Plattformen: |
SUSE Linux Enterprise Server 9, SUSE Linux 9.2, SUSE Novell Linux Desktop 9, SUSE Linux 9.3, SUSE Open Enterprise Server, SUSE Linux 10.0, SUSE LINUX 10.1, SUSE SLES 10, SUSE SLED 10, SUSE Novell Linux POS 9, SUSE SLE 10 DEBUGINFO |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
SUSE Security Announcement
Package: kernel
Announcement ID: SUSE-SA:2006:057
Date: Thu, 28 Sep 2006 17:00:00 +0000
Affected Products: Novell Linux Desktop 9
Novell Linux POS 9
Open Enterprise Server
SUSE LINUX 10.1
SUSE LINUX 10.0
SUSE LINUX 9.3
SUSE LINUX 9.2
SUSE SLE 10 DEBUGINFO
SUSE SLED 10
SUSE SLES 10
SUSE SLES 9
Vulnerability Type: remote denial of service
Severity (1-10): 7
SUSE Default Package: yes
Cross-References: CVE-2006-3468, CVE-2006-3745, CVE-2006-4093
Content of This Advisory:
1) Security Vulnerability Resolved:
various kernel security problems
Problem Description
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
See SUSE Security Summary Report.
6) Authenticity Verification and Additional Information
______________________________________________________________________________
1) Problem Description and Brief Discussion
Various security problems were found and fixed in the Linux kernel.
We have released updates for following distributions:
- SUSE Linux Enterprise Server 9 (on September 21st)
- SUSE Linux Enterprise 10 (on September 26th)
- SUSE Linux 9.2 up to 10.1 (on September 14th)
The SUSE Linux Enterprise Server 10 kernel for the S/390 platform is
still pending due to platform specific issues found in QA and waiting
for further analysis.
Following security issues have been addressed:
- CVE-2006-3745: A double user space copy in a SCTP ioctl allows
local attackers to overflow a buffer in the kernel,
potentially allowing code execution and privilege
escalation.
- CVE-2006-4093: Local attackers were able to crash PowerPC systems
with PPC970 processor using a not correctly disabled
privileged instruction ("attn").
- CVE-2006-3468: Remote attackers able to access an NFS of a ext2 or
ext3 filesystem can cause a denial of service (file
system panic) via a crafted UDP packet with a V2
look up procedure that specifies a bad file handle
(inode number), which triggers an error and causes
an exported directory to be remounted read-only.
- Matthias Andree reported a deadlock in the NFS lockd to us, where
a remote attacker with access to lockd was able to at least crash
the lockd kernel process and so render NFS exports from this server
unusable. This problem existed only in the SUSE Linux 9.2 up to
10.0 kernels.
The SUSE Linux Enterprise kernels also received a number of bugfixes,
not listed here (please refer to the Novell TID pages listed below).
2) Solution or Work-Around
There is no known workaround, please install the update packages.
3) Special Instructions and Notes
None.
4) Package Location and Checksums
The preferred method for installing security updates is to use the YaST
Online Update (YOU) tool. YOU detects which updates are required and
automatically performs the necessary steps to verify and install them.
Alternatively, download the update packages for your distribution manually
and verify their integrity by the methods listed in Section 6 of this
announcement. Then install the packages using the command
rpm -Fhv <file.rpm>
to apply the update, replacing <file.rpm> with the filename of the
downloaded RPM package.
