XEN has been updated to 4.1.5 c/s 23509 to fix various bugs and security issues.
The following security issues have been fixed :
Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier were not preemptible, which allowed local PV kernels to cause a denial of service via vectors related to deep page table traversal.
(CVE-2013-1918)
Xen 4.x, when using Intel VT-d for a bus mastering capable PCI device, did not properly check the source when accessing a bridge devices interrupt remapping table entries for MSI interrupts, which allowed local guest domains to cause a denial of service (interrupt injection) via unspecified vectors. (CVE-2013-1952)
A information leak in the XSAVE/XRSTOR instructions could be used to determine state of floating point operations in other domains. (CVE-2013-2076)
A denial of service (hypervisor crash) was possible due to missing exception recovery on XRSTOR, that could be used to crash the machine by PV guest users.
(CVE-2013-2077)
A denial of service (hypervisor crash) was possible due to missing exception recovery on XSETBV, that could be used to crash the machine by PV guest users.
(CVE-2013-2078)
Systems which allow untrusted administrators to configure guest vcpu affinity may be exploited to trigger a buffer overrun and corrupt memory.
(CVE-2013-2072)
Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, did not clear the NT flag when using an IRET after a SYSENTER instruction, which allowed PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is not properly handled by another IRET instruction. (CVE-2013-1917)
Xen 4.2.x and 4.1.x did not properly restrict access to IRQs, which allowed local stub domain clients to gain access to IRQs and cause a denial of service via vectors related to ‘passed-through IRQs or PCI devices.’.
(CVE-2013-1919)
Xen 4.2.x, 4.1.x, and earlier, when the hypervisor is running ‘under memory pressure’ and the Xen Security Module (XSM) is enabled, used the wrong ordering of operations when extending the per-domain event channel tracking table, which caused a use-after-free and allowed local guest kernels to inject arbitrary events and gain privileges via unspecified vectors.
(CVE-2013-1920)
Xen 4.0.x and 4.1.x incorrectly released a grant reference when releasing a non-v1, non-transitive grant, which allowed local guest administrators to cause a denial of service (host crash), obtain sensitive information, or possible have other impacts via unspecified vectors. (CVE-2013-1964)
Bugfixes :
Upstream patches from Jan 26956-x86-mm-preemptible-cleanup.patch 27071-x86-IO-APIC-fix-guest-RTE-write-corner-cases.patch 27072-x86-shadow-fix-off-by-one-in-MMIO-permission-check .patch 27079-fix-XSA-46-regression-with-xend-xm.patch 27083-AMD-iommu-SR56x0-Erratum-64-Reset-all-head-tail-po inters.patch
Update to Xen 4.1.5 c/s 23509 There were many xen.spec file patches dropped as now being included in the 4.1.5 tarball.
can’t use pv-grub to start domU (pygrub does work) xen.spec. (bnc#809662)
Upstream patches from Jan 26702-powernow-add-fixups-for-AMD-P-state-figures.patch 26704-x86-MCA-suppress-bank-clearing-for-certain-injecte d-events.patch 26731-AMD-IOMMU-Process-softirqs-while-building-dom0-iom mu-mappings.patch 26733-VT-d-Enumerate-IOMMUs-when-listing-capabilities.pa tch 26734-ACPI-ERST-Name-table-in-otherwise-opaque-error-mes sages.patch 26736-ACPI-APEI-Unlock-apei_iomaps_lock-on-error-path.pa tch 26737-ACPI-APEI-Add-apei_exec_run_optional.patch 26742-IOMMU-properly-check-whether-interrupt-remapping-i s-enabled.patch 26743-VT-d-deal-with-5500-5520-X58-errata.patch 26744-AMD-IOMMU-allow-disabling-only-interrupt-remapping .patch 26749-x86-reserve-pages-when-SandyBridge-integrated-grap hics.patch 26765-hvm-Clean-up-vlapic_reg_write-error-propagation.pa tch 26770-x86-irq_move_cleanup_interrupt-must-ignore-legacy- vectors.patch 26771-x86-S3-Restore-broken-vcpu-affinity-on-resume.patc h 26772-VMX-Always-disable-SMEP-when-guest-is-in-non-pagin g-mode.patch 26773-x86-mm-shadow-spurious-warning-when-unmapping-xenh eap-pages.patch 26799-x86-don-t-pass-negative-time-to-gtime_to_gtsc.patc h 26851-iommu-crash-Interrupt-remapping-is-also-disabled-o n-crash.patch
