You are here
Home > Preporuke > Sigurnosni nedostatak Live Patching servisa

Sigurnosni nedostatak Live Patching servisa

SUSE Security Update: Security update for Linux Kernel Live Patch 0 for SLE 12 SP2
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:1908-1
Rating: important
References: #1008284 #1012183 #1012759 #1012852 #1013543
#1014271 #1019079 #1025013 #1025254 #1030575
#1031481 #1039496
Cross-References: CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________

An update that solves one vulnerability and has 11 fixes is
now available.

Description:

This update for the Linux Kernel 4.4.21-69 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Live Patching 12:

zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1182=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Live Patching 12 (x86_64):

kgraft-patch-4_4_21-69-default-7-21.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1008284
https://bugzilla.suse.com/1012183
https://bugzilla.suse.com/1012759
https://bugzilla.suse.com/1012852
https://bugzilla.suse.com/1013543
https://bugzilla.suse.com/1014271
https://bugzilla.suse.com/1019079
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1025254
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1039496


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 1 for SLE 12 SP2
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:1907-1
Rating: important
References: #1012183 #1012759 #1012852 #1013543 #1014271
#1019079 #1025013 #1025254 #1030575 #1031481
#1039496
Cross-References: CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________

An update that solves one vulnerability and has 10 fixes is
now available.

Description:

This update for the Linux Kernel 4.4.21-81 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Live Patching 12:

zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1183=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Live Patching 12 (x86_64):

kgraft-patch-4_4_21-81-default-7-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1012183
https://bugzilla.suse.com/1012759
https://bugzilla.suse.com/1012852
https://bugzilla.suse.com/1013543
https://bugzilla.suse.com/1014271
https://bugzilla.suse.com/1019079
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1025254
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1039496


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 2 for SLE 12 SP2
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:1913-1
Rating: important
References: #1013543 #1014271 #1019079 #1025013 #1025254
#1030575 #1031481 #1031660 #1039496
Cross-References: CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________

An update that solves one vulnerability and has 8 fixes is
now available.

Description:

This update for the Linux Kernel 4.4.21-84 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Live Patching 12:

zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1184=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Live Patching 12 (x86_64):

kgraft-patch-4_4_21-84-default-6-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1013543
https://bugzilla.suse.com/1014271
https://bugzilla.suse.com/1019079
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1025254
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1031660
https://bugzilla.suse.com/1039496


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 3 for SLE 12 SP2
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:1914-1
Rating: important
References: #1019079 #1025013 #1025254 #1030575 #1031481
#1031660 #1039496
Cross-References: CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________

An update that solves one vulnerability and has 6 fixes is
now available.

Description:

This update for the Linux Kernel 4.4.21-90 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Live Patching 12:

zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1185=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Live Patching 12 (x86_64):

kgraft-patch-4_4_21-90-default-6-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1019079
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1025254
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1031660
https://bugzilla.suse.com/1039496


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
 

 

SUSE Security Update: Security update for Linux Kernel Live Patch 4 for SLE 12 SP2

______________________________________________________________________________

 

Announcement ID:    SUSE-SU-2017:1923-1

Rating:             important

References:         #1019079 #1025013 #1025254 #1030575 #1031481 

                    #1031660 #1039496 

Cross-References:   CVE-2017-1000364

Affected Products:

                    SUSE Linux Enterprise Live Patching 12

______________________________________________________________________________

 

   An update that solves one vulnerability and has 6 fixes is

   now available.

 

Description:

 

   This update for the Linux Kernel 4.4.38-93 fixes several issues.

 

   The following security bugs were fixed:

 

   - CVE-2017-1000364: An issue was discovered in the size of the stack guard

     page on Linux, specifically a 4k stack guard page is not sufficiently

     large and can be “jumped” over (the stack guard page is bypassed)

     (bsc#1039496).

 

 

Patch Instructions:

 

   To install this SUSE Security Update use YaST online_update.

   Alternatively you can run the command listed for your product:

 

   - SUSE Linux Enterprise Live Patching 12:

 

      zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1197=1

 

   To bring your system up-to-date, use “zypper patch”.

