From sle-updates at lists.suse.com Wed Aug 1 11:08:17 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 1 Aug 2012 19:08:17 +0200 (CEST) Subject: SUSE-RU-2012:0936-1: important: Recommended update for libsoup Message-ID: <20120801170818.130EB3213D@maintenance.suse.de> SUSE Recommended Update: Recommended update for libsoup ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0936-1 Rating: important References: #771609 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update of libsoup disables the previously enabled SSL certificate checking, potentially allowing Man in the Middle attacks. This was necessary as a many customers still use self-signed certificate setups and necessary user interface changes are too intrusive. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libsoup-6597 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libsoup-6597 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libsoup-6597 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libsoup-6597 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libsoup-devel-2.32.2-4.13.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): libsoup-devel-32bit-2.32.2-4.13.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): libsoup-2_4-1-2.32.2-4.13.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libsoup-2_4-1-32bit-2.32.2-4.13.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libsoup-2_4-1-2.32.2-4.13.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libsoup-2_4-1-32bit-2.32.2-4.13.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libsoup-2_4-1-x86-2.32.2-4.13.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libsoup-2_4-1-2.32.2-4.13.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libsoup-2_4-1-32bit-2.32.2-4.13.1 References: https://bugzilla.novell.com/771609 http://download.novell.com/patch/finder/?keywords=d3a43504d3a7c0511aa8d64d9821820e From sle-updates at lists.suse.com Thu Aug 2 13:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 2 Aug 2012 21:08:32 +0200 (CEST) Subject: SUSE-OU-2012:0941-1: moderate: Optional update for libnl-32bit Message-ID: <20120802190832.62B4E32245@maintenance.suse.de> SUSE Optional Update: Optional update for libnl-32bit ______________________________________________________________________________ Announcement ID: SUSE-OU-2012:0941-1 Rating: moderate References: #760500 Affected Products: SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This update provides libnl-32bit. Indications: Every interested user should install the update. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-libnl-32bit-6615 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): libnl-32bit-1.1-49.22.4.12 References: https://bugzilla.novell.com/760500 http://download.novell.com/patch/finder/?keywords=e78c975346b750a83355dfda9cd447aa From sle-updates at lists.suse.com Thu Aug 2 13:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 2 Aug 2012 21:08:33 +0200 (CEST) Subject: SUSE-RU-2012:0942-1: moderate: Recommended update for aaa_base Message-ID: <20120802190833.EEB0932247@maintenance.suse.de> SUSE Recommended Update: Recommended update for aaa_base ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0942-1 Rating: moderate References: #763944 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to aaa_base resolves an issue that could prevent boot messages from being recorded to /var/log/boot.msg after the root device was mounted. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-aaa_base-6544 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-aaa_base-6544 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-aaa_base-6544 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): aaa_base-11-6.71.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): aaa_base-11-6.71.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): aaa_base-11-6.71.1 References: https://bugzilla.novell.com/763944 http://download.novell.com/patch/finder/?keywords=674a64fdead6007468b4ea6976c23505 From sle-updates at lists.suse.com Thu Aug 2 16:09:04 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 3 Aug 2012 00:09:04 +0200 (CEST) Subject: SUSE-RU-2012:0943-1: moderate: Recommended update for libvirt and libnetcontrol Message-ID: <20120802220904.F2CD532245@maintenance.suse.de> SUSE Recommended Update: Recommended update for libvirt and libnetcontrol ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0943-1 Rating: moderate References: #753313 #754001 #760500 #761314 #763388 #765040 #767797 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 7 recommended fixes can now be installed. It includes one version update. Description: This is a collective update to libvirt and libnetcontrol. In libvirt, the following issues have been resolved: * Add upstream patch to make PCI multifunction support more manual (bnc#753313). * Fix libvirtd deadlock on shutdown (bnc#767797). * Check for errors when parsing bridge interface XML (bnc#760500). * Improve error reporting when parsing domainXML character devices (bnc#761314). * Add upstream patch to fix ref count of virNetServer object. * Fix 'make uninstall' error. Libnetcontrol was updated to version 0.2.6, resolving issues reported in bnc#760500, bnc#763388, bnc#765040 and bnc#754001: * Fetch IP addresses and routes in system refresh via netlink, adds libnl-1 dependency to libnetcontrol. * Do not use -o rc for ifup or it fails when startmode is set to manual. * Always call ifstatus in ncf_if_status and not check interface operstate to better match ifstatus results. * Check type while creating topology tree as well, not only if the interface specific data exists. * Do not report error in ncf_if_xml_state when interface does not exist any more. * Improved error handling, report several errors once. * Expose a lot of error details to the caller. * Fixed to parse and configure complete interface trees and fixed a senseless type check that caused SEGV. * Fetch MAC address from system when not in the configuration. * Fixed ARP IP target bonding option handling and expose errors while trying to add not unique slave interface. * Refresh config handle earlier in ncf_define, fixed a double free in regression test. * Automatically start port/slave/base interfaces when stating a bridge/bond/vlan. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libvirt-201207-6505 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libvirt-201207-6505 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libvirt-201207-6505 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libvirt-201207-6505 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.2.6]: libnetcontrol-devel-0.2.6-0.5.1 libvirt-devel-0.9.6-0.19.4 - SUSE Linux Enterprise Software Development Kit 11 SP2 (x86_64): libvirt-devel-32bit-0.9.6-0.19.4 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 0.2.6]: libnetcontrol0-0.2.6-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64) [New Version: 0.2.6]: libnetcontrol0-32bit-0.2.6-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.2.6]: libnetcontrol0-0.2.6-0.5.1 libvirt-0.9.6-0.19.4 libvirt-client-0.9.6-0.19.4 libvirt-doc-0.9.6-0.19.4 libvirt-python-0.9.6-0.19.4 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 0.2.6]: libnetcontrol0-32bit-0.2.6-0.5.1 libvirt-client-32bit-0.9.6-0.19.4 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 0.2.6]: libnetcontrol0-0.2.6-0.5.1 libvirt-0.9.6-0.19.4 libvirt-client-0.9.6-0.19.4 libvirt-doc-0.9.6-0.19.4 libvirt-python-0.9.6-0.19.4 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 0.2.6]: libnetcontrol0-32bit-0.2.6-0.5.1 libvirt-client-32bit-0.9.6-0.19.4 References: https://bugzilla.novell.com/753313 https://bugzilla.novell.com/754001 https://bugzilla.novell.com/760500 https://bugzilla.novell.com/761314 https://bugzilla.novell.com/763388 https://bugzilla.novell.com/765040 https://bugzilla.novell.com/767797 http://download.novell.com/patch/finder/?keywords=8dfa000b4aaa2ddf48caae46141e9c5a From sle-updates at lists.suse.com Fri Aug 3 00:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 3 Aug 2012 08:08:29 +0200 (CEST) Subject: SUSE-RU-2012:0944-1: Recommended update for perl-Bootloader Message-ID: <20120803060830.0779F32245@maintenance.suse.de> SUSE Recommended Update: Recommended update for perl-Bootloader ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0944-1 Rating: low References: #750182 #757565 #760464 #765663 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. It includes one version update. Description: This update to perl-Bootloader includes the following improvements and fixes: * Improves dmraid parsing, fixing an issue where installing a kernel update on a system with many discs could take up to several hours (bnc#750182) * Makes the dependency on the Perl module Pod::Usage optional (bnc#760464) * Fix parsing of product files (bnc#757565) * Fix disambiguation of section entry names (bnc#765663). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-perl-Bootloader-6531 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-perl-Bootloader-6531 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-perl-Bootloader-6531 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 0.4.89.42]: perl-Bootloader-0.4.89.42-0.6.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.4.89.42]: perl-Bootloader-0.4.89.42-0.6.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 0.4.89.42]: perl-Bootloader-0.4.89.42-0.6.1 References: https://bugzilla.novell.com/750182 https://bugzilla.novell.com/757565 https://bugzilla.novell.com/760464 https://bugzilla.novell.com/765663 http://download.novell.com/patch/finder/?keywords=6a24dddfff4bbaa4714111cd4cc8b0ba From sle-updates at lists.suse.com Fri Aug 3 10:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 3 Aug 2012 18:08:33 +0200 (CEST) Subject: SUSE-RU-2012:0945-1: Recommended update for perl-Bootloader Message-ID: <20120803160833.E3A9732245@maintenance.suse.de> SUSE Recommended Update: Recommended update for perl-Bootloader ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0945-1 Rating: low References: #717828 #726209 #730405 #730467 #735073 #750182 #757565 #760464 #765663 Affected Products: SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has 9 recommended fixes can now be installed. It includes one version update. Description: This update to perl-Bootloader brings the following improvements: * During a kernel update, change the default behavior to first try to use parameters from a fitting section and have sysconfig only as a fall back (FATE#310946) * Implement MD raid failover boot configuration (FATE#305008) * Improve compatibility with UEFI on Xen setups (bnc #717828) * Support more devices in fallback heuristics (bnc#726209) * Implement a fall back to retrieve the kernel device name in case udev is not running (bnc#735073). The update also resolves the following issues: * Add 'root' option if no fitting section was found (bnc#730405) * Under some specific circumstances, an incorrect root device might be written to the bootloader configuration after a kernel update (bnc#730467) * Speedup dmraid parsing, fixing an issue where installing a kernel update on a system with many discs could take up to several hours (bnc#750182) * Makes the dependency on the Perl module Pod::Usage optional (bnc#760464) * Fix parsing of product files (bnc#757565) * Fix disambiguation of section entry names (bnc#765663). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-perl-Bootloader-6530 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-perl-Bootloader-6530 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-perl-Bootloader-6530 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 0.4.89.42]: perl-Bootloader-0.4.89.42-0.3.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.4.89.42]: perl-Bootloader-0.4.89.42-0.3.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 0.4.89.42]: perl-Bootloader-0.4.89.42-0.3.1 References: https://bugzilla.novell.com/717828 https://bugzilla.novell.com/726209 https://bugzilla.novell.com/730405 https://bugzilla.novell.com/730467 https://bugzilla.novell.com/735073 https://bugzilla.novell.com/750182 https://bugzilla.novell.com/757565 https://bugzilla.novell.com/760464 https://bugzilla.novell.com/765663 http://download.novell.com/patch/finder/?keywords=ffc0dd16f4eb092f450367dbb20e7cf1 From sle-updates at lists.suse.com Fri Aug 3 13:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 3 Aug 2012 21:08:34 +0200 (CEST) Subject: SUSE-RU-2012:0946-1: Recommended update for SLE Point of Service Message-ID: <20120803190834.2B2B03223C@maintenance.suse.de> SUSE Recommended Update: Recommended update for SLE Point of Service ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0946-1 Rating: low References: #712812 #728885 #732247 #734573 #747646 #751551 #752079 #752326 #752833 #753380 #753653 #755023 #755438 #755720 #755915 #756035 #756049 #756440 #759079 #759341 #760331 #760502 #760713 #761394 #761396 #761884 #764946 #766720 #767491 #770906 #770966 #770972 #771166 #771445 #771898 #772116 #772209 Affected Products: SUSE Linux Enterprise Point of Service 11 SP2 ______________________________________________________________________________ An update that has 37 recommended fixes can now be installed. It includes one version update. Description: This update provides SUSE Linux Enterprise Point of Service 11 SP2 Feature Pack 1: * added wireless support, not enabled by default (fate#313085) * service partition (fate#313061) * local netboot from service partition (fate#313337) ** new config.MAC options POS_KERNEL, POS_INITRD, POS_KERNEL_PARAMS * multicast TFTP support for compressed images (fate#313083) * preserve and use new kernel and initrd checksums * enabled terminals with more network interfaces (fate#313335) * added kernel-firmware package (bnc#766720) In addition, it is a collective update for SUSE Linux Enterprise Point of Service 11 SP2 that resolves the following issues: * Do not reformat data partition if e2fsck fails on minor errors like "last mount time is in the future" (bnc#761394) * Fixed creation of encrypted swap (bnc#761396) * Moved hal-input-unique-device-ID one level up from /usr/lib/hal/scripts/linux to /usr/lib/hal/scripts (bnc#712812) * Added xinput ID configuration (bnc#712812) * Enabled scRefObjectContainers under organizationalUnit (bnc#755023) * Removed unnecessary delay before refreshing idlist (bnc#755720) * Fixed posleases2ldap dying in a rare case (bnc#753653) * Added posASWatch service to LDAP (bnc#752833) * faster terminal reboot if kernel parameters have changed (bnc#759079) * Branch Server Appliance should not allow invalid credentials (bnc#752079) * LDAP synchronization fix if LDAP entry is replaced (bnc#767491) * posAdmin.pl: fixed export of multivalued attributes (bnc#764946) * posAdmin.pl: fixed losing entered data in some situations (bnc#751551) * posAdmin.pl: fixed problem including scConfigFileTemplates (bnc#747646) * posAdmin.pl: fix export image filename without full path and scDiskJounal (bnc#755438) * posAdmin.pl: --query to query objectClass defined directly by --base parameter * posAdmin.pl: updated LDAP object descriptions from LDAP * posAdmin.pl: can modify attributes forming part of the DN (bnc#761884) * posAdmin.pl: autosave settings (bnc#734573) * posAdmin.pl: now lists multiple same entries (bnc#753380) * posInitBranchserver: handle missing ipHostNumber attribute in services (bnc#756049) * posInitBranchserver: keep running posleases2ldap if posleases2ldap object is missing in LDAP (bnc#756035) * posInitBranchserver: fixed rsyncd configuration to correctly report if service is running (bnc#756440) * fixed MACs update in registered workstations (bnc#770972) * fixed uninitialized values in posAdmin (bnc#770966) * fixed LDAP synchronization (bnc#772159, bnc#772209) * rollback is now compatible with multiple MACs (bnc#771445) * fixed cyclic default pxe file creation (bnc#772116) * fixed registerImages error handling (bnc#771166) Kiwi was updated to 4.85.66 with the following fixes: * fixed compare of object addresses by using refaddr. * don't remove wireless drivers and firmware (bnc #759341) * fixed creation of --bootcd and/or --bootusb initrd only images * fixed hook call with parameters containing spaces (bnc #760331) * netboot: use --metadata=0.9 format for raid setup (bnc #760713) * allow evaluation of $DO_NOT_INSTALL_BOOTLOADER variable in netboot suse-preinit to prevent installation of the bootloader by a variable (bnc #760502) * additionally create md5 sum's for the kernel and the optional created splash initrd (fate #313338) * allow init=/path/to/program option for kiwi images * allow boottimeout of 0sec, also set the same default timeout of 10sec for the ext|syslinux setup * added support for netboot on s390 via zPXE (fate #312134) * fixed partedGetPartitionID() function to return correct ID (bnc #766720) * removed kernel-firmware from netboot descriptions for SLE (bnc #766720) * preserve haveged, related to (bnc #766720) * make sure wpa_supplicant stays inside the initrd (bnc #766720) * fixed setLogFile path writable check (bnc #728885) * strip kernel modules and firmware after the function baseUnpackBootIncludes() called in images.sh (bnc #766720) * netboot: improved testing for networks by using -T option (fate #313338) * netboot: fixed use of multicast for compressed images Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Point of Service 11 SP2: zypper in -t patch sleposp2-slepos-sp3-fp1-6601 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Point of Service 11 SP2 (i586 x86_64) [New Version: 4.85.66]: POS_Migration-3.4.2-0.28.1 POS_Server-Admin3-3.4.2-0.28.1 POS_Server-AdminGUI-3.4.2-0.28.1 POS_Server-AdminTools3-3.4.2-0.28.1 POS_Server-BranchTools3-3.4.2-0.28.1 POS_Server-Modules3-3.4.2-0.28.1 POS_Server3-3.4.2-0.28.1 admind-1.9-1.28.1 admind-client-1.9-1.28.1 kiwi-4.85.66-0.5.1 kiwi-desc-isoboot-4.85.66-0.5.1 kiwi-desc-netboot-4.85.66-0.5.1 kiwi-desc-oemboot-4.85.66-0.5.1 kiwi-doc-4.85.66-0.5.1 kiwi-tools-4.85.66-0.5.1 posbios-1.0-1.28.1 - SUSE Linux Enterprise Point of Service 11 SP2 (noarch): POS_Image-Branchserver3-3.4.0-0.28.1 POS_Image-Graphical3-3.4.0-0.28.1 POS_Image-Minimal3-3.4.0-0.28.1 POS_Image-Netboot-hooks-3.4.0-0.28.1 POS_Image3-3.4.2-0.28.1 slepos-guide_en-11.2-0.15.1 References: https://bugzilla.novell.com/712812 https://bugzilla.novell.com/728885 https://bugzilla.novell.com/732247 https://bugzilla.novell.com/734573 https://bugzilla.novell.com/747646 https://bugzilla.novell.com/751551 https://bugzilla.novell.com/752079 https://bugzilla.novell.com/752326 https://bugzilla.novell.com/752833 https://bugzilla.novell.com/753380 https://bugzilla.novell.com/753653 https://bugzilla.novell.com/755023 https://bugzilla.novell.com/755438 https://bugzilla.novell.com/755720 https://bugzilla.novell.com/755915 https://bugzilla.novell.com/756035 https://bugzilla.novell.com/756049 https://bugzilla.novell.com/756440 https://bugzilla.novell.com/759079 https://bugzilla.novell.com/759341 https://bugzilla.novell.com/760331 https://bugzilla.novell.com/760502 https://bugzilla.novell.com/760713 https://bugzilla.novell.com/761394 https://bugzilla.novell.com/761396 https://bugzilla.novell.com/761884 https://bugzilla.novell.com/764946 https://bugzilla.novell.com/766720 https://bugzilla.novell.com/767491 https://bugzilla.novell.com/770906 https://bugzilla.novell.com/770966 https://bugzilla.novell.com/770972 https://bugzilla.novell.com/771166 https://bugzilla.novell.com/771445 https://bugzilla.novell.com/771898 https://bugzilla.novell.com/772116 https://bugzilla.novell.com/772209 http://download.novell.com/patch/finder/?keywords=501d70e6698fafcd0758e13c8cf33a5d From sle-updates at lists.suse.com Fri Aug 3 14:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 3 Aug 2012 22:08:28 +0200 (CEST) Subject: SUSE-RU-2012:0947-1: moderate: Recommended update for udev Message-ID: <20120803200828.C530732247@maintenance.suse.de> SUSE Recommended Update: Recommended update for udev ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0947-1 Rating: moderate References: #697103 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to udev resolves the following issue: * Use secure version of getenv() in libudev (bnc#697103). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-libgudev-1_0-0-6600 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-libgudev-1_0-0-6600 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-libgudev-1_0-0-6600 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-libgudev-1_0-0-6600 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libgudev-1_0-devel-147-0.63.1 libudev-devel-147-0.63.1 libudev0-147-0.63.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): libgudev-1_0-0-147-0.63.1 libudev0-147-0.63.1 udev-147-0.63.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): libgudev-1_0-0-32bit-147-0.63.1 libudev0-32bit-147-0.63.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libgudev-1_0-0-147-0.63.1 libudev0-147-0.63.1 udev-147-0.63.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libgudev-1_0-0-32bit-147-0.63.1 libudev0-32bit-147-0.63.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libgudev-1_0-0-x86-147-0.63.1 libudev0-x86-147-0.63.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libgudev-1_0-0-147-0.63.1 libudev0-147-0.63.1 udev-147-0.63.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libgudev-1_0-0-32bit-147-0.63.1 libudev0-32bit-147-0.63.1 References: https://bugzilla.novell.com/697103 http://download.novell.com/patch/finder/?keywords=f192af9c46f7db1011247a79f50a1862 From sle-updates at lists.suse.com Fri Aug 3 16:09:08 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 4 Aug 2012 00:09:08 +0200 (CEST) Subject: SUSE-RU-2012:0948-1: Recommended update for pciutils Message-ID: <20120803220908.ACAF83223C@maintenance.suse.de> SUSE Recommended Update: Recommended update for pciutils ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0948-1 Rating: low References: #762392 #766982 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update to pciutils implements the ability to decode PCIe Gen3 information such as link status and speed. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-pciutils-6564 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-pciutils-6563 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-pciutils-6564 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-pciutils-6564 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-pciutils-6563 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-pciutils-6563 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-pciutils-6564 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-pciutils-6563 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.1.7]: pciutils-devel-3.1.7-11.7.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64) [New Version: 3.1.7]: pciutils-devel-32bit-3.1.7-11.7.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): pciutils-devel-3.0.1-2.20.4.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64): pciutils-devel-32bit-3.0.1-2.20.4.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 3.1.7]: pciutils-3.1.7-11.7.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64) [New Version: 3.1.7]: pciutils-32bit-3.1.7-11.7.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.1.7]: pciutils-3.1.7-11.7.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 3.1.7]: pciutils-32bit-3.1.7-11.7.1 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 3.1.7]: pciutils-x86-3.1.7-11.7.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): pciutils-3.0.1-2.20.4.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): pciutils-32bit-3.0.1-2.20.4.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): pciutils-3.0.1-2.20.4.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64): pciutils-32bit-3.0.1-2.20.4.1 - SUSE Linux Enterprise Server 11 SP1 (ia64): pciutils-x86-3.0.1-2.20.4.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): pciutils-3.1.2-1.9.1 pciutils-devel-3.1.2-1.9.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): pciutils-devel-32bit-3.1.2-1.9.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): pciutils-devel-64bit-3.1.2-1.9.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.1.7]: pciutils-3.1.7-11.7.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 3.1.7]: pciutils-32bit-3.1.7-11.7.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): pciutils-3.0.1-2.20.4.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): pciutils-32bit-3.0.1-2.20.4.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): pciutils-3.1.2-1.9.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): pciutils-devel-3.1.2-1.9.1 - SLE SDK 10 SP4 (s390x x86_64): pciutils-devel-32bit-3.1.2-1.9.1 - SLE SDK 10 SP4 (ppc): pciutils-devel-64bit-3.1.2-1.9.1 References: https://bugzilla.novell.com/762392 https://bugzilla.novell.com/766982 http://download.novell.com/patch/finder/?keywords=3064538a2643aaab050280729b77a636 http://download.novell.com/patch/finder/?keywords=7a8f22985a18c7e57c02112807f09046 http://download.novell.com/patch/finder/?keywords=f1c1903ed4414cfb69e853f496af76d5 From sle-updates at lists.suse.com Fri Aug 3 17:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 4 Aug 2012 01:08:28 +0200 (CEST) Subject: SUSE-RU-2012:0949-1: moderate: Recommended update for kdump Message-ID: <20120803230828.4C02F32236@maintenance.suse.de> SUSE Recommended Update: Recommended update for kdump ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0949-1 Rating: moderate References: #718684 #765175 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This collective update for kdump provides the following fixes: * 765175: kdump fails if non-dir files reside in /var/crash * 718684: kdump hangs if nmi_watchdog is set Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-kdump-6535 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-kdump-6535 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-kdump-6410 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-kdump-6410 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-kdump-6535 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-kdump-6410 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): kdump-0.7.8-1.33.38.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 x86_64): kdump-0.7.8-1.33.38.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): kdump-0.7.8-1.33.35.39.2 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 x86_64): kdump-0.7.8-1.33.35.39.2 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): kdump-0.7.8-1.33.38.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): kdump-0.7.8-1.33.35.39.2 References: https://bugzilla.novell.com/718684 https://bugzilla.novell.com/765175 http://download.novell.com/patch/finder/?keywords=079ad960654954493d434c03dc3c5543 http://download.novell.com/patch/finder/?keywords=8b0ce92ee6894ac860677e058a7ee4f5 From sle-updates at lists.suse.com Sat Aug 4 09:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 4 Aug 2012 17:08:34 +0200 (CEST) Subject: SUSE-RU-2012:0950-1: moderate: Recommended update for mdadm Message-ID: <20120804150835.65A403223C@maintenance.suse.de> SUSE Recommended Update: Recommended update for mdadm ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0950-1 Rating: moderate References: #721412 #749353 #762675 Affected Products: SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update to mdadm resolves the following issues: * Fix problem with removing 'failed' or 'detached' devices (bnc#721412). * If multiple "mdadm -A devname" are running at the same time, that shouldn't trip each other up and cause "cannot re-read metadata" errors (bnc#749353). * Allow non-power-of-2 chunk size for RAID0 (bnc#762675). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-mdadm-6392 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-mdadm-6392 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-mdadm-6392 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): mdadm-3.0.3-0.34.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): mdadm-3.0.3-0.34.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): mdadm-3.0.3-0.34.1 References: https://bugzilla.novell.com/721412 https://bugzilla.novell.com/749353 https://bugzilla.novell.com/762675 http://download.novell.com/patch/finder/?keywords=459d12b36caf696513f713fa903e28c9 From sle-updates at lists.suse.com Sat Aug 4 09:08:37 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 4 Aug 2012 17:08:37 +0200 (CEST) Subject: SUSE-RU-2012:0951-1: Recommended update for SLE POS Release Notes Message-ID: <20120804150837.C66BC32138@maintenance.suse.de> SUSE Recommended Update: Recommended update for SLE POS Release Notes ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0951-1 Rating: low References: #764650 Affected Products: SUSE Linux Enterprise Point of Service 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides the latest Release Notes for SUSE Linux Enterprise 11 SP2 Point of Service. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Point of Service 11 SP2: zypper in -t patch sleposp2-release-notes-slepos-6635 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Point of Service 11 SP2 (i586 x86_64): release-notes-slepos-11-1.22.1 References: https://bugzilla.novell.com/764650 http://download.novell.com/patch/finder/?keywords=5824fded055b8a95bea0efe469cfd2fa From sle-updates at lists.suse.com Sat Aug 4 10:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 4 Aug 2012 18:08:35 +0200 (CEST) Subject: SUSE-RU-2012:0952-1: Recommended update for kiwi Message-ID: <20120804160835.AA74A32246@maintenance.suse.de> SUSE Recommended Update: Recommended update for kiwi ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0952-1 Rating: low References: #728885 #755915 #759341 #760331 #760502 #760713 #766720 #771898 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 ______________________________________________________________________________ An update that has 8 recommended fixes can now be installed. It includes one version update. Description: Kiwi was updated to 4.85.66 with the following fixes: * fixed compare of object addresses by using refaddr. * don't remove wireless drivers and firmware (bnc #759341) * fixed creation of --bootcd and/or --bootusb initrd only images * fixed hook call with parameters containing spaces (bnc #760331) * netboot: use --metadata=0.9 format for raid setup (bnc #760713) * allow evaluation of $DO_NOT_INSTALL_BOOTLOADER variable in netboot suse-preinit to prevent installation of the bootloader by a variable (bnc #760502) * additionally create md5 sum's for the kernel and the optional created splash initrd (fate #313338) * allow init=/path/to/program option for kiwi images * allow boottimeout of 0sec, also set the same default timeout of 10sec for the ext|syslinux setup * added support for netboot on s390 via zPXE (fate #312134) * fixed partedGetPartitionID() function to return correct ID (bnc #766720) * removed kernel-firmware from netboot descriptions for SLE (bnc #766720) * preserve haveged, related to (bnc #766720) * make sure wpa_supplicant stays inside the initrd (bnc #766720) * fixed setLogFile path writable check (bnc #728885) * strip kernel modules and firmware after the function baseUnpackBootIncludes() called in images.sh (bnc #766720) * netboot: improved testing for networks by using -T option (fate #313338) * netboot: fixed use of multicast for compressed images. Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-slepos-201207-6602 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 4.85.66]: kiwi-4.85.66-0.5.1 kiwi-instsource-4.85.66-0.5.1 kiwi-tools-4.85.66-0.5.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 s390x x86_64) [New Version: 4.85.66]: kiwi-desc-oemboot-4.85.66-0.5.1 kiwi-desc-vmxboot-4.85.66-0.5.