x86 Platform:
SUSE LINUX 10.1:
kernel-bigsmp-2.6.16.21-0.25.i586.rpm 26ee41f91791f2960f43e0d2c34cf111
kernel-debug-2.6.16.21-0.25.i586.rpm c647ad25d5138e1d283fa02531b7c612
kernel-default-2.6.16.21-0.25.i586.rpm 0655ceb69b59943d93d63e07f803af34
kernel-kdump-2.6.16.21-0.25.i586.rpm 9f274f216d6d980d71925298198f89ff
kernel-smp-2.6.16.21-0.25.i586.rpm 3bbed65fe2d793be471ec0ebca9489bf
kernel-source-2.6.16.21-0.25.i586.rpm ea0ca06ddd13803a4854bb953127b4e7
kernel-syms-2.6.16.21-0.25.i586.rpm e719ca56ca6b03db836251aa2f42c193
kernel-um-2.6.16.21-0.25.i586.rpm d64bdf65439078f98c8167ebc8d40eff
kernel-xen-2.6.16.21-0.25.i586.rpm 73ef09479e7dd484e039c99090ce532f
kernel-xenpae-2.6.16.21-0.25.i586.rpm a2127a9be7804e4c6ff781fa25a0f669
kexec-tools-1.101-32.18.i586.rpm 8ab73349be3faecc0b5ead1f1d43a8ce
kexec-tools-1.101-32.19.i586.rpm 9f749594cb21038f6d1ede1122471521
mkinitrd-1.2-106.18.i586.rpm 8cac732b2aa56ee7ca4e2a805d9e1ba0
mkinitrd-1.2-106.19.i586.rpm 2fe40e6a58b5efb8c40343bb2c869d83
multipath-tools-0.4.6-25.10.i586.rpm 5f560930255f944ec2f977884952571a
multipath-tools-0.4.6-25.11.i586.rpm ddf0978610451b0a053069fdf4bc6e73
open-iscsi-0.5.545-9.14.i586.rpm 7e1a2256a99b7bdc25519855a5e28234
open-iscsi-0.5.545-9.15.i586.rpm 6c7b0c7a2da71842535c8ec370552e27
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/udev-085-30.13.i586.rpm
2131ff74613d4b96f3f4c3c9549bdc91
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/udev-085-30.15.i586.rpm
2f1789a0213dcc06d7cacc5413fbf6af
SUSE LINUX 10.0:
Intel-536ep-4.69-14.7.i586.rpm 2af14df978db016abff71394be91f3d8
kernel-bigsmp-2.6.13-15.12.i586.rpm 4ec46129e95f86d1923b7ca09fb1de7e
kernel-bigsmp-nongpl-2.6.13-15.12.i586.rpm a85f38ca6fd0249e04d218ebe3c04b4f
kernel-default-2.6.13-15.12.i586.rpm 95fb71b8087ed73337b2a3a30ff5b7fc
kernel-default-nongpl-2.6.13-15.12.i586.rpm ff0e216a784386933362bf7db380b819
kernel-smp-2.6.13-15.12.i586.rpm 4b545ecf3e2ef7b3d02bdc130afe61a7
kernel-smp-nongpl-2.6.13-15.12.i586.rpm 040a65937bea52ee354a44c6e8ea0dd5
kernel-source-2.6.13-15.12.i586.rpm b99214d91edb56eefac0fd7502485e6e
kernel-syms-2.6.13-15.12.i586.rpm 850a089ddb0a6c97ad78a88a04e45820
kernel-um-2.6.13-15.12.i586.rpm ba0afa63f5cccc66c6a6270264b04894
kernel-um-nongpl-2.6.13-15.12.i586.rpm fc0157febbcff6f2fb3b8e596ec22bdf
kernel-xen-2.6.13-15.12.i586.rpm b50f100866a55617e3b6724740c0dd41
kernel-xen-nongpl-2.6.13-15.12.i586.rpm ccd26549d72a980c616583c4c552dc9b
um-host-kernel-2.6.13-15.12.i586.rpm 3b63fca8d78139ecedc8627707b1588d
SUSE LINUX 9.3:
Intel-536ep-4.69-10.8.i586.rpm 2b8178c9b01b851ba8f5a9ecdcc6f6a4
kernel-bigsmp-2.6.11.4-21.14.i586.rpm 152d28fee5c9cd4fb778a8a4c3660226
