cve/CVE-2017-1000251.html
https://bugzilla.suse.com/1057389


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE-SU-2017:2521-1: important: Security update for the Linux Kernel

SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2521-1
Rating: important
References: #1057389
Cross-References: CVE-2017-1000251
Affected Products:
SUSE Linux Enterprise Workstation Extension 12-SP2
SUSE Linux Enterprise Software Development Kit 12-SP2
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
SUSE Linux Enterprise Server 12-SP2
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise High Availability 12-SP2
SUSE Linux Enterprise Desktop 12-SP2
SUSE Container as a Service Platform ALL
OpenStack Cloud Magnum Orchestration 7
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

The SUSE Linux Enterprise 12 SP2 kernel was updated to receive the
following security fixes:

– CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel was
vulnerable to a stack overflow while processing L2CAP configuration
responses, resulting in a potential remote denial-of-service
vulnerability but no remote code execution due to use of
CONFIG_CC_STACKPROTECTOR. [bnc#1057389]

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Workstation Extension 12-SP2:

zypper in -t patch SUSE-SLE-WE-12-SP2-2017-1561=1

– SUSE Linux Enterprise Software Development Kit 12-SP2:

zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1561=1

– SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:

zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1561=1

– SUSE Linux Enterprise Server 12-SP2:

zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1561=1

– SUSE Linux Enterprise Live Patching 12:

zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1561=1

– SUSE Linux Enterprise High Availability 12-SP2:

zypper in -t patch SUSE-SLE-HA-12-SP2-2017-1561=1

– SUSE Linux Enterprise Desktop 12-SP2:

zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1561=1

– SUSE Container as a Service Platform ALL:

zypper in -t patch SUSE-CAASP-ALL-2017-1561=1

– OpenStack Cloud Magnum Orchestration 7:

zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1561=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64):

kernel-default-debuginfo-4.4.74-92.38.1
kernel-default-debugsource-4.4.74-92.38.1
kernel-default-extra-4.4.74-92.38.1
kernel-default-extra-debuginfo-4.4.74-92.38.1

– SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64):

kernel-obs-build-4.4.74-92.38.1
kernel-obs-build-debugsource-4.4.74-92.38.1

– SUSE Linux Enterprise Software Development Kit 12-SP2 (noarch):

kernel-docs-4.4.74-92.38.3

– SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64):

kernel-default-4.4.74-92.38.1
kernel-default-base-4.4.74-92.38.1
kernel-default-base-debuginfo-4.4.74-92.38.1
kernel-default-debuginfo-4.4.74-92.38.1
kernel-default-debugsource-4.4.74-92.38.1
kernel-default-devel-4.4.74-92.38.1
kernel-syms-4.4.74-92.38.1

– SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch):

kernel-devel-4.4.74-92.38.1
kernel-macros-4.4.74-92.38.1
kernel-source-4.4.74-92.38.1

– SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le s390x x86_64):

kernel-default-4.4.74-92.38.1
kernel-default-base-4.4.74-92.38.1
kernel-default-base-debuginfo-4.4.74-92.38.1
kernel-default-debuginfo-4.4.74-92.38.1
kernel-default-debugsource-4.4.74-92.38.1
kernel-default-devel-4.4.74-92.38.1
kernel-syms-4.4.74-92.38.1

– SUSE Linux Enterprise Server 12-SP2 (noarch):

kernel-devel-4.4.74-92.38.1
kernel-macros-4.4.74-92.38.1
kernel-source-4.4.74-92.38.1

