SUSE 5008 Published by

The following updates has been released for openSUSE:

openSUSE-SU-2018:4135-1: important: Security update for qemu
openSUSE-SU-2018:4138-1: important: Security update for ghostscript
openSUSE-SU-2018:4140-1: important: Security update for ghostscript
openSUSE-SU-2018:4141-1: important: Security update for cups
openSUSE-SU-2018:4142-1: important: Security update for Chromium
openSUSE-SU-2018:4143-1: important: Security update for Chromium
openSUSE-SU-2018:4144-1: moderate: Security update for tcpdump
openSUSE-SU-2018:4147-1: moderate: Security update for qemu
openSUSE-SU-2018:4148-1: moderate: Security update for openvswitch



openSUSE-SU-2018:4135-1: important: Security update for qemu

openSUSE Security Update: Security update for qemu
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:4135-1
Rating: important
References: #1108474 #1114529
Cross-References: CVE-2018-16847
Affected Products:
openSUSE Leap 15.0
______________________________________________________________________________

An update that solves one vulnerability and has one errata
is now available.

Description:

This update for qemu fixes the following issues:

Security issue fixed:

- CVE-2018-16847: Fixed an out of bounds r/w buffer access in cmb
operations (bsc#1114529).

Non-security issue fixed:

- Fixed serial console issue that triggered a qemu-kvm bug (bsc#1108474).

This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2018-1551=1



Package List:

- openSUSE Leap 15.0 (x86_64):

qemu-2.11.2-lp150.7.15.1
qemu-arm-2.11.2-lp150.7.15.1
qemu-arm-debuginfo-2.11.2-lp150.7.15.1
qemu-block-curl-2.11.2-lp150.7.15.1
qemu-block-curl-debuginfo-2.11.2-lp150.7.15.1
qemu-block-dmg-2.11.2-lp150.7.15.1
qemu-block-dmg-debuginfo-2.11.2-lp150.7.15.1
qemu-block-gluster-2.11.2-lp150.7.15.1
qemu-block-gluster-debuginfo-2.11.2-lp150.7.15.1
qemu-block-iscsi-2.11.2-lp150.7.15.1
qemu-block-iscsi-debuginfo-2.11.2-lp150.7.15.1
qemu-block-rbd-2.11.2-lp150.7.15.1
qemu-block-rbd-debuginfo-2.11.2-lp150.7.15.1
qemu-block-ssh-2.11.2-lp150.7.15.1
qemu-block-ssh-debuginfo-2.11.2-lp150.7.15.1
qemu-debuginfo-2.11.2-lp150.7.15.1
qemu-debugsource-2.11.2-lp150.7.15.1
qemu-extra-2.11.2-lp150.7.15.1
qemu-extra-debuginfo-2.11.2-lp150.7.15.1
qemu-guest-agent-2.11.2-lp150.7.15.1
qemu-guest-agent-debuginfo-2.11.2-lp150.7.15.1
qemu-ksm-2.11.2-lp150.7.15.1
qemu-kvm-2.11.2-lp150.7.15.1
qemu-lang-2.11.2-lp150.7.15.1
qemu-linux-user-2.11.2-lp150.7.15.1
qemu-linux-user-debuginfo-2.11.2-lp150.7.15.1
qemu-linux-user-debugsource-2.11.2-lp150.7.15.1
qemu-ppc-2.11.2-lp150.7.15.1
qemu-ppc-debuginfo-2.11.2-lp150.7.15.1
qemu-s390-2.11.2-lp150.7.15.1
qemu-s390-debuginfo-2.11.2-lp150.7.15.1
qemu-testsuite-2.11.2-lp150.7.15.1
qemu-tools-2.11.2-lp150.7.15.1
qemu-tools-debuginfo-2.11.2-lp150.7.15.1
qemu-x86-2.11.2-lp150.7.15.1
qemu-x86-debuginfo-2.11.2-lp150.7.15.1

- openSUSE Leap 15.0 (noarch):

qemu-ipxe-1.0.0+-lp150.7.15.1
qemu-seabios-1.11.0-lp150.7.15.1
qemu-sgabios-8-lp150.7.15.1
qemu-vgabios-1.11.0-lp150.7.15.1


References:

https://www.suse.com/security/cve/CVE-2018-16847.html
https://bugzilla.suse.com/1108474
https://bugzilla.suse.com/1114529

--


openSUSE-SU-2018:4138-1: important: Security update for ghostscript

openSUSE Security Update: Security update for ghostscript
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:4138-1
Rating: important
References: #1109105 #1111479 #1111480 #1112229 #1117022
#1117274 #1117313 #1117327 #1117331
Cross-References: CVE-2018-17183 CVE-2018-17961 CVE-2018-18073
CVE-2018-18284 CVE-2018-19409 CVE-2018-19475
CVE-2018-19476 CVE-2018-19477
Affected Products:
openSUSE Leap 15.0
______________________________________________________________________________

An update that solves 8 vulnerabilities and has one errata
is now available.

