Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.2690
Security update for the Linux Kernel
11 May 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Linux Kernel
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2023-30772 CVE-2023-2483 CVE-2023-2162
CVE-2023-2124 CVE-2023-1998 CVE-2023-1990
CVE-2023-1989 CVE-2023-1855 CVE-2023-1670
CVE-2023-1611 CVE-2022-43945 CVE-2020-36691
Original Bulletin:
https://www.suse.com/support/update/announcement/2023/suse-su-20232162-1
Comment: CVSS (Max): 8.8 CVE-2022-43945 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: SUSE
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
Security update for the Linux Kernel
Announcement ID: SUSE-SU-2023:2162-1
Rating: important
o #1142685
o #1142926
o #1174777
o #1190544
o #1202353
o #1205128
o #1207088
o #1209342
o #1209687
o #1209777
o #1209871
o #1209887
o #1209969
o #1209999
References: o #1210202
o #1210301
o #1210329
o #1210336
o #1210337
o #1210430
o #1210460
o #1210466
o #1210469
o #1210498
o #1210506
o #1210534
o #1210647
o #1210827
o #1211037
o CVE-2020-36691
o CVE-2022-43945
o CVE-2023-1611
o CVE-2023-1670
o CVE-2023-1855
o CVE-2023-1989
Cross-References: o CVE-2023-1990
o CVE-2023-1998
o CVE-2023-2124
o CVE-2023-2162
o CVE-2023-2483
o CVE-2023-30772
o CVE-2020-36691 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N
/S:U/C:N/I:N/A:H
o CVE-2020-36691 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:N/I:N/A:H
o CVE-2022-43945 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N
/S:U/C:H/I:H/A:H
o CVE-2022-43945 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/
S:U/C:N/I:N/A:H
o CVE-2023-1611 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:N/I:N/A:H
o CVE-2023-1611 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:H/I:N/A:H
o CVE-2023-1670 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/
S:U/C:N/I:N/A:H
o CVE-2023-1670 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-1855 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-1855 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:H/I:N/A:H
o CVE-2023-1989 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:H/I:H/A:H
CVSS scores: o CVE-2023-1989 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-1990 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-1990 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:N/I:N/A:H
o CVE-2023-1998 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:C/C:H/I:N/A:N
o CVE-2023-1998 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:C/C:H/I:N/A:N
o CVE-2023-2124 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-2162 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-2162 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
S:U/C:H/I:N/A:N
o CVE-2023-2483 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/
S:U/C:H/I:H/A:H
o CVE-2023-30772 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N
/S:U/C:H/I:H/A:H
o CVE-2023-30772 ( NVD ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/
S:U/C:H/I:H/A:H
Affected o SUSE Linux Enterprise High Performance Computing 12 SP5
Products: o SUSE Linux Enterprise Server 12 SP5
o SUSE Linux Enterprise Server for SAP Applications 12 SP5
An update that solves 12 vulnerabilities and has 17 fixes can now be installed.
Description:
The SUSE Linux Enterprise 12 SP5 AZURE kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
o CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a
race condition (bsc#1211037).
o CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that could
have lead to denial-of-service or potentially privilege escalation (bsc#
1210498).
o CVE-2023-1670: Fixed a use after free in the Xircom 16-bit PCMCIA Ethernet
driver. A local user could use this flaw to crash the system or potentially
escalate their privileges on the system (bsc#1209871).
o CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create
(bsc#1210647).
o CVE-2023-1998: Fixed a use after free during login when accessing the shost
ipaddress (bsc#1210506).
o CVE-2023-30772: Fixed a race condition and resultant use-after-free in
da9150_charger_remove (bsc#1210329).
o CVE-2023-1855: Fixed a use after free in xgene_hwmon_remove (bsc#1210202).
o CVE-2023-1989: Fixed a use after free in btsdio_remove (bsc#1210336).
o CVE-2023-1990: Fixed a use after free in ndlc_remove (bsc#1210337).
o CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#
1205128).
o CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#
1209687).
o CVE-2020-36691: Fixed a denial of service vulnerability via a nested
Netlink policy with a back reference (bsc#1209777).