– SUSE Linux Enterprise Server 12-SP2 (s390x):

kernel-default-man-4.4.74-92.38.1

– SUSE Linux Enterprise Live Patching 12 (x86_64):

kgraft-patch-4_4_74-92_38-default-1-2.1

– SUSE Linux Enterprise High Availability 12-SP2 (ppc64le s390x x86_64):

cluster-md-kmp-default-4.4.74-92.38.1
cluster-md-kmp-default-debuginfo-4.4.74-92.38.1
cluster-network-kmp-default-4.4.74-92.38.1
cluster-network-kmp-default-debuginfo-4.4.74-92.38.1
dlm-kmp-default-4.4.74-92.38.1
dlm-kmp-default-debuginfo-4.4.74-92.38.1
gfs2-kmp-default-4.4.74-92.38.1
gfs2-kmp-default-debuginfo-4.4.74-92.38.1
kernel-default-debuginfo-4.4.74-92.38.1
kernel-default-debugsource-4.4.74-92.38.1
ocfs2-kmp-default-4.4.74-92.38.1
ocfs2-kmp-default-debuginfo-4.4.74-92.38.1

– SUSE Linux Enterprise Desktop 12-SP2 (x86_64):

kernel-default-4.4.74-92.38.1
kernel-default-debuginfo-4.4.74-92.38.1
kernel-default-debugsource-4.4.74-92.38.1
kernel-default-devel-4.4.74-92.38.1
kernel-default-extra-4.4.74-92.38.1
kernel-default-extra-debuginfo-4.4.74-92.38.1
kernel-syms-4.4.74-92.38.1

– SUSE Linux Enterprise Desktop 12-SP2 (noarch):

kernel-devel-4.4.74-92.38.1
kernel-macros-4.4.74-92.38.1
kernel-source-4.4.74-92.38.1

– SUSE Container as a Service Platform ALL (x86_64):

kernel-default-4.4.74-92.38.1
kernel-default-debuginfo-4.4.74-92.38.1
kernel-default-debugsource-4.4.74-92.38.1

– OpenStack Cloud Magnum Orchestration 7 (x86_64):

kernel-default-4.4.74-92.38.1
kernel-default-debuginfo-4.4.74-92.38.1
kernel-default-debugsource-4.4.74-92.38.1

References:

https://www.suse.com/security/cve/CVE-2017-1000251.html
https://bugzilla.suse.com/1057389


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE-SU-2017:2519-1: important: Security update for xen

SUSE Security Update: Security update for xen
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2519-1
Rating: important
References: #1027519 #1055695 #1056278 #1056280 #1056281
#1056282
Cross-References: CVE-2017-14316 CVE-2017-14317 CVE-2017-14318
CVE-2017-14319
Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP2
SUSE Linux Enterprise Server 12-SP2
SUSE Linux Enterprise Desktop 12-SP2
SUSE Container as a Service Platform ALL
______________________________________________________________________________

An update that solves four vulnerabilities and has two
fixes is now available.

Description:

This update for xen fixes several issues.

These security issues were fixed:

– CVE-2017-14316: Missing bound check in function `alloc_heap_pages` for
an internal array allowed attackers using crafted hypercalls to execute
arbitrary code within Xen (XSA-231, bsc#1056278)
– CVE-2017-14318: The function __gnttab_cache_flush missed a check for
grant tables, allowing a malicious guest to crash the host or for x86 PV
guests to potentially escalate privileges (XSA-232, bsc#1056280)
– CVE-2017-14317: A race in cxenstored may have cause a double-free
allowind for DoS of the xenstored daemon (XSA-233, bsc#1056281).
– CVE-2017-14319: An error while handling grant mappings allowed malicious
or buggy x86 PV guest to escalate its privileges or crash the hypervisor
(XSA-234, bsc#1056282).

These non-security issues were fixed:

– bsc#1055695: Fixed restoring updates for HVM guests for ballooned domUs

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Software Development Kit 12-SP2:

zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1558=1

– SUSE Linux Enterprise Server 12-SP2:

zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1558=1

– SUSE Linux Enterprise Desktop 12-SP2:

zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1558=1

– SUSE Container as a Service Platform ALL:

zypper in -t patch SUSE-CAASP-ALL-2017-1558=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 x86_64):

xen-debugsource-4.7.3_04-43.12.1
xen-devel-4.7.3_04-43.12.1

– SUSE Linux Enterprise Server 12-SP2 (x86_64):

xen-4.7.3_04-43.12.1
xen-debugsource-4.7.3_04-43.12.1
xen-doc-html-4.7.3_04-43.12.1
xen-libs-32bit-4.7.3_04-43.12.1
xen-libs-4.7.3_04-43.12.1
xen-libs-debuginfo-32bit-4.7.3_04-43.12.1
xen-libs-debuginfo-4.7.3_04-43.12.1
xen-tools-4.7.3_04-43.12.1
xen-tools-debuginfo-4.7.3_04-43.12.1
xen-tools-domU-4.7.3_04-43.12.1
xen-tools-domU-debuginfo-4.7.3_04-43.12.1

