User: Password:
|
|
Subscribe / Log in / New account

SuSE alert SUSE-SA:2006:057 (kernel)

From:  Marcus Meissner <meissner@suse.de>
To:  suse-security-announce@suse.com
Subject:  [suse-security-announce] SUSE Security Announcement: kernel security problems (SUSE-SA:2006:057)
Date:  Thu, 28 Sep 2006 17:11:10 +0200

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: kernel Announcement ID: SUSE-SA:2006:057 Date: Thu, 28 Sep 2006 17:00:00 +0000 Affected Products: Novell Linux Desktop 9 Novell Linux POS 9 Open Enterprise Server SUSE LINUX 10.1 SUSE LINUX 10.0 SUSE LINUX 9.3 SUSE LINUX 9.2 SUSE SLE 10 DEBUGINFO SUSE SLED 10 SUSE SLES 10 SUSE SLES 9 Vulnerability Type: remote denial of service Severity (1-10): 7 SUSE Default Package: yes Cross-References: CVE-2006-3468, CVE-2006-3745, CVE-2006-4093 Content of This Advisory: 1) Security Vulnerability Resolved: various kernel security problems Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion Various security problems were found and fixed in the Linux kernel. We have released updates for following distributions: - SUSE Linux Enterprise Server 9 (on September 21st) - SUSE Linux Enterprise 10 (on September 26th) - SUSE Linux 9.2 up to 10.1 (on September 14th) The SUSE Linux Enterprise Server 10 kernel for the S/390 platform is still pending due to platform specific issues found in QA and waiting for further analysis. Following security issues have been addressed: - CVE-2006-3745: A double user space copy in a SCTP ioctl allows local attackers to overflow a buffer in the kernel, potentially allowing code execution and privilege escalation. - CVE-2006-4093: Local attackers were able to crash PowerPC systems with PPC970 processor using a not correctly disabled privileged instruction ("attn"). - CVE-2006-3468: Remote attackers able to access an NFS of a ext2 or ext3 filesystem can cause a denial of service (file system panic) via a crafted UDP packet with a V2 look up procedure that specifies a bad file handle (inode number), which triggers an error and causes an exported directory to be remounted read-only. - Matthias Andree reported a deadlock in the NFS lockd to us, where a remote attacker with access to lockd was able to at least crash the lockd kernel process and so render NFS exports from this server unusable. This problem existed only in the SUSE Linux 9.2 up to 10.0 kernels. The SUSE Linux Enterprise kernels also received a number of bugfixes, not listed here (please refer to the Novell TID pages listed below). 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes None. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. x86 Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-b... 26ee41f91791f2960f43e0d2c34cf111 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-d... c647ad25d5138e1d283fa02531b7c612 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-d... 0655ceb69b59943d93d63e07f803af34 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-k... 9f274f216d6d980d71925298198f89ff ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-s... 3bbed65fe2d793be471ec0ebca9489bf ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-s... ea0ca06ddd13803a4854bb953127b4e7 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-s... e719ca56ca6b03db836251aa2f42c193 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-u... d64bdf65439078f98c8167ebc8d40eff ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-x... 73ef09479e7dd484e039c99090ce532f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-x... a2127a9be7804e4c6ff781fa25a0f669 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kexec-to... 8ab73349be3faecc0b5ead1f1d43a8ce ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kexec-to... 9f749594cb21038f6d1ede1122471521 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mkinitrd... 8cac732b2aa56ee7ca4e2a805d9e1ba0 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mkinitrd... 2fe40e6a58b5efb8c40343bb2c869d83 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/multipat... 5f560930255f944ec2f977884952571a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/multipat... ddf0978610451b0a053069fdf4bc6e73 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/open-isc... 7e1a2256a99b7bdc25519855a5e28234 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/open-isc... 6c7b0c7a2da71842535c8ec370552e27 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/udev-085... 2131ff74613d4b96f3f4c3c9549bdc91 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/udev-085... 