kernel-bigsmp-nongpl-2.6.11.4-21.14.i586.rpm 2d60e8b3eb5668cecb80299d0d88aa33
kernel-default-2.6.11.4-21.14.i586.rpm 416ff9c4f2fc7dea1cbdc03c6e862351
kernel-default-nongpl-2.6.11.4-21.14.i586.rpm 25faa5a8ec4792f9fe81730be064542b
kernel-smp-2.6.11.4-21.14.i586.rpm 318179da1b704cb58d56c2b788918406
kernel-smp-nongpl-2.6.11.4-21.14.i586.rpm 3431140892a4af27a15bba7cf3941342
kernel-source-2.6.11.4-21.14.i586.rpm 3d4450f5875e2b373a041dd012d4e597
kernel-syms-2.6.11.4-21.14.i586.rpm 1db4ce873dd95631365d2d15b0cfe202
kernel-um-2.6.11.4-21.14.i586.rpm 8dd722f05ef44b48f11980dcbf7b6739
kernel-um-nongpl-2.6.11.4-21.14.i586.rpm 7ead5d3f4e87183b5a746e63bb3af48c
kernel-xen-2.6.11.4-21.14.i586.rpm ce09371496e027006e0a693a56bbdbbb
kernel-xen-nongpl-2.6.11.4-21.14.i586.rpm f391d767e4cb4ada285618d95be3e23c
ltmodem-8.31a10-7.8.i586.rpm 4cdc5561fd4f17991f710e179ba76cac
um-host-install-initrd-1.0-50.8.i586.rpm 9fcc211d480cb3cbdb1555d70b0f7bb9
um-host-kernel-2.6.11.4-21.14.i586.rpm ec605260f319746da30a892839b7c1c1
SUSE LINUX 9.2:
Intel-536ep-4.69-5.17.i586.rpm 038656a7cce85c5c86985d15ba0e556d
kernel-bigsmp-2.6.8-24.25.i586.rpm 7894bdea230a27609e922430f61ef8c1
kernel-bigsmp-nongpl-2.6.8-24.25.i586.rpm a245181f7371eb502c34365d42dc8b3a
kernel-default-2.6.8-24.25.i586.rpm 46bb52ad6dd33ba0c54d00f132b8657d
kernel-default-nongpl-2.6.8-24.25.i586.rpm e6f18530619112a4a870f8fb2fe4dc44
kernel-smp-2.6.8-24.25.i586.rpm 7f9e8b77ee9aef4f7076ad578d623cb0
kernel-smp-nongpl-2.6.8-24.25.i586.rpm cf7d45606257c1a28f19e77d9f27d0d4
kernel-source-2.6.8-24.25.i586.rpm f0f1443dd8e7642f2d215cb0fef4a74c
kernel-syms-2.6.8-24.25.i586.rpm 52a6cd1a67bfd3b3523f71ff5593fddb
kernel-um-2.6.8-24.25.i586.rpm f8ddfaedc0c27a7f7f2635992908e11b
kernel-um-nongpl-2.6.8-24.25.i586.rpm 655a456ed974b72b307194fd21e730ee
ltmodem-8.31a8-6.17.i586.rpm 185b53741ed424c4763bddf5015e0535
um-host-install-initrd-1.0-48.16.i586.rpm 8ae192eefa7d9760045f6d57ea3d3c02
um-host-kernel-2.6.8-24.25.i586.rpm 6e9c55225262d3b3a03f79dff3644241
Platform Independent:
SUSE LINUX 9.3:
kernel-docs-2.6.11.4-21.14.noarch.rpm 0fad36276d5bae4fc03610c0719a077d
SUSE LINUX 9.2:
kernel-docs-2.6.8-24.25.noarch.rpm 123eadba5982d48938ff49b75d8bfd93
Power PC Platform:
SUSE LINUX 10.1:
kernel-default-2.6.16.21-0.25.ppc.rpm 20b5b086a22f22fae0b91d12798b39df
kernel-iseries64-2.6.16.21-0.25.ppc.rpm 64d801cdcd4bfdde674ec72c398e7420
kernel-kdump-2.6.16.21-0.25.ppc.rpm 237576cf62c8d529d42cc6d5c687f703
kernel-ppc64-2.6.16.21-0.25.ppc.rpm 417368a7cfaba1f67122974224f4cd71
kernel-source-2.6.16.21-0.25.ppc.rpm 2c14c599f55356d0bd8241c0043fe560
kernel-syms-2.6.16.21-0.25.ppc.rpm d52c2745e3a20d985cf2a3bb6ac65fde