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 4.85.66]: kiwi-desc-isoboot-4.85.66-0.5.1 kiwi-desc-netboot-4.85.66-0.5.1 kiwi-doc-4.85.66-0.5.1 kiwi-pxeboot-4.85.66-0.5.1 References: https://bugzilla.novell.com/728885 https://bugzilla.novell.com/755915 https://bugzilla.novell.com/759341 https://bugzilla.novell.com/760331 https://bugzilla.novell.com/760502 https://bugzilla.novell.com/760713 https://bugzilla.novell.com/766720 https://bugzilla.novell.com/771898 http://download.novell.com/patch/finder/?keywords=d7c4dd4c61856685f038adee4570280c From sle-updates at lists.suse.com Sat Aug 4 10:08:37 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 4 Aug 2012 18:08:37 +0200 (CEST) Subject: SUSE-RU-2012:0953-1: Recommended update for kvm Message-ID: <20120804160837.368AF32249@maintenance.suse.de> SUSE Recommended Update: Recommended update for kvm ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0953-1 Rating: low References: #709405 #722643 #722958 #724813 #747339 #753313 #757031 #764526 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that solves one vulnerability and has 7 fixes is now available. Description: This update for KVM resolves the following issues: * The hardware certification NIC in/out tests were failing in some cases. The guest virtio-net driver would stop receiving packets after some time (bnc#709405). * Tight PNG encoding should only be used when --enable-vnc-png is set. KVM builds with --disable-vnc-png option and this bug is adversely affecting noVNC (bnc#757031). * Invoke device reset handler on hot-plug. This resolves network connectivity problems with hot-plugged NICs on Windows 2008 guests (bnc#722958, bnc#722643). * Disable CPU hotplug in qemu monitor (bnc#747339). * Mouse in guest does not work after kdump (bnc#724813). * The monitor command "block_resize" was moved from unsupported to supported in kvm-supported.txt to correctly reflect its already supported status. * Add cache=directsync to round out full range of cache options. * fix vulnerability to temporary file symlink attacks in snapshot file mode. (bnc#764526) (CVE-2012-2652) * For pci device assignment, update legacy interrupts only if used. Don't mess with assign_intx on devices that are in MSI or MSI-X mode, it would corrupt their interrupt routing. (bnc#753313) Security Issues: * CVE-2012-2652 Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-kvm-6455 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-kvm-6455 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): kvm-0.15.1-0.21.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): kvm-0.15.1-0.21.1 References: http://support.novell.com/security/cve/CVE-2012-2652.html https://bugzilla.novell.com/709405 https://bugzilla.novell.com/722643 https://bugzilla.novell.com/722958 https://bugzilla.novell.com/724813 https://bugzilla.novell.com/747339 https://bugzilla.novell.com/753313 https://bugzilla.novell.com/757031 https://bugzilla.novell.com/764526 http://download.novell.com/patch/finder/?keywords=d568a75ed554d4a5eb44c40b27ffb1c7 From sle-updates at lists.suse.com Mon Aug 6 09:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 6 Aug 2012 17:08:34 +0200 (CEST) Subject: SUSE-RU-2012:0956-1: Recommended update for lxc Message-ID: <20120806150834.E4A6232245@maintenance.suse.de> SUSE Recommended Update: Recommended update for lxc ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0956-1 Rating: low References: #750470 #759609 #759876 #760230 #771183 #771371 #773195 #773234 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has 8 recommended fixes can now be installed. Description: This update to lxc (Linux Containers) includes the following improvements and fixes: * Update lxc-sles template: o default to isolate network in guest if no network configuration is provided, correctly interoperate with lxc-clone and btrfs support in lxc-start. o autoconfigure gateway, based on host gateway, for macvlan and veth when container IP address is given at creation time and is not 0.0.0.0 (bnc#771183, bnc#773195). o add iputils (bnc#759609) and supportutils (bnc#760230) to minimal install. o allow host DNS configuration to propagate to container (bnc#759876). * Backport btrfs / lvm snapshot support. * Ensure container shutting down is correctly detected by LXC. * Explain cgroups aren't mounted when failing because of it. * Update lxc initscript to handle correctly lxc-info 0.7.5 output. * Remove virtual network interface on error. * Improve gateway detection in container. * Output warning when trying to run twice a container. * Accurately detect whether a system supports clone_children (bnc#750470). * Ensure lxc package is uninstallable (bnc#771371). * Ensure boot.cgroup is correctly enabled and started when installing package. * Ensure lxc-createconfig correctly detect cidr (bnc#773234). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-lxc-6598 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-lxc-6598 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-lxc-6598 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ppc64 s390x x86_64): lxc-devel-0.7.5-1.25.3 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): lxc-0.7.5-1.25.3 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): lxc-0.7.5-1.25.3 - SUSE Linux Enterprise Server 11 SP2 (i586 ppc64 s390x x86_64): lxc-0.7.5-1.25.3 References: https://bugzilla.novell.com/750470 https://bugzilla.novell.com/759609 https://bugzilla.novell.com/759876 https://bugzilla.novell.com/760230 https://bugzilla.novell.com/771183 https://bugzilla.novell.com/771371 https://bugzilla.novell.com/773195 https://bugzilla.novell.com/773234 http://download.novell.com/patch/finder/?keywords=4f451983af7677a61d1030f7cb08bb87 From sle-updates at lists.suse.com Mon Aug 6 10:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 6 Aug 2012 18:08:30 +0200 (CEST) Subject: SUSE-RU-2012:0957-1: Recommended update for SUSE Manager Message-ID: <20120806160830.E5DA032245@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0957-1 Rating: low References: #768359 Affected Products: SUSE Manager Proxy 1.2 for SLE 11 SP1 SUSE Manager 1.2 for SLE 11 SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update adds the missing libcurl RPM for the bootstrap repositories for SUSE Manager. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Proxy 1.2 for SLE 11 SP1: zypper in -t patch slemap12sp1-spacewalk-client-repository-6609 - SUSE Manager 1.2 for SLE 11 SP1: zypper in -t patch sleman12sp1-spacewalk-client-repository-6609 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Proxy 1.2 for SLE 11 SP1 (x86_64): spacewalk-client-repository-0.1-0.7.1 spacewalk-client-repository-sle-11-1-0.1-0.7.1 - SUSE Manager 1.2 for SLE 11 SP1 (x86_64): spacewalk-client-repository-0.1-0.7.1 spacewalk-client-repository-sle-11-1-0.1-0.7.1 References: https://bugzilla.novell.com/768359 http://download.novell.com/patch/finder/?keywords=e3af83e8d4bd920b366d46c14c5448ef From sle-updates at lists.suse.com Mon Aug 6 10:08:32 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 6 Aug 2012 18:08:32 +0200 (CEST) Subject: SUSE-SU-2012:0958-1: important: Security update for auditlog-keeper Message-ID: <20120806160832.CC78432247@maintenance.suse.de> SUSE Security Update: Security update for auditlog-keeper ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0958-1 Rating: important References: #771335 Cross-References: CVE-2012-0421 Affected Products: SUSE Manager 1.2 for SLE 11 SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: auditlog-keeper was updated to fix the following issue: * /etc/auditlog-keeper.conf was world-readable and contains various passwords. (CVE-2012-0421) Security Issue reference: * CVE-2012-0421 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.2 for SLE 11 SP1: zypper in -t patch sleman12sp1-auditlog-keeper-6603 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.2 for SLE 11 SP1 (noarch) [New Version: 0.2.1]: auditlog-keeper-0.2.1-0.4.6.1 References: http://support.novell.com/security/cve/CVE-2012-0421.html https://bugzilla.novell.com/771335 http://download.novell.com/patch/finder/?keywords=286a6089e03a2dc757e711cf4b2a6585 From sle-updates at lists.suse.com Mon Aug 6 10:08:36 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 6 Aug 2012 18:08:36 +0200 (CEST) Subject: SUSE-OU-2012:0959-1: Optional update for yast2-lxc Message-ID: <20120806160836.641FC32245@maintenance.suse.de> SUSE Optional Update: Optional update for yast2-lxc ______________________________________________________________________________ Announcement ID: SUSE-OU-2012:0959-1 Rating: low References: #769176 Affected Products: SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This update adds a YaST2 module for managing LXC (Linux Containers). Indications: Every LXC user can install this module. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-lxc-6509 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (noarch): yast2-lxc-2.17.6-0.5.1 References: https://bugzilla.novell.com/769176 http://download.novell.com/patch/finder/?keywords=ed07b63e14b3f4a45234e8fd92dc8cd0 From sle-updates at lists.suse.com Mon Aug 6 13:08:39 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 6 Aug 2012 21:08:39 +0200 (CEST) Subject: SUSE-RU-2012:0960-1: important: Recommended update for release-notes-SLES-for-VMware Message-ID: <20120806190839.C358332246@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-SLES-for-VMware ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0960-1 Rating: important References: #771384 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides the latest version of the Release Notes for SUSE Linux Enterprise Server 11-SP2. The changes in detail are: * New entry: LXC Requires Correct Network Configuration (bnc#771384). Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-release-notes-SLES-for-VMware-6628 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-release-notes-sles-6629 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 11.2.0.39]: release-notes-SLES-for-VMware-11.2.0.39-0.7.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 11.2.0.39]: release-notes-sles-11.2.0.39-0.7.1 References: https://bugzilla.novell.com/771384 http://download.novell.com/patch/finder/?keywords=0950a6570ca1805e1bd610a05cb8128c http://download.novell.com/patch/finder/?keywords=b0ada64d76edf6cff5a6b92836cc256c From sle-updates at lists.suse.com Mon Aug 6 14:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 6 Aug 2012 22:08:34 +0200 (CEST) Subject: SUSE-RU-2012:0961-1: Recommended update for evolution Message-ID: <20120806200834.3167132246@maintenance.suse.de> SUSE Recommended Update: Recommended update for evolution ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0961-1 Rating: low References: #713610 #714939 #736655 #749224 #754953 #759519 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 6 recommended fixes can now be installed. Description: This consolidated update for Evolution provides smart card support, patches for Change Password Feature, Out of Office Feature, Find Item Feature, Free Busy and Other stability patches. In addition a low security issue has been fixed: * CVE-2011-3201: A malicious site can specify an attach= parameter to the URL, which can attach arbitrary files to a mail message. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-evolution-201207-6611 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-evolution-201207-6611 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-evolution-201207-6611 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-evolution-201207-6611 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): evolution-2.28.2-0.28.21 evolution-data-server-devel-2.28.2-0.29.24 evolution-devel-2.28.2-0.28.21 evolution-lang-2.28.2-0.28.21 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): evolution-data-server-2.28.2-0.29.24 evolution-data-server-lang-2.28.2-0.29.24 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): evolution-data-server-32bit-2.28.2-0.29.24 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): evolution-data-server-2.28.2-0.29.24 evolution-data-server-lang-2.28.2-0.29.24 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): evolution-data-server-32bit-2.28.2-0.29.24 - SUSE Linux Enterprise Server 11 SP2 (ia64): evolution-data-server-x86-2.28.2-0.29.24 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): evolution-2.28.2-0.28.21 evolution-data-server-2.28.2-0.29.24 evolution-data-server-lang-2.28.2-0.29.24 evolution-ews-2.28-0.10.20 evolution-ews-lang-2.28-0.10.20 evolution-lang-2.28.2-0.28.21 evolution-pilot-2.28.2-0.28.21 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): evolution-data-server-32bit-2.28.2-0.29.24 References: https://bugzilla.novell.com/713610 https://bugzilla.novell.com/714939 https://bugzilla.novell.com/736655 https://bugzilla.novell.com/749224 https://bugzilla.novell.com/754953 https://bugzilla.novell.com/759519 http://download.novell.com/patch/finder/?keywords=e5637a924ba483d6325d64fdd69eb42e From sle-updates at lists.suse.com Mon Aug 6 14:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 6 Aug 2012 22:08:35 +0200 (CEST) Subject: SUSE-OU-2012:0962-1: Optional update for libgnome-certauth0 Message-ID: <20120806200835.B0CCD32249@maintenance.suse.de> SUSE Optional Update: Optional update for libgnome-certauth0 ______________________________________________________________________________ Announcement ID: SUSE-OU-2012:0962-1 Rating: low References: #744764 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: Gnome Certificate Authentication provides a mechanism for Evolution to authenticate over SSL using certificates. Contraindications: Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-libgnome-certauth0-6623 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-libgnome-certauth0-6623 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-libgnome-certauth0-6623 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-libgnome-certauth0-6623 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libgnome-certauth0-0.3-6.2.2 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): libgnome-certauth0-32bit-0.3-6.2.2 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ia64): libgnome-certauth0-x86-0.3-6.2.2 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): libgnome-certauth0-0.3-6.2.2 - SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64): libgnome-certauth0-32bit-0.3-6.2.2 - SUSE Linux Enterprise Software Development Kit 11 SP1 (ia64): libgnome-certauth0-x86-0.3-6.2.2 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libgnome-certauth0-0.3-6.2.2 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): libgnome-certauth0-0.3-6.2.2 References: https://bugzilla.novell.com/744764 http://download.novell.com/patch/finder/?keywords=e813d8c7c7fd09a590baed5f2a2b8d31 From sle-updates at lists.suse.com Tue Aug 7 11:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 7 Aug 2012 19:08:34 +0200 (CEST) Subject: SUSE-SU-2012:0963-1: moderate: Security update for Gimp Message-ID: <20120807170834.8E0543223D@maintenance.suse.de> SUSE Security Update: Security update for Gimp ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0963-1 Rating: moderate References: #763595 #769565 Cross-References: CVE-2012-2763 CVE-2012-3236 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update of Gimp fixed a remotely exploitable buffer overflow in Script-Fu's server component as well as a NULL pointer dereference flaw in the fit format handler. Security Issue references: * CVE-2012-2763 * CVE-2012-3236 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-gimp-6542 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-gimp-6542 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-gimp-6542 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-gimp-6542 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): gimp-2.6.2-3.34.35.1 gimp-devel-2.6.2-3.34.35.1 gimp-lang-2.6.2-3.34.35.1 gimp-plugins-python-2.6.2-3.34.35.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): gimp-2.6.2-3.34.35.1 gimp-devel-2.6.2-3.34.35.1 gimp-lang-2.6.2-3.34.35.1 gimp-plugins-python-2.6.2-3.34.35.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): gimp-2.6.2-3.34.35.1 gimp-lang-2.6.2-3.34.35.1 gimp-plugins-python-2.6.2-3.34.35.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): gimp-2.6.2-3.34.35.1 gimp-lang-2.6.2-3.34.35.1 gimp-plugins-python-2.6.2-3.34.35.1 References: http://support.novell.com/security/cve/CVE-2012-2763.html http://support.novell.com/security/cve/CVE-2012-3236.html https://bugzilla.novell.com/763595 https://bugzilla.novell.com/769565 http://download.novell.com/patch/finder/?keywords=275c435b2a85cf3f4e1f1722c12d990c From sle-updates at lists.suse.com Tue Aug 7 11:08:36 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 7 Aug 2012 19:08:36 +0200 (CEST) Subject: SUSE-RU-2012:0964-1: moderate: Recommended update for udev Message-ID: <20120807170836.8B6BD3223D@maintenance.suse.de> SUSE Recommended Update: Recommended update for udev ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0964-1 Rating: moderate References: #697103 #763501 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update to udev resolves the following issues: * Increase the internal buffer used to receive netlink messages (bnc#763501) * Use secure version of getenv() in libudev (bnc#697103). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-libudev-devel-6599 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-libudev-devel-6599 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-libudev-devel-6599 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-libudev-devel-6599 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): libudev-devel-128-13.20.1 libudev0-128-13.20.1 libvolume_id-devel-128-13.20.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): libvolume_id1-128-13.20.1 udev-128-13.20.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): libvolume_id1-128-13.20.1 udev-128-13.20.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): libvolume_id1-128-13.20.1 udev-128-13.20.1 References: https://bugzilla.novell.com/697103 https://bugzilla.novell.com/763501 http://download.novell.com/patch/finder/?keywords=3aaa6c31bd3326153634adb0f3f1bd11 From sle-updates at lists.suse.com Tue Aug 7 12:08:24 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 7 Aug 2012 20:08:24 +0200 (CEST) Subject: SUSE-RU-2012:0965-1: important: Recommended update for osasnmpd and s390-tools Message-ID: <20120807180824.AA5D832245@maintenance.suse.de> SUSE Recommended Update: Recommended update for osasnmpd and s390-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0965-1 Rating: important References: #774464 Affected Products: SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to s390-tools adjusts the script zfcp_disk_configure to be compatible with older versions of udev that don't provide the binary udevadm. Package List: - SUSE Linux Enterprise Server 10 SP4 (s390x): osasnmpd-1.6.3-0.42.1 s390-tools-1.6.3-0.42.1 - SLE SDK 10 SP4 (s390x): osasnmpd-1.6.3-0.42.1 s390-tools-1.6.3-0.42.1 References: https://bugzilla.novell.com/774464 http://download.novell.com/patch/finder/?keywords=4aa94315853e0211f556210372f4d120 From sle-updates at lists.suse.com Tue Aug 7 12:08:26 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 7 Aug 2012 20:08:26 +0200 (CEST) Subject: SUSE-SU-2012:0966-1: moderate: Security update for Gimp Message-ID: <20120807180826.7306432246@maintenance.suse.de> SUSE Security Update: Security update for Gimp ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0966-1 Rating: moderate References: #769565 Cross-References: CVE-2012-3236 Affected Products: SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update of Gimp fixed a NULL pointer dereference flaw in the fit format handler. Security Issue reference: * CVE-2012-3236 Package List: - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): gimp-2.2.10-22.42.1 gimp-devel-2.2.10-22.42.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): gimp-2.2.10-22.42.1 gimp-devel-2.2.10-22.42.1 References: http://support.novell.com/security/cve/CVE-2012-3236.html https://bugzilla.novell.com/769565 http://download.novell.com/patch/finder/?keywords=715b3dd4ca6fcd9560aab8f12c861f37 From sle-updates at lists.suse.com Wed Aug 8 11:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 8 Aug 2012 19:08:34 +0200 (CEST) Subject: SUSE-RU-2012:0972-1: moderate: Recommended update for coreutils Message-ID: <20120808170834.36D3832245@maintenance.suse.de> SUSE Recommended Update: Recommended update for coreutils ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0972-1 Rating: moderate References: #752943 #754559 #763536 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This collective update to coreutils resolves the following issues: * Use FALLOC_FL_KEEP_SIZE in fallocate() to ensure the destination of a file copy grows only as much as has been copied (bnc#763536). * Fix a race condition in 'cp' that could make copies to NFS volumes fail (bnc#754559). * Speed up attribute determination by caching failures of calling SELinux functions (bnc#752943). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-coreutils-6512 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-coreutils-6512 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-coreutils-6512 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): coreutils-8.12-6.23.1 coreutils-lang-8.12-6.23.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): coreutils-8.12-6.23.1 coreutils-lang-8.12-6.23.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): coreutils-x86-8.12-6.23.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): coreutils-8.12-6.23.1 coreutils-lang-8.12-6.23.1 References: https://bugzilla.novell.com/752943 https://bugzilla.novell.com/754559 https://bugzilla.novell.com/763536 http://download.novell.com/patch/finder/?keywords=4dfedbef3c0adc9cf8a693aa2b40f5ea From sle-updates at lists.suse.com Wed Aug 8 14:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 8 Aug 2012 22:08:29 +0200 (CEST) Subject: SUSE-RU-2012:0973-1: moderate: Recommended update for coreutils Message-ID: <20120808200829.8A19532245@maintenance.suse.de> SUSE Recommended Update: Recommended update for coreutils ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0973-1 Rating: moderate References: #752943 #754559 #757636 #763536 Affected Products: SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This collective update to coreutils resolves the following issues: * Use FALLOC_FL_KEEP_SIZE in fallocate() to ensure the destination of a file copy grows only as much as has been copied (bnc#763536). * In some specific circumstances, the 'su' command could send spurious SIGCONT signals to all running processes (bnc#757636). * Fix a race condition in 'cp' that could make copies to NFS volumes fail (bnc#754559). * Speed up attribute determination by caching failures of calling SELinux functions (bnc#752943). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-coreutils-6508 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-coreutils-6508 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-coreutils-6508 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): coreutils-6.12-32.39.1 coreutils-lang-6.12-32.39.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): coreutils-6.12-32.39.1 coreutils-lang-6.12-32.39.1 - SUSE Linux Enterprise Server 11 SP1 (ia64): coreutils-x86-6.12-32.39.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): coreutils-6.12-32.39.1 coreutils-lang-6.12-32.39.1 References: https://bugzilla.novell.com/752943 https://bugzilla.novell.com/754559 https://bugzilla.novell.com/757636 https://bugzilla.novell.com/763536 http://download.novell.com/patch/finder/?keywords=ce8f555e926b392e82c2010b43ce35ed From sle-updates at lists.suse.com Thu Aug 9 09:09:16 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 9 Aug 2012 17:09:16 +0200 (CEST) Subject: SUSE-RU-2012:0977-1: Recommended update for drm Message-ID: <20120809150916.3E42332237@maintenance.suse.de> SUSE Recommended Update: Recommended update for drm ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0977-1 Rating: low References: #765800 Affected Products: SLE 11 SP1 HWREFRESH 2011A ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to the drm module resolves the following issues: * Fix screen corruption when entering S4 or modeset * Fix LVDS output on HP ProBook. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SLE 11 SP1 HWREFRESH 2011A: zypper in -t patch slehr11asp1-drm-6588 To bring your system up-to-date, use "zypper patch". Package List: - SLE 11 SP1 HWREFRESH 2011A (i586 x86_64): drm-kmp-default-2.6.37_2.6.32.59_0.7-0.13.15.1 - SLE 11 SP1 HWREFRESH 2011A (i586): drm-kmp-pae-2.6.37_2.6.32.59_0.7-0.13.15.1 References: https://bugzilla.novell.com/765800 http://download.novell.com/patch/finder/?keywords=346f743868f8d34a00334a5ba93e03ab From sle-updates at lists.suse.com Thu Aug 9 12:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 9 Aug 2012 20:08:28 +0200 (CEST) Subject: SUSE-SU-2012:0979-1: important: Security update for icedtea-web Message-ID: <20120809180828.60628321F6@maintenance.suse.de> SUSE Security Update: Security update for icedtea-web ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0979-1 Rating: important References: #773458 Cross-References: CVE-2012-3422 CVE-2012-3423 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. It includes one version update. Description: The icedtea-web Java browser plugin was updated to 1.2.1 to fix security issues and bugs. * CVE-2012-3422: Potential read from a uninitialized memory location has been fixed. * CVE-2012-3423: Incorrect handling of not-0 terminated strings has been fixed. Security Issue references: * CVE-2012-3422 * CVE-2012-3423 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-icedtea-web-6626 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-icedtea-web-6621 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 1.2.1]: icedtea-web-1.2.1-0.7.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 1.2.1]: icedtea-web-1.2.1-0.2.1 References: http://support.novell.com/security/cve/CVE-2012-3422.html http://support.novell.com/security/cve/CVE-2012-3423.html https://bugzilla.novell.com/773458 http://download.novell.com/patch/finder/?keywords=5f0430d04113f5d3e980b6c974b1d344 http://download.novell.com/patch/finder/?keywords=d6a8bcd6fbc566e30623b17ca8a559b5 From sle-updates at lists.suse.com Fri Aug 10 11:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 10 Aug 2012 19:08:35 +0200 (CEST) Subject: SUSE-RU-2012:0980-1: moderate: Recommended update for yast2-product-creator Message-ID: <20120810170836.1A3FD3223E@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-product-creator ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0980-1 Rating: moderate References: #748122 #748488 #749029 #750739 #750989 #751588 #755004 #767614 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Point of Service 11 SP2 ______________________________________________________________________________ An update that has 8 recommended fixes can now be installed. It includes one version update. Description: This collective update for yast2-product-creator provides the following fixes: * do not show duplicates in locale entry (bnc#748122) * allow writing empty package list (bnc#749029) * new check for conflicting delete packages (bnc#748488) * do not discard bootinclude packages after conflict (bnc#750739) * backup the original version of config.xml (bnc#750989) * locale settings: remove unsupported entries, allow deleting (bnc#751588) * updated list of compression flags (bnc#755004) * enable forcing package version to be present in the product (bnc#767614) Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-yast2-product-creator-6495 - SUSE Linux Enterprise Point of Service 11 SP2: zypper in -t patch sleposp2-yast2-product-creator-6495 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch) [New Version: 2.17.52]: yast2-product-creator-2.17.52-0.5.2 - SUSE Linux Enterprise Point of Service 11 SP2 (noarch) [New Version: 2.17.52]: yast2-product-creator-2.17.52-0.5.2 References: https://bugzilla.novell.com/748122 https://bugzilla.novell.com/748488 https://bugzilla.novell.com/749029 https://bugzilla.novell.com/750739 https://bugzilla.novell.com/750989 https://bugzilla.novell.com/751588 https://bugzilla.novell.com/755004 https://bugzilla.novell.com/767614 http://download.novell.com/patch/finder/?keywords=3a282e2f2f6e8694f4ba6bd4d4004c53 From sle-updates at lists.suse.com Mon Aug 13 11:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 13 Aug 2012 19:08:35 +0200 (CEST) Subject: SUSE-SU-2012:0983-1: important: Security update for puppet Message-ID: <20120813170835.D314032247@maintenance.suse.de> SUSE Security Update: Security update for puppet ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0983-1 Rating: important References: #770828 #770829 #770833 Cross-References: CVE-2012-3864 CVE-2012-3865 CVE-2012-3867 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. It includes one version update. Description: The following bugs have been fixed in puppet: * bnc#770828, CVE-2012-3864: puppet: authenticated clients can read arbitrary files via a flaw in puppet master * bnc#770829, CVE-2012-3865: puppet: arbitrary file delete / Denial of Service on Puppet Master by authenticated clients * bnc#770833, CVE-2012-3867: puppet: insufficient input validation for agent certificate names Security Issue references: * CVE-2012-3867 * CVE-2012-3864 * CVE-2012-3865 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-puppet-6561 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-puppet-6561 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-puppet-6561 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-puppet-6561 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-puppet-6561 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.17]: puppet-2.6.17-0.3.1 puppet-server-2.6.17-0.3.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 2.6.17]: puppet-2.6.17-0.3.1 puppet-server-2.6.17-0.3.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.17]: puppet-2.6.17-0.3.1 puppet-server-2.6.17-0.3.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2.6.17]: puppet-2.6.17-0.3.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 2.6.17]: puppet-2.6.17-0.3.1 References: http://support.novell.com/security/cve/CVE-2012-3864.html http://support.novell.com/security/cve/CVE-2012-3865.html http://support.novell.com/security/cve/CVE-2012-3867.html https://bugzilla.novell.com/770828 https://bugzilla.novell.com/770829 https://bugzilla.novell.com/770833 http://download.novell.com/patch/finder/?keywords=546d90cdf89ec25e98329eee8f67dd01 From sle-updates at lists.suse.com Mon Aug 13 11:08:38 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 13 Aug 2012 19:08:38 +0200 (CEST) Subject: SUSE-SU-2012:0984-1: important: Security update for MySQL Message-ID: <20120813170838.8105632234@maintenance.suse.de> SUSE Security Update: Security update for MySQL ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0984-1 Rating: important References: #765092 #769062 Cross-References: CVE-2012-2122 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. It includes one version update. Description: MySQL has been upgraded to version 5.0.96 to fix several vulnerabilities. Security Issue reference: * CVE-2012-2122 * CVE-2012-0075 * CVE-2012-0114 * CVE-2012-0490 * CVE-2012-0484 * CVE-2012-0102 * CVE-2012-0101 * CVE-2012-0087 * CVE-2009-5026 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-libmysqlclient-devel-6613 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-libmysqlclient-devel-6613 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-libmysqlclient-devel-6613 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-libmysqlclient-devel-6613 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-libmysqlclient-devel-6613 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-libmysqlclient-devel-6613 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-libmysqlclient-devel-6613 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 5.0.96]: libmysqlclient-devel-5.0.96-0.4.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64) [New Version: 5.0.96]: libmysqlclient_r15-32bit-5.0.96-0.4.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ia64) [New Version: 5.0.96]: libmysqlclient_r15-x86-5.0.96-0.4.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 5.0.96]: libmysqlclient-devel-5.0.96-0.4.