The SUSE Linux Enterprise 10 SP4 kernel has been updated to
fix various bugs and security issues.
Security issues fixed:
CVE-2012-4444: The ip6_frag_queue function in
net/ipv6/reassembly.c in the Linux kernel allowed remote
attackers to bypass intended network restrictions via
overlapping IPv6 fragments.
CVE-2013-1928: The do_video_set_spu_palette function
in fs/compat_ioctl.c in the Linux kernel lacked a certain
error check, which might have allowed local users to obtain
sensitive information from kernel stack memory via a
crafted VIDEO_SET_SPU_PALETTE ioctl call on a /dev/dvb
device.
Also the following bugs have been fixed:
download.novell.com/patch/finder/?keywords=42590e04eddb51fa31379710deb16611
download.novell.com/patch/finder/?keywords=4f3691ec5a62d5e0a58b289de36e7ba5
download.novell.com/patch/finder/?keywords=60a0921c1bb3961c00333f60f45fee0b
download.novell.com/patch/finder/?keywords=806641e6eb093ae891357f0c47c7e76f
download.novell.com/patch/finder/?keywords=b108e81194a14724506e0d40a5303d13
bugzilla.novell.com/760753
bugzilla.novell.com/789831
bugzilla.novell.com/790236
bugzilla.novell.com/810628
bugzilla.novell.com/812317
bugzilla.novell.com/813735
bugzilla.novell.com/815745
bugzilla.novell.com/817666
bugzilla.novell.com/818337
bugzilla.novell.com/819403