The following non-security bugs were fixed:
o USB: dwc3: fix runtime pm imbalance on probe errors (git-fixes).
o USB: dwc3: fix runtime pm imbalance on unbind (git-fixes).
o ath10k: Fix error handling in case of CE pipe init failure (git-fixes).
o ath10k: Fix missing frame timestamp for beacon/probe-resp (git-fixes).
o ath10k: Fix the parsing error in service available event (git-fixes).
o ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).
o ath10k: fix control-message timeout (git-fixes).
o ath10k: fix division by zero in send path (git-fixes).
o ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern
(git-fixes).
o audit: improve audit queue handling when "audit=1" on cmdline (bsc#
1209969).
o bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B
(git-fixes).
o cachefiles: Drop superfluous readpages aops NULL check (bsc#1210430).
o cachefiles: Fix page leak in cachefiles_read_backing_file while vmscan is
active (bsc#1210430).
o cachefiles: Fix race between read_waiter and read_copier involving op->
to_do (bsc#1210430).
o cachefiles: Handle readpage error correctly (bsc#1210430).
o cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach()
(bsc#1210827).
o cifs: fix negotiate context parsing (bsc#1210301).
o cifs: fix open leaks in open_cached_dir() (bsc#1209342).
o cred: allow get_cred() and put_cred() to be given NULL (bsc#1209887).
o crypto: x86/ghash - fix unaligned access in ghash_setkey() (git-fixes).
o drivers: net: lmc: fix case value for target abort error (git-fixes).
o fscache, cachefiles: remove redundant variable 'cache' (bsc#1210430).
o ftrace: Mark get_lock_parent_ip() __always_inline (git-fixes).
o intel_pmc_ipc: restore ability to call functions with irq enabled
(git-fixes).
o ipmi: fix SSIF not responding under certain cond (git-fixes).
o iwlwifi: Fix -EIO error code that is never returned (git-fixes).
o iwlwifi: fw: make pos static in iwl_sar_get_ewrd_table() loop (git-fixes).
o iwlwifi: pcie: fix locking when "HW not ready" (git-fixes).
o iwlwifi: pcie: gen2: fix locking when "HW not ready" (git-fixes).
o iwlwifi: pcie: reschedule in long-running memory reads (git-fixes).
o kabi/severities: ignore KABI for NVMe, except nvme-fc (bsc#1174777).
o kcm: Only allow TCP sockets to be attached to a KCM mux (git-fixes).
o keys: Change keyring_serialise_link_sem to a mutex (bsc#1207088).
o keys: Fix linking a duplicate key to a keyring's assoc_array (bsc#1207088).
o keys: Hoist locking out of __key_link_begin() (bsc#1207088).
o kretprobe: Prevent triggering kretprobe from within kprobe_flush_task
(git-fixes).
o l2tp: clean up stale tunnel or session in pppol2tp_connect's error path
(git-fixes).
o l2tp: fix pseudo-wire type for sessions created by pppol2tp_connect()
(git-fixes).
o l2tp: reject creation of non-PPP sessions on L2TPv2 tunnels (git-fixes).
o net/ncsi: Do not return error on normal response (git-fixes).
o net: axienet: Fix double deregister of mdio (git-fixes).
o net: core: dst: Add kernel-doc for 'net' parameter (git-fixes).
o net: core: dst_cache_set_ip6: Rename 'addr' parameter to 'saddr' for
consistency (git-fixes).
o net: phy: realtek: Use the dummy stubs for MMD register access for rtl8211b
(git-fixes).
o net: prevent ISA drivers from building on PPC32 (git-fixes).
o net: usb: qmi_wwan: add Telit 0x1080 composition (git-fixes).
o netfilter: nft_set_rbtree: fix parameter of __nft_rbtree_lookup()
(git-fixes).
o netfilter: x_tables: Add note about how to free percpu counters
(git-fixes).
o ntp: Limit TAI-UTC offset (git-fixes)
o nvme-pci: do not WARN_ON in nvme_reset_work if ctrl.state is not RESETTING
(git-fixes).
o nvme-pci: fix doorbell buffer value endianness (git-fixes).
o nvme: retain split access workaround for capability reads (git-fixes).
o platform/x86: intel_pmc_ipc: Use devm_* calls in driver probe function
(git-fixes).
