Security update for Real Time Linux Kernel (important)

The SUSE Linux Enterprise 11 Service Pack 3 RealTime
Extension kernel was updated to version 3.0.101 to fix
various bugs and security issues.

The following features have been added:

• Drivers: hv: Support handling multiple VMBUS versions
  (FATE#314665).
• Drivers: hv: Save and export negotiated vmbus version
  (FATE#314665).
• Drivers: hv: Move vmbus version definitions to
  hyperv.h (FATE#314665).

The following security issue has been fixed:

• CVE-2013-2206: The sctp_sf_do_5_2_4_dupcook function
  in net/sctp/sm_statefuns.c in the SCTP implementation in
  the Linux kernel did not properly handle associations
  during the processing of a duplicate COOKIE ECHO chunk,
  which allowed remote attackers to cause a denial of service
  (NULL pointer dereference and system crash) or possibly
  have unspecified other impact via crafted SCTP traffic.
  (bnc#826102)

The following non-security bugs have been fixed:

• kernel: sclp console hangs (bnc#841498, LTC#95711).
• kernel: allow program interruption filtering in user
  space (bnc#837596, LTC#97332).
• Audit: do not print error when LSMs disabled
  (bnc#842057).
• i2c: ismt: initialize DMA buffer (bnc#843753).
• powerpc/irq: Run softirqs off the top of the irq
  stack (bnc#847319).
• softirq: reduce latencies (bnc#797526).
• softirq: Fix lockup related to stop_machine being
  stuck in __do_softirq (bnc#797526).
• thp: reduce khugepaged freezing latency (khugepaged
  blocking suspend-to-ram (bnc#825291)).
• X.509: Remove certificate date checks (bnc#841656).
• splice: fix racy pipe->buffers uses (bnc#827246).
• blktrace: fix race with open trace files and
  directory removal (bnc#832292).
• writeback: Do not sync data dirtied after sync start
  (bnc#833820).
• elousb: some systems cannot stomach work around
  (bnc#840830).
• bounce: allow use of bounce pool via config option
  (Bounce memory pool initialisation (bnc#836347)).
• block: initialize the bounce pool if high memory may
  be added later (Bounce memory pool initialization
  (bnc#836347)).
• config/debug: Enable FSCACHE_DEBUG and
  CACHEFILES_DEBUG (bnc#837372).
• xhci: Fix spurious wakeups after S5 on Haswell
  (bnc#833097).
• cio: add message for timeouts on internal I/O
  (bnc#837741,LTC#97048).
• elousb: some systems cannot stomach work around
  (bnc#830985).
• s390/cio: handle unknown pgroup state
  (bnc#837741,LTC#97048).
• s390/cio: export vpm via sysfs (bnc#837741,LTC#97048).
• s390/cio: skip broken paths (bnc#837741,LTC#97048).
• s390/cio: dont abort verification after missing irq
  (bnc#837741,LTC#97048).
• bio-integrity: track owner of integrity payload
  (bnc#831380).
• iommu/vt-d: add quirk for broken interrupt remapping
  on 55XX chipsets (bnc#844513).
• x86/iommu/vt-d: Expand interrupt remapping quirk to
  cover x58 chipset (bnc#844513).
• iommu/vt-d: Only warn about broken interrupt
  remapping (bnc#844513).
• iommu: Remove stack trace from broken irq remapping
  warning (bnc#844513).
• intel-iommu: Fix leaks in pagetable freeing
  (bnc#841402).
• mm: Do not walk all of system memory during show_mem
  (Reduce tasklist_lock hold times (bnc#821259)).
• mm, memcg: introduce own oom handler to iterate only
  over its own threads.
• mm, memcg: move all oom handling to memcontrol.c.
• mm, oom: avoid looping when chosen thread detaches
  its mm.
• mm, oom: fold oom_kill_task() into oom_kill_process().
• mm, oom: introduce helper function to process threads
  during scan.
• mm, oom: reduce dependency on tasklist_lock. (Reduce
  tasklist_lock hold times (bnc#821259).
• mm: vmscan: Do not continue scanning if reclaim was
  aborted for compaction (Limit reclaim in the preserve of IO
  (bnc#754690)).
• mm: vmscan: take page buffers dirty and locked state
  into account (Limit reclaim in the preserve of IO
  (bnc#754690)).
