From sle-updates at lists.suse.com Thu Feb 2 05:08:40 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 2 Feb 2012 13:08:40 +0100 (CET)
Subject: SUSE-RU-2012:0136-1: moderate: Recommended update for ipmitool
Message-ID: <20120202120840.47371323BD@maintenance.suse.de>
SUSE Recommended Update: Recommended update for ipmitool
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0136-1
Rating: moderate
References: #730745
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update fixes a memory leak when ipmitool is used to
connect to a serial-over-LAN (SoL) in IPMI LANplus mode.
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
ipmitool-1.8.11-5.8.2
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
ipmitool-1.8.11-5.8.2
References:
https://bugzilla.novell.com/730745
http://download.novell.com/patch/finder/?keywords=1ddfac0b6b51dd2ccb13718528760eaa
From sle-updates at lists.suse.com Thu Feb 2 05:08:52 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 2 Feb 2012 13:08:52 +0100 (CET)
Subject: SUSE-RU-2012:0137-1: Recommended update for seccheck
Message-ID: <20120202120852.8D3D1323BD@maintenance.suse.de>
SUSE Recommended Update: Recommended update for seccheck
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0137-1
Rating: low
References: #741737
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update fixes a typo in a patch using the command
'xargs'.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-seccheck-5703
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-seccheck-5703
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (noarch):
seccheck-2.0-657.13.1
- SUSE Linux Enterprise Server 11 SP1 (noarch):
seccheck-2.0-657.13.1
References:
https://bugzilla.novell.com/741737
http://download.novell.com/patch/finder/?keywords=d2985716b72c674d4b0155767d1f5d08
From sle-updates at lists.suse.com Fri Feb 3 01:08:17 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 3 Feb 2012 09:08:17 +0100 (CET)
Subject: SUSE-RU-2012:0138-1: important: Recommended update for mysql
Message-ID: <20120203080817.9F800323BD@maintenance.suse.de>
SUSE Recommended Update: Recommended update for mysql
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0138-1
Rating: important
References: #742835
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has one recommended fix can now be
installed. It includes one version update.
Description:
This update adds a missing package dependency to make the
MySQL packages properly install in all cases.
Indications:
Every user of MySQL should update.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-libmysqlclient-devel-5743
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-libmysqlclient-devel-5743
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-libmysqlclient-devel-5743
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-libmysqlclient-devel-5743
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 5.0.94]:
libmysqlclient-devel-5.0.94-0.2.4.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64) [New Version: 5.0.94]:
libmysqlclient_r15-32bit-5.0.94-0.2.4.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (ia64) [New Version: 5.0.94]:
libmysqlclient_r15-x86-5.0.94-0.2.4.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 5.0.94]:
libmysqlclient15-5.0.94-0.2.4.1
libmysqlclient_r15-5.0.94-0.2.4.1
mysql-5.0.94-0.2.4.1
mysql-Max-5.0.94-0.2.4.1
mysql-client-5.0.94-0.2.4.1
mysql-tools-5.0.94-0.2.4.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64) [New Version: 5.0.94]:
libmysqlclient15-32bit-5.0.94-0.2.4.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 5.0.94]:
libmysqlclient15-5.0.94-0.2.4.1
libmysqlclient_r15-5.0.94-0.2.4.1
mysql-5.0.94-0.2.4.1
mysql-Max-5.0.94-0.2.4.1
mysql-client-5.0.94-0.2.4.1
mysql-tools-5.0.94-0.2.4.1
- SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64) [New Version: 5.0.94]:
libmysqlclient15-32bit-5.0.94-0.2.4.1
- SUSE Linux Enterprise Server 11 SP1 (ia64) [New Version: 5.0.94]:
libmysqlclient15-x86-5.0.94-0.2.4.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 5.0.94]:
libmysqlclient15-5.0.94-0.2.4.1
libmysqlclient_r15-5.0.94-0.2.4.1
mysql-5.0.94-0.2.4.1
mysql-client-5.0.94-0.2.4.1
- SUSE Linux Enterprise Desktop 11 SP1 (x86_64) [New Version: 5.0.94]:
libmysqlclient15-32bit-5.0.94-0.2.4.1
libmysqlclient_r15-32bit-5.0.94-0.2.4.1
References:
https://bugzilla.novell.com/742835
http://download.novell.com/patch/finder/?keywords=87dbdc42607a831df6d2356969526225
From sle-updates at lists.suse.com Fri Feb 3 01:08:32 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 3 Feb 2012 09:08:32 +0100 (CET)
Subject: SUSE-RU-2012:0139-1: moderate: Recommended update for gdm
Message-ID: <20120203080832.A9075323C0@maintenance.suse.de>
SUSE Recommended Update: Recommended update for gdm
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0139-1
Rating: moderate
References: #617428 #667577 #678632 #690872 #698485 #726489
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has 6 recommended fixes can now be installed.
Description:
This collective update for gdm provides the following fixes:
* 667577: YaST2 does not work on Remote Desktop
* 678632: aureport -l not displaying GDM login
information
* 690872: Improve VNC login behavior
* 698485: Fix login failure due to wrong pam_putenv call
* 726489: Assertion failures when using certain pam
modules
* 617428: Fix defined desktop session restored on
failed authentication
In addition the keyboard "Tab" sequence of the buttons was
changed to "Login", "cancel" and "Suspend" to improve
usability.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-gdm-5504
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-gdm-5504
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-gdm-5504
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
gdm-2.24.0-24.77.1
gdm-branding-upstream-2.24.0-24.77.1
gdm-lang-2.24.0-24.77.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
gdm-2.24.0-24.77.1
gdm-branding-upstream-2.24.0-24.77.1
gdm-lang-2.24.0-24.77.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
gdm-2.24.0-24.77.1
gdm-branding-upstream-2.24.0-24.77.1
gdm-lang-2.24.0-24.77.1
References:
https://bugzilla.novell.com/617428
https://bugzilla.novell.com/667577
https://bugzilla.novell.com/678632
https://bugzilla.novell.com/690872
https://bugzilla.novell.com/698485
https://bugzilla.novell.com/726489
http://download.novell.com/patch/finder/?keywords=6edd01ef46b22bdf75da400d0337ab4d
From sle-updates at lists.suse.com Fri Feb 3 01:08:40 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 3 Feb 2012 09:08:40 +0100 (CET)
Subject: SUSE-RU-2012:0140-1: Recommended update for vsftpd
Message-ID: <20120203080840.A3BF0323C0@maintenance.suse.de>
SUSE Recommended Update: Recommended update for vsftpd
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0140-1
Rating: low
References: #734424
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update fixes a compatibility issue with handling
storing files with a unique file name by trying to
preserve the given file name to improve compatibility with
non-compliant FTP client implementations.
Indications:
Every user of vsftpd should update.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-vsftpd-5522
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-vsftpd-5522
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
vsftpd-2.0.7-4.23.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
vsftpd-2.0.7-4.23.1
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
vsftpd-2.0.4-19.18.222.22.1
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):
vsftpd-2.0.4-19.18.222.22.1
References:
https://bugzilla.novell.com/734424
http://download.novell.com/patch/finder/?keywords=06114ead5d2c94b4d133e59b75f25de7
http://download.novell.com/patch/finder/?keywords=5ab030b0c3443b6ae4f69d5119aaa56f
From sle-updates at lists.suse.com Fri Feb 3 09:08:46 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 3 Feb 2012 17:08:46 +0100 (CET)
Subject: SUSE-OU-2012:0141-1: Optional update for haveged
Message-ID: <20120203160846.2CEC5323C2@maintenance.suse.de>
SUSE Optional Update: Optional update for haveged
______________________________________________________________________________
Announcement ID: SUSE-OU-2012:0141-1
Rating: low
References: #741186
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
SUSE Lifecycle Management Server 1.1 [Appliance - Tools]
______________________________________________________________________________
An update that has one optional fix can now be installed.
It includes one version update.
Description:
This update provides haveged , an entropy gathering daemon
that feeds the linux kernel entropy pool with random
numbers generated from hidden processor states. For more
information please refer to
http://www.issihosts.com/haveged/
Indications:
Every virtualized system should install this package.
Patch Instructions:
To install this SUSE Optional Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-haveged-5682
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-haveged-5682
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-haveged-5682
- SUSE Lifecycle Management Server 1.1 [Appliance - Tools]:
zypper in -t patch sleslmssp1-haveged-5682
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
haveged-1.3-0.6.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.3]:
haveged-1.3-0.6.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 1.3]:
haveged-1.3-0.6.1
- SUSE Lifecycle Management Server 1.1 [Appliance - Tools] (x86_64) [New Version: 1.3]:
haveged-1.3-0.6.1
References:
https://bugzilla.novell.com/741186
http://download.novell.com/patch/finder/?keywords=2fe475f591e86f481ff1e86d09d1f342
From sle-updates at lists.suse.com Fri Feb 3 11:08:26 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 3 Feb 2012 19:08:26 +0100 (CET)
Subject: SUSE-RU-2012:0142-1: Recommended update for powerpc-utils
Message-ID: <20120203180826.6F168323C7@maintenance.suse.de>
SUSE Recommended Update: Recommended update for powerpc-utils
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0142-1
Rating: low
References: #729735
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1
______________________________________________________________________________
An update that has one recommended fix can now be
installed. It includes three new package versions.
Description:
This update provides powerpc-utils 1.2.11 to improve
support for the Power architecture and fix several
important bugs.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-powerpc-utils-12-5747
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-powerpc-utils-12-5747
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64) [New Version: 1.1.11]:
libservicelog-1_1-1-32bit-1.1.11-0.4.3.1
libservicelog-devel-1.1.11-0.4.3.1
libservicelog-devel-32bit-1.1.11-0.4.3.1
- SUSE Linux Enterprise Server 11 SP1 (ppc64) [New Version: 1.1.11,1.2.11 and 1.3.6]:
librtas-1.3.6-0.10.1
librtas-32bit-1.3.6-0.10.1
libservicelog-1.1.11-0.4.3.1
libservicelog-1_1-1-1.1.11-0.4.3.1
powerpc-utils-1.2.11-0.4.2.1
References:
https://bugzilla.novell.com/729735
http://download.novell.com/patch/finder/?keywords=22f5b285b438a9262ea8d9125831aede
From sle-updates at lists.suse.com Fri Feb 3 15:08:39 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 3 Feb 2012 23:08:39 +0100 (CET)
Subject: SUSE-SU-2012:0143-1: moderate: Security update for curl
Message-ID: <20120203220839.3609C323C7@maintenance.suse.de>
SUSE Security Update: Security update for curl
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0143-1
Rating: moderate
References: #742306
Cross-References: CVE-2012-0036
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update to curl fixes the following security issue:
* Don't set SSL_OP_ALL to avoid potential DTLS sniffing
attacks. ( CVE-2012-0036
)
Indications:
Everyone should install this update.
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
curl-7.15.1-19.20.1
curl-devel-7.15.1-19.20.1
- SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):
curl-32bit-7.15.1-19.20.1
- SUSE Linux Enterprise Server 10 SP4 (ia64):
curl-x86-7.15.1-19.20.1
- SUSE Linux Enterprise Server 10 SP4 (ppc):
curl-64bit-7.15.1-19.20.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
curl-7.15.1-19.20.1
curl-devel-7.15.1-19.20.1
- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):
curl-32bit-7.15.1-19.20.1
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):
curl-devel-7.15.1-19.20.1
References:
http://support.novell.com/security/cve/CVE-2012-0036.html
https://bugzilla.novell.com/742306
http://download.novell.com/patch/finder/?keywords=8974c7b68cc0e0a4cf5b7453bd266343
From sle-updates at lists.suse.com Fri Feb 3 16:08:41 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Sat, 4 Feb 2012 00:08:41 +0100 (CET)
Subject: SUSE-SU-2012:0144-1: moderate: Security update for tomcat5
Message-ID: <20120203230841.F0367323C8@maintenance.suse.de>
SUSE Security Update: Security update for tomcat5
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0144-1
Rating: moderate
References: #727543
Cross-References: CVE-2011-4858
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This security update for tomcat5 fixes a vulnerability to a
hash collision attack which allows remote attackers to
perform denial of service attacks. The issue is tracked as
CVE-2011-4858
.
Indications:
Everyone using Apache Tomcat should update.
Package List:
- SUSE Linux Enterprise Server 10 SP4 (noarch):
tomcat5-5.5.27-0.18.4
tomcat5-admin-webapps-5.5.27-0.18.4
tomcat5-webapps-5.5.27-0.18.4
- SLE SDK 10 SP4 (noarch):
tomcat5-5.5.27-0.18.4
tomcat5-admin-webapps-5.5.27-0.18.4
tomcat5-webapps-5.5.27-0.18.4
References:
http://support.novell.com/security/cve/CVE-2011-4858.html
https://bugzilla.novell.com/727543
http://download.novell.com/patch/finder/?keywords=db53da1f9bc372bf81229767487059b1
From sle-updates at lists.suse.com Fri Feb 3 17:08:37 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Sat, 4 Feb 2012 01:08:37 +0100 (CET)
Subject: SUSE-RU-2012:0145-1: Recommended update for puppet
Message-ID: <20120204000837.B7BD5323C2@maintenance.suse.de>
SUSE Recommended Update: Recommended update for puppet
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0145-1
Rating: low
References: #739361
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has one recommended fix can now be
installed. It includes one version update.
Description:
This update fixes wrong directory permissions and
ownerships of puppet directories.
Indications:
Every user of puppet should update.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-puppet-5748
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-puppet-5748
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-puppet-5748
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 2.6.12]:
puppet-2.6.12-0.10.1
puppet-server-2.6.12-0.10.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.6.12]:
puppet-2.6.12-0.10.1
puppet-server-2.6.12-0.10.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 2.6.12]:
puppet-2.6.12-0.10.1
References:
https://bugzilla.novell.com/739361
http://download.novell.com/patch/finder/?keywords=e9f123ffc6028c2dd16dc0f1eb8ce738
From sle-updates at lists.suse.com Fri Feb 3 19:08:31 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Sat, 4 Feb 2012 03:08:31 +0100 (CET)
Subject: SUSE-SU-2012:0146-1: Security update for MozillaFirefox
Message-ID: <20120204020832.01120323C2@maintenance.suse.de>
SUSE Security Update: Security update for MozillaFirefox
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0146-1
Rating: low
References: #742826
Cross-References: CVE-2011-3659 CVE-2012-0442 CVE-2012-0443
CVE-2012-0444 CVE-2012-0445 CVE-2012-0446
CVE-2012-0447 CVE-2012-0449 CVE-2012-0450
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that fixes 9 vulnerabilities is now available. It
includes three new package versions.
Description:
This update provides Mozilla Firefox 10, which provides
many fixes, security and feature enhancements.
For a detailed list, please have a look at
http://www.mozilla.org/en-US/firefox/10.0/releasenotes/
and
http://www.mozilla.org/de/firefox/features/
The following security issues have been fixed in this
update:
*
Mozilla developers identified and fixed several
memory safety bugs in the browser engine used in Firefox
and other Mozilla-based products. Some of these bugs showed
evidence of memory corruption under certain circumstances,
and we presume that with enough effort at least some of
these could be exploited to run arbitrary code. (MFSA
2012-01
, CVE-2012-0442
, CVE-2012-0443
)
*
Alex Dvorov reported that an attacker could replace a
sub-frame in another domain's document by using the name
attribute of the sub-frame as a form submission target.
This can potentially allow for phishing attacks against
users and violates the HTML5 frame navigation policy. (MFSA
2012-03
, CVE-2012-0445
)
*
Security researcher regenrecht reported via
TippingPoint's Zero Day Initiative that removed child nodes
of nsDOMAttribute can be accessed under certain
circumstances because of a premature notification of
AttributeChildRemoved. This use-after-free of the child
nodes could possibly allow for for remote code execution.
(MFSA 2012-04
, CVE-2011-3659
)
*
Mozilla security researcher moz_bug_r_a4 reported
that frame scripts bypass XPConnect security checks when
calling untrusted objects. This allows for cross-site
scripting (XSS) attacks through web pages and Firefox
extensions. The fix enables the Script Security Manager
(SSM) to force security checks on all frame scripts. (MFSA
2012-05
, CVE-2012-0446
)
*
Mozilla developer Tim Abraldes reported that when
encoding images as image/vnd.microsoft.icon the resulting
data was always a fixed size, with uninitialized memory
appended as padding beyond the size of the actual image.
This is the result of mImageBufferSize in the encoder being
initialized with a value different than the size of the
source image. There is the possibility of sensitive data
from uninitialized memory being appended to a PNG image
when converted fron an ICO format image. This sensitive
data may then be disclosed in the resulting image. ((MFSA
2012-06)
http://www.mozilla.org/security/announce/2012/mfsa2012-06.ht
ml], [CVE-2012-0447
)
*
Security researcher regenrecht reported via
TippingPoint's Zero Day Initiative the possibility of
memory corruption during the decoding of Ogg Vorbis files.
This can cause a crash during decoding and has the
potential for remote code execution. (MFSA 2012-07
, CVE-2012-0444
)
*
Security researchers Nicolas Gregoire and Aki Helin
independently reported that when processing a malformed
embedded XSLT stylesheet, Firefox can crash due to a memory
corruption. While there is no evidence that this is
directly exploitable, there is a possibility of remote code
execution. (MFSA 2012-08
, CVE-2012-0449
)
*
magicant starmen reported that if a user chooses to
export their Firefox Sync key the "Firefox Recovery
Key.html" file is saved with incorrect permissions, making
the file contents potentially readable by other users on
Linux and OS X systems. (MFSA 2012-09
, CVE-2012-0450
)
Indications:
Firefox users should update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-firefox-10-5754
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-firefox-10-5754
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-firefox-10-5754
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-firefox-10-5754
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 s390x x86_64):
beagle-0.3.8-56.44.45.6
beagle-devel-0.3.8-56.44.45.6
beagle-lang-0.3.8-56.44.45.6
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 10.0 and 7]:
MozillaFirefox-10.0-0.3.2
MozillaFirefox-branding-SLES-for-VMware-7-0.4.2.5
MozillaFirefox-translations-10.0-0.3.2
mozilla-kde4-integration-0.6.3-5.6.5
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 10.0 and 7]:
MozillaFirefox-10.0-0.3.2
MozillaFirefox-branding-SLED-7-0.6.7.7
MozillaFirefox-translations-10.0-0.3.2
mozilla-kde4-integration-0.6.3-5.6.5
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 10.0 and 7]:
MozillaFirefox-10.0-0.3.2
MozillaFirefox-branding-SLED-7-0.6.7.7
MozillaFirefox-translations-10.0-0.3.2
beagle-0.3.8-56.44.45.6
beagle-evolution-0.3.8-56.44.45.6
beagle-firefox-0.3.8-56.44.45.6
beagle-gui-0.3.8-56.44.45.6
beagle-lang-0.3.8-56.44.45.6
mhtml-firefox-0.5-1.45.7
mozilla-kde4-integration-0.6.3-5.6.5
- SUSE Linux Enterprise Desktop 11 SP1 (i586) [New Version: 11.1.102.55]:
flash-player-11.1.102.55-0.13.1
References:
http://support.novell.com/security/cve/CVE-2011-3659.html
http://support.novell.com/security/cve/CVE-2012-0442.html
http://support.novell.com/security/cve/CVE-2012-0443.html
http://support.novell.com/security/cve/CVE-2012-0444.html
http://support.novell.com/security/cve/CVE-2012-0445.html
http://support.novell.com/security/cve/CVE-2012-0446.html
http://support.novell.com/security/cve/CVE-2012-0447.html
http://support.novell.com/security/cve/CVE-2012-0449.html
http://support.novell.com/security/cve/CVE-2012-0450.html
https://bugzilla.novell.com/742826
http://download.novell.com/patch/finder/?keywords=036e93199c4a2b5d3bc60b6d05a8d355
From sle-updates at lists.suse.com Fri Feb 3 19:08:44 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Sat, 4 Feb 2012 03:08:44 +0100 (CET)
Subject: SUSE-SU-2012:0147-1: moderate: Security update for ruby
Message-ID: <20120204020844.B656B323C2@maintenance.suse.de>
SUSE Security Update: Security update for ruby
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0147-1
Rating: moderate
References: #704409 #739122 #740796
Cross-References: CVE-2011-2686 CVE-2011-2705 CVE-2011-3009
CVE-2011-4815
Affected Products:
WebYaST [Appliance - Tools]
WebYaST 1.2
SUSE Studio Standard Edition 1.2
SUSE Studio Onsite 1.2
SUSE Studio Onsite 1.1
SUSE Studio Extension for System z 1.2
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
SUSE Lifecycle Management Server 1.1 [Appliance - Tools]
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
It includes two new package versions.
Description:
This update of ruby provides 1.8.7p357, which contains many
stability fixes and bug fixes while maintaining full
compatibility with the previous version. A detailailed
list of changes is available from
http://svn.ruby-lang.org/repos/ruby/tags/v1_8_7_357/ChangeLo
g
.
The most important fixes are:
* Hash functions are now using a randomized seed to
avoid algorithmic complexity attacks. If available,
OpenSSL::Random.seed at the SecureRandom.random_bytes is
used to achieve this. (CVE-2011-4815
)
* mkconfig.rb: fix for continued lines.
* Fix Infinity to be greater than any bignum number.
* Initialize store->ex_data.sk.
* Several IPv6 related fixes.
* Fixes for zlib.
* Reinitialize PRNG when forking children
(CVE-2011-2686
, CVE-2011-3009
)
* Fixes to securerandom. (CVE-2011-2705
)
* Fix uri route_to
* Fix race condition with variables and autoload.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- WebYaST [Appliance - Tools]:
zypper in -t patch slewyst1sp1-ruby-187p357-5716 slewystsp1-ruby-187p357-5716
- WebYaST 1.2:
zypper in -t patch slewyst12-ruby-187p357-5715
- SUSE Studio Standard Edition 1.2:
zypper in -t patch sleslms12-ruby-187p357-5715
- SUSE Studio Onsite 1.2:
zypper in -t patch slestso12-ruby-187p357-5715
- SUSE Studio Onsite 1.1:
zypper in -t patch slestsosp1-ruby-187p357-5716
- SUSE Studio Extension for System z 1.2:
zypper in -t patch slestso12-ruby-187p357-5715
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-ruby-187p357-5716
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-ruby-187p357-5716
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-ruby-187p357-5716
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-ruby-187p357-5716
- SUSE Lifecycle Management Server 1.1 [Appliance - Tools]:
zypper in -t patch sleslmssp1-ruby-187p357-5716
To bring your system up-to-date, use "zypper patch".
Package List:
- WebYaST [Appliance - Tools] (i586 ia64 ppc64 s390x x86_64) [New Version: 0.4.0 and 1.8.7.p357]:
ruby-dbus-0.4.0-0.9.4
ruby-devel-1.8.7.p357-0.7.1
- WebYaST 1.2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.8.7.p357]:
ruby-dbus-0.4.0-0.9.4
ruby-devel-1.8.7.p357-0.7.1
- SUSE Studio Standard Edition 1.2 (x86_64) [New Version: 1.8.7.p357]:
ruby-dbus-0.4.0-0.9.4
ruby-devel-1.8.7.p357-0.7.1
- SUSE Studio Onsite 1.2 (x86_64) [New Version: 1.8.7.p357]:
ruby-dbus-0.4.0-0.9.4
ruby-devel-1.8.7.p357-0.7.1
- SUSE Studio Onsite 1.1 (x86_64) [New Version: 1.8.7.p357]:
ruby-dbus-0.4.0-0.9.4
ruby-devel-1.8.7.p357-0.7.1
- SUSE Studio Extension for System z 1.2 (s390x) [New Version: 1.8.7.p357]:
ruby-devel-1.8.7.p357-0.7.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.8.7.p357]:
ruby-devel-1.8.7.p357-0.7.1
ruby-doc-ri-1.8.7.p357-0.7.1
ruby-examples-1.8.7.p357-0.7.1
ruby-test-suite-1.8.7.p357-0.7.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64) [New Version: 1.8.7.p357]:
ruby-doc-html-1.8.7.p357-0.7.1
ruby-tk-1.8.7.p357-0.7.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 1.8.7.p357]:
ruby-1.8.7.p357-0.7.1
ruby-doc-html-1.8.7.p357-0.7.1
ruby-tk-1.8.7.p357-0.7.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.8.7.p357]:
ruby-1.8.7.p357-0.7.1
ruby-doc-html-1.8.7.p357-0.7.1
ruby-tk-1.8.7.p357-0.7.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 1.8.7.p357]:
ruby-1.8.7.p357-0.7.1
- SUSE Lifecycle Management Server 1.1 [Appliance - Tools] (x86_64) [New Version: 1.8.7.p357]:
ruby-dbus-0.4.0-0.9.4
ruby-devel-1.8.7.p357-0.7.1
References:
http://support.novell.com/security/cve/CVE-2011-2686.html
http://support.novell.com/security/cve/CVE-2011-2705.html
http://support.novell.com/security/cve/CVE-2011-3009.html
http://support.novell.com/security/cve/CVE-2011-4815.html
https://bugzilla.novell.com/704409
https://bugzilla.novell.com/739122
https://bugzilla.novell.com/740796
http://download.novell.com/patch/finder/?keywords=04214679f41728fe49ac9a6f9d32da7f
http://download.novell.com/patch/finder/?keywords=e0d0ef7ec3aa01a87e6c002c3f147d73
From sle-updates at lists.suse.com Fri Feb 3 20:08:44 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Sat, 4 Feb 2012 04:08:44 +0100 (CET)
Subject: SUSE-RU-2012:0148-1: Recommended update for ckermit
Message-ID: <20120204030844.29B63323C2@maintenance.suse.de>
SUSE Recommended Update: Recommended update for ckermit
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0148-1
Rating: low
References: #724186
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update fixes handling of FTP port numbers above 32767.
Indications:
Every user of ckermit should update.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-ckermit-5570
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-ckermit-5570
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-ckermit-5570
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
ckermit-8.0.211-95.16.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
ckermit-8.0.211-95.16.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
ckermit-8.0.211-95.16.1
References:
https://bugzilla.novell.com/724186
http://download.novell.com/patch/finder/?keywords=1780f7571ff5c0d24219b56e34d3eda0
From sle-updates at lists.suse.com Fri Feb 3 21:08:23 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Sat, 4 Feb 2012 05:08:23 +0100 (CET)
Subject: SUSE-FU-2012:0149-1: Feature update to Apache Tomcat 6
Message-ID: <20120204040823.0DBC3323C7@maintenance.suse.de>
SUSE Feature Update: Feature update to Apache Tomcat 6
______________________________________________________________________________
Announcement ID: SUSE-FU-2012:0149-1
Rating: low
References: #740858
Affected Products:
SUSE Manager 1.2 for SLE 11 SP1
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has one feature fix can now be installed. It
includes one version update.
Description:
This update adds Tomcat 6 to SUSE Linux Enterprise Server
11 SP1. Tomcat 6 and the related packages are thus fully
supported on the architectures Intel/AMD x86 (32bit),
AMD64/Intel64, IBM POWER and IBM System z on SUSE Linux
Enterprise Server 11 SP1.
Indications:
Every Tomcat user should update.
