ALT-BU-2014-2609-1
Branch p7 update bulletin.
Package kernel-image-un-def updated to version 3.13.5-alt1 for branch p7 in task 115261.
Closed vulnerabilities
BDU:2015-04307
Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
- CVE-2012-2372
- CVE-2013-2929
- CVE-2013-4299
- CVE-2013-4579
- CVE-2013-6382
- CVE-2013-7339
- CVE-2014-0055
- CVE-2014-0077
- CVE-2014-0101
- CVE-2014-0131
- CVE-2014-0155
- CVE-2014-1444
- CVE-2014-1445
- CVE-2014-1446
- CVE-2014-1874
- CVE-2014-2309
- CVE-2014-2523
- CVE-2014-2678
- CVE-2014-2851
- CVE-2014-3122
- CVE-2014-3144
- CVE-2014-3145
- CVE-2014-3917
- CVE-2014-4652
- CVE-2014-4653
- CVE-2014-4654
- CVE-2014-4655
- CVE-2014-4656
- CVE-2014-4699
BDU:2015-04308
Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
- CVE-2012-2372
- CVE-2013-2929
- CVE-2013-4299
- CVE-2013-4579
- CVE-2013-6382
- CVE-2013-7339
- CVE-2014-0055
- CVE-2014-0077
- CVE-2014-0101
- CVE-2014-0131
- CVE-2014-0155
- CVE-2014-1444
- CVE-2014-1445
- CVE-2014-1446
- CVE-2014-1874
- CVE-2014-2309
- CVE-2014-2523
- CVE-2014-2678
- CVE-2014-2851
- CVE-2014-3122
- CVE-2014-3144
- CVE-2014-3145
- CVE-2014-3917
- CVE-2014-4652
- CVE-2014-4653
- CVE-2014-4654
- CVE-2014-4655
- CVE-2014-4656
- CVE-2014-4699
BDU:2015-04309
Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
- CVE-2012-2372
- CVE-2013-2929
- CVE-2013-4299
- CVE-2013-4579
- CVE-2013-6382
- CVE-2013-7339
- CVE-2014-0055
- CVE-2014-0077
- CVE-2014-0101
- CVE-2014-0131
- CVE-2014-0155
- CVE-2014-1444
- CVE-2014-1445
- CVE-2014-1446
- CVE-2014-1874
- CVE-2014-2309
- CVE-2014-2523
- CVE-2014-2678
- CVE-2014-2851
- CVE-2014-3122
- CVE-2014-3144
- CVE-2014-3145
- CVE-2014-3917
- CVE-2014-4652
- CVE-2014-4653
- CVE-2014-4654
- CVE-2014-4655
- CVE-2014-4656
- CVE-2014-4699
BDU:2015-04310
Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
- CVE-2012-2372
- CVE-2013-2929
- CVE-2013-4299
- CVE-2013-4579
- CVE-2013-6382
- CVE-2013-7339
- CVE-2014-0055
- CVE-2014-0077
- CVE-2014-0101
- CVE-2014-0131
- CVE-2014-0155
- CVE-2014-1444
- CVE-2014-1445
- CVE-2014-1446
- CVE-2014-1874
- CVE-2014-2309
- CVE-2014-2523
- CVE-2014-2678
- CVE-2014-2851
- CVE-2014-3122
- CVE-2014-3144
- CVE-2014-3145
- CVE-2014-3917
- CVE-2014-4652
- CVE-2014-4653
- CVE-2014-4654
- CVE-2014-4655
- CVE-2014-4656
- CVE-2014-4699
Modified: 2024-11-21
CVE-2014-1874
The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context.
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2172fa709ab32ca60e86179dc67d0857be8e2c98
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2172fa709ab32ca60e86179dc67d0857be8e2c98
- http://linux.oracle.com/errata/ELSA-2014-0771.html
- http://linux.oracle.com/errata/ELSA-2014-0771.html
- http://linux.oracle.com/errata/ELSA-2014-3043.html
- http://linux.oracle.com/errata/ELSA-2014-3043.html
- SUSE-SU-2015:0812
- SUSE-SU-2015:0812
- 59262
- 59262
- 59309
- 59309
- 59406
- 59406
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.4
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.4
- [oss-security] 20140206 Re: CVE Request: Linux kernel: SELinux local DoS
- [oss-security] 20140206 Re: CVE Request: Linux kernel: SELinux local DoS
- 65459
- 65459
- USN-2128-1
- USN-2128-1
- USN-2129-1
- USN-2129-1
- USN-2133-1
- USN-2133-1
- USN-2134-1
- USN-2134-1
- USN-2135-1
- USN-2135-1
- USN-2136-1
- USN-2136-1
- USN-2137-1
- USN-2137-1
- USN-2138-1
- USN-2138-1
- USN-2139-1
- USN-2139-1
- USN-2140-1
- USN-2140-1
- USN-2141-1
- USN-2141-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1062356
- https://bugzilla.redhat.com/show_bug.cgi?id=1062356
- https://github.com/torvalds/linux/commit/2172fa709ab32ca60e86179dc67d0857be8e2c98
- https://github.com/torvalds/linux/commit/2172fa709ab32ca60e86179dc67d0857be8e2c98
Modified: 2024-11-21
CVE-2014-2039
arch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the s390 platform does not properly handle attempted use of the linkage stack, which allows local users to cause a denial of service (system crash) by executing a crafted instruction.
