The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to version 3.0.101 and also includes various other bug and security fixes.
The following features have been added :
Drivers: hv: Support handling multiple VMBUS versions (FATE#314665).
Drivers: hv: Save and export negotiated vmbus version (FATE#314665).
Drivers: hv: Move vmbus version definitions to hyperv.h (FATE#314665). The following security issue has been fixed :
The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel did not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allowed remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic. (bnc#826102). (CVE-2013-2206)
The following non-security bugs have been fixed :
mm, memcg: introduce own oom handler to iterate only over its own threads.
mm, memcg: move all oom handling to memcontrol.c.
mm, oom: avoid looping when chosen thread detaches its mm.
mm, oom: fold oom_kill_task() into oom_kill_process().
mm, oom: introduce helper function to process threads during scan.
mm, oom: reduce dependency on tasklist_lock (Reduce tasklist_lock hold times). (bnc#821259)
mm: do not walk all of system memory during show_mem (Reduce tasklist_lock hold times). (bnc#821259)
iommu/vt-d: add quirk for broken interrupt remapping on 55XX chipsets. (bnc#844513)
x86/iommu/vt-d: Expand interrupt remapping quirk to cover x58 chipset. (bnc#844513)
iommu/vt-d: Only warn about broken interrupt remapping.
(bnc#844513)
iommu: Remove stack trace from broken irq remapping warning. (bnc#844513)
intel-iommu: Fix leaks in pagetable freeing.
(bnc#841402)
Revert aer_recover_queue() GENKSYMS hack, add a fake symset with the previous value instead. (bnc#847721)
i2c: ismt: initialize DMA buffer. (bnc#843753)
powerpc/irq: Run softirqs off the top of the irq stack.
(bnc#847319)
quirks: add touchscreen that is dazzeled by remote wakeup. (bnc#835930)
kernel: sclp console hangs (bnc#841498, LTC#95711).
tty/hvc_iucv: Disconnect IUCV connection when lowering DTR (bnc#839973,LTC#97595).
tty/hvc_console: Add DTR/RTS callback to handle HUPCL control (bnc#839973,LTC#97595).
softirq: reduce latencies. (bnc#797526)
X.509: Remove certificate date checks. (bnc#841656)
config/debug: Enable FSCACHE_DEBUG and CACHEFILES_DEBUG.
(bnc#837372)
splice: fix racy pipe->buffers uses. (bnc#827246)
blktrace: fix race with open trace files and directory removal. (bnc#832292)
rcu: Do not trigger false positive RCU stall detection.
(bnc#834204)
kernel: allow program interruption filtering in user space (bnc#837596, LTC#97332).
Audit: do not print error when LSMs disabled.
(bnc#842057)
SUNRPC: close a rare race in xs_tcp_setup_socket.
(bnc#794824)
Btrfs: fix negative qgroup tracking from owner accounting. (bnc#821948)
cifs: fill TRANS2_QUERY_FILE_INFO ByteCount fields.
(bnc#804950)
NFS: make nfs_flush_incompatible more generous.
(bnc#816099)
xfs: growfs: use uncached buffers for new headers.
(bnc#842604)
NFS: do not try to use lock state when we hold a delegation. (bnc#831029)
NFS: nfs_lookup_revalidate(): fix a leak. (bnc#828894)
fs: do_add_mount()/umount -l races. (bnc#836801)
xfs: avoid double-free in xfs_attr_node_addname.
xfs: Check the return value of xfs_buf_get().
(bnc#842604)
iscsi: do not hang in endless loop if no targets present. (bnc#841094)
scsi_dh_alua: Allow get_alua_data() to return NULL.
(bnc#839407)
cifs: revalidate directories instiantiated via FIND_ in order to handle DFS referrals. (bnc#831143)
cifs: do not instantiate new dentries in readdir for inodes that need to be revalidated immediately.
(bnc#831143)
cifs: rename cifs_readdir_lookup to cifs_prime_dcache and make it void return. (bnc#831143)
cifs: get rid of blind d_drop() in readdir. (bnc#831143)
cifs: cleanup cifs_filldir. (bnc#831143)
cifs: on send failure, readjust server sequence number downward. (bnc#827966)
cifs: adjust sequence number downward after signing NT_CANCEL request. (bnc#827966)
cifs: on send failure, readjust server sequence number downward. (bnc#827966)
cifs: adjust sequence number downward after signing NT_CANCEL request. (bnc#827966)
reiserfs: fix race with flush_used_journal_lists and flush_journal_list. (bnc#837803)
reiserfs: remove useless flush_old_journal_lists.
lib/radix-tree.c: make radix_tree_node_alloc() work correctly within interrupt. (bnc#763463)
md: Throttle number of pending write requests in md/raid10. (bnc#833858)
dm: ignore merge_bvec for snapshots when safe.
(bnc#820848)
ata: Set proper SK when CK_COND is set. (bnc#833588)
Btrfs: abort unlink trans in missed error case.
Btrfs: add all ioctl checks before user change for quota operations.
Btrfs: add a rb_tree to improve performance of ulist search.
Btrfs: add btrfs_fs_incompat helper.
Btrfs: add ioctl to wait for qgroup rescan completion.
Btrfs: add log message stubs.
Btrfs: add missing error checks to add_data_references.
Btrfs: add missing error code to BTRFS_IOC_INO_LOOKUP handler.
Btrfs: add missing error handling to read_tree_block.
Btrfs: add missing mounting options in btrfs_show_options().
Btrfs: add sanity checks regarding to parsing mount options.
Btrfs: add some missing iput()s in btrfs_orphan_cleanup.
Btrfs: add tree block level sanity check.
Btrfs: allocate new chunks if the space is not enough for global rsv.
Btrfs: allow file data clone within a file.
Btrfs: allow superblock mismatch from older mkfs.
Btrfs: annotate quota tree for lockdep.
Btrfs: automatic rescan after ‘quota enable’ command (FATE#312751).
Btrfs: change how we queue blocks for backref checking.
Btrfs: check if leafs parent exists before pushing items around.
Btrfs: check if we can nocow if we do not have data space.
Btrfs: check return value of commit when recovering log.
Btrfs: clean snapshots one by one.
Btrfs: cleanup destroy_marked_extents.
Btrfs: cleanup fs roots if we fail to mount.
Btrfs: cleanup orphaned root orphan item.
Btrfs: cleanup reloc roots properly on error.
Btrfs: Cleanup some redundant codes in btrfs_lookup_csums_range().
Btrfs: clean up transaction abort messages.
Btrfs: cleanup unused arguments of btrfs_csum_data.