Patch Instructions:
To install this SUSE Feature Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Manager 1.2 for SLE 11 SP1:
zypper in -t patch sleman12sp1-tomcat-6-for-sles-5709
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-tomcat-6-for-sles-5709
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-tomcat-6-for-sles-5709
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-tomcat-6-for-sles-5709
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-tomcat-6-for-sles-5709
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Manager 1.2 for SLE 11 SP1 (noarch):
bcel-5.1-276.26.1
classpathx-mail-1.1.1-54.35.3
ecj-3.3-2.20.2
jakarta-commons-beanutils-1.7.0-26.21.3
jakarta-commons-codec-1.3-20.23.2
jakarta-commons-collections-3.2-88.34.2
jakarta-commons-collections-tomcat5-3.2-88.34.2
jakarta-commons-daemon-1.0.1-20.20.2
jakarta-commons-dbcp-1.2.2-88.34.4
jakarta-commons-dbcp-tomcat5-1.2.2-88.34.4
jakarta-commons-digester-1.7-22.21.3
jakarta-commons-discovery-0.4-1.29.3
jakarta-commons-el-1.0-25.20.4
jakarta-commons-fileupload-1.1.1-1.33.2
jakarta-commons-httpclient3-3.0.1-253.32.104
jakarta-commons-io-1.3.2-83.34.2
jakarta-commons-lang-2.3-1.32.2
jakarta-commons-logging-1.0.4-265.29.3
jakarta-commons-pool-1.3-1.29.2
jakarta-commons-pool-tomcat5-1.3-1.29.2
jakarta-commons-validator-1.1.4-21.19.3
jakarta-taglibs-standard-1.1.1-234.29.2
log4j-1.2.15-26.32.6
oro-2.0.8-25.20.2
regexp-1.4-0.2.50
servletapi5-5.0.18-238.26.1
tomcat6-6.0.18-20.33.1
tomcat6-jsp-2_1-api-6.0.18-20.33.1
tomcat6-lib-6.0.18-20.33.1
tomcat6-servlet-2_5-api-6.0.18-20.33.1
xml-commons-1.3.02-227.29.54
xml-commons-apis-1.3.02-227.29.54
- SUSE Linux Enterprise Software Development Kit 11 SP1 (noarch) [New Version: 1.4]:
gnu-regexp-1.1.4-21.20.2
gnu-regexp-javadoc-1.1.4-21.20.2
log4j-manual-1.2.15-26.32.6
regexp-1.4-0.2.50
regexp-javadoc-1.4-0.2.50
xml-commons-apis-1.3.02-227.29.54
xml-commons-apis-bootstrap-1.3-227.29.51
xml-commons-apis-javadoc-1.3.02-227.29.54
xml-commons-apis-manual-1.3.02-227.29.54
xml-commons-which-1.3.02-227.29.54
xml-commons-which-bootstrap-1.0.b2-227.29.51
xml-commons-which-javadoc-1.3.02-227.29.54
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
apache2-mod_jk-1.2.26-1.30.110
libtcnative-1-0-1.2.12-20.33.1
tomcat_apparmor-2.0.2-229.33.4
- SUSE Linux Enterprise Server 11 SP1 for VMware (noarch):
axis-1.4-236.36.4
bcel-5.1-276.26.1
classpathx-mail-1.1.1-54.35.3
ecj-3.3-2.20.2
gnu-jaf-1.0-226.29.1
jakarta-commons-beanutils-1.7.0-26.21.3
jakarta-commons-beanutils-javadoc-1.7.0-26.21.3
jakarta-commons-codec-1.3-20.23.2
jakarta-commons-collections-3.2-88.34.2
jakarta-commons-collections-javadoc-3.2-88.34.2
jakarta-commons-collections-tomcat5-3.2-88.34.2
jakarta-commons-daemon-1.0.1-20.20.2
jakarta-commons-daemon-javadoc-1.0.1-20.20.2
jakarta-commons-dbcp-1.2.2-88.34.4
jakarta-commons-dbcp-javadoc-1.2.2-88.34.4
jakarta-commons-dbcp-tomcat5-1.2.2-88.34.4
jakarta-commons-digester-1.7-22.21.3
jakarta-commons-digester-javadoc-1.7-22.21.3
jakarta-commons-discovery-0.4-1.29.3
jakarta-commons-discovery-javadoc-0.4-1.29.3
jakarta-commons-el-1.0-25.20.4
jakarta-commons-el-javadoc-1.0-25.20.4
jakarta-commons-fileupload-1.1.1-1.33.2
jakarta-commons-fileupload-javadoc-1.1.1-1.33.2
jakarta-commons-httpclient3-3.0.1-253.32.104
jakarta-commons-io-1.3.2-83.34.2
jakarta-commons-lang-2.3-1.32.2
jakarta-commons-launcher-1.1-1.29.2
jakarta-commons-launcher-javadoc-1.1-1.29.2
jakarta-commons-logging-1.0.4-265.29.3
jakarta-commons-logging-javadoc-1.0.4-265.29.3
jakarta-commons-modeler-2.0-21.30.4
jakarta-commons-modeler-javadoc-2.0-21.30.4
jakarta-commons-pool-1.3-1.29.2
jakarta-commons-pool-javadoc-1.3-1.29.2
jakarta-commons-pool-tomcat5-1.3-1.29.2
jakarta-commons-validator-1.1.4-21.19.3
jakarta-commons-validator-javadoc-1.1.4-21.19.3
jakarta-taglibs-standard-1.1.1-234.29.2
jakarta-taglibs-standard-javadoc-1.1.1-234.29.2
log4j-1.2.15-26.32.6
mx4j-3.0.1-223.34.4
mx4j-javadoc-3.0.1-223.34.4
mx4j-manual-3.0.1-223.34.4
oro-2.0.8-25.20.2
regexp-1.4-0.2.50
regexp-javadoc-1.4-0.2.50
servletapi5-5.0.18-238.26.1
tomcat6-6.0.18-20.33.1
tomcat6-admin-webapps-6.0.18-20.33.1
tomcat6-docs-webapp-6.0.18-20.33.1
tomcat6-javadoc-6.0.18-20.33.1
tomcat6-jsp-2_1-api-6.0.18-20.33.1
tomcat6-lib-6.0.18-20.33.1
tomcat6-servlet-2_5-api-6.0.18-20.33.1
tomcat6-webapps-6.0.18-20.33.1
wsdl4j-1.5.1-21.34.2
xml-commons-1.3.02-227.29.54
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
apache2-mod_jk-1.2.26-1.30.110
libtcnative-1-0-1.2.12-20.33.1
tomcat_apparmor-2.0.2-229.33.4
- SUSE Linux Enterprise Server 11 SP1 (noarch):
axis-1.4-236.36.4
bcel-5.1-276.26.1
classpathx-mail-1.1.1-54.35.3
ecj-3.3-2.20.2
gnu-jaf-1.0-226.29.1
jakarta-commons-beanutils-1.7.0-26.21.3
jakarta-commons-beanutils-javadoc-1.7.0-26.21.3
jakarta-commons-codec-1.3-20.23.2
jakarta-commons-collections-3.2-88.34.2
jakarta-commons-collections-javadoc-3.2-88.34.2
jakarta-commons-collections-tomcat5-3.2-88.34.2
jakarta-commons-daemon-1.0.1-20.20.2
jakarta-commons-daemon-javadoc-1.0.1-20.20.2
jakarta-commons-dbcp-1.2.2-88.34.4
jakarta-commons-dbcp-javadoc-1.2.2-88.34.4
jakarta-commons-dbcp-tomcat5-1.2.2-88.34.4
jakarta-commons-digester-1.7-22.21.3
jakarta-commons-digester-javadoc-1.7-22.21.3
jakarta-commons-discovery-0.4-1.29.3
jakarta-commons-discovery-javadoc-0.4-1.29.3
jakarta-commons-el-1.0-25.20.4
jakarta-commons-el-javadoc-1.0-25.20.4
jakarta-commons-fileupload-1.1.1-1.33.2
jakarta-commons-fileupload-javadoc-1.1.1-1.33.2
jakarta-commons-httpclient3-3.0.1-253.32.104
jakarta-commons-io-1.3.2-83.34.2
jakarta-commons-lang-2.3-1.32.2
jakarta-commons-launcher-1.1-1.29.2
jakarta-commons-launcher-javadoc-1.1-1.29.2
jakarta-commons-logging-1.0.4-265.29.3
jakarta-commons-logging-javadoc-1.0.4-265.29.3
jakarta-commons-modeler-2.0-21.30.4
jakarta-commons-modeler-javadoc-2.0-21.30.4
jakarta-commons-pool-1.3-1.29.2
jakarta-commons-pool-javadoc-1.3-1.29.2
jakarta-commons-pool-tomcat5-1.3-1.29.2
jakarta-commons-validator-1.1.4-21.19.3
jakarta-commons-validator-javadoc-1.1.4-21.19.3
jakarta-taglibs-standard-1.1.1-234.29.2
jakarta-taglibs-standard-javadoc-1.1.1-234.29.2
log4j-1.2.15-26.32.6
mx4j-3.0.1-223.34.4
mx4j-javadoc-3.0.1-223.34.4
mx4j-manual-3.0.1-223.34.4
oro-2.0.8-25.20.2
regexp-1.4-0.2.50
regexp-javadoc-1.4-0.2.50
servletapi5-5.0.18-238.26.1
tomcat6-6.0.18-20.33.1
tomcat6-admin-webapps-6.0.18-20.33.1
tomcat6-docs-webapp-6.0.18-20.33.1
tomcat6-javadoc-6.0.18-20.33.1
tomcat6-jsp-2_1-api-6.0.18-20.33.1
tomcat6-lib-6.0.18-20.33.1
tomcat6-servlet-2_5-api-6.0.18-20.33.1
tomcat6-webapps-6.0.18-20.33.1
wsdl4j-1.5.1-21.34.2
xml-commons-1.3.02-227.29.54
- SUSE Linux Enterprise Desktop 11 SP1 (noarch):
xml-commons-1.3.02-227.29.54
xml-commons-apis-1.3.02-227.29.54
References:
https://bugzilla.novell.com/740858
http://download.novell.com/patch/finder/?keywords=75b98673b1aad816098d66745461dd2f
From sle-updates at lists.suse.com Fri Feb 3 21:08:29 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Sat, 4 Feb 2012 05:08:29 +0100 (CET)
Subject: SUSE-YU-2012:0150-1: YOU update for Software Update Stack
Message-ID: <20120204040829.48F49323C1@maintenance.suse.de>
SUSE YOU Update: YOU update for Software Update Stack
______________________________________________________________________________
Announcement ID: SUSE-YU-2012:0150-1
Rating: low
References: #616708 #616982 #622286 #663301 #680630 #687529
#698796 #708632 #708641 #708667 #708676 #708888
#709480 #709494 #710269 #711429 #721128 #722039
#722250 #724449 #724957 #732813 #735284 #735826
#740982 #742033 #742306
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Point of Service 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has 27 YOU fixes can now be installed. It
includes 7 new package versions.
Description:
This 2012/02 update for the Software Management Update
Stack provides the following fixes:
Libzypp and libsatsolver:
* change splitprovides so that they only work on
packages that are to be updated (bnc#740982)
* Fix and optimize Pathname ctor and provide testcases
(bnc#721128)
* Fix code10 to code11 conversion of product metadata
(bnc#711429)
* Fix arch name typo in code10 to code11 conversion
(bnc#711429)
* Do not differ between type nfs and nfs4 when checking
the mount table (bnc#710269)
* Fix and optimize Pathname ctor and provide testcases
(bnc#721128)
* Require curl version that provides gssapi delegation
(bnc#735284)
zypper:
* Fix 'zypper search' xml output (bnc#687529)
* Allow white space before key=value pair (bnc#722250)
* Update manpage to give some repo URI examples
(bnc#680630)
yast2-wagon:
* install also all applicable patches (except optional
ones) (part of fate#311994)
* force product upgrade in full migration mode, handle
product name changes (bnc#735826)
* Do not allow to continue without package lock (BNC
#616982)
* added new core/full migration selection dialog
(fate#311994)
* if the system is managed by SUSE Manager display a
message and exit (fate#311994)
* added a new client for selecting DUP repositories
(fate#311994)
* added a new client for checking registration status
before starting migration (fate#309594)
* implemented download in advance mode support
(fate#308951)
* display solver error in the migration propsal, do not
allow starting migration when there is an unsolved problem
(bnc#708676)
* do not disable current repositories, minimal
migration uses "DUP from" feature so they can stay enabled
(bnc#708632)
* fixed registration status check when registering
against SMT (bnc#708888)
* properly display selected migration type when going
back in the migration workflow (bnc#708667)
* reset and repropose package selection when migration
type is changed (bnc#708641)
* display "Registration Code" checkbox in the
registration step (bnc#724957)
* fixed registration status check when there is only
one product installed (bnc#732813)
* do full migration only from SP2 repos (but also
install patches in addition to minimal migration)
(fate#311994)
yast2-packager:
* fixed UI syntax error in package callbacks when there
is a popup window displayed (bnc#722039, bnc#622286)
* correctly display download progress in
DownloadInAdvance libzypp mode (bnc#616708)
* fix download progress when using add-ons (bnc#663301)
yast2-pkg-bindings:
* fixed reloading of repositories which have been
removed during service reload (bnc#724449)
* fixed saving additional repositories added by
registration (bnc#742033)
curl:
* Added also the --delegation option to the curl tool
(bnc#698796#c12).
* Add CURLOPT_GSSAPI_DELEGATION libcurl option
(bnc#698796#c12) plus a couple of minor fixes and cleanups.
* Curl_input_negotiate: do not delegate GSSAPI
credentials (bnc#698796, CVE-2011-2192).
* Update to 7.19.7, which provides many bugfixes
* fix for a regression in handling of
'[protocol]_proxy' environment variables.
Special Instructions and Notes:
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
Patch Instructions:
To install this SUSE YOU Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-softwaremgmt-201202-5738
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-softwaremgmt-201202-5738
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-softwaremgmt-201202-5738
- SUSE Linux Enterprise Point of Service 11 SP1:
zypper in -t patch sleposp1-softwaremgmt-201202-5738
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-softwaremgmt-201202-5738
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.14.19,6.37.5 and 7.19.7]:
libcurl-devel-7.19.7-1.18.1
libsatsolver-devel-0.14.19-0.3.8
libzypp-devel-6.37.5-0.5.6
ruby-satsolver-0.14.19-0.3.8
- SUSE Linux Enterprise Software Development Kit 11 SP1 (noarch) [New Version: 2.17.45.5]:
yast2-pkg-bindings-devel-doc-2.17.45.5-0.3.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 0.14.19,1.3.16,2.17.45.5,2.17.78.3,6.37.5 and 7.19.7]:
curl-7.19.7-1.18.1
libcurl4-7.19.7-1.18.1
libzypp-6.37.5-0.5.6
perl-satsolver-0.14.19-0.3.8
python-satsolver-0.14.19-0.3.8
satsolver-tools-0.14.19-0.3.8
yast2-packager-2.17.78.3-0.3.11
yast2-pkg-bindings-2.17.45.5-0.3.1
zypper-1.3.16-0.3.7
- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64) [New Version: 7.19.7]:
libcurl4-32bit-7.19.7-1.18.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (noarch) [New Version: 2.17.17.8]:
yast2-wagon-2.17.17.8-0.3.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.14.19,1.3.16,2.17.45.5,2.17.78.3,6.37.5 and 7.19.7]:
curl-7.19.7-1.18.1
libcurl4-7.19.7-1.18.1
libzypp-6.37.5-0.5.6
perl-satsolver-0.14.19-0.3.8
python-satsolver-0.14.19-0.3.8
satsolver-tools-0.14.19-0.3.8
yast2-packager-2.17.78.3-0.3.11
yast2-pkg-bindings-2.17.45.5-0.3.1
zypper-1.3.16-0.3.7
- SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64) [New Version: 7.19.7]:
libcurl4-32bit-7.19.7-1.18.1
- SUSE Linux Enterprise Server 11 SP1 (noarch) [New Version: 2.17.17.8]:
yast2-wagon-2.17.17.8-0.3.1
- SUSE Linux Enterprise Server 11 SP1 (ia64) [New Version: 7.19.7]:
libcurl4-x86-7.19.7-1.18.1
- SUSE Linux Enterprise Point of Service 11 SP1 (x86_64):
yast2-pkg-bindings-2.17.45.5-0.3.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 0.14.19,1.3.16,2.17.45.5,2.17.78.3,6.37.5 and 7.19.7]:
curl-7.19.7-1.18.1
libcurl4-7.19.7-1.18.1
libzypp-6.37.5-0.5.6
perl-satsolver-0.14.19-0.3.8
python-satsolver-0.14.19-0.3.8
satsolver-tools-0.14.19-0.3.8
yast2-packager-2.17.78.3-0.3.11
yast2-pkg-bindings-2.17.45.5-0.3.1
zypper-1.3.16-0.3.7
- SUSE Linux Enterprise Desktop 11 SP1 (x86_64) [New Version: 7.19.7]:
libcurl4-32bit-7.19.7-1.18.1
- SUSE Linux Enterprise Desktop 11 SP1 (noarch) [New Version: 2.17.17.8]:
yast2-wagon-2.17.17.8-0.3.1
References:
https://bugzilla.novell.com/616708
https://bugzilla.novell.com/616982
https://bugzilla.novell.com/622286
https://bugzilla.novell.com/663301
https://bugzilla.novell.com/680630
https://bugzilla.novell.com/687529
https://bugzilla.novell.com/698796
https://bugzilla.novell.com/708632
https://bugzilla.novell.com/708641
https://bugzilla.novell.com/708667
https://bugzilla.novell.com/708676
https://bugzilla.novell.com/708888
https://bugzilla.novell.com/709480
https://bugzilla.novell.com/709494
https://bugzilla.novell.com/710269
https://bugzilla.novell.com/711429
https://bugzilla.novell.com/721128
https://bugzilla.novell.com/722039
https://bugzilla.novell.com/722250
https://bugzilla.novell.com/724449
https://bugzilla.novell.com/724957
https://bugzilla.novell.com/732813
https://bugzilla.novell.com/735284
https://bugzilla.novell.com/735826
https://bugzilla.novell.com/740982
https://bugzilla.novell.com/742033
https://bugzilla.novell.com/742306
http://download.novell.com/patch/finder/?keywords=36c886f3f030e3579cc40b4231fd9bc1
From sle-updates at lists.suse.com Fri Feb 3 22:08:21 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Sat, 4 Feb 2012 06:08:21 +0100 (CET)
Subject: SUSE-OU-2012:0151-1: Optional update for IcedTea-Web
Message-ID: <20120204050821.AEBB9323C8@maintenance.suse.de>
SUSE Optional Update: Optional update for IcedTea-Web
______________________________________________________________________________
Announcement ID: SUSE-OU-2012:0151-1
Rating: low
References: #742947
Affected Products:
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has one optional fix can now be installed.
Description:
The IcedTea-Web project provides a Free Software web
browser plugin running applets written in the Java
programming language and an implementation of Java Web
Start, originally based on the NetX project.
Indications:
Every interested user might install this package.
Patch Instructions:
To install this SUSE Optional Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-icedtea-web-5691 sledsp1-java-1_6_0-openjdk-5692
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
icedtea-web-1.1.4-0.2.2.1
java-1_6_0-openjdk-1.6.0.0_b22.1.10.4-0.2.2.1
java-1_6_0-openjdk-demo-1.6.0.0_b22.1.10.4-0.2.2.1
java-1_6_0-openjdk-devel-1.6.0.0_b22.1.10.4-0.2.2.1
References:
https://bugzilla.novell.com/742947
http://download.novell.com/patch/finder/?keywords=babc5d0b567c4a73c7fa00f1fb1f463d
http://download.novell.com/patch/finder/?keywords=f030f5e61383bce9bf4415cb70649bfb
From sle-updates at lists.suse.com Sat Feb 4 08:08:09 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Sat, 4 Feb 2012 16:08:09 +0100 (CET)
Subject: SUSE-RU-2012:0152-1: Recommended update for net-snmp
Message-ID: <20120204150809.2DFA6323C2@maintenance.suse.de>
SUSE Recommended Update: Recommended update for net-snmp
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0152-1
Rating: low
References: #431495 #604297 #623497 #629073 #634530 #694026
#695786 #707636 #719930 #720440 #734454
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has 11 recommended fixes can now be
installed.
Description:
This collective update for net-snmp provides the following
fixes:
* protect against bogus failures (returning 0) and
subsequent double-frees (bnc#734454)
* logrotate: use "reload" instead of "try-restart" to
avoid an unnecessary stop/start cycle in the agent
(bnc#707636)
* fix inconsistent handling of TZ offsetsa (bnc#695786)
* catch buffer overrun on 64-bit systems (bnc#695786)
* remove useless code (bnc#695786)
* fix crash when comparing invalid OIDs (bnc#695786)
* fix memory leaks on udpEndpointTable (bnc#695786)
* check for NULL pointer before dereferencing
(bnc#695786)
* return a value from sprint_realloc_value even if no
subtree is located (bnc#695786)
* misc fixes for freeing memory on error conditions
(bnc#695786)
* increase size of initial proc I/O buffer (bnc#695786)
* avoid reading past end of buffer (bnc#695786)
* avoid crash due to division by zero (bnc#695786)
* retrieve error counters for the EtherLike-MIB
(bnc#629073)
* improve EtherLike-MIB support (bnc#629073)
* fix file descriptor leaks in RMON and ETHERLIKE MIBs
(bnc#634530)
* fix memory leak in RMON and ETHERLIKE MIBs
(bnc#634530)
* change default log level from DEBUG to INFO to avoid
the "error on subcontainer 'ia_addr' insert (-1)" messages
(bnc#623497)
* UCD-SNMP: add cpusteal, cpuguest, cpuguestnice
(bnc#604297)
* suppress 32-bit counter truncation warnings
(bnc#604297)
* use ethtool's high speed struct info for 100G+ NICs
(bnc#431495)
* fix valgrind warning and strlen calculation
(bnc#431495)
* report real ifSpeed of network interface even if it
is down (bnc#431495)
snmp-bridge-mib: - don't add the bridge itself to the
dot1dBaseTable entry (bnc#720440) - fix data
interpretation of ifindex attr (bnc#719930) - add a Perl
implementation of BRIDGE-MIB (bnc#694026)
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-libsnmp15-5713
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-libsnmp15-5713
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-libsnmp15-5713
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-libsnmp15-5713
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64):
net-snmp-devel-5.4.2.1-8.12.6.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (x86_64):
libsnmp15-32bit-5.4.2.1-8.12.6.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64):
net-snmp-devel-32bit-5.4.2.1-8.12.6.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
libsnmp15-5.4.2.1-8.12.6.1
net-snmp-5.4.2.1-8.12.6.1
perl-SNMP-5.4.2.1-8.12.6.1
snmp-mibs-5.4.2.1-8.12.6.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64):
libsnmp15-32bit-5.4.2.1-8.12.6.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
libsnmp15-5.4.2.1-8.12.6.1
net-snmp-5.4.2.1-8.12.6.1
perl-SNMP-5.4.2.1-8.12.6.1
snmp-mibs-5.4.2.1-8.12.6.1
- SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64):
libsnmp15-32bit-5.4.2.1-8.12.6.1
- SUSE Linux Enterprise Server 11 SP1 (ia64):
libsnmp15-x86-5.4.2.1-8.12.6.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
libsnmp15-5.4.2.1-8.12.6.1
net-snmp-5.4.2.1-8.12.6.1
perl-SNMP-5.4.2.1-8.12.6.1
snmp-mibs-5.4.2.1-8.12.6.1
- SUSE Linux Enterprise Desktop 11 SP1 (x86_64):
libsnmp15-32bit-5.4.2.1-8.12.6.1
References:
https://bugzilla.novell.com/431495
https://bugzilla.novell.com/604297
https://bugzilla.novell.com/623497
https://bugzilla.novell.com/629073
https://bugzilla.novell.com/634530
https://bugzilla.novell.com/694026
https://bugzilla.novell.com/695786
https://bugzilla.novell.com/707636
https://bugzilla.novell.com/719930
https://bugzilla.novell.com/720440
https://bugzilla.novell.com/734454
http://download.novell.com/patch/finder/?keywords=a2cab71591a8e58dd7b0d187ce9567b4
From sle-updates at lists.suse.com Mon Feb 6 07:08:23 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Mon, 6 Feb 2012 15:08:23 +0100 (CET)
Subject: SUSE-SU-2012:0153-1: important: Security update for the Linux Kernel
Message-ID: <20120206140823.63171323C2@maintenance.suse.de>
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0153-1
Rating: important
References: #651219 #653260 #668872 #671479 #688996 #694945
#697920 #703156 #706973 #707288 #708625 #711378
#716023 #722910 #724734 #725709 #726600 #726788
#728339 #728626 #729854 #730118 #731004 #731770
#732296 #732677 #733146 #733863 #734056 #735216
#735446 #735453 #735635 #736018 #738400 #740535
#740703 #740867 #742270
Cross-References: CVE-2010-3873 CVE-2010-4164 CVE-2011-2494
CVE-2011-2699 CVE-2011-4077 CVE-2011-4081
CVE-2011-4110 CVE-2011-4127 CVE-2011-4132
CVE-2012-0038
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise High Availability Extension 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that solves 10 vulnerabilities and has 29 fixes
is now available. It includes one version update.
Description:
The SUSE Linux Enterprise 11 SP1 kernel has been updated to
2.6.32.54, fixing numerous bugs and security issues.
The following security issues have been fixed:
* A potential hypervisor escape by issuing SG_IO
commands to partitiondevices was fixed by restricting
access to these commands. ( CVE-2011-4127
)
* KEYS: Fix a NULL pointer deref in the user-defined
key type, which allowed local attackers to Oops the kernel.
(CVE-2011-4110
)
* Avoid potential NULL pointer deref in ghash, which
allowed local attackers to Oops the kernel. (CVE-2011-4081
)
* Fixed a memory corruption possibility in xfs
readlink, which could be used by local attackers to crash
the system or potentially execute code by mounting a
prepared xfs filesystem image. (CVE-2011-4077
)
* A overflow in the xfs acl handling was fixed that
could be used by local attackers to crash the system or
potentially execute code by mounting a prepared xfs
filesystem image. (CVE-2012-0038
)
* A flaw in the ext3/ext4 filesystem allowed a local
attacker to crash the kernel by getting a prepared
ext3/ext4 filesystem mounted. ( CVE-2011-4132
)
* Access to the taskstats /proc file was restricted to
avoid local attackers gaining knowledge of IO of other
users (and so effecting side-channel attacks for e.g.
guessing passwords by typing speed). ( CVE-2011-2494
)
* When using X.25 communication a malicious sender
could corrupt data structures, causing crashes or potential
code execution. Please note that X.25 needs to be setup to
make this effective, which these days is usually not the
case. (CVE-2010-3873
)
* When using X.25 communication a malicious sender
could make the machine leak memory, causing crashes. Please
note that X.25 needs to be setup to make this effective,
which these days is usually not the case. (CVE-2010-4164
)
* A remote denial of service due to a NULL pointer
dereference by using IPv6 fragments was fixed.
(CVE-2011-2699
)
The following non-security issues have been fixed (excerpt
from changelog):
* elousb: Fixed bug in USB core API usage, code cleanup.
* cifs: overhaul cifs_revalidate and rename to
cifs_revalidate_dentry.
* cifs: set server_eof in cifs_fattr_to_inode.
* xfs: Fix missing xfs_iunlock() on error recovery path
in xfs_readlink().
* Silence some warnings about ioctls on partitions.
* netxen: Remove all references to unified firmware
file.
* bonding: send out gratuitous arps even with no
address configured.
* patches.fixes/ocfs2-serialize_unaligned_aio.patch:
ocfs2: serialize unaligned aio.
*
patches.fixes/bonding-check-if-clients-MAC-addr-has-changed.
patch: Update references.
* xfs: Fix wait calculations on lock acquisition and
use milliseconds instead of jiffies to print the wait time.
* ipmi: reduce polling when interrupts are available.
* ipmi: reduce polling.
* export shrink_dcache_for_umount_subtree.
* patches.suse/stack-unwind: Fix more 2.6.29 merge
problems plus a glue code problem.
* PM / Sleep: Fix race between CPU hotplug and freezer.
* jbd: Issue cache flush after checkpointing.
* lpfc: make sure job exists when processing BSG.
* blktap: fix locking (again).
* xen: Update Xen patches to 2.6.32.52.
* reiserfs: Lock buffers unconditionally in
reiserfs_write_full_page().
* writeback: Include all dirty inodes in background
writeback.
* reiserfs: Fix quota mount option parsing.
* bonding: check if clients MAC addr has changed.
* rpc client can not deal with ENOSOCK, so translate it
into ENOCONN.
* st: modify tape driver to allow writing immediate
filemarks.
* xfs: fix for xfssyncd failure to wake.
* ipmi: Fix deadlock in start_next_msg().
* net: bind() fix error return on wrong address family.
* net: ipv4: relax AF_INET check in bind().
* net/ipv6: check for mistakenly passed in non-AF_INET6
sockaddrs.
* Bluetooth: Fixed Atheros AR3012 Maryann PID/VID
supported.
* percpu: fix chunk range calculation.
* x86, UV: Fix kdump reboot.
* dm: Use done_bytes for io_completion.
* Bluetooth: Add Atheros AR3012 Maryann PID/VID
supported.
* Bluetooth: Add Atheros AR3012 one PID/VID supported.
* fix missing hunk in oplock break patch.
* patches.arch/s390-34-01-pfault-cpu-hotplug.patch:
Refresh.
* Surrounded s390x lowcore change with __GENKSYMS__
* patches.xen/xen3-patch-2.6.30: Refresh.
* sched, x86: Avoid unnecessary overflow in sched_clock.
* ACPI thermal: Do not invalidate thermal zone if
critical trip point is bad.