– SUSE Linux Enterprise Desktop 12-SP2 (x86_64):

xen-4.7.3_04-43.12.1
xen-debugsource-4.7.3_04-43.12.1
xen-libs-32bit-4.7.3_04-43.12.1
xen-libs-4.7.3_04-43.12.1
xen-libs-debuginfo-32bit-4.7.3_04-43.12.1
xen-libs-debuginfo-4.7.3_04-43.12.1

– SUSE Container as a Service Platform ALL (x86_64):

xen-debugsource-4.7.3_04-43.12.1
xen-libs-4.7.3_04-43.12.1
xen-libs-debuginfo-4.7.3_04-43.12.1
xen-tools-domU-4.7.3_04-43.12.1
xen-tools-domU-debuginfo-4.7.3_04-43.12.1

References:

https://www.suse.com/security/cve/CVE-2017-14316.html
https://www.suse.com/security/cve/CVE-2017-14317.html
https://www.suse.com/security/cve/CVE-2017-14318.html
https://www.suse.com/security/cve/CVE-2017-14319.html
https://bugzilla.suse.com/1027519
https://bugzilla.suse.com/1055695
https://bugzilla.suse.com/1056278
https://bugzilla.suse.com/1056280
https://bugzilla.suse.com/1056281
https://bugzilla.suse.com/1056282


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

openSUSE-SU-2017:2513-1: important: Security update for qemu

openSUSE Security Update: Security update for qemu
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:2513-1
Rating: important
References: #1011144 #1031692 #1046636 #1047674 #1048296
#1048902 #1049381 #1050268
Cross-References: CVE-2017-10664 CVE-2017-10806 CVE-2017-11334
CVE-2017-11434
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that solves four vulnerabilities and has four
fixes is now available.

Description:

This update for qemu fixes the following issues:

Security issues fixed:

* CVE-2017-10664: Fix DOS vulnerability in qemu-nbd (bsc#1046636)
* CVE-2017-10806: Fix DOS from stack overflow in debug messages of usb
redirection support (bsc#1047674)
* CVE-2017-11334: Fix OOB access during DMA operation (bsc#1048902)
* CVE-2017-11434: Fix OOB access parsing dhcp slirp options (bsc#1049381)

Following non-security issues were fixed:

– Postrequire acl for setfacl
– Prerequire shadow for groupadd
– The recent security fix for CVE-2017-11334 adversely affects Xen.
Include two additional patches to make sure Xen is going to be OK.
– Pre-add group kvm for qemu-tools (bsc#1011144)
– Fixed a few more inaccuracies in the support docs.
– Fix support docs to indicate ARM64 is now fully L3 supported in SLES 12
SP3. Apply a few additional clarifications in the support docs.
(bsc#1050268)
– Adjust to libvdeplug-devel package naming changes.
– Fix migration with xhci (bsc#1048296)
– Increase VNC delay to fix missing keyboard input events (bsc#1031692)
– Remove build dependency package iasl used for seabios

This update was imported from the SUSE:SLE-12-SP3:Update update project.

