Novell is now a part of Micro Focus

Release Notes for SLES 8 zSeries (64-bit mode) Service Pack 4 (SP4)

Knowledgebase

(Last modified: 21MAR2005)


solutions Release Notes for SLES 8 zSeries (64-bit mode) Service Pack 4 (SP4) SuSE Linux Maintenance Web (08f4b37a55f4d336f166de06f4028405)

Applies to

Package: SLES-8-SP-4-s390x-GM-CD1.iso
SLES-8-SP-4-s390x-GM-CD2.iso
Product(s): SuSE Linux Enterprise Server 8 for IBM zSeries

Release: 20050321
Obsoletes: none
Release Notes for SLES 8 zSeries (64-bit mode) Service Pack 4
(SP4)
Please note that you need the Service Pack 3 ISOs / CDs to be able to install Service Pack 4. You always need to install SP3 first! You find it here:
SLES 8 for IBM zSeries (64-bit mode) Service Pack 3 (SP3)
However you are able to start a fresh installation from the SP4 CDs. You will be asked for the SP3 CDs later on then.
Overview
1. Enhancements
1.1 Installation 1.2 Platform/Hardware 1.3 Applications and Tools
2. Maintenance fixes
2.1 Bugfixes 2.2 Security fixes
3. New packages released with SP4
4. Support restrictions
5. Detailed ChangeLog
6. Known Bugs
1. Enhancements
1.1 Installation
  • all installer/YaST2 fixes now available during installation in manual and autoyast mode when booting from Service Pack CD
Important Note: The README on the toplevel of CD1 of this Service Pack contains detailed instructions on the different methods to install this Service Pack. Please read them and referred READMEs carefully.
After applying the update please have a look at the contents of the file /var/adm/rpmconfigcheck. This file contains a list of configuration files which could not be automatically updated. The reason usually is that the installed version was modified. These files have to be checked and the configuration needs to be adjusted manually.
1.2 Platform/Hardware
  • support many new hardware components via driver and PCI ID updates, e.g.
    • consolidated Qlogic driver to version 7.03.00 (qla2x00)
    • updated e1000-new driver to 5.6.10.1
    • updated cciss driver to latest version from 2.4.28-rc2
    • added bcm5700-new driver as 7.3.5
    • included megaide driver
    • updated IBM ServeRAID driver (ips) to 7.10.18
    • update PCI ID list for megaraid2 driver
1.2.1 Kernel driver updates/fixes for new hardware support
S/390 specific fixes
Included IBM Code drops:
  • add IBM code drop 2003-10-31 kernel for the June 2003 stream: Prob-ID: 5098 Crashes, triggered by iucv and ctc when calling dst_link_failure() Prob-ID: 4873 DHCP does not work with HiperSockets guest LAN Prob-ID: 4822 Fixed S390 Debug Feature usage. Prob-ID: 4922 Incorrect calculation of max_blocks in DIAG discipline Prob-ID: 4078 Race Conditions in qeth when more than one osasnmpd is running Prob-ID: 5178 VIPA and Proxy ARP problems on qeth Prob-ID: 4971 avoid hang during initialization on I/O errors Prob-ID: 4797 console: kernel compilation fails in drivers/s390/char/ctrlchar.c Prob-ID: 5108 crashes triggered by s390 network drivers calling dst_link_failure Prob-ID: 4982 fake_ll source MAC problem Prob-ID: 4427 tape: Fix implementation of NOP mtio operation. Prob-ID: 4421 tape: Initially boxed tapes might become invisible. Prob-ID: 5106 z90crypt incorrectly detects PCIXCC as PCICC Prob-ID: 5151 zfcp: SCSI I/O stall due to missed local-link-up event Prob-ID: 5140 zfcp: arbitrary (and bewildering) order of entries in /proc/scsi/zfcp/map Prob-ID: 5135 zfcp: incomplete fix for dynamic SCSI adapter addition in scsi_mod Prob-ID: 5144 zfcp: infinite error recovery escalation for certain port failure
  • add IBM code drop 2003-11-28 kernel for the June 2003 stream: Prob-ID: 5326 PCICCs fail to be detected under z90crypt Prob-ID: 5435 z90crypt doesn't support dynamic device node generation. Prob-ID: 3061 Unable to reconnect when using z/VM 3.1 at remote peer. Prob-ID: 5370 fake_ll problems when IPv6 is not active in qeth Prob-ID: 5289 multicast_router handling for IPv6 on OSA Prob-ID: 5297 sclp: signal shutdown does not work Prob-ID: 5292 zfcp: unwary memory allocation during error recovery
  • add IBM code drop 2003-12-18 kernel for the June 2003 stream: Prob-ID: 5409 DASD driver sets improper default cache mode on ESS Prob-ID: 4676 Massive workload combined with ESS flascopy leading to I/O hang. Prob-ID: 5633 Unnecessary restriction to length of inputdata for MEX request
  • add IBM code drop 2004-01-30 kernel for the June 2003 stream: Prob-ID: 5702 dasd: BUG when pulling/plug in fibers associated with ESS. Prob-ID: 5912 iucv: Disable message interrupts during connection setup Prob-ID: 5805 SCLP: tty driver hangs on write after IOCTL TIOCSCLPSNL. Prob-ID: 5806 SCLP: linemode tty driver causes kernel BUG(). Prob-ID: 5807 SCLP: linemode tty driver hangs during output. Prob-ID: 5808 SCLP: kernel crashes when too many empty buffers are generated. Prob-ID: 5809 SCLP: linemode tty/console driver causes kernel crash. Prob-ID: 5921 qeth/lcs: multicast joins and drops not noticed by drivers Prob-ID: 5923 qeth: IPv6 and VLAN traffic problems Prob-ID: 5924 qeth: interrupt reduction for OSAs Prob-ID: 5925 qeth: fix delete ARP and add/delete ARP response times Prob-ID: 5926 qdio: lock leak in qdio Prob-ID: 5927 qdio: problems with more than 64 adapter interrupt capable devices Prob-ID: 5915 zfcp: unneccessary error recovery for unrecoverable targets
  • add IBM code drop 2004-01-30 kernel for the June 2003 stream (new features): Architecture cleanup:
    • Add header file for 32 bit emulation of I/O controls.
    • Reduce memory usage in the radom device driver by 256KB.
    Common I/O layer cleanup:
    • Remove reset_cons_dev. Nobody uses it.
    • Remove DOIO_CANCEL_ON_TIMEOUT option. Nobody uses it.
    • Remove unused member ulpm from ioinfo structure.
    • Remove unused and broken support for I/O queueing.
    • Remove unused enable_irq/disable_irq interface.
    Fix problem when 64 FCP adapters are initialized simultaneously
    Cleanup and a small enhancement for the dasd device driver:
    • Improved checking for dasd device ranges.
    • Simplified long busy conditions.
    • Add BIODASDQUIESCE and BIODASDRESUME ioctls.
    qeth enhancements:
    • Enhanced SNMP support, works with net-snmp 5 now
    • Reduce interrupts for outgoing packets
    Cleanup for netiucv: allow compiling without procfs.
    Fix system tick misaccounting problem.
    Add virtual timer interface.
    Add Linux - z/VM monitor stream.
    Add collaborative memory mangement interface.
    Add z/VM discontiguous saved segments (DCSS) block device driver.
    Add channel measurement block interface.
    Add interface to read from the z/VM system service records.
    Add new features to the zfcp host adapter driver:
    • Add support for HBA API (FC-HBA) for zfcp.
    • Error recovery enhancements for zfcp.
    Add support for the PCIXCC HW crypto cards.
  • add IBM code drop 2004-03-24 kernel for the June 2003 stream:
    • Prob-ID: 6511 dasd: Duplicate device entry in /proc/dasd/devices
    • Prob-ID: 6608 dasd: problems when setting a DASD device online/offline
    • Prob-ID: 6157 iucv: IUCV send failure.
    • Prob-ID: 6631 iucv: unable to reconnect after reboot
    • Prob-ID: 6097 qeth: incorrect source MAC addresses
    • Prob-ID: 6617 sclp: Console driver causes bottom-half handling despite disabled interrupts.
    • Prob-ID: 6760 sclp: VM guests receiving a signal shutdown may not logoff correctly.
    • Prob-ID: 6842 z90crypt fails to detect devices in domain 15
    • Prob-ID: 6855 z90crypt: Unneeded message "Error in get_crypto_request_buffer: 16"
  • add IBM code drop 2004-03-30 kernel for the June 2003 stream:
    • Prob-ID: 6676 qdio, qeth: improved retry behavior on busy conditions
    • Prob-ID: 7082 xip2: implemented readlink and followlink for classic VFS symbolic links
    • Prob-ID: 6970 z90crypt: certain devices might be detected incorrectly
    • Prob-ID: 7020 z90crypt: possible failure on PCICC with very large request, unnecessary messages in syslog
    • Prob-ID: 7092 zfcp: watchdog for stalled FCP channel
    • Prob-ID: 7035 zfcp_hbaapi: IOCTRL broken if SCSI_SENSE_BUFFERSIZE is changed
  • add IBM code drop 2004-05-18 kernel for the June 2003 stream:
    • Prob-ID: 7640 iucv: restart of multiple IUCV connections fails.
    • Prob-ID: 8210 kernel: mlock() gets stuck in get_user_pages/follow_page.
    • Prob-ID: 8394 qeth: module use count problem in performance statistics.
    • Prob-ID: 7036 zfcp: zfcp logs a wrong message when trying to register a LUN which is already in use.
  • add IBM code drop 2004-06-14 kernel for the June 2003 stream:
    • Prob-ID: 9055 cio: Deferred cc=3 on BASIC SENSE leads to data corruption.
    • Prob-ID: 9211 network: multicast joins and drops not noticed by drivers.
    • Prob-ID: 9191 zfcp: performance patch 1/6.
    • Prob-ID: 9192 zfcp: performance patch 2/6.
    • Prob-ID: 9193 zfcp: performance patch 3/6.
    • Prob-ID: 9194 zfcp: performance patch 4/6.
    • Prob-ID: 9195 zfcp: performance patch 5/6.
    • Prob-ID: 9196 zfcp: performance patch 6/6.
    • Prob-ID: 8674 zfcp: scsi devices set offline.
    • Prob-ID: 7739 zfcp: unable to recover 'local link down' at init time.
  • add IBM code drop 2004-07-14 kernel for the June 2003 stream:
    • Prob-ID: 9704 iucv: Connection lost with high network load.
    • Prob-ID: 8165 Kernel: Lost dirty bits.
    • Prob-ID: 9507 qdio: Omit SVS on z990.
    • Prob-ID: 7312 qdio: Null pointer deref in qdio_unmark_q.
    • Prob-ID: 9567 qdio: Lost initiative for OSA under LPAR.
    • Prob-ID: 9569 tape: Use of debug feature can produce kernel Oops.
    • Prob-ID: 9824 zfcp: Error recovery does not finish after a cable to an ESS ("Shark") is unplugged.
  • add IBM code drop 2004-09-14 kernel for the June 2003 stream:
    • Prob-ID: 10222 dasd: Memory leak in dasd_statistics_write.
    • Prob-ID: 10529 kernel: Partition detection does not work on FBA volumes that have been prepared with CPFMTXA.
    • Prob-ID: 10614 kernel: Fix 31 bit emulation of mmap system call.
    • Prob-ID: 10615 kernel: Fix 31 bit emulation of stat64, lstat64 and fstat64.
    • Prob-ID: 9819 sclp: Console causes system to hang.
    • Prob-ID: 10757 sclp: Startup problem after reboot.
    • Prob-ID: 9757 zfcp: System hang on adapter detach.
    • Prob-ID: 10200 zfcp: Wrong return code of fsf_req_create.