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d7f6690cedb83456edd41c9bd583783f0703bf0
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d7f6690cedb83456edd41c9bd583783f0703bf0
- http://linux.oracle.com/errata/ELSA-2014-0771.html
- http://linux.oracle.com/errata/ELSA-2014-0771.html
- 59262
- 59262
- 59309
- 59309
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.5
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.5
- [oss-security] 20140220 Re: CVE Request: Linux kernel: s390: crash due to linkage stack instruction
- [oss-security] 20140220 Re: CVE Request: Linux kernel: s390: crash due to linkage stack instruction
- 65700
- 65700
- https://bugzilla.redhat.com/show_bug.cgi?id=1067558
- https://bugzilla.redhat.com/show_bug.cgi?id=1067558
- https://github.com/torvalds/linux/commit/8d7f6690cedb83456edd41c9bd583783f0703bf0
- https://github.com/torvalds/linux/commit/8d7f6690cedb83456edd41c9bd583783f0703bf0
Modified: 2024-11-21
CVE-2014-8709
The ieee80211_fragment function in net/mac80211/tx.c in the Linux kernel before 3.13.5 does not properly maintain a certain tail pointer, which allows remote attackers to obtain sensitive cleartext information by reading packets.
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=338f977f4eb441e69bb9a46eaa0ac715c931a67f
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=338f977f4eb441e69bb9a46eaa0ac715c931a67f
- SUSE-SU-2015:0481
- SUSE-SU-2015:0481
- openSUSE-SU-2015:0566
- openSUSE-SU-2015:0566
- SUSE-SU-2015:0652
- SUSE-SU-2015:0652
- RHSA-2015:0290
- RHSA-2015:0290
- RHSA-2015:1272
- RHSA-2015:1272
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.5
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.5
- [oss-security] 20141109 Re: CVE Request: Linux kernel mac80211 plain text leak
- [oss-security] 20141109 Re: CVE Request: Linux kernel mac80211 plain text leak
- 70965
- 70965
- 1037968
- 1037968
- linux-kernel-cve20148709-info-disclsoure(98922)
- linux-kernel-cve20148709-info-disclsoure(98922)
- https://github.com/torvalds/linux/commit/338f977f4eb441e69bb9a46eaa0ac715c931a67f
- https://github.com/torvalds/linux/commit/338f977f4eb441e69bb9a46eaa0ac715c931a67f
- https://source.android.com/security/bulletin/2017-03-01.html
- https://source.android.com/security/bulletin/2017-03-01.html
Modified: 2024-11-21
CVE-2015-4170
Race condition in the ldsem_cmpxchg function in drivers/tty/tty_ldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service (ldsem_down_read and ldsem_down_write deadlock) by establishing a new tty thread during shutdown of a previous tty thread.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cf872776fc84128bb779ce2b83a37c884c3203ae
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cf872776fc84128bb779ce2b83a37c884c3203ae
- [oss-security] 20150526 CVE request: vulnerability in the kernel tty subsystem.
- [oss-security] 20150526 CVE request: vulnerability in the kernel tty subsystem.
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- 74820
- 74820
- RHSA-2016:1395
- RHSA-2016:1395
- https://bugzilla.redhat.com/show_bug.cgi?id=1218879
- https://bugzilla.redhat.com/show_bug.cgi?id=1218879
- https://github.com/torvalds/linux/commit/cf872776fc84128bb779ce2b83a37c884c3203ae
- https://github.com/torvalds/linux/commit/cf872776fc84128bb779ce2b83a37c884c3203ae
- https://www.kernel.org/pub/linux/kernel/next/patch-v3.13-rc4-next-20131218.xz
- https://www.kernel.org/pub/linux/kernel/next/patch-v3.13-rc4-next-20131218.xz
Package php5-gmagick updated to version 5.3.27.20130711-alt0.M70P.2 for branch p7 in task 115164.
Closed bugs
Новую версию PECL GMagick