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mkinitrd-1.2-106.18.ppc.rpm
a7beef801eeb05247bccf4dddea5f48d
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mkinitrd-1.2-106.19.ppc.rpm
3cb51185fccc353b29c746fb90959cd0
multipath-tools-0.4.6-25.10.ppc.rpm 83a1fc32e74747fd612af24cd46ac943
multipath-tools-0.4.6-25.11.ppc.rpm 6d9721cccbd73f0949c488de60d2723f
open-iscsi-0.5.545-9.14.ppc.rpm 0bbcac956f8ac2a799b9b3d1a39cc84b
open-iscsi-0.5.545-9.15.ppc.rpm 75c1c4739d87ea4b7dc9b7dad427c0d0
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/udev-085-30.13.ppc.rpm
781bc7be83179f251ba5514793425c4c
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/udev-085-30.15.ppc.rpm
86dc31bcd413ef0ccc98966a41fd6c07
SUSE LINUX 10.0:
kernel-default-2.6.13-15.12.ppc.rpm 6fdc8658c4605aa4800a3a50f57460fd
kernel-iseries64-2.6.13-15.12.ppc.rpm c90240b82bfa0bd20e20a1000fca9207
kernel-ppc64-2.6.13-15.12.ppc.rpm 21d8fffc3d831ac395d293ce434a3101
kernel-source-2.6.13-15.12.ppc.rpm 96d98884803aad3c0d6886a208a5d16d
kernel-syms-2.6.13-15.12.ppc.rpm 188959ddae5c169c6c745ed0619f4c1b
x86-64 Platform:
SUSE LINUX 10.1:
kernel-debug-2.6.16.21-0.25.x86_64.rpm 407fa7974e9042fa81f3a1ece4b64894
kernel-default-2.6.16.21-0.25.x86_64.rpm e38811a6f40c5bb0b5e38bafaeb2a30e
kernel-kdump-2.6.16.21-0.25.x86_64.rpm a4954cd4dbc27ed99453119749075228
kernel-smp-2.6.16.21-0.25.x86_64.rpm 86ea460aeb5f7749bc0ea8e2f5d7f986
kernel-source-2.6.16.21-0.25.x86_64.rpm 8e3f29905322d570b0f22dd440f15d5a
kernel-syms-2.6.16.21-0.25.x86_64.rpm b5fb7d58c39ed10cf9a78edf6c6b0e57
kernel-xen-2.6.16.21-0.25.x86_64.rpm e61f4590776bf88a83480f22396e2353
kexec-tools-1.101-32.18.x86_64.rpm a0097406eb277a8a126f182e83acad9f
kexec-tools-1.101-32.19.x86_64.rpm 64b12b3c69f02f981484941e09dd1305
mkinitrd-1.2-106.18.x86_64.rpm c3d37645b7b2be4906d5183e69407196
mkinitrd-1.2-106.19.x86_64.rpm 12837d37eaa3234edeaba256472943ea
multipath-tools-0.4.6-25.10.x86_64.rpm 11b9458db5cd66552811d0da052e47a9
multipath-tools-0.4.6-25.11.x86_64.rpm 8f3f08bdc5896c3f0fc8ab629b8845d0
open-iscsi-0.5.545-9.14.x86_64.rpm 1523eed567a3e8413ea01253c750e1f3
open-iscsi-0.5.545-9.15.x86_64.rpm 1e882a55477b9ad85ee43e0d7185571d
udev-085-30.13.x86_64.rpm 18bd9ae1d14e1f7cde21ef302c007f2f
udev-085-30.15.x86_64.rpm d2573b55f593de8d1695d3a41182ac5c
SUSE LINUX 10.0:
kernel-default-2.6.13-15.12.x86_64.rpm 07e8e89fc66fe07f36e4d4e09f70a7cb
kernel-default-nongpl-2.6.13-15.12.x86_64.rpm 30b8b37d91e9c90e88a7d98d597e418c
kernel-smp-2.6.13-15.12.x86_64.rpm 3cd105d707c55c893cf8f20d9e57bfe1
kernel-smp-nongpl-2.6.13-15.12.x86_64.rpm 2affd3ce1908e4f20260f70a7b65f540
kernel-source-2.6.13-15.12.x86_64.rpm ba3484999dc5acdd02d61ce251031f02