    • Prob-ID: 10583 zfcp: IOCTL handler of CFDC does not check for FSF request completion status.
    • Prob-ID: 10549 zfcp: Wrong handling of rejected ELS commands.
    • Prob-ID: 10709 zfcp: Possible adapter shutdown after invalid CT commands.
    • Prob-ID: 10599 z90crypt: Certain 31-bit ioctl calls are not accepted on 64-bit kernel.
    • Prob-ID: 9373 z90crypt: Backport several bugfixes to service stream for 2.4.
  • add IBM code drop 2004-10-07 kernel for the June 2003 stream:
    • Prob-ID: 11402 dasd: Race in dasd_state_del_to_new().
    • Prob-ID: 11133 qdio: unnecessary queue checks with more than 64 thin interrupt devices.
    • Prob-ID: 11134 qeth: null-pointer dereference when doing query arp on a GuestLAN device.
    • Prob-ID: 11059 qeth: wrong alignment of VLAN tag when using fake_ll.
    • Prob-ID: 11261 zfcp/zfcp_hbaapi: duplicate kfree when sending ELS commands.
    • Prob-ID: 11308 zfcp/zfcp_hbaapi: possible invalid kernel pointer dereference.
    • Prob-ID: 11260 zfcp_hbaapi: possible instability due to incorrect serialization in read/ioctl.
    • Prob-ID: 11518 zfcp: Kernel stack frame for zfcp_cfdc_dev_ioctl() is too big.
    • Prob-ID: 11520 zfcp: Wrong handling of failed FSF requests for ELS commands.
  • add IBM code drop 2004-10-12 kernel for the June 2003 stream:
    • Add Layer 2 support for OSA-Express to qeth network driver.
    • Add z90crypt exploitation of zero-pad function in PCIXCC for the z890/z990 cryptographic cards.
    • New ctcmpc device driver for SNA networking - required for using IBM Communications Server for Linux
  • add IBM code drop 2004-11-02 kernel for the June 2003 stream:
    • Prob-ID: 12107 ctcmpc: Fixes missing channel id (used by chandev) bug and adds additional debug statements.
    • Prob-ID: 12026 dasd: FBA error recovery for 3370 and 9336 not called.
    • Prob-ID: 12029 dasd: FBA requests failing under memory pressure.
    • Prob-ID: 12142 qeth: checksum is generated by stack even with no_checksumming.
    • Prob-ID: 12090 qeth: socket write queue is blocked when network cable is pulled.
    • Prob-ID: 12175 zfcp: FCP port cannot recover after aborted nameserver request.
    • Prob-ID: 11576 zfcp: Insufficient debugging information in /var/log/messages for 'LUN sharing violation'.
    • Prob-ID: 12032 zfcp: Kernel panic possible when a timeout handler of a memory pool is called.
  • add IBM code drop 2004-12-03 kernel for the June 2003 stream:
    • Prob-ID: 12638 dasd: I/O errors in combination with busy condition.
    • Prob-ID: 12472 qdio: Activate the time delay disablement facility.
    • Prob-ID: 12700 qeth: Layer 2 network device stalled after cable had been plugged in again.
    • Prob-ID: 12247 qeth: add check for HiperSockets on z800/z900.
    • Prob-ID: 12549 z90crypt: Timeout running base test.
    • Prob-ID: 11023 zfcp: Kernel oops in recovery.
  • add IBM code drop 2004-12-03 kernel for the June 2003 stream:
    • lcs: Replace the original lcs driver with the backport of the lcs driver for Linux kernel 2.6. Note: The lcs-driver in this patch is functionally equivalent to the kernel 2.6.5 lcs-driver from the "April 2004 stream", up to patch 10, dated 2004-11-30 (Problem-ID: 12485).
  • add IBM code drop 2004-12-14 kernel for the June 2003 stream:
    • Prob-ID: 11402 dasd: Race in dasd_state_new_to_del().
    • Prob-ID: 12756 qeth: HiperSockets transmission failure reason code reporting.
    • Prob-ID: 12734 zfcp: adapter shutdown after protocol status 0x21.
  • add IBM code drop 2005-01-14 kernel for the June 2003 stream:
    • Prob-ID: 11957 dasd: Fixed S390 Debug Feature usage.
    • Prob-ID: 13256 qeth: Check if AIF is available on hardware.
    • Prob-ID: 7305 scsi: Unexpected EIOs on FCP paths during 2105 cluster resumes.
    • Prob-ID: 13044 tape: Access to uninitialized pointer.
    • Prob-ID: 10999 zfcp: Data Miscompares with FCP attached FAStT and cable pull.
    • Prob-ID: 12639 zfcp: Setting a failed CHPID logically offline causes kernel panic.
    • Prob-ID: 13049 zfcp: System crash when trying to attach zFCP scsi luns.
    • Prob-ID: 13075 zfcp: Possible deadlock when syncing SCSI disks on low memory.
    • Prob-ID: 12858 zfcp: z/VM-Guest hang-up on cable pull.
    • Prob-ID: 13337 zfcp_hbaapi: kernel Oops when several clients are running.
    • Prob-ID: 13336 zfcp_hbaapi: various small bug fixes.
  • add IBM code drop 2005-02-14 kernel for the June 2003 stream:
    • Prob-ID: 13913 qeth: dhcpcd does not work.
    • Prob-ID: 12854 tape: Tar or DB/2 backup hangs.
    • Prob-ID: 13816 zfcp: Error in handler of FSF requests 'Send FCP Command'.
1.3 Applications and Tools
  • Updated linux-iscsi toversion 3.6.2
  • Updated jfsutils to version 1.1.7
  • Updated reiserfs tools to version 3.6.19
2. Maintenance fixes
2.1 Bugfixes
Service Pack 4 contains all bugfixes released via the maintenance Web since the GA version. In addition the following packages now getting released with SP4 have seen bugfixes/enhancements:
  • 3ddiag
    • fixed insecure tmp file handling (Bug #33795)
    • Don't send info mail about changes on new products [Bug #21414]
  • acl
    • #35084: Fix a memory leak in acl_init().
    • Fix a long standing bug in acl_get_file() for Default ACLs (that probably was there from hour one): Default acls bigger than the access acl of the same file could not be retrieved; this is very unusual.
    • added change to acl.5 (EAL3)
  • acroread
    • Update to version 5.010 which has a security fix that solves a problem with malformed mail containing pdf attachments (see SUSE bugzilla bug #49257).
    • Security update to version 5.09 buffer overflow/shell meta character vulnerability see bug 43788 or iDEFENSE or the heise online news
  • ami
    • Bugzilla 40452: "LTC8294-Korea: AMI IM caused Seg fault after destroying one of some TextFields": apply fix supplied by Mitsuru CHINEN <mchinen@yamato.ibm.com>.
    • add shift-ctrl-endian-problem.patch, see Bugzilla #32149. Patch thanks to Mitsuru CHINEN <mchinen@yamato.ibm.com>.
    • Bugzilla #32272: add destroy-hanja-dialog.patch to fix segfault after some operations for the candidate window.
    • Bugzilla #26766: apply 64bit and endianness patches for all platforms. Thanks to Mitsuru Chinen <mchinen@yamato.ibm.com> for noticing this and his explanation. Applying these patches always is necessary because the problems are caused by the difference of endianness between a server and a client. Applying these patches for all platforms should be safe, I do that in the the SuSE 9.0 packages already since June and no problems occured so far.
    • fix the rest of Bugzilla #26766: make it work with mlterm as well. Again many thanks to Mitsuru Chinen <mchinen@yamato.ibm.com> for the explanation how to fix it.
    • Fix bigendian problem #27181 for all ppc, ppc64, and s390 too.
    • Bugzilla #27181: fix endianness problem to make ami detect KDE correctly.
    • Bugzilla #26766: apply fix from Mitsuru Chinen for 64bit architectures.
  • apache-devel
    • security fixes from 1.3.31 [#40611]:
      • CAN-2004-0174 (cve.mitre.org) Fix starvation issue on listening sockets where a short-lived connection on a rarely-accessed listening socket will cause a child to hold the accept mutex and block out new connections until another connection arrives on that rarely-accessed listening socket. Enabled for some platforms known to have the issue (accept() blocking after select() returns readable). Define NONBLOCK_WHEN_MULTI_LISTEN if needed for the platform and not already defined.
      • CAN-2003-0987 (cve.mitre.org) Verification as to whether the nonce returned in the client response is one we issued ourselves by means of a AuthDigestRealmSeed secret exposed as an md5(). See mod_digest documentation for more details. The experimental mod_auth_digest.c does not have this issue.
      • CAN-2003-0020 (cve.mitre.org) Escape arbitrary data before writing into the errorlog. Unescaped errorlogs are still possible using the compile time switch "-DAP_UNSAFE_ERROR_LOG_UNESCAPED".
    • security fix for mod_ssl: fix buffer overflow in ssl_util_uuencode() [#40791]
    • security fix (CAN-2003-0993): Allow and Deny rules with IP addresses (e.g. 192.168.1.1) where parsed incorrectly on 64-bit platforms with big endianness. It only affected IP addresses with no netmask definition. [#35450] htt p://nagoya.apache.org/bugzilla/show_bug.cgi?id=23850 apply the patch only on s390x.
    • security fix (CAN-2003-0542): fix buffer overflows in mod_alias and mod_rewrite that are possible when using a regular expression with more than 9 captures [#32756]
    • rmeove 0host entries for pidfile and logfiles, which alarmed our patchrpm breakage tests
  • apache
    • security fix from 1.3.33: [CAN-2004-0940 (cve.mitre.org)]: mod_include: Fix potential buffer overflow with escaped characters in SSI tag string. [#47740]
    • security fix from mod_ssl 2.8.20: [CAN-2004-0885 (cve.mitre.org)]: fix SSLCipherSuite bypass in mod_ssl [#47117]
    • Applied some gaurds against invalid ctx pointers in mod_ssl. [#33968] mod_ssl-2.8.10-paranoid-pointer-2.diff was an unsuccessful PTF previously.
    • Security fix from mod_ssl 2.8.19: fix ssl_log() related format string vulnerability in mod_proxy hook functions. [#43114]
    • security fix in mod_proxy: Reject responses from a remote server if sent an invalid (negative) Content-Length. [#41970], CAN-2004-0492
    • use "chown -Rh" where needed after last fileutils change
    • security fixes from 1.3.31 [#40611]:
      • CAN-2004-0174 (cve.mitre.org) Fix starvation issue on listening sockets where a short-lived connection on a rarely-accessed listening socket will cause a child to hold the accept mutex and block out new connections until another connection arrives on that rarely-accessed listening socket. Enabled for some platforms known to have the issue (accept() blocking after select() returns readable). Define NONBLOCK_WHEN_MULTI_LISTEN if needed for the platform and not already defined.
      • CAN-2003-0987 (cve.mitre.org) Verification as to whether the nonce returned in the client response is one we issued ourselves by means of a AuthDigestRealmSeed secret exposed as an md5(). See mod_digest documentation for more details. The experimental mod_auth_digest.c does not have this issue.
      • CAN-2003-0020 (cve.mitre.org) Escape arbitrary data before writing into the errorlog. Unescaped errorlogs are still possible using the compile time switch "-DAP_UNSAFE_ERROR_LOG_UNESCAPED".
    • security fix for mod_ssl: fix buffer overflow in ssl_util_uuencode() [#40791]
    • security fix (CAN-2003-0993): Allow and Deny rules with IP addresses (e.g. 192.168.1.1) where parsed incorrectly on 64-bit platforms with big endianness. It only affected IP addresses with no netmask definition. [#35450] htt p://nagoya.apache.org/bugzilla/show_bug.cgi?id=23850 apply the patch only on s390x.
