MESSAGE
DATE | 2016-10-21 |
FROM | opensuse-security@opensuse.org
|
SUBJECT | Subject: [Hangout-NYLXS] [security-announce] openSUSE-SU-2016:2584-1:
|
From hangout-bounces-at-nylxs.com Fri Oct 21 14:15:21 2016 Return-Path: X-Original-To: archive-at-mrbrklyn.com Delivered-To: archive-at-mrbrklyn.com Received: from www.mrbrklyn.com (www.mrbrklyn.com [96.57.23.82]) by mrbrklyn.com (Postfix) with ESMTP id 9B0C0160E31; Fri, 21 Oct 2016 14:15:20 -0400 (EDT) X-Original-To: hangout-at-nylxs.com Delivered-To: hangout-at-nylxs.com Received: by mrbrklyn.com (Postfix, from userid 1000) id 739FB160E31; Fri, 21 Oct 2016 14:15:17 -0400 (EDT) Resent-From: Ruben Safir Resent-Date: Fri, 21 Oct 2016 14:15:17 -0400 Resent-Message-ID: <20161021181517.GB22290-at-www.mrbrklyn.com> Resent-To: hangout-at-nylxs.com X-Original-To: ruben-at-mrbrklyn.com Delivered-To: ruben-at-mrbrklyn.com Received: from lists5.opensuse.org (lists5.opensuse.org [195.135.221.153]) by mrbrklyn.com (Postfix) with ESMTP id 08E18160877 for ; Fri, 21 Oct 2016 11:15:40 -0400 (EDT) Received: from baloo.opensuse.org (localhost [127.0.0.1]) by lists5.opensuse.org (Postfix) with SMTP id 5587E11C90; Fri, 21 Oct 2016 15:15:33 +0000 (UTC) X-Original-To: opensuse-security-announce-at-lists5-opensuse.suse.de Delivered-To: opensuse-security-announce-at-lists5-opensuse.suse.de Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by lists5.opensuse.org (Postfix) with ESMTP id 3171511C38 for ; Fri, 21 Oct 2016 15:15:31 +0000 (UTC) Received: from maintenance.suse.de (maintenance.nue.suse.com [149.44.176.14]) by relay2.suse.de (Postfix) with ESMTP id 1F96019AA for ; Fri, 21 Oct 2016 15:15:31 +0000 (UTC) Received: by maintenance.suse.de (Postfix, from userid 32005) id B8FA8F7C7; Fri, 21 Oct 2016 17:15:30 +0200 (CEST) From: opensuse-security-at-opensuse.org To: opensuse-security-announce-at-opensuse.org Message-Id: <20161021151530.B8FA8F7C7-at-maintenance.suse.de> Date: Fri, 21 Oct 2016 17:15:30 +0200 (CEST) Precedence: bulk Mailing-List: contact opensuse-security-announce+help-at-opensuse.org; run by mlmmj X-Mailinglist: opensuse-security-announce List-Owner: X-MIME-Notice: attachments may have been removed from this message Subject: [Hangout-NYLXS] [security-announce] openSUSE-SU-2016:2584-1: important: Security update for the Linux Kernel X-BeenThere: hangout-at-nylxs.com X-Mailman-Version: 2.1.17 Reply-To: NYLXS Discussions List List-Id: NYLXS Discussions List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: hangout-bounces-at-nylxs.com Sender: "hangout"
openSUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________
Announcement ID: openSUSE-SU-2016:2584-1 Rating: important References: #1001419 #1001486 #1002165 #1004418 Cross-References: CVE-2016-5195 CVE-2016-8666 Affected Products: openSUSE 13.1 ______________________________________________________________________________
An update that solves two vulnerabilities and has two fixes is now available.
Description:
The openSUSE 13.1 kernel was updated to fix bugs and security issues.
The following security bugs were fixed:
- CVE-2016-8666: The IP stack in the Linux kernel allowed remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039 (bnc#1001486). - CVE-2016-5195: A local privilege escalation using MAP_PRIVATE was fixed, which is reportedly exploited in the wild (bsc#1004418).
The following non-security bugs were fixed:
- sched/core: Fix a race between try_to_wake_up() and a woken up task (bsc#1002165, bsc#1001419). - sched/core: Fix an SMP ordering race in try_to_wake_up() vs. schedule() (bnc#1001419). - tunnels: Do not apply GRO to multiple layers of encapsulation (bsc#1001486).
Patch Instructions:
To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product:
- openSUSE 13.1:
zypper in -t patch openSUSE-2016-1211=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 13.1 (i586 x86_64):
cloop-2.639-11.34.1 cloop-debuginfo-2.639-11.34.1 cloop-debugsource-2.639-11.34.1 cloop-kmp-default-2.639_k3.12.62_55-11.34.1 cloop-kmp-default-debuginfo-2.639_k3.12.62_55-11.34.1 cloop-kmp-desktop-2.639_k3.12.62_55-11.34.1 cloop-kmp-desktop-debuginfo-2.639_k3.12.62_55-11.34.1 cloop-kmp-xen-2.639_k3.12.62_55-11.34.1 cloop-kmp-xen-debuginfo-2.639_k3.12.62_55-11.34.1 crash-7.0.2-2.34.1 crash-debuginfo-7.0.2-2.34.1 crash-debugsource-7.0.2-2.34.1 crash-devel-7.0.2-2.34.1 crash-doc-7.0.2-2.34.1 crash-eppic-7.0.2-2.34.1 crash-eppic-debuginfo-7.0.2-2.34.1 crash-gcore-7.0.2-2.34.1 crash-gcore-debuginfo-7.0.2-2.34.1 crash-kmp-default-7.0.2_k3.12.62_55-2.34.1 crash-kmp-default-debuginfo-7.0.2_k3.12.62_55-2.34.1 crash-kmp-desktop-7.0.2_k3.12.62_55-2.34.1 crash-kmp-desktop-debuginfo-7.0.2_k3.12.62_55-2.34.1 crash-kmp-xen-7.0.2_k3.12.62_55-2.34.1 crash-kmp-xen-debuginfo-7.0.2_k3.12.62_55-2.34.1 hdjmod-debugsource-1.28-16.34.1 hdjmod-kmp-default-1.28_k3.12.62_55-16.34.1 hdjmod-kmp-default-debuginfo-1.28_k3.12.62_55-16.34.1 hdjmod-kmp-desktop-1.28_k3.12.62_55-16.34.1 hdjmod-kmp-desktop-debuginfo-1.28_k3.12.62_55-16.34.1 hdjmod-kmp-xen-1.28_k3.12.62_55-16.34.1 hdjmod-kmp-xen-debuginfo-1.28_k3.12.62_55-16.34.1 ipset-6.21.1-2.38.1 ipset-debuginfo-6.21.1-2.38.1 ipset-debugsource-6.21.1-2.38.1 ipset-devel-6.21.1-2.38.1 ipset-kmp-default-6.21.1_k3.12.62_55-2.38.1 ipset-kmp-default-debuginfo-6.21.1_k3.12.62_55-2.38.1 ipset-kmp-desktop-6.21.1_k3.12.62_55-2.38.1 ipset-kmp-desktop-debuginfo-6.21.1_k3.12.62_55-2.38.1 ipset-kmp-xen-6.21.1_k3.12.62_55-2.38.1 ipset-kmp-xen-debuginfo-6.21.1_k3.12.62_55-2.38.1 iscsitarget-1.4.20.3-13.34.1 iscsitarget-debuginfo-1.4.20.3-13.34.1 iscsitarget-debugsource-1.4.20.3-13.34.1 iscsitarget-kmp-default-1.4.20.3_k3.12.62_55-13.34.1 iscsitarget-kmp-default-debuginfo-1.4.20.3_k3.12.62_55-13.34.1 iscsitarget-kmp-desktop-1.4.20.3_k3.12.62_55-13.34.1 iscsitarget-kmp-desktop-debuginfo-1.4.20.3_k3.12.62_55-13.34.1 iscsitarget-kmp-xen-1.4.20.3_k3.12.62_55-13.34.1 