2f1789a0213dcc06d7cacc5413fbf6af SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/Int... 2af14df978db016abff71394be91f3d8 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ker... 4ec46129e95f86d1923b7ca09fb1de7e ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ker... a85f38ca6fd0249e04d218ebe3c04b4f ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ker... 95fb71b8087ed73337b2a3a30ff5b7fc ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ker... ff0e216a784386933362bf7db380b819 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ker... 4b545ecf3e2ef7b3d02bdc130afe61a7 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ker... 040a65937bea52ee354a44c6e8ea0dd5 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ker... b99214d91edb56eefac0fd7502485e6e ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ker... 850a089ddb0a6c97ad78a88a04e45820 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ker... ba0afa63f5cccc66c6a6270264b04894 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ker... fc0157febbcff6f2fb3b8e596ec22bdf ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ker... b50f100866a55617e3b6724740c0dd41 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ker... ccd26549d72a980c616583c4c552dc9b ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/um-... 3b63fca8d78139ecedc8627707b1588d SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/Inte... 2b8178c9b01b851ba8f5a9ecdcc6f6a4 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kern... 152d28fee5c9cd4fb778a8a4c3660226 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kern... 2d60e8b3eb5668cecb80299d0d88aa33 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kern... 416ff9c4f2fc7dea1cbdc03c6e862351 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kern... 25faa5a8ec4792f9fe81730be064542b ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kern... 318179da1b704cb58d56c2b788918406 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kern... 3431140892a4af27a15bba7cf3941342 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kern... 3d4450f5875e2b373a041dd012d4e597 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kern... 1db4ce873dd95631365d2d15b0cfe202 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kern... 8dd722f05ef44b48f11980dcbf7b6739 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kern... 7ead5d3f4e87183b5a746e63bb3af48c ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kern... ce09371496e027006e0a693a56bbdbbb ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kern... f391d767e4cb4ada285618d95be3e23c ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/ltmo... 4cdc5561fd4f17991f710e179ba76cac ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/um-h... 9fcc211d480cb3cbdb1555d70b0f7bb9 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/um-h... ec605260f319746da30a892839b7c1c1 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/Inte... 038656a7cce85c5c86985d15ba0e556d ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kern... 7894bdea230a27609e922430f61ef8c1 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kern... a245181f7371eb502c34365d42dc8b3a ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kern... 46bb52ad6dd33ba0c54d00f132b8657d ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kern... e6f18530619112a4a870f8fb2fe4dc44 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kern... 7f9e8b77ee9aef4f7076ad578d623cb0 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kern... cf7d45606257c1a28f19e77d9f27d0d4 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kern... f0f1443dd8e7642f2d215cb0fef4a74c ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kern... 52a6cd1a67bfd3b3523f71ff5593fddb ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kern... f8ddfaedc0c27a7f7f2635992908e11b ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kern... 655a456ed974b72b307194fd21e730ee ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/ltmo... 185b53741ed424c4763bddf5015e0535 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/um-h... 8ae192eefa7d9760045f6d57ea3d3c02 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/um-h... 6e9c55225262d3b3a03f79dff3644241 Platform Independent: SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/noarch/ke... 0fad36276d5bae4fc03610c0719a077d SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/noarch/ke... 123eadba5982d48938ff49b75d8bfd93 Power PC Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-de... 20b5b086a22f22fae0b91d12798b39df ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-is... 64d801cdcd4bfdde674ec72c398e7420 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-kd... 237576cf62c8d529d42cc6d5c687f703 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-pp... 417368a7cfaba1f67122974224f4cd71 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-so... 2c14c599f55356d0bd8241c0043fe560 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-sy... d52c2745e3a20d985cf2a3bb6ac65fde ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mkinitrd-... a7beef801eeb05247bccf4dddea5f48d ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mkinitrd-... 