Btrfs: clear received_uuid field for new writable snapshots.
Btrfs: compare relevant parts of delayed tree refs.
Btrfs: cover more error codes in btrfs_decode_error.
Btrfs: creating the subvolume qgroup automatically when enabling quota.
Btrfs: deal with bad mappings in btrfs_map_block.
Btrfs: deal with errors in write_dev_supers.
Btrfs: deal with free space cache errors while replaying log.
Btrfs: deprecate subvolrootid mount option.
Btrfs: do away with non-whole_page extent I/O.
Btrfs: do delay iput in sync_fs.
Btrfs: do not clear our orphan item runtime flag on eexist.
Btrfs: do not continue if out of memory happens.
Btrfs: do not offset physical if we are compressed.
Btrfs: do not pin while under spin lock.
Btrfs: do not abort the current transaction if there is no enough space for inode cache.
Btrfs: do not allow a subvol to be deleted if it is the default subovl.
Btrfs: do not BUG_ON() in btrfs_num_copies.
Btrfs: do not bug_on when we fail when cleaning up transactions.
Btrfs: do not call readahead hook until we have read the entire eb.
Btrfs: do not delete fs_roots until after we cleanup the transaction.
Btrfs: dont do log_removal in insert_new_root.
Btrfs: do not force pages under writeback to finish when aborting.
Btrfs: do not ignore errors from btrfs_run_delayed_items.
Btrfs: do not invoke btrfs_invalidate_inodes() in the spin lock context.
Btrfs: do not miss inode ref items in BTRFS_IOC_INO_LOOKUP.
Btrfs: do not NULL pointer deref on abort.
Btrfs: do not panic if we are trying to drop too many refs.
Btrfs: do not steal the reserved space from the global reserve if their space type is different.
Btrfs: do not stop searching after encountering the wrong item.
Btrfs: do not try and free ebs twice in log replay.
Btrfs: do not use global block reservation for inode cache truncation.
Btrfs: do not wait on ordered extents if we have a trans open.
Btrfs: Drop inode if inode root is NULL.
Btrfs: enhance superblock checks.
Btrfs: exclude logged extents before replying when we are mixed.
Btrfs: explicitly use global_block_rsv for quota_tree.
Btrfs: fall back to global reservation when removing subvolumes.
Btrfs: fix a bug of snapshot-aware defrag to make it work on partial extents.
Btrfs: fix accessing a freed tree root.
Btrfs: fix accessing the root pointer in tree mod log functions.
Btrfs: fix all callers of read_tree_block.
Btrfs: fix a warning when disabling quota.
Btrfs: fix a warning when updating qgroup limit.
Btrfs: fix backref walking when we hit a compressed extent.
Btrfs: fix bad extent logging.
Btrfs: fix broken nocow after balance.
Btrfs: fix confusing edquot happening case.
Btrfs: fix double free in the iterate_extent_inodes().
Btrfs: fix error handling in btrfs_ioctl_send().
Btrfs: fix error handling in make/read block group.
Btrfs: fix estale with btrfs send.
Btrfs: fix extent buffer leak after backref walking.
Btrfs: fix extent logging with O_DIRECT into prealloc.
Btrfs: fix file truncation if FALLOC_FL_KEEP_SIZE is specified.
Btrfs: fix get set label blocking against balance.
Btrfs: fix infinite loop when we abort on mount.
Btrfs: fix inode leak on kmalloc failure in tree-log.c.
Btrfs: fix lockdep warning.
Btrfs: fix lock leak when resuming snapshot deletion.
Btrfs: fix memory leak of orphan block rsv.
Btrfs: fix missing check about ulist_add() in qgroup.c.
Btrfs: fix missing check before creating a qgroup relation.
Btrfs: fix missing check in the btrfs_qgroup_inherit().
Btrfs: fix off-by-one in fiemap.
Btrfs: fix oops when writing dirty qgroups to disk.
Btrfs: fix possible infinite loop in slow caching.
Btrfs: fix possible memory leak in replace_path().
Btrfs: fix possible memory leak in the find_parent_nodes().
Btrfs: fix printing of non NULL terminated string.
Btrfs: fix qgroup rescan resume on mount.
Btrfs: fix reada debug code compilation.
Btrfs: fix the error handling wrt orphan items.
Btrfs: fix transaction throttling for delayed refs.
Btrfs: fix tree mod log regression on root split operations.
Btrfs: fix unblocked autodefraggers when remount.
Btrfs: fix unlock after free on rewinded tree blocks.
Btrfs: fix unprotected root node of the subvolumes inode rb-tree.
Btrfs: fix use-after-free bug during umount.
Btrfs: free csums when we are done scrubbing an extent.
Btrfs: handle errors returned from get_tree_block_key.
Btrfs: handle errors when doing slow caching.
Btrfs: hold the tree mod lock in __tree_mod_log_rewind.
Btrfs: ignore device open failures in
__btrfs_open_devices.
Btrfs: improve the loop of scrub_stripe.
Btrfs: improve the performance of the csums lookup.
Btrfs: init relocate extent_io_tree with a mapping.
Btrfs: introduce a mutex lock for btrfs quota operations.
Btrfs: kill some BUG_ONs() in the find_parent_nodes().
Btrfs: log ram bytes properly.
Btrfs: make __merge_refs() return type be void.
Btrfs: make orphan cleanup less verbose.
Btrfs: make static code static & remove dead code.
Btrfs: make subvol creation/deletion killable in the early stages.
Btrfs: make sure roots are assigned before freeing their nodes.
Btrfs: make sure the backref walker catches all refs to our extent.
Btrfs: make the cleaner complete early when the fs is going to be umounted.
Btrfs: make the snap/subv deletion end more early when the fs is R/O.
Btrfs: merge save_error_info helpers into one.
Btrfs: move the R/O check out of btrfs_clean_one_deleted_snapshot().
Btrfs: only do the tree_mod_log_free_eb if this is our last ref.
Btrfs: only exclude supers in the range of our block group.
Btrfs: optimize key searches in btrfs_search_slot.
Btrfs: optimize the error handle of use_block_rsv().
Btrfs: pause the space balance when remounting to R/O.
Btrfs: put our inode if orphan cleanup fails.
Btrfs: re-add root to dead root list if we stop dropping it.
Btrfs: read entire device info under lock.
Btrfs: release both paths before logging dir/changed extents.
Btrfs: Release uuid_mutex for shrink during device delete.
Btrfs: remove almost all of the BUG()s from tree-log.c.
Btrfs: remove BUG_ON() in btrfs_read_fs_tree_no_radix().
Btrfs: remove ourselves from the cluster list under lock.