 

 

Package List:

 

   - SUSE Linux Enterprise Live Patching 12 (x86_64):

 

      kgraft-patch-4_4_38-93-default-6-3.1

 

 

References:

 

   https://www.suse.com/security/cve/CVE-2017-1000364.html

   https://bugzilla.suse.com/1019079

   https://bugzilla.suse.com/1025013

   https://bugzilla.suse.com/1025254

   https://bugzilla.suse.com/1030575

   https://bugzilla.suse.com/1031481

   https://bugzilla.suse.com/1031660

   https://bugzilla.suse.com/1039496

 

– 

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org

For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

 

SUSE Security Update: Security update for Linux Kernel Live Patch 6 for SLE 12 SP2

______________________________________________________________________________

 

Announcement ID:    SUSE-SU-2017:1925-1

Rating:             important

References:         #1031481 #1031660 #1039496 

Cross-References:   CVE-2017-1000364

Affected Products:

                    SUSE Linux Enterprise Live Patching 12

______________________________________________________________________________

 

   An update that solves one vulnerability and has two fixes

   is now available.

 

Description:

 

   This update for the Linux Kernel 4.4.49-92_14 fixes several issues.

 

   The following security bugs were fixed:

 

   - CVE-2017-1000364: An issue was discovered in the size of the stack guard

     page on Linux, specifically a 4k stack guard page is not sufficiently

     large and can be “jumped” over (the stack guard page is bypassed)

     (bsc#1039496).

 

 

Patch Instructions:

 

   To install this SUSE Security Update use YaST online_update.

   Alternatively you can run the command listed for your product:

 

   - SUSE Linux Enterprise Live Patching 12:

 

      zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1196=1

 

   To bring your system up-to-date, use “zypper patch”.

 

 

Package List:

 

   - SUSE Linux Enterprise Live Patching 12 (x86_64):

 

      kgraft-patch-4_4_49-92_14-default-3-3.1

 

 

References:

 

   https://www.suse.com/security/cve/CVE-2017-1000364.html

   https://bugzilla.suse.com/1031481

   https://bugzilla.suse.com/1031660

   https://bugzilla.suse.com/1039496

 

– 

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org

For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 7 for SLE 12 SP2
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:1904-1
Rating: important
References: #1039496
Cross-References: CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for the Linux Kernel 4.4.59-92_17 fixes one issue.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Live Patching 12:

zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1180=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Live Patching 12 (x86_64):

kgraft-patch-4_4_59-92_17-default-2-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1039496


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 8 for SLE 12 SP1
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:1910-1
Rating: important
References: #1001487 #1012183 #1012759 #1012852 #1013543
#1014271 #1021417 #1025013 #1030575 #1031481
#1039496 #991667
Cross-References: CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has 11 fixes is
now available.

Description:

This update for the Linux Kernel 3.12.62-60_64_8 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12-SP1:

zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1189=1

– SUSE Linux Enterprise Server 12-SP1-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1189=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

kgraft-patch-3_12_62-60_64_8-default-9-3.1
kgraft-patch-3_12_62-60_64_8-xen-9-3.1

– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

kgraft-patch-3_12_62-60_64_8-default-9-3.1
kgraft-patch-3_12_62-60_64_8-xen-9-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1001487
https://bugzilla.suse.com/1012183
https://bugzilla.suse.com/1012759
https://bugzilla.suse.com/1012852
https://bugzilla.suse.com/1013543
https://bugzilla.suse.com/1014271
https://bugzilla.suse.com/1021417
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1039496
https://bugzilla.suse.com/991667


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 8 for SLE 12 SP2
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:1903-1
Rating: important
References: #1039348 #1039496 #1045340 #1045406
Cross-References: CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Live Patching 12
______________________________________________________________________________

An update that solves one vulnerability and has three fixes
is now available.

Description:

This update for the Linux Kernel 4.4.59-92_20 fixes several issues.

