SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 8524 / 8525 / 8528)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to
version 3.0.101 and also includes various other bug and security
fixes.

The following features have been added :

- Drivers: hv: Support handling multiple VMBUS versions
(FATE#314665).

- Drivers: hv: Save and export negotiated vmbus version
(FATE#314665).

- Drivers: hv: Move vmbus version definitions to hyperv.h
(FATE#314665). The following security issue has been
fixed :

- The sctp_sf_do_5_2_4_dupcook function in
net/sctp/sm_statefuns.c in the SCTP implementation in
the Linux kernel did not properly handle associations
during the processing of a duplicate COOKIE ECHO chunk,
which allowed remote attackers to cause a denial of
service (NULL pointer dereference and system crash) or
possibly have unspecified other impact via crafted SCTP
traffic. (bnc#826102). (CVE-2013-2206)

The following non-security bugs have been fixed :

- mm, memcg: introduce own oom handler to iterate only
over its own threads.

- mm, memcg: move all oom handling to memcontrol.c.

- mm, oom: avoid looping when chosen thread detaches its
mm.

- mm, oom: fold oom_kill_task() into oom_kill_process().

- mm, oom: introduce helper function to process threads
during scan.

- mm, oom: reduce dependency on tasklist_lock (Reduce
tasklist_lock hold times). (bnc#821259)

- mm: do not walk all of system memory during show_mem
(Reduce tasklist_lock hold times). (bnc#821259)

- iommu/vt-d: add quirk for broken interrupt remapping on
55XX chipsets. (bnc#844513)

- x86/iommu/vt-d: Expand interrupt remapping quirk to
cover x58 chipset. (bnc#844513)

- iommu/vt-d: Only warn about broken interrupt remapping.
(bnc#844513)

- iommu: Remove stack trace from broken irq remapping
warning. (bnc#844513)

- intel-iommu: Fix leaks in pagetable freeing.
(bnc#841402)

- Revert aer_recover_queue() __GENKSYMS__ hack, add a fake
symset with the previous value instead. (bnc#847721)

- i2c: ismt: initialize DMA buffer. (bnc#843753)

- powerpc/irq: Run softirqs off the top of the irq stack.
(bnc#847319)

- quirks: add touchscreen that is dazzeled by remote
wakeup. (bnc#835930)

- kernel: sclp console hangs (bnc#841498, LTC#95711).

- tty/hvc_iucv: Disconnect IUCV connection when lowering
DTR (bnc#839973,LTC#97595).

- tty/hvc_console: Add DTR/RTS callback to handle HUPCL
control (bnc#839973,LTC#97595).

- softirq: reduce latencies. (bnc#797526)

- X.509: Remove certificate date checks. (bnc#841656)

- config/debug: Enable FSCACHE_DEBUG and CACHEFILES_DEBUG.
(bnc#837372)

- splice: fix racy pipe->buffers uses. (bnc#827246)

- blktrace: fix race with open trace files and directory
removal. (bnc#832292)

- rcu: Do not trigger false positive RCU stall detection.
(bnc#834204)

- kernel: allow program interruption filtering in user
space (bnc#837596, LTC#97332).

- Audit: do not print error when LSMs disabled.
(bnc#842057)

- SUNRPC: close a rare race in xs_tcp_setup_socket.
(bnc#794824)

- Btrfs: fix negative qgroup tracking from owner
accounting. (bnc#821948)

- cifs: fill TRANS2_QUERY_FILE_INFO ByteCount fields.
(bnc#804950)

- NFS: make nfs_flush_incompatible more generous.
(bnc#816099)

- xfs: growfs: use uncached buffers for new headers.
(bnc#842604)

- NFS: do not try to use lock state when we hold a
delegation. (bnc#831029)

- NFS: nfs_lookup_revalidate(): fix a leak. (bnc#828894)

- fs: do_add_mount()/umount -l races. (bnc#836801)

- xfs: avoid double-free in xfs_attr_node_addname.