Unable to create XEN virtual machines in SLED 11 SP2 on Kyoto xend-cpuinfo-model-name.patch. (bnc#814709)
Upstream patches from Jan 26536-xenoprof-div-by-0.patch 26578-AMD-IOMMU-replace-BUG_ON.patch 26656-x86-fix-null-pointer-dereference-in-intel_get_exte nded_msrs.patch 26659-AMD-IOMMU-erratum-746-workaround.patch 26660-x86-fix-CMCI-injection.patch 26672-vmx-fix-handling-of-NMI-VMEXIT.patch 26673-Avoid-stale-pointer-when-moving-domain-to-another- cpupool.patch 26676-fix-compat-memory-exchange-op-splitting.patch 26677-x86-make-certain-memory-sub-ops-return-valid-value s.patch 26678-SEDF-avoid-gathering-vCPU-s-on-pCPU0.patch 26679-x86-defer-processing-events-on-the-NMI-exit-path.p atch 26683-credit1-Use-atomic-bit-operations-for-the-flags-st ructure.patch 26692-x86-MSI-fully-protect-MSI-X-table.patch
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#
if (NASL_LEVEL < 3000) exit(0);
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(66985);
script_version("1.13");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2013-1917", "CVE-2013-1918", "CVE-2013-1919", "CVE-2013-1920", "CVE-2013-1952", "CVE-2013-1964", "CVE-2013-2072", "CVE-2013-2076", "CVE-2013-2077", "CVE-2013-2078");
script_name(english:"SuSE 11.2 Security Update : Xen (SAT Patch Number 7798)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote SuSE 11 host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"XEN has been updated to 4.1.5 c/s 23509 to fix various bugs and
security issues.
The following security issues have been fixed :
- Certain page table manipulation operations in Xen 4.1.x,
4.2.x, and earlier were not preemptible, which allowed
local PV kernels to cause a denial of service via
vectors related to deep page table traversal.
(CVE-2013-1918)
- Xen 4.x, when using Intel VT-d for a bus mastering
capable PCI device, did not properly check the source
when accessing a bridge devices interrupt remapping
table entries for MSI interrupts, which allowed local
guest domains to cause a denial of service (interrupt
injection) via unspecified vectors. (CVE-2013-1952)
- A information leak in the XSAVE/XRSTOR instructions
could be used to determine state of floating point
operations in other domains. (CVE-2013-2076)
- A denial of service (hypervisor crash) was possible due
to missing exception recovery on XRSTOR, that could be
used to crash the machine by PV guest users.
(CVE-2013-2077)
- A denial of service (hypervisor crash) was possible due
to missing exception recovery on XSETBV, that could be
used to crash the machine by PV guest users.
(CVE-2013-2078)
- Systems which allow untrusted administrators to
configure guest vcpu affinity may be exploited to
trigger a buffer overrun and corrupt memory.
(CVE-2013-2072)
- Xen 3.1 through 4.x, when running 64-bit hosts on Intel
CPUs, did not clear the NT flag when using an IRET after
a SYSENTER instruction, which allowed PV guest users to
cause a denial of service (hypervisor crash) by
triggering a #GP fault, which is not properly handled by
another IRET instruction. (CVE-2013-1917)
- Xen 4.2.x and 4.1.x did not properly restrict access to
IRQs, which allowed local stub domain clients to gain
access to IRQs and cause a denial of service via vectors
related to 'passed-through IRQs or PCI devices.'.
(CVE-2013-1919)
- Xen 4.2.x, 4.1.x, and earlier, when the hypervisor is
running 'under memory pressure' and the Xen Security
Module (XSM) is enabled, used the wrong ordering of
operations when extending the per-domain event channel
tracking table, which caused a use-after-free and
allowed local guest kernels to inject arbitrary events
and gain privileges via unspecified vectors.