• mm: vmscan: treat pages marked for immediate reclaim
  as zone congestion (Limit reclaim in the preserve of IO
  (bnc#754690)).
• mm: vmscan: move direct reclaim wait_iff_congested
  into shrink_list (Limit reclaim in the preserve of IO
  (bnc#754690)).
• mm: vmscan: set zone flags before blocking (Limit
  reclaim in the preserve of IO (bnc#754690)).
• mm: vmscan: stall page reclaim after a list of pages
  have been processed (Limit reclaim in the preserve of IO
  (bnc#754690)).
• mm: vmscan: stall page reclaim and writeback pages
  based on dirty/writepage pages encountered (Limit reclaim
  in the reserve of IO (bnc#754690)).
• mm/pagewalk.c: walk_page_range should avoid VM_PFNMAP
  areas (bnc#822942).
• Update EC2 config files (STRICT_DEVMEM off,
  bnc#843732).
• Fixed Xen guest freezes (bnc#829682, bnc#842063).
• rcu: Do not trigger false positive RCU stall
  detection (bnc#834204).
• libata: Set proper SK when CK_COND is set
  (bnc#833588).
• libata: Set proper Sense Key for Check Condition
  (bnc#833588).
• lib/radix-tree.c: make radix_tree_node_alloc() work
  correctly within interrupt (bnc#763463).
• md: Throttle number of pending write requests in
  md/raid10 (bnc#833858).
• dm: ignore merge_bvec for snapshots when safe
  (bnc#820848).
• fs: do_add_mount()/umount -l races (bnc#836801).
• SUNRPC: close a rare race in xs_tcp_setup_socket
  (bnc#794824).
• NFS: make nfs_flush_incompatible more generous
  (bnc#816099).
• NFS: don’t try to use lock state when we hold a
  delegation (bnc#831029).
• NFS: nfs_lookup_revalidate(): fix a leak (bnc#828894).
• cifs: fill TRANS2_QUERY_FILE_INFO ByteCount fields
  (bnc#804950).
• xfs: growfs: use uncached buffers for new headers
  (bnc#842604).
• xfs: avoid double-free in xfs_attr_node_addname.
• xfs: Check the return value of xfs_buf_get()
  (bnc#842604).
• cifs: revalidate directories instiantiated via FIND_*
  in order to handle DFS referrals (bnc#831143).
• cifs: don’t instantiate new dentries in readdir for
  inodes that need to be revalidated immediately (bnc#831143).
• cifs: rename cifs_readdir_lookup to cifs_prime_dcache
  and make it void return (bnc#831143).
• cifs: get rid of blind d_drop() in readdir
  (bnc#831143).
• cifs: cleanup cifs_filldir (bnc#831143).
• cifs: on send failure, readjust server sequence
  number downward (bnc#827966).
• cifs: adjust sequence number downward after signing
  NT_CANCEL request (bnc#827966).
• cifs: on send failure, readjust server sequence
  number downward (bnc#827966).
• cifs: adjust sequence number downward after signing
  NT_CANCEL request (bnc#827966).
• reiserfs: fix race with flush_used_journal_lists and
  flush_journal_list (bnc#837803).
• reiserfs: remove useless flush_old_journal_lists.
• mvsas: add support for 9480 device id (bnc#843950).
• drm/i915: Disable GGTT PTEs on GEN6+ suspend
  (bnc#800875).
• drm/i915/hsw: Disable L3 caching of atomic memory
  operations (bnc#800875).
• r8169: fix argument in rtl_hw_init_8168g
  (bnc#845352,bnc#842820).
• r8169: support RTL8168G (bnc#845352,bnc#842820).
• r8169: abstract out loop conditions
  (bnc#845352,bnc#842820).
• r8169: mdio_ops signature change
  (bnc#845352,bnc#842820).
• megaraid_sas: Disable controller reset for ppc
  (bnc#841050).
• scsi_dh_alua: simplify alua_check_sense()
  (bnc#843642).
• scsi_dh_alua: Fix missing close brace in
  alua_check_sense (bnc#843642).
• scsi_dh_alua: retry command on ‘mode parameter
  changed’ sense code (bnc#843645).
• scsi_dh_alua: invalid state information for
  ‘optimized’ paths (bnc#843445).
• scsi_dh_alua: reattaching device handler fails with
  ‘Error 15’ (bnc#843429).