iscsitarget-kmp-xen-debuginfo-1.4.20.3_k3.12.62_55-13.34.1 kernel-default-3.12.62-55.1 kernel-default-base-3.12.62-55.1 kernel-default-base-debuginfo-3.12.62-55.1 kernel-default-debuginfo-3.12.62-55.1 kernel-default-debugsource-3.12.62-55.1 kernel-default-devel-3.12.62-55.1 kernel-syms-3.12.62-55.1 libipset3-6.21.1-2.38.1 libipset3-debuginfo-6.21.1-2.38.1 ndiswrapper-1.58-35.1 ndiswrapper-debuginfo-1.58-35.1 ndiswrapper-debugsource-1.58-35.1 ndiswrapper-kmp-default-1.58_k3.12.62_55-35.1 ndiswrapper-kmp-default-debuginfo-1.58_k3.12.62_55-35.1 ndiswrapper-kmp-desktop-1.58_k3.12.62_55-35.1 ndiswrapper-kmp-desktop-debuginfo-1.58_k3.12.62_55-35.1 openvswitch-1.11.0-0.41.1 openvswitch-controller-1.11.0-0.41.1 openvswitch-controller-debuginfo-1.11.0-0.41.1 openvswitch-debuginfo-1.11.0-0.41.1 openvswitch-debugsource-1.11.0-0.41.1 openvswitch-kmp-default-1.11.0_k3.12.62_55-0.41.1 openvswitch-kmp-default-debuginfo-1.11.0_k3.12.62_55-0.41.1 openvswitch-kmp-desktop-1.11.0_k3.12.62_55-0.41.1 openvswitch-kmp-desktop-debuginfo-1.11.0_k3.12.62_55-0.41.1 openvswitch-kmp-xen-1.11.0_k3.12.62_55-0.41.1 openvswitch-kmp-xen-debuginfo-1.11.0_k3.12.62_55-0.41.1 openvswitch-pki-1.11.0-0.41.1 openvswitch-switch-1.11.0-0.41.1 openvswitch-switch-debuginfo-1.11.0-0.41.1 openvswitch-test-1.11.0-0.41.1 pcfclock-0.44-258.35.1 pcfclock-debuginfo-0.44-258.35.1 pcfclock-debugsource-0.44-258.35.1 pcfclock-kmp-default-0.44_k3.12.62_55-258.35.1 pcfclock-kmp-default-debuginfo-0.44_k3.12.62_55-258.35.1 pcfclock-kmp-desktop-0.44_k3.12.62_55-258.35.1 pcfclock-kmp-desktop-debuginfo-0.44_k3.12.62_55-258.35.1 python-openvswitch-1.11.0-0.41.1 python-openvswitch-test-1.11.0-0.41.1 python-virtualbox-4.2.36-2.66.1 python-virtualbox-debuginfo-4.2.36-2.66.1 vhba-kmp-debugsource-20130607-2.34.1 vhba-kmp-default-20130607_k3.12.62_55-2.34.1 vhba-kmp-default-debuginfo-20130607_k3.12.62_55-2.34.1 vhba-kmp-desktop-20130607_k3.12.62_55-2.34.1 vhba-kmp-desktop-debuginfo-20130607_k3.12.62_55-2.34.1 vhba-kmp-xen-20130607_k3.12.62_55-2.34.1 vhba-kmp-xen-debuginfo-20130607_k3.12.62_55-2.34.1 virtualbox-4.2.36-2.66.1 virtualbox-debuginfo-4.2.36-2.66.1 virtualbox-debugsource-4.2.36-2.66.1 virtualbox-devel-4.2.36-2.66.1 virtualbox-guest-kmp-default-4.2.36_k3.12.62_55-2.66.1 virtualbox-guest-kmp-default-debuginfo-4.2.36_k3.12.62_55-2.66.1 virtualbox-guest-kmp-desktop-4.2.36_k3.12.62_55-2.66.1 virtualbox-guest-kmp-desktop-debuginfo-4.2.36_k3.12.62_55-2.66.1 virtualbox-guest-tools-4.2.36-2.66.1 