(CVE-2013-1920)
- Xen 4.0.x and 4.1.x incorrectly released a grant
reference when releasing a non-v1, non-transitive grant,
which allowed local guest administrators to cause a
denial of service (host crash), obtain sensitive
information, or possible have other impacts via
unspecified vectors. (CVE-2013-1964)
Bugfixes :
- Upstream patches from Jan
26956-x86-mm-preemptible-cleanup.patch
27071-x86-IO-APIC-fix-guest-RTE-write-corner-cases.patch
27072-x86-shadow-fix-off-by-one-in-MMIO-permission-check
.patch 27079-fix-XSA-46-regression-with-xend-xm.patch
27083-AMD-iommu-SR56x0-Erratum-64-Reset-all-head-tail-po
inters.patch
- Update to Xen 4.1.5 c/s 23509 There were many xen.spec
file patches dropped as now being included in the 4.1.5
tarball.
- can't use pv-grub to start domU (pygrub does work)
xen.spec. (bnc#809662)
- Upstream patches from Jan
26702-powernow-add-fixups-for-AMD-P-state-figures.patch
26704-x86-MCA-suppress-bank-clearing-for-certain-injecte
d-events.patch
26731-AMD-IOMMU-Process-softirqs-while-building-dom0-iom
mu-mappings.patch
26733-VT-d-Enumerate-IOMMUs-when-listing-capabilities.pa
tch
26734-ACPI-ERST-Name-table-in-otherwise-opaque-error-mes
sages.patch
26736-ACPI-APEI-Unlock-apei_iomaps_lock-on-error-path.pa
tch 26737-ACPI-APEI-Add-apei_exec_run_optional.patch
26742-IOMMU-properly-check-whether-interrupt-remapping-i
s-enabled.patch
26743-VT-d-deal-with-5500-5520-X58-errata.patch
26744-AMD-IOMMU-allow-disabling-only-interrupt-remapping
.patch
26749-x86-reserve-pages-when-SandyBridge-integrated-grap
hics.patch
26765-hvm-Clean-up-vlapic_reg_write-error-propagation.pa
tch
26770-x86-irq_move_cleanup_interrupt-must-ignore-legacy-
vectors.patch
26771-x86-S3-Restore-broken-vcpu-affinity-on-resume.patc
h
26772-VMX-Always-disable-SMEP-when-guest-is-in-non-pagin
g-mode.patch
26773-x86-mm-shadow-spurious-warning-when-unmapping-xenh
eap-pages.patch
26799-x86-don-t-pass-negative-time-to-gtime_to_gtsc.patc
h
26851-iommu-crash-Interrupt-remapping-is-also-disabled-o
n-crash.patch
- Unable to create XEN virtual machines in SLED 11 SP2 on
Kyoto xend-cpuinfo-model-name.patch. (bnc#814709)
- Upstream patches from Jan 26536-xenoprof-div-by-0.patch
26578-AMD-IOMMU-replace-BUG_ON.patch
26656-x86-fix-null-pointer-dereference-in-intel_get_exte
nded_msrs.patch
26659-AMD-IOMMU-erratum-746-workaround.patch
26660-x86-fix-CMCI-injection.patch
26672-vmx-fix-handling-of-NMI-VMEXIT.patch
26673-Avoid-stale-pointer-when-moving-domain-to-another-
cpupool.patch
26676-fix-compat-memory-exchange-op-splitting.patch
26677-x86-make-certain-memory-sub-ops-return-valid-value
s.patch 26678-SEDF-avoid-gathering-vCPU-s-on-pCPU0.patch
26679-x86-defer-processing-events-on-the-NMI-exit-path.p
atch
26683-credit1-Use-atomic-bit-operations-for-the-flags-st
ructure.patch
26692-x86-MSI-fully-protect-MSI-X-table.patch"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=801663"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=809662"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=813673"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=813675"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=813677"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=814709"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=816156"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=816159"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=816163"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=819416"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=820917"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=820919"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=820920"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-1917.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-1918.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-1919.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-1920.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-1952.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-1964.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-2072.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-2076.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-2077.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-2078.html"
);
script_set_attribute(attribute:"solution", value:"Apply SAT patch number 7798.");
script_set_cvss_base_vector("CVSS2#AV:A/AC:M/Au:S/C:C/I:C/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-doc-html");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-doc-pdf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-kmp-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-kmp-pae");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-kmp-trace");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-libs-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-tools-domU");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
