Release Notes for UnitedLinux 1.0 x86 Service Pack 4

Knowledgebase

(Last modified: 21MAR2005)


solutions

Release Notes for UnitedLinux 1.0 x86 Service Pack 4
SuSE Linux Maintenance Web (2703b9bc0638a38f2dbe780920d828a6)

applies to
   

Package: UnitedLinux-1.0-SP-4-i386-GM-CD1.iso
UnitedLinux-1.0-SP-4-i386-GM-CD2.iso
Product(s): SuSE Linux Enterprise Server 8 for x86

Release: 20050321
Obsoletes: none
Release Notes for UnitedLinux 1.0 x86 Service Pack 4

Please note that you need the Service Pack 3
ISOs / CDs to be able to install Service Pack 4. You always need to install
SP3 first! You find it here:

UnitedLinux 1.0 x86
Service Pack 3

However you are able to start a fresh installation from the SP4 CDs. You will
be asked for the SP3 CDs later on then.
Overview
1. Enhancements
1.1 Installation
1.2 Platform/Hardware
1.3 Applications and Tools
2. Maintenance fixes
2.1 Bugfixes
2.2 Security fixes
3. Detailed ChangeLog
4. Known Bugs
5. MD5SUMs
1. Enhancements
1.1 Installation

  • all installer/YaST2 fixes now available during installation
    in manual and autoyast mode when booting from Service Pack CD

Important Note:
The README on the toplevel of CD1 of this Service Pack contains detailed
instructions on the different methods to install this Service Pack. Please
read them and referred READMEs carefully.
After applying the update please have a look at the contents of the file
/var/adm/rpmconfigcheck. This file contains a list of configuration files
which could not be automatically updated. The reason usually is that the
installed version was modified. These files have to be checked and the
configuration needs to be adjusted manually.
1.2 Platform/Hardware

  • support many new hardware components via driver and PCI ID updates,
    e.g.
    • consolidated Qlogic driver to version 7.03.00 (qla2x00)
    • updated e1000-new driver to 5.6.10.1
    • updated cciss driver to latest version from 2.4.28-rc2
    • added bcm5700-new driver as 7.3.5
    • included megaide driver
    • updated IBM ServeRAID driver (ips) to 7.10.18
    • update PCI ID list for megaraid2 driver

1.3 Applications and Tools

  • Updated linux-iscsi toversion 3.6.2
  • Updated jfsutils to version 1.1.7
  • Updated reiserfs tools to version 3.6.19

2. Maintenance fixes
2.1 Bugfixes
Service Pack 4 contains all bugfixes released via the maintenance Web since
SP3 (Service Pack 3). In addition the following packages now getting released
with SP4 have seen bugfixes/enhancements:

  • 3ddiag
    • fixed insecure tmp file handling (Bug #33795)
    • Don’t send info mail about changes on new products [Bug #21414]
  • acl
    • #35084: Fix a memory leak in acl_init().
    • Fix a long standing bug in acl_get_file() for Default ACLs (that
      probably was there from hour one): Default acls bigger than the
      access acl of the same file could not be retrieved; this is very
      unusual.
    • added change to acl.5 (EAL3)
  • acroread
    • Update to version 5.010 which has a security fix that solves
      a problem with malformed mail containing pdf attachments
      (see SUSE bugzilla bug #49257).
    • Security update to version 5.09
      buffer overflow/shell meta character vulnerability
      see bug 43788 or iDEFENSE or the heise online news
  • ami
    • Bugzilla 40452: “LTC8294-Korea: AMI IM caused Seg fault after
      destroying one of some TextFields”: apply fix supplied
      by Mitsuru CHINEN mchinen@yamato.ibm.com.
    • add shift-ctrl-endian-problem.patch, see Bugzilla #32149.
      Patch thanks to Mitsuru CHINEN mchinen@yamato.ibm.com.
    • Bugzilla #32272: add destroy-hanja-dialog.patch to fix segfault
      after some operations for the candidate window.
    • Bugzilla #26766: apply 64bit and endianness patches
      for all platforms.
      Thanks to Mitsuru Chinen mchinen@yamato.ibm.com for noticing
      this and his explanation.
      Applying these patches always is necessary because the problems
      are caused by the difference of endianness between a server and
      a client.
      Applying these patches for all platforms should be safe,
      I do that in the the SuSE 9.0 packages already since June
      and no problems occured so far.
    • fix the rest of Bugzilla #26766: make it work with mlterm
      as well.
      Again many thanks to Mitsuru Chinen mchinen@yamato.ibm.com for
      the explanation how to fix it.
    • Fix bigendian problem #27181 for all ppc, ppc64, and s390 too.
    • Bugzilla #27181: fix endianness problem to make ami
      detect KDE correctly.
    • Bugzilla #26766: apply fix from Mitsuru Chinen for 64bit
      architectures.
  • apache-devel
    • security fixes from 1.3.31 [#40611]:
      • CAN-2004-0174 (cve.mitre.org)
        Fix starvation issue on listening sockets where a
        short-lived connection on a rarely-accessed listening
        socket will cause a child to hold the accept mutex and
        block out new connections until another connection
        arrives on that rarely-accessed listening socket.
        Enabled for some platforms known to have the issue
        (accept() blocking after select() returns readable).
        Define NONBLOCK_WHEN_MULTI_LISTEN if needed for the
        platform and not already defined.
      • CAN-2003-0987 (cve.mitre.org)
        Verification as to whether the nonce returned in the
        client response is one we issued ourselves by means of a
        AuthDigestRealmSeed secret exposed as an md5(). See
        mod_digest documentation for more details.
        The experimental mod_auth_digest.c does not have this
        issue.
      • CAN-2003-0020 (cve.mitre.org)
        Escape arbitrary data before writing into the
        errorlog. Unescaped errorlogs are still possible using
        the compile time switch
        “-DAP_UNSAFE_ERROR_LOG_UNESCAPED”.
    • security fix for mod_ssl: fix buffer overflow in
      ssl_util_uuencode() [#40791]
    • security fix (CAN-2003-0993): Allow and Deny rules with IP
      addresses (e.g. 192.168.1.1) where parsed incorrectly on 64-bit
      platforms with big endianness. It only affected IP addresses with
      no netmask definition. [#35450]
      htt
      p://nagoya.apache.org/bugzilla/show_bug.cgi?id=23850

      apply the patch only on s390x.
    • security fix (CAN-2003-0542): fix buffer overflows in mod_alias
      and mod_rewrite that are possible when using a regular expression
      with more than 9 captures [#32756]
    • rmeove 0host entries for pidfile and logfiles, which alarmed our
      patchrpm breakage tests
  • apache
    • security fix from 1.3.33:
      [CAN-2004-0940 (cve.mitre.org)]: mod_include: Fix potential
      buffer overflow with escaped characters in SSI tag string.
      [#47740]
    • security fix from mod_ssl 2.8.20:
      [CAN-2004-0885 (cve.mitre.org)]: fix SSLCipherSuite bypass in
      mod_ssl [#47117]
    • Applied some gaurds against invalid ctx pointers in
      mod_ssl. [#33968]
      mod_ssl-2.8.10-paranoid-pointer-2.diff was an unsuccessful PTF
      previously.
    • Security fix from mod_ssl 2.8.19: fix ssl_log() related format
      string vulnerability in mod_proxy hook functions. [#43114]
    • security fix in mod_proxy: Reject responses from a remote server
      if sent an invalid (negative) Content-Length. [#41970],
      CAN-2004-0492
    • use “chown -Rh” where needed after last fileutils change
    • security fixes from 1.3.31 [#40611]:
      • CAN-2004-0174 (cve.mitre.org)
        Fix starvation issue on listening sockets where a
        short-lived connection on a rarely-accessed listening
        socket will cause a child to hold the accept mutex and
        block out new connections until another connection
        arrives on that rarely-accessed listening socket.
        Enabled for some platforms known to have the issue
        (accept() blocking after select() returns readable).
        Define NONBLOCK_WHEN_MULTI_LISTEN if needed for the
        platform and not already defined.
      • CAN-2003-0987 (cve.mitre.org)
        Verification as to whether the nonce returned in the
        client response is one we issued ourselves by means of a
        AuthDigestRealmSeed secret exposed as an md5(). See
        mod_digest documentation for more details.
        The experimental mod_auth_digest.c does not have this
        issue.
      • CAN-2003-0020 (cve.mitre.org)
        Escape arbitrary data before writing into the
        errorlog. Unescaped errorlogs are still possible using
        the compile time switch
        “-DAP_UNSAFE_ERROR_LOG_UNESCAPED”.
    • security fix for mod_ssl: fix buffer overflow in
      ssl_util_uuencode() [#40791]
    • security fix (CAN-2003-0993): Allow and Deny rules with IP
      addresses (e.g. 192.168.1.1) where parsed incorrectly on 64-bit
      platforms with big endianness. It only affected IP addresses with
      no netmask definition. [#35450]
      htt
      p://nagoya.apache.org/bugzilla/show_bug.cgi?id=23850

      apply the patch only on s390x.
    • security fix (CAN-2003-0542): fix buffer overflows in mod_alias
      and mod_rewrite that are possible when using a regular expression
      with more than 9 captures [#32756]
    • remove 0host entries for pidfile and logfiles, which alarmed our
      patchrpm breakage tests
  • arts
    • fix a security issue in temp file handling (by Waldo #42486)
    • Make artsdsp abort on x86_64 when trying to run a 32 bit
      application.
  • autoyast2
    • Bug #42979 L3: Module options not copied into installed system
    • #34437, #36278: Fixed DTD
    • #33849: creating 4 primary partitions with control created with
      backup module not possible
    • #36459: Dont complain about needed space during partitioning,
      this is done when configuring software
    • #33871: Added script for creating CDs from multiple sources
    • #33899: Set intial installation language
    • #33848: clone software selection correctly
    • doc updates
    • #33844: Support for LVs over RAID
  • cadaver
    • really fix security problems in libneon (#41725)
    • fix security problems in libneon (#41725)
  • cups
    • fixed problem in new passwd file generation (bugzilla#49370)
    • xpdf security fix, CAN-2005-0064 (bugzilla#49840)
    • xpdf security fix, CAN-2004-1125 (bugzilla#49463)
    • DoS attack not fixed; not affected (bugzilla#49545)
    • lppasswd security fix, CAN-2004-1268 (bugzilla#49370)
    • hpgltops security fix, CAN-2004-1267 (bugzilla#49369)
    • additional xpdf fixes CAN-2004-0888, CAN-2004-0889
      (bugzilla#44963)
    • fixed ogonki (bugzilla#31756)
    • fixes for pdftops, CAN-2004-0888, CAN-2004-0889 (bugzilla#44963)
    • additional fixes for cupsomatic, CAN-2004-0801 (bugzilla#44233)
    • fixed security problem in cupsomatic, CAN-2004-0801
      (bugzilla#44233)
    • fix for DoS with zero len UDP packages (bugzilla#44088)
    • fix for 64bit arthimetic/casting problems in sleep()
      (bugzilla#40880)
    • pam2 config files now installed on non-i386 arch
      (bugzilla#39920)
    • /usr/lib now replaced by architecture dependend path
      (bugzilla#39385)
  • cvs
    • fix the patch for malformed Entry lines (cvs-1.12.7-exploit-fix)
      (#42397)
    • update last patch to fix WinCVS support (20040521 version)
    • new krahmer+esser security fix for (#39773)
      • error_prog_name “double-free()” (SE)
        CAN-2004-0416
      • argument integer overflow (SK)
        CAN-2004-0417
      • serve_notify() out of bound writes (SK)
        CAN-2004-0418
    • expoit-fix for malformed Entry lines. This can be exploited via
      a buffer overflow (#39773)
    • fix pserver client side leak (#36659)
    • fix format string vulnerability (#33851)
    • added security patch for modules path (#33631)
  • cyrus-sasl
    • Bugfix ID#46847 – VUL-0: SASL environment variable local root
  • devs
    • fix permissions of /dev/perfctr (#49581)
    • create ttyS1 node for VT220 on s390* (bug #29239)
    • create 12 iseries/vt0 nodes (#24495)
    • Remove special fb* device numbers for SPARC, use standard one
    • makedevs.floppy: don’t create devices for ix86 specific devices
      on SPARC
  • dhcp-server
    • add another patch related to the VU#317350 fix, restricting the
      length of client provided fqdn (for use as DDNS domain name) to
      255 characters, as found in the dhcp-3.0.1rc14 tarball, and as
      recommended by ISC. [#41975]
    • security fixes [#41975]:
      • fix buffer overflow in the DHCP server that can be
        exploited by the client by specifying multiple
        ‘hostnames’ to execute arbitrary code or at least crash
        the server. VU#317350
      • add patch to use vsnprintf() instead of vsprintf() calls.
        VU#654390
      • use mkstemp() to create temp files [#40267]
      • dhcrelay: add patch from Florian Lohoff (slightly
        modified), that makes the maximal hop count of forwarded
        packages configurable (-c maxcount), sets the default to
        4, and rejects packages with a hop count higher than
        maxcount (CAN-2003-0039,
        http://www.kb.cert.org/vuls/id/149953). Add a
        variable to /etc/sysconfig/dhcrelay to pass such
        additional options. [#31963]
    • when copying include files into the chroot jail, create
      subdirectories as needed, thus retaining the path to the files
      (closes bug [#28284])
    • remove 0host filelist entries and preun creation of pid files,
      since it catches the attention of the patchrpm breakage tests.
      Clean up the libraries from the jail when the server is stopped.
    • Don’t send update messages on UnitedLinux [#26460]
  • dprobes
    • Work with new grammar
  • drbd
    • Fix #43582: Build module correctly on x86_64.
    • Upgrade to 0.6.13 to fix #42885: Data corruption if secondary
      node fails during sync.
    • Update to 0.6.12 from upstream, most critical fixes:
    • With the non-blocking IO hints, a bug was introduced that could
      lead to partially sent IO hints. -> loss of connetion. This
      issue is fixed now.
    • Fix for timeout when asender is dead; this could lead to a
      “stalled” Primary.
    • Sending of IO hints is done non-blocking; this fixes blocking
      bottom halves or bdflush and the like in low memory situations;
      by Lars Ellenberg.
    • Finally fixed the remaining race cases where the Primary could
      lock up when Secondary failed during sync.
    • Fail IO if not primary.
    • Reparent processes to init if parent dies.
    • We don’t need kernel-source to build.
    • km_ Makefile updated.
  • enscript
    • fix patch for CAN-2004-1186 (#49680)
    • Add three security fixes CAN-2004-1184,1185,1186 (bug #49680)
    • Adopt CAN-2004-1184 to enscript 1.6.2
  • ethereal
    • fixed security bugs in HTTP, SMB, X11 dissectors and invalid RTP
      timestamp [#49253] (CAN-2004-1140, CAN-2004-1141, CAN-2005-0084,
      CAN-2004-1142)
    • fixed missed security bugs (in SIP, AIM, SPNEGO and MMSE
      dissectors) [#47183] enpa-sa-00014 (CAN-2004-0504,
      CAN-2004-0505, CAN-2004-0506, CAN-2004-0507)
    • fixed security bugs (in iSNS, SMB and SNMP dissectors) [#42820]
      enpa-sa-00015 (CAN-2004-0633, CAN-2004-0634, CAN-2004-0635)
    • added missing online help [#39518]
    • updated to version 0.10.3 (security update) [#35449]
      * several security fixes; enpa-sa-00013; CAN-2004-0176
      CAN-2004-0367, CAN-2004-0365
    • fixed default filter (ipv6 problem)
    • fixed locating manuf file in /etc [#34386]
    • removed obsoleted patches
    • fixed security bug (in SMB dissectors);[#33650] enpa-sa-00012
    • fixed security bugs (in GTP,ISAKMP,SOCKS dissectors);
      enpa-sa-00011
  • file
    • Fix some buffer overflows (bug #48576)
  • freeradius
    • added remote crasher fixes (#47389)
      • CAN-2004-0938
      • CAN-2004-0960
      • CAN-2004-0961
    • security Fix for remote denial-of-dervice attack by sending a
      malformed package (#33321)
  • freeradius-devel
    • security Fix for remote denial-of-dervice attack by sending a
      malformed package (#33321)
    • security-fix for buffer-overflow in CHAP implementation
      (#27892)
  • freeswan
    • Fix for certificate chain authentication bug (#42153)
  • gawk
    • Replace igawk with version from gawk-3.1.3 [#33932].
  • gcc
    • Fix using custom allocators for basic_strings in
      libstdc++. (#40711)
    • Integrated overlaying temp stackslots problems fix from Michael
      Matz (LTC#7624, SUSE#39078)
    • Fix miscompilation in rdist [#33343].
    • Fixed double null pointer check deletion problem on
      architectures with more than 1 CC. (#34257)
    • Make ios::copyfmt copy the imbued locale (#34327)
    • Use cmpstrsi instead of doing unsafe strcmp->memcmp
      transformation. (#33963)
    • Don’t discard GOT pointer if only used in a catch handler
      (#33987)
    • Make loop transformation regard REG_EQUAL notes (#34193)
    • No seperate version for ppc
  • gd
    • fixed more overflows – CAN-2004-0941 [#47666]
    • fixed several integer overflows [#47666]
  • gdk-pixbuf
    • add unresolved external reference (SuSE Bug Id #45423)
    • added patches for
      • CAN-2004-0782 Heap-based overflow in
        pixbuf_create_from_xpm
      • CAN-2004-0783 Stack-based overflow in xpm_extract_color
      • CAN-2004-0788 ico loader integer overflow. (SUSE Bug
        Id#44100)
  • gdm2
    • attach patch to prevent a possible DoS Attack in gdm
      Bug Id #32314
    • rename the actual gdm binary (gdm-binary) to gdm for
      rcxdm to be able to start and shutdown gdm (Bug Id#31149)
  • glibc
    • removed crap-o-matic parallel build code that fails every
      other time, replaced it with %jobs macro
    • Add partial fix for [Bug #48330] (possible loop in getaddrinfo)
    • Add dns-network security patch [Bug #47900]
    • Use malloc for buffer in dns-host, dns-network and res_query
      [Bug #47750]
    • Add backport of backtrace functionality for ia64 [#42870].
    • Fix makecontext with more than 6 arguments on x86-64 [#40546].
    • Fix poll syscall interface [#39587].
    • Fixed ppc tcsetattr patch, removed unneeded hunk which breaks
      stty.
    • Fix tcsetattr on PPC
    • Changed struct ucontext for ppc and ppc64 to fit the
      glibc-2.3 version. Is still binary compatible
      to both kernel and userland. LTC#5172/SUSE#32813.
    • added pt_chown.5 man-page (EAL3)
    • Fix getgrouplist patch
    • Add getgrouplist fix for too much groups
    • AMD64: fix s_ceill and s_floorl
    • PPC: Fix pthread spin lock problem [Bug #33148]
    • IA64: Fix pthread spin lock problem [Bug #33090]
  • gnome-vfs2
    • Replaced insecure old extfs modules by fixed modules from mc,
      fixed the rest (CAN-2004-0494, CRD: 04.08.2004) (#43152).
  • gnome-vfs
    • Replaced insecure old extfs modules by fixed modules from mc,
      fixed the rest (CAN-2004-0494, CRD: 04.08.2004) (#43152).
  • gpm
    • fixed segfault, when opening console failed (bug #31970)
  • gtk2
    • added patches for
      • CAN-2004-0782 Heap-based overflow in
        pixbuf_create_from_xpm
      • CAN-2004-0783 Stack-based overflow in xpm_extract_color
      • CAN-2004-0788 ico loader integer overflow.
        (SUSE Bug Id#44100)
  • heimdal
    • fixed cross-realm vulnerability [#37079]
    • fixed segfault in krb5_get_init_creds_password [#33485]
    • fixed changing password against MIT server [#27320]
  • htdig
    • Fix a cross site scripting flaw as found by Michael Krax; apply
      the patch proposed by Phil Knirsch (modified for version 3.1.6);
      CAN-2005-0085 [# 50238].
    • add patch from stable (htsearch_64.patch) to fix #49619
      to make htsearch work
  • imlib
    • Even more additional XPM security fixes. #48061
    • Also apply the patch to the cut & pasted BMP loader in
      Imlib/.
    • Added additional overflow checks to BMP loader.
    • fixed buffer overflow in BMP loader. CAN-2004-0817,#44228
  • iptables
    • fixed uninitialised variable [#47850] – CAN-2004-0986
    • configure kernel source
  • ircd
    • Apply patch to prevent buffer overflow in m_join()
  • java2
  • jfsutils
    • Update to 1.1.7 [#49728]
  • kdelibs3
    • protect against ftp command injection (#49034, SWAMP 101)
    • fix Konqueror Window Injection Vulnerability (#49194)
    • hide passwords in URLs when they are visible to the user
    • update patch for Frame Injection in khtml, fixing a regression
      (wrong frames might get used)
    • fix possible Frame Injection in khtml (by Waldo #43271)
    • fix for unsecure tmp file handling (by Waldo #42486)
    • security fix telnet service (#11606)
      files could have been overwritten or created
    • email addresses were used as direct command line argument with
      kmail
  • Kernel
    • disable bcm5700-new test code to fix problem with unresolved
      symbols (SUSE50674)
    • update IBM ServeRAID driver (ips.c) to 7.10.18
    • patches.common/qla2xxx-disable-fdmi: Disable FDMI for qla2xxx
      (SUSE50738).
    • patches.common/scsi-addsingledev-online
      patches.common/scsi-ltcbzid-12614-lvm-mp.diff
      Fix online behaviour of SCSI-disks if
      fcp connection is lost (SUSE50607)
    • JFS: Handle out of space errors more gracefully (SUSE50945)
    • patches.common/xattr-race-minimal-fix.diff: Fix race in xattr
      sharing (SUSE50424).
    • fix usb-serial driver, bring it to 2.4.28 level (bug SUSE48489)
      remove obsolete patches.common/usb-serial-palm-sched_oops.patch add
      patches.common/usb-serial-2.4-1.1438.6.5.patch
      http://linux.bkbits.net:8080/linux-2.4/cset@40cef0fbpF3A_edUhi8H
      a2Qi09Batw add patches.common/usb-serial-2.4-1.1482.2.2.patch
      http://linux.bkbits.net:8080/linux-2.4/cset@4186b9cdrEhF6Csz1SSx
      9dzswhwG8Q
    • add new PCI IDs to megaraid2 driver (SUSE50720)
    • S/390: build sclp_cpi as module (SUSE49607).
    • patches.common/natsemi-long-cable-fix: add module option
      to disable natsemi short cable hack (SUSE46903)
    • disable old qla2xxx v6 driver for ppc64 and use new version v7
    • patches.common/xattr-sharing-bug.diff: Fix long-standing xattr
      sharing bug (#50424).
    • update e1000-new driver to 5.6.10.1
    • consolidate qla2xxx drivers to version v7.03.00
    • add patches.common/scsi-define-task-aborted
      Fix STATUS mask and define TASK_ABORTED (#49150)
    • add patches.common/scsi-increase-error-timeout
      Increase error timeout to avoid races (#49692)
    • add patches.s390/s390-tape-defcc-common
      S390: fix tape tar or db2 backups hang (#49781)
    • add patches.s390/linux-2.4.22-s390-20-june2003-patches/*
      S/390: Include official IBM codedrop.
    • add patches.s390/linux-2.4.23-s390-21-june2003-patches/*
      S/390: Include official IBM codedrop.
    • Removed obsolete patches.
    • fix oops in generic_file_direct_IO (#48909 – LTC12515)
    • JFS: remove buggy txAbortCommit, and use txAbort instead
      (#50430 – LTC13830)
    • fix ia64 that got broken by the fix to #49896
    • Disable rawio readv/writev implementation (andrea, #48530)
    • fix potential problem with overlapping VMAs (#49896)
    • add missing check to vt resizing code (#49171)
    • UML does not have audit subsystem
    • fix race in SMP page fault handler; correct version (#49652)
    • fix audit subsystem filtering flaw (#49801)
    • fix race in SMP page fault handler (#49652)
    • add missing mmap_sem around do_brk calls (#49492)
    • patches.s390/s390-hsi-disable-time-delay.patch
      Fix hipersockets (49639 – LTC13256).
    • patches.common/cmsg-compat-signedness-fix: one of the size
      checks was wrong and broke some 32bit applications on 64bit
      kernels (49517).
    • add some more entries to scsi_scan blacklist (#49498)
    • patches.common/igmp-fix: use final version of fix (#48895)
    • patches.common/usb-storage-reset-device: only allow usb-storage
      to reset if it owns the whole device (#38798, #35425)
    • patches.common/x86_64-int80: fix roothole in x86_64 int80
      handler (#49210)
    • patches.common/lkcd-e1000-netpoll: provide API required by
      LKCD netdump to e1000 driver (49083).
    • add patches.ppc/ibm-ppc64-vmx-signal.patch
      improve vmx context switching (#47367 – LTC11883)
    • update patches.ia64/linux-2.4.21-ia64-030702
      move the include/linux/pci_ids.h change out of the way
    • patches.common/cmsg-compat-signedness-fix: CMSG compat code
      needs signedness fixes too. (49047).
    • patches.common/cmsg-signedness: Fix CMSG validation checks
      wrt. signedness. (49047).
    • patches.common/fix-ip-options-leak: Do not leak IP
      options. (49057).
    • patches.common/igmp-fix: fix possible DoS in igmp code (#48895)
    • patches.common/serialize-dgram-read.diff: Serialize dgram read
      using semaphore just like stream (#48427).
    • add patches.s390/qeth-transmission-failures.patch
      Fix qeth transmission failures (48706 – LTC12756)
    • add patches.s390/linux-2.4.21-s390-20-june2003-patches/*
      S/390: Include official IBM codedrop.
    • add patches.s390/linux-2.4.21-s390-21-june2003
      S/390: Include official LCS driver update
    • Removed obsolete patches.
    • patches.common/sg-sles8-fixes-update: missed one place where proc
      output needs to drop the lock.
    • patches.common/elf-loader-setuid:
      additional checks for elf loader vulnerability
    • patches.common/cciss-update:
    • patches.common/cciss-device-id:
      use new PCI ID for new cciss driver (#45148)
    • patches.common/fix-aout-leak:
      fix a.out leaking fds and memory (#48199)
    • patches.common/elf-loader-setuid:
      fix ELF loader when handling setuid binaries (#45632)
    • patches.s390/lcs-driver-update
      S/390 LCS network driver update (#34111)
    • patches.common/cciss-update:
      update cciss driver to latest version from 2.4.28-rc2 (#45148)
    • patches.common/smbfs-overflows: included additional fixes (#46204)
    • patches.ia64/linux-2.4.21-ia64-030702:
      fix trivial reject in pci.ids file
    • moved tag SLES8_SP4_BETA1
    • patches.common/fix-cciss-x86_64:
      make cciss driver at least compile on x86_64
    • tagged SLES8_SP4_BETA1
    • config/*/*:
    • patches.common/bcm5700-new:
    • patches.common/bcm5700-new-adapt:
      add version 7.3.5 of bcm5700 driver as “bcm5700-new”
    • patches.common/10_try-cciss-only-4G-1:
    • patches.common/cciss-update:
      update cciss driver to 2.4.52 instead of cloning it
    • add patches.s390/linux-2.4.21-s390-19-june2003-patches/*
      Update to official IBM codedrop.
    • Removed obsolete patches.
    • Added compatible ioctls for softdog (#40925).
    • Update the sg fix patch (#47458)
    • Fix leak on building SCSI command blocks (#47817)
    • add patches.common/usb-drivers-memset.patch
      fix some memleak to userspace in some usb drivers (#47595)
    • patches.common/fix-clear_LDT-wrong-context: clear_LDT sometimes
      was called in the wrong context (#47430)
    • add patches.common/cciss_2442_to_2448_x86_64.patch
      add patches.common/cciss_2448_to_2452_x86_64.patch
      update cciss also on x86_64 (#45148)
    • add patches.ppc/ibm-ppc64-signal-set-current-state.patch
      add memory barrier after chaning current->state (#47603 –
      LTC11921)
    • patches.common/fix-get_user_pages: fix broken get_user_pages;
      properly account reserved pages (#47337, #47343)
    • patches.common/scsi-complete-account: Fix SCSI io accounting
      locking (47322, axboe@suse.de).
    • patches.common/md-resync-speed: Fix resync speed for stacked md
      devices. (L3 #47143)
    • patches.common/md-start-array: Avoid the automatic nested md device
      discovery if starting one array explicitly. (L3 #46966)
    • add patches.common/set_pte-races (#46948 – LTC11574)
      Fix threaded user page write memory ordering
      Make sure we order the writes to a newly created page with the
      page table update that potentially exposes the page to another CPU.
    • name new cciss driver “cciss-new” instead of “cciss_new”. Now
      this is consistent with the handling of “e1000-new”.
    • add new version 2.4.52 of cciss driver as cciss_new (#45148)
    • Update patches.s390/linux-2.4.21-s390-18-june2003-patches/*
      Replaced corrupted files (Transmission error from IBM).
    • Add modversion dump file /boot/symvers-$(uname -r).gz as in 2.6
      kernels for modversion checking.
    • add patches.s390/linux-2.4.21-s390-18-june2003-patches/*
      Update to official IBM codedrop.
    • Removed obsolete patches.
    • Enabled patch for #44487.
    • patches.common/smbfs-overflows: Patch from Urban Widmark to
      fix remotely exploitable denial of service in kernel SMB code (#46204)
    • add
      patches.s390/linux-2.4.21-s390-17-june2003-patches/linux-2.4.21-s390-17-0{7,8,9}-june2003
      Update to official IBM codedrop.
    • patches.common/lkcd-smp-update: compilation fix for ia64.
    • add patches.common/jfs-memleak-invalidate_metapages.patch
      JFS: fix memory leak in __invalidate_metapages (#35499 – LTC6726)
    • add patches.ppc/ibm-ppc64-linux-2.4.21-213-set_pte.patch
      fix race condition between PTE set and __hash_page on PPC64
      (#45980 – LTC11381)
    • patches.common/lkcd-smp-update: Fix lkcd crash on smp
      machines (#44919).
    • patches.common/pte-establish-race: avoid userspace corruption
      during COWs with threads on x86 PAE with >4G of ram.
    • make gendisk_lock irq safe (bug #45742)
    • fix for ES7000 machines to properly detect all CPUs (#32926)
    • patches.fixes/netfilter-ipt-log-crash: Prevent ICMP crash in
      netfilter logging (46016)
    • Disable CONFIG_UID16 for s390x (#43176)
    • Drop broadcast packets if qeth can’t handle them (#42433)
      add patches.s390/qeth-drop-bcast-packets.patch
    • Disabled IBM preliminary patches.
    • export some aio symbols to catch up with 2.6
    • Added Preliminary IBM Codedrop 2.4.21-s390-17 (2004-09-17)
      add patches.s390/linux-2.4.21-s390-17-june2003-patches
    • Added Preliminary IBM ‘Korora’ Codedrop.
      add patches.s390/ctcmpc
      add patches.s390/layer2_10gig
      add patches.s390/z90crypt
    • Fix sys_ioctl definition for 31bit emulation
      add patches.s390/s390x-ioctl32-args
    • Update patches.s390/mcast_new_complete.diff to match
      IBMs version.
    • fix JFS resize bug on big-endian (#41535)
    • prevent oops in ip6t_LOG (#44213)
    • Added IBM Codedrop 2.4.21-s390-13 (2004-05-18)
      add patches.s390/linux-2.4.21-s390-13-june2003-patches
    • Added IBM Codedrop 2.4.21-s390-14 (2004-06-14)
      add patches.s390/linux-2.4.21-s390-14-june2003-patches
    • Added IBM Codedrop 2.4.21-s390-15 (2004-07-14)
      add patches.s390/linux-2.4.21-s390-15-june2003-patches
    • Added IBM Codedrop 2.4.21-s390-16 (2004-09-14)
      add patches.s390/linux-2.4.21-s390-16-june2003-patches
    • Removed temporary fixes which were merged in the codedrops.
    • Disabled CONFIG_UID16 for s390x.
    • update write-return-eio to handle the generic_osync_inode case
    • write-return-eio: In case we encountered an IO error (-EIO), we
      better make sure we return it, as the amount of bytes written
      before is not reliable then. (#43622)
    • sunrpc/svcsock: don’t propagate TCP recvfrom errors up to nfsd;
      this causes nfsd to exit (#45132)
    • scsi-scan-largelun: Update SCSI blacklist from 2.4.28-pre3.
    • scsi-scan-allow-ghost-devs: Move determination of SCSI level
      earlier, so we can issue REPORT_LUN to targets where we could
