Fixlet Site - PatchesforSUSELinuxEnterprise Current Version: 70 Published: Tue, 16 Oct 2007 18:38:18 GMT *************************************************************** Title: PATCH-11787 - Security update for subdomain-parser - SLES9 Severity: Fixlet ID: 1178701 Fixlet Link: http://support.novell.com/techcenter/psdb/8c9d64b133d99cd820266d0e479ffbbb.html Fixlet Description: The following patch supports new language features in AppArmor which have been added to improve the confinement provided to applications executing other applications will confined by AppArmor. Two new execute modifiers: 'P' and 'U' are provided and are flavors of the exisiting 'p' and 'u' modifiers but indicate that the enviroment should be stripped across the execute transition. A new permission 'm' is required when an application executes the mmap(2) with the prot arg PROT_EXEC. This is a reissue of a previous update due to RPM release number problems. Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-11834 - Security update for Linux kernel - SLES9 Severity: Fixlet ID: 1183401 Fixlet Link: http://support.novell.com/techcenter/psdb/79ad90eebcf05ad4304479c0d22b0b96.html Fixlet Description: This kernel update fixes the following security problems: CVE-2007-2876: A NULL pointer dereference in SCTP connection tracking could be caused by a remote attacker by sending specially crafted packets. Note that this requires SCTP set-up and active to be exploitable. This bug was already fixed in openSUSE 10.2 and SLES10. The handling of the usage counter for bond devices was fixed. CVE-2007-3105: Stack-based buffer overflow in the random number generator (RNG) implementation in the Linux kernel before 2.6.22 might allow local root users to cause a denial of service or gain privileges by setting the default wake-up threshold to a value greater than the output pool size, which triggers writing random numbers to the stack by the pool transfer function involving "bound check ordering". Since this value can only be changed by a root user, exploitability is low. This was already fixed for SLES10. CVE-2007-2525: A memory leak in the PPPoE driver can be abused by local users to cause a denial-of-service condition. This bug was already fixed for SLES10. CVE-2007-3848: Local users are allowed to send arbitrary signals to child processes running with different UID. This bug was already fixed for SLES10 CVE-2007-4573: It was possible for local user to become root by exploiting a bug in the IA32 system call emulation. This affects x86_64 platforms with kernel 2.4. x and 2.6. x before 2.6.22.7 only. CVE-2007-4571: An information disclosure vulnerability in the ALSA driver can be exploited by local users to read sensitive data from the kernel memory. and the following non security bugs: patches. fixes/ide-tape-no-device: Prevent oops in ide-tape when opening a non-existent device [#165539] patches. fixes/oom-fix-spurious-kills: go in sync with mainline to avoid spurious oom kills [#202338] patches. fixes/oom-fix-deadlocks: fix lots of oom deadlock related bugs [#202338] patches. fixes/reiserfs-unsigned-less-than-zero-checks. diff: reiserfs: do not check if unsigned < 0 [#208950] patches. fixes/sbp2_dma_boundary. patch: [#243270] set a conservative DMA limit for buffers to be transferred via sbp2 patches. drivers/mptspi-sequential-scan-hang: [#243401] Boot time hang during sequential scan of SCSI-2 target LUNs patches. fixes/scsi-remove-host-procfs: kernel Oops after rmmod lpfc [#251257] patches. fixes/fusion-nat-consumption-fix: Handle a potential race in mptbase. This fixes a NaT consumption crash [#257412] patches. fixes/fix-hiddev-oops-2: Fix disconnect oops in hiddev [#279318] patches. fixes/nfs-osync-error-return: Ensure proper error return from O_SYNC writes [#280833] patches. fixes/lockd-chroot-fix: Allow lockd to work reliably with applications in a chroot [#288376] [#305480] patches. fixes/make-swappiness-safer-to-use. patch: Handle low swappiness more gracefully [#288799] patches. arch/x86_64-dac-memleak: Fix memory leak in pci_alloc_consistent [#302094] patches. fixes/reiserfs-transaction-overflow: reiserfs: handle trans_id overflow [#329645] Everyone using the Linux Kernel on x86 architecture should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-11834 - Dependencies Needed - SLES9 Severity: Fixlet ID: 1183402 Fixlet Link: http://support.novell.com/techcenter/psdb/79ad90eebcf05ad4304479c0d22b0b96.html Fixlet Description: Updated kernel packages that fix various security and non-security bugs are now available. However, this update requires the package mkinitrd to be at least version 1.2. *************************************************************** Title: PATCH-11843 - Security update for OpenSSL - SLES9 Severity: Fixlet ID: 1184301 Fixlet Link: http://support.novell.com/techcenter/psdb/5ab4f4c02d8fd020226a6cc67e3210f3.html Fixlet Description: This update of openssl fixes a off-by-one buffer overflow in function SSL_get_shared_ciphers(). This vulnerability potentially allows remote code execution; depending on memory layout of the process. Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-11843 - Security update for OpenSSL - SLES10 Severity: Fixlet ID: 1184303 Fixlet Link: http://support.novell.com/techcenter/psdb/5ab4f4c02d8fd020226a6cc67e3210f3.html Fixlet Description: This update of openssl fixes a off-by-one buffer overflow in function SSL_get_shared_ciphers(). This vulnerability potentially allows remote code execution; depending on memory layout of the process. Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-11843 - Security update for OpenSSL - SLED10 Severity: Fixlet ID: 1184304 Fixlet Link: http://support.novell.com/techcenter/psdb/5ab4f4c02d8fd020226a6cc67e3210f3.html Fixlet Description: This update of openssl fixes a off-by-one buffer overflow in function SSL_get_shared_ciphers(). This vulnerability potentially allows remote code execution; depending on memory layout of the process. Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-11853 - Security update for Tk - SLES9 Severity: Fixlet ID: 1185301 Fixlet Link: http://support.novell.com/techcenter/psdb/54704d57e08bced85978b78720ac185c.html Fixlet Description: This update fixes a buffer overflow that occurs while processing interlaced/animatedGIF images. This bug could be used to execute code remotely. Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-11853 - Security update for Tk - SLED10 Severity: Fixlet ID: 1185303 Fixlet Link: http://support.novell.com/techcenter/psdb/54704d57e08bced85978b78720ac185c.html Fixlet Description: This update fixes a buffer overflow that occurs while processing interlaced/animatedGIF images. This bug could be used to execute code remotely. Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-11853 - Security update for Tk - SLES10 Severity: Fixlet ID: 1185304 Fixlet Link: http://support.novell.com/techcenter/psdb/54704d57e08bced85978b78720ac185c.html Fixlet Description: This update fixes a buffer overflow that occurs while processing interlaced/animatedGIF images. This bug could be used to execute code remotely. Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B7101101 - Security update for Linux kernel - SLES10 Severity: Fixlet ID: 710110101 Fixlet Link: http://support.novell.com/techcenter/psdb/e6e2ffbd54ec927734c60e0c70947511.html Fixlet Description: This kernel update fixes the following security problems: CVE-2007-4573: It was possible for local user to become root by exploiting a bug in the IA32 system call emulation. This affects x86_64 platforms with kernel 2.4. x and 2.6. x before 2.6.22.7 only. CVE-2007-4571: An information disclosure vulnerability in the ALSA driver can be exploited by local users to read sensitive data from the kernel memory. and the following non security bugs: patches. xen/xen-blkback-cdrom: CDROM removable media-present attribute plus handling code [#159907] patches. drivers/libata-add-pata_dma-kernel-parameter: libata: Add a drivers/ide style DMA disable [#229260] [#272786] patches. drivers/libata-sata_via-kill-SATA_PATA_SHARING: sata_via: kill SATA_PATA_SHARING register handling [#254158] [#309069] patches. drivers/libata-sata_via-add-PCI-IDs: sata_via: add PCI IDs [#254158] [#326647] supported. conf: Marked 8250 and 8250_pci as supported (only Xen kernels build them as modules) [#260686] patches. fixes/bridge-module-get-put. patch: Module use count must be updated as bridges are created/destroyed [#267651] patches. fixes/iscsi-netware-fix: Linux Initiator hard hangs writing files to NetWare target [#286566] patches. fixes/lockd-chroot-fix: Allow lockd to work reliably with applications in a chroot [#288376] [#305480] add patches. fixes/x86_64-hangcheck_timer-fix. patch fix monotonic_clock() and hangcheck_timer [#291633] patches. arch/sn_hwperf_cpuinfo_fix. diff: Correctly count CPU objects for SGI ia64/sn hwperf interface [#292240] Extend reiserfs to properly support file systems up to 16 TiB [#294754] patches. fixes/reiserfs-signedness-fixes. diff: reiserfs: fix usage of signed ints for block numbers patches. fixes/reiserfs-fix-large-fs. diff: reiserfs: ignore s_bmap_nr on disk for file systems >= 8 TiB patches. suse/ocfs2-06-per-resource-events. diff: Deliver events without a specified resource unconditionally. [#296606] patches. fixes/proc-readdir-race-fix. patch: Fix the race in proc_pid_readdir [#297232] patches. xen/xen3-patch-2.6.16.49-50: XEN: update to Linux 2.6.16.50 [#298719] patches. fixes/pm-ordering-fix. patch: PM: Fix ACPI suspend / device suspend ordering [#302207] patches. drivers/ibmvscsi-slave_configure. patch add ->slave_configure() to allow device restart [#304138] patches. arch/ppc-power6-ebus-unique_location. patch Prevent bus_id collisions [#306482] patches. xen/30-bit-field-booleans. patch: Fix packet loss in DomU xen netback driver [#306896] config/i386/kdump: Enable ahci module [#308556] update patches. drivers/ppc-power6-ehea. patch fix link state detection for bonding [#309553] patches. drivers/ibmveth-fixup-pool_deactivate. patch patches. drivers/ibmveth-large-frames. patch patches. drivers/ibmveth-large-mtu. patch: fix serveral crashes when changing ibmveth sysfs values [#326164] patches. drivers/libata-sata_sil24-fix-IRQ-clearing-race-on-IRQ_WOC: sata_sil24: fix IRQ clearing race when PCIX_IRQ_WOC is used [#327536] update patches. drivers/ibmvscsis. patch set blocksize to PAGE_CACHE_SIZE to fix flood of bio allocation warnings/failures [#328219] Everyone using the Linux Kernel on x86 architecture should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B7101101 - Security update for Linux kernel - SLED10 Severity: Fixlet ID: 710110102 Fixlet Link: http://support.novell.com/techcenter/psdb/e6e2ffbd54ec927734c60e0c70947511.html Fixlet Description: This kernel update fixes the following security problems: CVE-2007-4573: It was possible for local user to become root by exploiting a bug in the IA32 system call emulation. This affects x86_64 platforms with kernel 2.4. x and 2.6. x before 2.6.22.7 only. CVE-2007-4571: An information disclosure vulnerability in the ALSA driver can be exploited by local users to read sensitive data from the kernel memory. and the following non security bugs: patches. xen/xen-blkback-cdrom: CDROM removable media-present attribute plus handling code [#159907] patches. drivers/libata-add-pata_dma-kernel-parameter: libata: Add a drivers/ide style DMA disable [#229260] [#272786] patches. drivers/libata-sata_via-kill-SATA_PATA_SHARING: sata_via: kill SATA_PATA_SHARING register handling [#254158] [#309069] patches. drivers/libata-sata_via-add-PCI-IDs: sata_via: add PCI IDs [#254158] [#326647] supported. conf: Marked 8250 and 8250_pci as supported (only Xen kernels build them as modules) [#260686] patches. fixes/bridge-module-get-put. patch: Module use count must be updated as bridges are created/destroyed [#267651] patches. fixes/iscsi-netware-fix: Linux Initiator hard hangs writing files to NetWare target [#286566] patches. fixes/lockd-chroot-fix: Allow lockd to work reliably with applications in a chroot [#288376] [#305480] add patches. fixes/x86_64-hangcheck_timer-fix. patch fix monotonic_clock() and hangcheck_timer [#291633] patches. arch/sn_hwperf_cpuinfo_fix. diff: Correctly count CPU objects for SGI ia64/sn hwperf interface [#292240] Extend reiserfs to properly support file systems up to 16 TiB [#294754] patches. fixes/reiserfs-signedness-fixes. diff: reiserfs: fix usage of signed ints for block numbers patches. fixes/reiserfs-fix-large-fs. diff: reiserfs: ignore s_bmap_nr on disk for file systems >= 8 TiB patches. suse/ocfs2-06-per-resource-events. diff: Deliver events without a specified resource unconditionally. [#296606] patches. fixes/proc-readdir-race-fix. patch: Fix the race in proc_pid_readdir [#297232] patches. xen/xen3-patch-2.6.16.49-50: XEN: update to Linux 2.6.16.50 [#298719] patches. fixes/pm-ordering-fix. patch: PM: Fix ACPI suspend / device suspend ordering [#302207] patches. drivers/ibmvscsi-slave_configure. patch add ->slave_configure() to allow device restart [#304138] patches. arch/ppc-power6-ebus-unique_location. patch Prevent bus_id collisions [#306482] patches. xen/30-bit-field-booleans. patch: Fix packet loss in DomU xen netback driver [#306896] config/i386/kdump: Enable ahci module [#308556] update patches. drivers/ppc-power6-ehea. patch fix link state detection for bonding [#309553] patches. drivers/ibmveth-fixup-pool_deactivate. patch patches. drivers/ibmveth-large-frames. patch patches. drivers/ibmveth-large-mtu. patch: fix serveral crashes when changing ibmveth sysfs values [#326164] patches. drivers/libata-sata_sil24-fix-IRQ-clearing-race-on-IRQ_WOC: sata_sil24: fix IRQ clearing race when PCIX_IRQ_WOC is