Indications:
Everyone using the Linux Kernel on x86 (32 bit) architecture should update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-kernel-5723
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-kernel-5723 slessp1-kernel-5724 slessp1-kernel-5725 slessp1-kernel-5729
- SUSE Linux Enterprise High Availability Extension 11 SP1:
zypper in -t patch sleshasp1-kernel-5723 sleshasp1-kernel-5724 sleshasp1-kernel-5725 sleshasp1-kernel-5729
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-kernel-5723
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586) [New Version: 2.6.32.54]:
btrfs-kmp-default-0_2.6.32.54_0.3-0.3.73
btrfs-kmp-pae-0_2.6.32.54_0.3-0.3.73
ext4dev-kmp-default-0_2.6.32.54_0.3-7.9.40
ext4dev-kmp-pae-0_2.6.32.54_0.3-7.9.40
ext4dev-kmp-trace-0_2.6.32.54_0.3-7.9.40
hyper-v-kmp-default-0_2.6.32.54_0.3-0.18.3
hyper-v-kmp-pae-0_2.6.32.54_0.3-0.18.3
hyper-v-kmp-trace-0_2.6.32.54_0.3-0.18.3
kernel-default-2.6.32.54-0.3.1
kernel-default-base-2.6.32.54-0.3.1
kernel-default-devel-2.6.32.54-0.3.1
kernel-pae-2.6.32.54-0.3.1
kernel-pae-base-2.6.32.54-0.3.1
kernel-pae-devel-2.6.32.54-0.3.1
kernel-source-2.6.32.54-0.3.1
kernel-syms-2.6.32.54-0.3.1
kernel-trace-2.6.32.54-0.3.1
kernel-trace-base-2.6.32.54-0.3.1
kernel-trace-devel-2.6.32.54-0.3.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x) [New Version: 2.6.32.54]:
btrfs-kmp-default-0_2.6.32.54_0.3-0.3.73
ext4dev-kmp-default-0_2.6.32.54_0.3-7.9.40
ext4dev-kmp-trace-0_2.6.32.54_0.3-7.9.40
kernel-default-2.6.32.54-0.3.1
kernel-default-base-2.6.32.54-0.3.1
kernel-default-devel-2.6.32.54-0.3.1
kernel-source-2.6.32.54-0.3.1
kernel-syms-2.6.32.54-0.3.1
kernel-trace-2.6.32.54-0.3.1
kernel-trace-base-2.6.32.54-0.3.1
kernel-trace-devel-2.6.32.54-0.3.1
- SUSE Linux Enterprise Server 11 SP1 (s390x) [New Version: 2.6.32.54]:
kernel-default-man-2.6.32.54-0.3.1
- SUSE Linux Enterprise Server 11 SP1 (ppc64) [New Version: 2.6.32.54]:
ext4dev-kmp-ppc64-0_2.6.32.54_0.3-7.9.40
kernel-ppc64-2.6.32.54-0.3.1
kernel-ppc64-base-2.6.32.54-0.3.1
kernel-ppc64-devel-2.6.32.54-0.3.1
- SUSE Linux Enterprise Server 11 SP1 (i586) [New Version: 2.6.32.54]:
btrfs-kmp-pae-0_2.6.32.54_0.3-0.3.73
btrfs-kmp-xen-0_2.6.32.54_0.3-0.3.73
ext4dev-kmp-pae-0_2.6.32.54_0.3-7.9.40
ext4dev-kmp-xen-0_2.6.32.54_0.3-7.9.40
hyper-v-kmp-default-0_2.6.32.54_0.3-0.18.3
hyper-v-kmp-pae-0_2.6.32.54_0.3-0.18.3
hyper-v-kmp-trace-0_2.6.32.54_0.3-0.18.3
kernel-ec2-2.6.32.54-0.3.1
kernel-ec2-base-2.6.32.54-0.3.1
kernel-pae-2.6.32.54-0.3.1
kernel-pae-base-2.6.32.54-0.3.1
kernel-pae-devel-2.6.32.54-0.3.1
kernel-xen-2.6.32.54-0.3.1
kernel-xen-base-2.6.32.54-0.3.1
kernel-xen-devel-2.6.32.54-0.3.1
- SUSE Linux Enterprise High Availability Extension 11 SP1 (i586 ia64 ppc64 s390x):
cluster-network-kmp-default-1.4_2.6.32.54_0.3-2.5.25
cluster-network-kmp-trace-1.4_2.6.32.54_0.3-2.5.25
gfs2-kmp-default-2_2.6.32.54_0.3-0.2.72
gfs2-kmp-trace-2_2.6.32.54_0.3-0.2.72
ocfs2-kmp-default-1.6_2.6.32.54_0.3-0.4.2.25
ocfs2-kmp-trace-1.6_2.6.32.54_0.3-0.4.2.25
- SUSE Linux Enterprise High Availability Extension 11 SP1 (ppc64):
cluster-network-kmp-ppc64-1.4_2.6.32.54_0.3-2.5.25
gfs2-kmp-ppc64-2_2.6.32.54_0.3-0.2.72
ocfs2-kmp-ppc64-1.6_2.6.32.54_0.3-0.4.2.25
- SUSE Linux Enterprise High Availability Extension 11 SP1 (i586):
cluster-network-kmp-pae-1.4_2.6.32.54_0.3-2.5.25
cluster-network-kmp-xen-1.4_2.6.32.54_0.3-2.5.25
gfs2-kmp-pae-2_2.6.32.54_0.3-0.2.72
gfs2-kmp-xen-2_2.6.32.54_0.3-0.2.72
ocfs2-kmp-pae-1.6_2.6.32.54_0.3-0.4.2.25
ocfs2-kmp-xen-1.6_2.6.32.54_0.3-0.4.2.25
- SUSE Linux Enterprise Desktop 11 SP1 (i586) [New Version: 2.6.32.54]:
btrfs-kmp-default-0_2.6.32.54_0.3-0.3.73
btrfs-kmp-pae-0_2.6.32.54_0.3-0.3.73
btrfs-kmp-xen-0_2.6.32.54_0.3-0.3.73
hyper-v-kmp-default-0_2.6.32.54_0.3-0.18.3
hyper-v-kmp-pae-0_2.6.32.54_0.3-0.18.3
kernel-default-2.6.32.54-0.3.1
kernel-default-base-2.6.32.54-0.3.1
kernel-default-devel-2.6.32.54-0.3.1
kernel-default-extra-2.6.32.54-0.3.1
kernel-desktop-devel-2.6.32.54-0.3.1
kernel-pae-2.6.32.54-0.3.1
kernel-pae-base-2.6.32.54-0.3.1
kernel-pae-devel-2.6.32.54-0.3.1
kernel-pae-extra-2.6.32.54-0.3.1
kernel-source-2.6.32.54-0.3.1
kernel-syms-2.6.32.54-0.3.1
kernel-trace-devel-2.6.32.54-0.3.1
kernel-xen-2.6.32.54-0.3.1
kernel-xen-base-2.6.32.54-0.3.1
kernel-xen-devel-2.6.32.54-0.3.1
kernel-xen-extra-2.6.32.54-0.3.1
References:
http://support.novell.com/security/cve/CVE-2010-3873.html
http://support.novell.com/security/cve/CVE-2010-4164.html
http://support.novell.com/security/cve/CVE-2011-2494.html
http://support.novell.com/security/cve/CVE-2011-2699.html
http://support.novell.com/security/cve/CVE-2011-4077.html
http://support.novell.com/security/cve/CVE-2011-4081.html
http://support.novell.com/security/cve/CVE-2011-4110.html
http://support.novell.com/security/cve/CVE-2011-4127.html
http://support.novell.com/security/cve/CVE-2011-4132.html
http://support.novell.com/security/cve/CVE-2012-0038.html
https://bugzilla.novell.com/651219
https://bugzilla.novell.com/653260
https://bugzilla.novell.com/668872
https://bugzilla.novell.com/671479
https://bugzilla.novell.com/688996
https://bugzilla.novell.com/694945
https://bugzilla.novell.com/697920
https://bugzilla.novell.com/703156
https://bugzilla.novell.com/706973
https://bugzilla.novell.com/707288
https://bugzilla.novell.com/708625
https://bugzilla.novell.com/711378
https://bugzilla.novell.com/716023
https://bugzilla.novell.com/722910
https://bugzilla.novell.com/724734
https://bugzilla.novell.com/725709
https://bugzilla.novell.com/726600
https://bugzilla.novell.com/726788
https://bugzilla.novell.com/728339
https://bugzilla.novell.com/728626
https://bugzilla.novell.com/729854
https://bugzilla.novell.com/730118
https://bugzilla.novell.com/731004
https://bugzilla.novell.com/731770
https://bugzilla.novell.com/732296
https://bugzilla.novell.com/732677
https://bugzilla.novell.com/733146
https://bugzilla.novell.com/733863
https://bugzilla.novell.com/734056
https://bugzilla.novell.com/735216
https://bugzilla.novell.com/735446
https://bugzilla.novell.com/735453
https://bugzilla.novell.com/735635
https://bugzilla.novell.com/736018
https://bugzilla.novell.com/738400
https://bugzilla.novell.com/740535
https://bugzilla.novell.com/740703
https://bugzilla.novell.com/740867
https://bugzilla.novell.com/742270
http://download.novell.com/patch/finder/?keywords=5246b1b1109a84332cefb2393523f790
http://download.novell.com/patch/finder/?keywords=63890e46f07aad0805351305ccf8a5f0
http://download.novell.com/patch/finder/?keywords=71cd114b345abf41eee10c920381e544
http://download.novell.com/patch/finder/?keywords=7560cd30aac0aa208a5dfb2a11c17d45
From sle-updates at lists.suse.com Mon Feb 6 15:08:26 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Mon, 6 Feb 2012 23:08:26 +0100 (CET)
Subject: SUSE-SU-2012:0153-2: important: Security update for Linux kernel
Message-ID: <20120206220826.7DDF5323C2@maintenance.suse.de>
SUSE Security Update: Security update for Linux kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0153-2
Rating: important
References: #651219 #653260 #668872 #671479 #688996 #694945
#697920 #703156 #706973 #707288 #708625 #711378
#716023 #722910 #724734 #725709 #726600 #726788
#728339 #728626 #729854 #730118 #731004 #731770
#732296 #732677 #733146 #733863 #734056 #735216
#735446 #735453 #735635 #736018 #738400 #740535
#740703 #740867 #742270
Cross-References: CVE-2010-3873 CVE-2010-4164 CVE-2011-2494
CVE-2011-2699 CVE-2011-4077 CVE-2011-4081
CVE-2011-4110 CVE-2011-4127 CVE-2011-4132
CVE-2012-0038
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise High Availability Extension 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that solves 10 vulnerabilities and has 29 fixes
is now available. It includes one version update.
Description:
The SUSE Linux Enterprise 11 SP1 kernel was updated to
2.6.32.54, fixing lots of bugs and security issues.
The following security issues have been fixed:
* CVE-2011-4127: A potential hypervisor escape by
issuing SG_IO commands to partitiondevices was fixed by
restricting access to these commands.
* CVE-2011-4110: KEYS: Fix a NULL pointer deref in the
user-defined key type, which allowed local attackers to
Oops the kernel.
* CVE-2011-4081: Avoid potential NULL pointer deref in
ghash, which allowed local attackers to Oops the kernel.
* CVE-2011-4077: Fixed a memory corruption possibility
in xfs readlink, which could be used by local attackers to
crash the system or potentially execute code by mounting a
prepared xfs filesystem image.
* CVE-2012-0038: A overflow in the xfs acl handling was
fixed that could be used by local attackers to crash the
system or potentially execute code by mounting a prepared
xfs filesystem image.
* CVE-2011-4132: A flaw in the ext3/ext4 filesystem
allowed a local attacker to crash the kernel by getting a
prepared ext3/ext4 filesystem mounted.
* CVE-2011-2494: Access to the taskstats /proc file was
restricted to avoid local attackers gaining knowledge of IO
of other users (and so effecting side-channel attacks for
e.g. guessing passwords by typing speed).
* CVE-2010-3873: When using X.25 communication a
malicious sender could corrupt data structures, causing
crashes or potential code execution. Please note that X.25
needs to be setup to make this effective, which these days
is usually not the case.
* CVE-2010-4164: When using X.25 communication a
malicious sender could make the machine leak memory,
causing crashes. Please note that X.25 needs to be setup to
make this effective, which these days is usually not the
case.
* CVE-2011-2699: A remote denial of service due to a
NULL pointer dereference by using IPv6 fragments was fixed.
The following non-security issues have been fixed:
* elousb: Fixed bug in USB core API usage, code cleanup
(bnc#733863).
* cifs: overhaul cifs_revalidate and rename to
cifs_revalidate_dentry (bnc#735453).
* cifs: set server_eof in cifs_fattr_to_inode
(bnc#735453).
* xfs: Fix missing xfs_iunlock() on error recovery path
in xfs_readlink() (bnc#726600).
* block: add and use scsi_blk_cmd_ioctl (bnc#738400
CVE-2011-4127).
* block: fail SCSI passthrough ioctls on partition
devices (bnc#738400 CVE-2011-4127).
* dm: do not forward ioctls from logical volumes to the
underlying device (bnc#738400 CVE-2011-4127).
* Silence some warnings about ioctls on partitions.
* netxen: Remove all references to unified firmware
file (bnc#708625).
* bonding: send out gratuitous arps even with no
address configured (bnc#742270).
* patches.fixes/ocfs2-serialize_unaligned_aio.patch:
ocfs2: serialize unaligned aio (bnc#671479).
*
patches.fixes/bonding-check-if-clients-MAC-addr-has-changed.
patch: Update references (bnc#729854, bnc#731004).
* xfs: Fix wait calculations on lock acquisition and
use milliseconds instead of jiffies to print the wait time.
* ipmi: reduce polling when interrupts are available
(bnc#740867).
* ipmi: reduce polling (bnc#740867).
* Linux 2.6.32.54.
* export shrink_dcache_for_umount_subtree.
* patches.suse/stack-unwind: Fix more 2.6.29 merge
problems plus a glue code problem (bnc#736018).
* PM / Sleep: Fix race between CPU hotplug and freezer
(bnc#740535).
* jbd: Issue cache flush after checkpointing
(bnc#731770).
* lpfc: make sure job exists when processing BSG
(bnc#735635).
* Linux 2.6.32.53.
* blktap: fix locking (again) (bnc#724734).
* xen: Update Xen patches to 2.6.32.52.
* Linux 2.6.32.52.
* Linux 2.6.32.51.
* Linux 2.6.32.50.
* reiserfs: Lock buffers unconditionally in
reiserfs_write_full_page() (bnc#716023).
* writeback: Include all dirty inodes in background
writeback (bnc#716023).
* reiserfs: Fix quota mount option parsing (bnc#728626).
* bonding: check if clients MAC addr has changed
(bnc#729854).
* rpc client can not deal with ENOSOCK, so translate it
into ENOCONN (bnc#733146).
* st: modify tape driver to allow writing immediate
filemarks (bnc#688996).
* xfs: fix for xfssyncd failure to wake (bnc#722910).
* ipmi: Fix deadlock in start_next_msg().
* net: bind() fix error return on wrong address family
(bnc#735216).
* net: ipv4: relax AF_INET check in bind() (bnc#735216).
* net/ipv6: check for mistakenly passed in non-AF_INET6
sockaddrs (bnc#735216).
* Bluetooth: Fixed Atheros AR3012 Maryann PID/VID
supported (bnc#732296).
* percpu: fix chunk range calculation (bnc#668872).
* x86, UV: Fix kdump reboot (bnc#735446).
* dm: Use done_bytes for io_completion (bnc#711378).
* Bluetooth: Add Atheros AR3012 Maryann PID/VID
supported. (bnc#732296)
* Bluetooth: Add Atheros AR3012 one PID/VID supported.
(bnc#732296)
* fix missing hunk in oplock break patch (bnc#706973).
* patches.arch/s390-34-01-pfault-cpu-hotplug.patch:
Refresh. Surrounded s390x lowcore change with __GENKSYMS__
(bnc#728339)
* patches.xen/xen3-patch-2.6.30: Refresh.
* sched, x86: Avoid unnecessary overflow in sched_clock
(bnc#725709).
* ACPI thermal: Do not invalidate thermal zone if
critical trip point is bad.
Security Issue references:
* CVE-2010-3873
* CVE-2010-4164
* CVE-2011-2494
* CVE-2011-2699
* CVE-2011-4077
* CVE-2011-4081
* CVE-2011-4110
* CVE-2011-4127
* CVE-2011-4132
* CVE-2012-0038
Indications:
Everyone using the Linux Kernel on x86_64 architecture should update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-kernel-5732
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-kernel-5732
- SUSE Linux Enterprise High Availability Extension 11 SP1:
zypper in -t patch sleshasp1-kernel-5732
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-kernel-5732
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64) [New Version: 2.6.32.54]:
btrfs-kmp-default-0_2.6.32.54_0.3-0.3.73
ext4dev-kmp-default-0_2.6.32.54_0.3-7.9.40
ext4dev-kmp-trace-0_2.6.32.54_0.3-7.9.40
hyper-v-kmp-default-0_2.6.32.54_0.3-0.18.3
hyper-v-kmp-trace-0_2.6.32.54_0.3-0.18.3
kernel-default-2.6.32.54-0.3.1
kernel-default-base-2.6.32.54-0.3.1
kernel-default-devel-2.6.32.54-0.3.1
kernel-source-2.6.32.54-0.3.1
kernel-syms-2.6.32.54-0.3.1
kernel-trace-2.6.32.54-0.3.1
kernel-trace-base-2.6.32.54-0.3.1
kernel-trace-devel-2.6.32.54-0.3.1
- SUSE Linux Enterprise Server 11 SP1 (x86_64) [New Version: 2.6.32.54]:
btrfs-kmp-default-0_2.6.32.54_0.3-0.3.73
btrfs-kmp-xen-0_2.6.32.54_0.3-0.3.73
ext4dev-kmp-default-0_2.6.32.54_0.3-7.9.40
ext4dev-kmp-trace-0_2.6.32.54_0.3-7.9.40
ext4dev-kmp-xen-0_2.6.32.54_0.3-7.9.40
hyper-v-kmp-default-0_2.6.32.54_0.3-0.18.3
hyper-v-kmp-trace-0_2.6.32.54_0.3-0.18.3
kernel-default-2.6.32.54-0.3.1
kernel-default-base-2.6.32.54-0.3.1
kernel-default-devel-2.6.32.54-0.3.1
kernel-ec2-2.6.32.54-0.3.1
kernel-ec2-base-2.6.32.54-0.3.1
kernel-source-2.6.32.54-0.3.1
kernel-syms-2.6.32.54-0.3.1
kernel-trace-2.6.32.54-0.3.1
kernel-trace-base-2.6.32.54-0.3.1
kernel-trace-devel-2.6.32.54-0.3.1
kernel-xen-2.6.32.54-0.3.1
kernel-xen-base-2.6.32.54-0.3.1
kernel-xen-devel-2.6.32.54-0.3.1
- SUSE Linux Enterprise High Availability Extension 11 SP1 (x86_64):
cluster-network-kmp-default-1.4_2.6.32.54_0.3-2.5.25
cluster-network-kmp-trace-1.4_2.6.32.54_0.3-2.5.25
cluster-network-kmp-xen-1.4_2.6.32.54_0.3-2.5.25
gfs2-kmp-default-2_2.6.32.54_0.3-0.2.72
gfs2-kmp-trace-2_2.6.32.54_0.3-0.2.72
gfs2-kmp-xen-2_2.6.32.54_0.3-0.2.72
ocfs2-kmp-default-1.6_2.6.32.54_0.3-0.4.2.25
ocfs2-kmp-trace-1.6_2.6.32.54_0.3-0.4.2.25
ocfs2-kmp-xen-1.6_2.6.32.54_0.3-0.4.2.25
- SUSE Linux Enterprise Desktop 11 SP1 (x86_64) [New Version: 2.6.32.54]:
btrfs-kmp-default-0_2.6.32.54_0.3-0.3.73
btrfs-kmp-xen-0_2.6.32.54_0.3-0.3.73
hyper-v-kmp-default-0_2.6.32.54_0.3-0.18.3
kernel-default-2.6.32.54-0.3.1
kernel-default-base-2.6.32.54-0.3.1
kernel-default-devel-2.6.32.54-0.3.1
kernel-default-extra-2.6.32.54-0.3.1
kernel-desktop-devel-2.6.32.54-0.3.1
kernel-source-2.6.32.54-0.3.1
kernel-syms-2.6.32.54-0.3.1
kernel-trace-devel-2.6.32.54-0.3.1
kernel-xen-2.6.32.54-0.3.1
kernel-xen-base-2.6.32.54-0.3.1
kernel-xen-devel-2.6.32.54-0.3.1
kernel-xen-extra-2.6.32.54-0.3.1
References:
http://support.novell.com/security/cve/CVE-2010-3873.html
http://support.novell.com/security/cve/CVE-2010-4164.html
http://support.novell.com/security/cve/CVE-2011-2494.html
http://support.novell.com/security/cve/CVE-2011-2699.html
http://support.novell.com/security/cve/CVE-2011-4077.html
http://support.novell.com/security/cve/CVE-2011-4081.html
http://support.novell.com/security/cve/CVE-2011-4110.html
http://support.novell.com/security/cve/CVE-2011-4127.html
http://support.novell.com/security/cve/CVE-2011-4132.html
http://support.novell.com/security/cve/CVE-2012-0038.html
https://bugzilla.novell.com/651219
https://bugzilla.novell.com/653260
https://bugzilla.novell.com/668872
https://bugzilla.novell.com/671479
https://bugzilla.novell.com/688996
https://bugzilla.novell.com/694945
https://bugzilla.novell.com/697920
https://bugzilla.novell.com/703156
https://bugzilla.novell.com/706973
https://bugzilla.novell.com/707288
https://bugzilla.novell.com/708625
https://bugzilla.novell.com/711378
https://bugzilla.novell.com/716023
https://bugzilla.novell.com/722910
https://bugzilla.novell.com/724734
https://bugzilla.novell.com/725709
https://bugzilla.novell.com/726600
https://bugzilla.novell.com/726788
https://bugzilla.novell.com/728339
https://bugzilla.novell.com/728626
https://bugzilla.novell.com/729854
https://bugzilla.novell.com/730118
https://bugzilla.novell.com/731004
https://bugzilla.novell.com/731770
https://bugzilla.novell.com/732296
https://bugzilla.novell.com/732677
https://bugzilla.novell.com/733146
https://bugzilla.novell.com/733863
https://bugzilla.novell.com/734056
https://bugzilla.novell.com/735216
https://bugzilla.novell.com/735446
https://bugzilla.novell.com/735453
https://bugzilla.novell.com/735635
https://bugzilla.novell.com/736018
https://bugzilla.novell.com/738400
https://bugzilla.novell.com/740535
https://bugzilla.novell.com/740703
https://bugzilla.novell.com/740867
https://bugzilla.novell.com/742270
http://download.novell.com/patch/finder/?keywords=3b09a8aade4545cf04761628743fec0e
From sle-updates at lists.suse.com Mon Feb 6 19:08:22 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Tue, 7 Feb 2012 03:08:22 +0100 (CET)
Subject: SUSE-RU-2012:0154-1: Recommended update for aaa_base
Message-ID: <20120207020822.58CFE323C8@maintenance.suse.de>
SUSE Recommended Update: Recommended update for aaa_base
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0154-1
Rating: low
References: #696964 #710119
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has two recommended fixes can now be
installed.
Description:
This update fixes the following issue for aaa_base:
* 710119: console messages during a shutdown are being
sent to wrong tty when console sent to serial port
* 696964: silence possible error removing tmpdirs at
bootup
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-aaa_base-5755
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-aaa_base-5755
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-aaa_base-5755
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
aaa_base-11-6.46.42.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
aaa_base-11-6.46.42.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
aaa_base-11-6.46.42.1
References:
https://bugzilla.novell.com/696964
https://bugzilla.novell.com/710119
http://download.novell.com/patch/finder/?keywords=081ed4a7f6aa02f3357eb06fb7664767
From sle-updates at lists.suse.com Mon Feb 6 20:08:26 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Tue, 7 Feb 2012 04:08:26 +0100 (CET)
Subject: SUSE-SU-2012:0155-1: important: Security update for tomcat6
Message-ID: <20120207030826.C3299323C8@maintenance.suse.de>
SUSE Security Update: Security update for tomcat6
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0155-1
Rating: important
References: #735343 #742477
Cross-References: CVE-2011-1184 CVE-2011-5062 CVE-2011-5063
CVE-2011-5064
Affected Products:
SUSE Manager 1.2 for SLE 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update fixes a regression in parameter passing (in
urldecoding of parameters that contain spaces).
In addition, multiple weaknesses in HTTP DIGESTS have been
fixed (CVE-2011-1184):
* CVE-2011-5062: The HTTP Digest Access Authentication
implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x
before 6.0.33 and 7.x before 7.0.12 does not check qop
values, which might allow remote attackers to bypass
intended integrity-protection requirements via a qop=auth
value, a different vulnerability than CVE-2011-1184.
* CVE-2011-5063: The HTTP Digest Access Authentication
implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x
before 6.0.33, and 7.x before 7.0.12 does not check realm
values, which might allow remote attackers to bypass
intended access restrictions by leveraging the availability
of a protection space with weaker authentication or
authorization requirements, a different vulnerability than
CVE-2011-1184.
* CVE-2011-5064: DigestAuthenticator.java in the HTTP
Digest Access Authentication implementation in Apache
Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x
before 7.0.12 uses Catalina as the hard-coded server secret
(aka private key), which makes it easier for remote
attackers to bypass cryptographic protection mechanisms by
leveraging knowledge of this string, a different
vulnerability than CVE-2011-1184.
Security Issue references:
* CVE-2011-1184
* CVE-2011-5062
* CVE-2011-5063
* CVE-2011-5064
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Manager 1.2 for SLE 11 SP1:
zypper in -t patch sleman12sp1-tomcat6-5759
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-tomcat6-5759
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-tomcat6-5759
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Manager 1.2 for SLE 11 SP1 (noarch):
tomcat6-6.0.18-20.35.36.1
tomcat6-jsp-2_1-api-6.0.18-20.35.36.1
tomcat6-lib-6.0.18-20.35.36.1
tomcat6-servlet-2_5-api-6.0.18-20.35.36.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (noarch):
tomcat6-6.0.18-20.35.36.1
tomcat6-admin-webapps-6.0.18-20.35.36.1
tomcat6-docs-webapp-6.0.18-20.35.36.1
tomcat6-javadoc-6.0.18-20.35.36.1
tomcat6-jsp-2_1-api-6.0.18-20.35.36.1
tomcat6-lib-6.0.18-20.35.36.1
tomcat6-servlet-2_5-api-6.0.18-20.35.36.1
tomcat6-webapps-6.0.18-20.35.36.1
- SUSE Linux Enterprise Server 11 SP1 (noarch):
tomcat6-6.0.18-20.35.36.1
tomcat6-admin-webapps-6.0.18-20.35.36.1
tomcat6-docs-webapp-6.0.18-20.35.36.1
tomcat6-javadoc-6.0.18-20.35.36.1
tomcat6-jsp-2_1-api-6.0.18-20.35.36.1
tomcat6-lib-6.0.18-20.35.36.1
tomcat6-servlet-2_5-api-6.0.18-20.35.36.1
tomcat6-webapps-6.0.18-20.35.36.1
References:
http://support.novell.com/security/cve/CVE-2011-1184.html
http://support.novell.com/security/cve/CVE-2011-5062.html
http://support.novell.com/security/cve/CVE-2011-5063.html
http://support.novell.com/security/cve/CVE-2011-5064.html
https://bugzilla.novell.com/735343
https://bugzilla.novell.com/742477
http://download.novell.com/patch/finder/?keywords=0caaafb09da77d4c28b53eeb14113592
From sle-updates at lists.suse.com Thu Feb 9 11:07:24 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 9 Feb 2012 19:07:24 +0100 (CET)
Subject: SUSE-SU-2012:0198-1: important: Security update for Mozilla XULrunner
Message-ID: <20120209180724.DB3C232154@maintenance.suse.de>
SUSE Security Update: Security update for Mozilla XULrunner
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0198-1
Rating: important
References: #737533 #744275
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that contains security fixes can now be
installed. It includes one version update.
Description:
Mozilla XULrunner was updated to 1.9.2.26 security update,
fixing security issues and bugs. The following security
bugs have been fixed:
*
MFSA 2012-01: Mozilla developers identified and fixed
several memory safety bugs in the browser engine used in
Firefox and other Mozilla-based products. Some of these
bugs showed evidence of memory corruption under certain
circumstances, and we presume that with enough effort at
least some of these could be exploited to run arbitrary
code.