o platform/x86: intel_pmc_ipc: Use spin_lock to protect GCR updates
(git-fixes).
o powercap: fix possible name leak in powercap_register_zone() (git-fixes).
o powerpc/numa: Consider the max NUMA node for migratable LPAR (bsc#1209999
ltc#202140 bsc#1190544 ltc#194520 bsc#1142685 ltc#179509 git-fixes).
o powerpc/numa: Detect support for coregroup (bsc#1209999 ltc#202140 bsc#
1142685 ltc#179509 git-fixes).
o powerpc/numa: Limit possible nodes to within num_possible_nodes (bsc#
1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
o powerpc/numa: Restrict possible nodes based on platform (bsc#1209999 ltc#
202140 bsc#1142685 ltc#179509 git-fixes).
o powerpc/papr_scm: Update the NUMA distance table for the target node (bsc#
1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
o powerpc/pseries: Consolidate different NUMA distance update code paths (bsc
#1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
o powerpc/pseries: Rename TYPE1_AFFINITY to FORM1_AFFINITY (bsc#1209999 ltc#
202140 bsc#1142685 ltc#179509 git-fixes).
o powerpc/pseries: rename min_common_depth to primary_domain_index (bsc#
1209999 ltc#202140 bsc#1142685 ltc#179509 git-fixes).
o printk: Give error on attempt to set log buffer length to over 2G (bsc#
1210534).
o ring-buffer: Fix race while reader and writer are on the same page
(git-fixes).
o rpm/kernel-obs-build.spec.in: Remove SLE11 cruft
o s390/percpu: add READ_ONCE() to arch_this_cpu_to_op_simple() (git-fixes).
o scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() (git-fixes).
o scsi: qla2xxx: Perform lockless command completion in abort path
(git-fixes).
o sctp: do not free asoc when it is already dead in sctp_sendmsg (git-fixes).
o sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf
(git-fixes).
o sctp: use the right sk after waking up from wait_buf sleep (git-fixes).
o struct ci_hdrc: hide new member at end (git-fixes).
o struct wmi_svc_avail_ev_arg: new member to end (git-fixes).
o timekeeping: Prevent 32bit truncation in (git-fixes)
o tuntap: fix dividing by zero in ebpf queue selection (git-fixes).
o uprobes/x86: Fix detection of 32-bit user mode (git-fixes).
o usb/ohci-platform: Fix a warning when hibernating (git-fixes).
o usb: chipidea: core: fix possible concurrent when switch role (git-fixes).
o usb: chipidea: fix missing goto in ci_hdrc_probe (git-fixes).
o usb: dwc3: core: fix kernel panic when do reboot (git-fixes).
o usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).
o usb: host: ohci-pxa27x: Fix and & vs | typo (git-fixes).
o usb: storage: Add check for kcalloc (git-fixes).
o usb: typec: Check for ops->exit instead of ops->enter in altmode_exit
(git-fixes).
o watchdog: pcwd_usb: Fix attempting to access uninitialized memory
(git-fixes).
o wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list()
(git-fixes).
o workqueue: Fix missing kfree(rescuer) in destroy_workqueue() (bsc#1210460).
o workqueue: Fix spurious sanity check failures in destroy_workqueue() (bsc#
1210460).
o wq: handle VM suspension in stall detection (bsc#1210466).
o x86, boot: Remove multiple copy of static function sanitize_boot_params()
(git-fixes).
o x86/apic: Fix arch_dynirq_lower_bound() bug for DT enabled machines
(git-fixes).
o x86/apic: Handle missing global clockevent gracefully (git-fixes bsc#
1142926).
o x86/apic: Soft disable APIC before initializing it (git-fixes).
o x86/boot/compressed: Disable relocation relaxation (git-fixes).
o x86/boot: Avoid using Intel mnemonics in AT&T syntax asm (git-fixes).
o x86/bugs: Add Cannon lake to RETBleed affected CPU list (git-fixes).
o x86/bugs: Enable STIBP for IBPB mitigated RETBleed (git-fixes).
o x86/decoder: Add TEST opcode to Group3-2 (git-fixes).
o x86/fpu: Prevent FPU state corruption (git-fixes).