      not register LUN 0 due to PQ/PDevTp == 3/0x1f. [#39279]
    • scsi-logging-parm: Don’t put a version on symbol.
    • scsi-scan-allow-ghost-devs: Don’t abort scanning on PQ/PDevTp
      == 3/0x1f; just don’t attach to this LUN (unless
      scsi_allow_ghost_devices is larger than the LUN). For ghosts,
      only allow sg to attach. [#39279]
    • scsi-scan-newopts: bflags could have been used uninitialized
      for INQUIRY length determination.
    • get_user_pages_pte_pin-async2: Asynchronous kevented to avoid
      async IO deadlock (andrea, 43220, 43761).
    • One more audit patch [#43066].
    • audit: fix handling of return value.
    • audit: add support for clone2 syscall.
    • fix race condition in sg.c I/O completion (#42678)
    • get_user-pages_pte_pin-fix: Fix the kiovec free oops with lvm
      snapshotting (#33482, #44065).
    • More nfsd xdr decoding fixes (#43603)
    • patches.s390/s390x-lstat-return.patch (#43118)
      S/390: Do not modify stat buffer on error.
    • patches.s390/s390x-mmap-error.patch (#43554 – LTC10008)
      S/390: Fix mmap segfault on error.
    • Revert last change.
    • Moved syscall-audit-ia32_syscall_enable to patches.ia64 (#43066)
    • Use CONFIG_IA64.
    • syscall-audit-ia64-utimes: utimes has two timeval arguments,
      fix audit code for it on ia64 (#43066).
    • Add ia32_syscall_enable sysctl [#43066].
    • fix kNFSd signed issues (#43603)
    • Fix syscall-audit patches to compile.
    • queue-signals-peruser.diff: Fix missing initialisation of signal
      counter in signal DoS patch. (#39181, okir)
    • Fixed s390/ppc compile problem with syscall-audit-semtimedop
    • Merged several patches for audit subsystem (#43066, #43561)
    • add missing license tags for dump_gzip.c and dump_rle.c (#42159)
    • fix wrong cache descriptors (#41051)
    • Fix proc-info-leak bugfix (#43390).
    • add patches.common/proc-info-leak-ppc_rtas_tone_volume_read
      missing variable
    • Fix proc-info-leak to compile on S/390 (netiucv).
    • Fix proc-info-leak to compile on S/390 (ctcmain).
    • make fix for firewire overflow problem actually compile
    • fix integer overflow in firewire code (#42402)
    • Clean up signal queue DoS patches: Just apply the sysctl per user
      instead of globally (#39181).
    • export symbol block_commit_write (#43205)
    • activate fixes for /proc info leak (#41074)
    • Add LAuS patches for ia64.
    • fix direct io on ext3 (#42239)
    • JFS: Make sure journal records get flushed to disk (#42651)
    • add missing check in chown() system call (#42400)
    • #39181 pending signal queues: denial of service. Hide the new
      RLIMIT_SIGPENDING resource from user space.
    • Make CONFIG_RELEASE a string instead of an integer.
    • add EXPORT_SYMBOL_NOVERS(_sb_findmap); for
      s390 and s390x (#42137)
    • pss-user-pointer: Properly check userspace pointer (#42050)
    • fix memory overwrite bug in airo driver (#42096)
    • fix copy_from_user/copy_to_user thinko in ALSA (#42095)
    • asus_acpi: parse arguments in a safe way (#42052)
    • properly use _user in OSS ioctls (#42050)
    • don’t write user pointers without checking in decnet (#42049)
    • check existance of device in eql (#42217)
    • Make CONFIG_RELEASE a string instead of an integer.
    • Switch to sequence-patch.sh from kernel-source-26. Adjust.
    • fix wrong 32 bit syscall table on x86_64 for syscall audit (#41972)
    • Backport from kernel-source-26: Remove stray quotes from
      EXTRAVERSION: CONFIG_CFGNAME is a quotes string like “default”;
      those quotes ended up in EXTRAVERSION and were removed or not
      depending on the context in which this variable was used.
    • Fix x86-64 MCE decoding patch that went in previously (#41593)
    • gdth-pci-dma-2: Fix ICP Vortex driver for machines with >4GB
      RAM. (#41495, axboe).
    • S390: Update patches.arch/s390-dirty-2.6.5
      Update to version suggested by akpm (#42066).
    • S390: add patches.s390/dirty-2.4.21
      fixing data corruption under memory pressure for s390 (#42066)
    • S390: add patches.s390/w4sense-cc3.patch
      Fix data corruption on heavy load with ESS.
    • fix user-triggerable local DoS (#41951)
    • use correct fix for e1000 infoleak bug (#39680)
    • Add missing file
    • Fix machine check handler on x86-64 (#41593)
    • Really fix LDT/TSS limit on x86-64 (#41574)
    • Fix fpu register leak [#41411].
    • add patches.ppc/ibm-ppc64-bcm5700-7.1.23
      need memory barriers in the Rx path (#41393 – LTC9003)
    • fix vmalloc-page-fault bug with nested irqs (#40550)
    • fix incorrect error handling in map_user_kiobuf
    • fix info leak in e1000 driver (#39680)
    • fix for > 1TB SCSI disk (#41262)
    • enable patches.common/highuid16.patch
    • add patches.common/highuid16.patch, but leave it disabled
      the last patch to fix uid32 problem in smbfs caused unresolved
      symbols. make it i386 only for the time being. (#41090 – LTC8819)
    • remove EXPORTSYMBOL-declaration of overflowuid_overflowgid
      in arch/s390x/s390_ksysm.c
    • adding patches.s390/add_config_uid16_to_s390x to enable
      CONFIG_UID16 for s390x
    • qla-select_next_path_fix-v6.07.02: Handle failover without
      oopsing during module reinsertion (PPC, #40872).
    • Adding CONFIG_UID16=y to default config of s390x
    • add patches.ppc/ppc64-24-hdio-ioctls
      mark HDIO_DRIVE_TASK as compatible ioctl (#40641 – LTC8579)
    • add patches.common/usb-storage-ioerror_ohci-locking-2.4.21.patch
      serialize ohci URB unlink handling (#25555,#30673 – LTC4369)
    • S/390: Add patches.s390/linux-2.5.21-s390-zfcp-retry.patch
      Fix rash retries on zfcp (#35557).
    • S/390: Added more includes to init/kerntypes.c
      (As per request of Michael Holzheu holzheu@de.ibm.com)
    • fix uid32 problem in smbfs (#39579)
    • add patches.ppc/ibm-ppc64-lparcfg (#39602 – LTC6863)
    • Merge from UL1_SP4_BRANCH
    • add patches.common/fs-exec-coredump-LFS (#38733)
      from Andrea to allow core files larger than 2 GB
    • add add patches.common/get_user_pages_pte_pin (#39138 – LTC7702)
      patch from Andrea to prevent unmapping of pinned pages
    • fix buffer overflow in panic() (#39054)
    • fix proc file permissions of qla2xxx driver (#39347)
    • fix memory leak in do_fork() (#39223)
    • add patches.common/qla-vary_io, ppc64 only at the moment
      (#37610 – LTC7160)
    • Fix mcast-msfilter-int-overflow patch.
    • mcast-msfilter-int-overflow: Fix integer overflow in ip_setsockopt
      MCAST_MSFILTER (#39207).
    • add support for Treo600 (trivial backport from 2.6) (#39132)
    • add two more HP devices to SCSI scan blacklist
    • S/390: Fix multicast handling for iucv (#35593).
      (UL1_SP4_BRANCH)
    • Fix user_to_kernel_hz_overflow(x) macro (werner, andrea).
    • Enable nbd module on ia64.
    • Add Apple Xserve to the SCSI blacklist with LARGELUN SPARSELUN.
    • Semaphore fix (#38517, i386 & x86-64).
    • S/390: added patches.s390/mcast_new_complete
      Fixing Multicast handling on S/390 (#35593).
      (UL1_SP4_BRANCH)
    • fix cpu_sibling_map on summit machines (#33284).
    • fix I/O resource allocation failure during PCI hotplug (#32694)
    • fix info leak in jfs filesystem (#36125)
    • add CLOVERLEAF device to scsi_scan blacklist
    • fix some more ACPI IRQ problems (#36058, #34704, #35314)
    • sunrpc-svcsock-drop: Be more careful about dropping connections
      in RPC, work around for buggy NFS clients (#34733, okir).
    • fix ocfs2 mount problem (#32962)
    • added some HP devices to scsi_scan blacklist (#36207)
    • scsi_scan blacklist entry for DEC HSG80 needs BLIST_SPARSELUN
      instead of BLIST_FORCELUN (#37453)
    • S/390: Update to IBM codedrop 2004/03/15
      added patches.s390/linux-2.4.21-s390-12-june2003-patches
      removed superseded patches:
      patches.s390/zfcp_hbaapi_buffersize.patch
      patches.s390/zfcp-watchdog.patch
      patches.s390/qdio-guest-lan.patch
      (UL1_SP4_BRANCH)
    • S/390: add patches.s390/qdio-guest-lan.patch
      fix performance slowdown of Hypersocket Guest Lan (#36652)
      (UL1_SP4_BRANCH)
    • S/390: add patches.s390/zfcp-watchdog.patch
      watchdog for stalled FCP channel (#37072)
      (UL1_SP4_BRANCH)
    • S/390: add patches.s390/zfcp_hbaapi_buffersize.patch
      fix size of SCSI SENSE buffer for zfcp hbaapi (#36486).
      (UL1_SP4_BRANCH)
    • 390:disable parts of linux-2.4.21-s390-10-05-june2003-net(#35593)
      (UL1_SP4_BRANCH)
    • Fix user triggerable oops in x86-64 32bit emulation
    • add patches.ppc/sles8-qla-v6.07.02-2.4.21-147.patch (#36225)
      update device driver to fix potential data integrity problem
    • allow IPv6 netfilter modules to be loaded on x86_64 (#34810)
    • add new version 5.2.30.1 of e1000 driver as e1000-new.o
    • fix info leak in xfs filesystem (#35463)
    • add missing size check in r128 driver also to 4.0 version
    • lvm hash bucket calculation fix, solves snapshot creation
      problems on 32bit machines with > 4GB of ram. Bug #34418
    • use agpgart-bus also on i386 to solve problem also in 32 bit
    • don’t try to use forcedeth driver on S/390 machines
    • add HP ProLiant and Compaq ProLiant to dmi blacklist so that ACPI
      gets disabled automagically on these systems
    • fix ipv4 raw ip checksum error, triggered by gcc 3.3 (#34820)
    • 64-bit kernel emulation of 32-bit CDROM_SEND_PACKET ioctl was
      incomplete and could cause kernel crashes (#35159)
    • fix vulnerability in soundblaster driver (#35279)
    • fix info leak in ext3 filesystem (#35212)
    • add yet another missing size check in r128 driver (#33945)
    • fix vulnerability in iso9660 filesystem (#34841)
    • add forcedeth driver for NVIDIA nForce media access controllers
    • blacklist-patch.HP: ACPI blacklist update forCompaq/HP Proliant
      machines (#33167).
    • patches.common/scsi-req-q-ptr: Make sure proper request queue
      ptr is passed, to avoid missing wakeups. Finally solves
      starvation (#33215, LTC5252, axboe, mpeschke)
    • patches.common/lvm-dont-shift-pv: Don’t shift PV pointers
      to prevent null ptr deref. (#34042, sbader, obsoletes
      lvm-mp-oops-on-null-pv).
    • patches.common/vm_reserve: Also use vm_reserve boot param, if
      CONFIG_DISCONTIGMEM (NUMA) is set on i386. (#34418)
    • add patches.ppc/ibm-ppc64-log_rtas_len-overflow
      avoid overflow in rtas functions (#34595 – LTC5991)
    • add patches.ppc/ibm-ppc64-errinject.patch
      copy enough data in ppc_rtas_errinjct_write (#35048 – LTC6543)
    • Fix off by one errors in x86-64 IOMMU code (#35039)
    • fix IGMP/ipt_REJECT checksum on x86-64 (#35140)
    • add patches.ppc/vmalloc-patch-suse-sym2
      protect page_table_lock during interrupts (#32275 – LTC4738)
    • fixed #33167 (HP & xAPICs) through DMI id updates
    • prevent potential DoS attack via mremap (#34729)
    • fix user space access in C-Media PCI OSS sound driver
    • fix #33945 for both versions of the r128 DRI driver
    • Implement mapped_base for x86-64 (#34548)
    • Fix aacraid patch
    • Update aacraid and dpt_i2o drivers to latest versions on x86-64
    • Reenable dpt_i2o driver on x86-64
    • S390: Moved IBM codedrop 2004/01/16 to UL1_SP4_BRANCH.
