Bug 866102 (CVE-2014-0101)

Summary:	VUL-0: CVE-2014-0101: kernel: net: sctp: fix sctp_sf_do_5_1D_ce to verify if peer is AUTH capable
Product:	[Novell Products] SUSE Security Incidents	Reporter:	Marcus Meissner <meissner>
Component:	Incidents	Assignee:	Security Team bot <security-team>
Status:	RESOLVED FIXED	QA Contact:	Security Team bot <security-team>
Severity:	Major
Priority:	P2 - High	CC:	jbohac, jkosina, meissner, mhocko, mkubecek, sascha.wessels, security-team
Version:	unspecified
Target Milestone:	---
Hardware:	Other
OS:	Other
Whiteboard:	maint:released:sle11-sp1:56532 maint:released:sle11-sp2:57399 maint:released:sle11-sp2:57400 maint:released:sle11-sp2:57405 maint:released:sle11-sp2:57401 maint:released:sle11-sp2:57404 maint:released:sle11-sp1:57768 maint:released:sle11-sp1:57769 maint:released:sle11-sp1:57770 maint:released:sle11-sp3:58216 maint:released:sle11-sp3:58217 maint:released:sle11-sp3:58239 maint:released:sle11-sp3:58218 maint:released:sle11-sp3:58215 maint:released:sle11-sp3:58220 maint:released:sle11-sp3:58225 maint:released:sle11-sp3:58221 maint:released:sle11-sp3:58222 maint:released:sle11-sp3:58223
Found By:	---	Services Priority:
Business Priority:		Blocker:	---
Marketing QA Status:	---	IT Deployment:	---

Comment 2 Swamp Workflow Management 2014-02-27 23:00:32 UTC

bugbot adjusting priority

Comment 3 Marcus Meissner 2014-02-28 14:06:21 UTC

In SLES11 SP1, SP2 and SP3 the patch seems applicable.

SLES10 SP4 does not have the relevant parts, so I think not.

Comment 6 Marcus Meissner 2014-03-04 12:32:09 UTC

is public now.

Date: Tue, 4 Mar 2014 12:00:13 +0100
From: Petr Matousek <pmatouse@redhat.com>

A flaw was found in the way Linux kernel processed authenticated
COOKIE_ECHO chunks.

A remote attacker could use this flaw to crash the system by sending a
maliciously prepared SCTP handshake in order to trigger a NULL pointer
dereference on the server.

Introduced by:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bbd0d59809f9

Upstream patch submission:
http://patchwork.ozlabs.org/patch/325898/

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1070705

Comment 7 Swamp Workflow Management 2014-03-04 14:40:06 UTC

The SWAMPID for this issue is 56531.
This issue was rated as important.
Please submit fixed packages until 2014-03-11.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 9 Swamp Workflow Management 2014-03-07 12:04:23 UTC

Update released for: kernel-debug, kernel-debug-base, kernel-debug-debuginfo, kernel-debug-debugsource, kernel-debug-devel, kernel-debug-devel-debuginfo, kernel-debug-extra, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-docs, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra
Products:
SLE-SERVER 11-SP1-TERADATA (x86_64)

Comment 13 Swamp Workflow Management 2014-05-19 12:08:29 UTC

openSUSE-SU-2014:0677-1: An update that solves 16 vulnerabilities and has 10 fixes is now available.

Category: security (important)
Bug References: 733022,811746,833968,837111,851426,852652,852967,858233,858638,858869,858870,858872,860835,862145,863335,864025,866102,868653,869414,869898,871148,871252,871325,873717,875690,875798
CVE References: CVE-2013-4254,CVE-2013-4579,CVE-2013-6885,CVE-2014-0101,CVE-2014-0196,CVE-2014-0691,CVE-2014-1438,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1690,CVE-2014-1737,CVE-2014-1738,CVE-2014-1874,CVE-2014-2523,CVE-2014-2672
Sources used:
openSUSE 12.3 (src):    kernel-docs-3.7.10-1.32.2, kernel-source-3.7.10-1.32.1, kernel-syms-3.7.10-1.32.1

Comment 14 Swamp Workflow Management 2014-05-19 12:18:17 UTC

openSUSE-SU-2014:0678-1: An update that solves 17 vulnerabilities and has 23 fixes is now available.

