File _patchinfo of Package patchinfo.13014

<?xml version="1.0"?>
<patchinfo incident="13014">
  <issue id="1144903" tracker="bnc">VUL-0: EMBARGOED: CVE-2019-10220: kernel-source: Samba servers can inject relative paths in directory entry lists</issue>
  <issue id="1153158" tracker="bnc">VUL-0: CVE-2019-17133: kernel-source: cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.</issue>
  <issue id="1153108" tracker="bnc">VUL-0: EMBARGOED: CVE-2019-10220: kernel live patch: Samba servers can inject relative paths in directory entry lists</issue>
  <issue id="1153161" tracker="bnc">VUL-0: CVE-2019-17133: kernel live patch: cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.</issue>
  <issue id="2019-10220" tracker="cve"/>
  <issue id="2019-17133" tracker="cve"/>
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 4.12.14-197_15 fixes several issues.

The following security issues were fixed:

- CVE-2019-10220: Fixed a relative path escape in the Samba client module (bsc#1144903, bsc#1153108).
- CVE-2019-17133: Fixed a buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c caused by long SSID IEs (bsc#1153158).
</description>
<summary>Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP1)</summary>
<issue id="904970" tracker="bnc"/><issue id="920633" tracker="bnc"/><issue id="920615" tracker="bnc"/><issue id="907150" tracker="bnc"/><issue id="317769" tracker="fate"/><issue id="930408" tracker="bnc"/><issue id="323682" tracker="fate"/><issue id="1103203" tracker="bnc"/><issue id="2019-10220" tracker="cve"/><issue id="1149841" tracker="bnc"/><issue id="2019-14835" tracker="cve"/><issue id="1151021" tracker="bnc"/><issue id="2019-17133" tracker="cve"/><issue id="1153161" tracker="bnc"/><issue id="1153108" tracker="bnc"/></patchinfo>