• iscsi: don’t hang in endless loop if no targets
  present (bnc#841094).
• scsi_dh_alua: Allow get_alua_data() to return NULL
  (bnc#839407).
• quirks: add touchscreen that is dazzeled by remote
  wakeup (bnc#835930).
• bnx2x: Change to D3hot only on removal (bnc#838448).
• tty/hvc_iucv: Disconnect IUCV connection when
  lowering DTR (bnc#839973,LTC#97595).
• tty/hvc_console: Add DTR/RTS callback to handle HUPCL
  control (bnc#839973,LTC#97595).
• series.conf: disable XHCI ring expansion patches
  because on machines with large memory they cause a
  starvation problem (bnc#833635)
• Drivers: hv: util: Fix a bug in version negotiation
  code for util services (bnc#828714).
• Drivers: hv: util: Correctly support ws2008R2 and
  earlier (bnc#838346).
• Drivers: hv: vmbus: Do not attempt to negoatiate a
  new version prematurely.
• Drivers: hv: util: Correctly support ws2008R2 and
  earlier (bnc#838346).
• Drivers: hv: vmbus: Terminate vmbus version
  negotiation on timeout.
• Drivers: hv: util: Fix a bug in version negotiation
  code for util services (bnc#828714).
• Drivers: hv: balloon: Initialize the transaction ID
  just before sending the packet.
• Drivers: hv: remove HV_DRV_VERSION.
• Drivers: hv: vmbus: Fix a bug in the handling of
  channel offers.
• Drivers: hv: util: Fix a bug in util version
  negotiation code (bnc#838346).
• mlx4: allow IB_QP_CREATE_USE_GFP_NOFS in
  mlx4_ib_create_qp() (bnc#822433).
• drm/i915: disable sound first on intel_disable_ddi
  (bnc#833151).
• ALSA: hda - Re-setup HDMI pin and audio infoframe on
  stream switches (bnc#833151).
• drm/i915: HDMI/DP - ELD info refresh support for
  Haswell (bnc#833151).
• drm/cirrus: This is a cirrus version of Egbert Eich’s
  patch for mgag200 (bnc#808079).
• vmxnet3: prevent div-by-zero panic when ring resizing
  uninitialized dev (bnc#833321).
• net/mlx4_en: Fix BlueFlame race (bnc#835684).
• be2net: Check for POST state in suspend-resume
  sequence (bnc#835189).
• be2net: bug fix on returning an invalid nic
  descriptor (bnc#835189).
• be2net: provision VF resources before enabling SR-IOV
  (bnc#835189).
• be2net: Fix firmware download for Lancer (bnc#835189).
• be2net: Fix to use version 2 of cq_create for
  SkyHawk-R devices (bnc#835189).
• be2net: Use GET_FUNCTION_CONFIG V1 cmd (bnc#835189).
• be2net: Avoid flashing BE3 UFI on BE3-R chip
  (bnc#835189).
• be2net: Use TXQ_CREATE_V2 cmd (bnc#835189).
• ipv6: don’t call fib6_run_gc() until routing is ready
  (bnc#836218).
• ipv6: prevent fib6_run_gc() contention (bnc#797526).
• ipv6: update ip6_rt_last_gc every time GC is run
  (bnc#797526).
• netfilter: nf_conntrack: use RCU safe kfree for
  conntrack extensions (bnc#827416 bko#60853
  bugzilla.netfilter.org:714).
• netfilter: prevent race condition breaking net
  reference counting (bnc#835094).
• sctp: deal with multiple COOKIE_ECHO chunks
  (bnc#826102).
• net: remove skb_orphan_try() (bnc#834600).
• bonding: check bond->vlgrp in bond_vlan_rx_kill_vid()
  (bnc#834905).
• tools: hv: Improve error logging in VSS daemon.
• tools: hv: Check return value of poll call.
• tools: hv: Check return value of setsockopt call.
• Tools: hv: fix send/recv buffer allocation.
• Tools: hv: check return value of daemon to fix
  compiler warning.
• Tools: hv: in kvp_set_ip_info free mac_addr right
  after usage.
• Tools: hv: check return value of system in
  hv_kvp_daemon.
• Tools: hv: correct payload size in netlink_send.
• Tools: hv: use full nlmsghdr in netlink_send.