Category: security (important)
Bug References: 639379,812592,81660,821619,833968,842553,849334,851244,851426,852656,852967,853350,856760,857643,858638,858872,859342,860502,860835,861750,862746,863235,863335,864025,864867,865075,866075,866102,867718,868653,869414,871148,871160,871252,871325,875440,875690,875798,876531,876699
CVE References: CVE-2013-4579,CVE-2013-6885,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2013-7281,CVE-2014-0069,CVE-2014-0101,CVE-2014-0196,CVE-2014-1438,CVE-2014-1446,CVE-2014-1690,CVE-2014-1737,CVE-2014-1738,CVE-2014-1874,CVE-2014-2523,CVE-2014-2672
Sources used:
openSUSE 13.1 (src):    cloop-2.639-11.7.1, crash-7.0.2-2.7.1, hdjmod-1.28-16.7.1, ipset-6.19-2.7.1, iscsitarget-1.4.20.3-13.7.1, kernel-docs-3.11.10-11.3, kernel-source-3.11.10-11.1, kernel-syms-3.11.10-11.1, ndiswrapper-1.58-7.1, openvswitch-1.11.0-0.25.1, pcfclock-0.44-258.7.1, virtualbox-4.2.18-2.12.1, xen-4.3.2_01-15.1, xtables-addons-2.3-2.7.1

Comment 15 Swamp Workflow Management 2014-05-21 18:51:03 UTC

Update released for: btrfs-kmp-default, btrfs-kmp-pae, btrfs-kmp-trace, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-pae, ext4dev-kmp-trace, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, hyper-v-kmp-default, hyper-v-kmp-pae, hyper-v-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-devel, kernel-pae-devel-debuginfo, kernel-pae-extra, kernel-pae-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen
Products:
SLE-DEBUGINFO 11-SP2 (i386)
SLE-SERVER 11-SP2-LTSS (i386)

Comment 16 Swamp Workflow Management 2014-05-21 18:55:10 UTC

Update released for: btrfs-kmp-default, btrfs-kmp-trace, cluster-network-kmp-default, cluster-network-kmp-trace, ext4dev-kmp-default, ext4dev-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (s390x)
SLE-SERVER 11-SP2-LTSS (s390x)

Comment 17 Swamp Workflow Management 2014-05-21 19:52:13 UTC

Update released for: btrfs-kmp-default, btrfs-kmp-trace, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-trace, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, hyper-v-kmp-default, hyper-v-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen
Products:
SLE-DEBUGINFO 11-SP2 (x86_64)
SLE-SERVER 11-SP2-LTSS (x86_64)

Comment 18 Swamp Workflow Management 2014-05-22 00:14:18 UTC

SUSE-SU-2014:0696-1: An update that solves 21 vulnerabilities and has 32 fixes is now available.

Category: security (important)
Bug References: 708296,736697,746500,814788,819351,831029,836347,843185,844513,847672,849364,851426,852488,852553,852967,853455,854025,855347,855885,856083,857499,857643,858280,858534,858604,858869,858870,858872,862429,863300,863335,864025,864833,865307,865310,865330,865342,865783,866102,867953,868528,868653,869033,869563,870801,871325,871561,871861,873061,874108,875690,875798,876102
CVE References: CVE-2013-4470,CVE-2013-4579,CVE-2013-6382,CVE-2013-6885,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2013-7339,CVE-2014-0069,CVE-2014-0101,CVE-2014-0196,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1737,CVE-2014-1738,CVE-2014-1874,CVE-2014-2039,CVE-2014-2523,CVE-2014-2678,CVE-2014-3122
Sources used:
SUSE Linux Enterprise Server 11 SP2 LTSS (src):    kernel-default-3.0.101-0.7.19.1, kernel-ec2-3.0.101-0.7.19.1, kernel-pae-3.0.101-0.7.19.1, kernel-source-3.0.101-0.7.19.1, kernel-syms-3.0.101-0.7.19.1, kernel-trace-3.0.101-0.7.19.1, kernel-xen-3.0.101-0.7.19.1
SLE 11 SERVER Unsupported Extras (src):    kernel-default-3.0.101-0.7.19.1, kernel-pae-3.0.101-0.7.19.1, kernel-xen-3.0.101-0.7.19.1