3cb51185fccc353b29c746fb90959cd0 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/multipath... 83a1fc32e74747fd612af24cd46ac943 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/multipath... 6d9721cccbd73f0949c488de60d2723f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/open-iscs... 0bbcac956f8ac2a799b9b3d1a39cc84b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/open-iscs... 75c1c4739d87ea4b7dc9b7dad427c0d0 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/udev-085-... 781bc7be83179f251ba5514793425c4c ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/udev-085-... 86dc31bcd413ef0ccc98966a41fd6c07 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kern... 6fdc8658c4605aa4800a3a50f57460fd ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kern... c90240b82bfa0bd20e20a1000fca9207 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kern... 21d8fffc3d831ac395d293ce434a3101 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kern... 96d98884803aad3c0d6886a208a5d16d ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kern... 188959ddae5c169c6c745ed0619f4c1b x86-64 Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel... 407fa7974e9042fa81f3a1ece4b64894 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel... e38811a6f40c5bb0b5e38bafaeb2a30e ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel... a4954cd4dbc27ed99453119749075228 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel... 86ea460aeb5f7749bc0ea8e2f5d7f986 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel... 8e3f29905322d570b0f22dd440f15d5a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel... b5fb7d58c39ed10cf9a78edf6c6b0e57 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel... e61f4590776bf88a83480f22396e2353 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kexec-... a0097406eb277a8a126f182e83acad9f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kexec-... 64b12b3c69f02f981484941e09dd1305 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mkinit... c3d37645b7b2be4906d5183e69407196 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mkinit... 12837d37eaa3234edeaba256472943ea ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/multip... 11b9458db5cd66552811d0da052e47a9 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/multip... 8f3f08bdc5896c3f0fc8ab629b8845d0 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/open-i... 1523eed567a3e8413ea01253c750e1f3 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/open-i... 1e882a55477b9ad85ee43e0d7185571d ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/udev-0... 18bd9ae1d14e1f7cde21ef302c007f2f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/udev-0... d2573b55f593de8d1695d3a41182ac5c SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/k... 07e8e89fc66fe07f36e4d4e09f70a7cb ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/k... 30b8b37d91e9c90e88a7d98d597e418c ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/k... 3cd105d707c55c893cf8f20d9e57bfe1 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/k... 2affd3ce1908e4f20260f70a7b65f540 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/k... ba3484999dc5acdd02d61ce251031f02 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/k... 8a84195236b9daf739776049eb163454 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/k... 9c84162cb6a4648206eb17d59dd193bc ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/k... eca45a94e1400b2ed794f45c963a02e3 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/ke... 7516001db6c4da22c1311a4c6fbb81d5 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/ke... b5be7f122d6b333e730eaf33dfc2ec32 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/ke... cb5ad4009bb96c8e60733f7732626d7c ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/ke... e2656b47c8745963677435f4e379092c ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/ke... 2329c9588f91a765e671b9db01cddcf8 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/ke... 7a393b3bdf27d0c1f7bd236ed0dd6805 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/ke... 746c1b1f8080aadb9c6224ed3e2cdbb5 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/ke... 2e022be7d2f48f73ca28e8ed0e53f6ff ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/ke... c9ba42011cf7fe08bf4528cd20cc13c3 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/ke... 37dba688d48ac29f86889b82af1fc803 