• rpm/old-flavors, rpm/mkspec: Add version information
  to obsolete flavors (bnc#821465).
• rpm/kernel-binary.spec.in: Move the xenpae obsolete
  to the old-flavors file.
• rpm/old-flavors: Convert the old-packages.conf file
  to a flat list.
• rpm/old-packages.conf: Drop bogus obsoletes for "smp"
  (bnc#821465).
• rpm/kernel-binary.spec.in: Make sure that all KMP
  obsoletes are versioned (bnc#821465).
• rpm/kernel-binary.spec.in: Remove unversioned
  provides/obsoletes for packages that were only seen in
  openSUSE releases up to 11.0. (bnc#821465).
• sched/workqueue: Only wake up idle workers if not
  blocked on sleeping spin lock.
• genirq: Set irq thread to RT priority on creation.
• timers: prepare for full preemption improve.
• kernel/cpu: fix cpu down problem if kthread’s cpu is
  going down.
• kernel/hotplug: restore original cpu mask oncpu/down.
• drm/i915: drop trace_i915_gem_ring_dispatch on rt.
• rt,ntp: Move call to schedule_delayed_work() to
  helper thread.
• hwlat-detector: Update hwlat_detector to add outer
  loop detection.
• hwlat-detect/trace: Export trace_clock_local for
  hwlat-detector.
• hwlat-detector: Use trace_clock_local if available.
• hwlat-detector: Use thread instead of stop machine.
• genirq: do not invoke the affinity callback via a
  workqueue.
• Btrfs: fix negative qgroup tracking from owner
  accounting (bnc#821948).
• Btrfs: add missing error checks to
  add_data_references.
• Btrfs: change how we queue blocks for backref
  checking.
• Btrfs: add missing error handling to read_tree_block.
• Btrfs: handle errors when doing slow caching.
• Btrfs: fix inode leak on kmalloc failure in
  tree-log.c.
• Btrfs: don’t ignore errors from
  btrfs_run_delayed_items.
• Btrfs: fix oops when writing dirty qgroups to disk.
• Btrfs: do not clear our orphan item runtime flag on
  eexist.
• Btrfs: remove ourselves from the cluster list under
  lock.
• Btrfs: remove unnecessary ->s_umount in
  cleaner_kthread().
• Btrfs: make the cleaner complete early when the fs is
  going to be umounted.
• Btrfs: move the R/O check out of
  btrfs_clean_one_deleted_snapshot().
• Btrfs: make the snap/subv deletion end more early
  when the fs is R/O.
• Btrfs: optimize key searches in btrfs_search_slot.
• Btrfs: fix printing of non NULL terminated string.
• Btrfs: fix memory leak of orphan block rsv.
• Btrfs: don’t miss inode ref items in
  BTRFS_IOC_INO_LOOKUP.
• Btrfs: add missing error code to BTRFS_IOC_INO_LOOKUP
  handler.
• Btrfs: fix the error handling wrt orphan items.
• Btrfs: don’t allow a subvol to be deleted if it is
  the default subovl.
• Btrfs: return ENOSPC when target space is full.
• Btrfs: don’t bug_on when we fail when cleaning up
  transactions.
• Btrfs: add missing mounting options in
  btrfs_show_options().
• Btrfs: use u64 for subvolid when parsing mount
  options.
• Btrfs: add sanity checks regarding to parsing mount
  options.
• Btrfs: cleanup reloc roots properly on error.
• Btrfs: reset ret in record_one_backref.
• Btrfs: fix get set label blocking against balance.
• Btrfs: fall back to global reservation when removing
  subvolumes.
• Btrfs: Release uuid_mutex for shrink during device
  delete.
• Btrfs: update fixups from 3.11
• Btrfs: add ioctl to wait for qgroup rescan completion.
• Btrfs: remove useless copy in quota_ctl.
• Btrfs: do delay iput in sync_fs.
• Btrfs: fix estale with btrfs send.
• Btrfs: return error code in
  btrfs_check_trunc_cache_free_space().
• Btrfs: dont do log_removal in insert_new_root.
• Btrfs: check if leaf’s parent exists before pushing
  items around.
• Btrfs: allow file data clone within a file.
• Btrfs: simplify unlink reservations.
• Btrfs: fix qgroup rescan resume on mount.
• Btrfs: do not pin while under spin lock.