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64) [New Version: 5.0.96]: libmysqlclient_r15-32bit-5.0.96-0.4.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (ia64) [New Version: 5.0.96]: libmysqlclient_r15-x86-5.0.96-0.4.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 5.0.96]: libmysqlclient15-5.0.96-0.4.1 libmysqlclient_r15-5.0.96-0.4.1 mysql-5.0.96-0.4.1 mysql-Max-5.0.96-0.4.1 mysql-client-5.0.96-0.4.1 mysql-tools-5.0.96-0.4.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 5.0.96]: libmysqlclient15-32bit-5.0.96-0.4.1 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 5.0.96]: libmysqlclient15-x86-5.0.96-0.4.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 5.0.96]: libmysqlclient15-5.0.96-0.4.1 libmysqlclient_r15-5.0.96-0.4.1 mysql-5.0.96-0.4.1 mysql-Max-5.0.96-0.4.1 mysql-client-5.0.96-0.4.1 mysql-tools-5.0.96-0.4.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64) [New Version: 5.0.96]: libmysqlclient15-32bit-5.0.96-0.4.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 5.0.96]: libmysqlclient15-5.0.96-0.4.1 libmysqlclient_r15-5.0.96-0.4.1 mysql-5.0.96-0.4.1 mysql-Max-5.0.96-0.4.1 mysql-client-5.0.96-0.4.1 mysql-tools-5.0.96-0.4.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64) [New Version: 5.0.96]: libmysqlclient15-32bit-5.0.96-0.4.1 - SUSE Linux Enterprise Server 11 SP1 (ia64) [New Version: 5.0.96]: libmysqlclient15-x86-5.0.96-0.4.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 5.0.96]: libmysqlclient15-5.0.96-0.4.1 libmysqlclient_r15-5.0.96-0.4.1 mysql-5.0.96-0.4.1 mysql-client-5.0.96-0.4.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 5.0.96]: libmysqlclient15-32bit-5.0.96-0.4.1 libmysqlclient_r15-32bit-5.0.96-0.4.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 5.0.96]: libmysqlclient15-5.0.96-0.4.1 libmysqlclient_r15-5.0.96-0.4.1 mysql-5.0.96-0.4.1 mysql-client-5.0.96-0.4.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64) [New Version: 5.0.96]: libmysqlclient15-32bit-5.0.96-0.4.1 libmysqlclient_r15-32bit-5.0.96-0.4.1 References: http://support.novell.com/security/cve/CVE-2012-2122.html https://bugzilla.novell.com/765092 https://bugzilla.novell.com/769062 http://download.novell.com/patch/finder/?keywords=35c5a59a35da626d86071585ee93fde8 From sle-updates at lists.suse.com Mon Aug 13 12:08:38 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 13 Aug 2012 20:08:38 +0200 (CEST) Subject: SUSE-SU-2012:0985-1: moderate: Security update for apache2-mod_python Message-ID: <20120813180838.5BBC0321ED@maintenance.suse.de> SUSE Security Update: Security update for apache2-mod_python ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0985-1 Rating: moderate References: #757549 Cross-References: CVE-2012-1150 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Apache2 mod_python has been changed to enable randomized hashes to help fixing denial of service problems by injecting prepared values into Python hash functions. (CVE-2012-1150) As some Python scripts might need a known hashing order, the old behaviour can be restored using a newly introduced module option called PythonRandomizeHashes The option is default on, but can be disabled if necessary for compatibility with above scripts. Security Issue reference: * CVE-2012-1150 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-apache2-mod_python-6247 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-apache2-mod_python-6247 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-apache2-mod_python-6247 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-apache2-mod_python-6247 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-apache2-mod_python-6247 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): apache2-mod_python-3.3.1-147.24.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64): apache2-mod_python-3.3.1-147.24.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): apache2-mod_python-3.3.1-147.24.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): apache2-mod_python-3.3.1-147.24.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): apache2-mod_python-3.3.1-147.24.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): apache2-mod_python-3.1.3-60.19.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): apache2-mod_python-3.1.3-60.19.1 References: http://support.novell.com/security/cve/CVE-2012-1150.html https://bugzilla.novell.com/757549 http://download.novell.com/patch/finder/?keywords=28bb91c1b76181613b0798dd122cc5ac http://download.novell.com/patch/finder/?keywords=8949716005409529da7f83d076b78ef7 From sle-updates at lists.suse.com Mon Aug 13 12:08:41 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 13 Aug 2012 20:08:41 +0200 (CEST) Subject: SUSE-RU-2012:0986-1: moderate: Recommended update for device-mapper Message-ID: <20120813180841.4702532248@maintenance.suse.de> SUSE Recommended Update: Recommended update for device-mapper ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0986-1 Rating: moderate References: #750496 #766187 #770200 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This collective update to LVM2 and device-mapper resolves the following issues: * Don't open a device for writing when not necessary. This minimizes the chance of failure when attempting to remove logical volumes (bnc#766187) * When an attempt to remove a logical volume fails because the device was busy, wait a bit more to see if it will be released by the current owner (bnc#766187) * Wait for all events in the udev queue to be handled before activating logical volumes (bnc#750496) * Rebuild the system's initial ramdisk (initrd) after installation (bnc#770200). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-lvm2-201207-6575 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-lvm2-201207-6575 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-lvm2-201207-6575 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-lvm2-201207-6575 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): device-mapper-devel-1.02.63-18.27.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): device-mapper-1.02.63-18.27.1 lvm2-2.02.84-3.33.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): device-mapper-32bit-1.02.63-18.27.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): device-mapper-1.02.63-18.27.1 lvm2-2.02.84-3.33.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): device-mapper-32bit-1.02.63-18.27.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): device-mapper-x86-1.02.63-18.27.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): device-mapper-1.02.63-18.27.1 lvm2-2.02.84-3.33.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): device-mapper-32bit-1.02.63-18.27.1 References: https://bugzilla.novell.com/750496 https://bugzilla.novell.com/766187 https://bugzilla.novell.com/770200 http://download.novell.com/patch/finder/?keywords=73969382302d584c74b26cd9976a676c From sle-updates at lists.suse.com Mon Aug 13 13:08:37 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 13 Aug 2012 21:08:37 +0200 (CEST) Subject: SUSE-SU-2012:0987-1: moderate: Security update for arpwatch Message-ID: <20120813190837.82E1C32247@maintenance.suse.de> SUSE Security Update: Security update for arpwatch ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0987-1 Rating: moderate References: #764521 Cross-References: CVE-2012-2653 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: arpwatch was improperly dropping its privileges. This has been fixed. Security Issue reference: * CVE-2012-2653 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-arpwatch-6570 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-arpwatch-6570 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-arpwatch-6570 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-arpwatch-6570 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-arpwatch-6570 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): arpwatch-ethercodes-build-2.1a15-131.23.2.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): arpwatch-ethercodes-build-2.1a15-131.23.2.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): arpwatch-2.1a15-131.23.2.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): arpwatch-2.1a15-131.23.2.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): arpwatch-2.1a15-131.23.2.1 References: http://support.novell.com/security/cve/CVE-2012-2653.html https://bugzilla.novell.com/764521 http://download.novell.com/patch/finder/?keywords=a181e98d3d045bfca8ffda670ddb0d79 From sle-updates at lists.suse.com Mon Aug 13 14:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 13 Aug 2012 22:08:33 +0200 (CEST) Subject: SUSE-SU-2012:0988-1: moderate: Security update for bash Message-ID: <20120813200833.E8AC632247@maintenance.suse.de> SUSE Security Update: Security update for bash ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0988-1 Rating: moderate References: #770795 Cross-References: CVE-2012-3410 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: Parsing the /dev/fd prefix could have lead to a stack-based buffer overflow which could have been exploited by attackers to bypass security restrictions. This has been fixed. Security Issue reference: * CVE-2012-3410 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-bash-6541 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-bash-6541 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-bash-6541 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-bash-6541 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-bash-6541 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-bash-6541 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-bash-6541 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): readline-devel-5.2-147.12.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): readline-devel-32bit-5.2-147.12.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64): libreadline5-5.2-147.12.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): readline-devel-5.2-147.12.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64): readline-devel-32bit-5.2-147.12.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64): libreadline5-5.2-147.12.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): bash-3.2-147.12.1 bash-doc-3.2-147.12.1 libreadline5-5.2-147.12.1 readline-doc-5.2-147.12.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libreadline5-32bit-5.2-147.12.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): bash-x86-3.2-147.12.1 libreadline5-x86-5.2-147.12.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): bash-3.2-147.12.1 bash-doc-3.2-147.12.1 libreadline5-5.2-147.12.1 readline-doc-5.2-147.12.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): libreadline5-32bit-5.2-147.12.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): bash-3.2-147.12.1 bash-doc-3.2-147.12.1 libreadline5-5.2-147.12.1 readline-doc-5.2-147.12.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64): libreadline5-32bit-5.2-147.12.1 - SUSE Linux Enterprise Server 11 SP1 (ia64): bash-x86-3.2-147.12.1 libreadline5-x86-5.2-147.12.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc ppc64 s390x x86_64): bash-3.1-24.30.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): readline-5.1-24.30.1 readline-devel-5.1-24.30.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): readline-32bit-5.1-24.30.1 readline-devel-32bit-5.1-24.30.1 - SUSE Linux Enterprise Server 10 SP4 (ia64): bash-x86-3.1-24.30.1 readline-x86-5.1-24.30.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): readline-64bit-5.1-24.30.1 readline-devel-64bit-5.1-24.30.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): bash-3.2-147.12.1 bash-doc-3.2-147.12.1 libreadline5-5.2-147.12.1 readline-doc-5.2-147.12.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libreadline5-32bit-5.2-147.12.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): bash-3.2-147.12.1 bash-doc-3.2-147.12.1 libreadline5-5.2-147.12.1 readline-doc-5.2-147.12.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): libreadline5-32bit-5.2-147.12.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): bash-3.1-24.30.1 readline-5.1-24.30.1 readline-devel-5.1-24.30.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): readline-32bit-5.1-24.30.1 readline-devel-32bit-5.1-24.30.1 References: http://support.novell.com/security/cve/CVE-2012-3410.html https://bugzilla.novell.com/770795 http://download.novell.com/patch/finder/?keywords=9f2f628509b07725b6cc9d5d8f9ede1a http://download.novell.com/patch/finder/?keywords=c3e9a373f5df9b9efa73a076b434ff96 From sle-updates at lists.suse.com Tue Aug 14 11:08:39 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 14 Aug 2012 19:08:39 +0200 (CEST) Subject: SUSE-SU-2012:0989-1: moderate: Security update for libpng Message-ID: <20120814170839.6F59532248@maintenance.suse.de> SUSE Security Update: Security update for libpng ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0989-1 Rating: moderate References: #772760 Cross-References: CVE-2012-3425 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: An integer overflow has been fixed in libpng. Security Issue reference: * CVE-2012-3425 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-libpng-devel-6596 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-libpng-devel-6596 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-libpng-devel-6596 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-libpng-devel-6596 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-libpng-devel-6596 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-libpng-devel-6596 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-libpng-devel-6596 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libpng-devel-1.2.31-5.31.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): libpng-devel-32bit-1.2.31-5.31.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): libpng-devel-1.2.31-5.31.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64): libpng-devel-32bit-1.2.31-5.31.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libpng12-0-1.2.31-5.31.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libpng12-0-32bit-1.2.31-5.31.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libpng12-0-x86-1.2.31-5.31.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): libpng12-0-1.2.31-5.31.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): libpng12-0-32bit-1.2.31-5.31.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): libpng12-0-1.2.31-5.31.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64): libpng12-0-32bit-1.2.31-5.31.1 - SUSE Linux Enterprise Server 11 SP1 (ia64): libpng12-0-x86-1.2.31-5.31.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): libpng-1.2.8-19.37.24 libpng-devel-1.2.8-19.37.24 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): libpng-32bit-1.2.8-19.37.24 libpng-devel-32bit-1.2.8-19.37.24 - SUSE Linux Enterprise Server 10 SP4 (ia64): libpng-x86-1.2.8-19.37.24 - SUSE Linux Enterprise Server 10 SP4 (ppc): libpng-64bit-1.2.8-19.37.24 libpng-devel-64bit-1.2.8-19.37.24 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libpng-devel-1.2.31-5.31.1 libpng12-0-1.2.31-5.31.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libpng12-0-32bit-1.2.31-5.31.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): libpng-devel-1.2.31-5.31.1 libpng12-0-1.2.31-5.31.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): libpng12-0-32bit-1.2.31-5.31.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): libpng-1.2.8-19.37.24 libpng-devel-1.2.8-19.37.24 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): libpng-32bit-1.2.8-19.37.24 libpng-devel-32bit-1.2.8-19.37.24 References: http://support.novell.com/security/cve/CVE-2012-3425.html https://bugzilla.novell.com/772760 http://download.novell.com/patch/finder/?keywords=d28a28a6c5a99b45c2846df8de89474e http://download.novell.com/patch/finder/?keywords=ee829997acb6ea8605d61043117319b5 From sle-updates at lists.suse.com Tue Aug 14 13:08:36 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 14 Aug 2012 21:08:36 +0200 (CEST) Subject: SUSE-RU-2012:0990-1: Recommended update for ocfs2-tools Message-ID: <20120814190838.16E063223E@maintenance.suse.de> SUSE Recommended Update: Recommended update for ocfs2-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0990-1 Rating: low References: #727784 #758877 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP2 SUSE Linux Enterprise High Availability Extension 11 SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update to ocfs2-tools brings the following improvements: * Support for block32 and block64 journal options in tunefs.ocfs2 (bnc#727784) * Fix mounted.ocfs2 to show node number instead of "Unknown" (bnc#758877). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-ocfs2-tools-6668 - SUSE Linux Enterprise High Availability Extension 11 SP1: zypper in -t patch sleshasp1-ocfs2-tools-6292 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64): ocfs2-tools-1.6.4-0.9.33 ocfs2-tools-devel-1.6.4-0.9.33 ocfs2-tools-o2cb-1.6.4-0.9.33 ocfs2console-1.6.4-0.9.33 - SUSE Linux Enterprise High Availability Extension 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.6.4]: ocfs2-tools-1.6.4-0.9.1 ocfs2-tools-devel-1.6.4-0.9.1 ocfs2-tools-o2cb-1.6.4-0.9.1 ocfs2console-1.6.4-0.9.1 References: https://bugzilla.novell.com/727784 https://bugzilla.novell.com/758877 http://download.novell.com/patch/finder/?keywords=1bae4741e9f9a09b1096ed65be924f90 http://download.novell.com/patch/finder/?keywords=ba061fef57e133ac0026e180f8ba5b24 From sle-updates at lists.suse.com Thu Aug 16 08:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 16 Aug 2012 16:08:31 +0200 (CEST) Subject: SUSE-RU-2012:0995-1: moderate: Recommended update for mdadm Message-ID: <20120816140833.C18B1321E9@maintenance.suse.de> SUSE Recommended Update: Recommended update for mdadm ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0995-1 Rating: moderate References: #758094 #763275 #763277 #763448 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has four recommended fixes can now be installed. Description: This update to mdadm resolves the following issue: * Make sure aligned writes of bitmap come from an aligned buffer, otherwise creating a bitmap will fail (bnc#758094). It also brings some improvements to Intel IMSM metadata handling: * Ensure volume limits are preserved (bnc#763275) * Ensure the second array uses all available space as required (bnc#763277) * Ensure RAID0 chunksize migration leaves the array as a RAID0 (bnc#763448). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-mdadm-6396 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-mdadm-6396 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-mdadm-6396 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): mdadm-3.2.2-0.37.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): mdadm-3.2.2-0.37.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): mdadm-3.2.2-0.37.1 References: https://bugzilla.novell.com/758094 https://bugzilla.novell.com/763275 https://bugzilla.novell.com/763277 https://bugzilla.novell.com/763448 http://download.novell.com/patch/finder/?keywords=f97171bbcf617a691ee4586e44a4bcb4 From sle-updates at lists.suse.com Thu Aug 16 11:08:39 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 16 Aug 2012 19:08:39 +0200 (CEST) Subject: SUSE-SU-2012:0997-1: moderate: Security update for libjpeg Message-ID: <20120816170840.23F9E32246@maintenance.suse.de> SUSE Security Update: Security update for libjpeg ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0997-1 Rating: moderate References: #771791 Cross-References: CVE-2012-2806 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update to libjpeg fixes a heap overflow in the JPEG decompression functions. (CVE-2012-2806 ) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-jpeg-6586 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-jpeg-6586 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-jpeg-6586 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-jpeg-6586 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-jpeg-6586 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-jpeg-6586 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-jpeg-6586 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libjpeg-devel-6.2.0-879.12.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 s390x x86_64): libjpeg-devel-32bit-6.2.0-879.12.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): libjpeg-devel-6.2.0-879.12.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64): libjpeg-devel-32bit-6.2.0-879.12.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): jpeg-6b-879.12.1 libjpeg-6.2.0-879.12.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libjpeg-32bit-6.2.0-879.12.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libjpeg-x86-6.2.0-879.12.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): jpeg-6b-879.12.1 libjpeg-6.2.0-879.12.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): libjpeg-32bit-6.2.0-879.12.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): jpeg-6b-879.12.1 libjpeg-6.2.0-879.12.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64): libjpeg-32bit-6.2.0-879.12.1 - SUSE Linux Enterprise Server 11 SP1 (ia64): libjpeg-x86-6.2.0-879.12.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): jpeg-6b-752.8.45 libjpeg-6.2.0-752.8.45 libjpeg-devel-6.2.0-18.8.45 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64): libjpeg-32bit-6.2.0-752.8.45 libjpeg-devel-32bit-6.2.0-18.8.45 - SUSE Linux Enterprise Server 10 SP4 (ia64): libjpeg-x86-6.2.0-752.8.45 - SUSE Linux Enterprise Server 10 SP4 (ppc): libjpeg-64bit-6.2.0-752.8.45 libjpeg-devel-64bit-6.2.0-18.8.45 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): jpeg-6b-879.12.1 libjpeg-6.2.0-879.12.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libjpeg-32bit-6.2.0-879.12.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): jpeg-6b-879.12.1 libjpeg-6.2.0-879.12.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): libjpeg-32bit-6.2.0-879.12.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): jpeg-6b-752.8.45 libjpeg-6.2.0-752.8.45 libjpeg-devel-6.2.0-18.8.45 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64): libjpeg-32bit-6.2.0-752.8.45 libjpeg-devel-32bit-6.2.0-18.8.45 References: http://support.novell.com/security/cve/CVE-2012-2806.html https://bugzilla.novell.com/771791 http://download.novell.com/patch/finder/?keywords=30382ed87257d139959fb1fad29dd127 http://download.novell.com/patch/finder/?keywords=93ef07584e8267eac2fbd3642ae99254 From sle-updates at lists.suse.com Thu Aug 16 17:08:25 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Aug 2012 01:08:25 +0200 (CEST) Subject: SUSE-RU-2012:0998-1: Recommended update for ipmitool Message-ID: <20120816230825.2733332245@maintenance.suse.de> SUSE Recommended Update: Recommended update for ipmitool ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:0998-1 Rating: low References: #761203 #767413 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This collective update to ipmitool resolves the following issues: * Retrieve and print sensor data records (sdr) correctly (bnc#761203) * Do not crash in fru command if the lanplus password is wrong (bnc#767413). Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-ipmitool-6546 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-ipmitool-6546 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-ipmitool-6560 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-ipmitool-6560 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-ipmitool-6546 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-ipmitool-6560 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): ipmitool-1.8.11-0.18.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): ipmitool-1.8.11-0.18.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): ipmitool-1.8.11-0.13.8.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): ipmitool-1.8.11-0.13.8.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): ipmitool-1.8.11-0.18.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): ipmitool-1.8.11-0.13.8.1 References: https://bugzilla.novell.com/761203 https://bugzilla.novell.com/767413 http://download.novell.com/patch/finder/?keywords=8b163439478a7ffc26f55090b76bc208 http://download.novell.com/patch/finder/?keywords=e12e4c740ea1d5b7a16c70123f0a2a4b From sle-updates at lists.suse.com Fri Aug 17 08:08:26 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Aug 2012 16:08:26 +0200 (CEST) Subject: SUSE-SU-2012:1001-1: important: Security update for flash-player Message-ID: <20120817140826.CA1AB32248@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1001-1 Rating: important References: #775986 Cross-References: CVE-2012-1535 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: This update of flash-player fixes a security issue that could allow attackers to execute arbitrary code remotely. (CVE-2012-1535 ) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-flash-player-6678 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-flash-player-6678 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 11.2.202.238]: flash-player-11.2.202.238-0.3.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 11.2.202.238]: flash-player-11.2.202.238-0.3.1 References: http://support.novell.com/security/cve/CVE-2012-1535.html https://bugzilla.novell.com/775986 http://download.novell.com/patch/finder/?keywords=69ad427c45a606a21500c688ffe72299 From sle-updates at lists.suse.com Fri Aug 17 12:08:36 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Aug 2012 20:08:36 +0200 (CEST) Subject: SUSE-SU-2012:1002-1: moderate: Security update for dhcp Message-ID: <20120817180836.9947932247@maintenance.suse.de> SUSE Security Update: Security update for dhcp ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1002-1 Rating: moderate References: #762108 #767661 #770236 #772924 Cross-References: CVE-2012-3570 CVE-2012-3571 CVE-2012-3954 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. It includes one version update. Description: This update provides dhcp 4.2.4-p1, which fixes the dhcpv6 server crashing while accessing the lease on heap and provides the following additional fixes: * Security fixes: o Previously the server code was relaxed to allow packets with zero length client ids to be processed. Under some situations use of zero length client ids can cause the server to go into an infinite loop. As such ids are not valid according to RFC 2132 section 9.14 the server no longer accepts them. Client ids with a length of 1 are also invalid but the server still accepts them in order to minimize disruption. The restriction will likely be tightened in the future to disallow ids with a length of 1. (ISC-Bugs #29851, CVE-2012-3571 ) o When attempting to convert a DUID from a client id option into a hardware address handle unexpected client ids properly. (ISC-Bugs #29852, CVE-2012-3570 ) o A pair of memory leaks were found and fixed. (ISC-Bugs #30024, CVE-2012-3954 ) * Further upstream fixes: o Moved lease file check to a separate action so it is not used in restart -- it can fail when the daemon rewrites the lease causing a restart failure then. o Request dhcp6.sntp-servers in /etc/dhclient6.conf and forward to netconfig for processing. o Rotate the lease file when running in v6 mode. (ISC-Bugs #24887) o Fixed the code that checks if an address the server is planning to hand out is in a reserved range. This would appear as the server being out of addresses in pools with particular ranges. (ISC-Bugs #26498) o In the DDNS code handle error conditions more gracefully and add more logging code. The major change is to handle unexpected cancel events from the DNS client code. (ISC-Bugs #26287) o Tidy up the receive calls and eliminate the need for found_pkt. (ISC-Bugs #25066) o Add support for Infiniband over sockets to the server and relay code. o Modify the code that determines if an outstanding DDNS request should be cancelled. This patch results in cancelling the outstanding request less often. It fixes the problem caused by a client doing a release where the TXT and PTR records weren't removed from the DNS. (ISC-BUGS #27858) o Remove outdated note in the description of the bootp keyword about the option not satisfying the requirement of failover peers for denying dynamic bootp clients. (ISC-bugs #28574) o Multiple items to clean up IPv6 address processing. When processing an IA that we've seen check to see if the addresses are usable (not in use by somebody else) before handing it out. When reading in leases from the file discard expired addresses. When picking an address for a client include the IA ID in addition to the client ID to generally pick different addresses for different IAs. (ISC-Bugs #23138, #27945, #25586, #27684) o Remove unnecessary checks in the lease query code and clean up several compiler issues (some dereferences of NULL and treating an int as a boolean). (ISC-Bugs #26203) o Fix the NA and PD allocation code to handle the case where a client provides a preference and the server doesn't have any addresses or prefixes available. Previoulsy the server ignored the request with this patch it replies with a NoAddrsAvail or NoPrefixAvail response. By default the code performs according to the errata of August 2010 for RFC 3315 section 17.2.2; to enable the previous style see the section on RFC3315_PRE_ERRATA_2010_08 in includes/site.h. o Fix up some issues found by static analysis. A potential memory leak and NULL dereference in omapi. The use of a boolean test instead of a bitwise test in dst. (ISC-Bugs #28941) In addition, the dhcp-server init script now checks the syntax prior restarting the daemon to avoid stopping of the daemon when a start would fail. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-dhcp-6606 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-dhcp-6606 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-dhcp-6606 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-dhcp-6606 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 4.2.4.P1]: dhcp-devel-4.2.4.P1-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 4.2.4.P1]: dhcp-4.2.4.P1-0.5.1 dhcp-client-4.2.4.P1-0.5.1 dhcp-relay-4.2.4.P1-0.5.1 dhcp-server-4.2.4.P1-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 4.2.4.P1]: dhcp-4.2.4.P1-0.5.1 dhcp-client-4.2.4.P1-0.5.1 dhcp-relay-4.2.4.P1-0.5.1 dhcp-server-4.2.4.P1-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 4.2.4.P1]: dhcp-4.2.4.P1-0.5.1 dhcp-client-4.2.4.P1-0.5.1 References: http://support.novell.com/security/cve/CVE-2012-3570.html http://support.novell.com/security/cve/CVE-2012-3571.html http://support.novell.com/security/cve/CVE-2012-3954.html https://bugzilla.novell.com/762108 https://bugzilla.novell.com/767661 https://bugzilla.novell.com/770236 https://bugzilla.novell.com/772924 http://download.novell.com/patch/finder/?keywords=be5649bf71f404d2c7566610f48e0de9 From sle-updates at lists.suse.com Fri Aug 17 12:08:40 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Aug 2012 20:08:40 +0200 (CEST) Subject: SUSE-SU-2012:1003-1: moderate: Security update for dhcp Message-ID: <20120817180840.8B85F32249@maintenance.suse.de> SUSE Security Update: Security update for dhcp ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1003-1 Rating: moderate References: #762108 #772924 Cross-References: CVE-2012-3571 CVE-2012-3954 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update of dhcp fixes two security vulnerabilities: * Malformed client identifiers could cause a Denial of Service (excessive CPU consumption), effectively causing further client requests to not be processed anymore. (CVE-2012-3571 ) * Two unspecified memory leaks. (CVE-2012-3954 ) Additionally, the following issues were fixed: * The init script of dhcp-server was fixed to check syntax and fail on force-reload and restart to avoid stopping of running daemon followed by start failure * Added libgcc_s.so to chroot, so the server can report an assert/crash line. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-dhcp-6671 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-dhcp-6671 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-dhcp-6671 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-dhcp-6671 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): dhcp-devel-3.1.3.ESV-0.17.