Comment 19 Swamp Workflow Management 2014-05-22 00:21:39 UTC

Update released for: kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)

Comment 20 Swamp Workflow Management 2014-05-22 01:08:45 UTC

Update released for: kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)

Comment 21 Swamp Workflow Management 2014-05-22 02:08:35 UTC

Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)

Comment 22 Swamp Workflow Management 2014-06-06 10:19:08 UTC

openSUSE-SU-2014:0766-1: An update that solves 30 vulnerabilities and has 37 fixes is now available.

Category: security (moderate)
Bug References: 708296,736697,746500,758813,813733,814788,817377,819351,823260,831029,836347,840226,841402,843185,844513,847672,849021,849364,850263,851426,852488,852553,852558,852967,853455,854025,855347,855885,856083,857499,857643,858280,858534,858604,858869,858870,858872,862023,862429,863300,863335,864025,864833,865307,865310,865330,865342,865783,866102,867139,867255,867953,868049,868528,868653,869033,869563,870801,871252,871325,871561,871861,873061,874108,875690,875798,876102
CVE References: CVE-2012-2313,CVE-2013-0343,CVE-2013-1929,CVE-2013-2015,CVE-2013-2147,CVE-2013-4345,CVE-2013-4470,CVE-2013-4511,CVE-2013-4579,CVE-2013-6382,CVE-2013-6383,CVE-2013-6763,CVE-2013-6885,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2013-7339,CVE-2014-00691,CVE-2014-0101,CVE-2014-0196,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1737,CVE-2014-1738,CVE-2014-1874,CVE-2014-2039,CVE-2014-2523,CVE-2014-2678,CVE-2014-3122
Sources used:
openSUSE 11.4 (src):    kernel-docs-3.0.101-83.3, kernel-source-3.0.101-83.1, kernel-syms-3.0.101-83.1, preload-1.2-6.61.1

Comment 23 Swamp Workflow Management 2014-06-17 18:49:26 UTC

Update released for: btrfs-kmp-default, btrfs-kmp-pae, btrfs-kmp-trace, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-pae, ext4dev-kmp-trace, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, hyper-v-kmp-default, hyper-v-kmp-pae, hyper-v-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-devel, kernel-pae-devel-debuginfo, kernel-pae-extra, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen
Products:
SLE-DEBUGINFO 11-SP1 (i386)
SLE-SERVER 11-SP1-LTSS (i386)

Comment 24 Swamp Workflow Management 2014-06-17 18:57:54 UTC

Update released for: btrfs-kmp-default, btrfs-kmp-trace, cluster-network-kmp-default, cluster-network-kmp-trace, ext4dev-kmp-default, ext4dev-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP1 (s390x)
SLE-SERVER 11-SP1-LTSS (s390x)

Comment 25 Swamp Workflow Management 2014-06-17 19:51:31 UTC

Update released for: btrfs-kmp-default, btrfs-kmp-trace, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-trace, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, hyper-v-kmp-default, hyper-v-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen
Products:
SLE-DEBUGINFO 11-SP1 (x86_64)
SLE-SERVER 11-SP1-LTSS (x86_64)

Comment 26 Swamp Workflow Management 2014-06-17 23:08:23 UTC

SUSE-SU-2014:0807-1: An update that solves 17 vulnerabilities and has 9 fixes is now available.

