Overview

File _patchinfo of Package patchinfo.12972

<?xml version="1.0"?>
<patchinfo incident="12972">
  <issue id="1144903" tracker="bnc">VUL-0: EMBARGOED: CVE-2019-10220: kernel-source: Samba servers can inject relative paths in directory entry lists</issue>
  <issue id="1153158" tracker="bnc">VUL-0: CVE-2019-17133: kernel-source: cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.</issue>
  <issue id="1153108" tracker="bnc">VUL-0: EMBARGOED: CVE-2019-10220: kernel live patch: Samba servers can inject relative paths in directory entry lists</issue>
  <issue id="1153161" tracker="bnc">VUL-0: CVE-2019-17133: kernel live patch: cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.</issue>
  <issue id="2019-10220" tracker="cve"/>
  <issue id="2019-17133" tracker="cve"/>
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 3.12.74-60_64_110 fixes several issues.

The following security issues were fixed:

- CVE-2019-10220: Fixed a relative path escape in the Samba client module (bsc#1144903, bsc#1153108).
- CVE-2019-17133: Fixed a buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c caused by long SSID IEs (bsc#1153158).
</description>
<summary>Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP1)</summary>
<issue id="904970" tracker="bnc"/><issue id="920633" tracker="bnc"/><issue id="920615" tracker="bnc"/><issue id="907150" tracker="bnc"/><issue id="317769" tracker="fate"/><issue id="930408" tracker="bnc"/><issue id="2018-5390" tracker="cve"/><issue id="1102682" tracker="bnc"/><issue id="1103203" tracker="bnc"/><issue id="2019-11487" tracker="cve"/><issue id="2019-3846" tracker="cve"/><issue id="1133191" tracker="bnc"/><issue id="2019-11477" tracker="cve"/><issue id="2019-11478" tracker="cve"/><issue id="1136446" tracker="bnc"/><issue id="1137597" tracker="bnc"/><issue id="1140747" tracker="bnc"/><issue id="2019-10220" tracker="cve"/><issue id="2019-14835" tracker="cve"/><issue id="1151021" tracker="bnc"/><issue id="2019-17133" tracker="cve"/><issue id="1153161" tracker="bnc"/><issue id="1153108" tracker="bnc"/></patchinfo>
openSUSE Build Service is sponsored by
Places