Description:

This update for ghostscript to version 9.26 fixes the following issues:

Security issues fixed:

- CVE-2018-19475: Fixed bypass of an intended access restriction in
psi/zdevice2.c (bsc#1117327)
- CVE-2018-19476: Fixed bypass of an intended access restriction in
psi/zicc.c (bsc#1117313)
- CVE-2018-19477: Fixed bypass of an intended access restriction in
psi/zfjbig2.c (bsc#1117274)
- CVE-2018-19409: Check if another device is used correctly in
LockSafetyParams (bsc#1117022)
- CVE-2018-18284: Fixed potential sandbox escape through 1Policy operator
(bsc#1112229)
- CVE-2018-18073: Fixed leaks through operator in saved execution stacks
(bsc#1111480)
- CVE-2018-17961: Fixed a -dSAFER sandbox escape by bypassing executeonly
(bsc#1111479)
- CVE-2018-17183: Fixed a potential code injection by specially crafted
PostScript files (bsc#1109105)

Version update to 9.26 (bsc#1117331):

- Security issues have been the primary focus
- Minor bug fixes and improvements
- For release summary see: http://www.ghostscript.com/doc/9.26/News.htm

This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2018-1552=1



Package List:

- openSUSE Leap 15.0 (i586 x86_64):

ghostscript-9.26-lp150.2.9.1
ghostscript-debuginfo-9.26-lp150.2.9.1
ghostscript-debugsource-9.26-lp150.2.9.1
ghostscript-devel-9.26-lp150.2.9.1
ghostscript-mini-9.26-lp150.2.9.1
ghostscript-mini-debuginfo-9.26-lp150.2.9.1
ghostscript-mini-debugsource-9.26-lp150.2.9.1
ghostscript-mini-devel-9.26-lp150.2.9.1
ghostscript-x11-9.26-lp150.2.9.1
ghostscript-x11-debuginfo-9.26-lp150.2.9.1

- openSUSE Leap 15.0 (x86_64):

libspectre-debugsource-0.2.8-lp150.2.6.2
libspectre-devel-0.2.8-lp150.2.6.2
libspectre1-0.2.8-lp150.2.6.2
libspectre1-debuginfo-0.2.8-lp150.2.6.2


References:

https://www.suse.com/security/cve/CVE-2018-17183.html
https://www.suse.com/security/cve/CVE-2018-17961.html
https://www.suse.com/security/cve/CVE-2018-18073.html
https://www.suse.com/security/cve/CVE-2018-18284.html
https://www.suse.com/security/cve/CVE-2018-19409.html
https://www.suse.com/security/cve/CVE-2018-19475.html
https://www.suse.com/security/cve/CVE-2018-19476.html
https://www.suse.com/security/cve/CVE-2018-19477.html
https://bugzilla.suse.com/1109105
https://bugzilla.suse.com/1111479
https://bugzilla.suse.com/1111480
https://bugzilla.suse.com/1112229
https://bugzilla.suse.com/1117022
https://bugzilla.suse.com/1117274
https://bugzilla.suse.com/1117313
https://bugzilla.suse.com/1117327
https://bugzilla.suse.com/1117331

--


openSUSE-SU-2018:4140-1: important: Security update for ghostscript

openSUSE Security Update: Security update for ghostscript
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:4140-1
Rating: important
References: #1109105 #1111479 #1111480 #1112229 #1117022
#1117274 #1117313 #1117327 #1117331
Cross-References: CVE-2018-17183 CVE-2018-17961 CVE-2018-18073
CVE-2018-18284 CVE-2018-19409 CVE-2018-19475
CVE-2018-19476 CVE-2018-19477
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that solves 8 vulnerabilities and has one errata
is now available.

