Nessus Report

Report generated by Nessus™

Linux - Vulnerabilities by host, detailed findings with suggested remediations

Mon, 11 Dec 2017 12:42:14 Eastern Standard Time

TABLE OF CONTENTS
Vulnerabilities by Host
192.168.1.43
1
2
3
0
55
Critical
High
Medium
Low
Info
Scan Information
Start time: Mon Dec 11 10:31:33 2017
End time: Mon Dec 11 10:52:22 2017
Host Information
DNS Name: fedora25.localhost.local
IP: 192.168.1.43
MAC Address: 00:15:5d:0f:c6:af
OS: Linux Kernel 4.9.13-201.fc25.x86_64 on Fedora release 25 (Twenty Five)
Vulnerabilities

10114 - ICMP Timestamp Request Remote Date Disclosure
Synopsis
It is possible to determine the exact time set on the remote host.
Description
The remote host answers to an ICMP timestamp request. This allows an attacker to know the date that is set on the targeted machine, which may assist an unauthenticated, remote attacker in defeating time-based authentication protocols.

Timestamps returned from machines running Windows Vista / 7 / 2008 / 2008 R2 are deliberately incorrect, but usually within 1000 seconds of the actual system time.
Solution
Filter out the ICMP timestamp requests (13), and the outgoing ICMP timestamp replies (14).
Risk Factor
None
References
CVE CVE-1999-0524
XREF CWE:200
XREF OSVDB:94
Plugin Information:
Published: 1999/08/01, Modified: 2012/06/18
Plugin Output

icmp/0

The difference between the local and remote clocks is 1 second.

44657 - Linux Daemons with Broken Links to Executables
Synopsis
A daemon on the remote Linux host may need to be restarted.
Description
By examining the '/proc' filesystem on the remote Linux host, Nessus has identified at least one currently-running daemon for which the link to the corresponding executable is broken.

This can occur when the executable associated with a daemon is replaced on disk but the daemon itself has not been restarted. And if the changes are security-related, the system may remain vulnerable to attack until the daemon is restarted.

Alternatively, it could result from an attacker removing files in an effort to hide malicious activity.
Solution
Inspect each reported daemon to determine why the link to the executable is broken.
Risk Factor
Critical
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Plugin Information:
Published: 2010/02/17, Modified: 2015/10/21
Plugin Output

tcp/0


The following daemons are associated with broken links to
executables :

- 65016 udp: (/usr/sbin/dhclient)
- 68 udp: (/usr/sbin/dhclient)
- 38492 udp: (/usr/sbin/dhclient)
104828 - Fedora 25 : rpm (2017-ab57a100f3)
Synopsis
The remote Fedora host is missing a security update.
Description
This latest stable release on rpm 4.13.x branch brings in several important bugfixes. For details see release notes at http://rpm.org/wiki/Releases/4.13.0.2.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
Update the affected rpm package.
Risk Factor
High
References
CVE CVE-2017-7501
CVE CVE-2017-7500
XREF FEDORA:2017-ab57a100f3
Plugin Information:
Published: 2017/11/29, Modified: 2017/11/29
Plugin Output

tcp/0


Remote package installed : rpm-4.13.0.1-2.fc25
Should be : rpm-4.13.0.2-1.fc25
104979 - Fedora 25 : kernel (2017-905bb449bc)
Synopsis
The remote Fedora host is missing a security update.
Description
The 4.13.16 update contains various fixes across the tree.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
Update the affected kernel package.
Risk Factor
High
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
References
CVE CVE-2017-16994
CVE CVE-2017-16650
CVE CVE-2017-16649
CVE CVE-2017-16647
CVE CVE-2017-16644
CVE CVE-2017-16643
XREF FEDORA:2017-905bb449bc
Plugin Information:
Published: 2017/12/04, Modified: 2017/12/04
Plugin Output

tcp/0


Remote package installed : kernel-4.13.13-100.fc25
Should be : kernel-4.13.16-100.fc25
104826 - Fedora 25 : 1:openssl (2017-55a3247cfd)
Synopsis
The remote Fedora host is missing a security update.
Description
Minor security update 1.0.2m.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
Update the affected 1:openssl package.
Risk Factor
Medium
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
References
CVE CVE-2017-3735
XREF FEDORA:2017-55a3247cfd
Plugin Information:
Published: 2017/11/29, Modified: 2017/11/29
Plugin Output

tcp/0


Remote package installed : openssl-1.0.2k-1.fc25
Should be : openssl-1.0.2m-1.fc25
11936 - OS Identification
Synopsis
It is possible to guess the remote operating system.
Description
Using a combination of remote probes (e.g., TCP/IP, SMB, HTTP, NTP, SNMP, etc.), it is possible to guess the name of the remote operating system in use. It is also possible sometimes to guess the version of the operating system.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2003/12/09, Modified: 2017/08/29
Plugin Output

tcp/0


Remote operating system : Linux Kernel 4.9.13-201.fc25.x86_64 on Fedora release 25 (Twenty Five)
Confidence level : 100
Method : LinuxDistribution


The remote host is running Linux Kernel 4.9.13-201.fc25.x86_64 on Fedora release 25 (Twenty Five)
12053 - Host Fully Qualified Domain Name (FQDN) Resolution
Synopsis
It was possible to resolve the name of the remote host.
Description
Nessus was able to resolve the fully qualified domain name (FQDN) of the remote host.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/02/11, Modified: 2017/04/14
Plugin Output

tcp/0


192.168.1.43 resolves as fedora25.localhost.local.
19506 - Nessus Scan Information
Synopsis
This plugin displays information about the Nessus scan.
Description
This plugin displays, for each tested host, information about the scan itself :

- The version of the plugin set.
- The type of scanner (Nessus or Nessus Home).
- The version of the Nessus Engine.
- The port scanner(s) used.
- The port range scanned.
- Whether credentialed or third-party patch management checks are possible.
- The date of the scan.
- The duration of the scan.
- The number of hosts scanned in parallel.
- The number of checks done in parallel.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2005/08/26, Modified: 2017/10/26
Plugin Output

tcp/0

Information about this scan :

Nessus version : 7.0.0
Plugin feed version : 201712110615
Scanner edition used : Nessus
Scan type : Normal
Scan policy used : Basic Network Scan
Scanner IP : 192.168.1.108
Port scanner(s) : netstat
Port range : default
Thorough tests : no
Experimental tests : no
Paranoia level : 1
Report verbosity : 1
Safe checks : yes
Optimize the test : yes
Credentialed checks : yes, as 'root' via ssh
Attempt Least Privilege : no
Patch management checks : None
CGI scanning : disabled
Web application tests : disabled
Max hosts : 30
Max checks : 4
Recv timeout : 5
Backports : Detected
Allow post-scan editing: Yes
Scan Start Date : 2017/12/11 10:31 Eastern Standard Time
Scan duration : 1245 sec
22869 - Software Enumeration (SSH)
Synopsis
It was possible to enumerate installed software on the remote host via SSH.
Description
Nessus was able to list the software installed on the remote host by calling the appropriate command (e.g., 'rpm -qa' on RPM-based Linux distributions, qpkg, dpkg, etc.).
Solution
Remove any software that is not in compliance with your organization's acceptable use and security policies.
Risk Factor
None
Plugin Information:
Published: 2006/10/15, Modified: 2017/07/28
Plugin Output

tcp/0


Here is the list of packages installed on the remote Red Hat Linux system :

GeoIP-1.6.11-1.fc25|(none)
GeoIP-GeoLite-data-2017.10-1.fc25|(none)
NessusAgent-7.0.0-fc20|(none)
NetworkManager-1.4.6-1.fc25|1
NetworkManager-libnm-1.4.6-1.fc25|1
NetworkManager-team-1.4.6-1.fc25|1
PackageKit-1.1.5-1.fc25|(none)
PackageKit-glib-1.1.5-1.fc25|(none)
abrt-2.9.0-2.fc25|(none)
abrt-addon-ccpp-2.9.0-2.fc25|(none)
abrt-addon-coredump-helper-2.9.0-2.fc25|(none)
abrt-addon-kerneloops-2.9.0-2.fc25|(none)
abrt-addon-pstoreoops-2.9.0-2.fc25|(none)
abrt-addon-python3-2.9.0-2.fc25|(none)
abrt-addon-vmcore-2.9.0-2.fc25|(none)
abrt-addon-xorg-2.9.0-2.fc25|(none)
abrt-cli-2.9.0-2.fc25|(none)
abrt-dbus-2.9.0-2.fc25|(none)
abrt-libs-2.9.0-2.fc25|(none)
abrt-plugin-bodhi-2.9.0-2.fc25|(none)
abrt-python3-2.9.0-2.fc25|(none)
abrt-retrace-client-2.9.0-2.fc25|(none)
abrt-tui-2.9.0-2.fc25|(none)
acl-2.2.52-13.fc25|(none)
adcli-0.8.0-2.fc24|(none)
at-3.1.20-1.fc25|(none)
attr-2.4.47-16.fc24|(none)
audit-2.8.1-1.fc25|(none)
audit-libs-2.8.1-1.fc25|(none)
augeas-libs-1.8.1-1.fc25|(none)
authconfig-6.2.10-14.fc25|(none)
avahi-libs-0.6.32-4.fc25|(none)
basesystem-11-2.fc24|(none)
bash-4.3.43-4.fc25|(none)
bash-completion-2.5-1.fc25|1
bc-1.06.95-16.fc24|(none)
bind-libs-9.10.5-2.P2.fc25|32
bind-libs-lite-9.10.5-2.P2.fc25|32
bind-license-9.10.5-2.P2.fc25|32
bind-utils-9.10.5-2.P2.fc25|32
bind99-libs-9.9.10-2.P3.fc25|(none)
bind99-license-9.9.10-2.P3.fc25|(none)
binutils-2.26.1-1.fc25|(none)
bridge-utils-1.5-13.fc24|(none)
btrfs-progs-4.6.1-1.fc25|(none)
bzip2-1.0.6-21.fc25|(none)
bzip2-libs-1.0.6-21.fc25|(none)
c-ares-1.13.0-1.fc25|(none)
ca-certificates-2017.2.16-1.0.fc25|(none)
chkconfig-1.8-1.fc25|(none)
chrony-2.4.1-1.fc25|(none)
cifs-utils-6.7-1.fc25|(none)
cockpit-bridge-137-1.fc25|(none)
cockpit-networkmanager-137-1.fc25|(none)
cockpit-storaged-137-1.fc25|(none)
cockpit-system-137-1.fc25|(none)
cockpit-ws-137-1.fc25|(none)
comps-extras-23-4.fc24|(none)
coolkey-1.1.0-31.fc25|(none)
coreutils-8.25-17.fc25|(none)
coreutils-common-8.25-17.fc25|(none)
cpio-2.12-3.fc24|(none)
cpp-6.4.1-1.fc25|(none)
cracklib-2.9.6-4.fc25|(none)
cracklib-dicts-2.9.6-4.fc25|(none)
crda-3.18_2016.02.08-1.fc24|(none)
cronie-1.5.1-2.fc25|(none)
cronie-anacron-1.5.1-2.fc25|(none)
crontabs-1.11-12.20150630git.fc24|(none)
crypto-policies-20160921-4.gitf3018dd.fc25|(none)
cryptsetup-1.7.5-1.fc25|(none)
cryptsetup-libs-1.7.5-1.fc25|(none)
cups-libs-2.2.0-10.fc25|1
curl-7.51.0-9.fc25|(none)
cyrus-sasl-gssapi-2.1.26-26.2.fc24|(none)
cyrus-sasl-lib-2.1.26-26.2.fc24|(none)
cyrus-sasl-plain-2.1.26-26.2.fc24|(none)
dbus-1.11.18-1.fc25|1
dbus-glib-0.108-1.fc25|(none)
dbus-libs-1.11.18-1.fc25|1
deltarpm-3.6-17.fc25|(none)
desktop-file-utils-0.23-2.fc25|(none)
device-mapper-1.02.136-3.fc25|(none)
device-mapper-event-1.02.136-3.fc25|(none)
device-mapper-event-libs-1.02.136-3.fc25|(none)
device-mapper-libs-1.02.136-3.fc25|(none)
device-mapper-multipath-0.4.9-83.fc25|(none)
device-mapper-multipath-libs-0.4.9-83.fc25|(none)
device-mapper-persistent-data-0.6.3-1.fc25|(none)
dhcp-client-4.3.5-3.fc25|12
dhcp-common-4.3.5-3.fc25|12
dhcp-libs-4.3.5-3.fc25|12
diffutils-3.3-13.fc24|(none)
dnf-1.1.10-6.fc25|(none)
dnf-conf-1.1.10-6.fc25|(none)
dnf-plugins-core-0.1.21-5.fc25|(none)
dnf-yum-1.1.10-6.fc25|(none)
dnsmasq-2.76-4.fc25|(none)
dos2unix-7.3.4-1.fc25|(none)
dosfstools-4.1-1.fc25|(none)
dracut-046-2.git20170811.fc25|(none)
dracut-config-rescue-046-2.git20170811.fc25|(none)
dracut-network-046-2.git20170811.fc25|(none)
e2fsprogs-1.43.3-1.fc25|(none)
e2fsprogs-libs-1.43.3-1.fc25|(none)
ebtables-2.0.10-21.fc25|(none)
ed-1.14.1-1.fc25|(none)
elfutils-0.169-1.fc25|(none)
elfutils-default-yama-scope-0.169-1.fc25|(none)
elfutils-libelf-0.169-1.fc25|(none)
elfutils-libs-0.169-1.fc25|(none)
emacs-filesystem-25.3-3.fc25|1
ethtool-4.13-1.fc25|2
expat-2.2.3-1.fc25|(none)
fedora-logos-22.0.0-3.fc24|(none)
fedora-release-25-2|(none)
fedora-release-notes-25.01-1.fc25|(none)
fedora-release-server-25-2|(none)
fedora-repos-25-4|(none)
file-5.29-9.fc25|(none)
file-libs-5.29-9.fc25|(none)
filesystem-3.2-37.fc24|(none)
findutils-4.6.0-8.fc25|1
fipscheck-1.4.1-11.fc25|(none)
fipscheck-lib-1.4.1-11.fc25|(none)
firewalld-0.4.4.5-1.fc25|(none)
firewalld-filesystem-0.4.4.5-1.fc25|(none)
fpaste-0.3.8.3-1.fc25|(none)
fprintd-0.7.0-2.fc25|(none)
fprintd-pam-0.7.0-2.fc25|(none)
freetype-2.6.5-9.fc25|(none)
fuse-libs-2.9.7-1.fc25|(none)
gawk-4.1.3-12.fc25|(none)
gc-7.4.4-1.fc25|(none)
gcc-6.4.1-1.fc25|(none)
gcc-gdb-plugin-6.4.1-1.fc25|(none)
gdb-7.12.1-48.fc25|(none)
gdb-headless-7.12.1-48.fc25|(none)
gdbm-1.13-1.fc25|(none)
gdisk-1.0.3-2.fc25|(none)
gdk-pixbuf2-2.36.9-1.fc25|(none)
gettext-0.19.8.1-3.fc25|(none)
gettext-libs-0.19.8.1-3.fc25|(none)
glib-networking-2.50.0-1.fc25|(none)
glib2-2.50.3-1.fc25|(none)
glibc-2.24-10.fc25|(none)
glibc-all-langpacks-2.24-10.fc25|(none)
glibc-common-2.24-10.fc25|(none)
glibc-devel-2.24-10.fc25|(none)
glibc-headers-2.24-10.fc25|(none)
gmp-6.1.1-1.fc25|1
gnupg2-2.1.13-2.fc25|(none)
gnutls-3.5.15-1.fc25|(none)
gobject-introspection-1.50.0-1.fc25|(none)
gpg-pubkey-fdb19c98-56fd6333|(none)
gpgme-1.8.0-10.fc25|(none)
grep-2.27-2.fc25|(none)
groff-base-1.22.3-8.fc24|(none)
grub2-2.02-0.38.fc25|1
grub2-tools-2.02-0.38.fc25|1
grubby-8.40-3.fc24|(none)
gsettings-desktop-schemas-3.22.0-1.fc25|(none)
gssproxy-0.7.0-9.fc25|(none)
guile-2.0.13-1.fc25|5
gzip-1.8-1.fc25|(none)
hardlink-1.1-1.fc25|1
hawkey-0.6.4-3.fc25|(none)
hostname-3.15-8.fc25|(none)
http-parser-2.7.1-3.fc25|(none)
hunspell-1.4.1-2.fc25|(none)
hunspell-en-US-0.20140811.1-5.fc24|(none)
hwdata-0.305-1.fc25|(none)
info-6.1-4.fc25|(none)
initscripts-9.69-1.fc25|(none)
ipcalc-0.1.8-1.fc25|(none)
iproute-4.11.0-1.fc25|(none)
iproute-tc-4.11.0-1.fc25|(none)
ipset-6.29-1.fc25|(none)
ipset-libs-6.29-1.fc25|(none)
iptables-1.6.0-3.fc25|(none)
iptables-libs-1.6.0-3.fc25|(none)
iptstate-2.2.6-1.fc25|(none)
iputils-20161105-1.fc25|(none)
irqbalance-1.1.0-3.fc24|2
iscsi-initiator-utils-6.2.0.873-34.git4c1f2d9.fc25|(none)
iscsi-initiator-utils-iscsiuio-6.2.0.873-34.git4c1f2d9.fc25|(none)
isl-0.14-5.fc24|(none)
iw-4.9-1.fc25|(none)
jansson-2.10-2.fc25|(none)
json-c-0.12.1-2.fc25|(none)
json-glib-1.2.6-1.fc25|(none)
jwhois-4.0-46.fc24|(none)
kbd-2.0.3-3.fc24|(none)
kbd-legacy-2.0.3-3.fc24|(none)
kbd-misc-2.0.3-3.fc24|(none)
kernel-4.13.13-100.fc25|(none)
kernel-4.8.6-300.fc25|(none)
kernel-4.9.13-201.fc25|(none)
kernel-core-4.13.13-100.fc25|(none)
kernel-core-4.8.6-300.fc25|(none)
kernel-core-4.9.13-201.fc25|(none)
kernel-headers-4.13.13-100.fc25|(none)
kernel-modules-4.13.13-100.fc25|(none)
kernel-modules-4.8.6-300.fc25|(none)
kernel-modules-4.9.13-201.fc25|(none)
kexec-tools-2.0.13-7.fc25.3|(none)
keyutils-1.5.9-8.fc24|(none)
keyutils-libs-1.5.9-8.fc24|(none)
kmod-23-1.fc25|(none)
kmod-libs-23-1.fc25|(none)
kpartx-0.4.9-83.fc25|(none)
krb5-libs-1.14.4-9.fc25|(none)
less-481-7.fc25|(none)
libacl-2.2.52-13.fc25|(none)
libaio-0.3.110-6.fc24|(none)
libappstream-glib-0.6.13-1.fc25|(none)
libarchive-3.2.2-2.fc25|(none)
libassuan-2.4.3-1.fc25|(none)
libatasmart-0.19-13.fc25|(none)
libatomic_ops-7.4.4-1.fc25|(none)
libattr-2.4.47-16.fc24|(none)
libbabeltrace-1.4.0-3.fc25|(none)
libbasicobjects-0.1.1-34.fc25|(none)
libblkid-2.28.2-2.fc25|(none)
libblockdev-part-1.9-10.fc25|(none)
libblockdev-utils-1.9-10.fc25|(none)
libcap-2.25-2.fc25|(none)
libcap-ng-0.7.8-1.fc25|(none)
libcollection-0.7.0-34.fc25|(none)
libcom_err-1.43.3-1.fc25|(none)
libcomps-0.1.7-5.fc25|(none)
libcroco-0.6.11-3.fc25|(none)
libcrypt-nss-2.24-10.fc25|(none)
libcurl-7.51.0-9.fc25|(none)
libdaemon-0.14-10.fc24|(none)
libdb-5.3.28-24.fc25|(none)
libdb-utils-5.3.28-24.fc25|(none)
libdhash-0.5.0-34.fc25|(none)
libedit-3.1-16.20160618cvs.fc25|(none)
libestr-0.1.9-6.fc24|(none)
libev-4.24-1.fc25|(none)
libevent-2.0.22-1.fc25|(none)
libfastjson-0.99.7-1.fc25|(none)
libfdisk-2.28.2-2.fc25|(none)
libffi-3.1-9.fc24|(none)
libfprint-0.6.0-3.fc24|(none)
libgcab1-0.7-1.fc25|(none)
libgcc-6.4.1-1.fc25|(none)
libgcrypt-1.7.9-1.fc25|(none)
libgomp-6.4.1-1.fc25|(none)
libgpg-error-1.24-1.fc25|(none)
libgudev-230-3.fc24|(none)
libidn-1.33-1.fc25|(none)
libidn2-2.0.4-1.fc25|(none)
libini_config-1.3.1-34.fc25|(none)
libipa_hbac-1.16.0-1.fc25|(none)
libipt-1.5-1.fc25|(none)
libksba-1.3.5-1.fc25|(none)
libldb-1.1.29-1.fc25|(none)
liblogging-stdlog-1.0.6-1.fc25|(none)
libmetalink-0.1.3-1.fc25|(none)
libmnl-1.0.4-1.fc25|(none)
libmodman-2.0.1-12.fc24|(none)
libmount-2.28.2-2.fc25|(none)
libmpc-1.0.2-5.fc24|(none)
libndp-1.6-1.fc25|(none)
libnetfilter_conntrack-1.0.6-2.fc25|(none)
libnfnetlink-1.0.1-8.fc24|(none)
libnfsidmap-0.27-1.fc25|(none)
libnghttp2-1.13.0-2.fc25|(none)
libnl3-3.2.29-3.fc25|(none)
libnl3-cli-3.2.29-3.fc25|(none)
libpath_utils-0.2.1-34.fc25|(none)
libpcap-1.7.4-2.fc24|14
libpipeline-1.4.1-2.fc24|(none)
libpng-1.6.27-1.fc25|2
libproxy-0.4.15-2.fc25|(none)
libpsl-0.17.0-1.fc25|(none)
libpwquality-1.3.0-6.fc25|(none)
libref_array-0.1.5-34.fc25|(none)
librepo-1.7.18-3.fc25|(none)
libreport-2.8.0-1.fc25|(none)
libreport-cli-2.8.0-1.fc25|(none)
libreport-fedora-2.8.0-1.fc25|(none)
libreport-filesystem-2.8.0-1.fc25|(none)
libreport-plugin-bugzilla-2.8.0-1.fc25|(none)
libreport-plugin-kerneloops-2.8.0-1.fc25|(none)
libreport-plugin-logger-2.8.0-1.fc25|(none)
libreport-plugin-ureport-2.8.0-1.fc25|(none)
libreport-python3-2.8.0-1.fc25|(none)
libreport-web-2.8.0-1.fc25|(none)
libseccomp-2.3.2-1.fc25|(none)
libselinux-2.5-13.fc25|(none)
libselinux-python3-2.5-13.fc25|(none)
libselinux-utils-2.5-13.fc25|(none)
libsemanage-2.5-9.fc25|(none)
libsepol-2.5-10.fc25|(none)
libsigsegv-2.10-10.fc24|(none)
libsmartcols-2.28.2-2.fc25|(none)
libsmbclient-4.5.14-0.fc25|2
libsolv-0.6.29-2.fc25|(none)
libsoup-2.56.1-1.fc25|(none)
libss-1.43.3-1.fc25|(none)
libssh-0.7.4-1.fc25|(none)
libssh2-1.8.0-5.fc25|(none)
libsss_autofs-1.16.0-1.fc25|(none)
libsss_certmap-1.16.0-1.fc25|(none)
libsss_idmap-1.16.0-1.fc25|(none)
libsss_nss_idmap-1.16.0-1.fc25|(none)
libsss_sudo-1.16.0-1.fc25|(none)
libstdc++-6.4.1-1.fc25|(none)
libstemmer-0-4.585svn.fc24|(none)
libstoraged-2.6.2-6.fc25|(none)
libtalloc-2.1.10-2.fc25|(none)
libtar-1.2.20-8.fc24|(none)
libtasn1-4.12-1.fc25|(none)
libtdb-1.3.13-1.fc25|(none)
libteam-1.27-1.fc25|(none)
libtevent-0.9.34-1.fc25|(none)
libtirpc-1.0.2-0.fc25|(none)
libtool-ltdl-2.4.6-14.fc25|(none)
libunistring-0.9.4-3.fc24|(none)
libusbx-1.0.21-1.fc25|(none)
libuser-0.62-4.fc25|(none)
libutempter-1.1.6-8.fc24|(none)
libuuid-2.28.2-2.fc25|(none)
libverto-0.2.6-6.fc24|(none)
libverto-libev-0.2.6-6.fc24|(none)
libwbclient-4.5.14-0.fc25|2
libxkbcommon-0.7.1-1.fc25|(none)
libxml2-2.9.4-2.fc25|(none)
linux-atm-libs-2.5.1-14.fc24|(none)
linux-firmware-20170828-77.gitb78acc9.fc25|(none)
logrotate-3.10.0-1.fc25|(none)
lsof-4.89-4.fc25|(none)
lua-libs-5.3.4-6.fc25|(none)
lvm2-2.02.167-3.fc25|(none)
lvm2-libs-2.02.167-3.fc25|(none)
lz4-1.8.0-1.fc25|(none)
lz4-libs-1.8.0-1.fc25|(none)
lzo-2.08-8.fc24|(none)
mailcap-2.1.47-1.fc25|(none)
make-4.1-6.fc25|1
man-db-2.7.5-3.fc25|(none)
man-pages-4.06-4.fc25|(none)
mcelog-153-1.fc25|3
mdadm-3.4-2.fc25|(none)
microcode_ctl-2.1-16.fc25|2
mlocate-0.26-15.fc25|(none)
mozjs17-17.0.0-16.fc25|(none)
mpfr-3.1.5-1.fc25|(none)
mtr-0.87-2.fc25|2
nano-2.6.1-2.fc25|(none)
ncurses-6.0-6.20160709.fc25|(none)
ncurses-base-6.0-6.20160709.fc25|(none)
ncurses-libs-6.0-6.20160709.fc25|(none)
net-tools-2.0-0.40.20160329git.fc25|(none)
nettle-3.3-1.fc25|(none)
newt-0.52.19-2.fc25|(none)
newt-python3-0.52.19-2.fc25|(none)
nfs-utils-2.1.1-5.rc4.fc25|1
nmap-ncat-7.40-1.fc25|2
npth-1.3-1.fc25|(none)
nspr-4.17.0-1.fc25|(none)
nss-3.33.0-1.0.fc25|(none)
nss-pem-1.0.3-3.fc25|(none)
nss-softokn-3.33.0-1.1.fc25|(none)
nss-softokn-freebl-3.33.0-1.1.fc25|(none)
nss-sysinit-3.33.0-1.0.fc25|(none)
nss-tools-3.33.0-1.0.fc25|(none)
nss-util-3.33.0-1.0.fc25|(none)
ntfs-3g-2017.3.23-1.fc25|2
ntfsprogs-2017.3.23-1.fc25|2
numactl-libs-2.0.11-2.fc24|(none)
openldap-2.4.44-11.fc25|(none)
openssh-7.4p1-4.fc25|(none)
openssh-clients-7.4p1-4.fc25|(none)
openssh-server-7.4p1-4.fc25|(none)
openssl-1.0.2k-1.fc25|1
openssl-libs-1.0.2k-1.fc25|1
os-prober-1.74-1.fc25|(none)
p11-kit-0.23.9-2.fc25|(none)
p11-kit-trust-0.23.9-2.fc25|(none)
pam-1.3.0-1.fc25|(none)
pam_krb5-2.4.13-2.fc24|(none)
parted-3.2-21.fc25|(none)
passwd-0.79-8.fc24|(none)
passwdqc-1.3.0-6.fc24|(none)
passwdqc-lib-1.3.0-6.fc24|(none)
pciutils-3.5.5-1.fc25|(none)
pciutils-libs-3.5.5-1.fc25|(none)
pcre-8.41-3.fc25|(none)
pcsc-lite-1.8.20-1.fc25|(none)
pcsc-lite-ccid-1.4.26-1.fc25|(none)
pcsc-lite-libs-1.8.20-1.fc25|(none)
pigz-2.3.4-1.fc25|(none)
pinfo-0.6.10-13.fc24|(none)
pixman-0.34.0-2.fc24|(none)
pkgconfig-0.29.1-1.fc25|1
plymouth-0.9.3-0.6.20160620git0e65b86c.fc25|(none)
plymouth-core-libs-0.9.3-0.6.20160620git0e65b86c.fc25|(none)
plymouth-scripts-0.9.3-0.6.20160620git0e65b86c.fc25|(none)
policycoreutils-2.5-20.fc25|(none)
polkit-0.113-8.fc25|(none)
polkit-libs-0.113-8.fc25|(none)
polkit-pkla-compat-0.1-7.fc24|(none)
popt-1.16-12.fc25|(none)
ppp-2.4.7-9.fc24|(none)
procps-ng-3.3.10-11.fc24|(none)
psacct-6.6.2-4.fc24|(none)
publicsuffix-list-dafsa-20170828-1.fc25|(none)
python-IPy-python3-0.81-16.fc25|(none)
python3-3.5.4-2.fc25|(none)
python3-augeas-0.5.0-6.fc25|(none)
python3-bind-9.10.5-2.P2.fc25|32
python3-dbus-1.2.4-2.fc25|(none)
python3-decorator-4.0.11-1.fc25|(none)
python3-dmidecode-3.12.2-4.fc25|(none)
python3-dnf-1.1.10-6.fc25|(none)
python3-dnf-plugins-core-0.1.21-5.fc25|(none)
python3-firewall-0.4.4.5-1.fc25|(none)
python3-gobject-base-3.22.0-1.fc25|(none)
python3-hawkey-0.6.4-3.fc25|(none)
python3-iniparse-0.4-20.fc25|(none)
python3-libcomps-0.1.7-5.fc25|(none)
python3-librepo-1.7.18-3.fc25|(none)
python3-libs-3.5.4-2.fc25|(none)
python3-libxml2-2.9.4-2.fc25|(none)
python3-pip-8.1.2-2.fc25|(none)
python3-pygpgme-0.3-18.fc25|(none)
python3-rpm-4.13.0.1-2.fc25|(none)
python3-setuptools-25.1.1-1.fc25|(none)
python3-six-1.10.0-3.fc25|(none)
python3-slip-0.6.4-4.fc25|(none)
python3-slip-dbus-0.6.4-4.fc25|(none)
python3-sssdconfig-1.16.0-1.fc25|(none)
python3-systemd-232-1.fc25|(none)
qrencode-libs-3.4.4-1.fc25|(none)
quota-4.03-8.fc25|1
quota-nls-4.03-8.fc25|1
readline-6.3-8.fc24|(none)
realmd-0.16.2-8.fc25|(none)
rng-tools-5-8.fc25|(none)
rolekit-0.5.2-1.fc25|(none)
rootfiles-8.1-19.fc24|(none)
rpcbind-0.2.4-7.rc2.fc25|(none)
rpm-4.13.0.1-2.fc25|(none)
rpm-build-libs-4.13.0.1-2.fc25|(none)
rpm-libs-4.13.0.1-2.fc25|(none)
rpm-plugin-selinux-4.13.0.1-2.fc25|(none)
rpm-plugin-systemd-inhibit-4.13.0.1-2.fc25|(none)
rsync-3.1.2-4.fc25|(none)
rsyslog-8.30.0-3.fc25|(none)
samba-client-libs-4.5.14-0.fc25|2
samba-common-4.5.14-0.fc25|2
satyr-0.21-2.fc25|(none)
sed-4.2.2-15.fc24|(none)
selinux-policy-3.13.1-225.23.fc25|(none)
selinux-policy-targeted-3.13.1-225.23.fc25|(none)
setup-2.10.4-1.fc25|(none)
setuptool-1.19.11-11.fc24|(none)
shadow-utils-4.2.1-11.fc25|2
shared-mime-info-1.8-1.fc25|(none)
slang-2.3.0-7.fc25|(none)
smartmontools-6.5-1.fc25|1
snappy-1.1.3-2.fc24|(none)
sos-3.4-1.fc25|(none)
sqlite-libs-3.14.2-3.fc25|(none)
sssd-1.16.0-1.fc25|(none)
sssd-ad-1.16.0-1.fc25|(none)
sssd-client-1.16.0-1.fc25|(none)
sssd-common-1.16.0-1.fc25|(none)
sssd-common-pac-1.16.0-1.fc25|(none)
sssd-ipa-1.16.0-1.fc25|(none)
sssd-krb5-1.16.0-1.fc25|(none)
sssd-krb5-common-1.16.0-1.fc25|(none)
sssd-ldap-1.16.0-1.fc25|(none)
sssd-nfs-idmap-1.16.0-1.fc25|(none)
sssd-proxy-1.16.0-1.fc25|(none)
storaged-2.6.2-6.fc25|(none)
storaged-iscsi-2.6.2-6.fc25|(none)
storaged-lvm2-2.6.2-6.fc25|(none)
sudo-1.8.21p2-1.fc25|(none)
symlinks-1.4-13.fc24|(none)
system-python-3.5.4-2.fc25|(none)
system-python-libs-3.5.4-2.fc25|(none)
systemd-231-19.fc25|(none)
systemd-bootchart-231-2.fc25|(none)
systemd-libs-231-19.fc25|(none)
systemd-pam-231-19.fc25|(none)
systemd-udev-231-19.fc25|(none)
tar-1.29-4.fc25|2
tcp_wrappers-7.6-83.fc25|(none)
tcp_wrappers-libs-7.6-83.fc25|(none)
tcpdump-4.9.0-1.fc25|14
teamd-1.27-1.fc25|(none)
telnet-0.17-68.fc25|1
time-1.7-49.fc24|(none)
timedatex-0.4-2.fc24|(none)
traceroute-2.1.0-2.fc25|3
tree-1.7.0-6.fc24|(none)
trousers-0.3.13-6.fc24|(none)
trousers-lib-0.3.13-6.fc24|(none)
tzdata-2017b-1.fc25|(none)
unzip-6.0-32.fc25|(none)
usbutils-008-6.fc25|(none)
usermode-1.111-8.fc24|(none)
ustr-1.0.4-21.fc24|(none)
util-linux-2.28.2-2.fc25|(none)
vconfig-1.9-18.fc24|(none)
vim-minimal-8.0.1171-1.fc25|2
wget-1.19.2-1.fc25|(none)
which-2.21-1.fc25|(none)
wireless-tools-29-14.1.fc24|1
words-3.0-25.fc24|(none)
xdg-utils-1.1.1-5.fc25|(none)
xfsprogs-4.9.0-1.fc25|(none)
xkeyboard-config-2.20-2.fc25|(none)
xmlrpc-c-1.32.5-1909.svn2451.fc24|(none)
xmlrpc-c-client-1.32.5-1909.svn2451.fc24|(none)
xz-5.2.2-2.fc24|(none)
xz-libs-5.2.2-2.fc24|(none)
zip-3.0-16.fc24|(none)
zlib-1.2.8-10.fc24|(none)
25202 - Enumerate IPv6 Interfaces via SSH
Synopsis
Nessus was able to enumerate the IPv6 interfaces on the remote host.
Description
Nessus was able to enumerate the network interfaces configured with IPv6 addresses by connecting to the remote host via SSH using the supplied credentials.
Solution
Disable IPv6 if you are not actually using it. Otherwise, disable any unused IPv6 interfaces.
Risk Factor
None
Plugin Information:
Published: 2007/05/11, Modified: 2017/01/26
Plugin Output

tcp/0


The following IPv6 interfaces are set on the remote host :

- fe80::bee5:c2f5:1c86:2e9 (on interface eth0)
- ::1 (on interface lo)
25203 - Enumerate IPv4 Interfaces via SSH
Synopsis
Nessus was able to enumerate the IPv4 interfaces on the remote host.
Description
Nessus was able to enumerate the network interfaces configured with IPv4 addresses by connecting to the remote host via SSH using the supplied credentials.
Solution
Disable any unused IPv4 interfaces.
Risk Factor
None
Plugin Information:
Published: 2007/05/11, Modified: 2017/01/26
Plugin Output

tcp/0


The following IPv4 addresses are set on the remote host :

- 192.168.1.43 (on interface eth0)
- 127.0.0.1 (on interface lo)
25220 - TCP/IP Timestamps Supported
Synopsis
The remote service implements TCP timestamps.
Description
The remote host implements TCP timestamps, as defined by RFC1323. A side effect of this feature is that the uptime of the remote host can sometimes be computed.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/05/16, Modified: 2011/03/20
Plugin Output

tcp/0

33276 - Enumerate MAC Addresses via SSH
Synopsis
Nessus was able to enumerate MAC addresses on the remote host.
Description
Nessus was able to enumerate MAC addresses by connecting to the remote host via SSH with the supplied credentials.
Solution
Disable any unused interfaces.
Risk Factor
None
Plugin Information:
Published: 2008/06/30, Modified: 2017/01/26
Plugin Output

tcp/0


The following MAC address exists on the remote host :

- 00:15:5d:0f:c6:af (interface eth0)
35716 - Ethernet Card Manufacturer Detection
Synopsis
The manufacturer can be identified from the Ethernet OUI.
Description
Each ethernet MAC address starts with a 24-bit Organizationally Unique Identifier (OUI). These OUIs are registered by IEEE.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2009/02/19, Modified: 2017/11/17
Plugin Output

tcp/0


The following card manufacturers were identified :

00:15:5d:0f:c6:af : Microsoft Corporation
45590 - Common Platform Enumeration (CPE)
Synopsis
It was possible to enumerate CPE names that matched on the remote system.
Description
By using information obtained from a Nessus scan, this plugin reports CPE (Common Platform Enumeration) matches for various hardware and software products found on a host.

Note that if an official CPE is not available for the product, this plugin computes the best possible CPE based on the information available from the scan.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2010/04/21, Modified: 2017/06/06
Plugin Output

tcp/0


The remote operating system matched the following CPE :

cpe:/o:fedoraproject:fedora:25

Following application CPE matched on the remote system :

cpe:/a:openbsd:openssh:7.4
54615 - Device Type
Synopsis
It is possible to guess the remote device type.
Description
Based on the remote operating system, it is possible to determine what the remote system type is (eg: a printer, router, general-purpose computer, etc).
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2011/05/23, Modified: 2011/05/23
Plugin Output

tcp/0

Remote device type : general-purpose
Confidence level : 100
55472 - Device Hostname
Synopsis
It was possible to determine the remote system hostname.
Description
This plugin reports a device's hostname collected via SSH or WMI.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2011/06/30, Modified: 2017/12/04
Plugin Output

tcp/0


Hostname : fedora25.localhost.local
fedora25.localhost.local (hostname command)
56468 - Time of Last System Startup
Synopsis
The system has been started.
Description
Using the supplied credentials, Nessus was able to determine when the host was last started.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2011/10/12, Modified: 2015/08/21
Plugin Output

tcp/0


reboot system boot 4.9.13-201.fc25. Thu Nov 23 11:49 still running

wtmp begins Tue Oct 10 06:01:39 2017
58651 - Netstat Active Connections
Synopsis
Active connections are enumerated via the 'netstat' command.
Description
This plugin runs 'netstat' on the remote machine to enumerate all active 'ESTABLISHED' or 'LISTENING' tcp/udp connections.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2012/04/10, Modified: 2015/06/02
Plugin Output

tcp/0


Netstat output :
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 52 192.168.1.43:22 192.168.1.108:53683 ESTABLISHED
tcp6 0 0 :::111 :::* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 :::9090 :::* LISTEN
udp 0 0 127.0.0.1:323 0.0.0.0:*
udp 0 0 0.0.0.0:65016 0.0.0.0:*
udp 0 0 0.0.0.0:808 0.0.0.0:*
udp 0 0 0.0.0.0:68 0.0.0.0:*
udp 0 0 0.0.0.0:111 0.0.0.0:*
udp6 0 0 ::1:323 :::*
udp6 0 0 :::38492 :::*
udp6 0 0 :::808 :::*
udp6 0 0 :::111 :::*
raw6 0 0 :::58 :::* 7
64582 - Netstat Connection Information
Synopsis
Nessus was able to parse the results of the 'netstat' command on the remote host.
Description
The remote host has listening ports or established connections that Nessus was able to extract from the results of the 'netstat' command.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2013/02/13, Modified: 2016/08/05
Plugin Output

tcp/0

tcp4 (listen)
src: [host=0.0.0.0, port=111]
dst: [host=0.0.0.0, port=*]

tcp4 (listen)
src: [host=0.0.0.0, port=22]
dst: [host=0.0.0.0, port=*]

tcp4 (established)
src: [host=192.168.1.43, port=22]
dst: [host=192.168.1.108, port=53683]

tcp6 (listen)
src: [host=::, port=111]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=22]
dst: [host=::, port=*]

tcp6 (listen)
src: [host=::, port=9090]
dst: [host=::, port=*]

udp4 (listen)
src: [host=127.0.0.1, port=323]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=0.0.0.0, port=65016]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=0.0.0.0, port=808]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=0.0.0.0, port=68]
dst: [host=0.0.0.0, port=*]

udp4 (listen)
src: [host=0.0.0.0, port=111]
dst: [host=0.0.0.0, port=*]

udp6 (listen)
src: [host=::1, port=323]
dst: [host=::, port=*]

udp6 (listen)
src: [host=::, port=38492]
dst: [host=::, port=*]

udp6 (listen)
src: [host=::, port=808]
dst: [host=::, port=*]

udp6 (listen)
src: [host=::, port=111]
dst: [host=::, port=*]

udp6 (listen)
src: [host=::, port=58]
dst: [host=::, port=*]
66334 - Patch Report
Synopsis
The remote host is missing several patches.
Description
The remote host is missing one or more security patches. This plugin lists the newest version of each patch to install to make sure the remote host is up-to-date.
Solution
Install the patches listed below.
Risk Factor
None
Plugin Information:
Published: 2013/07/08, Modified: 2017/11/20
Plugin Output

tcp/0



. You need to take the following 3 actions :

[ Fedora 25 : 1:openssl (2017-55a3247cfd) (104826) ]

+ Action to take : Update the affected 1:openssl package.


[ Fedora 25 : kernel (2017-905bb449bc) (104979) ]

+ Action to take : Update the affected kernel package.

+Impact : Taking this action will resolve 6 different vulnerabilities (CVEs).



[ Fedora 25 : rpm (2017-ab57a100f3) (104828) ]

+ Action to take : Update the affected rpm package.

83303 - Unix / Linux - Local Users Information : Passwords Never Expire
Synopsis
At least one local user has a password that never expires.
Description
Using the supplied credentials, Nessus was able to list local users that are enabled and whose passwords never expire.
Solution
Allow or require users to change their passwords regularly.
Risk Factor
None
References
XREF OSVDB:755
Plugin Information:
Published: 2015/05/10, Modified: 2017/08/28
Plugin Output

tcp/0


Nessus found the following unlocked users with passwords that do not expire :
- root
84047 - Hyper-V Virtual Machine Detection
Synopsis
The remote host is a Hyper-V virtual machine.
Description
According to the MAC address of its network adapter, the remote host is a Microsoft Hyper-V virtual machine.
See Also
Solution
Since it is physically accessible through the network, ensure that its configuration matches your organization's security policy.
Risk Factor
None
Plugin Information:
Published: 2015/06/09, Modified: 2017/11/20
Plugin Output

tcp/0


The remote host is a Hyper-V virtual machine.
95928 - Linux User List Enumeration
Synopsis
Nessus was able to enumerate local users and groups on the remote host.
Description
Using the supplied credentials, Nessus was able to enumerate the local users and groups on the remote host.
Solution
None
Risk Factor
None
Plugin Information:
Published: 2016/12/19, Modified: 2017/08/28
Plugin Output

tcp/0


----------[ User Accounts ]----------

----------[ System Accounts ]----------

User : root
Home folder : /root
Start script : /bin/bash
Groups : root

User : bin
Home folder : /bin
Start script : /sbin/nologin
Groups : bin

User : daemon
Home folder : /sbin
Start script : /sbin/nologin
Groups : daemon

User : adm
Home folder : /var/adm
Start script : /sbin/nologin
Groups : adm

User : lp
Home folder : /var/spool/lpd
Start script : /sbin/nologin
Groups : lp

User : sync
Home folder : /sbin
Start script : /bin/sync
Groups : root

User : shutdown
Home folder : /sbin
Start script : /sbin/shutdown
Groups : root

User : halt
Home folder : /sbin
Start script : /sbin/halt
Groups : root

User : mail
Home folder : /var/spool/mail
Start script : /sbin/nologin
Groups : mail

User : operator
Home folder : /root
Start script : /sbin/nologin
Groups : root

User : games
Home folder : /usr/games
Start script : /sbin/nologin
Groups : users

User : ftp
Home folder : /var/ftp
Start script : /sbin/nologin
Groups : ftp

User : nobody
Home folder : /
Start script : /sbin/nologin
Groups : nobody

User : systemd-timesync
Home folder : /
Start script : /sbin/nologin
Groups : systemd-timesync

User : systemd-network
Home folder : /
Start script : /sbin/nologin
Groups : systemd-network

User : systemd-resolve
Home folder : /
Start script : /sbin/nologin
Groups : systemd-resolve

User : dbus
Home folder : /
Start script : /sbin/nologin
Groups : dbus

User : polkitd
Home folder : /
Start script : /sbin/nologin
Groups : polkitd

User : sshd
Home folder : /var/empty/sshd
Start script : /sbin/nologin
Groups : sshd

User : rpc
Home folder : /var/lib/rpcbind
Start script : /sbin/nologin
Groups : rpc

User : abrt
Home folder : /etc/abrt
Start script : /sbin/nologin
Groups : abrt

User : cockpit-ws
Home folder : /
Start script : /sbin/nologin
Groups : cockpit-ws

User : rpcuser
Home folder : /var/lib/nfs
Start script : /sbin/nologin
Groups : rpcuser

User : nfsnobody
Home folder : /var/lib/nfs
Start script : /sbin/nologin
Groups : nfsnobody

User : chrony
Home folder : /var/lib/chrony
Start script : /sbin/nologin
Groups : chrony

User : tcpdump
Home folder : /
Start script : /sbin/nologin
Groups : tcpdump

User : systemd-coredump
Home folder : /
Start script : /sbin/nologin
Groups : systemd-coredump

User : tss
Home folder : /dev/null
Start script : /sbin/nologin
Groups : tss
97993 - OS Identification and Installed Software Enumeration over SSH v2 (Using New SSH Library)
Synopsis
Information about the remote host can be disclosed via an authenticated session.
Description
Nessus was able to login to the remote host using SSH or local commands and extract the list of installed packages.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2017/05/30, Modified: 2017/12/05
Plugin Output

tcp/0


It was possible to log into the remote host via SSH using 'password' authentication.

The output of "uname -a" is :
Linux fedora25.localhost.local 4.9.13-201.fc25.x86_64 #1 SMP Tue Mar 7 23:47:11 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

The remote Fedora system is :
Fedora release 25 (Twenty Five)

Local security checks have been enabled for this host.
Runtime : 7.578125 seconds

10287 - Traceroute Information
Synopsis
It was possible to obtain traceroute information.
Description
Makes a traceroute to the remote host.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 1999/11/27, Modified: 2017/08/22
Plugin Output

udp/0

For your information, here is the traceroute from 192.168.1.108 to 192.168.1.43 :
192.168.1.108
192.168.1.43

Hop Count: 1

10267 - SSH Server Type and Version Information
Synopsis
An SSH server is listening on this port.
Description
It is possible to obtain information about the remote SSH server by sending an empty authentication request.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 1999/10/12, Modified: 2017/11/17
Plugin Output

tcp/22


SSH version : SSH-2.0-OpenSSH_7.4
SSH supported authentication : publickey,gssapi-keyex,gssapi-with-mic,password
10881 - SSH Protocol Versions Supported
Synopsis
A SSH server is running on the remote host.
Description
This plugin determines the versions of the SSH protocol supported by the remote SSH daemon.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2002/03/06, Modified: 2017/05/30
Plugin Output

tcp/22

The remote SSH daemon supports the following versions of the
SSH protocol :

- 1.99
- 2.0
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2017/11/28
Plugin Output

tcp/22

Port 22/tcp was found to be open
22964 - Service Detection
Synopsis
The remote service could be identified.
Description
Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/08/19, Modified: 2017/07/07
Plugin Output

tcp/22

An SSH server is running on this port.
25221 - Remote listeners enumeration (Linux / AIX)
Synopsis
Using the supplied credentials, it was possible to identify the process listening on the remote port.
Description
By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.

Note that the method used by this plugin only works for hosts running Linux or AIX.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/05/16, Modified: 2017/08/28
Plugin Output

tcp/22


Process ID : 763
Executable : /usr/sbin/sshd
Command line : /usr/sbin/sshd -D
39520 - Backported Security Patch Detection (SSH)
Synopsis
Security patches are backported.
Description
Security patches may have been 'backported' to the remote SSH server without changing its version number.

Banner-based checks have been disabled to avoid false positives.

Note that this test is informational only and does not denote any security problem.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2009/06/25, Modified: 2015/07/07
Plugin Output

tcp/22


Local checks have been enabled.
70657 - SSH Algorithms and Languages Supported
Synopsis
An SSH server is listening on this port.
Description
This script detects which algorithms and languages are supported by the remote service for encrypting communications.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2013/10/28, Modified: 2017/08/28
Plugin Output

tcp/22


Nessus negotiated the following encryption algorithm with the server :

The server supports the following options for kex_algorithms :

curve25519-sha256
curve25519-sha256@libssh.org
diffie-hellman-group-exchange-sha256
diffie-hellman-group14-sha1
diffie-hellman-group14-sha256
diffie-hellman-group16-sha512
diffie-hellman-group18-sha512
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521

The server supports the following options for server_host_key_algorithms :

ecdsa-sha2-nistp256
rsa-sha2-256
rsa-sha2-512
ssh-ed25519
ssh-rsa

The server supports the following options for encryption_algorithms_client_to_server :

aes128-ctr
aes128-gcm@openssh.com
aes192-ctr
aes256-ctr
aes256-gcm@openssh.com
chacha20-poly1305@openssh.com

The server supports the following options for encryption_algorithms_server_to_client :

aes128-ctr
aes128-gcm@openssh.com
aes192-ctr
aes256-ctr
aes256-gcm@openssh.com
chacha20-poly1305@openssh.com

The server supports the following options for mac_algorithms_client_to_server :

hmac-sha1
hmac-sha1-etm@openssh.com
hmac-sha2-256
hmac-sha2-256-etm@openssh.com
hmac-sha2-512
hmac-sha2-512-etm@openssh.com
umac-128-etm@openssh.com
umac-128@openssh.com
umac-64-etm@openssh.com
umac-64@openssh.com

The server supports the following options for mac_algorithms_server_to_client :

hmac-sha1
hmac-sha1-etm@openssh.com
hmac-sha2-256
hmac-sha2-256-etm@openssh.com
hmac-sha2-512
hmac-sha2-512-etm@openssh.com
umac-128-etm@openssh.com
umac-128@openssh.com
umac-64-etm@openssh.com
umac-64@openssh.com

The server supports the following options for compression_algorithms_client_to_server :

none
zlib@openssh.com

The server supports the following options for compression_algorithms_server_to_client :

none
zlib@openssh.com
90707 - SSH SCP Protocol Detection
Synopsis
The remote host supports the SCP protocol over SSH.
Description
The remote host supports the Secure Copy (SCP) protocol over SSH.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2016/04/26, Modified: 2017/08/28
Plugin Output

tcp/22

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2017/11/28
Plugin Output

udp/68

Port 68/udp was found to be open
25221 - Remote listeners enumeration (Linux / AIX)
Synopsis
Using the supplied credentials, it was possible to identify the process listening on the remote port.
Description
By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.