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/ke... b9ab803971d96f20c0cfdc5970a59912 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/ke... 0edad8e927be3183d3c32c5530202693 Sources: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-bi... 02047b35925ab3e1ad77152469b5fcfe ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-de... db7a4a3de5958502cb1a0271c218d972 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-de... e0a654f9bf9c0c632a52c77aa7352d08 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-is... 7908e6d951e39975d3eb6c92c1bc37e9 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-kd... 8be0d70f4f6a1965ad9c3bd6550c800a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-pp... 167c55c6967fa50bdd93f78883832d03 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-sm... 007dcc251e8d77fde2fb2d16b54e0c09 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-so... 75d155d775f982603a03d7fc81540865 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-sy... 570ad5f425bd98d328930c073a5592c1 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-um... ee91eb16467c7080a153550f6731665b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-xe... 2de232b8508674051fe96476aad1d122 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-xe... 4cb0833d3f1f60544858a129240adda6 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kexec-too... 0f29b25c5c5a6c2cc9fcbc23c53f3479 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kexec-too... 45e46db0edafd400bfdab8b58fd206ec ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/mkinitrd-... b28e2812bcbb47e8d3666838513675a6 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/mkinitrd-... aa1e25d84eca64c10f825dde7fb2208a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/multipath... 85607a495f3a69e8335a5c0e69c421d3 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/multipath... e7a66c40e16808d5cc72c7637e378637 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/open-iscs... 3394b2319cd4cda72161db7977ed2359 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/open-iscs... 10646530f2302ece6e597129dd24113f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/udev-085-... 24b94ef552acc2d43f0588c630a1e9b0 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/udev-085-... ad593e66581e0b905050a15cc7a65fb8 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/Inte... 5ae584684e85f709d4a871f4de6c4df4 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kern... a3f82ff354aa48d0721f26b14859f27b ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kern... e9b63dc3399d8ddfb649e0aeec323372 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kern... 13248d29e9cdbed7d90bbc8d6cbc08d6 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kern... 8011760bc1e22c87fd2f3f3fad2d4d45 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kern... 3e9c1ff772c853e74b3311ffff6a60d2 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kern... 151894265d76bef5b295f16d99e0ef16 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kern... b20b08230e3f7f9f4e685d567f023919 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kern... 3b2d4f9d0a5e3131fc355ed38942a65d ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kern... 84cc165050a33e8ebe7bb8adaa0dd9c3 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kern... ee4e5fc534f0f34d925b309945721342 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/Intel... a8cafba62a93b64bc38fc79615b6d590 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kerne... 44d3eea6d288f9edc59fcc5f6dea4178 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kerne... 62748061a37469af50b7b9e2fc5fe795 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kerne... ecc6e515a2604d9099abf33c94432d65 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kerne... fad50e98426d6abbb246017a1627a692 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kerne... 8c6e300fafb0e1387a0f00c817190da2 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kerne... 00b0d5d6ec6dbd3cd7eca40f27bdb57f ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kerne... 9877dbacf6298140c1489bb9bdfd11c6 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kerne... a45d90badc71f999edf2faf759890895 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/ltmod... 722f60ef83aeba40e56a2f1d89fc3d37 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/um-ho... 762d225dd1465436e7b854a35ea1a93e SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/Intel... 35a62f1a4ffb10b4cada1980d82cf45f ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/kerne... d26b9bc28d4a47189422952f63c27113 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/kerne... f2d21ad973085053bd882a0f53733678 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/kerne... 