Btrfs: remove some BUG_ONs() when walking backref tree.
Btrfs: remove some unnecessary spin_lock usages.
Btrfs: remove unnecessary ->s_umount in cleaner_kthread().
Btrfs: remove unused argument of fixup_low_keys().
Btrfs: remove unused gfp mask parameter from release_extent_buffer callchain.
Btrfs: remove useless copy in quota_ctl.
Btrfs: remove warn on in free space cache writeout.
Btrfs: rescan for qgroups (FATE#312751).
Btrfs: reset ret in record_one_backref.
Btrfs: return ENOSPC when target space is full.
Btrfs: return errno if possible when we fail to allocate memory.
Btrfs: return error code in btrfs_check_trunc_cache_free_space().
Btrfs: return error when we specify wrong start to defrag.
Btrfs: return free space in cow error path.
Btrfs: separate sequence numbers for delayed ref tracking and tree mod log.
Btrfs: set UUID in root_item for created trees.
Btrfs: share stop worker code.
Btrfs: simplify unlink reservations.
Btrfs: split btrfs_qgroup_account_ref into four functions.
Btrfs: stop all workers before cleaning up roots.
Btrfs: stop using try_to_writeback_inodes_sb_nr to flush delalloc.
Btrfs: stop waiting on current trans if we aborted.
Btrfs: unlock extent range on enospc in compressed submit.
Btrfs: update drop progress before stopping snapshot dropping.
Btrfs: update fixups from 3.11
Btrfs: update the global reserve if it is empty.
Btrfs: use helper to cleanup tree roots.
Btrfs: use REQ_META for all metadata IO.
Btrfs: use tree_root to avoid edquot when disabling quota.
Btrfs: use u64 for subvolid when parsing mount options.
Btrfs: use unsigned long type for extent state bits.
Btrfs: various abort cleanups.
Btrfs: wait ordered range before doing direct io.
Btrfs: wake up delayed ref flushing waiters on abort.
net/mlx4_en: Fix BlueFlame race. (bnc#835684)
ipv6: do not call fib6_run_gc() until routing is ready.
(bnc#836218)
ipv6: prevent fib6_run_gc() contention. (bnc#797526)
ipv6: update ip6_rt_last_gc every time GC is run.
(bnc#797526)
netfilter: nf_conntrack: use RCU safe kfree for conntrack extensions (bnc#827416 bko#60853).
netfilter: prevent race condition breaking net reference counting. (bnc#835094)
net: remove skb_orphan_try(). (bnc#834600)
bonding: check bond->vlgrp in bond_vlan_rx_kill_vid().
(bnc#834905)
sctp: deal with multiple COOKIE_ECHO chunks.
(bnc#826102)
mlx4: allow IB_QP_CREATE_USE_GFP_NOFS in mlx4_ib_create_qp(). (bnc#822433)
drm/i915: disable sound first on intel_disable_ddi.
(bnc#833151)
drm/i915: HDMI/DP - ELD info refresh support for Haswell. (bnc#833151)
drm/cirrus: This is a cirrus version of Egbert Eichs patch for mgag200. (bnc#808079)
drm/i915: Disable GGTT PTEs on GEN6+ suspend.
(bnc#800875)
drm/i915/hsw: Disable L3 caching of atomic memory operations. (bnc#800875)
ALSA: hda - Re-setup HDMI pin and audio infoframe on stream switches. (bnc#833151)
vmxnet3: prevent div-by-zero panic when ring resizing uninitialized dev. (bnc#833321)
mvsas: add support for 9480 device id. (bnc#843950)
r8169: fix argument in rtl_hw_init_8168g.
(bnc#845352,bnc#842820)
r8169: support RTL8168G. (bnc#845352,bnc#842820)
r8169: abstract out loop conditions.
(bnc#845352,bnc#842820)
r8169: mdio_ops signature change.
(bnc#845352,bnc#842820)
thp: reduce khugepaged freezing latency (khugepaged blocking suspend-to-ram (bnc#825291)).
bnx2x: Change to D3hot only on removal. (bnc#838448)
megaraid_sas: Disable controller reset for ppc.
(bnc#841050)
scsi_dh_alua: simplify alua_check_sense(). (bnc#843642)
scsi_dh_alua: Fix missing close brace in alua_check_sense. (bnc#843642)
scsi_dh_alua: retry command on ‘mode parameter changed’ sense code. (bnc#843645)
scsi_dh_alua: invalid state information for ‘optimized’ paths. (bnc#843445)
scsi_dh_alua: reattaching device handler fails with ‘Error 15’. (bnc#843429)
Drivers: hv: util: Fix a bug in version negotiation code for util services. (bnc#828714)
Drivers: hv: util: Correctly support ws2008R2 and earlier. (bnc#838346)
Drivers: hv: vmbus: Do not attempt to negoatiate a new version prematurely.
Drivers: hv: util: Correctly support ws2008R2 and earlier. (bnc#838346)
Drivers: hv: vmbus: Terminate vmbus version negotiation on timeout.
Drivers: hv: vmbus: Fix a bug in the handling of channel offers.
Drivers: hv: util: Fix a bug in version negotiation code for util services. (bnc#828714)
Drivers: hv: balloon: Initialize the transaction ID just before sending the packet.
Drivers: hv: util: Fix a bug in util version negotiation code. (bnc#838346)
be2net: Check for POST state in suspend-resume sequence.
(bnc#835189)
be2net: bug fix on returning an invalid nic descriptor.
(bnc#835189)
be2net: provision VF resources before enabling SR-IOV.
(bnc#835189)
be2net: Fix firmware download for Lancer. (bnc#835189)
be2net: Fix to use version 2 of cq_create for SkyHawk-R devices. (bnc#835189)
be2net: Use GET_FUNCTION_CONFIG V1 cmd. (bnc#835189)
be2net: Avoid flashing BE3 UFI on BE3-R chip.
(bnc#835189)
be2net: Use TXQ_CREATE_V2 cmd. (bnc#835189)
writeback: Do not sync data dirtied after sync start.
(bnc#833820)
elousb: some systems cannot stomach work around.
(bnc#840830,bnc#830985)
bounce: allow use of bounce pool via config option (Bounce memory pool initialisation (bnc#836347)).
block: initialize the bounce pool if high memory may be added later (Bounce memory pool initialisation (bnc#836347)).
bio-integrity: track owner of integrity payload.
(bnc#831380)
xhci: Fix spurious wakeups after S5 on Haswell.
(bnc#833097)
s390/cio: handle unknown pgroup state (bnc#837741,LTC#97048).
s390/cio: export vpm via sysfs (bnc#837741,LTC#97048).
s390/cio: skip broken paths (bnc#837741,LTC#97048).
s390/cio: dont abort verification after missing irq (bnc#837741,LTC#97048).
cio: add message for timeouts on internal I/O (bnc#837741,LTC#97048).
series.conf: disable XHCI ring expansion patches because on machines with large memory they cause a starvation problem. (bnc#833635)
Update EC2 config files (STRICT_DEVMEM off, bnc#843732).
Fixed Xen guest freezes. (bnc#829682, bnc#842063)
tools: hv: Improve error logging in VSS daemon.
tools: hv: Check return value of poll call.
tools: hv: Check return value of setsockopt call.
Tools: hv: fix send/recv buffer allocation.
Tools: hv: check return value of daemon to fix compiler warning.
Tools: hv: in kvp_set_ip_info free mac_addr right after usage.
Tools: hv: check return value of system in hv_kvp_daemon.
Tools: hv: correct payload size in netlink_send.
Tools: hv: use full nlmsghdr in netlink_send.
rpm/old-flavors, rpm/mkspec: Add version information to obsolete flavors. (bnc#821465)
rpm/kernel-binary.spec.in: Move the xenpae obsolete to the old-flavors file.
rpm/old-flavors: Convert the old-packages.conf file to a flat list.
rpm/mkspec: Adjust.
rpm/old-packages.conf: Delete.
rpm/old-packages.conf: Drop bogus obsoletes for ‘smp’.
(bnc#821465)
rpm/kernel-binary.spec.in: Make sure that all KMP obsoletes are versioned. (bnc#821465)
rpm/kernel-binary.spec.in: Remove unversioned provides/obsoletes for packages that were only seen in openSUSE releases up to 11.0. . (bnc#821465)
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#
if (NASL_LEVEL < 3000) exit(0);
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(71034);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2013-2206");
script_name(english:"SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 8524 / 8525 / 8528)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote SuSE 11 host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to
version 3.0.101 and also includes various other bug and security
fixes.
The following features have been added :
- Drivers: hv: Support handling multiple VMBUS versions
(FATE#314665).
- Drivers: hv: Save and export negotiated vmbus version
(FATE#314665).
- Drivers: hv: Move vmbus version definitions to hyperv.h
(FATE#314665). The following security issue has been
fixed :
- The sctp_sf_do_5_2_4_dupcook function in
net/sctp/sm_statefuns.c in the SCTP implementation in
the Linux kernel did not properly handle associations
during the processing of a duplicate COOKIE ECHO chunk,
which allowed remote attackers to cause a denial of
service (NULL pointer dereference and system crash) or
possibly have unspecified other impact via crafted SCTP
traffic. (bnc#826102). (CVE-2013-2206)
The following non-security bugs have been fixed :
- mm, memcg: introduce own oom handler to iterate only
over its own threads.
- mm, memcg: move all oom handling to memcontrol.c.
- mm, oom: avoid looping when chosen thread detaches its
mm.
- mm, oom: fold oom_kill_task() into oom_kill_process().
- mm, oom: introduce helper function to process threads
during scan.
- mm, oom: reduce dependency on tasklist_lock (Reduce
tasklist_lock hold times). (bnc#821259)
- mm: do not walk all of system memory during show_mem
(Reduce tasklist_lock hold times). (bnc#821259)
- iommu/vt-d: add quirk for broken interrupt remapping on
55XX chipsets. (bnc#844513)
- x86/iommu/vt-d: Expand interrupt remapping quirk to
cover x58 chipset. (bnc#844513)
- iommu/vt-d: Only warn about broken interrupt remapping.
(bnc#844513)
- iommu: Remove stack trace from broken irq remapping
warning. (bnc#844513)
- intel-iommu: Fix leaks in pagetable freeing.
(bnc#841402)
- Revert aer_recover_queue() __GENKSYMS__ hack, add a fake
symset with the previous value instead. (bnc#847721)
- i2c: ismt: initialize DMA buffer. (bnc#843753)
- powerpc/irq: Run softirqs off the top of the irq stack.
(bnc#847319)
- quirks: add touchscreen that is dazzeled by remote
wakeup. (bnc#835930)
- kernel: sclp console hangs (bnc#841498, LTC#95711).
- tty/hvc_iucv: Disconnect IUCV connection when lowering
DTR (bnc#839973,LTC#97595).
- tty/hvc_console: Add DTR/RTS callback to handle HUPCL
control (bnc#839973,LTC#97595).
- softirq: reduce latencies. (bnc#797526)
- X.509: Remove certificate date checks. (bnc#841656)
- config/debug: Enable FSCACHE_DEBUG and CACHEFILES_DEBUG.
(bnc#837372)
- splice: fix racy pipe->buffers uses. (bnc#827246)
- blktrace: fix race with open trace files and directory
removal. (bnc#832292)
- rcu: Do not trigger false positive RCU stall detection.
(bnc#834204)
- kernel: allow program interruption filtering in user
space (bnc#837596, LTC#97332).
- Audit: do not print error when LSMs disabled.
(bnc#842057)
- SUNRPC: close a rare race in xs_tcp_setup_socket.
(bnc#794824)
- Btrfs: fix negative qgroup tracking from owner
accounting. (bnc#821948)
- cifs: fill TRANS2_QUERY_FILE_INFO ByteCount fields.
(bnc#804950)
- NFS: make nfs_flush_incompatible more generous.
(bnc#816099)
- xfs: growfs: use uncached buffers for new headers.
(bnc#842604)
- NFS: do not try to use lock state when we hold a
delegation. (bnc#831029)
- NFS: nfs_lookup_revalidate(): fix a leak. (bnc#828894)
- fs: do_add_mount()/umount -l races. (bnc#836801)
- xfs: avoid double-free in xfs_attr_node_addname.
- xfs: Check the return value of xfs_buf_get().
(bnc#842604)
- iscsi: do not hang in endless loop if no targets
present. (bnc#841094)
- scsi_dh_alua: Allow get_alua_data() to return NULL.
(bnc#839407)
- cifs: revalidate directories instiantiated via FIND_ in
order to handle DFS referrals. (bnc#831143)
- cifs: do not instantiate new dentries in readdir for
inodes that need to be revalidated immediately.
(bnc#831143)
- cifs: rename cifs_readdir_lookup to cifs_prime_dcache
and make it void return. (bnc#831143)
- cifs: get rid of blind d_drop() in readdir. (bnc#831143)
- cifs: cleanup cifs_filldir. (bnc#831143)
- cifs: on send failure, readjust server sequence number
downward. (bnc#827966)
- cifs: adjust sequence number downward after signing
NT_CANCEL request. (bnc#827966)
- cifs: on send failure, readjust server sequence number
downward. (bnc#827966)
- cifs: adjust sequence number downward after signing
NT_CANCEL request. (bnc#827966)
- reiserfs: fix race with flush_used_journal_lists and
flush_journal_list. (bnc#837803)
- reiserfs: remove useless flush_old_journal_lists.
- lib/radix-tree.c: make radix_tree_node_alloc() work
correctly within interrupt. (bnc#763463)
- md: Throttle number of pending write requests in
md/raid10. (bnc#833858)
- dm: ignore merge_bvec for snapshots when safe.
(bnc#820848)
- ata: Set proper SK when CK_COND is set. (bnc#833588)
- Btrfs: abort unlink trans in missed error case.
- Btrfs: add all ioctl checks before user change for quota
operations.
- Btrfs: add a rb_tree to improve performance of ulist
search.
- Btrfs: add btrfs_fs_incompat helper.
- Btrfs: add ioctl to wait for qgroup rescan completion.
- Btrfs: add log message stubs.
- Btrfs: add missing error checks to add_data_references.
- Btrfs: add missing error code to BTRFS_IOC_INO_LOOKUP
handler.
- Btrfs: add missing error handling to read_tree_block.
- Btrfs: add missing mounting options in
btrfs_show_options().
- Btrfs: add sanity checks regarding to parsing mount
options.
- Btrfs: add some missing iput()s in btrfs_orphan_cleanup.
- Btrfs: add tree block level sanity check.
- Btrfs: allocate new chunks if the space is not enough
for global rsv.
- Btrfs: allow file data clone within a file.
- Btrfs: allow superblock mismatch from older mkfs.
- Btrfs: annotate quota tree for lockdep.
- Btrfs: automatic rescan after 'quota enable' command
(FATE#312751).
- Btrfs: change how we queue blocks for backref checking.
- Btrfs: check if leafs parent exists before pushing items
around.
- Btrfs: check if we can nocow if we do not have data
space.
- Btrfs: check return value of commit when recovering log.
- Btrfs: clean snapshots one by one.
- Btrfs: cleanup destroy_marked_extents.
- Btrfs: cleanup fs roots if we fail to mount.
- Btrfs: cleanup orphaned root orphan item.
- Btrfs: cleanup reloc roots properly on error.
- Btrfs: Cleanup some redundant codes in
btrfs_lookup_csums_range().
- Btrfs: clean up transaction abort messages.
- Btrfs: cleanup unused arguments of btrfs_csum_data.
- Btrfs: clear received_uuid field for new writable
snapshots.
- Btrfs: compare relevant parts of delayed tree refs.
- Btrfs: cover more error codes in btrfs_decode_error.
- Btrfs: creating the subvolume qgroup automatically when
enabling quota.
- Btrfs: deal with bad mappings in btrfs_map_block.
- Btrfs: deal with errors in write_dev_supers.
- Btrfs: deal with free space cache errors while replaying
log.
- Btrfs: deprecate subvolrootid mount option.
- Btrfs: do away with non-whole_page extent I/O.
- Btrfs: do delay iput in sync_fs.
- Btrfs: do not clear our orphan item runtime flag on
eexist.
- Btrfs: do not continue if out of memory happens.
- Btrfs: do not offset physical if we are compressed.
- Btrfs: do not pin while under spin lock.
- Btrfs: do not abort the current transaction if there is
no enough space for inode cache.
- Btrfs: do not allow a subvol to be deleted if it is the
default subovl.
- Btrfs: do not BUG_ON() in btrfs_num_copies.
- Btrfs: do not bug_on when we fail when cleaning up
transactions.
- Btrfs: do not call readahead hook until we have read the
entire eb.
- Btrfs: do not delete fs_roots until after we cleanup the
transaction.
- Btrfs: dont do log_removal in insert_new_root.
- Btrfs: do not force pages under writeback to finish when
aborting.
- Btrfs: do not ignore errors from
btrfs_run_delayed_items.
- Btrfs: do not invoke btrfs_invalidate_inodes() in the
spin lock context.
- Btrfs: do not miss inode ref items in
BTRFS_IOC_INO_LOOKUP.
- Btrfs: do not NULL pointer deref on abort.
- Btrfs: do not panic if we are trying to drop too many
refs.
- Btrfs: do not steal the reserved space from the global
reserve if their space type is different.
- Btrfs: do not stop searching after encountering the
wrong item.
- Btrfs: do not try and free ebs twice in log replay.
- Btrfs: do not use global block reservation for inode
cache truncation.
- Btrfs: do not wait on ordered extents if we have a trans
open.
- Btrfs: Drop inode if inode root is NULL.
- Btrfs: enhance superblock checks.
- Btrfs: exclude logged extents before replying when we
are mixed.
- Btrfs: explicitly use global_block_rsv for quota_tree.
- Btrfs: fall back to global reservation when removing
subvolumes.
- Btrfs: fix a bug of snapshot-aware defrag to make it
work on partial extents.
- Btrfs: fix accessing a freed tree root.
- Btrfs: fix accessing the root pointer in tree mod log
functions.
- Btrfs: fix all callers of read_tree_block.
- Btrfs: fix a warning when disabling quota.
- Btrfs: fix a warning when updating qgroup limit.
- Btrfs: fix backref walking when we hit a compressed
extent.
- Btrfs: fix bad extent logging.
- Btrfs: fix broken nocow after balance.
- Btrfs: fix confusing edquot happening case.
- Btrfs: fix double free in the iterate_extent_inodes().
- Btrfs: fix error handling in btrfs_ioctl_send().
- Btrfs: fix error handling in make/read block group.
- Btrfs: fix estale with btrfs send.
- Btrfs: fix extent buffer leak after backref walking.
- Btrfs: fix extent logging with O_DIRECT into prealloc.
- Btrfs: fix file truncation if FALLOC_FL_KEEP_SIZE is
specified.
- Btrfs: fix get set label blocking against balance.
- Btrfs: fix infinite loop when we abort on mount.
- Btrfs: fix inode leak on kmalloc failure in tree-log.c.
- Btrfs: fix lockdep warning.
- Btrfs: fix lock leak when resuming snapshot deletion.
- Btrfs: fix memory leak of orphan block rsv.
- Btrfs: fix missing check about ulist_add() in qgroup.c.
- Btrfs: fix missing check before creating a qgroup
relation.
- Btrfs: fix missing check in the btrfs_qgroup_inherit().
- Btrfs: fix off-by-one in fiemap.
- Btrfs: fix oops when writing dirty qgroups to disk.
- Btrfs: fix possible infinite loop in slow caching.
- Btrfs: fix possible memory leak in replace_path().
- Btrfs: fix possible memory leak in the
find_parent_nodes().
- Btrfs: fix printing of non NULL terminated string.
- Btrfs: fix qgroup rescan resume on mount.
- Btrfs: fix reada debug code compilation.
- Btrfs: fix the error handling wrt orphan items.
- Btrfs: fix transaction throttling for delayed refs.
- Btrfs: fix tree mod log regression on root split
operations.
- Btrfs: fix unblocked autodefraggers when remount.
- Btrfs: fix unlock after free on rewinded tree blocks.
- Btrfs: fix unprotected root node of the subvolumes inode
rb-tree.
- Btrfs: fix use-after-free bug during umount.
- Btrfs: free csums when we are done scrubbing an extent.
- Btrfs: handle errors returned from get_tree_block_key.
- Btrfs: handle errors when doing slow caching.
- Btrfs: hold the tree mod lock in __tree_mod_log_rewind.
- Btrfs: ignore device open failures in
__btrfs_open_devices.
- Btrfs: improve the loop of scrub_stripe.
- Btrfs: improve the performance of the csums lookup.
- Btrfs: init relocate extent_io_tree with a mapping.
- Btrfs: introduce a mutex lock for btrfs quota
operations.
- Btrfs: kill some BUG_ONs() in the find_parent_nodes().
- Btrfs: log ram bytes properly.
- Btrfs: make __merge_refs() return type be void.
- Btrfs: make orphan cleanup less verbose.
- Btrfs: make static code static & remove dead code.
- Btrfs: make subvol creation/deletion killable in the
early stages.
- Btrfs: make sure roots are assigned before freeing their
nodes.
- Btrfs: make sure the backref walker catches all refs to
our extent.
- Btrfs: make the cleaner complete early when the fs is
going to be umounted.
- Btrfs: make the snap/subv deletion end more early when
the fs is R/O.
- Btrfs: merge save_error_info helpers into one.
- Btrfs: move the R/O check out of
btrfs_clean_one_deleted_snapshot().
- Btrfs: only do the tree_mod_log_free_eb if this is our
last ref.
- Btrfs: only exclude supers in the range of our block
group.
- Btrfs: optimize key searches in btrfs_search_slot.
- Btrfs: optimize the error handle of use_block_rsv().
- Btrfs: pause the space balance when remounting to R/O.
- Btrfs: put our inode if orphan cleanup fails.
- Btrfs: re-add root to dead root list if we stop dropping
it.
- Btrfs: read entire device info under lock.
- Btrfs: release both paths before logging dir/changed
extents.
- Btrfs: Release uuid_mutex for shrink during device
delete.
- Btrfs: remove almost all of the BUG()s from tree-log.c.
- Btrfs: remove BUG_ON() in btrfs_read_fs_tree_no_radix().
- Btrfs: remove ourselves from the cluster list under
lock.
- Btrfs: remove some BUG_ONs() when walking backref tree.
- Btrfs: remove some unnecessary spin_lock usages.
- Btrfs: remove unnecessary ->s_umount in
cleaner_kthread().
- Btrfs: remove unused argument of fixup_low_keys().
- Btrfs: remove unused gfp mask parameter from
release_extent_buffer callchain.
- Btrfs: remove useless copy in quota_ctl.
- Btrfs: remove warn on in free space cache writeout.
- Btrfs: rescan for qgroups (FATE#312751).
- Btrfs: reset ret in record_one_backref.
- Btrfs: return ENOSPC when target space is full.
- Btrfs: return errno if possible when we fail to allocate
memory.
- Btrfs: return error code in
btrfs_check_trunc_cache_free_space().
- Btrfs: return error when we specify wrong start to
defrag.
- Btrfs: return free space in cow error path.
- Btrfs: separate sequence numbers for delayed ref
tracking and tree mod log.
- Btrfs: set UUID in root_item for created trees.
- Btrfs: share stop worker code.
- Btrfs: simplify unlink reservations.
- Btrfs: split btrfs_qgroup_account_ref into four
functions.
- Btrfs: stop all workers before cleaning up roots.
- Btrfs: stop using try_to_writeback_inodes_sb_nr to flush
delalloc.
- Btrfs: stop waiting on current trans if we aborted.
- Btrfs: unlock extent range on enospc in compressed
submit.
- Btrfs: update drop progress before stopping snapshot
dropping.
- Btrfs: update fixups from 3.11
- Btrfs: update the global reserve if it is empty.
- Btrfs: use helper to cleanup tree roots.
- Btrfs: use REQ_META for all metadata IO.
- Btrfs: use tree_root to avoid edquot when disabling
quota.
- Btrfs: use u64 for subvolid when parsing mount options.
- Btrfs: use unsigned long type for extent state bits.
- Btrfs: various abort cleanups.
- Btrfs: wait ordered range before doing direct io.
- Btrfs: wake up delayed ref flushing waiters on abort.
- net/mlx4_en: Fix BlueFlame race. (bnc#835684)
- ipv6: do not call fib6_run_gc() until routing is ready.
(bnc#836218)
- ipv6: prevent fib6_run_gc() contention. (bnc#797526)
- ipv6: update ip6_rt_last_gc every time GC is run.
(bnc#797526)
- netfilter: nf_conntrack: use RCU safe kfree for
conntrack extensions (bnc#827416 bko#60853).
- netfilter: prevent race condition breaking net reference
counting. (bnc#835094)
- net: remove skb_orphan_try(). (bnc#834600)
- bonding: check bond->vlgrp in bond_vlan_rx_kill_vid().
(bnc#834905)
- sctp: deal with multiple COOKIE_ECHO chunks.
(bnc#826102)
- mlx4: allow IB_QP_CREATE_USE_GFP_NOFS in
mlx4_ib_create_qp(). (bnc#822433)
- drm/i915: disable sound first on intel_disable_ddi.
(bnc#833151)
- drm/i915: HDMI/DP - ELD info refresh support for
Haswell. (bnc#833151)
- drm/cirrus: This is a cirrus version of Egbert Eichs
patch for mgag200. (bnc#808079)
- drm/i915: Disable GGTT PTEs on GEN6+ suspend.
(bnc#800875)
- drm/i915/hsw: Disable L3 caching of atomic memory
operations. (bnc#800875)
- ALSA: hda - Re-setup HDMI pin and audio infoframe on
stream switches. (bnc#833151)
- vmxnet3: prevent div-by-zero panic when ring resizing
uninitialized dev. (bnc#833321)
- mvsas: add support for 9480 device id. (bnc#843950)
- r8169: fix argument in rtl_hw_init_8168g.
(bnc#845352,bnc#842820)
- r8169: support RTL8168G. (bnc#845352,bnc#842820)
- r8169: abstract out loop conditions.
(bnc#845352,bnc#842820)
- r8169: mdio_ops signature change.
(bnc#845352,bnc#842820)
- thp: reduce khugepaged freezing latency (khugepaged
blocking suspend-to-ram (bnc#825291)).
- bnx2x: Change to D3hot only on removal. (bnc#838448)
- megaraid_sas: Disable controller reset for ppc.
(bnc#841050)
- scsi_dh_alua: simplify alua_check_sense(). (bnc#843642)
- scsi_dh_alua: Fix missing close brace in
alua_check_sense. (bnc#843642)
- scsi_dh_alua: retry command on 'mode parameter changed'
sense code. (bnc#843645)
- scsi_dh_alua: invalid state information for 'optimized'
paths. (bnc#843445)
- scsi_dh_alua: reattaching device handler fails with
'Error 15'. (bnc#843429)
- Drivers: hv: util: Fix a bug in version negotiation code
for util services. (bnc#828714)
- Drivers: hv: util: Correctly support ws2008R2 and
earlier. (bnc#838346)
- Drivers: hv: vmbus: Do not attempt to negoatiate a new
version prematurely.
- Drivers: hv: util: Correctly support ws2008R2 and
earlier. (bnc#838346)
- Drivers: hv: vmbus: Terminate vmbus version negotiation
on timeout.
- Drivers: hv: vmbus: Fix a bug in the handling of channel
offers.
- Drivers: hv: util: Fix a bug in version negotiation code
for util services. (bnc#828714)
- Drivers: hv: balloon: Initialize the transaction ID just
before sending the packet.
- Drivers: hv: util: Fix a bug in util version negotiation
code. (bnc#838346)
- be2net: Check for POST state in suspend-resume sequence.
(bnc#835189)
- be2net: bug fix on returning an invalid nic descriptor.
(bnc#835189)
- be2net: provision VF resources before enabling SR-IOV.
(bnc#835189)
- be2net: Fix firmware download for Lancer. (bnc#835189)
- be2net: Fix to use version 2 of cq_create for SkyHawk-R
devices. (bnc#835189)
- be2net: Use GET_FUNCTION_CONFIG V1 cmd. (bnc#835189)
- be2net: Avoid flashing BE3 UFI on BE3-R chip.
(bnc#835189)
- be2net: Use TXQ_CREATE_V2 cmd. (bnc#835189)
- writeback: Do not sync data dirtied after sync start.
(bnc#833820)
- elousb: some systems cannot stomach work around.
(bnc#840830,bnc#830985)
- bounce: allow use of bounce pool via config option
(Bounce memory pool initialisation (bnc#836347)).
- block: initialize the bounce pool if high memory may be
added later (Bounce memory pool initialisation
(bnc#836347)).
- bio-integrity: track owner of integrity payload.
(bnc#831380)
- xhci: Fix spurious wakeups after S5 on Haswell.
(bnc#833097)
- s390/cio: handle unknown pgroup state
(bnc#837741,LTC#97048).
- s390/cio: export vpm via sysfs (bnc#837741,LTC#97048).
- s390/cio: skip broken paths (bnc#837741,LTC#97048).
- s390/cio: dont abort verification after missing irq
(bnc#837741,LTC#97048).
- cio: add message for timeouts on internal I/O
(bnc#837741,LTC#97048).
- series.conf: disable XHCI ring expansion patches because
on machines with large memory they cause a starvation
problem. (bnc#833635)
- Update EC2 config files (STRICT_DEVMEM off, bnc#843732).
- Fixed Xen guest freezes. (bnc#829682, bnc#842063)
- tools: hv: Improve error logging in VSS daemon.
- tools: hv: Check return value of poll call.
- tools: hv: Check return value of setsockopt call.
- Tools: hv: fix send/recv buffer allocation.
- Tools: hv: check return value of daemon to fix compiler
warning.
- Tools: hv: in kvp_set_ip_info free mac_addr right after
usage.
- Tools: hv: check return value of system in
hv_kvp_daemon.
- Tools: hv: correct payload size in netlink_send.
- Tools: hv: use full nlmsghdr in netlink_send.
- rpm/old-flavors, rpm/mkspec: Add version information to
obsolete flavors. (bnc#821465)
- rpm/kernel-binary.spec.in: Move the xenpae obsolete to
the old-flavors file.
- rpm/old-flavors: Convert the old-packages.conf file to a
flat list.
- rpm/mkspec: Adjust.
- rpm/old-packages.conf: Delete.
- rpm/old-packages.conf: Drop bogus obsoletes for 'smp'.