The following bugs were fixed:

– CVE-2017-1000364: The previous fix for the stack gap increase tracked by
CVE-2017-1000364 had a regression, which is fixed by this follow up
patch. (bsc#1039496)

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Live Patching 12:

zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1181=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Live Patching 12 (x86_64):

kgraft-patch-4_4_59-92_20-default-2-2.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1039348
https://bugzilla.suse.com/1039496
https://bugzilla.suse.com/1045340
https://bugzilla.suse.com/1045406


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 9 for SLE 12 SP1
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:1909-1
Rating: important
References: #1012183 #1012759 #1012852 #1013543 #1014271
#1021417 #1025013 #1025254 #1030575 #1031481
#1039496
Cross-References: CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has 10 fixes is
now available.

Description:

This update for the Linux Kernel 3.12.67-60_64_18 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12-SP1:

zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1190=1

– SUSE Linux Enterprise Server 12-SP1-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1190=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

kgraft-patch-3_12_67-60_64_18-default-8-3.1
kgraft-patch-3_12_67-60_64_18-xen-8-3.1

– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

kgraft-patch-3_12_67-60_64_18-default-8-3.1
kgraft-patch-3_12_67-60_64_18-xen-8-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1012183
https://bugzilla.suse.com/1012759
https://bugzilla.suse.com/1012852
https://bugzilla.suse.com/1013543
https://bugzilla.suse.com/1014271
https://bugzilla.suse.com/1021417
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1025254
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1039496


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
 

 

SUSE Security Update: Security update for Linux Kernel Live Patch 10 for SLE 12 SP1

______________________________________________________________________________

 

Announcement ID:    SUSE-SU-2017:1946-1

Rating:             important

References:         #1013543 #1014271 #1021417 #1025013 #1025254 

                    #1030575 #1031481 #1031660 #1039496 

Cross-References:   CVE-2017-1000364

Affected Products:

                    SUSE Linux Enterprise Server for SAP 12-SP1

                    SUSE Linux Enterprise Server 12-SP1-LTSS

______________________________________________________________________________

 

   An update that solves one vulnerability and has 8 fixes is

   now available.

 

Description:

 

   This update for the Linux Kernel 3.12.67-60_64_21 fixes several issues.

 

   The following security bugs were fixed:

 

   - CVE-2017-1000364: An issue was discovered in the size of the stack guard

     page on Linux, specifically a 4k stack guard page is not sufficiently

     large and can be “jumped” over (the stack guard page is bypassed)

     (bsc#1039496).

 

 

Patch Instructions:

 

   To install this SUSE Security Update use YaST online_update.

   Alternatively you can run the command listed for your product:

 

   - SUSE Linux Enterprise Server for SAP 12-SP1:

 

      zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1212=1

 

   - SUSE Linux Enterprise Server 12-SP1-LTSS:

 

      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1212=1

 

   To bring your system up-to-date, use “zypper patch”.

 

 

Package List:

 

   - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

 

      kgraft-patch-3_12_67-60_64_21-default-7-3.1

      kgraft-patch-3_12_67-60_64_21-xen-7-3.1

 

   - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

 

      kgraft-patch-3_12_67-60_64_21-default-7-3.1

      kgraft-patch-3_12_67-60_64_21-xen-7-3.1

 

 

References:

 

   https://www.suse.com/security/cve/CVE-2017-1000364.html

   https://bugzilla.suse.com/1013543

   https://bugzilla.suse.com/1014271

   https://bugzilla.suse.com/1021417

   https://bugzilla.suse.com/1025013

   https://bugzilla.suse.com/1025254

   https://bugzilla.suse.com/1030575

   https://bugzilla.suse.com/1031481

   https://bugzilla.suse.com/1031660

   https://bugzilla.suse.com/1039496

 

– 

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org

For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

 

 

SUSE Security Update: Security update for Linux Kernel Live Patch 12 for SLE 12 SP1

______________________________________________________________________________

 

Announcement ID:    SUSE-SU-2017:1937-1

Rating:             important

References:         #1025013 #1025254 #1030575 #1031481 #1031660 

                    #1039496 

Cross-References:   CVE-2017-1000364

Affected Products:

                    SUSE Linux Enterprise Server for SAP 12-SP1

                    SUSE Linux Enterprise Server 12-SP1-LTSS

______________________________________________________________________________

 

   An update that solves one vulnerability and has 5 fixes is

   now available.

 

Description:

 

   This update for the Linux Kernel 3.12.69-60_64_29 fixes several issues.