    • S390: Add missing symbol nr_running().
    • S390: Reenable missing
      patches.s390/linux-2.4.21-s390-timer-03-june2003.diff.
    • add patches.ia64/disable-showMem (#33317)
    • add patches.ppc/ibm-ppc64-pseries-cpu_update for upcoming cpus
    • Part of a patch from Greg Banks, which will hopefully fix
      the “dirty inodes after unmount, self-destruct in 5 seconds”
      problem (#30943)
    • check interpreter type to prevent possible local DoS (#34287)
    • return proper error codes for do_munmap() failure in mremap
    • s390x: fix 31-bit emulation of /proc/<pid>/mapped_base(#34276)
    • patches.fixes/xattr-keep-block: Fix xattr bug when keeping
      the same disk block in ext[23].
    • Audit subsystem: included patches that were submitted as part
      of the EAL3 certification effort but not included in the SLES8
      kernel so far. These patches affect the audit subsystem only.
      patches.common/syscall-audit-noparanoia
      patches.common/syscall-audit-nohang
    • S390: Update to IBM ‘blizzard’ codedrop 2004/01/31
      Added new patches linux-2.4.21-s390-08-june2003-patches
      Added new patches linux-2.4.21-s390-09-june2003-patches
      Added new patches linux-2.4.21-s390-10-june2003-patches
      Updated timer-patch.
      Updated config files to select new options.
    • lvm-mp-oops-on-null-pv: lvm-mp code introduced conditions where
      we could hit a NULL pv and deref it: Ooops. (axboe, #34042)
    • shmem-swap: Fix handling of swapout behaviour on machines with
      large amounts of unlocked shared memory (SAP), all controlled
      by vm_shmem_swap sysctl, defaulting to off (andrea, #33964):
      • Avoid excessive swapping (“objrmap”).
      • Save extra page table scan.
      • Avoid I/O performance to be destroyed by shmem swapout.
    • qla2xxx-enable-conf-modules: Build the _conf modules as well.
      (#34155, #34191).
    • scsi-queue-next-unconditionally: Call request_fn()
      unconditionally all needed checks are done there. The break was
      wrong and should have been continue (axboe, mpeschke, #33215).
    • scsi-restart-ops-unconditionally: Ditto. We don’t need the
      host lock any more then. (axboe, mpeschke, #33215).
    • disable excessive status messages in aacraid driver
    • scsi-noderef-freed-host: If the error handler thread died, we
      could have dereferenced host in a freed structure SCpnt
      structure. (axboe, #33783).
    • add patches.common/usb-serial-palm-sched_oops.patch
      fix BUG() in sched.c:910 (#31948)
    • add patches.common/jfs-on-block_flushpage
      do not call block_flushpage in __invalidate_metapages
      (#27332 – LTC3109)
    • fix race condition in qla1280 error handling code (#33847)
    • check size for memory allocations in r128 DRI driver (#33945)
    • fix possible crash in USB vicam driver (#34118)
    • don’t leak info in i386 fault handler (#34051)
    • add patches.ppc/suse-ppc64-kallsyms
      allow CONFIG_KALLSYMS even if KDB is off (#34052 – LTC5882)
      enable CONFIG_KALLSYMS=y in iseries64 .config
    • scsi-dma-sectors: The limitation of new_dma_sectors in scsi_dma
      was buggy and would overflow. Fix. (IBM, axboe, #33215)
    • acpi-t40-ec-osdl1038: ACPI on T40: Fix Embedded Controller
      detection as well. (#32222)
    • Fix compilation with gcc 3.4
    • Avoid overflowing size_buffers_type (andrea, FSC, see #33964).
    • Avoid a starvation situation in scsi midlayer (axboe, #33215).
    • Disable dpt_i2o driver on x86-64
    • Limit file names in ncpfs (#34100)
    • scsi-error-deadlock: fix locking in scsi_error.c to prevent
      possible deadlock. (#)
    • add patch for SiL 3114
    • Fix MTRR size computation on x86-64
    • Fix bugs in NUMA node discovery
    • max_scsi_luns was not effective when REPORT_LUNS was used. Fixed.
    • add patches.common/reiserfs-jl-refcount (prevent too early free
      of journal_list), should fix #32729 and may also fix bug #34026
    • add patches.common/scsi-type-TYPE_UNKNOWN
      Scsi_Device->type is being set to -1. (#34009 – LTC5783)
      It’s causing us to access the scsi_device_type array at -1.
    • add patches.ppc/ibm-ppc64-bcm5700-7.1.22
      use the latest broadcomm driver on powerpc, keep NAPI enabled
    • update patches.common/sd_many
      fix scsi module unload problem (#33282 – LTC5355)
    • scsi-scan-largelun: Add Pathlight/ADIC and Crossrds to blacklist.
    • Fix rpm3 performance problem.
    • Fix LDT limit on x86-64
    • add patches.ppc/ibm-ppc64-kdb-sdr1
      KDB superreg option doesnt print SDR1 register (#33854 – LTC5587)
    • Add dynamic-hz-ata-new for new libata on x86-64
    • Update libata to new version for x86-64
    • Enable libata drivers in x86-64
    • Add workaround for AMD K8 Errata #87
    • Make x86-64 IOMMU flushing more conservative
    • Fix ptrace 32bit hole for x86-64
    • fix NFS directio bug that causes data corruption when creating
      files larger than 4 GB
    • don’t abort if one single additional km_ package fails
    • remove km_dvb
    • s390: added missing epoll syscalls (#33668)
    • add missing check in mremap
    • add cross-ppc64-binutils cross-ppc64-gcc-core unconditionally
      to avoid autobuild magic (#33250 – LTC5419)
    • s390:fix ffs() to pick up the preinitialized result value(#33450)
    • provide preconfigured header files for ppc64 kernels
      now for real…
    • s390: fix bad ffs() return value, fixes fat and netfilter(#33450)
    • s390: fixes for ESS caching(5409) and ESS flashcopy(4676/#33446)
    • provide preconfigured header files for ppc64 kernels
      (#33250 – LTC5419)
    • s390:integrate IBM June 2003 code drops 2003-10-31 and 2003-11-28
    • nfsd-fhalias(for HA-NFS): avoid console spew from invaid IP 0.
    • add patches.ppc/ibm-ppc64-proc-copy_user
      audit pseries/iseries proc interface (#33345)
    • Disable dma engine test in tg3 driver on SN2 [#32928].
    • Update CPE/CMC polling code to avoid deadlock [#32885].
    • fix 32bit [f]truncate64 for x86-64
    • reenable x86_64-sci fix (#32893)
    • Fail build if one of the km_* modules fails.
    • Remove km_basilisk and km_vmware.
    • Set CONFIG_SUSE_KERNEL and CONFIG_UNITEDLINUX_KERNEL correctly
      in the pre-configured headers. By accident neither was defined
      there so far. (The k_* packages did fix that, though.)
    • #33097: patches.common/xattr-pointer-arith fixes a pointer
      arithmetic bug in the xattr code.
    • Remove patches.common/x86_64-sci.
    • Revert last change again by request of rf.
    • Revert smp boot cpuid/apic handling for non summit to
      before #32570,#32571, fixes #32926, verified on x440, but not
      yet on HP
    • Port i386 ACPI SCI fixes to x86-64 (#32893)
    • Set correct TSS limit on x86-64
    • Fix ACPI mem handling issue with T40. [#32222]
    • patches.common/sd_many: Fix reported SCSI disk size if between 1
      and 2TB (cosmetic). [#32358]
    • patches.common/ide-scsi-impl-abort: idescsi_abort(): Fix locking
      [#32855]
    • Fix ia32 stat emulation [#32824].
    • corrected hangcheck according to mail from Joel Becker
  • laus
    • added patch laus-0.1_ia64-headerupdate-247.diff to update
      audit.h and resolve inconsistency between kernel and user-space
    • replaced laus-0.1_message-realign.diff with
      laus-0.1_message-realign-b.diff because the original patch
      copy too less data which results in broken output
    • fixed some patches introduced before (Bug #44047)
      • semtimedop() syscall number changed from 2.4 to 2.6
      • make the defines in the source not in the ia64 header
        to avoid problem with old glibc headers and compiling
        the code manually
    • added more patches from Klaus Weidner to support clone2
      and the xattr syscall family on IA64 (Bug #44047)
    • added patch for alignment problem on ia64
    • added fix for build problem on ia64
    • added fix from Klaus Weidner to correct ip:port output format
      (#42606)
    • added fix from Klaus Weidner to support missing system call
      semtimedop() neeed for EAL3 (#42606)
    • removed licence disclaimer in laus.h that prevents distributing
      (#42606)
    • fixed inconsistency in audit init-file (#32777)
    • man-pages didnt get installed due to not listing them in
      Makefile.am
  • less
    • removed potential tmp file race [#39272]
  • lha
    • Added patch for obscure buffer overflow (#40975).
    • Fixed buffer overflows for long filenames (CAN-2004-0234).
    • Added directory traversal protection (CAN-2004-0235) (#39178).
  • libpng-devel
    • replaced security patches with the official ones [#43008]
    • fixed several buffer overflows [#43008]
    • added missing part of pngtran overflow patch [#42043]
    • fixed possible buffer overflow
  • libtiff
    • fixed directory entry count overflow (CAN-2004-1183) [#49469]
    • fixed overflow in tiffdump
    • Do not crash if we are using unsupported codecs (like OJPEG).
    • do not call TIFFTileSize with uninitialized values [#44635]
    • prevent division by zero
    • fixed much more buffer overflows (the older
      tiff-alt-bound-CheckMalloc.patch
      is included in the new libtiff-3.5.7-alt-bound.patch now) [#44635]
    • fixed more buffer overflows [#44635]
    • fixed multiple buffer overflows
    • CAN-2004-0803 [#44635]
    • disabled old jpeg support because of security problems [#45116]
  • libusb
    • Backport get_usb_busses interface [Bug #50691]
  • libxml
    • added patch to fix buffer overflows in FTP and HTTP URL handling
      as well as in DNS code. (bug #49362)
  • libxml2
    • Fix several buffer overflows that can occur while processing
      FTP and HTTP URLs as well as in DNS name handling code. These
      bugs can be exploited remotely to execute arbitrary code. Patch
      provided by Thomas Biege [# 47670].
    • Fix buffer overflows discovered in the FTP and HTTP URL parsing
      code (backported from CVS head by Thomas Biege). [# 34572]
    • Apply libxml2-htmlparser.diff to fix buffer overflow in
      HTMLparser.c; this prevents yelp from working.
      Patch provided by Shane O’Connor [# 32831].
  • liby2util
    • don’t use system() for calling gpg (#42776).
    • 2.6.23
    • Fixed bug that inhibits logging on big-endian architectures.
      [#28136]
    • 2.6.22
  • linux-iscsi
    • Update to linux-iscsi-3.6.2
  • lvm
    • add accidientially omitted hunk to EMC powerpath patch
    • add support for EMC powerpath (#34836)
    • Update to v6c (Codedrop from IBM Developerworks / #31758).
    • fix bug in script pvpathsave when running on readonly fs
    • fix bug in start script regarding calls to pvpath{save,restore}
    • make it possible to use GPT partitions as PVs
  • mailman
    • added mailman-2.0-dirtraversal.patch [bug #50563, CAN-2005-0202]
    • fix for Python bug [bug #39200]
    • fix for DoS bug to be described in CAN-2003-0991
    • added postinstall code to correctly set /etc/mailman.mail-group
      (group for mail script aliases) [bug #27369]
  • mc
    • Fix the handling of symlinks inside tarballs which would lead
      to a segfault with suitably constructed tarballs.
  • mod_dav
  • mod_php4
    • fix vulnerabilities in unserializer (bug #48635)
