Overview Repositories Revisions Requests Users Attributes Meta
kernel: security and bugfix update to 3.4.63

The Linux kernel was updated to 3.4.63, fixing various bugs and security issues.

- Linux 3.4.59 (CVE-2013-2237 bnc#828119).
- Linux 3.4.57 (CVE-2013-2148 bnc#823517).
- Linux 3.4.55 (CVE-2013-2232 CVE-2013-2234 CVE-2013-4162
CVE-2013-4163 bnc#827749 bnc#827750 bnc#831055 bnc#831058).

- Drivers: hv: util: Fix a bug in util version negotiation code
(bnc#838346).
- vmxnet3: prevent div-by-zero panic when ring resizing
uninitialized dev (bnc#833321).

- bnx2x: protect different statistics flows (bnc#814336).
- bnx2x: Avoid sending multiple statistics queries (bnc#814336).

- Drivers: hv: util: Fix a bug in version negotiation code for
util services (bnc#828714).

- Update Xen patches to 3.4.53.
- netfront: fix kABI after "reduce gso_max_size to account for
max TCP header".
- netback: don't disconnect frontend when seeing oversize packet
(bnc#823342).
- netfront: reduce gso_max_size to account for max TCP header.
- backends: Check for insane amounts of requests on the ring.

- reiserfs: Fixed double unlock in reiserfs_setattr failure path.

- reiserfs: locking, release lock around quota operations
(bnc#815320).
- reiserfs: locking, handle nested locks properly (bnc#815320).
- reiserfs: locking, push write lock out of xattr code
(bnc#815320).

- ipv6: ip6_append_data_mtu did not care about pmtudisc and
frag_size (bnc#831055, CVE-2013-4163).

- af_key: fix info leaks in notify messages (bnc#827749
CVE-2013-2234).
- af_key: initialize satype in key_notify_policy_flush()
(bnc#828119 CVE-2013-2237).

- ipv6: call udp_push_pending_frames when uncorking a socket with
(bnc#831058, CVE-2013-4162).

- ipv6: ip6_sk_dst_check() must not assume ipv6 dst.

- xfs: fix _xfs_buf_find oops on blocks beyond the filesystem end
(CVE-2013-1819 bnc#807471).

- brcmsmac: don't start device when RfKill is engaged
(bnc#787649).

- CIFS: Protect i_nlink from being negative (bnc#785542
bnc#789598).

- cifs: don't compare uniqueids in cifs_prime_dcache unless
server inode numbers are in use (bnc#794988).

- xfs: xfs: fallback to vmalloc for large buffers in
xfs_compat_attrlist_by_handle (bnc#818053 bnc#807153).
- xfs: fallback to vmalloc for large buffers in
xfs_attrlist_by_handle (bnc#818053 bnc#807153).

- Linux 3.4.53 (CVE-2013-2164 CVE-2013-2851 bnc#822575
bnc#824295).

- drivers/cdrom/cdrom.c: use kzalloc() for failing hardware
(bnc#824295, CVE-2013-2164).

- fanotify: info leak in copy_event_to_user() (CVE-2013-2148
bnc#823517).

- block: do not pass disk names as format strings (bnc#822575
CVE-2013-2851).

- ext4: avoid hang when mounting non-journal filesystems with
orphan list (bnc#817377).

- Linux 3.4.49 (CVE-2013-0231 XSA-43 bnc#801178).

- Linux 3.4.48 (CVE-2013-1774 CVE-2013-2850 bnc#806976
bnc#821560).

- Always include the git commit in KOTD builds
This allows us not to set it explicitly in builds submitted to the
official distribution (bnc#821612, bnc#824171).

- Bluetooth: Really fix registering hci with duplicate name
(bnc#783858).
- Bluetooth: Fix registering hci with duplicate name (bnc#783858).

Fixed bugs
bnc#824171
prepared kernel update openSUSE_Maintenance_1695 is not installable
bnc#783858
Connecting two USB bluetooth dongles causing crash
bnc#821612
bad release number in update candidate openSUSE:Maintenance:1686:176387
bnc#806976
VUL-1: CVE-2013-1774: kernel: usb: io_ti: NULL pointer dereference
bnc#785542
dangerous-looking kernel call trace for CIFS
bnc#801178
VUL-0: Xen: XSA-43: CVE-2013-0231: Linux pciback DoS via not rate limited log messages
bnc#817377
VUL-1: kernel: CVE-2013-2015: ext4 hang during mount
bnc#828714
Drivers: hv: util: Fix a bug in version negotiation code for util
bnc#823342
Frame too big on dom0 kills Xen vif of domU
bnc#827749
VUL-1: kernel: CVE-2013-2234: infoleak in AF_KEY notify messages
bnc#828119
VUL-1: CVE-2013-2237: kernel: information leak in AF_KEY
bnc#822575
VUL-1: kernel: CVE-2013-2851: block layer format string flaw
bnc#831058
VUL-0: CVE-2013-4162: kernel: ipv6: panic while pushing pending data out of an IPv6 socket with UDP_CORK enabled.
bnc#789598
kernel calltrace cifs access
bnc#838346
kernel update candidate 3.0.93-0.8: hyper-v interface defunct when running under Windows Server 2008 R2
bnc#831055
VUL-0: CVE-2013-4163: kernel: ipv6: panic while appending data to a corked IPv6 socket in ip6_append_data_mtu
bnc#807153
xfsdump reports "WARNING: could not get list of non-root attributes ...."
bnc#815320
reiserfs hang
bnc#833321
Backport vmxnet3 fixes to SLES11 SP3
bnc#823517
VUL-0: CVE-2013-2148: kernel: fanotify: info leak in copy_event_to_user
bnc#827750
VUL-0: kernel: CVE-2013-2232: crash via AF_INET6 sockets
bnc#835414
Kernel 3.4.47 - Compile error: called object ‘efi_enabled’ is not a function
bnc#787649
Hard freeze when starting wpa_supplicant and radio turned off
bnc#818053
TiNa backups fail due to page allocation failure from getxattr
bnc#821560
VUL-0: kernel: CVE-2013-2850: iSCSI target heap overflow
bnc#794988
cifs: don't compare uniqueids in cifs_prime_dcache unless server inode numbers are in use
bnc#807471
VUL-1: CVE-2013-1819: kernel: xfs: _xfs_buf_find NULL pointer dereference
bnc#824295
VUL-0: kernel: CVE-2013-2164: Leak information in cdrom driver.
bnc#814336
L3: bnx2x_panic_dump
CVE-CVE-2013-2164
CVE-CVE-2013-2148
CVE-CVE-2013-2850
CVE-CVE-2013-2851
CVE-CVE-2013-2232
CVE-CVE-2013-0231
CVE-CVE-2013-1819
CVE-CVE-2013-2237
CVE-CVE-2013-1774
CVE-CVE-2013-2234
CVE-CVE-2013-4162
CVE-CVE-2013-4163
Selected Binaries
openSUSE Build Service is sponsored by
Places