script_set_attribute(attribute:"patch_publication_date", value:"2013/05/31");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/06/26");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
pl = get_kb_item("Host/SuSE/patchlevel");
if (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, "SuSE 11.2");
flag = 0;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"xen-kmp-default-4.1.5_02_3.0.74_0.6.10-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"xen-kmp-pae-4.1.5_02_3.0.74_0.6.10-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"xen-kmp-trace-4.1.5_02_3.0.74_0.6.10-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"xen-libs-4.1.5_02-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"xen-tools-domU-4.1.5_02-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"xen-4.1.5_02-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"xen-doc-html-4.1.5_02-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"xen-doc-pdf-4.1.5_02-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"xen-kmp-default-4.1.5_02_3.0.74_0.6.10-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"xen-kmp-trace-4.1.5_02_3.0.74_0.6.10-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"xen-libs-4.1.5_02-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"xen-libs-32bit-4.1.5_02-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"xen-tools-4.1.5_02-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"xen-tools-domU-4.1.5_02-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"xen-kmp-default-4.1.5_02_3.0.74_0.6.10-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"xen-kmp-pae-4.1.5_02_3.0.74_0.6.10-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"xen-kmp-trace-4.1.5_02_3.0.74_0.6.10-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"xen-libs-4.1.5_02-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"xen-tools-domU-4.1.5_02-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"xen-4.1.5_02-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"xen-doc-html-4.1.5_02-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"xen-doc-pdf-4.1.5_02-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"xen-kmp-default-4.1.5_02_3.0.74_0.6.10-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"xen-kmp-trace-4.1.5_02_3.0.74_0.6.10-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"xen-libs-4.1.5_02-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"xen-libs-32bit-4.1.5_02-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"xen-tools-4.1.5_02-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"xen-tools-domU-4.1.5_02-0.5.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Vendor | Product | Version | CPE |
---|---|---|---|
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:xen |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:xen-doc-html |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:xen-doc-pdf |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:xen-kmp-default |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:xen-kmp-pae |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:xen-kmp-trace |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:xen-libs |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:xen-libs-32bit |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:xen-tools |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:xen-tools-domu |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1917
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1918
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1919
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1920
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1952
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1964
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2072
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2076
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2077
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2078
support.novell.com/security/cve/CVE-2013-1917.html
support.novell.com/security/cve/CVE-2013-1918.html
support.novell.com/security/cve/CVE-2013-1919.html
support.novell.com/security/cve/CVE-2013-1920.html
support.novell.com/security/cve/CVE-2013-1952.html
support.novell.com/security/cve/CVE-2013-1964.html
support.novell.com/security/cve/CVE-2013-2072.html
support.novell.com/security/cve/CVE-2013-2076.html
support.novell.com/security/cve/CVE-2013-2077.html
support.novell.com/security/cve/CVE-2013-2078.html
bugzilla.novell.com/show_bug.cgi?id=801663
bugzilla.novell.com/show_bug.cgi?id=809662
bugzilla.novell.com/show_bug.cgi?id=813673
bugzilla.novell.com/show_bug.cgi?id=813675
bugzilla.novell.com/show_bug.cgi?id=813677
bugzilla.novell.com/show_bug.cgi?id=814709
bugzilla.novell.com/show_bug.cgi?id=816156
bugzilla.novell.com/show_bug.cgi?id=816159
bugzilla.novell.com/show_bug.cgi?id=816163
bugzilla.novell.com/show_bug.cgi?id=819416
bugzilla.novell.com/show_bug.cgi?id=820917
bugzilla.novell.com/show_bug.cgi?id=820919
bugzilla.novell.com/show_bug.cgi?id=820920