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): dhcp-3.1.3.ESV-0.17.1 dhcp-client-3.1.3.ESV-0.17.1 dhcp-relay-3.1.3.ESV-0.17.1 dhcp-server-3.1.3.ESV-0.17.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): dhcp-3.1.3.ESV-0.17.1 dhcp-client-3.1.3.ESV-0.17.1 dhcp-relay-3.1.3.ESV-0.17.1 dhcp-server-3.1.3.ESV-0.17.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): dhcp-3.1.3.ESV-0.17.1 dhcp-client-3.1.3.ESV-0.17.1 References: http://support.novell.com/security/cve/CVE-2012-3571.html http://support.novell.com/security/cve/CVE-2012-3954.html https://bugzilla.novell.com/762108 https://bugzilla.novell.com/772924 http://download.novell.com/patch/finder/?keywords=d156af3089e2b598ebfd935dab1da3ab From sle-updates at lists.suse.com Fri Aug 17 13:08:37 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Aug 2012 21:08:37 +0200 (CEST) Subject: SUSE-RU-2012:1004-1: Recommended update for sysconfig Message-ID: <20120817190837.7D39232248@maintenance.suse.de> SUSE Recommended Update: Recommended update for sysconfig ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1004-1 Rating: low References: #745252 #753387 #754154 #763533 #771615 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: This update to sysconfig resolves the following issues: * In the network initialization script, do not check the renamed-flag when the udev daemon is not running. This is common inside Linux Containers (LXC) and caused failures to start the network. * In the ifup-bridge script, apply STP constrains when STP is enabled. * In the ifrenew-dhcp script, use dhcp client's (dhcpcd) built-in option --renew to renew leases. * In the ifup-route script, do not force a dummy gateway for multicast routes (bnc#754154) and use the -4/-6 options correctly. * Differentiate ib, ibchild and bond types and stop ib-bond interfaces correctly. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-sysconfig-6583 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-sysconfig-6583 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-sysconfig-6583 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): sysconfig-0.71.47-0.9.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): sysconfig-0.71.47-0.9.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): sysconfig-0.71.47-0.9.1 References: https://bugzilla.novell.com/745252 https://bugzilla.novell.com/753387 https://bugzilla.novell.com/754154 https://bugzilla.novell.com/763533 https://bugzilla.novell.com/771615 http://download.novell.com/patch/finder/?keywords=4379db215e29f5c59b469787b97646a1 From sle-updates at lists.suse.com Fri Aug 17 13:08:39 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Aug 2012 21:08:39 +0200 (CEST) Subject: SUSE-SU-2012:1005-1: moderate: Security update for dhcp Message-ID: <20120817190839.4A04132248@maintenance.suse.de> SUSE Security Update: Security update for dhcp ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1005-1 Rating: moderate References: #772924 Cross-References: CVE-2012-3571 CVE-2012-3954 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update of dhcp fixed two security vulnerabilities: * Malformed client identifiers could cause a Denial of Service (excessive CPU consumption), effectively causing further client requests to not be processed anymore. (CVE-2012-3571 ) * Two unspecified memory leaks. (CVE-2012-3954 ) Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): dhcp-3.0.7-7.17.1 dhcp-client-3.0.7-7.17.1 dhcp-devel-3.0.7-7.17.1 dhcp-relay-3.0.7-7.17.1 dhcp-server-3.0.7-7.17.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): dhcp-3.0.7-7.17.1 dhcp-client-3.0.7-7.17.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): dhcp-devel-3.0.7-7.17.1 dhcp-relay-3.0.7-7.17.1 dhcp-server-3.0.7-7.17.1 References: http://support.novell.com/security/cve/CVE-2012-3571.html http://support.novell.com/security/cve/CVE-2012-3954.html https://bugzilla.novell.com/772924 http://download.novell.com/patch/finder/?keywords=da94d5b3d48594aadd850e6fdb67f6f2 From sle-updates at lists.suse.com Fri Aug 17 13:08:41 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 17 Aug 2012 21:08:41 +0200 (CEST) Subject: SUSE-SU-2012:1001-2: important: Security update for flash-player Message-ID: <20120817190841.185D532248@maintenance.suse.de> SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1001-2 Rating: important References: #775986 Cross-References: CVE-2012-1535 Affected Products: SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: This update of flash-player fixes a security issue that could allow attackers to execute arbitrary code remotely. (CVE-2012-1535 ) Package List: - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 11.2.202.238]: flash-player-11.2.202.238-0.5.1 References: http://support.novell.com/security/cve/CVE-2012-1535.html https://bugzilla.novell.com/775986 http://download.novell.com/patch/finder/?keywords=288a9919aa9137400b6d0a7a6164cd2f From sle-updates at lists.suse.com Mon Aug 20 11:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 20 Aug 2012 19:08:35 +0200 (CEST) Subject: SUSE-RU-2012:1007-1: Recommended update for opensm Message-ID: <20120820170835.C6C0C32248@maintenance.suse.de> SUSE Recommended Update: Recommended update for opensm ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1007-1 Rating: low References: #721864 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for opensm fixes a failure of the opensm daemon to start when multiple ports are available and the active port was not selected manually. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-opensm-6577 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-opensm-6576 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-opensm-6577 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-opensm-6577 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-opensm-6576 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-opensm-6576 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 x86_64): opensm-devel-3.3.7-0.14.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64 x86_64): opensm-devel-32bit-3.3.7-0.14.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 x86_64): opensm-devel-3.3.7-0.9.9.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 x86_64): opensm-devel-32bit-3.3.7-0.9.9.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64): opensm-3.3.7-0.9.9.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (x86_64): opensm-32bit-3.3.7-0.9.9.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (ia64): opensm-x86-3.3.7-0.9.9.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): opensm-3.3.7-0.14.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64): opensm-32bit-3.3.7-0.14.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 x86_64): opensm-3.3.7-0.14.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 x86_64): opensm-32bit-3.3.7-0.14.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): opensm-3.3.7-0.9.9.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): opensm-32bit-3.3.7-0.9.9.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 x86_64): opensm-3.3.7-0.9.9.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 x86_64): opensm-32bit-3.3.7-0.9.9.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc x86_64): opensm-3.3.7-0.12.1 opensm-devel-3.3.7-0.12.1 - SUSE Linux Enterprise Server 10 SP4 (x86_64): opensm-32bit-3.3.7-0.12.1 opensm-devel-32bit-3.3.7-0.12.1 - SUSE Linux Enterprise Server 10 SP4 (ia64): opensm-x86-3.3.7-0.12.1 - SUSE Linux Enterprise Server 10 SP4 (ppc): opensm-64bit-3.3.7-0.12.1 opensm-devel-64bit-3.3.7-0.12.1 References: https://bugzilla.novell.com/721864 http://download.novell.com/patch/finder/?keywords=8a5841c8ffdafed3e4a46232d7892f44 http://download.novell.com/patch/finder/?keywords=a2306ebad9979d82d24c115da5c0b837 http://download.novell.com/patch/finder/?keywords=aa1de846bc8636a31e4f246fd754d2a3 From sle-updates at lists.suse.com Mon Aug 20 11:08:37 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 20 Aug 2012 19:08:37 +0200 (CEST) Subject: SUSE-RU-2012:1008-1: moderate: Recommended update for sysvinit Message-ID: <20120820170837.750FA32248@maintenance.suse.de> SUSE Recommended Update: Recommended update for sysvinit ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1008-1 Rating: moderate References: #757643 Affected Products: SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to sysvinit increases the daemon detection time in startproc to give started processes enough time to detach from the controlling terminal and run in background. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-sysvinit-6666 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-sysvinit-6666 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-sysvinit-6666 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): sysvinit-2.86-208.206.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): sysvinit-2.86-208.206.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): sysvinit-2.86-208.206.1 References: https://bugzilla.novell.com/757643 http://download.novell.com/patch/finder/?keywords=eb236d2364436a8c6fbee28444e9bf56 From sle-updates at lists.suse.com Tue Aug 21 09:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Aug 2012 17:08:29 +0200 (CEST) Subject: SUSE-RU-2012:1009-1: moderate: Recommended update for oracleasm Message-ID: <20120821150829.8044E32248@maintenance.suse.de> SUSE Recommended Update: Recommended update for oracleasm ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1009-1 Rating: moderate References: #769971 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to oracleasm resolves a kernel error message when the module gets unloaded. Indications: Every oracleasm user should update. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-oracleasm-6661 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-oracleasm-6661 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): oracleasm-2.0.5-7.26.3 oracleasm-kmp-default-2.0.5_3.0.38_0.5-7.26.3 oracleasm-kmp-trace-2.0.5_3.0.38_0.5-7.26.3 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586): oracleasm-kmp-pae-2.0.5_3.0.38_0.5-7.26.3 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): oracleasm-2.0.5-7.26.3 oracleasm-kmp-default-2.0.5_3.0.38_0.5-7.26.3 oracleasm-kmp-trace-2.0.5_3.0.38_0.5-7.26.3 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): oracleasm-kmp-xen-2.0.5_3.0.38_0.5-7.26.3 - SUSE Linux Enterprise Server 11 SP2 (ppc64): oracleasm-kmp-ppc64-2.0.5_3.0.38_0.5-7.26.3 - SUSE Linux Enterprise Server 11 SP2 (i586): oracleasm-kmp-pae-2.0.5_3.0.38_0.5-7.26.3 References: https://bugzilla.novell.com/769971 http://download.novell.com/patch/finder/?keywords=5b4b75c4d00bf1e6a862594a2b97ff29 From sle-updates at lists.suse.com Tue Aug 21 09:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Aug 2012 17:08:30 +0200 (CEST) Subject: SUSE-OU-2012:1010-1: moderate: Optional update for drbd-kmp-trace Message-ID: <20120821150830.DF1B132248@maintenance.suse.de> SUSE Optional Update: Optional update for drbd-kmp-trace ______________________________________________________________________________ Announcement ID: SUSE-OU-2012:1010-1 Rating: moderate References: #775062 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP2 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This updates the drbd-kmp-trace flavour module to match the current trace kernel exported kabi. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-drbd-kmp-trace-6686 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64): drbd-kmp-trace-8.4.1_3.0.38_0.5-0.15.1 References: https://bugzilla.novell.com/775062 http://download.novell.com/patch/finder/?keywords=3c53afb324f54c64ba3a1b9fbbc024c1 From sle-updates at lists.suse.com Tue Aug 21 11:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Aug 2012 19:08:35 +0200 (CEST) Subject: SUSE-SU-2012:1011-1: important: Security update for rubygem-activerecord Message-ID: <20120821170835.DFA2832249@maintenance.suse.de> SUSE Security Update: Security update for rubygem-activerecord ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1011-1 Rating: important References: #766792 Cross-References: CVE-2012-2695 Affected Products: WebYaST [Appliance - Tools] SUSE Linux Enterprise Software Development Kit 11 SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: This update to rubygem-activerecord fixes a SQL injection caused by mishandling nested parameters . ( CVE-2012-2695 ) Indications: Everyone using rubygem-activerecord should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - WebYaST [Appliance - Tools]: zypper in -t patch slewystsp1-rubygem-activerecord-2_3-6620 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-rubygem-activerecord-2_3-6620 To bring your system up-to-date, use "zypper patch". Package List: - WebYaST [Appliance - Tools] (i586 ia64 ppc64 s390x x86_64) [New Version: 2.3.14]: rubygem-activerecord-2_3-2.3.14-0.7.6.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.3.14]: rubygem-activerecord-2_3-2.3.14-0.7.6.1 References: http://support.novell.com/security/cve/CVE-2012-2695.html https://bugzilla.novell.com/766792 http://download.novell.com/patch/finder/?keywords=f213753c3fb3cf96e214395b714e0ff1 From sle-updates at lists.suse.com Tue Aug 21 11:08:37 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Aug 2012 19:08:37 +0200 (CEST) Subject: SUSE-SU-2012:1012-1: important: Security update for rubygem-actionpack Message-ID: <20120821170838.17E8E32249@maintenance.suse.de> SUSE Security Update: Security update for rubygem-actionpack ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1012-1 Rating: important References: #765097 #766791 Cross-References: CVE-2012-2660 CVE-2012-2661 CVE-2012-2694 CVE-2012-2695 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update to rubygem-actionpack fixes two unsafe query generations with "IS NULL" in the WHERE clause. (CVE-2012-2660 , CVE-2012-2694 ) Indications: Everyone using rubygem-actionpack should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-rubygem-actionpack-2_3-6630 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): rubygem-actionpack-2_3-2.3.14-0.10.1 References: http://support.novell.com/security/cve/CVE-2012-2660.html http://support.novell.com/security/cve/CVE-2012-2661.html http://support.novell.com/security/cve/CVE-2012-2694.html http://support.novell.com/security/cve/CVE-2012-2695.html https://bugzilla.novell.com/765097 https://bugzilla.novell.com/766791 http://download.novell.com/patch/finder/?keywords=2f5d4cde838678b72eb3a71ff9624a5c From sle-updates at lists.suse.com Tue Aug 21 11:08:40 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Aug 2012 19:08:40 +0200 (CEST) Subject: SUSE-SU-2012:1013-1: important: Security update for java-1_4_2-ibm-sap Message-ID: <20120821170840.34FE032249@maintenance.suse.de> SUSE Security Update: Security update for java-1_4_2-ibm-sap ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1013-1 Rating: important References: #768611 Affected Products: SUSE Linux Enterprise for SAP Applications 11 SP2 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: IBM Java 1.4.2 SR13 FP12 has been released which fixes various bugs and security issues. The CVEs being addressed are CVE-2011-3563 , CVE-2012-0499 , CVE-2012-0502 , CVE-2012-0503 , CVE-2012-0505 and CVE-2012-0506 . Further information on this update is available from http://www.ibm.com/developerworks/java/jdk/alerts/ . Indications: Everyone using java-1_4_2-sap should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise for SAP Applications 11 SP2: zypper in -t patch slesapp2-java-1_4_2-ibm-sap-6637 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise for SAP Applications 11 SP2 (x86_64): java-1_4_2-ibm-sap-1.4.2_sr13.12-0.3.1 java-1_4_2-ibm-sap-devel-1.4.2_sr13.12-0.3.1 References: https://bugzilla.novell.com/768611 http://download.novell.com/patch/finder/?keywords=f91fba551e97a31809b6ccaf5acae74f From sle-updates at lists.suse.com Tue Aug 21 12:08:26 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Aug 2012 20:08:26 +0200 (CEST) Subject: SUSE-SU-2012:1014-1: important: Security update for rubygem-activerecord Message-ID: <20120821180827.4F24932245@maintenance.suse.de> SUSE Security Update: Security update for rubygem-activerecord ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1014-1 Rating: important References: #766792 Cross-References: CVE-2012-2660 CVE-2012-2661 CVE-2012-2694 CVE-2012-2695 Affected Products: WebYaST 1.2 SUSE Studio Standard Edition 1.2 SUSE Studio Onsite 1.2 SUSE Studio Extension for System z 1.2 SUSE Linux Enterprise Software Development Kit 11 SP2 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. It includes one version update. Description: This update to rubygem-activerecord fixes a SQL injection caused by mishandling nested parameters . ( CVE-2012-2695 ) Indications: Everyone using rubygem-activerecord should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - WebYaST 1.2: zypper in -t patch slewyst12-rubygem-activerecord-2_3-6633 - SUSE Studio Standard Edition 1.2: zypper in -t patch sleslms12-rubygem-activerecord-2_3-6633 - SUSE Studio Onsite 1.2: zypper in -t patch slestso12-rubygem-activerecord-2_3-6633 - SUSE Studio Extension for System z 1.2: zypper in -t patch slestso12-rubygem-activerecord-2_3-6633 - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-rubygem-activerecord-2_3-6632 To bring your system up-to-date, use "zypper patch". Package List: - WebYaST 1.2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.3.14]: rubygem-activerecord-2_3-2.3.14-0.7.6.1 - SUSE Studio Standard Edition 1.2 (x86_64) [New Version: 2.3.14]: rubygem-activerecord-2_3-2.3.14-0.7.6.1 - SUSE Studio Onsite 1.2 (x86_64) [New Version: 2.3.14]: rubygem-activerecord-2_3-2.3.14-0.7.6.1 - SUSE Studio Extension for System z 1.2 (s390x) [New Version: 2.3.14]: rubygem-activerecord-2_3-2.3.14-0.7.6.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): rubygem-activerecord-2_3-2.3.14-0.10.1 References: http://support.novell.com/security/cve/CVE-2012-2660.html http://support.novell.com/security/cve/CVE-2012-2661.html http://support.novell.com/security/cve/CVE-2012-2694.html http://support.novell.com/security/cve/CVE-2012-2695.html https://bugzilla.novell.com/766792 http://download.novell.com/patch/finder/?keywords=4db5459b2ac69e20925f9e05cfc5777d http://download.novell.com/patch/finder/?keywords=61bc7e2d0afb2e10760ccbe026e48bd2 From sle-updates at lists.suse.com Tue Aug 21 12:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Aug 2012 20:08:29 +0200 (CEST) Subject: SUSE-SU-2012:1015-1: important: Security update for rubygem-actionpack Message-ID: <20120821180829.0E6163224B@maintenance.suse.de> SUSE Security Update: Security update for rubygem-actionpack ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1015-1 Rating: important References: #765097 #766791 Cross-References: CVE-2012-2660 CVE-2012-2694 Affected Products: WebYaST [Appliance - Tools] WebYaST 1.2 SUSE Studio Standard Edition 1.2 SUSE Studio Onsite 1.2 SUSE Studio Extension for System z 1.2 SUSE Linux Enterprise Software Development Kit 11 SP1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. It includes one version update. Description: This update to rubygem-actionpack fixes two unsafe query generations with "IS NULL" in the WHERE clause. (CVE-2012-2660 , CVE-2012-2694 ) Indications: Everyone using rubygem-actionpack should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - WebYaST [Appliance - Tools]: zypper in -t patch slewystsp1-rubygem-actionpack-2_3-6619 - WebYaST 1.2: zypper in -t patch slewyst12-rubygem-actionpack-2_3-6665 - SUSE Studio Standard Edition 1.2: zypper in -t patch sleslms12-rubygem-actionpack-2_3-6665 - SUSE Studio Onsite 1.2: zypper in -t patch slestso12-rubygem-actionpack-2_3-6665 - SUSE Studio Extension for System z 1.2: zypper in -t patch slestso12-rubygem-actionpack-2_3-6665 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-rubygem-actionpack-2_3-6619 To bring your system up-to-date, use "zypper patch". Package List: - WebYaST [Appliance - Tools] (i586 ia64 ppc64 s390x x86_64) [New Version: 2.3.14]: rubygem-actionpack-2_3-2.3.14-0.7.6.1 - WebYaST 1.2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.3.14]: rubygem-actionpack-2_3-2.3.14-0.7.6.1 - SUSE Studio Standard Edition 1.2 (x86_64) [New Version: 2.3.14]: rubygem-actionpack-2_3-2.3.14-0.7.6.1 - SUSE Studio Onsite 1.2 (x86_64) [New Version: 2.3.14]: rubygem-actionpack-2_3-2.3.14-0.7.6.1 - SUSE Studio Extension for System z 1.2 (s390x) [New Version: 2.3.14]: rubygem-actionpack-2_3-2.3.14-0.7.6.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.3.14]: rubygem-actionpack-2_3-2.3.14-0.7.6.1 References: http://support.novell.com/security/cve/CVE-2012-2660.html http://support.novell.com/security/cve/CVE-2012-2694.html https://bugzilla.novell.com/765097 https://bugzilla.novell.com/766791 http://download.novell.com/patch/finder/?keywords=53095f9d9f8560f19044c15e6eaf7b8a http://download.novell.com/patch/finder/?keywords=625e07d428b32e10138b5c46031ea3fe From sle-updates at lists.suse.com Tue Aug 21 12:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 21 Aug 2012 20:08:31 +0200 (CEST) Subject: SUSE-SU-2012:1016-1: moderate: kernel update for SLE11 SP2 Message-ID: <20120821180831.4DA0532241@maintenance.suse.de> SUSE Security Update: kernel update for SLE11 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1016-1 Rating: moderate References: #705551 #715635 #718910 #720946 #738284 #744314 #744655 #746509 #749291 #752352 #753172 #753353 #754391 #754690 #755546 #755620 #756276 #756585 #757059 #758703 #761775 #762366 #762414 #762991 #763026 #763754 #763968 #764339 #766027 #766445 #766733 #767281 #767469 #767684 #767983 #768052 #768084 #768470 #768632 #769407 #769685 #769784 #769896 #770034 #770238 #770269 #771102 #771242 #771361 #771398 #771428 #771619 #771778 #772407 #772420 #772566 #772831 #772893 #773006 #773251 #773406 #773606 #773878 #774285 Cross-References: CVE-2012-3375 CVE-2012-3400 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise High Availability Extension 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 SLE 11 SERVER Unsupported Extras ______________________________________________________________________________ An update that solves two vulnerabilities and has 62 fixes is now available. It includes one version update. Description: The SUSE Linux Enterprise 11 SP2 kernel was updated to 3.0.38, fixing various bugs and security issues. Following security issues were fixed: CVE-2012-3400: Several buffer overread and overwrite errors in the UDF logical volume descriptor code were fixed that might have allowed local attackers able to mount UDF volumes to crash the kernel or potentially gain privileges. CVE-2012-3375: A denial of service (crash) in epoll was fixed. The three NTP leapsecond issues were fixed and are contained in Linux Kernel stable 3.0.38. The Libceph/ceph/rbd framework was imported for later Cloud storage usage. Various bug and security fixes were integrated from the Linux stable kernel 3.0.34-3.0.38 upgrade and are not explicitly listed here. Following other non-security issues were fixed: S/390: - dasd: Use correct queue for aborting requests. - dasd: Abort requests from correct queue. - [S390] Do not clobber personality flags on exec (bnc#770034). - dasd: Kick tasklet instead of processing the request_queue directly. - s390/kernel: CPU idle vs CPU hotplug (bnc#772407,LTC#83468). - lgr: Make lgr_page static (bnc#772407,LTC#83520). - s390/kernel: incorrect task size after fork of a 31 bit process (bnc#772407,LTC#83674). - dasd: Abort all requests on the request_queue, too (bnc#768084). - DASD: Add timeout attribute (bnc#771361). - dasd: Fixup typo in debugging message. - patches.suse/dasd-fail-all-requests-after-timeout.patch: Fixup handling of failfast requests (bnc#768084). - s390: allow zcrypt to /dev/random feeding to be resumed (bnc#718910) - s390/hypfs: Missing files and directories (bnc#769407,LTC#82838). - dasd: Fail all requests after timeout (bnc#768084). - s390/kernel: Add z/VM LGR detection (bnc#767281,LTC#RAS1203). BTRFS fixes (3.3-3.5+) - Btrfs: avoid sleeping in verify_parent_transid while atomic - Btrfs: fix btrfs_release_extent_buffer_page with the right usage of num_extent_pages - Btrfs: do not check delalloc when updating disk_i_size - Btrfs: look into the extent during find_all_leafs - Btrfs: do not set for_cow parameter for tree block functions - Btrfs: fix defrag regression - Btrfs: fix missing inherited flag in rename - Btrfs: do not resize a seeding device - Btrfs: cast devid to unsigned long long for printk %llu - Btrfs: add a missing spin_lock - Btrfs: restore restriper state on all mounts - Btrfs: resume balance on rw (re)mounts properly - Btrfs: fix tree log remove space corner case - Btrfs: hold a ref on the inode during writepages - Btrfs: do not return EINVAL instead of ENOMEM from open_ctree() - Btrfs: do not ignore errors from btrfs_cleanup_fs_roots() when mounting - Btrfs: fix error handling in __add_reloc_root() - Btrfs: return error of btrfs_update_inode() to caller - Btrfs: fix typo in cow_file_range_async and async_cow_submit - Btrfs: fix btrfs_is_free_space_inode to recognize btree inode - Btrfs: kill root from btrfs_is_free_space_inode - Btrfs: zero unused bytes in inode item - disable patches.suse/btrfs-8052-fix-wrong-information-of-the-directo ry-in-the-.patch (bnc#757059) XEN: - Refresh Xen patches (bnc#772831, add spinlock.nopoll option). - Update Xen patches to 3.0.35. - xen/thp: avoid atomic64_read in pmd_read_atomic for 32bit PAE (bnc#762991). - Update Xen config files (CONFIG_XEN_SPINLOCK_ACQUIRE_NESTING=1). MD: - md: Do not truncate size at 4TB for RAID0 and Linear - md/bitmap: Do not write bitmap while earlier writes might be in-fligh (bnc#771398). - md: Fixup blktrace information. - md: Abort pending request for RAID10 (bnc#773251). - md: add raid10 tracepoints (bnc#768084). - md: wakeup thread upon rdev_dec_pending() (bnc#771398). - md: Correctly register error code on failure. - md: Do not take mddev lock when reading rdev attributes from sysfs (bnc#772420). - md: unblock SET_DISK_FAULTY ioctl (bnc#768084). Hyper-V: - net/hyperv: Use wait_event on outstanding sends during device removal. - Tools: hv: verify origin of netlink connector message. - hyperv: Add support for setting MAC from within guests. - Drivers: hv: Change the hex constant to a decimal constant. - hyperv: Add error handling to rndis_filter_device_add(). - hyperv: Add a check for ring_size value. - Drivers: hv: Cleanup the guest ID computation. - hv: add RNDIS_OID_GEN_RNDIS_CONFIG_PARAMETER. Scheduler: - sched: Make sure to not re-read variables after validation (bnc#769685). - sched: Only queue remote wakeups when crossing cache boundaries part2 (bnc#754690). - sched: really revert latency defaults to SP1 values (bnc#754690). - sched: optimize latency defaults (bnc#754690). - sched: Save some hrtick_start_fair cycles (bnc#754690). - sched: use rt.nr_cpus_allowed to recover select_task_rq() cycles (bnc#754690). - sched: Set skip_clock_update in yield_task_fair() (bnc#754690). - sched: Do not call task_group() too many times in set_task_rq() (bnc#754690). - sched: ratelimit nohz (bnc#754690). - sched: Wrap scheduler p->cpus_allowed access (bnc#754690). - sched: Avoid SMT siblings in select_idle_sibling() if possible (bnc#754690). - sched: Clean up domain traversal in select_idle_sibling() (bnc#754690). - sched: Remove rcu_read_lock/unlock() from select_idle_sibling() (bnc#754690). - sched: Fix the sched group node allocation for SD_OVERLAP domains (bnc#754690). - sched: add SD_SHARE_PKG_RESOURCES domain flags proc handler (bnc#754690). - sched: fix select_idle_sibling() induced bouncing (bnc#754690). Other fixes: - rt2800: add chipset revision RT5390R support (bnc#772566). - reiserfs: fix deadlocks with quotas (bnc#774285). - VFS: avoid prepend_path warning about d_obtain_alias aliases (bnc#773006). - ntp: avoid printk under xtime_lock (bnc#767684). - kvm: kvmclock: apply kvmclock offset to guest wall clock time (bnc#766445). - bonding: allow all slave speeds (bnc#771428). - mm: hugetlbfs: Close race during teardown of hugetlbfs shared page tables. - mm: hugetlbfs: Correctly detect if page tables have just been shared. - patches.fixes/mm-hugetlb-decrement-mapcount-under-page_table _lock.patch: Delete. (Fix bad PMD message displayed while using hugetlbfs (bnc#762366)). - ALSA: hda - Evaluate gpio_led hints at the right moment (bnc#773878). - proc: stats: Use arch_idle_time for idle and iowait times if available (bnc#772893). - tcp: perform DMA to userspace only if there is a task waiting for it (bnc#773606). - rt2x00: fix rt3290 resuming failed (bnc#771778). - patches.suse/SUSE-bootsplash: Refresh. (Fix wrong vfree() (bnc#773406)) - vhost: do not forget to schedule() (bnc#767983). - powerpc, kabi: reintroduce __cputime_msec_factor (bnc#771242). - powerpc: Fix wrong divisor in usecs_to_cputime (bnc#771242). - mm: use cpu_chill() in spin_trylock_page() and cancel on immediately RT. (bnc#768470) - be2net: Fix EEH error reset before a flash dump completes (bnc#755546). - st: Fix adding of tape link from device directory (bnc#771102). - idr: Fix locking of minor idr during failure-case removal and add freeing of minor idr during device removal. - add firmware update for Atheros 0cf3:311f (bnc#761775). - Unset CONFIG_WATCHDOG_NOWAYOUT to prevent reboot of openais on service stop. (bnc#756585) - Update config files: Enable CONFIG_RT2800PCI_RT3290. - ida: simplified functions for id allocation (bnc#749291). - ida: make ida_simple_get/put() IRQ safe (bnc#749291). - virtio-blk: use ida to allocate disk index (bnc#749291). - USB: option: Add USB ID for Novatel Ovation MC551 (bnc#770269). - USB: option: add id for Cellient MEN-200 (bnc#770269). - Fix the position of SUSE logo on text screen (bnc#770238) - enable Atheros 0cf3:311e for firmware upload (bnc#766733). - scsi_dh_alua: Improve error handling (bnc#715635). - scsi: remove an unhandled error code message (bnc#715635). - Add to support Ralink ROMA wifi chip. (bnc#758703) - x86_64, UV: Update NMI handler for UV1000/2000 systems (bnc#746509, bnc#744655). - kdb: Fix merge error in original kdb x86 patch (bnc#746509). - udf: Avoid run away loop when partition table length is corrupted (bnc#769784). - udf: Fortify loading of sparing table (bnc#769784). - udf: Use ret instead of abusing i in udf_load_logicalvol() (bnc#769784). - intel_ips: blacklist HP ProBook laptops (bnc#720946). - drm: edid: Do not add inferred modes with higher resolution (bnc#753172). - init: mm: Reschedule when initialising large numbers of memory sections. (bnc#755620). - x86/apic: Use x2apic physical mode based on FADT setting (bnc#768052). - acpiphp: add dmi info to acpiphp module (bnc#754391). - ntp: fix leap second hrtimer deadlock (bnc#768632). - ntp: avoid printk under xtime_lock (bnc#767684). - nohz: Fix update_ts_time_stat idle accounting (bnc#767469, bnc#705551). - nohz: Make idle/iowait counter update conditional (bnc#767469, bnc#705551). - bug: introduce BUILD_BUG_ON_INVALID() macro - bug: completely remove code generated by disabled. (VM Performance). - mm: call cond_resched in putback_lru_pages (bnc#763968). - Update x84-64 Xen config file (CONFIG_ACPI_PROCESSOR_AGGREGATOR=m). - ia64 is odd man out, CONFIG_SCHED_HRTICK is not set, fix build failure due to missing hrtick_enabled() in that case. - drm: Add poll blacklist for Dell Latitude E5420 (bnc#756276). - supported.conf: mark libceph and rbd as unsupported. - drm/i915: Fix eDP blank screen after S3 resume on HP desktops (bnc#752352). - mm: hugetlb: Decrement mapcount under page table lock (Consistent mapcount decrementing under lock (bnc#762366)). - mm: hugetlb: flush_tlb_range() needs page_table_lock when mmap_sem is not held. (Consistent locking for TLB flush of hugetlb pages (bnc#762366)). - mm/hugetlb.c: undo change to page mapcount in fault handler (Handle potential leaks in hugetlbfs error paths (bnc#762366)). - drm/i915: Not all systems expose a firmware