    • security fix (CAN-2003-0542): fix buffer overflows in mod_alias and mod_rewrite that are possible when using a regular expression with more than 9 captures [#32756]
    • remove 0host entries for pidfile and logfiles, which alarmed our patchrpm breakage tests
  • arts
    • fix a security issue in temp file handling (by Waldo #42486)
    • Make artsdsp abort on x86_64 when trying to run a 32 bit application.
  • autoyast2
    • Bug #42979 L3: Module options not copied into installed system
    • #34437, #36278: Fixed DTD
    • #33849: creating 4 primary partitions with control created with backup module not possible
    • #36459: Dont complain about needed space during partitioning, this is done when configuring software
    • #33871: Added script for creating CDs from multiple sources
    • #33899: Set intial installation language
    • #33848: clone software selection correctly
    • doc updates
    • #33844: Support for LVs over RAID
  • cadaver
    • really fix security problems in libneon (#41725)
    • fix security problems in libneon (#41725)
  • cups
    • fixed problem in new passwd file generation (bugzilla#49370)
    • xpdf security fix, CAN-2005-0064 (bugzilla#49840)
    • xpdf security fix, CAN-2004-1125 (bugzilla#49463)
    • DoS attack not fixed; not affected (bugzilla#49545)
    • lppasswd security fix, CAN-2004-1268 (bugzilla#49370)
    • hpgltops security fix, CAN-2004-1267 (bugzilla#49369)
    • additional xpdf fixes CAN-2004-0888, CAN-2004-0889 (bugzilla#44963)
    • fixed ogonki (bugzilla#31756)
    • fixes for pdftops, CAN-2004-0888, CAN-2004-0889 (bugzilla#44963)
    • additional fixes for cupsomatic, CAN-2004-0801 (bugzilla#44233)
    • fixed security problem in cupsomatic, CAN-2004-0801 (bugzilla#44233)
    • fix for DoS with zero len UDP packages (bugzilla#44088)
    • fix for 64bit arthimetic/casting problems in sleep() (bugzilla#40880)
    • pam2 config files now installed on non-i386 arch (bugzilla#39920)
    • /usr/lib now replaced by architecture dependend path (bugzilla#39385)
  • cvs
    • fix the patch for malformed Entry lines (cvs-1.12.7-exploit-fix) (#42397)
    • update last patch to fix WinCVS support (20040521 version)
    • new krahmer+esser security fix for (#39773)
      • error_prog_name "double-free()" (SE) CAN-2004-0416
      • argument integer overflow (SK) CAN-2004-0417
      • serve_notify() out of bound writes (SK) CAN-2004-0418
    • expoit-fix for malformed Entry lines. This can be exploited via a buffer overflow (#39773)
    • fix pserver client side leak (#36659)
    • fix format string vulnerability (#33851)
    • added security patch for modules path (#33631)
  • cyrus-sasl
    • Bugfix ID#46847 - VUL-0: SASL environment variable local root
  • devs
    • fix permissions of /dev/perfctr (#49581)
    • create ttyS1 node for VT220 on s390* (bug #29239)
    • create 12 iseries/vt0 nodes (#24495)
    • Remove special fb* device numbers for SPARC, use standard one
    • makedevs.floppy: don't create devices for ix86 specific devices on SPARC
  • dhcp-server
    • add another patch related to the VU#317350 fix, restricting the length of client provided fqdn (for use as DDNS domain name) to 255 characters, as found in the dhcp-3.0.1rc14 tarball, and as recommended by ISC. [#41975]
    • security fixes [#41975]:
      • fix buffer overflow in the DHCP server that can be exploited by the client by specifying multiple 'hostnames' to execute arbitrary code or at least crash the server. VU#317350
      • add patch to use vsnprintf() instead of vsprintf() calls. VU#654390
      • use mkstemp() to create temp files [#40267]
      • dhcrelay: add patch from Florian Lohoff (slightly modified), that makes the maximal hop count of forwarded packages configurable (-c maxcount), sets the default to 4, and rejects packages with a hop count higher than maxcount (CAN-2003-0039, http://www.kb.cert.org/vuls/id/149953). Add a variable to /etc/sysconfig/dhcrelay to pass such additional options. [#31963]
    • when copying include files into the chroot jail, create subdirectories as needed, thus retaining the path to the files (closes bug [#28284])
    • remove 0host filelist entries and preun creation of pid files, since it catches the attention of the patchrpm breakage tests. Clean up the libraries from the jail when the server is stopped.
    • Don't send update messages on UnitedLinux [#26460]
  • dprobes
    • Work with new grammar
  • drbd
    • Fix #43582: Build module correctly on x86_64.
    • Upgrade to 0.6.13 to fix #42885: Data corruption if secondary node fails during sync.
    • Update to 0.6.12 from upstream, most critical fixes:
    • With the non-blocking IO hints, a bug was introduced that could lead to partially sent IO hints. -> loss of connetion. This issue is fixed now.
    • Fix for timeout when asender is dead; this could lead to a "stalled" Primary.
    • Sending of IO hints is done non-blocking; this fixes blocking bottom halves or bdflush and the like in low memory situations; by Lars Ellenberg.
    • Finally fixed the remaining race cases where the Primary could lock up when Secondary failed during sync.
    • Fail IO if not primary.
    • Reparent processes to init if parent dies.
    • We don't need kernel-source to build.
    • km_ Makefile updated.
  • enscript
    • fix patch for CAN-2004-1186 (#49680)
    • Add three security fixes CAN-2004-1184,1185,1186 (bug #49680)
    • Adopt CAN-2004-1184 to enscript 1.6.2
  • ethereal
    • fixed security bugs in HTTP, SMB, X11 dissectors and invalid RTP timestamp [#49253] (CAN-2004-1140, CAN-2004-1141, CAN-2005-0084, CAN-2004-1142)
    • fixed missed security bugs (in SIP, AIM, SPNEGO and MMSE dissectors) [#47183] enpa-sa-00014 (CAN-2004-0504, CAN-2004-0505, CAN-2004-0506, CAN-2004-0507)
    • fixed security bugs (in iSNS, SMB and SNMP dissectors) [#42820] enpa-sa-00015 (CAN-2004-0633, CAN-2004-0634, CAN-2004-0635)
    • added missing online help [#39518]
    • updated to version 0.10.3 (security update) [#35449] * several security fixes; enpa-sa-00013; CAN-2004-0176 CAN-2004-0367, CAN-2004-0365
    • fixed default filter (ipv6 problem)
    • fixed locating manuf file in /etc [#34386]
    • removed obsoleted patches
    • fixed security bug (in SMB dissectors);[#33650] enpa-sa-00012
    • fixed security bugs (in GTP,ISAKMP,SOCKS dissectors); enpa-sa-00011
  • file
    • Fix some buffer overflows (bug #48576)
  • freeradius
    • added remote crasher fixes (#47389)
      • CAN-2004-0938
      • CAN-2004-0960
      • CAN-2004-0961
    • security Fix for remote denial-of-dervice attack by sending a malformed package (#33321)
  • freeradius-devel
    • security Fix for remote denial-of-dervice attack by sending a malformed package (#33321)
    • security-fix for buffer-overflow in CHAP implementation (#27892)
  • freeswan
    • Fix for certificate chain authentication bug (#42153)
  • gawk
    • Replace igawk with version from gawk-3.1.3 [#33932].
  • gcc
    • Fix using custom allocators for basic_strings in libstdc++. (#40711)
    • Integrated overlaying temp stackslots problems fix from Michael Matz (LTC#7624, SUSE#39078)
    • Fix miscompilation in rdist [#33343].
    • Fixed double null pointer check deletion problem on architectures with more than 1 CC. (#34257)
    • Make ios::copyfmt copy the imbued locale (#34327)
    • Use cmpstrsi instead of doing unsafe strcmp->memcmp transformation. (#33963)
    • Don't discard GOT pointer if only used in a catch handler (#33987)
    • Make loop transformation regard REG_EQUAL notes (#34193)
    • No seperate version for ppc
  • gd
    • fixed more overflows - CAN-2004-0941 [#47666]
    • fixed several integer overflows [#47666]
  • gdk-pixbuf
    • add unresolved external reference (SuSE Bug Id #45423)
    • added patches for
      • CAN-2004-0782 Heap-based overflow in pixbuf_create_from_xpm
      • CAN-2004-0783 Stack-based overflow in xpm_extract_color
      • CAN-2004-0788 ico loader integer overflow. (SUSE Bug Id#44100)
  • gdm2
    • attach patch to prevent a possible DoS Attack in gdm Bug Id #32314
    • rename the actual gdm binary (gdm-binary) to gdm for rcxdm to be able to start and shutdown gdm (Bug Id#31149)
  • glibc
    • removed crap-o-matic parallel build code that fails every other time, replaced it with %jobs macro
    • Add partial fix for [Bug #48330] (possible loop in getaddrinfo)
    • Add dns-network security patch [Bug #47900]
    • Use malloc for buffer in dns-host, dns-network and res_query [Bug #47750]
    • Add backport of backtrace functionality for ia64 [#42870].
    • Fix makecontext with more than 6 arguments on x86-64 [#40546].
    • Fix poll syscall interface [#39587].
    • Fixed ppc tcsetattr patch, removed unneeded hunk which breaks stty.
    • Fix tcsetattr on PPC
    • Changed struct ucontext for ppc and ppc64 to fit the glibc-2.3 version. Is still binary compatible to both kernel and userland. LTC#5172/SUSE#32813.
    • added pt_chown.5 man-page (EAL3)
    • Fix getgrouplist patch
    • Add getgrouplist fix for too much groups
    • AMD64: fix s_ceill and s_floorl
    • PPC: Fix pthread spin lock problem [Bug #33148]
    • IA64: Fix pthread spin lock problem [Bug #33090]
  • gnome-vfs2
    • Replaced insecure old extfs modules by fixed modules from mc, fixed the rest (CAN-2004-0494, CRD: 04.08.2004) (#43152).
  • gnome-vfs
    • Replaced insecure old extfs modules by fixed modules from mc, fixed the rest (CAN-2004-0494, CRD: 04.08.2004) (#43152).
  • gpm
    • fixed segfault, when opening console failed (bug #31970)
  • gtk2
    • added patches for
      • CAN-2004-0782 Heap-based overflow in pixbuf_create_from_xpm
      • CAN-2004-0783 Stack-based overflow in xpm_extract_color
      • CAN-2004-0788 ico loader integer overflow. (SUSE Bug Id#44100)
  • heimdal
    • fixed cross-realm vulnerability [#37079]
    • fixed segfault in krb5_get_init_creds_password [#33485]
    • fixed changing password against MIT server [#27320]
  • htdig
    • Fix a cross site scripting flaw as found by Michael Krax; apply the patch proposed by Phil Knirsch (modified for version 3.1.6); CAN-2005-0085 [# 50238].
    • add patch from stable (htsearch_64.patch) to fix #49619 to make htsearch work
  • imlib
    • Even more additional XPM security fixes. #48061
    • Also apply the patch to the cut & pasted BMP loader in Imlib/.
    • Added additional overflow checks to BMP loader.
    • fixed buffer overflow in BMP loader. CAN-2004-0817,#44228
  • iptables
    • fixed uninitialised variable [#47850] - CAN-2004-0986
    • configure kernel source
  • ircd
    • Apply patch to prevent buffer overflow in m_join()
  • java2
  • jfsutils
    • Update to 1.1.7 [#49728]
  • kdelibs3
    • protect against ftp command injection (#49034, SWAMP 101)
    • fix Konqueror Window Injection Vulnerability (#49194)
    • hide passwords in URLs when they are visible to the user
    • update patch for Frame Injection in khtml, fixing a regression (wrong frames might get used)
    • fix possible Frame Injection in khtml (by Waldo #43271)
    • fix for unsecure tmp file handling (by Waldo #42486)
    • security fix telnet service (#11606) files could have been overwritten or created
    • email addresses were used as direct command line argument with kmail
  • k_deflt
    • tagged SLES8_SP4_RC1
    • disable bcm5700-new test code to fix problem with unresolved symbols (SUSE50674)
    • update IBM ServeRAID driver (ips.c) to 7.10.18
    • patches.common/qla2xxx-disable-fdmi: Disable FDMI for qla2xxx (SUSE50738).