Category: security (important)
Bug References: 630970,661605,663516,761774,792407,852553,852967,854634,854743,856756,857643,863335,865310,866102,868049,868488,868653,869563,871561,873070,874108,875690,875798,876102,878289,880892
CVE References: CVE-2012-6647,CVE-2013-6382,CVE-2013-6885,CVE-2013-7027,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2013-7339,CVE-2014-0101,CVE-2014-0196,CVE-2014-1737,CVE-2014-1738,CVE-2014-1874,CVE-2014-2523,CVE-2014-2678,CVE-2014-3122,CVE-2014-3153
Sources used:
SUSE Linux Enterprise Server 11 SP1 LTSS (src):    btrfs-0-0.3.163, ext4dev-0-7.9.130, hyper-v-0-0.18.39, kernel-default-2.6.32.59-0.13.1, kernel-ec2-2.6.32.59-0.13.1, kernel-pae-2.6.32.59-0.13.1, kernel-source-2.6.32.59-0.13.1, kernel-syms-2.6.32.59-0.13.1, kernel-trace-2.6.32.59-0.13.1, kernel-xen-2.6.32.59-0.13.1
SLE 11 SERVER Unsupported Extras (src):    kernel-default-2.6.32.59-0.13.1, kernel-pae-2.6.32.59-0.13.1, kernel-xen-2.6.32.59-0.13.1

Comment 27 Swamp Workflow Management 2014-06-17 23:12:48 UTC

Update released for: kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)

Comment 28 Swamp Workflow Management 2014-06-17 23:14:11 UTC

Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)

Comment 29 Swamp Workflow Management 2014-06-17 23:17:11 UTC

Update released for: kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)

Comment 30 Marcus Meissner 2014-07-16 15:30:15 UTC

11-sp3 released

Comment 31 Swamp Workflow Management 2014-07-16 17:57:59 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-ppc64, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-ppc64, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-extra, kernel-default-hmac, kernel-ppc64, kernel-ppc64-base, kernel-ppc64-debuginfo, kernel-ppc64-debugsource, kernel-ppc64-devel, kernel-ppc64-extra, kernel-ppc64-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-ppc64, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (ppc64)
SLE-HAE 11-SP3 (ppc64)
SLE-SERVER 11-SP3 (ppc64)

Comment 32 Swamp Workflow Management 2014-07-16 19:01:11 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-devel, kernel-pae-devel-debuginfo, kernel-pae-extra, kernel-pae-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-pae, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (i386)
SLE-DESKTOP 11-SP3 (i386)
SLE-HAE 11-SP3 (i386)
SLE-SERVER 11-SP3 (i386)
SLES4VMWARE 11-SP3 (i386)

Comment 33 Swamp Workflow Management 2014-07-16 19:11:19 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (s390x)
SLE-HAE 11-SP3 (s390x)
SLE-SERVER 11-SP3 (s390x)

Comment 34 Swamp Workflow Management 2014-07-16 19:37:31 UTC

Update released for: cluster-network-kmp-rt, cluster-network-kmp-rt_trace, drbd-kmp-rt, drbd-kmp-rt_trace, iscsitarget-kmp-rt, iscsitarget-kmp-rt_trace, kernel-rt, kernel-rt-base, kernel-rt-debuginfo, kernel-rt-debugsource, kernel-rt-devel, kernel-rt-devel-debuginfo, kernel-rt-extra, kernel-rt-hmac, kernel-rt_trace, kernel-rt_trace-base, kernel-rt_trace-debuginfo, kernel-rt_trace-debugsource, kernel-rt_trace-devel, kernel-rt_trace-devel-debuginfo, kernel-rt_trace-extra, kernel-rt_trace-hmac, kernel-source-rt, kernel-syms-rt, lttng-modules-kmp-rt, lttng-modules-kmp-rt_trace, ocfs2-kmp-rt, ocfs2-kmp-rt_trace, ofed-kmp-rt, ofed-kmp-rt_trace
Products:
SLE-DEBUGINFO 11-SP3 (x86_64)
SLE-RT 11-SP3 (x86_64)