Description:

This update for ghostscript to version 9.26 fixes the following issues:

Security issues fixed:

- CVE-2018-19475: Fixed bypass of an intended access restriction in
psi/zdevice2.c (bsc#1117327)
- CVE-2018-19476: Fixed bypass of an intended access restriction in
psi/zicc.c (bsc#1117313)
- CVE-2018-19477: Fixed bypass of an intended access restriction in
psi/zfjbig2.c (bsc#1117274)
- CVE-2018-19409: Check if another device is used correctly in
LockSafetyParams (bsc#1117022)
- CVE-2018-18284: Fixed potential sandbox escape through 1Policy operator
(bsc#1112229)
- CVE-2018-18073: Fixed leaks through operator in saved execution stacks
(bsc#1111480)
- CVE-2018-17961: Fixed a -dSAFER sandbox escape by bypassing executeonly
(bsc#1111479)
- CVE-2018-17183: Fixed a potential code injection by specially crafted
PostScript files (bsc#1109105)

Version update to 9.26 (bsc#1117331):

- Security issues have been the primary focus
- Minor bug fixes and improvements
- For release summary see: http://www.ghostscript.com/doc/9.26/News.htm

This update was imported from the SUSE:SLE-12:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2018-1556=1



Package List:

- openSUSE Leap 42.3 (i586 x86_64):

ghostscript-9.26-14.12.1
ghostscript-debuginfo-9.26-14.12.1
ghostscript-debugsource-9.26-14.12.1
ghostscript-devel-9.26-14.12.1
ghostscript-mini-9.26-14.12.1
ghostscript-mini-debuginfo-9.26-14.12.1
ghostscript-mini-debugsource-9.26-14.12.1
ghostscript-mini-devel-9.26-14.12.1
ghostscript-x11-9.26-14.12.1
ghostscript-x11-debuginfo-9.26-14.12.1
libspectre-debugsource-0.2.7-17.4.2
libspectre-devel-0.2.7-17.4.2
libspectre1-0.2.7-17.4.2
libspectre1-debuginfo-0.2.7-17.4.2


References:

https://www.suse.com/security/cve/CVE-2018-17183.html
https://www.suse.com/security/cve/CVE-2018-17961.html
https://www.suse.com/security/cve/CVE-2018-18073.html
https://www.suse.com/security/cve/CVE-2018-18284.html
https://www.suse.com/security/cve/CVE-2018-19409.html
https://www.suse.com/security/cve/CVE-2018-19475.html
https://www.suse.com/security/cve/CVE-2018-19476.html
https://www.suse.com/security/cve/CVE-2018-19477.html
https://bugzilla.suse.com/1109105
https://bugzilla.suse.com/1111479
https://bugzilla.suse.com/1111480
https://bugzilla.suse.com/1112229
https://bugzilla.suse.com/1117022
https://bugzilla.suse.com/1117274
https://bugzilla.suse.com/1117313
https://bugzilla.suse.com/1117327
https://bugzilla.suse.com/1117331

--


openSUSE-SU-2018:4141-1: important: Security update for cups

openSUSE Security Update: Security update for cups
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:4141-1
Rating: important
References: #1115750
Cross-References: CVE-2018-4700
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for cups fixes the following security issue:

- CVE-2018-4700: Fixed extremely predictable cookie generation that is
effectively breaking the CSRF protection of the CUPS web interface
(bsc#1115750).

This update was imported from the SUSE:SLE-12:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2018-1555=1



Package List:

- openSUSE Leap 42.3 (i586 x86_64):

cups-1.7.5-12.9.1
cups-client-1.7.5-12.9.1
cups-client-debuginfo-1.7.5-12.9.1
cups-ddk-1.7.5-12.9.1
cups-ddk-debuginfo-1.7.5-12.9.1
cups-debuginfo-1.7.5-12.9.1
cups-debugsource-1.7.5-12.9.1
cups-devel-1.7.5-12.9.1
cups-libs-1.7.5-12.9.1
cups-libs-debuginfo-1.7.5-12.9.1

- openSUSE Leap 42.3 (x86_64):

cups-libs-32bit-1.7.5-12.9.1
cups-libs-debuginfo-32bit-1.7.5-12.9.1


References:

https://www.suse.com/security/cve/CVE-2018-4700.html
https://bugzilla.suse.com/1115750

