[SUSE-Announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: PatchesforSUSELinuxEnterprise

Wed Nov 18 03:10:05 PST 2009

Fixlet Site - PatchesforSUSELinuxEnterprise
Current Version: 274	Published: Tue, 17 Nov 2009 21:58:14  GMT

New Fixlets:
============

***************************************************************
Title: PATCH-12541 - Security update for Linux kernel - SLES9
Severity: <Unspecified>
Fixlet ID: 1254101
Fixlet Link: http://download.novell.com/Download?buildid=5D9k-eXBxnY~

Fixlet Description: This update fixes various security issues and some bugs in the SUSE Linux Enterprise 9 kernel. Following security bugs were fixed:   CVE-2009-3547: A race condition in the pipe(2) systemcall could be used by local attackers to execute code. CVE-2009-2910: On x86_64 systems a information leak of high register contents (upper 32bit) was fixed. CVE-2009-1192: The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic. c in the agp subsystem in the Linux kernel do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. CVE-2009-2909: Unsigned check in the ax25 socket handler could allow local attackers to potentially crash the kernel or even execute code. CVE-2009-2848: The execve function in the Linux kernel did not properly clear the current-&gt;clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit. CVE-2009-3002: Fixed various sockethandler getname leaks, which could disclose memory previously used by the kernel or other userland processes to the local attacker. CVE-2009-1633: Multiple buffer overflows in the cifs subsystem in the Linux kernel allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess. c; or (2) long Unicode characters, related to fs/cifs/cifssmb. c and the cifs_readdir function in fs/cifs/readdir. c. CVE-2009-3726: The nfs4_proc_lock function in fs/nfs/nfs4proc. c in the NFSv4 client in the allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state. Everyone using the Linux Kernel should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9111203 - Security update for Linux kernel - SLES10 SP3
Severity: <Unspecified>
Fixlet ID: 911120301
Fixlet Link: http://download.novell.com/Download?buildid=MbtxYuIqSbs~

Fixlet Description: This update fixes various bugs and some security issues in the SUSE Linux Enterprise 10 SP 3 kernel. The following security issues were fixed:     CVE-2009-3238: The get_random_int function in drivers/char/random. c in the Linux kernel produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the functions tendency to return the same value over and over again for long stretches of time.   CVE-2009-1192: The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic. c in the agp subsystem in the Linux kernel do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages.   CVE-2009-2909: Unsigned check in the ax25 socket handler could allow local attackers to potentially crash the kernel or even execute code. Everyone using the Linux Kernel on x86 architecture should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9111203 - Security update for Linux kernel - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 911120305
Fixlet Link: http://download.novell.com/Download?buildid=UJQZhI0wpUU~

Fixlet Description: This update fixes various bugs and some security issues in the SUSE Linux Enterprise 10 SP 3 kernel. The following security issues were fixed:     CVE-2009-3238: The get_random_int function in drivers/char/random. c in the Linux kernel produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the functions tendency to return the same value over and over again for long stretches of time.   CVE-2009-1192: The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic. c in the agp subsystem in the Linux kernel do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages.   CVE-2009-2909: Unsigned check in the ax25 socket handler could allow local attackers to potentially crash the kernel or even execute code. Everyone using the Linux Kernel on x86 architecture should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9111601 - Security update for OpenSSL - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 911160101
Fixlet Link: http://download.novell.com/Download?buildid=D5z_HYDvfbY~

Fixlet Description: The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's mod_ssl was vulnerable to this kind of attack because it uses openssl. Please note that renegotiation will be disabled by this update and may cause problems in some cases. (CVE-2009-3555: CVSS v2 Base Score: 6.4) Please update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9111601 - Security update for OpenSSL - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 911160105
Fixlet Link: http://download.novell.com/Download?buildid=MTqBSJIo8sY~

Fixlet Description: The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's mod_ssl was vulnerable to this kind of attack because it uses openssl. Please note that renegotiation will be disabled by this update and may cause problems in some cases. (CVE-2009-3555: CVSS v2 Base Score: 6.4) Please update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9111602 - Security update for OpenSSL - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 911160201
Fixlet Link: http://download.novell.com/Download?buildid=TvnVcnug35U~

Fixlet Description: The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's mod_ssl was vulnerable to this kind of attack because it uses openssl. Please note that renegotiation will be disabled by this update and may cause problems in some cases. (CVE-2009-3555: CVSS v2 Base Score: 6.4) Please update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9111602 - Security update for OpenSSL - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 911160203
Fixlet Link: http://download.novell.com/Download?buildid=BMTRubGmsCI~

Fixlet Description: The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's mod_ssl was vulnerable to this kind of attack because it uses openssl. Please note that renegotiation will be disabled by this update and may cause problems in some cases. (CVE-2009-3555: CVSS v2 Base Score: 6.4) Please update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9111603 - Security update for OpenSSL - SLED10 SP3
Severity: <Unspecified>
Fixlet ID: 911160303
Fixlet Link: http://download.novell.com/Download?buildid=ric2-NqWuq4~

Fixlet Description: The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's mod_ssl was vulnerable to this kind of attack because it uses openssl. Please note that renegotiation will be disabled by this update and may cause problems in some cases. (CVE-2009-3555: CVSS v2 Base Score: 6.4) Please update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9111603 - Security update for OpenSSL - SLES10 SP3
Severity: <Unspecified>
Fixlet ID: 911160305
Fixlet Link: http://download.novell.com/Download?buildid=1j_TETrwTVs~

Fixlet Description: The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's mod_ssl was vulnerable to this kind of attack because it uses openssl. Please note that renegotiation will be disabled by this update and may cause problems in some cases. (CVE-2009-3555: CVSS v2 Base Score: 6.4) Please update. Please see patch page for more detailed information.