Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.4
patchinfo.import5359
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.import5359
<patchinfo incident="kernel" version="5359"> <issue tracker="bnc" id="711539" /> <issue tracker="bnc" id="713229" /> <issue tracker="bnc" id="642896" /> <issue tracker="bnc" id="649625" /> <issue tracker="bnc" id="638985" /> <issue tracker="bnc" id="626119" /> <issue tracker="bnc" id="686412" /> <issue tracker="bnc" id="678097" /> <issue tracker="bnc" id="712023" /> <issue tracker="bnc" id="706374" /> <issue tracker="bnc" id="669378" /> <issue tracker="bnc" id="719710" /> <issue tracker="bnc" id="718028" /> <issue tracker="bnc" id="719450" /> <issue tracker="bnc" id="712366" /> <issue tracker="bnc" id="716901" /> <issue tracker="bnc" id="697901" /> <issue tracker="bnc" id="711203" /> <issue tracker="bnc" id="714001" /> <issue tracker="bnc" id="682204" /> <issue tracker="bnc" id="692784" /> <issue tracker="bnc" id="672008" /> <issue tracker="CVE" id="CVE-2011-1833" /> <issue tracker="CVE" id="CVE-2011-2695" /> <issue tracker="CVE" id="CVE-2011-3363" /> <issue tracker="CVE" id="CVE-2011-2918" /> <issue tracker="CVE" id="CVE-2011-3353" /> <issue tracker="CVE" id="CVE-2011-2183" /> <issue tracker="CVE" id="CVE-2011-3191" /> <issue tracker="CVE" id="CVE-2011-1776" /> <category>security</category> <rating>low</rating> <summary>kernel: security and bugfix update.</summary> <description>The openSUSE 11.4 kernel was updated to 2.6.37.6 fixing lots of bugs and security issues. Following security issues have been fixed: CVE-2011-1833: Added a kernel option to ensure ecryptfs is mounting only on paths belonging to the current ui, which would have allowed local attackers to potentially gain privileges via symlink attacks. CVE-2011-2695: Multiple off-by-one errors in the ext4 subsystem in the Linux kernel allowed local users to cause a denial of service (BUG_ON and system crash) by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsigned integer. CVE-2011-3363: Always check the path in CIFS mounts to avoid interesting filesystem path interaction issues and potential crashes. CVE-2011-2918: In the perf framework software event overflows could deadlock or delete an uninitialized timer. CVE-2011-3353: In the fuse filesystem, FUSE_NOTIFY_INVAL_ENTRY did not check the length of the write so the message processing could overrun and result in a BUG_ON() in fuse_copy_fill(). This flaw could be used by local users able to mount FUSE filesystems to crash the system. CVE-2011-2183: Fixed a race between ksmd and other memory management code, which could result in a NULL ptr dereference and kernel crash. CVE-2011-3191: A signedness issue in CIFS could possibly have lead to to memory corruption, if a malicious server could send crafted replies to the host. CVE-2011-1776: The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel did not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allowed physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577. Following non-security bugs were fixed: - novfs: Unable to change password in the Novell Client for Linux (bnc#713229). - novfs: last modification time not reliable (bnc#642896). - novfs: unlink directory after unmap (bnc#649625). - fs: novfs: Fix exit handlers on local_unlink (bnc#649625). - novfs: "Unable to save Login Script" appears when trying to save a user login script (bnc#638985). - fs: novfs: Limit check for datacopy between user and kernel space. - novfs: Fix checking of login id (bnc#626119). - novfs: Set the sticky bit for the novfs mountpoint (bnc#686412). - ACPICA: Fix issues/fault with automatic "serialized" method support (bnc#678097). - drm/radeon/kms: Fix I2C mask definitions (bnc#712023). - ext4: Fix max file size and logical block counting of extent format file (bnc#706374). - novfs: fix off-by-one allocation error (bnc#669378 bnc#719710). - novfs: fix some kmalloc/kfree issues (bnc#669378 bnc#719710). - novfs: fix some DirCache locking issues (bnc#669378 bnc#719710). - memsw: remove noswapaccount kernel parameter (bnc#719450). - Provide memory controller swap extension. Keep the feature disabled by default. Use swapaccount=1 kernel boot parameter for enabling it. - Config cleanups: CONFIG_OLPC should be enabled only for i386 non PAE - TTY: pty, fix pty counting (bnc#711203). - USB: OHCI: fix another regression for NVIDIA controllers (bnc#682204). - xen/blkfront: avoid NULL de-reference in CDROM ioctl handling. - x86, mtrr: lock stop machine during MTRR rendezvous sequence (bnc#672008). </description> <packager>adrianSuSE</packager> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor