You are here
Home > Preporuke > Ranjivosti programskog paketa shim

Ranjivosti programskog paketa shim

SUSE Security Update: Security update for shim
______________________________________________________________________________

Announcement ID: SUSE-SU-2014:1619-1
Rating: important
References: #813448 #863205 #866690 #875385 #889332 #889765

Cross-References: CVE-2014-3675 CVE-2014-3676 CVE-2014-3677

Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Desktop 11 SP3
______________________________________________________________________________

An update that solves three vulnerabilities and has three
fixes is now available. It includes two new package
versions.

Description:

shim has been updated to fix three security issues:

* OOB read access when parsing DHCPv6 packets (remote DoS)
(CVE-2014-3675).
* Heap overflow when parsing IPv6 addresses provided by tftp:// DHCPv6
boot option (RCE) (CVE-2014-3676).
* Memory corruption when processing user provided MOK lists
(CVE-2014-3677).

Security Issues:

* CVE-2014-3675
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3675>
* CVE-2014-3676
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3676>
* CVE-2014-3677
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3677>

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Software Development Kit 11 SP3:

zypper in -t patch sdksp3-shim-2014-11-20-9997

– SUSE Linux Enterprise Server 11 SP3 for VMware:

zypper in -t patch slessp3-shim-2014-11-20-9997

– SUSE Linux Enterprise Server 11 SP3:

zypper in -t patch slessp3-shim-2014-11-20-9997

– SUSE Linux Enterprise Desktop 11 SP3:

zypper in -t patch sledsp3-shim-2014-11-20-9997

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Software Development Kit 11 SP3 (x86_64) [New Version: 3.0u]:

gnu-efi-3.0u-0.7.2

– SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64) [New Version: 0.7.318.81ee561d and 3.0u]:

gnu-efi-3.0u-0.7.2
shim-0.7.318.81ee561d-0.9.2

– SUSE Linux Enterprise Server 11 SP3 (x86_64) [New Version: 0.7.318.81ee561d and 3.0u]:

gnu-efi-3.0u-0.7.2
shim-0.7.318.81ee561d-0.9.2

– SUSE Linux Enterprise Desktop 11 SP3 (x86_64) [New Version: 0.7.318.81ee561d]:

shim-0.7.318.81ee561d-0.9.2

References:

http://support.novell.com/security/cve/CVE-2014-3675.html
http://support.novell.com/security/cve/CVE-2014-3676.html
http://support.novell.com/security/cve/CVE-2014-3677.html
https://bugzilla.suse.com/show_bug.cgi?id=813448
https://bugzilla.suse.com/show_bug.cgi?id=863205
https://bugzilla.suse.com/show_bug.cgi?id=866690
https://bugzilla.suse.com/show_bug.cgi?id=875385
https://bugzilla.suse.com/show_bug.cgi?id=889332
https://bugzilla.suse.com/show_bug.cgi?id=889765
http://download.suse.com/patch/finder/?keywords=9aaff893726e6b56bde50850c3154ed1


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

Top
More in Preporuke
Ranjivost programskog paketa graphviz

Otkrivena je ranjivost u funkciji yyerror (lib/cgraph/scan.l) unutar programskog paketa graphviz za Debian uzrokovana neispravnim upravljanjem greškama kod parsiranja. Ranjivost...

Close