    • patches.common/scsi-addsingledev-online patches.common/scsi-ltcbzid-12614-lvm-mp.diff Fix online behaviour of SCSI-disks if fcp connection is lost (SUSE50607)
    • JFS: Handle out of space errors more gracefully (SUSE50945)
    • patches.common/xattr-race-minimal-fix.diff: Fix race in xattr sharing (SUSE50424).
    • fix usb-serial driver, bring it to 2.4.28 level (bug SUSE48489) remove obsolete patches.common/usb-serial-palm-sched_oops.patch add patches.common/usb-serial-2.4-1.1438.6.5.patch http://linux.bkbits.net:8080/linux-2.4/cset@40cef0fbpF3A_edUhi8H a2Qi09Batw add patches.common/usb-serial-2.4-1.1482.2.2.patch http://linux.bkbits.net:8080/linux-2.4/cset@4186b9cdrEhF6Csz1SSx 9dzswhwG8Q
    • add new PCI IDs to megaraid2 driver (SUSE50720)
    • S/390: build sclp_cpi as module (SUSE49607).
    • patches.common/natsemi-long-cable-fix: add module option to disable natsemi short cable hack (SUSE46903)
    • disable old qla2xxx v6 driver for ppc64 and use new version v7
    • patches.common/xattr-sharing-bug.diff: Fix long-standing xattr sharing bug (#50424).
    • update e1000-new driver to 5.6.10.1
    • consolidate qla2xxx drivers to version v7.03.00
    • add patches.common/scsi-define-task-aborted Fix STATUS mask and define TASK_ABORTED (#49150)
    • add patches.common/scsi-increase-error-timeout Increase error timeout to avoid races (#49692)
    • add patches.s390/s390-tape-defcc-common S390: fix tape tar or db2 backups hang (#49781)
    • add patches.s390/linux-2.4.22-s390-20-june2003-patches/* S/390: Include official IBM codedrop.
    • add patches.s390/linux-2.4.23-s390-21-june2003-patches/* S/390: Include official IBM codedrop.
    • Removed obsolete patches.
    • fix oops in generic_file_direct_IO (#48909 - LTC12515)
    • JFS: remove buggy txAbortCommit, and use txAbort instead (#50430 - LTC13830)
    • fix ia64 that got broken by the fix to #49896
    • Disable rawio readv/writev implementation (andrea, #48530)
    • fix potential problem with overlapping VMAs (#49896)
    • add missing check to vt resizing code (#49171)
    • UML does not have audit subsystem
    • fix race in SMP page fault handler; correct version (#49652)
    • fix audit subsystem filtering flaw (#49801)
    • fix race in SMP page fault handler (#49652)
    • add missing mmap_sem around do_brk calls (#49492)
    • patches.s390/s390-hsi-disable-time-delay.patch Fix hipersockets (49639 - LTC13256).
    • patches.common/cmsg-compat-signedness-fix: one of the size checks was wrong and broke some 32bit applications on 64bit kernels (49517).
    • add some more entries to scsi_scan blacklist (#49498)
    • patches.common/igmp-fix: use final version of fix (#48895)
    • patches.common/usb-storage-reset-device: only allow usb-storage to reset if it owns the whole device (#38798, #35425)
    • patches.common/x86_64-int80: fix roothole in x86_64 int80 handler (#49210)
    • patches.common/lkcd-e1000-netpoll: provide API required by LKCD netdump to e1000 driver (49083).
    • add patches.ppc/ibm-ppc64-vmx-signal.patch improve vmx context switching (#47367 - LTC11883)
    • update patches.ia64/linux-2.4.21-ia64-030702 move the include/linux/pci_ids.h change out of the way
    • patches.common/cmsg-compat-signedness-fix: CMSG compat code needs signedness fixes too. (49047).
    • patches.common/cmsg-signedness: Fix CMSG validation checks wrt. signedness. (49047).
    • patches.common/fix-ip-options-leak: Do not leak IP options. (49057).
    • patches.common/igmp-fix: fix possible DoS in igmp code (#48895)
    • patches.common/serialize-dgram-read.diff: Serialize dgram read using semaphore just like stream (#48427).
    • add patches.s390/qeth-transmission-failures.patch Fix qeth transmission failures (48706 - LTC12756)
    • add patches.s390/linux-2.4.21-s390-20-june2003-patches/* S/390: Include official IBM codedrop.
    • add patches.s390/linux-2.4.21-s390-21-june2003 S/390: Include official LCS driver update
    • Removed obsolete patches.
    • patches.common/sg-sles8-fixes-update: missed one place where proc output needs to drop the lock.
    • patches.common/elf-loader-setuid: additional checks for elf loader vulnerability
    • patches.common/cciss-update:
    • patches.common/cciss-device-id: use new PCI ID for new cciss driver (#45148)
    • patches.common/fix-aout-leak: fix a.out leaking fds and memory (#48199)
    • patches.common/elf-loader-setuid: fix ELF loader when handling setuid binaries (#45632)
    • patches.s390/lcs-driver-update S/390 LCS network driver update (#34111)
    • patches.common/cciss-update: update cciss driver to latest version from 2.4.28-rc2 (#45148)
    • patches.common/smbfs-overflows: included additional fixes (#46204)
    • patches.ia64/linux-2.4.21-ia64-030702: fix trivial reject in pci.ids file
    • moved tag SLES8_SP4_BETA1
    • patches.common/fix-cciss-x86_64: make cciss driver at least compile on x86_64
    • tagged SLES8_SP4_BETA1
    • config/*/*:
    • patches.common/bcm5700-new:
    • patches.common/bcm5700-new-adapt: add version 7.3.5 of bcm5700 driver as "bcm5700-new"
    • patches.common/10_try-cciss-only-4G-1:
    • patches.common/cciss-update: update cciss driver to 2.4.52 instead of cloning it
    • add patches.s390/linux-2.4.21-s390-19-june2003-patches/* Update to official IBM codedrop.
    • Removed obsolete patches.
    • Added compatible ioctls for softdog (#40925).
    • Update the sg fix patch (#47458)
    • Fix leak on building SCSI command blocks (#47817)
    • add patches.common/usb-drivers-memset.patch fix some memleak to userspace in some usb drivers (#47595)
    • patches.common/fix-clear_LDT-wrong-context: clear_LDT sometimes was called in the wrong context (#47430)
    • add patches.common/cciss_2442_to_2448_x86_64.patch add patches.common/cciss_2448_to_2452_x86_64.patch update cciss also on x86_64 (#45148)
    • add patches.ppc/ibm-ppc64-signal-set-current-state.patch add memory barrier after chaning current->state (#47603 - LTC11921)
    • patches.common/fix-get_user_pages: fix broken get_user_pages; properly account reserved pages (#47337, #47343)
    • patches.common/scsi-complete-account: Fix SCSI io accounting locking (47322, axboe@suse.de).
    • patches.common/md-resync-speed: Fix resync speed for stacked md devices. (L3 #47143)
    • patches.common/md-start-array: Avoid the automatic nested md device discovery if starting one array explicitly. (L3 #46966)
    • add patches.common/set_pte-races (#46948 - LTC11574) Fix threaded user page write memory ordering Make sure we order the writes to a newly created page with the page table update that potentially exposes the page to another CPU.
    • name new cciss driver "cciss-new" instead of "cciss_new". Now this is consistent with the handling of "e1000-new".
    • add new version 2.4.52 of cciss driver as cciss_new (#45148)
    • Update patches.s390/linux-2.4.21-s390-18-june2003-patches/* Replaced corrupted files (Transmission error from IBM).
    • Add modversion dump file /boot/symvers-$(uname -r).gz as in 2.6 kernels for modversion checking.
    • add patches.s390/linux-2.4.21-s390-18-june2003-patches/* Update to official IBM codedrop.
    • Removed obsolete patches.
    • Enabled patch for #44487.
    • patches.common/smbfs-overflows: Patch from Urban Widmark to fix remotely exploitable denial of service in kernel SMB code (#46204)
    • add patches.s390/linux-2.4.21-s390-17-june2003-patches/linux-2.4.21-s390-17-0{7,8,9}-june2003 Update to official IBM codedrop.
    • patches.common/lkcd-smp-update: compilation fix for ia64.
    • add patches.common/jfs-memleak-invalidate_metapages.patch JFS: fix memory leak in __invalidate_metapages (#35499 - LTC6726)
    • add patches.ppc/ibm-ppc64-linux-2.4.21-213-set_pte.patch fix race condition between PTE set and __hash_page on PPC64 (#45980 - LTC11381)
    • patches.common/lkcd-smp-update: Fix lkcd crash on smp machines (#44919).
    • patches.common/pte-establish-race: avoid userspace corruption during COWs with threads on x86 PAE with >4G of ram.
    • make gendisk_lock irq safe (bug #45742)
    • fix for ES7000 machines to properly detect all CPUs (#32926)
    • patches.fixes/netfilter-ipt-log-crash: Prevent ICMP crash in netfilter logging (46016)
    • Disable CONFIG_UID16 for s390x (#43176)
    • Drop broadcast packets if qeth can't handle them (#42433) add patches.s390/qeth-drop-bcast-packets.patch
    • Disabled IBM preliminary patches.
    • export some aio symbols to catch up with 2.6
    • Added Preliminary IBM Codedrop 2.4.21-s390-17 (2004-09-17) add patches.s390/linux-2.4.21-s390-17-june2003-patches
    • Added Preliminary IBM 'Korora' Codedrop. add patches.s390/ctcmpc add patches.s390/layer2_10gig add patches.s390/z90crypt
    • Fix sys_ioctl definition for 31bit emulation add patches.s390/s390x-ioctl32-args
    • Update patches.s390/mcast_new_complete.diff to match IBMs version.
    • fix JFS resize bug on big-endian (#41535)
    • prevent oops in ip6t_LOG (#44213)
    • Added IBM Codedrop 2.4.21-s390-13 (2004-05-18) add patches.s390/linux-2.4.21-s390-13-june2003-patches
    • Added IBM Codedrop 2.4.21-s390-14 (2004-06-14) add patches.s390/linux-2.4.21-s390-14-june2003-patches
    • Added IBM Codedrop 2.4.21-s390-15 (2004-07-14) add patches.s390/linux-2.4.21-s390-15-june2003-patches
    • Added IBM Codedrop 2.4.21-s390-16 (2004-09-14) add patches.s390/linux-2.4.21-s390-16-june2003-patches
    • Removed temporary fixes which were merged in the codedrops.
    • Disabled CONFIG_UID16 for s390x.
    • update write-return-eio to handle the generic_osync_inode case
    • write-return-eio: In case we encountered an IO error (-EIO), we better make sure we return it, as the amount of bytes written before is not reliable then. (#43622)
    • sunrpc/svcsock: don't propagate TCP recvfrom errors up to nfsd; this causes nfsd to exit (#45132)
    • scsi-scan-largelun: Update SCSI blacklist from 2.4.28-pre3.
    • scsi-scan-allow-ghost-devs: Move determination of SCSI level earlier, so we can issue REPORT_LUN to targets where we could not register LUN 0 due to PQ/PDevTp == 3/0x1f. [#39279]
    • scsi-logging-parm: Don't put a version on symbol.
    • scsi-scan-allow-ghost-devs: Don't abort scanning on PQ/PDevTp == 3/0x1f; just don't attach to this LUN (unless scsi_allow_ghost_devices is larger than the LUN). For ghosts, only allow sg to attach. [#39279]
    • scsi-scan-newopts: bflags could have been used uninitialized for INQUIRY length determination.