• Btrfs: add some missing iput()'s in
  btrfs_orphan_cleanup.
• Btrfs: put our inode if orphan cleanup fails.
• Btrfs: exclude logged extents before replying when we
  are mixed.
• Btrfs: fix broken nocow after balance.
• Btrfs: wake up delayed ref flushing waiters on abort.
• Btrfs: stop waiting on current trans if we aborted.
• Btrfs: fix transaction throttling for delayed refs.
• Btrfs: free csums when we’re done scrubbing an extent.
• Btrfs: unlock extent range on enospc in compressed
  submit.
• Btrfs: stop using try_to_writeback_inodes_sb_nr to
  flush delalloc.
• Btrfs: check if we can nocow if we don’t have data
  space.
• Btrfs: cleanup orphaned root orphan item.
• Btrfs: hold the tree mod lock in
  __tree_mod_log_rewind.
• Btrfs: only do the tree_mod_log_free_eb if this is
  our last ref.
• Btrfs: wait ordered range before doing direct io.
• Btrfs: update drop progress before stopping snapshot
  dropping.
• Btrfs: fix lock leak when resuming snapshot deletion.
• Btrfs: re-add root to dead root list if we stop
  dropping it.
• Btrfs: fix file truncation if FALLOC_FL_KEEP_SIZE is
  specified.
• Btrfs: fix a bug of snapshot-aware defrag to make it
  work on partial extents.
• Btrfs: fix extent buffer leak after backref walking.
• Btrfs: do not offset physical if we’re compressed.
• Btrfs: fix backref walking when we hit a compressed
  extent.
• Btrfs: make sure the backref walker catches all refs
  to our extent.
• Btrfs: release both paths before logging dir/changed
  extents.
• Btrfs: add btrfs_fs_incompat helper.
• Btrfs: merge save_error_info helpers into one.
• Btrfs: clean up transaction abort messages.
• Btrfs: cleanup unused arguments of btrfs_csum_data.
• Btrfs: use helper to cleanup tree roots.
• Btrfs: share stop worker code.
• Btrfs: Cleanup some redundant codes in
  btrfs_lookup_csums_range().
• Btrfs: clean snapshots one by one.
• Btrfs: deprecate subvolrootid mount option.
• Btrfs: make orphan cleanup less verbose.
• Btrfs: cover more error codes in btrfs_decode_error.
• Btrfs: make subvol creation/deletion killable in the
  early stages.
• Btrfs: fix a warning when disabling quota.
• Btrfs: fix infinite loop when we abort on mount.
• Btrfs: compare relevant parts of delayed tree refs.
• Btrfs: kill some BUG_ONs() in the find_parent_nodes().
• Btrfs: fix double free in the iterate_extent_inodes().
• Btrfs: fix error handling in make/read block group.
• Btrfs: don’t wait on ordered extents if we have a
  trans open.
• Btrfs: log ram bytes properly.
• Btrfs: fix bad extent logging.
• Btrfs: improve the performance of the csums lookup.
• Btrfs: ignore device open failures in
  __btrfs_open_devices.
• Btrfs: abort unlink trans in missed error case.
• Btrfs: creating the subvolume qgroup automatically
  when enabling quota.
• Btrfs: introduce a mutex lock for btrfs quota
  operations.
• Btrfs: remove some unnecessary spin_lock usages.
• Btrfs: fix missing check before creating a qgroup
  relation.
• Btrfs: fix missing check in the
  btrfs_qgroup_inherit().
• Btrfs: fix a warning when updating qgroup limit.
• Btrfs: use tree_root to avoid edquot when disabling
  quota.
• Btrfs: remove some BUG_ONs() when walking backref
  tree.
• Btrfs: make __merge_refs() return type be void.
• Btrfs: add a rb_tree to improve performance of ulist
  search.
• Btrfs: fix unblocked autodefraggers when remount.
• Btrfs: fix tree mod log regression on root split
  operations.
• Btrfs: fix accessing the root pointer in tree mod log
  functions.
• Btrfs: fix unlock after free on rewinded tree blocks.
• Btrfs: do not continue if out of memory happens.
• Btrfs: fix confusing edquot happening case.
• Btrfs: remove unused argument of fixup_low_keys().
• Btrfs: fix reada debug code compilation.
• Btrfs: return error when we specify wrong start to
  defrag.