    • fix broken int unserializing on 64-bit (bug #49617)
    • fixed several vulnerabilities (bug #48635, patch secfix1)
    • fixed php.ini settings “leak” from vhosts/.htaccess files
      (bug #48431, patch secfix2)
    • security fix for array parsing (bug #45710, patch array)
    • fix memory limit problem, a problem with strip_tags and
      several stability issues (bug #42949);
      Patches: everything_except_mm, memory_limit_in_execution,
      sfix
    • session variables where not read due to wrong type usage;
      bug #33699, patch sessread
    • print() did not yeald any output on s390x when a session
      had been started due to wrong type usage; fix in patch
      sessid
  • mod_python
    • update to 2.7.10, which fixes a vulnerability whereby a
      specific query string processed by mod_python would cause
      the httpd process to crash. [#34115]
  • mod_ssl
    • security fixes from 1.3.31 [#40611]:
      • CAN-2004-0174 (cve.mitre.org)Fix starvation issue on listening sockets where a
        short-lived connection on a rarely-accessed listening
        socket will cause a child to hold the accept mutex and
        block out new connections until another connection
        arrives on that rarely-accessed listening socket.
        Enabled for some platforms known to have the issue
        (accept() blocking after select() returns readable).
        Define NONBLOCK_WHEN_MULTI_LISTEN if needed for the
        platform and not already defined.
      • CAN-2003-0987 (cve.mitre.org)
        Verification as to whether the nonce returned in the
        client response is one we issued ourselves by means of a
        AuthDigestRealmSeed secret exposed as an md5(). See
        mod_digest documentation for more details.
        The experimental mod_auth_digest.c does not have this
        issue.
      • CAN-2003-0020 (cve.mitre.org)
        Escape arbitrary data before writing into the
        errorlog. Unescaped errorlogs are still possible using
        the compile time switch
        “-DAP_UNSAFE_ERROR_LOG_UNESCAPED”.
      • security fix for mod_ssl: fix buffer overflow in
        ssl_util_uuencode() [#40791]
      • security fix (CAN-2003-0993): Allow and Deny rules with
        IP addresses (e.g. 192.168.1.1) where parsed incorrectly
        on 64-bit platforms with big endianness. It only affected
        IP addresses with no netmask definition. [#35450]
        http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23850
        apply the patch only on s390x.
      • security fix (CAN-2003-0542): fix buffer overflows in
        mod_alias and mod_rewrite that are possible when using a
        regular expression with more than 9 captures [#32756]
      • remove 0host entries for pidfile and logfiles, which
        alarmed our patchrpm breakage tests
  • Mozilla
    • fixed news:// URL handling code (#49571, bmo #264388)
    • XPCNativeWrapper is needed for #249332 (bmo #270729)
    • more security related bugfixes (#47658)
    • fixed trigger logic (#48701)
    • some security related bugfixes (#45640)
    • endianess bugfix for x86-64 (#34743)
    • several fixes including (backported from 1.4.3):
      CAN-2004-0597
      CAN-2004-0718
      CAN-2004-0722 (#43569)
      CAN-2004-0757
      CAN-2004-0758
      CAN-2004-0759
      CAN-2004-0760
      CAN-2004-0761
      CAN-2004-0762
      CAN-2004-0763 (#43312)
      CAN-2004-0764
      CAN-2004-0765
    • update to 1.4.2 (20040220)
      • NSS update for S/MIME related crash (SUSE #33771)
        (Mozilla #229242)
      • patch for fontEncoding.properties included
    • added build-fix for s390x (#32963)
    • fixed installation of fontEncoding.properties (#34321)
      (thanks to Jungshik Shin)
    • update to 1.4.x (20031215)
    • added mozplugger to add-plugins.sh
    • added patch to expunge IMAP folders if “remove immediately”
      delete model is used
    • update enigmail to 0.76.7
    • added mozplugger (part of bug #31616).
    • adopted RealPlayer inclusion for new path (#30990)
    • make mozilla open URLs not files
    • build with XFT support on SLEC
    • use kprinter as default print command on SLEC (#31734)
    • added compat symlinks for GNOME settings (#32326)
  • mysql
    • fix for several vulnerabilities (bug #47135):
    • ALTER TABLE … RENAME checked CREATE/INSERT
      rights of the old table instead of the new one (patch alter)
    • a buffer overrun in the mysql_real_connect function (patch dns)
    • multiple threads ALTERing the same (or different) MERGE tables
      to change the UNION could cause the server to crash or stall
      (path merge)
    • Privilege Escalation on GRANT ALL ON Foo\\\_Bar (patch grant)
    • scripts mysqld_multi and mysqlbug allow local users
      to overwrite arbitrary files via a symlink attack (patch symlink)
    • made mysqlhotcopy working again as it was broken by
      the upstream patch for a security problem (bug #46994, patch
      hotcopy)
    • applied patch for a security hole in mysqlhotcopy (bug #43829)
  • ncpfs
    • correct logic in CAN-2005-0014 patch
    • add file permisions check for ~/.nwclient (##49677 –
      CAN-2005-0013)
    • add fix for possible buffer overflow in ncplogin (#49677 –
      CAN-2005-0014)
    • add ncpfs-2.2.4-NWDSCreateContextHandleMnt.patch
      buffer overflow in ncplogin and ncpmap – CAN-2004-1079 (#48702)
  • nessus
    • fix race condition caused by unset $TMPDIR (#43771)
    • don’t send email on update to root on UnitedLinux [Bug #26460]
  • nss_ldap
    • nss_ldap-199.ldapgrp.diff: Fixes handling of users which
      are member of more than 64 groups (Bugzilla: #49472)
  • openldap2
    • is_entry_objectclass.dif: Entries with objectclass:
      extenisbleObject were missing from search results of the
      first query (Bugzilla: #34463)
    • backglue-slaptool.dif: slapcat was segfaulting if a
      back-ldap database was configured as a subordinate of a
      back-ldbm database (Bugzilla: #33625)
    • backglue-onelevel.dif: One-level search operations on
      subordinate databases where failing with an “unwilling to
      perform” error. (Bugzilla: #36203)
    • ucs_memleak.dif: Memory leak in liblunicode (Bugzilla:
      #33648)
    • rcldap-checktls.dif: Removes over-restrictive check for SSL
      configuration from the init-script. (Bugzilla: #33560)
    • schema_check.dif: Disallow the removal of the RDN-Attribute from
      entries (Bugzilla: #27538)
    • avl_ptrcmp.dif: Fixes the maintenance routines for attribute
      indexes, index definitions could have been ignored by slapd
      (Bugzilla: #28145)
    • ldbm.dif: fixes possible index corruption in back_ldbm which
      could lead to wrong search results (Bugzilla: 27152)
    • bdb_passwd.dif: fixes a small memory leak in password extended
      operation code of back-bdb (Bugzilla: 26817)
  • openmotif
    • Fixed XPM security problems #43420.
    • Fix XmResizeHashTable [#44499].
  • openssh
    • fixed previous fix of security bug in scp [#35443]
      (CAN-2004-0175) (was too restrictive)
    • fixed security bug in scp [#35443] (CAN-2004-0175)
    • changed sshd.8 and sshd_config.5 (EAL3)
  • openssl
    • add security fix for CAN-2004-0079 (possible null-pointer
      assignment during SSL/TLS handshake)
    • removed a part of the openssl-timing-attacks.patch which
      addresses the timing attack on RSA keys problem
      see
      http://www.openssl.org/news/secadv_20030317.txt
      .
      The patch to rsa_lib.c was not thread safe.
  • permissions
    • changed permission of /var/lock/subsys to 755
    • changed permissions of /var/lock [Bug #37759]
    • Remove /var/run from list [Bug #28289]
  • postgresql-devel
    • New Patch release: 7.2.7. Fixes a security issue with LOAD and
      some other bugs (#50191). See HISTORY for details.
    • New patch release: 7.2.6. Fixes several security and data
      corrupton bugs (#47619). See HISTORY for details.
    • Added postgresql-7.2.2-7.2.6.patch.bz2 for completeness and
      removed all patches that became obsolete by the version update.
    • Adapted a patch from Debian to fix a buffer overflow in ODBC
      driver (src/interfaces/odbc/): added parameter for target buffer
      size to make_string() to prevent buffer overflows and corrected
      all calls to it (http://bugs.debian.org/247306, SuSE Bugzilla
      #40714).
      With previous versions it was possible to crash (and possibly
      exploit) e. g. apache if a PHP script connected to a ODBC
      database with very long credential strings (DSN, username,
      password, etc.).
    • Backported a buffer overflow fix from version 7.3.4.
      (Bug #29483)
    • Use test-and-set locks for x86_64 instead of slow semaphores.
      (postgresql-x86_64.patch, Bug #27308)
    • Applied the bug and security fixes, that went into version 7.2.3,
      and 7.2.4. (Bug #25784, postgresql-7.2.4.patch).
    • Backported the ppc and ppc64 test-and-set inline assembler code
      from the 7.3.1 packages (postgresql-ppc.patch).
      Disabled obsolete postgresql-ppc-largemem.patch, and
      postgresql-ppc64.patch.
    • Added postgresql-ppc-largemem.patch to fix hangs when building
      on certain types of PPC machines with huge memory.
  • pure-ftpd
    • Apply fix to remove possible DoS attacks [#42821]
  • python
    • fix vulnerability in SimpleXMLRPCServer (bug #50321,
      CAN-2005-0089)
  • qt3
    • jpeg support got broken by last patch, fixed again
    • fixes for handling of broken images (#43356)
  • rpm
    • speed up rpmdbAdd/Remove if a package contains lots of
      equal basenames (e.g. module.h or index.html)
  • rrdtool
    • added libpng-1.0.9.diff fixing security holes in
      libpng (bug #43008)
  • rsh
  • rsync
    • prevent failure on startup:
      IPV6_V6ONLY might be undefined or unsupported
    • update to 2.6.2 / ported patches (#39672)
    • fixes a problem with non-chroot modules
    • add -4 and -6 options to manpage (#36144)
    • update to version 2.6.0
    • update to real 2.5.7
    • fix heap overflow (#33478)
    • Fix quoting in configure script.
    • added make test
    • use defattr
    • update to 2.5.6
    • can combine ssh and daemon access
    • supports URL like syntax rsync://
    • IPv6 support in hosts.allow/deny
    • recursive hang fixed upstream
  • ruby
    • added fixes for lib/cgi.rb, lib/cgi-lib.rb, lib/cgi/session.rb
      from ruby-1.6.snap, fixes: #47886 (CAN-2004-0983)
  • samba
    • Fix order of evaluation in the bitmap code; Samba.org svn
      revision 4120; [#49804].
    • Fix remote exploitation of an integer overflow vulnerability in
      the smbd daemon; patch made by Thomas Biege thomas@suse.de; CAN-2004-1154; [#49119].
    • Always stop winbind if the init script is called with stop,
      [#47108].
    • Fixed potential file access outside of defined shares. [#46352],
      CAN-2004-0815
    • Fix smbd crash in case of not send find_first by a Microsoft
      Windows XP with installed Service Pack 2, [#43737];
      bugzilla.Samba.org [#1520].
    • Fix reopen_logs() in case of used macros for the filename,
      [#43773]; LTC [#10274].
    • Fix smbd crash if vscan is used, [#43853].
    • Fix MS DFS for Microsoft Windows XP and 2k3 clients, [#44101].
    • Fix buffer overrun in ‘mangling method = hash’, [#43061].