    • get_user_pages_pte_pin-async2: Asynchronous kevented to avoid async IO deadlock (andrea, 43220, 43761).
    • One more audit patch [#43066].
    • audit: fix handling of return value.
    • audit: add support for clone2 syscall.
    • fix race condition in sg.c I/O completion (#42678)
    • get_user-pages_pte_pin-fix: Fix the kiovec free oops with lvm snapshotting (#33482, #44065).
    • More nfsd xdr decoding fixes (#43603)
    • patches.s390/s390x-lstat-return.patch (#43118) S/390: Do not modify stat buffer on error.
    • patches.s390/s390x-mmap-error.patch (#43554 - LTC10008) S/390: Fix mmap segfault on error.
    • Revert last change.
    • Moved syscall-audit-ia32_syscall_enable to patches.ia64 (#43066)
    • Use CONFIG_IA64.
    • syscall-audit-ia64-utimes: utimes has two timeval arguments, fix audit code for it on ia64 (#43066).
    • Add ia32_syscall_enable sysctl [#43066].
    • fix kNFSd signed issues (#43603)
    • Fix syscall-audit patches to compile.
    • queue-signals-peruser.diff: Fix missing initialisation of signal counter in signal DoS patch. (#39181, okir)
    • Fixed s390/ppc compile problem with syscall-audit-semtimedop
    • Merged several patches for audit subsystem (#43066, #43561)
    • add missing license tags for dump_gzip.c and dump_rle.c (#42159)
    • fix wrong cache descriptors (#41051)
    • Fix proc-info-leak bugfix (#43390).
    • add patches.common/proc-info-leak-ppc_rtas_tone_volume_read missing variable
    • Fix proc-info-leak to compile on S/390 (netiucv).
    • Fix proc-info-leak to compile on S/390 (ctcmain).
    • make fix for firewire overflow problem actually compile
    • fix integer overflow in firewire code (#42402)
    • Clean up signal queue DoS patches: Just apply the sysctl per user instead of globally (#39181).
    • export symbol block_commit_write (#43205)
    • activate fixes for /proc info leak (#41074)
    • Add LAuS patches for ia64.
    • fix direct io on ext3 (#42239)
    • JFS: Make sure journal records get flushed to disk (#42651)
    • add missing check in chown() system call (#42400)
    • #39181 pending signal queues: denial of service. Hide the new RLIMIT_SIGPENDING resource from user space.
    • Make CONFIG_RELEASE a string instead of an integer.
    • add EXPORT_SYMBOL_NOVERS(_sb_findmap); for s390 and s390x (#42137)
    • pss-user-pointer: Properly check userspace pointer (#42050)
    • fix memory overwrite bug in airo driver (#42096)
    • fix copy_from_user/copy_to_user thinko in ALSA (#42095)
    • asus_acpi: parse arguments in a safe way (#42052)
    • properly use _user in OSS ioctls (#42050)
    • don't write user pointers without checking in decnet (#42049)
    • check existance of device in eql (#42217)
    • Make CONFIG_RELEASE a string instead of an integer.
    • Switch to sequence-patch.sh from kernel-source-26. Adjust.
    • fix wrong 32 bit syscall table on x86_64 for syscall audit (#41972)
    • Backport from kernel-source-26: Remove stray quotes from EXTRAVERSION: CONFIG_CFGNAME is a quotes string like "default"; those quotes ended up in EXTRAVERSION and were removed or not depending on the context in which this variable was used.
    • Fix x86-64 MCE decoding patch that went in previously (#41593)
    • gdth-pci-dma-2: Fix ICP Vortex driver for machines with >4GB RAM. (#41495, axboe).
    • S390: Update patches.arch/s390-dirty-2.6.5 Update to version suggested by akpm (#42066).
    • S390: add patches.s390/dirty-2.4.21 fixing data corruption under memory pressure for s390 (#42066)
    • S390: add patches.s390/w4sense-cc3.patch Fix data corruption on heavy load with ESS.
    • fix user-triggerable local DoS (#41951)
    • use correct fix for e1000 infoleak bug (#39680)
    • Add missing file
    • Fix machine check handler on x86-64 (#41593)
    • Really fix LDT/TSS limit on x86-64 (#41574)
    • Fix fpu register leak [#41411].
    • add patches.ppc/ibm-ppc64-bcm5700-7.1.23 need memory barriers in the Rx path (#41393 - LTC9003)
    • fix vmalloc-page-fault bug with nested irqs (#40550)
    • fix incorrect error handling in map_user_kiobuf
    • fix info leak in e1000 driver (#39680)
    • fix for > 1TB SCSI disk (#41262)
    • enable patches.common/highuid16.patch
    • add patches.common/highuid16.patch, but leave it disabled the last patch to fix uid32 problem in smbfs caused unresolved symbols. make it i386 only for the time being. (#41090 - LTC8819)
    • remove EXPORTSYMBOL-declaration of overflowuid_overflowgid in arch/s390x/s390_ksysm.c
    • adding patches.s390/add_config_uid16_to_s390x to enable CONFIG_UID16 for s390x
    • qla-select_next_path_fix-v6.07.02: Handle failover without oopsing during module reinsertion (PPC, #40872).
    • Adding CONFIG_UID16=y to default config of s390x
    • add patches.ppc/ppc64-24-hdio-ioctls mark HDIO_DRIVE_TASK as compatible ioctl (#40641 - LTC8579)
    • add patches.common/usb-storage-ioerror_ohci-locking-2.4.21.patch serialize ohci URB unlink handling (#25555,#30673 - LTC4369)
    • S/390: Add patches.s390/linux-2.5.21-s390-zfcp-retry.patch Fix rash retries on zfcp (#35557).
    • S/390: Added more includes to init/kerntypes.c (As per request of Michael Holzheu <holzheu@de.ibm.com>)
    • fix uid32 problem in smbfs (#39579)
    • add patches.ppc/ibm-ppc64-lparcfg (#39602 - LTC6863)
    • Merge from UL1_SP4_BRANCH
    • add patches.common/fs-exec-coredump-LFS (#38733) from Andrea to allow core files larger than 2 GB
    • add add patches.common/get_user_pages_pte_pin (#39138 - LTC7702) patch from Andrea to prevent unmapping of pinned pages
    • fix buffer overflow in panic() (#39054)
    • fix proc file permissions of qla2xxx driver (#39347)
    • fix memory leak in do_fork() (#39223)
    • add patches.common/qla-vary_io, ppc64 only at the moment (#37610 - LTC7160)
    • Fix mcast-msfilter-int-overflow patch.
    • mcast-msfilter-int-overflow: Fix integer overflow in ip_setsockopt MCAST_MSFILTER (#39207).
    • add support for Treo600 (trivial backport from 2.6) (#39132)
    • add two more HP devices to SCSI scan blacklist
    • S/390: Fix multicast handling for iucv (#35593). (UL1_SP4_BRANCH)
    • Fix user_to_kernel_hz_overflow(x) macro (werner, andrea).
    • Enable nbd module on ia64.
    • Add Apple Xserve to the SCSI blacklist with LARGELUN | SPARSELUN.
    • Semaphore fix (#38517, i386 & x86-64).
    • S/390: added patches.s390/mcast_new_complete Fixing Multicast handling on S/390 (#35593). (UL1_SP4_BRANCH)
    • fix cpu_sibling_map on summit machines (#33284).
    • fix I/O resource allocation failure during PCI hotplug (#32694)
    • fix info leak in jfs filesystem (#36125)
    • add CLOVERLEAF device to scsi_scan blacklist
    • fix some more ACPI IRQ problems (#36058, #34704, #35314)
    • sunrpc-svcsock-drop: Be more careful about dropping connections in RPC, work around for buggy NFS clients (#34733, okir).
    • fix ocfs2 mount problem (#32962)
    • added some HP devices to scsi_scan blacklist (#36207)
    • scsi_scan blacklist entry for DEC HSG80 needs BLIST_SPARSELUN instead of BLIST_FORCELUN (#37453)
    • S/390: Update to IBM codedrop 2004/03/15 added patches.s390/linux-2.4.21-s390-12-june2003-patches removed superseded patches: patches.s390/zfcp_hbaapi_buffersize.patch patches.s390/zfcp-watchdog.patch patches.s390/qdio-guest-lan.patch (UL1_SP4_BRANCH)
    • S/390: add patches.s390/qdio-guest-lan.patch fix performance slowdown of Hypersocket Guest Lan (#36652) (UL1_SP4_BRANCH)
    • S/390: add patches.s390/zfcp-watchdog.patch watchdog for stalled FCP channel (#37072) (UL1_SP4_BRANCH)
    • S/390: add patches.s390/zfcp_hbaapi_buffersize.patch fix size of SCSI SENSE buffer for zfcp hbaapi (#36486). (UL1_SP4_BRANCH)
    • 390:disable parts of linux-2.4.21-s390-10-05-june2003-net(#35593) (UL1_SP4_BRANCH)
    • Fix user triggerable oops in x86-64 32bit emulation
    • add patches.ppc/sles8-qla-v6.07.02-2.4.21-147.patch (#36225) update device driver to fix potential data integrity problem
    • allow IPv6 netfilter modules to be loaded on x86_64 (#34810)
    • add new version 5.2.30.1 of e1000 driver as e1000-new.o
    • fix info leak in xfs filesystem (#35463)
    • add missing size check in r128 driver also to 4.0 version
    • lvm hash bucket calculation fix, solves snapshot creation problems on 32bit machines with > 4GB of ram. Bug #34418
    • use agpgart-bus also on i386 to solve problem also in 32 bit
    • don't try to use forcedeth driver on S/390 machines
    • add HP ProLiant and Compaq ProLiant to dmi blacklist so that ACPI gets disabled automagically on these systems
    • fix ipv4 raw ip checksum error, triggered by gcc 3.3 (#34820)
    • 64-bit kernel emulation of 32-bit CDROM_SEND_PACKET ioctl was incomplete and could cause kernel crashes (#35159)
    • fix vulnerability in soundblaster driver (#35279)
    • fix info leak in ext3 filesystem (#35212)
    • add yet another missing size check in r128 driver (#33945)
    • fix vulnerability in iso9660 filesystem (#34841)
    • add forcedeth driver for NVIDIA nForce media access controllers
    • blacklist-patch.HP: ACPI blacklist update forCompaq/HP Proliant machines (#33167).
    • patches.common/scsi-req-q-ptr: Make sure proper request queue ptr is passed, to avoid missing wakeups. Finally solves starvation (#33215, LTC5252, axboe, mpeschke)
    • patches.common/lvm-dont-shift-pv: Don't shift PV pointers to prevent null ptr deref. (#34042, sbader, obsoletes lvm-mp-oops-on-null-pv).
    • patches.common/vm_reserve: Also use vm_reserve boot param, if CONFIG_DISCONTIGMEM (NUMA) is set on i386. (#34418)
    • add patches.ppc/ibm-ppc64-log_rtas_len-overflow avoid overflow in rtas functions (#34595 - LTC5991)
    • add patches.ppc/ibm-ppc64-errinject.patch copy enough data in ppc_rtas_errinjct_write (#35048 - LTC6543)
    • Fix off by one errors in x86-64 IOMMU code (#35039)
    • fix IGMP/ipt_REJECT checksum on x86-64 (#35140)
    • add patches.ppc/vmalloc-patch-suse-sym2 protect page_table_lock during interrupts (#32275 - LTC4738)
    • fixed #33167 (HP & xAPICs) through DMI id updates
    • prevent potential DoS attack via mremap (#34729)
    • fix user space access in C-Media PCI OSS sound driver
    • fix #33945 for both versions of the r128 DRI driver
    • Implement mapped_base for x86-64 (#34548)
    • Fix aacraid patch
    • Update aacraid and dpt_i2o drivers to latest versions on x86-64
    • Reenable dpt_i2o driver on x86-64
    • S390: Moved IBM codedrop 2004/01/16 to UL1_SP4_BRANCH.