• Btrfs: don’t force pages under writeback to finish
  when aborting.
• Btrfs: clear received_uuid field for new writable
  snapshots.
• Btrfs: fix missing check about ulist_add() in
  qgroup.c.
• Btrfs: add all ioctl checks before user change for
  quota operations.
• Btrfs: fix lockdep warning.
• Btrfs: fix possible infinite loop in slow caching.
• Btrfs: use REQ_META for all metadata IO.
• Btrfs: deal with bad mappings in btrfs_map_block.
• Btrfs: don’t call readahead hook until we have read
  the entire eb.
• Btrfs: don’t BUG_ON() in btrfs_num_copies.
• Btrfs: don’t try and free ebs twice in log replay.
• Btrfs: add tree block level sanity check.
• Btrfs: only exclude supers in the range of our block
  group.
• Btrfs: fix all callers of read_tree_block.
• Btrfs: fix extent logging with O_DIRECT into prealloc.
• Btrfs: cleanup fs roots if we fail to mount.
• Btrfs: don’t panic if we’re trying to drop too many
  refs.
• Btrfs: check return value of commit when recovering
  log.
• Btrfs: cleanup destroy_marked_extents.
• Btrfs: various abort cleanups.
• Btrfs: fix error handling in btrfs_ioctl_send().
• Btrfs: set UUID in root_item for created trees.
• Btrfs: return free space in cow error path.
• Btrfs: separate sequence numbers for delayed ref
  tracking and tree mod log.
• Btrfs: allocate new chunks if the space is not enough
  for global rsv.
• Btrfs: split btrfs_qgroup_account_ref into four
  functions (FATE#312751).
• Btrfs: rescan for qgroups (FATE#312751).
• Btrfs: automatic rescan after "quota enable" command
  (FATE#312751).
• Btrfs: deal with free space cache errors while
  replaying log.
• Btrfs: remove almost all of the BUG()'s from
  tree-log.c.
• Btrfs: deal with errors in write_dev_supers.
• Btrfs: make static code static & remove dead code.
• Btrfs: handle errors returned from get_tree_block_key.
• Btrfs: remove unused gfp mask parameter from
  release_extent_buffer callchain.
• Btrfs: read entire device info under lock.
• Btrfs: improve the loop of scrub_stripe.
• Btrfs: use unsigned long type for extent state bits.
• Btrfs: enhance superblock checks.
• Btrfs: allow superblock mismatch from older mkfs.
• Btrfs: annotate quota tree for lockdep.
• Btrfs: fix off-by-one in fiemap.
• Btrfs: don’t stop searching after encountering the
  wrong item.
• Btrfs: don’t null pointer deref on abort.
• Btrfs: remove warn on in free space cache writeout.
• Btrfs: fix possible memory leak in the
  find_parent_nodes().
• Btrfs: fix possible memory leak in replace_path().
• Btrfs: don’t abort the current transaction if there
  is no enough space for inode cache.
• Btrfs: don’t use global block reservation for inode
  cache truncation.
• Btrfs: optimize the error handle of use_block_rsv().
• Btrfs: don’t steal the reserved space from the global
  reserve if their space type is different.
• Btrfs: update the global reserve if it is empty.
• Btrfs: return errno if possible when we fail to
  allocate memory.
• Btrfs: fix accessing a freed tree root.
• Btrfs: fix unprotected root node of the subvolume’s
  inode rb-tree.
• Btrfs: pause the space balance when remounting to R/O.
• Btrfs: remove BUG_ON() in
  btrfs_read_fs_tree_no_radix().
• Btrfs: don’t invoke btrfs_invalidate_inodes() in the
  spin lock context.
• Btrfs: do away with non-whole_page extent I/O.
• Btrfs: explicitly use global_block_rsv for quota_tree.
• Btrfs: make sure roots are assigned before freeing
  their nodes.
• Btrfs: don’t delete fs_roots until after we cleanup
  the transaction.
• Btrfs: Drop inode if inode root is NULL.
• Btrfs: init relocate extent_io_tree with a mapping.
• Btrfs: fix use-after-free bug during umount.
• Btrfs: stop all workers before cleaning up roots.
• Btrfs: add log message stubs.

Security Issues:

• CVE-2013-2206
  <<a href=“http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2206”>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2206</a>
  >