Note that the method used by this plugin only works for hosts running Linux or AIX.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/05/16, Modified: 2017/08/28
Plugin Output

udp/68


Process ID : 16752
Executable : /usr/sbin/dhclient
Command line : /sbin/dhclient -d -q -sf /usr/libexec/nm-dhcp-helper -pf /var/run/dhclient-eth0.pid -lf /var/lib/NetworkManager/dhclient-6e7ffb7d-7f0a-3cc9-9b51-eecd5c135571-eth0.lease -cf /var/lib/NetworkManager/dhclient-eth0.conf eth0

11111 - RPC Services Enumeration
Synopsis
An ONC RPC service is running on the remote host.
Description
By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2002/08/24, Modified: 2011/05/24
Plugin Output

tcp/111


The following RPC services are available on TCP port 111 :

- program: 100000 (portmapper), version: 4
- program: 100000 (portmapper), version: 3
- program: 100000 (portmapper), version: 2
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2017/11/28
Plugin Output

tcp/111

Port 111/tcp was found to be open
25221 - Remote listeners enumeration (Linux / AIX)
Synopsis
Using the supplied credentials, it was possible to identify the process listening on the remote port.
Description
By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.

Note that the method used by this plugin only works for hosts running Linux or AIX.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/05/16, Modified: 2017/08/28
Plugin Output

tcp/111


Process ID : 1
Executable : /usr/lib/systemd/systemd
Command line : /usr/lib/systemd/systemd --system --deserialize 18
53335 - RPC portmapper (TCP)
Synopsis
An ONC RPC portmapper is running on the remote host.
Description
The RPC portmapper is running on this port.

The portmapper allows someone to get the port number of each RPC service running on the remote host by sending either multiple lookup requests or a DUMP request.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2011/04/08, Modified: 2011/08/29
Plugin Output

tcp/111

10223 - RPC portmapper Service Detection
Synopsis
An ONC RPC portmapper is running on the remote host.
Description
The RPC portmapper is running on this port.

The portmapper allows someone to get the port number of each RPC service running on the remote host by sending either multiple lookup requests or a DUMP request.
Solution
n/a
Risk Factor
None
References
Plugin Information:
Published: 1999/08/19, Modified: 2014/02/19
Plugin Output

udp/111

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2017/11/28
Plugin Output

udp/808

Port 808/udp was found to be open
25221 - Remote listeners enumeration (Linux / AIX)
Synopsis
Using the supplied credentials, it was possible to identify the process listening on the remote port.
Description
By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.

Note that the method used by this plugin only works for hosts running Linux or AIX.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/05/16, Modified: 2017/08/28
Plugin Output

udp/808


Process ID : 38368
Executable : /usr/bin/rpcbind
Command line : /usr/bin/rpcbind -w -f

51192 - SSL Certificate Cannot Be Trusted
Synopsis
The SSL certificate for this service cannot be trusted.
Description
The server's X.509 certificate cannot be trusted. This situation can occur in three different ways, in which the chain of trust can be broken, as stated below :

- First, the top of the certificate chain sent by the server might not be descended from a known public certificate authority. This can occur either when the top of the chain is an unrecognized, self-signed certificate, or when intermediate certificates are missing that would connect the top of the certificate chain to a known public certificate authority.

- Second, the certificate chain may contain a certificate that is not valid at the time of the scan. This can occur either when the scan occurs before one of the certificate's 'notBefore' dates, or after one of the certificate's 'notAfter' dates.

- Third, the certificate chain may contain a signature that either didn't match the certificate's information or could not be verified. Bad signatures can be fixed by getting the certificate with the bad signature to be re-signed by its issuer. Signatures that could not be verified are the result of the certificate's issuer using a signing algorithm that Nessus either does not support or does not recognize.

If the remote host is a public host in production, any break in the chain makes it more difficult for users to verify the authenticity and identity of the web server. This could make it easier to carry out man-in-the-middle attacks against the remote host.
See Also
Solution
Purchase or generate a proper certificate for this service.
Risk Factor
Medium
CVSS v3.0 Base Score
6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
CVSS Base Score
6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)
Plugin Information:
Published: 2010/12/15, Modified: 2017/05/18
Plugin Output

tcp/9090


The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :

|-Subject : O=5a4fa85e0277478f8c474a86c65f8daf/CN=fedora25.localhost.local
|-Issuer : O=5a4fa85e0277478f8c474a86c65f8daf/CN=fedora25.localhost.local
57582 - SSL Self-Signed Certificate
Synopsis
The SSL certificate chain for this service ends in an unrecognized self-signed certificate.
Description
The X.509 certificate chain for this service is not signed by a recognized certificate authority. If the remote host is a public host in production, this nullifies the use of SSL as anyone could establish a man-in-the-middle attack against the remote host.

Note that this plugin does not check for certificate chains that end in a certificate that is not self-signed, but is signed by an unrecognized certificate authority.
Solution
Purchase or generate a proper certificate for this service.
Risk Factor
Medium
CVSS Base Score
6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)
Plugin Information:
Published: 2012/01/17, Modified: 2016/12/14
Plugin Output

tcp/9090


The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :

|-Subject : O=5a4fa85e0277478f8c474a86c65f8daf/CN=fedora25.localhost.local
10386 - Web Server No 404 Error Code Check
Synopsis
The remote web server does not return 404 error codes.
Description
The remote web server is configured such that it does not return '404 Not Found' error codes when a nonexistent file is requested, perhaps returning instead a site map, search page or authentication page.

Nessus has enabled some counter measures for this. However, they might be insufficient. If a great number of security holes are produced for this port, they might not all be accurate.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2000/04/28, Modified: 2015/10/13
Plugin Output

tcp/9090


The following string will be used :
TYPE='password'
10863 - SSL Certificate Information
Synopsis
This plugin displays the SSL certificate.
Description
This plugin connects to every SSL-related port and attempts to extract and dump the X.509 certificate.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2008/05/19, Modified: 2015/12/30
Plugin Output

tcp/9090

Subject Name:

Organization: 5a4fa85e0277478f8c474a86c65f8daf
Common Name: fedora25.localhost.local

Issuer Name:

Organization: 5a4fa85e0277478f8c474a86c65f8daf
Common Name: fedora25.localhost.local

Serial Number: 00 BD 6A 1B A2 E7 DE C2 FD

Version: 3

Signature Algorithm: SHA-256 With RSA Encryption

Not Valid Before: Jan 23 22:14:10 2017 GMT
Not Valid After: Dec 30 22:14:10 2116 GMT

Public Key Info:

Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 B3 DB DA F1 B5 67 78 01 05 62 28 49 C1 BA C6 AD B0 66 61
52 33 1C 5D 0A 6D A6 22 68 98 F6 C0 6B 08 6E 84 CF 62 33 84
8A 81 3E BE 73 C8 41 9C 4D B4 BD 6D 4B 01 A9 9A 06 98 A3 83
C8 39 78 49 8B BD 74 2B 08 69 86 8B B6 93 5F 34 2A 08 62 C4
31 0A 6E 58 AB B6 42 F5 C9 51 EA 0E F0 1B E4 32 8E 38 24 26
98 EE 1B B9 4E 81 81 F8 97 99 D6 F4 09 92 AC FF 33 A8 4C B2
0F 59 A0 2B E2 83 11 73 7B 41 6B D7 91 AB CE 57 89 E1 D1 47
0F 6B F6 43 B0 38 40 BC 15 E6 C0 65 91 CD 22 5E 63 78 AD 08
BA 8E C2 0F 16 EA 79 9F 8D 26 FC BD 9E AD C0 3B C4 24 F0 B3
0C 0F 2D 1E 48 E6 8E 31 DE CA 12 92 0E BB 21 62 20 36 91 57
C2 FC A1 B2 E5 33 D8 B4 55 9C AD E2 10 79 5A DB B0 7D F7 43
78 4C 9C 10 6B EF C2 13 36 CB 1F 19 CD 7B C8 F3 E2 4A 22 F2
B0 AD FE CB D1 75 FE E7 BF AF AD CC DE 44 38 47 63
Exponent: 01 00 01

Signature Length: 256 bytes / 2048 bits
Signature: 00 20 13 4C B0 B9 27 91 F3 CF 9B 91 2C A0 4E BD 73 3C 7A 95
9A 4B 8D 2B 82 43 CE BA 9F 34 A7 18 5C 73 E5 95 58 69 DF 1F
2F EE 09 35 38 7A 6A 14 80 EB 22 1B 0D 2E 25 76 94 78 6C 01
88 AB BF 61 80 FD 8E 09 59 11 32 99 2E AA 8E 9A 06 43 6C CF
BE A2 A0 78 40 94 C0 2B 92 1C 2E 61 7E 21 CB 33 91 12 4A EB
82 28 9A ED 57 B9 B5 5B BA 27 45 BD FC E0 04 F6 C4 42 76 21
96 EF 81 7B 2D A2 62 3A EA DD 5D C7 84 2A 9B C1 B2 05 53 A9
4D 04 4B 82 C0 DA 3F 79 E5 4F D4 CF AC 28 D1 56 7B E9 0A E0
EA 9A 81 70 FC 20 43 30 04 E5 BA 00 43 52 64 D0 98 5D EE 6F
C6 41 BC F7 E8 6A F3 F5 B4 5B 23 2F 45 3C A3 CD E3 FD EE 3A
93 51 F3 50 C0 6D 4F DE C1 0F 11 B9 95 7A B7 75 CF 4F 1D 1B
C1 70 4C 63 00 A0 60 92 AE DC 8E 48 D6 96 DD F3 54 C8 25 DF
AA 56 84 65 5F DC CA 24 25 FF 1C DB 13 31 A4 99 29

Extension: Subject Key Identifier (2.5.29.14)
Critical: 0
Subject Key Identifier: 0F 08 88 F5 9F B0 D9 B2 87 52 DD 4A F6 BF 0D 5A 3D 17 34 A2


Extension: Authority Key Identifier (2.5.29.35)
Critical: 0
Key Identifier: 0F 08 88 F5 9F B0 D9 B2 87 52 DD 4A F6 BF 0D 5A 3D 17 34 A2


Extension: Basic Constraints (2.5.29.19)
Critical: 0
CA: TRUE


Fingerprints :

SHA-256 Fingerprint: D6 D4 38 10 1E CE C6 62 90 73 47 7E 70 E4 7A 38 6D 05 EB 26
B0 1B 53 9B 1F A4 53 E7 BF FC 9F 04
SHA-1 Fingerprint: 4C 71 6A 5B 8A D8 E9 81 60 3F 10 4B 3E 15 28 DB FE B7 ED 8D
MD5 Fingerprint: 77 34 E7 47 80 6C 3D 67 75 94 57 51 41 65 3E BF
14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2017/11/28
Plugin Output

tcp/9090

Port 9090/tcp was found to be open
21643 - SSL Cipher Suites Supported
Synopsis
The remote service encrypts communications using SSL.
Description
This plugin detects which SSL ciphers are supported by the remote service for encrypting communications.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2006/06/05, Modified: 2017/11/13
Plugin Output

tcp/9090


Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.

SSL Version : TLSv12
High Strength Ciphers (>= 112-bit key)

ECDHE-RSA-AES128-SHA256 Kx=ECDH Au=RSA Enc=AES-GCM(128) Mac=SHA256
ECDHE-RSA-AES256-SHA384 Kx=ECDH Au=RSA Enc=AES-GCM(256) Mac=SHA384
ECDHE-RSA-CAMELLIA-CBC-128 Kx=ECDH Au=RSA Enc=Camellia-CBC(128) Mac=SHA256
ECDHE-RSA-CAMELLIA-GCM-128 Kx=ECDH Au=RSA Enc=Camellia-GCM(128) Mac=SHA256
ECDHE-RSA-CAMELLIA-CBC-256 Kx=ECDH Au=RSA Enc=Camellia-CBC(256) Mac=SHA384
ECDHE-RSA-CAMELLIA-GCM-256 Kx=ECDH Au=RSA Enc=Camellia-GCM(256) Mac=SHA384
ECDHE-RSA-CHACHA20-POLY1305 Kx=ECDH Au=RSA Enc=ChaCha20-Poly1305(256) Mac=SHA256
n/a Kx=RSA Au=RSA Enc=AES-CCM(128) Mac=AEAD
RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-GCM(128) Mac=SHA256
n/a Kx=RSA Au=RSA Enc=AES-CCM(256) Mac=AEAD
RSA-AES256-SHA384 Kx=RSA Au=RSA Enc=AES-GCM(256) Mac=SHA384
RSA-CAMELLIA-GCM-128 Kx=RSA Au=RSA Enc=Camellia-GCM(128) Mac=SHA256
RSA-CAMELLIA-GCM-256 Kx=RSA Au=RSA Enc=Camellia-GCM(256) Mac=SHA384
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
CAMELLIA128-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA1
CAMELLIA256-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA1
ECDHE-RSA-AES128-SHA256 Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA256
ECDHE-RSA-AES256-SHA384 Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA384
RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256
RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256
RSA-CAMELLIA128-SHA256 Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA256
RSA-CAMELLIA256-SHA256 Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA256


SSL Version : TLSv11
High Strength Ciphers (>= 112-bit key)

ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
CAMELLIA128-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA1
CAMELLIA256-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA1

The fields above are :

{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
22964 - Service Detection
Synopsis
The remote service could be identified.
Description
Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/08/19, Modified: 2017/07/07
Plugin Output

tcp/9090

A TLSv1.1 server answered on this port.

tcp/9090

A web server is running on this port through TLSv1.1.
24260 - HyperText Transfer Protocol (HTTP) Information
Synopsis
Some information about the remote HTTP configuration can be extracted.
Description
This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc...

This test is informational only and does not denote any security problem.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/01/30, Modified: 2017/11/13
Plugin Output

tcp/9090


Response Code : HTTP/1.1 200 OK

Protocol version : HTTP/1.1
SSL : yes
Keep-Alive : no
Options allowed : (Not implemented)
Headers :

Content-Security-Policy: default-src 'self' 'unsafe-inline'; connect-src 'self' ws: wss:
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store
Connection: close

Response Body :

<!DOCTYPE html>
<html>
<head>
<title>Loading...</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta insert_dynamic_content_here><script>
(function (root, data) {
window.cockpit_po = data;
/* The syntax of this line is important for po2json */
}(this, {"":{"language":"en"}}));
</script>
<base href="/">
<script>
var environment = {"page":{"connect":false},"hostname":"fedora25.localhost.local","os-release":{"NAME":"Fedora","ID":"fedora","PRETTY_NAME":"Fedora 25 (Server Edition)","VARIANT":"Server Edition","VARIANT_ID":"server","CPE_NAME":"cpe:/o:fedoraproject:fedora:25"}};
</script>
<script>
/* global XMLHttpRequest */

var phantom_checkpoint = phantom_checkpoint || function () { };

(function(console) {
var url_root;
window.localStorage.removeItem('url-root');
var environment = window.environment || { };
var oauth = environment.OAuth || null;
if (oauth) {
if (!oauth.TokenParam)
oauth.TokenParam = "access_token";
if (!oauth.ErrorParam)
oauth.ErrorParam = "error_description";
}

var fmt_re = /\$\{([^}]+)\}|\$([a-zA-Z0-9_]+)/g;
function format(fmt /* ... */) {
var args = Array.prototype.slice.call(arguments, 1);
return fmt.replace(fmt_re, function(m, x, y) { return args[x || y] || ""; });
}

function gettext(key) {
if (window.cockpit_po) {
var translated = window.cockpit_po[key];
if (translated && translated[1])
return translated[1];
}
return key;
}

function translate() {
if (!document.querySelectorAll)
return;
var list = document.querySelectorAll("[translate]");
for (var i = 0; i < list.length; i++)
list[i].textContent = gettext(list[i].textContent);
}

var _ = gettext;

var login_path, application, org_login_path, org_application;
var qs_re = /[?&]?([^=]+)=([^&]*)/g;
var oauth_redirect_to = null;

function QueryParams(qs) {
qs = qs.split('+').join(' ');

var params = {};
var tokens;

for (;;) {
tokens = qs_re.exec(qs);
if (!tokens)
break;
params[decodeURIComponent(tokens[1])] = decodeURIComponent(tokens[2]);
}
return params;
}

function unquote(str) {
str = str.trim();
if (str[0] == '"')
str = str.substr(1, str.length - 2);
return str;
}

if (!console)
console = function() { };

/* Determine if we are nested or not, and switch styles */
if (window.location.pathname.indexOf("/cockpit/") === 0 ||
window.location.pathname.indexOf("/cockpit+") === 0)
document.documentElement.setAttribute("class", "inline");

function id(name) {
return document.getElementById(name);
}

function fatal(msg) {
if (window.console)
console.warn("fatal:", msg);

id("login-again").style.display = "none";
id("login-wait-validating").style.display = "none";

if (oauth_redirect_to) {
id("login-again").href = oauth_redirect_to;
id("login-again").style.display = "block";
}

id("login").style.display = 'none';
id("login-details").style.display = 'none';
id("login-fatal").style.display = 'block';

var el = id("login-fatal-message");
el.textContent = "";
el.appendChild(document.createTextNode(msg));
}

function brand(_id, def) {
var style, elt = id(_id);
if (elt)
style = window.getComputedStyle(elt);
if (!style)
return;

var len, content = style.content;
if (content && content != "none" && content != "normal") {
len = content.length;
if ((content[0] === '"' || content[0] === '\'') &&
len > 2 && content[len - 1] === content[0])
content = content.substr(1, len - 2);
elt.innerHTML = content || def;
}
}

function requisites() {
function req(name, obj) {
var ret;
try {
ret = (obj[name]);
} catch(ex) {
fatal(format(_("The web browser configuration prevents Cockpit from running (inaccessible $0)"),
name));
throw ex;
}
if (ret === undefined) {
fatal(format(_("This web browser is too old to run Cockpit (missing $0)"), name));
return false;
}
return true;
}
return ("MozWebSocket" in window || req("WebSocket", window)) &&
req("XMLHttpRequest", window) &&
req("localStorage", window) &&
req("sessionStorage", window) &&
req("JSON", window) &&
req("defineProperty", Object) &&
req("console", window) &&
req("pushState", window.history) &&
req("textContent", document);
}

function trim(s) {
return s.replace(/^\s+|\s+$/g, '');
}

/* Sets values for application, url_root and login_path */
function setup_path_globals (path) {
var parser = document.createElement('a');
var base = document.baseURI;
var base_tags;
/* Some IEs don't support baseURI */
if (!base) {
base_tags = document.getElementsByTagName ("base");
if (base_tags.length > 0)
base = base_tags[0].href;
else
base = "/";
}

path = path || "/";
parser.href = base;
if (parser.pathname != "/") {
url_root = parser.pathname.replace(/^\/+|\/+$/g, '');
window.localStorage.setItem('url-root', url_root);
if (url_root && path.indexOf('/' + url_root) === 0)
path = path.replace('/' + url_root, '') || '/';
}

if (path.indexOf("/=") === 0) {
environment.hostname = path.substring(2);
path = "/cockpit+" + path.split("/")[1];
} else if (path.indexOf("/cockpit/") !== 0 && path.indexOf("/cockpit+") !== 0) {
path = "/cockpit";
}

application = path.split("/")[1];
login_path = "/" + application + "/login";
if (url_root)
login_path = "/" + url_root + login_path;

org_application = application;
org_login_path = login_path;
}

function toggle_options(ev, show) {
if (show === undefined)
show = id("server-group").style.display === "none";

id("option-group").setAttribute("data-state", show);
if (show) {
id("server-group").style.display = 'block';
id("option-caret").setAttribute("class", "caret caret-down");
id("option-caret").setAttribute("className", "caret caret-down");
} else {
id("server-group").style.display = 'none';
id("option-caret").setAttribute("class", "caret caret-right");
id("option-caret").setAttribute("className", "caret caret-right");
}
}

function boot() {
window.onload = null;

translate();

setup_path_globals (window.location.pathname);

// Setup title
var title = environment.page.title;
if (!title)
title = environment.hostname;
document.title = title;

if (application.indexOf("cockpit+=") === 0) {
id("brand").style.display = "none";
id("badge").style.visibility = "hidden";
} else {
brand("badge", "");
brand("brand", "Cockpit");
}

id("option-group").addEventListener("click", toggle_options);
id("server-clear").addEventListener("click", function () {
var el = id("server-field");
el.value = "";
el.focus();
});

if (!requisites())
return;

/* Setup the user's last choice about the authorized button */
var authorized = window.localStorage.getItem('authorized-default') || "";
if (authorized.indexOf("password") !== -1)
id("authorized-input").checked = true;

var os_release = JSON.stringify(environment["os-release"]);
var logout_intent = window.sessionStorage.getItem("logout-intent") == "explicit";
if (logout_intent)
window.sessionStorage.removeItem("logout-intent");
window.localStorage.setItem('os-release', os_release);

/* Try automatic/kerberos authentication? */
if (oauth) {
id("login-details").style.display = 'none';
id("login").style.display = 'none';
if (logout_intent) {
build_oauth_redirect_to();
id("login-again").textContent = _("Login Again");
fatal(_("Logout Successful"));
} else {
oauth_auto_login();
}
} else if (logout_intent) {
show_login();
} else {
standard_auto_login();
}
}

function standard_auto_login() {
var xhr = new XMLHttpRequest();
xhr.open("GET", login_path, true);
xhr.onreadystatechange = function () {
if (xhr.readyState != 4) {
return;
} else if (xhr.status == 200) {
run(JSON.parse(xhr.responseText));
} else if (xhr.status == 401) {
show_login();
} else if (xhr.statusText) {
fatal(decodeURIComponent(xhr.statusText));
} else if (xhr.status === 0) {
show_login();
} else {
fatal(format(_("$0 error"), xhr.status));
}
};
xhr.send();
}

function build_oauth_redirect_to() {
var url_parts = window.location.href.split('#', 2);
oauth_redirect_to = oauth.URL;
if (oauth.URL.indexOf("?") > -1)
oauth_redirect_to += "&";
else
oauth_redirect_to += "?";
oauth_redirect_to += "redirect_uri=" + encodeURIComponent(url_parts[0]);
}

function oauth_auto_login() {
var parser = document.createElement('a');
if (!oauth.URL)
return fatal(_("Cockpit authentication is configured incorrectly."));

var query = QueryParams(window.location.search);
if (!window.location.search && window.location.hash)
query = QueryParams(window.location.hash.slice(1));

/* Not all providers allow hashes in redirect urls */

var token_val, prompt_data, xhr;
build_oauth_redirect_to();

if (query[oauth.TokenParam]) {
if (window.sessionStorage.getItem('login-wanted')) {
parser.href = window.sessionStorage.getItem('login-wanted');
setup_path_globals (parser.pathname);
}

token_val = query[oauth.TokenParam];
id("login-wait-validating").style.display = "block";
xhr = new XMLHttpRequest();
xhr.open("GET", login_path, true);
xhr.setRequestHeader("Authorization", "Bearer " + token_val);
xhr.onreadystatechange = function () {
if (xhr.readyState != 4) {
return;
} else if (xhr.status == 200) {
run(JSON.parse(xhr.responseText));
} else {
prompt_data = get_prompt_from_challenge(xhr.getResponseHeader("WWW-Authenticate"),
xhr.responseText);
if (prompt_data)
show_converse(prompt_data);
else
fatal(xhr.statusText);
}
};
xhr.send();
} else if (query[oauth.ErrorParam]) {
fatal(query[oauth.ErrorParam]);
} else {
/* Store url we originally wanted in case we
* had to strip a hash or query params
*/
window.sessionStorage.setItem('login-wanted',
window.location.href);
window.location = oauth_redirect_to;
}
}

function clear_errors() {
id("error-group").style.display = "none";
id("login-error-message").textContent = "";
}

function login_failure(msg, in_conversation) {
clear_errors();
if (msg) {
/* OAuth failures are always fatal */
if (oauth) {
fatal(msg);
} else {
show_form(in_conversation);
id("login-error-message").textContent = msg;
id("error-group").style.display = "block";
}
}
}

function host_failure(msg) {
var host = id("server-field").value;
if (!host) {
login_failure(msg, false);
} else {
clear_errors();
id("login-error-message").textContent = msg;
id("error-group").style.display = "block";
toggle_options(null, true);
show_form();
}
}

function login_note(msg) {
var el = id("login-note");
if (msg) {
el.style.display = 'block';
el.textContent = msg;
} else {
el.innerHTML = '&nbsp;';
}
}

function call_login() {
login_failure(null);
var machine, user = trim(id("login-user-input").value);
if (user === "") {
login_failure(_("User name cannot be empty"));
} else {
machine = id("server-field").value;
if (machine) {
application = "cockpit+=" + machine;
login_path = org_login_path.replace("/" + org_application + "/", "/" + application + "/");
} else {
application = org_application;
login_path = org_login_path;
}

id("server-name").textContent = machine || environment.hostname;
id("login-button").removeEventListener("click", call_login);


/* When checked we tell the server to keep authentication */
var authorized = id("authorized-input").checked ? "password" : "";
var password = id("login-password-input").value;
window.localStorage.setItem('authorized-default', authorized);

var headers = {
"Authorization": "Basic " + window.btoa(utf8(user + ":" + password)),
"X-Authorize": authorized,
};

send_login_request("GET", headers, false);
}
}

function show_form(in_conversation) {
var connectable = environment.page.connect;
var expanded = id("option-group").getAttribute("data-state");
id("login-wait-validating").style.display = "none";
id("login").style.visibility = 'visible';
id("login").style.display = "block";
id("user-group").style.display = in_conversation ? "none" : "block";
id("password-group").style.display = in_conversation ? "none" : "block";
id("option-group").style.display = !connectable || in_conversation ? "none" : "block";
id("conversation-group").style.display = in_conversation ? "block" : "none";
id("login-button-text").textContent = "Log In";
id("login-password-input").value = '';

if (!connectable || in_conversation) {
id("server-group").style.display = "none";
} else {
id("server-group").style.display = expanded ? "block" : "none";
}


id("login-button").removeAttribute('disabled');

if (!in_conversation)
id("login-button").addEventListener("click", call_login);
}

function show_login() {
/* Show the login screen */
id("server-name").textContent = document.title;
login_note("Log in with your server user account.");
id("login-user-input").addEventListener("keydown", function(e) {
login_failure(null);
if (e.which == 13)
id("login-password-input").focus();
}, false);

id("login-password-input").addEventListener("keydown", function(e) {
login_failure(null);
if (e.which == 13)
call_login();
});
show_form();
id("login-user-input").focus();
phantom_checkpoint();
}

function show_converse(prompt_data) {
var type = prompt_data.echo ? "text" : "password";
id("conversation-prompt").textContent = prompt_data.prompt;

var em = id("conversation-message");
var msg = prompt_data.error || prompt_data.message;
if (msg) {
em.textContent = msg;
em.style.display = "block";
} else {
em.style.display = "none";
}

var ei = id("conversation-input");
ei.value = "";
if (prompt_data.default)
ei.value = prompt_data.default;
ei.setAttribute('type', type);
ei.focus();

login_failure("");

function call_converse() {
id("conversation-input").removeEventListener("keydown", key_down);
id("login-button").removeEventListener("click", call_converse);
login_failure(null, true);
converse(prompt_data.id, id("conversation-input").value);
}

function key_down(e) {
login_failure(null, true);
if (e.which == 13) {
call_converse();
}
}

id("conversation-input").addEventListener("keydown", key_down);
id("login-button").addEventListener("click", call_converse);
show_form(true);
phantom_checkpoint();
}

function utf8(str) {
return window.unescape(encodeURIComponent(str));
}

function get_prompt_from_challenge (header, body) {
var parts;
var prompt;
var resp;
var id;

if (!header)
return null;

parts = header.split(' ');
if (parts[0].toLowerCase() !== 'x-conversation' && parts.length != 3)
return null;

id = parts[1];
try {
prompt = window.atob(parts[2]);
} catch (err) {
if (window.console)
console.error("Invalid prompt data", err);
return null;
}

try {
resp = JSON.parse(body);
} catch (err) {
if (window.console)
console.log("Got invalid JSON response for prompt data", err);
resp = {};
}

resp.id = id;
resp.prompt = prompt;
return resp;
}

function send_login_request(method, headers, is_conversation) {
id("login-button").setAttribute('disabled', "true");
var xhr = new XMLHttpRequest();
xhr.open("GET", login_path, true);
var prompt_data;
var challenge;

var k;
for (k in headers)
xhr.setRequestHeader(k, headers[k]);

xhr.onreadystatechange = function () {
if (xhr.readyState != 4) {
return;
} else if (xhr.status == 200) {
var resp = JSON.parse(xhr.responseText);
run(resp);
} else if (xhr.status == 401) {
challenge = xhr.getResponseHeader("WWW-Authenticate");
if (challenge && challenge.toLowerCase().indexOf("x-conversation") === 0) {
prompt_data = get_prompt_from_challenge(challenge, xhr.responseText);
if (prompt_data)
show_converse(prompt_data);
else
fatal(_("Internal Error: Invalid challenge header"));
} else {
if (window.console)
console.log(xhr.statusText);
if (xhr.statusText.indexOf("authentication-not-supported") > -1) {
var user = trim(id("login-user-input").value);
fatal(format(_("The server refused to authenticate '$0' using password authentication, and no other supported authentication methods are available."), user));
} else if (xhr.statusText.indexOf("terminated") > -1) {
login_failure(_("Authentication Failed: Server closed connection"));
} else if (xhr.statusText.indexOf("no-host") > -1) {
host_failure(_("Unable to connect to that address"));
} else if (xhr.statusText.indexOf("unknown-hostkey") > -1) {
host_failure(_("Refusing to connect. Hostkey is unknown"));
} else if (xhr.statusText.indexOf("unknown-host") > -1) {
host_failure(_("Refusing to connect. Host is unknown"));
} else if (xhr.statusText.indexOf("invalid-hostkey") > -1) {
host_failure(_("Refusing to connect. Hostkey does not match"));
} else if (is_conversation) {
login_failure(_("Authentication failed"));
} else {
login_failure(_("Wrong user name or password"));
}
}
} else if (xhr.status == 403) {
login_failure(decodeURIComponent(xhr.statusText) || _("Permission denied"));
} else if (xhr.statusText) {
fatal(decodeURIComponent(xhr.statusText));
} else {
fatal(format(_("$0 error"), xhr.status));
}
id("login-button").removeAttribute('disabled');
phantom_checkpoint();
};
xhr.send();
}

function converse(id, msg) {
var headers = {
"Authorization": "X-Conversation " + id + " " + window.btoa(utf8(msg))
};
send_login_request("GET", headers, true);
}

function login_reload (wanted) {
if (wanted && wanted != window.location.href)
window.location = wanted;

// Force a reload if the above didn't trigger it
window.setTimeout(function() {
window.location.reload(true);
}, 100);
}

function machine_application_login_reload (wanted) {
var base = '/' + application + '/@localhost/';
if (url_root)
base = '/' + url_root + base;
var embeded_url = base + 'shell/index.html';
var xhr = new XMLHttpRequest();
xhr.open("GET", base + 'manifests.json', true);
xhr.onreadystatechange = function () {
if (xhr.readyState != 4) {
return;
} else if (xhr.status == 200) {
var resp = JSON.parse(xhr.responseText);
var base1 = resp ? resp['base1'] : {};
if (!base1['version'] || base1['version'] < "119.x") {
login_reload (embeded_url);
} else
login_reload (wanted);
} else {
login_reload (embeded_url);
}
phantom_checkpoint();
};
xhr.send();
}

function clear_storage (storage, prefix, full) {
var i = 0;
while (i < storage.length) {
var k = storage.key(i);
if (full && k.indexOf("cockpit") !== 0)
storage.removeItem(k);
else if (k.indexOf(prefix) === 0)
storage.removeItem(k);
else
i++;
}
}

function setup_localstorage (response) {
/* Clear anything not prefixed with
* different application from sessionStorage
*/
clear_storage (window.sessionStorage, application, true);

/* Clear anything prefixed with our application
* and login-data, but not other non-application values.
*/
window.localStorage.removeItem('login-data');
clear_storage (window.localStorage, application, false);

var str;
if (response && response["login-data"]) {
str = JSON.stringify(response["login-data"]);
try {
/* login-data is tied to the auth cookie, since
* cookies are available after the page
* session ends login-data should be too.
*/
window.localStorage.setItem(application + 'login-data', str);
/* Backwards compatbility for packages that aren't application prefixed */
window.localStorage.setItem('login-data', str);
} catch(ex) {
console.warn("Error storing login-data:", ex);
}
}

/* URL Root is set by cockpit ws and shouldn't be prefixed
* by application
*/
if (url_root)
window.localStorage.setItem('url-root', url_root);
}

function run(response) {
var wanted = window.sessionStorage.getItem('login-wanted');
var machine = id("server-field").value;
var str;

if (machine && application != org_application) {
wanted = "/=" + machine;
if (url_root)
wanted = "/" + url_root + wanted;
}

/* clean up sessionStorage. clear anything that isn't prefixed
* with an application and anything prefixed with our application.
*/
clear_storage(window.sessionStorage, application, false);

setup_localstorage(response);

/* Make sure that the base1 version is new enough to handle
* urls that reference machines.
*/
if (application.indexOf("cockpit+=") === 0) {
machine_application_login_reload (wanted);
} else {
login_reload (wanted);
}
}

window.onload = boot;
})(window.console);
</script>
<style>
/* Login page is standalone, all CSS here */
html {
font-family: sans-serif;
-ms-text-size-adjust: 100%;
-webkit-text-size-adjust: 100%;
font-size: 62.5%;
-webkit-tap-highlight-color: rgba(0, 0, 0, 0);
}
body {
margin: 0;
font-family: "Open Sans", Helvetica, Arial, sans-serif;
font-size: 12px;
line-height: 1.66666667;
color: #333333;
background-color: #ffffff;
}
a {
background: transparent;
color: #0099d3;
text-decoration: none;
}
a:focus {
outline: thin dotted;
outline: 5px auto -webkit-focus-ring-color;
outline-offset: -2px;
}
a:active,
a:hover {
outline: 0;
}
a:hover,
a:focus {
color: #00618a;
text-decoration: underline;
}
img {
border: 0;
vertical-align: middle;
}
button,
input,
select,
textarea {
font-family: inherit;
margin: 0;
font-size: inherit;
line-height: inherit;
}
button,
input {
line-height: normal;
}
button,
select {
text-transform: none;
}
button {
-webkit-appearance: button;
cursor: pointer;
overflow: visible;
}
button::-moz-focus-inner,
input::-moz-focus-inner {
border: 0;
padding: 0;
}
*,
*:before,
*:after {
-webkit-box-sizing: border-box;
-moz-box-sizing: border-box;
box-sizing: border-box;
}
p {
margin: 0 0 10px;
}
.container {
margin-right: auto;
margin-left: auto;
padding-left: 20px;
padding-right: 20px;
}
.container:before,
.container:after,
.row:before,
.row:after {
content: " ";
display: table;
}
.container:after,
.row:after {
clear: both;
}
@media (min-width: 768px) {
.container {
width: 760px;
}
}
@media (min-width: 992px) {
.container {
width: 980px;
}
}
@media (min-width: 1200px) {
.container {
width: 1180px;
}
}
.row {
margin-left: -20px;
margin-right: -20px;
}
.col-sm-1, .col-sm-2, .col-md-2, .col-sm-3, .col-sm-5, .col-lg-5, .col-sm-6, .col-md-6, .col-sm-7, .col-lg-7, .col-sm-10, .col-md-10, .col-xs-12, .col-sm-12 {
position: relative;
min-height: 1px;
padding-left: 20px;
padding-right: 20px;
}
.col-xs-12 {
float: left;
width: 100%;
}
@media (min-width: 768px) {
.col-sm-1, .col-sm-2, .col-sm-3, .col-sm-5, .col-sm-6, .col-sm-7, .col-sm-10, .col-sm-12 {
float: left;
}
.col-sm-12 {
width: 100%;
}
.col-sm-10 {
width: 83.33333333333334%;
}
.col-sm-7 {
width: 58.333333333333336%;
}
.col-sm-6 {
width: 50%;
}
.col-sm-5 {
width: 41.66666666666667%;
}
.col-sm-3 {
width: 25%;
}
.col-sm-2 {
width: 16.666666666666664%;
}
.col-sm-1 {
width: 8.333333333333332%;
}
.col-sm-offset-2 {
margin-left: 16.666666666666664%;
}
}
@media (min-width: 992px) {
.col-md-2, .col-md-6, .col-md-10 {
float: left;
}
.col-md-10 {
width: 83.33333333333334%;
}
.col-md-6 {
width: 50%;
}
.col-md-2 {
width: 16.666666666666664%;
}
}
@media (min-width: 1200px) {
.col-lg-5, .col-lg-7 {
float: left;
}
.col-lg-7 {
width: 58.333333333333336%;
}
.col-lg-5 {
width: 41.66666666666667%;
}
}
@media (max-width: 767px) {
}
label {
display: inline-block;
margin-bottom: 5px;
font-weight: bold;
}
.form-control {
height: 26px;
line-height: 1.66666667;
color: #333333;
}
.form-control[type='text'],
.form-control[type='password'] {
display: block;
width: 100%;
padding: 2px 6px;
font-size: 12px;
background-color: #ffffff;
background-image: none;
border: 1px solid #bababa;
border-radius: 1px;
-webkit-box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075);
box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075);
-webkit-transition: border-color ease-in-out .15s, box-shadow ease-in-out .15s;
transition: border-color ease-in-out .15s, box-shadow ease-in-out .15s;
}
.form-control:focus {
border-color: #66afe9;
outline: 0;
-webkit-box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(102, 175, 233, 0.6);
box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(102, 175, 233, 0.6);
}
.form-control:-moz-placeholder {
color: #999999;
font-style: italic;
}
.form-control::-moz-placeholder {
color: #999999;
font-style: italic;
opacity: 1;
}
.form-control:-ms-input-placeholder {
color: #999999;
font-style: italic;
}
.form-control::-webkit-input-placeholder {
color: #999999;
font-style: italic;
}
.help-block {
display: block;
margin-top: 5px;
margin-bottom: 10px;
color: #737373;
}
.control-label {
margin-top: 0;
margin-bottom: 0;
padding-top: 3px;
}
.form-group {
margin-left: -20px;
margin-right: -20px;
}
.form-group:after {
clear: both;
margin-bottom: 15px;
}
.form-group:before,
.form-group:after {
content: " ";
display: table;
}
@media (min-width: 768px) {
.control-label {
text-align: right;
}
}
.btn {
display: inline-block;
margin-bottom: 0;
font-weight: 600;
text-align: center;
vertical-align: middle;
cursor: pointer;
background-image: none;
border: 1px solid transparent;
white-space: nowrap;
padding: 2px 6px;
font-size: 12px;
line-height: 1.66666667;
border-radius: 1px;
-webkit-user-select: none;
-moz-user-select: none;
-ms-user-select: none;
-o-user-select: none;
user-select: none;
}
.btn:focus {
outline: thin dotted;
outline: 5px auto -webkit-focus-ring-color;
outline-offset: -2px;
}
.btn:hover,
.btn:focus {
color: #4d5258;
text-decoration: none;
}
.btn:active {
outline: 0;
background-image: none;
-webkit-box-shadow: inset 0 3px 5px rgba(0, 0, 0, 0.125);
box-shadow: inset 0 3px 5px rgba(0, 0, 0, 0.125);
}
.btn-primary {
color: #ffffff;
background-color: #189ad1;
border-color: #267da1;
}
.btn-primary:hover,
.btn-primary:focus,
.btn-primary:active {
color: #ffffff;
background-color: #147fac;
border-color: #1a576f;
}
.btn-primary:active {
background-image: none;
}
.btn-lg {
padding: 6px 10px;
font-size: 14px;
line-height: 1.33;
border-radius: 1px;
}
@-ms-viewport {
width: device-width;
}
.btn {
-webkit-box-shadow: 0 2px 3px rgba(0, 0, 0, 0.1);
box-shadow: 0 2px 3px rgba(0, 0, 0, 0.1);
}
.btn:active {
-webkit-box-shadow: inset 0 2px 8px rgba(0, 0, 0, 0.2);
box-shadow: inset 0 2px 8px rgba(0, 0, 0, 0.2);
}
.btn-primary {
background-color: #189ad1;
background-image: -webkit-linear-gradient(top, #1cace8 0%, #1998cc 100%);
background-image: linear-gradient(to bottom, #1cace8 0%, #1998cc 100%);
background-repeat: repeat-x;
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff1cace8', endColorstr='#ff1998cc', GradientType=0);
border-color: #267da1;
color: #ffffff;
}
.btn-primary:hover,
.btn-primary:focus,
.btn-primary:active {
background-color: #189ad1;
background-image: none;
border-color: #267da1;
color: #ffffff;
}
.btn-primary:active {
background-image: none;
}
@font-face {
font-family: 'Open Sans';
font-style: normal;
font-weight: 400;
src: url('cockpit/static/fonts/OpenSans-Regular-webfont.woff') format('woff');
}
@font-face {
font-family: 'Open Sans';
font-style: normal;
font-weight: 700;
src: url('cockpit/static/fonts/OpenSans-Bold-webfont.woff') format('woff');
}
.form-control:hover {
border-color: #7BB2DD;
}
label {
font-weight: 600;
}
.login-pf {
height: 100%;
}
.login-pf #brand {
position: relative;
top: -70px;
}
.login-pf #brand img {
display: block;
margin: 0 auto;
max-width: 100%;
}
@media (min-width: 768px) {
.login-pf #brand img {
margin: 0;
text-align: left;
}
}
.login-pf #badge {
display: block;
margin: 20px auto 70px;
position: relative;
text-align: center;
}
@media (min-width: 768px) {
.login-pf #badge {
float: right;
margin-right: 64px;
margin-top: 50px;
}
}
.login-pf .container {
background-color: #181818;
background-color: rgba(255, 255, 255, 0.055);
clear: right;
padding-bottom: 40px;
padding-top: 20px;
width: auto;
}
@media (min-width: 768px) {
.login-pf .container {
bottom: 13%;
padding-left: 80px;
position: absolute;
width: 100%;
}
}
.login-pf .container .details p:first-child {
border-top: 1px solid #474747;
padding-top: 25px;
margin-top: 25px;
}
@media (min-width: 768px) {
.login-pf .container .login-area {
border-right: 1px solid #474747;
}
.login-pf .container .details {
padding-left: 40px;
}
.login-pf .container .details p:first-child {
border-top: 0;
padding-top: 0;
margin-top: 0;
}
}
.login-pf .container .details p {
margin-bottom: 2px;
}
.login-pf .container .control-label {
font-size: 13px;
font-weight: 400;
text-align: left;
}
.login-pf .container .form-group:last-child,
.login-pf .container .form-group:last-child .help-block:last-child {
margin-bottom: 0;
}
.login-pf .container .help-block {
color: #fff;
}
@-webkit-keyframes rotation {
from {
-webkit-transform: rotate(0deg);
}
to {
-webkit-transform: rotate(359deg);
}
}
@keyframes rotation {
from {
transform: rotate(0deg);
}
to {
transform: rotate(359deg);
}
}
.spinner {
-webkit-animation: rotation .6s infinite linear;
animation: rotation .6s infinite linear;
border-bottom: 4px solid rgba(0, 0, 0, 0.25);
border-left: 4px solid rgba(0, 0, 0, 0.25);
border-right: 4px solid rgba(0, 0, 0, 0.25);
border-radius: 100%;
border-top: 4px solid rgba(0, 0, 0, 0.75);
height: 24px;
margin: 4px 0 0 0;
position: relative;
width: 24px;
}
.alert {
padding: 7px 11px;
margin-bottom: 20px;
border: 2px solid transparent;
border-radius: 1px;
}
.alert-danger {
background: transparent;
color: #fff;
border-color: #cc0000;
font-weight: bold;
}

#option-group {
cursor: pointer;
margin-left: -20px;
margin-right: -20px;
}

#server-group:before {
clear: both;
margin-top: 5px;
}

/* Login page specific overrides */
body {
color: #fff;
}
.login-fatal {
font-size: 130%;
}

#login-wait-validating div {
float: left;
}

.conversation-prompt {
white-space: normal;
word-wrap: break-word;
}

.control-label {
white-space: nowrap;
font-size: 13px;
}
.spinner {
border-color: rgba(255, 255, 255, 0.75) rgba(255, 255, 255, 0.25) rgba(255, 255, 255, 0.25)
}

/* Inline login screen */
.inline #badge,
.inline #brand,
.inline #login-details {
display: none;
}

.inline body {
background: none !important;
color: #000;
}
.inline .container .help-block {
color: #000;
}
@media (min-width: 768px) {
.login-button-container {
float: right;
}
}
.caret {
display: inline-block;
position: relative;
top: 4px;
}
.caret-down {
transform: rotate(90deg);
-moz-transform: rotate(90deg);
-webkit-transform: rotate(90deg);
transform-origin: 8px 8px;
-moz-transform-origin: 8px 8px;
-webkit-transform-origin: 8px 8px;
}
.server-box {
position: relative;
}
.cross {
position: absolute;
right: 25px;
top: 2px;
font-weight: bold;
font-size: 14px;
color: black;
opacity: 0.7;
cursor: pointer;
}
.cross:hover {
opacity: 1;
}
#option-group div {
margin-left: -3px;
margin-top: 3px;
margin-bottom: 10px;
}
#option-group svg {
opacity: 0.7;
}
#option-group:hover svg {
opacity: 1.0;
}
#authorized-input {
width: 13px;
height: 13px;
padding: 0;
margin: 0;
vertical-align: bottom;
margin: 8px 5px 3px 0px;
}
#login-button {
padding: 7px;
}
#login-button .spinner {
display: none;
}
#login-button[disabled] {
padding: 0px;
background-color: #333;
background-image: none;
border-color: #555;
}
#login-button[disabled] .spinner {
display: inline-block;
}
#login-button[disabled] #login-button-text {
display: none;
}
</style>
<link href="cockpit/static/branding.css" type="text/css" rel="stylesheet">
</head>
<body class="login-pf">
<span id="badge">
</span>
<div class="container">
<div class="row">
<div class="col-sm-12">
<div id="brand">
</div><!--/#brand-->
</div><!--/.col-*-->

<div id="login" class="col-sm-7 col-md-6 col-lg-5 login-area" style="visibility: hidden;">
<div role="form">

<div id="error-group" class="alert alert-danger" hidden>
<span id="login-error-message"></span>
</div>

<div id="conversation-group" class="form-group" hidden>
<div class="col-sm-12 col-md-12">
<div id="conversation-message"></div>
<label id="conversation-prompt" for="conversation-input"></label>
</div>
<div class="col-sm-12 col-md-12">
<input type="password" class="form-control" id="conversation-input">
</div>
</div>

<div id="user-group" class="form-group">
<label for="login-user-input" class="col-sm-2 col-md-2 control-label" translate>User name</label>
<div class="col-sm-10 col-md-10">
<input type="text" class="form-control" id="login-user-input">
</div>
</div>

<div id="password-group" class="form-group">
<label for="login-password-input" class="col-sm-2 col-md-2 control-label" translate>Password</label>
<div class="col-sm-10 col-md-10">
<input type="password" class="form-control" id="login-password-input">
</div>
<div class="col-sm-2 col-md-2"></div>
<div class="col-sm-10 col-md-10">
<label class="control-label">
<input type="checkbox" class="form-control" id="authorized-input" translate>Reuse my password for privileged tasks</label>
</div>
</div>

<div id="option-group">
<div class="col-sm-5 col-md-5">
<i id="option-caret" class="caret caret-right" aria-hidden="true">
<svg height="16" width="16" viewBox="0 0 16 16">
<polygon fill="#ffffff" points="4,0 4,14 12,7"/>
<polygon>
</svg>
</i>
<span translate>Other Options</span>
</div>
</div>

<div id="server-group" class="form-group" hidden>
<label title="Log in to another system. Leave blank to log in to the local system." for="server-field" class="col-sm-2 col-md-2 control-label" translate>Connect to</label>
<div class="col-sm-10 col-md-10 server-box">
<input type="text" class="form-control" id="server-field">
<span class="cross" id="server-clear" aria-hidden="true">&#x274c;</span>
</div>
</div>

<div class="form-group">
<div class="col-md-3 col-sm-3 login-button-container">
<button class="btn btn-primary btn-lg col-xs-12" id="login-button">
<div class="spinner"></div>
<div id="login-button-text" translate>Log In</div>
</button>
</div>
</div>
</div>
</div><!--/.col-*-->

<div class="col-sm-5 col-md-6 col-lg-7 details" id="login-details">
<p>
<label class="control-label"><span translate>Server</span>: <b id="server-name"></b></label>
</p>
<p id="login-note" class="login-note"></p>
</div><!--/.col-*-->

<div class="col-sm-5 col-md-6 col-lg-7" id="login-wait-validating" hidden>
<div class="col-sm-4">
<span class="help-block" translate>Validating authentication token</span>
</div>
<div class="col-sm-1">
<div class="spinner col-xs-15">
</div>
</div>
</div>

<div class="col-sm-12" id="login-fatal" hidden>
<span id="login-fatal-message"></span>
<a id="login-again" translate hidden>Try Again</a>
</div>

</div><!--/.row-->
</div><!--/.container-->
</body>
</html>
25221 - Remote listeners enumeration (Linux / AIX)
Synopsis
Using the supplied credentials, it was possible to identify the process listening on the remote port.
Description
By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.

Note that the method used by this plugin only works for hosts running Linux or AIX.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/05/16, Modified: 2017/08/28
Plugin Output

tcp/9090


Process ID : 1
Executable : /usr/lib/systemd/systemd
Command line : /usr/lib/systemd/systemd --system --deserialize 18
56984 - SSL / TLS Versions Supported
Synopsis
The remote service encrypts communications.
Description
This plugin detects which SSL and TLS versions are supported by the remote service for encrypting communications.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2011/12/01, Modified: 2017/11/06
Plugin Output

tcp/9090


This port supports TLSv1.1/TLSv1.2.
57041 - SSL Perfect Forward Secrecy Cipher Suites Supported
Synopsis
The remote service supports the use of SSL Perfect Forward Secrecy ciphers, which maintain confidentiality even if the key is stolen.
Description
The remote host supports the use of SSL ciphers that offer Perfect Forward Secrecy (PFS) encryption. These cipher suites ensure that recorded SSL traffic cannot be broken at a future date if the server's private key is compromised.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2011/12/07, Modified: 2017/06/12
Plugin Output

tcp/9090


Here is the list of SSL PFS ciphers supported by the remote server :

High Strength Ciphers (>= 112-bit key)

ECDHE-RSA-AES128-SHA256 Kx=ECDH Au=RSA Enc=AES-GCM(128) Mac=SHA256
ECDHE-RSA-AES256-SHA384 Kx=ECDH Au=RSA Enc=AES-GCM(256) Mac=SHA384
ECDHE-RSA-CAMELLIA-CBC-128 Kx=ECDH Au=RSA Enc=Camellia-CBC(128) Mac=SHA256
ECDHE-RSA-CAMELLIA-GCM-128 Kx=ECDH Au=RSA Enc=Camellia-GCM(128) Mac=SHA256
ECDHE-RSA-CAMELLIA-CBC-256 Kx=ECDH Au=RSA Enc=Camellia-CBC(256) Mac=SHA384
ECDHE-RSA-CAMELLIA-GCM-256 Kx=ECDH Au=RSA Enc=Camellia-GCM(256) Mac=SHA384
ECDHE-RSA-CHACHA20-POLY1305 Kx=ECDH Au=RSA Enc=ChaCha20-Poly1305(256) Mac=SHA256
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
ECDHE-RSA-AES128-SHA256 Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA256
ECDHE-RSA-AES256-SHA384 Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA384

The fields above are :

{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
70544 - SSL Cipher Block Chaining Cipher Suites Supported
Synopsis
The remote service supports the use of SSL Cipher Block Chaining ciphers, which combine previous blocks with subsequent ones.
Description
The remote host supports the use of SSL ciphers that operate in Cipher Block Chaining (CBC) mode. These cipher suites offer additional security over Electronic Codebook (ECB) mode, but have the potential to leak information if used improperly.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2013/10/22, Modified: 2013/10/22
Plugin Output

tcp/9090


Here is the list of SSL CBC ciphers supported by the remote server :

High Strength Ciphers (>= 112-bit key)

ECDHE-RSA-CAMELLIA-CBC-128 Kx=ECDH Au=RSA Enc=Camellia-CBC(128) Mac=SHA256
ECDHE-RSA-CAMELLIA-CBC-256 Kx=ECDH Au=RSA Enc=Camellia-CBC(256) Mac=SHA384
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1
CAMELLIA128-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA1
CAMELLIA256-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA1
ECDHE-RSA-AES128-SHA256 Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA256
ECDHE-RSA-AES256-SHA384 Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA384
RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256
RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256
RSA-CAMELLIA128-SHA256 Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA256
RSA-CAMELLIA256-SHA256 Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA256

The fields above are :

{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
84502 - HSTS Missing From HTTPS Server
Synopsis
The remote web server is not enforcing HSTS.
Description
The remote HTTPS server is not enforcing HTTP Strict Transport Security (HSTS). The lack of HSTS allows downgrade attacks, SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.
See Also
Solution
Configure the remote web server to use HSTS.
Risk Factor
None
Plugin Information:
Published: 2015/07/02, Modified: 2015/07/02
Plugin Output

tcp/9090


The remote HTTPS server does not send the HTTP
"Strict-Transport-Security" header.
94761 - SSL Root Certification Authority Certificate Information
Synopsis
A root Certification Authority certificate was found at the top of the certificate chain.
Description
The remote service uses an SSL certificate chain that contains a self-signed root Certification Authority certificate at the top of the chain.
See Also
Solution
Ensure that use of this root Certification Authority certificate complies with your organization's acceptable use and security policies.
Risk Factor
None
Plugin Information:
Published: 2016/11/14, Modified: 2016/11/14
Plugin Output

tcp/9090


The following root Certification Authority certificate was found :

|-Subject : O=5a4fa85e0277478f8c474a86c65f8daf/CN=fedora25.localhost.local
|-Issuer : O=5a4fa85e0277478f8c474a86c65f8daf/CN=fedora25.localhost.local
|-Valid From : Jan 23 22:14:10 2017 GMT
|-Valid To : Dec 30 22:14:10 2116 GMT
|-Signature Algorithm : SHA-256 With RSA Encryption

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2017/11/28
Plugin Output

udp/38492

Port 38492/udp was found to be open
25221 - Remote listeners enumeration (Linux / AIX)
Synopsis
Using the supplied credentials, it was possible to identify the process listening on the remote port.
Description
By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.

Note that the method used by this plugin only works for hosts running Linux or AIX.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/05/16, Modified: 2017/08/28
Plugin Output

udp/38492


Process ID : 16752
Executable : /usr/sbin/dhclient
Command line : /sbin/dhclient -d -q -sf /usr/libexec/nm-dhcp-helper -pf /var/run/dhclient-eth0.pid -lf /var/lib/NetworkManager/dhclient-6e7ffb7d-7f0a-3cc9-9b51-eecd5c135571-eth0.lease -cf /var/lib/NetworkManager/dhclient-eth0.conf eth0

14272 - Netstat Portscanner (SSH)
Synopsis
Remote open ports can be enumerated via SSH.
Description
Nessus was able to run 'netstat' on the remote host to enumerate the open ports.

See the section 'plugins options' about configuring this plugin.
See Also
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2004/08/15, Modified: 2017/11/28
Plugin Output

udp/65016

Port 65016/udp was found to be open
25221 - Remote listeners enumeration (Linux / AIX)
Synopsis
Using the supplied credentials, it was possible to identify the process listening on the remote port.
Description
By logging into the remote host with the supplied credentials, Nessus was able to obtain the name of the process listening on the remote port.

Note that the method used by this plugin only works for hosts running Linux or AIX.
Solution
n/a
Risk Factor
None
Plugin Information:
Published: 2007/05/16, Modified: 2017/08/28
Plugin Output

udp/65016


Process ID : 16752
Executable : /usr/sbin/dhclient
Command line : /sbin/dhclient -d -q -sf /usr/libexec/nm-dhcp-helper -pf /var/run/dhclient-eth0.pid -lf /var/lib/NetworkManager/dhclient-6e7ffb7d-7f0a-3cc9-9b51-eecd5c135571-eth0.lease -cf /var/lib/NetworkManager/dhclient-eth0.conf eth0
192.168.1.72
7
58
73
10
31
Critical
High
Medium
Low
Info
Scan Information
Start time: Mon Dec 11 10:31:34 2017
End time: Mon Dec 11 10:45:36 2017
Host Information
DNS Name: suse12.localhost.local
IP: 192.168.1.72
MAC Address: 00:15:5D:0F:C6:93
OS: Linux Kernel 4.4.21-84-default on SuSE12.2
Vulnerabilities

10114 - ICMP Timestamp Request Remote Date Disclosure
Synopsis
It is possible to determine the exact time set on the remote host.
Description
The remote host answers to an ICMP timestamp request. This allows an attacker to know the date that is set on the targeted machine, which may assist an unauthenticated, remote attacker in defeating time-based authentication protocols.

Timestamps returned from machines running Windows Vista / 7 / 2008 / 2008 R2 are deliberately incorrect, but usually within 1000 seconds of the actual system time.
Solution
Filter out the ICMP timestamp requests (13), and the outgoing ICMP timestamp replies (14).
Risk Factor
None
References
CVE CVE-1999-0524
XREF CWE:200
XREF OSVDB:94
Plugin Information:
Published: 1999/08/01, Modified: 2012/06/18
Plugin Output

icmp/0

The remote clock is synchronized with the local clock.

96135 - SUSE SLED12 / SLES12 Security Update : libgme (SUSE-SU-2016:3250-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for libgme fixes the following issues :

- CVE-2016-9957, CVE-2016-9958, CVE-2016-9959, CVE-2016-9960, CVE-2016-9961: Various issues were fixed in the handling of SPC music files that could have been exploited for gaining privileges of desktop users.
[bsc#1015941]

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2016-1898=1

SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1898=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2016-1898=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2016-1898=1

SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1898=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2016-1898=1

SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1898=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
Critical
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
9.5 (CVSS2#E:F/RL:U/RC:ND)
References
CVE CVE-2016-9961
CVE CVE-2016-9960
CVE CVE-2016-9959
CVE CVE-2016-9958
CVE CVE-2016-9957
XREF OSVDB:148961
XREF OSVDB:148960
XREF OSVDB:148959
XREF OSVDB:148958
XREF OSVDB:148957
Plugin Information:
Published: 2016/12/27, Modified: 2017/06/16
Plugin Output

tcp/0


Remote package installed : libgme0-0.6.0-3.82
Should be : libgme0-0.6.0-5.1
97015 - SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2017:0380-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for libxml2 fixes the following issues :

- CVE-2016-4658: use-after-free error could lead to crash [bsc#1005544]

- Fix NULL dereference in xpointer.c when in recovery mode [bsc#1014873]

- CVE-2016-9597: An XML document with many opening tags could have caused a overflow of the stack not detected by the recursion limits, allowing for DoS (bsc#1017497).
For CVE-2016-9318 we decided not to ship a fix since it can break existing setups. Please take appropriate actions if you parse untrusted XML files and use the new
-noxxe flag if possible (bnc#1010675, bnc#1013930).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-192=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-192=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-192=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-192=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-9597
CVE CVE-2016-9318
CVE CVE-2016-4658
XREF OSVDB:149220
XREF OSVDB:147409
XREF OSVDB:144561
Plugin Information:
Published: 2017/02/06, Modified: 2017/02/06
Plugin Output

tcp/0


Remote package installed : libxml2-2-2.9.4-27.1
Should be : libxml2-2-2.9.4-33.1

Remote package installed : libxml2-tools-2.9.4-27.1
Should be : libxml2-tools-2.9.4-33.1

Remote package installed : libxml2-2-32bit-2.9.4-27.1
Should be : libxml2-2-32bit-2.9.4-33.1
97466 - SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:0575-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.49 to receive various security and bugfixes. The following security bugs were fixed :

- CVE-2016-7117: Use-after-free vulnerability in the
__sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that was mishandled during error processing (bnc#1003077).

- CVE-2017-5576: Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call (bnc#1021294).

- CVE-2017-5577: The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel did not set an errno value upon certain overflow detections, which allowed local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call (bnc#1021294).

- CVE-2017-5551: The simple_set_acl function in fs/posix_acl.c in the Linux kernel preserved the setgid bit during a setxattr call involving a tmpfs filesystem, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. (bnc#1021258).

- CVE-2017-2583: The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel improperly emulated a 'MOV SS, NULL selector' instruction, which allowed guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application (bnc#1020602).

- CVE-2017-2584: arch/x86/kvm/emulate.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt (bnc#1019851).

- CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states 'there is no kernel bug here' (bnc#1010933).

- CVE-2016-9806: Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel allowed local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that made sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated (bnc#1013540).

- CVE-2017-5897: fixed a bug in the Linux kernel IPv6 implementation which allowed remote attackers to trigger an out-of-bounds access, leading to a denial-of-service attack (bnc#1023762).

- CVE-2017-5970: Fixed a possible denial-of-service that could have been triggered by sending bad IP options on a socket (bsc#1024938).

- CVE-2017-5986: an application could have triggered a BUG_ON() in sctp_wait_for_sndbuf() if the socket TX buffer was full, a thread was waiting on it to queue more data, and meanwhile another thread peeled off the association being used by the first thread (bsc#1025235). The following non-security bugs were fixed :

- 8250: fintek: rename IRQ_MODE macro (boo#1009546).

- acpi: nfit, libnvdimm: fix / harden ars_status output length handling (bsc#1023175).

- acpi: nfit: fix bus vs dimm confusion in xlat_status (bsc#1023175).

- acpi: nfit: validate ars_status output buffer size (bsc#1023175).

- arm64: numa: fix incorrect log for memory-less node (bsc#1019631).

- asoc: cht_bsw_rt5645: Fix leftover kmalloc (bsc#1010690).

- asoc: rt5670: add HS ground control (bsc#1016250).

- bcache: Make gc wakeup sane, remove set_task_state() (bsc#1021260).

- bcache: partition support: add 16 minors per bcacheN device (bsc#1019784).

- blk-mq: Allow timeouts to run while queue is freezing (bsc#1020817).

- blk-mq: Always schedule hctx->next_cpu (bsc#1020817).

- blk-mq: Avoid memory reclaim when remapping queues (bsc#1020817).

- blk-mq: Fix failed allocation path when mapping queues (bsc#1020817).

- blk-mq: do not overwrite rq->mq_ctx (bsc#1020817).

- blk-mq: improve warning for running a queue on the wrong CPU (bsc#1020817).

- block: Change extern inline to static inline (bsc#1023175).

- bluetooth: btmrvl: fix hung task warning dump (bsc#1018813).

- bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).

- brcmfmac: Change error print on wlan0 existence (bsc#1000092).

- btrfs: add support for RENAME_EXCHANGE and RENAME_WHITEOUT (bsc#1020975).

- btrfs: bugfix: handle FS_IOC32_{GETFLAGS,SETFLAGS,GETVERSION} in btrfs_ioctl (bsc#1018100).

- btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls (bsc#1018100).

- btrfs: fix inode leak on failure to setup whiteout inode in rename (bsc#1020975).

- btrfs: fix lockdep warning about log_mutex (bsc#1021455).

- btrfs: fix lockdep warning on deadlock against an inode's log mutex (bsc#1021455).

- btrfs: fix number of transaction units for renames with whiteout (bsc#1020975).

- btrfs: increment ctx->pos for every emitted or skipped dirent in readdir (bsc#981709).

- btrfs: incremental send, fix invalid paths for rename operations (bsc#1018316).

- btrfs: incremental send, fix premature rmdir operations (bsc#1018316).

- btrfs: pin log earlier when renaming (bsc#1020975).

- btrfs: pin logs earlier when doing a rename exchange operation (bsc#1020975).

- btrfs: remove old tree_root dirent processing in btrfs_real_readdir() (bsc#981709).

- btrfs: send, add missing error check for calls to path_loop() (bsc#1018316).

- btrfs: send, avoid incorrect leaf accesses when sending utimes operations (bsc#1018316).

- btrfs: send, fix failure to move directories with the same name around (bsc#1018316).

- btrfs: send, fix invalid leaf accesses due to incorrect utimes operations (bsc#1018316).

- btrfs: send, fix warning due to late freeing of orphan_dir_info structures (bsc#1018316).

- btrfs: test_check_exists: Fix infinite loop when searching for free space entries (bsc#987192).

- btrfs: unpin log if rename operation fails (bsc#1020975).

- btrfs: unpin logs if rename exchange operation fails (bsc#1020975).

- ceph: fix bad endianness handling in parse_reply_info_extra (bsc#1020488).

- clk: xgene: Add PMD clock (bsc#1019351).

- clk: xgene: Do not call __pa on ioremaped address (bsc#1019351).

- clk: xgene: Remove CLK_IS_ROOT (bsc#1019351).

- config: enable CONFIG_OCFS2_DEBUG_MASKLOG for ocfs2 (bsc#1015038)

- config: enable Ceph kernel client modules for ppc64le

- config: enable Ceph kernel client modules for s390x

- crypto: FIPS - allow tests to be disabled in FIPS mode (bsc#1018913).

- crypto: drbg - do not call drbg_instantiate in healt test (bsc#1018913).

- crypto: drbg - remove FIPS 140-2 continuous test (bsc#1018913).

- crypto: qat - fix bar discovery for c62x (bsc#1021251).

- crypto: qat - zero esram only for DH85x devices (bsc#1021248).

- crypto: rsa - allow keys >= 2048 bits in FIPS mode (bsc#1018913).

- crypto: xts - consolidate sanity check for keys (bsc#1018913).

- crypto: xts - fix compile errors (bsc#1018913).

- cxl: fix potential NULL dereference in free_adapter() (bsc#1016517).

- dax: fix deadlock with DAX 4k holes (bsc#1012829).

- dax: fix device-dax region base (bsc#1023175).

- device-dax: check devm_nsio_enable() return value (bsc#1023175).

- device-dax: fail all private mapping attempts (bsc#1023175).

- device-dax: fix percpu_ref_exit ordering (bsc#1023175).

- driver core: fix race between creating/querying glue dir and its cleanup (bnc#1008742).

- drivers: hv: Introduce a policy for controlling channel affinity.

- drivers: hv: balloon: Add logging for dynamic memory operations.

- drivers: hv: balloon: Disable hot add when CONFIG_MEMORY_HOTPLUG is not set.

- drivers: hv: balloon: Fix info request to show max page count.

- drivers: hv: balloon: Use available memory value in pressure report.

- drivers: hv: balloon: account for gaps in hot add regions.

- drivers: hv: balloon: keep track of where ha_region starts.

- drivers: hv: balloon: replace ha_region_mutex with spinlock.

- drivers: hv: cleanup vmbus_open() for wrap around mappings.

- drivers: hv: do not leak memory in vmbus_establish_gpadl().

- drivers: hv: get rid of id in struct vmbus_channel.

- drivers: hv: get rid of redundant messagecount in create_gpadl_header().

- drivers: hv: get rid of timeout in vmbus_open().

- drivers: hv: make VMBus bus ids persistent.

- drivers: hv: ring_buffer: count on wrap around mappings in get_next_pkt_raw() (v2).

- drivers: hv: ring_buffer: use wrap around mappings in hv_copy{from, to}_ringbuffer().

- drivers: hv: ring_buffer: wrap around mappings for ring buffers.

- drivers: hv: utils: Check VSS daemon is listening before a hot backup.

- drivers: hv: utils: Continue to poll VSS channel after handling requests.

- drivers: hv: utils: Fix the mapping between host version and protocol to use.

- drivers: hv: utils: reduce HV_UTIL_NEGO_TIMEOUT timeout.

- drivers: hv: vmbus: Base host signaling strictly on the ring state.

- drivers: hv: vmbus: Enable explicit signaling policy for NIC channels.

- drivers: hv: vmbus: Implement a mechanism to tag the channel for low latency.

- drivers: hv: vmbus: Make mmio resource local.

- drivers: hv: vmbus: On the read path cleanup the logic to interrupt the host.

- drivers: hv: vmbus: On write cleanup the logic to interrupt the host.

- drivers: hv: vmbus: Reduce the delay between retries in vmbus_post_msg().

- drivers: hv: vmbus: finally fix hv_need_to_signal_on_read().

- drivers: hv: vmbus: fix the race when querying and updating the percpu list.

- drivers: hv: vmbus: suppress some 'hv_vmbus: Unknown GUID' warnings.

- drivers: hv: vss: Improve log messages.

- drivers: hv: vss: Operation timeouts should match host expectation.

- drivers: net: phy: mdio-xgene: Add hardware dependency (bsc#1019351).

- drivers: net: phy: xgene: Fix 'remove' function (bsc#1019351).

- drivers: net: xgene: Add change_mtu function (bsc#1019351).

- drivers: net: xgene: Add flow control configuration (bsc#1019351).

- drivers: net: xgene: Add flow control initialization (bsc#1019351).

- drivers: net: xgene: Add helper function (bsc#1019351).

- drivers: net: xgene: Add support for Jumbo frame (bsc#1019351).

- drivers: net: xgene: Configure classifier with pagepool (bsc#1019351).

- drivers: net: xgene: Fix MSS programming (bsc#1019351).

- drivers: net: xgene: fix build after change_mtu function change (bsc#1019351).

- drivers: net: xgene: fix: Coalescing values for v2 hardware (bsc#1019351).

- drivers: net: xgene: fix: Disable coalescing on v1 hardware (bsc#1019351).

- drivers: net: xgene: fix: RSS for non-TCP/UDP (bsc#1019351).

- drivers: net: xgene: fix: Use GPIO to get link status (bsc#1019351).

- drivers: net: xgene: uninitialized variable in xgene_enet_free_pagepool() (bsc#1019351).

- drm: Delete previous two fixes for i915 (bsc#1019061).
These upstream fixes brought some regressions, so better to revert for now.

- drm: Disable patches.drivers/drm-i915-Exit-cherryview_irq_handler-aft er-one-pass The patch seems leading to the instability on Wyse box (bsc#1015367).

- drm: Fix broken VT switch with video=1366x768 option (bsc#1018358).

- drm: Use u64 for intermediate dotclock calculations (bnc#1006472).

- drm: i915: Do not init hpd polling for vlv and chv from runtime_suspend() (bsc#1014120).

- drm: i915: Fix PCODE polling during CDCLK change notification (bsc#1015367).

- drm: i915: Fix watermarks for VLV/CHV (bsc#1011176).

- drm: i915: Force VDD off on the new power seqeuencer before starting to use it (bsc#1009674).

- drm: i915: Mark CPU cache as dirty when used for rendering (bsc#1015367).

- drm: i915: Mark i915_hpd_poll_init_work as static (bsc#1014120).

- drm: i915: Prevent PPS stealing from a normal DP port on VLV/CHV (bsc#1019061).

- drm: i915: Prevent enabling hpd polling in late suspend (bsc#1014120).

- drm: i915: Restore PPS HW state from the encoder resume hook (bsc#1019061).

- drm: i915: Workaround for DP DPMS D3 on Dell monitor (bsc#1019061).

- drm: vc4: Fix an integer overflow in temporary allocation layout (bsc#1021294).

- drm: vc4: Return -EINVAL on the overflow checks failing (bsc#1021294).

- drm: virtio-gpu: get the fb from the plane state for atomic updates (bsc#1023101).

- edac: xgene: Fix spelling mistake in error messages (bsc#1019351).

- efi: libstub: Move Graphics Output Protocol handling to generic code (bnc#974215).

- fbcon: Fix vc attr at deinit (bsc#1000619).

- fs: nfs: avoid including 'mountproto=' with no protocol in /proc/mounts (bsc#1019260).

- gpio: xgene: make explicitly non-modular (bsc#1019351).

- hv: acquire vmbus_connection.channel_mutex in vmbus_free_channels().

- hv: change clockevents unbind tactics.

- hv: do not reset hv_context.tsc_page on crash.

- hv_netvsc: Add handler for physical link speed change.

- hv_netvsc: Add query for initial physical link speed.

- hv_netvsc: Implement batching of receive completions.

- hv_netvsc: Revert 'make inline functions static'.

- hv_netvsc: Revert 'report vmbus name in ethtool'.

- hv_netvsc: add ethtool statistics for tx packet issues.

- hv_netvsc: count multicast packets received.

- hv_netvsc: dev hold/put reference to VF.

- hv_netvsc: fix a race between netvsc_send() and netvsc_init_buf().

- hv_netvsc: fix comments.

- hv_netvsc: fix rtnl locking in callback.

- hv_netvsc: improve VF device matching.

- hv_netvsc: init completion during alloc.

- hv_netvsc: make RSS hash key static.

- hv_netvsc: make device_remove void.

- hv_netvsc: make inline functions static.

- hv_netvsc: make netvsc_destroy_buf void.

- hv_netvsc: make variable local.

- hv_netvsc: rearrange start_xmit.

- hv_netvsc: refactor completion function.

- hv_netvsc: remove VF in flight counters.

- hv_netvsc: remove excessive logging on MTU change.

- hv_netvsc: report vmbus name in ethtool.

- hv_netvsc: simplify callback event code.

- hv_netvsc: style cleanups.

- hv_netvsc: use ARRAY_SIZE() for NDIS versions.

- hv_netvsc: use RCU to protect vf_netdev.

- hv_netvsc: use consume_skb.

- hv_netvsc: use kcalloc.

- hyperv: Fix spelling of HV_UNKOWN.

- i2c: designware-baytrail: Disallow the CPU to enter C6 or C7 while holding the punit semaphore (bsc#1011913).

- i2c: designware: Implement support for SMBus block read and write (bsc#1019351).

- i2c: designware: fix wrong Tx/Rx FIFO for ACPI (bsc#1019351).

- i2c: xgene: Fix missing code of DTB support (bsc#1019351).

- i40e: Be much more verbose about what we can and cannot offload (bsc#985561).

- ibmveth: calculate gso_segs for large packets (bsc#1019148).

- ibmveth: check return of skb_linearize in ibmveth_start_xmit (bsc#1019148).

- ibmveth: consolidate kmalloc of array, memset 0 to kcalloc (bsc#1019148).

- ibmveth: set correct gso_size and gso_type (bsc#1019148).

- igb: Workaround for igb i210 firmware issue (bsc#1009911).

- igb: add i211 to i210 PHY workaround (bsc#1009911).

- input: i8042: Trust firmware a bit more when probing on X86 (bsc#1011660).

- intel_idle: Add KBL support (bsc#1016884).

- ip6_gre: fix ip6gre_err() invalid reads (CVE-2017-5897, bsc#1023762).

- ipc: msg, make msgrcv work with LONG_MIN (bnc#1005918).

- iwlwifi: Expose the default fallback ucode API to module info (boo#1021082, boo#1023884).

- kgraft: iscsi-target: Do not block kGraft in iscsi_np kthread (bsc#1010612).

- kgraft: xen: Do not block kGraft in xenbus kthread (bsc#1017410).

- libnvdimm: pfn: fix align attribute (bsc#1023175).

- mailbox: xgene-slimpro: Fix wrong test for devm_kzalloc (bsc#1019351).

- md linear: fix a race between linear_add() and linear_congested() (bsc#1018446).

- md-cluster: convert the completion to wait queue.

- md-cluster: protect md_find_rdev_nr_rcu with rcu lock.

- md: ensure md devices are freed before module is unloaded (bsc#1022304).

- md: fix refcount problem on mddev when stopping array (bsc#1022304).

- misc: genwqe: ensure zero initialization.

- mm: do not loop on GFP_REPEAT high order requests if there is no reclaim progress (bnc#1013000).

- mm: memcg: do not retry precharge charges (bnc#1022559).

- mm: page_alloc: fix check for NULL preferred_zone (bnc#971975 VM performance -- page allocator).

- mm: page_alloc: fix fast-path race with cpuset update or removal (bnc#971975 VM performance -- page allocator).

- mm: page_alloc: fix premature OOM when racing with cpuset mems update (bnc#971975 VM performance -- page allocator).

- mm: page_alloc: keep pcp count and list contents in sync if struct page is corrupted (bnc#971975 VM performance
-- page allocator).

- mm: page_alloc: move cpuset seqcount checking to slowpath (bnc#971975 VM performance -- page allocator).

- mmc: sdhci-of-arasan: Remove no-hispd and no-cmd23 quirks for sdhci-arasan4.9a (bsc#1019351).

- mwifiex: add missing check for PCIe8997 chipset (bsc#1018813).

- mwifiex: fix IBSS data path issue (bsc#1018813).

- mwifiex: fix PCIe register information for 8997 chipset (bsc#1018813).

- net: af_iucv: do not use paged skbs for TX on HiperSockets (bnc#1020945, LTC#150566).

- net: ethernet: apm: xgene: use phydev from struct net_device (bsc#1019351).

- net: ethtool: Initialize buffer when querying device channel settings (bsc#969479).

- net: hyperv: avoid uninitialized variable.

- net: implement netif_cond_dbg macro (bsc#1019168).

- net: remove useless memset's in drivers get_stats64 (bsc#1019351).

- net: xgene: avoid bogus maybe-uninitialized warning (bsc#1019351).

- net: xgene: fix backward compatibility fix (bsc#1019351).

- net: xgene: fix error handling during reset (bsc#1019351).

- net: xgene: move xgene_cle_ptree_ewdn data off stack (bsc#1019351).

- netvsc: Remove mistaken udp.h inclusion.

- netvsc: add rcu_read locking to netvsc callback.

- netvsc: fix checksum on UDP IPV6.

- netvsc: reduce maximum GSO size.

- nfit: fail DSMs that return non-zero status by default (bsc#1023175).

- nfsv4: Cap the transport reconnection timer at 1/2 lease period (bsc#1014410).

- nfsv4: Cleanup the setting of the nfs4 lease period (bsc#1014410).

- nvdimm: kabi protect nd_cmd_out_size() (bsc#1023175).

- nvme: apply DELAY_BEFORE_CHK_RDY quirk at probe time too (bsc#1020685).

- ocfs2: fix deadlock on mmapped page in ocfs2_write_begin_nolock() (bnc#921494).

- pci: Add devm_request_pci_bus_resources() (bsc#1019351).

- pci: generic: Fix pci_remap_iospace() failure path (bsc#1019630).

- pci: hv: Allocate physically contiguous hypercall params buffer.

- pci: hv: Fix hv_pci_remove() for hot-remove.

- pci: hv: Handle hv_pci_generic_compl() error case.

- pci: hv: Handle vmbus_sendpacket() failure in hv_compose_msi_msg().

- pci: hv: Make unnecessarily global IRQ masking functions static.

- pci: hv: Remove the unused 'wrk' in struct hv_pcibus_device.

- pci: hv: Use list_move_tail() instead of list_del() + list_add_tail().

- pci: hv: Use pci_function_description in struct definitions.

- pci: hv: Use the correct buffer size in new_pcichild_device().

- pci: hv: Use zero-length array in struct pci_packet.

- pci: include header file (bsc#964944).

- pci: xgene: Add local struct device pointers (bsc#1019351).

- pci: xgene: Add register accessors (bsc#1019351).

- pci: xgene: Free bridge resource list on failure (bsc#1019351).

- pci: xgene: Make explicitly non-modular (bsc#1019351).

- pci: xgene: Pass struct xgene_pcie_port to setup functions (bsc#1019351).

- pci: xgene: Remove unused platform data (bsc#1019351).

- pci: xgene: Request host bridge window resources (bsc#1019351).

- perf: xgene: Remove bogus IS_ERR() check (bsc#1019351).

- phy: xgene: rename 'enum phy_mode' to 'enum xgene_phy_mode' (bsc#1019351).

- power: reset: xgene-reboot: Unmap region obtained by of_iomap (bsc#1019351).

- powerpc: fadump: Fix the race in crash_fadump() (bsc#1022971).

- qeth: check not more than 16 SBALEs on the completion queue (bnc#1009718, LTC#148203).

- raid1: Fix a regression observed during the rebuilding of degraded MDRAID VDs (bsc#1020048).

- raid1: ignore discard error (bsc#1017164).

- reiserfs: fix race in prealloc discard (bsc#987576).

- rpm: kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)

- rpm: kernel-binary.spec.in: Fix installation of /etc/uefi/certs (bsc#1019594)

- rtc: cmos: Clear ACPI-driven alarms upon resume (bsc#1022429).

- rtc: cmos: Do not enable interrupts in the middle of the interrupt handler (bsc#1022429).

- rtc: cmos: Restore alarm after resume (bsc#1022429).

- rtc: cmos: avoid unused function warning (bsc#1022429).

- s390: Fix invalid domain response handling (bnc#1009718).

- s390: cpuinfo: show maximum thread id (bnc#1009718, LTC#148580).

- s390: sysinfo: show partition extended name and UUID if available (bnc#1009718, LTC#150160).

- s390: time: LPAR offset handling (bnc#1009718, LTC#146920).

- s390: time: move PTFF definitions (bnc#1009718, LTC#146920).

- sched: Allow hotplug notifiers to be setup early (bnc#1022476).

- sched: Make wake_up_nohz_cpu() handle CPUs going offline (bnc#1022476).

- sched: core, x86/topology: Fix NUMA in package topology bug (bnc#1022476).

- sched: core: Fix incorrect utilization accounting when switching to fair class (bnc#1022476).

- sched: core: Fix set_user_nice() (bnc#1022476).

- sched: cputime: Add steal time support to full dynticks CPU time accounting (bnc#1022476).

- sched: cputime: Fix prev steal time accouting during CPU hotplug (bnc#1022476).

- sched: deadline: Always calculate end of period on sched_yield() (bnc#1022476).

- sched: deadline: Fix a bug in dl_overflow() (bnc#1022476).

- sched: deadline: Fix lock pinning warning during CPU hotplug (bnc#1022476).

- sched: deadline: Fix wrap-around in DL heap (bnc#1022476).

- sched: fair: Avoid using decay_load_missed() with a negative value (bnc#1022476).

- sched: fair: Fix fixed point arithmetic width for shares and effective load (bnc#1022476).

- sched: fair: Fix load_above_capacity fixed point arithmetic width (bnc#1022476).

- sched: fair: Fix min_vruntime tracking (bnc#1022476).

- sched: fair: Fix the wrong throttled clock time for cfs_rq_clock_task() (bnc#1022476).

- sched: fair: Improve PELT stuff some more (bnc#1022476).

- sched: rt, sched/dl: Do not push if task's scheduling class was changed (bnc#1022476).

- sched: rt: Fix PI handling vs. sched_setscheduler() (bnc#1022476).

- sched: rt: Kick RT bandwidth timer immediately on start up (bnc#1022476).

- scsi: Add 'AIX VDASD' to blacklist (bsc#1006469).

- scsi: Modify HITACHI OPEN-V blacklist entry (bsc#1006469).

- scsi: bfa: Increase requested firmware version to 3.2.5.1 (bsc#1013273).

- scsi: storvsc: Payload buffer incorrectly sized for 32 bit kernels.

- scsi_dh_alua: uninitialized variable in alua_rtpg() (bsc#1012910).

- sctp: avoid BUG_ON on sctp_wait_for_sndbuf (CVE-2017-5986, bsc#1025235).

- sd: always scan VPD pages if thin provisioning is enabled (bsc#1013792).

- serial: 8250: Integrate Fintek into 8250_base (boo#1016979). Update config files to change CONFIG_SERIAL_8250_FINTEK to boolean accordingly, too.
Also, the corresponding entry got removed from supported.conf.

- serial: 8250_fintek: fix the mismatched IRQ mode (boo#1009546).

- serial: Update metadata for serial fixes (bsc#1013001)

- ses: Fix SAS device detection in enclosure (bsc#1016403).

- sfc: reduce severity of PIO buffer alloc failures (bsc#1019168).

- sfc: refactor debug-or-warnings printks (bsc#1019168).

- sunrpc: Fix reconnection timeouts (bsc#1014410).

- sunrpc: Limit the reconnect backoff timer to the max RPC message timeout (bsc#1014410).

- supported.conf: Support Marvell WiFi/BT SDIO and pinctrl-cherrytrail (bsc#1018813)

- supported.conf: delete xilinx/ll_temac (bsc#1011602)

- target: add XCOPY target/segment desc sense codes (bsc#991273).

- target: bounds check XCOPY segment descriptor list (bsc#991273).

- target: bounds check XCOPY total descriptor list length (bsc#991273).

- target: check XCOPY segment descriptor CSCD IDs (bsc#1017170).

- target: check for XCOPY parameter truncation (bsc#991273).

- target: return UNSUPPORTED TARGET/SEGMENT DESC TYPE CODE sense (bsc#991273).

- target: simplify XCOPY wwn->se_dev lookup helper (bsc#991273).

- target: support XCOPY requests without parameters (bsc#991273).

- target: use XCOPY TOO MANY TARGET DESCRIPTORS sense (bsc#991273).

- target: use XCOPY segment descriptor CSCD IDs (bsc#1017170).

- tools: hv: Enable network manager for bonding scripts on RHEL.

- tools: hv: fix a compile warning in snprintf.

- tools: hv: kvp: configurable external scripts path.

- tools: hv: kvp: ensure kvp device fd is closed on exec.

- tools: hv: remove unnecessary header files and netlink related code.

- tools: hv: remove unnecessary link flag.

- tty: n_hdlc, fix lockdep false positive (bnc#1015840).

- uvcvideo: uvc_scan_fallback() for webcams with broken chain (bsc#1021474).

- vmbus: make sysfs names consistent with PCI.

- x86: MCE: Dump MCE to dmesg if no consumers (bsc#1013994).

- x86: hyperv: Handle unknown NMIs on one CPU when unknown_nmi_panic.

- xfs: don't allow di_size with high bit set (bsc#1024234).

- xfs: exclude never-released buffers from buftarg I/O accounting (bsc#1024508).

- xfs: fix broken multi-fsb buffer logging (bsc#1024081).

- xfs: fix buffer overflow dm_get_dirattrs/dm_get_dirattrs2 (bsc#989056).

- xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888).

- xfs: track and serialize in-flight async buffers against unmount (bsc#1024508).

- xfs: track and serialize in-flight async buffers against unmount - kABI (bsc#1024508).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
https://bugzilla.suse.com/1000092
https://bugzilla.suse.com/1000619
https://bugzilla.suse.com/1003077
https://bugzilla.suse.com/1005918
https://bugzilla.suse.com/1006469
https://bugzilla.suse.com/1006472
https://bugzilla.suse.com/1007729
https://bugzilla.suse.com/1008742
https://bugzilla.suse.com/1009546
https://bugzilla.suse.com/1009674
https://bugzilla.suse.com/1009718
https://bugzilla.suse.com/1009911
https://bugzilla.suse.com/1010612
https://bugzilla.suse.com/1010690
https://bugzilla.suse.com/1010933
https://bugzilla.suse.com/1011176
https://bugzilla.suse.com/1011602
https://bugzilla.suse.com/1011660
https://bugzilla.suse.com/1011913
https://bugzilla.suse.com/1012382
https://bugzilla.suse.com/1012422
https://bugzilla.suse.com/1012829
https://bugzilla.suse.com/1012910
https://bugzilla.suse.com/1013000
https://bugzilla.suse.com/1013001
https://bugzilla.suse.com/1013273
https://bugzilla.suse.com/1013540
https://bugzilla.suse.com/1013792
https://bugzilla.suse.com/1013994
https://bugzilla.suse.com/1014120
https://bugzilla.suse.com/1014410
https://bugzilla.suse.com/1015038
https://bugzilla.suse.com/1015367
https://bugzilla.suse.com/1015840
https://bugzilla.suse.com/1016250
https://bugzilla.suse.com/1016403
https://bugzilla.suse.com/1016517
https://bugzilla.suse.com/1016884
https://bugzilla.suse.com/1016979
https://bugzilla.suse.com/1017164
https://bugzilla.suse.com/1017170
https://bugzilla.suse.com/1017410
https://bugzilla.suse.com/1018100
https://bugzilla.suse.com/1018316
https://bugzilla.suse.com/1018358
https://bugzilla.suse.com/1018446
https://bugzilla.suse.com/1018813
https://bugzilla.suse.com/1018913
https://bugzilla.suse.com/1019061
https://bugzilla.suse.com/1019148
https://bugzilla.suse.com/1019168
https://bugzilla.suse.com/1019260
https://bugzilla.suse.com/1019351
https://bugzilla.suse.com/1019594
https://bugzilla.suse.com/1019630
https://bugzilla.suse.com/1019631
https://bugzilla.suse.com/1019784
https://bugzilla.suse.com/1019851
https://bugzilla.suse.com/1020048
https://bugzilla.suse.com/1020214
https://bugzilla.suse.com/1020488
https://bugzilla.suse.com/1020602
https://bugzilla.suse.com/1020685
https://bugzilla.suse.com/1020817
https://bugzilla.suse.com/1020945
https://bugzilla.suse.com/1020975
https://bugzilla.suse.com/1021082
https://bugzilla.suse.com/1021248
https://bugzilla.suse.com/1021251
https://bugzilla.suse.com/1021258
https://bugzilla.suse.com/1021260
https://bugzilla.suse.com/1021294
https://bugzilla.suse.com/1021455
https://bugzilla.suse.com/1021474
https://bugzilla.suse.com/1022304
https://bugzilla.suse.com/1022429
https://bugzilla.suse.com/1022476
https://bugzilla.suse.com/1022547
https://bugzilla.suse.com/1022559
https://bugzilla.suse.com/1022971
https://bugzilla.suse.com/1023101
https://bugzilla.suse.com/1023175
https://bugzilla.suse.com/1023762
https://bugzilla.suse.com/1023884
https://bugzilla.suse.com/1023888
https://bugzilla.suse.com/1024081
https://bugzilla.suse.com/1024234
https://bugzilla.suse.com/1024508
https://bugzilla.suse.com/1024938
https://bugzilla.suse.com/1025235
https://bugzilla.suse.com/921494
https://bugzilla.suse.com/959709
https://bugzilla.suse.com/964944
https://bugzilla.suse.com/969476
https://bugzilla.suse.com/969477
https://bugzilla.suse.com/969479
https://bugzilla.suse.com/971975
https://bugzilla.suse.com/974215
https://bugzilla.suse.com/981709
https://bugzilla.suse.com/982783
https://bugzilla.suse.com/985561
https://bugzilla.suse.com/987192
https://bugzilla.suse.com/987576
https://bugzilla.suse.com/989056
https://bugzilla.suse.com/991273
https://bugzilla.suse.com/998106
https://www.suse.com/security/cve/CVE-2015-8709.html
https://www.suse.com/security/cve/CVE-2016-7117.html
https://www.suse.com/security/cve/CVE-2016-9806.html
https://www.suse.com/security/cve/CVE-2017-2583.html
https://www.suse.com/security/cve/CVE-2017-2584.html
https://www.suse.com/security/cve/CVE-2017-5551.html
https://www.suse.com/security/cve/CVE-2017-5576.html
https://www.suse.com/security/cve/CVE-2017-5577.html
https://www.suse.com/security/cve/CVE-2017-5897.html
https://www.suse.com/security/cve/CVE-2017-5970.html
https://www.suse.com/security/cve/CVE-2017-5986.html
http://www.nessus.org/u?0d9dd818
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch SUSE-SLE-WE-12-SP2-2017-300=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-300=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-300=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-300=1

SUSE Linux Enterprise Live Patching 12:zypper in -t patch SUSE-SLE-Live-Patching-12-2017-300=1

SUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch SUSE-SLE-HA-12-SP2-2017-300=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-300=1

OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-300=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
Critical
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-5986
CVE CVE-2017-5970
CVE CVE-2017-5897
CVE CVE-2017-5577
CVE CVE-2017-5576
CVE CVE-2017-5551
CVE CVE-2017-2584
CVE CVE-2017-2583
CVE CVE-2016-9806
CVE CVE-2016-7117
CVE CVE-2015-8709
XREF OSVDB:152094
XREF OSVDB:151927
XREF OSVDB:151568
XREF OSVDB:150899
XREF OSVDB:150792
XREF OSVDB:150791
XREF OSVDB:150690
XREF OSVDB:150064
XREF OSVDB:148137
XREF OSVDB:145048
XREF OSVDB:132475
Plugin Information:
Published: 2017/03/01, Modified: 2017/03/01
Plugin Output

tcp/0


Remote package installed : kernel-default-4.4.21-84.1
Should be : kernel-default-4.4.49-92.11.1
100406 - SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2017:1393-1) (SambaCry)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for samba fixes the following issue :

- An unprivileged user with access to the samba server could cause smbd to load a specially crafted shared library, which then had the ability to execute arbitrary code on the server as 'root'. [CVE-2017-7494, bso#12780, bsc#1038231]

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-853=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-853=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-853=1

SUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch SUSE-SLE-HA-12-SP2-2017-853=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-853=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
Critical
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
8.3 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-7494
XREF OSVDB:158063
Exploitable With
CANVAS (true) Core Impact (true) Metasploit (true)
Plugin Information:
Published: 2017/05/25, Modified: 2017/09/01
Plugin Output

tcp/0


Remote package installed : libdcerpc-binding0-4.4.2-29.4
Should be : libdcerpc-binding0-4.4.2-38.6.1

Remote package installed : libdcerpc0-4.4.2-29.4
Should be : libdcerpc0-4.4.2-38.6.1

Remote package installed : libndr-krb5pac0-4.4.2-29.4
Should be : libndr-krb5pac0-4.4.2-38.6.1

Remote package installed : libndr-nbt0-4.4.2-29.4
Should be : libndr-nbt0-4.4.2-38.6.1

Remote package installed : libndr-standard0-4.4.2-29.4
Should be : libndr-standard0-4.4.2-38.6.1

Remote package installed : libndr0-4.4.2-29.4
Should be : libndr0-4.4.2-38.6.1

Remote package installed : libnetapi0-4.4.2-29.4
Should be : libnetapi0-4.4.2-38.6.1

Remote package installed : libsamba-credentials0-4.4.2-29.4
Should be : libsamba-credentials0-4.4.2-38.6.1

Remote package installed : libsamba-errors0-4.4.2-29.4
Should be : libsamba-errors0-4.4.2-38.6.1

Remote package installed : libsamba-hostconfig0-4.4.2-29.4
Should be : libsamba-hostconfig0-4.4.2-38.6.1

Remote package installed : libsamba-passdb0-4.4.2-29.4
Should be : libsamba-passdb0-4.4.2-38.6.1

Remote package installed : libsamba-util0-4.4.2-29.4
Should be : libsamba-util0-4.4.2-38.6.1

Remote package installed : libsamdb0-4.4.2-29.4
Should be : libsamdb0-4.4.2-38.6.1

Remote package installed : libsmbclient0-4.4.2-29.4
Should be : libsmbclient0-4.4.2-38.6.1

Remote package installed : libsmbconf0-4.4.2-29.4
Should be : libsmbconf0-4.4.2-38.6.1

Remote package installed : libsmbldap0-4.4.2-29.4
Should be : libsmbldap0-4.4.2-38.6.1

Remote package installed : libtevent-util0-4.4.2-29.4
Should be : libtevent-util0-4.4.2-38.6.1

Remote package installed : libwbclient0-4.4.2-29.4
Should be : libwbclient0-4.4.2-38.6.1

Remote package installed : samba-4.4.2-29.4
Should be : samba-4.4.2-38.6.1

Remote package installed : samba-client-4.4.2-29.4
Should be : samba-client-4.4.2-38.6.1

Remote package installed : samba-libs-4.4.2-29.4
Should be : samba-libs-4.4.2-38.6.1

Remote package installed : samba-winbind-4.4.2-29.4
Should be : samba-winbind-4.4.2-38.6.1

Remote package installed : libdcerpc-binding0-32bit-4.4.2-29.4
Should be : libdcerpc-binding0-32bit-4.4.2-38.6.1

Remote package installed : libdcerpc0-32bit-4.4.2-29.4
Should be : libdcerpc0-32bit-4.4.2-38.6.1

Remote package installed : libndr-krb5pac0-32bit-4.4.2-29.4
Should be : libndr-krb5pac0-32bit-4.4.2-38.6.1

Remote package installed : libndr-nbt0-32bit-4.4.2-29.4
Should be : libndr-nbt0-32bit-4.4.2-38.6.1

Remote package installed : libndr-standard0-32bit-4.4.2-29.4
Should be : libndr-standard0-32bit-4.4.2-38.6.1

Remote package installed : libndr0-32bit-4.4.2-29.4
Should be : libndr0-32bit-4.4.2-38.6.1

Remote package installed : libnetapi0-32bit-4.4.2-29.4
Should be : libnetapi0-32bit-4.4.2-38.6.1

Remote package installed : libsamba-credentials0-32bit-4.4.2-29.4
Should be : libsamba-credentials0-32bit-4.4.2-38.6.1

Remote package installed : libsamba-errors0-32bit-4.4.2-29.4
Should be : libsamba-errors0-32bit-4.4.2-38.6.1

Remote package installed : libsamba-hostconfig0-32bit-4.4.2-29.4
Should be : libsamba-hostconfig0-32bit-4.4.2-38.6.1

Remote package installed : libsamba-passdb0-32bit-4.4.2-29.4
Should be : libsamba-passdb0-32bit-4.4.2-38.6.1

Remote package installed : libsamba-util0-32bit-4.4.2-29.4
Should be : libsamba-util0-32bit-4.4.2-38.6.1

Remote package installed : libsamdb0-32bit-4.4.2-29.4
Should be : libsamdb0-32bit-4.4.2-38.6.1

Remote package installed : libsmbconf0-32bit-4.4.2-29.4
Should be : libsmbconf0-32bit-4.4.2-38.6.1

Remote package installed : libsmbldap0-32bit-4.4.2-29.4
Should be : libsmbldap0-32bit-4.4.2-38.6.1

Remote package installed : libtevent-util0-32bit-4.4.2-29.4
Should be : libtevent-util0-32bit-4.4.2-38.6.1

Remote package installed : libwbclient0-32bit-4.4.2-29.4
Should be : libwbclient0-32bit-4.4.2-38.6.1

Remote package installed : samba-client-32bit-4.4.2-29.4
Should be : samba-client-32bit-4.4.2-38.6.1

Remote package installed : samba-libs-32bit-4.4.2-29.4
Should be : samba-libs-32bit-4.4.2-38.6.1

Remote package installed : samba-winbind-32bit-4.4.2-29.4
Should be : samba-winbind-32bit-4.4.2-38.6.1
101204 - SUSE SLED12 / SLES12 Security Update : unrar (SUSE-SU-2017:1745-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for unrar fixes the following issues :

- CVE-2012-6706: decoding malicious RAR files could have lead to memory corruption or code execution.
(bsc#1045315).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE OpenStack Cloud 6:zypper in -t patch SUSE-OpenStack-Cloud-6-2017-1085=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1085=1

SUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1085=1

SUSE Linux Enterprise Server for SAP 12:zypper in -t patch SUSE-SLE-SAP-12-2017-1085=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1085=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1085=1

SUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1085=1

SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-2017-1085=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1085=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
Critical
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
8.3 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2012-6706
XREF OSVDB:87061
Plugin Information:
Published: 2017/07/03, Modified: 2017/08/16
Plugin Output

tcp/0


Remote package installed : unrar-5.0.14-1.28
Should be : unrar-5.0.14-3.1
101762 - SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1853-1) (Stack Clash)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.74 to receive various security and bugfixes. The following security bugs were fixed :

- CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation. (bnc#1039354).

- CVE-2017-1000380: sound/core/timer.c in the Linux kernel is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time (bnc#1044125).

- CVE-2017-7346: The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate certain levels data, which allowed local users to cause a denial of service (system hang) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031796).

- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bnc#1041431).

- CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885).

- CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1040069).

- CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039883).

- CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel did not consider that the nexthdr field may be associated with an invalid option, which allowed local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls (bnc#1039882).

- CVE-2017-8924: The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.
(bsc#1038982)

- CVE-2017-8925: The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel allowed local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.
(bsc#1038981)

- CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel mishandled reference counts, which allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface (bnc#1038879).

- CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bnc#1038544).

- CVE-2017-9150: The do_check function in kernel/bpf/verifier.c in the Linux kernel did not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allowed local users to obtain sensitive address information via crafted bpf system calls (bnc#1040279).

- CVE-2017-7618: crypto/ahash.c in the Linux kernel allowed attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue (bnc#1033340).

- CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation (bnc#1033336).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
https://bugzilla.suse.com/1003581
https://bugzilla.suse.com/1004003
https://bugzilla.suse.com/1011044
https://bugzilla.suse.com/1012060
https://bugzilla.suse.com/1012382
https://bugzilla.suse.com/1012422
https://bugzilla.suse.com/1012452
https://bugzilla.suse.com/1012829
https://bugzilla.suse.com/1012910
https://bugzilla.suse.com/1012985
https://bugzilla.suse.com/1013561
https://bugzilla.suse.com/1013887
https://bugzilla.suse.com/1015342
https://bugzilla.suse.com/1015452
https://bugzilla.suse.com/1017461
https://bugzilla.suse.com/1018885
https://bugzilla.suse.com/1020412
https://bugzilla.suse.com/1021424
https://bugzilla.suse.com/1022266
https://bugzilla.suse.com/1022595
https://bugzilla.suse.com/1023287
https://bugzilla.suse.com/1025461
https://bugzilla.suse.com/1026570
https://bugzilla.suse.com/1027101
https://bugzilla.suse.com/1027512
https://bugzilla.suse.com/1027974
https://bugzilla.suse.com/1028217
https://bugzilla.suse.com/1028310
https://bugzilla.suse.com/1028340
https://bugzilla.suse.com/1028883
https://bugzilla.suse.com/1029607
https://bugzilla.suse.com/1030057
https://bugzilla.suse.com/1030070
https://bugzilla.suse.com/1031040
https://bugzilla.suse.com/1031142
https://bugzilla.suse.com/1031147
https://bugzilla.suse.com/1031470
https://bugzilla.suse.com/1031500
https://bugzilla.suse.com/1031512
https://bugzilla.suse.com/1031555
https://bugzilla.suse.com/1031717
https://bugzilla.suse.com/1031796
https://bugzilla.suse.com/1032141
https://bugzilla.suse.com/1032339
https://bugzilla.suse.com/1032345
https://bugzilla.suse.com/1032400
https://bugzilla.suse.com/1032581
https://bugzilla.suse.com/1032803
https://bugzilla.suse.com/1033117
https://bugzilla.suse.com/1033281
https://bugzilla.suse.com/1033336
https://bugzilla.suse.com/1033340
https://bugzilla.suse.com/1033885
https://bugzilla.suse.com/1034048
https://bugzilla.suse.com/1034419
https://bugzilla.suse.com/1034635
https://bugzilla.suse.com/1034670
https://bugzilla.suse.com/1034671
https://bugzilla.suse.com/1034762
https://bugzilla.suse.com/1034902
https://bugzilla.suse.com/1034995
https://bugzilla.suse.com/1035024
https://bugzilla.suse.com/1035866
https://bugzilla.suse.com/1035887
https://bugzilla.suse.com/1035920
https://bugzilla.suse.com/1035922
https://bugzilla.suse.com/1036214
https://bugzilla.suse.com/1036638
https://bugzilla.suse.com/1036752
https://bugzilla.suse.com/1036763
https://bugzilla.suse.com/1037177
https://bugzilla.suse.com/1037186
https://bugzilla.suse.com/1037384
https://bugzilla.suse.com/1037483
https://bugzilla.suse.com/1037669
https://bugzilla.suse.com/1037840
https://bugzilla.suse.com/1037871
https://bugzilla.suse.com/1037969
https://bugzilla.suse.com/1038033
https://bugzilla.suse.com/1038043
https://bugzilla.suse.com/1038085
https://bugzilla.suse.com/1038142
https://bugzilla.suse.com/1038143
https://bugzilla.suse.com/1038297
https://bugzilla.suse.com/1038458
https://bugzilla.suse.com/1038544
https://bugzilla.suse.com/1038842
https://bugzilla.suse.com/1038843
https://bugzilla.suse.com/1038846
https://bugzilla.suse.com/1038847
https://bugzilla.suse.com/1038848
https://bugzilla.suse.com/1038879
https://bugzilla.suse.com/1038981
https://bugzilla.suse.com/1038982
https://bugzilla.suse.com/1039214
https://bugzilla.suse.com/1039348
https://bugzilla.suse.com/1039354
https://bugzilla.suse.com/1039700
https://bugzilla.suse.com/1039864
https://bugzilla.suse.com/1039882
https://bugzilla.suse.com/1039883
https://bugzilla.suse.com/1039885
https://bugzilla.suse.com/1039900
https://bugzilla.suse.com/1040069
https://bugzilla.suse.com/1040125
https://bugzilla.suse.com/1040182
https://bugzilla.suse.com/1040279
https://bugzilla.suse.com/1040351
https://bugzilla.suse.com/1040364
https://bugzilla.suse.com/1040395
https://bugzilla.suse.com/1040425
https://bugzilla.suse.com/1040463
https://bugzilla.suse.com/1040567
https://bugzilla.suse.com/1040609
https://bugzilla.suse.com/1040855
https://bugzilla.suse.com/1040929
https://bugzilla.suse.com/1040941
https://bugzilla.suse.com/1041087
https://bugzilla.suse.com/1041160
https://bugzilla.suse.com/1041168
https://bugzilla.suse.com/1041242
https://bugzilla.suse.com/1041431
https://bugzilla.suse.com/1041810
https://bugzilla.suse.com/1042286
https://bugzilla.suse.com/1042356
https://bugzilla.suse.com/1042421
https://bugzilla.suse.com/1042517
https://bugzilla.suse.com/1042535
https://bugzilla.suse.com/1042536
https://bugzilla.suse.com/1042863
https://bugzilla.suse.com/1042886
https://bugzilla.suse.com/1043014
https://bugzilla.suse.com/1043231
https://bugzilla.suse.com/1043236
https://bugzilla.suse.com/1043347
https://bugzilla.suse.com/1043371
https://bugzilla.suse.com/1043467
https://bugzilla.suse.com/1043488
https://bugzilla.suse.com/1043598
https://bugzilla.suse.com/1043912
https://bugzilla.suse.com/1043935
https://bugzilla.suse.com/1043990
https://bugzilla.suse.com/1044015
https://bugzilla.suse.com/1044082
https://bugzilla.suse.com/1044120
https://bugzilla.suse.com/1044125
https://bugzilla.suse.com/1044532
https://bugzilla.suse.com/1044767
https://bugzilla.suse.com/1044772
https://bugzilla.suse.com/1044854
https://bugzilla.suse.com/1044880
https://bugzilla.suse.com/1044912
https://bugzilla.suse.com/1045154
https://bugzilla.suse.com/1045235
https://bugzilla.suse.com/1045286
https://bugzilla.suse.com/1045307
https://bugzilla.suse.com/1045467
https://bugzilla.suse.com/1045568
https://bugzilla.suse.com/1046105
https://bugzilla.suse.com/1046434
https://bugzilla.suse.com/1046589
https://bugzilla.suse.com/799133
https://bugzilla.suse.com/863764
https://bugzilla.suse.com/922871
https://bugzilla.suse.com/939801
https://bugzilla.suse.com/966170
https://bugzilla.suse.com/966172
https://bugzilla.suse.com/966191
https://bugzilla.suse.com/966321
https://bugzilla.suse.com/966339
https://bugzilla.suse.com/971975
https://bugzilla.suse.com/988065
https://bugzilla.suse.com/989311
https://bugzilla.suse.com/990058
https://bugzilla.suse.com/990682
https://bugzilla.suse.com/993832
https://bugzilla.suse.com/995542
https://www.suse.com/security/cve/CVE-2017-1000365.html
https://www.suse.com/security/cve/CVE-2017-1000380.html
https://www.suse.com/security/cve/CVE-2017-7346.html
https://www.suse.com/security/cve/CVE-2017-7487.html
https://www.suse.com/security/cve/CVE-2017-7616.html
https://www.suse.com/security/cve/CVE-2017-7618.html
https://www.suse.com/security/cve/CVE-2017-8890.html
https://www.suse.com/security/cve/CVE-2017-8924.html
https://www.suse.com/security/cve/CVE-2017-8925.html
https://www.suse.com/security/cve/CVE-2017-9074.html
https://www.suse.com/security/cve/CVE-2017-9075.html
https://www.suse.com/security/cve/CVE-2017-9076.html
https://www.suse.com/security/cve/CVE-2017-9077.html
https://www.suse.com/security/cve/CVE-2017-9150.html
https://www.suse.com/security/cve/CVE-2017-9242.html
http://www.nessus.org/u?d03f748f
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch SUSE-SLE-WE-12-SP2-2017-1146=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1146=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1146=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1146=1

SUSE Linux Enterprise Live Patching 12:zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1146=1

SUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch SUSE-SLE-HA-12-SP2-2017-1146=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1146=1

OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1146=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
Critical
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-9242
CVE CVE-2017-9150
CVE CVE-2017-9077
CVE CVE-2017-9076
CVE CVE-2017-9075
CVE CVE-2017-9074
CVE CVE-2017-8925
CVE CVE-2017-8924
CVE CVE-2017-8890
CVE CVE-2017-7618
CVE CVE-2017-7616
CVE CVE-2017-7487
CVE CVE-2017-7346
CVE CVE-2017-1000380
CVE CVE-2017-1000365
XREF OSVDB:159368
XREF OSVDB:159145
XREF OSVDB:158171
XREF OSVDB:157916
XREF OSVDB:157876
XREF OSVDB:157815
XREF OSVDB:157814
XREF OSVDB:157813
XREF OSVDB:157492
XREF OSVDB:157489
XREF OSVDB:157483
XREF OSVDB:157334
XREF OSVDB:155208
XREF OSVDB:155190
XREF OSVDB:154709
Plugin Information:
Published: 2017/07/17, Modified: 2017/08/16
Plugin Output

tcp/0


Remote package installed : kernel-default-4.4.21-84.1
Should be : kernel-default-4.4.74-92.29.1
104806 - SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2017:3104-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for samba fixes the following issues: Security issues fixed :

- CVE-2017-14746: Use-after-free vulnerability (bsc#1060427).

- CVE-2017-15275: Server heap memory information leak (bsc#1063008). Bug fixes :

- Update 'winbind expand groups' doc in smb.conf man page (bsc#1027593).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1919=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1919=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1919=1

SUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch SUSE-SLE-HA-12-SP2-2017-1919=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1919=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
Critical
CVSS Base Score
10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:U/RL:OF/RC:C)
STIG Severity
I
References
CVE CVE-2017-15275
CVE CVE-2017-14746
XREF IAVA:2017-A-0344
XREF OSVDB:169665
XREF OSVDB:169664
Plugin Information:
Published: 2017/11/28, Modified: 2017/12/04
Plugin Output

tcp/0


Remote package installed : libdcerpc-binding0-4.4.2-29.4
Should be : libdcerpc-binding0-4.4.2-38.14.1

Remote package installed : libdcerpc0-4.4.2-29.4
Should be : libdcerpc0-4.4.2-38.14.1

Remote package installed : libndr-krb5pac0-4.4.2-29.4
Should be : libndr-krb5pac0-4.4.2-38.14.1

Remote package installed : libndr-nbt0-4.4.2-29.4
Should be : libndr-nbt0-4.4.2-38.14.1

Remote package installed : libndr-standard0-4.4.2-29.4
Should be : libndr-standard0-4.4.2-38.14.1

Remote package installed : libndr0-4.4.2-29.4
Should be : libndr0-4.4.2-38.14.1

Remote package installed : libnetapi0-4.4.2-29.4
Should be : libnetapi0-4.4.2-38.14.1

Remote package installed : libsamba-credentials0-4.4.2-29.4
Should be : libsamba-credentials0-4.4.2-38.14.1

Remote package installed : libsamba-errors0-4.4.2-29.4
Should be : libsamba-errors0-4.4.2-38.14.1

Remote package installed : libsamba-hostconfig0-4.4.2-29.4
Should be : libsamba-hostconfig0-4.4.2-38.14.1

Remote package installed : libsamba-passdb0-4.4.2-29.4
Should be : libsamba-passdb0-4.4.2-38.14.1

Remote package installed : libsamba-util0-4.4.2-29.4
Should be : libsamba-util0-4.4.2-38.14.1

Remote package installed : libsamdb0-4.4.2-29.4
Should be : libsamdb0-4.4.2-38.14.1

Remote package installed : libsmbclient0-4.4.2-29.4
Should be : libsmbclient0-4.4.2-38.14.1

Remote package installed : libsmbconf0-4.4.2-29.4
Should be : libsmbconf0-4.4.2-38.14.1

Remote package installed : libsmbldap0-4.4.2-29.4
Should be : libsmbldap0-4.4.2-38.14.1

Remote package installed : libtevent-util0-4.4.2-29.4
Should be : libtevent-util0-4.4.2-38.14.1

Remote package installed : libwbclient0-4.4.2-29.4
Should be : libwbclient0-4.4.2-38.14.1

Remote package installed : samba-4.4.2-29.4
Should be : samba-4.4.2-38.14.1

Remote package installed : samba-client-4.4.2-29.4
Should be : samba-client-4.4.2-38.14.1

Remote package installed : samba-libs-4.4.2-29.4
Should be : samba-libs-4.4.2-38.14.1

Remote package installed : samba-winbind-4.4.2-29.4
Should be : samba-winbind-4.4.2-38.14.1

Remote package installed : libdcerpc-binding0-32bit-4.4.2-29.4
Should be : libdcerpc-binding0-32bit-4.4.2-38.14.1

Remote package installed : libdcerpc0-32bit-4.4.2-29.4
Should be : libdcerpc0-32bit-4.4.2-38.14.1

Remote package installed : libndr-krb5pac0-32bit-4.4.2-29.4
Should be : libndr-krb5pac0-32bit-4.4.2-38.14.1

Remote package installed : libndr-nbt0-32bit-4.4.2-29.4
Should be : libndr-nbt0-32bit-4.4.2-38.14.1

Remote package installed : libndr-standard0-32bit-4.4.2-29.4
Should be : libndr-standard0-32bit-4.4.2-38.14.1

Remote package installed : libndr0-32bit-4.4.2-29.4
Should be : libndr0-32bit-4.4.2-38.14.1

Remote package installed : libnetapi0-32bit-4.4.2-29.4
Should be : libnetapi0-32bit-4.4.2-38.14.1

Remote package installed : libsamba-credentials0-32bit-4.4.2-29.4
Should be : libsamba-credentials0-32bit-4.4.2-38.14.1

Remote package installed : libsamba-errors0-32bit-4.4.2-29.4
Should be : libsamba-errors0-32bit-4.4.2-38.14.1

Remote package installed : libsamba-hostconfig0-32bit-4.4.2-29.4
Should be : libsamba-hostconfig0-32bit-4.4.2-38.14.1

Remote package installed : libsamba-passdb0-32bit-4.4.2-29.4
Should be : libsamba-passdb0-32bit-4.4.2-38.14.1

Remote package installed : libsamba-util0-32bit-4.4.2-29.4
Should be : libsamba-util0-32bit-4.4.2-38.14.1

Remote package installed : libsamdb0-32bit-4.4.2-29.4
Should be : libsamdb0-32bit-4.4.2-38.14.1

Remote package installed : libsmbconf0-32bit-4.4.2-29.4
Should be : libsmbconf0-32bit-4.4.2-38.14.1

Remote package installed : libsmbldap0-32bit-4.4.2-29.4
Should be : libsmbldap0-32bit-4.4.2-38.14.1

Remote package installed : libtevent-util0-32bit-4.4.2-29.4
Should be : libtevent-util0-32bit-4.4.2-38.14.1

Remote package installed : libwbclient0-32bit-4.4.2-29.4
Should be : libwbclient0-32bit-4.4.2-38.14.1

Remote package installed : samba-client-32bit-4.4.2-29.4
Should be : samba-client-32bit-4.4.2-38.14.1

Remote package installed : samba-libs-32bit-4.4.2-29.4
Should be : samba-libs-32bit-4.4.2-38.14.1

Remote package installed : samba-winbind-32bit-4.4.2-29.4
Should be : samba-winbind-32bit-4.4.2-38.14.1
95806 - SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:3146-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
The SUSE Linux Enterprise 12 SP 2 kernel was updated to fix two security issues. The following security bugs were fixed :

- CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg* or /dev/bsg* to elevate their privileges (bsc#1013604).

- CVE-2016-9794: A use-after-free vulnerability in the ALSA pcm layer allowed local users to cause a denial of service, memory corruption or possibly even to elevate their privileges (bsc#1013533).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch SUSE-SLE-WE-12-SP2-2016-1815=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2016-1815=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2016-1815=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2016-1815=1

SUSE Linux Enterprise Live Patching 12:zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1815=1

SUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch SUSE-SLE-HA-12-SP2-2016-1815=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2016-1815=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-9794
CVE CVE-2016-9576
XREF OSVDB:148443
XREF OSVDB:148388
Plugin Information:
Published: 2016/12/14, Modified: 2017/01/03
Plugin Output

tcp/0


Remote package installed : kernel-default-4.4.21-84.1
Should be : kernel-default-4.4.21-90.1
95915 - SUSE SLED12 / SLES12 Security Update : pcre (SUSE-SU-2016:3161-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for pcre to version 8.39 (bsc#972127) fixes several issues. If you use pcre extensively please be aware that this is an update to a new version. Please make sure that your software works with the updated version. This version fixes a number of vulnerabilities that affect pcre and applications using the libary when accepting untrusted input as regular expressions or as part thereof. Remote attackers could have caused the application to crash, disclose information or potentially execute arbitrary code. These security issues were fixed :

- CVE-2014-8964: Heap-based buffer overflow in PCRE allowed remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats (bsc#906574).

- CVE-2015-2325: Heap buffer overflow in compile_branch() (bsc#924960).

- CVE-2015-3210: Heap buffer overflow in pcre_compile2() / compile_regex() (bsc#933288)

- CVE-2015-3217: PCRE Library Call Stack Overflow Vulnerability in match() (bsc#933878).

- CVE-2015-5073: Library Heap Overflow Vulnerability in find_fixedlength() (bsc#936227).

- bsc#942865: heap overflow in compile_regex()

- CVE-2015-8380: The pcre_exec function in pcre_exec.c mishandled a // pattern with a \01 string, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror (bsc#957566).

- CVE-2015-2327: PCRE mishandled certain patterns with internal recursive back references, which allowed remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror (bsc#957567).

- bsc#957598: Various security issues

- CVE-2015-8381: Heap Overflow in compile_regex() (bsc#957598).

- CVE-2015-8382: Regular Expression Uninitialized Pointer Information Disclosure Vulnerability (ZDI-CAN-2547)(bsc#957598).

- CVE-2015-8383: Buffer overflow caused by repeated conditional group(bsc#957598).

- CVE-2015-8384: Buffer overflow caused by recursive back reference by name within certain group(bsc#957598).

- CVE-2015-8385: Buffer overflow caused by forward reference by name to certain group(bsc#957598).

- CVE-2015-8386: Buffer overflow caused by lookbehind assertion(bsc#957598).

- CVE-2015-8387: Integer overflow in subroutine calls(bsc#957598).

- CVE-2015-8388: Buffer overflow caused by certain patterns with an unmatched closing parenthesis(bsc#957598).

- CVE-2015-8389: Infinite recursion in JIT compiler when processing certain patterns(bsc#957598).

- CVE-2015-8390: Reading from uninitialized memory when processing certain patterns(bsc#957598).

- CVE-2015-8391: Some pathological patterns causes pcre_compile() to run for a very long time(bsc#957598).

- CVE-2015-8392: Buffer overflow caused by certain patterns with duplicated named groups(bsc#957598).

- CVE-2015-8393: Information leak when running pcgrep -q on crafted binary(bsc#957598).

- CVE-2015-8394: Integer overflow caused by missing check for certain conditions(bsc#957598).

- CVE-2015-8395: Buffer overflow caused by certain references(bsc#957598).

- CVE-2015-2328: PCRE mishandled the /((?(R)a|(?1)))+/ pattern and related patterns with certain recursion, which allowed remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression (bsc#957600).

- CVE-2016-1283: The pcre_compile2 function in pcre_compile.c in PCRE mishandled certain patterns with named subgroups, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression (bsc#960837).

- CVE-2016-3191: The compile_branch function in pcre_compile.c in pcre2_compile.c mishandled patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allowed remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted regular expression (bsc#971741). These non-security issues were fixed :

- JIT compiler improvements

- performance improvements

- The Unicode data tables have been updated to Unicode 7.0.0.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
https://bugzilla.suse.com/906574
https://bugzilla.suse.com/924960
https://bugzilla.suse.com/933288
https://bugzilla.suse.com/933878
https://bugzilla.suse.com/936227
https://bugzilla.suse.com/942865
https://bugzilla.suse.com/957566
https://bugzilla.suse.com/957567
https://bugzilla.suse.com/957598
https://bugzilla.suse.com/957600
https://bugzilla.suse.com/960837
https://bugzilla.suse.com/971741
https://bugzilla.suse.com/972127
https://www.suse.com/security/cve/CVE-2014-8964.html
https://www.suse.com/security/cve/CVE-2015-2325.html
https://www.suse.com/security/cve/CVE-2015-2327.html
https://www.suse.com/security/cve/CVE-2015-2328.html
https://www.suse.com/security/cve/CVE-2015-3210.html
https://www.suse.com/security/cve/CVE-2015-3217.html
https://www.suse.com/security/cve/CVE-2015-5073.html
https://www.suse.com/security/cve/CVE-2015-8380.html
https://www.suse.com/security/cve/CVE-2015-8381.html
https://www.suse.com/security/cve/CVE-2015-8382.html
https://www.suse.com/security/cve/CVE-2015-8383.html
https://www.suse.com/security/cve/CVE-2015-8384.html
https://www.suse.com/security/cve/CVE-2015-8385.html
https://www.suse.com/security/cve/CVE-2015-8386.html
https://www.suse.com/security/cve/CVE-2015-8387.html
https://www.suse.com/security/cve/CVE-2015-8388.html
https://www.suse.com/security/cve/CVE-2015-8389.html
https://www.suse.com/security/cve/CVE-2015-8390.html
https://www.suse.com/security/cve/CVE-2015-8391.html
https://www.suse.com/security/cve/CVE-2015-8392.html
https://www.suse.com/security/cve/CVE-2015-8393.html
https://www.suse.com/security/cve/CVE-2015-8394.html
https://www.suse.com/security/cve/CVE-2015-8395.html
https://www.suse.com/security/cve/CVE-2016-1283.html
https://www.suse.com/security/cve/CVE-2016-3191.html
http://www.nessus.org/u?eca1fd8f
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch SUSE-SLE-WE-12-SP2-2016-1827=1

SUSE Linux Enterprise Workstation Extension 12-SP1:zypper in -t patch SUSE-SLE-WE-12-SP1-2016-1827=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2016-1827=1

SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1827=1

SUSE Linux Enterprise Server for SAP 12:zypper in -t patch SUSE-SLE-SAP-12-2016-1827=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2016-1827=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2016-1827=1

SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1827=1

SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-2016-1827=1

SUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch SUSE-SLE-HA-12-SP2-2016-1827=1

SUSE Linux Enterprise High Availability 12-SP1:zypper in -t patch SUSE-SLE-HA-12-SP1-2016-1827=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2016-1827=1

SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1827=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
9.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C)
CVSS Temporal Score
6.7 (CVSS2#E:U/RL:OF/RC:C)
References
BID 75430
BID 75175
BID 75018
BID 74934
BID 71206
CVE CVE-2016-3191
CVE CVE-2016-1283
CVE CVE-2015-8395
CVE CVE-2015-8394
CVE CVE-2015-8393
CVE CVE-2015-8392
CVE CVE-2015-8391
CVE CVE-2015-8390
CVE CVE-2015-8389
CVE CVE-2015-8388
CVE CVE-2015-8387
CVE CVE-2015-8386
CVE CVE-2015-8385
CVE CVE-2015-8384
CVE CVE-2015-8383
CVE CVE-2015-8382
CVE CVE-2015-8381
CVE CVE-2015-8380
CVE CVE-2015-5073
CVE CVE-2015-3217
CVE CVE-2015-3210
CVE CVE-2015-2328
CVE CVE-2015-2327
CVE CVE-2015-2325
CVE CVE-2014-8964
XREF OSVDB:134395
XREF OSVDB:132469
XREF OSVDB:131068
XREF OSVDB:131067
XREF OSVDB:131066
XREF OSVDB:131065
XREF OSVDB:131064
XREF OSVDB:131063
XREF OSVDB:131062
XREF OSVDB:131061
XREF OSVDB:131060
XREF OSVDB:131059
XREF OSVDB:131058
XREF OSVDB:131057
XREF OSVDB:131055
XREF OSVDB:130785
XREF OSVDB:126620
XREF OSVDB:125843
XREF OSVDB:125775
XREF OSVDB:123810
XREF OSVDB:122901
XREF OSVDB:122791
XREF OSVDB:119871
XREF OSVDB:115004
XREF OSVDB:109910
XREF OSVDB:109038
Plugin Information:
Published: 2016/12/16, Modified: 2016/12/27
Plugin Output

tcp/0


Remote package installed : libpcre1-8.39-5.1
Should be : libpcre1-8.39-7.1

Remote package installed : libpcre16-0-8.39-5.1
Should be : libpcre16-0-8.39-7.1

Remote package installed : libpcre1-32bit-8.39-5.1
Should be : libpcre1-32bit-8.39-7.1
95987 - SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2016:3195-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for ntp fixes the following issues: ntp was updated to 4.2.8p9. Security issues fixed :

- CVE-2016-9311, CVE-2016-9310, bsc#1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector.

- CVE-2016-7427, bsc#1011390: Broadcast Mode Replay Prevention DoS.

- CVE-2016-7428, bsc#1011417: Broadcast Mode Poll Interval Enforcement DoS.

- CVE-2016-7431, bsc#1011395: Regression: 010-origin: Zero Origin Timestamp Bypass.

- CVE-2016-7434, bsc#1011398: NULL pointer dereference in
_IO_str_init_static_internal().

- CVE-2016-7429, bsc#1011404: Interface selection attack.

- CVE-2016-7426, bsc#1011406: Client rate limiting and server responses.

- CVE-2016-7433, bsc#1011411: Reboot sync calculation problem.

- CVE-2015-5219: An endless loop due to incorrect precision to double conversion (bsc#943216).
Non-security issues fixed :

- Fix a spurious error message.

- Other bugfixes, see /usr/share/doc/packages/ntp/ChangeLog.

- Fix a regression in 'trap' (bsc#981252).

- Reduce the number of netlink groups to listen on for changes to the local network setup (bsc#992606).

- Fix segfault in 'sntp -a' (bsc#1009434).

- Silence an OpenSSL version warning (bsc#992038).

- Make the resolver task change user and group IDs to the same values as the main task. (bsc#988028)

- Simplify ntpd's search for its own executable to prevent AppArmor warnings (bsc#956365).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2016-1853=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2016-1853=1

SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1853=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2016-1853=1

SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1853=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.9 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.1 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
5.9 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-9311
CVE CVE-2016-9310
CVE CVE-2016-7434
CVE CVE-2016-7433
CVE CVE-2016-7431
CVE CVE-2016-7429
CVE CVE-2016-7428
CVE CVE-2016-7427
CVE CVE-2016-7426
CVE CVE-2015-5219
XREF OSVDB:147603
XREF OSVDB:147602
XREF OSVDB:147601
XREF OSVDB:147600
XREF OSVDB:147599
XREF OSVDB:147597
XREF OSVDB:147596
XREF OSVDB:147595
XREF OSVDB:147594
XREF OSVDB:126665
Plugin Information:
Published: 2016/12/21, Modified: 2017/04/17
Plugin Output

tcp/0


Remote package installed : ntp-4.2.8p8-14.1
Should be : ntp-4.2.8p9-55.1
96082 - SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2016:3222-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
MozillaFirefox 45 ESR was updated to 45.6 to fix the following issues :

- MFSA 2016-95/CVE-2016-9897: Memory corruption in libGLES

- MFSA 2016-95/CVE-2016-9901: Data from Pocket server improperly sanitized before execution

- MFSA 2016-95/CVE-2016-9898: Use-after-free in Editor while manipulating DOM subtrees

- MFSA 2016-95/CVE-2016-9899: Use-after-free while manipulating DOM events and audio elements

- MFSA 2016-95/CVE-2016-9904: Cross-origin information leak in shared atoms

- MFSA 2016-95/CVE-2016-9905: Crash in EnumerateSubDocuments

- MFSA 2016-95/CVE-2016-9895: CSP bypass using marquee tag

- MFSA 2016-95/CVE-2016-9900: Restricted external resources can be loaded by SVG images through data URLs

- MFSA 2016-95/CVE-2016-9893: Memory safety bugs fixed in Firefox 50.1 and Firefox ESR 45.6

- MFSA 2016-95/CVE-2016-9902: Pocket extension does not validate the origin of events Please see https://www.mozilla.org/en-US/security/advisories/mfsa20 16-95/ for more information.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2016-1880=1

SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1880=1

SUSE Linux Enterprise Server for SAP 12:zypper in -t patch SUSE-SLE-SAP-12-2016-1880=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2016-1880=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2016-1880=1

SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1880=1

SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-2016-1880=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2016-1880=1

SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1880=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.3 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2016-9905
CVE CVE-2016-9904
CVE CVE-2016-9902
CVE CVE-2016-9901
CVE CVE-2016-9900
CVE CVE-2016-9899
CVE CVE-2016-9898
CVE CVE-2016-9897
CVE CVE-2016-9895
CVE CVE-2016-9893
XREF OSVDB:148711
XREF OSVDB:148710
XREF OSVDB:148709
XREF OSVDB:148708
XREF OSVDB:148707
XREF OSVDB:148706
XREF OSVDB:148705
XREF OSVDB:148704
XREF OSVDB:148701
XREF OSVDB:148700
XREF OSVDB:148699
XREF OSVDB:148698
XREF OSVDB:148697
XREF OSVDB:148696
XREF OSVDB:148695
XREF OSVDB:148693
XREF OSVDB:148668
XREF OSVDB:148667
XREF OSVDB:148666
Exploitable With
Core Impact (true)
Plugin Information:
Published: 2016/12/22, Modified: 2017/01/26
Plugin Output

tcp/0


Remote package installed : MozillaFirefox-45.5.1esr-93.1
Should be : MozillaFirefox-45.6.0esr-96.1

Remote package installed : MozillaFirefox-translations-45.5.1esr-93.1
Should be : MozillaFirefox-translations-45.6.0esr-96.1
96148 - SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2016:3271-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for samba fixes the following issues: Security issues fixed :

- CVE-2016-2125: Don't send delegated credentials to all servers. (bsc#1014441).

- CVE-2016-2126: Denial of service due to a client triggered crash in the winbindd parent process.
(bsc#1014442).

- CVE-2016-2123: Heap-based Buffer Overflow Remote Code Execution Vulnerability. (bsc#1014437). This component is not built into our packages, so we are not affected.
Non security issues fixed :

- s3/client: obey 'disable netbios' smb.conf param, don't connect via NBT port; (bsc#1009085)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2016-1916=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2016-1916=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2016-1916=1

SUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch SUSE-SLE-HA-12-SP2-2016-1916=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2016-1916=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS Temporal Score
6.7 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-2126
CVE CVE-2016-2125
CVE CVE-2016-2123
XREF OSVDB:149002
XREF OSVDB:149001
XREF OSVDB:149000
XREF OSVDB:14470
Plugin Information:
Published: 2016/12/27, Modified: 2017/05/15
Plugin Output

tcp/0


Remote package installed : libdcerpc-binding0-4.4.2-29.4
Should be : libdcerpc-binding0-4.4.2-31.1

Remote package installed : libdcerpc0-4.4.2-29.4
Should be : libdcerpc0-4.4.2-31.1

Remote package installed : libndr-krb5pac0-4.4.2-29.4
Should be : libndr-krb5pac0-4.4.2-31.1

Remote package installed : libndr-nbt0-4.4.2-29.4
Should be : libndr-nbt0-4.4.2-31.1

Remote package installed : libndr-standard0-4.4.2-29.4
Should be : libndr-standard0-4.4.2-31.1

Remote package installed : libndr0-4.4.2-29.4
Should be : libndr0-4.4.2-31.1

Remote package installed : libnetapi0-4.4.2-29.4
Should be : libnetapi0-4.4.2-31.1

Remote package installed : libsamba-credentials0-4.4.2-29.4
Should be : libsamba-credentials0-4.4.2-31.1

Remote package installed : libsamba-errors0-4.4.2-29.4
Should be : libsamba-errors0-4.4.2-31.1

Remote package installed : libsamba-hostconfig0-4.4.2-29.4
Should be : libsamba-hostconfig0-4.4.2-31.1

Remote package installed : libsamba-passdb0-4.4.2-29.4
Should be : libsamba-passdb0-4.4.2-31.1

Remote package installed : libsamba-util0-4.4.2-29.4
Should be : libsamba-util0-4.4.2-31.1

Remote package installed : libsamdb0-4.4.2-29.4
Should be : libsamdb0-4.4.2-31.1

Remote package installed : libsmbclient0-4.4.2-29.4
Should be : libsmbclient0-4.4.2-31.1

Remote package installed : libsmbconf0-4.4.2-29.4
Should be : libsmbconf0-4.4.2-31.1

Remote package installed : libsmbldap0-4.4.2-29.4
Should be : libsmbldap0-4.4.2-31.1

Remote package installed : libtevent-util0-4.4.2-29.4
Should be : libtevent-util0-4.4.2-31.1

Remote package installed : libwbclient0-4.4.2-29.4
Should be : libwbclient0-4.4.2-31.1

Remote package installed : samba-4.4.2-29.4
Should be : samba-4.4.2-31.1

Remote package installed : samba-client-4.4.2-29.4
Should be : samba-client-4.4.2-31.1

Remote package installed : samba-libs-4.4.2-29.4
Should be : samba-libs-4.4.2-31.1

Remote package installed : samba-winbind-4.4.2-29.4
Should be : samba-winbind-4.4.2-31.1

Remote package installed : libdcerpc-binding0-32bit-4.4.2-29.4
Should be : libdcerpc-binding0-32bit-4.4.2-31.1

Remote package installed : libdcerpc0-32bit-4.4.2-29.4
Should be : libdcerpc0-32bit-4.4.2-31.1

Remote package installed : libndr-krb5pac0-32bit-4.4.2-29.4
Should be : libndr-krb5pac0-32bit-4.4.2-31.1

Remote package installed : libndr-nbt0-32bit-4.4.2-29.4
Should be : libndr-nbt0-32bit-4.4.2-31.1

Remote package installed : libndr-standard0-32bit-4.4.2-29.4
Should be : libndr-standard0-32bit-4.4.2-31.1

Remote package installed : libndr0-32bit-4.4.2-29.4
Should be : libndr0-32bit-4.4.2-31.1

Remote package installed : libnetapi0-32bit-4.4.2-29.4
Should be : libnetapi0-32bit-4.4.2-31.1

Remote package installed : libsamba-credentials0-32bit-4.4.2-29.4
Should be : libsamba-credentials0-32bit-4.4.2-31.1

Remote package installed : libsamba-errors0-32bit-4.4.2-29.4
Should be : libsamba-errors0-32bit-4.4.2-31.1

Remote package installed : libsamba-hostconfig0-32bit-4.4.2-29.4
Should be : libsamba-hostconfig0-32bit-4.4.2-31.1

Remote package installed : libsamba-passdb0-32bit-4.4.2-29.4
Should be : libsamba-passdb0-32bit-4.4.2-31.1

Remote package installed : libsamba-util0-32bit-4.4.2-29.4
Should be : libsamba-util0-32bit-4.4.2-31.1

Remote package installed : libsamdb0-32bit-4.4.2-29.4
Should be : libsamdb0-32bit-4.4.2-31.1

Remote package installed : libsmbconf0-32bit-4.4.2-29.4
Should be : libsmbconf0-32bit-4.4.2-31.1

Remote package installed : libsmbldap0-32bit-4.4.2-29.4
Should be : libsmbldap0-32bit-4.4.2-31.1

Remote package installed : libtevent-util0-32bit-4.4.2-29.4
Should be : libtevent-util0-32bit-4.4.2-31.1

Remote package installed : libwbclient0-32bit-4.4.2-29.4
Should be : libwbclient0-32bit-4.4.2-31.1

Remote package installed : samba-client-32bit-4.4.2-29.4
Should be : samba-client-32bit-4.4.2-31.1

Remote package installed : samba-libs-32bit-4.4.2-29.4
Should be : samba-libs-32bit-4.4.2-31.1

Remote package installed : samba-winbind-32bit-4.4.2-29.4
Should be : samba-winbind-32bit-4.4.2-31.1
96264 - SUSE SLED12 / SLES12 Security Update : gstreamer-plugins-good (SUSE-SU-2016:3303-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for gstreamer-plugins-good fixes the following security issues :

- CVE-2016-9807: Flic decoder invalid read could lead to crash. (bsc#1013655)

- CVE-2016-9634: Flic out-of-bounds write could lead to code execution. (bsc#1012102)

- CVE-2016-9635: Flic out-of-bounds write could lead to code execution. (bsc#1012103)

- CVE-2016-9635: Flic out-of-bounds write could lead to code execution. (bsc#1012104)

- CVE-2016-9808: A maliciously crafted flic file can still cause invalid memory accesses. (bsc#1013653)

- CVE-2016-9810: A maliciously crafted flic file can still cause invalid memory accesses. (bsc#1013663)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2016-1939=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2016-1939=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2016-1939=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
6.2 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-9810
CVE CVE-2016-9808
CVE CVE-2016-9807
CVE CVE-2016-9636
CVE CVE-2016-9635
CVE CVE-2016-9634
XREF OSVDB:148101
XREF OSVDB:148100
XREF OSVDB:147688
Plugin Information:
Published: 2017/01/03, Modified: 2017/02/13
Plugin Output

tcp/0


Remote package installed : gstreamer-plugins-good-1.8.3-7.2
Should be : gstreamer-plugins-good-1.8.3-9.1
96265 - SUSE SLED12 / SLES12 Security Update : zlib (SUSE-SU-2017:0003-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for zlib fixes the following issues :

- CVE-2016-9843: Big-endian out-of-bounds pointer

- CVE-2016-9842: Undefined Left Shift of Negative Number (bsc#1003580) CVE-2016-9840 CVE-2016-9841: Out-of-bounds pointer arithmetic in inftrees.c (bsc#1003579) Incompatible declarations for external linkage function deflate (bsc#1003577)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-2=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-2=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-2=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-2=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-9843
CVE CVE-2016-9842
CVE CVE-2016-9841
CVE CVE-2016-9840
XREF OSVDB:148299
XREF OSVDB:148298
XREF OSVDB:148297
XREF OSVDB:148296
Plugin Information:
Published: 2017/01/03, Modified: 2017/06/02
Plugin Output

tcp/0


Remote package installed : libz1-1.2.8-7.25
Should be : libz1-1.2.8-11.1

Remote package installed : libz1-32bit-1.2.8-7.25
Should be : libz1-32bit-1.2.8-11.1
96603 - SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:0181-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.38 to receive various security and bugfixes. The following security bugs were fixed :

- CVE-2015-1350: The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allowed local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program (bnc#914939).

- CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a tty data structure (bnc#1010507).

- CVE-2016-7039: The IP stack in the Linux kernel allowed remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a related issue to CVE-2016-8666 (bnc#1001486).

- CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bnc#1004517).

- CVE-2016-7425: The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel did not restrict a certain length field, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code (bnc#999932).

- CVE-2016-7913: The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure (bnc#1010478).

- CVE-2016-7917: The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel did not check whether a batch message's length field is large enough, which allowed local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability (bnc#1010444).

- CVE-2016-8645: The TCP stack in the Linux kernel mishandled skb truncation, which allowed local users to cause a denial of service (system crash) via a crafted application that made sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c (bnc#1009969).

- CVE-2016-8666: The IP stack in the Linux kernel allowed remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039 (bnc#1003964).

- CVE-2016-9083: drivers/vfio/pci/vfio_pci.c in the Linux kernel allowed local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a 'state machine confusion bug (bnc#1007197).

- CVE-2016-9084: drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel misuses the kzalloc function, which allowed local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file (bnc#1007197).

- CVE-2016-9793: A bug in SO_{SND|RCV}BUFFORCE setsockopt() implementation was fixed, which allowed CAP_NET_ADMIN users to cause memory corruption.
(bsc#1013531).

- CVE-2016-9919: The icmp6_send function in net/ipv6/icmp.c in the Linux kernel omits a certain check of the dst data structure, which allowed remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet (bnc#1014701). The following non-security bugs were fixed :

- 8250_pci: Fix potential use-after-free in error path (bsc#1013001).

- acpi / PAD: do not register acpi_pad driver if running as Xen dom0 (bnc#995278).

- Add mainline tags to various hyperv patches

- alsa: fm801: detect FM-only card earlier (bsc#1005917).

- alsa: fm801: explicitly free IRQ line (bsc#1005917).

- alsa: fm801: propagate TUNER_ONLY bit when autodetected (bsc#1005917).

- alsa: hda - Bind with i915 only when Intel graphics is present (bsc#1012767).

- alsa: hda - Clear the leftover component assignment at snd_hdac_i915_exit() (bsc#1012767).

- alsa: hda - Degrade i915 binding failure message (bsc#1012767).

- alsa: hda - Fix yet another i915 pointer leftover in error path (bsc#1012767).

- alsa: hda - Gate the mic jack on HP Z1 Gen3 AiO (bsc#1004365).

- alsa: hda - Turn off loopback mixing as default (bsc#1001462).

- apparmor: add missing id bounds check on dfa verification (bsc#1000304).

- apparmor: check that xindex is in trans_table bounds (bsc#1000304).

- apparmor: do not check for vmalloc_addr if kvzalloc() failed (bsc#1000304).

- apparmor: do not expose kernel stack (bsc#1000304).

- apparmor: ensure the target profile name is always audited (bsc#1000304).

- apparmor: exec should not be returning ENOENT when it denies (bsc#1000304).

- apparmor: fix audit full profile hname on successful load (bsc#1000304).

- apparmor: fix change_hat not finding hat after policy replacement (bsc#1000287).

- apparmor: fix disconnected bind mnts reconnection (bsc#1000304).

- apparmor: fix log failures for all profiles in a set (bsc#1000304).

- apparmor: fix module parameters can be changed after policy is locked (bsc#1000304).

- apparmor: fix oops in profile_unpack() when policy_db is not present (bsc#1000304).

- apparmor: fix put() parent ref after updating the active ref (bsc#1000304).

- apparmor: fix refcount bug in profile replacement (bsc#1000304).

- apparmor: fix refcount race when finding a child profile (bsc#1000304).

- apparmor: fix replacement bug that adds new child to old parent (bsc#1000304).

- apparmor: fix uninitialized lsm_audit member (bsc#1000304).

- apparmor: fix update the mtime of the profile file on replacement (bsc#1000304).

- apparmor: internal paths should be treated as disconnected (bsc#1000304).

- apparmor: use list_next_entry instead of list_entry_next (bsc#1000304).

- arm64: Call numa_store_cpu_info() earlier.

- arm64/efi: Enable runtime call flag checking (bsc#1005745).

- arm64/efi: Move to generic {__,}efi_call_virt() (bsc#1005745).

- arm64: Refuse to install 4k kernel on 64k system

- arm64: Update config files. Disable CONFIG_IPMI_SI_PROBE_DEFAULTS (bsc#1006576)

- arm: bcm2835: add CPU node for ARM core (boo#1012094).

- arm: bcm2835: Split the DT for peripherals from the DT for the CPU (boo#1012094).

- asoc: cht_bsw_rt5645: Enable jack detection (bsc#1010690).

- asoc: cht_bsw_rt5645: Fix writing to string literal (bsc#1010690).

- asoc: cht_bsw_rt5672: Use HID translation unit (bsc#1010690).

- asoc: fsl_ssi: mark SACNT register volatile (bsc#1005917).

- asoc: imx-spdif: Fix crash on suspend (bsc#1005917).

- asoc: intel: add function stub when ACPI is not enabled (bsc#1010690).

- asoc: Intel: add fw name to common dsp context (bsc#1010690).

- asoc: Intel: Add missing 10EC5672 ACPI ID matching for Cherry Trail (bsc#1010690).

- asoc: Intel: Add module tags for common match module (bsc#1010690).

- asoc: Intel: add NULL test (bsc#1010690).

- AsoC: Intel: Add quirks for MinnowBoard MAX (bsc#1010690).

- asoc: Intel: Add surface3 entry in CHT-RT5645 machine (bsc#1010690).

- asoc: Intel: Atom: add 24-bit support for media playback and capture (bsc#1010690).

- ASoc: Intel: Atom: add deep buffer definitions for atom platforms (bsc#1010690).

- asoc: Intel: Atom: add definitions for modem/SSP0 interface (bsc#1010690).

- asoc: Intel: Atom: Add quirk for Surface 3 (bsc#1010690).

- asoc: Intel: Atom: add support for CHT w/ RT5640 (bsc#1010690).

- asoc: Intel: Atom: Add support for HP ElitePad 1000 G2 (bsc#1010690).

- asoc: Intel: Atom: add support for RT5642 (bsc#1010690).

- asoc: Intel: Atom: add terminate entry for dmi_system_id tables (bsc#1010690).

- asoc: Intel: Atom: auto-detection of Baytrail-CR (bsc#1010690).

- asoc: Intel: Atom: clean-up compressed DAI definition (bsc#1010690).

- asoc: Intel: atom: enable configuration of SSP0 (bsc#1010690).

- asoc: Intel: atom: fix 0-day warnings (bsc#1010690).

- asoc: Intel: Atom: fix boot warning (bsc#1010690).

- asoc: Intel: Atom: Fix message handling during drop stream (bsc#1010690).

- asoc: Intel: atom: fix missing breaks that would cause the wrong operation to execute (bsc#1010690).

- asoc: Intel: Atom: fix regression on compress DAI (bsc#1010690).

- asoc: Intel: Atom: flip logic for gain Switch (bsc#1010690).

- asoc: Intel: atom: Make some messages to debug level (bsc#1010690).

- asoc: Intel: Atom: move atom driver to common acpi match (bsc#1010690).

- asoc: Intel: atom: statify cht_quirk (bsc#1010690).

- asoc: Intel: boards: add DEEP_BUFFER support for BYT/CHT/BSW (bsc#1010690).

- asoc: Intel: boards: align pin names between byt-rt5640 drivers (bsc#1010690).

- asoc: Intel: boards: merge DMI-based quirks in bytcr-rt5640 driver (bsc#1010690).

- asoc: Intel: boards: start merging byt-rt5640 drivers (bsc#1010690).

- asoc: Intel: bytcr_rt56040: additional routing quirks (bsc#1010690).

- asoc: Intel: bytcr-rt5640: add Asus T100TAF quirks (bsc#1010690).

- asoc: Intel: bytcr_rt5640: add IN3 map (bsc#1010690).

- asoc: Intel: bytcr_rt5640: add MCLK support (bsc#1010690).

- asoc: Intel: bytcr_rt5640: Add quirk for Teclast X98 Air 3G tablet (bsc#1010690).

- asoc: Intel: bytcr_rt5640: add SSP2_AIF2 routing (bsc#1010690).

- asoc: Intel: bytcr_rt5640: change quirk position (bsc#1010690).

- asoc: Intel: bytcr_rt5640: default routing and quirks on Baytrail-CR (bsc#1010690).

- asoc: Intel: bytcr-rt5640: enable ASRC (bsc#1010690).

- asoc: Intel: bytcr_rt5640: enable differential mic quirk (bsc#1010690).

- asoc: Intel: bytcr_rt5640: fallback mechanism if MCLK is not enabled (bsc#1010690).

- asoc: Intel: bytcr_rt5640: fix dai/clock setup for SSP0 routing (bsc#1010690).

- asoc: Intel: bytcr_rt5640: fixup DAI codec_name with HID (bsc#1010690).

- asoc: Intel: bytcr_rt5640: log quirks (bsc#1010690).

- asoc: Intel: bytcr_rt5640: quirk for Acer Aspire SWS-012 (bsc#1010690).

- asoc: Intel: bytcr_rt5640: quirk for mono speaker (bsc#1010690).

- asoc: Intel: bytcr_rt5640: set SSP to I2S mode 2ch (bsc#1010690).

- asoc: Intel: bytcr_rt5640: use HID translation util (bsc#1010690).

- asoc: Intel: cht: fix uninit variable warning (bsc#1010690).

- asoc: Intel: common: add translation from HID to codec-name (bsc#1010690).

- asoc: Intel: common: filter ACPI devices with _STA return value (bsc#1010690).

- asoc: Intel: common: increase the loglevel of 'FW Poll Status' (bsc#1010690).

- asoc: Intel: Create independent acpi match module (bsc#1010690).

- asoc: intel: Fix sst-dsp dependency on dw stuff (bsc#1010690).

- asoc: Intel: Keep building old baytrail machine drivers (bsc#1010690).

- asoc: Intel: Load the atom DPCM driver only (bsc#1010690).

- asoc: intel: make function stub static (bsc#1010690).

- asoc: Intel: Move apci find machine routines (bsc#1010690).

- asoc: Intel: pass correct parameter in sst_alloc_stream_mrfld() (bsc#1005917).

- asoc: intel: Replace kthread with work (bsc#1010690).

- asoc: Intel: Skylake: Always acquire runtime pm ref on unload (bsc#1005917).

- asoc: Intel: sst: fix sst_memcpy32 wrong with non-4x bytes issue (bsc#1010690).

- asoc: rt5640: add ASRC support (bsc#1010690).

- asoc: rt5640: add internal clock source support (bsc#1010690).

- asoc: rt5640: add master clock handling for rt5640 (bsc#1010690).

- asoc: rt5640: add supplys for dac power (bsc#1010690).

- asoc: rt5640: remove unused variable (bsc#1010690).

- asoc: rt5640: Set PLL src according to source (bsc#1010690).

- asoc: rt5645: add DAC1 soft volume func control (bsc#1010690).

- asoc: rt5645: Add dmi_system_id 'Google Setzer' (bsc#1010690).

- asoc: rt5645: extend delay time for headphone pop noise (bsc#1010690).

- asoc: rt5645: fix reg-2f default value (bsc#1010690).

- asoc: rt5645: improve headphone pop when system resumes from S3 (bsc#1010690).

- asoc: rt5645: improve IRQ reaction time for HS button (bsc#1010690).

- asoc: rt5645: merge DMI tables of google projects (bsc#1010690).

- asoc: rt5645: patch reg-0x8a (bsc#1010690).

- asoc: rt5645: polling jd status in all conditions (bsc#1010690).

- asoc: rt5645: Separate regmap for rt5645 and rt5650 (bsc#1010690).

- asoc: rt5645: set RT5645_PRIV_INDEX as volatile (bsc#1010690).

- asoc: rt5645: use polling to support HS button (bsc#1010690).

- asoc: rt5645: Use the mod_delayed_work instead of the queue_delayed_work and cancel_delayed_work_sync (bsc#1010690).

- asoc: rt5670: Add missing 10EC5072 ACPI ID (bsc#1010690).

- asoc: rt5670: Enable Braswell platform workaround for Dell Wyse 3040 (bsc#1010690).

- asoc: rt5670: fix HP Playback Volume control (bsc#1010690).

- asoc: rt5670: patch reg-0x8a (bsc#1010690).

- asoc: simple-card: do not fail if sysclk setting is not supported (bsc#1005917).

- asoc: tegra_alc5632: check return value (bsc#1005917).

- asoc: wm8960: Fix WM8960_SYSCLK_PLL mode (bsc#1005917).

- autofs: fix multiple races (bsc#997639).

- autofs: use dentry flags to block walks during expire (bsc#997639).

- blacklist.conf: Add dup / unapplicable commits (bsc#1005545).

- blacklist.conf: Add i915 stable commits that can be ignored (bsc#1015367)

- blacklist.conf: add inapplicable / duped commits (bsc#1005917)

- blacklist.conf: ignore commit bfe6c8a89e03 ('arm64: Fix NUMA build error when !CONFIG_ACPI')

- blacklist.conf: Remove intel_pstate potential patch that SLE 12 SP2 The code layout upstream that motivated this patch is completely different to what is in SLE 12 SP2 as schedutil was not backported.

- block_dev: do not test bdev->bd_contains when it is not stable (bsc#1008557).

- bna: Add synchronization for tx ring (bsc#993739).

- btrfs: allocate root item at snapshot ioctl time (bsc#1012452).

- btrfs: better packing of btrfs_delayed_extent_op (bsc#1012452).

- btrfs: Check metadata redundancy on balance (bsc#1012452).

- btrfs: clean up an error code in btrfs_init_space_info() (bsc#1012452).

- btrfs: cleanup, stop casting for extent_map->lookup everywhere (bsc#1012452).

- btrfs: cleanup, use enum values for btrfs_path reada (bsc#1012452).

- btrfs: deal with duplicates during extent_map insertion in btrfs_get_extent (bsc#1001171).

- btrfs: deal with existing encompassing extent map in btrfs_get_extent() (bsc#1001171).

- btrfs: do an allocation earlier during snapshot creation (bsc#1012452).

- btrfs: do not create or leak aliased root while cleaning up orphans (bsc#994881).

- btrfs: do not leave dangling dentry if symlink creation failed (bsc#1012452).

- btrfs: do not use slab cache for struct btrfs_delalloc_work (bsc#1012452).

- btrfs: drop duplicate prefix from scrub workqueues (bsc#1012452).

- btrfs: drop unused parameter from lock_extent_bits (bsc#1012452).

- btrfs: Enhance chunk validation check (bsc#1012452).

- btrfs: Enhance super validation check (bsc#1012452).

- btrfs: Ensure proper sector alignment for btrfs_free_reserved_data_space (bsc#1005666).

- btrfs: Expoert and move leaf/subtree qgroup helpers to qgroup.c (bsc983087, bsc986255).

- btrfs: fix endless loop in balancing block groups (bsc#1006804).

- btrfs: fix incremental send failure caused by balance (bsc#985850).

- btrfs: fix locking bugs when defragging leaves (bsc#1012452).

- btrfs: fix memory leaks after transaction is aborted (bsc#1012452).

- btrfs: fix output of compression message in btrfs_parse_options() (bsc#1012452).

- btrfs: fix race between free space endio workers and space cache writeout (bsc#1012452).

- btrfs: fix races on root_log_ctx lists (bsc#1007653).

- btrfs: fix race when finishing dev replace leading to transaction abort (bsc#1012452).

- btrfs: fix relocation incorrectly dropping data references (bsc#990384).

- btrfs: fix typo in log message when starting a balance (bsc#1012452).

- btrfs: fix unprotected list operations at btrfs_write_dirty_block_groups (bsc#1012452).

- btrfs: handle quota reserve failure properly (bsc#1005666).

- btrfs: make btrfs_close_one_device static (bsc#1012452).

- btrfs: make clear_extent_bit helpers static inline (bsc#1012452).

- btrfs: make clear_extent_buffer_uptodate return void (bsc#1012452).

- btrfs: make end_extent_writepage return void (bsc#1012452).

- btrfs: make extent_clear_unlock_delalloc return void (bsc#1012452).

- btrfs: make extent_range_clear_dirty_for_io return void (bsc#1012452).

- btrfs: make extent_range_redirty_for_io return void (bsc#1012452).

- btrfs: make lock_extent static inline (bsc#1012452).

- btrfs: make set_extent_bit helpers static inline (bsc#1012452).

- btrfs: make set_extent_buffer_uptodate return void (bsc#1012452).

- btrfs: make set_range_writeback return void (bsc#1012452).

- btrfs: preallocate path for snapshot creation at ioctl time (bsc#1012452).

- btrfs: put delayed item hook into inode (bsc#1012452).

- btrfs: qgroup: Add comments explaining how btrfs qgroup works (bsc983087, bsc986255).

- btrfs: qgroup: Fix qgroup data leaking by using subtree tracing (bsc983087, bsc986255).

- btrfs: qgroup: Rename functions to make it follow reserve, trace, account steps (bsc983087, bsc986255).

- btrfs: remove a trivial helper btrfs_set_buffer_uptodate (bsc#1012452).

- btrfs: remove root_log_ctx from ctx list before btrfs_sync_log returns (bsc#1007653).

- btrfs: remove unused inode argument from uncompress_inline() (bsc#1012452).

- btrfs: remove wait from struct btrfs_delalloc_work (bsc#1012452).

- btrfs: send, do not bug on inconsistent snapshots (bsc#985850).

- btrfs: sink parameter wait to btrfs_alloc_delalloc_work (bsc#1012452).

- btrfs: Support convert to -d dup for btrfs-convert (bsc#1012452).

- btrfs: use GFP_KERNEL for allocations in ioctl handlers (bsc#1012452).

- btrfs: use GFP_KERNEL for allocations of workqueues (bsc#1012452).

- btrfs: use GFP_KERNEL for xattr and acl allocations (bsc#1012452).

- btrfs: use smaller type for btrfs_path locks (bsc#1012452).

- btrfs: use smaller type for btrfs_path lowest_level (bsc#1012452).

- btrfs: use smaller type for btrfs_path reada (bsc#1012452).

- btrfs: verbose error when we find an unexpected item in sys_array (bsc#1012452).

- cdc-acm: added sanity checking for probe() (bsc#993891).

- cxgbi: fix uninitialized flowi6 (bsc#963904 FATE#320115).

- Delete patches.fixes/apparmor-initialize-common_audit_data.patc h (bsc#1000304) It'll be fixed in the upcoming apparmor fix series from upstream.

- dell-laptop: Fixate rfkill work on CPU#0 (bsc#1004052).

- dell-wmi: Check if Dell WMI descriptor structure is valid (bsc#1004052).

- dell-wmi: Clean up hotkey table size check (bsc#1004052).

- dell-wmi: Ignore WMI event code 0xe045 (bsc#1004052).

- dell-wmi: Improve unknown hotkey handling (bsc#1004052).

- dell-wmi: Process only one event on devices with interface version 0 (bsc#1004052).

- dell-wmi: Stop storing pointers to DMI tables (bsc#1004052).

- dell-wmi: Support new hotkeys on the XPS 13 9350 (Skylake) (bsc#1004052).

- dell_wmi: Use a C99-style array for bios_to_linux_keycode (bsc#1004052).

- Drivers: hv: utils: fix a race on userspace daemons registration (bnc#1014392).

- drm/amdgpu: Do not leak runtime pm ref on driver load (bsc#1005545).

- drm/amdgpu: Do not leak runtime pm ref on driver unload (bsc#1005545).

- drm/i915: Acquire audio powerwell for HD-Audio registers (bsc#1005545).

- drm/i915: add helpers for platform specific revision id range checks (bsc#1015367).

- drm/i915: Add missing ring_mask to Pineview (bsc#1005917).

- drm/i915: Apply broader WaRsDisableCoarsePowerGating for guc also (bsc#1015367).

- drm/i915/bxt: add revision id for A1 stepping and use it (bsc#1015367).

- drm/i915: Calculate watermark related members in the crtc_state, v4 (bsc#1011176).

- drm/i915: Call intel_dp_mst_resume() before resuming displays (bsc#1015359).

- drm/i915: call kunmap_px on pt_vaddr (bsc#1005545).

- drm/i915: Cleaning up DDI translation tables (bsc#1014392).

- drm/i915: Clean up L3 SQC register field definitions (bsc#1014392).

- drm/i915/dsi: fix CHV dsi encoder hardware state readout on port C (bsc#1015367).

- drm/i915: Enable polling when we do not have hpd (bsc#1014120).

- drm/i915: Exit cherryview_irq_handler() after one pass (bsc#1015367).

- drm/i915: Fix iboost setting for SKL Y/U DP DDI buffer translation entry 2 (bsc#1014392).

- drm/i915: Fix system resume if PCI device remained enabled (bsc#1015367).

- drm/i915: fix the SDE irq dmesg warnings properly (bsc#1005545).

- drm/i915: Fix VBT backlight Hz to PWM conversion for PNV (bsc#1005545).

- drm/i915: Fix vbt PWM max setup for CTG (bsc#1005545).

- drm/i915: Force ringbuffers to not be at offset 0 (bsc#1015367).

- drm/i915/gen9: Add WaInPlaceDecompressionHang (bsc#1014392).

- drm/i915/ivb: Move WaCxSRDisabledForSpriteScaling w/a to atomic check (bsc#1011176).

- drm/i915: Kill intel_runtime_pm_disable() (bsc#1005545).

- drm/i915: Make plane fb tracking work correctly, v2 (bsc#1004048).

- drm/i915: Make prepare_plane_fb fully interruptible (bsc#1004048).

- drm/i915: Move disable_cxsr to the crtc_state (bsc#1011176).

- drm/i915: On fb alloc failure, unref gem object where it gets refed (bsc#1005545).

- drm/i915: Only call commit_planes when there are things to commit (bsc#1004048).

- drm/i915: Only commit active planes when updating planes during reset (bsc#1004048).

- drm/i915: Only run commit when crtc is active, v2 (bsc#1004048).

- drm/i915: remove parens around revision ids (bsc#1015367).

- drm/i915: Set crtc_state->lane_count for HDMI (bsc#1005545).

- drm/i915/skl: Add WaDisableGafsUnitClkGating (bsc#1014392).

- drm/i915/skl: Fix rc6 based gpu/system hang (bsc#1015367).

- drm/i915/skl: Fix spurious gpu hang with gt3/gt4 revs (bsc#1015367).

- drm/i915/skl: Update DDI translation tables for SKL (bsc#1014392).

- drm/i915/skl: Update watermarks before the crtc is disabled (bsc#1015367).

- drm/i915: suppress spurious !wm_changed warning (bsc#1006267).

- drm/i915: Unconditionally flush any chipset buffers before execbuf (bsc#1005545).

- drm/i915: Update legacy primary state outside the commit hook, v2 (bsc#1004048).

- drm/i915: Update Skylake DDI translation table for DP (bsc#1014392).

- drm/i915: Update Skylake DDI translation table for HDMI (bsc#1014392).

- drm/i915/userptr: Hold mmref whilst calling get-user-pages (bsc#1015367).

- drm/i915/vlv: Disable HPD in valleyview_crt_detect_hotplug() (bsc#1014120).

- drm/i915/vlv: Make intel_crt_reset() per-encoder (bsc#1014120).

- drm/i915/vlv: Reset the ADPA in vlv_display_power_well_init() (bsc#1014120).

- drm/i915: Wait for power cycle delay after turning off DSI panel power (bsc#1005545).

- drm/i915: Wait up to 3ms for the pcu to ack the cdclk change request on SKL (bsc#1005545).

- drm/layerscape: reduce excessive stack usage (bsc#1005545).

- drm/mgag200: fix error return code in mgag200fb_create() (bsc#1005917).

- drm/nouveau: Do not leak runtime pm ref on driver unload (bsc#1005545).

- drm/radeon: Also call cursor_move_locked when the cursor size changes (bsc#1000433).

- drm/radeon: Always store CRTC relative radeon_crtc->cursor_x/y values (bsc#1000433).

- drm/radeon/ci add comment to document intentionally unreachable code (bsc#1005545).

- drm/radeon: Do not leak runtime pm ref on driver load (bsc#1005545).

- drm/radeon: Do not leak runtime pm ref on driver unload (bsc#1005545).

- drm/radeon: Ensure vblank interrupt is enabled on DPMS transition to on (bsc#998054)

- drm/radeon: Hide the HW cursor while it's out of bounds (bsc#1000433).

- drm/radeon: Switch to drm_vblank_on/off (bsc#998054).

- drm/rockchip: fix a couple off by one bugs (bsc#1005545).

- drm/tegra: checking for IS_ERR() instead of NULL (bsc#1005545).

- edac/mce_amd: Add missing SMCA error descriptions (fate#320474, bsc#1013700).

- edac/mce_amd: Use SMCA prefix for error descriptions arrays (fate#320474, bsc#1013700).

- efi/arm64: Do not apply MEMBLOCK_NOMAP to UEFI memory map mapping (bsc#986987).

- efi: ARM: avoid warning about phys_addr_t cast.

- efi/runtime-wrappers: Add {__,}efi_call_virt() templates (bsc#1005745).

- efi/runtime-wrappers: Detect firmware IRQ flag corruption (bsc#1005745).

- efi/runtime-wrappers: Remove redundant #ifdefs (bsc#1005745).

- ext4: fix data exposure after a crash (bsc#1012829).

- Fix kabi change cause by adding flock_owner to open_context (bsc#998689).

- Fixup UNMAP calculation (bsc#1005327)

- fs, block: force direct-I/O for dax-enabled block devices (bsc#1012992).

- fs/cifs: cifs_get_root shouldn't use path with tree name (bsc#963655, bsc#979681).

- fs/cifs: Compare prepaths when comparing superblocks (bsc#799133).

- fs/cifs: Fix memory leaks in cifs_do_mount() (bsc#799133).

- fs/cifs: Move check for prefix path to within cifs_get_root() (bsc#799133).

- fs/select: add vmalloc fallback for select(2) (bsc#1000189).

- genirq: Add untracked irq handler (bsc#1006827).

- genirq: Use a common macro to go through the actions list (bsc#1006827).

- gpio: generic: make bgpio_pdata always visible.

- gpio: Restore indentation of parent device setup.

- gre: Disable segmentation offloads w/ CSUM and we are encapsulated via FOU (bsc#1001486).

- gro: Allow tunnel stacking in the case of FOU/GUE (bsc#1001486).

- gro_cells: mark napi struct as not busy poll candidates (bsc#966191 FATE#320230 bsc#966186 FATE#320228).

- group-source-files.pl: mark arch/*/scripts as devel make[2]:
/usr/src/linux-4.6.4-2/arch/powerpc/scripts/gcc-check-mp rofile-kernel.sh: C ommand not found

- hpsa: fallback to use legacy REPORT PHYS command (bsc#1006175).

- hpsa: use bus '3' for legacy HBA devices (bsc#1010665).

- hpsa: use correct DID_NO_CONNECT hostbyte (bsc#1010665).

- hv: do not lose pending heartbeat vmbus packets (bnc#1006918).

- i2c: designware-baytrail: Add support for cherrytrail (bsc#1011913).

- i2c: designware-baytrail: Pass dw_i2c_dev into helper functions (bsc#1011913).

- i2c: designware-baytrail: Work around Cherry Trail semaphore errors (bsc#1011913).

- i2c: designware: Prevent runtime suspend during adapter registration (bsc#1011913).

- i2c: designware: retry transfer on transient failure (bsc#1011913).

- i2c: designware: Use transfer timeout from ioctl I2C_TIMEOUT (bsc#1011913).

- i2c: Enable CONFIG_I2C_DESIGNWARE_PLATFORM and
*_BAYTRAIL (bsc#1010690) Realtek codecs on CHT platform require this i2c bus driver.

- i2c: xgene: Avoid dma_buffer overrun (bsc#1006576).

- i40e: fix an uninitialized variable bug (bsc#969476 FATE#319648).

- i40e: fix broken i40e_config_rss_aq function (bsc#969476 FATE#319648 bsc#969477 FATE#319816).

- i40e: Remove redundant memset (bsc#969476 FATE#319648 bsc#969477 FATE#319816).

- i40iw: Add missing check for interface already open (bsc#974842 FATE#319831 bsc#974843 FATE#319832).

- i40iw: Add missing NULL check for MPA private data (bsc#974842 FATE#319831 bsc#974843 FATE#319832).

- i40iw: Avoid writing to freed memory (bsc#974842 FATE#319831 bsc#974843 FATE#319832).

- i40iw: Change mem_resources pointer to a u8 (bsc#974842 FATE#319831 bsc#974843 FATE#319832).

- i40iw: Do not set self-referencing pointer to NULL after kfree (bsc#974842 FATE#319831 bsc#974843 FATE#319832).

- i40iw: Fix double free of allocated_buffer (bsc#974842 FATE#319831 bsc#974843 FATE#319832).

- i40iw: Protect req_resource_num update (bsc#974842 FATE#319831 bsc#974843 FATE#319832).

- i40iw: Receive notification events correctly (bsc#974842 FATE#319831 bsc#974843 FATE#319832).

- i40iw: Send last streaming mode message for loopback connections (bsc#974842 FATE#319831 bsc#974843 FATE#319832).

- i40iw: Update hw_iwarp_state (bsc#974842 FATE#319831 bsc#974843 FATE#319832).

- ib/core: Fix possible memory leak in cma_resolve_iboe_route() (bsc#966191 FATE#320230 bsc#966186 FATE#320228).

- ib/mlx5: Fix iteration overrun in GSI qps (bsc#966170 FATE#320225 bsc#966172 FATE#320226).

- ib/mlx5: Fix steering resource leak (bsc#966170 FATE#320225 bsc#966172 FATE#320226).

- ib/mlx5: Set source mac address in FTE (bsc#966170 FATE#320225 bsc#966172 FATE#320226).

- ibmvnic: convert to use simple_open() (bsc#1015416).

- ibmvnic: Driver Version 1.0.1 (bsc#1015416).

- ibmvnic: drop duplicate header seq_file.h (bsc#1015416).

- ibmvnic: fix error return code in ibmvnic_probe() (bsc#1015416).

- ibmvnic: Fix GFP_KERNEL allocation in interrupt context (bsc#1015416).

- ibmvnic: Fix missing brackets in init_sub_crq_irqs (bsc#1015416).

- ibmvnic: Fix releasing of sub-CRQ IRQs in interrupt context (bsc#1015416).

- ibmvnic: Fix size of debugfs name buffer (bsc#1015416).

- ibmvnic: Handle backing device failover and reinitialization (bsc#1015416).

- ibmvnic: Start completion queue negotiation at server-provided optimum values (bsc#1015416).

- ibmvnic: Unmap ibmvnic_statistics structure (bsc#1015416).

- ibmvnic: Update MTU after device initialization (bsc#1015416).

- input: ALPS - add touchstick support for SS5 hardware (bsc#987703).

- input: ALPS - allow touchsticks to report pressure (bsc#987703).

- input: ALPS - handle 0-pressure 1F events (bsc#987703).

- input: ALPS - set DualPoint flag for 74 03 28 devices (bsc#987703).

- iommu/arm-smmu: Add support for 16 bit VMID (fate#319978).

- iommu/arm-smmu: Workaround for ThunderX erratum #27704 (fate#319978).

- ipc/sem.c: add cond_resched in exit_sme (bsc#979378).

- ipmi_si: create hardware-independent softdep for ipmi_devintf (bsc#1009062).

- ixgbe: Do not clear RAR entry when clearing VMDq for SAN MAC (bsc#969474 FATE#319812 bsc#969475 FATE#319814).

- ixgbe: Force VLNCTRL.VFE to be set in all VMDq paths (bsc#969474 FATE#319812 bsc#969475 FATE#319814).

- kABI: protect struct dw_mci.

- kABI: protect struct mmc_packed (kabi).

- kABI: reintroduce iov_iter_fault_in_multipages_readable.

- kABI: reintroduce sk_filter (kabi).

- kABI: reintroduce strtobool (kabi).

- kABI: restore ip_cmsg_recv_offset parameters (kabi).

- kabi/severities: Ignore kABI for asoc Intel SST drivers (bsc#1010690) These drivers are self-contained, not for 3rd party drivers.

- kabi/severities: Whitelist libceph and rbd (bsc#988715).
Like SLE12-SP1.

- kernel-module-subpackage: Properly quote flavor in expressions That fixes a parse error if the flavor starts with a digit or contains other non-alphabetic characters.

- kgr: ignore zombie tasks during the patching (bnc#1008979).

- kvm: arm/arm64: Fix occasional warning from the timer work function (bsc#988524).

- kvm: x86: correctly reset dest_map->vector when restoring LAPIC state (bsc#966471).

- libceph: enable large, variable-sized OSD requests (bsc#988715).

- libceph: make r_request msg_size calculation clearer (bsc#988715).

- libceph: move r_reply_op_{len,result} into struct ceph_osd_req_op (bsc#988715).

- libceph: osdc->req_mempool should be backed by a slab pool (bsc#988715).

- libceph: rename ceph_osd_req_op::payload_len to indata_len (bsc#988715).

- lib/mpi: avoid assembler warning (bsc#1003581).

- lib/mpi: mpi_read_buffer(): fix buffer overflow (bsc#1003581).

- lib/mpi: mpi_read_buffer(): optimize skipping of leading zero limbs (bsc#1003581).

- lib/mpi: mpi_read_buffer(): replace open coded endian conversion (bsc#1003581).

- lib/mpi: mpi_write_sgl(): fix out-of-bounds stack access (bsc#1003581).

- lib/mpi: mpi_write_sgl(): fix style issue with lzero decrement (bsc#1003581).

- lib/mpi: mpi_write_sgl(): purge redundant pointer arithmetic (bsc#1003581).

- lib/mpi: mpi_write_sgl(): replace open coded endian conversion (bsc#1003581).

- lib/mpi: use 'static inline' instead of 'extern inline' (bsc#1003581).

- locking/pv-qspinlock: Use cmpxchg_release() in
__pv_queued_spin_unlock() (bsc#969756).

- locking/rtmutex: Prevent dequeue vs. unlock race (bsc#1015212).

- locking/rtmutex: Use READ_ONCE() in rt_mutex_owner() (bsc#1015212).

- mailbox/xgene-slimpro: Checking for IS_ERR instead of NULL.

- md/raid1: fix: IO can block resync indefinitely (bsc#1001310).

- mlx4: Do not BUG_ON() if device reset failed (bsc#1001888).

- mm: do not use radix tree writeback tags for pages in swap cache (bnc#971975 VM performance -- swap).

- mm: filemap: do not plant shadow entries without radix tree node (bnc#1005929).

- mm: filemap: fix mapping->nrpages double accounting in fuse (bnc#1005929).

- mm/filemap: generic_file_read_iter(): check for zero reads unconditionally (bnc#1007955).

- mm/mprotect.c: do not touch single threaded PTEs which are on the right node (bnc#971975 VM performance -- numa balancing).

- mm: workingset: fix crash in shadow node shrinker caused by replace_page_cache_page() (bnc#1005929).

- mm/zswap: use workqueue to destroy pool (VM Functionality, bsc#1005923).

- net: icmp6_send should use dst dev to determine L3 domain (bsc#1014701).

- net: ipv6: tcp reset, icmp need to consider L3 domain (bsc#1014701).

- net/mlx4_en: Fix panic on xmit while port is down (bsc#966191 FATE#320230).

- net/mlx5: Add ConnectX-5 PCIe 4.0 to list of supported devices (bsc#1006809).

- net/mlx5: Add error prints when validate ETS failed (bsc#966170 FATE#320225 bsc#966172 FATE#320226).

- net/mlx5: Avoid setting unused var when modifying vport node GUID (bsc#966170 FATE#320225 bsc#966172 FATE#320226).

- net/mlx5e: Use correct flow dissector key on flower offloading (bsc#966170 FATE#320225 bsc#966172 FATE#320226).

- net/mlx5: Fix autogroups groups num not decreasing (bsc#966170 FATE#320225 bsc#966172 FATE#320226).

- net/mlx5: Fix teardown errors that happen in pci error handler (bsc#1001169).

- net/mlx5: Keep autogroups list ordered (bsc#966170 FATE#320225 bsc#966172 FATE#320226).

- net_sched: fix a typo in tc_for_each_action() (bsc#966170 FATE#320225 bsc#966172 FATE#320226).

- net: sctp, forbid negative length (bnc#1005921).

- netvsc: fix incorrect receive checksum offloading (bnc#1006915).

- nfs: nfs4_fl_prepare_ds must be careful about reporting success (bsc#1000776).

- nfsv4: add flock_owner to open context (bnc#998689).

- nfsv4: change nfs4_do_setattr to take an open_context instead of a nfs4_state (bnc#998689).

- nfsv4: change nfs4_select_rw_stateid to take a lock_context inplace of lock_owner (bnc#998689).

- nfsv4: enhance nfs4_copy_lock_stateid to use a flock stateid if there is one (bnc#998689).

- oom: print nodemask in the oom report (bnc#1003866).

- overlayfs: allow writing on read-only btrfs subvolumes (bsc#1010158)

- pci/acpi: Allow all PCIe services on non-ACPI host bridges (bsc#1006827).

- pci: Allow additional bus numbers for hotplug bridges (bsc#1006827).

- pci: correctly cast mem_base in pci_read_bridge_mmio_pref() (bsc#1001888).

- pci: Do not set RCB bit in LNKCTL if the upstream bridge hasn't (bsc#1001888).

- pci: Fix BUG on device attach failure (bnc#987641).

- pci: pciehp: Allow exclusive userspace control of indicators (bsc#1006827).

- pci: Remove return values from pcie_port_platform_notify() and relatives (bsc#1006827).

- perf/x86: Add perf support for AMD family-17h processors (fate#320473).

- pm / hibernate: Fix 2G size issue of snapshot image verification (bsc#1004252).

- pm / sleep: declare __tracedata symbols as char rather than char (bnc#1005895).

- powercap/intel_rapl: Add support for Kabylake (bsc#1003566).

- powercap / RAPL: add support for Denverton (bsc#1003566).

- powercap / RAPL: Add support for Ivy Bridge server (bsc#1003566).

- powerpc/pseries: Use H_CLEAR_HPT to clear MMU hash table during kexec (bsc#1003813).

- powerpc/xmon: Add xmon command to dump process/task similar to ps(1) (fate#322020).

- proc: much faster /proc/vmstat (bnc#971975 VM performance -- vmstat).

- qede: Correctly map aggregation replacement pages (bsc#966318 FATE#320158 bsc#966316 FATE#320159).

- qed: FLR of active VFs might lead to FW assert (bsc#966318 FATE#320158 bsc#966316 FATE#320159).

- qgroup: Prevent qgroup->reserved from going subzero (bsc#993841).

- qla2xxx: Fix NULL pointer deref in QLA interrupt (bsc#1003068).

- qla2xxx: setup data needed in ISR before setting up the ISR (bsc#1006528).

- rbd: truncate objects on cmpext short reads (bsc#988715).

- Revert 'ACPI / LPSS: allow to use specific PM domain during ->probe()' (bsc#1005917).

- Revert 'can: dev: fix deadlock reported after bus-off'.

- Revert 'fix minor infoleak in get_user_ex()' (p.k.o).

- REVERT fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681)

- Revert 'x86/mm: Expand the exception table logic to allow new handling options' (p.k.o).

- rpm/config.sh: Build against SP2 in the OBS as well

- rpm/constraints.in: increase disk for kernel-syzkaller The kernel-syzkaller build now consumes around 30G. This causes headache in factory where the package rebuilds over and over. Require 35G disk size to successfully build the flavor.

- rpm/kernel-binary.spec.in: Build the -base package unconditionally (bsc#1000118)

- rpm/kernel-binary.spec.in: Do not create KMPs with CONFIG_MODULES=n

- rpm/kernel-binary.spec.in: Only build -base and -extra with CONFIG_MODULES (bsc#1000118)

- rpm/kernel-binary.spec.in: Simplify debug info switch Any CONFIG_DEBUG_INFO sub-options are answered in the configs nowadays.

- rpm/kernel-spec-macros: Ignore too high rebuild counter (bsc#1012060)

- rpm/mkspec: Read a default release string from rpm/config.sh (bsc997059)

- rpm/package-descriptions: Add 64kb kernel flavor description

- rpm/package-descriptions: add kernel-syzkaller

- rpm/package-descriptions: pv has been merged into
-default (fate#315712)

- rpm/package-descriptions: the flavor is 64kb, not 64k

- s390/mm: fix gmap tlb flush issues (bnc#1005925).

- sched/core: Optimize __schedule() (bnc#978907 Scheduler performance -- context switch).

- sched/fair: Fix incorrect task group ->load_avg (bsc#981825).

- sched/fair: Optimize find_idlest_cpu() when there is no choice (bnc#978907 Scheduler performance -- idle search).

- scsi: ibmvfc: Fix I/O hang when port is not mapped (bsc#971989)

- serial: 8250_pci: Detach low-level driver during PCI error recovery (bsc#1013001).

- serial: 8250_port: fix runtime PM use in
__do_stop_tx_rs485() (bsc#983152).

- sunrpc: fix refcounting problems with auth_gss messages (boo#1011250).

- supported.conf: add hid-logitech-hidpp (bsc#1002322 bsc#1002786)

- supported.conf: Add overlay.ko to -base (fate#321903) Also, delete the stale entry for the old overlayfs.

- supported.conf: Mark vmx-crypto as supported (fate#319564)

- supported.conf: xen-netfront should be in base packages, just like its non-pvops predecessor. (bsc#1002770)

- target: fix tcm_rbd_gen_it_nexus for emulated XCOPY state (bsc#1003606).

- tg3: Avoid NULL pointer dereference in tg3_io_error_detected() (bsc#963609 FATE#320143).

- time: Avoid undefined behaviour in ktime_add_safe() (bnc#1006103).

- Update config files: select new CONFIG_SND_SOC_INTEL_SST_* helpers

- Update patches.suse/btrfs-8401-fix-qgroup-accounting-when-creat ing-snap.patch (bsc#972993).

- usb: gadget: composite: Clear reserved fields of SSP Dev Cap (FATE#319959).

- usbhid: add ATEN CS962 to list of quirky devices (bsc#1007615).

- usb: hub: Fix auto-remount of safely removed or ejected USB-3 devices (bsc#922634).

- Using BUG_ON() as an assert() is _never_ acceptable (bnc#1005929).

- vmxnet3: Wake queue from reset work (bsc#999907).

- Whitelist KVM KABI changes resulting from adding a hcall. caused by 5246adec59458b5d325b8e1462ea9ef3ead7f6ae powerpc/pseries: Use H_CLEAR_HPT to clear MMU hash table during kexec No problem is expected as result of changing KVM KABI so whitelisting for now. If we get some additional input from IBM we can back out the patch.

- writeback: initialize inode members that track writeback history (bsc#1012829).

- x86/apic: Order irq_enter/exit() calls correctly vs.
ack_APIC_irq() (bsc#1013479).

- x86/efi: Enable runtime call flag checking (bsc#1005745).

- x86/efi: Move to generic {__,}efi_call_virt() (bsc#1005745).

- x86/hpet: Reduce HPET counter read contention (bsc#1014710).

- x86/mce/AMD, EDAC/mce_amd: Define and use tables for known SMCA IP types (fate#320474, bsc#1013700). Exclude removed symbols from kABI check. They're AMD Zen relevant only and completely useless to other modules - only edac_mce_amd.ko.

- x86/mce/AMD: Increase size of the bank_map type (fate#320474, bsc#1013700).

- x86/mce/AMD: Read MSRs on the CPU allocating the threshold blocks (fate#320474, bsc#1013700).

- x86/mce/AMD: Update sysfs bank names for SMCA systems (fate#320474, bsc#1013700).

- x86/mce/AMD: Use msr_ops.misc() in allocate_threshold_blocks() (fate#320474, bsc#1013700).

- x86/pci: VMD: Attach VMD resources to parent domain's resource tree (bsc#1006827).

- x86/pci: VMD: Document code for maintainability (bsc#1006827).

- x86/pci: VMD: Fix infinite loop executing irq's (bsc#1006827).

- x86/pci: VMD: Initialize list item in IRQ disable (bsc#1006827).

- x86/pci: VMD: Request userspace control of PCIe hotplug indicators (bsc#1006827).

- x86/pci: VMD: Select device dma ops to override (bsc#1006827).

- x86/pci: VMD: Separate MSI and MSI-X vector sharing (bsc#1006827).

- x86/pci: VMD: Set bus resource start to 0 (bsc#1006827).

- x86/pci: VMD: Synchronize with RCU freeing MSI IRQ descs (bsc#1006827).

- x86/pci: VMD: Use lock save/restore in interrupt enable path (bsc#1006827).

- x86/pci/VMD: Use untracked irq handler (bsc#1006827).

- x86/pci: VMD: Use x86_vector_domain as parent domain (bsc#1006827).

- x86, powercap, rapl: Add Skylake Server model number (bsc#1003566).

- x86, powercap, rapl: Reorder CPU detection table (bsc#1003566).

- x86, powercap, rapl: Use Intel model macros intead of open-coding (bsc#1003566).

- xen/gntdev: Use VM_MIXEDMAP instead of VM_IO to avoid NUMA balancing (bnc#1005169).

- zram: Fix unbalanced idr management at hot removal (bsc#1010970).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
https://bugzilla.suse.com/1000118
https://bugzilla.suse.com/1000189
https://bugzilla.suse.com/1000287
https://bugzilla.suse.com/1000304
https://bugzilla.suse.com/1000433
https://bugzilla.suse.com/1000776
https://bugzilla.suse.com/1001169
https://bugzilla.suse.com/1001171
https://bugzilla.suse.com/1001310
https://bugzilla.suse.com/1001462
https://bugzilla.suse.com/1001486
https://bugzilla.suse.com/1001888
https://bugzilla.suse.com/1002322
https://bugzilla.suse.com/1002770
https://bugzilla.suse.com/1002786
https://bugzilla.suse.com/1003068
https://bugzilla.suse.com/1003566
https://bugzilla.suse.com/1003581
https://bugzilla.suse.com/1003606
https://bugzilla.suse.com/1003813
https://bugzilla.suse.com/1003866
https://bugzilla.suse.com/1003964
https://bugzilla.suse.com/1004048
https://bugzilla.suse.com/1004052
https://bugzilla.suse.com/1004252
https://bugzilla.suse.com/1004365
https://bugzilla.suse.com/1004517
https://bugzilla.suse.com/1005169
https://bugzilla.suse.com/1005327
https://bugzilla.suse.com/1005545
https://bugzilla.suse.com/1005666
https://bugzilla.suse.com/1005745
https://bugzilla.suse.com/1005895
https://bugzilla.suse.com/1005917
https://bugzilla.suse.com/1005921
https://bugzilla.suse.com/1005923
https://bugzilla.suse.com/1005925
https://bugzilla.suse.com/1005929
https://bugzilla.suse.com/1006103
https://bugzilla.suse.com/1006175
https://bugzilla.suse.com/1006267
https://bugzilla.suse.com/1006528
https://bugzilla.suse.com/1006576
https://bugzilla.suse.com/1006804
https://bugzilla.suse.com/1006809
https://bugzilla.suse.com/1006827
https://bugzilla.suse.com/1006915
https://bugzilla.suse.com/1006918
https://bugzilla.suse.com/1007197
https://bugzilla.suse.com/1007615
https://bugzilla.suse.com/1007653
https://bugzilla.suse.com/1007955
https://bugzilla.suse.com/1008557
https://bugzilla.suse.com/1008979
https://bugzilla.suse.com/1009062
https://bugzilla.suse.com/1009969
https://bugzilla.suse.com/1010040
https://bugzilla.suse.com/1010158
https://bugzilla.suse.com/1010444
https://bugzilla.suse.com/1010478
https://bugzilla.suse.com/1010507
https://bugzilla.suse.com/1010665
https://bugzilla.suse.com/1010690
https://bugzilla.suse.com/1010970
https://bugzilla.suse.com/1011176
https://bugzilla.suse.com/1011250
https://bugzilla.suse.com/1011913
https://bugzilla.suse.com/1012060
https://bugzilla.suse.com/1012094
https://bugzilla.suse.com/1012452
https://bugzilla.suse.com/1012767
https://bugzilla.suse.com/1012829
https://bugzilla.suse.com/1012992
https://bugzilla.suse.com/1013001
https://bugzilla.suse.com/1013479
https://bugzilla.suse.com/1013531
https://bugzilla.suse.com/1013700
https://bugzilla.suse.com/1014120
https://bugzilla.suse.com/1014392
https://bugzilla.suse.com/1014701
https://bugzilla.suse.com/1014710
https://bugzilla.suse.com/1015212
https://bugzilla.suse.com/1015359
https://bugzilla.suse.com/1015367
https://bugzilla.suse.com/1015416
https://bugzilla.suse.com/799133
https://bugzilla.suse.com/914939
https://bugzilla.suse.com/922634
https://bugzilla.suse.com/963609
https://bugzilla.suse.com/963655
https://bugzilla.suse.com/963904
https://bugzilla.suse.com/964462
https://bugzilla.suse.com/966170
https://bugzilla.suse.com/966172
https://bugzilla.suse.com/966186
https://bugzilla.suse.com/966191
https://bugzilla.suse.com/966316
https://bugzilla.suse.com/966318
https://bugzilla.suse.com/966325
https://bugzilla.suse.com/966471
https://bugzilla.suse.com/969474
https://bugzilla.suse.com/969475
https://bugzilla.suse.com/969476
https://bugzilla.suse.com/969477
https://bugzilla.suse.com/969756
https://bugzilla.suse.com/971975
https://bugzilla.suse.com/971989
https://bugzilla.suse.com/972993
https://bugzilla.suse.com/974313
https://bugzilla.suse.com/974842
https://bugzilla.suse.com/974843
https://bugzilla.suse.com/978907
https://bugzilla.suse.com/979378
https://bugzilla.suse.com/979681
https://bugzilla.suse.com/981825
https://bugzilla.suse.com/983087
https://bugzilla.suse.com/983152
https://bugzilla.suse.com/983318
https://bugzilla.suse.com/985850
https://bugzilla.suse.com/986255
https://bugzilla.suse.com/986987
https://bugzilla.suse.com/987641
https://bugzilla.suse.com/987703
https://bugzilla.suse.com/987805
https://bugzilla.suse.com/988524
https://bugzilla.suse.com/988715
https://bugzilla.suse.com/990384
https://bugzilla.suse.com/992555
https://bugzilla.suse.com/993739
https://bugzilla.suse.com/993841
https://bugzilla.suse.com/993891
https://bugzilla.suse.com/994881
https://bugzilla.suse.com/995278
https://bugzilla.suse.com/997059
https://bugzilla.suse.com/997639
https://bugzilla.suse.com/997807
https://bugzilla.suse.com/998054
https://bugzilla.suse.com/998689
https://bugzilla.suse.com/999907
https://bugzilla.suse.com/999932
https://www.suse.com/security/cve/CVE-2015-1350.html
https://www.suse.com/security/cve/CVE-2015-8964.html
https://www.suse.com/security/cve/CVE-2016-7039.html
https://www.suse.com/security/cve/CVE-2016-7042.html
https://www.suse.com/security/cve/CVE-2016-7425.html
https://www.suse.com/security/cve/CVE-2016-7913.html
https://www.suse.com/security/cve/CVE-2016-7917.html
https://www.suse.com/security/cve/CVE-2016-8645.html
https://www.suse.com/security/cve/CVE-2016-8666.html
https://www.suse.com/security/cve/CVE-2016-9083.html
https://www.suse.com/security/cve/CVE-2016-9084.html
https://www.suse.com/security/cve/CVE-2016-9793.html
https://www.suse.com/security/cve/CVE-2016-9919.html
http://www.nessus.org/u?c38ecfd4
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch SUSE-SLE-WE-12-SP2-2017-87=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-87=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-87=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-87=1

SUSE Linux Enterprise Live Patching 12:zypper in -t patch SUSE-SLE-Live-Patching-12-2017-87=1

SUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch SUSE-SLE-HA-12-SP2-2017-87=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-87=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.0 (CVSS:3.0/E:P/RL:O/RC:C)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.3 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2016-9919
CVE CVE-2016-9793
CVE CVE-2016-9084
CVE CVE-2016-9083
CVE CVE-2016-8666
CVE CVE-2016-8645
CVE CVE-2016-7917
CVE CVE-2016-7913
CVE CVE-2016-7425
CVE CVE-2016-7042
CVE CVE-2016-7039
CVE CVE-2015-8964
CVE CVE-2015-1350
XREF OSVDB:148442
XREF OSVDB:148409
XREF OSVDB:147168
XREF OSVDB:147057
XREF OSVDB:147016
XREF OSVDB:147000
XREF OSVDB:146377
XREF OSVDB:146370
XREF OSVDB:145694
XREF OSVDB:145649
XREF OSVDB:145585
XREF OSVDB:145388
XREF OSVDB:144411
XREF OSVDB:117818
Exploitable With
Core Impact (true)
Plugin Information:
Published: 2017/01/18, Modified: 2017/06/22
Plugin Output

tcp/0


Remote package installed : kernel-default-4.4.21-84.1
Should be : kernel-default-4.4.38-93.1
96718 - SUSE SLED12 / SLES12 Security Update : openssh (SUSE-SU-2017:0264-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for openssh fixes several issues. These security issues were fixed :

- CVE-2016-8858: The kex_input_kexinit function in kex.c allowed remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests (bsc#1005480).

- CVE-2016-10012: The shared memory manager (associated with pre-authentication compression) did not ensure that a bounds check is enforced by all compilers, which might allowed local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures (bsc#1016370).

- CVE-2016-10009: Untrusted search path vulnerability in ssh-agent.c allowed remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket (bsc#1016366).

- CVE-2016-10010: When forwarding unix domain sockets with privilege separation disabled, the resulting sockets have be created as 'root' instead of the authenticated user. Forwarding unix domain sockets without privilege separation enabled is now rejected.

- CVE-2016-10011: authfile.c in sshd did not properly consider the effects of realloc on buffer contents, which might allowed local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process (bsc#1016369). These non-security issues were fixed :

- Adjusted suggested command for removing conflicting server keys from the known_hosts file (bsc#1006221)

- Properly verify CIDR masks in configuration (bsc#1005893)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-138=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-138=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-138=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
5.8 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-8858
CVE CVE-2016-10012
CVE CVE-2016-10011
CVE CVE-2016-10010
CVE CVE-2016-10009
XREF OSVDB:148975
XREF OSVDB:148968
XREF OSVDB:148967
XREF OSVDB:148966
XREF OSVDB:146060
Plugin Information:
Published: 2017/01/24, Modified: 2017/01/24
Plugin Output

tcp/0


Remote package installed : openssh-7.2p2-55.1
Should be : openssh-7.2p2-66.1

Remote package installed : openssh-helpers-7.2p2-55.1
Should be : openssh-helpers-7.2p2-66.1
96793 - SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2017:0279-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for systemd fixes the following issues: This security issue was fixed :

- CVE-2016-10156: Fix permissions set on permanent timer timestamp files, preventing local unprivileged users from escalating privileges (bsc#1020601). These non-security issues were fixed :

- Fix permission set on /var/lib/systemd/linger/*

- install: follow config_path symlink (#3362)

- install: fix disable when /etc/systemd/system is a symlink (bsc#1014560)

- run: make --slice= work in conjunction with --scope (bsc#1014566)

- core: don't dispatch load queue when setting Slice= for transient units

- systemctl: remove duplicate entries showed by list-dependencies (#5049) (bsc#1012266)

- rule: don't automatically online standby memory on s390x (bsc#997682)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-149=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-149=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-149=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-149=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.2 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.0 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2016-10156
XREF OSVDB:150733
Plugin Information:
Published: 2017/01/26, Modified: 2017/01/26
Plugin Output

tcp/0


Remote package installed : libsystemd0-228-121.1
Should be : libsystemd0-228-132.1

Remote package installed : libudev1-228-121.1
Should be : libudev1-228-132.1

Remote package installed : systemd-228-121.1
Should be : systemd-228-132.1

Remote package installed : systemd-sysvinit-228-121.1
Should be : systemd-sysvinit-228-132.1

Remote package installed : udev-228-121.1
Should be : udev-228-132.1

Remote package installed : libsystemd0-32bit-228-121.1
Should be : libsystemd0-32bit-228-132.1

Remote package installed : libudev1-32bit-228-121.1
Should be : libudev1-32bit-228-132.1

Remote package installed : systemd-32bit-228-121.1
Should be : systemd-32bit-228-132.1
96827 - SUSE SLED12 / SLES12 Security Update : dbus-1 (SUSE-SU-2017:0292-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for dbus-1 to version 1.8.22 fixes one security issue and bugs. The following security issue was fixed :

- bsc#1003898: Do not treat ActivationFailure message received from root-owned systemd name as a format string. The following upstream changes are included :

- Change the default configuration for the session bus to only allow EXTERNAL authentication (secure kernel-mediated credentials-passing), as was already done for the system bus.

- Fix a memory leak when GetConnectionCredentials() succeeds (fdo#91008)

- Ensure that dbus-monitor does not reply to messages intended for others (fdo#90952)

- Add locking to DBusCounter's reference count and notify function (fdo#89297)

- Ensure that DBusTransport's reference count is protected by the corresponding DBusConnection's lock (fdo#90312)

- Correctly release DBusServer mutex before early-return if we run out of memory while copying authentication mechanisms (fdo#90021)

- Correctly initialize all fields of DBusTypeReader (fdo#90021)

- Fix some missing in verbose (debug log) messages (fdo#90004)

- Clean up some memory leaks in test code (fdo#90021)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-153=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-153=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-153=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-153=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.3 (CVSS2#E:U/RL:OF/RC:C)
References
XREF OSVDB:145548
Plugin Information:
Published: 2017/01/27, Modified: 2017/01/31
Plugin Output

tcp/0


Remote package installed : dbus-1-1.8.16-19.1
Should be : dbus-1-1.8.22-24.2.1

Remote package installed : dbus-1-x11-1.8.16-19.1
Should be : dbus-1-x11-1.8.22-24.2.1

Remote package installed : libdbus-1-3-1.8.16-19.1
Should be : libdbus-1-3-1.8.22-24.2.1

Remote package installed : libdbus-1-3-32bit-1.8.16-19.1
Should be : libdbus-1-3-32bit-1.8.22-24.2.1
96950 - SUSE SLED12 / SLES12 Security Update : gnutls (SUSE-SU-2017:0348-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for gnutls fixes the following security issues :

- GnuTLS could have crashed when processing maliciously crafted OpenPGP certificates (GNUTLS-SA-2017-2, bsc#1018832, CVE-2017-5335, CVE-2017-5337, CVE-2017-5336)

- GnuTLS could have falsely accepted certificates when using OCSP (GNUTLS-SA-2016-3, bsc#999646, CVE-2016-7444)

- GnuTLS could have suffered from 100% CPU load DoS attacks by using SSL alert packets during the handshake (bsc#1005879, CVE-2016-8610)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-177=1

SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-177=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-177=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-177=1

SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-177=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-177=1

SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-177=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVSS v3.0 Temporal Score
6.9 (CVSS:3.0/E:F/RL:O/RC:X)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-5337
CVE CVE-2017-5336
CVE CVE-2017-5335
CVE CVE-2016-8610
CVE CVE-2016-7444
XREF OSVDB:167143
XREF OSVDB:149954
XREF OSVDB:149953
XREF OSVDB:149952
XREF OSVDB:146198
XREF OSVDB:143934
Plugin Information:
Published: 2017/02/02, Modified: 2017/10/16
Plugin Output

tcp/0


Remote package installed : libgnutls28-3.2.15-11.1
Should be : libgnutls28-3.2.15-16.1
97080 - SUSE SLED12 / SLES12 Security Update : expat (SUSE-SU-2017:0424-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for expat fixes the following security issues :

- CVE-2012-6702: Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, made it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function. (bsc#983215)

- CVE-2016-5300: The XML parser in Expat did not use sufficient entropy for hash initialization, which allowed context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876. (bsc#983216)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-212=1

SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-212=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-212=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-212=1

SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-212=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-212=1

SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-212=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVSS v3.0 Temporal Score
6.5 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
5.8 (CVSS2#E:U/RL:OF/RC:C)
References
BID 52379
CVE CVE-2016-5300
CVE CVE-2012-6702
CVE CVE-2012-0876
XREF OSVDB:139342
XREF OSVDB:80892
Plugin Information:
Published: 2017/02/09, Modified: 2017/02/09
Plugin Output

tcp/0


Remote package installed : expat-2.1.0-17.1
Should be : expat-2.1.0-20.2

Remote package installed : libexpat1-2.1.0-17.1
Should be : libexpat1-2.1.0-20.2

Remote package installed : libexpat1-32bit-2.1.0-17.1
Should be : libexpat1-32bit-2.1.0-20.2
97082 - SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2017:0427-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
MozillaFirefox 45 ESR was updated to 45.7 to fix the following issues (bsc#1021991) :

- MFSA 2017-02/CVE-2017-5378: Pointer and frame data leakage of JavaScript objects (bsc#1021818)

- MFSA 2017-02/CVE-2017-5396: Use-after-free with Media Decoder (bsc#1021821)

- MFSA 2017-02/CVE-2017-5386: WebExtensions can use data:
protocol to affect other extensions (bsc#1021823)

- MFSA 2017-02/CVE-2017-5380: Potential use-after-free during DOM manipulations (bsc#1021819)

- MFSA 2017-02/CVE-2017-5390: Insecure communication methods in Developer Tools JSON viewer (bsc#1021820)

- MFSA 2017-02/CVE-2017-5373: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7 (bsc#1021824)

- MFSA 2017-02/CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP (bsc#1021814)

- MFSA 2017-02/CVE-2017-5376: Use-after-free in XSL (bsc#1021817)

- MFSA 2017-02/CVE-2017-5383: Location bar spoofing with unicode characters (bsc#1021822) Please see https://www.mozilla.org/en-US/security/advisories/mfsa20 17-02/ for more information.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-217=1

SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-217=1

SUSE Linux Enterprise Server for SAP 12:zypper in -t patch SUSE-SLE-SAP-12-2017-217=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-217=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-217=1

SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-217=1

SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-2017-217=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-217=1

SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-217=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.3 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2017-5396
CVE CVE-2017-5390
CVE CVE-2017-5386
CVE CVE-2017-5383
CVE CVE-2017-5380
CVE CVE-2017-5378
CVE CVE-2017-5376
CVE CVE-2017-5375
CVE CVE-2017-5373
XREF OSVDB:150881
XREF OSVDB:150878
XREF OSVDB:150875
XREF OSVDB:150866
XREF OSVDB:150865
XREF OSVDB:150864
XREF OSVDB:150863
XREF OSVDB:150862
XREF OSVDB:150861
XREF OSVDB:150860
XREF OSVDB:150859
XREF OSVDB:150858
XREF OSVDB:150837
XREF OSVDB:150836
XREF OSVDB:150834
XREF OSVDB:150832
XREF OSVDB:150831
Plugin Information:
Published: 2017/02/09, Modified: 2017/03/15
Plugin Output

tcp/0


Remote package installed : MozillaFirefox-45.5.1esr-93.1
Should be : MozillaFirefox-45.7.0esr-99.1

Remote package installed : MozillaFirefox-translations-45.5.1esr-93.1
Should be : MozillaFirefox-translations-45.7.0esr-99.1
97096 - SUSE SLED12 / SLES12 Security Update : opus (SUSE-SU-2017:0436-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for opus fixes the following issues :

- CVE-2017-0381: Fixed a remote code execution vulnerability in silk/NLSF_stabilize.c when playing certain media files (bsc#1020102)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-223=1

SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-223=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-223=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-223=1

SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-223=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-223=1

SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-223=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
6.8 (CVSS:3.0/E:U/RL:O/RC:C)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.9 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-0381
XREF OSVDB:149549
Plugin Information:
Published: 2017/02/10, Modified: 2017/02/10
Plugin Output

tcp/0


Remote package installed : libopus0-1.1-1.36
Should be : libopus0-1.1-3.1
97130 - SUSE SLED12 / SLES12 Security Update : tiff (SUSE-SU-2017:0453-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for tiff fixes the following issues :

- A crafted TIFF image could cause a crash and potential code execution when processed by the 'tiffcp' utility (CVE-2017-5225, bsc#1019611). Also a regression from the version update to 4.0.7 was fixed in handling TIFFTAG_FAXRECVPARAMS. (bsc#1022103)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-231=1

SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-231=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-231=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-231=1

SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-231=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-231=1

SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-231=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.8 (CVSS:3.0/E:P/RL:O/RC:X)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.9 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2017-5225
XREF OSVDB:149991
Plugin Information:
Published: 2017/02/13, Modified: 2017/02/13
Plugin Output

tcp/0


Remote package installed : libtiff5-4.0.6-26.3
Should be : libtiff5-4.0.7-40.1

Remote package installed : libtiff5-32bit-4.0.6-26.3
Should be : libtiff5-32bit-4.0.7-40.1
97202 - SUSE SLED12 / SLES12 Security Update : libXpm (SUSE-SU-2017:0467-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for libXpm fixes the following issues :

- A heap overflow in XPM handling could be used by attackers supplying XPM files to crash or potentially execute code. (bsc#1021315)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-240=1

SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-240=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-240=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-240=1

SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-240=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-240=1

SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-240=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.9 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2016-10164
XREF OSVDB:150787
XREF OSVDB:150786
Plugin Information:
Published: 2017/02/16, Modified: 2017/02/27
Plugin Output

tcp/0


Remote package installed : libXpm4-3.5.11-3.60
Should be : libXpm4-3.5.11-5.1
97203 - SUSE SLED12 / SLES12 Security Update : gd (SUSE-SU-2017:0468-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for gd fixes the following security issues :

- CVE-2016-6906: An out-of-bounds read in TGA decompression was fixed which could have lead to crashes. (bsc#1022553)

- CVE-2016-6912: Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) allowed remote attackers to have unspecified impact via large width and height values. (bsc#1022284)

- CVE-2016-9317: The gdImageCreate function in the GD Graphics Library (aka libgd) allowed remote attackers to cause a denial of service (system hang) via an oversized image. (bsc#1022283)

- CVE-2016-10166: A potential unsigned underflow in gd interpolation functions could lead to memory corruption in the GD Graphics Library (aka libgd) (bsc#1022263)

- CVE-2016-10167: A denial of service problem in gdImageCreateFromGd2Ctx() could lead to libgd running out of memory even on small files. (bsc#1022264)

- CVE-2016-10168: A signed integer overflow in the GD Graphics Library (aka libgd) could lead to memory corruption (bsc#1022265)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch SUSE-SLE-WE-12-SP2-2017-241=1

SUSE Linux Enterprise Workstation Extension 12-SP1:zypper in -t patch SUSE-SLE-WE-12-SP1-2017-241=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-241=1

SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-241=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-241=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-241=1

SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-241=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-241=1

SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-241=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.8 (CVSS:3.0/E:P/RL:O/RC:X)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.9 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2016-9317
CVE CVE-2016-6912
CVE CVE-2016-6906
CVE CVE-2016-10168
CVE CVE-2016-10167
CVE CVE-2016-10166
XREF OSVDB:150680
XREF OSVDB:150614
XREF OSVDB:150576
XREF OSVDB:150575
XREF OSVDB:150562
XREF OSVDB:150557
Plugin Information:
Published: 2017/02/16, Modified: 2017/02/27
Plugin Output

tcp/0


Remote package installed : gd-2.1.0-12.1
Should be : gd-2.1.0-23.1
97520 - SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2017:0596-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for bind fixes the following issues :

- Fixed a possible denial of service vulnerability (affected only configurations using both DNS64 and RPZ, CVE-2017-3135, bsc#1024130)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-312=1

SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-312=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-312=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-312=1

SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-312=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-312=1

SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-312=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
6.4 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-3135
XREF OSVDB:151758
Plugin Information:
Published: 2017/03/03, Modified: 2017/04/21
Plugin Output

tcp/0


Remote package installed : bind-libs-9.9.9P1-49.1
Should be : bind-libs-9.9.9P1-56.1

Remote package installed : bind-utils-9.9.9P1-49.1
Should be : bind-utils-9.9.9P1-56.1

Remote package installed : bind-libs-32bit-9.9.9P1-49.1
Should be : bind-libs-32bit-9.9.9P1-56.1
97598 - SUSE SLED12 / SLES12 Security Update : tigervnc (SUSE-SU-2017:0622-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for tigervnc provides the following fixes :

- Prevent malicious server from crashing a server via a buffer overflow, a similar flaw as the LibVNCServer issues CVE-2016-9941 and CVE-2016-9942. (bsc#1019274)

- CVE-2016-10207: Prevent potential crash due to insufficient clean-up after failure to establish TLS connection. (bsc#1023012)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-335=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-335=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-335=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.9 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2016-9942
CVE CVE-2016-9941
CVE CVE-2016-10207
XREF OSVDB:151448
XREF OSVDB:149428
XREF OSVDB:149427
Plugin Information:
Published: 2017/03/08, Modified: 2017/03/08
Plugin Output

tcp/0


Remote package installed : libXvnc1-1.6.0-12.6
Should be : libXvnc1-1.6.0-16.4

Remote package installed : tigervnc-1.6.0-12.6
Should be : tigervnc-1.6.0-16.4

Remote package installed : xorg-x11-Xvnc-1.6.0-12.6
Should be : xorg-x11-Xvnc-1.6.0-16.4
97772 - SUSE SLED12 / SLES12 Security Update : Recommended update for dbus-1 (SUSE-SU-2017:0695-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for dbus-1 fixes the following issues: Security issues fixed :

- Symlink attack in nonce-tcp transport. (bsc#1025950)

- Symlink attack in unit tests. (bsc#1025951) Bugfixes :

- Remove sysvinit script, not used under systemd.
(bsc#974092)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-376=1

SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-376=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-376=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-376=1

SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-376=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-376=1

SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-376=1

OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-376=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
Plugin Information:
Published: 2017/03/16, Modified: 2017/03/16
Plugin Output

tcp/0


Remote package installed : dbus-1-1.8.16-19.1
Should be : dbus-1-1.8.22-24.8.1

Remote package installed : dbus-1-x11-1.8.16-19.1
Should be : dbus-1-x11-1.8.22-24.8.1

Remote package installed : libdbus-1-3-1.8.16-19.1
Should be : libdbus-1-3-1.8.22-24.8.1

Remote package installed : libdbus-1-3-32bit-1.8.16-19.1
Should be : libdbus-1-3-32bit-1.8.22-24.8.1
97825 - SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2017:0714-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for MozillaFirefox to ESR 45.8 fixes the following issues:
Security issues fixed (bsc#1028391) :

- CVE-2017-5402: Use-after-free working with events in FontFace objects

- CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping

- CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP

- CVE-2017-5401: Memory Corruption when handling ErrorResult

- CVE-2017-5407: Pixel and history stealing via floating-point timing side channel with SVG filters

- CVE-2017-5404: Use-after-free working with ranges in selections

- CVE-2017-5405: FTP response codes can cause use of uninitialized values for ports

- CVE-2017-5408: Cross-origin reading of video captions in violation of CORS

- CVE-2017-5409: File deletion via callback parameter in Mozilla Windows Updater and Maintenance Service

- CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-392=1

SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-392=1

SUSE Linux Enterprise Server for SAP 12:zypper in -t patch SUSE-SLE-SAP-12-2017-392=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-392=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-392=1

SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-392=1

SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-2017-392=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-392=1

SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-392=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.3 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2017-5410
CVE CVE-2017-5409
CVE CVE-2017-5408
CVE CVE-2017-5407
CVE CVE-2017-5405
CVE CVE-2017-5404
CVE CVE-2017-5402
CVE CVE-2017-5401
CVE CVE-2017-5400
CVE CVE-2017-5398
XREF OSVDB:153214
XREF OSVDB:153198
XREF OSVDB:153196
XREF OSVDB:153195
XREF OSVDB:153193
XREF OSVDB:153192
XREF OSVDB:153191
XREF OSVDB:153190
XREF OSVDB:153183
XREF OSVDB:153182
XREF OSVDB:153181
XREF OSVDB:153180
XREF OSVDB:153179
XREF OSVDB:153178
XREF OSVDB:153177
XREF OSVDB:153176
XREF OSVDB:153175
XREF OSVDB:153174
XREF OSVDB:153173
XREF OSVDB:153143
Plugin Information:
Published: 2017/03/20, Modified: 2017/08/16
Plugin Output

tcp/0


Remote package installed : MozillaFirefox-45.5.1esr-93.1
Should be : MozillaFirefox-45.8.0esr-102.1

Remote package installed : MozillaFirefox-translations-45.5.1esr-93.1
Should be : MozillaFirefox-translations-45.8.0esr-102.1
99090 - SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:0864-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
The SUSE Linux Enterprise 12 kernel was updated to fix the following security bugs :

- CVE-2017-7184: The Linux kernel allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via unspecified vectors, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bnc#1030573, bnc#1028372).

- CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bnc#1027565).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch SUSE-SLE-WE-12-SP2-2017-487=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-487=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-487=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-487=1

SUSE Linux Enterprise Live Patching 12:zypper in -t patch SUSE-SLE-Live-Patching-12-2017-487=1

SUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch SUSE-SLE-HA-12-SP2-2017-487=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-487=1

OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-487=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.5 (CVSS:3.0/E:F/RL:U/RC:X)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.8 (CVSS2#E:F/RL:U/RC:ND)
References
CVE CVE-2017-7184
CVE CVE-2017-2636
XREF OSVDB:153853
XREF OSVDB:153186
Plugin Information:
Published: 2017/03/30, Modified: 2017/08/16
Plugin Output

tcp/0


Remote package installed : kernel-default-4.4.21-84.1
Should be : kernel-default-4.4.49-92.14.1
99578 - SUSE SLED12 / SLES12 Security Update : ruby2.1 (SUSE-SU-2017:1067-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This ruby2.1 update to version 2.1.9 fixes the following issues:
Security issues fixed :

- CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new'initialize' (bsc#1018808)

- CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL (bsc#959495)

- CVE-2015-3900: hostname validation does not work when fetching gems or making API requests (bsc#936032)

- CVE-2015-1855: Ruby'a OpenSSL extension suffers a vulnerability through overly permissive matching of hostnames (bsc#926974)

- CVE-2014-4975: off-by-one stack-based buffer overflow in the encodes() function (bsc#887877) Bugfixes :

- SUSEconnect doesn't handle domain wildcards in no_proxy environment variable properly (bsc#1014863)

- Segmentation fault after pack & ioctl & unpack (bsc#909695)

- Ruby:HTTP Header injection in 'net/http' (bsc#986630) ChangeLog :

- http://svn.ruby-lang.org/repos/ruby/tags/v2_1_9/ChangeLog

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-624=1

SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-624=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-624=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-624=1

SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-624=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-624=1

SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-624=1

OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-624=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
8.4 (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
8.0 (CVSS:3.0/E:X/RL:O/RC:C)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
6.5 (CVSS2#E:ND/RL:OF/RC:C)
References
BID 75482
BID 74446
BID 68474
CVE CVE-2016-2339
CVE CVE-2015-7551
CVE CVE-2015-3900
CVE CVE-2015-1855
CVE CVE-2014-4975
XREF OSVDB:140169
XREF OSVDB:131943
XREF OSVDB:122162
XREF OSVDB:120541
XREF OSVDB:108971
Plugin Information:
Published: 2017/04/21, Modified: 2017/05/03
Plugin Output

tcp/0


Remote package installed : libruby2_1-2_1-2.1.2-12.3
Should be : libruby2_1-2_1-2.1.9-15.1

Remote package installed : ruby2.1-2.1.2-12.3
Should be : ruby2.1-2.1.9-15.1

Remote package installed : ruby2.1-stdlib-2.1.2-12.3
Should be : ruby2.1-stdlib-2.1.9-15.1
99705 - SUSE SLED12 / SLES12 Security Update : tcpdump, libpcap (SUSE-SU-2017:1110-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for tcpdump to version 4.9.0 and libpcap to version 1.8.1 fixes the several issues. These security issues were fixed in tcpdump :

- CVE-2016-7922: The AH parser in tcpdump had a buffer overflow in print-ah.c:ah_print() (bsc#1020940).

- CVE-2016-7923: The ARP parser in tcpdump had a buffer overflow in print-arp.c:arp_print() (bsc#1020940).

- CVE-2016-7924: The ATM parser in tcpdump had a buffer overflow in print-atm.c:oam_print() (bsc#1020940).

- CVE-2016-7925: The compressed SLIP parser in tcpdump had a buffer overflow in print-sl.c:sl_if_print() (bsc#1020940).

- CVE-2016-7926: The Ethernet parser in tcpdump had a buffer overflow in print-ether.c:ethertype_print() (bsc#1020940).

- CVE-2016-7927: The IEEE 802.11 parser in tcpdump had a buffer overflow in print-802_11.c:ieee802_11_radio_print() (bsc#1020940).

- CVE-2016-7928: The IPComp parser in tcpdump had a buffer overflow in print-ipcomp.c:ipcomp_print() (bsc#1020940).

- CVE-2016-7929: The Juniper PPPoE ATM parser in tcpdump had a buffer overflow in print-juniper.c:juniper_parse_header() (bsc#1020940).

- CVE-2016-7930: The LLC/SNAP parser in tcpdump had a buffer overflow in print-llc.c:llc_print() (bsc#1020940).

- CVE-2016-7931: The MPLS parser in tcpdump had a buffer overflow in print-mpls.c:mpls_print() (bsc#1020940).

- CVE-2016-7932: The PIM parser in tcpdump had a buffer overflow in print-pim.c:pimv2_check_checksum() (bsc#1020940).

- CVE-2016-7933: The PPP parser in tcpdump had a buffer overflow in print-ppp.c:ppp_hdlc_if_print() (bsc#1020940).

- CVE-2016-7934: The RTCP parser in tcpdump had a buffer overflow in print-udp.c:rtcp_print() (bsc#1020940).

- CVE-2016-7935: The RTP parser in tcpdump had a buffer overflow in print-udp.c:rtp_print() (bsc#1020940).

- CVE-2016-7936: The UDP parser in tcpdump had a buffer overflow in print-udp.c:udp_print() (bsc#1020940).

- CVE-2016-7937: The VAT parser in tcpdump had a buffer overflow in print-udp.c:vat_print() (bsc#1020940).

- CVE-2016-7938: The ZeroMQ parser in tcpdump had an integer overflow in print-zeromq.c:zmtp1_print_frame() (bsc#1020940).

- CVE-2016-7939: The GRE parser in tcpdump had a buffer overflow in print-gre.c, multiple functions (bsc#1020940).

- CVE-2016-7940: The STP parser in tcpdump had a buffer overflow in print-stp.c, multiple functions (bsc#1020940).

- CVE-2016-7973: The AppleTalk parser in tcpdump had a buffer overflow in print-atalk.c, multiple functions (bsc#1020940).

- CVE-2016-7974: The IP parser in tcpdump had a buffer overflow in print-ip.c, multiple functions (bsc#1020940).

- CVE-2016-7975: The TCP parser in tcpdump had a buffer overflow in print-tcp.c:tcp_print() (bsc#1020940).

- CVE-2016-7983: The BOOTP parser in tcpdump had a buffer overflow in print-bootp.c:bootp_print() (bsc#1020940).

- CVE-2016-7984: The TFTP parser in tcpdump had a buffer overflow in print-tftp.c:tftp_print() (bsc#1020940).

- CVE-2016-7985: The CALM FAST parser in tcpdump had a buffer overflow in print-calm-fast.c:calm_fast_print() (bsc#1020940).

- CVE-2016-7986: The GeoNetworking parser in tcpdump had a buffer overflow in print-geonet.c, multiple functions (bsc#1020940).

- CVE-2016-7992: The Classical IP over ATM parser in tcpdump had a buffer overflow in print-cip.c:cip_if_print() (bsc#1020940).

- CVE-2016-7993: A bug in util-print.c:relts_print() in tcpdump could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM) (bsc#1020940).

- CVE-2016-8574: The FRF.15 parser in tcpdump had a buffer overflow in print-fr.c:frf15_print() (bsc#1020940).

- CVE-2016-8575: The Q.933 parser in tcpdump had a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482 (bsc#1020940).

- CVE-2017-5202: The ISO CLNS parser in tcpdump had a buffer overflow in print-isoclns.c:clnp_print() (bsc#1020940).

- CVE-2017-5203: The BOOTP parser in tcpdump had a buffer overflow in print-bootp.c:bootp_print() (bsc#1020940).

- CVE-2017-5204: The IPv6 parser in tcpdump had a buffer overflow in print-ip6.c:ip6_print() (bsc#1020940).

- CVE-2017-5205: The ISAKMP parser in tcpdump had a buffer overflow in print-isakmp.c:ikev2_e_print() (bsc#1020940).

- CVE-2017-5341: The OTV parser in tcpdump had a buffer overflow in print-otv.c:otv_print() (bsc#1020940).

- CVE-2017-5342: In tcpdump a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print() (bsc#1020940).

- CVE-2017-5482: The Q.933 parser in tcpdump had a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575 (bsc#1020940).

- CVE-2017-5483: The SNMP parser in tcpdump had a buffer overflow in print-snmp.c:asn1_parse() (bsc#1020940).

- CVE-2017-5484: The ATM parser in tcpdump had a buffer overflow in print-atm.c:sig_print() (bsc#1020940).

- CVE-2017-5485: The ISO CLNS parser in tcpdump had a buffer overflow in addrtoname.c:lookup_nsap() (bsc#1020940).

- CVE-2017-5486: The ISO CLNS parser in tcpdump had a buffer overflow in print-isoclns.c:clnp_print() (bsc#1020940).

- CVE-2015-3138: Fixed potential denial of service in print-wb.c (bsc#927637).

- CVE-2015-0261: Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump allowed remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value (bsc#922220).

- CVE-2015-2153: The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump allowed remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU) (bsc#922221).

- CVE-2015-2154: The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump allowed remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum value (bsc#922222).

- CVE-2015-2155: The force printer in tcpdump allowed remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors (bsc#922223).

- CVE-2014-8767: Integer underflow in the olsr_print function in tcpdump 3.9.6 when in verbose mode, allowed remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame (bsc#905870).

- CVE-2014-8768: Multiple Integer underflows in the geonet_print function in tcpdump when run in verbose mode, allowed remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame (bsc#905871).

- CVE-2014-8769: tcpdump might have allowed remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access (bsc#905872). These non-security issues were fixed in tcpdump :

- PPKI to Router Protocol: Fix Segmentation Faults and other problems

- RPKI to Router Protocol: print strings with fn_printn()

- Added a short option '#', same as long option '--number'

- nflog, mobile, forces, pptp, AODV, AHCP, IPv6, OSPFv4, RPL, DHCPv6 enhancements/fixes

- M3UA decode added.

- Added bittok2str().

- A number of unaligned access faults fixed

- The -A flag does not consider CR to be printable anymore

- fx.lebail took over coverity baby sitting

- Default snapshot size increased to 256K for accomodate USB captures These non-security issues were fixed in libpcap :

- Provide a -devel-static subpackage that contains the static libraries and all the extra dependencies which are not needed for dynamic linking.

- Fix handling of packet count in the TPACKET_V3 inner loop

- Filter out duplicate looped back CAN frames.

- Fix the handling of loopback filters for IPv6 packets.

- Add a link-layer header type for RDS (IEC 62106) groups.

- Handle all CAN captures with pcap-linux.c, in cooked mode.

- Removes the need for the 'host-endian' link-layer header type.

- Have separate DLTs for big-endian and host-endian SocketCAN headers.

- Properly check for sock_recv() errors.

- Re-impose some of Winsock's limitations on sock_recv().

- Replace sprintf() with pcap_snprintf().

- Fix signature of pcap_stats_ex_remote().

- Have rpcap_remoteact_getsock() return a SOCKET and supply an 'is active' flag.

- Clean up {DAG, Septel, Myricom SNF}-only builds.

- pcap_create_interface() needs the interface name on Linux.

- Clean up hardware time stamp support: the 'any' device does not support any time stamp types.

- Recognize 802.1ad nested VLAN tag in vlan filter.

- Support for filtering Geneve encapsulated packets.

- Fix handling of zones for BPF on Solaris

- Added bpf_filter1() with extensions

- EBUSY can now be returned by SNFv3 code.

- Don't crash on filters testing a non-existent link-layer type field.

- Fix sending in non-blocking mode on Linux with memory-mapped capture.

- Fix timestamps when reading pcap-ng files on big-endian machines.

- Fixes for byte order issues with NFLOG captures

- Handle using cooked mode for DLT_NETLINK in activate_new().

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
https://bugzilla.suse.com/1020940
https://bugzilla.suse.com/1035686
https://bugzilla.suse.com/905870
https://bugzilla.suse.com/905871
https://bugzilla.suse.com/905872
https://bugzilla.suse.com/922220
https://bugzilla.suse.com/922221
https://bugzilla.suse.com/922222
https://bugzilla.suse.com/922223
https://bugzilla.suse.com/927637
https://www.suse.com/security/cve/CVE-2014-8767.html
https://www.suse.com/security/cve/CVE-2014-8768.html
https://www.suse.com/security/cve/CVE-2014-8769.html
https://www.suse.com/security/cve/CVE-2015-0261.html
https://www.suse.com/security/cve/CVE-2015-2153.html
https://www.suse.com/security/cve/CVE-2015-2154.html
https://www.suse.com/security/cve/CVE-2015-2155.html
https://www.suse.com/security/cve/CVE-2015-3138.html
https://www.suse.com/security/cve/CVE-2016-7922.html
https://www.suse.com/security/cve/CVE-2016-7923.html
https://www.suse.com/security/cve/CVE-2016-7924.html
https://www.suse.com/security/cve/CVE-2016-7925.html
https://www.suse.com/security/cve/CVE-2016-7926.html
https://www.suse.com/security/cve/CVE-2016-7927.html
https://www.suse.com/security/cve/CVE-2016-7928.html
https://www.suse.com/security/cve/CVE-2016-7929.html
https://www.suse.com/security/cve/CVE-2016-7930.html
https://www.suse.com/security/cve/CVE-2016-7931.html
https://www.suse.com/security/cve/CVE-2016-7932.html
https://www.suse.com/security/cve/CVE-2016-7933.html
https://www.suse.com/security/cve/CVE-2016-7934.html
https://www.suse.com/security/cve/CVE-2016-7935.html
https://www.suse.com/security/cve/CVE-2016-7936.html
https://www.suse.com/security/cve/CVE-2016-7937.html
https://www.suse.com/security/cve/CVE-2016-7938.html
https://www.suse.com/security/cve/CVE-2016-7939.html
https://www.suse.com/security/cve/CVE-2016-7940.html
https://www.suse.com/security/cve/CVE-2016-7973.html
https://www.suse.com/security/cve/CVE-2016-7974.html
https://www.suse.com/security/cve/CVE-2016-7975.html
https://www.suse.com/security/cve/CVE-2016-7983.html
https://www.suse.com/security/cve/CVE-2016-7984.html
https://www.suse.com/security/cve/CVE-2016-7985.html
https://www.suse.com/security/cve/CVE-2016-7986.html
https://www.suse.com/security/cve/CVE-2016-7992.html
https://www.suse.com/security/cve/CVE-2016-7993.html
https://www.suse.com/security/cve/CVE-2016-8574.html
https://www.suse.com/security/cve/CVE-2016-8575.html
https://www.suse.com/security/cve/CVE-2017-5202.html
https://www.suse.com/security/cve/CVE-2017-5203.html
https://www.suse.com/security/cve/CVE-2017-5204.html
https://www.suse.com/security/cve/CVE-2017-5205.html
https://www.suse.com/security/cve/CVE-2017-5341.html
https://www.suse.com/security/cve/CVE-2017-5342.html
https://www.suse.com/security/cve/CVE-2017-5482.html
https://www.suse.com/security/cve/CVE-2017-5483.html
https://www.suse.com/security/cve/CVE-2017-5484.html
https://www.suse.com/security/cve/CVE-2017-5485.html
https://www.suse.com/security/cve/CVE-2017-5486.html
http://www.nessus.org/u?f10360a5
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch SUSE-SLE-WE-12-SP2-2017-644=1

SUSE Linux Enterprise Workstation Extension 12-SP1:zypper in -t patch SUSE-SLE-WE-12-SP1-2017-644=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-644=1

SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-644=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-644=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-644=1

SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-644=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-644=1

SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-644=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
BID 73021
BID 73019
BID 73018
BID 73017
BID 71155
BID 71153
BID 71150
CVE CVE-2017-5486
CVE CVE-2017-5485
CVE CVE-2017-5484
CVE CVE-2017-5483
CVE CVE-2017-5482
CVE CVE-2017-5342
CVE CVE-2017-5341
CVE CVE-2017-5205
CVE CVE-2017-5204
CVE CVE-2017-5203
CVE CVE-2017-5202
CVE CVE-2016-8575
CVE CVE-2016-8574
CVE CVE-2016-7993
CVE CVE-2016-7992
CVE CVE-2016-7986
CVE CVE-2016-7985
CVE CVE-2016-7984
CVE CVE-2016-7983
CVE CVE-2016-7975
CVE CVE-2016-7974
CVE CVE-2016-7973
CVE CVE-2016-7940
CVE CVE-2016-7939
CVE CVE-2016-7938
CVE CVE-2016-7937
CVE CVE-2016-7936
CVE CVE-2016-7935
CVE CVE-2016-7934
CVE CVE-2016-7933
CVE CVE-2016-7932
CVE CVE-2016-7931
CVE CVE-2016-7930
CVE CVE-2016-7929
CVE CVE-2016-7928
CVE CVE-2016-7927
CVE CVE-2016-7926
CVE CVE-2016-7925
CVE CVE-2016-7924
CVE CVE-2016-7923
CVE CVE-2016-7922
CVE CVE-2015-3138
CVE CVE-2015-2155
CVE CVE-2015-2154
CVE CVE-2015-2153
CVE CVE-2015-0261
CVE CVE-2014-8769
CVE CVE-2014-8768
CVE CVE-2014-8767
XREF OSVDB:151132
XREF OSVDB:151131
XREF OSVDB:151130
XREF OSVDB:151129
XREF OSVDB:151128
XREF OSVDB:151126
XREF OSVDB:151125
XREF OSVDB:151124
XREF OSVDB:151123
XREF OSVDB:151122
XREF OSVDB:151121
XREF OSVDB:151120
XREF OSVDB:151119
XREF OSVDB:151117
XREF OSVDB:151116
XREF OSVDB:151115
XREF OSVDB:151114
XREF OSVDB:151113
XREF OSVDB:151112
XREF OSVDB:151111
XREF OSVDB:151110
XREF OSVDB:151109
XREF OSVDB:151108
XREF OSVDB:151107
XREF OSVDB:151106
XREF OSVDB:151105
XREF OSVDB:151104
XREF OSVDB:151103
XREF OSVDB:151100
XREF OSVDB:151099
XREF OSVDB:151098
XREF OSVDB:151097
XREF OSVDB:151096
XREF OSVDB:151095
XREF OSVDB:151094
XREF OSVDB:151093
XREF OSVDB:151092
XREF OSVDB:151091
XREF OSVDB:151090
XREF OSVDB:151089
XREF OSVDB:151088
XREF OSVDB:119965
XREF OSVDB:119421
XREF OSVDB:119420
XREF OSVDB:119419
XREF OSVDB:119418
XREF OSVDB:114740
XREF OSVDB:114739
XREF OSVDB:114738
Plugin Information:
Published: 2017/04/27, Modified: 2017/05/03
Plugin Output

tcp/0


Remote package installed : libpcap1-1.5.3-6.1
Should be : libpcap1-1.8.1-9.1

Remote package installed : tcpdump-4.5.1-10.1
Should be : tcpdump-4.9.0-13.1
99964 - SUSE SLED12 / SLES12 Security Update : graphite2 (SUSE-SU-2017:1149-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for graphite2 fixes one issue. This security issues was fixed :

- CVE-2017-5436: An out-of-bounds write triggered with a maliciously crafted Graphite font could lead to a crash or potentially code execution (bsc#1035204).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-668=1

SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-668=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-668=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-668=1

SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-668=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-668=1

SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-668=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.9 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-5436
XREF OSVDB:156139
Plugin Information:
Published: 2017/05/03, Modified: 2017/08/16
Plugin Output

tcp/0


Remote package installed : libgraphite2-3-1.3.1-6.1
Should be : libgraphite2-3-1.3.1-9.1

Remote package installed : libgraphite2-3-32bit-1.3.1-6.1
Should be : libgraphite2-3-32bit-1.3.1-9.1
100023 - SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1183-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.58 to receive various security and bugfixes. Notable new/improved features :

- Improved support for Hyper-V

- Support for Matrox G200eH3

- Support for tcp_westwood The following security bugs were fixed :

- CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel was too late in obtaining a certain lock and consequently could not ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003).

- CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bnc#1031579).

- CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440).

- CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052).

- CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213).

- CVE-2017-7374: Use-after-free vulnerability in fs/crypto/ in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely (bnc#1032006).

- CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415).

- CVE-2017-6345: The LLC subsystem in the Linux kernel did not ensure that a certain destructor exists in required circumstances, which allowed local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls (bnc#1027190).

- CVE-2017-6346: Race condition in net/packet/af_packet.c in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that made PACKET_FANOUT setsockopt system calls (bnc#1027189).

- CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986 (bnc#1027066).

- CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722).

- CVE-2016-2117: The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel incorrectly enables scatter/gather I/O, which allowed remote attackers to obtain sensitive information from kernel memory by reading packet data (bnc#968697).

- CVE-2017-6347: The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel had incorrect expectations about skb data layout, which allowed local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system calls, as demonstrated by use of the MSG_MORE flag in conjunction with loopback UDP transmission (bnc#1027179).

- CVE-2016-9191: The cgroup offline implementation in the Linux kernel mishandled certain drain operations, which allowed local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application (bnc#1008842).

- CVE-2017-2596: The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel improperly emulated the VMXON instruction, which allowed KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references (bnc#1022785).

- CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024). The following non-security bugs were fixed :

- ACPI, ioapic: Clear on-stack resource before using it (bsc#1028819).

- ACPI: Do not create a platform_device for IOAPIC/IOxAPIC (bsc#1028819).

- ACPI: Remove platform devices from a bus on removal (bsc#1028819).

- HID: usbhid: Quirk a AMI virtual mouse and keyboard with ALWAYS_POLL (bsc#1022340).

- NFS: do not try to cross a mountpount when there isn't one there (bsc#1028041).

- NFS: flush out dirty data on file fput() (bsc#1021762).

- PCI: hv: Fix wslot_to_devfn() to fix warnings on device removal (bug#1028217).

- PCI: hv: Use device serial number as PCI domain (bug#1028217).

- RAID1: a new I/O barrier implementation to remove resync window (bsc#998106,bsc#1020048,bsc#982783).

- RAID1: avoid unnecessary spin locks in I/O barrier code (bsc#998106,bsc#1020048,bsc#982783).

- Revert 'RDMA/core: Fix incorrect structure packing for booleans' (kabi).

- Revert 'give up on gcc ilog2() constant optimizations' (kabi).

- Revert 'net/mlx4_en: Avoid unregister_netdev at shutdown flow' (bsc#1028017).

- Revert 'net: introduce device min_header_len' (kabi).

- Revert 'nfit, libnvdimm: fix interleave set cookie calculation' (kabi).

- Revert 'target: Fix NULL dereference during LUN lookup + active I/O shutdown' (kabi).

- acpi, nfit: fix acpi_nfit_flush_probe() crash (bsc#1031717).

- acpi, nfit: fix extended status translations for ACPI DSMs (bsc#1031717).

- arm64: Use full path in KBUILD_IMAGE definition (bsc#1010032).

- arm64: hugetlb: fix the wrong address for several functions (bsc#1032681).

- arm64: hugetlb: fix the wrong return value for huge_ptep_set_access_flags (bsc#1032681).

- arm64: hugetlb: remove the wrong pmd check in find_num_contig() (bsc#1032681).

- arm: Use full path in KBUILD_IMAGE definition (bsc#1010032).

- bnx2x: allow adding VLANs while interface is down (bsc#1027273).

- bonding: fix 802.3ad aggregator reselection (bsc#1029514).

- btrfs: Change qgroup_meta_rsv to 64bit (bsc#1019614).

- btrfs: allow unlink to exceed subvolume quota (bsc#1019614).

- btrfs: backref: Fix soft lockup in __merge_refs function (bsc#1017641).

- btrfs: incremental send, do not delay rename when parent inode is new (bsc#1028325).

- btrfs: incremental send, do not issue invalid rmdir operations (bsc#1028325).

- btrfs: qgroup: Move half of the qgroup accounting time out of commit trans (bsc#1017461).

- btrfs: qgroups: Retry after commit on getting EDQUOT (bsc#1019614).

- btrfs: send, fix failure to rename top level inode due to name collision (bsc#1028325).

- btrfs: serialize subvolume mounts with potentially mismatching rw flags (bsc#951844 bsc#1024015)

- cgroup/pids: remove spurious suspicious RCU usage warning (bnc#1031831).

- crypto: algif_hash - avoid zero-sized array (bnc#1007962).

- cxgb4vf: do not offload Rx checksums for IPv6 fragments (bsc#1026692).

- device-dax: fix private mapping restriction, permit read-only (bsc#1031717).

- drm/i915: Add intel_uncore_suspend / resume functions (bsc#1011913).

- drm/i915: Fix crash after S3 resume with DP MST mode change (bsc#1029634).

- drm/i915: Listen for PMIC bus access notifications (bsc#1011913).

- drm/i915: Only enable hotplug interrupts if the display interrupts are enabled (bsc#1031717).

- drm/mgag200: Added support for the new device G200eH3 (bsc#1007959)

- ext4: fix fencepost in s_first_meta_bg validation (bsc#1029986).

- futex: Add missing error handling to FUTEX_REQUEUE_PI (bsc#969755).

- futex: Fix potential use-after-free in FUTEX_REQUEUE_PI (bsc#969755).

- hv: export current Hyper-V clocksource (bsc#1031206).

- hv: util: do not forget to init host_ts.lock (bsc#1031206).

- hv: vmbus: Prevent sending data on a rescinded channel (bug#1028217).

- hv_utils: implement Hyper-V PTP source (bsc#1031206).

- i2c-designware: increase timeout (bsc#1011913).

- i2c: designware-baytrail: Acquire P-Unit access on bus acquire (bsc#1011913).

- i2c: designware-baytrail: Call pmic_bus_access_notifier_chain (bsc#1011913).

- i2c: designware-baytrail: Fix race when resetting the semaphore (bsc#1011913).

- i2c: designware-baytrail: Only check iosf_mbi_available() for shared hosts (bsc#1011913).

- i2c: designware: Disable pm for PMIC i2c-bus even if there is no _SEM method (bsc#1011913).

- i2c: designware: Never suspend i2c-busses used for accessing the system PMIC (bsc#1011913).

- i2c: designware: Rename accessor_flags to flags (bsc#1011913).

- iommu/vt-d: Make sure IOMMUs are off when intel_iommu=off (bsc#1031208).

- kABI: protect struct iscsi_conn (kabi).

- kABI: protect struct se_node_acl (kabi).

- kABI: restore can_rx_register parameters (kabi).

- kgr/module: make a taint flag module-specific

- kgr: Mark eeh_event_handler() kthread safe using a timeout (bsc#1031662).

- kgr: remove all arch-specific kgraft header files

- l2tp: fix address test in __l2tp_ip6_bind_lookup() (bsc#1028415).

- l2tp: fix lookup for sockets not bound to a device in l2tp_ip (bsc#1028415).

- l2tp: fix racy socket lookup in l2tp_ip and l2tp_ip6 bind() (bsc#1028415).

- l2tp: hold socket before dropping lock in l2tp_ip{, 6}_recv() (bsc#1028415).

- l2tp: hold tunnel socket when handling control frames in l2tp_ip and l2tp_ip6 (bsc#1028415).

- l2tp: lock socket before checking flags in connect() (bsc#1028415).

- libnvdimm, pfn: fix memmap reservation size versus 4K alignment (bsc#1031717).

- locking/semaphore: Add down_interruptible_timeout() (bsc#1031662).

- md/raid1: Refactor raid1_make_request (bsc#998106,bsc#1020048,bsc#982783).

- md/raid1: add rcu protection to rdev in fix_read_error (References: bsc#998106,bsc#1020048,bsc#982783).

- md/raid1: fix a use-after-free bug (bsc#998106,bsc#1020048,bsc#982783).

- md/raid1: handle flush request correctly (bsc#998106,bsc#1020048,bsc#982783).

- mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp (bnc#1030118).

- mm/memblock.c: fix memblock_next_valid_pfn() (bnc#1031200).

- mm/page_alloc: Remove useless parameter of
__free_pages_boot_core (bnc#1027195).

- mm: fix set pageblock migratetype in deferred struct page init (bnc#1027195).

- mm: page_alloc: skip over regions of invalid pfns where possible (bnc#1031200).

- module: move add_taint_module() to a header file

- net/ena: change condition for host attribute configuration (bsc#1026509).

- net/ena: change driver's default timeouts (bsc#1026509).

- net/ena: fix NULL dereference when removing the driver after device reset failed (bsc#1026509).

- net/ena: fix RSS default hash configuration (bsc#1026509).

- net/ena: fix ethtool RSS flow configuration (bsc#1026509).

- net/ena: fix potential access to freed memory during device reset (bsc#1026509).

- net/ena: fix queues number calculation (bsc#1026509).

- net/ena: reduce the severity of ena printouts (bsc#1026509).

- net/ena: refactor ena_get_stats64 to be atomic context safe (bsc#1026509).

- net/ena: remove ntuple filter support from device feature list (bsc#1026509).

- net/ena: update driver version to 1.1.2 (bsc#1026509).

- net/ena: use READ_ONCE to access completion descriptors (bsc#1026509).

- net/mlx4_core: Avoid command timeouts during VF driver device shutdown (bsc#1028017).

- net/mlx4_core: Avoid delays during VF driver device shutdown (bsc#1028017).

- net/mlx4_core: Fix racy CQ (Completion Queue) free (bsc#1028017).

- net/mlx4_core: Fix when to save some qp context flags for dynamic VST to VGT transitions (bsc#1028017).

- net/mlx4_core: Use cq quota in SRIOV when creating completion EQs (bsc#1028017).

- net/mlx4_en: Fix bad WQE issue (bsc#1028017).

- net: ena: Fix error return code in ena_device_init() (bsc#1026509).

- net: ena: Remove unnecessary pci_set_drvdata() (bsc#1026509).

- net: ena: change the return type of ena_set_push_mode() to be void (bsc#1026509).

- net: ena: remove superfluous check in ena_remove() (bsc#1026509).

- net: ena: use setup_timer() and mod_timer() (bsc#1026509).

- netfilter: allow logging from non-init namespaces (bsc#970083).

- nvme: Do not suspend admin queue that wasn't created (bsc#1026505).

- nvme: Suspend all queues before deletion (bsc#1026505).

- ping: implement proper locking (bsc#1031003).

- powerpc: Blacklist GCC 5.4 6.1 and 6.2 (boo#1028895).

- rtlwifi: rtl_usb: Fix missing entry in USB driver's private data (bsc#1026462).

- s390/kmsg: add missing kmsg descriptions (bnc#1025683).

- s390/mm: fix zone calculation in arch_add_memory() (bnc#1025683).

- sched/loadavg: Avoid loadavg spikes caused by delayed NO_HZ accounting (bsc#1018419).

- scsi: do not print 'reservation conflict' for TEST UNIT READY (bsc#1027054).

- scsi_dh_alua: Do not modify the interval value for retries (bsc#1012910).

- softirq: Let ksoftirqd do its job (bsc#1019618).

- x86, mm: fix gup_pte_range() vs DAX mappings (bsc#1026405).

- x86/apic/uv: Silence a shift wrapping warning (bsc#1023866).

- x86/ioapic: Change prototype of acpi_ioapic_add() (bsc#1027153, bsc#1027616).

- x86/ioapic: Fix IOAPIC failing to request resource (bsc#1027153, bsc#1027616).

- x86/ioapic: Fix incorrect pointers in ioapic_setup_resources() (bsc#1027153, bsc#1027616).

- x86/ioapic: Fix lost IOAPIC resource after hot-removal and hotadd (bsc#1027153, bsc#1027616).

- x86/ioapic: Fix setup_res() failing to get resource (bsc#1027153, bsc#1027616).

- x86/ioapic: Ignore root bridges without a companion ACPI device (bsc#1027153, bsc#1027616).

- x86/ioapic: Simplify ioapic_setup_resources() (bsc#1027153, bsc#1027616).

- x86/ioapic: Support hot-removal of IOAPICs present during boot (bsc#1027153, bsc#1027616).

- x86/ioapic: fix kABI (hide added include) (bsc#1027153, bsc#1027616).

- x86/mce: Do not print MCEs when mcelog is active (bsc#1013994).

- x86/mce: Fix copy/paste error in exception table entries

- x86/mm/gup: Simplify get_user_pages() PTE bit handling (bsc#1026405).

- x86/platform/UV: Add Support for UV4 Hubless NMIs (bsc#1023866).

- x86/platform/UV: Add Support for UV4 Hubless systems (bsc#1023866).

- x86/platform/UV: Add basic CPU NMI health check (bsc#1023866).

- x86/platform/UV: Clean up the NMI code to match current coding style (bsc#1023866).

- x86/platform/UV: Clean up the UV APIC code (bsc#1023866).

- x86/platform/UV: Ensure uv_system_init is called when necessary (bsc#1023866).

- x86/platform/UV: Fix 2 socket config problem (bsc#1023866).

- x86/platform/UV: Fix panic with missing UVsystab support (bsc#1023866).

- x86/platform/UV: Initialize PCH GPP_D_0 NMI Pin to be NMI source (bsc#1023866).

- x86/platform/UV: Verify NMI action is valid, default is standard (bsc#1023866).

- x86/platform/intel/iosf_mbi: Add a PMIC bus access notifier (bsc#1011913).

- x86/platform/intel/iosf_mbi: Add a mutex for P-Unit access (bsc#1011913).

- x86/platform: Remove warning message for duplicate NMI handlers (bsc#1029220).

- x86/ras/therm_throt: Do not log a fake MCE for thermal events (bsc#1028027).

- xen-blkfront: correct maximum segment accounting (bsc#1018263).

- xen-blkfront: do not call talk_to_blkback when already connected to blkback.

- xen-blkfront: free resources if xlvbd_alloc_gendisk fails.

- xen/blkfront: Fix crash if backend does not follow the right states.

- xen/netback: set default upper limit of tx/rx queues to 8 (bnc#1019163).

- xen/netfront: set default upper limit of tx/rx queues to 8 (bnc#1019163).

- xen: Use machine addresses in /sys/kernel/vmcoreinfo when PV (bsc#1014136)

- xfs: do not take the IOLOCK exclusive for direct I/O page invalidation (bsc#1015609).

- xgene_enet: remove bogus forward declarations (bsc#1032673).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
https://bugzilla.suse.com/1007959
https://bugzilla.suse.com/1007962
https://bugzilla.suse.com/1008842
https://bugzilla.suse.com/1010032
https://bugzilla.suse.com/1011913
https://bugzilla.suse.com/1012382
https://bugzilla.suse.com/1012910
https://bugzilla.suse.com/1013994
https://bugzilla.suse.com/1014136
https://bugzilla.suse.com/1015609
https://bugzilla.suse.com/1017461
https://bugzilla.suse.com/1017641
https://bugzilla.suse.com/1018263
https://bugzilla.suse.com/1018419
https://bugzilla.suse.com/1019163
https://bugzilla.suse.com/1019614
https://bugzilla.suse.com/1019618
https://bugzilla.suse.com/1020048
https://bugzilla.suse.com/1021762
https://bugzilla.suse.com/1022340
https://bugzilla.suse.com/1022785
https://bugzilla.suse.com/1023866
https://bugzilla.suse.com/1024015
https://bugzilla.suse.com/1025683
https://bugzilla.suse.com/1026024
https://bugzilla.suse.com/1026405
https://bugzilla.suse.com/1026462
https://bugzilla.suse.com/1026505
https://bugzilla.suse.com/1026509
https://bugzilla.suse.com/1026692
https://bugzilla.suse.com/1026722
https://bugzilla.suse.com/1027054
https://bugzilla.suse.com/1027066
https://bugzilla.suse.com/1027153
https://bugzilla.suse.com/1027179
https://bugzilla.suse.com/1027189
https://bugzilla.suse.com/1027190
https://bugzilla.suse.com/1027195
https://bugzilla.suse.com/1027273
https://bugzilla.suse.com/1027616
https://bugzilla.suse.com/1028017
https://bugzilla.suse.com/1028027
https://bugzilla.suse.com/1028041
https://bugzilla.suse.com/1028158
https://bugzilla.suse.com/1028217
https://bugzilla.suse.com/1028325
https://bugzilla.suse.com/1028415
https://bugzilla.suse.com/1028819
https://bugzilla.suse.com/1028895
https://bugzilla.suse.com/1029220
https://bugzilla.suse.com/1029514
https://bugzilla.suse.com/1029634
https://bugzilla.suse.com/1029986
https://bugzilla.suse.com/1030118
https://bugzilla.suse.com/1030213
https://bugzilla.suse.com/1031003
https://bugzilla.suse.com/1031052
https://bugzilla.suse.com/1031200
https://bugzilla.suse.com/1031206
https://bugzilla.suse.com/1031208
https://bugzilla.suse.com/1031440
https://bugzilla.suse.com/1031481
https://bugzilla.suse.com/1031579
https://bugzilla.suse.com/1031660
https://bugzilla.suse.com/1031662
https://bugzilla.suse.com/1031717
https://bugzilla.suse.com/1031831
https://bugzilla.suse.com/1032006
https://bugzilla.suse.com/1032673
https://bugzilla.suse.com/1032681
https://bugzilla.suse.com/897662
https://bugzilla.suse.com/951844
https://bugzilla.suse.com/968697
https://bugzilla.suse.com/969755
https://bugzilla.suse.com/970083
https://bugzilla.suse.com/977572
https://bugzilla.suse.com/977860
https://bugzilla.suse.com/978056
https://bugzilla.suse.com/980892
https://bugzilla.suse.com/981634
https://bugzilla.suse.com/982783
https://bugzilla.suse.com/987899
https://bugzilla.suse.com/988281
https://bugzilla.suse.com/991173
https://bugzilla.suse.com/998106
https://www.suse.com/security/cve/CVE-2016-10200.html
https://www.suse.com/security/cve/CVE-2016-2117.html
https://www.suse.com/security/cve/CVE-2016-9191.html
https://www.suse.com/security/cve/CVE-2017-2596.html
https://www.suse.com/security/cve/CVE-2017-2671.html
https://www.suse.com/security/cve/CVE-2017-6074.html
https://www.suse.com/security/cve/CVE-2017-6214.html
https://www.suse.com/security/cve/CVE-2017-6345.html
https://www.suse.com/security/cve/CVE-2017-6346.html
https://www.suse.com/security/cve/CVE-2017-6347.html
https://www.suse.com/security/cve/CVE-2017-6353.html
https://www.suse.com/security/cve/CVE-2017-7187.html
https://www.suse.com/security/cve/CVE-2017-7261.html
https://www.suse.com/security/cve/CVE-2017-7294.html
https://www.suse.com/security/cve/CVE-2017-7308.html
https://www.suse.com/security/cve/CVE-2017-7374.html
http://www.nessus.org/u?f0f706f7
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch SUSE-SLE-WE-12-SP2-2017-697=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-697=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-697=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-697=1

SUSE Linux Enterprise Live Patching 12:zypper in -t patch SUSE-SLE-Live-Patching-12-2017-697=1

SUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch SUSE-SLE-HA-12-SP2-2017-697=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-697=1

OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-697=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.4 (CVSS:3.0/E:P/RL:U/RC:C)
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.5 (CVSS2#E:POC/RL:U/RC:C)
References
CVE CVE-2017-7374
CVE CVE-2017-7308
CVE CVE-2017-7294
CVE CVE-2017-7261
CVE CVE-2017-7187
CVE CVE-2017-6353
CVE CVE-2017-6347
CVE CVE-2017-6346
CVE CVE-2017-6345
CVE CVE-2017-6214
CVE CVE-2017-6074
CVE CVE-2017-5986
CVE CVE-2017-2671
CVE CVE-2017-2596
CVE CVE-2016-9191
CVE CVE-2016-2117
CVE CVE-2016-10200
XREF OSVDB:154753
XREF OSVDB:154633
XREF OSVDB:154548
XREF OSVDB:154384
XREF OSVDB:154359
XREF OSVDB:154043
XREF OSVDB:153065
XREF OSVDB:152729
XREF OSVDB:152728
XREF OSVDB:152705
XREF OSVDB:152704
XREF OSVDB:152685
XREF OSVDB:152453
XREF OSVDB:152302
XREF OSVDB:152094
XREF OSVDB:151239
XREF OSVDB:146761
XREF OSVDB:135961
Exploitable With
Core Impact (true)
Plugin Information:
Published: 2017/05/08, Modified: 2017/08/16
Plugin Output

tcp/0


Remote package installed : kernel-default-4.4.21-84.1
Should be : kernel-default-4.4.59-92.17.3
100151 - SUSE SLED12 / SLES12 Security Update : MozillaFirefox, mozilla-nss, mozilla-nspr, java-1_8_0-openjdk (SUSE-SU-2017:1248-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
Mozilla Firefox was updated to the Firefox ESR release 45.9. Mozilla NSS was updated to support TLS 1.3 (close to release draft) and various new ciphers, PRFs, Diffie Hellman key agreement and support for more hashes. Security issues fixed in Firefox (bsc#1035082)

- MFSA 2017-11/CVE-2017-5469: Potential Buffer overflow in flex-generated code

- MFSA 2017-11/CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1

- MFSA 2017-11/CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing

- MFSA 2017-11/CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing

- MFSA 2017-11/CVE-2017-5437: Vulnerabilities in Libevent library

- MFSA 2017-11/CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2

- MFSA 2017-11/CVE-2017-5435: Use-after-free during transaction processing in the editor

- MFSA 2017-11/CVE-2017-5434: Use-after-free during focus handling

- MFSA 2017-11/CVE-2017-5433: Use-after-free in SMIL animation functions

- MFSA 2017-11/CVE-2017-5432: Use-after-free in text input selection

- MFSA 2017-11/CVE-2017-5464: Memory corruption with accessibility and DOM manipulation

- MFSA 2017-11/CVE-2017-5465: Out-of-bounds read in ConvolvePixel

- MFSA 2017-11/CVE-2017-5460: Use-after-free in frame selection

- MFSA 2017-11/CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor

- MFSA 2017-11/CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data

- MFSA 2017-11/CVE-2017-5447: Out-of-bounds read during glyph processing

- MFSA 2017-11/CVE-2017-5444: Buffer overflow while parsing application/http-index-format content

- MFSA 2017-11/CVE-2017-5445: Uninitialized values used while parsing application/http-index-format content

- MFSA 2017-11/CVE-2017-5442: Use-after-free during style changes

- MFSA 2017-11/CVE-2017-5443: Out-of-bounds write during BinHex decoding

- MFSA 2017-11/CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT processing

- MFSA 2017-11/CVE-2017-5441: Use-after-free with selection during scroll events

- MFSA 2017-11/CVE-2017-5459: Buffer overflow in WebGL Mozilla NSS was updated to 3.29.5, bringing new features and fixing bugs :

- Update to NSS 3.29.5 :

- MFSA 2017-11/CVE-2017-5461: Rare crashes in the base 64 decoder and encoder were fixed.