      CAN-2004-0686.
    • Fix schannel patch which made machine account password changes
      for Microsoft Windows XP and 2000 domain members impossible
      [#40087].
    • Add package release to VERSION in include/version.h.
    • Fix error packets return code to allow clients the reuse of a
      former assigned virtual uid [#42022].
    • Use /var/log/samba/ as a secure directory for all smb-print
      scripts [#36676].
    • Fix password change broken by Microsoft hotfix MS04-011 [#40087].
    • Remove bogus nettime code.
    • Enhance waiting for cupsd function in the smb init script
      • only check with lpstat every two seconds
      • remember start time in seconds and calculate the waiting
        time in relation to this; this is important if a
        configured CUPS server is unreachable. In this case we
        now really wait only 30 seconds and not 30 times of the
        lpstat timeout.
      • Thanks to Bjoern Jacke bjoern@j3e.de for the
        patch.
    • Fix path to smb-print.log [#36676].
    • Fix for timestamp problem on 64 bit architectures [#34464].
    • Fix unnecessary mount requests if ‘add user script’ isn’t used
      [#33194].
  • screen
    • fix ansi NumArgs overflow [#33379]
  • sharutils
    • fix -o option handling (#39122)
  • sitecopy
    • add sitecopy-neon-CAN-2004-0179.diff (#41711)
    • add sitecopy-neon-CAN-2004-0398.patch (#41711)
    • add sitecopy-neon-0.23.7.diff (#41833)
  • squid
    • fix for remote DoS in snmp module CAN-2004-0918 (bugzilla#47198)
    • fixed wrong ownership of /usr/sbin/squid_ldapauth (reported by
      mc)
  • tftp
    • Fix security hole with possibly overflowing bcopy [#47676]
  • ttf-hanyi
    • The package ttf-hanyi was included in UnitedLinux 1.0 only for
      testing purposes. Novell has now bought a proper license for this
      font. This change removes the license and adds the new one.
  • unarj
    • inform about our fixes in the printed notice (#48553)
    • add subdirectory creation for the x command.
    • fix wrong time handling when daylight saving time.
    • fix date handling for year 2000 (it is leap year).
    • fix buffer overflow and tree traversal (#47184)
  • utempter
    • Fix incorrect check for /../ in path names (#39169)
    • added man-page utempter.8 (EAL3)
  • xchat
    • Fix SOCKS5 buffer overflow [#39184]
  • xf86
    • reverted broken security fix for Xsession script (see also
      comment #16 of Bug#34253)
    • xfree86_4.1.0_glx_dri_integer_overflow.diff:
      The GLX and DRI code of the Xserver did not verify the “screen”
      parameter in several functions. This failure leads to a
      denial-of-service condition and probably to arbitrary code
      execution as root. (CAN-2004-0093, CAN-2004-0094) (Bug #35206)
    • fixed tmp races in postinstall scripts and Xsession script
      (Bug #34253)
    • fixed more buffer overflows in fontfile/ direc (#34296)
    • put together old and new bugs in
      fontfile-sec_bufferoverflows.diff
    • dirfile.diff:
      at the same location just a few lines below the same problem
    • dirfile.diff:
      A buffer overflow in the X server can be triggered by using a
      malformed fonts.alias file. This bug can be used to gain local
      root privilege (Bug #34296).
    • p_pam_setcred.diff:
      Due to inproper checking of failure-conditions of pam_setcred()
      in XDM while using pam_krb5 a user with valid login credentials
      (Kerberos) may get root access to the system. (Bug #33788)
    • Disable sis.o module in km_drm (it has unresolved symbols),
      and remove a bad hack in Makefile.module. THis was discussed
      with sndirsch@suse.de and mantel@suse.de.
    • p_LTC3984.diff:
      * fixed double who entries for xterm (Bug #29126)
    • fixed build on sles8*s390*
    • This should fix bug #26187
      • Make sux work even if no network available (bug #25315)
      • Workaround in sux due broken gnome session managment (bug
        #24052)
    • p_ia64_cirrus.diff:
      * workaround in cirrus driver for IA64 compiler bug (Bug #22735)
    • p_ia64_nv.diff:
      * fixes nv driver crash on HP zx6000 (Bug #21988)
    • p_xlclocale.diff:
      * A buffer overflow vulnerability was fixed
    • p_fixes.diff:
      * removed bogus brackets behind #undef
    • p_x86-64_lp64.diff:
      * fixed build for new gcc (defines now LP64)
    • Fix 64bit bug in VESA driver [#22416].
    • p_x86_64-2.diff:
      • Mesa: turning on IEEE support for x86-64. This gives some
        performance boost in 3D apps
      • X11.tmpl: fixing further warning message of
        C-preprocessor during imake
      • radeon driver: fixing problem with division by 0 error in
        case dotclock is out of the possible clock ranges of the
        pll clocks.
    • readded lost patch ‘p_x86_64.diff’:
      * merging section allocation for x86_64, using mmap() for
      allocation
    • p_loader.diff: fixed another loader problem on x86_64
    • p_xf86-4.2-2-pci_domain.diff:
      * fixes pci scanning on p650, p640 and others.
  • xinetd
    • updated to version 2.3.11 (fixed a lot of security bugs)
      [#27081]
    • removed obsoleted flag RECORD from xinetd.conf on line
      log_on_failure
    • fixed bug in parsing config file [#22876]
    • removed obsoleted reuse option from rcxinetd script
    • added new fix from CVS (check_from_solar_designer,
      close_listening_descriptor and used_valgrind_to_fix)
  • xloader
    • reverted broken security fix for Xsession script (see also
      comment #16 of Bug#34253)
    • xfree86_4.1.0_glx_dri_integer_overflow.diff:
      * The GLX and DRI code of the Xserver did not verify the “screen”
      parameter in several functions. This failure leads to a
      denial-of-service condition and probably to arbitrary code
      execution as root. (CAN-2004-0093, CAN-2004-0094) (Bug #35206)
    • fixed tmp races in postinstall scripts and Xsession script
      (Bug #34253)
    • fixed more buffer overflows in fontfile/ direc (#34296)
    • put together old and new bugs in
      fontfile-sec_bufferoverflows
    • dirfile.diff:* at the same location just a few lines below the same problem
    • dirfile.diff:
      * A buffer overflow in the X server can be triggered by using a
      malformed fonts.alias file. This bug can be used to gain local
      root privilege (Bug #34296).
    • p_pam_setcred.diff:
      * Due to inproper checking of failure-conditions of pam_setcred()
      in XDM while using pam_krb5 a user with valid login credentials
      (Kerberos) may get root access to the system. (Bug #33788)
    • Disable sis.o module in km_drm (it has unresolved symbols),
      and remove a bad hack in Makefile.module. THis was discussed
      with sndirsch@suse.de and mantel@suse.de.
    • p_LTC3984.diff:
      * fixed double who entries for xterm (Bug #29126)
    • fixed build on sles8*s390*
    • This should fix bug #26187
      * Make sux work even if no network available (bug #25315)
      * Workaround in sux due broken gnome session managment (bug #24052)
    • p_ia64_cirrus.diff:
      * workaround in cirrus driver for IA64 compiler bug (Bug #22735)
    • p_ia64_nv.diff:
      * fixes nv driver crash on HP zx6000 (Bug #21988)
    • p_xlclocale.diff:
      * A buffer overflow vulnerability was fixed
    • p_fixes.diff:
      * removed bogus brackets behind #undef
    • p_x86-64_lp64.diff:
      * fixed build for new gcc (defines now LP64)
    • Fix 64bit bug in VESA driver [#22416].
    • p_x86_64-2.diff:
      • Mesa: turning on IEEE support for x86-64. This gives some
        performance boost in 3D apps
      • X11.tmpl: fixing further warning message of
        C-preprocessor during imake
      • radeon driver: fixing problem with division by 0 error in
        case dotclock is out of the possible clock ranges of the
        pll clocks.
    • readded lost patch ‘p_x86_64.diff’:
      * merging section allocation for x86_64, using mmap() for
      allocation
    • p_loader.diff: fixed another loader problem on x86_64
    • p_xf86-4.2-2-pci_domain.diff:
      * fixes pci scanning on p650, p640 and others.
  • xshared
    • xpm-fix-for-682.diff (X.Org Bug #1920, Comment #18)
      • removes restrictive checks about filename/path (Bug
        #48768)
      • more fixes (X.Org Bug #1920/1924)
      • obsoletes xpm-sec5.diff, xpm-secfix-imakefile-thomas.diff,
        xpm-secfix-thomas
    • improved xpm-secfix-thomas.diff (Bug #43240)
    • p_max-pci-devices.diff:
      * change PCI devices limit (Bug #43679)
    • p_trans_open_max
      * change TRANS_OPEN_MAX limit (Bug #47111)
    • xpm-sec5.diff, xpm-secfix-thomas.diff,
      xpm-secfix-imakefile-thomas.diff:
      * fixed more known xpm security problems (Bug #43240)
    • p_xpm-sec.diff:
      * fixed known xpm security problems (CAN-2004-0687,CAN-2004-0688,
      Bug #43240)
    • finally fixed tmp race in Xsession script (Bug #34253)
    • reverted broken security fix for Xsession script (see also
      comment #16 of Bug#34253)
    • xfree86_4.1.0_glx_dri_integer_overflow.diff:
      * The GLX and DRI code of the Xserver did not verify the “screen”
      parameter in several functions. This failure leads to a
      denial-of-service condition and probably to arbitrary code
      execution as root. (CAN-2004-0093, CAN-2004-0094) (Bug #35206)
    • fixed tmp races in postinstall scripts and Xsession script
      (Bug #34253)
    • fixed more buffer overflows in fontfile/ direc (#34296)
    • put together old and new bugs in fontfile-sec_bufferoverflows
    • dirfile.diff:
      * at the same location just a few lines below the same problem
    • dirfile.diff:
      * A buffer overflow in the X server can be triggered by using a
      malformed fonts.alias file. This bug can be used to gain local
      root privilege (Bug #34296).
    • p_pam_setcred.diff:
      * Due to inproper checking of failure-conditions of pam_setcred()
      in XDM while using pam_krb5 a user with valid login credentials
      (Kerberos) may get root access to the system. (Bug #33788)
    • Disable sis.o module in km_drm (it has unresolved symbols),
      and remove a bad hack in Makefile.module. THis was discussed
      with sndirsch@suse.de and mantel@suse.de.
    • p_LTC3984.diff:
      * fixed double who entries for xterm (Bug #29126)
    • fixed build on sles8*s390*
    • This should fix bug #26187
      • Make sux work even if no network available (bug #25315)
      • Workaround in sux due broken gnome session managment (bug
        #24052)
  • yast2
    • #42979: Module option during installation not copied into
      installed system
    • #33929: Save As Dialogue may inadvertedly overwrite existing
      files
    • added cfg_displaymanager.scr
    • fixed package requirements for product slec
  • yast2-x11
    • removed cfg_displaymanager.scr (moved to yast2 package)
  • zebra
    • fixed security bug [#33993] (CAN-2003-0858): local users
      could send malicious netlink messages that cause DoS condition
    • fixed DoS condition, which exists in zebra when layer 3 access
      is possible to the telnet management port
      2601/tcp. (CAN-2003-0795) [#32656]
  • zip
    • reworked zip-longpath.patch, missing free’s after malloc
    • added zip-longpath.patch (Bugzilla #47932)

