SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 8269 / 8270 / 8283)

This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to
version 3.0.93 and to fix various bugs and security issues.

The following features have been added :

- NFS: Now supports a 'nosharetransport' option
(bnc#807502, bnc#828192, FATE#315593).

- ALSA: virtuoso: Xonar DSX support was added
(FATE#316016). The following security issues have been
fixed :

- The fill_event_metadata function in
fs/notify/fanotify/fanotify_user.c in the Linux kernel
did not initialize a certain structure member, which
allowed local users to obtain sensitive information from
kernel memory via a read operation on the fanotify
descriptor. (CVE-2013-2148)

- The key_notify_policy_flush function in net/key/af_key.c
in the Linux kernel did not initialize a certain
structure member, which allowed local users to obtain
sensitive information from kernel heap memory by reading
a broadcast message from the notify_policy interface of
an IPSec key_socket. (CVE-2013-2237)

- The ip6_sk_dst_check function in net/ipv6/ip6_output.c
in the Linux kernel allowed local users to cause a
denial of service (system crash) by using an AF_INET6
socket for a connection to an IPv4 interface.
(CVE-2013-2232)

- The (1) key_notify_sa_flush and (2)
key_notify_policy_flush functions in net/key/af_key.c in
the Linux kernel did not initialize certain structure
members, which allowed local users to obtain sensitive
information from kernel heap memory by reading a
broadcast message from the notify interface of an IPSec
key_socket. CVE-2013-4162: The
udp_v6_push_pending_frames function in net/ipv6/udp.c in
the IPv6 implementation in the Linux kernel made an
incorrect function call for pending data, which allowed
local users to cause a denial of service (BUG and system
crash) via a crafted application that uses the UDP_CORK
option in a setsockopt system call. (CVE-2013-2234)

- net/ceph/auth_none.c in the Linux kernel allowed remote
attackers to cause a denial of service (NULL pointer
dereference and system crash) or possibly have
unspecified other impact via an auth_reply message that
triggers an attempted build_request operation.
(CVE-2013-1059)

- The mmc_ioctl_cdrom_read_data function in
drivers/cdrom/cdrom.c in the Linux kernel allowed local
users to obtain sensitive information from kernel memory
via a read operation on a malfunctioning CD-ROM drive.
(CVE-2013-2164)

- Format string vulnerability in the register_disk
function in block/genhd.c in the Linux kernel allowed
local users to gain privileges by leveraging root access
and writing format string specifiers to
/sys/module/md_mod/parameters/new_array in order to
create a crafted /dev/md device name. (CVE-2013-2851)

- The ip6_append_data_mtu function in
net/ipv6/ip6_output.c in the IPv6 implementation in the
Linux kernel did not properly maintain information about
whether the IPV6_MTU setsockopt option had been
specified, which allowed local users to cause a denial
of service (BUG and system crash) via a crafted
application that uses the UDP_CORK option in a
setsockopt system call. (CVE-2013-4163)

- Heap-based buffer overflow in the tg3_read_vpd function
in drivers/net/ethernet/broadcom/tg3.c in the Linux
kernel allowed physically proximate attackers to cause a
denial of service (system crash) or possibly execute
arbitrary code via crafted firmware that specifies a
long string in the Vital Product Data (VPD) data
structure. (CVE-2013-1929)

- The _xfs_buf_find function in fs/xfs/xfs_buf.c in the
Linux kernel did not validate block numbers, which
allowed local users to cause a denial of service (NULL
pointer dereference and system crash) or possibly have
unspecified other impact by leveraging the ability to
mount an XFS filesystem containing a metadata inode with
an invalid extent map. (CVE-2013-1819)

Also the following non-security bugs have been fixed :

- ACPI / APEI: Force fatal AER severity when component has
been reset. (bnc#828886 / bnc#824568)

- PCI/AER: Move AER severity defines to aer.h. (bnc#828886
/ bnc#824568)

- PCI/AER: Set dev->__aer_firmware_first only for matching
devices. (bnc#828886 / bnc#824568)

- PCI/AER: Factor out HEST device type matching.
(bnc#828886 / bnc#824568)

- PCI/AER: Do not parse HEST table for non-PCIe devices.
(bnc#828886 / bnc#824568)

- PCI/AER: Reset link for devices below Root Port or
Downstream Port. (bnc#828886 / bnc#824568)

- zfcp: fix lock imbalance by reworking request queue
locking (bnc#835175, LTC#96825).

