Oval Definition:	oval:org.opensuse.security:def:55648
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Important) Description: The SUSE Linux Enterprise 12 kernel was updated to 3.12.60 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2014-9717: fs/namespace.c in the Linux kernel processes MNT_DETACH umount2 system called without verifying that the MNT_LOCKED flag is unset, which allowed local users to bypass intended access restrictions and navigate to filesystem locations beneath a mount by calling umount2 within a user namespace (bnc#928547). - CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bnc#968010). - CVE-2015-8845: The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel on powerpc platforms did not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allowed local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application (bnc#975533). - CVE-2016-0758: Fix ASN.1 indefinite length object parsing (bsc#979867). - CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bnc#963762). - CVE-2016-2143: The fork implementation in the Linux kernel on s390 platforms mishandled the case of four page-table levels, which allowed local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h. (bnc#970504) - CVE-2016-2184: The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971125). - CVE-2016-2185: The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971124). - CVE-2016-2186: The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970958). - CVE-2016-2188: The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970956). - CVE-2016-2782: The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint (bnc#968670). - CVE-2016-2847: fs/pipe.c in the Linux kernel did not limit the amount of unread data in pipes, which allowed local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes (bnc#970948). - CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bnc#971126). - CVE-2016-3136: The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device without two interrupt-in endpoint descriptors (bnc#970955). - CVE-2016-3137: drivers/usb/serial/cypress_m8.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions (bnc#970970). - CVE-2016-3138: The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor (bnc#970911). - CVE-2016-3139: The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970909). - CVE-2016-3140: The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970892). - CVE-2016-3156: The IPv4 implementation in the Linux kernel mishandled destruction of device objects, which allowed guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses (bnc#971360). - CVE-2016-3672: The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel did not properly randomize the legacy base address, which made it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid or setgid program, by disabling stack-consumption resource limits (bnc#974308). - CVE-2016-3689: The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface (bnc#971628). - CVE-2016-3951: Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor (bnc#974418). - CVE-2016-4482: The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call (bnc#978401). - CVE-2016-4486: The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#978822). - CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bnc#979548). - CVE-2016-4569: The snd_timer_user_params function in sound/core/timer.