    • S390: Add missing symbol nr_running().
    • S390: Reenable missing patches.s390/linux-2.4.21-s390-timer-03-june2003.diff.
    • add patches.ia64/disable-showMem (#33317)
    • add patches.ppc/ibm-ppc64-pseries-cpu_update for upcoming cpus
    • Part of a patch from Greg Banks, which will hopefully fix the "dirty inodes after unmount, self-destruct in 5 seconds" problem (#30943)
    • check interpreter type to prevent possible local DoS (#34287)
    • return proper error codes for do_munmap() failure in mremap
    • s390x: fix 31-bit emulation of /proc/<pid>/mapped_base(#34276)
    • patches.fixes/xattr-keep-block: Fix xattr bug when keeping the same disk block in ext[23].
    • Audit subsystem: included patches that were submitted as part of the EAL3 certification effort but not included in the SLES8 kernel so far. These patches affect the audit subsystem only. patches.common/syscall-audit-noparanoia patches.common/syscall-audit-nohang
    • S390: Update to IBM 'blizzard' codedrop 2004/01/31 Added new patches linux-2.4.21-s390-08-june2003-patches Added new patches linux-2.4.21-s390-09-june2003-patches Added new patches linux-2.4.21-s390-10-june2003-patches Updated timer-patch. Updated config files to select new options.
    • lvm-mp-oops-on-null-pv: lvm-mp code introduced conditions where we could hit a NULL pv and deref it: Ooops. (axboe, #34042)
    • shmem-swap: Fix handling of swapout behaviour on machines with large amounts of unlocked shared memory (SAP), all controlled by vm_shmem_swap sysctl, defaulting to off (andrea, #33964):
      • Avoid excessive swapping ("objrmap").
      • Save extra page table scan.
      • Avoid I/O performance to be destroyed by shmem swapout.
    • qla2xxx-enable-conf-modules: Build the _conf modules as well. (#34155, #34191).
    • scsi-queue-next-unconditionally: Call request_fn() unconditionally all needed checks are done there. The break was wrong and should have been continue (axboe, mpeschke, #33215).
    • scsi-restart-ops-unconditionally: Ditto. We don't need the host lock any more then. (axboe, mpeschke, #33215).
    • disable excessive status messages in aacraid driver
    • scsi-noderef-freed-host: If the error handler thread died, we could have dereferenced host in a freed structure SCpnt structure. (axboe, #33783).
    • add patches.common/usb-serial-palm-sched_oops.patch fix BUG() in sched.c:910 (#31948)
    • add patches.common/jfs-on-block_flushpage do not call block_flushpage in __invalidate_metapages (#27332 - LTC3109)
    • fix race condition in qla1280 error handling code (#33847)
    • check size for memory allocations in r128 DRI driver (#33945)
    • fix possible crash in USB vicam driver (#34118)
    • don't leak info in i386 fault handler (#34051)
    • add patches.ppc/suse-ppc64-kallsyms allow CONFIG_KALLSYMS even if KDB is off (#34052 - LTC5882) enable CONFIG_KALLSYMS=y in iseries64 .config
    • scsi-dma-sectors: The limitation of new_dma_sectors in scsi_dma was buggy and would overflow. Fix. (IBM, axboe, #33215)
    • acpi-t40-ec-osdl1038: ACPI on T40: Fix Embedded Controller detection as well. (#32222)
    • Fix compilation with gcc 3.4
    • Avoid overflowing size_buffers_type (andrea, FSC, see #33964).
    • Avoid a starvation situation in scsi midlayer (axboe, #33215).
    • Disable dpt_i2o driver on x86-64
    • Limit file names in ncpfs (#34100)
    • scsi-error-deadlock: fix locking in scsi_error.c to prevent possible deadlock. (#)
    • add patch for SiL 3114
    • Fix MTRR size computation on x86-64
    • Fix bugs in NUMA node discovery
    • max_scsi_luns was not effective when REPORT_LUNS was used. Fixed.
    • add patches.common/reiserfs-jl-refcount (prevent too early free of journal_list), should fix #32729 and may also fix bug #34026
    • add patches.common/scsi-type-TYPE_UNKNOWN Scsi_Device->type is being set to -1. (#34009 - LTC5783) It's causing us to access the scsi_device_type array at -1.
    • add patches.ppc/ibm-ppc64-bcm5700-7.1.22 use the latest broadcomm driver on powerpc, keep NAPI enabled
    • update patches.common/sd_many fix scsi module unload problem (#33282 - LTC5355)
    • scsi-scan-largelun: Add Pathlight/ADIC and Crossrds to blacklist.
    • Fix rpm3 performance problem.
    • Fix LDT limit on x86-64
    • add patches.ppc/ibm-ppc64-kdb-sdr1 KDB superreg option doesnt print SDR1 register (#33854 - LTC5587)
    • Add dynamic-hz-ata-new for new libata on x86-64
    • Update libata to new version for x86-64
    • Enable libata drivers in x86-64
    • Add workaround for AMD K8 Errata #87
    • Make x86-64 IOMMU flushing more conservative
    • Fix ptrace 32bit hole for x86-64
    • fix NFS directio bug that causes data corruption when creating files larger than 4 GB
    • don't abort if one single additional km_ package fails
    • remove km_dvb
    • s390: added missing epoll syscalls (#33668)
    • add missing check in mremap
    • add cross-ppc64-binutils cross-ppc64-gcc-core unconditionally to avoid autobuild magic (#33250 - LTC5419)
    • s390:fix ffs() to pick up the preinitialized result value(#33450)
    • provide preconfigured header files for ppc64 kernels now for real...
    • s390: fix bad ffs() return value, fixes fat and netfilter(#33450)
    • s390: fixes for ESS caching(5409) and ESS flashcopy(4676/#33446)
    • provide preconfigured header files for ppc64 kernels (#33250 - LTC5419)
    • s390:integrate IBM June 2003 code drops 2003-10-31 and 2003-11-28
    • nfsd-fhalias(for HA-NFS): avoid console spew from invaid IP 0.
    • add patches.ppc/ibm-ppc64-proc-copy_user audit pseries/iseries proc interface (#33345)
    • Disable dma engine test in tg3 driver on SN2 [#32928].
    • Update CPE/CMC polling code to avoid deadlock [#32885].
    • fix 32bit [f]truncate64 for x86-64
    • reenable x86_64-sci fix (#32893)
    • Fail build if one of the km_* modules fails.
    • Remove km_basilisk and km_vmware.
    • Set CONFIG_SUSE_KERNEL and CONFIG_UNITEDLINUX_KERNEL correctly in the pre-configured headers. By accident neither was defined there so far. (The k_* packages did fix that, though.)
    • #33097: patches.common/xattr-pointer-arith fixes a pointer arithmetic bug in the xattr code.
    • Remove patches.common/x86_64-sci.
    • Revert last change again by request of rf.
    • Revert smp boot cpuid/apic handling for non summit to before #32570,#32571, fixes #32926, verified on x440, but not yet on HP
    • Port i386 ACPI SCI fixes to x86-64 (#32893)
    • Set correct TSS limit on x86-64
    • Fix ACPI mem handling issue with T40. [#32222]
    • patches.common/sd_many: Fix reported SCSI disk size if between 1 and 2TB (cosmetic). [#32358]
    • patches.common/ide-scsi-impl-abort: idescsi_abort(): Fix locking [#32855]
    • Fix ia32 stat emulation [#32824].
    • corrected hangcheck according to mail from Joel Becker
  • laus
    • added patch laus-0.1_ia64-headerupdate-247.diff to update audit.h and resolve inconsistency between kernel and user-space
    • replaced laus-0.1_message-realign.diff with laus-0.1_message-realign-b.diff because the original patch copy too less data which results in broken output
    • fixed some patches introduced before (Bug #44047) + semtimedop() syscall number changed from 2.4 to 2.6 + make the defines in the source not in the ia64 header to avoid problem with old glibc headers and compiling the code manually
    • added more patches from Klaus Weidner to support clone2 and the xattr syscall family on IA64 (Bug #44047)
    • added patch for alignment problem on ia64
    • added fix for build problem on ia64
    • added fix from Klaus Weidner to correct ip:port output format (#42606)
    • added fix from Klaus Weidner to support missing system call semtimedop() neeed for EAL3 (#42606)
    • removed licence disclaimer in laus.h that prevents distributing (#42606)
    • fixed inconsistency in audit init-file (#32777)
    • man-pages didnt get installed due to not listing them in Makefile.am
  • less
    • removed potential tmp file race [#39272]
  • lha
    • Added patch for obscure buffer overflow (#40975).
    • Fixed buffer overflows for long filenames (CAN-2004-0234).
    • Added directory traversal protection (CAN-2004-0235) (#39178).
  • libpng-devel
    • replaced security patches with the official ones [#43008]
    • fixed several buffer overflows [#43008]
    • added missing part of pngtran overflow patch [#42043]
    • fixed possible buffer overflow
  • libtiff
    • fixed directory entry count overflow (CAN-2004-1183) [#49469]
    • fixed overflow in tiffdump
    • Do not crash if we are using unsupported codecs (like OJPEG).
    • do not call TIFFTileSize with uninitialized values [#44635]
    • prevent division by zero
    • fixed much more buffer overflows (the older tiff-alt-bound-CheckMalloc.patch is included in the new libtiff-3.5.7-alt-bound.patch now) [#44635]
    • fixed more buffer overflows [#44635]
    • fixed multiple buffer overflows
    • CAN-2004-0803 [#44635]
    • disabled old jpeg support because of security problems [#45116]
  • libusb
    • Backport get_usb_busses interface [Bug #50691]
  • libxml
    • added patch to fix buffer overflows in FTP and HTTP URL handling as well as in DNS code. (bug #49362)
  • libxml2
    • Fix several buffer overflows that can occur while processing FTP and HTTP URLs as well as in DNS name handling code. These bugs can be exploited remotely to execute arbitrary code. Patch provided by Thomas Biege [# 47670].
    • Fix buffer overflows discovered in the FTP and HTTP URL parsing code (backported from CVS head by Thomas Biege). [# 34572]
    • Apply libxml2-htmlparser.diff to fix buffer overflow in HTMLparser.c; this prevents yelp from working. Patch provided by Shane O'Connor [# 32831].
  • liby2util
    • don't use system() for calling gpg (#42776).
    • 2.6.23
    • Fixed bug that inhibits logging on big-endian architectures. [#28136]
    • 2.6.22
  • linux-iscsi
    • Update to linux-iscsi-3.6.2
  • lvm
    • add accidientially omitted hunk to EMC powerpath patch
    • add support for EMC powerpath (#34836)
    • Update to v6c (Codedrop from IBM Developerworks / #31758).
    • fix bug in script pvpathsave when running on readonly fs
    • fix bug in start script regarding calls to pvpath{save,restore}
    • make it possible to use GPT partitions as PVs
  • mailman
    • added mailman-2.0-dirtraversal.patch [bug #50563, CAN-2005-0202]
    • fix for Python bug [bug #39200]
    • fix for DoS bug to be described in CAN-2003-0991
    • added postinstall code to correctly set /etc/mailman.mail-group (group for mail script aliases) [bug #27369]
  • mc
    • Fix the handling of symlinks inside tarballs which would lead to a segfault with suitably constructed tarballs.