kernel-syms-2.6.13-15.12.x86_64.rpm 8a84195236b9daf739776049eb163454
kernel-xen-2.6.13-15.12.x86_64.rpm 9c84162cb6a4648206eb17d59dd193bc
kernel-xen-nongpl-2.6.13-15.12.x86_64.rpm eca45a94e1400b2ed794f45c963a02e3
SUSE LINUX 9.3:
kernel-default-2.6.11.4-21.14.x86_64.rpm 7516001db6c4da22c1311a4c6fbb81d5
kernel-default-nongpl-2.6.11.4-21.14.x86_64.rpm b5be7f122d6b333e730eaf33dfc2ec32
kernel-smp-2.6.11.4-21.14.x86_64.rpm cb5ad4009bb96c8e60733f7732626d7c
kernel-smp-nongpl-2.6.11.4-21.14.x86_64.rpm e2656b47c8745963677435f4e379092c
kernel-source-2.6.11.4-21.14.x86_64.rpm 2329c9588f91a765e671b9db01cddcf8
kernel-syms-2.6.11.4-21.14.x86_64.rpm 7a393b3bdf27d0c1f7bd236ed0dd6805
SUSE LINUX 9.2:
kernel-default-2.6.8-24.25.x86_64.rpm 746c1b1f8080aadb9c6224ed3e2cdbb5
kernel-default-nongpl-2.6.8-24.25.x86_64.rpm 2e022be7d2f48f73ca28e8ed0e53f6ff
kernel-smp-2.6.8-24.25.x86_64.rpm c9ba42011cf7fe08bf4528cd20cc13c3
kernel-smp-nongpl-2.6.8-24.25.x86_64.rpm 37dba688d48ac29f86889b82af1fc803
kernel-source-2.6.8-24.25.x86_64.rpm b9ab803971d96f20c0cfdc5970a59912
kernel-syms-2.6.8-24.25.x86_64.rpm 0edad8e927be3183d3c32c5530202693
Sources:
SUSE LINUX 10.1:
kernel-bigsmp-2.6.16.21-0.25.nosrc.rpm 02047b35925ab3e1ad77152469b5fcfe
kernel-debug-2.6.16.21-0.25.nosrc.rpm db7a4a3de5958502cb1a0271c218d972
kernel-default-2.6.16.21-0.25.nosrc.rpm e0a654f9bf9c0c632a52c77aa7352d08
kernel-iseries64-2.6.16.21-0.25.nosrc.rpm 7908e6d951e39975d3eb6c92c1bc37e9
kernel-kdump-2.6.16.21-0.25.nosrc.rpm 8be0d70f4f6a1965ad9c3bd6550c800a
kernel-ppc64-2.6.16.21-0.25.nosrc.rpm 167c55c6967fa50bdd93f78883832d03
kernel-smp-2.6.16.21-0.25.nosrc.rpm 007dcc251e8d77fde2fb2d16b54e0c09
kernel-source-2.6.16.21-0.25.src.rpm 75d155d775f982603a03d7fc81540865
kernel-syms-2.6.16.21-0.25.src.rpm 570ad5f425bd98d328930c073a5592c1
kernel-um-2.6.16.21-0.25.nosrc.rpm ee91eb16467c7080a153550f6731665b
kernel-xen-2.6.16.21-0.25.nosrc.rpm 2de232b8508674051fe96476aad1d122
kernel-xenpae-2.6.16.21-0.25.nosrc.rpm 4cb0833d3f1f60544858a129240adda6
kexec-tools-1.101-32.18.src.rpm 0f29b25c5c5a6c2cc9fcbc23c53f3479
kexec-tools-1.101-32.19.src.rpm 45e46db0edafd400bfdab8b58fd206ec
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/mkinitrd-1.2-106.18.src.rpm
b28e2812bcbb47e8d3666838513675a6
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/mkinitrd-1.2-106.19.src.rpm
aa1e25d84eca64c10f825dde7fb2208a
multipath-tools-0.4.6-25.10.src.rpm 85607a495f3a69e8335a5c0e69c421d3
multipath-tools-0.4.6-25.11.src.rpm e7a66c40e16808d5cc72c7637e378637
open-iscsi-0.5.545-9.14.src.rpm 3394b2319cd4cda72161db7977ed2359
open-iscsi-0.5.545-9.15.src.rpm 10646530f2302ece6e597129dd24113f