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface (bnc#979213). - CVE-2016-4578: sound/core/timer.c in the Linux kernel did not initialize certain r1 data structures, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions (bnc#979879). - CVE-2016-4805: Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions (bnc#980371). - CVE-2016-5244: Fixed an infoleak in rds_inc_info_copy (bsc#983213). The following non-security bugs were fixed: - ALSA: hrtimer: Handle start/stop more properly (bsc#973378). - ALSA: timer: Call notifier in the same spinlock (bsc#973378). - ALSA: timer: Protect the whole snd_timer_close() with open race (bsc#973378). - ALSA: timer: Sync timer deletion at closing the system timer (bsc#973378). - ALSA: timer: Use mod_timer() for rearming the system timer (bsc#973378). - Btrfs-8394-qgroup-Account-data-space-in-more-proper-timin.patch: (bsc#963193). - Btrfs: do not collect ordered extents when logging that inode exists (bsc#977685). - Btrfs: do not use src fd for printk (bsc#980348). - Btrfs: fix deadlock between direct IO reads and buffered writes (bsc#973855). - Btrfs: fix empty symlink after creating symlink and fsync parent dir (bsc#977685). - Btrfs: fix file loss on log replay after renaming a file and fsync (bsc#977685). - Btrfs: fix file/data loss caused by fsync after rename and new inode (bsc#977685). - Btrfs: fix for incorrect directory entries after fsync log replay (bsc#957805, bsc#977685). - Btrfs: fix loading of orphan roots leading to BUG_ON (bsc#972844). - Btrfs: fix race between fsync and lockless direct IO writes (bsc#977685). - Btrfs: fix unreplayable log after snapshot delete + parent dir fsync (bsc#977685). - Btrfs: handle non-fatal errors in btrfs_qgroup_inherit() (bsc#972951). - Btrfs: qgroup: Fix dead judgement on qgroup_rescan_leaf() return value (bsc#969439). - Btrfs: qgroup: Fix qgroup accounting when creating snapshot (bsc#972933). - Btrfs: qgroup: return EINVAL if level of parent is not higher than child's (bsc#972951). - Btrfs: teach backref walking about backrefs with underflowed offset values (bsc#975371). - CacheFiles: Fix incorrect test for in-memory object collision (bsc#971049). - CacheFiles: Handle object being killed before being set up (bsc#971049). - Ceph: Remove racey watch/notify event infrastructure (bsc#964727) - Driver: Vmxnet3: set CHECKSUM_UNNECESSARY for IPv6 packets (bsc#976739). - FS-Cache: Add missing initialization of ret in cachefiles_write_page() (bsc#971049). - FS-Cache: Count culled objects and objects rejected due to lack of space (bsc#971049). - FS-Cache: Fix cancellation of in-progress operation (bsc#971049). - FS-Cache: Handle a new operation submitted against a killed object (bsc#971049). - FS-Cache: Move fscache_report_unexpected_submission() to make it more available (bsc#971049). - FS-Cache: Out of line fscache_operation_init() (bsc#971049). - FS-Cache: Permit fscache_cancel_op() to cancel in-progress operations too (bsc#971049). - FS-Cache: Put an aborted initialised op so that it is accounted correctly (bsc#971049). - FS-Cache: Reduce cookie ref count if submit fails (bsc#971049). - FS-Cache: Synchronise object death state change vs operation submission (bsc#971049). - FS-Cache: The operation cancellation method needs calling in more places (bsc#971049). - FS-Cache: Timeout for releasepage() (bsc#971049). - FS-Cache: When submitting an op, cancel it if the target object is dying (bsc#971049). - FS-Cache: fscache_object_is_dead() has wrong logic, kill it (bsc#971049). - Fix cifs_uniqueid_to_ino_t() function for s390x (bsc#944309) - Fix kabi issue (bsc#971049). - Fix kmalloc overflow in LPFC driver at large core count (bsc#969690). - Fix problem with setting ACL on directories (bsc#967251). - Input: i8042 - lower log level for 'no controller' message (bsc#945345). - KVM: SVM: add rdmsr support for AMD event registers (bsc#968448). - MM: increase safety margin provided by PF_LESS_THROTTLE (bsc#956491). - NFSv4.1: do not use machine credentials for CLOSE when using 'sec=sys' (bsc#972003). - PCI/AER: Fix aer_inject error codes (bsc#931448). - PCI/AER: Log actual error causes in aer_inject (bsc#931448). - PCI/AER: Log aer_inject error injections (bsc#931448). - PCI/AER: Use dev_warn() in aer_inject (bsc#931448). - Revert 'libata: Align ata_device's id on a cacheline'. - Revert 'net/ipv6: add sysctl option accept_ra_min_hop_limit'. - USB: quirk to stop runtime PM for Intel 7260 (bnc#984456). - USB: usbip: fix potential out-of-bounds write (bnc#975945). - USB: xhci: Add broken