Comment 35 Swamp Workflow Management 2014-07-16 20:52:06 UTC

Update released for: cluster-network-kmp-bigsmp, drbd-kmp-bigsmp, gfs2-kmp-bigsmp, iscsitarget-kmp-bigsmp, kernel-bigsmp, kernel-bigsmp-base, kernel-bigsmp-debuginfo, kernel-bigsmp-debugsource, kernel-bigsmp-devel, kernel-bigsmp-devel-debuginfo, kernel-bigsmp-extra, kernel-bigsmp-hmac, ocfs2-kmp-bigsmp, ofed-kmp-bigsmp, oracleasm-kmp-bigsmp
Products:
SLE-DEBUGINFO 11-SP3 (x86_64)
SLE-DESKTOP 11-SP3 (x86_64)
SLE-HAE 11-SP3 (x86_64)
SLE-SERVER 11-SP3 (x86_64)
SLES4VMWARE 11-SP3 (x86_64)

Comment 36 Swamp Workflow Management 2014-07-16 21:10:26 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (x86_64)
SLE-DESKTOP 11-SP3 (x86_64)
SLE-HAE 11-SP3 (x86_64)
SLE-SERVER 11-SP3 (x86_64)
SLES4VMWARE 11-SP3 (x86_64)

Comment 37 Swamp Workflow Management 2014-07-16 21:17:06 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (ia64)
SLE-HAE 11-SP3 (ia64)
SLE-SERVER 11-SP3 (ia64)

Comment 38 Swamp Workflow Management 2014-07-17 01:36:48 UTC

SUSE-OU-2014:0907-1: An update that solves 28 vulnerabilities and has 76 fixes is now available.

Category: optional (important)
Bug References: 767610,786450,792271,821619,832710,837563,840524,846404,846690,847652,850915,851426,851603,852553,855126,857926,858869,858870,858872,859840,861636,861980,862429,862934,863300,863335,863410,863873,864404,864464,865310,865330,865882,866081,866102,866615,866800,866864,867362,867517,867531,867723,867953,868488,868528,868653,868748,869033,869414,869563,869934,870173,870335,870450,870496,870498,870576,870591,870618,870877,870958,871561,871634,871676,871728,871854,871861,871899,872188,872540,872634,873061,873374,873463,874108,874145,874440,874577,875386,876102,876114,876176,876463,877013,877257,877497,877775,878115,878123,878274,878407,878509,879921,879957,880007,880357,880437,880484,881571,881761,881939,882324,883380,883795
CVE References: CVE-2012-2372,CVE-2013-2929,CVE-2013-4299,CVE-2013-4579,CVE-2013-6382,CVE-2013-7339,CVE-2014-0055,CVE-2014-0077,CVE-2014-0101,CVE-2014-0131,CVE-2014-0155,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1874,CVE-2014-2309,CVE-2014-2523,CVE-2014-2678,CVE-2014-2851,CVE-2014-3122,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656
Sources used:
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    kernel-bigsmp-3.0.101-0.35.1
SUSE Linux Enterprise Server 11 SP3 (src):    iscsitarget-1.4.20-0.38.63, kernel-bigsmp-3.0.101-0.35.1, ofed-1.5.4.1-0.13.69, oracleasm-2.0.5-7.39.71
SUSE Linux Enterprise High Availability Extension 11 SP3 (src):    cluster-network-1.4-2.27.78, drbd-kmp-8.4.4-0.22.44, gfs2-2-0.16.84, ocfs2-1.6-0.20.78
SUSE Linux Enterprise Desktop 11 SP3 (src):    kernel-bigsmp-3.0.101-0.35.1
SLE 11 SERVER Unsupported Extras (src):    kernel-bigsmp-3.0.101-0.35.1

Comment 39 Swamp Workflow Management 2014-07-17 02:38:59 UTC

SUSE-SU-2014:0908-1: An update that solves 30 vulnerabilities and has 76 fixes is now available.