virtualbox-guest-tools-debuginfo-4.2.36-2.66.1 virtualbox-guest-x11-4.2.36-2.66.1 virtualbox-guest-x11-debuginfo-4.2.36-2.66.1 virtualbox-host-kmp-default-4.2.36_k3.12.62_55-2.66.1 virtualbox-host-kmp-default-debuginfo-4.2.36_k3.12.62_55-2.66.1 virtualbox-host-kmp-desktop-4.2.36_k3.12.62_55-2.66.1 virtualbox-host-kmp-desktop-debuginfo-4.2.36_k3.12.62_55-2.66.1 virtualbox-qt-4.2.36-2.66.1 virtualbox-qt-debuginfo-4.2.36-2.66.1 virtualbox-websrv-4.2.36-2.66.1 virtualbox-websrv-debuginfo-4.2.36-2.66.1 xen-debugsource-4.3.4_10-67.1 xen-devel-4.3.4_10-67.1 xen-kmp-default-4.3.4_10_k3.12.62_55-67.1 xen-kmp-default-debuginfo-4.3.4_10_k3.12.62_55-67.1 xen-kmp-desktop-4.3.4_10_k3.12.62_55-67.1 xen-kmp-desktop-debuginfo-4.3.4_10_k3.12.62_55-67.1 xen-libs-4.3.4_10-67.1 xen-libs-debuginfo-4.3.4_10-67.1 xen-tools-domU-4.3.4_10-67.1 xen-tools-domU-debuginfo-4.3.4_10-67.1 xtables-addons-2.3-2.33.1 xtables-addons-debuginfo-2.3-2.33.1 xtables-addons-debugsource-2.3-2.33.1 xtables-addons-kmp-default-2.3_k3.12.62_55-2.33.1 xtables-addons-kmp-default-debuginfo-2.3_k3.12.62_55-2.33.1 xtables-addons-kmp-desktop-2.3_k3.12.62_55-2.33.1 xtables-addons-kmp-desktop-debuginfo-2.3_k3.12.62_55-2.33.1 xtables-addons-kmp-xen-2.3_k3.12.62_55-2.33.1 xtables-addons-kmp-xen-debuginfo-2.3_k3.12.62_55-2.33.1
- openSUSE 13.1 (i686 x86_64):
kernel-debug-3.12.62-55.1 kernel-debug-base-3.12.62-55.1 kernel-debug-base-debuginfo-3.12.62-55.1 kernel-debug-debuginfo-3.12.62-55.1 kernel-debug-debugsource-3.12.62-55.1 kernel-debug-devel-3.12.62-55.1 kernel-debug-devel-debuginfo-3.12.62-55.1 kernel-desktop-3.12.62-55.1 kernel-desktop-base-3.12.62-55.1 kernel-desktop-base-debuginfo-3.12.62-55.1 kernel-desktop-debuginfo-3.12.62-55.1 kernel-desktop-debugsource-3.12.62-55.1 kernel-desktop-devel-3.12.62-55.1 kernel-ec2-3.12.62-55.1 kernel-ec2-base-3.12.62-55.1 kernel-ec2-base-debuginfo-3.12.62-55.1 kernel-ec2-debuginfo-3.12.62-55.1 kernel-ec2-debugsource-3.12.62-55.1 kernel-ec2-devel-3.12.62-55.1 kernel-trace-3.12.62-55.1 kernel-trace-base-3.12.62-55.1 kernel-trace-base-debuginfo-3.12.62-55.1 kernel-trace-debuginfo-3.12.62-55.1 kernel-trace-debugsource-3.12.62-55.1 kernel-trace-devel-3.12.62-55.1 kernel-vanilla-3.12.62-55.1 kernel-vanilla-debuginfo-3.12.62-55.1 kernel-vanilla-debugsource-3.12.62-55.1 kernel-vanilla-devel-3.12.62-55.1 kernel-xen-3.12.62-55.1 kernel-xen-base-3.12.62-55.1 kernel-xen-base-debuginfo-3.12.62-55.1 kernel-xen-debuginfo-3.12.62-55.1 kernel-xen-debugsource-3.12.62-55.1 kernel-xen-devel-3.12.62-55.1