- qeth: Fix crash on initial MTU size change (bnc#835175,
LTC#96809).

- qeth: change default standard blkt settings for OSA
Express (bnc#835175, LTC#96808).

- x86: Add workaround to NMI iret woes. (bnc#831949)

- x86: Do not schedule while still in NMI context.
(bnc#831949)

- drm/i915: no longer call drm_helper_resume_force_mode.
(bnc#831424,bnc#800875)

- bnx2x: protect different statistics flows. (bnc#814336)

- bnx2x: Avoid sending multiple statistics queries.
(bnc#814336)

- bnx2x: protect different statistics flows. (bnc#814336)

- ALSA: hda - Fix unbalanced runtime pm refount.
(bnc#834742)

- xhci: directly calling _PS3 on suspend. (bnc#833148)

- futex: Take hugepages into account when generating
futex_key.

- e1000e: workaround DMA unit hang on I218. (bnc#834647)

- e1000e: unexpected 'Reset adapter' message when cable
pulled. (bnc#834647)

- e1000e: 82577: workaround for link drop issue.
(bnc#834647)

- e1000e: helper functions for accessing EMI registers.
(bnc#834647)

- e1000e: workaround DMA unit hang on I218. (bnc#834647)

- e1000e: unexpected 'Reset adapter' message when cable
pulled. (bnc#834647)

- e1000e: 82577: workaround for link drop issue.
(bnc#834647)

- e1000e: helper functions for accessing EMI registers.
(bnc#834647)

- Drivers: hv: util: Fix a bug in version negotiation code
for util services. (bnc#828714)

- printk: Add NMI ringbuffer. (bnc#831949)

- printk: extract ringbuffer handling from vprintk.
(bnc#831949)

- printk: NMI safe printk. (bnc#831949)

- printk: Make NMI ringbuffer size independent on
log_buf_len. (bnc#831949)

- printk: Do not call console_unlock from nmi context.
(bnc#831949)

- printk: Do not use printk_cpu from finish_printk.
(bnc#831949)

- zfcp: fix schedule-inside-lock in scsi_device list loops
(bnc#833073, LTC#94937).

- uvc: increase number of buffers. (bnc#822164,
bnc#805804)

- drm/i915: Adding more reserved PCI IDs for Haswell.
(bnc#834116)

- Refresh patches.xen/xen-netback-generalize. (bnc#827378)

- Update Xen patches to 3.0.87.

- mlx4_en: Adding 40gb speed report for ethtool.
(bnc#831410)

- drm/i915: Retry DP aux_ch communications with a
different clock after failure. (bnc#831422)

- drm/i915: split aux_clock_divider logic in a separated
function for reuse. (bnc#831422)

- drm/i915: dp: increase probe retries. (bnc#831422)

- drm/i915: Only clear write-domains after a successful
wait-seqno. (bnc#831422)

- drm/i915: Fix write-read race with multiple rings.
(bnc#831422)

- drm/i915: Retry DP aux_ch communications with a
different clock after failure. (bnc#831422)

- drm/i915: split aux_clock_divider logic in a separated
function for reuse. (bnc#831422)

- drm/i915: dp: increase probe retries. (bnc#831422)

- drm/i915: Only clear write-domains after a successful
wait-seqno. (bnc#831422)

- drm/i915: Fix write-read race with multiple rings.
(bnc#831422)

- xhci: Add xhci_disable_ports boot option. (bnc#822164)

- xhci: set device to D3Cold on shutdown. (bnc#833097)

- reiserfs: Fixed double unlock in reiserfs_setattr
failure path.

- reiserfs: locking, release lock around quota operations.
(bnc#815320)

- reiserfs: locking, push write lock out of xattr code.
(bnc#815320)

- reiserfs: locking, handle nested locks properly.
(bnc#815320)

- reiserfs: do not lock journal_init(). (bnc#815320)

- reiserfs: delay reiserfs lock until journal
initialization. (bnc#815320)

- NFS: support 'nosharetransport' option (bnc#807502,
bnc#828192, FATE#315593).

- HID: hyperv: convert alloc+memcpy to memdup.

- Drivers: hv: vmbus: Implement multi-channel support
(fate#316098).

- Drivers: hv: Add the GUID fot synthetic fibre channel
device (fate#316098).

- tools: hv: Check return value of setsockopt call.

- tools: hv: Check return value of poll call.

- tools: hv: Check return value of strchr call.

- tools: hv: Fix file descriptor leaks.

- tools: hv: Improve error logging in KVP daemon.

- drivers: hv: switch to use mb() instead of smp_mb().

- drivers: hv: check interrupt mask before read_index.

- drivers: hv: allocate synic structures before
hv_synic_init().

- storvsc: Increase the value of scsi timeout for storvsc
devices (fate#316098).

- storvsc: Update the storage protocol to win8 level
(fate#316098).

- storvsc: Implement multi-channel support (fate#316098).

- storvsc: Support FC devices (fate#316098).

- storvsc: Increase the value of STORVSC_MAX_IO_REQUESTS
(fate#316098).

- hyperv: Fix the NETIF_F_SG flag setting in netvsc.

- Drivers: hv: vmbus: incorrect device name is printed
when child device is unregistered.

- Tools: hv: KVP: Fix a bug in IPV6 subnet enumeration.
(bnc#828714)

- ipv6: ip6_append_data_mtu did not care about pmtudisc
and frag_size. (bnc#831055, CVE-2013-4163)

- ipv6: ip6_append_data_mtu did not care about pmtudisc
and frag_size. (bnc#831055, CVE-2013-4163)

- dm mpath: add retain_attached_hw_handler feature.
(bnc#760407)

- scsi_dh: add scsi_dh_attached_handler_name. (bnc#760407)

- af_key: fix info leaks in notify messages. (bnc#827749 /
CVE-2013-2234)

- af_key: initialize satype in key_notify_policy_flush().
(bnc#828119 / CVE-2013-2237)

- ipv6: call udp_push_pending_frames when uncorking a
socket with. (bnc#831058, CVE-2013-4162)

- tg3: fix length overflow in VPD firmware parsing.
(bnc#813733 / CVE-2013-1929)

- xfs: fix _xfs_buf_find oops on blocks beyond the
filesystem end. (CVE-2013-1819 / bnc#807471)

- ipv6: ip6_sk_dst_check() must not assume ipv6 dst.
(bnc#827750, CVE-2013-2232)

- dasd: fix hanging devices after path events (bnc#831623,
LTC#96336).

- kernel: z90crypt module load crash (bnc#831623,
LTC#96214).

- ata: Fix DVD not detected at some platform with
Wellsburg PCH. (bnc#822225)

- drm/i915: edp: add standard modes. (bnc#832318)

- Do not switch camera on yet more HP machines.
(bnc#822164)

- Do not switch camera on HP EB 820 G1. (bnc#822164)

- xhci: Avoid NULL pointer deref when host dies.
(bnc#827271)

- bonding: disallow change of MAC if fail_over_mac
enabled. (bnc#827376)

- bonding: propagate unicast lists down to slaves.
(bnc#773255 / bnc#827372)

- net/bonding: emit address change event also in
bond_release. (bnc#773255 / bnc#827372)

- bonding: emit event when bonding changes MAC.
(bnc#773255 / bnc#827372)

- usb: host: xhci: Enable XHCI_SPURIOUS_SUCCESS for all
controllers with xhci 1.0. (bnc#797909)

- xhci: fix NULL pointer dereference on
ring_doorbell_for_active_rings. (bnc#827271)

- updated reference for security issue fixed inside.
(CVE-2013-3301 / bnc#815256)

- qla2xxx: Clear the MBX_INTR_WAIT flag when the mailbox
time-out happens. (bnc#830478)

- drm/i915: initialize gt_lock early with other spin
locks. (bnc#801341)

- drm/i915: fix up gt init sequence fallout. (bnc#801341)

- drm/i915: initialize gt_lock early with other spin
locks. (bnc#801341)

- drm/i915: fix up gt init sequence fallout. (bnc#801341)

- timer_list: Correct the iterator for timer_list.
(bnc#818047)

- firmware: do not spew errors in normal boot (bnc#831438,
fate#314574).

- ALSA: virtuoso: Xonar DSX support (FATE#316016).

- SUNRPC: Ensure we release the socket write lock if the
rpc_task exits early. (bnc#830901)

- ext4: Re-add config option Building ext4 as the
ext4-writeable KMP uses CONFIG_EXT4_FS_RW=y to denote
that read-write module should be enabled. This update
just defaults allow_rw to true if it is set.

- e1000: fix vlan processing regression. (bnc#830766)

- ext4: force read-only unless rw=1 module option is used
(fate#314864).

- dm mpath: fix ioctl deadlock when no paths. (bnc#808940)

- HID: fix unused rsize usage. (bnc#783475)

- add reference for b43 format string flaw. (bnc#822579 /
CVE-2013-2852)

- HID: fix data access in implement(). (bnc#783475)

- xfs: fix deadlock in xfs_rtfree_extent with kernel v3.x.
(bnc#829622)

- kernel: sclp console hangs (bnc#830346, LTC#95711).

- Refresh
patches.fixes/rtc-add-an-alarm-disable-quirk.patch.

- Delete
patches.drm/1209-nvc0-fb-shut-up-pmfb-interrupt-after-th
e-first-occurrence. It was removed from series.conf in
063ed686e5a3cda01a7ddbc49db1499da917fef5 but the file
was not deleted.

- Drivers: hv: balloon: Do not post pressure status if
interrupted. (bnc#829539)

- Drivers: hv: balloon: Fix a bug in the hot-add code.
(bnc#829539)

- drm/i915: Fix incoherence with fence updates on
Sandybridge+. (bnc#809463)

- drm/i915: merge {i965, sandybridge}_write_fence_reg().
(bnc#809463)

- drm/i915: Fix incoherence with fence updates on
Sandybridge+. (bnc#809463)

- drm/i915: merge {i965, sandybridge}_write_fence_reg().
(bnc#809463)

- Refresh
patches.fixes/rtc-add-an-alarm-disable-quirk.patch.

- r8169: allow multicast packets on sub-8168f chipset.
(bnc#805371)

- r8169: support new chips of RTL8111F. (bnc#805371)

- r8169: define the early size for 8111evl. (bnc#805371)

- r8169: fix the reset setting for 8111evl. (bnc#805371)

- r8169: add MODULE_FIRMWARE for the firmware of 8111evl.
(bnc#805371)

- r8169: fix sticky accepts packet bits in RxConfig.
(bnc#805371)

- r8169: adjust the RxConfig settings. (bnc#805371)

- r8169: support RTL8111E-VL. (bnc#805371)

- r8169: add ERI functions. (bnc#805371)

- r8169: modify the flow of the hw reset. (bnc#805371)

- r8169: adjust some registers. (bnc#805371)

- r8169: check firmware content sooner. (bnc#805371)

- r8169: support new firmware format. (bnc#805371)

- r8169: explicit firmware format check. (bnc#805371)

- r8169: move the firmware down into the device private
data. (bnc#805371)

- r8169: allow multicast packets on sub-8168f chipset.
(bnc#805371)

- r8169: support new chips of RTL8111F. (bnc#805371)

- r8169: define the early size for 8111evl. (bnc#805371)

- r8169: fix the reset setting for 8111evl. (bnc#805371)

- r8169: add MODULE_FIRMWARE for the firmware of 8111evl.
(bnc#805371)

- r8169: fix sticky accepts packet bits in RxConfig.
(bnc#805371)

- r8169: adjust the RxConfig settings. (bnc#805371)

- r8169: support RTL8111E-VL. (bnc#805371)

- r8169: add ERI functions. (bnc#805371)

- r8169: modify the flow of the hw reset. (bnc#805371)

- r8169: adjust some registers. (bnc#805371)

- r8169: check firmware content sooner. (bnc#805371)

- r8169: support new firmware format. (bnc#805371)

- r8169: explicit firmware format check. (bnc#805371)

- r8169: move the firmware down into the device private
data. (bnc#805371)

-
patches.fixes/mm-link_mem_sections-touch-nmi-watchdog.pa
tch: mm: link_mem_sections make sure nmi watchdog does
not trigger while linking memory sections. (bnc#820434)

- drm/i915: fix long-standing SNB regression in power
consumption after resume v2. (bnc#801341)

- RTC: Add an alarm disable quirk. (bnc#805740)

- drm/i915: Fix bogus hotplug warnings at resume.
(bnc#828087)

- drm/i915: Serialize all register access.
(bnc#809463,bnc#812274,bnc#822878,bnc#828914)

- drm/i915: Resurrect ring kicking for semaphores,
selectively. (bnc#828087)

- drm/i915: Fix bogus hotplug warnings at resume.
(bnc#828087)

- drm/i915: Serialize all register access.
(bnc#809463,bnc#812274,bnc#822878,bnc#828914)

- drm/i915: Resurrect ring kicking for semaphores,
selectively. (bnc#828087)

- drm/i915: use lower aux clock divider on non-ULT HSW.
(bnc#800875)

- drm/i915: preserve the PBC bits of TRANS_CHICKEN2.
(bnc#828087)

- drm/i915: set CPT FDI RX polarity bits based on VBT.
(bnc#828087)

- drm/i915: hsw: fix link training for eDP on port-A.
(bnc#800875)

- drm/i915: use lower aux clock divider on non-ULT HSW.
(bnc#800875)

- drm/i915: preserve the PBC bits of TRANS_CHICKEN2.
(bnc#828087)

- drm/i915: set CPT FDI RX polarity bits based on VBT.
(bnc#828087)

- drm/i915: hsw: fix link training for eDP on port-A.
(bnc#800875)

- patches.arch/s390-66-02-smp-ipi.patch: kernel: lost IPIs
on CPU hotplug (bnc#825048, LTC#94784).

-
patches.fixes/iwlwifi-use-correct-supported-firmware-for
-6035-and-.patch: iwlwifi: use correct supported
firmware for 6035 and 6000g2. (bnc#825887)

-
patches.fixes/watchdog-update-watchdog_thresh-atomically
.patch: watchdog: Update watchdog_thresh atomically.
(bnc#829357)

-
patches.fixes/watchdog-update-watchdog_tresh-properly.pa
tch: watchdog: update watchdog_tresh properly.
(bnc#829357)

-
patches.fixes/watchdog-make-disable-enable-hotplug-and-p
reempt-save.patch:
watchdog-make-disable-enable-hotplug-and-preempt-save.pa
tch. (bnc#829357)

- kabi/severities: Ignore changes in drivers/hv

-
patches.drivers/lpfc-return-correct-error-code-on-bsg_ti
meout.patch: lpfc: Return correct error code on
bsg_timeout. (bnc#816043)

-
patches.fixes/dm-drop-table-reference-on-ioctl-retry.pat
ch: dm-multipath: Drop table when retrying ioctl.
(bnc#808940)

- scsi: Do not retry invalid function error. (bnc#809122)

-
patches.suse/scsi-do-not-retry-invalid-function-error.pa
tch: scsi: Do not retry invalid function error.
(bnc#809122)

- scsi: Always retry internal target error. (bnc#745640,
bnc#825227)

-
patches.suse/scsi-always-retry-internal-target-error.pat
ch: scsi: Always retry internal target error.
(bnc#745640, bnc#825227)

-
patches.drivers/drm-edid-Don-t-print-messages-regarding-
stereo-or-csync-by-default.patch: Refresh: add upstream
commit ID.

- patches.suse/acpiphp-match-to-Bochs-dmi-data.patch:
Refresh. . (bnc#824915)

- Refresh
patches.suse/acpiphp-match-to-Bochs-dmi-data.patch.
(bnc#824915)

- Update kabi files.

- ACPI:remove panic in case hardware has changed after S4.
(bnc#829001)

- ibmvfc: Driver version 1.0.1. (bnc#825142)

- ibmvfc: Fix for offlining devices during error recovery.
(bnc#825142)

- ibmvfc: Properly set cancel flags when cancelling abort.
(bnc#825142)

- ibmvfc: Send cancel when link is down. (bnc#825142)

- ibmvfc: Support FAST_IO_FAIL in EH handlers.
(bnc#825142)

- ibmvfc: Suppress ABTS if target gone. (bnc#825142)

- fs/dcache.c: add cond_resched() to
shrink_dcache_parent(). (bnc#829082)

- drivers/cdrom/cdrom.c: use kzalloc() for failing
hardware. (bnc#824295, CVE-2013-2164)

- kmsg_dump: do not run on non-error paths by default.
(bnc#820172)

- supported.conf: mark tcm_qla2xxx as supported

- mm: honor min_free_kbytes set by user. (bnc#826960)

- Drivers: hv: util: Fix a bug in version negotiation code
for util services. (bnc#828714)

- hyperv: Fix a kernel warning from
netvsc_linkstatus_callback(). (bnc#828574)

- RT: Fix up hardening patch to not gripe when avg >
available, which lockless access makes possible and
happens in -rt kernels running a cpubound ltp realtime
testcase. Just keep the output sane in that case.

- kabi/severities: Add exception for aer_recover_queue()
There should not be any user besides ghes.ko.

- Fix rpm changelog

- PCI / PM: restore the original behavior of
pci_set_power_state(). (bnc#827930)

- fanotify: info leak in copy_event_to_user().
(CVE-2013-2148 / bnc#823517)

- usb: xhci: check usb2 port capabilities before adding hw
link PM support. (bnc#828265)

- aerdrv: Move cper_print_aer() call out of interrupt
context. (bnc#822052, bnc#824568)

- PCI/AER: pci_get_domain_bus_and_slot() call missing
required pci_dev_put(). (bnc#822052, bnc#824568)

-
patches.fixes/block-do-not-pass-disk-names-as-format-str
ings.patch: block: do not pass disk names as format
strings. (bnc#822575 / CVE-2013-2851)

- powerpc: POWER8 cputable entries. (bnc#824256)

- libceph: Fix NULL pointer dereference in auth client
code. (CVE-2013-1059, bnc#826350)

- md/raid10: Fix two bug affecting RAID10 reshape.

- Allow NFSv4 to run execute-only files. (bnc#765523)

- fs/ocfs2/namei.c: remove unnecessary ERROR when removing
non-empty directory. (bnc#819363)

- block: Reserve only one queue tag for sync IO if only 3
tags are available. (bnc#806396)

- btrfs: merge contiguous regions when loading free space
cache

- btrfs: fix how we deal with the orphan block rsv.

- btrfs: fix wrong check during log recovery.

- btrfs: change how we indicate we are adding csums.

See also :