- MFSA 2017-11/CVE-2017-5462: A carry over bug in the RNG was fixed.

- CVE-2016-9574: Remote DoS during session handshake when using SessionTicket extention and ECDHE-ECDSA (bsc#1015499).

- requires NSPR >= 4.13.1

- Update to NSS 3.29.3

- enables TLS 1.3 by default

- Fixed a bug in hash computation (and build with GCC 7 which complains about shifts of boolean values).
(bsc#1030071, bmo#1348767)

- Update to NSS 3.28.3 This is a patch release to fix binary compatibility issues.

- Update to NSS 3.28.1 This is a patch release to update the list of root CA certificates.

- The following CA certificates were Removed CN = Buypass Class 2 CA 1 CN = Root CA Generalitat Valenciana OU = RSA Security 2048 V3

- The following CA certificates were Added OU = AC RAIZ FNMT-RCM CN = Amazon Root CA 1 CN = Amazon Root CA 2 CN = Amazon Root CA 3 CN = Amazon Root CA 4 CN = LuxTrust Global Root 2 CN = Symantec Class 1 Public Primary Certification Authority - G4 CN = Symantec Class 1 Public Primary Certification Authority - G6 CN = Symantec Class 2 Public Primary Certification Authority
- G4 CN = Symantec Class 2 Public Primary Certification Authority - G6

- The version number of the updated root CA list has been set to 2.11

- Update to NSS 3.28 New functionality :

- NSS includes support for TLS 1.3 draft -18. This includes a number of improvements to TLS 1.3 :

- The signed certificate timestamp, used in certificate transparency, is supported in TLS 1.3.

- Key exporters for TLS 1.3 are supported. This includes the early key exporter, which can be used if 0-RTT is enabled. Note that there is a difference between TLS 1.3 and key exporters in older versions of TLS. TLS 1.3 does not distinguish between an empty context and no context.

- The TLS 1.3 (draft) protocol can be enabled, by defining NSS_ENABLE_TLS_1_3=1 when building NSS.

- NSS includes support for the X25519 key exchange algorithm, which is supported and enabled by default in all versions of TLS. Notable Changes :

- NSS can no longer be compiled with support for additional elliptic curves. This was previously possible by replacing certain NSS source files.

- NSS will now detect the presence of tokens that support additional elliptic curves and enable those curves for use in TLS. Note that this detection has a one-off performance cost, which can be avoided by using the SSL_NamedGroupConfig function to limit supported groups to those that NSS provides.

- PKCS#11 bypass for TLS is no longer supported and has been removed.

- Support for 'export' grade SSL/TLS cipher suites has been removed.

- NSS now uses the signature schemes definition in TLS 1.3. This also affects TLS 1.2. NSS will now only generate signatures with the combinations of hash and signature scheme that are defined in TLS 1.3, even when negotiating TLS 1.2.

- This means that SHA-256 will only be used with P-256 ECDSA certificates, SHA-384 with P-384 certificates, and SHA-512 with P-521 certificates. SHA-1 is permitted (in TLS 1.2 only) with any certificate for backward compatibility reasons.

- NSS will now no longer assume that default signature schemes are supported by a peer if there was no commonly supported signature scheme.

- NSS will now check if RSA-PSS signing is supported by the token that holds the private key prior to using it for TLS.

- The certificate validation code contains checks to no longer trust certificates that are issued by old WoSign and StartCom CAs after October 21, 2016. This is equivalent to the behavior that Mozilla will release with Firefox 51.

- Update to NSS 3.27.2

- Fixed SSL_SetTrustAnchors leaks (bmo#1318561)

- raised the minimum softokn/freebl version to 3.28 as reported in (boo#1021636)

- Update to NSS 3.26.2 New Functionality :

- the selfserv test utility has been enhanced to support ALPN (HTTP/1.1) and 0-RTT

- added support for the System-wide crypto policy available on Fedora Linux see http://fedoraproject.org/wiki/Changes/CryptoPolicy

- introduced build flag NSS_DISABLE_LIBPKIX that allows compilation of NSS without the libpkix library Notable Changes :

- The following CA certificate was Added CN = ISRG Root X1

- NPN is disabled and ALPN is enabled by default

- the NSS test suite now completes with the experimental TLS 1.3 code enabled

- several test improvements and additions, including a NIST known answer test Changes in 3.26.2

- MD5 signature algorithms sent by the server in CertificateRequest messages are now properly ignored.
Previously, with rare server configurations, an MD5 signature algorithm might have been selected for client authentication and caused the client to abort the connection soon after.

- Update to NSS 3.25 New functionality :

- Implemented DHE key agreement for TLS 1.3

- Added support for ChaCha with TLS 1.3

- Added support for TLS 1.2 ciphersuites that use SHA384 as the PRF

- In previous versions, when using client authentication with TLS 1.2, NSS only supported certificate_verify messages that used the same signature hash algorithm as used by the PRF. This limitation has been removed.
Notable changes :

- An SSL socket can no longer be configured to allow both TLS 1.3 and SSLv3

- Regression fix: NSS no longer reports a failure if an application attempts to disable the SSLv2 protocol.

- The list of trusted CA certificates has been updated to version 2.8

- The following CA certificate was Removed Sonera Class1 CA

- The following CA certificates were Added Hellenic Academic and Research Institutions RootCA 2015 Hellenic Academic and Research Institutions ECC RootCA 2015 Certplus Root CA G1 Certplus Root CA G2 OpenTrust Root CA G1 OpenTrust Root CA G2 OpenTrust Root CA G3

- Update to NSS 3.24 New functionality :

- NSS softoken has been updated with the latest National Institute of Standards and Technology (NIST) guidance (as of 2015) :

- Software integrity checks and POST functions are executed on shared library load. These checks have been disabled by default, as they can cause a performance regression. To enable these checks, you must define symbol NSS_FORCE_FIPS when building NSS.

- Counter mode and Galois/Counter Mode (GCM) have checks to prevent counter overflow.

- Additional CSPs are zeroed in the code.

- NSS softoken uses new guidance for how many Rabin-Miller tests are needed to verify a prime based on prime size.

- NSS softoken has also been updated to allow NSS to run in FIPS Level 1 (no password). This mode is triggered by setting the database password to the empty string. In FIPS mode, you may move from Level 1 to Level 2 (by setting an appropriate password), but not the reverse.

- A SSL_ConfigServerCert function has been added for configuring SSL/TLS server sockets with a certificate and private key. Use this new function in place of SSL_ConfigSecureServer, SSL_ConfigSecureServerWithCertChain, SSL_SetStapledOCSPResponses, and SSL_SetSignedCertTimestamps. SSL_ConfigServerCert automatically determines the certificate type from the certificate and private key. The caller is no longer required to use SSLKEAType explicitly to select a 'slot' into which the certificate is configured (which incorrectly identifies a key agreement type rather than a certificate). Separate functions for configuring Online Certificate Status Protocol (OCSP) responses or Signed Certificate Timestamps are not needed, since these can be added to the optional SSLExtraServerCertData struct provided to SSL_ConfigServerCert. Also, partial support for RSA Probabilistic Signature Scheme (RSA-PSS) certificates has been added. Although these certificates can be configured, they will not be used by NSS in this version.

- Deprecate the member attribute authAlgorithm of type SSLCipherSuiteInfo. Instead, applications should use the newly added attribute authType.

- Add a shared library (libfreeblpriv3) on Linux platforms that define FREEBL_LOWHASH.

- Remove most code related to SSL v2, including the ability to actively send a SSLv2-compatible client hello. However, the server-side implementation of the SSL/TLS protocol still supports processing of received v2-compatible client hello messages.

- Disable (by default) NSS support in optimized builds for logging SSL/TLS key material to a logfile if the SSLKEYLOGFILE environment variable is set. To enable the functionality in optimized builds, you must define the symbol NSS_ALLOW_SSLKEYLOGFILE when building NSS.

- Update NSS to protect it against the Cachebleed attack.

- Disable support for DTLS compression.

- Improve support for TLS 1.3. This includes support for DTLS 1.3. Note that TLS 1.3 support is experimental and not suitable for production use.

- Update to NSS 3.23 New functionality :

- ChaCha20/Poly1305 cipher and TLS cipher suites now supported

- Experimental-only support TLS 1.3 1-RTT mode (draft-11).
This code is not ready for production use. Notable changes :

- The list of TLS extensions sent in the TLS handshake has been reordered to increase compatibility of the Extended Master Secret with with servers

- The build time environment variable NSS_ENABLE_ZLIB has been renamed to NSS_SSL_ENABLE_ZLIB

- The build time environment variable NSS_DISABLE_CHACHAPOLY was added, which can be used to prevent compilation of the ChaCha20/Poly1305 code.

- The following CA certificates were Removed

- Staat der Nederlanden Root CA

- NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado

- NetLock Kozjegyzoi (Class A) Tanusitvanykiado

- NetLock Uzleti (Class B) Tanusitvanykiado

- NetLock Expressz (Class C) Tanusitvanykiado

- VeriSign Class 1 Public PCA - G2

- VeriSign Class 3 Public PCA

- VeriSign Class 3 Public PCA - G2

- CA Disig

- The following CA certificates were Added

+ SZAFIR ROOT CA2

+ Certum Trusted Network CA 2

- The following CA certificate had the Email trust bit turned on

+ Actalis Authentication Root CA Security fixes :

- CVE-2016-2834: Memory safety bugs (boo#983639) MFSA-2016-61 bmo#1206283 bmo#1221620 bmo#1241034 bmo#1241037

- Update to NSS 3.22.3

- Increase compatibility of TLS extended master secret, don't send an empty TLS extension last in the handshake (bmo#1243641)

- Fixed a heap-based buffer overflow related to the parsing of certain ASN.1 structures. An attacker could create a specially crafted certificate which, when parsed by NSS, would cause a crash or execution of arbitrary code with the permissions of the user.
(CVE-2016-1950, bmo#1245528)

- Update to NSS 3.22.2 New functionality :

- RSA-PSS signatures are now supported (bmo#1215295)

- Pseudorandom functions based on hashes other than SHA-1 are now supported

- Enforce an External Policy on NSS from a config file (bmo#1009429)

- CVE-2016-8635: Fix for DH small subgroup confinement attack (bsc#1015547) Mozilla NSPR was updated to version 4.13.1: The previously released version 4.13 had changed pipes to be nonblocking by default, and as a consequence, PollEvent was changed to not block on clear. The NSPR development team received reports that these changes caused regressions in some applications that use NSPR, and it has been decided to revert the changes made in NSPR 4.13. NSPR 4.13.1 restores the traditional behavior of pipes and PollEvent. Mozilla NSPR update to version 4.13 had these changes :

- PL_strcmp (and others) were fixed to return consistent results when one of the arguments is NULL.

- PollEvent was fixed to not block on clear.

- Pipes are always nonblocking.

- PR_GetNameForIdentity: added thread safety lock and bound checks.

- Removed the PLArena freelist.

- Avoid some integer overflows.

- fixed several comments. This update also contains java-1_8_0-openjdk that needed to be rebuilt against the new mozilla-nss version.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
http://fedoraproject.org/wiki/Changes/CryptoPolicy
https://bugzilla.suse.com/1015499
https://bugzilla.suse.com/1015547
https://bugzilla.suse.com/1021636
https://bugzilla.suse.com/1026102
https://bugzilla.suse.com/1030071
https://bugzilla.suse.com/1035082
https://bugzilla.suse.com/983639
https://www.suse.com/security/cve/CVE-2016-1950.html
https://www.suse.com/security/cve/CVE-2016-2834.html
https://www.suse.com/security/cve/CVE-2016-8635.html
https://www.suse.com/security/cve/CVE-2016-9574.html
https://www.suse.com/security/cve/CVE-2017-5429.html
https://www.suse.com/security/cve/CVE-2017-5432.html
https://www.suse.com/security/cve/CVE-2017-5433.html
https://www.suse.com/security/cve/CVE-2017-5434.html
https://www.suse.com/security/cve/CVE-2017-5435.html
https://www.suse.com/security/cve/CVE-2017-5436.html
https://www.suse.com/security/cve/CVE-2017-5437.html
https://www.suse.com/security/cve/CVE-2017-5438.html
https://www.suse.com/security/cve/CVE-2017-5439.html
https://www.suse.com/security/cve/CVE-2017-5440.html
https://www.suse.com/security/cve/CVE-2017-5441.html
https://www.suse.com/security/cve/CVE-2017-5442.html
https://www.suse.com/security/cve/CVE-2017-5443.html
https://www.suse.com/security/cve/CVE-2017-5444.html
https://www.suse.com/security/cve/CVE-2017-5445.html
https://www.suse.com/security/cve/CVE-2017-5446.html
https://www.suse.com/security/cve/CVE-2017-5447.html
https://www.suse.com/security/cve/CVE-2017-5448.html
https://www.suse.com/security/cve/CVE-2017-5459.html
https://www.suse.com/security/cve/CVE-2017-5460.html
https://www.suse.com/security/cve/CVE-2017-5461.html
https://www.suse.com/security/cve/CVE-2017-5462.html
https://www.suse.com/security/cve/CVE-2017-5464.html
https://www.suse.com/security/cve/CVE-2017-5465.html
https://www.suse.com/security/cve/CVE-2017-5469.html
http://www.nessus.org/u?d2ea3260
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-748=1

SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-748=1

SUSE Linux Enterprise Server for SAP 12:zypper in -t patch SUSE-SLE-SAP-12-2017-748=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-748=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-748=1

SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-748=1

SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-2017-748=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-748=1

SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-748=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.9 (CVSS:3.0/E:P/RL:O/RC:X)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.3 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2017-5469
CVE CVE-2017-5465
CVE CVE-2017-5464
CVE CVE-2017-5462
CVE CVE-2017-5461
CVE CVE-2017-5460
CVE CVE-2017-5459
CVE CVE-2017-5448
CVE CVE-2017-5447
CVE CVE-2017-5446
CVE CVE-2017-5445
CVE CVE-2017-5444
CVE CVE-2017-5443
CVE CVE-2017-5442
CVE CVE-2017-5441
CVE CVE-2017-5440
CVE CVE-2017-5439
CVE CVE-2017-5438
CVE CVE-2017-5437
CVE CVE-2017-5436
CVE CVE-2017-5435
CVE CVE-2017-5434
CVE CVE-2017-5433
CVE CVE-2017-5432
CVE CVE-2017-5429
CVE CVE-2016-9574
CVE CVE-2016-8635
CVE CVE-2016-2834
CVE CVE-2016-1950
XREF OSVDB:156139
XREF OSVDB:156059
XREF OSVDB:156058
XREF OSVDB:156057
XREF OSVDB:156056
XREF OSVDB:156055
XREF OSVDB:156054
XREF OSVDB:156053
XREF OSVDB:156052
XREF OSVDB:156051
XREF OSVDB:155999
XREF OSVDB:155992
XREF OSVDB:155976
XREF OSVDB:155972
XREF OSVDB:155968
XREF OSVDB:155967
XREF OSVDB:155966
XREF OSVDB:155965
XREF OSVDB:155964
XREF OSVDB:155963
XREF OSVDB:155962
XREF OSVDB:155961
XREF OSVDB:155960
XREF OSVDB:155959
XREF OSVDB:155958
XREF OSVDB:155957
XREF OSVDB:155956
XREF OSVDB:155955
XREF OSVDB:155953
XREF OSVDB:155952
XREF OSVDB:155951
XREF OSVDB:155950
XREF OSVDB:151476
XREF OSVDB:151247
XREF OSVDB:151246
XREF OSVDB:151245
XREF OSVDB:147522
XREF OSVDB:139469
XREF OSVDB:139468
XREF OSVDB:139467
XREF OSVDB:139466
XREF OSVDB:135603
Plugin Information:
Published: 2017/05/12, Modified: 2017/05/12
Plugin Output

tcp/0


Remote package installed : MozillaFirefox-45.5.1esr-93.1
Should be : MozillaFirefox-45.9.0esr-105.1

Remote package installed : MozillaFirefox-translations-45.5.1esr-93.1
Should be : MozillaFirefox-translations-45.9.0esr-105.1

Remote package installed : libfreebl3-3.21.3-50.1
Should be : libfreebl3-3.29.5-57.1

Remote package installed : libsoftokn3-3.21.3-50.1
Should be : libsoftokn3-3.29.5-57.1

Remote package installed : mozilla-nspr-4.12-15.2
Should be : mozilla-nspr-4.13.1-18.1

Remote package installed : mozilla-nss-3.21.3-50.1
Should be : mozilla-nss-3.29.5-57.1

Remote package installed : mozilla-nss-certs-3.21.3-50.1
Should be : mozilla-nss-certs-3.29.5-57.1

Remote package installed : libfreebl3-32bit-3.21.3-50.1
Should be : libfreebl3-32bit-3.29.5-57.1

Remote package installed : libsoftokn3-32bit-3.21.3-50.1
Should be : libsoftokn3-32bit-3.29.5-57.1

Remote package installed : mozilla-nspr-32bit-4.12-15.2
Should be : mozilla-nspr-32bit-4.13.1-18.1

Remote package installed : mozilla-nss-32bit-3.21.3-50.1
Should be : mozilla-nss-32bit-3.29.5-57.1

Remote package installed : mozilla-nss-certs-32bit-3.21.3-50.1
Should be : mozilla-nss-certs-32bit-3.29.5-57.1
100243 - SUSE SLED12 / SLES12 Security Update : libxslt (SUSE-SU-2017:1313-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for libxslt fixes the following issues :

- CVE-2017-5029: The xsltAddTextString function in transform.c lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page (bsc#1035905).

- CVE-2016-4738: Fix heap overread in xsltFormatNumberConversion: An empty decimal-separator could cause a heap overread. This can be exploited to leak a couple of bytes after the buffer that holds the pattern string (bsc#1005591).

- CVE-2015-9019: Properly initialize random generator (bsc#934119).

- CVE-2015-7995: Vulnerability in function xsltStylePreCompute' in preproc.c could cause a type confusion leading to DoS. (bsc#952474)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-793=1

SUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-793=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-793=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-793=1

SUSE Linux Enterprise Server 12-SP1:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-793=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-793=1

SUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-793=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVSS v3.0 Temporal Score
7.9 (CVSS:3.0/E:P/RL:O/RC:X)
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.3 (CVSS2#E:POC/RL:OF/RC:ND)
References
CVE CVE-2017-5029
CVE CVE-2016-4738
CVE CVE-2015-9019
CVE CVE-2015-7995
XREF OSVDB:155161
XREF OSVDB:151459
XREF OSVDB:144562
XREF OSVDB:126901
Plugin Information:
Published: 2017/05/17, Modified: 2017/08/16
Plugin Output

tcp/0


Remote package installed : libxslt-tools-1.1.28-6.57
Should be : libxslt-tools-1.1.28-16.1

Remote package installed : libxslt1-1.1.28-6.57
Should be : libxslt1-1.1.28-16.1
100244 - SUSE SLED12 / SLES12 Security Update : libtirpc (SUSE-SU-2017:1314-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for libtirpc fixes the following issues :

- CVE-2017-8779: crafted UDP packaged could lead rpcbind to denial-of-service (bsc#1037559)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-796=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-796=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-796=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-796=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:F/RL:U/RC:ND)
References
CVE CVE-2017-8779
XREF OSVDB:157017
XREF OSVDB:157016
Plugin Information:
Published: 2017/05/17, Modified: 2017/08/16
Plugin Output

tcp/0


Remote package installed : libtirpc-netconfig-1.0.1-14.7
Should be : libtirpc-netconfig-1.0.1-16.1

Remote package installed : libtirpc3-1.0.1-14.7
Should be : libtirpc3-1.0.1-16.1
100289 - SUSE SLED12 / SLES12 Security Update : rpcbind (SUSE-SU-2017:1328-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for rpcbind fixes the following issues :

- CVE-2017-8779: A crafted UDP package could lead rcpbind to remote denial-of-service (bsc#1037559)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-803=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-803=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-803=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
7.4 (CVSS2#E:F/RL:U/RC:ND)
References
CVE CVE-2017-8779
XREF OSVDB:157017
XREF OSVDB:157016
Plugin Information:
Published: 2017/05/19, Modified: 2017/08/16
Plugin Output

tcp/0


Remote package installed : rpcbind-0.2.3-21.4
Should be : rpcbind-0.2.3-23.1
100865 - SUSE SLED12 / SLES12 Security Update : libqt5-qtbase, libqt5-qtdeclarative (SUSE-SU-2017:1577-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for libqt5-qtbase and libqt5-qtdeclarative fixes the following issues: This security issue was fixed :

- Prevent potential information leak due to race condition in QSaveFile (bsc#1034005). These non-security issues were fixed :

- Fixed crash in QPlainTextEdit

- Fixed Burmese rendering issue

- Fixed reuse of C++-owned QObjects by different QML engines that could lead to crashes in kwin (bsc#1034402)

- Make libqt5-qtquickcontrols available in SUSE Linux Enterprise.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-967=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-967=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-967=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-967=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
Plugin Information:
Published: 2017/06/19, Modified: 2017/06/19
Plugin Output

tcp/0


Remote package installed : libQt5Core5-5.6.1-15.3
Should be : libQt5Core5-5.6.1-17.3.15

Remote package installed : libQt5DBus5-5.6.1-15.3
Should be : libQt5DBus5-5.6.1-17.3.15

Remote package installed : libQt5Gui5-5.6.1-15.3
Should be : libQt5Gui5-5.6.1-17.3.15

Remote package installed : libQt5Network5-5.6.1-15.3
Should be : libQt5Network5-5.6.1-17.3.15

Remote package installed : libQt5Widgets5-5.6.1-15.3
Should be : libQt5Widgets5-5.6.1-17.3.15
100909 - SUSE SLED12 / SLES12 Security Update : netpbm (SUSE-SU-2017:1603-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for netpbm fixes the following issues: Security bugs :

- CVE-2017-2586: A NULL pointer dereference in stringToUint function could lead to a denial of service (abort) problem when processing malformed images.
[bsc#1024292]

- CVE-2017-2581: A out-of-bounds write in writeRasterPbm() could be used by attackers to crash the decoder or potentially execute code. [bsc#1024287]

- CVE-2017-2587: A insufficient size check of memory allocation in createCanvas() function could be used for a denial of service attack (memory exhaustion) [bsc#1024294]

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-980=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-980=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-980=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-980=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.9 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-2587
CVE CVE-2017-2586
CVE CVE-2017-2581
XREF OSVDB:151491
XREF OSVDB:151490
XREF OSVDB:151489
Plugin Information:
Published: 2017/06/20, Modified: 2017/06/20
Plugin Output

tcp/0


Remote package installed : libnetpbm11-10.66.3-4.1
Should be : libnetpbm11-10.66.3-7.1

Remote package installed : netpbm-10.66.3-4.1
Should be : netpbm-10.66.3-7.1
100917 - SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2017:1619-1) (Stack Clash)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for glibc fixes the following issues :

- CVE-2017-1000366: Fix a potential privilege escalation vulnerability that allowed unprivileged system users to manipulate the stack of setuid binaries to gain special privileges. [bsc#1039357]

- A bug in glibc that could result in deadlocks between malloc() and fork() has been fixed. [bsc#1040043]

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-990=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-990=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-990=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-990=1

OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-990=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.0 (CVSS2#E:F/RL:OF/RC:ND)
References
CVE CVE-2017-1000366
XREF OSVDB:159369
Plugin Information:
Published: 2017/06/20, Modified: 2017/08/16
Plugin Output

tcp/0


Remote package installed : glibc-2.22-49.16
Should be : glibc-2.22-61.3

Remote package installed : glibc-locale-2.22-49.16
Should be : glibc-locale-2.22-61.3

Remote package installed : nscd-2.22-49.16
Should be : nscd-2.22-61.3

Remote package installed : glibc-32bit-2.22-49.16
Should be : glibc-32bit-2.22-61.3

Remote package installed : glibc-locale-32bit-2.22-49.16
Should be : glibc-locale-32bit-2.22-61.3
100952 - SUSE SLED12 / SLES12 Security Update : sudo (SUSE-SU-2017:1626-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for sudo fixes the following security issue :

- CVE-2017-1000368: A follow-up fix to CVE-2017-1000367, the Linux process name could also contain a newline, which could be used to trick sudo to read/write to an arbitrary open terminal. (bsc#1042146) Also the following non security bug was fixed :

- Link the 'system_group' plugin with sudo_util library to resolve the missing sudo_dso_findsym symbol (bsc#1034560)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1002=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1002=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1002=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1002=1

OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1002=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.0 (CVSS2#E:F/RL:OF/RC:ND)
STIG Severity
I
References
CVE CVE-2017-1000368
CVE CVE-2017-1000367
XREF IAVA:2017-A-0165
XREF OSVDB:158256
Plugin Information:
Published: 2017/06/21, Modified: 2017/08/17
Plugin Output

tcp/0


Remote package installed : sudo-1.8.10p3-8.1
Should be : sudo-1.8.10p3-10.10.2
101108 - SUSE SLED12 / SLES12 Security Update : vim (SUSE-SU-2017:1712-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for vim fixes the following issues: Security issues fixed :

- CVE-2017-5953: Fixed a possible overflow with corrupted spell file (bsc#1024724)

- CVE-2017-6350: Fixed a possible overflow when reading a corrupted undo file (bsc#1027053)

- CVE-2017-6349: Fixed a possible overflow when reading a corrupted undo file (bsc#1027057) Non security issues fixed :

- Speed up YAML syntax highlighting (bsc#1018870)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1063=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1063=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1063=1

OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1063=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-6350
CVE CVE-2017-6349
CVE CVE-2017-5953
XREF OSVDB:152581
XREF OSVDB:152580
XREF OSVDB:151922
Plugin Information:
Published: 2017/06/29, Modified: 2017/06/29
Plugin Output

tcp/0


Remote package installed : vim-7.4.326-7.1
Should be : vim-7.4.326-16.1
101203 - SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2017:1743-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for libxml2 fixes the following issues: Security issues fixed :

- CVE-2017-7376: Increase buffer space for port in HTTP redirect support (bsc#1044887)

- CVE-2017-7375: Prevent unwanted external entity reference [bsc#1044894, ]

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1086=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1086=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1086=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1086=1

OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1086=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.9 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-7376
CVE CVE-2017-7375
XREF OSVDB:158585
XREF OSVDB:158584
XREF OSVDB:155169
Plugin Information:
Published: 2017/07/03, Modified: 2017/08/16
Plugin Output

tcp/0


Remote package installed : libxml2-2-2.9.4-27.1
Should be : libxml2-2-2.9.4-45.1

Remote package installed : libxml2-tools-2.9.4-27.1
Should be : libxml2-tools-2.9.4-45.1

Remote package installed : libxml2-2-32bit-2.9.4-27.1
Should be : libxml2-2-32bit-2.9.4-45.1
101223 - SUSE SLED12 / SLES12 Security Update : libquicktime (SUSE-SU-2017:1769-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for libquicktime fixes the following issues :

- CVE-2017-9122: A DoS in quicktime_read_moov function in moov.c via acrafted mp4 file was fixed. (bsc#1044077)

- CVE-2017-9123: An invalid memory read in lqt_frame_duration via a crafted mp4 file was fixed.
(bsc#1044009)

- CVE-2017-9124: A NULL pointer dereference in quicktime_match_32 via a crafted mp4 file was fixed.
(bsc#1044008)

- CVE-2017-9125: A DoS in lqt_frame_duration function in lqt_quicktime.c via crafted mp4 file was fixed.
(bsc#1044122)

- CVE-2017-9126: A heap-based buffer overflow in quicktime_read_dref_table via a crafted mp4 file was fixed. (bsc#1044006)

- CVE-2017-9127: A heap-based buffer overflow in quicktime_user_atoms_read_atom via a crafted mp4 file was fixed. (bsc#1044002)

- CVE-2017-9128: A heap-based buffer over-read in quicktime_video_width via a crafted mp4 file was fixed.
(bsc#1044000)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1107=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1107=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1107=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1107=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
7.1 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score
6.7 (CVSS2#E:F/RL:U/RC:ND)
References
CVE CVE-2017-9128
CVE CVE-2017-9127
CVE CVE-2017-9126
CVE CVE-2017-9125
CVE CVE-2017-9124
CVE CVE-2017-9123
CVE CVE-2017-9122
XREF OSVDB:158865
XREF OSVDB:158864
XREF OSVDB:158863
XREF OSVDB:158759
XREF OSVDB:158758
XREF OSVDB:158757
XREF OSVDB:158756
Plugin Information:
Published: 2017/07/05, Modified: 2017/08/16
Plugin Output

tcp/0


Remote package installed : libquicktime0-1.2.4-8.87
Should be : libquicktime0-1.2.4-13.1
101225 - SUSE SLED12 / SLES12 Security Update : sudo (SUSE-SU-2017:1771-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for sudo fixes the following issues :

- A regression in the fix for the CVE-2017-1000368 that broke sudo with the 'requiretty' flag (bsc#1045986)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1105=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1105=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1105=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1105=1

OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1105=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.0 (CVSS2#E:F/RL:OF/RC:ND)
STIG Severity
I
References
CVE CVE-2017-1000368
XREF IAVA:2017-A-0165
XREF OSVDB:158256
Plugin Information:
Published: 2017/07/05, Modified: 2017/08/17
Plugin Output

tcp/0


Remote package installed : sudo-1.8.10p3-8.1
Should be : sudo-1.8.10p3-10.13.1
101352 - SUSE SLED12 / SLES12 Security Update : Recommended update for ncurses (SUSE-SU-2017:1815-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for ncurses fixes the following issues: Security issues fixed :

- CVE-2017-10684: Possible RCE via stack-based buffer overflow in the fmt_entry function. (bsc#1046858)

- CVE-2017-10685: Possible RCE with format string vulnerability in the fmt_entry function. (bsc#1046853) Bugfixes :

- Drop patch ncurses-5.9-environment.dif as YaST2 ncurses GUI does not need it anymore and as well as it causes bug bsc#1000662

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1119=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1119=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1119=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1119=1

OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1119=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.7 (CVSS2#E:U/RL:U/RC:UC)
References
CVE CVE-2017-10685
CVE CVE-2017-10684
XREF OSVDB:160056
Plugin Information:
Published: 2017/07/10, Modified: 2017/08/16
Plugin Output

tcp/0


Remote package installed : libncurses5-5.9-40.124
Should be : libncurses5-5.9-44.1

Remote package installed : libncurses6-5.9-40.124
Should be : libncurses6-5.9-44.1

Remote package installed : ncurses-utils-5.9-40.124
Should be : ncurses-utils-5.9-44.1

Remote package installed : terminfo-5.9-40.124
Should be : terminfo-5.9-44.1

Remote package installed : terminfo-base-5.9-40.124
Should be : terminfo-base-5.9-44.1

Remote package installed : libncurses5-32bit-5.9-40.124
Should be : libncurses5-32bit-5.9-44.1

Remote package installed : libncurses6-32bit-5.9-40.124
Should be : libncurses6-32bit-5.9-44.1
102256 - SUSE SLED12 / SLES12 Security Update : ncurses (SUSE-SU-2017:2075-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for ncurses fixes the following issues: Security issues fixed :

- CVE-2017-11112: Illegal address access in append_acs.
(bsc#1047964)

- CVE-2017-11113: Dereferencing NULL pointer in
_nc_parse_entry. (bsc#1047965)

- CVE-2017-10684, CVE-2017-10685: Add modified upstream fix from ncurses 6.0 to avoid broken termcap format (bsc#1046853, bsc#1046858, bsc#1049344)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1279=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1279=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1279=1

SUSE Linux Enterprise Server 12-SP3:zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1279=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1279=1

SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1279=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1279=1

OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1279=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.7 (CVSS2#E:U/RL:U/RC:UC)
References
CVE CVE-2017-11113
CVE CVE-2017-11112
CVE CVE-2017-10685
CVE CVE-2017-10684
XREF OSVDB:160643
XREF OSVDB:160642
XREF OSVDB:160056
Plugin Information:
Published: 2017/08/08, Modified: 2017/08/16
Plugin Output

tcp/0


Remote package installed : libncurses5-5.9-40.124
Should be : libncurses5-5.9-50.1

Remote package installed : libncurses6-5.9-40.124
Should be : libncurses6-5.9-50.1

Remote package installed : ncurses-utils-5.9-40.124
Should be : ncurses-utils-5.9-50.1

Remote package installed : terminfo-5.9-40.124
Should be : terminfo-5.9-50.1

Remote package installed : terminfo-base-5.9-40.124
Should be : terminfo-base-5.9-50.1

Remote package installed : libncurses5-32bit-5.9-40.124
Should be : libncurses5-32bit-5.9-50.1

Remote package installed : libncurses6-32bit-5.9-40.124
Should be : libncurses6-32bit-5.9-50.1
102413 - SUSE SLED12 / SLES12 Security Update : libsoup (SUSE-SU-2017:2129-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for libsoup fixes the following issues :

- A bug in the HTTP Chunked Encoding code has been fixed that could have been exploited by attackers to cause a stack-based buffer overflow in client or server code running libsoup (bsc#1052916, CVE-2017-2885).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1318=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1318=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1318=1

SUSE Linux Enterprise Server 12-SP3:zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1318=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1318=1

SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1318=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1318=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.9 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-2885
XREF OSVDB:163055
Plugin Information:
Published: 2017/08/11, Modified: 2017/08/16
Plugin Output

tcp/0


Remote package installed : libsoup-2_4-1-2.54.1-4.5
Should be : libsoup-2_4-1-2.54.1-5.3.1

Remote package installed : typelib-1_0-Soup-2_4-2.54.1-4.5
Should be : typelib-1_0-Soup-2_4-2.54.1-5.3.1
102415 - SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:2131-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.74 to receive various security and bugfixes. The following security bugs were fixed :

- CVE-2017-1000111: fix race condition in net-packet code that could be exploited to cause out-of-bounds memory access (bsc#1052365).

- CVE-2017-1000112: fix race condition in net-packet code that could have been exploited by unprivileged users to gain root access. (bsc#1052311). The following non-security bugs were fixed :

- powerpc/numa: fix regression that could cause kernel panics during installation (bsc#1048914).

- bcache: force trigger gc (bsc#1038078).

- bcache: only recovery I/O error for writethrough mode (bsc#1043652).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch SUSE-SLE-WE-12-SP2-2017-1319=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1319=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1319=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1319=1

SUSE Linux Enterprise Live Patching 12:zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1319=1

SUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch SUSE-SLE-HA-12-SP2-2017-1319=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1319=1

SUSE Container as a Service Platform ALL:zypper in -t patch SUSE-CAASP-ALL-2017-1319=1

OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1319=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
5.6 (CVSS2#E:POC/RL:OF/RC:C)
References
CVE CVE-2017-1000112
CVE CVE-2017-1000111
XREF OSVDB:163122
XREF OSVDB:163121
Exploitable With
Core Impact (true)
Plugin Information:
Published: 2017/08/11, Modified: 2017/11/03
Plugin Output

tcp/0


Remote package installed : kernel-default-4.4.21-84.1
Should be : kernel-default-4.4.74-92.35.1
102477 - SUSE SLED12 / SLES12 Security Update : openjpeg2 (SUSE-SU-2017:2144-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for openjpeg2 fixes the following issues :

- CVE 2016-7163: Integer Overflow could lead to remote code execution (bsc#997857).

- CVE 2015-8871: Use-after-free in opj_j2k_write_mco function could lead to denial of service (bsc#979907).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1325=1

SUSE Linux Enterprise Server 12-SP3:zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1325=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1325=1

SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1325=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1325=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS v3.0 Base Score
9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2016-7163
CVE CVE-2015-8871
XREF OSVDB:143027
XREF OSVDB:126336
Plugin Information:
Published: 2017/08/14, Modified: 2017/08/14
Plugin Output

tcp/0


Remote package installed : libopenjp2-7-2.1.0-1.55
Should be : libopenjp2-7-2.1.0-4.3.2
102912 - SUSE SLED12 / SLES12 Security Update : icu (SUSE-SU-2017:2318-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
icu was updated to fix two security issues. These security issues were fixed :

- CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) used an integer data type that is inconsistent with a header file, which allowed remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text (bsc#929629).

- CVE-2014-8146: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) did not properly track directionally isolated pieces of text, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text (bsc#929629).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch SUSE-SLE-WE-12-SP3-2017-1430=1

SUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch SUSE-SLE-WE-12-SP2-2017-1430=1

SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1430=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1430=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1430=1

SUSE Linux Enterprise Server 12-SP3:zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1430=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1430=1

SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1430=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1430=1

SUSE Container as a Service Platform ALL:zypper in -t patch SUSE-CAASP-ALL-2017-1430=1

OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1430=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
BID 74457
CVE CVE-2014-8147
CVE CVE-2014-8146
XREF OSVDB:121625
XREF OSVDB:121624
Plugin Information:
Published: 2017/09/01, Modified: 2017/09/01
Plugin Output

tcp/0


Remote package installed : libicu52_1-52.1-7.1
Should be : libicu52_1-52.1-8.3.1

Remote package installed : libicu52_1-data-52.1-7.1
Should be : libicu52_1-data-52.1-8.3.1
103316 - SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:2521-1) (BlueBorne)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive the following security fixes :

- CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel was vulnerable to a stack overflow while processing L2CAP configuration responses, resulting in a potential remote denial-of-service vulnerability but no remote code execution due to use of CONFIG_CC_STACKPROTECTOR. [bnc#1057389]

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch SUSE-SLE-WE-12-SP2-2017-1561=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1561=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1561=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1561=1

SUSE Linux Enterprise Live Patching 12:zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1561=1

SUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch SUSE-SLE-HA-12-SP2-2017-1561=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1561=1

SUSE Container as a Service Platform ALL:zypper in -t patch SUSE-CAASP-ALL-2017-1561=1

OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1561=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
8.3 (CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
7.9 (CVSS2#E:F/RL:U/RC:ND)
References
CVE CVE-2017-1000251
XREF OSVDB:165347
Plugin Information:
Published: 2017/09/19, Modified: 2017/09/19
Plugin Output

tcp/0


Remote package installed : kernel-default-4.4.21-84.1
Should be : kernel-default-4.4.74-92.38.1
103742 - SUSE SLED12 / SLES12 Security Update : krb5 (SUSE-SU-2017:2659-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for krb5 fixes several issues. This security issue was fixed :

- CVE-2017-11462: Prevent automatic security context deletion to prevent double-free (bsc#1056995) These non-security issues were fixed :

- Set 'rdns' and 'dns_canonicalize_hostname' to false in krb5.conf in order to improve client security in handling service principle names. (bsc#1054028)

- Prevent kadmind.service startup failure caused by absence of LDAP service. (bsc#903543)

- Remove main package's dependency on systemd (bsc#1032680)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1644=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1644=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1644=1

SUSE Linux Enterprise Server 12-SP3:zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1644=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1644=1

SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1644=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1644=1

SUSE Container as a Service Platform ALL:zypper in -t patch SUSE-CAASP-ALL-2017-1644=1

OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1644=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-11462
XREF OSVDB:164211
Plugin Information:
Published: 2017/10/10, Modified: 2017/10/10
Plugin Output

tcp/0


Remote package installed : krb5-1.12.5-39.1
Should be : krb5-1.12.5-40.13.1

Remote package installed : krb5-32bit-1.12.5-39.1
Should be : krb5-32bit-1.12.5-40.13.1
103768 - SUSE SLED12 / SLES12 Security Update : MozillaFirefox, mozilla-nss (SUSE-SU-2017:2688-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for MozillaFirefox to ESR 52.4, mozilla-nss fixes the following issues: This security issue was fixed for mozilla-nss :

- CVE-2017-7805: Prevent use-after-free in TLS 1.2 when generating handshake hashes (bsc#1061005) These security issues were fixed for Firefox

- CVE-2017-7825: Fixed some Tibetan and Arabic unicode characters rendering (bsc#1060445).

- CVE-2017-7805: Prevent Use-after-free in TLS 1.2 generating handshake hashes (bsc#1060445).

- CVE-2017-7819: Prevent Use-after-free while resizing images in design mode (bsc#1060445).

- CVE-2017-7818: Prevent Use-after-free during ARIA array manipulation (bsc#1060445).

- CVE-2017-7793: Prevent Use-after-free with Fetch API (bsc#1060445).

- CVE-2017-7824: Prevent Buffer overflow when drawing and validating elements with ANGLE (bsc#1060445).

- CVE-2017-7810: Fixed several memory safety bugs (bsc#1060445).

- CVE-2017-7823: CSP sandbox directive did not create a unique origin (bsc#1060445).

- CVE-2017-7814: Blob and data URLs bypassed phishing and malware protection warnings (bsc#1060445).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE OpenStack Cloud 6:zypper in -t patch SUSE-OpenStack-Cloud-6-2017-1662=1

SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1662=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1662=1

SUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1662=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1662=1

SUSE Linux Enterprise Server 12-SP3:zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1662=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1662=1

SUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1662=1

SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-2017-1662=1

SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1662=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1662=1

SUSE Container as a Service Platform ALL:zypper in -t patch SUSE-CAASP-ALL-2017-1662=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score
6.9 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-7825
CVE CVE-2017-7824
CVE CVE-2017-7823
CVE CVE-2017-7819
CVE CVE-2017-7818
CVE CVE-2017-7814
CVE CVE-2017-7810
CVE CVE-2017-7805
CVE CVE-2017-7793
XREF OSVDB:166348
XREF OSVDB:166340
XREF OSVDB:166336
XREF OSVDB:166334
XREF OSVDB:166332
XREF OSVDB:166331
XREF OSVDB:166330
XREF OSVDB:166328
XREF OSVDB:166299
XREF OSVDB:166298
XREF OSVDB:166297
XREF OSVDB:166296
XREF OSVDB:166295
XREF OSVDB:166294
XREF OSVDB:166293
XREF OSVDB:166292
Plugin Information:
Published: 2017/10/11, Modified: 2017/10/11
Plugin Output

tcp/0


Remote package installed : libfreebl3-3.21.3-50.1
Should be : libfreebl3-3.29.5-58.3.1

Remote package installed : libsoftokn3-3.21.3-50.1
Should be : libsoftokn3-3.29.5-58.3.1

Remote package installed : mozilla-nss-3.21.3-50.1
Should be : mozilla-nss-3.29.5-58.3.1

Remote package installed : mozilla-nss-certs-3.21.3-50.1
Should be : mozilla-nss-certs-3.29.5-58.3.1

Remote package installed : libfreebl3-32bit-3.21.3-50.1
Should be : libfreebl3-32bit-3.29.5-58.3.1

Remote package installed : libsoftokn3-32bit-3.21.3-50.1
Should be : libsoftokn3-32bit-3.29.5-58.3.1

Remote package installed : mozilla-nss-32bit-3.21.3-50.1
Should be : mozilla-nss-32bit-3.29.5-58.3.1

Remote package installed : mozilla-nss-certs-32bit-3.21.3-50.1
Should be : mozilla-nss-certs-32bit-3.29.5-58.3.1
104208 - SUSE SLED12 / SLES12 Security Update : tcpdump (SUSE-SU-2017:2854-1)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed :

- CVE-2017-11108: Prevent remote attackers to cause DoS (heap-based buffer over-read and application crash) via crafted packet data. The crash occured in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol (bsc#1047873, bsc#1057247).

- CVE-2017-11543: Prevent buffer overflow in the sliplink_print function in print-sl.c that allowed remote DoS (bsc#1057247).

- CVE-2017-13011: Prevent buffer overflow in bittok2str_internal() that allowed remote DoS (bsc#1057247)

- CVE-2017-12989: Prevent infinite loop in the RESP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12990: Prevent infinite loop in the ISAKMP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12995: Prevent infinite loop in the DNS parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12997: Prevent infinite loop in the LLDP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-11541: Prevent heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c that allowed remote DoS (bsc#1057247).

- CVE-2017-11542: Prevent heap-based buffer over-read in the pimv1_print function in print-pim.c that allowed remote DoS (bsc#1057247).

- CVE-2017-12893: Prevent buffer over-read in the SMB/CIFS parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12894: Prevent buffer over-read in several protocol parsers that allowed remote DoS (bsc#1057247)

- CVE-2017-12895: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12896: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12897: Prevent buffer over-read in the ISO CLNS parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12898: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12899: Prevent buffer over-read in the DECnet parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12900: Prevent buffer over-read in the in several protocol parsers that allowed remote DoS (bsc#1057247)

- CVE-2017-12901: Prevent buffer over-read in the EIGRP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12902: Prevent buffer over-read in the Zephyr parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12985: Prevent buffer over-read in the IPv6 parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12986: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12987: Prevent buffer over-read in the 802.11 parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12988: Prevent buffer over-read in the telnet parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12991: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12992: Prevent buffer over-read in the RIPng parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12993: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12994: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12996: Prevent buffer over-read in the PIMv2 parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12998: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247)

- CVE-2017-12999: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13000: Prevent buffer over-read in the IEEE 802.15.4 parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13001: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13002: Prevent buffer over-read in the AODV parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13003: Prevent buffer over-read in the LMP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13004: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13005: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13006: Prevent buffer over-read in the L2TP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13007: Prevent buffer over-read in the Apple PKTAP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13008: Prevent buffer over-read in the IEEE 802.11 parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13009: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13010: Prevent buffer over-read in the BEEP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13012: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13013: Prevent buffer over-read in the ARP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13014: Prevent buffer over-read in the White Board protocol parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13015: Prevent buffer over-read in the EAP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13016: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13017: Prevent buffer over-read in the DHCPv6 parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13018: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13019: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13020: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13021: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13022: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13023: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13024: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13025: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13026: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13027: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13028: Prevent buffer over-read in the BOOTP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13029: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13030: Prevent buffer over-read in the PIM parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13031: Prevent buffer over-read in the IPv6 fragmentation header parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13032: Prevent buffer over-read in the RADIUS parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13033: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13034: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13035: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13036: Prevent buffer over-read in the OSPFv3 parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13037: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13038: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13039: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13040: Prevent buffer over-read in the MPTCP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13041: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13042: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13043: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13044: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13045: Prevent buffer over-read in the VQP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13046: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13047: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13048: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13049: Prevent buffer over-read in the Rx protocol parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13050: Prevent buffer over-read in the RPKI-Router parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13051: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13052: Prevent buffer over-read in the CFM parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13053: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13054: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13055: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13687: Prevent buffer over-read in the Cisco HDLC parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13688: Prevent buffer over-read in the OLSR parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13689: Prevent buffer over-read in the IKEv1 parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13690: Prevent buffer over-read in the IKEv2 parser that allowed remote DoS (bsc#1057247)

- CVE-2017-13725: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247)

- Prevent segmentation fault in ESP decoder with OpenSSL 1.1 (bsc#1057247)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
https://bugzilla.suse.com/1047873
https://bugzilla.suse.com/1057247
https://www.suse.com/security/cve/CVE-2017-11108.html
https://www.suse.com/security/cve/CVE-2017-11541.html
https://www.suse.com/security/cve/CVE-2017-11542.html
https://www.suse.com/security/cve/CVE-2017-11543.html
https://www.suse.com/security/cve/CVE-2017-12893.html
https://www.suse.com/security/cve/CVE-2017-12894.html
https://www.suse.com/security/cve/CVE-2017-12895.html
https://www.suse.com/security/cve/CVE-2017-12896.html
https://www.suse.com/security/cve/CVE-2017-12897.html
https://www.suse.com/security/cve/CVE-2017-12898.html
https://www.suse.com/security/cve/CVE-2017-12899.html
https://www.suse.com/security/cve/CVE-2017-12900.html
https://www.suse.com/security/cve/CVE-2017-12901.html
https://www.suse.com/security/cve/CVE-2017-12902.html
https://www.suse.com/security/cve/CVE-2017-12985.html
https://www.suse.com/security/cve/CVE-2017-12986.html
https://www.suse.com/security/cve/CVE-2017-12987.html
https://www.suse.com/security/cve/CVE-2017-12988.html
https://www.suse.com/security/cve/CVE-2017-12989.html
https://www.suse.com/security/cve/CVE-2017-12990.html
https://www.suse.com/security/cve/CVE-2017-12991.html
https://www.suse.com/security/cve/CVE-2017-12992.html
https://www.suse.com/security/cve/CVE-2017-12993.html
https://www.suse.com/security/cve/CVE-2017-12994.html
https://www.suse.com/security/cve/CVE-2017-12995.html
https://www.suse.com/security/cve/CVE-2017-12996.html
https://www.suse.com/security/cve/CVE-2017-12997.html
https://www.suse.com/security/cve/CVE-2017-12998.html
https://www.suse.com/security/cve/CVE-2017-12999.html
https://www.suse.com/security/cve/CVE-2017-13000.html
https://www.suse.com/security/cve/CVE-2017-13001.html
https://www.suse.com/security/cve/CVE-2017-13002.html
https://www.suse.com/security/cve/CVE-2017-13003.html
https://www.suse.com/security/cve/CVE-2017-13004.html
https://www.suse.com/security/cve/CVE-2017-13005.html
https://www.suse.com/security/cve/CVE-2017-13006.html
https://www.suse.com/security/cve/CVE-2017-13007.html
https://www.suse.com/security/cve/CVE-2017-13008.html
https://www.suse.com/security/cve/CVE-2017-13009.html
https://www.suse.com/security/cve/CVE-2017-13010.html
https://www.suse.com/security/cve/CVE-2017-13011.html
https://www.suse.com/security/cve/CVE-2017-13012.html
https://www.suse.com/security/cve/CVE-2017-13013.html
https://www.suse.com/security/cve/CVE-2017-13014.html
https://www.suse.com/security/cve/CVE-2017-13015.html
https://www.suse.com/security/cve/CVE-2017-13016.html
https://www.suse.com/security/cve/CVE-2017-13017.html
https://www.suse.com/security/cve/CVE-2017-13018.html
https://www.suse.com/security/cve/CVE-2017-13019.html
https://www.suse.com/security/cve/CVE-2017-13020.html
https://www.suse.com/security/cve/CVE-2017-13021.html
https://www.suse.com/security/cve/CVE-2017-13022.html
https://www.suse.com/security/cve/CVE-2017-13023.html
https://www.suse.com/security/cve/CVE-2017-13024.html
https://www.suse.com/security/cve/CVE-2017-13025.html
https://www.suse.com/security/cve/CVE-2017-13026.html
https://www.suse.com/security/cve/CVE-2017-13027.html
https://www.suse.com/security/cve/CVE-2017-13028.html
https://www.suse.com/security/cve/CVE-2017-13029.html
https://www.suse.com/security/cve/CVE-2017-13030.html
https://www.suse.com/security/cve/CVE-2017-13031.html
https://www.suse.com/security/cve/CVE-2017-13032.html
https://www.suse.com/security/cve/CVE-2017-13033.html
https://www.suse.com/security/cve/CVE-2017-13034.html
https://www.suse.com/security/cve/CVE-2017-13035.html
https://www.suse.com/security/cve/CVE-2017-13036.html
https://www.suse.com/security/cve/CVE-2017-13037.html
https://www.suse.com/security/cve/CVE-2017-13038.html
https://www.suse.com/security/cve/CVE-2017-13039.html
https://www.suse.com/security/cve/CVE-2017-13040.html
https://www.suse.com/security/cve/CVE-2017-13041.html
https://www.suse.com/security/cve/CVE-2017-13042.html
https://www.suse.com/security/cve/CVE-2017-13043.html
https://www.suse.com/security/cve/CVE-2017-13044.html
https://www.suse.com/security/cve/CVE-2017-13045.html
https://www.suse.com/security/cve/CVE-2017-13046.html
https://www.suse.com/security/cve/CVE-2017-13047.html
https://www.suse.com/security/cve/CVE-2017-13048.html
https://www.suse.com/security/cve/CVE-2017-13049.html
https://www.suse.com/security/cve/CVE-2017-13050.html
https://www.suse.com/security/cve/CVE-2017-13051.html
https://www.suse.com/security/cve/CVE-2017-13052.html
https://www.suse.com/security/cve/CVE-2017-13053.html
https://www.suse.com/security/cve/CVE-2017-13054.html
https://www.suse.com/security/cve/CVE-2017-13055.html
https://www.suse.com/security/cve/CVE-2017-13687.html
https://www.suse.com/security/cve/CVE-2017-13688.html
https://www.suse.com/security/cve/CVE-2017-13689.html
https://www.suse.com/security/cve/CVE-2017-13690.html
https://www.suse.com/security/cve/CVE-2017-13725.html
http://www.nessus.org/u?44bd2333
Solution
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1776=1

SUSE Linux Enterprise Server 12-SP3:zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1776=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1776=1

SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1776=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1776=1

To bring your system up-to-date, use 'zypper patch'.
Risk Factor
High
CVSS Base Score
7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score
5.5 (CVSS2#E:U/RL:OF/RC:C)
References
CVE CVE-2017-13725
CVE CVE-2017-13690
CVE CVE-2017-13689
CVE CVE-2017-13688
CVE CVE-2017-13687
CVE CVE-2017-13055
CVE CVE-2017-13054
CVE CVE-2017-13053
CVE CVE-2017-13052
CVE CVE-2017-13051
CVE CVE-2017-13050
CVE CVE-2017-13049
CVE CVE-2017-13048
CVE CVE-2017-13047
CVE CVE-2017-13046
CVE CVE-2017-13045
CVE CVE-2017-13044
CVE CVE-2017-13043
CVE CVE-2017-13042
CVE CVE-2017-13041
CVE CVE-2017-13040
CVE CVE-2017-13039
CVE CVE-2017-13038
CVE CVE-2017-13037
CVE CVE-2017-13036
CVE CVE-2017-13035
CVE CVE-2017-13034
CVE CVE-2017-13033
CVE CVE-2017-13032
CVE CVE-2017-13031
CVE CVE-2017-13030
CVE CVE-2017-13029
CVE CVE-2017-13028
CVE CVE-2017-13027
CVE CVE-2017-13026
CVE CVE-2017-13025
CVE CVE-2017-13024
CVE CVE-2017-13023
CVE CVE-2017-13022
CVE CVE-2017-13021
CVE CVE-2017-13020
CVE CVE-2017-13019
CVE CVE-2017-13018
CVE CVE-2017-13017
CVE CVE-2017-13016
CVE CVE-2017-13015
CVE CVE-2017-13014
CVE CVE-2017-13013
CVE CVE-2017-13012
CVE CVE-2017-13011
CVE CVE-2017-13010
CVE CVE-2017-13009
CVE CVE-2017-13008
CVE CVE-2017-13007
CVE CVE-2017-13006
CVE CVE-2017-13005
CVE CVE-2017-13004
CVE CVE-2017-13003
CVE CVE-2017-13002
CVE CVE-2017-13001
CVE CVE-2017-13000
CVE CVE-2017-12999
CVE CVE-2017-12998
CVE CVE-2017-12997
CVE CVE-2017-12996
CVE CVE-2017-12995
CVE CVE-2017-12994
CVE CVE-2017-12993
CVE CVE-2017-12992
CVE CVE-2017-12991
CVE CVE-2017-12990
CVE CVE-2017-12989
CVE CVE-2017-12988
CVE CVE-2017-12987
CVE CVE-2017-12986
CVE CVE-2017-12985
CVE CVE-2017-12902
CVE CVE-2017-12901
CVE CVE-2017-12900
CVE CVE-2017-12899
CVE CVE-2017-12898
CVE CVE-2017-12897
CVE CVE-2017-12896
CVE CVE-2017-12895
CVE CVE-2017-12894
CVE CVE-2017-12893
CVE CVE-2017-11543
CVE CVE-2017-11542
CVE CVE-2017-11541
CVE CVE-2017-11108
XREF OSVDB:165058
XREF OSVDB:165057
XREF OSVDB:165056
XREF OSVDB:165055
XREF OSVDB:165054
XREF OSVDB:165053
XREF OSVDB:165052
XREF OSVDB:165051
XREF OSVDB:165050
XREF OSVDB:165049
XREF OSVDB:165048
XREF OSVDB:165047
XREF OSVDB:165046
XREF OSVDB:165045
XREF OSVDB:165044
XREF OSVDB:165043
XREF OSVDB:165042
XREF OSVDB:165041
XREF OSVDB:165040
XREF OSVDB:165039
XREF OSVDB:165038
XREF OSVDB:165037
XREF OSVDB:165036
XREF OSVDB:165035
XREF OSVDB:165034
XREF OSVDB:165033
XREF OSVDB:165032
XREF OSVDB:165031
XREF OSVDB:165030
XREF OSVDB:165029
XREF OSVDB:165028
XREF OSVDB:165027
XREF OSVDB:165026
XREF OSVDB:165025
XREF OSVDB:165024
XREF OSVDB:165023
XREF OSVDB:165022
XREF OSVDB:165021
XREF OSVDB:165020
XREF OSVDB:165019
XREF OSVDB:165018
XREF OSVDB:165017
XREF OSVDB:165016
XREF OSVDB:165015
XREF OSVDB:165014
XREF OSVDB:165013
XREF OSVDB:165012
XREF OSVDB:165011
XREF OSVDB:165010
XREF OSVDB:165009
XREF OSVDB:165008
XREF OSVDB:165007
XREF OSVDB:165006
XREF OSVDB:165005
XREF OSVDB:165004
XREF OSVDB:165003
XREF OSVDB:165002
XREF OSVDB:165001
XREF OSVDB:165000
XREF OSVDB:164999
XREF OSVDB:164998
XREF OSVDB:164997
XREF OSVDB:164996
XREF OSVDB:164995
XREF OSVDB:164994
XREF OSVDB:164993
XREF OSVDB:164992
XREF OSVDB:164991
XREF OSVDB:164990
XREF OSVDB:164989
XREF OSVDB:164988
XREF OSVDB:164987
XREF OSVDB:164986
XREF OSVDB:164985
XREF OSVDB:164984
XREF OSVDB:164983
XREF OSVDB:164982
XREF OSVDB:164981
XREF OSVDB:164980
XREF OSVDB:164979
XREF OSVDB:164978
XREF OSVDB:164977
XREF OSVDB:164976
XREF OSVDB:164975
XREF OSVDB:164974
XREF OSVDB:164973
XREF OSVDB:161780
XREF OSVDB:161778
XREF OSVDB:161777
XREF OSVDB:160585
Plugin Information:
Published: 2017/10/27, Modified: 2017/10/27
Plugin Output

tcp/0


Remote package installed : tcpdump-4.5.1-10.1
Should be : tcpdump-4.9.2-14.5.1
104253 - SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:2869-1) (KRACK)
Synopsis
The remote SUSE host is missing one or more security updates.
Description
The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.90 to receive various security and bugfixes. The following security bugs were fixed :

- CVE-2017-1000252: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c (bnc#1058038).

- CVE-2017-10810: Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering object-initialization failures (bnc#1047277).

- CVE-2017-11472: The acpi_ns_terminate() function in drivers/acpi/acpica/nsutils.c in the Linux kernel did not flush the operand cache and causes a kernel stack dump, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table (bnc#1049580).

- CVE-2017-11473: Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel allowed local users to gain privileges via a crafted ACPI table (bnc#1049603).

- CVE-2017-12134: The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation (bnc#1051790 bnc#1053919).

- CVE-2017-12153: A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel This function did not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash (bnc#1058410).

- CVE-2017-12154: The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel did not ensure that the 'CR8-load exiting' and 'CR8-store exiting' L0 vmcs02 controls exist in cases where L1 omits the 'use TPR shadow' vmcs12 control, which allowed KVM L2 guest OS users to obtain read and write access to the hardware CR8 register (bnc#1058507).

- CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bnc#1063667).

- CVE-2017-14051: An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash) by leveraging root access (bnc#1056588).

- CVE-2017-14106: The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel allowed local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path (bnc#1056982).

- CVE-2017-14489: The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel allowed local users to cause a denial of service (panic) by leveraging incorrect length validation (bnc#1059051).

- CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346 (bnc#1064388).

- CVE-2017-7518: The Linux kernel was vulnerable to an incorrect debug exception(#DB) error. It could occur while emulating a syscall instruction and potentially lead to guest privilege escalation. (bsc#1045922).

- CVE-2017-7541: The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg8021 1.c in the Linux kernel allowed local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet (bnc#1049645).

- CVE-2017-7542: The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel allowed local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket (bnc#1049882).

- CVE-2017-8831: The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a 'double fetch' vulnerability (bnc#1037994). The following non-security bugs were fixed :

- acpi / processor: Avoid reserving IO regions too early (bsc#1051478).

- acpi / scan: Prefer devices without _HID for _ADR matching (git-fixes).

- af_key: Add lock to key dump (bsc#1047653).

- af_key: Fix slab-out-of-bounds in pfkey_compile_policy (bsc#1047354).

- alsa: fm801: Initialize chip after IRQ handler is registered (bsc#1031717).

- alsa: hda - Add stereo mic quirk for Lenovo G50-70 (17aa:3978) (bsc#1020657).

- alsa: hda - Fix endless loop of codec configure (bsc#1031717).

- alsa: hda - Implement mic-mute LED mode enum (bsc#1055013).

- alsa: hda/realtek - Add support headphone Mic for ALC221 of HP platform (bsc#1024405).

- alsa: hda - set input_path bitmap to zero after moving it to new place (bsc#1031717).

- alsa: ice1712: Add support for STAudio ADCIII (bsc#1048934).

- alsa: usb-audio: Apply sample rate quirk to Sennheiser headset (bsc#1052580).

- arc: Re-enable MMU upon Machine Check exception (bnc#1012382).

- arm64: fault: Route pte translation faults via do_translation_fault (bnc#1012382).

- arm64: Make sure SPsel is always set (bnc#1012382).

- arm: pxa: add the number of DMA requestor lines (bnc#1012382).

- arm: pxa: fix the number of DMA requestor lines (bnc#1012382).

- b43: Add missing MODULE_FIRMWARE() (bsc#1037344).

- bcache: correct cache_dirty_target in
__update_writeback_rate() (bnc#1012382).

- bcache: Correct return value for sysfs attach errors (bnc#1012382).

- bcache: do not subtract sectors_to_gc for bypassed IO (bnc#1012382).

- bcache: fix bch_hprint crash and improve output (bnc#1012382).

- bcache: fix for gc and write-back race (bnc#1012382).

- bcache: Fix leak of bdev reference (bnc#1012382).

- bcache: force trigger gc (bsc#1038078).

- bcache: initialize dirty stripes in flash_dev_run() (bnc#1012382).

- bcache: only recovery I/O error for writethrough mode (bsc#1043652).

- bdi: Fix use-after-free in wb_congested_put() (bsc#1040307).

- blacklist 2400fd822f46 powerpc/asm: Mark cr0 as clobbered in mftb()

- blacklist.conf: 9eeacd3a2f17 not a bug fix (bnc#1050061)

- blacklist.conf: add unapplicable/cosmetic iwlwifi fixes (bsc#1031717).

- blacklist.conf: add unapplicable drm fixes (bsc#1031717).

- blacklist.conf: Blacklist 4e201566402c ('genirq/msi:
Drop artificial PCI dependency') (bsc#1051478) This commit just removes an include and does not fix a real issue.

- blacklist.conf: Blacklist aa2369f11ff7 ('mm/gup.c: fix access_ok() argument type') (bsc#1051478) Fixes only a compile-warning.

- blacklist.conf: Blacklist c133c7615751 ('x86/nmi: Fix timeout test in test_nmi_ipi()') It only fixes a self-test (bsc#1051478).

- blacklist.conf: Blacklist c9525a3fab63 ('x86/watchdog:
Fix Kconfig help text file path reference to lockup watchdog documentation') Updates only kconfig help-text (bsc#1051478).

- blacklist.conf: Blacklist e80e7edc55ba ('PCI/MSI:
Initialize MSI capability for all architectures') This only fixes machines not supported by our kernels.

- blkfront: add uevent for size change (bnc#1036632).

- block: Allow bdi re-registration (bsc#1040307).

- block: do not allow updates through sysfs until registration completes (bsc#1047027).

- block: Fix front merge check (bsc#1051239).

- block: Make del_gendisk() safer for disks without queues (bsc#1040307).

- block: Move bdi_unregister() to del_gendisk() (bsc#1040307).

- block: Relax a check in blk_start_queue() (bnc#1012382).

- bluetooth: bnep: fix possible might sleep error in bnep_session (bsc#1031784).

- bluetooth: cmtp: fix possible might sleep error in cmtp_session (bsc#1031784).

- bluetooth: hidp: fix possible might sleep error in hidp_session_thread (bsc#1031784).

- bnxt: add a missing rcu synchronization (bnc#1038583).

- bnxt: do not busy-poll when link is down (bnc#1038583).

- bnxt_en: Enable MRU enables bit when configuring VNIC MRU (bnc#1038583).

- bnxt_en: Fix and clarify link_info->advertising (bnc#1038583).

- bnxt_en: Fix a VXLAN vs GENEVE issue (bnc#1038583).

- bnxt_en: Fix NULL pointer dereference in a failure path during open (bnc#1038583).

- bnxt_en: Fix NULL pointer dereference in reopen failure path (bnc#1038583).

- bnxt_en: fix pci cleanup in bnxt_init_one() failure path (bnc#1038583).

- bnxt_en: Fix ring arithmetic in bnxt_setup_tc() (bnc#1038583).

- bnxt_en: Fix TX push operation on ARM64 (bnc#1038583).

- bnxt_en: Fix 'uninitialized variable' bug in TPA code path (bnc#1038583).

- bnxt_en: Fix VF virtual link state (bnc#1038583).

- bnxt_en: initialize rc to zero to avoid returning garbage (bnc#1038583).

- bnxt_en: Pad TX packets below 52 bytes (bnc#1038583).

- bnxt_en: Refactor TPA code path (bnc#1038583).

- brcmfmac: Fix glom_skb leak in brcmf_sdiod_recv_chain (bsc#1031717).

- bsg-lib: do not free job in bsg_prepare_job (bnc#1012382).

- btrfs: add cond_resched to btrfs_qgroup_trace_leaf_items (bsc#1028286).

- btrfs: Add WARN_ON for qgroup reserved underflow (bsc#1031515).

- btrfs: change how we decide to commit transactions during flushing (bsc#1060197).

- btrfs: Do not clear SGID when inheriting ACLs (bsc#1030552).

- btrfs: fix early ENOSPC due to delalloc (bsc#1049226).

- btrfs: fix lockup in find_free_extent with read-only block groups (bsc#1046682).

- btrfs: fix NULL pointer dereference from free_reloc_roots() (bnc#1012382).

- btrfs: incremental send, fix invalid path for link commands (bsc#1051479).

- btrfs: incremental send, fix invalid path for unlink commands (bsc#1051479).

- btrfs: prevent to set invalid default subvolid (bnc#1012382).

- btrfs: propagate error to btrfs_cmp_data_prepare caller (bnc#1012382).

- btrfs: qgroup: move noisy underflow warning to debugging build (bsc#1055755).

- btrfs: resume qgroup rescan on rw remount (bsc#1047152).

- btrfs: send, fix invalid path after renaming and linking file (bsc#1051479).

- ceph: fix readpage from fscache (bsc#1057015).

- cifs: Fix SMB3.1.1 guest authentication to Samba (bnc#1012382).

- cifs: release auth_key.response for reconnect (bnc#1012382).

- class: Add 'shutdown' to 'struct class' (bsc#1053117).

- cpuidle: dt: Add missing 'of_node_put()' (bnc#1022476).

- crypto: AF_ALG - remove SGL terminator indicator when chaining (bnc#1012382).

- crypto: s5p-sss - fix incorrect usage of scatterlists api (bsc#1048317).

- crypto: talitos - Do not provide setkey for non hmac hashing algs (bnc#1012382).

- crypto: talitos - fix sha224 (bnc#1012382).

- cx82310_eth: use skb_cow_head() to deal with cloned skbs (bsc# 1045154).

- cxgb4: Fix stack out-of-bounds read due to wrong size to t4_record_mbox() (bsc#1021424 bsc#1022743).

- cxl: Fix driver use count (bnc#1012382).

- cxl: Unlock on error in probe (bsc#1034762, Pending SUSE Kernel Fixes).

- dentry name snapshots (bsc#1049483).

- dmaengine: mmp-pdma: add number of requestors (bnc#1012382).

- dm: fix second blk_delay_queue() parameter to be in msec units not (bsc#1047670).

- drivers: hv: Fix the bug in generating the guest ID (fate#320485).

- drivers: hv: util: Fix a typo (fate#320485).

- drivers: hv: vmbus: Get the current time from the current clocksource (fate#320485, bnc#1044112, bnc#1042778, bnc#1029693).

- drivers: hv: vmbus: Increase the time between retries in vmbus_post_msg() (fate#320485, bnc#1044112).

- drivers: hv: vmbus: Move the code to signal end of message (fate#320485).

- drivers: hv: vmbus: Move the definition of generate_guest_id() (fate#320485).

- drivers: hv: vmbus: Move the definition of hv_x64_msr_hypercall_contents (fate#320485).

- drivers: hv: vmbus: Restructure the clockevents code (fate#320485).

- drivers: net: xgene: Fix wrong logical operation (bsc#1056827).

- drm: Add driver-private objects to atomic state (bsc#1055493).

- drm/amdgpu: Fix overflow of watermark calcs at > 4k resolutions (bsc#1031717).

- drm/bochs: Implement nomodeset (bsc#1047096).

- drm/dp: Introduce MST topology state to track available link bandwidth (bsc#1055493).

- drm/i915/fbdev: Stop repeating tile configuration on stagnation (bsc#1031717).

- drm/i915: Fix scaler init during CRTC HW state readout (bsc#1031717).

- drm/i915: Serialize GTT/Aperture accesses on BXT (bsc#1046821).

- drm/virtio: do not leak bo on drm_gem_object_init failure (bsc#1047277).

- drm/vmwgfx: Fix large topology crash (bsc#1048155).

- drm/vmwgfx: Limit max desktop dimensions to 8Kx8K (bsc#1048155).

- drm/vmwgfx: Support topology greater than texture size (bsc#1048155).

- efi/libstub: Skip GOP with PIXEL_BLT_ONLY format (bnc#974215).

- ext2: Do not clear SGID when inheriting ACLs (bsc#1030552).

- ext4: avoid unnecessary stalls in ext4_evict_inode() (bsc#1049486).

- ext4: Do not clear SGID when inheriting ACLs (bsc#1030552).

- ext4: fix incorrect quotaoff if the quota feature is enabled (bnc#1012382).

- ext4: fix quota inconsistency during orphan cleanup for read-only mounts (bnc#1012382).

- ext4: handle the rest of ext4_mb_load_buddy() ENOMEM errors (bsc#1012829).

- f2fs: check hot_data for roll-forward recovery (bnc#1012382).

- fix xen_swiotlb_dma_mmap prototype (bnc#1012382).

- fs/fcntl: f_setown, avoid undefined behaviour (bnc#1006180).

- ftrace: Fix memleak when unregistering dynamic ops when tracing disabled (bnc#1012382).

- ftrace: Fix selftest goto location on error (bnc#1012382).

- fuse: initialize the flock flag in fuse_file on allocation (git-fixes).

- gcov: add support for gcc version >= 6 (bsc#1051663).

- gcov: support GCC 7.1 (bsc#1051663).

- genirq: Fix for_each_action_of_desc() macro (bsc#1061064).

- getcwd: Close race with d_move called by lustre (bsc#1052593).

- gfs2: Do not clear SGID when inheriting ACLs (bsc#1012829).

- gfs2: Fix debugfs glocks dump (bnc#1012382).

- gfs2: fix flock panic issue (bsc#1012829).

- gianfar: Fix Tx flow control deactivation (bnc#1012382).

- hid: usbhid: Add HID_QUIRK_NOGET for Aten CS-1758 KVM switch (bnc#1022967).

- hrtimer: Catch invalid clockids again (bsc#1047651).

- hrtimer: Revert CLOCK_MONOTONIC_RAW support (bsc#1047651).

- hv_utils: drop .getcrosststamp() support from PTP driver (fate#320485, bnc#1044112, bnc#1042778, bnc#1029693).

- hv_utils: fix TimeSync work on pre-TimeSync-v4 hosts (fate#320485, bnc#1044112, bnc#1042778, bnc#1029693).

- hv_util: switch to using timespec64 (fate#320485).

- i2c: designware-baytrail: fix potential NULL pointer dereference on dev (bsc#1011913).

- i40e: add hw struct local variable (bsc#1039915).

- i40e: add private flag to control source pruning (bsc#1034075).

- i40e: add VSI info to macaddr messages (bsc#1039915).

- i40e: avoid looping to check whether we're in VLAN mode (bsc#1039915).

- i40e: avoid O(n^2) loop when deleting all filters (bsc#1039915).

- i40e: delete filter after adding its replacement when converting (bsc#1039915).

- i40e: do not add broadcast filter for VFs (bsc#1039915).

- i40e: do not allow i40e_vsi_(add|kill)_vlan to operate when VID (bsc#1039915).

- i40e: drop is_vf and is_netdev fields in struct i40e_mac_filter (bsc#1039915).

- i40e: enable VSI broadcast promiscuous mode instead of adding broadcast filter (bsc#1039915).

- i40e: factor out addition/deletion of VLAN per each MAC address (bsc#1039915).

- i40e: fix MAC filters when removing VLANs (bsc#1039915).

- i40e: fold the i40e_is_vsi_in_vlan check into i40e_put_mac_in_vlan (bsc#1039915).

- i40e: implement __i40e_del_filter and use where applicable (bsc#1039915).

- i40e: make use of __dev_uc_sync and __dev_mc_sync (bsc#1039915).

- i40e: move all updates for VLAN mode into i40e_sync_vsi_filters (bsc#1039915).

- i40e: move i40e_put_mac_in_vlan and i40e_del_mac_all_vlan (bsc#1039915).

- i40e: no need to check is_vsi_in_vlan before calling i40e_del_mac_all_vlan (bsc#1039915).

- i40e: properly cleanup on allocation failure in i40e_sync_vsi_filters (bsc#1039915).

- i40e: recalculate vsi->active_filters from hash contents (bsc#1039915).

- i40e: refactor i40e_put_mac_in_vlan to avoid changing f->vlan (bsc#1039915).

- i40e: refactor i40e_update_filter_state to avoid passing aq_err (bsc#1039915).

- i40e: refactor Rx filter handling (bsc#1039915).

- i40e: Removal of workaround for simple MAC address filter deletion (bsc#1039915).

- i40e: remove code to handle dev_addr specially (bsc#1039915).

- i40e: removed unreachable code (bsc#1039915).

- i40e: remove duplicate add/delete adminq command code for filters (bsc#1039915).

- i40e: remove second check of VLAN_N_VID in i40e_vlan_rx_add_vid (bsc#1039915).

- i40e: rename i40e_put_mac_in_vlan and i40e_del_mac_all_vlan (bsc#1039915).

- i40e: restore workaround for removing default MAC filter (bsc#1039915).

- i40e: set broadcast promiscuous mode for each active VLAN (bsc#1039915).

- i40e: store MAC/VLAN filters in a hash with the MAC Address as key (bsc#1039915).

- i40e: use (add|rm)_vlan_all_mac helper functions when changing PVID (bsc#1039915).

- i40e: when adding or removing MAC filters, correctly handle VLANs (bsc#1039915).

- i40e: When searching all MAC/VLAN filters, ignore removed filters (bsc#1039915).

- i40e: write HENA for VFs (bsc#1039915).

- ib/hfi1: Wait for QSFP modules to initialize (bsc#1019151).

- ibmvnic: Check for transport event on driver resume (bsc#1051556, bsc#1052709).

- ibmvnic: Clean up resources on probe failure (fate#323285, bsc#1058116).

- ibmvnic: Initialize SCRQ's during login renegotiation (bsc#1052223).

- ibmvnic: Report rx buffer return codes as netdev_dbg (bsc#1052794).

- iio: hid-sensor: fix return of -EINVAL on invalid values in ret or value (bsc#1031717).

- input: gpio-keys - fix check for disabling unsupported keys (bsc#1031717).

- input: i8042 - add Gigabyte P57 to the keyboard reset table (bnc#1012382).

- introduce the walk_process_tree() helper (bnc#1022476).

- iommu/amd: Fix schedule-while-atomic BUG in initialization code (bsc1052533).

- iommu/vt-d: Avoid calling virt_to_phys() on NULL pointer (bsc#1061067).

- ipv4: Should use consistent conditional judgement for ip fragment in __ip_append_data and ip_finish_output (bsc#1041958).

- ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt() (bnc#1012382).

- ipv6: add rcu grace period before freeing fib6_node (bnc#1012382).

- ipv6: fix memory leak with multiple tables during netns destruction (bnc#1012382).

- ipv6: fix sparse warning on rt6i_node (bnc#1012382).

- ipv6: fix typo in fib6_net_exit() (bnc#1012382).

- ipv6: Should use consistent conditional judgement for ip6 fragment between __ip6_append_data and ip6_finish_output (bsc#1041958).

- iwlwifi: missing error code in iwl_trans_pcie_alloc() (bsc#1031717).

- iwlwifi: mvm: compare full command ID (FATE#321353, FATE#323335).

- iwlwifi: mvm: do not send CTDP commands via debugfs if not supported (bsc#1031717).

- iwlwifi: mvm: reset the fw_dump_desc pointer after ASSERT (bsc#1031717).

- iwlwifi: mvm: synchronize firmware DMA paging memory (FATE#321353, FATE#323335).

- iwlwifi: mvm: unconditionally stop device after init (bsc#1031717).

- iwlwifi: mvm: unmap the paging memory before freeing it (FATE#321353, FATE#323335).

- iwlwifi: pcie: fix command completion name debug (bsc#1031717).

- kABI-fix for 'x86/panic: replace smp_send_stop() with kdump friendly version in panic path' (bsc#1051478).

- kABI: protect enum pid_type (kabi).

- kABI: protect lwtunnel include in ip6_route.h (kabi).

- kABI: protect struct iscsi_np (kabi).

- kABI: protect struct iscsi_tpg_attrib (kabi).

- kABI: protect struct se_lun (kabi).

- kABI: protect struct tpm_chip (kabi).

- kABI: protect struct xfrm_dst (kabi).

- kABI: protect struct xfrm_dst (kabi).

- kabi/severities: ignore nfs_pgio_data_destroy

- kABI: uninline task_tgid_nr_nr (kabi).

- kernel/*: switch to memdup_user_nul() (bsc#1048893).

- keys: fix writing past end of user-supplied buffer in keyring_read() (bnc#1012382).

- keys: prevent creating a different user's keyrings (bnc#1012382).

- keys: prevent KEYCTL_READ on negative key (bnc#1012382).

- kvm: async_pf: Fix #DF due to inject 'Page not Present' and 'Page Ready' exceptions simultaneously (bsc#1061017).

- kvm: nVMX: fix msr bitmaps to prevent L2 from accessing L0 x2APIC (bsc#1051478).

- kvm: nVMX: Fix nested_vmx_check_msr_bitmap_controls (bsc#1051478).

- kvm: nVMX: Fix nested VPID vmx exec control (bsc#1051478).

- kvm: PPC: Book3S: Fix race and leak in kvm_vm_ioctl_create_spapr_tce() (bnc#1012382).

- kvm: SVM: Add a missing 'break' statement (bsc#1061017).

- kvm: VMX: do not change SN bit in vmx_update_pi_irte() (bsc#1061017).

- kvm: VMX: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt (bsc#1061017).

- kvm: VMX: use cmpxchg64 (bnc#1012382).

- kvm: x86: avoid simultaneous queueing of both IRQ and SMI (bsc#1051478).

- libnvdimm: fix badblock range handling of ARS range (bsc#1023175).

- libnvdimm, pmem: fix a NULL pointer BUG in nd_pmem_notify (bsc#1023175).

- lib: test_rhashtable: fix for large entry counts (bsc#1055359).

- lib: test_rhashtable: Fix KASAN warning (bsc#1055359).

- lightnvm: remove unused rq parameter of nvme_nvm_rqtocmd() to kill warning (FATE#319466).

- mac80211: flush hw_roc_start work before cancelling the ROC (bnc#1012382).

- mac80211_hwsim: Replace bogus hrtimer clockid (bsc#1047651).

- md/bitmap: disable bitmap_resize for file-backed bitmaps (bsc#1061172).

- md: fix sleep in atomic (bsc#1040351).

- md/raid5: fix a race condition in stripe batch (linux-stable).

- md/raid5: preserve STRIPE_ON_UNPLUG_LIST in break_stripe_batch_list (bnc#1012382).

- md/raid5: release/flush io in raid5_do_work() (bnc#1012382).

- media: uvcvideo: Prevent heap overflow when accessing mapped controls (bnc#1012382).

- media: v4l2-compat-ioctl32: Fix timespec conversion (bnc#1012382).

- mips: math-emu: <maxa>.<d>: Fix cases of both infinite inputs (bnc#1012382).

- mips: math-emu: <maxa>.<d>: Fix cases of input values with opposite signs (bnc#1012382).

- mips: math-emu: <max>.<d>: Fix cases of both inputs zero (bnc#1012382).

- mips: math-emu: <max>.<d>: Fix quiet NaN propagation (bnc#1012382).

- mips: math-emu: <max>.<d>: Fix cases of both inputs negative (bnc#1012382).

- mips: math-emu: MINA.<d>: Fix some cases of infinity and zero inputs (bnc#1012382).

- mm: adaptive hash table scaling (bnc#1036303).

- mm: call page_ext_init() after all struct pages are initialized (VM Debugging Functionality, bsc#1047048).

- mm: drop HASH_ADAPT (bnc#1036303).

- mm: fix classzone_idx underflow in shrink_zones() (VM Functionality, bsc#1042314).

- mm, madvise: ensure poisoned pages are removed from per-cpu lists (VM hw poison -- git fixes).

- mm: make PR_SET_THP_DISABLE immediately active (bnc#1048891).

- mm/page_alloc.c: apply gfp_allowed_mask before the first allocation attempt (bnc#971975 VM -- git fixes).

- mm: prevent double decrease of nr_reserved_highatomic (bnc#1012382).

- mptsas: Fixup device hotplug for VMWare ESXi (bsc#1030850).

- mwifiex: do not update MCS set from hostapd (bsc#1031717).

- net: account for current skb length when deciding about UFO (bsc#1041958).

- net: ena: add hardware hints capability to the driver (bsc#1047121).

- net: ena: add missing return when ena_com_get_io_handlers() fails (bsc#1047121).

- net: ena: add missing unmap bars on device removal (bsc#1047121).

- net: ena: add reset reason for each device FLR (bsc#1047121).

- net: ena: add support for out of order rx buffers refill (bsc#1047121).

- net: ena: allow the driver to work with small number of msix vectors (bsc#1047121).

- net: ena: bug fix in lost tx packets detection mechanism (bsc#1047121).

- net: ena: change return value for unsupported features unsupported return value (bsc#1047121).

- net: ena: change sizeof() argument to be the type pointer (bsc#1047121).

- net: ena: disable admin msix while working in polling mode (bsc#1047121).

- net: ena: fix bug that might cause hang after consecutive open/close interface (bsc#1047121).

- net: ena: fix race condition between submit and completion admin command (bsc#1047121).

- net: ena: fix rare uncompleted admin command false alarm (bsc#1047121).

- net: ena: fix theoretical Rx hang on low memory systems (bsc#1047121).

- net: ena: separate skb allocation to dedicated function (bsc#1047121).

- net: ena: update driver's rx drop statistics (bsc#1047121).

- net: ena: update ena driver to version 1.1.7 (bsc#1047121).

- net: ena: update ena driver to version 1.2.0 (bsc#1047121).

- net: ena: use lower_32_bits()/upper_32_bits() to split dma address (bsc#1047121).

- net: ena: use napi_schedule_irqoff when possible (bsc#1047121).

- netfilter: fix IS_ERR_VALUE usage (bsc#1052888).

- netfilter: x_tables: pack percpu counter allocations (bsc#1052888).

- netfilter: x_tables: pass xt_counters struct instead of packet counter (bsc#1052888).

- netfilter: x_tables: pass xt_counters struct to counter allocator (bsc#1052888).

- net: handle NAPI_GRO_FREE_STOLEN_HEAD case also in napi_frags_finish() (bsc#1042286).

- net/mlx5: Fix driver load error flow when firmware is stuck (git-fixes).

- net: phy: Do not perform software reset for Generic PHY (bsc#1042286).

- new helper: memdup_user_nul() (bsc#1048893).

- nfs: Cache aggressively when file is open for writing (bsc#1033587).

- nfsd: Fix general protection fault in release_lock_stateid() (bnc#1012382).

- nfs: Do not flush caches for a getattr that races with writeback (bsc#1033587).

- nfs: flush data when locking a file to ensure cache coherence for mmap (bsc#981309).

- nfs: invalidate file size when taking a lock (git-fixes).

- nfs: only invalidate dentrys that are clearly invalid (bsc#1047118).

- ocfs2: Do not clear SGID when inheriting ACLs (bsc#1030552).

- ocfs2: fix deadlock caused by recursive locking in xattr (bsc#1012829).

- ocfs2: Make ocfs2_set_acl() static (bsc#1030552).

- of: fix '/cpus' reference leak in of_numa_parse_cpu_nodes() (bsc#1056827).

- ovl: fix dentry leak for default_permissions (bsc#1054084).

- pci: Add Mellanox device IDs (bsc#1051478).

- pci: Allow PCI express root ports to find themselves (bsc#1061046).

- pci: Convert Mellanox broken INTx quirks to be for listed devices only (bsc#1051478).

- pci: Correct PCI_STD_RESOURCE_END usage (bsc#1051478).

- pci: dwc: dra7xx: Use RW1C for IRQSTATUS_MSI and IRQSTATUS_MAIN (bsc#1051478).

- pci: dwc: Fix uninitialized variable in dw_handle_msi_irq() (bsc#1051478).

- pci: Enable ECRC only if device supports it (bsc#1051478).

- pci: fix oops when try to find Root Port for a PCI device (bsc#1061046).

- pci: Fix race condition with driver_override (bnc#1012382).

- pci / pm: Fix native PME handling during system suspend/resume (bsc#1051478).

- pci: shpchp: Enable bridge bus mastering if MSI is enabled (bnc#1012382).

- pci: Support INTx masking on ConnectX-4 with firmware x.14.1100+ (bsc#1051478).

- percpu_ref: allow operation mode switching operations to be called concurrently (bsc#1055096).

- percpu_ref: remove unnecessary RCU grace period for staggered atomic switching confirmation (bsc#1055096).

- percpu_ref: reorganize __percpu_ref_switch_to_atomic() and relocate percpu_ref_switch_to_atomic() (bsc#1055096).

- percpu_ref: restructure operation mode switching (bsc#1055096).

- percpu_ref: unify staggered atomic switching wait behavior (bsc#1055096).

- perf/x86: Fix RDPMC vs. mm_struct tracking (bsc#1061831).

- perf/x86: Fix spurious NMI with PEBS Load Latency event (bsc#1051478).

- perf/x86/intel: Cure bogus unwind from PEBS entries (bsc#1051478).

- perf/x86/intel: Fix PEBSv3 record drain (bsc#1051478).

- perf/x86: kABI Workaround for 'perf/x86: Fix RDPMC vs.
mm_struct tracking' (bsc#1061831).

- platform/x86: ideapad-laptop: Add IdeaPad 310-15IKB to no_hw_rfkill (bsc#1051022).

- platform/x86: ideapad-laptop: Add IdeaPad V310-15ISK to no_hw_rfkill (bsc#1051022).

- platform/x86: ideapad-laptop: Add IdeaPad V510-15IKB to no_hw_rfkill (bsc#1051022).

- platform/x86: ideapad-laptop: Add Lenovo Yoga 910-13IKB to no_hw_rfkill dmi list (bsc#1051022).

- platform/x86: ideapad-laptop: Add several models to no_hw_rfkill (bsc#1051022).

- platform/x86: ideapad-laptop: Add Y520-15IKBN to no_hw_rfkill (bsc#1051022).

- platform/x86: ideapad-laptop: Add Y700 15-ACZ to no_hw_rfkill DMI list (bsc#1051022).

- platform/x86: ideapad-laptop: Add Y720-15IKBN to no_hw_rfkill (bsc#1051022).

- pm / Hibernate: Fix scheduling while atomic during hibernation (bsc#1051059).

- powerpc: Fix DAR reporting when alignment handler faults (bnc#1012382).

- powerpc/pseries: Fix parent_dn reference leak in add_dt_node() (bnc#1012382).

- prctl: propagate has_child_subreaper flag to every descendant (bnc#1022476).

- qeth: fix L3 next-hop im xmit qeth hdr (bnc#1052773, LTC#157374).

- qlge: avoid memcpy buffer overflow (bnc#1012382).

- reiserfs: Do not clear SGID when inheriting ACLs (bsc#1030552).

- Revert 'ACPI / video: Add force_native quirk for HP Pavilion dv6' (bsc#1031717).

- Revert 'net: fix percpu memory leaks' (bnc#1012382).

- Revert 'net: phy: Correctly process PHY_HALTED in phy_stop_machine()' (bnc#1012382).

- Revert 'net: use lib/percpu_counter API for fragmentation mem accounting' (bnc#1012382).

- Revert 'powerpc/numa: Fix percpu allocations to be NUMA aware' (bsc#1048914).

- Revert 'tpm: Issue a TPM2_Shutdown for TPM2 devices.' (kabi).

- rpm/kernel-binary.spec.in: find-debuginfo.sh should not touch build-id This needs rpm-4.14+ (bsc#964063).

- rtnetlink: fix rtnl_vfinfo_size (bsc#1056261).

- s390: export symbols for crash-kmp (bsc#1053915).

- sched/core: Allow __sched_setscheduler() in interrupts when PI is not used (bnc#1022476).

- sched/debug: Print the scheduler topology group mask (bnc#1022476).

- sched/fair, cpumask: Export for_each_cpu_wrap() (bnc#1022476).

- sched/fair: Fix O(nr_cgroups) in load balance path (bnc#1022476).

- sched/fair: Use task_groups instead of leaf_cfs_rq_list to walk all cfs_rqs (bnc#1022476).

- sched/topology: Add sched_group_capacity debugging (bnc#1022476).

- sched/topology: Fix building of overlapping sched-groups (bnc#1022476).

- sched/topology: Fix overlapping sched_group_capacity (bnc#1022476).

- sched/topology: Move comment about asymmetric node setups (bnc#1022476).

- sched/topology: Refactor function build_overlap_sched_groups() (bnc#1022476).

- sched/topology: Remove FORCE_SD_OVERLAP (bnc#1022476).

- sched/topology: Simplify build_overlap_sched_groups() (bnc#1022476).

- sched/topology: Small cleanup (bnc#1022476).

- sched/topology: Verify the first group matches the child domain (bnc#1022476).

- scsi: Add STARGET_CREATE_REMOVE state to scsi_target_state (bsc#1013887).

- scsi: bnx2i: missing error code in bnx2i_ep_connect() (bsc#1048221).

- scsi_devinfo: fixup string compare (bsc#1037404).

- scsi_dh_alua: suppress errors from unsupported devices (bsc#1038792).

- scsi: ILLEGAL REQUEST + ASC==27 => target failure (bsc#1059465).

- scsi: kABI fix for new state STARGET_CREATED_REMOVE (bsc#1013887).

- scsi: megaraid_sas: Check valid aen class range to avoid kernel panic (bnc#1012382).

- scsi: megaraid_sas: Return pended IOCTLs with cmd_status MFI_STAT_WRONG_STATE in case adapter is dead (bnc#1012382).

- scsi: sg: close race condition in sg_remove_sfp_usercontext() (bsc#1064206).

- scsi: sg: factor out sg_fill_request_table() (bnc#1012382).

- scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE (bnc#1012382).

- scsi: sg: off by one in sg_ioctl() (bnc#1012382).

- scsi: sg: remove 'save_scat_len' (bnc#1012382).

- scsi: sg: use standard lists for sg_requests (bnc#1012382).

- scsi: storvsc: fix memory leak on ring buffer busy (bnc#1012382).

- scsi: storvsc: Workaround for virtual DVD SCSI version (fate#320485, bnc#1044636).

- scsi: zfcp: add handling for FCP_RESID_OVER to the fcp ingress path (bnc#1012382).

- scsi: zfcp: fix capping of unsuccessful GPN_FT SAN response trace records (bnc#1012382).

- scsi: zfcp: fix missing trace records for early returns in TMF eh handlers (bnc#1012382).

- scsi: zfcp: fix passing fsf_req to SCSI trace on TMF to correlate with HBA (bnc#1012382).

- scsi: zfcp: fix payload with full FCP_RSP IU in SCSI trace records (bnc#1012382).

- scsi: zfcp: fix queuecommand for scsi_eh commands when DIX enabled (bnc#1012382).

- scsi: zfcp: trace HBA FSF response by default on dismiss or timedout late response (bnc#1012382).

- scsi: zfcp: trace high part of 'new' 64 bit SCSI LUN (bnc#1012382).

- seccomp: fix the usage of get/put_seccomp_filter() in seccomp_get_filter() (bnc#1012382).

- skd: Avoid that module unloading triggers a use-after-free (bnc#1012382).

- skd: Submit requests to firmware before triggering the doorbell (bnc#1012382).

- smb3: Do not ignore O_SYNC/O_DSYNC and O_DIRECT flags (bnc#1012382).

- smb: Validate negotiate (to protect against downgrade) even if signing off (bnc#1012382).

- smsc75xx: use skb_cow_head() to deal with cloned skbs (bsc#1045154).

- sr9700: use skb_cow_head() to deal with cloned skbs (bsc#1045154).

- supported.conf: clear mistaken external support flag for cifs.ko (bsc#1053802).

- swiotlb-xen: implement xen_swiotlb_dma_mmap callback (bnc#1012382).

- sysctl: do not print negative flag for proc_douintvec (bnc#1046985).

- sysctl: fix lax sysctl_check_table() sanity check (bsc#1048893).

- sysctl: fold sysctl_writes_strict checks into helper (bsc#1048893).

- sysctl: kdoc'ify sysctl_writes_strict (bsc#1048893).

- sysctl: simplify unsigned int support (bsc#1048893).

- timers: Plug locking race vs. timer migration (bnc#1022476).

- timer/sysclt: Restrict timer migration sysctl values to 0 and 1 (bnc#1012382).

- tpm: fix: return rc when devm_add_action() fails (bsc#1020645, fate#321435, fate#321507, fate#321600, bsc#1034048, git-fixes 8e0ee3c9faed).

- tpm: Issue a TPM2_Shutdown for TPM2 devices (bsc#1053117).

- tpm: KABI fix (bsc#1053117).

- tpm: read burstcount from TPM_STS in one 32-bit transaction (bsc#1020645, fate#321435, fate#321507, fate#321600, bsc#1034048, git-fixes 27084efee0c3).

- tpm_tis_core: Choose appropriate timeout for reading burstcount (bsc#1020645, fate#321435, fate#321507, fate#321600, bsc#1034048, git-fixes aec04cbdf723).

- tpm_tis_core: convert max timeouts from msec to jiffies (bsc#1020645, fate#321435, fate#321507, fate#321600, bsc#1034048, git-fixes aec04cbdf723).

- tracing: Apply trace_clock changes to instance max buffer (bnc#1012382).

- tracing: Erase irqsoff trace with empty write (bnc#1012382).

- tracing: Fix trace_pipe behavior for instance traces (bnc#1012382).

- tty: fix __tty_insert_flip_char regression (bnc#1012382).

- tty: improve tty_insert_flip_char() fast path (bnc#1012382).

- tty: improve tty_insert_flip_char() slow path (bnc#1012382).

- tty: serial: msm: Support more bauds (git-fixes).

- ubifs: Correctly evict xattr inodes (bsc#1012829).

- ubifs: Do not leak kernel memory to the MTD (bsc#1012829).

- udf: Fix deadlock between writeback and udf_setsize() (bsc#1012829).

- udf: Fix races with i_size changes during readpage (bsc#1012829).

- usb: core: fix device node leak (bsc#1047487).

- vfs: fix missing inode_get_dev sites (bsc#1052049).

- vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets (bnc#1012382).

- video: fbdev: aty: do not leak uninitialized padding in clk to userspace (bnc#1012382).

- Workaround for kABI compatibility with DP-MST patches (bsc#1055493).

- x86/dmi: Switch dmi_remap() from ioremap() to ioremap_cache() (bsc#1051399).

- x86/fpu: Do not let userspace set bogus xcomp_bv (bnc#1012382).

- x86/fsgsbase/64: Report FSBASE and GSBASE correctly in core dumps (bnc#1012382).

- x86/ldt: Fix off by one in get_segment_base() (bsc#1061872).

- x86/LDT: Print the real LDT base address (bsc#1051478).

- x86/mce: Make timer handling more robust (bsc#1042422).

- x86/panic: replace smp_send_stop() with kdump friendly version in panic path (bsc#1051478).

- xen: allocate page for shared info page from low memory (bnc#1038616).

- xen/balloon: do not online new memory initially (bnc#1028173).

- xen: hold lock_device_hotplug throughout vcpu hotplug operations (bsc#1042422).

- xen-netfront: Rework the fix for Rx stall during OOM and network stress (git-fixes).

- xen/pvh*: Support > 32 VCPUs at domain restore (bnc#1045563).

- xfrm: NULL dereference on allocation failure (bsc#1047343).

- xfrm: Oops on error in pfkey_msg2xfrm_state() (bsc#1047653).

- xfs/dmapi: fix incorrect file->f_path.dentry->d_inode usage (bsc#1055896).

- xfs: do not BUG() on mixed direct and mapped I/O (bsc#1050188).

- xfs: Do not clear SGID when inheriting ACLs (bsc#1030552).

- xfs: fix inobt inode allocation search optimization (bsc#1012829).</d></d></max></d></max></d></max></d></ma xa></d></maxa>

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
See Also
https://bugzilla.suse.com/1006180
https://bugzilla.suse.com/1011913
https://bugzilla.suse.com/1012382
https://bugzilla.suse.com/1012829
https://bugzilla.suse.com/1013887
https://bugzilla.suse.com/1019151
https://bugzilla.suse.com/1020645
https://bugzilla.suse.com/1020657
https://bugzilla.suse.com/1021424
https://bugzilla.suse.com/1022476
https://bugzilla.suse.com/1022743
https://bugzilla.suse.com/1022967
https://bugzilla.suse.com/1023175
https://bugzilla.suse.com/1024405
https://bugzilla.suse.com/1028173
https://bugzilla.suse.com/1028286
https://bugzilla.suse.com/1029693
https://bugzilla.suse.com/1030552
https://bugzilla.suse.com/1030850
https://bugzilla.suse.com/1031515
https://bugzilla.suse.com/1031717
https://bugzilla.suse.com/1031784
https://bugzilla.suse.com/1033587
https://bugzilla.suse.com/1034048
https://bugzilla.suse.com/1034075
https://bugzilla.suse.com/1034762
https://bugzilla.suse.com/1036303
https://bugzilla.suse.com/1036632
https://bugzilla.suse.com/1037344
https://bugzilla.suse.com/1037404
https://bugzilla.suse.com/1037994
https://bugzilla.suse.com/1038078
https://bugzilla.suse.com/1038583
https://bugzilla.suse.com/1038616
https://bugzilla.suse.com/1038792
https://bugzilla.suse.com/1039915
https://bugzilla.suse.com/1040307
https://bugzilla.suse.com/1040351
https://bugzilla.suse.com/1041958
https://bugzilla.suse.com/1042286
https://bugzilla.suse.com/1042314
https://bugzilla.suse.com/1042422
https://bugzilla.suse.com/1042778
https://bugzilla.suse.com/1043652
https://bugzilla.suse.com/1044112
https://bugzilla.suse.com/1044636
https://bugzilla.suse.com/1045154
https://bugzilla.suse.com/1045563
https://bugzilla.suse.com/1045922
https://bugzilla.suse.com/1046682
https://bugzilla.suse.com/1046821
https://bugzilla.suse.com/1046985
https://bugzilla.suse.com/1047027
https://bugzilla.suse.com/1047048
https://bugzilla.suse.com/1047096
https://bugzilla.suse.com/1047118
https://bugzilla.suse.com/1047121
https://bugzilla.suse.com/1047152
https://bugzilla.suse.com/1047277
https://bugzilla.suse.com/1047343
https://bugzilla.suse.com/1047354
https://bugzilla.suse.com/1047487
https://bugzilla.suse.com/1047651
https://bugzilla.suse.com/1047653
https://bugzilla.suse.com/1047670
https://bugzilla.suse.com/1048155
https://bugzilla.suse.com/1048221
https://bugzilla.suse.com/1048317
https://bugzilla.suse.com/1048891
https://bugzilla.suse.com/1048893
https://bugzilla.suse.com/1048914
https://bugzilla.suse.com/1048934
https://bugzilla.suse.com/1049226
https://bugzilla.suse.com/1049483
https://bugzilla.suse.com/1049486
https://bugzilla.suse.com/1049580
https://bugzilla.suse.com/1049603
https://bugzilla.suse.com/1049645
https://bugzilla.suse.com/1049882
https://bugzilla.suse.com/1050061
https://bugzilla.suse.com/1050188
https://bugzilla.suse.com/1051022
https://bugzilla.suse.com/1051059
https://bugzilla.suse.com/1051239
https://bugzilla.suse.com/1051399
https://bugzilla.suse.com/1051478
https://bugzilla.suse.com/1051479
https://bugzilla.suse.com/1051556
https://bugzilla.suse.com/1051663
https://bugzilla.suse.com/1051790