- openSUSE 13.1 (noarch):
kernel-devel-3.12.62-55.1 kernel-docs-3.12.62-55.2 kernel-macros-3.12.62-55.1 kernel-source-3.12.62-55.1 kernel-source-vanilla-3.12.62-55.1 virtualbox-host-source-4.2.36-2.66.1
- openSUSE 13.1 (x86_64):
xen-4.3.4_10-67.1 xen-doc-html-4.3.4_10-67.1 xen-libs-32bit-4.3.4_10-67.1 xen-libs-debuginfo-32bit-4.3.4_10-67.1 xen-tools-4.3.4_10-67.1 xen-tools-debuginfo-4.3.4_10-67.1 xen-xend-tools-4.3.4_10-67.1 xen-xend-tools-debuginfo-4.3.4_10-67.1
- openSUSE 13.1 (i686):
kernel-pae-3.12.62-55.1 kernel-pae-base-3.12.62-55.1 kernel-pae-base-debuginfo-3.12.62-55.1 kernel-pae-debuginfo-3.12.62-55.1 kernel-pae-debugsource-3.12.62-55.1 kernel-pae-devel-3.12.62-55.1
- openSUSE 13.1 (i586):
cloop-kmp-pae-2.639_k3.12.62_55-11.34.1 cloop-kmp-pae-debuginfo-2.639_k3.12.62_55-11.34.1 crash-kmp-pae-7.0.2_k3.12.62_55-2.34.1 crash-kmp-pae-debuginfo-7.0.2_k3.12.62_55-2.34.1 hdjmod-kmp-pae-1.28_k3.12.62_55-16.34.1 hdjmod-kmp-pae-debuginfo-1.28_k3.12.62_55-16.34.1 ipset-kmp-pae-6.21.1_k3.12.62_55-2.38.1 ipset-kmp-pae-debuginfo-6.21.1_k3.12.62_55-2.38.1 iscsitarget-kmp-pae-1.4.20.3_k3.12.62_55-13.34.1 iscsitarget-kmp-pae-debuginfo-1.4.20.3_k3.12.62_55-13.34.1 ndiswrapper-kmp-pae-1.58_k3.12.62_55-35.1 ndiswrapper-kmp-pae-debuginfo-1.58_k3.12.62_55-35.1 openvswitch-kmp-pae-1.11.0_k3.12.62_55-0.41.1 openvswitch-kmp-pae-debuginfo-1.11.0_k3.12.62_55-0.41.1 pcfclock-kmp-pae-0.44_k3.12.62_55-258.35.1 pcfclock-kmp-pae-debuginfo-0.44_k3.12.62_55-258.35.1 vhba-kmp-pae-20130607_k3.12.62_55-2.34.1 vhba-kmp-pae-debuginfo-20130607_k3.12.62_55-2.34.1 virtualbox-guest-kmp-pae-4.2.36_k3.12.62_55-2.66.1 virtualbox-guest-kmp-pae-debuginfo-4.2.36_k3.12.62_55-2.66.1 virtualbox-host-kmp-pae-4.2.36_k3.12.62_55-2.66.1 virtualbox-host-kmp-pae-debuginfo-4.2.36_k3.12.62_55-2.66.1 xen-kmp-pae-4.3.4_10_k3.12.62_55-67.1 xen-kmp-pae-debuginfo-4.3.4_10_k3.12.62_55-67.1 xtables-addons-kmp-pae-2.3_k3.12.62_55-2.33.1 xtables-addons-kmp-pae-debuginfo-2.3_k3.12.62_55-2.33.1
References:
https://www.suse.com/security/cve/CVE-2016-5195.html https://www.suse.com/security/cve/CVE-2016-8666.html https://bugzilla.suse.com/1001419 https://bugzilla.suse.com/1001486 https://bugzilla.suse.com/1002165 https://bugzilla.suse.com/1004418
-- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe-at-opensuse.org For additional commands, e-mail: opensuse-security-announce+help-at-opensuse.org _______________________________________________ hangout mailing list hangout-at-nylxs.com http://www.nylxs.com/
|
|