or platform mechanism for changing the backlight intensity on i915, so add native driver support (bnc#752352). - i915: do not setup intel_backlight twice (bnc#752352). - drm/i915: enable vdd when switching off the eDP panel (bnc#752352). - Add missing definition blk_queue_dead(). - Backport patches from mainline to fix SCSI crash under heavy load (bnc#738284): bncs kernel-sle11sp2-i586.patchinfo kernel-sle11sp2-ia64.patchinfo kernel-sle11sp2-ppc64.patchinfo kernel-sle11sp2-s390x.patchinfo kernel-sle11sp2-x86_64.patchinfo kernel-sle11sp2-xtra-i586.patchinfo kernel-sle11sp2-xtra-ia64.patchinfo kernel-sle11sp2-xtra-ppc64.patchinfo kernel-sle11sp2-xtra-s390x.patchinfo kernel-sle11sp2-xtra-x86_64.patchinfo mksle11sp2 RCS sle11sp2-extra.template sle11sp2.template sp2.diff sp2.new.diff patches.fixes/block-add-blk_queue_dead.patch: block: add blk_queue_dead() (bnc#738284). bncs kernel-sle11sp2-i586.patchinfo kernel-sle11sp2-ia64.patchinfo kernel-sle11sp2-ppc64.patchinfo kernel-sle11sp2-s390x.patchinfo kernel-sle11sp2-x86_64.patchinfo kernel-sle11sp2-xtra-i586.patchinfo kernel-sle11sp2-xtra-ia64.patchinfo kernel-sle11sp2-xtra-ppc64.patchinfo kernel-sle11sp2-xtra-s390x.patchinfo kernel-sle11sp2-xtra-x86_64.patchinfo mksle11sp2 RCS sle11sp2-extra.template sle11sp2.template sp2.diff sp2.new.diff patches.fixes/block-add-missing-blk_queue_dead-checks.patch: block: add missing blk_queue_dead() checks (bnc#738284). bncs kernel-sle11sp2-i586.patchinfo kernel-sle11sp2-ia64.patchinfo kernel-sle11sp2-ppc64.patchinfo kernel-sle11sp2-s390x.patchinfo kernel-sle11sp2-x86_64.patchinfo kernel-sle11sp2-xtra-i586.patchinfo kernel-sle11sp2-xtra-ia64.patchinfo kernel-sle11sp2-xtra-ppc64.patchinfo kernel-sle11sp2-xtra-s390x.patchinfo kernel-sle11sp2-xtra-x86_64.patchinfo mksle11sp2 RCS sle11sp2-extra.template sle11sp2.template sp2.diff sp2.new.diff patches.fixes/block-fix-race-on-request.end_io-invocations.p atch: block: Fix race on request.end_io invocations (bnc#738284). bncs kernel-sle11sp2-i586.patchinfo kernel-sle11sp2-ia64.patchinfo kernel-sle11sp2-ppc64.patchinfo kernel-sle11sp2-s390x.patchinfo kernel-sle11sp2-x86_64.patchinfo kernel-sle11sp2-xtra-i586.patchinfo kernel-sle11sp2-xtra-ia64.patchinfo kernel-sle11sp2-xtra-ppc64.patchinfo kernel-sle11sp2-xtra-s390x.patchinfo kernel-sle11sp2-xtra-x86_64.patchinfo mksle11sp2 RCS sle11sp2-extra.template sle11sp2.template sp2.diff sp2.new.diff patches.fixes/scsi-fc-class-fix-scanning-when-devs-are-offli ne.patch: fc class: fix scanning when devs are offline (bnc#738284). bncs kernel-sle11sp2-i586.patchinfo kernel-sle11sp2-ia64.patchinfo kernel-sle11sp2-ppc64.patchinfo kernel-sle11sp2-s390x.patchinfo kernel-sle11sp2-x86_64.patchinfo kernel-sle11sp2-xtra-i586.patchinfo kernel-sle11sp2-xtra-ia64.patchinfo kernel-sle11sp2-xtra-ppc64.patchinfo kernel-sle11sp2-xtra-s390x.patchinfo kernel-sle11sp2-xtra-x86_64.patchinfo mksle11sp2 RCS sle11sp2-extra.template sle11sp2.template sp2.diff sp2.new.diff patches.fixes/scsi-fix-device-removal-NULL-pointer-dereferen ce.patch: scsi: Fix device removal NULL pointer dereference (bnc#738284). bncs kernel-sle11sp2-i586.patchinfo kernel-sle11sp2-ia64.patchinfo kernel-sle11sp2-ppc64.patchinfo kernel-sle11sp2-s390x.patchinfo kernel-sle11sp2-x86_64.patchinfo kernel-sle11sp2-xtra-i586.patchinfo kernel-sle11sp2-xtra-ia64.patchinfo kernel-sle11sp2-xtra-ppc64.patchinfo kernel-sle11sp2-xtra-s390x.patchinfo kernel-sle11sp2-xtra-x86_64.patchinfo mksle11sp2 RCS sle11sp2-extra.template sle11sp2.template sp2.diff sp2.new.diff patches.fixes/scsi-fix-the-new-host-byte-settings.patch: scsi: fix DID_TARGET_FAILURE and DID_NEXUS_FAILURE host byte settings (bnc#738284). bncs kernel-sle11sp2-i586.patchinfo kernel-sle11sp2-ia64.patchinfo kernel-sle11sp2-ppc64.patchinfo kernel-sle11sp2-s390x.patchinfo kernel-sle11sp2-x86_64.patchinfo kernel-sle11sp2-xtra-i586.patchinfo kernel-sle11sp2-xtra-ia64.patchinfo kernel-sle11sp2-xtra-ppc64.patchinfo kernel-sle11sp2-xtra-s390x.patchinfo kernel-sle11sp2-xtra-x86_64.patchinfo mksle11sp2 RCS sle11sp2-extra.template sle11sp2.template sp2.diff sp2.new.diff patches.fixes/scsi-stop-accepting-scsi-requests.patch: scsi: Stop accepting SCSI requests before removing a device (bnc#738284). bncs kernel-sle11sp2-i586.patchinfo kernel-sle11sp2-ia64.patchinfo kernel-sle11sp2-ppc64.patchinfo kernel-sle11sp2-s390x.patchinfo kernel-sle11sp2-x86_64.patchinfo kernel-sle11sp2-xtra-i586.patchinfo kernel-sle11sp2-xtra-ia64.patchinfo kernel-sle11sp2-xtra-ppc64.patchinfo kernel-sle11sp2-xtra-s390x.patchinfo kernel-sle11sp2-xtra-x86_64.patchinfo mksle11sp2 RCS sle11sp2-extra.template sle11sp2.template sp2.diff sp2.new.diff patches.fixes/scsi-Revert-put-stricter-guards-on-queue-dead- chec.patch: Delete preliminary patch. - Provide obsoleted KMPs (bnc#753353), fix ath3k obsoletes. - mm: filemap: Optimise file-backed page faulting by emulating an adaptive sleeping spinlock (bnc#762414) - Add yet another product ID for HP cert machines (bnc#764339) - x86: check for valid irq_cfg pointer in smp_irq_move_cleanup_interrupt (bnc#763754). - backing-dev: use synchronize_rcu_expedited instead of synchronize_rcu (bnc#766027). - sysfs: count subdirectories (bnc#766027). - kABI fix for sysfs-count-subdirectories (bnc#766027). - block: Introduce blk_set_stacking_limits function (bnc#763026). Indications: Everyone using the Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-kernel-6641 slessp2-kernel-6648 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-kernel-6641 slessp2-kernel-6642 slessp2-kernel-6643 slessp2-kernel-6648 slessp2-kernel-6650 - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-kernel-6641 sleshasp2-kernel-6642 sleshasp2-kernel-6643 sleshasp2-kernel-6648 sleshasp2-kernel-6650 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-kernel-6641 sledsp2-kernel-6648 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 3.0.38]: kernel-default-3.0.38-0.5.1 kernel-default-base-3.0.38-0.5.1 kernel-default-devel-3.0.38-0.5.1 kernel-source-3.0.38-0.5.1 kernel-syms-3.0.38-0.5.1 kernel-trace-3.0.38-0.5.1 kernel-trace-base-3.0.38-0.5.1 kernel-trace-devel-3.0.38-0.5.1 kernel-xen-devel-3.0.38-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586) [New Version: 3.0.38]: kernel-pae-3.0.38-0.5.1 kernel-pae-base-3.0.38-0.5.1 kernel-pae-devel-3.0.38-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.38]: kernel-default-3.0.38-0.5.1 kernel-default-base-3.0.38-0.5.1 kernel-default-devel-3.0.38-0.5.1 kernel-source-3.0.38-0.5.1 kernel-syms-3.0.38-0.5.1 kernel-trace-3.0.38-0.5.1 kernel-trace-base-3.0.38-0.5.1 kernel-trace-devel-3.0.38-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64) [New Version: 3.0.38]: kernel-ec2-3.0.38-0.5.1 kernel-ec2-base-3.0.38-0.5.1 kernel-ec2-devel-3.0.38-0.5.1 kernel-xen-3.0.38-0.5.1 kernel-xen-base-3.0.38-0.5.1 kernel-xen-devel-3.0.38-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (s390x) [New Version: 3.0.38]: kernel-default-man-3.0.38-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64) [New Version: 3.0.38]: kernel-ppc64-3.0.38-0.5.1 kernel-ppc64-base-3.0.38-0.5.1 kernel-ppc64-devel-3.0.38-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586) [New Version: 3.0.38]: kernel-pae-3.0.38-0.5.1 kernel-pae-base-3.0.38-0.5.1 kernel-pae-devel-3.0.38-0.5.1 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64): gfs2-kmp-default-2_3.0.38_0.5-0.7.37 gfs2-kmp-trace-2_3.0.38_0.5-0.7.37 ocfs2-kmp-default-1.6_3.0.38_0.5-0.7.37 ocfs2-kmp-trace-1.6_3.0.38_0.5-0.7.37 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 s390x): cluster-network-kmp-default-1.4_3.0.38_0.5-2.14.2 cluster-network-kmp-trace-1.4_3.0.38_0.5-2.14.2 - SUSE Linux Enterprise High Availability Extension 11 SP2 (ppc64 x86_64): cluster-network-kmp-default-1.4_3.0.38_0.5-2.16.1 cluster-network-kmp-trace-1.4_3.0.38_0.5-2.16.1 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 x86_64): gfs2-kmp-xen-2_3.0.38_0.5-0.7.37 ocfs2-kmp-xen-1.6_3.0.38_0.5-0.7.37 - SUSE Linux Enterprise High Availability Extension 11 SP2 (x86_64): cluster-network-kmp-xen-1.4_3.0.38_0.5-2.16.1 - SUSE Linux Enterprise High Availability Extension 11 SP2 (ppc64): cluster-network-kmp-ppc64-1.4_3.0.38_0.5-2.16.1 gfs2-kmp-ppc64-2_3.0.38_0.5-0.7.37 ocfs2-kmp-ppc64-1.6_3.0.38_0.5-0.7.37 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586): cluster-network-kmp-pae-1.4_3.0.38_0.5-2.14.2 cluster-network-kmp-xen-1.4_3.0.38_0.5-2.14.2 gfs2-kmp-pae-2_3.0.38_0.5-0.7.37 ocfs2-kmp-pae-1.6_3.0.38_0.5-0.7.37 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.0.38]: kernel-default-3.0.38-0.5.1 kernel-default-base-3.0.38-0.5.1 kernel-default-devel-3.0.38-0.5.1 kernel-default-extra-3.0.38-0.5.1 kernel-source-3.0.38-0.5.1 kernel-syms-3.0.38-0.5.1 kernel-trace-3.0.38-0.5.1 kernel-trace-base-3.0.38-0.5.1 kernel-trace-devel-3.0.38-0.5.1 kernel-trace-extra-3.0.38-0.5.1 kernel-xen-3.0.38-0.5.1 kernel-xen-base-3.0.38-0.5.1 kernel-xen-devel-3.0.38-0.5.1 kernel-xen-extra-3.0.38-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 3.0.38]: kernel-pae-3.0.38-0.5.1 kernel-pae-base-3.0.38-0.5.1 kernel-pae-devel-3.0.38-0.5.1 kernel-pae-extra-3.0.38-0.5.1 - SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64): ext4-writeable-kmp-default-0_3.0.38_0.5-0.14.18 ext4-writeable-kmp-trace-0_3.0.38_0.5-0.14.18 kernel-default-extra-3.0.38-0.5.1 - SLE 11 SERVER Unsupported Extras (i586 x86_64): ext4-writeable-kmp-xen-0_3.0.38_0.5-0.14.18 kernel-xen-extra-3.0.38-0.5.1 - SLE 11 SERVER Unsupported Extras (ppc64): ext4-writeable-kmp-ppc64-0_3.0.38_0.5-0.14.18 kernel-ppc64-extra-3.0.38-0.5.1 - SLE 11 SERVER Unsupported Extras (i586): ext4-writeable-kmp-pae-0_3.0.38_0.5-0.14.18 kernel-pae-extra-3.0.38-0.5.1 References: http://support.novell.com/security/cve/CVE-2012-3375.html http://support.novell.com/security/cve/CVE-2012-3400.html https://bugzilla.novell.com/705551 https://bugzilla.novell.com/715635 https://bugzilla.novell.com/718910 https://bugzilla.novell.com/720946 https://bugzilla.novell.com/738284 https://bugzilla.novell.com/744314 https://bugzilla.novell.com/744655 https://bugzilla.novell.com/746509 https://bugzilla.novell.com/749291 https://bugzilla.novell.com/752352 https://bugzilla.novell.com/753172 https://bugzilla.novell.com/753353 https://bugzilla.novell.com/754391 https://bugzilla.novell.com/754690 https://bugzilla.novell.com/755546 https://bugzilla.novell.com/755620 https://bugzilla.novell.com/756276 https://bugzilla.novell.com/756585 https://bugzilla.novell.com/757059 https://bugzilla.novell.com/758703 https://bugzilla.novell.com/761775 https://bugzilla.novell.com/762366 https://bugzilla.novell.com/762414 https://bugzilla.novell.com/762991 https://bugzilla.novell.com/763026 https://bugzilla.novell.com/763754 https://bugzilla.novell.com/763968 https://bugzilla.novell.com/764339 https://bugzilla.novell.com/766027 https://bugzilla.novell.com/766445 https://bugzilla.novell.com/766733 https://bugzilla.novell.com/767281 https://bugzilla.novell.com/767469 https://bugzilla.novell.com/767684 https://bugzilla.novell.com/767983 https://bugzilla.novell.com/768052 https://bugzilla.novell.com/768084 https://bugzilla.novell.com/768470 https://bugzilla.novell.com/768632 https://bugzilla.novell.com/769407 https://bugzilla.novell.com/769685 https://bugzilla.novell.com/769784 https://bugzilla.novell.com/769896 https://bugzilla.novell.com/770034 https://bugzilla.novell.com/770238 https://bugzilla.novell.com/770269 https://bugzilla.novell.com/771102 https://bugzilla.novell.com/771242 https://bugzilla.novell.com/771361 https://bugzilla.novell.com/771398 https://bugzilla.novell.com/771428 https://bugzilla.novell.com/771619 https://bugzilla.novell.com/771778 https://bugzilla.novell.com/772407 https://bugzilla.novell.com/772420 https://bugzilla.novell.com/772566 https://bugzilla.novell.com/772831 https://bugzilla.novell.com/772893 https://bugzilla.novell.com/773006 https://bugzilla.novell.com/773251 https://bugzilla.novell.com/773406 https://bugzilla.novell.com/773606 https://bugzilla.novell.com/773878 https://bugzilla.novell.com/774285 http://download.novell.com/patch/finder/?keywords=054eeda84fdfd467b6042cd0666936fd http://download.novell.com/patch/finder/?keywords=2562f1c04f34ffe16e03bb259c3fa59a http://download.novell.com/patch/finder/?keywords=2e3d7b7adbbcb9354016e7500008d6eb http://download.novell.com/patch/finder/?keywords=3ce131c8ad30c9e67989bec045d25f70 http://download.novell.com/patch/finder/?keywords=43c40bbec3b6fa96e53f65b5bd05bf22 http://download.novell.com/patch/finder/?keywords=49f71b35667d16346304bfe7962c6acf http://download.novell.com/patch/finder/?keywords=7cf89a4bc5bc5fe5716772ac7b65fe44 http://download.novell.com/patch/finder/?keywords=8ff740aad979794678ee74633038b97d http://download.novell.com/patch/finder/?keywords=9562bd6b9a1b5af7a6b07b9b3d121e2f http://download.novell.com/patch/finder/?keywords=aa508382c1b93d4d802d37d9ad3ac5b6 From sle-updates at lists.suse.com Wed Aug 22 09:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 22 Aug 2012 17:08:35 +0200 (CEST) Subject: SUSE-RU-2012:1019-1: moderate: Recommended update for kexec-tools Message-ID: <20120822150835.6920632241@maintenance.suse.de> SUSE Recommended Update: Recommended update for kexec-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1019-1 Rating: moderate References: #758712 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes various segfaults on parsing large device trees (bnc#758712). Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc64 s390x x86_64): kexec-tools-1.101-32.59.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): kexec-tools-1.101-32.59.1 - SLE SDK 10 SP4 (i586 ia64 ppc64 s390x x86_64): kexec-tools-1.101-32.59.1 References: https://bugzilla.novell.com/758712 http://download.novell.com/patch/finder/?keywords=25cd0d58073ea83988c920689c828187 From sle-updates at lists.suse.com Wed Aug 22 09:08:38 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 22 Aug 2012 17:08:38 +0200 (CEST) Subject: SUSE-SU-2012:1020-1: important: Security update for oracle-update Message-ID: <20120822150838.2D15F3224A@maintenance.suse.de> SUSE Security Update: Security update for oracle-update ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1020-1 Rating: important References: #757762 #771994 Cross-References: CVE-2012-0525 CVE-2012-0526 CVE-2012-0527 CVE-2012-0534 CVE-2012-0552 CVE-2012-1737 CVE-2012-1745 CVE-2012-3134 Affected Products: SUSE Manager 1.7 for SLE 11 SP2 SUSE Manager 1.2 for SLE 11 SP1 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: This update fixes two large sets of security issues in the Oracle Server. * http://www.oracle.com/technetwork/topics/security/cpujul2012 -392727.html (CVE-2012-1737, CVE-2012-1745, CVE-2012-3134) * http://www.oracle.com/technetwork/topics/security/cpuapr2012 -366314.html (CVE-2012-0552, CVE-2012-0534, CVE-2012-0527, CVE-2012-0526, CVE-2012-0525) Security Issue references: * CVE-2012-0552 * CVE-2012-0534 * CVE-2012-1737 * CVE-2012-1745 * CVE-2012-3134 * CVE-2012-0527 * CVE-2012-0526 * CVE-2012-0525 Indications: Everyone using the Oracle DB on SUSE Manager should update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.7 for SLE 11 SP2: zypper in -t patch sleman17sp2-oracle-update-6685 - SUSE Manager 1.2 for SLE 11 SP1: zypper in -t patch sleman12sp1-oracle-update-6684 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.7 for SLE 11 SP2 (x86_64): oracle-update-1.7-0.13.1 - SUSE Manager 1.2 for SLE 11 SP1 (x86_64): oracle-update-1.7-0.4.10.1 References: http://support.novell.com/security/cve/CVE-2012-0525.html http://support.novell.com/security/cve/CVE-2012-0526.html http://support.novell.com/security/cve/CVE-2012-0527.html http://support.novell.com/security/cve/CVE-2012-0534.html http://support.novell.com/security/cve/CVE-2012-0552.html http://support.novell.com/security/cve/CVE-2012-1737.html http://support.novell.com/security/cve/CVE-2012-1745.html http://support.novell.com/security/cve/CVE-2012-3134.html https://bugzilla.novell.com/757762 https://bugzilla.novell.com/771994 http://download.novell.com/patch/finder/?keywords=205067d3ac29a7b3a4b0a8d7f70ba5e9 http://download.novell.com/patch/finder/?keywords=c66e6782ca5a697b1ab08f6ec77a4b1c From sle-updates at lists.suse.com Wed Aug 22 12:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 22 Aug 2012 20:08:33 +0200 (CEST) Subject: SUSE-SU-2012:1021-1: Security update for PostgreSQL Message-ID: <20120822180833.3850C3224B@maintenance.suse.de> SUSE Security Update: Security update for PostgreSQL ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1021-1 Rating: low References: #760511 #765069 #766799 #767505 #770193 #773771 #774616 #774617 #775399 #775402 #776523 #776524 Cross-References: CVE-2012-2143 CVE-2012-2655 CVE-2012-3488 CVE-2012-3489 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that solves four vulnerabilities and has 8 fixes is now available. It includes one version update. Description: This update provides PostgreSQL 8.3.20. As part of this update, the packaging scheme has been changed to accomodate an optional parallel installation of newer PostgreSQL versions. The changes in 8.3.20 are: * Prevent access to external files/URLs via XML entity references. xml_parse() would attempt to fetch external files or URLs as needed to resolve DTD and entity references in an XML value, thus allowing unprivileged database users to attempt to fetch data with the privileges of the database server (CVE-2012-3489, bnc#776524). * Prevent access to external files/URLs via "contrib/xml2"'s xslt_process(). libxslt offers the ability to read and write both files and URLs through stylesheet commands, thus allowing unprivileged database users to both read and write data with the privileges of the database server. Disable that through proper use of libxslt's security options. (CVE-2012-3488, bnc#776523). Also, remove xslt_process()'s ability to fetch documents and stylesheets from external files/URLs. * Fix incorrect password transformation in contrib/pgcrypto's DES crypt() function. If a password string contained the byte value 0x80, the remainder of the password was ignored, causing the password to be much weaker than it appeared. With this fix, the rest of the string is properly included in the DES hash. Any stored password values that are affected by this bug will thus no longer match, so the stored values may need to be updated. (CVE-2012-2143) * Ignore SECURITY DEFINER and SET attributes for a procedural language's call handler. Applying such attributes to a call handler could crash the server. (CVE-2012-2655) * Allow numeric timezone offsets in timestamp input to be up to 16 hours away from UTC. Some historical time zones have offsets larger than 15 hours, the previous limit. This could result in dumped data values being rejected during reload. * Fix timestamp conversion to cope when the given time is exactly the last DST transition time for the current timezone. This oversight has been there a long time, but was not noticed previously because most DST-using zones are presumed to have an indefinite sequence of future DST transitions. * Fix text to name and char to name casts to perform string truncation correctly in multibyte encodings. * Fix memory copying bug in to_tsquery(). * Fix slow session startup when pg_attribute is very large. If pg_attribute exceeds one-fourth of shared_buffers, cache rebuilding code that is sometimes needed during session start would trigger the synchronized-scan logic, causing it to take many times longer than normal. The problem was particularly acute if many new sessions were starting at once. * Ensure sequential scans check for query cancel reasonably often. A scan encountering many consecutive pages that contain no live tuples would not respond to interrupts meanwhile. * Show whole-row variables safely when printing views or rules. Corner cases involving ambiguous names (that is, the name could be either a table or column name of the query) were printed in an ambiguous way, risking that the view or rule would be interpreted differently after dump and reload. Avoid the ambiguous case by attaching a no-op cast. * Ensure autovacuum worker processes perform stack depth checking properly. Previously, infinite recursion in a function invoked by auto-ANALYZE could crash worker processes. * Fix logging collector to not lose log coherency under high load. The collector previously could fail to reassemble large messages if it got too busy. * Fix logging collector to ensure it will restart file rotation after receiving SIGHUP. * Fix PL/pgSQL's GET DIAGNOSTICS command when the target is the function's first variable. * Fix several performance problems in pg_dump when the database contains many objects. pg_dump could get very slow if the database contained many schemas, or if many objects are in dependency loops, or if there are many owned sequences. * Fix contrib/dblink's dblink_exec() to not leak temporary database connections upon error. Security Issue references: * CVE-2012-2143 * CVE-2012-2655 * CVE-2012-3489 * CVE-2012-3488 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-postgresql-6697 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-postgresql-6697 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-postgresql-6697 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-postgresql-6697 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-postgresql-6697 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 8.3.20]: postgresql-8.3.20-0.4.1 postgresql-contrib-8.3.20-0.4.1 postgresql-docs-8.3.20-0.4.1 postgresql-server-8.3.20-0.4.1 - SUSE Linux Enterprise Server 11 SP2 (noarch): postgresql-init-9.1-0.6.10.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 8.3.20]: postgresql-8.3.20-0.4.1 postgresql-contrib-8.3.20-0.4.1 postgresql-docs-8.3.20-0.4.1 postgresql-server-8.3.20-0.4.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (noarch): postgresql-init-9.1-0.6.10.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 8.3.20]: postgresql-8.3.20-0.4.1 postgresql-contrib-8.3.20-0.4.1 postgresql-docs-8.3.20-0.4.1 postgresql-server-8.3.20-0.4.1 - SUSE Linux Enterprise Server 11 SP1 (noarch): postgresql-init-9.1-0.6.10.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 8.3.20]: postgresql-8.3.20-0.4.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): postgresql-init-9.1-0.6.10.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 8.3.20]: postgresql-8.3.20-0.4.1 - SUSE Linux Enterprise Desktop 11 SP1 (noarch): postgresql-init-9.1-0.6.10.1 References: http://support.novell.com/security/cve/CVE-2012-2143.html http://support.novell.com/security/cve/CVE-2012-2655.html http://support.novell.com/security/cve/CVE-2012-3488.html http://support.novell.com/security/cve/CVE-2012-3489.html https://bugzilla.novell.com/760511 https://bugzilla.novell.com/765069 https://bugzilla.novell.com/766799 https://bugzilla.novell.com/767505 https://bugzilla.novell.com/770193 https://bugzilla.novell.com/773771 https://bugzilla.novell.com/774616 https://bugzilla.novell.com/774617 https://bugzilla.novell.com/775399 https://bugzilla.novell.com/775402 https://bugzilla.novell.com/776523 https://bugzilla.novell.com/776524 http://download.novell.com/patch/finder/?keywords=a40b143814a37b566fd7889125c16b7d From sle-updates at lists.suse.com Wed Aug 22 14:08:36 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 22 Aug 2012 22:08:36 +0200 (CEST) Subject: SUSE-OU-2012:1023-1: Optional update for PostgreSQL Message-ID: <20120822200836.E830D32250@maintenance.suse.de> SUSE Optional Update: Optional update for PostgreSQL ______________________________________________________________________________ Announcement ID: SUSE-OU-2012:1023-1 Rating: low References: #733660 #767505 #773771 #774616 #774617 #775096 #775399 #775402 #775630 #776523 #776524 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has 11 optional fixes can now be installed. It includes one version update. Description: This update provides PostgreSQL 9.1.5 as an additional package. The JDBC3 driver was updated to 9.1-901. For Desktop, only the client packages are included. Please refer to the Release Notes for SUSE Linux Enterprise Server for details on how to migrate from PostgreSQL 8.3 to PostgreSQL 9.1. Indications: Every interested user can install this update. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-postgresql91-support-6696 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-postgresql91-support-6696 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-postgresql91-support-6696 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-postgresql91-support-6696 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-postgresql91-support-6696 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-postgresql91-support-6696 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-postgresql91-support-6696 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): postgresql91-devel-9.1.5-0.2.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): postgresql91-devel-9.1.5-0.2.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libecpg6-9.1.5-0.2.1 libossp-uuid16-1.6.2-4.2.3.1 libpq5-9.1.5-0.2.1 postgresql91-9.1.5-0.2.1 postgresql91-contrib-9.1.5-0.2.1 postgresql91-docs-9.1.5-0.2.1 postgresql91-server-9.1.5-0.2.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libpq5-32bit-9.1.5-0.2.1 - SUSE Linux Enterprise Server 11 SP2 (noarch) [New Version: 9.1]: postgresql-init-9.1-0.6.10.1 postgresql-jdbc-9.1-0.2.2.6 - SUSE Linux Enterprise Server 11 SP2 (ia64): libpq5-x86-9.1.5-0.2.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): libecpg6-9.1.5-0.2.1 libossp-uuid16-1.6.2-4.2.3.1 libpq5-9.1.5-0.2.1 postgresql91-9.1.5-0.2.1 postgresql91-contrib-9.1.5-0.2.1 postgresql91-docs-9.1.5-0.2.1 postgresql91-server-9.1.5-0.2.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): libpq5-32bit-9.1.5-0.2.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (noarch) [New Version: 9.1]: postgresql-init-9.1-0.6.10.1 postgresql-jdbc-9.1-0.2.2.6 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): libecpg6-9.1.5-0.2.1 libossp-uuid16-1.6.2-4.2.3.1 libpq5-9.1.5-0.2.1 postgresql91-9.1.5-0.2.1 postgresql91-contrib-9.1.5-0.2.1 postgresql91-docs-9.1.5-0.2.1 postgresql91-server-9.1.5-0.2.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64): libpq5-32bit-9.1.5-0.2.1 - SUSE Linux Enterprise Server 11 SP1 (noarch) [New Version: 9.1]: postgresql-init-9.1-0.6.10.1 postgresql-jdbc-9.1-0.2.2.6 - SUSE Linux Enterprise Server 11 SP1 (ia64): libpq5-x86-9.1.5-0.2.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libecpg6-9.1.5-0.2.1 libpq5-9.1.5-0.2.1 postgresql91-9.1.5-0.2.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libpq5-32bit-9.1.5-0.2.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): postgresql-init-9.1-0.6.10.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): libecpg6-9.1.5-0.2.1 libpq5-9.1.5-0.2.1 postgresql91-9.1.5-0.2.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): libpq5-32bit-9.1.5-0.2.1 - SUSE Linux Enterprise Desktop 11 SP1 (noarch): postgresql-init-9.1-0.6.10.1 References: https://bugzilla.novell.com/733660 https://bugzilla.novell.com/767505 https://bugzilla.novell.com/773771 https://bugzilla.novell.com/774616 https://bugzilla.novell.com/774617 https://bugzilla.novell.com/775096 https://bugzilla.novell.com/775399 https://bugzilla.novell.com/775402 https://bugzilla.novell.com/775630 https://bugzilla.novell.com/776523 https://bugzilla.novell.com/776524 http://download.novell.com/patch/finder/?keywords=ac25840a8918bf6d77582caa9631c479 From sle-updates at lists.suse.com Wed Aug 22 14:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 22 Aug 2012 22:08:31 +0200 (CEST) Subject: SUSE-RU-2012:1022-1: moderate: Recommended update for sysvinit Message-ID: <20120822200831.1C9383224A@maintenance.suse.de> SUSE Recommended Update: Recommended update for sysvinit ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1022-1 Rating: moderate References: #757643 #772055 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update to sysvinit increases the daemon detection time in startproc to give started processes enough time to detach from the controlling terminal and run in background. Additionally, the update fixes blogd to be more compatible with the new glibc internal threads API, avoiding warnings at boot time. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-sysvinit-6667 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-sysvinit-6667 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-sysvinit-6667 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): sysvinit-2.86-215.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): sysvinit-2.86-215.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): sysvinit-2.86-215.1 References: https://bugzilla.novell.com/757643 https://bugzilla.novell.com/772055 http://download.novell.com/patch/finder/?keywords=e2c32da92b0f100d5d6d66209c69023d From sle-updates at lists.suse.com Wed Aug 22 17:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 23 Aug 2012 01:08:33 +0200 (CEST) Subject: SUSE-RU-2012:1024-1: Recommended update for release-notes-SLES-for-VMware Message-ID: <20120822230833.2448132246@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-SLES-for-VMware ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1024-1 Rating: low References: #774588 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides the latest version of the Release Notes for SUSE Linux Enterprise Server 11 SP2. The changes in detail are: * New entry: PostgreSQL update (bnc#774588; fate#311794). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-release-notes-SLES-for-VMware-6703 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-release-notes-SLES-for-VMware-6703 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 11.2.0.40]: release-notes-SLES-for-VMware-11.2.0.40-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 11.2.0.40]: release-notes-sles-11.2.0.40-0.5.1 References: https://bugzilla.novell.com/774588 http://download.novell.com/patch/finder/?keywords=cd1eec77dfcc3af90f61cd945ef34361 From sle-updates at lists.suse.com Thu Aug 23 06:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 23 Aug 2012 14:08:30 +0200 (CEST) Subject: SUSE-RU-2012:1025-1: Recommended update for SUSE Manager Message-ID: <20120823120831.07AF132246@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1025-1 Rating: low References: #722443 #763015 #773108 #775999 #776326 Affected Products: SLE CLIENT TOOLS 10 for x86_64 SLE CLIENT TOOLS 10 for s390x SLE CLIENT TOOLS 10 for ia64 SLE CLIENT TOOLS 10 for PPC SLE CLIENT TOOLS 10 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: This update provides bugfixes and support for SUSE Manager 1.7. In addition, the following enhancements are provided: * submit IPv6 addresses to the SUSE Manager Server * read memory information also on Kernel 3.x systems * prevent "notifying clients" starvation Indications: Everbody should update. Package List: - SLE CLIENT TOOLS 10 for x86_64 (x86_64): koan-2.2.2-0.15.1 python-ethtool-0.7-0.7.1 python-simplejson-2.1.1-4.11.1 rhnlib-2.5.51.3-0.5.1 spacewalk-backend-libs-1.7.38.16-0.5.1 spacewalksd-4.9.15.2-0.5.1 suseRegisterInfo-1.7.1-0.7.1 - SLE CLIENT TOOLS 10 for x86_64 (noarch): osad-5.10.41.4-0.5.1 rhn-custom-info-5.4.14.1-0.7.4 rhncfg-5.10.27.6-0.5.4 rhncfg-actions-5.10.27.6-0.5.4 rhncfg-client-5.10.27.6-0.5.4 rhncfg-management-5.10.27.6-0.5.4 rhnmd-5.3.10.3-0.5.1 rhnpush-5.5.42.7-0.5.3 spacewalk-check-1.7.14.9-0.5.1 spacewalk-client-setup-1.7.14.9-0.5.1 spacewalk-client-tools-1.7.14.9-0.5.1 spacewalk-koan-1.7.1.2-0.7.2 spacewalk-remote-utils-1.7.1.3-0.5.2 - SLE CLIENT TOOLS 10 for s390x (noarch): osad-5.10.41.4-0.5.1 rhn-custom-info-5.4.14.1-0.7.4 rhncfg-5.10.27.6-0.5.4 rhncfg-actions-5.10.27.6-0.5.4 rhncfg-client-5.10.27.6-0.5.4 rhncfg-management-5.10.27.6-0.5.4 rhnmd-5.3.10.3-0.5.1 rhnpush-5.5.42.7-0.5.3 spacewalk-check-1.7.14.9-0.5.1 spacewalk-client-setup-1.7.14.9-0.5.1 spacewalk-client-tools-1.7.14.9-0.5.1 spacewalk-koan-1.7.1.2-0.7.2 spacewalk-remote-utils-1.7.1.3-0.5.2 - SLE CLIENT TOOLS 10 for s390x (s390x): koan-2.2.2-0.15.1 python-ethtool-0.7-0.7.1 python-simplejson-2.1.1-4.11.1 rhnlib-2.5.51.3-0.5.1 spacewalk-backend-libs-1.7.38.16-0.5.1 spacewalksd-4.9.15.2-0.5.1 suseRegisterInfo-1.7.1-0.7.1 - SLE CLIENT TOOLS 10 for ia64 (noarch): osad-5.10.41.4-0.5.1 rhn-custom-info-5.4.14.1-0.7.4 rhncfg-5.10.27.6-0.5.4 rhncfg-actions-5.10.27.6-0.5.4 rhncfg-client-5.10.27.6-0.5.4 rhncfg-management-5.10.27.6-0.5.4 rhnmd-5.3.10.3-0.5.1 rhnpush-5.5.42.7-0.5.3 spacewalk-check-1.7.14.9-0.5.1 spacewalk-client-setup-1.7.14.9-0.5.1 spacewalk-client-tools-1.7.14.9-0.5.1 spacewalk-koan-1.7.1.2-0.7.2 spacewalk-remote-utils-1.7.1.3-0.5.2 - SLE CLIENT TOOLS 10 for ia64 (ia64): koan-2.2.2-0.15.1 python-ethtool-0.7-0.7.1 python-simplejson-2.1.1-4.11.1 rhnlib-2.5.51.3-0.5.1 spacewalk-backend-libs-1.7.38.16-0.5.1 spacewalksd-4.9.15.2-0.5.1 suseRegisterInfo-1.7.1-0.7.1 - SLE CLIENT TOOLS 10 for PPC (noarch): osad-5.10.41.4-0.5.1 rhn-custom-info-5.4.14.1-0.7.4 rhncfg-5.10.27.6-0.5.4 rhncfg-actions-5.10.27.6-0.5.4 rhncfg-client-5.10.27.6-0.5.4 rhncfg-management-5.10.27.6-0.5.4 rhnmd-5.3.10.3-0.5.1 rhnpush-5.5.42.7-0.5.3 spacewalk-check-1.7.14.9-0.5.1 spacewalk-client-setup-1.7.14.9-0.5.1 spacewalk-client-tools-1.7.14.9-0.5.1 spacewalk-koan-1.7.1.2-0.7.2 spacewalk-remote-utils-1.7.1.3-0.5.2 - SLE CLIENT TOOLS 10 for PPC (ppc): koan-2.2.2-0.15.1 python-ethtool-0.7-0.7.1 python-simplejson-2.1.1-4.11.1 rhnlib-2.5.51.3-0.5.1 spacewalk-backend-libs-1.7.38.16-0.5.1 spacewalksd-4.9.15.2-0.5.1 suseRegisterInfo-1.7.1-0.7.1 - SLE CLIENT TOOLS 10 (noarch): osad-5.10.41.4-0.5.1 rhn-custom-info-5.4.14.1-0.7.4 rhncfg-5.10.27.6-0.5.4 rhncfg-actions-5.10.27.6-0.5.4 rhncfg-client-5.10.27.6-0.5.4 rhncfg-management-5.10.27.6-0.5.4 rhnmd-5.3.10.3-0.5.1 rhnpush-5.5.42.7-0.5.3 spacewalk-check-1.7.14.9-0.5.1 spacewalk-client-setup-1.7.14.9-0.5.1 spacewalk-client-tools-1.7.14.9-0.5.1 spacewalk-koan-1.7.1.2-0.7.2 spacewalk-remote-utils-1.7.1.3-0.5.2 - SLE CLIENT TOOLS 10 (i586): koan-2.2.2-0.15.1 python-ethtool-0.7-0.7.1 python-simplejson-2.1.1-4.11.1 rhnlib-2.5.51.3-0.5.1 spacewalk-backend-libs-1.7.38.16-0.5.1 spacewalksd-4.9.15.2-0.5.1 suseRegisterInfo-1.7.1-0.7.1 References: https://bugzilla.novell.com/722443 https://bugzilla.novell.com/763015 https://bugzilla.novell.com/773108 https://bugzilla.novell.com/775999 https://bugzilla.novell.com/776326 http://download.novell.com/patch/finder/?keywords=33a0a438a6b43c0614a5b5148f642b8b From sle-updates at lists.suse.com Thu Aug 23 06:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 23 Aug 2012 14:08:33 +0200 (CEST) Subject: SUSE-OU-2012:1026-1: Optional update for SUSE Manager Message-ID: <20120823120833.757CF3224E@maintenance.suse.de> SUSE Optional Update: Optional update for SUSE Manager ______________________________________________________________________________ Announcement ID: SUSE-OU-2012:1026-1 Rating: low References: #768176 #776326 Affected Products: SUSE Manager Client Tools for SLE 11 SP2 ______________________________________________________________________________ An update that has two optional fixes can now be installed. Description: This update provides the initial Client Tools for use with SUSE Manager Server 1.7. Indications: Every SUSE Manager administrator might find these packages useful. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Client Tools for SLE 11 SP2: zypper in -t patch slesctsp2-client-tools-11-sp2-6688 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Client Tools for SLE 11 SP2 (i586 ia64 ppc64 s390x x86_64): koan-2.2.2-0.23.16 libnewt0_52-0.52.10-1.35.113 libopenscap1-0.8.4-0.7.1 newt-0.52.10-1.35.113 openscap-0.8.4-0.7.1 openscap-content-0.8.4-0.7.1 openscap-utils-0.8.4-0.7.1 python-dmidecode-3.10.11-0.8.43 python-jabberpy-0.5-0.9.24 python-newt-0.52.10-1.35.113 python-simplejson-2.1.1-1.8.67 rhnlib-2.5.51.3-0.7.1 spacewalk-backend-libs-1.7.38.16-0.7.1 spacewalksd-4.9.15.2-0.7.10 suseRegisterInfo-1.7.1-0.7.1 zypp-plugin-spacewalk-0.6-0.5.24 - SUSE Manager Client Tools for SLE 11 SP2 (noarch): osad-5.10.41.4-0.7.10 rhn-custom-info-5.4.14.1-0.7.12 rhn-virtualization-common-5.4.34.9-0.7.1 rhn-virtualization-host-5.4.34.9-0.7.1 rhncfg-5.10.27.6-0.7.1 rhncfg-actions-5.10.27.6-0.7.1 rhncfg-client-5.10.27.6-0.7.1 rhncfg-management-5.10.27.6-0.7.1 rhnmd-5.3.10.3-0.7.1 rhnpush-5.5.42.7-0.7.1 spacewalk-check-1.7.14.9-0.7.1 spacewalk-client-setup-1.7.14.9-0.7.1 spacewalk-client-tools-1.7.14.9-0.7.1 spacewalk-koan-1.7.1.2-0.7.13 spacewalk-oscap-0.0.4.6-0.7.1 spacewalk-remote-utils-1.7.1.2-0.7.13 References: https://bugzilla.novell.com/768176 https://bugzilla.novell.com/776326 http://download.novell.com/patch/finder/?keywords=e87dc819f5dae18d68a83efa602e73a3 From sle-updates at lists.suse.com Thu Aug 23 08:08:22 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 23 Aug 2012 16:08:22 +0200 (CEST) Subject: SUSE-SU-2012:1027-1: important: Security update for gimp Message-ID: <20120823140822.C38DB32249@maintenance.suse.de> SUSE Security Update: Security update for gimp ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1027-1 Rating: important References: #775429 Cross-References: CVE-2012-3403 Affected Products: SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update of The Gimp fixes a heap overflow that could have been exploited by attackers to cause a Denial of Service (application crash) or even to potentially execute arbitrary code (CVE-2012-3402). Security Issue reference: * CVE-2012-3403 Package List: - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): gimp-2.2.10-22.44.1 gimp-devel-2.2.10-22.44.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): gimp-2.2.10-22.44.1 gimp-devel-2.2.10-22.44.1 References: http://support.novell.com/security/cve/CVE-2012-3403.html https://bugzilla.novell.com/775429 http://download.novell.com/patch/finder/?keywords=5d18ef4dd81fda3effcb7cb85c6ef536 From sle-updates at lists.suse.com Thu Aug 23 08:08:25 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 23 Aug 2012 16:08:25 +0200 (CEST) Subject: SUSE-OU-2012:1028-1: Optional update for novell-NLDAPbase-dyn-32bit and novell-lum-32bit Message-ID: <20120823140825.97B6032249@maintenance.suse.de> SUSE Optional Update: Optional update for novell-NLDAPbase-dyn-32bit and novell-lum-32bit ______________________________________________________________________________ Announcement ID: SUSE-OU-2012:1028-1 Rating: low References: #767433 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: If you are running some 32bit applications with a LUM enabled user you can get problems without the libraries provided by novell-lum-32bit and novell-NLDAPbase-dyn-32bit. It's recommended to install them in such scenarios. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-novell-NLDAPbase-dyn-32bit-6487 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-novell-NLDAPbase-dyn-32bit-6487 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): novell-NLDAPbase-dyn-32bit-3.4.1-106.16 novell-lum-32bit-2.2.0.16-92.21.27 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): novell-NLDAPbase-dyn-32bit-3.4.1-106.16 novell-lum-32bit-2.2.0.16-92.21.27 References: https://bugzilla.novell.com/767433 http://download.novell.com/patch/finder/?keywords=c92eb0a164d3de569d6c51ebfa3891ff From sle-updates at lists.suse.com Thu Aug 23 08:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 23 Aug 2012 16:08:27 +0200 (CEST) Subject: SUSE-SU-2012:1029-1: important: Security update for gimp Message-ID: <20120823140827.6A3B93224A@maintenance.suse.de> SUSE Security Update: Security update for gimp ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1029-1 Rating: important References: #775433 Cross-References: CVE-2012-3403 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update of The Gimp fixes a heap overflow that could have been exploited by attackers to cause a Denial of Service (application crash) or even to potentially execute arbitrary code (CVE-2012-3403). Security Issue reference: * CVE-2012-3403 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-gimp-6683 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-gimp-6683 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-gimp-6683 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-gimp-6683 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): gimp-2.6.2-3.34.37.1 gimp-devel-2.6.2-3.34.37.1 gimp-lang-2.6.2-3.34.37.1 gimp-plugins-python-2.6.2-3.34.37.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): gimp-2.6.2-3.34.37.1 gimp-devel-2.6.2-3.34.37.1 gimp-lang-2.6.2-3.34.37.1 gimp-plugins-python-2.6.2-3.34.37.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): gimp-2.6.2-3.34.37.1 gimp-lang-2.6.2-3.34.37.1 gimp-plugins-python-2.6.2-3.34.37.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): gimp-2.6.2-3.34.37.1 gimp-lang-2.6.2-3.34.37.1 gimp-plugins-python-2.6.2-3.34.37.1 References: http://support.novell.com/security/cve/CVE-2012-3403.html https://bugzilla.novell.com/775433 http://download.novell.com/patch/finder/?keywords=ca4c519bd6348192da66901f8d815893 From sle-updates at lists.suse.com Thu Aug 23 09:08:37 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 23 Aug 2012 17:08:37 +0200 (CEST) Subject: SUSE-RU-2012:1030-1: Recommended update for SUSE Linux Enterprise Real Time 11 SP1 Message-ID: <20120823150837.864C732241@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Linux Enterprise Real Time 11 SP1 ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1030-1 Rating: low References: #766834 Affected Products: SUSE Linux Enterprise Real Time 11 SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update prepares the system for a System Upgrade to SUSE Linux Enterprise Real Time 11 SP2. Please follow the technical instruction document for the information on how to upgrade your system: http://www.novell.com/support/documentLink.do?externalID=701 0200 Indications: This provides enablement of an upgrade to Real Time 11 SP2. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Real Time 11 SP1: zypper in -t patch slertesp1-SLERT-SP2-Migration-6426 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Real Time 11 SP1 (x86_64): SUSE-Linux-Enterprise-RT-SP2-migration-11.1-1.2 SUSE-Linux-Enterprise-RT-release-11.1-1.4 SUSE-Linux-Enterprise-RT-release-cd-11.1-1.4 References: https://bugzilla.novell.com/766834 http://download.novell.com/patch/finder/?keywords=1f2370ea8d1a9670702412886038d6b7 From sle-updates at lists.suse.com Thu Aug 23 09:08:39 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 23 Aug 2012 17:08:39 +0200 (CEST) Subject: SUSE-RU-2012:1031-1: Recommended update for SUSE Manager Server 1.7 Message-ID: <20120823150839.171513224A@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Manager Server 1.7 ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1031-1 Rating: low References: #768176 Affected Products: SUSE Manager 1.2 for SLE 11 SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update enables SUSE Manager Server 1.2 to online migrate to SUSE Manager Server 1.7. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager 1.2 for SLE 11 SP1: zypper in -t patch sleman12sp1-suse-manager-server-1_7-migration-release-6526 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager 1.2 for SLE 11 SP1 (x86_64): SUSE-Manager-Server-1_7-migration-1.2-1.1 suse-manager-server-release-1.2-1.10 References: https://bugzilla.novell.com/768176 http://download.novell.com/patch/finder/?keywords=141543f8328d085cbfd7acb04dd3c481 From sle-updates at lists.suse.com Thu Aug 23 13:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 23 Aug 2012 21:08:34 +0200 (CEST) Subject: SUSE-RU-2012:1032-1: Recommended update for GDM Message-ID: <20120823190834.F141332249@maintenance.suse.de> SUSE Recommended Update: Recommended update for GDM ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1032-1 Rating: low References: #751325 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to Gnome Display Manager (gdm) resolves a problem in the way Xauth cookies are handled internally by the application. In some specific circumstances, this problem could cause the session to be restarted immediately after the user logged in. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-gdm-6701 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-gdm-6701 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-gdm-6701 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-gdm-6701 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-gdm-6701 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): gdm-2.24.0-24.85.1 gdm-branding-upstream-2.24.0-24.85.1 gdm-lang-2.24.0-24.85.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): gdm-2.24.0-24.85.1 gdm-branding-upstream-2.24.0-24.85.1 gdm-lang-2.24.0-24.85.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): gdm-2.24.0-24.85.1 gdm-branding-upstream-2.24.0-24.85.1 gdm-lang-2.24.0-24.85.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): gdm-2.24.0-24.85.1 gdm-branding-upstream-2.24.0-24.85.1 gdm-lang-2.24.0-24.85.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): gdm-2.24.0-24.85.1 gdm-branding-upstream-2.24.0-24.85.1 gdm-lang-2.24.0-24.85.1 References: https://bugzilla.novell.com/751325 http://download.novell.com/patch/finder/?keywords=070ef5a5ba15377d2c84d4e3899d4d99 From sle-updates at lists.suse.com Fri Aug 24 01:08:26 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 24 Aug 2012 09:08:26 +0200 (CEST) Subject: SUSE-SU-2012:1033-1: important: Security update for PHP5 Message-ID: <20120824070826.6D11232249@maintenance.suse.de> SUSE Security Update: Security update for PHP5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1033-1 Rating: important References: #769785 #772580 #772582 Cross-References: CVE-2012-2688 CVE-2012-3365 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: Three security bugs have been fixed in PHP5. * CVE-2012-2688: php5: potential overflow in _php_stream_scandir * CVE-2012-3365: open_basedir bypass via SQLite extension * CVE-2012-3450: An out of band read sql denial of service has been fixed (bnc#769785) Security Issue reference: * CVE-2012-2688 * CVE-2012-3365 * CVE-2012-3450 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-apache2-mod_php53-6634 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-apache2-mod_php53-6634 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-apache2-mod_php53-6634 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): php53-devel-5.3.8-0.35.1 php53-imap-5.3.8-0.35.1 php53-posix-5.3.8-0.35.1 php53-readline-5.3.8-0.35.1 php53-sockets-5.3.8-0.35.1 php53-sqlite-5.3.8-0.35.1 php53-tidy-5.3.8-0.35.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): apache2-mod_php53-5.3.8-0.35.1 php53-5.3.8-0.35.1 php53-bcmath-5.3.8-0.35.1 php53-bz2-5.3.8-0.35.1 php53-calendar-5.3.8-0.35.1 php53-ctype-5.3.8-0.35.1 php53-curl-5.3.8-0.35.1 php53-dba-5.3.8-0.35.1 php53-dom-5.3.8-0.35.1 php53-exif-5.3.8-0.35.1 php53-fastcgi-5.3.8-0.35.1 php53-fileinfo-5.3.8-0.35.1 php53-ftp-5.3.8-0.35.1 php53-gd-5.3.8-0.35.1 php53-gettext-5.3.8-0.35.1 php53-gmp-5.3.8-0.35.1 php53-iconv-5.3.8-0.35.1 php53-intl-5.3.8-0.35.1 php53-json-5.3.8-0.35.1 php53-ldap-5.3.8-0.35.1 php53-mbstring-5.3.8-0.35.1 php53-mcrypt-5.3.8-0.35.1 php53-mysql-5.3.8-0.35.1 php53-odbc-5.3.8-0.35.1 php53-openssl-5.3.8-0.35.1 php53-pcntl-5.3.8-0.35.1 php53-pdo-5.3.8-0.35.1 php53-pear-5.3.8-0.35.1 php53-pgsql-5.3.8-0.35.1 php53-pspell-5.3.8-0.35.1 php53-shmop-5.3.8-0.35.1 php53-snmp-5.3.8-0.35.1 php53-soap-5.3.8-0.35.1 php53-suhosin-5.3.8-0.35.1 php53-sysvmsg-5.3.8-0.35.1 php53-sysvsem-5.3.8-0.35.1 php53-sysvshm-5.3.8-0.35.1 php53-tokenizer-5.3.8-0.35.1 php53-wddx-5.3.8-0.35.1 php53-xmlreader-5.3.8-0.35.1 php53-xmlrpc-5.3.8-0.35.1 php53-xmlwriter-5.3.8-0.35.1 php53-xsl-5.3.8-0.35.1 php53-zip-5.3.8-0.35.1 php53-zlib-5.3.8-0.35.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): apache2-mod_php53-5.3.8-0.35.1 php53-5.3.8-0.35.1 php53-bcmath-5.3.8-0.35.1 php53-bz2-5.3.8-0.35.1 php53-calendar-5.3.8-0.35.1 php53-ctype-5.3.8-0.35.1 php53-curl-5.3.8-0.35.1 php53-dba-5.3.8-0.35.1 php53-dom-5.3.8-0.35.1 php53-exif-5.3.8-0.35.1 php53-fastcgi-5.3.8-0.35.1 php53-fileinfo-5.3.8-0.35.1 php53-ftp-5.3.8-0.35.1 php53-gd-5.3.8-0.35.1 php53-gettext-5.3.8-0.35.1 php53-gmp-5.3.8-0.35.1 php53-iconv-5.3.8-0.35.1 php53-intl-5.3.8-0.35.1 php53-json-5.3.8-0.35.1 php53-ldap-5.3.8-0.35.1 php53-mbstring-5.3.8-0.35.1 php53-mcrypt-5.3.8-0.35.1 php53-mysql-5.3.8-0.35.1 php53-odbc-5.3.8-0.35.1 php53-openssl-5.3.8-0.35.1 php53-pcntl-5.3.8-0.35.1 php53-pdo-5.3.8-0.35.1 php53-pear-5.3.8-0.35.1 php53-pgsql-5.3.8-0.35.1 php53-pspell-5.3.8-0.35.1 php53-shmop-5.3.8-0.35.1 php53-snmp-5.3.8-0.35.1 php53-soap-5.3.8-0.35.1 php53-suhosin-5.3.8-0.35.1 php53-sysvmsg-5.3.8-0.35.1 php53-sysvsem-5.3.8-0.35.1 php53-sysvshm-5.3.8-0.35.1 php53-tokenizer-5.3.8-0.35.1 php53-wddx-5.3.8-0.35.1 php53-xmlreader-5.3.8-0.35.1 php53-xmlrpc-5.3.8-0.35.1 php53-xmlwriter-5.3.8-0.35.1 php53-xsl-5.3.8-0.35.1 php53-zip-5.3.8-0.35.1 php53-zlib-5.3.8-0.35.1 References: http://support.novell.com/security/cve/CVE-2012-2688.html http://support.novell.com/security/cve/CVE-2012-3365.html https://bugzilla.novell.com/769785 https://bugzilla.novell.com/772580 https://bugzilla.novell.com/772582 http://download.novell.com/patch/finder/?keywords=420b5b682c991063fad653127ae5b257 From sle-updates at lists.suse.com Fri Aug 24 06:08:27 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 24 Aug 2012 14:08:27 +0200 (CEST) Subject: SUSE-SU-2012:1034-1: important: Security update for php5 Message-ID: <20120824120827.B461F32246@maintenance.suse.de> SUSE Security Update: Security update for php5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1034-1 Rating: important References: #772580 #772582 Cross-References: CVE-2012-2688 CVE-2012-3365 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. It includes one version update. Description: This update fixes two security issues of PHP5: * Potential overflow in _php_stream_scandir. (CVE-2012-2688 ) * open_basedir bypass via SQLite extension. (CVE-2012-3365 ) Indications: Everyone using PHP5 should update.. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-apache2-mod_php5-6627 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-apache2-mod_php5-6627 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-apache2-mod_php5-6627 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-apache2-mod_php5-6627 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-apache2-mod_php5-6627 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 5.2.14]: php5-devel-5.2.14-0.7.30.42.1 php5-imap-5.2.14-0.7.30.42.1 php5-ncurses-5.2.14-0.7.30.42.1 php5-posix-5.2.14-0.7.30.42.1 php5-readline-5.2.14-0.7.30.42.1 php5-sockets-5.2.14-0.7.30.42.1 php5-sqlite-5.2.14-0.7.30.42.1 php5-tidy-5.2.14-0.7.30.42.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 5.2.14]: apache2-mod_php5-5.2.14-0.7.30.42.1 php5-5.2.14-0.7.30.42.1 php5-bcmath-5.2.14-0.7.30.42.1 php5-bz2-5.2.14-0.7.30.42.1 php5-calendar-5.2.14-0.7.30.42.1 php5-ctype-5.2.14-0.7.30.42.1 php5-curl-5.2.14-0.7.30.42.1 php5-dba-5.2.14-0.7.30.42.1 php5-dbase-5.2.14-0.7.30.42.1 php5-dom-5.2.14-0.7.30.42.1 php5-exif-5.2.14-0.7.30.42.1 php5-fastcgi-5.2.14-0.7.30.42.1 php5-ftp-5.2.14-0.7.30.42.1 php5-gd-5.2.14-0.7.30.42.1 php5-gettext-5.2.14-0.7.30.42.1 php5-gmp-5.2.14-0.7.30.42.1 php5-hash-5.2.14-0.7.30.42.1 php5-iconv-5.2.14-0.7.30.42.1 php5-json-5.2.14-0.7.30.42.1 php5-ldap-5.2.14-0.7.30.42.1 php5-mbstring-5.2.14-0.7.30.42.1 php5-mcrypt-5.2.14-0.7.30.42.1 php5-mysql-5.2.14-0.7.30.42.1 php5-odbc-5.2.14-0.7.30.42.1 php5-openssl-5.2.14-0.7.30.42.1 php5-pcntl-5.2.14-0.7.30.42.1 php5-pdo-5.2.14-0.7.30.42.1 php5-pear-5.2.14-0.7.30.42.1 php5-pgsql-5.2.14-0.7.30.42.1 php5-pspell-5.2.14-0.7.30.42.1 php5-shmop-5.2.14-0.7.30.42.1 php5-snmp-5.2.14-0.7.30.42.1 php5-soap-5.2.14-0.7.30.42.1 php5-suhosin-5.2.14-0.7.30.42.1 php5-sysvmsg-5.2.14-0.7.30.42.1 php5-sysvsem-5.2.14-0.7.30.42.1 php5-sysvshm-5.2.14-0.7.30.42.1 php5-tokenizer-5.2.14-0.7.30.42.1 php5-wddx-5.2.14-0.7.30.42.1 php5-xmlreader-5.2.14-0.7.30.42.1 php5-xmlrpc-5.2.14-0.7.30.42.1 php5-xmlwriter-5.2.14-0.7.30.42.1 php5-xsl-5.2.14-0.7.30.42.1 php5-zip-5.2.14-0.7.30.42.1 php5-zlib-5.2.14-0.7.30.42.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 5.2.14]: php5-devel-5.2.14-0.7.30.42.1 php5-imap-5.2.14-0.7.30.42.1 php5-ncurses-5.2.14-0.7.30.42.1 php5-posix-5.2.14-0.7.30.42.1 php5-readline-5.2.14-0.7.30.42.1 php5-sockets-5.2.14-0.7.30.42.1 php5-sqlite-5.2.14-0.7.30.42.1 php5-tidy-5.2.14-0.7.30.42.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64) [New Version: 5.2.14]: apache2-mod_php5-5.2.14-0.7.30.42.1 php5-5.2.14-0.7.30.42.1 php5-bcmath-5.2.14-0.7.30.42.1 php5-bz2-5.2.14-0.7.30.42.1 php5-calendar-5.2.14-0.7.30.42.1 php5-ctype-5.2.14-0.7.30.42.1 php5-curl-5.2.14-0.7.30.42.1 php5-dba-5.2.14-0.7.30.42.1 php5-dbase-5.2.14-0.7.30.42.1 php5-dom-5.2.14-0.7.30.42.1 php5-exif-5.2.14-0.7.30.42.1 php5-fastcgi-5.2.14-0.7.30.42.1 php5-ftp-5.2.14-0.7.30.42.1 php5-gd-5.2.14-0.7.30.42.1 php5-gettext-5.2.14-0.7.30.42.1 php5-gmp-5.2.14-0.7.30.42.1 php5-hash-5.2.14-0.7.30.42.1 php5-iconv-5.2.14-0.7.30.42.1 php5-json-5.2.14-0.7.30.42.1 php5-ldap-5.2.14-0.7.30.42.1 php5-mbstring-5.2.14-0.7.30.42.1 php5-mcrypt-5.2.14-0.7.30.42.1 php5-mysql-5.2.14-0.7.30.42.1 php5-odbc-5.2.14-0.7.30.42.1 php5-openssl-5.2.14-0.7.30.42.1 php5-pcntl-5.2.14-0.7.30.42.1 php5-pdo-5.2.14-0.7.30.42.1 php5-pear-5.2.14-0.7.30.42.1 php5-pgsql-5.2.14-0.7.30.42.1 php5-pspell-5.2.14-0.7.30.42.1 php5-shmop-5.2.14-0.7.30.42.1 php5-snmp-5.2.14-0.7.30.42.1 php5-soap-5.2.14-0.7.30.42.1 php5-suhosin-5.2.14-0.7.30.42.1 php5-sysvmsg-5.2.14-0.7.30.42.1 php5-sysvsem-5.2.14-0.7.30.42.1 php5-sysvshm-5.2.14-0.7.30.42.1 php5-tokenizer-5.2.14-0.7.30.42.1 php5-wddx-5.2.14-0.7.30.42.1 php5-xmlreader-5.2.14-0.7.30.42.1 php5-xmlrpc-5.2.14-0.7.30.42.1 php5-xmlwriter-5.2.14-0.7.30.42.1 php5-xsl-5.2.14-0.7.30.42.1 php5-zip-5.2.14-0.7.30.42.1 php5-zlib-5.2.14-0.7.30.42.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 5.2.14]: apache2-mod_php5-5.2.14-0.7.30.42.1 php5-5.2.14-0.7.30.42.1 php5-bcmath-5.2.14-0.7.30.42.1 php5-bz2-5.2.14-0.7.30.42.1 php5-calendar-5.2.14-0.7.30.42.1 php5-ctype-5.2.14-0.7.30.42.1 php5-curl-5.2.14-0.7.30.42.1 php5-dba-5.2.14-0.7.30.42.1 php5-dbase-5.2.14-0.7.30.42.1 php5-dom-5.2.14-0.7.30.42.1 php5-exif-5.2.14-0.7.30.42.1 php5-fastcgi-5.2.14-0.7.30.42.1 php5-ftp-5.2.14-0.7.30.42.1 php5-gd-5.2.14-0.7.30.42.1 php5-gettext-5.2.14-0.7.30.42.1 php5-gmp-5.2.14-0.7.30.42.1 php5-hash-5.2.14-0.7.30.42.1 php5-iconv-5.2.14-0.7.30.42.1 php5-json-5.2.14-0.7.30.42.1 php5-ldap-5.2.14-0.7.30.42.1 php5-mbstring-5.2.14-0.7.30.42.1 php5-mcrypt-5.2.14-0.7.30.42.1 php5-mysql-5.2.14-0.7.30.42.1 php5-odbc-5.2.14-0.7.30.42.1 php5-openssl-5.2.14-0.7.30.42.1 php5-pcntl-5.2.14-0.7.30.42.1 php5-pdo-5.2.14-0.7.30.42.1 php5-pear-5.2.14-0.7.30.42.1 php5-pgsql-5.2.14-0.7.30.42.1 php5-pspell-5.2.14-0.7.30.42.1 php5-shmop-5.2.14-0.7.30.42.1 php5-snmp-5.2.14-0.7.30.42.1 php5-soap-5.2.14-0.7.30.42.1 php5-suhosin-5.2.14-0.7.30.42.1 php5-sysvmsg-5.2.14-0.7.30.42.1 php5-sysvsem-5.2.14-0.7.30.42.1 php5-sysvshm-5.2.14-0.7.30.42.1 php5-tokenizer-5.2.14-0.7.30.42.1 php5-wddx-5.2.14-0.7.30.42.1 php5-xmlreader-5.2.14-0.7.30.42.1 php5-xmlrpc-5.2.14-0.7.30.42.1 php5-xmlwriter-5.2.14-0.7.30.42.1 php5-xsl-5.2.14-0.7.30.42.1 php5-zip-5.2.14-0.7.30.42.1 php5-zlib-5.2.14-0.7.30.42.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 5.2.14]: apache2-mod_php5-5.2.14-0.7.30.42.1 php5-5.2.14-0.7.30.42.1 php5-bcmath-5.2.14-0.7.30.42.1 php5-bz2-5.2.14-0.7.30.42.1 php5-calendar-5.2.14-0.7.30.42.1 php5-ctype-5.2.14-0.7.30.42.1 php5-curl-5.2.14-0.7.30.42.1 php5-dba-5.2.14-0.7.30.42.1 php5-dbase-5.2.14-0.7.30.42.1 php5-dom-5.2.14-0.7.30.42.1 php5-exif-5.2.14-0.7.30.42.1 php5-fastcgi-5.2.14-0.7.30.42.1 php5-ftp-5.2.14-0.7.30.42.1 php5-gd-5.2.14-0.7.30.42.1 php5-gettext-5.2.14-0.7.30.42.1 php5-gmp-5.2.14-0.7.30.42.1 php5-hash-5.2.14-0.7.30.42.1 php5-iconv-5.2.14-0.7.30.42.1 php5-json-5.2.14-0.7.30.42.1 php5-ldap-5.2.14-0.7.30.42.1 php5-mbstring-5.2.14-0.7.30.42.1 php5-mcrypt-5.2.14-0.7.30.42.1 php5-mysql-5.2.14-0.7.30.42.1 php5-odbc-5.2.14-0.7.30.42.1 php5-openssl-5.2.14-0.7.30.42.1 php5-pcntl-5.2.14-0.7.30.42.1 php5-pdo-5.2.14-0.7.30.42.1 php5-pear-5.2.14-0.7.30.42.1 php5-pgsql-5.2.14-0.7.30.42.1 php5-pspell-5.2.14-0.7.30.42.1 php5-shmop-5.2.14-0.7.30.42.1 php5-snmp-5.2.14-0.7.30.42.1 php5-soap-5.2.14-0.7.30.42.1 php5-suhosin-5.2.14-0.7.30.42.1 php5-sysvmsg-5.2.14-0.7.30.42.1 php5-sysvsem-5.2.14-0.7.30.42.1 php5-sysvshm-5.2.14-0.7.30.42.1 php5-tokenizer-5.2.14-0.7.30.42.1 php5-wddx-5.2.14-0.7.30.42.1 php5-xmlreader-5.2.14-0.7.30.42.1 php5-xmlrpc-5.2.14-0.7.30.42.1 php5-xmlwriter-5.2.14-0.7.30.42.1 php5-xsl-5.2.14-0.7.30.42.1 php5-zip-5.2.14-0.7.30.42.1 php5-zlib-5.2.14-0.7.30.42.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 5.2.14]: apache2-mod_php5-5.2.14-0.7.30.42.1 php5-5.2.14-0.7.30.42.1 php5-bcmath-5.2.14-0.7.30.42.1 php5-bz2-5.2.14-0.7.30.42.1 php5-calendar-5.2.14-0.7.30.42.1 php5-ctype-5.2.14-0.7.30.42.1 php5-curl-5.2.14-0.7.30.42.1 php5-dba-5.2.14-0.7.30.42.1 php5-dbase-5.2.14-0.7.30.42.1 php5-dom-5.2.14-0.7.30.42.1 php5-exif-5.2.14-0.7.30.42.1 php5-fastcgi-5.2.14-0.7.30.42.1 php5-ftp-5.2.14-0.7.30.42.1 php5-gd-5.2.14-0.7.30.42.1 php5-gettext-5.2.14-0.7.30.42.1 php5-gmp-5.2.14-0.7.30.42.1 php5-hash-5.2.14-0.7.30.42.1 php5-iconv-5.2.14-0.7.30.42.1 php5-json-5.2.14-0.7.30.42.1 php5-ldap-5.2.14-0.7.30.42.1 php5-mbstring-5.2.14-0.7.30.42.1 php5-mcrypt-5.2.14-0.7.30.42.1 php5-mysql-5.2.14-0.7.30.42.1 php5-odbc-5.2.14-0.7.30.42.1 php5-openssl-5.2.14-0.7.30.42.1 php5-pcntl-5.2.14-0.7.30.42.1 php5-pdo-5.2.14-0.7.30.42.1 php5-pear-5.2.14-0.7.30.42.1 php5-pgsql-5.2.14-0.7.30.42.1 php5-pspell-5.2.14-0.7.30.42.1 php5-shmop-5.2.14-0.7.30.42.1 php5-snmp-5.2.14-0.7.30.42.1 php5-soap-5.2.14-0.7.30.42.1 php5-suhosin-5.2.14-0.7.30.42.1 php5-sysvmsg-5.2.14-0.7.30.42.1 php5-sysvsem-5.2.14-0.7.30.42.1 php5-sysvshm-5.2.14-0.7.30.42.1 php5-tokenizer-5.2.14-0.7.30.42.1 php5-wddx-5.2.14-0.7.30.42.1 php5-xmlreader-5.2.14-0.7.30.42.1 php5-xmlrpc-5.2.14-0.7.30.42.1 php5-xmlwriter-5.2.14-0.7.30.42.1 php5-xsl-5.2.14-0.7.30.42.1 php5-zip-5.2.14-0.7.30.42.1 php5-zlib-5.2.14-0.7.30.42.1 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): apache2-mod_php5-5.2.14-0.36.1 php5-5.2.14-0.36.1 php5-bcmath-5.2.14-0.36.1 php5-bz2-5.2.14-0.36.1 php5-calendar-5.2.14-0.36.1 php5-ctype-5.2.14-0.36.1 php5-curl-5.2.14-0.36.1 php5-dba-5.2.14-0.36.1 php5-dbase-5.2.14-0.36.1 php5-devel-5.2.14-0.36.1 php5-dom-5.2.14-0.36.1 php5-exif-5.2.14-0.36.1 php5-fastcgi-5.2.14-0.36.1 php5-ftp-5.2.14-0.36.1 php5-gd-5.2.14-0.36.1 php5-gettext-5.2.14-0.36.1 php5-gmp-5.2.14-0.36.1 php5-hash-5.2.14-0.36.1 php5-iconv-5.2.14-0.36.1 php5-imap-5.2.14-0.36.1 php5-json-5.2.14-0.36.1 php5-ldap-5.2.14-0.36.1 php5-mbstring-5.2.14-0.36.1 php5-mcrypt-5.2.14-0.36.1 php5-mhash-5.2.14-0.36.1 php5-mysql-5.2.14-0.36.1 php5-ncurses-5.2.14-0.36.1 php5-odbc-5.2.14-0.36.1 php5-openssl-5.2.14-0.36.1 php5-pcntl-5.2.14-0.36.1 php5-pdo-5.2.14-0.36.1 php5-pear-5.2.14-0.36.1 php5-pgsql-5.2.14-0.36.1 php5-posix-5.2.14-0.36.1 php5-pspell-5.2.14-0.36.1 php5-shmop-5.2.14-0.36.1 php5-snmp-5.2.14-0.36.1 php5-soap-5.2.14-0.36.1 php5-sockets-5.2.14-0.36.1 php5-sqlite-5.2.14-0.36.1 php5-suhosin-5.2.14-0.36.1 php5-sysvmsg-5.2.14-0.36.1 php5-sysvsem-5.2.14-0.36.1 php5-sysvshm-5.2.14-0.36.1 php5-tokenizer-5.2.14-0.36.1 php5-wddx-5.2.14-0.36.1 php5-xmlreader-5.2.14-0.36.1 php5-xmlrpc-5.2.14-0.36.1 php5-xsl-5.2.14-0.36.1 php5-zlib-5.2.14-0.36.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): apache2-mod_php5-5.2.14-0.36.1 php5-5.2.14-0.36.1 php5-bcmath-5.2.14-0.36.1 php5-bz2-5.2.14-0.36.1 php5-calendar-5.2.14-0.36.1 php5-ctype-5.2.14-0.36.1 php5-curl-5.2.14-0.36.1 php5-dba-5.2.14-0.36.1 php5-dbase-5.2.14-0.36.1 php5-devel-5.2.14-0.36.1 php5-dom-5.2.14-0.36.1 php5-exif-5.2.14-0.36.1 php5-fastcgi-5.2.14-0.36.1 php5-ftp-5.2.14-0.36.1 php5-gd-5.2.14-0.36.1 php5-gettext-5.2.14-0.36.1 php5-gmp-5.2.14-0.36.1 php5-hash-5.2.14-0.36.1 php5-iconv-5.2.14-0.36.1 php5-imap-5.2.14-0.36.1 php5-ldap-5.2.14-0.36.1 php5-mbstring-5.2.14-0.36.1 php5-mcrypt-5.2.14-0.36.1 php5-mhash-5.2.14-0.36.1 php5-mysql-5.2.14-0.36.1 php5-ncurses-5.2.14-0.36.1 php5-odbc-5.2.14-0.36.1 php5-openssl-5.2.14-0.36.1 php5-pcntl-5.2.14-0.36.1 php5-pdo-5.2.14-0.36.1 php5-pear-5.2.14-0.36.1 php5-pgsql-5.2.14-0.36.1 php5-posix-5.2.14-0.36.1 php5-pspell-5.2.14-0.36.1 php5-shmop-5.2.14-0.36.1 php5-snmp-5.2.14-0.36.1 php5-soap-5.2.14-0.36.1 php5-sockets-5.2.14-0.36.1 php5-sqlite-5.2.14-0.36.1 php5-suhosin-5.2.14-0.36.1 php5-sysvmsg-5.2.14-0.36.1 php5-sysvsem-5.2.14-0.36.1 php5-sysvshm-5.2.14-0.36.1 php5-tidy-5.2.14-0.36.1 php5-tokenizer-5.2.14-0.36.1 php5-wddx-5.2.14-0.36.1 php5-xmlreader-5.2.14-0.36.1 php5-xmlrpc-5.2.14-0.36.1 php5-xsl-5.2.14-0.36.1 php5-zlib-5.2.14-0.36.1 References: http://support.novell.com/security/cve/CVE-2012-2688.html http://support.novell.com/security/cve/CVE-2012-3365.html https://bugzilla.novell.com/772580 https://bugzilla.novell.com/772582 http://download.novell.com/patch/finder/?keywords=f1cb3933c34c88daac7ac39335eb91e7 http://download.novell.com/patch/finder/?keywords=fc638212971731cdbc6514110c6dec93 From sle-updates at lists.suse.com Fri Aug 24 14:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 24 Aug 2012 22:08:30 +0200 (CEST) Subject: SUSE-RU-2012:1037-1: Recommended update for microcode_ctl Message-ID: <20120824200830.901CB3224A@maintenance.suse.de> SUSE Recommended Update: Recommended update for microcode_ctl ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1037-1 Rating: low References: #749963 #769610 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This collective update to microcode_ctl brings the following improvements: * Updates AMD CPU microcode, including the extra fam15h.bin file (bnc#749963) * Updates Intel CPU microcode to version 20120606 (bnc#769610). Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-microcode_ctl-6540 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-microcode_ctl-6540 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-microcode_ctl-6540 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-microcode_ctl-6540 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-microcode_ctl-6540 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): microcode_ctl-1.17-102.44.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): microcode_ctl-1.17-102.44.1 - SUSE Linux Enterprise Server 11 SP1 (i586 x86_64): microcode_ctl-1.17-102.44.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): microcode_ctl-1.17-102.44.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): microcode_ctl-1.17-102.44.1 References: https://bugzilla.novell.com/749963 https://bugzilla.novell.com/769610 http://download.novell.com/patch/finder/?keywords=d109e02deeae3d1cefae9034cda8c95a From sle-updates at lists.suse.com Fri Aug 24 15:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 24 Aug 2012 23:08:34 +0200 (CEST) Subject: SUSE-SU-2012:1038-1: important: Security update for gimp Message-ID: <20120824210834.9043F32249@maintenance.suse.de> SUSE Security Update: Security update for gimp ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1038-1 Rating: important References: #724628 Cross-References: CVE-2012-3481 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update of The Gimp fixes a heap overflow that could have been exploited by attackers to cause a Denial of Service (application crash) or to potentially execute arbitrary code (CVE-2012-3481). Security Issue reference: * CVE-2012-3481 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-gimp-6712 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-gimp-6712 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-gimp-6712 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-gimp-6712 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): gimp-2.6.2-3.34.39.1 gimp-devel-2.6.2-3.34.39.1 gimp-lang-2.6.2-3.34.39.1 gimp-plugins-python-2.6.2-3.34.39.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): gimp-2.6.2-3.34.39.1 gimp-devel-2.6.2-3.34.39.1 gimp-lang-2.6.2-3.34.39.1 gimp-plugins-python-2.6.2-3.34.39.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): gimp-2.6.2-3.34.39.1 gimp-lang-2.6.2-3.34.39.1 gimp-plugins-python-2.6.2-3.34.39.