--


openSUSE-SU-2018:4142-1: important: Security update for Chromium

openSUSE Security Update: Security update for Chromium
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:4142-1
Rating: important
References: #1118529 #1119364
Cross-References: CVE-2018-17480 CVE-2018-17481 CVE-2018-18335
CVE-2018-18336 CVE-2018-18337 CVE-2018-18338
CVE-2018-18339 CVE-2018-18340 CVE-2018-18341
CVE-2018-18342 CVE-2018-18343 CVE-2018-18344
CVE-2018-18345 CVE-2018-18346 CVE-2018-18347
CVE-2018-18348 CVE-2018-18349 CVE-2018-18350
CVE-2018-18351 CVE-2018-18352 CVE-2018-18353
CVE-2018-18354 CVE-2018-18355 CVE-2018-18356
CVE-2018-18357 CVE-2018-18358 CVE-2018-18359

Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that fixes 27 vulnerabilities is now available.

Description:

This update to Chromium 71.0.3578.98 fixes the following issues:

Security issues fixed (boo#1118529):

- CVE-2018-17480: Out of bounds write in V8
- CVE-2018-17481: Use after frees in PDFium
- CVE-2018-18335: Heap buffer overflow in Skia
- CVE-2018-18336: Use after free in PDFium
- CVE-2018-18337: Use after free in Blink
- CVE-2018-18338: Heap buffer overflow in Canvas
- CVE-2018-18339: Use after free in WebAudio
- CVE-2018-18340: Use after free in MediaRecorder
- CVE-2018-18341: Heap buffer overflow in Blink
- CVE-2018-18342: Out of bounds write in V8
- CVE-2018-18343: Use after free in Skia
- CVE-2018-18344: Inappropriate implementation in Extensions
- Multiple issues in SQLite via WebSQL
- CVE-2018-18345: Inappropriate implementation in Site Isolation
- CVE-2018-18346: Incorrect security UI in Blink
- CVE-2018-18347: Inappropriate implementation in Navigation
- CVE-2018-18348: Inappropriate implementation in Omnibox
- CVE-2018-18349: Insufficient policy enforcement in Blink
- CVE-2018-18350: Insufficient policy enforcement in Blink
- CVE-2018-18351: Insufficient policy enforcement in Navigation
- CVE-2018-18352: Inappropriate implementation in Media
- CVE-2018-18353: Inappropriate implementation in Network Authentication
- CVE-2018-18354: Insufficient data validation in Shell Integration
- CVE-2018-18355: Insufficient policy enforcement in URL Formatter
- CVE-2018-18356: Use after free in Skia
- CVE-2018-18357: Insufficient policy enforcement in URL Formatter
- CVE-2018-18358: Insufficient policy enforcement in Proxy
- CVE-2018-18359: Out of bounds read in V8
- Inappropriate implementation in PDFium
- Use after free in Extensions
- Inappropriate implementation in Navigation
- Insufficient policy enforcement in Navigation
- Insufficient policy enforcement in URL Formatter
- Various fixes from internal audits, fuzzing and other initiatives
- CVE-2018-17481: Use after free in PDFium (boo#1119364)

The following changes are included:

- advertisements posing as error messages are now blocked
- Automatic playing of content at page load mostly disabled
- New JavaScript API for relative time display


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2018-1557=1



Package List:

- openSUSE Leap 42.3 (x86_64):

chromedriver-71.0.3578.98-189.1
chromedriver-debuginfo-71.0.3578.98-189.1
chromium-71.0.3578.98-189.1
chromium-debuginfo-71.0.3578.98-189.1
chromium-debugsource-71.0.3578.98-189.1


References:

https://www.suse.com/security/cve/CVE-2018-17480.html
https://www.suse.com/security/cve/CVE-2018-17481.html
https://www.suse.com/security/cve/CVE-2018-18335.html
https://www.suse.com/security/cve/CVE-2018-18336.html
https://www.suse.com/security/cve/CVE-2018-18337.html
https://www.suse.com/security/cve/CVE-2018-18338.html
https://www.suse.com/security/cve/CVE-2018-18339.html
https://www.suse.com/security/cve/CVE-2018-18340.html
https://www.suse.com/security/cve/CVE-2018-18341.html
https://www.suse.com/security/cve/CVE-2018-18342.html
https://www.suse.com/security/cve/CVE-2018-18343.html
https://www.suse.com/security/cve/CVE-2018-18344.html
https://www.suse.com/security/cve/CVE-2018-18345.html
https://www.suse.com/security/cve/CVE-2018-18346.html
https://www.suse.com/security/cve/CVE-2018-18347.html
https://www.suse.com/security/cve/CVE-2018-18348.html
https://www.suse.com/security/cve/CVE-2018-18349.html
https://www.suse.com/security/cve/CVE-2018-18350.html
https://www.suse.com/security/cve/CVE-2018-18351.html
https://www.suse.com/security/cve/CVE-2018-18352.html
https://www.suse.com/security/cve/CVE-2018-18353.html
https://www.suse.com/security/cve/CVE-2018-18354.html
https://www.suse.com/security/cve/CVE-2018-18355.html
https://www.suse.com/security/cve/CVE-2018-18356.html
https://www.suse.com/security/cve/CVE-2018-18357.html
https://www.suse.com/security/cve/CVE-2018-18358.html
https://www.suse.com/security/cve/CVE-2018-18359.html
https://bugzilla.suse.com/1118529
https://bugzilla.suse.com/1119364