  • mod_dav
  • mod_php4
    • fix vulnerabilities in unserializer (bug #48635)
    • fix broken int unserializing on 64-bit (bug #49617)
    • fixed several vulnerabilities (bug #48635, patch secfix1)
    • fixed php.ini settings "leak" from vhosts/.htaccess files (bug #48431, patch secfix2)
    • security fix for array parsing (bug #45710, patch array)
    • fix memory limit problem, a problem with strip_tags and several stability issues (bug #42949); Patches: everything_except_mm, memory_limit_in_execution, sfix
    • session variables where not read due to wrong type usage; bug #33699, patch sessread
    • print() did not yeald any output on s390x when a session had been started due to wrong type usage; fix in patch sessid
  • mod_python
    • update to 2.7.10, which fixes a vulnerability whereby a specific query string processed by mod_python would cause the httpd process to crash. [#34115]
  • mod_ssl
    • security fixes from 1.3.31 [#40611]:
      • CAN-2004-0174 (cve.mitre.org) Fix starvation issue on listening sockets where a short-lived connection on a rarely-accessed listening socket will cause a child to hold the accept mutex and block out new connections until another connection arrives on that rarely-accessed listening socket. Enabled for some platforms known to have the issue (accept() blocking after select() returns readable). Define NONBLOCK_WHEN_MULTI_LISTEN if needed for the platform and not already defined.
      • CAN-2003-0987 (cve.mitre.org) Verification as to whether the nonce returned in the client response is one we issued ourselves by means of a AuthDigestRealmSeed secret exposed as an md5(). See mod_digest documentation for more details. The experimental mod_auth_digest.c does not have this issue.
      • CAN-2003-0020 (cve.mitre.org) Escape arbitrary data before writing into the errorlog. Unescaped errorlogs are still possible using the compile time switch "-DAP_UNSAFE_ERROR_LOG_UNESCAPED".
      • security fix for mod_ssl: fix buffer overflow in ssl_util_uuencode() [#40791]
      • security fix (CAN-2003-0993): Allow and Deny rules with IP addresses (e.g. 192.168.1.1) where parsed incorrectly on 64-bit platforms with big endianness. It only affected IP addresses with no netmask definition. [#35450] http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23850 apply the patch only on s390x.
      • security fix (CAN-2003-0542): fix buffer overflows in mod_alias and mod_rewrite that are possible when using a regular expression with more than 9 captures [#32756]
      • remove 0host entries for pidfile and logfiles, which alarmed our patchrpm breakage tests
  • Mozilla
    • fixed news:// URL handling code (#49571, bmo #264388)
    • XPCNativeWrapper is needed for #249332 (bmo #270729)
    • more security related bugfixes (#47658)
    • fixed trigger logic (#48701)
    • some security related bugfixes (#45640)
    • endianess bugfix for x86-64 (#34743)
    • several fixes including (backported from 1.4.3): CAN-2004-0597 CAN-2004-0718 CAN-2004-0722 (#43569) CAN-2004-0757 CAN-2004-0758 CAN-2004-0759 CAN-2004-0760 CAN-2004-0761 CAN-2004-0762 CAN-2004-0763 (#43312) CAN-2004-0764 CAN-2004-0765
    • update to 1.4.2 (20040220)
      • NSS update for S/MIME related crash (SUSE #33771) (Mozilla #229242)
      • patch for fontEncoding.properties included
    • added build-fix for s390x (#32963)
    • fixed installation of fontEncoding.properties (#34321) (thanks to Jungshik Shin)
    • update to 1.4.x (20031215)
    • added mozplugger to add-plugins.sh
    • added patch to expunge IMAP folders if "remove immediately" delete model is used
    • update enigmail to 0.76.7
    • added mozplugger (part of bug #31616).
    • adopted RealPlayer inclusion for new path (#30990)
    • make mozilla open URLs not files
    • build with XFT support on SLEC
    • use kprinter as default print command on SLEC (#31734)
    • added compat symlinks for GNOME settings (#32326)
  • mysql
    • fix for several vulnerabilities (bug #47135):
    • ALTER TABLE ... RENAME checked CREATE/INSERT rights of the old table instead of the new one (patch alter)
    • a buffer overrun in the mysql_real_connect function (patch dns)
    • multiple threads ALTERing the same (or different) MERGE tables to change the UNION could cause the server to crash or stall (path merge)
    • Privilege Escalation on GRANT ALL ON `Foo\_Bar` (patch grant)
    • scripts mysqld_multi and mysqlbug allow local users to overwrite arbitrary files via a symlink attack (patch symlink)
    • made mysqlhotcopy working again as it was broken by the upstream patch for a security problem (bug #46994, patch hotcopy)
    • applied patch for a security hole in mysqlhotcopy (bug #43829)
  • ncpfs
    • correct logic in CAN-2005-0014 patch
    • add file permisions check for ~/.nwclient (##49677 - CAN-2005-0013)
    • add fix for possible buffer overflow in ncplogin (#49677 - CAN-2005-0014)
    • add ncpfs-2.2.4-NWDSCreateContextHandleMnt.patch buffer overflow in ncplogin and ncpmap - CAN-2004-1079 (#48702)
  • nessus
    • fix race condition caused by unset $TMPDIR (#43771)
    • don't send email on update to root on UnitedLinux [Bug #26460]
  • nss_ldap
    • nss_ldap-199.ldapgrp.diff: Fixes handling of users which are member of more than 64 groups (Bugzilla: #49472)
  • openldap2
    • is_entry_objectclass.dif: Entries with objectclass: extenisbleObject were missing from search results of the first query (Bugzilla: #34463)
    • backglue-slaptool.dif: slapcat was segfaulting if a back-ldap database was configured as a subordinate of a back-ldbm database (Bugzilla: #33625)
    • backglue-onelevel.dif: One-level search operations on subordinate databases where failing with an "unwilling to perform" error. (Bugzilla: #36203)
    • ucs_memleak.dif: Memory leak in liblunicode (Bugzilla: #33648)
    • rcldap-checktls.dif: Removes over-restrictive check for SSL configuration from the init-script. (Bugzilla: #33560)
    • schema_check.dif: Disallow the removal of the RDN-Attribute from entries (Bugzilla: #27538)
    • avl_ptrcmp.dif: Fixes the maintenance routines for attribute indexes, index definitions could have been ignored by slapd (Bugzilla: #28145)
    • ldbm.dif: fixes possible index corruption in back_ldbm which could lead to wrong search results (Bugzilla: 27152)
    • bdb_passwd.dif: fixes a small memory leak in password extended operation code of back-bdb (Bugzilla: 26817)
  • openmotif
    • Fixed XPM security problems #43420.
    • Fix XmResizeHashTable [#44499].
  • openssh
    • fixed previous fix of security bug in scp [#35443] (CAN-2004-0175) (was too restrictive)
    • fixed security bug in scp [#35443] (CAN-2004-0175)
    • changed sshd.8 and sshd_config.5 (EAL3)
  • openssl
    • add security fix for CAN-2004-0079 (possible null-pointer assignment during SSL/TLS handshake)
    • removed a part of the openssl-timing-attacks.patch which addresses the timing attack on RSA keys problem see http://www.openssl.org/news/secadv_20030317.txt. The patch to rsa_lib.c was not thread safe.
  • permissions
    • changed permission of /var/lock/subsys to 755
    • changed permissions of /var/lock [Bug #37759]
    • Remove /var/run from list [Bug #28289]
  • postgresql-devel
    • New Patch release: 7.2.7. Fixes a security issue with LOAD and some other bugs (#50191). See HISTORY for details.
    • New patch release: 7.2.6. Fixes several security and data corrupton bugs (#47619). See HISTORY for details.
    • Added postgresql-7.2.2-7.2.6.patch.bz2 for completeness and removed all patches that became obsolete by the version update.
    • Adapted a patch from Debian to fix a buffer overflow in ODBC driver (src/interfaces/odbc/): added parameter for target buffer size to make_string() to prevent buffer overflows and corrected all calls to it (http://bugs.debian.org/247306, SuSE Bugzilla #40714). With previous versions it was possible to crash (and possibly exploit) e. g. apache if a PHP script connected to a ODBC database with very long credential strings (DSN, username, password, etc.).
    • Backported a buffer overflow fix from version 7.3.4. (Bug #29483)
    • Use test-and-set locks for x86_64 instead of slow semaphores. (postgresql-x86_64.patch, Bug #27308)
    • Applied the bug and security fixes, that went into version 7.2.3, and 7.2.4. (Bug #25784, postgresql-7.2.4.patch).
    • Backported the ppc and ppc64 test-and-set inline assembler code from the 7.3.1 packages (postgresql-ppc.patch). Disabled obsolete postgresql-ppc-largemem.patch, and postgresql-ppc64.patch.
    • Added postgresql-ppc-largemem.patch to fix hangs when building on certain types of PPC machines with huge memory.
  • pure-ftpd
    • Apply fix to remove possible DoS attacks [#42821]
  • python
    • fix vulnerability in SimpleXMLRPCServer (bug #50321, CAN-2005-0089)
  • qt3
    • jpeg support got broken by last patch, fixed again
    • fixes for handling of broken images (#43356)
  • rpm
    • speed up rpmdbAdd/Remove if a package contains lots of equal basenames (e.g. module.h or index.html)
  • rrdtool
    • added libpng-1.0.9.diff fixing security holes in libpng (bug #43008)
  • rsh
    • added patch rexec-netrc. Rexec is now parsing ~/.netrc file to get username and password. (patch got from https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=135643) [Bug #50142]
  • rsync
    • prevent failure on startup: IPV6_V6ONLY might be undefined or unsupported
    • update to 2.6.2 / ported patches (#39672)
    • fixes a problem with non-chroot modules
    • add -4 and -6 options to manpage (#36144)
    • update to version 2.6.0
    • update to real 2.5.7
    • fix heap overflow (#33478)
    • Fix quoting in configure script.
    • added make test
    • use defattr
    • update to 2.5.6
    • can combine ssh and daemon access
    • supports URL like syntax rsync://
    • IPv6 support in hosts.allow/deny
    • recursive hang fixed upstream
  • ruby
    • added fixes for lib/cgi.rb, lib/cgi-lib.rb, lib/cgi/session.rb from ruby-1.6.snap, fixes: #47886 (CAN-2004-0983)
  • samba
    • Fix order of evaluation in the bitmap code; Samba.org svn revision 4120; [#49804].
    • Fix remote exploitation of an integer overflow vulnerability in the smbd daemon; patch made by Thomas Biege <thomas at suse dot de>; CAN-2004-1154; [#49119].
    • Always stop winbind if the init script is called with stop, [#47108].
    • Fixed potential file access outside of defined shares. [#46352], CAN-2004-0815
    • Fix smbd crash in case of not send find_first by a Microsoft Windows XP with installed Service Pack 2, [#43737]; bugzilla.Samba.org [#1520].
    • Fix reopen_logs() in case of used macros for the filename, [#43773]; LTC [#10274].
    • Fix smbd crash if vscan is used, [#43853].
    • Fix MS DFS for Microsoft Windows XP and 2k3 clients, [#44101].
    • Fix buffer overrun in 'mangling method = hash', [#43061]. CAN-2004-0686.
    • Fix schannel patch which made machine account password changes for Microsoft Windows XP and 2000 domain members impossible [#40087].
    • Add package release to VERSION in include/version.h.
    • Fix error packets return code to allow clients the reuse of a former assigned virtual uid [#42022].
    • Use /var/log/samba/ as a secure directory for all smb-print scripts [#36676].
    • Fix password change broken by Microsoft hotfix MS04-011 [#40087].
    • Remove bogus nettime code.
    • Enhance waiting for cupsd function in the smb init script
      • only check with lpstat every two seconds
      • remember start time in seconds and calculate the waiting time in relation to this; this is important if a configured CUPS server is unreachable. In this case we now really wait only 30 seconds and not 30 times of the lpstat timeout.
      • Thanks to Bjoern Jacke <bjoern at j3e dot de> for the patch.
    • Fix path to smb-print.log [#36676].