In general these flaws cannot be exploited through
email in the Thunderbird and SeaMonkey products because
scripting is disabled, but are potentially a risk in
browser or browser-like contexts in those products.
References
*
CVE-2012-0442: Jesse Ruderman and Bob Clary reported
memory safety problems that were fixed in both Firefox 10
and Firefox 3.6.26.
*
MFSA 2012-02/CVE-2011-3670: For historical reasons
Firefox has been generous in its interpretation of web
addresses containing square brackets around the host. If
this host was not a valid IPv6 literal address, Firefox
attempted to interpret the host as a regular domain name.
Gregory Fleischer reported that requests made using IPv6
syntax using XMLHttpRequest objects through a proxy may
generate errors depending on proxy configuration for IPv6.
The resulting error messages from the proxy may disclose
sensitive data because Same-Origin Policy (SOP) will allow
the XMLHttpRequest object to read these error messages,
allowing user privacy to be eroded. Firefox now enforces
RFC 3986 IPv6 literal syntax and that may break links
written using the non-standard Firefox-only forms that were
previously accepted.
This was fixed previously for Firefox 7.0,
Thunderbird 7.0, and SeaMonkey 2.4 but only fixed in
Firefox 3.6.26 and Thunderbird 3.1.18 during 2012.
*
MFSA 2012-04/CVE-2011-3659: Security researcher
regenrecht reported via TippingPoint's Zero Day Initiative
that removed child nodes of nsDOMAttribute can be accessed
under certain circumstances because of a premature
notification of AttributeChildRemoved. This use-after-free
of the child nodes could possibly allow for for remote code
execution.
*
MFSA 2012-07/CVE-2012-0444: Security researcher
regenrecht reported via TippingPoint's Zero Day Initiative
the possibility of memory corruption during the decoding of
Ogg Vorbis files. This can cause a crash during decoding
and has the potential for remote code execution.
*
MFSA 2012-08/CVE-2012-0449: Security researchers
Nicolas Gregoire and Aki Helin independently reported that
when processing a malformed embedded XSLT stylesheet,
Firefox can crash due to a memory corruption. While there
is no evidence that this is directly exploitable, there is
a possibility of remote code execution.
Indications:
Please install this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-mozilla-xulrunner192-5764
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-mozilla-xulrunner192-5764
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-mozilla-xulrunner192-5764
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-mozilla-xulrunner192-5764
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.9.2.26]:
mozilla-xulrunner192-devel-1.9.2.26-0.3.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64) [New Version: 1.9.2.26]:
mozilla-xulrunner192-gnome-32bit-1.9.2.26-0.3.1
mozilla-xulrunner192-translations-32bit-1.9.2.26-0.3.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (ia64) [New Version: 1.9.2.26]:
mozilla-xulrunner192-gnome-x86-1.9.2.26-0.3.1
mozilla-xulrunner192-translations-x86-1.9.2.26-0.3.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
mozilla-xulrunner192-1.9.2.26-0.3.1
mozilla-xulrunner192-gnome-1.9.2.26-0.3.1
mozilla-xulrunner192-translations-1.9.2.26-0.3.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64):
mozilla-xulrunner192-32bit-1.9.2.26-0.3.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.9.2.26]:
mozilla-xulrunner192-1.9.2.26-0.3.1
mozilla-xulrunner192-gnome-1.9.2.26-0.3.1
mozilla-xulrunner192-translations-1.9.2.26-0.3.1
- SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64) [New Version: 1.9.2.26]:
mozilla-xulrunner192-32bit-1.9.2.26-0.3.1
- SUSE Linux Enterprise Server 11 SP1 (ia64) [New Version: 1.9.2.26]:
mozilla-xulrunner192-x86-1.9.2.26-0.3.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 1.9.2.26]:
mozilla-xulrunner192-1.9.2.26-0.3.1
mozilla-xulrunner192-gnome-1.9.2.26-0.3.1
mozilla-xulrunner192-translations-1.9.2.26-0.3.1
- SUSE Linux Enterprise Desktop 11 SP1 (x86_64) [New Version: 1.9.2.26]:
mozilla-xulrunner192-32bit-1.9.2.26-0.3.1
mozilla-xulrunner192-gnome-32bit-1.9.2.26-0.3.1
mozilla-xulrunner192-translations-32bit-1.9.2.26-0.3.1
References:
https://bugzilla.novell.com/737533
https://bugzilla.novell.com/744275
http://download.novell.com/patch/finder/?keywords=f3ea71cad4a071175c00255553cb3aa9
From sle-updates at lists.suse.com Thu Feb 9 11:07:27 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 9 Feb 2012 19:07:27 +0100 (CET)
Subject: SUSE-SU-2012:0201-1: moderate: Security update for lighttpd
Message-ID: <20120209180727.42F5B32157@maintenance.suse.de>
SUSE Security Update: Security update for lighttpd
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0201-1
Rating: moderate
References: #733607
Cross-References: CVE-2011-4362
Affected Products:
WebYaST [Appliance - Tools]
SUSE Studio Onsite 1.1
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise High Availability Extension 11 SP1
SUSE Lifecycle Management Server 1.1 [Appliance - Tools]
SLE SDK 10 SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update of lighttpd fixes an out-of-bounds read due to
a signedness error which could cause a Denial of Service
(CVE-2011-4362).
Security Issue reference:
* CVE-2011-4362
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- WebYaST [Appliance - Tools]:
zypper in -t patch slewyst1sp1-lighttpd-5739 slewystsp1-lighttpd-5739
- SUSE Studio Onsite 1.1:
zypper in -t patch slestsosp1-lighttpd-5739
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-lighttpd-5739
- SUSE Linux Enterprise High Availability Extension 11 SP1:
zypper in -t patch sleshasp1-lighttpd-5739
- SUSE Lifecycle Management Server 1.1 [Appliance - Tools]:
zypper in -t patch sleslmssp1-lighttpd-5739
To bring your system up-to-date, use "zypper patch".
Package List:
- WebYaST [Appliance - Tools] (i586 ia64 ppc64 s390x x86_64):
lighttpd-1.4.20-2.46.1
lighttpd-mod_magnet-1.4.20-2.46.1
- SUSE Studio Onsite 1.1 (x86_64):
lighttpd-1.4.20-2.46.1
lighttpd-mod_magnet-1.4.20-2.46.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64):
lighttpd-1.4.20-2.46.1
lighttpd-mod_cml-1.4.20-2.46.1
lighttpd-mod_magnet-1.4.20-2.46.1
lighttpd-mod_mysql_vhost-1.4.20-2.46.1
lighttpd-mod_rrdtool-1.4.20-2.46.1
lighttpd-mod_trigger_b4_dl-1.4.20-2.46.1
lighttpd-mod_webdav-1.4.20-2.46.1
- SUSE Linux Enterprise High Availability Extension 11 SP1 (i586 ia64 ppc64 s390x x86_64):
lighttpd-1.4.20-2.46.1
- SUSE Lifecycle Management Server 1.1 [Appliance - Tools] (x86_64):
lighttpd-1.4.20-2.46.1
lighttpd-mod_magnet-1.4.20-2.46.1
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):
lighttpd-1.4.10-11.32.1
lighttpd-mod_cml-1.4.10-11.32.1
lighttpd-mod_mysql_vhost-1.4.10-11.32.1
lighttpd-mod_rrdtool-1.4.10-11.32.1
lighttpd-mod_trigger_b4_dl-1.4.10-11.32.1
lighttpd-mod_webdav-1.4.10-11.32.1
References:
http://support.novell.com/security/cve/CVE-2011-4362.html
https://bugzilla.novell.com/733607
http://download.novell.com/patch/finder/?keywords=c08fa2430c6570b012332d3fa931b82e
http://download.novell.com/patch/finder/?keywords=decaee57a60c2feafab04139c68dd658
From sle-updates at lists.suse.com Thu Feb 9 11:09:56 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 9 Feb 2012 19:09:56 +0100 (CET)
Subject: SUSE-OU-2012:0151-2: Optional update for OpenJDK 1.6.0
Message-ID: <20120209180956.39A9F32002@maintenance.suse.de>
SUSE Optional Update: Optional update for OpenJDK 1.6.0
______________________________________________________________________________
Announcement ID: SUSE-OU-2012:0151-2
Rating: low
References: #742947
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has one optional fix can now be installed.
It includes one version update.
Description:
This update provides a Java VM based on OpenJDK 1.6.0 that
can be installed as an alternative to other Java VMs.
Indications:
Every interested user might install this package.
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Optional Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-java-1_6_0-openjdk-5692
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-java-1_6_0-openjdk-5692
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-java-1_6_0-openjdk-5692
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-java-1_6_0-openjdk-5692
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (noarch) [New Version: 2011m]:
timezone-java-2011m-0.3.16
- SUSE Linux Enterprise Server 11 SP1 for VMware (noarch) [New Version: 2011m]:
timezone-java-2011m-0.3.16
- SUSE Linux Enterprise Server 11 SP1 (noarch) [New Version: 2011m]:
timezone-java-2011m-0.3.16
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
java-1_6_0-openjdk-1.6.0.0_b22.1.10.4-0.2.2.1
java-1_6_0-openjdk-demo-1.6.0.0_b22.1.10.4-0.2.2.1
java-1_6_0-openjdk-devel-1.6.0.0_b22.1.10.4-0.2.2.1
- SUSE Linux Enterprise Desktop 11 SP1 (noarch):
timezone-java-2011m-0.3.16
References:
https://bugzilla.novell.com/742947
http://download.novell.com/patch/finder/?keywords=f030f5e61383bce9bf4415cb70649bfb
From sle-updates at lists.suse.com Thu Feb 9 11:10:02 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 9 Feb 2012 19:10:02 +0100 (CET)
Subject: SUSE-RU-2012:0211-1: Recommended update for coreutils
Message-ID: <20120209181002.2101E32154@maintenance.suse.de>
SUSE Recommended Update: Recommended update for coreutils
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0211-1
Rating: low
References: #702995 #717808 #721961
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has three recommended fixes can now be
installed.
Description:
Collective update for the following fixes:
* 702995: Support -P and -L options for pwd
* 717808: Fix hang on boot when system account password
has expired
* 721961: "df -h" on automounted share does show an
incorrect output
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-coreutils-5391
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-coreutils-5391
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-coreutils-5391
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
coreutils-6.12-32.33.4
coreutils-lang-6.12-32.33.4
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
coreutils-6.12-32.33.4
coreutils-lang-6.12-32.33.4
- SUSE Linux Enterprise Server 11 SP1 (ia64):
coreutils-x86-6.12-32.33.4
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
coreutils-6.12-32.33.4
coreutils-lang-6.12-32.33.4
References:
https://bugzilla.novell.com/702995
https://bugzilla.novell.com/717808
https://bugzilla.novell.com/721961
http://download.novell.com/patch/finder/?keywords=4b6d334b1194b34629c12e030079c34b
From sle-updates at lists.suse.com Thu Feb 9 11:10:19 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 9 Feb 2012 19:10:19 +0100 (CET)
Subject: SUSE-SU-2012:0220-1: Security update for MozillaFirefox
Message-ID: <20120209181019.B708032002@maintenance.suse.de>
SUSE Security Update: Security update for MozillaFirefox
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0220-1
Rating: low
References: #742826
Cross-References: CVE-2011-3659 CVE-2012-0442 CVE-2012-0443
CVE-2012-0444 CVE-2012-0445 CVE-2012-0446
CVE-2012-0447 CVE-2012-0449 CVE-2012-0450
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that fixes 9 vulnerabilities is now available. It
includes three new package versions.
Description:
This update provides Mozilla Firefox 10, which provides
many fixes, security and feature enhancements.
For a detailed list, please have a look at
http://www.mozilla.org/en-US/firefox/10.0/releasenotes/
and
http://www.mozilla.org/de/firefox/features/
The following security issues have been fixed in this
update:
*
Mozilla developers identified and fixed several
memory safety bugs in the browser engine used in Firefox
and other Mozilla-based products. Some of these bugs showed
evidence of memory corruption under certain circumstances,
and we presume that with enough effort at least some of
these could be exploited to run arbitrary code. (MFSA
2012-01
, CVE-2012-0442
, CVE-2012-0443
)
*
Alex Dvorov reported that an attacker could replace a
sub-frame in another domain's document by using the name
attribute of the sub-frame as a form submission target.
This can potentially allow for phishing attacks against
users and violates the HTML5 frame navigation policy. (MFSA
2012-03
, CVE-2012-0445
)
*
Security researcher regenrecht reported via
TippingPoint's Zero Day Initiative that removed child nodes
of nsDOMAttribute can be accessed under certain
circumstances because of a premature notification of
AttributeChildRemoved. This use-after-free of the child
nodes could possibly allow for for remote code execution.
(MFSA 2012-04
, CVE-2011-3659
)
*
Mozilla security researcher moz_bug_r_a4 reported
that frame scripts bypass XPConnect security checks when
calling untrusted objects. This allows for cross-site
scripting (XSS) attacks through web pages and Firefox
extensions. The fix enables the Script Security Manager
(SSM) to force security checks on all frame scripts. (MFSA
2012-05
, CVE-2012-0446
)
*
Mozilla developer Tim Abraldes reported that when
encoding images as image/vnd.microsoft.icon the resulting
data was always a fixed size, with uninitialized memory
appended as padding beyond the size of the actual image.
This is the result of mImageBufferSize in the encoder being
initialized with a value different than the size of the
source image. There is the possibility of sensitive data
from uninitialized memory being appended to a PNG image
when converted fron an ICO format image. This sensitive
data may then be disclosed in the resulting image. ((MFSA
2012-06)
http://www.mozilla.org/security/announce/2012/mfsa2012-06.ht
ml], [CVE-2012-0447
)
*
Security researcher regenrecht reported via
TippingPoint's Zero Day Initiative the possibility of
memory corruption during the decoding of Ogg Vorbis files.
This can cause a crash during decoding and has the
potential for remote code execution. (MFSA 2012-07
, CVE-2012-0444
)
*
Security researchers Nicolas Gregoire and Aki Helin
independently reported that when processing a malformed
embedded XSLT stylesheet, Firefox can crash due to a memory
corruption. While there is no evidence that this is
directly exploitable, there is a possibility of remote code
execution. (MFSA 2012-08
, CVE-2012-0449
)
*
magicant starmen reported that if a user chooses to
export their Firefox Sync key the "Firefox Recovery
Key.html" file is saved with incorrect permissions, making
the file contents potentially readable by other users on
Linux and OS X systems. (MFSA 2012-09
, CVE-2012-0450
)
Indications:
Firefox users should update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-firefox-10-5754
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-firefox-10-5754
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-firefox-10-5754
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-firefox-10-5754
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 s390x x86_64):
beagle-0.3.8-56.44.45.6
beagle-devel-0.3.8-56.44.45.6
beagle-lang-0.3.8-56.44.45.6
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 10.0 and 7]:
MozillaFirefox-10.0-0.3.2
MozillaFirefox-branding-SLES-for-VMware-7-0.4.2.5
MozillaFirefox-translations-10.0-0.3.2
mozilla-kde4-integration-0.6.3-5.6.5
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 10.0 and 7]:
MozillaFirefox-10.0-0.3.2
MozillaFirefox-branding-SLED-7-0.6.7.7
MozillaFirefox-translations-10.0-0.3.2
mozilla-kde4-integration-0.6.3-5.6.5
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 10.0,11.1.102.55 and 7]:
MozillaFirefox-10.0-0.3.2
MozillaFirefox-branding-SLED-7-0.6.7.7
MozillaFirefox-translations-10.0-0.3.2
beagle-0.3.8-56.44.45.6
beagle-evolution-0.3.8-56.44.45.6
beagle-firefox-0.3.8-56.44.45.6
beagle-gui-0.3.8-56.44.45.6
beagle-lang-0.3.8-56.44.45.6
flash-player-11.1.102.55-0.13.1
mhtml-firefox-0.5-1.45.7
mozilla-kde4-integration-0.6.3-5.6.5
References:
http://support.novell.com/security/cve/CVE-2011-3659.html
http://support.novell.com/security/cve/CVE-2012-0442.html
http://support.novell.com/security/cve/CVE-2012-0443.html
http://support.novell.com/security/cve/CVE-2012-0444.html
http://support.novell.com/security/cve/CVE-2012-0445.html
http://support.novell.com/security/cve/CVE-2012-0446.html
http://support.novell.com/security/cve/CVE-2012-0447.html
http://support.novell.com/security/cve/CVE-2012-0449.html
http://support.novell.com/security/cve/CVE-2012-0450.html
https://bugzilla.novell.com/742826
http://download.novell.com/patch/finder/?keywords=036e93199c4a2b5d3bc60b6d05a8d355
From sle-updates at lists.suse.com Thu Feb 9 11:10:21 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 9 Feb 2012 19:10:21 +0100 (CET)
Subject: SUSE-SU-2012:0221-1: important: Security update for Mozilla Firefox
Message-ID: <20120209181021.AF9AC320E0@maintenance.suse.de>
SUSE Security Update: Security update for Mozilla Firefox
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0221-1
Rating: important
References: #744275
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that contains security fixes can now be
installed. It includes two new package versions.
Description:
Mozilla Firefox was updated to 3.6.26 fixing bugs and
security issues.
The following security issues have been fixed by this
update:
*
MFSA 2012-01: Mozilla developers identified and fixed
several memory safety bugs in the browser engine used in
Firefox and other Mozilla-based products. Some of these
bugs showed evidence of memory corruption under certain
circumstances, and we presume that with enough effort at
least some of these could be exploited to run arbitrary
code.
In general these flaws cannot be exploited through
email in the Thunderbird and SeaMonkey products because
scripting is disabled, but are potentially a risk in
browser or browser-like contexts in those products.
References
*
CVE-2012-0442: Jesse Ruderman and Bob Clary reported
memory safety problems that were fixed in both Firefox 10
and Firefox 3.6.26.
*
MFSA 2012-02/CVE-2011-3670: For historical reasons
Firefox has been generous in its interpretation of web
addresses containing square brackets around the host. If
this host was not a valid IPv6 literal address, Firefox
attempted to interpret the host as a regular domain name.
Gregory Fleischer reported that requests made using IPv6
syntax using XMLHttpRequest objects through a proxy may
generate errors depending on proxy configuration for IPv6.
The resulting error messages from the proxy may disclose
sensitive data because Same-Origin Policy (SOP) will allow
the XMLHttpRequest object to read these error messages,
allowing user privacy to be eroded. Firefox now enforces
RFC 3986 IPv6 literal syntax and that may break links
written using the non-standard Firefox-only forms that were
previously accepted.
This was fixed previously for Firefox 7.0,
Thunderbird 7.0, and SeaMonkey 2.4 but only fixed in
Firefox 3.6.26 and Thunderbird 3.1.18 during 2012.
*
MFSA 2012-04/CVE-2011-3659: Security researcher
regenrecht reported via TippingPoint's Zero Day Initiative
that removed child nodes of nsDOMAttribute can be accessed
under certain circumstances because of a premature
notification of AttributeChildRemoved. This use-after-free
of the child nodes could possibly allow for for remote code
execution.
*
MFSA 2012-07/CVE-2012-0444: Security researcher
regenrecht reported via TippingPoint's Zero Day Initiative
the possibility of memory corruption during the decoding of
Ogg Vorbis files. This can cause a crash during decoding
and has the potential for remote code execution.
*
MFSA 2012-08/CVE-2012-0449: Security researchers
Nicolas Gregoire and Aki Helin independently reported that
when processing a malformed embedded XSLT stylesheet,
Firefox can crash due to a memory corruption. While there
is no evidence that this is directly exploitable, there is
a possibility of remote code execution.
Indications:
Please install this update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 1.9.2.26]:
mozilla-xulrunner192-1.9.2.26-0.5.1
mozilla-xulrunner192-gnome-1.9.2.26-0.5.1
mozilla-xulrunner192-translations-1.9.2.26-0.5.1
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x) [New Version: 3.6.26]:
MozillaFirefox-3.6.26-0.6.1
MozillaFirefox-translations-3.6.26-0.6.1
- SUSE Linux Enterprise Server 10 SP4 (s390x x86_64) [New Version: 1.9.2.26]:
mozilla-xulrunner192-32bit-1.9.2.26-0.5.1
mozilla-xulrunner192-gnome-32bit-1.9.2.26-0.5.1
mozilla-xulrunner192-translations-32bit-1.9.2.26-0.5.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 1.9.2.26]:
mozilla-xulrunner192-1.9.2.26-0.5.1
mozilla-xulrunner192-gnome-1.9.2.26-0.5.1
mozilla-xulrunner192-translations-1.9.2.26-0.5.1
- SUSE Linux Enterprise Desktop 10 SP4 (x86_64) [New Version: 1.9.2.26]:
mozilla-xulrunner192-32bit-1.9.2.26-0.5.1
mozilla-xulrunner192-gnome-32bit-1.9.2.26-0.5.1
mozilla-xulrunner192-translations-32bit-1.9.2.26-0.5.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 3.6.26]:
MozillaFirefox-3.6.26-0.6.1
MozillaFirefox-translations-3.6.26-0.6.1
- SLE SDK 10 SP4 (i586 ia64 ppc s390x):
MozillaFirefox-branding-upstream-3.6.26-0.6.1
References:
https://bugzilla.novell.com/744275
http://download.novell.com/patch/finder/?keywords=d1ff5a0e9707cb73c751a65b6759427d
From sle-updates at lists.suse.com Thu Feb 9 11:10:32 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 9 Feb 2012 19:10:32 +0100 (CET)
Subject: SUSE-RU-2012:0226-1: important: Recommended update for
release-notes-slms
Message-ID: <20120209181032.51E2332157@maintenance.suse.de>
SUSE Recommended Update: Recommended update for release-notes-slms
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0226-1
Rating: important
References: #744673
Affected Products:
SUSE Studio Onsite 1.1
SUSE Lifecycle Management Server 1.1 [Appliance - Tools]
______________________________________________________________________________
An update that has one recommended fix can now be
installed. It includes one version update.
Description:
This is a notification that the security and maintenance
update overlap period for
SUSE Appliance Toolkit 1.1
i.e.
SUSE Studio Onsite 1.1 SUSE Lifecycle Management Server 1.1
WebYaST 1.1
ended and won't get further updates.
Regular Maintenance and Support for SUSE Studio 1.2 started
on July 15th, 2011 and will continue through the 6 month
overlap maintenance period until after the release of the
next SUSE Studio is released (currently planned to be SUSE
Studio Onsite 1.3).
In order to keep your systems up to date and secure, please
migrate your systems to SUSE Studio 1.2 now. All customers
that have access to this notification already have access
to and can migrate to Studio 1.2 without additional fees.
For more information about Studio Onsite 1.2, please visit
http://www.suse.com/products/susestudio/
and
http://www.suse.com/documentation/suse_studio/
For handling SUSE Studio Update, please refer to
http://www.suse.com/documentation/suse_studio/suse_studio_gu
ide/?page=/documentation/suse_studio/suse_studio_guide/data/
sec_studio_deployment_upgrade11-12.html
and
http://www.novell.com/support/documentLink.do?externalID=700
9259
For SUSE Lifecycle Management Server, please refer to
http://www.suse.com/documentation/slms1/
and
http://www.novell.com/support/viewContent.do?externalId=7009
142
for more information on how to upgrade.
Indications:
End of Life of Appliance Toolkit 1.1.
Special Instructions and Notes:
Please reboot the system after installing this update.This
update triggers a restart of the software management stack.
More updates will be available for installation after
applying this update and restarting the application. This
update triggers a restart of the software management stack.
More updates will be available for installation after
applying this update and restarting the application.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Studio Onsite 1.1:
zypper in -t patch slestsosp1-release-notes-studioonsite-5758
- SUSE Lifecycle Management Server 1.1 [Appliance - Tools]:
zypper in -t patch sleslmssp1-release-notes-slms-5763
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Studio Onsite 1.1 (x86_64) [New Version: 1.1]:
release-notes-studioonsite-1.1-0.5.1
- SUSE Lifecycle Management Server 1.1 [Appliance - Tools] (x86_64) [New Version: 1.1]:
release-notes-slms-1.1-0.7.1
References:
https://bugzilla.novell.com/744673
http://download.novell.com/patch/finder/?keywords=df880cb1020ebad6b35e61149401d789
http://download.novell.com/patch/finder/?keywords=e53780c28886795f17efa1d7a09ecc89
From sle-updates at lists.suse.com Thu Feb 9 11:10:43 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 9 Feb 2012 19:10:43 +0100 (CET)
Subject: SUSE-SU-2012:0231-1: moderate: Security update for sysconfig
Message-ID: <20120209181043.32F7E32157@maintenance.suse.de>
SUSE Security Update: Security update for sysconfig
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0231-1
Rating: moderate
References: #704234 #735394
Cross-References: CVE-2011-4182
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
The following bug has been fixed:
* sysconfig hook script for NetworkManager did not
properly quote shell meta characters when processing
ESSIDs. Specially crafted network names could have
therefore lead to execution of shell code (CVE-2011-4182).
Security Issue reference:
* CVE-2011-4182
Special Instructions and Notes:
Please reboot the system after installing this update.This
update triggers a restart of the software management stack.
More updates will be available for installation after
applying this update and restarting the application. This
update triggers a restart of the software management stack.
More updates will be available for installation after
applying this update and restarting the application.
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
sysconfig-0.50.9-13.68.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
sysconfig-0.50.9-13.68.1
References:
http://support.novell.com/security/cve/CVE-2011-4182.html
https://bugzilla.novell.com/704234
https://bugzilla.novell.com/735394
http://download.novell.com/patch/finder/?keywords=e1ff0acb7870582081808201b27ba00e
From sle-updates at lists.suse.com Thu Feb 9 11:10:59 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 9 Feb 2012 19:10:59 +0100 (CET)
Subject: SUSE-RU-2012:0238-1: Recommended update for Python
Message-ID: <20120209181059.BC3FD32157@maintenance.suse.de>
SUSE Recommended Update: Recommended update for Python
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0238-1
Rating: low
References: #742525
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update fixes a a problem Python's SafeConfigParser
where it incorrectly refused to parse lone percent signs,
refusing valid strings such as "100%%" in config files.
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-libpython2_6-1_0-5753
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-libpython2_6-1_0-5753
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-libpython2_6-1_0-5753
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-libpython2_6-1_0-5753
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64):
python-devel-2.6.0-8.14.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64):
python-demo-2.6.0-8.14.1
python-gdbm-2.6.0-8.14.1
python-idle-2.6.0-8.14.1
python-tk-2.6.0-8.14.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (x86_64):
python-32bit-2.6.0-8.14.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
libpython2_6-1_0-2.6.0-8.14.1
python-2.6.0-8.14.1
python-base-2.6.0-8.14.1
python-curses-2.6.0-8.14.1
python-demo-2.6.0-8.14.1
python-gdbm-2.6.0-8.14.1
python-idle-2.6.0-8.14.1
python-tk-2.6.0-8.14.1
python-xml-2.6.0-8.14.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64):
libpython2_6-1_0-32bit-2.6.0-8.14.1
python-32bit-2.6.0-8.14.1
python-base-32bit-2.6.0-8.14.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
libpython2_6-1_0-2.6.0-8.14.1
python-2.6.0-8.14.1
python-base-2.6.0-8.14.1
python-curses-2.6.0-8.14.1
python-demo-2.6.0-8.14.1
python-gdbm-2.6.0-8.14.1
python-idle-2.6.0-8.14.1
python-tk-2.6.0-8.14.1
python-xml-2.6.0-8.14.1
- SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64):
libpython2_6-1_0-32bit-2.6.0-8.14.1
python-32bit-2.6.0-8.14.1
python-base-32bit-2.6.0-8.14.1
- SUSE Linux Enterprise Server 11 SP1 (ia64):
libpython2_6-1_0-x86-2.6.0-8.14.1
python-base-x86-2.6.0-8.14.1
python-x86-2.6.0-8.14.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
libpython2_6-1_0-2.6.0-8.14.1
python-2.6.0-8.14.1
python-base-2.6.0-8.14.1
python-curses-2.6.0-8.14.1
python-devel-2.6.0-8.14.1
python-tk-2.6.0-8.14.1
python-xml-2.6.0-8.14.1
- SUSE Linux Enterprise Desktop 11 SP1 (x86_64):
libpython2_6-1_0-32bit-2.6.0-8.14.1
python-base-32bit-2.6.0-8.14.1
References:
https://bugzilla.novell.com/742525
http://download.novell.com/patch/finder/?keywords=acc38d3b80bba6c03e3610ec0e8a9627
From sle-updates at lists.suse.com Thu Feb 9 11:11:17 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 9 Feb 2012 19:11:17 +0100 (CET)
Subject: SUSE-RU-2012:0245-1: Recommended update for pam_ssh
Message-ID: <20120209181117.5B4D3320E0@maintenance.suse.de>
SUSE Recommended Update: Recommended update for pam_ssh
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0245-1
Rating: low
References: #665061 #741541
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that has two recommended fixes can now be
installed.