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): gimp-2.6.2-3.34.39.1 gimp-lang-2.6.2-3.34.39.1 gimp-plugins-python-2.6.2-3.34.39.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): gimp-2.2.10-22.46.1 gimp-devel-2.2.10-22.46.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64): gimp-2.2.10-22.46.1 gimp-devel-2.2.10-22.46.1 References: http://support.novell.com/security/cve/CVE-2012-3481.html https://bugzilla.novell.com/724628 http://download.novell.com/patch/finder/?keywords=12c9a930398cff75c99abf194e212747 http://download.novell.com/patch/finder/?keywords=e035e67d5f659aef60e434860c71dcfa From sle-updates at lists.suse.com Fri Aug 24 17:08:42 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 25 Aug 2012 01:08:42 +0200 (CEST) Subject: SUSE-OU-2012:1039-1: moderate: Optional update for perl-Config-IniFiles Message-ID: <20120824230842.481D2321E7@maintenance.suse.de> SUSE Optional Update: Optional update for perl-Config-IniFiles ______________________________________________________________________________ Announcement ID: SUSE-OU-2012:1039-1 Rating: moderate References: #771524 Affected Products: SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This update provides perl-Config-IniFiles, which is a module that provides a way to have readable configuration files outside your perl scripts. Indications: Every user can install the update Contraindications: Indications: Every user can install the update Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-perl-Config-IniFiles-6656 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): perl-Config-IniFiles-2.39-1.24.1 References: https://bugzilla.novell.com/771524 http://download.novell.com/patch/finder/?keywords=b86630830d94787142a434e50ed97021 From sle-updates at lists.suse.com Fri Aug 24 17:08:44 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 25 Aug 2012 01:08:44 +0200 (CEST) Subject: SUSE-RU-2012:1040-1: moderate: Recommended update for subscription-tools Message-ID: <20120824230844.88364321C0@maintenance.suse.de> SUSE Recommended Update: Recommended update for subscription-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1040-1 Rating: moderate References: #771524 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update adds missing dependencies to fix subscription-tools . Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-subscription-tools-6636 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-subscription-tools-6636 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-subscription-tools-6636 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (noarch): subscription-tools-1.0-0.21.1 - SUSE Linux Enterprise Server 11 SP2 (noarch): subscription-tools-1.0-0.21.1 - SUSE Linux Enterprise Desktop 11 SP2 (noarch): subscription-tools-1.0-0.21.1 References: https://bugzilla.novell.com/771524 http://download.novell.com/patch/finder/?keywords=17de174b7ad3b7c16ad77d21f9eef498 From sle-updates at lists.suse.com Mon Aug 27 08:08:21 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 27 Aug 2012 16:08:21 +0200 (CEST) Subject: SUSE-SU-2012:1042-1: Security update for openssh Message-ID: <20120827140821.99E4632249@maintenance.suse.de> SUSE Security Update: Security update for openssh ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1042-1 Rating: low References: #709782 #744643 #756370 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This collective security update of openssh fixed multiple security issues: * memory exhaustion in gssapi due to integer overflow (bnc#756370, CVE-2011-5000) * forced command option information leak (bnc#744643, CVE-2012-0814) Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc ppc64 s390x x86_64): openssh-5.1p1-41.12.8 - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): openssh-askpass-5.1p1-41.12.8 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): openssh-5.1p1-41.12.8 openssh-askpass-5.1p1-41.12.8 References: https://bugzilla.novell.com/709782 https://bugzilla.novell.com/744643 https://bugzilla.novell.com/756370 http://download.novell.com/patch/finder/?keywords=1433a415c626f2bfb25c692b714ebf1c From sle-updates at lists.suse.com Mon Aug 27 09:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 27 Aug 2012 17:08:35 +0200 (CEST) Subject: SUSE-SU-2012:1043-1: important: Security update for Xen and libvirt Message-ID: <20120827150835.6B4993224A@maintenance.suse.de> SUSE Security Update: Security update for Xen and libvirt ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1043-1 Rating: important References: #746702 #762484 #762963 #764982 #766283 #773393 #773401 #773955 Cross-References: CVE-2012-3432 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that solves one vulnerability and has 7 fixes is now available. It includes one version update. Description: Xen was updated to fix several security issues: * CVE-2012-3433: A xen HVM guest destroy p2m teardown host DoS vulnerability was fixed, where malicious guest could lock/crash the host. * CVE-2012-3432: A xen HVM guest user mode MMIO emulation DoS was fixed. * CVE-2012-2625: The xen pv bootloader doesn't check the size of the bzip2 or lzma compressed kernel, leading to denial of service (crash). Also the following bug in XEN has been fixed: * bnc#746702 - Xen HVM DomU crash during Windows Server 2008 R2 install, when maxmem > memory This update also included bugfixes for: * vm-install: - bnc#762963 - ReaR: Unable to recover a paravirtualized XEN guest * virt-manager - SLE11-SP2 ONLY * bnc#764982 - virt-manager fails to start after upgrade to SLES11 SP2 from SLES10 Security Issue reference: * CVE-2012-3432 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-xen-201208-6640 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-xen-201208-6640 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-xen-201208-6640 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (x86_64): libvirt-devel-0.9.6-0.21.3 libvirt-devel-32bit-0.9.6-0.21.3 xen-devel-4.1.2_20-0.5.2 - SUSE Linux Enterprise Server 11 SP2 (x86_64) [New Version: 0.5.10]: libvirt-0.9.6-0.21.3 libvirt-client-0.9.6-0.21.3 libvirt-client-32bit-0.9.6-0.21.3 libvirt-doc-0.9.6-0.21.3 libvirt-python-0.9.6-0.21.3 virt-manager-0.9.0-3.19.1 vm-install-0.5.10-0.5.1 xen-4.1.2_20-0.5.2 xen-doc-html-4.1.2_20-0.5.2 xen-doc-pdf-4.1.2_20-0.5.2 xen-kmp-default-4.1.2_20_3.0.38_0.5-0.5.2 xen-kmp-trace-4.1.2_20_3.0.38_0.5-0.5.2 xen-libs-32bit-4.1.2_20-0.5.2 xen-libs-4.1.2_20-0.5.2 xen-tools-4.1.2_20-0.5.2 xen-tools-domU-4.1.2_20-0.5.2 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 0.5.10]: libvirt-0.9.6-0.21.3 libvirt-client-0.9.6-0.21.3 libvirt-client-32bit-0.9.6-0.21.3 libvirt-doc-0.9.6-0.21.3 libvirt-python-0.9.6-0.21.3 virt-manager-0.9.0-3.19.1 vm-install-0.5.10-0.5.1 xen-4.1.2_20-0.5.2 xen-doc-html-4.1.2_20-0.5.2 xen-doc-pdf-4.1.2_20-0.5.2 xen-kmp-default-4.1.2_20_3.0.38_0.5-0.5.2 xen-kmp-trace-4.1.2_20_3.0.38_0.5-0.5.2 xen-libs-32bit-4.1.2_20-0.5.2 xen-libs-4.1.2_20-0.5.2 xen-tools-4.1.2_20-0.5.2 xen-tools-domU-4.1.2_20-0.5.2 References: http://support.novell.com/security/cve/CVE-2012-3432.html https://bugzilla.novell.com/746702 https://bugzilla.novell.com/762484 https://bugzilla.novell.com/762963 https://bugzilla.novell.com/764982 https://bugzilla.novell.com/766283 https://bugzilla.novell.com/773393 https://bugzilla.novell.com/773401 https://bugzilla.novell.com/773955 http://download.novell.com/patch/finder/?keywords=6aa25504d39edb169f3b6d3e111160e9 From sle-updates at lists.suse.com Mon Aug 27 09:08:38 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 27 Aug 2012 17:08:38 +0200 (CEST) Subject: SUSE-SU-2012:1044-1: important: Security update for Xen Message-ID: <20120827150838.16A653224A@maintenance.suse.de> SUSE Security Update: Security update for Xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1044-1 Rating: important References: #744771 #746702 #762484 #762963 #773393 #773401 Cross-References: CVE-2012-2625 CVE-2012-3432 CVE-2012-3433 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that solves three vulnerabilities and has three fixes is now available. It includes one version update. Description: Xen was updated to fix several security issues: * CVE-2012-3433: A xen HVM guest destroy p2m teardown host DoS vulnerability was fixed, where malicious guest could lock/crash the host. * CVE-2012-3432: A xen HVM guest user mode MMIO emulation DoS was fixed. * CVE-2012-2625: The xen pv bootloader doesn't check the size of the bzip2 or lzma compressed kernel, leading to denial of service (crash). Also the following bug in XEN was fixed: * bnc#746702 - Xen HVM DomU crash during Windows Server 2008 R2 install, when maxmem > memory This update also included bugfixes for: * vm-install: - bnc#762963 - ReaR: Unable to recover a paravirtualized XEN guest Security Issue references: * CVE-2012-3432 * CVE-2012-3433 * CVE-2012-2625 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-xen-201208-6653 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-xen-201208-6653 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-xen-201208-6653 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-xen-201208-6653 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64): xen-devel-4.0.3_21548_08-0.7.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): xen-kmp-trace-4.0.3_21548_08_2.6.32.59_0.7-0.7.1 - SUSE Linux Enterprise Server 11 SP1 (i586 x86_64) [New Version: 0.4.34]: vm-install-0.4.34-0.3.1 xen-4.0.3_21548_08-0.7.1 xen-doc-html-4.0.3_21548_08-0.7.1 xen-doc-pdf-4.0.3_21548_08-0.7.1 xen-kmp-default-4.0.3_21548_08_2.6.32.59_0.7-0.7.1 xen-kmp-trace-4.0.3_21548_08_2.6.32.59_0.7-0.7.1 xen-libs-4.0.3_21548_08-0.7.1 xen-tools-4.0.3_21548_08-0.7.1 xen-tools-domU-4.0.3_21548_08-0.7.1 - SUSE Linux Enterprise Server 11 SP1 (i586): xen-kmp-pae-4.0.3_21548_08_2.6.32.59_0.7-0.7.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 0.4.34]: vm-install-0.4.34-0.3.1 xen-4.0.3_21548_08-0.7.1 xen-kmp-default-4.0.3_21548_08_2.6.32.59_0.7-0.7.1 xen-libs-4.0.3_21548_08-0.7.1 xen-tools-4.0.3_21548_08-0.7.1 xen-tools-domU-4.0.3_21548_08-0.7.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586): xen-kmp-pae-4.0.3_21548_08_2.6.32.59_0.7-0.7.1 References: http://support.novell.com/security/cve/CVE-2012-2625.html http://support.novell.com/security/cve/CVE-2012-3432.html http://support.novell.com/security/cve/CVE-2012-3433.html https://bugzilla.novell.com/744771 https://bugzilla.novell.com/746702 https://bugzilla.novell.com/762484 https://bugzilla.novell.com/762963 https://bugzilla.novell.com/773393 https://bugzilla.novell.com/773401 http://download.novell.com/patch/finder/?keywords=872c7f98262a167c6598ea04dc6e81c7 From sle-updates at lists.suse.com Mon Aug 27 10:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 27 Aug 2012 18:08:33 +0200 (CEST) Subject: SUSE-SU-2012:1045-1: Security update for openssh Message-ID: <20120827160833.B27DD3224A@maintenance.suse.de> SUSE Security Update: Security update for openssh ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1045-1 Rating: low References: #709782 #744643 #752354 #756370 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This collective security update of openssh fixes multiple security issues: * memory exhaustion in gssapi due to integer overflow (bnc#756370, CVE-2011-5000) * forced command option information leak (bnc#744643, CVE-2012-0814) Additionally, the following bug has been fixed: * bnc#752354 server-side delay upon user exiting a ssh session, due to DNS queries from libaudit Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-openssh-6672 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-openssh-6672 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-openssh-6672 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-openssh-6672 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-openssh-6672 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): openssh-5.1p1-41.55.1 openssh-askpass-5.1p1-41.55.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): openssh-5.1p1-41.55.1 openssh-askpass-5.1p1-41.55.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): openssh-5.1p1-41.55.1 openssh-askpass-5.1p1-41.55.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): openssh-5.1p1-41.55.1 openssh-askpass-5.1p1-41.55.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): openssh-5.1p1-41.55.1 openssh-askpass-5.1p1-41.55.1 References: https://bugzilla.novell.com/709782 https://bugzilla.novell.com/744643 https://bugzilla.novell.com/752354 https://bugzilla.novell.com/756370 http://download.novell.com/patch/finder/?keywords=821184d97a25861059a30ef236c52014 From sle-updates at lists.suse.com Mon Aug 27 11:08:37 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 27 Aug 2012 19:08:37 +0200 (CEST) Subject: SUSE-RU-2012:1047-1: Recommended update for release-notes-sled Message-ID: <20120827170837.C005A3224A@maintenance.suse.de> SUSE Recommended Update: Recommended update for release-notes-sled ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1047-1 Rating: low References: #774670 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update provides the latest release notes for SUSE Linux Enterprise Desktop 11 SP2. The following entries were added: * Support for Universal Serial Bus Version 3.0 (USB 3.0) (bnc#774670, fate#311827) * Upgrading PostgreSQL Installations from 8.3 to 9.1 (fate#11794). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-release-notes-sled-6689 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (noarch) [New Version: 11.2.26]: release-notes-sled-11.2.26-0.10.1 References: https://bugzilla.novell.com/774670 http://download.novell.com/patch/finder/?keywords=a8c486b8ed4e79a1551ae56fd8978f1e From sle-updates at lists.suse.com Mon Aug 27 12:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 27 Aug 2012 20:08:29 +0200 (CEST) Subject: SUSE-SU-2012:1048-1: moderate: Security update for bind Message-ID: <20120827180829.A725532246@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1048-1 Rating: moderate References: #772945 Cross-References: CVE-2012-3817 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: The bind nameserver was updated to fix a crash (denial of service) that might have happened during high DNSSEC validation load (CVE-2012-3817). Security Issue references: * CVE-2012-3817 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-bind-6605 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-bind-6605 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-bind-6605 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-bind-6605 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.6ESVR7P2]: bind-devel-9.6ESVR7P2-0.8.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64) [New Version: 9.6ESVR7P2]: bind-devel-32bit-9.6ESVR7P2-0.8.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 9.6ESVR7P2]: bind-9.6ESVR7P2-0.8.1 bind-chrootenv-9.6ESVR7P2-0.8.1 bind-doc-9.6ESVR7P2-0.8.1 bind-libs-9.6ESVR7P2-0.8.1 bind-utils-9.6ESVR7P2-0.8.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (x86_64) [New Version: 9.6ESVR7P2]: bind-libs-32bit-9.6ESVR7P2-0.8.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.6ESVR7P2]: bind-9.6ESVR7P2-0.8.1 bind-chrootenv-9.6ESVR7P2-0.8.1 bind-doc-9.6ESVR7P2-0.8.1 bind-libs-9.6ESVR7P2-0.8.1 bind-utils-9.6ESVR7P2-0.8.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64) [New Version: 9.6ESVR7P2]: bind-libs-32bit-9.6ESVR7P2-0.8.1 - SUSE Linux Enterprise Server 11 SP2 (ia64) [New Version: 9.6ESVR7P2]: bind-libs-x86-9.6ESVR7P2-0.8.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 9.6ESVR7P2]: bind-libs-9.6ESVR7P2-0.8.1 bind-utils-9.6ESVR7P2-0.8.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64) [New Version: 9.6ESVR7P2]: bind-libs-32bit-9.6ESVR7P2-0.8.1 References: http://support.novell.com/security/cve/CVE-2012-3817.html https://bugzilla.novell.com/772945 http://download.novell.com/patch/finder/?keywords=e31cb22c3908ed163e0191b36c51844d From sle-updates at lists.suse.com Mon Aug 27 14:08:28 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Mon, 27 Aug 2012 22:08:28 +0200 (CEST) Subject: SUSE-RU-2012:1049-1: Recommended update for SUSE Cloud Message-ID: <20120827200828.6142732249@maintenance.suse.de> SUSE Recommended Update: Recommended update for SUSE Cloud ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1049-1 Rating: low References: #64937 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides various small fixes to openstack: * let nova compute init script depend on libvirtd (bnc#776763) * use rbd as default pool (bnc#776696) * add missing fstype (bnc#776696) Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-crowbar-bundle-update-6713 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): openstack-nova-2012.1+git.1344577828.63dd6be-0.9.1 - SUSE Cloud 1.0 (noarch): crowbar-barclamp-ceph-1.2+git.1345543933.cc5bd3b-0.5.1 crowbar-barclamp-nova-1.2+git.1345581351.74545a6-0.5.1 References: https://bugzilla.novell.com/64937 http://download.novell.com/patch/finder/?keywords=d2b614e92f9378d78d70a7e1948fcb62 From sle-updates at lists.suse.com Tue Aug 28 02:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 28 Aug 2012 10:08:31 +0200 (CEST) Subject: SUSE-SU-2012:1048-2: moderate: Security update for bind Message-ID: <20120828080831.2654432246@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1048-2 Rating: moderate References: #772945 Cross-References: CVE-2012-3817 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: The bind nameserver was updated to fix a crash (denial of service) during high DNSSEC validation load (CVE-2012-3817) Security Issues: * CVE-2012-3817 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-bind-6604 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-bind-6604 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-bind-6604 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-bind-6604 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.6ESVR7P2]: bind-devel-9.6ESVR7P2-0.3.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64) [New Version: 9.6ESVR7P2]: bind-devel-32bit-9.6ESVR7P2-0.3.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 9.6ESVR7P2]: bind-9.6ESVR7P2-0.3.1 bind-chrootenv-9.6ESVR7P2-0.3.1 bind-doc-9.6ESVR7P2-0.3.1 bind-libs-9.6ESVR7P2-0.3.1 bind-utils-9.6ESVR7P2-0.3.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64) [New Version: 9.6ESVR7P2]: bind-libs-32bit-9.6ESVR7P2-0.3.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 9.6ESVR7P2]: bind-9.6ESVR7P2-0.3.1 bind-chrootenv-9.6ESVR7P2-0.3.1 bind-doc-9.6ESVR7P2-0.3.1 bind-libs-9.6ESVR7P2-0.3.1 bind-utils-9.6ESVR7P2-0.3.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64) [New Version: 9.6ESVR7P2]: bind-libs-32bit-9.6ESVR7P2-0.3.1 - SUSE Linux Enterprise Server 11 SP1 (ia64) [New Version: 9.6ESVR7P2]: bind-libs-x86-9.6ESVR7P2-0.3.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 9.6ESVR7P2]: bind-libs-9.6ESVR7P2-0.3.1 bind-utils-9.6ESVR7P2-0.3.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64) [New Version: 9.6ESVR7P2]: bind-libs-32bit-9.6ESVR7P2-0.3.1 References: http://support.novell.com/security/cve/CVE-2012-3817.html https://bugzilla.novell.com/772945 http://download.novell.com/patch/finder/?keywords=aa25ddbd1e6d04a2c38a2c56fcbc02fe From sle-updates at lists.suse.com Tue Aug 28 14:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Tue, 28 Aug 2012 22:08:30 +0200 (CEST) Subject: SUSE-RU-2012:1050-1: important: Recommended update for icedtea-web Message-ID: <20120828200830.B917B3224B@maintenance.suse.de> SUSE Recommended Update: Recommended update for icedtea-web ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1050-1 Rating: important References: #755054 Affected Products: SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. It includes one version update. Description: This update fixes a stability issue with accessing Java sites in the MozillaFirefox browser after upgrading it to the latest security release. (bnc#755054). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-icedtea-web-6715 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-icedtea-web-6714 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 1.2.1]: icedtea-web-1.2.1-0.9.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): icedtea-web-1.2.1-0.4.4.1 References: https://bugzilla.novell.com/755054 http://download.novell.com/patch/finder/?keywords=0f277e2f9e760356150451511e007eeb http://download.novell.com/patch/finder/?keywords=3752950287e24b3c01f8866f387fcb57 From sle-updates at lists.suse.com Tue Aug 28 16:09:03 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 29 Aug 2012 00:09:03 +0200 (CEST) Subject: SUSE-OU-2012:1051-1: Optional update for IBM Java 7 Message-ID: <20120828220903.AC97E3224B@maintenance.suse.de> SUSE Optional Update: Optional update for IBM Java 7 ______________________________________________________________________________ Announcement ID: SUSE-OU-2012:1051-1 Rating: low References: #772640 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Java 11 SP2 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This Update provides IBM Java 7 as an optional, alternative Java version for SUSE Linux Enterprise SP2. Indications: Every interested user can install. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp2-java-1_7_0-ibm-6585 - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-java-1_7_0-ibm-6585 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-java-1_7_0-ibm-6585 - SUSE Linux Enterprise Java 11 SP2: zypper in -t patch slejsp2-java-1_7_0-ibm-6585 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-devel-1.7.0_sr1.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): java-1_7_0-ibm-1.7.0_sr1.0-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr1.0-0.5.1 java-1_7_0-ibm-plugin-1.7.0_sr1.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 for VMware (i586): java-1_7_0-ibm-alsa-1.7.0_sr1.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-1.7.0_sr1.0-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr1.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 x86_64): java-1_7_0-ibm-plugin-1.7.0_sr1.0-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586): java-1_7_0-ibm-alsa-1.7.0_sr1.0-0.5.1 - SUSE Linux Enterprise Java 11 SP2 (i586 ppc64 s390x x86_64): java-1_7_0-ibm-1.7.0_sr1.0-0.5.1 java-1_7_0-ibm-devel-1.7.0_sr1.0-0.5.1 java-1_7_0-ibm-jdbc-1.7.0_sr1.0-0.5.1 - SUSE Linux Enterprise Java 11 SP2 (i586 x86_64): java-1_7_0-ibm-alsa-1.7.0_sr1.0-0.5.1 java-1_7_0-ibm-plugin-1.7.0_sr1.0-0.5.1 References: https://bugzilla.novell.com/772640 http://download.novell.com/patch/finder/?keywords=563a4abea3d5906eeedbabdca0744a5c From sle-updates at lists.suse.com Tue Aug 28 17:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 29 Aug 2012 01:08:33 +0200 (CEST) Subject: SUSE-RU-2012:1052-1: Recommended update for Samba Message-ID: <20120828230833.5586332247@maintenance.suse.de> SUSE Recommended Update: Recommended update for Samba ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1052-1 Rating: low References: #499233 #741623 #755663 #759731 #764577 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has 5 recommended fixes can now be installed. Description: This collective update to Samba resolves the following issues: * Fix uninitialized memory read in talloc_free() (bnc#764577). * Use simplified smb signing infrastructure and attempt to use samlogon validation level 6. This fixes interoperability problems with servers that use "server signing = auto" (bnc#741623). * Recover from ncacn_ip_tcp ACCESS_DENIED/SEC_PKG_ERROR lsa errors. In some circumstances, this could cause problems in Winbind after joining an Active Directory domain (bso#7944, bnc#755663). * Add PreReq /etc/init.d/nscd to the winbind package to prevent warnings during update (bnc#759731). * Include reviewed french translation for pam_winbind (bnc#499233). Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-cifs-mount-6614 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-cifs-mount-6614 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-cifs-mount-6614 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-cifs-mount-6614 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-cifs-mount-6614 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-cifs-mount-6614 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): libnetapi-devel-3.4.3-1.42.1 libnetapi0-3.4.3-1.42.1 libsmbclient-devel-3.4.3-1.42.1 libsmbsharemodes-devel-3.4.3-1.42.1 libsmbsharemodes0-3.4.3-1.42.1 libtalloc-devel-3.4.3-1.42.1 libtdb-devel-3.4.3-1.42.1 libwbclient-devel-3.4.3-1.42.1 samba-devel-3.4.3-1.42.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): libtalloc1-3.4.3-1.42.1 - SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64): libtalloc1-32bit-3.4.3-1.42.1 - SUSE Linux Enterprise Server 11 SP2 (ia64): libtalloc1-x86-3.4.3-1.42.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): cifs-mount-3.4.3-1.42.1 ldapsmb-1.34b-11.28.42.1 libsmbclient0-3.4.3-1.42.1 libtalloc1-3.4.3-1.42.1 libtdb1-3.4.3-1.42.1 libwbclient0-3.4.3-1.42.1 samba-3.4.3-1.42.1 samba-client-3.4.3-1.42.1 samba-krb-printing-3.4.3-1.42.1 samba-winbind-3.4.3-1.42.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64): libsmbclient0-32bit-3.4.3-1.42.1 libtalloc1-32bit-3.4.3-1.42.1 libtdb1-32bit-3.4.3-1.42.1 libwbclient0-32bit-3.4.3-1.42.1 samba-32bit-3.4.3-1.42.1 samba-client-32bit-3.4.3-1.42.1 samba-winbind-32bit-3.4.3-1.42.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): cifs-mount-3.4.3-1.42.1 ldapsmb-1.34b-11.28.42.1 libsmbclient0-3.4.3-1.42.1 libtalloc1-3.4.3-1.42.1 libtdb1-3.4.3-1.42.1 libwbclient0-3.4.3-1.42.1 samba-3.4.3-1.42.1 samba-client-3.4.3-1.42.1 samba-krb-printing-3.4.3-1.42.1 samba-winbind-3.4.3-1.42.1 - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64): libsmbclient0-32bit-3.4.3-1.42.1 libtalloc1-32bit-3.4.3-1.42.1 libtdb1-32bit-3.4.3-1.42.1 libwbclient0-32bit-3.4.3-1.42.1 samba-32bit-3.4.3-1.42.1 samba-client-32bit-3.4.3-1.42.1 samba-winbind-32bit-3.4.3-1.42.1 - SUSE Linux Enterprise Server 11 SP1 (ia64): libsmbclient0-x86-3.4.3-1.42.1 libtalloc1-x86-3.4.3-1.42.1 libtdb1-x86-3.4.3-1.42.1 libwbclient0-x86-3.4.3-1.42.1 samba-client-x86-3.4.3-1.42.1 samba-winbind-x86-3.4.3-1.42.1 samba-x86-3.4.3-1.42.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libtalloc1-3.4.3-1.42.1 - SUSE Linux Enterprise Desktop 11 SP2 (x86_64): libtalloc1-32bit-3.4.3-1.42.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): cifs-mount-3.4.3-1.42.1 libsmbclient0-3.4.3-1.42.1 libtalloc1-3.4.3-1.42.1 libtdb1-3.4.3-1.42.1 libwbclient0-3.4.3-1.42.1 samba-3.4.3-1.42.1 samba-client-3.4.3-1.42.1 samba-krb-printing-3.4.3-1.42.1 samba-winbind-3.4.3-1.42.1 - SUSE Linux Enterprise Desktop 11 SP1 (x86_64): libsmbclient0-32bit-3.4.3-1.42.1 libtalloc1-32bit-3.4.3-1.42.1 libtdb1-32bit-3.4.3-1.42.1 libwbclient0-32bit-3.4.3-1.42.1 samba-32bit-3.4.3-1.42.1 samba-client-32bit-3.4.3-1.42.1 samba-winbind-32bit-3.4.3-1.42.1 References: https://bugzilla.novell.com/499233 https://bugzilla.novell.com/741623 https://bugzilla.novell.com/755663 https://bugzilla.novell.com/759731 https://bugzilla.novell.com/764577 http://download.novell.com/patch/finder/?keywords=e1ad158028c40322cad06ba03204c1ec From sle-updates at lists.suse.com Tue Aug 28 17:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 29 Aug 2012 01:08:35 +0200 (CEST) Subject: SUSE-RU-2012:1053-1: moderate: Recommended update for lresource-agents Message-ID: <20120828230835.52B183223E@maintenance.suse.de> SUSE Recommended Update: Recommended update for lresource-agents ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1053-1 Rating: moderate References: #669412 #721334 #737673 #740718 #740738 #745306 #751783 #754067 #756609 #759616 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP1 ______________________________________________________________________________ An update that has 10 recommended fixes can now be installed. It includes one version update. Description: This update to resource-agents 3.9.3 provides the following fixes: * ocf-shellfuncs: fix loglevel variable scope in ha_log * apache: create /var/run/apache2 if it doesn't exist * apache: add support for IPv6 in monitor * asterisk: new resource agent * conntrackd: rename parameter "conntrackd" to "binary" * dhcpd: new RA to manage ISC DHCP servers * exportfs: allow expanding the fsid parameter to produce correct exportfs options * exportfs: don't grow /var/lib/nfs/rmtab indefinitely (bnc#754067) * exportfs: fix monitor action for special characters and common suffixes * Filesystem: add nfs4 to the list of well known types * Filesystem: allow to force cloning for local mounts * Filesystem: remove a status file only when OCF_CHECK_LEVEL is set to 20 * Filesystem: fix determining if the device is a block device * Filesystem: support ceph * Filesystem: improve read/write checks for CHECK_LEVEL 10, 20 * Filesystem: repair the fast_stop parameter use (its value has always been false) * IPaddr: remove colon at the end of the interface name * IPaddr: add back the local_start/stop_script code * IPaddr2: fix regression introduce in d93b5fd, nic=lo always "stopped" * IPv6addr: always use the provided nic and cidr_netmask when specified * IPv6addr: handle a link-local address properly in send_ua * iscsi: do not rely on iscsid.startup being set correctly (bnc#751783) * iscsi: don't fail in stop or monitor if the portal is ambiguous (bnc#740718) * iscsi: proceed if iscsid is not running if iscsid.startup is present in iscsid.conf * iSCSILogicalUnit: correctly match for target IQN and backing device name (iet and tgt) * iSCSILogicalUnit: fix default for scsi_sn * iSCSITarget: treat an empty "implementation" parameter specially * jboss: add the java_opts parameter for java options * ldirectord: Allow IPv6 for NNTP, requires perl-IO-Socket-INET6 (bnc#669412) * LVM: force dmevent monitoring for clones * jboss: implememnt rotating of console log * ldirectord: precedence error with perl v5.8.8 in IPv6 code * lxc: fix LXC_status to work with lxc-0.7.5 or later * mysql: improve replication support * mysql: fix validation return codes * mysql: support 5.5 slave status message format * mysql: check mysql status more thoroughly before stopping * named: make monitor work with IPv6 interfaces * nfsserver: don't run sm-notify in foreground (bnc#759616) * oracle: improve managing IPC objects * oracle: improve matching instance specific files and processes * oracle, oralsnr: get rid of eval * oralsnr: match only one (our) listener process (bnc#745306) * pgsql: support for replication * pound: new RA for Pound HTTP/HTTPS reverse-proxy and load-balancer * SAPDatabase: replace method for checking responsiveness of saphostexec * SAPDatabase: add support for Sybase ASE and SAP HANA database * SAPDatabase: version 2.00 make use of saphostagent * SAPInstance/SAPDatabase: fix unique attribute in metadata (bnc#737673) * sfex: fix default use without uuid (bnc#756609) * slapd: pass bind_dn correctly to ldapsearch * slapd: always set the exit code correctly in monitor * slapd: exit with the right code if validation fails (it used to exit always with the generic error code) * slapd: prevent possible timeout in stop (wrong logic in stop) * varnish: new resource agent * VirtualDomain: honor virsh "in shutdown" state * VirtualDomain: if the configuration file is missing on stop exit with success * Xen: add support for HVM ACPI graceful shutdown * Xinetd: reimplementation * Tools: send_arp.libnet: fix for big endian platforms (bnc#721334) * Tools: findif: Use most specific matching route (bnc#740738) * Tools: ocft: new option Agent, corresponding configs update * Tools: ocft: new tests for named, IPv6addr, oracle, Xinetd * Tools: ocft: several improvements * Tools: ocf-tester: add -d and -q options * doc: Add RA developer's guide. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP1: zypper in -t patch sleshasp1-ldirectord-6581 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.9.3]: ldirectord-3.9.3-0.4.26.1 resource-agents-3.9.3-0.4.26.1 References: https://bugzilla.novell.com/669412 https://bugzilla.novell.com/721334 https://bugzilla.novell.com/737673 https://bugzilla.novell.com/740718 https://bugzilla.novell.com/740738 https://bugzilla.novell.com/745306 https://bugzilla.novell.com/751783 https://bugzilla.novell.com/754067 https://bugzilla.novell.com/756609 https://bugzilla.novell.com/759616 http://download.novell.com/patch/finder/?keywords=f6ae8deccc32863dede32d3e147c0528 From sle-updates at lists.suse.com Wed Aug 29 09:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 29 Aug 2012 17:08:33 +0200 (CEST) Subject: SUSE-SU-2012:1048-3: moderate: Security update for bind Message-ID: <20120829150833.5C26E3224C@maintenance.suse.de> SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1048-3 Rating: moderate References: #772945 Cross-References: CVE-2012-3817 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: The bind nameserver was updated to fix a crash (denial of service) that may have been caused by high DNSSEC validation load (CVE-2012-3817). Security Issue reference: * CVE-2012-3817 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 9.6ESVR7P2]: bind-9.6ESVR7P2-0.7.1 bind-chrootenv-9.6ESVR7P2-0.7.1 bind-devel-9.6ESVR7P2-0.7.1 bind-doc-9.6ESVR7P2-0.7.1 bind-libs-9.6ESVR7P2-0.7.1 bind-utils-9.6ESVR7P2-0.7.1 - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64) [New Version: 9.6ESVR7P2]: bind-libs-32bit-9.6ESVR7P2-0.7.1 - SUSE Linux Enterprise Server 10 SP4 (ia64) [New Version: 9.6ESVR7P2]: bind-libs-x86-9.6ESVR7P2-0.7.1 - SUSE Linux Enterprise Server 10 SP4 (ppc) [New Version: 9.6ESVR7P2]: bind-devel-64bit-9.6ESVR7P2-0.7.1 bind-libs-64bit-9.6ESVR7P2-0.7.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 9.6ESVR7P2]: bind-libs-9.6ESVR7P2-0.7.1 bind-utils-9.6ESVR7P2-0.7.1 - SUSE Linux Enterprise Desktop 10 SP4 (x86_64) [New Version: 9.6ESVR7P2]: bind-libs-32bit-9.6ESVR7P2-0.7.1 - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 9.6ESVR7P2]: bind-9.6ESVR7P2-0.7.1 bind-chrootenv-9.6ESVR7P2-0.7.1 bind-devel-9.6ESVR7P2-0.7.1 bind-doc-9.6ESVR7P2-0.7.1 - SLE SDK 10 SP4 (ppc) [New Version: 9.6ESVR7P2]: bind-devel-64bit-9.6ESVR7P2-0.7.1 References: http://support.novell.com/security/cve/CVE-2012-3817.html https://bugzilla.novell.com/772945 http://download.novell.com/patch/finder/?keywords=336ff0f5a24d826e2d8f3e523f06fe9c From sle-updates at lists.suse.com Wed Aug 29 09:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 29 Aug 2012 17:08:35 +0200 (CEST) Subject: SUSE-RU-2012:1054-1: moderate: Recommended update for resource-agents Message-ID: <20120829150835.4CA793224C@maintenance.suse.de> SUSE Recommended Update: Recommended update for resource-agents ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1054-1 Rating: moderate References: #684139 #684143 #721334 #745306 #751783 #754067 #756609 #759616 Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP2 ______________________________________________________________________________ An update that has 8 recommended fixes can now be installed. It includes one version update. Description: This update to resource-agents 3.9.3 provides the following fixes: * apache: create /var/run/apache2 if it doesn't exist * conntrackd: rename parameter "conntrackd" to "binary" * exportfs: allow expanding the fsid parameter to produce correct exportfs options * dhcpd: new RA to manage ISC DHCP servers * Filesystem: add nfs4 to the list of well known types * Filesystem: allow to force cloning for local mounts * Filesystem: remove a status file only when OCF_CHECK_LEVEL is set to 20 * IPaddr: remove colon at the end of the interface name * IPaddr2: fix regression introduce in d93b5fd, nic=lo always "stopped" * iSCSILogicalUnit: correctly match for target IQN and backing device name (iet and tgt) * ldirectord: precedence error with perl v5.8.8 in IPv6 code * mysql: improve replication support * mysql: fix validation return codes * mysql: support 5.5 slave status message format * nfsserver: don't run sm-notify in foreground (bnc#759616) * ocft: new tests for named, IPv6addr, oracle, Xinetd * ocft: several improvements * oracle: improve managing IPC objects * oracle: improve matching instance specific files and processes * oracle, oralsnr: get rid of eval * pgsql: support for replication * pound: new RA for Pound HTTP/HTTPS reverse-proxy and load-balancer * slapd: pass bind_dn correctly to ldapsearch * slapd: always set the exit code correctly in monitor * Tools: send_arp.libnet: fix for big endian platforms (bnc#721334) * sfex: remove the uuid patch (bnc#756609) * Filesystem: fix determining if the device is a block device * iSCSITarget: treat an empty "implementation" parameter specially * exportfs: don't grow /var/lib/nfs/rmtab indefinitely (bnc#754067) * iscsi: do not rely on iscsid.startup being set correctly (bnc#751783) * Xinetd: reimplementation * Filesystem: support ceph * IPv6addr: always use the provided nic and cidr_netmask when specified lines 7-73 * nfsserver: Support of multiple IP addresses (bnc#684143) * nfsserver: NSM state files correctly populate /var/lib/nfs/sm.ha (bnc#684139) * Filesystem: improve read/write checks for CHECK_LEVEL 10, 20 * VirtualDomain: if the configuration file is missing on stop exit with success * Xen: add support for HVM ACPI graceful shutdown * SAPDatabase: replace method for checking responsiveness of saphostexec * SAPDatabase: add support for Sybase ASE and SAP HANA database * SAPDatabase: version 2.00 make use of saphostagent * lxc: fix LXC_status to work with lxc-0.7.5 or later * oralsnr: match only one (our) listener process (bnc#745306). Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability Extension 11 SP2: zypper in -t patch sleshasp2-ldirectord-6584 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise High Availability Extension 11 SP2 (ia64 ppc64 s390x x86_64) [New Version: 3.9.3]: ldirectord-3.9.3-0.7.1 resource-agents-3.9.3-0.7.1 - SUSE Linux Enterprise High Availability Extension 11 SP2 (i586) [New Version: 3.9.3]: ldirectord-3.9.3-0.7.5 resource-agents-3.9.3-0.7.5 References: https://bugzilla.novell.com/684139 https://bugzilla.novell.com/684143 https://bugzilla.novell.com/721334 https://bugzilla.novell.com/745306 https://bugzilla.novell.com/751783 https://bugzilla.novell.com/754067 https://bugzilla.novell.com/756609 https://bugzilla.novell.com/759616 http://download.novell.com/patch/finder/?keywords=058af35132321468f628685e8e1ff7ce From sle-updates at lists.suse.com Wed Aug 29 10:08:34 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 29 Aug 2012 18:08:34 +0200 (CEST) Subject: SUSE-RU-2012:1055-1: Recommended update for qscintilla Message-ID: <20120829160834.55EBA3224B@maintenance.suse.de> SUSE Recommended Update: Recommended update for qscintilla ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1055-1 Rating: low References: #768499 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes a segmentation fault when loading python-qscintilla. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-libqscintilla-devel-6702 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-libqscintilla-devel-6702 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp1-libqscintilla-devel-6702 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-libqscintilla-devel-6702 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64): libqscintilla-devel-2.3.2-1.32.1 libqscintilla2-5-2.3.2-1.32.1 python-qscintilla-2.3.2-1.32.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64): libqscintilla-devel-2.3.2-1.32.1 libqscintilla2-5-2.3.2-1.32.1 python-qscintilla-2.3.2-1.32.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): libqscintilla2-5-2.3.2-1.32.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): libqscintilla2-5-2.3.2-1.32.1 References: https://bugzilla.novell.com/768499 http://download.novell.com/patch/finder/?keywords=420414a1b386ff3ecb400cc6b7d2a990 From sle-updates at lists.suse.com Wed Aug 29 13:08:37 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Wed, 29 Aug 2012 21:08:37 +0200 (CEST) Subject: SUSE-SU-2012:1056-1: moderate: Security update for Real Time Linux kernel Message-ID: <20120829190837.6F6A73224F@maintenance.suse.de> SUSE Security Update: Security update for Real Time Linux kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1056-1 Rating: moderate References: #676204 #717994 #726600 #730118 #731673 #740745 #745832 #749118 #749569 #750079 #758058 #758260 #758532 #760902 #763194 #764150 #769896 Cross-References: CVE-2009-4020 CVE-2011-1083 CVE-2011-4077 CVE-2011-4086 CVE-2011-4132 CVE-2011-4330 CVE-2012-0044 CVE-2012-0810 CVE-2012-1090 CVE-2012-1097 CVE-2012-2123 CVE-2012-2133 CVE-2012-2383 CVE-2012-2384 CVE-2012-2390 CVE-2012-3375 Affected Products: SUSE Linux Enterprise Real Time 11 SP1 ______________________________________________________________________________ An update that solves 16 vulnerabilities and has one errata is now available. It includes one version update. Description: The SUSE Linux Enterprise Server 11 SP1 Realtime kernel has been updated to fix various bugs and security issues. The following security issues have been fixed: * CVE-2012-3375: Fixed a denial of service condition in the epoll loop detection. * CVE-2012-2390: Memory leaks in the hugetlbfs map reservation code have been fixed that could be used by local attackers to exhaust machine memory. * CVE-2012-2133: A fix use after free bug in "quota" handling of hugepages has been fixed that could cause a local denial of service. * CVE-2012-2384: A integer overflow in i915_gem_do_execbuffer() has been fixed that might be used by local attackers to crash the kernel or potentially execute code. * CVE-2012-2383: A integer overflow in i915_gem_execbuffer2() has been fixed that might be used by local attackers to crash the kernel or potentially execute code. * CVE-2012-2123: The filesystem cabability handling was not fully correct, allowing local users to bypass fscaps related restrictions to disable e.g. address space randomization. * CVE-2009-4020: Fixed a potential buffer overflow in hfsplus that could have been used to crash the kernel by supplying a bad hfsplus image for mounting. * CVE-2011-4330: Mounting a corrupted hfs filesystem could have lead to a buffer overflow. * CVE-2012-1097: The regset common infrastructure assumed that regsets would always have .get and .set methods, but necessarily .active methods. Unfortunately people have since written regsets without .set method, so NULL pointer dereference attacks were possible. * CVE-2011-1083: Limit the path length users can build using epoll() to avoid local attackers consuming lots of kernel CPU time. * CVE-2012-1090: Fixed a dentry refcount leak when opening a FIFO on lookup in cifs that could have been used to crash the kernel. * CVE-2012-0810: A stack reusage bug has been fixed which could be used by local attackers to crash the kernel in some circumstances. As this only affects x86 32bit, it does not affect x86_64 at all. * CVE-2012-0044: A integer overflow in drm_mode_dirtyfb_ioctl() has been fixed that might be used by local attackers to crash the kernel or execute code. * CVE-2011-4077: A possible memory corruption in xfs_readlink has been fixed that could be used by local users able to mount xfs images to crash the kernel. * CVE-2011-4132: Fixed a oops in jbd/jbd2 that could have been caused by mounting a malicious prepared filesystem. * CVE-2011-4086: Fixed a oops in jbd/jbd2 that could have been caused by specific filesystem access patterns. Also the following non security bugs have been fixed: * sched: Fix proc_sched_set_task() (bnc#717994). * vlan/core: Fix memory leak/corruption on VLAN GRO_DROP (bnc#758058). Security Issue references: * CVE-2009-4020 * CVE-2011-1083 * CVE-2011-4077 * CVE-2011-4086 * CVE-2011-4132 * CVE-2011-4330 * CVE-2012-0044 * CVE-2012-0810 * CVE-2012-1090 * CVE-2012-1097 * CVE-2012-2123 * CVE-2012-2383 * CVE-2012-2384 * CVE-2012-2390 * CVE-2012-3375 * CVE-2012-2133 Indications: Everyone using the Real Time Linux Kernel on x86_64 architecture should update. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Real Time 11 SP1: zypper in -t patch slertesp1-kernel-6677 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Real Time 11 SP1 (x86_64) [New Version: 2.6.33.20]: brocade-bna-kmp-rt-2.1.0.0_2.6.33.20_rt31_0.5-0.2.52 cluster-network-kmp-rt-1.4_2.6.33.20_rt31_0.5-2.5.62 cluster-network-kmp-rt_trace-1.4_2.6.33.20_rt31_0.5-2.5.62 drbd-kmp-rt-8.3.11_2.6.33.20_rt31_0.5-0.3.62 drbd-kmp-rt_trace-8.3.11_2.6.33.20_rt31_0.5-0.3.62 iscsitarget-kmp-rt-1.4.19_2.6.33.20_rt31_0.5-0.9.11.38 kernel-rt-2.6.33.20-0.5.1 kernel-rt-base-2.6.33.20-0.5.1 kernel-rt-devel-2.6.33.20-0.5.1 kernel-rt_trace-2.6.33.20-0.5.1 kernel-rt_trace-base-2.6.33.20-0.5.1 kernel-rt_trace-devel-2.6.33.20-0.5.1 kernel-source-rt-2.6.33.20-0.5.1 kernel-syms-rt-2.6.33.20-0.5.1 ocfs2-kmp-rt-1.6_2.6.33.20_rt31_0.5-0.4.2.62 ocfs2-kmp-rt_trace-1.6_2.6.33.20_rt31_0.5-0.4.2.62 ofed-kmp-rt-1.5.2_2.6.33.20_rt31_0.5-0.9.13.49 References: http://support.novell.com/security/cve/CVE-2009-4020.html http://support.novell.com/security/cve/CVE-2011-1083.html http://support.novell.com/security/cve/CVE-2011-4077.html http://support.novell.com/security/cve/CVE-2011-4086.html http://support.novell.com/security/cve/CVE-2011-4132.html http://support.novell.com/security/cve/CVE-2011-4330.html http://support.novell.com/security/cve/CVE-2012-0044.html http://support.novell.com/security/cve/CVE-2012-0810.html http://support.novell.com/security/cve/CVE-2012-1090.html http://support.novell.com/security/cve/CVE-2012-1097.html http://support.novell.com/security/cve/CVE-2012-2123.html http://support.novell.com/security/cve/CVE-2012-2133.html http://support.novell.com/security/cve/CVE-2012-2383.html http://support.novell.com/security/cve/CVE-2012-2384.html http://support.novell.com/security/cve/CVE-2012-2390.html http://support.novell.com/security/cve/CVE-2012-3375.html https://bugzilla.novell.com/676204 https://bugzilla.novell.com/717994 https://bugzilla.novell.com/726600 https://bugzilla.novell.com/730118 https://bugzilla.novell.com/731673 https://bugzilla.novell.com/740745 https://bugzilla.novell.com/745832 https://bugzilla.novell.com/749118 https://bugzilla.novell.com/749569 https://bugzilla.novell.com/750079 https://bugzilla.novell.com/758058 https://bugzilla.novell.com/758260 https://bugzilla.novell.com/758532 https://bugzilla.novell.com/760902 https://bugzilla.novell.com/763194 https://bugzilla.novell.com/764150 https://bugzilla.novell.com/769896 http://download.novell.com/patch/finder/?keywords=6ec388979fe13af4de509d36e09a4dc4 From sle-updates at lists.suse.com Thu Aug 30 04:09:45 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Aug 2012 12:09:45 +0200 (CEST) Subject: SUSE-RU-2012:1049-2: Recommended update for openstack-nova Message-ID: <20120830100945.0E7953225A@maintenance.suse.de> SUSE Recommended Update: Recommended update for openstack-nova ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1049-2 Rating: low References: #64937 Affected Products: SUSE Cloud 1.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update provides various small fixes to openstack: * fix nova-network init script patch (bnc#777488) Contraindications: Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Cloud 1.0: zypper in -t patch sleclo10sp2-crowbar-bundle-update-6747 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Cloud 1.0 (x86_64): openstack-nova-2012.1+git.1345844892.4d2a4af-0.9.1 openstack-nova-api-2012.1+git.1345844892.4d2a4af-0.9.1 openstack-nova-cert-2012.1+git.1345844892.4d2a4af-0.9.1 openstack-nova-compute-2012.1+git.1345844892.4d2a4af-0.9.1 openstack-nova-network-2012.1+git.1345844892.4d2a4af-0.9.1 openstack-nova-objectstore-2012.1+git.1345844892.4d2a4af-0.9.1 openstack-nova-scheduler-2012.1+git.1345844892.4d2a4af-0.9.1 openstack-nova-vncproxy-2012.1+git.1345844892.4d2a4af-0.9.1 openstack-nova-volume-2012.1+git.1345844892.4d2a4af-0.9.1 python-nova-2012.1+git.1345844892.4d2a4af-0.9.1 References: https://bugzilla.novell.com/64937 http://download.novell.com/patch/finder/?keywords=9fb5d6d462db9e7401ac326391fc024f From sle-updates at lists.suse.com Thu Aug 30 12:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Aug 2012 20:08:30 +0200 (CEST) Subject: SUSE-OU-2012:1070-1: Optional update for apache2-mod_auth_kerb Message-ID: <20120830180830.C03883225A@maintenance.suse.de> SUSE Optional Update: Optional update for apache2-mod_auth_kerb ______________________________________________________________________________ Announcement ID: SUSE-OU-2012:1070-1 Rating: low References: #771265 Affected Products: SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: Mod_auth_kerb is an Apache module designed to provide Kerberos authentication to the Apache web server. Using the Basic Auth mechanism, it retrieves a username/password pair from the browser and checks them against a Kerberos server as set up by your particular organization. The module also supports the Negotiate authentication method, which performs full Kerberos authentication based on ticket exchanges, and does not require users to insert their passwords to the browser Indications: Interested users can install the package. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-apache2-mod_auth_kerb-6625 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-apache2-mod_auth_kerb-6625 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-apache2-mod_auth_kerb-6625 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): apache2-mod_auth_kerb-5.4-0.3.8 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): apache2-mod_auth_kerb-5.4-0.3.8 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): apache2-mod_auth_kerb-5.4-0.3.8 References: https://bugzilla.novell.com/771265 http://download.novell.com/patch/finder/?keywords=080396ea9c814e610bf0e215da6c4c74 From sle-updates at lists.suse.com Thu Aug 30 12:08:33 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Thu, 30 Aug 2012 20:08:33 +0200 (CEST) Subject: SUSE-SU-2012:1071-1: moderate: Security update for quota Message-ID: <20120830180833.E17693225A@maintenance.suse.de> SUSE Security Update: Security update for quota ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1071-1 Rating: moderate References: #772570 Cross-References: CVE-2012-3417 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The quota package was updated to fix an issue with tcp_wrappers, where hosts.allow/deny files would have not been correctly honored. (CVE-2012-3417) Security Issue reference: * CVE-2012-3417 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-quota-6711 slessp2-quota-6724 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-quota-6711 slessp2-quota-6724 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-quota-6737 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-quota-6737 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-quota-6711 sledsp2-quota-6724 - SUSE Linux Enterprise Desktop 11 SP1: zypper in -t patch sledsp1-quota-6737 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): quota-3.16-50.39.1 quota-nfs-3.16-50.39.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): quota-3.16-50.39.1 quota-nfs-3.16-50.39.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64): quota-3.16-50.36.36.2 quota-nfs-3.16-50.36.36.2 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64): quota-3.16-50.36.36.2 quota-nfs-3.16-50.36.36.2 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64): quota-3.16-50.39.1 - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64): quota-3.16-50.36.36.2 References: http://support.novell.com/security/cve/CVE-2012-3417.html https://bugzilla.novell.com/772570 http://download.novell.com/patch/finder/?keywords=5b1b1ff021c6fa5bf81afe1f443cbf23 http://download.novell.com/patch/finder/?keywords=8f52db0f27a0a6581536a44c063b3337 http://download.novell.com/patch/finder/?keywords=a202f0abb7804584faa3e6a6fc00871e From sle-updates at lists.suse.com Fri Aug 31 09:08:29 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 31 Aug 2012 17:08:29 +0200 (CEST) Subject: SUSE-SU-2012:1071-2: moderate: Security update for quota Message-ID: <20120831150830.0164F32257@maintenance.suse.de> SUSE Security Update: Security update for quota ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1071-2 Rating: moderate References: #772570 Cross-References: CVE-2012-3417 Affected Products: SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The quota package was updated to fix an issue with tcp_wrappers, where hosts.allow/deny files would have not been correctly honored. (CVE-2012-3417) Security Issue reference: * CVE-2012-3417 Package List: - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64): quota-3.13-17.18.1 - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64): quota-3.13-17.18.1 References: http://support.novell.com/security/cve/CVE-2012-3417.html https://bugzilla.novell.com/772570 http://download.novell.com/patch/finder/?keywords=0a46fef03534da311570e6b60db7e6c2 From sle-updates at lists.suse.com Fri Aug 31 12:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 31 Aug 2012 20:08:31 +0200 (CEST) Subject: SUSE-RU-2012:1072-1: Recommended update for yast2-country Message-ID: <20120831180831.F0502321B4@maintenance.suse.de> SUSE Recommended Update: Recommended update for yast2-country ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1072-1 Rating: low References: #617861 #758134 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. It includes one version update. Description: This update to YaST's Country Settings module (yast2-country) fixes the text mode interface to ensure that changes in the timezone configuration are applied when the dialog is closed. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-yast2-country-6607 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-yast2-country-6607 - SUSE Linux Enterprise Desktop 11 SP2: zypper in -t patch sledsp2-yast2-country-6607 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 2.17.52]: yast2-country-2.17.52-0.5.1 yast2-country-data-2.17.52-0.5.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.17.52]: yast2-country-2.17.52-0.5.1 yast2-country-data-2.17.52-0.5.1 - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 2.17.52]: yast2-country-2.17.52-0.5.1 yast2-country-data-2.17.52-0.5.1 References: https://bugzilla.novell.com/617861 https://bugzilla.novell.com/758134 http://download.novell.com/patch/finder/?keywords=a2b785678157a4a6ed65ab83fd4ad5a7 From sle-updates at lists.suse.com Fri Aug 31 13:08:31 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 31 Aug 2012 21:08:31 +0200 (CEST) Subject: SUSE-FU-2012:1073-1: Feature update for osc Message-ID: <20120831190831.123B732258@maintenance.suse.de> SUSE Feature Update: Feature update for osc ______________________________________________________________________________ Announcement ID: SUSE-FU-2012:1073-1 Rating: low References: #711770 #737640 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 ______________________________________________________________________________ An update that has two feature fixes can now be installed. It includes two new package versions. Description: The command line client for the openSUSE Build Service (osc) was updated to version 0.135.1, bringing many fixes and improvements such as support to the new request handling mechanism from OBS 2.3. Additionally, the following OBS plug-ins are being shipped with this update: obs-service-download_files, obs-service-format_spec_file and obs-service-source_validator. Patch Instructions: To install this SUSE Feature Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-build-6718 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-build-6718 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.135.1]: osc-0.135.1-0.3.2 - SUSE Linux Enterprise Software Development Kit 11 SP2 (noarch): obs-service-download_files-0.3-0.3.2 obs-service-format_spec_file-0.4.1-0.3.2 obs-service-source_validator-0.2-0.3.2 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.135.1]: osc-0.135.1-0.3.2 - SUSE Linux Enterprise Software Development Kit 11 SP1 (noarch) [New Version: 2011.10.10]: build-2011.10.10-0.6.2.1 obs-service-download_files-0.3-0.3.2 obs-service-format_spec_file-0.4.1-0.3.2 obs-service-source_validator-0.2-0.3.2 References: https://bugzilla.novell.com/711770 https://bugzilla.novell.com/737640 http://download.novell.com/patch/finder/?keywords=e9ca2a749179883d1e34ee8754ac6256 From sle-updates at lists.suse.com Fri Aug 31 15:08:30 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Fri, 31 Aug 2012 23:08:30 +0200 (CEST) Subject: SUSE-RU-2012:1074-1: moderate: Recommended update for osasnmpd and s390-tools Message-ID: <20120831210830.238DF32258@maintenance.suse.de> SUSE Recommended Update: Recommended update for osasnmpd and s390-tools ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1074-1 Rating: moderate References: #751339 Affected Products: SUSE Linux Enterprise Server 11 SP1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update to s390-tools resolves the following issues: * Shorten some messages to prevent compilation failure with longer package version string * zfcp_disk_configure: update script to handle initialization better * zfcp_disk_configure: don't try to read from nonexistent sysfs files * zfcp_disk_configure: wait for udev events * zfcp_disk_configure: add double quotes to prevent missing operand in comparison. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-osasnmpd-6687 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP1 (s390x): osasnmpd-1.8.0-44.49.55.1 s390-tools-1.8.0-44.49.55.1 References: https://bugzilla.novell.com/751339 http://download.novell.com/patch/finder/?keywords=3cf07a5821a0e49c1d01d9a44a401a87 From sle-updates at lists.suse.com Fri Aug 31 16:09:06 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 1 Sep 2012 00:09:06 +0200 (CEST) Subject: SUSE-RU-2012:1075-1: moderate: Recommended update for stunnel Message-ID: <20120831220906.3C19D3225A@maintenance.suse.de> SUSE Recommended Update: Recommended update for stunnel ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1075-1 Rating: moderate References: #775262 #776756 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 ______________________________________________________________________________ An update that has two recommended fixes can now be installed. Description: This update to stunnel resolves the following issues: * Fix OpenSSL library initialization * Fix stunnel cipher initialization * Default FIPS mode to off when building against updated OpenSSL library * Correct configure option to enable libwrap support. Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 for VMware: zypper in -t patch slessp2-stunnel-6726 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp2-stunnel-6726 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64): stunnel-4.36-0.10.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64): stunnel-4.36-0.10.1 References: https://bugzilla.novell.com/775262 https://bugzilla.novell.com/776756 http://download.novell.com/patch/finder/?keywords=4bdbb5b8b20310fa6bfe42d10bc417b7 From sle-updates at lists.suse.com Fri Aug 31 16:09:08 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 1 Sep 2012 00:09:08 +0200 (CEST) Subject: SUSE-RU-2012:1076-1: Recommended update for ibmrtpkgs, Message-ID: <20120831220908.04B263225A@maintenance.suse.de> SUSE Recommended Update: Recommended update for ibmrtpkgs, ______________________________________________________________________________ Announcement ID: SUSE-RU-2012:1076-1 Rating: low References: #633514 #703490 #714625 Affected Products: SUSE Linux Enterprise Real Time 11 SP1 ______________________________________________________________________________ An update that has three recommended fixes can now be installed. Description: This update of ibmrtpkgs to v1.10 provides the following fixes: * update SMI-Removal.txt * update /etc/modprobe.d/ibm-amd to use .conf extension * Add a check for ipmi at runtime * Update documentation * Whitespace cleanup In addition, the kthread default priorities have been adjusted (bnc#633514) and the licensing has been changed to GPLv2 (bnc#766637). Patch Instructions: To install this SUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Real Time 11 SP1: zypper in -t patch slertesp1-ibmrtpkgs-6486 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Real Time 11 SP1 (x86_64): ibmrtpkgs-2-6.29.3.1 References: https://bugzilla.novell.com/633514 https://bugzilla.novell.com/703490 https://bugzilla.novell.com/714625 http://download.novell.com/patch/finder/?keywords=755ca7d11d764f82c0df17f3672036f6 From sle-updates at lists.suse.com Fri Aug 31 17:08:35 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 1 Sep 2012 01:08:35 +0200 (CEST) Subject: SUSE-SU-2012:1077-1: moderate: Security update for nuts Message-ID: <20120831230835.1F36A32256@maintenance.suse.de> SUSE Security Update: Security update for nuts ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:1077-1 Rating: moderate References: #764699 Cross-References: CVE-2012-2944 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP1 for VMware SUSE Linux Enterprise Server 11 SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: This update of nuts fixes a denial of service flaw that could have been exploited by remote attackers to cause an application crash of upsd. Security Issue reference: * CVE-2012-2944 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-libupsclient1-6379 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-libupsclient1-6379 - SUSE Linux Enterprise Server 11 SP2: zypper in -t patch slessp1-libupsclient1-6379 - SUSE Linux Enterprise Server 11 SP1 for VMware: zypper in -t patch slessp1-libupsclient1-6379 - SUSE Linux Enterprise Server 11 SP1: zypper in -t patch slessp1-libupsclient1-6379 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.2]: nut-cgi-2.6.2-0.2.4.1 nut-devel-2.6.2-0.2.4.1 - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 x86_64) [New Version: 2.6.2]: libupsclient1-2.6.2-0.2.4.1 nut-2.6.2-0.2.4.1 nut-classic-2.6.2-0.2.4.1 nut-drivers-net-2.6.2-0.2.4.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.2]: nut-cgi-2.6.2-0.2.4.1 nut-devel-2.6.2-0.2.4.1 - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64) [New Version: 2.6.2]: libupsclient1-2.6.2-0.2.4.1 nut-2.6.2-0.2.4.1 nut-classic-2.6.2-0.2.4.1 nut-drivers-net-2.6.2-0.2.4.1 - SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.2]: libupsclient1-2.6.2-0.2.4.1 nut-2.6.2-0.2.4.1 nut-classic-2.6.2-0.2.4.1 nut-drivers-net-2.6.2-0.2.4.1 - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 2.6.2]: libupsclient1-2.6.2-0.2.4.1 nut-2.6.2-0.2.4.1 nut-classic-2.6.2-0.2.4.1 nut-drivers-net-2.6.2-0.2.4.1 - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.2]: libupsclient1-2.6.2-0.2.4.1 nut-2.6.2-0.2.4.1 nut-classic-2.6.2-0.2.4.1 nut-drivers-net-2.6.2-0.2.4.1 References: http://support.novell.com/security/cve/CVE-2012-2944.html https://bugzilla.novell.com/764699 http://download.novell.com/patch/finder/?keywords=c2b37f2261099e65d55a6c02fb324155 From sle-updates at lists.suse.com Fri Aug 31 17:08:37 2012 From: sle-updates at lists.suse.com (sle-updates at lists.suse.com) Date: Sat, 1 Sep 2012 01:08:37 +0200 (CEST) Subject: SUSE-OU-2012:1078-1: Optional update for postgresql-devel and postgresql-libs Message-ID: <20120831230837.4FFC732256@maintenance.suse.de> SUSE Optional Update: Optional update for postgresql-devel and postgresql-libs ______________________________________________________________________________ Announcement ID: SUSE-OU-2012:1078-1 Rating: low References: #778279 Affected Products: BDK 11 SP2 ______________________________________________________________________________ An update that has one optional fix can now be installed. Description: This update adds postgresql-libs/-devel. Patch Instructions: To install this SUSE Optional Update use YaST online_update. Alternatively you can run the command listed for your product: - BDK 11 SP2: zypper in -t patch slebdksp2-postgresql-devel-6753 To bring your system up-to-date, use "zypper patch". Package List: - BDK 11 SP2 (i586 ia64 ppc64 s390x x86_64): postgresql-devel-8.3.20-0.4.1 postgresql-libs-8.3.20-0.4.1 References: https://bugzilla.novell.com/778279 http://download.novell.com/patch/finder/?keywords=c6179ca6eab6cdf188ca6498f73ec762