o x86/ioapic: Prevent inconsistent state when moving an interrupt
(git-fixes).
o x86/irq: Ensure PI wakeup handler is unregistered before module unload
(git-fixes).
o x86/kprobes: Fix to check non boostable prefixes correctly (git-fixes).
o x86/kprobes: Restore BTF if the single-stepping is cancelled (git-fixes).
o x86/lib/cpu: Address missing prototypes warning (git-fixes).
o x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes).
o x86/mce: Lower throttling MCE messages' priority to warning (git-fixes).
o x86/mm: Stop printing BRK addresses (git-fixes).
o x86/mm: Use the correct function type for native_set_fixmap() (git-fixes).
o x86/pkeys: Add check for pkey "overflow" (git-fixes).
o x86/reboot: Always use NMI fallback when shutdown via reboot vector IPI
fails (git-fixes).
o x86/speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline
(git-fixes).
o x86/sysfb: Fix check for bad VRAM size (git-fixes).
o x86/tools/relocs: Fix non-POSIX regexp (git-fixes).
o x86/tools: Fix objdump version check again (git-fixes).
o x86/virt: Eat faults on VMXOFF in reboot flows (git-fixes).
o x86/virt: Mark flags and memory as clobbered by VMXOFF (git-fixes).
o x86: Do not let pgprot_modify() change the page encryption bit (git-fixes).
o x86_64: Fix jiffies ODR violation (git-fixes).
o xfrm: policy: use hlist rcu variants on insert (git-fixes).
o xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu
(git-fixes).
o xhci: hide include of iommu.h (git-fixes).
Special Instructions and Notes:
o Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Important update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Server for SAP Applications 12 SP5
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-2162=1
o SUSE Linux Enterprise High Performance Computing 12 SP5
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-2162=1
o SUSE Linux Enterprise Server 12 SP5
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-2162=1
Package List:
o SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc x86_64)
kernel-azure-4.12.14-16.133.1
o SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64)
kernel-syms-azure-4.12.14-16.133.1
kernel-azure-base-debuginfo-4.12.14-16.133.1
kernel-azure-debuginfo-4.12.14-16.133.1
kernel-azure-debugsource-4.12.14-16.133.1
kernel-azure-base-4.12.14-16.133.1
kernel-azure-devel-4.12.14-16.133.1
o SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch)
kernel-source-azure-4.12.14-16.133.1
kernel-devel-azure-4.12.14-16.133.1
o SUSE Linux Enterprise High Performance Computing 12 SP5 (nosrc x86_64)
kernel-azure-4.12.14-16.133.1
o SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64)
kernel-syms-azure-4.12.14-16.133.1
kernel-azure-base-debuginfo-4.12.14-16.133.1
kernel-azure-debuginfo-4.12.14-16.133.1
kernel-azure-debugsource-4.12.14-16.133.1
kernel-azure-base-4.12.14-16.133.1
kernel-azure-devel-4.12.14-16.133.1
o SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch)
kernel-source-azure-4.12.14-16.133.1
kernel-devel-azure-4.12.14-16.133.1
o SUSE Linux Enterprise Server 12 SP5 (nosrc x86_64)
kernel-azure-4.12.14-16.133.1
o SUSE Linux Enterprise Server 12 SP5 (x86_64)
kernel-syms-azure-4.12.14-16.133.1
kernel-azure-base-debuginfo-4.12.14-16.133.1