Description:
This update fixes a segfault when no input is given as
answer to a passphrase question (bnc#741541). In addition,
setgroups and setgid is called before executing ssh-agent
(bnc#665061).
Special Instructions and Notes:
Please reboot the system after installing this update.
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
pam_ssh-1.91-19.9.1
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):
pam_ssh-1.91-19.9.1
References:
https://bugzilla.novell.com/665061
https://bugzilla.novell.com/741541
http://download.novell.com/patch/finder/?keywords=d2bcb7a9617c90eee6680c816e7b9a70
From sle-updates at lists.suse.com Thu Feb 9 11:11:33 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 9 Feb 2012 19:11:33 +0100 (CET)
Subject: SUSE-RU-2012:0250-1: Recommended update for gconf2-branding-hp-cnb
Message-ID: <20120209181133.CEEE2320E0@maintenance.suse.de>
SUSE Recommended Update: Recommended update for gconf2-branding-hp-cnb
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0250-1
Rating: low
References: #735528
Affected Products:
SLED 11 HP CNB Preload SP1
SLED 11 HP CNB Preload
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update corrects an occassional hangup in touchpad
handling due to an unstable timing source. The timer
source hpet is more stable (bnc#735528).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SLED 11 HP CNB Preload SP1:
zypper in -t patch slehpcnbup0-gconf2-branding-hp-cnb-5668
- SLED 11 HP CNB Preload:
zypper in -t patch slehpcnbp0-gconf2-branding-hp-cnb-5668
To bring your system up-to-date, use "zypper patch".
Package List:
- SLED 11 HP CNB Preload SP1 (i586):
gconf2-branding-hp-cnb-1.1-0.52.49.1
- SLED 11 HP CNB Preload (i586):
gconf2-branding-hp-cnb-1.1-0.52.49.1
References:
https://bugzilla.novell.com/735528
http://download.novell.com/patch/finder/?keywords=c2bd98426ed9f32f3479e1a8c51fdfdc
From sle-updates at lists.suse.com Thu Feb 9 16:08:28 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 10 Feb 2012 00:08:28 +0100 (CET)
Subject: SUSE-RU-2012:0253-1: moderate: Recommended update for SUSE Manager
Proxy
Message-ID: <20120209230828.774743227F@maintenance.suse.de>
SUSE Recommended Update: Recommended update for SUSE Manager Proxy
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0253-1
Rating: moderate
References: #738054 #742145
Affected Products:
SUSE Manager Proxy 1.2 for SLE 11 SP1
______________________________________________________________________________
An update that has two recommended fixes can now be
installed.
Description:
This update for SUSE Manager Proxy fixes the following
issues:
* Disable monthly registration of SUSE Manager clients
with Novell Customer Center
* Bootstrap: Offer to disable YaST Automatic Online
Update if it is enabled on the client
How to apply this update:
1. Log in as root user to the SUSE Manager proxy. 2.
Stop the proxy service: mgr-proxy stop 3. Apply the patch
using either zypper patch or YaST Online Update. 4. Start
the Spacewalk service: mgr-proxy start
Indications:
Every SUSE Manager Proxy user should update
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Manager Proxy 1.2 for SLE 11 SP1:
zypper in -t patch slemap12sp1-suse-manager-proxy-201201-5717
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Manager Proxy 1.2 for SLE 11 SP1 (x86_64):
spacewalk-backend-1.2.74-0.46.1
spacewalk-backend-libs-1.2.74-0.46.1
- SUSE Manager Proxy 1.2 for SLE 11 SP1 (noarch):
spacewalk-certs-tools-1.2.2-0.24.1
References:
https://bugzilla.novell.com/738054
https://bugzilla.novell.com/742145
http://download.novell.com/patch/finder/?keywords=f15991a8da80cce6ccbc9f846dfdbf2f
From sle-updates at lists.suse.com Thu Feb 9 16:08:54 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 10 Feb 2012 00:08:54 +0100 (CET)
Subject: SUSE-SU-2012:0254-1: moderate: Security update for SUSE Manager
Message-ID: <20120209230854.8BAAF32293@maintenance.suse.de>
SUSE Security Update: Security update for SUSE Manager
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0254-1
Rating: moderate
References: #728894 #730408 #731304 #732517 #732845 #734164
#736240 #737649 #738054 #740813 #742145
Cross-References: CVE-2012-0059
Affected Products:
SUSE Manager 1.2 for SLE 11 SP1
______________________________________________________________________________
An update that solves one vulnerability and has 10 fixes is
now available.
Description:
This 2012/01 Update for SUSE Manager provides the following
security fixes:
* CVE-2012-0059: The spacewalk admin was able to read
the password of other users that failed to register. The
password is even send via email in plaintext.
In addition the following non-security changes were added:
* 728894: Fix internal server error when deleting a
software channel
* 730408: Remove markup from error message
* 731304: Fix display of XML snippets in the web ui
* 732517: Remove confirmation dialog when adding a
channel
* 732845: Fix query to determine config channels in SSM
* 734164: Make all chars display properly
* 736240: Remove setuid bits from oracle binaries
* 737649: Add missing URL to auditlog configuration
* 738054: Offer to disable YAST Automatic Online Update
if it is enabled on the client.
* 740813: Fix mgr-ncc-sync -s resetting the max_members
of system groups to 10
* 742145: Set up seclist in registration.py
How to apply this update:
1. Log in as root user to the SUSE Manager server. 2.
Stop the Spacewalk service: spacewalk-service stop 3. Apply
the patch using either zypper patch or YaST Online Update.
4. Optionally install new packages (required only if audit
logging should be enabled): zypper in auditlog-keeper
auditlog-keeper-spacewalk-validator auditlog-keeper-syslog
Additional output plugins available: auditlog-keeper-rdbms,
auditlog-keeper-xmlout To enable audit logging add the
following line to /etc/rhn/rhn.conf: audit.enabled = 1 5.
Start the Spacewalk service: spacewalk-service start
Security Issue reference:
* CVE-2012-0059
Indications:
Please update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Manager 1.2 for SLE 11 SP1:
zypper in -t patch sleman12sp1-susemanager-201201-5718
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Manager 1.2 for SLE 11 SP1 (x86_64):
spacewalk-backend-1.2.74-0.46.1
spacewalk-backend-app-1.2.74-0.46.1
spacewalk-backend-applet-1.2.74-0.46.1
spacewalk-backend-config-files-1.2.74-0.46.1
spacewalk-backend-config-files-common-1.2.74-0.46.1
spacewalk-backend-config-files-tool-1.2.74-0.46.1
spacewalk-backend-iss-1.2.74-0.46.1
spacewalk-backend-iss-export-1.2.74-0.46.1
spacewalk-backend-libs-1.2.74-0.46.1
spacewalk-backend-package-push-server-1.2.74-0.46.1
spacewalk-backend-server-1.2.74-0.46.1
spacewalk-backend-sql-1.2.74-0.46.1
spacewalk-backend-sql-oracle-1.2.74-0.46.1
spacewalk-backend-tools-1.2.74-0.46.1
spacewalk-backend-xml-export-libs-1.2.74-0.46.1
spacewalk-backend-xmlrpc-1.2.74-0.46.1
spacewalk-backend-xp-1.2.74-0.46.1
susemanager-1.2.0-0.50.1
susemanager-tools-1.2.0-0.50.1
- SUSE Manager 1.2 for SLE 11 SP1 (noarch):
editarea-0.8.2-0.4.1
spacewalk-base-1.2.31-0.33.1
spacewalk-base-minimal-1.2.31-0.33.1
spacewalk-certs-tools-1.2.2-0.24.1
spacewalk-grail-1.2.31-0.33.1
spacewalk-html-1.2.31-0.33.1
spacewalk-java-1.2.115-0.52.1
spacewalk-java-config-1.2.115-0.52.1
spacewalk-java-lib-1.2.115-0.52.1
spacewalk-java-oracle-1.2.115-0.52.1
spacewalk-pxt-1.2.31-0.33.1
spacewalk-sniglets-1.2.31-0.33.1
spacewalk-taskomatic-1.2.115-0.52.1
References:
http://support.novell.com/security/cve/CVE-2012-0059.html
https://bugzilla.novell.com/728894
https://bugzilla.novell.com/730408
https://bugzilla.novell.com/731304
https://bugzilla.novell.com/732517
https://bugzilla.novell.com/732845
https://bugzilla.novell.com/734164
https://bugzilla.novell.com/736240
https://bugzilla.novell.com/737649
https://bugzilla.novell.com/738054
https://bugzilla.novell.com/740813
https://bugzilla.novell.com/742145
http://download.novell.com/patch/finder/?keywords=cbd90cc906d52950a552c6ddd2659abf
From sle-updates at lists.suse.com Thu Feb 9 17:08:27 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 10 Feb 2012 01:08:27 +0100 (CET)
Subject: SUSE-FU-2012:0255-1: Feature update for libnet
Message-ID: <20120210000827.BC59232291@maintenance.suse.de>
SUSE Feature Update: Feature update for libnet
______________________________________________________________________________
Announcement ID: SUSE-FU-2012:0255-1
Rating: low
References: #744329
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has one feature fix can now be installed.
Description:
This update adds the function libnet_cq_end_loop needed by
dhcp_probe.
Indications:
Every dhcp_probe user should update.
Patch Instructions:
To install this SUSE Feature Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-libnet-5771
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-libnet-5771
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-libnet-5771
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
libnet-1.1.2.1-140.24.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
libnet-1.1.2.1-140.24.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
libnet-1.1.2.1-140.24.1
References:
https://bugzilla.novell.com/744329
http://download.novell.com/patch/finder/?keywords=e104f899ab021aaebada80979fff5fc9
From sle-updates at lists.suse.com Mon Feb 13 21:08:17 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Tue, 14 Feb 2012 05:08:17 +0100 (CET)
Subject: SUSE-RU-2012:0256-1: Recommended update for Samba
Message-ID: <20120214040817.5B52B32294@maintenance.suse.de>
SUSE Recommended Update: Recommended update for Samba
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0256-1
Rating: low
References: #569721 #653353 #659424 #681208 #687535 #688810
#701257 #703655 #710791 #723261 #729516
Affected Products:
SUSE Linux Enterprise Server 10 GPLv3 Extras
______________________________________________________________________________
An update that has 11 recommended fixes can now be
installed.
Description:
This updates Samba-GPLv3 to the latest state for SLE 10 SP4.
* Fixing libsmbsharemode dependency on ldap and krb5
libs in Makefile; (bnc #729516).
* Add "ldapsam:login cache" parameter to allow explicit
disabling of the login cache; (bnc#723261).
* Fix samba duplicates file content on appending. Move
posix case semantics out from under the VFS; (bso#6898);
(bnc#681208).
* Make winbind child reconnect when remote end has
closed, fix failing sudo; (bso#7295); (bnc#569721).
* Fixed the DFS referral response for msdfs root;
(bnc#703655).
* Fix CUPS print job IDs; (bso#7288); (bnc#701257).
* Fix winbind internal error; (bso#7636); (bnc#659424).
* Fix printing from Windows 7 clients; (bso#7567);
(bnc#687535).
* Update pidl and always compile IDL at build time;
(bnc#688810).
* Abide by print$ share 'force user' & 'force group'
settings when handling AddprinterDriver and
DeletePrinterDriver requests; (bso#7921); (bnc#653353).
SUSE Linux Enterprise 11 only:
* mount.cifs: don't try to alter mtab if it's a
symlink; (bnc#710791).
Package List:
- SUSE Linux Enterprise Server 10 GPLv3 Extras (i586 ia64 ppc s390x x86_64):
libnetapi-devel-3.4.3-0.37.1
libnetapi0-3.4.3-0.37.1
libtalloc-devel-3.4.3-0.37.1
libtalloc1-3.4.3-0.37.1
libtdb-devel-3.4.3-0.37.1
libtdb1-3.4.3-0.37.1
libwbclient-devel-3.4.3-0.37.1
libwbclient0-3.4.3-0.37.1
samba-gplv3-3.4.3-0.37.1
samba-gplv3-client-3.4.3-0.37.1
samba-gplv3-krb-printing-3.4.3-0.37.1
samba-gplv3-winbind-3.4.3-0.37.1
- SUSE Linux Enterprise Server 10 GPLv3 Extras (noarch):
samba-gplv3-doc-3.4.3-0.37.1
References:
https://bugzilla.novell.com/569721
https://bugzilla.novell.com/653353
https://bugzilla.novell.com/659424
https://bugzilla.novell.com/681208
https://bugzilla.novell.com/687535
https://bugzilla.novell.com/688810
https://bugzilla.novell.com/701257
https://bugzilla.novell.com/703655
https://bugzilla.novell.com/710791
https://bugzilla.novell.com/723261
https://bugzilla.novell.com/729516
http://download.novell.com/patch/finder/?keywords=2d11c8d5b5363d27ff8873299453fd8c
From sle-updates at lists.suse.com Mon Feb 13 22:08:33 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Tue, 14 Feb 2012 06:08:33 +0100 (CET)
Subject: SUSE-RU-2012:0257-1: Recommended update for Samba
Message-ID: <20120214050833.1B1073229C@maintenance.suse.de>
SUSE Recommended Update: Recommended update for Samba
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0257-1
Rating: low
References: #569721 #653353 #659424 #681208 #687535 #688810
#701257 #703655 #710791 #723261 #726145 #729516
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has 12 recommended fixes can now be
installed.
Description:
This updates Samba to the latest state for SLE 10 SP4 and
SLE 11 SP 1.
* Fixing libsmbsharemode dependency on ldap and krb5
libs in Makefile; (bnc #729516).
* Add "ldapsam:login cache" parameter to allow explicit
disabling of the login cache; (bnc#723261).
* Fix samba duplicates file content on appending. Move
posix case semantics out from under the VFS; (bso#6898);
(bnc#681208).
* Make winbind child reconnect when remote end has
closed, fix failing sudo; (bso#7295); (bnc#569721).
* Fixed the DFS referral response for msdfs root;
(bnc#703655).
* Fix CUPS print job IDs; (bso#7288); (bnc#701257).
* Fix winbind internal error; (bso#7636); (bnc#659424).
* Fix printing from Windows 7 clients; (bso#7567);
(bnc#687535).
* Update pidl and always compile IDL at build time;
(bnc#688810).
* Abide by print$ share 'force user' & 'force group'
settings when handling AddprinterDriver and
DeletePrinterDriver requests; (bso#7921); (bnc#653353).
SUSE Linux Enterprise 11 only:
* mount.cifs: don't try to alter mtab if it's a
symlink; (bnc#710791).
* Fix smbclient -Tc failing on 8GB sized tar files on
s390x (bnc#726145)
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-samba-5566
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-samba-5566
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-samba-5566
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-samba-5566
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 s390x x86_64):
libnetapi-devel-3.4.3-1.34.1
libnetapi0-3.4.3-1.34.1
libsmbclient-devel-3.4.3-1.34.1
libsmbsharemodes-devel-3.4.3-1.34.1
libsmbsharemodes0-3.4.3-1.34.1
libtalloc-devel-3.4.3-1.34.1
libtdb-devel-3.4.3-1.34.1
libwbclient-devel-3.4.3-1.34.1
samba-devel-3.4.3-1.34.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64):
libnetapi-devel-3.4.3-1.34.5
libnetapi0-3.4.3-1.34.5
libsmbclient-devel-3.4.3-1.34.5
libsmbsharemodes-devel-3.4.3-1.34.5
libsmbsharemodes0-3.4.3-1.34.5
libtalloc-devel-3.4.3-1.34.5
libtdb-devel-3.4.3-1.34.5
libwbclient-devel-3.4.3-1.34.5
samba-devel-3.4.3-1.34.5
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
cifs-mount-3.4.3-1.34.1
ldapsmb-1.34b-11.28.34.1
libsmbclient0-3.4.3-1.34.1
libtalloc1-3.4.3-1.34.1
libtdb1-3.4.3-1.34.1
libwbclient0-3.4.3-1.34.1
samba-3.4.3-1.34.1
samba-client-3.4.3-1.34.1
samba-krb-printing-3.4.3-1.34.1
samba-winbind-3.4.3-1.34.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64):
libsmbclient0-32bit-3.4.3-1.34.1
libtalloc1-32bit-3.4.3-1.34.1
libtdb1-32bit-3.4.3-1.34.1
libwbclient0-32bit-3.4.3-1.34.1
samba-32bit-3.4.3-1.34.1
samba-client-32bit-3.4.3-1.34.1
samba-winbind-32bit-3.4.3-1.34.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (noarch):
samba-doc-3.4.3-1.34.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 s390x x86_64):
cifs-mount-3.4.3-1.34.1
ldapsmb-1.34b-11.28.34.1
libsmbclient0-3.4.3-1.34.1
libtalloc1-3.4.3-1.34.1
libtdb1-3.4.3-1.34.1
libwbclient0-3.4.3-1.34.1
samba-3.4.3-1.34.1
samba-client-3.4.3-1.34.1
samba-krb-printing-3.4.3-1.34.1
samba-winbind-3.4.3-1.34.1
- SUSE Linux Enterprise Server 11 SP1 (s390x x86_64):
libsmbclient0-32bit-3.4.3-1.34.1
libtalloc1-32bit-3.4.3-1.34.1
libtdb1-32bit-3.4.3-1.34.1
libwbclient0-32bit-3.4.3-1.34.1
samba-32bit-3.4.3-1.34.1
samba-client-32bit-3.4.3-1.34.1
samba-winbind-32bit-3.4.3-1.34.1
- SUSE Linux Enterprise Server 11 SP1 (noarch):
samba-doc-3.4.3-1.34.1
samba-doc-3.4.3-1.34.5
- SUSE Linux Enterprise Server 11 SP1 (ppc64):
cifs-mount-3.4.3-1.34.5
ldapsmb-1.34b-11.28.34.5
libsmbclient0-3.4.3-1.34.5
libsmbclient0-32bit-3.4.3-1.34.5
libtalloc1-3.4.3-1.34.5
libtalloc1-32bit-3.4.3-1.34.5
libtdb1-3.4.3-1.34.5
libtdb1-32bit-3.4.3-1.34.5
libwbclient0-3.4.3-1.34.5
libwbclient0-32bit-3.4.3-1.34.5
samba-3.4.3-1.34.5
samba-32bit-3.4.3-1.34.5
samba-client-3.4.3-1.34.5
samba-client-32bit-3.4.3-1.34.5
samba-krb-printing-3.4.3-1.34.5
samba-winbind-3.4.3-1.34.5
samba-winbind-32bit-3.4.3-1.34.5
- SUSE Linux Enterprise Server 11 SP1 (ia64):
libsmbclient0-x86-3.4.3-1.34.1
libtalloc1-x86-3.4.3-1.34.1
libtdb1-x86-3.4.3-1.34.1
libwbclient0-x86-3.4.3-1.34.1
samba-client-x86-3.4.3-1.34.1
samba-winbind-x86-3.4.3-1.34.1
samba-x86-3.4.3-1.34.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
cifs-mount-3.4.3-1.34.1
libsmbclient0-3.4.3-1.34.1
libtalloc1-3.4.3-1.34.1
libtdb1-3.4.3-1.34.1
libwbclient0-3.4.3-1.34.1
samba-3.4.3-1.34.1
samba-client-3.4.3-1.34.1
samba-krb-printing-3.4.3-1.34.1
samba-winbind-3.4.3-1.34.1
- SUSE Linux Enterprise Desktop 11 SP1 (x86_64):
libsmbclient0-32bit-3.4.3-1.34.1
libtalloc1-32bit-3.4.3-1.34.1
libtdb1-32bit-3.4.3-1.34.1
libwbclient0-32bit-3.4.3-1.34.1
samba-32bit-3.4.3-1.34.1
samba-client-32bit-3.4.3-1.34.1
samba-winbind-32bit-3.4.3-1.34.1
- SUSE Linux Enterprise Desktop 11 SP1 (noarch):
samba-doc-3.4.3-1.34.1
References:
https://bugzilla.novell.com/569721
https://bugzilla.novell.com/653353
https://bugzilla.novell.com/659424
https://bugzilla.novell.com/681208
https://bugzilla.novell.com/687535
https://bugzilla.novell.com/688810
https://bugzilla.novell.com/701257
https://bugzilla.novell.com/703655
https://bugzilla.novell.com/710791
https://bugzilla.novell.com/723261
https://bugzilla.novell.com/726145
https://bugzilla.novell.com/729516
http://download.novell.com/patch/finder/?keywords=b2d6db6bd051618c6b0618bc79409012
From sle-updates at lists.suse.com Wed Feb 15 12:08:24 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Wed, 15 Feb 2012 20:08:24 +0100 (CET)
Subject: SUSE-SU-2012:0260-1: moderate: Security update for
NetworkManager-gnome
Message-ID: <20120215190824.18B3D3229C@maintenance.suse.de>
SUSE Security Update: Security update for NetworkManager-gnome
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0260-1
Rating: moderate
References: #574266 #732700
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that contains security fixes can now be
installed. It includes one version update.
Description:
NetworkManager did not pin a certificate's subject to an
ESSID. A rogue access point could therefore be used to
conduct MITM attacks by using any other valid certificate
issued by same CA as used in the original network
(CVE-2006-7246).
Please note that existing WPA2 Enterprise connections need
to be deleted and re-created to take advantage of the new
security checks.
This is a re-release of the previous update to also enable
the checks for EAP-TLS.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-NetworkManager-gnome-5621
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-NetworkManager-gnome-5621
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-NetworkManager-gnome-5621
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 0.7.1]:
NetworkManager-gnome-0.7.1-5.15.11.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.7.1]:
NetworkManager-gnome-0.7.1-5.15.11.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 0.7.1]:
NetworkManager-gnome-0.7.1-5.15.11.1
References:
https://bugzilla.novell.com/574266
https://bugzilla.novell.com/732700
http://download.novell.com/patch/finder/?keywords=c7f58cba030474918054f80ae9b9d8f5
From sle-updates at lists.suse.com Wed Feb 15 20:08:25 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 16 Feb 2012 04:08:25 +0100 (CET)
Subject: SUSE-SU-2012:0261-1: critical: Security update for Mozilla Firefox
Message-ID: <20120216030825.4E2D3323B3@maintenance.suse.de>
SUSE Security Update: Security update for Mozilla Firefox
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0261-1
Rating: critical
References: #744625 #744629 #746616
Cross-References: CVE-2012-0452
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1 FOR SP2
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1 FOR SP2
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that solves one vulnerability and has two fixes
is now available. It includes one version update.
Description:
MozillaFirefox was updated to 10.0.1 to fix critical bugs
and security issue.
The following security issue has been fixed:
CVE-2012-0452: Mozilla developers Andrew McCreight and Olli
Pettay found that ReadPrototypeBindings will leave a XBL
binding in a hash table even when the function fails. If
this occurs, when the cycle collector reads this hash
table and attempts to do a virtual method on this binding a
crash will occur. This crash may be potentially
exploitable.
Firefox 9 and earlier are not affected by this
vulnerability.
https://www.mozilla.org/security/announce/2012/mfsa2012-10.h
tml
Security Issues:
* CVE-2012-0452
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-MozillaFirefox-5807
- SUSE Linux Enterprise Server 11 SP1 FOR SP2:
zypper in -t patch slessp1fsp2-MozillaFirefox-5807
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-MozillaFirefox-5807
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2:
zypper in -t patch sledsp1fsp2-MozillaFirefox-5807
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-MozillaFirefox-5807
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 10.0.1]:
MozillaFirefox-10.0.1-0.4.1
MozillaFirefox-translations-10.0.1-0.4.1
- SUSE Linux Enterprise Server 11 SP1 FOR SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 10.0.1]:
MozillaFirefox-10.0.1-0.4.1
MozillaFirefox-translations-10.0.1-0.4.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 10.0.1]:
MozillaFirefox-10.0.1-0.4.1
MozillaFirefox-translations-10.0.1-0.4.1
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (i586 x86_64) [New Version: 10.0.1]:
MozillaFirefox-10.0.1-0.4.1
MozillaFirefox-translations-10.0.1-0.4.1
mhtml-firefox-0.5-1.47.47.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 10.0.1]:
MozillaFirefox-10.0.1-0.4.1
MozillaFirefox-translations-10.0.1-0.4.1
mhtml-firefox-0.5-1.47.47.1
References:
http://support.novell.com/security/cve/CVE-2012-0452.html
https://bugzilla.novell.com/744625
https://bugzilla.novell.com/744629
https://bugzilla.novell.com/746616
http://download.novell.com/patch/finder/?keywords=0727d8a4f41b1fef19dc1e8e92fae922
From sle-updates at lists.suse.com Thu Feb 16 10:08:36 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 16 Feb 2012 18:08:36 +0100 (CET)
Subject: SUSE-RU-2012:0263-1: Recommended update for ctdb
Message-ID: <20120216170836.72348323B3@maintenance.suse.de>
SUSE Recommended Update: Recommended update for ctdb
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0263-1
Rating: low
References: #676270 #694262 #695328 #705170 #706543 #710408
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise High Availability Extension 11 SP1
______________________________________________________________________________
An update that has 6 recommended fixes can now be
installed. It includes one version update.
Description:
This update to ctdb fixes the following reports:
* 676270: ctdbd died under heavy load
* 694262: all ctdb event scripts should be disabled by
default
* 695328: ctdb 50.samba event script monitoring is
expensive under heavy load
* 705170: ctdb connections tdb traverse timeouts
* 706543: ctdb recovery daemon intermittently receives
invalid packets and shutsdown
* 710408: ctdb: Samba not responding in 4 node cluster
* 745388: Remove stop_on_removal and restart_on_update
pre/post uninstall hooks
In addition, a version update to 1.0.114 has been performed
that provides the following fixes:
* robustness fixes for banning/recovery lock
* fixes for per-ip-routing
* always migrate a record in a ctdb call
* Incorrect use of dup2() could cause ctdb to spin
eating 100% cpu.
* Massive eventscript updates. (bz58828)
* Nice the daemon instead of using realtime scheduler,
also use mlockall() to reduce the risk of blockign due to
paging.
* Sync the tdb library with upstream, and use the new
TDB_DISALLOW_NESTING flag.
* Add new command "ctdb dumpdbbackup"
* Use the new wbinfo --ping-dc instead of -p in the
eventscript for samba the check if winbindd is ok.
* fix a double-free that can happen when there are
multiple packets queued and the connection is destroyed
before all packets are processed.
* Dont do a full recovery when there is a mismatch
detected for ip addresses, just do a less disruptive
ip-reallocation
* When starting ctdbd, wait until all initial
recoveries have finished before we issue the "startup"
event.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-ctdb-5770
- SUSE Linux Enterprise High Availability Extension 11 SP1:
zypper in -t patch sleshasp1-ctdb-5770
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.0.114.2]:
ctdb-devel-1.0.114.2-0.4.6.1
- SUSE Linux Enterprise High Availability Extension 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.0.114.2]:
ctdb-1.0.114.2-0.4.6.1
References:
https://bugzilla.novell.com/676270
https://bugzilla.novell.com/694262
https://bugzilla.novell.com/695328
https://bugzilla.novell.com/705170
https://bugzilla.novell.com/706543
https://bugzilla.novell.com/710408
http://download.novell.com/patch/finder/?keywords=508aae425525ac97f1536f8aac1bb1e7
From sle-updates at lists.suse.com Thu Feb 16 11:08:36 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 16 Feb 2012 19:08:36 +0100 (CET)
Subject: SUSE-OU-2012:0264-1: Optional update for libiec61883
Message-ID: <20120216180836.9086C323B3@maintenance.suse.de>
SUSE Optional Update: Optional update for libiec61883
______________________________________________________________________________
Announcement ID: SUSE-OU-2012:0264-1
Rating: low
References: #746142
Affected Products:
SUSE Linux Enterprise Desktop 11 SP1 FOR SP2
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has one optional fix can now be installed.
Description:
The libiec61883 library provides a higher level API for
streaming DV, MPEG-2 and audio over Linux IEEE 1394.