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/udev-085-30.13.src.rpm
24b94ef552acc2d43f0588c630a1e9b0
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/udev-085-30.15.src.rpm
ad593e66581e0b905050a15cc7a65fb8
SUSE LINUX 10.0:
Intel-536ep-4.69-14.7.src.rpm 5ae584684e85f709d4a871f4de6c4df4
kernel-bigsmp-2.6.13-15.12.nosrc.rpm a3f82ff354aa48d0721f26b14859f27b
kernel-default-2.6.13-15.12.nosrc.rpm e9b63dc3399d8ddfb649e0aeec323372
kernel-iseries64-2.6.13-15.12.nosrc.rpm 13248d29e9cdbed7d90bbc8d6cbc08d6
kernel-ppc64-2.6.13-15.12.nosrc.rpm 8011760bc1e22c87fd2f3f3fad2d4d45
kernel-smp-2.6.13-15.12.nosrc.rpm 3e9c1ff772c853e74b3311ffff6a60d2
kernel-source-2.6.13-15.12.nosrc.rpm 151894265d76bef5b295f16d99e0ef16
kernel-source-2.6.13-15.12.src.rpm b20b08230e3f7f9f4e685d567f023919
kernel-syms-2.6.13-15.12.src.rpm 3b2d4f9d0a5e3131fc355ed38942a65d
kernel-um-2.6.13-15.12.nosrc.rpm 84cc165050a33e8ebe7bb8adaa0dd9c3
kernel-xen-2.6.13-15.12.nosrc.rpm ee4e5fc534f0f34d925b309945721342
SUSE LINUX 9.3:
Intel-536ep-4.69-10.8.src.rpm a8cafba62a93b64bc38fc79615b6d590
kernel-bigsmp-2.6.11.4-21.14.nosrc.rpm 44d3eea6d288f9edc59fcc5f6dea4178
kernel-default-2.6.11.4-21.14.nosrc.rpm 62748061a37469af50b7b9e2fc5fe795
kernel-docs-2.6.11.4-21.14.src.rpm ecc6e515a2604d9099abf33c94432d65
kernel-smp-2.6.11.4-21.14.nosrc.rpm fad50e98426d6abbb246017a1627a692
kernel-source-2.6.11.4-21.14.src.rpm 8c6e300fafb0e1387a0f00c817190da2
kernel-syms-2.6.11.4-21.14.src.rpm 00b0d5d6ec6dbd3cd7eca40f27bdb57f
kernel-um-2.6.11.4-21.14.nosrc.rpm 9877dbacf6298140c1489bb9bdfd11c6
kernel-xen-2.6.11.4-21.14.nosrc.rpm a45d90badc71f999edf2faf759890895
ltmodem-8.31a10-7.8.src.rpm 722f60ef83aeba40e56a2f1d89fc3d37
um-host-install-initrd-1.0-50.8.src.rpm 762d225dd1465436e7b854a35ea1a93e
SUSE LINUX 9.2:
Intel-536ep-4.69-5.17.src.rpm 35a62f1a4ffb10b4cada1980d82cf45f
kernel-bigsmp-2.6.8-24.25.nosrc.rpm d26b9bc28d4a47189422952f63c27113
kernel-default-2.6.8-24.25.nosrc.rpm f2d21ad973085053bd882a0f53733678
kernel-docs-2.6.8-24.25.src.rpm 8a13bf708aa71befa8ffc7e8ffcf722d
kernel-smp-2.6.8-24.25.nosrc.rpm 27651472ede629d5276e818e7189de51
kernel-source-2.6.8-24.25.src.rpm 74181284da47a0164a5314a22c6922c0
kernel-syms-2.6.8-24.25.src.rpm 16d3393e60b6f5c9dcb5dd836a9f332b
kernel-um-2.6.8-24.25.nosrc.rpm cc2ae39d0bf5dd0d00100e66a6867edc
ltmodem-8.31a8-6.17.src.rpm b0b40a64fb09d2969564b281f1a168d9
um-host-install-initrd-1.0-48.16.src.rpm fb30549494b3c02fd9e7bcb0d31487af
Our maintenance customers are notified individually. The packages are
offered for installation from the maintenance web:
SUSE SLED 10 for AMD64 and Intel EM64T
c36e25c3bc040fa8da0dac65d0a11e20.html
SUSE SLES 10