used [#327536] update patches. drivers/ibmvscsis. patch set blocksize to PAGE_CACHE_SIZE to fix flood of bio allocation warnings/failures [#328219] Everyone using the Linux Kernel on x86 architecture should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B7101101 - Dependencies Needed - SLED10/SLES10 Severity: Fixlet ID: 710110103 Fixlet Link: http://support.novell.com/techcenter/psdb/e6e2ffbd54ec927734c60e0c70947511.html Fixlet Description: Updated kernel packages are now available for SuSE Linux Enterprise 10. However, this update requires that the package "mkinitrd" be installed and at least version "1.2". This update also requires that the package "perl-Bootloader" be installed and at least version "0.4.16". *************************************************************** Title: PATCH-B7101101 - Dependency Conflict- SLED10/SLES10 Severity: Fixlet ID: 710110104 Fixlet Link: http://support.novell.com/techcenter/psdb/e6e2ffbd54ec927734c60e0c70947511.html Fixlet Description: Updated kernel packages are now available for SuSE Linux Enterprise 10. However, these systems currently have the Novell Client for Linux kernel module installed. To continue using the Novell Client kernel module, a manual update of kernel and module will need to be done simultaneously, or module after kernel. If the Novell Client kernel module is not needed, it should be removed before updating the Linux kernel. The Novell Client kernel module is contained in a package named "novfs-kmp-default", "novfs-kmp-bigsmp" or "novfs-kmp-smp". Additionally, any separately packaged kernel module that is installed for the current running kernel will need to be either removed before the kernel is updated, or manually updated simultaneously. *************************************************************** Title: PATCH-B7101103 - Security update for Novell GroupWise client - SLED10 Severity: Fixlet ID: 710110301 Fixlet Link: http://support.novell.com/techcenter/psdb/30c1436cb2f6dd335b3ef9f118dc7004.html Fixlet Description: This update fixes a security vulnerability in the GroupWise system that allows a malicious user to intercept authentication credentials through a 'man in the middle' attack. Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B7101104 - Security update for X.org X11 - SLES10 Severity: Fixlet ID: 710110401 Fixlet Link: http://support.novell.com/techcenter/psdb/0cc76d0c57cd2d52b1a7ca3945562d1d.html Fixlet Description: This update fixes the following issues: X Font Server build_range(): Integer Overflow Vulnerability [IDEF2708] (CVE-2007-4989) X Font Server swap_char2b() Heap Overflow Vulnerability [IDEF2709] (CVE-2007-4990) Composite extension buffer overflow (CVE-2007-4730). Everyone should install this update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B7101104 - Security update for X.org X11 - SLED10 Severity: Fixlet ID: 710110402 Fixlet Link: http://support.novell.com/techcenter/psdb/0cc76d0c57cd2d52b1a7ca3945562d1d.html Fixlet Description: This update fixes the following issues: X Font Server build_range(): Integer Overflow Vulnerability [IDEF2708] (CVE-2007-4989) X Font Server swap_char2b() Heap Overflow Vulnerability [IDEF2709] (CVE-2007-4990) Composite extension buffer overflow (CVE-2007-4730). Everyone should install this update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B7101108 - Security update for Postfix - SLED10/SLES10 Severity: Fixlet ID: 710110801 Fixlet Link: http://support.novell.com/techcenter/psdb/5d9041f2970e2f3e5d91f86a8bed26e6.html Fixlet Description: The SuSEconfig script for postfix doesn't honor the value of SMTPD_LISTEN_REMOTE in /etc/sysconfig/mail and therefore creates a config that makes postfix listen on all network interfaces. Important note: Note that if you actually rely on postfix listening on all interfaces you need to set SMTPD_LISTEN_REMOTE=yes. Everyone should update. Please see patch page for more detailed information. *************************************************************** Title: PATCH-B7101501 - Security update for hplip17 and hplip17-hpijs - SLED10/SLES10 Severity: Fixlet ID: 710150101 Fixlet Link: http://support.novell.com/techcenter/psdb/4d1e29e7df9740b02cb25e76146c67ac.html Fixlet Description: The daemon 'hpssd' could be exploited by users to execute arbitrary commands as root. hpssd only runs on systems that have HP all-in-one devices configured. In the default configuration the problem is not remotely exploitable as hpssd only listens on local interfaces. Only users of HP all-in-one devices need to update. Please see patch page for more detailed information.