Indications:
Every interested user might install this package.
Patch Instructions:
To install this SUSE Optional Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2:
zypper in -t patch sledsp1fsp2-libiec61883-5791
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-libiec61883-5791
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (i586 x86_64):
libiec61883-1.1.0-119.17.1
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (x86_64):
libiec61883-32bit-1.1.0-119.17.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
libiec61883-1.1.0-119.17.1
- SUSE Linux Enterprise Desktop 11 SP1 (x86_64):
libiec61883-32bit-1.1.0-119.17.1
References:
https://bugzilla.novell.com/746142
http://download.novell.com/patch/finder/?keywords=5bb55671f967e70f0621b43d1f8142fd
From sle-updates at lists.suse.com Fri Feb 17 10:08:24 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 17 Feb 2012 18:08:24 +0100 (CET)
Subject: SUSE-OU-2012:0268-1: Optional update for nfs4-acl-tools
Message-ID: <20120217170824.630873229C@maintenance.suse.de>
SUSE Optional Update: Optional update for nfs4-acl-tools
______________________________________________________________________________
Announcement ID: SUSE-OU-2012:0268-1
Rating: low
References: #714032
Affected Products:
SUSE Linux Enterprise Desktop 11 SP1 FOR SP2
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has one optional fix can now be installed.
Description:
This update provides command line tools for viewing and
setting ACLs (Access Control Lists) when using NFSv4 to
access a remote filesystem.
Indications:
Every NFSv4 with ACLs user should install this update.
Patch Instructions:
To install this SUSE Optional Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2:
zypper in -t patch sledsp1fsp2-nfs4-acl-tools-5783
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-nfs4-acl-tools-5783
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (i586 x86_64):
nfs4-acl-tools-0.3.3-2.6.3
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
nfs4-acl-tools-0.3.3-2.6.3
References:
https://bugzilla.novell.com/714032
http://download.novell.com/patch/finder/?keywords=034e9dda1da4113138cc914bbf52d971
From sle-updates at lists.suse.com Fri Feb 17 10:08:37 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 17 Feb 2012 18:08:37 +0100 (CET)
Subject: SUSE-RU-2012:0269-1: Recommended update for yast2-registration
Message-ID: <20120217170837.8EF5032294@maintenance.suse.de>
SUSE Recommended Update: Recommended update for yast2-registration
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0269-1
Rating: low
References: #702423 #702638 #724209
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has three recommended fixes can now be
installed. It includes one version update.
Description:
This update fixes removal of the temporary user "suse-ncc"
which is added during registration to the Xauth export
file of the root user, which prevents him from exporting
his Xauthority himself later.
In addition, compatibility with mozilla-xulrunner192 has
been enhanced and is now preferred when installed.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-yast2-registration-5545
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-yast2-registration-5545
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-yast2-registration-5545
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (noarch) [New Version: 2.17.35.3]:
yast2-registration-2.17.35.3-0.4.2.1
yast2-registration-branding-SLE-2.17.35.3-0.4.2.1
- SUSE Linux Enterprise Server 11 SP1 (noarch) [New Version: 2.17.35.3]:
yast2-registration-2.17.35.3-0.4.2.1
yast2-registration-branding-SLE-2.17.35.3-0.4.2.1
- SUSE Linux Enterprise Desktop 11 SP1 (noarch) [New Version: 2.17.35.3]:
yast2-registration-2.17.35.3-0.4.2.1
yast2-registration-branding-SLE-2.17.35.3-0.4.2.1
References:
https://bugzilla.novell.com/702423
https://bugzilla.novell.com/702638
https://bugzilla.novell.com/724209
http://download.novell.com/patch/finder/?keywords=0c1b6ac0d939272a628c5a0379b1462e
From sle-updates at lists.suse.com Fri Feb 17 11:08:14 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 17 Feb 2012 19:08:14 +0100 (CET)
Subject: SUSE-RU-2012:0270-1: important: Recommended update for LVM2
Message-ID: <20120217180814.D44453229C@maintenance.suse.de>
SUSE Recommended Update: Recommended update for LVM2
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0270-1
Rating: important
References: #743779 #745250
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
______________________________________________________________________________
An update that has two recommended fixes can now be
installed.
Description:
This update for LVM2 provides the following fixes:
* 743779: Fix lvm2 not built with support for modprobe
* 745250: Fix regression in pvmove
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
lvm2-2.02.17-7.38.3
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
lvm2-2.02.17-7.38.3
References:
https://bugzilla.novell.com/743779
https://bugzilla.novell.com/745250
http://download.novell.com/patch/finder/?keywords=2ecf40e5d40f6ba4efe301f2f6f19a33
From sle-updates at lists.suse.com Fri Feb 17 11:08:31 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 17 Feb 2012 19:08:31 +0100 (CET)
Subject: SUSE-RU-2012:0271-1: moderate: Recommended update for ath3k
Message-ID: <20120217180831.C1893323B3@maintenance.suse.de>
SUSE Recommended Update: Recommended update for ath3k
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0271-1
Rating: moderate
References: #658353 #732296
Affected Products:
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has two recommended fixes can now be
installed.
Description:
This update of ath3k provides improved support for Atheros
AR3012 chips and makes the LED sync correctly with the
wifi/bluetooth on/off function key (bnc#658353).
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-ath3k-5602
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
ath3k-firmware-1.0-0.11.11.2
ath3k-kmp-default-1.0_2.6.32.49_0.3-0.11.11.2
ath3k-kmp-xen-1.0_2.6.32.49_0.3-0.11.11.2
- SUSE Linux Enterprise Desktop 11 SP1 (i586):
ath3k-kmp-pae-1.0_2.6.32.49_0.3-0.11.11.2
References:
https://bugzilla.novell.com/658353
https://bugzilla.novell.com/732296
http://download.novell.com/patch/finder/?keywords=26a374c9bab93c8a1083c102f7cbc3b3
From sle-updates at lists.suse.com Fri Feb 17 12:08:16 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 17 Feb 2012 20:08:16 +0100 (CET)
Subject: SUSE-RU-2012:0272-1: moderate: Recommended update for ntp
Message-ID: <20120217190816.C2E9D3229C@maintenance.suse.de>
SUSE Recommended Update: Recommended update for ntp
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0272-1
Rating: moderate
References: #730374 #734467
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has two recommended fixes can now be
installed.
Description:
This update fixes the following issue for ntp:
* 734467: The post installation script of ntp removes
/etc/sysconfig/ntp
* 730374: Hardware Clock does not get synchronized
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-ntp-5565
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-ntp-5565
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-ntp-5565
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
ntp-4.2.4p8-1.18.1
ntp-doc-4.2.4p8-1.18.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
ntp-4.2.4p8-1.18.1
ntp-doc-4.2.4p8-1.18.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
ntp-4.2.4p8-1.18.1
ntp-doc-4.2.4p8-1.18.1
References:
https://bugzilla.novell.com/730374
https://bugzilla.novell.com/734467
http://download.novell.com/patch/finder/?keywords=508a9d79b6e09f109ec8dcb4afe7806e
From sle-updates at lists.suse.com Fri Feb 17 12:08:27 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 17 Feb 2012 20:08:27 +0100 (CET)
Subject: SUSE-OU-2012:0273-1: Optional update for perl-Sub-Uplevel
Message-ID: <20120217190827.606AC3229C@maintenance.suse.de>
SUSE Optional Update: Optional update for perl-Sub-Uplevel
______________________________________________________________________________
Announcement ID: SUSE-OU-2012:0273-1
Rating: low
References: #744941
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Desktop 11 SP1 FOR SP2
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has one optional fix can now be installed.
Description:
This perl module provides a similiar functionality like
Tcl's uplevel() function, but not quite so dangerous. The
idea is just to fool caller(). All the really naughty bits
of Tcl's uplevel() are avoided.
Indications:
Everyone can use this package.
Patch Instructions:
To install this SUSE Optional Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2:
zypper in -t patch sdksp1fsp2-perl-Sub-Uplevel-5784
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-perl-Sub-Uplevel-5784
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2:
zypper in -t patch sledsp1fsp2-perl-Sub-Uplevel-5784
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-perl-Sub-Uplevel-5784
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2 (i586 x86_64):
perl-Sub-Uplevel-0.2002-1.23.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64):
perl-Sub-Uplevel-0.2002-1.23.1
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (i586 x86_64):
perl-Sub-Uplevel-0.2002-1.23.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
perl-Sub-Uplevel-0.2002-1.23.1
References:
https://bugzilla.novell.com/744941
http://download.novell.com/patch/finder/?keywords=8e9b425d132a94dbe7fdf9ccdc7fa257
From sle-updates at lists.suse.com Fri Feb 17 13:08:17 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 17 Feb 2012 21:08:17 +0100 (CET)
Subject: SUSE-RU-2012:0274-1: Recommended update for gnome-power-manager
Message-ID: <20120217200817.8F8F1323BC@maintenance.suse.de>
SUSE Recommended Update: Recommended update for gnome-power-manager
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0274-1
Rating: low
References: #721792 #726250 #742006
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has three recommended fixes can now be
installed.
Description:
This update for gnome-power-manager changes:
* fix suspend not working after lid is being closed on
several laptop models (bnc#721792).
* Remove icon timeout when gpm starts to draw a new
icon (bnc#742006)
* Disable suspend on critically low battery (bnc#726250)
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-gnome-applets-brightness-5683
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-gnome-applets-brightness-5683
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-gnome-applets-brightness-5683
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
gnome-power-manager-2.24.1-17.52.2
gnome-power-manager-lang-2.24.1-17.52.2
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
gnome-power-manager-2.24.1-17.52.2
gnome-power-manager-lang-2.24.1-17.52.2
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
gnome-applets-brightness-2.24.1-17.52.2
gnome-applets-inhibit-powersave-2.24.1-17.52.2
gnome-power-manager-2.24.1-17.52.2
gnome-power-manager-lang-2.24.1-17.52.2
References:
https://bugzilla.novell.com/721792
https://bugzilla.novell.com/726250
https://bugzilla.novell.com/742006
http://download.novell.com/patch/finder/?keywords=b300755c8258a1e2d61ca37592746af0
From sle-updates at lists.suse.com Fri Feb 17 13:08:31 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 17 Feb 2012 21:08:31 +0100 (CET)
Subject: SUSE-SU-2012:0275-1: Security update for qemu
Message-ID: <20120217200831.4A018323B3@maintenance.suse.de>
SUSE Security Update: Security update for qemu
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0275-1
Rating: low
References: #740165
Cross-References: CVE-2012-0029
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Point of Service 11 SP1
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
A heap-based buffer overflow in the legacy mode of the
e1000 driver device emulation was fixed (CVE-2012-0029).
Security Issue reference:
* CVE-2012-0029
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2:
zypper in -t patch sdksp1fsp2-qemu-5803
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-qemu-5803
- SUSE Linux Enterprise Point of Service 11 SP1:
zypper in -t patch sleposp1-qemu-5803
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2 (i586 x86_64):
qemu-0.10.1-0.5.5.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64):
qemu-0.10.1-0.5.5.1
- SUSE Linux Enterprise Point of Service 11 SP1 (i586):
qemu-0.10.1-0.5.5.1
References:
http://support.novell.com/security/cve/CVE-2012-0029.html
https://bugzilla.novell.com/740165
http://download.novell.com/patch/finder/?keywords=b94d7b858db9da7353cb997a14127ea8
From sle-updates at lists.suse.com Fri Feb 17 14:08:23 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 17 Feb 2012 22:08:23 +0100 (CET)
Subject: SUSE-RU-2012:0276-1: moderate: Recommended update for atftp
Message-ID: <20120217210823.780EF323B3@maintenance.suse.de>
SUSE Recommended Update: Recommended update for atftp
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0276-1
Rating: moderate
References: #507011 #727843
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that has two recommended fixes can now be
installed.
Description:
This update for atftp provides stability enhancements for
tftp usage in package loss situations.
The situation is called "Sorcerer's Apprentice Syndrome"
bug.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-atftp-5472
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-atftp-5472
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
atftp-0.7.0-135.8.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
atftp-0.7.0-135.8.1
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
atftp-0.7.0-1.22.1
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):
atftp-0.7.0-1.22.1
References:
https://bugzilla.novell.com/507011
https://bugzilla.novell.com/727843
http://download.novell.com/patch/finder/?keywords=2c524d17ed1bfe8dc6a69e2866843b0c
http://download.novell.com/patch/finder/?keywords=b14971b9550c804043c52bea2e72da8c
From sle-updates at lists.suse.com Fri Feb 17 15:08:21 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 17 Feb 2012 23:08:21 +0100 (CET)
Subject: SUSE-RU-2012:0277-1: Recommended update for resource-agents
Message-ID: <20120217220821.EE58C323B3@maintenance.suse.de>
SUSE Recommended Update: Recommended update for resource-agents
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0277-1
Rating: low
References: #684139 #684143 #695829 #696978 #697152 #697428
#702099 #712192 #716176 #721334
Affected Products:
SUSE Linux Enterprise High Availability Extension 11 SP1
______________________________________________________________________________
An update that has 10 recommended fixes can now be
installed. It includes one version update.
Description:
This update for resource-agents fixes the following reports:
* 684139: update nfsserver RA according to sm-notify
changes
* 684143: support multiple nfs_ip for nfsserver RA
* 716176: Avoid vgck in monitor operation in LVM RA
* 712192: Improve monitor op (check output of ctdb
status)
* 696978: Add smb_fileid_algorithm parameter,
default=fsid
* 702099: send_arp: fix the PID file location
* 695829: Allow stop to succeed when using pkill on
ctdbd
* 697428: Use op timeout when invoking ctdb client
* 697152: Use 'chmod' instead of 'ctdb enablescript'
* 721334: send_arp.libnet: fix for big endian platforms
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise High Availability Extension 11 SP1:
zypper in -t patch sleshasp1-ldirectord-5416
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise High Availability Extension 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.9.2]:
ldirectord-3.9.2-0.4.2.1
resource-agents-3.9.2-0.4.2.1
References:
https://bugzilla.novell.com/684139
https://bugzilla.novell.com/684143
https://bugzilla.novell.com/695829
https://bugzilla.novell.com/696978
https://bugzilla.novell.com/697152
https://bugzilla.novell.com/697428
https://bugzilla.novell.com/702099
https://bugzilla.novell.com/712192
https://bugzilla.novell.com/716176
https://bugzilla.novell.com/721334
http://download.novell.com/patch/finder/?keywords=49b157912fab844329d89992ec79afe5
From sle-updates at lists.suse.com Fri Feb 17 15:08:24 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Fri, 17 Feb 2012 23:08:24 +0100 (CET)
Subject: SUSE-RU-2012:0278-1: moderate: Recommended update for limal-ca-mgm
Message-ID: <20120217220824.C62CA323B3@maintenance.suse.de>
SUSE Recommended Update: Recommended update for limal-ca-mgm
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0278-1
Rating: moderate
References: #738100
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that has one recommended fix can now be
installed. It includes two new package versions.
Description:
This update make it possible to import a CA Certificate
which uses DN components for the subject (bnc#738100)
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-limal-ca-mgm-5694
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-limal-ca-mgm-5694
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-limal-ca-mgm-5694
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-limal-ca-mgm-5694
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.5.23]:
limal-ca-mgm-devel-1.5.23-0.3.2
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 1.5.23]:
limal-ca-mgm-1.5.23-0.3.2
limal-ca-mgm-perl-1.5.23-0.3.2
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.5.23]:
limal-ca-mgm-1.5.23-0.3.2
limal-ca-mgm-perl-1.5.23-0.3.2
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 1.1.76]:
limal-ca-mgm-1.1.76-0.6.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 1.5.23]:
limal-ca-mgm-1.5.23-0.3.2
limal-ca-mgm-perl-1.5.23-0.3.2
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 1.1.76]:
limal-ca-mgm-1.1.76-0.6.1
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 1.1.76]:
limal-ca-mgm-1.1.76-0.6.1
References:
https://bugzilla.novell.com/738100
http://download.novell.com/patch/finder/?keywords=44b053ab51c757f35aa975fdfdae3ce5
http://download.novell.com/patch/finder/?keywords=8c9d15d5f9844f14aa6f08192f91ddc2
From sle-updates at lists.suse.com Sat Feb 18 02:08:20 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Sat, 18 Feb 2012 10:08:20 +0100 (CET)
Subject: SUSE-RU-2012:0279-1: Recommended update for release-notes-sled
Message-ID: <20120218090820.B67D03229C@maintenance.suse.de>
SUSE Recommended Update: Recommended update for release-notes-sled
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0279-1
Rating: low
References: #714032
Affected Products:
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has one recommended fix can now be
installed. It includes one version update.
Description:
This update provides the latest release notes for SUSE
Linux Enterprise Desktops, adding an entry about Managing
Access Control Lists over NFSv4.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-release-notes-sled-5794
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Desktop 11 SP1 (noarch) [New Version: 11.1.9]:
release-notes-sled-11.1.9-0.4.1
References:
https://bugzilla.novell.com/714032
http://download.novell.com/patch/finder/?keywords=e6e347793400994ae37c547621a20754
From sle-updates at lists.suse.com Sat Feb 18 02:08:22 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Sat, 18 Feb 2012 10:08:22 +0100 (CET)
Subject: SUSE-OU-2012:0273-2: Optional update for perl-Test-Exception
Message-ID: <20120218090822.C154B323B3@maintenance.suse.de>
SUSE Optional Update: Optional update for perl-Test-Exception
______________________________________________________________________________
Announcement ID: SUSE-OU-2012:0273-2
Rating: low
References: #744941
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Desktop 11 SP1 FOR SP2
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has one optional fix can now be installed.
Description:
This module provides a few convenience methods for testing
exception based code. It is built with Test::Builder and
plays happily with Test::More and friends.
Indications:
Everyone can use this package.
Patch Instructions:
To install this SUSE Optional Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2:
zypper in -t patch sdksp1fsp2-perl-Test-Exception-5785
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-perl-Test-Exception-5785
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2:
zypper in -t patch sledsp1fsp2-perl-Test-Exception-5785
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-perl-Test-Exception-5785
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2 (i586 x86_64):
perl-Test-Exception-0.27-1.18.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64):
perl-Test-Exception-0.27-1.18.1
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (i586 x86_64):
perl-Test-Exception-0.27-1.18.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
perl-Test-Exception-0.27-1.18.1
References:
https://bugzilla.novell.com/744941
http://download.novell.com/patch/finder/?keywords=d7a8e40f9eeb3f570d2d9871ef734d88
From sle-updates at lists.suse.com Sat Feb 18 02:08:24 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Sat, 18 Feb 2012 10:08:24 +0100 (CET)
Subject: SUSE-SU-2012:0280-1: critical: Security update for flash-player
Message-ID: <20120218090824.3B471323B3@maintenance.suse.de>
SUSE Security Update: Security update for flash-player
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0280-1
Rating: critical
References: #747297
Cross-References: CVE-2012-0751 CVE-2012-0752 CVE-2012-0753
CVE-2012-0754 CVE-2012-0755 CVE-2012-0756
CVE-2012-0767
Affected Products:
SUSE Linux Enterprise Desktop 11 SP1 FOR SP2
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that fixes 7 vulnerabilities is now available. It
includes one version update.
Description:
flash-player was updated to version 11.1.102.62.
It fixes lots of security issues, some already exploited in
the wild.
Details can be found at:
https://www.adobe.com/support/security/bulletins/apsb12-03.h
tml
These vulnerabilities could cause a crash and potentially
allow an attacker to take control of the affected system.
This update also resolves a universal cross-site scripting
vulnerability that could be used to take actions on a
user's behalf on any website or webmail provider, if the
user visits a malicious website. There are reports that
this vulnerability (CVE-2012-0767) is being exploited in
the wild in active targeted attacks designed to trick the
user into clicking on a malicious link delivered in an
email message (Internet Explorer on Windows only).
Security Issue references:
* CVE-2012-0751
* CVE-2012-0752
* CVE-2012-0753
* CVE-2012-0754
* CVE-2012-0755
* CVE-2012-0756
* CVE-2012-0767
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2:
zypper in -t patch sledsp1fsp2-flash-player-5817
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-flash-player-5817
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (i586 x86_64) [New Version: 11.1.102.62]:
flash-player-11.1.102.62-0.14.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 11.1.102.62]:
flash-player-11.1.102.62-0.14.1
References:
http://support.novell.com/security/cve/CVE-2012-0751.html
http://support.novell.com/security/cve/CVE-2012-0752.html
http://support.novell.com/security/cve/CVE-2012-0753.html
http://support.novell.com/security/cve/CVE-2012-0754.html
http://support.novell.com/security/cve/CVE-2012-0755.html
http://support.novell.com/security/cve/CVE-2012-0756.html
http://support.novell.com/security/cve/CVE-2012-0767.html
https://bugzilla.novell.com/747297
http://download.novell.com/patch/finder/?keywords=e7839de3d618cfe53b47ab455a9b2171
From sle-updates at lists.suse.com Sat Feb 18 02:08:25 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Sat, 18 Feb 2012 10:08:25 +0100 (CET)
Subject: SUSE-SU-2012:0281-1: moderate: Security update for libopenssl
Message-ID: <20120218090825.35FD2323C0@maintenance.suse.de>
SUSE Security Update: Security update for libopenssl
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0281-1
Rating: moderate
References: #742821 #743344
Cross-References: CVE-2012-0050
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1 FOR SP2
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1 FOR SP2
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available. It includes one version update.
Description:
This update of OpenSSL fixes a Denial of Services issue
that could be triggered via unspecified vectors
(CVE-2012-0050).
Also, the SHA256 and SHA512 algorithms are now enabled by
default.
Security Issue reference:
* CVE-2012-0050
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2:
zypper in -t patch sdksp1fsp2-libopenssl-devel-5808
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-libopenssl-devel-5808
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-libopenssl-devel-5808
- SUSE Linux Enterprise Server 11 SP1 FOR SP2:
zypper in -t patch slessp1fsp2-libopenssl-devel-5808
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-libopenssl-devel-5808
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2:
zypper in -t patch sledsp1fsp2-libopenssl-devel-5808
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-libopenssl-devel-5808
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.9.8j]:
libopenssl-devel-0.9.8j-0.28.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.9.8j]:
libopenssl-devel-0.9.8j-0.28.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 0.9.8j]:
libopenssl0_9_8-0.9.8j-0.28.1
openssl-0.9.8j-0.28.1
openssl-doc-0.9.8j-0.28.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64) [New Version: 0.9.8j]:
libopenssl0_9_8-32bit-0.9.8j-0.28.1
- SUSE Linux Enterprise Server 11 SP1 FOR SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.9.8j]:
libopenssl0_9_8-0.9.8j-0.28.1
openssl-0.9.8j-0.28.1
openssl-doc-0.9.8j-0.28.1
- SUSE Linux Enterprise Server 11 SP1 FOR SP2 (ppc64 s390x x86_64) [New Version: 0.9.8j]:
libopenssl0_9_8-32bit-0.9.8j-0.28.1
- SUSE Linux Enterprise Server 11 SP1 FOR SP2 (ia64) [New Version: 0.9.8j]:
libopenssl0_9_8-x86-0.9.8j-0.28.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 0.9.8j]:
libopenssl0_9_8-0.9.8j-0.28.1
openssl-0.9.8j-0.28.1
openssl-doc-0.9.8j-0.28.1
- SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64) [New Version: 0.9.8j]:
libopenssl0_9_8-32bit-0.9.8j-0.28.1
- SUSE Linux Enterprise Server 11 SP1 (ia64) [New Version: 0.9.8j]:
libopenssl0_9_8-x86-0.9.8j-0.28.1
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (i586 x86_64) [New Version: 0.9.8j]:
libopenssl0_9_8-0.9.8j-0.28.1
openssl-0.9.8j-0.28.1
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (x86_64) [New Version: 0.9.8j]:
libopenssl0_9_8-32bit-0.9.8j-0.28.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 0.9.8j]:
libopenssl0_9_8-0.9.8j-0.28.1
openssl-0.9.8j-0.28.1
- SUSE Linux Enterprise Desktop 11 SP1 (x86_64) [New Version: 0.9.8j]:
libopenssl0_9_8-32bit-0.9.8j-0.28.1
References:
http://support.novell.com/security/cve/CVE-2012-0050.html
https://bugzilla.novell.com/742821
https://bugzilla.novell.com/743344
http://download.novell.com/patch/finder/?keywords=c361b0812d0530c122bf1decd47f80cb
From sle-updates at lists.suse.com Sat Feb 18 03:08:11 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Sat, 18 Feb 2012 11:08:11 +0100 (CET)
Subject: SUSE-SU-2012:0282-1: moderate: Security update for OpenSSL
Message-ID: <20120218100811.60DDD3229C@maintenance.suse.de>
SUSE Security Update: Security update for OpenSSL
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0282-1
Rating: moderate
References: #742821
Cross-References: CVE-2012-0050
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update of OpenSSL fixes a Denial of Services issue
that could be triggered via unspecified vectors
(CVE-2012-0050).
Security Issue reference:
* CVE-2012-0050
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
openssl-0.9.8a-18.60.3
openssl-devel-0.9.8a-18.60.3
openssl-doc-0.9.8a-18.60.3
- SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):
openssl-32bit-0.9.8a-18.60.3
openssl-devel-32bit-0.9.8a-18.60.3
- SUSE Linux Enterprise Server 10 SP4 (ia64):
openssl-x86-0.9.8a-18.60.3
- SUSE Linux Enterprise Server 10 SP4 (ppc):
openssl-64bit-0.9.8a-18.60.3
openssl-devel-64bit-0.9.8a-18.60.3
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
openssl-0.9.8a-18.60.3
openssl-devel-0.9.8a-18.60.3
- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):
openssl-32bit-0.9.8a-18.60.3
openssl-devel-32bit-0.9.8a-18.60.3
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):
openssl-doc-0.9.8a-18.60.3
References:
http://support.novell.com/security/cve/CVE-2012-0050.html
https://bugzilla.novell.com/742821
http://download.novell.com/patch/finder/?keywords=f865d7708d91915ffe224375f1620a18
From sle-updates at lists.suse.com Sat Feb 18 05:08:14 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Sat, 18 Feb 2012 13:08:14 +0100 (CET)
Subject: SUSE-SU-2012:0283-1: moderate: Security update for NetworkManager
Message-ID: <20120218120814.5AE733229C@maintenance.suse.de>
SUSE Security Update: Security update for NetworkManager
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0283-1
Rating: moderate
References: #574266
Cross-References: CVE-2006-7246
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
NetworkManager did not pin a certificate's subject to an
ESSID. A rogue access point could therefore be used to
conduct MITM attacks by using any other valid certificate
issued by same CA as used in the original network
(CVE-2006-7246).
Please note that existing WPA2 Enterprise connections need
to be deleted and re-created to take advantage of the new
security checks.
Security Issue reference:
* CVE-2006-7246
Special Instructions and Notes:
Please reboot the system after installing this update.
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
NetworkManager-0.6.6-0.21.5
NetworkManager-devel-0.6.6-0.21.5
NetworkManager-glib-0.6.6-0.21.5
NetworkManager-gnome-0.6.6-0.21.5
wpa_supplicant-0.4.8-14.29.5
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
NetworkManager-0.6.6-0.21.5
NetworkManager-devel-0.6.6-0.21.5
NetworkManager-glib-0.6.6-0.21.5
NetworkManager-gnome-0.6.6-0.21.5
wpa_supplicant-0.4.8-14.29.5
References:
http://support.novell.com/security/cve/CVE-2006-7246.html
https://bugzilla.novell.com/574266
http://download.novell.com/patch/finder/?keywords=3ae188b8ee6ea152ca6d4acbf24ee30e
From sle-updates at lists.suse.com Sat Feb 18 05:08:15 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Sat, 18 Feb 2012 13:08:15 +0100 (CET)
Subject: SUSE-SU-2012:0284-1: important: Security update for Apache2
Message-ID: <20120218120815.C39AE323B3@maintenance.suse.de>
SUSE Security Update: Security update for Apache2
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0284-1
Rating: important
References: #728876 #738067 #738855 #739783 #741243 #741874
#743743
Cross-References: CVE-2007-6750 CVE-2012-0031 CVE-2012-0053
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
______________________________________________________________________________
An update that solves three vulnerabilities and has four
fixes is now available. It includes one version update.
Description:
This update of apache2 and libapr1 fixes regressions and
several security problems.
* CVE-2012-0031: Fixed a scoreboard corruption (shared
mem segment) by child causes crash of privileged parent
(invalid free()) during shutdown.