- xfs: Check the return value of xfs_buf_get().
(bnc#842604)

- iscsi: do not hang in endless loop if no targets
present. (bnc#841094)

- scsi_dh_alua: Allow get_alua_data() to return NULL.
(bnc#839407)

- cifs: revalidate directories instiantiated via FIND_ in
order to handle DFS referrals. (bnc#831143)

- cifs: do not instantiate new dentries in readdir for
inodes that need to be revalidated immediately.
(bnc#831143)

- cifs: rename cifs_readdir_lookup to cifs_prime_dcache
and make it void return. (bnc#831143)

- cifs: get rid of blind d_drop() in readdir. (bnc#831143)

- cifs: cleanup cifs_filldir. (bnc#831143)

- cifs: on send failure, readjust server sequence number
downward. (bnc#827966)

- cifs: adjust sequence number downward after signing
NT_CANCEL request. (bnc#827966)

- cifs: on send failure, readjust server sequence number
downward. (bnc#827966)

- cifs: adjust sequence number downward after signing
NT_CANCEL request. (bnc#827966)

- reiserfs: fix race with flush_used_journal_lists and
flush_journal_list. (bnc#837803)

- reiserfs: remove useless flush_old_journal_lists.

- lib/radix-tree.c: make radix_tree_node_alloc() work
correctly within interrupt. (bnc#763463)

- md: Throttle number of pending write requests in
md/raid10. (bnc#833858)

- dm: ignore merge_bvec for snapshots when safe.
(bnc#820848)

- ata: Set proper SK when CK_COND is set. (bnc#833588)

- Btrfs: abort unlink trans in missed error case.

- Btrfs: add all ioctl checks before user change for quota
operations.

- Btrfs: add a rb_tree to improve performance of ulist
search.

- Btrfs: add btrfs_fs_incompat helper.

- Btrfs: add ioctl to wait for qgroup rescan completion.

- Btrfs: add log message stubs.

- Btrfs: add missing error checks to add_data_references.

- Btrfs: add missing error code to BTRFS_IOC_INO_LOOKUP
handler.

- Btrfs: add missing error handling to read_tree_block.

- Btrfs: add missing mounting options in
btrfs_show_options().

- Btrfs: add sanity checks regarding to parsing mount
options.

- Btrfs: add some missing iput()s in btrfs_orphan_cleanup.

- Btrfs: add tree block level sanity check.

- Btrfs: allocate new chunks if the space is not enough
for global rsv.

- Btrfs: allow file data clone within a file.

- Btrfs: allow superblock mismatch from older mkfs.

- Btrfs: annotate quota tree for lockdep.

- Btrfs: automatic rescan after 'quota enable' command
(FATE#312751).

- Btrfs: change how we queue blocks for backref checking.

- Btrfs: check if leafs parent exists before pushing items
around.

- Btrfs: check if we can nocow if we do not have data
space.

- Btrfs: check return value of commit when recovering log.

- Btrfs: clean snapshots one by one.

- Btrfs: cleanup destroy_marked_extents.

- Btrfs: cleanup fs roots if we fail to mount.

- Btrfs: cleanup orphaned root orphan item.

- Btrfs: cleanup reloc roots properly on error.

- Btrfs: Cleanup some redundant codes in
btrfs_lookup_csums_range().

- Btrfs: clean up transaction abort messages.

- Btrfs: cleanup unused arguments of btrfs_csum_data.

- Btrfs: clear received_uuid field for new writable
snapshots.

- Btrfs: compare relevant parts of delayed tree refs.

- Btrfs: cover more error codes in btrfs_decode_error.

- Btrfs: creating the subvolume qgroup automatically when
enabling quota.

- Btrfs: deal with bad mappings in btrfs_map_block.

- Btrfs: deal with errors in write_dev_supers.

- Btrfs: deal with free space cache errors while replaying
log.

- Btrfs: deprecate subvolrootid mount option.

- Btrfs: do away with non-whole_page extent I/O.

- Btrfs: do delay iput in sync_fs.

- Btrfs: do not clear our orphan item runtime flag on
eexist.

- Btrfs: do not continue if out of memory happens.

- Btrfs: do not offset physical if we are compressed.

- Btrfs: do not pin while under spin lock.

- Btrfs: do not abort the current transaction if there is
no enough space for inode cache.

- Btrfs: do not allow a subvol to be deleted if it is the
default subovl.

- Btrfs: do not BUG_ON() in btrfs_num_copies.

- Btrfs: do not bug_on when we fail when cleaning up
transactions.

- Btrfs: do not call readahead hook until we have read the
entire eb.

- Btrfs: do not delete fs_roots until after we cleanup the
transaction.

- Btrfs: dont do log_removal in insert_new_root.

- Btrfs: do not force pages under writeback to finish when
aborting.

- Btrfs: do not ignore errors from
btrfs_run_delayed_items.

- Btrfs: do not invoke btrfs_invalidate_inodes() in the
spin lock context.

- Btrfs: do not miss inode ref items in
BTRFS_IOC_INO_LOOKUP.

- Btrfs: do not NULL pointer deref on abort.

- Btrfs: do not panic if we are trying to drop too many
refs.

- Btrfs: do not steal the reserved space from the global
reserve if their space type is different.

- Btrfs: do not stop searching after encountering the
wrong item.

- Btrfs: do not try and free ebs twice in log replay.

- Btrfs: do not use global block reservation for inode
cache truncation.

- Btrfs: do not wait on ordered extents if we have a trans
open.

- Btrfs: Drop inode if inode root is NULL.

- Btrfs: enhance superblock checks.

- Btrfs: exclude logged extents before replying when we
are mixed.

- Btrfs: explicitly use global_block_rsv for quota_tree.

- Btrfs: fall back to global reservation when removing
subvolumes.

- Btrfs: fix a bug of snapshot-aware defrag to make it
work on partial extents.

- Btrfs: fix accessing a freed tree root.

- Btrfs: fix accessing the root pointer in tree mod log
functions.

- Btrfs: fix all callers of read_tree_block.

- Btrfs: fix a warning when disabling quota.

- Btrfs: fix a warning when updating qgroup limit.

- Btrfs: fix backref walking when we hit a compressed
extent.

- Btrfs: fix bad extent logging.

- Btrfs: fix broken nocow after balance.

- Btrfs: fix confusing edquot happening case.

- Btrfs: fix double free in the iterate_extent_inodes().

- Btrfs: fix error handling in btrfs_ioctl_send().

- Btrfs: fix error handling in make/read block group.

- Btrfs: fix estale with btrfs send.

- Btrfs: fix extent buffer leak after backref walking.

- Btrfs: fix extent logging with O_DIRECT into prealloc.

- Btrfs: fix file truncation if FALLOC_FL_KEEP_SIZE is
specified.

- Btrfs: fix get set label blocking against balance.

- Btrfs: fix infinite loop when we abort on mount.

- Btrfs: fix inode leak on kmalloc failure in tree-log.c.

- Btrfs: fix lockdep warning.

- Btrfs: fix lock leak when resuming snapshot deletion.

- Btrfs: fix memory leak of orphan block rsv.

- Btrfs: fix missing check about ulist_add() in qgroup.c.

- Btrfs: fix missing check before creating a qgroup
relation.

- Btrfs: fix missing check in the btrfs_qgroup_inherit().

- Btrfs: fix off-by-one in fiemap.

- Btrfs: fix oops when writing dirty qgroups to disk.

- Btrfs: fix possible infinite loop in slow caching.

- Btrfs: fix possible memory leak in replace_path().

- Btrfs: fix possible memory leak in the
find_parent_nodes().

- Btrfs: fix printing of non NULL terminated string.

- Btrfs: fix qgroup rescan resume on mount.

- Btrfs: fix reada debug code compilation.

- Btrfs: fix the error handling wrt orphan items.

- Btrfs: fix transaction throttling for delayed refs.

- Btrfs: fix tree mod log regression on root split
operations.

- Btrfs: fix unblocked autodefraggers when remount.

- Btrfs: fix unlock after free on rewinded tree blocks.

- Btrfs: fix unprotected root node of the subvolumes inode
rb-tree.

- Btrfs: fix use-after-free bug during umount.

- Btrfs: free csums when we are done scrubbing an extent.

- Btrfs: handle errors returned from get_tree_block_key.

- Btrfs: handle errors when doing slow caching.

- Btrfs: hold the tree mod lock in __tree_mod_log_rewind.

- Btrfs: ignore device open failures in
__btrfs_open_devices.

- Btrfs: improve the loop of scrub_stripe.

- Btrfs: improve the performance of the csums lookup.

- Btrfs: init relocate extent_io_tree with a mapping.

- Btrfs: introduce a mutex lock for btrfs quota
operations.

- Btrfs: kill some BUG_ONs() in the find_parent_nodes().

- Btrfs: log ram bytes properly.

- Btrfs: make __merge_refs() return type be void.

- Btrfs: make orphan cleanup less verbose.

- Btrfs: make static code static & remove dead code.

- Btrfs: make subvol creation/deletion killable in the
early stages.

- Btrfs: make sure roots are assigned before freeing their
nodes.

- Btrfs: make sure the backref walker catches all refs to
our extent.

- Btrfs: make the cleaner complete early when the fs is
going to be umounted.

- Btrfs: make the snap/subv deletion end more early when
the fs is R/O.

- Btrfs: merge save_error_info helpers into one.

- Btrfs: move the R/O check out of
btrfs_clean_one_deleted_snapshot().

- Btrfs: only do the tree_mod_log_free_eb if this is our
last ref.

- Btrfs: only exclude supers in the range of our block
group.

- Btrfs: optimize key searches in btrfs_search_slot.

- Btrfs: optimize the error handle of use_block_rsv().

- Btrfs: pause the space balance when remounting to R/O.

- Btrfs: put our inode if orphan cleanup fails.

- Btrfs: re-add root to dead root list if we stop dropping
it.

- Btrfs: read entire device info under lock.

- Btrfs: release both paths before logging dir/changed
extents.

- Btrfs: Release uuid_mutex for shrink during device
delete.

- Btrfs: remove almost all of the BUG()s from tree-log.c.

- Btrfs: remove BUG_ON() in btrfs_read_fs_tree_no_radix().

- Btrfs: remove ourselves from the cluster list under
lock.

- Btrfs: remove some BUG_ONs() when walking backref tree.

- Btrfs: remove some unnecessary spin_lock usages.

- Btrfs: remove unnecessary ->s_umount in
cleaner_kthread().

- Btrfs: remove unused argument of fixup_low_keys().

- Btrfs: remove unused gfp mask parameter from
release_extent_buffer callchain.

- Btrfs: remove useless copy in quota_ctl.

- Btrfs: remove warn on in free space cache writeout.

- Btrfs: rescan for qgroups (FATE#312751).

- Btrfs: reset ret in record_one_backref.

- Btrfs: return ENOSPC when target space is full.

- Btrfs: return errno if possible when we fail to allocate
memory.

- Btrfs: return error code in
btrfs_check_trunc_cache_free_space().

- Btrfs: return error when we specify wrong start to
defrag.

- Btrfs: return free space in cow error path.

- Btrfs: separate sequence numbers for delayed ref
tracking and tree mod log.

- Btrfs: set UUID in root_item for created trees.

- Btrfs: share stop worker code.

- Btrfs: simplify unlink reservations.

- Btrfs: split btrfs_qgroup_account_ref into four
functions.

- Btrfs: stop all workers before cleaning up roots.

- Btrfs: stop using try_to_writeback_inodes_sb_nr to flush
delalloc.

- Btrfs: stop waiting on current trans if we aborted.

- Btrfs: unlock extent range on enospc in compressed
submit.

- Btrfs: update drop progress before stopping snapshot
dropping.

- Btrfs: update fixups from 3.11

- Btrfs: update the global reserve if it is empty.

- Btrfs: use helper to cleanup tree roots.

- Btrfs: use REQ_META for all metadata IO.

- Btrfs: use tree_root to avoid edquot when disabling
quota.

- Btrfs: use u64 for subvolid when parsing mount options.

- Btrfs: use unsigned long type for extent state bits.

- Btrfs: various abort cleanups.

- Btrfs: wait ordered range before doing direct io.

- Btrfs: wake up delayed ref flushing waiters on abort.

- net/mlx4_en: Fix BlueFlame race. (bnc#835684)

- ipv6: do not call fib6_run_gc() until routing is ready.
(bnc#836218)

- ipv6: prevent fib6_run_gc() contention. (bnc#797526)

- ipv6: update ip6_rt_last_gc every time GC is run.
(bnc#797526)

- netfilter: nf_conntrack: use RCU safe kfree for
conntrack extensions (bnc#827416 bko#60853).

- netfilter: prevent race condition breaking net reference
counting. (bnc#835094)

- net: remove skb_orphan_try(). (bnc#834600)

- bonding: check bond->vlgrp in bond_vlan_rx_kill_vid().
(bnc#834905)

- sctp: deal with multiple COOKIE_ECHO chunks.
(bnc#826102)

- mlx4: allow IB_QP_CREATE_USE_GFP_NOFS in
mlx4_ib_create_qp(). (bnc#822433)

- drm/i915: disable sound first on intel_disable_ddi.
(bnc#833151)

- drm/i915: HDMI/DP - ELD info refresh support for
Haswell. (bnc#833151)

- drm/cirrus: This is a cirrus version of Egbert Eichs
patch for mgag200. (bnc#808079)

- drm/i915: Disable GGTT PTEs on GEN6+ suspend.
(bnc#800875)

- drm/i915/hsw: Disable L3 caching of atomic memory
operations. (bnc#800875)

- ALSA: hda - Re-setup HDMI pin and audio infoframe on
stream switches. (bnc#833151)

- vmxnet3: prevent div-by-zero panic when ring resizing
uninitialized dev. (bnc#833321)

- mvsas: add support for 9480 device id. (bnc#843950)

- r8169: fix argument in rtl_hw_init_8168g.
(bnc#845352,bnc#842820)

- r8169: support RTL8168G. (bnc#845352,bnc#842820)

- r8169: abstract out loop conditions.
(bnc#845352,bnc#842820)

- r8169: mdio_ops signature change.
(bnc#845352,bnc#842820)

- thp: reduce khugepaged freezing latency (khugepaged
blocking suspend-to-ram (bnc#825291)).

- bnx2x: Change to D3hot only on removal. (bnc#838448)

- megaraid_sas: Disable controller reset for ppc.
(bnc#841050)

- scsi_dh_alua: simplify alua_check_sense(). (bnc#843642)

- scsi_dh_alua: Fix missing close brace in
alua_check_sense. (bnc#843642)

- scsi_dh_alua: retry command on 'mode parameter changed'
sense code. (bnc#843645)

- scsi_dh_alua: invalid state information for 'optimized'
paths. (bnc#843445)

- scsi_dh_alua: reattaching device handler fails with
'Error 15'. (bnc#843429)

- Drivers: hv: util: Fix a bug in version negotiation code
for util services. (bnc#828714)

- Drivers: hv: util: Correctly support ws2008R2 and
earlier. (bnc#838346)

- Drivers: hv: vmbus: Do not attempt to negoatiate a new
version prematurely.

- Drivers: hv: util: Correctly support ws2008R2 and
earlier. (bnc#838346)

- Drivers: hv: vmbus: Terminate vmbus version negotiation
on timeout.

- Drivers: hv: vmbus: Fix a bug in the handling of channel
offers.

- Drivers: hv: util: Fix a bug in version negotiation code
for util services. (bnc#828714)

- Drivers: hv: balloon: Initialize the transaction ID just
before sending the packet.

- Drivers: hv: util: Fix a bug in util version negotiation
code. (bnc#838346)

- be2net: Check for POST state in suspend-resume sequence.
(bnc#835189)

- be2net: bug fix on returning an invalid nic descriptor.
(bnc#835189)

- be2net: provision VF resources before enabling SR-IOV.
(bnc#835189)

- be2net: Fix firmware download for Lancer. (bnc#835189)

- be2net: Fix to use version 2 of cq_create for SkyHawk-R
devices. (bnc#835189)

- be2net: Use GET_FUNCTION_CONFIG V1 cmd. (bnc#835189)

- be2net: Avoid flashing BE3 UFI on BE3-R chip.
(bnc#835189)

- be2net: Use TXQ_CREATE_V2 cmd. (bnc#835189)

- writeback: Do not sync data dirtied after sync start.
(bnc#833820)

- elousb: some systems cannot stomach work around.
(bnc#840830,bnc#830985)

- bounce: allow use of bounce pool via config option
(Bounce memory pool initialisation (bnc#836347)).

- block: initialize the bounce pool if high memory may be
added later (Bounce memory pool initialisation
(bnc#836347)).

- bio-integrity: track owner of integrity payload.
(bnc#831380)

- xhci: Fix spurious wakeups after S5 on Haswell.
(bnc#833097)

- s390/cio: handle unknown pgroup state
(bnc#837741,LTC#97048).

- s390/cio: export vpm via sysfs (bnc#837741,LTC#97048).

- s390/cio: skip broken paths (bnc#837741,LTC#97048).

- s390/cio: dont abort verification after missing irq
(bnc#837741,LTC#97048).

- cio: add message for timeouts on internal I/O
(bnc#837741,LTC#97048).

- series.conf: disable XHCI ring expansion patches because
on machines with large memory they cause a starvation
problem. (bnc#833635)

- Update EC2 config files (STRICT_DEVMEM off, bnc#843732).

- Fixed Xen guest freezes. (bnc#829682, bnc#842063)

- tools: hv: Improve error logging in VSS daemon.

- tools: hv: Check return value of poll call.

- tools: hv: Check return value of setsockopt call.

- Tools: hv: fix send/recv buffer allocation.

- Tools: hv: check return value of daemon to fix compiler
warning.

- Tools: hv: in kvp_set_ip_info free mac_addr right after
usage.

- Tools: hv: check return value of system in
hv_kvp_daemon.

- Tools: hv: correct payload size in netlink_send.

- Tools: hv: use full nlmsghdr in netlink_send.

- rpm/old-flavors, rpm/mkspec: Add version information to
obsolete flavors. (bnc#821465)

- rpm/kernel-binary.spec.in: Move the xenpae obsolete to
the old-flavors file.

- rpm/old-flavors: Convert the old-packages.conf file to a
flat list.

- rpm/mkspec: Adjust.

- rpm/old-packages.conf: Delete.

- rpm/old-packages.conf: Drop bogus obsoletes for 'smp'.
(bnc#821465)

- rpm/kernel-binary.spec.in: Make sure that all KMP
obsoletes are versioned. (bnc#821465)

- rpm/kernel-binary.spec.in: Remove unversioned
provides/obsoletes for packages that were only seen in
openSUSE releases up to 11.0. . (bnc#821465)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=763463
https://bugzilla.novell.com/show_bug.cgi?id=794824
https://bugzilla.novell.com/show_bug.cgi?id=797526
https://bugzilla.novell.com/show_bug.cgi?id=800875
https://bugzilla.novell.com/show_bug.cgi?id=804950
https://bugzilla.novell.com/show_bug.cgi?id=808079
https://bugzilla.novell.com/show_bug.cgi?id=816099
https://bugzilla.novell.com/show_bug.cgi?id=820848
https://bugzilla.novell.com/show_bug.cgi?id=821259
https://bugzilla.novell.com/show_bug.cgi?id=821465
https://bugzilla.novell.com/show_bug.cgi?id=821948
https://bugzilla.novell.com/show_bug.cgi?id=822433
https://bugzilla.novell.com/show_bug.cgi?id=825291
https://bugzilla.novell.com/show_bug.cgi?id=826102
https://bugzilla.novell.com/show_bug.cgi?id=827246
https://bugzilla.novell.com/show_bug.cgi?id=827416
https://bugzilla.novell.com/show_bug.cgi?id=827966
https://bugzilla.novell.com/show_bug.cgi?id=828714
https://bugzilla.novell.com/show_bug.cgi?id=828894
https://bugzilla.novell.com/show_bug.cgi?id=829682
https://bugzilla.novell.com/show_bug.cgi?id=830985
https://bugzilla.novell.com/show_bug.cgi?id=831029
https://bugzilla.novell.com/show_bug.cgi?id=831143
https://bugzilla.novell.com/show_bug.cgi?id=831380
https://bugzilla.novell.com/show_bug.cgi?id=832292
https://bugzilla.novell.com/show_bug.cgi?id=833097
https://bugzilla.novell.com/show_bug.cgi?id=833151
https://bugzilla.novell.com/show_bug.cgi?id=833321
https://bugzilla.novell.com/show_bug.cgi?id=833588
https://bugzilla.novell.com/show_bug.cgi?id=833635
https://bugzilla.novell.com/show_bug.cgi?id=833820
https://bugzilla.novell.com/show_bug.cgi?id=833858
https://bugzilla.novell.com/show_bug.cgi?id=834204
https://bugzilla.novell.com/show_bug.cgi?id=834600
https://bugzilla.novell.com/show_bug.cgi?id=834905
https://bugzilla.novell.com/show_bug.cgi?id=835094
https://bugzilla.novell.com/show_bug.cgi?id=835189
https://bugzilla.novell.com/show_bug.cgi?id=835684
https://bugzilla.novell.com/show_bug.cgi?id=835930
https://bugzilla.novell.com/show_bug.cgi?id=836218
https://bugzilla.novell.com/show_bug.cgi?id=836347
https://bugzilla.novell.com/show_bug.cgi?id=836801
https://bugzilla.novell.com/show_bug.cgi?id=837372
https://bugzilla.novell.com/show_bug.cgi?id=837596
https://bugzilla.novell.com/show_bug.cgi?id=837741
https://bugzilla.novell.com/show_bug.cgi?id=837803
https://bugzilla.novell.com/show_bug.cgi?id=838346
https://bugzilla.novell.com/show_bug.cgi?id=838448
https://bugzilla.novell.com/show_bug.cgi?id=839407
https://bugzilla.novell.com/show_bug.cgi?id=839973
https://bugzilla.novell.com/show_bug.cgi?id=840830
https://bugzilla.novell.com/show_bug.cgi?id=841050
https://bugzilla.novell.com/show_bug.cgi?id=841094
https://bugzilla.novell.com/show_bug.cgi?id=841402
https://bugzilla.novell.com/show_bug.cgi?id=841498
https://bugzilla.novell.com/show_bug.cgi?id=841656
https://bugzilla.novell.com/show_bug.cgi?id=842057
https://bugzilla.novell.com/show_bug.cgi?id=842063
https://bugzilla.novell.com/show_bug.cgi?id=842604
https://bugzilla.novell.com/show_bug.cgi?id=842820
https://bugzilla.novell.com/show_bug.cgi?id=843429
https://bugzilla.novell.com/show_bug.cgi?id=843445
https://bugzilla.novell.com/show_bug.cgi?id=843642
https://bugzilla.novell.com/show_bug.cgi?id=843645
https://bugzilla.novell.com/show_bug.cgi?id=843732
https://bugzilla.novell.com/show_bug.cgi?id=843753
https://bugzilla.novell.com/show_bug.cgi?id=843950
https://bugzilla.novell.com/show_bug.cgi?id=844513
https://bugzilla.novell.com/show_bug.cgi?id=845352
https://bugzilla.novell.com/show_bug.cgi?id=847319
https://bugzilla.novell.com/show_bug.cgi?id=847721
http://support.novell.com/security/cve/CVE-2013-2206.html

Solution :

Apply SAT patch number 8524 / 8525 / 8528 as appropriate.

Risk factor :

Medium / CVSS Base Score : 5.4
(CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 71034 ()

Bugtraq ID:

CVE ID: CVE-2013-2206

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now