    • Fix for timestamp problem on 64 bit architectures [#34464].
    • Fix unnecessary mount requests if 'add user script' isn't used [#33194].
  • screen
    • fix ansi NumArgs overflow [#33379]
  • sharutils
    • fix -o option handling (#39122)
  • sitecopy
    • add sitecopy-neon-CAN-2004-0179.diff (#41711)
    • add sitecopy-neon-CAN-2004-0398.patch (#41711)
    • add sitecopy-neon-0.23.7.diff (#41833)
  • squid
    • fix for remote DoS in snmp module CAN-2004-0918 (bugzilla#47198)
    • fixed wrong ownership of /usr/sbin/squid_ldapauth (reported by mc)
  • tftp
    • Fix security hole with possibly overflowing bcopy [#47676]
  • ttf-hanyi
    • The package ttf-hanyi was included in UnitedLinux 1.0 only for testing purposes. Novell has now bought a proper license for this font. This change removes the license and adds the new one.
  • unarj
    • inform about our fixes in the printed notice (#48553)
    • add subdirectory creation for the x command.
    • fix wrong time handling when daylight saving time.
    • fix date handling for year 2000 (it is leap year).
    • fix buffer overflow and tree traversal (#47184)
  • utempter
    • Fix incorrect check for /../ in path names (#39169)
    • added man-page utempter.8 (EAL3)
  • xchat
    • Fix SOCKS5 buffer overflow [#39184]
  • xf86
    • reverted broken security fix for Xsession script (see also comment #16 of Bug#34253)
    • xfree86_4.1.0_glx_dri_integer_overflow.diff: The GLX and DRI code of the Xserver did not verify the "screen" parameter in several functions. This failure leads to a denial-of-service condition and probably to arbitrary code execution as root. (CAN-2004-0093, CAN-2004-0094) (Bug #35206)
    • fixed tmp races in postinstall scripts and Xsession script (Bug #34253)
    • fixed more buffer overflows in fontfile/ direc (#34296)
    • put together old and new bugs in fontfile-sec_bufferoverflows.diff
    • dirfile.diff: at the same location just a few lines below the same problem
    • dirfile.diff: A buffer overflow in the X server can be triggered by using a malformed fonts.alias file. This bug can be used to gain local root privilege (Bug #34296).
    • p_pam_setcred.diff: Due to inproper checking of failure-conditions of pam_setcred() in XDM while using pam_krb5 a user with valid login credentials (Kerberos) may get root access to the system. (Bug #33788)
    • Disable sis.o module in km_drm (it has unresolved symbols), and remove a bad hack in Makefile.module. THis was discussed with sndirsch@suse.de and mantel@suse.de.
    • p_LTC3984.diff: * fixed double who entries for xterm (Bug #29126)
    • fixed build on sles8*s390*
    • This should fix bug #26187
      • Make sux work even if no network available (bug #25315)
      • Workaround in sux due broken gnome session managment (bug #24052)
    • p_ia64_cirrus.diff: * workaround in cirrus driver for IA64 compiler bug (Bug #22735)
    • p_ia64_nv.diff: * fixes nv driver crash on HP zx6000 (Bug #21988)
    • p_xlclocale.diff: * A buffer overflow vulnerability was fixed
    • p_fixes.diff: * removed bogus brackets behind #undef
    • p_x86-64_lp64.diff: * fixed build for new gcc (defines now LP64)
    • Fix 64bit bug in VESA driver [#22416].
    • p_x86_64-2.diff:
      • Mesa: turning on IEEE support for x86-64. This gives some performance boost in 3D apps
      • X11.tmpl: fixing further warning message of C-preprocessor during imake
      • radeon driver: fixing problem with division by 0 error in case dotclock is out of the possible clock ranges of the pll clocks.
    • readded lost patch 'p_x86_64.diff': * merging section allocation for x86_64, using mmap() for allocation
    • p_loader.diff: fixed another loader problem on x86_64
    • p_xf86-4.2-2-pci_domain.diff: * fixes pci scanning on p650, p640 and others.
  • xinetd
    • updated to version 2.3.11 (fixed a lot of security bugs) [#27081]
    • removed obsoleted flag RECORD from xinetd.conf on line log_on_failure
    • fixed bug in parsing config file [#22876]
    • removed obsoleted reuse option from rcxinetd script
    • added new fix from CVS (check_from_solar_designer, close_listening_descriptor and used_valgrind_to_fix)
  • xloader
    • reverted broken security fix for Xsession script (see also comment #16 of Bug#34253)
    • xfree86_4.1.0_glx_dri_integer_overflow.diff: * The GLX and DRI code of the Xserver did not verify the "screen" parameter in several functions. This failure leads to a denial-of-service condition and probably to arbitrary code execution as root. (CAN-2004-0093, CAN-2004-0094) (Bug #35206)
    • fixed tmp races in postinstall scripts and Xsession script (Bug #34253)
    • fixed more buffer overflows in fontfile/ direc (#34296)
    • put together old and new bugs in fontfile-sec_bufferoverflows
    • dirfile.diff: * at the same location just a few lines below the same problem
    • dirfile.diff: * A buffer overflow in the X server can be triggered by using a malformed fonts.alias file. This bug can be used to gain local root privilege (Bug #34296).
    • p_pam_setcred.diff: * Due to inproper checking of failure-conditions of pam_setcred() in XDM while using pam_krb5 a user with valid login credentials (Kerberos) may get root access to the system. (Bug #33788)
    • Disable sis.o module in km_drm (it has unresolved symbols), and remove a bad hack in Makefile.module. THis was discussed with sndirsch@suse.de and mantel@suse.de.
    • p_LTC3984.diff: * fixed double who entries for xterm (Bug #29126)
    • fixed build on sles8*s390*
    • This should fix bug #26187 * Make sux work even if no network available (bug #25315) * Workaround in sux due broken gnome session managment (bug #24052)
    • p_ia64_cirrus.diff: * workaround in cirrus driver for IA64 compiler bug (Bug #22735)
    • p_ia64_nv.diff: * fixes nv driver crash on HP zx6000 (Bug #21988)
    • p_xlclocale.diff: * A buffer overflow vulnerability was fixed
    • p_fixes.diff: * removed bogus brackets behind #undef
    • p_x86-64_lp64.diff: * fixed build for new gcc (defines now LP64)
    • Fix 64bit bug in VESA driver [#22416].
    • p_x86_64-2.diff:
      • Mesa: turning on IEEE support for x86-64. This gives some performance boost in 3D apps
      • X11.tmpl: fixing further warning message of C-preprocessor during imake
      • radeon driver: fixing problem with division by 0 error in case dotclock is out of the possible clock ranges of the pll clocks.
    • readded lost patch 'p_x86_64.diff': * merging section allocation for x86_64, using mmap() for allocation
    • p_loader.diff: fixed another loader problem on x86_64
    • p_xf86-4.2-2-pci_domain.diff: * fixes pci scanning on p650, p640 and others.
  • xshared
    • xpm-fix-for-682.diff (X.Org Bug #1920, Comment #18)
      • removes restrictive checks about filename/path (Bug #48768)
      • more fixes (X.Org Bug #1920/1924)
      • obsoletes xpm-sec5.diff, xpm-secfix-imakefile-thomas.diff, xpm-secfix-thomas
    • improved xpm-secfix-thomas.diff (Bug #43240)
    • p_max-pci-devices.diff: * change PCI devices limit (Bug #43679)
    • p_trans_open_max * change TRANS_OPEN_MAX limit (Bug #47111)
    • xpm-sec5.diff, xpm-secfix-thomas.diff, xpm-secfix-imakefile-thomas.diff: * fixed more known xpm security problems (Bug #43240)
    • p_xpm-sec.diff: * fixed known xpm security problems (CAN-2004-0687,CAN-2004-0688, Bug #43240)
    • finally fixed tmp race in Xsession script (Bug #34253)
    • reverted broken security fix for Xsession script (see also comment #16 of Bug#34253)
    • xfree86_4.1.0_glx_dri_integer_overflow.diff: * The GLX and DRI code of the Xserver did not verify the "screen" parameter in several functions. This failure leads to a denial-of-service condition and probably to arbitrary code execution as root. (CAN-2004-0093, CAN-2004-0094) (Bug #35206)
    • fixed tmp races in postinstall scripts and Xsession script (Bug #34253)
    • fixed more buffer overflows in fontfile/ direc (#34296)
    • put together old and new bugs in fontfile-sec_bufferoverflows
    • dirfile.diff: * at the same location just a few lines below the same problem
    • dirfile.diff: * A buffer overflow in the X server can be triggered by using a malformed fonts.alias file. This bug can be used to gain local root privilege (Bug #34296).
    • p_pam_setcred.diff: * Due to inproper checking of failure-conditions of pam_setcred() in XDM while using pam_krb5 a user with valid login credentials (Kerberos) may get root access to the system. (Bug #33788)
    • Disable sis.o module in km_drm (it has unresolved symbols), and remove a bad hack in Makefile.module. THis was discussed with sndirsch@suse.de and mantel@suse.de.
    • p_LTC3984.diff: * fixed double who entries for xterm (Bug #29126)
    • fixed build on sles8*s390*
    • This should fix bug #26187
      • Make sux work even if no network available (bug #25315)
      • Workaround in sux due broken gnome session managment (bug #24052)
  • yast2
    • #42979: Module option during installation not copied into installed system
    • #33929: Save As Dialogue may inadvertedly overwrite existing files
    • added cfg_displaymanager.scr
    • fixed package requirements for product slec
  • yast2-x11
    • removed cfg_displaymanager.scr (moved to yast2 package)
  • zebra
    • fixed security bug [#33993] (CAN-2003-0858): local users could send malicious netlink messages that cause DoS condition
    • fixed DoS condition, which exists in zebra when layer 3 access is possible to the telnet management port 2601/tcp. (CAN-2003-0795) [#32656]
  • zip
    • reworked zip-longpath.patch, missing free's after malloc
    • added zip-longpath.patch (Bugzilla #47932)
2.2 Security fixes
Service Pack 4 contains all security fixes released via the maintenance Web since the release of Service Pack 3.
3. Product News
Please visit http://www.suse.com for the latest product news.
4. Support restrictions
For support of the following packages we recommend to contact the manufacturer of the respective piece of software directly:
IBMJava2-JAAS IBMJava2-JAVACOMM IBMJava2-JAVACOMM_1_4 IBMJava2-SDK IBMJava2-SDK_1_4 java2
5. Detailed ChangeLog
The file "ChangeLog" in the toplevel of CD1 contains a summary of all the changes that were made for these updated packages. This gives you a good highlevel view of the changes and should be sufficient in most cases.
You can of course always get the very detailed technical information about any package changes from the RPMs themselves by doing
rpm --changelog -qp &lt;FILENAME&gt;.rpm
where &lt;FILENAME&gt;.rpm is the name of the rpm.
4. Known Bugs
  • Service-Pack 3 is not installalbe with the install scripts if you start the installation with Service-Pack 4 If you boot with Service-Pack 4 to start the installation, the install.sh/install_update_rpms.sh scripts of Service-Pack 3 will abort with an error. Copy the install_sp3_rpms.sh script from Service-Pack 4 CD1 and use that to install Service-Pack 3. Service Pack 3 is not installable with the install scripts if you start the installation with Service Pack 4 There are no problems if you install the Service-Packs with YOU, which is the preferred method.
  • SPident reports inconsistent Service pack level SPident is a tool to identify the Service Pack level of the current installation. SPident may report that the system has not reached the level of Service Pack 4. This happens, when so-called "optional" updates, which will not be automatically installed by YOU, are not manually selected during update. To fully reach the level of Service Pack 4 you have to manually select these packages in YOU.

links to download packages

Download Source Packages

Download the source code of the patches for maintained products.


Disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.

Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.

© Micro Focus