* CVE-2012-0053: Fixed an issue in error responses that
could expose "httpOnly" cookies when no custom
ErrorDocument is specified for status code 400".
* CVE-2007-6750: The "mod_reqtimeout" module was
backported from Apache 2.2.21 to help mitigate the
"Slowloris" Denial of Service attack.
You need to enable the "mod_reqtimeout" module in your
existing apache configuration to make it effective, e.g.
in the APACHE_MODULES line in /etc/sysconfig/apache2. For
more detailed information, check also the README file.
Also the following bugs have been fixed:
* Fixed init script action "check-reload" to avoid
potential crashes. bnc#728876
* An overlapping memcpy() was replaced by memmove() to
make this work with newer glibcs. bnc#738067 bnc#741874
* libapr1: reset errno to zero to not return previous
value despite good status of new operation. bnc#739783
Security Issue references:
* CVE-2007-6750
* CVE-2012-0031
* CVE-2012-0053
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-apache2-201202-5760
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-apache2-201202-5760
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-apache2-201202-5760
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.2.12]:
apache2-devel-2.2.12-1.30.1
libapr1-devel-1.3.3-11.18.19.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64) [New Version: 2.2.12]:
apache2-2.2.12-1.30.1
apache2-doc-2.2.12-1.30.1
apache2-example-pages-2.2.12-1.30.1
apache2-prefork-2.2.12-1.30.1
apache2-utils-2.2.12-1.30.1
apache2-worker-2.2.12-1.30.1
libapr1-1.3.3-11.18.19.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64):
libapr1-devel-32bit-1.3.3-11.18.19.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 2.2.12]:
apache2-2.2.12-1.30.1
apache2-doc-2.2.12-1.30.1
apache2-example-pages-2.2.12-1.30.1
apache2-prefork-2.2.12-1.30.1
apache2-utils-2.2.12-1.30.1
apache2-worker-2.2.12-1.30.1
libapr1-1.3.3-11.18.19.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 2.2.12]:
apache2-2.2.12-1.30.1
apache2-doc-2.2.12-1.30.1
apache2-example-pages-2.2.12-1.30.1
apache2-prefork-2.2.12-1.30.1
apache2-utils-2.2.12-1.30.1
apache2-worker-2.2.12-1.30.1
libapr1-1.3.3-11.18.19.1
- SUSE Linux Enterprise Server 11 SP1 (ppc64):
libapr1-32bit-1.3.3-11.18.19.1
References:
http://support.novell.com/security/cve/CVE-2007-6750.html
http://support.novell.com/security/cve/CVE-2012-0031.html
http://support.novell.com/security/cve/CVE-2012-0053.html
https://bugzilla.novell.com/728876
https://bugzilla.novell.com/738067
https://bugzilla.novell.com/738855
https://bugzilla.novell.com/739783
https://bugzilla.novell.com/741243
https://bugzilla.novell.com/741874
https://bugzilla.novell.com/743743
http://download.novell.com/patch/finder/?keywords=26fd37ffcda352499111cd00df8417e9
From sle-updates at lists.suse.com Sat Feb 18 05:08:26 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Sat, 18 Feb 2012 13:08:26 +0100 (CET)
Subject: SUSE-RU-2012:0285-1: Recommended update for release-notes-sles
Message-ID: <20120218120826.61A86323B3@maintenance.suse.de>
SUSE Recommended Update: Recommended update for release-notes-sles
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0285-1
Rating: low
References: #585361 #736148 #736767 #740858
Affected Products:
SUSE Linux Enterprise Server 11 SP1
______________________________________________________________________________
An update that has four recommended fixes can now be
installed. It includes one version update.
Description:
This update provides the latest updated information in the
SUSE Linux Enterprise Server Release Notes 11.
* Myricom 10-Gigabit Ethernet Driver and Firmware
[bnc#736148].
* Support statement about Tomcat 6 (bnc#740858)
* And other bugs, e.g. [bnc#585361].
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-release-notes-sles-5646
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 11.1.1.9]:
release-notes-sles-11.1.1.9-0.6.1
References:
https://bugzilla.novell.com/585361
https://bugzilla.novell.com/736148
https://bugzilla.novell.com/736767
https://bugzilla.novell.com/740858
http://download.novell.com/patch/finder/?keywords=b47e9af0241808742f46f99599d63a79
From sle-updates at lists.suse.com Mon Feb 20 11:08:16 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Mon, 20 Feb 2012 19:08:16 +0100 (CET)
Subject: SUSE-YU-2012:0288-1: YOU update for libsatsolver
Message-ID: <20120220180816.B0DAB3205E@maintenance.suse.de>
SUSE YOU Update: YOU update for libsatsolver
______________________________________________________________________________
Announcement ID: SUSE-YU-2012:0288-1
Rating: low
References: #740982 #744094
Affected Products:
SLE CLIENT TOOLS 10 for x86_64
SLE CLIENT TOOLS 10 for s390x
SLE CLIENT TOOLS 10 for ia64
SLE CLIENT TOOLS 10 for PPC
SLE CLIENT TOOLS 10
______________________________________________________________________________
An update that has two YOU fixes can now be installed.
Description:
This update to the Zypp Update stack for SUSE Manager
Client Tools 10 provides the following fixes:
* 744094: Fix parsing of SLES10-SP2-Updates channel
* 740982: Update with wagon does not consider
splitprovides
Special Instructions and Notes:
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
Package List:
- SLE CLIENT TOOLS 10 for x86_64 (x86_64):
libzypp-6.37.2-0.7.1
satsolver-tools-0.14.19-0.5.1
- SLE CLIENT TOOLS 10 for s390x (s390x):
libzypp-6.37.2-0.7.1
satsolver-tools-0.14.19-0.5.1
- SLE CLIENT TOOLS 10 for ia64 (ia64):
libzypp-6.37.2-0.7.1
satsolver-tools-0.14.19-0.5.1
- SLE CLIENT TOOLS 10 for PPC (ppc):
libzypp-6.37.2-0.7.1
satsolver-tools-0.14.19-0.5.1
- SLE CLIENT TOOLS 10 (i586):
libzypp-6.37.2-0.7.1
satsolver-tools-0.14.19-0.5.1
References:
https://bugzilla.novell.com/740982
https://bugzilla.novell.com/744094
http://download.novell.com/patch/finder/?keywords=34774a8fc8ce20656907695f31dea523
From sle-updates at lists.suse.com Thu Feb 23 07:08:30 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 23 Feb 2012 15:08:30 +0100 (CET)
Subject: SUSE-RU-2012:0291-1: Recommended update for util-linux
Message-ID: <20120223140830.742F73216B@maintenance.suse.de>
SUSE Recommended Update: Recommended update for util-linux
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0291-1
Rating: low
References: #661460
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update reduces TCP timeouts in nfsmount.
When attempting to mount from an NFS server which is not
responding, and for which ICMP UNREACHABLE messages are
not being received, boot process can take a very long time
until a timeout condition is hit.
Indications:
Every NFS user should update.
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc ppc64 s390x x86_64):
util-linux-2.12r-35.50.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
util-linux-2.12r-35.50.1
References:
https://bugzilla.novell.com/661460
http://download.novell.com/patch/finder/?keywords=005ae4a7d78c94deeb49c87910a24b02
From sle-updates at lists.suse.com Thu Feb 23 08:08:28 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 23 Feb 2012 16:08:28 +0100 (CET)
Subject: SUSE-OU-2012:0292-1: Optional update for python-lxml
Message-ID: <20120223150828.C20DD3216B@maintenance.suse.de>
SUSE Optional Update: Optional update for python-lxml
______________________________________________________________________________
Announcement ID: SUSE-OU-2012:0292-1
Rating: low
References: #746129
Affected Products:
SUSE Manager 1.2 for SLE 11 SP1
SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1 FOR SP2
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise High Availability Extension 11 SP1
SUSE Linux Enterprise Desktop 11 SP1 FOR SP2
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has one optional fix can now be installed.
Description:
lxml is a Pythonic binding for the libxml2 and libxslt
libraries. It follows the ElementTree API as much as
possible, building it on top of the native libxml2 tree.
It also extends this API to expose libxml2 and libxslt
specific functionality, such as XPath, Relax NG, XML
Schema, XSLT, and c14n.
Indications:
A Pythonic Binding for the libxml2 and libxslt Libraries.
Patch Instructions:
To install this SUSE Optional Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Manager 1.2 for SLE 11 SP1:
zypper in -t patch sleman12sp1-python-lxml-5788
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2:
zypper in -t patch sdksp1fsp2-python-lxml-5788
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-python-lxml-5788
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-python-lxml-5788
- SUSE Linux Enterprise Server 11 SP1 FOR SP2:
zypper in -t patch slessp1fsp2-python-lxml-5788
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-python-lxml-5788
- SUSE Linux Enterprise High Availability Extension 11 SP1:
zypper in -t patch sleshasp1-python-lxml-5788
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2:
zypper in -t patch sledsp1fsp2-python-lxml-5788
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-python-lxml-5788
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Manager 1.2 for SLE 11 SP1 (x86_64):
python-lxml-2.1.2-1.22.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2 (i586 ia64 ppc64 s390x x86_64):
python-lxml-2.1.2-1.22.1
python-lxml-doc-2.1.2-1.22.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64):
python-lxml-2.1.2-1.22.1
python-lxml-doc-2.1.2-1.22.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
python-lxml-2.1.2-1.22.1
- SUSE Linux Enterprise Server 11 SP1 FOR SP2 (i586 ia64 ppc64 s390x x86_64):
python-lxml-2.1.2-1.22.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
python-lxml-2.1.2-1.22.1
- SUSE Linux Enterprise High Availability Extension 11 SP1 (i586 ia64 ppc64 s390x x86_64):
python-lxml-2.1.2-1.22.1
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (i586 x86_64):
python-lxml-2.1.2-1.22.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
python-lxml-2.1.2-1.22.1
References:
https://bugzilla.novell.com/746129
http://download.novell.com/patch/finder/?keywords=446788a258d015f7feb637c9f15216d6
From sle-updates at lists.suse.com Thu Feb 23 09:08:26 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 23 Feb 2012 17:08:26 +0100 (CET)
Subject: SUSE-RU-2012:0293-1: Recommended update for irqbalance
Message-ID: <20120223160827.0C1503216B@maintenance.suse.de>
SUSE Recommended Update: Recommended update for irqbalance
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0293-1
Rating: low
References: #595084
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update fixes the following issue:
* IRQBALANCE_BANNED_INTERRUPTS configuration option not
working as documented (bnc#595084)
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
irqbalance-0.55-32.13.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
irqbalance-0.55-32.13.1
References:
https://bugzilla.novell.com/595084
http://download.novell.com/patch/finder/?keywords=d4d11684c14c533058795e53f6ab61c7
From sle-updates at lists.suse.com Thu Feb 23 11:08:18 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 23 Feb 2012 19:08:18 +0100 (CET)
Subject: SUSE-FU-2012:0294-1: Feature update for yasm
Message-ID: <20120223180818.E762A3216C@maintenance.suse.de>
SUSE Feature Update: Feature update for yasm
______________________________________________________________________________
Announcement ID: SUSE-FU-2012:0294-1
Rating: low
References: #742826
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2
SUSE Linux Enterprise Software Development Kit 11 SP1
______________________________________________________________________________
An update that has one feature fix can now be installed. It
includes one version update.
Description:
This update provides yasm 1.1.0, which is a build time
dependency for Firefox 10+.
Indications:
Every yasm user should update.
Patch Instructions:
To install this SUSE Feature Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2:
zypper in -t patch sdksp1fsp2-yasm-5789
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-yasm-5789
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.1.0]:
yasm-1.1.0-10.2.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.1.0]:
yasm-1.1.0-10.2.1
References:
https://bugzilla.novell.com/742826
http://download.novell.com/patch/finder/?keywords=0b81e3708dfcbc128c4d700f92f2475f
From sle-updates at lists.suse.com Thu Feb 23 14:08:12 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 23 Feb 2012 22:08:12 +0100 (CET)
Subject: SUSE-SU-2012:0122-2: important: Security update for IBM Java 1.4.2
Message-ID: <20120223210812.63A1932177@maintenance.suse.de>
SUSE Security Update: Security update for IBM Java 1.4.2
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0122-2
Rating: important
References: #739256
Cross-References: CVE-2011-3389 CVE-2011-3545 CVE-2011-3547
CVE-2011-3548 CVE-2011-3549 CVE-2011-3552
CVE-2011-3556 CVE-2011-3557 CVE-2011-3560
Affected Products:
SUSE Linux Enterprise for SAP Applications 11 SP1
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Java 11 SP1
______________________________________________________________________________
An update that fixes 9 vulnerabilities is now available.
Description:
IBM Java 1.4.2 SR13 FP11 has been released and contains
various security fixes.
http://www.ibm.com/developerworks/java/jdk/alerts/
http://www.ibm.com/developerworks/java/jdk/alerts/
(CVEs fixed: CVE-2011-3547 CVE-2011-3548 CVE-2011-3549
CVE-2011-3552 CVE-2011-3545 CVE-2011-3556 CVE-2011-3557
CVE-2011-3389 CVE-2011-3560 )
Security Issues:
* CVE-2011-3389
* CVE-2011-3545
* CVE-2011-3547
* CVE-2011-3548
* CVE-2011-3549
* CVE-2011-3552
* CVE-2011-3556
* CVE-2011-3557
* CVE-2011-3560
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise for SAP Applications 11 SP1:
zypper in -t patch slesapp1-java-1_4_2-ibm-sap-5734
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-java-1_4_2-ibm-5609
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-java-1_4_2-ibm-5609
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-java-1_4_2-ibm-5609
- SUSE Linux Enterprise Java 11 SP1:
zypper in -t patch slejsp1-java-1_4_2-ibm-5609 slejsp1-java-1_4_2-ibm-sap-5734
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise for SAP Applications 11 SP1 (x86_64):
java-1_4_2-ibm-sap-1.4.2_sr13.11-0.3.1
java-1_4_2-ibm-sap-devel-1.4.2_sr13.11-0.3.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64):
java-1_4_2-ibm-devel-1.4.2_sr13.11-0.5.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64):
java-1_4_2-ibm-1.4.2_sr13.11-0.5.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
java-1_4_2-ibm-1.4.2_sr13.11-0.5.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586):
java-1_4_2-ibm-jdbc-1.4.2_sr13.11-0.5.1
java-1_4_2-ibm-plugin-1.4.2_sr13.11-0.5.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
java-1_4_2-ibm-1.4.2_sr13.11-0.5.1
- SUSE Linux Enterprise Server 11 SP1 (i586):
java-1_4_2-ibm-jdbc-1.4.2_sr13.11-0.5.1
java-1_4_2-ibm-plugin-1.4.2_sr13.11-0.5.1
- SUSE Linux Enterprise Java 11 SP1 (i586 ia64 ppc64 s390x x86_64):
java-1_4_2-ibm-1.4.2_sr13.11-0.5.1
- SUSE Linux Enterprise Java 11 SP1 (x86_64):
java-1_4_2-ibm-sap-1.4.2_sr13.11-0.3.1
java-1_4_2-ibm-sap-devel-1.4.2_sr13.11-0.3.1
- SUSE Linux Enterprise Java 11 SP1 (i586):
java-1_4_2-ibm-jdbc-1.4.2_sr13.11-0.5.1
java-1_4_2-ibm-plugin-1.4.2_sr13.11-0.5.1
References:
http://support.novell.com/security/cve/CVE-2011-3389.html
http://support.novell.com/security/cve/CVE-2011-3545.html
http://support.novell.com/security/cve/CVE-2011-3547.html
http://support.novell.com/security/cve/CVE-2011-3548.html
http://support.novell.com/security/cve/CVE-2011-3549.html
http://support.novell.com/security/cve/CVE-2011-3552.html
http://support.novell.com/security/cve/CVE-2011-3556.html
http://support.novell.com/security/cve/CVE-2011-3557.html
http://support.novell.com/security/cve/CVE-2011-3560.html
https://bugzilla.novell.com/739256
http://download.novell.com/patch/finder/?keywords=77471aa6472b33cde43cae36b3b3fef0
http://download.novell.com/patch/finder/?keywords=c0c632466d75a1ac53d2ceaf2d983053
From sle-updates at lists.suse.com Thu Feb 23 15:08:25 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Thu, 23 Feb 2012 23:08:25 +0100 (CET)
Subject: SUSE-SU-2012:0296-1: moderate: Security update for wireshark
Message-ID: <20120223220825.D4EB332178@maintenance.suse.de>
SUSE Security Update: Security update for wireshark
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0296-1
Rating: moderate
References: #741187 #741188 #741190
Cross-References: CVE-2012-0041 CVE-2012-0042 CVE-2012-0043
CVE-2012-0066 CVE-2012-0067 CVE-2012-0068
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that fixes 6 vulnerabilities is now available.
Description:
This version upgrade of wireshark to 1.4.11 fixes the
following security issues:
* CVE-2012-0043: RLC dissector buffer overflow
* CVE-2012-0041: multiple file parser vulnerabilities
* CVE-2012-0042: NULL pointer vulnerabilities
* CVE-2012-0066: DoS due to too large buffer alloc
request
* CVE-2012-0067: DoS due to integer underflow and too
large buffer alloc. request
* CVE-2012-0068: memory corruption due to buffer
underflow
Additionally, various other non-security issues were
resolved.
Security Issue references:
* CVE-2012-0041
* CVE-2012-0043
* CVE-2012-0042
* CVE-2012-0066
* CVE-2012-0067
* CVE-2012-0068
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
wireshark-1.4.11-0.5.1
wireshark-devel-1.4.11-0.5.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
wireshark-1.4.11-0.5.1
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):
wireshark-devel-1.4.11-0.5.1
References:
http://support.novell.com/security/cve/CVE-2012-0041.html
http://support.novell.com/security/cve/CVE-2012-0042.html
http://support.novell.com/security/cve/CVE-2012-0043.html
http://support.novell.com/security/cve/CVE-2012-0066.html
http://support.novell.com/security/cve/CVE-2012-0067.html
http://support.novell.com/security/cve/CVE-2012-0068.html
https://bugzilla.novell.com/741187
https://bugzilla.novell.com/741188
https://bugzilla.novell.com/741190
http://download.novell.com/patch/finder/?keywords=0f46263d00a0a835ae8b455b8d0c12d8
From sle-updates at lists.suse.com Sun Feb 26 17:08:15 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Mon, 27 Feb 2012 01:08:15 +0100 (CET)
Subject: SUSE-SU-2012:0298-1: important: Security update for Mozilla XULrunner
Message-ID: <20120227000815.7881D3216D@maintenance.suse.de>
SUSE Security Update: Security update for Mozilla XULrunner
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0298-1
Rating: important
References: #747328
Cross-References: CVE-2011-3026
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1 FOR SP2
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 11 SP1 FOR SP2
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available. It
includes two new package versions.
Description:
Mozilla XULRunner was updated to 1.9.2.27 to fix a security
issue with the embedded libpng, where a integer overflow
could allow remote attackers to crash the browser or
potentially execute code (CVE-2011-3026),
Security Issue reference:
* CVE-2011-3026
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2:
zypper in -t patch sdksp1fsp2-mozilla-xulrunner192-5840
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-mozilla-xulrunner192-5840
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-mozilla-xulrunner192-5840
- SUSE Linux Enterprise Server 11 SP1 FOR SP2:
zypper in -t patch slessp1fsp2-mozilla-xulrunner192-5840
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-mozilla-xulrunner192-5840
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2:
zypper in -t patch sledsp1fsp2-mozilla-xulrunner192-5840
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-mozilla-xulrunner192-5840
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-devel-1.9.2.27-0.2.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2 (ppc64 s390x x86_64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-gnome-32bit-1.9.2.27-0.2.1
mozilla-xulrunner192-translations-32bit-1.9.2.27-0.2.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2 (ia64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-gnome-x86-1.9.2.27-0.2.1
mozilla-xulrunner192-translations-x86-1.9.2.27-0.2.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-devel-1.9.2.27-0.2.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-gnome-32bit-1.9.2.27-0.2.1
mozilla-xulrunner192-translations-32bit-1.9.2.27-0.2.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (ia64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-gnome-x86-1.9.2.27-0.2.1
mozilla-xulrunner192-translations-x86-1.9.2.27-0.2.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-1.9.2.27-0.2.1
mozilla-xulrunner192-gnome-1.9.2.27-0.2.1
mozilla-xulrunner192-translations-1.9.2.27-0.2.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-32bit-1.9.2.27-0.2.1
- SUSE Linux Enterprise Server 11 SP1 FOR SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-1.9.2.27-0.2.1
mozilla-xulrunner192-gnome-1.9.2.27-0.2.1
mozilla-xulrunner192-translations-1.9.2.27-0.2.1
- SUSE Linux Enterprise Server 11 SP1 FOR SP2 (ppc64 s390x x86_64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-32bit-1.9.2.27-0.2.1
- SUSE Linux Enterprise Server 11 SP1 FOR SP2 (ia64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-x86-1.9.2.27-0.2.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-1.9.2.27-0.2.1
mozilla-xulrunner192-gnome-1.9.2.27-0.2.1
mozilla-xulrunner192-translations-1.9.2.27-0.2.1
- SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-32bit-1.9.2.27-0.2.1
- SUSE Linux Enterprise Server 11 SP1 (ia64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-x86-1.9.2.27-0.2.1
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-1.9.2.27-0.5.6
mozilla-xulrunner192-gnome-1.9.2.27-0.5.6
mozilla-xulrunner192-translations-1.9.2.27-0.5.6
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x) [New Version: 3.6.27]:
MozillaFirefox-3.6.27-0.5.4
MozillaFirefox-translations-3.6.27-0.5.4
- SUSE Linux Enterprise Server 10 SP4 (s390x x86_64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-32bit-1.9.2.27-0.5.6
mozilla-xulrunner192-gnome-32bit-1.9.2.27-0.5.6
mozilla-xulrunner192-translations-32bit-1.9.2.27-0.5.6
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (i586 x86_64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-1.9.2.27-0.2.1
mozilla-xulrunner192-gnome-1.9.2.27-0.2.1
mozilla-xulrunner192-translations-1.9.2.27-0.2.1
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (x86_64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-32bit-1.9.2.27-0.2.1
mozilla-xulrunner192-gnome-32bit-1.9.2.27-0.2.1
mozilla-xulrunner192-translations-32bit-1.9.2.27-0.2.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-1.9.2.27-0.2.1
mozilla-xulrunner192-gnome-1.9.2.27-0.2.1
mozilla-xulrunner192-translations-1.9.2.27-0.2.1
- SUSE Linux Enterprise Desktop 11 SP1 (x86_64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-32bit-1.9.2.27-0.2.1
mozilla-xulrunner192-gnome-32bit-1.9.2.27-0.2.1
mozilla-xulrunner192-translations-32bit-1.9.2.27-0.2.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-1.9.2.27-0.5.6
mozilla-xulrunner192-gnome-1.9.2.27-0.5.6
mozilla-xulrunner192-translations-1.9.2.27-0.5.6
- SUSE Linux Enterprise Desktop 10 SP4 (x86_64) [New Version: 1.9.2.27]:
mozilla-xulrunner192-32bit-1.9.2.27-0.5.6
mozilla-xulrunner192-gnome-32bit-1.9.2.27-0.5.6
mozilla-xulrunner192-translations-32bit-1.9.2.27-0.5.6
- SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 3.6.27]:
MozillaFirefox-3.6.27-0.5.4
MozillaFirefox-translations-3.6.27-0.5.4
- SLE SDK 10 SP4 (i586 ia64 ppc s390x):
MozillaFirefox-branding-upstream-3.6.27-0.5.4
References:
http://support.novell.com/security/cve/CVE-2011-3026.html
https://bugzilla.novell.com/747328
http://download.novell.com/patch/finder/?keywords=2c23debb2e4e3a09d318252e02175814
http://download.novell.com/patch/finder/?keywords=4513d87a4d6a69221d7fe51d3c22ad66
From sle-updates at lists.suse.com Sun Feb 26 17:08:18 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Mon, 27 Feb 2012 01:08:18 +0100 (CET)
Subject: SUSE-SU-2012:0299-1: critical: Security update for flash-player
Message-ID: <20120227000818.A92FB3216D@maintenance.suse.de>
SUSE Security Update: Security update for flash-player
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0299-1
Rating: critical
References: #747297
Cross-References: CVE-2012-0752 CVE-2012-0753 CVE-2012-0754
CVE-2012-0755 CVE-2012-0756 CVE-2012-0767
Affected Products:
SUSE Linux Enterprise Desktop 10 SP4
______________________________________________________________________________
An update that fixes 6 vulnerabilities is now available. It
includes one version update.
Description:
This version upgrade of flash-player fixes multiple
security issues that could potentially be exploited to
cause a crash or even execute arbitrary code. The
following CVE were assigned:
CVE-2012-0752 CVE-2012-0753 CVE-2012-0754 CVE-2012-0755
CVE-2012-0756 CVE-2012-0767
Security Issue references:
* CVE-2012-0752
* CVE-2012-0753
* CVE-2012-0754
* CVE-2012-0755
* CVE-2012-0756
* CVE-2012-0767
Package List:
- SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 10.3.183.15]:
flash-player-10.3.183.15-0.6.1
References:
http://support.novell.com/security/cve/CVE-2012-0752.html
http://support.novell.com/security/cve/CVE-2012-0753.html
http://support.novell.com/security/cve/CVE-2012-0754.html
http://support.novell.com/security/cve/CVE-2012-0755.html
http://support.novell.com/security/cve/CVE-2012-0756.html
http://support.novell.com/security/cve/CVE-2012-0767.html
https://bugzilla.novell.com/747297
http://download.novell.com/patch/finder/?keywords=c3d08777a2397ababaa7778f2881067f
From sle-updates at lists.suse.com Sun Feb 26 17:08:20 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Mon, 27 Feb 2012 01:08:20 +0100 (CET)
Subject: SUSE-RU-2012:0300-1: Recommended update for yast2-http-server
Message-ID: <20120227000820.467EE3216B@maintenance.suse.de>
SUSE Recommended Update: Recommended update for yast2-http-server
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0300-1
Rating: low
References: #350590 #427427 #480466 #482424 #486475 #486476
#656589 #712052
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
______________________________________________________________________________
An update that has 8 recommended fixes can now be
installed. It includes one version update.
Description:
This collective update for yast2-http-server fixes the
following reports:
* 350590: apache will not start with the subversion
module installed
* 427427: YaST module http-server should split virtual
hosts configuration into separate files
* 480466: AutoYaST RelaxNG file outdated
* 482424: missing symlinks for mod_authz_svn,
mod_dav_svn
* 486475: NameVirtualHost still commented out after
virtual host configuration
* 486476: error configuring a second virtual host
* 656589: YaST2 nukes APACHE_SERVER_FLAGS
* 712052: removed superfluous spaces from .desktop-file
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-yast2-http-server-5779
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-yast2-http-server-5779
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-yast2-http-server-5779
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (noarch) [New Version: 2.17.14]:
yast2-http-server-2.17.14-0.2.2
- SUSE Linux Enterprise Server 11 SP1 for VMware (noarch) [New Version: 2.17.14]:
yast2-http-server-2.17.14-0.2.2
- SUSE Linux Enterprise Server 11 SP1 (noarch) [New Version: 2.17.14]:
yast2-http-server-2.17.14-0.2.2
References:
https://bugzilla.novell.com/350590
https://bugzilla.novell.com/427427
https://bugzilla.novell.com/480466
https://bugzilla.novell.com/482424
https://bugzilla.novell.com/486475
https://bugzilla.novell.com/486476
https://bugzilla.novell.com/656589
https://bugzilla.novell.com/712052
http://download.novell.com/patch/finder/?keywords=5b635270ce9069c2fa0f7f685728e9ca
From sle-updates at lists.suse.com Sun Feb 26 17:08:24 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Mon, 27 Feb 2012 01:08:24 +0100 (CET)
Subject: SUSE-RU-2012:0301-1: Recommended update for scim-bridge
Message-ID: <20120227000824.178F63216B@maintenance.suse.de>
SUSE Recommended Update: Recommended update for scim-bridge
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0301-1
Rating: low
References: #738627
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update fixes an execution failure of scim-bridge when
invoked via VNC.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-scim-bridge-5661
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-scim-bridge-5661
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-scim-bridge-5661
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-scim-bridge-5661
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (x86_64):
scim-bridge-gtk-32bit-0.4.15-7.26.1
scim-bridge-qt-32bit-0.4.15-7.26.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
scim-bridge-0.4.15-7.26.1
scim-bridge-gtk-0.4.15-7.26.1
scim-bridge-qt-0.4.15-7.26.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64):
scim-bridge-gtk-32bit-0.4.15-7.26.1
scim-bridge-qt-32bit-0.4.15-7.26.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
scim-bridge-0.4.15-7.26.1
scim-bridge-gtk-0.4.15-7.26.1
scim-bridge-qt-0.4.15-7.26.1
- SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64):
scim-bridge-gtk-32bit-0.4.15-7.26.1
scim-bridge-qt-32bit-0.4.15-7.26.1
- SUSE Linux Enterprise Server 11 SP1 (ia64):
scim-bridge-gtk-x86-0.4.15-7.26.1
scim-bridge-qt-x86-0.4.15-7.26.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
scim-bridge-0.4.15-7.26.1
scim-bridge-gtk-0.4.15-7.26.1
scim-bridge-qt-0.4.15-7.26.1
References:
https://bugzilla.novell.com/738627
http://download.novell.com/patch/finder/?keywords=56c8eaa627f5e7d51ce2f49a2acc8f5d
From sle-updates at lists.suse.com Sun Feb 26 17:08:29 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Mon, 27 Feb 2012 01:08:29 +0100 (CET)
Subject: SUSE-YU-2012:0302-1: moderate: YOU update for gnome-packagekit
Message-ID: <20120227000829.E7EAA3216B@maintenance.suse.de>
SUSE YOU Update: YOU update for gnome-packagekit
______________________________________________________________________________
Announcement ID: SUSE-YU-2012:0302-1
Rating: moderate
References: #720061
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has one YOU fix can now be installed.