c36e25c3bc040fa8da0dac65d0a11e20.html 7d34da4852342609ccc4eae93e12e994.html 5f920b87f4abe21a324ff6def42a562f.html 897ffd66535d805196af98da15b00f72.html
SUSE SLED 10
c36e25c3bc040fa8da0dac65d0a11e20.html 897ffd66535d805196af98da15b00f72.html
SUSE SLED 10 for x86
897ffd66535d805196af98da15b00f72.html
SUSE CORE 9 for IBM zSeries 64bit
14f276ed108cb62104b1743ee48bd92b.html
SUSE CORE 9 for IBM S/390 31bit
d501672f20f1f468d24344550dbc92e0.html
SUSE CORE 9 for IBM POWER
5ba747ab54f313a5bd8726ca99439c15.html
SUSE CORE 9 for AMD64 and Intel EM64T
261185f7ea10c374f4fc53453e6ef3d7.html
SUSE CORE 9 for Itanium Processor Family
b8565f7473b0f60258a2da4e825025da.html
Novell Linux Desktop 9
261185f7ea10c374f4fc53453e6ef3d7.html e2ef926c5f7d109a84807c89d6446736.html
SUSE SLES 9
14f276ed108cb62104b1743ee48bd92b.html d501672f20f1f468d24344550dbc92e0.html 5ba747ab54f313a5bd8726ca99439c15.html 261185f7ea10c374f4fc53453e6ef3d7.html b8565f7473b0f60258a2da4e825025da.html e2ef926c5f7d109a84807c89d6446736.html
Open Enterprise Server
e2ef926c5f7d109a84807c89d6446736.html 25b56bb7bbe0db4e56b56f5edd414e9b.html
Novell Linux POS 9
e2ef926c5f7d109a84807c89d6446736.html 25b56bb7bbe0db4e56b56f5edd414e9b.html
SUSE CORE 9 for x86
e2ef926c5f7d109a84807c89d6446736.html 25b56bb7bbe0db4e56b56f5edd414e9b.html
SUSE SLE 10 DEBUGINFO for IBM POWER
7d34da4852342609ccc4eae93e12e994.html
SUSE SLE 10 DEBUGINFO for IPF
5f920b87f4abe21a324ff6def42a562f.html
SUSE SLE 10 DEBUGINFO
c36e25c3bc040fa8da0dac65d0a11e20.html 7d34da4852342609ccc4eae93e12e994.html 5f920b87f4abe21a324ff6def42a562f.html 897ffd66535d805196af98da15b00f72.html ______________________________________________________________________________
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
See SUSE Security Summary Report.
______________________________________________________________________________
6) Authenticity Verification and Additional Information
- Announcement authenticity verification:
SUSE security announcements are published via mailing lists and on Web
sites. The authenticity and integrity of a SUSE security announcement is
guaranteed by a cryptographic signature in each announcement. All SUSE
security announcements are published with a valid signature.
To verify the signature of the announcement, save it as text into a file
and run the command
gpg --verify <file>
replacing <file> with the name of the file where you saved the
announcement. The output for a valid signature looks like:
gpg: Signature made <DATE> using RSA key ID 3D25D3D9
gpg: Good signature from "SuSE Security Team <security@suse.de>"
where <DATE> is replaced by the date the document was signed.