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– openSUSE Leap 42.3:

zypper in -t patch openSUSE-2017-1072=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– openSUSE Leap 42.3 (i586 x86_64):

qemu-linux-user-2.9.0-32.1
qemu-linux-user-debuginfo-2.9.0-32.1
qemu-linux-user-debugsource-2.9.0-32.1

– openSUSE Leap 42.3 (x86_64):

qemu-2.9.0-32.4
qemu-arm-2.9.0-32.4
qemu-arm-debuginfo-2.9.0-32.4
qemu-block-curl-2.9.0-32.4
qemu-block-curl-debuginfo-2.9.0-32.4
qemu-block-dmg-2.9.0-32.4
qemu-block-dmg-debuginfo-2.9.0-32.4
qemu-block-iscsi-2.9.0-32.4
qemu-block-iscsi-debuginfo-2.9.0-32.4
qemu-block-rbd-2.9.0-32.4
qemu-block-rbd-debuginfo-2.9.0-32.4
qemu-block-ssh-2.9.0-32.4
qemu-block-ssh-debuginfo-2.9.0-32.4
qemu-debugsource-2.9.0-32.4
qemu-extra-2.9.0-32.4
qemu-extra-debuginfo-2.9.0-32.4
qemu-guest-agent-2.9.0-32.4
qemu-guest-agent-debuginfo-2.9.0-32.4
qemu-ksm-2.9.0-32.4
qemu-kvm-2.9.0-32.4
qemu-lang-2.9.0-32.4
qemu-ppc-2.9.0-32.4
qemu-ppc-debuginfo-2.9.0-32.4
qemu-s390-2.9.0-32.4
qemu-s390-debuginfo-2.9.0-32.4
qemu-testsuite-2.9.0-32.4
qemu-tools-2.9.0-32.4
qemu-tools-debuginfo-2.9.0-32.4
qemu-x86-2.9.0-32.4
qemu-x86-debuginfo-2.9.0-32.4

– openSUSE Leap 42.3 (noarch):

qemu-ipxe-1.0.0-32.4
qemu-seabios-1.10.2-32.4
qemu-sgabios-8-32.4
qemu-vgabios-1.10.2-32.4

References:

https://www.suse.com/security/cve/CVE-2017-10664.html
https://www.suse.com/security/cve/CVE-2017-10806.html
https://www.suse.com/security/cve/CVE-2017-11334.html
https://www.suse.com/security/cve/CVE-2017-11434.html
https://bugzilla.suse.com/1011144
https://bugzilla.suse.com/1031692
https://bugzilla.suse.com/1046636
https://bugzilla.suse.com/1047674
https://bugzilla.suse.com/1048296
https://bugzilla.suse.com/1048902
https://bugzilla.suse.com/1049381
https://bugzilla.suse.com/1050268


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

openSUSE-SU-2017:2514-1: important: Security update for xen

openSUSE Security Update: Security update for xen
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:2514-1
Rating: important
References: #1027519 #1055695 #1056278 #1056280 #1056281
#1056282 #1057358
Cross-References: CVE-2017-14316 CVE-2017-14317 CVE-2017-14318
CVE-2017-14319
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that solves four vulnerabilities and has three
fixes is now available.

Description:

This update for xen fixes several issues.

These security issues were fixed:

– CVE-2017-14316: Missing bound check in function `alloc_heap_pages` for
an internal array allowed attackers using crafted hypercalls to execute
arbitrary code within Xen (XSA-231, bsc#1056278)
– CVE-2017-14318: The function __gnttab_cache_flush missed a check for
grant tables, allowing a malicious guest to crash the host or for x86 PV
guests to potentially escalate privileges (XSA-232, bsc#1056280)
– CVE-2017-14317: A race in cxenstored may have cause a double-free
allowind for DoS of the xenstored daemon (XSA-233, bsc#1056281).
– CVE-2017-14319: An error while handling grant mappings allowed malicious
or buggy x86 PV guest to escalate its privileges or crash the hypervisor
(XSA-234, bsc#1056282).

These non-security issues were fixed:

– bsc#1057358: Fixed boot into SUSE Linux Enterprise 12.3 with secure boot
– bsc#1055695: Fixed restoring updates for HVM guests for ballooned domUs

This update was imported from the SUSE:SLE-12-SP3:Update update project.

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– openSUSE Leap 42.3:

zypper in -t patch openSUSE-2017-1071=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– openSUSE Leap 42.3 (x86_64):

xen-4.9.0_12-7.1
xen-debugsource-4.9.0_12-7.1
xen-devel-4.9.0_12-7.1
xen-doc-html-4.9.0_12-7.1
xen-libs-4.9.0_12-7.1
xen-libs-debuginfo-4.9.0_12-7.1
xen-tools-4.9.0_12-7.1
xen-tools-debuginfo-4.9.0_12-7.1
xen-tools-domU-4.9.0_12-7.1
xen-tools-domU-debuginfo-4.9.0_12-7.1

References:

https://www.suse.com/security/cve/CVE-2017-14316.html
https://www.suse.com/security/cve/CVE-2017-14317.html
https://www.suse.com/security/cve/CVE-2017-14318.html
https://www.suse.com/security/cve/CVE-2017-14319.html
https://bugzilla.suse.com/1027519
https://bugzilla.suse.com/1055695
https://bugzilla.suse.com/1056278
https://bugzilla.suse.com/1056280
https://bugzilla.suse.com/1056281
https://bugzilla.suse.com/1056282
https://bugzilla.suse.com/1057358


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

New Check_MK stable release 1.4.0p12

Dear friends of Check_MK,

the new stable release 1.4.0p12 of Check_MK is ready for download.

This maintenance release ships with 15 changes affecing all editions of
Check_MK, 2 Enterprise Edition specific changes and 0 Managed Service Editi=
on
specific changes.

Changes in all Check_MK Editions:

WATO:
* 5228 FIX: WATO Web-API: now able to edit users which were created through=
the GUI
* 5124 FIX: Service discovery: Fixed permission if user is not allowed to m=
anage services
* 5123 FIX: Service discovery: Fix moving services from ‘Disabled services’=
to ‘Vanished services’ or ‘Undecided services’
* 5122 FIX: Service discovery: Find SNMP checks of not yet monitored type w=
hen using cached data
* 5126 FIX: Service discovery dialog: Fixed moving services to “Disabled se=
rvices” for remote sites
* 5206 FIX: Ruleset quick search now excludes deprecated rulesets
* 5207 FIX: Bulk discovery: Fixed “Maximum number of retries reached” error=
during bulk discovery

User interface:
* 5203 FIX: Removed sorting of perfometers

Core & setup:
* 5205 FIX: Host rename: Fixed broken renaming when new name uses dots
* 5204 FIX: Host rename: Fixed broken rename of hosts in rrdcached journal

Checks & agents:
* 5120 FIX: ps, ps.perf: Fixed regex range introduced with werk 5114 which =
allows “/” in process name in manual checks
* 5218 FIX: jolokia_metrics: Fix failing parse function for MBeans containi=
ng “:”
* 5014 FIX: df: Fixed error if dynamic levels should be set
* 5121 FIX: check_sql: Added error message if cx_Oracle module is not insta=
lled
* 5125 FIX: brocade_mlx_power: Fixed wrong index usage which led to undetec=
ted power supplies

Changes in the Check_MK Enterprise Edition:

Core & setup:
* 5189 FIX: Fixed scheduling of checks after a start/reload of the Micro Co=
re

Agent bakery:
* 5258 FIX: cmk-update-agent: Fix invalid signature error (regression since=
1.4.0p11)

Changes in the Check_MK Managed Service Edition:

NO CHANGES

You can download Check_MK from our download page:
* http://mathias-kettner.de/check_mk_download.html

Please mail bug reports and qualified feedback to feedback@check-mk.org.
We greatly thank you for using Check_MK and wish you a successful monitorin=
g,

Your Check_MK Team

— =

Mathias Kettner GmbH
Kellerstra=DFe 29, 81667 M=FCnchen, Germany
Registergericht: Amtsgericht M=FCnchen, HRB 165902
Gesch=E4ftsf=FChrer: Mathias Kettner
http://mathias-kettner.de
Tel. +49 89 1890 435-0
Fax. +49 89 1890 435-29

_______________________________________________
Checkmk-announce mailing list
Checkmk-announce@lists.mathias-kettner.de
http://lists.mathias-kettner.de/mailman/listinfo/checkmk-announce