2.2 Security fixes
Service Pack 4 contains all security fixes released via the maintenance Web
since the release of Service Pack 3.
3. Detailed ChangeLog
The file “ChangeLog” in the toplevel of CD1 contains a summary of all the
changes that were made for these updated packages. This gives you a good
highlevel view of the changes and should be sufficient in most cases.
You can of course always get the very detailed technical information about any
package changes from the RPMs themselves by doing
<br></br>rpm --changelog -qp <FILENAME>.rpm<br></br>
where <FILENAME>.rpm is the name of the rpm.
4. Known Bugs

  • Service Pack 3 is not installable with the install scripts if
    you start the installation with Service Pack 4 If you boot with Service Pack 4 to start the installation, the
    install.sh/install_update_rpms.sh scripts of Service Pack 3 will
    abort with an error. Copy the install_sp3_rpms.sh script from
    Service Pack 4 CD1 and use that to install Service Pack 3.

    There are no problems if you install the Service Packs with YOU,
    which is the preferred method.

  • SPident reports inconsistent Service pack levelSPident is a tool to identify the Service Pack level of the
    current installation. SPident may report that the system has not reached the level
    of Service Pack 4. This happens, when so-called “optional” updates,
    which will not be automatically installed by YOU, are not manually
    selected during update. To fully reach the level of Service Pack 4
    you have to manually select these packages in YOU.
  • The new k_debug kernel did not fit on CD1 anymore. If you are using
    the k_debug kernel or wish to install this kernel, you need to install
    the RPM from the second CD: <br></br>rpm -Fvh /media/cdrom/UnitedLinux/i586/k_debug-2.4.21-278.i586.rpm<br></br>
  • The aacraid, e1000-new and bcm5700-new drivers will not be loaded
    automatically for new hardware. In this case you have to enter
    “insmod=<DRIVER>” at the boot prompt for installation.

5. MD5SUMs

  • CD1: 0a8593c25861f4fffd0d6fbcf3b1a9fd
  • CD2: 682e8e4dfdb0b7a37f5eef1eba2c3294
links to download packages
   
- SUSE Linux Enterprise Server 8 for x86 (i386) (most recent package)