 

   The following security bugs were fixed:

 

   - CVE-2017-1000364: An issue was discovered in the size of the stack guard

     page on Linux, specifically a 4k stack guard page is not sufficiently

     large and can be “jumped” over (the stack guard page is bypassed)

     (bsc#1039496).

 

 

Patch Instructions:

 

   To install this SUSE Security Update use YaST online_update.

   Alternatively you can run the command listed for your product:

 

   - SUSE Linux Enterprise Server for SAP 12-SP1:

 

      zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1207=1

 

   - SUSE Linux Enterprise Server 12-SP1-LTSS:

 

      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1207=1

 

   To bring your system up-to-date, use “zypper patch”.

 

 

Package List:

 

   - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

 

      kgraft-patch-3_12_69-60_64_29-default-5-3.1

      kgraft-patch-3_12_69-60_64_29-xen-5-3.1

 

   - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

 

      kgraft-patch-3_12_69-60_64_29-default-5-3.1

      kgraft-patch-3_12_69-60_64_29-xen-5-3.1

 

 

References:

 

   https://www.suse.com/security/cve/CVE-2017-1000364.html

   https://bugzilla.suse.com/1025013

   https://bugzilla.suse.com/1025254

   https://bugzilla.suse.com/1030575

   https://bugzilla.suse.com/1031481

   https://bugzilla.suse.com/1031660

   https://bugzilla.suse.com/1039496

 

– 

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org

For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

 

 

SUSE Security Update: Security update for Linux Kernel Live Patch 13 for SLE 12 SP1

______________________________________________________________________________

 

Announcement ID:    SUSE-SU-2017:1941-1

Rating:             important

References:         #1030575 #1031481 #1031660 #1039496 

Cross-References:   CVE-2017-1000364

Affected Products:

                    SUSE Linux Enterprise Server for SAP 12-SP1

                    SUSE Linux Enterprise Server 12-SP1-LTSS

______________________________________________________________________________

 

   An update that solves one vulnerability and has three fixes

   is now available.

 

Description:

 

   This update for the Linux Kernel 3.12.69-60_64_32 fixes several issues.

 

   The following security bugs were fixed:

 

   - CVE-2017-1000364: An issue was discovered in the size of the stack guard

     page on Linux, specifically a 4k stack guard page is not sufficiently

     large and can be “jumped” over (the stack guard page is bypassed)

     (bsc#1039496).

 

 

Patch Instructions:

 

   To install this SUSE Security Update use YaST online_update.

   Alternatively you can run the command listed for your product:

 

   - SUSE Linux Enterprise Server for SAP 12-SP1:

 

      zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1208=1

 

   - SUSE Linux Enterprise Server 12-SP1-LTSS:

 

      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1208=1

 

   To bring your system up-to-date, use “zypper patch”.

 

 

Package List:

 

   - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

 

      kgraft-patch-3_12_69-60_64_32-default-4-3.1

      kgraft-patch-3_12_69-60_64_32-xen-4-3.1

 

   - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

 

      kgraft-patch-3_12_69-60_64_32-default-4-3.1

      kgraft-patch-3_12_69-60_64_32-xen-4-3.1

 

 

References:

 

   https://www.suse.com/security/cve/CVE-2017-1000364.html

   https://bugzilla.suse.com/1030575

   https://bugzilla.suse.com/1031481

   https://bugzilla.suse.com/1031660

   https://bugzilla.suse.com/1039496

 

– 

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org

For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

 

 

SUSE Security Update: Security update for Linux Kernel Live Patch 14 for SLE 12 SP1

______________________________________________________________________________

 

Announcement ID:    SUSE-SU-2017:1944-1

Rating:             important

References:         #1031481 #1031660 #1039496 

Cross-References:   CVE-2017-1000364

Affected Products:

                    SUSE Linux Enterprise Server for SAP 12-SP1

                    SUSE Linux Enterprise Server 12-SP1-LTSS

______________________________________________________________________________

 

   An update that solves one vulnerability and has two fixes

   is now available.

 

Description:

 

   This update for the Linux Kernel 3.12.69-60_64_35 fixes several issues.

 

   The following security bugs were fixed:

 

   - CVE-2017-1000364: An issue was discovered in the size of the stack guard

     page on Linux, specifically a 4k stack guard page is not sufficiently

     large and can be “jumped” over (the stack guard page is bypassed)

     (bsc#1039496).

 

 

Patch Instructions:

 

   To install this SUSE Security Update use YaST online_update.

   Alternatively you can run the command listed for your product:

 

   - SUSE Linux Enterprise Server for SAP 12-SP1:

 

      zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1210=1

 

   - SUSE Linux Enterprise Server 12-SP1-LTSS:

 

      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1210=1

 

   To bring your system up-to-date, use “zypper patch”.

 

 

Package List:

 

   - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

 

      kgraft-patch-3_12_69-60_64_35-default-3-3.1

      kgraft-patch-3_12_69-60_64_35-xen-3-3.1

 

   - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

 

      kgraft-patch-3_12_69-60_64_35-default-3-3.1

      kgraft-patch-3_12_69-60_64_35-xen-3-3.1

 

 

References:

 

   https://www.suse.com/security/cve/CVE-2017-1000364.html

   https://bugzilla.suse.com/1031481

   https://bugzilla.suse.com/1031660

   https://bugzilla.suse.com/1039496

 

– 

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org

For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

 

 

SUSE Security Update: Security update for Linux Kernel Live Patch 15 for SLE 12 SP1

______________________________________________________________________________

 

Announcement ID:    SUSE-SU-2017:1943-1

Rating:             important

References:         #1039496 

Cross-References:   CVE-2017-1000364

Affected Products:

                    SUSE Linux Enterprise Server for SAP 12-SP1

                    SUSE Linux Enterprise Server 12-SP1-LTSS

______________________________________________________________________________

 

   An update that fixes one vulnerability is now available.

 

Description:

 

   This update for the Linux Kernel 3.12.74-60_64_40 fixes one issue.

 

   The following security bugs were fixed:

 

   - CVE-2017-1000364: An issue was discovered in the size of the stack guard

     page on Linux, specifically a 4k stack guard page is not sufficiently

     large and can be “jumped” over (the stack guard page is bypassed)

     (bsc#1039496).

 

 

Patch Instructions:

 

   To install this SUSE Security Update use YaST online_update.

   Alternatively you can run the command listed for your product:

 

   - SUSE Linux Enterprise Server for SAP 12-SP1:

 

      zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1209=1

 

   - SUSE Linux Enterprise Server 12-SP1-LTSS:

 

      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1209=1

 

   To bring your system up-to-date, use “zypper patch”.

 

 

Package List:

 

   - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

 

      kgraft-patch-3_12_74-60_64_40-default-2-3.1

      kgraft-patch-3_12_74-60_64_40-xen-2-3.1

 

   - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

 

      kgraft-patch-3_12_74-60_64_40-default-2-3.1

      kgraft-patch-3_12_74-60_64_40-xen-2-3.1

 

 

References:

 

   https://www.suse.com/security/cve/CVE-2017-1000364.html

   https://bugzilla.suse.com/1039496

 

– 

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org

For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 16 for SLE 12
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:1905-1
Rating: important
References: #1012183 #1012759 #1012852 #1013543 #1014271
#1017589 #1025013 #1030575 #1039496
Cross-References: CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Server for SAP 12
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has 8 fixes is
now available.

Description:

This update for the Linux Kernel 3.12.60-52_57 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12:

zypper in -t patch SUSE-SLE-SAP-12-2017-1178=1

– SUSE Linux Enterprise Server 12-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-2017-1178=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12 (x86_64):

kgraft-patch-3_12_60-52_57-default-7-3.1
kgraft-patch-3_12_60-52_57-xen-7-3.1

– SUSE Linux Enterprise Server 12-LTSS (x86_64):

kgraft-patch-3_12_60-52_57-default-7-3.1
kgraft-patch-3_12_60-52_57-xen-7-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1012183
https://bugzilla.suse.com/1012759
https://bugzilla.suse.com/1012852
https://bugzilla.suse.com/1013543
https://bugzilla.suse.com/1014271
https://bugzilla.suse.com/1017589
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1039496


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 16 for SLE 12 SP1
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:1915-1
Rating: important
References: #1039348 #1039496 #1045340 #1045406
Cross-References: CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has three fixes
is now available.

Description:

This update for the Linux Kernel 3.12.74-60_64_45 fixes several issues.

The following bugs were fixed:

– CVE-2017-1000364: The previous fix for the stack gap increase tracked by
CVE-2017-1000364 had a regression, which is fixed by this follow up
patch. (bsc#1039496)

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12-SP1:

zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1187=1

– SUSE Linux Enterprise Server 12-SP1-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1187=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):

kgraft-patch-3_12_74-60_64_45-default-2-2.1
kgraft-patch-3_12_74-60_64_45-xen-2-2.1

– SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):

kgraft-patch-3_12_74-60_64_45-default-2-2.1
kgraft-patch-3_12_74-60_64_45-xen-2-2.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1039348
https://bugzilla.suse.com/1039496
https://bugzilla.suse.com/1045340
https://bugzilla.suse.com/1045406


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 17 for SLE 12
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:1906-1
Rating: important
References: #1013543 #1014271 #1017589 #1025013 #1030575
#1031660 #1039496
Cross-References: CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Server for SAP 12
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has 6 fixes is
now available.

Description:

This update for the Linux Kernel 3.12.60-52_60 fixes several issues.

The following security bugs were fixed:

– CVE-2017-1000364: An issue was discovered in the size of the stack guard
page on Linux, specifically a 4k stack guard page is not sufficiently
large and can be “jumped” over (the stack guard page is bypassed)
(bsc#1039496).

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12:

zypper in -t patch SUSE-SLE-SAP-12-2017-1179=1

– SUSE Linux Enterprise Server 12-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-2017-1179=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12 (x86_64):

kgraft-patch-3_12_60-52_60-default-6-3.1
kgraft-patch-3_12_60-52_60-xen-6-3.1

– SUSE Linux Enterprise Server 12-LTSS (x86_64):

kgraft-patch-3_12_60-52_60-default-6-3.1
kgraft-patch-3_12_60-52_60-xen-6-3.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1013543
https://bugzilla.suse.com/1014271
https://bugzilla.suse.com/1017589
https://bugzilla.suse.com/1025013
https://bugzilla.suse.com/1030575
https://bugzilla.suse.com/1031660
https://bugzilla.suse.com/1039496


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

 

SUSE Security Update: Security update for Linux Kernel Live Patch 18 for SLE 12

______________________________________________________________________________

 

Announcement ID:    SUSE-SU-2017:1922-1

Rating:             important

References:         #1017589 #1025013 #1030575 #1031660 #1039496 

                    

Cross-References:   CVE-2017-1000364

Affected Products:

                    SUSE Linux Enterprise Server for SAP 12

                    SUSE Linux Enterprise Server 12-LTSS

______________________________________________________________________________

 

   An update that solves one vulnerability and has four fixes

   is now available.

 

Description:

 

   This update for the Linux Kernel 3.12.60-52_63 fixes several issues.

 

   The following security bugs were fixed:

 

   - CVE-2017-1000364: An issue was discovered in the size of the stack guard

     page on Linux, specifically a 4k stack guard page is not sufficiently

     large and can be “jumped” over (the stack guard page is bypassed)

     (bsc#1039496).

 

 

Patch Instructions:

 

   To install this SUSE Security Update use YaST online_update.

   Alternatively you can run the command listed for your product:

 

   - SUSE Linux Enterprise Server for SAP 12:

 

      zypper in -t patch SUSE-SLE-SAP-12-2017-1194=1

 

   - SUSE Linux Enterprise Server 12-LTSS:

 

      zypper in -t patch SUSE-SLE-SERVER-12-2017-1194=1

 

   To bring your system up-to-date, use “zypper patch”.

 

 

Package List:

 

   - SUSE Linux Enterprise Server for SAP 12 (x86_64):

 

      kgraft-patch-3_12_60-52_63-default-6-3.1

      kgraft-patch-3_12_60-52_63-xen-6-3.1

 

   - SUSE Linux Enterprise Server 12-LTSS (x86_64):

 

      kgraft-patch-3_12_60-52_63-default-6-3.1

      kgraft-patch-3_12_60-52_63-xen-6-3.1

 

 

References:

 

   https://www.suse.com/security/cve/CVE-2017-1000364.html

   https://bugzilla.suse.com/1017589

   https://bugzilla.suse.com/1025013

   https://bugzilla.suse.com/1030575

   https://bugzilla.suse.com/1031660

   https://bugzilla.suse.com/1039496

 

– 

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org

For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

 

 

SUSE Security Update: Security update for Linux Kernel Live Patch 19 for SLE 12

______________________________________________________________________________

 

Announcement ID:    SUSE-SU-2017:1924-1

Rating:             important

References:         #1025013 #1030575 #1031660 #1039496 

Cross-References:   CVE-2017-1000364

Affected Products:

                    SUSE Linux Enterprise Server for SAP 12

                    SUSE Linux Enterprise Server 12-LTSS

______________________________________________________________________________

 

   An update that solves one vulnerability and has three fixes

   is now available.

 

Description:

 

   This update for the Linux Kernel 3.12.61-52_66 fixes several issues.

 

   The following security bugs were fixed:

 

   - CVE-2017-1000364: An issue was discovered in the size of the stack guard

     page on Linux, specifically a 4k stack guard page is not sufficiently

     large and can be “jumped” over (the stack guard page is bypassed)

     (bsc#1039496).

 

 

Patch Instructions:

 

   To install this SUSE Security Update use YaST online_update.

   Alternatively you can run the command listed for your product:

 

   - SUSE Linux Enterprise Server for SAP 12:

 

      zypper in -t patch SUSE-SLE-SAP-12-2017-1195=1

 

   - SUSE Linux Enterprise Server 12-LTSS:

 

      zypper in -t patch SUSE-SLE-SERVER-12-2017-1195=1

 

   To bring your system up-to-date, use “zypper patch”.

 

 

Package List:

 

   - SUSE Linux Enterprise Server for SAP 12 (x86_64):

 

      kgraft-patch-3_12_61-52_66-default-5-3.1

      kgraft-patch-3_12_61-52_66-xen-5-3.1

 

   - SUSE Linux Enterprise Server 12-LTSS (x86_64):

 

      kgraft-patch-3_12_61-52_66-default-5-3.1

      kgraft-patch-3_12_61-52_66-xen-5-3.1

 

 

References:

 

   https://www.suse.com/security/cve/CVE-2017-1000364.html

   https://bugzilla.suse.com/1025013

   https://bugzilla.suse.com/1030575

   https://bugzilla.suse.com/1031660

   https://bugzilla.suse.com/1039496

 

– 

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org

For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

 

 

 SUSE Security Update: Security update for Linux Kernel Live Patch 20 for SLE 12

______________________________________________________________________________

 

Announcement ID:    SUSE-SU-2017:1945-1

Rating:             important

References:         #1025013 #1031660 #1039496 

Cross-References:   CVE-2017-1000364

Affected Products:

                    SUSE Linux Enterprise Server for SAP 12

                    SUSE Linux Enterprise Server 12-LTSS

______________________________________________________________________________

 

   An update that solves one vulnerability and has two fixes

   is now available.

 

Description:

 

   This update for the Linux Kernel 3.12.61-52_69 fixes several issues.

 

   The following security bugs were fixed:

 

   - CVE-2017-1000364: An issue was discovered in the size of the stack guard

     page on Linux, specifically a 4k stack guard page is not sufficiently

     large and can be “jumped” over (the stack guard page is bypassed)

     (bsc#1039496).

 

 

Patch Instructions:

 

   To install this SUSE Security Update use YaST online_update.

   Alternatively you can run the command listed for your product:

 

   - SUSE Linux Enterprise Server for SAP 12:

 

      zypper in -t patch SUSE-SLE-SAP-12-2017-1205=1

 

   - SUSE Linux Enterprise Server 12-LTSS:

 

      zypper in -t patch SUSE-SLE-SERVER-12-2017-1205=1

 

   To bring your system up-to-date, use “zypper patch”.