https://bugzilla.novell.com/show_bug.cgi?id=745640
https://bugzilla.novell.com/show_bug.cgi?id=760407
https://bugzilla.novell.com/show_bug.cgi?id=765523
https://bugzilla.novell.com/show_bug.cgi?id=773006
https://bugzilla.novell.com/show_bug.cgi?id=773255
https://bugzilla.novell.com/show_bug.cgi?id=783475
https://bugzilla.novell.com/show_bug.cgi?id=789010
https://bugzilla.novell.com/show_bug.cgi?id=797909
https://bugzilla.novell.com/show_bug.cgi?id=800875
https://bugzilla.novell.com/show_bug.cgi?id=801341
https://bugzilla.novell.com/show_bug.cgi?id=805371
https://bugzilla.novell.com/show_bug.cgi?id=805740
https://bugzilla.novell.com/show_bug.cgi?id=805804
https://bugzilla.novell.com/show_bug.cgi?id=806396
https://bugzilla.novell.com/show_bug.cgi?id=807471
https://bugzilla.novell.com/show_bug.cgi?id=807502
https://bugzilla.novell.com/show_bug.cgi?id=808940
https://bugzilla.novell.com/show_bug.cgi?id=809122
https://bugzilla.novell.com/show_bug.cgi?id=809463
https://bugzilla.novell.com/show_bug.cgi?id=812274
https://bugzilla.novell.com/show_bug.cgi?id=813733
https://bugzilla.novell.com/show_bug.cgi?id=814336
https://bugzilla.novell.com/show_bug.cgi?id=815256
https://bugzilla.novell.com/show_bug.cgi?id=815320
https://bugzilla.novell.com/show_bug.cgi?id=816043
https://bugzilla.novell.com/show_bug.cgi?id=818047
https://bugzilla.novell.com/show_bug.cgi?id=819363
https://bugzilla.novell.com/show_bug.cgi?id=820172
https://bugzilla.novell.com/show_bug.cgi?id=820434
https://bugzilla.novell.com/show_bug.cgi?id=822052
https://bugzilla.novell.com/show_bug.cgi?id=822164
https://bugzilla.novell.com/show_bug.cgi?id=822225
https://bugzilla.novell.com/show_bug.cgi?id=822575
https://bugzilla.novell.com/show_bug.cgi?id=822579
https://bugzilla.novell.com/show_bug.cgi?id=822878
https://bugzilla.novell.com/show_bug.cgi?id=823517
https://bugzilla.novell.com/show_bug.cgi?id=824256
https://bugzilla.novell.com/show_bug.cgi?id=824295
https://bugzilla.novell.com/show_bug.cgi?id=824568
https://bugzilla.novell.com/show_bug.cgi?id=824915
https://bugzilla.novell.com/show_bug.cgi?id=825048
https://bugzilla.novell.com/show_bug.cgi?id=825142
https://bugzilla.novell.com/show_bug.cgi?id=825227
https://bugzilla.novell.com/show_bug.cgi?id=825887
https://bugzilla.novell.com/show_bug.cgi?id=826350
https://bugzilla.novell.com/show_bug.cgi?id=826960
https://bugzilla.novell.com/show_bug.cgi?id=827271
https://bugzilla.novell.com/show_bug.cgi?id=827372
https://bugzilla.novell.com/show_bug.cgi?id=827376
https://bugzilla.novell.com/show_bug.cgi?id=827378
https://bugzilla.novell.com/show_bug.cgi?id=827749
https://bugzilla.novell.com/show_bug.cgi?id=827750
https://bugzilla.novell.com/show_bug.cgi?id=827930
https://bugzilla.novell.com/show_bug.cgi?id=828087
https://bugzilla.novell.com/show_bug.cgi?id=828119
https://bugzilla.novell.com/show_bug.cgi?id=828192
https://bugzilla.novell.com/show_bug.cgi?id=828265
https://bugzilla.novell.com/show_bug.cgi?id=828574
https://bugzilla.novell.com/show_bug.cgi?id=828714
https://bugzilla.novell.com/show_bug.cgi?id=828886
https://bugzilla.novell.com/show_bug.cgi?id=828914
https://bugzilla.novell.com/show_bug.cgi?id=829001
https://bugzilla.novell.com/show_bug.cgi?id=829082
https://bugzilla.novell.com/show_bug.cgi?id=829357
https://bugzilla.novell.com/show_bug.cgi?id=829539
https://bugzilla.novell.com/show_bug.cgi?id=829622
https://bugzilla.novell.com/show_bug.cgi?id=830346
https://bugzilla.novell.com/show_bug.cgi?id=830478
https://bugzilla.novell.com/show_bug.cgi?id=830766
https://bugzilla.novell.com/show_bug.cgi?id=830822
https://bugzilla.novell.com/show_bug.cgi?id=830901
https://bugzilla.novell.com/show_bug.cgi?id=831055
https://bugzilla.novell.com/show_bug.cgi?id=831058
https://bugzilla.novell.com/show_bug.cgi?id=831410
https://bugzilla.novell.com/show_bug.cgi?id=831422
https://bugzilla.novell.com/show_bug.cgi?id=831424
https://bugzilla.novell.com/show_bug.cgi?id=831438
https://bugzilla.novell.com/show_bug.cgi?id=831623
https://bugzilla.novell.com/show_bug.cgi?id=831949
https://bugzilla.novell.com/show_bug.cgi?id=832318
https://bugzilla.novell.com/show_bug.cgi?id=833073
https://bugzilla.novell.com/show_bug.cgi?id=833097
https://bugzilla.novell.com/show_bug.cgi?id=833148
https://bugzilla.novell.com/show_bug.cgi?id=834116
https://bugzilla.novell.com/show_bug.cgi?id=834647
https://bugzilla.novell.com/show_bug.cgi?id=834742
https://bugzilla.novell.com/show_bug.cgi?id=835175
http://support.novell.com/security/cve/CVE-2013-1059.html
http://support.novell.com/security/cve/CVE-2013-1819.html
http://support.novell.com/security/cve/CVE-2013-1929.html
http://support.novell.com/security/cve/CVE-2013-2148.html
http://support.novell.com/security/cve/CVE-2013-2164.html
http://support.novell.com/security/cve/CVE-2013-2232.html
http://support.novell.com/security/cve/CVE-2013-2234.html
http://support.novell.com/security/cve/CVE-2013-2237.html
http://support.novell.com/security/cve/CVE-2013-2851.html
http://support.novell.com/security/cve/CVE-2013-2852.html
http://support.novell.com/security/cve/CVE-2013-3301.html
http://support.novell.com/security/cve/CVE-2013-4162.html
http://support.novell.com/security/cve/CVE-2013-4163.html

Solution :

Apply SAT patch number 8269 / 8270 / 8283 as appropriate.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now