kernel-azure-debuginfo-4.12.14-16.133.1
kernel-azure-debugsource-4.12.14-16.133.1
kernel-azure-base-4.12.14-16.133.1
kernel-azure-devel-4.12.14-16.133.1
o SUSE Linux Enterprise Server 12 SP5 (noarch)
kernel-source-azure-4.12.14-16.133.1
kernel-devel-azure-4.12.14-16.133.1
References:
o https://www.suse.com/security/cve/CVE-2020-36691.html
o https://www.suse.com/security/cve/CVE-2022-43945.html
o https://www.suse.com/security/cve/CVE-2023-1611.html
o https://www.suse.com/security/cve/CVE-2023-1670.html
o https://www.suse.com/security/cve/CVE-2023-1855.html
o https://www.suse.com/security/cve/CVE-2023-1989.html
o https://www.suse.com/security/cve/CVE-2023-1990.html
o https://www.suse.com/security/cve/CVE-2023-1998.html
o https://www.suse.com/security/cve/CVE-2023-2124.html
o https://www.suse.com/security/cve/CVE-2023-2162.html
o https://www.suse.com/security/cve/CVE-2023-2483.html
o https://www.suse.com/security/cve/CVE-2023-30772.html
o https://bugzilla.suse.com/show_bug.cgiid=1142685
o https://bugzilla.suse.com/show_bug.cgiid=1142926
o https://bugzilla.suse.com/show_bug.cgiid=1174777
o https://bugzilla.suse.com/show_bug.cgiid=1190544
o https://bugzilla.suse.com/show_bug.cgiid=1202353
o https://bugzilla.suse.com/show_bug.cgiid=1205128
o https://bugzilla.suse.com/show_bug.cgiid=1207088
o https://bugzilla.suse.com/show_bug.cgiid=1209342
o https://bugzilla.suse.com/show_bug.cgiid=1209687
o https://bugzilla.suse.com/show_bug.cgiid=1209777
o https://bugzilla.suse.com/show_bug.cgiid=1209871
o https://bugzilla.suse.com/show_bug.cgiid=1209887
o https://bugzilla.suse.com/show_bug.cgiid=1209969
o https://bugzilla.suse.com/show_bug.cgiid=1209999
o https://bugzilla.suse.com/show_bug.cgiid=1210202
o https://bugzilla.suse.com/show_bug.cgiid=1210301
o https://bugzilla.suse.com/show_bug.cgiid=1210329
o https://bugzilla.suse.com/show_bug.cgiid=1210336
o https://bugzilla.suse.com/show_bug.cgiid=1210337
o https://bugzilla.suse.com/show_bug.cgiid=1210430
o https://bugzilla.suse.com/show_bug.cgiid=1210460
o https://bugzilla.suse.com/show_bug.cgiid=1210466
o https://bugzilla.suse.com/show_bug.cgiid=1210469
o https://bugzilla.suse.com/show_bug.cgiid=1210498
o https://bugzilla.suse.com/show_bug.cgiid=1210506
o https://bugzilla.suse.com/show_bug.cgiid=1210534
o https://bugzilla.suse.com/show_bug.cgiid=1210647
o https://bugzilla.suse.com/show_bug.cgiid=1210827
o https://bugzilla.suse.com/show_bug.cgiid=1211037
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBZFxw0skNZI30y1K9AQiUUA/7B6LVNfuIOhbp8FWM5vjFj1T6BY8HECFj
ts87qBeX5rByoRffNx7TAYIORSuDlEEd0jTJUS4uNW9xroSfDHm8KQ9oxf4Ftfil
8j06mo+pTdoJQZZt48zW3gLCtcXoJcaz5sniGg8SxU5+05cOyvqArY1ucAMXymjg
xAiJRkHVN4zep7SgXOLim7gAn9Q58U4DxEPNDX9rro4Ozmw9icN/nGsv4zl0mbkj
Ia+A6trPusFKoWRekaA/Xkvt2MmnnMWqngsmPo76F/5r2PBBKdU+9W6e7sjQypoO
lVKlUfTJPrcif39c5YMqdoOJosjeUGce9V2gKqZA4sQE1xdPJccGyfEHooqRiZbx
+U4P/Mu6shuHfDoDJirhoeejpWZQD92phX32FFRyIDlGK2m9nwA2FO889vgA8XWq
oNSiq3J6nmTfKbszqkGxYvkiokQEe07sOCleyvJERC2XyrbLJUM+mVqC9pt5Q+nB
BoM7eZKEUiGyodIX/4kxPr8MzbG4gft1Jh0TjnI1TdpjttZggztgd4ttsMxYyx9p
1RGtrg0iBKGlIEJyO+B8kYB9jLRhiBXuORY9LRbRcG/3Vt5ObH4v/KpP7Y7YMDFJ
Tl/mC0fMmo1hGn5vbNmhdL5cfOMDTdpopU1nKUm2XVTdet8EhMBYxBRj5usEdX3K
rhTkDuz2BdU=
=wnic
-----END PGP SIGNATURE-----