8a13bf708aa71befa8ffc7e8ffcf722d ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/kerne... 27651472ede629d5276e818e7189de51 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/kerne... 74181284da47a0164a5314a22c6922c0 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/kerne... 16d3393e60b6f5c9dcb5dd836a9f332b ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/kerne... cc2ae39d0bf5dd0d00100e66a6867edc ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/ltmod... b0b40a64fb09d2969564b281f1a168d9 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/um-ho... fb30549494b3c02fd9e7bcb0d31487af Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: SUSE SLED 10 for AMD64 and Intel EM64T http://support.novell.com/techcenter/psdb/c36e25c3bc040fa... SUSE SLES 10 http://support.novell.com/techcenter/psdb/c36e25c3bc040fa... http://support.novell.com/techcenter/psdb/7d34da485234260... http://support.novell.com/techcenter/psdb/5f920b87f4abe21... http://support.novell.com/techcenter/psdb/897ffd66535d805... SUSE SLED 10 http://support.novell.com/techcenter/psdb/c36e25c3bc040fa... http://support.novell.com/techcenter/psdb/897ffd66535d805... SUSE SLED 10 for x86 http://support.novell.com/techcenter/psdb/897ffd66535d805... SUSE CORE 9 for IBM zSeries 64bit http://support.novell.com/techcenter/psdb/14f276ed108cb62... SUSE CORE 9 for IBM S/390 31bit http://support.novell.com/techcenter/psdb/d501672f20f1f46... SUSE CORE 9 for IBM POWER http://support.novell.com/techcenter/psdb/5ba747ab54f313a... SUSE CORE 9 for AMD64 and Intel EM64T http://support.novell.com/techcenter/psdb/261185f7ea10c37... SUSE CORE 9 for Itanium Processor Family http://support.novell.com/techcenter/psdb/b8565f7473b0f60... Novell Linux Desktop 9 http://support.novell.com/techcenter/psdb/261185f7ea10c37... http://support.novell.com/techcenter/psdb/e2ef926c5f7d109... SUSE SLES 9 http://support.novell.com/techcenter/psdb/14f276ed108cb62... http://support.novell.com/techcenter/psdb/d501672f20f1f46... http://support.novell.com/techcenter/psdb/5ba747ab54f313a... http://support.novell.com/techcenter/psdb/261185f7ea10c37... http://support.novell.com/techcenter/psdb/b8565f7473b0f60... http://support.novell.com/techcenter/psdb/e2ef926c5f7d109... Open Enterprise Server http://support.novell.com/techcenter/psdb/e2ef926c5f7d109... http://support.novell.com/techcenter/psdb/25b56bb7bbe0db4... Novell Linux POS 9 http://support.novell.com/techcenter/psdb/e2ef926c5f7d109... http://support.novell.com/techcenter/psdb/25b56bb7bbe0db4... SUSE CORE 9 for x86 http://support.novell.com/techcenter/psdb/e2ef926c5f7d109... http://support.novell.com/techcenter/psdb/25b56bb7bbe0db4... SUSE SLE 10 DEBUGINFO for IBM POWER http://support.novell.com/techcenter/psdb/7d34da485234260... SUSE SLE 10 DEBUGINFO for IPF http://support.novell.com/techcenter/psdb/5f920b87f4abe21... SUSE SLE 10 DEBUGINFO http://support.novell.com/techcenter/psdb/c36e25c3bc040fa... http://support.novell.com/techcenter/psdb/7d34da485234260... http://support.novell.com/techcenter/psdb/5f920b87f4abe21... http://support.novell.com/techcenter/psdb/897ffd66535d805... ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security@suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum <filename.rpm> after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security@suse.de), the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: suse-security@suse.com - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-subscribe@suse.com>. suse-security-announce@suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe@suse.com>. For general information or the frequently asked questions (FAQ), send mail to <suse-security-info@suse.com> or <suse-security-faq@suse.com>. ===================================================================== SUSE's security contact is <security@suse.com> or <security@suse.de>. The <security@suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security@suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build@suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iQEVAwUBRRvl53ey5gA9JdPZAQKJ+Af+Id2deeCw1I90lrdX9kZqCUuQjvF54kF0 5QvfrhMA+sYmaCeopHj69B0U/y1cJWRLUuv0gTEna0Y2mdUsI43BRc46k/COgS9y J7vciNKFBtvSi+9dmhSm/5Z0mX3n5ZGjy2cP/o7Q9ryBu7W56DMcjr/cJIFxINUj fPylPfmw6tWzNDQBOXKx0kvC8v8sdUTXRI8oCeS5ABykE/wlfYA3DluT7t/RwQxg k0//O/cUbFHJl0vcalc9496cLAwVHhiMpzvTrkscB+yWIpz9ktlwoWuh+4QupK89 J1mVzOkRb3NkxLfu9mJi3ec0tvt4wCa5ufZnu++qVNkOC1BtiGpF4Q== =uYoE -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: suse-security-announce-unsubscribe@suse.com For additional commands, e-mail: suse-security-announce-help@suse.com


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds