SUSE 5008 Published by

The following updates has been released for openSUSE:

openSUSE-SU-2018:2693-1: moderate: Security update for qemu
openSUSE-SU-2018:2694-1: moderate: Security update for php5
openSUSE-SU-2018:2695-1: moderate: Security update for compat-openssl098



openSUSE-SU-2018:2693-1: moderate: Security update for qemu

openSUSE Security Update: Security update for qemu
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:2693-1
Rating: moderate
References: #1094898 #1098735 #1102604 #1103628 #1105279

Cross-References: CVE-2018-12617
Affected Products:
openSUSE Leap 15.0
______________________________________________________________________________

An update that solves one vulnerability and has four fixes
is now available.

Description:

This update for qemu fixes the following issues:

This security issue was fixed:

- CVE-2018-12617: qmp_guest_file_read had an integer overflow that could
have been exploited by sending a crafted QMP command (including
guest-file-read with a large count value) to the agent via the listening
socket causing DoS (bsc#1098735)

These non-security issues were fixed:

- Allow kvm group access to /dev/sev (bsc#1102604).
- Fix for the value used for reduced_phys_bits. Please update the
reduced_phys_bits value used on the commandline or in libvirt XML to the
value 1 (explicitly set now in QEMU code). (bsc#1103628)
- Fix (again) the qemu guest agent udev rule file, which got unfixed in a
series of unfortunate events (bsc#1094898 and now bsc#1105279)

This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2018-996=1



Package List:

- openSUSE Leap 15.0 (noarch):

qemu-ipxe-1.0.0-lp150.7.9.1
qemu-seabios-1.11.0-lp150.7.9.1
qemu-sgabios-8-lp150.7.9.1
qemu-vgabios-1.11.0-lp150.7.9.1

- openSUSE Leap 15.0 (x86_64):

qemu-2.11.2-lp150.7.9.1
qemu-arm-2.11.2-lp150.7.9.1
qemu-arm-debuginfo-2.11.2-lp150.7.9.1
qemu-block-curl-2.11.2-lp150.7.9.1
qemu-block-curl-debuginfo-2.11.2-lp150.7.9.1
qemu-block-dmg-2.11.2-lp150.7.9.1
qemu-block-dmg-debuginfo-2.11.2-lp150.7.9.1
qemu-block-gluster-2.11.2-lp150.7.9.1
qemu-block-gluster-debuginfo-2.11.2-lp150.7.9.1
qemu-block-iscsi-2.11.2-lp150.7.9.1
qemu-block-iscsi-debuginfo-2.11.2-lp150.7.9.1
qemu-block-rbd-2.11.2-lp150.7.9.1
qemu-block-rbd-debuginfo-2.11.2-lp150.7.9.1
qemu-block-ssh-2.11.2-lp150.7.9.1
qemu-block-ssh-debuginfo-2.11.2-lp150.7.9.1
qemu-debuginfo-2.11.2-lp150.7.9.1
qemu-debugsource-2.11.2-lp150.7.9.1
qemu-extra-2.11.2-lp150.7.9.1
qemu-extra-debuginfo-2.11.2-lp150.7.9.1
qemu-guest-agent-2.11.2-lp150.7.9.1
qemu-guest-agent-debuginfo-2.11.2-lp150.7.9.1
qemu-ksm-2.11.2-lp150.7.9.1
qemu-kvm-2.11.2-lp150.7.9.1
qemu-lang-2.11.2-lp150.7.9.1
qemu-linux-user-2.11.2-lp150.7.9.1
qemu-linux-user-debuginfo-2.11.2-lp150.7.9.1
qemu-linux-user-debugsource-2.11.2-lp150.7.9.1
qemu-ppc-2.11.2-lp150.7.9.1
qemu-ppc-debuginfo-2.11.2-lp150.7.9.1
qemu-s390-2.11.2-lp150.7.9.1
qemu-s390-debuginfo-2.11.2-lp150.7.9.1
qemu-testsuite-2.11.2-lp150.7.9.1
qemu-tools-2.11.2-lp150.7.9.1
qemu-tools-debuginfo-2.11.2-lp150.7.9.1
qemu-x86-2.11.2-lp150.7.9.1
qemu-x86-debuginfo-2.11.2-lp150.7.9.1


References:

https://www.suse.com/security/cve/CVE-2018-12617.html
https://bugzilla.suse.com/1094898
https://bugzilla.suse.com/1098735
https://bugzilla.suse.com/1102604
https://bugzilla.suse.com/1103628
https://bugzilla.suse.com/1105279

--


openSUSE-SU-2018:2694-1: moderate: Security update for php5

openSUSE Security Update: Security update for php5
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:2694-1
Rating: moderate
References: #1096984 #1099098 #1103659 #1105466
Cross-References: CVE-2017-9118 CVE-2018-10360 CVE-2018-12882
CVE-2018-14851
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that fixes four vulnerabilities is now available.

Description:

This update for php5 fixes the following issues:

The following security issues were fixed:

- CVE-2018-10360: Fixed an out-of-bounds read in the do_core_note function
in readelf.c in libmagic.a, which allowed remote attackers to cause a
denial of service via a crafted ELF file (bsc#1096984)
- CVE-2018-14851: Fixed an out-of-bound read in
exif_process_IFD_in_MAKERNOTE, which could be exploited by an attacker
via crafted JPG files, and could result in an application crash.
(bsc#1103659)
- CVE-2018-12882: Fixed an use-after-free in exif_read_from_impl in
ext/exif/exif.c (bsc#1099098)
- CVE-2017-9118: Fixed an out of bounds access in php_pcre_replace_impl
via a crafted preg_replace call (bsc#1105466)

This update was imported from the SUSE:SLE-12:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2018-998=1



Package List:

- openSUSE Leap 42.3 (i586 x86_64):

apache2-mod_php5-5.5.14-103.1
apache2-mod_php5-debuginfo-5.5.14-103.1
php5-5.5.14-103.1
php5-bcmath-5.5.14-103.1
php5-bcmath-debuginfo-5.5.14-103.1
php5-bz2-5.5.14-103.1
php5-bz2-debuginfo-5.5.14-103.1
php5-calendar-5.5.14-103.1
php5-calendar-debuginfo-5.5.14-103.1
php5-ctype-5.5.14-103.1
php5-ctype-debuginfo-5.5.14-103.1
php5-curl-5.5.14-103.1
php5-curl-debuginfo-5.5.14-103.1
php5-dba-5.5.14-103.1
php5-dba-debuginfo-5.5.14-103.1
php5-debuginfo-5.5.14-103.1
php5-debugsource-5.5.14-103.1
php5-devel-5.5.14-103.1
php5-dom-5.5.14-103.1
php5-dom-debuginfo-5.5.14-103.1
php5-enchant-5.5.14-103.1
php5-enchant-debuginfo-5.5.14-103.1
php5-exif-5.5.14-103.1
php5-exif-debuginfo-5.5.14-103.1
php5-fastcgi-5.5.14-103.1
php5-fastcgi-debuginfo-5.5.14-103.1
php5-fileinfo-5.5.14-103.1
php5-fileinfo-debuginfo-5.5.14-103.1
php5-firebird-5.5.14-103.1
php5-firebird-debuginfo-5.5.14-103.1
php5-fpm-5.5.14-103.1
php5-fpm-debuginfo-5.5.14-103.1
php5-ftp-5.5.14-103.1
php5-ftp-debuginfo-5.5.14-103.1
php5-gd-5.5.14-103.1
php5-gd-debuginfo-5.5.14-103.1
php5-gettext-5.5.14-103.1
php5-gettext-debuginfo-5.5.14-103.1
php5-gmp-5.5.14-103.1
php5-gmp-debuginfo-5.5.14-103.1
php5-iconv-5.5.14-103.1
php5-iconv-debuginfo-5.5.14-103.1
php5-imap-5.5.14-103.1
php5-imap-debuginfo-5.5.14-103.1
php5-intl-5.5.14-103.1
php5-intl-debuginfo-5.5.14-103.1
php5-json-5.5.14-103.1
php5-json-debuginfo-5.5.14-103.1
php5-ldap-5.5.14-103.1
php5-ldap-debuginfo-5.5.14-103.1
php5-mbstring-5.5.14-103.1
php5-mbstring-debuginfo-5.5.14-103.1
php5-mcrypt-5.5.14-103.1
php5-mcrypt-debuginfo-5.5.14-103.1
php5-mssql-5.5.14-103.1
php5-mssql-debuginfo-5.5.14-103.1
php5-mysql-5.5.14-103.1
php5-mysql-debuginfo-5.5.14-103.1
php5-odbc-5.5.14-103.1
php5-odbc-debuginfo-5.5.14-103.1
php5-opcache-5.5.14-103.1
php5-opcache-debuginfo-5.5.14-103.1
php5-openssl-5.5.14-103.1
php5-openssl-debuginfo-5.5.14-103.1
php5-pcntl-5.5.14-103.1
php5-pcntl-debuginfo-5.5.14-103.1
php5-pdo-5.5.14-103.1
php5-pdo-debuginfo-5.5.14-103.1
php5-pgsql-5.5.14-103.1
php5-pgsql-debuginfo-5.5.14-103.1
php5-phar-5.5.14-103.1
php5-phar-debuginfo-5.5.14-103.1
php5-posix-5.5.14-103.1
php5-posix-debuginfo-5.5.14-103.1
php5-pspell-5.5.14-103.1
php5-pspell-debuginfo-5.5.14-103.1
php5-readline-5.5.14-103.1
php5-readline-debuginfo-5.5.14-103.1
php5-shmop-5.5.14-103.1
php5-shmop-debuginfo-5.5.14-103.1
php5-snmp-5.5.14-103.1
php5-snmp-debuginfo-5.5.14-103.1
php5-soap-5.5.14-103.1
php5-soap-debuginfo-5.5.14-103.1
php5-sockets-5.5.14-103.1
php5-sockets-debuginfo-5.5.14-103.1
php5-sqlite-5.5.14-103.1
php5-sqlite-debuginfo-5.5.14-103.1
php5-suhosin-5.5.14-103.1
php5-suhosin-debuginfo-5.5.14-103.1
php5-sysvmsg-5.5.14-103.1
php5-sysvmsg-debuginfo-5.5.14-103.1
php5-sysvsem-5.5.14-103.1
php5-sysvsem-debuginfo-5.5.14-103.1
php5-sysvshm-5.5.14-103.1
php5-sysvshm-debuginfo-5.5.14-103.1
php5-tidy-5.5.14-103.1
php5-tidy-debuginfo-5.5.14-103.1
php5-tokenizer-5.5.14-103.1
php5-tokenizer-debuginfo-5.5.14-103.1
php5-wddx-5.5.14-103.1
php5-wddx-debuginfo-5.5.14-103.1
php5-xmlreader-5.5.14-103.1
php5-xmlreader-debuginfo-5.5.14-103.1
php5-xmlrpc-5.5.14-103.1
php5-xmlrpc-debuginfo-5.5.14-103.1
php5-xmlwriter-5.5.14-103.1
php5-xmlwriter-debuginfo-5.5.14-103.1
php5-xsl-5.5.14-103.1
php5-xsl-debuginfo-5.5.14-103.1
php5-zip-5.5.14-103.1
php5-zip-debuginfo-5.5.14-103.1
php5-zlib-5.5.14-103.1
php5-zlib-debuginfo-5.5.14-103.1

- openSUSE Leap 42.3 (noarch):

php5-pear-5.5.14-103.1


References:

https://www.suse.com/security/cve/CVE-2017-9118.html
https://www.suse.com/security/cve/CVE-2018-10360.html
https://www.suse.com/security/cve/CVE-2018-12882.html
https://www.suse.com/security/cve/CVE-2018-14851.html
https://bugzilla.suse.com/1096984
https://bugzilla.suse.com/1099098
https://bugzilla.suse.com/1103659
https://bugzilla.suse.com/1105466

--


openSUSE-SU-2018:2695-1: moderate: Security update for compat-openssl098

openSUSE Security Update: Security update for compat-openssl098
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:2695-1
Rating: moderate
References: #1087102 #1089039 #1097158 #1097624 #1098592

Cross-References: CVE-2018-0732 CVE-2018-0737 CVE-2018-0739

Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that solves three vulnerabilities and has two
fixes is now available.

Description:

This update for compat-openssl098 fixes the following security issues:

- CVE-2018-0732: During key agreement in a TLS handshake using a DH(E)
based ciphersuite a malicious server could have sent a very large prime
value to the client. This caused the client to spend an unreasonably
long period of time generating a key for this prime resulting in a hang
until the client has finished. This could be exploited in a Denial Of
Service attack (bsc#1097158)
- Blinding enhancements for ECDSA and DSA (bsc#1097624, bsc#1098592)
- CVE-2018-0737: The RSA Key generation algorithm has been shown to be
vulnerable to a cache timing side channel attack. An attacker with
sufficient access to mount cache timing attacks during the RSA key
generation process could have recovered the private key (bsc#1089039)
- CVE-2018-0739: Constructed ASN.1 types with a recursive definition (such
as can be found in PKCS7) could eventually exceed the stack given
malicious input with excessive recursion. This could have resulted in
DoS (bsc#1087102).

This update was imported from the SUSE:SLE-12:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2018-997=1



Package List:

- openSUSE Leap 42.3 (i586 x86_64):

compat-openssl098-debugsource-0.9.8j-24.1
libopenssl0_9_8-0.9.8j-24.1
libopenssl0_9_8-debuginfo-0.9.8j-24.1

- openSUSE Leap 42.3 (x86_64):

libopenssl0_9_8-32bit-0.9.8j-24.1
libopenssl0_9_8-debuginfo-32bit-0.9.8j-24.1


References:

https://www.suse.com/security/cve/CVE-2018-0732.html
https://www.suse.com/security/cve/CVE-2018-0737.html
https://www.suse.com/security/cve/CVE-2018-0739.html
https://bugzilla.suse.com/1087102
https://bugzilla.suse.com/1089039
https://bugzilla.suse.com/1097158
https://bugzilla.suse.com/1097624
https://bugzilla.suse.com/1098592

--