--


openSUSE-SU-2018:4143-1: important: Security update for Chromium

openSUSE Security Update: Security update for Chromium
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:4143-1
Rating: important
References: #1118529 #1119364
Cross-References: CVE-2018-17480 CVE-2018-17481 CVE-2018-18335
CVE-2018-18336 CVE-2018-18337 CVE-2018-18338
CVE-2018-18339 CVE-2018-18340 CVE-2018-18341
CVE-2018-18342 CVE-2018-18343 CVE-2018-18344
CVE-2018-18345 CVE-2018-18346 CVE-2018-18347
CVE-2018-18348 CVE-2018-18349 CVE-2018-18350
CVE-2018-18351 CVE-2018-18352 CVE-2018-18353
CVE-2018-18354 CVE-2018-18355 CVE-2018-18356
CVE-2018-18357 CVE-2018-18358 CVE-2018-18359

Affected Products:
SUSE Package Hub for SUSE Linux Enterprise 12
______________________________________________________________________________

An update that fixes 27 vulnerabilities is now available.

Description:

This update to Chromium 71.0.3578.98 fixes the following issues:

Security issues fixed (boo#1118529):

- CVE-2018-17480: Out of bounds write in V8
- CVE-2018-17481: Use after frees in PDFium
- CVE-2018-18335: Heap buffer overflow in Skia
- CVE-2018-18336: Use after free in PDFium
- CVE-2018-18337: Use after free in Blink
- CVE-2018-18338: Heap buffer overflow in Canvas
- CVE-2018-18339: Use after free in WebAudio
- CVE-2018-18340: Use after free in MediaRecorder
- CVE-2018-18341: Heap buffer overflow in Blink
- CVE-2018-18342: Out of bounds write in V8
- CVE-2018-18343: Use after free in Skia
- CVE-2018-18344: Inappropriate implementation in Extensions
- Multiple issues in SQLite via WebSQL
- CVE-2018-18345: Inappropriate implementation in Site Isolation
- CVE-2018-18346: Incorrect security UI in Blink
- CVE-2018-18347: Inappropriate implementation in Navigation
- CVE-2018-18348: Inappropriate implementation in Omnibox
- CVE-2018-18349: Insufficient policy enforcement in Blink
- CVE-2018-18350: Insufficient policy enforcement in Blink
- CVE-2018-18351: Insufficient policy enforcement in Navigation
- CVE-2018-18352: Inappropriate implementation in Media
- CVE-2018-18353: Inappropriate implementation in Network Authentication
- CVE-2018-18354: Insufficient data validation in Shell Integration
- CVE-2018-18355: Insufficient policy enforcement in URL Formatter
- CVE-2018-18356: Use after free in Skia
- CVE-2018-18357: Insufficient policy enforcement in URL Formatter
- CVE-2018-18358: Insufficient policy enforcement in Proxy
- CVE-2018-18359: Out of bounds read in V8
- Inappropriate implementation in PDFium
- Use after free in Extensions
- Inappropriate implementation in Navigation
- Insufficient policy enforcement in Navigation
- Insufficient policy enforcement in URL Formatter
- Various fixes from internal audits, fuzzing and other initiatives
- CVE-2018-17481: Use after free in PDFium (boo#1119364)

The following changes are included:

- advertisements posing as error messages are now blocked
- Automatic playing of content at page load mostly disabled
- New JavaScript API for relative time display


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- SUSE Package Hub for SUSE Linux Enterprise 12:

zypper in -t patch openSUSE-2018-1558=1



Package List:

- SUSE Package Hub for SUSE Linux Enterprise 12 (x86_64):

chromedriver-71.0.3578.98-80.1
chromium-71.0.3578.98-80.1


References:

https://www.suse.com/security/cve/CVE-2018-17480.html
https://www.suse.com/security/cve/CVE-2018-17481.html
https://www.suse.com/security/cve/CVE-2018-18335.html
https://www.suse.com/security/cve/CVE-2018-18336.html
https://www.suse.com/security/cve/CVE-2018-18337.html
https://www.suse.com/security/cve/CVE-2018-18338.html
https://www.suse.com/security/cve/CVE-2018-18339.html
https://www.suse.com/security/cve/CVE-2018-18340.html
https://www.suse.com/security/cve/CVE-2018-18341.html
https://www.suse.com/security/cve/CVE-2018-18342.html
https://www.suse.com/security/cve/CVE-2018-18343.html
https://www.suse.com/security/cve/CVE-2018-18344.html
https://www.suse.com/security/cve/CVE-2018-18345.html
https://www.suse.com/security/cve/CVE-2018-18346.html
https://www.suse.com/security/cve/CVE-2018-18347.html
https://www.suse.com/security/cve/CVE-2018-18348.html
https://www.suse.com/security/cve/CVE-2018-18349.html
https://www.suse.com/security/cve/CVE-2018-18350.html
https://www.suse.com/security/cve/CVE-2018-18351.html
https://www.suse.com/security/cve/CVE-2018-18352.html
https://www.suse.com/security/cve/CVE-2018-18353.html
https://www.suse.com/security/cve/CVE-2018-18354.html
https://www.suse.com/security/cve/CVE-2018-18355.html
https://www.suse.com/security/cve/CVE-2018-18356.html
https://www.suse.com/security/cve/CVE-2018-18357.html
https://www.suse.com/security/cve/CVE-2018-18358.html
https://www.suse.com/security/cve/CVE-2018-18359.html
https://bugzilla.suse.com/1118529
https://bugzilla.suse.com/1119364

--


openSUSE-SU-2018:4144-1: moderate: Security update for tcpdump

openSUSE Security Update: Security update for tcpdump
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:4144-1
Rating: moderate
References: #1117267
Cross-References: CVE-2018-19519
Affected Products:
openSUSE Leap 15.0
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for tcpdump fixes the following issues:

Security issues fixed:

- CVE-2018-19519: Fixed a stack-based buffer over-read in the print_prefix
function (bsc#1117267)

This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2018-1559=1



Package List:

- openSUSE Leap 15.0 (x86_64):

tcpdump-4.9.2-lp150.2.3.1
tcpdump-debuginfo-4.9.2-lp150.2.3.1
tcpdump-debugsource-4.9.2-lp150.2.3.1


References:

https://www.suse.com/security/cve/CVE-2018-19519.html
https://bugzilla.suse.com/1117267

--


openSUSE-SU-2018:4147-1: moderate: Security update for qemu

openSUSE Security Update: Security update for qemu
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:4147-1
Rating: moderate
References: #1100408 #1106222 #1110910 #1111006 #1111010
#1111013 #1114422
Cross-References: CVE-2018-10839 CVE-2018-15746 CVE-2018-17958
CVE-2018-17962 CVE-2018-17963 CVE-2018-18849

Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that solves 6 vulnerabilities and has one errata
is now available.

Description:

This update for qemu fixes the following issues:

Security issues fixed:

- CVE-2018-10839: Fixed NE2000 NIC emulation support that is vulnerable to
an integer overflow, which could lead to buffer overflow issue. It could
occur when receiving packets over the network. A user inside guest could
use this flaw to crash the Qemu process resulting in DoS (bsc#1110910).
- CVE-2018-15746: Fixed qemu-seccomp.c that might allow local OS guest
users to cause a denial of service (guest crash) by leveraging
mishandling of the seccomp policy for threads other than the main thread
(bsc#1106222).
- CVE-2018-17958: Fixed a Buffer Overflow in rtl8139_do_receive in
hw/net/rtl8139.c because an incorrect integer data type is used
(bsc#1111006).
- CVE-2018-17962: Fixed a Buffer Overflow in pcnet_receive in
hw/net/pcnet.c because an incorrect integer data type is used
(bsc#1111010).
- CVE-2018-17963: Fixed qemu_deliver_packet_iov in net/net.c that accepts
packet sizes greater than INT_MAX, which allows attackers to cause a
denial of service or possibly have unspecified other impact.
(bsc#1111013)
- CVE-2018-18849: Fixed an out of bounds memory access issue that was
found in the LSI53C895A SCSI Host Bus Adapter emulation while writing a
message in lsi_do_msgin. It could occur during migration if the
'msg_len' field has an invalid value. A user/process could use this flaw
to crash the Qemu process resulting in DoS (bsc#1114422).