If the security team's key is not contained in your key ring, you can
import it from the first installation CD. To import the key, use the
command
gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
- Package authenticity verification:
SUSE update packages are available on many mirror FTP servers all over the
world. While this service is considered valuable and important to the free
and open source software community, the authenticity and the integrity of
a package needs to be verified to ensure that it has not been tampered
with.
There are two verification methods that can be used independently from
each other to prove the authenticity of a downloaded file or RPM package:
1) Using the internal gpg signatures of the rpm package
2) MD5 checksums as provided in this announcement
1) The internal rpm package signatures provide an easy way to verify the
authenticity of an RPM package. Use the command
rpm -v --checksig <file.rpm>
to verify the signature of the package, replacing <file.rpm> with the
filename of the RPM package downloaded. The package is unmodified if it
contains a valid signature from build@suse.de with the key ID 9C800ACA.
This key is automatically imported into the RPM database (on
RPMv4-based distributions) and the gpg key ring of 'root' during
installation. You can also find it on the first installation CD and at
the end of this announcement.
2) If you need an alternative means of verification, use the md5sum
command to verify the authenticity of the packages. Execute the command
md5sum <filename.rpm>
after you downloaded the file from a SUSE FTP server or its mirrors.
Then compare the resulting md5sum with the one that is listed in the
SUSE security announcement. Because the announcement containing the
checksums is cryptographically signed (by security@suse.de), the
checksums show proof of the authenticity of the package if the
signature of the announcement is valid. Note that the md5 sums
published in the SUSE Security Announcements are valid for the
respective packages only. Newer versions of these packages cannot be
verified.
- SUSE runs two security mailing lists to which any interested party may
subscribe:
suse-security@suse.com
- General Linux and SUSE security discussion.
All SUSE security announcements are sent to this list.
To subscribe, send an e-mail to
<suse-security-subscribe@suse.com>.
suse-security-announce@suse.com
- SUSE's announce-only mailing list.
Only SUSE's security announcements are sent to this list.
To subscribe, send an e-mail to
<suse-security-announce-subscribe@suse.com>.
For general information or the frequently asked questions (FAQ),
send mail to <suse-security-info@suse.com> or
<suse-security-faq@suse.com>.
=====================================================================
SUSE's security contact is <security@suse.com> or <security@suse.de>.
The <security@suse.de> public key is listed below.
=====================================================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. In particular, the
clear text signature should show proof of the authenticity of the text.
SUSE Linux Products GmbH provides no warranties of any kind whatsoever
with respect to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security@suse.de>
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build@suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.2 (GNU/Linux)
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU
F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS
FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW
tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It
Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF
AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+
3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk
YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP
+Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR
8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U
8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S
cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh
ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB
UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo
AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n
KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi
BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro
nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg
KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx
yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn
B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV
wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh
UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF
5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3
D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu
zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd
9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi
a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13
CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp
271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE
t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG
B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw
rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt
IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL
rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H
RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa
g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA
CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO
=ypVs
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iQEVAwUBRRvl53ey5gA9JdPZAQKJ+Af+Id2deeCw1I90lrdX9kZqCUuQjvF54kF0
5QvfrhMA+sYmaCeopHj69B0U/y1cJWRLUuv0gTEna0Y2mdUsI43BRc46k/COgS9y
J7vciNKFBtvSi+9dmhSm/5Z0mX3n5ZGjy2cP/o7Q9ryBu7W56DMcjr/cJIFxINUj
fPylPfmw6tWzNDQBOXKx0kvC8v8sdUTXRI8oCeS5ABykE/wlfYA3DluT7t/RwQxg
k0//O/cUbFHJl0vcalc9496cLAwVHhiMpzvTrkscB+yWIpz9ktlwoWuh+4QupK89
J1mVzOkRb3NkxLfu9mJi3ec0tvt4wCa5ufZnu++qVNkOC1BtiGpF4Q==
=uYoE
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: suse-security-announce-unsubscribe@suse.com
For additional commands, e-mail: suse-security-announce-help@suse.com
|