streams quirk for Frescologic device id 1009 (bnc#982698). - Update patches.drivers/0001-nvme-fix-max_segments-integer-truncation.patch (bsc#979419). Fix reference. - Update patches.drivers/drm-ast-Initialize-data-needed-to-map-fbdev-memory.patch (bnc#880007). Fix refs and upstream status. - Update patches.kernel.org/patch-3.12.55-56 references (add bsc#973570). - Update patches.suse/kgr-0102-add-TAINT_KGRAFT.patch (bsc#974406). - acpi: Disable ACPI table override when UEFI Secure Boot is enabled (bsc#970604). - acpi: Disable APEI error injection if securelevel is set (bsc#972891). - cachefiles: perform test on s_blocksize when opening cache file (bsc#971049). - cpuset: Fix potential deadlock w/ set_mems_allowed (bsc#960857, bsc#974646). - dmapi: fix dm_open_by_handle_rvp taking an extra ref to mnt (bsc#967292). - drm/core: Preserve the framebuffer after removing it (bsc#968812). - drm/mgag200: Add support for a new G200eW3 chipset (bsc#983904). - drm/mgag200: Add support for a new rev of G200e (bsc#983904). - drm/mgag200: Black screen fix for G200e rev 4 (bsc#983904). - drm/mgag200: remove unused variables (bsc#983904). - drm/radeon: fix-up some float to fixed conversion thinkos (bsc#968813). - drm/radeon: use HDP_MEM_COHERENCY_FLUSH_CNTL for sdma as well (bsc#968813). - drm: qxl: Workaround for buggy user-space (bsc#981344). - efifb: Fix 16 color palette entry calculation (bsc#983318). - ehci-pci: enable interrupt on BayTrail (bnc#947337). - enic: set netdev->vlan_features (bsc#966245). - ext4: fix races between page faults and hole punching (bsc#972174). - ext4: fix races of writeback with punch hole and zero range (bsc#972174). - fix: print ext4 mountopt data_err=abort correctly (bsc#969735). - fs, seq_file: fallback to vmalloc instead of oom kill processes (bnc#968687). - fs, seqfile: always allow oom killer (bnc#968687). - fs/pipe.c: skip file_update_time on frozen fs (bsc#975488). - hid-elo: kill not flush the work (bnc#982354). - ibmvscsi: Remove unsupported host config MAD (bsc#973556). - ipv6: make fib6 serial number per namespace (bsc#965319). - ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs (bsc#956852). - ipv6: per netns FIB garbage collection (bsc#965319). - ipv6: per netns fib6 walkers (bsc#965319). - ipv6: replace global gc_args with local variable (bsc#965319). - ipvs: count pre-established TCP states as active (bsc#970114). - kABI: kgr: fix subtle race with kgr_module_init(), going notifier and kgr_modify_kernel(). - kABI: protect enum enclosure_component_type. - kABI: protect function file_open_root. - kABI: protect include in evm. - kABI: protect struct dm_exception_store_type. - kABI: protect struct fib_nh_exception. - kABI: protect struct module. - kABI: protect struct rq. - kABI: protect struct sched_class. - kABI: protect struct scm_creds. - kABI: protect struct user_struct. - kABI: protect struct user_struct. - kabi fix for patches.fixes/reduce-m_start-cost (bsc#966573). - kabi/severities: Whitelist libceph and rbd (bsc#964727). - kabi: kgr, add reserved fields - kabi: protect struct fc_rport_priv (bsc#953233, bsc#962846). - kabi: protect struct netns_ipv6 after FIB6 GC series (bsc#965319). - kgr: add TAINT_KGRAFT - kgr: add kgraft annotation to hwrng kthread. - kgr: add kgraft annotations to kthreads' wait_event_freezable() API calls. - kgr: add objname to kgr_patch_fun struct. - kgr: add sympos and objname to error and debug messages. - kgr: add sympos as disambiguator field to kgr_patch_fun structure. - kgr: add sympos to sysfs. - kgr: call kgr_init_ftrace_ops() only for loaded objects. - kgr: change to kallsyms_on_each_symbol iterator. - kgr: define pr_fmt and modify all pr_* messages. - kgr: do not print error for !abort_if_missing symbols (bnc#943989). - kgr: do not return and print an error only if the object is not loaded. - kgr: do not use WQ_MEM_RECLAIM workqueue (bnc#963572). - kgr: fix an asymmetric dealing with delayed module loading. - kgr: fix redirection on s390x arch (bsc#903279). - kgr: fix subtle race with kgr_module_init(), going notifier and kgr_modify_kernel(). - kgr: handle btrfs kthreads (bnc#889207). - kgr: kmemleak, really mark the kthread safe after an interrupt. - kgr: log when modifying kernel. - kgr: mark some more missed kthreads (bnc#962336). - kgr: remove abort_if_missing flag. - kgr: usb/storage: do not emit thread awakened (bnc#899908). - kgraft/gfs2: Do not block livepatching in the log daemon for too long. - kgraft/xen: Do not block livepatching in the XEN blkif kthread. - libfc: replace 'rp_mutex' with 'rp_lock' (bsc#953233, bsc#962846). - memcg: do not hang on OOM when killed by userspace OOM access to memory reserves (bnc#969571). - mld, igmp: Fix reserved tailroom calculation (bsc#956852). - mmc: Allow forward compatibility for eMMC (bnc#966054). - mmc: sdhci: Allow for irq being shared (bnc#977582). - net/qlge: Avoids recursive EEH error (bsc#954847). - net: Account for all vlan headers in skb_mac_gso_segment (bsc#968667). - net: Start with correct mac_len in skb_network_protocol (bsc#968667). - net: disable fragment reassembly if high_thresh is set to zero (bsc#970506). - net: fix wrong mac_len calculation for vlans (bsc#968667). - net: irda: Fix use-after-free in irtty_open() (bnc#967903). - nfs4: treat lock owners as opaque values (bnc#968141). - nfs: fix high load average due to callback thread sleeping (bsc#971170). - nfsd: fix nfsd_setattr return code for HSM (bsc#969992). - nvme: fix max_segments integer truncation (bsc#676471). - ocfs2: do not set fs read-only if rec[0] is empty while committing truncate (bnc#971947). - ocfs2: extend enough credits for freeing one truncate record while replaying truncate records (bnc#971947). - ocfs2: extend transaction for ocfs2_remove_rightmost_path() and ocfs2_update_edge_lengths() before to avoid inconsistency between inode and et (bnc#971947). - perf, nmi: Fix unknown NMI warning (bsc#968512). - pipe: limit the per-user amount of pages allocated in pipes (bsc#970948). - rbd: do not log miscompare as an error (bsc#970062). - rbd: handle OBJ_REQUEST_SG types for copyup (bsc#983394). - rbd: report unsupported features to syslog (bsc#979169). - rbd: use GFP_NOIO consistently for request allocations (bsc#971159). - reduce m_start() cost.. (bsc#966573). - rpm/modprobe-xen.conf: Revert comment change to allow parallel install (bsc#957986). This reverts commit 6c6d86d3cdc26f7746fe4ba2bef8859b5aeb346c. - s390/pageattr: do a single TLB flush for change_page_attr (bsc#940413). - sched/x86: Fix up typo in topology detection (bsc#974165). - scsi: proper state checking and module refcount handling in scsi_device_get (boo#966831). - series.conf: move netfilter section at the end of core networking - supported.conf: Add bridge.ko for OpenStack (bsc#971600) - supported.conf: Add isofs to -base (bsc#969655). - supported.conf:Add drivers/infiniband/hw/ocrdma/ocrdma.ko to supported.conf (bsc#964461) - target/rbd: do not put snap_context twice (bsc#981143). - target/rbd: remove caw_mutex usage (bsc#981143). - target: Drop incorrect ABORT_TASK put for completed commands (bsc#962872). - target: Fix LUN_RESET active I/O handling for ACK_KREF (bsc#962872). - target: Fix LUN_RESET active TMR descriptor handling (bsc#962872). - target: Fix TAS handling for multi-session se_node_acls (bsc#962872). - target: Fix race with SCF_SEND_DELAYED_TAS handling (bsc#962872). - target: Fix remote-port TMR ABORT + se_cmd fabric stop (bsc#962872). - vgaarb: Add more context to error messages (bsc#976868). - x86, sched: Add new topology for multi-NUMA-node CPUs (bsc#974165). - x86/efi: parse_efi_setup() build fix (bsc#979485). - x86: standardize mmap_rnd() usage (bnc#974308). - xen/acpi: Disable ACPI table override when UEFI Secure Boot is enabled (bsc#970604). - xfs/dmapi: drop lock over synchronous XFS_SEND_DATA events (bsc#969993). - xfs/dmapi: propertly send postcreate event (bsc#967299). Family: unix Class: patch Status: Reference(s): 1024014 1024017 1024034 1036244 1037559 1048942 1049302 1049305 1049306 1049307 1049308 1049309 1049310 1049311 1049312 1049313 1049314 1049315 1049316 1049317 1049318 1049319 1049320 1049321 1049322 1049323 1049324 1049325 1049326 1049327 1049328 1049329 1049330 1049331 1049332 1051510 1078248 1082635 1089644 1091041 1108043 1113722 1114279 1117169 1122012 1131107 1138034 1138039 1140948 1143706 1144333 1149448 1150466 1151548 1151900 1152782 1153628 1153681 1153811 1154043 1154058 1154124 1154355 1154526 1154956 1155021 1155689 1155692 1155836 1155897 1155921 1155982 1156187 1156258 1156429 1156466 1156471 1156494 1156609 1156700 1156729 1156882 1157038 1157042 1157070 1157143 1157145 1157158 1157162 1157171 1157173 1157178 1157180 1157182 1157183 1157184 1157191 1157193 1157197 1157298 1157307 1157324 1157333 1157424 1157463 1157499 1157678 1157698 1157778 1157908 1158049 1158063 1158064 1158065 1158066 1158067 1158068 1158082 676471 754481 773612 815451 821670 880007 889207 899908 903279 928547 931448 934401 936786 937258 937343 937787 940413 943989 944309 945345 947337 953233 954270 954470 954847 956491 956852 957805 957986 958789 958790 960857 962336 962846 962872 963193 963572 963762 964461 964727 965319 966054 966245 966573 966831 967190 967251 967292 967299 967903 968010 968141 968448 968512 968667 968670 968687 968787 968812 968813 969439 969571 969655 969690 969727 969735 969992 969993 970062 970114 970504 970506 970604 970892 970909 970911 970948 970955 970956 970958 970970 971049 971124 971125 971126 971159 971170 971360 971600 971628 971947 972003 972174 972844 972891 972933 972951 973010 973164 973378 973556 973570 973855 974165 974308 974406 974418 974646 975371 975488 975533 975930 975945 976739 976868 976955 977582 977685 978401 978822 979169 979213 979419 979485 979548 979867 979879 980348 980371 980483 980854 981143 981344 982354 982698 983213 983318 983394 983904 984456 CVE-2011-1098 CVE-2011-1154 CVE-2011-1155 CVE-2012-3438 CVE-2013-2002 CVE-2013-2005 CVE-2014-8484 CVE-2014-8485 CVE-2014-8501 CVE-2014-8502 CVE-2014-8503 CVE-2014-8504 CVE-2014-8737 CVE-2014-8738 CVE-2014-9717 CVE-2015-2695 CVE-2015-3239 CVE-2015-4792 CVE-2015-4802 CVE-2015-4807 CVE-2015-4815 CVE-2015-4816 CVE-2015-4819 CVE-2015-4826 CVE-2015-4830 CVE-2015-4836 CVE-2015-4858 CVE-2015-4861 CVE-2015-4870 CVE-2015-4879 CVE-2015-4895 CVE-2015-4913 CVE-2015-7514 CVE-2015-8816 CVE-2015-8845 CVE-2016-0758 CVE-2016-10198 CVE-2016-10199 CVE-2016-1234 CVE-2016-2053 CVE-2016-2143 CVE-2016-2184 CVE-2016-2185 CVE-2016-2186 CVE-2016-2188 CVE-2016-2782 CVE-2016-2847 CVE-2016-3075 CVE-2016-3134 CVE-2016-3136 CVE-2016-3137 CVE-2016-3138 CVE-2016-3139 CVE-2016-3140 CVE-2016-3156 CVE-2016-3672 CVE-2016-3689 CVE-2016-3706 CVE-2016-3951 CVE-2016-4429 CVE-2016-4482 CVE-2016-4486 CVE-2016-4565 CVE-2016-4569 CVE-2016-4578 CVE-2016-4805 CVE-2016-5244 CVE-2017-10053 CVE-2017-10067 CVE-2017-10074 CVE-2017-10078 CVE-2017-10081 CVE-2017-10086 CVE-2017-10087 CVE-2017-10089 CVE-2017-10090 CVE-2017-10096 CVE-2017-10101 CVE-2017-10102 CVE-2017-10105 CVE-2017-10107 CVE-2017-10108 CVE-2017-10109 CVE-2017-10110 CVE-2017-10111 CVE-2017-10114 CVE-2017-10115 CVE-2017-10116 CVE-2017-10118 CVE-2017-10125 CVE-2017-10135 CVE-2017-10176 CVE-2017-10193 CVE-2017-10198 CVE-2017-10243 CVE-2017-5840 CVE-2017-8422 CVE-2017-8779 CVE-2019-10164 CVE-2019-14895 CVE-2019-15916 CVE-2019-16231 CVE-2019-17055 CVE-2019-18660 CVE-2019-18683 CVE-2019-18805 CVE-2019-18809 CVE-2019-19049 CVE-2019-19052 CVE-2019-19056 CVE-2019-19057 CVE-2019-19058 CVE-2019-19060 CVE-2019-19062 CVE-2019-19063 CVE-2019-19065 CVE-2019-19067 CVE-2019-19068 CVE-2019-19073 CVE-2019-19074 CVE-2019-19075 CVE-2019-19077 CVE-2019-19227 SUSE-SU-2015:2294-1 SUSE-SU-2016:0121-1 SUSE-SU-2016:1690-1 SUSE-SU-2016:1733-1 SUSE-SU-2017:1004-1 SUSE-SU-2017:1335-1 SUSE-SU-2017:1336-1 SUSE-SU-2017:2175-1 SUSE-SU-2019:0284-1 SUSE-SU-2019:1783-1 SUSE-SU-2019:3371-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information gnome-shell-3.26.2+20180130.0d9c74212-lp150.2 is installed OR gnome-shell-calendar-3.26.2+20180130.0d9c74212-lp150.2 is installed OR gnome-shell-lang-3.26.2+20180130.0d9c74212-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information gvim-8.0.1568-lp151.5.3 is installed OR vim-8.0.1568-lp151.5.3 is installed OR vim-data-8.0.1568-lp151.5.3 is installed OR vim-data-common-8.0.1568-lp151.5.