 

 

Package List:

 

   - SUSE Linux Enterprise Server for SAP 12 (x86_64):

 

      kgraft-patch-3_12_61-52_69-default-3-3.1

      kgraft-patch-3_12_61-52_69-xen-3-3.1

 

   - SUSE Linux Enterprise Server 12-LTSS (x86_64):

 

      kgraft-patch-3_12_61-52_69-default-3-3.1

      kgraft-patch-3_12_61-52_69-xen-3-3.1

 

 

References:

 

   https://www.suse.com/security/cve/CVE-2017-1000364.html

   https://bugzilla.suse.com/1025013

   https://bugzilla.suse.com/1031660

   https://bugzilla.suse.com/1039496

 

– 

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org

For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

 

 

SUSE Security Update: Security update for Linux Kernel Live Patch 21 for SLE 12

______________________________________________________________________________

 

Announcement ID:    SUSE-SU-2017:1939-1

Rating:             important

References:         #1039496 

Cross-References:   CVE-2017-1000364

Affected Products:

                    SUSE Linux Enterprise Server for SAP 12

                    SUSE Linux Enterprise Server 12-LTSS

______________________________________________________________________________

 

   An update that fixes one vulnerability is now available.

 

Description:

 

   This update for the Linux Kernel 3.12.61-52_72 fixes one issue.

 

   The following security bugs were fixed:

 

   - CVE-2017-1000364: An issue was discovered in the size of the stack guard

     page on Linux, specifically a 4k stack guard page is not sufficiently

     large and can be “jumped” over (the stack guard page is bypassed)

     (bsc#1039496).

 

 

Patch Instructions:

 

   To install this SUSE Security Update use YaST online_update.

   Alternatively you can run the command listed for your product:

 

   - SUSE Linux Enterprise Server for SAP 12:

 

      zypper in -t patch SUSE-SLE-SAP-12-2017-1206=1

 

   - SUSE Linux Enterprise Server 12-LTSS:

 

      zypper in -t patch SUSE-SLE-SERVER-12-2017-1206=1

 

   To bring your system up-to-date, use “zypper patch”.

 

 

Package List:

 

   - SUSE Linux Enterprise Server for SAP 12 (x86_64):

 

      kgraft-patch-3_12_61-52_72-default-2-3.1

      kgraft-patch-3_12_61-52_72-xen-2-3.1

 

   - SUSE Linux Enterprise Server 12-LTSS (x86_64):

 

      kgraft-patch-3_12_61-52_72-default-2-3.1

      kgraft-patch-3_12_61-52_72-xen-2-3.1

 

 

References:

 

   https://www.suse.com/security/cve/CVE-2017-1000364.html

   https://bugzilla.suse.com/1039496

 

– 

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org

For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

 

SUSE Security Update: Security update for Linux Kernel Live Patch 22 for SLE 12
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:1912-1
Rating: important
References: #1039348 #1039496 #1045340 #1045406
Cross-References: CVE-2017-1000364
Affected Products:
SUSE Linux Enterprise Server for SAP 12
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________

An update that solves one vulnerability and has three fixes
is now available.

Description:

This update for the Linux Kernel 3.12.61-52_77 fixes several issues.

The following bugs were fixed:

– CVE-2017-1000364: The previous fix for the stack gap increase tracked by
CVE-2017-1000364 had a regression, which is fixed by this follow up
patch. (bsc#1039496)

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Linux Enterprise Server for SAP 12:

zypper in -t patch SUSE-SLE-SAP-12-2017-1188=1

– SUSE Linux Enterprise Server 12-LTSS:

zypper in -t patch SUSE-SLE-SERVER-12-2017-1188=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Linux Enterprise Server for SAP 12 (x86_64):

kgraft-patch-3_12_61-52_77-default-2-2.1
kgraft-patch-3_12_61-52_77-xen-2-2.1

– SUSE Linux Enterprise Server 12-LTSS (x86_64):

kgraft-patch-3_12_61-52_77-default-2-2.1
kgraft-patch-3_12_61-52_77-xen-2-2.1

References:

https://www.suse.com/security/cve/CVE-2017-1000364.html
https://bugzilla.suse.com/1039348
https://bugzilla.suse.com/1039496
https://bugzilla.suse.com/1045340
https://bugzilla.suse.com/1045406


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa spice

Otkriven je sigurnosni nedostatak u programskom paketu spice za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izvršavanje proizvoljnog programskog...

Close