Category: security (important)
Bug References: 767610,786450,792271,821619,832710,837563,840524,846404,846690,847652,850915,851426,851603,852553,855126,857926,858869,858870,858872,859840,861636,861980,862429,862934,863300,863335,863410,863873,864404,864464,865310,865330,865882,866081,866102,866615,866800,866864,867362,867517,867531,867723,867953,868488,868528,868653,868748,869033,869414,869563,869934,870173,870335,870450,870496,870498,870576,870591,870618,870877,870958,871561,871634,871676,871728,871854,871861,871899,872188,872540,872634,873061,873374,873463,874108,874145,874440,874577,875386,876102,876114,876176,876463,877013,877257,877497,877775,878115,878123,878274,878407,878509,879921,879957,880007,880357,880437,880484,881571,881761,881939,882324,883380,883724,883795,885725
CVE References: CVE-2012-2372,CVE-2013-2929,CVE-2013-4299,CVE-2013-4579,CVE-2013-6382,CVE-2013-7339,CVE-2014-0055,CVE-2014-0077,CVE-2014-0101,CVE-2014-0131,CVE-2014-0155,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1874,CVE-2014-2309,CVE-2014-2523,CVE-2014-2678,CVE-2014-2851,CVE-2014-3122,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4508,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4699
Sources used:
SUSE Linux Enterprise Real Time Extension 11 SP3 (src):    cluster-network-1.4-2.27.79, drbd-kmp-8.4.4-0.22.45, iscsitarget-1.4.20-0.38.64, kernel-rt-3.0.101.rt130-0.24.1, kernel-rt_trace-3.0.101.rt130-0.24.1, kernel-source-rt-3.0.101.rt130-0.24.1, kernel-syms-rt-3.0.101.rt130-0.24.1, lttng-modules-2.1.1-0.11.57, ocfs2-1.6-0.20.79, ofed-1.5.4.1-0.13.70

Comment 40 Swamp Workflow Management 2014-07-17 03:13:53 UTC

SUSE-SU-2014:0909-1: An update that solves 30 vulnerabilities and has 76 fixes is now available.

Category: security (important)
Bug References: 767610,786450,792271,821619,832710,837563,840524,846404,846690,847652,850915,851426,851603,852553,855126,857926,858869,858870,858872,859840,861636,861980,862429,862934,863300,863335,863410,863873,864404,864464,865310,865330,865882,866081,866102,866615,866800,866864,867362,867517,867531,867723,867953,868488,868528,868653,868748,869033,869414,869563,869934,870173,870335,870450,870496,870498,870576,870591,870618,870877,870958,871561,871634,871676,871728,871854,871861,871899,872188,872540,872634,873061,873374,873463,874108,874145,874440,874577,875386,876102,876114,876176,876463,877013,877257,877497,877775,878115,878123,878274,878407,878509,879921,879957,880007,880357,880437,880484,881571,881761,881939,882324,883380,883724,883795,885725
CVE References: CVE-2012-2372,CVE-2013-2929,CVE-2013-4299,CVE-2013-4579,CVE-2013-6382,CVE-2013-7339,CVE-2014-0055,CVE-2014-0077,CVE-2014-0101,CVE-2014-0131,CVE-2014-0155,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1874,CVE-2014-2309,CVE-2014-2523,CVE-2014-2678,CVE-2014-2851,CVE-2014-3122,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4508,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4699
Sources used:
SUSE Linux Enterprise Real Time Extension 11 SP3 (src):    cluster-network-1.4-2.27.79, drbd-kmp-8.4.4-0.22.45, iscsitarget-1.4.20-0.38.64, kernel-rt-3.0.101.rt130-0.24.1, kernel-rt_trace-3.0.101.rt130-0.24.1, kernel-source-rt-3.0.101.rt130-0.24.1, kernel-syms-rt-3.0.101.rt130-0.24.1, lttng-modules-2.1.1-0.11.57, ocfs2-1.6-0.20.79, ofed-1.5.4.1-0.13.70

Comment 41 Swamp Workflow Management 2014-07-17 03:45:57 UTC

SUSE-SU-2014:0910-1: An update that solves 29 vulnerabilities and has 76 fixes is now available.