Description:
This update for gnome-packagekit fixes display of
Confirmation licenses.
Special Instructions and Notes:
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
Patch Instructions:
To install this SUSE YOU Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-gnome-packagekit-5773
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-gnome-packagekit-5773
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-gnome-packagekit-5773
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
gnome-packagekit-0.3.14-2.82.1
gnome-packagekit-lang-0.3.14-2.82.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
gnome-packagekit-0.3.14-2.82.1
gnome-packagekit-lang-0.3.14-2.82.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
gnome-packagekit-0.3.14-2.82.1
gnome-packagekit-lang-0.3.14-2.82.1
References:
https://bugzilla.novell.com/720061
http://download.novell.com/patch/finder/?keywords=fa20c1b18f08b31a40da13b1ab54b0a8
From sle-updates at lists.suse.com Sun Feb 26 17:08:33 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Mon, 27 Feb 2012 01:08:33 +0100 (CET)
Subject: SUSE-SU-2012:0296-2: moderate: Security update for wireshark
Message-ID: <20120227000833.558253216F@maintenance.suse.de>
SUSE Security Update: Security update for wireshark
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0296-2
Rating: moderate
References: #741187 #741188 #741190
Cross-References: CVE-2012-0041 CVE-2012-0042 CVE-2012-0043
CVE-2012-0066 CVE-2012-0067 CVE-2012-0068
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that fixes 6 vulnerabilities is now available. It
includes one version update.
Description:
This version upgrade of wireshark to 1.4.11 fixes the
following security issues:
* CVE-2012-0043: RLC dissector buffer overflow
* CVE-2012-0041: multiple file parser vulnerabilities
* CVE-2012-0042: NULL pointer vulnerabilities
* CVE-2012-0066: DoS due to too large buffer alloc
request
* CVE-2012-0067: DoS due to integer underflow and too
large buffer alloc. request
* CVE-2012-0068: memory corruption due to buffer
underflow
Additionally, various other non-security issues were
resolved.
Security Issue references:
* CVE-2012-0041
* CVE-2012-0043
* CVE-2012-0042
* CVE-2012-0066
* CVE-2012-0067
* CVE-2012-0068
Special Instructions and Notes:
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-wireshark-5741
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-wireshark-5741
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-wireshark-5741
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-wireshark-5741
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.4.11]:
wireshark-devel-1.4.11-0.2.2.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64) [New Version: 1.4.11]:
wireshark-1.4.11-0.2.2.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 1.4.11]:
wireshark-1.4.11-0.2.2.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 1.4.11]:
wireshark-1.4.11-0.2.2.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 1.4.11]:
wireshark-1.4.11-0.2.2.1
References:
http://support.novell.com/security/cve/CVE-2012-0041.html
http://support.novell.com/security/cve/CVE-2012-0042.html
http://support.novell.com/security/cve/CVE-2012-0043.html
http://support.novell.com/security/cve/CVE-2012-0066.html
http://support.novell.com/security/cve/CVE-2012-0067.html
http://support.novell.com/security/cve/CVE-2012-0068.html
https://bugzilla.novell.com/741187
https://bugzilla.novell.com/741188
https://bugzilla.novell.com/741190
http://download.novell.com/patch/finder/?keywords=18b5892df9e0199c97b6d5e6805fb1e9
From sle-updates at lists.suse.com Sun Feb 26 17:08:38 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Mon, 27 Feb 2012 01:08:38 +0100 (CET)
Subject: SUSE-SU-2012:0303-1: important: Security update for Mozilla Firefox
Message-ID: <20120227000838.613F43216B@maintenance.suse.de>
SUSE Security Update: Security update for Mozilla Firefox
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0303-1
Rating: important
References: #747320 #747328
Cross-References: CVE-2011-3026
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1 FOR SP2
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1 FOR SP2
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available. It includes one version update.
Description:
Mozilla Firefox was updated to 10.0.2 to fix a security
issue with the embedded libpng, where a integer overflow
could allow remote attackers to crash the browser or
potentially execute code (CVE-2011-3026),
Security Issue reference:
* CVE-2011-3026
Special Instructions and Notes:
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-MozillaFirefox-5838
- SUSE Linux Enterprise Server 11 SP1 FOR SP2:
zypper in -t patch slessp1fsp2-MozillaFirefox-5838
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-MozillaFirefox-5838
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2:
zypper in -t patch sledsp1fsp2-MozillaFirefox-5838
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-MozillaFirefox-5838
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64) [New Version: 10.0.2]:
MozillaFirefox-10.0.2-0.4.1
MozillaFirefox-translations-10.0.2-0.4.1
- SUSE Linux Enterprise Server 11 SP1 FOR SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 10.0.2]:
MozillaFirefox-10.0.2-0.4.1
MozillaFirefox-translations-10.0.2-0.4.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64) [New Version: 10.0.2]:
MozillaFirefox-10.0.2-0.4.1
MozillaFirefox-translations-10.0.2-0.4.1
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (i586 x86_64) [New Version: 10.0.2]:
MozillaFirefox-10.0.2-0.4.1
MozillaFirefox-translations-10.0.2-0.4.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version: 10.0.2]:
MozillaFirefox-10.0.2-0.4.1
MozillaFirefox-translations-10.0.2-0.4.1
References:
http://support.novell.com/security/cve/CVE-2011-3026.html
https://bugzilla.novell.com/747320
https://bugzilla.novell.com/747328
http://download.novell.com/patch/finder/?keywords=0b3170cde26e23e656224d9bf0f40649
From sle-updates at lists.suse.com Sun Feb 26 17:08:42 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Mon, 27 Feb 2012 01:08:42 +0100 (CET)
Subject: SUSE-RU-2012:0304-1: important: Recommended update for coreutils
Message-ID: <20120227000842.B12123216D@maintenance.suse.de>
SUSE Recommended Update: Recommended update for coreutils
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0304-1
Rating: important
References: #721961
Affected Products:
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update fixes a regression where "df -h" on automounted
partitions did not show the correct output anymore (this
only happened on certain rare filesystem types)
(bnc#721961).
Special Instructions and Notes:
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
This update triggers a restart of the software management
stack. More updates will be available for installation
after applying this update and restarting the application.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-coreutils-5849
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-coreutils-5849
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-coreutils-5849
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
coreutils-6.12-32.35.1
coreutils-lang-6.12-32.35.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
coreutils-6.12-32.35.1
coreutils-lang-6.12-32.35.1
- SUSE Linux Enterprise Server 11 SP1 (ia64):
coreutils-x86-6.12-32.35.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
coreutils-6.12-32.35.1
coreutils-lang-6.12-32.35.1
References:
https://bugzilla.novell.com/721961
http://download.novell.com/patch/finder/?keywords=fcf28262c991ef7189b6d2ee4ac5d20e
From sle-updates at lists.suse.com Sun Feb 26 20:08:13 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Mon, 27 Feb 2012 04:08:13 +0100 (CET)
Subject: SUSE-SU-2011:0635-2: moderate: Security update for Linux kernel
Message-ID: <20120227030813.18A663216F@maintenance.suse.de>
SUSE Security Update: Security update for Linux kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2011:0635-2
Rating: moderate
References: #211997 #363921 #506571 #518089 #570121 #584522
#597771 #59807 #598159 #599213 #599826 #608994
#612213 #615929 #620372 #641575 #644880 #646633
#647632 #650513 #651109 #652939 #652940 #655670
#657350 #657759 #660233 #664725 #678356 #686813
Affected Products:
SUSE Linux Enterprise Server 10 SP2
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update fixes a several security issues and various
bugs in the SUSE Linux Enterprise 10 SP 2 Long Term
Service Pack Support (LTSS) kernel.
The following security issues were fixed:
*
CVE-2011-1573: Boundschecking was missing in
AARESOLVE_OFFSET, which allowed local attackers to
overwrite kernel memory and so escalate privileges or crash
the kernel.
*
CVE-2010-3849: The econet_sendmsg function in
net/econet/af_econet.c in the Linux kernel, when an econet
address is configured, allowed local users to cause a
denial of service (NULL pointer dereference and OOPS) via a
sendmsg call that specifies a NULL value for the remote
address field.
*
CVE-2010-3848: Stack-based buffer overflow in the
econet_sendmsg function in net/econet/af_econet.c in the
Linux kernel when an econet address is configured, allowed
local users to gain privileges by providing a large number
of iovec structures.
*
CVE-2010-3850: The ec_dev_ioctl function in
net/econet/af_econet.c in the Linux kernel did not require
the CAP_NET_ADMIN capability, which allowed local users to
bypass intended access restrictions and configure econet
addresses via an SIOCSIFADDR ioctl call.
*
CVE-2010-4258: A local attacker could use a Oops
(kernel crash) caused by other flaws to write a 0 byte to a
attacker controlled address in the kernel. This could lead
to privilege escalation together with other issues.
*
CVE-2010-4160: Multiple integer overflows in the (1)
pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the
(2) l2tp_ip_sendmsg function in net/l2tp/l2tp_ip.c, in the
PPPoL2TP and IPoL2TP implementations in the Linux kernel
allowed local users to cause a denial of service (heap
memory corruption and panic) or possibly gain privileges
via a crafted sendto call.
*
CVE-2010-4157: A 32bit vs 64bit integer mismatch in
gdth_ioctl_alloc could lead to memory corruption in the
GDTH driver.
*
CVE-2010-3081: Incorrect buffer handling in the
biarch-compat buffer handling could be used by local
attackers to gain root privileges. This problem affects
foremost x86_64, or potentially other biarch platforms,
like PowerPC and S390x.
*
CVE-2010-2521: Multiple buffer overflows in
fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS
server in the Linux kernel allowed remote attackers to
cause a denial of service (panic) or possibly execute
arbitrary code via a crafted NFSv4 compound WRITE request,
related to the read_buf and nfsd4_decode_compound functions.
Indications:
Everyone using the Linux Kernel on s390x architecture should update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Package List:
- SUSE Linux Enterprise Server 10 SP2 (s390x):
kernel-default-2.6.16.60-0.42.11
kernel-source-2.6.16.60-0.42.11
kernel-syms-2.6.16.60-0.42.11
References:
https://bugzilla.novell.com/211997
https://bugzilla.novell.com/363921
https://bugzilla.novell.com/506571
https://bugzilla.novell.com/518089
https://bugzilla.novell.com/570121
https://bugzilla.novell.com/584522
https://bugzilla.novell.com/597771
https://bugzilla.novell.com/59807
https://bugzilla.novell.com/598159
https://bugzilla.novell.com/599213
https://bugzilla.novell.com/599826
https://bugzilla.novell.com/608994
https://bugzilla.novell.com/612213
https://bugzilla.novell.com/615929
https://bugzilla.novell.com/620372
https://bugzilla.novell.com/641575
https://bugzilla.novell.com/644880
https://bugzilla.novell.com/646633
https://bugzilla.novell.com/647632
https://bugzilla.novell.com/650513
https://bugzilla.novell.com/651109
https://bugzilla.novell.com/652939
https://bugzilla.novell.com/652940
https://bugzilla.novell.com/655670
https://bugzilla.novell.com/657350
https://bugzilla.novell.com/657759
https://bugzilla.novell.com/660233
https://bugzilla.novell.com/664725
https://bugzilla.novell.com/678356
https://bugzilla.novell.com/686813
http://download.novell.com/patch/finder/?keywords=026b38ec9a6f1f9490f7afc997212483
From sle-updates at lists.suse.com Mon Feb 27 13:08:20 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Mon, 27 Feb 2012 21:08:20 +0100 (CET)
Subject: SUSE-SU-2012:0308-1: important: Security update for Java 1.6.0
Message-ID: <20120227200820.8FF453216F@maintenance.suse.de>
SUSE Security Update: Security update for Java 1.6.0
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0308-1
Rating: important
References: #747208
Cross-References: CVE-2011-3563 CVE-2011-3571 CVE-2011-5035
CVE-2012-0497 CVE-2012-0501 CVE-2012-0502
CVE-2012-0503 CVE-2012-0505 CVE-2012-0506
Affected Products:
SUSE Linux Enterprise Desktop 11 SP1 FOR SP2
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that fixes 9 vulnerabilities is now available.
Description:
java-1_6_0-openjdk was updated to the IcedTea 1.11.1 b24
release, fixing multiple security issues:
* S7082299, CVE-2011-3571: Fix inAtomicReferenceArray
* S7088367, CVE-2011-3563: Fix issues in java sound
* S7110683, CVE-2012-0502: Issues with some
KeyboardFocusManager method
* S7110687, CVE-2012-0503: Issues with TimeZone class
* S7110700, CVE-2012-0505: Enhance exception throwing
mechanism in ObjectStreamClass
* S7110704, CVE-2012-0506: Issues with some method in
corba
* S7112642, CVE-2012-0497: Incorrect checking for
graphics rendering object
* S7118283, CVE-2012-0501: Better input parameter
checking in zip file processing
* S7126960, CVE-2011-5035: (httpserver) Add property to
limit number of request headers to the HTTP Server
Security Issue references:
* CVE-2011-3571
* CVE-2011-3563
* CVE-2012-0502
* CVE-2012-0503
* CVE-2012-0505
* CVE-2012-0506
* CVE-2012-0497
* CVE-2012-0501
* CVE-2011-5035
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2:
zypper in -t patch sledsp1fsp2-java-1_6_0-openjdk-5845
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-java-1_6_0-openjdk-5845
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (i586 x86_64):
java-1_6_0-openjdk-1.6.0.0_b24.1.11.1-0.3.1
java-1_6_0-openjdk-demo-1.6.0.0_b24.1.11.1-0.3.1
java-1_6_0-openjdk-devel-1.6.0.0_b24.1.11.1-0.3.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
java-1_6_0-openjdk-1.6.0.0_b24.1.11.1-0.3.1
java-1_6_0-openjdk-demo-1.6.0.0_b24.1.11.1-0.3.1
java-1_6_0-openjdk-devel-1.6.0.0_b24.1.11.1-0.3.1
References:
http://support.novell.com/security/cve/CVE-2011-3563.html
http://support.novell.com/security/cve/CVE-2011-3571.html
http://support.novell.com/security/cve/CVE-2011-5035.html
http://support.novell.com/security/cve/CVE-2012-0497.html
http://support.novell.com/security/cve/CVE-2012-0501.html
http://support.novell.com/security/cve/CVE-2012-0502.html
http://support.novell.com/security/cve/CVE-2012-0503.html
http://support.novell.com/security/cve/CVE-2012-0505.html
http://support.novell.com/security/cve/CVE-2012-0506.html
https://bugzilla.novell.com/747208
http://download.novell.com/patch/finder/?keywords=99d51f474667bf40a87309fbd3de5bbd
From sle-updates at lists.suse.com Mon Feb 27 13:08:32 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Mon, 27 Feb 2012 21:08:32 +0100 (CET)
Subject: SUSE-SU-2012:0311-1: moderate: Security update for CVS
Message-ID: <20120227200832.A539F3216D@maintenance.suse.de>
SUSE Security Update: Security update for CVS
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0311-1
Rating: moderate
References: #744059
Cross-References: CVE-2012-0804
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1 FOR SP2
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 11 SP1 FOR SP2
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
A heap-based buffer overflow flaw was found in the way CVS
read proxy connection HTTP responses. An attacker could
exploit this to cause the application to crash or,
potentially, execute arbitrary code in the context of the
user running the application (CVE-2012-0804).
Security Issue reference:
* CVE-2012-0804
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2:
zypper in -t patch sdksp1fsp2-cvs-5860
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-cvs-5860
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-cvs-5860
- SUSE Linux Enterprise Server 11 SP1 FOR SP2:
zypper in -t patch slessp1fsp2-cvs-5860
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-cvs-5860
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2:
zypper in -t patch sledsp1fsp2-cvs-5860
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-cvs-5860
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2 (i586 x86_64):
cvs-doc-1.12.12-144.23.5.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 x86_64):
cvs-doc-1.12.12-144.23.5.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
cvs-1.12.12-144.23.5.1
cvs-doc-1.12.12-144.23.5.1
- SUSE Linux Enterprise Server 11 SP1 FOR SP2 (i586 ia64 ppc64 s390x x86_64):
cvs-1.12.12-144.23.5.1
cvs-doc-1.12.12-144.23.5.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
cvs-1.12.12-144.23.5.1
cvs-doc-1.12.12-144.23.5.1
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
cvs-1.12.12-19.10.1
cvs-doc-1.12.12-19.10.1
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (i586 x86_64):
cvs-1.12.12-144.23.5.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
cvs-1.12.12-144.23.5.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
cvs-1.12.12-19.10.1
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):
cvs-doc-1.12.12-19.10.1
References:
http://support.novell.com/security/cve/CVE-2012-0804.html
https://bugzilla.novell.com/744059
http://download.novell.com/patch/finder/?keywords=41477536d35b7564ae5f346cb53a4248
http://download.novell.com/patch/finder/?keywords=41ed9e2e2ddfbd6e10469d928edf5ba4
From sle-updates at lists.suse.com Mon Feb 27 15:08:23 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Mon, 27 Feb 2012 23:08:23 +0100 (CET)
Subject: SUSE-SU-2012:0312-1: Security update for xorg-x11
Message-ID: <20120227220823.3ACCB3216D@maintenance.suse.de>
SUSE Security Update: Security update for xorg-x11
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0312-1
Rating: low
References: #648287 #648290
Cross-References: CVE-2010-4818 CVE-2010-4819
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update of xorg-x11 fixes issues that could allow
attackers using GLX opcodes to read access to arbitrary
memory locations (CVE-2010-4818). Additionally, a crash
due to missing bounds checks in the the Glyph Render
protocol have been fixed (CVE-2010-4819).
Access to the X server by the attacker was required to make
this work.
Security Issue references:
* CVE-2010-4819
* CVE-2010-4818
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
xorg-x11-6.9.0-50.78.5
xorg-x11-Xnest-6.9.0-50.78.5
xorg-x11-Xvfb-6.9.0-50.78.5
xorg-x11-Xvnc-6.9.0-50.78.5
xorg-x11-devel-6.9.0-50.78.5
xorg-x11-doc-6.9.0-50.78.5
xorg-x11-fonts-100dpi-6.9.0-50.78.5
xorg-x11-fonts-75dpi-6.9.0-50.78.5
xorg-x11-fonts-cyrillic-6.9.0-50.78.5
xorg-x11-fonts-scalable-6.9.0-50.78.5
xorg-x11-fonts-syriac-6.9.0-50.78.5
xorg-x11-libs-6.9.0-50.78.5
xorg-x11-man-6.9.0-50.78.5
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc x86_64):
xorg-x11-sdk-6.9.0-50.78.5
xorg-x11-server-6.9.0-50.78.5
xorg-x11-server-glx-6.9.0-50.78.5
- SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):
xorg-x11-devel-32bit-6.9.0-50.78.5
xorg-x11-libs-32bit-6.9.0-50.78.5
- SUSE Linux Enterprise Server 10 SP4 (ia64):
xorg-x11-libs-x86-6.9.0-50.78.5
- SUSE Linux Enterprise Server 10 SP4 (ppc):
xorg-x11-devel-64bit-6.9.0-50.78.5
xorg-x11-libs-64bit-6.9.0-50.78.5
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
xorg-x11-6.9.0-50.78.5
xorg-x11-Xnest-6.9.0-50.78.5
xorg-x11-Xvfb-6.9.0-50.78.5
xorg-x11-Xvnc-6.9.0-50.78.5
xorg-x11-devel-6.9.0-50.78.5
xorg-x11-fonts-100dpi-6.9.0-50.78.5
xorg-x11-fonts-75dpi-6.9.0-50.78.5
xorg-x11-fonts-cyrillic-6.9.0-50.78.5
xorg-x11-fonts-scalable-6.9.0-50.78.5
xorg-x11-fonts-syriac-6.9.0-50.78.5
xorg-x11-libs-6.9.0-50.78.5
xorg-x11-man-6.9.0-50.78.5
xorg-x11-server-6.9.0-50.78.5
xorg-x11-server-glx-6.9.0-50.78.5
- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):
xorg-x11-devel-32bit-6.9.0-50.78.5
xorg-x11-libs-32bit-6.9.0-50.78.5
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):
xorg-x11-Xvfb-6.9.0-50.78.5
xorg-x11-doc-6.9.0-50.78.5
- SLE SDK 10 SP4 (i586 ia64 ppc x86_64):
xorg-x11-sdk-6.9.0-50.78.5
References:
http://support.novell.com/security/cve/CVE-2010-4818.html
http://support.novell.com/security/cve/CVE-2010-4819.html
https://bugzilla.novell.com/648287
https://bugzilla.novell.com/648290
http://download.novell.com/patch/finder/?keywords=926559701859ebd386944eb1075ad07e
From sle-updates at lists.suse.com Mon Feb 27 19:08:21 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Tue, 28 Feb 2012 03:08:21 +0100 (CET)
Subject: SUSE-RU-2012:0313-1: Recommended update for Mesa
Message-ID: <20120228020821.14D6832170@maintenance.suse.de>
SUSE Recommended Update: Recommended update for Mesa
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0313-1
Rating: low
References: #724985
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update fixes a compatibility issue with handling
non-contiguous/indexed primitives in OpenGL, which might
result in 3rd party applications not working properly or
crashing(bnc#724985).
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-Mesa-5721
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-Mesa-5721
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-Mesa-5721
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-Mesa-5721
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64):
Mesa-devel-7.7-5.10.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64):
Mesa-devel-32bit-7.7-5.10.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
Mesa-7.7-5.10.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64):
Mesa-32bit-7.7-5.10.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
Mesa-7.7-5.10.1
- SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64):
Mesa-32bit-7.7-5.10.1
- SUSE Linux Enterprise Server 11 SP1 (ia64):
Mesa-x86-7.7-5.10.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
Mesa-7.7-5.10.1
- SUSE Linux Enterprise Desktop 11 SP1 (x86_64):
Mesa-32bit-7.7-5.10.1
References:
https://bugzilla.novell.com/724985
http://download.novell.com/patch/finder/?keywords=42bfcff56ae12ba47e8db2a98e9897cd
From sle-updates at lists.suse.com Tue Feb 28 14:37:03 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Tue, 28 Feb 2012 22:37:03 +0100 (CET)
Subject: SUSE-RU-2012:0317-1: Recommended update for drm
Message-ID: <20120228213704.01DB03216F@maintenance.suse.de>
SUSE Recommended Update: Recommended update for drm
______________________________________________________________________________
Announcement ID: SUSE-RU-2012:0317-1
Rating: low
References: #736131
Affected Products:
SLE 11 SP1 HWREFRESH 2011A
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update fixes a kernel oops in
i915:render_ring_add_request.
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SLE 11 SP1 HWREFRESH 2011A:
zypper in -t patch slehr11asp1-drm-5626
To bring your system up-to-date, use "zypper patch".
Package List:
- SLE 11 SP1 HWREFRESH 2011A (i586 x86_64):
drm-kmp-default-2.6.37_2.6.32.49_0.3-0.13.13.1
- SLE 11 SP1 HWREFRESH 2011A (i586):
drm-kmp-pae-2.6.37_2.6.32.49_0.3-0.13.13.1
References:
https://bugzilla.novell.com/736131
http://download.novell.com/patch/finder/?keywords=af8464fac4bdbc1cb4f610d24a009d10
From sle-updates at lists.suse.com Tue Feb 28 14:37:10 2012
From: sle-updates at lists.suse.com (sle-updates at lists.suse.com)
Date: Tue, 28 Feb 2012 22:37:10 +0100 (CET)
Subject: SUSE-SU-2012:0318-1: important: Security update for libpng
Message-ID: <20120228213710.2734C3216D@maintenance.suse.de>
SUSE Security Update: Security update for libpng
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0318-1
Rating: important
References: #747311
Cross-References: CVE-2011-3026
Affected Products:
SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1 FOR SP2
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 11 SP1 FOR SP2
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 10 SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
A heap-based buffer overflow in libpng was fixed that could
potentially be exploited by attackers to execute arbitrary
code or cause an application to crash (CVE-2011-3026).
Security Issue reference:
* CVE-2011-3026
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2:
zypper in -t patch sdksp1fsp2-libpng-devel-5857
- SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-libpng-devel-5857
- SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-libpng-devel-5857
- SUSE Linux Enterprise Server 11 SP1 FOR SP2:
zypper in -t patch slessp1fsp2-libpng-devel-5857
- SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-libpng-devel-5857
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2:
zypper in -t patch sledsp1fsp2-libpng-devel-5857
- SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-libpng-devel-5857
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2 (i586 ia64 ppc64 s390x x86_64):
libpng-devel-1.2.31-5.27.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 FOR SP2 (ppc64 s390x x86_64):
libpng-devel-32bit-1.2.31-5.27.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64):
libpng-devel-1.2.31-5.27.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64 s390x x86_64):
libpng-devel-32bit-1.2.31-5.27.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
libpng12-0-1.2.31-5.27.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64):
libpng12-0-32bit-1.2.31-5.27.1
- SUSE Linux Enterprise Server 11 SP1 FOR SP2 (i586 ia64 ppc64 s390x x86_64):
libpng12-0-1.2.31-5.27.1
- SUSE Linux Enterprise Server 11 SP1 FOR SP2 (ppc64 s390x x86_64):
libpng12-0-32bit-1.2.31-5.27.1
- SUSE Linux Enterprise Server 11 SP1 FOR SP2 (ia64):
libpng12-0-x86-1.2.31-5.27.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
libpng12-0-1.2.31-5.27.1
- SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64):
libpng12-0-32bit-1.2.31-5.27.1
- SUSE Linux Enterprise Server 11 SP1 (ia64):
libpng12-0-x86-1.2.31-5.27.1
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
libpng-1.2.8-19.33.7
libpng-devel-1.2.8-19.33.7
- SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):
libpng-32bit-1.2.8-19.33.7
libpng-devel-32bit-1.2.8-19.33.7
- SUSE Linux Enterprise Server 10 SP4 (ia64):
libpng-x86-1.2.8-19.33.7
- SUSE Linux Enterprise Server 10 SP4 (ppc):
libpng-64bit-1.2.8-19.33.7
libpng-devel-64bit-1.2.8-19.33.7
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (i586 x86_64):
libpng-devel-1.2.31-5.27.1
libpng12-0-1.2.31-5.27.1
- SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (x86_64):
libpng12-0-32bit-1.2.31-5.27.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
libpng-devel-1.2.31-5.27.1
libpng12-0-1.2.31-5.27.1
- SUSE Linux Enterprise Desktop 11 SP1 (x86_64):
libpng12-0-32bit-1.2.31-5.27.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
libpng-1.2.8-19.33.7
libpng-devel-1.2.8-19.33.7
- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):
libpng-32bit-1.2.8-19.33.7
libpng-devel-32bit-1.2.8-19.33.7
References:
http://support.novell.com/security/cve/CVE-2011-3026.html
https://bugzilla.novell.com/747311
http://download.novell.com/patch/finder/?keywords=2690ba40942c362f70510de200d29b85
http://download.novell.com/patch/finder/?keywords=318c86355183d8c29b4dff152150bd1c