(bnc#821465)
- rpm/kernel-binary.spec.in: Make sure that all KMP
obsoletes are versioned. (bnc#821465)
- rpm/kernel-binary.spec.in: Remove unversioned
provides/obsoletes for packages that were only seen in
openSUSE releases up to 11.0. . (bnc#821465)"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=763463"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=794824"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=797526"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=800875"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=804950"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=808079"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=816099"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=820848"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=821259"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=821465"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=821948"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=822433"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=825291"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=826102"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=827246"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=827416"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=827966"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=828714"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=828894"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=829682"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=830985"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=831029"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=831143"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=831380"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=832292"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=833097"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=833151"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=833321"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=833588"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=833635"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=833820"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=833858"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=834204"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=834600"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=834905"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=835094"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=835189"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=835684"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=835930"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=836218"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=836347"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=836801"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=837372"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=837596"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=837741"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=837803"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=838346"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=838448"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=839407"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=839973"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=840830"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=841050"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=841094"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=841402"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=841498"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=841656"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=842057"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=842063"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=842604"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=842820"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=843429"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=843445"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=843642"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=843645"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=843732"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=843753"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=843950"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=844513"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=845352"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=847319"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=847721"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-2206.html"
);
script_set_attribute(
attribute:"solution",
value:"Apply SAT patch number 8524 / 8525 / 8528 as appropriate."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-man");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-ec2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-ec2-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-source");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-syms");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-trace");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-trace-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-trace-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-kmp-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-kmp-pae");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
script_set_attribute(attribute:"patch_publication_date", value:"2013/11/07");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/11/22");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
pl = get_kb_item("Host/SuSE/patchlevel");
if (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, "SuSE 11.3");
flag = 0;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"kernel-default-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"kernel-default-base-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"kernel-default-devel-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"kernel-default-extra-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"kernel-pae-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"kernel-pae-base-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"kernel-pae-devel-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"kernel-pae-extra-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"kernel-source-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"kernel-syms-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"kernel-trace-devel-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"kernel-xen-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"kernel-xen-base-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"kernel-xen-devel-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"kernel-xen-extra-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"xen-kmp-default-4.2.3_02_3.0.101_0.8-0.7.9")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"xen-kmp-pae-4.2.3_02_3.0.101_0.8-0.7.9")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"kernel-default-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"kernel-default-base-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"kernel-default-devel-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"kernel-default-extra-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"kernel-source-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"kernel-syms-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"kernel-trace-devel-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"kernel-xen-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"kernel-xen-base-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"kernel-xen-devel-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"kernel-xen-extra-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"xen-kmp-default-4.2.3_02_3.0.101_0.8-0.7.9")) flag++;
if (rpm_check(release:"SLES11", sp:3, reference:"kernel-default-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, reference:"kernel-default-base-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, reference:"kernel-default-devel-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, reference:"kernel-source-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, reference:"kernel-syms-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, reference:"kernel-trace-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, reference:"kernel-trace-base-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, reference:"kernel-trace-devel-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"kernel-ec2-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"kernel-ec2-base-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"kernel-ec2-devel-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"kernel-pae-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"kernel-pae-base-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"kernel-pae-devel-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"kernel-xen-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"kernel-xen-base-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"kernel-xen-devel-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"xen-kmp-default-4.2.3_02_3.0.101_0.8-0.7.9")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"xen-kmp-pae-4.2.3_02_3.0.101_0.8-0.7.9")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"s390x", reference:"kernel-default-man-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"kernel-ec2-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"kernel-ec2-base-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"kernel-ec2-devel-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"kernel-xen-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"kernel-xen-base-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"kernel-xen-devel-3.0.101-0.8.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"xen-kmp-default-4.2.3_02_3.0.101_0.8-0.7.9")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Vendor | Product | Version | CPE |
---|---|---|---|
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-default |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-default-base |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-default-devel |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-default-extra |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-default-man |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-ec2 |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-ec2-base |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-pae |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-pae-base |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2206
support.novell.com/security/cve/CVE-2013-2206.html
bugzilla.novell.com/show_bug.cgi?id=763463
bugzilla.novell.com/show_bug.cgi?id=794824
bugzilla.novell.com/show_bug.cgi?id=797526
bugzilla.novell.com/show_bug.cgi?id=800875
bugzilla.novell.com/show_bug.cgi?id=804950
bugzilla.novell.com/show_bug.cgi?id=808079
bugzilla.novell.com/show_bug.cgi?id=816099
bugzilla.novell.com/show_bug.cgi?id=820848
bugzilla.novell.com/show_bug.cgi?id=821259
bugzilla.novell.com/show_bug.cgi?id=821465
bugzilla.novell.com/show_bug.cgi?id=821948
bugzilla.novell.com/show_bug.cgi?id=822433
bugzilla.novell.com/show_bug.cgi?id=825291
bugzilla.novell.com/show_bug.cgi?id=826102
bugzilla.novell.com/show_bug.cgi?id=827246
bugzilla.novell.com/show_bug.cgi?id=827416
bugzilla.novell.com/show_bug.cgi?id=827966
bugzilla.novell.com/show_bug.cgi?id=828714
bugzilla.novell.com/show_bug.cgi?id=828894
bugzilla.novell.com/show_bug.cgi?id=829682
bugzilla.novell.com/show_bug.cgi?id=830985
bugzilla.novell.com/show_bug.cgi?id=831029
bugzilla.novell.com/show_bug.cgi?id=831143
bugzilla.novell.com/show_bug.cgi?id=831380
bugzilla.novell.com/show_bug.cgi?id=832292
bugzilla.novell.com/show_bug.cgi?id=833097
bugzilla.novell.com/show_bug.cgi?id=833151
bugzilla.novell.com/show_bug.cgi?id=833321
bugzilla.novell.com/show_bug.cgi?id=833588
bugzilla.novell.com/show_bug.cgi?id=833635
bugzilla.novell.com/show_bug.cgi?id=833820
bugzilla.novell.com/show_bug.cgi?id=833858
bugzilla.novell.com/show_bug.cgi?id=834204
bugzilla.novell.com/show_bug.cgi?id=834600
bugzilla.novell.com/show_bug.cgi?id=834905
bugzilla.novell.com/show_bug.cgi?id=835094
bugzilla.novell.com/show_bug.cgi?id=835189
bugzilla.novell.com/show_bug.cgi?id=835684
bugzilla.novell.com/show_bug.cgi?id=835930
bugzilla.novell.com/show_bug.cgi?id=836218
bugzilla.novell.com/show_bug.cgi?id=836347
bugzilla.novell.com/show_bug.cgi?id=836801
bugzilla.novell.com/show_bug.cgi?id=837372
bugzilla.novell.com/show_bug.cgi?id=837596
bugzilla.novell.com/show_bug.cgi?id=837741
bugzilla.novell.com/show_bug.cgi?id=837803
bugzilla.novell.com/show_bug.cgi?id=838346
bugzilla.novell.com/show_bug.cgi?id=838448
bugzilla.novell.com/show_bug.cgi?id=839407
bugzilla.novell.com/show_bug.cgi?id=839973
bugzilla.novell.com/show_bug.cgi?id=840830
bugzilla.novell.com/show_bug.cgi?id=841050
bugzilla.novell.com/show_bug.cgi?id=841094
bugzilla.novell.com/show_bug.cgi?id=841402
bugzilla.novell.com/show_bug.cgi?id=841498
bugzilla.novell.com/show_bug.cgi?id=841656
bugzilla.novell.com/show_bug.cgi?id=842057
bugzilla.novell.com/show_bug.cgi?id=842063
bugzilla.novell.com/show_bug.cgi?id=842604
bugzilla.novell.com/show_bug.cgi?id=842820
bugzilla.novell.com/show_bug.cgi?id=843429
bugzilla.novell.com/show_bug.cgi?id=843445
bugzilla.novell.com/show_bug.cgi?id=843642
bugzilla.novell.com/show_bug.cgi?id=843645
bugzilla.novell.com/show_bug.cgi?id=843732
bugzilla.novell.com/show_bug.cgi?id=843753
bugzilla.novell.com/show_bug.cgi?id=843950
bugzilla.novell.com/show_bug.cgi?id=844513
bugzilla.novell.com/show_bug.cgi?id=845352
bugzilla.novell.com/show_bug.cgi?id=847319
bugzilla.novell.com/show_bug.cgi?id=847721