Non-security issues fixed:

- Improving disk performance for qemu on xen (bsc#1100408)

This update was imported from the SUSE:SLE-12-SP3:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2018-1563=1



Package List:

- openSUSE Leap 42.3 (i586 x86_64):

qemu-linux-user-2.9.1-50.1
qemu-linux-user-debuginfo-2.9.1-50.1
qemu-linux-user-debugsource-2.9.1-50.1

- openSUSE Leap 42.3 (x86_64):

qemu-2.9.1-50.1
qemu-arm-2.9.1-50.1
qemu-arm-debuginfo-2.9.1-50.1
qemu-block-curl-2.9.1-50.1
qemu-block-curl-debuginfo-2.9.1-50.1
qemu-block-dmg-2.9.1-50.1
qemu-block-dmg-debuginfo-2.9.1-50.1
qemu-block-iscsi-2.9.1-50.1
qemu-block-iscsi-debuginfo-2.9.1-50.1
qemu-block-rbd-2.9.1-50.1
qemu-block-rbd-debuginfo-2.9.1-50.1
qemu-block-ssh-2.9.1-50.1
qemu-block-ssh-debuginfo-2.9.1-50.1
qemu-debugsource-2.9.1-50.1
qemu-extra-2.9.1-50.1
qemu-extra-debuginfo-2.9.1-50.1
qemu-guest-agent-2.9.1-50.1
qemu-guest-agent-debuginfo-2.9.1-50.1
qemu-ksm-2.9.1-50.1
qemu-kvm-2.9.1-50.1
qemu-lang-2.9.1-50.1
qemu-ppc-2.9.1-50.1
qemu-ppc-debuginfo-2.9.1-50.1
qemu-s390-2.9.1-50.1
qemu-s390-debuginfo-2.9.1-50.1
qemu-testsuite-2.9.1-50.1
qemu-tools-2.9.1-50.1
qemu-tools-debuginfo-2.9.1-50.1
qemu-x86-2.9.1-50.1
qemu-x86-debuginfo-2.9.1-50.1

- openSUSE Leap 42.3 (noarch):

qemu-ipxe-1.0.0+-50.1
qemu-seabios-1.10.2-50.1
qemu-sgabios-8-50.1
qemu-vgabios-1.10.2-50.1


References:

https://www.suse.com/security/cve/CVE-2018-10839.html
https://www.suse.com/security/cve/CVE-2018-15746.html
https://www.suse.com/security/cve/CVE-2018-17958.html
https://www.suse.com/security/cve/CVE-2018-17962.html
https://www.suse.com/security/cve/CVE-2018-17963.html
https://www.suse.com/security/cve/CVE-2018-18849.html
https://bugzilla.suse.com/1100408
https://bugzilla.suse.com/1106222
https://bugzilla.suse.com/1110910
https://bugzilla.suse.com/1111006
https://bugzilla.suse.com/1111010
https://bugzilla.suse.com/1111013
https://bugzilla.suse.com/1114422

--


openSUSE-SU-2018:4148-1: moderate: Security update for openvswitch

openSUSE Security Update: Security update for openvswitch
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:4148-1
Rating: moderate
References: #1104467
Cross-References: CVE-2018-17204 CVE-2018-17205 CVE-2018-17206

Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that fixes three vulnerabilities is now available.

Description:

This update for openvswitch to version 2.7.6 fixes the following issues:

These security issues were fixed:

- CVE-2018-17205: Prevent OVS crash when reverting old flows in bundle
commit (bsc#1104467).
- CVE-2018-17206: Avoid buffer overread in BUNDLE action decoding
(bsc#1104467).
- CVE-2018-17204:When decoding a group mod, it validated the group type
and command after the whole group mod has been decoded. The OF1.5
decoder, however, tried to use the type and command earlier, when it
might still be invalid. This caused an assertion failure (via
OVS_NOT_REACHED) (bsc#1104467).