Category: security (important)
Bug References: 767610,786450,792271,821619,832710,837563,840524,846404,846690,847652,850915,851426,851603,852553,855126,857926,858869,858870,858872,859840,861636,861980,862429,862934,863300,863335,863410,863873,864404,864464,865310,865330,865882,866081,866102,866615,866800,866864,867362,867517,867531,867723,867953,868488,868528,868653,868748,869033,869414,869563,869934,870173,870335,870450,870496,870498,870576,870591,870618,870877,870958,871561,871634,871676,871728,871854,871861,871899,872188,872540,872634,873061,873374,873463,874108,874145,874440,874577,875386,876102,876114,876176,876463,877013,877257,877497,877775,878115,878123,878274,878407,878509,879921,879957,880007,880357,880437,880484,881571,881761,881939,882324,883380,883795,885725
CVE References: CVE-2012-2372,CVE-2013-2929,CVE-2013-4299,CVE-2013-4579,CVE-2013-6382,CVE-2013-7339,CVE-2014-0055,CVE-2014-0077,CVE-2014-0101,CVE-2014-0131,CVE-2014-0155,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1874,CVE-2014-2309,CVE-2014-2523,CVE-2014-2678,CVE-2014-2851,CVE-2014-3122,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4699
Sources used:
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    kernel-default-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-source-3.0.101-0.35.1, kernel-syms-3.0.101-0.35.1, kernel-trace-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1
SUSE Linux Enterprise Server 11 SP3 (src):    kernel-default-3.0.101-0.35.1, kernel-ec2-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-ppc64-3.0.101-0.35.1, kernel-source-3.0.101-0.35.1, kernel-syms-3.0.101-0.35.1, kernel-trace-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1, xen-4.2.4_02-0.7.45
SUSE Linux Enterprise High Availability Extension 11 SP3 (src):    cluster-network-1.4-2.27.78, gfs2-2-0.16.84, ocfs2-1.6-0.20.78
SUSE Linux Enterprise Desktop 11 SP3 (src):    kernel-default-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-source-3.0.101-0.35.1, kernel-syms-3.0.101-0.35.1, kernel-trace-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1, xen-4.2.4_02-0.7.45
SLE 11 SERVER Unsupported Extras (src):    kernel-default-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-ppc64-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1

Comment 42 Swamp Workflow Management 2014-07-17 04:14:19 UTC

Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (ia64)

Comment 43 Swamp Workflow Management 2014-07-17 04:37:27 UTC

SUSE-SU-2014:0911-1: An update that solves 29 vulnerabilities and has 76 fixes is now available.

Category: security (important)
Bug References: 767610,786450,792271,821619,832710,837563,840524,846404,846690,847652,850915,851426,851603,852553,855126,857926,858869,858870,858872,859840,861636,861980,862429,862934,863300,863335,863410,863873,864404,864464,865310,865330,865882,866081,866102,866615,866800,866864,867362,867517,867531,867723,867953,868488,868528,868653,868748,869033,869414,869563,869934,870173,870335,870450,870496,870498,870576,870591,870618,870877,870958,871561,871634,871676,871728,871854,871861,871899,872188,872540,872634,873061,873374,873463,874108,874145,874440,874577,875386,876102,876114,876176,876463,877013,877257,877497,877775,878115,878123,878274,878407,878509,879921,879957,880007,880357,880437,880484,881571,881761,881939,882324,883380,883795,885725
CVE References: CVE-2012-2372,CVE-2013-2929,CVE-2013-4299,CVE-2013-4579,CVE-2013-6382,CVE-2013-7339,CVE-2014-0055,CVE-2014-0077,CVE-2014-0101,CVE-2014-0131,CVE-2014-0155,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1874,CVE-2014-2309,CVE-2014-2523,CVE-2014-2678,CVE-2014-2851,CVE-2014-3122,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4699
Sources used:
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    kernel-default-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-source-3.0.101-0.35.1, kernel-syms-3.0.101-0.35.1, kernel-trace-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1
SUSE Linux Enterprise Server 11 SP3 (src):    kernel-default-3.0.101-0.35.1, kernel-ec2-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-ppc64-3.0.101-0.35.1, kernel-source-3.0.101-0.35.1, kernel-syms-3.0.101-0.35.1, kernel-trace-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1, xen-4.2.4_02-0.7.45
SUSE Linux Enterprise High Availability Extension 11 SP3 (src):    cluster-network-1.4-2.27.78, gfs2-2-0.16.84, ocfs2-1.6-0.20.78
SUSE Linux Enterprise Desktop 11 SP3 (src):    kernel-default-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-source-3.0.101-0.35.1, kernel-syms-3.0.101-0.35.1, kernel-trace-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1, xen-4.2.4_02-0.7.45
SLE 11 SERVER Unsupported Extras (src):    kernel-default-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-ppc64-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1