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information ImageMagick-6.4.3.6-7.26 is installed OR libMagick++1-6.4.3.6-7.26 is installed OR libMagickCore1-6.4.3.6-7.26 is installed OR libMagickCore1-32bit-6.4.3.6-7.26 is installed OR libMagickWand1-6.4.3.6-7.26 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information krb5-1.6.3-133.49.103 is installed OR krb5-32bit-1.6.3-133.49.103 is installed OR krb5-client-1.6.3-133.49.103 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information kernel-default-3.12.60-52.49 is installed OR kernel-default-devel-3.12.60-52.49 is installed OR kernel-default-extra-3.12.60-52.49 is installed OR kernel-devel-3.12.60-52.49 is installed OR kernel-macros-3.12.60-52.49 is installed OR kernel-source-3.12.60-52.49 is installed OR kernel-syms-3.12.60-52.49 is installed OR kernel-xen-3.12.60-52.49 is installed OR kernel-xen-devel-3.12.60-52.49 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libecpg6-10.9-1.12 is installed OR libpq5-10.9-1.12 is installed OR libpq5-32bit-10.9-1.12 is installed OR postgresql10-10.9-1.12 is installed OR postgresql10-libs-10.9-1.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND binutils-2.25.0-13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information java-1_8_0-openjdk-1.8.0.144-27.5 is installed OR java-1_8_0-openjdk-demo-1.8.0.144-27.5 is installed OR java-1_8_0-openjdk-devel-1.8.0.144-27.5 is installed OR java-1_8_0-openjdk-headless-1.8.0.144-27.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information coreutils-8.25-12 is installed OR coreutils-lang-8.25-12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-30.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_120-92_70-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_20-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_80-default-2-2 is installed OR kgraft-patch-SLE12-SP2_Update_22-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND libtcnative-1-0-1.1.34-12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information ghostscript-9.52-23.34 is installed OR ghostscript-x11-9.52-23.34 is installed OR libspectre-0.2.7-12.10 is installed OR libspectre1-0.2.7-12.10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_176-94_88-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_24-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information python-cffi-1.11.2-5.11 is installed OR python-cryptography-2.1.4-7.28 is installed OR python-xattr-0.7.5-6.3 is installed OR python3-cffi-1.11.2-5.11 is installed OR python3-cryptography-2.1.4-7.28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information sysstat-12.0.2-10.18 is installed OR sysstat-isag-12.0.2-10.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND dstat-0.7.3-1 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information openstack-ironic-4.2.3~a0~dev14-1 is installed OR openstack-ironic-api-4.2.3~a0~dev14-1 is installed OR openstack-ironic-conductor-4.2.3~a0~dev14-1 is installed OR python-ironic-4.2.3~a0~dev14-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information apache2-2.4.23-29.54 is installed OR apache2-doc-2.4.23-29.54 is installed OR apache2-example-pages-2.4.23-29.54 is installed OR apache2-prefork-2.4.23-29.54 is installed OR apache2-utils-2.4.23-29.54 is installed OR apache2-worker-2.4.23-29.54 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND python-Django-1.11.23-3.12 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND haproxy-1.6.11-11.3 is installed
BACK