These non-security issues were fixed:

- ofproto/bond: Fix bond reconfiguration race condition.
- ofproto/bond: Fix bond post recirc rule leak.
- ofproto/bond: fix interal flow leak of tcp-balance bond
- systemd: Restart openvswitch service if a daemon crashes
- conntrack: Fix checks for TCP, UDP, and IPv6 header sizes.
- ofp-actions: Fix translation of set_field for nw_ecn
- netdev-dpdk: Fix mempool segfault.
- ofproto-dpif-upcall: Fix flow setup/delete race.
- learn: Fix memory leak in learn_parse_sepc()
- netdev-dpdk: fix mempool_configure error state
- vswitchd: Add --cleanup option to the 'appctl exit' command
- ofp-parse: Fix memory leak on error path in parse_ofp_group_mod_file().
- actions: Fix memory leak on error path in parse_ct_lb_action().
- dpif-netdev: Fix use-after-free error in reconfigure_datapath().
- bridge: Fix memory leak in bridge_aa_update_trunks().
- dpif-netlink: Fix multiple-free and fd leak on error path.
- ofp-print: Avoid array overread in print_table_instruction_features().
- flow: Fix buffer overread in flow_hash_symmetric_l3l4().
- systemd: start vswitchd after udev
- ofp-util: Check length of buckets in ofputil_pull_ofp15_group_mod().
- ovsdb-types: Fix memory leak on error path.
- tnl-ports: Fix loss of tunneling upon removal of a single tunnel port.
- netdev: check for NULL fields in netdev_get_addrs
- netdev-dpdk: vhost get stats fix.
- netdev-dpdk: use 64-bit arithmetic when converting rates.
- ofp-util: Fix buffer overread in ofputil_decode_bundle_add().
- ofp-util: Fix memory leaks on error cases in ofputil_decode_group_mod().
- ofp-util: Fix memory leaks when parsing OF1.5 group properties.
- ofp-actions: Fix buffer overread in decode_LEARN_specs().
- flow: Fix buffer overread for crafted IPv6 packets.
- ofp-actions: Properly interpret "output:in_port".
- ovs-ofctl: Avoid read overrun in ofperr_decode_msg().
- odp-util: Avoid misaligned references to ip6_hdr.
- ofproto-dpif-upcall: Fix action attr iteration.
- ofproto-dpif-upcall: Fix key attr iteration.
- netdev-dpdk: vhost get stats fix.
- netdev-dpdk: use 64-bit arithmetic when converting rates.
- ofp-util: Fix buffer overread in ofputil_decode_bundle_add().
- ofp-util: Fix memory leaks on error cases in ofputil_decode_group_mod().
- ofp-util: Fix memory leaks when parsing OF1.5 group properties.
- odp-util: Fix buffer overread in parsing string form of ODP flows.
- ovs-vsctl: Fix segfault when attempting to del-port from parent bridge.

This update was imported from the SUSE:SLE-12-SP3:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2018-1562=1



Package List:

- openSUSE Leap 42.3 (i586 x86_64):

openvswitch-2.7.6-19.1
openvswitch-debuginfo-2.7.6-19.1
openvswitch-debugsource-2.7.6-19.1
openvswitch-devel-2.7.6-19.1
openvswitch-ovn-central-2.7.6-19.1
openvswitch-ovn-central-debuginfo-2.7.6-19.1
openvswitch-ovn-common-2.7.6-19.1
openvswitch-ovn-common-debuginfo-2.7.6-19.1
openvswitch-ovn-docker-2.7.6-19.1
openvswitch-ovn-host-2.7.6-19.1
openvswitch-ovn-host-debuginfo-2.7.6-19.1
openvswitch-ovn-vtep-2.7.6-19.1
openvswitch-ovn-vtep-debuginfo-2.7.6-19.1
openvswitch-pki-2.7.6-19.1
openvswitch-test-2.7.6-19.1
openvswitch-test-debuginfo-2.7.6-19.1
openvswitch-vtep-2.7.6-19.1
openvswitch-vtep-debuginfo-2.7.6-19.1
python-openvswitch-2.7.6-19.1
python-openvswitch-test-2.7.6-19.1


References:

https://www.suse.com/security/cve/CVE-2018-17204.html
https://www.suse.com/security/cve/CVE-2018-17205.html
https://www.suse.com/security/cve/CVE-2018-17206.html
https://bugzilla.suse.com/1104467

--