Comment 44 Swamp Workflow Management 2014-07-17 05:12:51 UTC

Update released for: kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)

Comment 45 Swamp Workflow Management 2014-07-17 05:12:55 UTC

SUSE-SU-2014:0912-1: An update that solves 29 vulnerabilities and has 76 fixes is now available.

Category: security (important)
Bug References: 767610,786450,792271,821619,832710,837563,840524,846404,846690,847652,850915,851426,851603,852553,855126,857926,858869,858870,858872,859840,861636,861980,862429,862934,863300,863335,863410,863873,864404,864464,865310,865330,865882,866081,866102,866615,866800,866864,867362,867517,867531,867723,867953,868488,868528,868653,868748,869033,869414,869563,869934,870173,870335,870450,870496,870498,870576,870591,870618,870877,870958,871561,871634,871676,871728,871854,871861,871899,872188,872540,872634,873061,873374,873463,874108,874145,874440,874577,875386,876102,876114,876176,876463,877013,877257,877497,877775,878115,878123,878274,878407,878509,879921,879957,880007,880357,880437,880484,881571,881761,881939,882324,883380,883795,885725
CVE References: CVE-2012-2372,CVE-2013-2929,CVE-2013-4299,CVE-2013-4579,CVE-2013-6382,CVE-2013-7339,CVE-2014-0055,CVE-2014-0077,CVE-2014-0101,CVE-2014-0131,CVE-2014-0155,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1874,CVE-2014-2309,CVE-2014-2523,CVE-2014-2678,CVE-2014-2851,CVE-2014-3122,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4699
Sources used:
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    kernel-default-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-source-3.0.101-0.35.1, kernel-syms-3.0.101-0.35.1, kernel-trace-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1
SUSE Linux Enterprise Server 11 SP3 (src):    kernel-default-3.0.101-0.35.1, kernel-ec2-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-ppc64-3.0.101-0.35.1, kernel-source-3.0.101-0.35.1, kernel-syms-3.0.101-0.35.1, kernel-trace-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1, xen-4.2.4_02-0.7.45
SUSE Linux Enterprise High Availability Extension 11 SP3 (src):    cluster-network-1.4-2.27.78, gfs2-2-0.16.84, ocfs2-1.6-0.20.78
SUSE Linux Enterprise Desktop 11 SP3 (src):    kernel-default-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-source-3.0.101-0.35.1, kernel-syms-3.0.101-0.35.1, kernel-trace-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1, xen-4.2.4_02-0.7.45
SLE 11 SERVER Unsupported Extras (src):    kernel-default-3.0.101-0.35.1, kernel-pae-3.0.101-0.35.1, kernel-ppc64-3.0.101-0.35.1, kernel-xen-3.0.101-0.35.1

Comment 46 Swamp Workflow Management 2014-07-17 05:58:27 UTC

Update released for: kernel-bigsmp-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)

Comment 47 Swamp Workflow Management 2014-07-17 06:47:03 UTC

Update released for: kernel-default-extra, kernel-ppc64-extra
Products:
SLE-SERVER 11-EXTRA (ppc64)

Comment 48 Swamp Workflow Management 2014-07-17 07:14:23 UTC

Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)

Comment 49 Swamp Workflow Management 2014-07-17 08:23:30 UTC

Update released for: kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)